From 8ea0ecc5950023d7866a34c9c4616931c28cb0bd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 20 Apr 2023 06:06:35 +0000
Subject: [PATCH 001/156] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20Bump=20postcss=20f?=
=?UTF-8?q?rom=208.4.22=20to=208.4.23=20in=20/website=20(#3180)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
website/package-lock.json | 14 +++++++-------
website/package.json | 2 +-
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/website/package-lock.json b/website/package-lock.json
index d41a0ad4c..dc727c783 100644
--- a/website/package-lock.json
+++ b/website/package-lock.json
@@ -33,7 +33,7 @@
"@docusaurus/module-type-aliases": "2.4.0",
"@iconify/react": "^4.1.0",
"autoprefixer": "^10.4.14",
- "postcss": "^8.4.22",
+ "postcss": "^8.4.23",
"tailwindcss": "^3.3.1"
}
},
@@ -10130,9 +10130,9 @@
}
},
"node_modules/postcss": {
- "version": "8.4.22",
- "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.22.tgz",
- "integrity": "sha512-XseknLAfRHzVWjCEtdviapiBtfLdgyzExD50Rg2ePaucEesyh8Wv4VPdW0nbyDa1ydbrAxV19jvMT4+LFmcNUA==",
+ "version": "8.4.23",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.23.tgz",
+ "integrity": "sha512-bQ3qMcpF6A/YjR55xtoTr0jGOlnPOKAIMdOWiv0EIT6HVPEaJiJB4NLljSbiHoC2RX7DN5Uvjtpbg1NPdwv1oA==",
"funding": [
{
"type": "opencollective",
@@ -21648,9 +21648,9 @@
"integrity": "sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ=="
},
"postcss": {
- "version": "8.4.22",
- "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.22.tgz",
- "integrity": "sha512-XseknLAfRHzVWjCEtdviapiBtfLdgyzExD50Rg2ePaucEesyh8Wv4VPdW0nbyDa1ydbrAxV19jvMT4+LFmcNUA==",
+ "version": "8.4.23",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.23.tgz",
+ "integrity": "sha512-bQ3qMcpF6A/YjR55xtoTr0jGOlnPOKAIMdOWiv0EIT6HVPEaJiJB4NLljSbiHoC2RX7DN5Uvjtpbg1NPdwv1oA==",
"requires": {
"nanoid": "^3.3.6",
"picocolors": "^1.0.0",
diff --git a/website/package.json b/website/package.json
index 8aac3730a..633bf276a 100644
--- a/website/package.json
+++ b/website/package.json
@@ -39,7 +39,7 @@
"@docusaurus/module-type-aliases": "2.4.0",
"@iconify/react": "^4.1.0",
"autoprefixer": "^10.4.14",
- "postcss": "^8.4.22",
+ "postcss": "^8.4.23",
"tailwindcss": "^3.3.1"
},
"browserslist": {
From dbf14644addd2c74a4f7c7873c3c530b8ec135d3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 20 Apr 2023 08:19:39 +0000
Subject: [PATCH 002/156] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20Bump=20github.com/?=
=?UTF-8?q?aws/aws-sdk-go=20from=201.44.245=20to=201.44.246=20in=20/src=20?=
=?UTF-8?q?(#3181)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.245 to 1.44.246.
Release notes
Sourced from github.com/aws/aws-sdk-go's releases.
Release v1.44.246 (2023-04-19)
Service Client Updates
service/comprehend: Updates service API and documentationservice/ecs: Updates service API and documentation
- This release supports the Account Setting "TagResourceAuthorization" that allows for enhanced Tagging security controls.
service/ram: Updates service API, documentation, and paginatorsservice/rds: Updates service API, documentation, waiters, paginators, and examples
- Adds support for the ImageId parameter of CreateCustomDBEngineVersion to RDS Custom for Oracle
service/s3: Updates service API, documentation, and examples
- Provides support for "Snow" Storage class.
service/s3control: Adds new service
- Provides support for overriding endpoint when region is "snow". This will enable bucket APIs for Amazon S3 Compatible storage on Snow Family devices.
service/secretsmanager: Updates service documentation and examples
- Documentation updates for Secrets Manager
service/securityhub: Updates service examples
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
src/go.mod | 2 +-
src/go.sum | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/go.mod b/src/go.mod
index f33192cf9..9e67d0494 100644
--- a/src/go.mod
+++ b/src/go.mod
@@ -8,7 +8,7 @@ require (
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.2.0
github.com/alcionai/clues v0.0.0-20230406223931-f48777f4773c
github.com/armon/go-metrics v0.4.1
- github.com/aws/aws-sdk-go v1.44.245
+ github.com/aws/aws-sdk-go v1.44.246
github.com/aws/aws-xray-sdk-go v1.8.1
github.com/cenkalti/backoff/v4 v4.2.1
github.com/google/uuid v1.3.0
diff --git a/src/go.sum b/src/go.sum
index e77a40b65..2988d3484 100644
--- a/src/go.sum
+++ b/src/go.sum
@@ -66,8 +66,8 @@ github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY
github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
github.com/armon/go-metrics v0.4.1 h1:hR91U9KYmb6bLBYLQjyM+3j+rcd/UhE+G78SFnF8gJA=
github.com/armon/go-metrics v0.4.1/go.mod h1:E6amYzXo6aW1tqzoZGT755KkbgrJsSdpwZ+3JqfkOG4=
-github.com/aws/aws-sdk-go v1.44.245 h1:KtY2s4q31/kn33AdV63R5t77mdxsI7rq3YT7Mgo805M=
-github.com/aws/aws-sdk-go v1.44.245/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
+github.com/aws/aws-sdk-go v1.44.246 h1:iLxPX6JU0bxAci9R6/bp8rX0kL871ByCTx0MZlQWv1U=
+github.com/aws/aws-sdk-go v1.44.246/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-xray-sdk-go v1.8.1 h1:O4pXV+hnCskaamGsZnFpzHyAmgPGusBMN6i7nnsy0Fo=
github.com/aws/aws-xray-sdk-go v1.8.1/go.mod h1:wMmVYzej3sykAttNBkXQHK/+clAPWTOrPiajEk7Cp3A=
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
From de1ae9f30a3160459e20f5bc7fc0f20413b95a4a Mon Sep 17 00:00:00 2001
From: neha_gupta
Date: Thu, 20 Apr 2023 23:31:12 +0530
Subject: [PATCH 003/156] Shared mailbox (#3106)
Handle user's API to provide user purpose of users
#### Does this PR need a docs update or release note?
- [ ] :white_check_mark: Yes, it's included
- [x] :clock1: Yes, but in a later PR
- [ ] :no_entry: No
#### Type of change
- [x] :sunflower: Feature
- [ ] :bug: Bugfix
- [ ] :world_map: Documentation
- [ ] :robot: Supportability/Tests
- [ ] :computer: CI/Deployment
- [ ] :broom: Tech Debt/Cleanup
#### Issue(s)
* #
#### Test Plan
- [x] :muscle: Manual
- [x] :zap: Unit test
- [x] :green_heart: E2E
---
src/internal/connector/discovery/discovery.go | 16 +
.../connector/discovery/discovery_test.go | 74 ++++-
src/internal/connector/graph/errors.go | 5 +
src/pkg/services/m365/api/users.go | 275 +++++++++++++++++-
src/pkg/services/m365/m365.go | 8 +
src/pkg/services/m365/m365_test.go | 1 +
6 files changed, 374 insertions(+), 5 deletions(-)
diff --git a/src/internal/connector/discovery/discovery.go b/src/internal/connector/discovery/discovery.go
index 82a9b916b..069eeec9f 100644
--- a/src/internal/connector/discovery/discovery.go
+++ b/src/internal/connector/discovery/discovery.go
@@ -69,6 +69,22 @@ func Users(
return users, nil
}
+// UserDetails fetches detailed info like - userPurpose for all users in the tenant.
+func GetUserInfo(
+ ctx context.Context,
+ acct account.Account,
+ userID string,
+ errs *fault.Bus,
+) (*api.UserInfo, error) {
+ client, err := apiClient(ctx, acct)
+ if err != nil {
+ return nil, err
+ }
+
+ return client.Users().GetInfo(ctx, userID)
+}
+
+// User fetches a single user's data.
func User(
ctx context.Context,
gwi getWithInfoer,
diff --git a/src/internal/connector/discovery/discovery_test.go b/src/internal/connector/discovery/discovery_test.go
index dd9971b08..4c80ba2c6 100644
--- a/src/internal/connector/discovery/discovery_test.go
+++ b/src/internal/connector/discovery/discovery_test.go
@@ -197,14 +197,23 @@ func (suite *DiscoveryIntegrationSuite) TestUserInfo() {
path.ExchangeService: {},
path.OneDriveService: {},
},
+ HasMailBox: true,
+ HasOneDrive: true,
+ Mailbox: api.MailboxInfo{
+ Purpose: "user",
+ ErrGetMailBoxSetting: nil,
+ },
},
},
{
name: "user does not exist",
user: uuid.NewString(),
expect: &api.UserInfo{
- DiscoveredServices: map[path.ServiceType]struct{}{
- path.OneDriveService: {}, // currently statically populated
+ DiscoveredServices: map[path.ServiceType]struct{}{},
+ HasMailBox: false,
+ HasOneDrive: false,
+ Mailbox: api.MailboxInfo{
+ ErrGetMailBoxSetting: api.ErrMailBoxSettingsNotFound,
},
},
},
@@ -218,7 +227,66 @@ func (suite *DiscoveryIntegrationSuite) TestUserInfo() {
result, err := discovery.UserInfo(ctx, uapi, test.user)
require.NoError(t, err, clues.ToCore(err))
- assert.Equal(t, test.expect, result)
+ assert.Equal(t, test.expect.HasMailBox, result.HasMailBox)
+ assert.Equal(t, test.expect.HasOneDrive, result.HasOneDrive)
+ assert.Equal(t, test.expect.DiscoveredServices, result.DiscoveredServices)
+ })
+ }
+}
+
+func (suite *DiscoveryIntegrationSuite) TestUserWithoutDrive() {
+ t := suite.T()
+ acct := tester.NewM365Account(t)
+ userID := tester.M365UserID(t)
+
+ table := []struct {
+ name string
+ user string
+ expect *api.UserInfo
+ }{
+ {
+ name: "user without drive and exchange",
+ user: "a53c26f7-5100-4acb-a910-4d20960b2c19", // User: testevents@10rqc2.onmicrosoft.com
+ expect: &api.UserInfo{
+ DiscoveredServices: map[path.ServiceType]struct{}{},
+ HasOneDrive: false,
+ HasMailBox: false,
+ Mailbox: api.MailboxInfo{
+ ErrGetMailBoxSetting: api.ErrMailBoxSettingsNotFound,
+ },
+ },
+ },
+ {
+ name: "user with drive and exchange",
+ user: userID,
+ expect: &api.UserInfo{
+ DiscoveredServices: map[path.ServiceType]struct{}{
+ path.ExchangeService: {},
+ path.OneDriveService: {},
+ },
+ HasOneDrive: true,
+ HasMailBox: true,
+ Mailbox: api.MailboxInfo{
+ Purpose: "user",
+ ErrGetMailBoxSetting: nil,
+ },
+ },
+ },
+ }
+ for _, test := range table {
+ suite.Run(test.name, func() {
+ ctx, flush := tester.NewContext()
+ defer flush()
+
+ t := suite.T()
+
+ result, err := discovery.GetUserInfo(ctx, acct, test.user, fault.New(true))
+ require.NoError(t, err, clues.ToCore(err))
+ assert.Equal(t, test.expect.DiscoveredServices, result.DiscoveredServices)
+ assert.Equal(t, test.expect.HasOneDrive, result.HasOneDrive)
+ assert.Equal(t, test.expect.HasMailBox, result.HasMailBox)
+ assert.Equal(t, test.expect.Mailbox.ErrGetMailBoxSetting, result.Mailbox.ErrGetMailBoxSetting)
+ assert.Equal(t, test.expect.Mailbox.Purpose, result.Mailbox.Purpose)
})
}
}
diff --git a/src/internal/connector/graph/errors.go b/src/internal/connector/graph/errors.go
index f3f47da4b..70348762d 100644
--- a/src/internal/connector/graph/errors.go
+++ b/src/internal/connector/graph/errors.go
@@ -38,6 +38,7 @@ const (
errCodeResourceNotFound = "ResourceNotFound"
errCodeRequestResourceNotFound = "Request_ResourceNotFound"
errCodeMailboxNotEnabledForRESTAPI = "MailboxNotEnabledForRESTAPI"
+ errCodeErrorAccessDenied = "ErrorAccessDenied"
)
const (
@@ -106,6 +107,10 @@ func IsErrUserNotFound(err error) bool {
return hasErrorCode(err, errCodeRequestResourceNotFound)
}
+func IsErrAccessDenied(err error) bool {
+ return hasErrorCode(err, errCodeErrorAccessDenied)
+}
+
func IsErrTimeout(err error) bool {
switch err := err.(type) {
case *url.Error:
diff --git a/src/pkg/services/m365/api/users.go b/src/pkg/services/m365/api/users.go
index 9fa76421f..b2916f4fd 100644
--- a/src/pkg/services/m365/api/users.go
+++ b/src/pkg/services/m365/api/users.go
@@ -13,9 +13,15 @@ import (
"github.com/alcionai/corso/src/internal/common/ptr"
"github.com/alcionai/corso/src/internal/connector/graph"
"github.com/alcionai/corso/src/pkg/fault"
+ "github.com/alcionai/corso/src/pkg/logger"
"github.com/alcionai/corso/src/pkg/path"
)
+// Variables
+var (
+ ErrMailBoxSettingsNotFound = clues.New("mailbox settings not found")
+)
+
// ---------------------------------------------------------------------------
// controller
// ---------------------------------------------------------------------------
@@ -35,6 +41,50 @@ type Users struct {
type UserInfo struct {
DiscoveredServices map[path.ServiceType]struct{}
+ HasMailBox bool
+ HasOneDrive bool
+ Mailbox MailboxInfo
+}
+
+type MailboxInfo struct {
+ Purpose string
+ ArchiveFolder string
+ DateFormat string
+ TimeFormat string
+ DelegateMeetMsgDeliveryOpt string
+ Timezone string
+ AutomaticRepliesSetting AutomaticRepliesSettings
+ Language Language
+ WorkingHours WorkingHours
+ ErrGetMailBoxSetting error
+}
+
+type AutomaticRepliesSettings struct {
+ ExternalAudience string
+ ExternalReplyMessage string
+ InternalReplyMessage string
+ ScheduledEndDateTime timeInfo
+ ScheduledStartDateTime timeInfo
+ Status string
+}
+
+type timeInfo struct {
+ DateTime string
+ Timezone string
+}
+
+type Language struct {
+ Locale string
+ DisplayName string
+}
+
+type WorkingHours struct {
+ DaysOfWeek []string
+ StartTime string
+ EndTime string
+ TimeZone struct {
+ Name string
+ }
}
func newUserInfo() *UserInfo {
@@ -193,19 +243,192 @@ func (c Users) GetInfo(ctx context.Context, userID string) (*UserInfo, error) {
}
)
- // TODO: OneDrive
- _, err = c.stable.Client().UsersById(userID).MailFolders().Get(ctx, &options)
+ userInfo.HasMailBox = true
+
+ err = c.GetExchange(ctx, userID, options)
if err != nil {
if !graph.IsErrExchangeMailFolderNotFound(err) {
+ logger.Ctx(ctx).Errorf("err getting user's mail folder: %s", err)
+
return nil, graph.Wrap(ctx, err, "getting user's mail folder")
}
