From 7869c3144ee5479b653527ea89a5e09d051deb10 Mon Sep 17 00:00:00 2001
From: Ajinkya Patil <ajinkya.patil@sap.com>
Date: Fri, 5 Sep 2025 15:11:51 +0200
Subject: [PATCH 01/10] Create SECURITY.md

---
 SECURITY.md | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..4cb1aba
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,33 @@
+<!-- START SAP SECURITY.MD V0.0.1 BLOCK -->
+<!-- Please do not remove the version header, this is needed for automatic updates of the SECURITY.md -->
+# NeoNephos Open Source Security Policy
+
+NeoNephos takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, including our primary [NeoNephos](https://github.com/NeoNephos) organization as well as our other GitHub projects.
+
+If you believe you have found a security vulnerability in any NeoNephos-owned repository, please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them via the CVE process (it needs to be mentioned here)
+If you prefer to submit via email, please send an email to [secure@NeoNephos.com](mailto:secure@NeoNephos.com).
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+  - The repository name or URL
+  - Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
+  - Full paths of the source file(s) related to the manifestation of the issue
+  - The location of the affected source code (tag/branch/commit or direct URL)
+  - Any particular configuration required to reproduce the issue
+  - Step-by-step instructions to reproduce the issue
+  - Proof-of-concept or exploit code (if possible)
+  - Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+<!-- END SAP SECURITY.MD V0.0.1 BLOCK -->

From a3bcfbe0c203ccd51924a48bcaeed1511000d17d Mon Sep 17 00:00:00 2001
From: Ajinkya Patil <ajinkya.patil@sap.com>
Date: Mon, 8 Sep 2025 16:23:27 +0200
Subject: [PATCH 02/10] Update SECURITY.md

---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 4cb1aba..ab71543 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -11,7 +11,7 @@ If you believe you have found a security vulnerability in any NeoNephos-owned re
 **Please do not report security vulnerabilities through public GitHub issues.**
 
 Instead, please report them via the CVE process (it needs to be mentioned here)
-If you prefer to submit via email, please send an email to [secure@NeoNephos.com](mailto:secure@NeoNephos.com).
+If you prefer to submit via email, please send an email to [secure@NeoNephos.com](mailto:secure@NeoNephos.com) This is just a proposal for now, we need to add a proper Email later.
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
 

From 37d948dfd83da58465dd34d0218882597682227c Mon Sep 17 00:00:00 2001
From: Ajinkya Patil <ajinkya.patil@sap.com>
Date: Mon, 8 Sep 2025 16:30:33 +0200
Subject: [PATCH 03/10] Update SECURITY.md

---
 SECURITY.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index ab71543..cf14385 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,5 +1,3 @@
-<!-- START SAP SECURITY.MD V0.0.1 BLOCK -->
-<!-- Please do not remove the version header, this is needed for automatic updates of the SECURITY.md -->
 # NeoNephos Open Source Security Policy
 
 NeoNephos takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, including our primary [NeoNephos](https://github.com/NeoNephos) organization as well as our other GitHub projects.
@@ -10,7 +8,7 @@ If you believe you have found a security vulnerability in any NeoNephos-owned re
 
 **Please do not report security vulnerabilities through public GitHub issues.**
 
-Instead, please report them via the CVE process (it needs to be mentioned here)
+Instead, please report them via the CVE process (the process needs to be mentioned here)
 If you prefer to submit via email, please send an email to [secure@NeoNephos.com](mailto:secure@NeoNephos.com) This is just a proposal for now, we need to add a proper Email later.
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
@@ -30,4 +28,4 @@ This information will help us triage your report more quickly.
 
 We prefer all communications to be in English.
 
-<!-- END SAP SECURITY.MD V0.0.1 BLOCK -->
+

From 5345399a93ce35682852809649c6e46eb819ffb0 Mon Sep 17 00:00:00 2001
From: Tristan Scheidemann <tristan.scheidemann@live.com>
Date: Tue, 16 Sep 2025 14:05:28 +0200
Subject: [PATCH 04/10] Add files via upload

---
 ...urity_policy_github_vulnerability_report.png | Bin 0 -> 7626 bytes
 assets/security_policy_open_github_issue.png    | Bin 0 -> 18006 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 assets/security_policy_github_vulnerability_report.png
 create mode 100644 assets/security_policy_open_github_issue.png

