From fd9b0e9afb531be57506ded152cb374cad117d30 Mon Sep 17 00:00:00 2001 From: Alex Chantavy Date: Wed, 23 Oct 2024 19:27:35 -0700 Subject: [PATCH] Add CNCF to docs (#1369) ### Summary > Describe your changes. Now that cartography has been donated to the CNCF, time to update the docs Signed-off-by: Alex Chantavy --- .github/pull_request_template.md | 2 +- LICENSE | 2 +- NOTICE | 4 -- README.md | 67 +++++++++++++------------ cartography/driftdetect/cli.py | 2 +- docs/containers/testing-with-docker.md | 2 +- docs/dev/developer-guide.md | 2 +- docs/dev/writing-analysis-jobs.md | 2 +- docs/dev/writing-intel-modules.md | 2 +- docs/root/images/cncf-color.png | Bin 0 -> 25385 bytes docs/root/install.md | 14 +++--- docs/root/modules/aws/config.md | 2 +- docs/root/ops.md | 4 +- docs/schema/README.md | 2 +- docs/schema/aws.md | 2 +- docs/schema/azure.md | 2 +- docs/schema/digitalocean.md | 2 +- docs/schema/gcp.md | 2 +- docs/schema/github.md | 2 +- docs/schema/gsuite.md | 2 +- docs/schema/jamf.md | 2 +- docs/schema/kubernetes.md | 2 +- docs/schema/okta.md | 2 +- docs/schema/pagerduty.md | 2 +- docs/schema/syncmetadata.md | 2 +- docs/setup/config/aws.md | 2 +- docs/setup/config/azure.md | 2 +- docs/setup/config/digitalocean.md | 2 +- docs/setup/config/gcp.md | 2 +- docs/setup/config/github.md | 2 +- docs/setup/config/gsuite.md | 2 +- docs/setup/config/kubernetes.md | 2 +- docs/setup/config/okta.md | 2 +- docs/setup/config/pagerduty.md | 2 +- docs/setup/install.md | 2 +- docs/setup/ops.md | 2 +- docs/usage/drift-detect.md | 2 +- docs/usage/permissions-mapping.md | 2 +- docs/usage/samplequeries.md | 2 +- docs/usage/tutorial.md | 2 +- setup.py | 5 +- 41 files changed, 81 insertions(+), 83 deletions(-) delete mode 100644 NOTICE create mode 100644 docs/root/images/cncf-color.png diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 7eba2bc2d6..89e95f11d5 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -20,4 +20,4 @@ If you are changing a node or relationship: - [ ] Update the [schema](https://github.com/lyft/cartography/tree/master/docs/root/modules) and [readme](https://github.com/lyft/cartography/blob/master/docs/schema/README.md). If you are implementing a new intel module: -- [ ] Use the NodeSchema [data model](https://lyft.github.io/cartography/dev/writing-intel-modules.html#defining-a-node). +- [ ] Use the NodeSchema [data model](https://cartography-cncf.github.io/cartography/dev/writing-intel-modules.html#defining-a-node). diff --git a/LICENSE b/LICENSE index bed437514f..d9f42cacf0 100644 --- a/LICENSE +++ b/LICENSE @@ -187,7 +187,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2019 Lyft, Inc. + Copyright 2024 The Linux Foundation Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/NOTICE b/NOTICE deleted file mode 100644 index 97faf5e302..0000000000 --- a/NOTICE +++ /dev/null @@ -1,4 +0,0 @@ -cartography -Copyright 2019-2020 Lyft Inc. - -This product includes software developed at Lyft Inc. diff --git a/README.md b/README.md index 8896db1517..bdd16ee054 100644 --- a/README.md +++ b/README.md @@ -9,30 +9,30 @@ Cartography aims to enable a broad set of exploration and automation scenarios. Service owners can generate asset reports, Red Teamers can discover attack paths, and Blue Teamers can identify areas for security improvement. All can benefit from using the graph for manual exploration through a web frontend interface, or in an automated fashion by calling the APIs. -Cartography is not the only [security](https://github.com/dowjones/hammer) [graph](https://github.com/BloodHoundAD/BloodHound) [tool](https://github.com/Netflix/security_monkey) [out](https://github.com/vysecurity/ANGRYPUPPY) [there](https://github.com/duo-labs/cloudmapper), but it differentiates itself by being fully-featured yet generic and [extensible](https://lyft.github.io/cartography/dev/writing-analysis-jobs.html) enough to help make anyone better understand their risk exposure, regardless of what platforms they use. Rather than being focused on one core scenario or attack vector like the other linked tools, Cartography focuses on flexibility and exploration. +Cartography is not the only [security](https://github.com/dowjones/hammer) [graph](https://github.com/BloodHoundAD/BloodHound) [tool](https://github.com/Netflix/security_monkey) [out](https://github.com/vysecurity/ANGRYPUPPY) [there](https://github.com/duo-labs/cloudmapper), but it differentiates itself by being fully-featured yet generic and [extensible](https://cartography-cncf.github.io/cartography/dev/writing-analysis-jobs.html) enough