From c48090a23ec41ad98358f2cf4df5465a65b33d0d Mon Sep 17 00:00:00 2001 From: Geet Samra Date: Mon, 14 Aug 2023 15:00:53 -0700 Subject: [PATCH 1/4] Set Disk Sync Duration to seconds. --- .../overlay/files/rancher/k8s/rancher-etcd.json | 2 +- packages/rancher-monitoring/rancher-monitoring/package.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/rancher-monitoring/rancher-monitoring/generated-changes/overlay/files/rancher/k8s/rancher-etcd.json b/packages/rancher-monitoring/rancher-monitoring/generated-changes/overlay/files/rancher/k8s/rancher-etcd.json index a305fe8adc..0c058cafb9 100644 --- a/packages/rancher-monitoring/rancher-monitoring/generated-changes/overlay/files/rancher/k8s/rancher-etcd.json +++ b/packages/rancher-monitoring/rancher-monitoring/generated-changes/overlay/files/rancher/k8s/rancher-etcd.json @@ -599,7 +599,7 @@ "yaxes": [ { "decimals": 2, - "format": "ms", + "format": "s", "label": null, "logBase": 1, "max": null, diff --git a/packages/rancher-monitoring/rancher-monitoring/package.yaml b/packages/rancher-monitoring/rancher-monitoring/package.yaml index f461bfb025..e8b50bb440 100644 --- a/packages/rancher-monitoring/rancher-monitoring/package.yaml +++ b/packages/rancher-monitoring/rancher-monitoring/package.yaml @@ -1,7 +1,7 @@ url: https://github.com/prometheus-community/helm-charts.git subdirectory: charts/kube-prometheus-stack commit: f0e1cb7c070f556146c2833dbd132f7a321ffa45 -version: 102.0.1 +version: 103.0.0 additionalCharts: - workingDir: charts-crd crdOptions: From b937b04c31cb8faf5d54a2c950f343df83a0532a Mon Sep 17 00:00:00 2001 From: Geet Samra Date: Mon, 14 Aug 2023 15:12:22 -0700 Subject: [PATCH 2/4] Update release.yaml --- release.yaml | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/release.yaml b/release.yaml index 02b4ed2d10..b0b6e3fec5 100644 --- a/release.yaml +++ b/release.yaml @@ -1,12 +1,4 @@ -longhorn: -- 102.2.2+up1.4.3 -- 102.3.0+up1.5.1 -longhorn-crd: -- 102.2.2+up1.4.3 -- 102.3.0+up1.5.1 -neuvector: - - 102.0.3+up2.6.0 -neuvector-crd: - - 102.0.3+up2.6.0 -neuvector-monitor: - - 102.0.3+up2.6.0 +rancher-monitoring: +- 103.0.0+up40.1.2 +rancher-monitoring-crd: +- 103.0.0+up40.1.2 From 4dd485cdeb24f09e5c75d7341e57ffde0c29a47b Mon Sep 17 00:00:00 2001 From: Geet Samra Date: Mon, 14 Aug 2023 15:42:59 -0700 Subject: [PATCH 3/4] Update rancher-version annotation. --- .../rancher-monitoring/generated-changes/patch/Chart.yaml.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/rancher-monitoring/rancher-monitoring/generated-changes/patch/Chart.yaml.patch b/packages/rancher-monitoring/rancher-monitoring/generated-changes/patch/Chart.yaml.patch index 0e92dbb9d7..b891217d9d 100644 --- a/packages/rancher-monitoring/rancher-monitoring/generated-changes/patch/Chart.yaml.patch +++ b/packages/rancher-monitoring/rancher-monitoring/generated-changes/patch/Chart.yaml.patch @@ -12,7 +12,7 @@ + catalog.cattle.io/namespace: cattle-monitoring-system + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/provides-gvr: monitoring.coreos.com.prometheus/v1 -+ catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' ++ catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0' + catalog.cattle.io/release-name: rancher-monitoring + catalog.cattle.io/requests-cpu: 4500m + catalog.cattle.io/requests-memory: 4000Mi From 0e7e891e0c6f78f4b23eb924a244b7b1a9b1fb31 Mon Sep 17 00:00:00 2001 From: Geet Samra Date: Mon, 14 Aug 2023 15:43:13 -0700 Subject: [PATCH 4/4] make charts --- ...ancher-monitoring-crd-103.0.0+up40.1.2.tgz | Bin 0 -> 387428 bytes .../rancher-monitoring-103.0.0+up40.1.2.tgz | Bin 0 -> 406536 bytes .../103.0.0+up40.1.2/Chart.yaml | 10 + .../103.0.0+up40.1.2/README.md | 24 + .../crd-manifest/crd-alertmanagerconfigs.yaml | 4475 +++++++++ .../crd-manifest/crd-alertmanagers.yaml | 6779 +++++++++++++ .../crd-manifest/crd-podmonitors.yaml | 663 ++ .../crd-manifest/crd-probes.yaml | 704 ++ .../crd-manifest/crd-prometheuses.yaml | 8801 +++++++++++++++++ .../crd-manifest/crd-prometheusrules.yaml | 98 + .../crd-manifest/crd-servicemonitors.yaml | 684 ++ .../crd-manifest/crd-thanosrulers.yaml | 6431 ++++++++++++ .../103.0.0+up40.1.2/files/crd-manifest.tgz | Bin 0 -> 191722 bytes .../103.0.0+up40.1.2/templates/_helpers.tpl | 50 + .../103.0.0+up40.1.2/templates/jobs.yaml | 152 + .../103.0.0+up40.1.2/templates/manifest.yaml | 8 + .../103.0.0+up40.1.2/templates/rbac.yaml | 76 + .../templates/validate-psp-install.yaml | 7 + .../103.0.0+up40.1.2/values.yaml | 17 + .../103.0.0+up40.1.2/.helmignore | 28 + .../103.0.0+up40.1.2/CHANGELOG.md | 47 + .../103.0.0+up40.1.2/CONTRIBUTING.md | 12 + .../103.0.0+up40.1.2/Chart.yaml | 128 + .../103.0.0+up40.1.2/README.md | 739 ++ .../103.0.0+up40.1.2/app-README.md | 46 + .../charts/grafana/.helmignore | 23 + .../charts/grafana/Chart.yaml | 29 + .../103.0.0+up40.1.2/charts/grafana/README.md | 574 ++ .../grafana/dashboards/custom-dashboard.json | 1 + .../charts/grafana/templates/NOTES.txt | 54 + .../charts/grafana/templates/_helpers.tpl | 214 + .../charts/grafana/templates/_pod.tpl | 895 ++ .../charts/grafana/templates/clusterrole.yaml | 25 + .../grafana/templates/clusterrolebinding.yaml | 24 + .../configmap-dashboard-provider.yaml | 29 + .../charts/grafana/templates/configmap.yaml | 117 + .../templates/dashboards-json-configmap.yaml | 35 + .../charts/grafana/templates/deployment.yaml | 50 + .../grafana/templates/extra-manifests.yaml | 4 + .../grafana/templates/headless-service.yaml | 22 + .../charts/grafana/templates/hpa.yaml | 21 + .../templates/image-renderer-deployment.yaml | 123 + .../image-renderer-network-policy.yaml | 73 + .../templates/image-renderer-service.yaml | 33 + .../charts/grafana/templates/ingress.yaml | 78 + .../grafana/templates/networkpolicy.yaml | 52 + .../grafana/templates/nginx-config.yaml | 94 + .../templates/poddisruptionbudget.yaml | 22 + .../grafana/templates/podsecuritypolicy.yaml | 45 + .../charts/grafana/templates/pvc.yaml | 35 + .../charts/grafana/templates/role.yaml | 32 + .../charts/grafana/templates/rolebinding.yaml | 25 + .../charts/grafana/templates/secret-env.yaml | 14 + .../charts/grafana/templates/secret.yaml | 26 + .../charts/grafana/templates/service.yaml | 55 + .../grafana/templates/serviceaccount.yaml | 14 + .../grafana/templates/servicemonitor.yaml | 58 + .../charts/grafana/templates/statefulset.yaml | 56 + .../templates/tests/test-configmap.yaml | 17 + .../tests/test-podsecuritypolicy.yaml | 29 + .../grafana/templates/tests/test-role.yaml | 14 + .../templates/tests/test-rolebinding.yaml | 17 + .../templates/tests/test-serviceaccount.yaml | 9 + .../charts/grafana/templates/tests/test.yaml | 51 + .../charts/grafana/values.yaml | 1088 ++ .../charts/hardenedKubelet/.helmignore | 23 + .../charts/hardenedKubelet/Chart.yaml | 14 + .../charts/hardenedKubelet/README.md | 82 + .../hardenedKubelet/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/hardenedKubelet/values.yaml | 146 + .../charts/hardenedNodeExporter/.helmignore | 23 + .../charts/hardenedNodeExporter/Chart.yaml | 14 + .../charts/hardenedNodeExporter/README.md | 82 + .../templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/hardenedNodeExporter/values.yaml | 146 + .../charts/k3sServer/.helmignore | 23 + .../charts/k3sServer/Chart.yaml | 14 + .../charts/k3sServer/README.md | 82 + .../charts/k3sServer/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../k3sServer/templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../k3sServer/templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/k3sServer/values.yaml | 146 + .../charts/kube-state-metrics/.helmignore | 21 + .../charts/kube-state-metrics/Chart.yaml | 28 + .../charts/kube-state-metrics/README.md | 68 + .../kube-state-metrics/templates/NOTES.txt | 10 + .../kube-state-metrics/templates/_helpers.tpl | 111 + .../templates/clusterrolebinding.yaml | 20 + .../templates/deployment.yaml | 172 + .../templates/kubeconfig-secret.yaml | 12 + .../kube-state-metrics/templates/pdb.yaml | 18 + .../templates/podsecuritypolicy.yaml | 39 + .../templates/psp-clusterrole.yaml | 19 + .../templates/psp-clusterrolebinding.yaml | 16 + .../kube-state-metrics/templates/role.yaml | 193 + .../templates/rolebinding.yaml | 24 + .../kube-state-metrics/templates/service.yaml | 41 + .../templates/serviceaccount.yaml | 15 + .../templates/servicemonitor.yaml | 86 + .../templates/stsdiscovery-role.yaml | 26 + .../templates/stsdiscovery-rolebinding.yaml | 17 + .../charts/kube-state-metrics/values.yaml | 271 + .../kubeAdmControllerManager/.helmignore | 23 + .../kubeAdmControllerManager/Chart.yaml | 14 + .../charts/kubeAdmControllerManager/README.md | 82 + .../templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../kubeAdmControllerManager/values.yaml | 146 + .../charts/kubeAdmEtcd/.helmignore | 23 + .../charts/kubeAdmEtcd/Chart.yaml | 14 + .../charts/kubeAdmEtcd/README.md | 82 + .../charts/kubeAdmEtcd/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../kubeAdmEtcd/templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/kubeAdmEtcd/values.yaml | 146 + .../charts/kubeAdmProxy/.helmignore | 23 + .../charts/kubeAdmProxy/Chart.yaml | 14 + .../charts/kubeAdmProxy/README.md | 82 + .../kubeAdmProxy/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/kubeAdmProxy/values.yaml | 146 + .../charts/kubeAdmScheduler/.helmignore | 23 + .../charts/kubeAdmScheduler/Chart.yaml | 14 + .../charts/kubeAdmScheduler/README.md | 82 + .../kubeAdmScheduler/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/kubeAdmScheduler/values.yaml | 146 + .../charts/prometheus-adapter/.helmignore | 21 + .../charts/prometheus-adapter/Chart.yaml | 27 + .../charts/prometheus-adapter/README.md | 138 + .../prometheus-adapter/templates/NOTES.txt | 9 + .../prometheus-adapter/templates/_helpers.tpl | 113 + .../templates/certmanager.yaml | 76 + .../cluster-role-binding-auth-delegator.yaml | 20 + .../cluster-role-binding-resource-reader.yaml | 20 + .../cluster-role-resource-reader.yaml | 24 + .../templates/configmap.yaml | 97 + .../templates/custom-metrics-apiservice.yaml | 32 + ...stom-metrics-cluster-role-binding-hpa.yaml | 24 + .../custom-metrics-cluster-role.yaml | 17 + .../templates/deployment.yaml | 147 + .../external-metrics-apiservice.yaml | 32 + ...rnal-metrics-cluster-role-binding-hpa.yaml | 20 + .../external-metrics-cluster-role.yaml | 21 + .../prometheus-adapter/templates/pdb.yaml | 23 + .../prometheus-adapter/templates/psp.yaml | 66 + .../resource-metrics-apiservice.yaml | 32 + ...resource-metrics-cluster-role-binding.yaml | 20 + .../resource-metrics-cluster-role.yaml | 23 + .../templates/role-binding-auth-reader.yaml | 21 + .../prometheus-adapter/templates/secret.yaml | 17 + .../prometheus-adapter/templates/service.yaml | 27 + .../templates/serviceaccount.yaml | 18 + .../charts/prometheus-adapter/values.yaml | 217 + .../prometheus-node-exporter/.helmignore | 21 + .../prometheus-node-exporter/Chart.yaml | 25 + .../charts/prometheus-node-exporter/README.md | 77 + .../templates/NOTES.txt | 15 + .../templates/_helpers.tpl | 136 + .../templates/daemonset.yaml | 234 + .../templates/endpoints.yaml | 17 + .../templates/psp-clusterrole.yaml | 15 + .../templates/psp-clusterrolebinding.yaml | 17 + .../templates/psp.yaml | 50 + .../templates/service.yaml | 22 + .../templates/serviceaccount.yaml | 14 + .../templates/servicemonitor.yaml | 61 + .../prometheus-node-exporter/values.yaml | 252 + .../charts/rke2ControllerManager/.helmignore | 23 + .../charts/rke2ControllerManager/Chart.yaml | 14 + .../charts/rke2ControllerManager/README.md | 82 + .../templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rke2ControllerManager/values.yaml | 146 + .../charts/rke2Etcd/.helmignore | 23 + .../charts/rke2Etcd/Chart.yaml | 14 + .../charts/rke2Etcd/README.md | 82 + .../charts/rke2Etcd/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../rke2Etcd/templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../rke2Etcd/templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rke2Etcd/values.yaml | 146 + .../charts/rke2IngressNginx/.helmignore | 23 + .../charts/rke2IngressNginx/Chart.yaml | 14 + .../charts/rke2IngressNginx/README.md | 82 + .../rke2IngressNginx/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rke2IngressNginx/values.yaml | 146 + .../charts/rke2Proxy/.helmignore | 23 + .../charts/rke2Proxy/Chart.yaml | 14 + .../charts/rke2Proxy/README.md | 82 + .../charts/rke2Proxy/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../rke2Proxy/templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../rke2Proxy/templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rke2Proxy/values.yaml | 146 + .../charts/rke2Scheduler/.helmignore | 23 + .../charts/rke2Scheduler/Chart.yaml | 14 + .../charts/rke2Scheduler/README.md | 82 + .../rke2Scheduler/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rke2Scheduler/values.yaml | 146 + .../charts/rkeControllerManager/.helmignore | 23 + .../charts/rkeControllerManager/Chart.yaml | 14 + .../charts/rkeControllerManager/README.md | 82 + .../templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rkeControllerManager/values.yaml | 146 + .../charts/rkeEtcd/.helmignore | 23 + .../charts/rkeEtcd/Chart.yaml | 14 + .../103.0.0+up40.1.2/charts/rkeEtcd/README.md | 82 + .../charts/rkeEtcd/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../rkeEtcd/templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../rkeEtcd/templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rkeEtcd/values.yaml | 146 + .../charts/rkeIngressNginx/.helmignore | 23 + .../charts/rkeIngressNginx/Chart.yaml | 14 + .../charts/rkeIngressNginx/README.md | 82 + .../rkeIngressNginx/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rkeIngressNginx/values.yaml | 146 + .../charts/rkeProxy/.helmignore | 23 + .../charts/rkeProxy/Chart.yaml | 14 + .../charts/rkeProxy/README.md | 82 + .../charts/rkeProxy/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../rkeProxy/templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../rkeProxy/templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rkeProxy/values.yaml | 146 + .../charts/rkeScheduler/.helmignore | 23 + .../charts/rkeScheduler/Chart.yaml | 14 + .../charts/rkeScheduler/README.md | 82 + .../rkeScheduler/templates/_helpers.tpl | 131 + .../templates/pushprox-clients-rbac.yaml | 85 + .../templates/pushprox-clients.yaml | 153 + .../templates/pushprox-proxy-rbac.yaml | 68 + .../templates/pushprox-proxy.yaml | 53 + .../templates/pushprox-servicemonitor.yaml | 45 + .../templates/validate-install-crd.yaml | 14 + .../templates/validate-psp-install.yaml | 7 + .../charts/rkeScheduler/values.yaml | 146 + .../charts/windowsExporter/.helmignore | 23 + .../charts/windowsExporter/Chart.yaml | 15 + .../charts/windowsExporter/README.md | 17 + .../scripts/check-wins-version.ps1 | 20 + .../windowsExporter/scripts/proxy-entry.ps1 | 11 + .../charts/windowsExporter/scripts/run.ps1 | 78 + .../windowsExporter/templates/_helpers.tpl | 113 + .../windowsExporter/templates/configmap.yaml | 10 + .../windowsExporter/templates/daemonset.yaml | 77 + .../templates/prometheusrule.yaml | 13 + .../windowsExporter/templates/rbac.yaml | 81 + .../windowsExporter/templates/service.yaml | 15 + .../templates/servicemonitor.yaml | 41 + .../charts/windowsExporter/values.yaml | 52 + .../files/ingress-nginx/nginx.json | 1445 +++ .../request-handling-performance.json | 963 ++ .../cluster/rancher-cluster-nodes.json | 793 ++ .../rancher/cluster/rancher-cluster.json | 776 ++ .../rancher/home/rancher-default-home.json | 1290 +++ .../files/rancher/k8s/rancher-etcd-nodes.json | 687 ++ .../files/rancher/k8s/rancher-etcd.json | 669 ++ .../k8s/rancher-k8s-components-nodes.json | 527 + .../rancher/k8s/rancher-k8s-components.json | 519 + .../rancher/nodes/rancher-node-detail.json | 805 ++ .../files/rancher/nodes/rancher-node.json | 792 ++ .../performance/performance-debugging.json | 1707 ++++ .../rancher/pods/rancher-pod-containers.json | 636 ++ .../files/rancher/pods/rancher-pod.json | 636 ++ .../workloads/rancher-workload-pods.json | 652 ++ .../rancher/workloads/rancher-workload.json | 652 ++ .../delete-workloads-with-old-labels.sh | 14 + .../103.0.0+up40.1.2/templates/NOTES.txt | 4 + .../103.0.0+up40.1.2/templates/_helpers.tpl | 384 + .../templates/alertmanager/alertmanager.yaml | 170 + .../templates/alertmanager/extrasecret.yaml | 20 + .../templates/alertmanager/ingress.yaml | 77 + .../alertmanager/ingressperreplica.yaml | 67 + .../alertmanager/podDisruptionBudget.yaml | 21 + .../templates/alertmanager/psp-role.yaml | 21 + .../alertmanager/psp-rolebinding.yaml | 18 + .../templates/alertmanager/psp.yaml | 45 + .../templates/alertmanager/secret.yaml | 33 + .../templates/alertmanager/service.yaml | 53 + .../alertmanager/serviceaccount.yaml | 20 + .../alertmanager/servicemonitor.yaml | 55 + .../alertmanager/serviceperreplica.yaml | 49 + .../templates/exporters/core-dns/service.yaml | 24 + .../exporters/core-dns/servicemonitor.yaml | 49 + .../kube-api-server/servicemonitor.yaml | 52 + .../kube-controller-manager/endpoints.yaml | 22 + .../kube-controller-manager/service.yaml | 29 + .../servicemonitor.yaml | 60 + .../templates/exporters/kube-dns/service.yaml | 28 + .../exporters/kube-dns/servicemonitor.yaml | 62 + .../exporters/kube-etcd/endpoints.yaml | 20 + .../exporters/kube-etcd/service.yaml | 27 + .../exporters/kube-etcd/servicemonitor.yaml | 66 + .../exporters/kube-proxy/endpoints.yaml | 20 + .../exporters/kube-proxy/service.yaml | 27 + .../exporters/kube-proxy/servicemonitor.yaml | 54 + .../exporters/kube-scheduler/endpoints.yaml | 22 + .../exporters/kube-scheduler/service.yaml | 29 + .../kube-scheduler/servicemonitor.yaml | 60 + .../kube-state-metrics/validate.yaml | 7 + .../exporters/kubelet/servicemonitor.yaml | 229 + .../exporters/node-exporter/validate.yaml | 3 + .../grafana/configmap-dashboards.yaml | 24 + .../grafana/configmaps-datasources.yaml | 63 + .../alertmanager-overview.yaml | 616 ++ .../grafana/dashboards-1.14/apiserver.yaml | 1772 ++++ .../dashboards-1.14/cluster-total.yaml | 1882 ++++ .../dashboards-1.14/controller-manager.yaml | 1196 +++ .../grafana/dashboards-1.14/etcd.yaml | 1229 +++ .../dashboards-1.14/grafana-overview.yaml | 635 ++ .../grafana/dashboards-1.14/k8s-coredns.yaml | 1530 +++ .../k8s-resources-cluster.yaml | 3088 ++++++ .../k8s-resources-namespace.yaml | 2797 ++++++ .../dashboards-1.14/k8s-resources-node.yaml | 1026 ++ .../dashboards-1.14/k8s-resources-pod.yaml | 2469 +++++ .../k8s-resources-workload.yaml | 2024 ++++ .../k8s-resources-workloads-namespace.yaml | 2189 ++++ .../grafana/dashboards-1.14/kubelet.yaml | 2256 +++++ .../dashboards-1.14/namespace-by-pod.yaml | 1464 +++ .../namespace-by-workload.yaml | 1736 ++++ .../node-cluster-rsrc-use.yaml | 1063 ++ .../dashboards-1.14/node-rsrc-use.yaml | 1089 ++ .../grafana/dashboards-1.14/nodes-darwin.yaml | 1073 ++ .../grafana/dashboards-1.14/nodes.yaml | 1066 ++ .../persistentvolumesusage.yaml | 587 ++ .../grafana/dashboards-1.14/pod-total.yaml | 1228 +++ .../prometheus-remote-write.yaml | 1674 ++++ .../grafana/dashboards-1.14/prometheus.yaml | 1235 +++ .../grafana/dashboards-1.14/proxy.yaml | 1276 +++ .../grafana/dashboards-1.14/scheduler.yaml | 1118 +++ .../dashboards-1.14/workload-total.yaml | 1438 +++ .../templates/grafana/namespaces.yaml | 13 + .../job-patch/clusterrole.yaml | 33 + .../job-patch/clusterrolebinding.yaml | 20 + .../job-patch/job-createSecret.yaml | 69 + .../job-patch/job-patchWebhook.yaml | 70 + .../admission-webhooks/job-patch/psp.yaml | 47 + .../admission-webhooks/job-patch/role.yaml | 21 + .../job-patch/rolebinding.yaml | 21 + .../job-patch/serviceaccount.yaml | 17 + .../mutatingWebhookConfiguration.yaml | 42 + .../validatingWebhookConfiguration.yaml | 41 + .../prometheus-operator/certmanager.yaml | 57 + .../prometheus-operator/clusterrole.yaml | 81 + .../clusterrolebinding.yaml | 17 + .../prometheus-operator/deployment.yaml | 164 + .../prometheus-operator/psp-clusterrole.yaml | 20 + .../psp-clusterrolebinding.yaml | 17 + .../templates/prometheus-operator/psp.yaml | 45 + .../prometheus-operator/service.yaml | 58 + .../prometheus-operator/serviceaccount.yaml | 16 + .../prometheus-operator/servicemonitor.yaml | 54 + .../templates/prometheus/_rules.tpl | 36 + .../additionalAlertRelabelConfigs.yaml | 16 + .../additionalAlertmanagerConfigs.yaml | 16 + .../prometheus/additionalPrometheusRules.yaml | 43 + .../prometheus/additionalScrapeConfigs.yaml | 20 + .../templates/prometheus/clusterrole.yaml | 30 + .../prometheus/clusterrolebinding.yaml | 18 + .../templates/prometheus/csi-secret.yaml | 12 + .../templates/prometheus/extrasecret.yaml | 20 + .../templates/prometheus/ingress.yaml | 77 + .../prometheus/ingressThanosSidecar.yaml | 76 + .../prometheus/ingressperreplica.yaml | 67 + .../templates/prometheus/nginx-config.yaml | 68 + .../prometheus/podDisruptionBudget.yaml | 21 + .../templates/prometheus/podmonitors.yaml | 37 + .../templates/prometheus/prometheus.yaml | 388 + .../templates/prometheus/psp-clusterrole.yaml | 20 + .../prometheus/psp-clusterrolebinding.yaml | 18 + .../templates/prometheus/psp.yaml | 56 + .../rules-1.14/alertmanager.rules.yaml | 217 + .../rules-1.14/config-reloaders.yaml | 46 + .../templates/prometheus/rules-1.14/etcd.yaml | 296 + .../prometheus/rules-1.14/general.rules.yaml | 98 + .../prometheus/rules-1.14/k8s.rules.yaml | 173 + .../kube-apiserver-availability.rules.yaml | 136 + .../kube-apiserver-burnrate.rules.yaml | 328 + .../kube-apiserver-histogram.rules.yaml | 37 + .../rules-1.14/kube-apiserver-slos.yaml | 115 + .../kube-prometheus-general.rules.yaml | 31 + .../kube-prometheus-node-recording.rules.yaml | 39 + .../rules-1.14/kube-scheduler.rules.yaml | 65 + .../rules-1.14/kube-state-metrics.yaml | 107 + .../prometheus/rules-1.14/kubelet.rules.yaml | 41 + .../rules-1.14/kubernetes-apps.yaml | 375 + .../rules-1.14/kubernetes-resources.yaml | 193 + .../rules-1.14/kubernetes-storage.yaml | 160 + .../kubernetes-system-apiserver.yaml | 128 + .../kubernetes-system-controller-manager.yaml | 47 + .../kubernetes-system-kube-proxy.yaml | 46 + .../rules-1.14/kubernetes-system-kubelet.yaml | 253 + .../kubernetes-system-scheduler.yaml | 46 + .../rules-1.14/kubernetes-system.yaml | 65 + .../rules-1.14/node-exporter.rules.yaml | 89 + .../prometheus/rules-1.14/node-exporter.yaml | 398 + .../prometheus/rules-1.14/node-network.yaml | 44 + .../prometheus/rules-1.14/node.rules.yaml | 55 + .../rules-1.14/prometheus-operator.yaml | 148 + .../prometheus/rules-1.14/prometheus.yaml | 448 + .../templates/prometheus/service.yaml | 64 + .../prometheus/serviceThanosSidecar.yaml | 39 + .../serviceThanosSidecarExternal.yaml | 46 + .../templates/prometheus/serviceaccount.yaml | 20 + .../templates/prometheus/servicemonitor.yaml | 52 + .../servicemonitorThanosSidecar.yaml | 51 + .../templates/prometheus/servicemonitors.yaml | 38 + .../prometheus/serviceperreplica.yaml | 49 + .../rancher-monitoring/clusterrole.yaml | 134 + .../rancher-monitoring/config-role.yaml | 48 + .../rancher-monitoring/dashboard-role.yaml | 47 + .../addons/ingress-nginx-dashboard.yaml | 18 + .../rancher/cluster-dashboards.yaml | 17 + .../dashboards/rancher/default-dashboard.yaml | 17 + .../dashboards/rancher/k8s-dashboards.yaml | 31 + .../dashboards/rancher/nodes-dashboards.yaml | 17 + .../rancher/performance-dashboards.yaml | 18 + .../dashboards/rancher/pods-dashboards.yaml | 17 + .../rancher/workload-dashboards.yaml | 17 + .../exporters/ingress-nginx/service.yaml | 27 + .../ingress-nginx/servicemonitor.yaml | 49 + .../exporters/rancher/servicemonitor.yaml | 58 + .../rancher-monitoring/hardened.yaml | 128 + .../rancher-monitoring/upgrade/configmap.yaml | 13 + .../rancher-monitoring/upgrade/job.yaml | 46 + .../rancher-monitoring/upgrade/rbac.yaml | 131 + .../templates/thanos-ruler/extrasecret.yaml | 20 + .../templates/thanos-ruler/ingress.yaml | 77 + .../thanos-ruler/podDisruptionBudget.yaml | 21 + .../templates/thanos-ruler/ruler.yaml | 168 + .../templates/thanos-ruler/service.yaml | 53 + .../thanos-ruler/serviceaccount.yaml | 20 + .../thanos-ruler/servicemonitor.yaml | 56 + .../templates/validate-install-crd.yaml | 21 + .../templates/validate-psp-install.yaml | 7 + .../103.0.0+up40.1.2/values.yaml | 4190 ++++++++ index.yaml | 146 + 531 files changed, 120634 insertions(+) create mode 100644 assets/rancher-monitoring-crd/rancher-monitoring-crd-103.0.0+up40.1.2.tgz create mode 100644 assets/rancher-monitoring/rancher-monitoring-103.0.0+up40.1.2.tgz create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/Chart.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/README.md create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-alertmanagerconfigs.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-alertmanagers.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-podmonitors.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-probes.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-prometheuses.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-prometheusrules.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-servicemonitors.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-thanosrulers.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/files/crd-manifest.tgz create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/templates/jobs.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/templates/manifest.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/templates/rbac.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring-crd/103.0.0+up40.1.2/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/CHANGELOG.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/CONTRIBUTING.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/app-README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/dashboards/custom-dashboard.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/NOTES.txt create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/_pod.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/configmap-dashboard-provider.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/configmap.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/dashboards-json-configmap.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/deployment.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/extra-manifests.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/headless-service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/hpa.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/image-renderer-deployment.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/image-renderer-network-policy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/image-renderer-service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/ingress.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/networkpolicy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/nginx-config.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/poddisruptionbudget.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/podsecuritypolicy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/pvc.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/rolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/secret-env.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/secret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/statefulset.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/tests/test-configmap.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/tests/test-podsecuritypolicy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/tests/test-role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/tests/test-rolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/tests/test-serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/templates/tests/test.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/grafana/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedKubelet/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/hardenedNodeExporter/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/k3sServer/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/NOTES.txt create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/deployment.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/kubeconfig-secret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/pdb.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/podsecuritypolicy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/psp-clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/psp-clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/rolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/stsdiscovery-role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kube-state-metrics/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmControllerManager/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmEtcd/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmProxy/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/kubeAdmScheduler/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/NOTES.txt create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/certmanager.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/cluster-role-binding-auth-delegator.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/cluster-role-binding-resource-reader.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/cluster-role-resource-reader.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/configmap.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/custom-metrics-apiservice.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/custom-metrics-cluster-role-binding-hpa.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/custom-metrics-cluster-role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/deployment.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/external-metrics-apiservice.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/external-metrics-cluster-role-binding-hpa.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/external-metrics-cluster-role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/pdb.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/psp.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/resource-metrics-apiservice.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/resource-metrics-cluster-role-binding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/resource-metrics-cluster-role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/role-binding-auth-reader.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/secret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/templates/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-adapter/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/NOTES.txt create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/daemonset.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/endpoints.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/psp.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/templates/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/prometheus-node-exporter/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2ControllerManager/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Etcd/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2IngressNginx/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Proxy/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rke2Scheduler/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeControllerManager/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeEtcd/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeIngressNginx/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeProxy/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/templates/pushprox-clients-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/templates/pushprox-clients.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/templates/pushprox-proxy-rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/templates/pushprox-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/templates/pushprox-servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/rkeScheduler/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/.helmignore create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/Chart.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/README.md create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/scripts/check-wins-version.ps1 create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/scripts/proxy-entry.ps1 create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/scripts/run.ps1 create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/templates/configmap.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/templates/daemonset.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/templates/prometheusrule.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/templates/rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/templates/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/templates/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/charts/windowsExporter/values.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/ingress-nginx/nginx.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/ingress-nginx/request-handling-performance.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/cluster/rancher-cluster-nodes.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/cluster/rancher-cluster.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/home/rancher-default-home.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/k8s/rancher-etcd-nodes.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/k8s/rancher-etcd.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/k8s/rancher-k8s-components-nodes.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/k8s/rancher-k8s-components.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/nodes/rancher-node-detail.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/nodes/rancher-node.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/performance/performance-debugging.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/pods/rancher-pod-containers.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/pods/rancher-pod.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/workloads/rancher-workload-pods.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/rancher/workloads/rancher-workload.json create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/files/upgrade/scripts/delete-workloads-with-old-labels.sh create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/NOTES.txt create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/_helpers.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/alertmanager.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/extrasecret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/ingress.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/ingressperreplica.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/podDisruptionBudget.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/psp-role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/psp-rolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/psp.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/secret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/alertmanager/serviceperreplica.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/core-dns/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/core-dns/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-api-server/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-controller-manager/endpoints.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-controller-manager/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-controller-manager/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-dns/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-dns/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-etcd/endpoints.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-etcd/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-etcd/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-proxy/endpoints.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-proxy/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-proxy/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-scheduler/endpoints.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-scheduler/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-scheduler/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kube-state-metrics/validate.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/kubelet/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/exporters/node-exporter/validate.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/configmap-dashboards.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/configmaps-datasources.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/alertmanager-overview.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/apiserver.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/cluster-total.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/controller-manager.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/etcd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/grafana-overview.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/k8s-coredns.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/k8s-resources-cluster.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/k8s-resources-namespace.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/k8s-resources-node.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/k8s-resources-pod.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/k8s-resources-workload.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/k8s-resources-workloads-namespace.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/kubelet.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/namespace-by-pod.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/namespace-by-workload.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/node-cluster-rsrc-use.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/node-rsrc-use.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/nodes-darwin.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/nodes.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/persistentvolumesusage.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/pod-total.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/prometheus-remote-write.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/prometheus.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/scheduler.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/dashboards-1.14/workload-total.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/grafana/namespaces.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/job-patch/clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/job-patch/clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/job-patch/job-createSecret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/job-patch/job-patchWebhook.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/job-patch/psp.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/job-patch/role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/job-patch/rolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/job-patch/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/mutatingWebhookConfiguration.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/admission-webhooks/validatingWebhookConfiguration.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/certmanager.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/deployment.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/psp-clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/psp-clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/psp.