diff --git a/assets/security_policy_github_vulnerability_report.png b/assets/security_policy_github_vulnerability_report.png
new file mode 100644
index 0000000000000000000000000000000000000000..a2fce6bad05fde6129592e377753f9e40d31163b
GIT binary patch
literal 7626
zcmd^@_gfQ7_~=nYj|yT#M2eyy5~PEaP*jvEVCY4NQl*9>ortKQKnO*82`D`fI)MmD
zL=hx(NC-thN`iE$A)$Q%&$;(6xIf%`=XtXG?(SsYIy0Zyh{t*wY^ScAVq#)q)6#rk
zz{GTHd|!_G=ji^i(DBNL{nHU|1C9GkrJX!8`xnO?@9ExSVycKaz5R@3|N5kdrnxs0
z)A<(%zayg#SN)loc)?l^?iu-8FJ$g`Uo^(O+tK;Kj<NV?VpVeb^Ofp`i-3wk<I_bY
zPoDX(+>00&1n|E;a{Y4XNL0zq$g@wi9{eLNc}lMFV)$nKm+v6S2p4OU$_PpLxV^um
z?NRDW{VW6m(J7Fc`Y1kJNng2!1f{-k{M=<;teVm1=)U=VEc*Rn`+dB%@L%cD|0~iv
z<s63Cj#sDO%yiXs2!rnWj`j$Q&74;3qUXYiFL<KlSB8RaXI?nB-#p*)Hp2pEIPprq
zf#+wwXhRhUo_tMlp1=5XrXL(Mo+Ix>au9eA3_i3kG%+WbQykcN35+j-{1Er2QB3z7
ztpoFKaYNifYBz>&YSdKB*G7+V;`i{W#bj}C)xA4*WY9Q6I-U=B^k0QA;B78rJ{m7O
ztq0)fks&Q+T}P~O(QmcY&r{u9n`k#K(~{vxMiCONgcD+NUr)wXOy+^Nvy8HWz2{2l
zQB_m!O3Ur5>0_h(gz$MWvlW9~^e256T%B0U`JCAb&!vp6GBet;Pz!I^VP0+fHXV&x
zB`Tt`hZ3cmluuhV%!6?bZ<<g(Asus@^pc&Nt5`?t!9U@_35iwrkb|mMfCRUmp0%Z=
z?a9>(d?KZ7;q%%b&lF?QN6}|6Dll|QGuE46HG<t!)8N0p-zElRcDZDS{2p%^c23H#
zo)sN31w8wOW!?!79obTSFC`kBwfEHE{!ot!g?X@!^6~A7(^s|<Vm`;HV*OW>GMQll
zZ5js8I$yJDV7_^G*hlec;Up!6?`24cPS;i44_@Q5lJOaO&AiaL@;mxtOLMKa`siG4
z6mD~+7=Hg9#Yv0i9^vKg>)nWrV5i8@glmf!ZV6Vr2f39zzSUYdo9g3<$&olJZoL6S
zP}y8+RRZwmEZngRtyZ#)E8)sqeLg7xe-<n(p?&gaociUqUHX4Mbdkf&-14iV)^r#w
zWa$?0QpQnc8L?>pd&lGeNdpoS8@k$%r2)|)o!r+(Rmt*hA}@`utZfu{ok>XK1BjTd
zZxSL^d?swX8<``t*nig#`L2D}h~K;1$9rbjmOF;pfsg{(&yS6%))qD{7u|tpN`HlY
zc3Ij|?_lSloOxGNwVn>L-GQ(igxAJwG6U2FuAA~tkW)hYtZMk67NWD<)6!Dbe)#Tm
zkG=eZsXw2O_4+;67u~_;)3NaJ-7ShMe6?jheQ7=r;AXz1pJ~#{ZMnPrEymi#bn9D;
zsw#c{^nSsTL3}1BnNI_*M;;?TSGP*6*Q!otMSuirh4fnKNPT)a^0N!fPu?{~Ic0rX
z*S^MQte?+9R+)df0yU;6^4@bk1G==m%T8bq_HVNO#Ejf7!%CFc866CohJ0Bm<nsG6
z_2~1)zol%#F~wQhq{$+4sUP2-Pn%~=f>ek@x_$ABgRZQpFYDJEo45kT5xb(mE;`S2
z%wV$hU>$vdcjJ7(L{`-`waQT2ynZ~zt?dk(!;U|Z=U(D4C8ge_KJ+vIM*l)BmCTgN
z#bq=xh@Wd`V_7)*H5#>2;^ZE%HVftOfdg!9dOMu#dEs6m)6<p+jQ4BCiku!azfk4z
zqH?M#B#lo8?>V|98px>j32`0otJ`>Ive=ICYv>V0#mtWwFOuTc{chge@pOE8#=~;_
z>Owt~C%5Hgrl0=Anl6|o9OE+m;wPQAo?SDd&P6{$tmib;yq?*mt*|$Yk5E>=JH|UN
zZP3zSOGVvrP8+#BU>mLXJZTQ*%=>&df`7aA=wY3f#DjdU_ikylt%pNhn{Za1FMdsT
zhLRCZ^cQ`^Wm?&`ksH}9<n}WQDuGTzwhT@MSn9te5(Cvt?_7!W&ay;%(~bm1z>iFP
z<*anUZ4Lp%Zw=KxZPn>_#}oQ63MF<SII{jiqh&JWXIJb;)Khh1VIshko#uc!bCRlM
z1n8#p$UI=}MBwd$dR_*#rjhSNZN$5UefOq{*Cel1RC$qPNcocmq5}cF+Q=HfXMsHm
zcF7`5wJol=9!i-uSOk9l?Q3iE=c8ftx`uZ@c1&JVJuzm*1^V$SUC|O=W;#5lhpzTP
ztY#4~K;iMYua_oSn?YUkeed3S|Kb}qYxvXrvKcfvppbXLg3I`X(I9D$=h_~(@m&rz
zX{3*IG<R{3YxxOZITIe)J0&V5NONefW-c0r++)+pYMfoI*!?e#4(c@sZQabSOf>7A
z>>ZWmWHFg=lSS>3MJGvZrSyWf#h(-5%?|pbIp+<*71#o2fTMSYssrb3tL6TUSW^)S
z2E6sCnK1hSY)&!I1z6Va6uMhn8yGgcr-`xOggHl@3g=hg_dj1O`pN12<%AO4@{;9(
z;22Tv{YE_5dMqC2T7wlR;RSPu2YSRiFBgf3U=6%pfNXlB+f=1RF59A_0G};KgOvC^
z353{(iNqRO7Dx#D+!zhLSh=v|KByqg@9A(aJplb{jBT2UtA_G6EltIzss&UUZ97dg
zH@Y)AQed(G7&1k+osOnsZ3GO1MfW3w`ZfSWtnaz^-PJ9wQXs7F$nAmDt9?LQ{LVp_
z>u(**B5)Rn#Mf8nSOq|4UD<FA;~UJ!G(Zg6^brR=G@=w(;j)pNt6GALvq}UNxJr2!
zX_ud7w~%Ef3?7Wfnvjk*!r*i9IE_7p)#Sy|y-?fIr4?Cj>m5rRRsa^tZDTlA+HG`J
z!d0CO`kNCq{nC=@Y$n&;9n3xM>&NA=HPHPva;HW0pfpv!2KW1UE_%1Epf6bnG7ozy
zY2X&3+w{Zht!B>?k_q9;=OWZi=jC#S7Eud1v2H!48=T5`(?tEi3V?^E{MKAWw0&xb
zX2W`;am$sh;N1PdR7=fHwDX8$JJWcS1cr2u`}~0+YmG(BvW`0s%?-5OXfLFe4&p)y
zhsz=8a-~DO(nwm&NBFd!VZc+~sUAZc*d%E5Sx58Mg?vgtgQG<xRZswLkk=OV&Cy69
zeR5l}I5~svXzS59+F|L7-tB(2;5^5@D@Yn0k^9kG6xZDLDlR&QP@%~F79sG+l6CZ~
z<mTYA_|(vt>XT=Qns%9Z`L-eD&GB<Z9usYllK95$#q}aZ52PnCJ^8AelS}RVpP7Lf
zv!_~CL0?Da@ZI(6^a?wp5I@R_*2xfn7+CJ1o-y|=R+mk_AemLa2tQ@Z;30E&X?SKI
zq0m$E6AWog(={!(H*)+X({<KKU6waVEb_ot+k35r8l1=Yl;6aB+?ei+{2uDq@#jc;
zsZuSFkCLdtPK6G2Pq;y3nn5ASK94xid>NT3GCsDtBek++x;onaE7=HUSJO_ad`SE5
z);oAhmUU%t$8inJNShU21#dHw!NLWtaw&Ya_{L`rc8jCVN6r7LtpCe@2S;1TGQ~8@
ze}mqKqMlMC3E?Zx&(QXE$0HmOS2vGGMgy|~UN|-4)SB75ZX1i|Ur}ZEt_XJWx<66<
za4FN-)djMR^r!UN_~iAola7sPEbKm+u(w&su~hjG&lx=qg+{@+hau|FyP_DQ&4<S3
zn9}V03qoVTTX%~EoxZIPgrj0^?ubo39;sy;YBteevF8C!|Kmt(7L8&KGhx|MFV{zg
zR7V1G&UkY^++VPoDzfP+NXg}{J1xDzN^D};ND(vkvK?WCmLO`zq!VtkPuDOcq*(FW
zW`v>inSK@msqFDh9XhI3In}hswHR`1I<88gQ}rS(F-hyP|I%Ijv+U>KA|v_BjP$F|
zUch9XNLH1~9qE3zW6!n+J)aL}bu7|+YI5e%#s^T2)BAyh7mT$}6z@Li1@YgJ`>40w
z_LY+=-s$YL)nh$MPKr!q|LN8c0nkfvvb<A-eL-(eZ<$+hiotoVWPo0l;`|$LeBR9k
zCMOkz!5gwr#HC6-f2C<<SxYnU{9P{Dy2pK!EDkKT6oFL~F_e{T%idu;CiMHK!Bzob
z)3-B@Ps5mZprQJ%TotL>rwTX6NGmwC@Tp?wzgd;v8#+1h9lQ-c!5C=pA6(jpJnUMO
zs)%FGRA>$N*!(|Mf2bNusit=t_^+b;DP;y7yFF&BTm4si!B0eMZFZ=lUY0{4v%%{S
zdS$)5bOGhvy`#u<8L8O@sm!-0?u7Gkk97*y`WY|Yj3|oRJV4iX>^c4Tm}`eKSHf~v