to help make anyone better understand their risk exposure, regardless of what platforms they use. Rather than being focused on one core scenario or attack vector like the other linked tools, Cartography focuses on flexibility and exploration. You can learn more about the story behind Cartography in our [presentation at BSidesSF 2019](https://www.youtube.com/watch?v=ZukUmZSKSek). ## Supported platforms -- [Amazon Web Services](https://lyft.github.io/cartography/modules/aws/index.html) - API Gateway, Config, EC2, ECS, ECR, Elasticsearch, Elastic Kubernetes Service (EKS), DynamoDB, IAM, Inspector, KMS, Lambda, RDS, Redshift, Route53, S3, Secrets Manager, Security Hub, SQS, SSM, STS, Tags -- [Google Cloud Platform](https://lyft.github.io/cartography/modules/gcp/index.html) - Cloud Resource Manager, Compute, DNS, Storage, Google Kubernetes Engine -- [Google GSuite](https://lyft.github.io/cartography/modules/gsuite/index.html) - users, groups +- [Amazon Web Services](https://cartography-cncf.github.io/cartography/modules/aws/index.html) - API Gateway, Config, EC2, ECS, ECR, Elasticsearch, Elastic Kubernetes Service (EKS), DynamoDB, IAM, Inspector, KMS, Lambda, RDS, Redshift, Route53, S3, Secrets Manager, Security Hub, SQS, SSM, STS, Tags +- [Google Cloud Platform](https://cartography-cncf.github.io/cartography/modules/gcp/index.html) - Cloud Resource Manager, Compute, DNS, Storage, Google Kubernetes Engine +- [Google GSuite](https://cartography-cncf.github.io/cartography/modules/gsuite/index.html) - users, groups - [Oracle Cloud Infrastructure](docs/setup/config/oci.md) - IAM -- [Okta](https://lyft.github.io/cartography/modules/okta/index.html) - users, groups, organizations, roles, applications, factors, trusted origins, reply URIs -- [Github](https://lyft.github.io/cartography/modules/github/index.html) - repos, branches, users, teams -- [DigitalOcean](https://lyft.github.io/cartography/modules/digitalocean/index.html) -- [Microsoft Azure](https://lyft.github.io/cartography/modules/azure/index.html) - CosmosDB, SQL, Storage, Virtual Machine -- [Kubernetes](https://lyft.github.io/cartography/modules/kubernetes/index.html) - Cluster, Namespace, Service, Pod, Container -- [PagerDuty](https://lyft.github.io/cartography/modules/pagerduty/index.html) - Users, teams, services, schedules, escalation policies, integrations, vendors -- [Crowdstrike Falcon](https://lyft.github.io/cartography/modules/crowdstrike/index.html) - Hosts, Spotlight vulnerabilities, CVEs -- [NIST CVE](https://lyft.github.io/cartography/modules/cve/index.html) - Common Vulnerabilities and Exposures (CVE) data from NIST database -- [Lastpass](https://lyft.github.io/cartography/modules/lastpass/index.html) - users -- [BigFix](https://lyft.github.io/cartography/modules/bigfix/index.html) - Computers -- [Duo](https://lyft.github.io/cartography/modules/duo/index.html) - Users, Groups, Endpoints -- [Kandji](https://lyft.github.io/cartography/modules/kandji/index.html) - Devices -- [SnipeIT](https://lyft.github.io/cartography/modules/snipeit/index.html) - Users, Assets +- [Okta](https://cartography-cncf.github.io/cartography/modules/okta/index.html) - users, groups, organizations, roles, applications, factors, trusted origins, reply URIs +- [GitHub](https://cartography-cncf.github.io/cartography/modules/github/index.html) - repos, branches, users, teams +- [DigitalOcean](https://cartography-cncf.github.io/cartography/modules/digitalocean/index.html) +- [Microsoft Azure](https://cartography-cncf.github.io/cartography/modules/azure/index.html) - CosmosDB, SQL, Storage, Virtual Machine +- [Kubernetes](https://cartography-cncf.github.io/cartography/modules/kubernetes/index.html) - Cluster, Namespace, Service, Pod, Container +- [PagerDuty](https://cartography-cncf.github.io/cartography/modules/pagerduty/index.html) - Users, teams, services, schedules, escalation policies, integrations, vendors +- [Crowdstrike Falcon](https://cartography-cncf.github.io/cartography/modules/crowdstrike/index.html) - Hosts, Spotlight vulnerabilities, CVEs +- [NIST CVE](https://cartography-cncf.github.io/cartography/modules/cve/index.html) - Common Vulnerabilities and Exposures (CVE) data from NIST database +- [Lastpass](https://cartography-cncf.github.io/cartography/modules/lastpass/index.html) - users +- [BigFix](https://cartography-cncf.github.io/cartography/modules/bigfix/index.html) - Computers +- [Duo](https://cartography-cncf.github.io/cartography/modules/duo/index.html) - Users, Groups, Endpoints +- [Kandji](https://cartography-cncf.github.io/cartography/modules/kandji/index.html) - Devices +- [SnipeIT](https://cartography-cncf.github.io/cartography/modules/snipeit/index.html) - Users, Assets ## Philosophy @@ -54,17 +54,17 @@ Here are some points that can help you decide if adopting Cartography is a good - Cartography is not designed for very fast updates. Cartography writes to the database in a batches (not streamed). - Cartography is also limited by how most upstream sources only provide APIs to retrieve assets in a batched manner. - By itself, Cartography does not capture data changes over time. - - Although we do include a [drift detection](https://lyft.github.io/cartography/usage/drift-detect.html) feature. + - Although we do include a [drift detection](https://cartography-cncf.github.io/cartography/usage/drift-detect.html) feature. - It's also possible to implement other processes in your Cartography installation to make this happen. ## Install and configure ### Trying out Cartography on a test machine -Start [here](https://lyft.github.io/cartography/install.html) to set up a test graph and get data into it. +Start [here](https://cartography-cncf.github.io/cartography/install.html) to set up a test graph and get data into it. ### Setting up Cartography in production -When you are ready to try it in production, read [here](https://lyft.github.io/cartography/ops.html) for recommendations on getting cartography spun up in your environment. +When you are ready to try it in production, read [here](https://cartography-cncf.github.io/cartography/ops.html) for recommendations on getting cartography spun up in your environment. ## Usage @@ -72,10 +72,10 @@ When you are ready to try it in production, read [here](https://lyft.github.io/c ![poweruser.png](docs/root/images/poweruser.png) -Now that data is in the graph, you can quickly start with our [querying tutorial](https://lyft.github.io/cartography/usage/tutorial.html). Our [data schema](https://lyft.github.io/cartography/usage/schema.html) is a helpful reference when you get stuck. +Now that data is in the graph, you can quickly start with our [querying tutorial](https://cartography-cncf.github.io/cartography/usage/tutorial.html). Our [data schema](https://cartography-cncf.github.io/cartography/usage/schema.html) is a helpful reference when you get stuck. ### Building applications around Cartography -Directly querying Neo4j is already very useful as a sort of "swiss army knife" for security data problems, but you can also build applications and data pipelines around Cartography. View this doc on [applications](https://lyft.github.io/cartography/usage/applications.html). +Directly querying Neo4j is already very useful as a sort of "swiss army knife" for security data problems, but you can also build applications and data pipelines around Cartography. View this doc on [applications](https://cartography-cncf.github.io/cartography/usage/applications.html). ## Community @@ -86,25 +86,22 @@ Directly querying Neo4j is already very useful as a sort of "swiss army knife" f - Recorded videos are posted [here](https://www.youtube.com/playlist?list=PLMga2YJvAGzidUWJB_fnG7EHI4wsDDsE1). - Our current project roadmap is [here](https://github.com/orgs/lyft/projects/26/views/1). +## License + +This project is licensed under the [Apache 2.0 License](LICENSE). + ## Contributing Thank you for considering contributing to Cartography! ### Code of conduct -Legal stuff: This project is governed by [Lyft's code of conduct](https://github.com/lyft/code-of-conduct). -All contributors and participants agree to abide by its terms. +All contributors and participants of this project must follow the [CNCF code of conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). ### Bug reports and feature requests and discussions Submit a GitHub issue to report a bug or request a new feature. If we decide that the issue needs more discussion - usually because the scope is too large or we need to make careful decision - we will convert the issue to a [GitHub Discussion](https://github.com/lyft/cartography/discussions). ### Developing Cartography -Get started with our [developer documentation](https://lyft.github.io/cartography/dev/developer-guide.html). Please feel free to submit your own PRs to update documentation if you've found a better way to explain something. - -#### Sign the Contributor License Agreement (CLA) - -We require a CLA for code contributions, so