From c13f712c77e0837760e79293b6fb41c734741e77 Mon Sep 17 00:00:00 2001
From: "http://jneen.net/" <jneen@jneen.net>
Date: Fri, 18 Aug 2017 17:43:23 -0700
Subject: [PATCH 01/57] implement Repository#==

so that with_repo_branch_commit can properly short-circuit
---
 app/models/repository.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index c1e4fcf94a4..1c3080c0efd 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -60,6 +60,12 @@ class Repository
     @project = project
   end
 
+  def equals(other)
+    @disk_path == other.disk_path
+  end
+
+  alias_method :==, :equals
+
   def raw_repository
     return nil unless full_path
 

From 00b440443808fba04fc55f7e77c61f79e29c21ea Mon Sep 17 00:00:00 2001
From: "http://jneen.net/" <jneen@jneen.net>
Date: Mon, 21 Aug 2017 15:20:44 -0700
Subject: [PATCH 02/57] skip the branch fetch if we already have the sha

---
 app/models/repository.rb | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index 1c3080c0efd..61fab9764e8 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -991,23 +991,27 @@ class Repository
   end
 
   def with_repo_branch_commit(start_repository, start_branch_name)
-    return yield(nil) if start_repository.empty_repo?
+    tmp_ref = nil
+    return yield nil if start_repository.empty_repo?
 
-    branch_name_or_sha =
+    branch_commit =
       if start_repository == self
-        start_branch_name
+        commit(start_branch_name)
       else
-        tmp_ref = fetch_ref(
-          start_repository.path_to_repo,
-          "#{Gitlab::Git::BRANCH_REF_PREFIX}#{start_branch_name}",
-          "refs/tmp/#{SecureRandom.hex}/head"
-        )
+        sha = start_repository.find_branch(start_branch_name).target
+        commit(sha) ||
+          begin
+            tmp_ref = fetch_ref(
+              start_repository.path_to_repo,
+              "#{Gitlab::Git::BRANCH_REF_PREFIX}#{start_branch_name}",
+              "refs/tmp/#{SecureRandom.hex}/head"
+            )
 
-        start_repository.commit(start_branch_name).sha
+            commit(start_repository.commit(start_branch_name).sha)
+          end
       end
 
-    yield(commit(branch_name_or_sha))
-
+    yield branch_commit
   ensure
     rugged.references.delete(tmp_ref) if tmp_ref
   end

From 5f811894a8ba0d85298cc695c360f171d30c193c Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Wed, 23 Aug 2017 20:25:44 +0800
Subject: [PATCH 03/57] Remove unwanted refs after importing a project

Because we don't need them, and they would slow down
the repository, keeping unneeded objects as well.

We could also consider doing this in regular housekeeping.
---
 app/models/project.rb                         |  2 +-
 app/services/projects/housekeeping_service.rb |  2 ++
 .../projects/import_export/cleanup_service.rb | 33 +++++++++++++++++++
 3 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 app/services/projects/import_export/cleanup_service.rb

diff --git a/app/models/project.rb b/app/models/project.rb
index 37f4dd08355..72da4e8eb2e 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -372,7 +372,7 @@ class Project < ActiveRecord::Base
       if Gitlab::ImportSources.importer_names.include?(project.import_type) && project.repo_exists?
         project.run_after_commit do
           begin
-            Projects::HousekeepingService.new(project).execute
+            Projects::ImportExport::CleanupService.new(project).execute
           rescue Projects::HousekeepingService::LeaseTaken => e
             Rails.logger.info("Could not perform housekeeping for project #{project.full_path} (#{project.id}): #{e}")
           end
diff --git a/app/services/projects/housekeeping_service.rb b/app/services/projects/housekeeping_service.rb
index d66ef676088..dcef8b66215 100644
--- a/app/services/projects/housekeeping_service.rb
+++ b/app/services/projects/housekeeping_service.rb
@@ -26,6 +26,8 @@ module Projects
       lease_uuid = try_obtain_lease
       raise LeaseTaken unless lease_uuid.present?
 
+      yield if block_given?
+
       execute_gitlab_shell_gc(lease_uuid)
     end
 
diff --git a/app/services/projects/import_export/cleanup_service.rb b/app/services/projects/import_export/cleanup_service.rb
new file mode 100644
index 00000000000..54d7fb88a91
--- /dev/null
+++ b/app/services/projects/import_export/cleanup_service.rb
@@ -0,0 +1,33 @@
+module Projects
+  module ImportExport
+    class CleanupService
+      RESERVED_REFS_REGEXP =
+        %r{\Arefs/(?:heads|tags|merge\-requests|keep\-around|environments)/}
+
+      attr_reader :project
+
+      def initialize(project)
+        @project = project
+      end
+
+      # This could raise Projects::HousekeepingService::LeaseTaken
+      def execute
+        Projects::HousekeepingService.new(project).execute do
+          garbage_refs.each(&rugged.references.method(:delete))
+        end
+      end
+
+      private
+
+      def garbage_refs
+        @garbage_refs ||= rugged.references.reject do |ref|
+          ref.name =~ RESERVED_REFS_REGEXP
+        end
+      end
+
+      def rugged
+        @rugged ||= project.repository.rugged
+      end
+    end
+  end
+end

From 140ac8d2ad81f03f67dddcb565458e9baee79755 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Wed, 23 Aug 2017 21:51:21 +0800
Subject: [PATCH 04/57] Add changelog and tests

---
 .../projects/import_export/cleanup_service.rb |  5 +-
 .../36807-gc-unwanted-refs-after-import.yml   |  5 ++
 spec/models/project_spec.rb                   | 13 ++++-
 .../projects/housekeeping_service_spec.rb     | 13 +++++
 .../import_export/cleanup_service_spec.rb     | 55 +++++++++++++++++++
 5 files changed, 88 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/unreleased/36807-gc-unwanted-refs-after-import.yml
 create mode 100644 spec/services/projects/import_export/cleanup_service_spec.rb

diff --git a/app/services/projects/import_export/cleanup_service.rb b/app/services/projects/import_export/cleanup_service.rb
index 54d7fb88a91..75eaee0cb7b 100644
--- a/app/services/projects/import_export/cleanup_service.rb
+++ b/app/services/projects/import_export/cleanup_service.rb
@@ -1,8 +1,11 @@
 module Projects
   module ImportExport
     class CleanupService
+      RESERVED_REFS_NAMES =
+        %w[heads tags merge-requests keep-around environments]
       RESERVED_REFS_REGEXP =
-        %r{\Arefs/(?:heads|tags|merge\-requests|keep\-around|environments)/}
+        %r{\Arefs/(?:#{
+          RESERVED_REFS_NAMES.map(&Regexp.method(:escape)).join('|')})/}x
 
       attr_reader :project
 
diff --git a/changelogs/unreleased/36807-gc-unwanted-refs-after-import.yml b/changelogs/unreleased/36807-gc-unwanted-refs-after-import.yml
new file mode 100644
index 00000000000..a37de4325bb
--- /dev/null
+++ b/changelogs/unreleased/36807-gc-unwanted-refs-after-import.yml
@@ -0,0 +1,5 @@
+---
+title: Remove unwanted refs after importing a project
+merge_request: 13766
+author:
+type: other
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 2e613c44357..130c0739033 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1563,10 +1563,18 @@ describe Project do
 
   describe 'project import state transitions' do
     context 'state transition: [:started] => [:finished]' do
-      let(:housekeeping_service) { spy }
+      let(:cleanup_service) { spy(:cleanup_service) }
+      let(:housekeeping_service) { spy(:housekeeping_service) }
 
       before do
-        allow(Projects::HousekeepingService).to receive(:new) { housekeeping_service }
+        allow(Projects::ImportExport::CleanupService)
+          .to receive(:new) { cleanup_service }
+
+        allow(cleanup_service)
+          .to receive(:execute) { housekeeping_service.execute }
+
+        allow(Projects::HousekeepingService)
+          .to receive(:new) { housekeeping_service }
       end
 
       it 'resets project import_error' do
@@ -1581,6 +1589,7 @@ describe Project do
 
         project.import_finish
 
+        expect(cleanup_service).to have_received(:execute)
         expect(housekeeping_service).to have_received(:execute)
       end
 
diff --git a/spec/services/projects/housekeeping_service_spec.rb b/spec/services/projects/housekeeping_service_spec.rb
index 385f56e447f..6e916a523fe 100644
--- a/spec/services/projects/housekeeping_service_spec.rb
+++ b/spec/services/projects/housekeeping_service_spec.rb
@@ -23,6 +23,12 @@ describe Projects::HousekeepingService do
       expect(project.reload.pushes_since_gc).to eq(0)
     end
 
+    it 'yields the block if given' do
+      expect do |b|
+        subject.execute(&b)
+      end.to yield_with_no_args
+    end
+
     context 'when no lease can be obtained' do
       before do
         expect(subject).to receive(:try_obtain_lease).and_return(false)
@@ -39,6 +45,13 @@ describe Projects::HousekeepingService do
           expect { subject.execute }.to raise_error(Projects::HousekeepingService::LeaseTaken)
         end.not_to change { project.pushes_since_gc }
       end
+
+      it 'does not yield' do
+        expect do |b|
+          expect { subject.execute(&b) }
+            .to raise_error(Projects::HousekeepingService::LeaseTaken)
+        end.not_to yield_with_no_args
+      end
     end
   end
 
diff --git a/spec/services/projects/import_export/cleanup_service_spec.rb b/spec/services/projects/import_export/cleanup_service_spec.rb
new file mode 100644
index 00000000000..b46efc40a2f
--- /dev/null
+++ b/spec/services/projects/import_export/cleanup_service_spec.rb
@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+describe Projects::ImportExport::CleanupService do
+  subject { described_class.new(project) }
+
+  let(:project) { create(:project, :repository) }
+  let(:repository) { project.repository }
+  let(:sha) { project.commit.sha }
+  let(:housekeeping_service) { double(:housekeeping_service) }
+
+  describe '#execute' do
+    before do
+      allow(Projects::HousekeepingService)
+        .to receive(:new).with(project).and_return(housekeeping_service)
+
+      allow(housekeeping_service)
+        .to receive(:execute).and_yield
+    end
+
+    it 'performs housekeeping' do
+      subject.execute
+
+      expect(housekeeping_service).to have_received(:execute)
+    end
+
+    context 'with some refs in refs/pull/**/*' do
+      before do
+        repository.write_ref('refs/pull/1/head', sha)
+        repository.write_ref('refs/pull/1/merge', sha)
+
+        subject.execute
+      end
+
+      it 'removes refs/pull/**/*' do
+        expect(repository.rugged.references.map(&:name))
+          .not_to include(%r{\Arefs/pull/})
+      end
+    end
+
+    described_class::RESERVED_REFS_NAMES.each do |name|
+      context "with a ref in refs/#{name}/tmp" do
+        before do
+          repository.write_ref("refs/#{name}/tmp", sha)
+
+          subject.execute
+        end
+
+        it "does not remove refs/#{name}/tmp" do
+          expect(repository.rugged.references.map(&:name))
+            .to include("refs/#{name}/tmp")
+        end
+      end
+    end
+  end
+end

From bea29327af6d14bea58f82304115735fd0b13d3f Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Thu, 24 Aug 2017 17:26:18 +0800
Subject: [PATCH 05/57] Just use methods over constants, so that we could

take the advantage that if they're not used, we
could garbage collect those data, reducing memory
footprint.
---
 .../projects/import_export/cleanup_service.rb | 20 +++++++++++++------
 .../import_export/cleanup_service_spec.rb     |  2 +-
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/app/services/projects/import_export/cleanup_service.rb b/app/services/projects/import_export/cleanup_service.rb
index 75eaee0cb7b..2e6bfb99189 100644
--- a/app/services/projects/import_export/cleanup_service.rb
+++ b/app/services/projects/import_export/cleanup_service.rb
@@ -1,11 +1,15 @@
 module Projects
   module ImportExport
     class CleanupService
-      RESERVED_REFS_NAMES =
+      def self.reserved_refs_names
         %w[heads tags merge-requests keep-around environments]
-      RESERVED_REFS_REGEXP =
-        %r{\Arefs/(?:#{
-          RESERVED_REFS_NAMES.map(&Regexp.method(:escape)).join('|')})/}x
+      end
+
+      def self.reserved_refs_regexp
+        names = reserved_refs_names.map(&Regexp.method(:escape)).join('|')
+
+        %r{\Arefs/(?:#{names})/}
+      end
 
       attr_reader :project
 
@@ -23,8 +27,12 @@ module Projects
       private
 
       def garbage_refs
-        @garbage_refs ||= rugged.references.reject do |ref|
-          ref.name =~ RESERVED_REFS_REGEXP
+        @garbage_refs ||= begin
+          reserved_refs_regexp = self.class.reserved_refs_regexp
+
+          rugged.references.reject do |ref|
+            ref.name =~ reserved_refs_regexp
+          end
         end
       end
 
diff --git a/spec/services/projects/import_export/cleanup_service_spec.rb b/spec/services/projects/import_export/cleanup_service_spec.rb
index b46efc40a2f..108d0ea2ecc 100644
--- a/spec/services/projects/import_export/cleanup_service_spec.rb
+++ b/spec/services/projects/import_export/cleanup_service_spec.rb
@@ -37,7 +37,7 @@ describe Projects::ImportExport::CleanupService do
       end
     end
 
-    described_class::RESERVED_REFS_NAMES.each do |name|
+    described_class.reserved_refs_names.each do |name|
       context "with a ref in refs/#{name}/tmp" do
         before do
           repository.write_ref("refs/#{name}/tmp", sha)

From cc2c737dea3c90d465e423e102fb634c531bdcc9 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Thu, 24 Aug 2017 17:30:54 +0800
Subject: [PATCH 06/57] Just use @project directly

---
 app/services/projects/import_export/cleanup_service.rb | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/app/services/projects/import_export/cleanup_service.rb b/app/services/projects/import_export/cleanup_service.rb
index 2e6bfb99189..25bff3468a9 100644
--- a/app/services/projects/import_export/cleanup_service.rb
+++ b/app/services/projects/import_export/cleanup_service.rb
@@ -11,15 +11,13 @@ module Projects
         %r{\Arefs/(?:#{names})/}
       end
 
-      attr_reader :project
-
       def initialize(project)
         @project = project
       end
 
       # This could raise Projects::HousekeepingService::LeaseTaken
       def execute
-        Projects::HousekeepingService.new(project).execute do
+        Projects::HousekeepingService.new(@project).execute do
           garbage_refs.each(&rugged.references.method(:delete))
         end
       end
@@ -37,7 +35,7 @@ module Projects
       end
 
       def rugged
-        @rugged ||= project.repository.rugged
+        @rugged ||= @project.repository.rugged
       end
     end
   end

From 5c31c72048d418d88d59abbdb117ec5413eb5f83 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Thu, 24 Aug 2017 17:36:16 +0800
Subject: [PATCH 07/57] Use block rather than just b

---
 spec/services/projects/housekeeping_service_spec.rb | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/spec/services/projects/housekeeping_service_spec.rb b/spec/services/projects/housekeeping_service_spec.rb
index 6e916a523fe..9386c110385 100644
--- a/spec/services/projects/housekeeping_service_spec.rb
+++ b/spec/services/projects/housekeeping_service_spec.rb
@@ -24,8 +24,8 @@ describe Projects::HousekeepingService do
     end
 
     it 'yields the block if given' do
-      expect do |b|
-        subject.execute(&b)
+      expect do |block|
+        subject.execute(&block)
       end.to yield_with_no_args
     end
 
@@ -47,8 +47,8 @@ describe Projects::HousekeepingService do
       end
 
       it 'does not yield' do
-        expect do |b|
-          expect { subject.execute(&b) }
+        expect do |block|
+          expect { subject.execute(&block) }
             .to raise_error(Projects::HousekeepingService::LeaseTaken)
         end.not_to yield_with_no_args
       end

From 932d32515a72bc80e021474100f677d954f3822e Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Thu, 24 Aug 2017 18:58:31 +0800
Subject: [PATCH 08/57] Move to Projects::HousecleaningService

---
 app/models/project.rb                         |  2 +-
 .../projects/housecleaning_service.rb         | 40 ++++++++++++++++++
 .../projects/import_export/cleanup_service.rb | 42 -------------------
 spec/models/project_spec.rb                   | 10 ++---
 ..._spec.rb => housecleaning_service_spec.rb} |  2 +-
 5 files changed, 47 insertions(+), 49 deletions(-)
 create mode 100644 app/services/projects/housecleaning_service.rb
 delete mode 100644 app/services/projects/import_export/cleanup_service.rb
 rename spec/services/projects/{import_export/cleanup_service_spec.rb => housecleaning_service_spec.rb} (96%)

diff --git a/app/models/project.rb b/app/models/project.rb
index 72da4e8eb2e..c0060504d74 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -372,7 +372,7 @@ class Project < ActiveRecord::Base
       if Gitlab::ImportSources.importer_names.include?(project.import_type) && project.repo_exists?
         project.run_after_commit do
           begin
-            Projects::ImportExport::CleanupService.new(project).execute
+            Projects::HousecleaningService.new(project).execute
           rescue Projects::HousekeepingService::LeaseTaken => e
             Rails.logger.info("Could not perform housekeeping for project #{project.full_path} (#{project.id}): #{e}")
           end
diff --git a/app/services/projects/housecleaning_service.rb b/app/services/projects/housecleaning_service.rb
new file mode 100644
index 00000000000..d5cf8478e13
--- /dev/null
+++ b/app/services/projects/housecleaning_service.rb
@@ -0,0 +1,40 @@
+module Projects
+  class HousecleaningService
+    def self.reserved_refs_names
+      %w[heads tags merge-requests keep-around environments]
+    end
+
+    def self.reserved_refs_regexp
+      names = reserved_refs_names.map(&Regexp.method(:escape)).join('|')
+
+      %r{\Arefs/(?:#{names})/}
+    end
+
+    def initialize(project)
+      @project = project
+    end
+
+    # This could raise Projects::HousekeepingService::LeaseTaken
+    def execute
+      Projects::HousekeepingService.new(@project).execute do
+        garbage_refs.each(&rugged.references.method(:delete))
+      end
+    end
+
+    private
+
+    def garbage_refs
+      @garbage_refs ||= begin
+        reserved_refs_regexp = self.class.reserved_refs_regexp
+
+        rugged.references.reject do |ref|
+          ref.name =~ reserved_refs_regexp
+        end
+      end
+    end
+
+    def rugged
+      @rugged ||= @project.repository.rugged
+    end
+  end
+end
diff --git a/app/services/projects/import_export/cleanup_service.rb b/app/services/projects/import_export/cleanup_service.rb
deleted file mode 100644
index 25bff3468a9..00000000000
--- a/app/services/projects/import_export/cleanup_service.rb
+++ /dev/null
@@ -1,42 +0,0 @@
-module Projects
-  module ImportExport
-    class CleanupService
-      def self.reserved_refs_names
-        %w[heads tags merge-requests keep-around environments]
-      end
-
-      def self.reserved_refs_regexp
-        names = reserved_refs_names.map(&Regexp.method(:escape)).join('|')
-
-        %r{\Arefs/(?:#{names})/}
-      end
-
-      def initialize(project)
-        @project = project
-      end
-
-      # This could raise Projects::HousekeepingService::LeaseTaken
-      def execute
-        Projects::HousekeepingService.new(@project).execute do
-          garbage_refs.each(&rugged.references.method(:delete))
-        end
-      end
-
-      private
-
-      def garbage_refs
-        @garbage_refs ||= begin
-          reserved_refs_regexp = self.class.reserved_refs_regexp
-
-          rugged.references.reject do |ref|
-            ref.name =~ reserved_refs_regexp
-          end
-        end
-      end
-
-      def rugged
-        @rugged ||= @project.repository.rugged
-      end
-    end
-  end
-end
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 130c0739033..7631207b1d0 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1563,14 +1563,14 @@ describe Project do
 
   describe 'project import state transitions' do
     context 'state transition: [:started] => [:finished]' do
-      let(:cleanup_service) { spy(:cleanup_service) }
+      let(:housecleaning_service) { spy(:housecleaning_service) }
       let(:housekeeping_service) { spy(:housekeeping_service) }
 
       before do
-        allow(Projects::ImportExport::CleanupService)
-          .to receive(:new) { cleanup_service }
+        allow(Projects::HousecleaningService)
+          .to receive(:new) { housecleaning_service }
 
-        allow(cleanup_service)
+        allow(housecleaning_service)
           .to receive(:execute) { housekeeping_service.execute }
 
         allow(Projects::HousekeepingService)
@@ -1589,7 +1589,7 @@ describe Project do
 
         project.import_finish
 
-        expect(cleanup_service).to have_received(:execute)
+        expect(housecleaning_service).to have_received(:execute)
         expect(housekeeping_service).to have_received(:execute)
       end
 
diff --git a/spec/services/projects/import_export/cleanup_service_spec.rb b/spec/services/projects/housecleaning_service_spec.rb
similarity index 96%
rename from spec/services/projects/import_export/cleanup_service_spec.rb
rename to spec/services/projects/housecleaning_service_spec.rb
index 108d0ea2ecc..3dd7906dc9a 100644
--- a/spec/services/projects/import_export/cleanup_service_spec.rb
+++ b/spec/services/projects/housecleaning_service_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Projects::ImportExport::CleanupService do
+describe Projects::HousecleaningService do
   subject { described_class.new(project) }
 
   let(:project) { create(:project, :repository) }

From 9e203582b367a1b84035572261a79b62e22bfeaa Mon Sep 17 00:00:00 2001
From: Hiroyuki Sato <sathiroyuki@gmail.com>
Date: Wed, 23 Aug 2017 01:51:53 +0900
Subject: [PATCH 09/57] Improve AutocompleteController#user.json performance

---
 app/models/user.rb                            |  2 +-
 .../improve-autocomplete-user-performance.yml |  5 +++
 lib/gitlab/sql/pattern.rb                     | 29 +++++++++++++++++
 .../filtered_search/dropdown_author_spec.rb   | 12 +++----
 spec/lib/gitlab/sql/pattern_spec.rb           | 31 +++++++++++++++++++
 spec/models/user_spec.rb                      | 17 ++++++++++
 6 files changed, 89 insertions(+), 7 deletions(-)
 create mode 100644 changelogs/unreleased/improve-autocomplete-user-performance.yml
 create mode 100644 lib/gitlab/sql/pattern.rb
 create mode 100644 spec/lib/gitlab/sql/pattern_spec.rb

diff --git a/app/models/user.rb b/app/models/user.rb
index fbd08bc4d0a..e5a84ce4080 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -303,7 +303,7 @@ class User < ActiveRecord::Base
     # Returns an ActiveRecord::Relation.
     def search(query)
       table   = arel_table
-      pattern = "%#{query}%"
+      pattern = Gitlab::SQL::Pattern.new(query).to_sql
 
       order = <<~SQL
         CASE
diff --git a/changelogs/unreleased/improve-autocomplete-user-performance.yml b/changelogs/unreleased/improve-autocomplete-user-performance.yml
new file mode 100644
index 00000000000..5a7153771ff
--- /dev/null
+++ b/changelogs/unreleased/improve-autocomplete-user-performance.yml
@@ -0,0 +1,5 @@
+---
+title: Improve performance for AutocompleteController#users.json
+merge_request: 13754
+author: Hiroyuki Sato
+type: changed
diff --git a/lib/gitlab/sql/pattern.rb b/lib/gitlab/sql/pattern.rb
new file mode 100644
index 00000000000..47ea19994a2
--- /dev/null
+++ b/lib/gitlab/sql/pattern.rb
@@ -0,0 +1,29 @@
+module Gitlab
+  module SQL
+    class Pattern
+      MIN_CHARS_FOR_PARTIAL_MATCHING = 3
+
+      attr_reader :query
+
+      def initialize(query)
+        @query = query
+      end
+
+      def to_sql
+        if exact_matching?
+          query
+        else
+          "%#{query}%"
+        end
+      end
+
+      def exact_matching?
+        !partial_matching?
+      end
+
+      def partial_matching?
+        @query.length >= MIN_CHARS_FOR_PARTIAL_MATCHING
+      end
+    end
+  end
+end
diff --git a/spec/features/issues/filtered_search/dropdown_author_spec.rb b/spec/features/issues/filtered_search/dropdown_author_spec.rb
index 975dc035f2d..3cec59050ab 100644
--- a/spec/features/issues/filtered_search/dropdown_author_spec.rb
+++ b/spec/features/issues/filtered_search/dropdown_author_spec.rb
@@ -6,7 +6,7 @@ describe 'Dropdown author', js: true do
   let!(:project) { create(:project) }
   let!(:user) { create(:user, name: 'administrator', username: 'root') }
   let!(:user_john) { create(:user, name: 'John', username: 'th0mas') }
-  let!(:user_jacob) { create(:user, name: 'Jacob', username: 'otter32') }
+  let!(:user_jacob) { create(:user, name: 'Jacob', username: 'ooter32') }
   let(:filtered_search) { find('.filtered-search') }
   let(:js_dropdown_author) { '#js-dropdown-author' }
 
@@ -82,31 +82,31 @@ describe 'Dropdown author', js: true do
     end
 
     it 'filters by name' do
-      send_keys_to_filtered_search('ja')
+      send_keys_to_filtered_search('jac')
 
       expect(dropdown_author_size).to eq(1)
     end
 
     it 'filters by case insensitive name' do
-      send_keys_to_filtered_search('Ja')
+      send_keys_to_filtered_search('Jac')
 
       expect(dropdown_author_size).to eq(1)
     end
 
     it 'filters by username with symbol' do
-      send_keys_to_filtered_search('@ot')
+      send_keys_to_filtered_search('@oot')
 
       expect(dropdown_author_size).to eq(2)
     end
 
     it 'filters by username without symbol' do
-      send_keys_to_filtered_search('ot')
+      send_keys_to_filtered_search('oot')
 
       expect(dropdown_author_size).to eq(2)
     end
 
     it 'filters by case insensitive username without symbol' do
-      send_keys_to_filtered_search('OT')
+      send_keys_to_filtered_search('OOT')
 
       expect(dropdown_author_size).to eq(2)
     end
diff --git a/spec/lib/gitlab/sql/pattern_spec.rb b/spec/lib/gitlab/sql/pattern_spec.rb
new file mode 100644
index 00000000000..cbafe36de06
--- /dev/null
+++ b/spec/lib/gitlab/sql/pattern_spec.rb
@@ -0,0 +1,31 @@
+require 'spec_helper'
+
+describe Gitlab::SQL::Pattern do
+  describe '#to_sql' do
+    subject(:to_sql) { described_class.new(query).to_sql }
+
+    context 'when a query is shorter than 3 chars' do
+      let(:query) { '12' }
+
+      it 'returns exact matching pattern' do
+        expect(to_sql).to eq('12')
+      end
+    end
+
+    context 'when a query is equal to 3 chars' do
+      let(:query) { '123' }
+
+      it 'returns partial matching pattern' do
+        expect(to_sql).to eq('%123%')
+      end
+    end
+
+    context 'when a query is longer than 3 chars' do
+      let(:query) { '1234' }
+
+      it 'returns partial matching pattern' do
+        expect(to_sql).to eq('%1234%')
+      end
+    end
+  end
+end
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 9a9e255f874..50abd7af429 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -789,6 +789,7 @@ describe User do
   describe '.search' do
     let!(:user) { create(:user, name: 'user', username: 'usern', email: 'email@gmail.com') }
     let!(:user2) { create(:user, name: 'user name', username: 'username', email: 'someemail@gmail.com') }
+    let!(:user3) { create(:user, name: 'us', username: 'se', email: 'foo@gmail.com') }
 
     describe 'name matching' do
       it 'returns users with a matching name with exact match first' do
@@ -802,6 +803,14 @@ describe User do
       it 'returns users with a matching name regardless of the casing' do
         expect(described_class.search(user2.name.upcase)).to eq([user2])
       end
+
+      it 'returns users with a exact matching name shorter than 3 chars' do
+        expect(described_class.search(user3.name)).to eq([user3])
+      end
+
+      it 'returns users with a exact matching name shorter than 3 chars regardless of the casing' do
+        expect(described_class.search(user3.name.upcase)).to eq([user3])
+      end
     end
 
     describe 'email matching' do
@@ -830,6 +839,14 @@ describe User do
       it 'returns users with a matching username regardless of the casing' do
         expect(described_class.search(user2.username.upcase)).to eq([user2])
       end
+
+      it 'returns users with a exact matching username shorter than 3 chars' do
+        expect(described_class.search(user3.username)).to eq([user3])
+      end
+
+      it 'returns users with a exact matching username shorter than 3 chars regardless of the casing' do
+        expect(described_class.search(user3.username.upcase)).to eq([user3])
+      end
     end
   end
 

From d1054bd3ddb48c15b6a3a53f8c57974208094106 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Fri, 25 Aug 2017 22:38:07 +0800
Subject: [PATCH 10/57] Resolve feedback on the MR:

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/13766

* Rename AfterImportService
* Use constants
* Move Git operations to Gitlab::Git::Repository
* Use Regexp.union
---
 app/models/project.rb                         |  6 +--
 app/services/projects/after_import_service.rb | 32 +++++++++++++++
 .../projects/housecleaning_service.rb         | 40 -------------------
 lib/gitlab/git/repository.rb                  | 11 +++++
 ...e_spec.rb => after_import_service_spec.rb} |  4 +-
 5 files changed, 46 insertions(+), 47 deletions(-)
 create mode 100644 app/services/projects/after_import_service.rb
 delete mode 100644 app/services/projects/housecleaning_service.rb
 rename spec/services/projects/{housecleaning_service_spec.rb => after_import_service_spec.rb} (93%)

diff --git a/app/models/project.rb b/app/models/project.rb
index c0060504d74..f86f75fbbdc 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -371,11 +371,7 @@ class Project < ActiveRecord::Base
 
       if Gitlab::ImportSources.importer_names.include?(project.import_type) && project.repo_exists?
         project.run_after_commit do
-          begin
-            Projects::HousecleaningService.new(project).execute
-          rescue Projects::HousekeepingService::LeaseTaken => e
-            Rails.logger.info("Could not perform housekeeping for project #{project.full_path} (#{project.id}): #{e}")
-          end
+          Projects::AfterImportService.new(project).execute
         end
       end
     end
diff --git a/app/services/projects/after_import_service.rb b/app/services/projects/after_import_service.rb
new file mode 100644
index 00000000000..bbada7e2b1c
--- /dev/null
+++ b/app/services/projects/after_import_service.rb
@@ -0,0 +1,32 @@
+module Projects
+  class AfterImportService
+    RESERVED_REFS_NAMES =
+      %w[heads tags merge-requests keep-around environments].freeze
+
+    RESERVED_REFS_REGEXP =
+      %r{\Arefs/(?:#{Regexp.union(*RESERVED_REFS_NAMES)})/}
+
+    def initialize(project)
+      @project = project
+    end
+
+    def execute
+      Projects::HousekeepingService.new(@project).execute do
+        repository.delete_refs(garbage_refs)
+      end
+    rescue Projects::HousekeepingService::LeaseTaken => e
+      Rails.logger.info(
+        "Could not perform housekeeping for project #{@project.full_path} (#{@project.id}): #{e}")
+    end
+
+    private
+
+    def garbage_refs
+      @garbage_refs ||= repository.all_ref_names_except(RESERVED_REFS_REGEXP)
+    end
+
+    def repository
+      @repository ||= @project.repository
+    end
+  end
+end
diff --git a/app/services/projects/housecleaning_service.rb b/app/services/projects/housecleaning_service.rb
deleted file mode 100644
index d5cf8478e13..00000000000
--- a/app/services/projects/housecleaning_service.rb
+++ /dev/null
@@ -1,40 +0,0 @@
-module Projects
-  class HousecleaningService
-    def self.reserved_refs_names
-      %w[heads tags merge-requests keep-around environments]
-    end
-
-    def self.reserved_refs_regexp
-      names = reserved_refs_names.map(&Regexp.method(:escape)).join('|')
-
-      %r{\Arefs/(?:#{names})/}
-    end
-
-    def initialize(project)
-      @project = project
-    end
-
-    # This could raise Projects::HousekeepingService::LeaseTaken
-    def execute
-      Projects::HousekeepingService.new(@project).execute do
-        garbage_refs.each(&rugged.references.method(:delete))
-      end
-    end
-
-    private
-
-    def garbage_refs
-      @garbage_refs ||= begin
-        reserved_refs_regexp = self.class.reserved_refs_regexp
-
-        rugged.references.reject do |ref|
-          ref.name =~ reserved_refs_regexp
-        end
-      end
-    end
-
-    def rugged
-      @rugged ||= @project.repository.rugged
-    end
-  end
-end
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index eb3731ba35a..f6d30ad7534 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -232,6 +232,13 @@ module Gitlab
         branch_names + tag_names
       end
 
+      # Returns an Array of all ref names, except when it's matching pattern
+      #
+      # regexp - The pattern for ref names we don't want
+      def all_ref_names_except(regexp)
+        rugged.references.reject { |ref| ref.name =~ regexp }.map(&:name)
+      end
+
       # Discovers the default branch based on the repository's available branches
       #
       # - If no branches are present, returns nil
@@ -577,6 +584,10 @@ module Gitlab
         rugged.branches.delete(branch_name)
       end
 
+      def delete_refs(ref_names)
+        ref_names.each(&rugged.references.method(:delete))
+      end
+
       # Create a new branch named **ref+ based on **stat_point+, HEAD by default
       #
       # Examples:
diff --git a/spec/services/projects/housecleaning_service_spec.rb b/spec/services/projects/after_import_service_spec.rb
similarity index 93%
rename from spec/services/projects/housecleaning_service_spec.rb
rename to spec/services/projects/after_import_service_spec.rb
index 3dd7906dc9a..540d2191b2d 100644
--- a/spec/services/projects/housecleaning_service_spec.rb
+++ b/spec/services/projects/after_import_service_spec.rb
@@ -1,6 +1,6 @@
 require 'spec_helper'
 
-describe Projects::HousecleaningService do
+describe Projects::AfterImportService do
   subject { described_class.new(project) }
 
   let(:project) { create(:project, :repository) }
@@ -37,7 +37,7 @@ describe Projects::HousecleaningService do
       end
     end
 
-    described_class.reserved_refs_names.each do |name|
+    described_class::RESERVED_REFS_NAMES.each do |name|
       context "with a ref in refs/#{name}/tmp" do
         before do
           repository.write_ref("refs/#{name}/tmp", sha)

From 081e2fce8240f86f991b0bd3653ef6756f2cf9aa Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Fri, 25 Aug 2017 23:00:06 +0800
Subject: [PATCH 11/57] Try to make reserved ref names more obvious

So that whenever we want to reserve more, we're aware,
and don't mess it up.
---
 app/models/environment.rb                      |  2 +-
 app/models/merge_request.rb                    |  2 +-
 app/models/repository.rb                       | 18 +++++++++++++++---
 app/services/projects/after_import_service.rb  |  5 +----
 .../projects/after_import_service_spec.rb      |  2 +-
 5 files changed, 19 insertions(+), 10 deletions(-)

diff --git a/app/models/environment.rb b/app/models/environment.rb
index e9ebf0637f3..435eeaf0e2e 100644
--- a/app/models/environment.rb
+++ b/app/models/environment.rb
@@ -114,7 +114,7 @@ class Environment < ActiveRecord::Base
   end
 
   def ref_path
-    "refs/environments/#{Shellwords.shellescape(name)}"
+    "refs/#{Repository::REF_ENVIRONMENTS}/#{Shellwords.shellescape(name)}"
   end
 
   def formatted_external_url
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index f028d2395c1..8361039f301 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -797,7 +797,7 @@ class MergeRequest < ActiveRecord::Base
   end
 
   def ref_path
-    "refs/merge-requests/#{iid}/head"
+    "refs/#{Repository::REF_MERGE_REQUEST}/#{iid}/head"
   end
 
   def ref_fetched?
diff --git a/app/models/repository.rb b/app/models/repository.rb
index c1e4fcf94a4..c247fb840ce 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -1,6 +1,18 @@
 require 'securerandom'
 
 class Repository
+  REF_MERGE_REQUEST = 'merge-requests'
+  REF_KEEP_AROUND = 'keep-around'
+  REF_ENVIRONMENTS = 'environments'
+
+  RESERVED_REFS_NAMES = %W[
+    heads
+    tags
+    #{REF_ENVIRONMENTS}
+    #{REF_KEEP_AROUND}
+    #{REF_ENVIRONMENTS}
+  ].freeze
+
   include Gitlab::ShellAdapter
   include RepositoryMirroring
 
@@ -228,10 +240,10 @@ class Repository
     begin
       write_ref(keep_around_ref_name(sha), sha)
     rescue Rugged::ReferenceError => ex
-      Rails.logger.error "Unable to create keep-around reference for repository #{path}: #{ex}"
+      Rails.logger.error "Unable to create #{REF_KEEP_AROUND} reference for repository #{path}: #{ex}"
     rescue Rugged::OSError => ex
       raise unless ex.message =~ /Failed to create locked file/ && ex.message =~ /File exists/
-      Rails.logger.error "Unable to create keep-around reference for repository #{path}: #{ex}"
+      Rails.logger.error "Unable to create #{REF_KEEP_AROUND} reference for repository #{path}: #{ex}"
     end
   end
 
@@ -1152,7 +1164,7 @@ class Repository
   end
 
   def keep_around_ref_name(sha)
-    "refs/keep-around/#{sha}"
+    "refs/#{REF_KEEP_AROUND}/#{sha}"
   end
 
   def repository_event(event, tags = {})
diff --git a/app/services/projects/after_import_service.rb b/app/services/projects/after_import_service.rb
index bbada7e2b1c..107856885f3 100644
--- a/app/services/projects/after_import_service.rb
+++ b/app/services/projects/after_import_service.rb
@@ -1,10 +1,7 @@
 module Projects
   class AfterImportService
-    RESERVED_REFS_NAMES =
-      %w[heads tags merge-requests keep-around environments].freeze
-
     RESERVED_REFS_REGEXP =
-      %r{\Arefs/(?:#{Regexp.union(*RESERVED_REFS_NAMES)})/}
+      %r{\Arefs/(?:#{Regexp.union(*Repository::RESERVED_REFS_NAMES)})/}
 
     def initialize(project)
       @project = project
diff --git a/spec/services/projects/after_import_service_spec.rb b/spec/services/projects/after_import_service_spec.rb
index 540d2191b2d..c6678fc1f5c 100644
--- a/spec/services/projects/after_import_service_spec.rb
+++ b/spec/services/projects/after_import_service_spec.rb
@@ -37,7 +37,7 @@ describe Projects::AfterImportService do
       end
     end
 
-    described_class::RESERVED_REFS_NAMES.each do |name|
+    Repository::RESERVED_REFS_NAMES.each do |name|
       context "with a ref in refs/#{name}/tmp" do
         before do
           repository.write_ref("refs/#{name}/tmp", sha)

From 866aab7f2a92f9929a5c5811d3d3c23c11184b26 Mon Sep 17 00:00:00 2001
From: Hiroyuki Sato <sathiroyuki@gmail.com>
Date: Sat, 26 Aug 2017 22:32:55 +0900
Subject: [PATCH 12/57] Fix escape characters was not sanitized

---
 lib/gitlab/sql/pattern.rb           |  9 +++++++--
 spec/lib/gitlab/sql/pattern_spec.rb | 24 ++++++++++++++++++++++++
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/lib/gitlab/sql/pattern.rb b/lib/gitlab/sql/pattern.rb
index 47ea19994a2..46c973d8a11 100644
--- a/lib/gitlab/sql/pattern.rb
+++ b/lib/gitlab/sql/pattern.rb
@@ -11,9 +11,9 @@ module Gitlab
 
       def to_sql
         if exact_matching?
-          query
+          sanitized_query
         else
-          "%#{query}%"
+          "%#{sanitized_query}%"
         end
       end
 
@@ -24,6 +24,11 @@ module Gitlab
       def partial_matching?
         @query.length >= MIN_CHARS_FOR_PARTIAL_MATCHING
       end
+
+      def sanitized_query
+        # Note: ActiveRecord::Base.sanitize_sql_like is a protected method
+        ActiveRecord::Base.__send__(:sanitize_sql_like, query)
+      end
     end
   end
 end
diff --git a/spec/lib/gitlab/sql/pattern_spec.rb b/spec/lib/gitlab/sql/pattern_spec.rb
index cbafe36de06..d0412f37098 100644
--- a/spec/lib/gitlab/sql/pattern_spec.rb
+++ b/spec/lib/gitlab/sql/pattern_spec.rb
@@ -12,6 +12,14 @@ describe Gitlab::SQL::Pattern do
       end
     end
 
+    context 'when a query with a escape character is shorter than 3 chars' do
+      let(:query) { '_2' }
+
+      it 'returns sanitized exact matching pattern' do
+        expect(to_sql).to eq('\_2')
+      end
+    end
+
     context 'when a query is equal to 3 chars' do
       let(:query) { '123' }
 
@@ -20,6 +28,14 @@ describe Gitlab::SQL::Pattern do
       end
     end
 
+    context 'when a query with a escape character is equal to 3 chars' do
+      let(:query) { '_23' }
+
+      it 'returns partial matching pattern' do
+        expect(to_sql).to eq('%\_23%')
+      end
+    end
+
     context 'when a query is longer than 3 chars' do
       let(:query) { '1234' }
 
@@ -27,5 +43,13 @@ describe Gitlab::SQL::Pattern do
         expect(to_sql).to eq('%1234%')
       end
     end
+
+    context 'when a query with a escape character is longer than 3 chars' do
+      let(:query) { '_234' }
+
+      it 'returns sanitized partial matching pattern' do
+        expect(to_sql).to eq('%\_234%')
+      end
+    end
   end
 end

From 3a4da8ce8b57aa430720de75397a38c2be0fc6c0 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Mon, 28 Aug 2017 18:51:23 +0800
Subject: [PATCH 13/57] Fix tests

---
 app/models/repository.rb    |  6 +++---
 spec/models/project_spec.rb | 10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index c247fb840ce..b917eb4c302 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -1,9 +1,9 @@
 require 'securerandom'
 
 class Repository
-  REF_MERGE_REQUEST = 'merge-requests'
-  REF_KEEP_AROUND = 'keep-around'
-  REF_ENVIRONMENTS = 'environments'
+  REF_MERGE_REQUEST = 'merge-requests'.freeze
+  REF_KEEP_AROUND = 'keep-around'.freeze
+  REF_ENVIRONMENTS = 'environments'.freeze
 
   RESERVED_REFS_NAMES = %W[
     heads
diff --git a/spec/models/project_spec.rb b/spec/models/project_spec.rb
index 7631207b1d0..11717ba39e8 100644
--- a/spec/models/project_spec.rb
+++ b/spec/models/project_spec.rb
@@ -1563,14 +1563,14 @@ describe Project do
 
   describe 'project import state transitions' do
     context 'state transition: [:started] => [:finished]' do
-      let(:housecleaning_service) { spy(:housecleaning_service) }
+      let(:after_import_service) { spy(:after_import_service) }
       let(:housekeeping_service) { spy(:housekeeping_service) }
 
       before do
-        allow(Projects::HousecleaningService)
-          .to receive(:new) { housecleaning_service }
+        allow(Projects::AfterImportService)
+          .to receive(:new) { after_import_service }
 
-        allow(housecleaning_service)
+        allow(after_import_service)
           .to receive(:execute) { housekeeping_service.execute }
 
         allow(Projects::HousekeepingService)
@@ -1589,7 +1589,7 @@ describe Project do
 
         project.import_finish
 
-        expect(housecleaning_service).to have_received(:execute)
+        expect(after_import_service).to have_received(:execute)
         expect(housekeeping_service).to have_received(:execute)
       end
 

From 54b3908cd1fac68318007e6800305ece6013727e Mon Sep 17 00:00:00 2001
From: winh <winnie@gitlab.com>
Date: Thu, 17 Aug 2017 10:42:18 +0200
Subject: [PATCH 14/57] Make notification dropdowns consistent

---
 app/assets/stylesheets/pages/notifications.scss | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/assets/stylesheets/pages/notifications.scss b/app/assets/stylesheets/pages/notifications.scss
index bdf07a99daf..c28b1e68008 100644
--- a/app/assets/stylesheets/pages/notifications.scss
+++ b/app/assets/stylesheets/pages/notifications.scss
@@ -14,3 +14,7 @@
     font-size: 18px;
   }
 }
+
+.notification-form {
+  @include new-style-dropdown;
+}

From 53fd93220c19aec495212e848979293da41164ba Mon Sep 17 00:00:00 2001
From: winh <winnie@gitlab.com>
Date: Tue, 15 Aug 2017 22:39:19 +0200
Subject: [PATCH 15/57] Make file template dropdowns consistent

---
 app/assets/stylesheets/pages/editor.scss | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/assets/stylesheets/pages/editor.scss b/app/assets/stylesheets/pages/editor.scss
index f6b8c8ee2bc..d3cd4d507de 100644
--- a/app/assets/stylesheets/pages/editor.scss
+++ b/app/assets/stylesheets/pages/editor.scss
@@ -204,6 +204,8 @@
   .gitlab-ci-yml-selector,
   .dockerfile-selector,
   .template-type-selector {
+    @include new-style-dropdown;
+
     display: inline-block;
     vertical-align: top;
     font-family: $regular_font;

From b7316ffdff561cc16a003c5540f2c6e627818a2e Mon Sep 17 00:00:00 2001
From: Kai Kontio <kai.kontio@analyse2.com>
Date: Mon, 28 Aug 2017 11:47:09 +0000
Subject: [PATCH 16/57] Update backup_restore.md documentation regarding S3 and
 IAM profiles.

