From 4ab710bb3f4beb3d22c450e69f0b7006f9eb6e68 Mon Sep 17 00:00:00 2001 From: Marat <139675556+Muratich@users.noreply.github.com> Date: Fri, 12 Jun 2026 13:13:16 +0300 Subject: [PATCH 1/3] chore: add pull request template --- .github/PULL_REQUEST_TEMPLATE.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000..7154aec08 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,28 @@ +## Goal +Describe what this PR delivers in one sentence. + +## Changes +- Added / updated: + - `submissions/lab1.md` + - `.github/PULL_REQUEST_TEMPLATE.md` +- Other changes: + - ... + +## Testing +- Commands run: + - `docker run -d --name juice-shop -p 127.0.0.1:3000:3000 bkimminich/juice-shop:v20.0.0` + - `curl http://127.0.0.1:3000` +- Observed output: + - HTTP 200 on `/` + - Juice Shop reachable at `http://127.0.0.1:3000` + +## Artifacts & Screenshots +- `submissions/lab1.md` +- Screenshots / links: + - ... + - ... + +## Checklist +- [ ] Title is clear (`feat(labN): ` style) +- [ ] No secrets or large temp files are committed +- [ ] Submission file at `submissions/labN.md` exists From eb0731f24715341884245951d3e7cede0a0c77e7 Mon Sep 17 00:00:00 2001 From: Marat <139675556+Muratich@users.noreply.github.com> Date: Tue, 16 Jun 2026 15:14:19 +0300 Subject: [PATCH 2/3] test: first signed commit --- submissions/lab3.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 submissions/lab3.md diff --git a/submissions/lab3.md b/submissions/lab3.md new file mode 100644 index 000000000..0f06a21db --- /dev/null +++ b/submissions/lab3.md @@ -0,0 +1 @@ +lab3 signing test \ No newline at end of file From 4b9d3f0de0083a956c0d29ae751145df5f54acd2 Mon Sep 17 00:00:00 2001 From: Marat <139675556+Muratich@users.noreply.github.com> Date: Tue, 16 Jun 2026 21:02:26 +0300 Subject: [PATCH 3/3] feat(lab3): SSH signing + gitleaks pre-commit + history rewrite practice --- .pre-commit-config.yaml | 11 +++ submissions/lab3-task1.png | Bin 0 -> 63092 bytes submissions/lab3.md | 136 ++++++++++++++++++++++++++++++++++++- 3 files changed, 146 insertions(+), 1 deletion(-) create mode 100644 .pre-commit-config.yaml create mode 100644 submissions/lab3-task1.png diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 000000000..6d1306388 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,11 @@ +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.30.1 + hooks: + - id: gitleaks + + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v6.0.0 + hooks: + - id: detect-private-key + - id: check-added-large-files \ No newline at end of file diff --git a/submissions/lab3-task1.png b/submissions/lab3-task1.png new file mode 100644 index 0000000000000000000000000000000000000000..4af699abe2d517b646012d73a7b91df365661943 GIT binary patch literal 63092 zcmdqJcQ~7W`!}8r9TaVimKJTbMHMYYjnGz&S}}^+t=2BFBDHnVnr-bFqqc|@A%vEy z+9Mo^?pzQ%i;>wRA5>pZXb2Kt)pto*D1 z0D%30)_o%Y;AkiSaB%k6k-al1z**D1e+RscH17e*dd|=7H4Z!8)w>G-RK&7vKVjKx zANSBQ_XYqsTK@Vw&;~Ai1_02GKe&JQ;R~CE@uPv<_P@Tbh+sZ`IH`S1Z|;?km>nJA z^w2<|AImlR^}XX#!BIJ7AbGM#_4sT!v}8s)7m(G@bN#bWv>6@ z10Lx2gs+ZE8wlUM`<0cI!}Rgva_Y0X1gG>;(A$OvD?cxIYaH41;Qk!5Y*;NfWb4RsBTj;R%=wi*e=z}c*NWblo{xA?hbNK%ta{Vijz-o5+mE#$nq?S?IT z?d4UOkc!si|MuP9G6;t0nz?f9TfZnQhq?6|S8exfD{n zvf0e$s>tClg^d8ZNQ~gvo_74}xC3hR1 zbqJg5?p&*Ny+gU#o8Z^Def+RLQ6f9@qNJSRJ+8EV6+?QMTjO)S>^MCZJHjLss_VXaMbVC} zDi3+NnaEN9)7{n^ZGOdNP!4I%SF;l8&bWAP)78F@H3*LdnD4gtl_ zLLuq7JmRLcvdfxoqczx1Z`a0=Xb5#yeB6lQ{0JDT6gwy^B-u}I@0}0(oIU^Ptnu}2 z*?Zi4T)D~L?js?t24Ns#pJpUyNA7vbj&Gs^dgu;W2ZogwQiYf3lS^?dlZaEF%dg&y z0FPU&xU=t1YG=0j)S1L{JN$a7xB5pMIk7*#z8>e#nsmJZ4CRvAD6t9JVx_+GJ!lKU z>AP(_iD|UFZ8jk}`UEeQA9sXC&e3nn$Rc8BbC^Y8>YFN-p#ifbpii8nkeopq#m{V9 zL)V8aUT~8NSlkGapU+RzoU4wJ;O2VrOCO7cB;mR@A0d?2;#J0eR*U~4(yM)SLD0NU ziA|-FXH@6PY85k!$ltBX*pAX4GE6I6egzj@l%EQvE!h+ycGjfy0;a_id|9s`aqVW~ zpUDWI*`ZOnk0aPs=W!oTlbs9IJGsQ|byN1J8{&0@s@vwf!Art$t()ZI^L}0;kcjrd zqjY68&c}aK;?8T2%l?1~f3lmR&uo@W@TNT~zwg6E5sS`~5>~YaK!2LS{TFYncNXix zj0J0VY+?QP0_y1w!L@ZIy)t0igisr=Y!$|)7Qa4o6|`>t2?Sx{Lw|+u%V;V zjY+V?Y)+M=?m#FBa72?_=cxZmf75J?bhGU~@3+Gf?{pR57{O|&dOeTdg8_iR9*q3l!eK5=zv@k8l|Gv1gmLge;F|UN!12^DZ``bg*ulI zQ|E1GM6&NZ=XPlZiy1#f-JArbsO3#O=O zM&jLlY+Q-hSLXgZGuVeX?&+zxjJ1(Z%3t9Xx>~-rst-stK4kw`Z*uxH7i?yaMZf#~ z7ovM*p>wQo>w1EXsbog3)Wk;Qp6;@$NkR7vdLzRe`H-zK(3(rb$LAdP5QFoKru%>*HrWS1P^{A?Ck?RGrJQc^~0RddJQhX&j!7p93#}@Dj8qS7+mXlOU8n4i}pn zPY~41(*biis+erfd}~98V^**u#8ohP?7QpW2U>(watOXF-{XlMk%hL-sg(#uM2f`rNTwgbWlgEJ2 z`VUJsq*9y9*#QklB0VSH#?a;&f1#i}u=H~>GIeDcsn|l$tj9{?f)LknHf!c52X)nU zJz@o6w4Cqj99Uv2Vz%e=OI*c~`36@wayUpk8M7pg>f=p)EPVaAUx1=3zlP0!j z+3!eHVset5Ff4unm>-K;8|Vots~zO^(!F`f36U~It9e(P~t za^1IBjTkRU^Cyh2>#cFPR8jS;1891wTPfa^MoToqoCE^G@qfki608ON7=O%vGM%xCgwf{^q7j1!(QMp@CnPMrMDon+rVeg z(!K(zvCrN+%U}iL5jp&vS*!_oZ^TD$F1_+XGOONib@Q3c?U*^tlMxfRxTlEzT-!xY z!u@spX2|Sxd^A>3^ebh!9$Em6vPZn+m!azEVZI(O@J500?ogezZ)NU9c5g8ubaLA+ zuqe;hZMs@z=Q5L)88S~@aV&m|%&eGk(+gY=aunVdgF*;}fW*E%V^dn=HY#@O)?gW1 z`3}C!%`(HE;H)_L=B2N7MlFTi8e&!4xWyPxoip{L)=fLiE%jJ^bsXRPXfk!UIX1mQ z2N6IzS(Au2OAQ@j_i_x*g>}ChI21(UZoK10DY_Gjy#sqZoC%YM6gAdxJa5M3FoLvf z{ggN@bVIG4F z-4L_DE(XJFtF_(XO7AtjCUDM7T?tDKXlMb(d3(AhL-vPQ!X>?l23o-<1l|g`JH#sD zRP(}=X-3z(?k7E3(1SCg-*8h*2#Qyvw_VN{9^|Hx>vxq4jq)cFc$M?%yyvSU?^+)v zf0E{U9P1lQ`w$#3WqD1JN#S79g=}jlqK+FC*f@?}u?&oF5MEvyS@a%Pv?+5`g%t;Y zKo8526KbkW`4vsfBvYk=?5wQjC&iu9SO&goMi{sYu74C0N&R)+ap!4OAY(^7^)~I6 z09S);)AmxZwa?CL?Xv!je)|`8pV7%Sc$LoT=|wqsU$xz6LucQ)w3YJ&&zJKOREoGH*sm`*@hnvQXRnSM0SfQZ{MO;*r2@f1}ih<%Q1Hf z=rLyV1K@?9Ba3evRz+aU;Ll1Sq_BY&*uZ9+d73RuWbgtML-xM>nih>!)*g3zu)$3+DA$ z%aqqI^i-I;R@bI`tYaaT<3^>w#=&NZ#-086sIs$GdRM@vu+^^ zbPHK@J2?5N<;)Vn&Y#JP4$69<9;9Z0$jM&nLL^-?kr=`$Raec;xndUK@ef<+D%}FO zx;TrrGlEYuka}&=l1NPi*7!vYG4;1;t%Lhb>o;t%#+KK-mFv%kgb8lOfNE>ec}9L6Y%61@hQ`l{w5^S&s&t8*s`|47K9W=4DA7jITOczjyN*fn&xf-P9i@#<3zLP%{b=Vbil%&mKQ7CfC`J6n5}%}te-%8UXcMF_ z&+zu&DzjQn=Q`0w$IV?W$50NF--#o?u$%wOnZz_!mP0Fhx0`&I9&^?3b|Ec?12(k^ z2Uo5}*Mz^-2fA0+XKaS(81Ipk(-I?ts4+psogVkN z=l6Py@PT5OY55$2EAZbWV&l(V_oGSl={!aB4Ldi!HWDf^U8Dmlr8yMddU4Zsy8Cic z;&gp(#5S5hFKPSKA!pWHdgMquY#*KUgZl zh)o3ATN|dPz5i|^_$wFKIfijS$WxayW0rg0+})Abnk!(@KX(4K-O;Zak3+eKE_Vp> zZnbc#KD5b11(;iVggq^LC!<@{JJ!gOZqwNKa&dyUH2xQt4_axv%6RE;OB;J&$D-bI zf0m?01?wmNcwRpD5sHG<(c)lbu#}6)m`3(i#-WXp5NF!8SnCsHpb^T-aNOpL7y`FD_+gbE`p#97{xdB=!gtbt;vwFAO+m>g-!aBw&3Af{d?~qs=DH9scxn<^xs#TwM zVcX7zIp?}I z68xD^m6wa3VWq&DhcIH#a<7f=jj>AT6U1XYWmgOh3J|oR447g^eFv0qo>P#Smew$H z!JT;Gb^D&5{3YL3!c^BZ`iYIS54hIwZVl#y)YBEA5IT@K<65`M4?0N^5?