From 722c854f6603d18c73a8a31a980c81c6f4249009 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Tue, 22 Jul 2025 15:52:05 -0600 Subject: [PATCH 01/10] review: trusted publishing tutorial --- tutorials/trusted-publishing.md | 754 ++++++++++++++++---------------- 1 file changed, 377 insertions(+), 377 deletions(-) diff --git a/tutorials/trusted-publishing.md b/tutorials/trusted-publishing.md index c085adfe4..4c034711e 100644 --- a/tutorials/trusted-publishing.md +++ b/tutorials/trusted-publishing.md @@ -1,377 +1,377 @@ ---- -:og:description: Learn how to publish your Python package automatically via GitHub Actions. This lesson also covers how to do publishing in a secure way by using Trusted Publishing. -:og:title: Setup Trusted Publishing for secure and automated publishing via GitHub Actions ---- - -# Setup Trusted Publishing for secure and automated publishing via GitHub Actions - -In the previous Python packaging lessons, you've learned: - -1. [How to create a Python package](create-python-package) -1. How to publish the code to [PyPI](publish-pypi) and [Conda](publish-conda-forge) - -:::{admonition} Learning Objectives -:class: tip - -In this lesson you will learn how to: - -- Automate building and publishing the package on GitHub Actions -- Configure trusted publishing for the project - -::: - -## Configure a release job on GitHub Actions - -GitHub Actions[^gha] is an infrastructure provided by GitHub to automate -software workflows, straight from the GitHub repository of the project. You can -configure automated testing for every pull request, automated publishing of -documentation, automated creation of webpages for the project, and even automate -the release process. For this lesson we will only focus on the release process -itself. - -:::{admonition} Learning Objectives -:class: tip - -This tutorial assumes that your project is published to GitHub and that you want -to publish a package from your project to PyPI. -::: - -### Step 0: Create a release workflow - -To get started, create a file named `release.yaml` under the `.github/workflows` -directory of your project. - -:::{admonition} Naming the workflow -:class: tip - -The name of the worklow is not relevant, but `release.yaml` is the most -informative name. - -If the `.github/workflows` directory does not exist, you can create it. It is -GitHub's convention that all GitHub Actions are configured via YAML files in the -`.github/workflows` directory. -::: - -### Step 1: Name the workflow - -At the top of the `release.yaml` file type the following: - -```yaml -name: Release -``` - -This gives a name to the workflow. It allows you to quickly find all runs of -this GitHub Action on the "Actions" tab in the GitHub repository. - -:::{figure-md} github-actions-release-workflows-summary -Graphic showing an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. - -This image shows an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. -::: - -### Step 2: Add triggers to the workflow - -Every GitHub Actions workflow runs only when certain conditions are met. A -release workflow should only run when the repository owner creates a new release -for the package. Add the following to the `release.yaml` file: - -```yaml -on: - release: - types: - - published -``` - -### Step 3: Configure the jobs in the workflow - -When triggered, the GitHub Actions runs multiple jobs. We have to configure at -least one job in the workflow file. - -For a release job, we need to clone the repository and then use `hatch` to build -the package. We also need to make sure we set up Hatch on the machine GitHub is -using to run the workflow. - -A minimal job definition would be: - -```yaml -jobs: - build_package: - name: Build the package - runs-on: ubuntu-latest - steps: - - uses: actions/checkout - - uses: pypa/hatch - - run: hatch build -``` - -:::{admonition} Hardening the GitHub Actions workflow - -There are several improvements we can make to the GitHub Actions workflow we -just configured to improve security and readability. - -First, we can give names to relevant steps in the process, to increase -readability of the logs generated during the workflow run. This can be achieved -using `name: ` lines. - -More importantly, each time we use an existing action (via `uses`) we should pin -that action to a commit hash. This ensures that if a malicious user takes over -the action, they won't be able to impact your repository (an example of a supply -chain attack due to GitHub Actions is the recent `tj-actions/changed-files` -attack[^changed-files-supply-chain-attack]). Enabling Dependabot[^dependabot] in -the repository will ensure that you always get a PR to keep the actions up to -date. - -Thus, the workflow that you should use, should be similar to: - -```yaml -jobs: - build_package: - name: Build the package - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - name: Set up Hatch - uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc - - name: Build artifacts - run: hatch build -``` - -::: - -Now, you can commit the `.github/workflows/release.yaml` file to the repository. - -At this point, if you create a new release for your project on GitHub, the -configured workflow should run and build a wheel for you. Unfortunately, the -wheel is only available on the runner. - -### Step 4: Upload the built artifact to the GitHub Artifacts - -We need to add one more step to the job definition to be able to access the -wheel. We will upload it to the artifacts temporary area[^github-artifacts]. Add -the following to the `release.yaml` file: - -```yaml - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 - with: - path: dist/ - name: dist.zip - if-no-files-found: error - retention-days: 1 -``` - -:::{admonition} Upload artifacts parameters -:class: tip - -We have configured the artifact to be deleted after 1 day. The artifacts storage -on GitHub actions is temporary, and users should not be getting the package from -here. - -We have also configured the release job to error if the `dist/` directory does -not exist. This means that `hatch build` (from the previous step) failed to -build our package, so there is nothing to release. -::: - -At this point, if you push the `release.yaml` to GitHub and create a new -release, the GitHub Actions job will run, will clone your repository, set up -Hatch, build the package and then upload it as an archive to the artifacts -storage. - -:::{figure-md} github-actions-release-workflows-run -Graphic showing an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. - -This figure shows an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. -::: - -At the bottom of the workflow run page on GitHub you should see a section for -the artifacts produced during runtime and uploaded to this storage area: - -:::{figure-md} github-actions-release-workflows-artifacts -Graphic showing an example of an artifact produced by the release workflow. - -This figure shows the artifact produced by the above release workflow. It is now marked as expired since the workflow ran more than a day ago. -::: - -You can download the artifact (before it expires), unzip it and install the -wheel contained within. However, this should only be done if you want to test -the built wheel. We will proceed to configure uploading to PyPI using trusted -publishing. - -## Configure automatic publishing to PyPI - -The job we configured on GitHub Actions builds a package for our code, but we -still need to upload it to PyPI. We could upload the package from the same job, -but it is better to create a separate one, to maintain separation of concerns. -This is why in the previous section we uploaded the artifact to the temporary -storage -- in the new job, we will download the package from there and upload it -to PyPI. Since this job does nothing else, there is no possibility that the -package could get compromised before the release. - -### Step 1: Add the upload job - -In the `release.yaml` file, add the following new job, after the job defined in -the previous section: - -```yaml - publish_release_to_pypi: - name: Publish release to PyPI - needs: [build_package] - runs-on: ubuntu-latest - environment: - name: pypi - url: - steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 - with: - name: dist.zip - path: dist/ - - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 -``` - -:::{admonition} Make sure to change the URL - -Remember to change the `url:` to the URL for your package on PyPI! -::: - -This job has two steps: -- as discussed above, it uses `download-artifact` to download the artifacts - built in the previous job -- it uses `gh-action-pypi-publish` to publish the package to PyPI. - -We are almost there. We just need to enable trusted publishing for the project -and then we are done. - -### Step 2: Enable trusted publishing on PyPI - -Before trusted publishing was created, in order to upload to PyPI from GitHub -actions you would have needed to add the username and password as arguments to -the `gh-action-pypi-publish` step. While documentation recommends using the -GitHub's `secrets` environment for the password/token, in several cases users -were pasting it directly in the workflow file. Furthermore, accidental leakage -of the token could allow attackers to publish new packages in your name, until -you discover the compromise and revoke the leaked credential. - -To prevent these incidents and improve security, supply chain security -developers created Trusted Publishing. This allows registering publishers on -PyPI and mapping them to the automation workflow that is allowed to publish the -package. - -:::{admonition} Trusted Publishing outside of GitHub Actions -:class: tip - -Trusted Publishing supports other automation platforms, beyond GitHub Actions. -It is also possible to configure a trusted publisher for multiple workflows or -multiple publishers for the same package. These are advanced uses, out of scope -for this lesson. -::: - -For this lesson, we will focus on configuring a trusted publisher for a project that already exists on PyPI. If you completed the [lesson about PyPI publishing](create-python-package), you should have this project already created. - -This setup step needs to be performed only once for the project. Future releases -will only run the GitHub Actions workflow we are configuring in `release.yaml`. - -On the ["Your projects" page on PyPI](https://pypi.org/manage/projects/), click -"Manage" on any project you want to configure. - -:::{figure-md} trusted-publishing-your-projects -Graphic showing a screenshot of the "Your projects" page on PyPI. The "Manage" button for one of the projects is highlighted. - -This image shows several projects. The "Manage" button is highlighted for one of the projects, the one we want to configure trusted publishing for. -::: - -Then click "Publishing" in the project's sidebar. - -:::{figure-md} trusted-publishing-publishing -Graphic showing the management page for one project. The "Publishing" link in the sidebar is highlighted. - -Once clicking on the "Manage" button we got to the project's page. In the -sidebar, we have the "publishing" option, as highlighted here. -::: - -This will take you to the publisher configuration page for the project. Trusted -publishers can be configured via the forms here. Fill in the GitHub form with -the following information: - -- Owner: the GitHub organization name for the organization that owns the - project. If this is your personal project, then use your GitHub username here. -- Repository name: the name of the repository that contains the project. -- Workflow name: Should be `release.yaml` if you followed this guide, it is the - workflow we just configured. -- Environment name: Should be `pypi`, as that is what we configured in - `release.yaml`. - -Once you fill in this form and click "Add" the publisher is configured and can -be used to publish new releases of your package. - -:::{admonition} Fully hardened GitHub Actions release workflow - -For better security it is recommended to also control the permissions of the -GitHub token used within each job of the workflow. The permissions should be -scoped at job level and be as minimal as possible. A workflow that configures -trusted publishing and also does this is the following: - -```yaml -name: Release - -on: - release: - types: - - published - -permissions: {} # no permissions to the token at global level - -jobs: - build_package: - name: Build the package - runs-on: ubuntu-latest - permissions: - contents: read # this job only needs read access - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - name: Set up Hatch - uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc - - name: Build artifacts - run: hatch build - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 - with: - path: dist/ - name: dist.zip - if-no-files-found: error - retention-days: 1 - - publish_release_to_pypi: - name: Publish release to PyPI - needs: [build_package] - runs-on: ubuntu-latest - environment: - name: pypi - url: - permissions: - contents: read # this job needs read access - id-token: write # but also needs to be able to write the publishing token - steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 - with: - name: dist.zip - path: dist/ - - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 -``` - -You can copy the above into your `release.yaml` file. You only need to update -the `url:` field and configure trusted publishing on PyPI. - -::: - -## You have enabled trusted publishing for your project - -Congratulations. You have now configured your project to do secure releases when a new version is being tagged on GitHub. The workflow we have configured builds the package from the exact version of code that we are tagging. This provides a guarantee for your users that the package we have released does exactly what the code states it does -- there is no potential for supply chain related vulnerabilities arising from our package! If you have a package that is ready for real-world use on the real PyPI, then you can follow the same steps to publish it securely. - -## Footnotes - -[^gha]: https://github.com/features/actions -[^changed-files-supply-chain-attack]: https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066 -[^dependabot]: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot -[^github-artifacts]: https://docs.github.com/en/actions/tutorials/store-and-share-data +--- +:og:description: Learn how to publish your Python package automatically via GitHub Actions. This lesson also covers how to do publishing in a secure way by using Trusted Publishing. +:og:title: Setup Trusted Publishing for secure and automated publishing via GitHub Actions +--- + +# Setup Trusted Publishing for secure and automated publishing via GitHub Actions + +In the previous Python packaging lessons, you've learned: + +1. [How to create a Python package](create-python-package) +1. How to publish the code to [PyPI](publish-pypi) and [Conda](publish-conda-forge) + +:::{admonition} Learning Objectives +:class: tip + +In this lesson you will learn how to: + +- Automate building and publishing the package on GitHub Actions +- Configure trusted publishing for the project + +::: + +## Configure a release job on GitHub Actions + +GitHub Actions[^gha] is an infrastructure provided by GitHub to automate +software workflows, straight from the GitHub repository of the project. You can +configure automated testing for every pull request, automated publishing of +documentation, automated creation of webpages for the project, and even automate +the release process. For this lesson we will only focus on the release process +itself. + +:::{admonition} Learning Objectives +:class: tip + +This tutorial assumes that your project is published to GitHub and that you want +to publish a package from your project to PyPI. +::: + +### Step 0: Create a release workflow + +To get started, create a file named `release.yaml` under the `.github/workflows` +directory of your project. + +:::{admonition} Naming the workflow +:class: tip + +The name of the worklow is not relevant, but `release.yaml` is the most +informative name. + +If the `.github/workflows` directory does not exist, you can create it. It is +GitHub's convention that all GitHub Actions are configured via YAML files in the +`.github/workflows` directory. +::: + +### Step 1: Name the workflow + +At the top of the `release.yaml` file type the following: + +```yaml +name: Release +``` + +This gives a name to the workflow. It allows you to quickly find all runs of +this GitHub Action on the "Actions" tab in the GitHub repository. + +:::{figure-md} github-actions-release-workflows-summary +Graphic showing an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. + +This image shows an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. +::: + +### Step 2: Add triggers to the workflow + +Every GitHub Actions workflow runs only when certain conditions are met. A +release workflow should only run when the repository owner creates a new release +for the package. Add the following to the `release.yaml` file: + +```yaml +on: + release: + types: + - published +``` + +### Step 3: Configure the jobs in the workflow + +When triggered, the GitHub Actions runs multiple jobs. We have to configure at +least one job in the workflow file. + +For a release job, we need to clone the repository and then use `hatch` to build +the package. We also need to make sure we set up Hatch on the machine GitHub is +using to run the workflow. + +A minimal job definition would be: + +```yaml +jobs: + build_package: + name: Build the package + runs-on: ubuntu-latest + steps: + - uses: actions/checkout + - uses: pypa/hatch + - run: hatch build +``` + +:::{admonition} Hardening the GitHub Actions workflow + +There are several improvements we can make to the GitHub Actions workflow we +just configured to improve security and readability. + +First, we can give names to relevant steps in the process, to increase +readability of the logs generated during the workflow run. This can be achieved +using `name: ` lines. + +More importantly, each time we use an existing action (via `uses`) we should pin +that action to a commit hash. This ensures that if a malicious user takes over +the action, they won't be able to impact your repository (an example of a supply +chain attack due to GitHub Actions is the recent `tj-actions/changed-files` +attack[^changed-files-supply-chain-attack]). Enabling Dependabot[^dependabot] in +the repository will ensure that you always get a PR to keep the actions up to +date. + +Thus, the workflow that you should use, should be similar to: + +```yaml +jobs: + build_package: + name: Build the package + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + persist-credentials: false + - name: Set up Hatch + uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc + - name: Build artifacts + run: hatch build +``` + +::: + +Now, you can commit the `.github/workflows/release.yaml` file to the repository. + +At this point, if you create a new release for your project on GitHub, the +configured workflow should run and build a wheel for you. Unfortunately, the +wheel is only available on the runner. + +### Step 4: Upload the built artifact to the GitHub Artifacts + +We need to add one more step to the job definition to be able to access the +wheel. We will upload it to the artifacts temporary area[^github-artifacts]. Add +the following to the `release.yaml` file: + +```yaml + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + path: dist/ + name: dist.zip + if-no-files-found: error + retention-days: 1 +``` + +:::{admonition} Upload artifacts parameters +:class: tip + +We have configured the artifact to be deleted after 1 day. The artifacts storage +on GitHub actions is temporary, and users should not be getting the package from +here. + +We have also configured the release job to error if the `dist/` directory does +not exist. This means that `hatch build` (from the previous step) failed to +build our package, so there is nothing to release. +::: + +At this point, if you push the `release.yaml` to GitHub and create a new +release, the GitHub Actions job will run, will clone your repository, set up +Hatch, build the package and then upload it as an archive to the artifacts +storage. + +:::{figure-md} github-actions-release-workflows-run +Graphic showing an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. + +This figure shows an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. +::: + +At the bottom of the workflow run page on GitHub you should see a section for +the artifacts produced during runtime and uploaded to this storage area: + +:::{figure-md} github-actions-release-workflows-artifacts +Graphic showing an example of an artifact produced by the release workflow. + +This figure shows the artifact produced by the above release workflow. It is now marked as expired since the workflow ran more than a day ago. +::: + +You can download the artifact (before it expires), unzip it and install the +wheel contained within. However, this should only be done if you want to test +the built wheel. We will proceed to configure uploading to PyPI using trusted +publishing. + +## Configure automatic publishing to PyPI + +The job we configured on GitHub Actions builds a package for our code, but we +still need to upload it to PyPI. We could upload the package from the same job, +but it is better to create a separate one, to maintain separation of concerns. +This is why in the previous section we uploaded the artifact to the temporary +storage -- in the new job, we will download the package from there and upload it +to PyPI. Since this job does nothing else, there is no possibility that the +package could get compromised before the release. + +### Step 1: Add the upload job + +In the `release.yaml` file, add the following new job, after the job defined in +the previous section: + +```yaml + publish_release_to_pypi: + name: Publish release to PyPI + needs: [build_package] + runs-on: ubuntu-latest + environment: + name: pypi + url: + steps: + - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + with: + name: dist.zip + path: dist/ + - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 +``` + +:::{admonition} Make sure to change the URL + +Remember to change the `url:` to the URL for your package on PyPI! +::: + +This job has two steps: +- as discussed above, it uses `download-artifact` to download the artifacts + built in the previous job +- it uses `gh-action-pypi-publish` to publish the package to PyPI. + +We are almost there. We just need to enable trusted publishing for the project +and then we are done. + +### Step 2: Enable trusted publishing on PyPI + +Before trusted publishing was created, in order to upload to PyPI from GitHub +actions you would have needed to add the username and password as arguments to +the `gh-action-pypi-publish` step. While documentation recommends using the +GitHub's `secrets` environment for the password/token, in several cases users +were pasting it directly in the workflow file. Furthermore, accidental leakage +of the token could allow attackers to publish new packages in your name, until +you discover the compromise and revoke the leaked credential. + +To prevent these incidents and improve security, supply chain security +developers created Trusted Publishing. This allows registering publishers on +PyPI and mapping them to the automation workflow that is allowed to publish the +package. + +:::{admonition} Trusted Publishing outside of GitHub Actions +:class: tip + +Trusted Publishing supports other automation platforms, beyond GitHub Actions. +It is also possible to configure a trusted publisher for multiple workflows or +multiple publishers for the same package. These are advanced uses, out of scope +for this lesson. +::: + +For this lesson, we will focus on configuring a trusted publisher for a project that already exists on PyPI. If you completed the [lesson about PyPI publishing](create-python-package), you should have this project already created. + +This setup step needs to be performed only once for the project. Future releases +will only run the GitHub Actions workflow we are configuring in `release.yaml`. + +On the ["Your projects" page on PyPI](https://pypi.org/manage/projects/), click +"Manage" on any project you want to configure. + +:::{figure-md} trusted-publishing-your-projects +Graphic showing a screenshot of the "Your projects" page on PyPI. The "Manage" button for one of the projects is highlighted. + +This image shows several projects. The "Manage" button is highlighted for one of the projects, the one we want to configure trusted publishing for. +::: + +Then click "Publishing" in the project's sidebar. + +:::{figure-md} trusted-publishing-publishing +Graphic showing the management page for one project. The "Publishing" link in the sidebar is highlighted. + +Once clicking on the "Manage" button we got to the project's page. In the +sidebar, we have the "publishing" option, as highlighted here. +::: + +This will take you to the publisher configuration page for the project. Trusted +publishers can be configured via the forms here. Fill in the GitHub form with +the following information: + +- Owner: the GitHub organization name for the organization that owns the + project. If this is your personal project, then use your GitHub username here. +- Repository name: the name of the repository that contains the project. +- Workflow name: Should be `release.yaml` if you followed this guide, it is the + workflow we just configured. +- Environment name: Should be `pypi`, as that is what we configured in + `release.yaml`. + +Once you fill in this form and click "Add" the publisher is configured and can +be used to publish new releases of your package. + +:::{admonition} Fully hardened GitHub Actions release workflow + +For better security it is recommended to also control the permissions of the +GitHub token used within each job of the workflow. The permissions should be +scoped at job level and be as minimal as possible. A workflow that configures +trusted publishing and also does this is the following: + +```yaml +name: Release + +on: + release: + types: + - published + +permissions: {} # no permissions to the token at global level + +jobs: + build_package: + name: Build the package + runs-on: ubuntu-latest + permissions: + contents: read # this job only needs read access + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + persist-credentials: false + - name: Set up Hatch + uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc + - name: Build artifacts + run: hatch build + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + path: dist/ + name: dist.zip + if-no-files-found: error + retention-days: 1 + + publish_release_to_pypi: + name: Publish release to PyPI + needs: [build_package] + runs-on: ubuntu-latest + environment: + name: pypi + url: + permissions: + contents: read # this job needs read access + id-token: write # but also needs to be able to write the publishing token + steps: + - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + with: + name: dist.zip + path: dist/ + - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 +``` + +You can copy the above into your `release.yaml` file. You only need to update +the `url:` field and configure trusted publishing on PyPI. + +::: + +## You have enabled trusted publishing for your project + +Congratulations. You have now configured your project to do secure releases when a new version is being tagged on GitHub. The workflow we have configured builds the package from the exact version of code that we are tagging. This provides a guarantee for your users that the package we have released does exactly what the code states it does -- there is no potential for supply chain related vulnerabilities arising from our package! If you have a package that is ready for real-world use on the real PyPI, then you can follow the same steps to publish it securely. + +## Footnotes + +[^gha]: https://github.com/features/actions +[^changed-files-supply-chain-attack]: https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066 +[^dependabot]: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot +[^github-artifacts]: https://docs.github.com/en/actions/tutorials/store-and-share-data From d74838e81902cbcef98d26a7d035b7c1be718da8 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Mon, 15 Sep 2025 13:56:10 -0600 Subject: [PATCH 02/10] Apply suggestions from code review Co-authored-by: Michael Pilosov, PhD <40366263+mathematicalmichael@users.noreply.github.com> Co-authored-by: Jeremiah Paige Co-authored-by: Mihai Maruseac Co-authored-by: Jonny Saunders --- tutorials/trusted-publishing.md | 36 +++++++++++++++++---------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/tutorials/trusted-publishing.md b/tutorials/trusted-publishing.md index 4c034711e..7cb94de07 100644 --- a/tutorials/trusted-publishing.md +++ b/tutorials/trusted-publishing.md @@ -5,7 +5,7 @@ # Setup Trusted Publishing for secure and automated publishing via GitHub Actions -In the previous Python packaging lessons, you've learned: +In the previous Python packaging lessons, you learned: 1. [How to create a Python package](create-python-package) 1. How to publish the code to [PyPI](publish-pypi) and [Conda](publish-conda-forge) @@ -24,15 +24,15 @@ In this lesson you will learn how to: GitHub Actions[^gha] is an infrastructure provided by GitHub to automate software workflows, straight from the GitHub repository of the project. You can -configure automated testing for every pull request, automated publishing of -documentation, automated creation of webpages for the project, and even automate +configure automated testing for every pull request, automate publishing of +documentation, automate creation of webpages for the project, and even automate the release process. For this lesson we will only focus on the release process itself. :::{admonition} Learning Objectives :class: tip -This tutorial assumes that your project is published to GitHub and that you want +This tutorial assumes that your project is hosted to GitHub and that you want to publish a package from your project to PyPI. ::: @@ -64,15 +64,15 @@ This gives a name to the workflow. It allows you to quickly find all runs of this GitHub Action on the "Actions" tab in the GitHub repository. :::{figure-md} github-actions-release-workflows-summary -Graphic showing an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. +Graphic showing an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, "Release," as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. This image shows an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. ::: ### Step 2: Add triggers to the workflow -Every GitHub Actions workflow runs only when certain conditions are met. A -release workflow should only run when the repository owner creates a new release +Every GitHub Actions workflow runs only when [certain conditions](https://docs.github.com/en/actions/reference/events-that-trigger-workflows) are met. A +release workflow should only run when the repository owner creates a new [release](https://docs.github.com/en/repositories/releasing-projects-on-github/managing-releases-in-a-repository) for the package. Add the following to the `release.yaml` file: ```yaml @@ -84,7 +84,10 @@ on: ### Step 3: Configure the jobs in the workflow -When triggered, the GitHub Actions runs multiple jobs. We have to configure at +A GitHub Actions *workflow* file can contain multiple *jobs* that run independently, each of which can have multiple *steps.