https://gitlab.com/gitlab-org/gitlab-ce/commit/7f8ef19c411eceec207fef5d8459fbeaa40bf464 most likely broke the old configuration format where empty string aws_access_key_id & aws_secret_access_key were still OK. From 9.5 onwards moving backups to S3 using IAM profiles will fail if they are configured.
---
 doc/raketasks/backup_restore.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md
index 10f5ab3370d..ae69d7f92f2 100644
--- a/doc/raketasks/backup_restore.md
+++ b/doc/raketasks/backup_restore.md
@@ -144,9 +144,8 @@ gitlab_rails['backup_upload_connection'] = {
   'region' => 'eu-west-1',
   'aws_access_key_id' => 'AKIAKIAKI',
   'aws_secret_access_key' => 'secret123'
-  # If using an IAM Profile, leave aws_access_key_id & aws_secret_access_key empty
-  # ie. 'aws_access_key_id' => '',
-  # 'use_iam_profile' => 'true'
+  # If using an IAM Profile, don't configure aws_access_key_id & aws_secret_access_key
+  # 'use_iam_profile' => true
 }
 gitlab_rails['backup_upload_remote_directory'] = 'my.s3.bucket'
 ```

From 998afa5f74558be215a924d95aa131a69831ca43 Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Wed, 1 Mar 2017 14:35:48 +0100
Subject: [PATCH 17/57] API: Respect the 'If-Unmodified-Since' for delete
 endpoints

---
 lib/api/access_requests.rb    |  3 +++
 lib/api/award_emoji.rb        |  1 +
 lib/api/boards.rb             |  1 +
 lib/api/broadcast_messages.rb |  1 +
 lib/api/deploy_keys.rb        |  2 ++
 lib/api/environments.rb       |  1 +
 lib/api/groups.rb             |  2 ++
 lib/api/helpers.rb            |  8 ++++++++
 lib/api/issues.rb             |  2 ++
 lib/api/labels.rb             |  2 ++
 lib/api/members.rb            |  3 ++-
 lib/api/merge_requests.rb     |  2 ++
 lib/api/notes.rb              |  2 ++
 lib/api/project_hooks.rb      |  2 ++
 lib/api/project_snippets.rb   |  2 ++
 lib/api/projects.rb           |  2 ++
 lib/api/runners.rb            |  2 ++
 lib/api/services.rb           |  2 ++
 lib/api/snippets.rb           |  1 +
 lib/api/system_hooks.rb       |  2 ++
 lib/api/triggers.rb           |  2 ++
 lib/api/users.rb              | 28 ++++++++++++++++++++++++++++
 22 files changed, 72 insertions(+), 1 deletion(-)

diff --git a/lib/api/access_requests.rb b/lib/api/access_requests.rb
index cdacf9839e5..0c5b8862d79 100644
--- a/lib/api/access_requests.rb
+++ b/lib/api/access_requests.rb
@@ -67,6 +67,9 @@ module API
         end
         delete ":id/access_requests/:user_id" do
           source = find_source(source_type, params[:id])
+          member = source.public_send(:requesters).find_by!(user_id: params[:user_id])
+
+          check_unmodified_since(member.updated_at)
 
           status 204
           ::Members::DestroyService.new(source, current_user, params)
diff --git a/lib/api/award_emoji.rb b/lib/api/award_emoji.rb
index 5a028fc9d0b..51a8587d26e 100644
--- a/lib/api/award_emoji.rb
+++ b/lib/api/award_emoji.rb
@@ -85,6 +85,7 @@ module API
           end
           delete "#{endpoint}/:award_id" do
             award = awardable.award_emoji.find(params[:award_id])
+            check_unmodified_since(award.updated_at)
 
             unauthorized! unless award.user == current_user || current_user.admin?
 
diff --git a/lib/api/boards.rb b/lib/api/boards.rb
index 5a2d7a681e3..d36df77dc6c 100644
--- a/lib/api/boards.rb
+++ b/lib/api/boards.rb
@@ -124,6 +124,7 @@ module API
           authorize!(:admin_list, user_project)
 
           list = board_lists.find(params[:list_id])
+          check_unmodified_since(list.updated_at)
 
           service = ::Boards::Lists::DestroyService.new(user_project, current_user)
 
diff --git a/lib/api/broadcast_messages.rb b/lib/api/broadcast_messages.rb
index 9980aec4752..352972b584a 100644
--- a/lib/api/broadcast_messages.rb
+++ b/lib/api/broadcast_messages.rb
@@ -90,6 +90,7 @@ module API
       end
       delete ':id' do
         message = find_message
+        check_unmodified_since(message.updated_at)
 
         status 204
         message.destroy
diff --git a/lib/api/deploy_keys.rb b/lib/api/deploy_keys.rb
index 42e7c1486b0..971cc816454 100644
--- a/lib/api/deploy_keys.rb
+++ b/lib/api/deploy_keys.rb
@@ -125,6 +125,8 @@ module API
         key = user_project.deploy_keys_projects.find_by(deploy_key_id: params[:key_id])
         not_found!('Deploy Key') unless key
 
+        check_unmodified_since(key.updated_at)
+
         status 204
         key.destroy
       end
diff --git a/lib/api/environments.rb b/lib/api/environments.rb
index c774a5c6685..3fc423ae79a 100644
--- a/lib/api/environments.rb
+++ b/lib/api/environments.rb
@@ -78,6 +78,7 @@ module API
         authorize! :update_environment, user_project
 
         environment = user_project.environments.find(params[:environment_id])
+        check_unmodified_since(environment.updated_at)
 
         status 204
         environment.destroy
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index e56427304a6..c9b32a85487 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -117,6 +117,8 @@ module API
       delete ":id" do
         group = find_group!(params[:id])
         authorize! :admin_group, group
+        
+        check_unmodified_since(group.updated_at)
 
         status 204
         ::Groups::DestroyService.new(group, current_user).execute
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index b56fd2388b3..1c74a14d91c 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -11,6 +11,14 @@ module API
       declared(params, options).to_h.symbolize_keys
     end
 
+    def check_unmodified_since(last_modified)
+      if_unmodified_since = Time.parse(headers['If-Unmodified-Since']) if headers.key?('If-Unmodified-Since') rescue nil
+
+      if if_unmodified_since && if_unmodified_since < last_modified
+        render_api_error!('412 Precondition Failed', 412)
+      end
+    end
+
     def current_user
       return @current_user if defined?(@current_user)
 
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index 4cec1145f3a..cee9898d3a6 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -230,6 +230,8 @@ module API
         not_found!('Issue') unless issue
 
         authorize!(:destroy_issue, issue)
+        check_unmodified_since(issue.updated_at)
+
         status 204
         issue.destroy
       end
diff --git a/lib/api/labels.rb b/lib/api/labels.rb
index 4520c98d951..45fa57fdf55 100644
--- a/lib/api/labels.rb
+++ b/lib/api/labels.rb
@@ -56,6 +56,8 @@ module API
         label = user_project.labels.find_by(title: params[:name])
         not_found!('Label') unless label
 
+        check_unmodified_since(label.updated_at)
+
         status 204
         label.destroy
       end
diff --git a/lib/api/members.rb b/lib/api/members.rb
index bb970b7cd54..5634f123eca 100644
--- a/lib/api/members.rb
+++ b/lib/api/members.rb
@@ -94,7 +94,8 @@ module API
         delete ":id/members/:user_id" do
           source = find_source(source_type, params[:id])
           # Ensure that memeber exists
-          source.members.find_by!(user_id: params[:user_id])
+          member = source.members.find_by!(user_id: params[:user_id])
+          check_unmodified_since(member.updated_at)
 
           status 204
           ::Members::DestroyService.new(source, current_user, declared_params).execute
diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb
index 8810d4e441d..c6fecc1aa6c 100644
--- a/lib/api/merge_requests.rb
+++ b/lib/api/merge_requests.rb
@@ -164,6 +164,8 @@ module API
         merge_request = find_project_merge_request(params[:merge_request_iid])
 
         authorize!(:destroy_merge_request, merge_request)
+        check_unmodified_since(merge_request.updated_at)
+
         status 204
         merge_request.destroy
       end
diff --git a/lib/api/notes.rb b/lib/api/notes.rb
index 4e4e473994b..58d71787aca 100644
--- a/lib/api/notes.rb
+++ b/lib/api/notes.rb
@@ -129,7 +129,9 @@ module API
         end
         delete ":id/#{noteables_str}/:noteable_id/notes/:note_id" do
           note = user_project.notes.find(params[:note_id])
+
           authorize! :admin_note, note
+          check_unmodified_since(note.updated_at)
 
           status 204
           ::Notes::DestroyService.new(user_project, current_user).execute(note)
diff --git a/lib/api/project_hooks.rb b/lib/api/project_hooks.rb
index 649dd891f56..74d736fda59 100644
--- a/lib/api/project_hooks.rb
+++ b/lib/api/project_hooks.rb
@@ -96,6 +96,8 @@ module API
       delete ":id/hooks/:hook_id" do
         hook = user_project.hooks.find(params.delete(:hook_id))
 
+        check_unmodified_since(hook.updated_at)
+
         status 204
         hook.destroy
       end
diff --git a/lib/api/project_snippets.rb b/lib/api/project_snippets.rb
index f3d905b0068..645162d564d 100644
--- a/lib/api/project_snippets.rb
+++ b/lib/api/project_snippets.rb
@@ -116,6 +116,8 @@ module API
         not_found!('Snippet') unless snippet
 
         authorize! :admin_project_snippet, snippet
+        check_unmodified_since(snippet.updated_at)
+
         status 204
         snippet.destroy
       end
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 15c3832b032..eab0ca0b3c9 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -334,6 +334,8 @@ module API
       desc 'Remove a project'
       delete ":id" do
         authorize! :remove_project, user_project
+        check_unmodified_since(user_project.updated_at)
+
         ::Projects::DestroyService.new(user_project, current_user, {}).async_execute
 
         accepted!
diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index 31f940fe96b..e3b2eb904b7 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -77,7 +77,9 @@ module API
       end
       delete ':id' do
         runner = get_runner(params[:id])
+
         authenticate_delete_runner!(runner)
+        check_unmodified_since(runner.updated_at)
 
         status 204
         runner.destroy!
diff --git a/lib/api/services.rb b/lib/api/services.rb
index 843c05ae32e..4fef3383e5e 100644
--- a/lib/api/services.rb
+++ b/lib/api/services.rb
@@ -655,6 +655,8 @@ module API
       end
       delete ":id/services/:service_slug" do
         service = user_project.find_or_initialize_service(params[:service_slug].underscore)
+        # Todo, not sure
+        check_unmodified_since(service.updated_at)
 
         attrs = service_attributes(service).inject({}) do |hash, key|
           hash.merge!(key => nil)
diff --git a/lib/api/snippets.rb b/lib/api/snippets.rb
index 35ece56c65c..7107b3d669c 100644
--- a/lib/api/snippets.rb
+++ b/lib/api/snippets.rb
@@ -122,6 +122,7 @@ module API
         return not_found!('Snippet') unless snippet
 
         authorize! :destroy_personal_snippet, snippet
+        check_unmodified_since(snippet.updated_at)
 
         status 204
         snippet.destroy
diff --git a/lib/api/system_hooks.rb b/lib/api/system_hooks.rb
index c0179037440..64066a75b15 100644
--- a/lib/api/system_hooks.rb
+++ b/lib/api/system_hooks.rb
@@ -66,6 +66,8 @@ module API
         hook = SystemHook.find_by(id: params[:id])
         not_found!('System hook') unless hook
 
+        check_unmodified_since(hook.updated_at)
+
         status 204
         hook.destroy
       end
diff --git a/lib/api/triggers.rb b/lib/api/triggers.rb
index edfdb63d183..4ae70c65759 100644
--- a/lib/api/triggers.rb
+++ b/lib/api/triggers.rb
@@ -140,6 +140,8 @@ module API
         trigger = user_project.triggers.find(params.delete(:trigger_id))
         return not_found!('Trigger') unless trigger
 
+        check_unmodified_since(trigger.updated_at)
+
         status 204
         trigger.destroy
       end
diff --git a/lib/api/users.rb b/lib/api/users.rb
index e2019d6d512..942bb72cf97 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -230,7 +230,12 @@ module API
         key = user.keys.find_by(id: params[:key_id])
         not_found!('Key') unless key
 
+<<<<<<< HEAD
         status 204
+=======
+        check_unmodified_since(key.updated_at)
+
+>>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
         key.destroy
       end
 
@@ -287,7 +292,14 @@ module API
         email = user.emails.find_by(id: params[:email_id])
         not_found!('Email') unless email
 
+<<<<<<< HEAD
         Emails::DestroyService.new(user, email: email.email).execute
+=======
+        check_unmodified_since(email.updated_at)
+
+        email.destroy
+        user.update_secondary_emails!
+>>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
       end
 
       desc 'Delete a user. Available only for admins.' do
@@ -299,11 +311,18 @@ module API
       end
       delete ":id" do
         authenticated_as_admin!
+
         user = User.find_by(id: params[:id])
         not_found!('User') unless user
 
+<<<<<<< HEAD
         status 204
         user.delete_async(deleted_by: current_user, params: params)
+=======
+        check_unmodified_since(user.updated_at)
+
+        ::Users::DestroyService.new(current_user).execute(user)
+>>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
       end
 
       desc 'Block a user. Available only for admins.'
@@ -481,6 +500,8 @@ module API
         key = current_user.keys.find_by(id: params[:key_id])
         not_found!('Key') unless key
 
+        check_unmodified_since(key.updated_at)
+
         status 204
         key.destroy
       end
@@ -533,6 +554,7 @@ module API
         email = current_user.emails.find_by(id: params[:email_id])
         not_found!('Email') unless email
 
+<<<<<<< HEAD
         status 204
         Emails::DestroyService.new(current_user, email: email.email).execute
       end
@@ -550,6 +572,12 @@ module API
           .reorder(last_activity_on: :asc)
 
         present paginate(activities), with: Entities::UserActivity
+=======
+        check_unmodified_since(email.updated_at)
+
+        email.destroy
+        current_user.update_secondary_emails!
+>>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
       end
     end
   end

From e80313f9ee5b3495a8713e6ddae111bc8106155b Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Thu, 2 Mar 2017 13:14:13 +0100
Subject: [PATCH 18/57] Conditionally destroy a ressource

---
 lib/api/access_requests.rb     | 11 ++++----
 lib/api/award_emoji.rb         |  4 +--
 lib/api/boards.rb              | 11 ++++----
 lib/api/broadcast_messages.rb  |  4 +--
 lib/api/deploy_keys.rb         |  5 +---
 lib/api/environments.rb        |  4 +--
 lib/api/groups.rb              |  7 +++--
 lib/api/helpers.rb             | 17 +++++++++---
 lib/api/issues.rb              |  4 +--
 lib/api/labels.rb              |  5 +---
 lib/api/members.rb             |  7 +++--
 lib/api/merge_requests.rb      |  4 +--
 lib/api/notes.rb               |  6 ++---
 lib/api/project_hooks.rb       |  5 +---
 lib/api/project_snippets.rb    |  4 +--
 lib/api/projects.rb            |  5 ++--
 lib/api/runner.rb              |  6 +++--
 lib/api/runners.rb             |  7 ++---
 lib/api/services.rb            |  4 +--
 lib/api/snippets.rb            |  4 +--
 lib/api/system_hooks.rb        |  5 +---
 lib/api/triggers.rb            |  5 +---
 lib/api/users.rb               | 47 ++++++++++------------------------
 spec/requests/api/tags_spec.rb |  4 +--
 24 files changed, 71 insertions(+), 114 deletions(-)

diff --git a/lib/api/access_requests.rb b/lib/api/access_requests.rb
index 0c5b8862d79..4fa9b2b2494 100644
--- a/lib/api/access_requests.rb
+++ b/lib/api/access_requests.rb
@@ -67,13 +67,12 @@ module API
         end
         delete ":id/access_requests/:user_id" do
           source = find_source(source_type, params[:id])
-          member = source.public_send(:requesters).find_by!(user_id: params[:user_id])
+          member = source.requesters.find_by!(user_id: params[:user_id])
 
-          check_unmodified_since(member.updated_at)
-
-          status 204
-          ::Members::DestroyService.new(source, current_user, params)
-            .execute(:requesters)
+          destroy_conditionally!(member) do
+            ::Members::DestroyService.new(source, current_user, params)
+              .execute(:requesters)
+          end
         end
       end
     end
diff --git a/lib/api/award_emoji.rb b/lib/api/award_emoji.rb
index 51a8587d26e..8e3851640da 100644
--- a/lib/api/award_emoji.rb
+++ b/lib/api/award_emoji.rb
@@ -85,12 +85,10 @@ module API
           end
           delete "#{endpoint}/:award_id" do
             award = awardable.award_emoji.find(params[:award_id])
-            check_unmodified_since(award.updated_at)
 
             unauthorized! unless award.user == current_user || current_user.admin?
 
-            status 204
-            award.destroy
+            destroy_conditionally!(award)
           end
         end
       end
diff --git a/lib/api/boards.rb b/lib/api/boards.rb
index d36df77dc6c..0d11c5fc971 100644
--- a/lib/api/boards.rb
+++ b/lib/api/boards.rb
@@ -122,14 +122,13 @@ module API
         end
         delete "/lists/:list_id" do
           authorize!(:admin_list, user_project)
-
           list = board_lists.find(params[:list_id])
-          check_unmodified_since(list.updated_at)
 
-          service = ::Boards::Lists::DestroyService.new(user_project, current_user)
-
-          unless service.execute(list)
-            render_api_error!({ error: 'List could not be deleted!' }, 400)
+          destroy_conditionally!(list) do |list|
+            service = ::Boards::Lists::DestroyService.new(user_project, current_user)
+            unless service.execute(list)
+              render_api_error!({ error: 'List could not be deleted!' }, 400)
+            end
           end
         end
       end
diff --git a/lib/api/broadcast_messages.rb b/lib/api/broadcast_messages.rb
index 352972b584a..0b45621ce7b 100644
--- a/lib/api/broadcast_messages.rb
+++ b/lib/api/broadcast_messages.rb
@@ -90,10 +90,8 @@ module API
       end
       delete ':id' do
         message = find_message
-        check_unmodified_since(message.updated_at)
 
-        status 204
-        message.destroy
+        destroy_conditionally!(message)
       end
     end
   end
diff --git a/lib/api/deploy_keys.rb b/lib/api/deploy_keys.rb
index 971cc816454..f405c341398 100644
--- a/lib/api/deploy_keys.rb
+++ b/lib/api/deploy_keys.rb
@@ -125,10 +125,7 @@ module API
         key = user_project.deploy_keys_projects.find_by(deploy_key_id: params[:key_id])
         not_found!('Deploy Key') unless key
 
-        check_unmodified_since(key.updated_at)
-
-        status 204
-        key.destroy
+        destroy_conditionally!(key)
       end
     end
   end
diff --git a/lib/api/environments.rb b/lib/api/environments.rb
index 3fc423ae79a..e33269f9483 100644
--- a/lib/api/environments.rb
+++ b/lib/api/environments.rb
@@ -78,10 +78,8 @@ module API
         authorize! :update_environment, user_project
 
         environment = user_project.environments.find(params[:environment_id])
-        check_unmodified_since(environment.updated_at)
 
-        status 204
-        environment.destroy
+        destroy_conditionally!(environment)
       end
 
       desc 'Stops an existing environment' do
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index c9b32a85487..ee2ad27837b 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -117,11 +117,10 @@ module API
       delete ":id" do
         group = find_group!(params[:id])
         authorize! :admin_group, group
-        
-        check_unmodified_since(group.updated_at)
 
-        status 204
-        ::Groups::DestroyService.new(group, current_user).execute
+        destroy_conditionally!(group) do |group|
+          ::Groups::DestroyService.new(group, current_user).execute
+        end
       end
 
       desc 'Get a list of projects in this group.' do
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 1c74a14d91c..8d4f8c01903 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -11,14 +11,25 @@ module API
       declared(params, options).to_h.symbolize_keys
     end
 
-    def check_unmodified_since(last_modified)
-      if_unmodified_since = Time.parse(headers['If-Unmodified-Since']) if headers.key?('If-Unmodified-Since') rescue nil
+    def check_unmodified_since!(last_modified)
+      if_unmodified_since = Time.parse(headers['If-Unmodified-Since']) rescue nil
 
-      if if_unmodified_since && if_unmodified_since < last_modified
+      if if_unmodified_since && last_modified > if_unmodified_since
         render_api_error!('412 Precondition Failed', 412)
       end
     end
 
+    def destroy_conditionally!(resource, last_update_field: :updated_at)
+      check_unmodified_since!(resource.public_send(last_update_field))
+
+      status 204
+      if block_given?
+        yield resource
+      else
+        resource.destroy
+      end
+    end
+
     def current_user
       return @current_user if defined?(@current_user)
 
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index cee9898d3a6..6503629e2a2 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -230,10 +230,8 @@ module API
         not_found!('Issue') unless issue
 
         authorize!(:destroy_issue, issue)
-        check_unmodified_since(issue.updated_at)
 
-        status 204
-        issue.destroy
+        destroy_conditionally!(issue)
       end
 
       desc 'List merge requests closing issue'  do
diff --git a/lib/api/labels.rb b/lib/api/labels.rb
index 45fa57fdf55..c0cf618ee8d 100644
--- a/lib/api/labels.rb
+++ b/lib/api/labels.rb
@@ -56,10 +56,7 @@ module API
         label = user_project.labels.find_by(title: params[:name])
         not_found!('Label') unless label
 
-        check_unmodified_since(label.updated_at)
-
-        status 204
-        label.destroy
+        destroy_conditionally!(label)
       end
 
       desc 'Update an existing label. At least one optional parameter is required.' do
diff --git a/lib/api/members.rb b/lib/api/members.rb
index 5634f123eca..a5d3d7f25a0 100644
--- a/lib/api/members.rb
+++ b/lib/api/members.rb
@@ -93,12 +93,11 @@ module API
         end
         delete ":id/members/:user_id" do
           source = find_source(source_type, params[:id])
-          # Ensure that memeber exists
           member = source.members.find_by!(user_id: params[:user_id])
-          check_unmodified_since(member.updated_at)
 
-          status 204
-          ::Members::DestroyService.new(source, current_user, declared_params).execute
+          destroy_conditionally!(member) do
+            ::Members::DestroyService.new(source, current_user, declared_params).execute
+          end
         end
       end
     end
diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb
index c6fecc1aa6c..969c6064662 100644
--- a/lib/api/merge_requests.rb
+++ b/lib/api/merge_requests.rb
@@ -164,10 +164,8 @@ module API
         merge_request = find_project_merge_request(params[:merge_request_iid])
 
         authorize!(:destroy_merge_request, merge_request)
-        check_unmodified_since(merge_request.updated_at)
 
-        status 204
-        merge_request.destroy
+        destroy_conditionally!(merge_request)
       end
 
       params do
diff --git a/lib/api/notes.rb b/lib/api/notes.rb
index 58d71787aca..e116448c15b 100644
--- a/lib/api/notes.rb
+++ b/lib/api/notes.rb
@@ -131,10 +131,10 @@ module API
           note = user_project.notes.find(params[:note_id])
 
           authorize! :admin_note, note
-          check_unmodified_since(note.updated_at)
 
-          status 204
-          ::Notes::DestroyService.new(user_project, current_user).execute(note)
+          destroy_conditionally!(note) do |note|
+            ::Notes::DestroyService.new(user_project, current_user).execute(note)
+          end
         end
       end
     end
diff --git a/lib/api/project_hooks.rb b/lib/api/project_hooks.rb
index 74d736fda59..5b457bbe639 100644
--- a/lib/api/project_hooks.rb
+++ b/lib/api/project_hooks.rb
@@ -96,10 +96,7 @@ module API
       delete ":id/hooks/:hook_id" do
         hook = user_project.hooks.find(params.delete(:hook_id))
 
-        check_unmodified_since(hook.updated_at)
-
-        status 204
-        hook.destroy
+        destroy_conditionally!(hook)
       end
     end
   end
diff --git a/lib/api/project_snippets.rb b/lib/api/project_snippets.rb
index 645162d564d..704e8c6718d 100644
--- a/lib/api/project_snippets.rb
+++ b/lib/api/project_snippets.rb
@@ -116,10 +116,8 @@ module API
         not_found!('Snippet') unless snippet
 
         authorize! :admin_project_snippet, snippet
-        check_unmodified_since(snippet.updated_at)
 
-        status 204
-        snippet.destroy
+        destroy_conditionally!(snippet)
       end
 
       desc 'Get a raw project snippet'
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index eab0ca0b3c9..36fe3f243b9 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -334,9 +334,10 @@ module API
       desc 'Remove a project'
       delete ":id" do
         authorize! :remove_project, user_project
-        check_unmodified_since(user_project.updated_at)
 
-        ::Projects::DestroyService.new(user_project, current_user, {}).async_execute
+        destroy_conditionally!(user_project) do
+          ::Projects::DestroyService.new(user_project, current_user, {}).async_execute
+        end
 
         accepted!
       end
diff --git a/lib/api/runner.rb b/lib/api/runner.rb
index 88fc62d33df..daa8ddbe251 100644
--- a/lib/api/runner.rb
+++ b/lib/api/runner.rb
@@ -45,8 +45,10 @@ module API
       end
       delete '/' do
         authenticate_runner!
-        status 204
-        Ci::Runner.find_by_token(params[:token]).destroy
+
+        runner = Ci::Runner.find_by_token(params[:token])
+
+        destroy_conditionally!(runner)
       end
 
       desc 'Validates authentication credentials' do
diff --git a/lib/api/runners.rb b/lib/api/runners.rb
index e3b2eb904b7..68c2120cc15 100644
--- a/lib/api/runners.rb
+++ b/lib/api/runners.rb
@@ -79,10 +79,8 @@ module API
         runner = get_runner(params[:id])
 
         authenticate_delete_runner!(runner)
-        check_unmodified_since(runner.updated_at)
 
-        status 204
-        runner.destroy!
+        destroy_conditionally!(runner)
       end
     end
 
@@ -137,8 +135,7 @@ module API
         runner = runner_project.runner
         forbidden!("Only one project associated with the runner. Please remove the runner instead") if runner.projects.count == 1
 
-        status 204
-        runner_project.destroy
+        destroy_conditionally!(runner_project)
       end
     end
 
diff --git a/lib/api/services.rb b/lib/api/services.rb
index 4fef3383e5e..2b5ef75b6bf 100644
--- a/lib/api/services.rb
+++ b/lib/api/services.rb
@@ -655,8 +655,8 @@ module API
       end
       delete ":id/services/:service_slug" do
         service = user_project.find_or_initialize_service(params[:service_slug].underscore)
-        # Todo, not sure
-        check_unmodified_since(service.updated_at)
+        # Todo: Check if this done the right way
+        check_unmodified_since!(service.updated_at)
 
         attrs = service_attributes(service).inject({}) do |hash, key|
           hash.merge!(key => nil)
diff --git a/lib/api/snippets.rb b/lib/api/snippets.rb
index 7107b3d669c..00eb7c60f16 100644
--- a/lib/api/snippets.rb
+++ b/lib/api/snippets.rb
@@ -122,10 +122,8 @@ module API
         return not_found!('Snippet') unless snippet
 
         authorize! :destroy_personal_snippet, snippet
-        check_unmodified_since(snippet.updated_at)
 
-        status 204
-        snippet.destroy
+        destroy_conditionally!(snippet)
       end
 
       desc 'Get a raw snippet' do
diff --git a/lib/api/system_hooks.rb b/lib/api/system_hooks.rb
index 64066a75b15..6b6a03e3300 100644
--- a/lib/api/system_hooks.rb
+++ b/lib/api/system_hooks.rb
@@ -66,10 +66,7 @@ module API
         hook = SystemHook.find_by(id: params[:id])
         not_found!('System hook') unless hook
 
-        check_unmodified_since(hook.updated_at)
-
-        status 204
-        hook.destroy
+        destroy_conditionally!(hook)
       end
     end
   end
diff --git a/lib/api/triggers.rb b/lib/api/triggers.rb
index 4ae70c65759..c9fee7e5193 100644
--- a/lib/api/triggers.rb
+++ b/lib/api/triggers.rb
@@ -140,10 +140,7 @@ module API
         trigger = user_project.triggers.find(params.delete(:trigger_id))
         return not_found!('Trigger') unless trigger
 
-        check_unmodified_since(trigger.updated_at)
-
-        status 204
-        trigger.destroy
+        destroy_conditionally!(trigger)
       end
     end
   end
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 942bb72cf97..d7c7b9ae9c1 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -230,13 +230,7 @@ module API
         key = user.keys.find_by(id: params[:key_id])
         not_found!('Key') unless key
 
-<<<<<<< HEAD
-        status 204
-=======
-        check_unmodified_since(key.updated_at)
-
->>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
-        key.destroy
+        destroy_conditionally!(key)
       end
 
       desc 'Add an email address to a specified user. Available only for admins.' do
@@ -292,14 +286,11 @@ module API
         email = user.emails.find_by(id: params[:email_id])
         not_found!('Email') unless email
 
-<<<<<<< HEAD
-        Emails::DestroyService.new(user, email: email.email).execute
-=======
-        check_unmodified_since(email.updated_at)
+        destroy_conditionally!(email) do |email|
+          Emails::DestroyService.new(current_user, email: email.email).execute
+        end
 
-        email.destroy
         user.update_secondary_emails!
->>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
       end
 
       desc 'Delete a user. Available only for admins.' do
@@ -315,14 +306,9 @@ module API
         user = User.find_by(id: params[:id])
         not_found!('User') unless user
 
-<<<<<<< HEAD
-        status 204
-        user.delete_async(deleted_by: current_user, params: params)
-=======
-        check_unmodified_since(user.updated_at)
-
-        ::Users::DestroyService.new(current_user).execute(user)
->>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
+        destroy_conditionally!(user) do
+          user.delete_async(deleted_by: current_user, params: params)
+        end
       end
 
       desc 'Block a user. Available only for admins.'
@@ -500,10 +486,7 @@ module API
         key = current_user.keys.find_by(id: params[:key_id])
         not_found!('Key') unless key
 
-        check_unmodified_since(key.updated_at)
-
-        status 204
-        key.destroy
+        destroy_conditionally!(key)
       end
 
       desc "Get the currently authenticated user's email addresses" do
@@ -554,9 +537,11 @@ module API
         email = current_user.emails.find_by(id: params[:email_id])
         not_found!('Email') unless email
 
-<<<<<<< HEAD
-        status 204
-        Emails::DestroyService.new(current_user, email: email.email).execute
+        destroy_conditionally!(email) do |email|
+          Emails::DestroyService.new(current_user, email: email.email).execute
+        end
+
+        current_user.update_secondary_emails!
       end
 
       desc 'Get a list of user activities'
@@ -572,12 +557,6 @@ module API
           .reorder(last_activity_on: :asc)
 
         present paginate(activities), with: Entities::UserActivity
-=======
-        check_unmodified_since(email.updated_at)
-
-        email.destroy
-        current_user.update_secondary_emails!
->>>>>>> API: Respect the 'If-Unmodified-Since' for delete endpoints
       end
     end
   end
diff --git a/spec/requests/api/tags_spec.rb b/spec/requests/api/tags_spec.rb
index 9884c1ec206..54900c75eb8 100644
--- a/spec/requests/api/tags_spec.rb
+++ b/spec/requests/api/tags_spec.rb
@@ -283,7 +283,7 @@ describe API::Tags do
 
         it_behaves_like '404 response' do
           let(:request) { delete api(route, current_user) }
-          let(:message) { 'No such tag' }
+          let(:message) { '404 Tag Not Found' }
         end
       end
 
@@ -394,7 +394,7 @@ describe API::Tags do
 
         it_behaves_like '404 response' do
           let(:request) { put api(route, current_user), description: new_description }
-          let(:message) { 'Tag does not exist' }
+          let(:message) { '404 Tag Not Found' }
         end
       end
 

From f0f3f38576c0691e6d0e751c962382beea998afb Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Thu, 2 Mar 2017 14:21:36 +0100
Subject: [PATCH 19/57] Use commit date for branches and tags

---
 lib/api/branches.rb            | 15 +++++++++++----
 lib/api/tags.rb                | 15 +++++++++++----
 spec/requests/api/tags_spec.rb |  2 +-
 3 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/lib/api/branches.rb b/lib/api/branches.rb
index d3dbf941298..b87f7cdbad1 100644
--- a/lib/api/branches.rb
+++ b/lib/api/branches.rb
@@ -125,11 +125,18 @@ module API
       delete ':id/repository/branches/:branch', requirements: BRANCH_ENDPOINT_REQUIREMENTS do
         authorize_push_project
 
-        result = DeleteBranchService.new(user_project, current_user)
-                 .execute(params[:branch])
+        branch = user_project.repository.find_branch(params[:branch])
+        not_found!('Branch') unless branch
 
-        if result[:status] != :success
-          render_api_error!(result[:message], result[:return_code])
+        commit = user_project.repository.commit(branch.dereferenced_target)
+
+        destroy_conditionally!(commit, last_update_field: :authored_date) do
+          result = DeleteBranchService.new(user_project, current_user)
+                    .execute(params[:branch])
+
+          if result[:status] != :success
+            render_api_error!(result[:message], result[:return_code])
+          end
         end
       end
 
diff --git a/lib/api/tags.rb b/lib/api/tags.rb
index 1333747cced..81b17935b81 100644
--- a/lib/api/tags.rb
+++ b/lib/api/tags.rb
@@ -65,11 +65,18 @@ module API
       delete ':id/repository/tags/:tag_name', requirements: TAG_ENDPOINT_REQUIREMENTS do
         authorize_push_project
 
-        result = ::Tags::DestroyService.new(user_project, current_user)
-          .execute(params[:tag_name])
+        tag = user_project.repository.find_tag(params[:tag_name])
+        not_found!('Tag') unless tag
 
-        if result[:status] != :success
-          render_api_error!(result[:message], result[:return_code])
+        commit = user_project.repository.commit(tag.dereferenced_target)
+
+        destroy_conditionally!(commit, last_update_field: :authored_date) do
+          result = ::Tags::DestroyService.new(user_project, current_user)
+                    .execute(params[:tag_name])
+
+          if result[:status] != :success
+            render_api_error!(result[:message], result[:return_code])
+          end
         end
       end
 
diff --git a/spec/requests/api/tags_spec.rb b/spec/requests/api/tags_spec.rb
index 54900c75eb8..6ac0caa7fe8 100644
--- a/spec/requests/api/tags_spec.rb
+++ b/spec/requests/api/tags_spec.rb
@@ -394,7 +394,7 @@ describe API::Tags do
 
         it_behaves_like '404 response' do
           let(:request) { put api(route, current_user), description: new_description }
-          let(:message) { '404 Tag Not Found' }
+          let(:message) { 'Tag does not exist' }
         end
       end
 

From dcd4ea473cab20eee05995ecaca043da98ca5a8d Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Thu, 24 Aug 2017 10:41:54 +0200
Subject: [PATCH 20/57] Update remaining endpoints

---
 lib/api/group_variables.rb                   |  3 +--
 lib/api/helpers.rb                           |  2 +-
 lib/api/pipeline_schedules.rb                |  3 +--
 lib/api/projects.rb                          |  1 -
 lib/api/protected_branches.rb                |  4 +---
 lib/api/services.rb                          | 14 +++++++-------
 lib/api/users.rb                             |  7 +++++--
 lib/api/variables.rb                         |  1 +
 spec/requests/api/pipeline_schedules_spec.rb |  3 +--
 9 files changed, 18 insertions(+), 20 deletions(-)

diff --git a/lib/api/group_variables.rb b/lib/api/group_variables.rb
index f64da4ab77b..25152f30998 100644
--- a/lib/api/group_variables.rb
+++ b/lib/api/group_variables.rb
@@ -88,8 +88,7 @@ module API
         variable = user_group.variables.find_by(key: params[:key])
         not_found!('GroupVariable') unless variable
 
-        status 204
-        variable.destroy
+        destroy_conditionally!(variable)
       end
     end
   end
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 8d4f8c01903..84980864151 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -14,7 +14,7 @@ module API
     def check_unmodified_since!(last_modified)
       if_unmodified_since = Time.parse(headers['If-Unmodified-Since']) rescue nil
 
-      if if_unmodified_since && last_modified > if_unmodified_since
+      if if_unmodified_since && last_modified && last_modified > if_unmodified_since
         render_api_error!('412 Precondition Failed', 412)
       end
     end
diff --git a/lib/api/pipeline_schedules.rb b/lib/api/pipeline_schedules.rb
index dbeaf9e17ef..e3123ef4e2d 100644
--- a/lib/api/pipeline_schedules.rb
+++ b/lib/api/pipeline_schedules.rb
@@ -117,8 +117,7 @@ module API
         not_found!('PipelineSchedule') unless pipeline_schedule
         authorize! :admin_pipeline_schedule, pipeline_schedule
 
-        status :accepted
-        present pipeline_schedule.destroy, with: Entities::PipelineScheduleDetails
+        destroy_conditionally!(pipeline_schedule)
       end
     end
 
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 36fe3f243b9..78e25b6da03 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -1,7 +1,6 @@
 require_dependency 'declarative_policy'
 
 module API
-  # Projects API
   class Projects < Grape::API
     include PaginationParams
 
diff --git a/lib/api/protected_branches.rb b/lib/api/protected_branches.rb
index dccf4fa27a7..15fcb9e8e27 100644
--- a/lib/api/protected_branches.rb
+++ b/lib/api/protected_branches.rb
@@ -76,9 +76,7 @@ module API
       delete ':id/protected_branches/:name', requirements: BRANCH_ENDPOINT_REQUIREMENTS do
         protected_branch = user_project.protected_branches.find_by!(name: params[:name])
 
-        protected_branch.destroy
-
-        status 204
+        destroy_conditionally!(protected_branch)
       end
     end
   end
diff --git a/lib/api/services.rb b/lib/api/services.rb
index 2b5ef75b6bf..ff9ddd44439 100644
--- a/lib/api/services.rb
+++ b/lib/api/services.rb
@@ -655,15 +655,15 @@ module API
       end
       delete ":id/services/:service_slug" do
         service = user_project.find_or_initialize_service(params[:service_slug].underscore)
-        # Todo: Check if this done the right way
-        check_unmodified_since!(service.updated_at)
 
-        attrs = service_attributes(service).inject({}) do |hash, key|
-          hash.merge!(key => nil)
-        end
+        destroy_conditionally!(service) do
+          attrs = service_attributes(service).inject({}) do |hash, key|
+            hash.merge!(key => nil)
+          end
 
-        unless service.update_attributes(attrs.merge(active: false))
-          render_api_error!('400 Bad Request', 400)
+          unless service.update_attributes(attrs.merge(active: false))
+            render_api_error!('400 Bad Request', 400)
+          end
         end
       end
 
diff --git a/lib/api/users.rb b/lib/api/users.rb
index d7c7b9ae9c1..96f47bb618a 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -408,8 +408,11 @@ module API
             requires :impersonation_token_id, type: Integer, desc: 'The ID of the impersonation token'
           end
           delete ':impersonation_token_id' do
-            status 204
-            find_impersonation_token.revoke!
+            token = find_impersonation_token
+
+            destroy_conditionally!(token) do
+              token.revoke!
+            end
           end
         end
       end
diff --git a/lib/api/variables.rb b/lib/api/variables.rb
index 7c0fdd3d1be..da71787abab 100644
--- a/lib/api/variables.rb
+++ b/lib/api/variables.rb
@@ -88,6 +88,7 @@ module API
         variable = user_project.variables.find_by(key: params[:key])
         not_found!('Variable') unless variable
 
+        # Variables don't have any timestamp. Therfore, destroy unconditionally.
         status 204
         variable.destroy
       end
diff --git a/spec/requests/api/pipeline_schedules_spec.rb b/spec/requests/api/pipeline_schedules_spec.rb
index 1fc0ec528b9..150a391bb8d 100644
--- a/spec/requests/api/pipeline_schedules_spec.rb
+++ b/spec/requests/api/pipeline_schedules_spec.rb
@@ -267,8 +267,7 @@ describe API::PipelineSchedules do
           delete api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", master)
         end.to change { project.pipeline_schedules.count }.by(-1)
 
-        expect(response).to have_http_status(:accepted)
-        expect(response).to match_response_schema('pipeline_schedule')
+        expect(response).to have_http_status(204)
       end
 
       it 'responds with 404 Not Found if requesting non-existing pipeline_schedule' do

From 915dd57fe26fb228f30ae08edc4905b24d4c4339 Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Thu, 24 Aug 2017 18:03:39 +0200
Subject: [PATCH 21/57] Add tests for the unmodified header

---
 spec/requests/api/award_emoji_spec.rb         | 16 +++++
 spec/requests/api/boards_spec.rb              |  4 ++
 spec/requests/api/branches_spec.rb            |  4 ++
 spec/requests/api/broadcast_messages_spec.rb  |  4 ++
 spec/requests/api/deploy_keys_spec.rb         |  4 ++
 spec/requests/api/environments_spec.rb        |  4 ++
 spec/requests/api/group_variables_spec.rb     |  4 ++
 spec/requests/api/groups_spec.rb              |  4 ++
 spec/requests/api/issues_spec.rb              |  4 ++
 spec/requests/api/labels_spec.rb              |  5 ++
 spec/requests/api/members_spec.rb             |  4 ++
 spec/requests/api/merge_requests_spec.rb      |  4 ++
 spec/requests/api/notes_spec.rb               | 12 ++++
 spec/requests/api/pipeline_schedules_spec.rb  |  4 ++
 spec/requests/api/project_hooks_spec.rb       |  4 ++
 spec/requests/api/project_snippets_spec.rb    |  7 +-
 spec/requests/api/projects_spec.rb            | 69 +++++++++++++------
 spec/requests/api/protected_branches_spec.rb  |  4 ++
 spec/requests/api/runner_spec.rb              |  5 ++
 spec/requests/api/runners_spec.rb             | 12 ++++
 spec/requests/api/snippets_spec.rb            |  4 ++
 spec/requests/api/system_hooks_spec.rb        |  4 ++
 spec/requests/api/tags_spec.rb                |  4 ++
 spec/requests/api/triggers_spec.rb            |  4 ++
 spec/requests/api/users_spec.rb               | 24 +++++++
 .../requests/api/status_shared_examples.rb    | 11 +++
 26 files changed, 206 insertions(+), 23 deletions(-)

diff --git a/spec/requests/api/award_emoji_spec.rb b/spec/requests/api/award_emoji_spec.rb
index 1dd9f3f6ddc..593068b8cd7 100644
--- a/spec/requests/api/award_emoji_spec.rb
+++ b/spec/requests/api/award_emoji_spec.rb
@@ -253,6 +253,10 @@ describe API::AwardEmoji do
 
         expect(response).to have_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/issues/#{issue.iid}/award_emoji/#{award_emoji.id}", user) }
+      end
     end
 
     context 'when the awardable is a Merge Request' do
@@ -269,6 +273,10 @@ describe API::AwardEmoji do
 
         expect(response).to have_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/award_emoji/#{downvote.id}", user) }
+      end
     end
 
     context 'when the awardable is a Snippet' do
@@ -282,6 +290,10 @@ describe API::AwardEmoji do
           expect(response).to have_http_status(204)
         end.to change { snippet.award_emoji.count }.from(1).to(0)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/snippets/#{snippet.id}/award_emoji/#{award.id}", user) }
+      end
     end
   end
 
@@ -295,5 +307,9 @@ describe API::AwardEmoji do
         expect(response).to have_http_status(204)
       end.to change { note.award_emoji.count }.from(1).to(0)
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/issues/#{issue.iid}/notes/#{note.id}/award_emoji/#{rocket.id}", user) }
+    end
   end
 end
diff --git a/spec/requests/api/boards_spec.rb b/spec/requests/api/boards_spec.rb
index 43b381c2219..f698d5dddb3 100644
--- a/spec/requests/api/boards_spec.rb
+++ b/spec/requests/api/boards_spec.rb
@@ -195,6 +195,10 @@ describe API::Boards do
 
         expect(response).to have_http_status(204)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("#{base_url}/#{dev_list.id}", owner) }
+      end
     end
   end
 end
diff --git a/spec/requests/api/branches_spec.rb b/spec/requests/api/branches_spec.rb
index 5a2e1b2cf2d..b1e011de604 100644
--- a/spec/requests/api/branches_spec.rb
+++ b/spec/requests/api/branches_spec.rb
@@ -499,6 +499,10 @@ describe API::Branches do
 
       expect(response).to have_gitlab_http_status(404)
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/repository/branches/#{branch_name}", user) }
+    end
   end
 
   describe 'DELETE /projects/:id/repository/merged_branches' do
diff --git a/spec/requests/api/broadcast_messages_spec.rb b/spec/requests/api/broadcast_messages_spec.rb
index 67989689799..b043a333d33 100644
--- a/spec/requests/api/broadcast_messages_spec.rb
+++ b/spec/requests/api/broadcast_messages_spec.rb
@@ -171,6 +171,10 @@ describe API::BroadcastMessages do
       expect(response).to have_http_status(403)
     end
 
+    it_behaves_like '412 response' do
+      let(:request) { api("/broadcast_messages/#{message.id}", admin) }
+    end
+
     it 'deletes the broadcast message for admins' do
       expect do
         delete api("/broadcast_messages/#{message.id}", admin)
diff --git a/spec/requests/api/deploy_keys_spec.rb b/spec/requests/api/deploy_keys_spec.rb
index e497ec333a2..684877c33c0 100644
--- a/spec/requests/api/deploy_keys_spec.rb
+++ b/spec/requests/api/deploy_keys_spec.rb
@@ -190,6 +190,10 @@ describe API::DeployKeys do
 
       expect(response).to have_http_status(404)
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/deploy_keys/#{deploy_key.id}", admin) }
+    end
   end
 
   describe 'POST /projects/:id/deploy_keys/:key_id/enable' do
diff --git a/spec/requests/api/environments_spec.rb b/spec/requests/api/environments_spec.rb
index 87716c6fe3a..2361809e0e1 100644
--- a/spec/requests/api/environments_spec.rb
+++ b/spec/requests/api/environments_spec.rb
@@ -138,6 +138,10 @@ describe API::Environments do
         expect(response).to have_http_status(404)
         expect(json_response['message']).to eq('404 Not found')
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/environments/#{environment.id}", user) }
+      end
     end
 
     context 'a non member' do
diff --git a/spec/requests/api/group_variables_spec.rb b/spec/requests/api/group_variables_spec.rb
index 2179790d098..93b9cf85c1d 100644
--- a/spec/requests/api/group_variables_spec.rb
+++ b/spec/requests/api/group_variables_spec.rb
@@ -200,6 +200,10 @@ describe API::GroupVariables do
 
         expect(response).to have_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/groups/#{group.id}/variables/#{variable.key}", user) }
+      end
     end
 
     context 'authorized user with invalid permissions' do
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index a7557c7fb22..39d76cdbc74 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -488,6 +488,10 @@ describe API::Groups do
         expect(response).to have_http_status(204)
       end
 
+      it_behaves_like '412 response' do
+        let(:request) { api("/groups/#{group1.id}", user1) }
+      end
+
       it "does not remove a group if not an owner" do
         user4 = create(:user)
         group1.add_master(user4)
diff --git a/spec/requests/api/issues_spec.rb b/spec/requests/api/issues_spec.rb
index 7d120e4a234..58d89451073 100644
--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -1304,6 +1304,10 @@ describe API::Issues, :mailer do
 
         expect(response).to have_http_status(204)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/issues/#{issue.iid}", owner) }
+      end
     end
 
     context 'when issue does not exist' do
diff --git a/spec/requests/api/labels_spec.rb b/spec/requests/api/labels_spec.rb
index 5a4257d1009..b231fdea2a3 100644
--- a/spec/requests/api/labels_spec.rb
+++ b/spec/requests/api/labels_spec.rb
@@ -189,6 +189,11 @@ describe API::Labels do
       delete api("/projects/#{project.id}/labels", user)
       expect(response).to have_http_status(400)
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/labels", user) }
+      let(:params) { { name: 'label1' } }
+    end
   end
 
   describe 'PUT /projects/:id/labels' do
diff --git a/spec/requests/api/members_spec.rb b/spec/requests/api/members_spec.rb
index 06aca698c91..d3bae8d2888 100644
--- a/spec/requests/api/members_spec.rb
+++ b/spec/requests/api/members_spec.rb
@@ -284,6 +284,10 @@ describe API::Members do
             expect(response).to have_http_status(204)
           end.to change { source.members.count }.by(-1)
         end
+
+        it_behaves_like '412 response' do
+          let(:request) { api("/#{source_type.pluralize}/#{source.id}/members/#{developer.id}", master) }
+        end
       end
 
       it 'returns 404 if member does not exist' do
diff --git a/spec/requests/api/merge_requests_spec.rb b/spec/requests/api/merge_requests_spec.rb
index 0db645863fb..9027090aabd 100644
--- a/spec/requests/api/merge_requests_spec.rb
+++ b/spec/requests/api/merge_requests_spec.rb
@@ -698,6 +698,10 @@ describe API::MergeRequests do
 
         expect(response).to have_gitlab_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/merge_requests/#{merge_request.iid}", user) }
+      end
     end
   end
 
diff --git a/spec/requests/api/notes_spec.rb b/spec/requests/api/notes_spec.rb
index 75e5062a99c..f5882c0c74a 100644
--- a/spec/requests/api/notes_spec.rb
+++ b/spec/requests/api/notes_spec.rb
@@ -390,6 +390,10 @@ describe API::Notes do
 
         expect(response).to have_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/issues/#{issue.iid}/notes/#{issue_note.id}", user) }
+      end
     end
 
     context 'when noteable is a Snippet' do
@@ -410,6 +414,10 @@ describe API::Notes do
 
         expect(response).to have_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/snippets/#{snippet.id}/notes/#{snippet_note.id}", user) }
+      end
     end
 
     context 'when noteable is a Merge Request' do
@@ -430,6 +438,10 @@ describe API::Notes do
 
         expect(response).to have_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/notes/#{merge_request_note.id}", user) }
+      end
     end
   end
 end
diff --git a/spec/requests/api/pipeline_schedules_spec.rb b/spec/requests/api/pipeline_schedules_spec.rb
index 150a391bb8d..b6a5a7ffbb5 100644
--- a/spec/requests/api/pipeline_schedules_spec.rb
+++ b/spec/requests/api/pipeline_schedules_spec.rb
@@ -275,6 +275,10 @@ describe API::PipelineSchedules do
 
         expect(response).to have_http_status(:not_found)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/pipeline_schedules/#{pipeline_schedule.id}", master) }
+      end
     end
 
     context 'authenticated user with invalid permissions' do
diff --git a/spec/requests/api/project_hooks_spec.rb b/spec/requests/api/project_hooks_spec.rb
index 2829c243af3..ac3bab09c4c 100644
--- a/spec/requests/api/project_hooks_spec.rb
+++ b/spec/requests/api/project_hooks_spec.rb
@@ -212,5 +212,9 @@ describe API::ProjectHooks, 'ProjectHooks' do
       expect(response).to have_http_status(404)
       expect(WebHook.exists?(hook.id)).to be_truthy
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/hooks/#{hook.id}", user) }
+    end
   end
 end
diff --git a/spec/requests/api/project_snippets_spec.rb b/spec/requests/api/project_snippets_spec.rb
index 2b541f5719e..0ea95f487ac 100644
--- a/spec/requests/api/project_snippets_spec.rb
+++ b/spec/requests/api/project_snippets_spec.rb
@@ -228,9 +228,6 @@ describe API::ProjectSnippets do
     let(:snippet) { create(:project_snippet, author: admin) }
 
     it 'deletes snippet' do
-      admin = create(:admin)
-      snippet = create(:project_snippet, author: admin)
-
       delete api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin)
 
       expect(response).to have_http_status(204)
@@ -242,6 +239,10 @@ describe API::ProjectSnippets do
       expect(response).to have_http_status(404)
       expect(json_response['message']).to eq('404 Snippet Not Found')
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{snippet.project.id}/snippets/#{snippet.id}/", admin) }
+    end
   end
 
   describe 'GET /projects/:project_id/snippets/:id/raw' do
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index a89a58ff713..46550243d06 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -1029,6 +1029,10 @@ describe API::Projects do
       delete api("/projects/#{project.id}/snippets/1234", user)
       expect(response).to have_http_status(404)
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/snippets/#{snippet.id}", user) }
+    end
   end
 
   describe 'GET /projects/:id/snippets/:snippet_id/raw' do
@@ -1104,25 +1108,33 @@ describe API::Projects do
           project_fork_target.group.add_developer user2
         end
 
+        context 'for a forked project' do
+          before do
+            post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
+            project_fork_target.reload
+            expect(project_fork_target.forked_from_project).not_to be_nil
+            expect(project_fork_target.forked?).to be_truthy
+          end
+
+          it 'makes forked project unforked' do
+            delete api("/projects/#{project_fork_target.id}/fork", admin)
+
+            expect(response).to have_http_status(204)
+            project_fork_target.reload
+            expect(project_fork_target.forked_from_project).to be_nil
+            expect(project_fork_target.forked?).not_to be_truthy
+          end
+
+          it_behaves_like '412 response' do
+            let(:request) { api("/projects/#{project_fork_target.id}/fork", admin) }
+          end
+        end
+
         it 'is forbidden to non-owner users' do
           delete api("/projects/#{project_fork_target.id}/fork", user2)
           expect(response).to have_http_status(403)
         end
 
-        it 'makes forked project unforked' do
-          post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
-          project_fork_target.reload
-          expect(project_fork_target.forked_from_project).not_to be_nil
-          expect(project_fork_target.forked?).to be_truthy
-
-          delete api("/projects/#{project_fork_target.id}/fork", admin)
-
-          expect(response).to have_http_status(204)
-          project_fork_target.reload
-          expect(project_fork_target.forked_from_project).to be_nil
-          expect(project_fork_target.forked?).not_to be_truthy
-        end
-
         it 'is idempotent if not forked' do
           expect(project_fork_target.forked_from_project).to be_nil
           delete api("/projects/#{project_fork_target.id}/fork", admin)
@@ -1188,14 +1200,23 @@ describe API::Projects do
   end
 
   describe 'DELETE /projects/:id/share/:group_id' do
-    it 'returns 204 when deleting a group share' do
-      group = create(:group, :public)
-      create(:project_group_link, group: group, project: project)
+    context 'for a valid group' do
+      let(:group) { create(:group, :public) }
 
-      delete api("/projects/#{project.id}/share/#{group.id}", user)
+      before do
+        create(:project_group_link, group: group, project: project)
+      end
 
-      expect(response).to have_http_status(204)
-      expect(project.project_group_links).to be_empty
+      it 'returns 204 when deleting a group share' do
+        delete api("/projects/#{project.id}/share/#{group.id}", user)
+
+        expect(response).to have_http_status(204)
+        expect(project.project_group_links).to be_empty
+      end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/share/#{group.id}", user) }
+      end
     end
 
     it 'returns a 400 when group id is not an integer' do
@@ -1519,6 +1540,10 @@ describe API::Projects do
         expect(json_response['message']).to eql('202 Accepted')
       end
 
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}", user) }
+      end
+
       it 'does not remove a project if not an owner' do
         user3 = create(:user)
         project.team << [user3, :developer]
@@ -1549,6 +1574,10 @@ describe API::Projects do
         delete api('/projects/1328', admin)
         expect(response).to have_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}", admin) }
+      end
     end
   end
 
diff --git a/spec/requests/api/protected_branches_spec.rb b/spec/requests/api/protected_branches_spec.rb
index 1aa8a95780e..07d7f96bd70 100644
--- a/spec/requests/api/protected_branches_spec.rb
+++ b/spec/requests/api/protected_branches_spec.rb
@@ -213,6 +213,10 @@ describe API::ProtectedBranches do
       expect(response).to have_gitlab_http_status(204)
     end
 
+    it_behaves_like '412 response' do
+      let(:request) { api("/projects/#{project.id}/protected_branches/#{branch_name}", user) }
+    end
+
     it "returns 404 if branch does not exist" do
       delete api("/projects/#{project.id}/protected_branches/barfoo", user)
 
diff --git a/spec/requests/api/runner_spec.rb b/spec/requests/api/runner_spec.rb
index e9ee3dd679d..993164aa8fe 100644
--- a/spec/requests/api/runner_spec.rb
+++ b/spec/requests/api/runner_spec.rb
@@ -149,6 +149,11 @@ describe API::Runner do
           expect(response).to have_http_status 204
           expect(Ci::Runner.count).to eq(0)
         end
+
+        it_behaves_like '412 response' do
+          let(:request) { api('/runners') }
+          let(:params) { { token: runner.token } }
+        end
       end
     end
 
diff --git a/spec/requests/api/runners_spec.rb b/spec/requests/api/runners_spec.rb
index c8ff25f70fa..244895a417e 100644
--- a/spec/requests/api/runners_spec.rb
+++ b/spec/requests/api/runners_spec.rb
@@ -279,6 +279,10 @@ describe API::Runners do
             expect(response).to have_http_status(204)
           end.to change { Ci::Runner.shared.count }.by(-1)
         end
+
+        it_behaves_like '412 response' do
+          let(:request) { api("/runners/#{shared_runner.id}", admin) }
+        end
       end
 
       context 'when runner is not shared' do
@@ -332,6 +336,10 @@ describe API::Runners do
             expect(response).to have_http_status(204)
           end.to change { Ci::Runner.specific.count }.by(-1)
         end
+
+        it_behaves_like '412 response' do
+          let(:request) { api("/runners/#{specific_runner.id}", user) }
+        end
       end
     end
 
@@ -463,6 +471,10 @@ describe API::Runners do
             expect(response).to have_http_status(204)
           end.to change { project.runners.count }.by(-1)
         end
+
+        it_behaves_like '412 response' do
+          let(:request) { api("/projects/#{project.id}/runners/#{two_projects_runner.id}", user) }
+        end
       end
 
       context 'when runner have one associated projects' do
diff --git a/spec/requests/api/snippets_spec.rb b/spec/requests/api/snippets_spec.rb
index d09b8bc42f1..351dd3276d0 100644
--- a/spec/requests/api/snippets_spec.rb
+++ b/spec/requests/api/snippets_spec.rb
@@ -270,6 +270,10 @@ describe API::Snippets do
       expect(response).to have_http_status(404)
       expect(json_response['message']).to eq('404 Snippet Not Found')
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/snippets/#{public_snippet.id}", user) }
+    end
   end
 
   describe "GET /snippets/:id/user_agent_detail" do
diff --git a/spec/requests/api/system_hooks_spec.rb b/spec/requests/api/system_hooks_spec.rb
index f65b475fe44..216d278ad21 100644
--- a/spec/requests/api/system_hooks_spec.rb
+++ b/spec/requests/api/system_hooks_spec.rb
@@ -102,5 +102,9 @@ describe API::SystemHooks do
 
       expect(response).to have_http_status(404)
     end
+
+    it_behaves_like '412 response' do
+      let(:request) { api("/hooks/#{hook.id}", admin) }
+    end
   end
 end
diff --git a/spec/requests/api/tags_spec.rb b/spec/requests/api/tags_spec.rb
index 6ac0caa7fe8..0bf7863bdc8 100644
--- a/spec/requests/api/tags_spec.rb
+++ b/spec/requests/api/tags_spec.rb
@@ -278,6 +278,10 @@ describe API::Tags do
         expect(response).to have_gitlab_http_status(204)
       end
 
+      it_behaves_like '412 response' do
+        let(:request) { api(route, current_user) }
+      end
+
       context 'when tag does not exist' do
         let(:tag_name) { 'unknown' }
 
diff --git a/spec/requests/api/triggers_spec.rb b/spec/requests/api/triggers_spec.rb
index 1e206fd2a9e..d1ed57b1825 100644
--- a/spec/requests/api/triggers_spec.rb
+++ b/spec/requests/api/triggers_spec.rb
@@ -293,6 +293,10 @@ describe API::Triggers do
 
         expect(response).to have_http_status(404)
       end
+
+      it_behaves_like '412 response' do
+        let(:request) { api("/projects/#{project.id}/triggers/#{trigger.id}", user) }
+      end
     end
 
     context 'authenticated user with invalid permissions' do
diff --git a/spec/requests/api/users_spec.rb b/spec/requests/api/users_spec.rb
index 49739a1601a..5fef4437997 100644
--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -733,6 +733,10 @@ describe API::Users do
         end.to change { user.keys.count }.by(-1)
       end
 
+      it_behaves_like '412 response' do
+        let(:request) { api("/users/#{user.id}/keys/#{key.id}", admin) }
+      end
+
       it 'returns 404 error if user not found' do
         user.keys << key
         user.save
@@ -838,6 +842,10 @@ describe API::Users do
         end.to change { user.emails.count }.by(-1)
       end
 
+      it_behaves_like '412 response' do
+        let(:request) { api("/users/#{user.id}/emails/#{email.id}", admin) }
+      end
+
       it 'returns 404 error if user not found' do
         user.emails << email
         user.save
@@ -876,6 +884,10 @@ describe API::Users do
       expect { Namespace.find(namespace.id) }.to raise_error ActiveRecord::RecordNotFound
     end
 
+    it_behaves_like '412 response' do
+      let(:request) { api("/users/#{user.id}", admin) }
+    end
+
     it "does not delete for unauthenticated user" do
       Sidekiq::Testing.inline! { delete api("/users/#{user.id}") }
       expect(response).to have_http_status(401)
@@ -1116,6 +1128,10 @@ describe API::Users do
       end.to change { user.keys.count}.by(-1)
     end
 
+    it_behaves_like '412 response' do
+      let(:request) { api("/user/keys/#{key.id}", user) }
+    end
+
     it "returns 404 if key ID not found" do
       delete api("/user/keys/42", user)
 
@@ -1239,6 +1255,10 @@ describe API::Users do
       end.to change { user.emails.count}.by(-1)
     end
 
+    it_behaves_like '412 response' do
+      let(:request) { api("/user/emails/#{email.id}", user) }
+    end
+
     it "returns 404 if email ID not found" do
       delete api("/user/emails/42", user)
 
@@ -1551,6 +1571,10 @@ describe API::Users do
       expect(json_response['message']).to eq('403 Forbidden')
     end
 
+    it_behaves_like '412 response' do
+      let(:request) { api("/users/#{user.id}/impersonation_tokens/#{impersonation_token.id}", admin) }
+    end
+
     it 'revokes a impersonation token' do
       delete api("/users/#{user.id}/impersonation_tokens/#{impersonation_token.id}", admin)
 
diff --git a/spec/support/shared_examples/requests/api/status_shared_examples.rb b/spec/support/shared_examples/requests/api/status_shared_examples.rb
index 226277411d6..1bffd1e49db 100644
--- a/spec/support/shared_examples/requests/api/status_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/status_shared_examples.rb
@@ -40,3 +40,14 @@ shared_examples_for '404 response' do
     end
   end
 end
+
+shared_examples_for '412 response' do
+  let(:params) { nil }
+  before do
+    delete request, params, { 'HTTP_IF_UNMODIFIED_SINCE' => '1990-01-12T00:00:48-0600' }
+  end
+
+  it 'returns 412' do
+    expect(response).to have_gitlab_http_status(412)
+  end
+end

From 8bd9fb4cc4f8689a23c68e1b7f893ee59907069f Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Fri, 25 Aug 2017 14:31:09 +0200
Subject: [PATCH 22/57] Add changelog and doc

---
 changelogs/unreleased/api-delete-respect-headers.yml | 5 +++++
 doc/api/README.md                                    | 1 +
 2 files changed, 6 insertions(+)
 create mode 100644 changelogs/unreleased/api-delete-respect-headers.yml

diff --git a/changelogs/unreleased/api-delete-respect-headers.yml b/changelogs/unreleased/api-delete-respect-headers.yml
new file mode 100644
index 00000000000..cfc8fbfdf91
--- /dev/null
+++ b/changelogs/unreleased/api-delete-respect-headers.yml
@@ -0,0 +1,5 @@
+---
+title: 'API: Respect the "If-Unmodified-Since" header when delting a resource'
+merge_request: 9621
+author: Robert Schilling
+type: added
diff --git a/doc/api/README.md b/doc/api/README.md
index 266b5f018d9..c2a08dcff07 100644
--- a/doc/api/README.md
+++ b/doc/api/README.md
@@ -263,6 +263,7 @@ The following table shows the possible return codes for API requests.
 | `404 Not Found` | A resource could not be accessed, e.g., an ID for a resource could not be found. |
 | `405 Method Not Allowed` | The request is not supported. |
 | `409 Conflict` | A conflicting resource already exists, e.g., creating a project with a name that already exists. |
+| `412` | Indicates the request was denied. May happen if the `If-Unmodified-Since` header is provided when trying to delete a resource, which was modified in between. |
 | `422 Unprocessable` | The entity could not be processed. |
 | `500 Server Error` | While handling the request something went wrong server-side. |
 

From 87b51c5981db3b1b9831b01ca6e74127d57dc2d9 Mon Sep 17 00:00:00 2001
From: Hiroyuki Sato <sathiroyuki@gmail.com>
Date: Tue, 29 Aug 2017 07:14:41 +0900
Subject: [PATCH 23/57] Move the logic to a concern

---
 app/models/user.rb                  |  3 ++-
 lib/gitlab/sql/pattern.rb           | 39 ++++++++++++-----------------
 spec/lib/gitlab/sql/pattern_spec.rb | 16 ++++++------
 3 files changed, 26 insertions(+), 32 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index e5a84ce4080..70787de4b40 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -5,6 +5,7 @@ class User < ActiveRecord::Base
 
   include Gitlab::ConfigHelper
   include Gitlab::CurrentSettings
+  include Gitlab::SQL::Pattern
   include Avatarable
   include Referable
   include Sortable
@@ -303,7 +304,7 @@ class User < ActiveRecord::Base
     # Returns an ActiveRecord::Relation.
     def search(query)
       table   = arel_table
-      pattern = Gitlab::SQL::Pattern.new(query).to_sql
+      pattern = User.to_pattern(query)
 
       order = <<~SQL
         CASE
diff --git a/lib/gitlab/sql/pattern.rb b/lib/gitlab/sql/pattern.rb
index 46c973d8a11..26bfeeeee67 100644
--- a/lib/gitlab/sql/pattern.rb
+++ b/lib/gitlab/sql/pattern.rb
@@ -1,33 +1,26 @@
 module Gitlab
   module SQL
-    class Pattern
+    module Pattern
+      extend ActiveSupport::Concern
+
       MIN_CHARS_FOR_PARTIAL_MATCHING = 3
 
-      attr_reader :query
-
-      def initialize(query)
-        @query = query
-      end
-
-      def to_sql
-        if exact_matching?
-          sanitized_query
-        else
-          "%#{sanitized_query}%"
+      class_methods do
+        def to_pattern(query)
+          if exact_matching?(query)
+            sanitize_sql_like(query)
+          else
+            "%#{sanitize_sql_like(query)}%"
+          end
         end
-      end
 
-      def exact_matching?
-        !partial_matching?
-      end
+        def exact_matching?(query)
+          query.length < MIN_CHARS_FOR_PARTIAL_MATCHING
+        end
 
-      def partial_matching?
-        @query.length >= MIN_CHARS_FOR_PARTIAL_MATCHING
-      end
-
-      def sanitized_query
-        # Note: ActiveRecord::Base.sanitize_sql_like is a protected method
-        ActiveRecord::Base.__send__(:sanitize_sql_like, query)
+        def partial_matching?(query)
+          query.length >= MIN_CHARS_FOR_PARTIAL_MATCHING
+        end
       end
     end
   end
diff --git a/spec/lib/gitlab/sql/pattern_spec.rb b/spec/lib/gitlab/sql/pattern_spec.rb
index d0412f37098..224336421be 100644
--- a/spec/lib/gitlab/sql/pattern_spec.rb
+++ b/spec/lib/gitlab/sql/pattern_spec.rb
@@ -1,14 +1,14 @@
 require 'spec_helper'
 
 describe Gitlab::SQL::Pattern do
-  describe '#to_sql' do
-    subject(:to_sql) { described_class.new(query).to_sql }
+  describe '#to_pattern' do
+    subject(:to_pattern) { User.to_pattern(query) }
 
     context 'when a query is shorter than 3 chars' do
       let(:query) { '12' }
 
       it 'returns exact matching pattern' do
-        expect(to_sql).to eq('12')
+        expect(to_pattern).to eq('12')
       end
     end
 
@@ -16,7 +16,7 @@ describe Gitlab::SQL::Pattern do
       let(:query) { '_2' }
 
       it 'returns sanitized exact matching pattern' do
-        expect(to_sql).to eq('\_2')
+        expect(to_pattern).to eq('\_2')
       end
     end
 
@@ -24,7 +24,7 @@ describe Gitlab::SQL::Pattern do
       let(:query) { '123' }
 
       it 'returns partial matching pattern' do
-        expect(to_sql).to eq('%123%')
+        expect(to_pattern).to eq('%123%')
       end
     end
 
@@ -32,7 +32,7 @@ describe Gitlab::SQL::Pattern do
       let(:query) { '_23' }
 
       it 'returns partial matching pattern' do
-        expect(to_sql).to eq('%\_23%')
+        expect(to_pattern).to eq('%\_23%')
       end
     end
 
@@ -40,7 +40,7 @@ describe Gitlab::SQL::Pattern do
       let(:query) { '1234' }
 
       it 'returns partial matching pattern' do
-        expect(to_sql).to eq('%1234%')
+        expect(to_pattern).to eq('%1234%')
       end
     end
 
@@ -48,7 +48,7 @@ describe Gitlab::SQL::Pattern do
       let(:query) { '_234' }
 
       it 'returns sanitized partial matching pattern' do
-        expect(to_sql).to eq('%\_234%')
+        expect(to_pattern).to eq('%\_234%')
       end
     end
   end

From ee4820a5268d02fb7ed142511d1a194f06629a1e Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Mon, 28 Aug 2017 17:13:22 +0200
Subject: [PATCH 24/57] Add a spec when ressource is not modified

---
 lib/api/projects.rb                           |  6 ++---
 spec/requests/api/projects_spec.rb            |  2 ++
 .../requests/api/status_shared_examples.rb    | 22 +++++++++++++++----
 3 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 78e25b6da03..78d900984ac 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -365,8 +365,7 @@ module API
         authorize! :remove_fork_project, user_project
 
         if user_project.forked?
-          status 204
-          user_project.forked_project_link.destroy
+          destroy_conditionally!(user_project.forked_project_link)
         else
           not_modified!
         end
@@ -410,8 +409,7 @@ module API
         link = user_project.project_group_links.find_by(group_id: params[:group_id])
         not_found!('Group Link') unless link
 
-        status 204
-        link.destroy
+        destroy_conditionally!(link)
       end
 
       desc 'Upload a file'
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index 46550243d06..4490e50702b 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -1541,6 +1541,7 @@ describe API::Projects do
       end
 
       it_behaves_like '412 response' do
+        let(:success_status) { 202 }
         let(:request) { api("/projects/#{project.id}", user) }
       end
 
@@ -1576,6 +1577,7 @@ describe API::Projects do
       end
 
       it_behaves_like '412 response' do
+        let(:success_status) { 202 }
         let(:request) { api("/projects/#{project.id}", admin) }
       end
     end
diff --git a/spec/support/shared_examples/requests/api/status_shared_examples.rb b/spec/support/shared_examples/requests/api/status_shared_examples.rb
index 1bffd1e49db..7d7f66adeab 100644
--- a/spec/support/shared_examples/requests/api/status_shared_examples.rb
+++ b/spec/support/shared_examples/requests/api/status_shared_examples.rb
@@ -43,11 +43,25 @@ end
 
 shared_examples_for '412 response' do
   let(:params) { nil }
-  before do
-    delete request, params, { 'HTTP_IF_UNMODIFIED_SINCE' => '1990-01-12T00:00:48-0600' }
+  let(:success_status) { 204 }
+
+  context 'for a modified ressource' do
+    before do
+      delete request, params, { 'HTTP_IF_UNMODIFIED_SINCE' => '1990-01-12T00:00:48-0600' }
+    end
+
+    it 'returns 412' do
+      expect(response).to have_gitlab_http_status(412)
+    end
   end
 
-  it 'returns 412' do
-    expect(response).to have_gitlab_http_status(412)
+  context 'for an unmodified ressource' do
+    before do
+      delete request, params, { 'HTTP_IF_UNMODIFIED_SINCE' => Time.now }
+    end
+
+    it 'returns accepted' do
+      expect(response).to have_gitlab_http_status(success_status)
+    end
   end
 end

From 9954dafda58a0d5d856fdbbef01633e674638aa1 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Tue, 29 Aug 2017 16:23:12 +0800
Subject: [PATCH 25/57] Just use a block

---
 lib/gitlab/git/repository.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index f6d30ad7534..adf15473eb6 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -585,7 +585,7 @@ module Gitlab
       end
 
       def delete_refs(ref_names)
-        ref_names.each(&rugged.references.method(:delete))
+        ref_names.each { |ref| rugged.references.delete(ref) }
       end
 
       # Create a new branch named **ref+ based on **stat_point+, HEAD by default

From 12633b46b6884dda4ffd87b14b4b52725acd6ec1 Mon Sep 17 00:00:00 2001
From: Hiroyuki Sato <sathiroyuki@gmail.com>
Date: Tue, 29 Aug 2017 18:00:03 +0900
Subject: [PATCH 26/57] Refactor

---
 lib/gitlab/sql/pattern.rb           | 10 +++-------
 spec/lib/gitlab/sql/pattern_spec.rb |  2 +-
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/lib/gitlab/sql/pattern.rb b/lib/gitlab/sql/pattern.rb
index 26bfeeeee67..b42bc67ccfc 100644
--- a/lib/gitlab/sql/pattern.rb
+++ b/lib/gitlab/sql/pattern.rb
@@ -7,17 +7,13 @@ module Gitlab
 
       class_methods do
         def to_pattern(query)
-          if exact_matching?(query)
-            sanitize_sql_like(query)
-          else
+          if partial_matching?(query)
             "%#{sanitize_sql_like(query)}%"
+          else
+            sanitize_sql_like(query)
           end
         end
 
-        def exact_matching?(query)
-          query.length < MIN_CHARS_FOR_PARTIAL_MATCHING
-        end
-
         def partial_matching?(query)
           query.length >= MIN_CHARS_FOR_PARTIAL_MATCHING
         end
diff --git a/spec/lib/gitlab/sql/pattern_spec.rb b/spec/lib/gitlab/sql/pattern_spec.rb
index 224336421be..9d7b2136dab 100644
--- a/spec/lib/gitlab/sql/pattern_spec.rb
+++ b/spec/lib/gitlab/sql/pattern_spec.rb
@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe Gitlab::SQL::Pattern do
-  describe '#to_pattern' do
+  describe '.to_pattern' do
     subject(:to_pattern) { User.to_pattern(query) }
 
     context 'when a query is shorter than 3 chars' do

From 5eab624d3ce7500b3cc19230b5ce86125b88015b Mon Sep 17 00:00:00 2001
From: Yorick Peterse <yorickpeterse@gmail.com>
Date: Fri, 18 Aug 2017 14:26:23 +0200
Subject: [PATCH 27/57] Improve migrations using triggers

This adds a bunch of checks to migrations that may create or drop
triggers. Dropping triggers/functions is done using "IF EXISTS" so we
don't throw an error if the object in question has already been dropped.
We now also raise a custom error (message) when the user does not have
TRIGGER privileges. This should prevent the schema from entering an
inconsistent state while also providing the user with enough information
on how to solve the problem.

The recommendation of using SUPERUSER permissions is a bit extreme but
we require this anyway (Omnibus also configures users with this
permission).

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/36633
---
 .../unreleased/check-trigger-permissions.yml  |  5 +++
 lib/gitlab/database.rb                        |  8 +++++
 lib/gitlab/database/grant.rb                  | 34 ++++++++++++++++++
 lib/gitlab/database/migration_helpers.rb      | 36 ++++++++++++++++---
 spec/lib/gitlab/database/grant_spec.rb        | 30 ++++++++++++++++
 .../gitlab/database/migration_helpers_spec.rb | 32 ++++++++++++++---
 6 files changed, 137 insertions(+), 8 deletions(-)
 create mode 100644 changelogs/unreleased/check-trigger-permissions.yml
 create mode 100644 lib/gitlab/database/grant.rb
 create mode 100644 spec/lib/gitlab/database/grant_spec.rb

diff --git a/changelogs/unreleased/check-trigger-permissions.yml b/changelogs/unreleased/check-trigger-permissions.yml
new file mode 100644
index 00000000000..e0809cea9bf
--- /dev/null
+++ b/changelogs/unreleased/check-trigger-permissions.yml
@@ -0,0 +1,5 @@
+---
+title: Improve migrations using triggers
+merge_request:
+author:
+type: fixed
diff --git a/lib/gitlab/database.rb b/lib/gitlab/database.rb
index e001d25e7b7..a6ec75da385 100644
--- a/lib/gitlab/database.rb
+++ b/lib/gitlab/database.rb
@@ -9,6 +9,14 @@ module Gitlab
       ActiveRecord::Base.configurations[Rails.env]
     end
 
+    def self.username
+      config['username'] || ENV['USER']
+    end
+
+    def self.database_name
+      config['database']
+    end
+
     def self.adapter_name
       config['adapter']
     end
diff --git a/lib/gitlab/database/grant.rb b/lib/gitlab/database/grant.rb
new file mode 100644
index 00000000000..aee3981e79a
--- /dev/null
+++ b/lib/gitlab/database/grant.rb
@@ -0,0 +1,34 @@
+module Gitlab
+  module Database
+    # Model that can be used for querying permissions of a SQL user.
+    class Grant < ActiveRecord::Base
+      self.table_name =
+        if Database.postgresql?
+          'information_schema.role_table_grants'
+        else
+          'mysql.user'
+        end
+
+      def self.scope_to_current_user
+        if Database.postgresql?
+          where('grantee = user')
+        else
+          where("CONCAT(User, '@', Host) = current_user()")
+        end
+      end
+
+      # Returns true if the current user can create and execute triggers on the
+      # given table.
+      def self.create_and_execute_trigger?(table)
+        priv =
+          if Database.postgresql?
+            where(privilege_type: 'TRIGGER', table_name: table)
+          else
+            where(Trigger_priv: 'Y')
+          end
+
+        priv.scope_to_current_user.any?
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/database/migration_helpers.rb b/lib/gitlab/database/migration_helpers.rb
index 5e2c6cc5cad..fb14798efe6 100644
--- a/lib/gitlab/database/migration_helpers.rb
+++ b/lib/gitlab/database/migration_helpers.rb
@@ -358,6 +358,8 @@ module Gitlab
           raise 'rename_column_concurrently can not be run inside a transaction'
         end
 
+        check_trigger_permissions!(table)
+
         old_col = column_for(table, old)
         new_type = type || old_col.type
 
@@ -430,6 +432,8 @@ module Gitlab
       def cleanup_concurrent_column_rename(table, old, new)
         trigger_name = rename_trigger_name(table, old, new)
 
+        check_trigger_permissions!(table)
+
         if Database.postgresql?
           remove_rename_triggers_for_postgresql(table, trigger_name)
         else
@@ -485,14 +489,14 @@ module Gitlab
 
       # Removes the triggers used for renaming a PostgreSQL column concurrently.
       def remove_rename_triggers_for_postgresql(table, trigger)
-        execute("DROP TRIGGER #{trigger} ON #{table}")
-        execute("DROP FUNCTION #{trigger}()")
+        execute("DROP TRIGGER IF EXISTS #{trigger} ON #{table}")
+        execute("DROP FUNCTION IF EXISTS #{trigger}()")
       end
 
       # Removes the triggers used for renaming a MySQL column concurrently.
       def remove_rename_triggers_for_mysql(trigger)
-        execute("DROP TRIGGER #{trigger}_insert")
-        execute("DROP TRIGGER #{trigger}_update")
+        execute("DROP TRIGGER IF EXISTS #{trigger}_insert")
+        execute("DROP TRIGGER IF EXISTS #{trigger}_update")
       end
 
       # Returns the (base) name to use for triggers when renaming columns.
@@ -625,6 +629,30 @@ module Gitlab
           conn.llen("queue:#{queue_name}")
         end
       end
+
+      def check_trigger_permissions!(table)
+        unless Grant.create_and_execute_trigger?(table)
+          dbname = Database.database_name
+          user = Database.username
+
+          raise <<-EOF
+Your database user is not allowed to create, drop, or execute triggers on the
+table #{table}.
+
+If you are using PostgreSQL you can solve this by logging in to the GitLab
+database (#{dbname}) using a super user and running:
+
+    ALTER #{user} WITH SUPERUSER
+
+For MySQL you instead need to run:
+
+    GRANT ALL PRIVILEGES ON *.* TO #{user}@'%'
+
+Both queries will grant the user super user permissions, ensuring you don't run
+into similar problems in the future (e.g. when new tables are created).
+          EOF
+        end
+      end
     end
   end
 end
diff --git a/spec/lib/gitlab/database/grant_spec.rb b/spec/lib/gitlab/database/grant_spec.rb
new file mode 100644
index 00000000000..651da3e8476
--- /dev/null
+++ b/spec/lib/gitlab/database/grant_spec.rb
@@ -0,0 +1,30 @@
+require 'spec_helper'
+
+describe Gitlab::Database::Grant do
+  describe '.scope_to_current_user' do
+    it 'scopes the relation to the current user' do
+      user = Gitlab::Database.username
+      column = Gitlab::Database.postgresql? ? :grantee : :User
+      names = described_class.scope_to_current_user.pluck(column).uniq
+
+      expect(names).to eq([user])
+    end
+  end
+
+  describe '.create_and_execute_trigger' do
+    it 'returns true when the user can create and execute a trigger' do
+      # We assume the DB/user is set up correctly so that triggers can be
+      # created, which is necessary anyway for other tests to work.
+      expect(described_class.create_and_execute_trigger?('users')).to eq(true)
+    end
+
+    it 'returns false when the user can not create and/or execute a trigger' do
+      allow(described_class).to receive(:scope_to_current_user)
+        .and_return(described_class.none)
+
+      result = described_class.create_and_execute_trigger?('kittens')
+
+      expect(result).to eq(false)
+    end
+  end
+end
diff --git a/spec/lib/gitlab/database/migration_helpers_spec.rb b/spec/lib/gitlab/database/migration_helpers_spec.rb
index c25fd459dd7..1bcdc369c44 100644
--- a/spec/lib/gitlab/database/migration_helpers_spec.rb
+++ b/spec/lib/gitlab/database/migration_helpers_spec.rb
@@ -450,6 +450,8 @@ describe Gitlab::Database::MigrationHelpers do
         it 'renames a column concurrently' do
           allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
 
+          expect(model).to receive(:check_trigger_permissions!).with(:users)
+
           expect(model).to receive(:install_rename_triggers_for_mysql)
             .with(trigger_name, 'users', 'old', 'new')
 
@@ -477,6 +479,8 @@ describe Gitlab::Database::MigrationHelpers do
         it 'renames a column concurrently' do
           allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
 
+          expect(model).to receive(:check_trigger_permissions!).with(:users)
+
           expect(model).to receive(:install_rename_triggers_for_postgresql)
             .with(trigger_name, 'users', 'old', 'new')
 
@@ -506,6 +510,8 @@ describe Gitlab::Database::MigrationHelpers do
     it 'cleans up the renaming procedure for PostgreSQL' do
       allow(Gitlab::Database).to receive(:postgresql?).and_return(true)
 
+      expect(model).to receive(:check_trigger_permissions!).with(:users)
+
       expect(model).to receive(:remove_rename_triggers_for_postgresql)
         .with(:users, /trigger_.{12}/)
 
@@ -517,6 +523,8 @@ describe Gitlab::Database::MigrationHelpers do
     it 'cleans up the renaming procedure for MySQL' do
       allow(Gitlab::Database).to receive(:postgresql?).and_return(false)
 
+      expect(model).to receive(:check_trigger_permissions!).with(:users)
+
       expect(model).to receive(:remove_rename_triggers_for_mysql)
         .with(/trigger_.{12}/)
 
@@ -573,8 +581,8 @@ describe Gitlab::Database::MigrationHelpers do
 
   describe '#remove_rename_triggers_for_postgresql' do
     it 'removes the function and trigger' do
-      expect(model).to receive(:execute).with('DROP TRIGGER foo ON bar')
-      expect(model).to receive(:execute).with('DROP FUNCTION foo()')
+      expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo ON bar')
+      expect(model).to receive(:execute).with('DROP FUNCTION IF EXISTS foo()')
 
       model.remove_rename_triggers_for_postgresql('bar', 'foo')
     end
@@ -582,8 +590,8 @@ describe Gitlab::Database::MigrationHelpers do
 
   describe '#remove_rename_triggers_for_mysql' do
     it 'removes the triggers' do
-      expect(model).to receive(:execute).with('DROP TRIGGER foo_insert')
-      expect(model).to receive(:execute).with('DROP TRIGGER foo_update')
+      expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo_insert')
+      expect(model).to receive(:execute).with('DROP TRIGGER IF EXISTS foo_update')
 
       model.remove_rename_triggers_for_mysql('foo')
     end
@@ -890,4 +898,20 @@ describe Gitlab::Database::MigrationHelpers do
       end
     end
   end
+
+  describe '#check_trigger_permissions!' do
+    it 'does nothing when the user has the correct permissions' do
+      expect { model.check_trigger_permissions!('users') }
+        .not_to raise_error(RuntimeError)
+    end
+
+    it 'raises RuntimeError when the user does not have the correct permissions' do
+      allow(Gitlab::Database::Grant).to receive(:create_and_execute_trigger?)
+        .with('kittens')
+        .and_return(false)
+
+      expect { model.check_trigger_permissions!('kittens') }
+        .to raise_error(RuntimeError, /Your database user is not allowed/)
+    end
+  end
 end

From 11da029edb0bf09eb906301bd0692ed1d74d25eb Mon Sep 17 00:00:00 2001
From: Achilleas Pipinellis <axilleas@axilleas.me>
Date: Mon, 28 Aug 2017 13:50:21 +0200
Subject: [PATCH 28/57] Move GPG signed commits docs to new location

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/36804
---
 app/views/profiles/gpg_keys/index.html.haml   |   2 +-
 .../commit/_signature_badge.html.haml         |   2 +-
 doc/README.md                                 |   3 +-
 doc/user/project/gpg_signed_commits/index.md  | 246 +-----------------
 .../profile_settings_gpg_keys_paste_pub.png   | Bin
 .../profile_settings_gpg_keys_single_key.png  | Bin
 .../project_signed_and_unsigned_commits.png   | Bin
 ...ect_signed_commit_unverified_signature.png | Bin
 ...oject_signed_commit_verified_signature.png | Bin
 .../repository/gpg_signed_commits/index.md    | 245 +++++++++++++++++
 doc/user/project/repository/index.md          |   4 +-
 11 files changed, 253 insertions(+), 249 deletions(-)
 rename doc/user/project/{ => repository}/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png (100%)
 rename doc/user/project/{ => repository}/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png (100%)
 rename doc/user/project/{ => repository}/gpg_signed_commits/img/project_signed_and_unsigned_commits.png (100%)
 rename doc/user/project/{ => repository}/gpg_signed_commits/img/project_signed_commit_unverified_signature.png (100%)
 rename doc/user/project/{ => repository}/gpg_signed_commits/img/project_signed_commit_verified_signature.png (100%)
 create mode 100644 doc/user/project/repository/gpg_signed_commits/index.md

diff --git a/app/views/profiles/gpg_keys/index.html.haml b/app/views/profiles/gpg_keys/index.html.haml
index 720a97cddb7..8dbb8aef31b 100644
--- a/app/views/profiles/gpg_keys/index.html.haml
+++ b/app/views/profiles/gpg_keys/index.html.haml
@@ -12,7 +12,7 @@
       Add a GPG key
     %p.profile-settings-content
       Before you can add a GPG key you need to
-      = link_to 'generate it.', help_page_path('user/project/gpg_signed_commits/index.md')
+      = link_to 'generate it.', help_page_path('user/project/repository/gpg_signed_commits/index.md')
     = render 'form'
     %hr
     %h5
diff --git a/app/views/projects/commit/_signature_badge.html.haml b/app/views/projects/commit/_signature_badge.html.haml
index a3783b31b86..d06b29db838 100644
--- a/app/views/projects/commit/_signature_badge.html.haml
+++ b/app/views/projects/commit/_signature_badge.html.haml
@@ -12,7 +12,7 @@
   %span.monospace= signature.gpg_key_primary_keyid
 
 
-  = link_to('Learn more about signing commits', help_page_path('user/project/gpg_signed_commits/index.md'), class: 'gpg-popover-help-link')
+  = link_to('Learn more about signing commits', help_page_path('user/project/repository/gpg_signed_commits/index.md'), class: 'gpg-popover-help-link')
 
 %button{ class: css_classes, data: { toggle: 'popover', html: 'true', placement: 'auto top', title: title, content: content } }
   = label
diff --git a/doc/README.md b/doc/README.md
index 76d4c3e51fe..63ba8ff03e9 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -77,6 +77,8 @@ Manage your [repositories](user/project/repository/index.md) from the UI (user i
   - [Create a branch](user/project/repository/web_editor.md#create-a-new-branch)
   - [Protected branches](user/project/protected_branches.md#protected-branches)
   - [Delete merged branches](user/project/repository/branches/index.md#delete-merged-branches)
+- Commits
+  - [Signing commits](user/project/repository/gpg_signed_commits/index.md): use GPG to sign your commits.
 
 ### Issues and Merge Requests (MRs)
 
@@ -98,7 +100,6 @@ Manage your [repositories](user/project/repository/index.md) from the UI (user i
 - [Git](topics/git/index.md): Getting started with Git, branching strategies, Git LFS, advanced use.
 - [Git cheatsheet](https://gitlab.com/gitlab-com/marketing/raw/master/design/print/git-cheatsheet/print-pdf/git-cheatsheet.pdf): Download a PDF describing the most used Git operations.
 - [GitLab Flow](workflow/gitlab_flow.md): explore the best of Git with the GitLab Flow strategy.
-- [Signing commits](user/project/gpg_signed_commits/index.md): use GPG to sign your commits.
 
 ### Migrate and import your projects from other platforms
 
diff --git a/doc/user/project/gpg_signed_commits/index.md b/doc/user/project/gpg_signed_commits/index.md
index 3ea2203c895..261eedeb412 100644
--- a/doc/user/project/gpg_signed_commits/index.md
+++ b/doc/user/project/gpg_signed_commits/index.md
@@ -1,245 +1 @@
-# Signing commits with GPG
-
-> [Introduced][ce-9546] in GitLab 9.5.
-
-GitLab can show whether a commit is verified or not when signed with a GPG key.
-All you need to do is upload the public GPG key in your profile settings.
-
-GPG verified tags are not supported yet.
-
-## Getting started with GPG
-
-Here are a few guides to get you started with GPG:
-
-- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
-- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
-- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
-- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
-
-## How GitLab handles GPG
-
-GitLab uses its own keyring to verify the GPG signature. It does not access any
-public key server.
-
-In order to have a commit verified on GitLab the corresponding public key needs
-to be uploaded to GitLab. For a signature to be verified two prerequisites need
-to be met:
-
-1. The public key needs to be added your GitLab account
-1. One of the emails in the GPG key matches your **primary** email
-
-## Generating a GPG key
-
-If you don't already have a GPG key, the following steps will help you get
-started:
-
-1. [Install GPG](https://www.gnupg.org/download/index.html) for your operating system
-1. Generate the private/public key pair with the following command:
-
-    ```sh
-    gpg --full-gen-key
-    ```
-
-    This will spawn a series of questions.
-
-1. The first question is which algorithm can be used.  Select the kind you want
-   or press <kbd>Enter</kbd> to choose the default (RSA and RSA):
-
-    ```
-    Please select what kind of key you want:
-       (1) RSA and RSA (default)
-       (2) DSA and Elgamal
-       (3) DSA (sign only)
-       (4) RSA (sign only)
-    Your selection? 1
-    ```
-
-1. The next question is key length. We recommend to choose the highest value
-   which is `4096`:
-
-    ```
-    RSA keys may be between 1024 and 4096 bits long.
-    What keysize do you want? (2048) 4096
-    Requested keysize is 4096 bits
-    ```
-1. Next, you need to specify the validity period of your key. This is something
-   subjective, and you can use the default value which is to never expire:
-
-    ```
-    Please specify how long the key should be valid.
-             0 = key does not expire
-          <n>  = key expires in n days
-          <n>w = key expires in n weeks
-          <n>m = key expires in n months
-          <n>y = key expires in n years
-    Key is valid for? (0) 0
-    Key does not expire at all
-    ```
-
-1. Confirm that the answers you gave were correct by typing `y`:
-
-    ```
-    Is this correct? (y/N) y
-    ```
-
-1. Enter you real name, the email address to be associated with this key (should
-   match the primary email address you use in GitLab) and an optional comment
-   (press <kbd>Enter</kbd> to skip):
-
-    ```
-    GnuPG needs to construct a user ID to identify your key.
-
-    Real name: Mr. Robot
-    Email address: mr@robot.sh
-    Comment:
-    You selected this USER-ID:
-        "Mr. Robot <mr@robot.sh>"
-
-    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
-    ```
-
-1. Pick a strong password when asked and type it twice to confirm.
-1. Use the following command to list the private GPG key you just created:
-
-    ```
-    gpg --list-secret-keys mr@robot.sh
-    ```
-
-    Replace `mr@robot.sh` with the email address you entered above.
-
-1. Copy the GPG key ID that starts with `sec`. In the following example, that's
-   `0x30F2B65B9246B6CA`:
-
-    ```
-    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
-          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
-    uid                   [ultimate] Mr. Robot <mr@robot.sh>
-    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
-    ```
-
-1. Export the public key of that ID (replace your key ID from the previous step):
-
-    ```
-    gpg --armor --export 0x30F2B65B9246B6CA
-    ```
-
-1. Finally, copy the public key and [add it in your profile settings](#adding-a-gpg-key-to-your-account)
-
-## Adding a GPG key to your account
-
->**Note:**
-Once you add a key, you cannot edit it, only remove it. In case the paste
-didn't work, you'll have to remove the offending key and re-add it.
-
-You can add a GPG key in your profile's settings:
-
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-
-    ![Settings dropdown](../../profile/img/profile_settings_dropdown.png)
-
-1. Navigate to the **GPG keys** tab and paste your _public_ key in the 'Key'
-   box.
-
-    ![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png)
-
-1. Finally, click on **Add key** to add it to GitLab. You will be able to see
-   its fingerprint, the corresponding email address and creation date.
-
-    ![GPG key single page](img/profile_settings_gpg_keys_single_key.png)
-
-## Associating your GPG key with Git
-
-After you have [created your GPG key](#generating-a-gpg-key) and [added it to
-your account](#adding-a-gpg-key-to-your-account), it's time to tell Git which
-key to use.
-
-1. Use the following command to list the private GPG key you just created:
-
-    ```
-    gpg --list-secret-keys mr@robot.sh
-    ```
-
-    Replace `mr@robot.sh` with the email address you entered above.
-
-1. Copy the GPG key ID that starts with `sec`. In the following example, that's
-   `0x30F2B65B9246B6CA`:
-
-    ```
-    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
-          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
-    uid                   [ultimate] Mr. Robot <mr@robot.sh>
-    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
-    ```
-
-1. Tell Git to use that key to sign the commits:
-
-    ```
-    git config --global user.signingkey 0x30F2B65B9246B6CA
-    ```
-
-    Replace `0x30F2B65B9246B6CA` with your GPG key ID.
-
-## Signing commits
-
-After you have [created your GPG key](#generating-a-gpg-key) and [added it to
-your account](#adding-a-gpg-key-to-your-account), you can start signing your
-commits:
-
-1. Commit like you used to, the only difference is the addition of the `-S` flag:
-
-    ```
-    git commit -S -m "My commit msg"
-    ```
-
-1. Enter the passphrase of your GPG key when asked.
-1. Push to GitLab and check that your commits [are verified](#verifying-commits).
-
-If you don't want to type the `-S` flag every time you commit, you can tell Git
-to sign your commits automatically:
-
-```
-git config --global commit.gpgsign true
-```
-
-## Verifying commits
-
-1. Within a project or [merge request](../merge_requests/index.md), navigate to
-   the **Commits** tab. Signed commits will show a badge containing either
-   "Verified" or "Unverified", depending on the verification status of the GPG
-   signature.
-
-    ![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png)
-
-1. By clicking on the GPG badge, details of the signature are displayed.
-
-    ![Signed commit with verified signature](img/project_signed_commit_verified_signature.png)
-
-    ![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png)
-
-## Revoking a GPG key
-
-Revoking a key **unverifies** already signed commits. Commits that were
-verified by using this key will change to an unverified state. Future commits
-will also stay unverified once you revoke this key. This action should be used
-in case your key has been compromised.
-
-To revoke a GPG key:
-
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-1. Navigate to the **GPG keys** tab.
-1. Click on **Revoke** besides the GPG key you want to delete.
-
-## Removing a GPG key
-
-Removing a key **does not unverify** already signed commits. Commits that were
-verified by using this key will stay verified. Only unpushed commits will stay
-unverified once you remove this key. To unverify already signed commits, you need
-to [revoke the associated GPG key](#revoking-a-gpg-key) from your account.
-
-To remove a GPG key from your account:
-
-1. On the upper right corner, click on your avatar and go to your **Settings**.
-1. Navigate to the **GPG keys** tab.
-1. Click on the trash icon besides the GPG key you want to delete.
-
-[ce-9546]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9546
+This document was moved to [another location](../repository/gpg_signed_commits/index.md).
diff --git a/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png b/doc/user/project/repository/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png
similarity index 100%
rename from doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png
rename to doc/user/project/repository/gpg_signed_commits/img/profile_settings_gpg_keys_paste_pub.png
diff --git a/doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png b/doc/user/project/repository/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
similarity index 100%
rename from doc/user/project/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
rename to doc/user/project/repository/gpg_signed_commits/img/profile_settings_gpg_keys_single_key.png
diff --git a/doc/user/project/gpg_signed_commits/img/project_signed_and_unsigned_commits.png b/doc/user/project/repository/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
similarity index 100%
rename from doc/user/project/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
rename to doc/user/project/repository/gpg_signed_commits/img/project_signed_and_unsigned_commits.png
diff --git a/doc/user/project/gpg_signed_commits/img/project_signed_commit_unverified_signature.png b/doc/user/project/repository/gpg_signed_commits/img/project_signed_commit_unverified_signature.png
similarity index 100%
rename from doc/user/project/gpg_signed_commits/img/project_signed_commit_unverified_signature.png
rename to doc/user/project/repository/gpg_signed_commits/img/project_signed_commit_unverified_signature.png
diff --git a/doc/user/project/gpg_signed_commits/img/project_signed_commit_verified_signature.png b/doc/user/project/repository/gpg_signed_commits/img/project_signed_commit_verified_signature.png
similarity index 100%
rename from doc/user/project/gpg_signed_commits/img/project_signed_commit_verified_signature.png
rename to doc/user/project/repository/gpg_signed_commits/img/project_signed_commit_verified_signature.png
diff --git a/doc/user/project/repository/gpg_signed_commits/index.md b/doc/user/project/repository/gpg_signed_commits/index.md
new file mode 100644
index 00000000000..ff419d714f9
--- /dev/null
+++ b/doc/user/project/repository/gpg_signed_commits/index.md
@@ -0,0 +1,245 @@
+# Signing commits with GPG
+
+> [Introduced][ce-9546] in GitLab 9.5.
+
+GitLab can show whether a commit is verified or not when signed with a GPG key.
+All you need to do is upload the public GPG key in your profile settings.
+
+GPG verified tags are not supported yet.
+
+## Getting started with GPG
+
+Here are a few guides to get you started with GPG:
+
+- [Git Tools - Signing Your Work](https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work)
+- [Managing OpenPGP Keys](https://riseup.net/en/security/message-security/openpgp/gpg-keys)
+- [OpenPGP Best Practices](https://riseup.net/en/security/message-security/openpgp/best-practices)
+- [Creating a new GPG key with subkeys](https://www.void.gr/kargig/blog/2013/12/02/creating-a-new-gpg-key-with-subkeys/) (advanced)
+
+## How GitLab handles GPG
+
+GitLab uses its own keyring to verify the GPG signature. It does not access any
+public key server.
+
+In order to have a commit verified on GitLab the corresponding public key needs
+to be uploaded to GitLab. For a signature to be verified two prerequisites need
+to be met:
+
+1. The public key needs to be added your GitLab account
+1. One of the emails in the GPG key matches your **primary** email
+
+## Generating a GPG key
+
+If you don't already have a GPG key, the following steps will help you get
+started:
+
+1. [Install GPG](https://www.gnupg.org/download/index.html) for your operating system
+1. Generate the private/public key pair with the following command:
+
+    ```sh
+    gpg --full-gen-key
+    ```
+
+    This will spawn a series of questions.
+
+1. The first question is which algorithm can be used.  Select the kind you want
+   or press <kbd>Enter</kbd> to choose the default (RSA and RSA):
+
+    ```
+    Please select what kind of key you want:
+       (1) RSA and RSA (default)
+       (2) DSA and Elgamal
+       (3) DSA (sign only)
+       (4) RSA (sign only)
+    Your selection? 1
+    ```
+
+1. The next question is key length. We recommend to choose the highest value
+   which is `4096`:
+
+    ```
+    RSA keys may be between 1024 and 4096 bits long.
+    What keysize do you want? (2048) 4096
+    Requested keysize is 4096 bits
+    ```
+1. Next, you need to specify the validity period of your key. This is something
+   subjective, and you can use the default value which is to never expire:
+
+    ```
+    Please specify how long the key should be valid.
+             0 = key does not expire
+          <n>  = key expires in n days
+          <n>w = key expires in n weeks
+          <n>m = key expires in n months
+          <n>y = key expires in n years
+    Key is valid for? (0) 0
+    Key does not expire at all
+    ```
+
+1. Confirm that the answers you gave were correct by typing `y`:
+
+    ```
+    Is this correct? (y/N) y
+    ```
+
+1. Enter you real name, the email address to be associated with this key (should
+   match the primary email address you use in GitLab) and an optional comment
+   (press <kbd>Enter</kbd> to skip):
+
+    ```
+    GnuPG needs to construct a user ID to identify your key.
+
+    Real name: Mr. Robot
+    Email address: mr@robot.sh
+    Comment:
+    You selected this USER-ID:
+        "Mr. Robot <mr@robot.sh>"
+
+    Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
+    ```
+
+1. Pick a strong password when asked and type it twice to confirm.
+1. Use the following command to list the private GPG key you just created:
+
+    ```
+    gpg --list-secret-keys mr@robot.sh
+    ```
+
+    Replace `mr@robot.sh` with the email address you entered above.
+
+1. Copy the GPG key ID that starts with `sec`. In the following example, that's
+   `0x30F2B65B9246B6CA`:
+
+    ```
+    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
+          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
+    uid                   [ultimate] Mr. Robot <mr@robot.sh>
+    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
+    ```
+
+1. Export the public key of that ID (replace your key ID from the previous step):
+
+    ```
+    gpg --armor --export 0x30F2B65B9246B6CA
+    ```
+
+1. Finally, copy the public key and [add it in your profile settings](#adding-a-gpg-key-to-your-account)
+
+## Adding a GPG key to your account
+
+>**Note:**
+Once you add a key, you cannot edit it, only remove it. In case the paste
+didn't work, you'll have to remove the offending key and re-add it.
+
+You can add a GPG key in your profile's settings:
+
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+
+    ![Settings dropdown](../../../profile/img/profile_settings_dropdown.png)
+
+1. Navigate to the **GPG keys** tab and paste your _public_ key in the 'Key'
+   box.
+
+    ![Paste GPG public key](img/profile_settings_gpg_keys_paste_pub.png)
+
+1. Finally, click on **Add key** to add it to GitLab. You will be able to see
+   its fingerprint, the corresponding email address and creation date.
+
+    ![GPG key single page](img/profile_settings_gpg_keys_single_key.png)
+
+## Associating your GPG key with Git
+
+After you have [created your GPG key](#generating-a-gpg-key) and [added it to
+your account](#adding-a-gpg-key-to-your-account), it's time to tell Git which
+key to use.
+
+1. Use the following command to list the private GPG key you just created:
+
+    ```
+    gpg --list-secret-keys mr@robot.sh
+    ```
+
+    Replace `mr@robot.sh` with the email address you entered above.
+
+1. Copy the GPG key ID that starts with `sec`. In the following example, that's
+   `0x30F2B65B9246B6CA`:
+
+    ```
+    sec   rsa4096/0x30F2B65B9246B6CA 2017-08-18 [SC]
+          D5E4F29F3275DC0CDA8FFC8730F2B65B9246B6CA
+    uid                   [ultimate] Mr. Robot <mr@robot.sh>
+    ssb   rsa4096/0xB7ABC0813E4028C0 2017-08-18 [E]
+    ```
+
+1. Tell Git to use that key to sign the commits:
+
+    ```
+    git config --global user.signingkey 0x30F2B65B9246B6CA
+    ```
+
+    Replace `0x30F2B65B9246B6CA` with your GPG key ID.
+
+## Signing commits
+
+After you have [created your GPG key](#generating-a-gpg-key) and [added it to
+your account](#adding-a-gpg-key-to-your-account), you can start signing your
+commits:
+
+1. Commit like you used to, the only difference is the addition of the `-S` flag:
+
+    ```
+    git commit -S -m "My commit msg"
+    ```
+
+1. Enter the passphrase of your GPG key when asked.
+1. Push to GitLab and check that your commits [are verified](#verifying-commits).
+
+If you don't want to type the `-S` flag every time you commit, you can tell Git
+to sign your commits automatically:
+
+```
+git config --global commit.gpgsign true
+```
+
+## Verifying commits
+
+1. Within a project or [merge request](../../merge_requests/index.md), navigate to
+   the **Commits** tab. Signed commits will show a badge containing either
+   "Verified" or "Unverified", depending on the verification status of the GPG
+   signature.
+
+    ![Signed and unsigned commits](img/project_signed_and_unsigned_commits.png)
+
+1. By clicking on the GPG badge, details of the signature are displayed.
+
+    ![Signed commit with verified signature](img/project_signed_commit_verified_signature.png)
+
+    ![Signed commit with verified signature](img/project_signed_commit_unverified_signature.png)
+
+## Revoking a GPG key
+
+Revoking a key **unverifies** already signed commits. Commits that were
+verified by using this key will change to an unverified state. Future commits
+will also stay unverified once you revoke this key. This action should be used
+in case your key has been compromised.
+
+To revoke a GPG key:
+
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+1. Navigate to the **GPG keys** tab.
+1. Click on **Revoke** besides the GPG key you want to delete.
+
+## Removing a GPG key
+
+Removing a key **does not unverify** already signed commits. Commits that were
+verified by using this key will stay verified. Only unpushed commits will stay
+unverified once you remove this key. To unverify already signed commits, you need
+to [revoke the associated GPG key](#revoking-a-gpg-key) from your account.
+
+To remove a GPG key from your account:
+
+1. On the upper right corner, click on your avatar and go to your **Settings**.
+1. Navigate to the **GPG keys** tab.
+1. Click on the trash icon besides the GPG key you want to delete.
+
+[ce-9546]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9546
diff --git a/doc/user/project/repository/index.md b/doc/user/project/repository/index.md
index 5e5ae880518..235af83353d 100644
--- a/doc/user/project/repository/index.md
+++ b/doc/user/project/repository/index.md
@@ -22,7 +22,7 @@ you to [connect with GitLab via SSH](../../../ssh/README.md).
 
 ## Files
 
-## Create and edit files
+### Create and edit files
 
 Host your codebase in GitLab repositories by pushing your files to GitLab.
 You can either use the user interface (UI), or connect your local computer
@@ -111,6 +111,8 @@ right from the UI.
 - **Revert a commit:**
 Easily [revert a commit](../merge_requests/revert_changes.md#reverting-a-commit)
 from the UI to a selected branch.
+- **Sign a commit:**
+Use GPG to [sign your commits](gpg_signed_commits/index.md).
 
 ## Repository size
 

From 573f73f22a53ac6d72d4670f925eceb28f3cc8fc Mon Sep 17 00:00:00 2001
From: winh <winnie@gitlab.com>
Date: Wed, 16 Aug 2017 13:15:40 +0200
Subject: [PATCH 29/57] Make issuable dashboard dropdowns consistent

---
 app/assets/stylesheets/framework/dropdowns.scss | 5 +++++
 app/assets/stylesheets/framework/filters.scss   | 4 ++++
 2 files changed, 9 insertions(+)

diff --git a/app/assets/stylesheets/framework/dropdowns.scss b/app/assets/stylesheets/framework/dropdowns.scss
index a45d5a6dca0..4cf2f46c6d3 100644
--- a/app/assets/stylesheets/framework/dropdowns.scss
+++ b/app/assets/stylesheets/framework/dropdowns.scss
@@ -771,6 +771,11 @@
           &::before {
             top: 16px;
           }
+
+          &.dropdown-menu-user-link::before {
+            top: 50%;
+            transform: translateY(-50%);
+          }
         }
       }
     }
diff --git a/app/assets/stylesheets/framework/filters.scss b/app/assets/stylesheets/framework/filters.scss
index a5d33d410fb..e4e095eaabf 100644
--- a/app/assets/stylesheets/framework/filters.scss
+++ b/app/assets/stylesheets/framework/filters.scss
@@ -478,3 +478,7 @@
   padding: 8px 16px;
   text-align: center;
 }
+
+.issues-details-filters {
+  @include new-style-dropdown;
+}

From 6d9fb6b0b779d7065f0c36ec15a42d0d459abbeb Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Tue, 29 Aug 2017 21:11:38 +0800
Subject: [PATCH 30/57] It doesn't seem that rubocop is complaining for me

---
 app/models/repository.rb | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index 0f67395b88b..9fe39172b19 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -60,12 +60,10 @@ class Repository
     @project = project
   end
 
-  def equals(other)
+  def ==(other)
     @disk_path == other.disk_path
   end
 
-  alias_method :==, :equals
-
   def raw_repository
     return nil unless full_path
 

From 8cbc9c4ed032e7a4f73aeb86a0bec152a1c7b696 Mon Sep 17 00:00:00 2001
From: Travis Miller <travis@travismiller.com>
Date: Sat, 19 Aug 2017 12:49:39 -0500
Subject: [PATCH 31/57] Add time stats documentation to issue and merge request
 end points

---
 doc/api/issues.md         | 56 ++++++++++++++++++++++++++++++++++-
 doc/api/merge_requests.md | 62 ++++++++++++++++++++++++++++++++++-----
 2 files changed, 110 insertions(+), 8 deletions(-)

diff --git a/doc/api/issues.md b/doc/api/issues.md
index f30ed08d0fa..14635114a31 100644
--- a/doc/api/issues.md
+++ b/doc/api/issues.md
@@ -101,6 +101,12 @@ Example response:
       "user_notes_count": 1,
       "due_date": "2016-07-22",
       "web_url": "http://example.com/example/example/issues/6",
+      "time_stats": {
+         "time_estimate": 0,
+         "total_time_spent": 0,
+         "human_time_estimate": null,
+         "human_total_time_spent": null
+      },
       "confidential": false
    }
 ]
@@ -198,6 +204,12 @@ Example response:
       "user_notes_count": 1,
       "due_date": null,
       "web_url": "http://example.com/example/example/issues/1",
+      "time_stats": {
+         "time_estimate": 0,
+         "total_time_spent": 0,
+         "human_time_estimate": null,
+         "human_total_time_spent": null
+      },
       "confidential": false
    }
 ]
@@ -296,6 +308,12 @@ Example response:
       "user_notes_count": 1,
       "due_date": "2016-07-22",
       "web_url": "http://example.com/example/example/issues/1",
+      "time_stats": {
+         "time_estimate": 0,
+         "total_time_spent": 0,
+         "human_time_estimate": null,
+         "human_total_time_spent": null
+      },
       "confidential": false
    }
 ]
@@ -372,6 +390,12 @@ Example response:
    "user_notes_count": 1,
    "due_date": null,
    "web_url": "http://example.com/example/example/issues/1",
+   "time_stats": {
+      "time_estimate": 0,
+      "total_time_spent": 0,
+      "human_time_estimate": null,
+      "human_total_time_spent": null
+   },
    "confidential": false,
    "_links": {
       "self": "http://example.com/api/v4/projects/1/issues/2",
@@ -440,6 +464,12 @@ Example response:
    "user_notes_count": 0,
    "due_date": null,
    "web_url": "http://example.com/example/example/issues/14",
+   "time_stats": {
+      "time_estimate": 0,
+      "total_time_spent": 0,
+      "human_time_estimate": null,
+      "human_total_time_spent": null
+   },
    "confidential": false,
    "_links": {
       "self": "http://example.com/api/v4/projects/1/issues/2",
@@ -509,6 +539,12 @@ Example response:
    "user_notes_count": 0,
    "due_date": "2016-07-22",
    "web_url": "http://example.com/example/example/issues/15",
+   "time_stats": {
+      "time_estimate": 0,
+      "total_time_spent": 0,
+      "human_time_estimate": null,
+      "human_total_time_spent": null
+   },
    "confidential": false,
    "_links": {
       "self": "http://example.com/api/v4/projects/1/issues/2",
@@ -601,6 +637,12 @@ Example response:
   },
   "due_date": null,
   "web_url": "http://example.com/example/example/issues/11",
+  "time_stats": {
+    "time_estimate": 0,
+    "total_time_spent": 0,
+    "human_time_estimate": null,
+    "human_total_time_spent": null
+  },
   "confidential": false,
   "_links": {
     "self": "http://example.com/api/v4/projects/1/issues/2",
@@ -672,6 +714,12 @@ Example response:
   },
   "due_date": null,
   "web_url": "http://example.com/example/example/issues/11",
+  "time_stats": {
+    "time_estimate": 0,
+    "total_time_spent": 0,
+    "human_time_estimate": null,
+    "human_total_time_spent": null
+  },
   "confidential": false,
   "_links": {
     "self": "http://example.com/api/v4/projects/1/issues/2",
@@ -1001,7 +1049,13 @@ Example response:
     "user_notes_count": 1,
     "should_remove_source_branch": null,
     "force_remove_source_branch": false,
-    "web_url": "https://gitlab.example.com/gitlab-org/gitlab-test/merge_requests/6432"
+    "web_url": "https://gitlab.example.com/gitlab-org/gitlab-test/merge_requests/6432",
+    "time_stats": {
+      "time_estimate": 0,
+      "total_time_spent": 0,
+      "human_time_estimate": null,
+      "human_total_time_spent": null
+    }
   }
 ]
 ```
diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md
index 802e5362d70..4f67aa4b9d4 100644
--- a/doc/api/merge_requests.md
+++ b/doc/api/merge_requests.md
@@ -92,7 +92,13 @@ Parameters:
     "user_notes_count": 1,
     "should_remove_source_branch": true,
     "force_remove_source_branch": false,
-    "web_url": "http://example.com/example/example/merge_requests/1"
+    "web_url": "http://example.com/example/example/merge_requests/1",
+    "time_stats": {
+      "time_estimate": 0,
+      "total_time_spent": 0,
+      "human_time_estimate": null,
+      "human_total_time_spent": null
+    }
   }
 ]
 ```
@@ -181,7 +187,13 @@ Parameters:
     "user_notes_count": 1,
     "should_remove_source_branch": true,
     "force_remove_source_branch": false,
-    "web_url": "http://example.com/example/example/merge_requests/1"
+    "web_url": "http://example.com/example/example/merge_requests/1",
+    "time_stats": {
+      "time_estimate": 0,
+      "total_time_spent": 0,
+      "human_time_estimate": null,
+      "human_total_time_spent": null
+    }
   }
 ]
 ```
@@ -250,7 +262,13 @@ Parameters:
   "user_notes_count": 1,
   "should_remove_source_branch": true,
   "force_remove_source_branch": false,
-  "web_url": "http://example.com/example/example/merge_requests/1"
+  "web_url": "http://example.com/example/example/merge_requests/1",
+  "time_stats": {
+    "time_estimate": 0,
+    "total_time_spent": 0,
+    "human_time_estimate": null,
+    "human_total_time_spent": null
+  }
 }
 ```
 
@@ -356,6 +374,12 @@ Parameters:
   "should_remove_source_branch": true,
   "force_remove_source_branch": false,
   "web_url": "http://example.com/example/example/merge_requests/1",
+  "time_stats": {
+    "time_estimate": 0,
+    "total_time_spent": 0,
+    "human_time_estimate": null,
+    "human_total_time_spent": null
+  }
   "changes": [
     {
     "old_path": "VERSION",
@@ -442,7 +466,13 @@ POST /projects/:id/merge_requests
   "user_notes_count": 0,
   "should_remove_source_branch": true,
   "force_remove_source_branch": false,
-  "web_url": "http://example.com/example/example/merge_requests/1"
+  "web_url": "http://example.com/example/example/merge_requests/1",
+  "time_stats": {
+    "time_estimate": 0,
+    "total_time_spent": 0,
+    "human_time_estimate": null,
+    "human_total_time_spent": null
+  }
 }
 ```
 
@@ -519,7 +549,13 @@ Must include at least one non-required attribute from above.
   "user_notes_count": 1,
   "should_remove_source_branch": true,
   "force_remove_source_branch": false,
-  "web_url": "http://example.com/example/example/merge_requests/1"
+  "web_url": "http://example.com/example/example/merge_requests/1",
+  "time_stats": {
+    "time_estimate": 0,
+    "total_time_spent": 0,
+    "human_time_estimate": null,
+    "human_total_time_spent": null
+  }
 }
 ```
 
@@ -617,7 +653,13 @@ Parameters:
   "user_notes_count": 1,
   "should_remove_source_branch": true,
   "force_remove_source_branch": false,
-  "web_url": "http://example.com/example/example/merge_requests/1"
+  "web_url": "http://example.com/example/example/merge_requests/1",
+  "time_stats": {
+    "time_estimate": 0,
+    "total_time_spent": 0,
+    "human_time_estimate": null,
+    "human_total_time_spent": null
+  }
 }
 ```
 