+ logger.Ctx(ctx).Infof("resource owner does not have a mailbox enabled")
delete(userInfo.DiscoveredServices, path.ExchangeService)
+
+ userInfo.HasMailBox = false
+ }
+
+ userInfo.HasOneDrive = true
+
+ err = c.GetOnedrive(ctx, userID)
+ if err != nil {
+ err = graph.Stack(ctx, err)
+
+ if !clues.HasLabel(err, graph.LabelsMysiteNotFound) {
+ logger.Ctx(ctx).Errorf("err getting user's onedrive's data: %s", err)
+
+ return nil, graph.Wrap(ctx, err, "getting user's onedrive's data")
+ }
+
+ logger.Ctx(ctx).Infof("resource owner does not have a drive")
+
+ delete(userInfo.DiscoveredServices, path.OneDriveService)
+ userInfo.HasOneDrive = false
+ }
+
+ err = c.getAdditionalData(ctx, userID, &userInfo.Mailbox)
+ if err != nil {
+ return nil, err
}
return userInfo, nil
}
+// verify mailbox enabled for user
+func (c Users) GetExchange(
+ ctx context.Context,
+ userID string,
+ options users.ItemMailFoldersRequestBuilderGetRequestConfiguration,
+) error {
+ _, err := c.stable.Client().UsersById(userID).MailFolders().Get(ctx, &options)
+ if err != nil {
+ return err
+ }
+
+ return nil
+}
+
+// verify onedrive enabled for user
+func (c Users) GetOnedrive(ctx context.Context, userID string) error {
+ _, err := c.stable.Client().UsersById(userID).Drives().Get(ctx, nil)
+ if err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (c Users) getAdditionalData(ctx context.Context, userID string, mailbox *MailboxInfo) error {
+ var (
+ rawURL = fmt.Sprintf("https://graph.microsoft.com/v1.0/users/%s/mailboxSettings", userID)
+ adapter = c.stable.Adapter()
+ mailBoundErr clues.Err
+ )
+
+ settings, err := users.NewUserItemRequestBuilder(rawURL, adapter).Get(ctx, nil)
+ if err != nil && !(graph.IsErrAccessDenied(err) || graph.IsErrExchangeMailFolderNotFound(err)) {
+ logger.CtxErr(ctx, err).Error("getting mailbox settings")
+
+ return graph.Wrap(ctx, err, "getting additional data")
+ }
+
+ if graph.IsErrAccessDenied(err) {
+ logger.Ctx(ctx).Info("err getting additional data: access denied")
+
+ mailbox.ErrGetMailBoxSetting = clues.New("access denied")
+
+ return nil
+ }
+
+ if graph.IsErrExchangeMailFolderNotFound(err) {
+ logger.Ctx(ctx).Info("err exchange mail folder not found")
+
+ mailbox.ErrGetMailBoxSetting = ErrMailBoxSettingsNotFound
+
+ return nil
+ }
+
+ additionalData := settings.GetAdditionalData()
+
+ mailbox.ArchiveFolder = toString(ctx, additionalData["archiveFolder"], &mailBoundErr)
+ mailbox.Timezone = toString(ctx, additionalData["timeZone"], &mailBoundErr)
+ mailbox.DateFormat = toString(ctx, additionalData["dateFormat"], &mailBoundErr)
+ mailbox.TimeFormat = toString(ctx, additionalData["timeFormat"], &mailBoundErr)
+ mailbox.Purpose = toString(ctx, additionalData["userPurpose"], &mailBoundErr)
+ mailbox.DelegateMeetMsgDeliveryOpt = toString(
+ ctx,
+ additionalData["delegateMeetingMessageDeliveryOptions"],
+ &mailBoundErr)
+
+ // decode automatic replies settings
+ replySetting := toMap(ctx, additionalData["automaticRepliesSetting"], &mailBoundErr)
+ mailbox.AutomaticRepliesSetting.Status = toString(
+ ctx,
+ replySetting["status"],
+ &mailBoundErr)
+ mailbox.AutomaticRepliesSetting.ExternalAudience = toString(
+ ctx,
+ replySetting["externalAudience"],
+ &mailBoundErr)
+ mailbox.AutomaticRepliesSetting.ExternalReplyMessage = toString(
+ ctx,
+ replySetting["externalReplyMessage"],
+ &mailBoundErr)
+ mailbox.AutomaticRepliesSetting.InternalReplyMessage = toString(
+ ctx,
+ replySetting["internalReplyMessage"],
+ &mailBoundErr)
+
+ // decode scheduledStartDateTime
+ startDateTime := toMap(ctx, replySetting["scheduledStartDateTime"], &mailBoundErr)
+ mailbox.AutomaticRepliesSetting.ScheduledStartDateTime.DateTime = toString(
+ ctx,
+ startDateTime["dateTime"],
+ &mailBoundErr)
+ mailbox.AutomaticRepliesSetting.ScheduledStartDateTime.Timezone = toString(
+ ctx,
+ startDateTime["timeZone"],
+ &mailBoundErr)
+
+ endDateTime := toMap(ctx, replySetting["scheduledEndDateTime"], &mailBoundErr)
+ mailbox.AutomaticRepliesSetting.ScheduledEndDateTime.DateTime = toString(
+ ctx,
+ endDateTime["dateTime"],
+ &mailBoundErr)
+ mailbox.AutomaticRepliesSetting.ScheduledEndDateTime.Timezone = toString(
+ ctx,
+ endDateTime["timeZone"],
+ &mailBoundErr)
+
+ // Language decode
+ language := toMap(ctx, additionalData["language"], &mailBoundErr)
+ mailbox.Language.DisplayName = toString(
+ ctx,
+ language["displayName"],
+ &mailBoundErr)
+ mailbox.Language.Locale = toString(ctx, language["locale"], &mailBoundErr)
+
+ // working hours
+ workingHours := toMap(ctx, additionalData["workingHours"], &mailBoundErr)
+ mailbox.WorkingHours.StartTime = toString(
+ ctx,
+ workingHours["startTime"],
+ &mailBoundErr)
+ mailbox.WorkingHours.EndTime = toString(
+ ctx,
+ workingHours["endTime"],
+ &mailBoundErr)
+
+ timeZone := toMap(ctx, workingHours["timeZone"], &mailBoundErr)
+ mailbox.WorkingHours.TimeZone.Name = toString(
+ ctx,
+ timeZone["name"],
+ &mailBoundErr)
+
+ days := toArray(ctx, workingHours["daysOfWeek"], &mailBoundErr)
+ for _, day := range days {
+ mailbox.WorkingHours.DaysOfWeek = append(mailbox.WorkingHours.DaysOfWeek,
+ toString(ctx, day, &mailBoundErr))
+ }
+
+ if mailBoundErr.Core().Msg != "" {
+ mailbox.ErrGetMailBoxSetting = &mailBoundErr
+ }
+
+ return nil
+}
+
// ---------------------------------------------------------------------------
// helpers
// ---------------------------------------------------------------------------
@@ -229,3 +452,51 @@ func validateUser(item any) (models.Userable, error) {
return m, nil
}
+
+func toString(ctx context.Context, data any, mailBoxErr *clues.Err) string {
+ dataPointer, ok := data.(*string)
+ if !ok {
+ logger.Ctx(ctx).Info("error getting data from mailboxSettings")
+
+ *mailBoxErr = *ErrMailBoxSettingsNotFound
+
+ return ""
+ }
+
+ value, ok := ptr.ValOK(dataPointer)
+ if !ok {
+ logger.Ctx(ctx).Info("error getting value from pointer for mailboxSettings")
+
+ *mailBoxErr = *ErrMailBoxSettingsNotFound
+
+ return ""
+ }
+
+ return value
+}
+
+func toMap(ctx context.Context, data any, mailBoxErr *clues.Err) map[string]interface{} {
+ value, ok := data.(map[string]interface{})
+ if !ok {
+ logger.Ctx(ctx).Info("error getting mailboxSettings")
+
+ *mailBoxErr = *clues.New("mailbox settings not found")
+
+ return value
+ }
+
+ return value
+}
+
+func toArray(ctx context.Context, data any, mailBoxErr *clues.Err) []interface{} {
+ value, ok := data.([]interface{})
+ if !ok {
+ logger.Ctx(ctx).Info("error getting mailboxSettings")
+
+ *mailBoxErr = *clues.New("mailbox settings not found")
+
+ return value
+ }
+
+ return value
+}
diff --git a/src/pkg/services/m365/m365.go b/src/pkg/services/m365/m365.go
index 97f724f76..b3db55d13 100644
--- a/src/pkg/services/m365/m365.go
+++ b/src/pkg/services/m365/m365.go
@@ -32,6 +32,7 @@ type User struct {
PrincipalName string
ID string
Name string
+ Info api.UserInfo
}
type UserInfo struct {
@@ -72,6 +73,13 @@ func Users(ctx context.Context, acct account.Account, errs *fault.Bus) ([]*User,
return nil, clues.Wrap(err, "formatting user data")
}
+ userInfo, err := discovery.GetUserInfo(ctx, acct, pu.ID, errs)
+ if err != nil {
+ return nil, clues.Wrap(err, "getting user details")
+ }
+
+ pu.Info = *userInfo
+
ret = append(ret, pu)
}
diff --git a/src/pkg/services/m365/m365_test.go b/src/pkg/services/m365/m365_test.go
index b62b52206..94bdfdd34 100644
--- a/src/pkg/services/m365/m365_test.go
+++ b/src/pkg/services/m365/m365_test.go
@@ -46,6 +46,7 @@ func (suite *M365IntegrationSuite) TestUsers() {
assert.NotEmpty(t, u.ID)
assert.NotEmpty(t, u.PrincipalName)
assert.NotEmpty(t, u.Name)
+ assert.NotEmpty(t, u.Info)
})
}
}
From 676eb57bec5150289a00f896d07d590bac0bc3e9 Mon Sep 17 00:00:00 2001
From: InfraOwner <120140348+InfraOwner@users.noreply.github.com>
Date: Thu, 20 Apr 2023 14:51:06 -0600
Subject: [PATCH 004/156] [Snyk] Security upgrade ubuntu from 22.04 to 22.10
(#3167)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This PR was automatically created by Snyk using the credentials of a real user.
Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.
#### Changes included in this PR
- website/Dockerfile
We recommend upgrading to `ubuntu:22.10`, as this image has only 7 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.
Some of the most important vulnerabilities in your base image include:
| Severity | Issue | Exploit Maturity |
| :------: | :---- | :--------------- |
|  | NULL Pointer Dereference
[SNYK-UBUNTU2204-OPENSSL-3314672](https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-3314672) | No Known Exploit |
|  | Double Free
[SNYK-UBUNTU2204-OPENSSL-3314696](https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-3314696) | No Known Exploit |
|  | CVE-2022-4304
[SNYK-UBUNTU2204-OPENSSL-3314710](https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-3314710) | No Known Exploit |
|  | Access of Resource Using Incompatible Type ('Type Confusion')
[SNYK-UBUNTU2204-OPENSSL-3314792](https://snyk.io/vuln/SNYK-UBUNTU2204-OPENSSL-3314792) | No Known Exploit |
|  | Out-of-bounds Read
[SNYK-UBUNTU2204-TAR-3261138](https://snyk.io/vuln/SNYK-UBUNTU2204-TAR-3261138) | No Known Exploit |
---
**Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._
For more information: 
🧐 [View latest project report](https://app.snyk.io/org/alcion/project/be35e6c9-5393-4702-af3c-f4aebb53488e?utm_source=github-enterprise&utm_medium=referral&page=fix-pr)
🛠 [Adjust project settings](https://app.snyk.io/org/alcion/project/be35e6c9-5393-4702-af3c-f4aebb53488e?utm_source=github-enterprise&utm_medium=referral&page=fix-pr/settings)
[//]: # 'snyk:metadata:{"prId":"c9081e45-6aaf-4de2-b85c-69d562ea40ae","prPublicId":"c9081e45-6aaf-4de2-b85c-69d562ea40ae","dependencies":[{"name":"ubuntu","from":"22.04","to":"22.10"}],"packageManager":"dockerfile","projectPublicId":"be35e6c9-5393-4702-af3c-f4aebb53488e","projectUrl":"https://app.snyk.io/org/alcion/project/be35e6c9-5393-4702-af3c-f4aebb53488e?utm_source=github-enterprise&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-UBUNTU2204-TAR-3261138","SNYK-UBUNTU2204-OPENSSL-3314792","SNYK-UBUNTU2204-OPENSSL-3314672","SNYK-UBUNTU2204-OPENSSL-3314696","SNYK-UBUNTU2204-OPENSSL-3314710"],"upgrade":["SNYK-UBUNTU2204-OPENSSL-3314672","SNYK-UBUNTU2204-OPENSSL-3314696","SNYK-UBUNTU2204-OPENSSL-3314710","SNYK-UBUNTU2204-OPENSSL-3314792","SNYK-UBUNTU2204-TAR-3261138"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title"],"priorityScoreList":[null,null,null,null,null],"remediationStrategy":"vuln"}'
---
**Learn how to fix vulnerabilities with free interactive lessons:**
🦉 [NULL Pointer Dereference](https://learn.snyk.io/lessons/null-dereference/cpp/?loc=fix-pr)
---
website/Dockerfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/website/Dockerfile b/website/Dockerfile
index 1cbcc8913..690b07095 100644
--- a/website/Dockerfile
+++ b/website/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:22.04
+FROM ubuntu:22.10
LABEL MAINTAINER="Niraj Tolia"
ARG DEBIAN_FRONTEND=noninteractive
From 315c0cc5f357818d29584013d0e90a05af12bb47 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?No=C4=8Dnica=20Mellifera?=
Date: Thu, 20 Apr 2023 13:55:04 -0700
Subject: [PATCH 005/156] New blog post on backup frequency (#3133)
---
#### Does this PR need a docs update or release note?
- [ ] :white_check_mark: Yes, it's included
- [ ] :clock1: Yes, but in a later PR
- [x] :no_entry: No
#### Type of change
- [ ] :sunflower: Feature
- [ ] :bug: Bugfix
- [x] :world_map: Documentation
- [ ] :robot: Supportability/Tests
- [ ] :computer: CI/Deployment
- [ ] :broom: Tech Debt/Cleanup
#### Issue(s)
* #
#### Test Plan
- [ ] :muscle: Manual
- [ ] :zap: Unit test
- [ ] :green_heart: E2E
---
website/blog/2023-04-24-backup-frequency.md | 128 ++++++++++++++++++++
website/blog/images/astro-clock.jpg | Bin 0 -> 204302 bytes
2 files changed, 128 insertions(+)
create mode 100644 website/blog/2023-04-24-backup-frequency.md
create mode 100644 website/blog/images/astro-clock.jpg
diff --git a/website/blog/2023-04-24-backup-frequency.md b/website/blog/2023-04-24-backup-frequency.md
new file mode 100644
index 000000000..602e1ffbe
--- /dev/null
+++ b/website/blog/2023-04-24-backup-frequency.md
@@ -0,0 +1,128 @@
+---
+slug: how-often-should-you-run-microsoft-365-backups
+title: "How often should you run Microsoft 365 backups?"
+description: "On the ideal cadence for backups. The ideal frequency of backups should be a business-level decision - what RPO are you aiming for, any technical considerations will probably be secondary."
+authors: nica
+tags: [corso, microsoft 365, backups, best practices]
+date: 2023-04-24
+image: ./images/astro-clock.jpg
+---
+
+
+
+
+I was inspired by some recent conversations with [Corso users on Discord](https://discord.gg/63DTTSnuhT), and
+this
+[Reddit thread](https://www.reddit.com/r/Office365/comments/127rt5q/what_is_your_backup_schedule/),
+to talk about the ideal cadence for backups.