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus-operator/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/_rules.tpl create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/additionalAlertRelabelConfigs.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/additionalAlertmanagerConfigs.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/additionalPrometheusRules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/additionalScrapeConfigs.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/csi-secret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/extrasecret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/ingress.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/ingressThanosSidecar.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/ingressperreplica.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/nginx-config.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/podDisruptionBudget.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/podmonitors.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/prometheus.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/psp-clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/psp-clusterrolebinding.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/psp.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/alertmanager.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/config-reloaders.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/etcd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/general.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/k8s.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kube-apiserver-availability.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kube-apiserver-burnrate.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kube-apiserver-histogram.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kube-state-metrics.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubelet.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-apps.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-resources.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-storage.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-system-kube-proxy.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/kubernetes-system.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/node-exporter.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/node-exporter.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/node-network.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/node.rules.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/prometheus-operator.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/rules-1.14/prometheus.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/serviceThanosSidecar.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/serviceThanosSidecarExternal.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/servicemonitorThanosSidecar.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/servicemonitors.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/prometheus/serviceperreplica.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/clusterrole.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/config-role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboard-role.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboards/addons/ingress-nginx-dashboard.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboards/rancher/cluster-dashboards.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboards/rancher/default-dashboard.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboards/rancher/k8s-dashboards.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboards/rancher/nodes-dashboards.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboards/rancher/performance-dashboards.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboards/rancher/pods-dashboards.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/dashboards/rancher/workload-dashboards.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/exporters/ingress-nginx/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/exporters/ingress-nginx/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/exporters/rancher/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/hardened.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/upgrade/configmap.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/upgrade/job.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/rancher-monitoring/upgrade/rbac.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/thanos-ruler/extrasecret.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/thanos-ruler/ingress.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/thanos-ruler/podDisruptionBudget.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/thanos-ruler/ruler.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/thanos-ruler/service.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/thanos-ruler/serviceaccount.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/thanos-ruler/servicemonitor.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/validate-install-crd.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/templates/validate-psp-install.yaml create mode 100644 charts/rancher-monitoring/103.0.0+up40.1.2/values.yaml diff --git a/assets/rancher-monitoring-crd/rancher-monitoring-crd-103.0.0+up40.1.2.tgz b/assets/rancher-monitoring-crd/rancher-monitoring-crd-103.0.0+up40.1.2.tgz new file mode 100644 index 0000000000000000000000000000000000000000..a88d76c30c3efa6199511a13413c8ee8368397d3 GIT binary patch literal 387428 zcma&Nb97`~(+3(%Cbn(cwr$(ClSwj}*tRA%Cbn(cw$0n~yw6?V_x*G4+iUgi-oJCI zYIm=*>-?(f6n+E*3eexz7bOt2p@b5Hv4kv}j3+0n5wjYDi88CDmNF-syqX%Dth$Yr zp`D4RilRNQgsF`!(0Rw18#a495Kq?wiU#La919}lNRv$B$Ua3a)68J9D+%e#;hmRJ z4K@km>31(67E`jvY@aBf4xjj|?OFC(dW&?Yg67lxew45(y7kjwp`>n_R3yew&irub zQL+GmK<^=Cnt6xly<>TNxHrH{9-p7>>+S=KFlg3`(N5q3zzEDXeK zjFUTV48CR@{F=W!(|I=W@nG=n-Z$q?VPW6=g7XuHSs8y;eSAHS^z?rEwSHYgo`1yv z!%s6a4O$k&X59u?=AsWc>;bo?D}|MaV0`Qy58U;nMqp5j3b7O+&cJ5J5%m80jfsX5 zLqrs}YaycWtB`~+PsWkus8k@lUosFit}iM|vR|CT>0Mk@#7~GKF6`qcf+3c=N9Z6& zeE$zi%wXcrUos^sM!unJ?Cfk7k>uY)2q05h!S8-3UyV?P<-rD`WaH$eZB~N&tt=bx zkfe|h`S0!`d_4LZ3*Ur73}MWaFFl!yKLrGT#o{Jc`*+AEfY0!_(lB0rYB$y~A`mHrr zG0*{nXoJf?bp;HJ%|# zqQp;KnNAXOZ!qVHCG7y1tqbnHIsnOyyA#w!mW7&Hg@CR>%9P_i*IUg`aL^d3M7Z8_ zkRBKK)jHeaM|zxX_B;2$jG1da)^Kd}hw7n5yoXpnV+``dJo}dy1CIyK@|H-SappE+ zR7su)oS%evzomX(m+}E077uaW^)(kRVo#{qV-a(Rn*)tz97&O>b^fa+f2T(>rMnto z`Mqoe4G}7ysEVAV#tHf!lr1z9p}oEVs?5wGf0O=BPqlc!*VV&Ob#Qgvl;7sddz~!H zx?>EH;AfVSpisRojR`FrD_6x)NN_sE-S8pVD8*!}#4k$m3}U9-NJTb5_SDsdr!{+v z(9JIQ+FFr&2aff3tAN5AdMO2>F1}|gV$*Oji5RutL@b0*U_|4LFwaY0@tLF=vR#|6 zvIcB~78Iyzr8wU+gXSyh)ct%vKAUpYEVleUGTvTzU!!WSKhV5F$bOMnTwfvAyDG)r zJ^(h^qB_MswgmjnBirbSkiK6O-bH>^R&{;!MC8xLEL9dV!rfA)tc5JP2lqSbwOd-% zV*x)r<&Uqtwj5QxTTZU&>g8bvb00Tk1w1wvOvHGTYVS~znXD9uIs{6_CH`&5qVZ^Y zAtiQk_^wq5PGbF*uy{)Z1j->xl!>ur>3w#Z$*qj?H{s&u<1c)$QMWsZy55eJo$ydaMe8lEkVyxb>9?l<0fdTB z>us1H8>hXi7e!ewT6e;ML_9=s_36BF@mP`A5VXyt2&K(`CNFg}q5%Q(*0Ed%c_pN)Y7@6YL!~p}APvf%oP>#gR#)ygX zA(H@8y)&Lf@hlH_4^PA$VV?d4x*H;ot8uX_m&J%gJby+ZnJyF-!J1l&)g-`cUaZQ5VHH$qp zN5RE@=NBqBWUiBC?UhE=0PTTejE0xoiS@e!(bU^X>%|U1hqrQdS{;``d6Uyf-> zXf3_q)wIU-Gd@SO+q79D6}$U%QFhLRXoX9pUWX89FdP3`l_K>xbd;IDRQiAd{h%S+ z82_r|=j8a!TVH{c%mTX&R8eO`Avv_5&5tF`1<@fTSdf~E3B@VbWS9R zQ;d;mY7o+bIVOBPXTN)Rn`osRG3(`P;XsF69nTR9@F%-Jn@A0XT(QCM$}g)Ukm}gu;C{b<|w5Q)}ydb}yi8mr2>Q74(0k{(}DW^k+Rtrkd2$0FQn<}rE7b7$y`K;(@1R@V>5T63HG4j^#lT687MYfQwu4*shX z+RU!EkGH`K=dD0J{=?gv%NwY@X@)&TtORr|!i12dLojGculDYWZ#_HGXcLt<8qbW2 z98-VN@si!A#U2aT3{?hU^=hveqLkuxG#qTd)LhyYUzlkg+WM8zfB2dfEQp1lQI^;* zhqf>!qE2~(cA(~@;g6V->tPQZxcPot^PDPfcdfk`@938F^k>0@dYKF8F))TrPG|kW z*H}m7Z0l--d6DyeN0gUpR&kfm+U>oo5 z`dYuGK6X?~x7K!ihkoC^lW%>L=K#A7`0;vq)L?ww9PcP|e7#`QAh26rgzedwdupN< zMx7X|n;f5tM11Pq1;%SNa4zDfe48Qj3K5gXM@IYYKFo-gKk&W@>NWM-`6~hu&hFve z{cENNT|Rlz4JC$xfCY0k&gP&|FMJV$V=LTg|2G zMY`2=gu*Yz!<0`0)WyoB3q`vynP55!)U?pbUn=)jW39}Mdg`IfTOnyX_UQ^lvc%%a z!Rp$jBuV73clEl~c(w6F4ad}{?B!cZXi97?10x5BEd<6JY}j>ZSnLQ|dLA1nBlDSl zX`&`MT@@Ub?OX@M<7nXA__IMz57?8gEk{m?>EnE7E$gIhsZVC$#CZ;j9nN@qtw}af zgNDO~TG+r?{iR|y+P;#oyodAK!45+)&&+N;=edRs)VR4Q{v`$lV)Q0s`I>=p{= zbVfdC4?ivB~$rp zM-aY1)2I0_tv^HoB4nD~s`5THW1rrwU0nuWygzQg?SAn=@i-V6=1seaV5~-Sbjcyt zuN1M_H&Oc4gt#+wU6S-^a1Qj{>hOl-%auDU%28UwhNcn5iON(2fwCHLzn0 zrHWbHSxLqA_6B}$p#~x(XVdZsH}BVh&=CrVo|JdKunwJ!vJfInO1E(F^`t{Im5?nJ z@lO`jbP*u(5C~n&4$c@5;80t-e|gIO3jXkObht(z#)kp)piy!V)}enzWHy#S zkcg>ICO5)9CVIwA)n}{nPb}5eMS297bf$@U^Pih|u;i(Idk9IPiasi1CJ`bUiLi0r z{ac$4nBAZH< z(J{5x1G7BC@6)s*>?*Qn=D*hL>v~jiB=e>-4kc!)qaL3Rsn@7WCGyOvyG)2Fp@*wD z(`K1N^gd$s5rqih_s=d$mBM(|*UC3>XS*&aX{ryhZ_on+cAt39@G$n>UUty~;)e{b z{KK^HNQg`mW!=VUjPFNXdT5MkJVtwe#X_pixv;=^=;T=voQPbWAhIY^ehzE$K&CAz8w>ncXx}E2`J3~LbmW1E6~7-jKC0|S;yhbXLr4f zlhNp$shgSKop3PzNvBk#KAUmA4M#4?GIcZ`JaBSRfNphRL{S}di?@&2g9ceigVe!~ zU?ve$9dS^tzY|ZQVIX>LG0@8 z$3BKO$PVIFohk_xV<5Ig4_!=F(xN%LKb0xsE+Z;RIkB@ z%+Q*;2rbq|kBQq9Z&SfhO&0blNV>$NhXW7wDETfs^e81&iutMz%j^peUI8;9M-`r= z+E6`Y7iQLSdVLFH9E^#r{cq153wiS2vF^X56cRr{#YHHNZ0b63zqI{rU%z_(#z}be z*ZA zWR`)V8*|tYBR>IQ@d4e}G+y9{jZ*D$&I)jJJY}P=r8g&)vnKs|4At&Ws*{}Lwj-r) z7KOC@p%7=QlzLFKScrk-$bw`V)=C@*I#MXbae0y=P$IKnWQAg7&SF%d%&ums#Bzbz z%%YN{)0Oqx)W9}L*|w;3we8Yc@2!UOWQmv<<-izoRDTFV*>pk5fbgwl*Eeyn(?My7 z3bJ=tpj>mzL`rT8F(R~ABhkNMZkREm#8_Pf?+hPS)tEU&9!Vg4pe5EK@ufIJb!-o! z;oS+VFqPLvRaF)wDzY|xN5w4+hi*ZS#|(QU$%3hYC{l?NDExK469@-$GH&x|h{HEb z+f@lw$<~&l;(bF{wdusJIqk^!q{G%Y{ykt{MtfQGRguIKz=1FL40n z7&zai!WNM?ti?=5Bh_IvQ8~eqwSL|v#RWy#RMv{9fo>?|xYSlQFkdA^xcU3+r7&`w%@cQZuBCguoD8lXekHh=`J*hcc#^ zNw|4pM1`trNZW;d*5UCQCzTFVoAd-agF0Sgc=HH{IkF|Dn3c23hKwacgI;RpL;D}{ zq6lvVqT4GJ@fER&j3vb@4E@W`s_im!)k9nxDRC9uG5&IB=MY2*(^`3EB&N0|5U8~|EVCvcy&2!7BlPt}{ z#pm%MZF<8WvO0(P2c8$Hy6pH5Kg?Pn(LkoGwU?_>*9G_^? zHMJTGB7iNujGvSm4W{)@ByBBK#B;I5c!xcLElnnY>`T(Ms$TMv!{~drIv11s`a=4A znue>xM8XJwAtC2}c!+&#B|yGKvklP#o~H6`p7USGOs@qFLuR$d!#9~FFLLxA0=GEh z@7z4KxOH8+`r3Gj{<8B68JZN)jP3do!NNe(`{8B5x>s7*!-DZYC`h6OlzOpOIBOLXJ1gPE5p zPLvT|YTl^0B4qEhynTYyNpdfpVMM(yCI87#XZBvxp2c*uWO!}{ExvHYqc`wUG@%|W z6E=8(s|2e()_6KTf`n#1MdLd1ryR7m%p43kR#az?MV)JW=q_*BQ1U`_qqc@fqXF&k z_AAYK1-;)A7D>Wp%MglI>X73`(@9#(055yHTWl;Es&e5y#xZ5TbN(f2sjU?JiCl*g z;koz+h&dr)bEJlAMmcC^eHg1=HW<17pvLwh^=d8^0&9Et59r#yLHU@AfL2g{18!CO z!8I7#V~Y_P(&+Gi?}C zTOZV>`x{-e7N2m%2`Xjo@g(8>#6+7n0*)W_d(3a55+H9o3q9N0J7-xJ_Ha#2@b+K4 z+&LHRZx!Wx*=7M(m$P~GQ-@55h+|OQwl|;{0@zn+M9dwdXlhdZ7LOkqNuOZ=*5mwg4y3?-E_2@c#obPf9 z0aZB~36$RG&X011BAso7gv7U5=|w`F*wC+XMoHmW2vb=UkBd~T7h<;y+>FBjyGB1iPeBq0YA*1wgX zplF2Uzdr{pw(`P4Dk@2TQbcXQJi}vt3M66dfyK)DT%2wBUR+jqjU(;ZCmOP37$%g` zB#>v#)C8_`2^Dh(%T=Mv-TcS9Foi%&BDD~|SohN{AJ)=S<(rG)3d;0BuH-TVj*S)G zjG{<=J2QI0-7)d~Y}RwbR9IK^4_U57=&}q%UPQUxHb-XndLkqWWE@VBW6@P40p;${ zebY9aBI{Yl*`U`G#|>~vY29_IHfJzQWWm(3sL_g+M+^tFSdkH4K4K%Wk%>)M^rb}E z?*I}G?uIF$9pQfE|1xBpS*6DZ_^+aSrw1wv<0I!FR?_MElxl9PAX6{c_7J5kpJm?^ zaZlN2*J1RXm$iUZLHqF7e`lO)*hozm>O$)fl#O>j-J}%G_Rni+&Q;31W=p@|KoUCB z%!?KmOXjX5;QoAI8r_S?M-M=s%65s29GLAzwSLw^*FM`0fA~=iO6f2l3RDH5=pBLxJ*L=vcrHP(kLSE@Y_hrLBo2N73o%&Y8=T~UQ2uQ zqtJY6F;5(_$TisjRc|sBfyKoVh$%9RfO%9Ib7Df)w|FtxHW#j*Wir0rbxO_es~6tH zj)^p>eR*xkq|-V;+AUTpp@fluE`ZP1lK!Pu#strBTNwTn`NSkQMSO)=r??2+E%WU$ zAKcJaXC#FFgsmt6e@T&tRI%T?HjXld%GhBs8-J>9Oe}@IYEm``Wi}V@)eYlqN zwzJFY1}DlRmEK^?aP-ZOwxFe@%gc8qL4a9IeTtqL=Fg1HWV4fc#OI`Jau8isSz-X8 zX&{(UHieO$9TU?2z!+E)M{ZWV-pTcB6odXjO*uX z!#1D&7L;<z^vEEs2+pRs4+#;U2NY=E zM?2cwEVpWQt@|6=eVBLJ13ZZ+*$YcX^P1lE7wu_G7p+-QA6Wgw5)-#4wld~x_A2IU zRdd>BiUw1u_DK?&cG|*g?0ybR4qLUG)bDs01tG%B0jKwx#p1lo^EQ*t_g7%dHV*iY z8il0ddu4Y0Fh3_iGHk*8LQG>eL1J{{h8{h#)RLF-Jk~PV)n4%CR%Os5fXduyf1c_J zQw#@^HFq%qtJo`av;nEu8`O21tpPsar7rVMWz#4HB{E%l;-UP`c6OCLFME%k+D=sN zosMZ2&1fLjy&dC}U;M*FsB4+guh5EAb6Otmc?^jEb1UM>4`QoH5Y_yHn9?tiWIof# z?71r~o99|P0Fc{sEfHIkUP3LBR;&#wlqkT7y5Aq>*;^+2z*;jS}t`yD2g;MF5OmBmKe zo*x=kn>Mk&kl{M-uG^juqhgQu%Pd1Y(Ggx!hQ2;X=8QthHszl#=RTG6`!A`|;_skF*r& zjBSI~^2qwRFx*}yK1ukfKPgNbnH2l2^P~({GyAH7^N5`#1)xP3^P~(I_1l9CNTrFM zBZGBmyw2^|HMn#n%Khkf*aYDmGJYdop4im^glZa~d|- zshLKtD$yBdTMjSU!azMG;#vj&Lq#x3v7C|QzVfWwq-SUM~? zN%`lh@bq%K{DftxmpS(E8+bfE3BSZA8qmm<;D~tQd#SotG7KM=_~cwSkofm#7@QXD zpTt}C(d$D5jEA$RU1ToqtApLDZ?d9O_JA1lAJmJq1V34KLV`bzqUsbOzr6T&4+dgn+H2ChQq_nb+ z3YRl$O%f*0OWq;=)^RsA<}vzsCn2|Wy|a>XZfIO&RM%Xr&Po@J_WamV^8C}}gLTM5 z%}%JROD|lc(4gWUjf#GEWk;s=^GChz@L;TCl&f#q#9F0GCDn#uiypu@m1a`EH;cBB zW@u-d(UtDKMWK>+)W(JC^DINva^^nCh*~S9cP)6)2WF(uh)-=<^YoI5wFbOItglaU zv(bkYtEKmS)-|5udg!pEc~kCcEgNiD9uDAr-hCiac^Te7?7~*`t7@bD=jeMwoL{r6 z8&*52+YlNsaG=@yD<8J4K{>2v{SbQ?;c)i48Rf9M8KVIgz>NW~G_qeb*kxyw5pW1$ z!=3MD#@2(LNfMZG2}wAF^YE{P{(1Sv1&B!W@q}=|hS?f)8U9J$DXe$|TR)`@Z(x^r zf2@{sY+t=5j(MNW+C@#`X}vLoKR^ZdI?Kwj$3Qzc9?D7|$ZL=PfD_Fp_cA_mx-qZZ zgS#)>E|=p+^t|SIR4F>|0YA)BZEj!b?#CN}Koi%X5^BJR;I;wh8Uq3*E#ihsdChC3 zy-*1g?eeAmix~F@b;I@0b>&aujyNiZf-U0j(9te_KxSWIOx_L!OUkZCxF>oC7z$VM zFxk9#a}Y35-bCO%(?BbG+jb*(3@lisAi{fij2a9q@4%@a(z8Q-DGoVWGS?zFqfuLIi5us;0Pe+Vx$_>&@1vADW z$#aR7r(e#Ih^g*Z3L!?7%0`950ji(|;b3qmh`6{<=L~yg=(?Wwsbd>uIr`9qVZU|m z$0WTk@dOdm;)YFv*;L`CIo+4eWX(3{2E)MwkHFiG-*@P^{OThn@vqXYUytM$XBh=e zdNn0Pa&(q7Z=!Y$pJpDV?GvTKB3;SLtJDsghf639swOGVHf3=P)c}?Bt5%tv)ktOHlOJOua%k#S;V5M(w{qU>7d}T}B`(d|M5+*;1>*zbu#|)%;=gW6DY>Tw6 z5(=#q^VZ%qo7$(}6RNBWaHAG8<#mzJ^!{=Kbf2W$w-w4i$ywIfX3ekbNyG?n`AOD# zAYIyoNj#{6_-S9Xa8<;kRdpJ+8|t!kSr@e!S`qCk%`F0|u&%PI2`pHFNxfd~uG}{0 zZMAq8RI)-9p^AsE_mtXb;oLB3-!1RsmFA-5S}2_~A2k)t0;3UCA;f=eJ46p_QzeOP zO*U{0SQfNa3?eCoVWe3?&rf3}Z`E3ZC#{>zyDM5N4Ut3k2wCxPD7cu-bMt8q&FTwh zHGh*2g-~YIFN|Gn@qN}TJ8V*rq#e3Yl&UnPaAxU)uP980pZ5wc1w%~sVVh2J+%cql zN>paPS0br%MXmmG*~6zpHRd6-oW4>>TB!e$YZl$)5=LTBXMnAn~nEjI7;cMsyKQ|;))fcAPQMV@j!CEsjip~k?kf@ zL94<5ou@)oew`6QnQ@HR$o1moB3I%w525e|VTJDsnwi=gR*K&pMwyu^bdi5K_zx_2 zK^*%|@FIBYXB3Zbg-;9OV6r{j9p_K1PT{{Qj%y-(K@3mhqjJD;PPVlj9h!bnZ%f!0K;fJ`h4%a+-oXF4;+Hp$ zhja3vvf(MtHP2@S%)rtO*uQl!?$VDxb7v$_F|hugn!5wvea^3F1|KZOtLnZn{f`}p z-e`jJe}-XD(0RVo6^0R|@SH&pA+FmZZH?iybkqA{EWzaC^Uoxg0o)Dek;w9s z@Ua0)t(>cz%IEf?J55CpOKuV$m@=d=T-!GZ6&z1WSm>Zq89v(%7iP1f8-$*kJZ2*) zHBZ`68GVL;n#Xt+Wx>IYx8$LxcaNKQYLpBeTh1^D>j8@9MXzjiaKL4~v`J6-YjdL& zMKIfG{oX{RzU)XJyKhEw^t5Bsu9B15dD1ak+3kZ6W~gAeE9brF*sI4*hn3T9qtaGY z+U;YK=16MJ_WOn}uhSZnq-by9qIt(s^<@X`C7MCIHz| z)X8S5+D#XQto6Bj@k3=(jgs-ZXxjNC9PLMR_>{cEz2W2i}2A4?e)CnU2N5eHYmo6zFVs~8!9-A0YnHYWQO=DAY>-ym3-If60I2qq(=CD>f!>BilEo` z>tx<~A^ZBF{ECyzCoi3|H*2o>sdxF~ZiUP3QDwlV(XD7u?U0zdTAK9r^K`&@qAmeq zuBxumPCbs^FF4OO3P^PAw}m#lKnZxD*E4XS7vKwu?U^0SUl<$37IXw2K$O17$zF0T z)`{UZXJOjP07H-p z^%tAZp51Y9ov7gMV@)8@_hMz;alSDaG#s-Z|K3UC^yC+^+zW(f8qt7+L1AEHdB+@@ zOyDuFqE!5I9Ra6eV0{9Oer;Q zrB$Sk&O{VfX%esNytNS~oPG|;_Nj;sA;_-;eeG~mV2XM0VOw|D{X^l)+Ham>W^D?E zvUg;VXR8|nNnf|u01Bjn#7OfkTL`fyYey^Qu|Z;==3JxbiIDl)hsvc#c`-z+5}mOa z-66Rg{CkuLlPnTl;t0nK;}#*~NLam<#@n&pY@IaS*mTvgZQ^Jh0@Stlr0WPqNV)5De#7%G8o>Gli z>JP9NJYml%+4~jWNRk?htxw`fj4qNIzCl_DwM7JM-;%S}=p;IfMAwSRM$ez2mmY*of7WHjZhip$x(##-!Wu_J?TYQy++dYJ1d< zQ~&m-hXvK+lg4_r!ObHDYXh;te8XyF+O4{6J=_GVOLmiw$s`_hu_@7+FPk&>qTD(D zKOmEs(X*~osaLy?TFan!hgHZWzT`2w?)Q#D+|?dWu96s*>oZZDFLp1{VLy19hfy8GZz?XDaVtI?nQjG>Bwyc&fDS5#LjWbjS zt2p3WO$NBa&8^F6c8zF-8QqB6@J!6Ee14Mm5;d1cLs<8+y%EAZoH+_-9#_Ng)rI+t zyU<=BHU{@qsaCp0*-WG=uxyDgbH7dyOj~ExPK$k09{ZqGeMAwX5W$cqSI${OO-EEr z6Y-D}>L1o7CZfG^yTe10B!{6!va0OazC!y!?P0?sd#pNs#8*^z^1JKxjN5s$XwNns zdb8}~0&%7fX_|O(Wz^+lZxzIN5>*pEKjii_3g}=Vx7~}qyAY;1aR=Oi5|qwV!1DpX zN%U|>%Y{8%|A&)|mec=lPI7w+;3S@|6xEw>3VI#LzuUPI)%CvtrT|XzSJoSd#QG6r zcuNy#|0>XA;)x`P{4XG}sPiu;0bl@5;`#7@Imy8S^v~N-JWIv7J2pG za*{-K`~Q}c{I!Gozd1>w`qfJ8_sp#RcYPPy5n0y8$!=JE9mecfSHcL2w#D*1;ntm79o1B%n4ev`ez)hinG^EdG>jlA0(fN$x;C=ik&Db=`6(-Y7>oYT* ztef1Sa&^34#>>iC?d=g}8uunj!zpqSs8Iy5!nkgh_R5Zi^&7do4{1}| zq3RehahvRH|M3_gS+?T8VCtYL?Fmtl_&Z<4H7rXNB&XwGaMx+vN-?G6?!=~;3^;58 z8yG1=*yzp<$Q`0t_#J4Sa2w9Q|8OIU@DC>mTS))mUrHLV|J6^zPr|1E?LU+hRJ=+7 zBy56vIJo~XcDWsw;EyM{fRVF=O(z6ksvq-@>=RHk*$J3~a}iK8C+HH%)yM(nKY(m4 zNcTB3kQqDx11$zvfCU=jaEJu`J1FOVL&`u03Y#GOxdfal-1jekg^BViyKKz`{CdDj191hH5&sTx;NJnVb-80stIYDY$=Iq9WVDeu zQ>{F06(kqB(r(KpqnMo1dx(g@n7oXWv#uP6&Ly}Q%hUkR2Ni^Y z&+D5qI^cGk#W^mSXg&9c>zA3WO=QnWuaLMrub4S4hDS;IqZ_(i5bHej1x}P~(=29q z1cR|!-DUtZ`*Cvd@wK$SAA}_My*s_0!{+gE3Al?{d@IH00#@P|I0c7)?ko0vX0T;I z)WPoLZ8>Z4q1vnTf(!}n<8lcec)3>7lY8Ealc*nhMK+n`mwXHIETLhhNsk}Cp0~en z7M=MyP1ahupAJ!!$|UbNU3|ntB%bHKbfN6-C08kNQVpwPHbrX%inhar`fDs!7U-5&?&%5J$O=a_xM@HVowni)zv~z^5Vd0T|Lp|8j>ys2e zPp9jHKKh&=p4S6A5ii}%FGvAZe|=y$h#n1)UzIv9_Ee4yJGaR8@urBXf<1;y5v$=tIyl>oVOJ z9S(9)XGAqKL0Y}tbD!M}duUZdT1$Le8*ss%?QbOazi`r`D+<-61+M6-y(&E3%8T#H z`?V$Pc&~i^M)`oRuiFKtx*;!n#W?$U>dC*be#cT@t#w%)|5m!UQPy1SizD-g%cqfw zdPzQi&iulAIJ+K~Xmoz=5fodR*)+T!{Sw+1Vp>x(_VHK|1CZP%L6o6wrA!f%n6844v0VZ_7ey*Sc zjpG3@a5;Fu3V@;=w=ux~4#h%{D8V#9|E!2g;IEdIMHDDuHxQKIc6MJphk^k6fu4=q z|Ia)WU|nE<&{Y`JWQu8>b_Fz8j9AscVjYmO3J(6)rC?wI;#^l@(0_g+1oy8R;(rEs z7=WyK-)9h^ezO<&->whUx7cSizkZ>3be?nJp%&lo13WGX357NflxhMRSnh>0KK=u) z!}iPa7ls|8ebHuH`W+VVaBmy~xcow@L#zdtIWq!|J;*Imm!CP~ee}ql&?9fo>v$_~ z+QCfX%tW_0I(N$5c*2D}EFFaiQxXF4e{3k{BrH9hp$E>{0Q!HWOxbNAV_*G-qOe2ZIg0w3uZ}9WqMbKBzI1-HAt9@ z>GbY@f5vTf&;T*Bb$A;Nwb=7}B~d>x6Z%9B`Cpi%3{Fp>oVKzEq~=+DMvjv7-q}Gr z-9&Dkax+C4)7*j?C$b}*vT}t>Sfi3(_2`xU3_Rp4Btp_g8kG>h48!>y`Hdr|=Vkrd z_K)vJ%!zTwb}*(S05CBQ=zl`4$o~HmauLr6vL(j-WJ0x{zs80Ulb| zcNe*f`0PV|+pqU!w%NT2*0aseg-w%)J5@>Tu#nl%6xfD^O{zWts*2{93SD=I1>3nM58z zK>YJ9u1PX5Eo!&a4C+z?;cSe!Js1m@-Gt@f-75(S_i{$NWa`E_tz_{Or=*f^D3F23 z;^*ILI-|cO>%v@;D?!g)=-#z(xd(^KS?SInrC-NNP8Jfdu%)@qKj)_n6n+V= zeET~>mgcr$3tRo?&|m%mKJpbN=_>)-0r58_1_~%Z=;VG=5_XRTh!V28a0^%+%Ksbnd>421k zg{_XM1paE-SVRFB0x1aY{BJ!=ELQ7(>skKVvH0Jf1t4qQhtb8#-pkGL!!%QGyNN~4 zxPR6|L`KLWqi;!9Aw`RaRK&zmgZp*=7VsF_lydL%Cta^%B4K~<9hf3ke2ovokWRnG zU#Fh`$g!TvB>O?Q`h>whiefnh;T2O$T&x?XAd9Hb8uQqC_A)kBPJ<&e^@PwNDQc3o zo)I0UH(nK7|IRqog_)N!F42j^7O06n#yn-#6t8`*Bijr$@%yq)cO2c*cL3UOK4j_N?%J)5t6wHEA8sX-K~GqIlf*2kHab zt@Lwg0k7DqKG;Qye6OM*g#mI_-i>Sp+02pD9K{XAj*K#Q-)`D_+J z#$>UdMl=eMh1lB=;L#56K+z6>FX4Y&*n|JVVBvp$0dX6&>;Nc1LjZcW?H0&(BYlBeGda31Apj7t z3V{NuqX$am1z_-*c;SCofc{p3{!`gHHDEJlhiB zTj2q12im~mUc{=~5?$gjXgDYT=5e+qs*6u2xo2}Rq@e+PIQaW;wrR6=EjUaRAUibO z3^)}A_TSsj#kf9(8ERRs^@H-_|7a21MFj81|0QL&~#Y(s6$xSECA#Rj|Q zgBDU*E1r()p~GFjdrVn5g>Q7wX>4=$hT1!ndtjr7@v9=zpYJO8nMz$zm9UWoRWG>@ zl@nLUJgThF4w6HZNBTAJD;vUh(*)|F6oXW$i|{cE@Feo00-slYpXz9y1TskNA_$VH ztD-6^EWfm%p@ic@SmYpxLCUq_lya-FngU6CEo6dJ0z$_nOh)weMlY=L)yyfSvDvIy z-G6TYht^K-PZ%WVG#Z%=QMM&y8QN-)uNV-eMHiUq$q-74$9;z1#10d3xdsH~WAmhV zjo15y;is!3_=pdcGbpE^bw(;5g##=E^?MdH`2$ zdV%_WeD53&wuy6dMfm+6~Y#234vWVGJvXHrIm{3WX zO0nBG{{hg`Oc9rMV6+}e8c-TG6Z0JTThS_;T*JbZZoiB+9D670`cdVm|1EUIJ zP2D?a!*Umusd~@4*$msK77z;77x28tMu$2gfGtOcaO?hAZFfYA8qQ=#(`03i1T{re zDs(izeEVwu;aOCPV!hTHc}0(=t_f-sK<>mfwJWR!Tyw>O_FJ#b4HXNw2>1w4`zWRl zY@ntA|5t%!c`m zXdPOFW4Ivb1vG`n+KFSxao)fA+yCyJSO4Vocpv!e3kcxH&4$!fH{=r=TOS?P;*gTxU)Wk#a$|V-FuVHKA zF+{!-2k#uQ?c!`TbwIVE!LS=_N2%)|pD45;h z)%dqN!J%&+ojJyukOnn6LAZaGV%32RvCJ*Mu^ih=_^b(=ewMJzen0+FP&l*-_AMic(5`9U;MGXSOj^oJbXD>0>+-2WkBJW?KThd73iH8ZJLcIk|^c&2UcRa9bBI)wyZ; zRXergxmd4Y!sa72p!Y(*YY-(55)+|W#=?r2#Hf}um-t$aOcTetnkft>RIcsJrk4}& zrpH3@Ro2;|@K03`+BSU1R9yeR?W1a)dVsPNe(|!t*dTDD!!%N%Qrv8=K*w2eeFC*p zO&PLf*}9GSC%I|`5R#c$gd$|aca51c^a6T(Yop2D zF!wqEH0!DQ#+#EFJKk4DF!?E#;m+CQsmN4ZCFO6TJ?947F zFyx&Mw?1PL!;n2O(V|>!?I&lp zV3F0T%s0yijfuKccAnM3jGP0MTzTrvaUtQG3U+=OT1BUTP8J}g*0z?!xWV)95pr6Q zn1rR8w|LCJAL>#d6VHYYM;jCcvSVCr3?YWyctRraNk4e#AJX$>F=YGs+$Mi3wW4Kd z&vcv0W0EEbUyqRSD0vf1pk1@)PYv)rJBrg#JTYp&b)>3zCsO{gtOwp#t7p4*`Ty|r z&e5GbPq=Wn$;QdXwr%qh+qP{xn`~^`wr$(CZTrpdd*6HinCa@Sr>f_iK0Rlqrk)y1 zS0d$qbP$SDBmyfkf$sYe4n)w1rUg9M^h+K6w`oY?O=G_PF%rm*rC|)V0^)^SvaY7w zL-VC9goG$@<`ufGLMKLL2ef%YjLedOJ4=9Da0&*3G5P>*kLHHG3Km?;-Jm8W_2qyi z@xslGC|xbd#y?A_(h^Ga8>_;=(eX;B>a#q!lPuE+snKFLP6oq+gIHn%!#aPmaX2lw z(_IkQm@Y-TL)Hiw@{Koxtals6RPfONq#L-_>83JaSw4yR>q%U%PE9!rQq1Y5)D?71 zZ4PPE7@YO)%EF-aU;QAC?j%2VfM`U17lKuCqjf$^%gk)bW|3LmHP-NiG8%K%RX?&w zUOQ;fp@9oh7>2Cw^^Sti7KLh$(N41)*dp1DR)HCeJ`Eht_CBkIj-zY9Ks%)5D5%BM z1h-09(AizR&=$(*+Hq0OUcgi6g7%5U(O9)h>x2cj9pNM>^S>#_7siJX+htBZ5`#&` zyS@;Kd(Bc6q-Q>%}tBV8#Vs-9+_$uEUMl3FKM6ftk*OM zR)TkQ$;72#yPb`1 z7HR(|LeP_-kk79D@RRmbAz>{C&3@m9Vbx@~`#T11Dq@iWwy-0>gjw#DJ?#ae>|)jQ zUgl1563x{z*ho!I?s5;Cb73}W)A2f5T_jU&vL91%=lyb{ht-F zrn&wH_aHyT;x%%Ld(vB1U*FHPJzM#ObH<;3V^=6i{~KQOsz>eEsRsfP-p()%ejjr= zWWzjip!TujI!~8_sQt*s-{jAbqz#h}8TUpK7i{g0U2u_4#4a4{M(%C95YwPFX1sc@ zN{%TTXHxY-0(+Q=o31l94)s>!YY3aggM)MU*hUF;Qt&wUK~$Nzo6eia!>Xmx!a`|X;+E!;ALN>I^^<$ z>5XyGP~Kv(m0eww4eT(58C~H~vL7o+@RUL9X z*uHBF^xQSRozrww%0$BB3*eHgaiOG&5r;_4Kp$^yuXH9dr> z(d66=GpZ$N4_;|Hb4Vty2~+sz1y_xC4NlDcS@I-L_s$4NQ^Xrm-OZXMlw(+fg(>57 zAcoevJGVzaMcBh60{tstniyBcHi4SzfNK(aReot=SRKOj{GXQ6ud<`-$g(c+9l|P^ zMh5L#|6a#X7}VFY%1SO7`i@zB!Uxr1vFxfQrBg1ca#!L((1tGg!iI0%ZB~{+>#u!A z`ikVr`lSi{0ndQ0?61|}T`E_u2ME4*BZ87XaA%akh&%Qg1Zz_Q@XJIfCcDQjD#(<) zzu1z9W-&KIV+qP72N)%R@CWv0?qt1KRe1)iM?`9KjT!;k(BztlT7 zm~dBwruN9I2WT|tOvM4PLPh7{tzJhKM+aRjL<~)hIgt;0GkLW8K9v=w>K>ZUnKUEj zd%>p>HG+Y*`tzSB~X4SXYqg1D| zz<5so9&WF}nlrFAcgK58NGe@G9%^mhs!kV7KgoD;i+QfBsWOaQHeN3`Z;uqSJ~oOV zrjq{Pwt$?^-`QySUwY%#zo|=2zqTbZrD(GIwl>zIT|1(AX6;?tJ#jnUx@=chbv&vq z;vJT`T&oSNhYDSw{5`Q+kSXZ84IWevg~;@&4PI>NlWEAb4<0uq`XV!RW(dYZl7&oC z`=uA^45VhT36zAcW}p}9Poe^<7fSOp0u7Y3f;WwHo=nxvHCAa5_L>T7+4X119=cR=GcrPULmEpHJOK8>d-LbPB_0a=4=4L(xgUaQwfK+Y%D+%nYWP7H1YS(`^d z&wY^1=(kl4&NMr$d>m!+SA}R%&##DVyRV)x<^@tjD*=sL`X_P1l>o(Y95KR`SU`>W z5`Mhiy_5i{zzA`Rpemvf(!&FgfD0Hz3=VJ|(F>9P1>_}9;05G=T_+GDQNIgF5)cBe zAL+*5GZqJ!@wedrY)`=TsQy-Jf&ZV)+KT4)vw`oB{&)V_#>zmN?%tCG@p`cQ|HGR7 z7?}X2f)T{y8zEJIju5M*i`O90tfa`)RK}ACtP*AFL5rlD)o^9%5uMVsBs&m4jZmxv zG{srhsLJ%B76>=>>TrN-in5NguCNvBLC;zEX;)_i(5T&8{f$vXaDWn&>4o#l2#6WY z0~#>`PNl|=2REwolR~`&N~PvZ6Cw>K`RV*h0`x+S|KEE4N>bzUBUzfo zrmiIcl7ykIHTj<_#TuCZ>l);Zvc4E=uyqd2hUN7bAERMpK+LBSb=`rVCU zIr>K>-Q>rN`AvtEbjCY!ibROCtNhf&LDC}fQ4IT3^C{Y_c)ovqc)VkFv%@s0uGTG1 zTz$IVRO)1mEHB^GoWBY-2drIY-`((n@wEz}3zVQFOEfM$;LST#I{hN*o;0 zsXqlYAF5XO}vqN;~p&Z zO|Y3iU;Fr-i5n>MdtFAiST`q{EXQ%+P2)X0$*bRU{qmi5y%X3xQ~27vl1*>I>ZR+c zRTj)Kctu+|=*-lVj!G-bW2uf*x!jK8s;L>br>8;E^70=eZ~ok03-B`KeLFu3V<4q+ z5uimVe~ZOrUb#yC#x~(aN|cr_1zlqjtIUt?V=}a2I+>}es4P6ze2Pr-1*ZO-xwL31 z&LsW3DT4O!5CdLnZ;>nmx)~;zOeC4wT&obU>Jz8zzLvdqIW)hy+ZwHtxunOR~lXDl~r>l__ig z9Jzk|MAu|mQ3OfC z<}c><*YPDtGFuIBwhhEVKUJdrgwEVRv-B}{HE0l}B$o6DuX&XLbk@{Rc_*Kt|Xwur0it5Y(lwMgiNcZt~zf;~3>;z*2*9 zbUG(C!O@nAG_TB~trB8>*!kJ!jPYzr83n`L@1$IG}D8OuEXKG3*31CiEXKfks$hTo#s1CMNsc#@J53i zUx4jo^l&8WJ5QaKk6_L3h3Wn=Db5KNyxx7QJ!wy{`E+qz$QrvSvN6G3uvd$Q28|MC z5bV1^?^ZD8kbMp-tcGU+)oI%gaK=E?3D`jm>InnM zfiP4Tm~mzNjGmsd^-p}Sy~QQEobGzBwVBp5_g-z{8-Frf-mF+lm#!Ym`+uyY@Cu0S z&#E`0(}fCdnj}vbdvQ8UJ(3?qkmlE%jsp+$kalJ>dji<*Sa zo>3^wE&C^{R@I*hc(U4*-gL;%X)Q3kCa3{YT}McdDs)Zn>B5qMRpZQp-O28O9;1st z)JU)^ebQXzd)^0z#e4<|G?D=6+((aY+c%fseD8cH{1OWKR2 zog^UaA85eXUztE~zIHEk{lPV|eS(Vc2iVXT@lr;M9}=CYGR6cMXu0EIL>a_^ht9JV z)knkO$LH8`7&imOiq2bP?-h^ihgpz91-4dYu35D@L}%Id<8tr$C+7!?aR)!xp!CX< zR#d{w5reU;KdkceLQXZj*^SkPY>wmZEbSLb+kd^#mv`x8z-sSnSm{~=XtDjD zT+DB2J6~gvlC2yMSKyMZ9uxn`rk@r!VMBN^ol!hMDQ4U>%*pO7Iw)c8rVQ{&-}ZVP(4ZD9U;#?0Ms~a#Oz|u#D|JD@rrOmq%aMMM~=;n z7Oia~&K{mh7>o<>y|Lxn-1%wYdvka`?RvzueUNP{k=;LcY<}vf^+r9uJ)UXn!h5c! zMl;@Ec*qi7K~g#)p-@(25tcQe1U7&=ZjPUV$~Hq9h?u)rF6;%J3O8HIxKRge*empT zP1e3^HolrkcF(e!_h3P6HR1eB?-5VryYC=vc}3_}hUp4qlGZ_ilj_GnJXb=&7?2iYg8VJV+hKE zi_|r=9N*bkn`>($WY-N^3Tx?X@^MIvy!yGx7r+e$tab+0K8&`PtJlq8ukK9w-(@o{aZyBAm%8MI=?jZmRqE z*8KJ+v#VyEl190&uBhr|t6USA?sLkPQHrRCnB0`&2^D##*?OE)swwxAv+U%PIS(oD zSzP&E9rekz@oKX1&hDdZh_*kznpxRHcB=46x@c1xGNT&|(CNd4O&G2dV7wxH2V-6) zH!B>axr>@_CXNcy&YGy7EGw0mvc@R6sN^Z&1H^R9t9R007RA4?NIR9Yl6rNid{a+X z$_&T82PZPvEXfM@B88WB6M_mTAnwxd(t{nbMQtOv1T|-9Q?$M>A5`L*wP$`W>auMm z&Ysin{3dayb}P~}#*NOs3dO}r!>SrYdD96@V~$sn7$b!qw2p*n5LTo=Uz1%FU^XY` za7=`Y!3WM|BAj8xh!)Q|i2yhvLuC;c&H0OH7mqm{*UmFvz_5ANQFTIwo-C2yB{do3 zo5*@_V2y=wP$Ou(7s#Z>6cLt9Hrd{Zo*c7aHl;i)h|sQAeBcoM1Z+Yi02*ha!~jKu z7v&P`eFyzygW3bYvOHJQP;7?Dk!II?q>CkjX})cI@EJy?{Dyp5o>olXMH40k-^!(|E zv8{_^WGLdmH6$Kk7H_F>j}&o4cKBo*b)C&9c5Y{d6w9kaVo}ONOx?pcETwO~`{CGG z1}2trT1Z_;Z7-d3Y;YKY63&{g^WkWJIJi9Q6|@po>pUJ<2c)usE2MfJG2JyaJ$R(c_o`cIbrc)! zr#0DH0EW!@%1s) z)C1}p@6<^vX{Id)$`6@hfo1BtlK;VuawxuB68yy30qNO^K5JIRtcY6iMy*ko+5i+p zcENOGY9Xh*ZRx(b0T#l>e>}4eCQ4H4v`9t)!szCfGgi-i%j+ES#MN*8Etq-xURw^T ziMkpzL5GbS^$x}e20;*ooo%L@IDh?y8BBJ8+BX?Sl2^AtRU_T}?o|?CZ}?@zky+dq zxo9=rUxeCeRX8+0SU<(PhG~WfIQOAqn~B95OU7EGPZjGOtFm}<;_J)9eKWebdD_no zenpmWwFJVmndyi}YUQP4F%w$vA@OeHxN9>z{-(2;k+KF&zB&FuCAR|jY-YI8NoZ%o zv6u}$9$LWkndsndH#ndqG)eG0&EX^NHwN8{)0YSC9x7NtP%vdzF37YhPlqjji&P1$ z1BV^C3~%Dxaurp=^fL!*@wC+~ z2HUzi74Mvd;%m4jugN(NBR)dMyJT*tER~n{aZK0SE)!mIPF_&(r)6>(t5u`hd+W-l zIAxN%l4r3H7J}wCzo{cp2oV)b9v_Z{G{K4LSU5JbB;4Fm-08fRoTZSLo`&RX z12@mIj}}bPI!C*ifsyVOmzH#W*#4umw;Gr_92IhBTVgX>u5@XW%rTZyKMBCJbTJQo;E9P@i{eKMGUV zCTFD!B$03fe$s5rOhlhh+t!1rB0EiQ^KXl&VJ_O?kL2C?Q`0*)$nVs_ix8~-3FL(g zEvRklCwWQaS-&6Biz#GVUug^z9~pF|e~QOZgf>#p$Am$16STiVdm$cQ(wsrXj=!{9 z;UwTdt}8Z}W!bwRRb{drGVP&Ngr~tPR@$UgdmG|UxFrk$-pT-}M+UIMtnvJEU8f zi>lWhq3d?_Ub(yABp4*VA79%A5dSuO>I&WOPIGNvbc}z!c$u1dzAwVlefc>1+@)Q0 zcn;3JtbIM&yrXcqUxpf)9;Y86tTQUH6B%3d4EDf%5-1QpVpLf9sjSkWrCO1v7}8GK z=$Aet3S$VkiXyE-COfNNEE>4|1kz<}p>F8nAY9AWfHNSnGwy+|R2KVamK)Bm)_bgm zqL_M?n%y#hn>dmzr-7N2b?p;we)484*lEmp?RB`RC(w%~rk%oSK&ia0$RSb^r+F`9xOJkfzqb{%neM{AEqkg?)nZtQdLOkJlOBvGVB~hnEYS zrw^_xcDgF}H9KK8bA?Zlm&K+x*cZnH)|)B;^}ai;);>tHr3=*JUwvqri7%F%ME+}k zVeOJF;ZZH~!s8QTtJ;rtDwm<8z%b^M)QB38iN~RQL0AUwhm_zkmP_g?&cWEW94C4J z6ZL0u@RFrgOSrK5jW=HtyLD5jKvQx7vJp%z;P#$DBDU`H)dJ9kkIlw3%p8oDgX*0n z9(2ol27Ot*a~+hEk*=O;0>-_icj3f}oU`}nu^6ElV}2Kzp)JzY%xqrPXF#+F&8nnH zd!~`BrLIZ?wVh0aZpetUQZ|6<-ySAcaKp4vw18wNs?NW(p%%O>=UVUo^6r_#rrZI4 zMT*6on=J^m3gTD%QP|UUVljT6A=1R(5!-TX@TY$fVvWASwuOHxSmBjbP4^dwoiHHS z!o&dPDDe{5a!l|eR!@47x zp)itSY9_R!?%B8LwQb6NQ)QR_N4eg{6iw-3)#Zb+$LrPiSxHm88PYnYr1;fW{MPTJ zfvY@1;3Oat+br(wPmByuzXRIee&x!0TG}o}wFR3(9oX0z%iFU^4vZJsYkxphg#(lb z%s?K48_A7a%EgG7>8KULJ4jNg%RyeyR=7G4-fOzPk03q{U>ivQsYD+~TxeAa)kyXPWi_!b*@L$rp2Ls#>FMRuDO*TX z|Ki3Of$EbMCDoII6X+~U<7VvN^AjZueMg2Oyadn& zhn5>Di$?$4w~^gucySR_mQQ0$<~pD=SSheuA+0-YF=*4XNsPx;Tq3-a(7RO68#w+m z)!Oo&q~uOZy7Gr#gsa}W@ZM}=Op|vt2=&JYJL+Aq^Z&z09fR(f9+mI`l%eNXyt7du zjRsR~#pk)RN18BE0FN5Nvt?E+xJp{RY1KDEwzpLz=_BSQE@8PLZNa?clOzxdiEFRt z0FdQw(JC{NunhlwDl;FSNm|Sat5mZHU_K03v_4~MYVHq`npbnl3$%?ba7^UzmmH*w zY|lzZ{CJi1ee2IYVwVyPg>rDeecF3Juhta|l^?6(Wf%G#7Z_h4v>gnod+xW=zP_Fo zQ<`cdVtKMmh0(-I&sPkUh(SM++rXBoyv*31S<>Ce?&0Wge+NZ@p7?s%p3d6L)W*A@ zRiMk6|Ll0qNPqT7Q{GTLqA_#vl(oc>vZr(pPUlt;6{eTzJ&Av-GypmL)=f1}EH6KlH}ahF_3W(xOk88ijBi*Q! ztMyA|btjmNGqwJrffkXw;3P zDYi_pkzPy#)&hU;X%yz_hp7cknDj8SnAO7SOQtZ4)Pl%(+ z3~Uh(O=}MLckJTXMeOH^3D>Tz{-DvMNHe-tNrcIH@L)z%)bkSu=T>yobN>G4i5uU4 zV&(CFk|KnsQ%AJd$B7#}kLYl_FE8o##O&>s_m9ng;OFUKs*N8@-P(PgH^k%4E=DLX z4VzCCH&}NQoK1(-@ktSf%wH(^f6Sl_wMFWjO`G8!dN;1@_UziO=TO*7iW3LEEqRi0 zl1b874Fd>-cLu!@gYOlK!nOh52Zk@CWN#$#3F$`JM$6kN4%b5;v6@{&Ek!XG;TJC$ z`AUi(G2VEFUc&plBi7#rVQI*Bd`0i5f3)%c*mN?NGm2BMw`@z8%GF`A)CStgna2= ziJr*2We2-J5ft&uzxI>ODo2(wmA6SG=Vo_yd#uLhDzPJu4Q5j7fs^};XbtJRwAbPg zk*m{7bB#51-lFIS&_W5#%RMY_DLWM>MVu9x7zsZL1bT#(t-3m+lT_I@RO=lg2+UKM z&HiOA=y6W0hxAtxAsC$yw2C&z9o{*69%*kvztFtAMUeRYov=ex4YlTS;g9l(4Yoec zGH$cI-qTZRFi}oHRkb{6kTrT&s_*pCElhwWD_O=|9(iPNctp*l)S@;y{z2^%s;}B& zvmP&#YS0|ta4C(lZN1h1Oh1ohHn8N2L}DKXhqIU+ALt}lb8HX7Q)j;AOgxkN} zkQJ7(Qh8n4gE0T&uSoHjc zD%R?PO@`yOjg{x)?H)Ix0^f+AHME3r)v_xb7fr^^EJpa>c14^I!)35EYE~cU+(@Mu z@*QkXb^L;q-%WWr8fpZg+@aS!K*=M(uk1w-<7KKRF2l9y@vHj7fMP+U-=pG@J05== z#mk-Z#c8hxSG@$8iNufsu-N{lFTz_&Eo#_Z_FK)EA8$eq20-zPF23I5;Z>d8#EpvJ zO^Ebe6@ZVRBB(nvIWa1T_-I(rFkNCvxM<#@gm|X8tRHWAx>p{3J9ckPOIXu@POliad86ER=b)sK)n`DqJPO*Sr(zKs`(cI+4?^*j8=emWUqH zFt+A7mPM;UCWShWK`~+HCQ_2k7^x*^MQ|k+CZ@8}3@=Jcg*Hcx$P zs|L}L7fvXI$+bIihX7Aq&-DJM-O{y|PY!pHFA3h5?f}I5*7Tr=6m=bGH3z{l62 z42OFf2X}B>lqe_$eY~GLhJ)eqCBEG0kuby-|3q%LmI!MNnvv{AAEfw(UcQbmZK97Q zyeOV)i?^ydv3Q`t^#z8pz-iJg$|%VJwBFN7nkYzmuxXVWa&5C?^7yUtHseyhOzg(y zEKZ=G#F1mi)@09}3Uz8XfIMpBi`9Dd9p8U{;`eACP8cdGbNA3f*WeII380DM_CTp| zfiWI2#oe>9E9C9;4VYIF>qwj6d^PgzY;m!b;1}fDGTnY{g3j`Lda`QlRfBlFtacpTwM zlfn)|4h!=rq(AN?t+TXksYm%r{TL_1Qul^MuMG1aDds*C%zP$kcubT1<4*rq6wUfi z%l(1PG&%e~xnIQXKi&HAe+GEp6Abg*fCtrde)|dLZSSbmqaTl%KT2FTAMdkChIy|O zj{lrS|EKxCbMfA!_EaAI1QLx^vpW)u7tKVr+N)p3(GEdXDMl;cWu-?8)b0{HbFvJg z(^9j?E9SQk3EU~b>0aHoIC>*g)AQ^SOT@{@6BHLle~%dnH<~oM34C3jx^{n?yF4|| z&)a5Cew}A`^L^UDeZOq3Zcq6*@O^w;Ts%Ci(`|XVI6l5*e_RyX3M+2y$?|3TjO%&kzH3MaNEeiXam_kxY1RpVlki zQBpMWbSHmbqPo6{mYB>lB*`94)F2_Q~s^W2spw zO!k@%M<&ubxK{`GNF@-P2&v^15$2-=xxmD(dy$E3e-euAbNi+(*YyE&6-!g0#|IE} zQTUIi1a#^?={A*>`mw99lW%RyuJ7yPu13|wPCL1A!R?R~zcxhNhI5;`+jWBh3&P}!OJc`u}OOH-+B|hH6GBw zDvV`Jjw;99w|q~^gyL0VFzBMC30ZDLbs^e63fu}+lh#pnBsItpDUgaax)NN_7|$7X zwQ_BvLld}jeXxm51um#KGTZ+3nAI==la3l$Yh{kfvTC|a$s9Qzqd7_Rv^)qnSY4A- z=_l-F5u8Z36mg^=T*N?Gw2XjBR@$t?_SNTU-wF@!%(_IdH5i_5wGz1OWoK*gk8DI~ ziC0L-54M+VAdUISL9TVDEBsneeIj<8Vk?QYd41%U&g1tqaRG%>c6;T#bkJ?gKw|&N zL<1R$(%cMzepIJPf55#t;`VZR9lHsgTd%%L#3l-AVOWR@;E=x0}HYE%{^UEUX z8{2Vm;jqd9TRE#lKGGv)S}F{WX+3oXCmmR;82l5EfsYXR*Rw{xV#v;DlYXO;E)AS& z0_rZ$PI_I98Gl@|%^=WXI#&aUR7r6?axd*5u5r*$DYlwc7hIf|sMsXJv`2I1Tv}4< zakc3&Das3Z8wd_MmIW%yk&swky6K9w*bz}F9S-#zyV>~)X<8-bpsCrkZ#4|(-FlA8 z^qhX~j%x5syzj0Y6neZ$!qlyU&O1h3vdCP<`K2Jo?@=0z%*u5E83(aG_Y!XI=RF@$ z9+RQp(BLTYt85&%IwQKI9$(i? zUW{m%$f2!>F!^u_Kaz05!%q7?3tvLNGaux}O(rK`vlbF)l+`5l^&dvix&^)fRGS{S z46-^Shdg7fF!gwvm1!bNIZokfbgeDF2@HtbI}}`lrHi5grt$P*9jRfhB$Iw5-@0hfN8o?jXZ^#yEjNt3=Uv?OhG5* z|NV-ge);E&4wYIjbAnt?ZA;HF=|w9sdnlB)J|RqVkLyfBBNa;H77|xb10;2zRnar= zEMuXfS5(Lo+iW(U3BU7{ol z?mH&>$(9KvSO-s`FA_l6srJ(mk(=LI309^wzA7t$knm)iLMm`qhT&d+b)CZ;OrnyG z3<}$xAS1yx+HGD5{tnm|LileguMs(PrR(9cq7Ov`m~FV?DL$EY-$Lb6;p}y3CWduY zOfoYU4?3fW2oiCL@!D3=z3D>rXA;OD0~$LWp!{rf`Bxop#|o@k>kr}v8ft0e*r?oO>sfVR`?9f^bCHQToUiO zN572*GA;*)-vy4!mYhON>md{|mNLcak_6U*?XzG7^c9$Fz7bx%IrtZaiN~3RZmYj) zthpH^oYZGf7KqK^`y(AYjy+&c94(iiWr|9vSQHWXkOCJQE3DxX9sl;H?^yVORg#OF zH$6fjm<#A;X&1AI2GrFh#~)Fe2zc6w_qnNRP5k*wmU!ei0ZaXqRnTfk4-@ zeH_RAS2g?8p@UX;e&*>D z6?edR+$uJi5cAn_)mL0k%GU0@ZGEMP@&)b1Tt5I;Dc-eQDKZ`iey(ye-3FRbZ)F2@ zdTzdo42Rq!&Qhfc1qed(B8;Hb_TYYq7Ed*u)y1ULYzeQ_AXITMB+a$xHALmtQAX4) zV2NvfuA-ilIkMgOY47g%)4+{zyrP9bWM`h^BUW*%JIR32_D4WPyA&4QE5~NgB~KW` z(V>@`NlQA0QW+$>^{QYq0z}2%sdfQ~x?rwR%P`9Y2jwi3w}FD8H1_iQf^)aZet)Pf z9c0hv%#fHhg;vs_;@DVvTr5QHC#B5GB5V8U4}CMX1uRFR_($I(|6%*bMe~o&qVRx_ zM0=k>CU}8K@Pd%IW)sOdd~<-1*z(}vFz+CeyL$zS<{S{o-Ay_E2Y~l}fJ~73adGtn z!u!w1k6u(g_6PEVKK>bn$kNUB_(9`({J{Q?F(Ucv|D6Hei!`M);a>zCUAB*5)l=1l-PqzNZh{|(zuedrmND;z$)ad8x=eEBG(%jdcDIKh5=ySEi= znJpm^($Ir!2-KP=oLi~SV40Ju04iT~N6^TU63lT3Z8?U&NlywvodGK=4`5$QiJq%5 zZ^c7P+2yYQqP4^NJpUzfnl?LUyqlD;PX#$?Q98s{X$3V&_3e;{UU0vUbBYG%Ah`yZ zb^MSt8^3rkLaT3a zyw|DnEcX2v3pMrR z!sMq7MQ!HPjge`buIilU(Pk66fBUxPJ=thd(+i}Ix}s0p1RW>)rmlGqNwkH;;u<&t zsx<3dU&5goM-m)JC8p0QN{kV91yQI5yWeaQlrG9|w(|R|4H09p67_eGkC(Vg45l&4 z1t0HwHDCPT&_-20a^ze|VNsCoKtO2XDiH$95$+jjZ#&Abk@p)A?(YMaSyh~@ql+tZ z(`}O=tw{*EuVLEzl2pE)yt!)Pl4yE^93sBzbW)eO;&t(g=&!yX$`w1DuJ2ouz6#;x<6 z;UB=NxvIp8#9|YkBIgrbkSHWHl(neo|MHT)wr>%5hciR>38uUT>j`DnWk!P2J_NnD z=srm54DdB9dn9J3om(<`;n>45T!NG_TVaVi`G_nIc`zaGxNa<1v!I+3ml7Ye7)(Sw z)a{4srY5H&nzzz+fzOuN5aK$&klzvNHHtbI%e*as;Rf={N^>cyHnQmk3r0mWg-B>< zn0PZnkOWcpqBy_r6!$a~(%Zdf!!xwy`*LcOz z%b&jrDw&ee!Ok(_J~X;imsf5U9#qL;>)WX5WtG79!qw7E^rwm%HmO9KSy(n zihJyA6KvqdJZx^G6@XV1-rse(V-@p3lOp9_YREvKv&__Kz(F8uI-BpE1V9yGBH7UO zn1?bwDKK=X7fBXz3Cm~$(U`)uq4<)>0HXd=ufFc8I0p%%vQAOjgB6T4i+=7<_V@ZVJY>LCLN+%+@yqBR>g=$BL^7M^%&&8JWw3Rt@{h{Ap(IgQ z(gsv{mLgxi$m+rE)wC@J@|!*I%KSxnjX28;EOq8Idi!BZ3JFr?)_fKSYX39=mZDi_ zU(dJ4LC+AxVanDTwZ*A!`Kp3$uJEaGq(4$4BdF~hDWAZpCr3si@~mySxky@GE5Q|J z$lY9lUShMkACYg+WpYgtwwT?5x$OK46xYV5W4Tcdj0gISe zQHydd{JZ#`6E$38(2ipezcxZP_S5Wy!NyY*8n#k|S_}dfhjylotkHWqWMREr{HS$p zV8_6t&bW#%^rB%Ljk`TOVb5FJ<^5?i#yAbDfgul#XUQke*ckETh&;-lPj`~3Lt4(@ zR|P`hCumKX=Rc;}=VFkVaZa0A>sH}d3l!_ib}(@EhO3c@FqBWm(yEUD%E;n!vv^6K zsgKn@yF@vlN|&aKH|#(u#`HtT3g{6&9`bf&|Exl-6{Rwr_+&kB?p(UKErc!?V1aq+ zl7z3?Z1dQRdLMWU1GIE{!S!{lUo2j_fSdif2(><-@5N>s;YtW`!ruYF49u9pPjn`F zuerpdJJXxR-c4lMBV51k$L=|2OlS;(NwutM&jX`fN=`icKjkvHAYicUmix|l!<67I zUm|XDA98p|o>T&~dK0q}8`3uGCVSrCyF8PDx~dA+vxCxU9M))o{r|c42;+Bb^wsjS zBC5*`?&Kc>;P==Cpsv&6q>`Y|tyCQyU;%70{q2U00aDDu2}3KpFWNJgb3mJR5=F}u z@&`EhrXy(^Q0~XZLABtJzz9V z-y32Mo~@Sca(IRz`{sXaP3^Fm(7VtwQJ6Tf9ymz-SppJ$gPU6NY*vvmWNPxaQn3_! zE|s((5c)MJ*vkwgv;qW{#H-=a%G05p1J?t5Pt_US1NTbYmH`4|LP7R6NBVu!+EM@jr*#R5xv8}i@| z%7ci_EEMKo)fXbRkjf^t{!JmUp7Hw$6R=FL@E-}LWpv)C8={mvb?wt#@kGo-tRxOD zPuAeg3?ox=n6VBQkXEXiV_uC4cUnk@8P^==f#0QT;^${+`y$=oba~yEr5mnKDmksr zIo>^HWmT0#Tdt2fn@edNt74I?=lL&6jqXk5YQD^Jumpsc&8i>;YyK3HBdKFSp|VRE z8=81(?he9Optfa%zPfNbY@Rv~h;vAwbqbKjsNC4#8W&j*F?-tu-*sdqll57DosYjU zE7wRPSS=7v(e7m_Hy6lqDxDa$ytlb2ZI8qvSsOLfY*=@(X&}-#4r&y+;u6oCjWob( zVfZkzelZ_uPar3*4QJOutk1CEJkMAxhLmHhKhb8gkQFVSezC2P)ff3JZjqk?I<~mL z^!0M22boynd#GMd(&R@>yJ)Zr)_KEsS#Bv}BF7y$Z)Usxwtu|3yOdVKjEIX83q>}k zpAyekAf$yA35^o}uZy;?Kq!tG5$ytyD3JUsKi95ckj4!8R{JR;9s4UE`TM>A?2oHB z(w?NH8hlVmQ>`u194;=2_kLr`d)ksUmCZRlc1Yb;Ca@1r#9dg%9sMCjE&|5ulB87HI=`%A>EQHO!Gk!DhJs~>wh zV&q9!EZkWnPCO4K0KcPo$*0Iu8EPc-werPeAFZ`v5ba%OpPkik=Ou&G!*;u?0Zi8h z^02VwW~7k+n-MYeDrwNZkPK)-`qA?lZzt>2;iLcskdpKBqxUR|q5}HAv+nfprObt8Zjf?13!;roor*;ANFzn(8I;DG|t9{MaEzF8!SJi zlBRz|6*yV;6?d;%k03e;O~32mugqmAC61VC`Q?&dMF=1coS9{Z?vWq6YK;=JN`Vpd zn_?oX|9|Y=Q*$rh7eDx%*g3In+qP}nww;{Vwr$%dw(U=BJDKzQ&&)HJs=4{z?W*ps z>b~i!z4q(9)(`i1FuuwL&S_hX=`c>zQmg-KJp!r$+ADLLD?3lze)*xYVvQ!PUi^>u z`}U20X3p2uzcRFW)6e_KjeK9$5Wk=Mb6Zp17D69CH#hIsa};~twocDCIseC*_Iz^N z>!N(wZsY2Y42jdf()KPH+>M|>?Q1*O#z}X#ySp$o&X?^oWHsLrl@rLjhaC~@5B`Kv z+c@Yp&#Xuiy2?S^#MFx}zJXK?Uvsso<;5wI{8vz*dBa{uk=tY;t=%mr7ee8zfBOSa z5^Y2^lzgK!6kc@E$(~@HWQD5NB^L?VwNUKQ07t&^Q`a78@OSW$R=B4c~MtkP?rM3+@bliK>>keTvSTU@o?89ctOX%&2y1T z&&~?4gi?tKcsoD??Vv&P^3m`ya|fKjY6C3~l4jkyUKq@i_F89La>w8`6Kpox-#qTw zIMf~vdm~?zJQAj@j9t#MSiVZ9)o;%6T3Q*%hlHr|pF;Sop>Op+#HSETbQAQ?ew({` zfK<2JaOK{wl=?YxJ3HKvUsS|YF8Ym4qSQYB6uyzmMshDAL|bXiP%;8Eg$$u{Di3ln(l>4L?F+q3$4PRZ2yP zazRY+HlGhyLY59r$*x73^2hJz4CqY#ni>dLCMxKN7sV&Uqcj4;?GN~KaqDScballT zjG8<5%L}aVt|bvoFXJ^JQ+1vu$<^*7)bUC&Z1evSShfWk+%)|JD!3tsEy-;pNv5hm zKfvB$=tlS}_6=LSc~eta%Zu<++@C})^ktQN4Lh%Z{I9#R=;-2?@m)+npx05-+1LFd zk7o{}sP{3s;w2Fa`Qx;F;rdMte}TIn(o<`npVH4~v+LFKn*3Qoo``GJtY3AUAJQ~H z?}Mbrm^R}YPTrP?OAuAg;z|auriVF$LSN}U_9~XGVA;75L&E+gTcmL@m9yoDIb(ti zS&KiZXM>-78U<_NdL1}ZhFc|W9y*h!9G4{nCx$fXAPL}5Q!xH-CR1rkcq{^2kL;sf zkt{+>!ei>ZiO{A66DuFP=zUpBJQ;*Nv23ZGs8pXQ6X~|4SK}f;rEL7FWRWE`hr;k* z^a^QME^j34$&e&$OhL+;UG~|6GskUQsztRfdBH7H=I}(N0O^WHvJ^6`*sRgS+fcuu z(hL*p)7DwDc5Ks~-PX?B#kageqR&O_=48dxVCh0z%~C(1<=>W@x5k-axZ)T_?^XjB zb%5(5Q}Cc7KK-{y%Ph~!j8rr76$TQDgr_wzKzah^_HE5h3**-;)y>DL*P5RrDO*9H z-T&keaL$fM+UE(>OUQAj`2KfPcu#ShDr?t@6AEqO<-5uq3^AVSriFiybc<_3Vs~JZ z6xfm{2ePJ{Zcf4@P7v<)>P!Y?BBoa{m(uTd z{58^y1#Hr)3N2%8qUS*C(2zQl-fbW_EyPW?p@alBp_6;Pcrb0pf~{79M&fIH58saa zcDjAx+g^24TjUky^<0lG_!Hz~xK)@-@_-=s4JP;7b@wzviKZ?QKr-^on%2=%XkB>}mM$uu<2hRU<^L1XFdi%d8`;11tABktYeN9nbo44Mn zZ?W#DxH^v-)3Ra!$F#9mr=S~y8fghO+v_zTz6@>L*&N;O{*hA0H7AXSjUtO?G7QC# z-RX7r4t^6VcUh--KCrt0kv@||r=)*bGOLHHTu^^NY8_)OCCLX7x8DfGG77)R?kI-- zd^>{EW?ys%*%k139#M;D7HzcgWDy@m-3-ozwRJ+Ms;>tb)_J zo~lzhTFhnH>9NT3V8|yFRp%;F^P0BkXVhvOA`31sTCcf3DDAaQXoT?-6eJm%kjaum zBxJN>N!C#Vb~o*{BNuz?$UXp7!Od9S`og?m1Md#A^(${|3=Y?rx9H5q1FvnG;|!WS zEV0oaZ4{@w=3=R)4GTIoyBQ|o(5U6^DdL=&>4%(ttj5+W$ugPw=-HIu4LjAl?PFda z1m+%3*jL()AwQk4*z;LQAuhtT2adqprKW5nYtw< zMG(&VT}NNDJ_5PI=X;EStS=Du#UM6sqK+&4>WtI9^xwstDgnpy3YbYN6s!cygcwO! z;gV2;IBY;k-Ak0v%8B}Rneujt{B}ma2ePD-&o{IbGH6`ovMmmePxQ9FeY=KK1h*wXb z0|+>#R_d&Y;isOz$q6{yJEAf&l-UoRJ>>yP%z|PAC zjqpGYniQ@WeUYTk45N{xjW&_J&S1E7XSpdSv^s0f7;z_lr@e8SN7_;N#cvOGGD@c{ zbz*M{)>Gon4@}j6{>6Ob%mtr9Q6M?4ypi-{snZi;j4@P zx9N+7vS4qAW>9p%Dh7AdD$B*j5{XiR(DZ*5{W(3#j;NfTJtA@!(GCUMhL59^Fp*(_ z-&=M=asfGnzOJ6|$pyU1rVp3(o?rMbUc}6mHjcQJ&!S25S=P_gCqnvI* z*CyPL=@#Jc7*k_O+t7s>n5&Ij+s~M9X;>1#(DnL+>iY0QUDs0x1EzkdXGb>kmw3sT zA=VInzVa8_lCyJ*Y^ID-bUVzMapdptWb%C$z01kb3A)S z2Mdgh$DFoZ6HHlEt;b4|f3IUtIh>jsFZ_=>y*#I6nFE>=JJMo>^)U!!Q5BVdeGpeX zhtg*^9-#saM39jwYX9ZR)=^ev`p)cyi!oSmm=Q!LLZ{YQsrP! zuq-$aYh1?J)R{&>$x>=GcTj%!;vg#r-}e?Cn?==EiMlitsD!5~Xv^DQNMI#2b*^FT z3=Z-Bt>OT}sZVI44rmc4-1COb#(oM@rGRx-W4MaP0zcp;eA6EPj1ldOkh!V+GNFz} zc}t|z2wWdTKW;4LF!ttxm_ClJu<_+=roN%dK#(E2e9phB3S%vz+_ovAI#kOVnQ6ZB zU_+DsRs2M|xz?PXs3u~`8Czn7e6EwH*gY+MZm5ioJ;-OF2BYX7qub5q2SVP7~n9OM%J&v#z|>Xz)SXVbO^mcgv;ZEsu_^Szd4UHKmW!MV9g zQ%d!8Tp3kT$~N-vQu7?rQtZd<=s6X&ccJ74GgZSBmetB82Me>-K^@X!Thc4i>tVf3 zj%%R}DVvMZe?44&y3YQJz#^*7M^BHNZk~EvZefCh!wp{M+dp{ASr|TsEN4<^Hp(3W zkQn-*J^44{299$q)>kaBeKVk77(n6a1T9PfTGJJ+gkT#Mno85m#=qh;x#58tD?KHx z^=y35fL9U+WQqxR%uPvIkuyvy?bHtyL7bq5<&;AnM0S&0F5#E+xZB#bR|% zjZ$0i{uE*ZWieENi_fiY2N)4JH72@O|1q&b;Aad9Uaqm|GmoO2uvc}4!mt5Tr81p+ zejs7iCs3j6MY_tdY|f;tYb)a~bzH9$xXhZ!w)`iJpOSo%6 zoKA1FTU_sh)bpwbnNWMnEQgSLi>>n6-850ruYdod!ufx3v({BZ@<*Oy@Z(PRk9Fo> zZ#pQSD71gI(NDEHF* z#+|qbA#pHuf)#g&I!cp3;YS>ryOL_*jAxw$AQ@zi#H+ zt<@VKG!bjV(p9;h=pU}LFD4r(j~(nb&i{zsZAM)SG={<;u%ZGOW;mErTCojPE?R4( z1X{xswydjJ|6cx}XN=m`dB+=JTvt0@eSfB$e1tldh8&Q!nTDm zS{Ck=jsms|hPlm)JqOmK65=ke-G0hQl7~11y#!$u#|V)unnNPyPgl-712+E{O1HLh zfI*$KVspX#H%$8zB{ikPhyO=NcVY8IbwU0#rorUib z#{vS3aE30WOvYTkOY2FQ`>D)-*netj?Z?~wP7FB(sk)+IEaf~{WK_L()!^TWzYZeB zbP&g%BC+xnR(&7@1n&wa&D1Y1q|MR4c;&PxjQFlN0n54N+VsM{nIES<=pJSBLFJ`R z?y7=n#~(el=KH18IiH@l$|_9%($AXjI3P{D6I|#nWj)vBn-to@jGQK@+t`EFdIh|q zE#%NU#t$cUHD~ET&p8CM3Fb$<>Bf1wz4wB!58Lu}hU;VG&YK9bbslnPJn^PA>11U= z+s2i-2&<0|)LY!20#{KZPUznT-j)p;Y}Aa#{m9SPUlG%gbvNcuUp8!6njAtDn>dS( zk8Z-oge|VNb~W{g{Z~=T9(X*c*xY>pzT}=(CgTl_%|IuNUyORbSjt0JXC6?nXqCCA z)b$|xP5ChsAiP1}R(uS#n{l))52zZs4f(t4Eu}@Wv?0yD^x-HWs@7_anP^{v>l+2= z&zU@Jy*-I)MPg-R4UI%6E!Lc7zDvjbJf09a!@CY(@B7HFpGh#~mpE75tx19hefx`u zFQ?0S3)CJ6>_*+pKOkQB-jG2FoU#`q{Bw5Q|IW2=< zMEGDvv_Aj-Xxx>3kQB) z&L4hY4g%EaJF7d-wfKabEk$2Zw@xuMKE^A~h2q|#mvTOK7U+;jC z3pz&%0p^|~ueuVia3iOtCn(_l&l3rIkuXY970)r53+r2j1n7A;^1~-x? zgp?MR#Jhd@LZDrSGWtF*52=?F()-5!Tu?22wd}UtPCtqML=mK| zREzC4y>S$5|%>!}RQHXF_ zl4yNV>6e}V0zs`o6<#s5m->;B8gv@ z;N+OlG8d)Jc*bhIBoQi2G3|^?&BNF6{W%C*o0i)F zhH5mOnXMYS1>2?E+VMJr3Ch3Kuu;y!KQ+!;cpDHa&7zz0p|gH58+N@eH^SYkWk~0} zZqZKW1|-`%qW(*N2R72>l&y8}BaD99n^vriGwjc9x!D`cT3`}#zL(PhcDB&+GLWK9 zQFdMW{ct(0x3cM_Fh2VTg8$R^WFSe_oS2p7qG~e4opLWiWE~rez5b-Pcxl-&!qnKt zEpIMEm4GN4s3XowmUHct+poPEP^h$q+gQXdy5BgLSR^KGS ztPM&@d0%ARl{w<&)rMMc+qBV@TpN>_i5spD42;umW^U~T4cq9S1?{wCD2E*O>gq@V z^2dlL^3j=MctbL$ZZu^nB}{W{ZZi6 zd}oHmOEk@fU|iS5@uA~L9?t`XJPcIA&{E+C0wylqv_Tb5uKj$^?}1V){9}&;>2j z)C&(A{0lWS+1A%?bA`f3^~ntwADla@C})N?7qy`dhygw6STu~8kv`-QlY7kbI@=N% zA!1UFBH@Qq$kLz6^W)>|Iv(d9WgxOw%g@PmUT%dUcyGeFtsDexeTycXJjmzf8C%PH z&RQ9@=&~MzhQcb)sbL5RLeKtOWIOc0Fo*I{kZDXe)l|fU=Dx#qJ}1rljhlb}(cLF7 znVR$rKYkey;im`hyT?qk zRPukKcCsxbe!X1Qsqu&A`PF});kWult!f5PL=POY{5X(4Ttu2W>+n5+jHt}nGl}Ee zYhW>3Zae%0kyYCjb!!i6Km%9iW*6y8#DoZ63sKClUARC?#%Y*&$~7m?3EtVr^&$g= zem@6NbF{UW{>oOuPVR4QXm#6!HSOYqJ$c|Je7XTn)o{JN-__<S=z?mp7Sv2j|{k`hIDRA&1V z4>IbrPY)3n^zbyfjc2nT4hf9uOAZ7xVDYaJ)pUy?=RlMIku1^sH$}1D%UQ6lQXZ92 z;8eXrHwYbsIV%xu#87FqN1GI;i4ek3r1g+s_)LH|O0ZKY>jR!QKGQFWX@5d!`5ho& zEov&|_zYs*K*fgK5Q-aJZM5?#sM4weFCk<+6^I}9-%mwD2IK6^0YyWe1LO*p7dfQRFIN#{CS=HSDo_A+O!chVFoB(zg%bl%N< zFOrCNNOks*1fUH}e&Th*K%3%JtGU@0{uqoUm7lq~FrK2@X&B}0vdq!mKa8_;yX(cf z&KRI0_n}!kDB>S0w~CUVrPN%oGPC!fmChyAzq`>Sh}`4nbDG5d*V2y5uA(O~#wxR( zb_KO%Id!S1^OP0#5y!bV1f|I#YWBH-1PD}uFdVlvS}1E-0x?>Vq_)M@YzI?>x_7Js z2&Hgi`a2qQ!>DyOeIrK1=BD;JQMwD4dqCQ~#F>Kr+@w-aU0niMLWMOOTc z07VE_n4*Uwai$nIZ`%uML$MdJ8K9|dd47CcQjhY!z+ePZ;Se+S+duIlCQHt+2%GZkEAqxwVnmp& zR}h6y{^;Ih%ttTRmrLefARa;-$DD~lH>y_qLj(pQo#r05{C#fugE-TAa+L{c@ZeCK zIrt7V5o2%$gdIj%xWiRN@TB`hM3~fFkSj^+oNQ|tQ4j%z1!Ew`$Bl~m8$EIH~PeF+I;XW{y zS+^3aBSxKx+0$W`QT;&T=YHCec|M|>P%8l>L=NFn^MT9%NQ-%%TmK~^*uMK_#}QNa zQ%v>*=TEKKnHa|mRrPb3lK5{x==DlGM|(joe4ob4pDXjk{5V(lHNRN%eg6?niF2~M z_(g^lU80m@353XfJLCwFMQ^1L<=f8L5Iocf6n?J^#{D6y=E;-iMPvCFR+wD`4*j{% zc#Prcb5}{N{Ksw8z?AAH7P~~*MY4YJ_YL<+iRADeO8cZ!ce(&l2>^bdhps6Sv$)s! zkpuEf!O6i@l?pQ(XImg_z(+qH0vx}t-ESdnXx%xHqiz`>zeY|3ml2$N%5X!7^9Um; z!ig#E)-x728CMP&V+J3)b;!B*+eK|XW+`i|L#{0S_Kg525$@0Bpz9L3Oc{5uy+bws zo3oFri}cifNb<96Q2}i#h6}rCY8nVIkHeBpUr@pWd&*OP??6SreCGA^}%>*o@QeW&PNtnabrP8!lT0o=@G?8_eT$05*w7zNBad%iw zz+Z~)RgUrNwaeD=&NgcZtkSp)hm_=tWq*QAG$C_7>ZHt^g3KBZF)6jWbj7fyK)(B5 zmC7c)IlFv5oTQ`Eyk|RXK4xNMB>pS5-jxqtnWk*6z4<~um= zsUpu5yRB|apjy}FteWZN$_qpQ6O!6Vr*KJ4g6nN?