* +When triggered, the GitHub Actions runs all the jobs in a workflow[^conditionally]. We have to configure at + +[^conditionally]: Jobs and steps can also have [conditional logic](https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idif) that makes them only run in certain circumstances. least one job in the workflow file. For a release job, we need to clone the repository and then use `hatch` to build @@ -104,7 +107,7 @@ jobs: - run: hatch build ``` -:::{admonition} Hardening the GitHub Actions workflow +:::{admonition} Securing the GitHub Actions workflow There are several improvements we can make to the GitHub Actions workflow we just configured to improve security and readability. @@ -140,11 +143,11 @@ jobs: ::: -Now, you can commit the `.github/workflows/release.yaml` file to the repository. +Now, you can commit the `.github/workflows/release.yaml` file to the repository and push to GitHub. At this point, if you create a new release for your project on GitHub, the configured workflow should run and build a wheel for you. Unfortunately, the -wheel is only available on the runner. +wheel is only available on the runner, and will be deleted at the end of the workflow run. ### Step 4: Upload the built artifact to the GitHub Artifacts @@ -165,8 +168,7 @@ the following to the `release.yaml` file: :class: tip We have configured the artifact to be deleted after 1 day. The artifacts storage -on GitHub actions is temporary, and users should not be getting the package from -here. +on GitHub actions is temporary; users should not be getting the package from here. We have also configured the release job to error if the `dist/` directory does not exist. This means that `hatch build` (from the previous step) failed to @@ -205,7 +207,7 @@ still need to upload it to PyPI. We could upload the package from the same job, but it is better to create a separate one, to maintain separation of concerns. This is why in the previous section we uploaded the artifact to the temporary storage -- in the new job, we will download the package from there and upload it -to PyPI. Since this job does nothing else, there is no possibility that the +to PyPI. Since the `build` job does nothing else, there is no possibility that the package could get compromised before the release. ### Step 1: Add the upload job @@ -216,7 +218,7 @@ the previous section: ```yaml publish_release_to_pypi: name: Publish release to PyPI - needs: [build_package] + needs: [build_package] # only run if `build_package` succeeded runs-on: ubuntu-latest environment: name: pypi @@ -252,8 +254,8 @@ were pasting it directly in the workflow file. Furthermore, accidental leakage of the token could allow attackers to publish new packages in your name, until you discover the compromise and revoke the leaked credential. -To prevent these incidents and improve security, supply chain security -developers created Trusted Publishing. This allows registering publishers on +To prevent these incidents and improve supply chain security +developers created [Trusted Publishing](https://docs.pypi.org/trusted-publishers/). This allows registering publishers on PyPI and mapping them to the automation workflow that is allowed to publish the package. From 920d3b6269bc5fec735d86e53343d8915c3333c6 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Tue, 16 Sep 2025 14:21:03 -0600 Subject: [PATCH 03/10] Apply suggestions from code review Co-authored-by: Jeremiah Paige --- tutorials/trusted-publishing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tutorials/trusted-publishing.md b/tutorials/trusted-publishing.md index 7cb94de07..4d06527cf 100644 --- a/tutorials/trusted-publishing.md +++ b/tutorials/trusted-publishing.md @@ -32,7 +32,7 @@ itself. :::{admonition} Learning Objectives :class: tip -This tutorial assumes that your project is hosted to GitHub and that you want +This tutorial assumes that your project is hosted on GitHub and that you want to publish a package from your project to PyPI. ::: From 29013ee9adb7f737d6ced6f014ae5db481c94549 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Tue, 16 Sep 2025 15:49:48 -0600 Subject: [PATCH 04/10] docs(review): updates from review --- tutorials/trusted-publishing.md | 762 ++++++++++++++++---------------- 1 file changed, 385 insertions(+), 377 deletions(-) diff --git a/tutorials/trusted-publishing.md b/tutorials/trusted-publishing.md index 4d06527cf..8886a9a4f 100644 --- a/tutorials/trusted-publishing.md +++ b/tutorials/trusted-publishing.md @@ -1,379 +1,387 @@ ---- -:og:description: Learn how to publish your Python package automatically via GitHub Actions. This lesson also covers how to do publishing in a secure way by using Trusted Publishing. -:og:title: Setup Trusted Publishing for secure and automated publishing via GitHub Actions ---- - -# Setup Trusted Publishing for secure and automated publishing via GitHub Actions - -In the previous Python packaging lessons, you learned: - -1. [How to create a Python package](create-python-package) -1. How to publish the code to [PyPI](publish-pypi) and [Conda](publish-conda-forge) - -:::{admonition} Learning Objectives -:class: tip - -In this lesson you will learn how to: - -- Automate building and publishing the package on GitHub Actions -- Configure trusted publishing for the project - -::: - -## Configure a release job on GitHub Actions - -GitHub Actions[^gha] is an infrastructure provided by GitHub to automate -software workflows, straight from the GitHub repository of the project. You can -configure automated testing for every pull request, automate publishing of -documentation, automate creation of webpages for the project, and even automate -the release process. For this lesson we will only focus on the release process -itself. - -:::{admonition} Learning Objectives -:class: tip - -This tutorial assumes that your project is hosted on GitHub and that you want -to publish a package from your project to PyPI. -::: - -### Step 0: Create a release workflow - -To get started, create a file named `release.yaml` under the `.github/workflows` -directory of your project. - -:::{admonition} Naming the workflow -:class: tip - -The name of the worklow is not relevant, but `release.yaml` is the most -informative name. - -If the `.github/workflows` directory does not exist, you can create it. It is -GitHub's convention that all GitHub Actions are configured via YAML files in the -`.github/workflows` directory. -::: - -### Step 1: Name the workflow - -At the top of the `release.yaml` file type the following: - -```yaml -name: Release -``` - -This gives a name to the workflow. It allows you to quickly find all runs of -this GitHub Action on the "Actions" tab in the GitHub repository. - -:::{figure-md} github-actions-release-workflows-summary -Graphic showing an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, "Release," as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. - -This image shows an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. -::: - -### Step 2: Add triggers to the workflow - -Every GitHub Actions workflow runs only when [certain conditions](https://docs.github.com/en/actions/reference/events-that-trigger-workflows) are met. A +--- +:og:description: Learn how to publish your Python package automatically via GitHub Actions. This lesson also covers how to publish securely using PyPI's Trusted Publishing. +:og:title: Setup Trusted Publishing for secure and automated publishing via GitHub Actions +--- + +# Setup Trusted Publishing for secure and automated publishing via GitHub Actions + +In the previous Python packaging lessons, you learned: + +1. [How to create a Python package](create-python-package) +1. How to publish the code to [PyPI](publish-pypi) and [Conda](publish-conda-forge) + +:::{admonition} Learning Objectives +:class: tip + +In this lesson, you will learn how to: + +- Automate building and publishing the package on GitHub Actions +- Configure trusted publishing for the project +- Secure your workflow using action step GitHub hashes and versions + +This tutorial assumes that your project is hosted on GitHub and that you want +to publish a package from your project to PyPI. +::: + +## Configure a release job on GitHub Actions + +GitHub Actions[^gha] is an infrastructure provided by GitHub to automate +software workflows, straight from the GitHub repository of the project. You can +configure automated testing for every pull request, automate publishing of +documentation, automate creation of webpages for the project, and even automate +the release process. For this lesson, we will only focus on using actions to release +and publish your Python package securely. + +### Step 0: Create a release workflow + +To get started, create a file named `release.yaml` under the `.github/workflows` +directory of your project. If the `.github/workflows` directory does not exist, you can create it. It is +GitHub's convention that all GitHub Actions are configured via YAML files in the +`.github/workflows` directory. + +:::{admonition} Naming your workflow file +:class: note + +You can name the workflow file whatever you wish. We suggest using something +simple and expressive like `release.yaml` so you, your future self, and contributors +that work on your project know exactly what the workflow does. +::: + +### Step 1: Name the workflow + +At the top of the `release.yaml` file, type the following: + +```yaml +name: Release +``` + +This provides a name to the workflow. It allows you to quickly find all runs of +this GitHub Action on the "Actions" tab in the GitHub repository. + +:::{figure-md} github-actions-release-workflows-summary +Graphic showing an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, "Release," as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. + +This image shows an example of a configured workflow for the release. On the top, in the red box labeled "1" you see the "Actions" tab of the GitHub repository. On the left, in the red box labeled "2" you can see the name of the workflow, as configured in this step. Finally, in the center, in the red box labeled "3" you can see several runs of the workflow, for the "1.0" and "1.0.1" releases of the package. +::: + +### Step 2: Add triggers to the workflow + +Every GitHub Actions workflow runs only when [certain conditions](https://docs.github.com/en/actions/reference/events-that-trigger-workflows) are met. A release workflow should only run when the repository owner creates a new [release](https://docs.github.com/en/repositories/releasing-projects-on-github/managing-releases-in-a-repository) -for the package. Add the following to the `release.yaml` file: - -```yaml -on: - release: - types: - - published -``` - -### Step 3: Configure the jobs in the workflow - -A GitHub Actions *workflow* file can contain multiple *jobs* that run independently, each of which can have multiple *steps.* -When triggered, the GitHub Actions runs all the jobs in a workflow[^conditionally]. We have to configure at - -[^conditionally]: Jobs and steps can also have [conditional logic](https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idif) that makes them only run in certain circumstances. -least one job in the workflow file. - -For a release job, we need to clone the repository and then use `hatch` to build -the package. We also need to make sure we set up Hatch on the machine GitHub is -using to run the workflow. - -A minimal job definition would be: - -```yaml -jobs: - build_package: - name: Build the package - runs-on: ubuntu-latest - steps: - - uses: actions/checkout - - uses: pypa/hatch - - run: hatch build -``` - -:::{admonition} Securing the GitHub Actions workflow - -There are several improvements we can make to the GitHub Actions workflow we -just configured to improve security and readability. - -First, we can give names to relevant steps in the process, to increase -readability of the logs generated during the workflow run. This can be achieved -using `name: ` lines. - -More importantly, each time we use an existing action (via `uses`) we should pin -that action to a commit hash. This ensures that if a malicious user takes over -the action, they won't be able to impact your repository (an example of a supply -chain attack due to GitHub Actions is the recent `tj-actions/changed-files` -attack[^changed-files-supply-chain-attack]). Enabling Dependabot[^dependabot] in -the repository will ensure that you always get a PR to keep the actions up to -date. - -Thus, the workflow that you should use, should be similar to: - -```yaml -jobs: - build_package: - name: Build the package - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - name: Set up Hatch - uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc - - name: Build artifacts - run: hatch build -``` - -::: - -Now, you can commit the `.github/workflows/release.yaml` file to the repository and push to GitHub. - -At this point, if you create a new release for your project on GitHub, the -configured workflow should run and build a wheel for you. Unfortunately, the -wheel is only available on the runner, and will be deleted at the end of the workflow run. - -### Step 4: Upload the built artifact to the GitHub Artifacts - -We need to add one more step to the job definition to be able to access the -wheel. We will upload it to the artifacts temporary area[^github-artifacts]. Add -the following to the `release.yaml` file: - -```yaml - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 - with: - path: dist/ - name: dist.zip - if-no-files-found: error - retention-days: 1 -``` - -:::{admonition} Upload artifacts parameters -:class: tip - -We have configured the artifact to be deleted after 1 day. The artifacts storage -on GitHub actions is temporary; users should not be getting the package from here. - -We have also configured the release job to error if the `dist/` directory does -not exist. This means that `hatch build` (from the previous step) failed to -build our package, so there is nothing to release. -::: - -At this point, if you push the `release.yaml` to GitHub and create a new -release, the GitHub Actions job will run, will clone your repository, set up -Hatch, build the package and then upload it as an archive to the artifacts -storage. - -:::{figure-md} github-actions-release-workflows-run -Graphic showing an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. - -This figure shows an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. -::: - -At the bottom of the workflow run page on GitHub you should see a section for -the artifacts produced during runtime and uploaded to this storage area: - -:::{figure-md} github-actions-release-workflows-artifacts -Graphic showing an example of an artifact produced by the release workflow. - -This figure shows the artifact produced by the above release workflow. It is now marked as expired since the workflow ran more than a day ago. -::: - -You can download the artifact (before it expires), unzip it and install the -wheel contained within. However, this should only be done if you want to test -the built wheel. We will proceed to configure uploading to PyPI using trusted -publishing. - -## Configure automatic publishing to PyPI - -The job we configured on GitHub Actions builds a package for our code, but we -still need to upload it to PyPI. We could upload the package from the same job, -but it is better to create a separate one, to maintain separation of concerns. -This is why in the previous section we uploaded the artifact to the temporary -storage -- in the new job, we will download the package from there and upload it -to PyPI. Since the `build` job does nothing else, there is no possibility that the -package could get compromised before the release. - -### Step 1: Add the upload job - -In the `release.yaml` file, add the following new job, after the job defined in -the previous section: - -```yaml - publish_release_to_pypi: - name: Publish release to PyPI +for the package. Add the following to the `release.yaml` file: + +```yaml +on: + release: + types: + - published # This tells GitHub to only run this workflow when a release of your package is published +``` + +### Step 3: Configure the jobs in the workflow + +A GitHub Actions *workflow* file can contain multiple *jobs* that run independently; each job can also have multiple *steps.* +When triggered, the GitHub Action runs all the jobs in a workflow (excluding any steps that have conditional requirements). + +:::{note} +Jobs and steps can also have [conditional logic](https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idif) that allows them only to run if specific criteria exist. For instance, you may want only to have a job step to publish to PyPI if a release was made for the package. +::: + +For a release job, we need to clone or check out the repository. We use the actions/checkout action to check out the code. You then use `hatch` to build +the package. + +You also need to make sure to set up Hatch on the machine GitHub is +using to run the workflow. The `pypa/hatch` action installs Hatch. + +A minimal job definition would look like this: + +```yaml +jobs: + build_package: + name: Build the package + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 # This is the version of the checkout job that checks out your code. + - uses: pypa/hatch + - run: hatch build +``` + +Notice that above, you provide a version for each action step. `action/checkout@v5` tells GitHub to use version 5 of the checkout action. The checkout action checks out the code from your repository. In this case, the code will be used to build your package. + +Next, you will learn about an even better way to secure your workflow + +### Step 4: Secure the GitHub Actions workflow + +There are several improvements you can make to the GitHub Actions workflow you +just configured to improve security and readability. + +First, we can give names to relevant steps in the process to increase +the readability of the logs generated during the workflow run. This can be achieved +using `name: ` lines. + +More importantly, each time you use an existing action (via `uses`) you should pin +that action to a commit hash. Pinning your action ensures that if a malicious user takes over +the action, they won't be able to impact your repository (an example of a supply +chain attack due to GitHub Actions is the recent `tj-actions/changed-files` +attack[^changed-files-supply-chain-attack]). + +:::{tip} +Enabling Dependabot[^dependabot] in +the repository will ensure that you always get a PR to keep the actions up to +date. Once Dependabot is enabled, it will update these hashes for you in the future! +::: + +Thus, the workflow that you should use should be similar to: + +```yaml} +jobs: + build_package: + name: Build the package + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0 + with: + persist-credentials: false + - name: Set up Hatch + uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc + - name: Build artifacts + run: hatch build +``` + +Now, you can commit the `.github/workflows/release.yaml` file to the repository and push to GitHub. + +At this point, if you create a new release for your project on GitHub, the +configured workflow should run and build a wheel for you. Unfortunately, the +wheel is only available on the runner and will be deleted at the end of the workflow run. + +### Step 5: Upload the built artifact to GitHub Artifacts + +You need to add one more step to the job definition to be able to access the +wheel. You will upload it to the artifacts temporary area[^github-artifacts]. Add +the following to the `release.yaml` file: + +```yaml + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + path: dist/ + name: dist.zip + if-no-files-found: error + retention-days: 1 +``` + +:::{admonition} Upload artifacts parameters +:class: tip + +Above, you have configured the artifact to be deleted after 1 day. The artifacts storage +on GitHub actions is temporary; users should not be getting the package from here. + +You have also configured the release job to error if the `dist/` directory does +not exist. This means that `hatch build` (from the previous step) failed to +build our package, so there is nothing to release. +::: + +At this point, if you push the `release.yaml` to GitHub and create a new +release, the GitHub Actions job will: + +* run, +* clone your repository, +* install and set up Hatch, +* build your package and +* upload your package as an archive to the artifacts storage. + +:::{figure-md} github-actions-release-workflows-run +Graphic showing an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. + +This figure shows an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. +::: + +At the bottom of the workflow run page on GitHub, you should see a section for +the artifacts produced during runtime and uploaded to this storage area: + +:::{figure-md} github-actions-release-workflows-artifacts +Graphic showing an example of an artifact produced by the release workflow. + +This figure shows the artifact produced by the above release workflow. It is now marked as expired since the workflow ran more than a day ago. +::: + +You can download the artifact (before it expires), unzip it, and install the +wheel contained within. However, this should only be done if you want to test +the built wheel. Next, you will configure uploading to PyPI using trusted +publishing. + +## Configure automatic publishing to PyPI + +The job you configured above on GitHub Actions builds a package using your code. +You still need to upload it to PyPI. You could upload the package from the same job, +but it is better to create a separate one, to maintain separation of concerns. +This is why in the previous section we uploaded the artifact to the temporary +storage -- in the new job, you will download the package from there and upload it +to PyPI. Since the `build` job does nothing else, there is no possibility that the +package could get compromised before the release. + +### Step 1: Add the upload job + +In the `release.yaml` file, add the following new job, after the job defined in +the previous section: + +```yaml + publish_release_to_pypi: + name: Publish release to PyPI needs: [build_package] # only run if `build_package` succeeded - runs-on: ubuntu-latest - environment: - name: pypi - url: - steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 - with: - name: dist.zip - path: dist/ - - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 -``` - -:::{admonition} Make sure to change the URL - -Remember to change the `url:` to the URL for your package on PyPI! -::: - -This job has two steps: -- as discussed above, it uses `download-artifact` to download the artifacts - built in the previous job -- it uses `gh-action-pypi-publish` to publish the package to PyPI. - -We are almost there. We just need to enable trusted publishing for the project -and then we are done. - -### Step 2: Enable trusted publishing on PyPI - -Before trusted publishing was created, in order to upload to PyPI from GitHub -actions you would have needed to add the username and password as arguments to -the `gh-action-pypi-publish` step. While documentation recommends using the -GitHub's `secrets` environment for the password/token, in several cases users -were pasting it directly in the workflow file. Furthermore, accidental leakage -of the token could allow attackers to publish new packages in your name, until -you discover the compromise and revoke the leaked credential. - -To prevent these incidents and improve supply chain security -developers created [Trusted Publishing](https://docs.pypi.org/trusted-publishers/). This allows registering publishers on -PyPI and mapping them to the automation workflow that is allowed to publish the -package. - -:::{admonition} Trusted Publishing outside of GitHub Actions -:class: tip - -Trusted Publishing supports other automation platforms, beyond GitHub Actions. -It is also possible to configure a trusted publisher for multiple workflows or -multiple publishers for the same package. These are advanced uses, out of scope -for this lesson. -::: - -For this lesson, we will focus on configuring a trusted publisher for a project that already exists on PyPI. If you completed the [lesson about PyPI publishing](create-python-package), you should have this project already created. - -This setup step needs to be performed only once for the project. Future releases -will only run the GitHub Actions workflow we are configuring in `release.yaml`. - -On the ["Your projects" page on PyPI](https://pypi.org/manage/projects/), click -"Manage" on any project you want to configure. - -:::{figure-md} trusted-publishing-your-projects -Graphic showing a screenshot of the "Your projects" page on PyPI. The "Manage" button for one of the projects is highlighted. - -This image shows several projects. The "Manage" button is highlighted for one of the projects, the one we want to configure trusted publishing for. -::: - -Then click "Publishing" in the project's sidebar. - -:::{figure-md} trusted-publishing-publishing -Graphic showing the management page for one project. The "Publishing" link in the sidebar is highlighted. - -Once clicking on the "Manage" button we got to the project's page. In the -sidebar, we have the "publishing" option, as highlighted here. -::: - -This will take you to the publisher configuration page for the project. Trusted -publishers can be configured via the forms here. Fill in the GitHub form with -the following information: - -- Owner: the GitHub organization name for the organization that owns the - project. If this is your personal project, then use your GitHub username here. -- Repository name: the name of the repository that contains the project. -- Workflow name: Should be `release.yaml` if you followed this guide, it is the - workflow we just configured. -- Environment name: Should be `pypi`, as that is what we configured in - `release.yaml`. - -Once you fill in this form and click "Add" the publisher is configured and can -be used to publish new releases of your package. - -:::{admonition} Fully hardened GitHub Actions release workflow - -For better security it is recommended to also control the permissions of the -GitHub token used within each job of the workflow. The permissions should be -scoped at job level and be as minimal as possible. A workflow that configures -trusted publishing and also does this is the following: - -```yaml -name: Release - -on: - release: - types: - - published - -permissions: {} # no permissions to the token at global level - -jobs: - build_package: - name: Build the package - runs-on: ubuntu-latest - permissions: - contents: read # this job only needs read access - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - name: Set up Hatch - uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc - - name: Build artifacts - run: hatch build - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 - with: - path: dist/ - name: dist.zip - if-no-files-found: error - retention-days: 1 - - publish_release_to_pypi: - name: Publish release to PyPI - needs: [build_package] - runs-on: ubuntu-latest - environment: - name: pypi - url: - permissions: - contents: read # this job needs read access - id-token: write # but also needs to be able to write the publishing token - steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 - with: - name: dist.zip - path: dist/ - - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 -``` - -You can copy the above into your `release.yaml` file. You only need to update -the `url:` field and configure trusted publishing on PyPI. - -::: - -## You have enabled trusted publishing for your project - -Congratulations. You have now configured your project to do secure releases when a new version is being tagged on GitHub. The workflow we have configured builds the package from the exact version of code that we are tagging. This provides a guarantee for your users that the package we have released does exactly what the code states it does -- there is no potential for supply chain related vulnerabilities arising from our package! If you have a package that is ready for real-world use on the real PyPI, then you can follow the same steps to publish it securely. - -## Footnotes - -[^gha]: https://github.com/features/actions -[^changed-files-supply-chain-attack]: https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066 -[^dependabot]: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot -[^github-artifacts]: https://docs.github.com/en/actions/tutorials/store-and-share-data + runs-on: ubuntu-latest + environment: + name: pypi + url: + steps: + - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + with: + name: dist.zip + path: dist/ + - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 +``` + +:::{admonition} Make sure to change the URL + +Remember to change the `url:` to the URL for your package on PyPI! +::: + +This job has two steps: +- as discussed above, it uses `download-artifact` to download the artifacts + built in the previous job +- it uses `gh-action-pypi-publish` to publish the package to PyPI. + +We are almost there. We just need to