+
+## Why do we need backups again?
+
+I know you’re here at the blog for Corso, a Microsoft 365 backup tool, so you
+probably don’t need to be sold on the necessity of backups. But just as a
+reminder, the
+[Microsoft Shared Responsibility Model](https://www.veeam.com/blog/office365-shared-responsibility-model.html),
+similar to that of all public cloud providers, means there’s a place where their
+responsibility to help you with recovery stops.
+
+The most common reasons people need a backup (based on the last few months’ discussion among Microsoft 365 admins) are:
+
+- Malware, ransomware, or a similar attack
+- Data lost in migration (for example employee leaving the org or changing roles)
+- Accidental deletion
+
+In all of these scenarios, Microsoft will take zero responsibility for restoring your data.
+
+### What about the recycle bin?
+
+If you've been pondering the same question, you're probably already aware that
+Microsoft offers a few different recycle bin options, which can prove helpful in
+the event of short-term, limited data loss. Even though this solution can
+provide limited backup capabilities, it's far from perfect. Data in the recycle bin
+gets automatically purged after a few days and malicious users can also force
+early deletion of data residing in the recycle bin.
+
+Further, the recycle bin can't provide the in-depth data control over important
+business data that you need. To guarantee complete access and control of
+important data, a comprehensive backup and disaster recovery plan is required.
+This includes both short-term and long-term retention, and the ability to
+recover in bulk, granularly, or from a particular point in time.
+
+## How frequently should you back up?
+
+Let’s start by defining your team’s *Recovery Point Objective (RPO).* RPO
+generally refers to calculating how much
+[data loss](https://www.acronis.com/products/cloud/cyber-protect/data-loss-prevention/)
+a company can experience within a period most relevant to its business before
+significant harm occurs, from the point of a disruptive event to the last data
+backup.
+
+RPO helps determine how much data a company can tolerate losing during an unforeseen event.
+
+The ideal frequency of backups should be a business-level decision - what RPO
+are you aiming for, any technical considerations will probably be secondary.
+
+### Shouldn’t you back up continuously?
+
+There have been a number of expensive backup tools in the past that offer
+something like ‘continuous backups,’ where every single file change is reflected
+in the backup almost instantly. This is a cool-sounding idea with some
+significant drawbacks, namely:
+
+- Without item versioning and/or preservation of older full backups, this model
+ drastically increases the chances that your backups will be worthless: if data
+ is accidentally corrupted, an extremely rapid backup will overwrite good
+ backed up data with junk almost right away.
+- If you want item versioning and extensive retention policies, the cost overheads for super-frequent backups can be prohibitive.
+
+While backup frequency will vary with each business, it’s generally not the case
+that a backup interval of “nearly 0ms” will make sense.
+
+## Technical Considerations: Microsoft Graph State Tokens
+
+One of the reasons to back up fairly frequently is the use of Microsoft Graph
+state tokens to show what has changed about your data. For example Corso only
+captures incremental changes during backups, only needing to store the items
+that have been updated or added since the last backup. It does this using
+[state tokens](https://learn.microsoft.com/en-us/graph/delta-query-overview#state-tokens)
+that it stores within the Microsoft 365 infrastructure to checkpoint the end of
+a backup. This token is used by the next backup invocation to see what has
+changed, including deletions, within your data.
+
+The exact expiry of state tokens isn’t published by Microsoft, but our
+observations show that if you are only backing up every few days, these tokens
+can expire. This will force a new full backup each time which is both
+unnecessary and costly (in terms of time and bandwidth but not
+storage because of Corso’s deduplication).
+
+You can therefore reduce data transmission overhead, improve backup performance, and reduce RPO, by backing up more frequently.
+
+## Cost Considerations: Storage Costs
+
+With the threat of ransomware and other malicious data corruption, it’s a great
+idea to store full backups with some frequency. This means that, if you want to
+have frequent backups **with** retention of older versions, you’re going to
+need a lot of storage unless your backup system is smart.
+
+Intelligent tools like Corso will be cheaper than most others. First, it uses object storage which
+is orders of magnitude cheaper than reliable block or file storage.
+Further Corso not only deduplicates, packs, and compresses data, but it also has
+a ton of smarts to only capture incremental changes between backups but always
+present them as a full backup (topic for another blog post!). This ensures that
+even if you have 1000s of backups per user or SharePoint site, you will always
+see fast restores, minimal storage overhead, and always-full backups.
+
+For other tools, you should evaluate if it uses storage efficiently:
+
+- Since there’s a per-object storage cost with most S3 tiers, backups should bundle small items together
+- Backups should include compression and de-duplication to be as small as possible
+
+[Take a look at some of our recent writing on selecting the best S3 storage tier](https://corsobackup.io/blog/aws-storage-class/)
+(spoiler warning it’s probably Glacier IR) for your S3 backups.
+
+### You still haven’t answered my question: How often should you back up?
+
+Independent of whether it's Microsoft 365 or other systems, at least once a
+day. Probably about once every 8 hours. It will ensure your backups are
+efficient due to incremental data capture and that you don’t lose too much work in the event of an incident.
+Higher frequencies will be necessary for higher RPO goals.
diff --git a/website/blog/images/astro-clock.jpg b/website/blog/images/astro-clock.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..642d348946684913d13ad5676ae2cb10d77d3fea
GIT binary patch
literal 204302
zcmb4qWl$VG(D&h1+*;fYxI>Fep*Y;(hZJwoVuwSKKNQ#E?skVmaVzd#IJCG^+@VO@
zx6d>0hxhBdlbK|)liehfWOjeq{k!yc1t1T=#K8EUf{B5Ng^7uUjgN!
zNl1tZiHS(bUs8~gQIio7Q_@jVzj{SWOG`pQ&qzzW}=6{5sVPaunV`0C*!FfSL
zN=!=g|4n~;0HnC+##jIhG!_6lDH;YT+TQ^HJpcf}K|@3PSN&f?L;p8TY#dww-aob~
z2>=Zp6AK;le+UZ$13>VP4Zy@A#l|6Hel4qwOU`0WA>bOsDwkMD39IX+6113MlXu&?
zpaxzF=>#hz6}@D)tQS`7L;Vv*iv~c$`hQgc&;e-wtLz_Bmh@j69TOb~2LluRUoQp#
z4e)O!q*(u}2m7BM*PsgufyBbP-Wf{PEkQZhC7XpCRd64UP*M?4MCb1^;04CNA*2|j
zfVY6Xa&fIj`#LGWPpPfOYiW~j6?$icMK-dH-!!ZTO~Fjbr`@FVCLY+K^@?MiP>#DV
zUEnQz5_&II1baipJ?+bPAGk%A$-3XF7b$R7w!;A1*gLiYGBei6?pRuN9D(8?I0_@Y
z!mjYP5GH#jw%AQl3(1WtA5M@c&Mc8kJ!D*gP;RG+<+_Cmd)gx8nqc`az*~LD@vBVh
z+XcYS99p)NYW?PEn%GkpnGmX;{R=dSR@x`IdW94i*4?USJoB6EONLci<2=h=#W$Zq
z(LjkQG9p2&(C%f-K$WFrlvFQ96*P4k*q7|u$f-{Ue+QtIQ=nI1;K4$v_lV*&ip}Hw
z@J=AD?badM3r{6N%DtkvTV{lk=;FsM{N57B)mXb>d32QQgR_AozV#*JKw(K<`WH%5
zse~M->r6jhYUo#@`3I3w-2Pz-nRX?sIfG&M#MM!Lo%B?c`;93^tx{C8@+31}#i89@
z*+}YFcHYS0FT!+=jRukaVU=xwcz=v#chh{O+ejHVJwfTvDw%zb@7tc|+ZzaL&$gSs
zz>~Xm)SNxW20<{i=50ebRSbA)23)*ZC=^ys%IvjWh{tMb_2oS-?*ajA6d?lwp266Q
z)CYg2cYX!=VDT~mO>qzLo44@+F7f3N5as43flpn*iUah=_5{veb5c@{=F3T=T5VL)
z7fI7G<%Hm#^9kW3#Z;O#yl%gG*`iTW0F8H96o*0#T#6Y|uyKqZ~BHCX>Cz44Try
z{R)@1?6UMW`pm_tEQ=s6TKzqxc3x76*7C24YT1DX&N1&f^(OKe*7CTxo>yKA#yb)G
zo=^+f#bcqN{r%E~?cm_7R%1K16Q#=EmGo}$nH|PaY?%E-0=4OE2AK2!
zkJj}a@A6+?hLS43PP@dtD&uwXN(LW$W)<6v8F~}cYx<#m{$rV%hx}Eo+|VN_v0Cjl
zv~18mOs`AizR&e?y-yj
zvFsk6j`OD(%Nf~qCxQs3F*3`lvuwQ@CNuy)UwAx_%la3syg@?^&SdS&PPXo5^emU-F53d(f4UczJ7p=fAH3h5E|
zN>lr_?O+#nad^eaHXW&0`KvpPrl4B=XHFuRccUkRsSTOCJn?^UffS%ar2AHdz!+m_
zD&s@?j>hn9JoCU$F5fo?5QV>h6%PHY+exn*Pm+a35$)yu`Y{m;8wU8!E2xu}PDY`5
zl=&`%*|8uzLu1eZj6GcCNkrD`W?-%($Zp*p>k7vKQyzu_Ih7JyRklF%Ta)OCkY3&B
zq`f~x$t)=q7R6#DuVm>1LYBo@B?Q+UgiYOvw^&X^G3q;s#fZ}F?KS0maPN*OSW7;u
z95~n&lMYB7e0FUixO{uUlBJ`xzEb1k`@^Wgc#yUM-;ZdwavYwJH1UVoRTLJl^?mX4
zyTf(ynRai8>wNX_zA4aI`YL+WQ`rqk-WKI!WGfF*_-1PzdWvM}qnGGO|2W|dY}UEv
zQR?yYOP=EAlqqQVIH3!wZC;ZBw~(~{GzS=2OxJFnx0T1GQxaPja0UpD;yh@MyDnyw+Zg})L^!2xUPZQ=@>D;?@vc9ng&XS(
z$yE{i>zq`Oj0|cX)>hrN88x?8HML`%EzWTP$V?yzJ+*YjB>(;s2CQ0QJvhqu#%erl
z$vX5}K`$Qg0inD^)T>(zR;{f2_H4RLN_t5|BJ{($2&R|}Kvu~#HOdDs7EJZ9a7ZRV
zCxT+x(2lFIFUg_L-~Pz2AgqxRWR9Qy7`#e*nU|(pT;A$pw3Cwe@4VxczY-KkDK6u7
zVRm9*z6#ce-WJ3l3KLc{4xFRZ)W%Qo)JGi&om*(Wwi)|O0ZB~#h<#AWvj9p4UF{uB
zHB&{bXw_azolY=sb&JwwaqzwV3rKnJukYuR7H09uHkSMP5cuU@OrY+SWmF!bHR64r
zr+_JvXU1jn-0SOa)(ldSPgzE>Jax}*w}bW_X^pB3!=BYP5fNGX)cwg~#cb?0tC`06
zRG`>a1`8WQ<1$frucrE4bojE{&?++J75YUy3+b!o5lqK+sZD
zcWKos4ZS|*%wk|JZ`-}>4$|MrZph5XQko%*|Cw9Rk!
z+R~_Uz^=#2Ym*2oLY8u#hrKa!3~mmh=4Jg&KL9ruCM<9%PS*bmaA+kd*B|=mY&1Ev
z^{(D|z~7kH`g7kyWbdFisr;zPw?iT+ro7Sasd%ScR+(XOLZC22LvqBfanYq?jNojR
z#$DU)O+w5i{O*wM(6BT$yh67qwF<$b;_PqNGLiRZo1?y1=rym-yU$&J1}$n{Rn{@8|B7wT67A(M)o|48sajB36y?rB?v^6$Ve1|xNIM{JW8?5@(Waqmmj0X+#zhTW8Z`(?CZt!Ixu0@o1BKTuZmz^8rL`#g-~*teU9
zeB1@YN);v=esUV=oe;AK{XC|Ht=7!!xah;x#Uq1-aSxzlvY13@r?_p3UQIg1C^j45
z9tZo!WqCnzF4U5Kfed)ZPwuF$R%0`dxnrPGSR|E4Y{avmwid4rLdQwEz&oz-(au(@
zpHJVZaf31g$YaxxikwpUK6{L+f;I!q7(BjJHA>lRXjptt>0+}@G3m_edsrxcT%Bvx
zZQ!(5=)M%_F$5~{gZ-&sS*4*>-{9p?=}ME8lIIK;Pv(IobmIs0)^6h=?xh#*O04O|
z_Ko3evJ+S}`3oQU2TlW=EP2c4p*FN2h+3z-HPAmn9PcqB-gEvKg}`ES!rhb`(Mv$A
z_vFfak}_|l(u*5_)6ON{5)$s#9<41(Y|)PgLcQ=YA^}Z6o^tm6r%0C+o*85doi2&GUmnRkM{pMdHrW3*)tD63lj^}z$m8{cb1H1ax`Fh
zxrJ}~71h79MF1Cwl9o|UsTi}LJ3OShT|S;iEGvm4`QHy2NXeO%^@?7jE9SQQ24fcl
z)D7$REU^=}ST8ev|KT}zeOq0-%8g$XIzBR2s=O2kOWvuLYe^1PVhSvbplT
zmpw5l)zBt8n+>s>4G>(qy?G#pz6^nPxD$IR-%|F0lDQPr_@1#VthH)h>a|%z7M$W2VWf1!u@+HDvoc^Na5*0D${_zwOLm~^AT)b4X2yi#%~Wi4SzJ#{76LO=KH;iboe=c
zF;a~4(`99sn$B?pj9i-K=FrZRRj$=+SaB&?pBmpfn~v9)Bz_ea2j`Jne0|LqXO^RY
zxLF-|9v?MOE>IH)boz0R89DWauJIP?{Q5{;L@p;gO@8uj4oMG+{fx~#Y93Rrh66x0CS3T~EpQB5ck@h4FOcGp_l?VU74$rm@F=6eVN{}DQ($bZxb`P>>lYE3K>
z4EK9)d;6dCYkEQ25v<{bj&_TzDiK7kyw(x1x3ju1os_=%JG{C5pAG%#$i*^F!X7PA
zOf$NP($Ote_YztMy|~o#ImJvC%U(=yY~~5mhINhhf6%#({H@H7dYk-3z-fh>Ne=f#`)q^AWrPHfz^P`whiZOg?Vpq*D<_Tr{bFX5muZp
zZCKwNc>gv%68T`SHmTjys+Js{MFgdwnqEKo)qxR(WW}l?p$wtOEf%3nT#>MOo_N@j-lw5`Clb}x
zljOs!Qnk0tLOA4hGj*4zPRlyN%lz*=otMs5hjpR#g@Jom541*QFb|o@gKsJ9ucke&cn;UCV-~
z+L!*MHfz?XeL(@etT*$DFS<2y@@bIioCp#`^Vb8K7Sf4$9(#pJMKl)IVX|YZ*d#<5
z#p#MUy=h>F;Z}|vGf#NKb`%%Wri#2L*+w?|`ER?`W*^b6^_lNGB)Y0-j*L8~tBsty
zu}SC`MP&vptXHx7rJ#n{r2{hNrq-
zr(1Ylo9xr~B{p}OsoLQqNP?QLLXwD8#d$<9w}A_rp6Syyu-ROxP|I`Rp>J^cEkyL^
ztt6SXO?WCNVH9NRy%S3~sba(=XPTTT>*sOTy;|6UD!)15G=mD+7)f9_EG?S~U>vlJ
z3!`-@qYar|r*;i6(lv#ET1uU2lc*>y;$h#s?&B3`dDT}C@zr3}ET1{_@WRiol%pNu
z!s?YQZ9x?}FTE;~s|TU22)4>YKcnXmD!o+ZHD+d+^V)4p0azGk60g`fDTLhG2^O35
zaJr=(wc+u!+3=kJn^C-@C1K&_uan>Xp8u$9ER6H)mE{uUp^K~
z4vBgZUo)F$tknM{kC|k;zSQwpA
z2V&`Zf@}{$quAUTiU!ugUX_E8frmwsUWLNQen798Wl*6s7be7qmhj
zRwYi7a8CkSImDCjotW9uIxW==#-~vF&B7G>gzGjpoF-H`$2Y-tG?01kn0TG{4;~ns
zbbtd0$i$*&@udwU?m7qC6+#4~mN?M{WB&mL>nvVBgLGzNxXu8(k(c(+sH?9W
zoy=Sq#%=TwMOec=TMQOyz{Pac*wpA`A#`E3IOGG&OZ2?)U21GxTP46N;1LM$zgI;&TYFg;`ML60UEL4n;WN86p|FX?P-%IUbOMv
zvMa4WSUt(>!kqU50rSn9vRP1yBx);k!sdM}n%HUBS8W_`-703gg*%&A}OowQn|h&drOd8<^9-$6~N`hNyzjV(TMI*
zA=l)q{!~H_DHFFyB|*{}oDw`l%Bz<#0SPwax~6^jQ`_|e$&&cY*8wTah+R!u&KbDGMW_@Rl9{WZwAs*JLe?Gy^k@N!(=2SfYMusAcM6bO)xq^zuX$Gh%f4ZcV%`Jyb=JUdG2nGN%mKtgJ$_i!