before we can accept a pull request -we need to have a signed CLA. Please [visit our CLA service](https://oss.lyft.com/cla) -and follow the instructions to sign the CLA. +Get started with our [developer documentation](https://cartography-cncf.github.io/cartography/dev/developer-guide.html). Please feel free to submit your own PRs to update documentation if you've found a better way to explain something. ## Who uses Cartography? @@ -112,8 +109,14 @@ and follow the instructions to sign the CLA. 1. [Thought Machine](https://thoughtmachine.net/) 1. [MessageBird](https://messagebird.com) 1. [Cloudanix](https://www.cloudanix.com/) -1. [ZeusCloud](https://www.zeuscloud.io/) 1. [Corelight](https://www.corelight.com/) 1. {Your company here} :-) If your organization uses Cartography, please file a PR and update this list. Say hi on Slack too! + +--- + +Cartography is a [Cloud Native Computing Foundation](https://www.cncf.io/) sandbox project.
+
+ CNCF Logo +
diff --git a/cartography/driftdetect/cli.py b/cartography/driftdetect/cli.py index 76a7cfa999..8d5380c6d6 100644 --- a/cartography/driftdetect/cli.py +++ b/cartography/driftdetect/cli.py @@ -30,7 +30,7 @@ def _build_parser(self): 'graph database and reports the deviations.' ), epilog='For more documentation please visit: ' - 'https://lyft.github.io/cartography/usage/drift-detect.html', + 'https://cartography-cncf.github.io/cartography/usage/drift-detect.html', ) parser.add_argument( '-v', diff --git a/docs/containers/testing-with-docker.md b/docs/containers/testing-with-docker.md index c4170105c2..9635e742a3 100644 --- a/docs/containers/testing-with-docker.md +++ b/docs/containers/testing-with-docker.md @@ -1 +1 @@ -This document has been moved [here](https://lyft.github.io/cartography/dev/testing-with-docker.html) +This document has been moved [here](https://cartography-cncf.github.io/cartography/dev/testing-with-docker.html) diff --git a/docs/dev/developer-guide.md b/docs/dev/developer-guide.md index 5be7990d9a..124a1a9200 100644 --- a/docs/dev/developer-guide.md +++ b/docs/dev/developer-guide.md @@ -1 +1 @@ -This document has been moved [here](https://lyft.github.io/cartography/dev/developer-guide.html) +This document has been moved [here](https://cartography-cncf.github.io/cartography/dev/developer-guide.html) diff --git a/docs/dev/writing-analysis-jobs.md b/docs/dev/writing-analysis-jobs.md index 0cf5c8e815..fcf61de942 100644 --- a/docs/dev/writing-analysis-jobs.md +++ b/docs/dev/writing-analysis-jobs.md @@ -1 +1 @@ -This document has been moved [here](https://lyft.github.io/cartography/dev/writing-analysis-jobs.html) +This document has been moved [here](https://cartography-cncf.github.io/cartography/dev/writing-analysis-jobs.html) diff --git a/docs/dev/writing-intel-modules.md b/docs/dev/writing-intel-modules.md index 4fcc7c343c..a704a70e37 100644 --- a/docs/dev/writing-intel-modules.md +++ b/docs/dev/writing-intel-modules.md @@ -1 +1 @@ -This document has been moved [here](https://lyft.github.io/cartography/dev/writing-intel-modules.html) +This document has been moved [here](https://cartography-cncf.github.io/cartography/dev/writing-intel-modules.html) diff --git a/docs/root/images/cncf-color.png b/docs/root/images/cncf-color.png new file mode 100644 index 0000000000000000000000000000000000000000..a1fa79e9e1bf58e62d51745b75a07c1e1dd892ed GIT binary patch literal 25385 zcmdqIgxO z#GnX+z%aju6YqQ8|KPj6=eo{ycph-?wfA0o#l7wot*@&=d6nfV2n3?keE7fs1R{Zf zKm_t+B*2$Zj9(b=Kk}Ck&AdP$QSQtC2>eSGeL)~jkmdtrBmdmp6@)X-=N>Fp?V-cwGEg6r5Ot#NJKkt9rn|=>TF{)N z<2Qy+nWtixUOQi#OJuWJZ|%^2ffF!(p#DI;$C}d-o?8>QWpEJ{r+5Bx6-od|^Vd^I z1^ZucfeZ6wBPIZa0* zjbd?CR23Q;g(7(cNX5S8LV34Mku@K>hm6}`c`FY)^f`zvd1|yJz>eZnd!tZ1?_;yC z3xA*oyBu-c3w{p0c(s@Yl9uHY?BfDwf2((g$1koTNKh6z<>ebjkglb}A9s`=TX$h0 zhfAp zd&1dv%tyS@y4#UevXw|_l-rD-fpuIL_q(qv3(TtRsndYehQ_fJ(@1#p5f_&_~!*LNuL8RseS_JJRM+El;G{d(ygh#?;UaD zwXX%SH}02QtVsJgaA$_zns4?g?MXR$FesXJKQ-(0Yyepm)^?f!ws}o8L#ooNb;=0M z&-dv5k)L&HR@A5KBG{OUVdf`J?Sff!9jqYTN$uX^c%U*ja=DgGX)Og z5hG-%?@TjTJ2+7w^tZ z%ZgQJXIH)8FCBJ{ApP#F(^8?iFku<+t%9!B<+Gm#EkP~`4({Zz&=DWz(W>L@aq-T_ z$qMx_?)*!uN^hsFUp-CAZEq2RE(NO=zF^JzggE|eT2Zhq6>&K(ZakDXufLC{D&r|G zzSM-j)?Vy>mwrvlNgVXXf%p>tCZ9+BU21kG$<)s-7IM+Rwc_iO_OpSW1{tk1(y~jX z{BE2uFkP>?hF;6fS!zD|@IJt`nynIZZ9nrlsSb&DwJz%!