enable trusted publishing for the project +and then we are done. + +### Step 2: Enable trusted publishing on PyPI + +Before trusted publishing was created, in order to upload to PyPI from GitHub +actions you would have needed to add the username and password as arguments to +the `gh-action-pypi-publish` step. While documentation recommends using the +GitHub's `secrets` environment for the password/token, in several cases, users +were pasting it directly in the workflow file. Furthermore, accidental leakage +of the token could allow attackers to publish new packages in your name, until +you discover the compromise and revoke the leaked credential. + +To prevent these incidents and improve supply chain security +developers created [Trusted Publishing](https://docs.pypi.org/trusted-publishers/). This allows registering publishers on +PyPI and mapping them to the automation workflow that is allowed to publish the +package. + +:::{admonition} Trusted Publishing outside of GitHub Actions +:class: tip + +Trusted Publishing supports other automation platforms, beyond GitHub Actions. +It is also possible to configure a trusted publisher for multiple workflows or +multiple publishers for the same package. These are advanced uses, out of scope +for this lesson. +::: + +For this lesson, we will focus on configuring a trusted publisher for a project that already exists on PyPI. If you completed the [lesson about PyPI publishing](create-python-package), you should have this project already created. + +This setup step needs to be performed only once for the project. Future releases +will only run the GitHub Actions workflow we are configuring in `release.yaml`. + +On the ["Your projects" page on PyPI](https://pypi.org/manage/projects/), click +"Manage" on any project you want to configure. + +:::{figure-md} trusted-publishing-your-projects +Graphic showing a screenshot of the "Your projects" page on PyPI. The "Manage" button for one of the projects is highlighted. + +This image shows several projects. The "Manage" button is highlighted for one of the projects, the one we want to configure trusted publishing for. +::: + +Then click "Publishing" in the project's sidebar. + +:::{figure-md} trusted-publishing-publishing +Graphic showing the management page for one project. The "Publishing" link in the sidebar is highlighted. + +Once clicking on the "Manage" button we got to the project's page. In the +sidebar, we have the "publishing" option, as highlighted here. +::: + +This will take you to the publisher configuration page for the project. Trusted +publishers can be configured via the forms here. Fill in the GitHub form with +the following information: + +- Owner: the GitHub organization name for the organization that owns the + project. If this is your personal project, then use your GitHub username here. +- Repository name: the name of the repository that contains the project. +- Workflow name: Should be `release.yaml` if you followed this guide, it is the + workflow we just configured. +- Environment name: Should be `pypi`, as that is what we configured in + `release.yaml`. + +Once you fill in this form and click "Add" the publisher is configured and can +be used to publish new releases of your package. + +:::{admonition} Fully hardened GitHub Actions release workflow + +For better security it is recommended to also control the permissions of the +GitHub token used within each job of the workflow. The permissions should be +scoped at job level and be as minimal as possible. A workflow that configures +trusted publishing and also does this is the following: + +```yaml +name: Release + +on: + release: + types: + - published + +permissions: {} # no permissions to the token at global level + +jobs: + build_package: + name: Build the package + runs-on: ubuntu-latest + permissions: + contents: read # this job only needs read access + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + persist-credentials: false + - name: Set up Hatch + uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc + - name: Build artifacts + run: hatch build + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + path: dist/ + name: dist.zip + if-no-files-found: error + retention-days: 1 + + publish_release_to_pypi: + name: Publish release to PyPI + needs: [build_package] + runs-on: ubuntu-latest + environment: + name: pypi + url: + permissions: + contents: read # this job needs read access + id-token: write # but also needs to be able to write the publishing token + steps: + - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + with: + name: dist.zip + path: dist/ + - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 +``` + +You can copy the above into your `release.yaml` file. You only need to update +the `url:` field and configure trusted publishing on PyPI. + +::: + +## You have enabled trusted publishing for your project + +Congratulations. You have now configured your project to do secure releases when a new version is being tagged on GitHub. The workflow we have configured builds the package from the exact version of code that we are tagging. This provides a guarantee for your users that the package we have released does exactly what the code states it does -- there is no potential for supply chain related vulnerabilities arising from our package! If you have a package that is ready for real-world use on the real PyPI, then you can follow the same steps to publish it securely. + +## Footnotes + +[^gha]: https://github.com/features/actions +[^changed-files-supply-chain-attack]: https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066 +[^dependabot]: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot +[^github-artifacts]: https://docs.github.com/en/actions/tutorials/store-and-share-data From 10ef74c12da3a7611d7cc8fd8b755579397aa3eb Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Tue, 16 Sep 2025 16:03:57 -0600 Subject: [PATCH 05/10] chore(deps): Update dependabot configuration for GitHub Actions (#577) --- .github/dependabot.yml | 18 +++++++- .../pure-hatch/.github/workflows/release.yml | 46 +++++++++++++++++++ 2 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 examples/pure-hatch/.github/workflows/release.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 87dbac45b..03203365a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,7 +4,7 @@ updates: directory: "/" insecure-external-code-execution: allow schedule: - interval: "daily" + interval: "monthly" open-pull-requests-limit: 100 labels: - "maintenance" @@ -18,7 +18,21 @@ updates: - package-ecosystem: "github-actions" directory: "/" schedule: - interval: "daily" + interval: "monthly" + open-pull-requests-limit: 100 + labels: + - "maintenance" + - "dependencies" + groups: + actions: + patterns: + - "*" + commit-message: + prefix: "chore" + - package-ecosystem: "github-actions" + directory: "examples/pure-hatch/.github/workflows" + schedule: + interval: "weekly" open-pull-requests-limit: 100 labels: - "maintenance" diff --git a/examples/pure-hatch/.github/workflows/release.yml b/examples/pure-hatch/.github/workflows/release.yml new file mode 100644 index 000000000..89f02600e --- /dev/null +++ b/examples/pure-hatch/.github/workflows/release.yml @@ -0,0 +1,46 @@ +name: Release + +on: + release: + types: + - published + +permissions: {} # no permissions to the token at global level + +jobs: + build_package: + name: Build the package + runs-on: ubuntu-latest + permissions: + contents: read # this job only needs read access + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + persist-credentials: false + - name: Set up Hatch + uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc + - name: Build artifacts + run: hatch build + - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + path: dist/ + name: dist.zip + if-no-files-found: error + retention-days: 1 + + publish_release_to_pypi: + name: Publish release to PyPI + needs: [build_package] + runs-on: ubuntu-latest + environment: + name: pypi + url: + permissions: + contents: read # this job needs read access + id-token: write # but also needs to be able to write the publishing token + steps: + - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + with: + name: dist.zip + path: dist/ + - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 From 04aff135327a09227df48e22b5cc236aff8bd44d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 16 Sep 2025 16:12:33 -0600 Subject: [PATCH 06/10] chore: bump the actions group (#579) Bumps the actions group in /examples/pure-hatch/.github/workflows with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish). Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) Updates `actions/download-artifact` from 4.3.0 to 5.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...634f93cb2916e3fdff6788551b99b062d0335ce0) Updates `pypa/gh-action-pypi-publish` from 1.12.4 to 1.13.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/76f52bc884231f62b9a034ebfe128415bbaabdfc...ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- examples/pure-hatch/.github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/pure-hatch/.github/workflows/release.yml b/examples/pure-hatch/.github/workflows/release.yml index 89f02600e..5536c7412 100644 --- a/examples/pure-hatch/.github/workflows/release.yml +++ b/examples/pure-hatch/.github/workflows/release.yml @@ -14,7 +14,7 @@ jobs: permissions: contents: read # this job only needs read access steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Hatch @@ -39,8 +39,8 @@ jobs: contents: read # this job needs read access id-token: write # but also needs to be able to write the publishing token steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: dist.zip path: dist/ - - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 + - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 From d7e877499643c6bdf003972cd2c662dcbff3eca3 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Tue, 16 Sep 2025 16:17:55 -0600 Subject: [PATCH 07/10] Fix: includes --- tutorials/trusted-publishing.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tutorials/trusted-publishing.md b/tutorials/trusted-publishing.md index 8886a9a4f..57dd4af2b 100644 --- a/tutorials/trusted-publishing.md +++ b/tutorials/trusted-publishing.md @@ -107,7 +107,7 @@ jobs: Notice that above, you provide a version for each action step. `action/checkout@v5` tells GitHub to use version 5 of the checkout action. The checkout action checks out the code from your repository. In this case, the code will be used to build your package. -Next, you will learn about an even better way to secure your workflow +Next, you will learn about a better way to secure (or "harden") your workflow ### Step 4: Secure the GitHub Actions workflow @@ -132,6 +132,13 @@ date. Once Dependabot is enabled, it will update these hashes for you in the fut Thus, the workflow that you should use should be similar to: +```{literalinclude} ../examples/pure-hatch/.github/release.yml +:language: python +:lines: 10-20 + +``` + + ```yaml} jobs: build_package: From f1f92bc7df515210ac767f9ea2298c5ef1499ae1 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Tue, 16 Sep 2025 16:27:33 -0600 Subject: [PATCH 08/10] feat: literal includes for the action --- tutorials/trusted-publishing.md | 106 ++++++-------------------------- 1 file changed, 18 insertions(+), 88 deletions(-) diff --git a/tutorials/trusted-publishing.md b/tutorials/trusted-publishing.md index 57dd4af2b..4b936a03f 100644 --- a/tutorials/trusted-publishing.md +++ b/tutorials/trusted-publishing.md @@ -132,28 +132,12 @@ date. Once Dependabot is enabled, it will update these hashes for you in the fut Thus, the workflow that you should use should be similar to: -```{literalinclude} ../examples/pure-hatch/.github/release.yml -:language: python -:lines: 10-20 +```{literalinclude} ../examples/pure-hatch/.github/workflows/release.yml +:language: yaml +:lines: 1-23 ``` - -```yaml} -jobs: - build_package: - name: Build the package - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0 - with: - persist-credentials: false - - name: Set up Hatch - uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc - - name: Build artifacts - run: hatch build -``` - Now, you can commit the `.github/workflows/release.yaml` file to the repository and push to GitHub. At this point, if you create a new release for your project on GitHub, the @@ -166,13 +150,10 @@ You need to add one more step to the job definition to be able to access the wheel. You will upload it to the artifacts temporary area[^github-artifacts]. Add the following to the `release.yaml` file: -```yaml - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 - with: - path: dist/ - name: dist.zip - if-no-files-found: error - retention-days: 1 +```{literalinclude} ../examples/pure-hatch/.github/workflows/release.yml +:language: yaml +:lines: 24-29 + ``` :::{admonition} Upload artifacts parameters @@ -230,20 +211,11 @@ package could get compromised before the release. In the `release.yaml` file, add the following new job, after the job defined in the previous section: -```yaml - publish_release_to_pypi: - name: Publish release to PyPI - needs: [build_package] # only run if `build_package` succeeded - runs-on: ubuntu-latest - environment: - name: pypi - url: - steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 - with: - name: dist.zip - path: dist/ - - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 + +```{literalinclude} ../examples/pure-hatch/.github/workflows/release.yml +:language: yaml +:lines: 31-46 + ``` :::{admonition} Make sure to change the URL @@ -321,65 +293,23 @@ the following information: Once you fill in this form and click "Add" the publisher is configured and can be used to publish new releases of your package. -:::{admonition} Fully hardened GitHub Actions release workflow +## Fully hardened GitHub Actions release workflow -For better security it is recommended to also control the permissions of the +For better security, it is also recommended to control the permissions of the GitHub token used within each job of the workflow. The permissions should be scoped at job level and be as minimal as possible. A workflow that configures trusted publishing and also does this is the following: -```yaml -name: Release - -on: - release: - types: - - published +```{literalinclude} ../examples/pure-hatch/.github/workflows/release.yml +:language: yaml -permissions: {} # no permissions to the token at global level - -jobs: - build_package: - name: Build the package - runs-on: ubuntu-latest - permissions: - contents: read # this job only needs read access - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - name: Set up Hatch - uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc - - name: Build artifacts - run: hatch build - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 - with: - path: dist/ - name: dist.zip - if-no-files-found: error - retention-days: 1 - - publish_release_to_pypi: - name: Publish release to PyPI - needs: [build_package] - runs-on: ubuntu-latest - environment: - name: pypi - url: - permissions: - contents: read # this job needs read access - id-token: write # but also needs to be able to write the publishing token - steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 - with: - name: dist.zip - path: dist/ - - uses: pypa/gh-action-pypi-publish@76f52bc884231f62b9a034ebfe128415bbaabdfc # v1.12.4 ``` You can copy the above into your `release.yaml` file. You only need to update the `url:` field and configure trusted publishing on PyPI. +:::{note} +The workflow above should be up to date with the current versions of GitHub actions. However, it's good to turn on Dependabot to update the action versions in the future. ::: ## You have enabled trusted publishing for your project From c9abeddc45e15a7ccc086c2cf22ada7305ed484e Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Tue, 16 Sep 2025 18:12:37 -0600 Subject: [PATCH 09/10] docs: fix workflow --- .../pure-hatch/.github/workflows/release.yml | 12 +++++- tutorials/trusted-publishing.md | 40 ++++++++++--------- 2 files changed, 31 insertions(+), 21 deletions(-) diff --git a/examples/pure-hatch/.github/workflows/release.yml b/examples/pure-hatch/.github/workflows/release.yml index 5536c7412..e0aab034c 100644 --- a/examples/pure-hatch/.github/workflows/release.yml +++ b/examples/pure-hatch/.github/workflows/release.yml @@ -17,8 +17,16 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - name: Set up Hatch - uses: pypa/hatch@257e27e51a6a5616ed08a39a408a21c35c9931bc + + - name: Setup Python + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + with: + python-version: "3.12" # Select the version that you want to build your package on + - name: Upgrade pip, install Hatch, and check Hatch version + run: | + pip install --upgrade pip + pip install --upgrade hatch + hatch --version # Verify that Hatch is installed - name: Build artifacts run: hatch build - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 diff --git a/tutorials/trusted-publishing.md b/tutorials/trusted-publishing.md index 4b936a03f..92ff05606 100644 --- a/tutorials/trusted-publishing.md +++ b/tutorials/trusted-publishing.md @@ -134,7 +134,7 @@ Thus, the workflow that you should use should be similar to: ```{literalinclude} ../examples/pure-hatch/.github/workflows/release.yml :language: yaml -:lines: 1-23 +:lines: 1-29 ``` @@ -152,7 +152,7 @@ the following to the `release.yaml` file: ```{literalinclude} ../examples/pure-hatch/.github/workflows/release.yml :language: yaml -:lines: 24-29 +:lines: 32-37 ``` @@ -170,11 +170,11 @@ build our package, so there is nothing to release. At this point, if you push the `release.yaml` to GitHub and create a new release, the GitHub Actions job will: -* run, -* clone your repository, -* install and set up Hatch, -* build your package and -* upload your package as an archive to the artifacts storage. +- run, +- clone your repository, +- install and set up Hatch, +- build your package and +- upload your package as an archive to the artifacts storage. :::{figure-md} github-actions-release-workflows-run Graphic showing an example of a release workflow that has just finished running. Each step in the log is matched to one step in the workflow definition. @@ -198,11 +198,13 @@ publishing. ## Configure automatic publishing to PyPI -The job you configured above on GitHub Actions builds a package using your code. +The job you configured above using GitHub Actions builds your package using your code. You still need to upload it to PyPI. You could upload the package from the same job, -but it is better to create a separate one, to maintain separation of concerns. -This is why in the previous section we uploaded the artifact to the temporary -storage -- in the new job, you will download the package from there and upload it +but it is better to create a separate one to maintain a separation of tasks. +This is why, in the previous section, we uploaded the artifact to the temporary +storage. + +In the new job, you will download the package from there and upload it to PyPI. Since the `build` job does nothing else, there is no possibility that the package could get compromised before the release. @@ -211,10 +213,9 @@ package could get compromised before the release. In the `release.yaml` file, add the following new job, after the job defined in the previous section: - ```{literalinclude} ../examples/pure-hatch/.github/workflows/release.yml :language: yaml -:lines: 31-46 +:lines: 39-54 ``` @@ -224,12 +225,13 @@ Remember to change the `url:` to the URL for your package on PyPI! ::: This job has two steps: + - as discussed above, it uses `download-artifact` to download the artifacts built in the previous job - it uses `gh-action-pypi-publish` to publish the package to PyPI. -We are almost there. We just need to enable trusted publishing for the project -and then we are done. +You are almost there!! Now, you just need to enable trusted publishing for the project +on PyPI. And then, your work is done! ### Step 2: Enable trusted publishing on PyPI @@ -318,7 +320,7 @@ Congratulations. You have now configured your project to do secure releases when ## Footnotes -[^gha]: https://github.com/features/actions -[^changed-files-supply-chain-attack]: https://www.wiz.io/blog/github-action-tj-actions-changed-files-supply-chain-attack-cve-2025-30066 -[^dependabot]: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot -[^github-artifacts]: https://docs.github.com/en/actions/tutorials/store-and-share-data +[^gha]: +[^changed-files-supply-chain-attack]: +[^dependabot]: +[^github-artifacts]: From 7429c12749fda42221ef727bdca8b6a58edae270 Mon Sep 17 00:00:00 2001 From: Leah Wasser Date: Tue, 16 Sep 2025 18:49:08 -0600 Subject: [PATCH 10/10] chore: fix errors from docs-test --- images/trusted-publisher-pypi-github.png | Bin 0 -> 167970 bytes images/trusted-publisher-pypi-github.webp | Bin 0 -> 44432 bytes tutorials/pyproject-toml.md | 6 +- tutorials/trusted-publishing.md | 86 ++++++++++++++-------- 4 files changed, 58 insertions(+), 34 deletions(-) create mode 100644 images/trusted-publisher-pypi-github.png create mode 100644 images/trusted-publisher-pypi-github.webp diff --git a/images/trusted-publisher-pypi-github.png b/images/trusted-publisher-pypi-github.png new file mode 100644 index 0000000000000000000000000000000000000000..b2c5eb11ffe08ecddc901b79323d0c4cc00d956e GIT binary patch literal 167970 zcmb@t1yEc|)Gj*spuydP6WrZ{dywGn?(P~$2u=v@F2P*`Aq1DfHMqOO8*-AI^WVC! z>eaiqD}lZD^sMe)@~v-mZz7cxB#{yD5dZ)Hvb2=A3IG6P2LPb9fw15w^p*VP;9u|# zQg59B0F>V6{}74vC8d+)WTBA%gI#LOW}>Nm$fmE3AK1|@Sb(jm ziy^6pt&N>CuZIBjFS)$n>*vQz)Zk7|CT6@U;;(;q0pAHwTe!G5@G>#EySp>GvoYE` znKQBQ@bEA(vof)=GJtz9ID6W;72J{@E-p@%Mt`N-IWrpmdgA*06-Mx)nG8*wnOGQ^pQlAi%KuM)UJ(=L=i7e< zQ8jh^b@R`ijpeVA91NYDP2YGrmx^}m>4se+L+p!+POR% ziRHJEOpJM5EM06&|22__jm!Tu5!m;5Z4B+q1*kn3OiaxTU2R;b1znt6oxuiSaBwxU zv2?aDbz*Svbg=w$%kb>&hUTWE45a@r9nCFWEL@HLH@f&eJU`QaX7+!e35Wm0!?VZ! z3d?6-1%Cim1KV#kfbV!kTwN^eodj)64J}CB4V|4$o%o-7{do=!lV8UA|78$x9RIb* z|Cok{p~HVd2HcJJm#f=5y|K5q5fn4Db2B8RQ8BeMF?BL^q9rx4Hx>{Vk<{`OGgW?T zEkWuEo~3}A$ZJJWDPuNs8xek{|5e2QcG~}}1dJMB{9yWvGT@uPI0YV2fZ7R+Lh!j= z@BqknSJL7lZ#>fW7lk77+==>6M$Ue)jU4XpZ|1zuLW|{?qr>KmjY#Rn#D}NplA$2v zd@X@GDMLUH6Ge|HS_Pad`bcA*`ySiK6pdx;h6#sKkNM}?;r_w?kF%PYwu=Sr^Mys{ zj79IZcb+Ncu$$ULNNh)2SEVwvl)vB;{6j#6$?MN`Krl4&?`z>BApY;mfF(3APXE)| zURwOQ^pYI?b9w$D3*z_nHjxO_@5@oXpl4)%ZdvaCcLfjSz-{MN>|qN)0y;mbfOxfj zjq=D96egzA?&CT35&%fU3+^J_+uMsG{xzQf)xLbEU%dbT;Ump#h?VG~lHH`c`~-hK z_hZ3-J~>a!f>=qwMS`_Vr5bWbSzW5O{P4&r_<4wRes*AZ$&vH3sbFU23OG4|n}bV! zLLNnNoYfU<;~-dBUPTpqNb{Tr4k?E7X555JUm$xNIppIDEWh|nG^xnAxw(B|OE+tF z-)}w?*T?xK;_gMEyU+h@X(9MWI zYB;f<;-T;2+~GT9Y9BPxQAM@t>{|v#-R9bDw1Af0(^IF{^z?7Fw6xA?8f=@}(g#f9 z_CS?PUYNi1@K#@6{~Y&ujB`y|N;NgpGZO8a;Re41^Ny!89p9bAy!}I-vHG5}j&=E) z-a^5IE58+8JfvL;H5X)udU$*kG7G?AUV$a6*4qIKb{Snz6!F%#=8D1TY4v)l_#b99 z5;0KcDZiX2;3+R5?xt+eKJ!ks{WjEo>qW<%b&1uL`*ummm2r4nT!H23w|?RuHzR_n z-oxc4%($<-d{$7<*$G8Q0SoYhgM)AJVkYVjawK^iCwAE5hvZ8+0paMsJl7%ROT%sV zpuabzqOJ#(kmqHx=fTu_f)|@BnJHZMY$wxq%PBGbr@=SJk|YZ+hy!XQM;(A7P!1|3 zCEqRBzkBcxXIWwk3=?r>j?^?&$Cj6uUwc53r=vFI*Q%t^GUB`PaP&i?-A~YZtM6_EVi-lFhYT9I({ai*J@JH_o}RwY zOFJ@mx0x}1fFgcq$VInd+c5wJa0IM8`pEUo9*sIl$NqMPCLnrdu6jK zJJ00d@$U2*gJj^2*vlPOp1~@BP5hq~5Ux*6l~q*Sb|)+{WfBk&%r4Amp3`(f!v6|x zskrgPH?E0W{%2c0HxoEc8=<8;n`a3Xc?++zta3@WFz(@;};tF1i+&9`DU7EZ~$^k;hP^LkmTRVZjt9T?hfhMg`ai8#KYoHZfFHUFoKz&!3&gn2ybH zu-34()SP*D46g#%?tJ~01A9*S&U`lSn6nL`sc~$Ah`0GFC#dHW z3FT-Lpa0RP%g}>=#t+jF!qaP^DO2Dp*OKR0NW4i@!)o45ZJ<>bxO|{OhrhVGa72PZ zWd_Up)qoYNqaqrTneAtzI<}fMVgn{JOR}L01%!fr-T0*g8l1cKkE<~*cO?El$DILG zRFKFoNk;)IPG5~!rlzOf4-Act^-xc`?bpuD5AQ7OD7enSwA6*!6sHNW5H&Q8n z%A>DL%`07IkpSsjT|&C?vmUkG-rgoOI%IEyAeHc+`S){!j=$1d@=WJhEQaei4so;L zBQ-8>brypNfwWgesl@xD{&vgd%G@5LzjWtaQc;{xSDyufWab32M+XQ)1vD5%EBlHC z)6vsMxxHtzHFqt_S1X5$*%9BPrG$&}*AX)<69wt{*Hw6r@SPuCEoBwZuSv8_8<1x& zEiDBtS3%MUK>yA)LH*uLM{RmKHDWP-XK(9>gs454m~vZ(lN;rFvSE#*MYBKJ-EF`3 zT3LRSd4Hls#R0%T4Gcp=wE!HSiIbyouyfL3B4D{Jo;~2WRBcqD)De!2iBV53d$(up zZRHB;mAWgmy;d#MEp(S}(NmiWMRqV@!*jhlr-@gWohp1ct1(^*kBzNXk++qL5xNVoOSyHMMUBS~hzt?#0fH6j!B)L%H8nMbWnA^^?5e3`l4foHW9kmZt=2NiNk9Vc?*T8OS>ADR z(4t31dzHVTD?cD`x0+XUFWTGhU2g4IE1~k;=CYfXCuvt+g@h(hDNbl^X{LJ93Dv3n z^7ks09$U|N-RreqJe?7?UB_n*+&QLvJEn?e5mUu0Q?|90yYhQfZCR~$Ub}z-h7vJ9cYUMZ!*O{m^lY&prr>g`vrPrvyj{?N9CIQe#`BnGr|b#%`l zpU&C*e$a+0x1xg4v}P9471n?s?RSLJ=!2um_GlV(m|3AaRB7e0UY*bY9`Rj>So2*? z=A{19BDHCG;_5Yg76qCGE(F*vu~OnE1qI6QQ+Ic_$JTi0U4C|+K)P|Vv~E2djUV`5 z!cTEbZnlLvE9j=De>Y);*+=U10HeaMrj*fog)f(P{?)sqaFgLKai}>Cg;mEWIy%on zLfqYN)7|B0OOO)pLnc55?VqR#vaL0Q-AbEgS}v0>ZJBAGfQ%ef{8Z12;jz_V>WwxkxfBun)K{x*$PXRvpB)OYmPb#u#z{_Gr;>r4fHR;d$8Y7bGQE6LS+T zUeSLEu-Go3T$)U9Pcht@Ui3O$-a<9=z#ux%O?`Y%Vzo>UcUJNuyvHiKA8{V@_ew~q zm%Q`iEQfAKD7Bgmf=%>3yD_7A3c1LE4LL2d{LsfwwBRncB>w{hmGBa*X3}C7VhwJ> z;ZnDa?m92KO9a#LSx9#^Jy;CsA@6(7w#L)^*4^B(B7FR_&&R*V0N|!){|FizK7hM8 zkKXt~rj1ST)MJRWl{Z1ncRqDjxOack1y3*z_>K&Avp@|E{Yne=ROfVOy|YZ6vLWkw zoa|E8jeL$ME{g#+`oxho15?xd5^F1j<$t&;0I;+m z5)^aB^8jTI+-2ZQmbQ0$2g|-buej&0C!ics5wyN?s6KQ*tdp<0lV(kTPhiUM6#9Dz z;c8E&x7Kw&V^jwoHvuO1U;78`bC<2RUGwAd9#({~cYju2p4hJ)WC7^EC^xJf3noZoAox(!VaSA=FcW_S1h@H?Roa6 zfv-FuiCpEW$!Y9ta1HaT1+bsDd#s77Jl$@*-95njc&0$tkW2O2gyLo0zSUH7BGaIz zY7z!*K;&~S?ks-y^^LM}tn*?{VN$8dXEUvq57l`z9w%r6RGx(zi03G)eKq2la!ETFkK)$;Zvh~pr6v6r}vGZH&6|Z-JDqBa#bzOg7b><1HPixqj-eAT&#g-1~hXsHP ze2WkOGPk{5u&{E(xioZn)i+F(jbgB$- z3(ho8*nZ9X2n*${?P8;(z~V!foEu<00&E`PqKXQ2a9kIg?X;@#dY9x%5v^|VjCskF zX6k3E%B!g*=8Rdy@#3M5`j%NC-}npln}BrxHV%e^?Cw5dES0wJuTHT*F>O ztNZ%ma3jHYXI!4Gi`+uJkAuzGN>BkTB4AC~x>Wmgjq8$>r%(1C*Y$$gZPr+on-0J?L5*hlf9o%=QPU!eOmoVdU z>e}`EB=Dql+G^|Hl3XWV?Y^UpXWZMPr=!FCAf6yy7`1@++iVFqTdg1JGsaJh58@cZ zkorvIf@6Q0mZ^z}y|-&RNOl=4pKw`3)+nuS*IMGK%iNg`Ov;@*U9$tno|+RgC7vz< zUo?zy-UEYVqD+CBG9F&C0Sqepvq|c71j~=oKygh>-`MC%@=Vy?GGx@KT>0!&3|15u zSEws0Dx$UgvGl2n#gn5c>)Tlt1U95_$kyb7$2E@I+m~0{b9;p}=qQ7p)W%_gwH^l- zs^?wv1v?*F1S{(3>vys%f5f%^Oph;%eYa3@rN?RF+I)}(d&@+lrOb4SBz*F~1YYNJ z1?B01x#bIYe8lIy*FG95Oe(x^g%$liYF!YwAIB{{thS4zE-CWd4%HihfVNY};wwnT^@ijdPq8W7T0!Sz{`? z?^b;hRGU>>guisjIB3Cm-}_ ziaWCf`m2xYdBXZy1c+zm=CVpkie1tEHVJgHfVl3cDz^;1qaRiKA3U!Q6+z@IwAdd5 zl%Q=I&+$9-)ZQc@UJ14$89TEc2N(LkFL~!BYyZZk%w9sf6lZ|;B3H#N%gYO<#KiwJOzFG? zB{k%!L}Y;&%_b_V)J6}A#1f)L(M#3Ync|^J=fh}hn{u7;dm8KW`o6%i< zvM1(4>!(qGp$B*oWu3xMXc81Hizwkeh938057eUz29H18H)k;UA96=}RvX>6A{OwB zKk^wP5$n_-dCs3!JMSr9H$xfrQ^&j$6Lpg7Aj!#tt!1yvZ7-nQPpSPOzHl*0{zE&? zdkEh}Jdo_zUB3+{Qo33R^Xswmfg3?mrDg=2#&Y10|AMJmaqpucdsQt>}7(Nakp9^BJ`vs zxbUUlAxlIVvvI-B#eI=q)*bb)CoTS%3_!4##0eR#O#dt`YTwIjJS_f7kC#Xk7m-cp zhECt}R%GAni8+;E{#;V-m5vN4s?yllA@akknWDgNZ;;qgmBmjz_`~`$c+~^uln@!t z64Se-GHSe_AZrXz(hzL6?#)f$ZZ92fr-6I58og8*5&6IadW8<%>Ki%GvwB1#&Rv$uS zApUE?ml+Z@7oxz%G!(habSME~mK2;ZJ_?hqJTWUR3p~ULDfm9H%YA)IO#Y4=YG+tU zetycM;)CAOyl6^qsTu8x|$@ zJ^KYy`vtAZ!lZ+)**o8e_BrLce{p{ynV>Dlp#P) z3g+0765ury=mH--0Dp9Jexs{3Clp}gMqsp_BPxUu+l2cJduuNEnR3bK+>S+^y;coa6be`-a83M9DhC~DP=>HT@#6$(WGAXCi30xU#;(W#x_%J~=i?f^l3((|@uoPf$f{~O~+fQ}tpngU!JBVQUL z9HD~u_T4B*mKZ8P(Jiy<1B0ZJ_SB^LP$X@&;d0>xSaR_X;Th011I*u8_1_Y2lP50&w6a zim2YlMMDF_3#M`!WAbXXq|oDJuS~_}0Z=Gg(CnTDGoyKCtKJyyox{Fx>|0Z0880)H z8QUc{>maD`OTwN9|C;ep&BDR2|BWFC>0Ga7Sj3bTvl?Q9nPyLt$IFwJ*o;p|63Vdm zba!qW>pF&^l)7G_N-LL*D^5IFmgw)gIjAFka2`L=p`tD3VM+up+Px~Iq*U^`ZEb?l z&CaLw;flyOMC_5+ocUQbpNc>Cs(5uj61~S5ZoDZt;!m^4i$j+hnXG)$s%~WlxYW9? zDOUObY2l^~MPwqwZn61m9wne5ODF?j;UiNtUo6;B|3LOeReteoN+YB^J~2;AnC2EA zuqo@p=BBIWzfkAB)f~7WNKZ$1)0WNU81$&+Y{)In{yM4&P6M;y_J1{=vnp$JJ~O%E zzNs)HOG}m?l0)Nhcd_X4l>PwdtqX?lS`jO3An5Sgobt1$B6LzAXC#AF9>IAK+_+Ip9jJH-e5&-(K)!om|2x8FG|QbR(-J1f_~k8$eT zoJqN-bF?@j6DFY>7Zi?(dC9GrM}@`Fj7bB-&LlRd)W;i|caImLbBq_HhNP;hQo9E6 zx#;%mzat`Jt3#&oX`6YJO{_9kqyIaJRYhg!an|@)LEf)%@ZPi#GzfVKsF2qiG5THZ z9XF7dTj|0Y<{-6og5A`U>ArML=cgAR8`d=)rr@HI{D8zCPcT?l9Oh=RQofNt1AK4Q z{6ScsG`tSKhN%;W?_tw&`6uHZrgaB4yhLIWx6dOuRaNL&W!pKc)ttdwaDM$nc2|3zoA zRmRk3S8;NU^;%VkYNLk?jz&$?_!u-5))VQffT23~$b6k{TJI2O_ICUbN> zdkZqP0NGc$3$>^0CLR@IZ;bko0f9q`mTU~;4d8ay>s3Cqop4_cwI&N07osJeG;=QS z!DridMBok+=+1cl=&<7{j%mr=A|{SzNE$!oI)(h~B_ox(OZISKL`Q@ozVcC_SjbC( zF$(K7S3ksjROB+}spSW|gYx4YJ(l0f?iLr9^#6PtkMzE7)+V`*=H*}C`4SCH3XqRS z?W#Pm)$^Ed8698v@MYZUjb53UuG-7pJ+1Rj(PJLs7)07)cw7N9Oe#6NVCCY-i1#s~ zayD-qajLnUInBGK5NS?~7ZA4eYy09p-4=yO~sup&MCXl8*ks6VE?WVvx&K8G;ffKro z`+{GYv8^T)m8+lyHWvO@LNXu_&dP2t7z4v)QvByYOXn{=cJ^h~U+WuCv^2*qb`DS1 z{WJYZ_WX_wW>~Ju+rNGh7Sl~U33#_?XAY*of7+`lwysxXWE@%hI#?e_7<&iSzjEuV zgx=1Xv2)bsOw1#%?3xk>eS!ttreA|YT$31w6af>1Cf5&W4!baI=z5{16 zmbRoo=r=ZQe4~rDMjZdfN^=J4bJ`ypixeOs?kUi4Cwr1IWTpVj*g%TXd{jYng&1W& zC;=Zy7!-*B0t4QGH8VNI`SMAMjPuctfc1+?)$Le|!-!Y|IqzKga&{%sA*1iZp&v}m z=EmBPkk2>aU}(&2gZn(WycmTYqj3R6 z*l5%hV^QiCEv=fh3G1^=4NK}%k1yTXaN=VzKLJCTkk=9S_jjcXrRFq5vl^ub ze_A;_pqpoN^fe6-K1T@%2`RZ`q$h<|@~ws-@M}dQ@V{cTYx2cD)NDd^#+D14U!Tkr z>NE%jFx#JCf{F0z!8ZO_Hf%O{dHB0Qfe^&94^=z9oT>O)u?_1qZni?v>*0uFv$N%J z$TnULu=3vrKRE06^JCh5ymh}t#eyVvQSjhvu5z6aw3&ATU{ISIKAIP-)$?r{9p(%u z1!cp!*<`H-1;UcQ1HSe@sIRNlo!%Nx=OX!1hRt?=lh~HRBLt@an(9#a z()V6;yoj59`V#@^NxeHhaVgE}yz?J8LqpSjAs?@V8FxP~a?{!DRrNQ*Qj?bMw$UxK%n_Zq@^g=ls7%d~)neNWi zoy2wa+9m};nC3_Ibv+&`u4YE|R--g+^-WC6@%_khKtmfFrqf3)2a#AZ?skDi!t+h! zTk8@CED7`Pj+c|3ttY2&xI&KX(+_7`)!WmbZrLbAA>eX8V?7foJS4xMV>jH)dt!w6 zg3uT2KS}5U8`=iDt-|!Io#6xpd{EAkFBkI-clWDj8rJi6Tx%QLNU0caQ`a%66e9n? zf(7t`kv=;ouL{zWgzzh${YG|4jtB`UG^tlIK64E$EoB}Z8FW?&x}*?o=WgPj<8sg7 zaVJia@mv{U8(|Mf8ix2G-20?!T5)uCmMG1KEyyvxMruq$8l ziw$<1>e|HzvQ|F@F4|}ALXP_&F~3vCDa_2vN4Z~*0Vn&ate5{L{9O+$KI@k_hT^WH zGXi|-ne2a2FHA}i6bz2!*6aKE>*F>t3mXgM#ehOZE9)c>B_(OTU?ehp>sg_|Oxrr{ zVY5Fxv3>)BqvM#DWVp4SM)J4s3O(JF6IJFQN1ZP-T@j<+KG4M4?m}R?61GX6M@5Di z7&L)XwJKS;0!{_jK7pew$r`Wd4eOP*V7K)r1K#CkVv>RZgq2mbYI88N=ewHhsuK@s ze(YJ$H?3cB%zTT;X|U>q0r(i3i0P*7D3TwVm{OQiCb(Ze`9oaR>e!V4k=akY#8+Nj%qn zg@a>9br%@}R~@b9EMSThpf6(p?P>|OMKvvMa(tjSar4348LG;Q7vOr|c(0)C`r*tz zw|oi_ZFiK+&VnMZAwFEM@Vu0UskBS6{SLj}ZYheoy$NB$Trr@3opm8H=oOSMyNP@j*Djt!+df}=D_{5S*59~X4jF%ozKFK zo8}k)T-nIu9-O~mfgCnT!LBBDG8=V0m+Tj2KHU)!SA(Ub<|_?P<}eY8$C$6!h-i@- zc6q7Ldb`G1*7T(BkX@^l>G4901`If%p|L6wmHbg4cw3JI4~gna_9Tp-b6kr~PQXp<^yOY4gKM3W4@Z zG;_BI3-O)ZTE@|=^NF~D?-$i&D-JWaKKv_teA~>E&8_=j!uh9(DaydpQts}hp6nri zK7KFh_aPT>xUqt^5FjKgF1 z1o;`FZ%?7-rWWx-P{CEGhtDEi<3fc2^#V|l6Brn&+GlV8It&InpXC%-j!Kkhnv z+;C}UTke{YC9hIpTEz;JX63B>^z^Y`^j|An_LkPSk_bEcDPlqe1|$pd6Y(a7#mr@# z?X#1FS`XPhW>u@#qBFMdFKm-04bG2Tx&0z2{)Vo#G%Xp&bA8x)9L06gtN(-x-YX0M zu&apzS@tVAWQyJKrt@GwlOHdP==Jn1x8W?fU3kZ<814Qz(QNifYL^p%-ogXdto`e~ z#(TuTyQ^0mk@AQ1`Dh`SS^OBdOM+VHEml7 z+d3?3-C{&L*K$N4W59RvI|WjyfGTKFUiikL88C_ZT75(Fy z;#<^LCbl~s6r-g2Oo2L z)u_@L!*{j5+M?I_(C~yvtvK0S!PCo_I{XWnrH(KB)6inu8RSuEhUB-mu14UEC~c`b z{Odus-tLKT`LH!HB3J|ZRez!E8zLoE88*R^uPa)C?xX)qdlRM%-N-mbHeVn;X?