zIyrcKpGvFSbTf#S{=ZLA+@aZpa-C9}&@TYf!3d26ETix~dI2qpquclEGn-E0p@R><
z3lPf-hj?t&XX;@E%QaGLeRf(Hdo3L=Nhgq3mG?mlt#9~r0S#6BsdHoOU21zeW>Q=nY1>sX=OGzS2cFRk6%s1pF3u`*CXIjyV
z_zU1C!i*(1RMpRsXE9_ulGWA;JU@(m*MCNh&|Cm}&r(;nSaD*EmyA}6Ugt?VwCvYy
z3p{hleWJB|bO=ZqO_{~SN^6d$Yv-VtwGL#o;;BeKPzx)cTT&I5&
z){TpaK=UiRQt-%tW7rlr08U*m|4>S_P1LZRqDio5s*&)ik;@J!_%Zf5F6=2aeqjCm?+10IYkf{4bd<+3FXPc
zVn*1aK)
zfVpv_)SW&^uHX9;??wK_qy65Y2iOvvQLal5piU7tioYQ-Aq*<_`4pZGNuJ@-On2%-3SD+i^I#=pI+V>FuB=iKeqIjaUUEeu~U}o@G$fwK-Hbw-gHdmKV^<
zJM^ZJH01Z#TQR{nWG*G&RwMtOD4GhNyc!~IFV#q;GSq|k>XFqYgCc;XkZ6C
zEF?D#vs{X%8M*?~1U$3C-~tWaU526MP46eKdZ;+%e6#PK20HzSTC%kn%n3C#{RQcow3
zkh<0g9#DUinWHRJ
z=gCc7p}1?$D#55}oj6K;e)mFCkbkz_gE|{Jm_y&Ieom9eJ1CaS>E84VNt_~Ui@rRuXP_6O|_se&(
zcNbyC>=%x)`u^@dvC64#+W2W~Nlhq!YVooC^d&oI-~0=lNE`k=nCal``CkB*`0JLenKjOL)@W20
zV~6yt)95ollmAXh*?bP`
z_LS_H6Pw*jL6O6WKjhWmz7HJN#SbWN*2J4eH&6S-XEIm5aV$wz{$fi%3QmuAO~0bp
zwc2YfymEz3!YmZ0%k9$CbF6zidyj|>P-V#Da4%XhM?Kqo^VH?AkJTvf5^vkicl(UtYEd0YzZvvC
z92e5Mk0BR`CV2{AylU&*YA~d4EfUyfAN{SuGDMyYbE2R;Zod18V~f6&i8gdAQs4xi
z9!`aLna{Pig&sCVi|({N4mi2GsZ-5y2wdBn6gwmAwN>?5;eo)DZZdTkq4dNk$R?O2rkIOU_hFK_lhwzlFaZeONybO1rCwbTpS*uPg{)EX3%_5by-)LSxe<1<$CVTJrvvXEgrVB^k?-wri-C?
z0Z3VL`?Qh3REZBgKLj1D8)t)
zQ$6-=Vw5F%h9(txEx#1Ns4;tvL1Z|@Fm30OWs1A(1R9V~FD0+Pnk>rKb1ZRECue?}
zQR;fbUoFEqUYPAb#7V|FS*XTT&hw*ra58+9)J%pb%pfwsDV}qjS7#B(y`I+7jWC94
ztlr0N^b?5;raBsHj<**k1q3M-cfV$Nw3cI#SpZ$i}kxv(d{9mFLOM;N=4M_L-U^^^U)QzSj5T
zmUJ9ZOBExasKZ9^SN0hnOtAzh2yJ|A%zbFPDMM!ZcPQ+VP^9Q-zO(`pM>!)+=@1NA
ze{x>F9A8>06mQC~wF^k+QpLp*Vec_x!lG>R4H2esbyF%B#aEc93@arID1P+(Vq0rq
zRWkmn>BR5r&uURUD(L~Z2U5<+LX&LUrs4~)zNg+lSP>3sLhV$*bcwZOmwG_T8Y$TT
zpJOt?nn_(7JyE^vfI_jorU^AJ*krpIi7J&L4BlewdKWi@mKao-S56&ZH9D7$FZ|ee
z7hL@!G#7NsxOmE7RqkLmK(BOpidHIY$FeAT7lQ@k%)(!zR*!9NAw3{dc~A-(zK{6Q
zh-5$3Ncx1cf?#>jVLGA-Yi2Ev91}Uo&)3$5C(rr#M$45LY34}lai9wCY5NDl
zXvy17=WvPN9D$h76~9i+&<5%osX}YbPu7N7B@~6qBMb+HMB@JfRJFB@%NWPfCE|Jp
z7{J*@`t}xnFJL)Hfz7#N-rV4LCN$I~qfj*lRI$m~+ujtUanQ0lWLOfF&uS@w>9(voRoNK6~{1E&$CEs~n5oi94<^@Z
zU1=$zLQmMNS3OB>
z$KF!UgNdRUJPP$5$+EAOszjzr_r5bm=TAvJJl-tS>8ol9lBU&#Yv>{7qV}WnetBZm
zUJYNf{a1NTxjAs;GJLDo-trv2ZnukwF0+YTx-!6kKv%R(7yRN9-t&%wwA=Ywyv=N2
z0f}#JMLJpRJlXR=+%;QV^b|<}AN&i29rqWsu?PI_;>KQC<_2A62iNXKUDAD}QVA?7
zD#%Z{A(^rtZ{BpfjC|v=v6f~dlQI`_*H)Bl@o4r*Vgcn
z?fFAS@lt5J!P`wjS3c8?7lkWN%CcK0&VkPw=I{9b@Fm$~#uxydRK8kc%#V8Jp2BZ#
zzPR<8D~D{9u5(dNFs&YUGeR@Gn&WgJ!S_lqVrQMxawF@$?{Fc}p;zow==6D`@?4&QNh1l+wPA
z^F8f{Cs0}~7rx&MAK^|!x(i4XCa
z3~O&yEtO4y+`)O3^1Z9X@vK)D#_Uwk)k}MESAx7X4CL=EE+e!E`Nx!aXfMbW>DW9c
zQXiqBry|n*dOB8aN)plK^Z_61M3cXu>BKv*g{i+pkzmCV-Pyt85I_Q-5yd<@8-B#J)oH^HbvQBPk?O4b{*6tCy)^vB8=e7UcC@mALY75g1i0(|PB8
zs11sqkV;n$R+*&v8W;UGOsFUUtD2zpP{qiG7v{~1P;@A^)6mt}0{Eu7`TqmFl2X{P
zXc+^{bvg86z&8w-ZxiBIjvDiAR4DtO`;>W61rMG891)gUN^8QiU*7bd-u-&&D#%D27$`
z=}&DHNnFK209oBpqtAg9lp}u3uNQy@(#FIh=tZ-7NJtVUhtIFS*s*42U&ABG>$zR&
z;6EhL5OM$cp;e;$;FDU3HiKJnoYpLMTtsG;Khn7OCQa4b_`*&ehYqpIBESu+U
zWspN59O!t6jOgq-s|yGq#vw38JtwOTO>k8F3#byqGr9#Ylb@M?DbBMPfqJZD=lO5h
z?Nz`*DnL%!C0B0}lt$S}x(m=TrP^XRn|^?@AheJfGeJbMUxZ@CT-Ijbx$B~WYNJ1&
z3G;_Zq=Eqgp|yq*{?z%H!7rzxkHoyAS7YVeZsgM+6~V(nur%ZT$4Tbgdt%WLJBiW-
zGQ!~N7chT?44$Ea4{~Qk#41aAPARjWQw(}_HO+j7n>N0Z5E%`zqv7*bCV&37;)Ab@
z25KCB@11H3wNN}LQo31FJn2dX9<&9#ZmFG~?2Xn&E<-8Q2>X+B2e`7RranP(8p!QjAAWznjH`nn$ny@yV&AQD663cfJ954Y#Y*Z#ji6xuChmk|9fMvg
z8SL4#Vdnu%gQCs%D;XZ6`Z8c@YWgjUADBswMAIQ$oJ?FE{nbD_?M+;ZNcL#B@k0P2
zWB^zV(ZWpNYmKP3;}l`J4=vFOBrC3XhA#l*7|ak!25XJ(79%8e%x=^Q!4>x<<^D)d1(O?4tArV5vFWmV?em06}G-`B=!a$L1M
z`@8{r-pTgE1l8-0@m!GZ8eE~PL}*RJ21r9aN;cjk`45yC%z|$Kjoj5^!yL8#EEY*`
zI%Ku%JQ<_q(~Jqj?5MiNsMZ&wHQ+lomjm;n1TaROrS~rYD{+i}0V5iODO-O5P$!vK
z)>k{rdGz@;n{2cxRK$>=yL83b`+M!Wn*JVJNP`9hW?+Fj106i~
zR?F+1B(_QIeCazXB+D8@(U|y&?s{L}=r`$Va32*eW)*9Qg{n#%BVHp#;Y`M`>YlKl
z+{k9@eG|6!U*M){gjdvwa?sHg<;QYj2!1lfB;VA;=;N{@>EY_qMgVhZ+UzM(O)MEc
z-T0(jprhLl<0G$WTaMg~e9_CG4MZEy=G{N2F6f_aCx<`E@szb5B^9A3Ui_MJz>U1z}bB@K2-<=7IkRLvbnHY
zZurUvz^XCvA4NL@^v$A)mOOXt*n)asi|Hfo(M0iBaS&&h<)S`wRU>_#cfK)C<(?Je
z_|#>dcfk0bgm#8lmNsv$H3djHxgJgAx_YB}+hKs+^KD4>%ePqVE3I7>KTJ-3N`y%z
zfBy@}JY;~xEvm-73rL4LV%NM0J_6Yl7sXV&eg98!-=Q`9^Iw3vOXzV_kxJ{k_ZfCx
zFQm$kDw_I3X}CTNRD~gd#;yi6~kfP^?bI6-iUOe$mcX?lo1zJ*X5Uin3zd
zu1!Dfd1q*%K2G2JFTnN$R9@I$p8djCxKPVIS8zO@qOq!D?&Jn39Rn^uLaYrm0G1fS
zpnm}>=k)JWe>lsH;ln<@7Fg6C_|DWV@+3n^jdmk6A3y%voV&8;r32XQk2~$Y07mkW
zgURkhU-d;925Lpd-3|V#>h4YD_6wmep2@Ee+B;O0L>b7)ZdgyWUp9XWju
z7KDi)OZgkxu1zwlC`iy+MVN5qM^#r?XS+#14tR@H2idEXz9Z0q)x^R)A=W-$)Y;Ck
z3$L<0USk{Zh^3Q}A-I#|e2MSkRZGgEk-;jHy(S$OT{zY*>NDIV^
zXuL$%=_i0jO-u=z(iih;YoPZ`euG7oC7LY9AV~s~b^P_v$~hJFmM~K}-78(EP>$>#
zA=DgYfwBI|wQXoQ%^7I5YR~YCP>wi{S$UldbZjD<@4?n3+1<~1L5i7spaL!3`~@OA
zo5=t77G|ixd~l7k1#ydt?^yKLvL67?bM%o6qLF;T$TbN=6$}Wtc4J+Na}VV+N3+c8y?|nS#0k?eS>H65a5QZ$tOMlytPwpkEt=
zCD--(zuM#+*?$}*pF96##h~n0l$RK}@m{K~02eJ<1yplpOhst*wFY@>lA~ufhd001
zs?Bn^N<3fZ0;^5Yf5@o{h={zqUP$2+;_*b
zFKf0w`N^p-@-o#XvZJduGZ)bk%aO8XGVjJ#B3d4cf`2C<#Hf;%2X6^`9~JLG*Ub*x
zNiN|w{8f-N_nk4YzqCUVno{5Incor$Y4F|p3zJ}12DEp-(s@fG2868RnpEEhm3d&q
zqrfu@>d-AL$OTAOW;y)ei+%ldI{-6ubt$gyT+lec082`?`C=_IREl>d-37#@QJ{2B
zQXHv0jbAU~kH$M}1%
zrT0HqLV9z3dLa8UtVWb^fmnda^W90wq_1A
zc6xR6FM!A9_q`^)d7ATwj{@HWk5ZDB(vkD@x_jJ&Nn`<5#D&pPa$0kT?qr)O6T~`T
z>@n4-H84(LXG>gErCQ~{`|v2Ee#i971p*@-q2T1I*7&@gd>D5?OPoceFum$Wr(yX!
zQ$oowg;)5!6iLBOxiTk;n>7X$r>*~tO@H$GEn6%pitOjoDshIQq{JgSGYOGzg0cqn
z0#i(19b8JD*%&@39dY=P_6E1+^FS4EHvAuDGbI*g6~R9De1(MQ^(yC1OpHRV_VZ0nNvdhe}zWM*qV
zS~RkD~810()f#{aF_Cvb!ajCF61oD`Z<14-F
z7Z`_+MpN>KIe?9(Meb;mEHldvy%QL%L)%w}pNtZ=2tVGMwAsX}RCL@$LG|RU=g5*$
z#(D7W+EXx{&0Zlm_(dcKQ%x+{_t=dJ)$H1ItL$MnVubM)HHo}c=FoH{=C8B+N2y1?