(4cS9&YXsgGvBP^w{ zjw;h&S?IJNszHZsR|y`Ko!UDfTj1*(VO~<5)nM}jBh))O3`Y36o3qkc>ASFooBDh4Bi~3E zKJU!7iE4e?a~8%(o;iw&9iDR!I+c41vT`}Y)&G=KMyc-uu8jF#S1-GE))Gyh6y;Yx z7|7L!yA4*i`pdNwzLq^3?*~U|tLjb$Sjg2y_lQs3n2JNq`7>@@>CJ0!8&LOmo{U6) z>4G%Quv>e4heg;#vcA!j^VG?kWrnKkEG-QVjSWUc`|tL<`hc9r!EW%Oirkb(m|0rD zgf0ALo8{Ya7@3$YKL;#88;}kCJ-1r;aUF_UI99!SyU&@A=G|p_g74V^Lp~Bxy2-?$ zaXiz!U7e%fBB^mBMvxEJ;ZIX0tnNrCu4PJ%xm~eVfHVp!V~R{V23DP$u&to$-g1NY z$#GOtNJExu4C-hR?p4#3xd`nO;=t8bq4jS!M51g|;As#^-wGqvvXW9)Tr1jP&-Jy> zH&X^l@5=(RXesnA0gZe-+iTH}hPX!aLy80zOj|n=nr5*eRS5nkC!xlz;0hb5-W5Xr zH(+Gk3k;2>_`7yRr`Bv_E!=%A96MAO;;%L#nF`0-zPOLF*$mlg+Lh@{KvO@SS>IYv zx1bNLp?&Y2^!PmGnnUavUdhP)HJY2j%T(xA)3To8v^zx`}L?Y#Cuz zoGO;-g)(a5@`}KMA?kVN9PNp8Qpwtn0_tqEJ_IR|QH*aKn;XNvd+M_yEaXf(2O^h| z!^rDc5GrvJy;!D79&r{TkLKCVPCyf}RHgj-Fi@>&3us=<@zz|7;v@=6rlN$rnr-c! zHqXVLVGoJ!6>+W%;CPZD)nB!QDLB&|+_eJ7H{G7H20jmO`s7G5OWj6Qw%Bqx*#<`( z50PMy=0g(LLoDfo4`>Vt^ogcLedcs4N|q59f}TWZh6e{5hlpRwz{=A@omAo})rmtf~W|i8l#pot-rp#zzgZ1x)%-nVqu~?)@EH84| zaOlvmv`Yl9viHl=x~%iL4O4yzqlbp&3{VX>AIP6@E_;m1zpfOwG}w;f7Ld#;FK|&% z4zHeX3c(2pCQr+3S4ol269a8R&YvZ%-;h#Y%=Gi0ODtKZ5463j;i2tNow}Q(u$!D_ z(g4BDS2N0Hq>{gWx2_r7MPUZs@KV(k1SG}n8S^nY+&xk8cTCBa}m~bp4x-M1O|3ldL zHfOg*?SlXg2L+%(bh-~^q}rfr$FnMoDq!Nj5pXLt7$YgPTa)MpO7cbmI|!%;P3}lD z7pIpyDqEK`LP)oQYF<SQI3}cOr{opD9@KF8G{DG+N`M(6eENia+0Z|8K z{Q*;2IYud{$#PJ1XJ>xmOy_)x;rO!2kAO|JiPH6FCz--)$|vL+z!z?V~ zm#>dmxAb2S5jPg(ytq%8tewM0kCvDRvdKof<}WXMu&|sum}|GWx!KX#Y3$&T44I5YD-f17R^p5Su`~ya|XaJ)4Wxi(d@eg-#ra8`p z=V^LOIgYD&OLYTf>50o{_8FJu`IzG$E&>XVb{+VG83O>KT>l-V+}jy-|J3m6}@`R>Z7TG>V-QanO4)Hca(hdUBE7>t6s_-J?*&0AZNuF%UShj z0L$J7j2^%EaF6g-Y<>9H+skjR6*`w6Z02wO!r`~s(c7Nn*hEdq`~+XHm5HyqqT`n$ zSadg7;`raQ2qlp42R!ybDGTKDqN{qTg=!4b`Tn}xdj}8la0%pY)ZUhjj5X86=6A52 zc({gxBcJX0_0(<@A@x&EHO6`M+01-jwi=<%HEDJ20ViNXjB8uth*+s*d^1|(nyNTx zK1aT>|BRM&?CRO!(aEQvJ1U@@Ml)} zyQ`da)Baq0DF3%_xQNKe{!kTbA6@bcYZqN~YWc~uJ!!VKY<#E*q-t(LK!IT zH1XRPwCa5q9=>o&KKSZjLJ|y2=hg@H8raxm){jCMuC-lx~Pxi)apW~p^byeAMN>qpi;1-5<{8( zoS}NXwp=?k?_!6UNfZlCP+Yu<=oj z^9G}GZrt45S(MS5Ys$Co_Zu2^l-In~d_(^ERc-MU;0x#BBcj!M$(O=!ne@zD7ub>1 z^E(P$)YyGY1mOri_2J(4VOKj;e}8PVIQDX11$R26_JW+I@c2IT+ntT@P9C9i@NaJt zU6O`1?)n}}FF3$th>NJ+QI)bSZZV%ze6f+m;dp)^6m<42E)lT$K>fXad(3xK}@FaiwG+ekwyTBmd}8ElgIn&q2b1}_j-R~LFrZH@>l z?z3(?Zi3~@9>(Rud#0dGgjnDmmQmzxU0-O4lAI@EN-Si-Wy|F^1oV6RKsq6~2-y;z z^SqZpnVMg-_huP5seZ=gOK2l22kT%XrhYKz!JAjB-U%rQMGaqWO#hy_rld3qB=lb} zEU=*mWbjp)>&OZCkgwgiXl_aLH-e@MC8H zGCW8Q7{UZ@Q#;1va=(;ccq??qz85@}JR`Snhq5a7tl0V4ozgR&o)s>qd2(!m{C`ZX zh+e++Fne;6W>9eV?%j^=b{vf|8lRGpT@{{DR5+-W<2IA9SKKUN=E0S7M6+7Tk7Y(6Z!#`_A^Fdc@ho}@B ziQ4h4p8Dh5?jXjUrvty(%%ILrP2Kuo4c<_6*}#Aj{d;->ZjO%GcZn?~3V&u^L3b+l zAYYF|&hs5GdV~^XIDYR<*tQFYl}{jg8GjI1o)Q$`_O)x;*%z}}kF)o!@`&>Y@)b2~ z2Tqe_uE~q*q>Pw%AaUM61;u>pbJWFtJqf#~)j?B7^4uqKOg;M*%LBqIITwbc*hu0R zrar6=aEjjQ%l($<>4MKG!i0FI&pQ`g6fX1ZY+c6~lBk^CX7g&c)-=5Q`p_$6>f|{U zFsMKCyqJi6oLsF*A^Pr9ZB9^UF~azDxU+}YgzJsTCF(fdsUwK))L?Ftim29aA@2sd z{@_3^VeV7LsJVuFrtL3N^3>CO5*$xxc##v+)VSV@en)1M>_)bUHd`Yac<0w?@8@^# zutCTB7Y>y43|caD%RAeOQtILJ>E25|ne`T|YmMCudHlY@03MbS5B{9Jsu!OG%Uwu+ z&Lku8vSh3|0pp0GM(;Dstqdq z$bEfu-Zf@YQjwf4Gj!#qQMP-u+g3Ecm+m>pd7s?;dK1x!L{35M2IH!0V?D7PGPsOY zLQmTnHDcpMh(o+kleCE;C2#C!ePFEBk^}iHXaX8*lR+w*dUwqEO#XJMa=_W&0|Gc= zo;fRJJSYBxymq&LxLClPyM3)}0?Lvc!pP+XR*qUjn}0vGp!8`QhfHbYDcdo(DcTeW zO6WLkxfl08(COWeW7FcGCzGcL4SrSmx*7SJyQ{T=nHy&UHV9{IQgh@d{LF-cR*M|2 zh>%O98v8!MctxdTjPKS7b~CpugXlv^7Rn(n?{Q}(7oKG~!Xgd?swve_4BUMan_p#2 zJv8rdG=r}C|)~hW!%QTP2RXl(EY7hEN?_)??B^{%Sz`pB~CM8-7>zl zoo>j!r2_D<{X0pC{E(!d!F@hH@7?l^w{PEy-MDe5u1-))74&a!$SjnK?P4UuU`2gd zcVsIF>Tll+>o`6B@apwzp0lS*L$fZBsdqctdj=+3!YL7i_SJdHv8650?kp`BQHhj*ed?%H3qk96I*|>ZA*H9{DY&2+l#e-K(sL zs=DTTg&Y(7lr><|p9~K|R?+M!_l?hh2I?fB&bV=|YRC0BbScyrUP+Ug8BK#sWF(P) zPn{l8mj33Fmb*^Tq0Y2StuJfh%wNz=x)y(r4(?*T)7PYexBtopVA7q}&8>&7DeB%` z6(#@VXD-D$&Jp8Sdnr*U3+E0XsmM5e=&EBAE^wt`QE2VcwS}JwFVY1uKTwV?sWX`M zWCwR&Ge|^PP++ZMovQ|6tlfX>b@R(&wy+z)I_QP4yQ?u?4Z&e^Ph4g&0%o_@Jqg>F zFxIZygo^>x>^T;zUqNTjtxukCzVA#`0fu)k_X!6Qv%H@}TTLpvb?0&>BcyyKv`JQK z<_zYgucY*GcwXfMsLGC>b5By0WJe8lse53FVB*VH7Q=Ce^~!m&_krff+ABmQB`EA34fG^G%^bWnYV0M|lHi zQARYgj}B%i+)EHm6bg;8H0GCy_X4*{SQk$lv$oh^pVDiI0m#+w(Y{WuVPKW~3zzk= z-(L~y9coEE17z~&62+1tj9b;EK$`hF(ulT@XMu26r-9>xPP8cWny&O%&=w#B{9Y7W zb;ppb>N&5?HFoL#O_D60i1)3P-IvIX@DfeixkMKbh6<>ep6-l`D=F=|KJ7rd_GQb~ zz@QxYW?1#mYd8#N$Md^FUl!{U=le6O#vRoEz1yDQ-UKJ$}d}g9KlyzNN!D?}y$Q#>1-Za9Qo5C(?Wy@%Z?yJ@JIW`h z*x1nO7mvU5cULt1myLE*JgxL51ut%57~!dQ*0NdMpZsxc(1*?nAM-NE{E$DN>VpzY z|G74!^Q8F(S7pj_cV+<2BEO5ucM|u;BUb5R0kl2^W~x@Y^=l3LonwHSq_b2@QL&PO zpl5@}AxpPqcM0{oDHdSD(2Of)MuFsH<9ZZAbG_;sY)+*`>i(dA*7(*dl^z29euO*> znkRhqJ)|S%R_c9o68y2e;{5CHkKEu-&FpKZ?_v}!IDha34YoGke&zisMYvb;Uy zTnnKr;;9mi-o5yS5Ujh^TQ%)8dTiax4^z2-D#bd1@zEg#HVEl$0C0}vlkPQ!CF+p zTMsvnto}}Rt7Bb1eC>vmf#=Qc!Mdkrkhw8+YsI|;j;Vm6ATloE{V~JQ#O}cgw^v8j z=d!DMl+`i*J|@012k2TubF<3(^+pATmAaGIcsq}=88XqFqtVJotZPK9wwrXZ9uUGka~8XH=1yj z3_qOsxuz6kI6qb+>*vOv{3PXRq~Pe`c3(gc`rP`6o7}A0gn~cZ+i&P_)S^Y*kyz|I zeH^)@&wKFjny?~|62j|qcTjz~{9;4ztzN~7;bDw=%$yZAX5Red^Q0%tu1oa#0Ypiu zw$+;N@$OQ2lUv)Fs_<<=tb@wzr33ZU^k7$tOpW?E$8momNEW|-WrF#+C_(hGf z)9{7X#90cNxHf!Ov4jB8kZn+iOfg9dhIodPyUx7_6Ky2UxJxSagB1@k?x+NmPVd zrvhco(LY%*Dr?3;yKCCa%1H!2ZtVGS<7ZLhpILhb>kcVB(rh1iWwul3NJ0Q=I^%&s0EO{cC7{zl3^rdL|;TK8v1NhtZI9Y)q!SlSnKM|_&h4TzbR20ow&;-tQ*1ja=WTJ5ROl%<@i3MZsCTc43?~tOy-u?lEw*1 z{Q0%U>2>YG`p)@%wzS(X7jK?oMfU6@qd*ULU$vf~p3h%?x-e4{B_W$EUi<3l{p!dM zMl!{+As+T>9{Y-I(0jn6=D44?cS2kSWgXDdUNc{MrSm!tE#~Mj0(|otZmc&7z2k~2 z9SXCRcc$zmQ!b`~k&r2b3qMc(tN|H*UZu2fJJ7x$&jp`viwtsQCq<_3lm!pFFrNo} zlH?mQ3sFWiHCI3Io=BU1j;H``*~ct3hB*a#Rqh1STNUd9WbDB5X7e+z%%gNrt|clSk>7j6WyXz0EKoNv*`3FaTgscQeDq}MXgY3K$dn?^o%K&@ zR(y>6jfxAtBAi%yPJmdN z+_tJ)D(~k}S+b#6nun~q#5#tQy|NRR*{)c+(YFUNF+#2_xVgUCiC*mMY}E1dUNW_2 zX&d&dwK!1z-;}@-u+Y9HDuPcrbXygls|?CqW$h3YlkX+Yte@^N$uxnbJ;i)~in+R1 zN5E>}q4kbXt#1$*=k)dwg0sE7p9mjChL9v#NYi4X$^;dCYWG03lxcfzBEQE9ke>k5 z$~38>A_g=qC5>T)9;k=ue!cGfX9FV3W(C9qHf%tdat4kZLU|R?UK}o>YMAwwNqUNE zZQ=+}va{-G>@}zUA9X-`wiy=5#$=m%_q6%)aK)NnUN)tStg2j%WC)nkETCs(a{gIw zlH~}onfh6ySKYp>t}{b(c(7YX22b9xQ;T7ghmXj$C`}mq)UM7K>h>;P`|+UNRLd^8 z-n8-6ldN9vun;1N-A3L))bdosGT&ky&cq`sN`lWQcE)9wl z-hpgjkt(;dRZ>}1#mzHxUxMp&wW{ivioV|V_AmTat70Cn2&^<_bv6lMJJ`Eea~fCh zLl6#XB>Uew0Z$wF2rrkpw8o32VZyS_!f{E(^p;C zu*c0X#r+u>1j4TqRih?BovcF(7fOe3^xC`*D30qmD~LW-p|;FA!!21A9mL-8#J?i( z*zKi$ZkgDMJ(QNH;6PDu)Z4IpmN^-A-L$*=QMXF^#YAz_6jz&gXeRMf+jZDp=nTJY zkE^mEthsYS78BiiKJ?{rtS!_?KwivBKif^s?u+@jXu%RZQb=ifQ#51(XA2LJYoN*t z3I`YfEaM5vKkIGOcm$^6fCTXP>u=%wZZF^zJ4a1RD@t#;ZcidzlUMEC67wrHR*nCd{Uz(< zv;_r+n8;ElQ$63qd9Y}t5gecQ?C@|~(MO6DIa1x+LE4JNUSi;kRFX{mYTATTQTxm* z^!