z;ROA3GEdjq{|4qf@FVE<%=dlB#$#=1mcwI-(R+wmvs0&OIB^c1cd&b18TIA+4B@3l
zRjHjXs<y9OrUL6HHW?I&po$#2QCyls2G5gY{t|zYSqE$(BByXa3tZ9ZxmoViUj7d}
z^FaA^_}g#spzo`kV(i;(A9m;;>|S+;`A#m%t+UZtmK>(t<5};BD;wSsDC&PXJXLt7
z+0ALobFLIS9JRr|;al29?9&xes{Y-54f075mfHfqJI&)3{p3nYna<tAs*CfhlS2Aq
z=EzxH8GcF>_7dXNNkcc!i@bF$y$T0ta8BdPv-U!ZfD+Y^@s(6>&W0UUg8*O`p}^oB
z(<}GxQQMh}!)fite7WNxdF_|-KY}@jwqO5bDe!+#f(v#bFln{3v(2nLD)q%@fDquJ
zTJ_spKDV{hd0(~`9-5}M9A1V8{;%yO<oCgTc)xj^urvBsI{p8><iUa;tUE=PauB(a
zg5s9^Hy)SmU!)9fg<S0%#<=zl&74g2o2V(R&Z*9?E^>cTm3QM6?BI(86H`vav6Q4v
zwE2>foIAzpq>E6DrJMpk&Ap-Dc;OZbvm)kX?lktp7Qn@E*j=41Ld>+x8oJqmnXLT4
z%YUMbJ<tAXfHwlc<cemziUl1x==PKt`*X!zx3!MLPvJG2wZ8V2w#bLSkG_yJpJTiz
z1Y67AW{Sl7KxL5y5!7urUad!hIR{@vn7;hJ7Liw9zlD|+Zg>+21-dWTIoUh8NC6HW
zGSzWrf=E*3Py;q=h{LEtJQryRHJB+WVn6XV_w9pkCxwf|=QlRnV@BTWnQc6v2TJ?a
zru{7%31>|k`Z^ihT4?*V9hisGxS12E(<gM|(@a7H?NO?KivTv=x4mSX@2i6mWMq+4
zm2X$KG<;~%ld&h*z(km$iHsDox^8e|N16y5viMWp)MJSlI49*iOEckYw}M9J;s`I2
zZ#o~?`D%_^YWA{Mu9P!$QThCzOG%859hY-|o%m9CSDjZ4ZlsRVHtY*bHcG1}3;fO6
zD-b^c7FgG+)R{ef-*6|~&N0)4G@*yd?fVWTOy+vdDYDaqvoN3Y`o@gYlZA%Sia}@O
zd|DT*xGe&n@4wJ(_>R@l(Wz?NxRRJDh;pUay2`2>DSa^=%h0q;SvC!^v~P@0_@aYy
zrsrh<%65MboHvfQ&ZE6v6DCW?8qcp8qY&;H+W0p^pKT*i`FaIs`rrYl9e=Y~wZZx1
z^h9OwXAhiXYSO#SwQl3)1byfP)iq3>-<;EvpKTiaN!0^){dw4uos$5{5?NfM5m+v@
zqEUKbfr)+OmCr+B3Qx!s+U&wdd7GsihKkwq2lWZC@=$3_@8t{4z1r~#ebUmsj`}=h
zUcZ_+jQKTWc{Q<WiI${zl0{>v=g@QM**Nj4wZWztAj5(98Jfx^ZkLZ7NKH`Eaf|xy
zgWbK+{BV6o&4>F#Uhu94d4=e3Xl(6S9rc>mNy-{*>EC#G-@pyjYlihR{YR$HwH4m)
z!(nQF^Z2*?{AoM>0qGcas<1XU<RTAbU2dAow%nYrDw_;W{CJ%*Mf~J2tQCw{uP<JA
zNZ?u@=PK&_o^f9qd9(cqcu!-M$e}P+wO;aAt#TE9_HU(6e2JBE_CYBn2c=h$HV|0S
zwD@mtMkl$%MA~%8dgQtwCsIFwSagm&I*Qnsy}(7S2--05wU)R#=jI(AojqVZ@>A?8
z-2!er$1L0V2aT@Fkv=QCjp`_S*QwZ9+Hi})HauUiT!Z--(6t@T;S5Xxbtno_G8w0>
z3s;ZfeM6GX$v?Aku;5m9cCwYs+z&xhlXe+6skZbwxlX2$Y#wLN<KEVc9(I9t85Ts(
zrky55GY}`JOd)2IHA`paH64r^#~3}c=AqzhjO`*i_Q|a=#$9B>SXD*mPxi+jpoTWR
zx*|AYknUW;kMY*Ixpnu;pV|vg`q^31$pT+tL&KK5H{pC;X|V|s{KKs6hq;iDv1u*b
zz~GeGh6SEeu%%z^^n>UvgXRc}i0iv>Z2aZuKmEhQB<qFNu62KlAiI_nqI3V!8j;fh
z8a&_)LeO_~3lJYvpB+P6hd4e=BS54LX^zQR$*(t7;^(WC^%Zfj>0r0zmO&?bK|T)q
zjzXtYi!rf0s?k*Z-J~e_9PI!@=t~oy=;fN|65tQ}K(Es<yblsxv*6(#VXi?iEymmb
z{LF{1tpb$Y#@DIwe!@3j<EpuKW8tl0Oqm<RqIHGX5F8Vn6(!4s#O?Mi<T)cej=??D
zNt@{^gl_SWo1+YmdsXHDN^|fpVHP(kE^M!xr>MknJgp3UW)ta{z~y5zR>$qB&L)i_
zYZ93sK0gf0`*1TUXD0CUIIDDGQ3XyhhEJj)$nxEMQFq?AbYlb~^Hj8MK|2Gr4oCp3
zY7@<d=tv{!avzhV%am~RKV*FKNmA-U*h7x<-rH_rm6`pw9cN0myA>e5*{~tdrxOlu
ze2(MVJ(ehntB%(!Z%$o877kKcugK&mqP>?o%S#2xKiWf=6zX!~L9!}c%@?)&&|wMf
zppIP`X=KF%kFg39AjpAOeS_*A`$HO;nu?mi?e@|u+nluyt@pf<1Vi2@e!u`y=;?Yz
zTIGtlVK!lM!+#vEX*nnmeEOxDxwmfizLa*h-au2s`^E6!Xm3CUm#m+|$EF{MAtmJ=
zT5y=%uOHIRV~Xdj9lTmc32<L<jH<*yKE6RT1n|w;>j9UsBgEy=0HOU2Fp|r7ywwC!
zm^R+`2-g4Uf!^wRC01P>3yJzHzH`n^eW6|ga*?ZsY?%O{6m7vE1!IphE7IQ|u6Jj}
zZ8{1oGoN*S9m)AtfL}E7wTQ4+kK`KNMmVo}*fMorhOh$RLjm#%X|S~7{&CD>KLEJn
z6^dOB4)E;h%f@{XmhB<8d)WiXGmXZQNSNX;dkZd7O4KkZ`zHTVNGUN+HM+vaSQotV
zJ+1n(6tZ)a(<PE}W{pTq3p*!I;F4YQGsJE==nUx00LgN1#Yw{mXp-=$XLkF6)p6vF
z70VM3CB+}cb>hcaDP(G9V3%pTu;S0$*Ml=FvusX++$%Vj=L|g-z>S8YmEM>tZ+%i=
z9=y{iAZU(=etESfm(id!wKb<#$U3O6o_O2BEYP{k`0{O<tLD~bx%G!4h&sv88EUm6
zd*xI#OXPVk8q#B+&wODpHi%$GxwQgQ>^|_Q?x7W1n7vmkV;j9aIA>ahOyV#>>fAA8
z{Nf`0AYrFnR+Kot+c$$1K33M^g(gVx)j1iU^{D**CaWFy>8EdE6-88@5JOP;qJU?|
z!yQG}80z~lPSq$1v!3KMG#5R2;NrDXR^c3KXS?B>RA)@iRApp-=@)+k(}L-@+F->7
z64cb?IIEVsAhn4&760of#u=1%VUUqWz;Vf9?w48QS~pamQX>TECCi-{eNkiFedQYp
zyNeDkwu5VEXw+;PVl3)!O~3#l)q8EMcEr?TW)T_#SPURNu2K#$DFUm>s<^rh0$b$w
zesRgl<#e0bYN-?xxr}4_(;#{3^P2WVBuU@3#C3&b@k1yc<&U$NB%>Q*YyFc5p~7=`
znPIg_hzPhMw_7^{1%z>$8&)0_ue`FUH0PIsk8y_A=xGDbm;3@&Hf>YV&7_eE918O`
zn$3z@MRRib;Z~uC5nu|xo4_TjsP>J!xl75mRd6TVZ3=FtE=ygDtR400N{G<LmO>1^
z!g!mXdoh8H(-;eVxo?+07*LDJkEh#HZZC`TFOR#SL7=gU_6WwGeg2tA<(jDyf+t&f
zca~>Q|BRH=1sCdlN;;?4YNeWs!BHh36Q~Q0qOB==9wt9P>loVQF(FUw#k<7{hv;^f
z7z-+s&B`z|F&h<@>(Aij4ZD#D!jf20i)gy3h2e5+LXQygwykK}=2$dyh-E<Myzm8g
zHeyD6JT9k_WZpAoQ6s7>>+w|!+C}|KAe`>*sTH|(t*T8l5X(~B{KXwkq1>tP-F&19
zN3r0c)+S!5S=s!TC(L$y=fX8Zyqdid#x$_-Zmz`t#zJSggVBp*JEHu@X~uCOZsvpX
zx!Z6p2hQJGxZG$aJ(JJT(qVOQm+Adg{LV)DRMK$&Bko%FO6lHTKDpIp)s@vXhw!GR
z&ijh$*7xE3c}LDwz#&$Ck@(A;`VeKHn9yLH^PfP2AyW(Up)}Z)8>oj>hE#E4@vXdz
zGU<7T8qS&uRIIJ7@yL7n|BS5XDLP&zln2dA%tN&nO4^iCfaBxU(2kPCV+Wlj9%<Sf
z0B@d7vcYN=FHK5vond6*y8(>KO)Rs<YODXnQ_~wC52&||3fY~^tG{6VS>&1SN?lDu
zdZ4nryW2_~skJv>OJr}ZzCZsTA;ziyC|_2fcArgaii_vkQ>9t1;%U=<N!yN{Z=CbM
z4b6$Z3H=Fol!G=(sv&RR6dwJL;V<wS*4NjITYa8dr3;kovXWJL;k{|S`Ms5KCyYY>
z+Ze#$MW&@sW@cvMG*?BQY-s|uU9{8HIUck8hvG-Iq%NIz{WbL6^&xYW&yDbZ|H$P2
j-z)yFloqpVX?sUrX6{NJOGjQg$e`9ky$7ZDpT7PdmL`sk