zFQFR(DntU4@naz^tnQ;7d}*!KUk=K3cQ33ePrs?dyCeT_c5_+N8W`)1&PF-EALjMDzh)S{zynCOU;LR+@E8nkH66o
zJb31!xR>YkaS9T{gFcaA&sgPsf92!za0jg29X~^r>d&4bH&e)hMoPXIYXE9p<@w;{fPBaFf>VSN2q!cj!$mO+1Pti0vk$M7K!^XVI8UX&02H@b
zN%e)$0R#94%coiA>bB6ul#FE~)A=lu>`Ik3yj+cZhrG|WwK-3>Uq}0x)qQ+n$SFIZ
zsn;y}f3jmb$W%e$P)0lz2v}jsNXMzUHum5Dwmi9eTS1um%+{F*P&-_AM=60(omUT{
zlO>V^4X-JNZ+&ZJB!dbiippmgjYWTcL21W&I1=kewj&W>raG#7aFM<2DnIIPU#dY(
zVKU=d4hC?{P8*S>d_Q@M#P}r@pl2tMAOw_Uyrnmh?~Sq4Bb=m@3H@GN=oBYn@ZU+}
zO)zTpR>UVkOZV;8LUCzZ?aCo(g)4z(8gzQ|z}Q}6?M%VL-S9MwPDcZ;;!FFQD<|56
z!djntwcn{bIqy3=o>%F0^olKpMz^Y&qZG|4BHqvxtf+l-v!way4uKMSC~3IP1YYbi
zuMU*l6FY|}<#`}LXPI@KL4`}J!RkaNu0`xU+O|H#-Yi6@*nwT&k;91C|ACZHd}{|=
zy`@M_qgWN(_Lfk<6xuna{?BJrTTdOrCGXpRU=q{()qb4uC1e(+qfxt@tNRV>FF=zSxgs)@(vEE57KOCJ`S5@bE@n&~i88t#RO+Ng-%H4^tU&ot+{QHbe
zAP+$|OKoKYaL%8N(dmUP%96x_nCFYp>aVg~rJuBJIyNO#%VU{F30<4Z7wh)ciulx>
ze;l&=Jvvl&K37rBQ?iCQ?J9MqV6osf1@V6q1VaP6mucTScm`>{xg^Q}d9s
zFd_2#8Z1XxHOhz7c6@bsP+U`=k{d@$_nU)(?!0)vk57UG#f`|3R8d{25!p63tk6a2
z=~M7(V7C9}dpft~DQYYdUh~~|{vTF{$Ga&!64h!(g;fUOq8|^xijg(uADB-z5uC%n
zSY<|}>YY^j%!ox)2#L(W1!k=^n7ceViB$e1P5`NWGSf`G^j(7~=Ek`=T`^rPSSzm_
zhR~PO()%6`{sPDbJK7{J9BJc(r1OY>zyInU4mxsK^i0WWiFu2^?_GfniO4EK_T1Fd
zrMk9c>7`I5d;H6^@y2Y8#lr9;Z}|&&-E6}y-@F>^s-eegW|1xWDV-D5BvS8l6}b{H
z6WpB0pH5P+L#&##GAWTu0GGK?zK;tb9yG6kH-940*Hb6o6m=?;m|o^y0?Ms_y$k>T
zy69eFSk)cds+=&zxaOGSj-<%M+@a0IH@S@1c8N_CrYACV@N>o!LwblIw*qEour&yU
zeKg^Y+9i0v=dk{~IxKI#4A)@=U2{5<&b{xG}O#M(OQ+21+}dIw)}4t+-Xc=eG2;GuAG&anQW)~u?vL7?qq^M@D97k
zh;Y=*?EeO*bIYE(ux#(B|Mxa*!Q4@l$EB{m#>PxZt3f}EFV4-$OYg_Or{3cSZsyr+
z)N|#b`=6OHVw~OmjncV2(}XfrKGm!5>|+qRcyAPftF@tT;Y|f(w0bmJ)txFc;j>qX
z0SBrvFS-t0g5c!`ZqPP0@z|WT6+8a|k4dG|c=dp-Yki>$9rZ2C+6RlO-#paM%FzouZpH4{BcO(6+D${OcY}?y75`W<
zbgM+;5fPx>#akqtyYhN1Rz$nKWJSSA
zgps0AyhR%00Pq%DzqODoTS(m@8SHz@Yb&uzap#2>&FDH7JYD|+h7tiq>LVNZwpY{(
zE0G>MK(6eh9R#sc~?9j+Mg?E#F?wBkWZvF+lM0fmliC9m{QJt{`&!jEbZ#t*)
zO8o}x_<-{wPPs+;rZ*C?3iR?0FC(FjUpv4n(Xv44B=g92D1-pi9<&4}z)EdaX1#u&
zVKs}~4NNuEs{1B`w4Z|DtqjPunlRN#xWskYyytw>ghgIcWDJ&{*9@#=Bj$y0c4q+d2!gyEP^trcGz?;>z-?eJDVg|46(r6>(tVuP41hW(b&#+01mj#O#^WG|@3
zHOraEKHE~Xl0nRV<1CQE=7ixNh+mTl#Fv#@?Dr5BsD@%OP7@_$X%u$zn+FtoixdFG
zp?wsoiNm*1IHuQRsTA+^TIel=iuIH7;e}5GT2N@SMvX7AH%7ZiEUBrv!Vv@|N%$4V
zmOHmbdDhl9#wXOhd3c#zzU264wpXJPq$~0)Nw-KANAGU+v#kJdE)c^GqOqrPe~xuc
zWzu<;+;d1|^q)lIPg$oG+MZmfmB3lpYOp71s}%EO4@%C{e~Saon~;`7_|@Ik>AkDb
ze+^C-qhK7S#KF6Gph(^C0$s=*J=5q-oTZ{3gdoiRe*HyafaP+pXp6zsoJLaOeN-PN
z_To)ITHqEF!hLZW%Wm^N5UQ)OOV~mZt)lJcB%OHr4iIo5g2D?XAS!u9rq^Hrjgp?`
z6_ahc+ed3W`BaNeZivs6{3s{afn49IdPU@HiI;8PdFoAYb57h2@w8*#UF!P;YQ^l8
zX$|5+(|_JDP%vcspy#9}W_~J4o1`GLz~^)UGL2+J(JX3uY*q~WS9xI|UO|bL@|b~T
z6w6N;Tz)2IPjX{vR{MGkomK`IkNwEdR7%3It>E`OF>I%2%({~VYafiBRx5SU`et%ibi8ofHwI=V;TprSlDcV
zS-+Cf6xB#Dctxne?EdA0HaLqd{M1&%{3h+t4y_V-8i*;g2I1O?Ht#=gG_nO-Fu0h0
z=mGAXTS#AQ0g1$Pnuawl_K1WKRCCLU;R_^5+K1jqg?986mH}K0u5ys^N3G`H!wW=5
zK^_SSDY?~{>MPnHruP{THr=FD5_94A0eKgfibQPoH)ZrA$Al@_etl}m;Ld`(I;qW;
z7Lt;IIEbYGmRa9nPg|{-!M9HfS_yctz(dzRmm6Yav2q9)=M{zWmsIpHH776EX;D{H
zLQ{L?l``N{oatys<|je@-%8aI(Kd9Y>db91PA6mM{&n!Mw6DF(LayL_Pt1ZQeEIE?pXOMWR&5O_{&vzp{&V3)-I)S
zDG!sNC=&&eumuc}dZD}*C-RwxEBU4ItFiBM7gBchKh5GWRV)X(bq5mL2`+{*(LJh6hXOD`ffS-pV%Nu^sx@$bk*)Zd
zCXXKWhpTjhpHvD7sey<;eLSy>)A?*_*tIeZ9SF5^Rh!V?9+c5%b;Dao(gepIn~5q^
zbbiK3!cwZ$vF$#@)RYA`}{(%R=V&FWHP
zZxX9ZUX)0c{uHnDNTJuce*1p_j6ie0f{Dz$$D`#o1#+=4!WS~6iCPUfe9t*+Cc~mZ
z+{X+sC#R}2wR-En5m=}!y85~xlW>Il2(@M=J%2ax>zIvgshR~nCQgGc;&@~o-6Oi9
zB%2_))LfryMA#k_%rYF#)<IYVAK
z$C9CQ&$H&rO05?yGto*N3EILd-W#%+tb2$X#g%pp#vZ0F^3AOJCMH1~gRu$yA-9OE
z?3%>&vw-jwQe}#LCGxt>T3vbzuL5k#Wj~cWevu7q(_$3{lAmGkcYm~TWTzS4t$FW&
zakgmTnq^tGlthxt$-{v8ZK_(pYf(Qlhn**2Bbue>>o_wJvr@yQ>LqqX8XT8-tq7QG
zenq2=CxCiI(+lUeWMEg&wbe#3rPvk8RS7PeY;-%w+kkHx^)odxlR4gIkBlWURD}`pq2cp;UKCN*VbKWXW@Zi}apE~C3*x9ZVbx;Q%r1<>k^cbH+@c1RUy}a-
z`}G}z>uKS>w5O_ey}JElQ_9@j!+FyrtO1-->@iteB{J?gvR!ZvTXU4I-65P3=CJIYXD??es(R({R&=Sk
z=?Bn;B`WJqrr&8>0O;$}c)3+@mLkYXjLs~|>*7ooFt0wPK?~QRtK6-g_6FdM``*#Z
z)logKB36s=KicoX_zwfAy4T!YyL}WqoqH`ac~cltzeuTI3`~tHa!4rXT9Qx552oX&
z1Fg4;-CM(rQ$*9be_Ue|t+ib;(+d*MSZq=O7B>4vql$1&4)HUF<*^OC(@yYmL039$pRxs1m!GgVYt0K+a!Ca0NlsrYJy?K^39R86(1V{KtJy`w^gN|5l%
zBV)yON|`&5X2}by*H6!`1u^GO2uLN0_EOQ>c{!w#T-xEew!^%raLlQ0rwO
zNhwe#e{PYd;ZG3w`wU4-Q}Kj_Hy=@18ditew7^HPJ1F$tCSR#!CTrB(FD_>*t7x&j
z%KU^pPUCNsfOtu@DjIFEHs0`(Nh=8k!>!|T
z#hw`Pq=bN|V8`iLzL-*0hh*F#)hC_B$T5mc$xYMdM5Ss%Zi`SGDqeA-gMVYei}2z!
z)0+ch-l;y8SomExoB)J|_90yRLXz5bsDesuYhSDpz@#{oE7Y6pr0`?F6qSqYqsJel
zX|#n#Kt}2M7i5$m*(yB$0BCR?Qk=LNQ)?Jv+p1+C5p|9`2s0$QO3JR2umhoq6;Ph7
zLcvMo^X(20@${`cAaT&cEjKCG*Kf2g98Z)|Ho4dsajG`Bf~0VcGpOYDAUKYSl}%y!
zrKJ_xX!#U^ZRR9&Q2pbfvnvNl=N=i7#rP4%-k3oPlBlQ9r&|K*Y0mcJ>LZ$EmKyT`
z8q(k?T2;DKlgJ~qTk>Z!6_b_KQERTP+zD571UgOs0Ef7v&$4gUISgWf?LOB_{YL!z
zkJ)r|Rbk_)lVwb(Q`oFD{H*Irlc-53prvEf()y2~FWVi=N(fb-gc9S*j;-rs(PB4k_y(T
zLatVU&8^e>##chC^C>iR5PuA+_io&v#i`}BGRhfwI*NzPcM6S(p^B-Q92F>B=v|un
zEo(M%Vp3L)jD3@{2&-V)fyE!9hbs6ceBP-@zOO7DlYOku-QHXSchQL9eJ>{f*I?5bvVXjVj&q-;P?P`SJ`ae&gww0dvfr+7|I
zeKQTV+B$GS7Ym+}GQ*X~qRBxd>PZ`4yc8hoC`yj2
zUqR^#33KJxpHUqp)e$Tanfd>M#B%@jHYY7RAaR+%
z1+75YbM`{B=T-(eRgdTB=}OT`o^Vb`Kc{Ort0}*-uV{?Jn0l{@oKkSrImwg)0;XO3
zHj&)wBY5aa=or8(^8+q%(jN-f(k>>0td~Hui42))O_t~Dv+vaB65ESvPFMjh;(+-|
z$iMWB3PPJnpi&s9vrdu1;53yw93U+xl9HqJ{o^adS=~DN3pgG?Q`-cWCg;YbD{EOO
z8w>lxoJ~NI%v_O?#ni&{l}R+YH&6~br6p@g(zI#60AAkFR(f1csm*T>g1H>D
z>}hNw4$KqpV>);4VEm2Veiwj0N^#+IqMG@(y~ZUb(eD@u>DfiaSokhJSI)oTJcQ1by1(oM(K){JK?>rCN%&ZE>7Fxz_z
zWCTf78D?ZGi+QeC>HznSXBB*Ol}{T7kDbTzwJ7sT14-O2I9ioESHzA>lG`s;rnDy9
zC(KohY#DbhyiJhxiaf&n*{XBzO6XSl(mhE&+r<|R<+d=W8nfu3O|TxQzPWWe!3a`I
ziag)mHO#lcc#8lvTz3>TPnM+2skaKmz_V(xNY;94)xT>+{9_cP_F&e!?gSC!qNSvm
z$#OKYy633}otdY!r>v*!Qb_2aY=5L9KA$$3Hq+N1hOJspx9=MqzlU5(+p{eS-6Tr7
zrMWDG1vpcz-6cy-))&6q!<2Yq#4fz1W-&D*)Rd)5EI6c-*2Ev{8cpdI9wHf}v9h4-
zI&$Npip*J`Zy0hGLFhEU2Kq_ER*ljGp5z^YF4E6?0%8ZPUU>UGVQDtRm8OB
z=M^xgnR!ymNO7Her71g*71|(w{o89F4&TG#nFJ7$l%Ild6&~uj?HSl!Jw*dv$sfl>
zdU_dUAb1N?BPlPxR+qKNVfWS-*~0WORAXae~QS@
zNIbA~HuDNk*z~-1;-ZSGJqRGIeyXN7aSM0Ac$s;HEmjhBX|@`aTPa&L2E&OHD%~f&
zt=2L;&Bb##;!zAwQl#Z)sC5Tr*qdnGPcWZJNgXbCylA-`+M2@{nqjnwZ$75miVIGa
zB`Ip;pKI?J#I(~>4Lbh2Ah_$RQjY3QqHlQSaLQ;KUoKIjZEro+olK7q1I<+wEK~p>
zjzlJ+NYlB$NGp%IGv_{yDO;*50`~*jC!MD;Jk>okS!X^bY^9`yuV)-21n<+WCEFr#V8a
zQ;~@;QMhHyvr(=nwXZEX>!l9q7>7qvXXlkxzs2amjzan
zSfNYK(P~X7JeQE4!Fe4Hq3K#oUTN5y2EIITuOaM{{ZE@j)&gS^Xx52P$2!H!GQ6`Bg+g*
z)*!%hrc!T-nN_IyGf3){r;YyrV;Ob0c$wXFM=XPn}~?d4=#+%8$&SZ`LW9UxVt|C0wpxj8ia!L70EzsMF5+TP|AK
zJ0#nmc;oT9xvFTN48*oZThE`551Q7ZV7e2H7WCOV+Ec1RM<)8>;hH&i`*oJFRuxNiMrr`2tt!IO
z;?n5YI*<uqm>#q#=3-I_x$@x>_t*vzYQ3Q9@->EF?@!w3$jhA&@M9k!@RWJDBA8St^ZM
zeqz0d-&Dq!RhbHgi+`5+w
z*7Ezso&$D?USQGda$n|46@xP(_X&NKSQRAo9CRW%8#8jh5oF#VO(zti&6IGFBUWuB
zGct~x{HnJg{{Y?{RB-g|CZjEgaC`64D>B45+S_wU)DQGF;yRNp^OFpCj>B)|zHmxQ
zQ}J4cgohJkOxuODtNL6V+w_jLm~{9niKo^r^78QfET+!dw)Xw+UcQTp*Jn+R#0x?T
zZ%N;tv7l!rO4ss2xVCC3cA;Gu-K-?_W*Mf6xxDa{0X$DRlO=do9pips!o%8ec>kvSE)M)n2UrXLZ+vsG-*-}
zwDrF!hDu2X`H18~vQ<)xB50QyR@WnO4(26NlqG3UQdRPi{UAlcbE=3fs1v8G7i*CZ
zmXK0HdJfRhX}JV()(-bVk{|&Ar&u=L6a#f?+7k)fZ(#`}2h;k&lC<25?qE1oue1VD
zz3xS~f(a!XRfw@5o+0yV51=akv(h7ws}f;G+|ZeRb^w8RDy*i+Cdwya25n{0b&vqrHjgbNTwCt~8iNi)`5pl$~WVS&G9U(?mE)=VPVTwyQ3L#q?7;=Oa08dzM
z5&^%oE{6#m+Q)d(Ix2wz(vhhs#*h)TEV)2u!JqD@q=DDH;U~IKCdnWl*Q_8x3pU~$qpqX0
zAn8ho4crc*@ROwNe!IZz4&!@m9tp80jrN1Kg5kd~l0+d&Hv-?%3bbgliRAMSg9i2k
zR3x-=llmBwf)bkE$7?~7yDQo}q=9{}0d$)}LYKNiPuHw?D$s}==~>k!N6;*G
z-0)x}lvF??=H?!)pcA3dz4?M7QB4wVl7$Ve#3YhajkemtS@i9=Kh_$QDIk>)4`@53
zN_5=%fv|~57TZ}4IDlVA%YFyEB$P55Q-bZM)7~CR(&j2}%gD$eu4-|_vdzDpM#JrM
z5(;7{iHxa63B|D^fwUx?NXOVPX
z5W@8QFw~Y7L&1t&CZ5`Avv&b2aR9B-KIDtXBH}E{#JHCp)-jG5tj*Bdb;B)AM5BZy
z60IFArAa#|5H3OLOm6-madE@=K4%X|ml~^L@Y@o~7qVqgv*wfTb{Fa+ozluAn?e{!