*mHqU)?RWq07@LovM=Fn3Du_W zbO6#@^whn8XyAHCTz!W4-FE_}lub&QNCWJOH)E%G+3P^=lyw*J75?6&520r_y{r{nyamLxx7lx zTfSlOWY;I>9&fWHP>kBv&R7BY8(lpO-f|>|ubuVQorauByD71d1SS{LUd**?rE99y z+JfNBdX|auTBC+=q#5aR)F2s3eD9*Ye`;k9>`$^+`(K+yrA|lDlo*M^E7-_i>zxN1 zs;DN7G}r@A$CQAZ2T|kbrZUbh<6-4tb!IJd>srmytW4e#)Vu-Ef`O{cG*78Hs{QH^ z;?FN%S3_Sb$&IzVT@rQ5x9_JXSqEiX45VLX3_o?O>6q?k-5Tl)FeSuQ>{EU#)qN- zJ=4CnFpaw$)hu-@o{!C$sF(0jN+2-ep=D1yc8~1}^3L+EmA{8pSNT%K?tL3c54lnj zPJ=CMN~nNNv8TB~YcKGOfiX%Z(oWsvA)b~SA}xuxb;spxq?FL0H!US$z?GPFo!v$u zYtVI8QR-zJ^asqbnLioWRg1iF6ck~X(Li=gH#A$oz12pZkn+$uP$7zkkPKs(6;J4q zF4yxCx_0t&tcEXXH_KyhR=KhZ$ms69)EUVyP+3>e6voTVs5P_jSBTD8tVaCYg|i+g z;SKSz8BD_^F48Bvx_NaLg6T<}wu-^Lui%s-ZQ&da>HPQ&w6;g}_fmSw*>;&)3$sG! z!GjVvy{KpFszW|@NDaJuEkKFX3EN~i1I&F9&$UQj(cyYg5_mEZRwR&dJ}7nWvS+L%CTm?G(%u`s;o)V zRvVAk)dJFP^$4Kq@gs0L54=(Be|h8R025?5eXVG z5rp>x+>;E2k6p$LUXp2kfM)7-1zK?Bn{@yDQSj8kI}M|(36_{8GPX$cye%1(|> zH&&r~SB;wFf#0g>3@rJ@f$noFrg7teGoz>b$W8=dkjPMrH3FN3)qdH_(Rta~)s&|xN zBjU7g<)rv6fFA~0&IXZ}gb8Q-3Kn-GO}oldNxE@c7&~Q_nr5dhzXsbxrB|4=gVJ5{ z3exruvkI~_Y&m+?Y#p;##WW1Q_U>E82^;SJZom{<3u9mrFdST$r zzfn5MRcMKm>7~gvZWD^g6iF82=W>)*NXua!)^t7858%q(z&<`A{OnM}@(m`A{Zd(xUjqa=2PqJG+~lHK)!_1Lk$v z%+ndKFzDW7c)d$Rv%JtehiRL|2XgA2nA0;J0){8WqFG~Rmc!XlnEnWK03MB07LMwq zhhju&C+gaGR#!N+WQ~bV5g7h+$TVpoNpA+6KFw#(8?WiF6H}Q*8TRIS6Gl=lUb)4_ z1bd^`ykrj9C?O%?pBKx(Cg0{l67_2q_G=RKYw?R--}sAGcMi9<`3UXR4?adR3+f0u zx3jZMvol4!9QMrsg-PdkaB}K4E zEi_NN)Q4Sh*73C5|C{kW!dAs?g>>R$PS+K_&0%{xTTGMx)g+USFy!okaAVDOz4zBv zF+)kZehQjqa4jaz^7V$BQG0#uouLp-#?cA!Clpo3SG25W^vEFNm%YVk0kMhdWJ-gO z!M-gTsgqhrZI|pe&OBKm*q!ZP-ZHP&NIJ@ea~Ep#5VYk?w?-Uyu4wUa@CQhp(tg2> z_|AQN`Vjs7&^gX3-swfD^`#IrYX~+XbJvDn{KT!M{E)$tf!)laa5jAaJB~7$J{SLg zrBv01zs_-5k4KH%tGcFHRmFBNtjeF_;NQ?Fm{)6D@WSBh_&%Ia5-&1`z z1>d#_8~4B;VF%D99vgEZ-hxj5cGlgub8{E+((aYkQKr6{_x`Ya#3ZAurV#YSq(nIIUUU)BqqjtL+_ff}|sBu(@= zEi#(55wx1+(18>&Q#gHp}s;pRX;O%D;!kufMfBb~))S(;s;foS zQBG)m{HEL^{BbrTf<3aW-BF5Qdq{gW>Im@?oY;}gmLBjmt=UH4_de)aRvyWsVkWtR znDw|9&khtncO@9QeFfBnRXA5O79_+C;!`%;||sLm?^(DcEkI_!v&1jl8|S z_V>85*$hzA&8EGGa+$3oXjA_MCsEmU{{)fB>ZQ^tawJ9IU8m2yVs^3r>9y`f8`a6v z?MO&=kGUj+bT@3Z?Y3`A5*SV-Fa@+*NJ8*EP9Zy5ct{Ec~CA z8=_Gp2yf~yIz~kXG@@3_6=BN2oX_6XA3F=i8z{5SWeVMoBi#N+Z#@8J&3u<#pms_# ztBTlrv=U3>T10Ltax&cYg4RPdrNtG{1Dp4a@MP)gRJueFw2HomoxipAN0r7jX{u2u z%~MUVQ{*XPtohNxIIe#=_u2EWLfv{WZ^K+yk`Dd`=X>|MoE&7nT5fk?O1J3ewKZC+ z(0-+r%h+WAOBzYY;l#B^>FhD!XVwbJhI}p3%I}0ZEgM1s1QclxhljZAw&l(-m2{GG zxq2#GO3@@@|*aZnbGb~lobc5fj^T{yAb+nEZ45CTc zQAM>Gl_X};Z@x38l5gennFn@xN=Nq`Pqbm>Hj?3?JaVj)04_B3BBT=Tnjli%#zd8t ze^;rLsZ_~c4;HGF@v7)dg+!&inCp716-%3sB&zv6qbHIcGm{=?6eyR;Y*8hFheNoM zYTgr)of)(Y8|{xIoTkTI==}!|$c_JqSP3Il2_b#$Q5MNp|H{Z+No=2qQ@p$5Xu(^o z;xX#DNxI-x(LXV1qsp z_xGLu7!VX*8o(nOjTtBuYX|GhG?*Aam%^#v*%x3;PU>_<65ih)ew{l2k-V+C%AyXCnT!sHMq@BrpE8htt5G1$s&#@!F`J@l0sQ5RB}Sw&hF z74-F^H{Pbi9ruiIcuue?_vALll+r*{VD1yub!v!SU;-mE<_Iy?Xb<43U2N79te?+J zl>@GW?#K@f{=`VjWarL%B5vbvZMC%rI&?<&IJ!mEN158_{L|!b(&BQ~O*>zM0DelP z#8AQz`T~bucl!VdG{HC5NVUeQ! z(uAIrF@!QZA@KDj?iA|Z0XJ$+8_54Kc=N?((u?Lz;idr@+L(L2f7iNB8!oBX?4=yu_eTW5G<1|@l?ynipGWR`nzZ~2eoy+s;pQ4&cRuY+j*w!kIy+U! z%b~Q3*vb+O&URr$xVB`%LG1XM;T|8R^@TQIQM;Ubl>FR|@93Q^@^-r$VZ|P+YD9#2>heGlhF|H%?_;No2W`OmKeW$=tNVbNmOrTW9_J$Tc?4th5a4YRq z8%l)!M82V!(<7E3&w1((ChPg@@sjpLPkx|PkbZdFSu~8S>`wn?$w>1D@;EPYn2e?< zQWnWgo$(-Z%MLdAook;uXYslt-VXEj%YLt-hrS>S3-{mh(+Ih3^`kjm=hZ9cwb|)X zwFX(csv2%0*3UsxV<$>u?_gFvz>y1Is%%`*`HRIc+x4!D)J3^^K?6TV`sX{k3Mg*f zcWHj?e&l*|UFfzioq^ncimdDM*o?oSC;#<_CYC0WQ19(Lbi7ljhXwFSxqiYxXj<4HD2gm?VF@6@}jq@)nE}wWR zqmeG#M(-7lRgC&G8B3oLrys*9PE(CZD{i2eW>Jnx!UJA#Y!~4>`4FuL@N8Vtr`+Y_ z?%@g8NF#c1+=7hpCkSJ^aUnfY6NUZ8EO*-+Z7?=^D^yR0b9ylJA+OK{S{SBP3tg>G zJx-UYS#4-%qa_9;GL{0y?Su;hKn(ZJk`j=W3T()tZQM!UyVo}=AH6EOF`*p zlP!@DRo3h<@wqolS~CZ8R}pyJ8ZLU+bx8S7_77qvXh4#)&qW+scEQ6+!23G(bP3-5 z@}+mKJCBm(^@FZ(jlZej4sy$h3y#Ymq)#vCt=V`o2j|^4)n=Cob=EY60I#$|@_mJ} zM}(QEp`b!GAv}0lYR&L;pwliodoMl+XxCpG7P#%TwN6<2Mun3Q)IMf*gG6bB?L2EW z6~K@2%}>|nNR6+d&-YAKztpT&tG2Wo)0s?`ckk6bNybW>20ZKi*!QDTBN1;y0|FAV85jX=`)O5aVT%^wn z-W6lfaN?^4#M9)vri7~eG@fQIKa*=y{unIctNH`|y}Gu4^`k%IO+);Pz6(?NqL?J} zJXkNJ%z*RfzPJI9L_eFG%gec9?B`V|ezSg%CzqQYFMy;IRfvhHOl$pVYIzR34V97A zuHO_MY*HXlL(4a){@fdSc#^Zm{f|FnLv|DO=|GMDnM`7J0k1g{9=V2ufghfess2^} zVy}A3m1)!XoLkl!t_wR&8WiC(vz=8Tz69o3~VT2$fS1vQRkGQ|m?NB9%`Ua?BV%elM(y?jm6IXvJZJ z31WjU?`DTbP`NJr zK{}jCXV69#Q}dyO>=p~WK9LO$ML}_^Lg6tya%w@TWv^ggsbxxXbIMzwv{VA+2^oGz z)^{vhR%Fkc-dLfph(dq_9AMf_B3~*$)0TUzVA(21MX7!oR?qkY8`bRT?Q@}LQL*3E zD4|@sn_dlUsmMo&A+&Od;@_FnZ3IQBGU}{FAr?a7dZw`~$xRNA2ZdlwCNcm{BC0yu z%9nNwG)QI>Te2A>J`^P1b)M-j@>Rg=Clh-&PAppddwG0i()`cc`4AT^6qwTy>!N;H zw5P_1qqGGaVL3oz#UjNU#A+t5zL>j_jW<TEBih+ENUu0{HpcN6PEqR!`A zW;fuR3?AIt%Dm+_ayb~vywvY-2(*>);iP&5>w-Ztb#C@eBN}dlBko~`c4l6k08dP% zze-9a$LGGF`{lgbuiY&+v)EH^eP-NlYyyi@k3Hq%xT561x5<>Av#Yb?RZ7bkh)S+} z$fcHErRPstW0iNw1C^M7EGI+e@NsIE3=t$8ye5R@rqMFMU0BD$kGh)klZO=x9^?YRS^u|Zye#79_s5N%-wV!PfDVBiLD#Z7{?cE!%JjC*_e^-DslQgV z!;#(^1P&5HbGwoi#0CHaOE44TxK8y;wkJOeDExURZC>n0C%dZWoJ>e7SWLhKFA51~ zSDXGS&e~?k?_}$5m(-?B=9ES9vN*6~Qa0`|l>u3|O$H+$RWP|^CX}Pn($VCjXQO>UCA3C3;J(E47Oz)-W?9yuP>0e! zmi_K-IPzOK8L-U0TB=RXzgP^$DNnO(e{jq~VF+j-+7d);+<=MnCxZhDmJXqwXP?0=C46W zLVC>3?S~V#5B5$F!>(r}ZxFvfTMp_$c40Vdp4kVCSR~RfSUn}(`OJE^=X#S6XEuo`1_|p5%`Th+OG&_ z*1S07Cvz6#{JghY(|ZjrNZ+0}B-e8L7)-Pm#7GiIS^w_;?B*C5|$p1+4H+GS+8Kx_b#`qqSEa3WYyp3 zQxEKvA|z|pLevYg7=JyJB8HQI(U{^o021(=m0OmS!vl|+J>+`TEoLCN(_Iar6+>Il zB?pA}&S|GF3i~^1NsP;SOU^D2r4eKHi&>Y#We`vAfL+n(sCksMhpW_>La? zGF$t(J2|`7$EF%%$4cuG(4cw^^yRFXiw^L?(6hb8aYP!(onxauFs_{NhgBiWN zzLXoo)}teH@79uwMtGEQm&*A9{-$4Gzc_6lb3XK|LCsnP1K%pAEU>mSdX^Jh=OtyG z^~a}E=ejSAD0H_~2i4A7ew3}t`!f;zjY?WmO>Rj?fG0T^8D>vu&%Nj~JSqPN`>&}C zb)yX}|2-3a?o+HJa;_~*{4x7sh$G*z0#kSjo`_}7oGre~&HB0A&$-@LPx{^}`9*ie zkNl|P7TZK9oXF)sw9^VQ`veR61r3t4(I zWKzl+Xyg&#H?#Q4{9()3eha5trkQxTh^yKE6`ik&G1ZA?Eue{$4LmgsAF5uGtvfU{ z%4yk?wn1ZE;-7Ih!I)jo9j_XGY2LpiD#;XF3!K&&w!P2eQgF$$Euyy0Vgd2n!_Utz zc28H||BDqdQ6aG@x~>xe9EvzppWl;-^yg+cYxVbcdo4;vgq3A)CB6kBya3DDb6;Jb z_hx^7^Db!3ysSC32*=iRT`q4{Vw#SS6&`y47#qTGrCgQ8i>ywJ6e*Pt}bwBB2PP5+I) zbD&>70yq7u1C2cwuP-cKQ3Jm>>?^zx6!^e2TUwp2ovfyiYouzM3N^^!nwOyz9*j}k zQFt$Q5&nl*p0H1ZlY}wkwNLbBA#&%#Q+vJ_Pqs{aOeln;vTz~W^Xr4}LZ!RFI<)*& zD?GFl2ABXZvl=l|CFF~EIgEjq#oM{A1X?Y@x}(fkoZ6Y%zwM|dy5_`=ZMY2jSbyX@ zG)us(PMxV0qCLGKrX!dBL{LG&UT;%o2FF7`zp)!W5g3^wwj<%taAxhbmli@o+#v9*7%IxPT@3hbcaRWwgffeqh1}T(X77v+Wbmkqeg^_V!nF=~Qeg~80 zU=9*aHyJt3IlUHPZ}{(zsLhB8#L+Sk&vs%fIk^>3XDS0sY=}=q_N3L_-b>N}Xp^CG z`jn-R+zzOP^ZHJjLcT3|6fpJJYCK-xc9Ly#Oy>BT9(hhfqujGgfQziL-&0<4=ee$h zu24-^^+!oBOAIx^ra<-gS)d$|$k_h{t3Xu0&SARSg+@0nm*HsS;FwVS(JOk(b1U0m zEe?ksxTeZj6Twxkl*o7xh(R}R*-*s->8Mp!(77Q~Qv(ImWD7dqljgb)+p>21^hAL1#V zSiL%D- zw%=)x0m8kN%p8EwwmUdmK6_`&_EFSLZCUDpoV4Hzg5$Rrk-f0C562smM|e@0x<8*l zExB%wK(5iMJFu~dnc&PjW(gK*cW^fuVSo zR?pi2mR4WmifCc3VhCo!GTK#KN^LhuI7{9 z5LRX)SVg93@1c)URUlS1rYPTey0ZNp<(9<$#kar+hHr6-zTHwNYD6K2cw`3bKoXN> zB1=J$g0DD$2Vm_qrYc2_@yBVlu2Xo1d3wcGLf)S`GWzuvUGv0nIoYN`shL_zR#wIR z1Ik=(=3>e0O=~Yo<1Pd9sRv>2z}Aw&LWt+egm+naOKz!D@ez~pVph&?xe`g+Mc;_` z-z98Tf)M&6m|XjvcAOGci^4q`u>iEB=@Q+`f{Ql&h_CJ1ga&mn9mp{Gv!~3gOf8{6t{7YG{ zZt%bUdHfgl>aU4JPELORA4%P7NqoGlCPGed>YoEvT>=q1LED^{=8|$u%t`4Fu+_(i z*irD-b`Kt0!cL7}`FPPOQ9|G{d&v`1812*T#D$8j);606o*d$;_c{R*?XgN7_;hY@S#4tXfB)-a`6|DE)z1v`}G#H(jp_ zo&oedXsWQxZri*EOy3VsIlfkUlZ(li*IYji0!&ven{WMwtYqtn>X#&wUj!*yTsTGrxMa}bZ z=jM|Xa<&w0;mG04YaS%D7Y#Q!oY_60O^qkR_N|Bby|dDo`!2iB3}g#W zf{Dj&;8uYQkclh9-RSyc#^xBQGJIS#El{jY9!$;(Rzd0tb9nt2HnS49dRP8eNxoO; zVIB6%%%2l_(nC+uGwFX26{Vr;U*Gs%AU78uW5ld0Cs+m?KQVJc(b zLo+;7!=(2Bm}deZTd^e(joR$Uz8wI=yl|xwwG;`~aJ{rDRIPP$j8IpyK?rw0<6Vd) zhqVGQq_C$5?zheUdCyksf>!B49FPC(nae%5t3K1T%qO(a+wSUz7qJilcT!t1Snr#1 zsJ5_?me59>QGy$Qt!6CGy%IBEL%A!ljI#cZs~=vR59`(HtlmW;gyDzU)edY9_~ z8y<$>8JdGM^*mX+KmDg3xPJ3@lmGO}9Q^Jled9>|KtgR0^M)VL?dr4rbS3iZHOr=^ z49`!f5ffHcG6Jo2B_P_0=Xg}0&yxMkhE162u7(R{v|?p6QrV`#mZCz^SW6b>3G`^!>PzjRyQMh{}K zd_r#px23Bz3n;--ADIHP%Cmd2;;N!IY)Y=Rz~RR%;7XPR!1-BD>aybDup|AZ`#wyA zFQi<~iK;VwDXt}(SaB$}`TH2EK?_<76TYs$w4@l)wa%l1$7;`|Ig;HVZWy~Lvqltx zg^eKDyafrUxHsWKXeKZYoswltDJt)=xGS%0Ff@kJhWn~lU`0zT5GEOxN3JtiDN1Hi z+_2K+B^D9`wev^vrMQ9Oqdq}la{RMGy$>Z zkWb=G7_2kQ5r8OFQ}R|Mx>zw18$@L&q=w*R?rX>_Sx)jAr16HC#+-r4CRr`rjhfN- zO~!xLgxA7c^vRlWucao)%8E;70S&NvI81b1;>K=IdE6qcdG>-;s)@?P`%E)NBfS`t z4P17x3{k4oSSk7y16)KU%)O*<-`L>C_~x(>+#8XnIr2I++nSe~tP9NQQDE1?2a@~^ zE1*(!%h-}7z1`l#+(@qzS7HXbG=a}eo}~Cf5<&@W8|h+8NmR8>^Qh}&e^3YV$GvM< zy$RTGAwdasscd6hv!LhXmn{Lu2*XaJ$4s1KtKv`1f>_X~_Twp@YSQ^2NM`+7s>v8i z^CDWwUrXW=Z0R;vQg3J}ih@b3%#PZB+BRsxmq4i%^m&~+^N&+i%HAUBo6X8+R3VI{ z4M+g9mkmd>-%RruHvMv0Ru|X@iRMBNN-I1iofVi%=(59L+_bo(_X2;O;?(s% znXsQ5nE2A@z=v499KW^J8>Y^>g^VxJIpAUSlE>Ms@B@xlK)+qh@64tu#iHBPVP8N<3VIus5i~zl?P#CW5s+3LaN%cqIk^sWZT+=V z!iTMqexsxm<-}y9J4c0)F>RPE>d&-HlVZ@UYs3`jv;UEct4qVGk4sSk^Gl+N^iD9Q zxnG>eN2cV@%Ordx;$NV?W8>5b1iZ}ktpK;HhynK6rs^zX%o)o3qQA{WV5Vn9t8AGR zCryYF04}O3S`26j9hJF)Tz*<{EKYXX>fUiP zmb7D4=4~nJ#90UwbA_pz?xqo~E3u*#&%ipx=bqKqq3pQp&t2%#PreQ+0_7mFCu#mm(rt^4NSBxzOpC+ia z1ztl}%T{_`Kt4lqr+WL|u_A0mw2i7Dqf%2ldNOi%@kNRG+gw>2lu4gB&ZStdja_+l za@rnQqT0q3lebJkxQ9*a&`W2_@I#$8#9vIlWx8E$G2AHv=A4l4RjPpFv2K^sx;G^Y zjo(JkI%qxz&8K&G2hFFi9WQ>uC~nydW|^qR~B&Z20RlUtiA2JC=!C zCXw;K`mm;@mVLjayhvsH=8EvlYf$T_?dKV3&2^jCY?qap00W+)X_^3=wPd$k)M@iz z;y~*Pxv8p*T)E^6R~pZTe1Qv7=85OPaAj4|s#fh}^$Z+Cdvq1JwSS1)6{A^GxzKnF zp4QvxsYPVV^dhodiV^u#gIwEf57|6qgZI3~ltBD(W@JMfnoYw6g}Y76K{Ko?=H(n3 zo-q1Iv|y{wuqyV%k)1Tr)xq+Wej9lm5SPn%I3NGM=i{BtlkJ=kyqVJ%*Cl3bo{$#G zp#9z$fn2P3RWTbb=1vCq`SL`7BEK1)0A@Li4`Ux(u`iNl%9gre_Yus? z&4#!iqEt)1wgnF1oSWT1exL;(vy1!@qBeV3o|3ns(*O4gLTyLxOWj@yrrwGQ-v20z zgu~xqiHv=mgY6o_;UO1!WIvj|xUe3#_*{|8k_c&LcZ(xnI*Hx0w$jEmGm>IY|IC65 z*;>K9b=7&0A~DgM4e5Xt795W*eiq6d(TXh+Y*p>HVsZiaIayMHkfx2iqp)qcugAqH z+BU}ih%H_sr2VwrH0dJnSS@t?$UzW#4H4lVM|Is|O*bVs>@Z3lE4tQP=fAaZ0SD-R zMkuOWswuf3ikFLm`82HE&ih<4S=}S82>re0x3plG_(4lo6-UfBC%7^K|XeX)qd0iqVFZIf>+smT1ULPK#C_#Sm^yUG5Zw$zHs6KrOWS z?JWqEg#19;_~0!60Dc59C*P)(2k|KKm6p&=hI}b1!pp3vbFA6|TcVGS63qz;Rvjs_6sjUCnk{+hpifE%lNPBXvlfHQ zKSkLdS#s#e)EqL~vnkqx$G#~=^d^?Y2Qc~F_nT@8h7G{f;3W)oap2kTrX4PVL@rm( zl*-FFlM<(Q#>@*ry6q~zQ&R+GDeg!v$Q=X!sFp?`=18R=A$y~T2-Hlh)>5pvvMIM_ zPwWh=RMbJJ>-Gv4b=fXJ`t1u+QMq81rbEhlHDf`{n*CzOk1ok_`D(CUg=SNrFN;s=`lL<+{7$`H0DY$J>)&gVFUQ5IqZo=d7&s;g(@p{}`y9kXIZL z7l1av?yhFMY~VYZ1&GmF}kwh++CGrM5X$U*BjYr@O(Gk5bkOa%6UWhR$yUDOLcnECus>l`*E+iC^i zZQ-T#Dje>5MQm4k@beS{-uIRrBsp8NGLo(>O7d;9PjNzao_mAO{_~gMI12-Rh<0{}LV&x; zTW(|NiLA?Vc+rwXGg?u_s+c*hEuS^-Xzt;k5%VXkO_>uKVHpNmh)jNG#JsXaWiF(f z7z-mE=D#*52)?c7Sh6evZk4qAO^?3+{_^G6Y0~dlK@k4ko~i^-E5PaUzt_GB1_+LB zaty8AMj1Uti;OiU)0bS`q`|9iyw*Nie|YhVm|qh$mwr28%uqN?Ry2TsJ3@UgGS)aJ za;|Q6fo$L2^w`xGEU;*U{2SbF_o60u20zZ|Dew9EIeAs8TCxW0x$~LW9!}I+$SZ^r zRL`w`5+pp*gxNJy25IkmHv~VHWH0U7L}OaU!`MsLR92vFrEgC6ie-h~59O}A^Kx$E zj86@^mP0YO4~3O%2b-X8A%6#c>tJ`uSrgdSzIBn7is^oGOSqgD{n**+HABYQW0uk%r&%Mm{B zU8%l#>FQF2 z$ApFL331H?chuH06|dg0^Vk&+Mri$=l9#Wp z-o1Kp@&47z=j0FO3)~l;r{uk8%*6qP$0aHlyja(_Q)I$~mQ8&O0G6aBxh#3*s+Waj zzpN0Y3B}e_jkS8gt5cNp@FV)qt*-=#GIE8*dR*5B4Gl@!lr3$Ot|YkHLN+%Xolnj0 zcqK&*#iej|8X_dtLNFx+r_-Y;M3Np&kE|e8aC2D(iP{RBt}{M7cYEVa3Hi?E+=L}I zKKB!KTEIt5X_B5V#CQu9M49=WHCW#Ze#=Un$ldv;?N0I%dxz7if$u`KS`+($r*T9t z41&AqLnc-$1RGvD)QL2BM8`RH8$+D4MwdR$T@mDYK6qq1{MA0*(NNvbCQ~jPx&Ueo z@T*Z3!3=`BvJjx=N;`9%I(zr(;^muH(^b9;i(+NI7Q75+j&|y!*;nk|u|Ie~?K!I` zkHoAt^H_@a}3&xY%u1qru{~dP16!IcXm1$)?3X{_F$a zvryQbjhKI9#_(W4`G;!hfvkIFxLeXA?V8PAFWCA9ofA zu|d_$2-Z_TX1M=ZFf?kw|ubN_0Tl^G1m`kejIvI!IH;VbixAH(P(68q0Q@&wg>2cFASrg$2|g-2W5 zwj`I=FRm}!evvKXrxOCGg9`GHUu5Vqh0*LsR?U`leNk7-ms|lhRJwq&@uru9frX%q zH-d0I(ZP+{(0K93iz`BFJ$sd@!m*=d(2VgKGqXmI(7d<9_$-Bo7~Ouu=UaZPh~=GD zTllfUG)>P&`?13QtB(+hzvE2v(HwiW%o1g>1oL`n&E1{8?vv&ORDJj{V=@Yl_lm9ekMZf_re)l}NI^9MsR%L&#Xhd?*9I>9 z{fjGtC3b)F)j3FVUq1cnJh=EDH}7P$CF!Gj7k3tC#>W=7VuOOWop$>cE81OFX9TBG=z$HRhD_ru@zqUiI# z4|R2-FT26N`IEe@p&)ed+6T@LRk1ag-^KdAW7m zWBREbI$zOcD^s0zWyf7tlDFSpw>)(l9=Tx)O4n1jtLjwF2WQ}c?42GgW=l!clL93n ziRAI7dTd4)$XD4TQ-h{nqXM9rdeQr z?+;79`3Zjk_?4ZQCr}s{9qL}`CLa$>S4<(@u>s(;oar&o5tY zeK3Wr?t~lz($RjU6G3DC)=eTE)VyCo@Jc40Ai1WL3j^L+t z^tQhxBd84S+6<0nD^!M^^$*;qeRkW}bx3HdRknZ{UIocl2 zzyA7bELEJdjIX*x2tM`eCr_s2|Gjt<3h5_=W+0U#ViooX7Q`p4PRaki{_bs43)B2H zNZ8=#>OJD7b4p%%;dj2Rk5trC1PzXur{wgiKz31S1ukrzY`LxPj9_020s6_>#P$TWb!8(M@b6Kwi2ndkJUBzqH^$ZR7y(w_4mW`7p)H@B z5=OHnxncK{^rF-VO>Qj~FZEzsl>?hvoLbCJo;6})pIdti692rkFRF|nm`V{4$xF{l zW9qU%D7IEC%+FY~DUs^sMpl|Wi7eN|)#fM?sk*T?;XRrMo9nnPy>E<}PryE8#7N>0 zP(*DV7cY=#$+Ot`bsfbD!G@yU32w1ZQv>gsrdU<4vAbAix-JW*6ydNwD=Kf81wf-k z>MC97$#YncSZL)IV_G#2^OGP`!ORIHNaEGllQ@|~V^petVB^)E=_gon-d!h%odwLv;j-9xlKn8+gyq1m#}$t z`~@+#64RJEOhKP=w~em9G_LwmdR6~%fqsdj`^e#d*v1A0CX!7F9mFTE zT4*Yl3e=M169*_H(L5TIA1iK~Vz?uQ9Wx8JpHAHPyHruK2GEPE%aPUu@67>wg7?H{ zYf-pFi-KRA_GL4yAI6A3$r}Ck%F{;IzSUP{gp2jei&OzvNg$uhMgsqE!m2Wma}yGRW^wHie+Zi(@&E2BsUEHTMG%}ts~KF-k=sjwx6WC`-M-~PQUF`js1Z_SofX1t-p z&%&{$nI=CvA@;D_j5Eg>WrS>jARZk}r$=K}$KlHuwXLq^liv_lW+KPUuKO)Vc2W!J zjSaxJXaSpawx01P2FEvMfLmRyHfrYEodxDbOm@gDBWmZ`=3t|Yyxc_f6nw=Ez>;RC zOpWw293z2gwysYNvFVDfguFj>1oa&E z9r`R<$eau|T7H~6v~YFWm}B&>th^<+R0d=0``XsRb{;K)buBt94zOyK3}O8dhg9lHBP$b^6k1l3Krd5)L)pY-?IoOqS2d z|2_V%U;T4(^84fCzno8g``2F`|JM}$@ynCnpZwGQ$FELKj*tKHr#F9ifA#9G{N$g1 zDeKh@{?|W`|H5AVHIc~4$?yMTWJgE*8 z5Ks~{yZ=ZBcRTejS~+E?e?N=%H{RXyskl%^5XaEmkv3*ib*0>A)vZ3`*31h77Al6%+?Hd^OgtMOaxG5e|yz+2`lcYjFSVuqVk zdbCq=K_tugn(O-mAc5d_+;z4BWU3NdDOSu)mAuj~>)a^CMmgM}%P0;BTb0e0(3b3P z#vh%^@NxX_z23B(rw zrNrW%NKw%$c?WF{(ce|}llmix6j5ZW*4Nl2C+s0A)f6R{?5U+#%-Ymx0AiNH|lp?Dvq^N_S1g){a z(^f;a9)&Dp3hvOCP08{y?4txa(It8?5TZW(AiE+zW4XWRgv3OA$rfByqsqGC3+>IR zc)7sZc&oao__}bj6CA`lOU&GozITLrrgw_yUkJOsraa7ik6j;FSz#$QsW0L+mDEjt zCRQt|PS6QMXcoDJ41T4)7bPv4S@2?CcHNv6D`^?@owkwA;c+7FN?R)i>;1NOB}p(D zeM7SwR_0jO9VREgFX_sFle-GoEbq{cM9QLR8bNd{t{I9|yUtXtMu7V2hhzLlq3K`p z+l-~iqMGKegSZXC>un6fE~j@YfWJGxFJOSvLbH{yK4#IQIvZtnzmHPUDdmmv=nOs( zWT(-4R?gDU#*XAHZ}YHsG#83|Q;6(_yksD>{~U#n#(A>nF zykP64BRRSQ=O~-8@8Vk@ZJPF9 z#OtV4#mi3sYM0?Mq{Hf}$GXVn9JPv^vDS6Hmar~*-gh7%eFFwZX9x91__Lam& z>5E68Ft!*Z{IbCyX};o-{OC`DMJCh%({k0|U+ty3twyFYTCmISlC(1OY+EtAHa~h8 z`Vlo`sE)&*+~y&r$cG&ThZ+uTjmX>e2ra+srM;jPyQArMwt3#K%+#sJWOqq$h!=xZg9n6)ZLkuCWNb#I6YOS{#ee!37@81xKJ|Fo0 zUFx2Cb~&43&{RK7SzfqwTqFZgtW+GFfL<&Mh*A)r?D7LptO{FZUyB7VEq4&c%RQ$& zh(~*ngFbsXNU7pgNoPga)7sw9?iKQFK^KIHjC!*RR2oQkU_Pye9G8@L!iv zicDemvxq%*b$My$X6M1+z8Y1}uX$y&o}cxAjqnrMTr;!SR_rtdSDWRIN0NIr|4jXd z2lqA^!Ex~K?!q2^BIKQjD?h=6*gkVh$FYvT8TS(KmbF;dMJNbuqqO1<{s;X2E^er8 zs^%Q|i8=k*T}jASJ=t6-wR3_rQ-H39610MZJHS@^0INy@r?Rzk5(7`pzk2p8T4|?S zO()J4;+1xKvZ>;J$b?EeW3s2V%$C}3shy~Ip(g|VGMIsGbIT+1nUr@vG8cO=+dQ5} z9;WN(nC~@vd_>N;pA8>Cw}fk?VEW<1^{x zGe%ZiN+FFm#~((JCPbcSJ&{RNjiiZBxMr2vBC!1`L1>AIMloA~4Ge|hTVL^vE$J;6 zwM5F5Adk(T9_zdEUWDPjt!27~fhERU zwbpm-55W|(_7U*kXiJW_*YKxpYfEk=NndIk?9m8^C%tHHbEjK#ff5Ef+%a`M0 z2Jk(5`zRMLpnoUdP!(Z=Z)iyuXk<9PzWV0PiQXw-J-U3^^+5a57JlIE?rDvkDHwJ8 zZoK&b)3ArkO?!XEN>laRoL61I3Jeag*f`3vkd)i=c9q}kHjsEwK-25(7;NYZ6IhF$ zKLlwG+l21eZ1Xeia)4lJVV>YIF zj?5K0Dw$e~QiWh-($py9ro3iZEqQg1$9#md3M3pXVyfv(ETM^E7&w%;&!sae@_ngT zrLTxtLCc%)1(m4r=m)auy`-hmccSg-7K6P8N)t!QjoJ)1rlD;tVt2UYs$f(xvZ6Qo z4v%mpFP&NI{NSfT{0J>e0xASob|uhL0=A6^(U}x?3bvsjg`hdPl48ZGC99QlexTk; z*IEpq@o)!BL`RtmZWn#iU_>2|RP_x1OMz$&({vp(v|FV;XSb}-dw#kS|KLSIr$R2y zSULIr8ddl|v)P%Zc=ks;UuT2sxR34j!5j%K+MzFUj1$;ywf{4*Cri_r7()9xR^$Sl zg)DD?FiN3HKA%6_r1y^~_&HYA!B9zkqdg7_n-lU@TDK1~U>Mcv(}iDD53_ruvZdumnMDS0a@1JYss!W9_yLLz`u zhv9yF|N44L{;cKB_ph%}VzdEFO`!CtAs--XEhi@9AV;F?);Kkhx3&u5W=mQw!eJPc zNKq787OvMhtr~M$CHZ2(WJqO>I~^iRR26Ep1g%H+{`GZNhz{K0aS=6RGJrPK>V_#5 z*Yrcb%jb|V;j+$RfTqbpGgj;$asFMEf3IY@gXy)dnmBM`MdgBpJx&iB`1QVt_`>pA zdky$XLm2n0K4PZRal(5F`L%;Knyrn9-wDIn1`|9T4}4$oG|3R1+v16* zlp^a$5#Zeovye}RNwkAt9LoTJrzuIT#|se=0LyGC-LPP8G`0iV`PXJU8&w7p#`AB_ za}vmBe7$7yy5?0lWy(Jc)^gbh*hqyaAOoC9%Vf8>0YkePk$CmPPo_^HvY4&b)%_{? zgK#d^HgT=y#-fEUZYeK7jo5rQ7g@bxrI$yz5bj4B)AQ^xUx_=r)q|i;E4x8tM5zht!%jER(|> zILPIGJILjS3o=IZAeSHH@`GG{U^~O@AeVnOJSRmi2QllSu9o58vi5Pf2FZ%7(H-xJ zYi&Vn3TdYy*;9}gt^*hj#F?6sZy^y798DGF1;7_H&xyE?EJ1#L(Hi;izE9ZiSuJnb zRResLI*qT2LjOBM0wy%W4{#;m!X~d?y!_*<&}eCyt0lc*r}~Ap>j)7tXL9Q6Dfpqb zf)b!Sq`D+cu>RKN%b#C0xncL$k-Il??^^4>zUKC8^^ab+4|LUTam^+&{`mF!DPOG* zkUfz&Z)un1_=^&*!T4@Sxg=97>%=a{@Wq&PDQE6G-e)46^y&BvmD_)Kq05A7EfTueR0Iw#L9$t*M2)+ zIiM+41Xue}XgDjOD$^a=F)W^v7KcAlorgoVB99D0RLYt)xh#%gb48yL3WXabQ{fsczH#+buWi_H89&D1BRm1C+`ymQW!wArgjnF7KMwpsRkW%*d#8Q3 zywM9M85VV%!Sv_mHGAdwF~KA&YE^As>hEmDGKdc$yv&L^2Xq=%+OnWfrb3DpX;nEr z#jLQN+9QzL)Wkl12iX%sLXsqwi|xGx7ra{5vuP$)-hFsxkSMGBvsoc#XDg~lp>M}Z z@>yL8sW61+O!38p%52FimQ}T6XLQXcnJ90y&@M_fUFE+}YnDxDnNM({+Lzm~R70(h z`Hn&0X3wE+%QB*(1u5&*3^%lUpR7f$Fv}LDEm!Dr#Y?>u_oguGNzWETYluxv;VNl; zV@Mbw~Gxt*Vtr}RdxQ3XS(yF?0>drzjU8y&wc!6+wArPCg#!LTX?fQ2XO;`zzi$@mwF}{ zVvnllZ@Nr{p#zlpMG)v^y$;5Uw%Q(A8y!9t5rqi z7w0>Ft2?;Qr2WE)a+2OnQJkw4lO|^hB)hef3n#+Jg}uMso=<=M+vyWqTBYw9*j&wC zn`S~Xq4ZaN?C!8flgZ>!W8iqMrC9c%VkH*nwPjnLJi6g!{+zt1RV7yM3{Qc0T@I1n zD^}5*RuBk4%Tl1p(A+s0s&EC9lLafMT85p~yvUgZ;`Y=^y{)dp9?IW$&0uWyDzbB+;V&N}16IUXCgH++i zf~)FJoj<(h#s;%4YDtS$zmYvJg#^5(=9?=MHLrNNs0%9nmmU#BXL#PE>+Ac_Az+$}V9nj|9x?UpwFA_ z6w6&m1M0KjrRY&F^nj!&@DlK!CA{=aE0!ser_(QgJw;^GlHD=cgOC|^+LVLHv8_Qu z@{dBtjF!Jo{oa668uT9z33k9#R|%q*>+LY=T-cNsu(th8%wB7KI;IH%6P&TaMx9iG zNLESCi~{#JF+)%ra6Jw5pw}i0WMA_Y?{UkuZy_cpDwA~0NTDAmqV#lAV-;w*PN_** z9N09JD3F)Z_RQ0-TYDy?oPPCelu`~|*Z22pRxYaLwsTRy+umFt$dET7J@a6vXv+!d zqxfJ`^n<>B_B=;;rMXG!8IQM*KJiI%a8B38AQqV*`W$%F<@lk#)rkdv(7IX*$^Q{d1ZYpA{{~UMP^V|kj%R>WN-&BC&6x~?^xj3G9AU5l zqRaTP{T|r>RnmljfLI@RG&PnrA(HjM;#jweVoi>$Jb;w$Hh-ycsSguulN@f79+8?7 zj~a_ceNgPyY7BCrMYZT=_1v#nyU_eMj7lcMq0Qe=#WNIyGpaQhT4Mc|=v3^6L^;#n z)l55yyB~dHAIG~9dg)9d!k-ETC`N<5hwpC2;clMv#-`~`x`S{$vq%;2`q?jRS9U3f zwx&wm37KAj^L-cT9`E3cStDd4H3fIT=9Of-f^vO(sty-VpdBur-RAFb@eF?Jfi9j} zF&W#nABpSOt{k`ywgcBWaGkypefC@@E*pZ}`d-|yGMt#wmzHADyU`R+b3=_(njG*J zFmnV`W~_h3V|FEDxiUE0+yl~VEK@X$u)h|$W0ADX!FZ|^pB2o)g!hEI?ovx9!tfr1 z*^Op&Nr!aQ1@%cWx4kpAr1=_MBy3O2Y;Q%u;z-@Y%qxL$jb~a6&=CI^!cXkFIB_C{ zc@+@(29rbLb21lN?S02`D6gDW@ax<5I}N;I6J>4uKsHujaM|$lh?M%}hYv(rqT7#X zDM}&1$C@^pKQ_;kY$=2?UKq48A1Uj(5+%t*QSdP24Hg7IcR#+k<49Zp)`-zG@7TDn zW@Ws~Kr*!+a4(rIE*YsBT1_2bv%Wb1BWyoFi0HW;<|nO@U7CjpwQe)x2e4s9Gv>N= zIgAY4s(ave&UG~ka_WX9$q zfM(9i1ydm{E0TxYzI|K$v6YAN`;xABMkKqF9Q=pTs!14Cp;&cl(l`L`9MSmO1M>zz zE<+cTb#(popE%(^O6=>8$Qae{ewtXnk(hg1EL>B48Rzx)4@r_(RL3il=jJUeBkCgfexQ#XvQBai$k{zxuG z?2(u8N0wAAS0b#SPRJjrTE2-s1^akKW1ob({!R2Tpq4O5AeS&wpqDW9Krdnb-R_Lh zOMK4l{m66QCq0*FBw2~PF1op--PXRH@C}IZqc=_=)BDJ2nGhHoIjndOm^k6!v*7@t z%|XX2bpxv!G3Iv+0?}>0vgUwvL3ydHBm@z>A1X-$u{XB4;t;?pSw3y?!sF>LPxb<< zU>Melm1Cf{-ZgKTjd%gXpV_Rt)nA$Db32*{R3(zamxBQ^yCr z2rFzoLwxTJx>eAONy(JUfXH?zju^+wGK!j}$)&BLq{rBrF0A1Qp*60aK!mVcJCm#c z2hMHjHYvL^BP6|jYY}nGVK{}09rGgey=A4A@G3>YfXGJdoDHAFTm`hsc`^^~n1P~X z?Pl~idXMS)w$T5@^^40(QZTJqsZ$eltWF7yTm0`>Q4p#yr(0!0#*1$>8r)y#9R3YT>Ty7QiA*A6;t2UCZ9wLr7xK0L>t~YsP%n(RA3h=|=04E{= zkAeA21p3?^4|o({WGXo4r|c53?EwHfQz1G>&Urda=fmIwZ-)>(2Cp*}u`>m;a|CMV z_E^DbXu%JM7yR*9$$n6Sx5f=Vu%~}7_OuO-@OUKQe`(&7^a+%`Vz8^jqF=AHXC*o{ z3^0f75Hoj(ncHpt4l#3s-+G`(U7KTYMI{Yef@q#|T%D`LbDp^D?M%X^;v_nqS(#g0 z5RA3^{@v?cCksGa($nn>8^pH|A>4^|(4~0xT!Nh~akf&-NYJbAWqPF6d$eBYiJmhH z^k+gFH$gQ0w&Eq`h(9M!qP-3dE*_m_jT(^$0zjzxAv-xi^H5*|t%E0J+$s53SnTcX zY?v&@UFl_S%DiqrDTygp@J;h+3*C4@@UHeAbkCeYS-%%+Pe`RU9M z{iz44(jQk~de>sOXl-j;{yn}HIlS1;5ytBsfpgx}RZWXPePi|^D{94WnIBSiCFG## zCq5D>KHLX*LYoW2!|z@bwg3SHBThctBfReOr%!(SYx2^>|KTDA!pH=En^a3F>cz4> zD_f68j*M$MN)Bmqk=(;#VIPDrtt+vj70>j-YCfR+J{mBKIlCLal`2~1ROWsTyp_A& z0|+%=@Un?f`9}c-#uOoz^eznKAXlbeBO@_h}j#WBSC|}d%j|#PBT}TX9=BGOnSS(roVxK22$xr zDFTLcn@V@uO*Q}5OQ&mWaD%qr^8UN|u=zSg-kYRs+qS9WC0k3T@16WP`Cc({bhH+- zIyxfy)?hU6!CS`Gav1Tlng}_;?|KDHHfEtvXjDntX0NZ?#tFOap@x^;_bmwWouVFl zfUpO8c3sIj+i-ZlxPT&SW8wr80(%b8j*)hVc07a=dF>GGc!+k~XoqOW;7||jsoM_G zj(+>hcvD)mBO8{*Nt(cCLK{KooAUxVSXkUk<8B9$FVYSo-+`xk?I7|UM81u75cz^b zJ+P;4JBWOK`^^ImQQ$E_w=8^`C zXSPTNMnIhss#zSy1JRP$g6p_PB!dufI2s{Fs9z2TN$wkBUSAtrnX=(}UR*gm6hq8Z zVAy{6YOTc1kn(oclDqGwxvAET3vqRG+ znFFYAj~_wuRvjxvIe{Fsu*`|yZqdhS)!*=E&i_<+%3IyQE|B+2Zaau|_c2B@uVEsf zT0E`TB4YPhF}Yx5t@&JNR39@>br(4PiJSKA#FAM5;6eyRnU2ZxjLz8RU1S6q;O8s4 z);s^dHG76l^gm=xxl~hfK@=|+#nAru-!R2ReBzoeS46MEEiITSc~=rvz-2OAy#sJ3 zQTHtx+nU(6ZQHgnvF(ZNJ*3Fq>583S|pZU3VJ*F`%CDS0KaW^JaFXO-sByVJ|9ll!j=ls{VV3zlShYRKf+wB zZYT7@Ss%fuSLCg5io%-8 zTvqP-tOD~h<|nGZ|6%_K{{D&c?Z3a1?rU>-z3+yTEM|M&&Q}zA-`*}t4YCA$?+({A z4C3!0u^da6DhlqR?z4NB@HQm!ewf_62ue;}vLz*;3#z$%PfT6Inp_SIU`QCU)i zb^^XX&%1g!BPo+WsO_X?o|V%2HB4f{NmlaR9qe7i)%Zm#dLcmZiAY4Y!AI8#b5>Le zeU>5r0xLg|^2Phnx;*p!_u~nGv$5AvMn-2NaSNddqt$K8Um?Ie*n5MrU^#UV2geS# z&m{=V?%S(0&X#+x=o4|4OBQz)g7JD zIoTYfMBg-aM6>dF-qc#E&0(`qRm~Hr(B2d95Yk(}84XXjQ|6Ty3G-e^LJ`iT3BQY- zlW1M1*|E<1v!s<#6>gfLnfyTz+tM({pB}iK53L1C#`bDjN=|d0BU#cbe7;asmD^vx+o(-5YQfcMHk`2^1)Z{%s6ku#dwk{;ppbV#MqX8QXCUeP z#vO4Dio$QR)(3NXWo^TrqrD;9^a$SV?fRLssxWBmVnJ}c#X`&~lSdJq=3LkAoOF6T zy5T)jQgd6AQ|(c#i^U*F?+FYiKAH5$U8WPVupTWzxB5CyRW*;=mwj~m;$hS_n_RAV}8%lnntHs5DeQvBjK z73nwRRhXQm4$P-T#GUssNnLbPjd|jc7vE{TId1@+M-ld-Zlz$YM0|Mugx*pjxKhi$ z`EZ_+qmBl7Mu?4qNme?vdP?2ForR6qtu%5o8O~ZiH`23tAy+}2vO@D zBOQ2qv$uo3(>G6+8cU(AdUiaUH#>sWoB5i#_GSB604io}PymdPGQw&U3a)K83)7;( zJT21zTU<{)BC!q9!^l?300Aw@+aJQCoF2Ex7>a?rys61av0nkBZpQaEe=>Fe)UFhV zeKqSXFy3SBe~qu7?#CZj5UW1=CTw}??(A?TC#;Lr%JR3Kc1w5sz8v1V-8etP7QdO~ z{UxzMA}+hzjE)qWej7ypCL5FfO9>?-g&j+FHuj5Gg*tM|;mPC+z`TxT1!dBV)Kz+oiry7GlpnZq&ChF66@#g_@$qQ_)Y z;w=_LLgL8gD1&eXxm=gi=zO})e9E?4fc$b+3nr{Rn4DALA_=HCy< zDeqiO@ux`*1i#S#VcH(SddyV_z_jlx;5bDH-MtEMh>`j0trRobf*)wO^*)SI@kkM> zho>Si=&=+bxuj#Ps*`k{XUq(f-2v(E74HC+#{EYUZ?GUXUlH=QG>m{Qk*f78;$W0CN^G=wBClO(QryUQq{ZfivzLOXz+Vo1gP~j=ZQ{Y#a%2 zwWoKMdDIXuC*T%pdU^^GMQ+smUmgP@4qB^(8NLb{8D0byqGq2cH%PE2?#SKK>BM+> z#UK?GwC2P{Atfq*R&W=dpA%SsAI{;=N3_eBf=zRtVs|QvKKRXj`obUcR zQQpibQ11TSmewPqZxmirY#motVq7)d7-Y`Dax0XpMntnb>DVpUV#ap?2AiveBJiWA z*eEh)tH|0gUfsJ8)QPnV;d3(<=VzOxF>N5|yPfRJ=c<%MqJ4HOCT(EH9r;7#bfI(t3L#&nI>#R(U&bori~!+}(L3`)LIhMw&W^$SYn~S6 zPaU`=1@y19o%Sl9raYgz_xwIU|K076j$~lsZQ$@oU7Dt*9!=p?4MWem1$YG5Qifut zx|BOuOutqJb^x>(bJ~bSkf(>iv0DEzI+ox-1Q{OOQm{M!LL(9A%!tyE@ofg>?s+2< zvj_N_6}bS>cy3E%4(y7=HA9~LWRd-2zv5P%lG@<9a~{Lem3f{#_6Lqd(%+3K^{&yF z)}4FpI39=Zb49N`Z2Rt|Ep6cTul6&DaqUU79T>NRCpY@Xr}E){pOpjmZHQzs(w-#0 zNsyqdekgI2HamTeZ|0(X{VuzW2oX?T;yoL{^$hRpV!U>}ge7#8H))iX%MHQtD;jEs!e#{iv)wfP^MjJCK8LizRs?TXO;|n(h;-T!9Ckjzest zYN;6F#?Y;RGpK`kBpQu{<57?rIM5AZ@uRFydm@C15cvM^t+i$il={8hj{a``s&|C^ zvV{7w)PJWE#0mwQ*^W*PC^s_9WC?iN`!TZnv@M(B@G-h!Kt3E5xAfEjP5!vJjX{z90y&4C>Pup@#G$Yq9sB-Boe z1n#aJ=Q~i^-|KP~wR+N{tZ(pQLf>8~%3?dv9=3|GSaBH>_2ExT=G98DypC&HI^3Jm zimtYpI#Qr8+ibYy56&0Hv`TXRS#3#HG~U=J8g2m>iL&($M>5%HL1eQ-WH+it6^?@x z&q52z>KkKnu{Wi3O17g>^(>7y-AF8D#V)YfSk9j~m{BwyyL)jY|HJr<;HpaLyso+A z5*2?;Y1NuYBAi($x{*KI`G<2Owdm3g^$wRzsw?mGaP9=G!X&uRc7tDXy#+bsPPqz% zl+I(lCaX6hAhjj z2Zie!Wf>qccqG}aLTO;K1U6UOkz_C@K5UkVTNI&|7<%+%)|s3{{{BQEDN&9|7;qU# zvUyx;hQB((lo7^G8AP;X$v?12yRjD0wbBS{r=PZKjuG^&UdqZY8DWPKJB_xVQ^Gyo2Z=8qFeF$g_f!;ee~aB zZ7cY%7Z)u#HYx8$&o-m>U!|9;lF;7nlxaC5IF}FOV>#e%vti= zvI0P9mw;2xfn;0_!5}p&Y>mp(WdjS(fAPRUpoil->*IpOZExd&#Z5o0-Dd{xIwJ8R z1dRqF|1{HqBkEJ9E+y*i+&m)6-g!!U{s#r78vv|27X&$w!o;f+DBM%u-evSWzMGYa zJDC*9NNevuFb7<8545nxqX8K|6H}7jW!BJpM|L)|^9-?hh|z|~eHv1s>v?m!22X#s zyXy5_#}$k!$mz}cf&s_oFHfy?uwNl9*-YIkS=;OPHvGC+ zIy=+*6_h2g+otz_r7*WlenOo3Sefc{R)lwXsk8|A_3O{8C!e>A9r@hV33}hzzT@9d z>#V4W(8axX2O|jHtQoTSY^@v4zKivU=rlyHhF?e>SKu(l`sO>$W zDWUGr7N9VLXVVjEBdk_>KzK+nFMT`MP4tz2BVdkqD@kfHh9%0jVJG5Kf%We%KmD`u zQ=sdA{;|i#(b4~(@MaxPg1rZ=;jVAvrtpPAUsy5Zdzl1u?<1?LxzF~EytUbtHAaet z9RG&VAiO|7abh1X1Ha~?5U$M%4)hiACC}Q;v`@iuVhGSXBXdJCy zyoD2>HC^ZO^X3GXI@R)B*57Sdx9qoPt5@7xtH0?Ae$g+%ogFm|5ZuhRh9kqDw#{VI z{Qt6}db)e$n?*uBHlJt`#$|@{qszot%-6fUD8F1y@yO(tYauX*LyYgt%yYeaooGo)<^DMOG9)?Qj z0{x*~3AW>>ui%-Q^le>S3X8Ny*i2-+CPSKf5s&pv#j2^v!%8MFT&&Ru?3X`;?Q~}H z@DKl_zKZ^*8l#cZCdRTR{-n>c!va(N&-(E)oYD>%>(`MG+?BxT{iBv_$+gl z;Zvbm#NBJDz3%{inH9oG=n?$*oS})}A5phqaVq))dHZ#cn!m+RIMwTpG5gCFenH*} z!x^2hldw9>qxWxSrD2~LmhGGjUDL-2<~x2dPk$=`)!B0xizV}~M>)T1r}AYNleY?t zL?$BLYO!)oP0)7~e2s@tWHl3hYz@nKzz_e0G1Ri5i6NVYDO$lJYojT_vT%LiPQnOxewP@oa<_;(*G6>%Xl6@cBO}PzOV|xdWB}7>54oSMq$^JCE_?q z9dJ+Oo%LSyKL*#M%#5MJN=2$zQ8XXhQsSB!$<|KN7`}5-x@X2fiWk(%j`-}Vg zs2v2hP$V*#q^8u2c*2-7pq$IQPHWuM*k^B1`l!*0iacb@?zqd4Vk3qYZHF-s;R&zP zLtNW{TW64})`&`i2Df@8R281{A78e-8k;O%T5PP)%|>w0s``Xjq4dMt)^gr5B@!sy zy$V~|-cXpFRrRpc3X!16>0*c5JdsaKzI{dOU!nn+ElNCN=a#p>Yr%KB&B1pLiueT+ zgSf;(UM+6c`1B`R(mB=%1XK=4C(YozswqWXmr;YT1l7uim&SD@IN6>N=-=r#7h6b8Lm938~Eg7=0k! zAl^f6*)G{j-<2*VL#s9IPl(EOcpBs5dO15jQIoaoE#=4UQ)Mir^jHW!Yr*&iD(XVL z?9=@UhoYCp2qn|Ef-qT)T_IEbiyfq!kfNx@asr$PajoO8-AM4aoHQ6Vv&^elze$7qox&$OImBeAs*Od%ZHUm!{nMC0Pq<6J%|vIgWW$p0SjL@H|EeNI~jfMPvScV#}t32e-Ynx06qANYm=WWM`P=v-n45HHP8dO znB_S3Qx=Qq$?WOm$6p{gkfxAi&aO{LWELjJn`wH(lyw&G>Mf8rE0PnK-6b3P%zYv} z>A2S!{HBcgY2F1wE^R+dEnJz}o>7~Ak50@pTr>nEcX2ckK^bE&bX{g;Tnm~!?IBys z0>xYQ$NZ+{#JJddVsfIvY|GZ%f=|UD@myg{GnA2bPRawOYR-WG_ymL~+XuY+_UD9yJ)5ujC%&lEaHG9nsFaGzbwiKGY%WuM)!_3lutV zff#Sb0BbC@e#5mE9?>a0g`vAHJtQbFEsfU!ibypcmJM3gJ{&zaCB*oM7g-b-4Z{V9 zAjoMWOecntlCSn-`~hL%W>@*m8(V<2{T=U5tbfc$($I(mc>fER=B6RRRqb=F9o6rCuUGKgt}`7r z;|@%>tY5c*DJls2fcY|;M1FZ5OB!x^edj7HD(J$#fr$-FM zVnZiVel%782#ELEOg2$9b}=F6=T`>1*8A)cidMO^1bA9SGsA?IwMAHgjWdlLtiH8T^N}$__b*kLNkvqNrbRbll;iU2)+&vGOvT4Xi(kBU2LjQF zIg2vN`wsJqJv_d3?M-yovEWJ_;_u;TD@P1U@EsU<$Wysj{#@vnm5hKbRW>9l2o0a- zteDq;XW-7FD5?oTxlC=A#3B`m4!IaDM|J%Orp~W@A@&!?ZOGlVrfiVFl9)Q3H z(BJ)qM;7(fm~`l#HgruA75R4_>w*c`oyc@BwI+~yuX!{CE=L|brxSAs z9d|++{HGI;dTTAgH9m7Gh#gLycrHhud_5F;o<4mowT=J}L|SNRnw(;5=N{phZy4(- zD{Lp7%2>-ODNHY3LydU4Ig+L(EWvjLSKJ z;xmfuJQ&o!W-uQ!ny8SeNhUbTNHDIJfO6vnVnubI{W8`-2Q6pQ#z8_rpBSCGoFtKzp>Efrd>q{$75n^%PcI~J40c-kzpqB_vaT< z5AUg!mK#%XCqD^9pVi5O4|Wnu2wvVWwAEw^ff%&a`LFaVUnY{33n3py#9e<+#vPf4 z9q>=8aflPqT$zSfKkq%;p_(ts^7TR!WCC&oM^(6jd8I;8l>?H`a`O!#)TpLlatwP&xy!r=Jl6VP^5sPYfM)5BDbHhR{Otu; z<*fSfNY;@-mr=oa%0k5$hrEc=l~K-kBi;Z}vQ`3oR%p-~(@DE^hPMpSSb>?ym`#xo zui}$?*_s||17~DaAz47<~kvZgDKd9eiRb5Q<<;DoY;O4#9M-!}Shw3Bs1I?#~ zIKqV+29)%;BM=55BlYL2@eo2I)cysQx(Og{8&(_#mSUU-aS@bYyb6eQ5R{Olxcjbu zrk}ChINd+(4H|dzYiUi)av^Z%XmsYb+i%K|!_8i`_2;o|4V07|V1jl4R&4Qd{(k0p z0lFbd0J5C4@{+!sTCN|D^YD4uj;rSm@((d_{Zr39povGsIdTs53pKFri(*d&+~7JgkC$JxZbNnTwDqm&xod! zLlvpz&uK2EK5_TI-YVOObWnB*n9h7q_Ys(Hlnvtq@DUgvl3aej16Ticxwql{XCL>lAk$ARMIS8rIwF(HepPZayc{NE!A$&W|MB4Plm|L@^- zv@8M~pMb5to9VZ4A^Ebv2q4HruK)Od20XslE}=bqAX{iV7*&3TxPW=*B~!|>R8Lmd z1q7f!e|`15E!lc7jKbB1pAym9(uf_rI;RR7CWt!sI~Ob$CI163loLXD5Ks-#Oz(NS z@G@jar7NyOMb1;&c*^#|4@(=cfjLXdqm;L-`a$bW6_<+~=YyNSeua!=h&TxKk_dYp z?7KY;^IzLJIcLtTeGJTny=``_)F=0yB#_cJR|4{3Lr|tz`TQF^pG1>RC^8wk;Aqd~ z50tCh^Lh>a(RS%ESa*aMa$Znm)wRj3syRwJVzoA$-AkDiuG(p2kzb;|~8y`>7@?7-!7n3+QK2N70rQOMy{ z;h>}#b4uPXZu;LS$I&~=pKlqU2&Dt^IdF-g(muGfY1GC}N=uvV7z;mGk0N;GIAtXB z52<#L>hlku9#W%lCe&4??@L43$5oJIq_iuZ6R-9G4%r3=U_J(b}W)3W1$r zL20TUl~@fsc~??Z@^FA6>LeD|`HQBfQaOZV0dG+Pj-_i(t+=ofT?>UFDm$m4xiEwV zCGS85y~_Fr>f9kA{8w`nZ2BZyFVQ9XbQjLTdUWmjwH1H@s%39R27tVg$ybNxwbW`o zpq=@9KP40Qt6!H>^iJE_IoVFZqX6y;0uT8AwGcGAOSg`2wi^_C05xd^UumAENPU!%VO|a!NB}WV`oC-7&udT!R|9 zou=(iG|Y~8lO&$m?}_2Rvin@h1BEt|rg9K@-{`zGwT7-dX{xH&!7DV_&1{j!f6}(^ zf6Hhcdzz%uho@81s*5(aE`U7#pqj-4VC_dcsI7Uq0#V~s{IJQ zxVTzsdI*=YtDXrAHatMSV41L`cT+($r%UFYuFSd35yntplUj<;Ya@2ddcx29DMmx6 z8WaN`DONSOAc{f3tA@@A_PSMRycaH)GGc`9!Bi^Azf0-5SPoOj?t8)U&zG$-!foxG z28%CnCC+RyO?ja8E+p8E%uk;xka3zi{HU82EmzxS1)_#m+qdr3HzafHVhNI)<_jg6 zoY}I%T)g55J}59tr!!aTEznN!K-5^EePx=UeUXfe^^5QA@c13b+Ms=1VTODsxID$| z5TD_OeDA(+4hSHh3+;c`D0bCC4vjU4D|oPi2QW(|D#usiX!}Tj=^?;2`%01No7!pD zsdp4Xs}Cv4;@&Cd31NDOw1jb@B+1`I5Dl&0cl)oU)P={VVSgc$>5o^x{YFX zF5&jJuhK~kg@#Xtcg}Ig*%y~r)&c8-jn*G4TV?r@M&i`tL0Y_W=N5w2AG9!qKnRD{fOX-cG7FJqy?-@KjmN2o5g1< zV?fW!9lS;xt|99jcTTtE9rHhc2Q@wa_H$hFShs1DsoVhYn)p)5iiIdwC*=6LBijxm z%cBsR@j;G_%#0~#@HR?0zp4_`nq_3lP)^ir7050${owf3rNw0LnZuK0%VqOGCVwVD zW#Dp)ac4NlG}i=*PdBOvnPTq58IONOQlA0Pe?%j91iMtkkJx@RD$4k&^ibR|Q9x%`-xGu$v9Gad z4-2Hf7_81PzqhQFE{MSQD2GiLOm;@RIM`CLHdk=1DMxCM!rkp6XS1?TdE05PotUqx zQaXVh7w;%bX;`d~Pd+cuIBKWe3Uhl?TT_4r^HuwAqIi$_=-7(3fhSmxx-{{}>Z?*& zMCOR3ocM2M<)j@-Hs}aFS8lWD-K7RKmy7SMR;mDarM0|I<&XXPHPP^275+kI80SFxW6N>5m|sn+0Kfg?iU1?@dS-)%@RmR^aOGCx z#1`XLj)8v%QVSg#Uh0H%6qe?3CWZ;O>A@sSBm>C>xZt<)Q`S_xGexHNVgXP|j3H2!@F~EL@XHa9!#POz4&%$onbJ{Z89bARehA%9!dVmF z$>M!*6Z~Af{j@)9T)ZJP?r>baM~Z*r@=F~U89DS!LGYz@8@!`n4+T*N4nHj|VYOY< ztOTW1J}zY%s*8MQE>kMO5YzCw^qxoM>KLjRqZ!j}I8s5Is}c6Tmr?Ck=C0sutGEwi zyf*(Snw{Lb>3Zz=OgS^T>fE&b8LPFb639R(JX)3rcMTq*3U`j>LqGHplH%?g*LmER8 z)Z`W_yAF3fpZX!TMMjAw7emIGvuVh$+GOUF@+*b)bW{u;L-`14`6!r~^0ffmUw01# zOS39`pWo{emD@8o`Y7|c&#Fdlmd|nestO&XI1>*!fxSKFx644QdNZUa<#JQy*ooCp zivkHvw+(W#4Ro~9GNOBfdM6nGdKw!J>2{`wGb3}fnZn*HV$|>QYR=SBkGhg=xWWDq5cGx5Kg4` z2Hlg3t&B90AYO&J2_V`?D5vn5?Wrd>?-|0XG{_XURJ1Gip{TH1!+NSMOB#>}7WK^X z;3o1XuN>aY@m+#!L4s1UMXXCTUTBFY=DkK3!+PXjH( z@DCP^t2*}lQx=mlE>UuR=nT91Nt#kJYyc_W@3x5R? zrR$5UC{vs9CWCM;qNu!1&WHSXPsQFYsz zIa=Vy=~Q0+aTTyIizx70f1E}5w}k9^Nry6KESaey2eLdAL7RonJhn=$bGGT{Iapw= zApz4_T-D3j&{WG#x;SiEn~`}a7X6NxYy;%~T53-btDv&0Dk!V#N+=CIlT)d>X>!z1 zi227N=aFNQDqr7?w+J&W|83aWDChWyW~RcMVx4H_dv1_dXlPRrS4sxRmf0*8sQuR# z$SIPhOXMVxsC-`&`PK(`d(5!A3z%W3-TAcsdfLC^mW1~bf-Dn-V>=x!(x*l)f#?=| z|6gvDA2qTV{F}vw2-$wQ5W}f2HB&V9gS~jLG+Y5hHW!C*U|C*s`st8{vK0cF?OFxkihX4~rT~ zgFctA`KVk5{Tu^*gRTxve|IEU`Ue?2;{iP3R?x}vaxbFr)Gf1?YOgLg5_604sO1J7 zT-ZpdI$JZ(b1>|?I|Nh0r)97J{M4A$=AEPru)a{RS%g%S08BbRc1)So3O-S&=1Vf5 zzf8I2PY+2HcpWCraP1zoV6$N_Kps?y>$qDX(-I4U2t=;IhB~+K`p$Pas!Cj{HWFrB z9~5gnB-?(PdQlMWX`-v1gATUMu#lE;Gz-{z1&>Hy(F_G|lw_*@DIgVb%2jkd zx*NMJ*y@~*Ow{rMMcWT`73H^VDhJdh2o-5>@xRLh_y*7Bl;pyJf;v^e6>@nl%;5A- zM2)KLryj)8o4%p_;-S3^K2f;;P7=h%e%;RA`+u&?&nsM;ICS|Dlyxz&v<3+7Rbw4c z%^wm$karm#m9eOJ!sv@B8>vmK0c2d6YQMB@9*pt9TW`DI>eN}&^G01iYQk!tIUZPs zZVqT-fSjwA>syrzbc9lf;fh3vo#--TAFisvqo!HxH?Fs*1Tp(gQ!Q&Q(kU*;{7mZ_SepU?YQCxj|~uX7bsLcnrPwxEMW zFauQPdQ>#X{oy4!8J@-mUJ9!t=EzqFL(Pz!7qPm$0ufV$ zXH!0UM8~Qb9aX(YRBQhPZr+eM5E^>P#zFkI=xo-6%lp8>1U#QJaIRz!aRdAYH<|4x zNO4XR3!|TmrOvmV=ofci(>RALtM%$~UI#kpdmpf3J-QPz(*UPr4n+>+7K?d`vp1E}1uf6Wf7 zTXRJ%73#FspkG|G zy#$<}pNCVklryu-8x0s5-{6|?^Jf6KBY`<9L!-?M3*Z4;Y`qkG+`5di5f1%k9j@C< z&~Bzdrz-{3MT-3=G#&8 z;Bf0B2qD1f;rw+?Qq4v4$VxKQcC;h&iHS>Pd-p?ZKIHSne)F+PwFUT44HJ%@i7YHJv$nES;)Y;T%tytpoY5-Bm^5kV7ar&NZC z`BqRe$@B1BdZ=0D&5ofgGbO!9{U*;XrcYOx5~6+he{n&p_lRztp2wk-G*volA)g4p zj^Dh#*pzro#YCKxAo7+`>JNzpNPW+0`K~kR(k4u?aB60n=qo%XGjQb~U~&qgUg18Y z(!7pgyT)47^eahW_~vuHQDVniVU;UhLU+-a!{j~#gIlTWd`viv=!^Hcv^S_)R17b* zMqiIvXWH7lgZSJ`8g8SzFL7nb8871?b)%WKU6t@5dMZ~E2NwKe0vvztMEYb@HBBrMSaiHc zmI1(|&#sN90JB3Sw9VSPHe|eith}pM4rMA55Sewh66bRki{67arddM`CuCi$gxTd& z$eTG{1n&nKIsFFTcWDBjX67YlghrwCGxW25J#YWOi!g_?&Vxyk2_-!|DnDpEsw-!OWKDVIu^Ah(XDL6onT05v0;PiUaaiFwKdwjh0 zM%^HuA+5#V)~UL8G?M}`YV9TSE268wONWBN4vFJjOFHP4^wEFss0V^X^J1t?>geS`75U`MfSJZ@TYnifmMOf}Q@h}m$fPk)zJ?%)yzRktebd=r9U>KG&c zAhADMC2_AB+FM&Wl;sT;`R*{`>hz6s&)%=!RL(07Q??9@;v(!dOMK9qPkiv*(t`m0 zx^T~zwJR?4IhzT4TVl}r()8yrdr-Ky#qo0$8$a2`l%ixr56nN>UgU5Bo#1v1XD z#h}dZO1d=oq+%u8Hz*Ofe%Li?M2pgBvfhNJ@zFXtgeDnrXpVXI@se()(Cg641fG_W zx*{aoD4SKRU`3P5cv~D34~aqcF}-)===8%zfsqXi5;;Q9HvKGhEV0z;oog?;aNYYU z?@{gN3wSeD2IrU>WdpK~@~rTNM4~{Vb?XroJh5NvLLhx93e!Dp;j5Qq#aWp(vmDUz<$sCZrYh zb&WdblAsdQxu9RwG6B{w7QjID;Xwrn;A_W`th&LK%|r?{Ht=qf2LO~>npu1!5(Z{n z_sc-MPY9@uC^jj(ZLQJ1deR~k6?N6>$zj^P*K%=}d;h3t26<;%bYyL(dKYJaC1rB8 zxu+M3xv>Cql8AaMpH&gn`D?q2;z}OvRG-cx-@~1G{(yZ#GN*Vb!o;kSDEGkHJ!fpr zYA0?X4x-yX(Q)P5*z6J!GV#kO$8*v9OW>KTy;xk%>pEU%0Sft|hda!f%y%BUP%hhl zTH{w=Gk`#dSYUa82$v;(HMPlK{9$fW2u>4YJSHaj^g(XJf>v&E!^nn7_{MSghEaI8 zraZwz>~&kggXTeaq=UIZ8wbRO-eE5FP;Ry8LDII%e1sGQdF+B{>d3}4(!mXyM2A$b z@(+2eT$o?Qo=d+0SA-*MPxqJ>z)iqKGtri7sGI^*v?iSu`D2kekW3&2!Ihol%+9Aq zK7;ni2Gj#{OlJRhf9_{xD{@0pE@t(4+*pb*S8ELflmyP|B@m!D4C0+`Gz_AZsY{=rT7x3KCNg5k?~x*lBzS`ZGxUWny;CHwD@;4)%p6{uDe zdQ!bJx_LA{(-13BBUTEK_%vNomjv5+Yzwt%{b)O%?&e3v+}wN`W1V>%j2y=nX1u-W z(J?(C6nKttD04I9oYG?r9eo&%SuHcWD(}a68x$?&ou~j;Sn2Y$3mpxfX@Z;i^e7s4 z3Y^C{Jygr4Rdop{+oCSP{250vSWF8Qadk{lSQ%1yd4N48Qh*&HM+@K_B@g;WC#MBGr{N$a6q%|P>&|jpS95pD{)XnML&xJyT+3w?{ zw=h8PN+-4cer;tU&I2;8jCkWN0@Wh;tUdyMH%=5m*BRhzR9WA(8p%Pr(-skzw*I=6 z)vgkZ;kVwNo{#qzjkPld-q=6OWm{F#qeu_{kS6084lpBC=C|Ahue4a2bbJeW7vI6W zLvVN?Nc62R4x0y{G_VSYYbnhxgAzuaHnuz7F(;&%m%FQ1^gmh{Aj&Lq$-p0YJ#~cq z*rqzj({orqYLQcF1t?~!)F85J+6X_Q4&#ehAGJGLA&aV($c@stm9z8p_#}T8#Fkf~ z#Lc4Pef=Us~V$Ijg8b#B4GLqslDu6`_q2W^u0iC2>_o36+w{?~z-2>_Q}DE*FsJf>=o0n?EInoL zsVvh~$fv%;0?!6{Is5#UdeJ&Jj7v-X7iuVclZv>>!Q}ahuz2Ay48bRWJoL*Li?c5^ ziSG^ylyDl@`t}WneyO+{_o`#?vDHaV3Is{VT>%zWc`2MhX@W?C{&MFL&y3F!O$sm0P8EvMgPY}2Pl2|2Jn>5g$Qbdt)o3yW9)(eUC!TaQ-_j`R z7#4NCb+rR1rH@H$J4@JM7!{wA#a`>;J}s^H5e`>LSSgY7;!nLpfuR7LCw4o1y!O?ByIyO(ho;2;)swaq) zwE#Mj*co04QzOB;hWZz5{57;lT-rGvN(NTG*=0VO^*ZD{PLP0PdQ|eBX~8F&^?#e2 zy>cc+ub5W+;(+Jq|Mon`F)ei2M<*O3X72sBeS=9H5SMWLIs4PbpVzwv6!~+V|Bv%C za2u0kn(v^MV*AI{Gx`5+`#(>JwcypAZhnf0s^RzQzb{Y)>vpbHn_8KJq&5lCBESbE zI_YnCq?#^nE{JmZO*2|`nKT%yvm8ONR(mWNuYnmL1@Ilykoz7 zKmHT&QW)S9eBZddJ?HWZd^ti0eBA!zun_+ddj%sNXb35y z(Ijh^PKB5DBJ(yQ{Ns~tzC7zmKZjz1N?+nA6Xh+Hj;hi|u_XAK!N%Wo zdsOk62u~l+emd|0e>)&L{OVFF9(@i-(}DpmB?HBSt`kQwLqkULCJL}UIq0s-J~wPC z`c8HUW~n}0ia#dIV-MtOB5fGBE8*8;ULw|L9#Ls!yPbZp3 zk=5XShC^EkxYcFE!0jW!BoT573`=i(JXSIFW53e8LpqNDpjo zIogwA8kirfBTGjOUu>n_=sD2su3+{qU^?+8N%*(=C@4Ds}J0X4aIiNo|n{_m6T z1B5;D3~5|~6xD_5aMf4och~N3yy_RCOwTSv=Y<>MC3LC(hqr$Wk}PN+Mc=l~Y1_7@ zr)}G|?P=S#ZQHhuYTG?M&1v3x-~Zm{?u&@??R=?PwKB8TidYd9S((4*d8qLqv=8t| zl}IFom4}iF5Ht%z41VCpF^0RPfN1MEmob^M8|!f+XX^MR8wSnfX4Sw z#JnMC?mK!OLP*{uRK`^t7BPKZrz%bADXZyW6XF=2A=WtiLo2lu!375rZvini5e5O5aJ@#q z>~OBtQ4EDbJq(|e8H$?{gOm~@x(P}NIoNEp34Z4(E{h+llLB=wRSQdq-$YqU*|rWL z{aD^o#ya5hvR0Dm<|8-2B9O}=hEqu{g_eiyGT2(h69K)UVFR5t>4AeX8cOgjg<3* z2^wht4Jl2j9a!QJ3Noc!TH2k!D_$l5Wd+1T9q`(^XG5XEpUli5T>p}X(;wTcuM}0# z?*@lc?eUgn{eq})kHr~-@)FUq21m(;N3N@)ZL}&G!+ArZJ>jSraCsyXSshwrKa}-Q ztZ89#T= z%0NdDv{&mKX#mrUAm-$*_DWY+*em_Zp>A%gKA0DLH0sIxvY#yHRCP*GH+`~E2@%o**Pr}c`hTvyv9;#s;^Qbc zEw$^Rw$-@jQ!&Pipt^#YzmO}x;PqSaNrqwy#bj#5I)TD77dieh?pNM!h} zwXdL)SsJzg*c`Y#2c^qVL@w<7_krDsW_C7yF;MGm&*AiMEGXT!<;cvrMdKX#MU3c| z63sIq;6-wOzXF!JHDbANrFBnGb009kFfI?l^E^>?HiEwnM>e%}&9@K#u4?FbTJ--w8j)m-c7BAM$4aF0U5aVRs? zR_ic4+GtajPLet%4j_dfvAEY|bxFHN;hTz3NVb6KGhijq)TA8Ihs`U5dGu;yQR10P zHb~Dn=D2V7AUg(i3v}q68Km}25$$befPbE-0hKWF?JAWGOH)WJB;TK}NXjCtSkira zwhNlnUi2yW+l!5g&U-2*g~yGGe>JH)dB%h%Z&q~8 z%F;g5pQEaBjaF!Gf0?vXrc0qE*o8vsZ$pVzAQ#>FSw-avm}R~PE$S3;NvUu`J7<5fZoc191)vT)=Ja--@#6KU(4M`5jw zCz7MgIe413I-%$&Lr2Na82pwnPan^I>JpU85sX~#QPe@dGOrGTt5i%m zJa|W^s$%Xowo0E-P8flwNNh(F;Rk)NN>R3ICF2p&k~*CVWwrnd$4?9 zixp0Co6vLHe5+Rv(^v&=Xc_O=Y{DBG?niOf88b-=Vu*9%wo3`OXa)edn%?$%ne>At z`bd-yF*AMWZ+xfdegLk9L0l(gg^Sn8z++5i5rS-cpRcXMW5h$jAQps-G z3;$K(vxe_=8n7wIl4w`~U(K+`3QD5TR)*;aLMe*`hWEt&6Otx1{8F!Vy!wNJ*eysQ zoo1*elbCQWk!}fDsH8sd^|0LkjmglK)%`5IB3yh3jNhX)52<~`0j*s8U4a8}=l(-_ z_nm8h6Pqi#?c6adY1Zm!y9~!*mbdETh2^0jYcH_qXYnK_oRr=sdCO^g*`pqGSf~pP zynae%BX0jv1|pxjbW{G~idX(`zDvP7MItS;03)G)0Rp3cF_?-C~rUf^4~r6q&XNP&(~yEtuNG|svhDYdc?Jp=9LUHYF$hL*p> z>F*+f(4E>W!8gXI_}0|=kK1|!^5rU?3Y>K-<|ZrFEIng($vO)CmL*H>fhKZEo21&d zo=06>*-6|u29A_GH7ms*n(Bjem>rqEnRAo>H;)ngO^cIwUU<(S{$eKIrx4C5nBdb& z2Os}gr7tXFZ6!B=q-0cVO(J=pB>k=1TkeLh)?Y=>`XS}40@**+2n^hTb=!z9l{4H9 z_9A=18fD{CHx!!AZ9c(?{gSOAU~%!GIC$HlS#uD+2d+(XL+jzTdiL0a;bU-b@Pk0p z(a0#Fg)tRmlrP3)&aMPg-?PCET)5pcx?!I}#$rrZG1F%ETJ|l8?T|j1#6XemYV(IN zjmW(DeBKvs38s0oh&B`5lJ)JZ(CNt(E^-C{FSsMNYIJ3lKh(gAB4LHW8tmN2r^%b%YoQ!IWi$Iuoaiub0_cC{~GLgh$Ig z4Xa`q3>m5o79_}7mgXkF_jP+s@EReKsY|J~TGyY#SlZtiH8xHPE~_|?+RbtP0Gf5a zR$`HuUNzE(q02U*mz0`hk0eB7Y+4aj{1ru-GOPSs%BRtr%BJa8PcMW7vwWKi>s$G* z8LL2&+L!n;k9De9aw7nKQIxII+uR2X`gos6-tIZq;jYqazWTdFnf8g{_u#`21m=x@ zi<>0V?1Of|MC+7(mZ;;y?U%PN!oUg|kBrOI+$nb89bsTFjo{X~y}69zJ*s6DFh(>h!3pS} zxhbZis0|+q1C2R}5h`!5HP*o?rl_qRRN>1!;{F)*Z#<+g(uf za;stm(xFmq^sIntRuh=f!_AeT^aX3PoKAfT z*`&p}S~&rgN1SFNz%xPoS;O}{70~*%Y88f=c=;$mfvPj5Ufxkq?ytzICwo8)JS6y9 zV~*=%^?O6YESpX6P-^*Q>oHH8-=9-h-xf#emdH9*ErHnXa>GqKvjGmfCRtWNoO>OS zUNuFP4$HNpWSMXYb#`GxOj>vBIh zSF|pWEA}TjAZ0|bs>tcef{!OM4~(_RpQPgucK*3~?lE~7DPtYc<2Ts|Hk)XgOjZE6 z3SIE;NNOEa*b=3~o{5Nyhegn2T8U-pBlW|gI`oWtKqaP>jFe&!MT>An6x>7-ZLb}H zqntu6>2PH6xw~}Q(4?qggE<%h1Egq$mj?y{?+?sUT?K4SA{qIVf=KgVEpb`hI+p=A z632B+?;n9|;kFn(mBaCI^Om7YD+58a0vvI65g-+2tJX0374}4>9ynu^t<9Bb7yH$+eYfo#j@q{RH*2AIYz8OPeRPnp$JUHf z!X(nkEl74oM>0nUgo}~&bB4LAI=y}x9KMV1`5I_TV1U5~LqLGq!|{>7z^9=$;rD&` zrUI40*6sNC_s5^p;dP=qfgJyg`~@b3zK=`O{+q_|IzDp0SZwm>!F?W76`zUI5^fvQ zT%la2&Db!02zVW9*bI>4;<0A_fijr(ix~~a%~5&8z$`ehdd0S^jyE$^)mJZ_e`j)G zjA@KK#o&i3Dd;ooPaHD00@rJcUjntoJHc1Tf{&vet#j9CXU80(VB0T`w)jH5laywK zP9b_jt;GyJ5)pQdUh7eX1X8*L*3h!P1^w+u!JY@;`T23H8iab91*r+F#X{}?kQETLx{juntzniM@Ln27#ijew88orfKYJL98?LE#le3->!CAE4dFJY6%wFVMx zDzgs+zK?{808)iC;{{W9_s5%4-?uo$?>g4L0WD~ayQG5ytaACq3-ecXkm_W*mX(cH z=W_c3MIi`l6Q;w%m9>?YekZuZGWe=O4)?{b+D02Gla0WqVJ-F-K_^!cNl=&73VnD& z_t5gBh}$|E3K_d?XKC`)uEJ6!w@l|QTVDjp%i6*Uy==pTs-lF~u!b*M8su_gae^N~ z{IOiL*MmN<;E6wcbA<0|MoG+85^*kt(@)F05{uzqe|0_X%TT#LE;OF1;`f300)}zA zi*Px3iQf`R|51d~qd%Kb!|PB^pqL{jD@Jfv!>loh{)sG$9V1EDmzN2J)oM+B z-SV_@u4R7@q85KGMqNO(9IxrFfol@(3np#J1J@*A%pf%m=F?)`2+AuK;NR(=u~XXt z6@o9ahc&AGdH<&4rge07{+XXQ^+HH-yEm>NfRD#;`;dGynZ7#T9-F^BHh(oX?{#Fc z`O*9HpL4-d`@ACu8Qk{QI;Ua%!Jul7(AbfZ&wS>Z3m_o{mNfo}+0wx@+Umldn^R9n6cAKQu5TRt~>ScGZCrs;g zw(1WKC{Jba*i(1%w=&*dFsNNs_TH4Qwj5g-Fbc_MD#hm)TfFG?0*)$1`}>ZyGa}4oX<43 z(q?hmNt2xy5vtM^7GjN4>6zdqSj4VEDu#}1um(9i4JtVVVv6K z`dbm0GXXg@K+!Wc^D)LtQ97Fw@_E&#aL{7w|6C8fIFXAr>zS!e>wM`fKm^79TjJuHRB_4Iciko#abq&`hcw`JB_pZ`c72~oKe;v zd@N^`KdpZmK+)Jk>#kXL;~ZGI?AgPKpJueyOvZ@HnT-=BncuS#1O_4#KIByHg+UnOCEAxF&68h7+;RJ_&8!&X;<0DM<2s%`JVe90Pi3(XU;wE^m;6e zk`xX4i3p_BBG`Y5&N$@AaNi0#Ax`lu?=I}Y%M$ql@+{Q>^`AWao=TPddeHv8lmKxN zHp#R-6s7Pz4wJ$cgt^#yj{&4PDoU_jY%G*8zc zRSOgLipch{tYAjl=c=4SI*=|mP?j|Th|HoX@}rlBXj(MK^z7bHb#~nXyfKH;NLrVK zf2=6VWQ#%P7b_%f!5Ij)7dt9|f;zp{<#)rf z#W&~@J5W)>)i34#=jm*Z9e(eBZ(Ll{%Gv}pXeOIxV!Gw#P#DiWPR->C${!$7*+2j0 zr9y)#eKFJ(^Q4_PMV+zZ41mxSSKT7vz`=G~^4~;_+t@)|j<n2ZzyL>NTWv`@h-w&E$ZgMiF8RSq~E@r)? z({*~WZZ|@fwUjmWp-03|kW_+=sopdq*0ggA9xpTD@a97|WkW)O$KH~@ag`W zIWfn9T7cJ3u_Z-EpQtTg+2AB^mp$k{i1UrzP4i4}B3qXkY-!&n>zlT%0~ zN6qG1*N>Rle!K4-$XTVwaA}flS%@6X-VFE0uJ}>sPr(F1DqM_tOm!W8i{xc}L(gK1 zzDu7~6lNah?PVpbb;cHR0*XX)#AUmX5EPF@5hP`w44)j7 zXbtSMJ0#@>k|H|w>}G^QK;X%WYA=fD^ernu-43c7by>xKnXy|>AiT5ywBuJ?uAoS& z4iqbjj}4e0^0fH%*4?Bmn4w6J1+)yTU<{T3UJM0@a{-F=rVL1h$*-Fsnm}^`5yoA* zK_7708O!#1)GG+T}I&YqBr^dh5EHK)mL`DW$Y=6R*u zp8k+bNwaTy*#M(PGGBLS=reY9a<0R30~r8@jPa}x8Fh+OEU~^}2;kZ|JGIpl$`+5v z*SM5oj2eQ56ssOwQEp18GXzJdq7h^p%q11Ybe=w2p%3ypeUp!79cyD|sH4W-f;R?K zpV>Lux+J~-5$Qr|@`Je&m~M+}@{vAVH~C>#C4c-kFKH(_&EU@KKa_g|tgn$&2~!d* ziWFcOIs{lOCj_5V`d^mYR?Tv(AuRO9qljvcrbP+w)0S>GdjZwwj78&nLr)G&A=y z{C&B<0&~7GV2_WFr$6yq>+TEO=gmX@@^2OU8tn4yDx!}^W%GkoAsdP1eMHsa{DzP> zEs{hkZN#&zT{x6XZD*n?1tuiOx*HK{F3~2`hRXw30}|W)ga(>27FUG2NkFTk@rv(> zx&6+@z|lpbIt1CJnZ!8DZ5!VJL-&$v-XCe9h-&5m54)b-qTW{-eV?WR<@V~(C_ z-a?w{t+yxP+T*q^1d6mIDhv(&q$(tN_kYYjp$J3>=*ri3h$KmZ7L1natIZb!04*A zP5b`{Z$>7_FKW-U#N8|+7_-N)g7lJ!SI%}NN185W%?mtNG1dNc`iOV6p@RUzS_#U^ z=Ks@n7ZCk}&`Ux@MR#rNIkvVh0ahE_MyO)}LD4HZD-+~aE>mzRo3~pCHxswmG8H5n!mY=UNu+j+_iQP@nn2@)<4SR%WqKS7jT=|$-t~vw4Z8A ze{{ulg8sGpkZ%L!8H%hnsNx4(&cA3SEa@CU0BcA6MWA?_=CLw z=tq4K`n(*s3Z+u{H1m23e^dAaPh=2>={rFnC0yg#uBxc41XpaHrO%M?FT^28$VsGT zBG5HvSE`Tst~0L|3*nIus&b>mQdDaPcXM?084qIDhWF%#eH(w4M@YeU4wLs6FF)@l z+aJ-)KT6f{?{46{p{F)tZJ``QnPAR&_KUNHG)dH%0MP7lR-q&^3ddD!7(e(YD^V*L z3yjC3Vq^()QB~(4dmcXJhFmsRyQHJ)cssAiACavIm&FXMS&FH4fpH}IS=ty`DcS#D za$8x?ny(noxr>rp#pVd1-uk!rt=;4`fF&*>fWLwVN_$x3@Z>fbwWy)Y-2k2GPRNJD zs;>Ub0KHX2ot+%pY{3%6P4cbjl$Cq=bJMxfHr9XtQueASsy%0N(X?QnrYmE9q2CkM z?d%UJK;5f0iTY90|5l2da*q*MLmMwhWdi?}&TE?`nZ$DWb2;(N;sceRRLdUy-Kg`Qyk@%bZvZ+6# zRV#PyN`I3e_(-5g+5C_Set^)S?Y@o^!(FbGC^r8e@%J{$6f!82l2PotP^>n93s~cY z-$l^5;>Vd3G9dT=FWk1o5{5=1QSD81LYvM@|Faa}TE;5j$f7f9w9dvK-2ZjL1Xzuh@n zC-zZ_#|+Y?+0`k)xB;ln!t-OTLTWk7#U9F4wMJr;Qm~{ZkjxKPPV`t^B7~fslT4f5 z#Nfn8dcln?H!(}YEU;Pr)r1lLJCrIO2LqJbtiG8811A5G+c33;H)+>D^gbOS(`;1k zGq;r}5chc$;^QuF7BPG&9EE{PG&eO5YdKbvz`qUuOKu0*{olxKnH)0!E_zm~%uD+q zd~>JRd50@W4Yk+*3zcK zCYLHWeM3mX_Csw`!<$vclJ+Fuk4-ixp|>cCL$WQiO_z6n410(?PY~#sXevjviE&=X z2vxASPqf9d^b{N69oPA?h|B)nBs#K-PNYl#)n$^ejv<|1yYuM960P$(?KQc1?n)8z z*)h-dhp(~c)Ou`bagareVZ()ygT>eyVkfJd6$0*WJl4=8hoGE?{AFE1+5!7quE{b| z3w_DFE5WUG{eBd4)DStGk;b@Zf4uT|z(&N4$|U;_*luH~{Wu_*jrlx3#qBn3A%^1$ zxv5fMW4Bsk<`{{(nGL2o!R4-R;Du3&N9FM78h~ppZmBmslZBL{Du86tP6t`Xm;(bb zMuik3gAZc2(i|y3^fJa%<|SND@znErhQaenJm@k(zCPy?+|aL)a(MX@0&m zcxzYnV7aXJjnLbxS@EDlwsi&QSs>$3ru(GasEw+1m@@Z1$6YYdDAVrRLb(-(pq}d>n*owh*5^UOkn? zI^LLo6+DNfF)rf=)r=7V^P&y`8MD~tN!aEw)aDTspSB{gGvWs#7q(7BRs$8S7p?&I2xBTrzI3Q8@wPQ zDF*2)u6%yC06#r&kPP~gpE3WBNbO7S$Mu;CVOMcU+>#i#GN@xZ`e}MVQPX}+u8E28 z_yOv7XvGr2z@Jr?Zf#c@2rm2~_{C=pyOkJdB{8%z6kx2NWY>~T5smi*+;YT_r91>N zQ>WxPDWHgBt}3hd$Ih#_&6UwF0TGRnwjwV2pGUT4yhGXXiQPfuxb{h?GgG8L6=v(( zdNAzsny0okUoML`$(u_0utBe|Qk0w5+w0u31on$rur+SwIWLL2DHkjoYvWM1B)tNK zbC061nCHr3YM3Li(j;+n*!P%`7}JDLjuP-^qScE4VOjR_Zy^L|1Z;8K5LBr#Rdy5P z4C|%BH2r2&&7ivoOp=cFx*mk;fLaz+YZjk7iC}TQyCkVYOc30nIfL&HN2PFJGL=h1 z-lPjZ?eL$LuYMo#=~dCW zZas*t6Fw(B)@{nL{O4BcvhnMu*iCzWLHRk+InpP1N=E-%X_}{mPfec%t~Js|{@oM9 zxHf4)LqZ=q~ph;8@Pw0LW z)lWt9-KMoOAwE68poP(J7kseyb3vakPrjw0qR{)L*hc!&rMLg5G2yv9Uh7-Nvn0dU z!h8vlexcvEb4e*)MS{ObTQ35=z4!8ELa~4?W%iMMcK|VWDRc~l2dW09ZoFj^RRwI) z1EN%H$|*5w8di?=MG=nGF8nG{Akbn1z4iZQ+5bK4^ap13_#e4_hx6Z-TOyMZuRS2Y zCgL3auiI|_AAbFwk3%-=E9l=0iUI8R1?&JM-@QP>?K9?