{@8 zVdv+{SI_?g3L;;}pF=`|DR$$XVh4ELjcfo^(E-?eOlWA8iFoF{B}-;}vR<4Cb?!1I5EgQ|_6V@NihwwI98f$OeLW|0uqlv5w^kj+u zK8&*>FZe$^H(TLII}!E z6-#Wq0y!U#^e=_Ee4EHnd9iVXy*OwANa97zxV!WAus#gx8gz52#pnx7X#2zo5GSxri> zok7G>eatVT4PR&Wh21hG{q>liBvxd|ga0k$F>e=a z&zC)2$^3-QEEAFl0Rd;$am~c}m@8U(Sryao3Q0bNKbT753j{K;2VRHZ-aq6oXFDs< zu@7-9dVFxRLaq38JGRc$$zSMW~d zukdFkxH1Z5SNSiaEqGn%D{EU@o@W5%Neiuc?K+NRLc$5M_aJ3Tob7Jl$)MSF`vao9 zR=cRpz~?JDk=Cd)EqA1P*ZpuGRYd4uT#3W*c1!&)2&VTtf0Pn`olBf2a6KnQfc^zD z*KEq^DRHA=iR|^B2X=1~G&~mtPj<;7qCWtQB+8THuww?PUYs{Sd>#S8lqcmSh-dcC z5q;n+3;7!W!)}L#2UkaYL3ic?Q5sJV@Chm(WxS|PN8Dwag5V)%^xdGD_#XsqI3+O# znE_&9S6w8TDSC+JGf5XPr+>Q1ren!s+W@r$9(^+Yo6^;zu-q3<+1uaN7A(=hBe6{u zCOEn20FIZr+WRWje7Ob8NJE?#imD|VuSPn=8wY^$Ai(u>u?TQ%MH1wSi^S_9AFQ&J z{D`VF>WbVf5?%lgY6{s(F&C^nlbm2b|2EQnX1^Fd%u_5MhPUqqr{}f#a-W{TosxFA z90jv0Cm|$%ILw^b8_~agixLPLrxXu--d+lY_RnZN`j|QiHjM4i7o+`IwL@3$t01KN z{bs{1`l8SrBXWm%5~`PEJbim9ipy_NWYak;IP&vu9zEx5>;H#+)MX%0!h3f&v{^iR z(`lBzz{$vfdYg<=vf)L6QpHLd=3PDRZ2`uK)c8yStGiY#`{R$->-(QSj`uDse7@^Ut3Ok>K#cB&>)ppOn1~N- z>vcT(on``eyzsrf5^Es;ln|8S6TN;g7Id%O>;1+#B5dzq%Lxb-OpL>PUZ!Ng_+V* zi+4U|R@yQT4)U;MCdA@ssXHfn{JH@vo*@!jw*@=c(_phBz4`%ta;?Cgex!gQv+yY+ zG28br-m-($jzcJAdhJ-+oR7fLubaEwSxvk!Y0W4@Sa~VjwzzgJ)^tW|dfGiVAoY4gF@ z&yI{JsQ1A!K8!TiStd9O!olh$vbCF#|17iRIQdS$t6A+UINxSKY(_AH6)9@?RMBYS z;(t!N8}{v61ndj?=44unk{(FFb~9|v?9W+A3&?b56&4Rodmver|B>M<{bn@TcAen3 z15<9FB6J5=byUcR$oIV?g)!Y6Y<*oO2xq)wjQQOyl}w`2j(8!cqbt7fNLEsvvuZ7Q zjYw_;9m$2$&&S!KVT)#GwBR=eKk4$p2!MY_ZB_ARh5ERi1;X1h9wIPyYA>u zHmI$^nwen4Q=PE^_Si0+>B9T^RuzR4YuM7m(YBB5rquL_yWh^O=i1mU5K6 zd{!m|H2@&4$_FKNkPsq05oUa!kUi6J#LQW~9QxE&18wa$6V@6;_@mh!9|6uKxPXHw z1puJLqWd1RI&swzTwvL%p(P4v^D=)aICghBCEotL2PhggWhD_ZyFW3Lc9>r6wF720 zMV8J_JS0@kxL(+9m%LO9CcTOk_|aXth*ihAYBP;iINtEh!&OwRwW7EM!PF7USlq2sadR@DU11vDF zC$K^9Z2)ZtZeWNRRY@q7!3Wk=94?&?**$lnTozIz`+$7Rgg2x3uI?5OPSA(OjZiPZ zJix@Pker?id7TQm@B0yFuDKsJ80mBel|6(CN1@ey8t_``kDPS{ppgAkg~wL-6~kXJ z-C&SsJ|B;e^%zxO^ViG9*nm>s9-Kvell6Z>VmoYwTs-CF;A3Rrft|1;47B9>&{?qt zrP<^`KV3c(IG5U~INVPqPA15L06sJ8{HP2gc+>z^NXpaW_W+PHRkMhs8`n|x$B7$f z|G(vwas*lcEjeMjGq2I$EjkcbRAZ4d_uyOSouLavcF@?St9eNNhRW@DPqEp?P13OV zaJDJgTtWSk4<>-SPCSG-?~^Trg(%=VULQ>}&B*NRD$*)^KBf&P-_p&9s8mr6`QS?N z?9``jUy|CVhf#JifG%jv-QX%9L@nYMX#yW%fn&bQVe_e0;`Qg)wA6sp2P~1IGM3L% zA9!MX0to#1P+*{(eCDXZbi}DS-)K($WtD9YaY7<-*X~i2vbtBJ1V?Y5q|vu+NH9}; z?X{JMO=P^}993mBFpYgMuLXu%1LkeP_onW!f0@eJXH>{OW~k}fq-$c>=3Xgdk<@YT%@FEV1U`E`%N~Aq#_oY=QlEP4;vN~l>H(TZA@rm z4y-NdRP_Q7Xe1+*0Y@EgV{AXWH@uZ@cYqURmlu}SsFi>~KtGHccinQrJsjCAgXabY z{!H*NF>|+ZvP38M|Hat9TGicRS^xs{d|R@8p1y$n+mq?>Ks7qki|n-`?h43Hz{@;G z@<=YaHHU<={1NTh`8i7$w;t}0c7yi(oSQl}yuf^Cb)!(QzkQJbQ59NLuj5cK#uOYq ze_Ebcj0H7^jsoG}7wo^PQf}?D0#t1DfE)%`^gTZBb-MVKX<$lpm{y7cvoAzeo?QdK3)! z9IdcARKoLmv&Iy{8ZQyd)T)JA0J>fUFX^Zt_cW4L%5mDohXyv2d9QySm}<88P*Zu{v1hvBhiGAWd0X#fsFg__`;mK_`{i6vE|^<)%NvfeL(rxxZu1eM*HQ0P zZH6Cs?7wh!-0oD~;&=Q=UA4IN1zd%l98e*Vu#x6vbZV#=+3%3q%)dd9xA@3<&A^|g z%M6{6(CA?z^rQJoCNGbQbipLVdj~}xqiUXr`>k$NrQj2UBL6wQ4QF_%Uf`t;wHR>g zVXjURR<6JS$iRMxYz6+ajZRdw^x%6>bfG3=bY9bZ*q^Oq)n@m%FXG3{m2kwriUR-$ zQBIBzM8>{z9cAat8I4D_t;fC847*;VbsEhh#_Q<0x*hk|TPy9k9=F+7$9>LGa~wYa z0G>rQG%SprGY>b5f6w&Ez-O^9f2FPnH(v)GAOsN11;Pfv;Ag(v2q$n_1Li%V&hn5g zPZfLkKa{C-_`fh^_&yM0o*%5G)vF_P4Wl>qAkud%@84!{yHJ&dQdK$63ldhAxG|of z-Xj3Gg|4jaiDQHWToGAoR8g_*TwsXsmoQkWW1qRhP9dtwJDrs~)yE+`)@Hz1^?N=smxC$zjx>(Gt#uo%vzNqA9Sz6# z>rXu&818(Qj^uPncT4%5y0@wURgdB5{8uym*MqwD2B6Cazk_-8Tiwa|t?H!a=KsMo zDP?G*KlAs_+IC*B`&2cJ(2_EH>7e;}FRMjFy9m-0TFNUfHtCOilj+jmS_lhj*VT!i z?`1mDV5Q7W=gWD6mJ;m4JYnAo!SBaK3rv-j>3k!Qg zWJ3EXvm5B#2(tBM+J3iZPZCw-u-rm!qt`+(a(@H$qy37(=WMo_%}pGt}ddMf_qYH7fb(5wE_2>Eh za+O0?c14YD69j7jg4UpKbUF^)OM8w>ZUHDHYD-GCpR#hm=M4qUIbz`D!)~QOW>XarMjE?#sHC82C z&qmglPIwbRDj~#I5FR$`M?eNYSA9I-orW7UD_lW8snYnMub;0Bzs8jheb`C+9Hf2t zX+@(DwjrglZ}4p+5zm{@@$`0gaGnsL46nNCcdDF^At^oC^XM{S-o@o~s~TB3`{?(xAZ$^dp`TFb~rpYBkGJpd_S(V(;LP)Wpq-sUs}ym>Bfut}uq za3ODO`0n^S0<0u)*%RVHFlv`B7Um@sj3Ht1vk;zk2LD}0Kh08WWplZ4VFii{&z!Y<6@D`>k|aB8w}owZs8O;hZ&2uj z?Q$*7vhOT&qr<5y&H(rYwsg7>0md6czVnYM*wwlO)k4e%? zLr|F|Qyso4hVwoV_Fmr0q~BU1Uxl0;Jsu#Ts|(wY_-xE%X5 zOLX#Wq9e#|bfh%WDj##4E#7gxlDgZ@y|x)K%-MfyvTT$ce75qzG7^{f3zMJoGP_(R z4{^Ddx5NXpY!x2`P+UCqqecqUY~3765rpy^5-8@V6qGO#iM%mvLsBWhL~F z&K-}Hp+H2goGKd7UWzmb>1&6%|Na@vvgeNVt4ANATiqGt4LG`L=Xt+3MCEpB=`Hmn z$M|JZavwx?hJ(v_{jx$r30REol`{KfX`2?H|1O)u`u-=Ghw1Q>lD74Ui-LuCLFXr(p6z=aG|RCt12F3k&mx{|T4TT$I3DdTuc4=t7L z+sYxGEx1a_i9%#PJthBnF(Bb%#4fjLSRO-46PhboV&Klba+{^?EuP7}{33Fn(QeoI$#K1M@jW<1{3JDNT>soKEe?x?%?Z07vs*cq)23 zK!m|;VIhdkq=Qj=gpnS93fba*AgNo96{}pJPBbFmNl0Y;TF!>Tsl~Osc8{s&awz}W ztBbDe-VFogu(EUP-TElIMp73R`mx*4a55IVyurdxvc`StM~3Wu9F1?HGFvy`G6Y-+ zW)&2mB=HjLbGFpzl8(OB-6JCM?7`Ps7Jk6-A2d%?`43x-NZs%|_3zz)IynIC88q+&x#{I&q7ZSv zvv1c7b&L-O$s$}Xa+0d>wePATyRSMk2s4FV1 z?li0ES+woMHG3`>mB-A$RkFB92P3Y72ot!Ba3WTv6ONc>m>-3PfY1dw49OdxeDh^$ zImDVJ1(B}&KUBR1P+ZZnE{p^X8r&hc1b26L5`sIy-QC>-1b26L_YmCOEx0qlApg#L z_n!0qDuybGs;QZ^*XsVHyO)k+e_LjFAe!*Vyf_kmdR*TC;tU`>@B)B%+}wWg@8)GA z=>BeM;kzoGH0|~4(y3NgX2jNq_;oVkf?;g3Z975qe{2zrnh0fnah|l_`oY3GcqKRi zBXoD*J2VDsDNRlP3rO8)JSm^51=Lkbzv=O0HJ{n|Vc+|$ypnszMO!}8?ov~m;C2q( zw}{tjIqSd7$eXlCT?r=x2jFwVB|q93pE%J8IqvBc9~)XSAYY=WUNv_>Kwij{%MasFyS_Ua2_AXku9M$meSs+Tzs+D6z#nxXvX!uF= z_UOQY@y*eR&SAyG(bMs_SHp!6=A{TO_Q<+SQ5A)U%veC#$Q7G=f#=|MB3y3$0r!h( z!+Dre0%~+cQ`BI8IUqbb@`?dL6jS;+2vzXWzzfHrxvcc6>y-~Z>y;1%Zrs<|LVD~h z{L5*SiVr`t($nSZH8W#(Wy_Mxld)7qUCF+(@Z(a#D>O3v0t*c_k+>%yLNiHt!ud+ z1#j(|4>_2HK`T`us?sgp5F+~(vK?&WeT0w#IPh`4%i}}EJ-6pRZoT82K`i@%SB>@* zQ9Xdr;q+hZco?uVZaIQN*KLmhPYkU(n+1Dm!x4r`pMy}d&4L*hIeSXf9GOpQ9yNic zsJ3Gt0^6?+->$nJ!b=V{@3QwIJ3ff%@)-E$_Mn>VzEO-OdyaB=L`XVX+mSp_gui; z8(}Knt!%E+2N)f8-I2>HECtpGQ6hXg#_CLUErd@ZBiQzorZ%Vdo9kx>QhhG9A$gSK zf;0NkxF+U?rKSJtaToTJ)9ek|(#Yfw&0b|JW&2eSGhl;W4MKy@ubXogrzlY~Ri? zb^K11GIx-fvWV6L!u~|=wVto8EVtRzl<gp0JDV)5GGY z1D1!%-x(JonbEf*=oFs@#GLLn8q%Yw^Mp`MRC$Eobr88GYrX&pm8#X!!f6d>4%@3? znlyLRK1jfDw_jXWC+guSo=o)*d=u~?W-1y?7ziUPvK}Z8FQo(`;Qv*y@*C2ABDN^x z#3YY33&R|Pht#q#A%qP8JT9N*OZ$xN;>4)7eX@R;EiUAG_n}+A6S79&omMt-?1TtT zd6q|g?n8Y?Vct880Lym2-rrSnjN`P?lB}9*w|!YU_=&cSop^2y*AK^OL{Q6VB0C0} zF#oKc@%O)88VsCMr<;LD7oefFYy3DncONP>+~Id;n(Cf=YUvX+oasr(ZzJVoM4x~@ zsu)Xi4Ql1fpx_~+p^Kl;%Z;|w>b^ZN1WOm<5*}EEKeI1LFRTFMW%O7C&HRKjkf5LX zv0%pjMj5qeusL>HSJTMHO2#jlEtaSElN4`X0cqJ;-Qy!#HujmS8_|(f}pA|nkL}n?h z6LHy(gcy_`>jHrXfo$FjPe$zm1RCjLOBcc9!0kQC!kIKb`~~QU`c9JqQi%9Kn+|?( zEB6pJMSN|*Wi=wYe~oB=3Wm_ z$hNkDHYr&2m2@LUH8ORX#_=Y!&i&Y$N`8`@hcaOGgbLA(=*LER7W;hD_Wh$LWpy%C zBa|s+dsA6Nq~oU)w6VrCF9G^ur?m@sA$=x~cKxw2Se)Nv0kC<|xSv zK^DyYop*IDA|__&_zbM?(<0Oni-P zX|ky@6Unywvfa08@7}X0Rpft`_TT!lkQSGv@eAZ2Buc7$)v$CC;D(dg*%nL^wMwj3 zL=8hB+*4M82{7R*HP{g`#|fN%49tRP6a`nYd?2ntRWc?xRX;b`DAz@rQZ#!rRck%_ zgBP6@KX#SroUbz}%puN$zz=U zE72a+AI$JvHTf9OKTN>^2?qMKXo^k@6?{+b<`$gj%I?Hwx( zuV`MbNx?Y$%b>74%;H6X5Tv8OEUu>hhTN^71gnU+H~~{ooZyVc2nK^@o!wCUmRN}H z3%LTRU`k=G2>f;1?CPwjmZxVS*x@O655rhHMbx)*pJ5a~^PO@8BSn$Z9BmCd3{eSj1qiblMw4%&*q}5Ta z9mp_AwS+Llp7V~Pbt1d4wpp!%3}L;ubwh0g>nDv68CY9)p|_)^#&l>cCqa-QgvD5@ z_Az}0Xy1!6)GRaH`x1JR>S{xO2)E__^Kh6G%HkwD5ZaS`L_GsiFc{JMP-N+E=(p5fq&7S6MYLKXZicZHmW# zlhg;s80gTv2ntDnzF2Rx=A8V21u82c14nX`PUe2^V|*m41Sc5a#P$lRXbd6Q zPa@($Aq^O~yW)S>6IzO_%Q<4d)3dU4cB*Vlcusd+U2DGvD-fbcc#E=^9bcOqP$Y1C zMlTsNtg*Hek0cP}GT9%L`TZM#jM0{smUeLPp$0d%^@^G4)fdlqYdaC#BGi}~B3H7D z_%i0^zfQFAa%H82%A2hglL_(o_We!REyZmb{P*Mcq$sBMy{`R(qdO}BHz_z^+?5$E z9oe9Ad;-S*hM8dQEsH9PQmdV6t9PMQ?e&0Je|Ra5Mks`RVIy5y381$jMMp4;z9wTV zx@`|HA(7?ptGSw*OK0|_;DZ$k4hd>(D0~d0X;(IImTLTtqIBBbwQ9q~ttx)+7p^r6 zeSdiN&BvlM zL)bSGTjTdla@W|66V4s331QNp&7~&_`>czXS=DavU=TN$ViI} zJPlml&MnT0c*((?+t_w)=ymFm2-c9~EQM|PU1SsD;KZdan*&uBviZjO;HJ%ICC=NK zjEb;Ax}^ihcrI6Nyfm4@LhAVRY-vX=D3zHmf}`jR=bI0HURKmXo-ay4u?Hneeld^1 zsfoT1S>PPPy9aPTGp3u*J$CU#)_l!9?<()(-8x-FkfL5j1=EzAm1|L^Qo~mS;v93Y1WL zy3gt1E2XGgOjmT{+VVMDvVOJpdxVGYXzf*ojgWERe|c0`cRo5OET%#!w+ggKXP(wzC{pk?fmnoniyNhB}6 zWrlgv+BH1OeEHbv(<+GM?-FlRwWhF`4V(7T1>xOWm!42qRIF3$-$%TZ*A#sLaY=Q@ z8juxT1}qU=ZykA)d}j92>1*+GGueu-zK$FC+biP_h{v%S{i62#2L^G94-_SoKNFHA z7k?v3?*I6imK8g|(>h7_pTmK+>s{Qo(;UL!Wr`JsO59UQQa*3qxT0pg&BZbIBd&p3 z7|HuCcrpFx?TT1iXw8ng@SBE85G$s|z|W_Z#4VG<&OkCeCqrD=V>}t}gNzntn+FZw zyYsD?`FU*q?p}0yg9&Ork7Ffz_p3Sr2X0t3@jMyXSZYd+0HBt$V-M!eFn*$>+e~sDjp4uiJKJHT~M02P0Tp=H;kxSP!b-4ySeR2VOd@fv{!lCS-As4 zw=2J582WV}WXz8RIEhMqO(=6>@tcF#WhK;nM`|sH2=QL4e@V%W^z;KVO5#diBE*ob?&dZ5I@l+ZFQgvB?E~%B=9r<7QgRh-cQ+P5hZ2hAyJAX^?iz}U<5jA_XY!k++p{;wFtLQhl%cq{ z+ls-Vk-MjtG~bEIiG$Aj8%FuLlRy3!xQ}E}@LO@p<1WE>l;?nEQ#NN;Y8$O`@jc2_%AS zQ9!sl2(xlOMy03S{LVtLW@mM7GPe2|&=LTbCa*X@;V9=hb+_MGtp0Vb?Xa0r$6>GE zx2DBT3Y~;WTi^~7!2w^(ig$H=p0MU!%0{<;jD2H4;@{@jaX@r(3Zz?s4;Uy1s5j9yRIvu9mFkn{2%ZBMeK3%o2n9^}gKn|!FG9-0@)v{`~_a0F(_qL|NHneS{xkJM55e*6iKu2oZJi}iHY;#F^I?tG_ctA}<7 zX}44Lo8DN4pPtA=DZ}BHG!fgkaOp6L|4E@haEBG49Xfl00U8;}X7e(|pqW^wwf2r5 zZjMSehwd`^u2Btym}|CUnRJI-TJ$W>j~RqSYA_9GY}>3@LOM`y-!e{TRzG~LE$!R8 zzB#+x+AC4=#Rwa~HAsQ|O_DR<=IeeLPcraSDRd-TKr1x+yU%AqgIqF@#9vi>h#N>J zw9#2fGCG+b2bh_~vWLFA;)LChBX{1ER6TlAmEk!6me^M$v6=blzKg1nV^^?7oi&M@ zAS+yomBErzZIS>wxyG_lkGkt=%3qBop15NpG8p9D%JQ;Ov-7Zwvac^k9V)gW@PnIajKCWJ)R%u4i)gHpQnVLc<(t>aVaO2lBKNN z!B26ccv(XSOHKfo zKuN%c9&rGr9R1|@Jc|Ds00lFQaHK|C0d1YDT-??-aZ!Z@^uj2+mXg(q{E~GdOJ>ZjDo*L z{2tMsFr<*pUvd0ERFq)3Fm5`sP(5uYIB+vbe!;}VRl6KP7OxL_k_%kC4w-e+p2w5O<% zTJvM>PZ-99sfPah1gNpG}Y=7I6`W6~~3~%orV2WD`I85ziFoX6Hxq^0kU5{~Ts+*&|9u%O74y9l~}5(17_2tM1!+ z-kCm27DA)ppyn)1oq#y&p5}B_$4P;?o9fmk;Lr_dEiSs%p*Tu93=m9u6WhyBf)-2%wLjQ2mU_ zKmxouluHT*^UKcp1zCMscrZYrWqe}F>?v=Kn(NXh0RMkT$eh`h4ufT(NGH(Jyk51$ zw@m*`6p0qp{PKha04MnzE)U^Teb;;b;&Hm|Cu;qI=5pWgf)4v=;+&Czt!{uSTJ^3i zcN?PSbT<8fFZlGC^}$+DSV4klY0C#DV)QxzMe4ubEE5&VWAh{TQd!fXfg#?#i$Y(? zmDkUf^bTT;NJHENE8pDS9p+YWU&YGv%3J)0hGg>^nwo>ZJ9NMfm!#>9N}-~tBLRwI zEG+R)cmXr>9Nd-Hd(4WPoHJQkcMRd&-jzgHns=uR{SE624a_ydjF=bcYmwr$7E-FS zIa-iwXJzP8wugQs-k`)mlTg<{vr7kTr?0H%r!C)I61rWpUZe4}*>pJ?HoA*;?vdXbI$jdet;ur!%wz#$=9Pd_m4hrz-Jze_c|Ry zwXn55IMK#Ibth=RQ8ZpGQu8==vr}y>F@Z1Od#5Q%?Qy5#+Hl**t+3hhcp`7ET;X94 zKyV;FKKpC5qA$1~+EHUL|ClKqM*iO=fTdC9x38@YJ&D9-XJ()WS}Iv1Vw^PhkfD@{ z;Z8Bxzl~@uw^aNzE{XvLen6-H#ibr_`bnG0nHizhz>Gxh{mM3&m$bXRiBA{DvE$5> z#_hwMHh=-=Zr~qilapNMWd#!|#$v3;$aWYzxWm8VG#i=kW7_p|7EwacmWrirCbc-$ ze9Whc1DM=p5;vav=%3LGgCPF3@sg$m$!INaqPO`MYTlc_1!!SN%NGh@ zP0)-wtriAO(*lXNq?{Uo8^7b8e+%%P1MD_sY)py9vcdk5_2p#I%r{A@fd3Y{M)C}W zFp3bgxv8Jy8`XaQQc0`@CG~!kB5<_p-oiy4oEX7OsA2tI&qoidO30k1aWlPhYJR6in$aJKNXj%4-w*GnR;U0!A1O#T6ZUewJzlO`Vzn?9f`v ziQ>`sDM2#wLEYh2fDMpM5VWOeOZnB!E=PE2iZJmLE6?t>S&xFydGIhvXiz;y+M$xM zs7Z*31O>^xn}kyW07REXr0d^*?1+|w7NxrA3H`+y-Wgk2c4l>5(MOl<%fvaLMqY#E zcXy3}w;{!^eLh z&HcWByiJMm(hw>=d&0A{V*%QI-`Mv(7itSNY@a6sf4$QC5`wQK$!Sh^Zj>m?^@jAU zKS04swyezhV^m(lz<^l}@nI~S83?>A8)>=Hd|j%WG>x&H_u6E=raX+bg!2KTUCYW_ zP^jvQEoPS#97V|>$m`uK#K%^3uD?V51EMg%1a}rFH9{bCvo;2)2Vp-FK#hSF68p0# zUu=f3Q80haEY3pG028LjrA!@EUUh!{+yk#$kTXzW9+)ot6IC*nE(?mvvVgYe z7d@fk#a0~@BjW-Y1tpV{aR*>l-2$dOvCFJa*Y&RK=JP3#F8-+w0K$y^L(*sbZqL_% zBaak|h~R9x+-l2IBh>TrrrwfwVjoeH6@G>+zElvl^+hj z;14_}hgD*j=UBxQHj3v8*9K1{RRG5jRku9`f<6TDo|jJ-n`sx z?)YJsYa*LKENDkre1scdv1E4g_)bg&6IYpPggvk|OH*Dompk?o{rhd;00+YRf^c1}|I+W70VMb!0rYpmHC5e>eKO9qLvX8drH3Dz%8ZJ9Dks%! z-hY#GxZpItt6fEIRTJN1Qulqp>-!(sv!$ixhMTTenj#vy%H~hI50CzOae1fNIQUm! z4nS(?yk1ASc>TjKx&QE{sAb$#XIE;|f>Dd#C`xYymWn+6Yko>4xO1mVESgq4I;@1c z2TB(R!SPpB*9kE3dgR5QV;_jbgBslo9&GJCeWZRV8Yg2E zY*x~xlb-`bt(fmQ;M9Mw*at?;T&S#%XWXxXB!HoYPoPc9qtPb?xK5YdUes;^?i`8- zK*`+H(UD)acZQj7N2eJ>$c9E9@E#)rP{Hh{gTx3J$lKvxsZx8B# z{RiVkVN(eKup7x?k(uB&oRCLwg&R$$7vE!cD?7Or_q23bJ{~*a+>#(W(g=_;o;_17G@)%0w$(r@htp4(`!+&5k`lU zYHc^gW75*GC3V$!ZeB-d;=Ff2Mj{jl)Fx@o<|A&4C~KfL;-2Kss9<`qrQdDa>Xfx| zT8p<<3je5Z+~-&?Wtx!0`k3(Lh<<=sT8?jM4rufK-z0^D1~b3V=ulc)41x>5c{m+z zM>(-t^%7JAc13LSk%$XDt)(A!y7ImI3n4?L;eP4-_G4tNF5OVKZZbPZyIACB%s&w4 zO91{9vGmm0`q_v7kKWau)ZPc_;-ZI3;YC{6rOAsrI@^26(#p@7tkCDo&d%SyR@cWl z?9R^sHiPF?S9l%9B4EVjo7-u+Lk6ju#7OTgcKrGfrKs*(8?u!B{-I}U|FKSsvu0~# zfot4&3Bhz>^H zue{WKTCtQ`rn;Fb#XIi9;)T>jqEr!cwoFEff%Dpy=C^_gVM#~uwBXk%FXfe@D{br& zgS<`+$hD6KFi|zxF~>_UM{zj^U0h3HSmvq4z+@f!IL|I$&YCqjza#)u04MAAJkC{i_;fdz3;MOHeT*6 zpNbsX3FWhr733@F>w7-p&>T;bK37(@1}2X!-IssG*u5?67#oP{@k*4d&Kytx>9Lut zW%amY-{MU5AKlmO#(X1O_e%XWycqu0jTb87`Gby)Deccs0!9IPu*SnW+}We`l;%n^ z8V=&zeCPWgI$N*5TC7g2pNV4sO9Hur0QhBI>DJ&S#{;-u;v?-ed|$(aC=3Y+Ar0LW z;VF!&!p^Z&W)zK#bbv?>(77A|MF_PZLnb>*-qjAxrwhmnA7|n^hpxmti(`i*?774w zm}&K&U=0iMCyda0TFA-(B7(7NxKH=I@xK>nkN}_jGapmYlBbFa(c4$uuahWeY9FTu%!zU|n)nWQTmpQu?speC2Dp+n)u?@ie!tm5i}6-J4Gf-! ze1E@TQ7eu!J;piQxqZ6MDCXc1(S)IW^x{P`ucD)wygWt0;o zd<5mWczSYkwR)QaWP+P2lJ&I;wZ2iBBHXl;KLzjhJWMaX;yKQ49va}j!>b3<%Ip3k3^s2^FFgnI#Ag<5>C3Wn~exN`RLiu?#Qgk5YQ zk^9wtR#Gi1<35MbXs<*HmxnHdwxJ=7+vWp8#Ej3T+svjV0K{xNt_n-!#JAm(4dVeh zxOOLkI}=eUB`&f+0SKpI&K7@Zoh@unC|D>tmmOeWCe<*jGU4v|ao7Ru>{I{T71Kq( z6#ST3!K*%C_YQiuUr3h7>Qt_*%Cdp?%Lg2aRCWc0xV;OeDatS8 zg3BCzkR~Qnz)Ysz)iUn0(tUOUT0Z^v-FTc>mE_eHRlmE(-&WCElOA4OAJegjQy5Ll@19xb;-b zYzD%udB4*FB({v9rs>m4voNG|-+sI(x)_VEDzWBD8Bi6Xwbd3TFi7G)t7k})%Hjsa z9WI~ZRIg=oYs9hW+D z3mB|N{JLnPGO4(rr&d4s~$nz24scI}-R0;9U?;L|T10fL^gr^k($O8usa678T3 zpZuz(pskmjls4yU_Dn@762{ykVXMR`Mmc7UqG8cy zkXKKygkNm7%`M2+I0+9nYbGfvIo=wvpaFA?-3_R{_zav8Jy3jZc%*~l08R;u#k2jX zMv{v!{wc5fPF#kCRozHPSmx;_xdAEFqRZhe=`#?%2JwiNzxC(!*Gq?y4SI~8Uf;~r zFPts6rfBy#3jlE`d*Suq;3z&N$7$6Rm~C!RYEuY6!~I5aR@OP0DOrIEhkJ?90M<>P zCvspb{gc&>sx~rEm_0=q+n&h({rw+U#2q9oI46vbvGjRoP?_4=xD}L(_i|u_$q1M{cxHxt1rt`eKqF#`BnMf`_Wv~k5yx;C~r8VXHQ~O=x>s~N6T2!s9 ztV}e=!2Ko?APk!`un;6s1UO)ap_E3(gBG3iWQ1zD)^V0Lb zcrX}`^0a`7(0Y7vT!<={Yi71+26znokB?BldRi0H%Q+j%SQHc6DUMTOmSrph{c8lTYUfc#`{}!fc~6 z7=^c*zUFbC*5dK7U29(0d*>-aoNg!!6iu2ZlNPcWVVi z^Gg!_UHqu1Mj9ShS3bCj8aRdmRWdUwD!|1<-Vwmi%C(WXh8X(ltbw4o4fB{{RA+OT z>0`q+@+V!9I4Bed%$zk}niiFLmxshHfQkIr_M@^?EQ652(Trw zJ2$65mx^vFVJ;*#yWiiR*}Ynb{)sv|%|FKn_S2Dz0=QA&tCF!;Sk@J? z%rummnQ7v$1p7ZIAGNFijRlX(fdcJDyz6|xjdON>+H=)m)GTo^J-u8K0InQo^Ylf^ zG>BAjRE&)HHlZUazY?Oq#iKn}_p>WpwEEHRomFF$Q_m52$Akt5?|6bgnJmS-L@BukF zaetm$GFH}fGk*rq@(8={d#ZP%^wWn@5eC8|T~|SdQyQ2ymg_`%n{TJKt6Ck3?XSAp zW5*|V*|kdcl6dQ`@A5$ARaz4f2e79j`^OsmF`SFcVM@812&HhrtIy55Di!h`Uj$*wp(y_gN;9y~E?{+}#1SRE&)2q$LDka6m zn1Ktu+PhE>@sZZE86;N_4046gsx1>7fLOm0+tmu4wsFc;rws&;deC(E0}tM7J|N*bS}KjQ8ZU%1SF6HL{Ze{zHaqJa)Ea5 zgQG2hpz#D0GKo#~3-FDPDUovt#Uy5yZtl=xH7}2zkTiyt(wJ@A52F1m{&n!Z@${}t zP{9yIlKpPR_0OD}h>RK6%CTuGje(aQf_3Y-&KskmOP&2?@#OaoOAprAUB{^@E9q^kQnpxm}>| zL$gIXE=mw+OJ{19;1B~CZETp?VOFIuS6I*$6}Pz=K48BM0td0s!#E(+ji<6f&e;v& z(UGw%G9n`IsAD!9;l#6?%@>IE%5EP;|DgaN{-4O_T4xU#2N=N|l9Vx-(LUov=mctt zKWeHNrPbD?yu64dV*vv@q|C^Jm!P@LlOOjZYmWmpzkpG?HaOg9gcHn87ayQP@bZ!Z zgM)Di8L53cqJrv=820y3j5qs7&G<`bEfC0F(HTMw?|6X%$eg&%)wnVaxoRRMBgb)z z4${n6)yPsBYGdjjKT~pst^8Jo6LvitPtr2-lJWtQE_ozz|NvGP^8?*{e$`;;p#tTR>f|n5q;x2pTi##@Wkpk+s81eZ8*9Kyz9++)! za1R;N`{sEt$cbj-SDMP=&j}s?#f|vivn*v_Xt4)Q>b2U4I4|aZ*&&OtmX(fT7zb}I z(^vr@Y#45!^vV`y)1{RoNmzOk?opZ6+lXl{_iKrHX>)aOrZn6Y%XBSPRa+MUV`xS1 z`DN^=ZK>ra8*{{keDJ^1(xkGcce0Sv&@mL4QTU636Gb8q*V|Jv*bhHj8nh$FC95!=pomf&fCU&zm(iIm33Co9A|{Nv-60 z0<}-5u*bHb?c20WjgUNL6BEkJXLmT7>Abw}3t_mJK$z@GE&eeQ>hmv3MyZazsmea2 z{Oc;n44F%7Fo(s{v`9dy*ea(7Yy@9mnXzUUR)~)6gImqd*IRS0)rO_xSpW0P!at_Y z9rW5~R#T8AacGH_T}79|Dwj;gy(2IMPH*2nJ*~v$n66ej zMCT-VDYmnx7Jrkz&d7PiB1cmq^{5h|9}+;-m$SBZUVilNJuNlI2{qK%BMwx07`RIC zIqfIJI-p<_gq>qoYLj55YB4-ipVPr{{j)(Ebgtr?7JA4a-Z&M?O4rM;264C>}p2zEeR?%N8= z10=nNG>-Vl(7fAs;Ciip_d&V2>)fX?U0q&gTBNI74*j$q)o>ixSoZHL7L!K^M*9Rs z7JNrAdn(4cUYoMN8E+!9oHX%Caobgh&7AGXaeFdI7!s^iu6X!ZuS@UC{(LabM*`^uJwW=vmANVPXOK z^6Z7Aitxrr!B1-5^s0b=2#6)IX-?Rpr1VQ+6KizigdR7t?Nry#a>()R$tKCuE)fM% z&y_lUv)z%hYzf-&u%_iJdXPH4_bVE8#j|Hr2K=u~RiaQ5+g@&h!P(V)!MHy{t540X zj{8tAJeR}$2I~+c4E9#WYVUWO_6{$xoW{j&BGBzSbk!n7WN{JLmd;q(Hw=xaQ*UdlDDy+0rundMFHx(Ih{efWX~ zu{zCCmX(9pVB>3&U4#bqO-R+w$zU8v zS{J8%#IyX6YawSS#}}(8&s|67L zyY-@98Fj<|6n#|bc8AQIYy(^IVj>mP731B9r7QcDqU+iSB=$sv7jIOjY>BMw{%k|} z&%Gszza0uWDRYl`J$YY;;}FP6NduzCF$>+ZaBJ8_Wg|E;{?z)p(Z?c(#8B^70RupS zz^iq(YIyZdK4_7`_S}KLir;4D5I)piuZJjqV>y`21FjZYSM)xSyBtUnd@~LfLvP>< zNZ?OV-RqTFF{JweZ&Q>0GVB`#{86xi6i(F0@``bUpMIt8$FC-Nu)B3<@yp!1d-B`!PALRhurT`du~kb4U}L} zm4d@T{Jnp1>0B@ z<=DsTL;4t*JtPVW*k>qrGdKEXJ#`pb%7=4HmQRxieFzYmJc10>lO!$nM(d9*5m*)U zbq9e9?uT|Y1Ux42d@EH}ybqnPaS=nbH{(Q7;v3^b_ll9LQapT^ zvHPwNXg4&@)_=Oq4J9D_6CuxhFnL(|PdzyWP}&gk%I|TRFs6kl%p5q{ZcO(sprw>} zPpJm3PZ%E34-NRqGx(j_!9h59RR{6x2|K;E5_S1&TB zu*D1TC8>7ww`Tmm5y&Q_Ukq#4aK@~L2KW9vfU)OJ-t!&Tp@E{+~<#f||VoQ{TC?7(_{vPA^F3K$$?(qQkL!co@p`%EQpIX>+e=Bs~a7{5Y zJ{#PpX67bjm9l{E7ziB5>pyqEQ(&N47N__$G@UEtffUA!$RU{p4M8xe8SLiTB+Auc z3=e_aBv2}_9Aa9b*cmS@8_}|59$I{ST|o{(7O)=3?nJrQ)X0vS$%xgrW8TRt0Tqd6 zUV7YDd`rLMOgG1h2+b^MvkWe=7zl)|mmp`EC&7IkiwZx)d7ox}5gT|&Mg06c^8Hp3 zda})30Mq4p?dpH0cg&0?ewt?YnLibUzXLtaY~hHj$GVLVmL+{^r>X;0VV}7dFUoUk ze~byfPFFAm?nz1GSE2JiBP0Q~@`tInb5du8;kEOR0m?LyW;xvcO&Mb|YsXx?A{5T# z_U&JR)7aAD(ix2QdvvUKL+FjY+kUMJ7as{1!N!WwADB2wgnVz)y0=KOUA$J)>q62F z(e{+4j0q{BLZwit?W`+0$L{QQw^tXIJ$y;*37cNLvIqBxkC`Si@NC`L`?BQyW7>*E zBC$3@`HBRteY`_1Cc^lti$nMjY#DTw5_RU=psd{5G$r&kguV`qce4;mad6sihnoj5jf~4mNLo) z(I$}FiXb4NJWAD2`~SR=|N8YH@4|qK!dc_!=BbB7)KG@E-pTu+U9BjCTvN}ddNZ7S z#|a9Hrs8*V3vHpWWhj9Mj0Nr)YAiQWMDepA;qqMQw^N+KsZos_ zr=r9WKP+nPjR3$S=PyYG5}}Uw{Zs43;d$%sb5!ll`U3DAGEV=^<5twN=MElT{q_Ik zJ}MSgYPuqEwv6G*>nx1-(oLavVSa+K;UhXL&o-s%AA9U~FvLvU-pTT`NuO33Z^!x1Sdg#xdk%4b1=Cqj(y*0!SokfI9$d=^j3GApKF$wgLsOQ*>XDBa5NGRkBz~_0 za`EkTx@5t+XNEp22)Dtv?8$PAE1P`fV`2I5+*v1umsq004iwd9XSGFbV}ftusRY1Ct?rxA&x({84?rsj> z_Vv~GTkHOJ?;m$BSZA#r&z?Q=n|S8gd&ZTmb+POEfN8m7)tx8G2*-Jm`H0Jsfu-%p zf~XUteI7+ty1{;^GkQ{m16ysA(v?FIGq5&A3gbCBbT#&q$Ep0?$?)Oy$(4QYlj>J} z0+^kEEn7QClX!tF+Q%=Sg9g*|Dr@hwp|9anAQAo#w{1)!j!F|xgt7)G`D^YR8x^X! zvb_Sn(SZENdsr(p!lWETpn-|p(sw@Bf&#{r{|xQ62O3|b(jW>0NKj}bVnQhd_*(dAT{fJKB+ zRV5>f(y0w|R{@%Fs7ApCcppB#9&UFi{Vb8(nT6yGA0l&&2h#Ha61N-a5+@&-be@)j zQE6b6@QH}Ln!O#t>i)s?dOQYhE}u5t;FXjX8uoXGdbt$ffl~4<#5T<~d`lh|x@XBK z-uePFAO{0B=-`~FbbZL zggAOkVS}9_qqsP5POT^C(@7^WC`^>~{=)qZ{h4T`oimUD z=}?2eB48?uu;MkUT3}-YZZXsE_N1!`sb0JoJLjD8lgIei3#2iYIAT;LKB2@$BE9jZ z4cxrdW1YI1Tf~N6(}fT4DE7)iEGX*8JEN=EEUAKwe2~iY@`PC``yn*(S zYc?&Hc{@msh%gc7fz@yua+Xzq4Bf~e30x+rk-(Our)PkXo!I9c`8>x?Sa^p*+@RkH zar_Q(?b>hxVk9z7LSatAK=km>F6^;eO=Yw5vd^>?;Q>6K0F8P&J#oq^Gd45A*ba?m zNP@5@_G3->TFVg;9xsloXPS$#>DAPM?`%=C3~(>l7-r7YP~UeMHlue+trQo%XY#uf zq0v@}i>tta1prfhlJGbeC~`*t(WP?v7$6YD(|*iSqNN`kZ%wbLr3M0;P3k6W?-7Yg zSTkuQH;<|;M@QG`0i}A1@1T)K(Cyd;k2_7s=1?*LcO(RFuY9dmQ(Sc+l`ha7-YfQAqR$T%kC<)m0i zvw9xBj37Z8+#UmebiOn{ml{+f51MDifgcwyyLi9$Ox?`1)H)3c6Vg)E>FPxZ-1pf9 z36JHWgjYVcs1W&K9GS3xfY@> zb3V}2_Uc4RlVeXsMw7S*Ym5ql0-~qwfLmVAI*7o)%LRIZ4|pff#rI z)(`qM+ckI`eI_9(D$4p0je5<@x+3AVIq7%xH-y+n4_Jiyn*_dZeQ#GnNft>xQ2GK+ zjmft-Td>ow$-k=+YsSkn{=@}(f{mM~i(l4mO62D?at6e+y%=i{;(&np93w|p{=CBE z?~?b(2=nDUIK^P5??m+vpwg&CpaU=QHv_5!$VZ3b)^<@&Od$X%7m{tRMU*ZeSPBVv zjrr=jb_YkK!@G+FptMHXB$ojl`RBwW7ZS}ZSPN#<&}G~1KwpWM(JUvaNIBX;MlMPX zfOm74x*LvAm!|Aa`Fhy%2wkN<8QVJ)HsDNESRf;FH8|2{n>pJwM5IbD0=pv7y51$O zQOK~i)ESd7Hu%7)ur*o-#EDCU0%1OAyhR?;hw)J~)`%b?sQb41>sl?&GP6A%OyM44 zD3u?yOCS?^tmv~ja3nGIej&&h=zPHkcym{e^<_N?`zr^fd{`t>%%HbWh=PuhE#;z4ilKOBtl4DvA7wrKEPeW}cE0&*47mcy ziq5za0duUj8~>w@S`xpJxCp%0&-3AK#2RDEe~DW@jjp}?PyZ}AjwZXBUXpl)TAqc7 z>zqZU83gnb)6M#DLGiCoarA4S;pphuzVeW7>F7wy04qor{|_YR{%a)61}~ zYPob&#zZiUKt73(XbV07+Y4D~AqN?y#&r9>tG4(~r!xAD6{Ei?shdMe>?IhctQ0cGD9PAp`PPPgVSx;J6OB~`HAyuKe9;9i|)k8p!;BT zo9@1&hG`GmNT78H4Fgk0X+|TmmJCbmL2oqWTH3SRxXYV2b>)d$l*~>rai`x7$ocGtG>^@*aIX0Zszu{~eH>6v zQ6|=cG2TL{TrFLm1Zrj)Vj*adU?q*d?`n!iP*6$_wzk*$Flcj>3-+AfQ0259$o5$M zFtz)gF^;)yY{-!qAPI#;^nOmO4;2BS2k!@yR0Ih%d<#D{rmM@XF4*-tv=bx403Qbh z9}zSX-%cl_Y;dnV_vVmkq|*_=fpt5 zcHCpF#Y=4UKSS&`=wi%Do4!AuHHS({k~QGPF~Z@Z{hPzl-NwBqzG5{T zeP@CUEH@%G-ryO#$R{R$7ZL!`|Fp$q?r2Geg$>V6M8G{^1iC&oTYLvXifMWMV0-^Z z;~&FAxYdc@xt~mBt%Rg7^(GwMzQJ^!4CAZ)zK}mTR379@Zb;ODYwNfqw$}?JT3~^Y z^1A}Anpi+>w66M_lSw3?#Hm8+2j{x7_eoRrG2dw<(YFtXJ1PV?H|xTsSsWn;1d6pS zAlOajIsKDi!gs+8ZewWsiKQ`vMX29?InkU7N?)lS+;DP-G1Y;JgHtOWpJIznyJ{nB zb==DCX3=gG+DPZ(B3K+fMby5q=cr36I68I`Xx#>Fd-ZQQZtgTB7z<`1Eg1r?G!QJTDm}7e zkE?n1=Hhcgzj_S7@&f@1DHWz_Ab3kyQ;hv*x9Jh=YKrhag^Y1=rs?<4SIApryXC@jFhJ&~bZU!^tZi<``%gNSfb>Ba-rU zec0n~!M1N34_ho}%WCI9XUa=l;ngI1iy8X9Gn>_h*ZzfC8ABx`894_X2JoM-RHk?y zt3UB;*e@vXr$Ds(*;q4hTrYe35*KL*fnKp=v^JUc7L(7| z|I}YkwuS|gA=p!&6CLX?diilu84(7+n8vfaMnUftMJez>6l44E96NWEFq$}Ij@lm( z$v)}Fg-DlaMpF~dM`*}I2ng9@qnm79ugJQNT(|RS&bx7{r23C(+00eJGRW$3p4(9@ zd2E1|7L{Y_zS@cAFrV#sQY6`L1_9OP2R6FjpZdJk*Zp{r@-^G*MmR2RtLwl?PJ15+ zZhtz$0h7p{*{$+UVCoC8Fs8ObW6P;*BLX6Kxq1vLQ%{X1qZim}*j+&S&{Zh0-}AH5 z+W0|ArPGDczQ?64?@fZbqlG_(i!O&;fL$sg5>jYUrj6nYb{oAAXGV>vZ}d21EY53+ z2g0D`TY-AAo~`f7{+_6n13XhsTqyaN;{Msi-2v3z@i^xC4?}>Su zJ}*+oHWKp0=GEJ3m~TH%-tgFDdJ1IktliUSXx>R&^b6nVU}q!g=<6q8WdoZ8Wna4GsDxVnC9bdj(1i z-|;IK21A>`om3PYNGH$-O*pwHsCaBzKQtTvr;F~y*dkj1kiB%NxgZ5<&r%9@CL{y+ zCj_RFxLlq|3WLngoAN{wi3sHQiH&o+&F!K5dj1!n+%h;25byO*#RKNMoRq4^)&+~i z*neV7R|M?ZZ0%{ROYnT(UQiwkGI{|RJ~ZSAXNB4l!r&gROBxjG^{(~#uR!n6+b#x9 zrTOsAFN7sJ)z|PwtaTV4yE85E7wq!6LX3B>~&Pf@A{N7tw)x$V^=)r1%5LK5ZR9{hlQOq&;;nFZmqT%ClmpKvqKC!C;> zogm0eKYfIPnqi~^AikjPGlNnN;O!^l`Ccz9X(4PA9L{qN=_n=eZgMT5`nVx(Ua*4b-|Egwd&z8lsQK z{Ku8n4wnc7U-Yyq>+lKcOTM=+ommqSBnuc@h9QOx#R`l5vEbn-Pa@xke0E0Wr5(n@ z`{=++NqKo>C-%BXNF(QE?ij*%h~vtjE0s;C{TC&2Ok@heaD(+871en8MT{XBY}U~h zPuS+xZ`S>LZZ&R(TPV#HXTiD+2Ph<+cmvq7x9Nx|_+jF+9!qnIJaHnF5R zrWr&DIrONi+ma0oM*YePN(;IRs&QipOQCIe0nHf zj!8ZXTqXUr%AqkIsqluE;zX9ZoWrzpgRve(F2Q-p#fgmkSRnb&TF2&#Vt!IWIovIS z7riq_D-Q7Kn4x1_hOZD;;$60DeU6E8(71WZV5H>V%x6zCq%dm~9=-Dk@R$aNV zUh5@~96tL#tS)sAx z9whcMPw7_?atSHBE>Wc@D5Sb8%>(sHQQ3xOZaNuT+KjJQ#n>OX=bIE2RrwE3mk#}~ zSda64_ULfjL2RBkYo7Y}G-pAK|cem`;J4=;b^ zviV?f&zSvS3}#61*mez@xCnc@ip62|@Ut`!o?)MPizzBJy+KLPtA1blw09KD0}paz z{y>#ynWIOMoy1Wq^Ja`UuRysu>L!kBC_bEO<9d+8PE1c|SSR$Yl!P@7^k6A;Y-%a? z-0KZ`XNKRId&~VkfiouFpEL##tc$oNHiifJ)a$mtLE$={GLP@fq7zr&W9HG8#*KhS z4xgxaxMeYK`LU+LrUrIE0=#z^#Ngv5h=+BQRz7L%N2Eg-1+~SY$(HGANQ~}>4Cq<= zh$~IbB(X)uqWXW%8QDuQ$%V1C6WQgbD73- zNlIUJ2w>Jd;Rk`nS@>wQKEY%S8e9atY0}j98gf!m+sN7!qz2MSh`~mqY)E2Q$KRSN zOgzbeAUkkk=zPT^2wg)*H^erftSe$L=rT zc7XrzAYxHwFD7Dp7I~EM7iili>zm)!POr*3SmX&iRs<100bZ4^PT&7kOJNz_a{H8I zW)(LYma1o%I4dw)Q<6d?TX87_7PH)N6JcqofHg?jPfBZz`Ae{*3TldBG0P{wn|jf? zWvHU8XMju2=k3FkkP{^b`V~@_KUh#huaB2|b-u1$taN3x5z|kr#oR$#Iv1GrmoL+u z9S+6JqZ&)aeZr-To01Te_ps9V!IlJFk^>U2YV#00@(Q=#bf-MyKow@?D zlNNh;Cu#~{tjfCHa7dGW@GJcXqZ6IlOD*g-Y(l9`_l2KG3%w&= zy829CX$5iOy^eiM{kHv=`(e=;3h?7B;`cnqgp}WB#a7lew#sc3$w)oDhZozmoCncq;V?1=uYcnB z5ANI5&zqLU)!ArUD2AzefqG!$lf%Pc6op>+t_txQ z8SyURMoDCU#K*`X!^b)b6DPMgrpweAP^B@d43e^L=Ck;AK2vcBJqSjWS2 zCNGeYYY!b^k#9?pX=Z{hLy0l)C0j#+fUw2VdfPIM9KDe z%zKwb*j%prKj0o90PT%IAP28ES%E6_?AR~c7g)0be|}=xGazOii&_qW@LboV;CqOfqfZU+nO)qH1kROX*{9JzGZ z=3%!S_%rgiumsbr3S2>)SiwkG_~J#0K@&aE=59SA{$4hNXPaO1IGr!0A=v|rk$IcF z%zH^Pua;cSrcU;UeJc-kh6}^A+)so1F;t_^iKKnx^hZ92MQg^sK>CNO0Peg|!6Mo9 zek2V1#AkfEt(7O=WwF5EC0Bo+YvrRTu0GGz^dU3IT#6ov{@s3kFFn&t73A&Wwen`K z{~a>!pCMnrnp0P^FhH)YiPnE@VQGtZwm&ll4Zo{yw0Yfn9uG-xbm^g|NRVd#nWc7l z;AgjRQC!x38l;S0*60{TPyKr=ISfFETH`P7z9}{KzgzKFD{J#uxXAjR#XR!-P=NK& zyv%Q4H(Z?|mART>$)U?S_G!sy26;OI_lJdqp_mkb{Up=b1eox^l(R}`~lBIvcsb>ey z_JCzAC&Sx+;cU;fa%U`m4R{(0JIipYgxAsFc2C!uT9WpC1^M*(JD>fX1p=b2!O{lv zo+8sR$KeH!Yx$U-G9vFBR;}>rt&wPHb*32S;S`Qw%irV_u>HdNXrhg<2<~VHrDm0p zqt8RWKJFQBiY)uFnTN-ELoD)hlKp7Dv^%4v#(4e94B&z7nl^45cE0Wzdw5Wu-kd*R zKv#TYdU%!|Hyy7AcM`EUTJGj(rQrYJq+qMl27KYy5o&tYxB+}rnP{0;7_&BRgBiK( zwljneeNUpBFFRTZUS`Dhz7-Merr0BnS>(B#=6>>94z!s7Y_YFP6-XvesSq=T*q5&DcE`Raeb|?JVcE5U$L^u? z%BXMJBo_b4?Ni8b#yvaKVe26u-&N`Xax}j-&EzNWOJLa#-;`*lOMN*HufH#<%Kd(5 z!B)vFs{LdAcPOYykpM*W8+D?;2WD*x%#qw(5rw7AXGBHqJz_t-BuO6S3Pp440}DJZ z{xabjjknnv6$KPkjW`KTP0ug7H~TW8U9Cx?Kir|oZ^kg2x*g3B=tI{_9eeiFy2Dim zj1KQ-jiF`H(b2t^3_Osw=Es*KytS?3@BT$cuuP*4BbZyXb+*aXx|Bku@aeQ&BsB-G z?jA1nMy&pgBp_|qPTww(u9J`M{%yB`naJT$!9dQyO(tcD5D z^ThV!{lw{U!VM=buckYrt4nhTfMqR-4^350L#G;UH)~pbiJx>BaZqp=OI)A*!)>MB zpeITU8SdE?%%rvlRXBc zi>T5@Km9bxp3x|9`WFzOR}larzPbpDh>9938)L=(J{|NX2@_wkb^*TZ%Nt-`_|Hbl z_iLAq2;+%f@V|HrI9ISBt$mv$V^aOIy|XO!--{( zud&6-G$fY!XrZxkvq`l!`roH_(7NRS&i?g=wWq`622tP1h?%?d{^wYDc4|s8C(DkY zE>LzDjml(rM?jc+aJK5+)DBm)aoRLq?XbnXV#GMN9*weN%^D1>u)+&0WR>?w@Gpe} z1fNS@?vvoMep$2;{$c-asXXbyIAiOEZzS{~_+jg6aVskmCL}`MrO3i3Ym9l0%|oMX z?8U!C13#Ja*}(Au{J64$f*<$FH9R)r68{|y;HQ0?L7pRDsl^~Jf!M#e#?B4<-_i4T zn5-QR7ZL_kEq~8-UJxL*jiFT}M}Y zi>4%2TXjx3Iscs|m|?=q4I+Iv@OTpqRDz!7qBu3JOx(D*T|c{7w>&8*+-ZnrBUV=K zVrHA<*!57Z22N6wj?g|dt8dZE;3bZMg$5Wwj4-Vu;uj5Lfj^e-W!IwlsYuVcQr&uH zA(-Y7iZV8lC2A4bgNgtOPrX{K?A(gW>g2rpuXZNbQdAYyEYJJ?*F*baBcO&M633|1 z>uDBZX<52p{x53bSAP5s4}R}McciiS?WW8|Lft`;!i=N-kPP@x(<$& z$l~ii&0>@vK0oojm}R$RTr_g23H!?RMwco!B7RdUe)&k<^oGCG+dpUbIT0JTRykJ2 z_GFNBA00J^2zIep?H!tB*RJfGu9~F_>mQl}_#*&<&4Y$sbKdX;+@8~!R^}pXR^=)*tMtk+8=!zI| zmIM*L#@^i(?b}Bm;8w+SR|7{^^mKIBNHTXf6JvRHaWFeyqVW_ zIqHgFwJ{OOFMD+8!AF1%bh}$%06OBC>$-REtG3M?*A~%PzrVECdaSj&BH8^e+PXZ} zbuo8+f+KW?rb05=%a-E(=0C%ur8o-86aiLCnjWACS`{93Mi5~Vs3P<_WyAFd308sU7~a$fgc$?ZGF?i z-`cj$(0bP!il3N3WnCjS<&EYr`8!4fL>KTKQ2kL_JT68CAA`VjuWK&0X%1J;CCKG= zN@=qfspgSV^CNnn^m#?^?JL{Gmagr8Juh(W^>YMNL6Y?ok13y$n|1GqsqC2s+$5R2 ziZYTGoHyR`icT2($e^+1`K z#9>vx^4oQ^fp~yV@f&wF&f128ni8HS~nzM~_HtbFcD%;*od0VU0wdybo9Y#~%21fH2e_#uBtto@9d&mCF{odsq z|0OvWu;GBBO_5lR4%=?*U;pc2L7-t|Kv#T6r)B4B*9+C>YJe%7>3W088*+J|r-+Kz zWxyxrXMmBy$d8_wi~n|TiAMi=)D^}2Nh|d8UHbm9p}Uk;6=S1Oc1R4j#5-Cfp*{py zn1lPHdaZ}U+fVHk@{-YD-S&2d_2kmBRPR|@+Zg`qxFUM%xfcOiffJX-BH`g7%c)S_|fO)r<@u`*pr&5=)-~lU+PNhNLHyC(a~hLICyjt+q{=Zc{Hh&_8-+ZP(m|eY)JX zAB?3{U8OSY(af0P`B6L?Z^rZ1|g&z2%- zZB?U+mDo$(%YXWC(Ml=XYV}1*-F|mc4rMj@jcG|)vU{VE(TDQoev`L_2BPUt&_<@r z_u3|lM;`AYO?HbS2@|kir!%OVB^%;BK^vI54`zvWMg6h&B#CedvlcL^B0S8b=JQ=u;?wy@A9QnkyF zn;=1yVq#*n^`sIJey%ywz7>k)OqyAOqz-e|z-Mj0HvaiYXz>^N zL7~{W8dkqI?Ois}abLnX!hG3zW*TMpNb^}iT%PdTm!CP!EsTF?=tvRuYW+T^+EZ?)BJB1-;pK@uO!R@=T zcT~H(dwH(L$xB^UwZM~Z{y5xEZ+`@g)}qH2Vb82lvuWFK!+mlDg_%0WpPL4#0h)>k z7}dRqaR#BgoI%C@!(L+~(|RvxX(@HYvTB`o&7MVlfCK zoz(<3q9lL$QTMk=F!h(i)yZNe zpMYX`ALcQ(vB?X6Fh9716qQhkf>l>Q~0+6U9c`+>eQ~IJkudi>SH?H zmd~}h)~&W!6^9|dXyqFrodLs@jUeKx9}1ZuDH6;V^tX6U@@7C84*}jPBQw7wBn&h0 zrSiwqJN}WQyR>DdPXg&jyz(jqC?IsGlzav_o9fKBS9v_vb=Tu3>edc{{l$&#)g^nV z8k4@a?Tfa$JUIgJW>M`oSu|d^3^11_hPdTKf?rv)5jf^6AN4z_0o*))@6|hgYtO4F zHtxFi0&@~d88$Xn`l|_D?wYNJWc*~)kChhV=apJDCT&U*x!0-YZJ2n~cY7x|r2%FXrwY)1&u!$nv`iEu?GmhLdx9mKz5gu0GA8IMqBbHBUO! zGOsjo>k!SgFv|0A;OJPJRCH_99JkH8j(l*(KlJ;;<`{Q*#QoAi?k^^mghk*2?55Pf zc)fSMeF#)B5^e2#_R(*x4UGI}Z7;yOOh0%Ekd*uSO?D?t<)oFZ6?TzByu3dQr*SiB z%ccICRQguw^F;TjnY0qSYj-khCMRQsAYzl@Jz)c zEvu;qtd70yi!1jo9(}ac_wdVfow;{GJMrVl%9B}Sp%%uTqx{+a8d7Y zE!Dhvmyib!JUGLidqHEN7@EL|ZHDuNc;1s#v_H?1$uR~*INGQevLPokfH_{bw6#;V zc1{5YuWfJB@SQCv&(*q?KgYq;ySr@4SuA|?T#XU>xl91eS=jwk^Go;KuYJ2kDjFB< zO10W9o6JI(oEy1oyl%7}&N)UbR#ss2`pyYHW!6L*Ho3GFaY#quLh>V-BOh;C<;$(j zuB$?dqi(m+_AW+7_%@uO4g1V69IQI8%ik^-k_lV|03XJe8t(kmgFM{!J&pU1==vmK zT~NR=4hDuT?vYFLhp)xC4TI)3qbo34x7)2=&UL-#v7gb$Dswr7nx2L>g}JL) zLtD)RoGP;?@3_@<%EFy-Q2T1?xoVE8yF!e87=o6=mBxJpP_(0Td-@_{3~2d$mnyg@ zsca=X*wT1ZmmY9G`0H0rudu%Q>&D?xcvwN(YVCm!&mae-2SNk2wq0_vsmZ1@xdv~O z;<(Ah3MrIWuMRbxxOM2bG>a&_QCu4`-{cO#>BqM}2o^{y6lO?h$ECiWXhmDxVBt4V zcr=K|Jc&#XZg1Am;nn{Juuabx=>Y;j{>P5Pt*&zG;$1X4IL7iEk0oWuZ|m=buK{l+ z3r4VB+$0aL_n_`Ja|7VE6utg~!h!Ac_AL#gY&OeVPKG;Zm)B(viIq;>i6e+30zh2P zX}>~3RY-QE4|eK#3k zWkB%iZv=@*g^v$%vEI*>>AL=QHYGHq?o%RK&fhL9CL#Z{WnNgyt1A5#+!x0}%~Qa3 zA*zk;Ue@s9l`=_tub3E~zlcDhM1<(un0e!CZ_BqgSNT&W?8JR%f8*hL?&wsI0Szse z;w;On>qw4ij>0PP22|89Dz2+lYArQdv^zihlVVFxW{u;xdB4qz8N3URjvg1_efU(S z0uFWwg?BgicrA%W$lFow2&f1_FA>asGTFPauZNG_-Qp`{Xv8rRa-qu1mCSk&B)GMQ zCVBr4IXVEkwNmcqcm7IxWiLGB35Y*w@YTa&th6cn^(M5ivl`|o8$E0{g6(!M`QX=o zRd1i=!a8$*GN+U=wJDwB57LaY?3^5zt1q5jTka$mTDG6bt+P*_6X@d#Pz}7%bMIN& z(8?E@=p_}vr~T4onT@FKT6=;2HGQ9r-N&Rz#!R^$m4Tu<NL#ukop!mTc*eEq7JDg2W}Z)R(t?rrXd^99n0c5b%j6 zMx-^z+AqLczbd*%Z5|I1N;Q|x2Te%`!`&4KX|sCp(UOZ@rkUX<}Dm&bH zYLLs|_hp4#(rTR_+~6m3cRTFwbXIfw9~zB1Jr4Na$107tZ1K9S zn98Tim+lL*vzwvr(;VN6IITy{6OSCnsFvv1+YwIjgeT_>k zp!Pp67@@$V+>wfxy__r7Et@Z!iKjZ^5ljT+bpVk*ze`Xntj?*H_VKyI-B>tm{+P{^ z2f@nTt^bjZxdi<1w2e-@ZZo54Qs(B}CvHP=2w)o4Da@ zZe)|Dy2KX}m&mGsmoqWN@qO-q4>0OL)ZQ663 z)<_!63vg!RU>!Jc8!$QLcVAs=3=a=iIxtOHI2>_@<#b+4)k@Ze8^(HGa^iTqR2{Ro zl5R}LtMJ-ew{`9AV(NOIIl0;)Z>^*<${lXGIL#Sw^ilQIMfZ3*0V z&p$c?daAPaNhq1kKKZce@p;lvTMWw%AidQSIO?h6tEgRpf(&p28^4^u^%ZqohPPlJ zTDnTt)GJh({c^z7?A7s@)67Z34ddYNrMNU?9*0=}RrfF#K(6(_>^b17ry)0h`egVt zh_S`j3YAE4`yJ=zEwj&BzkbCozU+PJxUqGp{?0LJPHQgi3%^Q48{5d%dpBd>Snwhq z<1=;wat!Q*#NNLkmRxnuCdjqFk-ScNKh+olzSt5ze+b`N|WCY0~J!diN{_(=E zMsjRb*@>}P|7)T}#+gJkURgd+e%7vDJ1xzwtLI)Y=#;2Qhp2x(uKX!+^T-yibfg#x z&d5|}k274;RkW=4x(la$jp$#gh5=Fy2(X>6P`+ur`{1{nb0@cbXg{QUD|s}8J$=pT z>%0T|>%aXFuxZ_I{OTG8w~RQU`b)ihRuvpxQEY5=+dtZb+mk6}Ud4`V#-<~0@GLYo z3M#iTE9O**!ylxZQepMaCz90M{nZQ6s+F?WFxOgp`}>nkssy!;wsz$k*Aw%5Q%jo- zt9QTr(Lrolh_Rd95=BBWB*ZzGN5Xp~!(8)SaGl+ZAt$g@r&G&%v5y-{;0pyX4DkP` zwN2breP5_CqqMioUGFZImsnom5QqnVZ|FM~7NC`chz(V*hXndsXKA7GEzO($r&gAS zv#^clH{>@G^wU4pj9W%+iYu+V?ozx`sg-OV2g>X+f;r-`rnGLBNq#KuuoHp}>?eyh ztT$X5V4KGn405OFKJ$N>>(L2d!-3L%x)H?I@wa?9__gJU)GRqx!G)pJMcuz!plPIi2U^E&rzqnkV$-Epw$dYW=E`xSObmsJ`gKT26@4!sQTqHbIqJhb#!vd()zh-g`zaQAJ19TgQdou|f^ z5+t=G8Q;nA$s!>0qpIITp5KMHdrIEFvMwY=lumBF%<1alR@7D|g!L`q{VgHJZ67_A zZJ3df@#Mk`xwh;gL#@X$$5K&EBqr5)jCu`~7UR|ystC?N@#NAbqN`_^f%D<;*m+~D zu&%h^pjq`>78ViRKW?A2vjWh}FhyNg@lt@gW}2oHRGcxLRr)yD=Uk`DZ7b7a@QkoyIGeKEjE{dtYxxdz6t4}kzUkAWyHdFYT~{)*)AG4<*({cdA(zvx@kak4O^#w?iw}*F6PgwoKb< zi)T=HiObo!+050@euY|l4kknGFw3D$brQd63cv@*_$26swv9)f;b=1{d-piv+*jr; zkpc6xN5oy`;|MnPNUiS*%gH28uAGg?E9YgVf@6kvSiC9MY!aWzC^9UW-gwm~^c~Xgt9iuA{rHLwd&L942&G}>}2 z<}Uv+;{}6!^?VpH3lHO)BNR+Tgj;$pMhtTBf>lNLZ{0vv3wO?&eOuBIbs8BQ-hL(b zMy{xG|7bd8?3Ec)802|#jZPvN`5KfbuLtRYDdy%3durSSL`fg`BmiFV*4A?2vAEA@ zH8kU^zn&Jpv-x1evcR<@H6x4*AVFp{qT>`xg$LLR#p@XqS2hx)U_1B2NQw8gYqYozYLrMe_y1L}vPKJ)Zc zY*eRLLlJ7WPC15ZA7*l(#J~7dqOblEIHNls1;uDF`C_U{-7O-o(!I}ZEK||Ugnck9 zE{M-rzM#giy7PRNXOhoL9iY4Qi>#M%?ts&a%U6Cyd*F>;^BNPQ!Gzb$|5HAg{N zOWQf>6tbY{3CO=-R$8i9) zJt}Epxm;nuI)eb?RZQeV(}wy@y0~VNBgA&AXGQr*_sqai1b|kXGT$~E)l>l=BSO9c zbsa80Q4=;xh0yeAyvMvA#*EeZ?Bc2fC#M`Ad!&`kGNtp` za=m}d^OMfVc}R=&6ZL}DlhXyx%15k|L5Tg~OZBv#k#JG&9w^#}URfrmVdY2RS9R_EzVGY%0#dn~pS8?43Ch{I zCdQ3(LcZL6&i1n56B4L%g?z)!*WDh5y$53tE72S2<$zMuM?dJMy6vM@dW@Z>&A|n% zzXAy8euBzpmEZMj`R5Orm{p2UQ7Nm9M=h_bBgKuM&rD5CRS#pAD{To~wqbZ!DSjbh z|4>Sby*JnK5e4J5Rzrr%JH(D{Ma% zbdi`g?!$(ipEC`sDOR&+0qaV??EehWM{qH*C*jvu_c>wNE8@Ys)*3IAWQyLbg}+(2RJq=_uHkSwBB8IQ zPyZuT217*T;Q7o^hp+L%<-%u`i6OA#qK+15 z)Q==NGkC43)6iH~Rlq5p!B2ZjG{sj2?ZNxJ=(CsK2rDSs?GFIypBFuRWZj{CC+;sb zO@u@#$%Q^k9ekLR>Ya|$D!QD@x3X~M{_xHsKh7d5L`8a@L@7oA7bMT#*Fr;xi=5?H8v&TBP7TY-O?-!c%9B^jtvK3+7 zCdWyG!yD*+K@bE|fIdJbXngD5C~?gq)VmaHTa-Kc@8queH5qwKdc@R|sVs#O$d8ESD zmKNUVATQIA)onYLz13a_XYjCAmNhNMq3OGiKk=8mlb=NY4^v+O)#MwuJw@>^AqF8R zU?C+)4Fn_v0qO4U4v8U+pr9b#qdT`zqf?|iM-8N7bWQquhQ8nXKIeEmJDlyl?_XTk z^}Fj?%|ZF&cXn21e3rci%D#t33^MrKW4r4R7ZMWUez2`ngyFA!lkhk=gg5ODdXlu} z>n~lqEx4nTt7@S+bgeI$pYMF1mwM7i1}KMA%*547-2Yj}bRq{ii)q2CF&%2vNFEK* zrVM{+dgqvDVJ=)Yd!&;JSs%!*ChyUN0UII-O!R$@ zVe~0Q*|>jp_2)=aG-Pv<3Y&+yZW@&A4;%cuxmox&zw1el5$Hdh^U3EXo6HiQzR>VeS?f`L&E>>Qf*$rwayHn0r3L z7qhNqx_9=XRWY$Xr+Ed}O+&${Q&&;05#73vVzO!Gi&_YkyW_rzzyq5&`(A?uX0@YCdYGK{c7@TJ&IEuP)v8BC@#+VjzBK;cK(`Y3M;Q*M#Q8 zS2JwwTun7KF_bJ{U8cM;`uRo`>@NMO&%qG0D5QC6imKg)r zr|O1~Y2(Ohk18wo4h`hKy^(NPdrM|OA~`GJP(|-4m;JJ%ZuLQTefO{=#lfDhK|R|a z>`Aw_=#oaVf&W-uWhoZsVY{?5i2%2x2u-_c`>!poVrXOpq=m z&K2|dWV*oxxN+k_jKdqn$i=O-96PVGQMfX5*-CAVsv4{Y?DCRv!sbr2Ikp!1cb^r5 z#~5q|{?+MOG-M%1lG|uwAAq68$4s&P9(cMQ!7@Z4>y1O@2$C$e2o_?Ql55K6_>)y3%ZxqW(M)0)O?na$6$EoZ<4k`xVeIR0>n%i)&c{YU8`K-U7du6oy3{pD?&{E(7}bbv zJPjs#ideO)f+nr5qqlSTC-ylPgF!