-p1J%<|JwIO4+9GN5{~H zG4rRz;C&vC`g^Nq4&NmuB!T7YODsXxbtW;D_Id^S(05@hN%JlZ!XB=!GLIFfYBp(u zLHl;;d)|ApsE*~dK7pIUnDMP(l2C#~G;lu81iYLcy^+j13WLyIfRsviub{MWZzkGe zsb1{5*tZ}M*|T)+OW76HSNC7Py^(p{aY1)VGoHJR)-tD)u(Gj{nauI*W001`u5E;N zhi!Z{oV~vcyn^dR8vM#AiN{&G>+1kl*5yZ_Cb*1)0mzHM*49@kR6c{LD;V1U=fn3gZ2>YW=W7)50aCt&8g} z^XRT*YBcSwbAnJU7m>r3f_5SMrdkEiyRfUs`tHV>)DR*>_W8J#c^^+TWWf_R=We|# z9}0DOKk<0;g^Q426roniDZ9dlHQdtTy$U3~dlzL>)(Atf5aus*4OvDsut$BFuNC?mETr2VfhN`xcm5uT;-U)V@lEZeD*a5 z$$3I^Za}akFL+*sb<9N=b~oSqSC)Nf@Wy)SrqFAOg4g&l)I*Mw!_)x5gLM@@yAmji2=$ultHEXj|;IU-9WP0aj*HB64C&oxFB4 znzxegvkY(6qkAHRoHmOJbRc6_y*MrP1t}L`Fp$=>vro%BqAi*hRyu$}bzXC@8@l}G z;bbAnW@3+3L3e106*Xx=1XJoDqgL+Y$GM_QL-I#XCmHuEY$^n81S+s83ysj>a#Idv zv_cju#a3uFppku_XwG?BYeSHXMsO9f*9A?p1YhL5U5vOL(o=-pm zMj1upe5zSRz;3>$+SDfil!l3xRax^OWwj^5tvvOL;@I+0W_i{;2VrJIqW#UEvDF^1 z0w&fk9+~YdOZPXHiF+VtpL6*|kDbEj>=WL0j_LEM?t~v4K4}-O{{X}K1(t?{ z2kK^IjU}S3@$R^s665_qViwgwR`a@~dW`3s{eW(+7vR3^nLbA`)-lFYq_qqF1lRBe zC&f6C?!K_bVQiAx*+IXya=j=pI49)CgYvAlUcE=aZ8Fc+lwruL=u?#`ukW^cBTFR4?pjOX@p|H(vYlS&!bT{4(wm+`m$GNTN+oea2 z?)lIvf+yCQ%|AV+LJ#4BSyAC{@O zTYdO*U}n(6ti;cu0Hb^d3g0ohs0v@iJv=bvfVTVRbh2ZYD`8*JUDywqq%A*u&>2s% zKVS-_jRW%T9*Lm&rbR7ixB5`<=(`&sbz_C2V1OxY!i5QDLjrZ`Ks~BCz z{tVu~TJA3V-k-YrF>@nJ`sK;%P9mbmT#PO-MW6LIO&uQ;DTOPh-2xG!zvaprpFZa0 znuV6#p7C?4<_QiExnIArYqf38KYLnMQn$m83C`%Gi*mMCw-lT$LYT$yCRY8ZPMcl~ zv4aTl6K7Yz7A)4QNyOXS${*)4xMiHX1dqz1mal|~RyM8TQ6Vp*uRdEO;(o)8TJCDn zZwRMZ&gT^jDf>Wo(bF~t#ebCct7*c;@Wb1u1~Nkb_O((i+8Ep|Ki>CI2W57|N_}k$ zpU%PVw_7}`dn6iyo@-2WE8?5ES15AOCAKi2j3e-PW{ow5s zN8HxPjq*Vvs=beiJJj?2>gB)Z8-0ozWS`5@(oDZVO3wvga+Yr>d)wz8HTqV1%yBSj zmHiHm84Vz#|R z@dHe+ZNj{f6!2z?fH$+zb(s|uvPJ9|VD*>P?HdOOTKEn^E`_Tm|E^CI(OBZdz%zE9Mr|VS&3kw=QRq%ECcZ+YWrDCOyd>5 zM18!4x5Y|po!ySkVt*mX?l&B55?uS_NIYR|LUw2BL^kzjTUJTJ0>ckT@1TYD#K`n! z4M@LSR5gnie(_u~)$D06je67pM1?Fg^y__N>9OvW%7P+svFAh4w;%gdo@g7bXvy%M zRHVeuj{dpj@j=0~%l}x9p%2}ze*r2VvrrIcX65>#HwxR+#{II1z1-SkwGk6at=*E9 zkL+01Z_s16+zzpyZGHU&f1CGrKLV+8EnJ7DL2J=@Q3QyTup7- zRTz#xfD8bme_!99XPOD&Nv!V<4GHSkfV&2;8VMb$4^7O672G|8u3Ll@O_+kkpM#a` zih>BfXp*xjF-_+)ZO93M&3DB8{h!%`O9Xq_VdlX;{v2hEEk6=^U$`q*PdF1oMPa9)|>{w9V(v+5ICk(;9UT zF!Zmwgt+OvDQCr5mh&q4I^vuCh^9NtqjJ@_^IxmAsqWPIe1`3yxV>7xydo#{A9{m2 z2F7FWP09gFpEc3J|3)K-OZrysDY77sEry#n@l;=$;8d*l`w?0}7sle7KiRHpl#`mZjlXX=yIOqx=H(lynZmQO~d z&L9PFCQe0Y{`(M!&35bafU!w)wHK190d9>6rA=%I*MWx6$8|TT3>5KzZf^)R0s)MW z#z`0{5OqDDf78-83jV)hxBkgbq_7rf7#&+8h~BzTFq@Q@SpA15xGYZG*a`~NL#$- zZd!WtERZnJE1iV#144$GKf4S;`Q946G4m+^r*mgrKZBO7p7D>A+k>c`=`%)-6y?w0 z?V^B(gFD*fJrg)B%2E)7;B{Ozt!>OJuw~L(67e1> zKIZE+hq0tIKD1b!zK7Dez_x}`D>+IN+SK4RW$GRL-|7L{V~z>-!z(UIc2?}mYG&jR zs+RyEdW^G##y8m`Kh0}V2c+g)AVQKP`$0RF8<{a`0}XtN24m^TI^DkqZ+QfO*yngf z#WYy2{sD6NlNFTV(@3X`N;<$|9OMlF3odPA$RT!Ep1WML@<~`Vu;#C~=`#GJn@)UAz4_rq|9wHiasIp#4WqwC^L&+(uI$9A-+vixi&j%eBb14l_d4jK1*K5-jJ zo5;CV?inIa{-P4OEHIRGQZgG+8_VGIu)Y#?yvXO0QcjC7JU;${EBBSOJ+g~HYlO9|$d-t+=2 zubmwkj3yjJHgATeiv4#`yU(qimt#&*3uupa+q7Ls9j>BQ@esZ7KDMWSt5xeBM@yDd z#qrIhM#?pU6iNPxR)14M1Q$-bs_{N#LmGeBjRzXqF2?HgS8*_^k%ryThw%=~C8^r{cge>H)%zXs@0ZUEW1z4Xx7eM{ zFOxv!aK)(CATs~@R5peR^#Ov?hs}Z#Md(3;RWGJL)Tt3?--qVQH-3!I_@i>opVg@P zNXCa}_-@fOJCGUr$Z<3vuOAdnpUvGIF+H71Z~2E6;kb;v=# zspEY@S*~+sBVr|`Bon}G8ofyCB#d~h@9< z$CB6CCb<>`SLnj|!{hrb!Sr{0U^a2z-bcTT%K*TP=;&ML%HG6EKph~-NE<-U^Zly2 z&hWdkD5ghj8VN}U8C++nPe%^bhEC-o7Zm%jfHZqc4X(1Eo4PjIS879f$YA1R6rmxb zrdJ3#zvVap2twM^jT)t*`9mTQ-zS+yhO7@iXQeZs)bAcQCQKJ!Q}d%u_^N(?xFtK> z0q}lfq3;)A&bN7@TAyYk*i3+v-^^+JFm)f}{a4AyvmzVtD zx9QTZ#J#>vkR8Zz!1ooRvMjXM^DLBSfP+T`L>v_9fDHYagQ@|9;BA2S+Hd6Tg$y)U zh|M|*ctuSh3`t;*0IyUJm?6KD%YO1h-Bj}=Yt+d=1jVB{M?UtBn}mskO_Mr@UqpDL`+DD@!78JfjDwtR8aAZ6 z_O~`oe9VM}^r*h~y>InP1c|}c`^;`i(W0ro+X#8oGMIp-F+^N2T=5fd>mDxJDwEz7 zzxI0OeCzzm`&im0Zret2mW>rW>XWnvDei}7(7k(LDHod6v$T@2q68Qs4p$o5DLLMk zlAjd;X;f;>=DPm1dJ;z6_XHU64TuaR{?=$m8$q8Y1qMJM(Ax<)zbpED=KJsevWnRU z&{^iiX96AC`sz7_ad!vQzCkM>T{q<$N$2WMHNu}`dVN4@23T=T5dblH=#o~R zD}PMm{{^t+9{^_{>S+0m>u~voQhOJcF*yVnmLh)z`8>5p%1G;rV6OkvpJ3GTt;c44 z0;UHAfeVPuXnZ0sQd}AkF9AeGpVlztl3yoMNGzyfBJtWk%%^;hSHv@|u4-O=<pRbq^Twr6x>72|?8uAaiSuPW^Bb1t zAd+W?Be@ayAH8!(eE&vOza8o8ewe`o==Vk5A zFXwu38o1znnd`S4$`*M?`m&1*oq2nklYP zX2gYFQ^p(Kym|&U{PVGH;;SLmqN(-*bCB&u>3yW`?($P!0Sczr)VacGEKI~@6Upa@ zvq^4vqgaM7flZiQ5MBHng!tSg0omI~g?5b3l*3_o}pM#)>>UdDuc zOvYr9wzSloN7Oy7O)e8MYdGRvdh_wv!^I>ZDi!fQxov-URT`B}?MjXqHg`rsx`f$$~*$XLV*uM z8*IQ0n@Va>eOZv@<0k^(|C?}R!2VU@Y+%Ww$$_;L`<*`koJIz545Dwc*k`yBS5b}x3t@l2#0|NaT-jp zbCGQVNChoRn327I5$w8u)#wG^;+sCU;}GBKCd}3Np4*+n$?ksuL&VrFETINeR$sl& z3pyDeWa%q(qf2i_(8*_Jrm}?r_C+f_P%xrC@g^%2Vn2GCi1U-b0R#}$fCsT<`@lh& zJJ#dn=E>%rm9CVX4EDPcN?6)6m#>xVwXgJCm0z>tcy%g7jg}0SuMWE7!Jz=)O##32 zqy(Ozhe2ZgnaQbhb6jhcCBM1R=|pVzj9=bo{S$B~WUS0xuy&VxHYxXoB4xBv9gAlp0owV!N6 ztRlO;4=r3i{B}(>FU3O%6K|a_P+gAu02FRpvfpMy%<}$OR$G@L>mLPU*YCgFNG-Iu zHbhc@Xw^=8MzllMh-!dm&lCXJ4AUdmF4OVgQPYSlzDYAkW3B=9eCE62=qoXOU;{*y zw85!a0^|5o4NWpwiw5Y9E3r}(Tt?KO)?