}&;xAi9{aEA{{OrJ!MtZj zmdy=1ww~`}(3w~zjQ5#-bw+(5vg#N_^RJ)m6bH6a8fikgS%e(R)(p$y{^{W(rKarV zpH62JqCHzEpM07ms%WzJ4D^2!5|e zlj&4M+XBA?czA#f`3`-3dHLU>3crB0bUwyDu7>ZCk3Y&KiK(az{7!S%z#;lM?fb%( ztv9|ob|&r#biH#Pl4#H?A*rvib!Z=H785hVe@5S<}`y*=|tG)twtKmuO9!Q}(0lb(a;9dJIHS zkQWPrN4WU`w*7lvV(&L{#3QPG ze)-um12S&7{uup4AP!t}(utSe_=8?fYHKTh0Pq4E>vb^TaP?D+-QUOU-aq^|j#dc* zAPt#7H6~$fM(F)*&Ri*m@BNSCO;qy;AI4s4O|Fdoupp1ZB*JWQ%=ir#9*v(SN{N9* zl(5ZqSPv@mlh9ugI;tkAo;2=ce$_Gf)=`vOIkQ8{zSCTXmM|1w{8c<^iWoXNp38cn zzKVTVR$2+eJKZ0W(VPJHnYd$>3r^SDK3u~Db}gHUrtIT&>4>i;V(t_Agj^-VR?fTw z{As+TECbDHd$UoF-n<)(dXe?{Ok1IA7C(Dta2vbn;bh~G;&3AwW-63&2dy^W@lJ0w zvu9D0xfgNLoyM!cj1bUg)qE&j+V5wMt&_eQmQk0TUt3UNb=lOLnIGDJSo@%R`j8C_ zdR9D(C=?YVGSGA;4ghp(2jgZ`)c(~D6LYy0H}B_&K!z_xNS3U;RvD%BsqpPJxXP=2 zFT(lYNpxCrAXY_}q{s==GQ=fXB%BaZ5<($_(;y7n&&-Xlhjc{^+R}9_YcOLu(&b3V z+WtW~2w{-D>iL_33dQp%068rQ<|qz>f~EXv-dTvXH<*1|cbOB-bz%v>9%iU&NO2U^ zs0rh_phB32%8ivc?HmxDuAiW=*qC<&yN~tgt+E~Rc75qB1N}>L4}=l^a0n$2));@1 zRf{WonFqNF5gOht4$$e5=rIlNyuQV@Zy#Fs$#~w|?e@d^UoE*YO5?}#z(^C#k`=y# z3Q=$kj}rIjl)nl>U~Lu*68CKZ?UsnS@Ayq94rMcc341|U_{4R+f;5GfoR*hGkabw5 zP~F^tT1p2&Q1Yl)qEa%-Hd4x8`&BV`4NCq)`UUJ9Gu`ETkX)>c(w}?TC0HR+)w=67 zViCrQ4j3SW^Drrih_D#Mo3&bHdkf8u5{Sf#z|b!?cn)eD0&1MdCU9A}AdBH9=-vC6 z3~t>ty*O1tg?^ubmAW3BS009k_5c5W65mnIz?*fUeh>Aga=7)U?e><%zo{_&Q#gpds z&@Q-+@DqOjg|JWrW%!+8`6B3HP!|jrdxqd=K`<*65=N@^Cye6#0ul;dsjEN)d1QJ zDhl&zcEw+Ud$uyAumg_Ye$sgMA0qFw`a!OAS5i6FX1O=y0j_R}nc50kMU$+Q#a^Hk zQ9S#0*;Tdm{+nc}MrZ^akUPH;n7+TObxQP{2EfH(AD!E_vbA^D`LDaUM%UFFuW zOBb6ZXZf*6x**9vL@c5q`$J=jJZ#**VKu=aEFp!QeQR7QP3s<9K{ma$_VEL; z&h7?T>(PYReN&#ukXJ0;=9icrjQ_VFiZsYgAo1A9ux6dCUs4FvVdDD=;J z(zXWZ&(X-{){dDDSWO4@jRp!`l@g9pzadLR39m#eqe_ls-uGttg;aDdr+EE?DR2NU zG5Vu`AYs+Ht_GTsejvvfEHaxcb9I#-&8@8(b?G#PQ{pgu5FEW@U1o=RHT zw(BTb9C=mJK4sXfVyJVMHXaF~kz}LToK23?c0ashaHn9q=CO9tz$EVWT1H_DhGLrv zYL0!mvQcR&fwAz{`#nKP7*JII?%yo~0V2_y*>)vMQ=Ze_qbswFm&q@W4O*zvWsu`6gJ2AH-~}q+i*CG4BeDdI(!QFxa!0!d zx2{d8t2M?W^7?(%jHLTd@1{CEU)HfxVO+eY-w5pZv$s=+j9+*sJ03Oaneh^9SWHG} z3{-_cHiJ;YJcVj};K-ylX~|&dLX+JDDqjheVP~M$8}pyJlwpHhutT#=tbYYMl6G7R zwDiniFjU2pNfGDl{h6>nB5o@|!pP0&e~p`AjOPMYde7nxM635IY@=M8Rfoh>E+j7= zL0_>lx153-dZCgBW*r+{V$3Whj>MKGb)X3I20LA*E?u&ga1Ls49zjOhz2U?6^(T)s zQZ?s1T|BkG4JE%y=)P=vGN?tUuZm{28tqzd!X6nIz_imH)lUeZj1cgjX35p{mi7dK`6cpY=aEj=_N3Hh3 z+5ri!d!Td*{a{rZDam3y<071JaZSMIS-Jl=owhB9$4zKOsQ4)6T$S7mjLrocm~!zy zMK+k-8|IXr7l(mnCVMQq#RGPV?B%geIkvtmH`RZ4CZ|Fi{orC=;>mUxNnK4+ma`6W z7u`q*@Mp?cJ=AO_9Db!Nc4gJKHd_pLRImTi=BkqHMx zQ+l+hOV|ZPDFtTj-B1l-1wOU;-9OIzv#moo1%5qakjkEnppX|-W*MDwPq(CDvNzEp zLGOibyo}jkh7T>0o;*GEw`^}HV5X99IvYC^(#qYyWGp0>+9#Mc8I<4cewYn6vr;il zhK;r1SoI#%(Bq^kqF5*1A48Qs$4}|}g=*oGkqS=52Rp#%WwV7;KJK8V*2#qN40M=v z?R_H{Sa?O!+C_z=I<#GcYKTwusHygwwDSQK$X2`(I_Xf%O;)O1{PUw%!cpY2EK%~v zfm^hsRakvf-=(Iexm}abtMd@nmeordx?eDU#l~bB|C896dVF;*Q z(~eZjJpNA(NxB*H@D_dblGW|(;F;-E4npR3E+{8Fwdl%fAGrP{Y2r$q z6^Q50AEKlTYMf0{3SCi=67*a-Rdmy%;12zrr%;(!(|ZM7fslX~J{TdFNrk)ulZWF( zseHJQR0+a%y{~_Is1F#Z!d>*O=Eaqu=?!7q!|RI++D0T zBGJkuL!7FPY3OAOQ1EcA5Db z$lPrf&cN9hYo+E%nbabEX*$dky2LFCOsQJ$*-CEdiub| z8RpoYnLaA?PMi9XSAWEoxvbDmQ<}767e$&oKg~QtAWaMkQ>*DwvdctksczLY2@&xx+l&V(f}H``+JeA)L|~4nCi-T&qTQBw zl7#9D536_l&6x7zDANI?=Xu_?@ACA=Hk4Be(_5{Xj$=kF^EnlC1M*}JscD3sXkYTG zWc==pEC=qRLk|4}`jGAd1sttDr&P$qpUX=bm1fm7%`;$zrsNgozT9YM%Xv55%QHaYa+yd`?$oM&7THZmn>CeyNF|A zH=!n&qN!iTo`cw-xKOpGL{o}t40-%0x6B>pn2l8BX1etN&SN{Sx{7HP`w*9re;F?G z3f|Tn-E-CrXgf!3Qf+S+r(odh1^rPdg#&)iDjoLV>Rs>P~s%g#(79P4w)47l77+Jm{k{Ai;C%@t9Gns z`=6CA<{XkyFY{oQ4r0RcLSkvfCK8xvNHwr%J2g)D4+kCMD{Yid1*s9N6ctIjKdJX@ zqj5rya&qL>b1Gf7MhEt-xwn5BmC;!AQrRiWV@0l?si9MvYr-oF#`(XwIzT$%^47=g zZozUoW8tmRO)vk^W7Ex?Gnv1j*Gxpgf6kj^{u#=Hg#n|AWf;>jNx2H7sXYckvISP+ zpsc-Z$)roMfGv%QfQjLialv}w9rL?7mY*?Y+v)?ZXqpZ0lm$+JQJID@UJ`EkzQ~g? zH<0-TsX<@B4rQh}Y1oi^$>Z{Ox==Hv-vf5li8xE7?s-4`tyQJ{6B(J(BigV)9E=AGIjeG z&<=5#+K+3Rw+?cM!uxh2;*QfjFzF$6Z5h(8gDr$6F9p(yiCDloDG));LAi3WC$G4D zo9dsjr*j+vCwqU_*k>?e21h?2YnT=PQMm+*AzF1X~xp zS!;y!psFBOW~u{jQw90;VZJ{CNFFma7mB5aV-@hc^YAWSzgLfO63)LxAj`BH1)39I z`1kDkj2JlO_Hh|gZ?G0oG&4ZiE|MG5eYSzy;p@6!78QE83icDvlO=8<-o%&TOdH9x zxP87fbiW`E2hm>vz`*L@n?M4?Zq&Z`Jb^Z6ITu}7hF>&!cRM56BT*?eabKQ(8Yn_f zQ;yH$VdN**f5IBItX4CEd9gI3_0Hp&ID!K~F3G*Ipa~ZpZ=g|-(``uw@ld%n{!Cn7N5KcNXk~+VG!hv`Z(O) zDzEmI*uOWU(Y7K%h|*Lw^Y?i}W~YnXO%j`*;zeyjNfEh=Mv%c_vwHt2{Rj^uBc)N} zPBrT#QPuMD@LMP>3&jI+=kimYXWiA&GlRhiLrNmC#e+{g5o3%x={Zh`T&!4<*VPaB z5>*n8F4c02RSES*Q)5CC5%UW9NW-Gm zUeX9UJF}e>(@+~~L*Ydh7F?FTru*$f^Z2g*n*u9F%8wXiLaj(rDHda8|n zu{yMDQ@@4yV+%q4bLo?QUXuy9Jz*?=Cieb9I{~0@D+rda0u77T!Oe}(F5?sfKee#v z7p6x7C3qQM!>hX-+Yh@c4Kz^OFVOK9Mx^+Zv-za(5{EQx6JAw^0w5xMUDMgcat4pj*GTM z0gRUG-4NW`@G&xroIQF+=Z7RyJy>BM^!~6e#mphKVJkTaTbpl+3WkLEBBqeh*I)E3 zhqRR?P@?QU%y4n>JTFDUad-NTX(__|MQ=2)&&>ZI^5t<;GI$QZ90NDPKj4YcD zi(|AsiPQ!-%UM?J#^grR-!kFy_k;^y1X@|jPMQxYeqNn*+^bR8BI(6t+K+>9<11fe zZd7WEE6R+cTB~&XZd?W!YD;)Yk()f1z*MZdykdVMfltTZAH&NRd;V`9raphoo*wLu z&RXsty6#>fnhg4|JlCo{8bdzys+u>7Hdvuc-o7V@Zhy-i=MM~e%`Amz;&0^ zn5M-ssIB_j2L;y9)mnLKEjkTW{REM?X&n}4Sk@dKEjQV0ofI&M z^d&?4CgWrjx|?s`z&-nV*+L=s{{n(QeZOBU5k~(%dvD(zw~gfqe-#|{oFgeyReniN z&y1(1`zW%U))ULoN^up}kUq?kWqNg#-q zi~ELqe|J%3nT6?7z6yaIYsYKP{P4R*zm}DSaDvfNhj!y~pZ|a z>$L*4J%nMv1-WA-I+xo9-CzEbyqvxG)9m?-ypbic)Rbw;Gc_TKu?>ilExP?fp!gRcl6H`8hv<(p7q0xbw)CoY z6mT0mq?;K^9GTIKyx0L-j=GUEkrtARPABM)K2IyXk|qB+2$a|M@i*TvN5#*iv5*gN zuqP#hOg`G@-RcjlIcTLJK4Q=1{S{VHtdl_9&U3f15IP=c@10`bk4<0!Q%>; zX<>2Tj3pZO-l8WCbPLJTl-z;0-S%_K1{}vDih9MA*6m27^(zcIyWYz59IE~y?^t=q z+5Iz%VKp^eergkypMg>L3^PCn*XQQj*WbP(Cuxefea41gR2ljS)r`=Be}{Z=LTCa5H*^*G28F!O7=U@guX0_cmP zFlZDzL9E3EN#QFqFsrDTKH9$6uNW;^87_166;(VzjTMzNhr<4_DGgG_+F z%C+`!sPC`dKICS&pi14#GQJvUEw#LIY(ZokdW;CTgc=L8CG6Z#(DB#W)5j=Lxff}B zk=Fg}MOyE-o=Bus${40$s{MtyjvLCJ>)^BJI(x3uHKX4=*BREtKuf%lw=B-5fLbNd z=7mjH!p@~}8iNQa`~8ak{3%AYVl-uCFRL39x)XIm+6d5<(lRH1ySce^1MyL=LKB)v zu|x}n(EzG>(_>~GB{T9BBlMn@_TI+#Zhmn0`SX5yZ9+Xlg&~qqaR{MihE3TDYcuk# z$kvt-b1~#QGmm#{zMQ@M)9g9;ngzS>FR3v|+#zngC4fYWQP<1%Q^hJaX?VRYu2}Cp z_@Z{5&+4vy0b1eiIAMmFTrO=fXj!JAGP2U&o@&4b>vDsV2QB-He~DlA04YnOQM`;= z_-~C__p)Wz_0GVLw09~mXD|OXW(HBtO#o{<-^oUlrQMgD7EbYUxcoTdp!BggaXciW zVpTC5#|14$N!(NSR&(?Y6Sq>#ZP=i^wYaWB`d931NSt!HH6N#7dX;jxZvP0ShD0ic zTf_S7ltZ$Ef*93lj1o!4u6e97Nn#Yrn&eTZjGC6yJLC0AGD5c`k@_Wx&@oB8o=JAL za0#G`8WuQCzelbaW;LH1D|rlCmF#M-l0AF+ow27adpBxcd)_qm6R3M#4>GYn)vr_A za~d7C**n+*&)&iIu=U$J*m}S9L~eZ-({o8n8cuo}=P@Gj+rCi_u%tQD)?q}8f(Z|S zgATIyS8pG>SO7mCAN6C|AimXx6v8152l4!pDTM?_^}Y-qqb&~m{^~6hgJiBCru9db zGE`PL=i)6?>wiUF430WDx#3Jm=hPTza2=9UQ@=R7y5)*eeq09@w@o^hp^-~?tN-GE zI1Po-^ok`+^a}RQI_%~()vN$XQ#49kz&lVf57ZAVsaU$)02hy%L5&W&^tB~d^p254 z=0(OdLj!0b2YhfL?ujnUn@}wJCJAF(>pzF{=#%=I4$)8$Bl$I>(W7VpkH`hp$?8{g z?w<%Rr+sWI`>CQC*S2(r;ocb5Zs;Q96LwWsAa||>+aPU1!Pxy9&UwxhdQ0NS>g~04 zt~4$Bhzpu1FKtiyQO7v0q5RIKf_{2J5?1Ole$5C+#NInQ@a(;_d-q4<*?VXA-r22Z z@0|@!bV-Fo&)Y;dZ3_O$uzmDuL<8{p!WSuOyJgI(Y9;yYIIMLhWKYp$TexP@#sbK?u1P|c8Q4dx}q zQPeG4KXlmEm&{!I@W)VFfN;!yYtuCtBZ{0t*R_Vn=kzsxxq6N7zWbM*Y6z zdI(3Y(Xt0t=^p;}n7B&twE0w7wtW3 zxEJm4>_L_Gph}z19#m-$s?`1LMcQ7Zb0!hAZv?A^9<$#PuF?pAp8$R5Ow*KVIwA|?qV-B$c}ZE}BvM=IO7)d*Xn%Sm zG07%VJ;Z)7V~ExwTyhv9In|?rDrM+Ku16Q-iY^VzC>}DRI_41fG}Aa2nw589fzX=H z-{d`6038dRtp{cmoKD<+kY6`Vj69OX{ZM={-%mi@KHj(a?Bjj=2D^{<-Lt2Cye~YzG2XO?6x+L(_wMDc zHQc+G;n_oqkv*iCZL^0I`)>y+1|G5zUhw}>x5xVDis(vM&v&X$KdaOu^w8@ULtRtlkDgPi7Ma?jOuNDAF~NMhqlI z6N3aZh{B6VL5Ns+TXz4FmDgkLjV?Cd?454dBVs8MXpMx7W6*?>DQmDN16ItjaD z^`|S{62B zT~aorE|G@loucS<_m{phJNsC$lIKilnvn&gx+=pmjf#}ye7VvjSy8d{DWi+Zy!z04 z-a&=vN#H+mZGOx6pN3hUePnr&(f$yW*0P)lBRW(wM1i>uATT2;Du$4ErVYe`xYwud z>feTYIL{h`FQ%kYR#ynviKgWnq(*C}BggS0w81S&NejFh1{&mLz%VK@ny^46sa8Nq z)aB?fMJv9%`(xC8T$`3&d6vycl9TVR50z;ka6upq-9}*c&i0QFP@ZX$Fr~f;d(PVF zW9|*dj8DG5CMTEY;P4{n3o_5BxSb4Mgfel*ODPOLB6qappx%5q`TqLHlhf0)>+2uC zIs2bKp1=O!f&%sdsG){?58=bsZ|@=O{nitC2#ZoKMqycCdvDv)oTb2fY)9xo)3O=2 z9-*WR&_>CYfxOzSL0&=gCTGMBHW;J*ZE&k0sm!!ZF?p+*`eqa|E(Y0R+ze&LPRbEe z#P+}NJ|N2+Bd4z28=GLaOOVx>30_Wv=7c~KKtOzzQOK;GxzLiADju#Z;UtXD+&zHXJ1jEYc`*k z5+!_V(jO6--`=CfB~`v$vLV)yK6uf)Rh8{XSgu`5RK;m?SZ^rKyd zA8{GfUp`D7u)kcyN#xc7cJkK3cjI|${i|mg)lBJUt!_4c`a}0%`}ty=sH91#_JLn8 zT4nkbDH#L@4>WGYyJ}nHp9`s7>F>|(GP^cFEm=q_TW&|k#TLw^zL z@2PXBzsPo;_6OR%k7^gGKIJm4vT8v0Zl@pN8({X(Td#*2I`Yc4tjd8y;N-v^%_=tF zPBUzVYREeJQ(ts{bJ9cENd#Hdh&f-eWtGvAu#ZK_l+k1fT~aQTCig3DGr8GEUD8Ak zs(~D>Pu#|9T zuxza*E`*wyb!Hz2`b=m6$so&8R)qo}R(eNyM&}u8FXcbIc$9@yte_>;vK+CD*X|um zzDdcP>3hZmq}fr;1l26v;hgyJXEVS5I1Hbg*!jUIfa{In12_Jl;}DgztZ}FqvCTem zrH9>=*a1Laa==B@0B)$-%jNT@>Kvh=v*z~>)A#Ved6I5-LQs@lfY_o=^Y%$A5egLVYD; zJOweR9?oe6i#*~uKzk^D<^@8@RF#2IrFIsJ{$aq4}J{tO?nLk+DpKk57^S?FD9J5{6!{@R-QYNHk z?mHa=H>b2+k;qUE(u-V>54B18qwVCwjGVPT*3m2AZ~Q2v{t(p(qh*@?Qw=(1=veBa~lIdMaBBtUL=NTlr}z%VJeLT^dJ8D)3i<= zKl)(?|M=qgug9O<5C438e022pZ!W&Rxjg#^KmPQ0QRTPz)2E}qv$KChc5;0D*FMS9 za+`9Yr?Q;l3|`)~*~2*`PLy8?r@hJtJxJBqO3BZP5456_L5oZ)}~m z`cktm{();}(17T(X95gGsx3-K#uKiyb&Zfe!CR(#-s=I;l2Ac-USwd%0&P$29Sw@W z&+D87{#Y_&3UxYkx4=F~>T2*d6ce?g8DQNQy&fW(7P9mjN5@!=W%=@tt3$I5{_EHL zXHXl2)abegbE;ArZK|eW-_d2mWcpywL9RZjPx+_Sr}WePr}gm%a+LEdX~MovUlnq8J` z!8=@OTdo3VO$unjNnwg&rm3C~qgYUsB=7}LvbPG70`2E#eAWn)9 zf~IYKIb}Z4C8f;RKqaM4Vj+b?3DHDXG;8&5^k;2UY{P#iWL|ZhBUgzI5WUK~rX~lr zF`;#Jj@IhT$QwX>>4VubytPscs~UYUOe@hD&i2DN<-N+-J69X;8k{#>POdG}2in(V zmdtyW<=6XqRb@;WY6Y;i&R~i21*t@ntBVXThLtg|e9=Ba)n+(;uexDqL-gmIhqYqh zWM`gL^=Klk)!2Lm9Ww4_*4=dC!aAX8BvP-Xeq&2@yLMompS*kBmq8zN9i;! z`@b0B+iTwY3W@0En-EHF*&2@v6~rtsb)CR*A}d^Rnxafu&SG*WPSES$wkPGi$ z{tldpu6v}vb1@=}sY|B{08Qq9PTbsqJ6xA}&RVr_PA`ZcE6PZhtT znJptn1z~7y^>iv1Theku?pIPV8&b+Lz)n55W$S}U>xA?fkBS_ei-THIYaL22r$DVZ zfWIBgwghaSw;?QcceUom1>70^EK)5yX-ID$;)*vBn>v}61g(kg9KcLcfJLO4Ax^P; zRIbRySM5tJk zj4f%hhVORt>2sxEPVH%u1nYv)s*a2)3M{*tEPL^^ifsQ zp_}Yy(o*XA`v_T>1Wv#zh3e7=chqrnD?sN)8vY423Q#O?3mxKBpXSpHieKxO_9cD)bRY zMa#iAvBb*~q8~s{5@cy+N(z{2Kbwu#c@ChFKvsF2f{j`P_q4`g2s2^GxI z+^}Z-FGctLQI|d5b)z(~E)%>nH}<+YpHODO2Id8w91w~HV%!bL$m&)f&zMe{X<~NL z&;E@6n3_@lWqYrBb=cr(?$-w)51;GxsT7)h93sZ+c5AYdS*l1O(`m-;z;4IC6RLH| z=Wv%wMVGKKVpxhsvb$nhbFoxbn57$WkS^N&Ql=Y&7^^xg)Yqk~dhn-OvpqP$P!pOF zRTVCTB*So7w8O3G4a#NKSK_V?3Bh>YLZ&lvEptZhWL6n=zb?!|WtqH($$nGKSq8_t zuScvq1N!H^>DXA&(gw@8PQlM){tTWj)3)f>QGO8Q1yZcMheZFc&tIb(ZjRr1a}CQz zUe0U*TfO8dnR88epMGkr_9MaW0VTkPQo6Hghv~lI2Wmfb+|%io`2B*FImbYfIk)HQ z+pEJA^_=p4THa5m)2W#k-YzrU7kboOaTpD__+;v`lj{{Ws#*PE)nCesinX2JtWh0C z8^T5#BB8>31#ZnX2ILx2n@KebMC)^-#)(wktJy(kli~cRq3Ae!I!=MWE@j4(9#y6- zr#oKrxwvz-qIX<^3nsBI?<4D~C}gSKQn|EOH}s(xRO#|a0OQH0kl6j$?oY|9rP)V z=L?Mes>3zh8$R43MDsnp_ML<#&4=RYdezvn5+~6d-*6Vg_>4YP37hP%%QdF^TOzDw zR#D1?sa|*Rd&QLL2UL2Wu4TE=j9kz)p_!6y?p$oj*O^)E0CVMn%%xs!iDk2m+k&#; zsq5?0?PxpPsHnhG~P)#0};e=E>gf5Qnd@d zCI#?o8k(U-9TiecOW8~8m0~5jcOhzQO8{9QBNV(mH#RNRj*|MMm?TWVO%+DWHm1)CeO){8P_q8$bxdnQ-Ttv0pVEBk}q7xGcQ(&EXjgqicJg?10GcaG4=H7guYJ+ zjXn+LZ@sL3$J0>LeSgnGry=Bm>&JNk3Vg3v&z;IP2+5=Ire>azA;FvB(|l_-Y?zNAR;J5@b)r&lG#hMfDMDV8`4HgMoSmFJY?fM{Ui9 z1`>-gfNKjTpcS-2INQYNgdm)IW9I-~8zm(bX>a|`&5=R%Lz=9b`?D9K4-=xpE^aXF zBfXh#!3n^X-#YXP;NA6xy&Sq-Ytqic9I`S5;kQ-33w=p$@aE-TaqQ3}ZtOSfVq@&) z0_ehwb!yD2 z?H=69bUOk`%+7{mR4_+&Cnni&mV@UdMi)KtcQ_7>qEyWP4Qg4NH!}OF2&QBZ zz#_F)iS7$3YF{K_OSnL4T;KVty43ZBxsClrO6;}94AC0E`Ckd^p>6bXv?*-e8ST4f z!215qLz2--B&%rY8?X!>XEQt2(!1L!xn-qb87XKq|VNs~- z+Lk&AG12%i%jjWz=fG1Qc^t#ReSu4yY0!FnU}&Eusc|lV@9`yPxhDQD_Ho<*PH3CM z34*uDeB*pIj>)224*QV$4EF#78TKJ<`}-c5v1i8g*;Nl;=8B&BD%jTrOCr^^uP?4o z+AjiMTCoy+&*txhruHf;q_460O3GVu zc?Jy4@ok77w|-6-SY7xVmeZEpo(B=V?7Qtr1G|E)dXS#Hy$xYt?18OtxNfeRcysQ7 zDQ>O`TAL4=n6=f6<`p@cztwM$)X1P5wvsQJ$KPtRfw|0CeW!A0`Xsi~!={SWxYy;1 z(5zTdj7JIdY?wrS2|Q)HaUdhjk3Z^rDo$H6A6LkKJ(n^)R84;b z*vl(=$Le4zyredkY-0@qeIjc;f-n)djI!`VhAg3HN^<_ujI2pANz9^}Efi8ryI(vu zx_qtp13pCDkj;@RE10u@SKcvgOn+RCrnA`?6J<4cw!%37{tjpavw*uG`-<6oC&4@K zh5}RVy*1jxp=;j}g}pN2+oLX*eN0qW{p=?H2Xbk4(E*;w%@_);W#t`D*h!MeO6UlH z!t1RUxF1H1^6`|8ne=HF);QTJN)0*2rF28#}(evbI;&9#2_Y(E-iu@cM5j8}&vS*%{z> zMP&^uV>C*Nb*4UV))=|N;=CVb>a)0rxgOP=aq)b zlZ{c%h^+$*dwD~bumOAtcQ74&@&$Ys%axcpdBqa^l81-T>)|2cLTN_R8ERIzA}L?8 z&g#7h6`Gu}q1U zM!B|G)UF_I#~h^4a<}3qw$w>ipBu$b8gVZwp_vgUsk|4iQ=c?jGWbmwO;Al?sH9}M zEhTQYii*Ujlw5mZmQzvDEL)RY-oa(RFr!f29I(7nM6CzSvPm z*HE;~Uwiqn&d7}3+mY)TuOEKY7SejIZJt{&TxB0 zv31k%y9cv%T`)9s@W^1ZfTHbUhiP()q?qy&jNUbBNsWS%2M4YmAfv%r%kEy#hEN|K zdgKl}o<_X9Xw?`Cbb4gFI5r&eg5@y6hwa(GmXSDfMe&~*RHo_Qx?pjl*z!b?1&THa z#SgD7=4)&zNW5?a6W9P}aM|oMW3Sp%?NKctuZ922u!0!I-Kdc30URp{=z^x#9JbXH z$xWl=6|ycVY@0xz_GI|M-MirUW=$j1ZXJFUXs~XbLWjlcgb)npEDlxWVA$a3Z4EZS z4$I<#R%!s4jUy*`);x2yYbqNUDaR@zkSwruOuA1=rC2##Ry-YZK0dp0SUVQP8Zh`h z_C}PjbB!NY+BrBsYRHy4Q(2JPe^cbe?B$CI93iMWPOQnM`r=z5x!DHfi6}cVSL2OFX_l@9V zv$tp!fkTaobV@U$d|!Td8g{)FrM%-{@zy{#Hakti=DKRJhTC?LRhR{^e9o}AX9Ked zFln42aQWTogzy=gxu2kEpjYrBWK6@Xmkf+4AR?c00mE;`5ykcT;m>Bu0B|<_v(-=G zrw=yt_`}9;QJe)jg)w-G?Zc%^uM3vUaQV~+>mh=WILH(kMyMclgr#8=ZqBZBd8-<= zi{UmFD0Cd?(-t-T?vxxY>e@~dqNOC66wBio`9Y8q;p=7FHSM(mh>JIeQMhV(W+hQ+Q0&)dnRX2EZh(`UIO*~nzC?@U}DRc@4 zfeL%XN(R-tf``;P+sv#D1N1+@MynZlXUy&l3SV*Ml=Xg`34&+ITaFXw=*a2XPH|CX z7!T}yDv;f(bXg?>rPwK%m-3bgl4Oxd%Y7qv&) z1u5c%sgPKO(rS1E+>+ofC$iuz@JYiH%+A96!I`EF1z|l*+@qla?NII824nkZ_&Ku- zuf8~{S!GN~@L;uXVioHV>j-v+%}c@?f5(_EjpCy;6Z*Sawhz@kzro08Ue^P-F3{uFQwBY|9}IU!sn(hLMYq# zL|l2|6M6C3Y#h4&bdTXcs0xnVoBGWE?qEj4`i-{m7VvS4qx1Sz+e%6D#VhfwBH+*K}Sswu(6%QaqZa(d3tIKml1GTO< z#0Yk>$`zlA>X%qxQ?FE_X50Ki8-O#i*EX$u!(H9xIdhl(iQ%m$m*+V8AzA94H*kE` zR`<{=UZ&H6Laz0?U~1AFd1RNqs(4iUQT&zw8p#ej3=8HQtJe4K_7!(5dU9@GpJH}H zdHVIUow2`>8T8rBZYU6_ex|U?5zPXL`kR9sRBiDY6Y#P5q)jHbyOcK^(w%hNQY(^; zY8tUE))gg5A&V+=K%^e9Td!cC6HMpzL2&Wn4Dj7SE402&YqLV7Ke(faTx)wx-xx&A zzQ~aPfcetR{+RSe7B!zfwHrH`k?&VbG=yB7bZlH+I+4x+IjWI_tg0ko#`x$%plLo$ zF4Si1cB>)wiYcO`3tz~xs55EDXSZI0c9gCK&3V#Pnwn|XF(ie)G`z8eEayrj7#GL& z+RdUC@-bTvItEzP78{!{Fe4O=EHIQjVZ=yDy<+RGq-VH7!eZ=mn%v$)&`Bcmf@(hJ zW&$z2H-~oA(6u0bwt04sW4r>S#u~M@YCTj!D=l-Xc>-P^z90}E5=mD%`jgFJa@Src z+ClMf5wFIi?W{Ah`IueM_mc43Xwg(?U+g{saCp3z8@2OWD`pIm?^ir)QjmprhaicV ziQmf_00r^Z<-#5&HQ7)L+C2SNTUS^>(B&0)rAiH&^nqpz5z$K<`* zz*O+pTX6>AkQroM$JWl-+a7z{gY0dO_OrJ=$Zyy7@CCBR+8uRe?M8@NGXlpqh}3Jl z+`i`va>XFk5SjGZ$ASu@iN2vctD+PU$INSI6`-1^)=kJLZ>T5IRt6t}7MIKhXh7}6 zqGWem_J)5n9~-Y!*^p?Z?Y+#3FITR+gcdY0dNY<}kD_;15=~QGIT7jbU*PKG5nbzk z#~)itV#HM(j~SDBv-NH`jIaH~2K9Bn70q4A=NW|6es&7U+I-slkZdFs2J*3p2^h7SQ5%ji)aF||Jnzpt}!Wp{n^ zG_=adKIAlb?H47k{aUp0EOV|ML;!7JFzZ%HM?BM!o$`f`YpN5^nl3fa{_i;eR7Ddt z;kiSpHj6uT*x=ULQ*(pJ9zT1YF`}{R#fjK_TIA`o=n)kG((Ex;$|!DDuZz+GB^3JQ zDJy}Lth033Bpatq!~sAAryKzY5lKJYuo0aA5s^Ix@>w^Z=-37_5@sT@OR@<^5rUnF z?{fg2A_9hD^BG5A_zb{QY(DX@6(c$&TM!omFczE74gxw3=3?`Sg}oRx`3;DS9vF;K zT@FBIjDp43e0EywVc3k#CmKd$)WWnOH+o?;M)es1!O>s2p})%rNRG!D<`zW9sBXh> z9a!=V(4S@(TUFL{#0tpd9YQja5RVhLQK<8L(A_a0EV&3(RZ{USJ5R2O);QT{&I5q{>P}_3aFb4&J)t+GQ0aGS4f) z_4*ma@AG+OjI(DcyJOii#g|iBCM&L4qN|cUqXnPB1O=FdvpkKtw2C+@;T!(;zPf9D z+CnR=H_2s6UY%Xv1UJ=QLn6Qo#{bm@bG@-<>A6@~1lB;0K9!b<6zhv4qvl47Qq>$T zWZVq|(Q-ykLp8Ap#;V!e$(b<&PifAwQ>wZ%dLDCIArNG0w&h_PJDddA+T1gnkbU9G zV0g987se=A#_ljFHL!40_`a^}M)x!IIQLW|3o$IdcCj>~<;ez*Yh*^E52CV}s!$u% zXx^c^Y3?y5fKjS^if;3CP@f&Em^R$qrTh#{NlGj-0X+j3E151iyJLiwbFNDYSSGly z;Ikbv{4h3Eqk9}sQB1FOc~2K-EzLr&bl=Uv8}ESJ=XE$Ahonk{8%emqi%EbLx_zxCK}$w1E+bZu*x zI7h8&!1;l+uJh8A{Q|&r4|hG17I5z#g$#xx!rJ=;im`K=Rf7LivAS+xpejrIId2#l z?KEjG<0ph>dL^sn3M1rWW0Z1gV~PoN@(=*nKony1CC0hd>J=>vS1$Q*Djk@kt=R3E z501kswLDvcQYBJ*$%-=z!dRGxrz|g|2J-?)wgsXNN+n02!BbbOaOfmBVLq0+I8>)w za8{~6z>dZc+Q5O2pvG|C`3A_Uu>+c#w##8oR6iLrdlJGn-**RvM@rllTY0OdngRLazU<&il+IA#352h~V`J-IXac%a8n zYVtth@j%aAX~{!L#{*r4&<}zM$Aindk&YalY&=8(bt>|xMB^csi5i<^{7_YVOoH)V zOWteAdoB5QrX@$F=sr<;?h~cvj!esqWj)a;xpl&AjHVTrj@wSQjZzAK(*Lb--KG}8W%I6VeGo0ia zo3#*~#XAK@9nw=r=QNE?OWmmwd-Q~R z(^0omOr!gJoK)1&3p*|ab#xW?=;;rno;Gr>;>ofOc|S&-dTecacW>voq|ea_pRIJxIA`Looa`BS_+pbhcS!IY z7H*@GJ6-DLV06X<5<5pN+DI~sOXiG-_Tiy_hR_cS#b`67nDr@(2NWfBVdU&URV z?V=S$xpK$3aYwmuKU??hgIu?*!?C@Mj@`Q2_mOvkHk0UNyFXphEJK7E9_`&6qpntyRsXO%#t*FcYMp?<2QrW5O{fg$4U zCzes!T9-lEhw7>`kiunib1G&1;G_F=0U=CJy86ay%k~T4CWR>t`BiC_ROp()QEjhn z;|>?rb$FO?m(0>h4}F44Zrj+9$HBXB4FBueai|DclyYgT5LkE{MTwL((65uGZjNXZ z(Tw;q;+|4HSq&~J_SL9XE(pzv6>UU0ZdDi`=rkBd;35Scr3|SX{$3#b1_eUnthO{y z%VlE&TC5#diIkPu8vKk{migmQ(!=n&Mk$D`)#{8?tp|f@bOd-<%Ag&g zb6IIHfxuKP?uKBg#@w)ERO!o7&e;u*E0WQgYU^zu@@M{i5BYEN*pe4mKNMFe#?yu- z+$)k&&8FsqkL@HhGrK7bqc=m^d2!lZv{onIundvf{$Z5v8fXCA3#pSRb4Zhq2oQ02K@d2fFlasUI8rB>vi#gGpyBnqR}*HBA`sE+$3h?5bIzU4#ysU5q8#$)LyEPig*Mda}@ zbcm(g@0^!3-1RK7?-5H7dnq=J3u#4#HOko&ebX@H>?u}Mjd9*W`##?#{;_W-9>wEa zx}!Kq&>P&Vehu-6l#@&tQO|#7wb?jy0I!<8)uuO@uU*_3R3ZY0gttnEP2)u7MaD2X zuGPO)3^9Yza>)7GHXE`y>uh~l5@SnbOh=iY106f#^zqEkhdSbe4FZ4Ebh%ARZAbGB zT>@R#n1(*sj_}-Q1ek`DvLcgfmd?m)8-Um`Qk&A}`PK&uN%&z#9AKf@9LNs?kA?X< zl7Z>BC>i)oy2!s$j2s@qhz<`S$CJ@?h5)yAoOJ0hE$VC_sz^ag-Hptm{k!k4-gYEd z1vXEwsE{4!w6(YgH_&PWUB_nSxnE*DO9`n5)C|0HW#K-gu}P2#R}#QMvR`51j+av8 zOz0W;LEu49Ea`y*!s;ok{G145jUDC+yjAxMiCV*s%kZl(b;8 zlq(RJ>uJd{Nz*Cdz24C*2v?qS@s^3DUcDkO0?nc%DM+5^Dfwl#aI`R)FP|$wJ@avM z=70ueyjjL6rf~biiljW9I^-j*()motX(p4~1LNq^F(0d!w753Jy_EE2@Py~)%m$l;i|e0_C!YF~SM zjjwqrZlki7SC^+wHV5!KkgeIZ`5zT4IV+8spQ<`#u&gph5I^*t)a(^GMO&m(Hkt=0 z5d5zvZ+ONg|p4VJO5()6nsv<+2y9J8sCtN-e&;paY5Y ztr?uUcbby`5U=RbN6jF979=*%zcr5=n}DFDjpu*V%=aC#$q$>-$p%~L(V;CycHMDy z|Lk6tw_GfzM&+DZsEcO+PWcQmDkHotH{ZVg7PLgm?kdF=Rc4RhtbzJIfn@WTSpJHq ze|^;Y53)dQV&rOH+tlm(6|0F;X$Rq~ATS7MK; zW^$oeQkCrbmKWc#k}m?htTnIKTtR#o4g%%`x1gFKFB*v3h@qTYbp7tW(3sl%S*-Id zTVD@IvjIugHLqVxr5}`WPbA-VkZqCNcBhg~pN%{lE6XAzRph$GNvQGCDFz%QQZmI! zrI-@0A!!sPiFT1fcu^J3;cl((ds_wt z1~UyJ=H}W0jc?2ega7KahA6D=F)>l)-JhG1gY9rE{6i*}i@f{TPsx9&o-mxDy_L(i z?2biktZn*h%splEs+&bjK@|4<>7JI|t1`t{q+M1l=Ydq4)`DGN%LlF(A>S65l!bvd z0CK4`6u*Uh9YL<%oPPP`m;Y`vW{iM?zoa&dvZq@_T)Ts)RTsQ%-kV@~4XViWMQS>G zx%%V3qL)?u`ZHq<$E(6V^SQ;?_BB4(rY>#ZxJ6sJ)Sgq{t#DpQF*hn*3#VATw zjpi;-(gC7_Y}$~A_dM$ZVz{Rq)vbnB4E4lmsb}PDNnSkfjvZ`d^FROOlJJk$bwd8} zedFJ0cWnh_JTu3yHTYv z)SIOfB77}o^$ZIYxJd0@o3ZJ1E469_rf19b*|#VP_1%f%!_ zt$M=QH=q*#c2c{#9+GlN!fBV+Jm(qO=9FlgRBxXWvlyk|`a^03FQtB*S`6XGZPz_S&r44TW%E zn|mhqx^VzUXV><7QO7U5%dqX~^C?%oqzMzLEAPC+#22sC#em9>E`CYw7RijHV85?wdzApmo;8MXM^~p^Tr4o`$`EIA%?mEgW|io2!8MV0%@8T4@ppm zPhV2KicaZ<;3bReYr*ZT%0(TTK#hkT=#6+0GgUJ@?!Sl`Gc2#6bJ&~n1I-XDj={TPAzd~_?s z#n2iA=e)5#fi?Jwt>_&yrYraldL0C|UrDZUR^VP}AQ1ty5qJ%J2@FO4>FB$Ys~_K; zT%3hqFcAKlxtUkW2X8iJ&;mUgaFh74c5JE}zu6Vwb#6Xz>tE@LW&>-$J|zci>5+V^d*uk`e1_piTn zk;{;7gkO!)>dv6417&sdfazf`W8+Yq`Fui&x_OTE#1C5_M%M`z>Q> z*RyBcZrNJ-Vu7|~Ccq8#yW>6axa<v$C>9W zl$TK@iwc<%^ zltFDMl%3;q@6f`9+f&=NZQJdsZQHhOoVKU7Z5yYyZQK4;xA(q(!TTkXWG0jBJ()>n zul1}|B|^K9%J$75;-8dc17!{?KNCkm`zx+l+JC+wK3%7#7RER^TPoiL3fI6q6zZJ> zntKpY>(bF2tin73Zs$a5d!QTGkEQGim0309c-~4J675X9J9-=Bsi+p>yuS6IGt>T+ zTWC1!r~scY#zmao6q``47M7T0y$r+dP}b{!%ermq4{>1sf*e-fCxkk0_3&8~H*FT|JPllThc0qwdkeQ2letRB#Cp z=Xy$Wp4E2nT@gN?BU>E7=#J3%7!f9npiRVwQbA+^j3%BQRCbBgJSd|I`e)3a97N|J zBnRQ^UT;pU8MOX94{y*v;*6LXg__nAoR+x8IR>p-&Mh%*xCZpq3ivCi^|L%T;T%S- zzOp3|mBeNh-Ex_({9rf)o`l^0X3Vx)^ z-%KPFqAFNPSE6N33ZrwehH~O*C;*#-KPow)+Hy=NrTU&wLJ(zc?!l&VwHn-8i&0U{Y0ti^#cPFyoSG{q1=QPWK@D}`hK2R zzsXsh%ze$)!rxbS75vjkKy3bzVk(IQ%mF!TM$s0+&pd+Ywj?XzDTM1W9CUaPdS*^? zEEs{?Gi>%P>wts}0_%+ywt%m87*sBwAH}G#r6&I}SCdNDb)#b;HZ0H&Z7fX*lEc4$ z$l3-$H4*Cl_XDvp3hda26QB__hE%iIg_3?dK~cBw6l|PP!*Ey9fMzbMc}C6t&vK?P zn&(fpb0bD=j9rYLZ^denvH4`H{^V%sHvW{1UcCJ6ck1)Eexm##3Q_7|BI~#Pmjr)8 zxuywE^Q=`*T2s1*QH-85>TwLE^Z_C8?O(*htkHmhRhhRV|2B6bUUd{I8w7?p1L%=M zd>=oqZn55dC{%a0U_O8opx~QWGs=y_T?ZTg+RW>5-(xwWBYl5D5?9-;|JZMt(TaNc zcFfOjSED~tV`t%sP{e`Qb?gRH^X@1rSvCuyZ7#$)ran>yue{D$=*SnSie+bWS&O^>csiwXtMT2V?De=)TYLz3DgSd(Q;HsZDhQIx{A=1 zOP5VzLBGD)At;o7KVCw*gn~5urSnY=SI+Fr!;KJz%hhjsX|vAynA7>+C~cptDJc}a zg6Z=9CSWt<^lHQHwThH402xlEm@8O2u zKFR$b<5E(#K|=?(K|?GQ(%d1hQvVK9hlpEkd`l~=Q@b1D5k_znhW$d+U; zzA;EV+5Fj?UT2E*W9er>DBNVbrZv|SQq)oJ6C@X{^Nx=S#Py$VwSYnc3R*-gK`G=A zEN9OAT%CDLTGKGc_4RxtOHVu*2^$B)Cs`dVu`&{MLEP?xUBm=4lR!0j7kt4P7pZK) z8){RDFZdL0Pz*y}F4+F-?D*r!1=w57nAKCB(}j;IaOT>qsnnNh^C4 zOKA+vhNS=vc*9$)6~P=@Pf(xK4*NPiftRM9pl8WYLRL;LE%zEIRAspDGZc zd)E2g)u-V`e7ntm0QsE&xrsE#k)W8w;p%;Y-Y`~LCwn@T)sH)CaFt!6s0q~^XIts& zc*HQ_IUaHhHI?C2KIiE<4rrXo9&PeLSVSU75$>t=CX6AcfqfZ5_$dA!O#9?bQy-&S zxE3!Axkm$AtePtOJqfiI^Lk3RFLiscN)iM8mkG+Xhw0UX#4a8rNbjF;39hZoBdM~J z(QC|w$HpgkZlC|l29rUK2GeL-W$}7jX#IN+(RumlPOfYm_rQAANwn-dx5Wv7yKOnx z4+TkWNdX^U=)}A!9zAvm=?paS^a3HwCIsZ$%v)4EkT-2t-M{5cF18kYac0?K+BLP- zY~`WrC?U!@*B-~pHUZ30elbTG`!VY-6hr_mJbYU}bi|P*V~SFcPP(r3grxKqd8z>x z>kr3Z|L$T#OB>hY=JU|gjf6z_)byoohRCl`6C<#-uJaQ+X+LvPgCuE$tz4QEv?3GB z2_pAimCiZ(EAwvLyr?l1s*eyru4d6Eu7{`beh&1(-Y}FyumCdauo2FuDpJD#cE1*F&d?$Q*p|yI`6ByJf8X2s zp25J&N$8{N%vQcA674t-ZiQs%cm6tZyc(m>=l6cQ97;%km@sB}4`cW`dK_Xpll9v< zotus+PvQ8|X`@xvEMdQ1u`{x7H8YElvOV;=KBW7%wMg--_p38d8nk8%qn&mQ<5TqJ z{p=~_g{u={?;c=mQ8Ep@`o@8WDzRX@ygg?%@_MA_5g=y))V>PD0V})(x=aHLdYeQD zga8b5D&ij__r<_XeIg4;GA(?jPY>t{MQvt(w9ACjew@4rB6C}Ck3;aMjR^qu3CMq4 z7SajWVgk0Y6FR;2=im(xDyBt;Fpz)^5YO@N{f(dSy)%A?KzTpc{(bfFrH~~^dE>vT zi8A`)-=y>1uLyheDj@0i9qjxb{s4e*0_0NWe%Cv{L9{Xuhx?CweC92fk8FO%hqW4S z`yr~Dq-ObU=K0NUk?H$$QhXa)X%QmyazOa2Z^4uhlzxkr^S2Dxsq$%Etf_cpoXe{B z%I!Jok5sMct9V*c1f=OoZE60hM7jeZT&di^F(~;#DyUrMv8{W7FDbJq3^2OGwksQB zsHgtcGN*55v`ciDb!^*Asl@+~|6|rQc6=%}t1nG~>4IanZ01-XERc)AS>!Y>IO`F} z&-L-tmoBc>Ea=TM|0V?*T^=C3YBA;9?Mke_CIK?_X(r{N9ZV9nFE^PJu~*sl-u*0L zSnUo$c+@(eqo`GnT55+m`)t2%ld#(NhG?9QqbSxkD*-Hf{8ytYs;CW%Pr6u_*x)-j zEjG>(V_4j>;7Yjgs}i3h!BAYUZ3@T!!VHW3FK1HG}1*WT#XE%?}yPP#P_74 zNFV(FII-Edk`K2nMlYvF`6&wz;Od93v6=8LnG)LTH#|V#K;b3JjC54)A=}<0@`LdJ z>bU9besfCvK^Tn3XN0p4p}~K1Rxzz$u@A>NpxwCiJ8N;^HwlFyCz}1eQW`qVsf!uN z89|GZfJqCMdCQ4^z(ihXrDNG*aWoIIid|#tgRM zeS#N2*l&|vut?}0!cM|4ybcbX0zb{Qi{nsQ6th}~I!Omt)P?n5=j_>-y_CTea}ma? z?{62cu1@v=<4#^_RWrNICmAl6GDsH$|t_M-ek-rv&NJApG$9Ll3l&r?#_(gNzv7N1Be4L_l{u# zN{ZD_iyS!IR&?XxOubO~+T3x zu*IeBsTaB+H;qsv?!)>B&$m<83ZM*P5brbghP(meN8j*Dgz?tq<`@c8B+Z-227586 z5k74rBrd<9zp=Xuc?+F$9J|>8{dZNWBBK4wylFVGYMx!gjYn6c636y4ebHXLAURxR zFI5`t#f|G;6vy%Anq z_PyMVr2H!fMQy;s6_LCBhQ>q~cYqKF)sifT4?!tnRSdSg4+rmwPd6?dDL1LnEmj;d z93PzR+s=qYLiGRk^+(~(-vZZQwDm^f9Mpt!8V*?@rSh3)^t9V~%gAfi6WiBxhi$bn zz`h|FtU`ZQhDVwB^#7s^a@@TQveq0n*7$jeCa?9{y9qI3ca#!GX^qG7)CK7sh8Ycr5Fqe+*!_Nr=zSyxLBlgr90=f$ijTOu_d6tOJ< zXB*Ax1mhEE!^Z1}QI7o1jK8kyUVh@aTI#X;^c(d8{kMp0Gz{!+NhB?jX_}dmCTD<@ zqZ*aW^6_}m&?XWD5AHn_RE*V`@*G9ip|!$oUr73+8mxG{l0Kw0V#`04u%Z65i7J~v^CFWa8zf1t zJ20eLA~er9*70HABrNd(s-We$_@h(wS=qBUAJSqAHvcuP_wSYGSb;lY0l&zhb@qzq zbh@#*{o_sRGfDRDVu84N<@=$X(~jrpA3X81i5!~`Q-es+^}#~CK)MHZ zW<&2ECP`4Pkn{OOcOOn>a!GtvdcQ7uktsiN8bVGo;ezpu5x(#Dhhjcv{zkVVerZ^U z9V^vds>=qejR41!KYaNAWYSdzDy-WFEuE$|q7mcbALo9(j$nCCN&lWcKyT<1GwIkh zAY#i0f(ElvT5ZuatjPnPrIdl(ok(sOI|%b)$+4J35?!W(h)0Wv1{Agc5>-JA|Dhz_ zX^W$uUnr@G#YRW()%Ek!q2j?8l!y&IGGKMIvW{t z5k7*j{9X@YGo<2rvKa=W!YKY=APl?}Yj9v&sje@mn!ifi#!&}@Pwb;461g3JM$_)F z=mmd`%%8^2cPr+PhDLG=Nns~w))3++OyL1{OVcj@ zxQbK4%7tIEnUFWFqKe7<#Zj;!fj0Ka8)z_W9^=8U4{9icbFpsb^xVgRMm=&tNX1w% z!i4O}If<1kkuvdmNtt~YnLPJ8C~4&rX7_q)na$)r6~53)+pG!WKc`>R!zKeo24zLg zOoEX@b+A|9Ox7r6e8M#7Fn4^`ynHf_3Do#J6%Z}qqJ1DhsElv)=H^u&bA4A~iTa6V zm}%^lB!yiVW#+GT9Vg-LDtgt#fnvNe*}a>HKl&N9=6x4-Y*GY4Q05L>k)s@hct%wu zJnR9;DZ&;n@W`SNa&&SzN4eGknrok}(wPmx(x}f$298k1fIV~CR#PcL_oFi; zV?=&dY@ELwI(y=hl=d5u5{v7BCM(xoZQjoOrhEbQq2gD-%HUb1#g?eSXP-tc z&y^1_c6*E~m22&{!o?S;%NzGX*{jf@O1~vU4EDtSiIqgRkf{C_^o7mL&ZZ!&+Om7( zy{H9~-Y{X6YC7DWCI{OuPegD-s7y?;ksC^-rL8 zLi|GNk6n5B<4l+D>n2Q@x8Bcnd^@_}4PMeBrCjz9X5@K*yW zkI*6L^7WpF@jaw`Q}xFKmdf7^T%=RBVHXH?_GXwY);P_O@O6Ss+hGkFusnoa1`tR( zMuT*fVMGx>o9C)Hbxe9vETIl0C}hTI-KBMv?PzbU5{lIBH)Gr6D!UyOsjb?`H@<9; z66Rw@Q2MSG`w_n>?K*mh%#^TX+bt6?$%2Ozn!_FvE5WEMhw`wT27}sn>E_Skb^8OQ zD_n-9jHPz%k6~cB&~6vw8#=v}Ecm63sixX6a{i*R-`*A%x;CfJ@Mau3rok~Cz=1vB zuxW8z1j|&UkdV=-!Lc}_!tiZRx4@%GR66Xa7Aat|8i?+deq9E!4h$m< zsDTyRa(uCtTYuorGKUpDlM<;|q@^_|_yk0uR za_0H7y2g|p=;{;5by2kV`mQR`8OiO{-Pe~J3_fBP2Q@9lMA#YEAmF41Go?x(t%So( z5uZD;9|P+0^+oF=DdCEWO+{VaGkf@LAg83g|F-!iW7b2;ezRAx1c_+4`m2#VWE7g& zBO6a!t#$D8@@7rJGu;-lV^Vjgec>1qC-ieOKRJUK(F~~b}Y%8uLa`qS^ zWA@+T$<1ZrB^PL+-A72c{lh0^(xPzUqfETZ0`UM+lQ)*4aSG|pA`?R!V6nN#I%?37 z_u)8xQtNFI^A}nJ1RAlZYBJ|HKB1iJ_#K5Mu3eONQ$4w2waMcUKI7ZaQPYO7)-dns zl3$PF(JkG^jCrup9J%X^Q93apJAT@N)+2+?5%eFf--sgk8N<|chc^aRM`d}IAsW8d z6J|cGtm)eHjlSSTYLH2f(6}Y`P`jd%J_p-}XDAFV7A|^r@B9pFZzk(E3e)Kg&vl!8+ zm71DJ)(*tBH`e+`G#KbMcTKzS0F(FEL=* z5S2GtAQrxF-Cmf?hH!oP?u?%=+33hc^Uh_n{f#y`3r{uEu>4qfYrkR!aBSPY91vnB zI`AZC-b20!=HS_KV;5oHl{!4$X_BomijEJ4@@GI$DG)ZkoMBLR17I?Zj#)nMuOp*x zps~T5mSid;at{6A@rlX)cY;SGSpf20Zx7D;yL)mUEq|oCNx@WFm?g!?NT!g{Kog3M z=)o8RXLW}uX@d4aJOSK+AbFCO5ok4unL=t-xVi{D7mUv0pKG3%q2yof2Wp+={#$ZV zt`^6sDO>B4=TlXxO4Htb@y`uO@nr3-X}@aEs^1;xE}Z5VAm^y5&+8DwLX_=~X%ilE zE*XkBe@TWgxtvL3{oCO$#!ka%H-wDl)gzE0e=YA0i=~j(WOZ#m~l6P=;ufsOwp{<0}ill2PnNa>&Diatox7;6Y=TR0exdN1C4nm||PX>bCTs%q-9blRB zY7{9R4Qk)EriE6q(!nQDMyp8@@~&So$KAhPKGY zukGX7Mff#lYE!XLnuxAeT^!aIxUuXQW!(ePOW$!Hjoykx*6=YT`6}h0=BT52nSf}CJ$q=Qb zr}8KWYDorGoVt@$gNV&7cFDw0Hm*q+%3krPy81XA$q*nN*_DRet02*!46O zV9u)+1^*rKn)!!6HbrQc)`==v4c$KsPq@|v0!OL6;XveqvI>LuKg-IB#&)tb25fA8 z(_VcB-e`H>FGI3{Ut_Ajc*MrKl3Hb6vp`AU?1ZHV9ru9RSm<5QjMzyf)l_ITvj?&l zP%RE|?15q1nKtcaL+9$+!)()WLI?F-KM8r$sPq`ZXDW1sbDp5_nfHT;%`-|=78Hrr zFcwoM8}jMv3}O+}+Dv5ap+B^hM0Z zloHkQVpk?zPMI0k$*h|?6=}Sb%|9qyJ?N^$Qfs(;tSz}sgdY;Q1VO3@;9+#3NH3og z5xk4wX7re=&&ynqoD>B+wMlH2yP=(NuG2nFGn zm@cDeNfp;Wdx|S_FG4u+0$;il=eB)e2vAXF(nt8ia4=qCJr-1)YFN+cd}jN&Tqyo# z9D{-4&6y*cDt}`Ug3Oj}i`QfF+q6YX-*9BRK=nH&l377@$7zkpmdzwC1ma+|Zpjp^ zz;3$8w?7YL(dIPCecv4cSgMdDXTOm9u8#g8ZE+mf!CpAN(N?0=4;TAv5n{Q#h(5Km z{$&RLllK7Y4CU*FIhkqp;!?esL_!e&oW^Cg2PQDY!uw!Wq%Qbqy~9bL)P!E@7W4*$Z$;;r zcTdQ(O{9s6zBHMwRWa;!!Q`IN9)O?#6$C*L`eedEJPc+A$Ho|VXe2o(3q?SCU92F% z3aDOLAN+2f(%K^jnfmt>KE z?rTNWM8;!0)2V{qX2QCOzdup21^Y!%ipYIp$t9X*=5lbXcu-Ds^sT32iYD;9Llo7fnb z?aYP4=bV)CARWI7E_8~_rZ9Jv8M14Q$fjyBJa2?RqaH?8zRfnd|Kt0%sd_9nKMs3b zf;xBq@TlZ*2RIq0qRCt$Ge<`Bq=uY`vy>_fx*#Rb-Qc@(EawGPt1^{Lzf^L{l%ezG z6Trc&Wf}r-7~Ihg#`{O8tZYM9o~>PI8tLhdR}N@ypgsXDv&xG|ax)UR8A;HMaV2m$tV0bmVj&E%^Bzr2Ls7#k7A~gyN1R zY%miov`4&py>QacWf(=1KE$I*xXbmWEo1Ds!5MGVXt5U)9q0yc_FI49CFyR@@t|uz zbOWaKh&o#UUqvPBJZOm0hQNW)vOFx2((ZN|O6_6Ifq4s}nPiUTg-D^Hk##LzA3KNA zf#us*4cvJzjjzF+!k+kXSl>2n$H~(X^ORsDY$?Tzo?suY`{5I1hTGibw5B0P^k!*q z&4!vSI0)@cNznH(SFu_j;%enE0)96cROT3}UY6guX-TLI{Fry?*BW zp-H9abQD%#91Kj%pKM>A42^#K3;g0^Nh+xLP|pjz>4Zrz%nvX! zg*ze8Kzrduoa%V9fFi2*4Ahu+Xenin>~Al$;z!!LvJc9Qv5J#Sbkyv`X&$;0i`ErA zp(Xim7z0Y-Yy0gQCm(W@FICPuq5j2TEYth&InnMG-@8SUejmu%82$QX5!?=_G?J{M zA66zcmH1Lq(xQfam8aZxcN|BC#GrRPU2FK(OO2%H%WsD_AA;({$L7}P%?8)5(%@A{ zHf@R*f`9k}3pHUh?xD7j_72&PJFS0S$9@}5SLl`Qxng{@mboh~OE#$Lz% z>gu4qw()uQF~8c{n@VprJOLdaJqNcDD3zfx=md&zo}^%py0ab_mz8meG?~o|g>?O0 z|G0q_ww0JK_SBOu*_MR6`6kW`S@7>e*Zk&$*kKDB5TU;xbzC&QGvxDoXeT}i8lA7X zhL`ArM-D&nDSld-9L47uHs{busmAkZ$_L;S1*V-|LA(Pq(CY94UNtG*McK5)Un|z- zr^m^5Pe>KPgwM^3V*Z&+bl_u@p5`!pN%(|Ghcs#P6hx{Aj%ei{n8QcSYDYkRo64-< zJ-cW-4*(Y~CoKGP$o@7?g5ebWb`QxPmuCBMBskVjYBVC8v|9VncWAQ^8$*7o-0@^E z$$aGfQy)r*ru$^c(Kf*1Eku6Bj1Jar;ZL)v>}jbGju(hCo++yi;lCha4s zC%Vd{zU5qcrn)K#_qwYld1ft?8u}+{OUPpLIIAc{YL#7s^SOu#$3A2+F@d{u1j08L zpNWf6%^yXyxz@4C1o=1H<0?Sw^nODdks9eO@OrPi@&j*^WE9L3MIFCrj$|e_%#P(S zbTK5Fv{I>R{nu8o0NL^3WnB>ulEY_3p$^985d(~IH-v5^3!+$vA%@Nxn&0M{#C&uiUs9a;^|{rl;3U!qm}&heW`bRo?#??fr5nO(m{3lc=< zBBS_toW^j-#UGS`%DF~oyt+6N0))m?74f{Idq9(H9qji`7P9OF*+K~cafQ!xP#W8x zXgq-q(uw@qvH6UlYcN&Fb|*gJMWVsq^d^=h@}C5@LO_iVJDO`6P}M>CnvO$S4sX5R zU%I>zUxuG@J9gU>%+fcW+*t#)qX}m}-^Ra?!7eJHxpiZ%{xb_m(ZEw1(Yrx&Q^bgk z&>^KV7S3%Gbv6E=-FSal;v!&XIr^@To$0M!iCy3>lWkCg?b_~D+o*8*ltrvoKknKq!?m5!^88j(V`Pf2p#$?&UZA2M z4PM#aZ~O+3wZY>l`A8eF7Nn^&OQRVQxUT7QCIM|a=irDfzqAsnglMWKo!x4T3j%P| zz!y)glEW)B3mf!8munAbWl~X?D;$m#{(z~DlT-t-v`|PlJ9lD-5(n$HNUX%|*`xj4 zq{YO#bS+COIxk}nZ-hcvo@R~s)m}^cwoya-wrKi^9x#Fm0b#pg=fQf(P@TARtMcg0 z;>C;kJgH@Q9uK_xm);_>VA?V^6dWZN-{ z@T0R^1&N~?sC2@=B7+>0kP|Re@5^VC5?pGLUbk)v$f(@l^mwXXS(o?;iDNPH$FXd8 zd4~$e4gK62$40yjRM?paSxQCu5wQ>gZFaVv+AJA34d$@lIDXq(YbJO{6PRBm;plY{ zn+vOwRrcp_@Uw^xB&fk~iBSHOVy#j1$4PWBa%?5__Yh=a2N6Wyr`iET!>eLS?^4m5 z77gr%P)hxW>i-Qh42qOL`0VY+P@wBh6sC2G8 z4g$`+N;UF6oZH$F}E5q(h#pPJGQsL*7`_< z!EtpV*d>anKN(;)7+Buvaeie(r@fTNY>|mCa9b{K>oF3uj~@&p4~^yc=+(*8|2>p1 z3bzzO%pzG46LuXt`_4mBJ40VPEhld`t=CJezrk=@a?eY`(cp#w0gInoW^iZpxk^47 z0)^)43k#G|6qE&1CM6Z|6%kOGT2ZQ8j|ly)uVr zD%(EKekUGOOLyoraCcw+#TQj1BvBu~EiYmc*^Fod)xUP>0G?13-Y8NUVY&%DVNhE0 ztCTS ziBB{0P*|$#Qe@M81ly6vD)xR7o7bb`xm6VJjCbuNxUcIUdyBHC8FpoQ+zucsxYxyJ__#~&xb=Z`R1jYav{@{?Nb;lO=Yp?DMcna$Xhgn&y4Wi zvEASY4vP^zdXv9`bnR%zN?0cuU6^Z;p5*-<`)j_iiSH0#X!7eiN|CvYN~tW}_uXb| z!IoG9nz=k0Mnu4j9=ktp$9)1@`A_2{7f+67r-psVy=Q|4g9c;1vSp+K4J_HT7 z7jb`B=HD?;8L4pp6=r8W-27hTcVGC}5>OW*{re6W_$oTT0tZ!DF8}xE$gsR4`2l=w z2g<;p!Pu8qq5CIz)OF1b>+;!wQA;T@8;KL9#0yoSHCyFEuW7chv`NWvJG?LGpnQ*ZhDKa$ubR2Lq8SJSRU%26} z=r{Jhl2P(g!MYO+8EZ05Was5Le}3_p%?&Qa7k+@dwOR;w-;h7A^tD{;QuNYVR0enk zLQDCaf6-q)078o)6`SyWY*fjtHs*M#lzi?bRKwX}c0zt@u@m`?I$sq@vq(agifktR%|7OJSq8bz--9o%$Msvk~N<0hBP`dReR{B5X6O% zrYSJ=7(XKSB)#^v*t8RiHWF%j4PMSRdP|9eplHm*Ku?1lcjo9Gfv{Id*)O&|3Z)X2 zn6<$Uebh#LliTc7*GsA6i5hZdOVpYN)!t6O=r6FEm+Rv2e!hUv4wG>X6-Ip(` zF%E%r{k)Iy;0OvqOmsZ0-iCCa%|>0OP!n$&UH9q4P7`YZ={F|Ihu{}%KJ2ZUv1k24 z&4PZ}v&Hx4!iOPC@mLlfx!V`QDeU0EN)I;AbKgRTeG)eB*d9RpX{g(~ z(_@v7D>P2+TDet>-x_=lZD(0_;C?El`kN znwYjTx3R?XU0am#UOS1VmYZDt6Rr=~(@NuK`C)0D+aAZaXi-^^JYAvqwNRlD?;9bWG5up;~T}gk}r^?eI_1MUtFS172+FcvTJuOuV5Yo>+no_bqSi9lFNXZ{0x zIH+E8Qw$FhwJ>M?a=w7u85?Wef`Wc7QKy`DW|+(KYPr}5b-kbWNfUx#oCR7~C0R5u zqhfB1byiY~)kGaRg&|QZx(P(T46+x5P!-r=1R^h_g@VCz$i9#uA27hEXO7926PR^i z#Tyr6F0GD85+UeJatmq93vo3bwTH+OAqXdaT=^ZV0N4ny+~9UDhV9&KAJ+nYa}>5L zGhRY+u-exZF+owDYAl^}E7VhYJu4k;PXQ;B{SD3Wy5tQvOS8X!xlms|4i((uA zha4lJF$WMp{ocXd&>akX&$qVNwyI(}Yh(}ZMBM#Ix7-fHIw*;3;br$Vg<#DVNzo2m zJR6#ZoDt#t?Y3E6OMm}5FsqkXE!)DlNk3*Ispe6aRXm~&FrlyZ@MI`c8dOmrH6laG zMX&{l($X8EaF>T@+F&t0DM@#3O@gq!Do#DLw@Jw}!VpO&I25y4LT8n|yqR3JRKgOWyVXvG}py)ks^|wtVi(TAQcZ6^G9ZJVUDIH(?d3Vt;=&>JrkU>{D z=^zrG8+staBJ1ZOe7SdAH=VUkIUrUEx!>RK;>CFAat>ftv#nh8xt9>t73*vRsp_m%maPNe&q&$n( z43@&mMdp;3yEhAzW@hSY6DX_xQ>X)I126mLjIU>Fte=e&#Gj!if>a&?@JSy(eHFVU zK1sX_UYs`$3#&~S1Rsrf>eA`pa~xxS(ipm*!bcm#_^zyKwoRYmCG)1;EwC|a`*WOH z5&nf}M=`YT?H(ZJfWKdlf*ih{rcqTJzpv<*u$0WMOidh-Z$?t^52o1#lpa{B{uA$(9SPR?oFBrV;8*?OC}e zkw)5YFXH zMj{N0y;0`*tN662Sso=_HePW{eOvl(Qs1rf++3N($cC=uq$-&thwiG@Q3_ep-8L=6 zXG;)GM1bN0x-2!P|M5!&pzsw)&Boa5TPbL(KM3P+k(t6Q z;Ml98MWu*!^Yn}9a2cdX1GbSa)3@u(zf8yNQq#gBZw&b${v}xsk+YJ}*Y`a=oBK5X zyC3B=M4Tqp8C|Yj^ikX`SOa5tKFS|0ha8|i<*`-g4j)14HLp>RIeXa{mP#^U2Ea_) zK~2c&yRT;XOx=#7Q`GVp{Ph8GBUM^XE0IOQQ(u{kP(|1(mx8A}uOx_@Be0bD4%#*) z6+>TQBvPN>lhPn?UMgfqG;P_Is60)29zH&Qw_@hSCWXCiHD6s1x=VqA_{iC&)eaVv5zr`3E2OH~K2eNA2YsecouaM}N9on=&;~GQiB@v#@`mM513Jw)ah()(OavhgF$PbV+3Vs{{ zQNYv&MfO`Gj_1^$`|bA#Aw-M<2(WCgc&Uvmzph9agT*-9?H&*-FWrjXI>KPCj&1XB+c8|C8&?1 zfN(=b)W*Dj;@tC(wLA9mI670-T?xZkb3h0^ex=Am4kLM4yPE$ECgo-aIg&r;{uANM z`+V(4CrW7Hll90W@N6*w_BS#)6(?}F20CIfA%FWc0;7@YD)W0H1Eup~pf(5Jj=kT}l`G-PZgLci|#p zX!wq*$SF9R`R%q)(vcUGXv_J?8bv|>d7E4>Q@=P%kX;IEXZK?kh0f_t+KX}nl6jxE zq=#AR&pMUEZubFa3d+yS(D(1uCGi$=q7#C)0jbr5#UAwyY|YGg_JO}f>eQt3*-*HxhgD8Fj*yIX=lHjL4-|T5 zR_(67zhoG`2q4|d4JPLr2-~E#n-0|5`88gX<yPah? z?@}DQn7fmy_MDF%OPyt-grqB-Rxk+BKzbC`E%8UGlA)D4bvq-2$jkM9d^}i`W>491 zJ2oKRG%X~^qP>WayR2g+@--W`Ec$6*iFU)_VVz?1!@8tuOuXe8;-|^lv z>IjVZ)UF+XI1PW=+!9VE$=qGx-kv%>9feCU_YOSPW~24w){u5S6JxCdQ|HWOrU8LUvFr@SEZIF`v?clku#zi%u_ceS~9w=I-u2m4?$&H;_EAwz`E&h#0QW9+J=8OE((s- z&b?!{bf-0Lb_?;U-2{6XMA&IVDZ~|@?FqS@0vGPoN>*HSP`vfV$}X81eQLjWT64L_ z5~867#aPZfU?71+A(n5-`5mGd8xkwuMm}BunU}i{$@13%wGpkYPeG&S0c~a!c}GzX z3PjWKaq#Ob@;KQVpZ?~Gb^(o)W3iKpXS!-Q43xxqI@{1rcw4c&rEh8EX#7av=iiS) zddk`#vLvm!HsD)a+o`KFOyG)|W1Sj;Ja~cZ?+0>&v4&lYriK5KlkwF%gGEb^2S2Y_ zU)M?7pQ;0}$D30I4e`-kn#tRLm{{<&4Bz+Xzm1_a{?O;xd*%6BPWbFT4J=@Dv=|`1 zY>MdYdmBYb90R34!=iFX zHGTPLnV=A)V@=Osdm{Co(jKzR827MQhmclA*l;Kl27OdS6}61yE!!Za(99lU6Tky+ z!nshQI*`sOh$4+VrL?bC9IKjtlTIqd(ytk~W}5~^aqa>Ll-YuuEIJ0*mGIC$V-w0+ zDLhqNIT>@GE)&_&W9XuTN(ZUEs!3BJbzG3ys3&5|XO+k27n_!O3l;M~9l-p$kOe)J zx%Gy!7**_dy#5PyvdxsiMcZ!lY#D(9#OZG-j@zyy+wckKtsxdcY=nTqhs`lyM zvs074CHq~x2pG^tX}Zkj6l87*)A3#9Tcp7UJ^K2Tw(F~WFl9UdUfQIMTx1Ahe`S$Cp}Yn zO(oNb7=0TZZN@_?(0ud}*z4)Z&*?WWdOqB*|Bj&-t%L#-XxRlZ$hI9lRyhQxY;UyF z7SYzO_G=_Fi+0F^5)Z-%O$n)F9;sl$q!z+}Ar=-7Y||!l5+&1%$Ek?I$7^@x|jeMDUH%&PmfL)@Bd-#9iwZBns(9H*|F_p zhbwk=Y}>Z6W81cE+qP}n#*S~^_uTK^JMQ^=epJm_-92ZIUaPCS$204xf>D*I_HDOp zdrp+G#UX}cpBW%M93Voz!YoKP`tw;yC1LFX2TURNw9em7*0<=$BvSuSBkkOr&Q4l+ zqAKf%+-usXg>0|=li^70fj)pKgLS^k&!5y6c)ZY<(e(aTTSG6G+gH-z7Yk#hMH z;4OUx|B}_N%5cQLZpLEZ{kelOGK{;c}dA0w6a&l0sQ21S}$N_bAG zK(?pGHXS*Zse*nnh;?Rx8zv}okDQT}id_F<2HXv?dQOft^fE;Dx1(5zg=$y%1ZSi} z8=pv#+pLw&;^+TFA=4mxNh>N5c1`;sBFi)K>y2D-jCK|{X3-4 zawjZ*>SGGw8wGoJ5Q6k?W-j94WTz9V3cW##?v9pYnLhDJ2oZw=Nl{l8Kwv>l2|Vgm zE;$czVXMvkeWaYAS>GLfyA8GTciCs^_}TI)rhY@zpoyz?O{ky1w1$Au(kt*VanMWB zFnIurthSGxwUA+Kaab5|jA;@nE@h7q+}eM0xkrZVulf&9TbX)ibWv%=KNU_|DFcK@ zU&iI({_X6>uzQOzy^<2A6=?jq({~2H5ojPi^3m?6%9ZPM8gl08^GKi_Ww5lny!{DMH#>X8A>i5uEhYoaWDTNp`>IMrY+WDxBLz*_6n&ZN7Mk zcJmjQl3()7r{cMOCW$;%p^1LHVpYOE3)AyWHSG#bdgY)~$|AI%EY0|04dUh76WwT{ zs>D#qpNs;QM5?!?x;dUV4QIp)JPqav$L@?=J{sUw*wzZWED9BT5hg-8g@nWJtp_yy zRN@;gB@ciGK$g#Z&P{$t2N{dC*fMw$%;1G){WW`kc8zTS1A*4w6mK2ba=t{Mj4sRK zJhXRe71FelVqs)%_>mCmthWdFnydDF;u2IJkbz7KsemG4ylfn8i9DjP#qM9={dL7U1Hdsca&N=i@(gb$a5IOodh1lv5pCQ_wbkQp(eIhcw`mA@ciX%PipjJj=u z#61vJSNlwwAF76s8U|kB#Z)xRTP%9Tr{L4c*Q$zqJ(g>jV-`*Q`E?PeEmv7sz0HPj zjQqLh8b^9{RqGy3aE(Z7SsVtuPe0=RJXRs;w)EZDt zOc>>>-V7rF2~xg? zUbWv|Z=iIrp-^+%e5|@f?Wd4>@^I1*KQ~g;0&*U^jp5{GdViaFGyEn0&@ETD2D0<5 z0tx!M`F=lS`}P;qOQsD=UA1veq$N)qm1T^RRY{%Wh=chm7!yWT=09|bQWZXDlaZB` z{rQx4{I|2Pun_g_<^J{__%PG+aUU_${V_nm`#yDM+T-)~h|t4d64T+t^t-I~ z-_%(^Pg7fKjFG3th5~qZ4z`B{Sy(L@TyNug=I3DI-Cq7fOUJ?)hEF>0-!9yaY~Vu+ zJL`0N{?Pxg>8rIoM zK6RuZ$4WwObf)1blCAB#Np@BkVshC2;&k}w-x`NPKz1)@Kc~qlPOlfJ`)x@d3sW<0 z8mcUO7xvVhKNaLe_kto_`S^n2uX@C^_!$d)b{vML{>KvfVFzWguJ0D30SDf;t=wul z_xNJR`QwhPDO^@v2?Rsal3~$)3>-Df+Dn&xHNIY0S+DN(o?DPh;O@pU(cqE%_J3jmF z4+i{q4_4$`eW1GI3QaAJmP~a5+`moYV&rcH2>+w1+z_`bIcztRh#r4ZM|>2liD--D zR0sm6kss|}1Vmmt5bP6a7bi{W4I_jVoU4ARY8|beMUxM@w5iLE69Kd6Kem`kqz%gN z;JUz4{rB;T#oQ;S#cRdsRi*KS3y9D|MkS}Xr>KL(SZikCbeNnY)C!pg+1OL>+(2Cm z4*6`XS5ThF9j~{|53|TU*$<3)XmokLGnPoLfBmM68K=oxC%lHD-lQe}cpBz+S5?-@ zFF>2jsyp#cG5yUwLtT7g3srCR#EAlv18GtF$q|Q&8lE2e7iXk7G-K@0Cz!5owzk>| zJkXMi8AE;LsG>R0mCeM`sbMe@l!pb6EsGWl==?xg85vOuxqK~zO zQ1}=6UO<2c&1xU;J_sJ}E*8f5t{%4I`|s3)K!>4>bH9BKAaYRwt4)EX+&Vtx9#Xa7@LBoPjeAcCndYk zv7nI{%eFiZt%PQZRy?5Bf`HeByn(Ry_jhv=*F}DdDOrl(r>s_DRG{-gV0Tb1yZIv_ zmjKvDL!NI)pVnZbo)7cS0Wfc z-*oW=Kos3emC!A8O7 z&DmLsuIJs5+4pPolr zy3ZzEPrl}!XAKJ+&4!}od5W;5+CBRjF$U}xk%MisO<3GM55V=BrIp}8DQqM-1?PC# zEJ^sNrr*Nmv-qu=O|U5z1y)lh_{a}!T$tZGtb zqG0sLxhhvRrpmOhYVvjQ#m`;(Yx@CU{p69C@BRTjc&#>hQrd}AVs#N5DBwLf6c3E|~LUoI|XZB~fe^!rd2o_OWqqbPtN?^sA zWaPkS2pbjqprbKXT>Lc5K6aV=9m9^gqt6a&@$4ZKk2k6Ycj_;Sxmf;>hk*PpkCG1Y z_ap&Zf`Dc6xiwU5oEzhHSxuDFbGvkj+>Cj)yf4Wr_|J+BF&o{WV$QCotbGs06AkJf zVh%KH&;?58_pD+b#e{R)$eE^x{Fl|q6X}wsogR;nK+yL0@Z?PUJ4Vcy#cG&&?wESA zlX>_3NF-bdi{2e}K`eS0>}n0$^A60N0Jl3o>awmOP?d$wgUrRLvBrz(ME9C^x8y2F zLw)s^WE16MPsdX0&UX;Qx!Nl*+joY3m@RtqW+xk%latIicMXisEO0E<((A*kt6^Xb zRL@}8kaioJx^XQsm2jwMxX+orvzd?(zHFJV$Az2dWl^8%Z?BtAu9vT_$FHvYFWS$Y zqq&?I?~aN|L)O!9AYz4PF~L05FU?{Hb||V=8dybT{C;NA^f(R#C&3~sej_nxTy%oV znUPgwvhfwT8na-qHjKqVm>CkXH(;1}A-oL@;#vA7rw42LNll=3C;;V&qsRM=$-oX2 z(+XQK!}zx=m%UAu3f&(dqY0TcDx*t8&QAT0%k0a5gMb8gfPdLL*5T*yCA_t1-kQje zwlxOxzGej1b%wYJsY z+po`*y|qH-9jUc4=ynPB^W@m6&5tS3?kK)^SbUE|w~siohJ`$ev*BrT`RPH5U)BQ<(aTA5}P6%RTV4{p! zxx3UtKXBJREq!HvvA%+z6;y+cp=HPKGh&bo??I&Ar?s_H@m4z)i57m2$w=SF+vO#n z#*{rw%nsq_p8{4njx)6-rW3P0mDXFvEondo#xMex_mU`+G|EnV=+ruj}<} z=WUUm4dR$GC>=j{T@EgTdzZ8KA)Sg9jvrAStsL5_2-%!gJkBlywNxVtPeGk@9y@jq zi)Q7YmBmg|PM8gI>#?YTWx5FPb=i45E@}ouU#9MlxO1`qb?s@>F=hiP6URqme@iJ#Z1*y+@{s zci7ZNu+zE3<9 zi^S(lA&Pg8!Bjx-V-%4W!bT6Eu;xWG2373Rf$(P)N?&sJ7KAQrWV?E_^n@Q3Y5Gh` z?HV~rx^wGAm7btoJyttA8{TXz*KLCNwQ`6vRe`&WzHd6YRg=nuGEwpdnM9^W%r|oosX=U zZ8LV;DA*CGyw5)`xY3Kzg6AldBdK-UfZ<3tgcyLK;p8eNQ!}`2Bo>b0@NjC~Earb3 zfQeNk7HkjWaHMsluE!*%(xQ}=ptqx=dCrR=n89x2yh)aESOo^txwIB&$Q7Sf)+ zpQIlsD16}p(J<(+Q;LjBXPV8nOqt@dBWuAg=S{1~Jn%Fr;OO^8WMVMqiHL zlz7%}`Ov6H`B1#JKsFH~XH>6wdgPDF95}*S}FS#dJi;z;*S=E#&9s!?n~( zld8#gbR((+(h9J)?xG_Ep;Yezf-p&?lnboH57b{2t#{*uiX!hgb&vu6csp5ePBIEv^6mq(cU#Hz+Oos|fpMYo4 zJ7VgcvOG3{pF1X-J${)n=Y!xqlZ5kh$FibSt{<;}U3!gha9*hI~wz8XzWkT#T@D5f|JsmoL#(*G7+!bo% zQ@B9mN{Oc6cdnObo)e*ZP-Eg%cN*QdGw?2w%B!fCmz8-E42->bL0r^*Mn(5C4GPRR5dCm6M4dA^DQ zdBt`>c9c2=c6kou6%H$1l)Kip^t*{4@Mo)#Ey7$jVi<#>8~Fr}OREp~X%{NC3M;}C z1QX;-(n8gKe_Vz@Y@r5@0kTfakF5}-Y__czoEyRmRi5B=?$yvW+f1}kHaz&rQGkoM zP|b($2qd=47$({&t~AjEOd<2Kvbc6&p%={ zD+oNTW5UrkgyE+8<$XTt&WAV@L5Yx#$-(kM~b7m1#0-q=)rX@OvC#TWe$ z^IctsuN!oMhBAC;U_#N`bi-Zm$eRgYpA4vkK~UOkvddV$#<6j0(Gc1K3DVq`hxYHJ zqzGsLVEYo#bz>Zcklv5dHw4 zIWIx!5Vl(;8MoVKtHX~^*>v{3p~vZWY0SZfflbp!{%-)m%_DNqVki)|Y&%7P^dxVN z%(KRyB?JwGqHcWomMvCi_zpDk7uL#(kot=R54<=t2x-f=CstSkoFXwtL`ZUQ-2SbU zMxk)XlWJK!yQQO<4w>~OOU*nhIORh>%A@~i=U1S3^rKCPd@~bm!_nOKlywAyp zY*0%l3p^9JQ$Z5@1IBM{a-ryZ7*>!AyuNT6V!9qQBv^k5=@Wqp_Z)Cj{CQPN1>1KU z=jhcBU!p*Tp1^PzFM{6yG>7o%*g`A$$Gx8K;HH-M zUKXw2alAoXT8JAO8AJ*|OlQF3Cz_l0m|OI1q|5)TtKemA#@@#4FM=P#rjU8s^km^K z*4h(Ua{LFYC~jLQ7HAZ9cBSVr85AYzdcH521}(J?G!iSJNEnZ-jo+ z-TJTUdOz&J`>8jR8W?cJC^V-U5%Y}+@v7^KoXCj_9ilW1MoP+~35}j%*MtM_u=DWn zeBM9I?D_oQU7FwTj}Ij|K6mf*-v2w&mE-mGII)wvAgblU^Z!G-I<~>ObLdJnR2n3Z z^-=Oluyoy;jLD;IoxYr1I6wDg7fL9WwRWE12vq|t7b0Q%i@wG)XyM+C7}GrGTlcex zv=r`TkRWhv+}}lSk+yk050mRZusCZ9_baFkkOy)s+rjsHDW)H5Y5*pY)Fk~Gn%3{X z(S@YY1EpCY)07)W!+>_L7hFmf_@w#X!LaJ3IVv=ncm*p#U`bqs&U_XTt5I^n3 z{JnzP3F@8sxWs9t9popNez2~lAFK?GVJ`$g%z5bB%G|ipI4CyJd^P%~mNotd+;* zQ|6@N6D0pH=AO7sx&mkOrE$i~8Ho2|$68&WoJ@Z{aY?!6Ez{vOJR}(C_&e}|?@E0x zSu{rQDpoy^a|WvkMcfTySWD8-FPQRF$eFTYJYY!Ja$K^pe-_Gs@@0xYsHc_l7H{G* z*JAd>X9oVl&4uAc<;aI%DNZ1YrsUsVNj|@6uGUHmmPl&)l;JadyK9%-52;qCL^>E! zDlk^qM!m3q89Kh`@9;Q^ID)wkP-Y0S13v|>wU6tgh&Gr@Rhm$j8*O1>Qt=9({L$$< z(X=?6DbeWS`wx_6D31RL^e8hCw!PX&a?3GrJfJBNOtRs1VhqA;7OY*zb~IOwrM}NK zesOpq4YL(lSz1V(Z(EbR1n25daPGRnO8xKBDCp_E!zNGX2&}=A7)@nqnDto`<_>q& zIwY=k>)oYW-6;3))h`e>M>R;~ERv}VtT-!qv$pIfEluW=jFBbdOjJOam}{MmKOffA zk`bw0JZ08Jv{t79#$_6k9_8iUUF$3EUzxt)I3)j2x^Dw4<@BLQQO#uUM0 zqw#8BnahxcEi(0QYgDN&*+Hghwy^I8y;xbiPrFEyBmpI0XvV8{BvwdZ-Ohr|)fNsC z%GCFU`IkW*YFmk6{5haPMssq7Fbo8YxG*$n?GNq_X*8p$A|rum!>3a2`yd(1hi zG>~w_Oj?o+^Wu794ccL0y!<`G%$q!RCnFx9W#ruh4b82=qG?drAs3V+>6mEwVO8Uz z$FftjndQ*mv}V}N2NpfZrs?saFE8iM2-~hq_gVvP2CR2shL3N8tjG|~6X+)}{bZB} z0*LAk5DaXz`rj20E|f9n2XMYx^F#AlOz4BFry8jXwpCH<78~9qCZN6+qrBvl#46BS zzHr3q^gNX@)s1$NNkj5Z;lF^z%Q$20#>hJ_X$!4}vCLTR!ia`1YzIXB<(ilk#j=@0 z78y3?hZ9T&1QcfAf?1+Dh*d_sb2UMVQ|CnZ8jjv4o5dfpAX3gdi?7HiRxLIRn<1be zr~jqJ+axF%R65RgC4e(a_=m1XuY?A$AQ{cVXYATo#}K9Ji5NU5VQKpF_mX75p>ph4 z5Ato`2gLhMirsBBkC^a}#e%x@x)V83UQgoz*-zYgY(8J+*P!hl0mafM%sXEB2NQ^F zs&3+ER95fkavu`1c6RV=9}typ9++-Fk|6-49sZ482HC{L;XVDO`m*wyhRQZN1rLQW z=jS#>{1B*~tkw_eJBWg^t6fU;r$m9uma>RzdZ20K#kFro08;NbQPjT0VUjR4H@UQ1 zQ-Bp=C1I(UjZEAWcsb0)VIU+zg4ZI0642!jpAI1eT{Fs)hrl+@{jZt^jQ=TsV;=uw zmgu)1Q&M@~rIZgqujC(Y?7`+bD1MrJI#_F-7jY4W<)uT~gOGA$)lkrDCOkbmJUcUo z)9muC-|T%MmZVzf&M5dEZa{{eZk4$rts0rM?V3nCptGX8_ zQi&!%HHK|$0hujaFw}&?zp?N>k~BECC5Kl^b$|hX7qIb%{apZ9$YnEap2*GN`2f?9+eDmw(!!|Ce~6bnR+Ho z=wyLT{Xl2K0YNA~?iutuZ*@1Guq=T(37 z&&^Ox9Anl$5!vRbETjofBlQ6cRA9|}&l1wq_!B=|OvB9Se}%hgl9rdL>D?pPu}{ll zos7vZhL5t-qkuznGe%$)2StyT!`D3S^DuA%N3-@9*U3CAN3(ecv*fhE@Y<%Ey=u42Ly2JE^s75F3{Nn&yc zG>&vdP2!R+;uhGvF4-wNbJ@SK3*#@iTdVZUg4M=N+&x*u))ryNvSj$&MQinmD#CqOmf%e9&o6A z3DkgJiuZQuZswtk>2gE%xypK>0GKPISOLK(1W8%ACqISKQqRbX&N^sLG|pNg0bF(^2B`LK?A$3d81K5*ihS;EV$CKm>U~x zVRLKpW>KjpMgh%^JN|X~Wqc{9%E!Yl&Uut;*pF=TbhUS}q0W0L9VX}%F=8TvHmoR? z;q`V>GwniFUv~mu(**`_5NRC!l%tHi68J@ba#ksAq)AfueVRtddcS+4^+aN9{Mswa zOxEpzMAzYPle2X#Rf@jY;ml&9mZtO2;Y_gkm0-;|*rx8wvn})XyW%W^cF3bvmAaPP zkf&p?UC`B?KOh`|yVMzYZ`SGF^+-zk0qs_O&sgUBy$(*N0x$x3zovFUkW(~)Qu7nA zB~Z-d?z!Q|H2y+p?1BEp)xgtO(i6qr>(WJ@)1XhPcH`_v4hsi-8c$mtDig~|{{&gi z%IpL*1#7GP+J>n&r`ok296n7RPf^^b&wM%@&d z-p^+kq6b0DlJ5&7TKF8&;;ng~Q`^9{ixiwPgN?#XU*b5&Am!QE+(^B-4owikc#N(M z4k8#YsGZdp-e?L0!_J@Hav4w{4 zGgXv63n1nrAUSum8$9u-a;c}ESpuq2ZXfUVptCDgDOpd?O^7f1iPt zx!UB>gWMK$xXrEJ#%b`FN$d8wf4kf{NZ7p+Ka>>W#f$1Yr-^Vd`5^vSLqwR|0yL3aQ>|sZm<8m`01;^`!^rg2o@{c~N)>PJpUe#5MP=|F)6fxz0e^+7$;za(4N31as;4kGh&*l{0vn*dI8T7WN?ar%g@2i4+DS5e9pgv92Ut^-(Y+>#K|3{Us^< z(-DH5Rm1CxuH)=i!z02Q{ZXC$|26b0qY?28{|44^`m^=@uieI;s7px068`@kuQ!kR z9|yIG`5#YZ{;!|54FAW6e;m1Gq?G#R=B_SYZv>MXIywn#>ZfT3s37D1*XkHn6R&NE z*Q3^`ZOPO#i^DI#m6KrrnnT5oOhLKKatC@=i5diE0SDF7T!MgHLWKjeE{FeBPKCLt zu4-*(Cfx@#>+HLgo9+)>`nRdCu6S2X(XNsT6U$Kg=h}psh9%Gq$s+3Fht$RlDvglv ze~i(CA5{fVsmG*Ne~kH`5$qNQHb4JlX;{?%QfjV|>1u~}@+ceF1>~$22A_tNRP4*B zk0bw`|EFg)Jff_~a4V{Xn3oN!^E}35t;zpxK1F}xB)|4s7lI3JidEF&T4yBC6zs@9 zr6{kFO>(le)1T9mA#WX10iAgO{Zr-kiiIIUV3D8V`bKV!&vi6Gi~PRUJV5Yi0XXzquj4~;$E7Aj4K#@HgA&^pz{ z97~Myegc+7dW%NWzW>!d(Ae9MPsai4d4KKn_UPme3@3Y ze!xR;^IG$kJz~5D>M_yN<4y&y(y$4W%hF&?_oAw$)>mjK*-ZaX=k~1}aqfD~1Ld43 zE^Nmue9EGlb$Z3I#$T9?BqaSCD*s_xR!(;PtlbYO`fp-#SG|=xF5O zO}qe2QfO_57TP9q9lzJcaVh-7sT(50zoC~7YT=u>?WO*2rBUiq2$)m%?u&Nf%3|9v z+@1t2v?4Q8Wj^Z1*19XG*Iy)ql{^EF=0U5uBJ?xEv^cWv0J!D$6(R zjfnTQtV9qC%cnXdZBAr$WY?8xHR6Q3+(69{Y{Q3{O#auD*MAwFR?8YB%;K-6hD%S? zVohbrvV9dk(YrsEZ->GN!ACfdY&-0}I=G0zrmBjMnj<6%W29mYqFjsq^f9t*xIuFt zcJF|9_csO`I&GEHv@wv+tYIH%`AFRxHXft(ryW!46o>Ham7^%$VNZeewLnobFj2KL z=7ZLt8feW$!nNh$+@UN7fIyf5nBE=pz1_-9Bw>x<~p7M9VD(bR3sR0w>(ZAP7mDbPjaLqhB3j7<;pvW*B1Lv|n zHRxC2m@-HyLJx=V#$vqo$VsLVCDqlbB*O;GUDE3Tf`0c@?