%#)nK|)22m4HHG1#7QXlFSxSXLl0Z5MX6i}_HfD;*vy2-LfIMMH&oH_a$Lvm1!m z{HECRJZSZoXaJ@bZxd)4$?4A>e?vDmsKRv3p|_f@1Rjd@FIrD}NNi}|@(3zDGGS2d zXkX9PR!5$g8{#|1t@JE?5#1+p*q4OVOJn$6Ar-PMhQsnRAX^L?1y3BrxQyiFomLbqiTYr`OhsE(1>1m^Ce9Z))R0H`CPvk8 zg6WKkObO_<@sPR3fC87vp6g?wf2)nC@XEyjjhCe7SDkJRqnK^n45ne zYYazHzDv){AX`R$Av_6EFry8=)SLDnd4Wb}uaA=Dx59o*3$%E|7}s_?+pb!%rO@5} ztA75w_{}RLGA72fBvAt5!MOVNNb1>PpKA8X5JeH5$4n{PuV3prs%l8Tj}Ck99@z_c zToAGRxG6{_;~r#>gzLR3wXUlpR6t{C4))@=YQlXN33+=p5rlw)p~AVjVG~OFUQ$aaA16Os!8%GKnTK*~f+x7l;%~BCc@JrZnN6x*{ zrVqmo9V@>@FM8MUrvOlyD@EpvnmhXLprti zc8|vwgG2O&dPg~3TE6N|Ya*-YIvZ?1-+7bv@QV|C2#USy4OzY4OkX}_Whs>|GqHXhZY*(I#4COGo4h;|Cw zPahQ%5q&tax5C*P9POlI6TrY#zaQC35-6K#Xf#QbnqKTS`QH4RmCWl*kD@xxFjMHx zM16z5BW`KcZdUoc~Hgri@b)BaBENL$b zjC<_*qmQps39wkcNX~1H0g3e$D{K!=c+c$Z$}Gv5O}-nhK{fliVm}cv-%j?iUjoSK zCcDlYav%8oo<<=^+82!Sm2)jAdLK$F#~*Im!ySDy{G!{Btf~ofb4_#z(ni*|W!(T@ zq*8iYe_VJAi8OkI*P3>m77I{A3mgs@@JfJTU#RT<8#j4=v?*I)4~F9{{5Nhg%tuR! z_4=C_p|CYFU|3vH(PA%t&B}g!=xb0we4O8-1DRGVM_I0k-Z1dn1Ngc-&4TZIxYsN^ zbh)gq(z_A~w&nNUIe6PY`NHk7t@F>%mBMa_>rdpdXENP2`H@ zNRxx8qfX+g^zq>RII3oB?j-;%;(r71I&bn{P`WDNQvmr-75DZ#+*=IK#XpGdUhDru zWwHM#BmnTgQ}}!8qyYZfgakfqPma~wZkb?*9sZ)ImQ!K%Vkp3(*%X8&5;KeJIqP3I7DlyJCpZuyN z5;6kQ2uSBC$p`*}<5so{7d%#OojR0L=)dKCaGxC>+_^_Rgr$R>z~tSedCX00MufC- z>hCu#OmQcCtsZ_jxQC$(&ar%}2=P&N+n5A6@tL(jURAnL?3|2QnP#HwBu zasQs;HPSzY`^en>BVVv>>)xa<8Kw3(|9(HuNOm39aEqzE0V2BbQJ>>0I5|LS zh#SUiz|ZWw%0g(jRYwn$ACRCJA+oQ$uJ2f8r)#rW1hw2+`p`ge*TK1?%6udsiF;3jLJo?A9;ywD{QhiTeLMuFGNxpI2FFPL}?DoVUpI1U{dw||ORkIE4nD1`bDmS9{Xo8o- zLe`5Br-G0qax8BbXjvXDOl$`cjTg37|V`c%^5f30;{ zELG8KKONW(WypGsy5anmjMz#V_Nw{u$*u!Nhk90Obo+iVx@Exg0j|G)F=QWSuklj_ zEtVbga!94~A^LxKZ(tb{aWSjSHt92O{U>TIXnEb~(>X7m!-ctn7r$;*_~?K1SnmHE z%x_6)a6zkB)^z%KqN%A!kFf@BeuDrbbL zerOy>WUSweb;gw?D$*6f{7Tx!nig$Vigms-mjz|@9H3XXB`TZVKX^;#D#QK@UvX=E zNxPrnc#o9$0F4v54epoD^H`islt_@STb7j|_&{}VRND>hCm7zX?UV-w;lJ>I5?ui7 zJ%%R%pbzZ_p;Ft`k75T+2sNGZ+o@%GVmMB0KxO6g_ZmdmX ze@xAp#b)RrzJo1 z054obl#B=m#E-HJcP)_**Gvt%&iy`3ueZ|&dCF8*(HkPJ4<(aprS}F@QS&luSsbX} z{A0(y#BSaNSOtobeqAHjB+l`V_Oid!X{cFcoR@X05V#X;6p*Wp=j7@lT=ZzKd+aJ) zdOdpXqg(hF;*&)2?m3F(rF8^uyR|jUUow)R{`yjjq$Q%9#8MVE*Yn~xzeSJt+U$93 zXI;EPw8#k)#IF_weB}Jj$i4>%xC7Z6eIcVB`i#$e2;FjkE@*ZaL_EIrd1I_t`v0Vkq%<@Q^S!Thw-gy>!7iJe7>Y4v3@wEsczo8ALqWjF)Q9q za0|AAqndJqcXBoKa#;pp==le=}Q<5?bdsd(JU)y!|b`)g5a@A}%q; zEP7XNlXE13Ku^g*2PZmq6#fwbx0T3?Swec!Ku8d&SV9hpn8Wy6Rz9>7d_3XdmeUiU zi|&OoK3~q$b-s(sa&M-VG#4U-tNPfF}A(qFevZX^CG3(XnCeIs^MPM!>o9_h%1)Hx2%Us zZbiBADQc2wqTc<6|8d-LWZzd@v~*7N4} z)80F&Hs9lX+&lA9jVwO=QQXj6{h*mdv)IM~i6OzJy~IlHeoXYZ4DuPm6{=9W^_F(T>ErEaViZ5dhXeDElk_v`Sm>NJA(+Q^sX|Zf`D`( z0v38mKp-H505%vwz(P^FN{0|y5=clu5s@w}frJo>)DS{TLJjX_oN?y2-fyk%zxVsr zn?GDj&CNac+;jHcXYXe}PpQqfUdi}1ozceJ`ZMj|pC!09pv|;ILjP z>d7OQ0uH>w!b>O#lwtrZ;}uVUAGPo$IZS!{&vDgVI93zQd28+q zXIsm%@e=LfJA~WJv0uZBtzKv&TqFi_imjF)6>Ogu#fOjygor4W73tc$cZcwEW8m(y zq$=oLjnut7`<<5_xIwgSONf_lkKPyLsnn zKgzG0_+;Hy9}9+0cVBPU;XLKCP!HqDgbn|id-sw(Kd$mgmUaeKHJ*H&di_rs#_jQlnB*{v~p9DB@^_~?%xc^iUT;jM20bQ=8+d7HDg zrm$GrWdMCbe!T3r3D%^|RMVs_b%2~>A&T;kWeK0h5N1PlSC-!3nV(}}!c8gwVh#)K zO8g-RyW;Yqv%8*F;ZFTMkf`BCAToxH=SJcYYxh>|bXp7M3MP(7yyGTK6t4ukvJfwe z=4L!6o2tY&O*oF!JO7-AO>{56Wob-+Cj?1HvzoorAAP*_Q8b*#W}t0z)-63&Q zitBdl4R5>yH({;gs{P8sK0>uO+mX1|-pGY8?SJ%T!v$R0fIY@ zQD?dJ?t=A(%=2bb9p`f^A#ij*;ym)jig*=;>o-_uWtmK64nvO=1 zTY$yu_z>_X(n_4%yK-w=05%zs_9lz@)e+5zlgeF)bov4N^y-KB$N;Rb8bH$b-boT~ zSvBvovkT};n%rCMK6IH-4WmmyY4{#RNWmrJzYz*#yej>I=kTThyXv|4hFG_h?^ojNN-GeEe~P*X9Y&&F&|ErHbD4Xud9+ z;f3oXq0}rXP0?N*m$gc6AeiH`@aYhYRHs89v&I?^wv_1%WMieHwq2=Y{=F;0n`rZ& z?gzuu2^I>u6VwJaWtKZO{)T(5)3qv~gwW^0`+62a(2Zwn2$%6jq4&wi%DVMnCnx`2 zMrYfnB5g3S4(z0V(k4nOi)rj(DfcmFl5}$UX>k2PnXgq9#}EW@56hXC-%lWnjmIa< zafbWfG_k5Qr&0wxOCj&|12D2$myx)0*+9rS-Ex`XRX0{^n03(~iA$bP5AL zBo`p+ZyAs-$a8db$0(yQR1sgc(_Qa@535Rg+bVedhW=$XTEa^1w!`lV{tR??36wjO z+-Lhr?U})4TfSrEbnPvBwcH{%V+s8V&vpX`55{|TWNQm!dBXrej@tzOZ6sA&wr^bS6N` zh}F?wdM#x>;%O|~6=?xmxt>4s54<3=xZZPCIM==1nCHF*AUT`*RR9E$`vk@BT{)_o zg^iV%Tk`RU=o+izkn!rX%0q17C-GA-$uP!^Y>~sZXP4xIMP!O`WTn6egxWD2uhJ+5 zEyvYsncqa4IRflOkvXqrVudW2cB;7d}m0u9rS9&lIe)styOk+ z7rh}cxMzUp+*%Ivc(9PG*`T`Gz4C7R_+4syV6s)qHp0k06{Z?bi=J5Y^g+GB-~c}K zhZ_AZ!`m+n1!oLl8tg| z=W`1Q>iuVTIhmyF?Dl2U2t_CkRJ41JOK#yIO&$~?Bh^f;Th6J6b3_npY;*$3D&ttr zPDs$ft-aqvMe`83F7~4{X6vxCyY84Q(T>eP+)^+__WhTonsz-JG1GK--?Pi{L_5i9 zrDS$Z9U7%{{;8jPjr>793Us0G41_p)1RBuGx_y5&gb_4A|HqHzi89>|MC60@mQ0yF zH&E3?$he7OXY<46VO66A`i#B)Nc!Ud?SS0tbEs($&Y`9_%0a)&O@=Wkv|l=a?c}WI z#PEAtOvLJ*hTBn-_g_ant&3~3v-khz*bKlO{nOR!QkJ4zS!ak> z-LKRMBsGZePh&a|Q0jpr@-CJ`v1bq>*`8s~OD`aMZ-*1}{` z{i|RQ(LhJm|Mz`Mw*E>-_WMIEj1>^=1SOgMZ&E?jvusR9c{cZq5`FRf`tHvVWt`8Y zxAfEbCF18L6l#RR-9l#_FRA-7MlngblhN(^m>QRxI6X4CaiCVkTI=SaOvU*fZ(!bi zCVH1#rUIShwR4h^gPydWvV}N&x{bG3iE?SO5xUY1a4w9kon|oi(5jJz7Y?Fl6J1AL z>*3dWibd(r#KrbE@Qd_=t0XwQKW*}$ywniMX360k9HB9dntmYH}o_d1-^xf z-ZRP+8Ncn8I)q3vDL$%EjtCA$*x5I0DF5)TH(K01Mn{6R1mk z9_K1yw^5*&>2Dxr}kXq^;|{mhib4; zaZoOcHl8T)Dp7DZhJPn;mb*tSS~s;Eozhd)&%!t}Y%(+v85F$iPVKvpd*Ek<6SJM` z>?(`%rgg`Ux0_nDocSSOYIYo4hz3!VFyT$=9;1|_vhU%+?yIDpSR_2Fm?Ioom+PE?=mT0B4Hbaq$u ziJ+tk|1t+`Bo|Ys%kY5#Y4FUQCG>^z_=`SyoH7ew<$YT;!}uhztLr|ha6*;i7gH}F z6q7x-2>Cu&g515uYKq-1h93TYBIH=6;BlNp_ZPQ7 z?q@Gfy%2u3iVR6j4%4+{vY-hS%MQBhogwwBN9xW7EoZ{t(sEsfKtJ%K?kQwNZo z(eb86mt7N0f76&Utu`q{o!@gJt0Q(~Xjs)Bny_eb z!l>d#zo6BKQi|=N71#>ShGk;Gb8X!2x0goaus>HlH#T>cQS0(s_RPjZToFv-vxc)D zdaDke(@mk@r&98qsvQzB6d*%qIbE`ivC!Zd`ACiXn|n+tVO zVD{yHv+nID6v-bl#BPax+2`QfHyZUKs$%P4>JhgslP6GR0woOP1)ihbA+nm;C)oWwu3se;2# z>$fW$p$~6H8Y!Wk@k2_yf9w4LqvPYo0s=Gk%Uial^>&5|duDa;Kx))L4MVq7c;e%& zPd2%C8)d?>ii&OoGGB=w*qd9Mc`i^m#ynltIQ<23<{u*s0(nk}s`uw{S=#PhU!4+? zY(q~T?m4;HJ>EGDL{&){VN+zXa71|VDNfKa2>7DU)5mowc!>K8UuB-WzIxrSBuVBx z){8clxMoXGgZA&c8PuAB`|fS%P!Pbdcm6t$Z`TIW(sq;px#}v zFKjQ~`I8Xw^`t%k0h)~Q9rXMsRswautl3^06Dl$o@%arrJjhw{1T(#l_X{Hin%%ms z7ITvE=3{>gGQitHMI@lz$*;W#@vG+xw6t~0puKZs?PNYTq%0`?Z16VqKghc0d0+ca z_@Vz()g3f@yY*k5>00w>&0js{z-WZ`{f}Dx|JStBzg876v_aWTPK;5)s8&y4?NQvX z{0j)gaRYL`Fre@7XQB)M!xy84{*!Dp1aiGskAqxyx&NB)|0C_e|Ho(V`9~$tOh`g{ zI_4Tv&ATfRDycdGvsAah4X9b9rHOR{JfRh>RMNv_!z$~mEl-`9Iz{(Snfb`CH7_~) zrQs&`Z-gLzP0__C|65w!zSUoPxxz7I+5)r0H|5AE(@_eoRV%dAu&LJ~mzw%&t{39A zd9tThF_15kHfizm9WfFQ*Z0VR(&IPlgYc_0=g)Y@sk&|%d_c_3e$%7q@c}%ke*+Xk z_IO*sNcLi|%sJv((N@Qt0b9XEw$>*JWXFxyx~awk_Kg4jeMKm+1%@b@{=p zy-G+Rp0^wt+UrRfI&?+#c>qqlskPPG#x(-#Ma{dx%r#HoUM+yadt705);}};>0jwv zD;KWOH@>Q`_;ij=?UnjrlQ{Ar8t%KZFwHIBQ4^B)y6x}>#yT8r!95b+;CGW2N}o{s zcg0CyGrMA~d0`?JXh|>-IMt#Qz6T+7s!;rDr?#pTINUa_R66r=-e%`_?Yj ziBUBTFVO<0C}uo@>ZrW-n!