<}Vl={;E%d((sJS2OI455?bL%pD!A(_ds zA*tFDu3pLb+$x^}l9wZx5yVYX^`y87YPXsZs263yw_x=-9K$ki6W00yme9D)8l!S@ zC`qgY0K?&2BJ>%4pLRKP9s>DB1%PZwrMBNZm=_#;bM$oGzVV?c!x%KJHXYaVHj8qZ z$w5GYfnoMNd!2;C#Dk?beTFZnG-^mKoN0?5|H}o)1I?4KA;xGyk5~z4?8fT59^@41 za7Iqg&8<7)pJg9$&qy6=u%JR718S7{$54D{+J%l$HoCO^{iw`D$hc)<43HsEuGe177D8Tllc;|PrH`mu4^Z3d0l}}g_6!Od_)Ov7^ zRHM(Kw(Gzo|7`gHi-I(`RX%5wj<}^{GR>=I%#!ih*GDDe>$zUlzg(E)x3tq%G7J;c zms!m?3p#3m+i$DQK-}}_FMaxiGCIOgBrTRW@-se5bZC8rnZB>OY4?rbMV~GiY=GwP zz4`b}0f0~*1SqI~<4o4sG-vrc?7R2?&!g)16 z&ZX&3tm#4H^vXswSt#GIOroa<+tgxJBibdrQo2OQFRMJac~BzmsxSPmmh4h2r5A;R z6#m5$h9aUKt}HXb{plrs*iwVuoPlXx{gLhGX8Fd@?=%-f%6}aQS#rR{Qq3&YizDQ= z>X`ws3O!&IS*JT6hBt1ArPdM&&S={uWVC`+v&3cq8=Tc9=fd@4yw@w;FpE8B?~nF= zpi$vxOMGD7+2c!!!ND8%Hf?S_=f!1h z`o5Ya3xr#cm&KGUBaP4@=X|D{@d%PA?bdm8EXZk*EVNE)=gat4>Dxza(_<`F>g;Cd zJqh5ZOgai-%hL~mScz|&$Nol#(UpZUr-X#zWDUxe=&{b`ZwwK2RO_XuVD}gIa;a1N zssh!c%7!Nc95SPsP5Xj*TZ3DD`p2K8#vSl05Eee?2B}1W?H7uvL#qtYT1!_Hor#s` zlRSX^s|Fn2Bp^jS0+O5Dp%vFZqEiDadI9@&K)l5LvO=yuamZ6M1wvGs zJwC(4=DdWu+4icF?0YC>iynL);yX)YQ)CyeILHag1`~4b@_3<|rX%^D*e?@(l6jx8 zSnc&|NO~l8{tkfKvAcqv&5ewV&wTQT7nMpC)Wm3YP@7wN?qUXhF-O!LV4iGHgqZ4H zN#+5-+Y)U1j)Y{B$5;czRwmSa_-4L^dFYkvu?LX*e_IpF=BzPf%I`DN0h%QwN+o#2 z`(fEMf`PNh?h0{LF-2%qk0PXII3OWINcfP?r~Q3Y_k0zV<@@j3y9i)wZJ=8lWO#61 zeeTuSE^PHLg|U(MfMNteu4BxUR2W$>4f*y|HR80u%5MF&vMy7COSDNAl@4zY*pHDL z9>`8BDSjAv{t$GByxqD@FW2h{ulKIv$JaBZzr=2MedsFk&!|{7NdLb3yP@=s{htRA zn1U~^K=afxAOxS|rZ#f5XXHZByw2AZ%`5w}YcLsEA39w%ac@{zaa?Cufac;FW_=KH zTQSIFKf@2Gh=p6;X&1Jk;>Ar!&oO)<_><=4X3L$V3OSPt2bFt*bADuu&&+2udBSf? z&izm}sZBeDD!D;g5UQeRKLX9N8_jce!ICg+f}H$ z?ZTlNfHeeNcZ?&F7j-JOxkd(?yq^l(;W!YPm>pXlZ#CpXH(0}GmgbYRpNkZ2$W$G7 z5_u?kP6+8~Nd;59>M+Vll0|L8+YNW#o*Hjk*^!3|IdV5; zFCU5Xqia7@jeT_$DK;H-f>q=qAMZ1E25UYM1V^<%&kX)JoK0z;^eszucXrj?P@FbG;r_CKZAgd+T5NL^)hn z?GoFF7=@=T+n(!8*23Fkxf}_qAt3^IcClTIq9B$OLXsZWC#$0y3Hgq^fnZT&Dx#{?0i#r+jM~%xG*!|pVmO-c3~~| zV~7Kd(HD|pN6P_6D%GclqS!Z^&QP>!rj)twj!P71h;V5*M5|+UR+Pd5U15yx{Ji&Y zGRbS-!hkVQem?kQIz;O}<2;g=Zs$Dj1FQyaJlnl5-TKb(y7{kFSbbJfFRDgc8Niua zm`87_eDLnSjO8;6S+^E&a;V9{r4C~bBZ6Y3lN8dwyvrKz)A-^+N4}j@3p^>xqGxf) zSQXS%8xrnE`7Y1&`1RLvYEkX26DxB>ova6Zr5x67s`Ye#Qo@bx{IVPtpe^g#Vf-q` zABvGR&#p~{{=^;rP??+oqaq_p^vHC;n*VAj;4!7s3upxklFzP6MucyW@S+}jT5vj;{&1CU&kry0Q^S}cd`046Bq9mYUw_#H+6KWlF(!=fcwkAKz!wDZ@i8W7etpp@gL8df= z=cVS_WWo|DLb7Cx1GvzDkS2i*mXCjJBF9e`Ch~`U;uTT3klVhtTsV~tKNhOdRaS#u zscDAg0>PETUqIzof7GB=$?e$9x7w4$LcXL0$_{|UDUAQfF$;RZgUjv|rEjHSO?vWK zCXUKzpDs3MmaUuD?>h!P@@ec;%|Y8E#K5f4VL#`2E^7D@dGYtRE6t|+l(xDv)UO5F zr(QZ$)E4C|rr$nXwVt=hG3q}B%Bwp!K5gi1P>px;RehX4=kmL9a2KT2&@L6zNEJ%u z`GnY^F{AR*pxb&sG=@WAl}$P4-)pSZB^U8VKNg~VbpVoql5cA=izAFHJWny6FR-8` zORplV7VHsF(F9~w^}K-uzeSDqgLBOknb-yjB>#?UTI`D7ZRhG@o=(1|syGe6upafg zm-x7?ng4Xr3wu26^B_bpV3;vk+L7nBUEQHmC3c(7BjB!kV1CD8KqX4#fDMWf{kdvz zC{KNZ`&{sEO|uoAmBtAIF#P3%w9&-%09 zB_ul1s77+`f($)2mW1TkKM|S z^9q2hplax3g8sHZh<9Ex%DMmr3` zT?MCKEFi@;t~LBE-}M%YDYuWNv=_^Vn|BFl8n{6NjbNEFvp|6!ZQ664eC$Om_Ckr? z9L$$wJ$&=LYJtKgrIVfeh(7NkMdKi>-wYL;(#{gr$jse1^wBqZY^+q_qF zXBz4*Us}R>)t`2tfRqMQ1R_@QPxsN~h=p%w!n?7=iYKEgF@P>SPU7gs&bYkT?e2a1 z+kQVVZoD0v&$#uR`$SpNx8Q;osEEz-iDEp3&b$|phmy8QGfhdM`p3EOFXq|e+v-KSN-2yGb%QMbY z>t0}p1ac^49xl8pi1TvedM@TsZwcgTJ9Ozj-*b!cq$lsg2~-)cQGLv$y^wnaB6GJA z#zt8Ya=Lt!DZ}5ADf9CHO1Z~ugwzf2(TI6cC&rBA&AYWJk3dZ~UKc$7aG?gk=@HV=et zrCW6AGnZI)Snk@`U7{!AzTt}IoFGC1nqj+Qua4v93H$p`IL^Oh4$ivNR;!OULE+7( z8+ky1R`c^QiD?u~h^u^K!H-Wq)cf|i}`2}-%BUZ zDJNJ%P|$#Y1F&!SDm@`m=&n$K^a_PPBwhjr56j%<3TE9vZq__>^L4waeX2QiZ7s`8 z`cW$yVtn(9+3SJ3TAh(&Gzl}ktna7!L~HK=VwqB5X(M#BcoK>PO$ z5)@A8ys3N1AqT4*dOkz9-u&pc4#ZGTE3&?y{|YM(0kajKW9m0*7|>z$f;NsDcUH=& zgEv>t(vk97Pd;BL0(rP-*+pDyFKiSQkOH7&PT)cT9~g;tPtnzIMcKa(W77)tdtO7P zXQ=v=w|uh&E-TK&x~=d8NiGvXUX z=d)HaM*Q^@9$BnXhLr~%%a^z;T^1o?99sXC%arHKoh${?T#l2mrB5+dP1+PNuWRc ziyue_?IBRYyU7>IxOTZWv~OF{vSqW}NwO*&spB%|dbeNV8b>K#?wlZA9LnTf2}n#poubZIy0Y)MW;!XI25##6&x#p zcp3=nZmT=m@gGZ0X`)@sq9aP|&rl+U&ES=C4%gOah8}SX>KaoO01Ae?+j5~9T)k56 z4wQ$j%>nd4Zw3;@ zkdJ5~)d7V69z$MN z=4%`Z&J}BuiN(RVRjsAyEpKvG$Bh@bI zI99thH<}p0DxM)2jm4VA)2EYx%+X?}vsu!Ry@LYF#yCpY||62k9()$i*5fR7Eg zef+=o$j%)Woo`AqkHy1kw!U3dw+TM*+Fh7vqcO3W z2NGxx0D)Y7Py-A#fC_k|hNELEbz6>o)g4f+i`$%NAAf)X3L}3#I#g?jP_j_{hoFC( zBQj|Q3SQBIib8>k!rzZLSGXeiUzYTr4{xuo>D{`#T0nW|ucrivvS}`D`9JRla?xHq`|G~{^Px|l3?>QG$_Z%x`Cvm9uE_kCG5zNQ4eOeo<9{a^dT?S0 zFtsj=LVrJYT<3zs|D9EW=Hfa~d;Q;8^}`h-{yPaL@tWQ%vQR*fe}`~NJZg$$++RCNA#T34EjII{l=hTuA9X8y0}0EJvi<-d!Q zdvgFO`9JfLts$cRJMT-5HN>a?eyEE+C?ovu7*(_vM&Bo#g98qqlD6->0wTPBRtW;A z{Q5U8i(!91z#AaVKQEc!0gggImVaKwE#c6D>I3|F@x`3tecY1;p_d3e>ZlioQAGCw zX>_JS&}@B)wUo)))5*)pKAT2` z>wO`(EpC3L$8Q^N1~AB?