(jn}1nwX3mYUp}jm!a`v8`#xp9^U_oygcx}_r z(b<_HoLVqGuOa!R_3jxGABhKwexYXJ%ftt~Zfa8M*mW-iem(8RX3$Jw=r!A=MVpIm z#n}LtL$i)YHSwNe36u#1Dy`WAWYk+VPN$&|o9|#=?@yN>52+`0DXRtXFTc_JZ^JFUqI|9;M-O z*YAT;UN%LelZ{`sP7`Ni=TWT5jTwu>6kD|v3VJFPJBfdH^+exNM@%bp@Xt+F zxTQ)iE4IjTE}tvPSK3<$mko8ITT}_-Zdytlyz5QgHT`@oe1AphpuKrJUt;zM%4J*C zO5zI=cKa3kApC{f3F!qXm+u}kw^^f+@sUuZH64xoP}{dvk^Q`H7Rf>$YY}y*WiWf# zBA>9PawfTl=vAGp5G(d7Sgn!uvsoaec;lotrlQ|8KK*X;buAp56H^bPUrarwEWFUY zj)aUt@SxW~H1zmXPb3R;XG@P}ukQo{Y>ec0w=aQzJZpcTMS34zSEv0oB`P^4lg_Cn zxV}`Rrwttx#;;Rk4KgK5MO^_%wCwlW=7&mQm0YfEaWx4Ms!yy(ic-dG2nR9m{7ua5 zy}Q-U0!796W!*jE)ofE(8rxh5Oe}fqtd6u(tyN|z0Yc!;c>?+!VVrg?@rpJ^E%_8_2+-tdiA@)h~AzKrNy9Lt+zZnZq;s$ZWqXC%!$MDeOwG`ixCOM z<2q^|Ypb%@#X@qxmsVGtZ}42+UQOl7IBBmsdwSF?b{y+R7Fg(BCb5L87HniSo}Zht z1Sh3Wx>!FPDYn@=+#dw8fgp)pM6QpF(4_rN@<^I*z80G~(h<1gIE4oQn9~PKk$jqlC9o?92iSwx+8y%X0fLf5PYw&V??s4<1pH zobTgx@yTynmF625JO7<}a!56*csx*-FjwQrKKcSPSXuv4_7N+pfEAyMSqMLjK%sJF zYW3VTmeI_q8RpUgFx(ii$Kg>DyVc6wmlY`}=un-dj4&|GJ&Y{P5XPt$)z0 z)5t0nNb0us6u};RfevM*YO-yRJ5{;OaPD3c*{|dI`)R=JywZdwkR=6+T9RZ;;|v(H z*de(2>Rv0UX%^ZuYx`!j>Sj%aLU*X?zR)Z;H+O+LB4rT#muT+AvFiMzwtG=M-L+7& zFQLl8W8OfoXXhc*g8=KT4}C3ssToHjZ{5|S=;(y75#|I5e`Fgl2*|#}m8DacGa8)n z0}cox?_MdYV{soX z)5m+C4vS$x;m|bEwn}72O2_^$MwZfR@svTu>NHIt? z0RF(9=+^N7B*m#_!PXL~ZV{eE{b<4Yz}NH=n9x+vDqkJY*sMiz)rglAi(K(s+FM>9 zRx!?(uhq^PZbbFeLR@YJhN=(8HsEuKD&oWxpxF6*SX*CMugt!;@27koMrDW31zeBu zm5jL7B2A1nllbn5~F5cm9UjPhTOKyCIAC^(+Ee&Og*kP<*Q zq;qeiAmZo`*gJucQM`n|BhWAH^fd$dW)zF~Q^q!k_`k3{H_N>rb}@zfEsgRvSc*!n z-sTUuqD|4?$yf%=9a@=@gU(>*tpn4jA~9>B-v6lS0a1_7)zb1N+44nL55biM@4H+Tw zdgGCu(J)~fS*_+W_{*~8z;o7|$Ra@EDTh%YdCzx+$wQ*3qS*n~ll?@|#YLS#+z4vN z9j}|I?iVpNE_?0*^G1qLq*s9s5$DyfDyZ51agRH3A?D)m8E|!=hoJ?-3a;?^(gDd*Lj8^xQ1m#tYQuaTlug9Um8Nhf z^vL~XS`03_ir*xAAenhu{vJ7rrb`X*&b-j|mkFQ*gb3GDhj4%e4CB+2tOh6LBltzY zM?9#A+et$7kU0$!9&t?Sreq6QL@8PHESnT-2s8X)-$($dp< ze!PO|k!Az`;Vhs4S1p(?YF_Z@o@wq|WeOt&N;Kf{9m3UB%YFZ;JCEo^_4L-4zLb9i z_nomNwg?z9Sb(BWcIs7YQlNH`hwHP74=%Y?Vsw*Rbt{!sT*s&a64-dT5p)-+ zmPgNHVKdqnge|MFhO=K|LYFVcRwKXH}&vckwr7wCO3u0(> zWYA|b2Re#9KORJfrylhBq$;07Q4NC!*Rg7;rHDF3rQdxxJQS4P?C9)@5A4`ZUi^XX0GL zzlrK_Q|v397Mlkw_O(>0iJ)p7DVR?QFN5!qML^KvLN(@aclwZtkrioz__2|3Z^47o z;wES-_?j4_##97x9h zF`|^ik!4~*UZChQUhu=U&qyLJQ88!k&AOaW?KJ;WrB|Bg_(-s6+g+puwH**zRkZlT z5H^dd>I^?4n091QQV(GcF0|4|i3?zMczhk*wWUBSt^Zn)QWJ;I8^v0l=HSH^$@we+$G|*voM3`mcxrHyl=R^QXVw=`Oi#~xS@n;6_qIc`_Uwg^VEj_c{v#CXJNeCX9hPPDXwW0IT%$Fnk4Ds$8`G9t)-6gRhnlI#1kV4m0m32y-SMu)C*i3)etQC6NFO`y0 z82#w)SbX;s6cn)g<hQS+Nan@2T9^T zFs-n2!|5gIuh2)8TB)yRjXFKOytr&^NDd$Ul1K+Ng|OjJp#{yz$U6F2S7`mW4>h|k zu(+G4RpF(AGeUM3VB?4XV)FL~2@-1cgYlbuF3-@BfD5zY6BG%Etu4|h9gG9~qmkb~?MLj2Zfyl@nswG&LU;ZMDH6XeUEuiY3s>HJ9s$mRt2ywbzJ>TF9* zX}%JAek8TDtW$2%?`)O-eHcGaEqNUudd)O0CZcfsdvLk=ilMYxtsQYlu(#$W|K%VK zhy?yN^O!y?+wzhpF#6+i9nKkVRL*~cke>?jsRR{foyp>U{f&Ny+#xwrCdm9V>ghP6 z&g<8$E!R&Ktp@p~g*kt3*-8thVRKoOm#cN8$1+^1avEr}eVep^9{6Gma4yGR;d6T> zE98wW^A_+P!^O>3*SR6_p+%v?R)+)OKa05<&E2}K^~O9IZPPT+N5!2JSXaj!=fvDp zLO>97fJ#Wkl+h)!BvgjQ;fJl~2!;KL`fLXJP4zeKJr`H>Mk4Uq4~9wdnM(IH6@j?Q zC>Zr5o7s2@wj(b%EjWh4m7lWxqx{xpFUFwcst=aA94wj(5;O`uJx>X46LSm@Ii!q4 z4+qh3%I7oYvS>PdNHa1gR$Y+zb4lRq@iz;i8>8BXqA#p-`m#-#_H8Ppq~Y=K8zA2o zo!#xyhkjOtdM$hfs5JP+&J$W@MYVsUt9-o+UvatRDg$k%%~d2Ebic zf3D9|mfNniibHirq|4@hxw!lmz0iya-fx&yc3P25K)>w>LO;XcXhdk9@!m-SJV-WsqBs$l0|gxJx29KGZ9#w%v;wN9xCb?saD zF8leC{&2rAXWE&m`I6;HG~HywnlIfxVl8*j{!n?PgC6LV?_T>=({RlCsC5nGumG-G zd(^1Ek0IoVjEu~FrN<=NZEP%F8DtJeRXlj;J4lSq?v^QZ2Q6S z9*Z1*W3QR=YU9N_Sc*jkh5Ot5@Ib#L2#dOkmV0Y{KjMXIp?4~cH8ngp<(S9iQ+f;# z(6hVMU6Uw)B$aOwhY1}P->+yy9G9W2S~IdRr2yZKz&76yyTNJ$Lccp}-2$=owmARm z3_#`E;{Z6j*z+`R#iv{DE5OiH>a4~Adk&kEVCvJg=vbCBse1l~^mMP;;dH!dy2*&W zeOBwKwsR<-cRHWI1$4O;p=kK7WKHYNf^w^LCOvj^y?2;wEGvRe|G?0%21%U@^q{Np zF(?}EAGZSXuxYKdZ1140BaG`TyOH6!z-dj9R!9Mq!>gDa@m&qbko15)?DgxL`XkP}d6}-UU-?^#oE9@^q)X*>u~}MMV6|jasIlr2Go1=bnge9HtcX*FrhW zQXHLFsjU73_5EX8oGg7ax^Ak^%wgnL@nW;gq~Fy(^NTI#D6)STADR#m{Rf8c95R^y zU@fPxD!a#tmx}*W1$m#Qc}-Bu;reCKm|ckSX`fHI$)g9Zg%ZDR(0Nv%aj*wSJKS&M zo+d^mWjV}}kgTFk4~K4p$|v2iCslBAxVtn!-}!(n6eaHEbvr8xXynp0AMQ(p&&L8e zkOPFnDq`0ffch#emjcXdC;id77<;BC#bYj--ZQ54r^`mf8{De&O8pOk0fqjPTet?_ zs3;nKH>)pG^5U0O>xzhqeY<|RB{h8yVaC$Z)tE%s`8F<--G5$H$+6X$tP=TY%bkwS z)4C==x!i&p{$-OB>@ZFkyRn+Su#TQ1_Tn;*kqVL~F2@748~p#RHlW95?ZC^KDB0ho zdM4R)Lb*v)=R-e)DJZTU^l{o4-86$y$Otw?~G4W9H&_)U}#Gzyr9s=DGZppAUO7I?G_?oONb> zf|eDFqnM~no^#_o*;A;!E4ft5P3JF@Vz znVBkFM-rB5SD+>@SX33C4M|OX1jJ`yD#@kpoUEw#rDh>L?by(_3#wCwdje7%M_m)d6mT) zYL(G#r99?5dk!$pOF8N^0Drrjb%5MLdCdY!L`0+;63QZZs-mN!lw*7`2!{zpTlV~( zTT4%QE#%aWs#ShUa?^5t4{75VgHCD%aJ~4EZ4^BI%o0hYs;crTnW;q12A0hit)vq3 z>S#&Ah!kAnY{7dBjY;6<O*(m|Vt^g5 z|1;jVL)DydT*X+@5I3h3R(+Yu{NtE|!C%;0R?P*jDh)=G!S|P6_p$a7V5p6(dcSY~ zkazte7C-fTKkn7$cPt%3L6bY2@NK5IY0$~=6e zFE6ewm4E8h2npGwr=88z9ZOnw+BvQhPY#Tmx``pqzhA zKWFTVM1^}%+2iJk3CaF3gq2kj~c(%XB{2xgC7}dXvw<|AMZKPJf4r%z?-u zaq!?;)QYXu77d*0ZE0=8IJYViqgujX*zABAvsK>LMF*Mi)6h&v$;rtknW zABJ+ipmUa8!%DXx0jE6|l(hnj{eL76Z2YaHrg=rrXV;DLl4bY{^W+w|j+5mN2xXsu zUcLX{{imM{&Y`bIc~@;=+V$NE)+6Py^N?RmR!!36FPJ|y2z~4uIm>7*ZCuN6jM=jq z8JU*-@6kdpnEq_%T%ONywF+P;L6^Qv%(?mkmh%O^E~eb zssODsbIJ8-qc0UjXzO7MiyqWHV@^qFJ4AGgmElM zX+#(QmYi{H8u7d|?-D22N z(OBuxkegd86|>u0FMLx&>~ct}c%8bn=kXJLp(*pXa2+X>{wx%6fu>)ZPLL+2yRnn? zzd7SeKP|zzFv4h275Z3)bL8i9QPR}6vQIauw8M*j^SS@|!c73%ca%wV9#pk zQf08TY9xkmGfvmK$|uU6U7rOa6aB0Qtnp^D-UG{JJ!D?vu>wb17mO8|tgnUAE7tb; zD0%KVyKG!!q(d0!RDopB;&O%E>;%2d2e!=rdw$<`0sfZW8@Rr}`#nHQ7)hYj;O&>u zF3~wWjP`TBiHeid$G{pm52oy0H}n?PmQprjF0s6|ZwjRmu{n-5+Kv5iBK_Pm1YnfG zEw4o6pG>BcIPRF%2#z72!CFxvr9Cw#9s@4If;j2#1QgpwDekW8)>_avau?SsDg&k) z4hxt2HTDPa89)x@xkY#Wr(dAGu~B9e__2JdH-+>S7=HjgX&a_*kH|YL%sSLV0MPj2ux7r+RQsoTq27Ry?V&A@1nX zqF+_j8{I00cj#KzxYSgAcv3`6Om=+y!(;&uHALe@O^Q#-CFRv-KTuOd};ZcGn-R@K=|Q&fBJSrugTP6=6vWm=##~QGcR)myy$a%B-zLl@~^x z&UVHg>kXjefoB;Xq@U-x8|K<@CF?jd+aj;Pxy*#lL~SvKpFzczk9+h>1R>IAn>}&z z1gsC-4}btRTgZQf5SBAM_5Jw+056B)+Yeq^9PcefW@Tl)fa%rqsrMy-tz+lsfrIm> zN1MYl^&YAj@4xHt68`nm&DqZKGAbdX^iUc>!@L+)Ozypflf2ecpUb$j4(evxM}^|a zU69^Qn$a#5(Uz?&pS8(R4AT}S*;WAPCc4Vb#?CE%r{gX!FYknakdVX2kBXO1b&En3 z(_#=BO8e?R#wrd^xdhCrfo$?okZyDrWgjGrsj|wQ3EnjSlye>A_;X?%nAjViw&w`X zdM*)aF;QxIM+mr~NR(L}UQWsHeOA@d|CgwQn_W-G5K!P8=GRJ^7+X%!e)Wr@KUtPs zoEljgyBR?=w3gVj$-{y?NIesz|MCzuTke8ZCxO{Zl{fPK9PZYo{z)){*vZ5%N6}iH zYEx$_SfJ-_;%Egm!$OSwU%WR4u;(ioz(v0eh^e@Wk5dFZDu#xKX*o`Ji!@3^D(%pv zl!X8N=deoo*N6;%8YT}z_$nW!14P0#QZSmA6_ZGB{b&3?V7rG__#HT0-g5GcM>Qil zEZ@cOUUSZ}{g0{S%|9{Hz&&gj?OLo`zO|E^dvzk;lvS^`U~VJP5(Hmjk7+%9@PYo| z(65gKd1}oH`fpufB8ep6xANCOVg6Unj(9FH>1l3aVsW%FaYta`B8nV)6Cb}oC12@| zz|{;j2y_#*6ucHh^XD_ZMCew?jUir$v{X}zFUwOc9BQxipzPoHWm*Xx?Cc0^={ ztuG%>zHjiJ5PBMsY&@GZ1Vl%`Ztr&wmz6&1+9L-?N2O0D-_YjEw`Bd-fiLka&d(dU zM2qADCOO2jG%w+#{&1j#pkCp;L*APT#8zua6cMYL=OC8+XUOb{&tp z`|;z)8t1jhUX3ssfybq|Yn_0HpdlvJMs(Axu=$ORtd5J#!;6eL zN2iseh-vcUxTBz{dxbAQy8tgd!eH~A2Bx&iJOcqpCB+BMUI?>36!fezv^o2;duPI9 z?&nwT*@lJ&f;-%8sVedChc#nRmjTMmQR((Sjt$nmcCvJFeLKABX zPZ|al3oGOl525la7Kq|+2E4W7m;G)GYrTU4iyIpzE=ly_366AJ=9c9bM{@=-Obgb^wI2nPm1lJ`zTMe2^HBZ|bVdUl zYkfj7QlKhL%?~N3l$Mkn1U9!hm2YpMYhBhy7!ynM>fM(t3$EnYN z$EF2JeV+Z4lmkZo3}7lZihY%@xzdG>F^&bQJi^3@Ba4>bJ%0@k>kckFC!1tZSde(d z#-+ugUnQxH^2#nLIkzakzVqQKf_AZ3bs(A#j#pBJ9-htx(w3Wa-mgE~>(0SS%gTTycg{raS?F z4btCRQO6QtC`26mOk5Cqe#{BGtp=CPX|=tRoaM`PZlRA>U44NdoRK_VE6sQrQ0e z<~W0Do4Ql1xOJOfI+HT|i!2K#r!*%$T%o_hIQnE0J9gtnxIJ*?0H}H+MqN)aTPnt; zO%1M-UtZ2ti`A&GNiclH!NJi!@wX%4m*6t)LNMMC-O82;a3DXLZ z!YNc>!R0wnxN#$;Dd3hPX}mbX@D}u$$oK-%%J)D3_&C8J()8=Lnf4Yt$zoDF~(85#Ki z@zJXh$EpkLl!{}f{HsC?l5s)-(ES&J%rgqi`XyQ9MeY(0%!s4I>=g-zo;DI%p@o5f zbm-87+lh_jON5IaUEfdyxF3h*y_!_Ee>^;yF%`>g-s$k>L0qXIcKe#fSAZWoL?67A zVf)dW%&)Ev*Xe{@3}s6b8%IP$-0A;!h!B&dU!RT*xYYG(F>+o$xG8#$Y)&rU>eein ztrF)h{Cv5vF<%6)f9&KWkvQ-Y&}p0D^&n2@jWJb`Jua~$d;7d(K{q|cwWk0?`oVf3V)6&N&P|!qysrmxakM#Q+kinK5Kyr7vKDZ;I__D7Aqy|k z`&c9_jL+;uHz)8%qpO?(@QE;1?>I=`C%adK7h;roXXxLS#^4Qs!rDh+-)0`8MfGhG z3jl5QaQ%BBq(C~j63J*7c5@B12)=SP@#8lNGcy(F-a>W6SiW+uP21K?y|qU7=HHzU zpsy`J#XHLLO8kMiR}oO++gJ%Uh=I8)QppjNg+UkDEK=Y6IuP&Kzm|IlN_dP|Yv_X4 zRUk4?p4_@#pgI63C@O(nG62=f^L6VTb&UhPvVf}2)T4~p_a{zCbr{dg%uulz_!@c+ zW{7dmVz!*TA4O+VXnJ$Y4(DbpVMb-1JGRhW}!i16OY^&sy zk(q~cUXB$s4(0HAZ6-mt8ZFmP%?kX{kp*(^T9CibKM_V=>mUR;!uO`0$0qpr^mOV6 zkjfho!0J5iQE=Ft^^gGyIjh||mjEqXIa+5{G?O@{4~&)NL*UPhEhkk~%!F^dmUh7p zgx?ex;_&RrisyM9*zM>^uRgoh5_2rq2!&^O8qgpvFZ`TAj>C;W*#6%m6k_Bh;zp>! zuDp>U7Y41M@emdx7)(n$*O`=&iAqabVYn}?U^F!&pM{7e`$a6dY6eo~c}0NAfA_zC z+rVN2^W~DB@Kp2AcVmt}{aHxrKlZMtt){nI^xVQq17%bEui4pI2e?V+2DZ}4$w?WZ zSHD61?=DBkT?!A;D2dl2d2wcIMkA`CUcWSGZKuKd@^7`AH8{+0C;Cv!CkpU16Mt(d?1>&(T$3FSshVG5t#gc_aiJdvd%Of_-C2REM|?ygss z>GDx`Fw>h$xU7zi6tLU!@x*%2Ed;`R{R-4Jt+X20g)hqVRjUa!E7v8zHRe-B#acRG zL1HN(+>B2_+PHL;S)7|o|G3bG#zGBS0`hgL9gm~```fZxgeS8qp_ym;%;rm`vp=i(!H*^;ioO9h!Mz?>4V@NXK;V%QO%`k^HG;S^As1TKR@W_ zEsTLinu+j%+z!KAjY{IFGtz)pDYEfj_cdw*7>Hgji7g4cvoioF&I!Bg!s*Mue?O6z zU)aN)83rkgY|J{z44=oYcP+gUg#kl?UR->$iIccx!?F?RK)lWWyd8z|8B*@%!5@Ep zH(dVbodD~aStY>153N)Ss+kRD9Kcp;{a;K#j==!|HUk4sOwF`Ny)H^8*nN$jGcid; zy_DrnqUA6tuB)$?{cwX+ppR83@qP-KXl8DeP zc$_}QNQ8q_-TsbtngIU~>_WXvqL4_kmtL{)vnM_*nsu{|vh<@TR7>ZvOF_sF!FfrptOc&}VpF zHOj(FxIz1{bL=q>=LaRMHw^e3p;D%1%A(DqdTl?T&`*2f6*BRAB^QsuSA6GPRQ?X( zOS&834*)a*0T;WTAa9)Cb^nDM9q?IX!)%@fh}*Lil4c+!nctYeCtWO!MEFQuKbG(u z90qJVdDi>;`+MqJ*|xv;J-(PMtLEN-=ECc>9$Gc>+ z93>CLtZI}Q;~D@Fq;Kj|E6Cdm!E{Sn6bf~71Jvxi)gR1KXAGH2E&03=9-1Tra5HH? zuoT9BCKgkuR&M+(&459>PgNN&&~l>%IQE}!Y#%xkq5cpy75AKFXLnCusCb*`i z<+qz{H>2?x;!{3VgmP~|5sC|*ON$%v+2l@)Y7fM{(+2(VT$UV@ByV4v4gq)rq_Cm$ zJ#=)gUgCdTbOX?|n)QqLH+@WZ4h+CWop!u0i#&;R_hrLUn0* zo&xLk_rlGGT^Mw^okUuS<%VhACXhLTFnWvDA(odf@Emvmb_5BRIDgt^uSmJF-SqHa zOYX?Ol=2^e^qjfL*%Hfl6VdU0$#}{Yeqob|28BV#cm;apX*_n=%Xmj$v zyiO2y2Mx7sfxGRkp}G|KJ=S@MSLYF$%7VkazqDUw;R)lWl^H7F@7vc`oArDCMfa12 zI~Q_-ur|zWq3a_nmpU4?fw2VWT{Z8cuysq(Lv{QR|680S26h!a3Y7| zUx;O3Jra+F78VB29Qa7S(>5;%MYRBFv9%dzyyE;vxKF59@n`xM&s)Xl8{x?(^6pmW zeZuuysHuU22OeNO`^J(FEvG#Lt$BsOmx5^jx+*pn3J;e({WmDK&d8h1>obl?S1FFP z!4{1L-YB>nxC1!X(QJuc8&=cs6+2v@H{2p;>6>BLk;e)wVya}C9TFjn{pa><7joq< z5A7dBUTY=60bAO5?L#-sc9LW+{;QRWC$wLwiPTZc#>j&f;sC8|CcBdrN1S)In05dE!EU=*K=`ap{TIHy4c zHJEuC3nyKy9%HeVNB!WMSgN|eM7i0i&AFGO zP>iEXpHgs`^oVm~Hq|=6ZiIQJtki#`0yroIorR&by%ijlg8mJRI~;%(5_6w?fQ;9F z^_vs9Y=?%BJ?2oazqOn1Ldpu9;+ecl%0!>V8Z zjS*iXv&$4?cl-I=n#W$f3WZ9&x;RDvj^_a}2qL9RpSojd*R&E;O=_N}idcJk$=mX& z@!Fp674cqWYVt{ik}X0gfjSe|g@H>VVec9Uo!;kdPk6F6iJ3MnS4Nq5=q4k*dAp}v zz{bV}w+y}fnN?JEij|6bNGifUs+t=%0h6W(>19*%Sbd7zJWHZEcRGA49}^v2M69n- z+54+L+WA%fmY1H2SlFIh3iGlOAhjzc*48N9QVQ#|DP6XQl>m-+OTip;5)w?D7^kd6 zWI>SydCFlcwj6OR+sF9wZUvg%^tK!ndoLLoHG@}R$^+(8rLfBFNtK0JN`}fH(|uk_ zg+GG>;lxx_xaE^HXI}NgM-!^7uUg~Hue=B9cwHE0kNR0{9plV7p-_04l{=HbFN4I4 zusx;Rf^cn==hT%bP-MaNd z8F-t|8;msU;!HdHMK1179^C3pb#v8Ji9k>=8dFRaS^jp-)=382$dC|I4f3ilAauW@ zzC>IO3>FV__o_C-igJ3q#aN~U5({_RLzBj)jBR}SFV_YOpr?b6_B@MnWLLztk_Z~p z@{K7lDt~T@!fbfe0f3Sa0GJtwmz|6&@q$}J^nKwbu$0e@)@S1vPY14*!lj*u#{gay zuoo*r-iPK18L46fJJmp|J|I>%IDD20>al81oP}w-j9t$)Vwpb*nWf zqgt4Dg+mm1ueNpI`^rO_5pnNfd~Ja~`;l7&$IIc=_tD(87yr2&m26=-IxCgH#f6Q1 z$qg2{DnmiC!-t<*Bw$qgQ^!--vydC7)BAvqVYa}?0Muk2cWhXn)?Z<{d*(91J?;kn z^nQ4jR??q3T$HW{x3Z+5@b%JJoZ|WGL?ERV;&&phr3p*Q_X7v`Saj=?^1fgyqaz|L zAum9XoePh`5yZlxO(G>AUNR2(@hr_449sMYd+d6NhBjI5k}qdmGl0%2@n;>kM9|7J zyUq3XOGABarEHoCl)_&J|>yv!D)Awg?)&wql2ucBd z7%_iO!OOR6{J^(vqGI<;M&>;6iq|cHOpYZTnGY&&HYRA&%kH(&Y4V?NDa5Q-TpkRf ztiu33{l4Yc8^Ik})-7-}QSsqcBY!TQN8g&eO{7%Z$1zS>nz7(bOu_r_fi@|-diUY< z%%4o-=RA?nrO}33+oMQ)$LEdPy&asWgZ(f?K5ClGN4uIr_tZ0fi8}5xz=S+h)uPD5 z3jAsdvvj<-@fg?|{v14Nsa^*QEDD*&Q-KT3MV?K|D=C$F|JnMJYzzn~f_R>1{ij_L zmk`x!3qlP}b=IebvMIZcq3xHR3?eA_+3vnOl8Oe(aY`2RYArlhM~FJ8V{gE5JM=lA z4Vc;&umNY$OMlkHUBG+2DQ;aaBp<174*~mQwjOU!+eO}3YUoe2lF|?4DGTY~byI@eKwL zLG^0hC$W@jvp1=+ZMk2!>6eE>Y#Qx4D~C4ru)1}35y2GjM}6j5vmR?-&ujZFP8%U-) z8!S1pw)3!FaP0^$d)gE5R8>I3j4Wc;H?QerHs_k86~Mp9HIu|kr$9S?=aqLJ8>64- zbmUd433#U<&z9l0Lhu4z$DCesbvWgiC%%RMel6m{dvfG4m+;?$)H7_a3nO>;?rP=9 z>UVR@B5#~I8mdV}B`5KIi4iqb7O>14^&*67rI1~8`62>i60J&1e0kb5zFz{RdQ%i7 z>v-r@?G+otA(vVgz7P;lyX^*W-UwX!LE_@%;ilnNn{&lTQV*7Qs0F(`KkXT)zk!FW zHrGhNfZK^hvpY+7PF~>D|7p@4Qp%6tIsz z5zIc3SMMKu+^XsBp5rITo40RnOzXMpGwN1X3djRC>8NF509}5+iY@9j3JtCBkeS<< zk6wBsAn?51c)L$^Xb>XQ!pnbIGAXa6)yFBxVPmN_B+mSSkALk?uf#~n=N6!oh>MJN&2Kt%eRLmjmZZ->j}jpWxArQx4v}4 z88|%IM%p<#0CnTz@ptaxIYUaYv+PJR4$fm|`i*WtGAhGRy)$Avt{pU zZVoYkFyV1FH7Nvg+|{ypn&mo_WW@h*8x7pd$9jIj#vQxukq3*O^L^|;Jhcib#TE$R`n`+()-Ga59BI14@3(+(Sr}9p- zoN9fnMOS&2Q1_oL-z|9U8c@s28SvqiUo5@ByY%R1QkhBf_z<6mKq<6dVwn|YKA2f zSbjEJl`PP{PHOX-)e9XVG6WkoZgJ}g5!%;#LZj|{I#jKWo-oIk?Edk!Wa?MKjLK|q zxy&|7#FoxyK*ZLxvR?+Y3B&8zAabWYrF&j885n=V{>ZTvKtU-_{Y0vx@`mmj}QInmLr* z=NT#ls%}1G7q~|MLW9BKsq=fIdm|A9ea?aC+rh1UYreF=`=3x!JDWb*B<$#IPpE3r zkIk@G?ce>8Y>>peWUya;rfa~t z?(gzbBqVED!#l;^MPMT;OZcQHlc7YOV3vza%Pbblet zO=P$KE;!O#_w1pg3)|xQPc#w7ZA#4zA{iE0FFlk~E!v_8yw|tA_3-C_@6Cw8vn2_r zo8QYnlkeZ|nu>gv{{fwk1!CeJu(-kbyCOgRxy2N`&}#P+EcD0SI=e4jWxBoZtm0a2 zMAcW+XAdvRZ-btVOhd@}*kx*T55X`Rgz80w_0NwsMfMWzW=cC#*++;k+FztTH-84M zh~v{b_Q^ahOt0u&aLE!{8T*1An7&(g-{*l4qJzQxLioSxJq2OB1jv2m`4XcRqaIzI zZ&jZz#WV9p?sc&Ah}apDSJ>22jmE8ioc~RkB z(4_ZYK;MvYeVmDlV1CiF#!f{RdC30Mg6wH}wn7)1t0I-7Io)qWqtFk*=RA3H^9kex z7Ekma?S5DMrqF3X1Hk1rhO%uZoVefvuTy=+vbRPLWVuce8H0|mWe9QgmVVA-A;J{( zL=$mu!14Zr?k$C4jXGKiz>#zJQXdk+Sn=Doyg^O*#!FS(%a;KC=7LZI!sZ#uV2-&t;ff`uFJpZY#MhP(|+9b_AVtN zhAL{#upRL|XHIw!FZ$n8_5a7!S4VaAJ<-zLosvpQcS<8A-J!IAbf?lC(n=#GAT8b9 z-QC^Y@8I|M)?4fG7i)d$-Z?XS_UxH^4ivD;xTJ+78#wRp?G_W0zj)gb%Sn(lwWxI_ zWNiSPuEV;v=Toalih%B#hXlC$4*0zB05ATi)h!QhrCmg<=q_!l3WfWHfC3C3-o6P7 zyOpy}XM%cpTb`8QP<2WhXUa;x%bByow~yvFgez7wg0lN%B(m}n_;B~NbaiHf^1h(Zz$Djjgdh^T1oRjP^TC8O#J3TjCGkEy|M9qF#TEECzq`92JFd1KGqSNK$97? zWZlpjSI+V?#~ub5U)8?!-7n?gdbu&f7QP#m1k|}V-mVrEe2QMR$WCgD1P9ds*8Tc- zeRU}$D&Ii$eje>%kP|P8+SjJ-FD1nv;>fPe#P@qt=Q&Ui&)<}m3z2*}=y)H`Ys;sX zUw9y?=fqvdAIM@=-g*cZhp8+sNf(`f8CLY*ntq+H)LLhNL4 z@+!E!PGjqd3&9`8sYK~bY$ksJ_6QA_i>1F0em)O1vt+QCE!vkQYRJGs1niwIj z?4gtXD#!G2{H4iZKDv+?nbH~>-k}3 zIxCK@-mhu{5C_=Avo)I;R4r;(j&(&5PP-S;t-8`*`8XUn?biOtI9^{0`g>E=z$D^l z`IoW%C`ut*p5NoFJdqR1VH*19qqg^;8gg`UDjOHpGKcY&Q`9*L%^F)+CVPCWu7u3nXF6iqs_v8L_RcB%7JmkuIz*{yA2`~0Goims;0NtRXHBnk@rTAl z3pBFVZQxL|f;o#?Of+=G(3qQ>tI9qSi)D(jJggi8$5s?|10dCK#U0(D8Pn=FO04E^)2 zop^M4>Z*x=JwLhjY;87jKvR-elS2~!VScCl`x=G&B^YwJOQDH=5Z~QE6aDsr=a}%& z$}MP0Ojc4%r(-0~0D%TCRQyifWLg>mOH7T|_Tk;z4J5iPX8Gy>ctoyKx45Rv{Fa{_`E(|HePs7I_f^R}=;yQ#ZQzDFT<37HRp%z*Bo<)SFRevd(fRWU(e@kU2D(uzbkr`|`4ne*vQaE(k)@31`H}FeL@*=0s;n>41zU;Ll z`|t%us((t?su7o9aO3at%o#(^GrG5U`CM`<$~r2l=E>9k>l^=3R$?YGKXrlodNH25 zk~vG3b^>lirvhxB+h#u=4`0Exh5bDyZhfC4YP5sjCvHnqYEJ7mA4pnDLxfpAHT<~} z5qR8(<|!>~1E180Aar9Mem<3ccWk0cdz9!7%^#eR6C*e`a%i7jFmx^50Wj9xW2Tw# z$Nud8KB^F#NzFGwGW|B>4kr zuu=qpV(H;(_IMS*6{R+|X6YMQ``>87Pq$ZJ`BEUs*<=E?mmbiqnm%{_>W2(Z)XC^R zPJb5q>q%9Lwmoow({OX-^J#XESHuzDAEF9-rOeC%kh_e=q`g<$u*c z*!wxe_4qhlZnp`M!e3YGfD8W0$B{(mXo27;H=03QqnjM<@XtnSddij;wF7N@+LzXC zvIO`_YfB@tC68hl7oi&Jp5im(3ci!I*l+OYDZEn<$#T8`Vz%_UtR2=S^P(Kad_0V* zW={LYy91oGgF?nP*HE_*ObP;fc^dL8eyxw7123ZjNX9w65ty&m2AJ2wV>0#t8+21m z3X|u}lpA%9IMr)CDs$4X*+}#yfv7#%C4Tnq{bSDcSW3sEo?meV?Rh6BVD>ZWjZ94pGd7Qn&2*#We=I22Y0JW0z)XG{v7lfa{PlwI zcoureqY(yQfg5@5T0B>TLH~Xqf99%K0y3h>g;#IpHtIZO__L~N_?YEqXq!15xRYM~ zoRnR_sa~)Pb8p3o309UiO2VQJPB|F{t$y6dT_rWhl^Oa6x<6Yr71$nMfhY z5&8T+dkoQ@{No2#;->TUFRRvpK}j>x4{PXA{`G_;gj&6>d+}sJ;NLI}oVCf+XY3?wkaxDz5xLyQRua1%};T@TRuL)-pOqYvcNLz{y^|@P0Re3eQB14V!>CuUy z?C^=Wz1-&oCnE3qOm+D*NRLdT89ILY@WUo1qCoZvDOUuA_HTBX9VeDarG!E_#X$jj zm`^#IDhFuXPiqt}w}fkbhE-Hkj1ci)*F3q=Xe1h$n?Xpu5Jv%LYuf>YD%1f0-ut^v62uD~^a>u2JU5C|@b$w@EiVXUt zkKbPxqWJm|evQfSJI|}hUi6|9Uhd+*dj(O12fyU{L~X<3r%EqrD8r#V&Z#JMnj&Sr z@;E)*x@Lx#sJO^%VvqQpz(kbMl>fY;z$CoLpzaMao%_*gL5X2hn~ez!M@Od=Wt%La zFTg0MqjzMRj&&zPg=U`)u7pds#$9Ab%{GRWHw)ts$N&~r8}JS8Ho$+iv`LFl6&|`T zz}hpSNC-|o{z-^%zWJBP!ozj@6qcWZ+m<~5P=O8_SQ{9+m$Dxe+%Uc%xajZ+i@W@U zYmk5UAS@#X&HOG*Xfgczaho_jpq>uA&$KkV{sWaD1FVJczC0G&Xvf8o601zlCRS3Q zRcX?px6?;B6)!dJK)71E$BMJ{vdzD>uOOkk1lxHW8X#%VCR;zbh-SvEy<|nE)k2PP zcQM8z*OfvmR1cv#e}I`oSJg}U;nI>c`Jt?Q)eoM;Oa@kFe|=U%QHqvRj#;&5X1=s_ z+ZY(bF_SzsAZfWR)E$E_*B@Uu+w3$t%2EZ!YTLBWZpS3h7Foug&x4z3# zw8x2`lgkDs?&U8fcd!Ii45u|5{BX+8ouYd?Qoc-RIPfQX)XNWyy}FZoy6AgsG(A{W zYfYiS3IQ7yA|Y*2i(nH&2DJxVB|ye`j`pBrm1&XQxOPh{oS(2QJ(kH?IrwX%#mm5j zbwZA3aIT;b9ydBi&K3xRq8P7u;35ex9cS}Y?`+BPb&91vxcPanu%!FYDY>WQ4pma* zMv<^UqT%zr0L-rt5SMC#rSmnA6xsCs{49k$$?U0BjU3F|6#w%kIb2XbsvJ#uRKLqc zHK^MN;nHnJx}21+v86A?=>wh=Y%&uHou1Nixx9e!528nXRjnHSK>Qee2gyA$H5S#e zaT5Ohz}zT`x_R}=u%pA>8R7Gq>P(FZ9#WV}>3Tf-jJpTx_sg{AM^I%%RnAFWl~<$y z(L=w2F1$O@-Fvc&#A<;pj9sr#W&MwjzOR{&OE9*rqQRnHt2c6%Vce_nVG^5Q;drqm%SCYN_e# zDh081lY>y+!8gUiKYg8D`^W;hulJ1)SvujkMr+{y! zTCYhdDd|jNY)`knWJ*+?Rq+J^vDYBAME>$X;j>q6LbaFFwK_XHLC*%(!s!QDpbEOl z4fjO0f1gaAxzr~-_nK69%*-ic&NzVYy(0j=j^N&|ameYM3|03RsFsovblfa&DR_x= zss}gaG$eZjnq)h$jshs~!l392C?-@%!@{lJMjo8%{>_{3Xoym~rG4A3@jED<&iKLZ z^?!I1ZJYTOjx7hULCw;XdvZ~PpOcYSTWFP4j)ty1C}FdpP!B8+PckyqzDd52BqYDv` zI6Fr;#w03C8hfEM-5;x9Z;XQ!N^(eqP5kZh=Pkc~2X= zVkQ*zp?ra++0CurvhyXBl<1_jn{PxuJvc^d70l%LHohu)xv2m=!{iUKMG=~!jS>=N z41!KI?gxwX+1t~UkAX_STNt>Ejk^2Ic+T(cXI|4VrC0=xw>EO)49S`T0vkG6prn}+ zex4_wazR`#Pe4@3R#AR}IQhsX7`7O~U)Ej?iWcmonD2PdwW6UHj4wrsmHMzUJ16eq zD@fEq0Z3HB*#oW`J!@To`L>km)jB8z_&ZwQXM^1MnN?*`TG}f>EN+G-0*H26d|c!& z$8?(XCqm=CiuB_~TK#csf66XW4odZMGlFumf0??g{AL+YlEJzQ^cU4g4W);CGvmZv zf+m8ye`{{DyB!Dn`OB8Kl*x%M@_(z2!4?lRUAcm)=|3kPsdsyCNERKi@}g3M##__5 zFd>xLzrQGdj5^gAY{@6%{BO93_PI)0j;_&f7KK2TGM;Gt(DYS^0aj-6qKNxLt}wVw zK+@1$*m))dNW;k*++J}n^P&Ukd+VV&Z7R zsnXNSi5s{jk;h_NPiUrczhK`*__XSBKVwc-c=V^T5(sL{QbRAUCBucV8_7cthrx&d z;6LwBP_@g}H`&utFCoaGtm_WDM1ltMG_B%zs-3ocD*z8kQl%j9Q3WW?^I^ z9Ul|EFa|&yh+zR|$X1pD8*Q)BiIY0R3(c0{dk6_oyQU@tay2}zDUd8Up|}V+BA1`B z!Iab+UwVSP0JIUhgij2S2SNdb*4nrL{t4;L)J12MS3Hb*LWl_kgfdGC{$?TjJft^{ z5F5rMXZs1U<;#8FLR;NG=xNj5o|aq>#4etG2rAO?_XP(i zkn5X+3jUgurin#Kfhe_ny8NhqmRMP-db1_`emEwEgD#;3m}EnIUr~KVx7MM`)d&l{yYWb#%$6e=qniMm_bE zfC|s%CNUc=?H{!?b9yGl^Y>Ww-Tj``ephVs1M$)0&|y-w_>A9-zcJ}|W$clqHPBoH z4zV`4>A=}THz01R|Km6SF_~OVSWrr|Yj5I3xqO|y;XA%7>g9yKSLgu|9;Yd-5Fw)O zEwIHr`JuOGZpki{W8LdwD&TAN=PK9SkmG%mV=AE-!BBU~0#%eRDM*W{VomsHQ~<1C z`^U>}6S6)p$GoPFhJjeap4EB-clWl{D$*dKxL@@1dxiyT>$rh;>4e(~T&oMcZy>(X zD@P6-@BkQXE#iF-Nt&pcN<>+fNW@A&n8O%1Y1qv|b@S3GOI{|qsQ1d&%wD|pzw<8O z?#Qb2*HOp-`X~TX5;T16H*p!!(w)-7cl5T@dE}7knFB_IfOt=J3H>td$SN-Iv5Kqd zZgML(fuI5#oQqZzNSk1pSJGdw{T(0Y^ygr1#aVy7&$;yb7XsIeO)L4j_Q1gCr*%B% zkhopL-%%2h33xQ<({6G<2~?H5X4zdC*rnjX4IebPrtmJYa5d%>3{#nB<$NPf$>bh* zu*crqrY}8@7#^AH7~1GCJUH?zt4DWIi@4c16zpN>>k7RLgJMdT`7c(J8+IT4Lv@wL zD*W>l1RV}UTUt@FQ_yJiJxt;G=4-M|Z+1}WV&`bUIzmC*3-h7X53YKMh`tGqPzk6< zZ1`*aGc0KaA-%s=&$^Q95@?b10=I=;uG^Cp1h24!_V_TK9DR{qW4T>T%rYK~nPJk` zu6&Wq4`Ak>G`2@H9hPl{Ue*bCTRn)&QOC2O3MKrZX;?7jdKae=Zl4>uU!PmRSnT$e z>%jFECGBQYKQ7hs(!-~9$oS(cv?oq@+Y){oQLko_!8Vpra||(~FX$;~!yo-C!!@OI z4D|TxI;6!dYv>Lv=_Q{ezx>{g488tq^Yz&~PZ?Rb%TtSh(VIjgV(R+3)wrmRzPsd{ zf+Y7&)0m~a2n3uFq0$1=wWjTAei1W!U^ufZYu&+(6hGZVY8Eg z=f*V+7HCVF`a*t3 zkrY4>-u4J!zK!(~30CxSeu^tZynJM1eNBXv6Bk=-;z;eGr-p7us;-4D_6KeI1E+^v zVaZX~4@>*eu^v?OXz31pS%n%`A&(GMS1$1;%eGYveJm-=wK3831_w;^XWO^i`U0tP zmt~4l^cfKv4t<*(lZ2S~C6Y#|nCfBMjnwrYsiP?vY<{71-Gq~?fnEuyMpm{Gtg%AG z^`R|u84~*g^o|eO&5p@Fnzkf|cl|JZSRPJmyBlP%TP!A~i2cxv_31z0(k;k6##XWK zRFW*UELTu9nDqa_QoifoH>(+Hp8 z?gj{mN;8^%{6vg)5-3N;;(6jmxB1Xk_ zR^DGE@E5GP-TCBGj?Zp>(bC4T7q&N5=aDfBox<%E{uKR-o;V)RNJiRqt777M0)I`; z`?mC+^dBFf=n#JCe}}hI9ITq?sTnC=&o6$yXdFoll;6rY`U%WGJ>QhtZQGsAJyfGK zys_UZK;lXmJdna;yw%YPD))k+;J_cRIHrh30o$2(ThO!=S4m~1=B!n-;C1&13 z?h~`umQ%cHO~mswZ=rW3e)PJ~VNc3Iy7LI|O7nZf+qwuQPyB?S>Ms+hrm<-_sa8v{ zQ<3rKH!*6Jp!sjkta^vw#_z;D<<)#vkf=Z*qKpYOq=(1W7Tyn|-H)~;?e(WY zq6X@wcJG6?M12heJggdxY-a&&S&B^!n30v^*Wx*)G z8RrJWU^z&_Hr&-zg9d=p5zg9aI>^5|@^&TkzUY^)*&Vu7ESOCd;KYTJRlA{MqWI3+ zSo=*cT?m7yIFz@s&t4K@{%DS`eKQ+7+PdLePn%pYGF8K$VIN5PCHv1 z)V>S09;{7|!(1QL?bsY^1bRTu_6fN&~F&@ABjW3I7h9h*fKMaKD z)2CXgJ#PrmRRjVDSeOvH(Ujf#C5Fw}yz9t~8*%64j=!eXf8i6p39$zT)j)osEDOHY zCz1ie%Ko20DQgP;>`Bmg$*A_Q;465NElwnf2_h=#4;b#(vujz7g-!|%tNkfsdrP=J<1 z5-C~sFJ;zH{Jc;5hn)kro>Y5Usb3*JV)FbDj>uc`1UN6UKVO7)@LUOn$Nv1}7!otU zapL?FJASjNKSy4US9m;xFxd>q3oF?^jpYKat^J8imB>hMY8}f`c?DVH=X(Wm7O1uZ z=4BN{bsLE0kM#VhC3RBK@a6p4*!^L2=!czLR>Mmj8XHX@0KI^19P(n>MJ>ZPT}Xe! zwsGPDVYa#Jx-B1|i*!|n?{5{8&GezNx3C^YBo0po)M$ED##$(SP} zW(VL&)~A#eNRCX~RY%@e_r2*OV$~0Y=zDF! z90y-3A-+FQD)f9zkV%_(J}h3kW~T=u2jZ00c}7OXn48<4&rS1}-h`kl(2-6yA9Z$q zfQA?%J~037rO37AxhXmQCWIV$PN}_@9{Ts%6Ew^F7g2-vD{H+;*X$V>J^#q zGL!0hT!rO%XHA!O-~Oqx8s@kG;Z3b*pNH_z9-Z5$1E^0qB0ySJFuN4jPW{2_zIRV0S~t2-RLE&qs*qiIYQ8$-y74#++Se>CcjcJ&fFpjB z*ZHoOHlE|Oi5p;Ai@&`z=uQrxFpiI^Jl{jzg|~S#_36JjgcZ!sDCPMuVt@EHb==(%1HejhVc}pfdk`}a`!|q&O%^1N z@6*@Yo!OF_)qU;>R86`qqB>!Y}w1%4vB~Q@Cy{;aYNE<*Pdh2rW7DBwc zlwSeuxZoX3Y@QBr04`=*nhnc-I?68e!YFyZL^gdN@;BGJ;bGgzw?cjZr%YgzNXRWOE;%H- z=oc;!2$*&bLBj^=Uby(9sRfTm17>3q2U2hqir1_ zvyc;xWE%O4bhk$+B7;>hW47%=JD8T<#>o8A4jN03%1+4ZkaO9_(Dyte;A@tPTArGS z+J3Sn0Gc+(TfgTqw#LM-5R$&--!C7MA=%5<$zx?bkHfZ8Qp`{LZifw_$c9i*i5NU|b{OOxeU+c#9vmck_6Z5nv! zUxh!09oO3nG`3z}<@xCyABmX}`#_lSG@SQIxn6OXC?X>Lx2nG3kJCgH6lbf%=^}|4 z5~EN@Vxhm!_!@2(JVa3GM_yaR#KgWapPlOq%s5O0F`2wGuo}j)kw+!uW-37ahTTud zftr+$!Q?UTIAQG|M3OqE>m4D5gv~I^-tW3k)x3{$L9@o~g&)YScYghyPkE6MBM%C? zifVg%`U_alf}vhfsgH>vTBYSk`aQ^l6Qk}!7faUIY3`oFSl_c&oa;x&O?(%( z{M(N@>MYL%6BcdtAT5|&?4j^M^(Ew0jT0nPBI=%ir!*=9CLvHRv_=%i+YjCq(;t6z ztNA*vrQ5)R3h%7OBI`Z@`mrGfM-o5=t>oj>Wy0svfgc^4agl%<%r)uCstVDeX##x$ zpW91Fz&$9q6kvZ2hUD^5)$#lO4EPdG3`PooFg4j8UFgTB3<+9xU3}S6ECb^GQv|Nt zWn)XwEkoSH*<1Gb2hKF=Uj{@BWj?-Uc#&d_-+wORTr23lqM~9z)4JvBFqfPg0mYvK z%})rUv zOnXhxiDlvb4I;EP9!O$#y4D&$?Mav8okPDra;0UP-gk*9XQ?@-H5!jqGwk z9*^^6{XR$q#zI%V2Ie9btV)53c|ya5y@Iv0NHdXixEZtA(8{ zG?eSF9Zt>q_nPYM1@_~q=O;jEw)6ciC#K$TeU0_f^C5>3&Vj1EYPVwqdTyp--^Z#_ z_Gh5^n`$9JC`$Cj#1S1a0ppO&_@JY?zC|BY}r7AIbNRfgN$KjM_?!=Cf%ERD1NqeoJrwbc`GR za8WU(G~m4SYX|NIZ!zv?5nV5*w0io^7a`$6M`E<*^ym4T$x#Br;tuX3trmWRH;Eqy zCu@DHr^ihUP2pdtX+qH!nH#fsYYMehLuBe12?Xd=ZM+p+9h7$&_=%aVA0RVo8Ep`^ zG0mr)3aF3Hh7)zY@SkQUv@F-Y_!Fhy#x+j&q9xOEqYtX$EEdC2)7{t`R2>QPTL?^V zTg*1QNR072K3EWoP(b}%tTrE`+be1Ml#ro%vzjsb+cV8f^eB(FqJfM#KsnUk*qR(S z9Y_ufbzT&|##)XC5qp(t*1vVe&PmeJQW@8Lxfk8KR`_Cq4|oGwuQzn#RopK+k)DL=jr?>g^X7Cg8GzviuMKA$wNjl#{|06_{3m12V z@zLa%A>ub%(A*-FxCyDN8>=hR=db+-NLc60JN7sReCRp(FBvJm@s*XpcnL0Gp8Lbl zOO&*3>4d_VJ!zIv5Qn*1c%LU%u;9*<=?x8NugH2T;~aUL({X6WPj9|7K0wdNx4NHu z&FTED#7y}YrZ~(c{v00hmN8DPn!_duA>n?VBdxD%oo#(TLOLj|YMLM%@N(~_(+F1r zZSatXlrf5x)Y9XE%)eLz{ZDBOx&~OF1u*JIodGkrv%b8c*J(m<8)WH;qvOZp%c!?MR$`9Fy(nG@kN(Z-sp<#?j2jYjb1D%I2_UYwq&e=Eq$=!D~FG z;g;Wp_O8_xwr+5s5o)_9Ehr1)%5EC>3gkIjZ zb58Hv{lokh+U?ySY|j8@f~0q@Qo&};vw`~B$Ps;tkUDx{z|SY0KhcImpb-m}nZ8P3 z=ZmyLSZnt4-&bJZP-?bTeWqxEE1wEivy_pPfqUy+Ce9U&EeOno#}T#z_hyvTFAL1bh{>IC6)?97PYS!^#1CE?^;K@MK_~Z)w9_SXOcfU!fsXsK2j#C}yA%tm|u61Pc zsmA>^DouZ8SC;5wt>=L)EE&4w@0aA+VXtag(&X<)%0&!Xr-ec!;p&rXs(Un04Kenx}|I^w6xm&ThY1 zxzwYu#)bU)x^SC{iGl-NTF&nc$($D@_52gx=pIMI?)$+v$Z}%e@-)(hUU^(C(}A{F zt&>hdrn!=L%}>_X)L4k+6?x!6GlpJJZ2+Z*1yy_1ISK}12a7UOHXLQoTbGHOZys(0 z5GF8MT)&7IuZ`yP3o3+8DfZQ+FW1;d%p_&S$l%}^F=RV}Bb6wD2FO}wkj^N~lt^40;YGFW zHw$OtPclmM8VDRBgMBLz?MLE3#si`Y&`}j7dq8joY*Z$_kFVXaAQRVd5FTjf>M>Rp zw~Pa#2i&647GABLF{U{VJj!vKC9+zQD6TCAX8rkt>+ zrj`&%Bp|FDqw0w5w2}hfco*JYsx5is0_L&Tu&H9ANe*4`B1$TH_3s@SeM^2fpnZ5c zyS3#uQV!k1UrDoB4n&x|K;QcD8ISOY@cy}c(&1!+K^V=*@+GBtqc2<`r|=7op%*CA z+2tS9vQ!60??wS7mqA7uOxxTaal^v1qgIi z<-4*Nd!GhzNg$U#Y1|hHNji*OqmDgeaZ5^!;@dkI=F;F!AOUv43G@jN{9;2aKlAlT z0niF1Lv_ro_KSoU_Mu?KjHp-vwU~)#ngvsVkiw5*+M^eea=^I6ix00=!(fr%=#8BA z=Ux+mr&!_DZ^z59jjMeOQWF0Xxisy=%g!kOw&77#F$Ft*nYmT}^7H>WlWV%l3KtWQmub6M}>D z%YMgA@(^PB^*Tr)k_H5Wzn%>fvn@o@Of3Ox5mu)op70+eZyZT1*8g;LAd`Lz&X-*N zw&)-E5v%5lP|T|4$h$A1@UqB^dQ}jqdY8@j6t7nyha~ja4CyH;DHoNGeo?S8!G06; z42Tp3kEn|qkCn6A`$vvgsnX+KdHKM&STD7=X>7NQ{q{P(5bsh_`qNUrJ%vQ-7o6X< z8TUn0iUrY1K+?G8jyMOqiV~{;CQM@}sJc05$srEuwfCKKI;ILHCg$$8Y6q-p0)u~~ z$p3z1Y#!`*WaMIqUFJN=_bbO3;eYpLT$b@oo3pHzfVn{k|66O|;w%xcM)_EIL|kZa zu(VJ7CQ?dhFeV=y_*TrA_bT*p;1ZDBln{lyT?8Y^_^2FlzI<#6GZ11PJXIyChNSNP5(?)eU%#40&gf@=hbqf z1*gooMJzkm+ljx^FqoOqYM+||(+h-s{q%}S8sWd{uVZ3!41APqe9)6*Up0~hcg*cC z6n!aPT?X4^lr^M4;o$dxv(;M1pq@m8Y%d)HtBP@{l^tkt)uQp^$=Tl$zdxnR|NVRF z9?Vj>>;<=c6y~XS@(l<82dd-J_AyJg6;p4R;B)j7i4VSJJraWQxM?dXOdL^q@tI(` z?*pPp5+?JE7K()vGtccx3lXx0$f2egqow@35aww+V@I3ozKG-Sh;f0zbJ=3`!{qFG z&DZ(!*iAB+gpshQ6ZG$?w_c3tE9QstLnB%z_|V{xLz&*9C)t2`hs5Q;s-y}cvqmve za2}1gQs1_O3Bf=}cK_ywu(!5~KL(d6grq#07>yY`M9X5$FFsh*^MoP)`fAI@X|Txw zv`+IvCVSKuDdL8wBdp?eVe5ska~h`ohQI;Q(3sdZ489C_T|vI~0XdKE;-U+Zl(4$s z@#c=52NUmAONZ4R;}Qowh#mHPnmd#|t^Jv_FF|%^J+*M#&ZvkTC#QZRIYGkISclAl z@wi9}bM4;jN{mW4KhFyfa(< zb3};2^s|Z%*WMV~s=5A79Lui28zOC+n->KsOKXL&Z$rn&-3pwYQ@CffG+ogklanWsr+x4yW6^S z!WI;rx@7b4%^EdDUJ(xt_ReC;KJ$=~lK!{~jLj<{PH5t7ZsoVj73O}G3GL2d5%Fmq zu5Ikc?(4{1J4o!jnAjIPv5IZIL4FZXVtOHBCIUG8N$9f;V& zU0LymPyBM!)Y8fFI3|~KH?5p9^o4A{UmKgV~i>6sJ zTCiocn#boM{#YKTXb<&n?Su1L|2NoLxqFBy%MdK$wRdRWDio`)j|?}j9Su@9+}t^o zmY3o1VZAK5QrIUE=wuET8x7#$8A>khWQ!h9QqE-DqV!n_IfY4P$5#l{%kr=%JAWbo zs!%<8<1Kmm@QSb1kZ-JWT<>`v`=eyq^N|K%_jLW#tO4`K=>##nSkTz$;qGQ9M)Og`$pWiL&Pb=e{jIeH!Z2{*ZfRGhN{2c9mrOt zwcFcq>qx2dT?o1bvnvRDM^UWfffOv7*SeIM<`YCOuCuM5hGr-DoCtPm1K~v+(m_J; z0e0P;-u^ zdepZKs@#)qN;ykR(wRcMsv3An4Io(GnLi(04xt{As%~4S=s(u&Tj47y>4#jBS&PWD z`Ta1mh$lKN3ki;re}SP-J2Q}X50k;#x=KwX8bcjf&%p_wamD^+`n@+pB$I!TiNMj_ zH8|;y>&;0lmN;F*1g&_XFRxE*fqXCb{liz9gktTFCwT5e5peK6p&ey@c@c5pb3cd^ ztyl9R?iJOwnH+J7L(jr0@el{JIG|q%S=YF35wVd86!AWtSKsT<>%VQyoSQdNRj0LG zldc@P#aGZ9)gJk1@&z#+V)zFs9Yjm>H-2S6X@04*w#Pbu5kdflbiMc3X+Von{F73P zxJ=H>Q_J^19wKe~Cv6B}Z#Amk?!BlKW}J4hWXF(^bVK|A9?t)}?#O@Ftq;Lq+3roK zQaCwNamk_})%AjfoXMYOZ;mR`<(i(iQh#1!kPxXJCxK+96x+^XVNY=8fE@Gv1R|vR zJEqGa8aS^~r8}}t5MrS^^&wBxaWhL^Da2-M-6ZQOZ zy{i+ROKxp3gj1_RdP%WiW`795wMrxo>vP{4!a?xhI}v^|f;0a@ahjAJD@c-ha5@pK zuUI%K-Iy2&mV#ny0yi#Ey;548-$SR^C^dzY#cnG9jo$LyRNa&jF~8+oGpK_1yCdd~ zoCmHOR}nDg97NXR@82+R7eZ(ZcV^mXe#p$mc)38tKeFgP{#VD5`}j79q@C2@*c!vd zdt%m4Thek#yrIqW%GtW%O#zA9KIA=f$KEwC|XWY9euU`2MbCvvd zdpJ*!_Pkj7iwAa`|9RaM^eXcS?83KT7=HX5O3u5*ob1p2^q@PqUgdL(=HZQzJ9xfZ z6H)r`Oq|J-S|5?v_WW8pve~W>b@@dMM9b3abrmWC}06yzRFfX!H zX+dUs+cPvU=@AJMunj)*OHOuqs(@?{CSelG9l#khao{w@Z)O7szWYZ04klR6U@9$@7sk`Q0lQTy7{rflS z56dr>0cL6GzIodp*p%y*cPgkvRUVp7-W4nF>waLw+xOCAXKy0;{@G)~eT{^}V*QDX z>R%>7HO6CO)MiDeWc5kBZ``Oa(5!bS#j>G6{*TD#&z5e&AP$XBllE&6H?fO-@@D1o zZXn&gW`Bw6x-BbiiWshk!-=erdi=P){!)i?k%#hQ>K7_=JwomZ@4DB>&<6Hjj!swk zIv&F+-Cxhx|@ORp-z# z1$}aZk_Vlx7eoY%|0@Yv-EL}DJEzmybBDdHa1W_ zroSsNs+vkTuSL2ycu#rP)vrS&3Vk?L_vbdeC8&TD#KqUe#W^~*3}N8zDe{Aaq5K|K zcK3772SZ0yf(WZJGRaG%_cayNUp4907idj0&_`!iB=~56dPGy(>7AQaz>wv|!F;h6 zJ0_uu+yo~K%zaDWROz(*%X(-1rTt~Vl2DWqWh49uISF@UI+O63gNOuVTEyzuvYiOG z(y|IXKCCJ>_O0-iuo5}$zACCK$@Rtf{Y$>-@p(dG@4GN1dr-^}EL?W}=tjkTZm2vX z3@3SxQ!4j7T}88cy35elxl0g4V`ND5^d0a1 zGsS;p+}K@d7G!i<$R7Tk%FuvgN$+(2d=dqiwadK;swEuLhEk9-@1Ieb4Ng%c-f2TL$R3PC4 zA^l=x%Gl9H7Yu!OOA2b`qlRnhzZvBJO#hXiBbwZbf9~V$-uCEd>rjRpzJft#6!En^ zg9w(mz5--jOY;(IjHdrAvs^nj*_VLd+G=JEI@08KXuBpSKPvF#T3ax^_DC59n7iiG z_AN;Jy^^BHxDNt;<{<;X*h}5sSPO>lCA^HJqmS3F08E%WiTg-K!1QgBuFdOO)i<3R zX5EI{F7SJ)^Ja<&cujm#`&BAfWGk`FUMl;VhMsJqcb}KNeL8+o^z_rU%!0km!nGWu zR|BTgUn;)h^ANewM}Nl-gXSQxF@mTR#ml|2A%1IZa(!HUeRCCitdwNH=tvT)tgak6 z{CxYiOP=f-okJHAY0wMt>G`;j`As_oT*mkKRn(=yr(Xu>DQ(yLE)_}NU}As7{Q;X; z4MQ|sO?U1r@#mXzLv|0LC0z`dGwKtfmDL=fL8JD%CBY{L6fFre9i?J&<@%)ZnwpxH z?vS&)zJ=hMXLsDk4Sq4**H2y};QsDVkiLa^Y-?}hY~WIyCS36g2S$>9okh-T8>_og zKz(czWpyb#Dqj5~zMSuHuy^}2Us-+9;fe}8sW9Bc0|1Y?MMccLb#WfINw0y$dCs=s z@pyWqibfbCcZ!bhjID2DQ?&bKWhvPR^}UZ=@0Uv`fDkdFB&WRb6nnGmGA*XBO8Gz3 z^0N(sv#>i)5JEkM_|P~!ZO*}Sqe2}?D)6O4RU9>}9t(ZbmoB=m(#B|)cqhQ55bs^F zx>$~~80F`=>e(6DYE~mqFX)&Foj<7Fz__m61?bQ+(gupF~GHOQj6(%RllTjr@g=$DtTT#A?R^)`rzwL0y{* zXnv9(2$3XmuqM?equ>T!Eru}Rg^`26v$94j=peyLhG9#_DMw?IHc{>|#_C}-j+Q1P zO_Uy_zzQSB3b8m!(om&WRHc>LYjgy1g8zZsA=!=cy&5HR`(% z*7{76(ig-G#Iig*v+X5e+<_5f!5~atXse`Ntact)%}ld&Yfv?DxLT{JIb}Or@!U92 zKh)p04UW&Q)PCSA=a<>OsY13(N{Ug*i}%lTwwgmXwd03k2Hp`lUrT!uWqB?}u?tJQtOW9juy+kphP`qm$SHv;ySPZ`;XTQx zmy$ARY=HY2`-dTHzUUvIe!vVD7Zvr6f_;h#*y!jm=T67f(s}51DfY+kwE0LDSKU{9 zt6>wc!YE5~3slxqQR+$WY%Sx;9G&DbL6}Jg?C9`%V+Fes0-DXVdk^M^r;P{BB)6&( zEfh-iQ`xWie(C>PogbsM6aZ$^sFtRB+O|gs12g@<D~&5{{GS#F7G)_ zGC@VEph@8CV3)_R$@a9_gU2aPi`#R(6@x$D^4Au=>X1oon%sH~*W+?{Ly6132~f%N z6;cKz{Mtsqzro7&G6SRW`7QiKIHOeuriP}g`RQZWxzyn@v0r$8`TE{zs7JYovE_?= zB3Oaq)#L_81g+OnFSZN!LSjUXznoXWdp(`dV_L~sZcT%wC5FR22wOfQ{3N*z1#%fgG)ehzGG_&D9b>l z{gvRzflB23rpPiuDCN~E&?jDK=`M}PxTpT82Z9_e9cF|3J7S3&QL-C@whk-Qlx&RP z5u?9!@*?D0(Juc60vCkkM(_yfni_Lr={=;D!VBV#{kYcrXNtVUx&#Q~)ILIggeA^AsmlQVl*5i{T~-oq)SNr=2u%h zW3X22IL7u?VVCp2L4kNlGTmd%U9w`zCk6S}IX@dzVs_j=+S44@RXyu%J&YVPra52g#VyJ1d(=hlAf8B?#6~ZAKY?8g&sS&wrK#8kb+*y=lwYJrAe4 zyU^i(qVZEtfY0!P}Rb|^zG&Hha+|Y5OaJg zi5Vi=O053EPd)!E8PSb2&D@T}dj4MjT*r#@!dz>iHF7A=5&9**hb%}c`_{&bYoka_ ztG?-A4%XS2VAJTM#_O`ta0QP7c!(cLk;@lMtih$DBwL%Ve2=HDcQL;|{~58g-N$t( z;?t`XF*MjcFg~1Vn-pw^KY23UIqEYjE(`ev`Ng}PDZx2_u8bgFK(|#4ij}jZ%PxlO}B6LBmsKo}SehRmzt{mU`^uW7>%lLtd{Z8nc2l^k;DcvMbRn~2<+%{~82F;TfqHH0uCl9Rx3b4;H9wCqNR<1r9oqMKhM#4*6b zuAl7?2X;p;K7)&aP&p#}qwA{nEc!vJhVT*C`$Q6oHTH=RmuMyq9dqx`Vdj`cLNa1i*T2Wb0%|5OXhbz7p z=r#E1sylM&?DMu<-ImotqGgfLNH42Wt|+ILVA`Zsa`+=A&wri)8du78uiE4OmFwvx z%4{WcU|i+Sk<|0AH^|P)f3cZ9PXtN8Q1CKq)Lfk;@MTsPo?SPS`3k&sc{;|OkEkik zF7>8j3il1^cdp!mdU+@e9$k%4u%s&gi5{^S6P8YM=QDk`>p6V?Q?pz;i11%BNm{b5 znV^9WjhcYbvRdTEz#*)ufrk`f{2zG9TwBHzC^$-t2yqHT7>Y}7z8Xy;R$6+M085~} z?$&sKc-?h|!9|2gj-V7I_e)KMvbD91dAu5J=WF})Y&Eu*HMuuFI~hGvXIr3(AKUKn zGGXL>iVmxsW!mP(2=Fiet>VIFeaT5&U~ew=w95%6N4zfVjxxXi zJ37w0<7JnAh?QI=VMW{H8gRRokYCS#K11&$rwUE{M~xKC*|@z<4@&3$8t@}}1kBmL z3{3wUP`+ROh6WEwcz@q8$7D^;Oi6eQPQfy_K96T?xdq)=tyqTtn3w~c1iaj8sqZ}z z_hQrklFkOOtX@7!TlDFUQkz@rgGuPppesgR-5*k2$oLj}0LVlPm6nZT}NCDsUS{ zPyOm>B%%0cGJel3myjfmBN-$EY%|FFhcgKn&v3gD|YYr+4D! zbHXPAu?Z#gMTIs{<``N2gS<@gZorR^uTHNn@Kh6}Yp-^Xj;kltrCu(!sU3x-`s3IO zQrFFf0wmy`f5Zqm;@`St*niyPew)`v_MTSskoqQf%>e_Sfn(m9zpxqev+t#JL*u9V zloV1p&QsOc;hF!uAP4B9(sZ{CvlIO%lo?V!s!#t*Pd`Ah0<+N{h_#(0T)v@J?kY8s zZ0pPf36WM<(3AV!gXh1oA$O2_No{o|RR04@Vt}Oo_j^}PS8Hx-G@JZs?_4m0N#h!g z28v)y_}klEA$a)zfCDr{MU6i2e1No7y67xx%kW7nZXp#WpWQqv7Cj$=3OCXr;;=ij zUd9D?S(UjFEWbY3BhLFAhXjX=^uN5wh5B#dH8$*5T_k@;WjofApX+QIrb8pfvIL!x zr22~_E*s+N<>{dLAhNVCQwQuSXzJ1eh7SS1S3z)0l=p6lHry!x_Xw~bLek_st*HJy z-aW5Znk7>3d=UBHNRa+7yw;)OzH~k+@!n0qOVWFh&#LlXJz5%X=V^KW?N|<0)KN6* z6OH;vnM6kR4w>mJ7A_4FBJ<53Q1BRckrawqcaQcYl)VucrnQBvlvC&IL)+q}bizJ4 zD$z$dyI!v<4JRm$rX=z~5)(UAZ*Zp*C-jX*c<_@~eb5sidHb_Favwiu9IjM6_;`f4 zrrs%{x%8Z6CpWUFCvm{oU#+-H@Prh^yin=H(qz*c8ha2tOqqJ93c5<}@{Zpe$1Ser z?jMNEnZ8PmN>7F#CP z<=)SrLcIbnS~S>|A@_yRjxEhuUe$&t?T|4r^&U2i>u>@xJgMj6etu*!r+qW&vZ zp)bp2^K!;UHj^w8G{4toz_C50g&M}&ZfFfFV8FP@k2%ZcN-){`^3l{b@BP1SLvKw zmnw{;$jO^X&_j*q`?QV54ck03l9WH~{5Jfj7sWOnXLO2gqJxbBhQjb{-$cXre2-je ziwW7q&KdvO`Iv($<3Fd^D=Mjhs(ZI}kwa_R;8urx(*8sf0h2=%$CcQw)eI+Zt;tkm z7?hPq)wdq}-14R)%a2_~9HbbxO=9Nvx{1N+K4-j-^oLXH)}X&`qRMQw@A;ZMZ#bFO zh0uX{7GG1LH=PHp^bl=gkVg9pb4{osIr%A!7I5E@k>is9L}OocSu)3T$iTn^Bz^B_=+R8nW847L&r9+;YTHPVn~tnRBWW%EE^>U5z2lVw~&zy@z?uOKBss{ z&PRoJ;9CLXfO7D;L>&b73_Xvwr5Oy!+iJXx#@#l(kuVes<*q{I(?Wa2Uwwb9gzUfu z!>ofN2fNGU+v_BZUuqIMI`LOF0^$y;6CWCvc&4?zt(Tzh@O?V0A3H!Y>?3(x6=ieWf3JqT4QS!jSl=h)d#Nw3zY%$TcrtyDNwbO9|SDCENgoO}Hp<0vY+ z4@7M~{9REbG@O3kdOqQQ+d3BegggDgP6oopLvnc6O^0`QbInhrE54y2=GvS}3PIlj z`i7%CJ={r2&B^oL^^sFhxz7=Wn2yMbjkhUjTbWn7s-!k(x*}<_V|X zp>hsEz5;QO2;`JN@gSj2n>rW#Ea9O89wekY_72L}Lqh{y%w4p-dx z40=5&VGD{lUro02C>ZBf4jV|}=Gv>r_T54Gjph2VysiPr$dsB6;q?NzbtsK~eXt$N za9MV9lvs~ADW4|{r9@z-r$0ws%N^Cy?tU$|nSvyQQuQ}RcPZ-EBCl8XwqCiW@LX#0 zfz0zV@4suWI33Shq-)(?