*q0{owv&AB+mnv&L0pI9C08huJ$p0g7EOYGTQS^8NoD z*Fm6Kbj8hF+-jkTXkgFPug&_9dIL#}w;Qo#DQZW-+>YA)SMzAKe(;3_#o z&i^sevW%v?d(+Aupv1ydP1Ms8Ct&I=%g9^bzv|(}i+zG`{}Tp*KzaLP)Ir4`P=#V1 z9Zd&Z-X#0w z%Sx>eO?Zy|#?N1MrmK!&mz~Sp+%EAAEbjQ=qJ1#5vlYKykpmM#ACt&fi{OVm5WSLHjE#jzty1bdsS4M5 zrU*w|<>A>pIrfA%MYx19!Z&H=EKs+4!iVbcA3pmZ`FBr4H9fZshSBwIi<{aNZFP0o zxMv~-Ly6WnY?R?_oa3cQ+SdiEZh`Z6~$Oz^3ph%jKK= z8IQdfMyU8`s!>3zbt1ix1Uj^RFiHRH5xRHy*HQmjZ7_Uecn>z(ZpAOSFNg z_^S}c{LI3hv~$yf3QZ!)!n+sW&1M!)O6Ait)~~w>Yc^rtpl8q?iT3w z_^~{}aLA7j<=wb!j&f1%*R}S;p?!{yq+8Hd?puvhZ!=D%=KJjoxcRcIVlY8}s;>$L z_pl&Q!g67Owqu@OKbQo_{r>wGzMKgq(pcN0zhZLb4tERcR+SASjy35O<^EyJv=M%B zAxA$eXeQaUwL=MU(aJOgHkD)=H*iP+S3AX|irPpl-{!$czUv>z0gi zU3#YudvySN5hv>Zc(`}Wp~w)~-M5XHqDK+Z^Y&d;-@mx-8Tc<6DdiQW>TJ+CV_ zc!Z!ZLms}6;P}HVG0tglWrX$}ND$7#mWwNR>tzEg_fYM83su^` z4Ef))v1uWkOr~OrFHzd&o75Wy?p`)PU zsFFRXjJ0s-kj$kES2C(hj3`zQW^PyYblIxMnOIzYSus>&n}<7mFKE#u*r#4E5TW|) zs=b?yRo6G5QNyY>T{F9yy>qdfX5259IQu*2L3AuB>I^dQ*JjDPzf+Hjs(w*6JQ9LP z@wo5RS7H9@mHCv^ncoj#!Q$4I1&U!=a5MO4GeVdX!P zbX30ND@W*L8Ap7nl#i7mYZ#d0bjNLCcpe2nGjF?J+{9%|M~n&g>LrSwfAhg-wz6|k zDgHLH|9Sa6cOsrR7RO^|JcXUTTe{Q5vF;Sh6eBw|8Zdn)l$8x2w&-r4{Azr*In2=+ za9Py_o&0NhGU`F?zTNorr97}Y z0V>W4+8>544KpDp>)P%1>akv5<=NuIG^u*y2ThR8P^;vs{i?%{X^T^zSz2$!bG{U> z1N0(0ugKi!$T{=$<3=Ut5|I#`QMLsPK<3juOPNsmLIxZFCs2!VU;FcFPNT`BqKm35 zpXy-vo(_B%z1U4$JPmP+#^~;Ct{!LnAr%|grhkDW-uiGRvL{RdgT4Y;UaxZc%=+_0EvElDvjI;vb#b#^9OZ`4+X57foda794PNKXHTuDk?4!`ozzS15 zM;<5r>+xsJ{;d%Maw}WX&@0i3(}$fCu%6}@{)4~#-uoL!Cfm?t*}SIc_MLWFuQ6r5 z=O=q4cj?@zZ9(y`*HWc3M*kD!e0SgcKG*9;$EEtIw|w9T{en=j+hUBXn!Mfw#fP+{ zP-lK&p+TVU56}IFhAI4`nBRZE4Iqh=TkiZC@&6WlPXX;l&CPzs|9<19{+a@=2nXtY zlTtW1_*>vFI zU&l5;sRZvbZ}bMd@+Md)TvWPu6B1jm?ma~Q_r@3L=Qg3Pf8U@DAZ#j*XGO(&82zVy zp4s*`r1MAoX|zgJwthY^$ZstzH=DT7D9?Q#?`s9vboFW=KDhk*n|UUuBUOU38c&(% zd2B*pSN`H_0(gT408%EJAmaZO{o9+qK-sg}|64HsZ!CbsAOBSjx|#w&swvF>VkN?< z2LJuW|F5-${^ud@|4Q|w+*DN^hQhzWC}`?hhO`6Sg7yACdj_=h7oQZsZWeA>1mI=t z%X~Q${>1Y0*SWzaZ`)&BTfw~_CH)PqpjD_5?_J!M=6eLwoH#_3@ZW0PVmtVZMJLe1ZzGu@cKnI!-+ zRRIBj*v_`_=^xv7>~QySCpEY*B6PQKp~#jaRQ;%|FzkmLj8pBDEEV zXC5tK0Xni*I==)Umy3Mbo56&C(lM*j)NE>Mu`+bUgTcC+XY@(FDR3W?!;@s?0v$+x z3U3Q2Z}$R0{pQ|RV~qXKX~s@MQH_(ctE)!J&qRQP08lEc`+TBXs}#j$Gjeqa0cVb$ zyEqmGTC*fAJ2{e)abDRuCL5-}|u-+%O{oIQ&5l%pN!=J5Ruu}fBgQ3|oec833oD(}@#e$ZDqPzzz zIyy`+NM??aD8*e*J$AC&T2r%+Bh3%)GuRgS)N^D-m7_N8jNDm!dMzdfV&kS8Dt|9H zJex%WXaCl_s_nrbSxNQRv=Bw{Z+DC`10Ajv&w%F`MrNy6QL>YXFAp&YXc--4Fto4SF6g}^3SxS){Mb(04Xyi zkcv&)c;x~jb3Ux*r>mM(=Ok9E#Xxh22;Oh}Em!3h+!!G{-nKt(x&UoWtr3pV%q^%E z4ZAnChGO5%Fuvc`mQ4fKS7-1}R`E0=Zj?ZcFQ+POoVM3SMQ;pFTigBgkN zkFS>ZoXgmra8Oz-XH$g?HFR#=xsBz1KumfjQ6jw{HRW)V_6glCz*(!fjxF?u6#x8{ zBPhVniwFxRG*~V#9~M}WSvY)0Pw0&N?;5uNb+~_jrXPgZ2(}*WzdSvDuH8-m5akP+ z8ULC7sO`uPZE$kUGZ~!t>UQxX<>eS(q4-#ahArsTmJdW|Ar*|r&Z@)Y-#vM zYim8B8#ELcR|yd|reRrAEM=6Qz8M&6II@YWPQX%dL;rmG_|c#Iv0d&6 z&{adj0y9RaM1bk*V*Hradg!!%>}PK2MPsvmsm!=r5izqPeM#*kfv7GKu*@nXU{?9yS8emso4OEW)CQyV*r&M zwMM_yL0(cfyg6_Ig=2ny|0I|*>H#z9yLa!Ne=Gcc1(a#C&ZckRF|o{0eH(K!5y`Kr zsZt#+ER?PtGrsPC53rPH2A`~epS&N-oKGTE}8&o>XXmMlXZS1GOaG(lgys(9V@mTIJ^;< z*j97r>Aa3~>+%qy)rfy9BSghgf4$-&kfpPsAYyGf=i4imEqc6!lh0~nS^_{(U!!>L0W5R(l$fZv^fT=rJ#;e>M&&J_r$y%eQ)@Rpoo*f^ui;o~<)??PF=SH)| zrw1xX#@26tBX1M9nmoBo2u|3)xaDf0reElHG71cFv8&7*uHAQ4X(2o7RZW%EBY{UN z+!Qp6VG^gKacL9rIk3*wrdG_^!l(MLgdGa}c>MT@e%qc@!CS5DgN)H)A#FT3PLZWp z%?RGuHB$=i<-G4GIkniK5>{=AeW97bh;g4LdS{OAR zX;vbYFk8fvir3c<5l}%fLD2SeV*jR+De$>!_)#$2;PDgH;SbRX3Gec4o%p!{Eb1go zPHuT5u3{p0dw^NdCxh6K3D3`i?_{dk#i}~O>ucdutpB71adl?V-mYb0%SDf=apUWo zP`8ZkU9D&5pJmM{t5wqO_6jV&wd_{~>NQUkvN>2n-{Dlmi4vX_zgA)_itN&2efBT-|h_n+LYqtyz zj)>T!d%b3zp1{5E&-XF-XEObOFFD|^UUxC-5J*gG>_Od7Oh@UB~JR~sGneNgz z>wcq69~Lepx@_>*f!KqvZ=XGFfi8XBb)t1h+;O`2pv%|~Ra(qm@tBI{oVKLEB~$ir z^E9s*!L}rDSwh$p-v>EqJj|2GRQDv}_z$pRT;Rq)wuYZHi6&oemU+xQ;kyx_3yJFP zEU=d6S?9^;riJFTX^d?2W4^v8k>b1YSBm1XSGD`$po{drH+XQLrshj!v z2`_sM<+QO?kb{yM5B~(newitKPJN6V^o!UuLhs$S`B7u|Y^?we3(O3(5Jr#d`kXPw ztmUu6pyqDra4Znu6sQ)aRRykcWbQ<^`Gqby8jC4(+d759aLYbl5u5mCmR8-iD&E>; zd$Kz3s!8Zv5Wykxeq7I~kBa5Z5t;!DW3BKI^g!_9&`#D$XItG78sZ3>Up;O)uzWZ{ zQxt$h=j2TFySFdBUyMYvuhPt_V3isAqS7yxMN00KmIDsj85K zSFeU<-urGEyh*^|S#tn`cSY4>II+o%^!9Z^LiVZX=(c>X&kQ|48!w|nKI{Q$aKD&X z4rzTwJb&Q=$Ca>LUGM^kZ>zHBtvM3uA@g!vx54p@)=m-;L8q3z0KAq~5`vM8X zBPsc4F{ol0F#}%oJxdl|m)D6~B@G~6sI9l#sG~Y;5j!S}^&LJgL_w7j-XSQSG*mA_ zxlWUDuHcOba{0~f0v7f!W7?!auWnCo<9-@hoG?i$04o=ol*49%s?boXfx*tN@|;}u z0qrKFK8cp5o8&9~jB<>#jRDcRX-=M_#Pe;p%1Ej9uSf;=Y#$i0Gk(RqHSd_9A#2-+ zz#HVZ67r!Da1@d|juahWhK>oEV7QS^R>T@XftapWOZ2xXZwisC-2Cx5Vs|z~T>*^$ z!Vi3Yn0|LK^B5URT$x|6voCjzvBw&fgql@gnHB-lC47_DnT!~cJ|UCogRL~*UhbXqivZehC>CBbUmu8wzAcDsg>w+oFym}FFf zz0F$LWe=B-zO5MMm-n)LL*Dm)2$OiZ)_l9`^c2sH7ZBIZM$cq*JDK7nEeGdyMLcgG z#;-71`TZovfIDTtKJrPaH7VjnmxFkKKltsrxdR>%?K+=rQUE&9=!)~hW;IT_NmbBl z1GALyxw)aK3P9WW9+T6i?Qgdlyy!bA#pVK(B#^W^fKHWF4|UAy@gO$`FSpTY=BVk8 zPuc~!?My0%S};KPYq!la?b&%FE4lq9nGiKePV$FXFm z92}kU?*3b3OxMvs#N>^KI;Kxh%5R5Bur;Kzi)s7a&qMckO#?W%X&eJRq_;IRzA~3w zg`Uy7{p3Dl{jvRD)x0}CJNUh=^$m52sH7bvz-Z|cku||f)9v0%_yIbR+h*XbZG~WNWbr+8i6fZZuS7Q zsMo$vE?(q>&cvPTVm08-?E5{JrKt9_K&r`znY8@0Cfly&!?iq*$KTR&qJ2u&SE*$W zV>(0HIzpAmp`_lloZgvrIt63y$6U&nBi;3L$@bt3-$T<%8wz5q7sxZghmEQkt=cT< z_Gh2`ALQoc!gZU43U+cX+=b3Doev1tHBZkKL8nd`MQm87!wA8DAFr@f40Dl9RJFvMgt9s8!jZ^;yMEdzS?%nAG||=Z4kNvOAX_c? zkgcJ0TV1?Kng?WTp(y5V$s@ejZ@=YX$!<^C_oi;@lUB!=hKIMPzg0Tbcd2A@JJtNe zR}JD7Fz!!EWrN-ND@z)1@MuKi*aFc#&;tBC69f0FKVyOjsAOUq0hK2k zIw0l;4_-+g>=B6|68!<;WLfCNGA|$=dLl(rSOUxY#juqcw z#ORm$SzB{-#@bULy#DAo^pCKr9TG1AY1)a` z#)b#&f;m&8uq()O$7TUUls`oxGJ=zx#a^uM|2*(PI{@sWJY6C=CFUUAbz^~;@o7Zm zv$Vxh`tdpm+bH^d?zIQOf;8eU-6s{H5C0dtBCAq}qkPNlaQ^>WB$Q74mUjUcYy%N~G8tg*VkG>IjXG}!R zY1@TW;HoOH&|lMVb5+6`&-}V~XI%ylKGlC;S^#f8vHzFnd$92Ox zGe5~v4WQBhkA_K#T8}Cv#`@N+N z#LFGL?5qmi3u(Tr_v!M=xlqBjm-PqBo|t$m(W&ZTeLI+IDTQc28fyQd)?JTW$E04O ztNf8r{3V|VH$_C-ef3^W+CpV`*J_`ne^QVceW+6C$Pi-d5f+evq6jb~1N zTVXunH-6x^62JEHCj&BJOOD?BaX4{dtcImzEHQqIb|Xcos75wr=wqBF_m-4KiIcWv z?3Z)9e=eU`L-my>|LKfDW zk@H3E^zS6oW5ycZ%_*gf!O!<$G<2*sHc><$Y7b{f0}VAm0?-)|=UTY{Wk)Ff4-2huj<3 zjj~mS`$dLv%bpA^6+a_BZZ;1nu}@NS9|JEWkUc7;;gRD3srS}(YwZ~GpJ-&_RNh`a zKMlzzUte_HVIo5{T9F&s16{Eaq02{^iYvasPf`$;i<+g>*s83Ssw4p`Q=sMUHLAt{ zkk(*!Hix;b(}VKX*)J{4v>kYHVc(_aJ{3XcsKmmnnR{XuvM72ryzDWBa3# zQwbJO+4fgPLDJKk4#;ZuEGeV#o+Aqtcp#bsa!rI$thWDPt-v}n;r}twB4X){-9UDh z!