$gv=>pNfQDuiM>#>wX# zTCZ1iOzt4S*FmsV$VS1EEzY(Zv06+)J3LI%XxSgj?+XdHR+4>BiIYpr71X(^{C?U0 zwAgmLw`aFnBx^5bH%P6Otqxv+`MeaQ5a;C z1kjRO?gts##G}!&U0t3ALyZ$6YgB%MDXnZr3PlNwAUMrb9rlvy{X;U-2Tw(>}Y+y9JyfB*yb^v<&7GKQuY35NP&cc55-!4WTDCPe)aaA%vWH}A`cTs>G zxJ4!(nzGDwqn+e_Q^k1ViI82pNsnoTH)F#!n|=W6`~qqticvoeP4fPy_X=Y1n!7u; zv3AbeP~t?uGectKqhuNk)n3)W>Fap^HDZMgLsz@A6^4rqMLS~`5x+JufXIofJ~OyH z#ox?a2mN9_Y%3}?Ydd7QUK4j>kf0`xbU)f;D}x}40)O<+8;|qXDm_k}A;_ee4jhg?L9HA%2iL*AJ&T-Bht+-&Z%S-elc;l3A{YvGCF1`ss9F8c(p zf`gvnt)bWzk`;A#8Vs0w^l1emq@>BSr)jf%IwojEp zYPjzY36fqimAvBOuUzCU*m6{TLOg*oa$dgWmIfr6>uhp#eLS(mW1D&|tG*(PVB^~E zI~|I#HXCMOA=4C$)9K4g5*imM<#dXieUAd^>c}}&gkt$$@myURR1$q4Vxgsyzw`X7 zOQka#c>a=cGV{qa)JwD-KcAtg+t=|re~XWkshcb75u;(a@<(4F6oOReu;pqdYzF5j zj4DxUEk~$S;u%xCZksE55!bjRUQTP$b(^wW2l(5KL|7zgKsUu{MdpuQHwq9D2#bvW zkcrDUN>ZzOBwN8o!SpCpS~k5+|1fHY%pM!4xD_=j*uprhd!)2}9%_$~m3CK0s%Nlq zd&Ps5{vTu!vzoipj*F$G+W`QY-*8lMv8l6&quSRImZ=|=MA0m49$-oY{o%;%Y41#~ z2$`dS8CQ~qEq#{DxtS`$An;;%9yu1?0?fMmRXIqtG{r(M*3omWh?xoHtn?Bqk$`%NuZ3X$|{tH+3|%Cs)Zgp6QHf0a1pG!9nuNUb`LT z!HcH78v#>cKT0Mr6d>LX_n$p3C#9l`Y@>eh0B;uLf;URxq}GCi?r z))Gv3Rm{zD(sI+&+0AHh1i91uMU0$8;WZMx&x84{qadMKG_(5{Mp!$3@Vtu6V?Ksp zmfysP>b03)Is;Wmn>K)6J^&<+L8T2V&S+TDKCi~#B>0b+5iJ9o{f*QOWpg?7B`!u0 zo3&vSkdr&cU*fcV+che?mKMmhO}^(4MPLYIaH~6<{Nfm04^&04XawMriuh6`dmyP$ z^Mx1km1j1Hihb_`=9XrnCMute&@QeY{MI%FS|&Evu_81x8QtO-KdH zX_J=qNp6sg6peyE!Hmb63mU%tW2V%Y89tSB@U@8TpOc_lYEo&8f1k$HYF9-pOhN-6 zL(;Ait46CZh`QC{Cx~^2=eH=;hcb}sO%~KLNX8J#EJI+cDsTAWztXW447Mog7k5T0#;=3ZpO7+=_KnTICe{dr^_m_;3RdGXqk zvGVAEjg2iu7o~|`g_#t?7|4Pa$&pUwy^vm#u7GJPn>J;f6b+|(x{>kJ8aTK@N?S0HOHk5UnEg0ok;&-=z zB-fBLOeD_*^G@b47KRJGn0a+^(0gjr)|1QB`Gu5o85xO>epoc&!sgtv8UyS+W$dX3 zj*bV<7GGHVCB2EYN(pScD(gr!S=S58TBCm?*Nn3n*2!U423+bZ3A#NU$^dpt0CrPz zj&UrpK{Y#J8|gk>B7QT+#9#rXo7#~*3CE_nYwg0WTuC$>tDjm^I?`MqFYJ<)QTky0 z5t*m;A5O)z9Uu#q{nRX%miTiE>1WL;&IoyTiee_pRRsKCb}`+Xd}%?Zuo zUY}gpq^(Syd}>V!>9gkFqgb%a?%t9U%cn=v_b#9DBXE`MD^DZQnUh6>q_VrL875ny zp%{aN|9KWj${FU0BNDz=J;lxdXnT(p0gABT+`H=P8@vWAF&}rQ0+)R*)4z78XUNAz zrf6>u*AiE=bg}GPgti8eVg|cRKah>+&*~InEr%w6S(P6IVub&S9BU~SI3-vZ5?A50 zF^xXh{bqcT&WgLmo1JQ`c%CQ>yZB%d5`4#h*YzPCc82cO$Zsl#=@2GpzW*Rb=ikF_XZK z7jpgZ=v}<^o{H+LFOa*zRI4h@aB8#fj)ynA*zs#^^yqa`KCw}>DpSrkg9)X4B4+i6 z^oBX8Zr1~Orlf8RRn<{BlY% z?e0|u{;zTMO|lkyeiFO=wG%DFy4Q`C+8tw-bhtg#$a2~S?lh}zYp-|DX`@KeE|!9f z?YpK<%bi@ZVEqv(7}X!6LHT+{CQZT{Mz+Jlt9s zYZdW$87W^%e>>()>f zR9F$z&F8Cj^LK=tNS zggF)3pIvLs(Jd6XhvmewglO69g2hwD(N~TPMq9fMD=&-0vQhktcCabw8T>M{EcXno z@l^N%dDnA~280kzUXHPzP%I%>7;Zh5Vx<|P_V~iPf9DPCA8`adn$B;av z(%fUei0b^c%}H)0hGx1~^NHv2zPPU6*27vKKQ1RB)XBf$#2%NY%!Nak4gYdeJicfi zkE>gdO!!jL{+#sT5_mduFB+Hqrj@%P1BF7~-3{(!>N+|@UnT>Oy6x(^63c8CbGL9U zCE$3joRR!WzFg46mx+7{DPccwtp=3btwIs3n6zV)A!C!!V^dEQHe9GWZwi8$pKB8c z@QY^>;)U>CGu_a*RB?!1Dt`k1T<&$ZkZ8O#ztvR+rnCEpp6C`kZku>lW-p(vT2;LE z%Rp;6F6sL*tg<`E$#Z=j- z&(xz)ktACyZ^Ywwo>bBmOU=k~?J5Ay)RdbVTuhoRzVw!ao#1l1Y9=0n1OFFn1RHeq zux_5~!xtDZz2L5;ACp5H3WkF!=uuMdv&2fjpP-Y77=BTtbTPys_0Rd#3d)(gUNUfT zP&j|Z1kwv-T>}NzM6a>rOH#G&A@YYd_mrzL;R~UOrwX(t*%6%y*oGCK0;nS~g7##= z2xrdux#BMt`R-}u3-G~^_vbb1_{7W#n+wzag{xXzaNoTYQ;th5P;8slI< zf;dN5X!SCsG1c`DX=&n^+0DE4akXed#zz1gsVP-LEnF7u9A_xbVosy%`-quJKM@3g zghnkDn4^zuJZVT*CV#@dHv0uPHS3mPxw4^4FHHDO=WVnEQc57#{OOb&KCQ((>VE1b zHoP$>K5GGd<_`w%TMH8Zn=Y@|IR!Sh)DgrujUvX{e(%BI1OV&aF$epCHgok0hzTU4 zY;RKmx^mRt#7ub5KNq>eDon*Sijhu88A6Dqi?Q++)oTb`qs^nbCK;Wrx+5!M3jF0; zyr?pi+s*xLWTqQxv@b@%x92Y9Lh*5x*80b9B$IzDXsQ$lpEr@-ZOhd=C z$Keyby%j71h6Mybe1nRl(OUQ3oT6~{Cg{QY2Sv~a5QD2XF_!Hbh!lJ5+vNHQpK{*R zg?rULFx8@x9xp`Le4UMsUTA@+o1ZDz=^KWxIUj21_&tjDLfkBKZLr;Qfiv#DNEy$C zf29mX>Bh@)sVz%mI~xBb31)!s(xN}n1dq%hvlC0Ro@ZtfaSV&H&ZgM`lr#z;+s;(5 z8)CwzVzO1gXeiC9zS?c5)!!=O=kbu+;p^dE?#=aoesbGPnLl^``9i=tlgVg&OMDii z{hFOAB+$w89&jiu!YPgQkzDSAqp@~Rc#BQovm)>4-*N`#x089nl)NUcwrB;OGm?}; zF&erNvngbT4Esr-I@Y26#`&aKgmS--C?KH{{vTS#j`z#M;pzX&&G_}r8szh_ z@gFjV^Y>jxLBYTPL66td)6`K!>9?U%ka&%dd-*0fMoJ9ArOSywBH`K69Qwx0VOT zlI*lIUo~gLFg*d1F{+&g<3bj|Fd;+9*j;@gcM*h?5@-@tiY9{#F<`P)0Uof5v>xkd zig-j2zztszNuf2R^TZX&LS2WkwMt^j699`F^g#jxW9)*ZEFbI;w^SA`w?*f=f{J?I zVFNo+@@dmwmu@wguU%V1rzG)4Nx2qY(`m#v?okNVo^3WgMgg#e@a+sff}PCr_C#A_ z5%Svi<)cKqjRv_Sz{_I!k;EVd^kB8tKlJ}*MZC!5$C&W#JppPr_(DlUIWIi~+OW#n zPHUMIsm4*|n!7=3_z$7&GDvZdUI@DX=A(_pU>pF~Q*00QSOx`_5xy0$h*H^!Wl(mu zART8Agq2DY&;O05XYQozr7lVH2+iKb1ckAfjdcgIIzWR^C{>do$Ks{ zm17H#GX?X9WR)ysE4SMz9(*K}wnd`5zSCe02BP+p2^+*z@m&hBYlHv_gj1w7S0hgDr$mi^|Ew%UVZw;csAOcGK?1y zd9-ZQE-VjEFfhaR_4E_N5Bua*oX*vp{4$aiUSG-~cu^W!YY;W_v-7hqs2A=hlWd9W zJGXUAi1{IVzXY%R-oa`>67I4NkIg;m+>y%)#y891#3-@x zW^?CFu0bHP$*=Vl>I`AP_2s}oljU^$wOnVp8dplEpPvdhg`!iM5w}gxSn zU8P$%tR#|p7dp5?;S6go6VdxJCmi>)ZfyNnW=)IH`iw(1iO{clLiQ7y_$+yYCg$wD zAB2^ZjZbaD#(IdQEBgx7)?j5O&5HjL;BCVIYH3Z~o1hT*f01<#K$11h-ruop+eVLf z$HtCrn>)5`+qP}nwr%bBo9B7od*eoY5fxE&>QvV0=#J>F&iv&+^MmyySt$^Yw`=u1 z2U}murY^*XGPN#^7rGLbFC^fxP2kVK5j$bM>X$3$|^t~}4ubcnRX@CcI^Rw$s=zh-~l zN0b}Y?FCyN-Lg#>OouNhlIB_>ng-g03KbG!jY5s*G3!Pm>*?8Yv|TLA0h>Oiv3N4Y zBc1oTj%?g{`ayNEmEQ(P$PnHP0TEP?A`RhDQR~Z`ubYcNcltL_YR1ZVInVy2Gvb~YO{H2prAF=k`YkFV~ zJ}voI!(?iBop7RoxGj2DAALK9@^vbN^x`k zl!h@!X^j9%utyP~o!baLuvU^-VA6EJ_ydj``c(-KDD_PQs&OtjSv&|Ciky>=IRA~l z>QfIILr7@8UHBZ~uM$A7zu;2A;=ofHU+8DdlA^H7^->yZy>&Gd$5C*75h+O`soIdr zVd0MYBJKdlMR_F1CacUP%1cOFFA{yj_Jz=tKwVm zjUvkEF?lF#y4{o5FV`TL5+8J4sRq}abOv_*z##|lZZ%N{)ZAP#^bS3^porrEhs-p} zaU7J4qU>;iKesVy>73O@TYgn7bPD52qNJtB;z;zeqz8zy-5GYH1${>=?h%fwaxi z!}9Ywbg6cITDaHE{Y876T*#Iq6hV!vC7k|F<-QChfyJ{C)d=SFoP=Y~_IdJ73p%ua ztPS#_X$C*{-pj{TRqsRrI?rocOL6si>K2-g=F)$gP8m5HrW01!&Q2?cCO5ZI;#YOm z^jft)7sz1Pqw!fcNk(-^LTwB5&#O_((HA-{SmoVJv9=fr^i>Ksuv=`+1T@D5#67!;fp`IXH)Z@?fqvSV%gq zs)Ise3z&(67ZG2IToDcjNNEruN&7VTO{v~{QX6N14v^JnAiBT~idt7=)58ff$~E^w z<>~>cz->o{X=ElF;0+eyJ}i-Cc8{X-82hLJ^$iaj>tXjpzE&Thayj?F41^Toi$*Pz z*w>}%0*|d^W}FoB18DrDf1@#p1#I;UN;0r;yFe>|fE)4%TYoJ{mLOifoTRVSA{Li0 zrB57_&c~Ud7DV#};o-6!f?A0+i8yJbI|*+WPRs?LiK479yKj2`N+bS*M3F(?^Qvml ziZCi%PSrW64Rye3)Z5HvVW+Ja+RSZSD%#cP#fSw`-svfqAB&>RRr!}nbRLDE1xszI z>8RM$*2=pp( zil?R$#6IE^{vbDM%8?9--lArR14%as%h<7zW-zl7`tZ*$3VM4N5!p~MZ8LKE*v&mG zHQ5lvOE9ha0Fcl#(iVe$;}QXyHdSmQd_A#R;VBDE+l_7*TmM$RXVr=ZQr~*AmP#f; zSF#+-Vqy-R-vxaVG~5FL@6Y?(VsNXfl&;OIIkmEPs+62<`3AWMUByEJqu+h4Y#s0S z=#mLtVhfW%)2ydf*8U52_}_b#-;?+-WX?ai&?Q6+at+!4$K-pL7daAyvpW55hwQ^!kShUa=((!m!ilq8T>!vwI-q@B^B%V0sUb;3t zUp=ToMQ>kL>osa|3tSDc48{u$OD0k(#7HoB~b$2yQBa79M}y7ej_TX6LEf;s~KL0~U^+)DaLhP9FYn z)5;;o7YtoiDqSL9np6fulh3WlAw^s;Gd3NA?t6~TEa|%lE7W2h=SOBp6zY|LodlgI zmXj%5j5=WI8$;sdaB04_efWqa4U$V;O%eT=b_pa+k7<9cd(^1}W;hGC-3W8EF=Pnw z^`$w}8q|*Qp^Vrt+aSl9)d#ZP9(ncW*5Qd3?IM=n18apX2@rXf zyrxcXDFa!Jb5t?@)!5&o-1b;819Aw(}(^V;j>`+>j0v+9WN;Ec^A&*b@j4>jw|Ef;A()oS-clxK8pIw zbAqSr$T^4dTX#)HKwgCniteS8%5&LQ?^bgxE?G&hVo1kqA_%XXbal$~tmAhso?{Ms zNpxhCgTet@+lD#}0PdVZSSI@e8e3TM{FNwIS{6C^Yli-|pH2 zM5yAEOg)+y{lM|Ky1-B$jK5n_>?PYku#wj>hncdr#FOY&KY~?VhuhMUH=2@fY*5U9 zmf&KT+cTd5u<`SsA+1eUSmR9JBZEU4lt;|h&!K5(N;ycFM97fhB&5f@eNcWeFlq@W zt)^VycV)B$I_+i3?d0k*irOE^c*_R0{*e6%xRlYk+voyKUQ*1sM4X!=K93i_iIMye ztS@@XTfA3OMg2ojIOB-$@@RQET7bZ))EhtIx=(XM|YN<`)ySz;T*he-r zy`s-V&@H#G2|+*OvU&J}k48b_f1yFq{N}N4f5*5U6SJz1d}v0t(ApAX%<4J9`b6YkNxpCQIc@9Et6in55O%pl$%mHPl3F@#lI%@jV%Yq(CJkq=fzzkb+IE z!J0=@OAgFfT3vMuVIQiBIue{yY2#z@*wgUc{nJ%lkyQrC|<~bvwvYQwM`y{>47!z$yBxkY#f_zMLFwC^E5lg_|1=7hND4)+)38u|dvU+>rVd&6J<)@lsLQ~wuL`x= z?h-@Eai%S{FzbxFE;Gj0vs56<-ME9L!0Bkl1_j+jMX?3Hl1x9K)BQw?Rt>s|)W@mS zEnIy7&0TC}UG>Z915IkZJ+CP5G9)~$ytVedLXzz$?q9#p%pRYcHRYa=I|Qd^=CxF= zpE%5JtGpkU=9~q(>bm;!sNE1;_n2+ys-AdN?sz_>C^s*Akzq4bj&(NKuH}YYi#dtu z>A_Oxosp&-Kx#dYz#cvpB{@3N$&59LrFp>)O!NuI9L*NK^&l%J{!Fy$yJ~esN(_jJ z6b$HBp3eI*64%V-70lRIeP&&_G=b1&+DMHJ4u^1?%rjN?96{zES6A!JLqM^@$Qduk z2sMY_-{5X99Y)}M zQ5Io>F?sTY5$%M+kpB{;+(-5Bd607y6Wr%5a{^nvT9su_EIQrf_Fa3P&%MNo4nF(2 z7$PvTXoAMd+HIqTN}1WS-DU+mJ~bSPvjivFK!gYX=nP>RCHo!x6Q#bk%ku?Y-7(Eg zw^Dz+iE&v^#&mGIUY-B68;AamW$x}h-1ba(uS*<9Grr4Ng%H%*l0i?%BiOz!XsCys z);Oy6c7&>M4uuvq);TGAq}f&c_hw+#D*$qF*hRr^Qo^t`(e>hSVXtz ziWr2Q$vS;x*CHx%kdH0_2fei542mxEf z)F-sm2q?3>nFbPj(1POFL7sq>f!W6cT#Y z9#p1aWEN)%x8X%phClD85I_{&jt?9D26U^r7}CKgjQE_OAcko?igtIoVpozxBx=BMfw{QKA1Dlz@euhd>znZNqg7+MeW%Qq+pC`qDTl4^l{twkNc3klDU_nlLgo+E{x>+WBs)l z6N>AVt>kh%fF=D)QvS!e zuhD|wDFF}uYG{}Nk!VXSMA3Iv%=BuP)(2+O_UTy57aYDd-_+3v<$mdZC$R*VcY_?} zD8WRrY*D)6G*8T?GdUUukVOHpsqe}fVF||3Zp&aHmBb{NGx#DWoD*qHnW^RE#K4(n zv@tDP@rAU|;ioJ^MbsvKr4i}UW(1Km&I{#E+Aq&@7pX{5Q3WLy8 zv@(EX(mkaVlg<`uD$)molCN7V|G2c#0|Sh&Pp~>PwcKf>8~FyXCN0!zy0Hkt?sspNZ}JkVt)??N32bue#M$cKjwWJTWRZ zRofrShwI_&%W~$7&|Cs!@+G|-6U(1J@ zE$Di%@K7^_Vn+zPKj$M$ZIH`Brt7jM#IJr2<2NPZ)r3 zHXQl-RHBz`h6k4|GtQcwpH~XrXH&GGL$+XOzwhrIma{Kod`9?Oi?(^LkB0I)bB6MSSp>o2^>U}OEg47lsyfFl=mQ%3kEDnoyGs2oWvRBty!Md%Th%5*s}iYj!YLaHc&5v%)NQEy7W}99^r*QA+FqFVZ0j z*N*ZTad@SR=C)F&JQ&ec84I%3-6bO2KirGvbN8bV_4vt`|B!lHU#3#IXw?M?9A$Mu zntTxS2HT5x{pk*P@Ob>Vz0L0Sderge{Pp=3O~tX*iJ*utN%r8Qd+R~uP&6tCE#=ZX zB6qAtt})wFUKDcbL8s(kcj{GP=w+7*y6o;nsb%XfMRI}{xUw&i#;&C*+hk1Er21E$ zgs-Me%G-7kjR;*E#gVkC990}ILbMupeEw(hRv6x*bHx4N5lt?~Way8X zhSAIsmzBk*69T7Wd(hRH-CvZDMW`laVh6-jd~&GG>ba0lM<+u<_6heIRffpe z;J^NEo?;XeTq1Py{`|@L@_GJUm`tbZm7DkDZ>Q-v&im>9=<~(mHi~b?_vu&z+01mK z+>Rzn6)EoXWINe8iT%&OtX;h*-y>B8rR;-&DL5|(g~0QdpxFg^N>8-8l%ne}bm7DB zbm`GHZ~92o&$_S+4orl+{p}5xnQ+tJn(Mvxw%gMMh7LcSHs#2z1%nRxd2`SnKa9!z zx8m%g@0;ppkfjbixU^P)?6+0J29vtOGcdq*fuYEMG)2Xy-v)6Q2#7@9wvCNv{wSsTS*M~txToldrU8I5HG|jcXYeKw>h6M3Zd2rdaV9$ZU zC-mZc87K4-4k)U<#MtA#gPPKa zv{~Mcz5U{h$aW6RQiS_tUduJ}75N_xo-QAjvb8)yv<@~38?cykhZ2Cd$X1Ppa&~O^ zAgz z931u!Jy{MnC;l0uU)T#3I%OwP7qS~<5+TWtbobZ-IE)Q5*6)cv2S288`qoX7fHpa z%xEU+Fr4LahNgj2%iD@blTeK!OzE$+vK=g&Ft`~eVhzibTyf5$-53=D7X#vNU~!Dh zHB9=%w+N|Btk-5W9*{3wFJjUXqyL0bZgjTQ)Yp-@7ZS4K|IRdvjgP|6oGpbI2xxqx zR$PV`?ZzE?d^}XCSS6;xj*Dde(U`O-sRps8wwEHHvm`HU(#EY(if!o>rm4keL$K;V zP7&`badfa}FY_tcGz05P9~L=op;SR6`syHho8nQQQ&jpnWIAOIrV=-6`YgzdX4PRM zMKMunZYaKF9QJ{V>9Azh#Tm)McGYE!rY#Nf?8~qSU$uAUzA4S}FTiL?6_C3NjDdO) zJWDX&QEM3I9S6IrV{0Yy55U+oeDF8AAR+Z(6u4$M-KwoTazIPrLv-Hc*C;Q0;GJNP zq`d0BF5J&Bt0yvTJ3jjg|Hqv_rEz+R!%+ve#izY8@q(G)%q!-^Yxcco^bc6;Ry!g^ z;TGJ1(pZn3?@9)tL8AX9YV67b94xiEG&kTfvl!uDfc)6hb zec}tbHi7}m@4!Mq?l@@7fH)~hxDOAq$R&h`=~5vh5fO8b3omwG4pucsvikJUyLCzB zMOqd-6dg@sP&(#rSNF|9Cz0o1bCK6bCATkQDRA|UE~@7Zxkw z_;GH2bj!iOx?w-GtlRgVv+>08e`v;QH?>)E-JkKBk?e1_Y^Q3~YKm5vlryuj1&pLP8_C_~_7$$9Gdk-FPAt!j&+ zr8>y1+N}?_Nic?W`TTOfrJv1Hp(~HAAo{3D0lgggzBd{CxpZSNN$I!=fX=`yfK?I` zc&2Ox7b3{(%f{r4(yk{u7ZoiNnBUlOwy-mRe5&G%Iy1=Y@#-#6RIs#$G$C9=tp{G# z<6opvD?JJ+fmT)Ur{21)hj2;`%t?O{5!b&+BU!$*21{Muq(9;#s+>bPkkO_k)g{de zXGM+~*f-LM^S?-=7;_!sJYB-Dh3zBT!O7TyE<4XuvWu1L6DW?W(oB^B!o|t9Pfe$4 z{l!tH9c;!*mxsEP+O6>>{ZT4ywyDtYmj}G}$HZ(@LYijmT>Iwp| z!$?~bg?3tAR<<+*V6$wmc+&kJs`2QXY79-_5DtnOn-&-1>Rr9(h{{@M&&b31?Q}&t zDt{V+qOjF*MgV*O>LqH69cYomfkTCs*X8()PG3- zCmmWEh#N0OC|<@A)Hq4tf{0A|^82FumiQh3Ij}N1!mCcw~OgHq;XZ#4hAC zc-^lmz?>ule)x?d#b^t!Yp0|VjV;!t~dm7wyq!sbgJ9?30WN`eLo?HGkehbTV*sv(C+ z2OBGtF<_J9FL@yQ!a)u(UY2~~G+vt?|4T1ih(Z7vs#m;nXOi4FPWilvsI>#7_#SF2 zf>6xXS`z_ZdApKH$-K7{A>Vg-svRv14D846g_mgF4V{HuvUsa|T`puN-pl_mjU!Gp ze%Gl$oRk?~(JBdfnskPtxK`d9rIlKuj3Kw~FGptt+ZkVvi|oEb`>YyojW3|NdftH$b`{*B<8HE$hv9wekiFO;otS}d>PN;9K3Kk!sGQB_=4&-*(_*7%Xe4M> zbpWc2e*`f89uU88HjtyPT~T%_X-qW6YO4_0f9F+TNwL1K zo#GZD{9b&yoE}lQGr9A9$4W@~f|R5?je1h_M8GkZS;@YBpj)aj2uf*8?TRuR*W=B3HT}(v0%j+`ZB$EFwh;>1;0! z1Y7(QQY}VLr2Qj*c!_6k#lz(w%pJ*{!nqcA`;pG*r#b2(LlPwVqI)%L_#Wi#iQ$j%(C+h z)=JG4wA?iALNf!yH0yV6jOQcqmE@^oXSbK#|3ZyFKN+VAu61&~#{Ua7_Os>x12wWZ zkBkxwjVAqBp_gSzyN8G%YerImx8`GAMOrXd9@9w5PcSB8idBiTIPHsOB?!ch;^P%c zBOsnch&>7xyB92YA)0$fG{fI2`k&!1X83<^-Eat{MMr+mei*xiuznk*+x^=`^E!n5 zgEcOK%iLLV)NY#?jxFc{k!)6KBtETsLEL5tw30XpgYEBku9R5 zzMAtW{K2<8L3imbxX4hR_GOH*gkmM%_-Kjw{=e}3 zK8%BtKc&KSzDAvg;>+`{|C)D7rkmsYuk7gs@7L#BJi*aT^me9~-Rtb<&D;EZeEfB{ z*T>@HVR`rceDrpBQ%7(1uPl#g?T?>GBd4br-EcDJ_TfPvT@W2*u@h-zrD#^%yBokQ_NT9yHd=dm>^TGa5RzB?nJ^X z)R7f`4^sKI$;{f{lS{?QDlsFjCVOaJw>i7@;=2g^(Nq~7-PcqGVlMt={z6CB5Vy?V1`4zY;j|q$0;j~jd0Ll>-nxOEy;A9` zQ;RU!NeZM3k__lR1k+WB$0;@0A^3ktS)CdjJSKm{mbo3IA_T9 zleF3>5T!{ZJ&KW>Q&3X@7>5bWr2E3#Qb_^GtD;7s!#k^JxSz)!SC1?ku)FW_gNAdm zSU4j4m~-6y4aL>hfi&5sn*OtzN{1YrYQO0)7@nG3$l$2J)6=Am5}w=r z%hqaGZ4NK&T77n!>{>TQ{>V~>K0adjgS``#SDhtK2Lmp6sU@oeiRqF5PLP3OjzU{f zy#$FGC1A|}(p@2yHLcq9*rJk%lpxsM|3GSFNG$5rB8EYIJR)ZdX_XrXd@g^o2(O;( zMROIdvq2}4Q7o$xUYnSU&_Z%-? z)#B+wex4kIv(zj#0rOA^bF>jO2{{0peJZ1-JIk}_v`u6gPQ1XA&C#{vhlr!h>-I#Yj&A8ESiZ?dCDL7e)V&WY;BpP|VAu0;%?P;>J4;6QlP zC{>6!8*Vc5R93Hp(LBK4<<&^9t1b|YOSb6;u)z!Bh^NR}S;2>~lO|V4f)|8&xZg5E z-cfPRI`DvP_-Wfj4#;L(Y1x?dik{>27!lQp^f`zGkd{p@c{y;M^8VtyNsmmlof&HM1-2h2|ps#NbN#jWD`#TP0m*-AlPK}di# zpXCM9n2_wz&S0pc%Fo|IW>%Gs7`3v9(|yaHw^q4EBNpat@&9n)A(8F1Rx9{1>NLsx z5tJ49)BFcNbek?1J*pftrz|s)5k(5Bxti2Cz6%9RkR7X&9QFW3Be{$1SXx8ciVh0p zZ1!B*8szn+TDs_Mi!qH{BYVwWTPcNb5K3E9AJvb3ops`Y-!M;lO`>tW z4&lod>@6C^-IC<2;Th+^-35hjfD*pKL|2U^t_YRd$!rN0@m%*i+{U$m{2@A@S`0`I&{%UckmTJc9%*E#SBGV>W^q93|HMIQ0-?J9rl^8&Ye zrfyE~rd_G@BwU>#f48BftS@n9M20MTS>^a+nLpE4f6$HPaT{tM!Ze}rx`&jd8JYu0%{Ycm=H7ev!7g@`XbOq*Xu!BFDv5Mb-p7;f=+sp2?83Pr`dsK=WWvfM%~9h2Gu zJeUE)q3C)xoj^9kc|vhfB(Y_L-j#5(`@s*D_{(WMb<^ZBHA z!7*CT5-(O?s(SYK<9SXZ47)xvkcw&6q_-H$2KD^r6&l}+BHF)8#&lE5R(qFGYG@djC=%D&t~M?b8TTRDW4OSmZF?ZTE=US1{$GZJt1_DC$RJA}&^Sc_7BUS* ztTLF9yCoISbhMAgb4K1yP;F-uGCVmdD|bCb@FQ3+6fqDOnHG}7np`!e8IX+q5zs1^ zWwA@j!uDO7%s8AKx&?UvIsl5wfaR@UC5KQ*l%Esrt}0S8sB@5I5PQKvIRN@LKp>2+ zR(oGy?pDhOhxR*9{9IlVnN`DoJq^kB<7P+DbfpMd` zvUPaD0;B)iqU%WhGv?lxrQ~Gv^4y!umA#w!-sso=*YI7)F-sHfXYIYIloX`Wgp%JS z(J$?>dXS_McgwkVA+-1#tfFBprg9j^|E?OC-0Ibkb7PI2IWpx{Z+V?E8fo4)A8Pu& z;e<&9aCV~YM>WMt<4fogVv8>*bw?y_NEZl=@0!B4&BpNViZUZ zGCsGH|9%gUcfg%%vya%zO0npyP_4x|z5He>lFZ*{#+poB4u8p@`rCRP#9HqYHWk32 z{_O7#h?=1N{rcF(C(YxJTy3;y$+$GB2v(^iSm#&ICrdGfIR4ExPFIu=PlP3^)s65Y zS7QtNC1SQg?G%eoCC)}IVC6=VdD-4LZSS58lZeO2?ONW*eX(d0jnW@XX*J!JE6pUf zLz;A|KFd7$VPdxAZ7Jb`L4^>nR1ST+S?JJbJ|q7SY`pEc^4tLw!m3t`dggu=b@Mc^1EXMH+K8yE4l3c5XH{tId1Q1rsoWRo+4jiR(c1QDT2hb_Jm)u!Sip3El(`0s zfXL4NsW0Kwh$9R3p@G!n>X%?fokWnR#XhoGfNqcaG0O;Jd8TaGa9SWH_OLHm=Ql%1 zqWiUb>ir3!X36S|7g!QFB*NBUo36@OJ7)q~AaYN{3%Pa0n9zY>(^EffjqW+SD?VkN z?Q+aUb71~U_Ru>bRdn$k2sIIGnoV5He4ISCv7>*^83Yr3y0F4<5#1E$XC->36%Xbrz^XJz)! zkN)hNG(@#{-k;xaqhk;#lxdl93K<=ArIB!CMPz_Kfxt!QZJYSNaO3N1cf$sU3>wa0 z*df*t4~O(6=68%g*E+_qPNUey=F^@gyvdMZmF~9{%ba_^x*Bv<4&g#x%qraIBtg3F zD9+3kELo(oeMo>p#8eH2nA}|1o_-+G4WP6C6#S9fC-)Ywt^);HreHM>$u=Yrp`zS< z)Y={FYe@E7{IEqVIez!MY`4fY(#A}U8R_g_90a7(N?DF|3vnEhQdJTrGPH6um9&KJ zU=%MoS#6P|)zpit?tj?EqyJ?ar(9&gwSSakr8yNd7+GukNrt1DKm;^2jJz5m^Bl@| zUoS0m&%d%?$?q%p=6n4uheb(oiQk1!FMZ&&{4LfUSsCQBIj!u%DF2+1lP{O;3nUel zO~5wAEqoYQkez``RD#X^@4eYaxdq3ueEwHUic$b$f9m@GZT?#8koZc7TcK)T& znAZS@((cG{WaTc4J%C;oLAMf2X*p~}B}0L0Ed&Is0|Wg3gEk&~ym0@EHZrO$R&*<| z6>jSUKGzQXKw-8YaDsdF@F8CVoT?>Q&Ckg~)5AXz(WnpF5cvHn7?F+2|MVkH7?t-J z6|Hrnv8dzj$OIK-lzDRaE~D_vkeOGR-n-v93fl;a#YvP%pEbVHq>03q5B{^ibTaoI z?`PwVYh*U+0zYodr2N|{Sn?bLFtpCu)2z!Zjxvn7g|BjgK~e8x8g%Ja<6w=Y>(x}9 zu~ILK`PNsh@AIeJImVaX=aYd-AM8(F)V8^pUJgkZs0o(L>vgb|gJI}KDlx}PTdL~9 zr5A8QY|C7*@^l~vhA!vCqH9Au#mOs7; z8+4{!JH!-!gj;2`!2H5}S2huw84k`QAB;tmiB*O!p|1E55ZX!v+!1ms*Wo$H*L=Yd zS?n9q-2n6R>PhX-Mk1f3;CaQsBibX2?EQ{*&Pl;au3k}#hnBNfTVq%)tq@+GqUW1{ z=@|h|BL)fj?^?&v5Ml`6nPGU--CM*3QwfkxDwbkFFY_ct-%=3SpB?2yLW3gyhmkhw z6Xs=0i2l^QBwUzSbJ6;R%?TLl#-}iWzemN%97Lglv@wZU!zih8FHnw#`!jyG*P!?c zXOM$uX#yJb#+zF7C(l2bgyKy5Yr%6NL5Lij2BCN6c_Bz#p{NqUS+>M*3jR9*dlXuDyaGYQ+eTytsKf@$>p(EWDa2+;=z#UB04c|A+li&vS4|rajY)%O(KuK){!ZRK`DHqFn3Yu*rddQfmiP*%k7O0$ctIZ79gzSE~h*I6qE_pLv z`IoG+#_YnAriCLaMx%b@T|}{<2khlXB!jyOGeL@H%CGsW@_r0=iQ)SaHNEo0>SldZ zVRZ!?2vP-U5?MNGGcZhE?B9BRRaOknb0d@YAGeu(&fXQUjPg9DQm3U zM?ZEzC41E;9>*LzA-L({p$=U+yRMPndyec+nF@7yvwF^;gkPzlIOX)Z~g@Xjc^xC8xG z8=Ak}>eDvxeImjvY!nz;Ebq1M#YmV9WS)LiXzy6LflHyv7I}uF9Y?QZ3!$_JnI&edP30n%%Ik#v%F~h?js}N>%k;XK zDukf>9F&#oW;Nks$4u(;MTW>o2PBvb^U^(vIZ;Wq?UiXze>@|u0soaBZNs8h;gXFJ zyT;b!PfmxDh#47`fT@YG-IqX(T#$Gu&)TRRBwg)2!DoOjQyeRpyeFM!KrBPm39Uj( zT-qt})J{^5vf?L|tNvvuoL>JvuAWpqAipFSyYvC$j1|adOiy3z?lNLrzTKRu0EhX| z!}!Cn^PKac*4BAd_HVAmZDxfHYHb!zK;IqvlQg2Nn~}q)gFQ#)Y{cf+A$q^!CQ2j`sRZF1Zy^)))O^ZMr%`|6|SW9 z13}ki?%h^&Gx3l*Ry-69m zS_vDp8&5Pn%gqw%9o3hiq~4xR-&gBj=J`L!DJ;6w5jb7olgj-M&$cJ+AFH?MB4?s1 zX(Gp!mUfHz?UYfLHeb}?!Cce$u*^!rjpX@YE+(@lZ=z$~Kw4I@*qj*pDIIe~IShG@F|t@7E_B=>0{zyuC+9E1%=(}z~5 zJ63LMIq0_@q)?7z_yo|wvISN0HyIXi!fmZcbNz1WsD1YIxw0$gV9=+2pJ#!7s@4aE z?n2tvJ4}z7c&`9J9}W#qLQEeKw)^v!P~%#N{^E6zNU8-RAGQ(?f7fpFjF362M zT=QFcT`-rrBIm{KU|1A=tbK3!O!4k`YvKH``|%(?8t%8=gZQ=`7vAJM^W3CNT8txn zh1o7=*l$`1uJ6zZ^Zt0F$C1)sI$`Zd+*UES%Oyw#ofvOjDKP3$^g6sSu0NpBR)p*M!VM<{H`Ya2Z(ZiU|>d8i2e= zZ;XZ)CIC%0x?DcoFW?mB_(aQ4l8>bhRKz(E+HFLRykPUrQJ`uXxzKocRsp|&5YgYs z!h{`z^D`?EF)8)OxDMw4{;tA@R8*x(&0GWkfIid`+`b%-I81x8d`>4Gw-k}l?aGNB zh&_RGCjH36h?mjy7EV4%LMVQ$AdH91l(3Bc1n#egD4dS*4&=NA>?Qfs3SqeuVSDAR{$-06+P!S@BG3FN!glk}$qrGR)BzakHuJk~ zU^{c=zhq|E+oah(Wh&eh@2~USkly4*$!#{4=QA;j_3;V=En8 zruPQoFU$a$Kzz_fQ%;_nsA<14H+jS-rCO(7PO2O|`1x zk(T)j0ow2&LZOHF^RU1BFkI5I(tB<(MTpR|UQ+5s8*x0OvLamvJRBX?4B>YtOu2NmE_W zqhH0t+sFvqHTVT?W%s4hxqryA#F2wNnWV}rUv_k@W}kkyHAaOlNvr!0JGjDgAm3|N z-N~RrJ0jH_UAqPECmN0DSziKB*Ps-dYr>AZ^6=!T^|I}cJLslJkD%XFOBF6M=sdFX z()AxGy;n7iF_QKdDh@TcTXL zG7MYcs~Wv8vF<^a%JY=znT;q6AKhH_NKc#f9t(QPo~A@llXNfL49;k)MmT(C4g+;i zx)c$`r(9^o2msg&eW6*|Rd6WK;u5<{K7-^neb89AsXF2LkTsf`?BJdC8HI+bJr@NA zcy0^iEi!nLVk_RRIce+b!gQr-I_f53W`47OBSPKZ$h~D^YnN0AtED$P5 zB#UDBpt@xFA!S{2*kTER0A4vBIB0KbQw1%m9#KPW3hU4ysh)t|M{K14hOzp#b_eP2 z(eE!aAXGJZZC!0_JS*IKB}8L0plLjfMeM@wJXg{=N|vwNg~ZJN2be%-zwF55+b|gU zg=6pA(Bb_!*uVRTb2j;!uDNQ~@}=$T^QaM6Ci((WmyWsOo-uizytg#Dp0Y6I#uxzTGp z4JIHJ_^}Hk?Hx>?3Rm^GrXnAV;MHS$W-f)tJD&p+y&n^eo4kwR>OXe$s{nx!fGc-& zXca)?_m;jKGS8(HeNHm=)pDpt!rp`i>z9AQxwoS% zZD;P9`}OAz?C6)8d&D-YSeD7Mx~%1Lu>8i(^3YZSFPXFu%W`+hn=7=8jG9xxY_um8 z7?s2BM;l~Di?viua6fkTWc#(QF&d%ztMI!}stXRVrNOhNv<9@?=!#{bDte8rwct79 zy$Hb6l({Qa=EH3y6mRSrwNh9V6M5LzP|;?6X8dJX0tp!1Ze_JiV%)%h*{ZG9jB@mm3Sq31f&YSk_TyEDUv zK$4XA8gz1D=D=P=(leHWs+h;xm|3#onYi7z=>%SA4 z8&_6HUSo^3lsDwW=9R5@vu+pjOqO1X*-Y`3dSY;Nre__hhtEafl8Sq6+U&$KH*?rd zxO6#Lgi6-icl(P5as@|qFFASl7((?;qDNtCNBND8?EC{u+};(`Ht)4CqpNAjD{(b{ z>)!Btx$tGLxn{6%9YJHN^Qjzbn8W}*_C>6IGZm;VjPWP|$eKuWPT&P2YY7EIv{tTl z6e$4R;3i{T9@u+BD!t{o>i(hdIa{K5SoN0}^TQ}q!FDQ3ejo@!aX6a3FK?xjuHYyKsy}XrZ)~;|sv>tQ z+$YBQfF=+N@CBJy^x<0$KIj_?EOpdt)bkHP+0vemC~TDpdyj@p_9;ebYbcJj-|nI1=^?e#l0fPtOlLHiM! zqFSK%H7giZ5D@@9zWqwVnJgJ;g<$%A(t0x|FLx(D=07z#(UR1xl+cQLvo&!pY^)LX zS_=l-j1x2nHX3b=)8EBc=2`47c4Z3bN>_f>sO-V=grwgZ!1Pt`^bY{U1%beHtmJ7U z^PofIH7l!Pux|j4i4_wJQa&;L5}*9W244;DW?Zr_S?-8Q$;AB1cBjBxc2bVo=#*{OE$kT~f=tBo=ttMie(a%M7sLcvln!Tr?J8 z0ta9%A;yo*6|uM4#lM0FjQ?ahl%s^MLasb8I%FVnYp5k0t3#4&uVheb+iT-90hs1y zxXImFGrC_B21S4cYwj3BCU<4`DRfz!$N*}yO%zaV3Hb;(dsDtj6QG_QCFb6$WWICd z1TXwM*F~chk(qJ@)#t&jFugu-`u+Ii$_edRP$*)Hb5XiU%+5aiu-wjd)xjR3MhO<= z=1+<|n}7D~46YFNRk_9LhHA_b24R3&X9O!cLU{I{XM{Jq9eU6Z!33*$wzae||AXJ9 zXI~oawtVI|>*Y*L`)OHB1!X$u|3kJR_Kf42>*R3{i`ToTj;d3^(Kf$A6GYvGpfK{)s zkfm!h2P6!p?`s@sP=EZhUb24gFS9=z`4oQo(HJRz-1;rDvj9+-gKG`^qt+8Emd$bd z)Q={y3zX+Mw!V(VvXagg0~L1~dr(fd)|!HV)E8^*6|zCVA)67D6Vv;20+DYYXjv6n zH;|GPQmjtryhs`;kQLD#DW?rMZu65H0VLhF^c zP5q`BywMnBY9M3r;|N%)#ad&wb#`;;M)*&xW@hreJ5rg_3^>?=ml(l%!ajnYVLX^! z(Q()VE%>O0iROLB+v6SD!G_9f=X}zrY__)*h{FAijzEM{ghor2-WWclNt?Ap;4+*) zDta^~rF3wK=HQex)xI^y3@GD9rY5gt9)EOO6!u>2GN>`fSAi~x4@997Qo1II z{np-Vdb_`jS-GvWlH_l2LNoZ>?Af^DV@E=z0vw6;3jBvdRSWFU6bMDZsb|x@*}1NL ziPl(P6PCufCNR&*?|LGN5mN=N)LIK3SfubonP1G!A4*8px3EUS9vnlC%$L9n|7h*rA7WK=Qe zHSd2h0VvMNmNFsdVuM@w(nAwZuS`d>(FE#Dt~T=|;Y zs<#W)^@y*T{tnJQ#!Kz^60Xn2$R5p_*ZHiX5S6v5m^$-ko(R%aWlnm261^o5x4g#* z!-iSIsa=W++$VDTb9qf6``us-OCIU0u{~U;jY?K+VN;e}X^&lm zL8&x4tEM98qe$Fqg2J{piH>}c69J`YYPJxTz)KL3@DeRmGtwo9==}wyYnWL8=9pxKAOP={clOLd! zf>LNpLys-QL$xBqa#p-?eUCaOpK|oB)jTy-H24x@M^MQ!eN_!&q;Sb*ZM*XH!=p^0 zea+|=G`qQ@b*>NY0mrM=0l)n{@I!JEj$q z@1Vz>x36fMf*^^Mh2P08R2nO@$fa%cdbTBgCPUQ}P4AgUhR!s)-Z3p1t6@@;0M|93 z9auLuNrM{n*1nTa2@uCgUdyU77TWT3d)>C@FqE~jbvzRf%=BJ`+F=;ii2P%FnrTv^ z7kPH_SJu!|@~zs6zI5)bG=(sx2HAF*sOKDXkAv<(4!TEw9CQ!z>(xC1{o%GpU+?gn zDY+0eKLRJ#@vFDo5wkCJXM&b0NTgqVsHo7A=$DiiW4(0y!xHn(SY>+h`ks(U*3jXm zcv#+`W+p(RSyQ1I=Pj3`;UE4m@k(uj6jC+DFN5tz5nM(qnrXQiOO_|$yP>nHp-pR9 zq>U5@*U1B#*4>FeG?xtZ``aE<3g+&-8xG^^kJO;P;kS~hEBQ2ou=-=KkgV-7xxZlI zVJ5j+c4G-F%{-W*Tmueh>1YcyC}w*7Ib4m zSH(n#pFGW&@UR-~#ri;YsbZvjcSs%{S}Y z2QR0@xY?0zZNm}j+_U>^q&>{`n5daeU2nAW&-S>FGB^1Ir*;ZTR^EF3gd&}T5`jkg z3k`M>N(7zOZ^(5PO4dS>`wt~ToZ1F(dpwp#aX;I%F*Uv@s8ZpA8g^`D#%{eoP%R;0 zcdk4rU5>1+LHE!$)J%USB`$fwl}6aFWj=KWyBA$Wx?U3cZ7505AAEG@Tv@j-dBN01 zH4uo90fiZ;g*0RSB9ay|S;?tzNkixvlMAdqujr5Q1XQXn8Y#d*QA zl!S;0t4_M@amGD^(-{48VyV2*2a*##x3t*H_b*&UlF{tlexB|i*tmj7EB+pnc2g@r zoL^p;H{9(5u7ST}IZ@e~l@uvi@Xk0j3Ug_obcTy;yJEElX&rBw6t}Eyz{j)_{HLIo z31{H)xIoQrzzPf@^}xii-(E>KHmR}|NwBR#F+f{ays=pYnJmjz@MiM_;`jNY)ymnE zoZYhGiQ=mnt+O?6Sk|;PdqOKdg9Qpu3+H8?;za7+N$12un>TXkhVoQ>;P}oyRnqnX|YiiDJ8KL!pH#LP?CU~x3vyCZ!7@OLl zc^s;uXsBHwa2si7#2Rc|7?(?2T;S9?ARbDDCC)^dzevz$e@5(jje4pfvo~y`Jln4^ zI73ccr)<2%8OjhPB!QOi6jwAy4HQk_c>I}6Cv<$EcDPcoWMRH<&;bBU!|Ae`wr7%oPUwD+crnyKHk`WRT5t1D}`#O0hBtAbz((|Jv zJWot^PMK$VqVrf9bCUgFC&@XO!W`S%fduDh`f^kY8%l0YPF;>bzusbl50|z)F=ZJN zl4D!(80pFrQ1r$F4*yMR_*?IVREt(~}32k0TI6smYPV;|S!TwB%UQ zaRg+j`av+^IJ&J{>Bz~+#xV@&QjsSm8pli~YHE`4eMRvp3C0I0`5+}9q~w1yDLFAk z_mR?bA1O6=Vp?u0=}At>?GkQNB(1b`+MrKSk?5@+5?XNx^VoV(q|{7&f28d1h{EwvtB}M0?c^I?07P4 z0{ESD*-!Uor&cIWN`BoV@iiXUJ3Z+&oo`Q1cAc8&>b4;PZQ@C;saXrjX-renR=sr8 z1jr8evxRVSpWrl+V*+eTs=g-uFNot)D&H7zwYCAF7kn!MoAbkyAx z(`1+rlZrZdW2dE{Ca0fH%+V&X)Kf3#DjhAy(@wX)l?-zv<#afWG#Tnpy6IpFX)?rn zrJ7DmGuY6zE0LP>WqEWR1^d1rgg{rg2s)2wM}VZdTYbh@9WLnGJ3@ZTwLnihqGhW_u; z9B2DTMMCfrZfe0wj`ZSQjI9-}3crJZ}S%0dL8}+}q>at28(klYdZq&b8+0Zj%tAQz^ z_Y>Qw?CeVv_o2J$9Jp}pA5N=`9egrO8xX>pvmw~nZP|PQ%%rfSm|c|?S&OC_oYn5$ zdOlp(*Z4HSm(23B5&Q&^+&p7K9;3c+4F4NCap(wH)pDh^5ZHJVMTwXdfor*`T_fs5 zv>>jHxWiP3R?#g*SYEesL1(*WF|d2dayTnYzp#JNv+hK(#CwlY^u^L&>#nfP zRZ_QwnkoJh1A7IMjBajTFtBEe$M4`#==#m_&_+VNvg=wCdOfARH>VGxw?nCgQr*62Y0v<(?VPpHVLB&(eGuH|pTz!^ zOewmWzG>z?yHo47q+(VxnnN)P^Vg((<06L&1!A>zlk~ZGdzrFb6I-%S6)K`MvT}S4 zjnG(P;H=kkKbrcEgX-t&=8TjyTXSLfh-#?7Ei|qx><`Z4VeDoDKm>ycLVCZ&$z!#% zov8&+ITQnub)(2pk02kJk|>NCTSLbkk^ql$5X&PT{K#YWsXf8M!&C7n%zmynRpRy0 zc!;gsZ>^Oy40@gjd%_l^I>lybA+0E|CK-E@JqDy7SlMpY<*c1txFWFNm4%}fUR=+aO&rM4e`MT0)K2|VeJLGDAhxw zi=`h82vrnheyn^5y9*r^(R-k;5g78+YX=X`sA*`n#&~}7B}mg6zSj-K%5${qW(z`H z&8vcuKReg&8Cxz{*8GLE${M@j`LQE#?$wx7U z6uluZ=Q(*5OnO9SjfJ9UQS^W)leg;~Y+?gYS~K!SUg@K03wA~>!GG2L25!?E`RW79 z+Gg|yL~%b5Vb;%U>LSW;eZ7dX4n=LO*!V@0WxiL)?@KD&A7lZcdUo9=> zV3zHJfk&QfK72xB~6}>raq$(Gb$YE=`cYV2PCZcN7NC4rL5U4tI0_&NvPH+yX9GPIw$`(t0kbF zU@O}2TNhnptyB$^>49AQr{n})8=q%cvYgX~6`NBV+kkNlV+dk3e=eH;_(KqhLPlVi zauVjeH_em19YcL$3l$724bsek_({BpUTmUQtTIM2U9Q1DHU3djvlZMiyghr~uml-t zNM&ebB@4OQTvaur`3osjQv(IqTVO(XL;*ku;WrTX7NAC^=#@8F%R9`8gl`6=ol544 z&{7)7XvJ@taI@Y=?tviht4NYWZ$aPqZ#d^&BgqnSx6SNfrgL&B^8j)>VGxPYRuI4D zH<@fjgWz-4u)5?TYy%W+xzIYr61NJ&2zgC1S=UTe5+i!tIp?yZd{nVYF$qt}#CV(> zjEBg+NU+yGPR7OLTnn2=5rsP~%Oc(SpOjhgI5`zlvMDCmi_$YF9xHcZLe@lj!>PUV zC8o5FNX(IVjO>W?yomJfMJX8(U8X|<#DrXktsIAxdoY>>v2S)ma$du9OLW5KC)c%z zd!(+d2N#(vjmT|E^=qt<0p0(GZDy$V;q%?8Vu8e-R?saxD0yQ|DY@*b{Z846 zQLwg1mA}e4fwKY;DwpE8!Ef42Y9Aei*=>}YiLrmo$vF{i0kL%G*8qVW%^3P-gef7R zD}BG3{sxZSlnB#FAc1ib-Md42Eh(4i!_^JDOS(PBukqon8VosG)eO=l@Zg{@)qaexi{$GbHX-wH(=u9loG3ikhhDc{J(TC{&07YBJ`MQ>aEq|#a> z^fm8l1G>_HkX8gL zev*QbtY}rk>hWW;Xw-QXpCJ!}9R`}@%1!p})+j_{O`(c>_T;lC&z@`97_ItLv9p1b z(cgYHCm%;4>XkerAK|~Bng4!HK9Y}wT#`%T|5yKqd?Yiy$!2Mx-F$Y|C*qk_di7OU zFzCglaU3`ReiBLxW-?$f)=U2Ef7^F8Sl$pR41{MVu!K``2R6Tw-k@Fa93n3DWKTYy zJsYp=E=3>AEtgPc*R1s9+3CEubiKsS&eF)TscYY@8fHz!20l4X4=gD-7n?h}i4p|M zQdj)eRsX7Lma*LBdEq_gwxbMwY@CAeW=<}e<6{LTQIj`^CDN^r#F$$3fdg(oH3su> z=5IwLJIgFV)9g6Nn$bp)ACCI;;)f&fH8@e*6szo#6G9C|?6s&^tq&0d z4`KS->`9e-`?IwVkRJfG30B}HsdsiH>?T6QT~h@K4d`r=!lN&9a*l|vz(=Il5tNbx z=RA65mL`nT{5y~Z?Q^7*H8WrgA-dGu1iYVG({kt+h`n=HR`BA?M%-Ex{(`OPEra$5 zn%a5y!fbf}O*OB1-vx@H2yU*a>L1fnb3wv|ZjJK|=K0+=eRPJFp4>DiKZszyQIMGr zFzwIIyj=**)I9&kBp%=K@-V}DZkTc+lg9rB<*^P;2eI>yC*5jK!DnrW#JHN^h=&&L zJfG#<2`Gv;EfA11XgQ*}qTZa~eHz%b%=UijnCY388)&PTEqFFg^prkWs~mlP@;RB2 zr>7dr1zsaKL|-(4db{D~%gtIV1^Pr(*Is2ycmR}iQD9mwr;)l0z0@SV7u}g$h)bFG z9dNxO&7ter6>lad_8(m!-Rb=3QF*eEIXhoMBd^V+EO?d{YjgBw=RJ={ujL)NW4P^r zdZX*V1aGK6i6{C8hg;Z(&9XWpwOW=F6Uh}E^V;hK&-aDy%mqbZ<{SU$592)XV(BwlpWOhD;b_|Hht24}!nOqj zYK;M2R3!#g&I)$R3U?Dc?A9PP3SH=RC@ux!(7-(!x7Qe`%Yv>(FGQ38B4+t!rtdF0P!j96LH@w#~OPVHjA-G9WM@%e1AkwK(F!Qpk55 z1j1;x#&BQ!z+c91j6Tn!MVsBQ#(FgB4K(&?8?vAU6`8&v+Yuju!kqANgb1_3>Ntd2 z+ZcS(iyMS)G$LamRgQWKJuj3z({#oH-Zj6$C-C3ndJL#1h7B^-xLj`Mg)!&8#p-FG z?EN-Hof9@+fqQogwT}ArL)KC?f|l%PTt$Rk)tHA@(ApVIU0ZK=L=Ih-ybp$Sgd_K6 ze@0q>JUYX#{$vUWcwY^OpS{^!G()zUeed&*MJmmFzN@J9Sr)`SQFBkn3nOTP&zDeO zSTZG!kDa~B^w-#mX43*tPZJ!4d}0M&(y*d1g*vPv4hm-@JB^zIH3CD1nzfBBNITUKvKC6xlw0VJL(#aE&X`I(nCMhbLBSe;d`j*NbF1a=$QBhL?M z0r1TBVM|p^)hC}ndG_Slj!HiY)K~Q{;eVYS-v0MuIbazHc-hUGdN(D}R3G#rda zq3o@wei zGacNXK+p9j*m`|r$=7dRzI{&4^W2btRN3790)W87ew2-o31K2)J6^5hfg7T#o zYWL~{(8ClNjBLVt(^|o_KJ2X#a=Kg?q3gmhxOfPOYa6X5UNyAQ_x=JN zrGkit$-0nOF)VuPB|@o3w1{Xj?>cl?{k@WdnoulAp5Ccf1yv2t{#wZFMz1|l4;p&2 zw^BjQzq=wYxw?th2Q=+edI`$Z=9p`lL+iAz(uZ^3vJaJ1VGD=dn|;e}x>}oeis5n> zdbyDKKPLC2WF{=tb)@J;f4lK{Ye-slWqkcMzBt(cOtaG)*^)boHaqCKGbh))dQM&m z)uIEo+4@WvrkR;(;NKah;nYkq1hKLSd*l^rD3N&LBle;B!_gTz`mj{`KcZQxqdB=K zT|XTzmaMK3TNcc`5QNE>q!nIU(MLdv;P;WUujL)dC6C6NyVuTJ??x7&a z#m0VJQ(zAXAqLL;=}FFRpQxNZJA)~ho`;bO<*$<}a`fzIPOf;#3tAVOGk@Lgxgf-) ztldPws`m7VoX8qxq*c6v*>=;0&}=a9^)%SCHpR+Z^t6Q7)y^d~9EtG`~EX`TK;n--)zvCNv8+tZ-cA&{m(e`;%{<&q>p z$349*-00s!%WRZ!fC7b#K8_)3@nr#-xA2N5q})TE$bjsxVr>WdxaPfNN%r6L3}4{y zq1^d%@4ln*ogiGpe;r+&F5qjs#^n0$h>r#muk zqI4OA`s%~{=a4J!yXUc9(Ob$3y5I$GHd;P7 zo%gzSD%gg5Q=`cukCS-(f;&rEC`L~7-=5rQGI@&aHKKCQn$yDA|=%I7SNI z$U41X%&~n#pYA(*7UZ?}TS_un6fBEc1>_Pp!hsx6-HhvB&2Rn$%9~Nsp5OsIdH3r4 zsA#jEVs2{IdJErLCl>iup*bJyV5SaH zEoBqdUTSI_TBZfZvMmbS>!xPx%(pZJ+hISB6ww(@dP|MS6j5~zAU-r3AU_XMPT@8o z*XZC{w+pae$SW{rWbV0ks-z~EM6t(sqcZ&OQFjfX3Y?e3=$xX_IU z3}NWTBu*18ma|`9RDD;|kzPLy&8U19Ra;rFrn!W~<{C~s%%wbZrg_Q5CqoV5GNu(- z_Ld*H$j5hm%cKd<_611uJL80LKITyDwUr*EuwLlC4|?!!ZEt_MQU5At`1M(pcl-b8 zIF9>9xv+tVJ(^L@dg3OT=3o!`Gq>=5v`u zkSX|n7WrLKktIFBQ~k5u~~<%9@o>SPoH9~ zod5N|{uhxop(JM+FSj2I0!9dbeD-Wk{_FhpHxT|GV5A*;BDx&D|e_XwN z(^VblzX@8S+sDF_XuqYwmb( zQ%BNChci0|_RPLulOB4Bo}D<0xt_rVgQ%C12Dp+G`g#`dTbnSQCX@xhH z*34Xh5ZWD_Ex&qa%l=W+UAYDdznno%L99eWH!LHv3~T>zyeWBv=Z$Hz@d>nU+MbbZ zhL2=yW;QtUu33VG+FjgT!q^D~AP?X#kHbK7nYBXekRqJvh}4PPJc$Q|$tsYJMx+9=$PE*NByFs^8*eN9jD!iKYPXCv!MvQlQ3P7(TJbdH>Fo+k_@*mDm#tYz;h$gXeY=cV zFuTDO(ZXEAu$T#}OGV`JtQVJebo(r#yW26TDXBr2%Ou-5+1`T7o~c|TOIL$0Ar-zG zodXuGHSX*qEH}+SO+dU_CZA%WB7$Q-bp*#gZp4WE;ma6F*Sm8co;gcw-+kB`)FjAls3BaUXi}MG~1vl0bS=MgrJhwfoRx znwQ3txa&$x*aY9c4f~A6A&j_hqt0HBNb^YoOQ)IKd8(T8(vv6q~J1W{VtQOD7f1mvD`;W8J zFHTOre>(fmzyJQ^hdKP?cc)*RezZUQ{`BhJvYr`Cgq5jlhPjn)u)Kq(c-QB89cg# zof^OL^F^mb0fEcxB~MIYv`_aF7aCSpvZnQhIoY(isVk}wC z+j2r74S3$)kvk|-Yl`36m?8HTz_JU?Ns3p1W#NPg1p6$_*@qUFlc@1L1qaPnhE&{-RV&7;PC+LidamjSvn9LEk68`Ko zZKO&gLC-YhWR}pTrbsB4NBU9>AkQm%SFIyZqmce0N`GJ$EmYXxO{=Ql8FV%QO%;yW zq0P0|2)|Vt$)zyQ1fiN6<0gpBWfq8|w)1mee~-xoS8gXeQxIg7TJ=)3plp~Gp!^$z zD3{>gcjBgU714Jtqu@pQZL|ff-66EX1fuO+pW)lnDpt={EzhUjn@>{6*;BNMb2S_4 zme%UgJ>KVQUP)*#8g6tsiw&VRfXk76>mj~&RvN?avQ1`6w(z7f@i+}c703XYxvsaJ zu1^+hiIFPf*G0nu#oFY-8T2|ewlg(}m3 zm9ZQXW4tb0bt}{vS)AI~z;VFPo31XsCJkUds+rzkC}2~|k|;qdwU*HDBcm0~coS$9 zR?`gn%Yd^ErguiNQxn(hA6q}Sr&-ssU5yKF)V-Y*RN37fglp7eMe>cH@tj=@s8d`T zw-3yNP;%*NE~BIAML~H9U&~biwp?o#o^e@9N1Q%aOvGNOTbvIP=0RfHlZh79) z0yzLqeiY=3s|y6nSL ztP0ws2XP#I=b6hrx2wL>ROB;SXtcY0{~{J5;BIO!2J5=(K4?4aY6)%99VLhWtX!}> z_gc(=4dqT?*HZn%<@*ldbDUZ~kkA{%yx|9Q1L4;{{dg(!tBPfF(}w3q)QAZaO&uw%bt!Y~ z;)PcQ=3KLX+OP@JOwmxmj5bU}Bb99$tdNaq5C*LqVNXuLOlX@RHc|rJISn@R*5h0d z_JJ!Xfr5JrM?*2n+zBZ9lNuAE&54N-17N+s6SDc8Lwy@Ph`p%^y_GyCEwu2^BtU?r zKC%VolouOPa@EiqHYZnF;P7J>@FWF+;`}Tpt!Q{S>`1@qz7N~r3n>>%qS{O|#j0jA zD-Okwe~6%(YC)AW;p_TKYln!`h|DI#CD?Hd4vv4M;%6#)J!@ znZP)71k0FGwBBGZMbmi?7qe``TM8myNkt35YlhuO+YC;Ml0_|Vm~c4>nj2h)gg|1$ z0q|sO=qki)NYf0k%i%6*4mk3)(*R;-40{@MsU>XQz_Bc}K;m3oKL}UM6y3|=yK1(O z7o&`aOmI+?tf4t==%kSB|Bt=zj;pc%|1Ybo2APqoLPbkOM0=;DNrbC2I!EW6>vTqo zvQk7S5h6uKk(n(cWQ9mZR#wQ!h=}xiTAoCGvT*yqNIRgosWMSz}rV;fMX8eV*wk2kRSrMRQN@q z!z{=G7$GL$V8XCKqenAwba55m5StLZXq5QlL_F0%lMf=2S<6}~mN7)ki-=49uq4hw zZ0UHeB)p(G5Q9PCpg_o|_D^gXh?OrvpjJ?ym%hOKBT!XXEn*Tkzi{~s3ZF%-5-kY#1dibjXhL1f9G<{m;cL*Y)r3J(hmVW7E$g6uG)-ykCrjOHS{ zn(!nc%v8`p-E%fAEuyuqPD1 zLMSK_GhP-5nKsdH$Q*};UgGO@A_7iBjs7`a~)QG!EZGeFEJL*=tbXjC7a7cEOXnnP337}4Xos9lOqMQ!IoeVQ0!#TOD{ zi^4$caft_&X0XC}P7tx+y%3NT77235TqKtt2Jz(T;K z2!N@C%_T;Z&x4pCk4{3YQ*^3`=Z7hPPQV@f#5NToIv~OgHmrz>%|SAW0A3^n(3!Ag z4k93?R6-g3_=Wq%L{>qwQGr#RKpL@{P-5!|wWFax_HZ)=9xvP#gTuiS6V${7UW_g* zTfyUk$Y&@yeR%msQW%o0i1-C^B{C|mA>MmH#??g+Wuf`obS`d#!qO*n$sCBy#_Y;W zJ$><>5mehKTnZTno-1g8zHzexC$Y1&jVhHHox%+Uk}(^#~JmM1sgfBN_z{5H|d^ zWWIK#0zMQH6hYyjjNdVe4YFX_*9oLEh_Zd`h!8QaAy_}+ejXXExq`)uEf*#>09f%9 zm?jor!{$&T=n$XSIAC$0d>+b8xjam+q|rkK(0F*r7vjR?kO}Ssj4N|_Adk-#PgW-( zj-lV^DiF;5pEzC7XjY_Q9rRXK&aR3N% z8UOB&|GWFc2hWpjvP005nfT-i5;L0b5V0zQ`1fQH$RQ@3$D`okVuGE4`1!~L3lxc7 z7*9aVa%g-QB}xERCSv?Uw2DZ&glN{L7Y{;0Vwr5TmNc@r4X`8z+#Dt36NJhBC-{j> zkE2PF#IkmqV2h(KVzrCF5DEhb=TkV*04(_7;j_f#NCfPQODAJNzL=4hh}tKs9D-PP z9iw337pVu*CcUUB5%Ka($WRboQG#I<6-m*k8ZjZ2s5KV8Y&{)_E6p;*djQSM9@xCM z)Cs~A0d)8TG{hk3h1M=0j1o=U(g9!*Y8aRzP8JQ#6a#>ffu!`JhvJv4ixa&F0epyF zt$}@@bAwdtCkCY;dZ9&Vu_-}v?BHR8h<6@ni>U&=@HuP8FbJkyEL$p!5-p|XW%CQI z`vI}IG&&mxI7Ie2wi3JA`c!g!Kp}pUwqbSpdYrMz;-H0Ba=LJls|)bj`>} zv4!?w6Ap32X7IN)Rp3FA5)D{9;l#p-BB45+Q&P z;U(i4g4m)y_> zqf!SGWW!u%HY{8q8z@!=MU~Fs8UnTem(B`hP(*3qb~};J5he?_2v&r``Sb{oK|vEg zK$ZX%2ckBUKZ$b-6b26#2?Q|~T49uEE&Zl^i7-ViSC*ErLYf#463B3fYgh~UjbMRC z01IhvDgw(U+Wtwssl8Tw%n)nO0J&VEWulr?W@tj81t<|hkAdQem>idhJNnLOj1+tb_`I{6PGow>ruJh#vu>0#3x>K}0Ch znXrV8WyrH29zbW27<@8{+JcZr>?uTcP8)`_O$%7~D!y{@;4Xo)kf`;brNkK|iUHoZ8b+p9B79mt~5E(LpT(`o(8g56oyEFE!1My zYMVhG42LuW#N`1@kVK=i1f@?{f--4RaAep}tIVH>vMnRzkPe19 zge^}YXb-yWg-}Eu(z5uFGWkv47osU(YycS=^bkgHagb*vFWS~YkN{Vvz?4d7Q7Ie_ zI=mqi>;;K*#Zi6@F%T3Q6bXH247;SYw;Oo@LA#jq)zq#59EYWcrYD+#b<_4B-X6?y|v?IhGfwZV6uqyqV0ex z0N{gDM4}Fn7)dI`!6HuuKVpCY@XQBbXCt4*<4O$8A_mri4u4>vC-EZsI>L8ao6Sgw z!yre}$g7A^b>IxgsO!WElnnd0c!D@L+U!5CC`-06Lk%;=!An zBU#qhMX2ckj&!u*0zw-pyUPrrvxMb4gcBgmb_MS%+&sah@X(xaB+VJ((Eu);$!G9D z76syS8PO7#(?2;0(hpY#B?{dL#12`(Ka}2T=JP*_b0~yt<8zVXZIY)_1mUo~M?~A82mhO5fM1KSg8-Sr zrm&=>YeOu+Nw`kY0crQxWA)kpeF!ccyi&Z_i6IijOoJF?ErO-#eYb3$YSu9QZR4RX1HN-GF6 z#&#B0Jhw{(C{iLx@z#mQ@QZ;-HU*57NL3n`B)0{$IkY#D8;kW+Vim~0$ddnUWXV4b z>qkZEF%c^VjXm4MqJiDSge(zDMeEj#RxB9Up2bd6yix)F0j#Kk1n$O(pyRRh0Ef?F zwLWQtL^F^Faw$A%<~VWrO!yAWJw*2i_7jRtNd`bEECVYo1Q=LhVjfG33KilA1_m!9 zEt&t~K|#p3;W6e=NK%Sh5nBCNi~Rjv9b_FQ_#IpjME)&4R0KS&NI6}4IA2r+Ln=55 z1_z_nzFtb*MWG~$&}8aB=Y|n0uior6@vY@-?+9Rb32H7a+X4nhCn1+ALGic|H_&t3eV?Bq{Xa zCiY)C5556$=?Fv($OAx>nUMGlP?FyWwf-6c4vyYFj`p^Gjt&-pGxi0#sPJqE_(4K* zu>^%jkf?ywixsp@A7#P-$P(gXAcZAC7U0UF^91N+l4U;<17cyJ*f3ShS{+K~>7$Y! z`VshNv9CxVN&&o4upU9vTQxKg(xz}|8{$fW09y#p4M&|%!u#lvB-K#Nf&_LN0OFun z2pEK*p`nf;5=p9KsDle)3_5mLN+gOSa0(hDTAo{c;TZye7oKw?Sz@D8MH6+z3Lgof zNm}@VG~R*&qJ)Sx7OV9gN{^th(1C0}|HPX^c#1_fC$0wiNWy9**ba0z%Fqg|f;-j* z62xSp#fE8usuRS@BMLZ2`}!cAvr3(M>D(19@=R@Y%QoS!_~T79RKaa5Q%-W|0;1L+ z{7NQ7Fsy<)7cT*d9ce~_Mj81y+B$eR8Zyc4VNnzonGMldk~2q};G^NM;A;oJAyTNF zOyPlaDKV?UapXa4hyjJRjIAZZKxm^?LJdFzc!b-p)<_1sZK~0r;I{C92zw@w<`Fzu zVlj~addGjWP}p=dr1>{ODCovQ;2(H2ks|9NFx+C&qGTPZRY~&C4RCvfNWm6sUCeA9 zT~R6cK5@xE&9Dn-Se4lutw! zYn3cwLZ@@FYE}$Jv=HY3vyOnFXyIQD<|$!w=n-@VB~+3jkVa>PiWK({Eg6D=(1;uI zJ>dTdvvXS|jO-6jFFypA3Go-VThW0VA`x)Yz`y`8De2CFWo9x%4+x}S--i&ODGq{y zPJ;v}I7r{5&nU80(Q^LS+eR=2SpGzhM=?5d3Q~|*=sj+ieBA~Pja%CVQlZF-G$c|9 z8|U*Nz>Q`y=&UedjcO_cuMjkIlFkal*Dr?xO3vnOdOEag1+<&{^JKCzBL-!7pSj>{ z0t@yKRpzy{klsm=*#G686Hx8j!E@Vl;UbTUaa$JP>TB=oD()9)WBfFM0BVT} za%+B()(%soH@`<#CDA~(EuTkopmUMhP{ak4W^an*V4y%ym^T8T!vigGp$ci(yV!aI zARit*9)`lvPRT&nM_)8EOXeP8@3o_UIE6payWbl=FXqRRVtEI7ZSZ4BriryoW z|J6Sbir>zY2HDa7zxb}`EIN-4@*s{(egm<$1SS+dmj^M?9fp`O=~A<8JrQG`E44X6 zVUbNl2SUc&l?7`hpp=+1@%U$bfJKSK+C<0S2PR-lT!!K<&oGD{d>PX2Zq6CiHa*|JN?k`Bh*)u>gnPY*T!Bk9=;z*R=06{TtB#aXG zV(apv*;u)7KYMQgh1eZC#u$<0OijiZOPu_FHt$4cOVU5;U2L~FBYSMISPU`TCq&Bf zMZ;@hUW#pUWbsL12xQ@@L0nGz8you{kB!CC+fc?tc;Sh@grs{nXL4w!2l{WxTT3SX zCc?ucQvE&r?YAiU^zhc2Y5*U0t^OuD$Za(gNZNSf8%{J-1;=3az|!JCz`@gZhP$nu zqdPKgXmpDNizJUmXSF%*k@&7{ZGTCfHWpE*9jl4Ejs8krzS5~_Wz6Mx7+REnHErG}o<8Up$ zDvGWz#{VR2D-qQ0*5J4BI2sTOhUKzBl7#jB`)bJxZ=rXP@+<9Po(KimqC*9*G)+Ek zWw@j%B+Z8sN9SZic(S!?Sie#zzWC+84t*S z5Xfu^0jB5$i3S@90j&`TPsws1;ac7(6Y~HG;H-*ANa62^*4hEU5QxviBN))%rIJPK zKOm)e&=HdQhHN+v%L2XXmCAE1CF8W2W_HXsg4jg}_IEfx-NXT^{Mg;<=h zm``}r06g|tY;7Tle1QdZdj*Cbj5sglgwtoc;MG=BA ziug(pOtwDJz&qi^rSSM{w7DqEG@r$waJc{-nI9&|38UZz&_D*!S@MPlPf!aI1zL$f zV_IPzCYl6Ew3s=7BuJu1V+)CsglNcwHX*i!JwP@W#m9iIhz=&f`t2k$`-+b~b~t9WTDK`M}#Bu}t|5C?#HG@|_A;x-0`D?_)XnT5rlCb;n1gQA2RKyAHU zWwa)UyxEF9LF9@5tVO{UwJ3;!(>e&d6(EcFLs+A4yYkemX-@D_DfCbgJ~l)rlm}sE zW#Qo~EZ|I-A|B&`Fq%K8kRkM?1f(~;nxlv#ryt;pfVZO77~-u)F9;6-CR?E3Z6J#U zp&;5^eH2$#2GBVGJFO6@QzUkVBjO>HNp@@-t}Y;QKFEqCDK^L$4SbZiBpQVY$}DHW zmlHfQ-k5k9$)WRj6tsdOg~Q|m5LH$fP(aM9s1-3v2Dm-+YBOji74J&BhSpmo$se^@ zA}TgRR^*$f{gPvc%xl71?P12KQq#nuOeuGLe*Ki9zN{CW_K6F{0KLnMg~p#1Qsr zHm6C*$0@T#O0p#eAQ6zSMX&!`mKYK720t~$tTM72Iz+Q@aMO%1Kbk=7Vbcq9<_L^3 z5J#*CqK=NCp^hxGBd9Nfscn27)nF_@VUZv*y4c}%b7X8JETju<0HPKxgiQ);J+ki@ zw12X6uuVrR9yR0CZh=`SCJQRF$bg-TUxKnxn7k~E>S55CbgaM<%uXp>8T|~pC;>wf zo3D=%Gh|Yj5GPt+KoI^>#)D1R8jPAAB9D{!91exWV?_VMlDS~~h$6{~Ug8rfs6LBY z$OJN&%<>~uP%WIRFEq!%cPXq0AOhq_jInR&YO`=nrbp1Zki?9imM)ML?IqLJ0MI(dI$vl-9tHWy~33jKxKwpxXB&=VJk{oK<{9=PV z9)-iQ0H*6s8#%{7&stY^se%_A3biFxK zS$t*~`oB54Qz?$Y1c~VBSr3)5p<;Rgoy9YNI0opHS^zu_;W!lZ!iT$k`&xMP3rlFp zrXT=_k^r;&e`w>jP5qOKoYGqR{uS*{c6ZDFiVH;s;%I2Dj5cNrb**LdGWH`GV%5+x8w9ET4OIIN2depEaDyVVg~Xr9(pCadYH0i!L83&X)DRap;idmK zN=^FpH%jeql-l1YHCbr>jZ*s?rS>;U?QfJCk?U`i+TSR(-w>sSDs3&qsuAoQRzp!3 zsP_L;oEir6Y)c|Rd=}3S3ZoDRKxtx2Xhs1k1K8BIK*W}SSRa~``?DczAfHT!)%Z57 zG5l500=z6Tg)I1i;1a{Q2@meAAz%w|C?q`(A1 zN)(&UK^D6&g#@w4Z82OmqahTT5O)}16APJ-l0mY2K?a>n=S2%5!Z28O5Zzz0O^hv9 zIOhP!W^*8rM5Ay;S}q;wPk3QvMg$4S41Oq`g(?LIWmrmNL<1a%2l5E7pypi^T~+ue z;g1lch>C1HPBcPA1Tn~X`Q@?3u>MQJb~}8=AO#_L5WpZFHvpeb zRMA$6eZs^Hph0{N*U&*WpAruOMj>yaCM8_I<^c=}$mIc}i~%N{#fL=~LIg!rmN8~B zY(wJ83UM{1RRx8OB2r;m3d(he8sd=kh9cHA3EaSrF4>m~iwFGyjzwI?Cn&KK7FY;A zC|#77N+_HUg+%j+l~cl=6|bW-3A@>>#A~bVZVtvMtnk{(OGIRqP!7bGSd>7lFUZrl zhKzd@NF)juIYS+UkmW4NK1zg+)G7L7MTlCeAB4}yzX4d2PcM|lA_)bP{i~OqSe39vfFHsE}8l23fe$n@lYr> z4tx-^K@KPweiFoFf?Pe+2?Ky6DW?!tzY;zdIUqwg3L>#D?OmKa3JYXO^qq=VI!7J{ zphy;u6@%jaimyt5fXT=XB!y8}WE9sO860vn3uI!&$pr}56mk>VQX*wh(==K{2d`^} zidF3$DLz+*qQ3CM()bS-HT`qw5hMx`Srn$(-cCeFEU(wB8~AjJ>)HP$2r?!ZD#LO_9v2uLkiCiCLb%lL0+|-u zZQ3*_(trmU@VOKNy2RKwLLCmHL?eNKgu9HrAg25AAjHUv+=qn?A3Fzst~9%mh*)hz z;gO6;6gJHWquzFA^qYr=39;xrh$90cJN^cG3X&iO1FPl+Q2~1jnOkYUoQ* zLt4Xem?&6001G0w?kM<+;UKONiL83Gw0wIH?NE?Mi3EwC+1T@<$V^S}nDA91v5U6e zu7ER2s{L3J9EgXCpAHZcq!WjcZTezU&>f5#lw;ycEF1sSC%Q)vHQMH!t;;0z+~0CW}^?gE7?RzD7VLTa!&C`i9SgN;Hc zfFF%c3iB3mohQIJWw`;J|ME2}#}w>B^79gxHqM zElnKj=snE6gzy$N#O5<31)(*AR&0m=0sVe^+)!;n&CwA}%xO8hi%{jO7P7gBVCP7r zNu`? zaEUaDWQsS>0hc;mt>uSH$^4eg|HQMxe-A22Td_!FMSzl?(M>Q@n|M+Op{(rRm5VJy z*e$WVYr@&qGE}0Jm}A{a-ZTNSzx6OiuRm}kqn9iPGn(y8WL%}yiWJXrCO}b^vluyV z3DEq_Co+1qD~nmS++|sk0Ei_35YA4PrI@C~oaE+t#sny~kclicyO;o3fgwPqoMOU^ zj#zGi^sHe5nFqfunSfZPsf_uh!pu?0(v9r!2eKH`Win*w2;XVZJcHMbk}6(c@tDGr z>O2VMfqzgXw={5xPt5B<=MoV@&FW)9kRKe{w;&A``2to$JeFgi^*4q^zaVSXUFv#E<0xi_D!G>ERRZLpMWjc_@qcGV# z$*bhA6YoFo#QQA{0UDnPvJBuIjJWYcPF0B`(DV>71hBn|9<7Mw4@qf5;p>SMNdtwa z@^AE&AoSWWKB#oiWY?1*HlfkM4pz*LAQ&rrgNukCqQ)I*oC6iKy^-uqAqDYjRj8r{ zG8j-KS86jw4{~_k;r?Oi6Pt zj|TxD3r#eVW-Gu0Ly_*|zTyxH4UC{ed=5&P2LW2xPg?L<84XD;?~Plg`ABkuU^KZc z%$Z;{5HK>6A>1%$K#8JrdCkZPrVB5Z|A!^U2re5wYXc;vn2B!z(Ko~;#|U5Kr?$$C zSd{}bgA-3C`8Q-o$#SDK3+?}Dxl!QzXV6K}t`4%t4507frw>;UF96>M>_Dy*Hs}Ge zz);l4pzG^x=b;C$6vTSu>d@2!Eh=rHAMk8{T4R$Tkm>Yo_U0cLhTo96iJxE6ps89o zIlY?}tU!YU@Y*aq7jYTB#0@Z zLKtDeXS`^m5C#-t#024PzzPMALl5EeAP(1vOo^Z{jJWhr1CT?a(RmaSkI$hPfo!?~ z31UUSixgsU4Vh$Zm|+@#EV2PQP~zG^>t_=f0n!<;9PLAaSvJ_h;UzXXeh?3204zQ; zgu+3ha`5*7Hbmy4iZxnUKv3I;NoT=x5slSi(rambft*l^;50&l#)N}Rrmz`MG|V}g za|y}jZ%O8EHVBKKQhMtnlqGO$BrF1gB%aXuLjm|KGKIrH${H~dF4qz##1uh9j0>T_ z&$1~TxcRUQjF~AI6dpxDT;SLhJl0D8TDBo@+BTmoh-JW|aF}!!aws8_+H`hW=v~Y6 z1?ci<6gmgPk_4C_kA#`a5r77WqxU;!l+SAKViuv$a?eHk*}^FNnU%_Cli|5&W1oKS zgd&F{4UE7w8!mj5;CPFOUikZZ-ttLh(41v8`5oQaO>S~pezt`*)AR}P(U*S0HE*^7 zGBDj*eG5I|L@-w{;Y#!lKSY3MV*$*L?I!oXe{nz-iALcVU^!THR;U4qLpDNG5hD_Z zY`_FrbSj0*GvtNFwDB9p#>U2D%*>F#jg5`P{~kSNjOl0-xlv|jW5$d&8Dnm4B4=!3 zY&^zX4lw@BeQojLb9o>~&bZy*YTCK~$TeiCBKnWUw}rF0gUnL_tGPdXD|Ng&T~d!& zl{zEr(OZkLsf^FN6zp@}-Tx3{u(#X8WU!BS$E@|$;~o~rCjW@3bB&wtTzG6}H=6@` zs{*PVmg(&uG4kVObCXq_`?_fi(^@_E*vPR~R#v~Nmm0mDd#a$(GVasShCPd{Er0#| zY;@}9(@W_yV!xMfT0Ug%$L9x(e#M_WVwx1>?Y8LrrsXTbm*3lf+G2=WiPIf^_{auG*qKAKJ#v>-)lA?`p-!qFZK9zE9GO^1QVmjZ@TJYwy#| zb&*$|z3w-|Ysiq4$gxHyH|t7H{Yr3|o)kYp+w}5|%^PAtEHUcNp3LfM|}URJics^?C` zxpKAoTwB`v+-3bAoir1;oCWn=%ErI-BHQ-zI6Ljb{;{?V%2NvZcsg9)4g*`>>UHTZTPbM!p~sCBi?%kRt#5sd8s7M#%GL? zseb*VU!649eORyo_{^E#J2h^>$_&~<#?x(_@BKs1cd$M*c2(y~`x^S%odDj}{(QUr zx}n7>C*5Htss-NE8)Fg^eF_a0JKVjt^ZT5~+@w3Ys>iexufJSSvQJB|Xi25d<`X4q z1|~Ow)Qd{{ZY^CrR(tR{-Ait{i`U*>+&%k_d-)Z5_Q5ApPX(*r%hWg#o2QW)v~t!! z*XpY79|!n!ACUqq0#c2S*NtDC5~pZ-ZqF~zUZWlRInc~v7G2RVCk6G&UI}#FWLkfH z;9-ZPj1|<$s)xe{X1S}LVJEB^JMxldk-p=&>6*5+f!>#bzLjWmlBRQPRVb!$KA*RZ z^Dnpcipor1mRFuK?m%sx-?WQc()3*;hQ6M&z;S<8($GA$=ZgJ!Augd+d%Zr_`aYSw z@WGqXynq;Ux2=KsUlh3UP60NX0EaK0`}b5#GV7f`cWda&tDl!n^oy;~FRp)^5e-dG zyV~nj*DVaE_~3KvDvzFVogBozoc7&0byCso?K9Q{j`NRs*f^r>O7j7-hnWV_^|wc7@Ng@bV?R>WNRmbcO3U1fEs zf0a7JcF&F&UuwqOsZ%=`Os!3SI5K9f-KjB->D@!-I+&YXS$}5Fu{lRNm=72iaA~sz zwa>%Gn#P|q?)Bgu`#8pbXpJT>`PKodU-HG7Z_>06p6>QU|C#xl#EJz^b&dMuDxRF8 zl5iwQWl}?z?hVei>|=JOv*N9f0XbH&$#d=~7{6FD!36RdW4)hIx8ne`+=@T+*S6Ph zvguKp25TE`Hg5k?eoNi6Lhs_l+|mw4OEQNZf1z)lQ=-2-c)k3tix;~rI=?}8yb(3y zOStB`PSd|wfr+1dpu#M=iPx;@j|K(j4`9#d z7*=ltt31OU9^L5aS}|{KP>E}vnXSX!Wns~wed$p?eV6x`owZ@OYD}hnR8=A5RLwnD zX?Kn7k#|k_1!~tmCGv!p52zbrV+n+*wo8_@beBZt`61O7bk@1lw&>>k zJI%ne^jYxA5w&?vrS+c|^uJVU)h%JQ&q2E%rW;&2S@#lv;zR3KMh4AD%c%Hi@pj~- z)P;I60X0VPTi2X@7yIB*u6cK@gmniyFLQHsplGM1-nHMNJaDu7hy`UIUmrRUbw1kZ z!(GK?gO*I^jEpVnYelm>sF7cO26Wq1Uae}W9`vS4`|RcmNf!+qR;1imz4)jWEr4pe zo-#E5`GM7TXA3e87Ytvu+;y#otH}tiP0_sg+#&K^dwY#=>A%ugea6v6@dF%} zo^GZS>aM!)+>{;al`kr0U+a0`X5YenX~`=qw`#36+MiezWXPnyQdY6u*vC)BHhM(z zhMaMucwep=Jj?qEj5Bg_tmqr?t$*+8m5tqA9yGn6;_`5;llke3o_^1|-?O(1eVuP@ zz#aMESDDhen9z-HXY5|QE0HmF`L@P2pC+6i`90=qs_Ez*)GsP^yP|iF?|S{i<%VB9 zsh`7lzg(C6>-wR68D6FiQ&Lx_8g}hfb$CwI8M<@uyPOBho+g#(k?PGtUZ_sa_6?iA zYy9nw#osqE;XfYuF-+=+0(8~%zZS`M>lnb>c>o-q&JNwCksxwxQ5LA_TuC7kE>=V ze?2ws-ec>dKWYa3{9f6xDYm1snYx`3WjUSwlx_(@ga=pvV{+g%?xT@D^-;28iua@!f!+k(XyJ8Np<%*OO*7f$`+ zO!!`ZXJOqBuefoUbH2VgbLNuKg;hompvIqZjn8l-1p3>CQ{!|#0W_NN^ z*ZS!p{z(hf_H3BfZBBiiifK^pl6xB)cW;>>NKYO+H?I^ z-7j+;ov+)KC)_)gp6IeNzI52@sa4ajdpG<%G<~DFl5M_5f&F`CVDiDKyLz8ASE;<3 zesR=QMz#Ce<2eJLaT`L+Uxym^Qhhcw`jLtsNr!XQ`e4potEl^T6%5Ot>JM|DbTDaB zpMwM5Ot()`uX*pzE%Py`g$y>1XXgcVyS^{Yd|K2AC3Q8oRK?9-haMX~QoYh`tnXTr zm+HL9u{u%gsQeXxlgo(UtmOKi@0`?ce%j&ss)(bTJJ8<1p2UZmi|3 zBS*F|td3^S8ny4fjmA0yZf)*&uhSEPPsV+%@3e7S?v<${hpk&ZVEv@jt(*$C04uYu z2jWaMvQxJ`UY1zx{lJ}T8he%=)|1z>hdRr~+2h#|MOe8L*=2uKutNPt5u_EGOGIdhY|q zz8n3qOV{s*)Tm33n&%t5__Z~#=3>=kwY6WTEC`M&9BNm3E9do|S<4my6E9C(m%nmo zo=@2QLn{>wt}b2ny!>EpxYpB#?$#^Iy{LLe_LN>Y-yo5`sd3}Vs@uOlop&5M zpSs*|#x%eFoGtfGJiQ!jP``Xj+U(K2iuI$13f|-;<9(0zof1eeW-Tuyhrg4h9&*g4o^H__bn;?@=(RFWrmi~&N)?+bqk@x zQ${po?i)}tZReuO7jvGlzN{^LF?EFgvbX-ewR0>sX+_S6TmRwb^Gio!)sFP(6WwpT zNyFvDvBO5Jy8SIFyXL&(9p_`(_9M^io3*bO#pnLP@~vmLZ`akd8`ofHljUcAgfZe& z;Lath-j@%)nSMkuI*J+ZwKMYmLic?|Pqy5j6|WnUraNubzS6K!cgAq~FVPL~+NVOT z`P!@c;OvDrHY-D#fhsILXJGUge%ASEXZnWqW7!5)9?W@T-*;3+@!REN@ zA8HVEiqx@{ zR?F^gHE@1*h;^>pysI5D1}|bKQqIxlUtnD#X}}-piqM3S-+1 z(-9u?dj;2^7Z;}oHXtgqpQp9PoBMvo^LRAJ9M<` zmt!j*zmBY_H1S(x@!ZPq%iFsNM}z5)W~IhWTp#o^Rwe4oW$IUlLF>0qxIQX1=XBAn zS9!a=o{n&)&0nn-{CwPxpcy;fl>5&)yDZk+{7|?0g_OrGn8~bPWikdfHHEG z;|c9NwQXldzm3tg7@gj!z(y_5ud9B*o5L!*$aVEl60=i`Dy< z+~KZWo;-Rqe6eBI4;4$gjXb@fTj-mDv}+9h7hB7Y`|jP}2}gL7F&{JI;yvfj6;52O-V5qJ1leEB=q-hHFOrsW4EZ`p~FDa`JM%R2P8k8)oHFu2gOBpx@vaWB)RNTIXA1B$Ci9LG;_yHgUPQ3 z2J#H4>I~o7WhLx&ofQn#oabs!Rtcv$W*BtJtn{h4HrcKdD`7{^L8Hn7SD#M4r8LVn z_{Wa~hdHM|+)kUfylRwVs44G!dC|1h+~d~q!Dec^51+n!aE{S}JXe2X;6Yg6X6o6l zxyMd9DGr=kM?a$P&pS9jW)AS(_S3@WL*!Tfluw&ub7@AG)uFkS3%Spa_2|JSS6)1w z(jYhJJIHyxkFD__bny#MY9^k9Rpe#Og7>_`tHqCp7i?#7uSk^bI-=9S*8JINWNeG3on} zH@bBCe%qth9~IhfE;@C8e2-~Mm+7Qv$HnH&$RjPvck%4geWU8?PL5YM_#J<9|9ZmB z15@kIMfC|U86TK!zj06Z{bRz--u6GA5tx!*IH_b&jbi76d3pn5ud6ag&r%DUym|0+ zIp_Q9dg)fEJpf`H20Cjxo(kMHQ~mupeTS**6KFq1C!4F@2oCP$eEg{H@SaKF=c_ndOg3-ZuG{%Cj2#({JbBGiN)O z{0hm4?Xe+lFzfnjZR@auKfEI~2aXzho3(iA8_io?*tf~whA%KyiVp{tnRZbr?wa+y zW0%`IO+LPyJhPFh)_tr;ZgAaaT3o-vOBU+I-mYq@!!IsaT2$+G=%M1We)=nuhCDuT zWa*2QU5)IvZ@#Whdwf{qbcODc{sHb^BTL_H>9#r0;B7b8h60UeD?