+17Q1%7)Z&s`>mpFC&Tvh!)J4IG|qsl+b`U`IEvaAQg?z zOoRd!YPUa!2Y96smapiaHmRSclm=4TQ2tcV!fQv+joL8ja?u^Huokqq6@AZWiv~yM zc^!qN2)|9_lf8F9_j>ZOZTsWo0d7xB*_%Z!lQTH)e!IEsQ-u?9%lpIYJVh&o%d2rk zvzP%B$zd5$uL%{I?}UiC^&sE~SS{(n!dP>#;RD31_ZN|vp%ED`EhbI1ZQHD8bcN^a z&r|*PI@SG$Ze6*>1*L7QMQlA@^h*e}Qjs%x?BPaNIOW;v=2*xl0zo)>D{!D>n(j0- zHX2;}rvR|uj>QUc5r_4w?%E*iG_FrP`)L;>8AyQ>=PPT4M$_h2dli<%t$!E~XFac^ zSis^xJ^F*rd$WIoO7yw0RaDKE8(7|XBkA1HwFD$s|Hygh%bMGqD&wf%c&ZoZz(`di z=VU#-wy%{6c;Z2@|M^3v+euV3>d4LDogqfP;2zH-Qq&o_<-Rd*rA6R$4`RKGDefLj zMRh7BG4G+q8OL^}O6%nD=rx6r3w(=r0(Kuoc9*#77%DdxZg|qDgyuD3zj4y*Yljn*}^v{K&afV&>^mL=mW?!>o0dpEMMF3?!$ExTRt&pt9iZ0rB{jJhQuXY@QG z3}Uf(rhibjuLe(fI4V^pPZ5h1Di8{>`M3HRN1wPCpV{cBptfPeynRlGTl0?&0dw+~ z!nQY1>6%XATyNVK*IncG-h&mV^38Y`e-hc6P>5_uFQ{8%1+~;43Pn3I))ld2BFw;b zHLCVsg&QFym1S3#5-7RSB$nxhw7jdP$3B9A04b}lq_I$=(T64qE4}+~dLS;L!aP^2 z3EH^9OBJK3Mwjp^?e3N!GwYBk@ixViBM}JjZ++MGN2OM6ZI-+ zLZX2x6RMk?CJ)dqwj3MvGsp4y3lu9V)Y(|^`@)_TT~8FbV`N4)j@}S`%v!7~7MHjf zQaHmh^zdH0rzQH5c`hyr$FfgPb4m*`lC*@#um>*h`v&R574@b=&a*9zDR=mp5x1O$ZBZ#k@m#9VQzS!;*n5}@Nk;t_Xm*`wheBRr#ieyi68n*14r zX=AJY5JNaQ)mCnW*1|<286q0H#k6G+W0!@A*~JU^JZ>X~T?}GzA6svctVgDg+GHas z8Dtmd2b9W}iR`vO1ZGIv5Yczjhl^{-ppFpU;nmw3(|H{RM@9xb$B553XgL0>yAay#F<}UOahN{O z`vm)IXFKd&AHKFt47G9+BDX*;ou#(7eyNuDK(-|nB;1#?v1%Bu^T9eWlF$3gT6=zUv*`sM7cE_@_VndCi(j zo1+nyytON=MP45pC#`Oe)+=bu|5#TX;b%^Xa7n36hsL-3Zjl7}Yp)9@-^nWj2E|i% zDJ*6eBKM|a%RaV(8Kw?d?e@O43)cis(!kgXWcWR?F!h{ zL!jC(t{F1J&4l1qGmdI+lZlC=*RlM>uQVWGqHlJ3wj;`nqjO@0&@Ae)6mH&IhkVj38T1dv)iy=Bd48=xyk&-3{qE-xuF8+Fv7#C;N?82wA=QMu?EGRJ2<}F=F;W)kb=Kh}B5S0Alw+n8B6Id0_fvY=N{L=R4RXoj{kx$*K9jDv5$(BD}jdRWEp;dDp z=8#=^kJUOOId0F^B!@~>d!y;(@pR3}M|Re`?{iO`YF=|!;APbm$ZvVV(y8EcS0Jf4 zJQEHCioP^d3t@~{Uq+%(W$*YCxuGCmV zjB;8M2&p$^Y90^sg6TV*)|aa{^5PB*Ge;V7jkbcxDByai;oS~51gP60^Tf~)v|(0b zGbM8;Tw;vVOR>I5Uq~@0#}{&s$^I>OR7>I4_;7~Ew1e~_=a|*tWT9}0OMk{elU5z? z+Y7oA2nhe2$Jh#Tm=R*+c<;VoSm=Jqk)ACU4pQ9g(fG4B=fAf3tjv@0b%(p7SJGm6 zj+4dEYB;$KeGo0-oF_>jh)H>w!(oItpi%(cKV5J!P=M2&*~ z1kKvu&STUOhI2fAEgiCt^mRj8uo`8G($?77CFGNyb zPqyj>8WxFEDiM&c15*X^DXuIji&wGgcGMov-9vN;KWh2cH|N0a%~r=cF$7lClz{q? z_*nyPMPJ@rA)br`BRZ?920KZ9MbPoKE_Q zg0)ikICp{G37%`PVMK6+R5O*Ek((J_hmUBEYe7&wvrRTgF9ZinQC|WJ2i{Gy$q7DZ zgUm68FTh1%9e>FrO_*_0a20eZA~(((+#VZcZ~F*Hn04uf)wGFm@}$~a>kf4&Tn!s@ zY7umfmT?K@G^Gltc z>+(4&GJYjW{VaJs0#Onzsd37$yeBvm&lwu4(hX4rvg?K~(T5M=HwVK{YsD;3dt<15jq^4K_-t<<^%qR` zW~(-B1+ccC-z4TS-)353LS@lb*K#AglqXaurlbt$I#Yq@-e6<;seHo2{VnpdLJH4+x zP!kMEQn~%3)Z%KE#Fm2xOyszMS(UHAXrfh9zb@0goDHrFr-;c^{5puf&-_SfDy~t( zooMexo&|S@C)VHS40|+8gc{ln<}cW{fP;J+wyXbZqdyiwhvMJUb5|qne4z8D(702N z&`WqqQ-RR0sH+#3jTV}3SVgS z-@44IuScNj4u%(*-&mMhz{BEbvCd4?P()$ESl>V^@3u4~T$LZZ#* zgt6F$d_$!2XzwcG6^0Wikrno{v~xU*>kp$*)kT&WRP`H;OymekHk|M zf>8zSW*fXqM3qJEuFeI-^2bqrujhIDr2!h%y|!r@9(oc4^q%lc zAdS6)#%hSu;m-Y-*I+VU<6Xa)%5yfZ^+4qjvm#9yM@GSg1AgMR=Oi=R+VR)yIt7R- zId5M-hiB>8o=F&*YnQ9FNnhe*r&2QP=(U+EYjC+9gwMRMU~%@bYHN_l+^}?XIJDwQl=^9G>O054Hnl^9j*K;0Kx8r)xA34Q* z7DQlTKrY}_IpGkyyg^)TmiHAk`FP|VJ*&!=T~>sqj-gy}HBeiFRSiLEYk^soDX)6Z z9XN6x`KG44S>GHAR^SdT7aHq^kAI9KWGJ2&l>*E`fLCK z@xm&K^8UyqlZFIGRTjnyzZ4e`6+1npH5@AEwk&4BP+uRI8E#N64AS&Re!ou?ki>cu zcB#&p+%YqbKib|Vu?IldeUQi8O>y7apSckS z3hITKds?3fg@+r2i#Y8$k3`ri$2ks99|iA*Ca>wDT?AAfS-2b#75tZ5DZ3zF|J2R+ zGto0i^Q4LW_x`u5{r&@jd4a9co@ho?8GFY47IOE8%={|vqEr>~o_dnMU;dQws~u=9 zBvTlOA?p6!m~^{{o*Ppqp(&1P4)HHtzcu z^=p+IzGE{I%0C#8#jBL%M+%ovRaGr`xDGey@BkA1T$L-5NgffzEsV!%r@XqwjjXy9 z26*K@o-g2t5`Y#=O+7&OJoOgxs!H?$&F4Kk2U{68M}u;rI>0{Gq^ZfN=|`%Y=?gh41K!W14g+*2fhR^^jck z%s4%(4np}BBckB!pM>$t^dtjvBf0!3p4NzVk*QpRX<(Vp+<2}3RO2g!Viu~isIVGd z?VBHUntdkeZqpM$mL_nVS;R}hC3mrZYltI}ot1}|B&TDRAp3bkU(7QtyM?(|O76z; z^RcMCE|))zrWsxee&_V$8#b(~8$M#(HEFH%tda_Jte$fgzs2u7cI&HL$&*k&#}iC5 zk6`X$&Ze7#HR@U65pS}FhveG4Qk@gR7C9U$EPopgVw0as-3ye+`TC-P^9xI6_a!f}Dtn53 zJ;V!b{F)OmwrU4S;Y@b-4hlTs{!2BeU%$uv$D9e551D*JANL_lT#Il&r&UZ(P6w|E zy}CqlGBC7#@A{N1HuVb0Fc!DReG4u+cZ9sswKA8!aA3`Dbx*=~qp9krnr&|$H~nJF zujCG9Ir3P2V>e9hrUi#;6d8J%3XcPHLIF2hDWf>4++E8PKaICRAhj+1KmgeCc59ro z^E~K%>c*rjY2~}P0gdIu>6!7)$K3G-H}X)2y9FC*yyqwMP$-i?Rr9jXfuiJrK*xC$ zZZQvVg3w=%+M@2K4Kj}4HcCQLZ53B4v^FFpWC%WU_qA(L#uGR@ZS*}-8OQ| z(=&f3$cJiHeR44WpHYjb}mQ4z<@D4SWJ$`Ur2%r5u~%8Fu{e;9bl zpun&)s`3wx>gz$%UKKguRaVa*rE^po?v z+4yIn8Rz5ZpM3{?ml2M3x#hSquEh#jH;S@ie3o5yKz&6XAKBQ!Wo+C`hYwsAXWiYpIYrS>iPQ-%AI#23Y=zOD_<8(-c`+^Cv-OZgVuZIndiF9~K#I2*FUebf>c zcW=^`V_NDBpN@Bf!!~7@!|$;b9ta?BK?U9E4>UoSXgS1VtE}GlI052jWNnRDhdcw4 zr_j;_^`LI^2Je$L4J5wIPy}kHLQz9`K8fDb!NbS-j+aV$5#F~-v?|w_Uf9T#y)I($ zduT9caF+T>bEcaUyEL>bD4ou{{`qL~na7MJG<1)HmsD_J>;2mjcee$)kgwzbD5V#W z|HvJdkaU6oV65xUyjqsGJy0(ICu?~KmLFSO79i?Mw>Lb)9eHwto*l_2w-llV54O5# zTCT8dCmAmQZtQek0A)-Kr>d&<$1=am$G4q3%6cLS<1Ax2I;OTZ?0ZZIVST-zMWvGe zxU1k1`C&l+%iqR$soWQ0nsA8Fp!Mfj5#F47h(Xou8{>v4@{FyX_?>QU@!M=fmCwHY)9;c!|It)U{Kc~~treN3J0Qlk+(s0U@R zcam1pf3asVtnCvVe#9GFC6QWj)a0a9(h>xR3yC>@;`@G}#l*@O!4wK*gd+1gSQJ(; zDT~!m-4liXesT6j)+1ER&^UK9E4u*y!}FQNLaM(PJwG5g8C%@JXkpTiaT|LsEDH$$`deDPu&pbj~Oyns5?g4c-*6^`AFMJ%n(9c7^OM za{uNW77usd;39+VMH8On9896YB~CG)H?TFi&rBpDwmWk&p04Tw6hywQ2{QBVhSuQL zebA+!rc6hC*hE$Vvk(phS%T#FJiDvse6g^jNU`w2BwrHPACS1MtOyq!LU0G|_tc@a z(X8dVZUAH#E*^1i3%06BUU8cr1MA(?>|3DNz@K~u#R^CijI8X*H8SdYuz z@dbTkF!|G7DtjcQie~iP+De)H)|A2Ly5K=O87T-By5U=L#KDg8Cs?vv-2uUu6}ZAE z6zjujzx(L@Jo1H+WMM^S5Jrj4N`^NmVpIDiZD|CClIB^~!7`!!t6Y;3Y_gqi{M~l7 zx!oh#%ZF|ZpxQ6w@yhgXkIh<=Ti%PBGt>=5<0 z_|m?tPoiew<`y8+&Rg8o{N^G=K9GV(;r8VXt;-hm9fe@XXz6WuI*oy#YUhz}<^{@1 zF7&0zz@6rI#vjS?#^3b|Y04#>KM@@{#43D!j38gwVvsVPDZBvEMO|6CY_M^nEV)eZ zB8TJY2noNzBjFEp+%*Jw-+PyjjyfQU%P1)~HtMf8qCY%BzU-;K-r~@RAq`Mq&Gh%% zg|PZNg&-KQ(?IN=D_97)E#n#f!=Flpofs-kqq#*E{T8EF6?@86~&UQIK5h)gY z%bx5n9p5UKzZliECV1kvVZmGjrpAzbc|}R@1c)i&}>ZbDZTj|%Lk*I0C&eb zBoPLf3NZR^Jza0u*^yjo6~)}rM#zL7w)o#b%|gXJ_FOSqy9l6}CE6trRil0S45f-k zgqEF`O)QYv62zhBi2`5`SqEZwjgh6S_&<3SxG8~v(^JMqd{l_V*Z?IPXWdz^2U<(Qs+YNHzhHzEaM5C4-_fGnU|<7XJAgrwI#2QRS5KPG zDl7}E+iZ+%&0S*REof}Rg7glEIEcqmBR5rqI&#QU`s4K02p!Xu>1KqX|9vk2(dMJ2 z`&Ha<5-C(kQs;E51czeH+AEU2N+?EFJonZpDJnq;sW>delm2Uj0HXK@)}{!5a@qHY zgcC;dUWV*%$Ouk;XRuE^SaWc6+$Zt*sBgrKqtfz$)poB58ve>QvsfG|2S~zVK!dg> zDy;;PWWz(lSQ!Z@sfRWGAETxFOeqD$-=fQV$dH3q)_-sCEikPz7p{Ac?PW--=6Db# zbg=50==m}XyC}bTt<0_`7F?A;9slO~ z2T#(i=65Mo^dIn-8Al*#%LET?Y8xv-y#Yi6H7aZjppG@Nj`(QD195g6Qe!unF;R$G zpn*O5^U=)ymKqNJy2hrTQ&8z|`G=3FlcB#iI(w{aYgfts z^I}LodK_qK+cOlc;)*0 z36O2ZC}-~Yl|nP(ak{!jp|RPE z4tn^t0IPdZOd>-2a05b*x7H3`Bhaxp)s41RtqlUPxvS6j8D_Mtj-ZVdgCVNyIzBo& zYRrtWp2OA9T80fnefTO)i+W7eaBR~`IIf)LX2G1>u2K7x)vbgozkpW0pldfIri!;k zlw7gskUu?2tw)Pd0mT0V%)aG;IbE$hk>wo|#3gfc>R40rtk zd*{v5B}dZiw^(?YKurRJ0&_fATyinr9=)+!pOoh)X~{vZaOipE>vP3bw5 z9avoxR|wQe?tF~)heU!aN^5eqg_<6D?20m96@Zzr$`b#}Bz1sgN?@o#dqoh34<3rO z!u?2v&BAHLUe(UFa=@BUnNc}Bza#ZJmEyZskI!o1i`pwT@RM1aCpC!vL9N)6nq@n< zT)t~)!fE0L3yUEseAV0+s5*`?;_RN1fW!+VhdjTzXEPD7)A1(S-L;gb?HIuDkQyDhknzw(+H$G4~^^e+01td?jFq#G?41K zN_a07gjyxYI}Z^hQlai=RZWVQT)&ZtnNaE{0p5Nu*}m?cNyRmrNB>sy>UB?*WCK2K z@@`;MY#F!ZmIihT2?0xWb-V_1FV9VY(c1-N0&3oYVrx>mt?aWh^Xr3 z0HqBDD(6fDN05}o)TH>gPK;&SD9P9T?Kcd$I}HmK*%LO^EB>~ThBQ)o2o*F1pY~f= z>?MispVgy|Q>*OIQD7 z(%tONwE@4aCKv$RRGy4^$!6ZOIg`e%Jg}u4;}{1V#dmnl1#Zo_*WftfT}YU8KEiyq zA7C%P02lO0o?qUYkod_}*E+m}8uAMBJc|XElFAbcQ*wBxIfaF~XGNc))kYSLoU`ryD}t?y ziQ?ntUOdsT(_Cv75h`+qWS39UA_T>Ky?23bLICIh(lyhE5}ljDn3!K$7{ES9&&v)s zkTeI&YR5?kC3a84240TXX=I$ur8F@d-@l6&BFwsYt>}{naz&{kMKmo{>!uK{BKL3VdP)#G*hV6bf;$h$(hl8pFC3ZU@x9#eBot>@07yHY) zSh(Mq8ITL}@k<7F#u>9(lBR(lXGU-^`G2af6e;5dNU=jLs%f+c7MaEbSaXdoE6o#x zP#r&sOy?w&PArcHRAtlN2D|;%nOzt$gc1L#3D`ZE;@_H2l|Akz{RXkivN)$?aRZF3 zj9kjCB^B`GSs~{aobM@7ljQWwu86Entb|hM-(!czdRjR^$hj-B0cAC3i4qJ$lH7{^ z^q)PB&utJ0-w}^~c4KPuI~q-F$drBqlqM!lm-?nbo7i<`>F@(xiD+jS?x4vyLZ=4o zi?P|Y^sOmf_OolIR5|29@%PpJkISi^^FdHvXCtm9*Ezucx|1fiNSalfqGRJe=h$t;R@%3Y0~);cRNj{UEZqCpzxum|BM2$5rDscWC=kw$=9x73;#IKp(FIr{pcW`G9PICAJszXK5u>In5hm?YdofkzMXzDv-Aq+3VCTdI)fbAaRUylcmtwTF z4R(QhN+>HIMNh>-P(;X-3G^A|YH#DL2eK_Dt}j*6MLdj6Y#W_OM|X5DB|9|Qsf75` z=(Y!m!u}{M!%`n%R`;%Stm*)uYC;VXBfL)`8Mqmhywo={L?sI?$;_yO$Bi=^!jg)MdD)WU z0=@zu2?9nlmVZn5>I+hIxu}^|{gVDSV7k87l3338%*~`4uJ|)I5`;mpkfsv0i6CTf zmk{9fTkQ3pw`FcB;DqTxTY*LuyWDb@+gs7zd$Q*1n5JN+V(Z0b#Kmg{mmlG2Exs07U*B~%X4G@IvY+(d{R~pxE64y7nu^GESDW%ty>`_ z<|kwFsi?>r$@WREwBUHPWb@%?PCnmojv`;)8;%n}l#->E5ElTH-_`LqCi<)(VvNsz zn2_gWSc&-p0PiHj?8Np4XsH;3VSy05ueBcRduN2c)F#)8_@ZVQf#!{PywzXJw8)^> zB5Sz~bk$t*G;_8Seq-9VA_s+-O7~CDnEO1q+rA)3Krb}D>Wuu>D4Jdy}d}K zfs}K@=j~>Q>i+Qj_&!1=p*#$*4l&2MjsN(v>@n@1`^B>5w9xN&JyMx z&e?0V1(2Cl-a1~m1f^p%*Rcbbw%zpY(ZQ*v>O@NbG{4XXoqX_5{tX->rx_^gf8G!3 zz6dQq&spqGe2@hUr8#Nux9vDJ>W!d}A`iFk)mW!%Wo}Sav){I-Rid0U9sM4k7z=7D z>izf|$j_A)qn5o-I9rLb?h)O~%sWna@}O-5^z{g)j3Yoqzj)^@m$es#oZh$DQoV(= z=e7`w+?qKV>uGO8VDVD%$Sujdqp$b$jVmHl98MIYi#JNv?W4RERxsCL8QMX{Na10U_b6C zq2l2P^JJxfzBfO#HtIndG2k>CGvfgn?8P2{#o<|adi^U9<73TlC=rT=IOQ-P77lI! z#Nf8Rb)?Zki43^t?g1WzdH^f}o$@V|yONxB@gjJ7prGe^@d45C?DB)_i#`v}91cbi zCRFsbvLgogLDIL}5Zq0dLW1Bf7r{sPlJA9z#Y_SZfVqu~Y6MO~P0(1(#blL(>J#V|$?#kiYVxHi8^o@za16qRL zts~D)&^~0kHM6H{l|pcE7vf^}NSXwTz*y~=n?hyCkgLHO?scwlS=*mCUf2R#OBB$S z27(U4BW}gBEVxvh5YP$cRCl8<^EN27k?F;Hpqj->h)<3vxK-H2Q}C5Ax3tthx;D|M zG3BQXw;G$Ah6P<@GW4=ww;-6d#5}3qEX0mexF#M?nt;OEnme~6-%JS+88$l7X5+W=$c#!mji-$L4JqNZi}NPXJ3n#wYdVO!bA|_&{pvi>|Cvi?=47vsK+;k@ zKH{mFKk*@(dS~R<{K>>o3}pCwSHv;7sNMa8)m#DIK;Vf2v0mI4Y&QsWR&=5-?g(8L zEJCk9OLUB?o{ex@O9YQby(8BV)D}qcLMwtOH0sQhgS}Q37nRoDuYt=mcC1brw{{&l zum0M_EykUE7qp0y0W%U8WPz)#kZ4Y_vua4iVP{weDEH|`z1i82RWo&fArP>=Uh}PD>}HMm92DW( zv)Ox4GE1M+#U#e};QoYLLh9FtZ*YqNt%K1k8LIALP@ppu=sg&v3v*51ll`v~nVdVdn_O%Lb&G)*HG1Gq=x_Q#9rnpdj7miM^H$MR0Z_N~O1+;wALu<>Af9sR77m{q`$ILtL<)`?AA|TrxOq81#-1S18 z*6xm)tRC-34<;NxVd=f_+nooB~V4XmY(@30yHsKY**$g^E24hPj`Rh^23A}1FA4x=zvD0ebz)DdQ=!L zm4lh)M;~Z8qNXpyp0i^!FmZRkULJ1@;(z~!GV4(!?X<3FoqS7hda^VNa+;+F&7=X3KHQPFR)A?}6grtw! zrYV`E0Z|$kpMYAY_GQfw>Kvg~hw$$vM0OscLj_INo24Mne#j#OY^RPpnjCaA3^@al z1=Bcz)X;}M!~Ll4L`ZH=sr7$k7Y^DRUtH+q2qqcTKHqEFZN1o~o{CAME2Y`RUx{QBS!t*WJ3*P*Ly5E7=n;WO{R_#L zT{~u{`a6p?j@vc@2CCaL(~pm5?>h-jqpl{D<~@;@ADrgAVgQ{8RI;?XuU)^q7WQU+ z==!!$8&~WZzQ{#mzSs+7s2L0NF85E;(LrBQI`OF255`2pM6zV(Mu0%6`C6+!&`Rp6-HyE?}#7um_R!nfV~5y_Q>P{sG~P#}NlBsCvW^M3bbu{qw${c+b?E}Hy_9aw&t4K?iX^X0(j zmo=rtfEzy9COtWPDXc7i32~zLBX!sD<1ff`SKR9W>co z6v*DJ?t@ZraOsjBC|LxOMwC835|U$j(L)&fo1cQ-JS}loImOmm)CGCD`Yyv@Gsw$4 zdVkXM+JV(_SWl&4fTIP-A3}tOQjc4K)Uk?Ukh<+84ay0w-f9{xuqP~1ffhPbrfKQO z&E?_RyzE$!Lu>m-=7k$LH*h+1FRXW%)ulEK;NZwIw_lEX6>4|3kjS9`(fd_UZ^|di zbY#~h*={Eth1R0`3HB{rkHgD`A*BL;OCONiCnR zEtDH#4~U6~_6q`&;T!UwT^X0ie{QxAraIygW<3s6UF3L;`9D z^%m0}guUMuC*4idsm(u=F8C?cFrlBN%=_I-lsJ9**RX)7O9I9>K{cM-b#QkI3>LCZ z0KxkyzkfmFZVzzAXz}vmY@p|$c9!~(puY1pV#r0y8GS$)aLFrQd437LY#r)>h4XQW z+86mPQ^{nT)|iV0bU%{D4S9bGFv&jWwnkK)zVbiIY4SNb#^L2tcwL+<$`_jOAEhz* z-suq@&ljK@&-n1GePRR&pv}sC`>N|SqLz=J6&XgCIIH%Uqlv3-?#+2xABd%aUi2qW zQtR%c0+Exvu5GO)9TE^w$g-0}Ul=Qs0amnqvg}pxn=IEn^-7ylbqa4dto9 z1d;gvx#YhJ$v;5$-m$=@K%96xS~7S5GpSPo>Q=k-15D6x{a z2L~F~y4-aK=}mJ5fW+$r47UR$L2ut3mPjFQm2=1g59!S|F>rN15}H}lfDBZIo;h@v z8hxD|k|R>+=dt2Nq_y;d@IMM@R9m1xq@0MT%Kbgm14IGkPii0w6P!&Zj}8@32OJF8 z{t{8^HKoj6-c@Wimz8bnr{L1Iv1JAiaMi|C5%COA?sQ7Ne0K`e-bzaGZA-Ioa6)&Z z<5QkeWS-x@f`4UK$yk|pQQNv`BvV&&1PMJ?)YYZsO&n!Cs}_*c1>c|FLXr$d+QM=j zJNt{3n>K4!pwt;G64TN#hs9Ah1tn_`!~v49mWgpQ)FRfHy?yyRG0p>?f+?x=@<;I{4e|RmRQYd{I>7)+r@%l=} z4-PHUwKw3b3j);tynb$0zw@0w9;k-tZk4@tV%05g#xB;<FTdZ& za$n`Du%!Rw6WB>Wg2%r%Db`5|@0%FQKxsOdUQ|#d)rxewqf|-`KUaT&89nj4C=aLl z%|SjtD9dm@Es!80zoD2k@~~^+q)u_seQBCa6g?Q#=*#Y04wAHFQ-)NoWguUVDRc#z z`zkb~+#-Xxv2{DJwF}glObhf7z%m2u#5kG9gQ||gmE5$mdmw*JO9GJQ9|h*LYAd~w zZ@QqS#Q2AiV$$h*K3Fi|aX8m|T%|zXI;V=e7y!Kv0aR#XueB=Cl;F!nXlHmBI|vD0 zO~%*Iegv3S)Xn;T6hNWH59D(k1!8$QIlv1Uk$yx26;536x>sxA={Y4F;fDEr)4!C6 zKpq8!WvnWfvMNG00x}PvXBlN0g$?cL+VOh}&MX+18OY|>aPSQ>;XVy3HS4}OJPUoc zvX~3O!NdztA2C-jz-}9T^~TKw@i+NSovD$QClG%A0vgtR(_fkV5096~5M9dVIx5Vm zfl`z0>lkyjuXP6%?zmEY+n9h#?l@j@gJouHO9HMW5EHqW@RfYr@CVdY>ITv$9(HOd zJojtWXgr-_Oq5qB+coBE$G3r=r%zAQWYeZ*JFT~oc??XI_moOla5OwQ{w>IEZe~Ih zn!y$J)$RF6WvK4xn~H>wK2CE>W-}>JqWcY#qA;G);G!kisvttzLFh5dXV;c&wE+Rc z^t}kU_ooLmEaDIDqB^9*$zP=hSl42Iwa+g*t{qqK5N8(E8F%-9sq^Z&E=sy-s7=E% zoSw99E?%yNQef7L8c12bMgFl&9)H8pa5XB1WUMe>b1A-|zntv*XL3@=>QvDPLb|#U zA;tiq`3KPF9YhV4#g0!K;0g^{Rb(SiDHc<8DoQ1^qU!Z+{r6fE#qy(*(^^fz#m#S0 zoL!M4hI3Z>;}b<-{S42TP?F#JfCCi*lBw*X5yOCyAc_OpOc3$CL2Y3Sj^U3Y3jl4} z66Iwzo!|r=2^EQ6-d4AS%Wd1|s*m$?!w*j$J~YERY35r6qn(tm8fntfYtvLrN4|;i zj|%d3^p;AQuFqT!=HEkOMVx^q8BA5d;B*1Dhtr561$M>#e^|pfl6+=*vq7O9<8v23 zJ$zKExJbuNe*(2KKp**#BToOA>$*RaM%qchnSpXOU}~dV&bVqhsR7mH;rM#>D+CmX zq%3@Ro!}x~>%iVlGlKy1!s+I@IVTPrDh(EwCgtt(|FjyNRKJl4nry*&d13yy`H({h zs#nE7;SA~iISxLupK4$JXZt~FjW{c-#~DXjpLW&YL7e4R40VnEt7lefw!{Y}=m&0& zvZ=Jw0;i|}&IHaG$P7oP#(Y453h0}2Y%1i*!`C*_&))|2L@mAihp0#>I1n6O*2_|3 z1LcB($P!|x->0Y?5SWh8YY1o;6c+{lSG(RSeMbJ*63E#i>awZlbfiL(Id%w*miH5W zoW}xz_gjIDm_Rj=EVV|<+*o!6RcDh>9Il+hT{bSRL#6GY9J>(f?8)j(1JU_12Z1^x z7;m{x)nLQ7h?eh*($Yzb4 zdKE{zzsFKMgL`&yLsi5F)JG*diEOX(s6E*H+*9k{Y$%2GeQO4c*V}V8(0f}5 z=F2EKYL1cF2Ew!qLpHyDJDgp9f}J>vPK@3B8WV({$Jaw$c#W~SabMNEe?KX8eTVM%7;*D7zpPQuF>rD@}c~p#nX*$I#YS$OhoelI2?aE2Oke!Jy>?BRK2wD}W$t>5@6pgWSS4}3J?sM%wL*ij z`=}=z6m)FOM8Wp7Nst}lrysvH8&w9(HN^hC0_N{4!iaSBkmOejJq>zxD(*rh_v}Nt z3cyKjJ_bGU$(zr&{SDedwQtvL{Hnr60>=^En)pUK%|YZe@S)m4z&28C73o z?)*`m|6gnIBZJ2Rzx>ppo2$Kh;5KQrCNrlpFRw123AC5rWJFZTg+ej&F7ORSzKVo# zEK#LS=Y&+hv9+#s(hoR@I6cuZZKgL0Q1(w=f4h_!S)H--oB| zR%DYg7#mdTu;$n0eL2QseSe4n{+hQ%MuSatK*3d-dIIeb+^hzL@r%p=@?(SE=eMEW z?Zpn|(=8JI!HyvKC6oo7iWvCu>BHY0PV1L!%0wrc-H}>Nzfi6AIwlB4)W>kZVphh3 z*mNMw#i!6Nwvaj2Efxneffc~!|7Rfj^K)A?C%D2kiS>r zgIHthC*~@L457^siyvkkx&xbK8)r8oONehyKX%R2uT#YvMl2fk8nJvf10Uj{19_{1 zXfcec&-`9}pwcUo<2vK1sVDa#BMhJZlH|H2ty-_eJpCefd|t%l zRzyoz)Z*-Ou`*ZRxB5p_3MR|Fo4>mWYB)0u4C8xPz7o6W(anj*n}pA9@t>PL4vFsi zqb;toE0XnkjhHvhnSPHlyMcE=5yet5%+fH-9`|16+Z0O?^hF#pZI}l{PLA=wV*`IV zmVCWfSQ+%kK)CJG`TFsL3eVGUNhS_q_CoU-PbLoj)*wYK#T<%uf8QM(n!1~Dr4AHt z=f9Zwg0d$T7FdA$X1Q*53dIk< zw;iSwW^sy7A7r1pXPRJ*F?@=Z=@ms4sKW*(c>-v__tMsO9!)Yrv3_qWm(kUI>E*4!@_w|UM!1%b zY5!;~5yK=YLzn%PkfrrUZ%Dk{X&1X15VO^LStd1Y-=%uSRI7V`KQm7-_|G(+JizLC zbw?zAu(_voxsOQ>NAS`xGs{Z6=)113T2f7Gi>Tpbo<(hf{JOmtm>H(|Oo48A#HN80WRHR0= z|68;?a~~QV7?)$U*8bYF6@;{0>=~;)KX$K9M^4JHk@{`vX6#MQ>*PqD3QN@T$p>ZQ zuRVIf&4Xnh(aSR(D$>8tu_EEIF=pxbB3d8WH)wS#SmJuLL2S^g{efm^zdA16ZrY9O z{Lfu4EPqKQbIoq-^CR}-1oF|J(LsFlU{WHIo#A`4sS!LEe&MG(%lGg8D>HX#Q`!{& zh#FIOb-Y}X%%PKuF-RP5$Xyrlc;>FxZxnnHg93)-S6#tDe?zQzfq+?0Yf}yTMKq>24kQ*aL#H~|6!bvXs}6$nyI|Cc^FOQ`D5-@#_Z`o zijI^svZIJxBCTrd+e{oFwC!zGB4@*W1LkA5{%MRJj^7m?m84BOjXvriJ_Ra9z)rk49q^sI%h0&V+h| z<6wls7?qijz1S?#B#p(qLB0e|`SA+fc=P(pw%&hE+cV)#T=##R7SDpQ{|iALsTZSY zsTY%cI-Wq0fa|OVHYIXFbm5qCcjwgfbhnR>XP%G^kAMIYy{w0a2i%hBnVDSE`RdEs zDsL2h3bS0r+uK`}YLj@OV64gYD)0?&=ZBNnGB5Y1jgOa_no>H9I8-f+!3~4>?!H9H zi-v7}H9wpv>p0ODR7-8ESK7vJ+h2Bsso_4)w)>|PP7CYwZ0;1_n@bxxiF8iEfFZR* zObUALvW7~!d-TFXr`mKsRI*UEW0wI%!W-eYZkExoXMFz1Et5D% zP7*^QD(ZB^l3nNU&>`p=T=MrzoVj!A_sIcB7ZkCQgJU>1r0y@)S;bm zcMxU*y>0-Bc*383riqD(DwkWU=;&y}iEMGF`@+1wfFcDPp8xnlugk$%HCD0#jJSm2`NF?n!m68hiZ z%3C5GgYdmoOHewpgcVq@n?5QVyqt#GO<3D{!5(LeDiiRuJBTPhSb@?iMQ2Xi|~nzWs3=fJrIv z)XnNB+2z|3hu^&+-aC1XS0Ael34|BUWwP{$P+D@dt{GN6n=m-b)u)noQ3|NiEF|WY zLP5ib>}Cns*=UkuWrUY}p^iHHi3#!=S#-CvFM77AD95IdCJ)9v_>2$GW)m1q)s(jK z^YZF8=psoa6|}Tg6lhl!q@>b3J^yPuALf{=wak=A<;FRyOHNJ(W;dR~jCDYCh} z%@GFym9AAfJ#S2x8kKQyaJYD8V;+XGABHR=aGp%cI%yH9RHTc$rWIix!vLIy8ci(~ zfcAJ{c$BfCT2RASV>I8r_bQu@wlA+Qma{uD$)-;yUte{| zJeR&nt@!=cpU_5TW=B_XWjZ}Z!%4lz0ra+ea<0eD%M+fk2u?0$0s>yRt{2ip$`wN5 z;^J?z0CM5g{K(}bhs^U(I#r}PU7!tDFd20%*!Yl&^q}qY=i>e1J)V8unU67<9{9Xg zkG3~RP;g0w2dfEEZyzG7ndXfrm!<+GZ9W}@;1tE`DqGcgPESv|yPQRw9~3z%l5%sS z+0^*XPQN$auC8%PM%^h9AxJ^731aK5Hw{xmA;J=l%jx1!Aq9><4DJM$7G z!(try2CtCdKJ22gI%Tfmmlyh(RzS*dnpHXoqHs=3OpIA*UT&_RKY_>KpxC0*eo_7N z(>;^p*#>U%KCn~Wfe&0aD_(O=95=_11!vuFx?Y+PK<4@brgL7ucX}n}y3%>{J%gI_ zx{K?*uV&_7#}54tfOEK{z6nwo9Ovg&e5NFB)HcT2D4t?BX%3B90GX#Z?`@B9rgV_G zh|P0YvK)=7kEQj6^+!*ETXF4weLsutF)kbe=AsV%^ zvU2@;2#3w}qCIHad2&S6#>m2Ad^lI-v=J_B^KfJ7`wj%C6@Drzs=LQy_mUnwceUW) zU@nf?2p9de4K7TY0#}QLGcj?=u^RUqCSa$yf8BwHjse??@4S8enCan}zAtf>ueTad z#Jr?#T-}P)A2XP_?(@61wtI2#a@O&Z5%VTHx2tMwcSi2_8LP-nNXv7?64NdvTi%8A z@(xl^r)CFf8EVBBR8+_chkV?2?}kDoFJC$Q^2R*FP7ioSlw@Srr3>#5C>Hl z5SK^XPn?%8pETrtRk`h7mxF77)kLi7Eu1gge)7pFCdJZWmvmmnv8{OIwmc}Y))Wa4cCmP%psRGlmn20aqrX0{V$wiMah$hY48g!(4^p$43F z_J2A*HsCP5Xk80OI6ZCed0@p(mheTwW=_k<_^-k4(6jA(sgs$$KB?Q|z9u0D2exP| zwYN%946Q7-uPs)#ax25Y_jEY$~?TG3Qf5Dn;VPe(>~?qx8kKJ>-f#0>utb zI0CEBtJ3(MWdoN}JQy#J&@fCMwx?m%HJ{wj`>$dJ_7DAam&tjBu55Cdw(u-$Z5P_d zyrRh-N7iYv#Pxc}qTx*(j&%(dyzwGj&mu=GRtJd#>wE>p+Opl1X>O{8riaWP_PbNL zZ2p*Yt36}{ie2<1vycSm~k;thdtq}40o*~Q7{T? z_L=7A<^@HJ%{JE0AZhI7PTIshd^ff+&AjW-4r$I> z%kz9<+@qY&3bY&4=*zowi%SNFZDH)U@94S?;+lblI-hy&I5Aj{7xq&y*!vjl_XUhk zU|?dF?WtVPT9?Sw6O51H^JlGi8#GSb-hXm63s@|fU!-yo6XoTF;^gE!XwLpvsY0bt ztma>{?1oK8N5?#LxVP6%<93R0Fkd5?aRB*1HAP!nCbzqZ)H$_5T3xGGL5Emz^@}8O zbY3!fo#W^q)|{WuIVklYU9B=+gHD8k8}yzXUNAZW+4zhaM&otxIyls;s_EYq3bxIxc%TR)E2uPfcVx{J$R%KTn+M!V zRv#zs3l8(A%YAC0#U>Be(Gyx9PUfJE|HV-R0|z%}%O(8k_3Jil^TwY5028vZ&ScjC z1l5|8>K5?x#eOIQWDyc_K|g?}n;xDu0IYgeR?;TVA08jev^wB+{_tVYiF@$-_*U;^ zCjJtCF2_ZP+4OI&{CnH*MnB{xaB6`AEn9mr7qS!}LmI3|pq~G0qdRs`5Ym zGHCo3e@Vno;2l^mG%)VvWN$xxdkuVrul4U2XfcBnorBuYmeb8RXa^dHXoMs%NOjFniah!2RGAeEDqxpT?kluTUi0!p$9bR zlEa93SLELNiu16c6H;XFU%_KOn@6E?iESTy6+U3TQC7_yWBsB2nM$qpt$EYshxU%5 z7R!aDr4Rs9-inJ~9l}69c>^8`3+rS|7;kk;d>`RmMn*=d<+>21ayg{s0+a_>oCfwF zMKgBPC?i;SMINu?=4bj!jg%0He=R*A9qhr>7b5T~=5U%1zj=cQ&n@;WygU2(RVcjU z!FjasNLo#Uq=kl@8q9xQ4@2DxT#R4E0@0J4>xwZI1=)FL+HswuK@Br)XL@90Suuvw zZzDo84ymeJJi?eFdX0yCsip3~h+jaU4189has?cFvPDm#@8$Ki&iU4mfq_97D+k1? zPuDMYCvI-mL$zoz3bF9szV(RJbi*`nzTMJ+&4z|U=iU;1QG1J-e({liwdRBN)3}Ej zsCu59_K_#0$zu6>_y}^mkHwh*(-u`c1*^G&8J3;9f5~zwYLPj0{{H?mP0lPKI2?MGjeS4b z0gwoSY!zy137@}VDM?XT8Po1)!SM2?u#l2cvstaw;OYoxKY*YcjX3S%qi4VKPMb8U zY^tAyh0NcP4SRz|9KE^*jP0;UGEIGBV^jXf?l-UB9JBd=5kei=zRG1kwRgE0!CODh zp$QmHjWK%qIUWAE34+V(VbK8*=KI@=+0UNVPW4WfdrDOX+}c@l1@Ai%uzo$KybUJR z;8qz_W|bXhqC{g{XmVB@zfArql*uP8jk4shj&yUUGQFxh5JQ!lmlw|ZcY|-stE-#Z z(s{+kqE8j82ZCJ7-ww+9+9G((#@h&Huaz&?3obpL9*RYC!V6>|qefM4216k3t@jqv zdqT}eB`ZzKqSfH~(#O~Lbk@9?SKm2ywsy>*9nb9?)@<=T_ffkr%WExJJf48`eLWUx zIn8%TENrY$WfLh58`f?w*gJ^?Uk~Sz6||p>mVQ?YigJ$jw3NCTNyNeGmFH~wQT;<$ zoKvhYSBv01;{rM=suy4@@L*wK6@s5Tz=b%&!xH`#5Km>ry|}mt0tihZR$_Sg&+8>; zPjv(zdt+}z#$jFD)7d@yOmv^A0%8mr;dx2BXi<_BULxC{<5 zhe-nkHCx~5OT*SrVcA4Z1_v5}0^pMT>l z9AY~aRh33N)r7EUUgZ%60t-vDfs28I60L%U71pEuuaR8Ik!Jg013j~ZmAEZ)l`$pf zFPz^%L%jkn|3^pcqktN2Vk>*$o(9jXMbUmYz{ z2rxswF~oLf6hBZ0f)`p_Tcy=`=%_TR2^>EYWp}N|ud#uMtl1sM?OGp%`PV9gk^fHM zn5$?lhlhJw>f-b{!l*KnnU#fyfeY`(i-y%BsCXFC8?zzEMGjo;o4!uH#k_ zA9~9aoyVLU+vj^kX_ss(RL?&8Wv!&!_Q;Ot^)(kO6nIOJK5(TqHQ^K$718T$sL9C4 zgvF4k$-zO{+S(czl^^Zk{+*}Xni_PFzGmpWd-smk`RYKrBwe9F>u#`9dc^*HbRs;( zG39u|_V}31Ez0{CKOB?-w95S&Kla?Nfo9^rVhI7ue zk%fHGf$UcK!V$K@@@(VVLcOi1g^7@mPf+~7iN^ak(X-SpI=ng8RnEr!ex&^1>T4o) z5;DfO4A#F?g+hXY(r(X~#*Eck=0ffg20TxHMJWN|H=KbM%X?l~MYOnSt|Ka}&$A5p zZ`wCl#3Mg@m$JLP@$s3uwf0F#0$N^APfanWbG$XEQrXzt^bavKFyK{;z4)RIF%2sQ z3`8;-8g!h<$VliW4W6y46tNIKgC8exC4{~J<2{5v-*EF2dX3G_`l~nCy$-p&y6PT` zXVCrUgbg0PgGK>$K?RD%T0eetnuz7e5RkMzZ4aZj)PF3S7}R8;?Zw+)Qh~Ndwr{%y zcqgMkp!V&0vyN}4s(k{(53KfZXf);#RDx-Z9wQ^Q+V6##MY3m?{s-bkmK_tKLdyx$ zxSU*EbfyU>W6Z5hHD~n=q(|Y@b#-+gdj3pJ^@lW)kKw)qspnH5b4Pmx9LnVS#sDh(gr_Et@o1q6MdHZTZJ7k~+G(%sBqJIM9- z6$hji6BCo?XT z@)>jDkRpbA30H(QKWBpzJIoTo%+yd}TapWF#7z)8kCQ9^Ra%J_k)rDa4ms;f9BYXFyg4kU9fVND%wF zP*G7443&9>fFK|x6}C8id3D-u&-_6k&+4H_oTUmo|!%|bt zEf`R@m&7z{CwJb*K`6(6OVqqCsikX*Obp6}sySuw6!NS7AqSbco7p#pJP3UP- zti@2QpT36LKOc&3435A+f#zx^%gs26Eau&SL;SLBRHXtkn}KkWzq_Qi`)`J?&eAYu zb(`>=Q&%rzaf-dP0`YL#e2%lEYM0&ZdiA*jpr|41fkIZHH3>}~a*+a)=4uS#gGq%* zmnM|Q4Y@W4@hS^!2LgRm2p@AmB%GtAU|~T!K0aQErK+kL2wn`1e1BUjO!94Mxz!0h zs<4?z1r}t$S#~kX{pl0$_~itBWa-{-;)r5=B4Qn^rRU{kVT+j`P`v8uINUcY&~geY z_6utTCC%{35~RBSY@hmX+_j=k%0mn4A`<&zQR_OVj&+AL^MLn^e#tb2qeDwi4?2~P ztfKSWy?1T07pl^e6+ob#4y>WzaV(tM%lurp>DM%8bmS?PyCCOz3*noHku%EbA>>L9 zyU`lnP!by|K0dxe@Zs@s4`8ZG0m&Z7(y0D3G}J*cxS8870MbKyT5ETkL$oX9iq>B1 zLvxcB8gNn(C9qINRoDU3R6X@I)4c1&-HQ$OWv27YCbQ*TduD0{iY3(!YX4&MBH@VS zouD8+yW7qCE%Yru(=9z8kj_s8Zhha6!Ld^=04}KIK{J&AJbr61QMX#D-GFg*{1z_i zfGec_JXlAg0<=Q(W5UD6#p(vIUPq(jBUl|3auzf_o@jgw^I8W?mSWr9800aftPydc z@1;v)hDvf$QXa1NSLsz%lliCe^76SwMO^`C6l!-#-)U%Q##lp>AS{BSc3xUrM~6TR zC+I&T@U`>3$?fcREdT-KwxE5cRHNCg*Rrp%vGHjR&tqS9#$-kYK~_$VXfy%Dyut@S zpGK6rq?BTfBpz23L*+ibbp}1sb@O@Tw3>N0^S+ov8sXU|s~zaax6Di!8X78bK0c$1 zvtHTV1$O&!X~?7aY+QV_8rH>ca7>fI>3+Ya>-x(`oSD168F(>zYyDP5ng@l8G6B*a z8&`rl7`Xj#Zk8@EwyvQeq(F2Up)X%xhf}zWCzGC@++3b+w{!FJ+wfV@RMhY|gWDMbdwct_+P)v?{KSM8fYI>V!^r|BCX{FA z=P1||QhhX^80j&NA8(v*9#}Nj8ozFLkDZ)NWt^yvaFS&mA0BoAUPKz?K@+wyG@2o7 z)>|`7ECip`Om|y%&jLdv1Z0HPGg}gagM$1*%nKXf@ib5WyE-kt6-g9dA5mmk(`&H# z@?&^Kq$5)pJCyg~*uUVp;e|)F@%WN62?4z?1ad|I0uJE=Bgk7JeC5OGM9ZA(VsVJ- z&R(tV_5RZJp9*Wic>`Q7Dg4>F=dXKBDxyVp9qqb~o~Pg+vC2N#V=@q6;dsmZd}wEr z%Ilu?{~jM7|LV;fp>N+_Bf@#fTN@b}ovhdAyUxv?X%%BsL3@uJp+Fqs>l#~d& zx^gj_&iyJarA<5opi=v>VY$0127Bgtx+Ax^)?;;5E3x>rG%bvGgL;r(ZwV2M4$7mv zoE~ss$k5Qx%<9I#N_&Tgac!vut>)^Q-gDH%va=&8E0d4j-E{B_MD^XAcGz=U+Q65~ zf@$m9FL+kZ76T0KhrbN2QDKv3!k%bc43;@_N<0U&@Ef_bs@?j*_}~=Z91gwBtk>No znx?|yw#h-5Y`%`7*6GL>s6ofi`G2&dxxyK~#$RsKvKqA~0eH%Jy}Cl}xq%HN^LV z9FsT(9;;HN=zC#)K751yv5=%>=&S=+0u7hbF6m7)(9AJ)NiZ1 zKw(5uLXvmbQ;aCon>a9~2I(Kw^+3(Y1d zB-FmRsD4rePA-LJfU$vbhc@Zz?;`Pnl>p9x0)@f=r2eD3HleOhb5+JSX9F};AKLdW zb!e_8U+$DvI^f6r2hi`BlrwDXeu8CD9nz!y5r3Xs>wFIacXMP~>Vfa5-}hg_-mM+y zEp8--M@QX&R*{mG)j7XQPfvH)j8+_U!+}5*zh3sgsND8g>+18MdYB= zZj^zcp~40RWT2`%HaBN<*|^>lnhCn41b(36cXF!#g{eYHM~4EuDnv}}b}&;0EgXv5 z)gMiPf`fwu6-TE72jGXrW&SM-6!d@p5%tAFz7eG}sUSd33-U&LJ!s?&03fhIL z!-wHhGd?ZcwTKMZb=~^`Y3E{%?jS!Q($9o%@Wc6HUWO1ZEiEZEI?z#TH2R&LS%C)M z1zWcE_B!*`reNu7`(*GmVZ65fKrkCbRT{U%qGo-2tHfT7d_V z(tO^zPG4F1o+m>Bc1=XGMu~4p$+1q45HL6lM@L6wZtBmU+uFQdLWsfU>Lvs%6D?Ep z*VgUr?I#cCBZNdmf}VqZStwX^nENb67B*NC#Gje4zU8%FCzE8<-5SOv(ztv)5|q19 zE6$YtM3C_Ii3e1~Ahj?@sVMzsnv)XDS$niB=>+kxFCUa)4bxuCqQf%Kv!q}$^e`~k z?sZ0eGuv9qSCzFrim$Vm=&n=lP7>1-C8;AVTl1{0WENq;P==X>5qwAF0q>bn&e-tn z2u~xP)}t}_(T>86M_ysJapc&sWs!Nj@o|4!O8^>$%2+m1_GV-mud7+}0aZ+F>nT>> zNG||gle|^+`R-+qQBP2qR9tNo6$0-4R-(DZ(;zH#HXV1%C-baLQfh|>Aw?PqD_b}x zcyP8v+gRjRnT}ug$Ov*V5TQ~~2$-9ftkf?pX?)~#cni>>keL~EVNuZ+F}4;^Fm3|@ z6i{ED-8Ge!X}^EN0@m`YghaOw5_Tz|>D5}?aEz+3KrNJ(j&5vVyblsFCErO(N`j*| zK(Nx$5grxAI1w~DHwW*{|MTb17j5UWv$ObIT#IBwMP6QBpv1;-EsRb=LeksY>mf#h zivJf0ja399AqiF<*xE0&rt^GQ^G@AduiH*Zw01dU7k*fOdIqNuuV3EWJxvRJy)ocU zZ2WYo;($3qqryHqZ9U-OA7q@I2*Yz1tA5U$3)R~6lkefSNRp1L=sqG%(1&CsK!aIT zoU(In4h!U(7#JA5fWhqU>4BYQW@Jn&DgrS?*)Jf${r(eO)5W-Gtgo@GK6r(U>|0Pk0rB;!HD>8`b;=u^kkR{~V`B$`paz_8>);?_tCxHsD9>*f zDqNCfXJ>!?`qe{?+84~ClI1qY61^+*M=~laZN6PLH#a)~V4|geZ9>x}0eKRU&!#JE zvfs{ggVNF~QDcOSM*$LrLM6KG8#o?hBK@B9S_?yTn$D;&-1FXbG~)IvJauaLD>L8U zRb7oel^vN5&#gVR)}k}mp@Q8T*lV!%sosgvF^RdkWS~I9pDqOkqF}LjbHfU#ji7)4 z_=ANyRGB=v&M0fxmoGuZ1_KBPqzWcIW4__y;&wxJo`yyUXcqqUw+t&A+t93V0`OG^ zY!=q{^KNUXsHh;I0J34)5D>Vp0QBns8Q1dZ2iw(l*jzbsz)vI_gWwPjR0|#+P$&_9 zBN9rh4;+D$Pm-*BdU3hok~|jFcPs7jR{syA%EvIz-&0{jm+RR)vgZ__N$8ue-OtB7 zpMAhqh{JF{d&2R5N{KEa){Z?@Kt(94tQ6$qdjb4`l#-HPb2E2aRZ~-w!*;U$+js9g zFD`5ff&Qg4%ersV3WOv6-!kd>`65z70K}XOa~ywSWPA_ST&Rv$63qJ#GQdrN!C+vc zHYaBS>e|ZMdUb7$K)d|b*3NFNH=JZ;XMmcf~1Sk`$4LqAe;_^#>U2zIpdOaP^JYEDt7e? zGZPa*kYNI+7nYP{GP>zkR9Fb|Kje5ZIIwrBtC{(1FE1|*%*=$ewFx$?*c6I4L@mIG zRk+#N*=@`e)GPFm%FD}34JSxYB8SW!95CR${{vNT(R}3Bulc~PHZd`|NCJE%__Nhf zkS8dJ5SNg|@A&P~v&Xskb&FDkoc&9<^v~=($7SX()BqY4Kn2?lKQ3=4|uxlL{5CwMN=1Fe)l)WueZx*8RD8r5+&NtgNio@o||> zn{(Cv{_n`js;b~E(12SYAR+|+4?#v(>A&X7yw%yiI{K$h&@EEomenuQN=x6?m@U3j zo1dQcg%lAInN8cT4(GMZ&1tm9>oPJkQLwP!!JLlpJgbd*KNc5Le`K|Ql9rZ+xJO`? zFCrj>16N9YJv&*n2qH2vLhgQS;066cLO_Q4zLC@#l%oMr_X`Lj@wvG*DjOjl zEOfm)7@O5<436=V@aGX$l3l`SQT^fJo-z z!dY!PpIsvcW&z^0i`5&L3&ubcf`0uPOw%h5FE41jbu`7Zp(f5@X9`43g@|=16F11EIOaO6v>Y zO$dmIznD{)EH*l#f(-|ti)cRRAAIw4-GZ#BsMxfD@1&w;c+{ELa@R?=y>wnd*+~R5 zvf!qB{QOga!|dc^qGwa-aSQt3!c?x2!4d1eJbi*D+P#B^(9d^t z&5h+Z$B%bgrTrhCpYUjg7O1I;yK?X_c5m-^u3IPclck5n1xMa6LvT2Xe-Ma@!SV5! z;}a7Ao(6*yzO4Wk3ONA=>=9`|-vG-84MF+Hqp3d&i;E)xb*mTH)sCU|c6J${Py!w? zQ)P?}xlKqL09OMOlg>QZ91EZ@`7&aCe`We`JL2wBQ^Nuh=iqY6b9;~!t=?VkV_;#m z_x8R5ngk zazGS@1CjUS^70EXBA_?09nPCHvb;Uh1(;=JZ?b@W8rq|-j!kheLw~OK1Y@sYKFI2* z&}Fu8KG^mU1NVKiOlosn;>eQ9mff>@CKriLCMtt_YRc1`0o#KYr~cy6(E)=>3@AkF zZ5?+AWC{(0*Ad!H9nz?lq&Ih;C?_Q;4%NFhxQ`ly`qN>7R?)K^|8^uwU2RcU_DL|< zk#ZF^H9bd*4d6;Y3m`cIFiYLy5U_w2Yn`v5kg4UI9UZ|c3^TG)R^pw3qVd@HxTlW~ z9N*9@C=0;FLZ$~WwhZW}0{r}t00?|l?&My)BoViWvoi-o2_yh|$N;CXwYBx%@!`6& zL(Ba9JZus5=_ts*P%tq3T3dMwReL1$fL*)*l;*2qwK`9r>{V-WLK6@W@H7?|6I)qZ z`wtj6B)#kE`qG(I0er^FMqgyD^>)Zg0)Rk2e*9=19yXhr9_a6vl9Q`6a8*^so|~Kd zuBQhFm?eOafTgqp6sDk{P+DD`g2@4BI>61^*xIJ&o*! zz;#ig1G5GCh=_K@rj8e&U9+jv4r&W@5rO!A^F)BJ8=Db`}@H8`0N;*R#O5} zl@G*YpqBWc=B-T!YzV}CVUUl1#KA!UrD6bcyqI;s1aW-^@09`v55Ol_^;wHaN@g}R zU<1?);80J!?S2@j7zbl_8AmnQ?tciuY^$8TSJLX1JPk&9)*R4u%W8T%J@7yc=Yjzz%iMc2GYD_V`mS5WZ?jGaM&Gq#Ky)h zoy9~)ueN(50319zpVaDA#2}Hx`r@~YKX`m+cQ-#l_|D}=;LIfxz}Ae4jm-oZyh_ni ztjO{1ZX4e7jj)5GBRX*LLu1&MXuuC48P@a4@ zXtR{HhvMsgo+keh(LLDU$61Qonfq}&X{#i5jh~ta=vOYV9&^K?U;17^&7*2`1s|z; zb~m3c4SW?t-M+m$GUx7i`HX*XD?~3Z)C}9%-|uifZt?}2YGY%gwXIF7 zPr2o04FMt{K2g9DwS9hal~YvAtgpuc{`9M;s8?oYX6`m9%F|Z@ZwF}lb+AAX^s%$O zzq8ZYaNLZ*!@~oqlgCwzM-`KklS`?o1(lW2@vT!)QUdrGbaUg-wtaGX+BV|;WDNl} z01>Dg{pkViZhhk7FnTx7dfW#8;;P*Moj zdY=2a?&~_w<2;VzJn!p~W`1#TEa06^&&0Tb5J;#q<9VkxRhN@zC*fQa@R2D3UeT`4fZl<9@fxiVv z#b}Zm@3^Ff>4!v;sU{E-apd|Pv#&Ub zlc^l5c%onTO@Iv}qg3+&%{vSbBii94NV`RMFOH95fNh^tt=j0>;_)^uzg0;bUJN_># z4@F?#y*Cc;J{wcX6LE$Rf{e|~QeV8FZfR+WiH&Xi()s4in=?vE?_u|tJ<=nKXCHs8 zsgXl+!{a29P49q7Wj*1v`PZ*s-_X>+tsacpM&8bJAqzDhQXZ$M=#`0ZXr&Pv?j9bG zF7VmU4qq`+c=#kYcZX&sBis*~_BGATJHVgw7q~IF<}h4AErI(#OYc~P^!?Ij-5U|R zwurZW7oPt5@#C4BH*b~!*V+AdFQ)#x7w6R^@;3$_*P1GxkTe_RBS&ta1s=qWJq<8% zfS+GTP%wE~;_KJ1-wGVKH*Ule*@yPaG?qHp+m|61(!+)aa;+Z;Dx|fuz=7(0QJ77$47A*aXi=tm?HgLg8QgV9PCQ)Z5%BqEHr}mJLlCazb8+44jwurbmYiJ zU=U;}&)F9Bh2e~BfQmz|;}99RP%@*6cMNN3Z3Q`LXlyK3uPr7fhVv|Y`Eq3Mv_L>% zp*R9zM0E5m0Qly%wyo}C!qC4qV=_fSLBZhhzlt?I6AS7{e9ag;DwFbKT{j|K!4^jA z;NXB$OneNuQ34)4+T%H0dz6SR3kwT1uE=q_cI`rOzOcMpfiTkh@QLbv)E2kU{efDc zv(Uw^Ar@~7<&#@Ti2l>3Pp`v%{rq|A(S^+?@=Hrk!YaKdN@;-g^~;wxLPKfd6B7FR z`~C0Sp~ij&iMj#RM}fzDR*v`r8v&=j=&fx;5=Z4%-qLbq;5e?gQdLuvC|ReJ%?23wtM9p$JbsHliV^C=5Y3MDaUSu~cK*FN1h{#RcS|r*E)D$3(a&mHfLqfK~ zOwczz9u~##7JQ#rK=ZdhGQ5cNDVd{Z6T-J>YE+$k8VfCPC8={OYT`3zHj6ORh%nct z*rh3}s7Rxz1vmr~uz8Dn&Z;89idr_N4&S1!wd`Iv3|0#Qs?I=lH8w5^3UE260BF#= z;?y3!{0K?CXmze*^Oh|#rl!33!OUqQZ7!(-7&N7yH?p_4SDf|s_C`I0xP0{*1q%xc z4zldw=ze(ekuhUju;y%#q3D^IsCvuaTvmF*fI`Nv4!s?w#5w~@eR7*U%@uKqD}wXj z!J2Oui4PexNJX$H#HR!r>QmdkH@31;4xB0Rah^Z7Y?yMH=>DL<;YAK%i{N;0z)%a7 z5d|N&LRgLEv7G$;q^spW92S?B-nX^w%D3wYM0~Wd$^7bw2V(+?QGukDRaIp;>7Xbl zN6`YXjSkO#oPAIW__)`uz0zgj19U-6M{C_#K!1yt?LDeRUrM_bWJ6F%uBO(&O;~Gy zZ}QqhQA)%S0B#*QB=EN=jgXoe=EUzBjM{gMlkLjSs|u6;5+4<{6Qu$$FmYDr=H^aY zy?giWZ_$N74a9-7C#Gu_U!j&48Mknya;RM2JR^=K2?;B`Nr|&RVMk3tp#o4+J~b2NiTbaspuQO~i!L zR@f!=-@XMA0{|GZ87)%RRzL>s*s=+sI0C$rot+&S z&nDsoNP5gAXJl**2nZM)8fth}0>o)oG)0l3 zreJVx-@bhtJQ_nXGBP^mwUnEj`IPasTg*q#xq=w^|R%KDRQw?6mYtr2D@UD-SaZ%dX6~*M4mwDkBgIkJHlLV`q>Q zIlv4nT)04|q@)CT!s)pUWQ$*4qLJ=tA1d>z%7C!Tij9pWN;yQczto;A7<6ngv z604>r^Be2$hQ5*8fD^dDP=OOW<~+Oubjzl;bEv*6gSW%1D-Grp*kPZcDz1$-Ffh=5 zVbUNsFYnMZDK4&!SWAT0ddF8Ex&UO*V}8oYDkFKSwY8PV+)hrpA3q_`F17j&3}dKO zR{+0o{>1s7qrKnPe|Ol?xMg#Ajq}$g#KgyJBvI3ZeLeBU@WU4WUz&IJaJ&wT70|ae z*g`Td1xxYPaIrPHhiz+IY<%LZmt*Gi?-%`sQYwj$2RP{^#s9;o+}rfjU6+(X+5F9= z!8&*E7_aELl#Bc?j`!m&5Y_p?ZJ(v1xI}M zu0g^1m)ogCB_ybUZ?5Y7zZt99QWSIu$8iNcJq}uSiJ;_UPGk}!ed(HyuMr1{`U72+ zI2bZ6F8RIf=v?Ui^XtpUy1ME#l{h(NMDg?YJM!)N@1K_{M;MO2ED-%A;@-WDVDTmQ zX=wwFp*1rUDOS243<40=@ewl@yjd9QaX)a9D}SO(jr%$NZc53h|89+c=Kj8%S9v1W zsZ)+)*9OAybu%!KOG1Jb(N(zmUtSAFCPbOz-tZPjpdKXg>hio%%kwLSRf%wNkqH#f zFrWl~bos!h2?r^#0YvA*h7B7~C>Kh{2_e^gN^LN=A8vle(}E)c2VF<+NwOQ18An!z z&ilxinWZOBVO!vq+B-VNEw)ciPR5VLBWv`IjAYFJHerdpTvfFU`WEDWkhNBrQ!*OQ5|FFU8TYkF7gAhWr#X3Pk zsTj$7^X7SO?qygoat7_{yKrnM ze}5yX=o9Qld9e3Ljm=Ew*VkV-q?vohsOpZ;o`)WwB8FQ9{Yy(rkwJEHpq76L5VLdV z&LJd`;nC62R-dtUQ3_^KL2V7quT;bLdE-92-nFpo9yK$(H=fujzy3*Qwzkv6XL#n= z_p$M==fTXoY&FA5*m?ASH;_F%-n3);(RSz5$HA8}J-nCCp7&1Da9Mf(XWe+XyNl9x zHY|9H@bTJ{_T-yLTLpC-d&&L=i^*p-e& zIM!_-wPv7K-PSe>xp^t~YoEP2dcTQAcg0Vg>Uw&18u{O?mCm1UL*Gf_^Qh?P41~UF z=Q{UM3f~(RcZ1u)!n{-(US>aBU`nh_miA9vSorkLEy)85ppw9D*1gZZ>As%-+W16B z&0_cB(icw2MK8nOr4Pm*tnaIMRoAkQ(VK=utxXMWlvHpdmAAL{PImw<l5DUmT}>mSq<#A2$**U5&`np_W*;srEe+Qm?P-QVH_v54H$l>)HPaa!D$(c- z@E&#lzR@)$l5aZfp;q8ryTUZ=Z`GP!f=v+uOOdHU5;O$eqyZensD}^t1ADWN$REAJ zE@3~xmVoOa_1f$vroq_nv7X6bKIs;pZbT}!w6+#`(NpY^-==A3m;$@@Wets|P^hZI zJFMTZ_pA;n;&f^jyXQU6$cT!I%Yd@;Hg6o;=biiPbJS271{Hx1;~7Z$Pk{0*5Uvj= zZB6>=bRsGuqG80|H@zlCNEREeD{v#fsSE>m`;905l6~|1i{BuZnjE~7lF_}e0+Nf`bn_?k~9@2St86SrC$r6N_3CXdZ zQaw0Z8d1IP+%?cG_ETN~<)PDzx&(1qIXlRRNhTC&wMuvOk}H~oNV2Q5S!clsWoqU< z*UK^yE9}Zb?Q}fh9I;DNQr`cHMIC0-o~sBy@C9q@7n}BPAenwI^(h6n-ZhSG_xaPO zh^C=c|L4~Wbr7&er{5)pg)g!EeIHVyx`5jWyrFOY7FwG6o6kCDZq7T3*6ZhPnw|dI z)~1dZtp_mbY!@ra%v9;|Ue3hfwv;|W@+CTmzNZ@mqAvHEET^pdAXrgq;8Yn|Yx-J{ z7^g&<;kZuR_QCSrasi80Jhoz{k@LL52JLIk_fs-5zNG9;+`em9`sAd&7pl$Y+1W1N zOU>%oCEaJvK>hrEi;OfA2UI(RU1>WHZHQk~w53w6yB}w?xD^=okTTk(F^=OF8!`CE zU2y-9&kok%Vl#fS^`Gd`)i~Pjw{-f4{jprw2|iR;7q*nbRR*E1=I3Qh5kf^dJSRvP zbH%K`3F-$j?d`uopQyrgfw;Vnc}-+kn_D9lwG$+0&&e-HBpG%z*`q@a#GaO{`{ ztVV}D9335ZGBT#&BW%65ft1(+iXbv6X+q7;)3XScyu%zxH>O{yV}JC8DUT9?h}7%$ z0S)^weFzRdk&YGhc}KDBciUcxliFR63%pm~omMPTFf~nka9C$pZQ{Wpt!6lXu5ppd zUV{g2#0T#h24HA~$%nF8(0^~jNuTZyHma}3!eYxD_lbx! z=jdYM1Y&PUqiZ-M6U*9I(ZkEgkf2-5q=^^i+rR%JrVxB7IUT~df8V}pKe_G!Sjz%u zv2jE05ifgc-H@0_)Vsd8>BNk@r5{eOmuY^-P9`RcZ#Wu87nvs*a38TQ??%Pl{yaVm zKR#ailwNLbE{e~OCOw#SfRlOX%ug>s+7x2U#Rx2~e`aU%1c^~I*eFN^_+|d$_H)FA zTfxl~I18hjW@P0u;1xd)&j*vFLbKOoq!*VoGzPClKiYpO4OjjtMXozNH@7+G>o_sz zgOq4iWQY~uw0PgVJ0R4%rAf%wOw6|PScN;%SC($EC9YK%2RoEm^mEPtivD+=i?2=x zlSt#ou8-o$TwGi-z;3VkLg&%#Z~@jRgSv&O{zFPc<2q?IoJh5Ty`lEhZMj#sBbO|w zLjl~$z+m|8eq5XtUOU&a<-m7qv5G`J@5K)(h{fszbu>43y&@5Pp4BNL-4;+!0%wse z{~is}q_z>Uw$!djPA0FHT~AO5#>Ny%>2m zl6GVIf#8d}hr$Z9w<_?e=?FLA>;fgnS>F=#Tu9w_{$6YHhf0M5T!Jp)X92J($fn^zav}Nb{APlGf(sb6a{Y&4Uch{wN)qi zE&_ScgvZ55xV;LnC^`!ZVaf8icyzS`xQDBen~7JgsW^p2-ko#rb$5MzpR5EDwfcQt z6;)&7#|Gz77L=?lS%Ll1jQm_!gpoOcv+yGl+ta;&`1k={-l~+n-A^#H0EU?s#9``X z2;P)4^~3}Z-(8eMq|-meEG{LpzH>Sj`!`Jk({#QhQf^}({31|_2?h^01s9z~#W8x_ zBYPG-`x-Im8N7dTeWfXfou1x6g-+laxJ$3O?`H4p`}_=&YE7H&@ti%VgwatwTd8GC~v2uOGfFH?>_zKPcAIkfJ${gFL(1CJ66!92{8GE#ezg~?E0Jj z%*~$$D8dMzcje^Dq<;z6`>qnN4ig_tlp&(r83Nyteos$15x-`@)n9XQyKCQ*w6tNw z0aX9jzI#BK!e9(cmALdba!zjqyMVkolGokZYHGktD!V`4Q`%!?!`b!Xq|10bY$q+9 zoug_#$h`6A(my>TUb*bV-v~t!88mqDc4+t?C+ac=2&D~h5_S%cjgB^#crE9maaO0q z^ZQTZ#G{Cs748ZOw@xdPNRn=->$3CIb=^L^-<1v(=*l)Xk?Xtt`Y ztE+pzmq1$0(EqRK>W9j>wI) zWw+rd&Mr@s78Yk=gb7Z-=dWMY41a_i-E2JbRZsC%#~35e2GY!xQ>T2>xnok$gK~0p z=03=sZ|TlP)nP5rZ$*taD?G=`lU%0+>wVc57pPlDn$|k-CZxfmC1HL4VHC#0jRT_uS%Ejt%jyCuackI|B;kTr`5>L3sshCw4cW0%*9G|7YiTI`b4|@-A%-Td1hqhNlqM zko|^#dE_!bH8LM-oQ#~_c_0U8c#`>`?XTd1c-yoxOT3=h$%^v9Q*AckU z(%ftg1pCf$;9OE0y!#f5e|~`p6yC#xiy^u0npo;#C4P7I@slU}#l+NleAbI$G3lFo z2N9eY88kID6?@XBgq8MI@O~Y~0g4vfR$}~(#plTV5LX)!PF{qcT+_gN!_e^%bb3qX zdW*WADF0znnabMQ+Ih(b2*j9nCAqc$`NGX>n?c-p^N3d*&A< zC)xsSBj?