%UU~ST`ORj}|tn?hzER>D*q|6IOe1HToLqhQ?aYc!uZt3Y?o1cH?GsP?sSPGFkz> zhn1)^?b~Wk7-dzsescjo7=4AMa}1x8)~mra3J$QIY%v14egrKcmrNq;^pXFP4>Sxb?)A6bSeAxEZXrw)zRHipSOS7e!KE>wxYPz&48Otq$f8g zE>Ds!CHXsbszH<+*Tw_K-Z{T^eV1kDdOAZLJ)+s}N7j_R-nu*%ln$k-vYwi`_dgZ1 zFAq+b*;tSvLKQcf4oYZxRwOE{-elJ-07BAA7WQZr7PYF5dHg3T_2`dz%_Mww?EWqR zpOc-PT^wuiEj7FWLhyX)Rk{SIBU3?N$P2t>unykS-j(x*1So6)%&_s8ytF)^0$IY}a+5QO`Eo`7>|Vz%xO?hNN|U2J@#pKX>FoNQrfQQR&&VrSdwLd#^Jf@NAI8&> zU;k!3ny`Ps*sc;jK~Burj#Y5DC{wH*mTpMh?jJbWq?joH>UfgzGbee}#@|rUuX1uvR8>u;TQyOibiqUXz(leSUP z0VV;^pN1Rwla8Wo8JwTL;Nt31wJ$vVTj-A7_Q%((ZLEVvJ{w9BP7|={d04ezupVxd zI+3siG%Te5Qv~6n85t@t%YRL5V!mM;fr5{(9=@Y5blipJ>g-%;u~-7}Y##qpmNeyw zJAkD6LRIxL_U*&7GX4Nv+*y_}&i$KjIx}|)i=*%4v3d4xqdWy4RZ#H0)d5_F0Jr?8 z1tO4bVPX;k^sPCV@X8^jkTMAKdBGWZy2YYLGbSM+K~6!Jo&W-swuGkB+J9mk!_y1E z4WNNiWMLU%lY>q71+tySBdzaoZ$4CuWnob%J%zTxR!?gKgaZ@;OrXn0=CVGN-R?2( z-Q8Q50ZQ1??a@M87#Z*B6^TpYKt zu@MmOF*k+DxHvnXQC00h3H&DN34svB%0@?B9HWmgxy#qUE!6fHJ)}@|hNK5ESWfQd zj8|xl6R>gXN!>yTxda2-b)71@3IB- z!Q}Gg59(uR_^Q{2^mIQd;cwBVF9!gmNA2AYa-i6qj_3o#Cq#>0jdr<3BLR?kWALH; zxn(PxvEW0RK0kC{{CrXVs()SaZ{hz>leE1cS^PgbSirZAe*G_1#>Ld5|KW=Z*Z3cV zT@N0EegXYJpy6%*#j}6;ABgNf_y4!-{G05*0|0JldeV9P;0pZ$=;#iUbS)EOF-4#3 znK!AaMXCLIkL1iI4<9zVe*FRD=M#WH6OO?9(#tSAI66voDpNYg0#s*MKTZ245aYZe zFw2WCZXD#u891nT^k@-JND)yp*7iNI#v$ETJu^f>;)hqbH(A8lL?!RVnJt1Q^n>xqQ|;l1aA zrc@N{Dr*z)iD`(Qri1_9ar&@wz-=7SttO-`8f|{DzYykUi`*X`-Fk1c-FO5W{t*$rf^>lYvV*WJTR(pOX zC&k;^*SAbws*NNE6nkW-HDMWr9(g%AHUK%sB9TJO(ahScrbU2E zL1Ce_jeP+?5&G~h+)N~2F#LYM0**eENM*A{*G*(XOTHxFZEUyKwzq`YJi7waQCy-5 zJ!)cg#KP--?UaiKVtg?%4&{A;!KQ1)(CdopKM%qSZQa8f9c^jr78Vvg+UgXc#!()` z>H76J;YTA1AXEPZ=>~q;&_`iOsw$@Y@xObC-hdCn-c*+O>~x=U2Nf3?a|rb#{s8bh z1%;v>?Zs*Kn2>xxDd}T%b+zK;amh4v0~QoI&hTbtnCT8FH0;BN@A!U50a#0aeKH*x zr0q>jGpO}br;1N&{rEBFN#R1NOLJPb`yF<#iURswp>bY1;lC}n=^0b(=Ymwpay)sD$1C^*yO{~%)jbD+uv zW#H=*J{a3gUg8M%YcsFl3K!5bWL#z@ZJ^vt&-L}DE$!J}(QeBUjzSJyar*w{xv+jw zf_`AfIFZ8_St@+;;>Dh{hn4a?8Zhsj+KGn(lo89do3vUr;LwTf6=!`~Ua z%2H>>a;Ddo@l#W1DX|~+4({68PBo$H)y%i5tA3Fznns8Sr4s{Q3g))FgEPI#peg%z z2h_#6b$z+MKV=UL)y$l2$NP=9?Vw>eYk$u<=xAu41{M$qqxPy^Sv^G9X=D`tE@9N@ zPiymopcHk+Lz9IKju~5W(AZD0YtpS{cFYDl%NtE{^Z^IdyhcKq+5?|$g)SI)?P17| zx52Zqb`?JFVO7gwwyy(IMUz4&wiAYm6f4rw+M5ETaP)veTer&;AM%Ux>L5#dJonMo zok0!4fo(12^v)sDN`ibfOVWG)?mWrJUa^~zVdMrGL^n$vVg1a%hP&U3IoZx{af36ZYPub22)Xr>2*$?y2oc>TR-al= zPh@wYt&;8Kq9{D5x0*A?3?44Mn(+2*mZh1#!S(Bn=HmQhIOT8bMf*x|nNFV8kxhU2x=_$_&CV9( z$ZBnPAObu34|#zZfnjdlu47YQk8&2Pm0bPD0IfdF7#3o+&fxS&ZO z@$UZp4sspL=$JS^a$7h!Id4yR>nfXAC@YQl18{Xp#MzMUXEm;2*J<`3v$PBKkbF-E z39$IL(gU}!{w(sor2#}J8(!B>T_Q;B4OJ&6E^GyTw*GL<$T8n4RB|$0A z*fqJ5VLoY&LCaSFlVQZgpthHk7C(o+px(T*+_L6IT)A0DKH;L^u5AqLnxg2j?@I*o z?!L#pITe`E2U*8;f#_TJ8C=MD?a{{ZyZ668<^J426OB6-+2}8)2i}}Kd9q+5oL}6H z*|&9E4Z|N}0EOkP3XY2;{zHbYW2^0$V|HVMDQBv~?+-ZWNUNu(Cx8eNu=UgyIt%rp zeg1IScK?AXvPM?bgP@cG{eUSeRxhb8LCegKB7N`va`Kq{s#;HLc_~Yw8d`vuz`C=3 zZ3j?HpG-rB@046Jr>ajv?_OmgO8vp`w$^lA8tt^i#!J0pvl$Ia$jZg7tpr|Jb$UR} zT93S{=i=Kzt;Jp2YFW;7eVV!n_$ltK>d+&o`x;o%P5sN38xRlLfkIJH4OXvMI)BbA z%tuwKFdO1st$4sxokHbdX)w;$X=rr@TnS3Q0j}*AgKo~!&rj*;2hOA&>%NZ-Lr>9r zR1`dXqRMKLa|fK-z3)wppvs|_Er5K|_m8pUx1}Q@DTc8UEZ`qMxX{|}J(|hSO)r=m zX+Rjb92ED4L#Cj;C7-}=SQT>LMn)oza#|Y;59_yk z?*^erliEIe5E93FRjDgq8!Bw-hZ?-1XGbamLO~r$nwoY_l}qW;of-WMl5<`ux-UNT z*;=nJIG{y4ofWnrP*70N4fsHjlmPa?b;-a9XKTlF3${V(?3JRIuw{U4SVm84SKS?d-;(l*vCrBWnC491dV9b}G};GedTRv5tK_??LzH{(Qfm=X*TQ?|6QH{Ep+f{!oV**ZX~K z=XIU0^L4&13j4r)BYuYy0#bn^1Nv5mgi_E{gzKnWIU3EG59Qq3Dee~1e%xoOxbK;F zX+z^d`wHFV6`f^UF2Zs=s~7SmR8({{g%E}3OCK5bZ{7}eEeaIiGeR;~_@0p%TC~1u zws${^JiVqIRD9y3h2PMGyNDr5hLn-f@oYyEAdV5buzP^ZSAccU8(yPHTG3EJ|#IoI5kNl&|%>Z?EKbhJB2yaqGy8J zHTBFbATsZdOU z0T4MV_t3(F{wYrt-7Ahnvf5R0Dx!Uu1zz3qIpPa$mHkA@bUzIG7b_np#aoUpt4LemP5AT;Gi) zM=bWpyZ!p!!LK;SZ8DOjM6|NleA2({emJHocNCFUgZa!<*g;o|{436Ksz`6T1}N{vx?T_@G%k2d7cvLaTy{Al5JmCaUIUv0RVX58gDNs|l*z8n zw>*~2Inw|s@m&t&7MaHHskg{30LBO=fOJZj+WVnk;#fxra_t*1c0zy=rviSN9 zA3hwLZA^H5cAYDKpCqtsUY6tvSv7TAk@>G!xA)gN-Qfp7C#OtGf8HW~(8_9HO}2W$?4C>EuSe)3v-;)rPh-$C$&zSaYW@kp2epagJx?vuZwQ z=~sKoMGgxkV+0($8iXUIp-F2U{Yw0lK$7hOVsYETzUIZZ6spZwKya(jO79M=LAD`Q%zpUo z380lt5sNf%j)Ip00r+j1n7s!F*Ajml%fEO4YstcSPW+IlbP+jUHT2k<$;l^uG0zcE zjL|SoR4BRMX2CbXt8gK1nX3pC6?)F%7 z5gE=&*XNw?Aycc%CMrH_pNJP_C;0`6epOD-CfGNGsJ%qPd%{XFv_TJ@O%X9pUwA^k z#{2|h^M(7*W#jrI3NwmMYQEVRS6bBGrU9}#T%uRMz@l45pcOG<1s>&fj zo*qG5UG8CQL_|kt@mn}=yOixGo|9EW*OGNa!>O80ScQke=(-N4%Wly(>9XD16ckKv zfek=9Bcbih0AZz)&?#u6QHAq+$cwbA8{PV~1I^Qw;O0p0F$Y>DlL%d%PuNUR+nD9{ zq_xPK!78~U&vjI+F~Lil)CAC`#pcr@yTgDJd1|6}^YqO1{*)o?OiAYEhxUuB4o%~l zasgkzcqHUNTUL7ry9rs>xiX>0u%^1eHFk&!+Fljs@w^w&+dygoMtn= zAn7d-(wMEh;I|jAe~%m5i#45}sGC(@X#FCN)eRZq$0%Rp>GQUWX_@y1ij5bXDX=j)DlfaPDucS@tP%?AJPgK9c7ak)IVac@f%>NZ$R_OBRR5)h!D`9( zEhqD)(|n(4^hZS;LfieymEE$z>b9BP(-t{+q5y2wXpM2ldh<|(ydAP!QzaCo= z2n2GlUp4`@>yLIl#iF>?4bOpBe9uoi+oaj}I=SCCod>&&Vw{7EkO(1`jo0TL71RW( z97kKRCANXRUpxwctDMcook=BdLYhuYg;kO@0K52ooEZqzUK|q*efB{Hc@XN2B6D`W zOTZy|NnTO4unw@0eBq=}w6)AV3DXD2U@nu9eMT9I@ZM)F2pWmkA*9=n-M%p`U~pEI zSMZd4p4_GPX7%UD-pu7k&JzyA&o1&fSBcUSG7e1RKBoFJ8u{>rr+(}uUr6UnmaF1D zMoxMcT56D&Yg%+f;OjkW(#^gbv;-&k)-r5gSK7 zQB}hm=^3==iWgcSm;9vP;xlf`zY+D&Tvw+IDIrqWZp+?@hEcXk-cBD|eby3|nN! z17LWd4!|Iq2Y%J@1!lYdRgE+_XMvq!3~0BhkkM#cm5i3vzH@K^5^yzp$6LU}`iPOYD$dWwu>5r!FmP==j92uFb^!F_|C_W8lOSJQ#mdvA5u zl4C5zy|^1T%|A)WxCZWeKhHislgGd|hRhfP=7GwYW5H;(B=GP{l)7ls49Uz8dAXSb z)3^3D8cqwGbK?;hT~elQ#M{Io06=JKxH?Yv2)WG)V4m%9kOR~DMV7{E$f)R#3{Sw; z|D|DI06+?wCPh!bS#}XY*_DW5okB;F@wxBb!x7*@ua&2Z(`1MyYaiz3{Y@4$>7bNSv^LX2@J$*; zzA_tJfq-&#+CI;Mn0NJgeJwGRUCzy;^2wojh zE<*LJj`#X(BjCp^m78o0lHc+rn@Payprkp?V((f$NTPTx-UPqxd-rK{EVeB+J&-x) z2OLvmz$9#yH>X>@jyy^xlg@03!xURf#67(gilRd;E|VAIH~xXChOqsSKWd^<#Wo(csJ$`&FSf0`j&8_<7usvUXXb^^oqxbm!(JP&}u^z;EwK_)J_u8&@_(cm_P< z^y485?tGn%?X^cyQIXc&cUAj;vf>}nsVOO)uBL+jz{J)2W>&nk?&u&=$1DjCjUS9_ zbz~x)Fil$800hKZzQ2o0a!%o00L{Q0SDB1vOjCw|FD6>N2cYGC0DAccJpNihObjJf zZ2_Q|n6$OtqV8ocsq>UEhtIl}o4Y99$^d4XeJzKzXm*NvUmlw)0TZV+g_D-L{-}H( zjpM;6Dky~V_`GBaI@{{1=9*4C-SBG*7Yefl$EsrZqX8559T@0>+#B`57Y2q%v z!%m=e&`C{ehoR6$Y1HG89XrSRq8~RD;Ge|oBWxvg3H>9r#zBk?RH)qg)8KXg;6UJ(pt*Zvga6EW9TjDpezZoV zW-qE)$oQh&7C^})oX~>z{D{4)OTP5Yk-9dEp((3*qmKBte<|xEdhDr*>+k0fTOGrI zC{JtO{RtP=iT|{j!&ecY`>*$SEV66n=xveMB%g$nM@oY*31b&d#57fU=-GUc50wMp z#T-D%wC~P8GHk!@V(%Air}r`Wuh?c>3Tbr)2V9*V0y z!BNOaZ#IKHadhk}ux(v18NJoiz^nw+sTZc;7Rj2-*}UxF*dn$nz%Qdk#=u=bak(l9 zJT(L2zXNdqaQu4&kI=9*m9=5l^9XIBK(^8o!MpoYCZC*$Jt0VtN1BLOANtWf4MtA1 zPfH0A4N@y}_iFqKIqau_7^thK%&;wITa;brkg3j@dRz zkTt>lLVy)<7?@24*k68G+FrGDjn?L6X@w2aNM7h2frBs&wC@%Isu7Q3DwaIVEqxZm z*BxMVTfpHBR6pYceDFe9euMv17B0JTr6E`ZHJ{dVajLK7zdXWgj~7Q)rN<&ggHloO z(qz&E+?v#mH<@xj4mEQmE0TI@h0reQ|4LF%oCk8}{eM+Eb$<@pL}yJ!VA5QTIL)Bm z&{{akxP}xaL_%idWwb{q-OGr$@b^mbYt>{EOm2;KiG(<0WO@pO64)t`M$06k+|*Hi zfzmSC?