@@ -687,7 +729,13 @@ Parameters:
   "user_notes_count": 1,
   "should_remove_source_branch": true,
   "force_remove_source_branch": false,
-  "web_url": "http://example.com/example/example/merge_requests/1"
+  "web_url": "http://example.com/example/example/merge_requests/1",
+  "time_stats": {
+    "time_estimate": 0,
+    "total_time_spent": 0,
+    "human_time_estimate": null,
+    "human_total_time_spent": null
+  }
 }
 ```
 

From 6782b406f77d237e58c23a3bce444e3cd4dde849 Mon Sep 17 00:00:00 2001
From: Travis Miller <travis@travismiller.com>
Date: Sat, 19 Aug 2017 12:56:17 -0500
Subject: [PATCH 32/57] Add time stats to API schema for issue and merge
 request end points

---
 spec/fixtures/api/schemas/public_api/v4/issues.json       | 8 +++++++-
 .../api/schemas/public_api/v4/merge_requests.json         | 8 +++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/spec/fixtures/api/schemas/public_api/v4/issues.json b/spec/fixtures/api/schemas/public_api/v4/issues.json
index bd6bfc03199..8acd9488215 100644
--- a/spec/fixtures/api/schemas/public_api/v4/issues.json
+++ b/spec/fixtures/api/schemas/public_api/v4/issues.json
@@ -78,7 +78,13 @@
       "downvotes": { "type": "integer" },
       "due_date": { "type": ["date", "null"] },
       "confidential": { "type": "boolean" },
-      "web_url": { "type": "uri" }
+      "web_url": { "type": "uri" },
+      "time_stats": {
+        "time_estimate": { "type": "integer" },
+        "total_time_spent": { "type": "integer" },
+        "human_time_estimate": { "type": ["string", "null"] },
+        "human_total_time_spent": { "type": ["string", "null"] }
+      }
     },
     "required": [
       "id", "iid", "project_id", "title", "description",
diff --git a/spec/fixtures/api/schemas/public_api/v4/merge_requests.json b/spec/fixtures/api/schemas/public_api/v4/merge_requests.json
index 60aa47c1259..31b3f4ba946 100644
--- a/spec/fixtures/api/schemas/public_api/v4/merge_requests.json
+++ b/spec/fixtures/api/schemas/public_api/v4/merge_requests.json
@@ -72,7 +72,13 @@
       "user_notes_count": { "type": "integer" },
       "should_remove_source_branch": { "type": ["boolean", "null"] },
       "force_remove_source_branch": { "type": ["boolean", "null"] },
-      "web_url": { "type": "uri" }
+      "web_url": { "type": "uri" },
+      "time_stats": {
+        "time_estimate": { "type": "integer" },
+        "total_time_spent": { "type": "integer" },
+        "human_time_estimate": { "type": ["string", "null"] },
+        "human_total_time_spent": { "type": ["string", "null"] }
+      }
     },
     "required": [
       "id", "iid", "project_id", "title", "description",

From 2531fb3be9542c08231a6540a14b12d907b151e5 Mon Sep 17 00:00:00 2001
From: Travis Miller <travis@travismiller.com>
Date: Mon, 28 Aug 2017 19:02:52 -0500
Subject: [PATCH 33/57] Add missing N+1 test to issues spec

---
 spec/requests/api/issues_spec.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/spec/requests/api/issues_spec.rb b/spec/requests/api/issues_spec.rb
index 7d120e4a234..03b1d14828d 100644
--- a/spec/requests/api/issues_spec.rb
+++ b/spec/requests/api/issues_spec.rb
@@ -509,6 +509,18 @@ describe API::Issues, :mailer do
   describe "GET /projects/:id/issues" do
     let(:base_url) { "/projects/#{project.id}" }
 
+    it 'avoids N+1 queries' do
+      control_count = ActiveRecord::QueryRecorder.new do
+        get api("/projects/#{project.id}/issues", user)
+      end.count
+
+      create(:issue, author: user, project: project)
+
+      expect do
+        get api("/projects/#{project.id}/issues", user)
+      end.not_to exceed_query_limit(control_count)
+    end
+
     it 'returns 404 when project does not exist' do
       get api('/projects/1000/issues', non_member)
 

From ce1ce82045f168143ccc143f5200ea9da820d990 Mon Sep 17 00:00:00 2001
From: Travis Miller <travis@travismiller.com>
Date: Mon, 21 Aug 2017 17:42:03 -0500
Subject: [PATCH 34/57] Resolve new N+1 by adding preloads and metadata to
 issues end points

---
 lib/api/entities.rb | 22 ++++++++++++++++++++--
 lib/api/issues.rb   | 22 +++++++++++++++++++---
 2 files changed, 39 insertions(+), 5 deletions(-)

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index e8dd61e493f..e18c69b7a3d 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -320,7 +320,10 @@ module API
     end
 
     class IssueBasic < ProjectEntity
-      expose :label_names, as: :labels
+      expose :labels do |issue, options|
+        # Avoids an N+1 query since labels are preloaded
+        issue.labels.map(&:title).sort
+      end
       expose :milestone, using: Entities::Milestone
       expose :assignees, :author, using: Entities::UserBasic
 
@@ -329,7 +332,22 @@ module API
       end
 
       expose :user_notes_count
-      expose :upvotes, :downvotes
+      expose :upvotes do |issue, options|
+        if options[:issuable_metadata]
+          # Avoids an N+1 query when metadata is included
+          options[:issuable_metadata][issue.id].upvotes
+        else
+          issue.upvotes
+        end
+      end
+      expose :downvotes do |issue, options|
+        if options[:issuable_metadata]
+          # Avoids an N+1 query when metadata is included
+          options[:issuable_metadata][issue.id].downvotes
+        else
+          issue.downvotes
+        end
+      end
       expose :due_date
       expose :confidential
 
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index 4cec1145f3a..64a425eb96e 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -4,6 +4,8 @@ module API
 
     before { authenticate! }
 
+    helpers ::Gitlab::IssuableMetadata
+
     helpers do
       def find_issues(args = {})
         args = params.merge(args)
@@ -13,6 +15,7 @@ module API
         args[:label_name] = args.delete(:labels)
 
         issues = IssuesFinder.new(current_user, args).execute
+          .preload(:assignees, :labels, :notes)
 
         issues.reorder(args[:order_by] => args[:sort])
       end
@@ -65,7 +68,11 @@ module API
       get do
         issues = find_issues
 
-        present paginate(issues), with: Entities::IssueBasic, current_user: current_user
+        options = { with: Entities::IssueBasic,
+                    current_user: current_user }
+        options[:issuable_metadata] = issuable_meta_data(issues, 'Issue')
+
+        present paginate(issues), options
       end
     end
 
@@ -86,7 +93,11 @@ module API
 
         issues = find_issues(group_id: group.id)
 
-        present paginate(issues), with: Entities::IssueBasic, current_user: current_user
+        options = { with: Entities::IssueBasic,
+                    current_user: current_user }
+        options[:issuable_metadata] = issuable_meta_data(issues, 'Issue')
+
+        present paginate(issues), options
       end
     end
 
@@ -109,7 +120,12 @@ module API
 
         issues = find_issues(project_id: project.id)
 
-        present paginate(issues), with: Entities::IssueBasic, current_user: current_user, project: user_project
+        options = { with: Entities::IssueBasic,
+                    current_user: current_user,
+                    project: user_project }
+        options[:issuable_metadata] = issuable_meta_data(issues, 'Issue')
+
+        present paginate(issues), options
       end
 
       desc 'Get a single project issue' do

From 749c389345cf382b740277db62f7d4b849902d60 Mon Sep 17 00:00:00 2001
From: Travis Miller <travis@travismiller.com>
Date: Mon, 28 Aug 2017 19:02:26 -0500
Subject: [PATCH 35/57] Add time stats to issue and merge request API end
 points

---
 lib/api/entities.rb       | 22 +++++++++++++++++++++-
 lib/api/issues.rb         | 28 +++++++++++++++++-----------
 lib/api/merge_requests.rb |  2 +-
 3 files changed, 39 insertions(+), 13 deletions(-)

diff --git a/lib/api/entities.rb b/lib/api/entities.rb
index e18c69b7a3d..803b48dd88a 100644
--- a/lib/api/entities.rb
+++ b/lib/api/entities.rb
@@ -354,6 +354,10 @@ module API
       expose :web_url do |issue, options|
         Gitlab::UrlBuilder.build(issue)
       end
+
+      expose :time_stats, using: 'API::Entities::IssuableTimeStats' do |issue|
+        issue
+      end
     end
 
     class Issue < IssueBasic
@@ -383,10 +387,22 @@ module API
     end
 
     class IssuableTimeStats < Grape::Entity
+      format_with(:time_tracking_formatter) do |time_spent|
+        Gitlab::TimeTrackingFormatter.output(time_spent)
+      end
+
       expose :time_estimate
       expose :total_time_spent
       expose :human_time_estimate
-      expose :human_total_time_spent
+
+      with_options(format_with: :time_tracking_formatter) do
+        expose :total_time_spent, as: :human_total_time_spent
+      end
+
+      def total_time_spent
+        # Avoids an N+1 query since timelogs are preloaded
+        object.timelogs.map(&:time_spent).sum
+      end
     end
 
     class ExternalIssue < Grape::Entity
@@ -436,6 +452,10 @@ module API
       expose :web_url do |merge_request, options|
         Gitlab::UrlBuilder.build(merge_request)
       end
+
+      expose :time_stats, using: 'API::Entities::IssuableTimeStats' do |merge_request|
+        merge_request
+      end
     end
 
     class MergeRequest < MergeRequestBasic
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index 64a425eb96e..c30e430ae85 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -15,7 +15,7 @@ module API
         args[:label_name] = args.delete(:labels)
 
         issues = IssuesFinder.new(current_user, args).execute
-          .preload(:assignees, :labels, :notes)
+          .preload(:assignees, :labels, :notes, :timelogs)
 
         issues.reorder(args[:order_by] => args[:sort])
       end
@@ -68,9 +68,11 @@ module API
       get do
         issues = find_issues
 
-        options = { with: Entities::IssueBasic,
-                    current_user: current_user }
-        options[:issuable_metadata] = issuable_meta_data(issues, 'Issue')
+        options = {
+          with: Entities::IssueBasic,
+          current_user: current_user,
+          issuable_metadata: issuable_meta_data(issues, 'Issue')
+        }
 
         present paginate(issues), options
       end
@@ -93,9 +95,11 @@ module API
 
         issues = find_issues(group_id: group.id)
 
-        options = { with: Entities::IssueBasic,
-                    current_user: current_user }
-        options[:issuable_metadata] = issuable_meta_data(issues, 'Issue')
+        options = {
+          with: Entities::IssueBasic,
+          current_user: current_user,
+          issuable_metadata: issuable_meta_data(issues, 'Issue')
+        }
 
         present paginate(issues), options
       end
@@ -120,10 +124,12 @@ module API
 
         issues = find_issues(project_id: project.id)
 
-        options = { with: Entities::IssueBasic,
-                    current_user: current_user,
-                    project: user_project }
-        options[:issuable_metadata] = issuable_meta_data(issues, 'Issue')
+        options = {
+          with: Entities::IssueBasic,
+          current_user: current_user,
+          project: user_project,
+          issuable_metadata: issuable_meta_data(issues, 'Issue')
+        }
 
         present paginate(issues), options
       end
diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb
index 8810d4e441d..a3284afb745 100644
--- a/lib/api/merge_requests.rb
+++ b/lib/api/merge_requests.rb
@@ -21,7 +21,7 @@ module API
         return merge_requests if args[:view] == 'simple'
 
         merge_requests
-          .preload(:notes, :author, :assignee, :milestone, :merge_request_diff, :labels)
+          .preload(:notes, :author, :assignee, :milestone, :merge_request_diff, :labels, :timelogs)
       end
 
       params :merge_requests_params do

From 54b0f57b2e286680b7b2dc2757c31536858478ce Mon Sep 17 00:00:00 2001
From: Travis Miller <travis@travismiller.com>
Date: Sat, 19 Aug 2017 13:03:34 -0500
Subject: [PATCH 36/57] Add changelog

---
 ...28453-add-time-estimate-time-spent-to-api-issue-output.yml | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 changelogs/unreleased/28453-add-time-estimate-time-spent-to-api-issue-output.yml

diff --git a/changelogs/unreleased/28453-add-time-estimate-time-spent-to-api-issue-output.yml b/changelogs/unreleased/28453-add-time-estimate-time-spent-to-api-issue-output.yml
new file mode 100644
index 00000000000..129cf505a3f
--- /dev/null
+++ b/changelogs/unreleased/28453-add-time-estimate-time-spent-to-api-issue-output.yml
@@ -0,0 +1,4 @@
+---
+title: Add time stats to Issue and Merge Request API
+merge_request: 13335
+author: @travismiller

From e6630d7f7276dc5cec2a02e32dc74a0a060886ab Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Tue, 29 Aug 2017 22:42:02 +0800
Subject: [PATCH 37/57] Make sure inspect doesn't generate crazy string

---
 app/models/repository.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index 9fe39172b19..04a76c365be 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -79,6 +79,10 @@ class Repository
     )
   end
 
+  def inspect
+    "#<#{self.class.name}:#{@disk_path}>"
+  end
+
   #
   # Git repository can contains some hidden refs like:
   #   /refs/notes/*

From 9d3ee1ff139650e064a41fd90d34cd3f558c1099 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Tue, 29 Aug 2017 22:42:34 +0800
Subject: [PATCH 38/57] Further break with_repo_branch_commit into parts

So it's more clear what could happen. Also add
more tests about the behaviour.
---
 app/models/repository.rb       | 43 +++++++++++++++++++---------------
 spec/models/repository_spec.rb | 36 +++++++++++++++++++++++++++-
 2 files changed, 59 insertions(+), 20 deletions(-)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index 04a76c365be..93017dfedf9 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -1000,29 +1000,22 @@ class Repository
   end
 
   def with_repo_branch_commit(start_repository, start_branch_name)
-    tmp_ref = nil
     return yield nil if start_repository.empty_repo?
 
-    branch_commit =
-      if start_repository == self
-        commit(start_branch_name)
+    if start_repository == self
+      yield commit(start_branch_name)
+    else
+      sha = start_repository.commit(start_branch_name).sha
+
+      if branch_commit = commit(sha)
+        yield branch_commit
       else
-        sha = start_repository.find_branch(start_branch_name).target
-        commit(sha) ||
-          begin
-            tmp_ref = fetch_ref(
-              start_repository.path_to_repo,
-              "#{Gitlab::Git::BRANCH_REF_PREFIX}#{start_branch_name}",
-              "refs/tmp/#{SecureRandom.hex}/head"
-            )
-
-            commit(start_repository.commit(start_branch_name).sha)
-          end
+        with_repo_tmp_commit(
+          start_repository, start_branch_name, sha) do |tmp_commit|
+          yield tmp_commit
+        end
       end
-
-    yield branch_commit
-  ensure
-    rugged.references.delete(tmp_ref) if tmp_ref
+    end
   end
 
   def add_remote(name, url)
@@ -1231,4 +1224,16 @@ class Repository
       .commits_by_message(query, revision: ref, path: path, limit: limit, offset: offset)
       .map { |c| commit(c) }
   end
+
+  def with_repo_tmp_commit(start_repository, start_branch_name, sha)
+    tmp_ref = fetch_ref(
+      start_repository.path_to_repo,
+      "#{Gitlab::Git::BRANCH_REF_PREFIX}#{start_branch_name}",
+      "refs/tmp/#{SecureRandom.hex}/head"
+    )
+
+    yield commit(sha)
+  ensure
+    rugged.references.delete(tmp_ref) if tmp_ref
+  end
 end
diff --git a/spec/models/repository_spec.rb b/spec/models/repository_spec.rb
index 462e92b8b62..8d9a86d952b 100644
--- a/spec/models/repository_spec.rb
+++ b/spec/models/repository_spec.rb
@@ -923,13 +923,16 @@ describe Repository, models: true do
   describe '#update_branch_with_hooks' do
     let(:old_rev) { '0b4bc9a49b562e85de7cc9e834518ea6828729b9' } # git rev-parse feature
     let(:new_rev) { 'a74ae73c1ccde9b974a70e82b901588071dc142a' } # commit whose parent is old_rev
+    let(:updating_ref) { 'refs/heads/feature' }
+    let(:target_project) { project }
+    let(:target_repository) { target_project.repository }
 
     context 'when pre hooks were successful' do
       before do
         service = Gitlab::Git::HooksService.new
         expect(Gitlab::Git::HooksService).to receive(:new).and_return(service)
         expect(service).to receive(:execute)
-          .with(committer, repository, old_rev, new_rev, 'refs/heads/feature')
+          .with(committer, target_repository, old_rev, new_rev, updating_ref)
           .and_yield(service).and_return(true)
       end
 
@@ -960,6 +963,37 @@ describe Repository, models: true do
           expect(repository.find_branch('feature').dereferenced_target.id).to eq(new_rev)
         end
       end
+
+      context 'when target project does not have the commit' do
+        let(:target_project) { create(:project, :empty_repo) }
+        let(:old_rev) { Gitlab::Git::BLANK_SHA }
+        let(:new_rev) { project.commit('feature').sha }
+        let(:updating_ref) { 'refs/heads/master' }
+
+        it 'fetch_ref and create the branch' do
+          expect(target_project.repository).to receive(:fetch_ref)
+            .and_call_original
+
+          GitOperationService.new(committer, target_repository)
+            .with_branch(
+              'master',
+              start_project: project,
+              start_branch_name: 'feature') { new_rev }
+
+          expect(target_repository.branch_names).to contain_exactly('master')
+        end
+      end
+
+      context 'when target project already has the commit' do
+        let(:target_project) { create(:project, :repository) }
+
+        it 'does not fetch_ref and just pass the commit' do
+          expect(target_repository).not_to receive(:fetch_ref)
+
+          GitOperationService.new(committer, target_repository)
+            .with_branch('feature', start_project: project) { new_rev }
+        end
+      end
     end
 
     context 'when temporary ref failed to be created from other project' do

From 67c042e4a5603a39494c3c7e407161348d7e85f3 Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Tue, 29 Aug 2017 16:49:43 +0200
Subject: [PATCH 39/57] Respect the default visibility level when creating a
 group

---
 lib/api/groups.rb                | 4 +++-
 spec/requests/api/groups_spec.rb | 1 +
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index e56427304a6..15266e9d4e5 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -7,7 +7,9 @@ module API
     helpers do
       params :optional_params_ce do
         optional :description, type: String, desc: 'The description of the group'
-        optional :visibility, type: String, values: Gitlab::VisibilityLevel.string_values, desc: 'The visibility of the group'
+        optional :visibility, type: String, values: Gitlab::VisibilityLevel.string_values,
+                 default: Gitlab::VisibilityLevel.string_level(Gitlab::CurrentSettings.current_application_settings.default_group_visibility),
+                 desc: 'The visibility of the group'
         optional :lfs_enabled, type: Boolean, desc: 'Enable/disable LFS for the projects in this group'
         optional :request_access_enabled, type: Boolean, desc: 'Allow users to request member access'
         optional :share_with_group_lock, type: Boolean, desc: 'Prevent sharing a project with another group within this group'
diff --git a/spec/requests/api/groups_spec.rb b/spec/requests/api/groups_spec.rb
index a7557c7fb22..c6bc0c25e99 100644
--- a/spec/requests/api/groups_spec.rb
+++ b/spec/requests/api/groups_spec.rb
@@ -444,6 +444,7 @@ describe API::Groups do
         expect(json_response["name"]).to eq(group[:name])
         expect(json_response["path"]).to eq(group[:path])
         expect(json_response["request_access_enabled"]).to eq(group[:request_access_enabled])
+        expect(json_response["visibility"]).to eq(Gitlab::VisibilityLevel.string_level(Gitlab::CurrentSettings.current_application_settings.default_group_visibility))
       end
 
       it "creates a nested group", :nested_groups do

From 1488d1f77c83969f42269c9cb0b7c285b4232899 Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Tue, 29 Aug 2017 17:15:04 +0200
Subject: [PATCH 40/57] Add changelog

---
 .../37198-api-doesn-t-respect-default-group-visibility.yml   | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changelogs/unreleased/37198-api-doesn-t-respect-default-group-visibility.yml

diff --git a/changelogs/unreleased/37198-api-doesn-t-respect-default-group-visibility.yml b/changelogs/unreleased/37198-api-doesn-t-respect-default-group-visibility.yml
new file mode 100644
index 00000000000..ef83dc1d10a
--- /dev/null
+++ b/changelogs/unreleased/37198-api-doesn-t-respect-default-group-visibility.yml
@@ -0,0 +1,5 @@
+---
+title: 'API: Respect default group visibility when creating a group'
+merge_request: 13903
+author: Robert Schilling
+type: fixed

From a0814a8dfb83f4f0acf74072623a2a4fea85f23f Mon Sep 17 00:00:00 2001
From: Eric Eastwood <contact@ericeastwood.com>
Date: Mon, 28 Aug 2017 15:11:34 -0500
Subject: [PATCH 41/57] Better align fallback image emojis

Fix https://gitlab.com/gitlab-org/gitlab-ce/issues/37147
---
 app/assets/stylesheets/framework/typography.scss             | 2 +-
 changelogs/unreleased/37147-fix-fallback-emoji-alignment.yml | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/37147-fix-fallback-emoji-alignment.yml

diff --git a/app/assets/stylesheets/framework/typography.scss b/app/assets/stylesheets/framework/typography.scss
index 71eec0e1a5e..368cc71c5a6 100644
--- a/app/assets/stylesheets/framework/typography.scss
+++ b/app/assets/stylesheets/framework/typography.scss
@@ -10,7 +10,7 @@
     color: $md-link-color;
   }
 
-  img {
+  img:not(.emoji) {
     /*max-width: 100%;*/
     margin: 0 0 8px;
   }
diff --git a/changelogs/unreleased/37147-fix-fallback-emoji-alignment.yml b/changelogs/unreleased/37147-fix-fallback-emoji-alignment.yml
new file mode 100644
index 00000000000..34161e63c81
--- /dev/null
+++ b/changelogs/unreleased/37147-fix-fallback-emoji-alignment.yml
@@ -0,0 +1,5 @@
+---
+title: Better align fallback image emojis
+merge_request:
+author:
+type: fixed

From 934d09698cce2f913d4ca36e4b5c223e1ea75e85 Mon Sep 17 00:00:00 2001
From: Eric Eastwood <contact@ericeastwood.com>
Date: Tue, 29 Aug 2017 10:09:47 -0500
Subject: [PATCH 42/57] Remove commented out code

---
 app/assets/stylesheets/framework/typography.scss | 1 -
 1 file changed, 1 deletion(-)

diff --git a/app/assets/stylesheets/framework/typography.scss b/app/assets/stylesheets/framework/typography.scss
index 368cc71c5a6..b2423bc1a66 100644
--- a/app/assets/stylesheets/framework/typography.scss
+++ b/app/assets/stylesheets/framework/typography.scss
@@ -11,7 +11,6 @@
   }
 
   img:not(.emoji) {
-    /*max-width: 100%;*/
     margin: 0 0 8px;
   }
 

From f41464f878726de7490ea2457060ff0b93dcd138 Mon Sep 17 00:00:00 2001
From: Filipa Lacerda <filipa@gitlab.com>
Date: Tue, 29 Aug 2017 18:19:59 +0100
Subject: [PATCH 43/57] Fixes the margin of the top buttons of the pipeline
 page

---
 app/assets/javascripts/pipelines/components/pipelines.vue | 4 +++-
 app/assets/stylesheets/pages/pipelines.scss               | 4 ++++
 changelogs/unreleased/34990-top-buttons-misaligned.yml    | 5 +++++
 3 files changed, 12 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/34990-top-buttons-misaligned.yml

diff --git a/app/assets/javascripts/pipelines/components/pipelines.vue b/app/assets/javascripts/pipelines/components/pipelines.vue
index 5df317a76bf..010063a0240 100644
--- a/app/assets/javascripts/pipelines/components/pipelines.vue
+++ b/app/assets/javascripts/pipelines/components/pipelines.vue
@@ -139,7 +139,9 @@
   };
 </script>
 <template>
-  <div :class="cssClass">
+  <div
+    class="pipelines-container"
+    :class="cssClass">
     <div
       class="top-area scrolling-tabs-container inner-page-scroll-tabs"
       v-if="!isLoading && !shouldRenderEmptyState">
diff --git a/app/assets/stylesheets/pages/pipelines.scss b/app/assets/stylesheets/pages/pipelines.scss
index a408bde37d6..51656669c98 100644
--- a/app/assets/stylesheets/pages/pipelines.scss
+++ b/app/assets/stylesheets/pages/pipelines.scss
@@ -927,3 +927,7 @@ button.mini-pipeline-graph-dropdown-toggle {
     }
   }
 }
+
+.pipelines-container .top-area .nav-controls > .btn:last-child {
+  float: none;
+}
diff --git a/changelogs/unreleased/34990-top-buttons-misaligned.yml b/changelogs/unreleased/34990-top-buttons-misaligned.yml
new file mode 100644
index 00000000000..db60f83ed71
--- /dev/null
+++ b/changelogs/unreleased/34990-top-buttons-misaligned.yml
@@ -0,0 +1,5 @@
+---
+title: Fixes margins on the top buttons of the pipeline table
+merge_request:
+author:
+type: fixed

From 96e0020c70ba69de873067b092626295d8388bf0 Mon Sep 17 00:00:00 2001
From: blackst0ne <blackst0ne.ru@gmail.com>
Date: Wed, 30 Aug 2017 09:31:26 +1100
Subject: [PATCH 44/57] Replace 'project/user_lookup.feature' spinach test with
 an rspec analog

---
 .../replace_spinach_user_lookup-feature.yml   |  5 ++
 features/project/commits/user_lookup.feature  | 16 ------
 features/steps/project/commits/user_lookup.rb | 49 -------------------
 .../projects/{commit => commits}/rss_spec.rb  |  0
 .../commits/user_browses_commits_spec.rb      | 44 +++++++++++++++++
 5 files changed, 49 insertions(+), 65 deletions(-)
 create mode 100644 changelogs/unreleased/replace_spinach_user_lookup-feature.yml
 delete mode 100644 features/project/commits/user_lookup.feature
 delete mode 100644 features/steps/project/commits/user_lookup.rb
 rename spec/features/projects/{commit => commits}/rss_spec.rb (100%)
 create mode 100644 spec/features/projects/commits/user_browses_commits_spec.rb

diff --git a/changelogs/unreleased/replace_spinach_user_lookup-feature.yml b/changelogs/unreleased/replace_spinach_user_lookup-feature.yml
new file mode 100644
index 00000000000..36248c54d99
--- /dev/null
+++ b/changelogs/unreleased/replace_spinach_user_lookup-feature.yml
@@ -0,0 +1,5 @@
+---
+title: Replace 'project/user_lookup.feature' spinach test with an rspec analog
+merge_request: 13863
+author: Vitaliy @blackst0ne Klachkov
+type: other
diff --git a/features/project/commits/user_lookup.feature b/features/project/commits/user_lookup.feature
deleted file mode 100644
index c18f4e070f3..00000000000
--- a/features/project/commits/user_lookup.feature
+++ /dev/null
@@ -1,16 +0,0 @@
-@project_commits
-Feature: Project Commits User Lookup
-  Background:
-    Given I sign in as a user
-    And I own a project
-    And I visit my project's commits page
-
-  Scenario: I browse commit from list
-    Given I have user with primary email
-    When I click on commit link
-    Then I see author based on primary email
-
-  Scenario: I browse another commit from list
-    Given I have user with secondary email
-    When I click on another commit link
-    Then I see author based on secondary email
diff --git a/features/steps/project/commits/user_lookup.rb b/features/steps/project/commits/user_lookup.rb
deleted file mode 100644
index 4599e0d032a..00000000000
--- a/features/steps/project/commits/user_lookup.rb
+++ /dev/null
@@ -1,49 +0,0 @@
-class Spinach::Features::ProjectCommitsUserLookup < Spinach::FeatureSteps
-  include SharedAuthentication
-  include SharedProject
-  include SharedPaths
-
-  step 'I click on commit link' do
-    visit project_commit_path(@project, sample_commit.id)
-  end
-
-  step 'I click on another commit link' do
-    visit project_commit_path(@project, sample_commit.parent_id)
-  end
-
-  step 'I have user with primary email' do
-    user_primary
-  end
-
-  step 'I have user with secondary email' do
-    user_secondary
-  end
-
-  step 'I see author based on primary email' do
-    check_author_link(sample_commit.author_email, user_primary)
-  end
-
-  step 'I see author based on secondary email' do
-    check_author_link(sample_commit.author_email, user_secondary)
-  end
-
-  def check_author_link(email, user)
-    author_link = find('.commit-author-link')
-
-    expect(author_link['href']).to eq user_path(user)
-    expect(author_link['title']).to eq email
-    expect(find('.commit-author-name').text).to eq user.name
-  end
-
-  def user_primary
-    @user_primary ||= create(:user, email: 'dmitriy.zaporozhets@gmail.com')
-  end
-
-  def user_secondary
-    @user_secondary ||= begin
-                          user = create(:user, email: 'dzaporozhets@example.com')
-                          create(:email, { user: user, email: 'dmitriy.zaporozhets@gmail.com' })
-                          user
-                        end
-  end
-end
diff --git a/spec/features/projects/commit/rss_spec.rb b/spec/features/projects/commits/rss_spec.rb
similarity index 100%
rename from spec/features/projects/commit/rss_spec.rb
rename to spec/features/projects/commits/rss_spec.rb
diff --git a/spec/features/projects/commits/user_browses_commits_spec.rb b/spec/features/projects/commits/user_browses_commits_spec.rb
new file mode 100644
index 00000000000..41f3c15a94c
--- /dev/null
+++ b/spec/features/projects/commits/user_browses_commits_spec.rb
@@ -0,0 +1,44 @@
+require 'spec_helper'
+
+describe 'User broweses commits' do
+  let(:user) { create(:user) }
+  let(:project) { create(:project, :repository, namespace: user.namespace) }
+
+  before do
+    project.add_master(user)
+    sign_in(user)
+  end
+
+  context 'primary email' do
+    it 'finds a commit by a primary email' do
+      user = create(:user, email: 'dmitriy.zaporozhets@gmail.com')
+
+      visit(project_commit_path(project, RepoHelpers.sample_commit.id))
+
+      check_author_link(RepoHelpers.sample_commit.author_email, user)
+    end
+  end
+
+  context 'secondary email' do
+    it 'finds a commit by a secondary email' do
+      user =
+        create(:user) do |user|
+          create(:email, { user: user, email: 'dmitriy.zaporozhets@gmail.com' })
+        end
+
+      visit(project_commit_path(project, RepoHelpers.sample_commit.parent_id))
+
+      check_author_link(RepoHelpers.sample_commit.author_email, user)
+    end
+  end
+end
+
+private
+
+def check_author_link(email, author)
+  author_link = find('.commit-author-link')
+
+  expect(author_link['href']).to eq(user_path(author))
+  expect(author_link['title']).to eq(email)
+  expect(find('.commit-author-name').text).to eq(author.name)
+end

From ee0fae8eaf81b267f487abd4bd9c6dc8b704449f Mon Sep 17 00:00:00 2001
From: kushalpandya <kushal@gitlab.com>
Date: Wed, 30 Aug 2017 11:21:43 +0530
Subject: [PATCH 45/57] Renamed to `identicon` and make shared component

---
 .../group_identicon.vue => vue_shared/components/identicon.vue}   | 0
 .../components/identicon_spec.js}                                 | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename app/assets/javascripts/{groups/components/group_identicon.vue => vue_shared/components/identicon.vue} (100%)
 rename spec/javascripts/{groups/group_identicon_spec.js => vue_shared/components/identicon_spec.js} (100%)

diff --git a/app/assets/javascripts/groups/components/group_identicon.vue b/app/assets/javascripts/vue_shared/components/identicon.vue
similarity index 100%
rename from app/assets/javascripts/groups/components/group_identicon.vue
rename to app/assets/javascripts/vue_shared/components/identicon.vue
diff --git a/spec/javascripts/groups/group_identicon_spec.js b/spec/javascripts/vue_shared/components/identicon_spec.js
similarity index 100%
rename from spec/javascripts/groups/group_identicon_spec.js
rename to spec/javascripts/vue_shared/components/identicon_spec.js

From 073ab676d9df9cf520d0cbed946f24af8c5b6329 Mon Sep 17 00:00:00 2001
From: kushalpandya <kushal@gitlab.com>
Date: Wed, 30 Aug 2017 11:22:08 +0530
Subject: [PATCH 46/57] Update identicon path and selector

---
 app/assets/javascripts/groups/components/group_item.vue | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/assets/javascripts/groups/components/group_item.vue b/app/assets/javascripts/groups/components/group_item.vue
index cb133cf7535..2060410e991 100644
--- a/app/assets/javascripts/groups/components/group_item.vue
+++ b/app/assets/javascripts/groups/components/group_item.vue
@@ -1,10 +1,10 @@
 <script>
+import identicon from '../../vue_shared/components/identicon.vue';
 import eventHub from '../event_hub';
-import groupIdenticon from './group_identicon.vue';
 
 export default {
   components: {
-    groupIdenticon,
+    identicon,
   },
   props: {
     group: {
@@ -205,7 +205,7 @@ export default {
             class="avatar s40"
             :src="group.avatarUrl"
           />
-          <group-identicon
+          <identicon
             v-else
             :entity-id=group.id
             :entity-name="group.name"

From 8d024db629f11eaa575d6aa8f58534ffa372f27b Mon Sep 17 00:00:00 2001
From: kushalpandya <kushal@gitlab.com>
Date: Wed, 30 Aug 2017 11:22:29 +0530
Subject: [PATCH 47/57] Update spec initialization with it being a shared
 component

---
 .../vue_shared/components/identicon_spec.js        | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/spec/javascripts/vue_shared/components/identicon_spec.js b/spec/javascripts/vue_shared/components/identicon_spec.js
index 66772327503..4f194e5a64e 100644
--- a/spec/javascripts/vue_shared/components/identicon_spec.js
+++ b/spec/javascripts/vue_shared/components/identicon_spec.js
@@ -1,22 +1,18 @@
 import Vue from 'vue';
-import groupIdenticonComponent from '~/groups/components/group_identicon.vue';
-import GroupsStore from '~/groups/stores/groups_store';
-import { group1 } from './mock_data';
+import identiconComponent from '~/vue_shared/components/identicon.vue';
 
 const createComponent = () => {
-  const Component = Vue.extend(groupIdenticonComponent);
-  const store = new GroupsStore();
-  const group = store.decorateGroup(group1);
+  const Component = Vue.extend(identiconComponent);
 
   return new Component({
     propsData: {
-      entityId: group.id,
-      entityName: group.name,
+      entityId: 1,
+      entityName: 'entity-name',
     },
   }).$mount();
 };
 
-describe('GroupIdenticonComponent', () => {
+describe('IdenticonComponent', () => {
   let vm;
 
   beforeEach(() => {

From f55b14d8ad8bc52a8238be0fc23f819bf73dc68f Mon Sep 17 00:00:00 2001
From: winh <winnie@gitlab.com>
Date: Tue, 15 Aug 2017 14:07:56 +0200
Subject: [PATCH 48/57] Make profile settings dropdown consistent

---
 app/assets/stylesheets/framework/selects.scss | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/assets/stylesheets/framework/selects.scss b/app/assets/stylesheets/framework/selects.scss
index 9fccc68b5b6..8018eb8ba84 100644
--- a/app/assets/stylesheets/framework/selects.scss
+++ b/app/assets/stylesheets/framework/selects.scss
@@ -268,6 +268,7 @@
 // TODO: change global style
 .ajax-project-dropdown,
 body[data-page="projects:blob:new"] #select2-drop,
+body[data-page="profiles:show"] #select2-drop,
 body[data-page="projects:blob:edit"] #select2-drop {
   &.select2-drop {
     color: $gl-text-color;

From 9edaff0d3547ba9854e69655a4ae4d5095b8a25f Mon Sep 17 00:00:00 2001
From: Robert Schilling <rschilling@student.tugraz.at>
Date: Wed, 30 Aug 2017 10:11:24 +0200
Subject: [PATCH 49/57] Make rubocop happy

---
 lib/api/groups.rb | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index 15266e9d4e5..cf3cee0073c 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -7,9 +7,11 @@ module API
     helpers do
       params :optional_params_ce do
         optional :description, type: String, desc: 'The description of the group'
-        optional :visibility, type: String, values: Gitlab::VisibilityLevel.string_values,
-                 default: Gitlab::VisibilityLevel.string_level(Gitlab::CurrentSettings.current_application_settings.default_group_visibility),
-                 desc: 'The visibility of the group'
+        optional :visibility, type: String,
+                              values: Gitlab::VisibilityLevel.string_values,
+                              default: Gitlab::VisibilityLevel.string_level(
+                                Gitlab::CurrentSettings.current_application_settings.default_group_visibility),
+                              desc: 'The visibility of the group'
         optional :lfs_enabled, type: Boolean, desc: 'Enable/disable LFS for the projects in this group'
         optional :request_access_enabled, type: Boolean, desc: 'Allow users to request member access'
         optional :share_with_group_lock, type: Boolean, desc: 'Prevent sharing a project with another group within this group'

From b7048c091a1f1ad093ee261454e232d14e4cd325 Mon Sep 17 00:00:00 2001
From: Tiago Botelho <tiagonbotelho@hotmail.com>
Date: Tue, 29 Aug 2017 12:11:21 +0100
Subject: [PATCH 50/57] Backports EE 2756 logic to CE.

---
 app/services/projects/create_service.rb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/app/services/projects/create_service.rb b/app/services/projects/create_service.rb
index 48578b6d9e5..7fbf40ae373 100644
--- a/app/services/projects/create_service.rb
+++ b/app/services/projects/create_service.rb
@@ -44,6 +44,8 @@ module Projects
         @project.namespace_id = current_user.namespace_id
       end
 
+      yield(@project) if block_given?
+
       @project.creator = current_user
 
       if forked_from_project_id

From af0b16652ad4200603b8fd4a1ff532f2f9bc7314 Mon Sep 17 00:00:00 2001
From: Tim Zallmann <tzallmann@gitlab.com>
Date: Mon, 28 Aug 2017 11:27:44 +0200
Subject: [PATCH 51/57] max-width for lazy-loaded images (this was removed in
 the original MR through merge resolution most probably)

---
 app/assets/stylesheets/framework/typography.scss | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/assets/stylesheets/framework/typography.scss b/app/assets/stylesheets/framework/typography.scss
index 71eec0e1a5e..a1f650ce0f2 100644
--- a/app/assets/stylesheets/framework/typography.scss
+++ b/app/assets/stylesheets/framework/typography.scss
@@ -26,6 +26,7 @@
     min-width: inherit;
     min-height: inherit;
     background-color: inherit;
+    max-width: 100%;
   }
 
   p a:not(.no-attachment-icon) img {

From 07a7801c03ec6f5bccd517c38beaec426c554e11 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Wed, 30 Aug 2017 11:30:12 +0100
Subject: [PATCH 52/57] Fix MySQL failure for emoji autocomplete

Postgres lets you treat `count` as another alias for `COUNT(*)` apparently, even
if that's not the actual alias used.
---
 app/controllers/autocomplete_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb
index 54f78fc8719..59be955599d 100644
--- a/app/controllers/autocomplete_controller.rb
+++ b/app/controllers/autocomplete_controller.rb
@@ -55,7 +55,7 @@ class AutocompleteController < ApplicationController
       .limit(AWARD_EMOJI_MAX)
       .where(user: current_user)
       .group(:name)
-      .order(count: :desc, name: :asc)
+      .order('count_all DESC, name ASC')
       .count
 
     # Transform from hash to array to guarantee json order

From 7fba1e85fdd7a09b07d799712c738bbf6a0b1da7 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Wed, 30 Aug 2017 19:07:58 +0800
Subject: [PATCH 53/57] Add changelog entry

---
 changelogs/unreleased/perf-slow-issuable.yml | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 changelogs/unreleased/perf-slow-issuable.yml

diff --git a/changelogs/unreleased/perf-slow-issuable.yml b/changelogs/unreleased/perf-slow-issuable.yml
new file mode 100644
index 00000000000..29d15be1401
--- /dev/null
+++ b/changelogs/unreleased/perf-slow-issuable.yml
@@ -0,0 +1,6 @@
+---
+title: Fix repository equality check and avoid fetching ref if the commit is already
+  available. This affects merge request creation performance
+merge_request: 13685
+author:
+type: other

From b9d8946395ebe2b0d05e464e6a2af1181c7f1b90 Mon Sep 17 00:00:00 2001
From: Sean McGivern <sean@gitlab.com>
Date: Wed, 30 Aug 2017 13:33:39 +0100
Subject: [PATCH 54/57] Don't use public_send in destroy_conditionally! helper

As we only override in two places, we could just ask for the value rather than
the method name.
---
 lib/api/branches.rb | 2 +-
 lib/api/helpers.rb  | 6 ++++--
 lib/api/tags.rb     | 2 +-
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/lib/api/branches.rb b/lib/api/branches.rb
index b87f7cdbad1..a989394ad91 100644
--- a/lib/api/branches.rb
+++ b/lib/api/branches.rb
@@ -130,7 +130,7 @@ module API
 
         commit = user_project.repository.commit(branch.dereferenced_target)
 
-        destroy_conditionally!(commit, last_update_field: :authored_date) do
+        destroy_conditionally!(commit, last_updated: commit.authored_date) do
           result = DeleteBranchService.new(user_project, current_user)
                     .execute(params[:branch])
 
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 84980864151..3d377fdb9eb 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -19,8 +19,10 @@ module API
       end
     end
 
-    def destroy_conditionally!(resource, last_update_field: :updated_at)
-      check_unmodified_since!(resource.public_send(last_update_field))
+    def destroy_conditionally!(resource, last_updated: nil)
+      last_updated ||= resource.updated_at
+
+      check_unmodified_since!(last_updated)
 
       status 204
       if block_given?
diff --git a/lib/api/tags.rb b/lib/api/tags.rb
index 81b17935b81..912415e3a7f 100644
--- a/lib/api/tags.rb
+++ b/lib/api/tags.rb
@@ -70,7 +70,7 @@ module API
 
         commit = user_project.repository.commit(tag.dereferenced_target)
 
-        destroy_conditionally!(commit, last_update_field: :authored_date) do
+        destroy_conditionally!(commit, last_updated: commit.authored_date) do
           result = ::Tags::DestroyService.new(user_project, current_user)
                     .execute(params[:tag_name])
 

From c5553ce772371295d2d7652cec899633042fae07 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Wed, 30 Aug 2017 21:15:06 +0800
Subject: [PATCH 55/57] Use `git update-ref --stdin -z` to delete refs

---
 app/models/repository.rb                      |  2 +-
 app/services/projects/after_import_service.rb |  2 +-
 lib/gitlab/git/repository.rb                  | 18 ++++++++--
 lib/tasks/gitlab/cleanup.rake                 |  2 +-
 spec/lib/gitlab/git/repository_spec.rb        | 34 +++++++++++++++++++
 5 files changed, 53 insertions(+), 5 deletions(-)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index 5758aacd57f..d29d2a83708 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -1246,6 +1246,6 @@ class Repository
 
     yield commit(sha)
   ensure
-    rugged.references.delete(tmp_ref) if tmp_ref
+    delete_refs(tmp_ref) if tmp_ref
   end
 end
diff --git a/app/services/projects/after_import_service.rb b/app/services/projects/after_import_service.rb
index 107856885f3..e6a68d983ef 100644
--- a/app/services/projects/after_import_service.rb
+++ b/app/services/projects/after_import_service.rb
@@ -9,7 +9,7 @@ module Projects
 
     def execute
       Projects::HousekeepingService.new(@project).execute do
-        repository.delete_refs(garbage_refs)
+        repository.delete_refs(*garbage_refs)
       end
     rescue Projects::HousekeepingService::LeaseTaken => e
       Rails.logger.info(
diff --git a/lib/gitlab/git/repository.rb b/lib/gitlab/git/repository.rb
index 8b39e92cc65..fb6504bdea0 100644
--- a/lib/gitlab/git/repository.rb
+++ b/lib/gitlab/git/repository.rb
@@ -17,6 +17,7 @@ module Gitlab
       NoRepository = Class.new(StandardError)
       InvalidBlobName = Class.new(StandardError)
       InvalidRef = Class.new(StandardError)
+      GitError = Class.new(StandardError)
 
       class << self
         # Unlike `new`, `create` takes the storage path, not the storage name
@@ -598,8 +599,21 @@ module Gitlab
         rugged.branches.delete(branch_name)