zLro`2LFfSM9H&Mw;`rpOs2a$2-%s|f;uS7qgls!4DvRP~w=C;x$8?m`W@V%mF3j|w
z;VIM5INt^o%Nzkh#dt}|{GD=gUoaOuUig`EQnq;^DnR82U~L&9SwzIkOM6jdgRJ)+
z(4{rHt{thjR>HLhWG9$i+aYI4)6ghzL~qsLz{K%Nau;&j%yQ;7Je6o`#$aXDbv7r(
zQ#ogWY4t2;Fy&&P)1MD9Ga%SbwG(ilH~=7l7Py;-x7Wy-UT^97N_Ba%!}?
z6CW7#xk8y!jP`7+Zv6I)(xu`%5LcyxSW1B_MU?XY01j?#(=hvF@2n0kI$T5z2B%TU
ze9fm%)~Sw2$~>_tQ$@A1{JMz>vEtot&oODA$@zw}idzI>-EGk8uY7GjWwdH-xkZg?
z2|WPb-J_$Y!!U|V$i@N>XcBL>{oVcwv*xI9)Y{vvQ^Ot`uT&)`a}zLXGgW$v?))_o
zGeY`Pdnwd|#rPjcPsM&^897;evY<@?Qmcn2x7Z#MQ+(Ox8Mqu2q`Ai=4>Qm=h`
z#hBA(fwjh$17%XOPO32*cPP@5$v|zEQ>CU-5&#wn17IT8fiN5Smy9KF%`my}>$CMI
zTUCP$gSb)u0902sx|D|H8dI-6w6xk%l2lZqVQ%NzI{OIFs2&}%ntHQay534YDzg5s
z#G7>P+_*h=JAuS?IHggAf;jbitOCuZj^{JB37&iAbcRgei98pVt@%~jjJcMlFxJSE
zXNA72aC=80)2U*eCRqwDEM0FtrChqQZd85AF)L84)bX|^oyFLi$*9y1;md_;Orsx>
zr2Pjlo9kDS;zB|cMU#F$@v(&A?W2dAj->aj`r3gj^w~4ehYCV&pMLQlP^U}JHW;5|
z8(b#h{{V5=!;%(&l@sb60ooN(5wh>UQPMU`Z@SHE%T30LLXD1b&JUz6jY6-?RIud2
zbU#d;bduV8G`>@Dw$ad;Et@%ETc#@u%`%KPSetD8T&-XqE@I-!Kyh0iXy$hT)JVO(
z;k?YF6Tl{Mlsu4i4MT8y-Z|>b77C-AW6f&AiMl-s(sQ3DUCY;e*=CnLf+vtyE~^&=
zl8yZY{{Sar(j8=WcUAJrVoHOGUV6EK=G{XmaH~_)#jjvN{LS%u@%?F7PcSit0g+sl
zCZH=ge5eO#l~7+~ws}fbx{^2P5sfBVpv&$tBxL1ZbwyH+fD>|WvPRlR0wWk~kBGxJ
zXmj<)y<0WWj?`yWxaPKHVXPZitI_frT2&aLtu7j@SEU7+VY`#*A1|73$c!49DAhT&
zFv67a)?9hzt5V%?{L5MDOg;$=4J;uDzV-scj-8;gyyi0)spUdn~P{V;P5@k}d?7GS7P^*r8xQ%I_
z5|Ws*O^Qx_U^#m8X-}8@VwRmtY+H9Ue97;$W0txUrPw5O_lD?7nsluy(uIpCcM(c_
zKAxvnH(q>IsH)_I-*C2Re4)Xah_62;vkFFILpN@bJdx(2=ik&1P2)Mnd1Z_68>$$V
zg8EuP3RKj$;#JbBaBHVh0=Fy57?zn~*-C-~th}8h9r=Wo
zEImDWv?*{<0qNJQJFG>KgKbu)kU6-#9afaf+CY~
zcX1~9JG8&_o9ts6uTtETSg6T=lmd038+mH}Z=sHh55ys@h)WT;`f~+mPfqxWYn85A
zXMo_)r0uA6iLAQJs@6x>)m6iYT<#p3UF#H1P~tc)wm1qMhxFo~hbk$VMwe2D9ap7k
z3fvyx#M(k0Iux;Sx=#fC;^jWqCMH!sb@cciB(I$02SERAI
zLb+1VkIJ#tHt87C6URP(}2XhZ_
z&KR!Z>XDM7OZ+UmDJz|*OeaGuHaRyup3%_wGX&AF9I_EbK$xgJfL*Dt)Z*{Z6Tml)
zI~?gu7+Xsj+IiT1S3yOC_11Kn1)kBewwH&~B~Z*~6*oCF>KPI;&8fy2bnb%fx^&-Q
zV_}{6N(DVLHEEe@Wg&oUlV;mV9E7K@xr!zz&6#XA>y+ALw8ZrDs|j{xxnj0iZu^xI
zHzV39+2w+#(8V7VQf6l{B!CHSX{QRD66;vFa5gwe9@|HnwesUNG5(<9*1q-^u=4e)
z>H`@|5fF`)hL@bwtWS=lFuf@g5_ISFA&Rqt!PhPFfOtXRTdY(w(+P|(iRo3Ovh2i+
z<7$@Zb+u;;_ADnin32-|Krj-HWujPlB4H1ol_
zgygQ7mfYFaCQ>iyzeQW0v~=FjOM_HLJutg=K7PJRlS`^t=0A1K&lRn-s`nSVf$JJ~
zhnz^63jI$APdRxi!zy-Nk_LpX{;&siB$&t1G-X5bHA}NICopB7LV>whHsicpaJB-)
z*qX0Ms$l6AORAYRhtoYU6w(L>aFTvuZH#t!jZHJ?i=N;C3mTRgnLWTvaaJ5w497K!
zB=HTQw~Wl1m$#WNzmWa65f<8&KRmg5LKQzXrp2~BN($&cq{mg_JOzX^6CL6DW;1bf
z7_Lg3g3r|BI;
zur@kqT=#fsqfWFMn|l$GuQJBq
zmWLa~Ho2JCzY{IFd`XI)me3A~8f%7Gls9Vxi*7&>1UPOpQcI+iL|wpZ^}h}7q;&8!
z00wI<{Wv2kGVHYFQH(uEahC$r*{v9b(SYm*g8k6)qPR%j1
zGPeqsDC4S4>{2*4KS;GE6^G%jX|9mSPM0R>3
zZGw_GidG`eELT{h%+n?*n0cv6fvNX9Vc2dg>%Tt>Hw2gopLus7l%$Ft0NXBz4uVbmH
zMv$U?$Q#0V{{Skh*;GC*W$)v7SzqMT5R>LIKb7Io`^7)Z4t^lEk^u@Ef;t%KsTqgX
zN7h2tk>D0o&YmM@608%spO2~!%Fa~rYtPL}D^#=2NiwCdd!<&}?Fu!UxtQG3&ohrI
zB~M#ln8Qj)AL$m_DyvXf^!mMw5GWvDgpRR)*(vSr4}evDqEWM!+mtzrm^kAerjdxN
z?9}NJ(hkf{GPx$u;RzN`sUxb0-=tV`gB(odg#wK|g{7q*#F&C~ODVafYDko6B$Hxn
z13l(NWLZ$|`xN#VTECGPD|68(K!;E;>qx
z{e*B6P{UP?fLb!NYB(-|v$>SFzNK2^d`?$oLx04ubga=zY~RDr7D`8M)-f=AMd4bs
zxo;6+%7mwxbgiX^=D_~|Pyk-h&Y|ZuU13DG_~yt-G{PM6<6}EV=!rKH8UVQ;+a6JI2vx?xqh~>HXWi@BWM#9
z>ed*VnUR0^9FpF1=5Uo3epTu>!n(kgm}6I=N!=k_
z^)UA&vwi#>l#^INboX1C6;(`1)Ei1&X(4vhmlAgz9yi_5eDJkCrr5`mT
zpOwbz`1X@ZZPK>sRQ~`u){emryL+4UAORWj8379N(RBf2`^QGI_ETpJoi=8DOjGd`
z!zHC9#|)$CQVALowOA3<1I6MS5cq4Kk(X^)Mz++!eI&Bf^M!XEY~pr|oGTHEh5-dj
zOB^|cEo~dBAJ#-}us`AKCBnqh-ePV=Xcon?t0&
z6H=I!Zk)*n)E!!`}{@Yv+kwb3%2js&=Y<;4vIGQ{US;D7>ag)^T6;tErA`uw27
za%?GVw#@2$$!7sJ028u7?*_(R9PoxRl$x8N%nCBrg!wMYS?OYWaq^FG7+TnAxpK>h
zO4|ttvW3FFzj$$n>ou$<;-13wd8%nw%)xN3T>V=+S_A(8OgaXMD5WfR`;t7x^+w!L
zg~hVA;aQBXG0SRt=$WBUUMImW0){G*>GPE@&=bk~9paIR^7Rzp{Pq-^MP8Cy4kYy>yMaRa<&OVTnQsr7w72+
ze5Y%ha~tksWaRXllM|GNf>y(d*4R&>f9)8YWzS0ZUEG<Jd(8FI5WS&HB
z6fw&9PK&8=ABAV|Hee3E?1%h7oXj7C2Q(nVVhm|&E+dADSP}redDIjh>vF7-eA3XK&Ltbwfes%V>$
zadMNA&UvlPGMx@KtK1Mq`yJxSS-OqM9eK1L%<|X9n=4`>SFjOf1aBbSYxy~!5;>tE
z{{W@=_>)~t0|p7@Uv~CnOTI~Eh@diDjSXCe#q|-64=^7d0(ChWmN^Y@Y1uB2_9Vf
z0I+Rj{%*?a96eI9@D4R$ns`vwr_Nma^Ji&Qhhf7!4gjw+AiARK&M`o8>zK|6~5d<
zLdD4=V+4|)a!nyB0d008AJ-tg*Pd1C2F0RI43G|D|GR@z0$
zgRP}Dt1Tp7k9d)J^psf*r&aeN8Li^rQdPOW$FxS0O|_}LDoN*?_K6Vgu#>qR0qGIk
zBv{=-4BCrUza0liVlIdkEYq7^WGdW2-gfHLkW>#Q8Z@M=1t8p>ouOSy3HQCbKmd>_
zX31636hR$2!mpOrvI*2Ju^mh_CeDo=d4(I)>WCdWkql8JUTVZB4Zox$Nl6J8P(6D?