literal 0
HcmV?d00001

diff --git a/assets/security_policy_open_github_issue.png b/assets/security_policy_open_github_issue.png
new file mode 100644
index 0000000000000000000000000000000000000000..167d28d0644f5657605684fd8204a2cb96f91856
GIT binary patch
literal 18006
zcmb_^1z42rwl+w&bSX&75R%eeGBnK4AuZi0A&7MA(9$(SBS?3HgtVk04T5yT|Kj)U
zbN2qv+1H=fMa|6nKCzw^_qx}5iBMNnz{94(MnXcuQ+y$-iG+lL5B$B4`2hGiIYyEV
z{6coqRFFn0A9=I|yg;><QjtPJs*1z8HbnzoV>!Rjb3;NRa=-sZUb3R~MnaO?QIwT}
zcpLv}vGyaKS~~M@Ygv{!J8EtmJ$R~6ncdG6Y3v*8d#pLqVcvm~n@b4seR8~{#Q5Pw
z0%$z_c<HqYCI=QHofut9yu7reU%<CJSdYcv$jFH5ELPk8hJrY+-E?W{HxavG0p3pn
zcRK{qm~<fzSCF6)4}rhB2@yoVOX+Y12-BYr6pF#XOH8_0b=duN(vNaLg!dl^N<-=I
zKX3^_$o?4s^REE{I)41L_9dX2s8x8v<G$+--G1;%GZwo~ElZ~$=E2|BNJ(bVnHPS!
zbht8J{c;h7m_)NGctq-ZOkECc$<6+Knu<ec+uIKRWGd8fVcYwr2mvwF<lzv^cW9cq
zyN0mk50RUYlaL@RRWfRh4FoeB=DiRX=y}EU_162hN9)i0et!=F*=ia_McZB&re~3J
zXdIoG_mwaHTJ~n+=T{lN5>UBmVF-z5mYSgnil^iMi3G|{OFO`RN~k|uX_=hn6{JU!
zDd;9OO#S->><RIHz!+iZWQo(04`yrIwLvHt8>{Px9%Bs%WKw|Z)nv+n?d?}WQqslC
z0-Ypwqw;m?=;-J#UQ0V~WLmxUGl7MitHTC|hMLfhH^~Ky;mst4XO3IX+5#5fN}isv
z>`Z|4iK!G|?T8bDvHr{9Z4eeSSCn)rzeW=Xs;zyxCy?!t?n%zT38y!CGx5dFsrfNq
zzVXc13-c8jXk>W(^)8M>++zv&dOFp4OOMmDdl~x;ja5ykoGq4S2XApR?>{t{Yc^kY
znm?;QU{r4c4Pd!?Zi@0dNs`6Ti2QgzDxS=%AZ<2oZPa>wq*az_dvP6|`YA`R*mLWU
z^csuPYp;?dFncIcGx(9P-*LxV3=yw=o3pv}l%CPNKDB;kzG`s)?wBcqeBOxCFXIUh
zS6A1|W7>1sDC>CSx1nUD<WBRgM*~G!I5-u)4NgnZfjPfQ-iF0?GY<|9HU^MBnW*OE
zqLQ@L_f3A*n$#k#MM_FKP4v@doYC)dSOvGXr<)*^fQP+6NEVxRdBV)YHDVUEu7lj>
z@?ZVPG=kpeAJ2qe5-y2AWE$Wfi?aM(?mA@3tq^lqo3|*&fgjqgr25=8y7I3Fr|ewC
zh@zyeh7+XUIQSpiST}2>aB{Mya@l}9k*0n}LDbd5y{z|JQJmVYf=a^$$ep-t2XSTv
zxSo3VvVV{`TM7Ij`S1~;Ejs=qcD%vciseeh!6LM<{QUeu)0Obt+=@K>fHkhDtd!}J
zZ2y)BpCfWJV!>Xh-Lz@o@oOD@{pkiffl{_Dk(Uqg^9>~94i8;x7<7h?*#WBxTu+{&
zrc>M#!<sAy7ru`q6!O}}QMK8syS*K`5@hL6oi3e6($j146dRl=U#>U(>BPlIvT}@~
z)$sbv@%V&V5Pr5z9sd5|HA<2EWS@<okPzBN^YdqQaWPSD4zf9QwLU|iKW%U}A51sh
zdEc2_T%ZYxbOvzY(24l1Qh>fUQ<HlU`!b%QICS1BS!VE<1f1Yam@AI+fXoG)Tl*-v
zSH>+#V$%gFOH#njg_A|l(vs2a6i;Eln5ycDA1_oo;IY3#orO*6z2VKF+*K}a0cml`
z`i>M+@W=M#ufuhAhbo%7`0MN!V@c^S1f6X*Dn@IJTg|566V}SV+&9k;s(!LO3wdY$
zphQ+q&YTd`&NwDcW&<4@7=BmXzReY5RYk`arMG+9j27j3bhw&q+FzM)&ZJitz>t)S
z51bJuT-x#*@-FU@fAa~0d|a3K{%kF^!{F^1Eten<4|dwSErI0#0{YweBnJ-t+N7p{
zJt$VXZlyDKEcte*3FB^C!2WMxnf2eVqn3?#jWsj~ZzJ0e%r?H_Yx|tO`&>;8__^yx
z4V9A=2-KkXZ%ji;J8q$`FjUQ5O=aTS`q!H6j?o)t^X|y{Qn5BzYS#4?>E@|K0ul`$
zb_$VxdMfIBjhZ33JlHYv9XBm4DRkQR6sxqfG$a*|mjBdg|2hs58j|A=XMZsy4{dZk
zne!)~rPadvT&`B4JL64KOVfHU<a!V&V|&)|sSpzyMtRn42S}ID7*nKFOJvq`H-{60
z*J`A9i&p>1uT4AGr!&7KrReE7mHbP?r>Y<&nwqXW+F#?CIv9W7g0Hw}u00**nxSOK
z7nWl)8A#oj>!?oe$<^;NUlMD^+U(MJYOc=K-|0pQ7f0CG=mp#?lq4>7x87jnryaEL
zPWRP3sz{;rL?Y82?K=njKHr1ZW@Hu?Y9Zp3c(<aAETj=y!3qk7qJsMR^tYk0?Gc8K
z)w)o{!WcICM!k+24&{CyD&j)YwMU_cGs}J$)?;dS6DMC9jy?(pR#`2gXYkOWjy<rE
z<@%fvpTc;CZDM;i_k*F&Ik+x~LhXHTp0n^Z!l9l^+f(>aD(SsIHgk8jXpJa0FFkBA
zM50~&-}GLp{=%i^p3`0SPT3d<8!!^R4spzt%}{20%%?;J*PlQWMQH<7H)hxN&hm_j
zys^<^ys}ydoDerpc$D`VI-c%4SK~q~`0x?_E=b@RL5v;Ky??F?XSvv|a=dnllQ?iW
z1uG+bU-pD=iH1xp;W(JYgx9kdJ<89{=3-(xfz8}afAR_}4PawH*&q_qp&S)E+_)83
zY*RpMDc9h6V`Fg1=W~3Hm9lXAHtaZ3(0s8ikTx_7o9@&4^~O<!<8rH*<I1Y|4Tc$U
zBU%jHGCnQsR4@5i)%<1NZZA<vkYSmWkGwoH_S#c>f@SY%*$8oqqOJtJKPFi1=31%)
zdlHqJs^?*=V5m-;UGvsfz^S*%rq36us3U`;@pY!k$u$R4Y5wzTBNMdlc?@#yrK;){
z1S54P4VAy#K2o7&f;|aoO<&3>Wz_17+Gn;pv#Ky4<PCueRlIY-NMT2=R{}F-%a~cy
z6)1Ee@r~nxaUNO1<oMikH4brUUUVj8&WEMG)6*}0Ay8wp1m7JEYjI@Jircb}*s|$V
z+_dVLT%R}z6F~j9TUDCg>`BO)v?U}3*mZRFSdSXTi!iiY;k{5*)dRc(F-K;C8_ZC2
z^IU@^!^*L{n^UjxQ7`XC(S<Hyi82m8_hJv1gHjgrn%2T&;Q&86_D2)x&z)`@hMq&-
z(B!z(u%2NM&<F<~wWI`<1chxTRq3d+ee>Dndi0c;c?9wRs{hFmMKvq0PqkgogyvlW
zZ}G1mL(Hf@x2Ct8Ewr5x=1p`N`z*?7k;yulQ2iPU%0i9cL*d%D*t0T^CJ9<DfA}XT
zyz6eyn2U&svO98p?W4VA)?J_`eq~6*-z6e=)0e7l@rrCxVb>anwRz|rcFQ-}Ki!_)
z&J02cvY`5aFZYzpgeHa+wBD5K`1mvo=p5s})F&Hgr4;L}8P#QM3vhi;e&q**;EUQ1
zP~~)IO{Ptrw0AaA4P0z>R9~}O-4p=0hVz6i=C>tsgAba5S|*ei9iLXhsG=e}I;ttc
z4K(sp(5*f75*;0gsHr0|-xn^pF1m>iU5Ypb=>TLgxB-iYcknu=eQ+aH{h`ju_wEn~
zt$9@TSS)fjfnVw)iu0&Eez<4$*4$E%AD%YRW(d7j-Ih#LrzhuH4RY)!CIKhex(@+^
z=k-P>n}3LN(Nj{VExKqAdaH4G{OQ@qoljLO0<|>k*;?>{`_8&EpCe$gm@GCFiOr$s
z5jH{&GqsO*>F}|`LQ!OeMB$Z{+dJ}$HE&G_ZpdCf`1G{fsefiUpa|#Sxm4!&+Cnw0
z!oq^H^PIZo{^GdWz2&wx{|(0*4RK5p7ey@FG{2sDl<F6!c%)o0M9S%a`W{y-Blve#
zk$#A&2kQ0IV6i|WBU^9R=l4y&&K|taN5y!jH-9w=_;%5J7YMxE8v$ND=qRRYMVp)Z
zytu<XMG!4O{lu8=lgwIf9tgm?nqB~`<)srO;R#9E>o(OM)Igqs*yKq<>8+?<z*Y~e
zZ}^~}a<a449km93sY1b+boqOaBs^ND?>Os5zgK;}yLr(ib${_5Lh~qZ^5lkGt)2#l
zjn|JG6)+?#l>biv{Qn-o_un;ArGMeV?E=1LLv{Z5@c#e(bblud|L+4N2p5mX8Z`l#
zLCJ_w6D%nSPLCrc6WVs#JOAyQkZo(4Ojw+m(KY1A_~3iTTgxFGzlocx;9zMe1n+bB
zFS8xnC6vK(+1`NJi%d%$totN~FB37|^7;%2)YltfS<PdoQ{mx5h{@nlC@Vil3y^(u
z#dF2@Q}A0|i|l*!_xE@20?u66{aO$NqMGmk3{}H##%ZEYwe{kg4!o<c0GH+@`!G{q
z{ytGMYuAECM#R|7@0}Pmoq1jtPXJ&W3P;N-8L#axP8zMf@cBx_?}YSDHv~JS{5?pl
z-as!Q{)4dnZtaHgfbp@?T3NKj-m=cn{b16#fZ77E_@eLXZgBJ&g@8-7@(UkJ%eBOU
zp{#&YxfJ#9?H$NszP3<dFY#RfDQ7>DupUmegBH9#+bh%mRK95EWcC&Cv{;$kIAw54
zPT5LEGdcYpt{ifYy*Un6)}CT8R)k`f#|2RokQaz{k4&=Hr>D`(|CmVs*cNe@dv%j*
zcCYGyc@W1z;KlXld1@j+HnIhz2}P<|L4l7%0yN3WjGJiWdHg14Q)cUhB!<Hd!Uwy1
zdun|e{KH~tO)znm>+U441eT=v--CeTQ^}-?#s<J|wqCLG?=iyKFLH8nJqN@^-%SBy
zbaQnx71f7DMn<ZK%N47utEa$VWl*fLo12ekIba~zRp{0I0FsR^Rq)%i;9pHz=rN^V
z`jxLgd-*75fPh#ojR}uXK#&l+P-@cCpji5BwBQ5DNXT;-4CZkILLx&;?xgq0RD@U!
zRIdSOaaxVvVZL<&0hZ5jtVtcL1)0ump+9=Q*r*~>OkGH4fV>#ku4<;kt@K9*ETWnP
zF2pP{?$JJLCv63Vg;MED-aAJA^Ej_yl+Vp-JgJ`4jVmME?{05euJGH<jU7!q2=EUg
zKtGCV3V+^ey}n-`ohpz8xKeH%J!@O~<ke=;`{mp3I3UMO`tZSX`}!SO!r|eeBeIyR
z<vNFMz8HF`ZUcHr3d9CTaMfzOt-c+SQc|Y=AZLgM=O64L68)43-X#VHcLKo>Ql|E2