       end
 
-      def delete_refs(ref_names)
-        ref_names.each { |ref| rugged.references.delete(ref) }
+      def delete_refs(*ref_names)
+        instructions = ref_names.map do |ref|
+          "delete #{ref}\x00\x00"
+        end
+
+        command = %W[#{Gitlab.config.git.bin_path} update-ref --stdin -z]
+        message, status = Gitlab::Popen.popen(
+          command,
+          path) do |stdin|
+          stdin.write(instructions.join)
+        end
+
+        unless status.zero?
+          raise GitError.new("Could not delete refs #{ref_names}: #{message}")
+        end
       end
 
       # Create a new branch named **ref+ based on **stat_point+, HEAD by default
diff --git a/lib/tasks/gitlab/cleanup.rake b/lib/tasks/gitlab/cleanup.rake
index f76bef5f4bf..8ae1b6a626a 100644
--- a/lib/tasks/gitlab/cleanup.rake
+++ b/lib/tasks/gitlab/cleanup.rake
@@ -111,7 +111,7 @@ namespace :gitlab do
           next unless id > max_iid
 
           project.deployments.find(id).create_ref
-          rugged.references.delete(ref)
+          project.repository.delete_refs(ref)
         end
       end
     end
diff --git a/spec/lib/gitlab/git/repository_spec.rb b/spec/lib/gitlab/git/repository_spec.rb
index 6b9773c9b63..4cfb4b7d357 100644
--- a/spec/lib/gitlab/git/repository_spec.rb
+++ b/spec/lib/gitlab/git/repository_spec.rb
@@ -433,6 +433,40 @@ describe Gitlab::Git::Repository, seed_helper: true do
     end
   end
 
+  describe '#delete_refs' do
+    before(:all) do
+      @repo = Gitlab::Git::Repository.new('default', TEST_MUTABLE_REPO_PATH, '')
+    end
+
+    it 'deletes the ref' do
+      @repo.delete_refs('refs/heads/feature')
+
+      expect(@repo.rugged.references['refs/heads/feature']).to be_nil
+    end
+
+    it 'deletes all refs' do
+      refs = %w[refs/heads/wip refs/tags/v1.1.0]
+      @repo.delete_refs(*refs)
+
+      refs.each do |ref|
+        expect(@repo.rugged.references[ref]).to be_nil
+      end
+    end
+
+    it 'raises an error if it failed' do
+      expect(Gitlab::Popen).to receive(:popen).and_return(['Error', 1])
+
+      expect do
+        @repo.delete_refs('refs/heads/fix')
+      end.to raise_error(Gitlab::Git::Repository::GitError)
+    end
+
+    after(:all) do
+      FileUtils.rm_rf(TEST_MUTABLE_REPO_PATH)
+      ensure_seeds
+    end
+  end
+
   describe "#refs_hash" do
     let(:refs) { repository.refs_hash }
 

From 0ab0e7b3bb3d83730e3bd5cca8258d2952ef5976 Mon Sep 17 00:00:00 2001
From: Phil Hughes <me@iamphill.com>
Date: Wed, 30 Aug 2017 09:39:33 +0100
Subject: [PATCH 56/57] Remove tooltips from new sidebar

Closes #35658
---
 app/assets/javascripts/new_sidebar.js         |  5 ++++
 app/helpers/tab_helper.rb                     |  4 ++++
 .../layouts/nav/_new_admin_sidebar.html.haml  | 24 +++++++++----------
 .../layouts/nav/_new_group_sidebar.html.haml  | 10 ++++----
 .../nav/_new_profile_sidebar.html.haml        | 24 +++++++++----------
 .../nav/_new_project_sidebar.html.haml        | 18 +++++++-------
 6 files changed, 47 insertions(+), 38 deletions(-)

diff --git a/app/assets/javascripts/new_sidebar.js b/app/assets/javascripts/new_sidebar.js
index b18d12b48b5..05e3f33f5ed 100644
--- a/app/assets/javascripts/new_sidebar.js
+++ b/app/assets/javascripts/new_sidebar.js
@@ -15,6 +15,7 @@ export default class NewNavSidebar {
     this.$openSidebar = $('.toggle-mobile-nav');
     this.$closeSidebar = $('.close-nav-button');
     this.$sidebarToggle = $('.js-toggle-sidebar');
+    this.$topLevelLinks = $('.sidebar-top-level-items > li > a');
   }
 
   bindEvents() {
@@ -50,6 +51,10 @@ export default class NewNavSidebar {
       this.$page.toggleClass('page-with-icon-sidebar', breakpoint === 'sm' ? true : collapsed);
     }
     NewNavSidebar.setCollapsedCookie(collapsed);
+
+    this.$topLevelLinks.attr('title', function updateTopLevelTitle() {
+      return collapsed ? this.getAttribute('aria-label') : '';
+    });
   }
 
   render() {
diff --git a/app/helpers/tab_helper.rb b/app/helpers/tab_helper.rb
index ee701076a14..3308ab0c259 100644
--- a/app/helpers/tab_helper.rb
+++ b/app/helpers/tab_helper.rb
@@ -119,4 +119,8 @@ module TabHelper
 
     'active' if current_controller?('oauth/applications')
   end
+
+  def sidebar_link(href, title: nil, css: nil, &block)
+    link_to capture(&block), href, title: (title if collapsed_sidebar?), class: css, aria: { label: title }
+  end
 end
diff --git a/app/views/layouts/nav/_new_admin_sidebar.html.haml b/app/views/layouts/nav/_new_admin_sidebar.html.haml
index 9294529f496..3b53117deb6 100644
--- a/app/views/layouts/nav/_new_admin_sidebar.html.haml
+++ b/app/views/layouts/nav/_new_admin_sidebar.html.haml
@@ -7,7 +7,7 @@
         .sidebar-context-title Admin Area
     %ul.sidebar-top-level-items
       = nav_link(controller: %w(dashboard admin projects users groups jobs runners cohorts), html_options: {class: 'home'}) do
-        = link_to admin_root_path, title: 'Overview', class: 'shortcuts-tree' do
+        = sidebar_link admin_root_path, title: _('Overview'), css: 'shortcuts-tree' do
           .nav-icon-container
             = custom_icon('overview')
           %span.nav-item-name
@@ -48,7 +48,7 @@
                 ConvDev Index
 
       = nav_link(controller: %w(conversational_development_index system_info background_jobs logs health_check requests_profiles)) do
-        = link_to admin_conversational_development_index_path, title: 'Monitoring' do
+        = sidebar_link admin_conversational_development_index_path, title: _('Monitoring') do
           .nav-icon-container
             = custom_icon('monitoring')
           %span.nav-item-name
@@ -77,28 +77,28 @@
                 Requests Profiles
 
       = nav_link(controller: :broadcast_messages) do
-        = link_to admin_broadcast_messages_path, title: 'Messages' do
+        = sidebar_link admin_broadcast_messages_path, title: _('Messages') do
           .nav-icon-container
             = custom_icon('messages')
           %span.nav-item-name
             Messages
 
       = nav_link(controller: [:hooks, :hook_logs]) do
-        = link_to admin_hooks_path, title: 'Hooks' do
+        = sidebar_link admin_hooks_path, title: _('Hooks') do
           .nav-icon-container
             = custom_icon('system_hooks')
           %span.nav-item-name
             System Hooks
 
       = nav_link(controller: :applications) do
-        = link_to admin_applications_path, title: 'Applications' do
+        = sidebar_link admin_applications_path, title: _('Applications') do
           .nav-icon-container
             = custom_icon('applications')
           %span.nav-item-name
             Applications
 
       = nav_link(controller: :abuse_reports) do
-        = link_to admin_abuse_reports_path, title: "Abuse Reports" do
+        = sidebar_link admin_abuse_reports_path, title: _("Abuse Reports") do
           .nav-icon-container
             = custom_icon('abuse_reports')
           %span.nav-item-name
@@ -107,42 +107,42 @@
 
       - if akismet_enabled?
         = nav_link(controller: :spam_logs) do
-          = link_to admin_spam_logs_path, title: "Spam Logs" do
+          = sidebar_link admin_spam_logs_path, title: _("Spam Logs") do
             .nav-icon-container
               = custom_icon('spam_logs')
             %span.nav-item-name
               Spam Logs
 
       = nav_link(controller: :deploy_keys) do
-        = link_to admin_deploy_keys_path, title: 'Deploy Keys' do
+        = sidebar_link admin_deploy_keys_path, title: _('Deploy Keys') do
           .nav-icon-container
             = custom_icon('key')
           %span.nav-item-name
             Deploy Keys
 
       = nav_link(controller: :services) do
-        = link_to admin_application_settings_services_path, title: 'Service Templates' do
+        = sidebar_link admin_application_settings_services_path, title: _('Service Templates') do
           .nav-icon-container
             = custom_icon('service_templates')
           %span.nav-item-name
             Service Templates
 
       = nav_link(controller: :labels) do
-        = link_to admin_labels_path, title: 'Labels' do
+        = sidebar_link admin_labels_path, title: _('Labels') do
           .nav-icon-container
             = custom_icon('labels')
           %span.nav-item-name
             Labels
 
       = nav_link(controller: :appearances) do
-        = link_to admin_appearances_path, title: 'Appearances' do
+        = sidebar_link admin_appearances_path, title: _('Appearances') do
           .nav-icon-container
             = custom_icon('appearance')
           %span.nav-item-name
             Appearance
 
       = nav_link(controller: :application_settings) do
-        = link_to admin_application_settings_path, title: 'Settings' do
+        = sidebar_link admin_application_settings_path, title: _('Settings') do
           .nav-icon-container
             = custom_icon('settings')
           %span.nav-item-name
diff --git a/app/views/layouts/nav/_new_group_sidebar.html.haml b/app/views/layouts/nav/_new_group_sidebar.html.haml
index d90aea2e361..5a1511b262f 100644
--- a/app/views/layouts/nav/_new_group_sidebar.html.haml
+++ b/app/views/layouts/nav/_new_group_sidebar.html.haml
@@ -8,7 +8,7 @@
           = @group.name
     %ul.sidebar-top-level-items
       = nav_link(path: ['groups#show', 'groups#activity', 'groups#subgroups'], html_options: { class: 'home' }) do
-        = link_to group_path(@group), title: 'Group overview' do
+        = sidebar_link group_path(@group), title: _('Group overview') do
           .nav-icon-container
             = custom_icon('project')
           %span.nav-item-name
@@ -26,7 +26,7 @@
                 Activity
 
       = nav_link(path: ['groups#issues', 'labels#index', 'milestones#index']) do
-        = link_to issues_group_path(@group), title: 'Issues' do
+        = sidebar_link issues_group_path(@group), title: _('Issues') do
           .nav-icon-container
             = custom_icon('issues')
           %span.nav-item-name
@@ -51,7 +51,7 @@
                 Milestones
 
       = nav_link(path: 'groups#merge_requests') do
-        = link_to merge_requests_group_path(@group), title: 'Merge Requests' do
+        = sidebar_link merge_requests_group_path(@group), title: _('Merge Requests') do
           .nav-icon-container
             = custom_icon('mr_bold')
           %span.nav-item-name
@@ -59,14 +59,14 @@
             Merge Requests
           %span.badge.count= number_with_delimiter(merge_requests.count)
       = nav_link(path: 'group_members#index') do
-        = link_to group_group_members_path(@group), title: 'Members' do
+        = sidebar_link group_group_members_path(@group), title: _('Members') do
           .nav-icon-container
             = custom_icon('members')
           %span.nav-item-name
             Members
       - if current_user && can?(current_user, :admin_group, @group)
         = nav_link(path: %w[groups#projects groups#edit ci_cd#show]) do
-          = link_to edit_group_path(@group), title: 'Settings' do
+          = sidebar_link edit_group_path(@group), title: _('Settings') do
             .nav-icon-container
               = custom_icon('settings')
             %span.nav-item-name
diff --git a/app/views/layouts/nav/_new_profile_sidebar.html.haml b/app/views/layouts/nav/_new_profile_sidebar.html.haml
index 85b2c7630c8..ccb6d1492f1 100644
--- a/app/views/layouts/nav/_new_profile_sidebar.html.haml
+++ b/app/views/layouts/nav/_new_profile_sidebar.html.haml
@@ -7,76 +7,76 @@
         .sidebar-context-title User Settings
     %ul.sidebar-top-level-items
       = nav_link(path: 'profiles#show', html_options: {class: 'home'}) do
-        = link_to profile_path, title: 'Profile Settings' do
+        = sidebar_link profile_path, title: _('Profile Settings') do
           .nav-icon-container
             = custom_icon('profile')
           %span.nav-item-name
             Profile
       = nav_link(controller: [:accounts, :two_factor_auths]) do
-        = link_to profile_account_path, title: 'Account' do
+        = sidebar_link profile_account_path, title: _('Account') do
           .nav-icon-container
             = custom_icon('account')
           %span.nav-item-name
             Account
       - if current_application_settings.user_oauth_applications?
         = nav_link(controller: 'oauth/applications') do
-          = link_to applications_profile_path, title: 'Applications' do
+          = sidebar_link applications_profile_path, title: _('Applications') do
             .nav-icon-container
               = custom_icon('applications')
             %span.nav-item-name
               Applications
       = nav_link(controller: :chat_names) do
-        = link_to profile_chat_names_path, title: 'Chat' do
+        = sidebar_link profile_chat_names_path, title: _('Chat') do
           .nav-icon-container
             = custom_icon('chat')
           %span.nav-item-name
             Chat
       = nav_link(controller: :personal_access_tokens) do
-        = link_to profile_personal_access_tokens_path, title: 'Access Tokens' do
+        = sidebar_link profile_personal_access_tokens_path, title: _('Access Tokens') do
           .nav-icon-container
             = custom_icon('access_tokens')
           %span.nav-item-name
             Access Tokens
       = nav_link(controller: :emails) do
-        = link_to profile_emails_path, title: 'Emails' do
+        = sidebar_link profile_emails_path, title: _('Emails') do
           .nav-icon-container
             = custom_icon('emails')
           %span.nav-item-name
             Emails
       - unless current_user.ldap_user?
         = nav_link(controller: :passwords) do
-          = link_to edit_profile_password_path, title: 'Password' do
+          = sidebar_link edit_profile_password_path, title: _('Password') do
             .nav-icon-container
               = custom_icon('lock')
             %span.nav-item-name
               Password
       = nav_link(controller: :notifications) do
-        = link_to profile_notifications_path, title: 'Notifications' do
+        = sidebar_link profile_notifications_path, title: _('Notifications') do
           .nav-icon-container
             = custom_icon('notifications')
           %span.nav-item-name
             Notifications
 
       = nav_link(controller: :keys) do
-        = link_to profile_keys_path, title: 'SSH Keys' do
+        = sidebar_link profile_keys_path, title: _('SSH Keys') do
           .nav-icon-container
             = custom_icon('key')
           %span.nav-item-name
             SSH Keys
       = nav_link(controller: :gpg_keys) do
-        = link_to profile_gpg_keys_path, title: 'GPG Keys' do
+        = sidebar_link profile_gpg_keys_path, title: _('GPG Keys') do
           .nav-icon-container
             = custom_icon('key_2')
           %span.nav-item-name
             GPG Keys
       = nav_link(controller: :preferences) do
-        = link_to profile_preferences_path, title: 'Preferences' do
+        = sidebar_link profile_preferences_path, title: _('Preferences') do
           .nav-icon-container
             = custom_icon('preferences')
           %span.nav-item-name
             Preferences
       = nav_link(path: 'profiles#audit_log') do
-        = link_to audit_log_profile_path, title: 'Authentication log' do
+        = sidebar_link audit_log_profile_path, title: _('Authentication log') do
           .nav-icon-container
             = custom_icon('authentication_log')
           %span.nav-item-name
diff --git a/app/views/layouts/nav/_new_project_sidebar.html.haml b/app/views/layouts/nav/_new_project_sidebar.html.haml
index 341943cf833..53dbf9e2f2b 100644
--- a/app/views/layouts/nav/_new_project_sidebar.html.haml
+++ b/app/views/layouts/nav/_new_project_sidebar.html.haml
@@ -9,7 +9,7 @@
           = @project.name
     %ul.sidebar-top-level-items
       = nav_link(path: ['projects#show', 'projects#activity', 'cycle_analytics#show'], html_options: { class: 'home' }) do
-        = link_to project_path(@project), title: 'Project overview', class: 'shortcuts-project' do
+        = sidebar_link project_path(@project), title: _('Project overview'), css: 'shortcuts-project' do
           .nav-icon-container
             = custom_icon('project')
           %span.nav-item-name
@@ -31,7 +31,7 @@
 
       - if project_nav_tab? :files
         = nav_link(controller: %w(tree blob blame edit_tree new_tree find_file commit commits compare projects/repositories tags branches releases graphs network)) do
-          = link_to project_tree_path(@project), title: 'Repository',  class: 'shortcuts-tree' do
+          = sidebar_link project_tree_path(@project), title: _('Repository'),  css: 'shortcuts-tree' do
             .nav-icon-container
               = custom_icon('doc_text')
             %span.nav-item-name
@@ -72,7 +72,7 @@
 
       - if project_nav_tab? :container_registry
         = nav_link(controller: %w[projects/registry/repositories]) do
-          = link_to project_container_registry_index_path(@project), title: 'Container Registry', class: 'shortcuts-container-registry' do
+          = sidebar_link project_container_registry_index_path(@project), title: _('Container Registry'), css: 'shortcuts-container-registry' do
             .nav-icon-container
               = custom_icon('container_registry')
             %span.nav-item-name
@@ -80,7 +80,7 @@
 
       - if project_nav_tab? :issues
         = nav_link(controller: @project.issues_enabled? ? [:issues, :labels, :milestones, :boards] : :issues) do
-          = link_to project_issues_path(@project), title: 'Issues', class: 'shortcuts-issues' do
+          = sidebar_link project_issues_path(@project), title: _('Issues'), css: 'shortcuts-issues' do
             .nav-icon-container
               = custom_icon('issues')
             %span.nav-item-name
@@ -112,7 +112,7 @@
 
       - if project_nav_tab? :merge_requests
         = nav_link(controller: @project.issues_enabled? ? :merge_requests : [:merge_requests, :labels, :milestones]) do
-          = link_to project_merge_requests_path(@project), title: 'Merge Requests', class: 'shortcuts-merge_requests' do
+          = sidebar_link project_merge_requests_path(@project), title: _('Merge Requests'), css: 'shortcuts-merge_requests' do
             .nav-icon-container
               = custom_icon('mr_bold')
             %span.nav-item-name
@@ -122,7 +122,7 @@
 
       - if project_nav_tab? :pipelines
         = nav_link(controller: [:pipelines, :builds, :jobs, :pipeline_schedules, :environments, :artifacts]) do
-          = link_to project_pipelines_path(@project), title: 'CI / CD', class: 'shortcuts-pipelines' do
+          = sidebar_link project_pipelines_path(@project), title: _('CI / CD'), css: 'shortcuts-pipelines' do
             .nav-icon-container
               = custom_icon('pipeline')
             %span.nav-item-name
@@ -161,7 +161,7 @@
 
       - if project_nav_tab? :wiki
         = nav_link(controller: :wikis) do
-          = link_to get_project_wiki_path(@project), title: 'Wiki', class: 'shortcuts-wiki' do
+          = sidebar_link get_project_wiki_path(@project), title: _('Wiki'), css: 'shortcuts-wiki' do
             .nav-icon-container
               = custom_icon('wiki')
             %span.nav-item-name
@@ -169,7 +169,7 @@
 
       - if project_nav_tab? :snippets
         = nav_link(controller: :snippets) do
-          = link_to project_snippets_path(@project), title: 'Snippets', class: 'shortcuts-snippets' do
+          = sidebar_link project_snippets_path(@project), title: _('Snippets'), css: 'shortcuts-snippets' do
             .nav-icon-container
               = custom_icon('snippets')
             %span.nav-item-name
@@ -177,7 +177,7 @@
 
       - if project_nav_tab? :settings
         = nav_link(path: %w[projects#edit project_members#index integrations#show services#edit repository#show ci_cd#show pages#show]) do
-          = link_to edit_project_path(@project), title: 'Settings', class: 'shortcuts-tree' do
+          = sidebar_link edit_project_path(@project), title: _('Settings'), css: 'shortcuts-tree' do
             .nav-icon-container
               = custom_icon('settings')
             %span.nav-item-name

From f6d5196eaa905085e0897363388c32012c28d2fa Mon Sep 17 00:00:00 2001
From: Harish Ramachandran <harish@gitlab.com>
Date: Wed, 30 Aug 2017 17:23:31 +0000
Subject: [PATCH 57/57] Update share project with groups docs

---
 .../img/other_group_sees_shared_project.png   | Bin 30182 -> 21154 bytes
 .../members/img/share_project_with_groups.png | Bin 30307 -> 37405 bytes
 .../img/share_project_with_groups_tab.png     | Bin 0 -> 36482 bytes
 .../members/share_project_with_groups.md      |  19 ++++++++++--------
 4 files changed, 11 insertions(+), 8 deletions(-)
 create mode 100644 doc/user/project/members/img/share_project_with_groups_tab.png

diff --git a/doc/user/project/members/img/other_group_sees_shared_project.png b/doc/user/project/members/img/other_group_sees_shared_project.png
index 67af27043eba8252113792298be01e9489a6e5e5..e4c93a13abb23097bfc389f08014274249459b3e 100644
GIT binary patch
literal 21154
zcmZ6yby$>N&_BF{prVAR2#6~sAdRHRN`rJGjig9--L!yo=Tg#*NY{dNBhoFgOV_T%
z4FbRQ`#jHez1ItW?c8%FK4<Qk**Ry!RFq`y-=(?>fk5uRla*A1K=45b1XuYs9+n~`
zdHezUK}1DCL+a$@1c^l6+}!N$?yjw^k(Mf5US1j-!!<M#G&B;AkB&GvI5aep92^|3
zudm0)(c9ZwON)z`6STQ`pS*lAaf~>44xZlJG&U|dIsrE~=LLZM!NGyIqy5y$wV$8w
z*+Oy7<jKw11om&Nz-?r3mWxBbtbFFV$Mla*#D*Bu(X%3>cgxW=cX02*Gxz7ke$V00
z?3&Tzba*P8T5&;Pt_}ysmCe0_wI8c{yN)h#gCqNOHRbV+4#>YZE%9GtViQ#0(@{Y#
zhPg|@!42*iT}j#1H<v5xd*_uVFQlZycaFe@IJ>y|g^VcQl>DLj0-cW4BairMT^*&P
zz3HwW>*YnAf4@RjXF9{{4nA?Pt_;**A^L{AytzK~3{5vMi73#dsmlu04p~aF%owe0
z|J|7x7uz*f88wdF_b*v|%g1bEtzj8HS~0NFKD%aaS;o$mt)a?a5M00}+o9<9Bimj1
z?9cjeQ=XSjik}L*nnpRBU56HjRg|VxUh5DChlKx2=8d+nA0Z;n{6^Lag*xxkS86?3
z*~1E995X913MS3G^n~fH)#5VJ8tUE_OKU1VCH&?IWrJE~U9qHPF&s*P5Qy4BJgrlu
z0x_cPDi~L(Op#N;mRVMJPnjBR_?T$89|z)x1F?WWUdggXk(8?Q@_KV|IdO72a&Xx3
z@VLKv<tZo_#KvaD$LAv?6wJ<U&B9{J&F#X+=gZCQDj*QR#|QB6xUsT+<mdNiXSaFz
z(wv{)kCoLDe@g#01fuf%ourtChvD9I-~G>`5DC=_dox@i%TEjR-Vn2n2jb^Vp`3)b
zOz89~x6c^NKr8z0w?96xsop6Sqha_gWfoE{l4w#o1*{xZ(MAmLbVLjlp@nSpG+;@}
zNOkZJSbn1c{`X;Gv*z0CTmyy~MVA0CvtcVSG?$jP)VI4JhEN=#LaEVdDV=cFc!lQ4
zEI|HqzeAA7(`LRUyI2B8YmvJ_9lS<)5!<Uj3UW4TkQ=1&%+;}xK|xorplbvsX0z?B
z%nK-=+moqf9VKg|v()^<4LndTU{qW4B6=so-t8MYvtA4qTjlmU<FNmAwqr4R+lCd|
zpJHKt^8MjP(CAqJ5)TxG@ew(EOs6HbSQt$4JRKsbPuYJ5izRst?I%Q+{Frpi*cP>Y
z_RgU{)H2hv8{v>)LvLi~ZFuq5$EqmH@=)UcSStudO$p!@_%|YM$QV1brs4KA6ZmLR
z=8&OE<8W>8Wh@C+BOy8fAUQHHv@48RV|_fpo$%Sm*(asnS^+*(l<AE)KuO(MoN6XQ
z^WAa5%H2>OWI@xoPM---7)FLYB3~od=6P$894TbSmhDzqdr+7aeIG5hDf|Q!Mck?|
zQ&QD6Lim1s45m*$j}Cw5=Tk)sEl^H6eEM~?*GF4lZ~P5aixcnw<iOmCxJ{vm)Duog
zN?y|5t-Ok9ApPW6n(h6jy=9ytlkpH)@OP$tS?YgWJ7XnX%Pj%?7G`<7BJQ5on&)N#
z4G{?Ni78K~kFMtamTXMe)Jv|YPhcYVcwSyuwaSDmvTKtBt!NZg`CybGf#+E-ceO54
z*DLK&_TGdLw7DT!iw5q{uAM*WjvLv9OTwnC^_jX+_#YL+=<AbbScraN9rAV?{Vfp1
zK(x*s_L;mI(~0_3_D)HwsLMEp@qslXg(1VQh$pd8T3QW+`ya}2x`}(~ZH_*wMsjx1
zRXvTWigS|XU}a2RG>uP^xyR<W;9J!k<!JITc3`+?tk7_(Y$vzr@1M5Poh<Fy+MeV7
zP1EcAkYWV>MV%^NwpeqDB7G(;bI4a^rWLF3R)V+(Pvu~lPbXraa|GyjEetbJj#({%
zCv6{HXn`SUw4MD!0pDM}3@a4Bb||Etmy_rnzIJ}5yeIO>`DNa|!xK=KKA~!g<<^Hf
zlFpI9*%m5LS6QuOat(iAhGWF%;gHJQS8DA(+LeW?-^~WBBL>!pl~AAnNLq?cZleQ<
zvG0wm;1VFL>nXm$${cOpN0%+0&-<H60v70d`N;3J@y>m!L})IEP81wb&zij$7a#?m
zpkfa>gZgK<@&ZgIp&XAR76Q_28$WVWEgN!EnZ}K+F1ABY@6jD~xtxvMAInhRj~i<z
zUQtGzyjM`3O+RdV2A6NNMpTeiCvi%jP5dDPPgCekW9<`Wo$A8ks>E}bX8^QM{Tv_{
zS8uAn#J59ljksIldfJjdUCFm%FNbi^*X2lv?6=@?=R@1Rw5k5O(Uo&2E~Z`4K2a^)
zgunN>QJ`Q-CNnte@~aUaB+!ekZRJv;z2J?6H3a+)6560n-QV$>jjpWZIFA_1rZ`+#
z<@qZ}YIrC0;{C?u@mRgj_$#I((-pexWzO{s8;ZiyID4N#%$#L5PV82CbHFHdgx$uj
zO|XW&mEo6*o<`)kFFM$XK7mA(Y!3B<P3nadEGLT2XXLI=#P_AW)%#QT_M_ww0*}PZ
zEAzz=)+1-|czeSq$MBHbmTP2s7|kk4gynOx3H#z5YlTQ)D0-H)BSs7nB7u;!LT?0>
zPK3rDY8%9&y1p4(-3A{7J|%A!Q>Gaa_!ug|O5hNWoPL<v;I$bO4@iA;@D`(v0IaR~
zw+u4_4wIG)^>)481R%L535O3x8a%X(jAA_PS}mC`Oe5}=9;9;;)|-DUc<@V{)C&`c
zk8dni;o6WKmgv<`SI5?0tR?<AYx>1mOT4{ba&md$t@3HN`-;VULVeHH3e7de&C7B|
z=~WuaX%wud7Y7=kY7#qS5hD6IlWzETT<!a2S&M&qQqq=5(#4X=@4GQRbesYLCj}g6
zUu65Z%Usrki<3pifhb*!Pp6H*hD=--wTkbu;!E$8_K2}rp+l!Pm0ylt-1!4QW6CrS
z_Y|h|j<kt<>0yr$pMkT7<j6v;Oy6Gd@<G?_&ANxpg2m<m()Y*rk_OHc)D@rt#19MJ
z6r#wz#3?S!f4(ZV6tQ}uzy&_|LB^Xc-PPd1=l!SJ{WcgVa^x9PB-K9-1S!=$p&n0L
z8(cbab9ANWs;Smp^nG4q(Efp(LvRG?;vfiW%}g80{c3~JuUO9kP4)Hj+i5#Ghc3%i
zH7EU{x!$x3KB0cM@NlH0Gq<^y_>73Zb4bM9jZ@jVrN$SqC{Qsi$|*s+V9jtH924*J
z`I?lyDUPIOp1CHSlCJA-j7VQrq;?MegydaiLo!^9l>PuA8KtM3w_+LHMlj)ByGr6X
zLW_oln!qwR0SgKTDR^?VXq#Cj9(WqfrS_ZR^dMSx04?yDnJF}L^qqjaR|N>W1;+2V
z58RGlE_&A<_jg{&r%3Wmngm6##JhIci?*+D9s3Il{!9g`W3vrYG>#Z5<DuV>f<Q$$
zq*chkKW0v>pt)q$7k49}!#anD2lTyOdB-L7D{|;mkZRICq&2@=!tWNj{J{o2+8_yF
z@}#R^U^tJamV`r=V?zbEKxs#B`exEbKc=H|$KRt@qAow)l4mtb3^$lA{{1s>%xmY%
z4EnwomRJckJ7es8>*9qX{3*&?Kl-z6=?TGW1Bbkihy$ES!(gWoyIW7Uv~ngz5i$?A
z-Ck*osx+FLGY`#i%zIZ<XiP-`sl(ri(Oj{do##Y))AWNUaaA^TM75o+)`-1I@K>XR
zlDnf~jRC1^+Wwkdy=0}q55lQadf?P@ipp<s22_X>4rK1(>{+6r8E9FrYsY1$y+iQ$
z!`*FWS2b*|ksLS^fCEB@ZGy}cs|ARWRLQla(leHXL+G-%QDAV*fKv=W7J2RU^L4gP
zlDwz>)BMLpMJY+2aP}AA;VePF##raVKEmoV9eG#oXrzhT+&BK21dK9D<Nlsd(jVBQ
zf9=WywMj*F&162k{EVOdT<*S~SJc7c{V|0P9}Y(|)B1??IV1(@BdEvT;c|S%@quI~
zKaoRFSaS(4?JK(pU99Dzyi>mPn79)r*e`8NwLJryV|@?OV~qXvZ$Wij-XFbtcDsv<
zIsQY~Ox(`5skpn9(@u=pkX5c^k93i;V4?T7<<NDEpybjgi9SvII~6<4qkUiQF5|_)
zt?D>Z&KL+N-Ba(>yaG2inI*FGs`e|v!NvzJn?{4>HHS)-e^)Ju;D90Sg$vzb(NAC|
zofEf}8$9qyQ&18c{kpv=*f(2E5SbB2LcEl6xGz3pRbM{g-;$X)>3fU$%}U{CnoFMW
zvV@qKGlfPx+YMJlcA5!8U~}O{(fD=0k}_AC2`K>!*A<&=2!1vzD3_mMD6}v_j^hO*
z1QMawy|`UB9>T3^ktW(HH3oY}9E%1znPGOba|hgc%7J51z&C`;Ssnh0%m#ednCoRw
ze`v@3SC7^ECV`jH*&2+0GIC{L5&`BqsA_IdcL`7NC-YpTZp|sV*8Gd?;J_fCbmfYL
zB&MN2>3+9Y4EvZD7Ks7Rz-OwI)z859knip@09kKV@j`<~0B~3Ds$VR-_xELD`e8a?
zcxaS#u8|~M*jkS=4LEZT1vK9wE)@_%yx9rc;?q_(=1kQ|8*n#cOQOzqv4^5R{(y<N
zWzo_w0;s|}|A3%-&*O!k>I-esa-ZuDgwpxBjub6~RpP<!K6}-{6|&S<$o@O7Zp!5S
zfkS_r!412O=kP<mNOuirkUcZ_nxuW_>*1TZq_0(@Sw?smmzd5Z+6@WwWAXY0U9(NZ
zXy3F`e~Rgo*Bh6Q`}6{j1V_G?nK6RIkM$nsr&EKvR_|)U1?i#b{z(;}TN+T?E#v^c
zBh3>pWd(mF+Ik$S5+@Z{IIEYO^*21?k<4GBhlbp>369JG=`Lx-J6Zj#KC8~sLj}*x
zM(5U!;_+ANP;i&}1!aWGuSM{|hUqUbsgVInz&P^I<BNviqjtEIGA!}$X5R+h#GaZ~
z*0yHa1joV#X5cw7Mo|I7=a%^D6*YbA;imJ^k6xiE+&|psivuZiKFsGE%N(uBw7&=|
zFvl~(B^)ykx>k$}-~mauo|*~0omw+`e~aiQAJ0B|XX1gKcT1+7<A~0Vw`=kqVnept
zH1p8lDP2UHETW5KVDlLGHd^HIM|B!B7HN_Z68TK!;s0h<(kILZCh0v($hB+56J+I%
z4)A>Pp0swYUnEQ7=L1xSems!KNy=3E>6@sK09ve{wr{CVsh8u9e!m|5C&Y^$gMh|b
zWOll3p5%AoaFp=iZ@CxQ&h9#J;O~7*uKRQkYiqWL{h2PtmTtk7pVMOfUHHPr`qs!7
zmw4dV%&FHKBn~CMuhsKF|Cy)#V|gzy3nlS$<99wUbniK%`3eswM{|NbDHaUE{~)o<
zS@q2#S(h}-`<;UUJP8a32%y`2T@@c@=j;v{FrQ|j2KOaL5DCNnMMR)6i4oUD2KLRk
zkDwqC&dD_`UTeJjw(EHLFgE6$J2skqVdqX;hjGehi?WfWVDlp!bX~ngSbyRjdv}4)
zUX-6yyq1wUU&=Q>Rc=@hM3mUn`7;!SCD*Zji6rf3dPo;ncbY<`y=%7-^jh+cMg{LH
zTnaY6vx$ymh7}HE^nCQ+yfi8~Rr{D+Fq&cemvP3wUSQF8NVL1+B;*>sJ%%xO+g7++
z&v{<6TttjdZK--i{cszudH#bbtr}jP_oFWs?6l$s?Jmu@V#J<sk)egAe^;@z#Kk<y
zRvG;v045BxY<x=;boCCw%f?57&O)G4jI!Ef&EIOc)mz&)9m1uZzJ4AbkYa*QqX;@l
zI;*eOfngDMw5#B{>n{VrQ5VLOi*ZY@H)wxsYJV~RB4LcbSY#}UB}RW!A}0K+bLE&r
zhKwE!hi;hkh~bVzihVl$QgYR}jm~p}vdhY#>$ogK>m<45!t(wXV?UCvdTE7+Z}J_@
zboTjinGMd|%n!+k*-S&MG%~&g@hklNyxF|C?K<N2VdQk7!R>yY&waB7OGTh7Zt5@1
zC>Dx_OI~6t_cE_{B*_;9um<XT1hyebsC>?(i*G1rUBtpf1Jgz2<D7rl?v0h9`_T_2
zAqtu#Akd}Ipwrh*Ah>kFxuw`RBjyiII?2dn@$aCd;eEof2E6NFJ%PMclVe9mxREi}
zDK$|?!$GO!3TxV4Zgcqan;%|V!n{|{Vm|SVY9!z_dr7Ri*Ue6gEv#pIS3PrE?$c=R
zvws$S)r$+c&zP94E0Jg26&qyQUY*lZ-ps(pGD85eMYN<DtYazrjq>H9wJu13$Gm>o
zmV%W7n@g(qFu$U64rpXyqPE|b4tBAPI#u4AhD-TnC0Ci6n`k)%u+pN-Ome#!QP$HW
z%RulE_BR{<Q6S5Ybuu<6k$riHwiX^Mb%RzcX!rZ`ihyZ*!Qg;L+#v#m?In1YZfe}G
z%kSWQcmlO15^r&Jd~omASBY(n(6#5hK{WZ`U1AQ#pH<J<6GsDsMms61e#)koWmg<}
z_f8Opj!aE@c-|~B>Ys+Lz&~$FO(mSDH*X*&#p-h6JE%RVe&BwNc&^5h9go<QCyC`G
zuX@a3eKDDCld=D+?AEe<-=Zk!X1y&wEOQO)@U1kpI9sYUc-Ne6n(953)xHK+dqlo4
zOmIU(77knXw7H!#!i|1ZQTf&_+vUiY1iWJT?B9sD9c1DDC6nXX2ddsR<<We)!O?>7
z^^l**N%B)>@#KCm6POwT(mb1|6OuJ-v^p(Xaj9?kBtIJDn)tlC=thNBP7YbIx@e2G
zT$AR+6JB2Z$opBzJ?_hDi)+^Kn|F;h%h@rhF{zyWanvF~liqco*(%Om+q5RC_`Qp?
zecP@q_yc5dpV`#?@OV>fn=w}i=)1PI-p(5C2D$+;Uz7t^1(Wl~=fJDeEf1vA;mO9{
zyf;_+>oD4Q;D>$lPQNrNqUe1q>97p;pW-P#W>sQQJp{}@cD>ys`S6ab2@U2$w`!y}
zEy{ruLx#EKx#M;+9LidE^mVqPs&|;ly2oqa(I7u6Lgm8vQ6TsQ{CGP5MtO;2f+t(9
zi%SEBQ}94eEW2Qs5N&zm{T~#bh}4+vG!mkQ8%<b`w|L>yFrhq8Heb!m7f=?I3+1-T
z_^^Fr7P5$kxif{-9RZ%|8F*@Qq3BVU4z`+z_4vyX1SRtMJzTLr*GzM%Y{w*@HXOpC
zG*RC^%IAE2wU9{N+G;)@ltA+PRp!{4JM0^0rn6g1zsShG*%{yhGpIF?)TDUT-0yeC
zqEcG&g#(P_^km6R)v3FwWoh%d3xYhZ$`vtJAXZ+>1a$(?O-@~_+S}9)V-#;WE>Z3X
zpN%|B9Dt@uT8jm!>kZ!KFZ8Hi1qY4FZ02FCm=y^C7lc~Ft}y>o^FLn~qeA|SgIidw
z*0=*HQrScHEgl4d&{q4QdU-7SIQV(=jP)EK2G%nUX?&_L#GsimSV0pxyTbViqn0@&
zdqaFJmEH|-c}Wy4R2*%v1$fgX#R6{neES1u#)rgS^RmCVqA9BKUb~dY_lDNrv+X18
zD`W1S4S2638B2@%BrTS-T$2Ew;i)u^Ma{fyz-_5O2ErGi!!Ly-z324lN3u}gR_s@t
z+*_h--<aeZ+hk?)CT>?c<qQ2q?$}X|=UrTEJ%m7*jYx1Hi6jsR5)UE@dXYeK04xy-
zfeg+h{4WtZK17gW>Cxqm91_?OH8SA>KMYM7{b+wTLYMgDIV4f}!K)vp>11(|V1Kw^
zx)51}*L}#~Ch3IQd%Mp~cEjV{8ClFm$lj=3^*69=Syjzig%fna)2T2W4RW&iYW<l9
zYLfjF`>zHkKb|k+eHv0|6ojb2wq3`fCL6Wte7+M7o-OiAe|b#K^773jFPEU)$=y@Z
zsqMp<gs}&@4reBnL!4|pe>!q(Bh~OS?P1ezz6L>ZgaC$${yUW^h)T{C;Y-KxgXJ1$
zGc!B>6i%O9fck1-!<mkOU0aq#UtX=7wzteOZ~UWCTJwEK?d@!8tBr!Hp&<dk!|8`4
zp5CE%W7hTReNMzG0FY7mm}?Yy*=T0Zkzjc<j|;Me=98w&HdjhSOR?>trn}gMj|0C<
zTkQ2&!%M&d*Ng4r-F#1ZDpUh3e?FB{adfdfo0KgVg9jOzIWIR(8Ioa}@n%=N$T;9w
zad7$!r0E^cyb2R;2yz=?B8N8Ysd8kuc`~K-t7;<WAA-5*rDnr*4BH=7V1BhsFD&<5
z4YPi8$5AN}tM)26NI@O!_nR2Ki})X(XM4PVOZ#3j6UQG-HldV17~gyW-@Pgfb9Du4
z=LSC^`W#K+?#+&`D;M_d7G=rUm&1#M6cd#X@KZou@S;_FKB|$J#7FEn@@v2kJ@v(@
z%zz(ZEL89B4W_K$5jYWk#*!d=%XA)fJ*^n~gYNZP$WI`S^PW*EY({vd0!hTVW<Jb*
zM;(SSYBXBPe#**d-#hXUCb-~`#>t#rD+n}K0&s!%rOn2s4wHK4qnyy0SikO9ZY3J&
z@A3n=ZK<^X*-nGCJ&tzis8D(dHA9;><lZ7Isq2(WHB^MDH=u%-BpntKb7H0r-3r`$
zUM=n)#9B<bQ+{NFwzq+C?;@k3meSyNrK^Bd{JC*7P7d(B5=br-Ew2Q=!-pEU-;WR-
zer!W8g=;TJiFptxg3nTgY4f5|z<#GM+wT>~oy&E>$Q<C>uAv%W$&G^D?d?VP2sba>
z5(RlFb>+8H@77-o7qv72i>=)sZk)a8G%H4hFCBg?R4H*h+-tJdt7pl+IvU7nTlPqc
z$+*qEoicXQzFK8SJZO0xApFYhJxqP3RpdCPZlj{a_|Fi9((T8pg#X^LLjUQynb)&d
z@n30FH|5%^+0z#du3DeZv+iAAEe^@JC)C^87k-IudJTG?e%yc7^B8KhhGu->IVihs
z4zsvp-@xig`dAYzlet3glP)0%H4MFx!l!S4slFaK%*^}$s!~(0ISL6~5hDxtQR#g<
zl&h+1?ws2u^XZM-GIBz4TsBSj=Z4^hv&+N;AT3GyZYW-oPQ2*-B|J<=z56qHq%DQ(
zGsqx?@0w|4o?hZ%Xr3bC(+$Nqo9^{Gj}FCOYNB(V6&-BH(Lp`K=$$-Dr$6b5O*ZGU
zL^Zs1FINs(KA3%XCVc6w_vK2ez~a@4Q&Ny}waf8w*6aCIt2BcopN<J%U1W{9s*p!>
ze&Iw<rh|d6vN_2atcODb%on_D&=ApS_Bv5fr{4e1kfLBHA~io5ImFRYX&ojb=i^gy
zo$}x?=|ZQ(hQsJ7C&hV>e1RQi&c;dmiuv5%Km$AFD^6@SQkkf8y|kYi4_8}95^2JI
zxrAYNVPtipVyNhSopF^U@_CECjz}~6FDZ_d9gp%H1e?QMzw+|yEb{Fo$1D+s(-ri)
zSMm>crjI8x1hv*PuZ9V+ZZ=N2b{+90+1F^Kd;YjZ&C?#4ia3tQ0VV>+6js<vlaf+)
zQrcnaM%r4F<FB*XypcrHG}wrqicTT<m-#}KKblmyx3Jv6_WQSy@`o1k1;1t&lkoU{
zm|D$c+#3{diW|hL$#&~(X)a3Ubk7A=?HVe9q$ztAGQE~j^66j?r?y3XMBs%Rty>Gk
zAKgP2^3%l&oUCe%yLwpmc#rbNqv{@q5jPtY`gbf7?<8cxjkmrCQE;AbgfL#ZChU1_
z1jCjCwi{vH`J^!q@*$6z-H^{7*O+z~YzQ?x%4a*6qI%YI{Y?3ywu8y@Z|k1D^~m;o
z^Hon$QNm{Rf`PEg&hFkrPi(Pp)=e7wB)Ij3-$bv#R&{luAvcS@yqNJxOy$Rd@4VWN
zx0epDHHJF8HIqiju+V2|A+6sq&#!$iPbCRhv-!ITx*;xCR#kQ|r`OH}z3bfspD8~x
z7Kg3>MB@0{m)x}~>UsP=yxycL;dG)aRgk{uyZHh+=f5Q$yNrkLX^<h>esH!@+H?WE
zV@{!8eLKFcy%!xMJFz6!^$Kl75Xmn)R?3)-QxopvqVCaE_`8TtpYILju4?v#@WYr-
ztX(fJWtXZ(pRA!->b$M$yRoR-oTXI}BBFd}Cd-}nb^ZJ@hR!_oehItsih~V1Nk)jN
zPvG~VL=N<!2v&UN+vZWG<`&>3obIB*M5549a<S#O@vH^`Oi2F8vi4xX`mA(`7FsfZ
zRk>L^d!Ha*`3T!FuUzGXwcUkCieP)brJIyq?Ive7qc?+f=fh_&lrSmBub_}Yrj2c6
zLhjH|5tN0Gy6A7fh4~<-kwd0^`tI4vQ<}0Nk4zE>k{n%&emB04%meWb>)B=O8{e}V
zdDsh7ywOK2`z=yJB=I)8+YDq9`pA}yVDs-a_J(+@FdNURe|y4mO?|mrw0*J;)vMl)
z5khjq@?YA1hMs%n05<D`Nw<EPeYBq?4J^%P9I4)+A(m0$#Dk0nPBO{THrD}`0!Ipp
z358h%kX%NYX+d%QQZ##Iq)H5y1>OjpPe@>c5(n$L$Zc%AL;j}$*%kR;;=itB4EO)K
z64D!rby>VT<A;%fsvQvH8DCxUcb$+(cQzK$oUKMqMSleQhda&qPQTP^%IDzsIHd8b
zI@dZG0&kNA2zd@#wI3s{nAF{P*SV`vpqOTgZ6>tT#FtyFxz(l>535M@p8?pWM-=SD
z`)3oj4;rL+_D?ys3&J)&*wTT0hP4cvzE)CJ(%))>SaLxBckopb7GLUqH}6!$vKfyj
z57WqoxuYEt4_hLDnHl>D3d{IQDmb~z%9hO_p+6ctqQt!Lv3l{H#)j9Y?kPWs#FLdb
zl&+4BkN+(J&X)_T8WK_vlvR?_tUA<~a%f-Lm&G&17nxB2e5n0};lP!`w9l)hFE-E-
zww1cLuXaX#+0_6x9!ZRn5CNWi<V_QO8u^!O-=B;j%LXLt>8yQ9KNLDnz=$#PC;43I
zk0lx^U4UQzY9V<EXjuj1p|=Dk$ES`{-$tCJ^{-2nmq`g3UZh38iC$ME8%#mzH)q#j
z<*y`7>eH}f>kRBG)L*3~O6xf0P+Q-|OqJg@SS3jquzexlG&iu8kc<UGovtp4)2P8~
zt9JSvxjSlnG-IrqJZ9$fHpNa8u`lW~L2|P{J%(;5A8GmzJA28jVHc+FTq2oBCFtuY
z`xjM6c$jV~y1uLcu2dOb;dd&zaoROVC<teGr|~n`HELZHOdiq&ODk<%@404%O^<Z5
z#ziA`tie*jom}Q@yXEVwLz*$EW{|=istHpO8Of~USDm7Jt@~C5_SUl|v$)ShCu4Q(
zSWYsTUOkC(<j?MR0Eyy6wglVFaxkwD`df@O)0g*Fsp1XJY`c_h+sga$RnNIQdVY2O
zBv*30HdF|{PbA@gr@v0aF=r2DUQt8nrKitkkPH%fuPN=8V@XDs)zwwq&{0L_LT0G`
zRqJL(jnHQFJ`Pg-nDrmYW&`+R^Po;I$t`gYIVM$)Ge|)&7|JlWYnWJQp`2b1{QWzc
z6MzmT;i&eVlN<RunSH`0U^plPc8Z_dB&M(b>b{i#Q-KW<QZ&sZ*%qKgN>&QXV*guk
zyvo|*{@Uk5_60VWL)*&iKKZhtDVC*4ML}lhs&yLqub&fygA}kya#U{ZbrqXx<y2`~
z-6-KJg&bftC<0Ms!|oX8I<>1ys#mFc=R})W1#$G_Mq_op*IIK)xb>Fa4XX_OM=bAp
zrQVHaUWE^4(f4A$l5Eh2A~6Q-xFJt`lkQ#~USj(h*up~+LCfFPHzmiwmFHI#&;3qE
z-`7Pwznx=gJ}2H2IP8?K!leI%5RFH`m*UcyNmiURv{iX$R)1A4$@jH0(-14SEVZyy
z^wL>m0X3}wm^zmU&rIH#Y4QgZ;)gBr?tKl_;Y3B%jfZm{Cgyd=!#V)U&X?I7ABl>}
zOw183S{D$E`Q0)gaR2q$>6XSQ3x+ZA4-RUG%nQV|^IJ=&?kQc$_rfwE?_5&j%#d~V
zpUO~qKlKNlKAQ+cvubL~iz7LV5#|0K6{XqM@aW9a6mkfck?+rm2V>{B1?mm5kPct~
z4@&*gUJ7`PBr@Im_ZTK>MUPU?)17p-<!Iyf@dqIoA?hqWBI=fbbP_J8F-)Ye$suKg
zFx8%?rKzbcEv<&F0by7Pr@~x8bG}q!nw-il$FqIEKFNfn+V2ay)!i9}E8f;x=Ir*B
z;KMH0R!Tb0Md1z4@K>B64)VgtrhPw%yIj_dU0yuF+=mQPP#7%&{-C6@^I<zRhJnB)
zzxIT#YkpCF(yrUfb_srH#d_S;F-({`mX+L$wjB-y*S>%kGnt;JG!-9}inX2Q+T<H=
zC|LO)kPKqwEK(l#j1X=B76<N5CuL>U6qhktZ;cr5qR7eZhOgEgu!1-zn=d4D8$th!
zL%HFZO|Oc#sbg<66}>Ys?|zq!<dhoZl=aX=9L`7Mj#oZ@z6ozVU&(DSaMjj?pB1#D
z4*CHL9naMT|9>VWG1&qKcqlw41hQHA<ia4jPnW|t6>(}nvkAoboU}ZN$HMvOLzr?>
zGdBk33h=cY#`uz$PWVhtJBPKt)!A$*>jy({$cfenA4t7;3=uNw3nD`~jU%XP=G}U|
zkFWFRGrd1NH(>8beChLieA5o+O@p_&1vz;t^X9$s1j<weU8S)s1bp61&DaEoE6NbA
z{HQieF^_OK<&p9JN~*mLz5Bmi2O*W`iQoef*9Tlsm4o^1fa<*2Tf-@&#zRDEtjpIN
zTijDwk2`>lu$Fu*hVi)NSA9lI_{Om3+s>!{&Yu5>{z)+5EQI6!dnDd)%43yg4{ahA
zs4=1zqTM}`BEyN@>73;$RNizC;5RFrw_F&<9$mD~O!D4Ti1UsemF`Eog5rR9i--pa
z-xxL3wBWVfl4Tr^MjmWSJ2t&kHfR0(@bR<8vsJCY&@0lRl*L!3Gj`2(wMknqGq3%M
zPczbl)*G@%1?$HX8Pd#VNMq&n7Xh`@Qiw4Oaw3&VvWCZ%J@{MLXB^e#4nl^Do^^bo
zq~OU`P@#cfN=Ql(-BQCTDrHzMsQ(4sFyS#ys<NW!OTJZ_=;E{;JY(1iPS~-xyENUo
zz%o>xOB2Ec9VU#_7;Kz<dV<51ec><pl6%~mK+*UUjxj8i<Vn~azRWnaDQ^f0ulUmB
z4t=2Hp1l`I2Y|};t}lZ-29AH-SIPq+ciW#Nxra%HA5m8q`#A7IP}E1ri4UGjQ_XcP
zNePYSuC*V$UycwOzx|c@nTn$NnLqX{J7e)N&+S~us|l3>>`)`MD#KuGFy5|Vv?7jw
z80{&uYY*33m=xI4Bv48rK#_!qq@ZRq%j~i3$naT!yRM17-o~_UX2XEr?m}+=kdDdB
z?#HH<W8Z0xwr59yg>^P(gK+HJ1e2C#Zrh=~ZPVi7P@Bs*dY|Wm*fml%BJEKW+ia|#
z_R>GqV{De0JqF99zlaVn?=Y?<^p-810Ntd*UD-J86)eLfAi?p?;QK-<__14QTC27L
z(2axstUv!B4X)Nh17?4}Pz>MG8F@2LJfc0Ce7?hiNvkugs4(!v;6RKKboTN$Li7G-
zXrJYrXPb3J&5xNV<uG;SWOX5nJNiEV@nkU7B<~OURIPtnVt<guyW(HYJR-wx_;Z-Y
zowpAAwWY(m#R5R(yDIs-Z`4BJL4HTva>965V4wJd!-w!n{#zYbQ-K2PjYVSw>#f;K
z_vNCCSjFF?a3j0w2wL??oDN_R5-Cjbha4eagYhigjhX9-W!b?7mMg?PYnQ1NZidLM
zycy;QQNVuL#gyO=Q#`aF5QcW8!c8e83Yqc!v1f0nh1+>eO}v+UX+S5?Ja8Uk$l2mZ
zKVlI)G_1aUtiIp&{EL+pmFI&r9%|)Y^-1}mmss;2LQr{d-#mfW$CvD6$t&TfoAd_l
zBad6V)C^B)U?$z2&O!}c_+8pgJdC4=$@ZV+eX1;YLS=CiDR$hqAY9qF9l*nLfRUR$
z1OF@7dvM41w#?j~O#4+IJO5>njYzbtCza$^u+;k5JN_j|sxpf)qHFg4JKgld2v+Mh
zpL&ow$wAq|9U2Kg{JHD(<DmW53WZvAM&->}+_&E|N;@+G41!jO6(jiemxp(?et9=>
zW461GkE>y0h13uX%N^f^HpPH%PfX9CTh!tfp$hm_;uz3CiVS#2xRy{!aeB=ZF7hJ3
z!6k;6?u!zb#vSA%XpMMd3d~~z9_AVV@~1L=JN%`5a(0&b+w>z$*{%1*NP_cUCR}L5
zTQ@pEDo>e_{)a4D(z$P}VWvC(78Uq|%Ol;4R%DCB!)L0gwu{C@S>N($2MjN&{k!WN
zZ^WL&g86T6(!Yb#XY}5sqW{(~c5puJO$AR4mH44ao;WcPV$Sg(vw4?5HZC6&yLAwh
z={nzvx}Wu6cpQrU)w9vGbOtHDm23STqF)FwSN-}E!n6wItz|Mn;tx&|qKE>SF(U+g
zAJ(K_H;(n0aHHUyJjfWmYsL1TKr*k9p^@1H@qdhZN6?Sg`7-G-ag=9Q@eZbkgjZKY
zWE(D5JxwTbd78qu&>L|~TAvx>@1M7mxc@na*bsRZ4UZwd_{Dr9{k9KSlU~_0YgMi}
z2>aku@LeK-<yaqM3uA(#kis-y!N~JhS7`{lZ!Clzzz(Drp(Z8v5hne%=WgyWlV9n3
z4`j^2(4Y#P+}jm^T-~fHChq0crjgBmK)OQU?U`O}k+>_s!=F~Nx_^-!0;$)5#LGUf
z(;GOIC^OH2m|L76!u?s;NI9>O#@z**aX7TiJ6jw>M)0E&0zs)mziC%^DbXtq^fqRi
z_1U~kBJPxY$vB4SrBiF3%6>Lr=%p2ly(Vl7>w)~4p4SE+%;SL`^1LD37M%l6q;4=p
z*;~U8v4v>|r+ZV|Yf9jv;j;F-$D!$fjyJ14p`p7mBJ<NpA%C2ctsXT$JwY?&X6sYu
z@u)44mPnymgH+B3-)4S^%<oah%>pIz$*=d)@i1vVO798DbXhAdDsC-vy|TQ4AB!av
zP8JKK;}}J6ouu5EvDcwVJ$x$aZtH99`-lG0;)zYs%EHc)g8Hr(9_D`2db-TqmtSQW
z?2#<HkzG!cjxc9-JJ%O*<;u5|sU(243}x-JRzeJ@xj<<6v-yhcut@`-|8kMaszt}{
zWbs2)wyjG8@o;2Ya$WkP3jHFq!;ITy#+beJl`YTg<1>Qm_MZJ9QS05gdeSoWM^=ey
zMN$P|h=_K1Y|1W4M!1C+#dP#eqTd`gi**1NX@40~X<3d9!xm^>FIc<!ii+>@Ej``b
zr7s;Vo_RUt*;O`4ptV_Sm((9Rsk%PGj!?jBZFoEx4fQBu%t&8<9CctV)$~y;)xN_j
zIJs@T!mq)kej|8^?oe|VIQc$82oW7&;$vVz+d9hF2bT(`@Yb&haWH8xj99vE7&MV%
ztV|kMhXwK}U6>PVl)gQ^&!+CJi5klJs~)@~@7WToH2H@{4wXQ`p<9NxJl?E%_D`fg
z7#;wA_IM-2SIhkhMCFCV&aq%L^FgP2`B$I8dGuaN{OB5o{W-|~dat}<rsfww7xeh<
zbPC0b@QgF*q@m?~Tx`VXEZ&JP{FXL7;(^MONCf*6EJrAYWAV_U_nJD~ki~-cn(7SE
zBib8;8=b~J)v0DhiOA`KLpK}<*NQ^#fvox?f>!on*GkYPr7&#C?lKbm+(-Zn155Kx
zJd|(Of;#|lSA#KtcfM?#?!yRE;IG{ciRuMAqk8Nq0T)zghzfbBzv!DMo#~E?akV}j
zk^2a<o2WG(7k)h$zaP@N?G;#ySu07MK(V6h|74S=a`rV?IgSB|a^R1PrF&4MwH8w!
zJi^DY(dAzOgW1L+^<f%nl|xMFKA7<rjbolnyxBF3MFSusk9JdU+l52QYnyNh%)sl|
zk8=lMVE0<ve0Z8pp<MMajUv&^8RudF(Gd!{viUD6elfl>G<{L2*!ib0%~3t8GoVp`
zD~<Bin&l(*#&0ajE`OQ+D|`z3*#%PGyVfT?xDW_p%EWiYg)<okYtB*9O9*zCuoux$
z>ew~_%Zzmy^51Ltzhvw^{#0d=|081=F$U%x*?ZH~cOa^_@m0BIJATjhZ=D%!YJSZb
zUU(LwNYekFF!7LUgSDjjjHez4DSVG3X+Fu6S_RQ%{I2v==s(hQ|F*LY-k>`L%zER`
z|B$Zd`0|qLzcNGmDxT(~i0b|pwX~Tu)=`<vW#MUl!1OJtr179f6=e~i>gr;X6Moy8
z=3CpnpJ!LN*?&V@1j3dV^6i7hJ;rAELl@u(Utl9S{V@A^B;jCpH+^OfswS{cbfk~A
zAD9;%2{rtU|4bZrvBH}W$Wl7}9c^w&#^7`qzzY>aO%Q&9t&p9End!kSGj@4~r>76?
zE5E0G72NQq;>SK8f=vRqD%)7D9mSByoOb^n4&mrw3i{!q=cj+HVS&RbKE>cqXS&v}
z=`Ci55HjDzWQmpv9}7RPPM}?Rwod?3lxcqj@)VCy#P6f%`+;VxIj&j2ngJpH!01fK
zFV~5^WY$B{(ny1<$(IqcW)-93F9%W1nYXor{;}%>rz;nxA4;Bo`bIgT`B`KJgEDk(
z`GC>Ji#;<+V#i^d;s53XIjZ^2oQ*?uJkhBj@Xx1PpJ2D2Dh)W|)`2Ri_TZQ5pLUHm
z4<V&VJzJkmZ*WgXaW`!X*x)2TV|r3n|EWnA9if0ad{I`4LS(|fzt=Lwgw>X5d0^OY
zvl?a)zh@D=Gg6dAc6mD%`M*AF3cHsxw}oid(@JBcXQL>L@r-3s4@r&PzQIN;x^-<~
zq8SqXZWuB%m`F~I!JmV8PRHiU{DI25EtiWfopzdTNVi$;Y#XbyjJE6wgC>K=Y0B3G
zWZ#zn{4`|}ETZlV2r3_Mcx3hU<KKJ6ct_+$wNzXNB{T2+aE{`u2TyH<7K2E+YnK1<
z6Kx3@3I0T0IO7O?>JVH0&c%~HJ4AgP9WYJ>387ck?`;5Y^JLp9Ziv5N({skCVuDjH
z<O~dkLJ~NeLQNjE(;h=DXy7r!mY0m`zZZH16B?ZEY8kp?8Q+aC+6d@=9>*6#Ug`2f
z)5Zi$fw6mlyM7R7O2_mJFbSYbrGIbjB{a*EX!<wvVL7;oOd2f)_=VJbg0)RGfTo9@
z1|u?-EnV6QZNJ8u_61&pD(xtGOj=<^aECs(NqB;M@2oMBZnSWi#K?&@IT@9QlBZ_7
zQ<$ghwp6?^fdKn~5O;gTnqb=4s8sEU)+GqEemmiTeqceUvvOnt+gs%Q!X@B?Sa8Pz
z8;bLs!<Hgl?-%&xS0bbvG<m}_*%8qQ4mZz0n!kM;3mFury8~Mj{ea}Ml7Nxm#7GJ+
z+@v)w228BWycrr@sx7`Rh4Tb9UH+L~(M>FfU01X;lTtF)SoAaH-A@ET{h};^D&tWG
z7H)V~$hPXQid#+$TmzR70i#MII|Zi|O%f!0yT}HFZP~q^IeBqZ^tCcyKtI3e$}tCu
zEGAJO<NSTtk?#7T;edU2Ku?FFE<A}O>g-mr**UY3jP)FPX<K*gdV8As%inXW!A*vu
z%!2mV#*?{savm-0Ie^wnmTa2xUwL<vNk%L%W2Zb%EQb5_uZ>PA(v}t-8C4PWlxSzz
zQX88Y`Ien`d^^&*sb+4Nnj?A#mQeuFdMUdJ%&=l7&@)pyl>pD2_f92a)~F`o&ERHC
zWCi_-xN>OE(!TBxGt0{FaQ7DMkkzO!-lx7rC``fS(E=U(dAy-h3Uw+v4fn;24S8FT
zFXzFXJ~5-cWWVM$a$-oLefia5MpaSFsUe{|)!djDeLL??h=n)Tf@Pb#?g41E?aOjR
z6x~+pjX>$KW2MWqfI>#ar7_XY8dF<k-SSfg9`y0glu_@#gaZk4-&-s^PT<2>K7lJQ
zMGfJ2rl@B65OpKj?-O=K2IT?_<CX0{s%Ef5T~&*oz-abI@2j!L7S=I?4RVhl-*{Lc
zvYyxp@&C<((K!DNgRygBECByMq9y?Zdn|(`=I8rHkTE^E^>1j63%PXFz=PcGQi)}}
zo$3$HybHv?{&*nSTFY-l+Ocp8D;qh4#|*{Jo|%o<u)-5Lq1ci0AmO)bUW3chtQ7Q*
z*AI-JYKi*ej0EXN22ne3(+05Q@)D{;_TY!sbTUu+paR~vaAUSa;g!3kVIfZEa7IR(
znjd#xuvFgRaKcwmda2(}6RUE!{1Dg2Jy<kHXiLm!^Kfr?Cr34EcgZt#9fZJ!Ym9oN
z&IP-MVOEG*tHNL%@o$~wGLvL<yAkl1=X5J9D-YjF_I6W{u$CzZ!g3Lp6hoWU7ri~9
z0}O>9gqsM<<n?Lj5#PYubbq2&RG7=l`B&pO|6WB@eMK-0TfV@FFAV#FqR%Y;)GnQS
z50xh^<of=>?hgL088-2sEgsnOjfB3q_u)0a)QJsS#~VrA*r1NR>oot4{sOzPj?uau
z@-$Oe;B!nI7+CJ+P6}-)XZ}Q42ck?B+%@ZLF&|Y1-?VJ$HbmJijE=rPjK^jvBZqz<
zR$2k?o5#mRKr2wYPhcfDAQSi7ff$AJ&&u3|b&0A74+maZ3Lklt*~1*mk4z~X@?k%M
zhs>zlVpLl`yh(D=DT|;wyp@R-()rL{MwtNP!4?D};xv-{<KE$-J2CrI@9YrrdwWlG
z1GbCPMtD96Yi`gJvc9mGD+c+^YmK;#&Ni{PHVq2(>g(JiqfWWg-yT2HE+N9)E`h1G
z6_yrB=e@mqiw`Om3kFJ{%7k<XD9ef->AKy|F>5t#PV&Ew$a|!giZP#2Zdu?wyT?kK
z$G%{$@*QJi40|!b7&Id=^ZY_#b9Dmx;n@!41EP58Nn~Jp%=3QW2QB8&kjKGXPofqx
zrB;F354uA!BkiLUEoRdqwGtD%#;y;1V$wc80$%ZED>T^bwR#cxV1$Zk{^ACVSPluT
zd>@vH#U@KL*w|w<D-p(3VRWhye3`qjS7cpoW=Yw<l@FTDFO<=tIu2_LA5}kgsVjS3
z$z^0W`Y8pg9p@_zu@0lcdyYIx9TdFkHe{TBoVwEODwrc;nlNjFznh@H*hob0N!2!7
zxv-5{bjU3jys&pGm;6Z+P1G8;Griy`{1jgdrB}upvA(Tn{-WB>P6*}g(Rd>>Nzwqd
zyuG)2o&3u2gyZyVGy7AV=5vF3>w7OOiL>%sQprUiO<k*V^CKnEifII6^$&Okcg1x3
z*yKNi#?&Yj4sA($zyJKOd4{p8+0I#*z&9{2qS(MEK%E^wjq||+8=JZNjIQ6R6gJTt
zP3fGc*V^V($h8n2cty5A(F>#uht=pAEgAVvi@HVlo<7-LbiGCEYURm_I8&Or5AP;k
z-)r>9rYqSozGRH^OQpIayONiZf3`H_C8U1{OYc41q|`_MRLUCQT{m@!={^CjIz?;K
ze<<^mjn^8%_8FXKBP8j*UP!)mPF9D79_<QnHk`?XEU}u`(PDy4U*F}If3Lx#E6$Sr
znF+%!(tfNza(3yWcy-yQ?(V`oERdE6ZF+-Y3590!uk0>dF8BmrIzHPBB}%imd|y<9
z=rtC-)TDX74wa1Vvy|!SQOFA8KJVw%E5l1ztvjFb_F_N1RyeY2y;+z`H2TBSUWK0@
z8TeJCAu?CIyph?&OYtv>9rM!<2nDxN(BsTA{m{>CbgRggjc8ri5}#B1)b7$>z>fT>
z#JHrtqrZlKhe`2ssrxK)<6r6ph{bffMJZ}!@gAicJb&|z`p2jFpJGzA4>CVJtGB-*
zIuoAJdU3CXJe)T%^eGDhv6)3p+q2o{4pbTROb%Bd8_Jin?82KgU(we?6<K<(=#@7{
zdxnQ6*OnUgzR&aw;rDNjRoS}tcFMN<cnWWlfoVtqy>=$><8ub1#hfU)2@>Ce?O9fV
zHmAi{%jfGQtIxaz-qdu8!Ayj99_?V#W)wequCay|d;V6NvNLEIn6lHNu7Z}F9vkEd
zJU*97ldq7cys0y5@quY^KI`EqJ(mu7+Q}~!BOXd)kZWy!AARDGS5)Kq0{SvZYeVSn
z0}X`R>2sndFGmC-?}G&FPN#Yj#AEOKMYLh!`{X*RKJ34Qxe6WcrGH)Cl|=kWhz=`n
zlu7pBZe_^`9*IUQe=>mYeMw8mT{ot|+0NV#bERE#*g&OR-hX6u5H7CuhuYyW>Q*jn
z{Ce_1t6Cuks2}<=9PmUF-mh_zGk4ifFwF}Awlb)mR6XC)3!)#so740ooUDK0Jo&HO
zG8f?xg~6(9!ThKBi&Nf(`DRxPU0e<8%r?8G#c|P-@yfsR`hF7)EB5D<EN|V&_Gyq|
z@yhv61->jQvTSDXM&Des&i&qidr>$+UR!t8#7S;EHgV$>7!wLm(qd)!?wOG76GqRP
zIP<dm%VQ_$*DZluK+8Z3y|7E&^z#+9^WB~_V62a>#87>|{E&CAm>(bFL|SiPu1dmG
z_eRy?i_c`G6!ABTY&P553lG;8m7_ksaSrogIj<xG|9+OKU9e|ppvma_*u0YS5@dU^
z68dDj1#03=7o!0IEogGpWJs;<Y{;l>uvbeqpA2kV@;DN1SvMt|f9C+B@89tCyW7ml
zEwrKaLw;M6ev?B;$V6rH-Xi4m!9}xVe(55S<4rf$+`rbBNA$wqxvFnBio{ki7wp+{
z4CYy?xsBIGs;kM_8u?0{B7jRt1odK^8W8%WiCahcZ$Y&i=J`*rzxKSi=#t&`2#3Jd
z@wE(5pXdUqSQhoC0e`l&K)yGDyewAav-k(&NxDHm-1zi#AVqx4>1$VqvWO>6ZZ54<
z8?n)=e`HCHnVx6o4H{pL5r9W^^u1GsvzBJfB4}>6sM4jVRhwPi_78VdJD@-o&~x}M
ztbM!PGrxsS>DowI52`sJFf)Il(9P~ZUV5ZnwuIu(IV5p^U_0VEK<L#3nJrmeL0tLk
zL-u~cxd$C@TwQ}DW_0k9(;|_OkZ^##F`{>)j8~J=QwzhlEKPzIdd<6p1tGLQ{^n0H
z!{z-KD-5vh%)Hs!ztJBlXjI~9i0=dHG4BS73#IDsscqDx0+~A(0*`fA5>o-$+v@K^
z6c{X6(AD4jDP@b4XdW^MJ0dr%V@b3ap}wTw1D8%6PlLsdI->$T`qx7$+7{M>#9oyk
zY-(jP(f0tU8tmlm=}ZVvNm}6p_n#g9o4)06O$Z|BTyqH)kse+$lF~C}8?1jmKr4eB
z>7dpvDWXP!KeV#}|Apt)&F~;D4m0iHyWz&d8)+-`&AO<-6cWq+hOaMv*NP!-sz8Q&
ztwh~MVHEs(Oowk`$2bRLVx~7P-$*FWxT?{<Ssm&2DYd+|d086HFs!+Or!Ax{DC3ec
zFq3CjLcTqqi&l)2`}#nxRI}N{x_qCb<dhBcXz&><p*3=sg#m(r_t~N6mel*EXxHgj
z`!DUk;nrV44XaY;CAoyF-d-Qn{5lm{g!m96wmZ(-KeO6FyB6!Sr9BWD4F-SJJv$I-
z#=m$1P|&Va%P7DouDT?CDk^7pua+28SHzDYg=oRSPxLvTlnGhyqca5vC~Gezf<_ZK
z+vtxc4OWV~HiCj_uh*zl(u%wacP)e|-lghEAX3!`+hb$eEc<63p~h|aOKJb?R8)70
zX`)?Ufq`$ZKONrv^C09(FF3BxB?O=xmc2;_^tX7-bOm>(l8)#4&v@cw@4b}`Kc=P(
z=#*CQ87KDL4+}lJle`RmL;vAOP;S*Xc({TW@wSrVHd(_VqOqD;6c+vGW~!P;?_qR%
zkeke6o_r3;?-o)}<*@WobQ)ghpu^V<k%AgI4mKB|kF1X?9XwEb$uf_+$0|K;_q{I=
zLtxH8Uosc7uRjaSRQA)QPz!rB8Gedhmt;?wT}JBP#t*RlRa6JX-*Ln@cU}TQbg#%Y
zTD(f+U}krjbkv;1(NTma5AC`2MYoc4B`_x$;{c=WF2YZKzrJb;&^_D9CCK>jRE%$9
zmw%p*7$yOuFG0>{S+AQ}$sf7yh+6KwinCYy)-w`G$~kix_2;#h2tgB^u2`p{MO@)8
z&C~%=Wb09)sc<k=BZH*O>D%h(JO+|gDgDb2=^8xmpjB&>C>WqQx7LK7Q2BR6IQQZG
zzxJ*C9m@Cn&)Bn5RI(09vS%%ZL?g0gX;2wklx-xU8S=)2ii|Y|Q(3ZQiHwYpElZ3{
zwxqE%V_%xFJ+?mMeSLrW{so^OK0iFydCqg4`@YX}Ue~$KbzkRo)=Gbu-D^_gDrcLw
zGJvFF5TkiwzqPv_4xb3qIx`R+_@w|{?x<@{-*0a~&wkv!zmnCyR<JkfvD*7{Ez+RR
z8z$=#=CYogDS6U4T+)j^rI#M=UwQ`<Q}evWUD9dl9;U7X!5-A8oF6ikMD9uCr7xU!
z^6-DC9<470ZeMZ{tE?MIR?YlY8x2#M2tGD?yBN^b)p_5(uLzhelefC2T_4MB0bMs-
zl4_GH1i!n-stjQ$TxHW48Kp6NM@v&Tkb?dU5d#7$ENsyJOC)~`bC4dKgnV;B@5ZvW
zCdFC?kOxc%&#pJ&A*N90wCe|R$pOn2Ky~IdX+c!>fL`{S3)*T$zwC}Gg%rF*bIN9S
zx_J8i8WQH~db`MT$#HI>L{y%_)+#B?ZcW(B%)RJ%S33TUn!b3K=vn^iEQr#nwIeLk
z=SJaU@rf>M>nHspSU>Amz1$FGRbi6}(%5s=V`Gs4#!kH~d;I0ot#e*Z7?s{Xp04yj
zb!0Zb@|c64QWdQ|U6a)KUiU%7DV{v7NEMoG6QZmjM>&zKznC_|z|P>x(jLSf%s#45
z)#}bISZ0oL$7lsLnp*v-wH3F2mdL(%YfotWXGO-_xMveX^dN^PFX$4a!JU0ny#c1J
z7Il6r^-qXg^`o>(6!Db(sXF@(qy=!$TKQt@0(Lo|CToIKqlveHH_bZ0-%x57P{2F0
zX{TO?_KX~oIbZ;Y`6x&+i5jk{3Q`Jq2OWGfI!yo`a?hM_-EGW8E4bNyATo#p#U#T-
zT#X8XgTd<}Yya;$_#J!%1ma><tBT$yW*a9HG4M|~W+$}-!~nl!%JBb_e-0(H$=vkI
zb_+~9FQw*g#HrEQm{O!cPbq49_uE7K+rMP1D8ldaG<Fs{%iFgtJ#9rrxs;_9+N1ai