z$8G=|fFTWODhd}#BFE_fk||EXNjDGydc8aY);s|g)AHUueFW$N{_y1`>u4i$Xg8f<
zruQd^C{Cg3P=w1tM#p2)7J)wLbST(Z^@93EOk@iMFL>Um)os`&g>Pz#_HuP~L9g
zKyTEJAnhqibPg}K(j<{cX~$ecPO8G^N!w4c?-3w^Mw4Wd^8>s_2JN(o454P_VZYHslCdcUI@-8vr{&
zSz2@*?x1}}4xhy%Yo~~GH&i3BBHw5W>DfHm4o%W_^>i==Cf%5`+M`@vMLL;68MJ?(fqAi5O`pGc231+H&+Hr+<6L2OjL
zxac8@K?|2ftgC|r1a3rmX;3?zpuBDE0-oqj`<^>P+G{1?vwI{%4Og|IYK)Wc$^Z@3
zd;35g5dxeRJh5Uvp76!ithEumO*r1P>rUp}c8J%|2ePjcG~6aC9Y6(Jv=q0!`d$d_
z{N)eQ3>@frgFuUGs^ejJGifD9ZS4fHCtAUP5_IYILrL=yVtE(o4w!K!Q3bPgo9+GK7UmG+Xh9yK!hz&=fl`pmWi8u{k3k7K
zMq%*NE-gfWfqVTUw6ZG<&0&nUrcsLpx{XcoP@N$+P)oMZ3G9$AezD1!cZFAva|aJ$
zAMi0KV&CK9Y8l0jyD}}sg^o0
zb$R&(t4U~@WIPu?=FTflI?Zat?319;r~uL_iB9091o@78>Q=4COGOfHXU}~tAO4*u
zQic9w{?Nvn+tO0fvTZLz?t$hwtD7lXsQ$N!RvAL(gH5474%&T6QQWJ%b`-SirG=2Q
zW{WIYUS9I!xl1uJCR=gEpteWILUzyxZqU4#E+9OVl{CHx;0Sis=D-aWw%vW9(NR+<
z00f~vk!`-weW6l1l^;Jzm8i98rcmmV2uWAw2c#{9amF#qr;z3zomE1Ji=|ZAzghr2
z5>Dy%A|Ih4TEG?v5#+Mk(PxkxNj9>&#d+xAs%}YJa8;-(WQg`k*l=Dyq30zn$~9p=
zRY{wd=~Hc`Vbq&?kglozk+EgfGDOvCwaFAL1f){wfGCtU(m?YH4@>MmqBz41;MvNy
zVd3g_7j<$ItDQka!vx)?jmpjYTKjJu=UlGSGVcmitIo2PBxrKFiwL%t7M*||>NY=9
z9v{*?F_d*Ir=%yhrd>_D{zJ<}+d(mw9P$mgu6OZKi~j(O;z~AO(;f~}srqVFeH)K9
z--g-#;xZ(Jl7L5{2U7Hl*&~y0q%x)|dZjT@tX4OwRwmq?nAC4#vv5AbC+W0l>h)5Y
zM5Ng>^+&@=S~o2>`Iba_T{H~CXxkXjG<^B`;JK+BXOOsYTIYt`zjqSV+{M$nHAFsk#pZq;&7^CdkGCOF22F4Vk;@*OWYP2N#fr56c0l%vTc-tnD-h^s1%
zLyp9NKBw@Ww7M8_4>d0=6pQKH{(hH*CJ;0zYupQw1YuxbS@m!%Bg#p4R`w_V04*Kx
zHeArvG;DeWx4476l;{cA9&HEm3S3HUr9YUbnDdPX2+}UE?G3sT2uUTopl_&wzqx{`
z3Qd$oi|uGwGJLO1!cnpJgw};F$TuU9N#OQ|BI$xVU^GUa2;b=h3N7jf{3TQ&}qpf850e@8dyq*QboY#@dZ`?0D`Kx>p-O%Mvzr-cHSjklyNE7CilaGu}8nR
zv?nV;RLau2lc{xpePk--XQ28++S;iveUq}=FG)5)wxE^Ro&JzQ6Xxh6P$Tq*3%cFX
zgoK2fBn|+BDX`Mjdus0jo!cna+VveE4&O*B8dd#b=KP3w;4UiW+e0fjH56QsI6XuX
zuWK(%GSt&*W@Wb4%84Z^8imfp!uWc>i7-0Bz;(yzZKCB;i~MFBzjUjQtT$;TO0vh#
zxc>mW1IY5*1w4~&;wc!(23HG(VUj*R&?`c3H1KvRcj2>h3M!2<@-!y5OHm_XbE?~>
z=h`1sGHJ=mV6A0cVXS3LT0K(iI+FT5i3f8Tf0bm0)^%zYx!w_%ROT0)O-l(>X6Q8m
zzPTp~60_M!;P>J)4I`n}o!0K)wBxA~=_pSsUlE5Ve}&iOAEnQcsIxYoEd7bt{fv1t
zAwXEAL#CBp@vhMaTHs0Du
zxQ#sV&dm+N%?y?oUdyMlXEv$X$3vaM`GngE#LP4psL8otii2T0I-bh6F^6VuUA>g`
zwxt|O=P=az$&j2rtq43Y=dkEvp+7A>N2pV=79J~W5lK9ivKj?SeJB1>fZUVE-a79M
z;*39^8Ff&Snw3*k7Ez*pLGgGT4)%{fssp3-MxvhPH+#(-*Hr_*P=_Rf&KoWu
zo~64$eRJ~1%aT#O_1w07yQlg^qJo#J?u1AM%)jNAN)XvmU%#gNT*p&je2B}64GlFc
z%C7$a5@9}K1gzWXVWhWx!A~o;$7tpk>vB0Oos-kKMO9}KVaYc^X}N}!7+O?9*1}iR
zq=eaDufIt_jYWyHns80KmTZ(gLG7#UBPDYO5rn2+4NS>^w5QLgX_jqgu+%~QqiD*%
z4ta-{6`8t)Cc8_Lrc{VE3PYORVa>NcF2wf{n&OWaIf092TbjePOg%$tT}4ee@|QCE
zWQ$yIoBg9at7EKjjP)^y@#S)Lb1qp3mv~AbT>OD4+nC3!rNrwq2e>u8+uP@=yBpz*
z0L}e)E|#D0=Yi!hB=uhsRZ}QulvebuJ{gq+qmzk;1=W&wm>8z%0fnx!!(Df
zt+6h|ih`Fk+kS?U4_*DDDn}GGH%O`0@T`M)rkzLD)6&e$7S!XY;UIu+EI8|E$Mc&q
z>J@sV&I_Q2DY7i3E>xbeL#_fgZ6lq*+{9i_<9Bke60(=lkMNyU#I-)ch5VK566pSh
zE#dtamZFeW$m^45W%1Wv5oH9m?PT3uyRYk#(3$a(R#R_(4$7GjfR8AJ)Kg%t#U(c%
zPGVOmvu!x{6;0A=bf56eS;8hH+n0aMWzabY1PdOviXMFBtGF_}FeF^HA8t&_hABv_b
zrh;o7R{e{-OJeL5jOuh6&IFO4Q-9>W=LXdKWRR5sYhJ^P!r6VC(^;R0WCXqpnx`-r
zQYI$Cfo&s^bq%#&r!hB*u$2!sQH85G=AOJb@<2LEx)kz?LGsiOa(yN(c)u55{FtD#
zFI9P(1e*P7(^EiQFc#AK9(TW=4>hM4%O-cbvYS)z
zwI07QFu932N%@7$sHsji5*sKxm8+@0SY?d!*9zc&HkVBgV;bWP=tPu(N@bdqgc84ZP(s`lSkmH!(_LWlTLiEiPP1bw4%FAPe&i=4P9bm3n36
zXbmKgZyis7=4rV(lvqBSi|W$UNt(pM=Uxt-S8>CrB-jyPk}r7lTuiqKryk0|-~zy>
zajJRiO6P19ho*7vh$1jEcgPd}B+iHma1&
zl`#3O(k2tBA%B$I?reG($!fkJ@s(RKYL(15^sI#;hgTvg6D(^>jiA{|UHvZ*0+{f+bNipM<`PiiK;DhHRmNBa9dC5
z=Scbs*mR0sc~&uQSz>w?GQtz7GBs2gN$FX$sgUnR&tRd)ykpWe$FQYxiHT)Oz9x%0
ziHo4vxQqJH{{ZBh$6aImF)5mO2B%GBN%E_bjn!$2DZYnCtpnQDAj4v~T{anC9Y$Z<
zc7$*j;)a@`^$`}|v=e-}#?)-r!KQfUhgBf6Ea5!bkY(n`T-CBby2R81of
zWu6~lNK;SFUZF94?WmJ;_7{$9oU5+4i0gI7$nz@mihK|BgQO48U+)`6KdOoa3UR4*
z6uR7#Qmr8>wStfnVbfwsj1`tViDpoh6)7pwN#|~{&S5Pw%Ovg_pI>FERQ#+A3G>f7
zl?5YGP@dc>9DGi&HU9wl2##&_jt;G?0=OnTlCgAtYj4^*pt2O7nA3WeyOz=}cecVS
zly(hHs2`XrzVEKxPeJ;_nuCcl-a@VxvH&;W4u4p2NlH-4+-~7_(64KDfOxu^Ghj-w
z%WUgmWGd?3{{Ye>vdWcFt<8Uj=yGeEsLjtUVLcg0Cdya(VcSbjpxmf`HKSVab>vIq
z{L3q0269%Cm)Ti2(3ISeKBm`-6|%Z0OPjb;)BDQU{y|_YJuJ$za~a98QU3rqGM7UL
zvHYp(ZQtGwT6
zB_WS3;7;HH!5?_aXM>dIos_CeIZU2G(z$t{5TJW+7i=Y)7}pBA!<34;Ycz+za7a{^
zRD_FcP_Ql|O>Zicyh4ygJx~LZK$1zL*tLUZFTsj9>Pm{){a~JIIPnZ
zEkV@fD<;dFy`IOCj?^6qm&0-DY1W(ZEI5DKkVx|J-
z1I?=GWr8-;kIYFM2-)PDmz0=Y7Y(+F=WzUzLsG5$mRfx(*KI1jx3$b+xC<QV;bJp&v%2>kVx@nH|F0Y0qD>jrfFmMU6w`Ck
z{-#zz+Q+5+;-;p(8j@~ke~llcYu#Zw#j
zXH@i@y-Novs%1_2WSNR$*Q!;=I<1xTi`1PU>L2X&fHaLRHvT?i!AB(^lxK|Ha~p|E
zjrmU`IML{#8~*@@j}p^)Ui`Kc$B(;G!4EG?w93I-l*Jvs?fZ1;+Ax}=g!K-fx@IAg
za+gqPMFpopvXA;z!Mq?-WR$#}ZJm^oHZj&s6cx~AeVo^N(EZkEFNxfUUCEm{B`rAE
z#~Ea{XA?TvnRZrO-Knre!;KyS`Pwjwe8OfLQro%|2jd}QN|1VmCy~4{$d3^9Oq!fU
zCbnLy;2D+O*>9Q25>L+Gw{h3&&qrofS5qQHUCID|4+ZKQQw@
z3n@7>Z!T#Tx0d3M0JcC$zfw3?Sjsc+B4;vosO3h9=Fi}nrCp~0)Vg}qZW~$tUdQ|M
z6NxbE75OlQ6}39S1&7+OQZ2^+0C?U!Kj(88=26V6&Q_UrqP9yCGc!rBo^Hej)K1#1
z!Rs77Z3MV{hN_rcA9=rV-|KA_?KMMXZb=Tj59M+K97xk`l10Ji?+Pgw7f%K>{PW29
z+?uRAF(ij3aD?N(@Y4hmxi$X)_MGafMQN$=^h{Wp@
z7E-J~mKT(oTLgi+PR8&BDNrRRXhmYcTK4AgaO$AhNxHP3#cbRuJB#rVk0hxu5Ho<0JFMmE#3?+PhtHbiA`&#Z4E$Qv?~0d
z^1|3rJ;DC4*`=pY7dM9u%mm#ky{)nB0Er;Vkdp~B!Ewn5>;Y4+8nUI
zN|IB*ancz9bfsYR{UO|`DOhs$N_JPjv_|7}_p&msl-WF{4Yxk=
z5k%0ONx9`IYbx@{78d5v{#o?9p*l*G4emKG)64P@g%Fioa|_6@xru_5s5YAwYWM6S
zv)!$fp-Vi(%;d7nvwmoGHVXs;`ouidGIm9`o22hrP2?M_o
zF)uk{8CI18zJhKHMViG+Y{6#fvX$ssZa(norwRZHAOLoW++#ycJ*3uUS_p0BgiIwP
zU~jRvPSIURx()5`?Gm(ss)@}bMJmdGYR14FzP`{^ty1fh73HWh&L)pbvwQXa}0#2@DV#=CGsDr^Uk-6V^U0_`4;t~eN
z-MNB7ge!nxRGlOXz#Crhdud1{-{}b@;kNK#ce;5HOA
zI8nLY3t+2Q@9zV2NdlcIxZc7nwDcC)X%_5Aw-E$cH&3gtK^Cb5g*26b2|qR99jHhp
z97w*x$%vV&7ZgbxZ4)mnt7IFSZXyz*3R_;J+#a@qVsfA_bsKX9v9Y%>w!u~dZt>!i
ze%{^UR0x2T5q@Fw0^Dy6kT?F(Ak$$fzc=0)B$|_`5xhT?Z%YUS+;0q>B^~U0M5ApM
z+CW&bw-CiEqaiJYal9cm61Ay7TWEBaOPe4NZF}2@X80)zBFeS*5XoIdEDcIma}CHh
z;CqOWDN2w{hOXb<89V4dULcZ0vFprvC@VXS-~#tIhZ5=3pf9HIl0qew!A{UeSkNwg
zL%8V@tsrcYY&x4krkJu7rpi!BA`*KjFl-I?1Bmcd&BxXVfppt_py^KD{b43gWfA5Z
zByY?uG6Q!&H@4)$5@l)BQPaOzBEruzpOYS0ERVTFk+STc7b^~J
z{w|xHq_l~*CZ`x{(dUIFB_yl)PS%cf#F&M=#>aK6N{M$QsqO@^AlXsW8cx8dp7tm2
z97O~#sm3I!aO|{Ldibq+k{L|a4a$pX=vf4S?+RBoJ)%}om8C#f28jFL{h_qmDL_GG
z02J9Nw)gt?iDrUO%1z0((dbNWg6o`nhRIO0gy{oLp3tL;)_{ciQ?-N;08|L)-W0Lb
zc(Bl_lXSCxB2trc&~}BsP)WHc`JpDq;R34#6L4Xra$;eMTGJ>V}X8^hn!qynHt|Z6x2E&VSVv|QI7YVVut^s~V+x=oY#V#c?(>QklNIVJ@
z7g4N)@{R1;57yVTZqLAZ@KVBn;=dlZz?;GNLVKH{q
zR-7hPv%Z;RdQrbkhY{p>U>LqJHEZ>3eU|w8`GwO|Nz_w_#^>mjOGPcHwW{GZKmz7E
z3&WNf5_H<0I;*7;$Z;x{kZ`Alfc!-!{jFeQ5RjtH;u^&&fl5P$W~TC53TXO}l6`9S
z0A4!77|KcEx;+~RQJa}|S#ru|R!&S0Qwa1(J67h!)JLuUioFzeIf|yu
z=G?Yc*5<1@fkvoHyNoYcEP#LLKor2$893FSf>S8`_s=DdW)Aj)dJK2ogtE{7!U
zT5(F;hZ{Sl@De^Du$@|^Gllb455I$^)1kIxs%?i@^8QdYSZTj~;f-^{X{FQ#Ajm5F
zv`O865W@lTsb|84^o4_KcE1;ncA6(r5M6lP!0ysGZS@(JgP0{2BID*3D~hn5CBZZ6
zm&Fv-C8Q$hotGM!Q2O*B^oUAF!#@D)YS3yj^5t^w
z-)%}sxciHJA@y@0@ct~OxmU`Xw4&Sp05nSn1B|$WHvs&|KE^vLd~MNy+M%ZcH3el!