*JZF(JIb3xJ%o`T|@9L>J)a z2Aq>%t)D!Kv)>bj3vtMowxexJ80qy2ccFp7W4~uG8=Jz@JvHdtGvyx6yk%!f0;xj% z`;9I@%@iPKp&t+j$bEm*82SR+APxqt%|{3cIlNf|P-zdV1A%zb6SQw=3Thm0s))q! zu?Hp)jD-Hxs*n#rbnn^F0c*kL`0(uaYJX&Fpt2tpRW{*@&zB*;baGhRk*pwvQz9{D zGHh-YKlIaqOC0tBuBFJoO9 z<4Qgg7cplxhN^vsBb6Fl8t--5+QbiNbykm5XDso_AX2}3(FDL}(xPPS$BFj&_f?`wn$8V6~BpW-ZD{;|pgr z+-_$bS}*SkKBs`r$mxVnGhdja2C4j@r==mEuH4gBGaW#es6TD5`IF3S-kinT+SrW6 z7U*`BbMm5Sq1}o88;h@kS_vY|^~8840my%pp1+P?6i~(czesh;j_d^m_y+K#3DLYm z+HJ@7yN5h~?j?5SyD}IO3QL$LZLWxzmu~c{#m`{ogDgG{djr?nKDSyeVVv6;q&0S4;h3Y)-R-{SW}+%BDX62Cf}y=FZ&;<^ohYuW7*9l6XbC=b=|P{@mWEt z%4X@Y7j7MhoCAeLho!W|${CNwdcM;O`(O&I{Q7kdoEp^nDQ&@A5+jE-ZU#t;40*d2 zhh{uGj$Io%OO%jJzb4&%Kga+=IC@WI_=9;6QRW+|;!DwbQDm;6$bs^E#QS4B2V8^fwbFbutm3p z&j!eBb_F=mdCL1PT_>YR;Du_nwJe|ImU-YMH<7(3DOE`3vi2&uC90e_W?33 zotL-Jgs&xdH<%NE!f<`ONqH46C3wTb2nd;2u+z^+s#%E5*q%nA%RgoANC>Mn$>5Zy zKPHp)9&L2L2Vfo-9*DUJ?A*|yz3KSX?&rEOj=d)3{G1XpDTQp83n|#^lrq<-lB#4! z>d~w5LZmtf^rXPSTcVaSwmN5PirR^)5Y1QJnoXGc>#kPhtAW$jV<&IS{T}77vaAz} zQtf3~Sr_fjF4=QW0X=w+mE9%BjW!=|6rXOZ;ICrNY$OL4#TMP~tkZ;guYTBMMi7Ws zj!)nFL#;ttK;Q$RVayvoz=808;^Px9Pe051jF_)M)`6TN^72NS&kk!>v>kP@Cv{vy zpn?Tm!sSD9&5~c?+=Iot9ag^bgg|GFZ)pF%hb7UKs3|K{Vy^y`WiAO8u}U9Lq|BBWF8$x6!hV1y0Gty0eCz+O-AOm z2Em$O=_s5Fu>?8%O091~<6gx#JKO{$rdc4)&K8Fx@1 z%6EL9j0x{#Q;B4=A-qF5i135HR31Hc!l4#AfB&PvK^-&(Nk0egt?RkZ*PP_yLE>*W zxgenWD)bf9KV2sYpV!bTGI6O4g#Utn8JYmym2H1@#L4wK!TNMzzDEW|^yPGRi%d6{ zNEczk1jV~Ee|`zD=nD#ugCR2kCc`F2pfV0oG8V%T8s{Ez?fsZ^K3MsA(d(l5SFLbY zX?ay2J4e%)zyewkzAzyM5t9ABM9|@m02e>fR>ghttn9;*HU~m4vEcQU?>oo#BQasy zvG!eT7c=Z?)L~S-mvmR_P+a-BIgCrkN|;o+M24W^0CT=d12bXJ6RqRB~ zG#-tc3SNX58e&ds>>DTV4RTwRlo;>%!Be@~7VjERLXLsUIBP0hf|N|{kInumV7nZy z>wP`>*5P@R{(zGGawkqiP(X(S@23zb%O%-dp2*tAaTlhH;=D&PDHkVKS=QPKHsra~ z%4p4h_T!R}g3*M-i-9G8rL0zAl@3rSWaS$n@m@a_=zZvXsPuUXrmx1wU6z2}G~#Ip zW~kDvbgw4Y)jj7;_(nvCl!@-z?$Qezt0Qi}x&BAv6~SK^Q5NgxmTz?!o1e`#?Z^G@ zGrXbu^gj++nNZ^ldl_rrjdHcp=z8NIQpm)?am_- zDa#!i*r~ryhb(en%~8&xyf|P#t1Qbub*UoAnij8c92@WwPL0TcJfS^T>df~~euJ>} zUhlS=z`D!1CrtUo-2S~Y`7Ph%e8l$JrI77b>9oTx!NMwI6H`xPnu0 zwdFJ$1opo_3I+#E5>elxWL;7pl~PJ$CjQ>u{1Tr*cim-?lK@A00IU4lck?sS;QPm| zJAN7erZwa8zf7+>_GSLyhSN#5BQO4We)df%!o0M*UzOP>v(sH{e_r(Ye(_)Xt_IN5 zzsvv3+4|>=K>weT#N7NXHv0)CjP6Tt;apWD#Sv!oCCLfPR3?;z-a}#4)Xj+{uGZP< zAUYN#)D}Yi)W}ViUAw#U+U*avtp1Z+CN3=B zgk=0acnZB@L38(>)Y4@)*R=r4YL5|pnOzpotYhRUJ2pgpbPI?u8~LJL)tAUQ`n+my;NIuFx0!^{ zs!_D>^zdlK)6$vt4m_2SP3nvOZuEx-bz=!s8sa=^@zk7L7IW<29gQ`g(x;!~dwovx z-i0(jfxr{KH4R*Ix1*YsBg>-edl3QCFN8LUn-#6-HX@D7>z&7pNW%-RRrt@$~^c}?V|>w4Mma30Y)d+rc? zga4o%?2C7d!zW@iPsrv=2oTCwNq9DL031eO@13YK&J$S8VHoFJebRm;S1@yC?a^pn z-qkZrLYfOZty5AOOI(aGw74dV$)r$k$_L~Qy zx5`rkq7RBetZMV)_~kdogF=y%ShHTMLabpFp+jcEX+4ujcVuSm`RK zojG*_ShWAB_65S<3vX`=QV1<#bGmc3$E?7qNFIJKBh@kG`e+G2#C5Qb9Y`}86BPE8 zbL#Cop)}8beM#9Zp)P#}1v~AWL5a6UnOOba@Qhd+UZVC(toq@-uX(Y>c=n!#L&eh{ zVmP0{O#ATHhaw9>3Ucl(1E(1am($8YX6eb8+G&_R*^=a)k4VZ75Y0zG@*!D#*lOF@ zr)ly#D#h(9TkGHkbz=@$G?{5ld2&x}zzx14QoULZ4v`ojE5}I7mUlu9Bk~>5H)S3k zf?1JyA$)ZMj^1|F?JjloI#5e~6WgxOsX@fn*q8wTg5Ks(x>^u;ZjKLu|vG4ATthVcs+z0 za>2oB#{DL^y~BBDF{)oZsW$Y{3DxGa601$tYfRb;?A+=vZw3D`70Lf4vO)*p-*@u! zz;+q{8`}+801Z-qm%R5vT?c#VyfI$`KGj8m7S@X`otFAnr4_GBcx!;sIWma7%ogu9 z=|cRNM~OJX#p>9tk_c-!9G{UIL_wxvZUT1PFXLA>LsD|)H~*3?|E#2B@87geLvzEd z zRw4RXkls?-St?c6p6MpGm-*W@Jr#XMOiWr@6!Ky&@T~qxqIpFxs!<63A9j?bJNFK+ z*Y_%e%gV}{zW>w%h@Ft%wWu#;EfSi*Q~DmpnOnqV7O7fxn+v_wrJu!q?}2P=u&$H4 zE|{tR{##(^V*dfKvi)x&9sh6Jz;=e0?Z2{||Id1$is|FWp8-l^IIg_p>HJ)HR04JA z3C&S}gx}$A0qZE?zpvXpg*u*|X`PokO*3Iq&C&)B9*k^(!AGja?|#e}O!vKBula7K ziAF%<%IWJ6=}6i6CZNNn5IZY(1<+wvxv!@e<~cf4sJsp;&K0T;*#Ze>CnjB0lY^?S zq@Q000hM&~$yVM?kM~Jqfwr%OS!Q(M0&kDa(lk0{=n1&X$Ndo9=q2!5AY1^jL_fH7 z{zx!{!O-z2#z``hDv#>Ymc2^HvF_31zxXtq1XzbtN?T4+{SzB&$)w$lGeuUt7g?+I z6eZTHDU-6^3q&F0%~1v%+T5O9(z4YVQ5K%H5M<{M2^5eB;b*sXir{{1#dN>XOl_F_ z=Nd<^_Mc&f|K|Am>3W2vQ2zFb>%2SA8bzsho`-C~bk zb{m!z#>a@{bYgYO^Y2)yHv*;C5PQm;hV<~QzC_2XWQI1 zrRnyI`f>A7J(-nyWIb*1F*RS0g7a~IVL~ldvYD$twQzz6Y!zZ&MyUnX5%zuib<`cp z?I@37=2vxZR04g)I_WAr-d&}j%T2kYtw|D50npJw22Vv zgbZqfJ8~Y_#-{3Pa^1i6Hhb*R56Po13)0Q9T*cF%o22TFo76J165mbj)eX{G#Feot z-b}p`9nL?Mwl>2XWq=5l_pc8U9?kaS_DWL=mt$fb=T1^t`&UnO3dBW6A!=a(DIR-0+sMWFjdh;iC#vl+F0udT1y`f68Y z*oTQ|Yk68qmxR4vR^jxEK-1ubb`Bal$e90<-11zq*!$Qm!}i%2AYreL0C+;17vpMf zY-A*+t5u=k#}E8T5<_5fMQC{O#}aEPkl$?C=zXRaAqhW=QlD0?l}j&tAe>_a*Szjs z9j^y8VTqw+quQ84CmhOi1WD~q-&YE|T086N7-Q>n^%}ShWvnglc+jbO(t3mO<)}Yw z-&ldXN-C0^uS&_gE8DUboyNg^#I571%v?x;(USLU!Ro9&Frtl4?|v-_{}jD$m@vvRY>xh=d&Zv2`v#6&-w1{@y2JV<4pb%G_u6)$23^X|R;CG6dk& zA~na)$hRV^WdqVysR9C7n`TN^Kx*fwZerms&M~$oC*OakF-mJ)Mrr#>T6t<0J*uTS zd~`9JDk=&%vxIE;gh_?BfLnRrva4K0Jk}|?o_e4=F0I4%fZDWWg6O1Yoo^srUcY({ z9~eUV`A3bAiv=L^wVTq(&KC0h)d$UH=zQ6lj>;-+e?66lz4}PYCb|j`mRfB2tBG5% z-G9zxu}L`bO+i)e8gsT;ys=#p+wbJ<+wedOlck5~ cdMSBjJ#=(6V92;{@Kbmqg z?|T%5cT4Lg+nDEWGU-2@+MMm9*U8Etq#njA!XPXE;#-c`3^=n*){RtAGi!TTKR4^C z0q(Zs$=z2Ln@9-AvnHkfAS``+v%@!D&cx$RDzVftxY$rk3chgHOrFk-9oSQ1R{EK9 zq2J5`mtvYA^_(xG?oHH0+U7=8Nd6+uTIonB2gg*3d0C&dh=TKdYyXzY^ToT@5)=w^ z^|DGFraspwN`DBKU$EmkINf1+Yk^LSWLdXFTP=hJ>6}H?UD@h|>o>aQhDAKr7AA1b zG01(grz)_w+srTDf5EXYo&GbbwJQ68(Zt@@VCb(-)I_m>SBuxH%{aIUr!T#;cO!Cw zQsX|_H<=alXmk^I7o@ORsZDP3d!5_XBci&g4jeq?m*Z2VK6-$i%L5a->f$=T@(9q~ zlJCWynKD^6%?rG^q!=_}!Q-y-!OdXszKK4PBV%Vau?xYI9lELGlW!;=$h zR6e2eSkeX#zi{UZy`N!15D2281$DOgfN+VVko(qHvp)im0|gz;C1iD<6FHINg*I9N zf@Dr;>HPf5p}0DYRQ>Gptx%!tSyA2YC?7_2G2!+}O^cN5=>2d`PkMJn8+TV}z9?vL zHL9>#>O;fWb4AfYW|iV<_s4vG?_a*-D>d{-{wMs0gI?@{?yfXQB)Cnz5e51Dyn~$# zZ5|H37rSO}rljFHzIvIRaQT*~s&7Ih2Y77xB$#-;hHYaM?)$kQDC}X;$Tjc5lmklR zIr<>)p>NT)0=9QMqpCN_^^ikLG_;xT`saK6_6hTcHu|mU>=74-&zU)j%)fz;hu5eq z&o-kfJkb>vgH!SEHo`F;*ReCM>3hq2C^L!YPkL0`Q2h29E~lKl83E4U{R3 z=DFC{*Hb@Xzv1M@8&8O?`-UZr40zVO%>9@+Y$6)#}21?aSH=M0j-u z6^A%kX^^|gKzTa9PsQj2mOw=+%}XkHOwEy-35&#r{x8K>(=DhA(efjC#Y`Pt8E4<( z7!o-7xwhruF*IsqqPD-mbECo6{te%PmO&6RO@MB}cdo+qgSqih$M-RD;Gq^!|G_wK zuUn5S)6G{B=;H|pu6SyPE@l6%{K{LpI7N!yM^Na*YWt#nobWR@|FveC>7vlMOkqYv zli8z=<7NsZY=xYAwGXwQuLr;EV9GhjJ1Hr{y$+A=L~%67Q^x)I?Kdf0wNE+!RNUJ2 z5@F|+pjijq&v(!3tRH*UOwvyE(FfIseGO{u?DpvlgqO636Ur=oUJk%(xbO?bpXOs; z=gOvBTXqn}-&(s_W|zVDdf#qBz%>k#3$eBrvfFprsQwYyB=uLE-nADg?tuId7K1D9 zNXdpwoA*L31t;FFIOrUDc!CRNxhC$m04Se*P3K_F5e_G8b$q`JY&Lpe-_Q{4VM)*D zi@OaT&1V^yEZgRa|1?x7{JJ+!=VeKRwRT^ahcSx55p@`|sou7iPes@1!1|wr9Ic3` z(wl9DQ?8A@g%e_Yo%>)t(2Kz!F$m%r@iR`b6%+Lf5?8 z9f9lp8V10riCZO$P~0sw`gJqCnmMTifcw=GP>GR@U-h;NQBh<$nb%`m(SARs*S-=6`vzp5ypXXUrRgRGv~a^0Jn^eD@%Pn9b_eN9 ztfG9I8;P3Cz1Gs5+t*Vo|FhbJr!wC=MuZ@*7suL2U$Zhr`(IyO{|+S%Ev_ox9%Ul; z_z$g45n=O`dc;pl|5>&;d3R^${3j*&JyD+53%S< zs6xKK$BzuZSIM-8Wrc;kwV4ng#Er<=nE?lV!2K}GRFnl|Ug(|LA`%Y3g{7TQt^BDI z*1jFV)Qw;h=q9wWc-xRE;p-!7FZ7ty-r{HHD8K7;MI8R| zb#AUq#VmZPpfBU3{+d0ZZnVzi6i2z|^v8S`I9`$PlW_h-X0LF3+6VBa4t3e>8ByhWfzRx7 z=BhXN>M@N52dAE-YOleTXai(|XyTExB1pz7kAgRN7@pZM>Y8eEZoQyNg?2_r z**;8MN73B&XPJh-X5XL6X+m2ytJyk z3$vd+f)KcrI8O$?