zmE^WM1?GKf(yy}lZExcwcz8b<2OfO{f-wXF`GWru10#*k($~UbvgUhyoA`u21if%P
z7rFz4Hc|HLm87!yWxp%25>SVYdOZMFyYut!(aIbG{B_1j^h$a@v*jvF-0iuL5THBN
z!pb<W!{zj0xw*Lpbv9v(U5&uOlCc~5oi3p1nE%<WM;;lp(QDthtzF8sNd?^g7J~qt
z;4$kc3UDGSDSV`yCqOI#Vt=#K%lKm4?cIfzjRMb#4lCa?>Pi4ImVhiRECx3w=UPtJ
zud~SKjiCqtTnFXgr!^81+d-I0@kzUKX(W!HBZve68(1U|HY2<bfq<$g3Ei8}i;urI
z_5P3@@qNVqkL*V`;EOb+G!&)vwcY);r)DieO({Z6Q>=(L@feFLiy?|}$ZAkl4z_3f
zyaE;3#r65eBOhJ==^7R$1_3b<6Sx{b4V*}nRZL`mZ*g!r@Xm<z59z|k@I;7|)N7(7
zqbQVPsvL|a#{^GpfWgitMgQ!C7p?PsVyc1e^>0<fUx*L!Nl@n|+2MPY3gNTM7K^aa
zv+X5@M#ieOysp#y$NQi?ZRvo?XcmM!|8qT+zvl6x5%qrgf%Y$HyukZ+9MJd^1fSc|
zc)8evm@Tna%8tg!gM`q5cDUP*Jmz;F78~-`|G3lZx9H6X)RQ12skf7UD&LiN1ol7J
z{5AG9F=CwIJ2G8<hx%ePz+1@XA&3?*LmAgx%{jA2<Eg6-<e`JZY@1@QqS>c7r`$E(
z3ec@4<O(y=g-m`_$OiK`yoM@@Dr$EeXKQFZ(bO!$%IUR|4mZga2GNChhX%qEGvi$$
zV;<ME{J0`VB6RtL8jnXQr#!Iex;btOz)uqloP--&CGvWWaBSPl8P2fi95svzVv8MZ
zq&&<4cB_5A9K??$FkW2snc4Pbc?8u@EV`KR?Erp_$F<A|C1UAtv^!0vpP#_Daa3k_
z#R>IP{QC1QaSz9lit(+&wv(ocRqZ4_>;b1Uz@SwCYzNstR96C-WzF?WB?;``CLL3X
zKDoIgjrRq8@~LCaAzg|UMQ_woNKtjRa1Qd6hEXxTy`+aLaDO2(6yA`FK507{z9Sve
z%{eJ(6ob1yz0hJXz@;o^zO6mQef54jgA-EZkt6KJk0=4whJ(;tRF|>gx6Q77&xpG$
z$5haOR`=-$o7e5o$#R1mccNcvW@zM@tN=TRwWR*F&Sl|tF((A0kb_V<BL_5v%pb0u
z7pnV~Wk52TkW$9Y%2CQxL-Aq}jQfQm3`!glFOO<O@VK&h#nIG-wUJS{5SjuJxWD;P
zHpnNEO5CV8VTxW6cD6@KLTbH6nzY2Kz+cNu*G(Xq%+AWDa3;$#<+TpM@O;P&yt{f3
zidbc}-F2svK~R~U^yEi230=IqsEg8&DwDxH;2jhDs_2H}xa?8iyt=)DU5gLgQRs*u
zd7P#1v)`KLlcA1MghQz|^&L^c0@YrBiNxt|c-v<poyONwV7Xa&+2AylYNHhL5NC|0
zKQ8S+7DhB)O(R3CE>nm@sW?@6Ire^Ujg*X(1XfInNf)4I>SAMzY_BNH?GW+MOig3!
zV|NWZ|IY{zDH$x^Y8{c<ht6-TPot4YNG9W;XhR9XBAvtzi7!NI<PfeHNP@5k%qAjK
zFn!n+2fp-}Xy2RNgRO5DlnrRM>)eufNt_l)umec1Hg2`ozP8l{Y0`2Tgzcep8s_Hb
zZx`>pN?MZ@h28NCG#8iN=?6VLOi4)4a%K}T8LkHyNhEt#e%^}W<B^}g7ZRyhKZ?P3
zM?QX8psHY?%ZI-iiQ;58F=Kr}n|xa?ECG#(@52S04+}rT%&H;)Js!N1D**h!*8{kY
z`TKO2@@~d0!`6gw!^X@vva)?9(TNMu;jO7@33<lk(l6dW_(<L|3q#PvlymqSUN*U)
za^d0QcJcj`bb2Dxd*zr0ATRUa%c$|KL`_S}o<+nn%%>IgCE8Cy_*ln$zP|gKP*Toz
z&`Cs>|GXG%HA!Kk!PIaPT1ARtukDE33#olTm#-K!lAiEBEOvK$WH2eeNU1_c=AMdP
z2}VFr_$3=#@*&2?0c;`!9+ScVVT&fbU$$%LZegrTAL9K03P-nfcdyTf@K-iMSjBd#
zu1-;<(}*`aH~Tk7%2kJPfaCU3huLP!E4&3kW3oe)z(BI%wYQ)+w92~}!e=@Ltnll{
zGV-MS{gR+J0Fj*oN{#Q(=mpQ1q_`@=Z5eyKLCGJs;b1u2rlR?_4nSuOWRwMw%_|#n
zN}^7Tulj$_EP0EF%m>tI#1<6it=r|5pX{LEKMad_3q6`5AtgWCT?|~hepj3M<&;)*
z5`IJupeftTcw1;9j#4fddbi8T4hQrtjvG=C*58k5k^Mnxq5#a#$qIu_DZxHFEMq~X
zt-?mM<cz;E0`RK1*y-h1G561@W^4AFwV5~(kAxNv&4R!A=A;93I6VfyK`#MRG!Sv8
zMCmx8(h8rAbrX%BF}$I|f29;6da4ei$?cURfUxp27?f!#{MNCrdqeY+Sv8Z}&9g5~
zc(K*rfTLJMMH;p}SN(FqfCWmQFP@E~1*8Ks(oo-UD)PrPki;e@OH0dw0!!l(O=Ww-
zdC!V0VSjWV#M;q0>l!^OKmbZ`2(Ctujf&pvMkyt6_I>9-5DGf~j)d6(u#K2mrAPcF
zX&G3=^OyVuK>ii5DrZ}YvAw!zr)wYAud_MZDALdA0I1U+-i!8VN?v<Q6MMA+8nhB|
zG!jA5c}O`O-zh&;%0bSrME0ro-3Fv`3|%*WYt(%9S`MmPzCrpl3(mSladWkur8b@i
za)K>rC6*1Nh394^VV*|t;(XxmhqhE_bbn#_ArJ~WUQfg5REl()y0?tW8`s@)AAn6z
zsxWLh-NSgS5qyJ{%CF#w)Pb5bI4w8%+Y@4x?OGNK1t?#gTGce>%}(#ApaYr=AQKEp
z$p(qZ#zb*K5tkFymr_j8dA&;D6ODpzIY&!A6*8)hjsXE35=(b8KnhwZ^kIng0>CmH
z`qj7-Vppgue$7sI$b`WF=%T^~P#nL_p!<iRR0HZaqSuTnK^-y*0mn8QxhrNf=%o6v
zN}I{()_|Yu!{?)oeykk*+WKO5<Fi=r>D;sm?~3aleDXQm+IR^X7+`gV|HTFK+7709
zP^<d@RSW=y72XL>cxT}}d;A==V|z;AVaa#257VKz)DedsI|61qCIO2^`LgY|K%pg9
zd|LWrZZ5r#<!@|ulPYYhi(Z5M6_2ixqBG=SboV>t3BqK~yu<p4_c3@6Zlp~;c0t|v
zO~Q8@J$-5!iC)Oh$c^#(3#g%;u^fiYBqDJ?VafQPKcpwKq(4!KwT1E+>LR9@wyuDR
zQ+O!i_#q{kQJ`95(^V+p^EK@x{UT0D6KCzv!T!)}_KLO(RVyo~mMeIA{X=5n<za~v
zK=$c}WE)5lT>pwXoUe28x-Qn5sd&KEYljkF*xf!xHD_4msxozo`wFUg#EJh{9NVK^
zt*C5ueSM{fGmQQ|xdRwoI~A!MZKh`NS>onbP!%2X(g=TfJNcNd0BP~g&S!(Az4dj6
zgZ)vV-za&lhctGQYC%Q~zA8)naCjAh$Wzi2`iEu(|MnDt6B!%mrUkqmo4hBm?CkSd
zgE{TBnJmG6)#(q-{@R~q_=g|k+AuH}+@i%K1Wm6tpK)X#FS3Bc#oCLh+P&##(BB*a
zDd%YG*eReW7zB@lhP%6a75!t92wsfNolw(ZJga@J;wf2@=)tC_$oh1q3Dn^kbK>&(
zzM9dDoJ#hHUbBFEnq+>=0C{d|(vRQQiQB=~@>qk~K=p<4WxW<T-@CWMeyb^43xzrz
zsm=rAYibf#^tPusk083b;ROJ5+QFj{oE6XUlP$WycZVm)wpaHogOBvyW5R)opjtMF
z)j}DSM|RNJ2FjEn6{Q4jR%faa^}J@x7!t6*b{Ji{!DQx||D^WhGrjc+AT=e+dexoh
zzj{?N*rlI%sN>JKQ;KC@5zJCLAUzGscE{P|w*BHwfkY3Bd3BNUSeU@BV{~kC$sc3Y
zZ@&f>92{J3f_9&`8&FafGjy;$If)rZF~v@O968;6&DWduSqFAZM*%MZVF9ihNLLR5
z9ySyUy4razjhsPnPgqt>WJz`#5R>{prV8^P`ZCz5y3Mjjr>4$UlU)HaZ4&k-&qo_y
zl_Zx}=zaEy1%Wzg8xr3~gh-T*3CBl-1d(*Hs-7B`B%X(THLolKOc6MmsdRy#a+ui)
z>2>x|tpO-$_gNBfYV@dTwSEBrqgnjiZ&J66ff+^jlVg`jmQ4)N1j=G?Qrw?X88Ad8
z49KY#iovts&4r7~np+g~oicX4#%mybO+T8r25OtSmio?^__Etkh4!;GJ~MkQPxTsn
zIj+0%!DbX(1iMo)DYH{{GkKOi+BQSezXX?@+IB1(AEH^X)Hy5zEOUfD6l?!Qf2q)`
zhp%UwmXQPy?%T(d{dxd_j8Ds?&a}I9Ol!@|%=Dx79ZN)Shq}v?qd?<m=qi&mj`z&V
zTwR>BcVwI)??%&j$<wvxpQzxKfhCnAfH>)r3&`Zt6IJTVr4WwZ9b_OmuARiPpYe9<
z*7?3W`^oFB;V2*}K_m3V0prUOunQ1NE#ne&MlFa0t@9pkI1xU`$ZxwW!~h@1FcJpu
zzdo7Dx|6otrJm-8CyFlMQFm>bfTK6hm_V1p+u88Dt=~U@+7DL_6b^(xz#uHx4lhJX
z!?P~UO`PG}KbcoZ$I^nafwE*m!8v?p{QJXfbzLCITUoW)y*T~Yw07kFGy^aUV`b<R
zlIP)Y-LlN%-MD5RM+nwF4kP-nyxS&PcTq2KWn0^0P%@{<*Yr$5AF8EcAcR)5-QY9z
z1C`Maar+%10JR7S<=QIC6QAyE)D3z2Q6P{mK+MqKi3))L0`)#iV#q`gg~nz2Ke)U2
z!SbxepPzoE8dN(*0#$7N;=H=)Lcz+-JopeW8A0S@diGs<`Pt1`)Y|GeF07#5r%Zc_
zVAX(zoAi@weI;ocVq65|r$`eTkSTSC7a<r;Fl+42mSSl=#^WY+Z6Xnj#e`o~VXIOF
zS?e6<JG{>_+a4N240n6*1kWZFU|j7(Vj>reZ2;#X_?9y|wiJr>_|akpaClWcT2TEe
z*BHO7VZdcuN)NhZPG^Cz9|;O(E2x!$dq>HJ(|BhPV2VWTGCh_v+00i5%D<!aUa4@D
zpfjZ2zM0yrA{M`_`J`PC(#_bQaR?dOFm<Xf-=ap-2-Z+rKJExG#>63iCS{l9cPe!H
zT=)__0RNFFF3L*qyC@9|`PnTAqq}2^p}O0HTlmBVS139<UdQg;jS^J+VsvAs{A%{a
zb{;r4$2+0yEEALNvmiXtP%jtgI*9hp2UBQ$e|lKJQ)FnuTbA`W3Bw~Sj*6O?S^%gD
zJS5R5n60k|Lf!t@fqC%&P_vqAJ0L@(La=^LuEINt<C6jag~kTFsm74uOScupSCqeo
zWQKFWx@-IU%>>X!AKrlBMm#m~n@6YJmodSwP?^JOS2b4fr~@YulZ`4(QH06rQtq-P
zL?1Q-h5fuYe-o~rw6z=o!H|iWWn*<!Ig4;ScM9j~loqV2*g})MIVS~R=x%M;v5MfI