zK8Equr3ke2OMIyF$GC|<E{X<c-T2BWcyU|dX^D<nkSDQq;I1~;3(tSTjwG?hCJrN{
z{k%LMhEzDt?Z2;V^!QkCZ)teFKO;{{6eha8NecIO>h~5DnmX$=NQsZ#HXHI{@l{Xb
z!fA%oQmC?!3{|+QE2pFNIyCb|yw7eePSy232$7S%s-5h_re&DhyF}VGa#hsaK*-(T
zY;jk)|LDo$v&X6r9vB?=r!08@@$t>b;)V?EH4UziSVPZYfd{qaZia#rQde0mvFpZ3
zq#^hqJjq@s`S<#l>QUX>%U;YS4?h&|bZ?uz&ic7H_b80zL5xmmBsyt}-kSGtAWa*2
zF0qaJBlU_-eGioVCz>#G=w_veuaE@cnqdI7cVxc1tfMNpI6ok{;I5(sif?Y7t2edi
z);GS$<!&WQ*x(9>zfqzo{vdWjMM|g|U4l-|9+3P<SANpFy^%r1bqr4w(Lc>!6>~`~
zN84=4VpDVfwPOv}^ciD4cTa>cY34;;1Qq8-I77qP#m$Ll_>6}7{ekx)C(dvZZ$csN
zfN}UST7X~o^rl8~sAEI*O(@=C_bRYX+?7rcy}Z9tq*7+!s$+I=5D``$`Vno?PQS{(
zgrzXta&o*1UA~(B7RG0&Rv+JBn@d`H6jzR}=QBy^wz4KN4ey2*BpOs@?Ot<BypL7q
zkTN*mV#S08-sEhUeobt|`EIjg`z%99$n8A40>+?|E+m8}!I<m9MJRF9T@ljRL-!iF
zK~%9`2hdYVL#C!Lg|tlK*)|P0jD|={IatxkR!FFKwoU6){aUWO%$v9cP601fya3~*
zsfCn~L*}&ZL7DRk-D~Qc-A+6l`h_ulKU0;*_2VF{ov!Dl>dMX>S_$Hgi>C(n+=2>J
z0FdK(c7i7D2Ck9A%Hxd|%ok@GJzUL2#D@$sAv*w#^R?~NvKDwDQ1l|6ql{iSbSa^i
zbHtC@dX^hPH+F%>4h@|11%~4$!hQNyo?cuL#%4N}2@HJ?Hg|5?aN8OukiT}{ctNbB
z90=;6qT=;ecjwo`Oa2lT%g#`D1Kq#&8Iq67TLb;t&3lgiy4E3Wbv429T{Wte?NkPO
z<ad1;J!^|x*BwmAB%vZ!%Js?*mX^dI(>2a(hA8iKvUUmwa&<&e00=1em7MOh%wdC5
zObe4i@Uxt@K1ub(V3yZsxVhOSAwHW%NEVy#7lp$RTU4vHs7>|*&?deyu(Na0xW;Te
z^qYpE!)90~!*YjC*2$|**clD^dP9~0*tE0-h_4R)(d9g{xX&*y^C>25koD2LHOJ`b
zcJf_N#D^qWnq%1v@V9jG)kCLIaWZI-uf0%m0a_E|O}-UBZl9F}E9eY-VFJO@@^b=}
z#d0U^dNlF#R7Y>yT1aCHdTThc4R-49Dyhtj35+iNqXD_BBrdIOIfAzL?p%aN)y}P1
zBsJgzU&n9oYs3rj5T>?_AXqbo1LRLw;r%^2gN6&-#5QFQvE_-~^cl~NjAsvMVgm$|
zst_a`Ik`AkPjvglXM`Fk_-_}uIrO5<);~EDt#TnJhQ7@E5w5W|X$dEoWUJ0qEGK<>
zUZ+lp;<)K>M4Ub9@--GYBo3z<126d=bkYBt@~ddITr=SyBPLv9qM|wcujty`!ES3T
zr=QKHb8DBaZD7sh2GLWKeY5D;$_$k@LUtw6tLX(;g96UmnBCpoB8N0|xJ*^SAlOkj
zLcA}mO&ved8Pd%Y%1W6n@fO&Fn#l=&EThWH;DKz1IUlznb=Q-yOUkI4TOeX^;vJ$v
za)6&NMEO{;y|)nu&l}bUSwo97S*#<N)-*EdB8xTqZFL9B`0zL=^K0A*0<t9{KC@!x
zI&XE)={tlq&w<v5$oM<xXS|t$W%bb=c%+YT^<=18;vy}E)lc-{+81$sK{?@wLZYSb
zyBn-=hRqxhoOwbGzN5{buL(q7{s6138$a++_H44#7%lNof?Sf<+!ap<(G<je5>v_$
z43g)(kefQ0Tves#BVqz3?Vw2j$kBEwF<ik+ZpS+Rw%&fF__j?iE_<d<nBT`!S1urX
zFu-=^t*8FoUlKq^G=iuq8b$(G-0H8qbnVl=787TuIms3c-cGCX5!U(4w~jbrA9lDG
zJsl7(0!Q{F4PJ1rH!Wm~9PrC?`H8{nG?xQ;YMZ%x<|4%s?o-18L&Mn8)y^1=9FsSh
z@}MOqVG(iX^<Yl-pKBG7b=EYpugJ~pC)t?v$M<Z;TRl_=L+@y@9#8`&sMj}Fzt4AR
z=J?p1zNvA~WmZaaE<0-7ru3VBe**aXdWvo99ZY9%%vfQAUIuHc#McB0(R^l%v@q-O
zqcS@%xjJo6<7|ujg7Qz#pzV3@jx*S<aR0dUSdD33{HKMP?MU`&5G+jpr&{8YRWMEU
zhtOm5NVh0mVnX{Hn&)H1mKA!D+KCXTQ}uw-3L*t&75_@A1C*?u=-jrn%Bu4c`b(+8
zM)r#YZ%>%U*O_r;rR%VFiGU<uQJQ^hHCHZ2evb&TWa_&wRdi7HsKBD{x?-{7PiFqj
z_2vPkuOt!a@|FE{6-zErn({Jkw3dJbB6sLB&j%YIYZ2PaU_pNpP#hf{W#BrAJvwUH
zcbtQ7@*1ur=J+*U%Y5X|&kE4^ZP-dBGl?&SCSK~u@6??bQ7kg<m+5^(b(N;eFmv<I
z1kd~<jc-d}m{supAE{V?w_!?C@-Ze~V)!CRS9}0%y?4hBl`%GBn$O?Z(hGriu4j>W
zieAh(1@W=1AS6Vygd-&fdT{-RryOI{L#Y!IC!Ouy%U-_W<T~;!8MP++ccH)p(g&*$
zVqZA}FUVSu$)lYyU?^{pLk~jk9j7s7(e`E|l!-e~A*CrD{BhoO%!%pZIaQ9}zPBlW
z31VTW6K$SHdXVqliMydcsGc{fe2mZQA*OnIQBY#$=(O6!vA5;@OC1o?_lQlAQ|7iE
zOWe<nxf)hAYpO7RaDV7(MGwTF&66e7-c7{h2kf}M7wfp<+62mNT#V|xPDN8KWlD@u
zj8FNKNkAiF$73N(LA$3R=2l;5Z_&2a^4H@KMhM-w$Gd3)+jU^^?Y27*xv5{fr8wBE
z!aolu44UTQJf+N%pZAyJRun6kMb#U6oiZYfH-Xp+;C6%g<QP*OJ9!%(0o7g=qz~J>
z3vW;Hh-%3pQGEQ>TUW0(a;j~5ibv>Cz><}H${rtbfu&*9MIO;x;#1!jdl7XZ@6|^H
zs~bP}tZ<wExG+)dg!`yX+f7n0iY*o_Z1w2K7xhrm*tl|a%{$^`Mq~E!1scxLn3Nai
z=!Ab$o&w}0p6&TbM)@#(y78}10RP`C4!zmh*sve0llI4?ePw9x<djw>i{v-|T7#Nf
zQYHQdH_4i4j!cN~lhEvnDB96Vu48}wjT-*RN1pWiEG#Sh3t>~X_wXsKub*sm1$Rri
z?YUr~g6tEK7n7}s=LU~c-PW7-&kf=!Xw_c|=JOq=g8HB4s9xX0-IwZvEf6Dk7=faP
z(HTOvq{F3^6r&Uym-i*XTZ-aOtdE$)h}FV|J|RjCUviIdkhk&%-NKEC{?Z+=93cwI
zLL$i3!w2JVUUTepQ3Q>lQV*Coo7K2=cCHix(nikB|IkfEb>xH-9s!}4oxaWOG6JVa
z%>+j%%HRJ!lWwInJYSBiYRqJK!3nzZ^HOKmx^d%ugq~9Oy52w=^UIx|G^L8&%-!~Z
zJYmNv3ucDgq5R_HB;OD8@|m#;ti+`02X~V@PS;d-Mb6&#>zcHX2qukc0{-_b#Vc^D
z_c5{(r+&asyzbfcfg1Cz{VlC>P5#@}B1J+mOP9kCv6-;@@}qvkZCr$@)@Ab3lp<r#
zT*WK!O5K}TtKnu@xt^<b_O{Owh^u8l>|U!IhAXacQ%*RUGP~%hl8Z0>U1%47C7pzo
zSego+hAKjz9yI4(th;oA>y31Say<*Di3%v;(OfeZn_!BOJ8Jzl^7QiupD9@$83L2z
zuQL{XJL<lYel<^!24^&>tZ9KN<BW+6pl!LSg6OZ4CV<R3cG$bB<UH(WvD!3A9%=&2
ziPA%j`Dqb+sQu62zab92EQeU^{EHLxUz{evAK!di@N2>NGifTItEN^a6~>6@{{VS)
BGqV5y

literal 30182
zcmdSAbyQnV^e>v0wiGCoCPfMqO@UGz3dJez?oMzoP~3_W+}$azf#Oym!L_(Uuu|L|
zUfS>d-M8L)cfJ2#R#uWTduH}$%bC6RoC#DxP8=JP2onGRU`tAfC;<RZp#T6H_j5E<
z%Ly^>1M2IE*=O0$001ls>(=lo>iUtRlDH6{Vwhwb)f1o~qarH)MF!RW|BKhm%#4+l
z)!^V@XJ_Zw*jQ6T{lmk<+1Z)6toqf})&Bl|UP0;N(&F9S-Q#4Z`-giZ64}_;xVE;o
zxw*Npu)xVDUR_;{8o0Z=i<;{4^0K+Pxwf{pzrQ~zqi}9+Ze?X<e0;p4qob{@t-HJX
z?DXXD@bKv9Xk=uhwYBx;=7x=p&C=5H=g*&0Q&Xm<rY9#S>+9<l<`%uZy#oUS2n1qc
zVq$1$sH>~1zP`S)vQpGG?f38BzTbRZTwER=E-oG(e9cWBt|lkW@4L1xFP551OG<_g
zZ_npTYN1|H9!|ai(MydHp#_}}S4fwl8KZA7znC0#T{GCiSqN<AbgT2>e$Ux0WCj)-
z-nmgQd9=|TZ(`~xY+39sk@#o00<pa76;PX-Uoc(ba=Slx`0$_}H_)CNHh=X{<zceE
zcOWb*I=Q`{oARxqbNFC$<nm(oU~kRaD`WHiA-{SsyL-(&v2p+WQY@@HMusISGCV8L
z)8dOe8>?Dkasq5<!_F@?EUU8PN3N)M-B4AL?nkyPj~WxpP!73-j?sC`%+V2eMPYg4
z&UE|5!F;-ffr(9eZgz&SoQspWsRTP)o;J&`OoN^{g_H3_YdHl@PX5HH^RGN?g?=f^
z<C{&fW<LVNV+@3m=l7wI+~(YV4GoR?v3iTDH7O;?%uv_Tk0MSUi%c&)#hR6kv-9z;
z1vajLZ@Fe?{noh?9#wHa_cY`cWCUim2e@;5ul>C+Ffakh(V9{kL5TLQwe-@OFtzdw
zBX9Zim^{Gudeu}nwuUiEDyl?X;2z5R1->fDDFa@BUOmP@d-UWPA@)lm68z^{JmfSC
zbW9)lxhPplC8QPK$*BqHtB6|K8aul=dV2c`ngx`DMRF55)MjUf4mkt%1pxqZfTYN0
z71z1lRC#ma*|$CQdvz8WbvRH^I?+KzQXt>OO5pmGKTZkQjC&sMm-SOTu<92xUQAiY
zAwv#c1A<=9eI}OV#ZIlcv?XP*Ygk0FG7~WgQkM5Q{aec>D>5V@&nfV*xP95f4jjR*
z^qPmF``Q~klyz~y!^TQRI^w?f@&Dsyo?#0H0J0OlxjzDA*CN8vaR7kI(cZHfeRRM#
zwKdh>gx602-wN_?k3Z@hXtkjO0Of*?Lf&pfL7u1qIf?o~;XCFtTb6AvQ4}E~s&<1n
zH<o|L0QBGA^j{)82yvbPz6J4ncQ96zuBJ*~J^}!K(ARQT#2jHI<9hJEKtlrvqLF#%
zv`kwZ)$r;(I79*fKR@TcA--vLWumM&{i2Ii`r(!lHR{<}s}98)9l?Prob=`NC&Fb6
zKz4q@?uRu@f&(>#6W?w^)rDUhigUS8L{ysnQP?Y3d!QB55i<ZlB0}_L)@rS_v_TB6
z_cH0@i;KsAm5u5sK2~Sl7HK^7&<1CrUCWt~4uK~qseg|2RD|!ygk`BC+9;j*bc$D{
z(0ovmYlTTsc^K<#BQ5a`l;8;<BvmcZxyxbwBf!cE^31+GJnFJSfj27jPDH1XQE{ru
zg*yD;8DO+T%Gs>v9YN9*t#dK*+20BI2pDyhdH#xoQbe@<#t&B)I>xky$dLTtR$xU#
z3kLvT{-`8?-ek9_!9B23_2?v}K@AQu5ptW!!0`a@wsw;}0{rYi?5ttF8GypR+HYV6
ziX%oSkkhS{jPfA~!2?7Uu?JBoT-j@{s>QoI5w#y)XP!Z~w9<-R*}Lib0h_sbczilZ
z@X}8Yl>vZHuCAgkDiks^v#JiTbo`srhT=2mHKiH|;=;Y)eS2E0j|w2s>D*o|t-lbK
zft~sY+0+?ba0M0e{5*5~E{X9BWO#oVgb@hmpubr4)+AM`UHzgFZ|~T+@vNkVC%|K6
z%Kby9WqcJ0)>W@K|M7+7eg5b+X`|F?A@W$s9z<P{3G@)vIsf9Jy;Xd#z$|ibPrfIF
z1g(4EgnAS@aAQ2(FnV50Gr^?wtWl8`?EXbofn&ub`sNH>*g=FP`*(2=R<R?IP!JUv
zYWjQcz5{{DKIv`~f}5g-M#&>K(K6nJDQ9+)@9PG<at8`J`zZ#zgzK^rB>lMtyx^VU
z_)5KxltuLL8wG`r>&lH6I5ho!4z%{*CW?Ra-S@pDOL%Cr5<|$!L5V{&Zsm~1yg+iw
zBSBtV+%&;-XBl!Ju2U{GP+c7O2an0=xrj<5FSIXhOL$fyqZk;22Q8gC0vyLgd9Jr#
zd)ge{+Cfj!eU$Fgg=E9LR2K%n&zMQ+yo0b%Z0eU}ghOxgW#KI!<FkmHOu8W~_QQB%
z&>T;1^Un2?<d(~1uGX5?RyLbZ;;`Q>5%yN@&lc#q(OKNbgS5hwGD?jc6zD>s^GSUD
zSAO4qYxckF&6O}|8w5s?UZHdOP|WLi|8a3Syp3t!x)n6AKbotx8b=|yZ7FAGs8F&W
zk3$}}@01k4O<tV@BzHC~zfvDe;%8$|($=CR$byP~%?LZ28C38tR?z6L9O>0wOC;O1
zKCs>$-9)2P-V<Sn0*+JZfQiGn`Gm}3LbShwcw53pjbKXNWis!x&T~J$O*|IW5qVAS
zqrb7U<HPN9FAz6*RoonheWIRZcezDix_Ap~tTDT}cM28<X5c4^(;cfHM6Fy=`5at5
z5>8E~Ti)KM=Bsm4-L2stn}G*g%IbW8Wa7HGka;jARPVjEVSIg}z3h24ZC7`Uz~aW6
zZL)n?wpF2j^*iswwBruJZam}sp0ypn+ru4A+B^^1``MI|-(A`nQeR=?jRNXNje_wz
z$Kj=yKc|#!`8j2wN|yP@CfXU|@{Lz@M6wZKw|8+_{pGrCyvfDG@*Aean{g6%Cs-v}
zdb}P7-GifhWf^I;d!=#36TfF;LT@J<U-9~^AMgpVG`QN>+lQVk^Gppf;*Uef@H}KZ
zi!eZ(xUj=RScQv?8&k3NRrv!(-EqCOy>1X+jK`tEAvtG<XkAQoVI5~CCP!VNHJwDh
z6epGYk=m{ZdaZOm`>age7<P(9DgLo!X%7WD?p1gJX=_>*>kCClNJa0m_?6hc=_is%
z^{qnwJ-g(}2g;Sr`GhNHL$%F^)!kdOqs#m+^k>`4)^#jt4U}0b!|0dyG41uY9oq<m
z1uF|)>-^;8nG7DM31lRG2Jgr)Dx|MVx7BX6eD15G7)$*-m6qCs4|73c7e%u>()xV(
zp0z)0afv=I%+Ag%cs8MuELcq!-?p2gl{OoD#YS-68xFD)C`C{KL6SLA5J$M2D~aq!
zf6^kmb_B(-n~W`lmR%T!f_44P@rAs1Y++el4E??1qCGXX2gShxX^RVuCP|%o(nGT2
zzKLi`9Loz>O+-Q%Xn6OJLl92)J`cfxInmyIGcWxKRt>8U;z~T!{{^W9V!K&@_fPnj
zd&{w$&wG=N%Uc<>W#-`rWLM3@?Yw+^<+3MFls)q5>q~bCn;V8yk5=jMIAOf2EU;AI
zO=v@X;hHRiBojl*AcM{OL<dQ_HJ2k_)}u9agfVx@dJsLNuRBsKa3b9D*H<$Oe#tPg
zmeq1U%k4bOt2nh<O07*Rt>V1R&6950vzRLj)jToL`}@9n2ZBll@6SFQ!>w!xaTm1{
ztJ##s`Pr|wYT6l&L1vrgS?xvTr;8f6&DIVG&6`fGhAfKNbCaoznDruIyy2FH8Dm4W
z^}?{I7YVUxvP#qXsd;iiYy|hVjDw0}>1<qV7qnr2<r|Riz0H!B9S?8|C2pM^8=v<W
zR7VV@&B(*|=R^WSnw#9+xw)4LthUrydw`qoS!6@w@RxPCbv+MfjF9Y$<;+LQ77$CC
z=qRYWhNSz6ujfF9XMSAb0$7#oIt0D&xR`Bn>>GYyk>`?@j*Wd_Z@uyNch$dom*ub2
zV0NB2ly|d(KKK+Pkz8aw5FdPMIi|roo}zK@!IayfLDwK>vf-+4)BG<9vF1}w`}anu
zO6OCI4fmMDvOkgGT^U1S+Sy00#$L|C6BC<@=Zzs1%t$en7yQ5|9T(e`8}a-7;}Knn
zd&|SyT+&FZ?eD{DZHuTRK2MGId#KekO=dCjk1Aw@5(b2&<GQ4OI#TOo9V)`B-M4Mr
zfor?Sey|kF8$0DryId9KIC76CN+~e0IYd7BOuZzb+*M>E3MxnmISy_b3lk4lGE5!G
z)e*iclAVxI#`*&}W=YWentPlFG1IcxPr$w6eeOfQZ<fNEMXc4b^#bea=Dkn0YmETO
z4`5@OqN51|4@YK1YM#JADnirI&;u@01?_q3ZqnUtG4IkvH&_V5Pf5mMPhB!)T;Ck}
z>L)|*hgE|V`z39q8A^9*Vi8az$-&W+{z9FBe%!o^_gf0#+mZjoXUgJn+&`Y+N*OU3
ztCveB$2-9cyu=XoC=dOh9!i|rurwFILzPI$f3HT#B6tzaT*(*{C~y_PA+659n5~^f
z%j@mA(T}HOZ`dg_IzYl)$SDDr*FX@DPsEV*{rq-&h-N4wDrD0@n^Sk&(hyh%8guCK
zAeEj(S$<AbR6QjtT7K+nSaiG3F?whXiGTtLM?O?CX~$|-#QxLg>h)vz%w^B&mxpNx
z!Tt5aZicQ5@ho1?q;qp=xz_uRcY=xU0^U(9<HhuscD(N$40RVa1ssG2vW8%2HVd1k
zCzp6-OO;7rFu4^kgn9{1%<-11B?Kx6(S2YqR+CoAmxy_^T1MUsqzqM3E#Zjb+gf@v
zZ}gKeK$(LZ9pSRS<+J%%AabO28e?!d_*{e2N5AKX6=|w~>*F^Q;y@#Af``ZPo0k&4
zPqSHGU^AQsrU>X?(LnCqCD8ZBFS1VS3tzsLlc5H3UDs}Kgm!$m*UY&TF$D7Xf!ttF
z65OODbrPK4&*X$9-jF?v)CfEZ?dh5P=38&`<VR!A$U`95o3~I1`UoFaUELS{4LPZ*
z8XWn|d1|%)r<K3%o0f8l9qtd4iWKC;)}1MRv{;(IhtANZz(ODVrvqKl2r=fWfCY92
zPua&lPmtd&ey?QGAtfcnA^s`tRk7i`A}MXmvE(pcB~kX7$o+Uo*Xi<vQ3Ad?^62Mi
zSX^?U@=;3fz$Lb`@bxWUL8ZPsu${_$`8Z}hFeUigVp=ws!Sm#>=F()XV?cmEJ++lA
z_dsCVPM$334-hKNbshYnf8Y^9U_{h@>izIb`Pbq|zNytFYip!e(!eu&1bS%Mn`-(G
zk1RYrcV}y0N2P7iWxdtU0)2}cd$Ra_?zh((ivjpQYl?$@G+qB`KF}+#ka{FM#V*=0
zHLB<D8xLUb3}Pi#<@{pq=_`~>pxGgnf?Z)iC9G)eHCX+6Ui-R5XKgyM4PyM-<kzz5
zb-xgawU|zWVejt_Z?C;}mv6nto!D0$yH02lWdUv79MjmDy^a^EqM4}(tf8M@ukE6=
z_Jw$;Iensb(C_aU$Oy%hYKvWO!&nA;nB-f-M|Av+&)-kT5ue`C-0f|P0}b5C#UK1b
zLop*ENgrrbtl!qo*L(!>_=5z7x~X+4F066Y51!hqs<A6#JngRVzS@|CDM+ZUz*bUJ
z8D6`8<P;D<Hwn!xcAYPo!2@8TMVv7{rIG2_pV9xgqNTX1j#ZJvBo~wWo-+P3mt1^!
z@t|H#r0!~*_BG~k$#aC18X1x0CvEe(wm~s`llXTiOEc9Yw@QEfDJM`dY0_0c#qrtd
z3@@nFQ#d_0(F{_-xb)z@8%V{Gys2j0L#J4LN${4aP7!Y5bK^fttmAW^na^~g)9|$|
zZ*o+NN7ZR=xsf*_YvtH*>qmRfGTWtnQP(odjOFNG_bwihSYX=teNbMf;K>Z48%E_N
zXb42iOrwq&g8EZPY3YXxzXm`(9WBJ5s`jmSl~V(m>NkQ{nRJJW;?3=AMsKsk*i;oq
zpS)w9S+zU3>cxd&^U@S3Fj)Fw7MDF&z$EZ1>co9)^|-5R{dsB-8WyuM-A%A^;$+W@
z_^`(78I2!AbJsF*2552jj8g=rNz|rm(+Rv@XiTcFNTQrh3-uy--5bBA?L;kBovPw3
ziT2mEQJ2>7KWqdn^9_xf-%I*5Ukksg%6as@w7tH%DK*b^@lu4ES1|;>^OVLx7eWeN
zs(;Cc?C%%$GY%~PL#cVwtN}sq9%0HT;>ysns(v{#p$Co1FuMw2lXxk9Qv>qS?m!WT
zCe=*6(v)qTGxQz4;AF8!#9_GsU4~{woQ|h37?}G^Q3W^S`myszNuQ*hFlDI3>G^Tu
zDQslX!hc7eY5X?serL32<aYa8y@TeRa6&>j`~`xSzXN|SUCw^>5I)Ce%`25&qm%UX
z=wA4XaKU;Un9M^)*-z83zNZ2v6Md)$lYrDvz@9z+%Hp+am@P2;VoG|Z#|#@HH5HN^
z%tS`^)<c-ecVjjn`aZ4L?iY&Rh04R|{fp3--08^MMGzv!l`4tQ2t)!Ggpe(vFMJy@
zLndu^(KmCdS*G%uwH{;q#M(7W-F;eV4`^QMp?(z1tjU05<P==?^BL#t&rhGf%U`43
z%~B5vDG?CTtQm5p7CxY3QZmCdjGV=<VK;e%wW0A#vOa{!6bg4RY*43teo}qNEZ@oh
z0lTJ~e~ODf(2Y|qv=(@<VI*wIZOY33i^l60&7E$6PZ>Qr!g_4jA+%l&nLY$>^nkK4
z+JB60C@b3~jA~6jd?xr~Nf~ojKJdL%ENv)I%!rwUs;VA+aMo-U-?`(y%3$W1w$Za5
zTrfX1u}nP4fvVT;TXY;Mh$i*9@L$m1+pSK0;U)<Umh~0N);90E7eQ$;mwUC~?pC;S
z{7k59e1d8Q&NKfzbF{-K-Dl{}H2m<;%IM5n4L(jhb?YuMy7T|soG@9tOv*v{!;yC+
z4M)&UjSUx!g75Wf+2p#g^ym8}J1zvTl68jLFxAn#XzZsNy^Fju=|Kr=--e^F1Cg`6
zmHPTjtgNin88z~Z9Go7!US3`{HeOztOXCr$YM!|ZOZ>3m)J0S9FcxU*DGjS41Yoba
z_KK3_&6_td$#D%4ahDQCs(4}Y#_7nG!vHpgmXAQAFMb)0!}ib}DBRfCSOiii@A<uL
zY4vrp&Tj9?x#VCMJaXlUer1;z2!Jfe6M>-EQ^LAv_~%qc)<7$-=dGN%R-rQ4t~}s-
zNsdp7ioT5Ys;XXIXfes*;o%ayr_d;lZ^}A>az}HAB8l(=TPcY16jzNwz3mr21T~Rm
z$Um+~-mHcKUoM2(D#izeblvJ2{@jM2Q&3N!nLp^p^~+;jWI<4B-2cs7b9@w@0eK<6
zTjL_HaWgX&eVO6+U??60Z!|>mCS3ylH*<N?FWd<9x4y_)u(z2oa9*3{*af5wHYKJ>
zwY0<`VR{9{I{qjJrk?j({6qbr-*#-IALk0*^KxQ>eb&nP7G6W8aO>ZKjX;^YXLiJ}
z>nTsthZ@ID2dK0t($(0ZtEsRHgOX)dP4M<ZHN-kzp+%Yh=m;%Qxy2_#(Egk)v|bEi
z)qx{$7fiO(iy=3W&`%S2?n&6!&~{`f&%rjkLq-XV!?SyW%q_ney2VIljwQY5e{+!#
zKmRuDT^tON@U^DUDmQ@N{%veSW-v{^rmLS1rh;=HW3w9s1Z-~(f)6v>dx09@PBc;?
z$T1Q9wA<HwD-sPgjYE5lxRD0V2BY&FlKd<v>r3dchwyD{{EE}tl|?AoHb^mMo>3e9
zL_#xYU>l&UBDBJWVsD%5%ixrE&3iGfvdJ?JP%D&_eU-z_t$Ykrt2O)Kx)@R6>1R#o
zG<`JGR6r0kthT~2Yz3pR0~Co+l8m}QXx4M$g&}^4^?4#ewN7rU&~!n27})zm6x?dq
zsRaiZ<r#Z;dQQXG^wyar=I~T>q#hUA7XlYSQts&xRW)ByCTM9&=EwFCY#Ub-q(ibD
zw>^<sJiM^|*o-*1osAU41C-`evF1gvEIWuZ^O56G$d09aLI|88*4skD+;K}Y>(dpn
zzMq7Q7?>JJU^NuBg5xpX*ERvE<f(Jzc%yA7XMe1N0;gQ-^bJ`cwv+sJpVoOJ#&rbc
z=)+D`dBd({{*CZ_s-yA95ZE)gt&27-(3}Do_X^t132w8ni*3I0xqc*p7QDFsl|Chu
zA+v+<2s0X<Cd1Jzy$Q-H*^omye~Qz}RnkFYog8wvBXXCzZg2`i{0s6+pTq)??7V53
z#je4mQ1Vt?`u9bRRf*|+mE3A#TJ#<%FiPx(YSyok^6pNU6DxarPWQ(0SK}L7cI{Z3
zlkQko%DKh23{`EaRc+1lDYoz(p=?s9v$%NO4O$iQOz*45IBW*%h0^!&4;H3Ozdq!j
zKwoa5hn5e4u82c9d5zV-p<IQ9bO!)@$TbFMnm>ElP|1YeqxW(%mBu+0?&I=sjya=$
z4@)ePPBU_bO5E~M+FvMqDH2Go`h07?q6Yp{#S$v+lT>_Ty;6~fjMQbl{=Jzdhorr*
z$Ri&5!tNdhbEN{#s~tA06uCp4^yi{~&0I|V5^E(GagBS=w4ZfJ=3z!K4^KeY7t1%7
zG?i9IeK;3RIBqI0@oIZRBciUY&YlB#j3N7u1`@k1qzQ?73nV`teNFrd&He?Egfxe-
zbb@nO(AY|J0@_!}sXCPyQP$V<vFasA0s&38;Y<&++oz=S7|Gm*`~EZ+<KN2k?{5#d
zde$=;qw5r-2%k83EV3VE(L$X(azD93^1%0^*kI~Skvj?A8iKsKJV`sN_HIb{vJ3d;
z+%Vu`xaA8_fcgIU7uEXdD!4Va5TsaM;oVe6F;~-LkuJ|FN@)HuND$)9PZL$o3HALN
z%9&4?s}^7{Q0n?(6AOH9n+V5Tv?XtHVi|T1S0D+w2zU$=>5Z*=96Ej;@J^(N#IDkx
z$8aF-@}*l|!xs~A$y=>Pa5ItQtu=0%EoeFlzCap)W0EuE`K_2#%>q5ZflWOI9;403
z?tF25y7DKf{?Po-JYTPyPY5)eMBgZxDU}SnVyQh~>=#wg8&3xxS(>Aw;R!6W2j8(X
zrq!O2HsRp|ri{?=bX{M6F<h-{4CmiGDLxgHx0ASet)hLgfmYAGoLnqs*Y$;CH40uN
zUXzG|6Bjb4s?ydx%gZg}*Isjw;N{&{0jSE@*TWnzpYE6Wc&piunyAP)hSiX03Y#-@
zINPXNxrVHfVD6kZHeRLiPH&BUt@Tg@t`zZ);Dcd8Z;~I+B%0+2A?T8%pc`8!?hTZo
zobt$)s~n>2Pp|upg>rtpdqnpsaUY7#S|>w~FWpmiHUV!^Os`bbQE@{C#<+?{!e#AR
zb(w%Zk8cyIHCfX3_y7W0B(1Z0@0*u!6!;aP@R(QYKbmlxcrloMFT4rJaj|~KD#IJ#
zF?Tp!`kW6!t=m+d9rvkEB<NMsy~}#KDSxo&G6lO-UCi4luCFFGUvPBwC(ZVhCDJ|@
zh9=3##h^uxgYAuCHE_XuIZ#ai-ECzmtxmi6rr&B&Zog-AB+d~jR}(F^eJ+vickt$x
z85iMqJu!_<yr`w8zna{lh|a9EQo@f;Y$FL4)8*gho(Mt&NbmyoZ>OkOBp^{)XSiX4
z^a2Nk+}*udw9zvI4haXR;VsC}{U>Qji_d6rW)%w1-$ABayYVq+S$zp5jDR{i0$G=P
z^{EcvB}EaWzKtKeon9EJGYNgmvsBCpHG2kdcspzD!c@~-|JLw*bJ*%c+4SSC8#+}$
z(`Uw|Zz)NSLJ8DuvtcIG4nSG+3(Je&hbBQ>FDJrpH=N}_RyKb0V8^5b9Yj>}#2a!J
z>$LR8mtsLZJ}rW#0^&VX>OEv}ntKeHTF2k$StJ*-!On-)ub>!;pBIjQPGrNI+|*3p
zeI$Bu5|*l^CJGS(h@OBm3+qH;<X^}OLFA0Pto2Nmp8#*R@^eHXluVoKEZaeO9p&N>
z>=?Zuw&-&A4f2?e=_4`8M~UhPYrGG$r9TC#dfzY6fjO9IA5&=4F2z2F&q0Mrs%t^G
zUD8e7FpwLtJ&xum%csV1i`eegy$0;v8V`5J)xMMTT;VgYO^Y}AE-a+hJ=Ch1)9iHD
z9x!5)kx-p60ve5-mYh!bxJki{-ul$DMG(R|2#`q%^F;2TjqakZuAgdtO}BQm06V|x
zyB+1?+r6D`kMj19Lg=b%MP)VwifwD=OZPsCF^q#_OF<IR73rbrMgGaZ4Harw#fb!%
zP7VP;4+qjJxiJ#xl@joT3kY)Y!}?SD8*4XbA|ZtE{HHKl^$!!t-AR(i{%(Pap4O^B
zk8lw?JlWlMCdl8!uBFipEwocovc?jAx`NH6Xt+jJM3W;lj1(}^ZZ#R?G^Yr%a~g^t
zr|}X(B}(&09BEuwJO6C-?u)4@b=n#7qI!1My^{Hx;qG|X)OQvr6FFpEDb<gcFRCzy
zlgnvPpPZ#JGc5fpqkxA|Qco=hE0?MeawE?Dxwz2uXx?eruXj&QieLQ|4yl%~19}p<
zGhVT~;LYk1r@lRuA@PJEJ0UhXe30&AtcD46oL9dL>R&!$j$FZi$AZ_)pJjOZBxOrv
z?RO{;HelOHbFRubuSpK;$avcgBixTde{2x}-xeeX(R{_3&;&i)yNGH!i-H+Fi+^`Z
z+-ki6j*mhM3OJX`<EZ6GmzG6s|IknAqEA1asNSEc-7#`^y7-*b8dWTUY@sF{I-}M#
z3u9;THHBIaEzfKaFpP>~HN?Zaj5tNdI{FKBd%UXYt8KZJn~ZP8l|h`WP;J%V72KOo
zdXp_rL`_V*6+^F~V_1Ywv#*~+yA%aVEng?}$GOHZM9&O)Xhgu*!GAy?b$_f9TO^37
znpK>Bi#&aQHkQ-5OpXWfMeo#&*E)f?c_>z+oId4*(^;$oM2jDyh<l;n()kO71=d1R
z{GN~nwcnU3k1Kb8n1bLxxR31gDWNIrKXZh&BHt#y%;Tt4CiwogdCxPSxY^^m@pcB+
z+s09C3SMtP86DhG_`DPUv!U>)^6w(SG1P5rTern4pe<&PAcMQ%g@lJe3+iro4Vd3w
zE`{G-I8LLBr7|yh?iHrA5k*K1)?43`Xn>(A83nNZ1@uwP{bQ))&wx$2(YRb9sADFA
zzUSz1w8pAqSe@SMG%-jXEyrRz?gvpAA3C&jrdKs@M&dWoBUr}Lj3&_Dir&|qbw;hd
z3A7=hBT?-^3KYnIsJj5!ayQ_gBia%<0&F<2;pbm!G%N_9J{o`0g}9+PoKsHNkGRNk
z^Y^Vnma4fPT&4qu@p|OK;|6hVrU$ryU6y8Bbe-<I0g<!Bgf6#d7^wgR-~F8~fp=NE
zXdlpcF?h5=5*b9zlC5Fjs0PEwp_jZa1#j#W5d7LMA<#^6ko3q7Uv$s5w~gn2AskmP
zY>F<8jp^?uFAJ`SHd3#O*{EJAN}SC}xbK?*`hFutOeIcH&g&IWGfGu^@B<G#`@p7=
zGo3dUYCYoBU9YB&dCHE(brW1zTo@_XouTAOqxQJJ!@3JrgG--t8T}5HoSp%ZUq5k*
zas*G!xkkbTm<Qbm9QM2NieCW<Sw1skeQiY#5GPPio?vk09$`6UkV;DTMvCZTN2O@G
zM93o5YUL2Lf@(Jb)&2Ffx(9dz&Wsd?rgYk_XUk90WL?GXjx>lRH+!QGYm@Qf?J4n}
zKZ?~apuW$$&(CE_gg1^t-D5w^UcoGB0Ckc(t>U!Mv`OD#;|*PZm%=wp=5yj#PlZ%=
z>L+sk=Pba(kLOksY~DXF18e(z;wL!kSEGr!9vXgwXw1W9F*c$;c^L#gF-^W2iI77!
zeU!xSC#a5IzbcnTZrNpK!7vqkbiz`f&zje<<v2V>2sOOZ6PML_PP=prHvQyLBcmAp
z@})U>BKodQf-Y9C+x!Ist4e-qj6%L>(3ohCnex;0={eHee9e*PL?4eXN@5%Q&?s8_
z!S`HgdPl*D_kC~+itH!de1ww}HF-8XvB|4T_5D9~pA?YS1zxx~sJdhniuqFrTT!yq
zFpDemaooCughzXs1<TyFR)aZ8AsjkgbqXZHXm1wC>~bD+eQtiE44M{$P|uFN*T%Kn
z{_}^18j<7QN8~KZyQ*n)L6JY9QbmJj+?9sh&ZTRVy-WdfNG^PefLG-Ew)iUe@P6|^
zvS`!#LiNXtERjT#gUpM;?}+C-a%<66+nrpdn+B{+*(9xFHSFM2k!#)zI-PQ8?}5hj
z%IyccGu~j+PBJO>GC~(=!)`EaRtA^`UNYFBTs9K#N0@!lmcU{x0PkPHC*Z^eB~{JD
zXdxHDPycr081tkKwR#G()Ak0umiF-rLAn+(ye7wR;j>rD{bZylBir(-fO><9(B--0
zzy452&E$mV{3%-Y?&5fs#6wm_&5gyH)Y@Sd2PlrbR7!1Lu32_6K@viP8B;A;2f-;q
zJbKCTApnYDZX)xG8}k`YMTZi7;J1>=>i3BaGpdte6)MoOUty=!oF28DH<>9cb$!7(
zlnA3tamwVQlsD}MT;8`Q$t!oo7+sgE=y?ZQUw+&9@Cv=k3Xmz&^*o7N%vVk(1T@9P
zMMDGg^=k<LKkY1$OT%#Sb^-t(g%E`H-$yi*g$3~M<Nw_l)d_D$1AJN~@u5Z?Ns#;0
zlLeIpd;<+1nL#!I0A`jHLclkf7l3cjJ~#ki3;_USWT>A3$Wc=pKv-G+azW9<p^pH)
z|LCZ$g8%47sILFfLH=B>IU{SG<g%Z}WC5)9Ne<`kaFP~>Z84@wXpo-{cE$wFv%iFk
z<87tg<IyXPU56@DuH&KYPG9twr?sr3x(U4c6A2=Jc*3yWQtqASnr>`7Lh#^bQ~ywE
zZ>?cmmRhD)E2$jzus6%uidS9s<UO*lDeJvC7UE*2P17GoO&yi$%7Q;1v8RWT4wZ%u
z&QxOfFA_XAOVCQNlg!`bj+%&nS%CD|!~U~R{lj5d(F&6NCf}j5n0+25+X1qdHL=d0
zN_$se;<Z(B@sfMe82K~Jbu^OUZu`P{_a-~V^$?eu^mL+TuPDOLrKXfIE>vHXHy>U~
z-FDdD+xW$2QE}Xk^p{X|`Dfjw0JYG_{_rLy*~V#+PW$)mJr(7~lXDWE=F6OQWJq3t
z(i8`HM^)mW{<g@RQrKdcx=|P~+&>vAohD^6HH55IQVw)yQ2iLU;ddodT!>ZRqtAwo
zkJ4bR3c==Q7FdWlFgv*+Q{8gSuvM+ktXm{i-lc%(%$2He@sM|VrXYABQ)8yCa7c+?
z_3ZrohJtdS%$*Z$G{7rGW6?=JRYXiLUqF^u(NeU4UG=Scp;ZYzg1|~jRi<7&aMKt)
z#{T_4`k?x)WxdIJ8A*Hjk>1#Q3y8S7&2?!GSB^1~l=TR`5Rz1x1;m=qVnjHjow+ro
zLF4Go1{JZO;k@FGqT)*f!=~MvlM}&_L}&ZNlSX_;#se>Jx;F;$n`LfA;BhMTlj$>C
z+V!tl{x~LRYN~mlu&W1Gw0=3SgSM)Rv^lOJP2D)>xAqpd&eq&y8EoA+OBa^|@XK;*
zR@Y0|ET!(xK4hqFNJrA?+kb`8)xNLPWs}<+8K5h#ZH=*$bH<G!VkNUvWf(6#f62P{
zAx*B}IE;Q<GoevM+0owa<LgwA6!rdFP?$Ga`-PW`<5_`(8?AYYtC~$ZkIQCG*|60X
zCInfM+z?GmK&hE<eqhC7zi+rKW12%O+oCjp4R#orTnN`H6+5;RH71S)SWCu4xZj?Z
zHEPe5+7HLtV}ouyDn0I)<5HNU?uYj6gqo9oU7Sj9CsNs1sBl}p%cof0hKy5K>Dg&T
zO=LKX?MyBiqsO{0CA#U_3|i^rGf3;xB)%*EKsG&jU2142)CcD?LXJRS^YRe>!U}zq
zhhu3_GfI-HSTUKcXQY>0Qr{!&ZT{jMfr~bOkmcn|Ys}pbm9NRPRBuu0KCN96<MXEG
z_t;CBo8QE-NS#^s7~To?06dspaOT``!y1ZWd-)s|T+kz=&ZZmG%QRhnEe*t;3b{|R
z&VK&x+7-(0zPUTJ<GKdov4Pb8`O!|){ZE5$Kt4adN+ZrM?}a@s?!K8I_jV@5-4eWE
zxC~P*h3kA76zv>R_4v0pbMNB!hD$-?_KN+<Rw-XU>9imdSxe8f=1a{ExM7oJV|TNh
z_KUAT%^n0T-r+-1)aQ22KA>|GWbE^;iultaMT=6X^1dB`#8LNQ7{kTW29s+4UcS2l
zwix(Qi>ba5#OEVBO}xwk8+BcoBMhIh-b;ZvM8;D-pTD<MRlK~V=qhP+K^mVRX|lv8
zi*(0FBVUc|&ZGQ;04xo3RHlkxjr*wTmQ$m+pU;)YT4*)oejDQ*bY6#0HMLUS4hxaD
zqgL6Esdwqv3EoZSK3Lwpr~aW&BbO#weB0)cGEx3x2wsxQgeg6ybel?QTqlF_KTftn
zCWg{h%QZ_&E5XDXkBk{MSUVBs5XL*u#VC#Q)*`d#)v+yoayyTrJndbh!-Bm4*R<WR
z%|k4rWMg?tYktIEDxs(8kf0&faxtAC;<vGfezk$ykNvVfw5aKciDNy!B?%j(n^QfE
zVY@9&H>x)Z6r0u3D%(zWyvOv{={nnFtcNAAz7pR`Y0IRmMkU-3&uCtR2F#Zx_Tf+_
zdgxmG!5Xi0R?<_`r#?$a`p60D$=C7ucnKn+09|B4UGm1XAF;#UV5gb-{O**P_|X~D
z;VsSTy(}>i%~OUorm)6e^Cpx^k&Sya(1O`mV?XJgzG=I*lm_YL`P$jx+dJuTZ@%j{
zrQ!`ncQ!erg6&g|MeMkHQ5@&Cr+ETI$A1kx$NZh0>W`OO!k<2zH@4{XRNTDGlpi(6
zuqfVSdrWfA`l{GJ2xe8}vs419@^!l6xh50Rg77ZXg$Dv+p&o<qLYWgOT-jT?7_a5D
zCz}G-b?<~tJhCQ4mz1p5ViAv?LqK}^cRNH7QNLE#a?YfJ_t&Kq3aYVC`6B4D5a8ib
z_WP;z(Wy|;S_86N=z!x9P9sq-+?V}mR4EKfc5y0&gCq+G7kha;SR=%@_~g@sB{>NF
z#D^ysyX*N*shv<f0_ShA{I<mQKLJz_RV(}#Kv`L+_Xp!>%HE)&C|PBQ5sS(TfHBet
zpM~xjfb|F#Mu>+B+m|z<;h~Sd$$0KkiXi}_Rw<XD{}q+d04o8Gw<*b7|EEw40LA^U
zP@J6ne+tEDs5Ibjs77TCf1~>U1Jr*}{coBeXn@hd6M&*8H*Co+q@{fNdft8J0*|Pn
z$UOaqqNg-aO%3JzZsvA=7?lk(<1>Jul7fABN{&k-GI;o~3>}pa^uaS42)&X%@Vm$S
z?+#}!&Fk7P_1o`Uk@I9c{XE7meAwJowni!fmibq_x5R%uXf8OzZ+M6WNUM|khDHMB
zv2MsLP1YlNFa(H2vyurx7hkCFhh#{W>S&hcf9%Ogr3`s-r6=>0oD7UD@sr#7*f&t&
z(CpXUu`6C3M<ZnBKs-D=@@g-S6b?vq#s4Ztz8ZQk;h<04y)~>A9GyBC@q(rx>d&pi
z4;-rNh_2L6cVbNK#mVO%1heMH#Tp*IM1hIK{xZ(0lHt7_c{ik9K7T)XKkl>O^Kev<
z=Y269a~B*nuT^<Bt3t~JbLIcYsz3X~N0P6;FzllTWHCfu(m>8D<;UK!Km7DI^$FZq
zD)LvuyS&~0-m3N*4?~05I!^EOvU2(@DYwS)u=oi3<*D6b7DdAo2{A9ttd7IsEuXL?
zvP&}#Q{yO;gHe}-wV?qkaaWGF!*kaPC+}w)_}>T1Yo_hvQ|;cfuMtobI-w`jAMazV
z|FC6QqB@E~rp@ey_$*0s?TbI$Xw}2{0>|#3pRH~kkKc$jug*2kI^2tSc&BPPli{H9
zIs0#HM?Xi;eF}q1>{yP}D{ZYzZVxJxKXDzcpw4*g$)nDAbU*xn^+bFuE}<J%k^1$r
zJ4QSWxJRcN7b(+$Ll{0=27B7@s^C))>$7l-XQ4`%l3;Q{jzqV4as+vTtw?}^K$Sk-
zUe8j!TkRtrxoQ@!D77!Fj{AIUHNT>I%=W`oiQiC|vVhHcri|UrXc|v`<&t3Z&XzLa
zDh5>#jCVZWbau53eMKTF=?2)_S3?KIWi;E9yKs*5VGVTbvSMOnPV&0#Uh7o6XU`s4
z$J%7fD+8DJct7RV(%AT(-VCFS!}pCECJ+@)o4-MtmyGQiKgTBg^T~a_t%~H225D9o
z`l@!Cwgygg9J$FW4;~-PSP{><Q{&$;RhrDud9vl(%`^dih?7wVj!IeHJNCnnM8Y}}
zid1hfA<Q@~@hLX;*_l;Z^Qp}Kv-QW&4$!odi;(%f{)eOm<=yWoZ@dd{U1O0#H2tlK
zGsL3XK#o10eksuX)g5@cJ#YO^=R{icGq}O$7ti+@7b!mb5QSa|<SuikHJQ-Yxf;@4
zoZj;FIDtDsGAw6%n*dY#&e`P6XTbKwi--{?&UzP2MYsM%3D!>xmBd?onAjn6G9i^1
zN8Qg$3lsMUO%skDT?h3}ShrEJ{~)^?l;xz%%$sf4jKp^cKb|=i(K2YobO4so%Z27a
z9|t7-C-UKj$T?n`i5e%A^L#Bwwk%-d`PeDH3`CjZDo<G0$ZKydH;m6!FN#Fs#bf!~
z*%;T}i8N7g<PiT`jQ6fq_U{*cVx{O}X2dLcmVtaw>rId^=%IkGx{WiAcRO{aU*49_
zX0EQ@nj|uCbZS-!*z-Q^njlg|YdsaWD(Fbu_4@)5rW26ru^f)m*vF^f&gf3haY=fT
z75fnQs|wiyYpPwgjhu(mlrJvG&wi8R1JBG&SU+TFWkkKmUx9;dl_W_#f;eO>z}++*
z{mAcikK7?a1uo`-8HkyTY^S~~D1eIPy`n=v0DRNhGoGG(YFeK7!0yrJKf~ccyAYm8
z?lEj%Hzc?k(H8MQJ~w#ou%IT@a60*0lI}~azU)d{fL)%8W00dQ6Cw$h-<dL{KFo*9
zdhz#0o#`jT<{vyU@gC5wp;zo@FWAq%I{H0}sTKJtgFIZY<k2*x7%f6?ZuulC`?AAC
zFtaBJ<j4S3H!fo`!ZIJsllWzNtebHf5rtFb?yi{tp8=uwP5kj(J%>39u++jTFR;O+
z@{TE@)tDmhU|Lf$kk2$MBc@}L^i@spxo%l-9chj)+_LTubnWz#A&Dm5OQoaf6*<du
z-Xk+H<nPEkyULK?UZg@ud^zUmPuaX0j0Fu)f`fQ|8D#5pgM5qEpoGq#0Do2e{uK+f
zkrnKW(-$R99kkA`&&=sS4g$u#Jd$j5G?v{*P;6?+b5H;?d+8)3UW;m?I}~y!6HZ?R
znK{sGYSAal%0H28ODs$ib}Bg3v3+79YQd*ghaDHLA~x?cPPHYmCX6x`c8(B5V?r&?
z=yGgKW@G@m&6vbOZX(_n;5(M1ygz->Qw%AA=g`XKCMTMqKe-Sn+U!h*L~3Mofhhg#
zDXpY=QKeoc?iI}`)EB-2-6`jJ<t-_|isd&)gL6=jdTsC0soqkbwIFN5B%7P{pqm;#
zRDmmh>&|u%g-7-*{{6DS{qt4#(M<2ze#FbWRfvU)Ul>E~$egR>PonEHwi9?m-YC<W
z=%W&v$o`4hcN_1AWY<EBWlQ{LuY=I@j&Dh%^u)97YRZ44d_H~-U5kg$$&5L(&y4(m
z=_?L_){4o(f2rF2@qENP5scY)Lb6{#E<?%uQs#;5BE}w=S`tXXVv%4@;~xnYGaI{x
zJJf4&hMN+<bJk)o<QC#h*oRJ9v%bQPIGf$T=zECXcv^)z{c#9)nx;8FO5|rDm{ENF
z%fMzy`L)Tr#?l#=U5nSt#HL`ew3Bij3B_Hnh3s6<!tc0HFT2rAR<PJR5^Up|k%Ed!
z$U=R}!&Xd$%^xi+hFr~SgGhogg}PC-iRF*RDMQSl0mvD>Nn8{eMcV98!k}46-+C>^
zW>;-IUcZPQN0@;gF-cokG}#DFTE(~3=kh~!FWB`+MVwwO`Kv#LBBChCSzM7?({c)s
z230_e;1{g)2xh6#SEAlcPx~1&zheZ2UwC~1v%&ebv0yo={3h!B{O`?tIO%+@3qy@Q
zyVV{$vKwcy;A+7qV=k#$SrwiD{b?#9;O&>EFwrv#<RNk`wMgme@=T!hTJ@UXr{4jh
z)M}v9!#Iooi|3onKLAwsXTWLRR*<=3So)W{Zz#7|El+m0dc72i@fe7PT9>mvxGM8L
zmv{kwChr;3&ew;vocW|l5bW$e`4PY6f={x=d#9vCy3o-bDc3}Is+#sP^AhVuY)tzw
zA~zdL2vYgmK4rpSE%1+I%X<s0RDL`Y?O!sgze_pDc#pOuAh^#ZJWcCX@Q8IbCVF}P
zdgW*G(H<JuN-dX8Ve#ivHAy6mH}QBe7<BW%rH_48GK4OVg5vup94>eC701YJ_z+<t
zxnOB~q}NpLZge!lDOQGU;8l5ZZeml(vbh*E6MfL==|RNH5>5D|2^YLcth?2>=_LSc
z4igw`@9+w>!(bI2QA~blJp4jrQhxYmO^-#m)5Ck|wHZgIh&$#l8A<*u&)}{=zU_~$
z5Y)1uvIWL>4c_r|Yf+89RG_jq6}EX(82)zsoeVPG?ckaoJL^)GrT>Z{)Kuy?uKACE
zdj|*&`Z=4M#$J@%xshb4Uy|O-<AQ(c55MV_l8{bXLgd92ha|UL$eIT=(8{A8Tzo=1
zP9@pPObiiPK4_QHK0)MyHzF5u!lY2nOg@?<0$EbcAsI%^Q=EtoJE?kV6K3Sm9Ox6`
z={hY4v9UXC{2@d{m`FHYpEjr!E03@I!VhI)f59_3NacVkap*woWwQY8T`e9AbfUD7
znEAuhG{4aLbE+J~=78hzenJ{&C3)PuRfv8bNi}{2`$O>aO!_O5fBGx21M<90h@07X
zMF)nt_sGF_;n<MO=ww9iuRq|abK9NL=;m-(s&cA)^O!mDf9e_m<4dW_e&XdguBs^?
zQ*QFhRRZ2%yX-2Z(wLH*;b=+7oY&!fCwq|nS`7(TluHVP=la4SCyf7%o(AJff3hA=
z#KBsMowV85pUY?s9a@K)<p<~1@)#aASjSrhaCXyfIl0NxpRIn<0{rJ3De&Q-Sd*@T
zXCi$dGTYTV2^pO-jql})zfT-8KlSbZs-@^8GOE2X7<&2IeA*3bN)CWBQ4=+65*Vg7
zsx?iN#Da1vUgr(!G1a^<gaKc=-KUv^em6)9UHM4}Syn=1aD@FEpw-oKq)dzN8EToq
zEvk^DcO8DjqFz0xQ5FJEjg0zAu)}m?9Nebvp_CU!fPM5nbH-;ZYZry^u@?onPGL&d
zHX+r3tvzK(6AwyOaxp)L*<(y`h~ur|78C0l$a#=2&qOA7)WRahrTkUR%KP%*X*_Ek
zdL|(%ftX~2esBvJw(4~9zwiVSTjjRuIf)Vrc(V<0a>$JHILqkq#SpM1)n1^zG0OWf
z%i7+~#=zlvY5eFvGwK7icPq+orB{a-UZCsaL5GOGyX?+knzdMJydLOzXStM+NttOD
z`YZ1Fe^#gjJ9DTV>tPHJ?hr}PKf{bYt!#D#dT>`zLoXwBy;tum;G_#^|EWF(t`|3N
z!@K7Z3$L-8RXvHwJ$mf*7BLZQVCWikmV2>!_fK8klDoEF(rf9EU2z(No?Z`=wXnRG
zzCsHw_h+S6r5KmPk?s^Qv?oo`B{A@H@=r(VT=NU0J=;SV(k`e!7Of3edcQnC`%1gw
zvHKI`FX*%n{Sap|#-a~`GDZGv$d;FYoX~Lu6G*(sBz*GN3j)+mY;ya%x}laA8fut<
z8@j@Ft`TbSMXf-mijvk(?YI5k{tXx8qYtw@^V4+|JdqC;>KeVRdGBS+t<66~;#V%h
z?6UW;UP(ss@l-Gr&%|Us!I+VwjQifF!())veS}Fl>_5mZG=u5eHt;;(1F!x4P#Wwc
z+oPO@#(`Rw>u3uUT^TjZw`GtU)por|g~4rwyp~6VpF#d^4PRO!1@F-NIA7sXQ-jb1
zw`3MBC#BHv|6Y8HqTY|HJ>3}oSEasXg)KUAFLc(=82%miwI6<#MxA<)_7jdOp?@bs
z_XJBRyZ`+Tf$jy#f>sUS|1J-Q;1Oxm#+3Z0YhkFOln^jy3u$Iru(Wvmw+hatqK*vE
zp8x3kcjtN(wQ<3&Qx<ln^^fCyO2ZNMTd&r?V5V<rEH>mPMvQP*Y-AUzY$yq<7*ORb
ze|3l=%g_0=27wvm{zn;42R8fZ2MNGIGt@(Cu{8)PZ~M2P&-iG6r-tMdNdCJ~4nq4e
z4R5VQK=Fq=P;g~ljOu|druS2;{v%%6Am>=^nNTcId*jQpIw$u{$$=<v$%H>$K<JSg
z@BRvf8e|K)cx$uv<X^vUb!iQo<->O<)Tll7CTpY~3L1*9ZiU?6a;=m)G9%Og^36Hr
z6K>gGskPbd>0e)~K0!h0gSSqa&7cM@#6t5!(u$MODSkejEe`)HgKI<5ick#z6q6fc
zq_09zW2hVMW7L!|dFse!Y8(VJ%U_zyPN;5+VplTZO1UhF0Riz}8UGdg&wj%HgT%~2
z?Y+fnuaW8s_)B87SC=7)lIrC16(naZ!tqD#GoVm;almHVI0&P9@;0CUPcQ3`exLuS
z&F07s4O)&6=p&S#X6!)X!nJVJ^NPRFtdW9ciO;D~+>9Y@HD~~k5fYU6_hH6g<sjF@
zbID(`S)I9rL$9b?^IUL<e>>A!<V&Zdo~X{}^x{B;I8x+N9D|g`gD<?OZ&V}pRx_<z
zor&%oIebXR{`x32e+Bihowap17R$6jRdHACRDkGK%SV-^axVSaR<Ri6ez<TZl&w<p
z`>y)Ox*mlcYCSkSgY{_apM4i-xvth?dl{#f3@_O0w+zvSHY@wYHL5o~7o7>KyA)+~
z_&89;LMiIDEyY!{eQ@MlC&N3wpHU$8>ax^ufQXCJ<XxLIltH!L)wAmrn@c&=5wck+
zRuR?h6vmCKtshaqIRLTZZf)dXtq6S~y=FzVwO?A-H{`_Sjr41(Wh~)I>ZY-=l5i>-
zfX}PHh4EPjecdlt!*`X8d^i;4c;CY@pi#3od-k@LSv&31(IVGs5nco6ZJE1r$QgPC
zG|Y@MkS*mjNIptG(}`8j?5~z(7WQOXREC!n@z&0yg*@Nu@|IP9Z>6o{AYow$q%pO9
z4&$Kku(lG7l+d*+v6bKGXrOJA;X=mkuBlM#()HuiK)huZCTvDj!u1?Z>9>C^mDG|O
zM-@UUlxX;wVWg5H^c+gIV*1SGP5Mn>Q;v032Z#JW23l#ZitFuflis#K7gU+@;dMH-
z+BEo(o%!nIlOT0a=*N0Cly9N-%?ePUeLU2}1{Xy>8~gMo#E;;ApZQKJ9*+|&g|G^f
zQYAp>{VD|sC@yA(Ug`9uC?%$iSKdbuZk6j8+NnCJ+89BmtEm?Z=tP@o(+!>E^Poe6
zjY{?t)s?Aizua%18X<F3rV>XUy=nXv&LEmbmJq>}e=i~#VMbk|S<B$GE60$Q)c?lL
zm236uubuFKzpD<&WgPB)5YSsejp=rgs$G#S%JqR-;O4f*FPX_)*~{y0C3LYo;pg5~
znv_}7L)L*SbsKG9!@4p3G`v3^!(vlv%$ZSrPOgu*{8|enJ*3r0fHH;8!&RkOpk-Zf
zzq*Q5F$4nh@)1o)avE|`lg)zpt!n3FINZ1JC@z)|w94>S?(_@qA0CriG-eb=Gyl6a
zY*SsCUSkKU(K&^_vd?#LlTMpqwxc6dO=>SYed;)p{Dmo{k$M;}v=mg(WLOc~ms~Pv
zE%!lJ6X=3<Y&vYoY%j({^N`KDQ<1`~{644XhOF36$X=tuZI)h)GqQBap`c#`y>v->
zN(V+f85iEzwS&<*EJ296)miMPci{Umo>#V><}xk#kv;NWU&Y0>Zmzs4xhdjK*UvUs
zreWJrOdiyA_}?uzq`gPrtQ_*6x)QcCU%MP{5nMQ@kBNZ}Qd9I3T{g;&qP%~6y_+-s
zx;P@IRd0;Dto_l#MJUacHle){k~VvW0-=Uy#RO8Hiq&)ou1uc!swdVtM8+5sIqDDn
zzpDGru%@1F-}tIv0R#dHBA^JNcPUa8K?Fh&k=`UoFEJv$Dhh<E^b&%CfJluZy@(`K
z0g)EE2BZcsNGFiHga7xO`#kr2xaEAgd>F{=ncu87v(~JcO$@9ctB4iEU;=8>P$@rm
zCMwA|b121>9g>3z)rm>@Xbeg9AFyFFTD(tgNGyL3wv~nO=mzJ?3vz+=?8o{BPbzdX
z4rwr!Uc3mk%GgaU8;j3i>|IQB<(Bn^PeQC!E$-6SCUOkNaSrKYj56N24tXtMl)#0P
zKR0nUPW(YmV6&Zn-vxO4<6jSnS2Jtm*mKNSMzYN4dMFCY@s(+84rQ0Cnrp7C$n&8)
z>4mKgg$`HglTah-#(}uh3tHqkV`DBeHruJ8$4MI3w$LLUV@<2_(#qM1#QP&%CAY!F
z8QmY2pI>@hNaDEOWy{mGS>sI%%<0<HJfktO-+FeS=6<jGgwAQFp6m|GO)c$-{hb%@
zWU&ej7{XuUt;vH#T+JXHR$tW&=}EuVSX5Q26K<`0`e#s5<>L#_M;)d3xYk2osp(l6
z=Z|-%dP@sz@wgSoqc-3AgQHw6O-4u!rKj%={1F*uT4vh%n0bJEEH7~1k{waKYGRTf
zl7WP(%M}xN^x2}D-*NjEca>C4S@`C;@*#%am!O*srOD6S;J$vc*b&Yn7s<=zuFS$!
zA-=ux<W>6a>(hak(+9T$4)z|FTORL9DQNZ_tZq!TmYu!#aa&j+yH3&(!~Q<ve)Ij{
zVXe#OrTaKlv3K+%pWYb)%z~#POLhPLxixRPBZt`@SFV76WJ%YhDp~3BcIi?xsarFh
z1IUBd6sxd|4plL1+>f%ZZ^RzF&iy`$l9C3p;K(%I#N#VxDtOB(gOR~3Igl^7qjWit
z3<jc$qb7hKItoOf3^d0LWX8#XFH!#0vNZSf=kyIwI>$~BarN*OaEy-Lp*irsfdJ?U
zD-h;<Mjpj1M~CPCK0yZ@;y<~0pz*&e5%Ng>yH}pkDkd1g+H|*geqsiW0onP7@MirW
zk$|xtT(BznZsj@JaX-Nc9QlmC9hng`a|9NWrD$@M=nOb#;8`e`p7^u?h^2tU|5hjN
z)w}bL@}iEe1_a9>p`taYzaI|X!<<jMv21GrLBLB?{bRgDnJ-xT_$%h2)4-91ugjWd
z{xz1*G?3LXiK?117JGPD0Ezhta~9M+Dq=Gs{XKIIlc6BpyL<(<=kY8{0$|grUKYl7
zkrR30q-@Y<+*%T9It6+OrQLYpOd;RjC}1}T4uX=(8A7M1pLw@JnO+^ac~3s#ISRif
zE#yhBd1~5}xx;=GgAfB?p+6-5N}bDZS|7NR@ShRMe?%#?UPpnG6j|Akcwo9u>+tBS
ze$c*xQ!jd#NYd4}-)T8e5MJAQ@#)8kIwo!@+}@qYTe`gZGgO_THQ7WlD8^(5nj^>u
z!GQarb8bdyACd*}25D~B_7A3)*nJn*<W!%5spyNlHkcZ&p!I=G0HEV3irPN4dsvB_
zMeZ1Ijj?ZT{eXR{32d<*y4GHmZ9l#7R!RC$An1hq;~#M?_b+o++?1B^hMwZ5)bR;^
zJ8|*d9s9R$Q#81a8Lx|^DxTE~^K|rCAuy@F{Fi(|j`kNnCr76d!}Z^tzD{W#@M)*=
z$FnsMSisg<uC1w<%ivZV2;G1R{zJuH8;(qFc{V(c04^+WJ3TE%#3h7;3i3?etIJ!S
z(v_A*el%Ui>br}?;{q939ulYD{`BMX{M@Voiq?1E>N$6YH(`4#C}7#s!`XQESHv}?
z*_7L(mYDFh@#OaI;1=Uw*)`X%l{XAPe9j6@!VN~2URQ3xcib}-Q(%Q$9r{}$$#p9(
zRjX&fytpWDWZ|g87;>u+$}KTmJ5!Rt;?eu$_hp!cFZ#JkRC;1la*-YcV|_lsA$P^I
zTXR(l5~9q03kSNCiK;~fnzkR0UavVQT7Tqfvj|6-S{Sju8tQ3U*qbS4`Q;fUa<1^8
z>%w%YXs%ep7O@WTN$;V(@b8)#_skv4P6uV%`RxnTO2)CkrOy{f-Il0T;X6rV-Hnhf
z_Op+`${h!l;m^$;#lz&fxfYMDIDBuK){_5jw-xU#-(5ej7F-bnOf|(9(4hJCU+h{a
z`sDhN;6JuZdi|UAsg^TezIo!g?x!QdefRvl;c<-#V+Fe*25U^fZl^mEtp!e)RjaZi
z9(b@mfB?M8W>l<&oj7-j%p3I>AD@@gh?{VKz8Dsqv2{mO7Tem?OqDff%MO0EZYp^3
z0UXrp1UVe|=tNyX=^dLJ2z#_NHn(Xh#z$QzO{)vdxMjieU=!`h#qKsM1Kl`($W~8|
zAvjAW1A3g(u^iHhgA~g5K*b(^PzC!4TEl$5V^|@MTa%~jwaCxv&C?aZ;GzKJ=Qt&4
z(2vSxT!ia!-9jlOuL5~4UoQ>fSwc=>nH#g464$z=E(DK~A~&RcD#>vGU$Dm7L#DVc
zf5l<aAVvWr$%Ay1@k}9@6nMV|W&H*BHpSfZd<Fq;p<UoNKUH22Tnh>V!swZDeUc3~
zTWV>e+^VGmhC4g9TzE2Z*0j#w`^$7$v1vI>bEKJVGv=dZwjvH!kduKrcjt+S{>0as
z;SNkmc|O4f!j-}Fy-U9VJUsVZ-G#-G$Z!7jNs{$pPv_aMT>G?P26}LL)1vlNilI5P
z+hB6lyru3$W8HNb1u9(e_1CRZVf&m&lNYF6K4PKnc-vk!Q|jCLzA{vKQs7C*l%2+}
zvwU}+<otTDe+a8l&vzpBLp0=};}^?;YbjA}GP27)>%`~6`#m=&Xk&r<aQ&MqV7-1`
zb}de>xglF}Rgc)GGLf!Um(EXRPqeDd1}@~@rQAWqup}sJS=SOV%CAJ~oWga6b3*B}
z7YrVI7j6vS7kM!c11?>4;vBtxN;bYL<sB|>)k*XdwU!!bmb8AkVV5VDI+4vy`t&NH
zqqZS82gF}SV4oyGgZx%cKpAcbLxUD%1*(#-{u1G<ylm#TZJn<cBi>{=k=V4u+6NCu
z9TQ4I^%#zSeYF|U|E4!r!A}GNc%C1#GSby#>5xD{j6p2a3bg7&_v5*KtRVg>cn0uV
zpK(&id<VD+I~Z_a863cEF36#E=FY!lq=AV5wF+XFHoC{+^b%zU2R$Gvypt$G6&ngh
z0PYEO&Jd|&%*R;x9YHbYqpd@qaSl{z;Gh}sKH!`{@KxIH;}7BK9AQaP(u!I~81W8p
z3MZPU0|$5;De|s@G(e%0^bN=n;wzLW9%r1Gk8R^KZlU3I;2dPI*8^Dw{zb#O3QlXq
zdB>HHBn{sG=W)IQ_Ijv`?Ml5j4NqDIS)^}eThUe5yUs!*AK=#nY&tX?3T%;&`VZq$
zgIGpnr7eN^_5l8n_&sxHCJ3x&Jkj<~e-~5iuOhSe#YJUhPiaiPLUn(_)L?Z>oMn$V
z?7#`gBaMT-S5E4@4**_(G+lFD`Ui_Oi{M^FR8Yxs!;3_>DV4yFgCMsd5`Ew>wX)#m
zraH{@__2S;_+#!)eJ3vTS7-o}ej<*>?0*T4ou{>F#Wk<}739^wjR4+`6cYQlwiOV~
zUy6@v835V*L*7v>!1$3C{@t0p+lymt2P2OkVn8%G<fNj2U0M_eP31dm`V1hUY}Dl7
z>-m(PERUs-nA0nxE-+BvcRQ~*69sPUbpKV_Jp!i=Tp0>=nyXPpn(U21DfdR89O~;H
z-Eq6?eF;1L>TjD;rJrl3=SA;_6fgf2%s~CBE0|W9%u{EkQGerPh9Y5x`3(2jq9<)P
zt<sb`!lQJ{@eYm6>Kcpg3(FOS`F-U9rPEdg)#GrS>?nTE!s!d9Q@$xr)(vidk%%g(
zczXP#m%qj83!$|X)hko3K}=KvI&R9*KKfh>o!?=;fy6Z8O?A0^AY`;8`?<$E(~VnI
zHZzTlq!fkTwpf-UnWZ?xbqg(=1Cz3R0#g@0oz|U+uw4AgpRdZK_N*=Eu6Nh%H2Z)Z
z#-$!pOCfJZ?d1Vy_xK|AC2@@2ngfEh#P~viye2*!wmx@-uqrEF*{;Kb%Hy{gy}zeZ
zuQ$!yzs=$x2<O&SoJfWdocE7Q6IVp>v?W9)J$(_zrHca+Tva|9HScVkPCd5WT7s;)
zKkok})sOjB76kTXW_`UP)0xwzb-@g6Lq7jCWts6_IdsoMwWnc7DS0yB5A)42e1h6L
z@gkB?NEO~-q_2l(@a)*w_s6jt#b?Lv<z{qT8S@Cbd^G9KT*KO#*uj;&5N72UK2~zh
zVN*oY1oYMQ*Pp$pd+7vUec+*I@UC{QTudRqPh&7k-L$OQ9NM)pS<0({eriiOC8Tmf
zd9?!{!{r({*j7H}k~7IxxLmMAYRtO5`Fus&!i9c(yF4fKhf{Ak+uzwv<pn40H|V~6
zw3InZ9jI3O+2wH6!nlxQ;_yc7Hdl{%RuiUeFRsh9-FvQYv(6N%%j2NmpmHNhEaU_m
z_cOf1)4Ds2{)KLve>&UYxlgZW^}V!yS$(vkJmP_hDZDDj7<~VgjzQUvLP@^_o_b3A
z-F5HO_;xljL-BL&Z~dwibyExq@6(IpyHb4-(yRVlzA|VMj=ev!bHAx@%PvQ8a{HnG
zlYYmJjFm&z{G^R?vGmbz>W9&^*#e9}n!}HlSmyj@RFH#`3dDN4LdJwoxL1=MZC1RC
zR*s)6V>h-^*rch2Jt?5-9ZUUgYL#X-KJxdH#g^EoK=;%1l1{&skm)D<-B)d;;p<m*
zM}_@TYx*YJPCbNAtT5bokwx&#`<Qe4T@$FK@O$yJVdkkAmNDk+T`3JPQy;5`J@&p8
zcDYu%I?<Bb4mwlV9ePe$D}J^wWqHMPk(6V(@Y+2+z4y>VPpqgz{lxTo(GtnFs>a3z
z&W~eipR&qe`i4PJza@&BRT%vosQ$p>CF=T-<0&*&5OnOWA!LgSGN;!?K}j{YuZEJc
zrx8XY$HJ)BUi;prV;Hlpqt|0k-}rWYvGSfUCHnS>CpzHEx25Su^)$sUg-gfCa@{%J
zEv6C1n3(n4tn5_M!fWzd73g?3<ZUAf?d36Jt8bN$%KjaEuC}^q8@*h)(cMmN{FXoL
zvzCKR*nhm;Fz>ayKa94`>E=BXB2lf7{CY^=GiQE{Q396N7x?neR$8yIimR<1$->V6
zXLcjWGUW7u!5$7{qzsD~dhB(lDI2!-(e1daR?WP{p>q1jGAC@4*odNVUXu<LfqXWR
zK{BG1eF7}j_p$wMu8XhzBFjGF|7csj##Cv{^K78U42329r?iz}Jc+GSea2lk4St5&
zZ@&4Voj*S-`6|?=yvOVPBUL9d!+c8>QM`5Qo(~>?hR_j+5Q+TpK=q5t^9L=F=_Ayj
zkJpf;&kvMHrA~86h-Kvj+IGcq1eZ2war0+9)&hdbwrNJWsj_Zss9Kn|@9!6Hk4{&;
zMY#Yw9xL_giRP%1b%`;H;r-xCCD&VZ41yEHvQ`S^iS-4vyI8UrJFU-;Hb8#+S?RQW
z&J9`u845ir8E6!J#{DgCfJZ!tspn~1Q5WLvOh2dkR%{_7E#sP5V+Zj>Dznkka;F6-
zE(fB$1&-;$QCDOhbiy->5J%gd>Q4xP>)pX?fa^$4hj=EVRI5<>fAJzFmF<=si2tCs
zr4wd+(s>3pI6SKXw@B*=0<Tq$M2&A|yYu|*(W8JoJYQv@@PWL10t6nwWx<KT`4FGK
z#3PzelfZ{cz*PdQAnH)vnj`}12&rKa;*%2Xcdi%+K++*oLEu2$RKbZzz>m>LCqLBA
z5;Wj4@B!R)W_t5Sz&F|x&wV`FF46=>+mrvNP@FBmt#lfIsKNrE6Cc3xvF9^^9QNQ-
zF9r9@FxsD=eO>?&j`MkdJ`jl350qKsuTOCa<~vNLW`b^j5y_}!BWXUM-tRcz7mtJw
z$^`Du(R2dz0D<&r*WaCi`|dP6(6@i%ygsT0eE5x{T40+S2B5#DkqG*~2D)(?Mt?*(
zXxOp3HH@(pn+1SE8z%LkG(FSC1UR8>scFOl;-l?>IRN7R(?)<G<gc9Q04@N<9pxne
zs(%}05Mo0o#>V!3m0$fOsUC7aCjc{b%~X|#s{d|1#UOW!UE>$x%_ncfkX#R8N^VM<
zGSm2mSMiC&mF9-Hiv|d77uxZ~g#LuXX}oU6H{xigZs!RnS7C&mz=t|vqt0m4pf9|A
z`f1!9%_m=#T$~agPPb*+98vq8T`MG+x;5f=mL`Aa50I^V!Gurst?(MsP_?o6MGkdq
z4<0YOCGAW?Y<0w7Og?>(3wf^N)z$LA;-vj7%+P#-D%G|JB0oe)X#S325)!0I;590X
zkj67?o75tjlV4zEr`NzKM;r-^tC=w7rc@d|#Jq?Q!;0EP48TnjN<X7hGBRH32eq>H
z<*v_$qK@0MsA|vdYhfqK>EqQaUW|(iE?JP|zAl?mC;h$pm88JB-m|!;m}jV!3dVr7
zX>QKN7!LA8N5|>4l)I0%wqLzD8=jqEeXx{x_3F7>c#q$kW`w2sKz>6xUFr|!w755-
zA6<!NK1b@&pTcz+-4x|y<{PNycWioPb6>0WGS5^+>MgAM9EDMueJeTxb*!JPB09L|
z76fZ@E!DiBId>DbweiwVaYuJ&^U|^F+9o?IPkr3z-?Gr-hVF=EZJ1LJx-K?zXM<(K
zg^TpYaohCt^r7b&3B_y!bBR;&k^h2=e0Z>C8|yG+(s(7X*kJX}a!hK%hcx}%h(@I=
z+asrZX~ul50o87RPG{%4QhH%Czx?*YTQF`tflqJxqNlE;q};j}JyV#EKDb@trBSW~
z)r$Kp>q2~P<D8!MVfh2aHGT)3{8~k=oX%$)67L`wCx8vwdvRw+thvZkaQ1|gc<2-^
zIyTu2!lH+=+x=20ZF`NZE988d+F*t{6c8vlYbpGrsIO@NQpS-#XZ3w+bMdU0Sfuk`
z6ASvWxlFavS@2{$HEz|P44qXdmlTVh{j$DDQ9^c{>N>BAu+&dodVzTdGiaRM--@WL
zwT(+CoPBPCUBAZ|o4@kwM}Eo{X?Nq-Zpyo4dt^2NX5v7M^j)2(70)t*DM&^f*KoBx
zjOxhpGsB2e&T90E;vU*@-R<3U0h`8t2));!K>p?zMVnnc%`mj7$Bm6~#v*7#5M_s~
zoVQoKTOgXt#D)Ex`>l|p&DVDTPRZSiYffC!D_Zcq7rp-0&-FH=O7mN~whx_@+2%^f
zy#X(systPsq-q3};+H=Y8J?QzjzY~Rqh4%(X&i0Jr<mlpXVt(5edML}87lO%6nCd^
zPNjAp(xxJd9|L}^PU4<fbaOMO4K3kr*tV2nd!Jhb{GQjpWT1c1we)6|-|Bl|?bx2;
zlfN$P2Fe7PbC#XubeR}~tnLzj|7`7lX7uZ9a6J0mH7t62e+KoXstboV9QXHr26($e
zeX%%&tzV+jrL#(c0aJ6D#F9@ze+(8=?%Ys0B_4&%vlA`K@(S8;F2muv6?hBrl}z(j
z`jOYf60INqm~o%N%_XKM&)LL}K`{Ow$|rDJ2e^}kCP8qgtep}8$H6mq>?|FK9}Gxy
zD+VNYaJlA@hQI1tHMDozg!l<q%bz#IzxNG<=8dz$9ltExtG+cmxN>IfNlS?uwnFI*
ztS+s$Vc=p=QE&9cW5NW{lYPE1Aw@kpfgXN0mOcb!o5_}BE0urc!ZdDAh$vt&k^}Z^
zRVTrM?{61fw_UJQ**FOwN+|k9TQG_;3D>$XrfRc~wa=V;xM1xc5!kmcD7VEeN~+sR
zVY+7BKHEaMgiPz^A=n^`#`cYOK4jS33I&<Q2Zp|NukU)7D5(9ft;WYktC$6NBuGX=
zP=3WOD$}52bes8HxzqjEzooMqJ@sksNZgTVHh=K0|1Qt8D!D#u`67GsR8A;7K>i_(
zmIvJ#1S|W^2VRPmO@@&df2RVm!cHgjA8!vV>;Dl3#2$qa|2q!|sgMZ9=McKEI_THt
z@VM|Jzj5&Y?l*v71DKQ*aljclH3`$dkSVe=+v&W}ZngMb-JrX?I^=M{G@<Do`d~P3
zx=j8FHBXjC|ISNj(Be1~e%h3Kj^f2Fm@+Vgyd65kPrZvI@eY}$Q`Gl;1_#<wB9N3k
zMn05Wr{|Ds<LDD#y+k_Uev`?Pu?Er6_dPpshxSty58u8jIze~kVKrUsS{OkA!f}11
zLqSvIOX45Kt%$7Pz6@z*je+!tww}Y#3$mD>XwL3e7!@V^?Sbn9shP?XyfYTwXc)tf
zMge5W)!mvut!F!%J;oYHVv4o)p<!iXMJF>X-Q}A{mC}By$2S_5+jBSP;7+oHcIY8>
zBx2!8(qVc6WGHiDZG7{r@mdu1+Nxq{^v*KuYnEE7)N8?qw$;DfyE+$Y;a$Sjg<p~I
z!+mXPQQVZPp3i%A$=})8Z@}lmJ!)lwt+%?9_>}c}ryforsbxut7hBFfX~qn6JN`L<
zPE~!B8NtWy2=71A^YMi02Foi}dr6fTLIvp_W$?#8Y26$BZNy!a7N1}E)5^BEBjoEP
zQ(Vc`Z5fXudE4vpS%JbX1{49V9&kukiJD3<1Rtp+g}z`_V`;0ZPmI_g$>2lfEUMo&
zxta)GB)W+SdP^EJQlbz2l}OW{8moGTEr$d@aW99tTauPF%lN##o?eMNV%(cp_V&xL
zvfD8I#D$Ptdw7Krm)w4%lzBHqcsUE!a;bV&3QEL1A2g9&$@Tf+qlUgv&AtE2&Tll}
zQ=Pzvavc?}MQ6Nx_m#{(PH>fYk;7QP2xk%A0H7jZF&?^D8jbY&HY7FDUE*pAV~18q
zZViMi<fa44lF=c_e*uy9I$@H~hofDNa(iEq1(ODi^$BHe-Ya{>5XZnmod#YB>+~qb
zxzQ6_`^ON!dY)m;ea${3EJL8l`{P48Mb+*u@ooCOW1Jb$Q0mHyczF~_Gxt^5svODs
zW8#F=M-hbD+CKC554Q#Be%mM^uZX3`gor?i2QbyfY*?XfwhnQ)_nGJRm}>n3^YRHD
zt8e_n6oy2<YZrTEi)%auDO=%=tIkhwjH$xc^h{TZFQba5O{)vT`46=>_)(TOefCjh
z`b0*BJ8)&ozESh#TfcSW1(Y>tgC!EmSkvi!Kc$;nS1jWpS_uXAPKh;FjH=4E>gMnb
zmw=lyR@ZdUQjv~7>=X?YJPVq`r247DnlEuOZe<RMem1U1!D?k|d4aJhRiSxDGI7op
z!Q*xyZ?v-XT!(0rj`MF9MhHgAMlIq%5@|S#=;bVhW@hywPBW|B+s8jV*lzr&L$S6j
zKv0VLcA?|bln*O{vMXa<;$$NT%EOOGPX_HYqO^Bz$VLy|n5G^)`8DyDS2Z?za)ifo
zbUu8@e7xR+@4{Dm<%}k7pP3NWEU$B#YC){F9JnWNP?{bw%4<+wz44CA_aV_exbP0A
zHu;A;E4=~ftLb2uWnIn(d&<gda8|zctIb1|`3?WcU49=-)_jOg;DaV6L5tTbhb|K(
zx*P5%)(G!y$VuYC_J<_{Lwu9A*^fxIMOPS)Y|{tcj$9K*5WJsaz>MnxtZ_}!uCrse
zD>js6;M;lqJBz$|+cV`o_2;Rz`_to(CN8H=z6$h7R)%Y9?@?vZqtmiiC%h0o_NPKZ
z)0(7?B$bW3GX69aEW7eFL?QT4J>G7ILz04(&F1)A4ueZlxf)TA135w<z9$!Opb!Vv
z8Q+%xzhV4z*&HAps2~J&ERh4?pI<sVouBRw{2S^R?Rg@{Wz<bUx*MzmD4qYcahd_#
z>I$&N`05ZBPL)BE0o&)UVX?Zh{XPkp2O!=v0Ct1`3ee*XK{}9<v<?FZ7~(ZJ>HoRn
zxMlor&TjxsKU!If%EWUn;d$OVt@tdKCdGdr)(YRM8ri)I3`=*9-B?M77{4Ptxisf-
z5pFFdBy&Yo?LI(rOKflcrwa%)KbFl}pNO-Ze}cCaO&MmI+G(wky%HHz08n~dxHMMT
z%e)8!!IH-Lr?S}m>+VjCnRnd(fSN$c``3#n`i8@-KDK&c?wDjDrG`5%#e_!k7l4m*
zyo4YII6EWGvdN>Ci!*V5ERsd<eXSI@{^qBO<e_X)nn<GhBF@c7sZLG!@SftZn1?fe
z63zUM`w-vX8Os2hGbQ<b<QvGuSqn>4;|#=fo8By1yv!~eRG^MpomRs3XR)a7+G}mK
zVr`cm9e@D^(n-BbDXAh>mb}nuC}%gL+;5L4&2iN!y*K@RsXphrykMf8AZEX{Cmi*o
z#ai;x{-;4=F9Xmo&oSvK2*k=x`;GuQsn?F)4q6X`B+P{6bx2~a?;(}rZEGRcN*$G-
zSlsBh($w6V_Ld0GORWXv>rWR+#!-us8QOUkFEhF%0vdlHHD_mSY;s$R?|^^!_a+!j
zEL^)2JTzp5`My3ruv4m#5We=#JHP66{e+(IYP9*CDtp_;<UQ|Unu*ZOmN{g>baXS@
zx^J=?T#q;B^@;!bvHt#}*P|-SvtO4qk-|{;0BW)^I`x-#p?cMXd@&nftsI}j3`uqK
zunk+>Dgw==9H730-bZe91aFfFuY_`h025rm@k@gMgARj1S&xJMn=2>{ZZ#VJO;-J1
z&Wz6$ovN_(6~ct^<Yy069xkqZQpyaE09_9E?$6r!U~Eu;m1o^*&GLeT3b?6maA*<W
zR*Fr==DVjt`4SyA!gqPt1F?O1_zsg={VzF%Ri12r-xr_!+LWd02f!^JiBtos`xE#N
zdni%RG#xkh{g2JMjClrm?s0-%cVA=vfJq6$XY&)k&sEQtI2PI*rt~H$ZcqHtrH2&{
z{`OHH8S#oAU$5*|Dn%gtZ3euzFpFU)l~*N0Z7L$yDhgQmk&rvY-#l|)@)1VODzz1<
z{vY;>OkLf#5aS{#s*U9kBuOyXR}|LraZO@aNL3mkpV!)^cCcV7vVi;Co`N&T%n3T|
zyo!(={ypcZGHNa4m#?n&N0%DXR6n+!X{)-=8@RoF(Kw(T8B|(-7*#CL>6w%sXDEY8
z!o@;d3QnHAYA*8eY-9g<3n2}53n4w>SqOZSl&yfDfJr2Bokk^^Z^<yv-S+v)`zj{P
zW_EhvPf!l;{Pp=*Wm(jP&7F{&i%ajpW`2K0*U+6yIYsK~Q9dR<%YD@w<!+wtMRTgg
z&2yJs)xFZVHm9jSdp(1#QwWU_d*QaLJ{y6&&86kV(IX*`BrS`Z{lJX@Wx7@|@;34t
z)K1gFL+4HW@UJv+t=i`M6{x4^6h&5Lw}2mN_xg>fQ`EXz8}k?@u1!nd>cPHuyv9?*
z7pM)Pfe2qG1BbFb;N=>Bzh$kw1H)Sa_mY&c!Er-v=R9Mp_Zy4#5=0X+#}PAWrRtR<
zsK&Uiv)1tap+(7jlQi3^Epl?YKEv#?5_WhZm3NV~e37cvr~meslSp6g!N@(5)80s_
z*1p_s)}ht-suH%cNYCBI-g~h*rK`(RP$1;f+lY-h6R+v!5(#XBePQ`kz4y4eV&y^8
z1q<uoj6FO7m&~yvrB_1zlDd<TymMFK$!;(3V!B1Js70v>mkeyk*+l2Qdi|&VoBH0U
z;<&xzji?^C1%1l9q@R0lcYRME&Lxn$$MhS%6RgTruvuoo(gnD{{%!8Ves{Po1BIGm
zW@~1<DqlUrT0B}Guy%RRK>x)fy*Rtw{<&yX!fHm&%4=K}6?hdc+}U^)w<VW56u*i~
z`BmMctZqX6U}<Yh_9aHT-Y*|nlJwbJF3yp%ZT}#Q^*^~vqq{;^j0$P~P;cb_{?Ma&
zw=qQIYjRC(BPA&W`sQ9t>c%bbo_3G=?Svfp+y#T4gXoZmn?2vR1X7KQb3FY>HhBTe
zTHDG>R~BrGLjK&^e36-EEMViJsk}tpz|J=9i2^!cZ8pgmRyZp!EkLJc78BEQZuaK{
zy>Ib4Zk2d^w;!G#;QOmSI2b}ONom;s;aqMQ{L!L_<elEV)M&Y<hq9GFJTr8m`W<x&
zPFyw%>c~!KJzi_1*C1Xfzv`>b{pYHGd0tPb_U5K%h@OJvezHCkFsj;vb>1OO@HA!f
z@b;!(=-hB~Q}Cy$NyH-2!St}I4^n`;akxw|Y!u4^&_G!nAest+0`wVp1Qc{28nr+H
zsz3?Tieq5_E>JLlXet2;&;zg$tpIxe&kzERv>FbOkn|BK=mu)^FP`q#Bhdd-y#EH0
z{(pz~O#cDp)P0Y58jyR2zRDE=iM}Q(tL<yx4tYPs)0lX6?F~)@f6#gs&|rK8>cSIL
zV7w*V3j;KGl&s(IO<m^kAw@F5h?pd<YgKbi1Ti{U(*u0vOtK;YXFL5;fplAv{mfb(
zfbkwTe@}pi;}U5(%ln)`vgi7_V;})0dGea>YCmeUsi~#q>3vk+BI`1<uOSiK$(m(&
zDY?e1p<VqXD4BpDmKVm@p_(sp><nG#WX)M<z&TkY6I50DFR0vAQ4RjsrA`k@Hq&kJ
z^V$pet%wyR|Nb2n*uL7BLI|y#S=U6Y%~B{7MCr6*GhG<vPmdQ1I;Yu?w31zODWsw`
zWru>)qm(81EErBGtEtJ!$(f45V7*_V1_rkEKBf0XtW7;ZH*AX9Qp(bF-}}7}lueRN
zO2XIH78Q}nQ&U)McagTBJIXk!UW8o4r0d=Xevg}}!r4XV<8d4}V6r8<%*9Lw=VMsm
z*6`~veszL0NsYjgx--b4i>AEHR%S~WWpy&Ls$&A}8tXnM=)-M^#V-c6Nda|Y$ekPH
z)0RZc+0|P<d(u@`LWP)aBOx@{cx5yLQU%pMk>S^&jys>a^E?>6Q*ueLP6DfPx8$D6
z!a4k?A<2kj!2sHQBF;{H#JVp_ejOOKvLK-5rWf=*Xa@DlWFAEl@)3r#gC1Y9<Ar<i
zGeNMbFt$VlK|nXC$^&Iks7vwhZYMa(&Yuny85WMWX8_e+^H3ti<68J(IjC0FP>cw9
zQ9>6T;HRNBZYVz;0MD&fXfhxiKPgW4o8<|CiHP&~611JuujjC96&d<OgGcaCYg<4q
zNf;aKN7OSS`mrVC8<kkP!x=#Sa$sM@Q`j6_70wpYtW18TN1FPe9QtNDbpEt2=204a
zpUjjESBP<u4nzAYvJi#A@cm!{Ydh-2Vd^=ow*`Fr1~TRrmikCrD!Qjsk$?xiv`k7m
zl(ExrpDz2uyX<@rVXYtlQ)^2VMh0PC8oJ+8!9b<2)4g0fRe#eR2A-3*<FQN9L92nC
zc;SJjD0LS@AYFL+k0ur^7;)y8d$g=LUD$*OT{vMH@+7Kz&z^gAoGM13qMa!Vnz^`~
z%I|f!EhC?Uvx|me+o=11_O+fdT%P9~=7zmcY+|j~K`VlNjfg+Q>-#3&C{o-bche{D
zUde!u5Q{1RT1_FXWvzBmJ^b>#-c5;0;7~`NY{eNhLccNU!2e5=lVE~DN0!ehTelSE
zY6s|X){pDTkpov!tC!EL9w>RCPxaxng^?6q_8zpL#Mr(j1YdwxYXiO1GiqurVz&Ks
z1;!&7@D)i!tHUmp;#vm4tM^o{Sq=;P(4U!xbJ>GBK9MV0x2_=<UHyGJY*4c8sNc|u
z0$gE|04zr^F^^E7H~@dlaGA<d#l017rh(4H&2^%FxDb7)_;@I4<qbit9Wu>1(Bw34
zWYzIjF-jUVo6%FjiG$!yf{8IL{5<_h1eMnFXyChib_U#018bw5!F;vR#xcRMMbcpj
zufH_4c50O%z@Dsv@n95d=vWo5^UrhYqxKhvKkk*}<h(RSdt!?L)G@R7tskNyH~6ZO
zc4F-QOoj$b@b{uo^<vo2w}e=D7W`B6q?o+;u(Z4!1d!9@gEYIv3I^hOi5O84m!UHe
zi~_HXj{bSx$QCIa?}T;5CLlQ;f;v)8qbj;9Rw^#y_Q2f8sL7NX{JwW~>driEzB!&B
zKc986T@}#3bVd?UCvx+JnFN^Z@<mnA4nnSv2bb!hl?>3E0&1KI@LGd(-<1t8TNz%y
zt)Q)}9rW^6l~<m8>zve;@SWTS%XtKt%wHw2`jFL07tM*E(^u9ZhrK0K*E}+Yi^=(1
zrwa?Z_=(+wbJ+LvfL(Qz0M2xFrEb`i2-CZS5hNP;b_8pL&W#o*4#DeVt>cefE{85{
zT$B)0Cf#cIhVTTFQxsKTPmJOIZxzW<tSURbu#b3^w27P#Kt1~Vo1`<#4Es!3-Orhj
z%j23sXlF~}fE{YZU*k5m(V&K{(6Yq7#I?k$B-}lb0d(C+{!G;udB8B|dg?^&q8wNY
zF=)k2F9czfRS;vZ*Wlu0fS163hkNC{<j{-rj@LQ{TE9c@*<noZ*%2ME0~75|WB1X2
zlm(IFtn_(`$efB|za8B=yi%JTKzZL@(2Jf+@yeH;?}V<5uefqaGvEF>=mMr^b-nZY
z<N$B&scCAdT;lCKPMv!5(6=WS(OiTFt*zbeBm_7zt{tU@pHq7!4Ev~PiIzSefAS$;
z?o++71CxlMpGJP>h0Kx@kYNZ?0O0Eyn^VlmnOx+tj3{S9qEGIlhl+|6A0_St>!`jI
zf_3ykk(sc>d9K*-w(|hUO}#OJ7iU}7T7LRv`1MzNZ+hfXK6}RC+}OBc960D>U(7Jb
zu=H1;e43vHeW_4FUp}loMV@D^o=5TE?aoJn@sapv$U#M9$z?DLBl@xx2NP3!t7Zdq
z<MJ@@vMu^9YTVFWDAoLuFZO}eH3?cHi(v_2cUrUV=T8+IN{b=n^Qad@S2j_+Ow155
z3OP)OhH74OMq~;F1<5gWqs*>IBoS^jK#&MFUm+8Kwbw{uO&HMR@!B!Fz6!+#I&!KG
z={EUacsv}h=yK`0TATVxc9ioVOi(~kRE(jxH8@Ja0KUBj=8m?Ex!QKq{-<IL(A}r}
zv|V?FR}DS6RX!@qut5`9p$IRzD41}zLsK(vtB}K;GoDHEW>6bHjCETW)?B4`J`fOE
zhJ7(0ke9;VlDQQ!B<?0=xNLMiTf4cHSUd;tJ&QA`fKZR=O`t+jf9}tpC+^*$)Z$jv
z?1UvQM7v{KYW%FQz}OF5t!ELY*U^$-aU7Q*(mO|rZQLA<V0(uAS;GS8twXb6vRCTT
z8f(vGdBn230sJbN6%R+YnO*k*L>M>Go6H|%61m*{T%*C7C>K3Mj79bn`~YCRZP?F_
zM~`=OqxNZtVla++4~A~dYwVw4KXDblJCCEdqF2Pu$Edb#Dna-%U!U8-7`J?>Kq}@$
zNj^2>FB3M2;cknV;RjgUG2dz8eBl<!6;-WA67rN_Yk{|z$!+m~S@d6>*}26j!L;9v
z+hz6@Dif3EP)<N*M9o!H->iYxT*Rf_Xn>NZRN7r8E&$AYQwg>CIs1EvSrpG5v%QLp
zY_sRfMJWxQl2i_o$I0QRh`|ShThVLJqagpPv47-9PzpMUdjWSsw)jyi2~Pn{VoYQi
zMwo0*VBh$45{=_gQFE>cPR~nC%*0-R7tuICWKsm_pj(lXVxCf~j{rF!PPVTpc>A@$
zi=_dA>C`LFSVopd5G>uLd@hE|u;`Z{!he@?+Ti_k0Ci=&HxHtmiR6m4jJL~(Drl>Y
z1fH$hHP8W4c=+kYRIqtM3|W<#WiO=h3zs4ww#NF<OF4=x{h?Pm(os>XQUB#n*_tG?
YmE=r@QWo%!BS9b?EtqDR#)D`71KhggMF0Q*

diff --git a/doc/user/project/members/img/share_project_with_groups.png b/doc/user/project/members/img/share_project_with_groups.png
index 3cb4796f9f7004a82688bde786812fa209d46eef..0907438cb84096f93614cc718a77db13117cc302 100644
GIT binary patch
literal 37405
zcmb@tWl&sQ&;~fT1q}oZgb>_Af``F^6A11e++7C=8r+@1A!vZ$GPt|DYp}s*V1VWQ
zzS^y={joo`wr<sxzNh;<-F>F}^i<yn<!{os*c8|R00383Mp6X;Kt%um$Y+=+|54as
z_Ad`w$_i><Z*Fe(_V%{7x1XP%@9*!AkB_YeV~mV4IXF1f)RN522OS+9&(F`*)RNWI
z5}%)81ZCeQr!H4lS7Fc38R;1c3Z-*5&)T`m`SW)^FGHPtpYP^wuA%0Qq43qBnVIRw
z>+!p_`nx+gc;f2m>G66t&!=d%6l8B;+QG(x+1#|+e~fsBuMQ6MQ&_fLJwGG<^>A<)
zmKJ7gz@A1%S4DZ4|4v;LYca4ZR(s|Q&XjsSKkln4^EPbV(|FG6voOt^KGfG&lvm9=
zy5(niIvzefpWNLX4y18#Xl2wdr}Z9H^sTdVO01Qb?TS;!#3pofG*ufgXmD^k29|>o
z%by-EdviTajAdh*cYJF1AQh>78>gqo+e@uk8JV4dKZ6`yVy!vYo0D>4t?Unu;cRlb
zsd<%Yi9g+3s@+4=YRbD2cDNkIl@Vd>O>wqc=l?3x{NWdyMHSU{ah=CoJqxwbM?3TT
zV-+cteI72l008=YYm=IW7Qa_(u)m|7ogJr~aeSC(XYUb+jn(@bvsUO*ido@ukw)%n
zqge9H0~oo<?fpujyp+_hrU1#6@s7PVP>v{TCU}aSJ%^PwEZa-{leYhKQS<rK(Bj^C
zR`eh3(6)`gj>8GEQ)jCtKgtDd(mD<%9My8P90T1(Q#E|RVbl4d>?Y|JVxEE~emYXs
zUd<dFzB(M%c&)XJ6?#AG6-`!GxVc?fSblJFI<T=>ad6o2@da{l*t4_SGBKI*@Obg^
z`m?j!eE#gm#}~xUAI!%W@adBeE2{-R|4#vd5Kd0#j~_kuT;QVsKx}}lq?nqg!O1)y
zQ2-YKs@T&rRomUZ?gvTCIJM;fqx<Q|65g`6^d^y74D(*)B6}dY%-I2ZkM^NnoiH6b
z-pCu1%EjwqN1oLRF{z&YO>R(xSMRwv!X)*<4-rmtVG1V%rqEo_f!KiC1DF3@UY>9q
zYYhh~>`;u!297QHks~&d6;s6<MOAE-t#Q$4%Umqx0)q~n&15UEZLAo@l;d+l@c3lb
zmc=IfEDu%cKYKET$ZeE+$i9l#XRXbirS*IM8NY!K-D%E@p^?xuq~+Z3uH<D+SW<x@
zf%c|6R-h;dBY2)}<VFi(V+&&hANq3-0~V3ei4T=8z=DCKj}-g=mxcryq^Iqtb($iA
zecjLXB}<$7^*_8wpa8=uhohGDf24I6@-l~Q%gc-EO6&X|v@s#JNzBFRDfV*K8N)39
z*I=i@SfPv%8n<uWij@n>kHvd5LatqV1HXls4DtBG%3o&w4+0X%;&#mks0uNRQkI|d
zPBGWQZvib#8W1%AKub&?$1YnvI`O9<1OMmfuX&Nwa+EElFiKD_x9|iPa=~xyz#s68
zgSf9LV3W(~OX6Kzdt6We4I8kN(;~TvBx-J80<XrB^LHSPi>dDBfc55p7RSHiHoGG#
z2uS3u-~R7b>+15G`Pp16w9q1or11zt-eQgx$C39=%n%=G>;ha_YyPNbs~H7jgtX+!
zk|bTTVl^7D6F-G!(__I+-^Ty}8b;muqiRfZ5H;V+*?7TE9M)@2a=oX(e}ostA(grr
zW)kH@R?ud7)W&#m>!&|E%t*-)Q>2}-f9jL6#W#Q3*s@$@Auxm(;r#ej?r2Wv@yw6I
z>7L);qX|TWfqy~sU3ZuvvFO%q69d+DiGpyymE3g{LGW_NYS;>eax=K48iwnCc)v)3
z7pi{W?CC;g+KaVX$9my%;pJWhzOj@5U!2hoggUtTh%G>W`kC5|V1AlYRT|WT{V=&t
zFDWY0tY&JBn~pDxHH1rtwepIysqUu3m`iy<+9p>W3N5$!*&GoY->GJLSbNW<r_)>7
z`;-QzFDAU84^LfEB{Ule<JK>}Or4wvzl&&-Q2*j?y?rMbvo?~o;#3^#zbF7%XsBU}
zVf-vsC>dm<gZ(2{G%U{ADOZe}qp3*aJ^|GonbNT~05hiK!djZ^q*GKTlNK4H;VauQ
z>hyQ=SD*{e#kNn$bjiiC^X^Yok2$PM<D9zR65S1*i8fr$r*4uFms>t(`1%AOG=V=i
zI9*EUK9aEVKpIozAFVXF8h=m=J9Scji$rS!a+Ml(u8#*rT!qjeJT5``9lzB0GUPZp
z87)kP_V%t>K5pzLFkhoXcuF5Unt#Lvm0YcR_{B%K%h$@lzoN+sA_2P^EZ7a<?V0tA
z6^<~wUh*Xm#)3>$Tf#FlTMic_*dDpI?Zfb9s!@e=o4}*3!#UoFXW;jnBE2JRc=X2~
ztw#_RL{;*JZ_0|CNM_!?p8MBB^Vq3MI@}d#>lfz4<U;$<Z$<LmoUxf?+n5BUhNz%m
zUX&;7EopNu5*HBq=E9P*!e<2+(rKk1))p}GleGHH1=`ckAla(o8Plmf4E$*c3AN&W
za}^t&7N_rfclYNVkIg^CHg7Hp?}F1LP=+~);2Ksv=RYTv2u%tJj?N|89cW*HgeWhx