-#2V&4qh5WaQ{ zmwGNprRd^)=ae$lXK8yj>^ife%ZMYZVv-_Xe>Ung_wc7jK@JP+=9T=2`4SORXTG=V znJ!b*lNE3G1|#2jE7QF9+UD$WwWaM~PCaZg_U2jZuFH8J@@tERoITuOd97{U>6Bmd z`s$i&+%Oo>!Fj@#0sRLmJ18y4mfwHjOhc;WOj-}0 z&I!dGL-x+3#dkFRu_Eo>!t5Jf<+0{whv-)G-|vv`ToGcRJ#Z3Z<-0JaaOLD-F5?#z zXv2SOQ5rU+AbeWX!tMo*tCpS~z4+<=NZ)-UKb+a%vgBpvz3MeT%oa`R6TRKri92iJ zmdzJ74cH>6#YRd~O?scf_!=kRjV;LV?}D_%gclPdHyS} zDJg3%-D{%!{bnb<1@@m5-YwM3yL0Z=l5R08FLny8n%2eAa8+m5D_P4UBd5%=+~#)Y zn8V>O2i`|*S=2B1j*F%8yCa#$hU&-K552y|s@}r4?tpKI!T389uCl+Z4s!+uIgPxt zpwr12nyXK!xh^YdRQKF%dU^NGX-vxij|0K)4)w2Ca>6g_h^@ae-#&Pi*}(YKMfJSz zgAcv2zn2{0-&Zf-oGy11Deustr%Lu)Z3hTb?ohe0okSweTvorV}mt6 zEq5Ds<8eUHhNmXJRy+4C^3!r!Q_*2GZ`->)gDPBynfLi(HOu4mx6Qz0mt+NReEl~eKVi&cZ{q@mRBoTw;3j z0o-|p$=#JFM(1o;pM6+s%KNrE~d_1O?!bEkwcMtez>8E06ZkFTS)Js7n5mD`7~{TZqaV1-_1{-nJ6q0!0CuQqoI zPSff-`$KSA)q?cQWd{!`QC$PvD1G8Sn^3rxX9IK|CtvGYxT1@E%n;ieZEKrzYFgVs zIaS}qYwc>Z8_$;hP(*%M`4i@~bIGYgVus{*M49V+?MU7EkDN93XV$zpFCaQgb12q*cv;Ipt|K74nx<7Unr_ zetEC|lB5H`Rxp3m>fG)5hgs)K%rvz62k>0oujFNUOnKd%+AHEwDpm8Mehh;jcYOsk z{byuaMi6uK62-9dx<_xvOfQu)y}Ucp%1|%$6&SoY$8a3WiQ`z1*YA<~*&FxrstfOf z?~aV%UJak_9TBUZKyrI-?H*UwqYyOToiXV6*RZJ%*94z3y>j#xFT?flsgs-w`*j`9 zY`q=2ux^h=A@lv3nE`iv&g}p7EOX_-k5b$`g?6FZc`%a7V-XuR+7_|0eC zs9fEQ#>xW^LYBU~mGRJY&}FrC$4gw2>5Wv|{v)~@UG(7gxy1^j z6bEz!$Tk;uogLzGQQwt3zNUNK<&Cw@BV*HR6AWL{=~Eth-E!wE+?Lp1~?l zyjeKAA5(WcIXNPG*QUW4rBlab^Jd)jPb$b9tD8G6b56sX z8A<^Pk8fE&E{OA-YHbu`{W5Uys{_!?)|YgWn+wN%Er(t4k?uu7_iPEFLsto zo7b(wj&3*Q{5sF?<*l4!tO(!Gl`of{`L(Cqfy7?k%Ja+Y%MQuUL-%V(aD&pY(t><> zT16L+`^S)W-M_n~wBTy@(t>wqzD1u-Q99X2q3(*rlh?lNkgA-0#~wXbT4u0Mk(K)o zTCO-|p?S*F5;m0g^$laT6`?*J}E8iE~LdjJgy; zyA`9#jgb#M7&EifW$2a7m3HfrdS`y|T%zYmE_Yt_a)blFX^l98m*cTmF@9VZk~IGbp=XuRn`?O)bKDlyJSxz4_dgbd&ASgywGDb z#evXOvc`$yC*7$b5oKvzbrPy|b2sp}-2?Y-?$Q0K+d7j)&n>5>SCUn4xapl-cR0J| z*2+864VMk2d|t+TRX4=cazehP-2y2{@YodG(Ak#Pg74!o6^^j`}CoInx59)0grMjrVP7|Z zGiCg~jE+pzNA9^LxoPRogV~urJe8ywkM&~u%%4zSUp=Pwn?Zj5z6+fW4yRH(Xe>*j zEh=8HrOWX05sb@EpSsOg*XH=1yKpEjbl{0!OAOeC;Q{Ys&fA$smKJBOHTt3D9iHO+ zcyR1A@0va}lhfl~qV;0! z4%wYT@AdKA9b3M#WBTwZGmBjq=8U>E(>pxdmv2Fe+@N4JW#7`Odle(D9JzbRujE0= z`!4Io%|86WVREOsa#hgdE@&N}9cRv3{IWi<%cgPXG^xkdd{vx!_DN}8K%C(M~ zgS7^2XrQXRvh^zk{vLD0Z(bl6XyDA0Nn)T)Ii6k5m8CTYDTylYdv9K>d3Xk>6DzqpFoS{J5qhTI`yx37LX|#g; ztr~`0b)?T{3PBy>T(vofL+ z-5L2qzJFF>%=3k2Pu@mfYxIotdEiI-Je(E(^zz3IZ@W!#x_9tV9}U~SF&s|##z%Wi zy|&)U^4n2at~@bzM5m9DZe4#?+0P0(S!oxm?)`Ow+LLR;CmCG+IVht2AlYdI-dX-05-!MF(x-|ehp5|fqI@t8`9tB;vUz|TM#C?*7azNl2iq1RDy*>-3ufD7kamaO!(i-(Q_xDvhKHO|b-aFl+ zL$?g&4r*f(i>l(}A{CF=7s)-)tW=s`RP`${d+#{p2UO>8yg1ZaZOjY>R1WRv{NB66 zqN|oN=>6 znQI)U!OmF-oj=p?DSw`J?8*`B9BZIU_vN+Nq_T7BeEBtlUwhx3)9G}noP9^~_2CbU z?sZHk2K;BzCIDT!Cpck3YyW`_eh(w96j;bhyE? zLD!E(@o(r=9A8zv_xu9WPkAMK7B9~FH0{))wb4CqOz{}CT6frh;9j;q1vz(3pY$^_ zQlY&1Ui&e9(;Lf`Bue$N{HP^9*S_W*I~H@;J9n6e>zrjCr^1#;d>L`5rre}HwV&Cz z*w1cnHl7zofEzYxe{4%pV zg~#&CxBC$9vPyZ!T>lrRqn-Lq3cuqQ^i9)YMs>jb{6}R|@2T;=-3#E{PD<9BpAJS0 z)|&R^O1wdCrT(47s3o08&-!$~Y?D#k_}Kc|@8{1$))N}*9$(8WbTo5N_z)QHX*KrJrnt_dMxe!B>zP42c4{y zv~$0DlQm}KG$cpo8kp*@Uvp9M7W8hmN7=kveUH7nwce%g+Wj`+DyE#w6kk}o=d0OkiRy+2`pRY4srW+JiG8g~wT;NlxoTU~epVq;<+Zb^6R^Wr_ zelstJyP5sI_Dq}PRNJefTWqYM!u3~b&O!NkQ2AHGdTqu z{Y-1mCA;m=^n)ixWKPQeF>OS_#$TSnhm*Xfu`Gg5u=>>8>Sy-7XZLN&52BxOE3S4J zyTY?1Glmb&DC5S`j@yD~JU=8)NO8}+^)SoxCTS+(cXxB8EPI!1xLpILoc zcKc;f^*Rsb;@#bMj-G$~YskB-&+D`Xtn0o3D*N^JX5sPM9htP5qdZCt$CHyI?RI7s z9uJ_E4?P-3Tlo0s*$CQ~X?0&6&UW4y;NW?5?FDnYo$l$~3SS@HcjX#2aN4>K2S+{I zT|9>}A^%Q%PqhVKMm?NwvhSJW%vjGWUwZAk-)COWz^@C{8piv5I_&pBTkV4Jc`MJ{ z#t+r?gLhPevtrJV1o)*`XNT#f{W&UGqlTI#)OO5S zWot2|zm3I!oK?0Ym&UWD{d*0xwPt;Ya4Z>phU)+g_d-qDJeODtDDwMTB0OjDS5&s?rV<8p~*Cr{;MO$9mh zj8KXXw@9-gUF?E1=xqnHg!tl>q!o4~7b6?eMTKWC<()0Q1q^y%^tjvDn+mxdoa;M= z?5%WBR+#y9h~5DO=NN1Mx<@HW$(qh`J$f3O*?eUbNwzj2--$S3<{`+79pntRD#$9}UFrs}! zt{`RJm|ns25ZZ4i(X^j*rfGj9EQ}){STfm!S4PD`m? z|FeUUUcZe`b7_sQGY(uiuzkDH9EFCLW#)UXO^=OSd~JH{kNTN9TLXeS_q|+|zTv`} zDAshRq|YTu+FMt5HlMP%zW-)b+vEKgS8m9MJ-VdVfvc9mvSc|rxldEEIuleLDY7hF>mtXPknRR;SvS+o2f+q|* z_OSND-8>uK&aq}`2?;k#N88Y8#=2*+26ce{jK5j>D>2&){YfZ$q$Nxjl|8m*TaxYR zG~J$-O5Ou2x_b{C=w`pCV_L#;^-;)+@^byIE|7b#VI~);T)FvP$D?t`4a4<(O!nA( z50*U!#)!!tX$dSjH+y^fD?=NE_E+7sgs&aa65O z@XOCH=P9d|w%wVX^k|LN0r&U$q1ktK?$k7xTk-?i{%W*o>YhbC!75U8)x+ul)>++1 zpD)LT59M5*Fl<=SwR6QMls&!|=ftS|*gogDYx3>@)zj|UBm8%jXMX^ccKWF9{@F#Z zFmm#`kcq?0?cT@h9SpzxHZgEgP1Z?=wQd7Pl|30jn`XJhX0<`Uiynca&-%Hanl&Kj z&fA>0xc#SRWqkT>y=wdNcQq$sewD4y`S|qv*Gr@NvhOE-i{V80stmc_)i?Bdah+pj z*P_ma-Lsk7%XD^MyWZn*a%#NBh5*lEH#_B;2- z#ei+m>+3WeE7uR7re-zflx<>M*BjrGZp}BdHCxp{x*sVc4JGI zoo_TYBh80@=seWgC2r-jyJZbnn#iCPcepyaSbqJ!DEamK zY)sei=TY^;wG-eMhsk9X*sGjoKJHR^$S5r$3g{P?U0|hMQrw`i zeqRqc)VMQ9@flBdK2^V`jcH$6@y*UCZH+}#{ps_l`pU)EJ1*ya$RB%T#>qbH9A%%* z%WD+DKwGUN!d2L+Y`$Fx(>-Q~_>pyTNZQk2^@jr&mK3&>Br(2I?_|Z~D z>@2k3vMKKei-vrs1IBk&MySn`U%$`6>Qzv-!!0dKOY5Dz7VKKRh;q<=XIM@4`JItI z-sQ=aH>aL8P*#mbFxR^H_HZYkx}RX} z&a;nupYXF(XWL((-r*YZhI{r`o%|&!O)2)_iDCMxPNpMr{vYA~5ZnvYwEe=_v2EM7 zZQHhO+jjo3ZF|SIZQI&OzPj({`QGzRPMyiMx~s3%ldd&bRs92)no2Rt{G6)eYv8nU z%V=>qYIe7R+&~GYmX_IrXRkG(vG6FYNn;kbB>%${QawDc}+R1<^n3XS?rp9#o>u+lCKt=aH$w2sdgT)F*1Umtww$8oom zj%Y=|+Dk>j9knOn;gME!(iyCz7l*Vj7M9GZ*;8VVPo>*xeTt~g^Sc+ORTze_&PdH~ zXETY7xk~We)jsY%;3hlRH#oZnR1vJoUOegap38<{)5NMQdX{8NBZsqhq5C-CQ81ImF1n8EkJM_&&l~9N6n|>`zP5c1wgmhU=bF~;7nZ41 zizU;($LV#ui9eEezfp7HZIKcA#{gcc@Uc@eQyYbJBP zjbJ60I>*h^+Kc0WK8!LjP}XE#%9EbFE>f6)R3u9sERl^6zF{Gg183FA zmtujj-hh4)mScu3E>AIuytWk$6SuKB=|>S}reaXJ@vc8+~mME;9XiI4y0$ZU<+Z zGO3pchgKK;#@z?bVs55^oBN2a-!6j9D}8)nV7iaGIL1_ICrV7$V)q)N;(l{51Eikq z2~x#+1J+S}P*mRUQU=;#E3INUD?9$W9Qr?%J4vEzQhKFEF8|vDZRfRg?i%zu6+#3W z8yg!l@OudRzRP&+A5-Ax`1Skup)sa_FYvQ;G$-);IK`0X`>~Q?@O|+OOgRj;SwCNQmTn z^_!DLPQvd*eoCDwhr$Sz`A*wo_t>RKnK(`%KlKiF6q?`>%VfnfuKyhg4a@kyX^GL! z^n5mJb$Qg)N1c4CY0P%u^#@=+#s5VlD$PMO$Yzv@VIMD-rj9PwmMHQwe~eGv=t4^e zy_|wIv&`~2Qy|?U7I>Bwo`Y5mIP^h3Crqo+G7;x3>rvvi*@crbAA4qE3rtMIy$Cf6C+=4kyW+pM{V(>ep|EDux$BUwEZ9OO%Rq%=RvN%xgwyFRSV5lXs zYyFn4xesnwdTP$+?>_(M&8NKyU%uY2iv_W+T|h=tN?cnY*nd^-mdxYaP>o_$wQa5O zL$PuVl&o$ZqXg9ozP?bkR>F{PWn9~kQv`!zkWpJPl?++hD$Q^4oX>W0HhR)cm9h2dr@VHp}J^ZK+xlTY#CgB}gHH{%>0hqh!lii7{EYQDOPs(W7Km}8*7 zlFZYJec5QIpZpZtpbg4noHQSarHZz|VJ<}m;=AyW7+2BAY-E6`I&rM_rv*=u_$zw&n`OB(I1ix{S-L|3(+ zzzR(p?Evhh6It9$Z&MJfK}YiqU;{}i;@l^9L^WRn-3Cq<_z^m!Da3%B-*bx>>6 zfwV|=t`o|RNGi5)Xa8p5od;OZB_fPw~-RZhIN*r*s} zF7|c_#p*_Obfcz@DsNL$Vql5Ss>4tlaPK^rr3$RFn(@MPdtkv!Rvr>+i}+N7&hR3B_C`zHEY>vb zH(nCaC1BZf@_qw>a^CKbABC1iKUSSrK04_@JyL$;$4Gm%(sonm#G!2V?%cGmiyV3* zoXJ2>#nFW5BtE+I$7O~Gx85qrwEG_iWThxqMpf1mQmSf~XIIPvrb78@WTdKOdgsqJ zT;Wq#azv#3#Ih|?umsEqN6GQ#ISbJ*wNHENQ4L$3%|X~JjTT4ns#NLFX1u|kOfL+3 zx}3BsGasiY)Le}6h1vp1pSD#V5j8>5{>k=i%oImr?H<5Mu z@N~KxMttcK^;VEBqLw4hCi@+)gZSs3jqBHAf&MH~Dj-VzDmLt8#NA`oF=s$$rkVyj z^M!ytbBjj^DG6d4s0nAnoM`J|LHFvPYA0WG{6gPGiRz7%%Q$%t=5vq^CmVTLKI5?G zx7}0HgJbFLOESa)B0$!lqeJLW&gf>gcgKibNB_x#_)#RZ^caebsW~v$xUl>CI`xZL z%fueK#^F3scBi#az3$&_;#Lhg5XB;|pvnE{!4{&@p1rG|_AtN>H593JwSB2}Qd=ql zve>4n30&=7t(co+;JJG|hK0c!vMHZQ z$EWg9W)+Z)dQMEpr)8X>36Kd~@&Et}xgF0#7S z?-x!C(jLvswW|Yx!5tLi&RM}AzXy(ihB!>Rd@4#*!+mQGNa0qu+^CG}N!YI`(xp0_ z9zlPO2Y@T{1#iTSDdi&4M%l0$D9yUaQJGa4PXTO|XKo=c{g`tVl&l$8moe}WuGdeb zsgtuUu`o^rPB(irp2hrxzC?7nyKJn&<$=jHPg&|U+k96Ql^S6;8`D4!Q|}H8yjKlJKvsab=OF{(Q8@|cgKz`?Gl6qK6NOy_yz`J@HsSFHg=f>H zjf;nApKvq*LWIrWavi;3Do<`_h*9ox6#fa%V2BuB%(V{j<03ZXv(+d6$e#%;E>;g1 z)@(+7XPt+x{fje(`}|WSww3j+(jF`qtNiMy;!_?YAGK{mAR4a zt%yU1t5h7cc5AT>9(ce1-U!Xy)k@FR7yW2-E$B5nJdz36Z!xK{nGN;os-B+}Urk1E zl96f=sLa%*$nv;mc0e{IrZ&Mdce4E-1{R`$E~|Q&N(xyl6XY#M^ZlbFYR|jNH#p+i z@gbwzQcRO&&Z2+xWss>%vy{&~t$Itv&Rv3Q0%&2#ZarE$9~JX<0Natzs`*dW7VFPC zo;qTRqMK7}cYQJ9n~pAaJk6vpWs$L?7b0}3)rhdwjPXwC3M!7~(}ieU-=kmb7i&8w zQ1)*wyg7B!QT$Kv9-VID6|WBZF_*zl!*#x8PCsHL`x9c}t&XVq*Dvl}y-6Pf~KLwK|(9*A6qKNoUX~&XKR4bM36d6$pu$|Jnd4 zfPIo)W=%x_rv__>5@QX4Ye2S0A}zwbeg*7ep@m8e8I5uG*WmZ7;1%b9)&>c@jd^|2 zkml=;tr>_RO-L>5e{!_I|2g%5bi6zg?#9*Q71r%_a_IMlR(nUI$q!a_w+iezjg+>{DPwXRp z5Y6*z$kaMY>dLZ|av{=-zNt$MdsK|T>h?S!{;0Srn^+;kLG!O?HNoU^gXBI3aU;~q z*IK(vU>>o}JZv5>mih6dOQyzNFu0sD*8?Y6%iG6nce|L~@Ugg?JhNS)@q?kEF!Die zgPG0hdMEtIrBR>6>mr(`5Q$zT$uGFLOlpH(_FuBGrOgas`VPw@sLhfixuDb1wpD~V zH9u)%+I$Eg)S!wx=AkVQH2}RZ;<{cLWv1|(w( z_ZRu=NXyu%_3>NF9#4gK+IIaRmvPRop>MjCFr|{A*^bm^CZ>7s`O&P#Yr#Ha0i80L z7*mJRB!1kmJNvqIe7dzEljAbZC&8?C1F;#y%5zkkXZkuH)SzwCyMSwd9MrVR&a}{L zVV7No&JiMlOeoB(?1r?Ps(_PF#q|p~=mt+fk<2mBz2}%!OsrD(qd8JK2n18$@G~ga z?3|96Gq~l*D3*$tGgxH`kCOPDikP#-T2ac;v$PAPUL|Rhuk&iU@A=iq|p{6k8lc-!OR^gP8fp}B!j6o zVS@j!n^4mjEszX69aGcTFe-?Q9o{g?3m-zp7UVwzw#6(cBV0zc1zAQ71q3UqGz3Mc zsW=`daFPh0WFBxKDR5;ke9-ix)Va*-v*AvX1Fghx90BLr?@LgnK^Y(~_)whLhGWja z*8<6-lXi;#D@*%o{Fv>~A~=1DdU=HPbOcvtSgmK7v_10W(5s)`zr}uAjr}qLPx}03 zA;QN>Kp@|~YC4d4h|Fb@M;ay*_NCJCQW%|5Dk2P+D8n$tH4BX(wRHZcpJ>=W2H-Gp z#TChm*V!Y4?Ppm3Tz*gW@k7aAbQiz%#=qqUWR)*QU|EY`SY!LH`Nc~bvO(hBu2y(>eJvM8qd2#@T;h#J zKeF?%ijtXmHmToT7&lk(T%a9f&BlpWpp6BzVvQ)+DqNsFvItRyR-x`up`8Z&W^j3R z9ol>L`}FT4yE$XdKrgS46H9z4+Ul8QsN{(?-_4bFNHkaE6;UY+wT~PbEtr&)jFyPp ztQMkLzp6b-1r0@Ld5gOKs%ZkFIhSY}Pib<#MzwSvCIg8!D(6+_X^D2!r+>{p>9xYHdE#LUsh&jlOZPl^ycX1M%LY;WRWRp{ui$~q0G-P^R=6C@^$>g8af1o0k zAHaKtS%);Rgp`epHgz(mQt(2Iy?Ff|j~R}F`FM$FkUk?RqeY0HvgP!rD>qW&X0=&( zTm-s>Zb$Sagmo#9?qHmxEC!$~a7>m(szWHeJIbQsl%{4bWs$tKz*olvwP^;mdFNXO z-Q|E~EX7XQ8FNzT!h7DJ&q}mnu#n8V`;Slau45z2=Pc8S6yoEtiC9YiQJzHcN^{Cc z79J;=PyIg#PJ$m;=T*yeeY~nyI!Y!JyqfWOp~M@7C0E zShAjTPEv5y$}?I;(_2NgZqY6pHA~_M^9Zc5tQ%bo@I|KHV=1dbx9XGyRvUkK?f?oy z3}4IG7}tWVD{Y*rO9bqU7tCS0AFHosOeg%xUNj%IE<|*RH4BKm8FwuP)pw$E0JCZt z_}uDq(^tXrATxlWJ%PjcgA*Xwv04cOP$LID$x*Vajwt^uz@N}fGE*<Vi~Zb-2Lo|zIVDOJy` zjO0h}S=a7HwP1rmzn+GKL<)JU2x&_NM2tCw9=tpCEWpdt52B7gI!a>Bo#Qvwc>7n! zs?nAw$1I}JMxYwrd}*uc9BYo*|0%pg^;`~pz@z`BZzCGenla+6K#gUgbE`moFN7|5E8+7>~>L07656D#22e9QJnElSZ4?EoH<+(Z?hr!4>a4(Isc}V#c8AHd?Q=!^pt5~{m(ECCf%e#=%`hfa9 zQ4Ny%LtAEXv3t`raFh$jm9Q#jgs^LLX*Sj0so zav_ZxuuV(Mg%@Z@nsETGLdZL*zajXFL~ zhEjNu@X2NjGYI3Um338Sieg( zD$=d=m1bA%FkHRQ!u4K107vlU7EH0%2NEoc5fnj#Jn#~(svSY_1)Lqm)*V*x1-{^z zziKyCDmgV+S9j@FwQ7uoT5bY!N-^$I&VqFyTGJoJla0x|wr;|@`Z-4KW1$Jl z_NMmBkXaCWlu-~n9D)$e1cg7D6;^6EIa1?6W5eIoLnl4_H~U1(vGUU9RH?_l9nAn3 zA6fL#R*K$A-jjX60QSpXzOYD z{%y*EXTsKfW!zV$ow^$rI@5uVFYaJ-?4Va`HKPa0u(A*JS2m@+K!e-}Hi{XiD)vV1 z2TSiEX{B#4Ip@T4w|QI7?$|*SS@b34RoL5RMp@a^*9?G<2RKv$Tu^Rry`E!HfilJA z$;TR)ILz&DZ!L9o5p(XK-jRsNG$~UP%P*Cx3zBiksR)@S;BVqhE&Z%fi%adIVaZhp zuYc=1g;rbmjEZWBjidHj@5C~I8Z0iKbTZA(XFKHc|9n357Z~9GM!&{9QWsAMy(Iml zttoW118CNwpJe5!l$xn9o{GaJn@N~to<+8%cRh5awR4!nhMN>XE~oWgFuRB^!x6(z zPwh%N_4J>k=KaMzVaU%27PyFv6^-4wGEtJe!?vd?2t}XSZ$A0Nl_$lN%s1MqRXX18 zrao0~E%%UWzgKN~(Kq|=j;{D5EHjq~y5Q}dgIM^?D9^~6^-%R*Ys!5`xD@n$pV0NR z6D|n3iK)4)tFgEi)Y=EZjWGw75OkZmTi_2>*Xl^y3d}IA9 z(mp2l8*LUvY#N?xS4(s*+vq-h8g$t5Ch3Lg6d7eAsq`(YPO?8&}nA*>B)uI;|^N}d3BC?y==FTc0%2z&fgB@?SP_-;MvNb zmwi2~UIY|oNmP+ca;+k@r&6Xo1h!i~^;GVd{E{Q1AL>NiGdbyCz0$J6 zW_%og@8ZUm(q^?m$nqwI-%J<~U(vSNS4mK~w`RHSy`YlaX7&E1(r}e(EN2tzCJN)SlcEZx z@wBgW(sOSlq}Z|ha4(?jpb-~9B0b_HJG?>d)kh|($l5ixl3fEStC;_a$&g-5g>7sN z#R$jRRi!g?mbKv>l}t2Kax}Wa)~i*Vd>JDZ5T((7&D|s=3aipyR*b3}2WFsR2&+sB zAcO1^*UYLb9v!ZGw(FfkSyW*TQ1q{Pfpdmym7~FJ9{_Z+Ki7Ch*>A6+n)M^qO%%c! zH6MMl7maDfj_}qjEbLZhX0&-Fn>d70H8N|sZO2zudXSGcMEyRWG;bC#>1?Xcu7K;8 z4l67uXetg((mcMtKKtt^4`|uz z_E@kS0on|3M6(UecZgbxj~i~N9U1%3&bwW-%IQsPOgp<0i5RR;) z^H#6ayQ>B#t*L11Pm z!6urB>buUG)B**TJsKw$kloMo*DSV;bBZ){i5}xgOVQQX-k40V-Dh8#A)f!OoMZ6LLEBSPYLULg4N`>eS&cT5v!8=7E+B5brgm;P}a$uIZ2g-!Hga|EX>k`M~ zz$%Ex$cQ?H2*nZ*WDwe74HM~eN(fz5EW0q+{q3mJ(?#(1RIsI=b7z?^eBjdg3GL?l z)?^qM=VL?{T-d&?3?MWT@(!r*E{^a%`MN6(&@Q#`I<&^*`@Xr}c+$wQ*vsP!Xio9T zBp*j(O6|q$yTOtlT7eO2xutI{yc|UO#!2}kZqNO`>~gHTyxi)Q^jnyg{KI^`Z8c;+ z5{dJbJ~)h_^h%k>M?4b3r1@-h|hP~h_{94a^Hu>o51Od z!7i#PcJ$@`ly@b1wY5waezVMhbL;-8Be*vk`L&$3^aj!7En>d#p`BI95?wt^zU`TG zr?IGZJOd_~@Hi-uhrgox4K4Vi&?^4vz z#!>c3i0l4qRm2~0Zuc#dLP!*_vGsL@F!%et_xkGZhto8c{RWrOu73iLtkUW==_$?X z136%&@94d3m3*H}^+cTvU9BvSpO1uV`FrpZJwfyiLKDQSkRRO3C+cSZEwp#yl zU*qT;7V@?SQ%k!?&CSa%EY02E!L*0f0D#pWLLAAdVXwEhpDMWtXX*5AQbKQll_A-N z2^GbjE^F>tsrgD5`F%}UDW?*RZS&=()UKcK^Mg zxPzvTySSR&2H1M`U?tpzsK+k`{5$zBnGo9iO{n}h=*RPQx$pZNGk}MGeGB+FIPu6h zn+qs~xC<~c^SAqb@&Cnm{I@1Z3IVYPTfW{_ID|!|f&S%;+oP4prrhdBkA@!I^nvZG- zf;pjI`NEE4J}w>Hkjh)wA>F|kFwvm8au4?cZGb>x*9t5lV3jkYtDnU>d}eFqWRjZB z?kgugC;L4Ef7=bccWHMXj9yDwmz3A)RFxLeXtFh7-fyC(J&+$kBvXZE{r49T75^Uu*%~o_MYqzS5woY@Vw76 z0V6lbb1V1Wq&91QvW2V;8)J!x;nxA;6oKJqp5133-eJS;Jrd~$p-X+;OK)X79&f?0 zcqxnCt(zGMB?&R})Bxbzu>*w6hAJ;(NMX3wt}>IzCUPbNuXCe(W$RfveC;lP=n>mB z$k`t);@B${R7V?oS%^K;k(gxd#p|KG&2Qn)=wax^FraDtg6Si%;{jf8eTC;e(@idU z3#Ri_i+Xe}aM)Q}$zfi0(fTYy_VP0;zar1kv{9U*7R?&ExjMBDnSAXjHu8EmfmqxN z=#i{z#c}TXVF~ar+ige)hity5;gk9=udCTtDj`xXVqbT)8HB|w$u-He*A+SBui=T- zw+pIY$P;O*r1iJUahqtVL_($mS*-N)<}s_wnmE$pnczgowfo9?mLfK>BkmqsUN6zR z;83&7$;5y&(v@(vHs?~-`}3RX)xTuYpp82F)01Oh=2qgM03!g`Q>_UmHL>&LGfi=( z-S&iL(y*)f+2D4D^7gT5hX5PJXk;`{U2qN5GT9aN(L}2#nF^~*n)W-Jw5PtQ`7hvx zj~{8v_WN^8s#k&hbL#PY=~Uqq!^D|O^@Zq8@(^W2FXRbNO8cflE(z5|e|m<(_eL%{ z=7HF!&IA_uW4TXb2ie_HQ9O$)`ZiiTaV@Uta#F9E?Hb%28>h*yrBf4ZZNzq|#0oWs zrlsGb#iQY1AIkZFL`8n4sqC^#i|CtX=UUmUjGNl$9$SwX9Q8F%7 z(3MTeY5S>vGbP;->|kI2oBtgmQW|an&g^Sy)+|+53!3;MCe%yfW0$UY8?!HL z)+NDqld}&31Ydwe+EgUe;H1U*`Zej)5@I@Kv5a#IA*Tuq4y;9v+>aC}Lhe>_XS)b6 z(g0ssQSSkgUzxC)(acTX(;Cb*?%Ev#!(2a!bzH5btXg^ylTB2nQ_@{>KWztWRs2?I zx{MhEnoi|x3tg2bMJDbvICNf7^Apvlhrab>{k>XS)m^J}(LBj_r^HW=F9%_1^c|G^ z%#4xF5V>iDm|gZN$03#r724dwVA6Uo@X;zaEqnQ!Y?=pyq)|fIQ1_8YYoo@^`IXO= zvW@sn5Eyu{tr31U_Uv`wGdg5!?}&zUpIELToyzrkjvNQJzE%X?(01XK2y1<7^t#64R#swRmZ`SQ`L4#|miO2fS8Ao~ zH26l^YgzJPFvVKZr;dt*Lo|JUo(`Y&KxvPU+VpM%#u!-v%K>e=?X1RKU7KfN0kJ^v(FTJk-w1$}uP|Xt zhl=t?A$s#|;kDuWR{C0h#o1LeA8t7gpfbN`A>!=8&wP5D*>#Re1$Np8-Vd<_<6VPz zEc~#rt8Bxs_B9wN@e)1VaVma5zcMNoy_l?;);2q5jgr-_mz(#D3)duzp2iY_M3oTx z)IwW>Wc;p0HC~9%H8E2GKcsB=k_g$%fS9J4pc(_iTz5&O<@gr-R!Nu?pQt8`L@ zm-poAP@jcAvv3AX0g5K7$WQM!4OgAI$LK0{nmS>v#VWV*iB->#=BAhNAaY;kLbFL$ zL(#+aV2=+^GHN#*qcw+Yu~D@FrB;`5nH#Q@b3-NkMaF_!PC7)B{mNPlYw?^fIv&FF zT6}fF8i1oAi*D)|6$g{HZ|c;YiNd*y12o3NxjXOxAMfGV6LRDS_xAxl{!P(%;DP_1 zlXG_r2=|U{n_>@^b9W2qe=NP>UsKxy4?lr;ce@hQcQ2jl`$NuGb8%~lq${L86kqjMdDMbln|$C&GxG`y1z2S2^_=sS7>RFYaldlnZ8fqN%O$ zR+$SOsQnW{H0FzdfGW;TIcRf7qs4MIn7Z#VcVDr)fF9hv;;5GGGUPxgM zXy{$q@t4f9A8g$nd@qbT@Gos2ULEO)AF96+`lcNh>n7&UK11ty^peisqhR2#WJIk1 z=5lK#eL0jof{Qr&-#h9f4GFIFXvo@5&ORx}Db&H@U_gsm+(N z$9ndg<+u5vE34tvFhP0TA`zdLGeUAa#Ouy%L4|WI_{O;65FVi}RZqimJVhv_FX3SB z0cIZJOca7~rmLGZi#C`;P-_Mcq@E3aM-+^fji%(S*8zYegoJ3KxyBy=PxT}wt3=_S ztVlyyOG0u|$mT5|*?ZLpN?9TQPR@MYQ~`SK`C#5G8_V85GZh5%!f_()PXjxXzv$?i zQE*l3fl(gojepX7%Hfp6(MC2{k`GqEq&Q_HI{#^7<$E(oe^oWJc1y*=@Y0)5BNWIG z)^112^JeWwlrpzeV?)=RccM@bZgzIsu&|h59QpW%yvrhmzfx7N9u<@V*!e>r5<4RY=VD-_ZoUDX7G{^Rx82xSd32ie0HS2z z!5CkUe~G5i$X9N-GVPDfdaUSD6mX>|leK&M^h?9rt5+hGkHSEv4h3}9C-mXymq0$?!C zlE+RrD$(JlwD>Ig4}o`RT2m8zJsaw~(s$8S-kg?bbZm-##gf=3r$~#hOr9mD$0!%3 z?lpv1iL#oYmO|O-+sUMj9dAH3ey>>rqraE)d+P~gA09pu z;RekUMpHe9qc>Z^!te9_Z?HrQeNcC%MGO4&?i5DDG!~*$T~x(&QvH?8C$&NpD=iwc z@R~P5E%0jLVfmi}r)JoaswG-;ALnX~37K~dvUGjZswiWT?Cl8QZU(O#i(zQeLzeag zUE1I1X{%so;!{vGO){9&BQ)s_L^GzMs*5C}u<~;qdPV(Q7r&O4E~fU1y$!iL1?1M?cSKa{GYD_yvOno@Wh{VPCGg)=-E|ksH1(MHXX!|J8Ec z{;=8EIEgUrFw7*6Xvo^_4zDe#O4si~JcfdqLV;{A^ad1D1YKbS>F&SUy+3&}FOzuj z_B#isI-RGa__4Xo?s1V>zeHiThG%qIhWEXd+sDcu^sWb@H8lvEF1be-;kuaU}Eow{0Zv_%%Mf;>^j zA=F!HmPgUc@KyO0_&csW%k7{&U%R3JKaarjxGdOBO!<$dbotfy$&!nL$7aDoM2p1b zc!Uv=-xu_YO&&?@PA2rnnkgIQ-@)D5#89kF7RS)qMiV|1BTytU~`A0SW#mNB}VfAp9`}?8OU@ zvqs3eKqOkhXPpks36_0eE<$7r{>eJc2Ff~3wCeklXvGhVpwJs6`@|n8>+)as|BVm-@V@`SP(NLJHMn~VAesw+6LogHpUIb)=n6Yr z+sS5_wr>6R3vf7o&*ggNJR?(KSDCUsaB3~x-6aoy=(bfvtxD}GfW2OVXj0G%^f4*t zerUOouf=RsV!U!tjPjIEQ`c%G-|WI=u0vB^fr{;FHhV;9Y>HdBoE4D!>#NJE@mXoyi@R0*lj@H#n5>Se349ly@$wP ztG=CivplJ!ch4*%H)u5x8)xbsM>>g3EPlfVWott~FszpazbgGHA(g?oB(5KFu}xWF zXWC8|RnyR8ubv^>GO3pEPyxVxqIs0xkw#%O-q)Qcn;FmH&48MnwujbmQh;F0R72uT z*(_S2FwLRSFejB}6mgNw>J?Q}jVx_ddoiMGn5R+P$SwAa+i)52I!%^oRujpP;Wq!r zA#U%#WRPr`e$dIpA~^K3V~`vVcmnHQo%ucg7N^2jN?g*6{d+IV~M@AqM2+~ zYrdNRJ4R*}=c=b-Pj_D3*wAt_?vXgZ($Q2S2m_b=5%Z|RQff)=$3suAob~h)^mkQf zdE~5tLC*JFCId-3)py^C9t9dniHG@ePoGmerJ=b)ex067`hDPGcCy=DG6$#PtO~Q( znb7RfZFVh$B3pl+QcA-B-$Jz!{L1@t>*fi+jr-)d)0ZL2 zIgfpjY5611z|=kd{U@)l$E)leN^KB!NF-Gwv&TDov|H@miL}y>Qhs79%fkEHf=rJv zX9}+^Hs&l8$PjNuSMXZBb&CxVVrNf|MenNkJX|5xD0$r$J78nYM-(P zAv4$MJ(MMw-j8!r7aOlSXvZpxYUPTts5u5@Uf?8wkdX?7lZZ}UU->NTAg(=GerUEsK2f3Lq2JhnPo8KQq_H0{?~cci76 zZ@Ahi+V@zd$pm=-9CrZ$Fg_rJlu1C8TUpb!o~zus zbRw4$t(p5`UUqHPJg?m)Z?mgIl2Z<(HsnxK4)~gypVYah4}H%< z=5$#_Txtg?!N99*NI4BVN-D0R)8TDAk}UM*5~5baunAEc`39-duWa?337M)aGjPt| z(0$U(-NFscEp;&QU<2QxmHWziubyV?MYF-ag%2%$rDk@QM5b*rSp--+An{3lo+Rr z8&eiZ`K!4GVpL8`W`=)q{zm@foGy#s?)GwBOmzuRbTA3zbCGdXl1?!zt!l*0mz|dI z{Pk^xDKP4t3bjQSj=jD{DT>SBl|X}5%NBYQKz74U1ntg<`VP~dmQ!I1fJ9(Z^1Y27 zZ@@YGGg3Zo`3KVSVTQCDr|av4z7mnd;yw$CRRRlJuxTG>)JQWb$E#3fy2&?T!s@e^ zQY;&x(t!o1b=qe+jggV8Y@bLvc@VgP`fLT8SC3_}0honuCaOm$`xZ5GKj)*uszHy9ij6rL(b6GD`Xt#wqN_dL?PqO#h|~pG&e|G zcNCcsaN$hFgxGIQlL9QuWBr4b!>tED9j*nDs!R!({mN%Q0Q$#Yj%F+XbqIe!|A zdow@pLQlyunA0^1^Lg5~A)Q2KgDHDlCe|LKj9xqQgm6P*G{UB|fmPa+7e74=6SK0x zY(WRrMoULlmChMJgjFwV{Ts5)1FCmP_c=w|uHqU6J@#FTPzZEcRP_nqML^jqV<)UI zi32YBB%H%Xpka}t&h?SCC;bd}Hjh!Qq2Ml5_COx{cs7z!WC(MscjvhP8``o#y3O1( z;;MtBEjDt3ssOd4(}Z*eOw`a`*2is~Xbe4|tznd6Q4KIX5xHb%#%<0qo;vnG{&u6@ zeN#Z!A|up8adbl&QrtvglfC0RSqC{G_r2sosl)Mgfh5`~IKq!9frl+(fJoib#lz zTpJ>!I$SMRc~JVHSatXtX{f7eVlIQ)%o$vLX62>u^iSlBVcLh}S}xPb_+)pD!AjCP zNc-?LSdEh7D>&+hP~j-LMx`U+`3JQ?6k2R&iEL#XWY#Ugb$~jl15V(LYV7G&r>d%z zNrchlFK2(qY9d}xG6D`97cdz?P;xPiH>fne&lO~Fxl4}5@qKvZcwsE-W)vk zJ!C2`{~(FtBNC<8-Tz#O(B}gtOCeEg@{1RokSI9*Z}CG({rJBfc75UnCxXs0%6D;t zk|Xl|r}+QxO%RlvAUFYX2g;J>%n$vR5ezV%B<(shXtLF)21>9Dg6!|g@Sp!vbR%w> z3HZY}^}cIj@nFQI@yVOev0UlrBfhr*dT&#Mn z{=`0&sSacLE80cC`@Zkxaco0Qrq^5@SnfCN31;Ebj`f!w44rjTLEK{FL@jqRuTJOC zGpEme&9M~ImQgSr%so@18*HNdyN2#@6ZtOklBZ}AM0LTf*_Kl$2`wU&M$!mClng8O z7Lr;M^nlYmI7>pvIt{9}q>iPQiw+g$?<=;Nh;4>?y(jQp|4TYm+ovZ%WnHQSB?i+T z30A%8oglb;?lZ0s+)e|V_;vv1`8qPwRL{*jv2laquy-1!$pEhSGe-YZktOiAsAzwK zJxYqs7I`C*C$tY|zrmBvjP9~cu>L^<&}=lKJ@HBd0H0H_6r;PqyD(`wx<(9}py${X zrW+a+OKP>~FA{4k*_iQpXw{r*U#Tubk_)&7TT%8~Qs)qj1zB?)q8`?^NpP#SeSDY? zHvVYs6b*Ln5U_ep@;I%aQWQcN|J`vSvc=S7xWZ5f_=Vsl7iB$0P#_voomC_Zl3l?t zmx>YA(NdzQMs9cziS=VNsAff%SEt(R|IJ>-87nPHuF;%nI33WkE_Z~=#l8R+Bmd&` zgV$r27|FrB8b4$Gt&IDI&AWqaYaZyBSQh}6L!!sz z8G8TAxBme(X&08}%!jU$84&G;tfJg3?p!JM0kM970d`_$3do(h{aK3gu{_(w z2h)cpcOlidjioT#{{!^A+`{5V=KMs)*%HagQ&3WBwn`DRPZjYg!cqQ{wVK}{66XNc z_IZ%N3~P8O70zNCzSwW%BmHS-%MSX_AN^p!at9_jNW2#!oRQ1V|C8_xi()GhP*+Tc z?ta?yrPlwhNfU7I;TRx6u8V_Bdsl!A)B^(I;!YIzNL*xx1KC-uBaE}4{sGJfI;;2O zZ87g4I#Of7j1F_D##c;|u5r9^xUrNk(lTi2E_#JSq5ZJUJKjNC^AOtDD?a+77}Ghz z7nab1G~R{ImgFV?k|t@Brq6cqftcwz=z3Jz)ugxk^nAo5VSWqWPvJ&_!oEj<2>SE? zqtc#&gyF$$LAPz&wr$(CZQHhOe{I{gZQFKF&42dP>~ptLS$T7xJSp;W^D+;530@f~;k$uKvES2Zy-B5yq)H8r4>(ds5nqcXNYZ4Z|SFOpPOM za9;ibWSg89iYYZ#mK7lA_^*uAS`+s8LVP9X3b$fEn5q=YrSD1cPA_sRCT*VHpmF;- z*J~y*@V?`wepI?YVfZ+#qfBboaZ1BBWYOlW-e=q61i=uwz&hIt301xMu6LC!u^Nz`%A@+Xq<=l2mDol$K2^ z;SMuYs}{lh$gySsKi*FJJAjQoEzA_y99DKUjlsN3C;GpyBTzha=R7Nl7*JwOC0 z=%Uo9)_T!C0pou*YTKtm-@OOE&-LE>TvPE0h(aOGK8UmSLNuS#QTk|Ni(cT*tS*9xGs5)Y(Cv$Hh=OZh9kk6G)ZaV^ohHq39rfma^)??yw!O*NF$K z{EhG+J68c!hnw2vNfCsL9WDNhz|yd#l3;$LeYZ@#7fahs8R~fKfoxZa+$;u1(7NQ_ zEyAOE*|%X=I-UFL0o`eRxbIW5Xs`bd~! zl+^&nxzOg&zPr}ajFsI2E7G+m*eR#{7YKui0u8DR0AmP*pz&#OesX&MDS#UQe5&?| z5QzIId3`M9`LEAR!HTIlnlHO8XNQ-O>P=^F-8m=22Z-78vFf2qhW~D_*9W@i7p6dg zdZUt7#(WvHko7OX+!~CanR)T?dkR>%6tSsR|C$K=`ML3} zwZ^T~GY+z@hu;nJI+&(AXcJe_(o{XbYITSK2-bE4rDS}+aIG98HNx;)`Yh;{+PPOK z1blm1V4z($xE94;qk*(YHCJXFq_wE4>7gj;(a$Kz z<|?t;g*G-_I|&+q7!g7_*isblxGIpu0$XX3R+BAe7oqZ5Cu|mh?NT6MM2aG>A#ggB zh12_>anwrTMt4kq+Z&@0uYoq&e$$Y@AewU7Xx=7HQg*X?iDi2!+H5B+VbWk$6#Tf2 zK|qYR>z8Gp+vnl4G~f8joNCkN0`$Y7pq%>hXw%h6*D87Sb46^z&B6dSxv0J69L>%} zEp}gZhl)6Is3xH$pt2FRW_6zdwI=VT&L5W9LSxqqY=YoW1vlG!vg3J=pOx3 z2d-}Jy)H)HP;N(ChuS>Anbj?pzn2pO(CiBTQ(bq8wg5ubjjLUl+!vwCT4xCp1^##? z`|a-6?dA1x=Bt7QgA_LriE_~(Ct0jiLPM{!K)RL^@b;$y@0# zizULdaaU{>5v&;H@0TQ`+76jyL|v>QFG|toNUx-Xw@1oztoq6g_@+xud+d+{L7ABz zL`asvW{*e3cWk7i%bo)+mcNxdhLqm-(c?)K`yG8>r_al+pil#(2m4R9Y1DR{OnLI9 z>rgWreRK^l0=C(-fLTwb8$WZ|tEM*?B zx>Sf!xp8IhtcLr0wpNC0Q$pWPqucJodgt{V_U zG7Bz*r0<{pO^N3zFwbi_(~q#Uwjgt zFto1`28_O>PGuv)P_pkq3&nJeGR>($by-DaBVrP+o+rPW(ch0$k+pBVF+|%ksOPyM z9QzV}=R_svtGo3`gy_ACFbLCZSNu9|qLHX7>XtJl@%>&-Uo@M-i20F1mZsp|{YV0v z`I-DqJzd9(&pKZ&4Uf@P(%9a9As2FqQdP&g-zJTcTPRv%UzfW~lS-Ra50VE!H#Ajo?wbUFKOfPTWb0HIVtgX6}UI^RT#g!GQ)+&Pu98>5hP5My^$` zQ3Pt@Z!#$2oP8%sBn^f{5SV;R1>>K4l6c<*i)Mm-vb5Bv8YQhiL*c&FfKC0m9l2cx znlR$H`B_vWS(lt2d**w8ujL;f>E`Bpyt#jCd;Z?9KR~}n>}UFUe8dIGiY>!4i6-Q7*@!sIwRwyzM? zd?!?mz@I*LL@sRnP0L64jlsoN3@k0ctC61JYo{ zq(_KnI|hZQ8M?|DbTVf#Sf!WGt#ATKQj|>nq+^W;;WI{M@WtxSWB`gwE$<=*6MDh8T8Zi_ zHME=)+A#V}`~h50{GSER^UDl=3vH)RV#wzNSrEsLSwI7Gk1Cc*`1e7YPu@Ebtl6Z^b>W=R7K z!z#L;O`Om01)*^%iwDf7BK3qW)}p9Iu$N|b>UOeRBXUii>%Q&7cB z2-U=t!d|6FwTF5vaEd z%QTZ;wM_OvpNEvI{HwN#30S?Y1oqTnt|9I&)aJ*qU8XZJI<>nHuAy3c?H;em)(HRy z)Q>va1WJgZ5Y>9-QVY)z@r$nW^luWR_~y0xfTZdZ?3YyWc7ei^a$4WeOF&w#sjO-A zkU}<^7|8{?1JsKQn$c2?d_YOqu$u}_L6!+l#VbNo=WqFN34W%1Km`5G6dJq21L6_p zSrLZimIm@x!M{`EVQQWOSbfg^a||xIWP^v;M{=#2s549p$7T8$>Ts^@+>8#YBoe5L zs8Oy%KrliVggEvg?Sz>WS3vLR>)hQ4;q`vuC%5k=wf>rX4+gsj!Sg*im7l|2N6Fwf z@%*MHBt7!Ky9D?Z>U^2I^!zi)XR(x<%>0o>@$)(J?EH~teQm!XyC0IvUB91_KTk`m zD|Zd~i^BYomvZ?(8u&jXSra|4l3rt4Ogq?ln<6ejR5|mTnLJwF=1hvcCC|89__jh- zXC{mZySJQ?C2MJ%Eho&GlWfRZ{K>(a{NytzSc`b;Kv^=}D)9?YS=&{(ESWg5q{)ZL z#|K)%$rnnIGS-N=_%>eI=fPsxcvi$0w8ax4tqUerK6X*Z^45g1c-^rqnVqPVKWGyv zF69>!a>>fMWNqnkOB%05A%S=?k|;fVv2RyH5_m+ylr=jnoCPN?o21moay?2?Tb4|* z`O2YE%}*qmL^w%V6G=Ovz7v;WrWW_^Go~FR_Pf1zPTa*;!Y`tqEv#ODM*qPi!xkr0 zP3f$i?FBM$ zS!m*Y%^M&5-tZf9bt7b~bFxdZ9ZH1@S(k~vd~=#*pH991pB+;G;!(7Vf+k~4(s^WKKpm?+7Q;byKo_P5-N%qAo= zR%z)%R@>ZtXc^P<#K#hXXMP50rc!pPRfUd$R*`FBbtFjrNS`)9tY#v%n=oQxTk6#4 zt|*#~EcHb@Xd>>z-@vtW>F_HgK9D;v)dey`UgVuf_A7>L2K#nB1Aai1ZR@G)gQh!r z;e@h2k>lzbgJDkUbF`(r0$J?8MApae#GmtZc!388;FFy&&7KG0A;B!$TXbhGuHCM) za}R#5-T1h-;-jDcqI=$dNgnrl;eqe*bKwEcD=yCc%}1^`v-oJoKkk2;?sI3<+wpO4 z`t?V=pHVM*`j()4v~9mo-C;b;adr)tCuYPQqT$BeT!FO=t7atF?rvuS_|rFVQ!SZ{*2pXkcVB?*6wJ8c=~K$#9#rJAXdMjOLFyY^UQ>_rfH z4Sr1)dJm1XtX)zTJI+@@5xQsm2x5k^8X2<{S%iQV(T_nVWniYl_J!uM*`_fke$*!z z3wyNN5V%lxP4jYu!zdI~eP2YKm5i=tJIfbL&vSRRdLB$EYHA^mmue{WKq&f)>5dsY zHvY;{xwG7+TifqR^-*+%`q^dYwLMkmay1yLwnO7tmEee%l$ED)(z9YW7&q1$oFenh zP+HFgu#^tHPH2P)lN2PGnh+_HLnLIh;}b0d2JG%Rbq`t|uORrIy7RTh@YUz~0`)!X z_1CAlkT5wLqdr=)n$9hj>CrMN@+`$if7)n9A0;J94Pw@GVs^94vZ3l%qM71cxmRaj zP}bv}t>k){MR@tN;H*29hg~z??|5Eb(HQsIPT@c8aJVb^$ssO6^=FPiy#LHON7(Xk zwj~!!7lFC`1V}}1q#-X!_BN1%IG2Dq>-QXePwNTfie4Wv2C|2M*_VRYz==9=@v1Y= z_cIVmJSzZZiVK;@Y80&m%!C-oSP_zuLOj<2WFD2uDP$!5IxP7*B!Al{0@08rbcnlP zErR^oA+2ya^5Jjwe%qS+CzlJLz+{S+@~{*>uA2!h?4_gAs|&WQ(;}(hr9N;m@W-N& z`mAVX{E&{q!tOAx09hbQR%0z{$szpqDU`b^6GcSkz#V~-z}ejynVm1qzD2hY8r}9w7JL2?Rfmmjv&Wm+k%kcFo}l){k%toe z!K>LL3B~?}UCxv%gLFd$^0TuTtApw}w>I9<5s#gt8hffRxus$$)YV%>8%b|! zsr+DJ%ixBq4}uS-at9n)8@S|NDzO9EM-YfE>8}jMfUAl&N+E7iwD&DXP}Qx z4c>zTrKlH8yf>~V!P4TG(UYq3T6g#o``3jIEDlnP%CkF=(~8 z`s94}Zbr2>9O-bl8?RNxqc@32{15=U(NdK5>g{P=H#-c5v!g+~lkwD@2skNe zJGR7jl$?~QlAyb9F_5KABhVc&tXSK+T_RJQDIhHvy+pY5n6fuaJ)uYAny?dh)^ zkRsQ3F<-1YBXZdCDi*zLqyiF(IsLcMwv!@ibX^kUuZvM72Yj?#NBpkgx&b;vV z_P#Gw)d9zjS++hjd{7AqmIYL=&ufcOSW^Git%{`2;>-vzkYnyKRC)>m_e&Oh-NPpH z5|98d@AJY+$6TSbhiEUK38n|TjHcV`>k4O??g&_tnPK+t9iXStkOa$67lC$Ew7!$_ zNa-X6NssI+vE>P4?{j%}2K-^et1a-@H%DDSjdl7qtHV8z1pclL7M{idH z=!oqzk7R3ChEcViVp3{0nU$1LZ6zexNs?ui)c{v!W`iAz^uuMG{1 z+y;F8O_bVX`aE7=;P<}A2jG2E0DS9q>)aLXiS5)<-`4R-02&%{Ns+q*%7Y!;g|Px! zbR|Ep+AxlZdFY0Yo6@wKa4c-E&7Ly&dR)@k@e|8W;7^D@iZdAfGFP{hfNv__@Y+;x z8v6FGl*xiFhZYOTtc#Ce)of?DdLvZ0{0PH$2WANScSPA3(2wV}hax7m4`}uL zMkidxa^m=IAKbP{(Ml4bc$>>pLo2z)&`Z)0=mRv3vGE|S`*@s2i6eS*yLVvezu+44 zUZPCg;NB2|EEDPPztn=Kxf@CTkqS8;zp`6S&4NSXl*>z?-6%A(6nwyzz0$U^36eI- zMv|A?g&<`{^iOA3y?8FmufgAAZZh0qY0lX!v(wj^WnmCl==Vj8DS7GM?e(=sxs=Oh z`AT`0?EWzLN$%kn`i(i4v|tO2_Ze<2K-1WIIJZqq@W%wxUexOs7_ywfXGq&I*W&C1 zST&YcuvVkA(TLN|C>g2hLD#lG^Dp_NSaAUVWLWx5v+$c`;WN*~XP%D9JQb$dnxeSWhBjd{H>(ODpB>b zp)Vm{D>Az}rh9(r-X^3eJtoGUW+BbGvrs~-L}a-H3v-I(~ zzT$d5y@?W^p6LB?aaMUz`uObqV7pE}{#v#vF2p&Wn^9~_8I++lII3GYUc)d(=LQQ% zR4G{nGl}zmh2EDz+TS=Xe=mSe52`jUi_4;M>92sWq6aWDw=y_&=HR`U{TrJwd_^0pZQD0{5mJrt#dG0( z{W@;_CrHpGl3fD*iHk<7+Y@e%Pb%z0w2u=UHq{J>0oNqT<`Do}(2>^N{CrYcS#js3 zKGmn}Eem72;}%gVD)<_{govoA>^pZ%ook#rIQbf+f$Gkqr4e~0NqLvLzmHN_y`UE*~~~JEkspQ*40N;wuX>yR({s6HZO1++{_Z_GI*y6 zp^$Ynue%*FNsgtyi;vv?7WzvjsS2(c*n$0{!z6*f7OHSByI(IFz9yixhorqdS96O4 zsPj?eBcGcMZ2LzN=f?s36z$wtnAF|g{yFxtSNrGq@c43q{U}BeMl^S&nZWs?+US6S zF$#v3odA8m;b>c`-qD^c$WJDP)I&(4pq#jnCBz*zZrh7q{MHAt$T63H99!YoziPPz zIa*>6VJ&6ATxM{m{)4a0-WWC%<%Lh`13~pE#%D!Hw51E%#)Jd4%pc`?&il z((5Z>H4QE8x3xli0*rqNE3#Wiob#zj0+$G~jx15_IZRTCoyM56 zs<8s@T!W|@M$SAv95w|&y9Y6qFJmIc)soo6?X$N(L?gSwLnr|mq{z_$zBP#zBhE%E ztm|dXZ33z%sGGuOi46^Q{4uE(vvAU}0x3kb(RNzQQPgRm(@217f<2u+m?S@mnRnEA zpZ5Hv45aMydee(qnlH*8AUrez40J9=C1{*&>wV_J24tlqc!X>0CZ}t-36-Sd>L$~n z)o9Ew{dsr83&Zjw)?|jn@M8uTT3Ww!iDx&RZ@ijRnWdb{M@gZ-lPn0imD?&RE@ETe z4cu~cPHsgSi@#`sCX`=U3^$RiCs;on>R)0WU(o7w~Ep63xpn;%0p8{21b7!6k{bZM*g=pH#K{q;&K+3SE80g+Zt{`Zq5dvU>&Mfmc3@>!Y zia-#m(*#rwMU#nBktxxXyd4EgQKkydgB&W%lf_LbYuKEX+{1A)r#W*y9~omIe<^2k ze5Z?@+*kAM421pkjJceIJk>;#Z1S@badSDx1w5n94UnbUJu_iOC?YY}SE%_R>8wJi z(2Du|SG-6LILY9RsiAK^y2G;a6#k%)ENV^{5!3C6r{En0lNJDwwl~wnUD&;En-taP z7>18I@RULrSOU#why#W?k(u5lN;B<_kyEx0z0~4~@Ws}wIL$M@6A7$r7==efQb_|q z?W9{PxZGL{OUGZ-4D&p=`#{wW3E?MF-28-qP0?B>0X`t*OfvB7_$#VCGTC!5@3!752DKO^ zQFX5n$%@zEseX!8Y8lSyO~gkTF#p1Ft|fNIpI&NJdrBTE8{y!f#Cv>vK-ebH{-H`u zarSvZsas2W53evWpzAITpGks7oeN>zx0ILY><8qjet^LYMdYYAJfkuHdz8Al_8H-A zr!(bQw79&GgSPgH0SRkE_|enXcj1pKgBd`r8eRD>cfR{rY4nlm*?BAto6v4t6Cu={ z?n8@@ahh+9Il|cCq0&K9+F(*mO6v~}hRL}pAXcD#vb}ko3+l&IAVR8V1>SAx+I}S) z1Sfplt%niq94<%BG(pzBHot)dr39`g_1)EEpSv#6C!CI|+BSI=8#H|K0LaNDX`+MOLG&ra}T`bRA z`k@HgAlt(z<-D@Mxg!ne|o zEiiBc`}gT1C}FC7zZr6sdFF(VG`ptk8Oa-A+;TMN&UW?EXNfHDHlsZ6efM+12&Vh> zG&(D``jP2;M1CVH@wXZVlBr)+ERxBYfMoS zT}$&awxsI!8p`El8ji<6UBkm57?_Fp59DFL(V3QHFqJrZHnQI|V_~vTm(tKzmE^1n zwJCE*TFh#5UP=EjDT7q6ku@Aa`iX(LxbztT`>mVw{r$>-9Pl2L=l+8*9f~yzG zAxKpC)|@IT(;uv$rMrlmQK5|LfuEC zML1A@TZHElXx@o{QDz1(!`$<}rs0!WRUrqi)=MY;yu4A5Qy!)Dhdx8n*;7y>in*|5 z#k0WHJT62+Yg*MLG{NWrLMPgquQXbHKZHUWPm56%S)L9lr%3G9LXS}>wP?jeN8J;m z1f+9F|FYyutTb$H)@&y|c}EU0i%mGnR%;DCZ258|!Yp|@!o5I)bCT{9S-|`yZ8kOY z8XUUWs57l;&A2jC5XAl`q2_=laXE}gR88>xJ6%bYn%TgjT%y4zm>E4Nc z+~1G*5_d=;X^;}NW3_9Bxnu=+lP~cW435up7w0omQey3fdfyz6S+{R<#|FG!+8-qL zHE~YU)m^E)vE(X^6Th@}i&cvf3=1~i*bnz))kg5qoZlj!(mj-K2 z-FTSb07@ytERs}s?w63n%HU_Lw(bcM5|&wDwMkW6xkOYrA73|)rBoaf^z&8z_mXeY zvC?)$AzH&iRcLX5)?l!rb%z*%}yTWw6oucveTD_Sfjit+zz8B5(;_feCEF>cA z`+(9UV-gdJB;nuZAdRJ>1vT}hi7F7AUql1^sdeh;-~`pl*PH*6*HOEQN)l=n<|+?| z^bHDKp)&DK!MF*2`Q854i5iOSgkGa|-lkc}8|;-SWjlyKg(+bpc2YKfCBZSQhPzmj zSRxM51xhjTHK|fcbFF8~D9n4S*^0h74n$=rt$7#@Ityezk}IuW~GkZ?3abMTbr=IKupM4l4` z|MSyj{-sZ3_lk#_el`AY#V|k_o(YGr8HG=F8+pmT*qN|^y*VNtj2dr2hWU!Oegv}e zIeGkJo+A@%#UA`3$>m74_CB?>s-A)A8w@ zgSQeplflz3;Gq8e#|cQzA$Iu&AF3p^y!IWl&pN(UM4P7E$F?jhZ9LYDc`cEZjNc!Y zUNnCrY_F+;{%G{(NHuXv!CFTLloB)tPT?OX<%aO%MLG3vafMb>RoPZ>Qn=O!+2WoZ78l;HGc~n}P9n7ESyYoL-w{G-4A~?lGrFk-fna z$t!vw+I5Ihm{L@3>Nb*LuKmPhEoO|&i)d62-{&mXOF<_?N@rHUrmIVhf?1N-mI*~ZY878fUp4tNMPBJpE zlV4ev*|dYTU<)H5N`zWMvb;V2h%KvfSVz>J(C}^v^+o{q16p!)fvb6;0N0ES%2x2z ziW#Og2U0|>Fe2_kj_qk5*T62wn0l&iXXG#>A6a!9fto_;pG{>QM^9bgvS#xB+4yiS zr@Oa|gOee;dC%XLhqD$_?${Jl9m!>j*>8IAXa|=9EPjUB%4*3-S`(#Wj481~y0*?y z?4FXk*8iKLHN;1?rqV(n6)_|_Eiw!omm5+U+Mp$F)^u8#H@m8jC6H)z&3Ua$W7V!F zAb8^rX$gyHF33I3pwo!TsS9X<1-=t3f;oF{PGWs>opOF1-Woor*B1!}1G$v%`>V5r zbw}>5Yr~cYzV3kBeRFgc^HXE7)_TBqd||F!*JAn1H)ld_*+51pJKIHCqVCU}07^q(fe8O?pLoJ1nrpaVNYXY5kyFupRkZ@nS@j6AWtF1?1g=JKFaE)h*^NZfjcr{`*E9tP>mN`> z)Uxhab*Pk)2yB%~QF)Nj?l)eI0}ZIg)>{li*G>-&Xfa_xRz%EeYD9}t%`~Lyt9qya z>+$SGXephs+~Tela_x}q7;o7|6&UDn*nj1s^`{g%V?b$HR+xEmiSBo3-gu<8zOPhk=${ES2MkZK{6 z`Kpto{1aWCq11zHX}jJ@Yf;QzJMirA7;N~X^h@GT<-eKp#~|=heJnaq!#w+IKT)M7 zxZZ7hEPye`T`lk5XnyUpl-u^S_+@|LPdC@cv&Zj5Xe!0%T@fRf<-*XzM>mM4Fmtus>$!tO$PBs?-EFlN{ClQ-QO4O zxN3j{@Jr$a5zKH=s(E-E{xij_vVY^3;WP_tTWF#&3|3dn*A;bdu#qYI?u@URi^S0! zAxV%WqK5$-&jEXSFnA5ru8W1_Pa4=o@Mvf@&`bg0@cAE)A(i)`^@{xTa{f2spK}dl z%=4?nk&c3%_l{zlVr!t0(>PVusDQiwlP=Srmckzq^V9eH+40r!`qM(4}6}QHgn%G zUrJ9alkuj;TA&jKAfuiymh#Zdg$E!ET4mljbv>{?b3yDPAaBrbr9Q^m%~;yzClt&a z#(W;>Qp_aZY9JO}auSR#)$Ug;qYXK{Z&2H3{qw95#ew(~&;mu5iisrYR99jCjl;x8 zkPg=9=KMk#S}KDteMALB6??S_EbV77Q;YE23@aydZ%@){v6y+Pv8m`R_LkH1d&Ns2 zrzdpoh`uxA=K*B5zY}0;ZgK9~E0e@FyAIbOV9%$r7byO|Sd9B=pSZjqxF7>lx#i9~ zxE5Q8mk9nkE|&&6|G&(%hYBTBc>})sCbf3`;~!Jq?ylcJ-xuAx@5GmkMMeKQ>)&=s z+`Cfz^K|@noUzVxa+gVbSg+gHIeA{#z*lPU{4k5Ej9~4l5hi!y*!#N$Abzs!GM2tQ z+i+$fr$IP5o4_ZESbL@84PsrBc#=6Kt!;UGyS+L9I1A9Fug&b;7h;lfw`P95qNPka zJq?r#Wq*zEPlg}`B}_A=H1~G=AH&>p{+0D1*l74Gj=z7Sc(?Ta8s;DJ%&!vdG^N4c zCA$wcW85eLaDZ(KLu~(g>TD$J27fVb*2vlQ+9HJkvo2`YylGd2QIfN3o#M(7v?M%x?8y&v_NqmrjB=ivGK(C#or%3NW zzmXjng$DUK{LwyTyEW@>@<`c zimt{jZ8{z2B%!(ms>i(x?1!OD8_9ZDW9@~obfgx{niHk){{bp$;QQb-EG`%*TC}rD zH5;(_0KrPjIs>k^PK))L(xH7Z*a3K3-T~|7Op55s;zzJw3u7^F0|SxV3U9u>@zxvA zH(xkc;Pujx`W|?F>#r5w*8TK`*45E}>VtGN8^V6(z3f5G$Wl<3)HR%lMPNIz%^S>4 z#U=aD=40UHUMYrCEqj6r=zR5Cx*23*bJCFGbmq_mgnmCwKRBk;bc zR`Yd3E=wBmNd+{bA?YG`OpJ@E6b-~jj-e+kXGvTAh+G1yQE1I|o{o^gYc-K7l$9Lgzl{5&O(>zQv_9ef9(JsraF5_WJ}!n` z4?L*dr?SgfF5#ySxwBtiB>jW6K9LBOrkHU?rsm=6`JD>I)1l{e2B#X%VCAfWZoqXbzjk`4VTJH(H;q-Z z^wUVN7C8XKO{eJ0>(JS_>Vw&7(i`ReZ64NnZB%uTy#~zk>CXr1_2H*jEZkbhy2I~X z?6YR*eBoUF7DJuNAA-xt16o;9UfV~htObiW#5(brDWMj-S1X;BSzsVI|e3)HiN z|2=V!f!DZ@tOX?ix_1YYqs}G^6KD_gse1H|X`C5bl=8Cfkot)(s7E(@@~u|0dgDTF zG-i5ssEvW(E%(B*Yu3owhN7oMG816!BQMnz@jQgD;dl7{9vN8g<5->T&d!7NNKALa zi7(`qsk`W%%@QN!+n3dWvmRx=FJCcrf)69tSel6Qsf<)er8h4vcWs)xR0aZRDF zn}wB>)TYWf=}iyN%(`LrAs0Z_nQ43f)&^vxu3mV=U}71U*|xs+hAR{P z>^+F~x^I7_J{+#F;<?NFEXiZG3@h|Uh;k^954nM~KGdx%R zfeRWTl#wIn6u(x)Pq)b?aEjc&KLhGh7A-;;PuiF)7yCAUK4ir%#ktBtx-h7c{OY_e zL}-xEoe;(R%9Sg)M4YB62ay!SMS({@;f~r#5%D!qnxn0~3@}FtIihS9&^HG0#p7j+wG0*C~yq^Ev+<;F&GqO^!z@O#yoI%eBR>Ul&kK12_? z>=wP2uN&ftFN>ed3nY}K#BO~Xt@Hx)7^znEWa1PdzLPbZvvpTt`c~)|XDt^bJ|p-X zwrbLCRSTfgzh7($)RQ<1sX#>l1jE#q2QzbD(&7TDDcbZJGQ zIF3VyuYJz*=rC@c3NF2^CL#0-8n+OltKF=UI*9cx0nK(5K5)sQaQu8V!|HH=GAlM2 z$Q|rD`Mz11I~{om{i|jCsP49Ma95r7NISm(L>oyzLW#7*MIzrf=LNQhS7+>cvr|L% zQJtfJ^LzVSvs%@wIZ@(G=3EnR4B`%tHc$aIr;~k$y{j5jzjy=~?aTLvp%!%7`7t{$ z%4m5xYSpP26+Qv*SSAY|%?ufh-9G^LvJX$Vac$22m8Ga@pvf@~7t44CJEAV$INd|b zRU-#)I#Z7#*(t5@0ecS~9+3&;AD}ZdNHsGam0P;Nf|a^PxDG6t%(FjZAVu7SOOwfQ z(dHpi@ALX_(-jhhld-Uoo0U0=+6GG;F+jej63pmp38!GzxW97 z$#9oE|JchVlJsco6>K2MwXW$vRMI(;^3QFG)Br(1zQ3}~kG{n4#~r_~-UoFXfROYm z;48b#A6y)tTl(f1H3y$|v3CWm{iCNWA)&oCGv||dp2VV|4rvd+yRl>ZozBFNk4IBgwi3GYRF>8aFerR88NhWfIcwo>?I5gWri=BbZrQC7IN zk6Sz;Ab|jq;B~zz%4W4zltB!UV~s4cvpquYJCQkR0RpSr>lw*BT9fzavK@($m%D4a z&gRWIDE&?9Y+?8KluB@IZ307GWxYy72s>IWC&N7f|nvmt|T*G(+f~@v5)pb zl6mjq@!4r7pt$%bRU&Af{^{J!^Y#sPIiW28&`{=ZHt<3hqJoO4bV~oo#hG;?&sb+09Sh)McR&OscdC&sm;E7G)bRah5Y0aM4*Hop6kP z2D=${B!t={@9qc~6oI#zyAU?|RhS1p?z^p$0BrE$m6X-+1=|p5aP^KEi&1Z5w+u_o zBJ>yc*YYw8&X2L%lHINcH7vmlW?-0W4Gqq5tz!$X1mau8e>k@Ak5etYKm;FM@_V=U zh5vM;vho9whve^M-G^_WHP$lQP01P%yu7VspQ$IK*(4Dg2D_cr1TVX;MTN*bg>jRy zPAR$ukz|pPS(d}pJ`cN3j97k#{AGHTsuYBXUhk3;VfF24I$~B?mb{#Ym==yDzwH*B zQB`Yth-?!9Lget~TW;OH3+*Qq-a>ZFp$30;-G?lFe#lw>*}rQ~ET;P8NoxF@6{J+} zm^-zF4G+M+xV&$4vS0HhgZNf=4c$8PK>wNNgqGMLy>Y@C?~p24#yuBc+_EJ~u=J3N za)8eHlRZ~Rl)P_D#X!YPx0X z9(7U(VAtE&5l3j0B)OTN_v@}UJC0TO^w$#3;;Cs5SGD}kn?oio1C?PJ{SH8+`P2L%@?o3!u0^D0b?zdu>FT@PaP zrzz1iZkJp-MHQ~uiiU0p`zJ+qK!X5eY&~q9j}t5fvdsJyX$aVi5oYaf#M&{c&K8hOeR%!EA`*AazT*m_j6oaXClD zdzw-LqrvKAIq&boydk@oUrt0)$LG*vp*dXY*UKSj@JcqVo~^niToP<{1j`v%I~gjV z;gOY6(X57Ycstndm=h5*Y&E46lL6+VX^KAUo*A32FtDWBR~qCMT5FWyj8)V>Mhw$I z#C9$^h9*>xK*CZyI>x2u6gyi*Q*F|PR{^Yo%`o0V*8Cxm!htHC6i=yns)Onf;_n~d7DHbviLCYfEfQ_YkK2`( zul=$t1`?oYgI|4f26ybL^gMOy=@f{d%?%|jwUhM_Fi_SttrVMdgak)iu~dx&^ukd} z5a$({n`5EuKzfUbD0CG#^=F>rRw1Hs9s8*tHa0zw^{s97GJ>y`5h-V@Tw!@@jRCs` z3f6juW~b)e%ve11OUqlzIw(dTUtA+gl09;6rrD|(5quGADpf!Med}F92i-3VWC3c` zT9Gw=+-21)p)=@xoL4_N} zBiqt^8S7dTb4^-DZ(jumA)a&)%e-h-pJcr$KcP#nIM-_U8g@%+?#&u!Rsk9P!&94) zJd1T@4NYO9!pM5z+&^zZX4#B>V9)Eel|<-+btg-0cU6&^5gy9GdB64ca>;N9moL!BCfCe%mcw1EFYb~oaba0hfp{2fxmKd?o18AS3mmyHC`bG?IRx5LEJnH zx(9iRz4-ZCB^Hu&n=y|4Rs5}fD=%OTQHRN)<0L6wugW3gBuQC{gbamW#y*WKwO5A5 zJp<{6|DeW_6b4xuJ2d zWMXo3tTE1fDv>-DOI(M{@iNiTSLLBHR7||qqoOpQ)x@8fmXlHBEph4@pOWS6aO1Yh zLb6WM7V37Hg_h+>`;XBUN$I^g-H2?Typps7{EU(;9ea+R6-USP{r>|IK<>Y@E-}1! zdEsM}*?zVqwi9wy(@SfQJpRk#@rNp(om4t&i((V#rj^Zl1+fV<<0Z4>#jpwF_sV5I z-;J-ygg0u;R)U&bemb#6o5V^_y_&0Zwj3`z-Tkd(nj$}OjqmZp}KPAVxqpu{d^Zj;JL4>epS?atKFQBxF}FpR{q(fxwZlqp6_Mt6%r z6NpC2MF$H(6UYviir!0|dT4F>aBt_dqR+_%pS^O6_)?2J4=C`AUv86% zJ8kJ^G&|!Sg`JZYZ6cec6>}zJ{N1~d^TD#D!C{@8CyiK=J8^}qZ5ptms+DL;wD6;j zaIqqkbO*!on_-`Kw%6RhU&b`eR7(p(7E_|r<1`%`xh97HPKndBCFNs$+N^DK&^yJJcFKk4%14-ury9Lc{}-2CRS9HzMJU>Z`d2Fyof%&Z3=yNB*hXb< zU81}X-BlNG3pf7ew9@#&C)2bEAxzDNXk)i!^9$f6g(=1Ssn;ljGc zhY7J{md{4`6I62Zj!Aip#=L(I%n=ac#sM zr#iNZE-BLTx|LUi7WIaDS&n-h#v??7c?337;6d7u+TkBBgkRu=;GNZ;=4qsCYC?;# z1KTQRO|b<(BerFK5C#(!^3D`Bu=|p|;jA+K!u~~%x>Lmx&pm3{%x7s@&fyZ;tHjB+R%i1PI9W) zT>s!hI|=p7-Zxs%>mePyIDHbm6-ot4b?c(FK|{>8bJj|S>6`%mK?t9J7VB3sDd~Fp zqM7g6mD;o=t>z7*Ie<}^zb364uW~>rsMb3tN$-odmMP0Mu_X(YArPgJnd8^c35^f~ zvtG~rXz4pXRKMS-87XPD;gz{Zq@oorp$T1Ke{dd8V>b%`Di{n9%KI%(p31%DOa(mU z00tx)CCN!oAfFgW6h@7&p}QTD2#?<&_KtY)Esy!94kQaNPvxWV_49sPCmtWohuF&f z)_O_9q!)>_CoDl~P;8!-(uxXelCvi{(hzg@)Eg?NIB((oG2bQracn0Z#N*u9qZnoA z9qHA54e^Miy_qnhp8v=?voUr6-}%%!)0-@}Ht!5N5rIR(S*3B)I1^=EFwBnY(Km`A zRxla~x!ju9VispttuGp)ZHa=ZB=a*u*czt~XMWz-5g&XZ@JB`0`>fP=G{2{7%_tWI zYZT_)HC@6X;ic9Iun;L{bs@IHLj0wdl<4A?n(hw8C$Jbrv96>(gqUX{W11-q3u7~|N8GC{)t&m_^V@Lu@AHd zuUakC&I6{0RP=(tm>1+#u%HwbAq3%~MbRT7O-;17v5C!9X~W1HajmzeE!d1)L2R)5 z1SHiP@#-VXS~V(NqH-mWz1Oc9>$3H5e!XnHjzw)A-nbAGW<5vN?S^f;CIBW!Fw%+H zF^^5N!UU=RWx}AMT=EJBXLMH4{pu)Dn^IBbFgO_2p^F?#9PF+1+r&h{ScuqUSP!KH zdii~?{?*cA(G$%0(I{Q>R>Q1(srkEcKm(a)#&;mS@Gv${ly8y>$Bk zQ6Frbt6)iwtRz*fJWjpJluDHezPR-2l*g(|nNX3E z-puRZT9hemITGtn9;5Okz2+pnGgL~oNmoUZKrx}tWT$>4gO;l3X(~-OHb_ z_{o?dk=l^Ns*prKc*^J#Ye1%_wIr_dV^n-RPOZoEDvwz1`{eo#ch3gNK15|l0*58M zGQEzY+n&F&ZJLe#y7v{UyC|bUb{96bV}QFlXs3hP2}Rgw0i#y0g_E^ZZEhgqGs1?4 zoq1NlE`+#gYrCbcWeTq{Q5u!ov_a5ZAp*Al4cpGq?!))HT}AN8o>kCIJg9jiUYA&P zNXk=|Vw9`}0P|OQ3vxlKwtzfEj2VGKj&2Nn zGQyIO(6v5as=t6^Cna*}B#6Mci0+*sJ(rY2^zr(J-6fr#)7SX&4!%Xs)(wNO4(>c~ zLK(P6p!ov3Wm@*+Tw>cDy&d2K|KV=Ks&6Vu6_+bcmj(O(y%cYRvL5Xp#??WttmO>qc(= z+1a+e0gTVR!YhZb`LbZf*43Q-BWr|B=k18@ycnP>Nx`JV6yDdodWr8N04V!N%er7Q z_;vET`H!MvBr95}STnv&mW{fI?K8Z?V1+>@IVjKG*&3y2yeU+YFP?ny3gB zN;VtV8U5SO7UZW>9r=m;M93AnBL4sC{~60AXxqdiLym(VM!S;uo_tv23HOZq_hrT5aJc$K`<)1sB!! zj&7p@!Ct9re(R9c>V{=3cQtf)j=AmDgFiMd!MIwGOLclG!6j;H5)pph#z>5-Rc|=( z_EY09AHVz!jMZ47ljoKG-4_RYrAv2$lSKYWcjCPmC>@YeR-lZ|FSml@+f7gQ4oM>v z0zu~}@jSw)vh^fYH_sWl61nrt5_HXulWZ7Ol6-&CmlxlkK&-*3+6D-;EBpvGYq7_o zW{uuNP&_KrJLo{E+*_ZWb%5FnzT1B zhTbx0J)xzYcP`A52iR2KH6OYpJXFEWF_ryodTI_x7)00v-(Z~I?#f5!XzA%q3-Wyx ztmO(`<^z}Z7c*}aLL)Wr|3}gt-`(Zm3-7tPloKy${NJEH*0JdzcmBs&H`{ZFSz947 zZYDV4p_Mx?X1Q<*isY&V0WyPjF8Wr~ixWIg1B;f~zFOU7I@5XsZ6&i{a^pfz>W#I= z(eKWFN9N?|x#sc;j}dI5ubKdsak#Oy+GwLd?}+SL*X$?{z>+S*PV40~f_c#^`_gOC z?a5_zCGvg%t_Oe}I-VUcHaWBZ(IqLKFHRoyPOe1GE>_SaZF?mOo~7m5oV?llo_9xY z#2vX~xa`1sqw~LlXsADkC;A_bx3I^Zz3PnCYOkD_N-klW-_}@mL>u;;%*kIwC7S1` z^;S@n?yj=YVFaBfK6Jy*#VoaYdI<*q^FygScR^8@@y37j`|&&Ra^+vN{&fR)3`f^q zKW#?;6_zcaP-_nGGFCBRbzZPrR=AVkaknO^S?E&FLvm3e4-K57aes}Wx+>^;^pHed z8+u9KL)?8T_xs-p@jm>-xB$RBq9C6S@^gr5JU&O3(PCY+%KX|4YK_GVDSm@ccN*@2f-kd;Gk>SPo+FQJQIt|3D0Gndq;H zS(NX)_pMv#hQW;s+l1cC1E#VVr=KcgAybZe6TK*;m}xm<3Gch#;3x3E$L$y}Ps}yQm~wUU zE(&AzednsDftCWh5_Lh?Vh!Ql9o9POW3z08R241R$+(FKtExEh5E=28v$Y7RZmdmgDY_xZk|*1xhK?}?go zIu1Ia1wLN^c(Y)#Iz4s%D$~1UC!0+xKs`%vl=7KXc!^>~VL(uF;k!X?#Z(!&-P6EQKG)7e+B>7`Qh#VUakf_BY`NpnN#ni zB)aN@QG_qRbN;*Y&XZ4m_vDKw&(8Fmzc|;k_k8hR%%7c;KoMMzqL~?!J#YMFW%>-= zi6%FBzh)Ch$wGr#+kAwV_P&MV=bhL)0pbRN2waihl%iqd?a4Yiqu%l{XLm#dhjM7< z)&V&9Hx;~&=KG?3;H?Ammrdu=YJDz<8iYo>bb;CnyXHQmyN+W^faBebruJG~Ny$$KP>MoI_E z4~KLb*Sg2Hb<0s_L*KTZvcd6$rtP*(-5#N|>~L?WUI?8M=nJ7`3{%lAJyt1#yY0 zWH_lt)N~Epnl!iFFLi0>sF0QBG&F#M0&j(qS8R@s)}l3odP~)7BY8)+gf^nBOv*z* zjW_i*uXhIe#)Bza_#H(7A|U`+#w+q{@$Bir%N%OWwo^*VCB`9a&OgH@Z61#wJPNHf zyse5fWBRqJDrhXqCnQ5OEt}y-cMVr8p@iyeMGMJ@Xh>T*QFY$0iGx?d(^?8qun|pB zw#$Rhr8$7Wgx#@pEOgv z#p_q+TA~D$a5LMkCfXml_cOa2G|sv^8)wI@cK~FQorjimWvi9ZVoTUZaF5*{dQKxs zn!SYv|2onQ@leeR5oMD!pd{tTw%i$1)RXm|U6sdIaE9nwmB%&w`Si+5zx+e*lIx2N zHY1`3K&98PFF;QbaDCB5t8IM`AEL5;fJ5{edM95MR4ShRsSw$Xo_nHWX6T!}nO5ZD z+iUWY%bPeDtm&QALrkC+P(&L+pdMIQCznscKGs5pU9NU*4#ik@z{+=$;dGaJx&ZSs zW{9PfO0DGk2*Oc+x$%AL*%tTo? zqU0VH2pp0S^mkI}2srseRsq@LQTG+grrrlV_x+O>2V9E74@k zqU^yd!PSvWfiU4!&yDd(1w2WzOo-E>E?=gvll=yms(^(^E?-&!@8SF9T;2p1%C++5 zcoUypl=MeYkyn4ZHp4pqnHDW5d19r0bGN2J4LeXbMSpA?ruC8}MaR9ptK8_%$xEsz z>Np^QLSAThA!_wy2~Ys=6;DaIhdz;k*k8wb%=CH9`;ryef6*g+fuBQfi|6Exs93n1 z_#LA;(I1a z&AZD96jCBaTB%6Ak|kN z7oS3}yziRd@G4m9+&{(oZEXs%OtD_F^!0{nK}yQDP`nPru!&`P&0vso@7hz)3=l>L zdC4&BoJedB!3JgNejF-gSLAGv&WjX40yA)-W~cM(@62??cxx5dYN2 z#|cgvxxl#h$c2$bKwIx|DA_7eM1Z83Hb46fJ3SPL@G%J-ti&P34{*1@gi(5|WjuxDrh|g4L=0 zhTh$Gb}z_l?^8-LQ4}nTdIiJ^7s8PoFx^Zpl3d*U0gN|erai$8c=GPm#mm>P7G?gc zjkudDF>fWCa}~N76JTEwfk;xoQtCh;j|{k*)J88MCYICUIr&DSJ0JXDHiRjJ3R^D? zg$RM`x3p@D0@qqKjLm#c)00oHMRbmn-c%zxMbumaiVuAakWa&uQ*N7(?y$es-FNz{ zeck&!W<3I9DghbefV#92jpog!&r3{Yun13D$(jZJ^yjj;v5O7{`;G;>Y7H&zJGL5H zS@W@r{DuV%YGAZg8_dK9&#O@f2A3Mavwr@yO~ud)WsD53uJ7qEtEeV>_r$GMj@jLl zJJHYBM)6&?kCO^2x8@emi+7t_75F z8l2UrDu&X^`W>Lwfi|>ciZvZ}PA00#bh~(4v+7#W>?Rl$IqC<$c>UlW0bk2DSYT=@ z)4D`4JU~C^Y5bYvwwPS_n$~HaB>VP`F5o^!&?-!3twjwei=#_`wb`Ncs+6;9Wcaio zt@owA$SUAhssK$!516#RyfmHcxf+PXu<#dO#pO#?)S zgXnlsGW7}bkfQ#{-dTdTcQis%C*1+Q)|59SPi{19*AgP_|&;yv(~PJLWc}my{=&YRxu58m1mIlM->sh7kX^7+osq*00-&j`ei0I7Ja68X^^K%$e7pKV+YZ*R+<13a^z| z=(`{Q;-RY=p-D~HKT&@OGeX0g58A4rj9kkD13N9vt^D@DTN$5$yV*3KDwuy6`xkBk z*$2In@p*)c8J{WF^W`cC3hJ$EU&xsQ?<-VR)vpeay-o$p9j8|@j38z#wYcT z#wYEj#wQlx!>8XB*o66T`bMOpWL&vLOIQ(TO;~$EWIMY^3C*81>M8-(x`_k(RRo5Abm7qE|1UG-SObAj-;J- zW@74^*)Q0l2XePzCNA!2PWtxXgWv_-1FD`?f)M8^q(Y{6`W~ehMkaZhCqZ&@_QDn1 z*#x4?O0i}|Gj{HK7+AewC2Ilzr#2bV*1TT& z_NP#hx&d7qjr=FMC*YUT6P4k0E1E0s$aTZUS>hC9CaUwWEHuACIVOn0t!Nt)^Rm4z zpjlm}#!6nhhf310wKhQ-4|EbCLhhZWdsu387jhZTMh?yi)gQg1w>-DH4ff)2=z%qr z#+wMCaw$c|gFp=W@wN?3EYOa6Z3SHzGPN{NKu@+{@I7g*E0MFSc3E(_xt{FwANn#T zUpbRKhNnnev|+&aFIgoy=q37g(Yh0$(FoXv*!t`q7}53Ww|{!mjsHWu#1p$$=j@xR z_P;|iS`=~@`NE3*u#T=tf(dIokpa-Luqy(o8>m&derS_}DAI!?7nLOdO}*{!bjSeV z(KgH+fDqdqgDt=KV9ViI)Lm~`>Vcf};0uEDw-=GUuntehn^H%3p-kVO&!Csw?ubCI z(WX0yvAJ2`%sXZY9%^@R_XT686o5W}9|jOwV89}4wIPP`SnpYvuMlq|nZUXU1rjjM zL)F?`+*Nn9$uF)(>&N;kS@*uLl-iGp{+uoWQ5kC(0s*i6=-AI01sig(DWOH#UL-5X z5`$5$ko%6v$Srn2Pz^n0L8`}~+A*m1%LuAnVo=TR&E1nX7H}%;rJEYJc-cuhRBw07 zzC2AlrpX9%XuDnXbbAZ38}6||CPhGiR>XiAnDc2@LV|Fx7##E>khO@o_3!~@2fCkN z=Y^T;idoreD9|ixnz116R`B4SDH`?-#uLb z7LGNp>?2G!%|T5-y;>#jVxl2}&tc{WK8J)6Bl?H0V zO!vHpF*Z_xTGhFt{NQP6$2%!3iQ|j2zyyJBaf-e=P$}wEA%}QmChR~GlXW6XL6U-( z9KZvxcN&vQk~92pk=1RA%rI}4tQ5_5=E&%;_vo58#@oqu544(Tn}$`Y*gm4p>b!zQd$V{LYeSgR^5_Y+Q|5f$#gX<=eJynBzDm^;`VI{kLb|FW^6ZbN=P|Pxc?bJwHD?`|hu=|NQ>y)!+H~Pv2E-d4vD@>Fhi9 z>hFm}&d`ogyQG{Db6WZ%u=*4gI||;~AHkz* z*s1v|pDsHkN(e$`FL`1KqkX$yxS&{Bi-tB^k{j39b^`u|2Y_*J&_5Vo&YSyGF_tXn zZ8-r*1K#&n7-SAfdfzxZdH+ zHiR}co-EsU9^#wYN@MT4Y?E2Y7M=tXkKMqn0vRBax(s)t>ysIqW28#|aWS+&v9@_I zIV+fk)D>3a^<&t~O5B-U`JW~EUZIDz-!C(NPUw?XTBx!Gp&83DF~%zkD63MPlGzg% z8`w`6ie<``SEK>VN0ONd1^^o=Rz#I_t(HQA&4R9J#&w`}p`_WZc@>;>(7jWVJ+X1k z{<5`md-PI@YSAya(faMIpvui|Cta%^E0S+Y8qe9qfI7v6b^Aa+2qjlF<}x~(UKEtC z$YaGAdF8e={^dF>C!-lswu8h(T_LJO5HOD$$DHjJdEd-HXD6T3+p6=={o6r80G2B% zz{*^B0UZ}tm&#Y;Z9zr+LU8bfC>K7^R&zqlJy1er&pV!1w7?qxJKsz4#q}kU<%^}B z+%s_L;$`0O8rMm_9husH$`sr%+8X%K3=h>X=>`DvY#?MSwj`oa+a1}p17MgJb*V%n zMS?ZlEUgMvYuz0q)Rk-y!t0;$F2s_x|4@2+_%|V)Go*dnuerE=5-u(UKcV3x;-~VK8 z9BCd%s10J@@B_N*`fNX4iTrxavZ*b@^Al>sgq2!GptY_9L|gG3j|%izvcJ2q30vLO za>0yhRz@S0T^ejDG?Kpy1rX(ol>tuLTtI zNwX88)zXO-17N)WRto)Z_11UMgIFw|&^y6h=_Dl?bjTC#}~hhm$*i=kSyptZ2!>*h;K ziXmO=JUV!+_FUQ{xgEp}V;5!Ch(fTi5hR?U0 zppfi0v@V%tLtS9PybzeQWX)O=5Ni(kB;JIQ_Rh?1U?w<6KSijmkLDnlVP1ShM% zhRl-XB(FdkZJ(N&2X zyFKM`i?rd{3#L^Qm5KM6VT@LKu_hb1>|hz9RH?O6bSnn9h)URd$=trN!4L7xVIjCT zB2RPVZPjdRUT(53Fsny_T?-#b@;9u2iry|`OP2I*e-m>fy-w;9Gti|8d~WhI#TSwg zO6b}^7h6iAs%wTvT_^j4wjh7%cP*>80ULElP(ocQ*BCb}=sEefmVjf0;aa1|Oq|C~ z#h=;*aiCG{$5TAjWb1<@1SL+njtx6~aimfCMmmxo|}H%`}f;)2}+q>Z07>RKE1K44QkA zXfDj4jKWjWS%JBPb#@qxn-=$Uqu^90FA^}*daM?YyXoLNHjh-Y_uH_*1qc^~pr^E_ zw@%*0)g`>_bf5+NA9u4QdqQ2CF|+j>SRhz7{~Lqj(6F`l>z|=Gh4n7g6~`qrUrHtk zBb`DmJX&sSB${4wnNQYK>J8c>PV3$$6ZUfh6JHt}_zd&-HlVZ@U zYsD1kv;UEct4qtOAD5y8=9fej={>=i=5BEwADNQBER*n&h<}0lj*Zh=AmC+gZUwkq zMGUalHC1I9W3{2oFZ$bD1a^8>RAX}^>Mu!5|8$BTQmkeUZGuz&(U_?=+kM8)omoOMQ!jdbrKIsGZr}S zTagyLH>26@J(anFTz;xK7AHGxb?Z zOv8j~?I*OOVIh0d&D!JTTrsX3e43!v7I-aPBU_ny0r?Ecoto`?&x)`W(KV`qj7m-2 z=*hs{#TO;!Z*%2rP&R$yaW2JrZSBgdC#UU^C8}*qF?q)ngnPKO4zqNw3_sLqL;S_$ zTV}hfErvTqz?