-KbQaCP*l9c`*xm_?VT@m`@cKrJU54l?Sd z_a#jQdx~F~)c+V+M^=h^%G#HOSW{;|4EMsd8k10Inlqs;DT#V{Z_T%a2A`+SH*|O) znJ=(Yn=Rd6>)K^oxoM4Ro9Sq95O;S?gj#gL&!0@MI9_6}TybJ~xC44OZq1%NGa@Bp zu?XK#o#FhI$Wxs~t*E#rt@;cyZ{Z>9oa=;pR|OCq)Hq0$xgb?dS zR^qPTvphgcAs3n47LTfODw_&;8hhXkVYcQu~Av`DyoJ+)8IJ z5|_J%`#FUzaRGnB7tMnFx#~j^goh{82yWeWja;v4l3azREzK0a6&D;SWv+wAr?3}a zidI$0JzFk&ReK&Cg-=Mor=M{7Ld$uk)t*6q`E|is+M$p@!9(9<3c1i~58(2keRqst(6efX{D; zUp!q4MD+pd{o1ADIGZRVCEZp^Mzke@*wC<^O0s2D0u;OIokVj#;h*e%8-SwV=Zd>H z98Sia3$_KakOFsd{Mpz(9|kgcPc?Mxr0xOJr{~5$<2338e*+wRI60w|;v-5CHM zIe-l&kqjj4Khz&|{g0pi-TD9Xoc#}wIY45}H7To$c&rN`oSm01g~vsp-_=|dV=0wv z)jH+_@Qt$o-41he%!^bGgQFh_EM0{60$Y*`YV2%<=l)?}faKE;VPQF{-g6O0mKzaN ziV7g069MGL1DYYMawBkP=s2KVBblpPweC~Rm?kGrI3z#>Scl8k=78`=*WN2^iH-R) z@@mz&fDS`@qX6FC_lIg7u+akLNW^5^tIF~``}R+*3zn1xKf|e>;sS&OS=uG)pg1TX1i++s``RNXnVC7a zk_E_5u*xY0@Y1NpU2N+5EE`D{mz4!;1RgT1e(tqMk4ZneoAZkOS2iJerkxJ|Wq`XN zl)CH1nq&boU~cXOiKx0&2k;}&{!S$z?De#n&F_zgR~{u6!=>F*G1jA$N>r5e&GR6T z!A8(QoP@k)asXGi3(qb4`-xXQdoBbEfNnM3i~oFJP<$*!H$KNID2 zw^n)=L_%0z>%~FO?5y>~!;>WRMAK6pL1ja$z)-y}7DVF;vrOh5@5d9f6V&wFIUu)n zBPU2yIY4N;a-c!oqAaBOQ+N3B6DJt@)b(?~mv39Ah)aSbuN75k%n=?+iOLu#m(bgT zWUDg3=AOnhLQcoq)aLN$j~P6n%J&pcj%&@Xff7$i%y56CDn|9cGQRBzs_1+@#thx-_nx<4|ROZw*r(_Z=tD$*9<@gMAM1~*#vZVa;Qqq z!n=n;$iCyaWvTG{25COVKeRFyJ+=-_TMxMQZWl}8#jpXOl>G0}WHlUU-L5E7?!6X0(q_4PSU_2rv+ zcj|}7-j}vOyvpLy8(wM_;88gC&SN_g^=p?E+irEQM~8r}{|Vf4`M}9t_5|Q4-E~|Lgl@421ElL=EC1h#KmO3`Ox6-b*7eI-sa;aPqC~-c;xEd zwC8Em*D7~Zh9kjUOjru6rxUTtH{@`; zT2Ks-kqc=B-5oVY20E3YJKV^x_$P~h4^pCX2e9(LmKu$*V|C3jVPWfYxQAJ#rAEfa z<4sL>!8dQd0<8U!k6=kLv75c0K25~Mr}e!%bYf(&qqY)tWuwOmRG4?4W_Yd(+NPQv z7bAZMH=K1=)*x8z+MP^$Vufq&u@8C=O$ZOJkAcn@Oy= ziB1H+r(UF7MbUMRzG9Vzzc?2w=@yCWMR2GPC27xz=s7(y?v^dD@#uy8}yZBse+^nF#-#VJn_cDAu&Z&;J`_02bL-e}!h$i`;r z-8t|>skB-z8w~HBK*SWTv_5CY;HP(G3UAquUv{}ZZOwaA)Tr7 z+4o_$iXGVX?XP2-BC@jhs~JvIjF0^filS2EkJYBV^$+J-HD1Q<45?p+<`zvUzn%Tr za$d3lq)1ot#~omjK6t7Zc5L^DSx7ULXd-q-d{3me|FDLZ&fSMuYWI;DCI@i-*k}jb zz9#=*w~U6-DLVJ0>sb5g)HA7Pb9F^v3&VCB0ihLE#VIYmvlB(khhwNTD0Ayjd3&Z{*Q9=@y;T zH;TlP+^=!@9x$PK8{*G4sM{}-O8$;Ns(Ig;=gw<7;`9mBG>$%n+Eh(n^HDRmic7SH zCZQ}z+jsbxi?&iLi_pdFO-{!WInBoSt2#U(%I2ejMaE0aA%f?hd30jVAY$aCMBtP( z*Hy;dU}060^wf$>0Uu^yjUrxpzVyQt?_aY@i~^0Kl_j-KmC!P)Rs|gi8#IBGy|fou z?CjCH=Y-loD|9X1t*TW`QWHwH%~584f4q@U9ulP;NQ=GP+TGsCSD5lF0bem3;_H>B z>O7jQyuF;p+*lKHHtBK$TNqt%K{kKPHeM8XU(Req~rHx&ORp#`ADB)MfODdMc{^wTJvug;!s-s3In4>-Xf-nVSV;WR@m&hJ-{`MQbu%D zk>x|3GjD=be{%*-WwCq$>ewEO<&CQ<_H6G?S2yrG;n=*4hTxH z?@E*L1eo;;17Y8^w8Q2uc}gZ#n4Sa`Whnx>t@1u8Fi3G(fm^OUkBq4q-wVNE!S>Frf8Qn;Xk^Ha|dz{vN%`cmeN zqejHY-+i^>bkSsyp50gD+g0rj7=9VAg94X-=b#vHhpc z%U>SeH%jSDxl0#}vz-40lIpk+3~yI?s&C5KYd2DK?0iRgb+w_qsqgYakOag|# z`81tW{ucq~sy}$(_bmCfmvy%961r+6RekKC=l9$jw9YbOdehufKIZBK_9bRrND{Z(^bzpMOGDSa=~&K67Z-W8mA^XM#78%@*T35u>h{ zhnBsM$wa@GW&Ov(*etu!`UJ74`XOmasJmR6F!8B`f`>LoX38a3BPUynt^s!$p`D&R zrVk8``oN+K9p1|Y!j`%{IsIuRin6|dwPwao!!~G+K6Ch*(VoNszL(wsB#a@ITf`+H zNoHcVwQ}oHtHk~tztL|x5=b(!qZ0w@vcp!sY98wIP35Jm2x-$y#BPoSFrs&t0iASO zOkAo~9P<9iGWF{ovE>cQLxCJO8c+D~v#Dn!_Ko-$fJHi!Ql1Fqs3yi%y@-enPyU4_ zIR?IdcTyQcn%+)4QrEO^MxCStvZ({&x0jXqS)yiUHUtd0>3a+KvAa*+H~6Eh%oqpu z4^&!fuLac7`O(4f4Uqq8O;w;n>RaLsA+3p2jRS9*zMo84D6FDv@i|xvQT+&OE;I{f zVekwgWn6jUZArzAq3le9;Jp>ROyX6byFunJ9zpp{tw`sLhh}=V|wAe@YkJ} zJW-8#R@*KgfaiF!R>gTFuzI$)~HXW_(fwa zI{GJ5GqbHG*)6Z44p0H;5at!%o;P2WSbo*EgC@7eh_D+>Ymt)4erRLv|29Mz?Ncw2 z(bh2-j_fvC6q38Q5yFpt*H=Z6D@ISbo^kL}6_ZFWJ+@_{)F<{SBtwpH{16++?n&h}Me%YoE4o9c>JDUXN%a?7~{l4AR=vKmsfU2R7_#ki-O6BTGl zzcd*aP)P!OImQ1WZ8cv4fc^krpsBUV@YbXFuxLPwcdNKn6Nx4`AQ4v3&NBCW--rdZbcGbZf8Ot_Aq{pGehHBTJXxZhu3) za1eku7S6FIg!?>@SgfVx{vR=jM6y&`OJ<5WBULA|#Vpp;uhGOYn#`c+lw@@dw9IU_MadeFV`O#UpjZMKC4#(=7#1@CTTm@WZb*T zn0(|F2Bv}1+fyz8Op)uXDI!l}^qMeDqOPOd=}&i-)0ormZ=nKrvyCaTjuTThR!ozU zwwKl0gV52qRm(pgN_Zk}u@Z&>qi;1puc_5AF!R2RVoVy|ys0<<56>HY)K(uKq#}a4 z$Ef(-&U{wBLA%%%@CGq3$o%r<5;(~2Nn2z52NhY=Z>qXq4{Lpo9g|~;1>ap35SUc# zo&PfWn=<@bXlti=|AD|7lKlGkC>8mg2dGc7f|YJ>3Jb3o7#Nftd+h%os>R1S15K1Z z&D-}iDy@bCU;l5+J?QE>gc86(Iv#+bmI2QEVKIA+{PxYRc({q`iYHQ zV~CLF(EGr}HR@)leD56VMv90yH0OB*Dpc&ZMNrqh3G~KmPl-6UFTlmBMIQ4uDhurz z#4pxCz-U$ch!pXfffG$kb0#M#(Q+^>={G>;7as`p_7NO_0$=f5IE(AXPkiIE2xqA= zcV`zNWUGf{LQg6;#QZ*3w)1SgpGm^Hs@C1RotQY~B46J(*(!Y$6;uT#5oX#S+b0MX z@P`Vw|GG&J)Zrc@IT_HZQmgkeR!AUBPv-MclXU_dbQalCCVFMVf&6s)D2che1>gW# zlNZ3M?Cv47^WBfYH|F;xY`(CGZyZQ#sT9qd!bOiXU9|rGYLx;DuBtL6%lMB=cj@B6 zjvmuLoU9w)2A}|mfSTjMQ~^rctH^2HMpY3yO_hIow_5hrps35Uc&9gt!iSE-tB_Q4 zI3+0)tLdW_^ z`(E$$p63t#;Cdde`?~Lk`~KaZ-|zl@alN&EwKa%4YXBV-7;ADp<#^Q|E>d@kjP1F& zHY`F|cT)d?E*a{18=0>fZ{Sd$D|S~?BJ)wvluQyzagkgdbz^A1N^%cdSbv~&z=-~4 zy3NB$%G8;fD||Imr`7Rk*VV6X>h60#9kZ6d?r@J7(6o+Rz@N^ZKNa`JDyz#K7!-;9 zS24Fjax$~6pVcpE*VG3tJS%&MB;1{$0L_YlG;qod`noLHqXj1}{D>~bw?&B{kvGEw zrh#ohEE~JT-TXCm8g;B-DyhwdSM5GY-lVO74YQv?}h!YyY%i5>h=4>6ySTwY} zK|44RQLSRU5*!)sp`Ydun>m3jYT2q$>YaYJiAa@FGk;CZB5%hhKMit_)lUTlc$c&1>K8k@o3%gSLjE>s2whC4%iI>zNg$G*@r!9?^|Q z=BA?JX+@2nty76?lrKx4wPE{xZrX~HB_z!nNNGZ6&u4 zL~Jr}Q1-Cxt<%bxiLk>VWgMnI0RAq4<#~8@BFN6S$RdCFQ=C^FN{TeS%|j&w`IEo_ z-4>&vbD1*RE1t{2x;$X63s|oa^|ns<7Ww1Z6k*tW4?{F@Ni^K&0Q$^Pin!1?J>A^e zw<|B1{b~V$@RdSbE;M2pPY@UIVC+trT02*A3mVxN7enQw2`nLq-o)Lxklx`~ zpJ3bWqjfGGvaIuJ5|4vJL|$+L@-vmaVg}PsMc7$fF}gIuX*Yx9!!ZqwY`e9@3OJFf zS-dZ%a8ic3*CNlzDM;DN8w{k3q>L6e9VQFU?_*WamjvYodZT+Yjeds`kw*3lt{6>9 zM9-5<m%S2J*|)BX?A^S*j#D*ZAZl`nHCItC&@$%T`i?f)eQSJwaw91yWRXeMQWADc2Z>_AZI%V$>_5zfxftap2 zlN22D%o%LI><5b%)iI&hHqlqN*M@2!p!7|4am4l8ZuKh81_nuJB-oLQU}q7^k)p7S_!9J(cGXiklW#1^~Sv-+z5;IU7GSWW>)e?L31 z0XFQKiWxBA`h~+e=T1$4py1TCnL+ZJb7@0Wk%y)!s|3gZNhdE$E~Jwx9kEY$4rEg4 zG0LXK`hc>ejmfH}j*b4aGzwUG2?m+e$~w;^fu3N4|JAXz#X zJZ~R=`*OtFdiY$t<&j6^Zm0pLq|me>_p-6hDOSQgBhppMA1~wNn!hm7-F&p4EaTYb zso$8V4!$4FMIwDnwt|-J6!}1KA4j924kBk8yBy>h;GD$XY+HEX-b~YY8fC7OlM-4P zKjw}Gv4$5DdMW2#x4#52j}VimJ?USH=EUv;g~`1BR`#G{R+lHX%p?pfn62}O&YTVy5hL@z_HwfBW3 z70^Z|3_Y@jLlv|{@fM5H!H@USui6t6&mFaka=jOs7?d$}VVj$6NpoZFp~EsiKo@>= z&$q1x<<^A4d|oGFCXw>XV|f@Pkz0L^TZdHze>c@HF)5a3fKZRxP(6n2k_rC1enE$D zx~IrGWe>L|X*{Jp%l@QSUT_c~z#v4~z%5qLAKo95{VLJ@#>p+e9urPDe(cptE#^a* zHSDSnULRb$a^)epmj(5E8FSF73jMXJ4>!+78 zi?BOS)3;&C2wHPg06%I7e<}q z4(spm&w;Vb$7+HE9T#Ph}Ku=4K#Ki$#Wp&J*uv*NuG(M_|rPOYNJ}t z{{^+GyH$DHVLb5|q>L1KkRT19^m1CEU64c9E^Ks&PihgTz-c^b)3lpV~$Ys-_i~oZeiUb!