ze#63RX2j1GJS=!Rrg;#nsZo`w4oWqn>RsoDc&6zZBQCEkz0|9%ILgj|+SO2(SRyjK
z<N|m#F2rV!uOdweLxCO*c2kUyV??<Kys3jqd@RH13$m48vo%wB!+`~nP4Fd3Fodmd
z-N{0?JS<77i9ld}MDA%62lT-b;Pd{2QPm<jsP&Bv`TYjg=7Lq1gdbt1cI4XO0rVlX
z$3dVu<(r5mXBonvU62M;ZBU=e<!&Z=ii#L#frLD1i`CNkojWoU)svd3^(528p=UQF
zan14Xu5+1Un{7JUwl;7Nq`hKt_U98Ly3jZ!loKKb6;dJ9MK{$xPO}AYehRG(Z#v_T
zfU#R>Q5Sc;Jt!JVGr$Ym*!QESW-UnQB;B<mN|B?lR*M6xj<<%hNSSfxJTZ(agkQS6
zKGdz!;M+z8J|C@)F?(hF&};em^n}xW?mf==g#J~;<|!i@%PWPD!GCOhM=~=uW9jLY
ziMhLc+PHag0+)YvFohsC$cQDgJzk(3fqf~Mq%S6MUp`!`=tfR$qNKjXRGLRiS7wL|
zA`@f0ji4h#AP-k}{Wc*#7zU1*4Jcgw6o@n&zR5+XX{?@_v%FS5TL>A43Uvglq^6N~
zR?ldVy7=B0c-y^8Rwx-Tz3ZPjDg@t3jiEPYNfsp?qXR{D?zZQw?&0jghJTMrB!jcF
z?}CCM01(j-1b<)?qxshHATKIr^L_nw_?s$(#^xnkqLCyWCT%hqUx}^5x<&2iW{GFT
zry*jmM=Vurr(3pHpvgo@o(U%agZV$)s1R<Jrc8<avGjp4g;z1HWem&4P?wxPqi-9U
z4g$MiCbp91#d@@dHS`miDxPy@wIbaO!gqK+Z;&C+lN0(C9gv<w(uN#7rJHR3Fm_Un
zFIkR540zSa8*|;~7I=_~OB-GkBu_@1{q`*ZE)yl@lpntzmY5`5?TxY*G*E$}`u5o+
z2sH@`Nn9`H5*lQ{nqW~+S+tQ@vfHP@6)-MD%u-q?*XSJj;JP?SLdJL1Mvou(mM?MO
z*Q^_<7F#F_M8Ch+V6$-p4TM2q`Y(8BNt2Y^2WQ_+V7rStsw8oz+>}Q`qK2NuV!l8B
zPUTVJRd6{U6soc#+T9bz4A~IsIltp=$wvj!UY<4*{;68Au8xlBqHoGc+K|aoCsG#w
z3<+o5^ZG&Aw52v$$DR;6!Mme7YfxcFd=}c}kYpz?j-OGyv?rX$9?J`>{|a^CM?l3c
zc9`JO?oF4O79_9aKv*F`1CQ}<gx_%IrvjkLH%zA?;;Y3<i&=(2M;GjvK(w@h8Fl?9
zSGhj7gQfiA@tR*aiRppUMwiLm=Q{8&w_A<$tGlZHSEcQKXFZ%h7a^BR5NtZ7z@Fc>
z=+J^?(+$N9A>e6IR0`99((#(ck0ZutQOhgdUv9+S@f373_Xj<(tiW2t*Ca!fWd(Dy
z?E$6sE__37_CHE?!7RW()_1kg@*Vf+7Rw+%wc75B9Xkw*Exu22zivuWOe8jX?W6lT
z$bUsw#xTz8;A{OH?Y1OZEYUF@J||hyhFv(uU3JUA{r;RBxck2bS!nnGF})2@8PH~X
zDvUnq!MVx!Q#%I=^7j>(SFVClRe2SIHr_M7HFgej&1%qhY3Ye|+yy9pD2KWY<eA{3
zP^p4Q22kMd>J)D553|5H9DDZfBN)z318t-~9SlV9Ntd0ItHTE*ej1TgAwI$w07{Ug
zPr1*oRgv1FuYr`P!C0@ZdB|ROpuWU#L-b%e*qU!fkr^raH0>>qNmE-8Z&!63{ZHK^
z{sWBHE|acQ?q$E^WPMSU?DQ!LgPi9Ag2A}J#XtD%g!Kmkz(bK_4P{)Ch&#A0f-BAT
zW7;bo-)X`}{s-}7!}y`p(2b6L8<9Ma=!vP+9VunnRE?Q+M2uVEfQ8A<(cbQ2r;cEQ
z;8{sKh9q#jgKO_jHxpE{bf^2;Cb$V}Gm0fUi3ZuP#g3I!4J4PRtW_$I<<nL=R=<g%
zi$bwXQFH5@P-8G{P;_FeGp<Jo%F40ZD^WwpnM|8)S#e@8uaQAl_K|#3S%K$Rx)>EJ
z(3Nn9czjJzI%AeU5~2(VAp;*WBjL*h%bm1pfDDO1LD0mkQ%*ueC??1uNInhaRg&R2
zuPwD_p<58mCPRC&?CNi>N>uvAV8cX@pPB$jyj4^=iJ8`K>Aiua0W+L@{O1FT+e#P?
z^@CO}Y&M_9!Z7VpB2V7{P7dlHaid|=bf9_{*mtm*3!0zxpG<GqOM-01OOdw|>Sjhf
zPU}GdkKum$n*$*mJz>=Xhu^wm!wi7eUDA8DlA%ADUu;o~M*6L|9mg?m*r8l1wM`UW
zNw9|udklYM7l0{@ktZ);fyVK1>M3#w(SZ&z0qEk)djODSjEV{Q&&{3T^Yk6sdq2Ea
zl7EB{!cmPJn0)bf@0roAcZV$jz|QgD$#UMU1L`qm^NQ8T%N{kFOZ_K#9(7Ws16E+p
z1qgVtevsW6?q^60S{Qa<DTh3&J_{=O6zB-IhLD{)P2ng#$Omlf&^}JhfV}``APvs!
z5E^4e$rhZ$yyTIKUEcGa2~FRhXqBE`FyqnUBk`B4`Ji(mQE*qukp=4QaNN^0lH$95
z%d6@0HJ!WQHRAAAY+T-at~DcX!l=x_wzz(|mFlfLN|;A9dLxP@a1MLpU(f^%(&I98
zClKgvefoFdmt=4iR3c6@r*Vr>+T17OijH!R{G2K=+G;ic^+Rt)Aexb9wy;*7v6$q9
zVrUP3KHgiLD0Z~`*nTeVe&Xo9t%1MD1ySl^jmcblsYcxI2wc1ZsOzlYWUmu%c~d>f
zu!}g6lil#?M?Bk^fPh4HB1Fc2#)&d{wS&i@O>+IZO4A3zg}9XQ$;^B*x`WXNCTs;p
zaRLA29Mqc|k@-z@$G#Dc)B4w@vS~v(X%Tq&nr7%Dz5zApC(-Fe&zD@b8x?-Ua!YK5
z2h8dIv-k3Wh4^B~*%b;xVMbZIYDNSYJ);C&vY2hnwB(>Y)enWqGn#T&z>8I<>aR!3
zI6ff@S!z9CtZm&*dh9h^+u%ShzpYFX`e+>n5466xI4Ii<8T5TPs?rh%RL76CFk{Wh
zmUgz1X40t<T|2UDN##a~<+R!LOTi?gDpevGJOCLzdAGABk*FigHo$!PnOu3#cAOg~
zhl$X$<k?_{^F&1YT=#wDxRD~q`cii3$Ev2$W{_k^BKY^;d!Fihr33qQ3`CjwGoC#F
z^3NZF&`3S5Yp)AEr@e}T)aUziXQ=vyMpHC@V-%KLUJ~a|_%L3aaQ(WO0nuwr-G&T{
zP*LvFs(p(Nta>mT@4)H7Z^BtQkY*IdL+h_t`}3L_rWNP+W=62n!5`A8QylW=96<T#
zn8Dth@=Hq9RG$B^K@MY0g|Pwt_WIJ~=UeBb`-UxPX3nE8pk%7_HxbbG5q6lBr41@@
zBMvHce^2K-j;~4VnvMBoYwDLEXbx_`_Amot`Whkb6BC|>LZeqgq28)n!<3YLI~~rX
zGO|L<ZZUy`7$yr3Sjg=(2*13VM5@xc5w=iGy4CZTC`iK?ZOJ+Ip1mAYXLge&FGj>n
z!Us1-r5`dcTmkx%{cl$b=o&*H)##8HqXcaHmJxm^F4?im5C55g)8;M2NHDYM+i;Pe
z#>#8Vh-WaQt8cj=-*kzR6YO}~<<899-nnFeGk!U7`=+z$PhETNJJyrP(L>*c#;?GF
zn8>xtQpQx84;J~ReCQfZgQxS(3F|J7HKdd$e*rSBj~P&j8?@Nz{x1+%fXZ}1e0cur
zDdOnuIyvwwbe4|qLPXh~B{D+iw)7Mc|E3Sx7CW7+Deux%><i*I_k0jY;$tyejJz>?
z?F?I+u>eiS$b9Php2il>Q|tN_AKX>r9JH|R33{8xbr*sLrUQL26!zTdV0P=eTe)@|
ziQC&%{UFC0WXXiUi`E#Yw1<6jfJ($Hf6D9pWYd`1*aH2GJM#|!S-Us>!pM`BRUWqd
z)KOg2KcfYWW{=*;B_=y>)Ok7!s{VV~_x3SW;1T)uF}9sYLy_!PH&=FHk>EAjYVaGX
zvv(ZY*J%It_e<#~F$g4O!|+nriq3Q8OC$)sD$0%ed}f@QDGZDYUg__38OL2+5%l-n
zAM_6i6Y>4F9##-f*ZWR~a(M|EpSPiXDDB_n6qzr&W%x+$&nUIjwK1a$>E9gDVVd9E
z1SnxnIW(ZtxuUT2e?LWYz*hFAM;^mhJm7Wk4NMr=t}-Y4us!^@<)2#mcAUiTyT9KY
zgwIO#2jq}|n5QX>F!px30L<KTV2=WAFTd@wT;yLJ`7j#pbA`=;{Q>Ao>tGrGbYfPc
zu1hli5PXxWE%x0x6)ONzdf)uxEfGnK3(Z6J{$EWRkED*`zxO|9xo_Y3-t=HFxCC$b
z61Du*+k6f|1uT=Zl!2T_@xjvv@S2z7^eVQ-gFBt8AGGJ5kdG4;nlU}Aqe)l9mr>Z>
ziMfh*N^0LZlF9!>(rNf^=<#F0gdx#Z<CVtI)(fQluyQgF&s;b?drON-_L$CHqld%|
z{mfi)fTFHtV;B0f!t51IJO&~hlrVPw@joT@HOXLkH-1I!f7>$P)6SiEr%10T0Ws2g
zK~f#ccvo~6tU$!#%dyJw3%(_X1stdWvDCw{&MOT|19(536*1CW^_X9oUdije0&W{3
zZKfuG-l)HUP38W?i>H&EOx@`0Nx^~Oa07XPyb!;wF(na%%+=;XJODEfEFh6{j`&00
zJ)uR}TH6^r7Q3YxnRzR9G_a4cShJ7uE@-`R=pq}u8aQx|T+(g}^48w+(4T=UeJ&sl
z6?+$+GgK!JB1WzuwMh%W84N9EJCieylIys?^UVB>4AIZ_wgUaugN^)x-z1%^-fnaK
z+&IR@&!ACJoQd<kvN`>J3z^9fysf$(bD%&-J|vifOnjg0IPrvF?UM*g&>X)g%{)Bn
z*vWk-zz?Us{UE~%)ZCh50_y&<&_Iem7Q0W12dXsLX=!LvcYp<gv@W*7s1i3*Yq(%#
z`;4nswmy7fH2;ml2GvLJGoFt_QSM{>lDl`(EI^liN<0veTZV%M(%l}}s{;7fAn+u<
zk0bE;MH%v|OjO8fb691Xp<tuW%F0k<2oErWW(<EJH-K;yf01%57Rrj;u6DM(PLzA9
z{&ZSP9t`Ed!NI3;mL~JTxS~UV<ax&jK0QI{5SYNi;m^IVK@yk{&Ih-OAg)&--<!7f
zH_qtz!(CNSyQJe<mh~~j3_HcZ8!F4zVH(PX1mmRL^zyZDWm2jLYykiQ$S&X=2q208
z1i<KD0WMGg+ZcdePGdkg4S)dn^6KZyrJ9}$2q41(8)U-j^I1{7{#r@mC;NZFCjg$8
zruSCw|MH?Aw!^0W;KAJVh~BAuKg;Iv8BKu>)L5%WI@bnn)DY4?UEBXt+mWs-t=$2Y
zOR@O3*1Wnb9a}35nrdx#``{qMYYkc=;YIF*#x~C6sD^JO>R<UNo`i2VxnCdY5jgj`
zRf)O1C9xK-;0R<A|DYp_YTqeYd&YsyVZ&}zcid9rN{GN|;0)mi>A3!JWVqyFepcPC
zm~p17cuvX#$#OB@?Pfd}U8Rp3C(ES7a<7}#uFy9#AbEGrv$QmI${?l`d3GlCqv!kz
zJjaAo_FN>>vI;-^d-^P)w)Wb)7|9=O$Y*|KA1NA$4AU-+)B%^Stbt%|dH$p84PswC
zZq5ln^gu*{$222R5gjB>6lz8ICc1PATr`2Tiju;S^{<Bh<K@V;;MKIYNYupEg2Mg~
zJ_QR^GoR6Q`Poy$i`WoEt@c5R{lC^zs7<NaALOs|?UNXQ0#yu9GBa5@O7Mm?cHL#=
zwb=Goaayqjyk%3iHjz5tF6X*Ybn}6z2+D8uWEG)C*KC){Ozr}`>npgp+b0wSc50*Z
zE!B0IpGR}1UIl38K%rj6JGh7(fA3hqq}bs2X<s+oKhsOop7q6+DJXigT4n8%+CP5U
z>D34FMCFhfMcA;kr<g`*qgy_q^Ff7Tay~MoT#h^^Bcnm<1P-WSzeBAZ1Q4~WSZ)6p
zF*xU?ZYD!FsQK3Q=!kIubu4_tjZ=&)YV7VuEt-<RD*-Z($=iH6_`b@$Os^c5ePw0b
z9~@E|H|yO_&$>WXjn0U_xH?Wn1+tM6s-s)#Byk}P>&>zrTHOwL?T;?BoL?$rNQ_XM
zE(8G_(QAZZiQiK0@N220Y;5_KjcfrKE&wv!A;*fs{<M#W$Cma0Yg}b1!~R*>-FiRm
zQ=1c7R%HNi<83t`TFSCD?044f+SAjMbo!<D%=*X`g{g};;Vml_4t>o|UaYc&OwNE-
z$XjrsVEjSS;;pNLv!t>w1#7lzsrd(N$mTZr>nrX`vsp~g-w@>Q<_@)!+Sbm=1u>c4
zIOp+(T6C~4-H?q>N$m(2S(o71?2+*Iq_{F4I~j9<i;8d@v5&ZnWJ`oJMH~8m=lYZk
zj~6Efk^<vPdk9DJI13#_LN@zj#Q$*Rg{b2w+;);M1sKl4`FHDDSMVU8KBT{j|0M#;
zGicmqAo|()^JnA=2UT~s3HS{m9%9-6_L<Q6)FdT#=YpBow1{r0QS|oA7bQ-uqgARq
z5bSi)AB&dOw?jGjkYG;=f*=T=FCNoLK~3mW*s@ZQvL%jRp#^_IsE+e!HW<!wNW13_
zuS)3fygoXPqo`U+CbCfB3LvY8_y%0tAek+qXygJw-{KB9-`agfs1d)RrG{^%qHyg{
z1{vmTE-d(6JI$<P_WR8ee2-Q7MInU7l*rzVkM*Ydw$OovN*yMCgJS@rACzA=Nhg<1
zew1yL^Pxv5)JZG#%KAj|A`(PkV`BC@lOZ&UL(vK@t_^%hJqRk0mz31(V4zs&?UX5c
zr?2M;4)Ni5#li&eUb2x2luEy&g>Iung7~HfbHhTW585E1&+A(`EcjYVoEI0Ad)qug
z$MAZQjkB0PJq+TuWpVXs{!Chq5kn(OtG}gsGj&_~(Atv;MTv0!Q5tj>GC+4gzGUSP
zT~t%bYQ6J@f?nvfz5DcJVLD*x4j1^t4UzBxwTD~ibgZC@e=EfBSHZ+$7~`l4I<?@#
z%kN{xci}Bl>&|r}87P>kppoZ;0RbZAk2g8%*!aW*q?*Jixj9rsA6OysH}A-QM5)iW
z_U|TXbdv~#0{Q)9&D&1v1B&rBs6?rra90;=3w-d^9+obR4GyT{+wq7@MHt8M6CF_H
zgF^g<xCr5cI;qYK*IbBn4jG<NmGLTVjQZ{)&L_&(WJ*X7gKg1)m_XW&JnkQp3++%-
z7cWNBk|%L9YLWk7UhTF|l+evq92jpxUOl=4{bmpj-LZT80lt(!BB138hkAH2@I}A?
z_o*T!JKp3K4V>AEHbOL_J?@qdj8;%)K-k=d9-zw5293l;suxe{0HEd3f2*4Qg{5Qp
zPEo5Nx*+TYC_Nu$NzhVQFy)c`?{R9w!S>RfR?2THwBTWnGF)eNoAoAa*_D7%I~aZC
zNcy<pN%ocv<q&z;fxYb+#+z`d0omwO$y!a#(zhSJ#+wZgrsSoNNWZ_Bmm7DQ$-PyR
zAwcRI7uYY9tU{A^D(C-;t?63K-2W-fmu1sIlWFp~{CxDxyq)Pihn~rAKK%L7GfVSb
zC48Q%@smqFt|$L!@gb$UcE+n4-OsWE<gkdS_DmzJ9sQ6gu)%3$U3*W@G^3zL!PPcd
zBiW@>qhD5kl(o0;Y#Oe|ovbN;cDh|;QtQ-B{wt!_f;?CGr^K3xHQZILjBC92(9FPQ
z;dS$B_;;MwC0Ege+|BzGb+LzT&q5NnAr?^{+>#-{kHprycm1x%Vf9B>q|2YlbzRN7
zDSY^HAhjIbQ2foGxMgPG*TBVh!k6UF#(DIR9DH8K-Gj{}l?&PLOi2jauJ8844tmtg
zS}tJ$=@Ngu9EAdZzQUorTPCwOt_~nASFm|x?kNKn9Dguf9z%7Gt&1hHoIOk-_<?>o
zquoD`ANZ(l-LWb~=k@wfc}ogQYveWraZP&*6rL{gHqLp@J!HF#k=8jXaPZR-cReEl
z3SfsMfO)!k_8Mh8PM81MKwkD}=*lQ8OI+a>rGZkfo3YqQ3h*g12TPWyp~O%_^vmZz
zdw00bbXc(TrA=@;*JKm&(gL<FK<d@(gXwO`RY&oi|KSd!be{5MVvtKLg4ep<Y9)M)
z4x$3e3W@R+jPkc2W6jN((}5-;1}&1=9`K%wm{ZO2B<XFw`GjHN`?v#pdi{{zPQ4?L
z5};n~=WkVrPGzdLANWWk2f_{!ADZy;1v5jI2N}K!YphW|>0Po~q^ES}TQz){euGoM
zvD*lkwZ@t)kfJ}XfTQ68_9|{~=4V);Bj~ptI{$pEdabdem)Un`Xw?3b7L7Qer5;lH
z0~QuJD5_{g=%gToKS1<9RT)B_j&_u{n-FD?x8z<e``Y4XwuxuD9PmB`_-ChB3IoGO
zqf1pLVmT0z#qJ$E{mLQ+9(R~=%b@K@DXR)Xb0u4;D`|IgUJC)E%GY4Mv3p{tlp3%~
z$uz=&X5!lKBgY^lO$*6=+-V=E_ezwRh}&~4eqab^C7cC<8MTndDVTI|yz@|R`2zn!
zwcIE<IVrS^*>}%=G23hPyU{PZP}w4Z%Ej1Bha7?;BK3EHb~|ne;$3ORmUWc%Sm5o2
zh(w<9pPZ}p8{H4Uh-0%rAHFM`n!LU!0|H9=cPXDRoTfD6R<!?O06_4fQPOnTMbRgZ
zP%s6VC>?XAjr@l0qj1nF*OkF;V+Yo!s$0kJT=BpmsrGFLh9=qTv&63)X$Um^>-Uz*
zjearWc~YR5(~kUj@Q%39Rnwm4kaZOi{84jkF*xePoOv$oHpP@Sr$Xij{XE)dPs7+6
zj9W0k?TkzNa^*<DhrN44@vr#^=c}Xx<^>NV;CY`VGq322X=j%Vx;xHqC<;oykJobK
zV<|fUb53tK_GUh`FfhdYwwiY+V*Ig{=w<JWCmL|M?II7#2y?=T9_me@(U%Psrf4Li
ztkcOt#tzB9lQ>yhuX|pdb3kOdsb;r=e>^fn)C9z}4;P%|GCIYw!14fiK)ScC8@Tba
z-)m3WlP2y+#M}r84cHbX+GbUJ;}}K-&$Hii-o@Pfk>%q7{e$H?&-}YL1hH>^lmc3o
z_uDc2u!$^amqa%uG4;MjiSoa7%9|}j>3)`m6Md7fBn{GfNRSur{6eS^VW02BXIH#F
ztJa%|oN^TDMV&&L_KR4RzllE*z?be-Klm0-E1hF23m+54r~>%sl!#CvJ^%?+5`9GJ
z0uiX30ZbFNbRK+2m&ajJdCJ!yhoaH9H|ZfLPydFMkuBM(6VN?OK2)MrKxGBCl7D+x
z4Ik(e@vcY&NTw5iX6YCrvSMvYc1=N0!P|XB^--e>*kQlVrcg;S)Ju>2w|SV`o<>*1
z1;j7Q2O@n6hb)nI+7^Qh2haa4P9Cy7YPs47bSu66Prds3ubW8(C>%h8c0bHq32`64
zBSg9oRLBODf;jB)A`6_-cKWWM2sdx2X`^uBgfCr|2SZcg=bI(KC)^nO(Xp{^rOSeK
z?DtFbUI~clZBj03bn1yU8Dkcecg(}J{g*{E%3$%l!^dR<3(Ui$KVqpg-`h+v>%}g^
z8b{8lkj<Oh)(Db?E~@B(WxSu0y6cIjyIs+=`~)vwf0hAB&+=lUj&~JOF{in#2@xn<
zss0y{OzlsbH&#c`^+0_V<nip7^~pOK{r$e}dzviLl2n?jmxg|RnEne1V6_$GfZFPJ
z(xBvu0SUjBy@MzOvN6>U$!OYpmD`c_jdlC?3m8Ji#Mtyeb7rOOnA=*hR72vA%en-t
z-X>!XmnO9(h&G{jBl>SH^L2b@p{=P1TezY<ilNNRY0!O^7xdE_JH&g{rV{=g9Bc1q
zJjCgmvR+TAc-_Y<`eNKzH$~4=f%DFh*x-3je#W3S;i%P~6?A0ce}kMBqiRw<M|67w
z5~8Qr$`@#_;RAelHQNT4b$bKPm>F|#Dl8q?#bU0CV@8xvg#&ssEje$RWek6Tu^0$^
zOq6}o?vP$$K24q7!3*lHRGR1!BfE+jzE?I^>u-%#721VJz_7H-oi2B~=W`*Gv1+Vc
z;GG*g{QKuJVegB(tjGY2>IS4X85ai})&_)G=g#2rLCJ_8sKzG014gcY9i{ZKjYjz;
zm4%;Kawfh4br!&;q_wMXBE2f_o({kL+g^Dftlhg+lces4HoL=b#7(2*T|N8-Z#wBE
zqMCIF??`Si{=>H=vT|#9d$xuu`VKR9GZbBecE5k#$Tws$D!%Vm5EXhV3kT2E8|bFU
zpNocbQnF~DM)o@)>FgX$5Efu+eo-Yy2&CQ|GkA5KRdoc}3xwf*r;jnzJ$k4pLfHn}
zI@qA};=dHhy`0?tonLNik$aU8FZD73Fo3_8AGwQ(46VS3_|<U=O+dB~$ck=khyUqt
zp%Z07^d0lu2Z^~}sdwzf`#PN7Vh-w+8AR0?Ms}oYGj>Pc3$3DVn(SJozesw^jI5=w
zu2JI*IHMu7n>Nm$svkfW{axmXwUcwvOA|N><{dm<mn)g%3^D*f(<$0Z*{(zOU-|xD
zwGP-`=mz{(z`p=|DeLFa|CfmIQrOpv{4Ws*0L*nFd^br+fiDE~Xl7I$-WTTRWzy)U
zKOo(!D}OCb8jCy44B-D#u^)3mBT}QKvA-&#l|K8u$fc-P`n`OwKGscH-)vr${kUQP
z2nanbuQc?s6Yg<1lIa6Av9s%?sbu=|mb<hyH&G2y<I3~M-K_FV+5G@!#mh?FR262h
z{*U;Bx$`XGH|dllrb=_UDQ<h?uQwTUtxAgGxRk1CSE09(8aEZ`t#=A4c2P>nj0)e>
z;mR%p_%Et?T?I-HyTr3Hh8Fxb;9+g$9Z*bWe8UeCD2fSv)K*XSi`n`Frr?&hE|@-P
zY=6;TpO>adj}f#N@k<Y|{5U0^M?emy*vDk?PunBAL|A=Fj&W6t1?n+Xvw!w@QS#z-
z|Ezt4>xbXLdS~jI&jRsk?$7@O8Y;73aETa0wSA9)lc!y&%kF<|L)mjMB*6B-f*11v
zG8ZeYu!XZQ`9aq_B_rrbd7IH9MM4gjGBLc8T*R06<$slM!#w5Jz;T1?y2)B6q9)@v
z{FXE3H9kvft1vH#2*Yaa$2stO;WkT+0naRTiw~d|=wEoGbvp(KO-CP-OlHhwYgq8#
z@DKt02QLzN)?S<1kdQNuOa2F$l^A<HQjno)d1a#%e-TN3uFvJ+<Z)2o8^q{k+Ab<D
z4a*vTTY^_wDI|YNt2!v}-$?+A)~h>)r?im*U}!CVfo~!=s@$mz3Iu;u|2@mUf8zGf
zq_8^4XM@$D01!Mgl*@^^g4ES!7^PL4tnJd#pWO3g|3@Veiw$P0$2~wF3CYSrgk6ZZ
z6VclbLArVFoI&nPyIJ3<rn89|q{G(4JUrPBDib%?CX;-a6m;8$aIUcJ5kYnzp`@=H
z@|{~>jeHb9`_EYdN|FzVH<WXC()2+`Z^vql^Ysrbt4|Ir=)EX2+P_VGWfvT}(0ptG
z->ut&x~gTV^}MUK=@q(YAKPs?6-ThK7(tOj>)Txk<{LlEG9V>4)c)g{S$HoiewUr$
zbQ@MwZ!;m}{TC?TMY?<ej-mm2MDI9%x<pt8Zk}IrV~~$$9i*TxT<jI{ttIY3o}%ZK
zx?QJVOe{1?5Pfp^;wR8b?O{maZwu)IReQwk%?(wb`}GEcPdz9b3(uyVm<|63(kq03
zsiRXH&cOu^$l8-qw?#NRFGePYp^)E%>l04<u!<O~%4d-wML!`?brH?tFqiq+BF+y@
z^g~;+D1cri&L?*-wPQwNmt~36oMQ~*gm?5=u%RclPS8N+#<1I4v{Vd-*A|smu(^U)
zIRs7+K{)c6<7jP@qrUKNy{G4h&wLl>WsN=_EoaJ~im^=LxN~O+{CHyi=o$dXxqafK
zyGTUslM;}&@6W2Z==jM8|9BxR@X~N~jO0L&2*b5fN(G)=?hJ6A-B#VoAgW5jPi-#z
zLcdYJ1e<EQiTo85g8~GsFQ)JO{#O%t$&MI;v6TU<<aeftFbvwct0uX1P4TF1Iu>~<
zFvm!AeQC|b7Y?R@#2;MtrWVJp-JTI1W6sDk>i2DsR?Qi}{RkkW<H*D(xq=soNbNK5
zS@|crH;h1#lY#j$W%k4r^M588E@ZV%tiD5FP<u1zQBP}rJSxA3Ht0K3Bk+!Xu3WTS
zBuaH;v!zh1-u^4pPsX5bTl6sPnrIF+K<pavD)8+_D&fDNFR({U7c5U5y;a<}zH5%$
zHky8%8=)3(&xYY1eLK(b+D&#B#(d~8y>MZNN50Lu+dg=f-0uQpe|lLycprDSA67Vs
zY8?K~FIXTx-L`q$_6WleWp|R|-xB^rI0(3?^nA03*43-Q9eX1X|8O=LX&B>uBX$=z
z4<|QKx2WOXW+t7~PgMWtYVxw6Y${@HR}yB?HijI|%r<I=Nd8td`KTE7DAncfu_>Qt
zarNzNW%LRAtsi`&d4b*yAx^Ss`7f>;R_0{hb4jz~y#zy@u7(?~df^v%);BlbBLOeT
z=|%K^SwQDMrkB)Uc>H3%|0j_K5Fl7rA*$P2z;5Jc{a*yZ5&lKNO{P3HnsNzWu272n
zk2^NX0$R)b%DsHwtbXASNC7cyXKdmzf24{kU$-m6X?DoSn^mZ!=3D*RwOfjMd`g<+
z4jlYD2IqM^z96HJhOs>%e+DVsus4|an0G3`81y(hpUGgo@w_C|1O8jf767?j9+h1`
ziz7i{!u@5U_=X}kDgW!6>^EQY#F+WzQcG+8I+;XSSMt(D*U@taOS$Qejh0frHvPyA
zx-9_j<FB}!`JE$mEFB8!dx$s^HJ`7$tT*4~q&{5bjL0`tCIa=5K)PH~tOUOx_@I^H
z$5W@*549$kyQ|M)^{YSH5^yxhM(^k2iwPc_O%yXY^LE0%(dkl{-D4OT=Yai8a#FDc
zEC+<_rL0wcg4t3>?t@oz_tKSG3xQFk0uBw|b3l1!9hw2)yxq?=*SA)?9z=55_YH@n
zVH;fHJB@ogCGuMfI?~`P{GrK7>sbn`!5^WANgv##%9x`oQ@c5BJN`XmwkywC=4iSY
zJwQ6E89u{gB}kyhhxa{ph?KqA{aF{cV-EpD+5p%>SD5|e`Av)gm-KT^Jh{0v$*GW5
zB)9os0$!%36he#9sZhFQCuz6%;7`P+1u(FktxHK2oAk8=<Av!*s*3?t!iJEiQ$rzb
z$A9tp92K~u=bZ~*G9qlOEg3r&!~CYsQ4T(?+1wGls>0Kv%%$|k;nDg$D(>r+q<(F-
z7|xL;>Px`69f2(FCxG?mxX>Dt#|3cc%#+gB-$T8?2`Km1aB)59P>JvrH~};@o`ktD
z-fD^RaSncqB+~WH`F`s?!svL7x#b~@)5>3vOBQQmZG14=E6g}M_`~c|6N*haE%rn|
zlQ(}1mr~*o&(^V0_dk<0s69i(72VW;?llY5;^rKlZ_!uz(_d!4g+LBgQ>DR{&G&)J
z5bOOrebpEL7*?<9qCxiVE?pH8))DXcDrKfsurm+PJ^kK?E~HBd+-#$7dPr}rowy(y
zDX5+4A%RZFufOekJ-ICkVbR`lAIvu}x%2D7(E1lesP5h?zCz+ZXBU;RC8tfk@Sv#i
z6~QptZ$N`)up|q=Mwb~Aqh2Y^;<l%y!JjO7D=w~RLymWV;E|f^r3f{>_Ik>7+~;{E
zL5w?^#@Am%RX`c@B%4!*=Fmg;Ph<yp6Y<FCSObkL{Y~=@uQSZ9izAORcd)^8=KvBG
zs1_wJ2yjx1`8^zt`)P>s3n=`d&jBm7;4dE6+t;*$R4f5Ag0jDwRMQ0%jqfbLZ^yYA
z-u#$J8UNs6=mbl0wm;$Ny`Atq{hsK@m~&rT6?`FtltX&FUHP941K#IEmQE4rUr0xo
z8y~tx66pKpdTu!N$ELOA%od_Uf_))GAYQMQI}Cx@kDqI}7-QvP!PghIiyTUA-kgoH
z^3E(X{9CQf6?aw(rz;K=7=PRDoMC8<UB`tqtizPr1VE9?jm^(Ep|t9+JXM}|fMi$i
z)Iwbd=M$)QS`_vAF+U0!&Ec8%rFiBu!|S8pTo3SovxnU=>tXCicEMXuR+8$fjVI{~
zg&A5sgX_5076l>`j;<I68=$OV9x$#{dYl^-v)efo))yCQ%wWPUO2~=lqjSOI@D~K&
zG0@UWG!k1dPz`W=BNc~g*_v6*)jT7y0bfL-D3ha<l;CJfJf)M%>3Ws->%B_Mv|w~-
z;akq>JHL6y9P!!W@vH@0Oo0!qr>b9N!kS<2i*DC{aM~>rE^31v^mO^h<Q}}|^HhE7
zP^ozqfGnzSIh9|P)HNkt63=#xKU*C7&s!yt0@1&xn+!cp&7MXm$CfxLCv^CWK@0X<
z>$Jv!ejL$8NAN18dvIiTM<XT>L8e@$8A!v94YK^28S^u%l?W6FVdl-m-8r|ER+lue
zO~e~Hr|gH^WY|guZerB^S-Z>_mU9}zy)R&(q>3&`<ZXk{FZ;Y<-Wxg4_f<?)tk~iW
z<h5CRKi+Lipc8g+ae+)>HSmjHW$UdzHjEH2M{N9yg3(T!DJ3$97XW?edf;5wS{N=R
z)CT~TTRujYgScANig3-NRy)zN-RL(T#CXc1rd#fBg5Mh5SKB-7A7Jawre86WA%CZG
zNl;)eM8u*7nlBAUkD>yjrvBFR00}Yu+UgCOQ7E;pr{32v9OchiNftc?s=WGIT1Ef)
zch`ALsU@^-<no%&Ph})YxE-2U*i~J?953@p<VZIm)4=%F#}rz=;11FZqhZ(XhY>k%
zivJEW{GOI%#CJi#Hp}MPE5t8%;u-PPS2mtKOs`0#C{wF^1~(!Uo$-OcZjL-F%8yKK
zOPZrxp+YuNl+s}HY=C`}R5AB5xtao${}6x;;UxjRA$jS+L=+qDoI3oDm+W)^b}UC{
zwsA=gw07C5C-t^{M1&f%2NwLQiTu93od!M*Elu2%?oqdhNhK~@LvM5I(?SD&XC^r<
z$=s|60&`6cQ2LO}sBe`-rci_KG31^ZVSV+5FM<5?NCXQ^)`7Y$HB)@rcfXwt|D{QP
zDxmhgY-Tm(9wT4c?KlS!!bDTa2cEEp$wu_mvC`MM`~d|i=L9g(e=-NXBCxzA1gSNA
z80)_6v|(Z8?2dJG#PLFt<zekB`1Tf|mS_#jmTIbYb4~>fv23RDe608ReCpPU9Y<=k
zBU>Ra>r=Vq8D122c86w!&(rORS+9dEbHr6rSXL1Xc6xgm^~irsszFYV3%cSY@6l5U
z0jD(wfB_WRmQdC*j7le<bFI+9{)`m_0ExVq_ol}{1?vATn=w%PN5fP!B3Jrv(Vz3h
zs}3?CWi+7o+yqDL_=0@eK8H$1Bz^Ze*1zv}w?!X*>`jjOZN(>RuDdJDMh<6}_ux09
z>EBRt4K^4N%GdE{2KC$zC@Wxq{F=z;-<Za$&6{<I{G7zJmp09mA)CjC-xJz0v6gS8
zO7-v|Ic{I>O2Y&i@jzv=Bnad<pR}zFp%anSEX3~o=D}i6a;nw84gwDr=#B{?v`54!
zy5o0lSstomQm~T!lqUu4j-g-o_edIzR^}S@WGWC68pz$&S9-|lN75%)WzTRW;h$2d
zss%^TGQN)%t2LC>%hY7vo&Tl=mtdxUd0i<~v_v-q%&{(4-Hjx!M8h7a#_vlIN{$D7
zM5#xruzk}RVZPwmQ}g0`_CX1Cs1IB9ti^7FyMQ`4x%ChyW?z8qp=NY2GVQ59LntGQ
z4;FJ3&c@eQg(!=Z*%MbQv_LW<9>ERhd0RL6;}PIPXpWEa!IG50{k=HaX0{MdO$xGT
zS%6(E(zlvCx!+wA$EH;PUXkvU=n29al;0v(R~c%r7Yd7f_cfObkl<uAz4l6d;}fc)
zRg*%j7POxe6-g}dun~(1G@HU7%EU6(o$z^)Tb%M+k(qw}2pw2-MK)Jw9!JO-ZIQO^
z90E*}zb|WUk**>I_%!uU?O<U38-)`O(!|nWgH2lvjV<GNtsb%aCNWf+KNV!dkN!8k
z&=$s~#M$00W9MAPE4>)yD-DcRj&kPse>OJJBV#1cR>rZ3q1v|hFFic*|F-6i1V%$s
zOV4`v48p(i-6rtJ`tfjb_zh`ux>ZW8v9_b{6&b3iNA~1q#78ti<bJmXQl+wH94cO;
z%m_~7tZh%mT$Ev0$9+KP;l2Jr<>nDW*`qJJ(9WyZo=~>vNh^n^zev@RUVhQ4ca20S
zQZCs1NhiiON=v{Laf)FbdH<@i-@nc!j1BYU<EelUR-B-BkwKyAgj8Az8i~(F=9%9=
zQJ`JWz*I?^-;IW(U*8Jvoi(}cDc-f`kpyq>$25LvRBxBttB*2?m($x8FnFHy)a^!Z
zjOA%dWIG-_XpnaYgX`Q%;m+3tTd5EdO0^yX<UVvOma5E;v+SC!A6>gQJ^AfO^SVHS
zIP7`TEYFd0<sEY6`Iy=B2w!D$?A(58(U*=40uZ1Z|NnO5hWriz2&U<jpeuu#QcW2V
zM+JT7GQkD{gbo&F`jgS1NQOBv^nZ<zcxpPI+2`YQ+`s<N3Z|sg-Av9J?tfoAn4(7o
z@3Yw<I8^*)VpmiuN1|m%5yFyuKb`uB`Q++z_9~UztS%};<73MKV|Vl2=uq1lcs!l^
zNfg9UMBAUXOz;8N_f7_cI;13vnLs0UsY(>ID;<YO3VsJC`~ak<{r~>zyh<VtftdjI
zF|l1Wv+aI7x}^J0m_yf&b|)8iaWt2~C-7L>!|T15=`a&EkY}y`<gzbxQ0+B1Akfd0
z5?{c)Fyv$u&k0ilpbD=Jzy?|u$IN3$N+oft;4=}*#_r2Zgts_{#KrT;GLCe`<7_4a
zd`)1STBOa$wo=vT+eL#95<@ttX=73XqO)MhvyR|(4eNHLQGIT%0K=2ZvR6%(*PWZ?
zsrCqW$ezczmvU7P0>fu3+=mk51Ef`|4N2w~{2J3`Sfzm2NSbMc3w7x^q<>u^z&QIW
z?RyilSB#gDxBUYXwOaoO92TqGR$*@?;1%B!D#5jvIDUO_zvlFVy4!BTj%XALpK}V5
zg3cB@t<*~wg*V4NTzB#1*WD<c-dj$ppqmf<4a~qP=e|!4B};+1?!MT2VU>U9E0I4X
zrp_^|Cau(}&6Kq`sj%BTX;8TAt*YN7ijXnpmubwmyyeQ+ux#Y!wx8m_LV8m%7F>II
z#s1{y#Pt*B8Qp(ntL|1D3YtXZJm1HH`AJQo|K8Ks>MNNXXzK4m=$!yD&QB(5pW*kX
zJADr`A0Sgd7<IchI#7qJR|D^{P1nls_CB>P08c2bZVNdRFc~x!zhOi-8m?E^vfp%-
zRtD!Sg=u7@hx2G2+HT#j{Bj*=!R<lS9j^K_JWrUT>$Y1Wd$bk@rd4~hV8aBVv!r*W
z3l;w)>|@M@_Yly^oAg?FSbHvCakM9kt^U24v)9(R90OyyU-Z2(hI{P8rdL3-IkI<5
z$-1qzFCwCY{=net9;x6#EJ!jUWIHlzXQJZRn$|Nyya)H0@_>6G))#vEejbnU+-@`U
z>gUlACoIx|J22iQVM9hWFcF8)uf?m%gpDQU8*{*eH_uVn{TB16cAb52-;H-dy}T#W
zLYa4YI^IuypY+1tQ>9uG!Ij9wIHSVJH|g1ylB+`DntfX_Oq>w4zlB!iH(^qv3x`;^
zQf*TTM4YoT8I5+m2=N#%Or5!+y*<twZ=DpKn)spgom1-<jdle4EqrtqWpp36TOrns
z-1ZlrGKnA!9F1ke4wsQ)wg!X$=%4MqFF%8mahM@AdY~!tj_ocVO0vhrIen!|yVP^A
z?|9pgk4WTYWRo~;!UpDRAR1SO6|q_@HxPAciQ4o)YI(KJ-CXrk7?NsYx+t}g-|re5
z3Pl7?&l^)Oy0JK~#XickOWj6~2E;$DxvGg$4u}l(d}}o3GHcaBWZyuXxb_g%-C%e~
zo;usD@k$wbVMoc3%8ZlFN(#8*_H(YAXP(vjbGx5Yt20@{4sz}wxe<KIj;{5@KC#go
z954^f%}_|v2GzHQV#<R*^u8CqKOsw0-|`6)IsR_y<y;+1kitDIXUM(x`Tn()=LE%N
z|6p#o8dVi0dB{E7k20w#wQznlM9FjNd>v0SKV|7DD{_USdx;|vRrA>v|3YC{-(3du
zh2hKZ21E<)7El$$j;}(NU}!K{%~b27;fDVpOcnU!H$7xH4q@ij=#6cuz;o_5k0B#K
z?X&WQ780~=dM<B&Id~%{cs@6<$5%=cnFDqhJRd8T$GpnI|K;fxx$7Z4*i)6Xp@O25
z^OTJEN4@*O2)94P7TV^TB#Sr1=_vuyriBC~_hwLD_EhL_3Y#Ti4pdT<&>J&@sk=sJ
z`QBT^wi{z^+p{p1*V8S|nf+E8kmSo8$`et<8vb{dG<X;MrSf^TswBGux)_#NGIgJ{
z%qcwo)Tfk^%8C#jtvwWUU7r(&1|BewJ~`7xWPY|e>04pfi$h3J8`7D0v%lXvAQjPV
zPXMQRwvxWWGNQB`g^4NE;P1W6s{;CCw?3a_K&1>yFZ4337y0*o=MQ50{zs%nU}6ZK
zt*#>2cWY{l0)M>r4@dcw)y-eFxn;5f<zaYUy>cH@d5?0=a#+%S*kz8=gfD1*aF@!z
zzZuzxnE1JLMELp6f@5JCJr*wD|L{fnV5lz+fmb}%$I4-FwVo==47A^5Ly%)b7kbhC
zB`+zx-18^1hz6vGCrVPGTKdDWdwEf<#5@8)Dger!T>6fN?}M`NB~IZ&#C-2>;Se&L
zo;T~%dl=~x<&&z%665ZF2Mnfa=*Re8ui*i*(tb(AJSeYA)A!ePe|=A9VZ4}JWNz!G
zY^%;DXVg}4yG=dpIl^S-{Lli=o!nZDRA5gNTf-L^!Q;Hf2}Qi8p|ao9;6ObO%Me}|
zw;6{!WG*Byb>SU2OjpI>M>DUx`F_2mbV8Q@PB1WFjTCZm>y#OHDY1o=lsMYU>D~HE
zIXiBHThtMBm~LoPQbrkaScE_pabnSww82sy&qoaV1*oVn!|6{v-&RN6CVBa$Nw8B`
z>9wpaE1pbaHG0l7-qq@yj4?$XPON}PX|FUf{l#y^KmIjdzE)O|(o@vc+(S#)2;ZU3
z#MHaWd${N5q?%H!Nc+i==((ohYGZCl7LP?Tu)Z?%bLvDw$wibtv4E5Jos=Xfn99d3
zyyiKAFH_}&Q<x|MO-OL_#HsSO^ZQ<F&@IN+6H3SQub1?_W?iZAtuEHFp(Gsf<l9zo
z_oEnfC>E0oEw{Qxli>faH2?p$Z}>k5dkd(xf^U5^Sn=Xsq-cv2cS<P5wNNPT4#kRF
zpitbsc!A>XPH>mv?q1vz2=EX6-TUr+Z@stP%35<y=Ik@FXXeYy>~D4?|4k|GD;lME
zNKqnK>4+lyC%WvB15`M)A(4oFQVtvZasRQjZ4-h3t|!-dk*pD0kom1@ob-3!B@`lF
zlh0|=gf)@s*cVzxSkmjA9_xQC(!-UTsGVh-*(~o;ZJvMElEgNv`bPY1`^`@KU+Vht
z^!UN;$;o%$Cpo}4wFDL~mA$Xc%(-6N!ouJ-wLK2FNkR}Gz84yW3<$~MhFg2!b{y*e
zD=^S|$705(vG@Dg4wM}4A-D(MYQ+VYCO9@2HEyYzM;hNsNqbG-G-abKmq1Byq}YKP
z!t<Bp5zpJJf(LH$0kREX$TEB7n-uUITEs1xw#?mCy=-+mIvty$O|166ZCDr8W)CO9
zv8SfIQf}6?Zy@^08J;9G-OA16c0S|ES&B!it<~mquC8x)>G#D~($=icmZKfhWkXeR
zR=cb_+hx);4lgEf-IklzyR6=~PMwf+ye|v#!|mk%l4qG@D}$U5m&TIVYJXX}42sGc
zS|O^_dnI2;x90+LM{ujo|5sm)XcyT9vxlCmw^`Zq=a_@~xxZbQL8V~6Ex1b7!j{@p
z;XhIiW-v&Sffj612ozpN{A_2e{#!jae$E0uI{qVDwbdX{(C{GSPhqe#4&&>y`Bzkw
zD^w~r78bTVYIo$miWH-z1W`($&#<zrd`<W$|E>VY{KfrFwMsaATU+FB*ATUfto)O+
zyl#}D=6U##{>OzznmrvV5w+;%Z7FHrL?;4XDj=Za<5+ze<J%n=n!%0hd;=^Y(&epS
z<ct1jsBcj=_)OECYq5?QV{xh?Sb|9WHo5m{rumjx{oJN4RI<kc*$+}hbU(gC9%205
z$)zO79Jo{P;80%9_*BoIPCxq^1H_b7SSgr{o5iT0e~zc~Slt@*X7<gHvp!RnHnbO^
zgM?yV2UM>evDT60-0#DyMcA5h+cWMGdw6B#PaSDsroV(_o72@*tPkBm=+MwU-_VXW
zICNlr-NR_`xA`ufM=&FLZB|sppaFNHLBc@##VW4t+WFbVSOe2xLds%lo(8(l6}?I`
zw~QNc=$%L)S@r_-BNcRu#%!0sT*m&g(jGtOI%Z!>f`iIoTV<GQm^S@rt203O8g(4s
zGmm$l8{RAte$a6Q1M?w`WTv%-gUhPHU|H=i=a>Z0;DcDpjJy>eA)mo(G7+w=IT3}F
z51Wh(qq*Hzo}rI&iAPwe>>;gzWFL&%IgZV5p-fS02r9dJIWF_B-jm^3|IM@0=NtSO
zlv7ji_T0a9cQ9Yy3cHvbu%4D~`_Pkl{S9TDT=I>_aQC^>`(41xqh4~0{ekW(@^3!L
z;3M01s_?Uy6=)NqCuFN(NEh(TCbfQayCqecBOk1U;3`AUx^~u%Fb~NV&l{r#OA1ym
zkPpn|UQIQ?R$;DpY%@b$>~zJ5aH~gA%Xx#ucKF!j%?-^%#^ySf?(dajh9QZlCSgWl
zQ2N`%-%21yg_JyooSnFg4~v|q^nLo;+*gVnG%Dt{+Vkh1b3Lkf)!De6QW@<p&qhzg
zVHn_uLSp!^t@nIva1>j${Kl0w+UKi!zEn{6wLW{J`}{Ne%YAjEiobPk#Qo!`*;`B}
zQB0w(%v*bJqp6=_@>#l~vUp|G(BX`FotO%>(R-iOvBQG58=jLUFZx@L2sg8+e2kWW
zg4@jkWJM8cSp0Hdof(EU-K_ORvv{?+ona@}zunov$zf{=f73nJ!nlEsVhN#|=V|zX
z22%f$Rdfq>r8ptD-SKmEy06V;zDeK$Qcqejr~aP1eLK7Fsn9}shZLPNCK)<A8yY0%
z`a;&n;i8b^WB)16o!ix?ti4c@gp|*@Gxx<sz3{GZE^_T0scnUgKZ6M987E$0QjKn8
zU1rS5B}DCK>R~+C`y}2i(b8t^Rg|XTc0%N$M4j<&h3t3yN8bKaJk@gw0s3prh@wku
z$9eI42~Mhvtm34$Uo5T8(Mf?0??r8<S;{`B!wpsys=rQJgZYn-ufKavyyHo}UUuxj
zrJjELo_lTUEi+zua8U0$F?*94JBy!2rN#j7yUYZ;fM;CB{cl{RgQM@B%>NCl|3w)B
z&a$L1fynDduk!z`l{=6O_ad|x2XX{5Z~jgpBktn<L6co9!sO*Ll0wwO!`IPizQnhr
zGixU3>FRjlaOkXu)P9W#(KfiLIT3XG7N;4nZ4~GNdwMh0W^n@BQ(Ny}R;keh#TZoW
zr|KdC9Kt0Bl$-Pi%I*Px6C6SSG-VkP;0L1t+W-L24{&ST0L}&6HV2A<^EEC4;AXcN
z>g{BlX9+krW4j@}Trdm_Gu)m7&o8d>1M?GIM-swMG@NW)n{6+%9O^arfQmqJJsnD>
z&Lcv=0K1F%8Fd(poPL=m|3#ez6Je^(=e&m9{^?*KL!SG(VqmjJ{5K!H_Y65<UaNc<
zfS9%78d}ugB0(FJ9k-(L3SIN=sqV4Cy-$C+TAwbK1m%Qw?STv651<zAn~h$#*WefG
zc5lJ?^)5Pc(o^Q}Qodpm=HU9Gl(8b7z0tb0ac;EdZd+4#mqT-Q_BdQ&mvLoF`twn6
zBBst2AMe;BKk)|kovD|{kR98{Se}bP^f<Ur*I^@<)52<;@$8N*t1Dh6$!hj%nOyF>
z2@MrurXS|s0nOv_)kb3>mTI%QIvZARF+9xJT3UvyjCjua-q(k`LFZAf+{(5{eN3`f
z|J!FYD@lHp`~F=zPHT<I6jM(0;*K}GnA&5goHW4QjMh6^ltk+IU?w1jL3Cb{tJOMh
zsHfhIR=^vdcGGa#4g$fjH@fwoZ&^y14?@L^Md_rru4!fD1aeEYYU-G&y+rG@6jZTl
zD0m)BS%#*sNB2CmoXQ$CogQ*aiQautU}Y+JKiiV<@|IUQ#*wEz#Zr--+SRH@1J%5L
zZ_BW){{!Xm<Om92V4V4M-Z7JyytEVYU=zD`w+9pw85tG^?`2x4=rFcCly&@+=^-L-
zkjy6JH|uIIiO5hhACA}_{`G1qf46otO3kF$@>xq?%wX%1lytP!{Dnh9;lqyN9HWW;
zL*uI%Iur4kH<k@;sTQOsQW!1j<c_%n(7I#9gJQ`R{KIbxmdSmHfbG3G>vl>O)Zh;f
zQ~NVg8`$=KIQrEvKFuKTAO{KXxXdL~!c{hPD1Je<B5lz_a{5n7`(=EX(4gFK`b&`%
zv~OS3Oi)vKb%s}=y@McyqV&@F#(ZU2_Mh|$P8CD;Q`RGy&RU*}xonoJ+b*UVi&`TR
zAWEB)#|ar?nNnN17Pti+blE?iuJ`D6Ho17B5xW+S<VuZmNdwF#9PZXzG~?6hLGq;q
zhl$RP#v8PXfl_&uK_3*ntp%{E8#6MMr)QBz^=N>+xi^-WsRbG`ed^GIr)^efd;#}`
z{LWBR3JxH~z~>st>tu8hSfNkI1r=<48V!J{*(?ydB(p&VYSNZuc9<+mR>pXtya#1J
z&A!8U4vS$@x?Ag-#&^S7x=*pOkyVTePREZzDGN8%BG<ofehw;MA`9EG#u+3w*9s<P
zxmxWa!N=(%oM54E!>i>Z6uUM|!*pST9~eFUcHxwI;wDV_sA)s)_mcj*Al@wIxorz$
zt-hJ2i>cC*i(EVdyi_3u7LtTQJ?Uunc`Na7spNRwjS>CVH#uir7WNs|_FE=X%JuI@
zxv`=fJX(PUpmJT4dv?j%W2<CyID-Y$RRpUwd6?HajM!;7AMr>|wzVH-%GsX$`4@5v
zq|N+WKgVNxekTlUi4f;DfNN04Mm0LztM!h($%rYOCF9bx*8T^jWBe{xxh(^}mrK)p
z5|JvY`(iEyfjW=!Kp)YR8Z<E{6ov@JkGi*a$aHN&1JHnjoaT*C!p{0mVeZwjX>Ooi
z;|Wa+<%r?nJSGjWvTl06YW7#+94!rxYE$H7WoA1o*SveZa@N{S=E!gqSxCF|=+wFR
zvWH%?IRe0N$?M`E{LLqWs~Mo}fRmvx>O~7l<Hf#fG8`ahoZtAa-T)CUxS4pzmnq@(
zz4|3Ozb?9wDvS&muuq|yl-5Q7&;Y%EzWpEggcIE0_<H~H8A|t3)8QCQ!UDKpA$GC`
z0{nDXK?Zjkxq;M(XB;m-b6`kyzF9}8Gzmrq003BBJ@;-P+<IIzMi4PI4d^}m1RTO<
zGIEFkJ`D&?ipt2~hFSd$Lxk+_^u|YSn{}{#W$hJzEoJ@7DqD?4or_j(^jApNkn>N0
zsw%=SFYujTBX9;uB)$zXF2?8Hf{gV0EIrjZop||FnB9FaX{dGsq2JzQc%8JJPO<OZ
zydS#oV#n&fxPLYAn5_1t8b*lKT?u=I-p#=Zl<wld8Xk}3fIoJk|No8df0m9mB2A(m
z9_QzF=bC2z0cW3m@<v=Fmg)`u_G;`1hqrDnB&QRea#EHkicIOp{S7}IZ^YE~fU>-b
z2d6PU=P#kY)Imnjz~80L{;)AbiKzEMn&F~XR@-|}2WaR8MisR|ukWTPTtqM7+X}+P
zC3^|M9{KW2@XZSi!(7Rb^0$6@2oYly04&tNvvw4LA4s<I;69t|zS8j}`56{3yN6`g
z5MGT~7zS6{`2Zod=7*=HIgRW-3g9hi5`I5IW?dL6_!jNS#4qxt4Y$4bNHan@XW2y<
z23#k)Mf$dSaw&Rqo}b^1n%i-tU|F5+R*$@rfO@RUQM+<q>)hcoS5SfuDbPPYA&TW%
zBF=|)CC+xA&)1>+&8>7oAc*idbKzeu<_eddcUnV$ApVjXv^Ow6LhSfSR2q)BYvf);
z0kA`i2owGk-g4rN`Easq-WcJ6#Pg9&MU6CQCppgJ_YowAJ~Qt!f?v?Eeyij{=1y$r
z)HCtZ{zv-4P`@Q4UzA>?M*a4n@8!Xt4ke#L?xjn{R2AKDtWmi5-NmORg>|r@E7nAh
zp_<W_;io8r+RzlLd6)3dXNBw}rD-89q_fxTCPVc@71!*j+CA~691Udeaw+)5xbJiv
zLYHz1;VoRDu{&Wi=Tq^!^;~VpyxAeqD4<U`-exb#)=Gj5+wc=N89R#=ly_&4eb!&G
z!zYYho&WsJ1IIdJO{B_3-P96urU|;+cMRUm$C(N{@d7O<FUA#>{yO=4%QAlj9NFP$
z)lrl~#!vSClV`t=^Ks~b%p&|C3=Ai33^y%)j_)>J17W>Cj5I-u^s?i5^a57W76!4~
z?<~?H$<JhrU5Q$b<YyT9%p{f)y4~?U5Ev)FW-3mQX?EV(3tXXb<z@oYpQ2k+iD55T
z!|Bpz%5F$WcDL)2*KRX2l!yybl5C`#^e)-3#dAdL{O#l{**Q5-li>=odFlnG<^=)W
zS}s{OQ-jubm}OA0O89fHs8*%omGAia9kw0mc@JaZ^lMeK^>4pyVI{KY(-_5}|G;x#
zIXD!pl*p@|!-8d!1e>1oQ~aYPiX3T7k5$Kg&Gf^UVVw~tEX9OgKBMntzb!O&Rl8^7
zjba7f7skyG@kTXE$(ZdrAi8TEaWHCR(<n#jo?Qogp10-$A8H193959uTu(m9j@`B?
zJk4zW%=8Vha}l!%28dguHL6krF}d!J+BynBavGpb!j8T?fupAD%D2F)jmZjt3D4D5
z7;~2~P`Tms#S)-g@v~!)NO0ueMm=be%v0W*WmT@>@hbqbgP^b`N!>O{{mx!=cT>E|
z{-AA;(cufr7lRdr{rd31ST-yIC2BpZ7Lfgp#;nLGR9;)Ki186b);#p<7N5CPu47|0
z?hz*%`UcP{@cN23Zf!AB2eJm}QNrA~&t4%FjDE;^-?bN6>}H7OOS-N*AG5|cIL^<7
z^4EoseVWkJbN!lvywd;CELF;?mSRx3jAIS^kMH7QL|>o>l66pUCL0MJycA}6wb5-J
zsB4ZSe7EOC?}pgZ$d&ShE~wqNhwVj~fVL-ZL%CFkE(kmWZ&Kd;&dwepwYKEAvme1a
zDog)X75#05?|dPJp5MvO|Fn1SbMB4#4fcEqF+tGA(0FCmuyd9=G<#A==9{!`NgS0Y
zJ;7gCiHeRUG@Fw9K=N*kJw;)w2vQ&KJO2y)By2Jm-a}o_Es}k1kfK>1d2P}l2%ift
z;<=1!>tWNVz5A?;lf#@!Nm;%euV13U@wFs@u^hHfAk<Z?ZU31T$sMgvrpuDw7AkqR
zAj9Vs5Y-mW!w~OU4fEdY=-^-l=T6esjx%0g2Mr7{+p;aH{d`!S+CX3?luq<>==&Z+
z4M%Tq%w0o0;ozwW>C;E%`j^wuDO~V;ro<1Y%Y$p9P3#=F(%KsHs$g>HK}L_}doK+Z
zo4WuJUiZ5l-|5g8ElrG4S;I~E)F~_qqFnHUwF7_5grqu~Te2Z?hw<Uf51At1{jLu&
zv!fuqv0d4F^bzJiEJZ+JNBey%3S7@@4fX~#1~2RCo0D_E*T7;3a0VdUcchJ@H>TKd
z9y$$3NyZyPY@kU5p-0&p(=Ql;2L$v)L*QcYZ7aBM$!B3CF}S-)z@{_|zE0ho`~7@Z
z|E(z-gih=S!2_!td(tEqNB!uvcz&S2pEX(iIqf)Jp8jR@12OPfqRN2kcFAo0QYi)Y
zp4FBDleWR@dVGpj^+D%}cey^>!dDm900ExQA@t^`!^@I;{^p|N#=-Sif?ZAlJT~LJ
zmb++Zs+mdvAR=KY7wL<J`24mHQ&TOPE_wyRORD$ExCr(_e!R53BWT(EY_-sEKZ@=r
zm$ylKt|sRZPJJHUbS^xtO`YCrZ@|vZK9?_KtX<(d%YOZ^i%c_ZduXvVmvKf6+;ls9
z%nA8%!7jYkZ_i9IC^b7-T?fs}{A;rdL6Dihn_1dp1NE@`p4v)3T(!Ij?tj>na`63g
zvaMleGxPAe=LBeX0zp{5U%2szpgylzph$13`u!w3jM=vGsOz@4-bOBT_t@xba4K|p
zm%p;6muQYcGhw^5CkX0MHs&q6KCG2_Y|>K}Iv(>WGw@+EVbVS{)qG)nCzeX&Cqesq
zbxRrs-*cyRId6n9QQ>Roh_HS~IZIy~gSell>8Y^loOOp|!}l2(wo<=na9dG9p4)lt
zbB+EdX##TrvFA2qW=W~mGd7nf`kVQ7bpF*Cn`F!E(B5v#1YX@`&%C1VbAvC1W>UJB
z<P&<BFY(#4G+4y#na5|8&r^wV(mg)+0gdPdm3PS$s%?4I%t|7)RTQpsL0am4m~ytJ
zL+$?rTuk`vBgoz=Ih)liSmujly`2-D<0u)@6NWH?00K9R$1`u0<{^o+3o_fnJAGsN
z=|N4_3VatMOwUC;deF}X-6;}#ao>E*dte1&Uw*!|X%h{F=WJ0kSGUw=Du;4CFp`%v
za`SY~!aox4I?qEb2NU1?3=p3q0;)%no6KUKQn_UctLL6>&T)|NN4`CN&#E!1aM@qc
zd(H-6gG=!<9T%6ocdP92j73egJ{@Dz16t>4V&KXXLllD{qQjZ5^zd^X{~h6v0cX#`
zN5EQ=N#KsLiTzzqP1PvbdCuJu|EBEtkU!6m{ny}~zt5fj!v3T&Xh*z3^g&bPFqDyf
zc=<#!l>GQFuJQ{7Rr1I()7D-b_`o_XnVmK8ZFF+<wKK4R;pe8<gc^v8!1Ew~7+xi7
z`yCf#lz#kP!ve6OpfHA(sFPQkp*)Bt7crJEfk7zHH|X>grCa^O9R4^)4*M#r^UOCp
zXPc*h$3dS}XeF`S{Glxs+_&MaPp16|sFfQ@(_6PoNZm#==kG?$8{W`jySV*3eQXUL
znB|}M6ffNhTxKE(d~Ax0s3L40)PNioZ&iv-DauhGO$^=N1G-F--Y-{%MCo0oM;a)h
zVMN+<(dc{hM6#2EdgF|ytH~R;yn{3JC@T!vTNu2!c|?avPwXkX7Xs-NzjK`g-akfh
zuM74!z2>=h^ylu1<WWI%19DnrdP6TZNCJr;leM*=<7e_yV()o!hcHBn+jh@7mWxYH
zZ{@5YiV1g3<$pfOCwwYiP$d~CJh{~h`z7|nW~nc>$=b=xt49!{#)*4(ymmvA>$-QC
z&cZR7#&J6Cy`6WpAln&c?ZV2gzo5;knnz^Uy!5NzKD$#Q#dg7tmB*STH{{pz52hN`
z!vb{ORbr;`^~Jh}>sSI5ORfw}>SfE$4!2DgJHx?i_x#x4fQ*c2mBf|ewISj5@Qxt^
z#E&)rs>yY95T_g#`<pZOvlA6FE1#UW&nT56s>moOF|g0`Y6GgwpE;Hi=~b4hkU{j(
ztrt_?hqT(qshSv!>m)CjtpWm?wL;_{^zPrt_hQ{iX%~A*d|T&2MFAPUEz30Hk08w(
zWBqOrZ6qwEkxsEF8NkkC(C!V5U%PL>0x}38cdC`lsLHFs+!u;jY;rawLdjq+JBlnn
zy%UqqarxsIh8rf7H%`u)8HEf=L!MWUi+y*qrLob#i0LQ2Cw=ZC(CFwXw9C7KtY-Ep
zVjn0Kx}_>j&rafb;bbi=VPwuv&D4Q2%Bs>O#=m#`6PaR^9tzin?@<Ofbi!rDWT~4W
zLHQw@>fI><aQY1oj2|}31G7^(Teq0_9QKRQvPJ+DltmQlV<HNxlo<?IJD??;8co;m
zB`K0Av+ugV2RYxCjCSZ5FPSstZ;&vpU|V|?^B9j!=)!aHJ#$}*UyB=Y6f{)mYp4Kv
zcCU&tf<IcdA_C2f=gz$3@CeOGABiC@p@_DB<Q=xN*`yBH*GcfDh`Gr@uOzlnD@wM=
zdU}0)BrCd34~Zr?3nub^oG%1q5qN=?d*ieL(cF5eOmJO7pwuF&7gY8+d_W%ccZ6*#
zDR0cmUe1h(wf)EvR5xy9zyZ}H<bN^B>p=v%0tX6$Ok7pwk%;nCIEwloN|+!Mg0~t%
z=>#JATuP7ckfg-%lkZp`nPG@{OiyLUn)k~FZyZ0ZCs(ovo87+=4p`%A!8Aki%V0NX
zhq-|s=T<S9`4Ux`B#^!)1D1G-)qu_Sh@ea(b|rLoOP?hF+2N6~dXvDTG_1=^*&m24
zS~;0KfO3h%_oRU$5Tfx3soFiw+OQur^5md8W~VjbaWUO)_A4y#FI^`3m;$xn4PF!w
zVSNfk@FKd#FM2oS$L_I*_FC*7$5$1CodM|I6P!8>A9XdBCHQAX6^%?f3Mng#;LZv#
zWZss1W!4_xLzeLSejOX&qWNZ^18D5K)ZV1YEq`CSxw*=2$)3E-FfO{R7xe}cVDGg=
zt|dD^NvWEYW?54;ujtHw9amyB-lyVr>oI($Kbb!h*-Rii!$Ejc*Ob>~M|bn#m>z#)
zE7$AC3ay<QYDev@0l$Nd=7SqR3iM+w>`7b?$&VM<g#(z<hX?ntyZ-!~>ckA{x)E$l
zARq$f`Z8irw#g>KYRULGD3BU33ll*HCnR{7OxB<1>7v`HKqNJCty#Nq;6*zg7*7{i
zauL2LL6+nbXkwK%`DV*fSUTMKl>>pV6TP3mE-t~NXr|f`8wgPF8uh=_dz@10)#Uzm
z(IuW67h8*|M!80O0j5VM>pw&47#J7ksGuJ=Eo9nAPR=r2NrDxta%z#`mM^Gx9wWt<
zPcr~~iUul<JSHKgEt*j#5Cp?f<(x8Ies;yXGFf?CZS|Isy(RkE4gN#qrhSUxpsYQC
zdhMZJ9vFb*SPwJ5rf7u&CKsq$w9E%f!jK=%({+%9pwN9ghu8b)vgZ6tRkxt<ahY7c
zZ4_UyK{My^sE}}P4oOg!!7I2yE{GbgK>Zk}PW&w2$F5vMg<?TiX#x*7ub==9*qZ}4
z!uGj5>|1Jl1z%?cK`W%6>zODvlB@3ZbIRV;rBoKt1$=O%t8WIZm%Mw(oC@0ulynv>
z#skeE0jT)^VvzIqKtL%J4+QvmgAW4C?~&;Ic+L?X%);k{pjJ4`v^lQ$W99+MOjp~%
zQZbuborS6%FI=x_lveLcg}NW|(>~j69{Q6*i?SG(+&nJ|PgO5V5d2~doD2`xi$5;w
z&uo`RcCY@n9`>>5X14~Z11fh($jCI8(`pVbVePYC3*aH_vS=r{GPt{oHU(AeOskbk
zF|C$+?eVCVU?-cuV+*J4oxKa#4~&Uw(%{{d?ydfC>bR_~me!>9tUXkcwP2ql#+mM#
zsc3DDesx31=Cae_Ep}cFf{Vf_*%?82&G_!S%gNe#@cJBIL5RH9u$LPtv4^rTY9m*g
z%F!FPSV@%{jVO0o=@mM}aVOqb^O$i+igPefN@BmD!&tB}xNErf%0ya`#1%t|*+W{k
zf3>#O20QbybNgXP9e$Ke%k0uY_H$II73(<nVW@w;@U(2EiaC!LVfov6tX(&&bIdk+
z#S7&0852psAwN~Pt$?)O?bL=SldI>u(*j*Fa}>&7$Un7N@u^)VN;aHQg2KeJ+b>P*
z^x@v|AKwC9^%>&(JkwF?wTT&9)4k&@xLiXx7d?66i8t?^`KdA!T&i{Qr6_qy<GD_6
zcvE|2n=mro^9{!0q?-~AIh8h^DT&>1UQNp}bT7O&u4c*nXtg$-b6(u|O1!`*`_mif
zTPWEV--AeYp9Feyn03xXWu@Z1*ySL8Xy2^YPo}<iISYlMUo1}%qhgjaIZ}#bp@G5s
z7Q%Itey}4G$CfafIxaRvmP}K~lm|ZMggdH!*$dXm%I8DA39#ZA<eY6hZjQ82XwS56
z`s$1sO^X&{<8JJy)kT;$ZS2M>+IZ}@`;VXn;?&`jwH+oKMgz;`O81aJOBn77GVoCp
z8y$Y)S$XjEpz2mMS!bP=ad`d*weF}bt?+GP`*M8$TA46+!V1v~6TQyY?O6q<Z;aGm
zd3D#=Lsdbr1Ob=dqc^`{?iLD-syI6&p!>LQP2b4NizK&7W#9w&d(aQ@?CpYWrnT)s
zH+xsiV@k}sjw7WeG-F9;>h$ks`)#YWcY&2ep6tpCE<rB(0%%WX9Bv&zP0)sg*XC*L
zXR!jFKf@uS{FtrtX0rLqpFq&Fo$Q9MozppvNSaH?ugG6MJJ5*BV%1Uzmi|k!KC0rZ
z)Hf&)04q1^M11!ut`+6aSY-?G;28^R1NEy%#?)U_!UA($J-vj^VYUEIa@m|c;y*h#
z^KlnTQ3NL8b=aT7``#W8;TSw}V+3yU3%kut4kQISE?>Fov5D>f_*2)CQn-r}B`2Sc
zE`is~G(&*@9gQd;p1EHv$g~(Cexmg|%{GBRa(vqNOU3a;Gpp&{bwOO3ym1^wvx>#4
z(?_-5`H(fbgZq!#K6mtzp5D5#x$_Bin)kIi;uqeR3rs2eW@q!MrCG|RSIfJ9$Csw$
z9<Ay$;f6RieJRn)+g-SUE@Z9WL_-n>uo?W!k@%k=IdvjSeKyeY`Ajcx{M}?gjqfC;
zR4C#^Oi9I?X9feW+?D@#bsvU*XLxO=+gB=2RkNVp;`;GTqIBffTFQ4s<g=GwV#^Ck
zS$OI-?@#94%#wRulDEH3O=eKVmYTiFc+OG7y!>_{dpA<)l}eP2o~x&R)S<^NE$>g8
zM9zkH1-g{Z3#TJPi+Sr`hZAd>xp!Ex&1~z;hw;FP^Cc(%mhcFJz{2d6^?El}%#>G=
z9<<>!Ae5ZWXsXD?-j*f(Py=^9iuCKR()x?>it_m2`C`vJfFW=F0E8%H%pY=X>Zo6$
z*raWqtZ?f8dcwAyuWt7oQ-5<|V<BACexUggb0V%sxlJ2TIRLRrE`-6)^PTzHiAHAC
zmL<8r0v?ZTk%;KJvAr9mrFf=N6muzEcTp@s>nJ0s`lFR)i7z2}=J_#!XnoJ5lh<y#
z<FoO4X_%J=?#LcngH>$dDoam!8nd0{TNLj^de{r1?VJ`P4WCc@Q7k*ezTm47jpO!_
ze~PKOk83d8ZwSx#KN^}1*1I=?ZReG;)Rw{t7d@wDr^XUIL)0rP^FhX(p3FBVdoHHW
zj1Pl>ngwM|-Crmn3ePF#s$9ZaPbSmCo|!GLpII=#9(LO2a6FvMS7SU~SGRXYnd|P;
zLwUwYcGwH}nZ$FQnuUR4i<gUIH4y9)xkPBdo!;SWQZs*M&&(uzafS=N(mn|b*&aG&
zIMBTbq@><Emp^^-D%wKzgTOb3c-YFO`#jW(xPeU@1^Gw5>cuK5UUl~TO5Sb5o);b#
zLw7KT@uw2iEs7hx1zmgXyGKN2K4=R*I3U0G+O)aTTVI7qad*tEE&^UkU8q?%+TU#|
z3-zF;OpA<!CXW+kS5}{ey;8MNFf4UKme=$ttvA>@>v|_aIq|$|G(+_A%bmZlhwG*V
zzmP$rK_LU2HL@`j9f@PTQoJX(#^6qr#|NQyJ1=2&abP9!BFP(<dm*>kFx4Jbl2K2v
zwg>NJYjw5*!51{=Eg5gslf+Y(R<SQHB4GRfNogENEF1s!b7h2wKxNGb*p<e@MV5VN
z>Q2vG7o<!_os3T|>y{yLw@~8DJD_2D&?U!}ppU&9M9Z1D@eQuLvrGfS0FR{}`z5Sy
z2t$A)8>i1JU{OkFnm0;64JiM+SF6jPq;(hSO$~W^{0!T=TDTHg_X=JfCGGT_+PTb?
zdBBEtU-L(=Ny|qu)nD>}Jat?zlA0i&pLow%dQVT>r>YvY#o-%9<**UkQ+|!(OV=Rf
zJWY|NI_TMJ5LxE$yCZKUgZ<o7^GUQ9Grzn(Z1+$#w5N00m+2@K4^~?Z#QRdt-^qZc
z>;Eg2`2jlz$s){*k$sUGQ4G=9TM`0r{EHf(%ceD}W4tU!%qYBD{@|?tc{z*9fHLi|
zP&>C<s@-6w{%IKQxUhTeCVxuK)S0UdUn9EAuDIZfS+~<IyPSRTm3On%7kRkIN0>O7
zQZYa3^PQ_Jxa2=~lYg(DyV~>c!UglAJU@i@=Kl%2vhd$~#wI)E5P;RM<q$gl`fu(n
zd{x_L$aO7}9+jitY{2)b0~ngAoI9<8!F6@_{d^>JxZpW#05K78s)kD=bd2>zFX!>M
z)j=p0s@`k{)x=Z&*V)KHnap(Rm2uRm;i5+u?bjD~y_Ww*F&lYxRzvOKLR|e@601ME
zO39Rh_3v7|nJJ__N)jEYcZnPDpBgB0u*)Ubo<UNurA4uXm!h^p#y{!$8(Z>z&d!O`
zcgq1Cq{D>$JNZw8>E7de8uZGwHtlr(=vd!awNVcAOTLsis#w3-s&=I)Bb)Fm$>qCG
zekTj_w{OnEDP>O4{UUN7M*C0xw{AfFRD2jTRGZdFmAJ2BnvN@wV#od`%Oxbx$w_Ye
z6}k~291h&a?FWbkQ$(_-M}|{aT7q16SRjf6ZzOrDGdy5j9;D#vlX`QNf3!C`ojaG#
zj1|!=Pr)0vG;gz$fauY*?`Gu%sk&HvyI0W*4<Zq3g`<*T#{Y1Idn|6wVmA~E_O=E{
zN3QeDdC+F4RWw(3;%MtHTrx|d1~=~+=Wlh7^fbFQBM?tdqB37)xmS-Rdg8%1sc1l$
z4=hnty+mQ&|I#~T_hkl!f>n_Jxi6@F{j9}*K_I-{?<3oUy(2f#wgl|%zLsNp;fCOv
zOp>;VFdNd>PH3|5g_s(viRB_&;(t;Nlyi*Ykwqa#e`EUNla7DhTeHC~bG)-U_WNRA
z&8&=tVMeBDZa3Y5o!gy(qtWG)VVnknlasSei@VhH?BX!nYqj6xAJGuNB7A}78f6Am
z1GTq}nl&J_*Xzl18kU|uwIzJ{o|}9^A+M2Pe$+E0XCKiZ2*4k>XGox6#vgvv@b3t~
z^<Z2?PzTOG5%CV3X94(=a0O7|vSVp?7n7;xDH-r_^WFz8vyKX*W$uMK24xi-{VXix
zgG~oJ4Nd=`E-S;C=x<RKos)q*C#H;-W(#Y?0KUZZV%>zh_pYmmp6sVcKeD3%J!fd4
zSyiv?@mm~^MP($ro88!WoG@Z!zsE`wgUEx{xRB@YtE4%dS3B!~W*q0s6cM61KWcPP
zfRo$m@}sPxo-SE-Q~^PFJPSdQn+1EhE>%uv6O{kd0DR>O^=>qRJXgd(M#_U$N22t-
zF#+}Kybv~!RO}?9(Il<@Q6c@Tg3*WgPg+`>ugv#asw9NshWEA44=Jx3hT5OTHQ3j1
z+;lJON5I$76YH2y=bwEA^<Y~SdDUQE;Ov`!wPP3E?8TD|)U2xVrJXGLA#CTxD_Im9
z+g*_`P)agv+D;1@ERubF)7qma-Fs8tU=GvAd$_avsRUV}bX#*-VDi1!2nAhM+(f-2
zm{_+&viHJ+t8Bb7jP}dIJA<E_BzgO98?4W_dZ+}kT{_1G=nQ1fS*ldS1Y-~9MX|vM
zIqD1dhm^-Bjr6nU2NZfXhb9tC?5<0ae{Hujsh=CriZ)3)ZmZwCA1G3M&ixdfHR;u*
zY+93x%LMU}mtaB$OMjdd@i;<-w*`1^Zg;%E<SEE2lX`SH#g{81>Opnydk_1Kh>3!X
zzXnE1+cDA3$cY=M>t{wi<_&$YLH*|0rLh*@iBNXbZN%Ej73JFBWW5spF}#eMhI0x_
z=I2zu(OgFyLFz6(cZ%(x4(8oA`-sTg8{NSPRtoYzYGdSL8TmM!NY8IFvq%`F%*A(m
z6l1~&t#0!xs^iGXCh-If28rYs3Ue0Eym)FUfWDVq319^#rl&Rz;U>}Dvz80v%dUyt
zjbPj}9jp`E+Hor1%Gj+2h#?&%@vf&`9eZK`dgtjEizl}a<5!(<UkF85sUcGn?h-?v
z7ldNpN+@in3=zL3IGEqi(2_kTcnC>|jXfr1+5Alm`{FAi1gZ4u&s>|;Su>!b6T1F$
z%O5=W4&Qfc?Zle=xo&w)hl}{`Ed8ekZ4td`Hz>D@{cK(}ojU;!3#&anCmr-N@_mgH
zToww~VIzx|@kc`WQR6qRx<XQU_?)tKBR2mM3EU!Z{W@&#WwARp@A$VfNN4CQP0&lP
z;f{ntV7E9tB&WDY=<NPs=FzvF<n=l~)v`0HAgI6}@3z%AqgOdq2pQ6w4Rx5@FZ{mt
z_hRqraSN`C`zCVm*I{L$r7p+@OBrsL?J1eGTvXOqs98f>QftciE6{~MaVO66_>ka{
zUpD5TftYbyEKhzt`#J{{$@dSv`2z1e@Tb4ef9(xIzd7h>oavxRF~56pdw(i|V>e_&
zWzce?t3O5l4<fR7yhPCa@25`c`PVMulZL7%xnmLEUW?eIR8&28Ent7>*1NTflG^Eo
zg<|jq!t>DaSV%HhK>)%riSfC_@j^>DBB1;~S6Iiznx)dfcf>_~xZ)7G5)nQh#j#K7
zz4e~VkNrxN1OPx6087{$<%ztiqc@6?mJ0^}Jr=&Cqyf{5fn@z)aR4X-!i7BIb~5q+
zJ9-S9eewVH04-*XXe;Ce+{aP`BH;e!c5#}l-*Nez4T8Xj_)0b));d+qP%!Sd)>l0O
z)n4P$g2F0CDW-RoUlP`fhvc-lxXIsa4rr%;;1m}#Rc*cbrtxTWFUq7SBNvz<Zr`<s
zVtfG;Q1-gq6%<3=<Zpf9t3pfLXJ3eiw<Rsn1Hr@N1bvJMAqB!CqeDW@DUAOsQbHnP
z4VUgek#w}iupm;nBs`KD{v!VfT=F?GB!m>aA^l&G@NfU$ks#O*M60>Izm>EFwKaSs
z-S_LDD5RWPY3Kty<M9TREy>dR2SKSkn`_H_`;HnzSE2d}h#~{*+b?*kEq_^+l$0{#
z%VR6@ERYcNvXSlySQSrCcipZ#;I)WYEBO7!t0gHm)LFP5sw{PsEOuFYitq`_ScKFr
zb@`Rb7A#X3wOiz=67j{hDe8tDTYz7}+}ZImX@6)?gbG+h7drt-wBI`y6%^2^7hmew
z*oV81ry3)Z*AA6#-l>(@KuF*5WCFEKi9>sn(FUw38<PlI9{VP<bL^U*@I&RB4?HpI
z!u7@FB_a%Hg+xW|1`&q>*?x@LR&WHm?Zsa51NNL$QN2HlF$5M9%?<qiuEI&|r;Xt-
z>5$W$SD*jX!h%rqw^z4v8>AI>J)YxDd%CPMrJ_PHup*niFUk@bE$e~#`@0g%vmo*V
z3ZtK!*2-SHVzklp*P#P%DZW3gY0{dHKzMT)iV$F{p{U2#`n6?-43*r=UM^7nk-Wqo
zXYVEE@oSf22j$|+`CJ`}xnr5h^Kt$yUzQNeA3w8!?e6plarx9RNs2Ri`}){~PJVV3
zx{)%k|EAKiZAzbT+Ed}SNGduWb}AUw`~sovleTbLF=v_C3=D8_HdN{^25*8ky5!SL
z;z$Zn#+I^=PJ(ZJ&Zo#1@_vA`k?h<Ogl%j>MuIWLdY7?B<=nnQaamJP`CLckI51m<
zNeH@cm#CGe?D`R#QNFu_gmzDeW`sv!Qzt1CD1`T${1um}li0uN-Q`<pXxncXCFyCu
z(Jn=15!yWhXt+ti>-y)ICq4EAb#%$m3i_`Wh`@re4K3!9M~OUV4N56Xx+h9)Ku}Tj
z&TEhncSVz~9?~a59C)X?4CkVh+e%5R?K+>^Y?pgy2;u<kO4j_DrvsT3T4yS?t-4$~
zA##0Q<7L5#9uLzyHLXmz9F{PE`7h|IZE9txwM~s6jXG;$d^R7QOs`#5RF?;;m1(Rs
z+0Seu;GNess22S$nPnW}K1BP8wcx>;IZ8{%CNQ_F0Lxc^@yMQwsQJRGr|e+PHeOue
zIps&;2E+oXz2QyYwK80(%6^Zqea6sn_a#|@Sk3cvj%5%EogZfG_9?#u0B5fIEGu&B
zXBU3tgU}B9ZWe6q`JbCVqPXqEl!sluiWspv^~E<5$s?T9>?GMqCh+{>V#zvms4h+T
z+~#@(Mh`)7P||L$rT{C0TBh|8M5WCPzj)7m?f{c<ifaiBFR0vVk+;LAK12LC&)E`x
zQ;t|xLO9ln4JAxpTY<36ey5;4w*^=jZxZ31+k4R=8PN8>9Ms=TW*<z}=ZL1PzHvVq
zfKb)6xA#ZGXX`G8+u;S!zJ9kGot2V;@~EE$`!W(DH1L5RAn-{ZiR^rRUFn{{=sXIJ
zL#H4;kLG#-7OGe4R?6k{y_oQd-LP-&TwnMphlim4FLXNlFUb0bPSpR6P7}W5DuL8U
zTWJ5m(;z$@2q)rvQ2;)`n8xor>y;Mzb;aen2q8v_V~p|_QjXm@#GeNEhH$ioL-lSl
z^8fnchLj#E<olS(e>{B24g7gs<pcsMn(4ekg}XK#+{j0_y_*8Ox83;8M`&&K>#9DA
z7$d<?jA%Na6!~4>FbWxxR0r2j++4iS05WM=g%NrJ_(q)qSNwhOO5M##5h1zZtC8b~
z`!t7}Rhx>M8;^tFy0L}5$_mw1)yj&#;USgP)KqqCAPSH{UC}2a4p=0|&Z6wW0;Yix
z!V(e)VVX^Hoywicvd;nh^1rXA6$~g~F;^5BmIc6*_V4wAf1l()<)Mp;j~Jl;e4^KX
zQJn+n8BpL^pn%gVE^QOX<gKjedz6dHQXaSReH{25>pj-?c0qFgdEww#jk|8I{<EXL
z+<2TNFwr}P9B2n3&@PjX=&V!8cydG$v;OPi@bLx_HY_LG89g_P`qu`Ee%9iV7M0J;
zEo|ZuK=*pC50U~e?<vMSeUtW9UTk2GPzIl`%-Ljd;UBA_ySZ-;fA$0Hu^^Ng^syga
z7QRn_xa=?2sn``|`LB)2smgb6ld{D5G7ib@KT7NmK%59uPJs&>%7u(H>Q1aMg{49B
zuiooM@c$qjBF9=9!-dxs_@mP2<vki$fduwy@1QA4(4BhRd57HP$67DWTV|grjqaie
zyOY$`h8k*vpO{R-&4RLSyn#-XD+huy`ne-Gj#u}+q%f*pB|An~WP2r2jJN`{t3=2R
z_`=;Kz{wd^6Ke(Mqjm29iOVgjpQ*i3oLkobs?3c6ihHn)8Jsm2^}E9F)AWi>hkamj
zC?QNCnKzE9khhwaS3nNYXv~VYxid@r8;q>$ERspsyWO4Ulfgz=Ar3O6>Z}FPZ8T!$
zdqzgx-?-TtRxcvhqSN|@h=4aXH@M-foUNW(xuLtH-bhC23DH#)z|r#Z^U6U1hcJ%Y
zbr5Om-P<c3-uE~qy45f9(;R3ovu7riUtG}~_e)y*UFH)b?O=>+rRjQyHE8~W%^9K8
z4)ITdS~th`A5vaME8DoM0|Xf(0a@J`Ph>tMP{*(&21qe{W@aXl?Wj^04ZNjp;ZT9K
zp+QmDpPM{`YOU-?9U%`%;hI~2z~0SzwJ6KxYJk1>ZXJftKspk$(d{oBbI5CQ5BT<g
z!audll__PSfVFBGH#=aOuwpQRwMRbDV1%lV^5@Ls?DN^wlCARTUvESEH)L+MBCin_
zCN*$5*>T0ob@)WZz8)d8P}~*D)baOxK~LF-Zh0tqhDYt&?xlThHl1hFoKEiI2+H8+
zB@&g<ThFMpXMkXLtk{{BU^fXwsoaXcN3`I#v9T$EboJW1q+by-q8c)9zx-%$Cpcdy
zTJVQT3Gw5W8T?P-z*4)tvtTN-l!?Qadt48nENU0Ts6eX>!F&`JCts;eQnYNw3sX=m
zcq}TK`m@cRZ2PKge9#_p)rzdg9-;a{Ihv`L{$7d{iZn8gh@+jI*|HYwDA9CF10Q0H
z_0k$?l*E?V%B*Sx#K>OeL(PiI-(p?r>m@OHaPPYX^j(s&ZgmVBq3)F7sD+F*i9J-E
z*)+UYmPCQAc8!xzH)!i|LOiI}=j!{ZKOUhlkW!Zg7J5)W^;NjJ;-=a`+)qiqUfSim
zLasMWLNM-4IyAdo>(K|jwhzIHsjJ^Nv1+sna`k<fAw?tOy8(s1-CvS>6pq#TT3*2Y
z>==}&bJ*4JDh)0-;;dTK;DjiIP%9ugP4PGWsYym33oyd*{o+S$?%KmVv4J!oa`LjF
z4-Z77{9)U^kuj*i%Ux9LD!*ay)!y1Da3ApuuHTLzz-ohPFb&DeZX*b95(6B*BA6RK
zJFV)>_5HL_P0O6)K?mP2eogDP;^h@AQzLiNw?0=^T27g}OPZ}aupbq$bBGz17?}PY
zS#P!fF-J3=ysxv0dTZ41u=~6@XlyZrOgYt3r<-?qv8Qb~l~Vc7i~Gach4AD$^B`sc
zXJdb|rq(y?U(y;I^CcHBuhM>p=Op&3Qy1%0E%Oeo5v=d6{glInfnZbzSgsmJ=qBU0
z;>Z$DFK#G;`ctw`FGRbk`s(d|X6B?FK#Mobo4FEk%WC&FlCAsHzl{EL<+!Ow1I>H~
zOe*6b7b~Lx6QPoPF_NQ*pi{PhfFuwyZ5KP)-t<CGQVSZWhQ}k<=;v8H2m)A-{6U>(
zXUT>FL@xMYz<~p1iJ|z-;O!?vCkuJ6yweP-xdVK&F*+lSM+DIh08j!n-18-A-ST3f
zi5u_XfNjB-mVqq`*}%EJ2!XZ}GwkERaCIq>a~y|yQr|IX?tx=;HXGQ7^aZ6zvdk+!
z+Ho}?04=yNb2^tK&Qk{sudRGoxde^#K>;T8owSYfuU;sc$cJ-NQ_+5;onaPeM0tID
zVLU;`E)^$t8RCeeUp73k|1>fZ4ei)vd}FIsje`cF>f-}*a%*7Sb9HjGVrLD!Xay5=
z#Xr4`2udrWeEoB^UiLm*1g2llQ7=4m5wU292XlWviL;<_`kn};w%d;yr|0JKBZI~K
zqx{aXF+@fEkdby_qD7A6On#2`%=K3MRh{fX2F}Ya9P%bF(mr~acTCtt1I>DYeHZiW
z@W(Y1GvT0vbt*)AW&bGJ&V&<Rtjw<M4-ljGB4g0mKZl#PpvWCatwtx#Q+K2s+*!-~
zj67S8<gUyMMNQU(dX-gTqRMUwyBj4mZ1|tDq7&jZ;o2dB5?<5B9d%`Yrl`d#e+^4_
zOtHE{18vU<##(;c{2f4Sn=M&40s5+f5`48IX}#U+%7IL)^tBGVoB&oSkJYF2G1Lnb
zaRSXi2G*yget7dfP$OU-zjB`Y2eqp%6uJA1&s%f*4%JW8pK{QFp!1C8_`R$@bs#<m
z8v;<A2V=qQc|b;^26xgKHegcLIdQlGK*}+~We+$eUb9!O)xIT^sVFersv-)V=w3!5
zk^6?rl#S%jfHS(fJ_Z<!V)MM0K<Ug0X`2dgWwe6D0w}RW{*kJNvshTkrhozIrH932
zojsBd=!J?nAcGL}sZ`G{sor>ne#ZaOll=<;tQFonIm_NL&6<DS5Z!A7XOk}sDt9R7
zgrW;Cn2Hpj@KSaWM0JcW@_aZ?9yN9(?vW#Ll2YsZ-sbQq{UR@Z$4DuyvUX=<k9%F?
z&dR<w^ep@<l9`hXs~aZ_#+h!$@6x?=CaW<iTcWvJ&yjS%yNm^qy|=SL0J*<WzfnD5
zns<|XR=}weL!<o~bHh&_<3YJIo5<l>2Wu)r;1E<?81Wd<Z6&AL?Jc8QY0NTOi<{aS
zh}nzH$hmh+G!@##{!Ln+QoYfc_SigB1T|*KTJ-(#^(oC-bBBon`7O*e*e!?CE&FKg
z>{E(?ECdha3HPt#{~>WjrVhP7Bqg6ty{EAk>FhG(GP3&i4Qzl@buetBA!I*;VndNM
zfo)j|xDaMcW+w27G@O{tKTC%FFl=Lwxo$kVCpwUt!OBkTSKZSs>`N&r=qm|1XXn1j
ziL|j#cfre5HM1@?4sglw52hfBZ}8>m_nE~K2VBtST~!>BH@6>e9*iJGZeA``O^`|j
zBBDOi3D@mOAAf_AL=vsB8N=y7!6xOrd`A1y_E8*64fgkMElO-2<4$jiM^57e3l-DH
zNpVEVt%vI%?g4gaceR`sMN?8GTmu3Pe0O&=ux+Gh{IgtlohbQGV~ABQsawRgp_ks_
z0DC!`hF<dREyhc%%huQ=T1Z|R;~3DHu)E@lf{Ms}z25@#Ms9eS)9=H`jokv~E$pWP
z2PuV2nCbKxr%Mi0F{Da?bm<2i5RHeWd!TL5=r3W{d<HjMPfBw@#H#MIOV5RcZe^c&
zF(A*I_Y)kt7m<y6fTg)Bb&^ErM1A|cKk%mwn;=gacDR<Rr~Xu}KD}PW{6vK4>Y*hW
zc9l%LYY|HSJ9MBh_l8mmh%DMTR<X~?q;)}{L>K@}M#?&eFTxFjau~KZ@wC4#jC{&^
z6%%dZ@nw612~qo%>nZ0M!Q)5?-GkD(9XqECKXsiG*CZ0AAdk0#5WDqY8Kf2|nPxG_
z%Q=~F$TBPIu6VfXPsR!UZl2d3xcL+cZ;iGrPa^X#pR`}LZqh^(3Gsf@{j`0D;#i`z
z7>=}sF5TPYT(%x~Ryz-O&$32l5gce&5U=lx2vhpvd5?ZyV@;|QIo2^OvCyI18NIy&
zpFmsu;z?|KS(cJfrkh+B^>nGBM-?=mHQNOn%H2V}U+Pr$8HZ2hqgBCQU3tdFG#~4C
zlE9BlWv%+>xBNe{{IlZxsRxJKTc>aT&Hn#g{<91q{IBJ}|MS{fDzfv?1)oiQRxRE>
zDj_5R7Nw?M{LX5~m+Bn<^8{ZJ5dg$U(fnUrD4^dM6d2<8J8)ATS(F&~sb}AeX5CHI
zLQ|*>K^}n1aQK>tz5_;!uuFo*0jBH2!-gL<B1Hk*jNLHVvFNQ+WpaCs2gi<#{X!t>
z>TuZKe0kHMfHg|_@l1|TwQ%zf)|k9g%|wt;Bu#_IL3pAWA>Yvs?I-bg#V(BcuxV#|
z^>44CUHza%;Mc4z52Habv;(=(xILyLC-10e%AIcI=>Bm*kk<~XJty)9xWf(6=Me5a
z>G>Y<fA0Si^S?the;Q~k>^~v0JTrnU<9eAN+`kh&urtAwmKAx5XSl&-C;4hEK625g
z@*G(o=idv+;nN(ucf6{g{5{Jr`3EFZYw?Rd7oInCa0d>9(Qh+%|0<U6&T%*!sLrwK
z>|+EN{D8k+jo>AYi#%A7YC1i`GwQ;MeH?sZ(rm`Pp@sh9e$RTJR_zlV9*X{VWe0`8
zMIWRkyy4TfTbucK-OaXcD|Z{XYbkm#J*G#JSrd0-lS_H-q0)yr0+dk<2BWOPt#swz
z!&KfKvB4HbI2RfYBVZ+v20NL|6HRNn*~iHj_HW^?EVh#sg3|pDCA&BLDKUb16>Bh3
z&F{+17YCCU*aziyW@Vf7$DpQIh|MG5tjJC#H;9${TegO#YtRu2l(+WlSJ<)E@g3^;
z4GVag!9-%4n(V=g^wu{5ETf#iQ3iK_6$>LR9+%iKqaAT^>8rFpOx-=CI<Y1VuytMq
zr3QX+;>rgZ8GlL^?;U;7nc-=11^Ig0U=r=S&JerPo}#dqOQQ8P^tMPt$*BAEUhJWZ
z{J|YiaY+F>Bz^gq@m^T4mMp6z&cNVgL5Ovxyt{qJZ3==LBP~VEN-e9)74;k8B04|P
zZR(F8Z?$=8I*P1`^!t<KQ*2|4V8{2Ef9at1x`*G>=Gfg@F*WA$BfU8N*b5>Ks01wG
z9=+nI<u#KStGJ9boUZAcqYv^cFcY$@f^(OS=iF<BUyklKycWHS>SZ$4W2EMVI>;q*
zuAMa`n@}h2%&k)XpSrF*9O|wOk1bo4iozR)ER8LUH8Nxmp%BJa7(1ElYRFo$PT574
z(3>?iL>b#V$i79{nKAa|r@=7zroQjHuJ51kpL3maopYV@Jl8qrx&L{d`}X@BnM7KB
z9!km$y{z^f^qzvxE{+iBofbI$MFV5o$cqRzecrmj4uqeNr?5e=M4KROiHFCNg+G51
z9W~%v&L%`p<-_K-gKb;}g(~&PRhfCF#PyKND(OmQ(n(gMmDFEqiRnH3I4213mpO>}
zdRdY;s?tHC)+9NHuk~QZ>oTo<oWI{U756<V{g()=(At(+GTL&y)?4WOvc`5z-@rk_
zgcz1pl>DSaobgeA_y=QR_}lq|#it@53w*r_^9$2Dd;PWh{<a&H*S`7fXy6>f!U7c-
zw#WOtp)iK7WI*jz)YLTT6bGsyNCk9bEEdoB#@|`3_vf)4cmNmlHQ3?%!j?+0jd)mj
zJ8@mW&}&-Zu+c@f!TVQ0P%opXL5AAdc9o0TUtiNM=V<VERYOx9C3qMXN_Sdw(lRn*
zq8X^XWn{T&$%cF)H-&eg-)SXONT`juRObmq=icr_GT=qbn>|!`FXN=j7Zdz69D^5M
zlAU?ac=pH)RUw5H)p!h~fF4mO<lVaVou&DMDj*yq07ri!%33s?h?KvZP!h>~OXv7%
zcJQ<eWZnZbi4c^Z)xY+ID_ND6mL_8QlR2WDnYzSfS=Ljejm8Vf82q@PWM|5R?_3wV
zx2nPK_fg=EzVC2TGl?k5bq>SITjmrYjAkCtCT9m`l<IaUk$o-_7<)8`6puZ6EHy*X
zewyi9HH{M-ugt+ZlB!Q5(|hR(wm1X__~8yZ=BBoH8W#f#5c{dKsTGxrkk<oIKj#K_
zDNu_y>s4sSY<<0psWQct?lm~}SF@uLLXdY#sZH_{dZ9fy%}*43l?Y4~sDJq8ca*}G
zY{*XQ96|C4VZ5^+iiCOqXuek;mxAO4q@v_E%<+=)Ptf9Wz3cI{LEoTG;(-ERA2~3c
z(y@B{i}Un^@#Ns_*4^+U8r$ADaG~F`eQJgQ6Zu6=Jw*h2INO@RX5+D(7)<?Z55U+1
z833*{BW>#iGV=i%+<v%&%(QEz$=wL4gx5a9saLTmsj?n`HE!leQ>kt2#lOvi{e$GU
z9~ne3--DW%?DF)ue?Y9{XEQ^`ky*6x0Ef9L{Bpf+KWtYH@FGw$214QKl)=EV`Mf6N
zVki6xh_$$LvmZD^>e%ke3~pSsUutg;zBXlwwL`5`X}7j-W|Kmk!Pvk^%f!>`r+ez(
z6WpB4rD5;Bt_=|&#SVPEDiw>Y$x}IU=k1|)lDNtD{kso*mJ#oua;_yEIsRvRG*QEG
zxcMf2pzy$SC|3`5`RecR&G8Sh|IIo@XBetjp%cqw!zVxDG9GJ<#Cbe0q=7$n1?FiB
z5(zG}yX_j0-;47&1fvruR<##yeY$H_>YuUuvW`vbf$_e9|7iQuTljkIzm14>Nn8f?
zm2Nb^qSm6G`u<s;EWNq~qdA^(wQdgCP7c*GcTkzNN}z{<EIk5T4q&W+rjFdDL#d#u
z?taa9T-rOO1_<?eg^Z?X`#m6%6fTSWL75+zjR}UyA=o)y2uzZebLTC?4Rg28{}>8h
zkCxW-k>LLz#y~$On4z{?kXI1lhCvZuxvS5_{=B3bP;Ox(=zUTam*nWPF8{R>a+%%b
zuv`$h)&0ycgoef>jfwv1t#>X2ndf&d7fH~v^ZbSmq8pcPy?1P_f!0eEV-aJU9c_We
z!L%RO3Prw%k(;u;G8vr;MmKSfT3Y<Xoh}LR)=H0A?)ph6MjZ_Mvv;DBsc4+wipZ+^
zoXlCSdclM!Y54Jtt4GF0;ZcrVUlI$0!zH296ITG<N%lQL&yK;`o<@U_!76|P35wST
zj68F)hg@SW$yhrmEHsn~DB6pkCrM$QR1KFJ&Bb0tjEGjoa6X&^KVv|NRH9rp`cBT0
z&GBW0$B(Bz=O>}*N|zmQ=2@H-Vs~3uc8e0_VlP6UID?<boQQLRHYgv%h+Hkh`_Y4>
z+msh;M4a!}za};OG%)XJ4N!@-W@5cr`TjSJBMrn><r~{HYf?8p4=0Fia@pceOrC;u
zj@(&NDas=?vO?mSd#$U8pkxlmm%D`ezT8=RYCIOY$)MaDP;XWvub39&cb$1;{7PXW
zL7y<m4sWKv-IhzM#feM+73F6caIkg4af1P@BeL<gEW*p2Cy9MqRUouu`J2x|(_`wB
z=nJ8W_Y4mk>J^~vF^irUw45}<3>Q<BwRF$caX^oC`*6pB%jTX(R#SoAib=^I189D=
zX^S;jFRS#i9=)}=l))r{O5*JG=Z|$|F$}p2W-7|wr$IN};85{E-EStX*yp3`N}_(y
z5<+*wyHWtk`6@3PXoKrF!+u&}U%75o^dN~BJ{}m~`rGUzeen_N3P33`MXxVz%EwEX
zzsq#<+wPL13^ibywF$Y2@g*a?ml%MTBa?P)+2-dpFkDh5BMjc!Y;OyVcTY*J$pKID
zD)Ss4o%`FpL-SY>%=91~rf&Br)`$TEl-V@2uN8`5pIe8{P#l2bShlRq#`$MHq2?A2
z{`cwB${QLD4sw<ze8)^t(ulua*(|WtT-hl0zbe-$K0Jn0SSw7ZPVR8xV2V<4L-yYr
zZmru=XyNn&)!K%wOAqAEYE$p#Vug(>{HHPQ144cFgJ)aSN;tHNpjdcptncq_#T}^J
zlJ9*yUY`N;_^AA1e_taF%%phPuq}w5De~)5-%ARHGi?|kH4|4%gk6q!I|oLYboUYG
zBlkwK-OtzXe-?%YknLnF#}1n+!U${r7uF{Bu0%}Gfo&u3l0-8UVT&gz^Sk#7<?F7~
zuS3R=Ak%HdVx%o%Ey9H+&T4{N<1qeis-UvIDf_~hfKwGh)(qcSX-?*O-4vzVi2VEU
z{=FD56WWoxmsQ^G<4s}VqWfZ=>Kr$$-NK<78Ts(-fHP`c)#-i?M_PzG?44r{CogaG
z9Mx=;dDW>ew|{67!KQ?;IPcu)>cXDp?H0(_<=TX%QIF>omAPFq&=)jLDrcqOi9C`)