-d{+@cwqQ>ihm26ai5ZvB?IUdl9bGJ$xKh*=RN7qQP$ShM*h!d7NqO_Pw?g9g2DaA zzLSeoAeU}|LV}dEC5w%Pr6Os4#SAJ7H$VSY6du9`s$E3Ifa%kZpqU8^3&(}|{P{^G zwK{VN^e873cqu6SvSd- zZTIdnj990o0ZKTA@0TW+dvtEd%gAg*n{9n-EAP{B zC{^Y*Hm5Bu51^J+VF9HqCJO5y+M`n5zGeFI<%{14D=RB}f^^%rlSP~{et(njpd@3# z(Hc$BLO5dJC)m5U5_II>FI}Dgxs3@hY!Hm!4;-@sFt*6D+3H?sD1-I>F8rv_!?!W4ftZnEB{J7Wq&7y=PoH z3#Ej=5ypnS;OM}k5N;KeMl;XZV9z6_QGlC+O{g5%TyDQ}$nD$j2@mjk22Ze;-(X#%TnPXzGOt!m$jwMKOxNwVyG0^5Ni1lZeEmMp~SXf!*!0Nv% zETnn94Gh1oE_)|z1OIta2WS6hTQk%&HZs7qf-0Wqt3hF}J1Z$E3GtyEnF6U}130qn zJYKe*o~)pJb#-;=LOuW&e}Dj${4YpIJ3?OV$H67kSM;kYLW~~Ui?dm9eGI9UIj5-T zV8PecR>I0nTt5;U)%L6>mk(Uj*0#3i_D@RUzys_sd(-Zx@xPmwz3-pYLm$ztt)nxA znS1>(I}wKhEv>qnmZm=yxXH=@mrDvCkbE&Sr3nU%|>F$}mL3i%RK^z<% z8=J!HFb+sKIOF${&y&}E{h9)ADEz%2KYfzc(1>aHgX4_hqeo9F6Lb(D8VzO~g`1DDU@QnaY{XHCegoU?b{*Is$ zJC|lp?@{iBrU`+E;(^~S^0rd6iFJ-vzJH%W-&Ewu$QZ3A>HYHM_y?)N#*BRXQmeA& zmo=8kJf2q4q+{!f`>%_O$MDsD>GPiNeO~>=b!ypowm)IAyQ$IMZgzuYtg6fVY3|DY zJ*#ijx&PC~=o=V`K$_svEe)G13|V(TEEf+KzI#`X8BD|`I~-ks5tF?K(WZ`Ie%i$3 zSFGdf*RTJo>;D;LAzDt(%v2I?7Q!9|TJORf{78SBogm}l!1TiBV6V%SlJFGfE8I@F z9Nb&*;4(OFUby$b79*#kQv2Kiq8`3+X8tpbBHHxz>VKoz1>qV}7`phkYG$fUxChJm zVd@G3WOMS!_K3AWipvX4x1wv=`lGI=muz<#7O!P9(h8PK*~OkMrFUKB+pw+pr-1Wc zYS|1rf+v5>e;Te9|5H5hVb>Rm>p!Pu<>ddf-Ey_RLNZ@jYAeMkK^o{=X!4zTPFSfZ zIXr!#$8rJ!W@qxHrKiL7`|>wP1`y*5lNH;h(17Rqiy0;tv?^CX#2_5a*a|8GZ++IK zx_#EYV0Zk1=><72U(&~8cGW(Z`C&n7_Q;^vwrv}h0dBi2)+Tci#E{N3{!!$^|JQVc zka_Czcu)UUffK_O1}fopZ*Ol@5R(IoXdOeVMg;Niou;_uI%C#OGn{pz4ZenCOdLo>&Y_`zSV z&RTEK>abJSiA&Nei#P4Q6I@gGS&7<;B_paj_Pd*T-d0m(V{b7Aehp3U<>P%1nP?by z-8^bt5@tR2;-yvF;e>$)jL|vN-F}@l?sXjWUTCyA@z0?1(G^M#JO_l#J2ocjvIAal z3RJ3o)r2Gs6pZ-;JG8emGE%(NriC{~mdo~2XD2JNX*iUpr!AJSP-HHVkqlq%#>XIT z|K$Ux&CLhjz{pl%A;L^eOKS+*v}KKc(7Q%5^J-3^gDm zVd~G!{QQWH9hBLl-L7QdsW6mO;NVBDKoGr6D7&|Ajd-cRi|{2{fardoXwSseqdV{fINEn(ZM=U!LHqu1 z^~q%aj@F%9G&D0Q=%3-+ar@BN`NNSK2Lti+H#Aw^IihD`!h>38L#RBrc@g{~gir_h zIaPZd0rlMlP0i?!}*_V?ns+K2x4)#oOn1}5eeI5{=%oyKGWtQHw!xO{>O%)f2fdesPEo7xEL zsDMBnUv>cc&j{^RUtj-=V`g=E`3AyZqpU2lxMjQCOy|mq1X_@R!?xvV+B8~y@8}?G zGbpgMV$Fb{kp?jijlZLP^B#s^I+zcz>ac{{?XPeF7eROwK_u{N+3!Yz*?unJL;(C2 zsdXy<;@P|Zy>rZkVPrw!RSECm8;NLi4B!*qjfvR|HJSUdR?pxdANsklO?V1;ft%3H zhFOO#%kF4{LkmF}s=}Ep(MXuZ;7Ej|YSf9;4Nq?)_R@iq2OCmZ!mQx0 z2-v#o4t)b3^eNbWs&=vjz3Ih>2pP;zLmsVVGl5M(1lmxhbDb5E-jyq8x{}FGBfK?G z@;P~UHepz8RnR*gq*@|3!A}?K$Q7{}4U*6lZ@?wZ^xv{Kg#7Pi&%IA95!}?+V19NB ziwg@xxd$1^>MQ1iCqtP{KFAPEj=unDq;Zw%$EW-IurS?!R4%{NxP!cf_lKLy+Tw6Z z!sFCbGT0Pb+=O*F@H0^Th&M-n6iFXp6NN4ijqBX#L+RTyATzUdRLu;S+|DW=a zQ37ozGRDSx;X3X6`P29UF>HzW5)&Ex&mq>2ZqhM1oB{#`Lth|o!x`YjP*5CA{^}VU z^PIdq7+&|nR8Y`2Vhi6Sy6A|q%*Us+cTsO|#2Kt_ATHZ~fU}*7f|By0hDO1Ywm1Z2 zpkBCWZ-YX$J9Zr|a5#p6a-e6P@?3a4k z|J5WZyZ%3iao?o_Q3bA3Tqw%OLw8|=I{YBV0p7&V&rd?o5(W<&LZj}9?g4p>76Tqp zQ!}C)#v-Flt_lqkf?{H6>SKCu-@QXwy%kKd$kW6@XHg-c8_**kJ$dq>_c$hLgt=H+tBO3UHgW;siNV1j3?&6xAanJ;lnb1XSe#LXR^>eh4s1b@gZjJU z+E-j%G92J&YRQwHg+z%O8yn#JHO3V6@9*Dl1aD>EUq$0T0B_U>h(v#D4C5u#wM2a? z?lS)3#Q4Za$Ul#p;s2^oCGs^6R!#L+N5sZHce%9l-wAAx|KD3#uIG7Hmb{zW+g_gD zd33dc?2Iz$P>`3$d8FxGoMS*z=l%3d^%?r=iI!KU%N#p*1_+ydErVYRMYpauN;G0b z-sH^CCI4agMo_FPztO1}9X*JO(03qoGt}WtB$(#=VMg&|$zB`oE%zrZIRAC|L`*rk zNK`7U_j9ze=DXbOT@7Dvr4Al+o^@GYTu;d!Xo&6aSvPxj=2MWEESGyi%azU#1MAC6 zvHfc|bQkj1f8FXxycMJ@Yduc-52=1Y#-u|#?!9{qAZKh&tTm)6EI<|}{7r;mrm1N= z!H?7p_4VCABQD{P0&!+;ZQYzv0@ovimSb*z_NrdGr2eLk(>(!yeuQ}k$PW}P%ZrP9 zK(FAC%Ab1^E5~)U#r!Fj21dp4aoghG*f=+|51Tb{(HE;eh>pJKxyUbVgf{mam)rn7 z-+e1{v1>hgGAb%x^$iRhY8}Kqs9wBiU3V^ZH)N*K%hU<@^67i`)5Yt4LM`OBZO+yw z&h2F=|J=^-^)T(`&3|rW6gG)H7B2ld=bhVqb@@@lc8dtpGqUfjXLMsCnW-ohI&97v z7hG()lrUj)>Ao=jNiOYwO6wFG;t*q005PW^C+9-_94%oFZPW7!MaUpbhzNxpcXtrB zvN*evxA*e$^VPGL2&=f57?-3Z8%)T&N{Ytb$O)*;Tdd*&ORqUNNTYQQSxx1xwHIn^ z{KE(2cQobhE%^F>pB7%_GjhhB2)hg6>%V=5bOwgUZ(e$(vC`zT$3Hx&km?@Qe0H}N z2b;@sE9?6F`f3vQMCK0Rz3pyG?(9r6UORS=`U@`xFYKF0D{pPB0%3Ra`(W`TN7j12 z`g8OMUZ?o4M5lj<&M|)PnN*IxzKUB!00Fc+%9;%>5EK|rI00=VB0A=&_JK@Y88tg8 zi#e{q@Q4?@1=lStw?G=?ftm}Rt3o@nJhI2%nHq$Vd&d@Z3fUgh%~b2h%v=SK zSRlqZVmE)qw@zIAg}}EQOx#W3F81SNenN8F}V+30edH> z&a}s;07Bs@+lc;VM3kW`9s^(5U{v1*By`Ma@NO^z!^3kJ-GdU8=DDQPARRJWezA}~ zsz`9fK(lQbU*Q^qL-DTCB9$sv%EZ!w%Pt3zDH_(GZ)W3sGq+<=B>61-;&7O%TJH4r zgC%_X|FDAYibSLEza7nY_%MpJ{xne>al~y|H8nF&RKP}xU+jA$~&(Ou=ha$rh?G{B(rWX!5dtMG*>$d9| z(dlCCE9mg97#V(r7aRX-Cz!%ojhku9Ug*GS$g%g0R)?+mWE_3x1Z&ws4D;5lAvv$3 z%TCsBHR#)r^X4Uk$Su?B?BTasZN1*0;#?#~2QGy`!SK zj*VWy&*0_AV%<nW5Ipf`hYs5|A+bL@m}@0Q$9N{Y`@<$H zq_x)AHR|q9DLzd)m+j#_A!UbxKgq}P8ikF@{FJLXH5lT$(r)@2latr3GQIA$s`>Pt z{czTM=8F6gE5Z7ccM`KUNU$YoyJeD(P6y8DbG~>{<9K#r=>C3XiHDkwonLh~ZW9=Y zs=mLyX|Q;Hb1L_F0}~r6JH4Z$Cv#jXvU}ul&l()^x2+b-#x$AtA#U|vI7v>iynDsv zYMol*{A?lz$==z;FZKTTmG6mno;^x*O`DGQN!|zYV8M*C;oP5fC~3qH5f_b1ZR?bi zE}QvB51rjWPky>HImnx>fNp1Ify3pItW2#8=azQ0k=A#as=MCYZaqZH>bsS43!m%* zRolEiGhw36&p6`Hx1QlhBf;>aPF7jIK)MC3OZ=F* zxu4sjQLo`f*ISPgu|U z#U|-9O36}EqzePjQp|e7Vg$Ve<4=6MEz$EO$Gm2CHMB7+BRfE=ZjMVJpUxwH#h+yt zM@mleft4E1~agnp!&lPWRoM61n1#f14Lb5C&-VWr!PktJGfiGn5P zWFFD&`q~-LQ}QLZE-50IUH<%V_@~!_oU^Nx3p0B19*G|Gl&4K^JbljaqdkCbfn%#& z<=LePHtoZ^B$u6iCypkX_k2j4(!Te(c7LT@_LYyybx+1Pj%RK2{xwoN)1^@S!0c=1=1bHHqO58ygB6mQva80)#9fSQNI0s{WUL7 zk;l`@C^2|h2-2uH&#*P`yl>|A$yi!1@{&SU-^WCs{bOE~E+5iP{^p*uIkNU`<*3Yf zAc~wUT2-2wX!y^G#ZZE;gb@kj8g3dpPS?98W)DeRP7%HS) z;>m=G3fP=}*1QUI&e-q5*6q2^&XrT6+g9W4HIrfrVG_1K>rI(Q-yCRZX^DwMXk~-? zfxuzE0*>gI_sTJ1)XN)cT4_2tBV$Y3peG}|4RcY^>YRs{BuTv)RI9sP8g;2$IsY(c zCssG&6@A0AZ;`*wEQ~q&X>zEPdLOOM6LMh^$F6Q$ZTBE5-Hgd&$NXB3%Z>*cMOLeh zuFQ%U36f0;jmY%=QiwTmjZN&}$(ooOGV$2elT#XjulLzr@?#>MDif%Pnl6tKH0DVR zly4nkc5W#Nk>suWlQQPP5^<_SSGA^kWq;gDgGGa?0RevDZ9Xe&M@yKdg_S}!ImZ%b zD{c8j^>D!QZht0HGBUCB(f5L0GZZUJ{TDB*sT~P3Im@@haO}tGopS1g!sCWROP_MR z^0TGN3(EN&W<59a#B5mD{g~c;Vkhr5z0iySo^@8rj}xMsJ$7&62>KzUhG|2tW~$aoSJkuS}Vw3oJ`QU@`UkYlMue9qc_R@3;#wD4+`1b*yE8Ro4c7j=%=L=M{_)bsgY={e4=HWer@%H{ zS?F+j5bnnrOUqDy>c4$Lelc9?ydDP{+@bCF5s*t!aj|*)=g*rv`PDo%&5hriHmJ5P z%?$ZtBVk;GOiDix#7lHgY8ScE@7&oOcaMC}dB|eKAa?K`!G0Tu--q$Bop36H*@1)x z7;_87#9^)WN)uNh5s^wnK_Ratr;=9`w{^}M=2ChL!#qSiefG;_S7hx+lQWBJZ{Pbd z9E>js6$+A5W9?`#yVxK7;No>>^~;xkENAC)&UEvu4bW~2DX-(FJu8tO`B+(*?JaFz zo#9mu(9lzLQ(78F94Vh4$kCBottqm6 zyr88$<8d(N%@yN%RZS&E)6n%zpMqzeh+B&H?+R-2>DHI*v3%v)t$!qU~wZRz`jJ=|S_~AN&Tk*AUMQIHUYH?KOqTf^Nf+H)qL8bE&UBbbC=9{b2Lt zm*=T>R_oYH%L9Mi8Y%k5wsw&52Fze~+-Z(A%reBs~Ir)BFSK%z{a(+@q)625zw#D$C^+#h( z%|8q}$^+_~+R|oz8Sl~`OIc-D^^A&IjaCUb6v-DlsU8EWd!uWB6?e+nAE%*?@e6@MV?P(V?T@LZsS=Xzt3fcLJQBvj}| z7|}A=lpbEmbC9_Z5`l9e;`sA3NzOab>s_BQ12$0n0zR#ZG3)(e>V#YH|RTP z=FrXLz_<#+>!d^x3{|SCIw_&no05gd3D@rL=_Qd4YQ=ait)I)H&2cmjL*$Qih^~`N zK6KoE;NR7G4>ba+`8z>5)ssDlWCbt9Od*Ux8xphU$}TN@WlD3HwWeNl35H2uJ3t#j_JTR zsla`EB7(w{Z+fxtR|z#bjeOqTe*KbT1@kW@+)(?KGLx4BU@ZcC^?0wd-rs&Ji)-%C ztXW=cSR!L?uG_~mwFaJ&;bVp56EBN-x>a=Vs^5&7p07_-R}A(~dQ&HV)?>-q?$&jR zWX@8JpNr_DpxbhB;MMLw?lj(d%e#!k7_77$odylJIVT=4?B2^gYOrIhpeycca;f^! z-MfdI-PjvbGO{<_H(mPpxn?_)zSD0F&a|&g@}Ei^rav1=`211(DH<7h?1I|w#s^FW zXCKrRB3wSmPP)VKd*Tu6{rH$0hepCH9F4bi7R=mj%zpGN>`Li9)$Qcva#JN1+y4h8 zi0t{nxClpt6}iY|VYCQlXA2-6pyTy`LolV=aBC(Dh-v$^6}KYSDZg0=cd(OydN!=aM5hW2;ebK~HT7Z;1Jx|iw&}Av zyX*Gt!I7CG4rtATugd_FA5$NCy+xP9OZMfZS*t23B0I?$sb9G|Yq25sm1@vTy-3yo0SC0)0?s##vh~px4 z;a5P6OBk!XY$~Q?B$S_S|Ckv*F#i znlE_L>u~Z_FW;n&mvSe|&yq@G>uJeU3H70j-(sl!q6Kkf{9eOuks@&?C((%eI=)-i zTpaY5j|X3mi;h&47GtWmtkGQ-lj6BqaPc)+)!s_^R@-lU{3q^}i)1!VB% zl!%d5a#sW!RR{f5ejj4-*Ihl)I2RQ;=`h5x#BhjIU#u=(qbsr{Y|NT-$3}s~k`GyW zt5d_rm+vwAdg}TQew4e}`NXtxqc2lWc;$>+#iPnq0lp!{GkYI=?Utq@KX8b?H>uRt zuxg(Bs-9N6NS>?4?1%`SVdQzB&T*pE@rB+sI=8pYWr3aXGIGVY6$-;}%95tG8W+iL zWx3>;Z^+u|E-rieG*j?IqrGum=^Y-An2-H#9D=zlm}+g*)uI!nev5e??BNCAy* z?KMhPcEH_n=IG;cQN`^f*^zhmY`qS5Zp>K{MHd|KVV)$!2Sp`8A@ z4}h?D#6l`Ng2|p zi+FIm)kd?IKs)Jc+dOs$#9J?wj-0fP-?Hs|^!fExyl3FpYx-p|rU^q;zJ7n(n~FQ? z?T70|3LIDW+w|Ox7>^P0KQ7*px}1GcRfdCFO5Yr2XDLc0B@VmW4#!UI+eOJbsTXXw z&#tPe{!FW5WVKb`6(y*ARuFXmw>iJ?Z`A*a}&m!a0IohmFRm9c`*SlPZX0|C_ za;~h>aTGH9k)2yDSFH4uzW#2K*3Dhi-MZx$>!?iZD&OS$Vy;m5gy8Nk3StgAfL<07#} z0Z~Fl)$dY0Cf>|S=E)DeAJUgAN|w)D{>tk6TZ~skf$lcfACrye*h&H(yD(i)yC~nr zPP_YLF^AKP$OjH(py1|==LZ^Q^-i9b?%0hPB!;kXyUq;K!};*pU10@k+0@*a7K)}P z4JPzp+GP;05+&UH?lJtH`SJ(GEPo_b37<7qlD?hYHe_J5uD6U78UKQ_$#w3|TAJv6 z_{rZlHC>Vyey;c7L(Ts951Z8K$)!bj-poDNEpEd3LhD&KSL z^Hh56z4}A8ovkZV^QgjrZCGPc?&kh9RgSHb4ll3w){p0kr(2~*X1{o0tbI3rA=E5X zKd`P==LmE3n%k+u3v6?Ox1CSR{)%fBPPT6qS)C(*V3T8Y0-AiJ)O~7YjHO2=dWh!r@^jF)eB1pR~%&i zejwdrTiOJq+38oEAbZ4;jFN)^5+K*e`x;3wNacS_##`=g>qr2(4>7PW~ zyZ4zKIXpba)_LXU;u7ufXLljV{Wqj8X)b@ge&+_2`%-&-)B3AA-{`N6(Yu61k5*1B zm-r*8FIOvvwCcReyOAa3SmwCZ>e9F4Z^}A0PbDo6FN)&W12KGGR-R#E(u<)@ab@}4A`Q=SY;8Eo#`MmLjjU+3@^ zZn|bgF6=pOS;qa4QbbOnq*{PK>{2_;9jBaMldR7YvL8O&;N5jJ^_=5g(uPvj9+h^g z4YE59kzVvniN1gjwi|=RZPkK-lIXrjD*t# z=?v;PL5-)R4!MMQ9flYN4YCqT! zjgC^oPmyc=U3KNgmZwlem**$Ubmj=BE7+VHAt50P1GgPrx9*=@dKbz)i{PS0+S z=N@-CpO7x!p)1}SGURqt^yrSli(gVUE$bV(ot&7C4lmEl2#<(*sL*j@T!oWnSYAq$?DjZ)4L z+GW`tDpD3n;R}NnA6a(%3|SLoX4r8<=n}KtDcM%a-#t;*^j<_zFr-tLl7=7koba=g z5XgwZUdv+a60V%rc6rLuv9pIEPQ=8; zRebrf6_Z+KC3#v2y&4X!)^cjXM)Bv*#_;OJ&0JmvNE&I+D7^JRKIwuZp zk~z&|+3-?TIXLe?tO^kIFR>SOX{hQRu*;VG|sCVxMIo(cI&m^d8 zyUF`@jjZ=L|6DFAb!X@Q(`|hv>aO!AMnCi6kNFp6Opmdax%?)*(3#w48BKLNT%{tx zs;K?m=nCI5l5`Pu5Tn#t*%wt8-X1L1}_ zGwCmLUYT@XG3)N!%t~vXZPFm)BxjBP(5U(<;@-lB{hzL$QT)6S;Nfg*cxFc>Rlw|| z?&Ad^Y5Lv5Pr_MEFCE?F_5uH6X?v)zRd_u;^JQn)NV_2(gk^zHq`5PhXS88 z>|Sy3WYWxgAdz~IZC;8^-@?RiKKP+%JDy1FFebA(OLy}l*3`$9H|i?ARo{Ah)wdYY zHmazsk;r7(s@B@;w#PXh;Ih$C(WdIUI?(SdC(-R9w4dws?#k-4SEXTLyfz-D?uSPl zn**{+82>niSmxql42R+qjxpyj)@H^AOXw;@dv{y2d&saBhPqwzpmEB(pqVkck)#|e zME<*$r!?Bk^n1?4y2VJN&sSx|&vFlwS)W_h+#s{o(>hgBSLmx3n5547$T)SO6Cg7F znA6VfrBjg$?c@#3z;iNbqpXJ-iu1S2j2ETNBpheHX)D=rO19>(7pY+8Jl~kDmzS&! zH4Ar-h_y--_`I*71Cv1?eh9I={T{Gj5zNs#vB3PhcF2GG40W#H$Bv!qWb7^G>T18= zYbmRR?XU2DBxiQ7EV?SaASgWg{Ey18FK50G$Nt+JvFM5yd$-&Fky?{tl(TRd>91U3 zt*Dwib*A1ba!1?BsqSZSlA6agJcoARwr^%?YT3EU^aPe^V;>_-H@Q7gvP?@%PEoo& z`0f*jlqWHsMhHzz$7|0W!NYQio*d>?tA*dSEJbe96maz1!Vv7{=0O*>)_j;$IPu`* z(PNlir5qzDZJl$`i2HER(`S+#2qStjU=Xr-XDY%%)A_t^T~A0qIJ}X=pYxz5pSL~d zcHy%|lOoOLyS4(&mp}7AH0Ho$@!fScUelY5WUU3}$_~%D423!C&Yx?Rbfdo+go=?_p{I<(0Wz!CX%^oezS=)}iCy2;P4 zAFpUFu_*4LzxfzIZjYl;>3B%`9=i*?PZ#$jb7t=zIM-QG`H)PGJtl%zgDVDZHNzs&3)=uyJ%{k=46fI6)|&6F;kOU~*Go zKILxoCGrqP`N=;HvS&RSo(1qIik=qH4xdoKYTavrlc#M9Q~iajQ@>7T05~p~Oi;&* zdvl_ZvWBA*M7N8V%Xms~3VH zMT3KZ@!k{u(Gn(@;R_))4o`0H;K##Fkwx%t5zb)4YWN@x@Hnz- zF%dr&CvTWW{1B#~7;St(ur(Ys^Fsk%T6L;Qp^ck_No9kdR<9;RKQr}u6mu>9Rodf9 z>1bOU`}H|TrJkYGHX+n;-^AZMZ2%2>gXaHf?=PdO3cEH?7!goP43GvDNtKY2mR3NJ zP`Vpw=|(z5r9=q{=>{q3QfUF{Ryw8on``6qj`w-T_v@U$XAg&av)9^d-Rq8d&%CZS z0`~Edgye*1BFBh0v@6ZRdze)Mh_hx*48se*1Sw#ovdFW&dKi`>i7O4 zAXIkII2=>&s6?1^SXyc?R_KqT!RNWB;f3I+1Ghs_C9|9;zR+5%PbSSka!$^yny`ol zQ*_supJr>cS6dpE657K6=3LW}Y^Ll2qYaN`!7q^toiuROrDzHRPN9e4`NG_i{9jLl ze|qfvh6R2sB=r=i3ekk_@nLv-xztt{XVd)Qd|@)oTjrY;hw}rY&s>*}D?tP_&`7W7 zET)@WC)OA|Lzpn5^5+EZA5qFuRkWDNLTGHyre1JQQ$>g%ZWZabq};uY?c$^uNh0W0-Vn(Mr3W7e-%>;54WXp` zXq4&%+28a<6Oh^>i#RPzDD1XMSgipk#&tGtu<+NHS!;Xam`r))L_yk`)53=&oV`Bp zn_CZaW}_uc0O!)9L1B`o=z_&V#N*E1dJ<|?L+%Y@EF7O64B@l~C7b-W8W&Da9yosS z!55|TZpleBRvvD)`}8!BXkxWK16!VCdF*^k$JU$Zw|<^oqs`5p8M|ZRrUTzEK|mzp zt=PTo!s8gl$<4M&fiK)8_8jXFvif52K$yH8!L%rsvReU%EvwZKiTUvYM%tQZ1sYF@6MBtLr%nWM30|EU6$NsmArO|CO)48 zEeF3IaHQD<+OP|dyj6ht^Ly?(&9pdwTD9L3c8EXTq|KbYRQxdq{i}1-MM>j3&QIPT z@dK6Ok`e(JnUs?g3Q!U{0Gl_txgRry)qq zp|g4?vDGx?kH^vn|-(&x8N4}GP-N)^}z6C zqfDl|4E4VfWxJUT23n@9S&e%bRAuC+@G1LoFF1ab)Uv#pmY-FGV|-*e9Xip$Qt1zI zc|{}FsW~D^ll+a=HP0E?JFdG@fx;X5cROP5V5XMJx3&IC2`PSOLODM8)X4Gex775`f^NgKkjbN&SMd(d~fHM`c5vpb!o+Y4+B3aQ_WaTva5{535!3&EVO!O z$`0u3(yq8i`JQtuaUsdE4=h+AT8u{cn^=D?KfQ2spjX=tA0`BNtgf(Gy=7c6x-K#3 zs)zZ!eI(4aEW=yd;{tPIwbcdi?z2p#+zR~cjlpr*_S5IQS3U0zbta-c8QobDnx^+t zNbKxNQ?@84s4sqc`p9(cS2jMyN42NJ&5uK+C7lNOZqpmw;;y=k?!lwk190!q zJg_hD)+CqyrF{eK2LCdpMb-l_feQbyzOt$ndG@TMH9ac}Z$N9SwEVup%gdDe2|vd_ zS99Wp*`vAPJ#^Z?eSPhkP*O$#A+JkZ!OH?K_mNq1Y6W~bDzTfK?@wkc1C)(r-t)!w zJI9U0>NK-lE3h5Exh~z7l-%Gqm$6F1mPfDDA3G78O!M~5n`miMtBL08ye_BxN+BV# z;=+wwB;02{*D2 zi~S3`>1xiZnBaM8ZcDfM*1;quugloyoW)wo`f%jZFK`jckx$;Tc)cpA;Ngj;Q@75{ za80SsYRz6s+vKUQ5;~b}5zfZ64c>Tj>diYe1hlm13@qa+1*RbEy8y+%|E4e zq)-5c_p=$!CvK9768yZc4(iL)*1Rdrjy`Cs`P0|;eX{`-^MQS&Ieq-yar*b;Rm1j{ z*wtMQ(O>0`ydwDW-@J(n8C@2!j*3c3$;MW{fNQsE`P#_n;HtoNFbMpcAUTsoi#460 z8X!jBjqzCO=y*X5<+QW^jmK1+WNg0mnA7GRTJfmY}O zHBVNX0JL5-$cCWt_x1HPg}=zrs&NZSzI8x2kJb%gHP|`YY$RY42@_rV@*GlHs9408 zZ~f|mrlRghcYuuO8YIXw_C<3a>HZd~q+x2S*i{Ge}VUh8&p!!<_zXG&3QmM%g; zd6Z;?-ka&vftu?lt!vDo9~N}KWvs5RFXGYCZs0l)%L*mMr~4@4l6+VU;@_$J6#^k# zRexb+?RRWRH>VBJFIl9IhpHD0U+{0?b=tUn-E*}vn1Hm8;FZu3ul%&%6SQ)BKf$!O zActjQ>+`;7bFxc|hW3F#e|OTwH->Cz zNf}9m7rtnvu8{M5ifO>&SRRu(zHDHSe1|LPCJkr6&fx0l3-viKn21*Eb9vd{Qn06; zx0fl=Sp@yO-*B~fj1jCJ8>r8*ZZU7;#()&m9Hn?FuN73gqba$vw)2`=O!x1o@T6@N zLu=6+l9+JMlga>Nf(eCA%@4s@_g!2b=x;>|cJ~~!^xMKpo9UXGdzDwKgIAYH*$wKj z*rA%T@grT)=(Tq;Yns_y`yz7Mxce2&gFpf7D-@QJI5KweBd^^xcP#s+RG#zX9mJe4 z<-1BPMxGm-0?*a@>KGs5fRbfbxC^8akdR7P(RKo*1KU@-yZfYN3T&WY=Bw-OCCHSH zIZTEUR^GR7GpfXd1|U`3rDIio;zwJX%|`NkSGuh1^3Nnh)m0L_b{K?bLUR8nC0X3^ zsoc+a`sS^z3 zpiyS8Hy#N*uyx=xU%B^UD>Exor+0immTlG;1b=a5G~}J+n0JVsQ2lxyGf>yqi^-kO zZzP~4r%gUWz|x>GF%j`Wv;*sAaM68Ya))-|k)5zRKEM7Zrr%(m6&RN&IDG%x`oa94 z9{J=%cU6Hk@M4fZr;t!3Ep68X-+tncViK|?z2+{(0`pGhALWp5Vy@~*A#^g#!Oecz zm%(1W=Vl=9q&3=v>Uonx@SV;q?n@?~Xv)h6DN0)QhHq0W;LI2$pU2FKioRH|-`YF4 z-NsWGV%INd@Ox@LAzNkh_=5=boSZfFske)(6r&BTWjE$OtI z`KjWyc<)!?bIM}{ztanIUXfmGw*50oW3GP6ZNb_&he+Gj&zmKrS5s;4uqSf)c&8K- zfzZ&=NyX=rl$P>DWV^sMP4d|9`-%hwizAH}afztgVeio>cmG2g-8K4pZ?J?{Q;}-% z(EYvu?S(sYlm>W48P8Q!{XWDrt{;+lKJO9&Jz2DIW<$qVvO{Hu2kKiQqx#*`)kV4O zGUg+{y9rXWXxBvcnhOHh2M4y14kNHnAnbm+pA5M1Yn1@m@Eej>zqQ7qn&hC5zz~1s zKUjN%mXw_Q3b1;9oC(noh)a;X@1AIbQ6XVh{aY(~$K!+yf+6k;eFmQ;6L%gQ?V1gi z=_b-DiYih{|2ohci+-QOCCA|)WPU{U&InI8>SnL2j8(g~;PdGh^Yf-t-S3~RQ}p<3 zv#AY}A#v08XpzU4W2h{q`1CJYXxqp$UYD5&{%F4Fp8h=dgZ@M&b@yo2`@t8nv5Wdk zpZr*hS>HN&y#0zLSVI+CJSaK+Vz8{Rp~tIqez25tNncIngWf=48aVad?70NXii%RY zzGev+IsMoi{!CuJ~pYjOg%mwZk1Xbq#m%Iou_P>xFG-6He|gm z_!^ z1S#*gTAP~sR;<)CDR^u#MP&rAg zx{8Gc`L%I&JeNSAv83g+`}w?sbkMQ{*#a|Dx(yycQ7hCvG^gM%#%XkOsUQBOF{Kb$ zX8FQz<}|MrBAZjcssxlsxg>^oI9iv*Q>>@PpNGDesU^*0R8W}KISDQV_ZgNumVN=X;z%kwK`ta&elZfs@o3S^mm z<@I=;5J?CLyGMJ2heqZ8iwi5^j-Wk1aJQhT(d5F4e%=@6h9yynB;Cqt4qcp+&0XZ+ zw#h#i(C7^z(?JiXE77@$c!5sX4{q_^Q;VJSI+ZdPC`YU2M+`fucwA-dcnyjIyRqAQ z6MLANV`Ns3uTu)#Ti$!g#wIy{+4?d9@|ux?CY2ZO8oJ z1LSE9ju$wl8cAyvIb4`0b@R7{$frbn3^q%*_ALWQkNlOreiD~)A_0h^Bya5)sA#@jcVaD*)ieT{< zt!_Qeskt>1^p2;tm&ED+T6FpRlmsv>UhI0I$fj zUQcGA>y}O}O<^H67+X3wwm1LILBU*{8y4=X8&Crq6Oz8+`F%Ss^E>rrTkelvx{QCu zRJS@T565j^(pPp&=M~t2iL<1k_An^h_ng)kYh5-uf;hg%Oj$9636;06qQkLr%w;}h zHtW0B95~_q{3xkeVqq21aabb?{#l!zHF=e%=$ZoeVpU0gT@*CYwKx!eX*M%@b?HmH z?^6b`;lsNIsdGtRbI{d>`D4{c>gytot0x;hPrtd`jcIEJ!DJuHmh?F<_7HLNvs1C5qw&BB*XZa z&f<@pVlJJl#q*b_WVN!?&<`_d8Wbd9`|`SJAfqOnBf*g!mu58N0Ygt|sXd1^qmyg= z?32q+u0a0b?@n;*@Jm)sH<&JVu2gYr-MY^YsiEjniS~CCx2T$!-Mdp<-(19XmmX>D zed+_|&;wp|VP&~%;87HlyiEfd-muaEcHu&~?dnbc@aLl(mZd(VCH9 zi=_n`W^z6vBIX0U)xaH1bzzXg&EjqlIeZA(F9Y+mVvF)~rK!;k*Vrlzmk?&twPI80 z2PKvx6fRh&?m?{gd;D^%d8U&UUxeOaygu1H6H8W4AY)sMYxB4J$*|z13-dd*U#x8$ zedXCTBd_B|>-viF#hT5y`{OTD?|kI_ zktbVu>#N-J3+&e5A)a6I%@d%|8I>V`gw{aU55aAxzCWXT_9GGkdjevdiDKAfj z&jbAPWO45#^F9UB&7`D7VUHd@N?@w~G;Ld9VrqPDP_=JYiR|_>PND~2-dV6RtZz_- zf&CxL%^kg8n)?!RApFmH&_ztxP*&PA*dpUcC z=y4-`Ul*48da%y>+c$T$h11Xm9n>G&tdq;!n-&$7=H(UNI(2dUJ zVP?1?I^=J~-#J%5So4N#&(u&q*vI%e8YOSAb$!G%ib;PBp5cK2)U-AzvYCA<0R=qf+H zbI5A-NKu@qdx524@Usu}!nw}{Dvf5B*$Mhuj32#A%d6MenfWX9X>Ww(QSy?>!n*b3 zTJu#((QgyWX^lws3lg?E4R`~Lv}jpbzMKa?+L$h%EK^o)zm>Hp>rQ$kMILazyqr&A zSQ9p~zA5#{9b47RT`q;@b2-Z|UN3O`nfJ>#ZAh0$k{;Sy7t`$(fEBT|DCfz(N89L3)Z9dR3|+0A zrSVjFgn4D@a&UfB3g)o=Rn3#6iZJYtd?P=1nkA}Ze(+zNFzhz+F0imTC#t`A%MH9p z5HX9^xN`Bw2FLHPZ!emwpQLr*C4EW@KWVHC=8tYXXLOe$m{UEy&e+z<561|NaL)ZL zRA1F3#EXUN9`MO4$aH*!a8VB+>!<)cUQGWWOy<4){V5P$kRBb0#PTyU=WWe~hPDiQ zYkVPmjBONgMKJL-)P$u#7UJSuXGdDsiE>Bx(=Vn$M2{i&3^MN4yDGN z;fzT)@6k#!ZC9m#C5xcOr#@!VuU)tUSC4Q!C!b247y=A(z8-4xaF@;R` z?nNzb1ClHdZ{F*Fd6g4THK*368Wn`{AKu_aQ_xO4-fj110!}0-XlMb^(kw`g27mEtmAw+u|r2H*&xw8RR03r z3f2qtgGm^Gi?0N(TFUj^0Vh1H*6EG&2SNw1)042(q>IhT$fcbocaO#iKJ&1Me%?~D zLYnzgH6qF{dS`a>Thi}@EGBn4EWuit1L7ACp;HSEn|7~K@6Os^{l&sd=R^9PN-;BN zxLuv3=gXYIW8>EOM%OLji_EK+LR-ss?3&)E^pVw1$;~{~XbPZfeC5n5dfA`0ZTG79 zXAsShY~v{Y)+HIT4GqCTvj@dls>a$706;MCAOye)6^*g697naP_VQZH)srJosLk&z zqKz99kq3Yd2*WGXc0>;I?7KnCy99W+lE6k8lLas50!OX;WcbBaeDTu;3i& zaGu5@mCl%k^F2>>Ndlxh*q)_3Om7@BY>|$>*@>OjJJ`KyL3uC{;x8sYPVXES=6D53 zo>Bw4odTVDbi~A5n<&0B6$uO`P%x!CS?4`JQM<8na*ep)My{7XbQ+{5Kl-DA!N;QY z)eA6ez`c7fW+^j+qf@~J5Umi@5GkqH+OmElb92b_GU5ozAp!&A@A`cG3o%LBo}I8A zLv6Jfn0dvPZFtrdQsr)|-c7A>apZbs6AC0G-)C!}o5d8NQZ>-USno5zJqxN8k+LvK z_Z2(&*q;%_kFRJ8gg2g>m(qfIJFn~)sqv}(CkPNXRnAG2e#LERQ(3GW-@u>*|#h)^dE{E@*IDR zB9$uSxE=ggFtgpzQ2>nR&$3YV4>cMBz&3Z8f};JP9I9q#po*JBz=Z>XPlnvWJV@t+ zY3>4??E{A#U87%S^T2bA0SGx9FMchDbfslwf!}PlPR;O7i@o%1SfIw8A9X2@lsdq- z4%AO!y!x1sU-gwz$jR@^Sl{U7>I-(!$i&LP1yczUh?9+L!w0LsQ?FfPZ>9p*$19j` zcQrVvKyR~+rG?(=?JlpWzJ`JJjPvt->}3Zt?7crFA$DjJNWz;qpSQOJ^(|cKqM}k~tNEj_nNl5?Js8_2sQqnZYGcf?{Y3aHyEIV#f<^Dd>Fb`J1$bS*6K0r3gJ(gE&R0L7f#aDso` zKYyYpc1fC=GD0LlUP0j%Qqp5=OalNkP|^c<3At+l_4E0)Ck+5AT)T&0KHc(EW@1X+ zb*>PE80HiJBbPg_B{a1H)Kx=kt0Y$OEr=OcN=ajwSdQU=TVe7m^BCo)CW}3C+Kb7I z8|!w$we^};c35$syg1N>@^xq*1tF0~yMJ0*%DJUzBP13)cb&6m$fI@=&QWGXeu^L#tcJW-{MwxTd{up>>2jPycQwW zr8TLA-u@Jp;x`@ZR6P+Kk-Lu(S^Q&Yh!h|=5Sk{yW>BRjzJA>wQ0nl&E&;_eathB- zPE^!xpPuTqCN?b{U<5iH?QIapi(UuvsqQZp>Lr$AWB{+K*9xF2qMDlVg}x6VZxhP6 z5nL?5e7=Z*ZYo#N`Lnmz2Ee89$T;RhI#WJ>_HPiG?TQGyImrtig42^jmcM^9(uTwU zQK}JOwt6bqhiD<6>!t-rtGk-q6*cKFrwIXZ-VQ`1WY}e{WkNPO$K%@+ktTNScf(9Z zX7qomP@XdTd!)a0ekmF>D^E+Oc9TcgEja7I$kYOzQuBbk1uVIDdu}#X3N?08O{dq& z*sp-IBv#tz5fgLV*rl4La=c*&eZ^{)N)MB#O~jNee@7h`x-44O`MP#0!18NOs}-$h zF)Z_Wo8Pm zsjIxtxks~cLHQUkTdL2^7y`QKrC4q&s_XaEe1(0m3UQ2dM5U#1fs3Na7yDX)Q3qKl z1KbHW+!%rzGo8oi%a*zuH=oOa%KD5Ca&p3TBr1HIC)XMD7cB$GbRRU|qPo`Sa#t8WZ-#$D2yS2Sdv!p(?LTA3*q085B zYQF5JOh3+?LAd;2eO|`6enWi!S-CRbQ9w(OasKq?sdQaP*9qyIthR)9;`&nhz4U$q z$ttJp+x_l|z=Lapfr+ULUA+GH>WTA{1VErgC`|!^N#E>Q%`Fj8QNZT4(gE5GRyHwZ5(n4YoR`lLOJ~q^f1_lMyLyo)6=I8aU@xQ>bWj;Lz>;~~vvQxBTr+Z(lX>J5`gzrG+dOzzIgE=K<~D*K z{9EhQfT;GWIfPh$s=?1Em?TvJJl_h|K<1I7S#=$t0+_z5--T5SLoO^Gvd(2C>iqkS zWPxcfU4?oCf(Z(*uxHEN53hw+q+!ou3NksZrZg6oUw-+_8q?OH<=#;j`RV1aogHIZ ztHDOj*)_HM_bJ6OpWSb5TkD&eyptIAooh>E)M&8L>IAR;Wp%atUhj$LboF_9YxXkq z<6|G~!Gr|C-x`ed-U8G#Hzmp$MD9laYPb_FcyfbE!L)1FvqpIrP1`-1H~HB@oZg)| z0f%MJnQkY!okoCrN2l1IF^!tr=r_*XTP#+pm&O0SF|bj#tB;vq{Ia0V?zO2@Yg8Gn znAbH}3w>UUzbkxN_n)f2Up~q-a`=!e#qq$x+6|v@ey|E4f88f2x&x zuWde!P~16AynuzZZlTBgH$MhDT-mpB?VXs|?HbUd5!hE8Vmbi7M4*uo83_Bl_zziU z=y-soKEFQJI0smjM<=_rfGgILWCPGcK<&l{(B!&0I!Q`7gDO*rhJDT7zhfg-jz2y* z$Mg1eQ4r=%K(z-2`)NJ=61{2lutfrVTQig<6+mocErb-7G=c*Q#dMPZ$q$gpt>6-n zsBZRCLDHCa$6W~!28Z%kVZawfehH|^s_h8rHN0l7@^N(gmUy&XH836p*w=}q8Tabr zy(L$+2iv=wR3pX^K>9| z9AJAXV`IsZt4kF>uM6X`f2EZ7kaX}njM`Fn(%r1Gwk{M=mnJsLChr*-AV?gtT>r?! zHS(ux-BxU)!|eTxW3bt}_J~kj4$tel;ZD4td6tBKls^^aXhrg4VR?Cae0;TOoTu|S zpIoLR3}Dv%)GLTY9VP-*sva)H3XD~kzx9w_AGMAb#>iLw?ZJ>_fa^)lRSjF5B7l=s+-y#v~92(0K$ zOoeCT#>WLI1`n|*KIZBIh5K-pL6`ZBh#(LE672$)Z8OB30L9oQ zCJ~+!Cxw8^1#H+P5T6JP4pyjSc-Rk+!G_^Le1{;n1Ga;(lhXsp<2vUyp!!f1^g#xO z%gok#k=n}e*st^`kX&;6N&n|!2p_6}_&o2Q?&S2bxIpH*eu!*P~beNGC(y*x^p zXMV6Os6zis(oF_~>w2}Fg!}{jLt$+bIBW4s#H{BBSSFr3?*`2tuIzC!T8Zh$kC_*8 zjLI#jD6yV^$8YA zqIS{YexK#gWZfAvQ&ZixPHU4FZCn!fIk_8hDtc{Zq=MQjyw4?Nxvg_i!G>jBTSzn; zO?Q8W=u_w6?JHL@V*q;G<9JD%29U`CzFv8L7#!q)Z?D@NOay!tgp7@Ez@zpmAOP^y z3~DF1I5;MI<%AF-cqrwUEY2A`Qq!M@h#JqN z*Io<&4cvAhprb|qCAGZG^S>SIwvi(W+TYSbFkh)NhGJT-?%+7m0GMA>zLu-hLTx_v z$d2CayE(pP5)rL~O=v7%E3t-oe|TnBL^2)ST>V-n`Dr2r ztPqyF(MsA;#>eqMn{|<%e%~)0Rs)j4EqJspI$G_jJhlJA%nSpUu4xu3{D`&PY}$$0 zkGg?Mt5C=L?^s!6|KMPT-A!>o?HhO7eBuTy%A(iVbJWW&ArIb_Eehz_$kqu(A8Em) z0C4iGYS``seUh;`NL5D z+M38yU79`^hbe$M<7U?}6T0Op%?r;L-~tyoJH#V)fO`}yhJATi<* zt$bjrQP`lr8g{19 z&ovrW#!uSI=5aaAROfyJlLOZ{Kbf^m!%~?*RNtMSYB?;599>catpql%&phf=ZTjE8 zRXIqmPej#tQ^DeIQtZmux%rBB6%>|K)y=uC04SYDIG~r!rz|RdfA8u7iWWhj1Plkd zs`|&Sh^GSdLWJX8MP)ET{5&8uBgu~>3qSq<$h~obvqUc2 zvwMK*3Sg0lYO3B2F!qE*MD>l0`rl9(6p)<^d1C<-Kr7{gXrMrCghPCo5v;_7pj{#G zx~rB$D;*LIz)c}1bj-nb|4iZR@lE4oOQP&s5c6OiZ8iolwEx901=lS;|{l~8A#6P6Xz;X!9 z>$H^VNkCU*rzw{$Q!Iby6AL)IU^0YMMd6!Ry%Uk#t>PaulJW8D-*aIY85nr|bA&S^ z*HT2XiqK!;s*0LiGYwU*(r}b61ENfTe$?WB-R_IDt`38DN;aoP`behvhmgWNSeJij z?K84XMU;)X0g6u7`YZKYglwXf?)Gl2TG~ z8}dbBVX!zVpv+hwV4UJ)eF9I?K#>RDCKB8JN`Bx?0ZI*DV6eUTK5P^y1+0N%1~BZP zuK__B=+zJ)pRFx}kb8=t-vj?z;m=4QQ1FIjTMxbv3%2I1@AQc`=;#lYUMN3QE;qhHS5C))4aiIH97?6wSB?2=M49QQy>@+Bt zpj!r5Af<@`Xl8zG zEdW3|p`u2|h)(^kI&eCGWt0pQ$=~)vLqjiv_ouF|PPi4&B|{G8q^(WmTC-u zKrU@kj3E%*LxXZmvk*sc=L%C20ca@zn+TcP;G*&G4C({uS=yv)CQw2ElulzLqax5@ z;{qLoeB~SHr}KaYNU|ev=XFpJwup#`!Fb!5coDlsgiD42A|8~VNA@b+4>=qFR%hyH ze-pGY`9&AlWZ}fRu`x~B{Sr{m0MHXCXtLUQfR<29LIOuHv=hJvAmc<$-LNe3;3j|! z!q*K01H`akAYh&-^_MCL5Mmpid^~_6bC`4{dBVl4hV%7057v9<)2-5{7t0QsDlm>AMwL}xV|9k~&p@z~f0=KO$!4?nmeAfTD)M)YT8B@Fg} zEZS%~q%I1aPG&)WpiUl00s#0EkM9>?m1aNB1aB(8R3$-K6|17%{)Ke4g1Lx^nvC@+8lSdw1@ls5rQTyJ|j z9u*bUD@qZnw^C^t03IzTM*y;o=!fdJ64TxShZVK*%F1vT=70Ua@qhc@6BNBGFjup7 z_Vj{6Lz|$GEPzrOx&i0~abUigeUqv&Y>NhLS&;xbwbAs;~ z0bPN04O)mXq`(hox#9z2zS-+sYy<}wFys2E2KxJnz}qTi;S8=*A0TSUNKI)lfysE2 zgTrpH^Xk8a^A7v}ESwWffSQByIkG$EfO_8g#bPAVvYI7I$_9{$Zqw6ebL3BjmV9Uu z1GW`}a4Gv<0`S28%2D+JljXHp0U2$qhK2chZbNaoLpGQe6#oOj{2nk z=ZKZUf5$D(NuuI=dPA)ElBL+~-m4%H&+3(+Pu=3a>p9d|G z>cw4owYxj4Udkkp5e7u5NIU1R&W|zzma-kr4~}N1w&_~ zCmPAI z1p}%X1dMAZsFI;SfjY`*eexVon$?_og8GgI03HP4;o(5j<`1kFU`h8!FTsizd(Gy! zs?nn#Y6xo=;I1WL+MBTTmAcLXpYWBlLVm#aK#0`<=?+=dfXM(%549|l0D9S3nDuegJnDG(JvNG-41FA3S~_l&*5NII$XcQlx(V9Lxo2 z(X}Qo+w_4$1;Dp~Yav5`>ug5#7;uXBV*hinWrhr@%R)y6@}4>YUc}wSqc{eWGq#so zx3>SM8=jEqIhr7pNA@QhBFih+`%3>{oL%jT>2+K(RIde^`~(f+n*9k-Q_9a#vov|c zA08Zt#V4K}4Q#=>&hbynO6?gMVq82z!ckIE&}vi_q zN1DSUBjT?Sza${VQ-g zc-3%9n|e!tVdX2tUCfqb>o1`+25F`p z{apCgn~Zx@|G8}-UBD@@^CFRoj>2>Dm%VyId~|P)EPj|G-903cN)2WyE4Q z_7j&da+}{b5bp9Deq_SutwNe_*_|wHNum=1$;|m67dTc+$RD$5u#y1 zAB57>3#@6}_|x58V&2ma<)09e)7V#M2Qcur#lVfk>ib`(CuPlXe;W5H z$OUzsh=0w>5zc5eMlLKPj8O1C#QAljZ>AXOpU?jubv|Ypc@|@XYUFYLbpWQYsK9es z_!~{}GSa6J4Q8b{@e}r%^G8-^En~&}ch6b_s}U|cL7M;Szd!eP?i3{H5?0&ZauI~z zuallV-3^mHO81GbV}$+rA?DdQspLNYw26tIGQUk_iS+*e>IweDuI~L%f8E$agfZL; z=jW!r_4w|1$rdmlM-=psT@{^;g`zrTW1#l+f_v6~Os9s1!f z_(I6EiH$kCz8MC-R#9!g3J)8e=pMq5TKDy=$xmraoCFi6jMwQg&C;*CsYa{V?U{(+ozLi*I5ZOnmo94Fa{_-`iOoCx2nf zUEw+_(CM78Dzj0OINvlt>VpiZZGF{z%s`t#?-3x}=;$YMbAt~LdAu8ksJBT1$Wsl9k08fF=1qh<>g~4#YJF@>6m zL%Yh$UL4>^4UUJ)lg96*T(4XE>+jz=-!yXVe;OhP+6^%uGM*T~1Lk*lc-YiQO+g{E zyxf%v^i^i1ar2ZOj&LWh|t#Y1>i zRaH~#>#Q7PVL-ienJ-8#NrO26s7hEtFJX$30>kTdJhEhu0z{TlJOkj9SLD#x7(V3n ze$vWsmA!c$7&RN4n#4#Ta2}5i$4hikLy-kE+rB{TU~OY_h0hN!ONmL>$cQddDs7Mv zPO9TW^?xd8iHbllfGGckir>nCR>24uM+OH~mI>jkNo`ceJ&IpiS}FkeBW4yB{qzVL z;3v}s9vcT_daQG!W{JX|ogFTq+w=p~Ymo8x(^573elt$g8J9)&uJXZ|XdX^(Zg}8N zYQYmLuBoBg+1=GQM!v5^@w6+)zvFRr>UJ#yuXa}fShL-H{I z2>xFeL>oR^2u?L{HDoypv21Emv~H~B_je?6;W6oEH7C8j6ju1Ik6}UL_UF~>*g+Qz z)-UE<-N4IfGV1pBUM!tZcKK6jwMgNpo&SDfKW94rB}!nR={wmXcm8<=k-li5Q~t;h zK9WQ&VOD=~)N-Xn^+6rUnbfrV_d}GVy78Z52_NBiUjI3Ewln?bqVkza3UbKdOj^_f z!$-6tn*aNeB!wZk4|!-EvyN0M^6&_Ugyr(8s*r$y zfWB*c=1yQ;vo8m=OBZ-^k0)p8+QWxiWIP zTR1X@&^!Wx^9!z2SXl|omWqVpcL6`QY$OawQOm2V!vM|;JMYMI<2N!(Qc*4TqSo>B z6pHJZO+TsEVv0&0vy{y44~CnTS5)jb_`!K-+S!pV$osl6Jw1J4Y3a6M873sTh~*E2 zc+{TKPM`!i2CBIR%P>7@I+B9U?hyc5^L&tcSIC%Hlgxd77+t)$?E=uxZf&Z_QBP^q2)iVvtbQ=j!!IPDwHs@R_GdcDcIe&z znq;+^150p4l=6Xgc15oV@J^*BL}1DxtL-80nLZ{ad!>G9>BS&q^c-=>E>`QebnP(uX0Yn-7|Vb z?DU=p)!}r&B(9)+)Aw?N4(lU#KXWIPa(A|b9@0T5xdCbQ3tteIeahcjc6S{Y??4;s zM*oc$NaA-1r+@!mZJDw8$@ja-3f021uBB<5V#Nz+ylpH;_s-hQ?c?ud4d?%Td811N z1mM!@YVWG9ti(x7Ok@}0Hr7HG=)V;m@d+gS`vh(hyawR+mg&ktXF)akU!MY0wPJZq zO~QB8lpY2kt?u}pleHo8zk3%1TGWYI15A{`i3yhNP^L2tnm4SE81900vNAn=3r5Qq zXxrvTpe2Z4Kd_A7J6m}(euz~1HoCH60YIPFy$c+}vyF{Du~S0-)k~QCf`b0A*bQIs z#`}ZNXHd7FL;dofJR|C{EK6A?6u)9HSbw4VtMB{5jWUrMX1DJ^i}+ax^H zY{>|Obz|`Y2-}9AkL{y2i_|lXFnDj1etcq2E1%dRdlkC;Y%ny=1_N{J@HoSD%#wRi zEB$FkW`U;MimPT+A+phFdn^ghMtKb;2AXhvkl$UDK`kIt)F>yR^Tx~eRVOnfulB!3{r>0K6vhP7S@DTcu=s0K zB~e#+bhhw_kR9B;7zD^f&Y4>MpZ1t=ko9o8R%>l_@SZ)<*`2?QPEYGGR*hMfMUGXX zc8rJrIRK=ej8)*;OAefvEYmY5=SLUG0_`!ku$an@@U4po}NJHTUR zI%0ozD#yvc70ULLQT{U4(@pkJh2UhmhuF(PMQCpfA7LtxKeamFWstkp{;}9ApRanc zHwD$DelOza?jAbv`x_E8&uxC!LKc(6W7L|#Q68{YaTxicJ0v=Vn&ZEpqE<@7vu8xn z)gvnnMFAqH6Kxq#Yoxw&?xo3zQ89K0HF_dym!!Z!6yB!=jZ>H7YSnT@HUsL;Cio}R zy)j>maBE+M@!9dEje8v#PNZgHE&3gYO?}6j1#^q4gUM zJk97`*m}oPHnKwh@<8hB{_RC)i+*k2O*U`f#eC?%5~nji)hG4?+5g?ZPvdL5zddS= z^VwWr#k(SNgM`+T4c^e^C(n9*{niEKuOw8z@qGP;3={8Jw_jqhg+IJ5*=ri-!w0mK zRMbh`x)mBm|MkTu)3{|KI6)^8^+0I6fBDzHR-gvfi{*NV_*n<5p*k2%o8!s5 zvr&phJxLw0AUD!@=M(tQ+BK ztfS|cf5pFtzMyCn_g+^bOjbu{WrJVt9U;AOtv81^OA{glydbODkiJd^z-@<+E&A!1 z=9&t*%|B$l-n$9HIX7OTgi$7I)Eb)cGb z3-+RAjJ-d5dk;Xmq4ey&I8+nF2SHr}GSg+eKrodMXvVX9p$xzzlDWA#4+r*V7U(5y8Fp zt#dMDare;1#bwb7(Jzu7p54icpQ;rU2z~*9W`q0RJEw5x?ReQp@bq90;X{eHGvnqI z0uIvrLPD)39Kng&rrB98yBph^uk+&V$BYNsU;c8t4(pGlWjS9SCPAosk`C1WV*}{ r?u+d2$V*4^f12a)|9$!YxI@s%{u=CtNBAIC7usWSS+P73omc-q_Mm=s literal 0 HcmV?d00001 diff --git a/images/trusted-publisher-pypi-github.webp b/images/trusted-publisher-pypi-github.webp new file mode 100644 index 0000000000000000000000000000000000000000..fab5edc79e1a51adfadb0f158fc5bf52e91b5724 GIT binary patch literal 44432 zcmb5UV_=x zhsA4MYbkyb6ALW^08kYblK(8vLE!oEd(su;2Ot#-#33+Wj97*=X-lYN+x^!N-bJ0Bk2W0a=YcX>d?G5kgr|_$cH1>=8vF${=$63esRG-K62L4i??$_4` zly~eSn;G_pidUUHp2dzE5Ae5xqxYl46RX#a`KbJYXR=QlF+QE|PVcyH;bS(Z{HO12 z?}_go+lePWQ}0f%ZSU~c>QD31uP!eYY#s4lr*Go-6IK~R@7*tH@2H0xw@ z#BWY-7BA%I?+@0P>F95Xne@&4ChvW3%=0eCKG*KV&-c&tdU&rLP!|*L^RImmAaBNR zx_2u};_p#y@AkS{&(Lq3Pj)`<@9&pN_lX~m_YnN`jE_g}E*%yuC$-W zP@##%THMoY3`5_;RBxrA0S`V1FBQlAydi@o{?y>LMx>M|Q%EHDUzYjj-ZB{R!Xcnp z^s2e46qlnC&W}ZG;^^_ttZ!Dcb=&hiw-&&2*vNm z-yD0FcZ}AN&2Pl^BF#!~`>03s<0?l_;#t3cq>qA?me+n3MwrT4$sWM9LN6?kM{?n@ z+f(!VB@eWxiT_P3Bq78!&>7fi_5m2yC5GZ}e~6HAmHpR|w*2pp?zbnI)N4_Aka>R` z=rT_X1TrcBB2;-YXh*?9{oph=`K1Y57T-T*`%j_#RUua*)e0d-Y^g{_WhpfK@U~xJ z1x`|O|Dh?b;f!A*rrqg)hJ~1giq`c3>dz_$UDSrrJbA~s)6f3+-;BiHE7lb-XA{pT zTd`-CDn&EZSc@#nbhP+&_FG6Q+Gp9hEOj4Y;x@QBAM+hXP5Kd*U&fK2{M$wf_7}fy zN!x z14Q@xZCoPW{_h)X%bQXC-TR}E2GVPSeq@N>;CEMx^BRin7#=-z%2Kexl z?;T=0DeacPW1A5PsTEC*q1yzf(ed-^&-w@0`ToYRj{y!9-V@wGWbm`^L6w|e8V-^~ zA(yz!EC;5Srcy&N86L?FvM)Ho7P~&dWMV1z zW6dU&dnzFpv(kEbbMNUVaY@?kWP;JiD;Hla$6$d|#JLwdUcr`@v;|A@3Z< z!69t^R9j!i5b1|i6UV=g+&P)pKG`Kh_Yi%cP=Z`G4*SQ_SW3d-kYCHAFY^t!8~~N# zMUNKirg4xljlOj*-mQ-Gu*-?pl708*pjKS%d9LBZTrculXYfRG(Z`3idRw7h*<5|{ z<^L=S{^NIK{+|=VU;GCToftLS8E%#V^hcx(8()hx;S}KtNuz1Eb^(e5EMZWqmjHeV zQNZ}$Dd4Y3CngM50l9eW(yDU7d0q!OK#-p4xlzR(fb4Rn!0bAv@_*9q5|{jAD!hho}w0 z4^9%m#3i*p=RcDG2Zz(ViaB?n6yLr(uqFn3+Nxt~aByW|eyyzIH!vxl!G@1^UBiL9d8Ms&Rom10rfTYP>1?C>4&_t$a1-1Usb&mnT1q`H`apE=VUtcX_~3uboPPoe8Ky%EwhzU@J;3QV>1C#v zh7NrRp>~kVO8<>Szz?TU{?6zFt-I8efCB%5Vn9U1#=dMWZ)GEQk(djmo4AYn3f9Fn z#4YH7F`;pmuU;mrT+BTXo(WPfYo!c{gcPq_w>GcZ$u^;dR>xpMw8z_M916BZ)7HN_(w~rTAJ^Gj%%nX=Q<|yAG87c3&K%5glK|>;wi5wNYQj>bdeCSraa?NL$~;++oKFLwW`lC`F@UufsV0 z`R=gHjzx>Xi~)vZgQKE!hH(|D_(2nGXfdw8A2Q;9aU8e@x~)ft7oTN%Pgze>^LgWm zX+gZ^3mNWB}@4EDj^2pUyaCH!=T)94gct`>3v^D>Q#OeeEk#x2-KG>85Hj4U#M z)K~q|9x@N{^@&M{dNMYL%6qYVAeYZS?BX}H{m&x70j`DoX5G<}bv|)dSwo87Wgu^6 zkE8HfR!f`jaLx&Rg%K+_BW-|90gY^u3GjB62$aJ;oPb07)}v|WA2(;YTkqCaI_4BY zdy+x0{Z|b4q>4!nYVD-MxjXdEeskJTfyRkr4m&*!xdMjpCMgw*Q1{x2Pz7T_hD{?O z&?#;W*O4nKb)Cpzz=Q2YR0cb z@7O)Z{}j{V_XDEyyO9w@ZS)WD>ay{c`p<@ueYRyYA3@->AL2WmbnvLp=~DVd@(YgCj{!Vx)IUlCVic?_E7_R~sS>p9i?|~mx(t}eC)9A59QBzn)aqHEiM0aOsoPF2H7Z^`Zhaewb_(681B_%RTq|I~rvILG z`Qd4}dX1d(2>*Dw9*N2vx)h(C>BJ) zQwLB`q2uy=J#aDQhp^u0DNpX|r!P*KgtBQkui9FMmi5t&*b~chT(8_XL_S#;0L!ug15NmzPT%6PjQ#l5fd<_W^e(0$XJ--e`OJfaaJNq`KhK8`5 z5;=y1?nBeO=wV>h14umg_$%bfUzN4gm>Dj6q>wU`=fGB4FiHR((#Y-}kOqJ_4`uZV zq=!u1pHzg3)VRl2`u}RTF5~9^>?I&{rXeHgk~l1H~#X> zjrILTt*Muto{VZ%w+0IWlaJh;{6@Q4UKyNHwBY4&9dLAoQ$e=e|_ z$lRc`jV{D~Xf;%u9E*{5?@0T3MR1SR{sCP*IJ_OjImTSQI&Y9?2oC3KaC)K?H2g~^ z-Y03lV0qLs{7HZZ4?i?`Dd#T@ZxO#g@c|B?Xx3T618XLBqzMd#e4?$BL@^XUy*<7! zNL~%(~=oF2NTo2 zcV%kF`?OhWYE!^pXg0F<}O=D|x8`?&uJiwq>o%bR+ zVcSK-KYJ{q5%(+_8A}Ju1j{2_1@ZUYeb72VzXAgoQXv;GJ^w+?zH zND;Hqucb)30GBM<1)?$@OAO@lhUyVo_9@DG7gDzqou;`@7HwS7_wUm$=-e<`0V*1q znEK?nYe_kzh|NILbB9`3PQeB*b@~$Qr>y`;Nhd6Obaz=&&+X3v2LvbeC0;i-4tiZZ zzR>RaW*A|Kv5=Boz|f=PuYKS5=phHyVvtm;%(odThxNvBn+OH0wCm<~AZ=%DE@b#p z?YV3g8N`Sc%Z1hJ6c1BP$|>alO5)QMh@4=6tD)G(zcGE8e64ThOc_o?Bz8nQaVhg% z;VE^+1kz$Gr+{zasCfUhZBX)v_X^NkEHV+x&yFW(xyO84+YPTuMOCQgruQ*;;j=Hn zB&Id)s*~(zy1APta@hGuWXuoL-i z*n~kI>`uFho($bm{mSIBZt9ft7Jjtzzu~~mD-l0)Ste*?qc`*7%p-9~NR8r+ulyV` z0dULplH=>4`NGb7$||0$K)X{3d>A%AaUQ-|i9Gxiy{w#fu@8egLqT@td17E*>6gQ2 zn!V2#ngQsmTY%KTX7$i2KO6kX%Lz(#@8f7WoSBCd9)|<0-SGvrg~|4N zrd~H*N9AG0VS1?!hF4eyargEYO%-iqEw(ksNbq~Zt%+vT8Hdpgqdm({5-}6CSr4;G zn8Ve3O%~If9xL9qG_l@wl2j_rTu^ev4bN9cq`;PF2%4UZEcCZgj3ILu6_)UAEndPx z$Y)}oi;MThFejMZcSX||=7gIKj}lu4%rx*EPRLo%D(!z*W;yJ&1GY%uC$8`5k{`6b*9K@Xc8gM% zd&QFQgeksYR`Z-T`du2Q^t>Q^McS+-@`&gvt)z68(eyp{jHk-$d`*D-#*gNpem&>D z*Rj`geKLq-nVNq=2lSFdGL=) z66?zseaa7tE0hl#W6LghD~Gip2rJryqgoH!n6g|q_|jB>OSqi~p0-{@&I;qf0-qv0 zl6_)xMuEi+_M$|M2u8aHtQj?y4Wz=4VE zc&hdh;y?I~nVTrVMcRx2i$Da9=z?Z39PjDduzA(J9wW|Z(^lG7P-+B>fXHidx<<_2(ndZ#@n*#bk1v(Yf8~%b zTmhq;KWV#=2Cg|uw>?$myC>x)G=UBVDCM3aT8hxQ^b7UCAZBiS{{u(*MQ&;>eDKkN ztuL|s`OVPim-YdDc}y15F;`RpA@IQheFl*C?_uF=o*5Z2n*f?5SQfrpMcxTaz?Ux!$_7g4-vL01EJ6LC(ElKm|D-LT5diKkF+USC{;(@?iI?g` zOH8sB5rqQ&Ha0nAf9waEa%IF-B%tD6mbqrP>}-Lfxy7bBNIIQZXgz8IvOXyg=8of zv@Q8a@~9sLyEK0Rpmb~&;P)K};-zaz2am66=Dm6=; zA%_&h+i|jE<>Xs?Rc4cc<%C5FNvYw694R`)PvqzTfOlwU#~qjV3li=UcD4x{MPBrL z{{FcUv@}$q(kKB=``h?}Jg{?;Lo|K_o+*M6`MXo;P94bXDDGen}=HKw(~RA&rD5ZQ(%O<+q$h z9#2)4njtq`%$}(q>a6#GebKkMLskm-vUF9Ttp3jIdHrl`_M#e4h0g|NPB*^dN-Wqx z`bRqgm^l91hSR^O9!i+br4wg%AY$?&nr-F+5mVFXu)Hr5ce>X#t#LEYxVc3XAD8){ zt_!yPuUbF_KpTwsg2l*Es;4P#DEU-rX?q-w3Pg2CrTN}*`jkx2sX!P@=~AjOb3GX^ zzfK>Di8BqJ5^Md@4q+55@U`%?9Q?C1{->}0ln<}@hDU|yM9*cfFOZaOV8MmVpdik3 zCkyrlJ?OY|X|j95E0r}Wk?_yHie|kAN`aRRL7KDaaQ7hUBh$;K-A5}epk^M37ue$8P@6u?&z*FFX$)bu6duNaAXI&MT5U>Q7 zs%0>4P62{mhV>`1%;PS6j<4eT16a^^v&AaEgf^JWdjc%Uz;nut4y&q!mUbT%F8&0I zf-fr>19`gs-VyfnGfwyy*{}{XI>8dg;Nv^l+b@+2Fuj(Bza2M?B%;#+vBtoi8&K2Q zc`eH}k6FoNtYKz>$A%sNPk^8q^-;hAPi1*R4zB-ZlN#o||D(B-RnQ>q3vKPeIJT1r z4&*}la$|>C?)BtP+{E7#AX%r*-^vYsnGI4N)Faydjn+lKJQ3zGiHh*O>l48s0?&c& zWGLHvAYI}PXYnlkAop)_1F!&D$vq99WaL~)ew;YUY^MdsdV=Abn*$?N!^09Nic+!6 z2rIV zg?2kC&}_3=$&&|q6$0pKNvq(-ORYVO6`WewHRibaV$F3`QX7Q}VOU3&#b4Q!M+QLJ zSW*D~b~fXv^JW6)p{T>&{F1NJ4d<8t6+@-bTm01Kf=WhW-AdiF*+h9gFn)ci^}Gi3 zuBNl1WrvG1w>C)8av1qp7SUY7Ja6KUPNJPAwkKyV^%Yf)4I}xI2=hsiD~Os;5Ih)# z`YB;|zz;SbknRmn$@DkN_%}M}>6o8(mx}DDE2}N?BTI3vOWY=8RR*V> z^v%u0z9T#8J5)wZTA8`a&{P}xqA@xpg%DD~^f-Ti(Np;f4# z`~$ye%*!SQA|gjh7#`Y4IhG?g&pT;g>C#M&Eh>dliAbwYBIma2)Q>;2QboSW!-2Sr zcCJe%&a@KX>GHNY3UbRbv-VzJK(->RuaUu|>;eoI-&0|UjuXdYAU}G19UyGG3{QQJ zhgylS;`))B4LFT^h1X}gW^L?q7o65B^#f{1mMoO>E@f6C+;@uIw1R$YLb8G=$>Cev zU|YESy&TU`wDmW!c?+@&;_>!{f-}x^lWEDF_dnaq=Zx@?t&Mez*4*`ODgo0w|7f~V ze(;5`<+qF$$3^WlU+5J^BLhg#<$-l}KMsJ0exd8fHsEzws8&0Mt0bKy$0kkgP3}== zO{XNT1H?la75@+Z z+7`C8;rGI{N9U&Buee-ulMDV!2k{^0x$ySJGIfpOsnstdoxTwPxb6@_7VdT1%Yikc zOUxz!|M7$=5b5zp7d~+#IiTmUGFw8^ixpJAI*Mc5bi+?@j_rUHaJit?(BW@)>I(mN zBKlv_xOr)X#`}3Ur+A>d(U9n@j&hVa#5kXTR<~WULukhlhHdNIc3D*A)|W3XaFOGR2~%7gN-1S` z5m#pe#cFLkxy>1yfr4PZm4p)T&M|rk>@On$agAB@c7l_dDO42!XyLC#lp9un?%P0} zQ-#el8P&%vt={Bqa0r3o{noPVox##B;)55?5)9q=Lf&n;@JDlPk(NADiq``#t3ZUDhX-tKf>lvCMwm_|^Txn0OrG1|109fectei$xENQZHgw%>hNTN{6>KM%Uz1;vPZpwUJK`l4 z8407x^fCu%iy?Zs?RN!k4oBAYjaBW})w8;DJtU*>%GSWn+3;!9sM|-PiYzA$p04SY z4Y)v_!o&ChR@-AHu59M-8>=qN=lMGduy6|bO4LcuA(@}Am?T<5Aje3p>qXq$_j}mu zaDVtU82E^;t>F#~n?ccQjLp03c`v+YBk+*!kQhn=H0p^g1x`vK1ngW~vO-l1 z4JS^KsOxBDz2WucbKs8fjKA)dMREmhg z1`8shD`M7z#4Y`%4|e++XdIPHlD^A?