_dXZU!v2DWrz~unNjD zf8Y^!Oh&VG>1^yYY0H=YM6bs|q67RGn}H56b6q0S)^p+${0#iEZTQe?ftsdqnsGf7 zp)D}u{l2{(rE_~8;z<7uJ<{uzJD3pNv(hw0DomEXY!4@)y9Wz$(QBfQ|+yw`*yy57etVU-Vq{C^ZEa_IogIuU+u48M@j)ZKjIq^kf zSh)AZw@p#Sz$#Yv-HjdCiF(UGcqY~4p=X&~$@i1zY~U%93=2u|^LxLHUg!;WvSV$0 z3#2tqufq5|KH7pcD-g{-;n^*hkK%8%-uB ztI_M69lD{oaP_k<36s)lg~*#HVh#=yO(IBd`L;R^QPI{1CmF--xbrt%~}(`?)YV-?cgbEFR$F?EzER zbL>1Vt-~=7KkR}K6`=YuVCvoZLAwrhsgmLvQdYJ>5n(s@R|t zGNcB~o%u7Z5WX?dZf%OD8!C z$pe-~Yq)Flj*!T~6B2Ra*xKrB4Wd zSlrv&Ys}g;u5(=mOoqTT>EWU?+|xwCrnvP-0t1vrRh9CY(@RV2mU7IRNibjZ00TzG zGThYjtG0IzIJ_UFvj_i7GJjYNs`2w{$M#0O>8yRQ4zVF%4qE#bD=uKC961!&?;cM5 zF2fMtE3o+ag@PRad<)Zg-I4c3GFD|1sidWg!hL__4f=@!w; z^i;)T00;lG2<*ea0H2>IX#+^`$&a~;6{17{{2@&A5MT6fIfMUTcYqR^vUmBniIkUAPI_;w(&Am0X54kZYhA{0QpLp@@7uMq7|Bd#e`6xvp!zo`5&u(|MA6t;hFWnL1;Y# o{O9$j3ekV(qyKl4F4%sZtpdNkhqk{xPXF5nzV~#i*mENN?^aImwg3PC literal 0 HcmV?d00001 diff --git a/submissions/lab3.md b/submissions/lab3.md index 0f06a21db..50b35cb82 100644 --- a/submissions/lab3.md +++ b/submissions/lab3.md @@ -1 +1,135 @@ -lab3 signing test \ No newline at end of file +# Lab 3 — Submission + +## Task 1: SSH Commit Signing + +### Local configuration +- `git config --global gpg.format` → ssh +- `git config --global user.signingkey` → ~/.ssh/id_ed25519.pub +- `git config --global commit.gpgsign` → true + +### Local verification +Output of `git log --show-signature -1`: +``` +commit eb0731f24715341884245951d3e7cede0a0c77e7 (HEAD -> feature/lab3, origin/feature/lab3) +Good "git" signature for (signing key) +Author: Marat <139675556+Muratich@users.noreply.github.com> +Date: Tue Jun 16 15:14:19 2026 +0300 + + test: first signed commit +``` + +### GitHub verification +- Direct link to your most recent commit on GitHub: https://github.com/Muratich/DevSecOps-Intro/commit/eb0731f24715341884245951d3e7cede0a0c77e7 +- Screenshot of the Verified badge: ![image](lab3-task1.png) + +### One-paragraph reflection (2-3 sentences) +In a real development pipeline, a forged-author commit could be used to bypass social trust by attributing a sensitive infrastructure or security-related change to a senior engineer. During an audit, this weakens accountability because commit metadata alone can be modified easily. Verified signatures strengthen non-repudiation by binding the commit to a cryptographic key, allowing reviewers to distinguish between a genuine contribution and a commit that merely claims to come from a trusted developer. + +## Task 2: Pre-commit + gitleaks + +### `.pre-commit-config.yaml`: +```yaml +repos: + - repo: https://github.com/gitleaks/gitleaks + rev: v8.30.1 + hooks: + - id: gitleaks + + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v6.0.0 + hooks: + - id: detect-private-key + - id: check-added-large-files +``` + +### pre-commit install output: + +``` +pre-commit installed at .git\hooks\pre-commit +``` + +### pre-commit run --all-files output: + +``` +Detect hardcoded secrets.................................................Passed +detect private key.......................................................Failed +- hook id: detect-private-key +- exit code: 1 +``` + +`pre-commit run --all-files` reported an existing training file (labs/lab6/vulnerable-iac/ansible/configure.yml) that matched the detect-private-key rule. Since this file was already present in the repository and unrelated to Lab 3, I kept the hook enabled and verified that gitleaks correctly blocked newly introduced secrets. + +### Blocked commit output: + +``` +[WARNING] Unstaged files detected. +[INFO] Stashing unstaged files to C:\Users\Марат\.cache\pre-commit\patch1781623133-21016. +Detect hardcoded secrets.................................................Failed +- hook id: gitleaks +- exit code: 1 + +○ + │╲ + │ ○ + ○ ░ + ░ gitleaks + +Finding: ...ab 3 testing +GH_PAT=REDACTED +Secret: REDACTED +RuleID: github-pat +Entropy: 4.143943 +File: submissions/leak-attempt.txt +Line: 2 +Fingerprint: submissions/leak-attempt.txt:github-pat:2 + +6:18PM INF 0 commits scanned. +6:18PM INF scanned ~100 bytes (100 bytes) in 92.5ms +6:18PM WRN leaks found: 1 + +detect private key.......................................................Passed +check for added large files..............................................Passed +[INFO] Restored changes from C:\Users\Марат\.cache\pre-commit\patch1781623133-21016. +``` + +### Inline allowlist + +Using an inline allowlist is reasonable when a specific string is known to be a harmless example and has been reviewed by the team. This approach keeps secret scanning enabled everywhere else while documenting why that particular match should be ignored. The downside is that too many allowlist entries can hide real secrets if developers start using them as a shortcut to bypass security checks. + +### Path exclusion + +Excluding an entire path such as docs/ can reduce noise when documentation contains many example credentials or sample configurations. However, this is risky because any real secret accidentally committed to that directory will no longer be scanned or detected. Over time, broad exclusions can create blind spots that attackers or careless contributors may unintentionally exploit. + +## Bonus: History Rewrite + +### Before + +``` +4725d6d (HEAD -> master) docs: add usage notes +e4df32b feat: empty log +a686a58 feat: add config +0829590 init +``` + +Output of `git log -p | grep -c 'ghp_'`: **2** + +### After + +``` +e7c0b11 (HEAD -> master) docs: add usage notes +e3cb4ae feat: empty log +450f57d feat: add config +5e4aa8e init +``` + +Output of `git log -p | grep -c 'ghp_'`: **0** +Output of `git log -p | grep -c 'REDACTED'`: **2** + +### The two-step pattern in real life +1. `git filter-repo --replace-text replacements.txt` — rewrite locally +2. Rotate and revoke the exposed credential, then force-push the rewritten history. Rewriting history removes the secret from Git, but it does not make the leaked credential safe again because it may already have been copied or abused. + +### Two real-world gotchas you discovered (2 sentences each) +1. git-filter-repo refused to run on my repository because it did not look like a fresh clone. I had to use the --force flag after confirming that the repository was only a temporary sandbox created for the lab. + +2. Several commands in the lab instructions were written for Linux and did not work as expected in PowerShell. I had to replace commands such as grep with PowerShell alternatives like Select-String to verify that the secret existed in the commit history. \ No newline at end of file