zGbbw_)^%J)cz2JfMfQsahu@|h*`lcMGj_G=o+ddIT*UC2c{=_1wG1~8Q7PSZFf4F>
zAQ}{`L^ulQ{d74dqjp3Bk*nPtjFwjKi%O8putH73E4usy81MT*{aRjF49mZzM7=B#
zg_Gk!8(*sZE7;~XZ8S%l=s-s8J60=AR&~wD;1ClgDg_(hJe2BOMA0d7x}LD<X*gBk
zUg{1Txg|Sch(g+g@vz84#%4lO3s%j-<K>!=-opI9q`3)~c>E;+FS^i3ZV2|4EkYNC
z^jeyI4cpqqO!=Hl6VNk&@>+k>^bX>cDBgGc-X?qX87)o`tS4H^LX)h^T8ii?PvLe1
z869Oe^FJ`tB@V@Dh73BO9dCd(M`z*#52TB$dG{<wM|%a;_STm^Jw+?hb$7FzSPsk6
zk^3z1`@Bo;-`|3Rm-Lg(!NNB}C|WkC@*lwTJhu?lrF$mwE7mzFn<EH2lW*1C+01nh
zaik4*dFDwEtin~8jz}4IQD<X)_f|~6kFgj3G-HD@@oq@N_9~#=Ud?nK1i>;xunV1W
zfDok7L$fg?H*e%_*gAof-qfxErtV*_-E5>4yv{pW>jPVCtg>wB18zz&U#sb;*5BIJ
z;8_?M^4H*i1G$};^krUeNva<fzos{V_K(IVJdDP;?Nvv|-Uz5VvN*FWhkUE=Gnm&*
zA=zXxwrO#d_SCp}yL{@2ASb;R@IFdZDg~0frU2os!;LHSuxHdI$cLOGu@GB5&k<|B
z<g??0g;NDLn_DpHt#gz7rm)#5^sJ}q7~!TiK^bOKUE;bB**8$To}*hFxQCpXrjt+t
z(xnXg@4xu+=DP1RU#nXBRx|ZGgUOacSw*b&GV>2|`QGmsv3|XJ_HWK2NFM$3oQl<|
zkG1&sk0rI~H!SJsMI66Gn?+~XElFwiSU-8^_s7sllL(BZ-ItW-e6wtIIZPL}<I=VW
z1+F-~yEU-iyKf|<4i((3DWT}76kauM$<^OXJc>_YJQ?!k=c8ew*W!#hOo<Ub<vABZ
z50p+;zy3+01EU1@x56^Vo5#WbOQK=;e+Rme2OH@O>%Np^=vfssRYeO+O~3r3tEET#
zAE7O3Ix4jilN0;&cT4TE{+R}K_<{ek^2~oFxoG~Z3;|_4bvCGbCy_(t_5c~`-qxwQ
H=@j)Z(}{JR

literal 30307
zcmdRVRa9JE(<V_u60~u5m*4~q?(QDkA-F?=H}3B4&=A}LG;YD&8h0Ak?%{pEZ*FGI
z`Y+~g`eOGwd)KK`_3Wx=*E(GdR8o*c{)qn(0RaJ7T1rd>0pT4G0pShrhc_=XmjwLq
zm#?=L!t%lh2%wlxPe$)vu3tH;NQxj-j}soeNFpf7sfkPekb9Z`|L*hm?_VJyq3W92
z>+5Sc94;xZSx{UdW}g9v!%k06cXoD8PEH;lAD^F}ArJ@@3LPCC-QV9oJUqO*x_Wqc
zc%ABccYk+qaBzHl%+AivEg;#{)HE?Mv9Pev*4{oeG}PGG*xK6q=g*&+nVFQVl8ucG
zFc>^CGThSAva+($)6=uPz1`p6zqYn^dwXkbZ9P3TWo~XhH#c{AdAYp2Y-wq=xVQ)c
zfx^PVIy*a;mX_-3>fGGifB*gshu`k*?Owv+)z#ItwY6~A#nLVO0S*rhPrF&jhdr!}
zU%~G-TVQt+t#Kh@Vqy)eH_4Nio9%HN>_$7!aC0lqIAFMjs-{E9LVi(^roP25Utc)v
zD7JC+r;YhirK>GFTah7i;rx|m%HPDK1ar#>51&YOm7JXHtf|9WCv)@XlU~2LVqoE)
zYIjp^Zo!9>sqWp!n(>{`*!I~xvjiXe?!w@rP~gMW_C#YwW#82C&24SCjX_A=(Z<kr
zZ$ZR&B{ScQ{@K;|l>C*s?&dIsIZ)92P<=}OUQ}+iZ&1zsW$AEtr9*P3shEJUti$ni
zZIUK$cEZo{bl}B-?#AgwNcrT@+Oe5UdHxRt3B%$%8?*DVL_y`yP%$=5E{>Mr*}UHa
zd=51nd=arVgZ8Sb5+S`OhjTrtHn+zC(-}&A6-i?3?71CtoE$2ux`DqscME5HuZL{#
zvcjj1mK&<FKYsjZ1k~@{$_&o@k<{Myps)521Jo)@;<Zc&XfRxm`gY}HBWcFYA;z|s
zV(WdAj`tG%-&|A_R1rR7<Gx0E^Xlz;WK;k;86oBeVSF!68Y(7w7CynRY~spl3ffY#
z8b-wSmacxJ1~z6vPP*>C0aZVxN%9lNlArL^Ctk9V6hT@{Sj}VUIQ`5)b)G1+t(bsd
zd8#|H5X)9Bi5?mvlpE(!Pv#l#eh^`0KCcBChDMs4IJsIV<6r_i_bX%~)RJ7WqIYpT
zU$tRO<pME&<l}Z(LIz3A!Y%DzvocclsTM0(8IhAsb?#+)+ZjGCIetK=h4DjUyeDcV
zzH;#s5?u^4{0|9TYv%R};T!v_>(>b1oFni^cn}cUzfsJO`ynGBq(|Z8ne5{rAmAro
z+}JeF>2)F^AdG!85m^&N7VShpP|_S(CfmZtcS{?)eT9&#UFxvC$7rI7EZT*Dut9I8
zi6`Wb+S~miH$O13*vHAK#~DoW0`9a*)fPRTP$)8}xA)5z1cVtVsJBmd729EZb7^|<
zg|GOMBy5jQAyr|`E4`ddwqxgQ2nc@(XKtL*A{q4B)zSI*^>)7d&>;LQ)~Kt99MOBK
zq^~|ODhbL0JfI*TaC}l1v<LT1NP<tXtFs~Y2nY+n8TPvAeqBw+q_8YvW-Hv&cL;w*
zs7UxsZQJhf)b*GlhsdBRBW^@E+Kbb#xJj1TszFR^mErp0w%*Npy*uw=tS@?Tb|l;e
zn^*dh==~(nQyju>)od14yM<mO{LG4&9++iY+wu|t;bFA_o1gUZ3yt;^QpZkdUM&Bt
zM!UF1grl#=U*I8uHIEKD*&Ocp5&X;W-OHT{EpbHNTlo=9g^+llO_-KPvrNy;l@0<z
zE)p%kX|i7&M>AV#fqpF$SRp>DNX>}4ylf=fYyTcbhk$Ubmnq1c09wHPgp-n^#G}@Z
zgx<A_>1ZWt>)C9&`SHH<1r0u;(AcUDP%Nvv<26$7mXEQj1wfsgIZHM+RCjr4$*+H5
zVDaob%ZoDp%=~4GZux~d9T(67c3VYr-X(B}ypapscXB?l&htd@5=8;MRSsb$A4mG;
zkb>L72{=H$QhKuB8aEfQXyR)$0b<3%l2Cn5a`c*c0Mw&hz`!90%iF^fEUQ?4b)|K}
zFMwV_<8N|?E{I~I#)y5gfZNV*oN{r)p{7`fct0p9cwrdtGchS;gUDC(L(}n~wD}c4
z(;k>b&g^+No7~t-%t8ZULWfR;b{CITQ&fg`)S-qYNgOv8RT$F<qOcTlrp$Y4`Lo7`
zHeqdv52uroyy%3<#-4p$>5q<-Wp-0`G|7M<i@%^#WM+t(BmQNO1d=5@ZvZ6^*H#8)
z>wBJf`C)z5iKxYY@7W+=YsKUJt%k_l_v1g7#lh>gy>Ec<P6`}{Qpo!zu&dapzoM}}
z2Vrzw4y|`xs7J(m@pm0{d=+e#O*>;^EC#CW1);<{t0z-Gl&(;5Bw6NwzhYy2wkhDj
zdleQ6&p;k=_wHxNJYA(7s3M$T5wpz}$RIw-1wQ7Uy*V<<IISoXBX@1kotHJs(=Dq^
zYsLCL&zr&C@h+a>=!jwHTVhj~wt8iB$ARNbe(07@YU#LaM3ff0KzW2>P)btWTebY7
zB=OA)AJ%YAgo_MLq2qKR!Fes%9gz=g(0y03;Q4uPB1f?<`tiP|32Fz52q##>Oo6pk
z8_Vipur8yiYV8>a5SO$JT%Rwh^^ER}iXHk25Jo7MoyO$Ir}-YZ<fQSAq+nYd@s9A1
zW~&tsXjw%Tj~_w2R!EB5JW?BG7yq*Q^Nec{;5=`!2839kyU4Qk`RL;aEJ(Qta$Z~}
zgH-(Z`+31yh}#Y(oq|6m_A*B2C+0(Z1Wk<D?>_<fh1?!lN)+@7UAG6|{9iS_pG|H<
zObDtC*-I*)K>j{Em(Ld}jLv6ygNApvmWvP5mj!pQxU*5ziXO09OH;ygxnqQCAM+mI
zTE4wv2|P<~P5=qaszT(DSLX2gnkK{F0lVLu&!JYKc~&a~Kgnngx1aYJ3f(~h(hgNP
zx-6UOI(<%>Nc40K3=gKnEXwm~yrYzX>xwut3uk-kI+0jQJFwIoL)EWsN>Axo6Y19N
zi8|W%`Bgbl)r<Gxoavm*7flTCkeYK#{>_ZijIIp=Pa*Dh;1jEJz#hZyc1e9_nzAG;
zsz<NyAw@#s<msKE(U0D1hTX)$2}&P|0SB`)>$Js*1={pv=FiDhLIO3LkCL72U5|3`
zdl-yzMCk95=Xq`elbbTA7u<&b#gPcz8MUdASP882y8_q%cbvn}#1dptZ?R(byWdQ?
z(&BKaBNv}d+<rLZ&YZn26nU4fq4)W$&)}Zm?0d)L_xv==Elu%a;|8>x-`9>|uRH`r
z8w9=h3{}N}!)@gLZ5IQhJv-m8bn@M+6*`x=&yYI_R>WYgTWk}WPPZ|zikdI`gE25>
z4UpedNdpX&Il;X-n4&*dldeiGbdte?AJtyL05X)6?r|<pKFwm#_4isE?!Jxj;e*T7
z<=mwvk&tq`*%v}W<c=3GmdV#n(4b@=k32$?%l|@V5?gNW=%5~Ba?sZgl*NzO@LuiX
z42^fg!^4Lc7u+KwBNYq`Gcs7KSQQ$Zn&G|$7jc+vogPNBm!U}xuBw%+9-XT)Oh=|T
ziC(1sd>0P5{t*@BZr!QzsuXm+sY<hvR=6o@X8VIxHIWnr?E@}nq%qpV`2FJAM5%;o
z+bgy4L)i+WG3KQNvxaG$)QBff!Je#d=ECh%7Z(B#(Kts{sT-2v_P7*vxX__^BV2a2
zGuH2se`CwZ-;bHHm`9~0&=uT9=ZAR$5uC%j%rGtuFS|;usWZB|C5@<y@x$qrwys9y
z1F?Udk=z$ODJBdRrt^<|Tszpev=aa~_AxbvyK9y<|Jp(d1y(V=9AJwf%>@O|cIw3>
z>d9jb4Fj1CoT|laH-k(|)CQwNpVgBzG={*Dv$I(0$y)5d`BIECip$A`4o0Oa@>zOQ
z#i8<@NpeH=2qJYpLyp=9%+N-g1)`Tw^&h&6JWU)uuFYi6eiAg>W(U#~hz<}Bi}r(L
zMJ2M`@kn1GQd;|%UWGeqb}Hi*3US`<$jvo-@F(yjqh=)}M*>-$CF-a%+gL8NE1+PX
zuzo?Bk|<e|X$b?f)#>2SH}!zScvkj>>k6gn^ZlUIJC`%d^z>TcB4><upAGZ;QDGS!
z47!&XN8BZMY?e!N5A5~#toS<uY^;xaq%POvTK0a?K`W1zgSh=KVe@c+eechcRfv2!
zP&v7LLNwZ!Rijza><DNBE(m6nVmdzR{zkbGrKbKgot&y>d(j{r&u<4zRpYm-lGWKH
z$IdXGlYn%HXEpEWFXlp`<_B+zD0SscVco!x{F&1t84bZRH2NDB^DyR{PZv#8{(lDR
z-O`SK(7JQy$C!oI-~wn61zRbLKBW|x)O)T?D9SKy?_6!q>m;f*so^FTuGDg5KU3ni
z8T(+&LabYF?||>jExA_ijz!~0hKU{r_kC%1qTlwW9Y2@4G4U}f-$IWQs<(i6*pT_2
zVUe@UoC!C6Z^JQMNmG0dxxl)gpkw_S^YOQq1~iri#z^MbHA12x#ckEhK)K2(T6}ia
zii>`c-*F{)aMhSy^Vcst$TH-A9KX)zTrM;RDEuMB;91epv04T>yaXbv>v_uP`AOME
z+{K=sXE?y}`7l2O6~?-FpFmaJ<esjeOD8`uKL&}svI>)X+UP|@9R!P#1vES*6DgpX
zLL7F!g-sKEs5NRWd-oXk`jr7Ks12<m&u=EgS_CpwT_#soPM3oU^S`NP=7>J}sEUK}
z(JGx6cO;(aD<#-1z+Wmmv!s?2S8`T#C~zQs5zq51I;3sCBw3?ij8p^lWSal&+cLVm
z4MZWasRT2|LLCFj$XX^d0@^UrBB!126jLgJmdM?{hwkGY_5N;{G*N*hr`ji@S<Vvz
z>jL$B>)8VA^&%FCQSl!Q59+)kxrW?m;aA6B?i7*z>4|AplkSq=SdXpgrLSgYM$*K^
zF;`|g+A~KnJXI%XcHaGE77EJ1`vMJ}j#h<DwcPhfXxJ;*BN!%c4c%Q`{O-xoG54`e
zB*89O_8#KSTn(wYD1QquGz{?c5lMzKTM6bWV!>DMNPOL?e|>2YhQ31RHQzL!T`WW|
z;pXvc;Tne)ph8C))TNWpr^rA*Nj$ACTq5Us=<|z%J)e>NZhRE;EG#P}H{H=-Fad8&
zEE042HPBX34!4q{U6F?_wV$nBJ~f4g*vfB1nP0et&i9I>kP1!VK8BR~!as~cy3PJ)
zYf%Kbkl=|QSKnwdKcR+&?Fsk6J97ivgOn7P$S9++%Ww+gy`)74MXp(Y>-<gkIUrth
zTw)#(#p+b^o|IO552xE)k5p80CWpx+TY!L>Jg}|7p@d6PRwQad#q-Cr;yIk;lHkBT
zwRVMMxtZ^Sy4xQY_XdaJDtioDvS#mgSoqq|P<%e+%j@uD&~1a8Bqb!4vVvzg`h)<A
z&QJO6Pm_K1DG=Rlj-xMvQL!5i>GL0U`|_%zD(*(gTuGCGzyYdusf!O0Wp@>EZDm#{
z0j*<44(CJ`mZcW^JqudMFj#R=cpTQHHeWtuV3wxQ0@4Z*v$HcEh}I#ux3=~Z5C7>F
z2vCso@x7i_tnm|odP;o+mI_ez-P%9Fh*cnH_++oiRuSRv(AV!!Rg882!V0=y%jO}!
zt@w-aM9JhnOu9idj!_$D`uMH8EQ|I{9wC~bH_k)ZD&iCpZs0d$m}>7?Gl60Ki7fQQ
zR!M<ri2>^3X6HG%s*^&>Dy$}pkb?7E)w0uN*K<>U$Hlg9qbmz#bVcmZmSrktQ7{C;
z)7)6RBK@7MM7KWWyMIry5dRB8V+l!tAR|#rJOaG0D#4|Oc3JO6n5Ww0Z2SF*2v2hi
zb+C?SsC~Y$ruuOHy;OnLL|tC70_1qpb&<c*ZBV@>V!@6ed8RU0(UGY_War<~?P-U-
zHw@4F6bp*Rf6`3PNWW1E&X?)qyax7PfD>4uEZ1YMvx#?Ey;$V-egaqRe?A2$71L02
z)flX1rq*VXe&+uWotYLKbG8omFrsFX2K-SdBvI0MszF302k&|s?FS40>B#<2Bsunt
z)})(YX2fPQIN*;5!*=u+xpM(GjMy5|?g0w5Hy)q2LZ5JGZ35v}=d!A-+X=$x$*PvN
zrhQL@b6ee`<v0N<LrWB67r#xHZS+Mdzk^p8CrPM<Z_2KxlBgCc*<ot*X;GTlX1N!P
zD=t;BTle4T8;EZva-aV)*cmq*4)H<Dqh0|<Q2Gbk%A$^r6VJQBznYxLXD%Uk;+}ea
zhOK^~#r|UyvNs}rM(>yNigvEkFdr=1MqeTd<O%Cp2xc|SR)3n$$jIQtBJq<<3I9q5
zlcu8cbE2+hQ7BDpR-v2|TX~@G3$R+uqu{m>gg;$SPnl#B$zvF@T3}<Fa}iAi7b2Zh
zu6Q9V#%tG6FhRQSVnc(<$97*W+Z2`9UdIy?-)f$>n1wFUm!`hUyUB&ljyIJ}YzWCe
zsobWquReR|j*pr1I$wGa?7c^1pYKo^zZ5giMt2JA==j=>F0-m1xcXyy_3H|-I`^5E
ze?)HY2lWR&HvK@np*sc|F$f9DLF(``-ZEt6hky0_Wf(AU+&OTyg_L%uHN-i4@EUdc
zr%FfxLxXHwHznof$Y(tlckjGF&z)WMC+97CzvZE;?1Qna%YYkCxpx0Aw9uH2%%RV_
z??Xey=~D0nx%boN*Ef36<oLN}0J9riOXX!Ax2J__dI^}^*x@;mz$3-^gQXyH$lRR1
z!<&_NjRZ?|6>S2})v`e{W~!g-a9U3dy1TXVPQ2_tw8=gGsHts;8uMS^X0Gb^8;p%S
zUu>Tuk4x@?UNl1F_10beT(rS#9#W69DtGQ#I}-hpYJHN)2qx|)LGlhd6D8dCZv;C>
zp$OX)ktAU{J`*POq)K-iLk@oiK>HKdOjQ_yX7u)@(Q>0-EhB|K5Ce0fS)$jomrFM&
zs6MJcHS%VE^}7>|ACs)JFz^qY_)d};>hl*z9lE|Y`{Gx#PEKj|?}|j4Mia;Y7LBzk
zBv3D7p+1xiqTd$X9A~C`@Z0Xb`UFYIep}RNvD!wv(_s^>H!kjmY5rP&J)rrjh3xfm
zuzJupJD0`6{@#4V<Kw{_-}Rem?3&!Vsf8%PNT{6Tm;CPiChK#f<Kh!9pVEz1;`OE}
zW-DY^Ou(6gxDZ+=AAc7zZ0>$NsRz#P*LK<Zawfps`-CLBkY-j%G@voZOMP;qYCd<l
z3gL#9QsGT3iu_*48RZyVN*Ne5V(n*P!L$V;m{>e=40ZWoB?ETH$RjaR9Gs)PB9War
z{amjZzpID&<V5C&iHQ3L6&dE5gSVuojxj4<b52=Vf(&0tE+cT>y<guTc(V8eAME^y
zb+)GOJyi`o1k${qQUsQ^6G4Y|zWIQ7`Df*m=O}Xh2t_}wzLey<Ib$bu?LQ&Oo^pww
z^Iu2RGa4vm5Yozi%C@BWQ~525KlyJhpqb$gJ#&xF`t_IpKH@X{o2*Emv@Zmd1Uc&i
z^HK>uK_XhE<iu8-a$^SyVkI%}CzY25_aX}JMdCDqKP(sYkwYeMTD*U!vS5FD=Q3IT
zMTapmI(k<!@7Jry2xW9?W#W*+03)>^Y~ORqXQhKEe$Q^HK!<bW&Tjw4bJX86O04Va
zc?^B)SwI_R>gu(<rwbMoYC1=T)aIh19bB3ntp&a6O%b_tC(n^+^5sT~^8P~K<r{q;
z`{vAxHnj{8&qxU>c22yHt}jXL5Rb|=A<XH!<dFM2Y@dL<gq4ND0tbSB(DMm|+isHB
zkkQ-Q$;U$iU8O;tg{jrqcU;tdr^?jD@ToX8psQVek=YsO*RNm1@q+v<U;oYzFdXi0
zRln-UwZB3xMP41)LVS<GAn=>Uk?%{aZJC|fQt0H$H23#^yy3o^z=eT2zC(O@=`@mz
zTlchc>MM*Od)cu-hP@*fM-fAw$wV~hIJb&W>eJ>`4EJytI)#KE&)559_jO-5cZoul
z*I9>Z$r}8cfbaJ3K}^-@9z4S7?mm-5)0qY&7zQ_R^ByIprs0aUyYDIYf+ZqxS>-BI
z?*#h5lJ2K3X(kn3u>*V%fx3S;?wm{;pPwxOhXA8+S&a+HXarm9S?P9lvkkot9@#+j
z0L=(M(xt1*>f5m9lUO5TiWg<n)gwUE1}l0AmCVfg3OYr#kA3T*Kz|)31rBainfCcF
zpci{1`O^U;);0wXZ{r~$7h*&J__1zU>X~bGX05FKQ7MDM54-#m&i@*>5)0^(P^*lG
zq+bLvV`?fc9^}xj?M?wDsMq53zIJo-HkBtfSDoDH{>RMJW@Z|{Bae7YRZn9@r|Y23
z=o55mKfh)F1!W_MOd1cJf|@F1%K@L7%NQJH1ZmB@8{4{;W=)}?4~9sl-Q7EwLbj)X
z+t!e6{KjpcRrmtm<9cy5d$f&;ztyb#><qRQKs6p>J=MDYk-p2(RzX|tlc*KNqy$lu
zTHsIbPX;W@RgPX;1c)qe9qpdTDSn;c(HOst>v>OL+9Yh+q)xx(BCA%&q@q>%F*xUm
z<oN4e=VE^iSqlBEFJ&{!Ugki`cmIpATmHSESln;Nwc%jodtT#&g=j8v3U;^OXioip
zHI;GHu;4dJdiIJ>rBk#pVRd0gc8rY2+R0UaKPwFd%lHL)j2Lje>oWP9OnGCzB?Q*3
zx`LwbwwN_Z)NVXnlNUf82~dlqqc`Oo_3{3xkc)Pxk%FzOONVtF^{!tNyS>zU+%Muw
z^6Lk(HEIx1Rj4gR<7{kK&KZKDVT_{k$9M0_Ug3n-luVdpQTsKFfYcjk3_Lb1wl$aR
z{<^(lD>)v80I4bc9?&u1?Nij$@e6Dik}dYP4#r}y1`yX4cO|?9@xvrH;#Wgg%W7W?
z)Irt7XkrfU${}UO9QY`%$4IG$7W#9juSW~Cq3w;)hK#{Se~i?TfA`g7*j}BIi~5*;
z3`tUR;1WBICuubTs%&AqVHbI|Ab=Ke(r;-vHwSiGplp<0vA)6@2r~W<ikU=(8yYTC
zOB;#x$T$t2aCiAS^R*3M!m)zVuRI*QbHqz8)jlhNG2j;Dy>=cHlN-*{<0!DYVo>s8
zoGr#Or9CT3=v#j3@5gW6o4ix_g6(6n!0oocCNC$|-ariW*Aj=6q{nNq7<(tjrXGit
zX#l3*xq&nH>!QKqiZ@+DU3(Jhlh5`yfibFFz>`{O+l1!X9{~3NFK~B&5-qLZ-#!y?
z7Fy*DSl{~kt-iS=L-?5dPx|47B??eykAm)@T#752bG}KvI%V`zGT-@!Fm$I|$LDc#
zN`uX2y$F`{-O}e3x3I4nKe&K)7)@8&lNH<Gvwh?*8lRD5gb`rapJeiIdp_KUhojNc
zCtE?rh-R{taNJ8jWsgMA=um-LYI_-t*=1<xM}Z0>QpbdjMrsr*Z^o%9*Zh86wYe1p
zr}&`#%<gGA5jw(i2_`%xjYoh#Yp7rL9OU5#7GJ!-I?Ix<uoLscp^SFQZuX=gxb?V`
zXuyKvJs;bfvFgpVo7`9>7ucRZkb@|P>u6`;7~HlNslz4$2HdY*<r4cAtk)63^C@Fv
z|NJ&54_d`-1H66;9(dWP48DpJq$-adMiZO5!RlAQu_<7b*N&Lv9z$|ms?g_!lT$9o
zNGP#WLzIIYL|jP5=RD_YP)bH8MD*wWtBsqa#vE62sZGA{ApJH2N!s6P;*f917!xS(
zQ{>_cKw)EpG>XP)w->|?GKh}j8Nj^-Xsc;BbyOoipX%h7ondc_@&}HQyuQNU<5Ht#
z>5cXctTg77Ap5o!m%>fBO2O_2?F@?fdoY;o@2-pap<nJdM8E@vKQ6`fMu=#wR;?VM
zOGLW8ECBr5BVQjwlNrR`2=)O5fc1&6<2?#dJ1ui0jH?Zg0NIjT=o62)o1JkIl-XI|
zXvo#7-#c)6b}t(7%X|9duS)8F_SsUCmLu(a{_W6N{)V9J+9@v#8q2eh(TH~smL`1n
zj?fHJSvl>Rx#3Zc9DZmN-(1$?Tj<Ny(JA%0aLWW;x;k{}^GXV?LFKf4JWrzzhOCPR
z(d1a!EgpzCJXl2P*;5BerC!UiLcH(YC#e;?*ye(Y05HoTrC;?fdD{RPs8<EUTNvYv
zML6=9iniZd<?8h*u{lB9o!>W#^S7-XUvBTaUhm_h4;UJhQ1|q#G|`~9a@6FZqvJDw
zHqddh4~_0I9PE=1fZAMsa`ta0#7*xY{3ejYg16Ps99Y7Mp&GME$?Lrr?;)JZT{pVQ
z6>9l)oCN7En(>HI2+EoN1^&Q$@qG5)vl?kXt0fnO%u}aM^Vl*5OlbCF2EalAVh}_D
zn=O9+hKGWYFy<%?%rsB6jGq8uyt6k*ACh%kiu#*jHtm^Alk)9|b|r=5*Ju1?_S4~#
z-eV8?l7^JMi7yFWd#)nJe@JVHZ0eNqjb{mfz=maHfzd%$1}WQAl53?%5qlNxU#~iZ
zg8;z+0q<g6v}(s`iYeW2DPcfiV;z2IDkWF=0vA5zsn0!Uh1BPGTya^dYPG|Y(CKUs
zhca%RLtld2V{0)8JN@S1(BA-(yw!Ph9cueOx_+2C<nGZqbD6JVCx9%}6y>0ZApH->
zUvZwmnz+|v3EBHIZ!d_hMBRPccP~(^=K{)sz(!)KkjvQ%#)nvKrh&9?2u5RwErH{(
z1CIM>VP1X7*Pfj13<&VXEkC9GbB_6+e{t->syTt4*&k<kYT5vm;Gv+LcwF<6{IAj|
z-X(+jtOr=CEgWbZZxCgS&*ZYN!wG}kIWiN(PB5hSq<LlOfkxlri6-7Ssm4;HX#bkg
z@#D1mSUs0Ojs43po>6sf);=ZDFG`v)VX@!Y>$)8ha{9J#jtjdi(D*HavPhv*zSPVQ
zbjmuBy^~n8^t*->K35F5OM!xML1YyZhLC<BnBX(U5x^}u&SRU@Cu@x^Df*fhj&RpE
zIYma3LEm@t=j4{)1c9SmF_`HA2{?gqYh-Jt)GSqW6tK>Hl1U_2dgun_xF>r@S$0VX
z;()!6!Uxh3I54l$U=MT%`>2!D6bsh86vj1zu<g}Pw2n5INIB}JEhVUv&Z8438I+-j
zJV=<K%OjK{+@JjReT8CELkCcpvqVci6xz{vo^XO_WPcHI@1A{Y^cpyOt(Ydw0x-`n
zBaG!aX_ft%F^tBiRqu)f1QNw%viTS%8<bO;*VXy0V~xq9HwZ{4vY5&r-m6+qUGFL=
zjRILqQkFmsOYG^P%5AHZAa)I1EOz<I?bK~7vq^@&!?=Zo-cl~$rm6w$YtKMyP7Sm_
zdb!cTX6af~tZ8-ZQtg{isV6xqU;{Z<0$7)k+z~!b9JDeS&%QK~qT-?J02JCie7;11
z+&l@c#DX=4rR2W9mwPIK#~)4q8WE$i$({9zft#SP`8BY~Ek4EOE|IcEs)GcRo|^;>
zh+I`DTAbCgWHFOBk1;K`>KG#)&;%sGlu%C>y7Bc_wk!`o@eU06sgxoXqz;XcV3zmq
zVFVwT7cuosFxb~T5<M_8i-AZ2!eb%Y7;9;@I4IvB(D23PAs0Mgff=O+3#WSkR@AE?
z@Lvfe6dLLLSZO~6_T+gApoxNXwX88(pHGODjB#99MLB^rBz1HUkB(yAk$YH*ac&wM
z)Q)SVs&Fo;{MPBW9KeB&24v8$Apx;iB6sYo0dPuHVu9@H62Wl=12L{|T-FKj@aU3^
zJuJ#z@^1&V2WR4Ww{t5_;uKuQ=58F8j@a|2>M1`QoJP615%}{g|Kkul79}xxq5hnc
z)z(4Mk|Y&WUO8FyoTtEJ>8oybA8!8Mk911GvR6K^$Z@wQu;_11TP+6cv?jXNeoD6@
zEyYX=EiwD7|J@6qtti7_{GFDuOlvHBhD$-gtYfP@FjKKf3X*s{tWe$<Tn(fH;^hM^
zN~yUn_NI@bz=;X`6C99I%~j9eAU<XD!^Rze#b+f8{5F8=(<c?iO;t=iY||qo9<5@a
zItCxtb91{#zHLiAOjdlE0$R^0B_~V6%V$_81CYG&_4w&?w&eWuSF(fuL7l~Y|1W{d
z;c4$12T%No1tvUpH#Mi%z_dTW&jXI5rtg4fHiU%YO`!)IIl>U6DDYnCA6VUbQB27*
z3FN@~m4fPcvW50c=>AuGTuOuUPtVW3k1V;Ww^j|y9bJAJ!jPoR4Ru`lP&;?yG3n#@
zEuYNGT5B@h?4)hm)P?RJax$J8Z*x^J03)dnU{~o(b2$t}FC$W{_DRYyR)wVtTOE{o
zt63WA`+94YZ&$4sKq{<4*S%58wp4Vp;-Sb@YiV117N#2eeudR5#JsnzG%HB0{S-z;
zitRf^<KyKJV4b*I1q}$q2L(`o*z307$62cm08RW*cxt)2!%aTCJF*_|L#8$QbDQqB
zWdtlky6(TO`^q235XlycXh~d&w8~s1x!z*dv2jw$X!pFA3ah;k){v5_UFrj&EgAeV
zI9<(lHt(0Vlp+Nod1Om|;3J+uqaKLy_uCVoX}kHVPE^r0S1Cj2=nUC2v=wY$!D{29
zX=iR+t7v_|zw0d83RO_&zB8CL!AaG!*LX&{Rn)>^E~oVETFjijfbA*IgIhJc_kykq
znz~>(>7U-Mh$t_8-3}-q?Akkl5N(O%MVwgd@x+Wa`n!~``nh$nOn~7URNH@^$5F}w
zecYggNK|inLEV~GDi;>9d8XOTzf_016Ee>VEissK{0)O(tb>PYPe4WXhmtaKHwi)w
zcUM;vm9=N1P~H${pWECErO@@_HKbLAO7;5yX0BCx{tLTY*B0hR&Qy<Jwz>`#oD8cp
z>q(N^@GQ=1URvIMS=Fpkoqli^eF!io$5_(|fSAuYfWmu&teK|qWk2k$pb%Z(o<*RZ
zLRDX&fS3A|h%>{U-;!0bC}o!D=q#cFV3=WUzs@<kabDU-=$Gq7f9gKWCn-M<zNmnO
zB>F5Yua{j!zfb0J+@!U(a7gK4J<YTn)&GFGl-f|&#qNDO>IK*72FK`BZXTM~AiWK@
zH!d@dbCK=i%XC}U8hz&5ZGiV1m?i&iO0n10{m$iTcuU!)7}l|<TI0^BOB}|mDTw>^
z={0(r`bLsm`zT>s((oX|__3wRp(UFuPR1giK$d2MFkYgeGc~hZoo)tj-G3Z>mb?J|
zCD3hJ#S98<-GUZ&TG&Yi-7t2|_biUzMw=JLG0l?k=Z-&@`iLEz*qnuDWS`igRQPQw
z+>Uc!<jKkGSnV7ea*u>Q)?nXg`pkQ~u7TIYIx}=m*Oafu*O-G%RyZ1(Ng6Vpdrsvq
z?}*gdPP3dlSp+0?=D$#@ebP^s(qjW?Qp%Wusfq(K%g(%y=Cib>ZTH0A8;lKOuY1uO
z>;zd@Op<Wci%y(dj<hjh7HPe*RHpX3{R-$ZWCL{Fjw2SaJ5J=u17i|@27=%)4V)->
z3ecw1gbei@140(GI?xr#B9u>r@jBZ|vLke7K;;bhDd)$6;NuDm4rIB^`4J5<puciE
zs55Lg`1`4|hWS^htQABBJwnjXJ<PR9qy3uNfUoMP`D1MTe$1$8L<;7JV#;^(&<voE
z$6m(;t7EQTJ^Cy?mkl=$`RQ6)i(qXXP+&KM(0~P=!5KsG%`iQ+VPWlCe--_R?Xmjw
zVI@}sVXRJ$maA%_eYC!38jn)f<A|6Tx11$9VnRdc;hP#`Nb)s0gxh?J@HH5mdWX#F
z*jeT1qf>>pUYycbSyzsKxfNyS$p)28=lNTItwe5{P9U@hP!<o@NA!OEa`!jQ=hmm~
zvoPYPP#`OmK%~Hc&VU<BQIT8Ty|iJWU-q|(kEgk@w5T1UrJs&6X!f_?`rq?9?^oZA
z<&IUH6`pS>-6u&Z3WjYHRRk?KlORnr??z_9zqT7wtLt@<L8b_R-U{{rBg5plIzoiy
z%RT%{qL(ysw}L=XDwx)1l*89)bsE!n(8ByDzn7J{N~8Y)*M77WfsRNRw=p7qODR{_
zUKRIW+4*@<&I`p$yHn3x0<4;8>l&(g^?_^i!zJDR$bK<SIY79x_12&E@M|B^e<j81
z>C;Zv-VsLr^0TN0bM@N#<sJg{`=8tZAybIT@jHZX)cxT93<##ia-aV*{9h-PP}1()
z5fB6|p4mZ22pi6GLV%avpnon|h29|i0h<~lAh5kOOi@z<-XO#RUm<*9O~Xa_`J(eD
za0ra>qWPb7>h}nw|E{yXi2l1C`64>_@4DRQ8sK2DOsG7%!u#*WY>tkLPT(&hh$zRV
zwoEa5MkmG!i2qEpmPJLF?u3d^`r<k{XpUCOfc?}QcNcqwDV$o!&2YKn=d%T73<=2g
z`Ugl7*(O>G_^QYJJH%0<hQpL$d%<#gdV=WWWUZ)oQ{aq{<C#OTV^J)NnW4j&h>XLv
z={qfE!D6-Pvz5DKIh_SZviI#Z^^j_GJbVI1_@xLn^C8~@D>~e#<Y^>@8l|HhND=K{
zQ_@$3w`UJ_*gQ*|k=Kx#q#b(O`)no2$!TQhFEJ6`Mch!ApQ}FsmiV#hNjGq7$L5H>
zNV|0o3tFg`eX)XmSDg5h5h`vA9od7*vrsk(2XjnOB!Q#R1paB`y;P>``dHD#BL`-a
z>_FtlgUm`ECPg)cbPtcZ>oQ)mPA<?B+@cu9xgVKUIm+Q{_0@L9vxQLpV}o|5f0IH(
zaVD$8%N}=a^p;AUM$3F6sfdaY8%#;_P|NJf!mby+NwVm<2Mbu2_+j|^OGQMCHzpjG
z>2wm*-^lGiS-CMEPi%+K^uEsAYGu_Wuwm~_0eY<-3)d?E&sIif9$#>|GFdOb%M8Y0
zHj$L)anK*zB^c-GuMLK(j^i?9)QeLy<0C>K6)`*B&6H%pnO9l5<V)Ztl#?}hkx$aG
zz;8`|2(fxinwpf~s7vD*rkq|{5;k$8#j_P;FjJpEC<{w-_ZZJJ--+!W7!jgbc+Qk&
zaY%JV35iZ~b8M})x2#miN>O%XW$a2m)7xAlvorqMKTLfd3ykO!B)hQ#Fi)-`O+FKl
zm_tTQ?z_%14ssH?QS|{ru4~z+t;-*&*Yf2FZ_9vDs^oc7KWu!+x6?fSoKd6fSRVzX
zEkk=!>GVLV)Qzg;_LcULs&2!0CT14KY*3xDXoo1^Yv`MSe7}T<asa9(s(lOPsUNQ{
zJAawZ>)*go*qoKQ+gR%|wgsfpumT{_hUVsMDixLy!UbKpZk~ylV22uRFMc@;`DkKJ
z2N>aIoOOUig6iln6Mzxo&AYOopQg3_?!WrW01h3L*@b;cM~6G6hAoUPLy#>x)(zXX
zvg|`W5J9xiA{#eoGDq`RB<*+Vhapp2L$wn?IhvP@-1d_`4T@QC^XwNYH9C=)G`Gpy
zT&KY*03WqIj$2=0Z4R$V<*}UH3rTys;wn%BdU84d<&7!#2}<)#%hRp$<P{2GS%)2k
zGXAcoT+eDWh;YiBqzen241UB1{W5)hmqSIx?I}QDhbSbx9qLTYrPdU*Z^N}aFuJf|
zwzG<42XS*;iVduA7*=R8iIj^3rf@iN;PUUQ0tnQTjRu8hFgOk?l?thBXM!1G-pf;9
z+AbA72xr;#`_OV(i*(C(W}OjosK-=l7me#FJ+lTRcS6}+)sqN%F9<RF<>aH#x#V39
zwin|{7*^H<zLzn$o#IjeOdv(_wz!B-*2a59zqd=q4f!Fri{rIZA3k<`ueWvqjPHav
z1-#fYkEnqVFpI{<)?|WJZ^n%kC#T0xzx7G(Nz#Cw;ZJ#LZR@BWfU%cu(-cB(oK|dw
zS6*qBE^NU1!j%8;m&t#rE)Dm;R5u7t{SVds%bfow)unJl6%Y_|>S1XMZxPPF9_0Y<
zU)qiTC!T!Sm;aF`|KIHRKPmUz|7QG_E}SB23$CMMr^=YbPRG2ZO<6=k*|M?J60hrG
zQ@6%kXUpivC}uzZlYzjm^rskYWLS~#7i?S(amv1O(rlfeADu%P?Sm1r`a-Mh_4Pss
zOgMAw>kitVm!~J>CXOG{&IB*z-gE;3!Dw%V&;K*PCn)_&WUO$u%sdLnJ_OJ(zXvjy
zWa&_4!MJy9{6JMzRo<-WlLwId%2Es^f&fwvNB~`<D$B^y+C~5N)UgfpK16IP3bNs2
zqA?TPf*^>6_O=^<BeCM}tGRymc5WaXOk;Y46*pM>r$O83#JS;4?Hk%#MLkkaCN%d?
zpwLB1^UXD}?cG8tv5+7S%r7zAwRetW<L|VznC&HKf}}#uK|e`9WH*1g;3KX6&IJ_c
zrj9EGK$f9v74v==G^6)Hiz)3~i{9i5^L1ZfeJcx=POlD-J_Kw4KS@FA6mpP_rHzHt
zQD%S=a|+|``BWS^VPOOga9{GT3fd8a#t4i5k<G~RaCjtug$uMXVkn-~l&70jR#SnO
z_FhLy>KyJ3k;zh(=(wol6S*Ig{)15|jh~{6M(sE~4PRcNlpGbN{L5RT{9mA7!FW1i
z_7a=Gf04}enT;g6yHsdozfs@<9%+lob$wmrvm2*@Tn@D<?(Ru!8{5L1?7S~@;^bNV
zoob!d8LJUrz<J`0Z7!cZyB_fe$s~&#52H_9sg%9=`TdQk2&MNz8cR^~QZIQ&{Iq!D
zSLh#7PPiNeXXJFouk8)GUQ0%$W}itPVtCvOY92)XExY)r{snSQ4uWKSL_E3aDDBEu
zO@SFg_>IK#7{E5J-aH2}$OJL2>?Cq;3i8&XtSV6e>5XJg#F$U|eWoOImKnX>>t-J<
z?@j_LwPM6E?||zk%<C45`+~6H+^=Lg=60QXEmh+xhGCu<e$o#P*g$Sx79(lM-;j=P
z#{XdT!HK_SVOdzqyVNhi@Hr(6j4Bz@5!y*O(@O*w+>P>e)`an@Tz0SC{a`U`A2{_u
zB_fb>FfnzwU;TAv_ILhQWHdAaWN@bKdw|Ela;7Y+c|54-w^<UEvDG`33fGw~SRNP_
z+Mgu*z4Z%q7{{8<C%3rwi`xw2-&g><DCF-~?zTWx(H=N0uZ96&OepBiv_&Vx#<JdI
z$D2jI-|Kn(&^P+&<$oB5P*F5~*4=;NKV=`5V)6ZKtt~N2iYChQN$o*gM&-Qo#rc7n
zqsH~j_G&$|%F@OnujEsng0r{yx0GK3Z<AtN2QC=q`bi{&>b<N>2->SEYn+Z=xdwY^
zNo<a^PES#JtMyxp@^(0`TUAa71!3x2U19Bk@F&i^R*{ZA9RK@xsrDTepT`N~GKF+Y
z41Wb7j7W6uN1-P6K?ZO&%*%R3KFHgWPl_Szdpo8puY&RxSB0_#W;36L_=!d)ys}r`
zSVmv=t*VK$KtV+}JJwn?pQ{yygK7pyRRFsD8w4-Mk9~L&tp%{q_o1sTYpD<1$eqaC
z9tALjYygEJ<b%cE;VFi)IC>@g^bsy-)jbz`F5mDLr|~mWgue1n;LzaN$OKM{R-{kV
zZ>R=yR%{UuweG$*SD;-klh)e{S2u4D?aQHe%l0H~+5k1<Yftj1r@T2x$v9$)Wl@dN
zN9x$`>Xsua3;kAn6RIOYynr%BEW!-j0Y$l@6&=modGhI7o&$gWYYOd(g?~-T`sNX1
zE8X4un8#TT#}h7~BD<N5deT+!Z;GmElyoRbRfgY;GDNMwD-9n@hTWI~!#h!rbcNe=
zP9e72u25k{K>Ts2EGu^mt)mKe*p$B*{Wl-wIGzX!(CY4RYMOSS?lDw$w6d}^4D#mH
zKdjh?=I{M9&h-4!E2XK@4ZS^kTCSC9$DG1_dZ9tPN4vd>_5l<Koef}ywaA*yw7{wP
zV-X&Rj;}N_yn<b-(wdS|ud9v9$}`KyZH=BwGjbK26lm@l8Y>DRK)LQc^zL@IsM-7~
z`XL*ak~w@^S2(61Qm?SxMwA*z(PZ1^vjlS@aj{P+N+?%2$Z#o>B|B2jG7_lB`*{$%
z0F-a3YhSzu|3;D?0L(`fEk5=i-tUn+l6Pdaiw=^36sj2$x*N}ql~3QkWTr5LDS4op
zRtc9ApZ$k8Q-4?V^Nt%fFvEn>@VJ6evGPIen&A|8$0eVeV(tbk=l9vVUW%~OfdgJ=
z%uyUUTYy@+9N`UFA={<_m5n+6n0nCp`*Y&$TgA^94lR^u?%WHF91&nTQN{Bg-Qvbs
zy;OHe$*tBj92gmTNGK(7S|sY*BVqE|A)J+m%XQhHw(1Dd@k%W-^9fPN^xOwFevr+F
zn>?mvN)5Uro)f?AtzqH^omykNcmG;mg&CtY+ZZV{Hl)CKwEP{a%8XIbW~hujGB64S
zADR;v>5?oH^%CLRi0M2gXYeI|Zc-m+a7+`2Br5o!QO^dygh54JXwcO)kv)b5$}cy}
zDI7w1W7nj(Uln`H(?$KHtpEBU0F*Zqs<DT|k~g`c8)>+zJ2{KyRvPM&wpGu31z;wv
z;qo|9C(XsY)GLErZfbI_r4sTJky=a8t4^cml@9{TAQSIFX+;;yX2bcSKh=0Y)4T9S
zMUAl>etTqjLHI?L_zY90bYDE2l|+<OS7syn6CEtzu7*YYay$ltb)zA*mp|~+z$^Tq
z=c_bv<8hkIlJnFppub|%*G28UR~;^1WE69Ytea{AX>r-|BKjnzaB5`J3^3guUYo7r
zF+Wv`u<<Qgb6TgN$CB@sGO??dI!^flsfTfFGcIj3>Jd#+R0dgpoi&Y%>%4NyzLUK_
z6wlSc=DJYzo>cSsCSqyOrK%#Hyp(%|KUKm?!q!La<fh!I$EokE+SAu%JfQkrq6?{-
z3KSH+Pe1a~7fXPv&-&mX=s2%nit?*Zee){X=utYsaMmaHcD&^ATJa6|g+8V9DAW9T
zwOUFzV%_DhL+c|EQT;uJ`s`t+n}>?iSeE5(`EyUdTMt#-4!0bNt}LEXE1JoOM!uq+
z)(G<3v@N}%GCPopX(-7wmC@E-`<ht&)DUGkGEr$dUVVW7dM`W9cedW^y_G<AT)DM3
z5i(pq5g>XFCUr#jWi|9iHtgzB=SXH*fr)EMZG$gFh=dceQD}YWEe=22GEbo?8sdEv
z#C$oD-UB1@W+d46_8(0$ZgFCGG~JIIfsv+{5)?gz187p86`#D~Jgj^%*5|M=GQuEX
zuI?cCeRlk(HAEm;EN=E)gUZwQod<TV)Lz#0iH!819e$q0Is8i|!84{Nnxv$9k3G_V
z#5ghhIpZs(u0>vec`N)6I-iAKPWS%|7^45wN&gQ2R%8AyinbG(e@4zFUgi|_FfmfR
zP1-EA4{tR#vO@kTfId*}8jwYM-K1P_kv+|PH#k1cyZLq6$FG=*Y&$?0`ES*wQzhcF
z4d~Hi7Aqll%u(`ZJPAl0VP_Ft&GYgh{I_tabo15fR9rH$ioBg6Tq~2#Ozh<5XJOu>
zaFh-64u7&gzk8I7CcL-U{f*AP=qz^r=12j*`(AAVzhZdqGe^nH)yW&lkMO?lft%)p
zFd?t~y}0hGugf+$rB4@f=C>?Eoo~n#Nr@b?FKH(_?gJjZ@6liOr;i4tc*o}}22sc{
zOf#-OvvmlF^|oOCQ*#wwAy9d+QYyt98J;YxLBs3aw}@6h&yO!S!_K%r&!pCTt>x}s
z!D8~hzPRS~VwT8}J(z#3b}l@@W}s9Z-Ov&cO?UOAPcSo)pzGW?&#!Dl>%kv48-KYr
z2#^}c@FqTZ+qDlf@OueO$4Tj9=%>vSYK-ZaRB|Y)BFp^6<N>hdTY?rLiHyW@-xbZJ
z@x!^LY^lO;#z_B7odms1OFY7yoKLoSG#a#Qp)oCRl0Ba5Ju=6kPjPqt$NH-_1e)0J
zc^@G4;sRX;=?z)oGUS*hLv6^bC8JmsOBx`HE<zh9TJ%2NtBj#y-(=E)$*4~(TKe0}
z!pGmJZeQjC(XPmR4<56fh0G=D-n4BDI^8_|!MEBS7wGaf-z`}ez}N1t%;V|^)b94L
z0XyCGizVGb;B~!ygXmPmhU^Ue1obK=Wiv89j&+ep+d#!tfInXI{W<m=(80GJtu`2g
zWz`$41Aek4S@X1B#cA*U=A3abeuVCPXwv)D7k<z;5eIFQddW}M5)Ir#B+$6xTC<L_
zW4n~{H{&^>+DD|uF19eA;7#KOocgag)9x$TvY;m}4%xIo8>~+Jq?Dr?Ec<I*d(gI6
zmrZYd--}PimqxJ-A)Lg?tLZE}IVp!Y-uU(>De7=?;wymnM`V-$Mr7#C&ZEjDVrOes
z1^Gy>_1iPz-CRo)!6eY6$Q%#9>wfX<4>kDTcQumygp&LqTifK&zjTpZT#0mpOYcav
zWu)mN$OX4Qkys<fp;M>Ry#KY?D-sh39Q^|$SB_<up2@%%&BvGKYU&2CS?%WLCXhO>
z2R!%O%^m!W6j=QO?Z3lm{798R>vX0Gl~|1EgmL8He*){Ye77Msl-S;MMq#?jRR~k=
ze|rH|Ed#@JN!B_%PnQ}(Ke-Ft4Pcdl4@mrBNKdB~eKmg>WvMzt{WpLle>h#?%dKm5
z*hU9Vq_tl%b1^=t;+7>hJz&AwiT1n+lBzIAf9kfwZcmt+&qJNfI;TLl8eqLeYi@=j
zmm(M6-tkmN0|yN!bjOy9&1*K6?UR*je94rwy~i9>4~O3IhD*1D@lV-C()K4Ut0K;2
zU=5xj=Xu1b#HKq~PF@af(-Kkk7czr^HSzSiJrykNLy1y<Xk>I$RebwuOo}~2YcX;3
zF-hD0xqN5=J`6^qS>pz_G~KG2$+s(-O3L3}3Oi#f$W&FsX7zh3`x>cHYmv|_-%}(O
zm&BkHT8baKp^|>|gT^A>@^1o$BDP6xx_lbPk3#yoVc#y>24z|ObXFV0fuj%=Y0MT)
zX#awVAweS+F)}4RNh*T}9jc*PJVqqe*nc2>7(?O9J#WZd@@)bWGx@(m-2kTiDfDfJ
zs6)Pqco{dm!+yrnU_$%|;3u@qLg*9s=8oU_K6S|-$9TWh(r*?^5KEQ}lfooN1|i9<
zXTz-*jy2gtyiFIUFi+^y3LBi-!Y8zoNsfbHbAPy`F&D8vRAX^<tZEQat$nO}6alIW
zwXveTTHqXsU{C2gE#?3IR(5d8sxWEcq;fIvDk&hmnw@abA7l4SqGZqM>T`~T%T}dQ
zkI39dhH9oy94vXI?Z58o{MtrZ|C$B?X^96(XHf(4m=#MM!{VxLo}Br3Ey7D_sInO$
z3|YUMqgN7JP|FX4WB~yqydVOZy7*Zn^qQ~328095^dRn7HDk2}3o6$;7vCWPG6_7u
zAV9GM!%$C2r2WUVGQ<`k5$oz!I~SH=@hhMLJn8*w#{fRCleqR;=IIRaM0SGO)0rT(
zXEV5^B_y@DAiwsp6s%6CbTV9Aa&8SSbnFAtyW1r;>k0RZ<bsV^^vrDkFg}w~CE^+u
zY$TIMWZPfUxHXfNk{61%TToHiu}<pHvwl>n3t}9=KUipe`(2hQS-)a43^r?_&pZ%!
z7-UaaZcEL+BTw@V$#Qa4hK}CBmhPLxyiAh&K&pqJQm-|_@zLVX84XRBaZF`yDkMd0
zN0zML9wOpvN=ZIgfAa7qWsZZUDxV$zZKhU<9sJR(WRUD{D!@%D`;<^cf8#xKlSI~E
z{7@Hq=-F!&`wvtwKcpECrZ5@8o}OOnUi=^>h}k)qA5Dw-OUJuJ52*J7C;L4wNbh4o
zLQ^nJhz;-60MT#Fi1kWKt6uzXjEE=<<dk1nAwXqdw{JeHS)~^Z1_oASWNm#9fFYu|
z6`802Ox7ZtG0NXRa<s@ZejZoUq+A+52?~C{gMUn;3C!A*qI&NnQMK<xsBS!)N~OsF
z^w!t`?OG=~?|fEOb7}k|3%ADUPyLXmCR~Yiyp$w)sW5!(AZj2!&Y`R*!>^6`x-1@B
zv2>9Bb_u}8v4~DJS1G3n99Xb$tYj(zE0FF01Do3^QFAK54?(zQa-@p<Su#F5)!2}>
zi}?eAu00c6SQ>QMWrx1y%l6)era3u4fY5*nrLW4sUsuW`0*7VRg99nzmBC?Oh*Ilp
zlHWT*Y<oUjWn&QiuY@J)bxeAm_L<-8c^>vOBhGvTUsysS7S3IC0j~e6z3&ccvibf+
zQIR4o^j;Gw(o5)y6zNi=7YS9W0qIRdg-`{gHxUGp8fxgT5Q-pOdXrG48hYnG;r;&p
zxOeW%@4q{D=3X*GCc9_P`Rv(q&hE4Af!Qb_zE_Nen0YqY-Y3OkIBxEr`^6A*kHzdZ
z1qZXKmvczW(U9D%vo3dP$X<AUB^>;+s5dIo#=mimgmoutFor#Wy2ZU6)RAOO{hEjO
zSt<JAO@C%Pj!~;yH@LU)1yxz%r?hKIl2G3w{Pi$DV44-=YGF*pfF9!WM~T(NpNZM*
z{`C#2w|!S{)a4i*#L&sRj-Gp1@!J?8|9ZJhI<SmV2J*HSdRG0=NhRA?eFJT@C3w4~
z#mk)gcWJRUmSBR3yX+qi3UHs{4Z$XI?eZwi2gC3pQNPsGviI=ibqSr{;!}F+vVuEC
z|CrrD6CB&eL{0OXzVupD_f1#gTlRMT5df+DL>iV){a<?lKGsJV!jNXO!oD8rg2&>n
z5rmY<FBulv6sP6Ncanq}DpuGB92@+h-$EuLCE1_Eu6K$rBfbxQ>-<#z<+(Iz<NY!r
zU#7f#j!Lc%by16&Xn*=!AaVDA9-2FU!?(4PM3sNx0;e+eA^6^OF<19YRmp>1DpIW{
zY_a2c=t%07xpGVlvb<AjK3Tow=E7Ob0WmL@%(pR0K2RND)=#)#t@#DEiypbM5*`?I
zH}fy*XOMJTGtKWR3&5McXG|DpGiT8(VZZP5&(AbI&DjT=Wws3ph0|D8PVqQ&Vw=x{
zuN(B*oN6@rZ3`k%j5C50MGH{DzTV*QSYi3VA>X$@Cni)++sK+a(|p68lk9bNpLb0+
zr+fu<%20Ob1(z!x2+*nqHy@;WYE`D&xm#OZxF{QN$%b-q>c+J$_>j$GC!x}foF5<s
zS2}^1wcXjGfZ`s{jhyLo)StgafrR`Q#0n=nZ<v@7Cc%&vQL5FPW;;C9mNr#39ZmH>
z=~UNk@q&KTfT4o_aR+i9EF=xON(i;iS18SCf-y5AhF-LS_UPATWqkq%`s6$smk?@*
zLgmAP4~f=vBORTeK<^%Ar+z%X+PSc9n4?>JP2LSkqy*i)b<+=aGxQ-&h9(>N-6aI!
zt(&2;!aTx2+6M@j{4UVL=c9o%p!7qw|Fuxyl)9|Zu9l>_=c`VNyKey(9@suEVCCw#
zb#vk35dB5;6I$@kM^5s)J5><-mMT2y<-51q0=58XfEYiR9`L#5{1M;{NaF@RI1B?Q
z${Yy!T?c|C#19aF5eMNK#D9S41m5|0yv!iKy%mqE!Y;Zn4_%*i*y6sm+{-eeciu38
z^1US6__ql5?Z@M`2KUzQB(D=N<JR7}%=RZ<|H}0hQJ?vH?;u$Ui4hK9XCe4c0o#wh
zovRL2Tc?+?l$h}%SpibUu=Zb&g?+<N<huTR;;W9MhC#pKW4@;9K%KVegDYj6?z%xa
z5tLSzHo@oJZaPHB9iibjT?byiG`6FyN-<>N->YkE-%zUBX#6~ff;3wr4F_B+>8{nR
z6R4P-Its6^ElWbZ{{ri52>;%+Lx^t?+~yQZIUd-;EfG-=(wdzC`BynQPY?lT7`1@D
z1GHdHN*l8Md2cw;rp&7(<EH5I@Mg~-Ck~Cpzpb6tj>?bFpJl7c4F4F5Cg;8Ev?I2k
zAm?TF6g7XNf*|Cw=lC=O=7{XJyFu^FAwom+#{QNrk;odsYWp@ptIL+uEHfqL)2HuA
zmW~Y6=I7*@)pq|bZf(ERcm*M$7Q(H9`X*{JnObA$C%GB^k<WXUZ^M0SkG=y<nvI}U
zR=Qm7m@N6=vK@ZCOqyYhfv|f`v0j{c%MU+;U-@t%zXcJs&$GyoNCw#o{nADu?oqRc
zZ?xoX6o0sVy@=o*i`Y^4@szHW#bWW*-*1guWAx$O?SbF_su~({=g`$7Jd>0QEiH(z
zmog;3ql<?;9|&wa74CjS==*pUC<H$MmT(_}FFiGzz}kPn+nYcX0~P*4x9s${;g)SN
zAJgf4WN=Hq*1)oeX0#^BH7DE;5n;`9T45ynYL1kDlgN#S;P(i9d)Q-#w;qbljT44e
zHYb1S9s!$Ejx<DuMpg7Wccg_|vN>-6tb9HpEbf`NUoBqQj~O5zG^v5XBgGleCR=vm
z{ZaqeTL7TBP_X5v>cWg_Exl9kQm!)x2iR;;qKemDV4?W~Vq^&2XC1FhC_FwwKkT*r
zMs8&O(G#zQ1MPr~jGpD~??dtdE8-@<W|7l^&0<b|{_y^6lWBI%8BgufxO=+im7=nF
zJIgYMlDnqG83V7Jz++i_P5iMQRyygkmp+nb^Rs~uReO0);x9*Oe~{!l-@_BZHk`a*
zj5scg`|``MqfYPg(rw&Ry*2-%A>tFiG)?JNI$~7WP1i1Ym|nS~;f`fniV6x*bDH#c
z@ZnRQ)o>v!B5U|7BHZzzyW=N~E%ajtt8nKzo<&2RcGa(^?Kgmh^d=UM+E7H7!kE$E
z=?zMX+I`A#t^;gMDJPm?L2*>`yd++h>W^PUOUjSx+R)-(JnIh8y$9IGgC(Ki6#gds
zclPg97i5WztHyyDI%|bepmp^+`&{|#>!J)N@%BuS1z43EfGuXxbzQ9&K|k)r_qz&}
zc{+E?W$zuZl2OI%{@P%ON<*o~d;epuV@18iSYkBYHiND{?0B7xUiX4O{weMIyY$3$
z9_hy`vSSupy+$vCATto}+Y_u4I^dnPF4fWGdshJ1#RtUrfaQxu1?B=rV%Qw8Py2rJ
zE#*9U<!W6J-{sO97vf@S)3Z;dIzI*dYz_z?^E)nU?6ma|eqR>#=D11lCu9S^*?a;E
zrkU0P+@~A;=dEoFe-1K$I$uMu*RN7b0x7bXdqaM8CP)ABf*np8yXN6zM<!1+V&YdX
zZ+({~no(zaE~sR!CLK|nq9v<k#wqTBe{Zky7D(fo--|nOrMYgy;%Y@H0s4ae^~I^j
z&HNHg!{UQSq}Hy5mGT_>yqgRT80yEV=s&VUdB6L!lGLU>a*U-8Ag8^b%S+NyH)w&a
z4YrtSv}}RJ=%-BEGY{<-l3Z!2wIVH#>Tkh{gxdOeJxbR=as5Rq77}m_`Tj6|Plqez
zW2Lo9gxBM#DU)!21=Xj`-Z!uLyh4i$ZhKq$yKt!|`ux&T&f&<_IcK%3LNAu0-n@zA
z<1vWRi3GoF%^ZZp-peJO?CAnG2X>8BAp_P5lo=$(1&_F<vQ@PJ*TfTnGklgYu@n#>
zPtHGYa^aLpb<ivmURo~VZn*H9MUI{<pXqd^aFepDz26NRVy<cgsU~3@h>89h;I?w0
z1oNyUD%%OdC!%(E0oCKe7j8QT&eKWouD5XjRR1R6a@v6a@j*V#m$oeD_P<dhe8YHB
z64_x!D`?pa{qU+Qy?P?MdUdW=kSVaYG^B2k`z9{dknkF-4UJ-E);^bgsm(|Coi4u>
znKgK}+fo1{W^dm_QV7Q1(#|<O{423KtzU?hy=jYiAcCdnYyqEaKKY5pv~vceiT*&(
zJ<~LIrr_u#=8BIV&Xk+pew6d%IL5)}#hq+5z@NmyEqZm0Y)1r#aY^9hm5a(>)96!1
zwS%};k;CEpnloOpNaxC$+AQ*7D??5GVh(RCaPn{Tf|Mox@q6vgQ^t|g+xj1??y>G8
z@>7B+=1u|can>|H#E<VWMpO@@1N^2+?FH|+A2YX?tez>aEP=;rsODQ%594&C>Wd)z
z>OL5X457%ZbNr+9Ov4p!`y(?Q*RJ2cluScZZ2x4t9)C*I<WItsl6^qbb)t=WNuLQB
zrs(j-cBL8T&n9PYi;|^{FRniF3I6=N$Jvhat(fReg_T5OQW+8<ELkVGV75Cz;;DKD
zOuBCJw9L*PaFqshh1V^H$s<KC83C*^>ApUMHb%V0vuS+q3Nf0p=4btVw=CnH)X8#q
zg2sE^PNa^HEr}D#5rg9BOr0LIbu+cfZu$H?izrS+V&<)3z?!!$#w#)F`@BcVcA$xM
zXC=aQJNu^aqV&{PTiAe7T{l|xQbN-2%SpD(I-y*4=1C-BkZ3Vi{+49(<V96uLX#Vp
zMHYW)xl0%V=o~Joyeir(!hZolcymxtt0T!ab+(_yeyg2dY_3<afv4QLN8#nsdn>SE
zfuCV&s-`Gpes`(H@m>Jk6=ex?H?u(PKRAQzMl(KxTfBFI4LPF5o<yK-efE9ZJKAR)
z_jnw`?J7yP=Sk35;13+8-Xkin{G!XXLZSH6=lE{QP}XZ4iaAtd(viic&RsRVNAGpT
zz|n=o)uY2NmSG`P0bFif&FZC<%6g-kq_+7d%`DgAayqg22xqE`JBekg#cp~7<J=3U
z;(y+gr>1@=Q#FFF%22k{M<qG$xXbYY{*Z42wv1}51MRu)7!}Xgve&aTPY@bWXdKPZ
z3Rw8Kq$6C(RC;@Qh*-;IBdj;Krp_`pc^s>Nf@!|0fxHFPoY^ifB8co2AW7iViAK}D
zY%;Hxde}d{-w<(xkwnj7uQj6wAlhFdv_9HrF%-PoQt1tiNjJXu%cbKuob8wPA>8xO
z0mJ*KJa>7O;Lu@9>09meyrc>wdoXZC(0wUs)C}AB-U%~I**}UeBz)atGa?+A-;xX&
zt+ZTrL=1?t=H@Y@XO21*--|XE)U&QSYISvLGD(}7ny%lS3TR<us1cj4x|DYhnUXWK
zbF64(V#*NqKhEDtE75v$I7Hi=mJA4Sfa!hL$_(GWbu9sr8`{GCK8&EZ%GFxEs62EG
z#lwtz=ge;#YKTS4PN|ylN!r3>9DY$Qy?0-U3|e7p_)&O!25lp+_$G84nYL}77^IYC
za9h<5)}#4#P7$;tZKbD<Qw0gAa030z)>JIg^+3$FS_Ks<C-%H}b>x!}{GZ&6{1%-x
zZT?&PXz%Zpe}COSFHS|NmxwFS7SzrgLM)M48NPN0H0h}yvjqXm03uwbp1I90wV$*Q
z@ssqml5FEet)JYRCrqHIkIsW4NEqfOMU2I~m{a0yc|@9V@tiuyfeG>-9roTVE#k7Z
zOe{~@6&w}&D{XEQ&+t*R1oD_s414hS?2y^-bN%Qkupi@~2*FR*e#Ia+tQAM7MC{@H
zsLnRtn!Ec(8fEyKuZV{n-5n|s3zjoWrr(vh$c;(hV{DGf(XS%}5){P(Q%^)#52v%Y
z#m1Gx*Mt~$<>Te+wrfkobeb=RlLR~&ZraIcx|9e8l#_itDDHCu6$f0UfiJs(?R&Pc
z)Z>A?{Ll|O$q`O4nt0lrlEixwj7(hWS;wt9cV7_oqSYsJC$UrfjY%140%osV(@>Z1
zh9vaB^Wa>GpXjFL#^Kojz)IObs?>pq9C8tPzKjVpdJ~q%Ai4@(YOi*|bd9`~U2GG=
zvhb4?r_TGlbCTb9>({v8J(t!zF!!&X;#v?=+uyW%89E|m2OJ31cfQU1?Z{7~4VKIe
zR<sT@nq0Igt1M^^S#`S+;^Cf3hwEW<|G{2}(ZfQU<o+R)|02|~^J2CJUtvYCsoDD4
z0#xxIV_O8pu<~VBz+F<;4M_qG<OAb+D_}s1Ygm%!xIxJcT+an40y_2M>hgYS>Ohwa
zAuy=LbaR_|QfV@!#Q0F+<i%@fwt#o_uq+_fxZb$$|I*wA_kQr>ZTlf+yAX8izwZ}W
zTM*(8ZYwZ%nOzU9{lVJM5Nu)7p)2*kE5^x{oi9w|<8!R(3<2(Q=FADJzSAS2at;gg
z2aCKn01bzLx4cZu1Lx98v5J;FU2#u!z7{^c3fy?{XsjP>XI8b!|87t6WfIW!A`}vn
zX)e$94>Qab1y-gK{MN-iW3_IKD@d|R?uZ~SuC!*}7T*GT_Vcu*L9^BS7uL=$8RZN7
zrLDDwNK%C{wJsUdY11S1E1Nk9IH4$Z&`W(M723~HPHzV~y5|qt(L2H2n+PV2(lqtS
zuC*$Y`63TZR9^6RVBK;UF8$P-7*_hsZM|tfmRESfX-7UtVo%pW%UWmd@5knvZ^fR0
zZ%TzhK9gO=>%|1%)f`4RaBbiRL_6n}p}l-xW70T_9#*lY$YF8)Tt(P9>&Vl=Q9sC;
zy6ZO8chjwp!?Nnm{2tu(8kRQo6Mf!6jy?<~{wysDVh)|R@o}IsTC)qK{`lomzN_(^
zu<V!0baOzISoFB?X`oOIAE$L8wFaX2W{;hlzBE*a>#f*MTde#!!VPKCpn+3@>weqD
zS;KV)Pm@EVc$zIH^xNM%NPpC1Y6yi*qpQ_UUg?+=KL^iMOf|2JlDe%4blh{rJq`V>
zf9Q@?d=%jL`;+At65am#KNV{Q7jEkZF+UOk@5^w{qGNUuH~A{*_HBeO1XlM@E_R);
zG+=L~ZcRlKLBO`IMiGx_U*K;xdCK<ov}6BH7j<k!MZhxw316sBc9xz)5)9Vpv4al0
zH!k_)1)oN%Xx7I|^JfzyT&%mjckN6VMhRm_Y^}Nnx$wwcGqncY$;9YsFDD2P%ojUZ
zs9zo?jpDzP6kOUNoo}ntlTb%^*#kYW0IV!)B1)>ARGJ>2tQP^5dC>Kev^ANnK`XHT
zLt^p+4p4}cZ2qZ9K3xJZeg`pnB;4caM*nuE$VtzHMQGe)n}TNK&$FQE^%C?K;}PGD
zMB%bHubM<-u>f6h8dUDAtD1uuZ>ZBG3nh17{Y+SfIgRcgG#-;Oh!cd58%e;(*}Z@v
zg%Wp~v~?Xq7jnmH7VST~u3%>BcIo`);4r{~buh^GwqO&-9(RVZ+sNMJ${_Hxc^;#G
zygk(sJT}wpz1Q1%0bHY)&eQZR3*3^gHn?#BT!i6uJ7H;bM>WCuG1))y9QuOYG25~+
zBO4&Gln;o!gyO2VVxH#Xl<ZdLP{>@vey&)_yCAJi>rUo)*)xl3=@f$2`rr4{jhndD
z9)vr>fV+@p(J^nEiZHz0JE^G(ey<Zv7<ug$vd<^lAX=IJj}o~eIYg0_t~3tjdRqY&
zaVasI_{E(3kh4^Ta=oNHq@kFAyT}Z(KCh;?G4u5zm2VAnBLb=&Wm?<JC0yCT)%VW8
z7UL)``~t&B4T{qOQErxhFxBc1`}z^2D4Mx-Ds95_d}va+8-=KfshA{{XjHn~{aGTB
z(N>xYPGS*YlUr0be>CznYTrMGKnU*P)G3w4cK0XRrT9o8$DCfrVF*gTNzUuEdj5SO
zAR#f$cr_)Nwe*(EO}))OjR{6CHD>k8elJCeweS<+DKQn^elT52D`a|Wwm$loEe;pF
zs^*ad_U50UHHhouDlVwjM+b!>QAAAsaQ|CZ3y$y9yPe}tSf<s!{CGqoDEZ-Djjoot
zj{L6&KUV#1%-LL%z4V$D=YroOZ18J9FY*Kmm3Je8SEKhe^9XOPnrGAhsb%~5mgIq~
zukKPv*-*4vYbkWWn*2MMMoCvNGTZ^D{yB6r?fCR|ys<+4&{3U{u-mZx$EZ&CB=-n?
zhlVk}GpV{)(~m3}T`zxA6=j+QskuSB7Z+3uSAKzQF;)!S0T=kY4f(lsAu%o`6ou~5
z6_Y~6pke`shnG9)RAx&)l|@8$PkS|G4P_vangg-4^13Bovy62OgY{!?vgs9rc*6~|
zfU)YKDE2QuF*;kt9!9$%1o9*^zI<jlN>AfPEiBV*R?h<_>f;WsE#)_297Stzy-FZh
z>hJA|Rk3?T4%+EQQ)`|*%3;%NrsRF26DA)e_D^zhR4RhI)-7IC*o^d6)Vbv&<K~1i
zrrQsf3?cojPF^?Dj;AHziDC7_Xw9EDU8obwbR}FfcIA%Nqu&X|k0qvy+ru(ica3&C
zUwN$W&ivw;|C-Zusrps8I1N>Ie!QM!R~48rz9K&C!s7qR?f?(m|081LMa|Su()Lf*
z>?g<;`X6b+;88~-iykmk_>cd0&7c15i30W7n?F$ysT$H3ljI*POMR>HlsNwMNIX74
zYZpiLc0bC3s%r%<&cAJXV4%r#w#NN}&rhwXDtEuQAN@0-1G16-qf)z*;77)2itYIy
zX&x)iD2MZW6W3qTSO&itkv^48e%r8)RWhF?PEr``aeTH#yoE=7ZtZm8Xb&|Z#2LS4
zS#wZ8ji{e6Sm&$cKO{3eYK!t)gLkL54tX_6IL6TR9-bx%Q#GbR@$3X?P*YK4%tbeN
z+lftyBZ<tI-@e}!1GUT&HnDiSKevKHax2pG)(hBAlCfy>XrR-7sfZ&3t!~2^mi6Ad
z%tv~8D_z}?NA_x~X^?yPB<9Zx5B~8!U=rNkQ0zU;KdXmmFWn@MN3V8v$JDaLSqvyD
znyO2Pz+biRHAy&EwMu>I|6Bh?k7uRE)J}^TOk^U%kaUIgxm3`y^TWFs_qSoWNkcG|
z5M5R#AYC$b7*=H6sa>QYGbnOnBt2m);g`4m#*+`X+a$&5@TKF?C6Cg#&MUy+^eh)e
zJ%~!eCF+P;`QiAVG2SRS)y<9OAT3bf&XVsLQNJsvRl7O2pj+_7<j|n0)YWO%%*sVo
zDPBO*<I?2au^`2HG3d`YnGtlwNPkB1obcs`!D2u5Jx*`Z;x8U7@@Z9gn?a-|neGIJ
z;V0}e>2%&vG<(B@#h_1f(532DX5+pnh$C!54&>vt?XKWl&J=V!b>mQeyELq7>rAE*
z$WjL7{CVM0dc5W;imaRL6MWt5ig`c)ceWWw69Cu^pjZ3%#f+!$*6;b4jZBAr$zA;^
zb)C-4Oi<bne(k?_JQh0QUy&CEes2LBiXaUibz>34^XkApII7`eW<DbWu$zfBFt%1s
zWn|oYefoK0Yj(xH@qjOgcMx6S%=FSntQu~rD3>uIG{qo2LqMfv&htKx-e;^KlB^Ez
zm)t5t(q{x;p6CX((bR=~YO0z_Na{Uao0a!Yl_`Y<Rg%?Zptw#ShVya8`?PrSv{oLV
zkX4T_arVvGiHz-+Z)UE7^^(Jy-?59wA7yyr*BhKj)Gijaw2^n+!3%T)g@kI&EbdAh
zqzo|}F$u=0a(y8QlKGnc#)*q{28LN`1Z%@x@bI+GhcZ(x)*0y~Of4p3xGW`>WhA85
z&fqU~xj++Q@Ky=zejJCw?T>I7NE)^h(FIP~(&r#Hl2XTe4K7RAM$sT0sSBGs8UIL3
zX7qdyaF*ZG38{Zy&ME~zeI&5Lc<@tzTQok(quJT=&Vj&q0&#r&+VN~#r}Q11=+;H8
z;$&+z))x(IrT)HJ8K}BXqvsPObCSg%HMs=}#JlC}Ic2@PUUhDw-j<=W9~r^on6#`6
z%X=QFKyh>GWh!}&)n2%{8z!K~amUXv!Zp=*L&p1uF_dA@j9xIc^=&YRJL>~ME3Sg-
z!mAj>4IF0o<tLNqED;w{(7V9=%uZyfR?`cZT2fX0OXWWvV_HoTAIwSR8^0A4z9pW*
zRgzL;#<LAmf$Gz^|5Jsux6SEHPg_DWvwm^j38TdBxjJSGuDG8PP{3uky&E-?5iy4p
z@K<C4<2?i!A;bmB+){kWT3EvSlovJzY+8ms60LsDtqkiO*QSCwx#)3uK0YbfmrqHm
zk8+pagUvA^rElPg!4IAVN;B%PR=LIAb6yN-CT$bS)V5nwXiol}LI1c&f|%tFUOFn-
z;7CL42A(4@pPi1|?>`94X^G*^F?|AN<Q;KmrXGUEyA%lUHklnUf>gw~Z(OQXHsS^D
zTTB>ux&TT7hX#NWApAk#tN_493pn@m8aS8(41KQ20hYLvSpSj<<M>}o1IU1F`?xYV
zvj3F1N`YFH(7K9$LIp=w(Fq9yM8%kQrS?s~#qMZo0;eFH5>N&*pcE)@Q`-15P)OG0
zBDbbFD6&Qr9zQ}S1kVyfj%*2OZSHzYW;~uB=H9V#2-}&&9*(eq%ka$ZEdX51X|-m8
zf9Knp4cL9@_=8Ocaqf-`sUeyj#t}`dIFRY6L&Lp>CJfg9GIOiHvvFT3WFb-{`s7Hx
zE^U-hljI>N<mND@r?bO(l2)gy5BtzV>g%uevtTc0z0Zrh=X(kHdlYt>axEw(F?){$
zdV|ibOn&ocHi;bL7dZV4qFFmCjF@^N0xHiK(;0peF4o%~&JOuEC!1Zmsp|!C9POy9
zGoH>pnG4a)_U;c*q+R|o`$N<A)xyu=fN^0VK!KkSe5z=3rv6BjWZ|}a4?>nSR;k>y
zkQgaXuh*Q{yPl%?oXdUO#{kndI+Wq*z^d*f=Giq_{|2XUt#jR176~Ig3%e|TJnC45
zAq8Y>0@-82P4~f)tSb2G&QOsM<(Q?jMCVi8(Hwq-WDz3>jiE3cIPX-}FD`f1XU~|^
zhJKBBf!Px4@S=`Fk)C%fZ%IH-Z3hGA1yUG(sJ>z?KTHE}>y$wVY7krRQd!JRnMX6w
zNNOLnkMrf8)l(!y%RHLSVf%R0K=>5}2p?R4@G&QikM)U?+`5pL4;&77q{BrtG<j&Y
z=dqa1UoQKxrp58efIRJknfRs<#ZJZ?)yGjH)2RD`36e(H)|ehmCjBVWuFIFg)sB2H
z*gt47?BV^|M!Ou3%kO7i;e5{8sT!n|qt<~kkX^|TD-}s3QLmj{I#gH?LvPfq@9(Me
zE)iy_7K-2#!A7@e$=!dSt!#jaFa6r;-Yi<1YZlfyzjJ$ZpHq`071bZI{WkZCh1%$7
zBmT>fUbYDTq0doG-JJu@_p_8@<$~VQ_1UPlQNq@Ad8v{*b}t_}k*7=|EF}b|R-{F9
zjXZLoCrvo@oz#Q2ZJ1Z<B2L1_E}MgduxAFc@`WVxn!;4IlkZQhI)kf{6sOP#qmIFc
zMO6B<!otrnr*0Uz&TKLGiwX135nRJ7GTu{YqnqmDFF<5eQ4|*;B%G)Szz;`&Bcdbe
z&}Wvx#(Q#8LU10T!=Bo)D-r72B))oR@A|FhFu(yrU?3~q5nA<>i;FMg;MnM-u{Q`K
z9?w$62T6KPMAwZXjD=W2EcY^4)BK(VHcKN5NaiDn$kOCwzp|QOrU(H&3xh9zfomt#
zzqq#c<r#>zN<4La5rc<E8IOBMz+4|6b$#}~POK1yt1)0T*Pedu??8=kIB*V!`wu8L
z^*U($8#?|AKw*us3<a$e;O;=RPz>sTqay%EzYYxl_<i$MJAd<EKVf#wU}CC{1O3d7
zYeD9-idd7vDloiH>R;a1F-Vi-IujSYaAE0M=zpKlx(}|ECc(u#tU&riHVxL>Z6=4F
zg{5B};S$jFqh*g?#y+q$HX{QW6i?PVSfii}JZ%GZJ+C@;pruh)ciy)fqte(2;jZdS
z1^HdYI&7w5V>*9o<v{iqXisOEanxlaU<q^DkJ4-pGPK3rG@Ld_IZuAa7P@2zr^f&-
zbSHX+EFH@5v=0cFfHHOldBgWhH>T^nrgJpjg;*vS`06bcg#f*-klU*5!Z#6I?3s~X
z%%C`7ueXMskewawP3<#x!OttEAKtpcAG#pEEq5Z752_1m?<EZj4P$;4z)699Dl$wy
zjo>Ra7!w~nVRru3(O`0}Yh<YI74}fD@=XfSJ3<cM$()KENwqvUv!`ccbQeBXaO(+N
z%@@0rvF{;TMpB3@?bz+!ef6=<DR2Iq25Z5+Ty79-THICFhjCmFM31WXu!>-RQHF7k
zp?R8FQv@v<3|fxed=PO4U9bWc?1<A|R}w_{q+PGpgg#2OSh5m}oH+F@YMKmL+1GoO
z;tTWi^3NNN*c|eAVIDX_u}t=qrlvX1$p!Fbd&Rw9sY(jy`%#ZN?O!ymKtD%_!z0b5
zu8tlBAfoadpRHq+oow5AO0`HNC7d4b`Rrtx#-*JYs_W<UwFItM`yd?j7-EP!_S}LE
ziUd}}EG_SkHAD3qyqa0I@`g|$`@c+U8A=I8M|}8&jbU0dmYB5%@Qq^xh)g==6(eJk
z0Yetu5BCABI#!Q>Qxo+s7-{%?TJD?|=A*oOzu5NJa9;;zE)8RVL}$4lH>e&QidHQw
zpL3T*L-4d_TG5FEt>(^D3b}NA$*3`Tg@c7Kj^F_cbKixZ=i@xj>N1WM3lV#HDiUVV
z9`1-P{TJBc?ICk4$~i+)q4e2~I3%bR2=5LWvI%ic8(RT=hNba9J7NwOYK)KN%UFXm
z-S_rHV|=AisGuz9+46Y!q^|>F@2c|xV>dO<X&TnsoL3ayk;Qm0!C+p4ehuyqnxx0*
z^dCNe!()7#>9Kph46fSI2DF?#M<c)Vf;}%fL`U~1Kz-YkIf!l=JtW$5gu)@6aU+XJ
zyI1$z6jmJoOwwPXCUYSR>$g53uG-><bGH-<_>y9oovz*=PYjvPr_C`p>t`us3S^tg
zO$HR@>UZrn*2Sqqq5{+(htKW(xG9D$<~x|(3<M_y>fvdTd_p`Beht1eh)$+^2*P)S
zX#goV#E{%T3SRmIC6I!r<pQJtM72N)Kx77_{6Al8Qx1<GiBlV1vN29=cp4?wN&;N)
z|10VLcDp&kt3cx{86Su^ICKA>Tk`+BxnHJeHTlfH#=#2GlC5yx38_UlTA5<-lj)v^
zgSYvyp()9}N39j;6Dl*<Ya=&|f&iAWydJ%EU)~XM<I)<$8aT^6SJO_pGa2&fB5C#?
z3iq4O5mt_v@1cjZ-tJrTRY2D1v__^5yanxkIX5>ePy@Gx(-FY-D2Z=MKnah<P4VBn
z#(Ojdbq@Ktx^(GoUwD?eEk7$t$r<WXY&zhHUqtk*Rr(-@zW&4U-`~I2)|PvZIIx#S
zmv@!kqF2C|4LjT|Ay=2nx|~>Rc5IwBi~!3-S-wJfmUp~0&4rz;Ydzs3r=aZ0I4*a0
zFvR$Thqt!$b6ai+V(r7xGP;<3MeIpkISCcOjRUJ-)tZ$tjtE1`=zy^=K0uqFo-ZuE
zgf_IaT*e(btj#Ma9nkij=~FbdT*|VLDg;-QgQC#eUYH$rY;)qVFSK4(s=h&*F-}!7
zF9Y{>E#ReIjg9je@*$V!1QfbK;tf(u+uIB~ZtepE?rti1*yGLh^`#{b5n1`mr%lqi
zl;vCf5Uf8K%l0I*wG+ID{yVH2=q<q#qaulbxg*<CBfi!K(}v&1Oy7Y)uxW|MyB_x!
zm9Ui4+Q${`>P;=L(I<t>3-MX%n{k*-7!n}w+*Xe`;EJVe-MOsDYegTv!#qnm4!@5K
zh}qI&inPoAtBNc<Hs?8{2@|Fm?Wypbc+6CbaLN2Dip|)k%!v1WW(AqsT|~=L?nomp
zh&%3e5Ww$WYH>-ZB6E%T!5rU^7dJ64DRs`(m>e)+=iIf*TyuJex-9gHxP*+3Qsls}
zJjH#0to|+>ieQX@bZx=gTF_uhce(pm6?SaY7;y(LJQdQW$8?`2YA7{g-O!k+zn0Jh
zaRC)p#?Zb)GhT2DSY<<@>h3y$Or1d-Bvi35cVRk^ZVd?^T0~2X{4CM;eybK!%SJ@G
z_VGBvhak+4d(K6zByKZU7ja!b+3F~&;*L-oj?e2JZ9g8#5|QVaYlHnMd!g`GFaK_*
zoR1@Dlc7zr?5$5T`#{z_wNx7>Ou_)@ij0i4mv^uL@;<2WGIwnYWjJkQozHkrF0>!i
zr&~g{b+cnZK*fgRTbi{OR56f;ylX(Zfpwyf6Mo5H=5Ol|j`_=x!PF6oc}W9_MMQkl
zh~6WGM1*&-9#Gf1fG?#k)|D<Pr^OIP(p=t;v8Jc0%I&g4OdW1KZu*%fno0&QJjfss
zUKxW)(2H}O<5i_`41S{~CaJ7}JJxD4NfkK{q3rm9!P0#|e6<Yg!m_wAX_NP=XU2fM
z!P%;?z3%OL(vF4c*uUSa6e2w%A?om0VG7-(KT`bUI)GK+%g{qA(~j$#q>=RUo2eR@
zV-=))6>+%^s>t}hwgb`_K;UJx!bVDd<sBj@sGSOL>qkdD$-Kz>d?JgL*a9U3CfS7(
zZvQ4}q0_of^HzkymoBdpD7M}0Z~!5|g=K5$T2a^@{4ya|?R<YMRFNj~H5>z2WzXA%
zm*l--@bc-mndnKV?oTw?lcsnLK>b^J*RpE>q7{JymRJJhL-TBaBwnLwNEOB$c_1fo
z1>DH>Q$TOC4)YKTZ=;JveD!#{%;ZLw90m<Tc~SPtxY&b(jWG_ch+YTp;GDr?<1S1m
ztW_5p{S2@H^$g8@rbE(zh%0I~?`b6{!biIg8n1S~`3SM+$8jmLqC>meQMC!$<;^g;
zkA}q|R{<zv@7rE_OfaKKF_POHV~NKHvFE38mmKz8nzA|QQ@)2*ZMr2?thXb>I!J8_
z;eUY=ZL!<~6+RQJXe<XQd7U=qgu6d`@{eq;2J#EE3JPO-1lX5wc&5-MlQseT4YUMZ
zzPVFDhz{b;_NLm{05MY$L@6&W0nOz_=xHen?3jsIKB&2cY=W{wu+MwcW*)$WbzGDY
zbz8dp`tZldfG`f@61u3)??4TS^jGC?zaM$D$)-JxPC-!;AkH$;4-jUm$N<MeDpvo<
zyp9_H%HIIWetExlob8yGsEFIJD?f`P^%*0Wj81;J%*<n%R-OAD?>gQfSC1{#uEACa
znL}OJ4|gaF%cVD=!YSy>B+O=_L#vK00G6|J9ROQH=%u~zeqpVGA4Cdk)XGnU#(>Dw
zo2<FV{Mwj0;xWUpaHQjP-D^_5RfsS#jfH#Nfk`2vBq3uCauxcBs-ua@aBpi~!^q~2
zN?qUR=FWIrn*}UV91<0`@1U)TkyrhbvSrR$Xfkz|SWLA}elf}w**@U`7^|nMuC-Kn
zV*4FTV8+CTl=drqrb7fx$9K$Yq(=!Gh~inMqYpW~Hfe9W^gG|dX04yn2x7#Re7tU;
ze>}fobYdr=Eyrgk(3XMq01yaS(X@qyt`VzAP_xLYBB<_WKMXnXd{e9z$0^+rLS*)y
zG2Ev`jI`CCnoXb%u^(!|ig3_%;U8<Cur6UD_y9P(R*lT7U7q$K>rh`;UNo7;Og5z9
zzPAJNteew%Q=BH2vs+1ty6`UKeO7yL>fc@^S~Qj`TTWXEF^!9_1DF+oSUN}y2%t)$
zsRjW}b;*)!*Y<ETdyE<aXGJ7oF!!~odQD1bAkiVgr5EZ-20rCB-~RT$gHHqv3QuU0
z7bZ?Tl-0nL<)Okbj_@{PDQy7#Xl8-~y<zxrZ-ZL|U>cLUvhOgqa5VG<lN`{{GUDaB
zP@rj8URj}=bugO;2-3)Dnt<pK={_kSyM_4Cgh-~;%x$c{LWG$r)*zBGO0HAa28+5e
z*<}UP`PcXnH@yqJ8&ftZmI;D<GNXkIbcN8Y(#gc&cj?-3d^U~x)vO29rM{h55oki~
z$O{t}es8+s&g?~rAAml<GeyD43tPaopS|(N)`+U0HoZ)m$miHYHUOZ2F@T}MF>6(a
zPMb8`?(;qPKq6`aLeg=_Ps*r_hWeXF0+wLMJ6FcLNq^X=w818!v*DkER>8agI)NKD
zy>NRGz)p*N)U4&gv)Y$MDA>0JvHUonSj<Q6p~%w!Z@)9;T~Og*%oNOpo~4?uGUlg=
zu9`+Y2eO9weI8j`Lw$VV5oWlY2mQhV<$#59e+}JHHV_haVIl=#ImnCA+#N$05}S5p
z1b`-lrsY}Q%ReuPF_)AMRCP2&4oDc2ct4<Q)5y=S2RPe*ECi;dvSLUhiKFgyrgfn-
zm3pn+i5K21VAw2gVg69Lr(bCo!0T{kki3_|$4{!jfO!HB@5q=8aVuXIrWm5EG2)P&
zU8rXl;OT!b$A487Kp6t!Fy(kHLqbYo7S4JD{uzim)=l-|HF7`$OsA(=qh9&4N8IZe
z;m`g7Fz~2(LGLEj#D->eK$@C6Mt3W{{Z8Mmv-Z-PrcP)Z2o;Wg8c_KFz3@U~7x7LT
zj<(+iwQXYys*f|xT!i|??$~jd!h+21Du}m>3TJ~wD27CyRidzROm5aQD|E>S$0F>O
z;&BoEcAGB^Pzw!1#_pt@vCdz|GUODe!6EMgUTP{;Z<e0NEnYz>hOT0sKL>Qf&hfwd
d^AEhb9V(Vvp3Y<3g?n?PnzFW1nd0*|{{s*ABf0<p

diff --git a/doc/user/project/members/img/share_project_with_groups_tab.png b/doc/user/project/members/img/share_project_with_groups_tab.png
new file mode 100644
index 0000000000000000000000000000000000000000..fc489aae0039502c504817cfedcd3691b79e4bbe
GIT binary patch
literal 36482
zcma&M1yCGO^DnxA00~ZTw_V)bT^4t@0E;BJL+}K57Wd%p?g0X1AwUT3wvgcN_Q?1B
z?|rv!)vJ0{(=&7W^mO<1nLhnHGZU$<DvyCmf(iftFciQtng9S26aYZ@`v&oaGc$eS
z{L+w9SJsxjyu94r-rn5Yyt})5etzEH-)CcE!>&-()=t*ePI>=6%i8*fv$ON@(XqKv
zJ}YbJugSBOm8IwBo15q7<rlh{*U?G2Su7emef&Cgsiah@pSdtOIa_H+e|d3I<mYI}
z&g$pveDeJ4;^I&BvCFr3`srfg`T1nI^gS~Z3bR3_SN3pQ`x+aY8Pvo1<X7&^ddpOq
z&(r<Z&DBj-cKY7QO>28&Ue{Xt=Kb;hy17*kX1vtU_ukK+eg6La8`ZecG;!eKRxv&X
zBln&zU%F*u(>F2@Pmd39a`sG0Od8%eJ^KT54z7NBe1uC;R94QivP&107P`3QC@Bav
z#XEgupqFN5jt=k2g&nN^$ay;Io5@oh%=212x?3A<Zi_Dh0A4f8G{*Grt?eDAW{+CL
z^m&G74*q~IwIn>;oj*8WIC;kSBsDbDeN8E7R5NZgDPC>v9G|J_YRC-_WMx`!_7)8q
zI+z)$EBxl;VUlEN*5XDV8W#CUl`%Z2$k;l{#zrg8u6n38`S<+ReICNe?PF%+h=?e;
zoLr2qj^6G-6f<+CWAmnD`b_;7&0Gm)MX!7oaIUYOT$Y89vPpmyr%kw7HY?a@FoIiJ
z(VW#Ngjvz`Wo*P*EwBgrT?Z2Y0R2*Z0A6FdQ?+vC4~>Q6IldYTvK%#DUO#^RU>24S
zTwGo}JfGOvo%r|yxVgPKIo&xqJvcaA+1MO7INZ3nJeioR`S=1^SU$3{+Ox9S2?%^)
zX0~Buga`_Tva`D|F<CJ(S_-q!Edc=0*9tO{+TNxI)2%o`64>7)?rL8jcb9U9k-0rP
z<7ifS=Nwk;c3oOs>J%FGcpUn7Tdi1z>L$8G*KLh$r)+8_aV0Ui1RKDvLxtLf2G2<L
zMVgVTt<9h5h@sT~KQ<F^806p9^1)^z&R_|-AArs;`Gq#3U4o<7#SnEIdu}x<j0)67
zqlw}szbUEJT1XOQj80sHS^o8lwjxe2Lsnpr(cfRxuOV;$<Xw)d?v2FijH-qM*Myhf
z9_@t3C$X;vD41{P?o{#Atgo>`gCSJJU}R`-^mQ7%pPcsJc`zg$ddv*#5>!BjZas2D
zXqjAn!Tt~bMReRmlPe-JK>^+6h*9v{ihvFwii9iEe{=-Hiwre%nl)7l%JCx?1oe$p
zuEcs<6kNohokWzyGCczQZJ5A##Q&O9Rh`~fEivBJ=qw&x95tCp<SllXY6oL-uEuCN
zSdbyWwu1ianLLe?-?klZ2V-6nui8{|>UIwlf8qD)yFg4RVvH6$p`ZQGs{}vt1au%G
zOu`jf)-~L}=d4yhN<$8FVNptir&hKdou^Jw-zwBtik!N-gcz(mD|7viINU}v`{wBY
z$Zr>+$2{&l$8T%dCjUH6X;M*9<q@1H;-FkI9M^id+fc&p8&$=ax}(51rr_E|X`zc9
z-}#1vSvk?q;Ce~va~<TF2z|3bR6yJct#XYG>o-O`#XFe9KQn2$MANo#x^@X{E>dEe
ztT&Uy3UQf#g%UH1c5Rkb{E|$#KZznnYIw@_J7#LfK%+)JHMTx!Z|fAmpas>Z%ZS6x
z$;I1Wcny|3jXTr56s-ZJW^5hlghi!rOG#``FQkph-S<=+Vd4#;dIV228RVkC{|0!q
z;`E1s7*r`jmU{=1my={r3Mb)`p^!wLTlmSfAi*pe^_@hj**ZBTxaOnWUfHFN$H*ws
z2c;<BeiV?g!-}<5;nS#F7XeJcH6}dtROi8Ktqu<s{`uDv?3#=J`l7WnZHERpx5lq;
zF1~WRT8f1R^^;=s_lgEydtuU-ch5^qXy!F0Jsc`&k@+9IjAtM+kZ_lH%~QyJ^lzvr
zDU2DpSdO~$cdChDGTiJSyU%G!j$mj@;uQorb(qlHu9A_U8LK=an?{(UNL>@Hobflv
zg7R;4T0$CIFcOPA+t**J>kO3u-HnR`o_8H6E6f(SkWpDCjRuQnoBM8R5G;;nB-UwG
ziHF;d40CrBi?YY3h)yVxHSaA<<~!A$o22U(&fq(7JayBc$b5|Ss(PBbs<ygIIxZFA
zP&iiA&R3jRxRw^$ZO(%tFj0nZOr8+RXd*xgH4_3nb^VT<$oV-+0elXCwfedL3<o2?
z)M26Ye|>e%l9a7$gDJoPooNP+-n6$=Lkvf`MSF0edjKp6`Ux30!4YM@yPS}19SU8E
zZMvCnq2!nmg%4!wlNf>~ECfrjQslsLF$pZ80~>)M154cIDVTEuOZ{KlVn37;tzf~7
zqA}@FaEOx{`srzW5WO@$E0G*|5CCzV@h|=qK}~>&&0K(LbQ#xdSQMKsb&?gGFK&iB
z3hXg9I`zzfD^qzjZ?Qc<RGd@tu)jJqRQtR7_zp<?t`s+LKP1b0TJ~&%BE*Tm2P+Xz
zE+h`q1W3!dbN}Q^`6E`#GR^ty_Zc==_4VfY`V?c8MSuBEh`q1=OYR8jdK)enTJ8Bz
zw?74OHitKSxT00J>$FCuoDHz<9H6-k{J;|a)XgKs6^{c&bnEExl%K;Ogejd#q>!ca
zkI>_;88Ze(z)yW9v0Hd1i5Q@z;^Z(WL+bG3mgGEP{6r9>PtvuSNL&pl4H~uOEkReG
z){(V2^KPE(AiNQPR?5!4{TcX6&h`1QJ2j@iRU3Xr^gcVgEfodIe-6W=V$D+liTln{
z!X|Pr%it{POBiNll~CcK!LyuhdNr;dB`22=y&o(#oEI`&68ANN1Dd<(WM6o4EtSI|
zxk|~IDDPm)bjO$MQ=Duie>inTb<W^SOT1Y-k}TRIyIf_%b2rRqVIN8?y~f(BhSJ|)
z<P0>(4U)o=DnGGkyfW*3w_ENC(LUU{Fi{BS%H0?cgg21hseu2c?-fIX;W9`jF$o7E
zIUaTC_!%Gl2Pt<EXnY{Xe&^U@%KBz#@*$N-I{L<F;Q}_rpWFCa813;cnjQF=H(J5C
zNc8nYnDOP56%Yj$X(T)1-au&rSplM{Oz>k9aI|0~Ne)}nu<&VumYA7n%Y6*WP+=qC
z8r@h^c9Ak7n{yem6SYJ`LbYrJ(z7Bc!?b8P`00ot;W`m!{#64~j|sgug53r1B&w|#
zfOnGa6Tb&=^-2v5Dt=USI*qt5zZ@1#c$jLOQud5Xcq*@iO83w^v*)V2Cy;%9b5sEz
zkWRQdF(JT}v?Jrg$m2wZW*rAu@3E8tQ**gZ=*|@L-_<ci#e5pUABh$)8#gDj<QGja
z7LJgOsJk>gUqPScHPlD5JJ@uzb|6?Zuo&N@Dnv*BM0;yjB1VOiy+cUXB2!|c#BJ{t
zR(x>xDL9Ojla9p5ekrWrsUH#ctiqjhIJ?h{j^*+#FK%PE?#8l1I>x~WZ^mkTW}Bbz
z6^s^$;wUb|jf)wsuOF%(fSvn$KxQ`x54n_)kc}uWw3Mh}UvH#x1K~?|{Rr-F!#3yE
zJjK+Mui`&)kPKdj{E;EPVNJ@X7B4PhArV-A%#-7~rL7p<;ikH6wJ^36`5r*(hp>;)
z9d*MxetiJgZ!1+C(x?++fDo?t1Aul^GR8LgZIh^6EgKxSw7kx&p8n#!4V2xK8R-$r
z-LeiBPudo4_Me-vbws*)XHK>@P-t({;$Nsnku9i6f>jm^%BbpaY{fAt8tTXZbdsbj
z%_qrH#YNKzf|GqA$u<8NN36m<+_OG}^kYusSI>netkHgnr<F%Vi%Gw)sXi={x8*I&
zIx`{0%ptD$&BV@wi4#z%Dx|&Tk?c)Nu~cLX8mU?m^5@e+>LbktdOc~-olhm?i^H7x
z(n;@h9m|t@DAY>SrZcrU4w;$@sk;9=S};6OG0r6geZ<s+R>`2>mUfG1l*tv#rvLd}
z>MX|xeEM3E;>kndE+dS$9Bg7cpwTGGRhbOmq4UhOJX{_0QE*f;4}#;f0+Zk<irz#4
z)QBrOI;P+l(=6yROuzUW=o5}is!=YJPj>wtJuPvo9q(r$9<F9((g!KtthUAkqAxxo
zF03y50h^05n*r{Dpx(foW`-#JF)W(V!C<hMpWG=m)aR~9vFDU73AQX43d!EZGbDmj
zc_pALwR6C)a#2aXd~2MZo|Og#eMGL%pUzOkqtk!aWheN%tGHx0ANooG_lE9m)aV!q
z?>eP?gDe<XdrasEc}pU#_u>M|s!w$anx~SnY#X|=W3iZO;M4oT{}%RuvT~1<bFK?x
zstLIY7^j^4bSRQz)t&bD*cuaxgiOaA^Oo=}j5ej}b7u&=a;@E3MgqYx?dc3#kcJOi
z1w1?3AHhuW4zIokOmXdGTNKx)Oe`h9tUNL5{_|B#*g%^4VJPJIoxp%(qy7un2+=DU
z#y6OLcvON~;q+lo3-_E*hVarfl%_4e;c#I9@*`8VS0q|aqISqwk9?cJY`!QrVn!?X
z<H?vva!Fh>Sm;Vpq${|G7_XyVZ$wiJ4c3~_<<Xthnxs@Er74@y{1z{PCbmH!T>0D;
zaP05)?FwMetdeO-u1(IMnVBhT$3#xGt<TEvC_w|BIdWiDmrJ632iOyNS2hR3+!#)T
z^ozM2A-!&2ajUdV2?YksD8JT)?agJ6K)*mLV<AcwG_o+)3>Mr(_SaB(ri=s@_rw?`
zRQ(^X7cV2ZV3vQT*EU!?nQn6nAPMW+1g-Zp83-k^sR=P02+#;gEGW*OU^wVZjOVPp
zu|EOq2&=I=CH?(aplI~T&ld|(sKEQnXvB|PQ!bLjDV>IXQMA|eT+#f7Z&oiX8~ns0
zSGpdgdK$a=Jp|vy0?)X1I)ySKM2KMgjv|{kqLGl?Pws_Z;9H_*sdocg>VYXgQAV8;
zI)?^N&k}|PCtZ?=W`G__jD#@pf-_dryNpqr(-KP;7XB<}o~{IAddtu0q!n#U1|Tfr
zU(wDk_KJ>IvSf`GZ`px!a|VJ`#-WnbiSJgil^PvV{II7!%xl0r%7gsBnQL>gK)eYb
z*mYR#Qa!Y}0FN}L^~Q8B0Rp}R$Vb%P-VX(slqOO<xO~^PWG;<ZMxE`XM&#zq>b==;
zVldBeuA@qo@m?uR_C06xN@uY^Fn{_!74gwvoAqlka+ovAqWPNvs`f={u1#fGXW5L1
zgKB8`dVl980&+Nb@0wP!)yo7eYI9xfJ%b#ux!sw$KYG1JLpT%~ZF^>f*VpX9g|i?H
zq9pHu1CC_5)Vf4O_A21~5b#S4c-U)Fyqf$P4XOA&Pl^nC->`3xzRyxwW${|Q?>7ft