_68w$0b5i>NT9F2UpwlTq_|6pM?Bs9-!`2X2P9u%C~w~} zF92f9eu(q=M@Enh9T|)d*z$kgL!SdoI-37k5eThuA_d@J|NiwfK(KoKznf9cxQ2KD z6uJKSwLU+18M>; zxwYgBLHX;;Xpn0=t%T?d5t(@YQ~L}x8dAdplqjC4&WPPbEx$U&*w$P?lTI;?_*aS{ z#TU?%TW6w13s{1#a4)x-i^YYHG0vprh~eNhr9jVv*|gmNbaz>BVzrsM?~1Q^s{<h7&Q~l7_%)^8h;T&liLs0n2KHN(rh9`{yeDLwaDBs$`@#9$_s@!oLmd z^C%-o6Gs^f61atZveEg8<2Vctx$X7j9p5aumq^9e!B@kgZqxUeM1jIyQbJaEFbBmE z^0UgM$bfC^xk9ej*r!MrFF(7ND#yhfKWcX2RF54jJx_EQ~4$IngB=ET$3>wuJv48Zb)V;k(Z6~<;fXRqwM0$lv00I zdx%}>tJVUk@*N>(o2co;I<3cLq+@knZu0c56+J&vA?uc0d6P>bvQW zhCJs3@3glf(z`MeV(xOb;Luem=TwErFLODwxca9P;_mh6w^`dE1^_JgyWPK=K%9%^ z=jIPdk+#&Fg%BWF=9-s{KB(n1ul=TmL+YsQA(AUL+Q&MsyIH3> zrw~}&Hxw5Xjd{M)q9&y;EdV4;`?)*Qtqw4g?3Ug9wB`n1ZcLWXT1df2eowQWVr6du z%mZ#YJ+0pCa6-3g zr(qmil)q^BPZl7) zm=_zlOFm|7*WK(vQ^-3mbtga3?RCjF^_!?DZ7;kQfmtyw?+H;UcApabdWPddlYbJ;eH* zPaEDLPKwgyrEy$oK~6nxg%&y7c;LEOSrva|c0a{v>f2I3?Zr1ufFEN8ru*SnnnltT z>$8>gti){%IifR(08`lSVykX)=@g%{CEELyhkT9)`>BP#-mO5EQL=*7^Do{9H9|NB zyQ}DY^DWD*8=8h7=RNo5UJT%REOMkMhwsdPi1yCSI+gz|t}I7ES}(Sb1v*gr8v$O= z@2XdIM$+6o1(Jq}23VJJ!re1dM2OHzQb~P$emjO|aBVX=-D5?e=|F)^BSH*q9al=5_2mBN2VHHCQ3W*CTca9yL7mco{%|E<> zTzUed`n60Ph?!^I*`Wh#$D^_W%R@>|G7HL5>=8#u<4rQu$jxY!(WupO-*+o|mseOguu*5Z_rX`81x z6$J__>ouPe41h8uz`3{!FtaS}StgkBa-y#0N7x5Ou7}{S4RCY;QG-0}OsorU3r%Y5e}yTQQ3(sH|sa!(Wo_1g3N&6Tir!EC3KF zXV(fmB)j$aO=)wIDKBC`;))XVdk7xj<#aItl(zzTqYM_0|NiomJX*_0lYb~allN(p7QC@p!Y6ReBk~GDsNa%5LOv(*CTL{0 zAm*pY_?t5vJsGTy9^j|uUkxj0&U3sukM$_(=t(?EzH8qJnYi4KNVi_ZR&=TIS<*Uf*Nq&4i zZ0D`=N5lZY?Q9vk$WH{01`ZsJ6a3Dqd`P}$^~&oo3d+W7^YJCtJUF$>E&;bgjmd&N z{Fz$tiaqPjFZwc~p28*~Hb!Jl^ae8Yk>#Ftt;;o0=1!m+XAI!84}wYdhJ1y$Q%VYW za0g1AdwR(sb$I*~XhR#2N9_oE7L!_M;VX6U6KFkEvLjNUDD83o-hB#LEnxR&zbNc+ zKeh-i&~VY<4rH);*^6K0@OlFJalF~wL0!PRq1`%1@C68$Bv@#Qf8@%hc}v>R0@+|l z%`U2F=NZ>?H+363A zsV-x6b!S1*bv#VhX%Vb%+hcSa+J(aX`yOp0%8h>tdrz>4jBG{z{-r zLHwUs2L~hEu466O#~RGv+@1F4MPZX=Q$p0~HX=SX7iHt61d3wY{|ZZEi{%b!j`wc-;L+Gw`Z zYM<_S;iyg@CeN-`g{XLcxT0Z?4FeC?6RPg#!TIH0bjv+YX=ndRc_&llbavP@5L3Xm z_JWNDKHoLk>9b9v+eR~hzV`(V7{fBFQ@lw>X zuB8+9i_P7SzAx4xMbijJ`4ykO{3Do1^=<$6{+ML@0ET^86ub-Db;yz)ta?2{grN2G zAj_MvcvA3U>n%1JK!>I*2d)6w>1D%I!H3@Wep%qId5QTg-;;6ske{m@LrhuUfgY;( zc}3w>&zJV*A-BGJ-`nP_^>%?32v^w;zwf>+OUgSVJ=7TWnq zbf*hD&Vpa8o(Ti>Re91)G%_*dF`k`e>M^=IdpAG*mkcW3;MFI@fccSY^$#ZDyYpx3 z^{1tK_7=tVfegBiFa(eqab^<|7G|9?1K^CnDoEQZ*ns1-sb1aAbmY(?SYx6kK7zw< zyS$#%s|xdDgiAeO9_d_kpN%|{JLr!Kg}lj8)!J$~te?uY4RO^}n@wOME8ek2t;|16 z+ihC$3FB;0Pa~8_Cq$n^Kz=hYrZ`e#Q^y0|=ygOCX+oQDlt#Jw{5l5ro9&FusHo*E z*o1*3ud;yhx0Q!#;gM%T#ZBjvQiFSJo_ZB3Rgks7qg2s>`u#crS&EO$Ks6d-JA&&0 zXt?Eo>8bWfO7H@ZT(Hcux7)4Yt6oJYRtm){cTDUi!vAWh^#K!p`og%Q_R=A=qY8`HT=;w^>Qk7uLPbIRS2dZ{Ctz-;q7l-}JN07^f-_ z@Fm+r@vDnQ=P4bBq3v2{`UHwwYfn9g%2QP+|m=XciolAAS1GV7Mj|16S? zw3)nnD`p4smV8Hx@Lvw>z4yS8>r4IV&h255!l~Bk-QMlNAFP)L!<;_V6Qceer zj;b<9U}d`M^RamZ{|Z;!(5uXO~W?ZN8B4btv^vdKo6f=m`vMNF@;wM~f| z^s?CZAQ=&>#`eESDNiqKq?i&2sc2D6BzXTx9hGns;w+ekN)HjtAoXrAxHnn+}1`~`1`C~T>b%R7?3aTlex|Zk1j|w zwpbC0s%+7n2Irzy8T-_e-o%}-*xUE6tVxxjF(V-Tj;xY?>{P7CZ!=GB!a%t}85`B( zk8Q@A&DiP{rVjTXOiOP5^ZCPmy&O5}YuY+@*Je)geTXC3&ve%EPUK)3JOhpT$%__5 zruV}0{p_I(vkkqdSlSCtav<7x%3YNGrf5QrjFM>aAp5~rk|1C3z*nnCv4!;{GewX( z(8@ZuSu;ctuArf{6|VG01<^RA0&fH#9CB$tD3Y`9L?*^q9u{E;V#$mHKGhGbY9L(o z*9~5sdGxHWTwS*-gmyk6?Jc`5uyaqTSC<6L}wDwLX?Q;q6H~L88sLr zh$tgObS6ra5RBf5-UrcpA7vOu8I0j~JkRq7yx-sRX|B1>bwb#GES(M_f(&deh@eQhfQ|uF+4wo-el=A;D864E)lZ?U$gaUIX8}^FBik^SPHS_YkownfU_728x~j)+=?@l&8Yzxb@^wJfzb3?y6Voy=*J+ z$t7L6<@O*Cwo-H{Iev@;!r6XHnI=g>h}Nv!CUiXsUq2xT{aOf*yUpzx z=~7tnNOk*R?8~n%YOEQ2$_MdwJIiEq=Whf z`~3u&u76Px@EET;^C5{4#xW|nRDp6Zz1^_b66;x8gW8f#{^q1Nz?(XAPld}C1aJB@ z%epy846?QaX)HB(W1Q|`aY;NEkBxyyVekybZLsNB1oG_;a2sS_vBCo#si22YZnnb97S3H zth?kJ!6udl=GS9qkQEaeFViFPxNuRk@c5%a?leeB`8LLsN8D44#}Th2ENx`bSwJGr z9kUXeDRnFsG46cZVj1#D;2%H>;Z$YI(e4J~-tw2NPESneP2b;h@o}b%$0HjvF zki?D)`4KD>oJ$PAx%aMK99~v9Ypmfn?24 zo$)9-vZ8Q9vP~j*B2{K@kgSgwx!dn#PpK_HZNxVf4|}iuqhpj&7?YeYz{9;OBMfK?Hscr z0vp6b)=(V0Yt!!dHthG|zh1hnP7>+g{I&mJzX5ca2)r`v2soJ{;KXcHr2=tLn9tqt z)6?a{$!V=edN|;?;-?{3*S+Ju`H*2jC7U-4`3I94avFk+j7yCjmUu(SCziN*f^HIx zc7WfW=xHhxz&D?H{$6O}MjXCSL?VivxmA z_GP!1|7l8UVLEjx6Yg`r)#vjI&{gSWhDLziPl3l33V^^x4u+sg2?!hi(Xkhgv zPv*`3oB1E}y3FgH->8QN#G$bOF0n+2tsvpq(nF^DQ1c$=#Scj|(@XU_yAZUJ=a7ip zVkDjCqSz@`p5_!KWXSOe0EVL=L3ftjKo&U25guUl6BE1*ZDwaYlVq@AI6X6LiT(D` z!PRK$mAE|CvdCpZ|LF&Y=2Citv=_PoS6s8igi~EYOBJ}VS6q*GdqX)?i`3Rbg${fg zWzKMc_cjP&RCNn_#3~QMs?Ty#i!*_i zJ@88PP=$p1l_QlA&%Y)YKfhfLMGG0eRIQ>HY4E11fCM+7Qs3N>N%eKf3t(FaAD|E@ zp(pD6U9y{3rqH=GY%H5cW~ChZW%gPgS?U7JU&Z(G@{}$10T!Bp4cG z%%2eDTyF%Tw;14YxGbJelRzjb?>O~`NTngdh-^%(vc0I%JME75Wqvw5!