zL;S-#U2IvKki;dZxen+&FiYVMxTcm-9u*JD1uG?SB#$~bP!(TFn3W+cx=*Vk{Q|&&
zw#uzk8W5~sT^`@np7uQ@AG^WWRn*sS1mrE3*}6Y9<J|)O%<s5jky?uwPsr<ALtk)8
zue;qE(7qyg+{+v-@ZE7CA4E7FLI_Q)(7qSs!p{Uy2k41#Z@)sdoMm)f*zqTDmwa>*
z7He|4EHkvzyT)r7`RT~euado3I%a4jfHJ<3&uvRnBnD_>Q71y(^B0a|f(yw|-zNdW
z)%3m?glZJ{UlB;bPIpBB6qGNdQ365+b}U<L1Y6}9-!KW_Fv$r2k|IRSS?zG8ipvL-
z`{-hW(<odT(T*R=q}9D7bVt>skNF3c6}EHdWAxciPF~*Xya#g!%JiXY;5g8h?saYj
zXu$fQl0#8SDhJY~b`ukfrKs4uqZ#}fdO2j0CFXS-Ts&TFqAd-JeI%lKzmgxN;LS4t
zS-ime2k8}Ug2{OIHO0^Rcz4XlIa^VyP(fZ^1qc6Phqp`)_JkWC{ccx3jdpcDbNtq5
z)XLnK4<36=Qf}DtoSPM{b{CZL98T2Bu8aSf^DctDFw6F$xmXhdaR*{sCBfn1TlEZ}
z(%xR6y!_O=srXfAKKzx>Y(ICQH7o<NrKa}zdZtaH#cyqUPwcgc&&@t<z_p&LF-<H<
z)a|~BK2R|^*lW4+ztt6>%jdrDv=J>LgA(a+`=jun#{v;!Fi-lD*jBBnwXX7>4I{c|
z!xV1ws+Mlh`vVcSnoLFem%NGZ-@l#Gz)&e$uEaVykt+q-A6B~@`};mNO2*l@X*~S-
zJtJ$~+({!GL_V4B+5ZR43=!wt1_q1xS%oS!sNuR3miM1&%+HriRuI;XZgKzs84
ztfnu|8b*U*AxQ!q9|f5%bZ@dELJmmsK)u@0l@!)fK*(gir}bBaAWZLY!vV3=VBCAf
z(HsCRNCHZDD0mN&z44)nIr6eIf%fz$mi`cU<?b1l$dT}f%H70R$lanytZ9loW+S!m
z;;NBP&stka`R1RL@P1G#LjN2vM(*IPXmn^dR~)-q><dBPuEjeN#s3($+qYzVsb7<_
z^iCM$GTmBQIU9W4X%=cqMYrk5duAoZ&!chq<o1=u;`n_#(x0VL5$+U$(Jb4BPV(Ds
zQv90gOOI81K1PCpn>aSzfsDCAO-V}NdgylueVB;LJx<+FhmqLImS%y5#WZ#KCF5Q^
z1vQvcbx?-d)MTUNQs?sC`jx7CjHKOnO=ZeJHH!(W0uaY*<G9fyTAo&^=#Ie9LO<)Q
z@_0QBlHkJDDu2WTe+w$GTw8qcA}(5~fhv7hqJb=V<-JiO(R;=QKZb+x6I4ce;afAv
zbx(i#4-J<e2`;8HW}_w%LS9>!sY)6@5~{Z4;EGWiPy$6mMNaORIUrYe9a&<Rx0X$Y
zeEbAtD)*W3=H%ww=J(C@&E3tz&2ydyFQ1Ne1>4lWq$s>#5*FvD<0t``N<3n8fXg0y
zedfei*jHq^2(OQlsD;1--`sQ<GZk7dD-W|j1@Yn~XBL%Sm**d=$|>pzX&U+#6|au`
zTB+__8Sl(Z44&`tL6Z~md8gNKfd!|uJ>u^ei%!u$^;r#c<R<08HIF=2m=dxJ2BK5+
zUbJdVc?^E6W9&#QXI$(v2BgpjV(cmURuqM)1<kqDD~^_19}g$LEFACp@oPfvJ=pu|
z!(FF~D*`OIo`4pQGRD5oamov*S;{)l!`8*+p(3}|vfDh*Y=AI=jaR!m71m!-(cRI}
zaj>!7ecq}Ri>4ulgK;NBrJ-imya#Z<%&7`3mosBqE6!e2eq*56EkHCLIW#yG9r*Sp
zT5Xu`@h1TK(L*Cl(}141=s<w2y6eD<PdWWfuki~(LYeHk-x?^EwTgPmD=a?c-cBPQ
z7ZH;Oeoc^-A^!S@R}jM`E+uuN^ToH{Y=zj4z@!vve`ba--KhbT+GYsVGf|C#lBxk)
z1nZj?{>PQTY-Tbgn)04YA>YRUij`$J<!mTzIbKm>q=y|FVDVI74h)D8D2>(nI}uWH
zt24|D|2gQ!ad5dz9n+-YP)YXiLHc`@cLeV%O`Gi|)?LFU$Emu`pF@~>C1jwsMBIY}
zP(``82msUpy?EO~&XDffo!-vhY#I`{6hhqI<yB*>VAw)`ycA4z6c=|c-q_scF|gz`
z=fAc;$tVr2j-Vl?hQL1m5}&PA_<j*yQs|2MPPgW43`?tlAHo!R!1#~ZazNi?fw>Ui
z_f}u1#ViZq>KIYMGUVylWiILk$HOuz0^bo}gwr@w1e+`sY|(=^AFTe$apH*pfsWs%
zF+i0_SSDzs+dn_9tPLwU)^*me=;RW|gGL;Ts>9M`i^0zUX}v{gp0&y(moB^nP3kq9
z-JAt6D8HNbE(Jp;_{%}iEv4Et(bAthAUC_jFjqI<LerjY`EGB-e1)xo%Dhu?W39!j
zRAXN$6|U$CnR}&x6fhGa5><{<X0s8KUYqA~ZRNbA+w6v|<;#@^h0=B(K=2YCC{RfH
zg@7DcJ=%^!r_|=_J5ACXj*=;4Q!M`_Y~NoDp0=Xw?aKktUDPR+_c4=vZ)cAZ#U0%d
zk5e-qKVPl6QBeCO<h={FP!2GyvSHP_Q-|5-_I0B}3kG=C@n~u7L6elio^!<mbij<w
zEeHs-<EifRSj$)`7~)#KVlx|DtW|4Ng!ipxz0xT3K&luVrj~KF9rnbX@4CCj1|F6J
zx)43_QH)X=N-mq5%v*LAYXobTFY9Y+n<93*?C0HHIF%TTKA9MAL~ly-WSfWRj_!*2
zRnKH|`?5H^#m0!s;x5}H`G*|b&(HOm4Om7((gzdFi#T6?{k({wvNr8q0tngDb|nZz
z>6Gf@2^}bxdJ7U`&*9+4BOQfqeNWITdG2V^VtTb5BQkA2SEYS8KjM+@r8p+05_1*!
ze19R1&hmTzfReW3u8=cHq1wl`SBRgA%_0?Qn74|7`Q#N#mmEzFKNoSDeka%VT9f)M
zi3i{Gu@(MY*KM8+nL&KWOc3*v{;eZ{o6+(;x#VlrQ`V=T2$dIlEiNLSuHD^~bv$m-
zCp#ntQxrT_Y2}q>i)2RSI4zhX2ydT23a)X8@hIvsC6Dc)@<fw4HpqQn;7d)e7L_b4
zI22c5@(XRCh4n@=P*4uTr-dE`ULPFgGWB8y*XoPG--C=IqC2A4oUS((uPWv$%W|Mt
zltQelO}AYtw80`?2iVwR*HZ`jFvK7&Ra`6v!s6A~RJat3W-hMd^{xP*&)dTd-}t&F
z1u{!C$NCjNw*8tH$~H-MqD40kjy(v`$SPfICN2^-R|I-yxr3>d{1QL?(BUeTO0;;+
z%R*~z6c^CN-MS@A(`x|5{wQjmsr+;5z3DX7zVYlLMy#ok*v`=@VQG|1{85P?apnhu
zy0sqW=GOp~9{D7E`IOREjPq*^W&;%|^%!;e!<7>`b%QCc$nS%A^T!%HosEUX$M~XK
zL;D!U_3pzp#hD$(reP}Y3bTVZM3$c*P#3orY7J~`QZswD7B=NmLOI}+BIR=O{=X~Y
zo~YR_v27#3QVd1?mhF?rrI}KBrb>Xbq5S4U!FJ&IW0d3q8+>sjce^`Z?+^!X<p+q&
zZ383u2936zDGyO~CY{H%(_hf|D?kntQMjWl-yDk@`MX*~e}Zs-&U=@GW86?wNBDN0
z?^lzRFV!#V>fTwbk?jh3f6;y5&>5OI?nsFvrs%&%#&77%UP!cz{%hyR@#9EEW_MGv
zd)Kts@-dCyPb;Fr9F>%tgCZtO=2g7{tqo2y2?2-Y5*@f!beR2c<cWa>vP4~D>tS!r
zWY;S-VQSBTn&MlRPj?DxM(rjzDc;8j)UP&oy$0v3pC0C&-Ca0ws6Bl0D&E+3C=bdM
z9SWEt4!+UC7$PKFO7PnzEAK((4>i=3iPM%a^;Y{S<`3WZRn0B!WMRthaJy1gbP$Zz
zX=`=?yfB8R-SiMH*z4p<r5UTcYaF5gCNTNR!_e4|r$%?ZO^C^{gX@qDqp?;KxaRGz
zM4Fq>yJma5!h<u<itMkm1xs)H=y{NZdg-q@{Wm)LiXF^FEwonAv&b$#Ud3+8Wfn<^
zVY$o&W;j%Bo~LptOZY;AiKL=ewW$i*cD`Xu=*J!Nv%txC>{N#~=3df^i0DiwmZ%do
zkTLPcFlDOKLOXFlh#J?Mq=O0Ru$c5)k5Q=~$@D-;$?U_{qp>rI<>OR7a~k>C-)u8e
zr?x9OpoW18yAntA^xHi?Ib&iix-PE5^Egn$0b@jk{lNJyM{d?jqvIXlFPXwK-lHJ?
zSC@DtjjtB%#wfHJ2;QDLIJI9e8aL+)8ko}lCZ0H)&%N6i<0Yr(Vrvs+t>fYT7{4++
z<y-oygv##uulC$alk<>`oX7LuAtDxECISDNstwl~i}koG*xAZF*@R+k7A0gWs58~$
zTghb}(-S^HCHB?crl<fZHY`-~PQytnpo)&|kHuY7AzM4fZ#j))JL|CmX?Yxl1NgZ!
z3zr6|_-qG9ZWPRkG$&7OH3Om2FO`D2nA5OhazNbCEC+_LV0l$x=i{2<@gL^arEwlZ
ztP@SvA!`TQYjy(ZgDO&J5E)CYhK&TgVWVbxPHs{lR<-zTt2nm!ELM9V_;ToIcb*r}
z%_VQpyC1vhOgs2gVLdY*4=?#Ti<c3{CFU?a>K`_Ju1~3J?z~B_OhN+7o(nQBicu27
z)$ab0f=y^Y#3B$rs$h7t(u9oJ-E;nc{%OJ;POUg~^<LY+`-c$8h)j>HP)(*^!urt`
zotwhU`z}BYlTQ-OrcxWQ*xtTI?$Yn03K|7lZe#;^^}m%8Zo*We)s$h>&P`{u>4N5t
zVovQ-yno_5;Ixw8v;xkZ914h~`lQN{lBxN%{CVButIF~)M2+PPvQ|SFp<3cby;=sA
z$tN2H7aO5!z==Pthzs&50pp$P*0JI(wsKE9T=)@x#%glMn~zj^(Q$nI4M#<1(ibg;
zhSxGlIWKL1LNuC%trKU*t$CyKnGCE~B}*&(sKnA{H6~rx_KG&phiKx~Kn&{u2O9jX
z|FM8Sw_-F4(ETfJ(QF7Q0p-YsNMcN>f2&Otx!)qSGtqm{FA3MiqdI@?#6i6J(bm1k
ze73G{jR9cR%W|L!qgp{<7>7b<JgD~27pf*qb^Q+_Pk3H`pSAh2-Jch4+(+Ql-hqkY
zOAz!nZ7|)XlT%@(?8C-rH{yg?qG(iS@y(8a`-4I!%XKr~(T<<h#i|{VwFu3Rkgn%u
zN?bMu2H2@}?wYlxGyJ_bbtjD7&mdTmiM^^Rr9CfJSuLg?aR}2Ohzi%pGE1}{|84-i
zGl_g8;xSTI`ltaBQbo#8Isq+^AW&)_dzAU=h`OCi*_@fZisa)##1AZl+jM>c6wAe2
z>Et*+u{v_^CKQiGtfxN9G`W0OzmnbkhwIO-#ibqss7+rhgMcG5+A*aW$SM1gn1^ZC
z^qfTcLN+U?WrFP$pQ>`o$d`fSXOi2z7Nvgf!h-JH*9^|H-TRjW`_sIbofd{OUD+Sy