>)KdzC8Sc&xk5X+4^fg~o5IXN{WAsQGjbZ`6Fc+Nk-o+b6F1)R_ds zwVozH#|t9!BO2=mk_~@d=IhHjdB-ww$0RcTSMS%fG_vovlozRN-(C@(c@1j)wEa8- zt-1B)wcBN7C%}TI7@9V~W-Zwr7ggFk*f`KiBR5sr%9TsLs7vFykS}my$~^HLSgx!z z)s<=|t7qUCI-;wfUi*i*T``(9l?x5W;Ay>`o?1lqOfMq)r5KTqHORHyj*!hmc6iTg zObNsvXI3_Jq1iNCPz1Qh^V@^%eWTwE?vLv{DLwLl9cKB#>ig zrcI;|p6p|)z~%Qg|r%iV^!AEH!CzIFu;;hfvuKz^VFAF_-55u!GG zS)P)&LYx1*f>7Im`_i0?h(YjiDkRmbByAA1p6&4(ib^I)pJEEE` z5^PoNwqkMt_&Hfpfsm#RyrZz~xvz)CDY`bq{)jDJBBcGa+cfDS@K7yu_{c#JdJPfb zA4YZEV@-D@H|#J<9V@yvT<5=xZ~+JCe+DS3T&gL#Ac~iZg84L@-Ol@5GFj6jqX_+@ z;&-%QnD{}p@rI3`7xO*acU1hL1b? zM1GMX8cbky0uLm7EBeU1H%F;mXeVncP2cjFWaPz?mL)4ZfGxDx_4b)+O|vEX=qNFq zpkVq$k)=?YtZ266Wet5&)-Y+2Ix=g~%luQ6?SUnSPHfE~yFHttJ$US!QbccJS$qJK zzx{qwO~JAOm>Rr76nALXd8|%J0+`L0O7>k_&Rr zz&~oF5r{cbDM-lP=ph0%6RWipE3RD1t=$s`11l9(5bCQPqR16t@3rhN97+K0d9^ZvY)x-YXc=Z* zNvgxKgn|4M76#PdYLzF-uTj~|LhI)=4b$a>3@Th1qqwF@)krJAjP1!%?c6S}P-Ku~ zyLasv{#G%`?Shd(su2W_9-vS`>J zt&rteD*CM%Jr)dmX6ZKe#;KK5=1ek{pex@{AU zX&Db=FI`iqLETE@GRW z+1;7S>C;o_LP`=*dz@5}M^7J3$u(c`g31E3-)jf}_gvT{E@a&iaK)cLB9DcH9%Zy7 z1#?;SmcwjND~RZ9ABydfqnp3i`5@8d1fTb=RNuUG^|EnRMbwf%zIZhy-&;_l4&vxe<-IIH2&< zi3%1kw(i?0GGRi?ralG$OVW~DmR#4>%fhl>R*2GuVjHT~TD{=<6eT_Ui1~BtD*>X6 zTw$@Ey6e4$h9qsum9|M&66)GQE;k&VPtEUmB}EOzrKs&RL`bZKU`q&2rzca0Bt4m) zI6An59gn*JIPDz9ZshPz6;fAP3#Ar#sR&s2=2BInOLn5Y!NP_|>3_U=~4LIS5dDrJdECI(zr(;^muH z(^Y;5i(+NI7Q75+j&9XQbFa9)<9_gf+H=6gr;rCe`Ee%lbzd37|zGr?{1(j6Zne{R&-29f(17xlL?rV9{=6Q%z5#I{Ds-? z3n(-tp$hs^)Kzd`Z1EL^ql$3;_U$u6!N{L@J+|m@27ttk_xK?BdJhimtnIZ_={*{b|vw62~hl6&&!Q5XDvND4~*_^XKIW}Q~ zJ$z;U(IXgLL}LG$N1mYCAHZ|D$`nsyxbSF;+m__=`o;BS+b^^NaLd zrZAf0$g0_rt}iORe90AHL!}ESJ8yb97+46(dLsxo6CK>B4UHFny0{{=GP9>`6^;WX zgJz7^n3*+rg!a7y#^)$J#ORJ2KHu_VMJ(@B@8QP^)3iMs?8gfGuRcI1{((0QoalcQ z-xV*p=2Qzg$Zybkt2UujN{bbqFfe2CXtwQJFy>v(cL_Eio1g>1oL`nkE1{8?vv&OR zDJj{#?GtzJliyjhBH#cQzki-woo=TVtFsj~1vC$~squfLvpxQga?4VRL;Zg%THy4( zJ%*XDJ^ksuYrW<=+APD{+FnwrNVFF%?Z~vGr84W*_LrPkC+7)yth05{zjyQ;n4&6u zaRvK%gUj){&VdPa>Bvq%*wyJ4E&F`EK7RkN;BVwLR}h*LD>n!ab7iakfaG>%luo|> zk>VZ?zmXcu8^S1^7yGf^tSwyl&5J97C3gSgt8*0x9bn!)pyMwTB!wUxXp#&8?9xr;V|(pLlGnOK(HQl)Ul$ zmmuAHm&swK2mU*JvJ73XdD^s0z<(9jyByYdHZh7i< zJaYXOlx%>@QbekOO689B~I%yTr{5fv9K z4i2tMn$fu6B8OyPp5XINW-;dnnU6H=-!OirR0?9u_OAO`ch*4$--#W^zHENoRYWF@ z!*#yuSJ!XxzreBbs&@C4-*Ry@)CR+LL%}@9Xz^@#{Jb}Wn=+OF=?d0R0 z>53^NyHn|^bFPI;w)V4>AA&OyVD;0M$a!_?tL(Y)b~OT0qJPJvK2vN|F)e(+OLfO zKS030d|YSm8qVHU8KAy17?y}@rFGyD4EsT9zuVRk{J4(Z{B@vmXg{!!Q^-P0w&(F`%_IUpF*I#3);+$oCwM~TJQ(r!P zIwk+-;!P-|pAedXRE~&M*dtgFpRhV5|IhVzZ<|_}_OC(07C+bQk$O6(p+@p$JQ+jL4tS()0>H)a)+Bf*?f4bw(zX+G~4=>|u5#7;H@t7f6o0AaWQI zoP4csUe#1_87zQI!+2;Rpk#I+z!aPCgN>Sk)=Lx0?JY?B^U}VkvVveLML;AkJu8i^%L1X;MzOFzW6`EWs+T)i zY33xd+z?m0qe!G$kF^Q!F+A8_$5rWlW5|30_8}uy5{G~y>gu?7fkaE5#m;ZtQLGSb zDY~6dFZO9_;9b)c)72Wgi)E&(vS3OP4(qd`@|HOOG+Lyt(v_LK8VeE&t=wTutKngO z5@afvIe`R8yc#knxs$0MJJ_2Z5dYNBrN3Cg6trg zNkZ=+inV|o5rPL14GPSjP&|mJCqQ4$w<@L&XMoszy~o`mW+!Y((t~JvQg=kM9z-@I zg>OmPgXjjN^3-~UWPq5yGpxO8k;Yu_+pVp^d%2KZ z9%^J@C5lSdX{vkQoY-JsuGkEs4LFj`Z8~_^_DW2@gzc-tFNmR)n1TW(SM?tj=$AOU4;&7NZD>$nBH5JCL2Lu}qZ5etSSRf0D5tCInbKmz1d?=@SgZ&Eee-tQSgh?zHEl|!w~T& zS)<=ydD`jPx8|yBJXFcohQFX%ShI3-`8EK~$rN3T2QZokRLFpSBp`je?N$+o+mBpB z@m93Pr1u(|a3R3?b1dFQ%TizwZFP!uWd{_UBlflesnd&{k)DTeknFf$U0vec4?}B7 zwkFxqaI>VcC0o(Ka+Yb|nw7b-;^n>MS~EmYWOAj5m=7%jN?KmUM|V#Ll-t9$chStb z8_Gdbd*vnhqs|&_$L%fKs+Ja`7{T;5|2bz}QRY8r6Sx@C)L3vQIPjYY#L)Q+o z$aGj@oONZ;DupaDr%vn{s$7LEG0wU&jOG#Ck2^Gz+>wJw#w;`GY z86jIBh$ko0>B*4Qsqtm3+E(fLc|5D6WTh@PA6PQ4=P$LAtl!!TTBFaRg{+pr2Fs808ZBI% zHs%=fD=Y8F9hJct`>wXPaGmozu0$~7r>oI&^WC7MK`;+;FUH<}dyheGE#$Qo5zy`~ zD!s0>y{iTBUj2;D|_{~ zL?Ta~{NdLFJKE9-f8+J06*UA? zTn}MbN9mede6WY$Q|$ekOW5q!EE8qEkKt;EMk6wTJ1p76l2=FuvU_R4bFMdaM3^n> zPVsyVTbK*gtU00UwG=d4GUfF=Ug@uC7G|VQKrX5UFHtD~%0@~oHbe?db@C3{9iqRh z+$YUP5-Fm{rsW18w1n-BHxJx922U+*cAERW zYJK9_7i1|asirT7`INLEPvK28DLMUGlY&vD$w-mn4Fo%JS701CC+3vXZW* z^eQN8tVm_G6y!RohB(-7Sg~#^aKm0*!?#MQ#RG7xbQwQUVow%W5+96<@=-$nsKjie z)8Lfsvuzxu|JVMw1M%A1@7-dI4Z>^BODVF-LW(K~O3)e$Jnb}O=TXQqrr-{J*_13V z!#+x&6J4SQ10m|d4{|H=GnV^{PDo6|mu$h69#qy9UubVm#mfcO##>c|=If%Ko!}te zIb!yf^t~h0Grdzp|3cX9HRWOE`?&4{D>as4ljb5`Q%URT&%|m))f05W5Sm49A&XyW z?nOz9W){5ImqRzFW+g3yzSB0+IXq6ped%h&V7=e=t|SR2qi<+-%gP+zGs0w~D` z%=klbe+)X7LZpnuO0S=Dh9zHimejc*UBC2_)HU;ssI}&=xq;dEe$PtwK3%C2PjxQC=(_N(2SeXe4Z%-(HdRE(X1Bh(E+ z|HLLjU^$jwjxXu2D!GeCJOqv`W~au(wX4(R)c2LbrZI zMtM-x{eocYb&u2NN4USuwxoNtmyL8W3yGU@=cAxsiEcl_TMM7dvz+&-j$O>%DM<8P zO`QKOPQ%X2fVQ7Y&%&W?g8{jrG*r@mFOO zbtF-@Bh@gM!fbcYY*6_S==fzgQB+N*%m{eU^MnzZexC|Obk>1p!wIJ%jN zhZ^?cmUaf0gm=ECLSU_S69z%%%#dSf*T3!j*L`$p;%N7tNW-X8+1h#K8%2iMnh5kK z7I^64j_ALxZr4N&ozZueB@_g6tuPfw-hxBsj-V1{*Tj3(~usES_#MI2I#bl)a;@rP18K zy{(PZn)WQpl5(!s*6UZ0V3act&|nIO7ayv-ed3_RpLDZRApiFeHdA~f!@MFUk2@B(w+1uOJ~tZIIZn4#(yHQ zBfJS`c#_hl*CHzmd{EwqDU|HxUW;z6%!sz;s4d~rHE?2>WB@Pg>suK0`}xe+X=Fdz z!FZ+y@&X};BQ-ES3WJRZlw3*2S_3>dC77&a0F9aqqvl_$6X^457u!LQU&!vgA}%Ry zyKcTZ~;_1`o(ZR*c?2p z7&G4?Cl^)j1o8D-+Z$wtB0P_xNRD6~)z3Xt*Cx2!=+dVeBT+g5jR{AHC}K1!Vf2olWZ zvJ%}9N5KR@V09qhXHmC_=_G}lZ5rILZ_3}Fos|_?r3pRjpPt%UDm^`!#@8n5XZ;Uh ztm>`efijvtphf!!og!WTt{*3!`Am)!4~2awkeJ|^Q76!lksNICoM|)ucWrIiA*0xJ zr>Ac$S~0wV71&>S`Zo|wbFO+^Xf8BU_vP})&Sq7Z-`ev|s7M0^B2h(54GzuI<#v;n zTK7XiV+rHu>KyPqqn-(5*Z>@u~^OM`*v?5Xfr&zyWVyDPHjccDiualdX;!{E>&qi8o!OsGhTcR6f?3T51&V+Kmtb98%Oo~*p z(zq4OIkTvl1mEC7?aUy}|9&$Ue@HAdGPprlmz@0ID_O7C$*^DdQm22|rc8{$vxvE* zOo+Gnq)dnd7k0$jK9l#jXq>nrG_h0l!h$E(NA`Y^0~*BKJE>}#A?s;Ma>GpI|L83e z^g0kvFQ)jwM+WR#%%@<3=+E*}?ejN4yuFE9AAWuC8}^u|b{eZA-m0Fnb<@H<+#tZN z&LRl(rUt-gcY593%hw7O|23^idrZsC!d`Y2k4WH3R@RsALvF@Q0XgDdqOc5_YGKg- z{;U|I-_Q}i-X86`sQNk1;;C5@@Y>>^RqYsI&mMg}Sh*PSY33Jv7TNFotD82!DAfve z&_QyPBvW05-hn@WZ9McX0{gI|np;eIu6DbJzn|bpzOm}_L`Jc-k zp1Sjq2dUxjK7_} zvw9p6x=cfnlGlrp{|Rl{A0L=KQ#BQ?f`z*IRLD>kOr^4PQw#o-P-MCQcC4YhE(AkLUO+Y2P_1@2pAu)u_u>)(B-3L*XuA%S?#kAD}QOs zytd;8ZQ8R-E6TAY1N4Oa;ONet*Ii<2teZ!TyG(SFf~GYJN2AUs_su{iu!g|20XxnjBRVoD0%?!ae}B_D&n)&w?(vP_xxcV;teL86`;V}8 zJr!U20gZcX1m^NSUZ;Q?SFkdZCtdb?Q_uK=h@YUWRiFA5nI;i@6?w@&@A)$VcpEcw z4HT(bxuz`PKbcjcdf4{sv#O3U_Br|a`Tk!=>90Grw>>8_-Mv5jd_Vi2XN@y?es@Fa z`o3?Mm9;(Z?~M=U^8OE((KDlO%>0Dbsq-p+Zhms=O*%}an7WedcRBMe{K&IhBWgb{ z=$1VdqFj|DN%G{k%q@dX9T`@V zOod~BfZa{!3{~>jNo?RjTcXjL_mmXf?8P{c_vCm z#|j3bz?5dz#Ns9gLA5n#Y%C~MnQUO1R_{;-%<<){gZ4B`pf&hYtE$p;Df$-4x*Hb_6<`v>+cL*o^GdN6f#hgkKsepl+p z^8&fHt+}r%T57&%$=+l}ngsNw{Ox#LYzm;qP!S~c^LGZeh?UoV{%Okhh|~}vHZr%c zqfCNAyFry8hh({`v$g$m@Apb|e#>D%>CZB6N#~jH96l4`5WY#!@&5HPT4xvL?3zqV z6p0T#^L4pk$QQi#?%1FzKZR9!}dv55ajur+K5%9vrb4#X^Dc7hY zR|)X*#@)ZC3XGEhCDgZQxA_#EkFtO`nk4gu9Um@HlZB)$*0sO{T(|X1Tj9Ho)BF@>hZh z|H<_+m|>071R=IZ<-!hee51g041!X&Qgr`K`xzQic3>X}!t-qH^{f%G!OV77Z*KDyl z+l=%k+_36mk3wi0N|ja`e2N_|k=oo_d1$3O{F|}Vt}4 zI2d{MHUU?WL`ybt_WC}@jGgFlHh7$ zS3TDoeT2*Ty&>`90c}2sOM+KU(+ciZOTL1caMB;Vz+NPucQI%xoS_;x_*C?v^Gh9HWbR;n0yD-(U^-_+G@WP zhq7Dhx;Hxrp@U;C4&7+4v9E8+V_(V|yXSiAiJ$rTxI5^{llS{*@%L}=ybpihdD-r9 zzS)t!*#X?_jQ{BJy$vMm-&|Pt!+MPvkli~a0z?;Lo?iIRe&Z5jk8obB){Bf$YLKHEh&Xlu?th9IUE8*SjHMAUEyb*Ux`ctcXde&K9~ilte}smx zg=SD1(gf4LaSc9?V7vo=GdK$>b5w^-{u6@n8pFEe^9uBAi=gRS&astyiM$#bOHsLC zPsUZ%Q0_!|x&ASAgt^peztz0F`SCwod;F~*>YWUhm&>Aze$Q}Lu06b*DE^J_Po7Tt zJUa18CS8#RKvh$qI+RzT-x0|V^6f0Dm+#m8p?t?tkj5cTkj9~zmCo=gNN4(ax{jHX z_Nm$aNIdD5_hOinXh8E+wK++$Yk9s3u@{UX>Z-%45LqD@!EG{{=_M^$tG^Nh5}cH$-kHG%%NcW)_GFB=)z~X4 zsX2S;;1p`%Nw@GP`T{#Wy~IGQQK^jMR3jJdSIg^8V-c~6ppE>z8EZWP)by0?NeH#k7vT9*AFIr8+ToN0+ zan+v`O4sahJJMp%y*S5pZur*4Y7Esh~^-AX1Q;SEgC~$8|riR{r44 zPL~{v^7WNB?tKg|$<}rt> zKmc#O6~5@K1(T6k{FBS`*OjY-!`&&J`CZ`iqw%6TID7oY`kj@S62sYv5D@|n;8An}$J zxJ#6{^F!Z-wPip+?(vpg1%p6|;q>hJ1Hr~OI+iC2bk#XlL4kMP;e+$QObnKncp8Bvyef6_+ zJU004xnAu|%^iIH%K^C2bJ(fGEV09Yx{QkDG3^Ikq4QKp3%t%d9*zZZYFrAbfrNXx zOW8*G@sHP;ODtl|%CojzclJwmt@2@)YLjT@D+BrG$8nnTt#05aWs46VbyfCK$08$>k8^fePntD7)ei<9WYAKajPY zi>uPdqOt_bN3?|~w4a9GH86B!jO~ae)h~%9-5FKx;)wDo9&K3=OJw9+Oysj|Q9OLu zpc>9j;_s6lYLIHU(C+>Yl;oF(Ci5M`6zS9S;3vB`{NfKg;emtA<#=haVP*O;OYiYY zD&I4eWBN(}jxvj%92_+o$4xT=#G#98c8~%A-+G2I=LEMBF`j5rD}t|)Xd8PJnnC{8 z?$tG-ehVHz4~$_9Zpe|z2(1tQLjP9j1~05`>A z9cK)55rreA+Oy;?b=FLcMaJ;m2O3YIHEk z(N-0Odr#hRsn&0XL0GeR!IH_O+DNRv?iI{E-P0{(Vt%gs)*prm<$E=YhkW%LPneAC z)n*@>3@-p1ukY=l!Aeruu-I`Xy)NkuMCtL8*oaMihJubfv-)8J+kRLs_&@u2qCfX? z1OQR4K>Vh<$;chMxe-hDom=zi9~F;r?X6yhglr0Tg2DC=oZ?J%CR7FbJS$+ts;`<1 z1CAyhKlZPs@JVGph&X>G`42xM$tr&bl8_>q@Iy~AbDI~2h9HF72Ta}U+#mfgz5&X2 zqK4A{HwjT>|MOwLx=+gQD4Y&3QrnBenoR2izyfwz&PZsFd0LKW+VtUus%plgHWPgR z8-~!PDhV(0d~NUvQJ9P+5rg)RsNWn{DPk!I8 zt@;JhYb%v6X;M1B=8tJb;VLg6>SBt248Og-y{+i`MgDxj{dj+0!hhZ@Jk;j<-90vz z>HFL*sq6E9oL|&-e_wvCy)`m+f5+qyRYM1=(a0W|pPaaePCy!K&83zQ%+Sc5Jb>gn z+dTOTBtBQJi&33@x%53XWc_E)?_!=B9G8yBZN;m6Xz6%3OYh0$=QF35IukV0X zGkLQ2gLm~gGi6`f)=W?nEj8coieVq{H{sp(LGd9G_d7H_LCl!wXVYkaI1e1dfc2#^ z*pA&^{*rf-WD{28Va0I7XlgvVa)QXudF$O1TepzIh}J%dPAp*QFhz5?s(T_fNRc6C z^a!xBb>7rcruExqqso>$N`A=~^bFqLxQzf$t6T9&5EJuxBrS*d*nmC2+C!?Q&q#CS zcud4|q=Yib)JXB(f4M0&__+_^kv=PdT|p^Z-p#79h(mTo!+0ojKN>c5Ey+6VOsavk{TTh!D-sq^`Kdmi*IhmMLI_I) zv@w93d~W8zldra=Tz?DN?rQHQxn8Kl*=R(5xW+}zqF_QFp5R*DY?F0)IJn|7UjW|K zWL3ASx#BVkGI)X_438!+ahHkZut`0^w;K(?SF8pz24q^YGoxn%A^7b#{XE2*+%GH5 zyJjQz;EJQ$-YOGi$0!J80L#l`Zl@NLZR3Lk$s1P3HU~!&O`-RGWVqFjN)q4l>xkL2 zK#cbpw4;|vaRXcn-6`^kDX&@nsa9z1TM_osHnl*#cw$uF)Q-m_NJZej*-(L^qrN(2 zW~hz4a83rST58?Fy|Jq%;hJV9le{DJQC`j1t<^|QlB2uHD)F*CQuKOzSUbVq%-w+R z)a|o{`chcS#im>9UQeJ_n{Pe;f7VSlWs@c_Hq8E#%X(}I&UJ2cBeQNJ4Wkh2Jf8zX zkyYYTSzmQH|GJnA^q>@;_jXkqUeq*bQ$0NfAgG59mD`M1##?o{(u>gZWrc5LU3iW( z{qr?{zK*}I$q^aA-PYu2!kgHk3yju+0mlV7=HQt`wSQc`l`78gC z&^cI0wg`XDUUH+swx5r|)F$&27<_l+=JL?zMeq7bPocF`M)Js9^cIsBU3nViO_Oek zyWtIES{%i`PSA;m@#;O-x*5)IWy7H63BTuGIl z@^F@>OV%qh5QNIEd-Ja;@caHEktmJS{WGRs{PTH6eD8wd%pJi&FpwEXA|qb^xA@<@ zBkvh!k_)~tcN`(XNNgOL*hqcR0ri}s@gE3WF9DfTkQH)QUhkbkiN3%%GBBw6d?K(X zPyf!7kSGGhm=owf?%VJyYoPJZN_-G=Tu7(5!j9W`JzTc(RHVO0MiK*-I|bw#g^jKW zrW`_!&5pezOO09W3mISVFkZw>36(G?2qJNjHF`z3L4rMThVQ>m$H&SmzG!G*HO4=R zsnNIdgFA`*oFD@Hhz<`&$*(gf;nSTbIh>5*`1#L-C#wEtWS)sM&JBM$(_Gssmdmkk zO7BqAGKs9rxr#3;)Gr@v{%PFE^st|<@yCaIExO8C9O$qtOJV_&cBXwsx}rn}X(dO}n%vnM z|M3d_@Stu4>_2Poz3L(5^M&2tMZ0+61!WY+H$#Rj{9?61*2o}ZIf(`Zay zVFj>%4UGpAnfqIDB>&-j7#IyIOcH|iT$03J@BQQQHaL!n*;O`x@Gd<3L~9icvFXJ4 zu8-c0FO((%kl_fYYw`U+2&K=%EePPl41AlOlA)v0^7(fbJ^X1@=$x0Gl|y4-@ORLB zv-tC7@FE<@-gR_97J2|qaR442Ysgq%*RCd(sjctRJOPIWThUm^QJr)R^DDTKr5OZ0 z%Ea|oKH~A7Zl*e9w)K2)2)Z=)X(hD&hs4Y~0w<3+YV?qKQ9$L)(C9AaX<6oH2)X|{ zz>7hLsH-EO8<5<+0xj%10Hum(Jrmfb@{%1$Yk6yLm0hxCR`{5LHoE&i)R;8k z7=xVxZXRdrI#2}7VEeR!9B z(d4o3&5+o(ECjpy8{B>g21@MPCI%;*M*2zgWn8ixNGwZwC=q!!yL^f4ki&DUP8YkP zvH?_@VKJ+YLidorS#plZ3b%4j95^TE+>unAMreG_%ZU6JE1%+Hd2Yp}Z^b{>4)^l%`D3VUXs z^pkW=IVa9;ANNT_++YorfQ|_HwOCNni_<}@7URM`K3Px-;KC!?<;8@;bfnQ;iwK43 zZZNuVdNti)!G@!Bq@hV&YVnq=HXB&fTO*?yU9Nu@4qx?AR=EnDI?hBS3nifAaD`nX zB8bM#+lJB-VI*B@-KU5Nr|53*sCcg8N+DEnnnKIO}${K@(r5;7Fid1{e9m)w;l3wTX z{(A32w?Y7b;?;Yb_LU&k~CX5SCh8X$O` zyAUFH8MCY?0t&<=e|m0@6Ltb_t@>D1EZ_zpIgr*gDopjm&8MC+zw9vpwlm{r?FzobUC*QX`Ylf; z>F*vrCV$mU`zuYjaGIh@RUl>?#@(1m^mGzpB>7;3%|iZ4)k(%%uo3v`-UTk#eLGG6f(2e*&fGD0T*54p$MtNMj`w(syjIJOEl^3NZW^WA+<34ukh<<}S*!kLtPX1SaUFQL; zFqy;&%={XcI+?_YoU+U|^P28klFiJ{3)bc#QY$j|Y3RJG=k4hlB7^14D)&zvPcXV5 z=SSxYJ&x6Pj)mslJ}o`DF4M<^x$#GaHn2pgvQg&vRv?)&E3W)3tR{-g=iu}6^YenS zXYj`_^oP&?8S?XG?QNm9`}IEh|Hshm@$ve`vG0>=i;6?K?E-8!z9xZ;Zm`N*3JoeZTg3-#BZWfgK|cUa^0T zqLEdPW(@|9RdY;-s9sK0Bxpz67lRMVA!-h*R z(UCne7)2DT$KT<3luCTNSi@d#q*ByX81s|MGv~{Fm%lO755kx2d0tFLu$@aehhwYY z^AwLj)%9%U=j@0!wX5Yit$$ka?l|twTCcdb)~x7@uw5%~=O@aCiEd}yBTx}fTbp^* zt28|wUEc=mYqSOI58!_9Q6k=(UW~YsZ~%^Z(mI-wk@Ac#U6!h5}a5^`r5P<*)wO%IZZ1bzXVI1gJ7!&TbHTDr7Y;?oV zmjj*NupLuq8L$UO_>17zfmiLskn+x3q!krwgGq`%#v+@ zeHA^8MuRDz0!GUpTS!F(D~x9ZLQX$NLCr;(dF2?T_s7cHuI@O}(oEqRAXoTvIX{f4({J+#K=CYDngjgZ09hmFF z04#8GUSXOIFV=+`^84Fb)I;W-yT3L)S;tQ4%a`FLolDmnqTs1Y-UwR4pvJB_J8pR9ZWU7``2714^F7B_q8e37Av{uY-qFrjL??#bI$kTtx5qDP~r~Yi=L5mf)e&P2qSZ> zh46kO?NPPCZ%}nmvq2|epy&#>GRY%mQ9S?Nk&W{~eZ*L@>_IpNr!9kjmtX>pU77w5}w2pz;W~X;o~mAnxl?Wu(6Elf+>^deP*%PX$OtwAjKB5ix;=| zYXB;V?5XQ_L)F##kHm9BLVQAoXw`nNylb*EG=!nzFzqa^qKO>nV{m^SA_2iq{}_|V zv`&~vLO?ImC58W$&9A!^KJ;*@8yHq4?(arqTV_TyoFW@oO%vLvv1DrKzp7OFaL^Bx zpsZcxU|){;k--oBmMI9<9bw2zTuz-{b{MzT81I7cvPfF!F_sdtzeB2K^XQ{|7+1`p^7f-`NX1c~*JdH;^VbBh)CZ;G5Lv?85yaojgu!8ZRPfy zN&GHllGgSbch)zpUxye28?4)71d=o;Iw{mJQa!9s19;#Hi`g7TtZqV)Vt33dIKS_k zEsysc%$;iDV2G|-J$Z7Ct54U=P2n?M`Y(6h1~*ggay*I|u|aEUyNloiyn^4&5CpVg z+0b7r|Ldx2vCV*l7_GGNELquzVM;1nm67B!X3PJ+fAQPk@7I0~U#4Nk*@ihk@`^F@zaFxk~+0B0Vrbms+J+UEe@1 z`^*r94^yo^#jgN&v_xJrXNP6`^TmQ8moktm4#`{Bbxpqw+U;f~O^8rn5!$DGLFN$V!6aTgXZc5!yOM%~ z!K3exO^wt9WUShV^ej}!CVsw_&BhxaNb*;>?k^TfUz(EGARpH$1bI5f9g#d91&q*6 z5W$IYLSU7sWlEqJuEl@gUt=uGEH!v63kt4j!RrA{F}|P&5k8fTMc*$InGg7N+?Hzd z8inziR1R){*sY_ep?xo#Il+BW8oXGZTwY#2GIhdjwz(uL9%Dj6!vJNTEXym-w99C_ zFaGQa|4i>6J<17h>l2{~$Gwi=b|suIvo0_WDf=O|!gf=;V}RNRTw<<~l2JhEgVT{n z%5sZ=+ag>23h1~SFK`7Hg3!Vcr}LssBQx(_i3e!YKDBuXC1K2|tjDa4f#S@Nzq`65 zW(gF^@r3Uk3uwb-%L~GAP8DisF{25q@G-Vwj@x}e9PU+SqB7KKY*JBrbkV!d?)rc0N zwSd73nE?7to(xvgV|*E-aV)^L z_^oy5P0?2+N;n$$=fDMOtQiTSvDo?;A5UmmyZ982{-*3OzsRI4K^r78&1lFbXj$tp zeknOml0Mu_QWy>W(g0d05SO5XhMiEH8R5oXR0n#ajf04(c-Th0 zqn!ApYmKlbfW5s!({G7T`Sw^a7KgR+A?L_s>JXx(h}c>0n1IZw5hd$m5h2}89h$4! z=SC~K&;F!CU_nGZ~NcI>V-^t#pWE;WTltD}b(<~`k)A-tDu;l}?Tp|==zs>d!z(sGTmu`LyGEu~rW~PTx z7aK%GWoJMo;2Xt|dgGRiDimX^>7lXG0^pmjl!GOb(%7vT@i5oawKqo8M1f_6dTwpT zt-m-?yE7|yJlGQ~CKj8mdw;bu%35o7@(+?CHX9~hQ8bjIIlsEoX@NuUto8({RrAI5 z*6@{?uKkjzFZSnKt~PdE(rUHqXExNW-r-%u@r6p-oDdOtW=2o^dU z3gOFk_0E>VH~fDOY}G`p$-6fIGCyR*^Cs*J}#R4LbW?c$Q7oXidcB}FyG732`wA#BD;n~S9(y3ha)e)W6`4TAs|EJ z%DoC_!@e!W1#D@oktre6yzcb~&R|a<{p8VQt9(mnyPODR%c^WLG3qy)hJP8`>PA4X z?T&a71(+|m!9iqk^xI|Hhv#vqz!TC7MB5Hol#h~`7xF10riw2>MVTZFyx#eL%_Ohe ziA48bto{SUx8MH*jBNY^2;;dPDXJ6x2i$BIQ^j>X7gINE7gOV3UK3r8_CPnfhb<5I z>d2{=c%@g4eL{czU@m7YupI)`2<9@9CEnK^0A7X5>3m&0vcI>1$};f<_$#!}NKbX! zIf6dDPrnoXAQ`@{n}vUK$qKB&Rn+~_1@_*=usa%Xd0q;^2^AvAHmb^KK}bzev8Phb z8qnW2$u9TfT7)7mI$F3|s5bJ<GO2gd5ZYx&gw z-Sn;gIkR2{_`>0%2kbL&{LxIQL6AEu96LyqELff%=?qdncAfoPs-nTjmoUBs zck`-n;J{@vA4?x1)WCTWAL(C>`gt2HU`jfu65~a%AtMa4wdFM z947WZW6(Rw3cKi|TdtsG)5n%&qH?PhgzwuF11rn(SrE>mZ;6kmhbhfe>Fu*Uq@#y} z=z&pi5rae!J|2l~^MP$Cw6d{wFy`gJwl(AkZ#&0-fp5s$+Q6G~cb}9j(pahL?kB3G zGAta38noP>sIfpR*`fgEP)5Q3>2Ib^B&PhF?s)JcD#;=y?j>I$4MKt@yMciUG*^~A z3nmpHB0YC@7(9U<;^9g=u?kqB)ivD_z;4}vXQu?eIa|MYBBKcWX1gLLnh&3WMS6|p z-#;{1mHhAw;CCs#N$lhwd3h!G@V;DmzBLhZ@`Fb1+?i1Ru!WjM@bDPMSWTf4h{IUz z`_B0CWd>il_~XNbyzB4Dv?JZH1NlWW26ZBmFWvCw=f7v$Tk}m^z8-9hN<@j|sDMzk zq*yGXe1MFnFDWFjV1&Hk7^>JX*E*oPBhh|R1vtJ<@aR`WceY&|B(+@}+_zmE6qB|2 z4^$P$X058>vDa5~SQ-6zWvwz*eR`y5OJhna3}wDc@j)N``1y8(ZXKfod0dAgw~>dI~&k;Iuk>smU zSeK#b2#E6?)X=@KP}HQe2KaJyEf=8cJUEfyOpxFv+7`jVOpxFrcujqOGJ^UtT`huz znIXYNHbC9}(^s)>>O)m_7{tJ5h9t8c#K2Fa%itO=6@7+=9T{)>3@N4Q%sib{`FtvRg)q*9((;ahY?&{MvxyKGo<)`D0P%Y+2 zI+Y@Xv34OjKW_yWCP`eT{0)>K5B7n_L;N>#4Fa-<`{!tH!i{!)2O2c3Cy_>`cH-<5 z=~*UCY@eTVTMOc0d;;y>Se?B|(`^6eiT;WM+uVly))raA%nu$LA0^*D4JI>n`vOP) zn^ns)=A>pNcc3-NfKNF=zCcyMtiFWCEYiSHqHK>4-RdC%uq#ruGq*95czQAli{zQe zQG)r-M!PSSnk3F(7MhwGa~8iyqxg%1H2*nyCE)Ro%Kj{hy-~nCDb-7A8zzD{C;G&s z{7H*XfXCV;mT3kotx9y{pYRe6MBfoMR{Mu}|@d$W~VD0!xi} zj(vRY>Tq`anZ`Xzf#YD}DG-(hpK8cLNy6tn#u@u-;+KfTj{8)Qz z;`hC~Ot)3BhZU%^Sz58_Gb=)_RMMO7Jy@jav2x9+Fl5-t|E2h~X~BfmNU{LcSgOUU z$xrq3a`)yh;P<)mFlPVrd?U{x|E=)zvHjtG{pEf3<$d&}{nk@SHuRqyHehlR3v<%paI=Q^cW z%-e*?-Tu_8j{2p)>kOHpEDH&DsW%akfB+XOZ?+t9>3yb-?hDj!SOw9nELxGCGLia? ztBHU`;y{uTHcPQ#S@>DAmSi1SaxNgNm<;hl�}4kSBmIt^!LK6*?k$yFV@xs0*d+5 zWsd1y*umwN3(qRLlUNTZm@qmIUar&~N_)eF9|t&hnHX!U9?w!Fbznj z3SA|6NB7YMQO4neVIh#Qt*Eiz6@Ga9gts`0WTb={84|Y%+^;Xg6J%2vti10 zeu}Vdsblzq_1$E6wR%@!WVQN=W7zKPDmi*fNoJe*jbo3lY5Cy)VcZ^@d;zw9v5#%r zwr$(CZF~0Ewr&5$-ecRgZSP6t-2X{ZsY>NO>t3tZw_iYi+Bd8N#?uLNz=bYs(PB;j zX-qydZv9wse;V=^OU5T#$WCsKuw)0e4D#92ZxLZ=@57hLu@LEPZ--fX{v|sj#t|lI z$735vm-$Jb5m^K0K{)GVm9GRGO{D@$W+yI0SujeAFw=ZW_70)_qDK$8%v%}hHDHF! zut{Yp_`W{m^b94kd|lx0?IQ|6wc4FRL(8krNX>mXJxqaB-<1#1KZxk2v#YD;HGdS^ z)7l+(nw2901R0&Cm#qA4hiFp=DcfAGsvI#fPQS5pl&@Je@LdnNTCH_Zl&YqFV>}%QX!cWNKuk>;z=;S*4bWPH$l(e|js;gdy!xjQglFg<=L23rf1B zBh0HJ7`b|413%3YKr?qQp{e^;asf1lHN&Eu_G#x-FT=-9#7qsO35+pEFGktfA(w`B z^2_w_6P5I1?P9D(;zy+Ighkd*u?J6$qMKcd zk+C@VsGV%qmLPYEf7b}IlYOkQ&gEV)lG~yRsK!fw^>qcm?@pY-T9hzk^CwCmhWg2# z)s8WJtvIH*E_G`AYv2vSfJnsDa)1r8P$cFtFzvS>r#tBX9OsJ>26dhrCj+@qh%E@Z z-jc5{MA>d(JGW&kpVo!R;w0u%U(X|sR!Uj~Jj2jk4mZ53JfOHf# z&7q};mjHvMA+23!!C!1|rj)c?ms(o4d?DZX1(w|MDl-=i_9-@VZH=jA!gsnaH66-S zMkXoTg~~b+=4~~60@SXVUGiYsCpR&~g}tN~3u?i$)5}H0!ooagS+Jh(wr7%U$$YCR z_eyhnr79QYiAQkp{=gJeZ&OF3$$-*R+Jn1&nMM{GAMo}mw6?E^u~+9Dj{Do z;5d@gM&(51VLb02Dieu*uIS8?$WGqjq#HJSG-g5U{1g%s2~=eQ3UKoTwTRF-PO^jJ z%qj|MUdn8PN1`ZlMAkWIYqBr$L_e&g05{(Ny|<0?*Vy=DRCnL7z!b4ke3_ zi>cYUqEHC#BOR5_kJnF-ZFf#t>gtilPkFYQqF;I2)Jihd7XdfHmyx*{Dv?-`T610o z@)C3W@jHQNqP|ma)&u?yT8!g0mShH2RO6))H_nbe(~H4cUQ2VtIfR0Qzmu8Joq7x6 zW21JgQ;wA;p*fVgvzmcD+`5=1%^(b)$#vu*D%AS;91R7zK&>gLq>WY*Px=NJ>wjB? zY1)Ep)ctD;D}TG;)mS2EQ>DdLUSW<>^EYv5ZKPucom$c=Woli`!ZHd|UC3Q@3zn}? z({#;dGiPU4+4ER)|DfyFH1Dna=4ami26*beXzW4(BLDSN_*jlv{2q({l*$4Q%CcDR z*Vfo~`GR+xC}@+mhI6}!HiFYm4e8zt+M=Y}LdDIqsQfx?`CV%PDh`s=4P{>a1BaQr zCJo{a44m|Khbn7s4A@ys-b^^EJfz=p*QQ!XD7vG$MH+ME;0P-TL2jurHIR2qa0Z0JSh#R zY}St@Yek+-MIUL|B8uoUx{}8V>W|xa=?Pcd$-~nGT9b4ofQhJB8F5IpZlXq(R>;2R zolQXL6EnHOgoK(tFE#66VNKa++7?(^s91ZJ*>k!QythMk z16Jr&j7*A(ResY2!_^gklkQ2FeH3oxoQ0<&>&JXST;(|bh}HA08|yT|{;7&y%q)ol zb6oJGxQ=l_3T$U(V`zbST)}kzKQ|~>xb-h~de`(6nU%}ztKEsH4M$JCXcWhu zDeiOj_f`V{Hog3>MY*61nkSv$%S%G7hMjk3eM`(bi!UIf^uUcAQ0gaR5Iq_Dy4D|# zES0XAbrS5*@V&XCIiBcyk^Pld6bg|#TIVs~-q@|D2j^-m{ zuzaOa=Q`x9iY_j{QpYnS>zJ%6Pr0kjFS=uy9JLai{t>#l#9YHV4$q(Nwy<|#Pu z@$ds^9vT)vVzL5m_eCa@$|m_)q6#5`3=an(|_WF2S*~*!6WHjvMjRwcO zEJI*EKseY+I$+cDr_V~-QE#fU?eTD&R;Y|wZPew&_#>T~v-!9z&31Z%?-jJJic0LW zZ95$AKQ~1t!a?EXp+}7zJ#kp!*)&|YDH^Ke+bb5?H8nPuAMji$>iN8t81hz!RzoZR zq&!i}Ea`c3iW-(`nzL!TuHhH5mirAsMKczCQ%N5YXp!Sdr-fK!JHLOc63XLB&t=G;*0P~ic!Lt-zg37qT>enI&rHk9Zqv(b z!^^^6RS|_{gSXhT5ehgGU})P}Ix*j!%?9PySLjR2=eVk_ND5oOnBPPd#}%KFl}Zi& zd|V#81^Yh*`vti_wiKy-d%Oud__DKf#elqQb)s{zUlT=84H{jR!ATScYQ(IoY1#E* z$`~6if4eb0PSjEK@4V4Fbta6$^EDp2t&2AIl;#o#1^d}?_oFY(FRRp!4P5H9p%;l$ zXi2kjvzIoYFgz7Q%=>dV5~*kOE#ERhA|U}sWBPkwg=7<*^~CeImfS*>I|tJOf1M(n z%Df+G0+@Eq++awL{C$}cTvBc1cq`D#u0fPBaJM8U@pBoDKR5ewK9X7H~avpN-%F%Qc)E$~gNFle|whJ5foGF*k81|O@Jdmls@RGo0Rv6`Wis!?Y- zU4k&|Gh(Z6(i2)VT&yt77n?!LW=XB*`Z*eL_(q8rDGaj@mXp=Z`_J@vmjAPWe2s9~ z!(nSth)Ku9?69oM#X0!vY0sN9^!B{9njcxH)I9Wot815WB$$|BHi>|bRp8=b6@p4E zvkLJ!uU$mQ7t%wuk?d;{H?ELqSEGX;@wqOG;Ee^LHUOrDj4dw`&M6v9uWPLrPzMo? zNB|$C^6qu$v`_&nms-RgV3|5VG8`cb{`;cZA*w=kH|IRaY&JgZMj4`3vd}6m#|1() zqy>#ldp@&YU8Kg~7*_i+nQJ;)uWca?5iB3(QlM8=*1UmTCTlV|tnf`Im2xU!o@|05 zP2F7Epr3?`-EVU2op%xD@eV8B+9`}Fhv+*K+=0l-Qv~;tFk$O4Gb!rQV@#o71*ItFaS3 zN8w=?SH}XCv{PXb3sOB!u%%gyO*51BwpeM8H>uRlay2%15RvFdwMvpeltGZwZ7lHLY?z9cl`C|aCOU7jP( z6zpRP^x@HdHtME_YB_5j^q5P_Q!CB1*sryOe%&Yb3W8o>g{1g}-vL_;WE~2!GVIfA zqQz0wtxIT#HEO|Dac`0wL9cBOy~c#FCO2A=)G)t==bkb^e%zQrT7R ztdaU61-g2Bzp^jsnvDp#C_@yk0$ix4zKJiUoNm1L?8+81&13cSvGmoZ;#s+~;m}yf zD=b|f6}7Xn7|%(zmc8qutslqzZk4$x_86qD4sj(^$MHr#K@oS$J6_@*LOWG-PR;Bq z*5!kmEb-5BSh@_7=Y#8YlkxR`{aTuJ0A;3xe9gljN z%u)lBpEnGh>@_N$x-{Fy&fgO%Q?uSDKpGJ_x4blQp}Whw5=Q6zQUe{}P9pwfR5p(8 zl32FA#@4ZeO5I*rEO1VZmr#`&o;Z{8Y+L&^E}bh?0J!vneSgm-VzYv&UP8rIs0YbF%{Nz@MOd8BMX2MChRtV_GY2s; z;E{(RG%ACXz z!L}WWbeawvdUypGy_{6nUmf;?o#oY9;Wp-vpN?+%bKx~P7%@8KuXA;ef?-~j`L++h zHus8~^`kHyrJB2i7%R#$Sd9i6m+`#+^>A~|z31#V0$7Ad!cnM6q`dt2DWn|qVy7JV zv-Bv2zfIf=VDC~6eXVA~-K8AxdjL`n{P!Ow?r(8Z4tfa+lI<;6dfLa#ybAu$b}vBz zgL47gUBB^=?>(|*uK+8EpPtAWN3rhbi%RJ|50?ELUNP5Bs9k=$82jC zYsgddb(~(;R7)kYO}y@Di9v~d^>iYD-rq@#w|*+L!Tf$jO~so9bq2Znz8 zPpFGCJ?lDfG$OXewPd^O7ISbi_)-hGoo;*s6slVib|!?$%HDPGw zSY)=oY6S9Om&_N82Li1X4=}yg!Y5cqn-c~QQVbOtj&`Jd{rC`j2M_M!`QWNiJ6}Eh zL)YUqGRGrHiToJB`hw%1Mtmk3Rir)N}$|@lhZ~mLA@TnzaVb z#K_`|wn?E=Q})?~aAwpG8B;{9weO;gD%+FmMPa?Lc4m<0rEliRjA+;%3AJ-99DZs+ zNu*n7^VtxWkI9`&tOMU>Cn~w@2(QN`LK;>R<7gG?OtU1H>nN|we$UY3^iD2U(&AKv z)9&_;GwZCi>zIs#r{`)cn^UaQB429AX^6Uc>}H8p#59zpTrDZZDD+b!Lgsm0JaT67 zwaby6OUbo!2|hg;Ql~^4?!4EH6X`IQiy-cH@3o_Id|HzNx?3h#2LEc&i`P13S-(H&5`O+@t|g1`3Ag+o~mGiGlmeZ(B*VwI)Bg;s3rE6dYqWXvmX*E zk++jOCMoL}!6@fr_;{H`@U`o~>`@_kHU|foV6sjshogY^HPBBN1Q3(9P{|u)V~v*4 z8*8l=(G<-Uj^_M6ilesoVk)dJ$Wv8QL3HYR!G8I9g`a#!GmEW&kiu0A%C;2SVnQ`IB^e>ec+15 zj2DtR8fx~u!eH1TZ8LdzaYQXs9aZeB7|^3iI<%n~E}&dnzd0kB*3i+O_5R7#Wx$Ts z$Lt^rjrJNUfzY%aTo!Jd%v4QH+$%ra(B4eF%X`+=)pV&Q!7?I={G}Iay`@ksytmJ} zb?Fp-fn5zpN$2*DvdA-zVn#JGLx|4bC4g&uCq2KU4bvAifQj^sv(;04_ z)esRXL$kU#BstOR5u$BPmR4S%X(+q$@y;}cDht~D#N0Gm37F~>_KAydG5}r8AZc}0 znzH=aaTuNS?QLhLj>LAyxhDe$X3r0)X0^%X`NUDb{{vk`Na=ggvn#a zgvaUMpsAVtpJnM@lD@Tl5%BDi*K>%c={fD=7uZ^ATrk6-J2o0P2cx%JA*nK)gg*PA z!&sk7=KDar3a{g&aDRqDISyYqRW8`l&QG-IcaVd^4zRk8EcWeypJ%Z@c)H*(M=~M-4P1=rftJEGjd+aS&6{= zG0wG9___fhFQE?ntL1{}tUmM-Nx>VeGvVSrqmsIaM@F$I;zFw5LOKIk^hr8jA@xMP z=oigaKr-{+<(uOYnzev-aggC0DA3qjc|EYV(C7r64e%!OFmUbeZ zJ97LniDuiwS1tWOv+iRpmvWtZzlq{hE%n~Z{J&%Wdqd9|Hln6$o&RBR&0GFNPbC}a z*==j~2Z{ea4Mpb5zar`=G}%4?+$EIn^7Livw9b$IEow&cLoVW29%`&tD=~~^QnFj9 z5Vu4w9UxG6S5pxKAd|r3|9zF&J{{2hX z>-+qCygs%Jxc?`qe4_c@@b)DLNGTuC7+Y{#oMfbrQbOmde`LU$k4Ao`S%K{m^L4X+M>Xreo~_abJRUA0YBF>JIfO zfkCvFkwRp7PM^OHcTh8hvMOV&t~j0m-sey+4ZlnH`+fMQwu)pfes0&``|0rJ;YqWi zVZycwJGn<=F1QrK5dFzF$k?H4=SAMpk=2G;g7tI97Q!v5Pt=CNsF%&_l3|rV2yy z^{Wkq2Nt)V+zE_ff@jwd>~$+$f_yYmyd6Z{VD2C`e^S6qXX>YT-UezMw_u@Im-!kf za}>yR7B_r{+P@py)+zs8qv*3P{}y;S{dNG#*yWXq#smNUjQ{)RbLRjmX;82TnOkQN zUSFOGet@1w@T2ExxZO_FXrH3N0(?yl)i94c0ZaQg#{igN&We{G zIVF_W(H}&O=(O{AI@<7x7yDMDtPSCO^LlGsSRONP1T& zBK70$r89%Xgo(baBjA0EXP+e$QU5mg-ZD_aT1TLauyGXVIb!7GN*e9CgBrSXMa;NGWR}c*LX)!-7j1ZgAEMW$Pef8uH{NR)_ z@g!$Cs9Ojb@Ak`<5ZVaPL%Mm)Z1ctW2cSHLDk<|mR%ueGW`)jr?+B!k!d)^TKQ2>)0kb}G=r6dhDP zE(>`H`RjV<)N@5^dG$YUx3v>YSGU=JOapjqqghm_)5%yEXJxF_W|aB<_HA;_Gwqp+ zvB46jdw2jZ0MPj)*-_Lnh2IF1Sm2d{?JW-b<{vt-D_;@+RY@ez*`r)=9`O-k5I$jGOd78iHNX_qfvfwFESL!9tAy5&Km!eostAv_2v z!5NRP*YuJk8FzreX$<_OSpGp(dW2wGh4dVfv;s%ogh6VmXRM1=IVEqOf^a_N=!FRFkhMDwdxG3gPy1T9UEjJ2H`eujSDK@O zaN&(a(Bb#QFg$|xU4oqq>(S4Q$h5v7<2ZG+&pi6WL=8=LL0#9+6BIt(0J-)LGL@o% z{q%V%n+x)cO~uweBYiuh(SFvlP0i<8V21Uh;A~VKKV2SneDPGWD%Gyrm4EOSSG}jB+jBDh(u;ouTm7Y-@rX(w3kZdOYWpy!<G3HALXA2q_HVz znV`sud4;W*zyD^nP7oZU=*;`t!;YJ~HiL3z2ytmPm9wff!)JkXotkC0qAfzS;7SX@ zgj5^9jLl=Z!3=8a`0Q>*TgHKIeWHd4Wnk+ID32@qJ>h)Hsue2S)eEMSLMYxM1!|zK1n8*V1W;|BSiv){FLVw z!cTCFJJ>Fresfr)+gILLf#_N^{LVqTiYN?)E`e(i;?OyYx-8gi+Bw&Nx#R-o+cwbu10^o)Pwl4VP zDvpP;6{QQHUrMws27wncdjyN0Z^f_T(or;h#pcXlfMMhxfE9Zp>8}R@oe%9u8DOJ; zuWn#)+d^$+V$0d&u<8z|7+FZ^+$|Q(0y&_&F6ZU9OEfzk|F$8F6MqmAA-cQO(?&UI zgoq!7MqpE@Ew9wKxV6zFKb|Cajvs)Ng40_&WOk5v#9-Qu5R14Wxy_)wqE)5rBP7i@ z$-DIFlprZmm9C?lvCop>?}B#>0LVC7rsK$jQ`kG|s)(%BMK%;>th%zO=j$boj$UVo@sJw0cT*`neL?(t< zb79C8!;(Em)u_B_Qn%mE)u^)M!jg9~|5N^7Q-}c4|HM7cX2OvBjyfv#WWkWX#Z@Ui z{%42}T_*p(r}^i+NYhjVv~C&8ZKCBz2prt7L5S&c~ubeU&v8N0$oE3P2 z!d5CW?0#0>Y1RhIgp|?3T!N3|K1W1trO;^n!~O5^(+rAjSMEXCUQpx)Pa=*?t1}wl z^l22*qgj-dsFsoD;0Iq33Tnt6Ba;l;r9@GfI>?UX;T9n8*2ymBt)%W!l^(;02)j4D zct1{L&@42$@B*9vjh@y?wAlkJD zW3`03IRXFn^B4_cB>PNc7SMU0v^FDBHJREtBY@A7jYUenX7*`vI;#0slH6T$73mvx zQuS;hAmPZT_$a4GJVYK1IBjBjT>jz~hD$~+gQClG#w0hBYr8;o1S6G;){==Xd>5k8 z8voO%bGo`mg6|g6*B~kCN+Ka%NMM|R5hPB)Ore?aSf*FSd00wkzLDoE0k3YTc^Ex@FvvdB!qUmIXsT?D>9^fplo?>3 z6`6tHi8vhj%IN?;>zkC-{1U*?c#2GFgzoBck~ zu~47QZ?+}avM7BDZw8p@2@6+>Q>4%)ZwlHtPTbaBX2A9 zTazum<02qm)G95vt>xO#R&kLslY`TuYlf!=B2s?SmGB|bH8XGQ1ace0-qgBF0T=q%Z08B2RQW?Q&}-!0ATJ)0T$M=QXUhKgH<#b$ar9R)vJ0GWUq^Ln$<3`QaTS^wC4@ws1C{J?#?fCt9;C_!3&C<)PwOKQy&REr`15pF8LQtk~*W}Hw)S1Lu(7* z?#Tm_WK!^OWeKm?wPe{-b^j-^#ch*jKD~|~8o3}>pT80R7nu7Uv4Z1k*7JV3=ZxJ? zgbjpxaLkn$pfPF7|FF?yV`2{p5b`s1da%`rv?tT$@C0S`WN9b0sKk<~ z3DbslRsN~&;MiIP#q_;I!dUxiz5W9%~Y1S0oS&ctMBi;;?<6{{(k&SQCmN*;?nxVwm}?++)a*9cXP?>1SH5 zL|>vH3TQf>&*N~#J9dh3dHW;JbZZ7rJOCKZ=3kGUjUJhj2{Cnm+VT0*hIAj(502F6 zkl*vWm#}9#bu<@{`|EdKb`#L^d-J7v*B=o0@$dL&1NirGf2sk&V~fD|yi4>j!)*Y7 z1t(y7GEKmepNdvj%Ua1=|GD7w$4FV09vJnHADdSjC{~PszFxD z0!{5F zyba5Ch^$YFZVNG-2?)4gYQT)AIAlCeQ=qT%N!*pBXP}vprUB2aEC zuho0_igdV|?Lm?0!MFlrJZ9rRqsc`X?P5B4o1TwN+~T(0cTOG$Tkz}kDuzes=JJSF z6ddRR*GktjshD0(^>zhOfYVB2`bNbtCn{xz|+UsOr}1WpP34&I3^aq+Jlg&%M)Lq zqYkO7+$xSJ;bVpH*Kyih7xBJ>CSi%@4qn%e5XW7P=ROz7eyRS9FF^WX>ODac7>@iDJqJ) zK%6*lAPXK|yD8(R-!rU7JJd%Mjr=bXgeTZzx@)ew(B{}zDU`z%sAi~YzP6{lmk!%b zSaG6&;LhN*zWVl0BKQ(#Y?MO2*Hc}2?Sty$tzyCoZvx8O-dDojT?xk9$H3|S)aO~w z>YVk}nfujQ&r7q-uK~Uvx5~wqc}F-hxWlh3ZsXdckx60nW( zAcv{PA_$i|vL@4A_h}`+k#az?EQxI2p@~9#(+axt1MrVaPCwRLVN*-a2F#M6C-2fO z>E%|jK?3&bcbfSx!3*?wQDaG3!-2Cuc`bZc%nDx;d5TT`c#%=3gSt5AZWNctMHfEi z5?Z=wJTlz0{~B+GKxY~dWer4*(VPT5?RnyB*!;8FG4?JB(npg=f9>RO$_}K1XLZU8 zKS;`zEouhDqmQnGy#^B?6<{2{mb-(ejrn#Re)TfF`�ob7@7DL39SPa#V3Vp|5%O z%4PF#_Ii+4wg>%zqYmkoI&fC&zLdoraWKL59oyit)tmPqy6map_*7_V-O`=E1LzsI zG9>T6SzLd|N zqnlzMS`WLdnC0&6-S3Cnx8OXT@qxe*Zr&x#M7!+bp0W?S28L@Kb&JPu!?jrk6stv3 z54xj@nxyR>0VlRf!XJxiC&TFt+S1%}u2NUooswM}{`$jIn13|~@<)z3#34zr8h!Fh zE)2uudLvHzhImwi@Wgb4dVxI!&XUGj8hOCl;k4Pxl05aGAeAv)XE@6?)pLr!X3({+ zJRs)bF5f;8b93yw(ws-9@gw^o>%Qt^103`R;hUO2Z@*8{n=#l>U>=q1$vevVaGlJ8 z50~E^!DKU4TEGnFqoJEsBv7=|=@w3HtIswBdQCU7lBb#&8uCh^$q$LUUOuj13q3@) zR(!v0tDc=lt6)YIawpVoS_>LL>py$TomI{`5eT%W=-h9`ufg(3W z7C{N!CN*tA$G)iL#R4~-CmKU`e+h$J_)!Xw_B0ev;dj1j$d|;@@=sYacbnwo|J?n& zG5~$+DYO@y&=SjPz}8~Yg+NWtgY)5g&CExp3q)oB^$UCC-*OriZv#IMH*Ol=%v}t` z==|L9zE81lwcun61HRd5bMCu6=$_*TI$vH0)(1X@#r}SokP)e|xuMN3Mzwdn2=#`S z_akeqj|bC0BoLtNY+=FM9M)AG6vF28R-Yb&{Bh6|ihV&8F0ULl`!)_xmIQHdZRVVh zmPkLA8OIG%Hb(&HL5SF(X*03rQ4D*ar3BIQ*8r}A$;q##Rxht_n;P{+2H3VN2b7`4 zlH67ZowkfLYM5-4&5?4}U=+ewkm!Rz&$il;$DKE#bIe)P$G~4~Q}-`))cMRMp&k&c z1vaq1N99KA%_&A=XFo~A53#7--geq9)`6_VGZR;AcA%GVsajH*;TM8A3fjvQDB@5n zSKc5tFIRZ|F)eWH3)ZhVmH2vm0-qy{xrbt>IOq2G$j7X0zFgI#>1*J2>}?dR2KvWx z+@bjM5T!?!81J;aiI7hA4tT;%wFxTBXH$^j5@G9eZWD_V8<%F6>b-gvBnkuc&JyH> z#|_X7M5y(sW4Y*vy&9KLVrMj60cJQfv-@S7?O5PF|BQNhN}g)*f%j0<>!R8;q~(bCsIo76i&ZJF%gXldIkgW-!5KNcmLO8UvuiW5vs z<+>M7hyK@l<@m3{s@5OkDw%Uw%hP3(XcVe8c^Nd-5v1W?yEtzI=D!{-e69W@Va*H~TI(a(;*cu$AG zSr6J&4~PmU%=h4f?R_B966RUO?3bA>V1?<&4@rSL9Hp-m7~BNbEw+b<0|78UEHV+p4ll7{4~8(NdDWvC}UFv zK=5ekkFwKROAxdcO;1F9aG33Oh2Vm1R(rHs#ox?B`M1ci)&T9b$n=9FM(? z-cAX}l>W=ErWL({Kg%goThhL&CoonTntpxHQTFA)pp)ZKTNxT@$#;x5A7O>}!a zphpUNjoWHEzl|pqixjcSE?!-R<1dEA;)V1Vv6yQW*;K zVIgC@Z-zHPjk-RbnT_+mR3p47NRk!+Ybc?vVwsDWOYvmlL=H zI|!SciQdESAMp73_&jnk@ezV%7kM7NazbZ%?qS3Yug)lAVdj};f5{Q@6M0e9Z=JDI zS3s&V52QypW>8o(Nl%I$*~<=Gh&Uy2y?Hk-2Vx`|Y>6lfEfk9(s2fWTZ_2P6qk;gDxqsf)FnErBhJQ75$`j4s*n%<8cBre`wI>zrT?9&>b<_=7 ztbBk@-)ElVigC>c=(V~ZrxKY!-ztQB%K`vUK(D{Wy4_>0k2pYwMWeaQD@sb9+5Tf| z0qX46ZEE&A$or}ZhZ9mFG@2F@2$bUN8Ou&28T^u!)opr=&FwjjKRdzG%(GlQ>WZ>Z zj0w302Cn*m}h=PhWmgufFMOxFP_ zE4Y9Uf}+Rhr1FR?DQ*6~n%}dpZu)VM=ubO^x~J1hDg&lc$c7Zfj=)SpeSuf%?JJgaYPti!a~*^V!D1~z%aFB` zi+e4O0%-sJdYOA!@UP35QknTPbpYGu@u8jJc8)}vZqsb53R(y_QoKq;gDD`PS{H)3 z41HtFa5kkly7TnaI@XBa?bmE1`$Pgga|Jo>7PRTl)tSAMoo{mYz3Bf!;et~f@c>_$ zLrzmX`)bAG7ku(=OZ@)bC7d^5;YM&jQ}JS+L@+dQXL~dlN67+jcd^f{&3>W86%e5Kt&!wqW5@mm}BLra(sxjJxsP#2e z9jXpq)g!`5soU6?+EX4^q^!+xkvX-iu08MLDkGK_25UZ#l_s5$yR#_^0od5xw$~r# zQnB<<$%`^D#!)lwjx|dY8l1p$n-Mv^FSx1R03piDc3r#|pZ`7Nefy|Y??3yuYs#U* z8&8bTr3nz#Gu~Z`njO+s;=%n7^h4?p>$w8^bSD<^uglT;4U`7%oQ352nP_S)JX?I-X!EkwtEc9w zW~$u;f0M*;M&_U@Max2xES>u-3f+m7K+`5%+aH36AB>-4oKPk!|*||B4#F) zsO|SGRfu?G6X2QB^@30c27erJnAvPRG=quPm#(Yrkq6>w(aBAhc_kGl26+k>a7ybM zkKJvNg^mqX-g6?*iNZr}BoD5=+B(~IWGS5O=1qM+recAOTl*m_HQIpXJsU0O;DQUD zk^KK8-iDNT@#hO&5z=|$Y38MW)=rP(fLvVRe#R01KV`QTQLfeX(l!k%*%ZRQaEE(H zrEh35BIz0-kV;-5mlX{nf$)x^pv_Z){T=jwKz9o`sa^zpgTa8fs$S0$WnDh}rIJmk z4bsp8Ox1Ika?AG))7HAjsX>s&0o#<8j8}g1GL^>0C`WKbQXT_5T&ni>05aV8E}16f#IDg}5=4wfgaT7&SpHC1!I zj{@`?{Q1>!SYN6CpR>l%#I&C_{!h^d>i6JShN(EA$5b*B?Jfg)>T)W`irn=INS5L= z4Hg>bXf&SG7*_5vtKZyBK-(lg#m`X((x*e1w;Utkt+D-bZPv~B^ zQc+byimRmX?yh%_mrRZl@>n98AAXCQG9weuFwl;amPD&IY#Gl!=^^yW4%97n9L81| zOC{c$>-ad`78e;6T%BRU^lxeTvd3t{#zOXjT*Csk!PjTb-i^fL z6sf|Ai%r>d?FDT}DrHII3YHPAj_1M8%=&(1`0ufzf7&@40R{c|`TgZ#E9S01I9hqS zYL{08IykhXQgkgGs-g9YQTx_jeSBStg_PaxDGg3XkV#++B@LTsTvXbThnm66g*^)0SNkb~MoIh@&!k&WF#Nj3hU8RHm zVhIX@q*tM*fvPjQ`M=<{)d{SdD>rzt^aY` z!S??@ZX10DARhvKGg;QXwI8;zO9C*2&UBt+=^ALPAjf1o>TguR_cP+{;#PRiF=Wzi z9w3E4r74-;KOhjOn7H4K{jb>mACv8GD;NGYaZkXzF>x<&|8C~>7B_Kkkf1oh!HT`R zW%@tJ+aN(PqeC(LZLjfw|2?wVKysk6oH+7K@0_T*)ftF}92Y(pb_XtAa7O8wbTw!yH*rv|m8bceS`kjSFRR zq;8b85Swx^!YH#Dwi+-j)_(&HJI z$Zl?xu9K%dKFEK~aXylowtj8JB!B#SoQUV2WzximvO=0gS&|;zPA)kF3}%gY{;Qkn zE`cEQ|G~9A1xMlrjlvH$wzV-QHa9jmoY=N)TN87GjcuC~+vaX;XY~|`zjnjG1Z~|g~53{kmDF-A_EMUy!qaFT< z?wMrkytO)2N@c{kUb7ZZHyQ55FH_>2CE1@MxE>F_N1f#GbUl!eV<8>%cJ&;a<}I5h zX6V@7*5+8~XB(8gS4Pc71E#UrB$^PjQ|7WYBxK^#P7U!J6}9n88O1bC#y5fE8^_{3 znv+D12-h7%4qJxe(GSNz?VO$)`$qVHqx>3k#+Z6fT9Fg9v?!vh2HAp^1lxM`5;05i z$88fYOYP-18dcUFq4=vyv!=N)bFfML97X0o_dfcyM?EwslW_z|hv8*N^tMOFry3$} z8pi=P{5TFjME>1>iT6o0;LVqUTqJ7 z&G4F>NGa7@!^->_|Ed0aSSroYz8CLgOfZvf)mAgEQon|rX!@9=51)j6*N@emVGu>z z*1*`~#{|r)Bjb)lJ7Hkt!Soo`Hyr{f!wgPiOV0zbE1RUH$3KplD)E0p8aQPLauiU; zHMM}+t>hZyl00Lu;$!<5U*YA8#QitR99>dw0J-SzgGlpFn)b_aa4M2)g$S2adUU<) zx+Zi!x*gSOW zhx--Tr6e`NPOV>-rGOCAeF@!i3Em-kM@;br5ry z?*HCS-(&fIST-)8l~Ni%FVY+h^gka)R<}~T1+w+Hr z#_is(;yD_U1iIfXEPCbAoO{>{iPFts7vR|XOv6*B?R`~Nds_EJ{B=H&Smi;MGnj*L zQlIzt8j?bj87Z*2NeH8kG)LSTM47lJn-t|eyyv0CL$}aQP0Ef|fxYp384P)~O0t*a zq#ZK}W!cv_h%wW%hE-VCLCp(2pFiaLa9q=tTx{l~u*lw@l&>$ix>)%^>yX+1yyYj>FZF5uTr$#sySm~5o~QIxGsu9@=#AKaq-q6!NfUxhA+*{$Fr~_D7B>J_=&?efm zdF;%0P1$w$--nSyhj(mlez0VCv53N2jYSED!$q&4OoiKhA)Js%T%oW&ENcCsS>lgD z2$>&7lm>y6X#w^u(rs5x_cdF}Ac*0aZH~c^1(X8@kX#gA|DOgfG+u5}l8!-x;Tdoq zbEK!gyfzx4r0Q6)E)Eo8)=Y9wPIL*1HhUm~$oIW}+;$zUqEMq*M4)d1*i3fwADH6r zxI}mbn7pOqIclk@lM=8KQ@Sf}oK|J${4b1lTAsn>mS|^PrQ{m17?N5Ln}yUfb$*>`Yp z)SeicTzZLCjg;kSj2Wwpl7MMZ6AC6Oo&`yP1wZskVJQFqpU?j9>H5X3_@BYXwiaS7 z{Xdy4;Zm9VLN>|lUB`(3;tpf~F>W+r4$18Ipnn$7bfq%)+id>dpxpk?m#xz3u3mE&-^GN{U8S%9lG3DLeL%?8Od95GB5B-Be! zR~t-LFYg`;IRgl0U!Au22BI{Hikxr(veNLWro&*2K{L@7ixMxnf4*O3v%9mXy<59q zx3?G9!hyYCi{ArYF7_rvpRY)Nk$%6p{(8Brs$-c|3OIqg4#d_72>=_C>=}r>tsCZUu>dsFJS|kCpf6q6f-waZ6PRd~u?> z3fp?zm0y~S-BW~)nm9>Y%vhpcyo&POOLxT%NMp-ag3hNo0GwUKoI-B5$3^cT6lP`a zKTuy%X2B}XLfaKM#hvLI>07gy1Z?Be~+^lGbr=)DB~fAz_rSk^HkoxmLn0jL{+8XHo=pz6ePooexz%9n!^1y;CCpKGtzUO8 zE{Rp&p{pat0z~tnpMWc5tV9cm#e;ILU;b>eKyfK87B{EDD6J9L6At1ZBUj{LwnqVY z-_4&*t3Zf1rmuMi+xN|aBqza#Hw>=|?}>+y)kmDfcx(Z=rHq#sKld)X!bX3%?(rz* zQ}Fq^I==;u`ekYTM&3*(~A8l8n6MJg$o<#;h!m%^6E;n_rzZ)Hsk&-)Dt7!sh6 zzww^&$V`MS0bMu^L;dDeX})PB^zU@ACZXE5US<-5PbcjEWWC!2iQbvnlT`(PcIn7Z zCaH@nu!Aq+Le98+B3vtLwPO0})3-NbVtev0v021dXS3`?FGPiTGK1q=kN0KS2IoKP zsWY);7I`Q(bLA@xm$C%sGw-40e(QP&qNmXH=VvVj$sh0b0=u?OQA)jPH>EfG=iC_> zoU418&2e_2ceWzye*Pl*!G=jkCn1(WG`_zHSlJ&lr=<(DbQoXBv$}Xc!r4a81`trD zxXf3@Xn)Rrc#}W!>)cXu-+SSm7*ED7sZ;HnU|T8HWl~6jG1J+TznS+FQhyBYdAWIO zNh1_2+XALW;-sq8PRU&-9kCQ{TD0TGG+jc1cu-%AO0=S{#v4t%basJA=~=`_+9%nq z4F%%qr*0$g%UlsQvYE;n)@U)dAh{JPXjREx0skwQ*UXC?J`xBA(K;R`wk1p5RbBp@ zfj3wu?I_0No9~$9(UlhF?_eZEE}>$rcB6Fe)>C~Rjq6)T>0v8n3au?8^4h}9+G#;dQ}dsv6eJc3eTmu}Fr zJ|AT(OjtU~9oWh(atV$Oz8O$QZ<6zB>tGX%h3z>Mq5Tnig z1;wbJ2&8a^u%4%$XM4h{AfG8h^+$3*nO|hXAST(ZGIBU(YPT1|qEi(krSFSjP!~f} zQ>u7`$rh%rw_gOiX0gQ;JIAt<2~}_ngqp6HEe&5~i$woRT~UYex}M2KZn~;P;5{j8 zDy5@LGm)jZKd4TXTK+x)eNhz;jdHIqCDDX#Vr_|s&ZIlws!plmj^Xx&0a%2fUbCRN zLL&Z^6KwOf_sfRrb&DoBfMW(4^fPM?nZ6(#Eya%X&(ox$GP%#pp6AN^cL^&x5R9W% zXkik-wnK?+;tn%(amrORikW1=iQ}|IL13<>*<8+UP#m2q9L0#@*aRlMR$R3anUd); zzFREM0WE1gfD?YzxM`C!Nvj>(!@}s)*V2>e&7(#7jv2T~yX*24rzL(Yb41JdLMf*Y2rtIkbUmU`NrcTodxNwTH?J zLt%2BoKPKeLRVcVKlDh;*?th!YAk zb0fbEg1UBLTGMquRf-Re6S`I{y8;t8SJ)M|QM8=v656P>N8*{g1aV})b5ASbA0S`e z-k|R@a`FrkYbnfIyu$25h_%Kq7y3&cL*(4JLf`_xe%sjwKYhOn@7OO z6(P(O$Ch85YcmN@V5?NBEl+MQ(v|$}H)}Z|Fc8^aw2Umbq~x@w#%qPQzDAf0-Ysh$ z=ZNZWCo)g%ZNxd3`Y+w41Xp$?JwO)JS29^Oqq((dc`m{C-fz{AP|YD^C44I!<>=dY z^E@r40&9*F2pdUup%<;(_A`#A7V8lk2{iTQPj6p-th7g* z3cUJ3kA(ww+*EiqrPH`=a%5uwBzxN?jMGW_JC8`l$KUofq>7{cHjajzR!3nO1`GjH z^T@++4$|rFHLq-hdaE0xjeo{OE}HUohTPSBoaic}@y}#_ge&xQGtM5S;LSe%bQqY5|S-Qp(Sevu?52Tl~K2;Rfq zDTjJ03Z~hY@*HjF^`OP;h@li)zkwsM#9zi6#?;ppKZu!thO=`QxwbL7YD0}!n`i8G z>25<2++yL>uiQB0I;dwyOLgsD+&azx*9~do6(%F7Jnz;-$EORTjtpXeH|8IfW5=FG zlWV{{aa=}hLq(gfM_Mwc#;ha)U}Ap0fU3zjClJ>H13sSnKqI40tD;d-R!gdj)jPv+ z(P?~?WLyzwEunkcsN!JXFW4Wi2R8FK#0jb%{!9FA+BBN?`Sf4nQ$Na2o(sySyc(m$ zR5iJytB+CAd(Q{zotVwZW9h}KZjnOQ>rK;4x(F0|p22O!s1LZ04fD!iV6irn~w>R z8Hf*QxImO!tJw#Q54%e~DNwX0k;_B~`L5+X+nJrQ)rxn+5uuYvKPH)-8|M>0ZaPIW zfby6lMG@b(kDfe(C~5CIUC|1P;lNZ=tygt6mwA158k}XHxbJ5tO4p3?b(j?ea@Tep;~@% zz)KY}7QT1NKI&$L8=sxDOdo1ZM9}uEhF87nb8bQLd~Ps|!c+d0;JE+jNP1&Il~HVX z4VPozhLRBXAn6D3)NU{g9xkkWjw*t3H#D)U17*z(MW{Uyd`BUXn7nqhTLNy#hTgr6 z?Lu9N(F{Am9gKTp{yh35j5mAW-ODOj4Qme5!doXzjh7>dnL%y!ZB$2(*s#3@(@E_W z;A4U=xY}9;Ywg(|JvvT(eS${t4+9NJ!6Q2ROYeV6oCXd-VaI2>H*@tNiV_`K9; z7Q!Vk5`#@xs~N~eo0Djx;fU>CzgdGQ8Ane2(5u=S zX>x`(Wu3kqn(@$@dY$>x+zV=)IyUDO1GPuvwnd}xr;pCEF5$l?g?>5NG+q0_{hanS z7@|!JW``K*@(^BSI#~Z9>mt+M#suq9+^IPc@m)7c0udyu&1mJa?5Qeu1)MQ(O2+Ig z(krJ~{%od|SsDYfclZQ5H1)e2O}wr4qb=)56Zf3V5N$+WikKFiS#z>dCVHs(Sy%uk z{hswKjsn$xrY67%vv>Hc8wR>tx@&zNQ!+A}$J*c}TJ9-czCNNbd1m|&7hlV)8Smh= zB z>j)vnqXjZh%O_Y_OA{nX`4lVVx;^tPgyYnZkVRMyXGI}8@tc$2fv?8lWbfSB1TcFAF>B!t>d%!ar#tE&g8*3s*2uQ&*#ddD5)6%NNg#ymXHsIF z;b~1`N;O$oq;!*41WKreO|kUs634IL0&=ATVN&DJ>75&Z;v^17l%pf6&p$hoa#8xw z&JJw7N!1o85UX*?dKAfARHkl4Nu!;(8@1ng$Vs$N25pqGD?g4_ci;$7$Nd0JJSjFmED2C zV?hlHbMsb60o<*whDp$023;vYeQVPRI3kTcgbtb3(~e3sX0oxnWR+&Iaj1Rn#9|0B z>xpr|QKfh~@;&^DEglrQF%E>ATPaFzQEyd%lOfc!Go`F`(LpaccFHm!s`{(5R#cw3 z*hz71BED8*QBpuKuWG@KFP=Vi$jO++%-3ZRmX1^_uj6pmsJ$1s38Bps@~4j;=pe!u z-V9|(Ak652T;v#&T;8GZ+87$Xx$N;aG)6x%v0ixq5U?RO>67Lw$Tf#n2=`mN50peo zs@n5*-SWcQo3huFX`@=~w>0l43i%4@`lUP#Y~=jf(u`)j$Oay`L zN7CsD8yrlWg;gyeLyDPAK;YRzBX?50oFWi;=aSV;VE1S&p51J>@UO)c*r|Z9&-b0SNwypJP?l#W;h+d8|qFf>+^sUVr0BFn;5+JodAdH=s@$( zC32a?$#+?pUwh{=v-uI*%_@6`juXuf_9f>cTR6GcmRAv4Sn5BIuQ1^EUVfa>P4bKF z)rKTX!xqOe+m}E;e|L&HT%C-}`*Bw^YJn&cLnq&94Tg8fD%%ImJ>t4bDuvIRUXUyy&`*Roo@R?U0qdI( zfC-L!hppL;&7QTNfUk7V(qJ`_P^5n_)vU^|bnfoN73&z3e{Y77_$`kS#eja08!F*y zQp+Nb%eC;{lolka993=G48cC#=>J|J#qrr2lF;Z;+JxdCen|g)`QkVtNc!_d3v(>h zAl#b#483dLXUxQHzX!{#xs5xIu9XSNK>%vV5ZJm)+Nv&rnwe|gBGqr0E*_deAqcV} z5yDA4vwFEIseZ+df=k?UOgs@l_JHsRx|Dhmg8jD!=9;!>j3wHr8zC3F(d}(=Md6(h zhT0a7_dIG?%apw=q}Hc6n-**j+M)s12-1MH;vM#Q zkAiHb{XPX97W>#zG<*czyYhR+(50^4Q^N-Fr^heh2!Q<08`tvqBuvtNgBbt>AuJ|1&IP z_aU0Di97kaAZBcBAK_R9$2Hv{D+UwF#0*4l za5*Yh!O?7Pb6^YFkCo|L`zMvztp{yNoBli@;C-+k^C)i(GKO;>6uYjeoh?Sf`Z=IN zV8C5=fQrds^adU4xbnlaW@wvVHHT(MF5YlFi`jd@ca9umEl(wt-)V>MKwF=>YzG?p zvevI6RM;~g_1_1p>s=X6*Q?JL{Ni8lg9Pwck|jogz?XS`2c4FQ?%%>*C`S*Xb7qdt z#`u4Q1?FEgoK}L|Bz!4%Hlit2r;O+F=o?ut)Jx$LoHayBMEoYY?<}JB!G74T&4xZ*c~7y|+>Z`S%qsh~GbrJ?F6rWckX6;qT&gyh{;`Zy z%T|-Uh%FINJ)8+M3Q7a(zFrES#0nR-!!Z;t-sU!=*o zeSz-!@vzP_)+!}Z<3e;-D!H|C%B zisz@zkN2IAt~+nqErE5Yy+2+KU%HM9!|E3@TpmL#$&JtZbP^rh7cOw~xQ;IR4EQ-O zvTBnx*gJHVkNq*A>N~lBu9EYO1wQ^VYkpj`zO0MhG@8EtB}9bl4#4y4pf9bv>U=7r z#?Y_ajG>bDa+>ReT5IoA@Un_@kdQv6T)Ia3I=g@6m6*}##{Gth;Aii;qnWup?|@xJ zmB*n=p}vG!RU5w>*Xm5`9PLPkp6Ot(e3fB+Sm#}FP27x<2Ilf_z73F~zk;sZHa&hM z*P^y+@MNEvx@hvnA@T$Abe(pq=m-YA#giqEwyOQHv0SQ>dC57?nOxs>!3ER5$2@P& z6o%mg0~mzpDBHf>vy9D!e&lbA7&{j@QJ1}huzE?hz#`|4s=3e8FB-$CUmx!Oyp#;a zF=cHgIFGaVsbU&xFsc1rnia6uJvBaaiYwLH$$TddmZr!y9IPqOMCr7dxdbdZQ<=Aa zwCkf{e?iGCpe$S(e>$HHdVkgscT^I=Y}F7i{6wannUay>+Jw|k=*;3s#s$S1P+H04 zm!%m@g1!!zQde7U+jdzsOAKUfDX)!I$+!;DX8k9k8}t;jSZ45r-Ix zJtjKmPgDyl0?6!LJKzUo_phYY>h6<^lkt`MYyx`WrsxUjf+b>OSSzPM=G`BG_o?5@ z04tXq{2z@Ib4ukWVYnZ@zhfhhVqzbX)PH>54P+O|YQ6v-8~6*Zy2p zFSx&=iK3d#_D=FAJHc}U^QSIr7O)@=?G>)Un6NO*AR6XGYm1Kb|Jg96>2G zRKNX34a8p1!+CmV0z?rY-Rn0+tN2|oJi8G`zHPrwzI#O=RW8Ld9(DzD>s8?<*kcfA z3QBn?h}Fce8+$m=TfLm;{uOU7&(+!(UU(ZDUV!a;4A#;qi8DDH+enmf-%_Wk3^gs{ z$6EfYJMWl(7DmmMgvoM@6WatRP?v4?Hr`BiI$hzdk$nmKG!_lKCAVm?;50ubt02Pa z#Bvw!#3^7XF<0vC=>Fk~RZ*-LPQ#gE5>AL%oL_ljADhLMItA8@nAqmSSU^f@2o(2;o+cT1%P?!mD6m#1JuzelW-H#dB;$B#^mq?*^ z_%HcHLPnz&I<#II;#92}PoCMI$Dq`PvJfr4c0=m(6yVH^AuvoG*_h{uPO?9?B&W4J ztBc#$3vtkOthNfj%73)_Dr*x)AH^|;>`|ne=`zdZ_X>h9y6!Wcw;Ab#Nl70~!DPM5On@*oM7UeO zsZ_C$rnlM$gJNRD_w84CD_F3exPomWV@X|&)69tcpOvrF9|$uWUF}XZzd3Bak+k33 zR%rL|d2&tSlyq-r@w4rr*E4B!TEMTW$;@zNT zP6>WO%hLmydHP3+E#`_tYtME-wm#D`6!#RS*@aNesgOjui9SUL_X~Kjz43!D)h)k< z{Hs&mHegi@(J5cKisy@+AnL{$DpMZoEVhJkxqj7}>aO?EXFJ>Ldg7nO8(+e*_;DMr zy2H4f@|zR=R;0uC4cN~;RVZwsLai|{&^naUElzZrlhC$?TS)XdafZC~Y=wES9HTNW zAu(NzW0g=?S?|xRZc2GA=At>jFw5H}NO523T8jQ*p9tpPBKF+Npyt$gsp6D*XTv5jk-34n0xrSgs+LeY6&RKu{NRKrSoMO-xG9+)Pc zqg2B_8T`p*muv_Pm$yX4iq2w;43BvuYsAKm()lQ0o7S^Yaim5)5hhd*=aJZJZE(iz zi03a?7~)ZTutgJh?-9Z>as`l;1%O&yyLQsMnNR`{F4XTc$w_XY@5-%r^e0_M6&h*s z>-_E8jkI1AWIkRma+?bRW$u-z!X}u3`z&$ycT(XuH$*HN7T(aS4WXI4yCPtSiGS)ase!()@ z(^nqp{*iE}spP1S#99u%mBrJ5(j6?*)c6~)_{KwD6^7fitEyju0Tb}!C67Z=OM*T^1tP$9Oi1?Ymb&ue1mJIP^}80 zi2>@q^7Kh#0itN7>M|I`_Jmn69}7dL$u)cO+LF9nPc|5aXq`oNca&~Ne2;xvYe4K^ zjB{wi@ibJVK-}T@-%Cx-4$!3e1EJw^ogFCIp#IZKG8(ojMF$@Ni{DBM0aY1UyNg@|HXIqgLx{Y<%V%HnQBZ}?*eci)Q=L( z=|&XH*S;aVEACY)JDB>m;>dSin%KefolWT9e#rMa&BR^;fWY ztf}IKjfo~!*M`BoW4^xsR0Na(lie8|Ydr|S>lzdAmM1B!IFNP824jh;=z%zsJHCjW zi}2s%BtY#yDiFiG0q?Dy^JSw@5_bU^nPF>BnPF>%U?s5&iF_Jz+)>9kZbf34(gY|$ z(=$3&?=O>#C$RG{`2E@U?w=wt44FrBnxxCA8>N#&ep4K?Rz#(t9`gCIa>Ey}uV=LCl!q0EA>A$5$6wbLwe@{^qs~V&uulssMX+j%D<_)L1j`D4i%~Oc0zV4_ z8;9K35;PWuSKkYESar1-Xg!t3%AwLN z^-NXlP6*#g+e@`apiVf&Ey^RRi~CR|pWE<=CzL2;Dy6Dlb89N&(!;iKsnw)F)NYa; z%Gq1h9n(h^ZJocPQDcJZ&BULB)EnJ)3d7&;XHh?joR7ddA!!^K^`Qk22&0Wei zU_WF&Dhttc#rjmIvige)YKO4w9Dj>8$V>z#G6FM=iArVVs5Aq${CUaIPTkirTC~RG z7@X$cI_Z?Hw}U;QU><-rtN&1D5T`(8RzY@&XFIL?OOy8QSJP=9Ps4erHpDWKI2`kN zY=WA)QqyRK$uM`oM`mv%Uaiz$X1d5M z$Rwt2_n6ooXzG_dS%av9lrxs-&Z5GXvHv)oYpj5S~ z*a^|^kdq1hcGmFMpEw5MVeigp3!Z7|Fw)_^`23a}d?iP*d|YgA5-lD_Ha^`>tMfi< z+)p!Mj9Gq7zR6@IWp`XZC~R#lI7m~3@u9ck^S1E4D;C+S23a1Tb=QMsQW!Te53V0kZaayL9Iwt*Y`vnTox;Ww&ADGf(vx)~JS%IbiR%^U8MBgOuN*H#4Es)$MkWfhL)fvWHFh zMGJBwU;iDcdHa2p@qOH^4`jeyZwm_v^RDfF-EL|c8s_JHOrh<3(N%sRemw?!NqgM6 zQYD3kvPAO!9J8AU&j-6iFnGzi@hKmc*(&))(?<8{)jN#DduT^=zw}-7ynAl7w$Odl z8C7^P$^M;MQ}R*r^?PrTf23TFKmMa7ceh>l*P4~e0u~3(2wwT_=$u_%?x%N^a|qJ6)*{w3E1?afId0jSiUN7=N75Xhwp5=5CV4bv-^lL7 z_9uYzWgaED?wZAU#D$UWtjq={xZX;J=wYsd!o~iGXtS)w+2(0P*y$3R(8&KuA*e{E zrDj3pChpv1QGNVZLB`*NXC0AdDs}W;W+Y`Z$hNW-=}^X-dw$wvQU(k4LZ#3vr3N%m z7fE-pQ4z2?NQXzNHZrO-yt;dMo()*69q`(<+^`P&^~mrKDGEi*hI2cVUxOi@U!#1@ zGYDC|^w$NSRu$UW(A&_N_`m(Dp_2z%m&Oyx0i4O-x^frSKn&tu=YksoX_F&2=tSb@)1C}gxFm?0Q?aaAS0cl%ziz6;|zrPGk zmR7bk_#RwuVDuUVJl@S;qX^gT13R5NUYbVTf7x9w%Y|KYEM13yt43{`iP0#hx5#|fTGN_G3l!{-UJibKghT#vS!m79Wa8?Wn|8U6$hDu*hY&Ugfq!Aa{e*6)6+zjC{^Q6jSIwsp3A z{Y6{Bjn!rY9(tbCV+-|*qPIXDL&V!QI*iE>U&aC8LmdrnX7s_C7C|Szcrw!*)hwL^ z*6p}*p{F@K-IbV~)hyjS48(?t%Nr2d25{3c&HaJKxt$x{FZC9}E}6TC4t8UXs@@{> zf{t(8)Ay@NGC_n*YsW$9+YU*bwCTmD)qAOU0kuU0i;E~l_d%dFCq#AE)|cil;4Itm zq097HEQ1JCD0D|G9@!XJ&@x!BXt~t-E>srHs+&dK{QA*NYE#+hulHgu?tlfg27kT+Xnz}f^d>E@;!LkmSGC8P{k7A)gj4H%o^Ov5 z!KWmX8%a&anFQa80UPEdODa(1*6RS$*J=s)Ff%;R8inz^03FocXeNVn^iK#E5ScuO zn(CnXJJ=2iMt}TlQ)iL7D;=h)e4GL-zNv)%JtJLWsLP1nv3dYvc~m?LCr-^dmyVHK z>jP2}H47h}?^PZ+7ZtY}jTEmtHjUXd7@Yx65!n=%*C$c2@Cb{oL*6kRbfs%MmUzKL~J& z;64t?R+b4TPO%#N z&HqHokmnR@gK@3DyF3|MtRX1A3zEQKJLER(FQWohQ%b;{^oOa9)Mwdt&smyraao5U zN!Sm+S{|0)a~GfJ>;^5rXc)AQVp7?E;a=cAczon3*Dwgd8PenEPmR_a147I^N19Je zDi}E?+YZR|o8L>O+F;p$Zd&Da4BF32zig(T{veAhT8XObccO!!hRjva+A4YAGb9aT zyJ)Ds9eT@W&5oz(akwzVZX~@cTH{vI9T6)$<@n4X@~-%!H(Vo+|MG;bpD!vwNp}_* zm@x~0mCx{Qy~t1rz&;`{sqPMy_^O*VEFy47*!A{@nUw0yU59P;0lTuFX5R?CE?HgD zhHQ(bL6FM*ohcJsC zJ6p2ou><2!g86#sqWnI2|D(L{53eu30Yr%YM2MwekwVT-&+Zdf=TkdL$Bu6#uu+>V z;}1+N^0ZC7rXv&zgcjHG6+SRJ%-FN!+$)&4dVy<}=*iOv5n^^VP4G*7Xf@}Jsc9ba z#|sAAb3a?_kFcSh_CpzbHrranFk7|i6|eyC44QV+^g7LOC1-Y$!3Wz zLp()3M;n)8)2bJs`qGrz2G z;5}emyo}r;QzCDhMYdQjtK-P&WAOKeP=8+> zW7BAXwcBN(DWw8SwBd1*sC>XvMC_a3Q@_$Ja%jjKqQRj0=JQ4+iYPU1F$52xf&{%) zxKnHLJew%*v(#*`kA14T`ccoPK$|q|Hkx%S;`3>8G|8w$q~cb=8m$h;ZV*NgL!Y}9 zj>zs~dhhr9+VFPQOi|#d+{duT!nuIaXoI|MIikRWu9*Qj??*EPf%js$LOp1_iu(#d7!ZI>C!1ViXp`# zOoNbqeCQPfe@w1u}3M=Z0j{NW+vQCRpqzkb>}D1`pr$h=r1a1FO4aL zfcm@N|5V?-BQ(4t{!>w|TGupUnXv!G5XrU>r6AXiL)TO4eG7SQcUM~mQ76_eZOWfA zd*IW~Vob-!Re+kO8nc>=y5>)|=u3oJ;u}?LSo?C}#&DjwN;$N>Zr*T|l~1Pm9c!=W zh}xC+_n`rQ4B8paN$ROxkL-3cm3o*7@CVj8^PsRkL>GJn+7Dy!n2vJuzqJy!TJS^B1 z&VLcd%}i~l^Dzcb+fToP^#*{%RJ7L);@zxI{lNB4huR!3-sf@bHcgn8=};OAcP>hA z>Y0dD_5(fmb&E>qdwQU2`kl9~Y_Gr0xjp!8s}IVl{xD zmyG1#pbOapFs(YZ?h@u7o-QRu?yjXpEz*L9_mqAHyD+d&5bEI=r^j586^Fkfo`$Ge z^cxLm1q&Vv(lV9lr`a4PnOft?_4K${Dp(bF*{(3jWaIOoBKeqTfb>lKH_H0=j>-r= zB(GzpMXATJWBB-KsjTv|fhL@~`)hv@$|#tZkP8Njdt$ij2NcQDjdQMz3h~t^jFB34 z=WCS=un=`+Rmaoe7jy^b`#1!enMGXqO5<6&@L*LQUZG9dLjkPN~UZYD&!yFt#BD}#`4CQ)^Igi9nv=o}Z z!mOXd?1g^9*n>hl$s&hu-PnV|U1mO?hhO5~ti-=r&*}N=xGk8})ve!_wRfj!NF>9n zSPTe9K`PUCr-t}kBCHO&)xqpq$*L#1l%X27$Wg?~x{o~MM_NXeo2E?h(#AD`d?evq z?IhtXJLf7|l!=2IYqx@kwuyrqp9r=L{A5|ghM$jiRl71td5|8O*emrMQgf=+9FN{z zW8+NRr=QkRwJ+It*kW*W^KJ+&@$vScGHm(aQB^SO|PmvgXk=G2n&LdUNX5`fQ)&+3cVI8SB0y=}OkU{60bH1j9!FFsv z4!Go|Fs{}zdu0FDzgx8I(+H@qLsDVB7W-+=yb%1Y;PrRURuvtf8{Z#Le_6Mu&N}QC zgZC*Jr#s#gU^mazocmF1Ma*#dUcOQjz&Ay%qVhsmkwy@YB-{|RFLFFzu8hoDGmxm; z5TXL(9iX>vg%8J`Vk>1st~Hukv}_?