zhk{F@E1sPH05MK#9C}HFrJX7&E)WR>6#oEtki=MevxFxcr(%kGk`t{JZ*5J!kIJ;G
zfP09DLn>sD>PincCOW7mj%MA4>k6hPMn%GQ7UCHR+fg>RRY1C}ND0zH?|-x+tzp2T
z0SVvh3apoOxV0A2Hu}Yjg-|q{G
z2(Dl+Wbk<=7#pPKE)kd2lu2U7%v
z83is28-v;k98z{~uOPs(Nm;PcIxDZ%3{(>7)}15^?GJq{jiZY4E?g>5(g6KT5l;DT
zB`0L7f_fi#a*Gq`+}mhP$yB@oP5axov<=abaGR~dkZwIB@;0<1b#+3CJ8cit&==AH
zDg39rB(;{oP5no3A?^@lO|ly-W4R^
zN^vq2_efK-?u)1(e8sf&HsUDN%?&(xrP*jgC7AXV?vbC8Sk_nkFQ1rAs>_e;#a5Ev
z;~N`Xfw)&#v{U>y%HkT_qnJLaKQDz^K~t|!$`G`LepC`}q6XI>S}zTwC;T{57@e;;
z+qKu43Y2X~^QRuT*rfx2cHHq8emwCrnHcT%Mi?^qI*!W9ktR;JW|Po7ugVW$ZexOc
zb(N3LMc8J#osWR^qZZi%asZRuYd(O{~q&I(XP#$=~$6b0#j$
z+Pvmz%;tt&;kPjBZ8n2ZlyPB8s3V1`NgI5SzP|=q-&@x+=sj#gK
zKD*d0D&qRBvESY)xZ^0Xo>MZ+{Yk&^1punTvrqM;1M;b97wO63E#dT0#_}qzWI7w{
zd^^7OwxJAYNSaz@Q#eXc`>N7~8xo)C#9V0D7ZYM^Ox7K4n)My@s68<`G@UJ>l&boZ{KSFw
zh3lC$U&In_j6Rm@EVQD9EiMM;q})j!mAA$wotswH!d_Ztg#Y1tlMBHc@W%f2399*C#OiqlqP@+Hrbx
zl{%4NtM#~w%UGGbz{aj&S~y#Bv`KYN)RyW!N_3Ax0QTz>jY=_3M9m_3vh0M@YDeLu
z1%b`(I{U;e6AUvz#R;txUijkqpup~(vUj6&yr340XOrE3&<
zmeX01WiKQ8iR
zj6B?e>h85ttyIcgsJO54rRCG=BIo4-GyKfVc}mS&6j8FKa(YV-RGvVp)Drr%%q;*U
zwJs0Jk_O~$7wKb{8LpMIZz3mJmX>zbx<}^I$oGs8N{PwmCo8j0RjRL&r{`vstxhcSvDqWA976K)tVl8$lWWOr
zr{x>}0O!^Pz>wa@Nj-Zb+9k4c7$XAa
ztu}gjE-IZ=mU5ju(hkpGcDC=TzzCks>Y_1(#Sb2{MVg{JEjp?M`X6khEg%xg#rd^}
zzr1Ed&tSz1fwN!r3qZWoQthZzAcT@q;!@&N2vQU-2#0kk`I^dP{{W56IZ$RrqQtvT
z`jXNJvA4Mv-W!rahW8u|pt{nsP(l9yP#@AeCpE9sg@zpF9Tvags}eU%tkf_okEOXv
zwdN@)T8Z-CLP015{{S%HdqN&1@X4iOS~fnDNp4oI+9{PZp*tdFA0pH{C~bJj%d<4e
znM$Q4MXA{*kn;)#+7y$v{{Xk%I|888hIHkU-Ir+vs_cneyF$mvpKG!I0H__KfW_hc
zGP*k0$7Ja51<+GG)kI@<>y$A5Dt|BWJueo^0<}p#pEa;HRJy$`r1#k0>m5~^m?f;m
z%j%UrjN%`9X{M@_NrArYjcG_e>AG#)#~xD_@}$hIS-<_lU1f=uo=u2wY;_NR-a1di
zE-IX?;R)O__;zBUhG#tKSB~JzFL2%agVVGYJqR%}wh?zW$H_Gt&SMj{E19Wtzr|#b
z949$4U#j89%*=|({{ZwQpO?LoZX&CmIX6+l
zQ&lW`hWxXIrq!-~NyO=PS=A^4q@JLYc%tRbEM5@IY6Wshptjw0GIL_~E;QlLK^<&V
z4ZWi6Nsk=EPF`GjsMz0Qs2Z(1Ix(Y|7EM?K1W1Z0#O$tmp;QX7UZq)SPrP8vN--lU
znORhnG}1y6Pv#v-_dVmS^S3JJa~BN>Y&P3Z*YMoxrX>9EP#$j9TV(XVLmZPc=B4GZ
z^A1YB(!95sS@kxt^8;j|>MW;S)1tl<|(!8{vRe>XzlfpFB)p5og
zmQy9hQ!-z5R`jRKNl+)+;utpF@2AwO?s~?Ll9Y2bQ^qy76jIebNvTm|ajj%4kEC=s
zjKZFk?>xS$jXY)YfD{I6%pl51Frud>CgxJ$SouSDB#V7*8Plzh=_G{Th|zP2L}Ln7
zHI%kfCrtC5Sp2GSS4w|Ce^{W*H>h7pN=I85&%s(7N*#UFm4Nk$g{(-p-UTYspb`kS
z@Km#<&=fsGeUC^{dQjW0>=1;Tp3%N`RN53{#7)j9Cw(59gTadgl5~V2AO=#MyWSwF
zvi@P#n+<1Ljkt-)bg2!fER@+>btFW0x|joM^T5qYKPl5sA}Inl;kB|$)T7q{9P5>V&iA5E{nQyR~Rgu93^HdE#!
zjUl?tREm8^L9lTlDk(efwv+nCK$jGv1-&QsF}H`v=^+>3sZQLl(HZ8EILyOtqy()6
zD<^|^>faBQcj~!iNlj#>_L-V;lUeJPcYPn|tD;w9zVzQx6z
zDIc%&j^V-hYFjU`jvvFb54M?V454zTGo%E0qt@z=-)QGLQ6OzNXxyC^mKqK2xc3s#
zTfvym5aE{Gx+EuEEeqTwm8$3;q2eOn9}<)y(3e?B)Kaa)Jg(w1i?L21#LqO3{mOaO
zGEzBY8zB9_i1erPx4rsDSx0|oW^L>~iz1}{;mW5lt}w({3ZnGZ461x7bv9hQ&@QmA
z*KykSjgpI=_*)z{D0!PI{t~FpHc)4pQ8I-?s94=M;6%;FQdP>pTZoK%TineHWI&xbkD)8GiNt1T7meny|rOhQ%372_c#VyawQsCQu
zY-2K`;M(3W#S)lNxha}UzvtAKFy4%06`tF9tw`jh
zoxq(BB-c4HB(?&*cie*M_)w1TM-3JxaT$!QFUACsC
z!CF{zrTV2OzV?f*bLDO}qSmT7y~fTZr_Q@~{EL_6TIi53Z5>6v@svE7dZeO*sq-2)
z1Qgu%u^-kT!7yrCiYEt<=RDol-v0nyJ_)O9=8jR6SPhp^)FiN$YDq4MiezQqc}NNg
zTEbijBhuq8jz?(byv)cvOP8#@QKOY&TsqqHspgUY01+&a(Zu!oh-ZfJPxvX6({VCh
zs9}Pk@Y9WwW+{Z7^z|t0I!8j%GYWo!+_aTsn)M28vZ)+FCZ92SHuOH&*zK|V$3FNg
z`a3BRobm5t$HTwpw&7^SELE+$w_IA&jl7*r*=Rcv_S_K~c1UMsUn8r5NiI~dbkl?Q
zg*#QtK>q;DZ?O@t<6McP=3t$z;MUurRFF`%W}333=a5FpP#d9lAMYH=T%uL5ePvXf
zS0L>+rrpYQZikcn$X5hMRY!_a;?U(A@oC@J(})U;)bFNtVYfBi8G)CSeBQ%sW9+A%
zmz$b!0cxN0Qkxr
z+SB|}lA?4xo~lP>+k^eM>r8Qhu=aIfmNOG6ClN6^P*%3U0ZS>|w6V%oIEyru5@9b5
zalA)w`uBJ!{$fkgyq>1g!Ridj~HVbl(>%n-2+8Uuq-Zk4uSgeI)Tl3!IYJ3mc;6js5Il4eraS==Tto@-~6>6ghQN9hm%tb
z%}6-8Dx9efO1#y=lHfN4TYK#t8i{2;Mx6)Jjdk+RMQZaTrG-CC2R-6VJBqMP
z)o0bPsa|Uu{P9O!SsHgUb$wZ5<
zL9w|P-rXWbT|pYbH%gPS_lTfwN`~;eE*8R4N2KurP?YuLn*u#uMd7Q3L~jn8UC_N-
zsC=jULqE^zy|2s|7YV`?fRurIB*CtfSOIt{y+Zs1{_qzU)3}9XV566AceEJZ;Hcdr
zr+7pFg;?%+yc=DJ7v>{yMSHJIg%Ar@0`RK|wcNL*BlR$lN|vZ|@W|q^Tq%*<|hYjRyth
z8Zd<9sb)aTu+qwwt$I|2D%bjrqawA_^?$Xxvj}c(+N>8HZf0U$X&^3LFSyC3$rCLs*r}Fzmb#`#hR_c>9;-f7!IJeMr*qvLOkE|gom)J^_l2c*o?FSw5
zi=ro86^ZJk%=Hp_Qgd)ppoJvb2M(Y&rNupLt(m>!|9e|%!t7+UqO+J^JDj!e#Ko@kfP@Yc&!INbYrYP?OHy3121SDI%;Utqg8*>UI`nM1tCzN;tH});Uw+Ji2`Dy5bUL}J;
zEuzHnc#CLibpRV&^ApYwEjCa9Lln3u*N_&Zi|j}SCyQV>l&h~!(G4n{Q_PMmy+iH1
zOqVWJQ?s
z88U)}5UxZ{fJ#Dtm#joiSiYmu&_OlR5qs?tQmx*^*p6X^uAn+ZyrV?egRvZ19Xfc>
zY$I#xw|=lSHK53yBh_t)gC<MZ>@Ep}*jPfs!Qc8Am}y{yt8Z5~hfFn1Cl}=@NJ2nw^4p)kycU@t%~G#Rlbd}K
z(z7!GGY-0aDQlGY+QbBl-`+hc%EFhm
zhQh$}?+#L%->t>39e5U41e3ZD0<3qq>E0Ggd~*ndl0ZGZDeDeWuo4QB>frq$?uRHv
zI{g75Bok}JzJ0=t@(vQhuf?K%|8g9S9@zj)U;KLvmLH
zVr)w5AMsWCpTWx|YTPi=cd_ep9M4HBJ(hvS_P(BHK(?^hv&yGDLSu=l7FyI(Pi(VM
z#Pff_*eh454HVtQ1OEU>07o%WX=lrTG%H;G;b_pu$^1ZdIv3et<>}154~UYfH3qhGXJYs@HY1
z*l^KwKZaa1g`%;JCP_mIE0CmX8{3y$9nH4Cv5b2;aTQx1=8bxJGu2u>6_$j(A%elV%f@@pt)vQ-L_sZz4eCYF~QWUWO@A#OMlH@F1DC-KHc<}}!r
ztX1h1GboRRmsLT9G^8YPXLh)ZW>m_`m(=7gVbc7q$zAHM(97xfe#sdW#2ZS_0FB8iunlPA7Cj5}DPW(EwN1ygha<PdZQ?yAwc<9T;qMV(Nu=UG57qbSt*x?$X%lY;5a##UUn;@3UXh>U9GgZWWr^$o
zhpI|yXpcIHKQ3E#QC(Dpos^&H7W}%)-2KaB25|c+oT02)bn1-CR1gm1N{<%yigG>{
zu$pNDd9>;e$M57+qW81Mm``b5AZay1tR=QgqfO%GqJp!_2s_E}ae==^ZT^y>|pVnKZLb%zPgyH!|xjiJ;u_3fMc{
zNLcj?5D(rnNAePSe+IdOso2g_4A6_k`RO&k=emVj!3uC2and8Ds}Rb^#dZt!fYr9{
z+>Z@>P)!(n2ynkHYn)`BF0|XqPNb|}=^T#WL)FSSy+o3f+hBV}`7Pm=MwZJdb26!{
zu#^VcaJ1Rj4aLdc3pwHTjW8Wsd8XSYnxk?SwK#oDQfQu7M2J@o2eq+#79Jb`?68Y!%fR(e1nF?
zC}f6>_xiw0_*I%*%YOrm>65`ApDEN>YX1PJ8^er#lKg%OKhqxWE1lA0pDItGNFu|2hyCKcIpOOuDe8PZht)FLZ)G;}77w@sf44Db
z^_mhdokA!lZkAbs3W(MPyL5$u^rQu+Nhf0$d5oXTW}DP-O-1&SjXPY*C?Z)kIT39iwwkRWF41;#*$&dLA2s5KpWrmg3Jcy8c0ymwBJdC
zJlT^%moq6e!Ea|g#)v6C`)nZs<2uV~eW2*yNnMl&dv=R0nm24h6AQ+KCN3nfNWY+Q
zeqg0-t+EfO6W-A#^GPIY(xnvK3;g4}H24H3Vd(2_VqCzg<~NPP^J)oieaY)+RH-`K
zvJ~si9SpRD-EOO*Qaiz0Y1xG{DNJE=^#_iLc3VyN?t2L79J|Wu7FNp~S(vX&s;uC#*LohXAk3P{^5*9tpFEOEX4t
zW@cikR9~gZ$;XS&TiHbI_JSURlcA1j+jQ!
zEEYkP#N4SWgEF)11}4}{!$Q25QkTa2YYDZE5J`fz){`hAWa
zX45pumVz0X+iN3asDs<5Ji)SYtZS0hX}lSjK1rY|aX$o16*V-wxiu2U)WoN2yA%+?nW+q)LO~tO2
z9#e7FG-sz6nPOIbHZtf)EV$jpiP#(Vk0h*;c!OE+BL4snp3A6KPtV+
zid7zvx}(m_R92aXR^cQmHz_3T`Us^9gMlwL1LuFDPX~g1B~of+r{O2%*DzgCOtjbG
zxJ|tye(>|*UQJR?a$&ThWw(N+G~5BxN=N=}3Dz(Rb5yms%V}lAlcB(yD3CgKh}tD;
za$b5`lUZ=M`pu;#6|q{a@)CN))?}2&kYI
z^}3;Eo4vqC@}BP_d@}EM{U=|NU)OEZxn3wXW7RuUnGYKGh3PB6G;=`EtifN&hgR6FB
z!A{4u=P69F}s}s*7sTm)NV(#
zWMh!M)Z%FU=4!NPWUWTk#H^&Yj}Pop^R%
z1!nz465%rR+)Ti%NfGjSi$98y*p+W@c&Qyp*L8Z1-)P#QsclU&WNF+gl`P322*OELTH8L8eKpPRSFoOu;_1C#K_g=jD}osZdc;t-5)%Jd}Q+CoeeE
zg-&upR&L&V63-NQr{3Ky5Mne;uYkhtDO1j1cyL>OcI3L6RevzBrAkSeq%xQ4lviC%
z+#}{vNIM%wL4~oscM77Q<`1Z@n$=Ya_@BcCe=V*F;Z{7wVaB9s>1YXsqG3dWtChIv
z<}_?Cl6cP;$xGB5LwIhA=>Zedz-w6l082-6^^DK>_(d>fM1XKt#fkDN=i*Ga49nquCpp#0?Gth-r#M_
zboL+c`GP6UCCbd3_|AS<1u9}|@L5U!0HA+WM5S*v^7|}MSbncU!=;3PB$I5sc
zBY5U!>0D9+9v=&&J;KA{v}40u-qg>s$mXT<<1r^!RG(b@qb{roeJ+}7X(NK54b(oc
z_LbqrxawbixriweZo0DTtS}ca;+9R+O^2i#o#wu>ee%Q`*-rqro;eNPr==0onPYGo=?mIb{^=q=JX#;KdR
zjaXm&emkrAVH!eZ))-B@0EZ#Q#Q_D)V{ygH>bKckHCjB22sTpeOZaD#`
z&dMQEO&+XntFv(i3&6E1^xaajnP(>!(q-21ss@Lrgz3GAAFNesm=iBsQE`c;R7oT+
z_^P)(K^nG>R!oG6B~D8=r4?T1tRm!$s+0=YN{AL0-oh?32B?m~l_UY({HpG%Vb>sC
z4CV{LDqBs-zJ`|Ops*+Jr}Z}H725
zG6p21Jmd+9ba{8NAv{FXw4*HrhR}^0{Jd|>XhBC+3$E$QyR56aXxs?M0@pB3P*rh0
z7nQ5XRb=FoJfgN`XHcuDuz$?B;C6{=?25-U_P#1wN?NeORq9NGx}CRM0~sAJ9^)zi
zZMq&RpOR^$gf`K$h)5lRxcWwsK=DV9=?ZNXW+}LproagfwwYz`x1^)}iz0cj&}Z{$^n#~Wj`
zZn{2oW@~wyJwlP8QyipWiXkq_OFAs!c&6Hj=mp3F?-Wvk8$M9q^Aclz#hw=@knhA`
zTu9v83S}-gCpN%HTCMqB8-B5nVoVE*u#;@NiZJx_qbgBCo?#wy2j5uYHfeDR8}(7T
z*5Fkcsb}|yx|ztzbiG46aD2S>mr*Vsn`H`4#nhwHea`W6@hy%gs#T+x6sNq2F{Wy|
z>uVv$%DqWwo