*f04R(&~WdqcKg z2W|rJ9$-4}sQDF zaVdYC8Zl-4(u{;Ed!_TGIyqi7g(C@DnMzY-@s2CO?}ggWatgg-erGSPoOC9w4m(~U zAj^?MIkV{#(%*0)SMG1mP_3Z~d}IiN)eaJu z3=S%X7&G=h)gLxQc zLn9b-6o%9o)rk^r3(Z#*SO7yyFz^@#klsVK;?Y)H_$m6))?Z2lf;O1fV|5#rId0qR z0iUhaVkvLEKMN+e|gsbzIPV-Fg6#v6PkMC;j-| z$=?boPeJ2Pp)<@d$i*byQl>?+#^!iR7_l-4th93dkxYYr^f}Y&e)3KPL+9Zigu#y0 zTdurw6=*m0HwasVQK;_*^ z8E~##^vu}+NPHepulvB}KgWaU9(~BA%05;y_2pe#;0mnz8KptJtm_~$QVw;}(LUyu z1ylvP)MWA#;EuYd33QWmDgjP}{%iCQw010bPB}cXa2)B{K~cy(MlVi#A-{Efvgd&5 zmSLhnqsojB4I4fqInDq=2_L@*>>MZ1Trd8X$!HxnS*McLS8;R!X+0jj#+})vdNvhY zH3>-`WVkRdkK024Mdf*nVH@hjnwA%gCpjN~wznUQhF?vs1dmNJg|VMDi!`zN2_sPY z>chVdAj>6pKO2Hf-CI!B0%=GUD^MIYoGI_ib!B>Yfxodqr70Dw~VZdocC2rD6Q)u54KjCKO+L7k|r75 z_FYy9ZlBELrdbUe;^Jv$#gdO@IsJ*-E6D>mZ^z|K-Wo#VpfZCUSs1sL5lX@MRBiS{ zra_xXhOsm!q$(2SAur-@5v(^LrdFi%vl`yOiB_^VW}wdF##mJ894rx`A#otRU`8bF z6&iYnIsw8vU$uYV}(MmROfr{Mt zkdqD1DY!i`QAQ$qm0cq#jaBMUvGpxA!%8>z6uiI-Ta`O=H(srOsM0GE)W9yjjX2@c z{ZMl8G4@j<=vN~-o2k=jgh7eQ&uQ<`_LK@Ed(fEu3P6ec5hJS4UiQr&W%COm zGS!iqmHAKuNdxn+jFMD1n~@c?v#hNrQdQ|~v|Z^BA@GYVSjMaHwh*~&lnDa?l@bT& zP-cJe@(kuyQ71Cv+r$G?v2>?<7%ot1&a{5_8@FxVg`#+bs#5632Q#ACm@!B+=e7%h zPlkPAI9{HELfCr}BRX=75sV!;84U_U?WX`kPsHYwynQyW#?V#@Ww@n>SU>x;RZ7*^+A3v2J$dfXu7t+}qNTsh&L>Rg^Ms=u7G*o; ziN{VM21L#0*rG*}b_@PPw$n&i2*dXrQgdUcuswtlA)L*pd@vOIy?j z3Zl0hWEjc-XmnUsr;F-8vEzxNJR`BPSOKGRYV4o}AwnL)>mizJ>RCu5d2F!@6nRu` zNSlt3XsQ;3-R`4#67~Ua=6XwyeDXS%aAR%6a`DdGZJaVJpl3{g+Y1xpQM<*qQ(v!> z8?KE*T6s<=y^hVS1fQ@kJ{x81ow@xw)~6_saF;##ZD%tLOm#M}*|^p`e3mhRlspi_ zdLK_L))2-m$ygc@R$FEyITQ@;Sxm@f4XL;ur1}aQH}tE)mqAZqpbY@DlW2VUQe=0( z*u>4B8a&^}4gIDEYJA%E_TgWVYbWAG;X7eerB;HcvYcG=KLwcU30duNRrvXs6ujpT zHLpkydA#B-!|$;T0;uup9-rduZy*H-s!wXPc+VhvS-C>k47B;9QsTT=zc3jpG zs#R`5W?W4m2p>`aUqWspF%7R^)Ymqdb}xOA+z7K-jWi`J)~YucF?d9!%WNtR{h`bc zuf}gjJey}|d#W|+Nr>ms`lOiz*^lRldIWOtFmH1+-_1~@^B&TeSQNb~8Q{oCS45XB zPcH$Nt{Hk;hHY#rPb0G~+Q2-GFk_H3&f`V`94V$gMk!{mJA6K^PUoNzX`9SUx9dDX<+HQR|>DJlQ6DsFrzIokEWoG~<*gXS@7!l%WAK!qAvC>ouH zl>+8&a%G+&bYlQ@)N0~*P>E7*?Rs(x%W3~gxgq&})%3~!CsIRTY-)y{$CG-0dE5Y< zWQa$BYK#(vmc0$rDrmIT#!A&_#>eh^TR8_Y$hm?~d1)Rinf-aFnTH9GbyRot4H3bR z7GfwT`Y}3QoDXbbQC?D4f~_>LN5?#fSh!0bR>lDZrT`X%u?GS-KLz&O-rTvpikNj! z@^wf(yV}esoZ^NeGdxpid8oF%5|39E_8h*MgIJWN>Z=SS`2;Q|T)YC>QHIK4PE`S3 zhOctDc)bg4zG_syZZ6EyTH+`ul(9t2oCdt+jGlWAvN6P1y;B*xB~a8VuMejzJfY5F zzxI$>SlbpAXG((SqnKq*vCmY=^cT+YGi#$z>QFJ%{y5fDPJtyfbmngQoUBuSKQ)Yn zr=DIjEJTTgexB;D7cXJ$tvFk~f@0q$R39&nk zKdq-807}4qQqiE4<)^wvL7IjsSL(uB)gUD5tdv}Ea{M5?*K8BSB>}Yv;WS6k(0Eg%tMBT1sEmbkOttQk9EJ8Xkp~&9NT}-ht`zr@TRi z)+K$Tq6Lj7VKzZLPxgp&wOAXil}>5rU;+H4{r5Lv3`Q}H#e|xh-(O~qa!vQdzqzaj z@$GCddywu4nZRgrn{P{uKJX(Azt}cfAGLbVO`VA^9cz)H5LckOk9@mwI8k!s=0GHd za^tQrL`=)9WayVp#nN_YmNKyVC_)bBlYK7a{b}Y%Y5V-~)^XzlJVWIe9rwO@yCKtQ ztRF_^67-VPCCuC+0&peoh$aQ|hDtnQ^A;wzXT&zaE_6T;VKRG^Idimd=Z@sCeL|enUc7 zKn$JgHQI@NxcS~W;K1>648(5kmUEU`Jm$=+A})Wr`jPTJw1;M?TlF~O#c)Xmf=p&G zs5q-My|uTnR=0oawgH?ef_e-&S6dtB)3;&TxkBnBPxRDRaJ@D4%#AboIs{KRhTirbMe~{o2~)Yzk;9hhb#~V_W2~ghjlR}33b`p-s3=Tq z?}UVjI(!9Er1HF%FUcW24_v2AFqR2=@n_&QtV87t@wO7JaPsP$$_xT zHAUd{l^Sm;OpF&!OEL-D0tAX}viK*EB_FdN09UjOD1B z>+#5GvvG6as&miimgCXjhmyEeo|F|6C-6}uW5GuLP~AdEqo?rm0mRvsLmd10$oHv! zd$sJQKG!});#>_MVDPX(IqWpiD<*4;*Y3hF&~HzrmKt?`ADbD=xiW-y!wr}eHE}Iq zP4^*T77$&LQSN!u76662r?3-5(iDyZR@6C75_v3Nqu&f;b<+YS3h08)lHgL0EzDN3;j31UI z4N%;kVuQ)zKOwUapsH*kUWQZEN%Zh7v(I2<30K9IPd3)3Z$)^d2A&iIZ6Fxu1=aAd zSi4#rwr_e|;S(S(lFeS90a!AK*fC95(Cv?#;L|%`(9-bLkSO!fT0!&U8>{39_Q@+J z9wiCoAP*Q?^!YqFm0YYJ-{Q5j__+ejEg0KYN8oym4K@gdp^DE?*?Hr-!S0+23n!=@ z0odf|D1O+r>(1B)rgyCs9Hj?@NBoLz0ACqW$;-Dq5Rh!-fh8^0!Z~)J36fw2@yKc! zn92tu*xK5h7XYLfWDj!BgZU0D!2` z*RB!RL}%oIVB(T-fwE6qFnUg~-IpN}&r35JhBdyE?_fX$)kaL8_NxpD?`Wf+KKbsV z{CVnmr#D3Y&3R;cNWtazF>}`B8Jv_{nogw2pQ&dvdlDC|eY)T)9q9dBIIiPD+@^qX z#GagyUU_nlPqh-HyAv9S6Z;H*GzU5*J`dMA#njU)T7E#KFPn;TM?5zP-ASAvl zJl;2o207iWkbCxR<0XlLu#9~7r`gr;INR?&9R$oFhWgp6NH1c$6CQd&wD!Zbs_s=j zJENwc`9U(|NVJy#39{-uISYnIUbz$ZAUkg-cSwW1uy<;o*NN~CcbMGGfRJuNhwI4qia>H|UDQEKwy5^^i#-Znk0p?IMT~ z-#ZNhK>_9NlxHz@s1Hi3OM|}EJ4tueQ_Y9>42fTr%j-&AQ38kFwp7HspwB#G-Bzn} z5?S(CY0}3Dml)XB(_sH76?3V~!CO0Wv`1}7^sw&*^iPpCn(iHl~u40MGBL%h<%tXtPX!ZoJ)OHo}oCwf>9Udx)X6p zZTi((s0hZqXyzfd4-iOrt`%6(KricQSF4QBgYTuBgt+)Kly)$$EvcvWpu3Aj>Q?M5 z>;wyIptdg}MDGCIV!sA+&1JNvSru|PXl_+KY=RDaU6tM%!BJxqMvF>R-h5(sl7+R? z_NZ;~ax@MQAv6C=52>Lg8t5*TH^4%r)Kro-3Ow%QQG~jPC}d%#PpkoeR&{KtbhIAu zkYO+f2tCUQ&gf4%qlhRl=R*242$&UqmtoV@g1L@mCN6}E3(({(qvvi^4$Dn+;GNgG zH&ETtUj~TcAvd7q5@GO@D^wMXYl(jMK19C3?t8rK6{i-%cM@@=hw|+9r)F^xzJo}L zZFeXgMS~#XIR$5fonUDqtbN>$iiq?=}XZcrZ=};E<)pbXd$&q>?09JP4TAYvOa zrD6eQpWF}M1BCSpfUWH_X4b36oFkKHnD;@hwHdfli_H$960&#fn&?Xta-l?G-*HWmO!My{B^g z3>Hn|R)$mKdGdS8{>y@6-&xRqEgoO)IEHKmfaNPVuu6vy=hH#O`@>jsErtXN!+ z7WJ-&^(Dsz`y!HlMwV`Mq-G;@QxL1-SuOWCo%BK1UV*@3))DQXFIm=c$A(FPR)MbD z$^N`9$;;nF5B?3j&LoFa$@984-XN=M31DxGzq|<{zs7x8)z-(7~eW zBp*wFV^#(Ysd8lshd4WXJmqNtlG^4o zT09$Amb%EN@Pr^qSZTWe=}QV`J6#Q%Py30z+_F^nM6l7NJ6xE2!re z$Jc~R0}?5wFu!=1zcJ z7;9pw3s*Fg}SqJn#TKPFsxO91+_?sVregJA2X%VZ{loA}0_S8{cvi zFP6=Ld=2(-RbObed@07`hZi`xP|2Q)-kQv=C$(WrN7=031X=?07;*b&1t?P**UKJV z>qWI^WMvmcJ|Tj2CgXA~d3buZg)>qq=Z(nwy`(68&%}?kSZv{(!LvncRFz}6ITeDD zFY~DTmQg433Hc!(NQ$#vsRMzWYYWCpK=zpWgvsPl)egmrnTHQPRi@{h(33`7wovOy z`S|C3FR=s8<$JZ3){7EKJhWO4P=WH!DUlt&+8SBwig925G@>W+lH>}l^=yep>ytEQ zG3k5)oh{gL2|NXMR9fgG13O~^RobpE7c$IRu_`NR7xRj0^kA!4 zE2lCuhyGiO006ukDqN2MsN$=mH#2LTHOLI0oR;D7Sk54@C-(#tAAf*%aj9a`T7K zeUuMO@iGr-H)YK^&t-N|G)hy(4$H?c9{cvb4D{(H1_u{a6Gtb$?=@>TBr;0C>OqYM zPJcv0YIZSmilM!_S=Z%9(EXz6M2AFDON!cTjXt~Kctb*65y^LnSk$`mQZ_JvTCMyY ziBG{5qQkWn|HHGqZ*wwENA9p#4|kMxCFw|brdk!9&5Hz9osS+h5&^8us7z-RutJ?$ zwFbaqUUKfV6YKVSoiiU+9@u&oy$`%XnR{>1lDA(BjG2R>q7n&@pi?3bIOd-00lY&W zpj2i*Gn+Fmrc}hQFteyt0vP8vI5Yya(oBF2x5p#25BH7eY^5VMw>~i0g(Dqe1~x(q z)10KD)%zC7@#+p^5!|z|Rn*wjo?u?u*P#XgD<%YS*V)WykEuy~%wMQ03!#ZNlc>Z{ z0Qhv=;<(o9^u$NUQ(l=R*wEsRpX@7(L9y$3MFkxmt=8Og5<&1%8eC2MH!XuG{F8*H ziO{N1SWvQe4`Z0uj>7OpOEq4acU?iZsZL4$S_I8npF?k-7h8r9MCrc+gFEa6d3)o?rc!XU4TPlqpG>ZN_sx$%baxu#5Mc%RdD^{%>F zdxU!-EgQds-K+GOY``A#LE5H!+*U71l{_JJw%OK5RDgF*NP)QUpMrHC`-H2T6d!8l zHWX*ptu6al=3421*CC`Tx*qd?JOLOYN(}0;65hHnFQ|=jY#jH(TK0ot5BPg9ftx85~6Xx zn#P`G&;3ly9yaPYKkD45s_;as0**A1Q~z;YqX_bEuq;$-Wan@p|gsP-tj{|KY~#G5FtAlC)3#G zk2_&ksTd`QzDU)q&GaXLoEX=a1rP^HB!jP%9mXhDY88QG(v*MCGW#n|#OMZr`Wu(Y z!eoz3YLgMg4S^QZ*WX^BpeOw!7T%NEHjB+PFTQA&$*2DWl(Rxvvc|Y9UP_EH?rVrZ zc~nA}8oMlxNGVjqBv|{>E@n5E5uQ;iXDUYP+8t2`Z>MasKW?s8c_U}=;l$$6;r&vk z$7vkb-lXbYctz?r@p^z@J=1Yr489{E5$i4A!DIOBc>MqB?QI` zKU>~K16Nd6fLZrmh5!Hn3i|U|!i+8a2i!tm*(LO%Z=|4pT~{0yFP`shN=P}sR+m&$ z=AigdByDNee*xPME; zx@y`McPm!(;p98ro)U4?P(^sUXcX1XVvHdX)M+2&00B><#o*M?Q##Y2#l$oG<8iHC zmZ`Axt;3<7b@iSa?>4 zMx^QzT|mrd<6@k-NLaN3`BG;|h_Q|SKA1-Mt%e^?zp!0Qqiaz1{i9@7S6&nglDEiN z-a%fUT#z3z7mj9a4~7FGUq{wPcELA63<;dg)wzr8f_dxby=6R3(1xl`9i!(SMt6-| zU`7h;s8T7Yn*xGNnsX!tn5aOj2n=<>G%8nl*1v0|DRQ}%B;S8)XQ~-q(2Mk?Ll-e? zR)sK+4SlSKw*(Y!Y|&1iO^BNH<2}Wbx?qWWNd?|pl8fSR3n#W=T$*i3lL4Lr)1@)< zNfd$u^c2cwQ!<&9%!x4F*43ZU#H}B)(V>W{$zt->scWwD=g?sn=i~RjD4vXUm$%G= z;%@F~_@uvBlh*MukPiUh1ElSSE&%Ub27zb-6k~!2U;qFG?1Vcm)D|g#1-6716H{rk z`Z|@e8}>=IMLjWex;kR8q3RcSpy2JDXbA+@LS8}V>*t1|H``OO7O5(9yqlkt$8cqo zd%at+`H_zGi}7mYLfwSz=(iFD|Ez1a6gy{$1~KW^iLzwSmtlVx5(XLo9R!F8XjZyX zG&=;n!bWjcjYgnam}h4;n{1)amPvnH66P#DVe}D);!%=gZdpd0Ns*Gip`@9G-A&QC zSr=oQtYy3P^Gm=0TE1$xLDH5)tTNW)3=v9(@z=Jf49&sYm(#QM{-YNuo@WUqM7xpun~9!==Dp7_A&5dF zmxZy&#oiG0GmV;N!+=SS`r{}2GLo3^{FaQ7_&$~I^M4B_crq%SKvHs0vxu{5Tc2Hcqy>lM&?HVdv zgh@MaO0|3xhuXcwT=3YzvW$|w%MAX(LAs9daCp+ogFj>;PxTM=?yRs{4D98`JBv;_ z&y(LNVsjOQ&b>!+Rg}|PG(HR6jrpaD{uP$m;+{Ar0HQb>IflB;`k19wDU=JmR)%|P zKD`p()e&$t+MMp3tiKRokLQV|8*B-hWnuD!okZ0YogV7=i|SO|y5O>x@Bj0PD$H57 zJxsCkz4=^#)wP0@oM?mtrgOT7rcTvkTmPwz3W}0}t3u}TP1g-NW30B9<-nl+!URh* zFF>d}W%xKGOI(#QKQ_=(fTa+I7t|AgY_Lg3&$PN70L||^w|w_I)e&!Qk#vw%gnsi= z_1k9$O!JYCoPI9YJ3^szyKB@i4G`e@A3?Nkr#2!2bkH2A!Kl(#lApUBvN69}AVPyB z>*&)+N|Z^Ra{2lZo~we<%lr9>MGU80M-8nVIr!j8Re82V*#t_wI)5E0mO?3-cX)P* zeLVbynQgAdXQ{)#Gy5vh80RYGU`W$B9q^x^D;rFzZ~I2vV`n%gX~9gUm|jEHl+_%F zDC-x@Q*WqOAPwP?86Mjr9OM816l_~98e|MpRic292u??|1A)F;e){L*?mWL9u>S8I z!u~C|T1LP1W?pM{>f zoN`tP6=hPac4**<)&k7oBIVrY7^Jx~afRM6VkNU$wkNC^^9?D*vKA3lfFt#$=NTmZ z?eqQGs)LGvRbmx9^6IwhJK)$Y%p^}NYMfQ9uzDZ~;Ci+Cf9Wp`LBa2DfFJZ2PKZD8 z0FB#bgkx1~@WrqVCUNCqcbzvGMHA787=`gA6UXQL?y|soHZygPe{h3U^8okOYtmk7 z%|RZpQ50sP3V)~RxM4Ig4*SHjogKC*E#Y|S4v{g|K3%r6qX!);mKD0TMFglk$` zS#C7*3SkbcS9fSdMf?C0f1=*}s(svOt}~SSq!<7n$@~LDBAFYM0lh~3?;WgBXz_oI zQXp$BI@X>nYW1WWc^iEa=3PVCs&oHNE^L|t5mE3~I^Hg%OzcC4kahJ%hv6GdROda^ z!#-bV=S|U<0nn349nSfD1-P~!J;dML0d2Yb8W%sA{BHC5Fw8?mvv3T4S$s_2d8(0C z33|GiaI0x>IJb)OC<#Q738^G{*AVz2^NDPMdU;}VjB~Fe;|-5U1;Z~uF9uCR6cv?d zpE8q+ElcO{1fR!Ou%-~L0lz*X)nMf)Ky3bw1mPRkXn2pWiF)j0>Kpt?_6foJp7g1oHe z@wud8O>&DkNQ{$g-EMz_BE6$ejeoClVU^E4BZEp?rmk~g0@j*ztamV{E$$KF#_6H&B#> zPLDp`B=&2q@VC&^ezPhtT0s+g)Dp1>EcZ<#?O zHVg{lW`z|4J#5$7sia)drxv%yF36&A%McjKf*_@?&QED2|J}sI$pO@@0;$k;BS7Fr zI5?`^lj>ZY>f896G2GyGxqN6*+}9s0Qu}*exE2XV5?4-V68s4oez##kKgiqvzGFd5VJnJuK1VQh0Y)BSV*IPtXPAyjL{u^i4uoFqQ1&1G*a;O(?=3r&onHH)o z-1Yzl)|}&}6{Y>MK>Sl%A<~LK$hy(z|R)-j?*VCm7(2 zmfs}Cpcn2ixP=w@iWwUT3pdl5JXw!O){-SiAn&kh&x!WEDnlHO@!f!Ab4Mw?6((bGMBJ>_kl8wwKW zV1&`FxG>)ULRkE*8pLZk>d!Sk&ka_{f4GtqX$|Qse5A4samwOHeG?M*-+S@e7sKCr{w?1d&rVotbKB=Y{4a8JCGim|+c6+nH??Fl-&<(8KqtTl#x z@g;o6S}(NHi1QZ}?779Ny~X1-hR9M-sJz7a00zH!I1~7a%XAIGLTUOKDvyWW_PwgxH`yi|zJArpE|Y;%20Yqu&(?!TtQEh5e}u6t(s`J%tVLna7axj7 zw@GbpUT2#p{*TUXL*!6dtTW8-##L7vt+?g856F|p{yz$yGKctDL6%g4>@fouG8drL6?0Z8lF!0Tu$RgRY`81 zb)xhrSIAVf*u;8ps5bls8rk>ym^)dV^QVQtiXAglPddWNKKCQ{&|AKQCdPGLccdZn z#MPZfrINWT1R>a1#0QQP;BM%PIgrt1N{nPjg(D9eMm?=;H}Y8d3jg;+Ghr7Yi_;^s zeZQGw_2@t4EH$KjMI$JHN=9OlH_R2t~i>4BNqTcot%Gdm6C^+G1YgUuq~#A`IH$uiQpQ@`}#(S z4@?*|YN-VqO=PwHazg$^pN=ZH8>Ru?tmT>&vD}y)AV@mi-`douOKC8|2D@%3!-S{o z`xz1KkV~PwjdEGMuYk8h*r1bC>$zly(mOUFNZ=){o9joJI=b6HH|r!>q_W3nF4L*XeR$wu+%`KPSC6vz8Jjc&|;>Ux!QoN zjhdHhk>Z@?mU*yj6cV=FgyFM0%y?Oh1=x%VoSVy5r2-Q+^d2A317QMz$TrKx6MjB; zZF6LlU!R62*)#5pNT(_a@d`=uX@<0>=yEbo*0gtlu%USVt$Ox(4p>?T?qqY@FS)^m zKL72RakaO7&*V=d%69glIj2w{DnMLHAdM^}DF}E5cBd+{|#o)!NoI`F1eWaB|vZ}Y5|g->5=uE9Ch8vFDu97Ftv z)SJMPh_gftOsOeFDTIT@3cTc#7E4(RtLqZmy^d&Bosf`= zEDU2P=@6XfSy@^XJ82ODq?q2Rj|+a@C-~-mI5j0JM|0B$zwd!(+11=jiHDubSqD_> zWC>8~&1n?^PIy|!nX1!~dTk~)DR_^rDB}iYn$uD8J|no?+$GJbG?&eJE~7kYWYpLJ zAQ@35YL$gw@)qy&q~9M4Cis9TE76Tz}rTp$=>?jo8Te3fxo|$2+cUB0LoPCCpXF|qSmJXjVns> zLMz2{-sW!jLwm?CfdH#?x87ZucjN>3_FED;IOebadY&*63al(L<@!Nuu6cr#>qhrw z2zARmC8QKBm;e}1T)(w+&=gLWt3@IBK;uNUnQwNy&#@+vW{?3bN*x$GO`LEC*z8MW zA+mY;vp{GPJ039-$%-Xl88!9*-w=U2RS@?#{|xO{!_VF+bfi&00LFd(D@JWxdWrYx zr5&riS)B+@A7$xIm~D4a`M37}f8FbzmRptQ!?rSOwa9FZrC+m;f6WnAxLLA3flteGz;0>0&`nysTm zNS@E+PK0-{$OUtCcp&WaQkZsy{GlMOJ=dw38mQ77ku}5ANJJ`RVDcn5bBlB z1Rf9aNcu_kDL2^clF%arQBw#YqckUX;I@tAwOy^nnPZ&~`5FJaawr4x z{ne9`D`a=MqRH0d`3)(=ikgnC>CI7R^RAE&Jok0GQC0r{0008%M%AuPVBQ&fHX0P? z`A1q*-@P*h(__o~T#(Nlvn0P^yr|!Fx=G!Ks{XJ7A&YW8<&TRl0o`Um#skEOP4~K;dyyoQZ z>{T~p$u0<1dT`CIPd<2){-9?{6Hl6_Q;tWUgE@aom?Bxg!9W7POJr&H(p=2&d9Fpjfs?e|ajW*if7aRTsDg!P+4-B|Qv8U53Lr7pn`H*c-j$Zb`%hAB<uOHyu26=_|H(Gb_pA-YslWnG`;- zP_PJ*+IG;I_sir2+_Xa%_wT}KhUDyR1_bvr9jOe|D`5$nMC#ws8m^|6Q-7- z1m&~4;UIF0#se2U&a>$B3tBL>M-723MLH_Fx9%%qn%$z~X{A`OyZ{m9)$QiWy?02B z$q3@oOx1i*bnWfV4^5P+SHnes!Fs6anF9dPEm>r{iR$&|jS}p9UZNwoiqF`gRu-7l z&>5E}=9#yH_=S08dWy?T=PbOMRn^-xeja|zRpYoIx^=iA7t80l`hNQHWKi!z%NlF6 zK%aml-5c{RKaR{dfCz&Ujm4049-M^lO$|Y3L>W}b4q5h9+>*KrslO9;j43g!(18>6 z(_pl6{aqxzgz1E?CGIS?!YfY3Zy8@L-CF+(LaG4pW9~PR<{c^Z?NjP?8256S_$ea9 z|D%O{@`e+q8PXs(x=$01g9D5jILXim*Idx%HZ^y!rJtJ_oi{U{ldsraHZtqN4PeWH zxQBiK>h48^N}1}&-O>$Qe7et7&HhZwC76x=(!w>7J60cg_X9f>R5*7w>~DJAHHm!8 zJAm&ypq3HRk}W@HA+ZDev6cf2UG&a&O;zEO2p48ZLb-dFWEl}+!wQtFN2bYMLrbv! zVtn_~_!3VhTQ=ltwKP-50LATmuq4f@cR!b)lOr7fN33W+A{F{^Q2xb8iNHMi^_f8Y zVEJzcylhIzu}Y+sc?&uCzwy{eA?hKKcw9F$h+bN6Qn`;%SS&5vHbxb}hRP?guxj^8 zN$hMIz0#6<8wRg*q@KpXtKB5E48>@G?&CD3F%gLbHX7cn#LSjW=kHsn)ar z{g{)C5X(%EWMjbq(_IJ9%uupcz(anX|^BrYM;Zy4)zJ0#JlLvT< zHa&e!*mbD^Y#SHrTbQwdnj{~?@n;sv>LMaNqrQ%z74&URQ46Tr5x@1S(^ z=9Joof+*#M!LBLwD%3=#blh;4V*l%<0wNqsx;`wfu@Mw*E~Cw3Cnn=j;BN7-j*cwx zfX!GwLa0z4i;}2i!a2mm1#E9NDK){vx)^o|>dPn_6Ee2%fD{6==fQ$~`WnAm-(%)~ zE{$DK`rge&SW_N%1R)oM^_s`AQ7XAlm#}t3QlYmfGnuW?i3TP2Az4XeUhg)jI}FN1 zY)Y|I*a<8#GxmpXY{4NlYbJZDlCc}?A`BK*^McPvtGlm;^*@!QGE&?GgRj*)q^1(>(lu^ib zrD^x~&mT~=f1J8}nUcQ(DN7Cy8VNTdie?NP`S~CYs{7o2ZR}ayv{mbX2HPSt?bLkR z)_6J)`4(sE(>A2)Sbon;FYoX22FmAyrt!=aF*PhFMV;T`Y8}VRBpL#aOvs=pKu;cU zJS(v7+D2$y>RJkN%_)nW1-b5df{HjJXnz`SXEYA?tw4(AJiTs9P}J7 z)=>_rl$RljpjTBC%x-{hO7GbvD^o`1ezudRux7xSzaASzU*EY|*lXGKDlu}WwK!Ms zJSyIu&M=RaQMmx~S&!Zdd8k-FmFaaKyj8J_4-pON>@^us-?R{DfU~cVe1$y&=Ue^T*EpE33A%Vd#{!Mm1#D}DEc zm}9f?Y)mnRSFA5B6~KpU7X`=a#Iig7e_1!v{29s#lN= zV}ZusDNccphv>Z~>zU=`P_q;>7pP|%6I44?{~77KZhY~~cI_)Au2!BcrVWXBe}yo2 z;Nzkb@c?|`2KJhzem?=|MyAr`zo=ud0PIultbk(dTO_`SF(Gt7_iR;U+89b(1rze& z|G=+uIHMny%|?zgjRI)s^u1Gg6|>nT zhn)mpFs<_zFYk=XM#s1bs5!y5V)D3xF!a}CsiC^K56C8M8S4S`tNJtY1(wNak1u|IM;b{`_;OPG#^`E_lE)`yb_0zs2{`v|@{ z{HbVtB+sT$Cj&lkuV-{*3!cFNq){+$I)%Mq#Efv>E;$^a~XaQ^_~^*D*I47jaf;TpdcrFqr=@GT~Y^&LMr(oCO$Qi zT~Wudw;QLSJBabt$n^KuKuo_emmv^SMvfRAoBbS_SP_l5`n$|c?^?eH@JhC=FbuYL zJZENrq0W9jr1_ehy^r1|kY>dV@_st{v%jBLu=4u(oB~0EMz+>uS0?7g9*0Pp3lVJ7 zHB3yUS+(+rX4zKFov4EeJcjTDHnsPs)xTKQZ0NN;R&$1ly0v`BH~mjX$axXDMV^kZ zh}LwCc6hkatj*7sa9v+6Nl7-W33d}$xTj0Xu7mYU_pL#x8DGD{)Y^tmPfI<(m(BI% zF$c@!Hy^*lpCbD=P)*hoNo!;XDkzw6PviMm3{%y^?K@bZT1UI?2CaLN86%C&_k3!| zcOazw&&8ndq`k7trS%;35+f-1RWYHI#Dfk;=2n`509|ezy%3rS{1%}DrJUZTss-6N zR&L%oZ8~D|Se0TdhatT)MNO;R>sQTI-}|~6>f!5rT^YX^ftDnOB4N7$YQj3O*m?ru zjPgH5-8VEZP+e&P5+^2Qq1Q|xy#P_x8&HH9Un?@W>Oe6vQLEKP&(^AAN?0iOs`Qme zoUbsubu!1%810sJ7~V09lUnM=+tuWha@TzS{0{O5hVf%@+&PaMki-ZKaxO3ejF8L9 zu$854MRR+hBlb)}TiN_XaΝ785BOZJeT}fVatH&R-;;T5p4voNCU-A%e4<*=mo$ z)g=rTBho+L```&@&ySdxb^eFqx+ju*R&D$Ld;uPV%HeD~6CB8a)BeNxFs-28{tfoX zCN&LcKg_fLKF~BrtK4PAV%>|HR#jNsTte!quw_oB(#N6};uYr!mn!HP%A8>_Ubl2R z*0ONS5@y}6>?T8bHLU)uK@17ssBQdTQ6CY2wvSrLq>x4H3{1EH_!&|V<9a>6Q9Dre z;u9ER`-r<7Us#}mEFn@v|HvocOkc+NaCXSe^N%sg8h&M!%L&E0fyY)6sDcmpX4`m+ zVn!CEljO9RMF|eed9FhpMB^h7tIU@$uT`#3yVP>FF5uaNdi?ZTv3G1OtXwSuB{!i$ z)9bn&`fYD2lH=vhBiVC9N2OkYF~Hyc?@hn0LkvTiE4i1DIt9m=68~<(V<~+hKUGs% z{(_O*0^z%layV9qVxe2h0+o7dDq#;JJON6VTw|JHf-QLwKML?AHe8sm*wBN!g4CL7 z!@XwqhW=Yjv>Dy{+}H5O-IRVkj2#+HO-Hqudw~$$7}gw6LJZy{mXcF5#JSewz?SVf zkB^E^1IBe73Yf1^Y%#E9E0FxR#9rrg+;&_Rj$B%Ph>3l%+4E4Z9UR&_9RG!CO$-vc zbg^_zPRV#;4;tzz(@xnI*rdVV<)UQ+p=ai}vdnu$p!cs3f@a+Yg;?|CMtDWGH3S8M zCFvpy*~oh9xW736dPC}Ct=a(Qt0UDfl}6SAb!3z_b=Bo4_l}XmAMpdCb;g~L0+IlG zr6`kW`y>!cUt{|O0@&5KG255IChF(+4}NaF15aVdhqR>2d5Gt-H=Dk1OFC(X7Jwpk zmW_*Hu=LM9zc^kun8OP*6>cIx5~jtPVz7K4ux;z3U50!az6;N5tndJ^E7|Az}qM> zLIV8u&dLPw{q7b)Ff!h`!d!1|$flb$JCsvjrkyA>!u2K|QPiSAVNp7jJyzS7Y~B ziZ}OViNVPgX?3I2F92uA8#`=LV8(C&EsEW&Hyeor>U(*t!#~S0$wS-f42mZt28+{+ zf!J<_is};7L+1M9W*gZ+4gP=OI7zkXBDC{5?)B21M5sZtE8*KvxTHQrnO#-f2(5Vh zx3Gsy5N>r#5h1}WcQw@=eb5DDFG)Df*E>C%@(gO(ai_(gAbQENWMf8}>LfZa@ERFW zvuwK3{(`WgFI=*+Ao*K+-`7FEvv?Ki(k9w!P1Pk{ZrFhgk({D?m%D8p4}l&pVig%y z%>7^7nc9>BlA9?YJ_(eNg-&cAGDKT;K09R~K*_Gvd4Vi}@I8I(<7XU6w@Vkdy>&)} z$>mT{Y6u|3DbY_S%BUr?)HAVO$qN1Q2vg9(!KNErp^{gkm-Y#VYzaI&{ojdg zEXEOa`SrA$F87W&3GBbyygAneCm|-i2SHfmw00udq^9 z!eb4%nKm1gll8YLm19&3KR?|_++VV0(>`pq+L_eCopvhbZ^{q+eKBCj{&|VQ2FuD- zi=d3L=vxt@@DhVOJJfax^(-j&TZanqspnDfX6`(aE<)(hC(;v43q5z5({RJh{}7T< ziOo}JkL*p7kW~Ypc&#mU7#y+^JZNIl4(T=jcU$%P-PMih0K%)_di^T)r6+lMiD3T1 z<)A;DqhE|?xllpIP0E5dc%;8m1&L8t!Pv!%l}GfSOQn&wV=KJ9coH$5(7;&_y+|^@ zT)W`3f4KDy$p;rsJY`|Evzmi1aUD^#>)pLn`jVe%xwhL+jjTB(*2iSW{%hJ%gZx^D zAD5ZdJZYJM`jt-E#{JSyX9;5h{*;1$f+e&k7Z46R<;lfIs@`zK(dZWp*p?Uu6(VB< zC_hXUOSlWERN_!wS^(N?}lUEr@In4jkwr{4}RH!W|{t3#Mys<7ol=Fxt35ztu!eI4we=HeL6YrPOQ07n%4Q|n|C34y=|KsVR@AD8GtPI0ib_D zvWQQrhG)ERa|dLkh;GXceZG#|IukAPzPPK0)NIC7uzToNDee>4PAO8N>MeS%L0mFPA7w1v^DOCdI?y;5}zsY0UYoONYPRlx@;c912vOTM`8OxxJ)^VGg3#mU# zYmURI?~AiRX8|4UVgOG;_@#I2kwK}Q^ZNXV<-!iyUx1N24R7rg9xXY&mOapmlli<+ zoC#Lpv+wh(eH|DE+$j?l$W1E-QZBamLdyeU4Q?2I?W@f$^3->vJx#Cb@2{*8pekn| zfMO6Fo*p6eK2jdi>)HvkuoW&t2Z7AT1I%;i@qIrUB5tzOY^Vd&P_oLQC3KfKJr3;# zU^wtY+9sI{g2Ri$62fDjxs->uuvFnjCpkoYJP#>%;kp$)eB~>bq}8NMUc!H=#+Q zN}?d2RP@gfA#SFsG z!fWjlEi~reaaQz#;xjDNOJAi@5!|8C3OM%#qP97(m5M5)3jxUT ziW#fLLQ`4NUIKfNNk=QE6^Pt98&iP8t>#jLw$^c5_w-}&F**4kxSOl|{`w`h*FI8~ zSb2Q5Dpl`Fph?d3b1pn(J)nDdAUp#um#KrfZPKFFlRYvDd1QG%+@Aj-YYEowJJIe2 zsM*4^1R7XEbEl$WZHYI(cimxcf*OOpoCPZ9S4U*RDM_{UDHegx^Yo1g<@kgBM@9Kg zepRj8T6Be!U_bCiwiJP5N5>h##_Rvj%JsS>Sy*Hiy1$KEW1B!>o$Shb#3_dfhjX{* zWX!yIh;~zXe6y-sEPeyx%zx6l%_4-eA(>eG*It+@UnA4eTwS)=F!~-WWtl@wdEiAu zycK$FZOfiO2-P;?D9`p1x`-B!XX0Y+U2rohP)vK^(bHYbTF)gB?P`dw>kH|Xs9lQU zU|n*ZH?HvoN_`CbXI4>fNMu&~9dsHoro6m?k48`JJICh|{UUupsz(P&>++$57q;U< z+{iRDaFVB1x6u<}P?ac26kKJR+&J{JLg|oi7xrb-Ta6X+sZ)N~a{fhEG|9}dQceBw z0e3#zN74nByUZ*{^dh@v=44SG;pbX*Zz$I&UDRjW=;e=tdmuWIRpspCN+}qhk~eKH zpd!UtL`i5-EBoR^BswO`^hoAiX~oM=cD%`q)>V z1|{EV?+Pn??8-RdqqkySJyMudO)fP(re`5n;CsM0n4CssjD18glA<4oiQtPyE*3m;09flV)bVf-F`m}CH4Q4t>4W+joB<70 zBF{=@H#n-zB(l>$6?MWKMxSzT8&2`}z-bsA<|X$9lRAL($)@^f{~-+=1rn<4@TqfE zr3b1vm{VIlSX-9Bwi4_~JS?z_nlme25G@dH-_Zcw(?&kHgC>;j)-VoeV`H;UrnnLN z6lgN&qgU@92V4g|SJML)ZqKs1A>4a)vnA^p40cTdQxyu<=p&fH3N#tjb)~w$HI-S8 zmk;~_lLs`f&;LH$Z>)lcqgbG0q*X0h^unfR@VVqecvv~wvMBLC2Je@q%#}z zo=mWqjR5}d$44Dn#mazFZt8JOW-Fb3S4wao>0VHSxj^ic-H(t1Sx0VqoNVM!u)9CC zD=zWgB5P^F7Nz+K3gb3PMC=VbW*v2Ds2`DJ-*h_8rB_O_+b+gzWm@^LgX(70@~a(tCIPkKgZ{S@NdOLO(~Ops zm)0tvf7T6uB`|T{P$LYSgA%U;IWePl`_|YB*BU1?qiASt2=sRoS#8V z7o86*r8i1OyD`~7$0?Nhj!v)T-ti%XD<4x~LZ+ehHwrRGK3ZqYJegKAtEzS=y}I){u3#(9Bk)%FQOT;^T!I^ybQjwJ~Gi@ZGeydhF|DjQ?w$*ZW-D)J%tGigMjUHi|x1eJe?z!ygE9>`)KH8&PyrfZil?-+HwB)eX#jLXZEFEYpCGC2P@0$)4@U`JPyhe`V8fOMJUoS_OXJP*RXzXw zBJBcr0005U@%rYkX6cQm__ran?aN)59!7^iTfGOq#Hqu1Z*y}8q;bsvQwTZ9*MTwn z+LBv5^Gt||F{?+B=-sKT&3x5;D=`b)au5t!XuSKtNI6QpW9*Yie=z{`_x48s&cDCe zNVV&uvfkH`0|1OIfqPT{{;ORGndl?V+Z$Ao?26@~y@=V~2;45>9f{-wT9G}2j~!aD zwcL-o_T_y${%Nn?7eP|b(#(z-YsfU8+!`ar*tUKiJ{Pf15;YcJ8ubddsNN=f`*hp2 zE56supAJU2fZ{zbish{XXBb--vPb!$yPnBjpAtk2=g70wVgCK02f@v-VOCSpo&{ZCK(UMvbD%ll8RnqxFb6S32z_~l zZl+Tw{u_@@t!GKgzh``{ZeHEk2KF#Gb~s0h=M$N_RQjI3!<_MX?MW}oMltvRmwg_O z1cQl98ymxjV6{vV@U|jHtrifTy`E;YMCpqicpv%}vamcH&mGvUzlSP`5Z);#&h2uJ z^?M%4|{)y6bLoWYNs$8fBy1;&9&R+Nd9V=fx znXxM`se1LpK4Ecl@i3hq zW5|<6_=3`f^0zMU3Lv5CUFyyF=nhrClEJ;!hRP8f_ky_QpD)%0iLAcip7Z+ZZgjnJ z)oeIPV`$`#BNVS$P&YKh0yPS^1q<+un01ShBFIc-{sK2!(`=Jb>47@L3oZE=!9pC< zwf$%xdg4y=bpl6yDcU=vGAvG7q4y*}&`Y)`j}YWoD)V*Fc!NdXyzP^!th88gaBy&N zaBy&NaBy&NaB)C(w7wP&4h{|u4h{|u4h{^dZMMRQ^Ns*6o1;~ywxe2+j_ubza_5P~ zc9eoGPc-WXiaGiz`pTjC3>N{XK;Po;+`<}XcZJY*74I$5gdJp)Fl=sgbVqk#NZ#+AK`awR^G>^$=Z$x{ygb6Fxbf>^l}#ijezW z@F=n`SjWT;{4@@@qk%Vfp*Alc1^(r*t)I^FoM~>@Oa(VI2{bA9)q%k834+QnM=wPp zOo%X_H@T6kXm?^+j92&%CKe%_4JWf>W}l!%^creexts7!+BwF@0t7qsaq556hqUHC zo)md%%0k|WE(cl^=F?nXFrQN#{mUWD(;Trz{6p#Bs%;F`W{tXu`)Q!b_%b}UyHOatA1vgE?`GZL2M@g$6W#m|xA}8HkmSj)n%@ePi1G!DlTI zoBSTQIR9<*ajE5ICGB%L>MrF1+LP+>jmt8k-kF9IKDhAm#aAgk)m@_+A$i}|j|<+@ zIs2xID%rTG<17seyb%pi{g;T>4Gm9{X(X@liZf-)ysM#Q{hX)HwAt`mHAAm>(1MzY z%qWV!z#4b+GrI)Vv1gb-cbYj^6N*r>!OKwThoHdnC@%m2000Iwk+=AZF{Gh-cGXL`z|~&ds11z& z$?+;CJP zqnxE)G4@H9qM`1M)c@tD${Ac5mT<@!(Pe=as$byM&j96s{Vdt4qTLYuh3UoNiD5Gp zdNJ#RO3xwt#)d_Wkyyyt!wy*W4;Xn0EJ%=!IxXsUKB}cHJKgG6d?Ju!pRuS}DbtYGUp3=3ryfeVxNQ# zBfBk3)XYcn$!V;Fb>4-bK0JP<<}KeWGMi}GI-f+{jNQiga;1eMU z&s|Pl*qqmka{%RT!7%jN7c2;&Gn&ALTpBa#%a9X`H?*j+@bXykg)5Ze6@y(PqRQ5z zVaUUI#M|gzVb%d{YBsadbVBvLyS^*z=0od8zfy=B+=ybopiuVo(H(HrQCex~UnJ52 zJNQGk04tx*BTi~j;QOo}i18q0tiQqs>Ayl5iKOi@DM8sWr}phZ>vKE0r~vWB@K}KE z)Jm0LVkiI90+=828mhUSWSo~0sFuH1^kR2&1$^GGYD$&z8IOM}ASg$vp}h3kO*Dv6 ztB#}X<$sQy@m)>Zb^z)yFxAfo0SU&lSCO1BDH7!X{XmOz^auQMh+2)UdpEe_f_um0Dbb4OoE0nyG6BRID7jK}C2cjo~%onD| zEl}16`9yYyH~Dy0l!ro5ZGE|OzZ&g97oOG!MTyOIcNt7HvZX8phiU#XYIQLmlueCS zT!XMQ;oAR6tAh|uO}6{F2Zf7J(`LLjQI_yqrRZGZ+bam!p_p|HZYy zX;&e*g}9%9U*wOShym6pavj==erH%#u$Ogrkk93~iY?DPqtH~XsaYULP>rhuYuo=2 zyHs(DtDK{&E;DPcf_*o%(m?`-sVobvCggshKuLGT+t3sk4a zn;K#XqcpD_znAR_@{^lTOk303#M+0d&o^M9rRyEGQf*uUXQI&J1K6DR#?`BrW%J5_)-x=;%WP6H&lAyMKA^HSOuJ*)zC^aZ-mKPs#$vwck*p3oI#arw zM$RWykAZ4QqMhs2OBiec@2*DkCzfM{?leg1SD6l6eP32<0JCDrRDr@D09Kcf9CO3) zBroMA8p&|&jWd+~?k5}czwJ3D(Mu?@AI!!5H)wVw2k%;w&M^nDIKbVcnaNxJ>2Lyo zTl+O(hw9|1TZ^l}z=bQ%NLnw{i6z_6c)zQ@rfrKBG)stJ6gm{tCmj&o+Nf76`^J;0 zV_0S<0xUByK8(M?@IPf7e^DW?HId6Df8yg9EYl0n%hzYwsxi09@Kjd}+^PytkH z`&9G5Y>}19_CIZ1LtrJqvW=68ePi3UZEIq4V%xUOiEVS@$&DtqZ9DmS?`?lCYSYzN z^rEWz)HyQ8m!JMbr{EulFTWAYBC(FKIwZ>HClGw#JpxUy-&>!Ps=~eErb8>^7d*O| z=_t70QbCY_3?#WyP#Qg z(f$~DRGluKFOvgB=S(-UF&Z=nV&GH48#s92AzDAzYSegZ1E#y=?&QdYly|q6DV?WW z<8l+NKC5>PD0TKwlYR?T0T^9K2ND3Ho`Xvzc(}~%+5tcV)#6MMMzMm8n7Go-|>$GPq{of z@1|3mY(=+fl$o`ii_i0@Gfd**%Dc&L{eug!$h~_GE2W9U08!Mi&HLK>Ekd^bY0F>9 zCVI{93h_uu4T=yoR5wJZ-V$#SvTtNPeG+usZ?Ye8PcjNjn4l}lrm#UsXHN(LFzIh6fF^zgW zSl|XEWO3|kb=1C3qx0$}!)_Td1*{0CWW0q8VQEureIxfRQeeBc^O4PqDgQ!ODNDMh zaP|p8-ax=^0Rp$T3J-f7G06qwnQ5w<*{{;BD$L5qM#eblO?mG?^`^Y8q%tfQ_93D5cLvXj}VUle$3eM*^#cVGhg;`g~ly8wDg^I;i=5$#z!cvTN zQH?YVLq4iYR^sH0e+8y4V>`|qLINu=O@nwRSOrkH~Aw{=12FJwIRAb z;A+j5PK)R!DR3u51Z=_1;m|0hVi!S z@v}3Tlxq>7H2qx((A+po*O$w~?kBL`OJ* z**$sLmWtQ;9mG^nz=}8(tHKgd7!wS2|FUuoCTwyLUgi96=`E5dJ9Y{gsp)0iakxa; zA~go0^Y$s2h-Opdh$124*T9(7?%AIy+P@m`)1R59L3}BOp~~G zR?6Ke{t>~iY=P5z@^Tq6Em$MJlaR0Tv)|*`d}0JhWJp&2icJ~B;Ok1gX>D5<&P5z? zJPz$45)j<@j_cisd+Zr?l(6k}E6^xRJy#Nw>BmivWLN~lQN_bn2fUJ@E zhYs~|n&Bhuic!!@ibz>LwS|_kLoMN(&W^sk33oT4Jt~+=piGXrLNVFNO%X170-NWr zP3WgNz67Nr3))xVSd5Ogh?#X}3-edT-`$)hR$yc;fg4*!Z$i1g{S8KKZ%v_&EA7!R1__xl`2ZZm)i_=xyfgI`! z6E{7;g2`or6m-Qw=-~5hfJ%RA)nMiuL-#|v9Gp>TdgTwWECo+06ee;bH9(9F^D{+U zJjH+VC3+-8lEtW-3zXwidKt%R4q*2IVao-VJ`IRT=OyLgKyjm06 zJ}@QS&T)Kd{G85XRPbVbI-J+e7u>1Lx%}{}MI)(ZzJTEz5qUI%Ko*}N4RB1aYh{10 zkjnYJX#}~)RZfH%k{;8^RToW!pjuv&7gx}%Z>0^H?XL5vs`TiI9*KUFZY~Q#HrdLb zQ;bBtL|SHMj|WTb_0&QTn9m2a9Sasf4AT}GkFB_|+?j&Ja2{7~F_ z&+A~3A$@_f>>`cHTnWWN+;aYqDbfR#Zef0cO@wdju?*G|sQt6dbDQ=oy^pi<(vVd~ z|8^7c_NxuG@!h8TL9KsCVaa>)YrOS&i16%+N?_=GqoMlZP6U4}>c*tflka)p&$D@g zLLBH)k@YAjeF6yCoVj`9<0Yi@w%(Im*rhR{4HQEyd3%%RS0%8?_V&b|j=$vH)_ZyZ31% zfOKu}4O}}KH2w2YWy$25f#7b~IZKP;s-hhyQi_3|!s|BW;@G&3Mzja?m7wfC88mU9 zh%487X8DpK)M8y1zSbWUy_Ec4CoL12h%>Hu+P}x6nAdT!C3&vXpeO=#hwx&%TG5~u zyX)bd)p0gLJ#r+du0a4b1Q65jaE?y&d?@|C5JH)PM}j%qDfH?yI)D&S(k`t?pLJQv zByF$rh<=Nc$m{$S94qMV+8HDEY;`B6x2zc~ex0QqQ`*Gs*A&FGkokgj8>cV9%F~d$ zxrMQ(!9x4%*zBlSEzP6sa?I6$Jt;@%bxlhh_Q+NJ5ha=jKk&vtvX>A|t}Z5Mts?*Z z^ut~XJ0=t98=tfY%&EbdH z6%}^1`n4M!eaGU)qcZG-(X|BR`?*JAi&Z)!c6z2-EOd3 zAHDYumF&*r;&paf1uK#0N$^y;`j&~zZzLbjR!}`nL5Q0uiMcWEpO(E&nPIaguR>p0 zV?&w@Wwr(P!e$S_Lpe7J*UF4W&z7CEj}@B1+PSE%Yj^LfZ2Pg{U|h#&bsdzPcV*bj z-EH@STp$(`49ivFpi#!u+FxqDLX@TaU-3EtoMbdr*@~QLI|F2U;k}mIKHI{+>CPGi z{mF>gd5aO3L+D`XLQR$p0ZrVz3pjGpQoJu*<>gm~_!y;s@VE|W$9FSo4#B;RA<5Ta z>>t+*CumxM*lM>9T}myMYbeKoQ}7y@q$6>v0lp>GZyRK-wdhMAm1vPL2kF5DQbQtT zvw(LY9SHhM0-Q%7KmEnysBYG1jA-PSwoJ9#mE^LCfva@>5KYXQHOC0*6J3 zt&y&SA~69{nv9aU&+pei&gNJTYL`Vmys8Br4}L6JE{`GF5W}Ubkftrb6Lkto_K$${ z8XWN;W#dsCHIo}qZs>3~c!-n!wBnr619@0 zJ9SQ4b1h^R)-b%Ew@=hYwn&qD?%28YJq(T5rIwV&ADumfP3x2T#x9g=ZaC#In<_>Y zJNtHifxcmIffJvZfrvGV5~W`0{1l_+T~3bDlRM)|oyOtSJk@Maokg`@a%xfdMdz$r z$w#T2(o~3f5piqgNVP1>Bn|h5P!>Ba@fk&nmend6h8^4^ppcS{IjVEAc)UMTV?ws8 zq#!x(-$KW@IKb66o~hBtIr`LD}57Sx(pn zL<0x(Z|h>F?|LR?C*@gfk=g)>Li+b+PyNSv&vpnw>P>X|Udb0iu7Lp$r5!H)fdk?t zjgs+ibJ0lSAvl&9a|rc@RgAE#6;o%MTT2$m!fl$CUZ)|>QnE2zXqoe z!HPk=IypVMooSXueX`Mubo{wqEGD#si3&OEgmho<3k?w59}AynaOKK_!0_8|Kc@87 z#ot|oc$&LA7>^Gw@JLlk8l|1Z=G9_-$~lLm@x-n2#>3_nt;mx~u6jKo*mJk<4Tt@x zdctJC3G!;UIFaWJRY4omh(?O8G4Ad~YR(&H(HH|dM`E|n>2C=nPiRa3%gMPz!`#>G zK@(0P)&n%ZqMFWo*E=88k$(u0iNza=5Rq`;)6aP8Jm(z}B1|qtbhWjK!UkCfa3|OD zF&Xhurc3r3uoX{mw*!w@g&QOCTk^2^>bj){Mxtjn#F%c9#DZhNBHvX?GHFT~M}kjA zsg@$edW;9sZ1%b|GO0^iBEj+ZwY#=oo*$X)5dh^U*rnA-m#VEPqgWXW#;*dae+A_| zKvM(A`@&)(m&IV&S)JzlkSbwl`&^(rBuWuisqKShr}|6=WR4)`7j+j4%1aLqs8D}* zgdBYu`p!>=ShyI;KGUTtRA}q$kb`BfMjDF0lc8J?{|>0nT_HiFp|0t9sj@W|cqeK% z7@JnKu<}JL;{yo-iqjcOrICe&$vrcD3j#kr^?XP@rhH>(GdO*A%Uo)xr;dUdmaren z!^{>`Z0btb1)o91y(D1lw0Zz$uOESWhMDcqwc?KdeEbppNPasm7Z1UbXu_fkXSWfU zlsZkqR!qftFDrKO+Z)OR6~iyc1P1TrLn6V5vZqL5{7iR^bAgOSTinqJeep3tjkjVh zrs4%|%h~d=tnD50fj^noyxhLSg!B#h z`&=Dp_qVC9EN}8_F>PShu(fuw&GG8Bxz)OlPcLRnkb%3qIh>6l^+zhK1-MqK!$Uif zfYmB?5UvWy_Hr?JBgzgz%est1{avlvd3aZg;xJ91lhVBwfv_W$27Od_C&*4AmfsM! z)yk`E@6E6hgUhu8=79RmQcs|IX;p51JuPM6hBhPf2@^E$gQzNaClY5io4r6=P;fM! z(g^)erweW9owSeS2Rv~w>8HIN)+Aku1Dj5zbxn@ljOtHg#>6dTo(8!J@=+xRt37uz z2*mF!E@7rX5eh}*DX$1oL2UAUYm+whRV^v{r?Py+i|>IX%|Bz#0}VDy`%ZyQ4OgG0 zr|rjHH-Tr3S0{+~K2rK7W|E)+z6J7NykH=Sqoql`$*+jN)f)}u%Rf;mxL(rYD0}p! zc^C4<{=A@7`t2*eJ`yVMohAODJ)NSR{QLa3Qa($Pa?^(}HhbfpikoeqiSYy~%H*?? zpldYgYml%(c)_D-poE^mRrWFfKAT}c>(I4@%wD8XEb1i zs!sMkH>uAX6hlE)%k*&oIGaC&Uy+C``s!-&7O^V@bYFckk$yEjxS)_OD0&^AX4Vz^ zm?mJWfz_$HKKKiPRNb%-2Dss4768MYS(?_`!eP^8=h#fWp+l)np}SfzYc`yDx=-E^ zg8Aq%$(R+J(X3zB%fLCKJ5AOtaqr9PC);-Mlxnt1{j_Z{bcPGW38S zIm`UV7W^zR@!n}F8)!qjdODiaEsLN)YUVPy)Ka7HhUM75^evIC8E$2>owUgbm7w&w zsrf)}OSi=gP!!O{#QBqHmQt4;f9_0>#x(6r^Yc)pP1!Kq?Xo5mpt`RvgsVOqPRZFk zAYtRgFd35NlxJ8hENMW1@}#CsS$js)%clyj)sJQs^IaCYrHyJq8Jn+>nNA35A@=0I%=W!czz>)<&n5?ri%7?K9J67rReV6>iOM?co31Bz zi0^>p5uqruo(^OZ{@Us+OEaK=5w_>|-5!OlGXXeZoFT1O4CfR6qfRS{_cwc-h6mZQVXyU94maid)LoU$UA#8-^2d1k9}}?FVWQ!1 z3kGQqKfK_Gk`7Eb>>Lor`Z#2fa~f^@ktG%y=r>J-!IiriMaVql{>=Wxkr;xA1uEh9 zHT$xBZeO|wK5qJ7ep2V%iC^ioqlh7abDu)tG zyu$tfPq}TPRdL^h&qtsC^cHcA;UDtui28IQN&WQ+M=V6;J`tZHxv=@bFS0N>%+hZ7 z$!>^lMeh(Uc9yFj-5juW*OvM^D4xva>t>jFtQ&)1g}RD!*#Op5nE!es$AeyX%Mxng z?igk8k$zbP^Ud0v%l!yl6I_HH$XBDe>( z&SPQuCfhfJ0x$MLBBB;dL(Hm88f;oJ3G#h2Ro+SCEl+9onu)0V^%L}CgkUZg$#yvV z*o?n+SnzGhco(j+KfMf-(}PD=%lf(7`Y-_y%Z@%^hkL~wr;>}$pl%q`yHvPiA&tjK zpGute<(wq1b(^I03OZIU$Thd&CF;|b)3w+;@pG~J{9{jjuZK>1a^=kT2f}&{0EEtM zgNP>D$N}ebDl^w^9YbN#1(uLONix0Y7*t#{bX{xVZm^tPQWwD&@K zj5w)gb3%;fw`cCwzNa=gB;+WErl$dw6lo??ybSrU?aQLR9W5u@v9)mkSDGI>xM5R_ z&F1+uv@@=~<_yCB@cacb_gtXOhVAuh1|gxkRs=X))~y$7^VxF1+~5mMUXPxiJ8os4 zcP^|bDEQ_9hvsMG(ePgHD!@is;(f7W);; zMgJ@`jdV zBp6pVB1otFCV||Q_L&CUYio^>EzSNK&y@=uSf{9xUQjERWuBBG+$?`^kL_6Gmg4lJ z+D9%2S?1lx5-AZ(Jyv^k-WzjF?GxkS=2#QLc8w`Ci}*cf0F=cL{8GUr0U+;3d&^d% zHDRaJr0*lQ$Bk7XOmpC%enuN=!BYQII0s-G3^vMOm?MB8=*T${MLNh z`~aTzQF=|J964S3vqF+5>EPaR;|k5i_XfB5g~ThsNKSNaWutn{^O^W<%0u$}3mXcU zelB#m$=kWufrX}^B<;LRdZ$(w{YFPv!5bz5sc6(Csm&{i3!zBe<0)=GhJj5x9h4OI z!5>dVNBv5SZYnhED~M&29qH#&2P<73*?&wjVQ_y%Ig4(Nk|r; z2cF_5$MyeOw_~Kx52AeN z{*UyNd1urg{@`jg@>qswwF*3d5xCe2mlnOvz=^}+plL6fpm->$q}#9R>BZr+l}>aT z2qyGtAM?D%PDH7=JQu8OSY-z=v88$M%$M_AjX!&Zg zQUYQ{E0uw(?HY8gNqU5X*qA}v((S|uO{30uWww3Qq3?v?kH&0FK4Wm&;Zcte?${sW zkEiL~onZ=-W!`X6!DyM5gYdtZ$7@k(3#)+S8E#6U17vw30gojBDKU zcahyj-SC6dCenx*RV!^U1xLvBU-@p>u~-%#=U_#(43(|K0e`W0QwJIa{WibBhQbyv zh{Z9Z3~0vRYFU9@h0w&72K9Xwbo+769_0^+h-$GCvicf9bt(L??w-_d8RRlUyxCmV zG|PsGh^7HLCRLJtbAODOV@u1L!_L=0igN3PZ*hHqiFsmIWcZ*vS$#6O=P<>5yGpkF z?VY6Isw&lv)hG2gZ0HqICti5&a3;MGK>r{2-P(rPxmLqt0j%8mm9H)=V+qVI#21N$ zoMBl*RuODq6yd)AISs{@*Vr zfl;G07Qs@@6729?pqsAZvboAr?h6Cz9~SgNEmRX=a+u8{)Nyt96P>m>M!3&&nMA32 z>8L~}haFCMP`J=>Q->U=*!Ehj3YT0?(c+h*KP2HB>Q|{_OiH3)r0{cvqeVMWT&4;I(g8uF}9UA5I6FsSIDN2&eQZp~E?pDKWNi519Y-zuE5R8BxB?dZCmTxqb^%b$* zxpg+F8CWf;9|B^7IFXs#rc3)#3>tjn0&0-CUl;yeCwZ0PIr=yiWTA&xeuCqG4_fH=S`8j1?t#-WR9t!+- zVGT|2tVJ9erFVelz>H-{j?G_90O4ukh6xM-$O3X!@nEb%MwCl$lFXD+9YPzZGBR z+P*q$iH0TNSRjq)T-L8^%}?>VD;RM$SGVR^6O?1au6V7?bUwC3rm1xSv?%D)Vhu9{ zX3INqHw*p49ehsYH|9*0!!rJ6G%iPYhJ$Zo04x^l`M;4MVUxrr-2inevyE(NEVN0$1&~82<{`-xoIl|YPQ9Q!nFS|5n4k^%FTy)G|4}nYeN$MIj zgtoa%Mj(-2bSgWD&@yk#1{tNQQ1#@$$qIdSo=sQ}{D|E+^Qs}FR#x^b`IZ6}1gLTn z1BJ%If*TYRT`9ZWv#Ank*vJbNA?1)nc;+S_^)(a#1UVw8_hsGo?%O6$wx5JOZ=$%q zqXHS=esRFb2h*{kHY4Df?pxttQ4KeD)HpdBZ-}x1x6-`fQ~RX>RsXkm zlSrd~@4}8ja3cd9;fJB1ik{9ZfSN})BOCgZMF>htUwV2=UV$hIE}{U`&9e_CqZx2sr075N1ERQ43eHVXx3aza z{Ne-WruwIbuqXF@CnJJNLY81Q;v*r>VLEueVHWXDB;xbxX)AWVL)7r%cxD|$^|wOX zWMcQmu4$#mp;ryq!)pD~3m2;uLqmw#&zg@+e2xtHiU~y@rko#oLD3Jl}y$h&F1b^j8%G&3>9)y~ssBzf33(7GuydkM-{TS;h%- z{0aQB@QFOE!!@iw!Hv|E38}vKiP^>S-;9LinkRj>~ zg+p)ncQwA~vi+@&BLo84z?|=`m{00k>YtC|(Z!Fr4Z)%q00IKhHr3*a@{NmnXAvp^f`L-~01Mwv|a8H}JeuZ{dxVv)f13Nfw`;HqrnPKccZnUfb}s%Q zL-w~CsvfxHE5MAJf{f{(pIE*ght8}6sscj)e|G_KYS|Vhr!QW%pB0@9UOO_kF@<|F zJ2F%>u?Ux_yWhJR_1hGAuf(J&_@6t7y=#^{RnN + +This lesson is the first in a series of lessons to help you get started with Python packaging. +::: + Before trusted publishing was created, in order to upload to PyPI from GitHub actions you would have needed to add the username and password as arguments to the `gh-action-pypi-publish` step. While documentation recommends using the GitHub's `secrets` environment for the password/token, in several cases, users -were pasting it directly in the workflow file. Furthermore, accidental leakage -of the token could allow attackers to publish new packages in your name, until -you discover the compromise and revoke the leaked credential. +were pasting the password directly into the workflow file. Furthermore, accidental leakage +of the password or token could allow attackers to publish new packages using your account, until +you discover the compromise and revoke the leaked credentials. + +To prevent these incidents and improve supply chain security, developers created [Trusted Publishing](https://docs.pypi.org/trusted-publishers/). Trusted publishing allows you to register a +publishing workflow on +PyPI and then map that workflow to an automation workflow (e.g., GitHub Actions) that is allowed +to publish the package. -To prevent these incidents and improve supply chain security -developers created [Trusted Publishing](https://docs.pypi.org/trusted-publishers/). This allows registering publishers on -PyPI and mapping them to the automation workflow that is allowed to publish the -package. +You do not need to enter a token or password value in a trusted publisher workflow. It's a +secure connection between your :::{admonition} Trusted Publishing outside of GitHub Actions :class: tip @@ -316,7 +340,7 @@ The workflow above should be up to date with the current versions of GitHub acti ## You have enabled trusted publishing for your project -Congratulations. You have now configured your project to do secure releases when a new version is being tagged on GitHub. The workflow we have configured builds the package from the exact version of code that we are tagging. This provides a guarantee for your users that the package we have released does exactly what the code states it does -- there is no potential for supply chain related vulnerabilities arising from our package! If you have a package that is ready for real-world use on the real PyPI, then you can follow the same steps to publish it securely. +Congratulations!! You have now configured your project to do secure releases when a new version is being tagged on GitHub. The workflow we have configured builds the package from the exact version of code that we are tagging. This provides a guarantee for your users that the package that you have released does precisely what the code states it does. There is little to no potential for supply chain related vulnerabilities arising from your package! If you have a package that is ready for real-world use on the real PyPI, then you can follow the same steps to publish it securely. ## Footnotes