{htDdaIL3 z+_rc`4;I({42y$X084h=D$))=1bzpQbF9M_aIqBWPs?wfI-iW|a7wn~n`1nSg@M#A z!6>;I+GitOk$SULWW><+y(?Ey@pEQiDkjBk-_|KQ^1lLjPHB-~bf8wdZ0=(a@IiIL zqBku&f0K0eo_v=3b|llbyr6(gq=g>Rnanf=x)&=bbiH%?bJP;`hZr*3uwvYRPJ3>2 zYVS`Js-)=cr?P-D&jT2!*({CsGUAI&e=uvW;e$Np(3<^@rT49P|7Pw!M7jD1E&PbQ zy=*3MjA$3ti)k~x&ENqNmb{1ypI($|b1%OO=-YTEQoIky{9RneGiGQ@vqF!YdrPik zHr@ZM2kp)Bi#yIV=frZ0=qDSXol#IM=!b4{l}d!IIn1&iD?V_T;J{!OU^8`h>_Y?d zJ=y;1;H6$qF1;&V8vK&K(SH*{!!*<6A`TvUNUDqm>`Bb$bU?d-Opi=4@ysxa#9__* z_a%;f6%QFmZAG9*doBBy!bkUDFKQAz@9dvxgoT1AT10iwut>j_mSHV4Rv34KU`v=7 z6vRB!YnJQ~YM(Ir(-qjR?Q#nLR2B=?{y0iv{;U5+^L4hru@=j{e*J8f?#LPy-_1)R zF*xN#0DTs9a=611a`vXzO~=pPsyAxqrs5^Vswf1&`zbGIPfCToNly9LLREH!5V+n$2);#lWrwSHMw(j8*Ath@rjn4;rXEv>xh(BF&0Ow_;O0pticjo6~>Dr zCB5;2X;rxh2p{hPINGo<7G7!_ydGc&8rRxZqZEOU_K*wCLv7Gs;F2h}+F|bOs&^))`4=|9!@%aOFpX0Nbk1_e)#bVxEOQ_ee`C*w*8%S0m|%d+ zSX@&Nzf+Ebhu2+7(Z47zM|@~q;?eh9klCh`QGP$*zg2`-JF6%9V5^6aW{uf@%&vR5Dy%>Jzx2G4-zy*pPBi^W3?*{y?Xm#vDOFG8t`-__^kz zz`rw@IhL7QECXXAnoP^gPAoyNjJA^g3|Ls*vojzPASNK6*0GLO<`cCOZaSgEeu7o~ zB_`@!`}IL?S_gv&`6AC{lc?dms}*aN_WqdT0h$*`g@Sz1G}n50iByzL8netl zYQ@?zspzDF_G`mdifJ-K=gCwRt-phGBvfQ9xGP2c6FzoS49e6Sm^vlhQCU@dU3vNq zr&bvP zV)&GtvgPSH0Ex|4oZ`-xXGL>_SsBEWGl70p%1FzdCRZL~9SSaYtRU7W$^&4#O+8Cq z1W+cV=3(QqTNQV5CWIPAa3k_qUJR#~ex1RTWR_uib$?iHPB6j;5EDzDd=qL08jWb@ zdXJQjhYVUJrA|?hODu4`8tZjNzs*8|d#{OYO8HU4LKkMW==7aNtgf$DrW3Z_C*%vu zuK$G*8an_iRUN3uEcPb=KAP1tg^`T~la|RTc;-Gyn@*d=IBRkhNLddJ=!nZfk~=zg zj6&Cd9QsG}EYqd1EJWK6zC#4M65Vj_)Y1`!R_9Q>opPQB0F7{wBG*k6>^{OU+M=V{ zImzw@;761Fr}=Ff9B9Fni1!T>4Xy2#u?4!gySMIXf?LE=zio9gm|`&y&x)WjU` z7pDUAASXnUQK!Pu@bt?Hlph5)vptJXE-bvVci{ZsMh4!^%O>^Y&g@XGKmCPxh-9G)gS@P`I$rYe< z8cc}_VL4o1`Ex#;L+&CzC6T!8gljxw|aFyQqteJ}EIVKz)AFha!cqQW@V{CEav~!fI zsj#r|>IYmQ%l?KD5JmwWeZAEzo^4To)6lnyDvx;(-+YI$Jo5u3YxF_M{p0>aQR~x` z87F-4E>-On)2q9fihYAXm|kUdk`>G;^6>KhxL1sbbR16EA8-{^Vse3O`CY^qXbj<; zu-YlJQ!uNus*3L)at}QRP6oGr@u&h!l82tE)~b^WX1B+~qxIn7UPZp|HLYpNu)Ry% zd-(QZ*ugsnr=XInmZkw%Bsc8%KZy-f=XG0#5RmR2p^l`ROW#HPqVukiNZy0|D-D7SU`IFLPlw63 zZRsl#7Lh$rO&>2hvp3;aE#}=ka_M1TC=iN=hAB4 zs~63-9y%X>GVPu~Gr@E6j6j`B&PuILQW@betpAIV2u@di2<<@b#FD)#)Mi zTl!TpA(_>vzw91qUW|C{c6hkVw$ge1S?`&KAAu`FV1}Td8+w|^WI>`LVN`w6%QZUy zW;I80&{;!!P+GE6lC7WqD&Q$c-vdhHk;(PZKq0AAfkeE{5xp-bifivXnVVkrMWVi} z#QgLZ-oARa9qQx5@1{P;^91&SmY5s-FV;>jT@rM@jc-mfm9YCU;=!xmj#BDHf{sYC z9&>JTO7#RnHpxGpxt6)6wCvRHX+2YH`Fh?qKlPps-?6Y`?f(J-F-Mvd=IVEN1}+z8 zYWa(u5sT+1j5e?z{g{bgQ2|p`UgYf5i?QC-77Xl}E&5@esN~Cu4?d=`nw-}FNg8_H+cslox*X&Ya}67HMH)M zoqdVyFMhDQedP38lECK6j#!rp?kwf~dI@U4KuL;{_ZCuTqY8YgaSqyVVYw?)y9L!e zi!Ep$=v!jFoIftLjPKi;_tlSFaEoA+7YDZV)Lb0|eJ;5ym0T=V{FnaCwMht-K_&e^ zOl}0gQnUnrx$FhxD-<6VZ7QBT@!3QAtMrUH(&MgNWY#19vSTo(UTPO|BPP$R#Plr! z-Ii@8Mrc&^58SL~6!N0PGLa_7U&X0cq|fiS8^KXgTrFv2_2u z!~8paB1Fmu5SgfFFaDFgnE8jnL;?_8)PBpcN|RLD>u{ODD8_$uayDyv{4XLPaf)sS z>5si@zpm0S^|*pJz;+-@N?~tQeH54?#UW-*7QWCE4F;81z{Lt zW>v;{HlG%UUhI!R{{CyS%=st0*{#mp^}oX;_2{4KPd5hIA|k18dO0znQ!gu-w4AAr zIJc`R&;982ZGJ|!_f&8#4p>3EdmOCP{d?(V=ZqYkmU6@VcWsKQlEyMoz7!R$Ja+IP z*e``?WOJWWdi1o!ip=?8=SDfl*`;oXq(KDmM$C2#->iQxSFrY)4OTAk;m?ngIDzk{ z(;4z$`I8DqBh<&S*Rf{rjPcTrwlp%j=of=ZnD%{KUH<`d3~%rUo)xx0?F{d|DqelZ zkKoPmnL1^&zQ~!weB-Ocu?4X)7qv!K`0fm_Xk1A`0xO`t^Y3PNvI+^JUZBTxKF+81Y#mebdsiuPrJzn@$-1p$30^HvX8SV*vhj2-< z8fe(jq#`kGlmMFeLpIDHOU1J(Ve6H>v4h$1zp_3q=kSmf`5MemTOGw0PW*(G9V{_PwC=(O6_kqKQ{L%2Qih8} z)qokZF}_$7IX@&7L}SMX+#sE2g|7d=u}b}>WdI=!#tC+H(k-sg;kYeuqpE3CH zovbu_@9{5NaYw~truAw5MYZ_~acXa6AviQ5sRd&`Xe2|OI~sb76E_$jT=RF9=)JVG z*3Vub+`u*J3O=j}d$)sWs)k;^Dw0oBj*2u+Sog&`jM1a1Ej&c>GSal0HJf1#>{PWe z5S>Cprw%9_umf(4*A(<3dGIveAoaQ_ifCO7*-tyauJh+(vKFsp-?XTVCG9!$8veTr z?&uy@A#36U>j+xqCx}AUy_9|A<)f9vk0dv&NTn$as~Xq2fAo@H&75x``iKXtHRqAr zRvJOg2*Pat;YrCQ@N!HkIs>ouuI?;?BRY)}v7x9a!I;^Ga`o89~vy*U@1o?a3d0p!M>{$!A8ZOo^~I2FvXT#Ukv zKi;L?-W%nuD33O@+<6N8OL|qK1rwE_#Fu{sU|c)dI?1IFwY7E7pl(3Af$fcV#DLMV z8dp+cCl4ZsH~3}2js7fno240>r6$J71%z|N2qejH=1wC3{9bGkF$lM7w$a)B62P!p zN=`q@Bx*>%+q6d0s=D@g{N>T#wk+(Ba839=)JM*Btiq2Kx|sF%0eJl;HZ;> z_`a>q2Q&>T@Tdq5`vD!noXM1GLI%7&ANR2-)?s>G5w#@eZR>A-H6>jTnkKUgr>lYJ z_jRAimVIQSzp?vkZ3hkoJkG<-(k~&7zM)D50qppn<7Npgrp8Q#hUQaeAfMg)A+I`Z z`BTz0K}*heSHAXOXN3ArsIYatuq)ln`NoV*f4(Hc^KYy3i|Qa7)8Ein>Rh0pjGAXn z0!MYa79agVas8V+vqcGpN$C7SWBb^q6Xe4Wx*4UD$tU}MlU}+UMvLYC=WT^_l!HfM z;5S)KSG#kh1U4Xfn?NR7GzOLbJ;GGIB?)z?3_6kI7Uf>CdrK2UZy7rqaeCX!I<~H+ zNikQx=CTfoFFp3EvlE`w8xBa_K?tOvV4|Aq8Ue^4G1jRY z+X{2~gW7^F4JC@u2(As${$|Y5Km9XQaF&?zSBOpu-3M;$AKHWOYrFrv@?GVi)?FWP zbFQ)n{ZlSm_)h-O?$66Lv{xYPYXc#HD-34~$QjaDna!Gp+rg>~_+VZOgYo-0RS?tQf zvIF^kOlrXqy>z3f(KCWPmUC#?9*cqI^{g@yazn(kj6`l5+GB%!n*>dg56G6DYwh7#r z^1ng_RB`{SQt&2X?Y|`o9zD7Lzxo8MqrVb1M6Utuz!hc+qz|vJ;oH4j|M?LduJyk% t2-0ep|JFeGc`yF|<+