z`p-j(B|kX@3pu|@Qdkft-N%?>vfzUnm!#SBco!hIv?bDs>2Q++JFwIsM9%~-X!CQy
zslTKNwU5#fm!TfVzM4am#03Xa#?_VQ{$VfPyJZcS*%qdoH&5jlWWz$oIHn6;<MPU;
zz@#X~JR<MikMXtwR0*ze%W2i0=11X7#GO8<Rj&}gR27`&h^W|+5<dCx`(T1G9X~8L
zo5Gc^<jw#zzErm=mAu*}4H1aP9gv?>_}+_%SJ&Slebf!ViHNF$0+`zq78SP7FDibZ
zc8ry4bG_pYVGE3&3A<kM9ZsoHK8k`X9;dB4k`;EuuCCs9uhV2;KkS918GnVs^+Nfe
zYlpXNykSyY2-8}V6bbC+JazybH@+biYvIF-9rVQurkq-D>UP~N!Y|#IWV;(3jj6CH
zi<lU+#CoZP?BuqMgHXs{{U#5l+WBut4DN+!UiB>)lNcHgnPFW87!4UI2QQBg(>e`<
zGG@whX(Og?FkHw{&Z}<mG%wodHUFplyWG!1r_dBiRcmqDJgNM|C8WFVZo=$TvJF(u
z7*n=;{xaN|4+tDA?{l-ouz)B&11pdjTv$<}EEY|mrbz>`@Mru=Q>Wt%z1OzU%61o6
z@0RdZWp*03^G=@Jxtaxen|;Ka8{4sC<p@0axVx=j7!w_kYY&`om`P&HoJ?FNSdNTD
zj4}|h=nDjK7`YrmuWq-|$+NR%$~7LsF>|kj6T;2oQ={vP^S~eXexiW<nm>_e?DYL$
zMrb@4zRN0Kw^><@!(eFC?ReFf;_rr4=6rTnkUFqUvHCXBJL@q=YV)OBe8S@sThE-o
zLc|wZHXG~yY4x@H?zC|4$I$Ii$i8UaQ-^;<Y2(M1!7oSey93QAXF%}@2go{IIV0cI
zQRes&=o85<oK~XI;w)n*R(ON}bAyglJ<Eg6zYt*q1ZE<aGF%2|pZODUFdFbxX)^4$
zpYpjwIgH(VT=LETUdE!K2W_nb7F!mThq_Y36&+v4z{f8kkdNnQDSxfS0-1ZE$~C}=
zy9Mgk>q;{)Oz27!<ojD7C1np6s+idi{ULq+GE5(KcSa?%&r`R(v}E_FqfXMbajVu+
zNM?QBmo{R;ub2C+RJ7mB%Cj}u<un2ou-UcwZ^f4mkZ<&)|G+<LE7&h418jZid_rOa
zc~3}1WyzoIE-L2)y&3Js660OC_Eul@TsluTR8vsJCx}R${a)SuIkcLPM~+JKAi6;o
zdmVJ0Ej})IL}}q$o8MM5c(S1Yk<pt(<|)CzgT-E@tsA0#>K6D$?TLCRbL8O7X)wxi
zFz_<6n)hj1MC(d9!s6b6*^N%i>&l*yep}B6Ih;xZ5_rRNnmn7EJAbMEE=sEZ%I_fm
zop1J4ouTO$E8AzP3n9XMC2<Mnwm12oyyD?mx2B`*$#jPx-dLY!k)z9gkH^!t&WF56
zU14n$5)@op<u@+<)o)K?F=?dZ`vk}T`bXeClq2%fw-s_ftJG@LWekUw=vUtAI5m*c
zx79XAryWl?BzCa|6T=Q({~7EKb$D2HJyj}+MayUp?Y3{OHfzXK-FilZrzww4J5(}m
z-7AmoMQUd$T;!dIU=_OPbsj@={LO+~B^x-cA&DYfy{MKUGI1Ft9DkJmtYj!d?rNNR
zaDkS6B3auO<1nzbo9aZ#V{6@WdIb|?Rp&J!qi-IK0pKeG^Iamalg1?lZ{qT3bJM6g
zm~a#MGB*Jb2gVGq4T0Rn2w}oBa5|!FV~ii5e*zEEeuAxmzC_D^VJ4`d(z+jSyY22o
z;9-tt=;g%`+|WW>t|RxMw4sW&*jygDNR|U)m@&vV2BOFKi3?}F@Eh*aK;Qbq$<3q_
z8kQ#2!h0d|3<ef4s7;6Vi&}1|L;JyJh#Z$3-{;~Kf35WrPa~d6KzTx!Kt8udUnP7j
z@}G6LLV7vZ7u+o|i9Xx}Zea>YF@A}g9M>^uDbckCyu(CHu*GG-3H6BNV<UPoe+)aN
z(1Qh;<I?(E4#~n2eu8(p;iA&6#m2+F1Vit&HWGgFzX-;_y>88}q0IQV13kn=9B-s0
zFP`{`C71E}e>dX)W~Am(*XsR7@6>dg|8;cOk|PnUstxM=29AKR5Cbh?D}UzB6I)yl
zO}!Kh^?Ltq3_8uQF5D$14@1-Hm=-d#$Ds9)1axRlH2CUJ!&>D&+)>(9{6hy^f@Z=V
zrq2aNhNZx)PH#}bPv)@1QrVqDs2~#pRMHg<QcLC2q-47J2@Q*7fio)J;6LWB;2nfu
zibpoV2-x;qHT0IvCw0n~idgB2H7Yvr9V*1Ap_UJiaG2#quRH9MQx|y?gk?b+)57(*
z=*^(4rxG%ZN>FSM2`K;PHiQ1$qBTy1D8d{NH8juE4CVjvwEvy#djic|ChjqDq2`Kw
zZG$1{1OgQd0A+b0bSl_CQUm;73@ZRMn@~XvJpuke4Kow9vE#lMu&k|pdqWA=4^&g=
zfm~ewrX7AONXtcQ9S05SL=&7{`Urf9_U!|mBa%yY@}H#}Y*LwD1yq)=!kdu6s4|~{
z(Ft|9egGG+dPDd@7|p9h8f~3wb<9WtM!^=}gXU)&8;YmUNY5n-KC8<f!-t>VHapZs
zSOarF)7oYK?;g|9oHYZK2I`1*^vU(4-}3P4udTGd$AJSb>P&kFn9P0~6rbHtGLV(U
zFnGEH{l%DV&@B&)5)u+5T;B{seV;I>7ARhokLa7NnTKLAY5g`J(0&EY&pwo&5e4Cm
zo*mWvRMY*K`RCw#<oeYNtS+$h;mY#8T&k$QxvDClr>Aap%+7uQ2m~f{g;}a)#lvm>
z8rO3V7;jcwc#^~3+J<J_ta7`82tXvbX@$yBHPh&Ss#{IVM&8sc^lAxuY&X->JVO<W
zSKa6WSJhI*YlamQAXy-4>R>n^1mxxM>>vakm1F-h3TQa6C@}rJP}Tu%adY4xB$hcV
zz!=bCAH?Lq5hRP1v6p+lIxJmht=efmXpZal_L`8Sdc>X+v3u`CJ)U~4ls*Q3iKAxo
z^DKgcB}Xk0d5Q^-_tFDmdMk17qxpy>b2nmmuc)Y~ztDygDi&SS60xJP6>X#4I^;nW
zu`Ry7jZ<Uc8{jM5Hu1L`nfBMeM1^VNI2TFO(!bAxk4ZQlDzWI0Q&0j<XF&fVAw;e;
zJ`n3D0CmgcFG^jtW<&4x-K1%++WpbOLPH#8!g^9I{_Q*M(gvJO1$H&5I5uh;<60Wj
zUTB2@!q_So784(UYg@I9MSa!#?fmoI^y^kh12lZC5|Zg;vE_-cg*}igG8f?551Zb#
zUs?6`@e9_7&RZaWy$K-Q?$;>12~+I->bG-0k_%*sO04&B<iM%fMIuX)SELplm|dv`
z1BQ2G%fY5K=f!M|wX83(hU5*6zjNi_BZa*Mb9v6%^Qpm_^f}o^JVJEx0Fe_YBuMQC
z0NmCCD{v~@-?-%=(+_o3fyy?qZP>*!UfsW{$d}kqlzpK~+)A-mKIbC+3xrqlps<_(
zYlbE}DQ^XJiLR?#85}TBALF_d?=_EfVF5~q)CoA|+e<K);#f7#zcGCKEsnN;ueLL~
zy+X5B3-&{TN3Xs%Zr8UeqPb3rOO;YV_WFxCCccR7`|+NhkdW6<1xbec@w3(-IKkEy
z#1jL?A|_gwU@4=IzS{LeW(njvjY-wMP1_#!cGq5&)F>6n0MtF4*Lm()jFAAB)cxgU
z4BXnASbR%ls7nepXI_v$EB#`YSMvot<oaFR5if13i@_Kd3QPY0Fcz2QTL%#a^*)_V
zf3!_tDO}hviMD)~gU(~i!-F7L{`LnPRU*mX>h0UNK$KF;U68cFDg-EuyPtP^Aq0&E
z%m!~zw-<(0LDt$L6n~55%*&gqX!fQlr1Sm+0kN>um9#=IbCDM@!~$_(3gLAG)}D4R
z{_wMj8O&b0{%ZSyoM?Yi;H(Tj8o*ZaP}5B`&Yt)a`*9htf=Vm+hpPRJki#b5kTIQ6
ztrX<nP|~>EAe;Rfowo=6nIe;baD*g2DC^yYz%3ha8mO5Uy1T<0XcIx1+cTNIH*Iun
z)>|aSl>X>627Qa!mm03zwk2$U$wp}~UD?rTR^X^w2rI8W=)U!O)%ztcpv=MHE>+*T
zr<~)2U1Osy8$Q&$JK-BZCF!y5`uoN*yGIqF_#PZ*XDi4&mX}_L*M*!I`Z82jYCSqQ
zaSj~NNSV8pD@25tE$`RS%plRKuQjO7S(%dIjxDU2Kbkz4Gj=Qk+!I)2A2ZiP0iRR;
zkf>Xx)y?Pj-Hs$1e}-*&lIEKPDeMIcw~`x^1D8NIbt~aOgeT0U;}Cn?V|iydZ4&U0
zyz{hHYa8ysN}NqldvG#c2SKnSzErjSw|Rsv5rlKGod7eA<0ZVp5ac782*@l-x7{}k
zw;3L@@E=lA2(YJkR?MXfe6N5%p-=U0_4mVA&Cm2u0}aHW4SY*+S||$gZMTFXQyP&I
zE>$T>`pk>ZKzV_5!5G@Jk19pBQpX5?|D^K{{P<i=W#9uqrCFD6Q{{>=m&g+WTi+_>
z_Pc(F$qlK3pX5b>pYo!B&U0PM5wygFJ%o;EggmCvb3FB)A{bq1=g&i0;7@N0si5cn
zixvk?SL0=+u?JCGt)n;3A+mN$&8+N6jMPJ1t_OphM2y&Y3t7{qN;RIu!Edz{_g7>)
zseU6cwqa`gs`<#r8zxJGae;eLzFCd+XfJvlM}O&l5|+ZpdX$@YAne6<ZG3()HF<hT
zeuyD;e>}iZ1$p@h^ZUG{z<U2?#K6^_0%z|19ii6TW(-<9eWl6B$Dt#P8<S4x;d@C-
zQ+6v@|CV7=GTF&nX3vxw)sbzT_&>{gQRm~p>MEhQ1m&S-=Jso>3LREK>Cu$6?{A3N
zqw(D*h4bq6ikowiQG__H=4utSzqNZhyeArm?&=6R#;x`Gb}nSQ`VE&xw{AVgIwwjs
zVa1cv(3?Ka=T8sRT@9SMuRW()hHDl<2ze9-{ND_4q|w8sK_K?Byy%%v1WA^$S7^A0
zRybT@D}$dI4iV^O^IM;qSW27#Hf~aX<CXCOn8o;A7Js54#S)jrXwmzlAK>c<s06&8
zZjfT(3pzcxR6nb@p(wRPK8~{$XUV8ty*llK<#h~<)HhEw1%#NVn<_NSX*Srj3a;w3
zoCqWva|O|HFlkcJxckmZ<d<R558QE#d#b}CLGQ8W=Mk6!b8rci7|=84v32lIuB}kT
zABjFz`?^+#Be&eXxo6gxeF`)u(rsW?GX20e?3<fSmQ~9V(WC(@cGktCQKgwNickcV
zCSY5jP0st7tA_lXRNd(378cIJXAacYy>^)nF_i~~7TVk6qHQ9g)=crXWuQN|rTpYT
zXI?m`G&qA%`44(&x*w=`LSX0e2KiW)eP<5Q5GKv}R7EjBrV8%T2ii#;B{pI}T*y;r
zMjzI0PiVv=zu^w0`9g-k_YddN+OAb_N20I|mW;Z1a@yt4==owriWJ4we&WZnoAJ31
zjYhD(m2fPS-sydYW&5_|Y;DC{$8|K+2dmTJ8c3MAK8)hNxB+e??i<*vG(_Q*Y7C41
zO?NiZT7gNOdeA>uhCStVZFvqW08_TgqBaL+bzu{rL>Rt`M@?h{X>puMEeAraK-}m9
zS?grYkkVM4x%OAYZ6DSd>=*?dHX$fK6grXlCwnZ{i@ihpV}i@xly~E!K4P1R01CL?
zJE6dwTcLvlOcRclwzq*_;VJ%y<m<l2qP?E@L}BJKwHB_sK5mj8*`~AP250-E-}dX?
zFoL4B5y9gIo~-_8&66t6ufNF~c$i=lP$Q-YBZn5DH*2v?>nIUyB2DXdcoo1eFrE2k
z1`;?M-_5R$&(}uhn0i=SD|&oxEuV@`mmCdHd$9xBUv)fSSvWT_aQ*x_+oy%cL;5i7
z#Cy6xD$j$Ey6fYQTzCjV*YTdD+P78ox)ol$?D)k){e7nRA!fa-c2#~PvhoPlpiN)w
zY&GPj%5NO#TLA~T`$YG-;qz%Rg;mZPT#^HGr!i=2&Y|`s_CbbOUvZk3m>X`~mg=Yh
zJ{@u7p2=0dp`uEJ74<2~qJu$ttu_#@xHp9811CN(Ok*rr4-$hp`n)%U8N1E&1}-Wo
zRnWzYPeGZ;zc6j7am(P<vwCY+_j|1ruWE}M_0Y9@p59N_A{jL-o?0jBj;$5L9Xxat
zb8RK7cPlNsUrj4c0}(V~cE~Gn>MYf<+=e1?hS6LHzw2ZEYRtYT3QIYd&$RbC$i44^
z$9!C|oYR4oSyeld++6U5A?%W8KXTeM_iTKBqte%Ca`z>*fS5n%`;U2!Mfh}=HD~?3
z{=TMbaL661g!c9bCE{8cuRS&h^hN#56hT!*{evJT4QG91e@tYEncKii5*T;^hvOP#
zpT+-1g0sHuHqyY_bAc%o>%{~-d^}?x6<`5tb?yi6&fqg$*@-78e-ujUQQR^^O%&;*
zY+G$3D_l+i8kxR0vldwq>VL%%foJ(vYs{KLjP2w^c8Oh;bTo_lIXgqaz8U9VB`J0N
zCFJd{Ld=N*u5yJ1b-SPR8u(5(i6mlqgqxn9o@feInjuOsE*ll<cRUcA7)QpmN7rZO
zu^ovNC_Z&e2`5iOC`0#;EyAQEJLG~Q$U8qW4Wr#3Ff|F_>nb(X0Hw^hDWlk&nm{>n
zv@mm`jqi!1!c&k>(E)l~^&PfUYFye6x2~XY?E0aZ!>H^Bjc+=NB_AS#&6P1|=^shu
zZB#T}n+o9xnrBFZy7|df0#L=&N<T~(>lo6%nSaj3*>g_r*bNlFVy5d;GZNg`!N&Ep
zs+cQIk{=;mJigmGJnx(WO>xEoeB5GEQiXJz8cyXyY*PJjQn|-@iy{5j?$!AtlP`0H
zIS5x23Q3{8ZiiOR@@=-UT#p#Ko?N?$rW{m$S?-kGi&@Fg!Zj|2D79sMv)o=o1iGCO
zD+snimtL8briv7QV9#CKXAtyHay_odIAF*yCz5M(riZ0w%C0eI@c6cfwMX~D9`Qmw
znqz5fwR1zObr0LVwrVz{B0pIKO&jns?<a%AJ^%S?^;YofgRmzUhc06-A98s~@xFqb
zuy(rdm*U2mC3q4>jJW2m3n2=_adg*%vfw<{LL4@6u@7lH2r<^(`zrp(Rn6+D-E13W
z^3;B)U)fpB?lSoRNHOA3PEPw6Pztr|%}iRj2-DTQhpM^$eqb+#^21{^43s<%lvGt=
zw}nkHhQz*}(3jbmmTjP()quC-uP=yM*Cr6!{HaG-?w&1Ij5=J^o~~?$i@4WPuOX?y
zpLJiVOqgF=To?UUjN?Vk^XHeFH;y|3L!Sp%$+G}&5MSZNQhAmiu-fAt7%Q@n_k*%^
z!StyXQtRE+0f}T@`En}fyBxolP2}%pd|BImyiI^Z-hhT#M$F1`Usk7FEm-@rt%0xJ
z;4?J!2gINLbPvFjfW876yb!Sj6!b!sul}!fug9x5twbnqiI584<HdZ|;K(+D0j`dY
zN?|Nm>o@fjY7H<S3tJ`ILNNgOw|Qko?XSQ%0c6_Rx7b5L>g*6+qI3*7mj=5W6=kXn
z1LB-En5yx$Yi$?Yk$uN$X-&|dAwu@85YFy((!AJ2t(w|#Pws{6Wf~Fy%mqk*K+yp}
z;+IneWB}AJ<Q3rGQ5pIw2uSG<c=0<3m<0K^OqYNvyhy{h000HHi%TTnE%=31TE&V2
zynXZU%%1LCHEAHYr{^AYX=*OeC<VoO3%Fu*l^zgQ3HUhZ-216^Xt}i;c<T&!pGU*o
z+zL~=Ix4%Pwh5o6`~pP$79hL21Rq*<S2!9n93IFJ?-V`vt{wSvaE2dw8Nb$Q-5QR?
z2QS#?Ys~K_7BucK(!4!mP!IzE=39UCzz9?R82K3qqD>WtDl1&Vb+waBaz_@L_F6oP
z#7V-&3}zBZd%Ra#Dl>LhbFGDoQn?tRes2I^*F68x<S6$AgKc-L(lgh2$W%U1FLZ2+
zi-`#z!vvbPd@DuAOP|)VD9OuRgBc7&q=M-k8r8^cNu{aiL9-P?$Cw=($@sA1V`7?A
zuRWDAbv)8_R&;mTH>UON?*8neY{j-q{>M^7o##X%|LkH7Su3xp;geI12~C%uhJBgi
zH7MHlZ<5HtPGF))>qOI^H1-7=g{P30NORba$J|}BH?U0*I%w?OSEC~n_(Q$I3|bRY
zeZD~XmfYpX6~AM}|8r{F)m?kWiu;;0*N}3DSePv%r;*tvZ?Q_vmFGfXd}+Hf%@Fim
z#j_o_RV5?>MGpe%IeFqaHXH8uWU=fVtY5{;>ne)DCV$Zzv@@q|_s1<qkxoG2(ufk!
z?Wy*^a@`;TBW<U*YDg6&THO^V+mG5sU*m}Yz;^q}kv&9Iv)S6~&C<_Q0{DLy$Frss
z9vQa-@5;->U!Ehf>}u4wh2Ga*tKLR>?ie`}vBbZdAAj*zRAN@a(woEt0P6Q`rP*5<
zaDPRg{Ve;e8pfw(dng3(P)n01081Kle&3gFw&X6kJ3e1PP#+fNarmA7!J&$p?vLvH
zul3r$A~xfHL#|ZAYA=IgRy?{F6SV}-us}_etI;r2F_`q}DA&Bf&$lT@k(au8dbKZ6
ztxa;h&bk$vnYTD<Y2*2mM>LrmK~bHpcGZbJL3H|2`}bb<<Z74C_Kw$3kDFSO<dza`
z!&`E38`HL}KEYP0Mf%%e`jlaJzrF}U1^%2a$Dh_0UE;8!xR;FnV*)kN0Kt5;>J5nZ
z56_o`p60!cU@Ho#m7dIdx#5!tY_QHQ1w}vFiDfgy{_giYEAFGum4oTE?>fX@E;oY0
zbLm~_6>^u~Ah4Q~O_Qtrgp8mV{r0K;JN}%QEYPbsG*>i!O5w9raMF<pw>O%@;1=Ac
zoU(Ha9yf!$QaFPIb}gl^$@{{)7*10vRmX|lgnXvbg&h{fB}<+=-(Bzp(Bsdc?aUR`
zr~$wY2D|q?gX!`enldXlznru{NsVGK*MR(MZ2@*t>s=d-{hO(B4e~VL@#=@pKE1_i
z7dgI8qjIW*qY^7`>W#38htD6p8ee|GOlPTq`C!L1{}6g=eqesSe=4Z4d{KYx`#WVS
zynaw;YItT?cU)AVVNKK57wVTkhM~(m0WAbCnrw$l&j3561G^qa#9(uph7Z=+r_dTb
z0QgMY$icdBEREYl7&bRDz5;*fQBb|<Q-zL>^AGNEm~g`auk|iR%k3L;i~@N#-8JXf
z0e)Td6$(c_fBCvQM)7$*ZEYqJ(Bpm@Luo$m`;l@@cU$iV`BU*|IH%ZvPPa1#`Ka<_
ztMO|FNC?Sz^_=ULgCGIb>V%SY`#Z~TTR9m&dQYI!kxalg#z?L0c#JuATA~lLCNDD;
zX2nMl_OIa$`GyL7U(8!MOIIvv6;A~%bqj%=D2;CoR7~4?Ud9qPmNf;qX3x1=aiy^8
zFXj}o|6%*yIqR6NUDi=Jk5s;7W<wQ9+gcgz04fCP^@`AEUEIA60``{oxSXnI?z%sW
z5xG_Ok{raP9r@8xe<>z)y(z#mX{zYv&4UlS?#+6)JVrxPF84ST&l1M7`1Q=>dWAE}
zSW<s;rLgJE;(0+k*j~J74mDp#AbSSg#W@p&bkI<|-oKNkyXcl6m{-eBn766#o<IaZ
zjaT>rkIa6*%=>ZfP3hGIPuYMVp!_C10q&jKtCu&m0AL0X@&7Ffft)YhFKxPi72$ss
zhfAdYVSE{-w^)rF?K@TGdP#m|t151MvQw&I&vr7h;eQjA79W=fEVXo;Vuoh;>J26o
z9*p}ou(eEF&d*%e_x7~t>3hf0rTm`X2kT49DmUvZL_(2(<X^lzkELbZ#h(5g{G*H}
z6B1DF7Rks)K3x6!Dfs**4%6B5g782dUkxxw7{W`bYUDD%e{MK!zJP5{OpMMs1m5_X
zNbU?+fd=8**J*#ku1J3~o^H&+_pU5kDhLoMgYft%?<_I?@sHz9xBuv34?#sqSwSw=
z>I(n4^=ej10L27bLB3p12N`UulSAG(=y5F!?zQ6=e_HIaaY4Q-UbwgCY%+-W92nGG
z)=QeylOEIAykpk#*8roVsM^r+__Lm38h+1&QYe|X^H83_o~C>Qiy2uK)Kw;C?ZfWP
z7L|cJYl+czs6(TdODNNV0Xie}*`)A{wEY7DEJ?jb0QyB7W%cKhQlj6p{N2GCo%A37
zG$Kd<HCxrkWMHd_yA|eYFWLR5-t$gF^beB5^N*M!v;F&;X+lu)NpT=lHqp<{a9s3&
z4A<&x8%&{AI$MNL*;zu_w`0k&v||Ewb4{p}HybDwlX*2KXya+E>8|oSDe$9uR=;?L
zkP$U7Jl;G&D1SZ$xJ!=}*S?`V@?%%?)nmALndZc&W$iRo<Q0^<aznbK%M=gGDnd&P
zjmx&8oMma_cBA#zmZisXN;2$!(21OoU83+mbftUypv&dKSxB}u!HFfjfEc(4$0h{x
zSH6<{iMmHG%FPA8SiG?wL*ge&XZWf+>bUl@{@e8n&Q?4FL$W0<>TJ<4Ea?dNfP#=>
zK#$w?C-+C=M7g;S39z5<Cxo)QB5@3`IJ!fnO%$CfHdK(l^knoN3J?09HO=j0nYp1*
zc(-F_HPRT-;K4SvwpM4mqD#x}!or@<oO2rd28!4`fbz@<+2jdk=z?UmVcVU;n8OyB
z;pg7(jvxbGEr#+V@wN5fTuCyUZE6iVvyD?zK!KKnH_Nx(-+14PekMAmxS0#&d1JZR
zy0wMGxZSO@7=9*Vucb~?Lo)Fu8%5;dUV0aT*9jdL1+**J7S@M~yf*24t26R-g5!I8
z<{QLt2%GXUNsJ0Ywo39iqcs9X=4o2*X#>)gZGUti^v|v)1J`$2{~ZngZ@_WYcYAC>
zudp>we@9bqFn;U#jzW6RE0Gcj>BWkX2lz^r`+kG+=?Njpp{^trrxXLe^<%3|QkTeh
zs3rER501N_m0E$6eS_Kz*6&)Irrz%CY$e8VT54_>p8}^(Iy9b!4{3IeiFUvyIZik!
z!e2vnHo$)t-sOMi!T2nsrg4dJ38>I|bDRbAD5n)<6mOzkpk<d4-q!d16aBYN<nP~r
z-*%Y2>3@^E<7C^rrtctEB&z~D*p7P#wrwd6hun5Ml~fDQnB}t1ckW}M^LB1lJsy#A
zA&v88>%*D*Gj3I?eWQ0dhl>=uLyg)&)N1b&+NSLn!(L*?nZ}VMsMqg)@Y!2vdoaO4
z^VOkBGv$C{aDvt5>=lmD4+E@?OXI;?>f-lhKe1HS-+fCtJ1G~%g-I57zqWJd@}(4?
zGd`@WQwGaHK23VqrXo*~Y{m+(`m25T{rGICQG|XZ$sn2#(XN+IY(O-P_)88jm^q(X
z9E6iJ^r3WG^jchf`Q^hzV!NB?A&W)NLl0lt-@}_<Z&mgb%ZRMim|8TZ`t6N*nEqx2
z;>YRkEJZ0|GFY;N{2)NHVv7^|%+^rWolh~pRo<cSFF{e@MxH>gSP{<)85?<{JV7$7
zT;Yyhb8rtg?3c(+df(Px#pC06II@<ZP{gSJ&P*|QN1Y5Z_Dj&TXCd*xh})qdF?cQ{
z!e2^YiaH#M7%zoN6Patm>$W5Xu4k^M5BNcaW$$R;g$zG+6{>fy!E1NI`n&`KyP0p!
zc9FGt_xn~+L?FGlv@8sf69`7DN$!dU<&#Qj02ucQ^;jbM+i2ws*=M@T@j{-2Wo7pd
z?`@SA(E;m|-P3n;NMnxq7ZSfhkzIuP&hVcs0cQ)j#X;Uggvk2(lLqV=smz|Lr9`y#
z^_*Yx8RZ*hT%G1NJLS0@L@V9+fGD!7c4rQ<vZBYJspKg8(?L;MZW&jp>hAnx>D&s^
ze^1pdvx~V7%#}ECX_b-v!FSf2y4?zxq1+<2YmzKKGC@8^g+Zv}I#4-l77A%4u*ox3
zZAS&37dSl7W~YYtDGeCQ<AsgEU(pEmWq?~kOb2W5CTavE320zoczyC)f}X<+5-GB`
zyzNa{b<L31(0KQ-e2Ic=WjRwOTN`OEEcR5iiPzBXX0R#I&@LHlcB}jI=?){ocM>2n
z4=#)W0cIKoIiLXY(<D-t3n>{dp2r7OY+9FW3%4ftk@WE%w=pFu6OK||59Bp|ou#^c
z-d>9ONV8y+#hN*oATpj%HNC3-bSO*D4}K{JXLGI%2(Y+Gze<sJZWrtrKU~+4pk^}a
zb*0(ljw!YEE|VM?cD6UXv1n-ARR-(wY>?Hxg49ic>{avL(g9CkqtbUunhcKg*-Tg}
zFOmHS6L8q&Y%Q@M2;XWFT*eC~pi2QeYU^K)E&D&`K%~!bgbGg%|0Za)sCYFFAr0C%
zylJ&Hwv|I?o=>6l<6v*sizUJ|6yFe??huslL@OqT)d1d$J~Q3v!E!-pu*dGU$LVYd
zuC;avE)v(5|0Vq=-8eN*b7xBBJ0c;?2(X#kmI5fEl&eQe1qoqURd@dM35V8Yp}W?9
zCfMyrRN(biCCuEXE^ukX*=t9?a8s3@=9YB2u;%SdwCe%MT5ytAreUtWQ=bVrOcPls
z6Z5?)(>D<cAJ!S9aFvz1<Lk!@kxGMz`9F=At*ul=H*27~hH1|g*(GAKI>tk=?xgef
zjITNl3AX(HSJPO?Xwf^Eb4br$#-&|P&%Nq^U^v3T#qVT$nEGM-b=SYD4xqm<j$_M_
z4Z^`#-9zG=FH1O8D=BqH6%#F(4N=#n5{&s$`)bl@0vZYjEO+uEng&Da-9&iLTaoSw
zpwam$ls`R(Z9-AKd!9Ld28M%Yk)W05tOc$p2(T;r#E4;EGFUVJG-6#+ad>EO);WQR
z$sRa2p%5Q@B=>q}+s4Gz(O2n6;$eqEb<@Rg+&^}1{+qs!fRA4HP%j>A^lXKCAJkUK
z&jx%30?;>40aV_<etJYR2Kktv+5xOs9ce5wDgjahf1;*M5q_jNSCOu}QJ@?sqQN3;
zu6@bK3ZCd@yFXOShGZHqsw``1e?-QC5j6_LqX}sPTOzb(bU~#`brU7o!!qmz#{HrZ
zUU9=8E^RnFE*c#AHdu^EvWMm?9oi(s>Pf@n%ojAdfP~cJs`~3Pl>GPxsBeJR32VOk
zvB#Xi=$uAY=fLw0iH7ME1ok{xB!{#Gyprbbndp~1_2`k+KB7WDU9^wnzYsfw#JOJ>
z_)2qX0+AwZE_4X)DSf?u{+2)wb9o3Y;a|asMa3MZ{w&16)Ljvc;+TVg%0|=O*C$I(
zMs7^@nx0U+Zc@&b1VPoc<azCvQc}sB(ndbsYPRC*2sj<PaAFrV^OVR$Uh$`f@TH8H
ziSvg~9ju$V$H$8yB6nGuI5yfHaz)xeM|F0jP@KgS)i&y3jN4D>{Nh9hTqT%7f!9#U
zLp8hxt(a%un<bPPnyY$~d-VQ}OtrZbnHmt6tv0BSNml5===PGkzVb3w;sJO%Lt=bz
z^E>kdty!|#K^{Q@m{#+3k&pB?pQK|T*pDHq_Q<D@=&JIokonz=oRclLn|OGVS4MY^
zsI^|=WcQR#3IaAPX}m>x4E%21lR@KfLmBDk?8;+<;hPSB?{+~AoUJX7e=>t1V}j4G
zh%B{f04;SW0GbR^(N}=P<v@VM3noug{<lL1$Z-AJxjw)2{2z^PopPFqKLy_OG5q%}
zQvwa~w^ib+5|<(uKa4D2-ZEDXE?w4NVG_~_1mE6UGJcN?ece*8jaz4r@(bAg4*Pot
znWx_vNHru>Z5Q;xwc1^0itwiJBI`0^VdXs;zx_;0MgKE>J@@@j?tsL^fKL|(Qma}G
z=UxawZ!fPA01OK+L@WVQ=L&jRHb4&%0LkcIA^$i4#jt;zSIOugL<V92Lk0k#h^)@_
zuN&}xNF<}bT=7rhf9uGH0RFZA2?Nv{_U}TZxm;E*>zV$eGgpPqCiIN%X;I2Ed$VJ|
zQ2U?VWRX!WV!lcio1NzoInV6AOV0lat6JlMl9aiIpwhW+0x>S9VB**bPKBZ;7Ft|3
z1|MK_Twhn?`<VIxMq#5Y-Vsuxukg$7&9}ayI+r4MzpEFmOCL&Xek!V!POl*(cR?XC
zXHAgDTOCfii>|pa=wr+ec7~Qna@|9EBa>){*qQj4T@MByJQZ;ztQ|?qcVoT|4sj?9
zPR7B|En|+tPkhG@s35iTr{qOe)pA0$JJZY7&qIUAmIF|XD9#atmgHqmfsaDPi=ope
zcG2)ihgs8EG~EnzP+)pHc`VYJo-06+0x6jc?fO~FfTr)$h*udz_i(e2=C+7EMa0UB
zG}$jMDdW`pxC$DrL!zV!D-bc!@yl7kT+;j~WM@{Xhi{g)?Nw>*DYNH0s;HA(Lm+U}
zl0pPxiuK$xxsr@Sic1L_;&QO6r?qH_hNJGb4LPP;aV3j<_GX^TEa03p4@QxKZLYUq
z%<v6r%<7REKBXUh&+rMiJpI;{OE?x?BGAfc!@!?MN~k0a(+HUPE9O1o)M5VAQEFNh
z;v>GPTgtz`rg=%m>Za-yVsqSV<Ucb}F}3ma4{ZPYvq0bzh|#C#=h`QgzNw2vQ}vbS
zhZBWB#Us`W+bwDS_PqYbEhnEqG)0Q{<u@@eMW~LGRa()p?k<er1X_X!)2YbfcbD@5
zd8R``lM~646~_(B6|-lK?GCIJbq7)`Mn*7qt8dASDz?wUhkG=0fxmR+I5!fM_i%<~
zRE#+6tQl?xfEVBx2iVh~dALTOhyz8o25+=mK~Ub9z!*1a)L@1{twpWDyH2$3gds!7
zPCY=e1XJcdn)1UtrX+L0z_QgHe}bLoulO{i+u079$>4)X!%W?plg{a#lLMEh*6?xM
z@n_1N=Wa;y@<Zvf^An?$GgH@xW3Q|x85qQycDeMjN(g~LP?L#4v5PnFI?TNyc&_Q|
zgj#5$3nNn3l)a?B_s|bE7WTC{Lmg(`qSg=7DxhJflBxsVSed}XTrL$C10zZib-4|W
zQ~8iI!k@w~cck2CKea}%1#NqsRjfO+z+#}tc9m_`SjAn0B>L$)<IohRjq$u+))=@_
z-hi)YGB5KBbok4Js=(=V<);ztXSrL_>pnlVn<TM3?Q%iMP}c%weD+h(31}&M<+RvU
za&5=h5E2%2JT~kMKVU({ATLTm?Z97>;*Wu1OS0ePJI3eyf44+r^&y@D=vDKfIwb|4
zAQ3f%uo&k=&cNRaG~9w5e{EP9mC{kds@}$<-jG86+u+emr!Y-9#qIqym^ji>9VCp&
z!>~Y+@(m*#+nFbi0K`qqFEtrf4F7t-9Ify}pmBXSeNqYYgVOQ1%90ejPfXdiqsxL)
ziK5<*a|_n<gH-J^r4I*rxoew`O_Ol%`nABBXN%)8PzLy;?k<#%WaN7<Y^}ui!`T9V
zlj;;<X|iA1tit`?o3HQ?wkk4w#Txp^&_+d5oJpO^w5}2@+yTXu!8%RBVhFSEX+W69
zAj?)y;0{sryqz(2amzsPP^gNC5H8CbSf(PTruRJ=D9gq(7y4zVy*MA@k*!}ku}G1Z
zxQdsCyXqv0qgWEp;A#|4Nv{XNAzSqGclF713NagzVchHsy$Jxr3MO52VXpo+GngW)
zjdGEo1#eSk22Ge`lyZrT{jatJQM5J4$cQe9y+Xa_91kkcJ%6)FyD^2;)a~l8Lph|q
z{ddJ;07@LW+Fi7~cbCnVc7`Qa6a5RqPdqL{UO#(68eMatp_Sz2=AgzVTd$wL+BI4V
zQ9zZJ-yJGK70MAozB0Hp9~m=r%Ou3oiya%gHrU@;saiBwz^OsC(L;lSda1sQk2MU9
zjkzjJ->$9FKM}Zm^hXa)TmR_-hH=I^D0u14AK8bm@S;NYPfevJ#PzQln^IJe9d)X;
zIe%MF<6B;CW5()wCO5}-uoNgy5&e$3{#fL&w1&6KLD2T1=inC$eyOc3eCn;}$=8xb
zs^-Wgcb;SB1q1WpBzJ3@WaZ8#-4xGJH&S-c)+xoa<94L2u|0{RXTU(-PFpeL(r#7U
z@B4ik<P87R_9z6ZlcAy#yRM$ng}W0{3|Sm4Uwtb2!+73mMr_WRXoq-m*xkoax0+w3
zE=h)=E~vx?8P@EQVM%iGQkb^u;DG;9a#qr<XwbK)%B5ZLWGt61%s4FcovmStBx5dV
z;av!7xg{Xu6jUPg)A^2EZ~^kP#eO~u7h3TowsXiXgqMgkZs>P``y?`-5=8jvldIxz
zm!t}vruI6AWbKo#ld?*nb91Ck4`1dk_-}Pq2z4C65Um~ZYYCXl-^ueVlf_mi+g6;C
zZXKQ2FrR1Ua`*t(AEmtyU*WNR-V|bk9+LHChf$ti9&{r{W$pfyj>zs&YlR$D10=8U
zn%dUywtCeu{M?2FN*^>o?{}41uw~LFi>S8MlxkD2d9-#_;qoLZafw}TQKh-cfc=(T
zrRHAM52G>d-V}EPSl0@gZWyFkH+`b8HI9+tV{>IGnE$G&9D6x|`HF$~!1?JGWmVX;
z*T2Okc-WVewDHR%a<lQyX?^w2FTR#fTiGv_->%(e0(HjBSS-C(3KmEpMj6mgAp!g5
zU5&Xe{t4lKK?8U^CIBS;f*t;Y6#hT3#6P3}_y;)tgA@QDBf$Rw7|z;Wy#S2=>i7=?
z`QLcte*nfmw83%O*jA1t_kx*Np(q$Hz)AM(1wH{{=V^RSf;Bi$|Mf7+as_oa-v2+0
zy>(nv(eppNih_cGG)Rf;(%p?pw{({*UDDkmNV7{wOE*Y22ne{ObobIF-SAxed_PZo
zU(X-Ef6l({-FweHcg~!dIWzB>Ysv6@_0#Y)?=-YO&k#qYG~~@6i>r4Sx!}sz^mK+Y
z4i)dd>sg5NR!RmMy)7c`Z^WST|NKPLmGwMKj^#XK*3C>Y31ZD_XEA~Ar!<nz&v`tU
zS{%ZAz%Q)EFr@|5h^PUKB@pO4GWikk7QmbTPy1m1fB?(tU)!(_0=-4Jm=vp&MUB5h
zWRQYDaY8iu-QSTz7=Tq}U`pgAOu?Gs@%PuyaQXFEfpo7W*Uv5Fd9jVLNt7ex{U~$|
zvJcN-pGL+PQMD-e4Z%A{VV2vcpUd^!nqZafWTX(z$z>VouHBb$dYB;42gkHH0}*Ik
zM2pId=aC7&=8GY&1$rHby%2qonB0wPe!jJyYbDHU$YT<!DjcWx6u9N+8zLgNnl{<!
zMlpoYDM<b3B$RRI`JG~yl+f2%+3s_s3*F_(!zfOQPI@b04GlUJ#CFZ)(L_-gL|bL<
z(d@_MX-px45ipO(v)5{X{Rr5Wc|E*2&BjCc&-smC)h49I@jLmBa{tia7<I*yEqeuA
z(J;HSS8FaWKt);tv!%bxmQDWxL}3A%@C1j`lp^85;buNJ6AVdmh-9AZbqvD>S;ekQ
zq!mC;=IOcNrm=aStzUaBpDudgSMa)X6+PLBIe6~`^Y)nmJh_U-<GaqoIE0?`Ooc4z
z9r6sEGyhH@FM;aH^2B5CyKPCPh7UZy<T@79i*kO8P=A=ae8yWf0O?1U>#Yt&;hj~f
zM11e@$SG8vM^THc<38DGIk@IHmN1^4>I=J%MZ{AaZh_IMMxT}SUv?#;f-c^<H0`Oc
z3u~H>8tTewIHwgCBLK)H`Y*28C_3&?zaKoLe7PP?f{fA$?^i~@j&S?!T)4D76PSFn
z5)M#<|5m1)96e-JxaMvqb9llw`M8XL?z~*~Og}131wllwX1SDffvxw4XT7}XhTH1;
z5y+k2TywAOd0CforB8nsx}k2sm7qR^R#tqH`u&Ro+!hMi(wC*8Cm3e#NujjXFv!&(
z%^7?dbJyTBkxq8%M>tG}{W(?igeFM@VG7T>Rv+(`n|J+1m%?rsw%YR4IO=rBGHd&*
zAQ-oC<L1!T;*8IxX_BKqh2K7J`1m7xhMa&fS)$>AF{GTpg7)>G5WwW}I(~z9jJrW@
zmKy^~fk|0+YmetAWffn}yIRP|3pjts>J*g~U$lgvk<ZNLirIF^Oq7V>e=O$UkD7Mc
z)EAG(cUB>TY*W65`?2D#`3==>u3ha6EC$}}awu&q-GH`yuA4Bb3p+OHmJA}NH<B~V
z*Sr&tPn+#VsIHRY<*OCFzj9-PK=<muMkM<USeq{CUc+oeH7XAv;asOegrOs1Z3iut
z#!TP)o)q>|x6|qrDeD|v*H**snb4!Qa0+dEw_t(FM~a^%+MqjlG=aMEu&FuDW2RaA
z$3ic0S=UkQrc{0zU=G>Li=h7);SF+&|0%ZCAtAzuYZaM{2JnyW7b4fMbi7-C%6G7?
zW8>#Mlloqu#0@EKk-3d&X^qzWsW)H?UOOK%vifzSyrQO><-Ev{w0~S*k(b12`X=Es
zqHgPSHdKH+yERGI@omUq&T29HrPtY7$jEq36M_9poZg|l?|M7HI)wIl+~pXk&}nZ{
zl9Ac?6~(183^Ucu?$pt_9i17#EXq?v@{nV-+mR!A>Kxo!kR7I^MAg#bne6tbAyW;W
z{`pP`^KCi|A>@XUMz~z(-khHGKT*nHw`X!=d=G2)V;sLk=90dmjE|3f9Ij6yJ>#!%
zx!3}jt*$5$i~J+4f+&qubA4lrc?QNL6B_qW$9Eh0Z<&(OKWC8Y{4|R)u<ONVQSp($
zVd~mG{V7o+Y9C9-czIzZKb=J96-%d4p16$p=0Oh}k+ih9{b`kt!#mhADiPPL!R4j9
zKS9s`0e|Y*B3}W@|8YIwoA%@A_@!Nf(AG;;4UV2aaNM3J8KdnSmUSa&c3g3zJCkB&
z{JmCE$AlQcoo}@frL!kU!uWW-)>phzynT(+yme<ZfrHx09Dro0eUTV?vTBz4cROT?
zFdml@?xDlH^^*K#o7#NTY-BJ&xzgfmd2~qyHT<OC=TBrS%Qj^OvZ;Ylw%mP>BJ(hk
zk)O7Kdcs;D&*SRd#1p5}_qMT=PU(kt{Kn;y?2XcL+h@ypY*oDI_~;^{f`Isci%9r1
z|CGAc`GQxun@G``H0*~|>XOhoDJ&@My*izZyue=f_G#AcM791fQ;+H{A;q|fjBeXZ
zF+YiK_k-RT$DIcc-+`1h)ZU63Dg(;KA6ESPZ~cu!8Q_iTG>HeqC0#>rghs=+hra-w
z`hT~~|J6nyi00!5mU&QBcOw?DFHo8zoS*&&)bbO<2*`q-k?sIRu<p&;SG_HTX$57y
z!+QoE)>1EsCB)IKdYcL=<$k>9ptYi%sfI=0k{u!u<rycwbk?>fKk#`>;w@LEO*-X|
zgOYx4A1$6AVPY`W!`ru4&p?kCX%R$Oew$9Qk6zbvD1f!EUVu=+2msgepFkx5UHK2D
z1;DcWC!Pt!FQqFD6&Ulku@zy72U@g_GHjza3^=iv!a!70Q$2C}CzyY9WFkqgwzLQQ
zrZSTj01s3*+J|tcFznUDC)~479$wq`k29H*p01sTr?cNRC`XII7Hgw=*N)QQJNFnn
zZ#{vqsK)k3V%NRhLhd2PqA=}=SEo7x4g5*ROjQv*sz=|n#A@^uLc-suSZw$9wSC!$
znuL}gX@@k>$HqP<_l+H#Q@kJco@{9+hfx3#YB`A-tERaEFQ-eNAvT$)$?)*1v$2iw
zJOlV=tbrGBPEWN;0U^E#L({TC(X~@!bHZxH`-z8}4IckgJ-Yb(+(DsGxxB!@i}jpx
z8XVnrFKn5>?wKf*Y?-Erh!7#OO2d*{7fnP$s+Q-2um$Lk7|2|!zH3S}^31t}{Ce!~
zC=;P_nI}`0r=s4pKQ&!6gv34?U1%efTki&Y%z!<InM`0vdkhQ=zX{G#YA;T+{NEw2
zFonFe`w&&_mdeVJ7jQd58}BBbW}rKezgKidg1D>_<zkaIEPE$VN46k0jaKxP(Dg47
z$Uy;7x_&oOzcOVQ+~&y#fpN=ViHclb?2i6OVL{k+D#@Vwzcx*_2}?z{6GWuI%gyU3
z2zb(!kj>#>#+vOe9>ji^1TEqWR#P$1jKixB6C|CZssJsOSynP0*+QmU<kNpAv1!s8
zI>VaPqm^N8%)~>pG9pfGW4CcgTc7k9ebK#sY1llK1L$w6O}O`t%-Pwlz1J#tykad}
zDD4B_5Yg5(5d(6S@acJ6Oj+flN}^?J_4Q;*tbNk)dGUB!=Ya?QyE$ww2u!P%ZP%%H
zI3qKdl(O{=%x`u6Q-g<$@Oe(S+ei}myOR&3peF$*ZxGa%K2FSyM88umEwB5V2}i+b
zPss-<cc>c@HmN}M+AvkSB$cg4cerzQcL$NI*hrnZ%vpe4hp@-YLwqd(ju!P>>){8u
z{qJ+H2b|A8=+^&Q1t?pLpl4;Wcrs_Vtvn>a(n*wSwXT-_^2k845rCdO*tAPef2j6w
zfk14}ex_eeHe+CetKWELA_YLQfYr?i_}6y+^D{I^e#_<Z#epp2)F*?K_Vd}xUb$g7
zYC$ITYrY?t6!aAwy3h3gBq*cF$Zg?vJ;r;7!z(HISWH|Jm9%MooTX(>v~EK<|AUsZ
zOgz-|PDEyLbku2cjn_Us{nG@1Jdi#L#vnr8t0-VT9B=@QKbRWvpXNWu|K}$GINS5I
z>k4Nf@|qzE&tHP|2Y%+E900&!SJmp2TDtO@fcyEx$B{l&xytEnKXVxAY;%@8@F*n)
z?i+S+Lu^)K?6Ejzege{~G~G|ek-rHF;2-o0jrsLH$R1Ly!K6w)9ISjaXr2Gun>Gv{
z&3hT3DS+6&rhx=foKO5#P;PQsA}BfL7&gFObmx{C=2qORmx)^~sb$4`di&m+`~BCD
zFVE(bMkowL<sH34EM{M7;$^?L0rN_1=w~f{T%#cY#E*<ie~u7GS+(AoRtU9E7k70Q
z`ZQ-U(n@SBR`G}+Y(aX2CZmSLQpBx{QV7z>G9sR_?OBJnmpq1CUL~RtUOsLi>N|mz
zA7Fh`^ZSM*guB|0D&4tS;qF6<u%{N`f72CV4=|AXEc9ptx^bqYzLhQ=<)lvTg(ij?
zr-U(g7p)BjA%s0DUyhvZXzEh1b`&RNLwOqw|5(4U$j-9b<m5uQ0TDSO?>I6Jr>4(7
z0@4T(psXV~_V)YEJ2XvBP%~fA2{z0mp*q{r*jwe5+-tGQj$&k4x6GRZT-Rm@9O3Fu
z2xAd(WUPC<;(<5;tw&V(XOlS#b-IgPZl26Q$M={=GBNi0%G=9fui`Ph%L1om6^}A*
z%~Zpu$KGMiEe0srA1gbv;1NwuTy{ntNEP_@j~y>lrGMg+!Q>iQxU!YiE2ox~KYc#P
zW1nauRfXh&OiX^|5a??>+7sW|k?~ZqdmsT8BR3-nFFzBub}F(XS*emgm*B2IrDV~7
zAHlC!X&aYMTq_^SJAosj;Ru_JxZPAO+OTU(q`UG?dgc6yzgE$Ja&*B74o^jbs}yMw
z0yC;^`+8051c!YxS+wsXL?K!I#;|isO~d`srhTprpCGK0%bClge;i+=B5TFsawEgn
zM{md0*M+$)?1W8JCnam{0@DjUY_0bQI2eI%Q24-i4f{1+VLPEkx2cL0itZ9kibq0`
zf2`Y#Tux@FM?60buM?OE8dK;+g#DZ_l%#g3BJ#eg9~wf5)VS{`qLAl`LnY!3es=0N
z*oiq}*cF7a@9tOItj_^JJ>f-hNO;@9KrTLpqlIl!jIc!QWVj;C>58d`J8DbC{33U3
zsib5R?1fUkn{o2$;=;(Euh>LJm@yrvq)T32n7WAQ8o$N(s0K3&O>k^``unf!J~i8%
zt?yppClMY^ULic;LlCd-(7aYi+8);-?-qx>QcAV9!2{)4=rqXmegraA>LrYIE(fL?
z<)Eq-w#HBp$(j3D!%QvSZ+PWpnIpas`x$?N@k)fqd}SRVImb2q^^N2d{S0%sor{+L
zQ(~y2@7-&e>f0Kh09TVNr|^rpAC#Wi-xo<-t36NLh7Bk)T)=xI(tShXU(KSu3QGXy
zb43`FuMFu8Rv}^$CPP0@w@wK47>l%f7rL5-+haV18|2o_HY%NDO;_ftv~Sy!E-8uh
zDGrtPS=hnV$BDjfBK0RShf^*q$7OO9${gT}S}Ns^4GLu%KuTz95d@ne-V>lD8xFv%
zb(eTO6HCz9&6y$7z9u_gkK^(0CAw%DjsRKITok5P`D-QfDTa=U;%s}oV`?Xv(?o*`
zEJ&z4RIPLi=U7kORP>4FB>=)5EY4~c>V|QP7*2TTuEJ=wZyM>yGvnJSS_%iJv~OZw
z|C5y0ak4T=D!sIeA>5fZloTd_E{K69Q6|_-(Jm?#2;vqd3q`*9ccpGZOYi*y-b>ms
z7(jM`WF&zm1`6D;WFJY0U>llcA0c?aCZkIRkfZpg3EEihgst*LA^irkRdZ;lVkg#U
z(mdI}K@~zV>u2RZDr5z4g;!b-YO&UkD_a(Fmn<;QF@ASdCA0b5f<cLOHghIQ#cam&
zM;34P==$Zp@J4zHPz^2w0085`Y#Iv6K_ETC8Y+Zl3;Yp??N7*q;Qv3C`G#9W<nv?m
zm8<yxKp0FSL-8uMgik_WVvP+zs=Y=?A5Cx%yVGZU;BEDVJP-tYiAvd1M|&$Cf3S8K
zjei{!vOq*~go?~i-2-dxBj$yM+dF4kRytq$Wj3nmVI0~bh|DRj+<{q;gz3)vutXn_
zny0g`hR!k`%q=k4JwYma6*jce9mLSD>1Zp~ht#fZbBcIjPR}*O09G@jB9omy4MMtd
zlK9N7m1abELF756tx|mk(XBY6IYkCCmzj5d;bz9R_XPnKl!k`#rG#m>waqZ#Jo)HJ
zqlll8M3^Yg0kh#E-_Z34Qr)5Cq==y>@A2T@nUq<lA2y_=a{41y-ORNMZ;Cn&Hz3Xf
zd_U;C4G2ACO0XP24Us<{^9o4EuUw*7l;rZBzf<Rzx4!h8=QT5mHVkxrU|bYwNd67M
zy>z1`0sZV!umiH$VG&@_<<+V6?>*L=eEGg>XFN)Eq4I+qw>GMbi1M%9QZ#dB!%E&%
zos@S)Yy0U?&`+mImLoJ85}EXGiXw2>XyY5H^2Adb2l?$47FO<a>+ldNMGn^B^80SN
zJRv#Fh<8I52USX>`6G+MfP&wEvK*PhA~YqUj)llrk2lLGB2wKi@HumAuK52X)yb{5
z30?FkA%)`|ITRMUSOCO29ex3kj2#%RWP9jaHtx7JbS}!G=WyPj9kAl(#<H~s)l4Ni
z(Mi3+0{v}53g@=q9^_}`wJx=h>+ruA9)AP^UsmYM6V*ubM1t`KM6-%f0OP|u2YO7O
z*AduRvQ0MEl6Gq3+PVKNM8ZVzu#1%kp@|JJj<txpX0?R6FpjclXi@J%hHCc4Is-2^
z<rq<?wBry6NOotK(^HnCfk%rsK*QCH-l<ht`qT~%NiZZ4U15P6%mEgP+6HUJt1PR%
zPU%|<gf!_?y7-_8tY=lEI|WKRvOWTx!Gf~At5t9m9fdO&*$4&Ny@@x!NyR(j;(!}M
zKp-zf;m=Z`3`Q$10=mQR756*{^5Y)uR%U<jITpa{0^M~610}_t2KQukW=g?};OYHu
znq%E3sXA|AUeAD6P{v@$)i~Zul$@|RRA59bPLn$om#F#JwXe5qD2XBx!mrRlKTU`4
zZ)hEd>R;mHe`eeLwrlk9o3~&$l~ecAAaZK`{|PBiv4f@>#3%wg=%PBS(&*YHtKS99
z(pi{|+Q<`f&#$Lsr_UeJG|e9WQdPX}@&lWN++hJwPLNCj6p&`1fB6yoC^1kO)EMN8
z|Kv$jx$G2^o)-17hp7))$7!{CDnkVp^ZIsgHYHbqN&(Ibs~P%Z+xB0SZ3L3VTe@0k
zQuD`+UqTe?Tzx+boMXy!yhb2GS~$HGkS{v;1{B%`9yw@csm09uWc&Bf$R-oZuoXU1
zP>%{Vdchv>y*n#8+)?@alNIHF?8}Vn{xX(7a+y!*+?%ntoBR7YueN&rRvI1U{=K`c
z&g{QOL2U81C%L{k$xzEZ(9+R)g=o;TTWwNfI%BOxDqW-&(W&S2k6YrHn(@bT1gw7X
z3}cQJQY04^O7owiPbrA#K#Qq6oT4MHcK!;(D?YJ#j0k!zi1yZe`gFyPXf+vSHCe6)
z?MZO>wZo@+ONVn!N(6#GQIhAfOKM8#nMmSwXv;=s4RgZCl2kd2-i)5B$L-M?Z;!!{
zi$Mg3*p0-#`PW_vS3=a%$m(h?7&i<q2R64XNe7v5Iv3AWg#_Y=NT^wTh31N+GsGts
zDyelhWFGx380?7;|NbFON=$?sm++ibuQf;Cm1QM0pS&SSdU7{!M=$jyn4G$*XFjvb
zJP@jtL955E(UsY!JjIU6KH%-^&m<62LB?q;QP=}=8CY1^Z|$4@;GNRJ5)DNaV6U_P
zGJoeAdtecnlbah`Qipuc<Qk{yx_+Y0!f^MZ>qq@U!EfTYJO_W|GYG}e$nCzyw0K=_
zD#Mc9+M5DTl#NLhu(7(0Y&WB1iy7`Xxl^CmQQ>ln&vxFDqadp3T-YP<!Q-WB6d|#X
zi8oE21C($U)5HYN#T@1+bl4~z4TWu{&rtzHdY^r!^(bkwff|SN5I!OOFms-A8d=Zk
zi(W;3x%vuQb<NJ|uZXE@e(%`+R!j}6tp&fiMj(*rDNEqeoS>-dn>&5SMze0!Q2%vO
z>25mgBxn7q04P(_#)d@HRabL{;ayJ&=G7J9VPE?qOm660ys3XEn&&yJrIu0hbR?W4
zu_>IeH2z^$P7~ypRio?ET$_ZiV?318Tv4PYu~I6e5ZmYo^>;^%xT>Zr5&_|_+5Vol
zeDp`QK3BZsgxy9ns8GO$&cBx!Hd9;r5go|c8Gm2X1&=BWe|%dnR8b#?855zxCd4UZ
z)|zt)OGuEcY?W(OcJpV%a=r+uBaRM$Y6s@q+ah}3p2U*XKbtY-@+JhkAwQDH6G%U<
z7mQGz3`FYqL$!kE5cSc}iZ8xwfx3|&$Xxk0|C)Q^A%3gEt3sHkLysw7Pj3XtUh`MI
zi*pdH))*NXk)BY}^Y80LHLc?{-)2emy5i6%ig*8T9=d3Q=vEW<Nh;JliqX?=Oi27$
z!H)s+_`$y{biw!b%~K7z%#R<UiAq5T=YedkG}fmx2=}eSM84mcU&$|<e%=wn#12Og
zX7gWjJSx~X3SM9KZZGndCbzslBE;rNZdS0SWoC|q-u{wEhjHe<w1{9svCHSrC2Xi_
zvqyZHjHxV)pg`BlqNu9c5bv1yZK_CO5QxSzOcqS_$#d;0^o5tSqT&aUw}~bykFhpB
zi$5P)K;2I~8~PLmd0UxU?k$!Vl^#qbou?n(Fnc5zJmXZ6;#XlWTB`8G7}UM${JS(j
z0i)NtMH{C$^od@~R1UwDBew*UC`aP+($r&xw;$fW_NRPJD_U|qn9OqNMk>oTgx#^f
z+nTc4`LfdW8i45+dm1uojFWa%8dS8zC$W9Fth$QZ-h#KME5^Zn^E5>$@e{G_%DGRb
zF9{n}L|T=_+Nv(18e}^Y!g}gR0Hg6Vee<AK@WoQF6|7nK#J<~=7i5%pV+dHD2QC6q
zl3Na?;PPDX<%2dr$mi@uCxy<ku_qA9v|<2CP766j>4ZZxf!Is?fsR+mLb#vM_YKGk
zgYD9oX<^6=o_xwBLc1&3I!N1GnUz<PhlT(Csq}THFIPh^g!;{c6D?<5hYOMP#I}Vm
zagc}^9^Odb&2mdUpUej%!vQkN))@s8GFIeS6j}AQrBLQ526NVk>{gWY@@Wd!>-R*7
zWMDgM!*O6KApJqf{76SnHC0qI85(K7=_Gyhby&wd>pg7#7e47u`{#ex<Tr$pnM=T~
z=Y9Q(AO;GKsyW4Vw4OcI>0i&Iz&(%r>(03vGdP)xU3n5o4QGbORbYLTEQ1OhuY$ol
zb58U0bux}ZpeaaQzn0zm08Sh?nh_nvN_3NzgWfjq#vA>%)EJ~Yu+<)OmNa}HFyNvf
z&eGB40aLvv!S@UFDtGW5Wsw~Cpvl6m3|Mktk8$P7);Spmt@_ep_XnbpQ9fkP={^1*
zZzC&^U-2)M&R!VQ+#&_Qob>;t+36K!q*F{u8>kQMy<!y=swN#5y%nfNe{fc|70(RQ
zZHpEy?qx;Wt6FDhWZ0JZ-VTSOVXQU*X%_|q7N-@FQ2Rxe2E%d8qgFx>Cm1$Sx7!Qg
zsaJhvB&}Qo!Nz2pdjZcvT@Or23CO=}vwcYnAIFSAd{bv!?l@6Nc}^_zGB}g5Bq8>7
z{})BlezLo#z9*Es{AgqPk2jqJu|F;DrEWBA%tj}krzdZ#W8wvQd>4h6ND;&yb`iJO
zO5LCsaZ*dd6_ylPYIK>y-2Mz*Y!3=$DNDWTF}A7`%%w?P;`!6WYX8kPxRoJ{iT$`g
zx2+1bdGPB5pUFXrkce?&zEII>?}y&r-i7*l&(kBn!kx+cM+i*(9W5Gidt+CWXJ}S_
zD9V!Cn<6T|qY5odQLg#Lpi31UQZm^~6AnQH$`}@M6w_nOAnHW<SH?ktJ;uotW{qJU
zN{_mWU7o46C+6Uuu?O#q-Sh*cjC*_EOutD2rw?2ZJAfm7G+$X{XtGq6IsQ1*YxW|b
z#N*e#T4L+Wt$eccRCD`++|VgW81WlJ&j}O8E*tK8L|LaXzz4*ao_NuDVN_-A#tg^R
zy$oI{4os=uI9-h~f00;H!USW6Ssx-MV95h9Fy#0CwDAU+@8e;I%13VxbR~qI+SqNJ
zP>^mK>`;Y{et#Z^>Bwz}K@tQ#u3@=gzikOCnI4Hg6mCiFsjOprcLzVX`qb6opHe-E
zQ={{<^1uBbvssbit8UZ;+`(y8RcE7^Y~LOa>#BluKMub(81^EeO3nVu3Laf8%|2Jh
zbVjtN8w_Uqe1S@d-+YrmgPn;vpYE7L3!tW^u{N<ntwgqovf(y53abKzVMH$CV7eBV
zl5P~&@39fN!{o+sh&WD|cVp73r+ReasCbP>Dm8zkkJL7bJ_qLzcY9xu^qI4lf$CFU
z%b{$#qwmg|Ut~2j2oZ#cR+^%uEz}*p<fvHkf;2aD+sbOE1JE8<*17fJSH>|czeSn=
z>%+q0@;CVb9bD3*PT-yBfQ*2Wi=Sq}-%U~NQ~KSvKYnU|<n*fw-EPDHMPtJM!+-ns
zsCFr=inx88l?C1@$hOZ(BDD`^|AVbywU6m<7c8!y@JbM<Ysb|#q3^_hx~6855_KmC
zg>Yj-eM%gIFBx~MCoy4CWSNi2Q&{U|nl8{c2X2fPqdakYuK1$*I5&he?>FB6@&B5X
z$FmtM^T_rWjS5NCb6a{MVwRsj^n}u!r~Sb!9xIW{fe1%-#4*-c*Zw_zcTvh$vAp8_
z{R4Px?MABEek(tJ)&*dcgZYQU{Nm0JoTAG~`*seG_^*9UYE<SaY3+MxfA+L}m8$H?
zI(0^B3DtP-Z5<KbPu?8Xp#eMZE1gTfd&3eSvM8gNaWzw^MFi|2QW^ejVo?Eka}3wh
z94e(oY@vX_(>&Oe)viaoj?vaaIV`YL5kTOR@4bUvCk~a`ZTsm&#sb?gmL#}dt6*V6
zENeb;f^cNLk11~3iYX6+KSO^f#L?&oPPPdZzgrsI(4J4b<Vbg+rCQvyLsBCapM!qL
z?c)sO;s0*1)KZ_$Op<tKVQm$IWt#E3IKg6!r_gKmy9Mr<o?n9%^0;Ky?t`*M=&TTW
zEb;&a5U=M245o{JSA)WF)8r_&5-i%W84z~*y|XE7BCb)`EPMzEL(%j{A#3YLZLfM~
z;k+;;Chc(+2$UK*=89lw6q}50n#mR%Dps!P87k^H{2qtW*EFgQD|Ud5Ga_s@I8xz)
zO&*Nqh(W<a;I0M!!abO}kJq`(8PibZb~IcF+*w5d(H^iW);?vo*!-2q8;gu^HwJ-{
z;#?6*@VT|+c{Y*yP321Lgn<wlnpU1uFrq0#t!@X9;ja<&d$0|zOK8geN`Fpc>2Uv>
zE8Kba7`TljFBPkPnd6QjY}aCcAlU3e`sn--Xcs2u0BguMRiD>||1NMW$#1M!nhp!I
zgQHO&$Lz?J4ecCgc2(VCFB@In5d7=k+9?Ny_!}}`#u`nd!4c)nbj*7B({Iel6HqB{
zVR%uc%Fr!4{Z^KLz8W(n>zX81L-Gg5OeNgA_07Xs<gZ1R|Cc+&#yrlj3lA;LLGk9@
z0v~~4%^n2418@k5%%D{ceixpU*<Uc?xa?(yrIh!0Yr1@b$oj9wf6j}Z5eN6go755w
zZ?mqmAh4!LN#es8Vv#x3YdV^t#?|UkEU)kh#I1c<%JvoeUr*Y^G))Pv49!?x+R23)
zM83%&ir#2!(u#M>Fceq?Q!2Q))yD4~uN3ipg9}dM?Eo8VU=Xem9Rvgt>2!@W**{kg
zZ&##wX;c{~^mde+K5(Fa{Egv!^-k^gH?B=Ry4k$G^J@6sA7pZ%-VoP}i|;pu%XcLx
zz&14%auDhxJi>A=ZXi)BztIQ2*Q~}Gto^*{J%v{^?~(n(Hp=Nx#;Hqqt!{Ot_KP#a
zuNb({-{1=y{FR_^4wqm$hvqh%2j7pQv#X=yQFd7Vwv~YonMD^LVormqwwzfB+i_YQ
zc7Do&eI~lA&bPG9pyh42{)6)7qeqQ8>=@s}AP8;p5#WNtV$n*{WBIfotR5r->l05m
z6_MxQ)qo`4cWJgW6!mLXJ3&X%#_N?T&9ybI)k@I*`Iml^ZM|a=DS3JA2}2HTXT!lB
zx*IzIghGmyI%-+uHOhqdO-dZ1P)`2CQea}b+q<40OLQ?8I3b0GS2}V=ufd5Hm4dlO
zth4NPzUtII6q_G3h2)P2B7L`U_I7vL_fy@6V+chlEV>7RC7)Ih0&{qn|HgE%Vv{(y
zd6<TyaYY0%EuuX3%yG_aMwuE-^-a-{8J{AD5*;LMuJ#Tk|J#djBK;&a{Oebu<6U+C
zrcJT>GmN*kl9d1O&rr`wMTSSaYU#Mv&hUzfuMWmPN@gJme*u^(AP6%jATWz({}?z6
zm{z~~9zRUGA|4>SA^_LwzXqWE!`ez|Vu~B8tYL@U<O3H?^L%Ykzf8^ZAnEluWsQYy
zq`51DKnJO6u#%@KDJY|V*LXiwceaVccvJhsAA>&es7N0bRSFl$@=wyQa3~Qu&FlX)
zs(QB%jytM-hbpQh%A??DeLBu(IFsjKd=&1wvC2q$33zvMD&-6y4U8N3+KtPzuNrLO
zSP(S#k?;QH*{(r@9+|@9QVD*dWuq3gg-=xyw#Wb*PTC}qEHzDkhni(i%h4>nmggvU
zH{u3;JeN$Ru23`gW-Y&dew&trQm)m(N1NRn%#R5IY`Y5OG;5)wW>oSSou8e;lLv-h
ztWfl9lev;F4qXKXk8bN_YevV0Mz2{=f#u9sU(X#B11Hl?H&<6Tf`g0qXC}F`tYFCT
z`s9yk{>Klb%Q@X?p-OXtUP|tNsm+7U^4_%W^n~=Eu@FtYfPu@q6J=aI?M(3BAS@q&
zZajy0q*{0XAV11()JhId$8}ehMBA-jnNDRN?x$j{29ulM_>x4!ORN-xfKmpaoO4Kh
zR&~DkNh~QjcWBm!-T=iu`!40162i04BExQVSUlFapZP|VPRbYH!!4tS<c>~HCSDY<
z5%2wZ^u9<!uoE1`{$T>^(=#p(3}WRFMPihjM=0fIq_3oB_w19ww>-_&Ji6!yC?_Xx
z%MCjw;bO2yM(u8TPio?)O`J;292x71M|_Obcs8}b51~rN#p`_jUq7@bGJ%Q|{@|45
zNx!SpV@_4vha<H0Hb9##wL+i%Pxu}Hb-hMxvn?d4GGPGRs@*j?m|8|O`cSFDswZhS
zs{c8_mNKaSDO&Nb!~Ycub-V=D<-ZUq66)5-tC-mR*BAZ}F-0oDo~OlLFB|;l2x_}C
z)?i~Bc_0YvbvR^LWWD**BIXpu6gzAJmu1aYA|~>zPrn|s&CV&n9>qY@VLPMs7FEu9
zW%95u7qQOWTX#@_=|n~31g#rT)&QKOUCHRkN1iX^>%A6{llDT9e8bpBWmh-)^xYNK
z!*HBdKE7-ip*KTN^E$)kH-l3k4QYEy6hiJ)@ed$|o1JQ}gu4BX{t~IK?KaQJmfsVn
zV_ioOZ3wGrmW-l~BW|gw4AwDNs?b>Cp}UOPvGuaU7TUbOV^~KnQ`Lo(vCnPS``U47
zE>${KRN+Ff+ST0+nTaF`GEKn4E`7u~+xDzuT^VU_0c-OaTAe*!uuCyK*sFcMceZ`i
zFfXLljYo89>9#ok3UDRvH4DUO!_pE*uIFQ1ArH?xZ_cJG{y{!RbLrDY=k&_N#Jk+S
zqfR?Q>>BzUjVO^hcK7dW0e1@IAbd>J3I_iYdQw*Ou#@87<Tgx^AD9DApHr;uI8a#Q
zjhV@u@kV8trb2qE+CR&#6t}sqS~W8~23X?{mi#^sLTRt;viPSqtY$cOd4>w8M&ScT
z8YMu<A*3+x9uS+Hoe0BwqD|GxDA<5QteKw#8WDvI3$P<i{lbTRz<KMXB!wva<2#tV
zcdGC$qlT}xT!H>!3s<r{FElGy=lM)g3PJDJc{jD=c}Z2DF|RswMh(-W0fg4)ffeqT
z3P8UKOKlYsc6Wo7`rh=|56s5x7)!rNr(If7maO|ohJ_T^5EAERBV~c|DfQ3o#&1}G
zWv@3_xMFRtI9b8;7~nt`;)8zr1Tk&!17G*~05Kpven5B={9{hwog6{H$^e)e(E8Gj
zYk+Fd0R9CSAqE)+Tw4PC`~T(Zdy4`B#6P^v@Eeb*$C44a#IL*GJ$t~ZKFtRGOuv1I
z*FPd#T!GWFJ4}y^a?Y@=BX9!7oSoy0Ti9NyzAgYm-gbUy{%KKL@PyhZMx8M6+xHhB
znGaKUk6BwzGG>p@s`VX+;RfGQ4{zsAkhcyCP4<cl6p7#-RA9{iGt&Q-mEq?B2Kc{=
z1ynp}mw&7C|EVqzg$dmGKX3NmP8@B3*ZprTn*VlU0yyUX+xull;-HesdA8zLCyVdg
zKKTb;BZ0pL#&gI-0a|@jO-sxa$7K{?b!jn2AAW0n^BS)<4jE-58}+~|*(c66CHFUN
zD26g((S+Fn6Blrj@-8s#8XthOS%h?52->5M@U#-J-08o(uioBY`}KJ{#U9QRGd1P&
zauY!kt0!?@t~Sx7Jx5x+IkAVytdF}@)pf1er4jYib6-cI>S-d<Jircs^<M`?B+e@9
zD~#{cJ!VcjhO!Hq>#~G9D_H==9U&gozB(-R*W%%h#aW)h^uB9R=3+awmP=pF@@+;3
zD))uY!TZ2m+c0Ddd5vTz8S=XH`i{<%H+t%zsgf4up39I*I~SD2*Nmpro;)quTRAD%
zkGDm{B&gJ`8BO~ZGmg`ApPFte>5Qs#8XuRqx<1Wq>T4vIJRok?nsB*x(OsZftJ$u%
zibHl=+FFIR6g36xIh|ASjP3JaVoiUZ`!m1%b`;kQusj9)!c3hM5`RIa4S(k$4?CgG
z4mc1Gjl7_}A5w|Uza*&<doac}1&9XMyje?vL|R?E>e(zwqnj2iKgarAxI&e=gd?G4
z!|5NqSY^RnjY+|gI(`dX*{6u7$}rOWnyqV+3KN#;SImvqF*A9ke;k{koT@9>dht^z
zfEOz&;)Nk0MrNzR1V%}d6X*EGj6e5GMt`0`Q$VdGEPUl?Q{$wltTf&Qq0!hq81D6#
zb{@l!GFjp4MZos<F`K~M#NWb9EB(=0iP6z_G&XaPNu_Yb-38|qFXvi%M3tQgUZeeP
z{vqpw17~f>`RSEQ9CXW<C#NVluN<lil~MGKK{`_-SWk?gIc@isU+EBgHQ*+qg$pB%
zUw-%&r%dN-f)~2E^oRz>?rUk-HP5_7bQv#XdO)+SAyK__=pGNC;J8DxtHbc^JTGkO
zPqpw6g`#6LOYl6Y6u3b_kU3e?juwlyK`pK|j4;J~zBA&2;2dE+i>5j<8wVBr5wO+W
zCE=_S2Te(LoMe;`ol@-m=rRg3$4*;V6>Z*rI|q0Xugq+1E&9AN(|j;kI?KX6@85lY
z+NZbWSs9Cbosx_-1_Z`KVK%yTHhovi;Mr}?fYuk-12fK+`^wYvmeS{W3#1cyU|Nl8
z=ZX?#SoY|)Oaf8SIm4OD9_wbiW3|lr9+fR=9jdFd{zq((jH|$Huu6MY9XX4YvM-hz
z+EDmKIaf+$z^`6GxuZb!>Yb39ogph31Ax}EVv~&HBich669=%xY0aZM>hW`WelEtZ
zDW>B=fqV^b<xJYWPxTX4vreXa1@Ru(VQn{fooLq0Q8K5_X1+F)!beBB1?*@mr9Kpl
zD+cJOe4qPZG6=8ZLT>%-CUg2t&*s+~oT}$uw*}%yl>5E+r^BPTm)^E*n%906tpfJc
z4uEg5&Q8b0Ub^OWMti<eQ>NutK|lz&5YZ^!`ua(V1Sw_kc-p>B4i|nnn|;I|+3Ntn
zs{a3k&VMBr87t^-^g~9aQ4inmpa03JoMMmo^JW_Bry_YA2-NxZB^arX5s!OciLUMt
zLxOfa9fiUsm#9aM_MM3z<PR|i{Xi0f639?~!c0I~jxRuRQICueDL>P6Ecb^*<F`um
zDj}UGCL6n+GqNzY-A|s|+uxsEr`9n4{$vyQ&X~P>oe@SJ8jSL?g!`+>p`~RNDaiOG
zPRulj3Wu8Wjp1h~n1jmCD6X%e@2;VAd)=MQos6+_@O!4g^Yg9ky5a$e^tj&0uHZOV
zG28|L`oV12_&5;`A_7Xd1FQeu2==?q;meRUX#50}ORv(3fI1kQ_E06o_J3rDkpNdo
za)fvNtGBMrB*{SyoR^O3aSf;@4Yy_@1P*V^!(z#T3<*ZH9{#=@!lTv>Sskfq^9Oo*
zIC0e$)m_xA@t$&4@<r);(~!nK=DPNpo9T()ex(9Q|LJ+-TqV6jOBVh$%Uv6p=h;`P
z^nPbc4X<@>@{<6T>~&|I=DY2zGq`pHv^0-JM>E^!5n@tsYg~H`*Sz#ksBzg@Iu0;Y
zO(X5Y>QmmBh{IkkkITBHR}SKv1s7ZjWKr30(?9xp0#adwxoKuncrOTv5X>F}dZi`u
zX6&$X!#8Uv?RXb#A)eyTYZlpi`x!OeO-mkkP8JJLK)Q<i-b^<n{(Tnf9Hg0AGe<up
zo_7`jl!agL??a6`Smw-fyJ2ZgnphuYwsaQ|c02#h9xc7^nevML4}ZMOngF*`i}h_4
zZR#NS(;L$Xb1a>sV@qkFo%rMNP6-SwufNMiubr6fTT!KrY24No3^0Tr@sUk%0l_V{
zb&i-B=CO&)I?&hsj;skRPJ60h-lu<2hhEkBFQkpJNS}W8v;`knnRa~y3+}kU+}_*c
zOQ2uKezYoTHxX5|A+fq6=s1ZaAa2#s5z^U^7TC^mC}o0`|Kv`5c~1nUjo`G=`xNgD
zGMN(nk#5Z0jA}1XGDK05Dq5lyqveTaP)cHC20A<bZAVtVhC=8)mAoL$T>6t*0f#tY
z<P*2(d2LO0^yAI9R4Z$pcXeJMQP5a#p!;K-)JMC)&1m%)e=Tsyi{v#)vDv2VSx2V9
zYaUoJ9nM90sJZ4pY^X`9Swp*|2YsAYyK|fQ=&QJ3@Sg8MTzQus;*JW{icv1Z$*iwQ
z3>d(IJ@)OR#>Qo$dP<Sbil)BXoi5r@1aq}ga|R(9jrx2d-4#YoihD~usk9Xlo^0uC
z9XrAw?Vz&)7UK3s<h~JTUah!5wf-4Q8*(ngC>o*lZR(YkqZ@)Ji?6bVo9jxr@hUQc
zc%PgXwhUALpcrQHzO+lgjZtoqr&#9rgspRAOHv<=jV(ZKCw*$YCvEZGk+U+z6C%B6
z(C<2J0gq`h2p)N?k8L@ut7Y@Wr!y^J{}QtxS3hp1IL4;9;v=|<7!l^Z{OFgI-7Igt
z*ah()^DG`%kIz+v)aQ>T@B0UcSNRj`g}<{pH?dLlHGHze5)${rK7DoaC4})8UA3L<
z4u((WlF?waJLMlz*U#UGx6!foKR9CJ^40~SI)4e|8~Gyf`4dmx(1#EBF9uKA=*e?&
z2II+vvQnl(TaEd9psU;Zvnq71bWsvJz0?h7K1EV*8b}tHL@c@GF(gMoA=yg4>`xL*
zvI(PVZHBguC#~yQ-~a8~6eNqb`F-A5M*D|)RmtB`dFI!Mz{kbrL>*7euJMb=XDyO;
zYW`5kBS+Gc&zjcr&r7VZd3jC5+ccBcyNgID)mZtBTAVva2L^iB2!C`#n^r$rYMFlX
z4v<g#?H*0V|4uhkL*(@+&Sj=NBh_@pqrYP4-zPBRcyN_lke9+BX^-jy)b#nse+daw
zVmsDbhA6xXASY(N{%~nuZGM<`1oC}GmcG5#t3O`BBxJvo&lzgBIkQ_)qdDi7GS?-q
z71~JjHedZYFh@fbyj$+@0423->azVntE?%=Mw4ie3~Fqx2|Q+7>l`lK;mgvdbXd-N
z$`$c7hV0rQNMwv?#Jn-EkqLtF<qQ>t6B*UWgb@xk=mfv>Ry}p*NLP!lcq5T5!%vev
z%=&s-Z~hz))|Nu>@o{tBsch(Z#*1IhZ4F^V7emcPZMI(BpMPTs^0JV2G#vh}<uBj8
zUMpCUl2-Ki8&_P$EncI=`2L7@n2&=WH`-VA5v)NLs~k5T0?TlHf$8FGB0u^`F?_o_
zSVlUXq@!!ue=XN`x(9?!7x0E%QjV(O6b!88<v;6xKGdb?OoD@vlZ6@kcS3upe4(a4
ztyyuuawp{^!P=w6Qpm+RU0JmYD^?6R!efQ%8yfgcq`}x{OWwb@r9PypO7jFUf9^53
zNh)kxl>$>MKw>|WY8S3sSdL!LOFQ9I#zyEzK7aAsJBR|E*zSo9AKyw=m%sfl*5ps@
zK2nj+^%i30s%o|9=wDv8;@l|P6AoOM;fuPIr;19ErL;;O^A;g5h+>##jQGV1`dxof
z;MpBkTxPHYVCS8_OE9UOJ^QS=yroEM=L-(19q@QMJXft*ykadS?Yk`X>)@K!GL`PV
zV<lEngm{^p2EcQb6RGts+|kc?N_8Ui4gj5VVxbetw<Y1G4mLvIY+c_~D%V3MQF~%v
zMC$wwGzf-H*K47CMc#lv^kiFWoYA~b>ia?}qHymiXD3SO`*@*a#Q{vcYG|cXE7xH1
z6s+mJ8rUUm_p|7u92LnU+B~}}%W8V!zsySl4z&uCUf{sacRuT)qeY1})XAVNnxij4
zpP^ybh2+ebdjfesvl4hds4EJZ785IRAumOQPV$7*7Cl3$i;OIa{N4t6Rz16?>5bVV
z4%;$_mp8@q)@LR05KMaYR;@JzTbEB3tTZE?u%=}gkSRrhv*3&IDdVL)078x6D00^g
zjFB${ugJaDw)hQ|LCOLeDE)_#{2O;%9jlQ~_rx$mDoow`^coR`p#um-_hNw5o9XJa
zwjq(&$;nUWLshF2;WrLoxQ;M7!Wg>F%ux6oLFFIR<1b|c+I_6o_4@VC_;eE{lqF^+
zS+FiTLfYlxkg$eV`cM_9LLVR26^W6R|DJBxp+oXWUP`LRf^r!aBbWa7qx@t~6xFm`
zD_q)DS$@s>JHDLcb1*CMDMoeuDl8;?mT@ZNLnOxR>vY~5IY{onHl%d5%u$+Uu0B+t
zH5B=m;=@`v8D^R|M_Jg8$E>Z_I_q$rRHZUix0_8$B$Ob-rY2VYQkIKFElpm$><MB{
zuG^Eyc>7MiZV~*N02ceXdaAkY@!tkCnQJWe*^n0f@;sItpAW*Hr8g-=l&m+IxL5=@
zEV|IF-ir6T9idiiD?^!GhL~?&y)~#$skGNCm{P@PK3l0U;P9AXcb{@g@N4P$2*$IX
z#fK@#bjx`__X6#IN%So<P^C24(#Dp&BFc@CFKML;i%sq99Ho9$OA}+Bwwdjae8*bP
z`k^*p#CcO#LONj%n}B+n$$>Qqf3o*Y68g+b|GKSSKl3ULc32mfONF22{kHe)>K8Qi
zRT3+Y=0eL5&00*$5)P4`3w$!Eqt@cF9xpZ8Nr+r*Xsn(Aj?|s=r-jUJd&}yzPjS99
z;JQ~j%E;O6XFTEtK~Pth8uDEsAE7H*R@gebd%~ha`$w?SCPvljS&x_MmEr)pPcP5r
zyY-Pu-68czY7a3_JK)=+TdOSuxA-vn#k9tfgQzxQgeTVV*_$h;Mf)A*?Z3bV+e(*Q
zkL_9Pgw&0Mv|W+mw}Gp$SiNna_$PN1A4dZjEYVUc$QP#)R9oVEOmPY;$AMi-;KiG?
z@F}_fHuFl|QzIvN-){<{xUeOq(l-5ds>Ikv92Y(_!eDqi-_{j7+$BrX7ZV!mT^ok4
z@K~cmH839z>N9soYWm`lg~!VKEOLK^mdMR|Uo91s8^$EZR9;0r!y!AIc<PxtON=0S
zlR9C4<zOcZ&Yo}B({*=`vsa+fUc<O_ZoF_ML*&`h7wj;*FOiuZ_hEj+rQLo%TaJ22
zHpKG2QhsWAhcyVQOIZ=5yzHhYu9t7}>gm>M!^ddOqY4YK?jeuE`v7IJKg?0bj;u*-
z&-Znk4fNim>L&}kEhhG_9Mnq-L{XU;D8PCWMZ-qXS+NptFtBHI9D~jd)p!JU<BYK~
zy;LlU<#qH)z?yk^Et)Im3`V)Ns7t~3&99SUcbV|+8AH1a1;;)|hAS_Amr5<|_iR}k
zx}~Xyy6W86=_?)Vv#fPd2K~qACS2arvgxB9)LP$+%4kc4|1-&l3W2W=K?%bFJN)4z
zNdGm;|F^Nu8Ufhjjw-225a7dmBnYMnOa(pZW!9*oGLZ~<MGZ|(So~ejzwOIs(92&S
z&33x8XqTlP^gvF`v#Pp;7upUgrW<WjmQgl{K9JTC=m%5|^#@WN#N+|es)V3u9TBa*
ze)6AmFOboJcSaW92%5;BA)fMDN5Lk1Ip$AeW>69#bUQcBvN5J@bk3(!1ZRTJ>F6dV
zEnc`xKY1oiBVC!yp_>1e%T4_ie3U_X@nR(Ld}w}@^E!J%La4<(wsAw1P54CqTv2;1
zKYh<P@7hlt@ptgu%O~$-%fud98VKH#cQLROs%L?(A#m99z}M0UG|GoI2O9YLnF<Ge
z(tq2)IC)u`XAdnQQ}zY)oBtx_f39nflcxed85Qo~M(;haTnn)+?-Jwt{m{D|p<{hK
zd!MZYWGCHrTd^?YD~b^kWgqBS8Zp3T+ELX{A?K!>v~S9pXGhYZMts9k-NN(fEijn4
zxfkJaF8X!ya#FNju3rdBaPex@-SKECZ7-i#6)gWavgf`+)~QuCwl?3OxkI+f*7|st
z(*BJH`GRynAj))_5XPKh*8Y2ys$7tn#9d*mDs@rj{o89SsePpmM(I7Hlto2^Pt_|&
zj_22JCb$un?jir)lpk)%ex$*Ji@p{){7JgI&qM!wu5zCw={7a>vPNaXUe?WN5G`wo
zllOQCK}R;f++$>TrO^;<`zl^&qVD=+*={x{y{EhwdBVLHs--uq*wLC(X1TGnS(5PC
z4fP+9NzkW9UGj;|5==S1NU|g~8n8?`5(lwceD^uke(}Y;y1>)t%W<31;}`Z<0Y4hq
zZ}--h;0xD&#dO*^zGTvQZzz9kDx|B5zGu#FLj-uXxLu9$?`}lj?Bi6QU3ahl{B!Jn
zf6q(L-*OGIs}=U2)Hn*HybL2?M#Bifpsntd@gM6=oXG^|m?xUo$ie+X&tf4=6RZnA
z!>MPMoxZ1w()gqY#dk7NhrGT$O`PeX`#DzPy2jTm{J<fT#!q{OA&TtKt%Rgu@}MMx
zhSwhu={Qk8Bq8Tm-I+ny-_7$E57ykWoH)HbzeM+_lTb#BUb4*?M#2P9O?)U#OyBP<
zX!y+~*a{j)`WbBduqGL#-K|7>V|cCjHPjOaUkb<FuwjK`0D09PZLEljDHPHzt!F(e
zujzUShpL4Kn5%1CSjOU;iJxC-J%7B|%F4P_=z3_q2UQa;Cr>cF4s~7I!D*%tNBF6L
zVu_U7D#o}kBdF6V$9FSECU5fCaxEzbtxW!&Q9ZD>HeG^2JH5aiSq7DOJM*(26@$zP
z1jFBv(P$<rh>>PQbwfmMg1pNyMD6Hj!wb+@oKSiDjaS9;!jpbO<tDrU*oHkM(}%x-
zhrEY0y+`2U>Dx06N30QZ3L%dhP#%r3;zZYMMs3%1diOZ31K%;-7ng>HM%ac2?d$Ct
zxUV4xy1{T%Ux9~>Eb8FSjMnw<T0>M51of+Jp0E*NRJPMKjqMo~bp(F_g<a|-%;Et4
zKf_KU*!7;S-D^&%i)2cuoqr=<@G~wnT(*|UCvdM2Ni}#mWcX_gbFjry6o0*-1r=gq
z)BJ?^O?IlbI>OrfX14DruUNC(E~-bcdzDrFXg_FE!K3!6`3!~d$<SC2c9!|gw%&Co
zQM}NJ6U#GCMp+T6_|&*%$Bjl;OIKHo9UDsiy?acN!e^5GwAnj4WFQ|s&B|S)TtYdM
zKAaMd*_Th~lj4{>KW{oVJrSqb4Se%nvK88xs~o%4J7cPUUKzC?ED;3DK$HFAlIV2D
zG%?_pRG&ORAq8>cq0{cS@9ZX!&P+J4oy>x2)j8BtPmA8|{SrS5*XnV%5rt&Lnn(Xl
zI9Xk?v0$tT|0qe6?*oY*kJB@kIKKY%o9{1!j;nr3OQ`&crO`a-5d&(c7lZb1l&qDD
zr$<!HF8_p=83dk`uKQAUqGC5|hc8yS&tbSHDs3`tw;)#+XM!z3NEp?8xN&D4?A-sN
z`}&gLq~tJ!2GTiGihS7?S>-e7p}5!Gv~DJ_yom<lo1cuX;9>H8T&_`x9NvO1s<u@M
zi_n_iAlLGM<ljcuXVHbn7CQK4q8}>CTpkx>4>!VcD=VI{q$k7|AmJRJ%OnsEen(0g
z@2^nYcm7eXgfGE(o1z<`Z#sYMJa1M~(8t+V-C`4}ozNclg)Ye{I@@J~|9+y2&g0v0
z6U#<^N?ZhLD<~sgsr25ND87#UwzGrgK&`1KTFMpG#EJ8~&G6zv!_f~yn~!wwdRlWr
zx6sPSND11$P%gP$4&G#2P;PuVFNO%;sF903)wY%KRBzJzxh2FOPt=gtwIkcT^4T@V
zG}p1hnh?|5KrnECL3W=sR>46FMG*en#h&z^K$Cbk$*h~GI5?FaMT<kF!$giakE_gP
zg7bQ6Nxn^^k}v<A?J_EO#2iER^AqdFsuU<*2o+XS1UuX%R@<6I-W(4oe(P}j>;7lk
zx0w)f&btArI}nNNOg&*+fO(RA?yERq(fIvnWxlqQuE2|)gs^QQhWd3plalG+JX1oC
za%U?n2(4?E2a3yBh6rz02r*}r{c?(z?8<@l`2T9-+T)pEzc|uRge=z-Y7FzLi6xTd
zmV4y3yyUK2Vyk7$Yc6xCDCRYn8o3NLnkKI{*FqT~?@(^Bwk7N(m+0d18}IM)`Tg_z
z<NWiS=Q+=L&gc1@^F5z)o~PldkKL>BwB2|Xa$z~m|K1&f8|@H4JfAH1+IHT{<Kubd
zDT)U+q4v~*i@DI2A03AKY`VP_Qa0OlP<CT8ii%uX^}kq_X|l1*X2q!|S$772fqA?h
zTQ4^qcO{Ih?16N+E8SL{=P7g1LZYbpPGY09AfVbZm0%QbWiU81)yF3QI>?*N7!N2f
zm9l@|Tdst$kXN{4#hHlui~r8!MBjVKX8a+&ecO8C$pz59-a(kBz%?P8H4M<bz*o^X
zoqxh|nez<J7bm9mv30LFV-4VUXPLG_!cn%$2$jrz-1~JZNliRwjNM(&+*v!yYN>f#
zo@){N<{rL}7HZv0lf4(D`o1Akvc5-lEeyo^^iUKY@wEdslv)`24CW!&?VfTIrj7=3
z)33|CrXZCn@$AFpp7NYRRsT%w=lIPn8Bz7m7?EuC1cymuK;119i5pX0=S<Ko>kFk<
zISix0{Oa3(zEup@PF2(m%97VKZ`E+s2~rd{3i|+EDdV%@rCG(k!f+W27Si1HoNp2~
zh6~+q?1eotKf}2a-_iKU-{(R8j@PiX|G2OIym3h*t(KiUujEtgE#3&!g9Vi3X4O<-
zsjg7C3_f01(xpj^V8L0U`>rmg0XA94n!n4W=Es`d94olQ=IdGVJ&efHj1+Ywg870G
ziePvKiI5_|Rs*qlJNRZ~&Te5|wJCO{hUnWOwAn~dEB~B^jtt8ts4(#>P*!ct{H^X`
z5FjvBP2#D$cu4ogi<$>Xn*vPoW!l*MZ_0QzkBlAf7?8)9Vhj`%ETg>MR|2%@vLnIj
zvArl-8Q77Jx8k|WdgGfMSVj)4Q;K|PxQr!s(fr_D!vtkj)3XLdU-ZK9Js?i0;M~d;
zTx<NnBZkX47ms@fAg(YQ6rMzqd%KEEw_If2C61x?Jh{1XObiQ+*8v>NG0L*du2JcQ
zJ-WR%92osoUHp8_(yyt;gidln`j2|W364ZH_=nSTf!s3!xj+xFcWE^98BcS#dKwZ)
z_8Tot&UP}Aq+A2jqblW|OmIncTB@w2N8D~QxWcIJaMarRgo8-Yiv;BZilXq0fe`NY
zTE)3I<X*pw`#%EZw=|3db{<j(!CqbNVI0y%Fi7Z{_!0EOk!)UG<T#3dL|yI#u)edX
zwdCe2O7&Jpm8V$1T*;4u?Z}WY_s_>#mFapzNhxaLhQQV(nnFyM+5A{Gfs#>IWrDDI
z?=x<MwX|pI6<&Yl4&FPyAd;Eus2SJkYgdf=F<>K<)^_)CDDJdL%8b{#)b=lAdr!%C
zvOyAI+|wil5WYO_uuVFyc4IsA`p2^)tsQN5e_<;;a+y&9r?OP4D%;pG+eMTRV#h0I
zIQ7DuZs<=p$=>@R3%}uRmi`2aDeVA9w7k|$8>bn1PF)7R;3}zZuz!?5(ht1GDQ)+Y
z21&2Xyq*gB*w`jJr~g`Wz<*M|%h61e>Tj%=vM)efH}zClj0`9y`W}<BvF2&8$7K{@
zSQvjKD@ztN7q_?>&|HKtdm9zFh%_IP+M-8r@*ir2IU^HyknZm`;9wKMb9lJrvZh=r
z?b<AS`mmpNfHa7rve+fGa5i5_FAP@noEl?4*$y49JsImbS*;uU)RV%0ogPN)4q6)0
z@%VHca?8VB^UZA`h@8-*y->qj6y#FnR3YPpMDz_)v&?_|F`6#eeW%-Zk$;DVURt^x
zF*nv4@CO7}d*Ng>Z3d{wCkN4ya?`qJS_zFj`#&Wbup4v3@r$GiTx4w}cWpTISx-FQ
z1N{)8gJGU~*&oK_x`Q}Tf4mv;??30`l<eH|u-iMOl{`3md+bs>94`RVC<CPtf(^(f
zC@wWKTggCA7f5tkn{eHq(vsJ#>cD2-*S~05J-J?AuzzdM3RTK|#+~&bWyua@U1s)8
zOXa)P2ZUZ>Gn_g67WL&<&!;3bi?Y#loAiW$a~LWXIRM^GTu2e884sih*<=FN!KCxN
zRj-~EROxC3$I|tB_?)yy`-WdRfp=kPP<kU=get7zIyu0}6XuEXtAb45PTAS9lBr{M
zA;z~9BRJ`jD^6`@iZ7;j^ndxU{)H~~0}s-2^p(=sAr$>p1ZwdtCdn{Co7QpTL}wHZ
zM~t%YVUE*&L#fVR4~Qj-l{rL4OEnea514JH_(Qa=TtqcL<(dpWTEQRA@NISJgDlRZ
zU+!P-S2Jzf+(h%eCZ|h!W?RNC9d_G6*RYO##6D<c@G2NY9j=Y|T9JQD(${j5Ju$^w
ztyj|$h$3GmP25-<^&AKsR;|quUH!$w2u4AsFK1isn}jpD+WdGwE%qXP4ABR14g}@*
z)&h>6xf=Lp4ly&sTd@2`P8zanHGeyGueDn4tRyKStB43IJ@Fx>_?=XCwPWlQoYYPT
zp6=@oTI+^{7GB*Hl=bp7g@4B7>y%)!cQdn0KRf22)G1oOB_%u+5ndpHv9U$3IM=tZ
zkf-16T(FPMJ$pOQrfxLxL%>uCOpNUn{q1i<bX>!wbfcY0pQ!4nY9VercrRY;^7^vm
z6$Zt)oq(e@x1o-HKbZ)s`oE>VlR^+<KqBbP|CknnI$+-+fZqt&{>V4Ha5Zw2up;aQ
zO$2!hXwPnjjZzUJO8PN(NQf9Apb3G9e_8*Xw=VKk<fkENZxERzXz~>FP*^!xK0WW3
F{2zbN=Fk8D

literal 0
HcmV?d00001

diff --git a/doc/user/project/members/share_project_with_groups.md b/doc/user/project/members/share_project_with_groups.md
index 4c1ddcdcba8..25e5b897825 100644
--- a/doc/user/project/members/share_project_with_groups.md
+++ b/doc/user/project/members/share_project_with_groups.md
@@ -5,7 +5,7 @@ possible to add a group of users to a project with a single action.
 
 ## Groups as collections of users
 
-Groups are used primarily to [create collections of projects](../user/group/index.md), but you can also
+Groups are used primarily to [create collections of projects](../../group/index.md), but you can also
 take advantage of the fact that groups define collections of _users_, namely the group
 members.
 
@@ -16,20 +16,23 @@ say 'Project Acme', in GitLab is to make the 'Engineering' group the owner of 'P
 Acme'.  But what if 'Project Acme' already belongs to another group, say 'Open Source'?
 This is where the group sharing feature can be of use.
 
-To share 'Project Acme' with the 'Engineering' group, go to the project settings page for 'Project Acme' and use the left navigation menu to go to the 'Groups' section.
+To share 'Project Acme' with the 'Engineering' group, go to the project settings page for 'Project Acme' and use the left navigation menu to go to the **Settings > Members** section.
 
-![The 'Groups' section in the project settings screen](img/share_project_with_groups.png)
+![share project with groups](img/share_project_with_groups.png)
 
-Now you can add the 'Engineering' group with the maximum access level of your choice.
-After sharing 'Project Acme' with 'Engineering', the project is listed on the group dashboard.
+Then select the 'Share with group' tab by clicking it.
+
+Now you can add the 'Engineering' group with the maximum access level of your choice. Click 'Share' to share it. 
+
+![share project with groups tab](img/share_project_with_groups_tab.png)
+
+After sharing 'Project Acme' with 'Engineering', the project will be listed on the group dashboard.
 
 !['Project Acme' is listed as a shared project for 'Engineering'](img/other_group_sees_shared_project.png)
 
 ## Maximum access level
 
-!['Project Acme' is shared with 'Engineering' with a maximum access level of 'Developer'](img/max_access_level.png)
-
-In the screenshot above, the maximum access level of 'Developer' for members from 'Engineering' means that users with higher access levels in 'Engineering' ('Master' or 'Owner') will only have 'Developer' access to 'Project Acme'.
+In the example above, the maximum access level of 'Developer' for members from 'Engineering' means that users with higher access levels in 'Engineering' ('Master' or 'Owner') will only have 'Developer' access to 'Project Acme'.
 
 ## Share project with group lock (EES/EEP)