z)tOKe!&*KP@hn4POBX7KkM_lQ<o4UH;V)l58#RF_mZMWvAW3B|-EFk3!5O~i0Cr|P
z<mOin?zM*5LJJ5s3eDX!8;8<Ov_eh&QX)iL$0#K-v&w;_h{^;O4=ZnTpRu1aW$%8o
z$5;9~<$RT|=H+Gh`48fa>LctJCg32TSWbAMoAEwMDr@4(-BX+WJJ32z)r_)6GXan3
z(cXeMMgz~s?U~_M>trN9N(p52Kij_d8y*LqGU>>PDjYRViO(nmJbt#x&%#luPrs#a
zph*g<nF<m3pz~E5-`Vltf)bT?n9qaE`AB^!fTn8h1Yb70<%IXWa>5?AZOBlp#)-p*
z=kh&4=sBosJUj9*q-N|wCZOXw)%f*K2Y(dR8JD<GC{~`epXS^diu^XUv&b1O5beIs
zyK)QPS%wUsy#;FVDL!W2Q%p+-B8QNT(g<qk;f48PudYOm#+|j5(jchy7w@Du)Mj81
zPmtF8=1Umsl6cAFn>deW##I5Q!6sbVL#3nh3hSK42U7$nUpvW{@hG@m&?jXF%jOS#
zi9J+qe-Sl*T|S}3XXD{GRK%wdVOW-W(+{ngDj#j7L{S5}*GgSDmeDI%KAVA#xquei
zbZiy4))mnE5tkthPvn+|CbqHGf=GR@TfhT8XSZ2F0^E{!Ud~fpUbtPNiOtVBC>MX<
z;Y6wpw-o_Lr;IqhsJn62e)wk}F%JQTdb>2sg*k<Yhj!w`Cw8912?|H1-ND~9I&pb)
zlNEK<?2p=YTW{kw);VkQ>BrN?g+`7Ffgf^?3(8bHR-orpjhizQ8w}&T)j;=xsp`YN
zu2x=(nm7~2i&&(JeVo_i-bFJNETU@VkqwF;%Of>l_A5Zmeg0YU%V_!A<?Qozk5ucG
zu}mKWASaep?f#HGag&vekkE-2n*l@XYF=s<$n=dc7UoBR_!sc%(T7b<u1D)XA9PVW
z#}G$f0}52>e|b(=SYPvqXrg6by?LhBepY`7jdb+LqoU(*7-|<-vUU}J1G<XK9M|c|
zc%Zftm~7C)pu^<+1fiU{Z$+`5fcp61qPoWm5oN?A=JNC+<~>A>Rcu$&@)0|lMI=gK
zv}GmJSL_QryWb=&rhopWqB_I{EmqTZm_;W&+GA@-*ZM2Zxq)JlB;AOcS{wH@Yz0z*
zt<6&8vH#{vHs2uFgvZ!{G?juj6k$Ou#(XIYa1gh+_wStjm4yKWMw%Gly-gRw{#>C6
z!?Xd)!W5w{w0~g!3xGKL24p}Kz5ahD1d`r(D}w)n0XB0$rZRw>zy38SE(w@DtpMbc
z%*L&lI3z&y%t%d=KKJJ{`5u$#W=a}TavDl<Pma@TSc+S6c~%1nDGg=GX9Y|j_k}Yu
zcT;x@cWZZBcL#T8cQ<!WcOQ2@N@OmQP16oOLoVDSL0LS$VKrFux)gug-E9+Y;o06|
zNolj!nIq7T&;*qG*Vfi7ExmwJTU2C}mZK$n3aGZ@Zy}7|{1?`NARj;U0sm7`@9g`@
z?XyAOvgKs~7E=WSxcr{Cst3gNmWmLlfAKxeFY!gbr;lh5iFmfM_x!4ReEBxoJva0k
z5Lz)|0z&r1gj6Gf{GI~Z0|fuy59VJ4rf}W=p!4!6@GO!gMekAeO!j^@2E27O+8z2V
z`<|_pfmTb!gtr3awKrd9_%3;IwPvzua|GZ4mSO+p5(sb1Ic}FXc}n!Qj^_)VlLz;_
zGjP__li|8f(9RcjR6CTRaJ7Yni1+`p+Nvc)w}BG?th3eNOP0X0Iq2x<YzOiG_4Zji
zs?Gb`$BH2P)lZD3utgQskI3$+t1}>LRcA13fe!Eu0t>t={xb-crQ%fa_#YDNKP1p~
zZt~a7;fHx?#g^#*bhiv*Jc5^e<C%d3w?#sFc4x#Vauqh7FXl8;P3$jprk?Uv%S;uA
z-j|;Upabaq^v_cO66m@8eAat|>}{bp*u|bJ_VqR%c068tYUi9!*B4a<jPF>2BSQAy
zR(sO&LCsUF9!`k?Ly>+U7RuXh_$TS&6@rhF%POYcqXO7$V!MzLFP&l{C+bBaH}_+4
zH5&16kW|w&U&wOh6C={6)CfFiI<O2l-k-y_=YpnDRKJ+|jRbjK=BPX#kHsv*gGO(u
z-}4~=1*7h6zmACLy~-Ny&n%6{UBUl)WC0c6R0GexYnerNw=WXn!wXe2HM!gnra~Jz
z4_usaXv=+9%HP|)YytHIQokZ&XzKQ&eX0MI0zouUlPesG_OI$Grd=>ht^@?NkeAZ@
zKRWrkch12uv)cpsK%_nKkt54QWN$dgVY%U|EYR;a&}iX*J`f1xY<Yeg<t-^aYUcdh
z2!=k@7nau<w?Em<`9p0si(^gyLy>Kqp=m-+Ho$|Ey~i|s%mSl%VQI9awzBT(1>c2m
zbjs%KAxtmE@Ae*t{nPBq;8o^A(wHC=v9Bwssvp}#Jy%wHhYjvKLbtw@K4O73y02|V
z-A&!z1m04g)HyC6YzN+bM0E36LHYoRPvQJg625V0LA8jNyb89E2d5$M6sN81u`aCp
zJtG2(ypYbgZyAE+OX6~Y_@bJ6`t#GX8oVa&0Yw<lBs&SzWwnY%z!!~pZ5ptY-so)#
zvVXPT<JZu`A9#W{rQ;b5M+V|E>kIFkS)kZdq6@mqkQh@cVT8Hvf0#E-5NI(xhL+DZ
zvK1rj+tS<K?;DrHBGw}Yky)-;_!FAQFXdQqH+fO{p>Uk{Ap`7G9W};7vuQRv)f&p#
zJlYwe<}{!zQEF!MT<rpW>N<~$&n6ph0=jwurscUp$@ncp-v)=#O)+FZC(h$;hVAaL
zzZm+2Tn`h2e2l~5=@jr7&95adB>Wo3E+@^UqGcrR{8YE~NTq@8s3i6x5O)ma6gQyb
zf17@sBuv>g&r*(2k-g7C^zwk2kcz#hM!pWI1}mrV6l87(6hRG=TQnKWYC&a-^$y+V
z-{<9eD8%A2MCX~ZD~iX17+78(Q<D*AT^B=G?KXl^2!zwS`#+?di8S5KITjNcZlv!?
zv<G|_1B%|QI$7<(o%5AUf)iJF*JoS28)Tfur@(`tvM|+;!t=l}1P0DsoDXQ(%{bTt
z&&&V{oN{jyf-!%2Ngq@MYRv(~P)sk1`(u*GHKZ><SJJ4vDb^CoRf6<lxC=+Nfm<F}
z6L|tqI5?5~7$I?hsONUZ3Hrih>QSIx%K_oi8<|7}Rqloa)`7gDRBdj#J%B061X|%=
zjGnbzGBZOL4cS1PdWS<5niPEA=XJ{`L{RAqKpA`D)qTEIuyI$tUPd-g$DMHgmxb{m
z^4HLVF2l1^Ac|yb>l@~B4H1QT^IyX$Y!Y}J@L$P{6Kfg+t;m)e_>Z_*d4zlO!3{na
zGV*FSyF13l3vZ4N0_}OcuVd=Oc_=lZOPBT272D<3*(yLQ)cd}6l_-kBpxnz)G#4s{
zf`Wn~)sOmhjz+IuZAOx^;Xe|5Lsa|aPX#1XArCCMDo@Wer;qxJ^Jz_E0v7y{3llgh
zx#pQtkY{xxB5@0$+3{<>t50P{2X;y;wATYIAhs5}*>@GtzVT`xS1B=ge=#3>?&yE4
zwUp9szn)}NXe+L0<~kUzVNUQ!n23^8jQ>yPmfv!TQ-D+soT`gY9dcIrL^UrWA|h49
ztNikA2_c0w2#vA*W0j&j(BNv+m^AxpvKx0o?AHWT3?~PlrYp>(uej)1u-ij^eFFC;
zRgrisln}`eP)cx|0&ifVzPhbGA(kO)zyf)%D8^(Q8&I0~PoRVz0}iRy_qIU8oMmC~
z3(u5kN@&!!5m~oQ$o2L0*qHj70>6}xv2iA1BlzAijxuO5v2q*B2M<bmsXz7l7CjTf
zRkq)1lfxY(%$(P`eyra+?Jkt2-)f~*hCmI#HDb(qgOmA5-Lc&i(ldKGv>gMSjX6c{
z&R_AW(r$*+Qr>fSsl{N*4R}^3q`oKtG7t&Pe90^ChG07}Tnwio#6yG-Y5@b__DDt^
zKp<EQrQ`zNDMAl~5ng)n<sf#0&&oClkJ+?K)lUrn#C{(O1nMVlBU(h<&O-66D>J`|
z#AG;7sGzvJ-&%eN_9yF6ZGDSAHHn-2zk|{dCPXpwVYPU`>POJP6ujJ%HtL9qpI#G2
z(R-Kcn+$mTU{`u;h#2`Fyg~B~$`mLc1Jv6>58D3PNp?s-C3F<+pAiao^qt%ZClFK6
zm}EzaeL4R#@ZJ|SuAlw2{HJuT@_+CBA7}^nXP`#Q5D>Veuo8F?nK=K63I2H#;P4EM
zzc>63u=9^l4^@|5jsE+@{)*h<G>8u$5|`Ls)%f{ebeI>ZDEY&_3q_U2<T<Z3auiAv
z{Jdxsl!S~74)DWfBwqP+htM8O=<+ysuZFWFG=?1b{DBbv&A8~mBf9Ma#*F9_>7Vzx
zIm@ia*dNIiIzZtrxlpWBF0sil8gnR9A>rRbB>GPw{sC=Y&7r=g(uv+g%n)KuWtnE$
zLMgRVAR5#C`|IcYs!$XE5o)ijvk3*4Wf-F0jZrl)k&ju2*P{h=@{-*(lD#Vq6nk#$
zIB!EKjRuj&8Z;#+BvW^oI29{|as}DaKhg!A)M}I&*2#gT$vNw&B1)qcd+C2hex{a=
z=8st$$7im5kD{QQRQ7U0Gd!z0a?3-qGD1nGVknj_MNZ3={hW1bb!~iS+g}okjMD4v
zf#|<EPBCq!+BCF@hx>JetY57i&x1Dc3u`4`K49_o5yj*$ct9Vw9!?qVWa?o9R+}xS
ze^>mL=m1v_jVH)6`sz*0w#{R`nR+ZE$HjQmVKbH(CQPd2x1FQN3@kZPM#J?4Dg3SY
zx*^hE%$!VP&TZJgPPq?NzdvUsUQsR-vlfm1OWprxP3i8FhcRBt#%eWXoO=jax$MpG
zgkaMn%a_ELJR>R-nM2PfoTyQL)dJ8~)9GAfgQc?ju;)bP4IWfqUzaF76yoHI9RyBW
zN{c6EFy(o9d0nvy#$<?uRFOM>OG&S-Eiv4tx6GWB@9Bi{$A5E<2i#gr{%I9ZLUpNK
z*`css5zD$yV^Rt&rJcx`e1T_)b*1`rkws7>ct6{ez1?h?VrqOi1stmC=O(vhQ=vwE
zU_x?e;-%(FKG^j@krpjY`Yq4!B<sI916mYlXDW5%lL^7RAu;BR9tS7UEjNiTlB<$K
z7{SorT4{+C4(+cveD#^f>Y*_8SgaPI775{AbVB8!&-Mb0_q%3%Wio?nRPWc`uc(Q^
zv}c0x&A{b}k5qm)L`BV<?b1Vr|C?!H`M)vSb8kav=YYXp8X82x-`?Pr=$ScOe9i9S
zjcz|Eoc$fQB!51d!P^9^GV<!k%wA2K;bHSd-@G{+dx3n0zIU$Xbe?K_m=ncu4g;q2
zz|<{ux#Hoi?iQtmMH;a;AEp6DZ|2|4oU-`lXr7`r@0;unv)0VN^;H)N!8->9OSh?v
zLq$gvqj`V1y#Lu+6A;In4`MK#{gvLI1n5n~w0;ar*~8_@RQT`R9FU!0nOE3+u%;*!
zm&(%o?_Jt`mQ??*Y0iIjGt&mJ$|RfY|J6Vbnk&1xS_eNKVoz1<0-@obeCtNe_4PsD
b9YL%V)y*(HO(^icV2~8$RAtMhUk3jVqa`Y!

literal 0
HcmV?d00001


From 5d0f7ede3e244827d577b843c938c66774799e15 Mon Sep 17 00:00:00 2001
From: Tristan Scheidemann <tristan.scheidemann@sap.com>
Date: Tue, 16 Sep 2025 14:06:08 +0200
Subject: [PATCH 05/10] Update SECURITY.md

---
 SECURITY.md | 75 +++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 56 insertions(+), 19 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index cf14385..822caa5 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,31 +1,68 @@
-# NeoNephos Open Source Security Policy
+# Policy On Reporting Vulnerabilities
 
-NeoNephos takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, including our primary [NeoNephos](https://github.com/NeoNephos) organization as well as our other GitHub projects.
+## How To Report A Vulnerability
 
-If you believe you have found a security vulnerability in any NeoNephos-owned repository, please report it to us as described below.
+> [!IMPORTANT]  
+> Only report vulnerabilities via the process outlined here.
 
-## Reporting Security Issues
+### Determining Criticality
 
-**Please do not report security vulnerabilities through public GitHub issues.**
+So you have found a bug or vulnerability in the software of one of our projects. In order to determine the type and recipient of your report, first consider this diagram:
 
-Instead, please report them via the CVE process (the process needs to be mentioned here)
-If you prefer to submit via email, please send an email to [secure@NeoNephos.com](mailto:secure@NeoNephos.com) This is just a proposal for now, we need to add a proper Email later.
+```mermaid
+  flowchart TD;
+      A[Reporting a vulnerability]-->B{Is it a serious vulnerability?};
+      classDef blue1 color:#022e1f,fill:#00b4d8;
+      B--YES-->X[Does the project have its own security policy?];
+      X--YES-->X2[Follow steps outlined in project's security policy.]:::blue1
+      
+      X--NO-->Y2[Does the project have GitHub's vulnerability reporting feature activated?]
+      Y2--YES-->Y3[Report via GitHubs vulnerability reporting.]:::blue1
+      Y2--NO-->Y4[Does the project have a security incidents reports mail?]
+      Y4--YES-->Y5[Report via security incidents mail.]:::blue1
+      Y4--NO-->Y6[Does the project have a security officer?]
+      Y6--YES-->Y7[Report via security officer.]
+      Y6--NO-->Y8[Report via NeoNephos TAC Chairperson]
 
-Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+      B--NO-->D[Report via GitHub issue in the respective project repository.]:::blue1  ;
+```
 
-  - The repository name or URL
-  - Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
-  - Full paths of the source file(s) related to the manifestation of the issue
-  - The location of the affected source code (tag/branch/commit or direct URL)
-  - Any particular configuration required to reproduce the issue
-  - Step-by-step instructions to reproduce the issue
-  - Proof-of-concept or exploit code (if possible)
-  - Impact of the issue, including how an attacker might exploit the issue
+For non-critical vulnerabilities it is best practice to open up a GitHub issue at the respective project repository.
 
-This information will help us triage your report more quickly.
+<img src="../assets/security_policy_open_github_issue.svg" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="300"/>
 
-## Preferred Languages
+A vulnerability is not necessarily code and can also be intended to mean vulnerabilities in processes, tools, guidelines and more. 
+When evaluating a vulnerability for criticality, consider the following:
 
-We prefer all communications to be in English.
+* Does the vulnerability expose users or developers of our projects to significant danger?
+* Does the vulnerability lead to leakage or loss of otherwise private data?
+* Does the vulnerability adversely affect the secrecy guarantees posited by our utilized cryptographic primitives?
 
+> [!NOTE]  
+> Some examples of critical vulnerabilities:
+> * A function uses a low entrophy source of randomness to seed its cryptographic primitives.
+> * A text section in a publicly available documentation includes secrets like passwords.
+> * A mysql database handling user data is secured with the default password.
+> * A TSC member is known to work for an intelligence agency of a state.
 
+### Reporting A Critical Vulnerability
+
+Vulnerability reports propagate upwards in NeoNephos, from project to foundation scope. Therefore, when reporting a critical vulnerability, the first step is to review if a dedicated security policy is available for the project. 
+
+**NeoNephos Projects With A Published Security Policy:**
+
+* **[Gardener Security Policy](https://gardener.cloud/docs/security-and-compliance/)** and **[Gardener Security Release Process](https://github.com/gardener/gardener/security)**
+* **[Garden Linux Security Release Process](https://github.com/gardenlinux/gardenlinux/security)**
+
+A project specific vulnerability reporting process always takes precedence over the general reporting process outlined here. If none can be found, check if the organisation has enabled GitHub's vulnerability reporting.
+
+<img src="../assets/security_policy_github_vulnerability_report.svg" alt="GitHub's vulnerability reporting feature." width="300"/>
+
+[Reporting a vulnerability via GitHub's inbuilt feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability) is a secure way to privately diclose your found vulnerability.
+
+If disabled, check for security disclose e-mails or contact details of a member dedicated to handling security reports. The latter can usually be found listed among other Technical Steering Committee members in a ```OWNERS.md```.
+As a last resort, [contact the Technical Advisory Council chairperson](https://neonephos.org/technical_advisory_council) to handle the report.
+
+## Related Reading
+
+* Our Security Policy (in the works)

From 8b88ec3a48d7457a0084e8bbb2972dbb9d3dfcd1 Mon Sep 17 00:00:00 2001
From: Tristan Scheidemann <tristan.scheidemann@sap.com>
Date: Tue, 16 Sep 2025 14:06:58 +0200
Subject: [PATCH 06/10] Update SECURITY.md

---
 SECURITY.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index 822caa5..e809a46 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -29,7 +29,7 @@ So you have found a bug or vulnerability in the software of one of our projects.
 
 For non-critical vulnerabilities it is best practice to open up a GitHub issue at the respective project repository.
 
-<img src="../assets/security_policy_open_github_issue.svg" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="300"/>
+<img src="../assets/security_policy_open_github_issue.png" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="300"/>
 
 A vulnerability is not necessarily code and can also be intended to mean vulnerabilities in processes, tools, guidelines and more. 
 When evaluating a vulnerability for criticality, consider the following:
@@ -56,7 +56,7 @@ Vulnerability reports propagate upwards in NeoNephos, from project to foundation
 
 A project specific vulnerability reporting process always takes precedence over the general reporting process outlined here. If none can be found, check if the organisation has enabled GitHub's vulnerability reporting.
 
-<img src="../assets/security_policy_github_vulnerability_report.svg" alt="GitHub's vulnerability reporting feature." width="300"/>
+<img src="../assets/security_policy_github_vulnerability_report.png" alt="GitHub's vulnerability reporting feature." width="300"/>
 
 [Reporting a vulnerability via GitHub's inbuilt feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability) is a secure way to privately diclose your found vulnerability.
 

From 6330fa7068279536899b1d8e7abbbb6ed1bd86a7 Mon Sep 17 00:00:00 2001
From: Tristan Scheidemann <tristan.scheidemann@sap.com>
Date: Tue, 16 Sep 2025 14:08:46 +0200
Subject: [PATCH 07/10] Update SECURITY.md

---
 SECURITY.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index e809a46..f33edbf 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -29,7 +29,7 @@ So you have found a bug or vulnerability in the software of one of our projects.
 
 For non-critical vulnerabilities it is best practice to open up a GitHub issue at the respective project repository.
 
-<img src="../assets/security_policy_open_github_issue.png" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="300"/>
+<img src="assets/security_policy_open_github_issue.png" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="300"/>
 
 A vulnerability is not necessarily code and can also be intended to mean vulnerabilities in processes, tools, guidelines and more. 
 When evaluating a vulnerability for criticality, consider the following:
@@ -56,7 +56,7 @@ Vulnerability reports propagate upwards in NeoNephos, from project to foundation
 
 A project specific vulnerability reporting process always takes precedence over the general reporting process outlined here. If none can be found, check if the organisation has enabled GitHub's vulnerability reporting.
 
-<img src="../assets/security_policy_github_vulnerability_report.png" alt="GitHub's vulnerability reporting feature." width="300"/>
+<img src="assets/security_policy_github_vulnerability_report.png" alt="GitHub's vulnerability reporting feature." width="300"/>
 
 [Reporting a vulnerability via GitHub's inbuilt feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability) is a secure way to privately diclose your found vulnerability.
 

From 5d775bbb87db4e2c007dfb699c9a5929e8172072 Mon Sep 17 00:00:00 2001
From: Tristan Scheidemann <tristan.scheidemann@sap.com>
Date: Tue, 16 Sep 2025 14:11:06 +0200
Subject: [PATCH 08/10] Update SECURITY.md

---
 SECURITY.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index f33edbf..caf22c8 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -29,7 +29,7 @@ So you have found a bug or vulnerability in the software of one of our projects.
 
 For non-critical vulnerabilities it is best practice to open up a GitHub issue at the respective project repository.
 
-<img src="assets/security_policy_open_github_issue.png" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="300"/>
+<img src="assets/security_policy_open_github_issue.png" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="400"/>
 
 A vulnerability is not necessarily code and can also be intended to mean vulnerabilities in processes, tools, guidelines and more. 
 When evaluating a vulnerability for criticality, consider the following:
@@ -56,7 +56,7 @@ Vulnerability reports propagate upwards in NeoNephos, from project to foundation
 
 A project specific vulnerability reporting process always takes precedence over the general reporting process outlined here. If none can be found, check if the organisation has enabled GitHub's vulnerability reporting.
 
-<img src="assets/security_policy_github_vulnerability_report.png" alt="GitHub's vulnerability reporting feature." width="300"/>
+<img src="assets/security_policy_github_vulnerability_report.png" alt="GitHub's vulnerability reporting feature." width="400"/>
 
 [Reporting a vulnerability via GitHub's inbuilt feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability) is a secure way to privately diclose your found vulnerability.
 

From 0096f5085a42e82186c7c160d28ae4cc9a541044 Mon Sep 17 00:00:00 2001
From: Tristan Scheidemann <tristan.scheidemann@sap.com>
Date: Tue, 16 Sep 2025 14:11:32 +0200
Subject: [PATCH 09/10] Update SECURITY.md

---
 SECURITY.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index caf22c8..1977986 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -29,7 +29,7 @@ So you have found a bug or vulnerability in the software of one of our projects.
 
 For non-critical vulnerabilities it is best practice to open up a GitHub issue at the respective project repository.
 
-<img src="assets/security_policy_open_github_issue.png" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="400"/>
+<img src="assets/security_policy_open_github_issue.png" alt="Reporting a noncritical vulnerability or bug via GitHub issues." width="500"/>
 
 A vulnerability is not necessarily code and can also be intended to mean vulnerabilities in processes, tools, guidelines and more. 
 When evaluating a vulnerability for criticality, consider the following:
@@ -56,7 +56,7 @@ Vulnerability reports propagate upwards in NeoNephos, from project to foundation
 
 A project specific vulnerability reporting process always takes precedence over the general reporting process outlined here. If none can be found, check if the organisation has enabled GitHub's vulnerability reporting.
 
-<img src="assets/security_policy_github_vulnerability_report.png" alt="GitHub's vulnerability reporting feature." width="400"/>
+<img src="assets/security_policy_github_vulnerability_report.png" alt="GitHub's vulnerability reporting feature." width="500"/>
 
 [Reporting a vulnerability via GitHub's inbuilt feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability) is a secure way to privately diclose your found vulnerability.
 

From 125c962bac4f194c563b3a5f2377936ef7d9158a Mon Sep 17 00:00:00 2001
From: Tristan Scheidemann <tristan.scheidemann@sap.com>
Date: Tue, 16 Sep 2025 14:12:33 +0200
Subject: [PATCH 10/10] Update SECURITY.md

---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 1977986..5f75525 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -42,7 +42,7 @@ When evaluating a vulnerability for criticality, consider the following:
 > Some examples of critical vulnerabilities:
 > * A function uses a low entrophy source of randomness to seed its cryptographic primitives.
 > * A text section in a publicly available documentation includes secrets like passwords.
-> * A mysql database handling user data is secured with the default password.
+> * A MySQL database handling user data is secured with the default password.
 > * A TSC member is known to work for an intelligence agency of a state.
 
 ### Reporting A Critical Vulnerability