|aE02NXl{IH{zL5!7s7pFo!2Xxx zS5bkV|MW`9ytpsN@~Hbqz0B*kzJmOZ(Gqpfx|8~oP7A)oM*@dBIw4~E0MCL}2f2tC zR1yL|MhdI0HRJ4UGWwHls1namRnS((zgR$@{Zl8O?09}^!!h_sI8|=24pAKc@sm9 z0s8#^4+KE_zimye2fB+@TS6JaJ!!OG@~P*rOB}>>=cj#HZijS`n$q+`5PWR*7PTTU zs8NwmX<>x#%kN*rO|NAoZ#ihZO(7ebohD&(UAI_6ZM)DaP6F6^&ak;>P_qeY(l|xn z^7|JP!e?ye{soUlpn?^lU>atlm_*uKbk2+fwSo!t$Ygq`pJeK z|Fm@%*;xcAjKOPcKV8cFs$|&=mrwmq3}w6Y7tZGk zA@vsyod*W$UNk!Ct>munHWj26=;_IQNu~{1bEWA`v~lp2BSwBX6^2k@cin|QQdQB2$|a{vklfeL%X zDhA!VqKDKP+sv#D0rdZXjaD=A)~MYDG``}>3G4lJCJ3G-uQ^Vfp<_)qc8ZI-z<6M9 zQ-SPOrK>s{XvI#+yplIekgTYcW))y%JI=adG@oJ#EeOQ5Md@O~kE2a%nghms+hA-T4L@g=;5Ck; zhE%4s1dn$6CRVT>v5uf;*t{h4_&dUMX#^jonb6-iynU$e`87sH^Qy6vapjh`7Kp;_ zg&u$iySQY!sc&fckRff(4uR9~Stf&9V+%!gPSI|hlD6Hy;h6Dhry)6fI5X7bLgvGd zZi~XftBorLD|af;CGmklsD!KmMo{k0(!v$J-CxEm{Zcwf@;5l3DSU4FELLS3uLPGT zUWty+@Zp&I(_MxFp(r?ZZ<;rogtSniwHDZfsi95%Ir*X`qF6Ci&{D08-~lv%oG5!^ zW;bDW^9R_W_T#Y>Fn4{iBN3f+o{iHKKR;ex9!Enw6;0!QgT9q43Rb~F*=*vJjbDY% zBrxY=)1gV@fpE%$V0Q@+opgmICPim1T>Fa&KygeiCW4%a4KCr!08IkDE&(F9IwYoi zwySJXC=S_9BT4}2XK9;$HiLV|7B*RL_{^r0J_0r>9;p<$eYK;lF3+(Vs5QM|jbO*C zT=S_UxWpDV^+F{|w&54r1vnF-wsGYf?)o;*nREJQhPIwvp5y3;c&WQy!|~Zz*+Z{* zl}}3wxz?MKsYy8UM3BC#c+&Hu=q-V2Bzx>IESNK_THCwZSKP7W$+>-fh}jM0={MJI z#{O1j&}TQhp+KPKn!+w8JQhjR-yY~RGPy3P=5uZ)kODm% z+DRa5LHulZc285R0;H)mYIW6SsD##9uBql3Sbg|{Kzv9dUairdYz~uidm(EF!NWzo z8kM%Q&&c*=c0u1s!q-NMrb7E>_Zbw2N59;to!?n8qmcZt;zfu-w!Aw8Nu*5tPBsNl zu->{{*u$hITjFOjR726sngwKNV$k)D8Od06lbQs$c3iWrd1DkEwA^?0orI8LyiW2; zmZi1Ou1~k;4G{>{EjFug2?2>41}+^e@@K0RAph7NW}1{3Z zO(7gogRJS;>N$_P$D{5+9(9lQ^{9K0U$5@r8)T2wJDSegL5Nxyf#V-Ylxw@pzUK?_ zjzOv+66sg(ODc>c`kL~hP7*{MF>j1jP}M}WJRzg3p&m(F8GKl@xMDUy19~Tx6}#oK zH~b^KY`ju!L!yx3MOkK(68HClo_6o_`zS{KV4My4F&ABybxL`pHZcH4U zT!7YA>qaV4?&Oa~|5hII6HGy#da%RAs}N3J@O-_9?!zR)>(LGcYXUbwA#oX zavHq!iyYT}Em?S$Ypz|10NSd-tXnM|@k}QIH2wN=9nJ*RD#n zS=_0s4Q`D+4K+xF_}SBp5f7{0IuYAf3q5@nJyu14G<(dIGJ>0x>yo5E35|Yv&MH79 zYb+gB$;L?&X$2snQ%)!dk%&LtWg|KZL?l9t+N-cXaYVunpGJ48ji~>1O zGGkO(jO}Z$#U3u3v3(_%(HONb?UEb4Wi>{@Oen$8-?^b5WI{=f`x)j=iH=cVxpe&52aBYW}CLA#uo)uDqber zU0a#4Tkm(&Ku%bls{l%qBkMZL+_w!iGoML`OCE8g5%z`5$F5-WqVF@)NJq|-jkxTmliy+0?`fHLY zRjshuB$p}q?$yV%NcnQ>xoS;R?X&4&WsxPg05Ndf~xL}p8MQZ2n3m$Z8>aXhm!zXoBPTpWM8;8 z7+$RNjWH@#uv<(@jVv4$9@aa%(fvd{%{&!kA;#I)KAJ`{KiQ&jL1rY{AZnYb3cXQ{ zj;#X{phR5aOqBVH1by}+V%G)g zsg}&%u#F0Azt-RkIdKD@cNufCT2jNd07^zRTguA(^F(E`w0jBm)>FSF1CTH1#`Z9A zhFTSr^8;?(BbP2a#sSC;m59w-^@ zG-=P{CxjMyCF|u1Bji(Kl-AV76cg(BArxQ(R*2D;80XrESF|)#x#GjAbfAv5Vz*~L zI1ani@?rx*mB_7=6=xPLV_`0yvvnyos26~;ts?3mRB|jd_`>xn96AY(nUBRT4&CV% zoK@;Ku%ju6HgMn*urZ!@zExz^=mDXm?Q)p26|HEdS;dv+nTm(hQy0i)u>%zfsQzR& zc_pj+G#50t@D6Byk+n^f6jBqyA0iq2b4&zJGMbN6sfP^3sfphYk@Wou628YKdxu#` zL*h|NqIWx3eE{NMl6O}M_W;azf_Fmt_5l1=RzqUy_7KLq{G-FuwntQ}NKTn}m~@Hz zPnCFxG>I`O5+jlyMi@)ek{(7TJd6qUA2HUn6o!%M3lB2ZG#6q>4;PF)^=e!ay8 z?=Nk6WXdumBo8gcL!>K@OjWiPwLvRdVw!S033=#945cXVCLj-qbkX$W&gA0(h_Te< zfyCnh$X#j4LrKR2AY;`Jq6x=?%es}0oSbYtgaJ(|@~A}PA(M$3n`C^bC_W~^_)$uJ zl#(B%cant!pY6|YY zQL4%5hT~HWN2eKn)+vSurx!j%n(b$sVml&MH9fWV5yyXBIDTL0v!haHT~cfU+_bdW zAR#sZ=5Weve==+W_?>jw&-Y}fRwz$Oe%&MSbvUqhe9~(=-yWarx_9UE1hg4Wa!t)z zNKRwgvpaeMWHOktx|52U1og0V)v>9nBhpm&=&YUyne36CIy$FmY+CAGo!FBn+?$TN zn_`*_^L|oMM=$KS6x7jO+>@t2ka`;AT&1IBf72l+ry?>{8}7Dvfks#bwm)?Afh8VHk;Nqq_;ADN`Iw8Qo3> zO#nKOF4~z0ngBMj=lvLQ>b|Av{jHtjl0HW#e74d#(~OCqIN3At@TDes?vda*%-lvL zce>Qg!RU+w5<5pN+DJ4@OXf_7_&Yd}^WLJQ!C;*nCylivxBLoOT~(k(3G5_qH2gtB zxLgoQnuFo+&7#jc*K6)yFJhWzx~7E%iy_hJewqf2d=tZerNC)g6cQTxze{tR?IRT> znR3UOaYvbOKU?$dL8jZ*;n>|qM{Zs3`$V6h%_KV8g{Lc;-B|MFoO%AULr5#Jqw9>E z`~1R!R!ip{3{J6wox<>Z`UrFWR4X@{zqo3$N+8l}0HRx{pKGb<#M)|Li0J*qHYz*o zGKl-oU3CUrxC%F?R@M$a8m0>fVS3U98@nyrFMyd8rZi+%rA1bwX$D8NyS9N37uI!n znBYrh`J@LwK_s`&*pSCTUpR*Ub?rEGge)t$G+GEOyp5tn%o>2}xT%{X>O{04zKyuY zRF77JONy|9Zsmf|qFm7+%5kT|_yEvo9D$1zxR*AhZupN3;aA8Ig0tF^JS~+?4QR1? zU@dZ16&tWKVq5lmK`<#0cgBc;%}b8MIbr&R`^Aj95ycYEJxbB%i*T;H!Zue)-4-gQ z_%96X6-Y9gu?4}vhAkeygGZt3H_MOX>zX7WwpOb%QneWjiqQ$h!*T}C5jvN(1{DZY z)$(?zEY%nfOF@;stmK?s^Ry-zt*N%&_91`f?>oqUo2RzC!2Y4QLMfIuRN!t9nhvv|==eVifk*q;=yWhYAH^xpk7vz65KTvRoruvQQN(qSP~Ud<~7zSYlw( z>bXCd`i>Vh&sTav)-+pjVfl#CRNxX?*A?~$=fh#_b^$;Hg8@Q%zr)F6wX>Y51y4B? z1Co_ivM#r__Tfq=B z7%hdIZ|q}38fTNOFDqhniGt}Q^>YBQQ%>(s{XEnVAAKP5qo&JURB9WVujvx-x~XaC zgY5`k8;JnZkaAWQa>Mc&d1(U>J4R|#`aIqG$(AJiX+~VZLbExL9|jf+^L0c61GlUg z*iE|7zgCPKAH#@_k0HmC(R_vlZtXbf($%zRvVo`~C9QOKWftw<{qEhHjs&a7=IIp` zvg4e#7We2Hp4zIeW3%$yO^j!$AoYNnfp@Mf_(OtCf=sxIKpiCe6((+ZCB>QvJtIE~ zJP3+qJ>`I~dkU*KM0pkvTe_wjlC7v%GNSlW@CDDP(8UHUrACCy?H+Z56jJjHlCG%O zKsh@o=;y|=^+jL(vFnQ+(A^kZ4r@Dwb^EJFI}qa9S!3EctCl?kxE(Rrdcp0gVj3jh z1{|T)vIe(%&-r&bbPclL@k778e;bT}B~=Qrddef=qg~K!PCKkOHHV2S1p!tIY;#P( z33MB2dmt-h2T&D-Y1H^Zlojr4_P9eu$INm}2;agv^Z+&|q2QS&Cv3Kyg)i7a8){w{ zU1Z~!Q5ZGR1C?vViUs7p1G|ERZ*ay^;bz)=2<7Zdii{ULRzV9)8Vkw`7siPhrOwh( z$mOz6&W&0$+PLM0)sQbtC~f0h5sBSPu|*7}?d>M)*>SjKn-JKsBb8OOWV4(rV3?a} z#R^IDDb#ztrA4${`I?J2Of2>4Ie8X&EQyl>=SiNDUuIj57AEu6Qw3GeeB7Klpiv%g zmT`(H-2Sj4Do>}b@{v~gd?w_yklD?G7c5rvC}E~U@_95nF;U#;6R_u0vGaAWjbTf? zK*C_&v8tl+XLGpvDoU8onphg0VA^}EX#_O&-x_?qY9 zHY$7h?(&7>&5`;YNY?Dy{AbN7&MKqk=c-8=tm=XhtRMPTYWAGGKwYGhH<}AD5bUpK zuX({HIBubJCvGrhIid^cK75? zRySNMr$*$Q+EN!!pg83dtWlX@ZMpvT<+mUuT5?w_wx|nx{ANMb_X#AMr^NEtJpc2( z_J5EiN)sbj`^u(X->sOXLV@Numy ztC$`^MXun50TS~05D8b(2}kWo2JpujAs1=640Gnqq88E(+dPt;o$FtW?AWt_G$%1T z<6oZUB!JJT5f&2#vrDR1PE2&-n9aWEvMa`9vyn6`0qM+W4iYeJS#Oxt0wm~15p&Ee z$fJn)Nb4U(%)u`{ikOcg=I#_9$xd@UikQC|nv)`8TJz){LgtQ0wj*uEr7G(ZyH7Eb z3&pa!Vpli3{GL^O5us(RdA;Nc;=^zdFemVWYKF9EAZ{ZCb8gV|yZ=ICYV&8Y&Npmx zHNedVI9b=cKAK2B$m1S}zwN=>5~=N8EuB6aem0huC2*?5bxY$= zGL}QCIn)~S-r7DfOw*<9HAqP&*K;l~!EENx&C$%;CV~sAo(h&RrD)Z+wOSG;R9&%c zOVGEj-o=fOceb#AgDw}=FWSdvT}ZL_y!Lo62lkpOw1#eUN~P1f|rdV8${ zSMi)>w6Y+H6r_-{oYU;4Z_Smo1^YC~CBrbwITtyhOUi|99Cs;ma()?`T>r@|@M7{3*+>{*chGXFmghz+%OMnS_^LD@78KU)P$@jWHllAgxpO?j}$eq;7I;m$(hs;ly7(63L{W#;~1CR z&HLtq`!*wI1vEZ$>(v3h2_M0gplt_C5j5q9??!VpqyxS6a|1f_Su z<1SCq6+{Q#w8anac+ppg;f`_?w*sjc`iav@&&aDKdG@qBb}-21fBL~C;h%1rg#6RH z;O{*6dlme>4*pi*eRcZh)9$?e!KI8=)Y)1`R~94esq346v?|rb4KwWphm3Y3N@J)u z%O^zmUd-wVHY#wD+Pyks_W>PdUqgKm#@3D)tQ(PDGa|WO#AjJ6V(&T;qx%^Ib=)K4 z`8@geVg~g{pMg)1yA$lnDC`mblf?)5;%At>Cbb*;fuwKdu% zx6|l}*K~=wWSHdHXT@8<_d8NQhZ8;fhRT;r=~xEnV7@0AmUB8YYInESX4P&9gag~$ zGqIP!0UVuO+iyi3zwj=@wg=`zu6ji?E|$r5lI!sKR*nw-K)CQmkn2@%5nIe6Z{@7o zr0?x)S(|)Xmzi8+y$i@f?Sm@_CG(0=D8_k5A5A7HQ+PC)Jeo{`YpltnMMDyeC2cy= zYa;Pvr6qv$ELz+)(*ES6{ZBLMUN7D~*h4HoNmv-iZ`yL}jt|cU4DL4=TY>htKz&ISh7@wJvK-t~Ax=lwUE8$HG=!YJJ!p?Yyhf;xQq zlIm4*N;d>A*}A^AxSbWbsH-N>)WePdB~A4&9EB0Xkv$6O!->f8^Jo>rBo!AYS;>+v z0a26Zy8R-_nP$}*ENUxxhrfg0Dmu~9LU6V1T-XD+(3<6I^;N$cXh%USS&Q6~IbXl` zVr#%}gWA1OK@2Y}ULZ*~P}otqDM{cBy*Vqgu}`>d!HzdiK) z5101vT(S3whbsOND>WtySDJjFD%SZTG!=pC)D9h@DjdiWs2m0!n z^YvC-LQ@F%>r%9OeiN<>x90mu&+INwM z`e?QT5fb}m4s}eju7a)(nL)eDS3lRZXtQ>_)eG0Y+-etRUc2K(p3w^3D7J8vi|3?< z`t(A~sPLqx!31S{9nnhjtS)Fp%sE}ks@JeK9AWIy^onIt!6(2!gCg9<-*Y&f2dRZMS$X70kAgi(}0ru6FVb+@x@9fg!hM(hn+?2811pK zThtJNg{;^utH?<%%{#py*)7kEF!BGfN&?ymw#4u{d(52vuPX)$7ggjbIf2*u$GKj! zoKww;&8e$>hb`0k5X2Q3=R*Jc@1jT)^V3FaskJQ!;E`yNO>|Ohp@L_-QgR) zPms}JxoAcYBb|{;nMaV*3xi0Ew)%w|ev?@}T+7B36Xji^Ue8$t%_YoIp-#sulF6!K zs+8C~(C>3D*Od3>0wx*MMl^kYn0D{?(da#)HORv>cOTu>-L-5VggdUG`$Oi`-&_0k zF^$_tWp<}FYk#OV?IRkr+XmwaK=*FVK4R%o+p#}HBlh$b?8)7ZlbWwLP1O@1CbV7O zYNwuZ4tg7|@7qW{xrO@prWXl|e_s^{5}Twa7Ai;?ePT=W@m<~$*ZCnDpg&CO^YKm3 zhgw08Zg=kaY!vK$G&)bfu!Kj(XDBz@^9|di>F5`&SDfsktpwRHY}JJJMD=tKJ0VXP zHDHwLAu7pgs;*Tgdgx%o8!})TP@}?^)!+hDiDGf@UWpy8jK^Oi}N{=bK%{ zkcpO75X3aaB=2PXzuRw&#r8w63O?OD$qrEVjh4Le@ z_Kz7kBcd*#Z6}s02Z0>T80KWeDWT6cZY^NnNf}@|2_$fsM7Pe6nM=wcdVh7p?vhT= z@dZA-6}FPIWyK&G6L%gkVIAQkb4F^xZkeGyIX82j*Kk0<2L99Ciiz)pqMEA(_`d$1 zm-4OD&Z7NOzc|Qu@`_5MMMBhe&KItS{G91KW}7Xd3fXS}S+td0A6kOdX1r?YDDbk7 zb6U6v^nR*&z4NRex&3FO+qMSKKX-vFhcEfOU{=>PnEeZ@r0Z_m0Nr{p0#}iODTU?c zFSvM#&qJ4F!rs$$S+EI)WPUaMMG8i;qE`Q*zd&z>9E7_ItLu}R0ym~TIukq^BP%}kz=5Agpl?f<_bAIJwnF3BYc|8M?B zK9H$dWIMIkYCfB^iFjs|UUL-Yj3|razya`+5agW6h{4!Q`OE+5-i7d7O{B08o}IuH zPRSkE{MPga?TTm6+|>;B94-r+bX^GCpd}ZA2laF@PX0}D&+`D z@BDH{IDS~QXm1xaLLv|~j*`G4j3Qf$QZ@6OKqU}onI&kN?FU&gsulV1s7)_^JOW>X z7qxA4T+;`=yF(UU?pTzpGMfm3hsd$5&Yo1cwLV+x0IkT4#!i;tCaHE-BVI(N`y5ktun4YOq}3F@jADMH9oKqvZ|EK#fvhc0@t84}jki9$LNa zD8{7%7wu<~K^sa~i)K&G#ih*K4mg)?M3yv?{E2B~(6y4~a{qSTV zb9T0Xkoe7|EO?d{YjgB==e>YOujC!MW4P>qdcE_%1aD|Kh$rSB9=Cu`c~)noR>yLN zL~;e&jMa*O>^&z_@>eNj^&F*M^C{J^vfg1tjV4@VMV+(Usb>LWRz^HM2ZjInzR-j$!?$9%51;5K02oIU#q&;lj$uuJ z=ZG?{|0aHIf{9C(6PjBr#|NXvu_jKtr9&EFjRv72lNN&Zn<3gK!!1Mt&i8}-QS6J~ z{pSV7vKNB)!c0T_dqQxBMBgMvQC>ICJF}2YK80;UYvv5*fC_8xG>yngs5NX`sf#P` zEay2BnrE~K~8sGygzm?}quiJlcoP7IxK zfOpMr@Cp38UylLx#IixgTrbtY3uE_vi`7%nzdzd)b%wn;&llUMb=1!Fb>&)*`c*_& zRfBnW1f8AHmb3^~N8}SoqHjJJ(-DsRo9z)90rF^qU;V}AI|W~jh@Y*|oa-)I&A#V( z$0C(xKHpW;+AIs=o~S*iG-^5H3s?M993Ojo6&}a!Xf`7NwKTzA$R|$VC7Kll5+1LJ zgTkq0qj7V9+_uH_??(r~5SaC*xk>e5 zviY-6|A!cHM;XacYa@@aC`|t$Z*gnB0Q%-K&DbrgHl&nF0qFn|PnF_J5o!ADd}UOl z&Iq$}>eZ3eua3ZOBU|M8J}m%&**u`Hn$+=``@n~z@Si;S_fdy8UR6_e?Lnek^kSy@s9}d$+`dS{Qg*+KrHWn*jN+E z_rJGX|G`lV<@i5He*eL_{lj_v13CQecYga)ZHgve>f-qFflEXhu@onzpv~C(@&Fsl0+X1uv=75mU^}Yo>08$g6jkx z_jSyg{iwoAI|0P(Qtr+YXpLAu0CK&$tpR3=S;mw?BdyW)gTju&SpxQvYv`SNRZyjQ z_Lo9tH)igMrkSocTQe2p?1wAzlB*kEDmHF=+NzmA$xS_H1p_q*#Dg`>R%kY~5hd(> zDOKF)>egm#)jnHh{)xq#-_Se7aJq9dUGp>RQ^it}r55Vi9KGJ(x0f5Aced>XFBoRz z!U=X&;S!2W!AfsrP3|bV5rC%5$TcsYlUJ^JlFhwpJ`;y&N2cnsl$CCLWw2`)d~e9I z%^@bQ&}cG{;&8;?>)#zs$kF?SGXE2Lp^j$ceC_N1a-YZVm5)HacDr3wGDA=_tfZu8rQtgK8jfNMar1l9ETj%s;9+*s*`b zp=ofVC4593Fy`t&(DQ{WCq1z-)EG3#m47G-a=vk2HxxKPLI}&XKRwCW?Gu&LXA>9# zV#+`zqSidAB1g}Td==zkGYRMIpNm3V$jT1{4E;}!$ce0AL>U#NVDy$bjolEM4aVZ1 z_S%L>V&DZy3ceuwR17A^W$-yzz~i20=@U}l|V>2K%U5e z>@P25K0>GnUUDS+uV#cV@IF}^XymOFy}caqddFx^%*mbLpFdPwvnVx6VnGJQLtw>ojy9v-s}a`KU>J_wL-y!Tc!~JHv+|#tG&941c7c z+Q_M|w`A0Yl@HhaCWP+DxQWtb6zZ$@vyUNH9=hf?Ttt(d+o#w(4K?F4&068oS1W1= zDOuNr=4Hf-O&rP_1cRu1-)4(uP-BFUmkb^6`E!^5JBWdRuARUxpi@R}sVl+8895;N zFvJryNDBWNy`{XMb6#-0G4jFbtkpwA!7?07jYf++UgFuYc9IkG+Y_*&p3Z<~4$3_% zR_zE(?!{iA=s@{pm=`;W8-3urcjpK3>R2oJU0w~{+PZi({BXspTb{82g~9sa9*$k_ zk4*Wm6`6?b;4q4#H?KH;27Z&~jSXcKXz2g*z9flsc}xRMd7Xq1OCX7X_}ht{9tymZnG>uZNN%8pBCzssl2` zpt=SS@0$&fkAswBxJ^uU*j?-9o%U*9weAmTkARq3Ld-bSU0TS>;AYjvC8jf2geSFP z)eJxVxh(Dwql3Y|W6{=(T}%6pExK0L-u9l~IKe>)jMjREvG`zlwcLHheF_5LKj zdBAd}$$0zAAq`zFB_wj%N~?pS7*Z=|cYtgMTG2JrtZJ&~WKsy*@8a8%i7QRBo2Xah zQ9k(9%LfNId>z_gimA;_YXZga0Da2S_=)|t7+iQk%QQ=pdwNS2@VBvS6$Z1GvV=N| zy-R@E*|G4dl(TDT_&6tR@KT#(t<9Y|*Ph_S-GNMFZ9iL1T?&%f`YOQGgX$gLLl?`> zGndS?ON90%0-rv8`V`A|{r>mAC(!skXBl5_KNtm!5dQ7ivl;o{XBTfE{IS%E%%xu0 zubKy1fFnhk%=N#nzJ1#iLTSGVTBBdiR)}zXnE(E}-_6KNUO{pmw}_;RIf^0>j?f@d0Y1d(*gfyxTRMg39ReaVV}FyRR)_zfcq z^>rodvZ;%U;jmGdwiF!>qQOPQ^hb89jsNqI#g+2_Q@azN+@ zW{|WQYsPZ&!jl;nq+C|=pMU~!N3w7|*R8UmtkCU}-UC;GD@kC4kfHL*_7&T@Xt%#d z!Ii;IsD`%Zh?}@Y#1?4HG zYr9PlhH1vkl)_4gQJ8C5-54FwQsf!rmndIL42%5VqIYRcH(}n^;8>4mvt!%wxgtu_ z%AR?1|2{iaT+mWsU3eqJLgxhuMIM^05o%ZJv*-|EM`&^LUYixH2iS7Qz>e3JD}TEu zSH`P@H{1481q+#R$Z!+D-YZMS>j4-uUSrtv`65~tG+5U*k+TOr6sR1ngQUO&h+{bN zaF{b*_so~^+LJrumCB>>O5@ac4SD$RYMn9X=ELb*k{b5HU-UPrZw*sIOM-@o%*cf$ z%6PcwT*;!=2s{NDF4{D`k@{R410dG^F`(iJV4M06NR)?2zMWnwp}W6s8fAY+*llY6sC&NAXK)+)U^_&odm7ZcEWQwKl zLAqgNilFcD$t!-#Dn(BI5=&CIW!HK=|4HTv_)>bHGCb}`vj~n{Gi;nCPH{*@^%jb!B~CuGhzOW1~?_1Qi!5_0+q zX8XaKpWZg(|9&{d6Z==^>^o70?~sfZh1#xs;mCemMmHcqg>}8ipwzK+D*~Y#C{_55 zXrrAdDkw-Ug#!R>z1?@3$^h}vR?HrN7}`BLTYmMT& z?H`UeCXet;+s;3qK{vVW5rJG|RCgd_Q@g-faLf`c)c)Y^62?X-0C@m!Mk=(xfMr%2 zMGWb&*|R2IVYrcG0_r9tNWeJv6>D>OC+=vKpI!FmkF`az=J`-4b+?JRPv=lm8FLsS z4zFGB*r)V@bs5;SG^A|DlNCjYPA^x?d`Hv(7u&+q*Km@h%%=lm`T04Ja@jb3SfT zNU$I*ItK#}WGM&CdU%1b1N~31_rk>Y#S|_Z3M9*tW-MBFtGPU5O)xK~FBE~U-cCGC zdAh$gsH>#Brts%$vu-`Lw7M>?h!N&A!(t|^S}P(KlU7{b(e1MV-Q8WI`XpO~iIur) zU%N%`ys6wEOVhA4Ar-#48V4*KYh2j}m~NVZnt*t+86!&2u zUnG%>SiMy`EghdGL+px}99KwqGv!*hyIcnCEm~vLDmizGd zcs4u6z>h{@sP$s{2f{=qqkUwW>l(&bDGg#(V~Pr$r)xLfQEo{b-!KY{Ao#9M(d#{h zqDB<*6_4zMeUZdunaDvszP-dycXY20OCJ`IZ4`(kTJVId@NWx~5m+>%>bso@!u z@nTlaZ@H35=wdkH=Gz2hC0Im%1d(gMlRWsXEx7U)&Y-p`Qs$vXgzd`~*=)|nmdyJs zUK+<;CDoc$;yL-RlOKQkVS4)Klas$ao&Lw)e|z%d4F34y^v|as+&_MMdU|s5w{I@K zzP^0*cYgZeZ=zn`;J-ec{EfZ(dm@n2(?9=@q~WzBJ}&fBR#RO1=TNII0f<|mea=h6 zq&yMxQu+g+`WO*=uy|{G1P?A@r^c^*yy%ocK;SZa$rDo;-P7&F1h%mO-R6$$0?NLz{l0TcQ7*u}@5N2!E28flM!}2p(*RgNr@!b5So=+= zg$+d8IX>N|r&g?*E^D5TJ2#)Dkh7;~GtAXos9Re1S^s#OuLUKcgJ`(k>C88Tx&SUu z_MM0L+FNNXzsok6E!o18%EaR^5LF-pWa=AnH@ZHVvjs+~^dA=k3lwXc2a~gcX-HjR zzFt3u&8+3E!O9;6`A(sSwcjtZcuwePD=k#nme7plm>3f@2CQnKCS-o6;!#^?SyO9V@2|fpu;)47*MCUv~C|52chKB*IY(N(~E-gH91j?kyj3- z@t3Q(oQ!73svRUIeTOK4MZf}TJmhS*mG{jGbPn>=qgCh6{pe6Z0G4Yiz(g*CfR3}v za}}!bwxuF|Av*a&ie*@6t2v>D4+!Y(dCT*f7RUi`@Vy{kT%99WzFg_)9RrsxGV_Mk zxIyym$khH*rhvm}Yv4mOJoLk)8z`7(10h?nB?B6@#mFuUfN7rjW{F0M1Z%k2S{3Wp zx;sbcEZI~D_qUN3V$)%x0Q4#BDT4cLgFn}7T^3ZQ2XP$z5SYsYx2rkRROC}y7___m z{>4y;fIq3N7_952A*yR^WF)jvXOtiUu=SkfdC+18Y$$gE8!4NATz>yzLimi$+`pnA z9T>+3v|M6vz0dUkgoh~vhUO?tvrZ1~Pk%HMH*fxF`p2Nn!JmFI9H%l5B=iQcZ-fEe zzCYVfmomR9SvIq6cz!~Sm@uKMfzn!+5~8hmjziEa3M4kSci^a8B>Z@8*J~&wF`#EP}=xd%?_-ozy@Iz z!v@K920KN`yplIe_?!g84X$HCAaUUUxHB$v6=F6d$yQV>S(C%Pra9oqH(mo6GGn;i zpbH~ma}C=vHv)-wb^R!OF;jFe$Iq%=LSFPT9x}o~v1Xd)RMSx**%#Ee%(9^_uwX$5 zOj@$0*92tAA)h2zFxY2UBPgPzXXLF+bg^P2Hi*j5NDYgV`L7|dWI4%ekj5KgI^+yY zHpv?4Zq$liHyQs~6J85z(IsmRdo2w>CN!^@D`{hC!&*S}D2}1KdOTSS=4+%=>OXV)c4GDTqzGw+JRv7jgJ!ayZI2C_pH^dcREN=)AyOLZ2N5 z^QOfe-6%NK$(sbk)X&w{<8B7{jx7dy*@xG-zy$~wg`lUjr?*bt+2uLB>~x?d{KIj! zWKXEO=FFgeQx*ueE&RslI5fQ4`1%brr?B27-*LQR=1a*SVWu2V91k zUS6&PUE6$ZLU_M5GQ21eQcP_|x_4Aq8PkQyqW(-pniPX(T`Q)*n8S~pU7lM~eIld) z;+F&!;hkbkbGJB;kIcvqtEBo!BxInWV`Jh40xojH6@a_Sp@O~cQgxOw<_%?G)8B>> z*yUMMovo7MqzO?Hii;{ui=t^uZP7r2jAgwiq3D%H$gj6ViHem4wMLmmEi#Pi<9ahD z9_{6}XbgJ1Lc0`SpzXZTr_%_lLnN?8ZIG8bi3g<_TR88vObgzd)9mJsR=I*)eyTY( zC!4f}chbxy?O2JtEk&Jr3xQ(3F;z3%G@!MXYpQt$)+xRSJU?sSI>9;k(+(Ag4j|mv zWd#+xf=nW!?n`ZzNEs)zON}SQpvt$5rKIPdi}KhJR_~S9(gUgtnC8W;wc8E4X`OI zcFSd*whlH9wAM&Xm9}!_iZ6X@JQwl>F3c)VJO`F4D@}E++R5q}IEL=gRp9sjA-F3> zv!+s^@ill_Z>Oggkv-Fk$bKnC&6l4)7HTfN2cMO(Xw&RIczu35DqM(}gt zvuSc9H2YFKw?V$v$eW_}jg>>dy8G(A5q_Z_$XpL3Yd@cHg@ukqnXG@_87omh_Fai`=kHx}}5I2sPVG(SgO#%vJ-K z5g><)9=5Ns$ca}{gOBj)YxaSA1J(M|S}BAV7NNCU0y%bO*<||U$v&nEyxg80und0N zTiH@KY%@^va`(czA5y3lFI|H}IOi4{$oI71W3VWkA!@VdVnW_ZZT|NPLTyLlrMX^8 zrrt^o?|+m{!s#EdMb(8$s5~vV>=t$wr$(C zZQK0nob%nfx2kJ;s^;JPe7Ym}fOu0HUK%kwUe%**MD_I*9V5uKfrES80E>fkY?wMD zFP8z6rS(2f-0~M9_(8E7U1+Gv+FiHDyN228P|IeyTGgf+_KM^`f|RnBNb}mH?r6H6 z`%kT0;;vD3g8S^7B!yp%qUlb^Zj~53KF37RUH+lBF$L|{btN6~xCmH9(d_i_OK*Y_ zt$tvSzLHesol2}g2{g=!fMBM~ErwTZ77bRC0_ZR82Y?on+-GjT>rh+-{u^tSmOd^Y zDatEWL;-Fyce?dLk#VTx$$n{B>~g-aZV1@QE%Ilw#%|nd?6VEBTc-I(tj9v0nwM3m z_uoH7N)uu>s-~*}vvV?J7FpGxT=G$n8HSBUCJLbLx#T#&goXSiN#r2FMhb6Hzp+`D zOR3iB{RV(s1?3)WYsgdm&GVLY6v91gnSji1bVWj>1^ZsavR_5Ze55l zP3als2hGIOcp}ee!*Mj|dw{zu8mTLZQ#KTp$QO3VJu_jS+41NrOVIIDZBGeI?O z=gy1kpI#g)*eM%F0(h{K%DARDJ{|$(04*FC<`DPjRI-6|>$2Y`>`8(NAk6u73ItU}^dIEC37Fu?BT$1(y zc%-3*x??2jL0v1Vz6XCmkFr;+NJl-~U`50;oyf}&UdZ7NdkhVPqOR54EBgtOrf3>% zODs|uD2-JP#)(78Rmat}Kn$%FlPynNAfiYLh&BqWMs8curENJQBSr8nDav@-r}nJ( z1DjZ*)cn0J>E14`>E32-zA*m8P*>qKdb>>I8`xW570b0kzvX37rb>&$&xjqh0RmRr%!{Oaq|cO>@@c3%LM+x6#4KM4=nrDB z<05K42HMzXTwl(@!nZaJ!{`%`;Q(@j9{f4iova?b4!L7|O6dNbt0I}(MiFkEZ%6!c z{XczkjM2f)t8`F`b1X(tV~^zOoEAq*uDVu)RW*8@B+s__$MZIncr0kofl2bhy8NGs?fcr1Gg7rsGtXAHyN1Bk`9-8ys`Q^alo)MdVd%rGT^1Gd+hwrdDEv zq3MU<2-fV?bFJ?1HczT**Y%Vwaz&uahuG2M8hA)-yx3wkrRw47+FYde z9Xq4Bs{V5aBgk%cM8=@W5fo_kYl-Bcm>N@l~QxOQE}2Z#VCjk94J;8B-FCAg5ISV(7h2J{B64CjA@hk4F4&AVcf( z*2I3jo|=?_XdS$YRh2G~UsxJZ(9p-$n;bMTPS$$);NP~Dxzv2IwpE4`dEW~Lux;Z$9nMQ&GwKtXWJKE8#ED^mg93-e+roeP04 zid4dYwsnKq7}zyzI6$lCOj5;{UxN2<${@8K!S;*Ed5B~tVwTyN_DfK%RM!+Nxz z2b;V6s|#ldc~b3=oy64bdbO$n; z4MGkt% z`vk?$?BM>ZC9He9No)c-^PgOG;kc(+=X$Q9)Bp_5k6Y8#T6K0<$zn7e23!RqNn;hLtlL}4r zq2jX#{VGzYuwY->3u2-wkbqn(TnN`^x2t6m4OfQYR3TlPMx7 zFkE3xJMcZzyn@j6UbnlI23ZlS29I@@J+412=ErWqX_^IQ<~zLlJ_!Aylh-~2Cjg&H zkO|%;&)2$rrmInjkGlQuiWsDDU!oF!)UTZ(*CB|NOiRtEd)&tDdx}IYi?(4@NK-k1 zRGSZsNcWQn9Y6Uv`B{JcshQw8nNy)jP2O*J5%7)%qy1~|dr2#`AfDc#oNP+hl8v*W zb8B&Vu&F>B%g+<1`Vn6YK(bQix$kmg?~$h`p=tN?eMwC9Q#!7B1H4^VSD_l%oUY1h z+FAH-ljo`{M($>XX(M2M1IzhN#|vI+K1N<^z(MEmmD_=%zM*Kl86}avbG!J2z|9LK z-Vgbw#I`*|9=GTfd#`|U=tAmhj3K|ul#FHr7!r|)3uW$i#4vN{P{ z^Zs_+`BM_I_VkUxaNivgu-a!u*vh0b^rYWiYvGXC>E-zp!)fO0{sg%UUjQJ%knY+y zylEYIRNipyhHQ~9Z_!JtDxsFu~5Gw3VAN$_`%oZ(Fy$|NKcNFx3T zxn(UebYNSA94L=B zMgHvW(Yl|a?*uziMTAOL)@s%kf)>A3tdlp|cKzH;ncM__G-JPlZ zYU~*?P&0o{{A}^#TJi+97@NTCxfqVNtZ0?Aq4;8`dEpx++ief`=@}M>0D73wQ$0S8 z9A7c9pF3%tp$KgHv`0zn%RBuMk-ywTfFy2;?{fL`vnYv4ha$aRN&=-e^3rfU(DCu} z^Jp7NS?ygx%_!WdQEx3gx30&AGVa-mG-qY4BcP#W39|GCZkXJ#rZJi?z(FwdrNail zZ|36kYK9!DoW-pfJ8Mc;6&qn$5a~#A7Vjm1-8ePMiV6XuK-E5(AU(Ww?owWw#=_^~ zM=T?>wPemMri(Sa|1uoSz!d?YkteuGfGb;RVUZzte6O%MM-%gSAuHo3B!)*5v8Lc; zzTMYdNLyfi5;@tXhSde-;KH-mbWn{l$3+g0%}h4nLtYyJL&7Q#yW#-*ktVSx;Qfwf z6Qk(+^RZ)8v7c$;)de54tNinPxfc0((-5H{B}mK$R)$Bbwil`|D$;8y^1ZUuVwa(t z`n*D=4-j104b_{*cE=9d32qiBR}b_i4q6OizzFph3TXo-_MzkLO(b1_SlCzYf<4*w zWd^tys6Rjs(CzVNC-kCG6z+0H(xEx|MxMmC()6P%OB~LWG8ObAvac3tG(yjP@sOfw zT{ZEGJu`J+z%^5b!jeg9G1+6GWO`NE>3Wp5!Z-WLiMp8+=b5;W^`bFiL*lZ-SLFqp zX(Py0A4Q2>22ea|+DJ;Zz4UAG22Gn(>41ZM3qWIB2ntaXXy^5D4nN&t{jKcAxBYdQ zN1r1HU9c9uSv$qnMa`Z};ffKFVp?A{?Jv)$KzdABgX2&)L%$g?*h6#`K|>2&ED{uc zNK!k$+D(TPZi5EviJQSeF2cVvCc{b@cLdqGo+VDABDg})IWnt15p9L+Wi;s_awRHJ zNrnI-zWC$-0~)5rhs)FBleXA|45bUzsOId83T%&(BDFK_1B(M$=y;=ltn~tCv91`OX{EY&4xN45D_TK zpHP1$^MKM`2Vv{ylmCe(?PlYSJy=bh_E(jRaIIGuR1g5p3ttDn%363yRY8YVy(;_EpH+L zGB?9hS-7Le*yco;xBOe#mS@GZrGcWqGKoEm;gJ1P7g0Bk2t(4`2{DEA0od$_X{0;o z2*AN!U_3Gxc2{Xo1ll8ty5gJ0oz)IsM>7+^vOwVDIwUUPz!`wT&eOYN5g5C`~OeL$D zcIJ^z_B#}(Q3&!7KihxQPvhAo#;I07@88{7yYQL1dU<14G%tBDe}Ng0Byf{-V7syd zVi!A?e{UeY#1o@QMz=y8mXPspn%_N{DU zXs{e6mc{vmpn@|^jC&aRPc8p9Dg|Q`j5fBOGN)@)jvZ-eFHfBvIwqAp_W4rc9Sc$S z6!m`6Y>aiswr>1vy{a;opZgkmE-4%S1xdS9Gz!ucOM9;93#D@=XkM%@; ze%|nu16q;RREGMwxN2V1FDI)Ye$j!@=)sP;lR(Is?Y4_6?dphH<>26DSTfX zj_mlPW`DmO9@;6E{M^0lWPfr63U+gSJ)A+k#O!2eXJ>w1Wkl4}FzS6}<@mg2l&)~T z)*w>)8r6JfLmxgq&ioi13IRMoFg<80sBO<2^D7Ry&^kAPgf7*%%R7m)I3+|#e^B7s zex#sW1)uC{9c6Z21;U;=x3})wTK`D=8kyaU<1pQDuG;9d_MI$?e!*xI{o16P$RSaK zpRgtq@rG0RK!+;VS#t^OvlaeaORb|2D>L}iB$-{LVz+moEciA`T)%z7Dti8}I3SOW z64(Eaw8sB;a6$ZQS=#74SWd1mz5K@-bm^OSsBDd6#!QpKDzD}UUKUztt)Bc+$dAQu zqd6E20IEUg(#LNNja%htyZFj)KiP$Yv5U?<@r4*hWm*=-(U29#s#F)5vU!V01q1$q ze4!0BszRUa4CJQGdn^s3a~5(1lNHEq^u$T@!6i?R%VsDF)0$k1^V#;2bf!>wl-hN@mC z9FvA2{WV@#f|N0r=FQZ{ce6*DmzS*{)p2E{6+`}yub9%0halvY>v zKu<*BRnnw~C{rjWM!1FNUABR+)mUaHPz_2(6snsy`4kJ|*VLExve!r?1b=j-Kf%pX zQy3H2s4jTSc|KMMTiJHF;V`nM>3r@?B&ndI)s&1tX*>p1lt!b@)&bJCTBDLzHqt^i zrgv3-dB6DRm4Yb1imL6ur&bU&1yemtc{heDSlC5Mmb~~=apNC0Eb&#XuR5^LY_MJ8 zPZg2)QX9L7>arlM3yL2cSZ41i;UlR#+PHb&bdUV}_+^95(B=3xoaHHEDY3UVUiaOoXwc*bK12*Z-a5`- zzb6f???1&|h3Q*!PT4j&h`g*ePewoul&t-=BkngGVf<~`{CJ$9nG~SBy9e&t6=qAu zb)mxX`~We=pV>mUzLcgpK$XB7%*4x0s8~<-{nx)oe)vlu!%*&-PkMb4K9Rs<|sx{Ux4~_)21U@7wR;Gv>VOh<4md=}dQukUj zf*U`3eO>Zu_LrZYW3?SQx9*hv<1w7X%~PB8dm5ZQ4cFwk^xQKMlbAuxOImjX-%t-< zAFX*VXX&ivl*f%`uHvfQmSe}^XITfq*vhBnw89gxZUwbV0^zFS=q11|M-nhah3@zJ z3H_3+DO(dg?M@NXHf~K^|J*2CZpy>AHWrO7c4#Y>B%;nQwo4!b*8lQA-iog zYwdWC4=A|l5&fpyFyeU_xzf z(~6tIJAn@Mc4NNXfKK&19yQ&hjcC)m2Ii3YwSxPdULFbzv2}5eZMY93BLP_A0@sF+ z^<_ncYBKlDMKDtUNYgmcqkO9X7GdpTi}ohNOOI+?F9-Nv75EQO&wPI}toywQ z8MCbymz{>WhzN*^?=0m0!R2-zeerg2Nrn-{a!0aq3)4SYU%GhaX<5vTIcZSWPbLw{ zLQ-y1-VAO;i0c2PW5&I}g|qF%QGdGbr9e$1@>GYnf|wvIY)pH8ViupbA4+;Tr3G>0 zy^M)N;IQ@Xe<DC=mT>h?lHmkfLohI*CEs`r zDcASXj>8%d(MA)j3G&Z(0;j%?y0T2#{SHHboF)@#NvlW(#tLn$lTl;%NtUqM?%LJb z-(a$lv}snlAAy`hmF^Jdc5LJ$OX!~#>TPps+)UV+3~7fevG`v=qfwEMjAUHd9bbur zr?-c1X0T)a5pQE`#$4Z+?{E`8xb9)NnW(tE-ShpL8btPDzo*mBw_>Pv2Aed*&Ng4I zgJF!v{ceDrKrhE7vE#yB%^$0BjA{2e&Dwr&sMd9^`M6lD>o%=o&KH0b7gcWhlP&o2 zOE7b$_yl1mQ-_U63m5N!tbFvwMjdX@)1?g2y}_4w;1u$MOEp_3gA z13X+agcy6usTp994&pYh?aBn*-G$^Oy%>Oo@-^}!tVj_y^z9Wuoxn zSJaCuVQN??5%+=tMzwX;XVG2(j#0D*xD=EJ1oZO*Ml)H@XcJLOsI(+6(WQS2FRdfh z6I^q}?#X4S!JA$FilUchlZEk2;!q3jHjAg40x!Wf<@CY8D_b~&LUE>NN=U!xNV~3G zrS)TD5KgLSo`65g1^jDm({_qOri0Pi$E7a*df1 z)`pp;i;G7eW1Ch?{xnNBaqA!YOs&0pQ6HAN<7DAqMvCcSf4OLVz=1NFOFh@`kSeN|k*a#ZS<8;$C=(w=pvI=J#N+t64YAUt>M7g6Y; z^;W69?!x=>)zwk8;N{Kw&k|*oCb+bBK)3OAdE;n4g}vpQK~h=b(XL1`L_&)?P?*D2 zXvRH-af8GLlsh#{M1V!Xod>Or2;&fYQzyJuezK^${BsK zUigb^P6&4D-MR4bBRj^GByQZ;?oP+<>Zzha9%h?VDCp=Q2wIW3W|+;IvfGm2U56*o zE0Lv)QH7C1%P?o|&FYeVw}qeoL7|G&OA}(vy}#d?8Xd!N-}RK=T6@bG{f}9D#ua-u zL$%+>$Q7GsZ2YCe(W>XAlNa`LvOw5WYU=MMdEuwfqe~?qfA{8lcYjhoZSJ*JHGlEK zMhG<6w4)%*n_H+D>u@O<_8&p30K*M@(OwvpE|*x_P|l~#NdL=EtAwm73Iybfx2c6p z=v$a6OfhYAl{eP;^OU|cdD^pWAz_r>UncV`X{_#^YNo&OFa8lKW()0dXdYX72X*fi zL3O}rU##ZoUoOnwc7NH9Cm2d=(91hcPw4H(#-CNcWtyc<2`^399gl=*oP-lr$PxHv z?@W%sm?;?)^Vwtux?}OP3F;YJ$N%kL>;S(Z(ag!Rg;|Ew{aO*oD%X4}r@LSpJ$hmu zJpv1a1HnJM7iJ(ly!XF!iVsfY1*8_EuSUZ`&Eu`%;KR3;er;90OuX zKB8+=ap5r>sC5g%LGvNwBzRs6x73$|`13cGMzs`NqwbV6D37t2Xr9o>mYdn$NuI&R zQjiU$3|BqoaqS&GWzXuer{Ab{-1)Q2xVg$V2D-`i&1i(Mu)ln@H;cl~y$VqQX@S-8 z_eRe83f@E+gdl|`aZ+*$gAQ2h6u*kW>7vNt7`D#(0LMH{aCjqgxoe{#12h z?t+K|vAobsUEu>W##jJNe5pvRQRad}|C)^KT;|vq%a`^s8MaY!^wea=W-(xrYM`GH zCdi?Av%c8A4}BVmHd#5)KvlziTG^sLJnB`M<5^p&_{Gu&caESrvyEA?RRxdc0yjIJ z@4zZ*cw_XO@oSIvDX&C?mo13if`&Q>gXN4F9PuOn)OnM0aW!ukjV zGX&N~nL0p5-lqNfsCj}AMT(V99*uqSE?wfd#HQyMMIo2JN+-!@9Fos@f!wIMhESS# ztC2TY`5zU|u7een2aJ};c$MBjp^CCx=xuE(~|!&Oe^ zT6&|UnOzf*{`bO zagfkb^Z2%*DrLAZtB;e>{0RfU8XJZr?E7X}uQ=T?AGnAmW8T`#SArijvMQ+&c9amvlf9iU|A zJ@NKyF5m8AM{Bm?tL+%(%Y#L9#c+Qpq!ib=r$fc4xC&=m)V#Wn_i-;MOQt)JGt>_7d`=EIO82DaXh4{%|aTlCnpX@RX?!9Aa?C>myGDe4S zq}gmZOe)6aL~Q&xAqcj==zF|_WAekAkHA;0?JJu&QyEwS9TK1CwFS!9{PLi~`cTRiaLrAgIV@ z5^SittV@Khdpv_gTYt%V;Vqs4YoT*(macJjGXueRZ&vz63^qT7O3U(Z8RdA#XtBQU z7PA2t-L8$!dOG*`VyEfz4!tQ{F&iD!3}D5y=+Fm&mSy9m$F&+??;dAR_jYeKni%e> zwuG=?JunnyrD4?JSTO>rR8KU)l9+Z9l%<>bb30NoT*C|B<-xz4M-xW`gGp`TIJ!KH z&1~{V|F6WA6(&1XkjqLrcVk5f`{E;)$m1pbje=ELk_%L05F9P*J3>;De|wd4s+wWi zkrk?Or~CX-YwyrcJcWN&OLAwta<|0PSHyx2Z+0|wGRbENrb|(;p|akTC$}FZFc`Y<|^L&KGg0`Y$GZ%nNI62 z8}ZO%Gd(et9j>Mk1N{0siUWh@xP;G$#wPm)+7!UJf!^sz>qdE1cMXSZUwm;TRJzNd zwV@{;78Ly(fw`^p?m)@boKU^+48|5x==)Uv+iBN+|M}TP35LKVR_m$4Xy83s2l@9e z=gVJRf%sguj`_BK3OTou5NkK6@EqKDoS?^bF6)7}tod5s_IND5boF za#2=@W|(u>$a5e!adVr83@^`}D-)VMPs?Ji*)6TMln1ZmY;yLAWz3jH4_Z?aa{{J( zwdJGISb|FguUM{uZI;Sia7|+J$e>ie9t``lOJSPz8SD@O_#pvrUW(chwvYI4>5q} zo+x&w)t|%p^b(p4y@w%0qYtaHt8$TFu!M% zjX9pPf8DN_By|#u9&#PEFsJpOI#WScOX7(g3yUP$9i}Z~sqk8GRyp^Y3^DT+w1yHW>HfPtUGzdH72896Dw2T@p`%sHzvFzgK&Gmi(70XT(|& zgztr0c0YzzoP2U3mQFI3UP~dV>F{~s@QCXI(5l%s(=^;Pn zMyiv{m&CFK+}prTd7pX{AFGozjt4q?#}gAC}WUI+~e7D4h!T5sgiWwTgVl64t3DpzUcD!xWu3|W|2Bc=j&JXK$J*9b6BPA};6TnGC} zoCIZ>=!G5xm&0L0<``fK{B^2xX2KO1f@5Fz;n88F+=20`fUIw>CwR+JKd4$d}mfHGv6w2narW*gtP2f_T-4Jq*6xRbQFQ zKDvuOy30PvPdgI>HHbZ{s>jT@PSU@SsWV3MW-s0W#Xv4-YOWbpWmSTHHnQ}1>=!4| zB5Q?0MVL!WLhYQGI&zuBYHZzka2OzMX&8Dogv=ut8d(@meUn(OUisPahPH+c$m!-t zZsyF@m)>MZ52|VP4V*#Z&z;ZZrdE{pFT~N1ta{baRbnT%f!8&GHO~clBgp7y5Ziw*wz1}ynMaVKJASdnMceDiM-bP*bB$fI^WB3pS>wAH9hdy8K zk=;YUJDyjx-8+{p|EUqbl^z5E$XOB$m|YUJ-?t>q1iRvwzF}F!ZgDe7t%PpZAEhTG zHe9mV7@DqG%&h5~W1S#*vaiJ|qih68S`=dE;0zUeU>x>iAJ$bO{pxxWbUb)lh=t`N z>5MR9V{P#T>7e`E#d18-&?4d2iM?SxEL^}emGoGmn6Jy!h5ImBu+^KSfRMqGH zoi2w`JYL{b@d$@*n=6uaLUPm+J+W4x0gT!p8t$2|;&?N_!}~{IUG~g@6}G2;xqk5C zKA#t2Dm_uVICoc8?7CECFBwzq?*dbq5J!+^Ow-TO=HM>6eJl%kAW zJX1)a<=f>Y-^P?ZXsiyH#YL|PY5H&F-^&k@8N7&+5W`H+*=%ZU>61oG#iSrb+?53X zRw&9AJ(6b6me$_5$3vGZ596wmNn`$4eHFlml1(5b7uV*>wL){=RI{}b-o2hI-2J>< zQ+^DLz0TbDynCm-A4$yMk?Sphso;bgBzS5=x#_YFg%d-QM98W7SE-OxkyG#6C4j0{ z)QQqWh-rbb@C6p($ z|9)@W47X`VUvR0AJgC~*_!?sW^lVM`C5%qIEV}UkN+=08*OXm>x z?jP07o3_}>*Q;neA>&!wA{~w-F0_L_>)82*C-%6TJK+V_joz)Oa)xtzgi2)LQVmS$IPgg`x5)dypdg+N4LV6N&70h zG4JBER)#(DI6Wk^8(?s^sdDp$Ry35J!)x2L_(Wp@8=e^$@Uo5~ar~k9x+ZgLZsot&ZtYO53m6k*c_dC)#gf~! z2#11X&=|BQ+$kcf9{l8vQ6IloLA`h88H&0Y^rrZ>b*?Mxs(A=q9opWHOmP|v?qa8Q z+KN|#Y2>g+I>>0rbmBZT)*vvmj&p7;!FvFnr~Rfjn;lKV2rN*1=p+Xl_ zmQT!K!zV{=IL(w&i!=&PJK|GP>Q~qw;|m?f%ek6-@6XK1zOFH7tl+KH(7>X*eP0yl zAGF>sU4IT2Tyds75Bix!%sFTI|Bs<=!!{h|7`Ed#g`=^QXeRFI?yj9#F#;EP4zZuGWrEgTAm01Du`lmB88RrC^Cv(o*utasO$4jK=I|1=Pp zq!L~wcxlQU((#dz-1a*V2^T96iPt`C9V=*6ICKjq5a~kaTqv7kglKSigi<17KS+aQ zaoX@QxweITCd8QC%4EBRNH&d3ns{^xe#)09V0s_+SfB(YpRFoMr)G++izLJnqN04n zU=dz($902U^}E#NE2Pr%xXZ?|zxl~qpZ7Hu_vH>aNX&WNl7wr_k9~4Oj8y)7I_O-Rx$0JfePUC}G_=qE+N8<7_45!TsZ95MH!7bY6SS~MG&20S zae*$%s}b7o&_&`uEu=BbqHfjN)3DxMk}1WZL=jLma9@;@y?|~YZ|CLhOW)X8zCoZb05%IS>s5zJ)#X=a+G&_ z%C@j@x^U>Rj@0}owwd~)7u9Ou%e^$;nc&XWR#hdUI96G!9G^F-GCeZyM9l{84Kc?? z>yVWPzz85IB!oVzdJ=u9K2NeC({2j#&*3=wP!rl_+Oq$XPPsov3OMBJs?Pr_nibEO zu1HGGln_e-3!OA`Af?M9Ql;A7cSydSPMN zn9G$nuMhiI#b=unBz7$)DD%EsD!h|{sD31l-9_MNz@f(sa#Bs`s)njbjD?LBOU`C< z(@M3{?AqXoFgkLUaiWt~ybWksqv&+xX=e6rD}lXa&TljIqKMjqHmG7v%k`N=a%~&) zqYe4@oDE~*C zyI4eFmO4Ihs)6CNrpMsw%6S)uAxSEy|F_v-^Rj8EajzVY-~Ad!3!g{}EJGN(55Q`m z0Jq-9X|a`9$FM;xW_pcuz@wSLWUPe9;R5;dYR)*K&!rckb_?23eT48M6;id+{369l z7FScJz6m2CMz+04Haga}rh-!T3`1R{D%(3!->Rwrk$$y#q0%8OjF{8s20V7AxzCPh znd6YzxYcX<4P!NJL2ElqMSGXKuIFuQgfkujLxzBoB=`rn0>V@~oP<%C({&*yDPT`|Y&sifxnu_J*pCP(0V;bwM> zpc@}ASViOW`VgFvIRiDHO!xQZeWr>V$3rhSbHV?ZmyR9ij>54DeYgd2SZ&yBLJ*@> zlgV(jUE{Z{GmHEC$=HFBRkfX`X=do-s!LmuwSaUhk@k5_=SF|$%<#dTSrY9vc0V_{ zYdF)ceL{vW7~$Ueof&6h(afwSF}j{EN&?om_5wW;lz?NguXhx)kv2B+_NL{AIy0#u zAEk9Z_h@6TrVRKm*Bsp}xow2!_OMc>XYr7Up{z1@ZeqEcgdp zlc4dHk4wB(`eA;e*>I_e)gGfMZM6YPiU-Oqpo-nMvZO6QRBGIC55y+zeBLKAZRe3s|!zm|@gz{SD0Mh`g|uIhk8NrLu5_UrmDlT%TTvV0S;a5S>1{wi((QXIQQ&l zbfF7&k!*!ZvVkwhDrb)W7wGFD_@}g1K>d{f>a>~|6`553N#wV7ze_fa@oz1gUhqYO z)#MVcdU1?pDWorSm0BFWlJsV9yvZ_PBH7-ANnfcJA=uyC1(Axg5o*o2OO5$AtO#Ra zbZHghQReA0tm0|8?+=zQZH@JYzmgTAx`7qv+#uctRZpeG`s%n>{n`wA+B&2!7F>~2 zTmQUk(pbw$XK^Lg;QC?AAmwXmpNlOUtz4+-t5vero8?&r_;n4xzN-PH>fFP0__D#Ob#+l&$s&AUE*pkq*3aKrHW=8W z?mY4KdkZ8BR9W^ENxh9r@fVz`EZOl3(_z-~$88Qw$S{n_vZaa=j_labcoXjbC~%uA zj*(!=rQY%AB-M}p&74H0^!PYP#`o)K*mdwkgNO(H?VS84m#6js#cy-QX>hJnx1KQ= zE`tl9e2rR$eNr*_Q^q-366wPwvLHfS?gyUcvIU(H=*L)1#rbSA4Sj$7P4~oKw^GhQ zZWL4cODQZ_yWDcdn}T!T^07p|Zy7?^adxFhq+a8EW($Q!kIFshG)V53IJ5$W{}r3E zrX@RAW*WnCO^Aat;*dY-1wn1{FT$kta|(tgf>g%tj8bEuTM$b3By5qQc#T`Tgo=gm zLM^`fM-taUqF85#y6e|&6ep=Xd#0o*Dj~N-ji529fqsj%0|TRW015+m9Jkpo#|4z< z8}e2#cMXCPsKbD1%1i_+xoOSuO_){Z%{+0HQI zJuI0jfs@E}eC1H>;`-s(@{g>5?iuS0uAMU1vT3VzZD3GUGk39-9}{qRCeu zRNdaz)h)q`@DYOGLos6;)F@SrV=cz+@#?K`OKW@2Umt0A$4<+%*tbd08ll^VHkOSL zbjTPElHNYG1lW8zA~&`&@#SgOm3RBzvu!Zrv+Nk>KD$Y(?4q=~0h0)NEX}CZN)c8= zAnaB`m#t7tkl3PQ5)pJ)5L#A@Fl7ChNFW^BsL+2$l~JreB({01|11$$Fky`55mcF& z5uHX?q=hf5%dq@K+QmqNO%eQcIEI%tNk4n)v2|l%ueHML!QDYZ0#frb==k?5nWdRg zyX&Aak2;6+jge`I_wrThLv+mfRz=F#{Puj?tiAT)maq-O*?X-nNFH{Kh-^NR8oVQ` zPI6JPvZz8-!W!6ud)qwCwvy2z8E~0k)P>(=8Kw^yG27s*$qJC44?6YndH$qGn766BmI0Zea>3Ly{_i#p_=hTml1&LY zcFt}+24z(aOn>Jw_spx8jv!Pn{4N5JT2Tr^nRa00m1El)?{as=-e~sh%V_qD-)Qy> zD$B=cJ5WLJ^f6Fjhvj?8`Ms}(c~s~K%a~{e%Q$xw0-hxn|Nnpeq38WUtiM309;qqM zUKD{HE-zT}TW|e4Bh@dClQRWrCT>N3Zl+)j z`^~@0vpU)I=7-IWqeHJGJns-pQ2o>HpqlWQ-$ucB!h}qs&TiO!w=7eG?d zM$!V?-4!!sZ=ukXvQU1lV}`_n;#baaHY%qfuKi^s)niY&EDZrn0V+ zmV>{t1@4BGMAbJR`;Nt2Uo+hkfeCl@hn883!=|QeRg0e)r?_Nu;rWz0KvLcCvgB}& z>p_Xoge^bZNU=hQ&>Lk z|3AL{DM-^N>iP!Dwr$(4>auOyR+o8~ZQW(twr$(&a+lo`&p+mU-uYrC=44;j+B;XC zWUQn7CCQzElbi3gIhkm8X4Jy1*Y3W4s84pRGIKNPr4yg%_pFq4L>jbRsAGbVhFCY% z#+Cf1CRW_}?JQhLux|09F*v7;UUh;bctW*mv=2(m-fy{L(pN^3K0yz*0?A)}-8LAb ztyvpHq^r{~4zpv>E>b!^ETj!hRCj4fdCo=$uP#MVtqB-4nt7FL@mSX)Uo1p+|zQfVLFSmdAc zKxDaYm1f@Y0(#`GhXVSD@dEl`9QRWZEu#M^9%c(^&<5TMY1w8AX|JzudG4n_pxeLW zmdAWE(dM-mDGamit|%^+Gmkk=$}|ZVGK+=RS`Q_kL@SxspKf_}y_OYOH$zN7y=pMolAv$S=CU zmcnsNc;iKw$MJ#3-3PNF)gshZHIT>O?=eMM*JQ}93lN$_i4SJ}uvu|E(4ke7owVjH zDDH=}hAe62YJFkxkb#`OH~`qJxO$}ijfKg+`<8J*i^D9smZCp_IqEn7KI%W@UDE$< z^MLJxFPnumyCew4SYq+740Y`KGRDTehHx&N;E%G4!CnfG?R3ne&vYGvBC}Zk#~bmOOAL#ksTb4#sM6T#(Nx& zMiF%U|0#C3AyjRwPzv^D2*8d0JgT*N%>bUM+QR73N<`l|Soo8WR*5=^N_mGQhrEhb zk{ORxdW=Rah;BV`Jqo!?kquK=w*;8Bh$zD=+)k|XN6Fd%C!-ah3oCT+m{iT`?#!VA zj6}5qACSCGUc6*W6GIo}+P`>(jFpE8hK`BNfq78@brdwKs2dxm#>`JDZ6Ln$7_*#q z3f^Km|G5HV1N1Mq{;viXgjxv*L1BEXF(C;EK^D$^+-Ml6Xc&*&EoGU8&ysLifEeW< zVS049EFcN1ppXwhDE2$FkWW+~v5*fC81|nSQYIwj3BQC9`yILk5%J$Q^RJA$6b>CM zQW`{rEI{SIV0Q9C{ZBZd4LaBV%j_OrNS(mNR7l+pK}cOs|9FHffYGdif=3;V!>oeh zVoX`a`9EckFGe}ICJTtO9-MOp^hvDYSR}Xth$71tj5~6S&sPK++HEObDrhf2w=1|d zs>=$Xtu-7Pv=l_{=DKV{{O#a;g1Er1eO57^gc++5kvJhEfB-Rt!2ujwIHWX&DpvI- z96B9@G=^|lEHO&>e>ikH5JbduI`(me$)n1XMZO6C$0365X0|W_rC|U6E?;H~BVY;0 zz>T&44*iNqOkuFF%-H{b4Yq!|oRETnBe4(B) zTjV|5AwiMJ=_xmptsTXTj`jJ@xbYGW*U=l&;^C9x7B;INu`;z=^!euNKsMySs6C)I z{w7;eK-IPxRz;x*>o@B1e1I6)WYw~;aOApGz;Z!z6lcNj(v?s};##@MsOdF3`-0Ub z+k74+4snYY=_iJkgi-2IlxWh^@HrF~9aiCo3E%ul=VBEL-$huwGLu`W8&rs&O zFovuiCmK2TaAxF<>^VWRi8VvD2j&s>uaD-H!4NY&U%x}cIq{5`aPeE#2ON7P*Ej*}*T!)-)G>)(^Qqe_VP(#4uaNmO{6~<7!3Mu7dI4-d zQ?{l)95S#(e`cvdjkoZ2?I^J8DB4D9IUhM;A#$JxJpPVl=D12OL?0s(5{*(SM3jH?Bnq<1 zH|N|ANZWUr?kUSC35u_TIQ4~3hDlL3A(3x~uG3yuAQT#$0 zz}QoYtzhU7=MAB>x6F<4ru>Zkv;3tAJ z8Yoh5v(LJ}P@jQ6E^ZKyVWC`0thTsj;_NXv;>Gm_^P4mLwO;OMeK$i8*4l9jsJE6~ zg8cx6hg$+-5~GnVVnhGRG3@ho`}mM(ht)I_?3`wmlZl4Yp;X`c6DNtcuc_|b22pt8 z7tW%)S^pcLz|t(^3XsmLmG)7`c0@ZuXiPl~Yf9b7_b8{uXUCw)EjaI4sQx~J*A6DJ zNz$%5cRr0Fw|asA+kwT_rJR5`cf4tJ5ObZy=<~G%(g}PNy_8G+Y@PwGXtSzqG&4l% z0SJOsVp#>)AKMhQg!2a2ncs6K2CFW3-xH`rXyzk_`CNew`x>gl4|{W0XL`K*!m6Gkqb6O`L>NfVob0 zEUtT&I1W&Z%ZNXtL+)Qu&oR`IIJ`91)lwNF_;WDlZ@tOwNpPRPXCDuD*iQ5N`p}gk z)E6LWk%dsZnJY4sLn{U7*4Y0^uSEsQq6(2$d;SV>0nQ7EUIoezm5|%n3Y93sl>+o5 zrvzD)w&)_1`WnwZ4~?nb_Nkml!IjWc$3f#OFOTiuF#@B8Rpbs_g9%;g*lTd2c6{aT z=6lhjA<6DI+FJO^ZS}3QUoKPyLEUJ@&7SA;Mm?QEf!;qyOLsf5?hXL4j&W5<{|gUe zUQCU7$i=0enYB{%ZbDYQUgS6nZl3h0Uxwr|Bhgeh*~GEbx0AwMf*#L}MqH-redO%0 zL5Q$2-%%BDF?*i29`sR`$K2H@Ao;3+V*mtD|!Ffsw;1phd zhYa1)lM`bH5s6)r4YhBUbST>Ij78CwenGvBEIniIp632CmWKmHXGMdWj^xvWMImzp z1J0q+{Tx9T7(trsfi@cn@IN=W*m!5WwJGp;PsPGM5|!Us-`rA0+`<$aj#h(b7v7Qq zRzqhneAu!A2~i{*#R=G^Zg0J4+2lf^0!(~8S{1MUwgO-;Pvv68(I{!C+*}CvSeZGHR|KY?1_z;I2uYL-j#%XkdLg*8q zkEs<+iXq5*4Nj?)%M8Jn9caM3GM<^Vz;s| zggmFc^2yHqE`}rF>*bN6Z*E3z*b!2I*pub5nI9 z{whnX)a~)dyT&O=WU= z4XGZ-5U($wO7_cYz_gBnCW$Oj8{}E=*&-00Bs8O((!8@mY9pRJnbVu5* z&CtTnLNzo++1~z8#6jp;&dvTd*IZt+c&W!#(gj47X2hzq36W7$t!eY31M z$be&RM*(YbD#<#B27;Ye_QTe=LpCVCpuKwWHxU2uQ_Wum=+Br^yz?;#)ksb~&$2H|@E5U8Cr&)wa*5d(_?>2T#lpRq^P|5y7SK0ieLSEAPvQ_^K*l+v zP19_GKqaAM9;k2D@XPga@P-{8kL{4vvF1&pmvc0$}!0(%>4_6V(6?D7M zHh{T~g;D{niR{$`N?R^`GJ1N~)N8OoP?v5^=V}U_f#ttN6iK){C4#yw_uyc*l`*GS zHto<0dbvQ3i~wX+8u6GhiRwH~F?rBa-(tJ8OlJh;uEvM1DcGW>B6TLEQ7V$c*qW&) zYjan>p6?V)PcHsicb62lM$BLEOC^0OxZ_k-;`a>XMZR6Qy`&eslk9zMt>N0ybr_l- zPzI>0H=OWCLNgad6HV}WizUl6O9HiSJjFc|Y^lR`=uhdOoxEXm2vQe_I;bw8b5>3r zT`a0b+}?H2>o_2ha|`S#kntFfmgaIJ49$NEeT*}hx zF8W(ZV&7sy*jVUDs)}dGCEJeD>5&VlEkKv(hh*T{;s9_k8ctELGfQz%t;20BSKGr) zD~O zSyn;)L3=-O8<5Y_#N(8CvCkQ&f6rI*53q&$2pN7Ij1Fk~=hZh~gbctw-R zDV?*H;rhcUOjK}&a3Q~qpQbNhP}2yC^yVbt+S~wjo$0#O3ANtAI8m*Mm&LQ}K;^XB z;CNC)nv~>-wAo=1=G%%UR8|$`cZ6IJDqLWAgE+21(lO*$JS^`WL#g?9);e93Xu{JuQJC4o4Ip)@pOPnR#w5F)I1W0= zTJ2LZa7bTzG{f4Yd_z9C(Teaqdzt6>=oWHvcD2QsxT&rCr%uN|Ym%weT-`{!gnWX- zvxO6D2EYL){;~J5ZkX_@RK)ceqm#Y*r{^|pw$V=J&R>D6j^uc*`9^Py*XM3b(DElp zBIj|UVeF9!Z)hO8b3jn9B;+8-w??TEI~}g8v!Wtu!dlh;bi8?QQc3vno)P0F7-b z<&;aKR}*vWxZ`T}lAuHU6(%VsFK`t4JNjyzhqkEIc9BDs7gF zLfnx;Ra#Vw{mC53{BY$&kK-jm==lX{jQL?KZmhI7!q_qyw=B#;vuGlDuWM7N2H|Mf z!X+iDr6CC&D^?{QX6V+Pha6XIT|fueG-R+V=1F{4^cuDRVO-VCB8EScv#7En#A!es zIIbpbzlF8zS*naDgOB3v*TAKmh0gkDAS@HU&LWqw;Nfaq`=|4Y+3tX$t-*_&ymO;r z)o=VBmMgtbBseH`MVat*s%slb+_{T+@rhyRw&JVf(EfKw^zHPbo5;aXS?8vX{COLe z9xXGL9^~-X!FwT`J?P<2W3PRjkVAi#o^eGFmL5+5A)GybGnSr=W3#4Ngz(o79E7|7 z#u>-Ql(!*=-{@RD(8MllSMZDj24M zR66b4WB0p>g091BIO!Ng4oRH+W+=9?giSVP2zS;SP@OhLv8XA2FXLX@NA;^8ywMDL z{rk_ND4hpcukoC>>vmHYP1?5ZX&-cp8h^x7OA%m4CYWK}mbLLv(BK?QfJrN71q}Ca zK5G~2FE|u3I5a;vhu+N598E>28dDYZb{?I3r%PO zwO&yCL9=2&+|R|EEsxj%Ygvps*zNRVIdPmkQ7tvZMsr{6!4x2B4V=gVL3J<6Gmc8L z&EjwuHcWP}VZS`rJwW~m|45dYy~YR$M^ppNNp*TXd` z*Mq>Y#yHW&qEm1~E~B)on++j2baJAqe3n`(O<77Pa{^~k_P=aPKcAivRn$UCY&q`n zsBqCuzb1L)Vfky~nUh2f2PIpZXrBNk!j)%oc=mfqf8^dCnTq>uL%mGslXDs}!ozEC z94V!1gZRZbUw+Rb^GdIA#oa)MMUA<5PkEWz>W3F{(oB5tihx--5R=NgyRD@_Tg1}$EHSNORvp;)M^vH6rau;csH@c-PS;q(0tm7K}ESS*yT*h z@<%?_3y67>M-4}!aXWX>MpvN62N26J%3g63=ko~n*MWk_W2xSb*O>P#ra9U7VV^|^X40(Nsm0P6)RN-QK4%#rAZIxd$?rxx zi=_j#G6`Q@MSkF8xKZoI_6xio4eGBI`9Bqbbu?zDKhsN4yN{u)KH?Sdj0F*a9=XXrZ*llGuE1g`4NdZB1gn7|!M z4uzGt^-=f76h&K}X-CG6dNhKJba&dSJp z-f=poWr_}|a0hE9h96hHY-iyQ&vu_Ev>)QE!;fJ!S;R>^6RGR#ux%IThb*Jz-M6)}-MIma zOb?i_!pi&Q^k)p8yNp-iOBs3AZMnuoNci12vZ1~By9Ps$crV+{<{{ zmhNwe5S;#Vr@FmfzVE9Tt-P^g9-S4tN7m5bGLTyB156Pd%-A1KlU_M!O8EqK>aIQ$ zn z5T3ans=@-TUUtTeMiH8YIvtq&rY=%$$kpN`#LxOo&5#XUOQa4}yvF&3b^@yCAC77V z2y!@6X1>F|v&vmiV@YFn&Ky0uV9cy#2*#*P^i;Dnh6S{Gm7y>i*My2Pt#Hh|f(-qF z((dyQTN{_-s@+a)gZqyJ^(nx_@i_Irmy=2x9);d9hid&qr?m>1Vx*FE9qW6_}C89a^#$XR}ua=F+9-h!?*gs_-8_ES`bz z6u}1=aFSV2yT2cLOsn|5yujZP)lQ6@l(53~JA#Z1(i)_F;~i&i{-wcnUVQkjZ^8gGLhW?1wXEa7hpF_=_bQM-){u z0-5El_uX&6)WOCvyxm*}F_pXuW_m1Y=K&sFWg+uJ;lIzJp07px|9u@vgNMLvX<3;V z$rfLIKW|DD@H?zrnr)GDzKL1 z7^K}bW9W?OpgZ&tPhk{MNTf7MT9LLvLNl?Mt4wFQOghU|{zknJD|tt;5fTR?C!PJD z-_LfNNDgAM*$C;!c-H?WKdjI> zkN@X(iX&axVHXnoYZ=Mmg#Z6z`*wljL)*GmC4Kkji&*AIQB?OohV)tWg~;k-5Y2nP zI4BS8CC}4E2(yVek6js$bpta#M@r4zWx9{&lA^p?N#U@QlHEgvH>Gl}N#)P9X~{O& zpNydYy$v%T57#6A?-PwLGq7J@KlfL|MmxWLoV~o9?~gs}`#bx*{-O(hol0pkIL-72 z@V+JWywRdf93HM4d6oZ09;}bbu0Lq8eF;?HPJcsU5;S}O(4tpD(p+Qf$v#05kJSST zXf$bB6|+Eu76bOCdABBv)2 zb`B)_NMdIh3C5WYV5Mr;@)7=4*`!9U0>A~DP06Ea+=9pzS6@y8%?gzU{^S~V6uiju z&f7cNwAGzigv8?pj!)e1e^W+T;^u{P{R!ivL=kAv5$#nC>*k^?fwu99arTH=Z(@U3 zS;9VLe|kf4#+OqcdX+L3;uVKySls+G+Fjjm)XVSx^YMk~GmObfQNPwqLOZG@^JQq9 ziEnMMuQ*^S)tWx18bIIcAulHL6pW&zC;@OoxWNJ2@tc-13Pi1N0TPu1&Mk-LtkqD* zXso0+QwJpE2RG+|#M$sO0|}>|(cJUPFJ74t@x%2e=%>Hp1+^z#wwO)7I22^IHu49y zyFYN&@}t`gH|(f~!l6*W z!fUdpeosRy>SusaU1Qw2Nzpcz_?ZqAooJu2RGc0aGJ}v6Ieu}p%Isl;yk%`z`VLYZbDD(U*|SIR#boS zf5NLrouf!dlA*QJ7_Ip!|0i&2i(30en(f_#_*ii!QAL-myawO$f3K88a2v#7`&l-K z4PLHjKwEr#W>Nb^S>kZ+U z)?emAbDvnE%tH^=h$@UGA2KJs7EuXPRje`>W>|bZpYJ76S_sZNCOyD<@=@Cf{jk6E zVTTsd-UnfVKN>>GBOl>OmT0QrE_WkR$4A1tBxrZJBfCq-J}GN0AK!&D_*7WX^R)Z5 z^582Y&TRVroflzS|}+cI;;BXKDR zkBF?fUx+sC1k++P7q;q;6;!7WXnoPh4N4Bf++!>-^uV$p)w6mIzr%HfbPmjaP-l#j z5P88SSZ69jFJ%S5Vv~9WU|XvotjWQH={!wz&;uSdbJtJA<|Pr9EXEk!1l=BP**YzN)6af>d=E`IW*v!G}O zsn}hNtlxGx)IXvBsgqBhQ$;;xySzvXc>~xhg0O_-Tf7UhnYBd1#@wL#o8!+&M8%RA zyoT`*aFt|cf7=!@)GIgx1DIeIN5yO%&wA2rz`Ksxnp_*3_HQ$)O&oS*?wRuJi>6t zpuEL&Y{5~k;F0U97#eL##$Z1{=}uQG2H2mF!>7WET}HAT3v6L9Lr@T_4Dm=;bPmP> zQtVJFvQN(9-ts{6{&**}#_#$u!L+qy5VzQifPCKojyY8YO` z(>?W_wy>Z{nZK@8KD#cG8*Do2!~VRFs+gfZrK}%D)NbB&@C8NaRec{%nLBM3b8XfO za7JXBYGSj6Ro5viX}%kvNO8qx0z0pNGkT15?{$6|<<$*k8U=*x(7}Yr)X!{u< zSWU=l6JJ59 zN7lVxRBtt+lvl83&sb6{CflHx69yyj^Hfa1ZYA2sUAJ-FB=3#RG$FMTDHu;*xBh!~ z1}u1II(LCwk;k3>mS)mb_`_J2CLFJZb-8BAI2S|q;1R*_T;W)Ir!Y2P>twWIeG;0X zNgpt?=sp7ND4EV#`_77|zr01>f?D<`=ysUqL*>hK>};HTfwhduO=1 zS3&DiD)j^?M=4OoB)%Vs*%%^vvZ9{TJYqYhGVV1r8BTXrNLownf-UAGV0@H^my63% z-^|wl)Cstvzg}S02{hD#yN3S2o)pH;{iZ}^l5H5{IW!4}wX|rZAI+_WD|P20XL9wD zRgQ-=w54K7+C8GpQj0{nfiP$aO%k_2+etEES1+W@WsXHjU@6%kJLjC^x!r^87}PJ& zV@TIc9+(8%S<5VJK~Zi~L(QohS2Zb3BQzEL>HbSt5^heD+OuuHpiJXUlS;6&Sg7o} zt|nG^QmFi(Ow%b8E;>2OiXpp)Lu_C(P^j$siVz_>DOPw=%ZedO1V`B}$cG^-DOPCC z9sXbYKi9j6hdE8E0EX-yo>-yz{M*w=cA>KCHVzyma#(W2|6S)zle+T|%dJXVntS?V zT2;2e5k>cotq`+06G9Fo8PaMWLaqW>XA|KT#TT&1y>4dD9o-l^c(A3eR-1|&_4w+IdxQ-|AGCNaWQ>tt?D^tJh8TKB zOkm(fGL@?mUL=3S-cQ;*{p-`qq>P?WFmlDFWru!cSq*@zR8Ceog1zKm=dgf0{FG8u zH}M!>eI!|%fLRYK)o`YG(-Uh*J|;=5OKI)(P^^Wr3W2TDhs zpA4DV+^HH4ZWt0m706kl;q5x{Y3Yn=#F>k&835l?AGT@>WKnsHX>`tbO{Tcelci=W z7@xL4>w|2G233*O&APJSWG$^FNe|#eGvnncaqVZ2Rnb5n+ik=2A|k9eAn8;ZAgX1f zL&bmbiMheVHG#ckPzV0NDXas#Jw#VTi;v)}PN^(IXPAfaAfyBxexxP zWZS5@^C(VUc6c}*$IeqTYW#F(dMnR5iKyf)niGbV)Y+ry-s`D-)Ikmpb*A#p$INKQ z8QIQ+6Vg*`&RN^`D)kZmF5s?6h>LeqJK^fu(S_$kyrPm&%=eFKwvSH9w)=^mKh=8? zg<%4^%{P=?#sGFn_6$18fSP0Hx;``Tr+|cQu9XraJ*uP9;aQ0ke%;DqE|Jj+;paOK zbd#6?AHDn>zjvoIAPLh#f39$7r2rcQtaX)Trd*DN?lc^p4rWA%lh}3cU)|9{=N4&i z|8Gx5ZVxpHN*OMGHeTe?GA=MGj;0mFWcjwMr<)lgO#%A!6JDLg4KDIH?wmBrVl+5W z1@^q1f|VZ?Z@Il74=Y-mhGa34oFcdIIN@l@Ik%}ZDlo$XJ$8fo0B9DDKCyI9@xdq_ zy%x}Gvs1>aDnr-pyy1DOl`bt_CiPSER67m<$ve~?<$fEAr8j&eRGXT_w6=9hO-)r7 zNz+(YGKw@{>OT-_zjTu>1cqj|&D}s=6Zo4B56QfUo{I-@PvX8;IUQaYX8W=Vv@ z=m>c_zT#@y=u=+%zP?+?%<5^q%I*N*=94kBpzlN~VIkPt)qJTO%;Yp_+#%!N5fkzX z*S2)vbmQ7-9K`W}t;`9e%A z3|m+ju+2=}weO>Yh-JBZ)Cjgt`KBs^KvDzQK!42E1PQ3jf_QQdyM=Rbj>TG;c~hMV zuuoOzSrShfP3f*JX#dEhLfQBa`e!=S7yDpKvy!1YKYrlIczI$rE8Ls*>B8-R~+fkox zVyOIRWsKnZTD*#7TtS8nb@Zg;cxmF9AdJvjNy2&<*gQR!o~s*(ZAG9DLZSHe{x%H_ z!SZpg3MZi#ZZS(wOZ8yN^R>2E@}MwWEY)`Q`BZS-1KF!OctpA0=f1nsW->)#^;_S`|PP7Bs_p0-9k=JswIRu3Plk8lmA>@xpQZb}H9T+|bS6HvrCQ10+ z{4_qVXtWedP{>Y}`Yt1vwV%ZK#_vF_6)DR|V!42^FlFJpQ4r397dP%xJZ33lmNxnK zPKw<9<&waJ)#)nu&v_H9V>#GtC_{z+5e7>6S6*&WXeP+L4>fz(Xif!^l+T8M-P|4L zOH0Jo%F)c@^B)nDVxh}(?Ll7uw*{agGduE`ml2mO;HYS_|8|wri3$N_MxScTWUq1E2f(-9ZZJ~k8y{Hw z5oVQmcxwbdG0`&|>;wWeI>9D(5lrtv3$-&uOJFh&{l_ zgR97zkw+PuyN0u+iERa;IQI|M;tEBOun!bJygb(ymL}+;e#pcMTepb$7E!)HDS>#I zh&i5kSuhF$*>W9O3Mc6^2Cz*WDdB0QG1EU%0V5|0pufBD1x*o_BTg%`3qDC z!LEQk#Y>qJ=S86$AKft)*0FtdMf#Ke_7qXa$oowqNUNpROv$t&L+g5q`fIl1<319G z@BAE*nBHiET`6*-oP~KK3HeQle*}E!X`m3eb1P04;ukZXEl zGm3d&VDynr_Ro}!WTSoeQ}*D6t9oGH(=bTdo)0gR(4ihQGNYFzeQJjv3U-BS0H`8n zJLwHJP!^A>6Xm07#T7{sEhwwu-Czi7s#2WSvH!PHhE!C!pMLGa28|o_$hO(64BKGq^p=(tC2M)FrH)DVl+OgvWhcNk`^wdZ*E{C)H$l z$$)B;h*uj@Y}I|OXM&A9e_+Yjma9-Nk$3fx8m)6^=f=J@Q9Sk>Qem>u`=1;7Q1e<2 zW_>tll=3EeQY4Gv3^oaDBxReRsIHTUB!)Yn0XKrvg^aWk z9=qoES5RhIOh6 z-N`OZj69J>#W|`ApFzq^dtGs=M_3>#Bq!^P!`k}t{me^vhQ(YKsT`G1$>5KJa7m17 zW1$(k`_x*SiQ%@o0yLT0C!DAXZ^%8`nttQq74BeJVRbe0BG{rS+tXpUkrXE|F$LaPQqh5vPHQdZK-tS0P<;;yuCbpW10;1Jf-A zabs|K-5}dTn=VP(h%@q?mQq#=aa%@12Y7&J0i|JaCCM9Q;%{w3V6B)VC5-_5`N|^kz^FUcZ<0%2ook5E6U;Q+W8bd!@>l{f?8i1 zG!b@gcgt=&`~*nr_lmFxn^hoXwDR*b@oQV(S&&k%1V%GMMFL`Op_nff)~B!^k=On9 zfG>FMa!tP4jDKke70brb;;t*4P=Ll&suegKHdfwdpDayQ+0e5{q2d$jmq{|i3r)i-7b(oefOx|`@8mO}80**QaQT-B5`OMne z)diWW`4D8-)7kg+IlBGGy)I(A0Lv##X<8w|P4!zfiiPt6VoTybY3QyNMPs`lxQ#@I zs)WcV;-nT8uu|a5ZmV8|&3O^}wq1-CT3bXDD#v0gC$oF~8(rn>KxB%u$GDofK^SlX zkWMrn5LinVvm?IWunpeIy{R@7Qz~~baB|50M={hIG|=n(a{Kij!@YjaJa43bJNiwq zxL-D@^RaL<;7V7O2VYd`omD#>ZgLa(r?SKHG!nC;*lB?(re6=%Gzp05Od|XU{`Z zATl)`g4c}aQ$RChfvn#mD@%dQxcn;mvYK0djG^ghJ>On}otSj+vMu3;a zGPluX=vjd|sAXCvP}h`*#8p>YO_pgszARofOIR`>7K~b&QSgXh402}g4hVVHP*+dQ zxsufB0m(JYDNftmgw}Q>uHuLh8by}O)_-`N_FblFObRlhlVH^b8T~Z{geyC#W5^Cf zsifdz>Cd6?Ms=ILS(a-$G4((Bk$HgBvDGkUz{K`K8r_+9nl`!(Sg0TB_w*W2!uQysJ6mpF3ZdlKd}{$srnQUC>W zKs1D_*W0s)Oi7zd{aCGKXmlcn)MKAM-<~q+cyhKNNY$%}L|zfG1N$3D&P2z**V4vq zV}OskS;^G422CliPzf;bpFJ73#{`|L84D4_xYLf;LZo$q{WI1 z{WFsIG%!oW_KwxlxO*143#n;{U3`Vd81aYY+boG81hQ{T@{y@yG=z^g zYz5@vECain`g)2Tjoowzvv4^m;z!BDp)lF;zyFbWO+f{BZvt@LY zrK&p+(*=;ZS8g*C(dL@w!g4eB1azLBceu>-*KR5vDEqPbkTy%DP6Nb{^K45xkywSX zdniviC%8t;4jB6X4+b$H%VoWI`{;sTj)u7j;q-nBqSr#$QL%9C3)M$VQ=FjiaTC9e zDRyODA@6FC6AGk={Yl=AM3vNnuWrrO$ZZj12e#e**)>7=!SUpSfFv!-FSqRB05vtY zv6$;0Msl9{s(0;>oVl)TXB(wqFMy3Aa)vjhWbb$%5-cnuk#s(?XU zs6({A)iuoQ=f|u0MCwTa+jtZgE=)m78>YhUV(MmaC=@DR?O!ty>>fKOlb7|X|0)3w z#g_q4w^!vTs&Q;(*m3u%mxCsMv3 zNjtyRaF+DP_TbN_E-{cS3eZW|;LRWQTpmMRNQ}A+ zR&aqMlyd4Knt&N*Ze@sP7}x4JKkA^-SC8e>BbJ=Z7`ZATZ|y$OtMlDFl%}R~m%Fda z!;)j#MBm8BPizHBXE9Mf6||yNe5T{RrJ17`*ZlLSS~y!myeGPH-vT7bAYM9bT30U;05R46Ii2f$^)@3bupo{)JK| zeB~P&<26P$Ez3*Iv7Z~BmHtjINoOYz>o$*h6{`-o%H5Ss^&BR_2auN|MaP?)0rY&c z0E_dvv7R6PAJE|<{|`Bx1yw*3$n~Km{++Fu$-4UE;#=11!~ApM7s@>v=Gum?7;-k( z=Z?OMu&Wxh-JLt_c|h8D+=X-b&!A$jSgtPH288LTtE@QYhy9jA=Km*k=mvq^>`mYy zxW@i=`Dgi;P;RCTpLAy7<1%;oU0ncA2u5+HTCZm)8U(DAN<Nux~bS2T17|4Mrjeu@n}UGNilEriIYuuu;B98_2?*|uO=RS zT%Pqg3aRh|{uODy2{3qeyalY4=$?Yvf%rH4c0JQb{2m{_U%3E2Exty30oDB2$nDoy zWH;p{RlFC;E#dJxiLXk+DL|k0_D@@bg&HTbyS93{`4}f>G%T@?ymnk;39R7&XMH_`;fx^>Y@MeCbzuA#Ii#)ox=Z z-2B=9KLYVUpb*w84E8zTdVBjIOlP0WU701*MV76H%S4HN%2_gyN|Z>bfpGWfpH@qE z8(LFaaveDoI^E#H?-Zw}t?{e3g`dW{>rH;hl1 z7|;J#z~PF}7YHsHPZDTZ}uO)3h0}Lq=n~?f;uX z-0S=$F}FPBs>7~>w^|m%GJ?{RSnC?-F{S;0Z5D zVuv6Hx7aoT%w>h)97Eb{VGZ}>un*a3VIGT=5&AUiabR77SPHoswMkPk-~9Nl!v;)1 z&i8oMxbz#UNoI_y7FUO^305yfX+L*@o1SEZ4)PQSFQf_=GRm_*{A+#{+Hu)l>$}hz zT;jcwvE?-5|HIop-d=A|#aQkW=U^Zwv*)ki6hg|%ULhSsDm|H!{kgk8v zOmLoKvKB4HP7(PFAOG{t>6{AMLgB8!QX$(SR)i9x8fgUY+x6DxLfOkGR1=Q0Oj!B- zA?BiHY$Qv=p!9K}UP!<9!HWhnJ!;x@W;LWB!R>CX$ zdqUoMtc1^0HHRhPDo7^p5+j&)l8JkkihGiXdvj5gEXmHi8$@9NiCZL=9JzT=aN;NZ zOgrmRT_i%reM60qERR zq}5W~O(6IY+&4>CBaVX1M<^OKQJ||UCMin|`>Q38)Sv2EM7?M!Uj zwmGq_8{3)Kwv9Wn?QHFT>#5pzUG?j8`U7_5^nOUQm>Z- z-n%&hh*6XBx$`A0pfM6hQ=V+9?G*3#{C={7w)et7cu&wb_jx%f6=jv5?R}_yz-G9N zOV9HN^@&aVhLwXs_{eSM+wsJ5Ed*ETQupE59XS>-(BzJCVCB_Nx%_hdAQ+7z>Yt(lUX)~M7)2XMM^2WM7M*s4iGMxZc}lky5IGPh zqci&^Pdm73Wth1i%s5{Ex^;`RltFIA^8$Z%h9n3KST{Hm0A$8bON>B~b|L`MhJ(ay z53>Ry+{w=wM%ig4W|R1zbfN3z)jCq_;n$u3&##2~xgWnf_rhE5nN>l~0%CM8xZ4 zW*&56GZ~$0bftVB3y~+W!nsgFIFNl=Hm`NFa&Ur%VC(>1F4X`4g6>^hYK;Ml>H?*1 zO0t7AW4XaPh} z-$TZQ#^Y4QmiNfh3LZ^Ay}ZO(813x@@uz+}C5XLe?rs%>#g=q^6>?`BPsT5b?1#-W zd;p@-%G=f4xa&RiebOgrYGxpk9K+e4XLWxhcpJscf}2OiHKn8}x`qlT^eEVm^#&by zE{k14NLu~A(}t$ zD{f)+(u^bqASGj~{DD86)_o%jV$4CVqh=o42sS0oVXtOZARb$scbb}~Px z*3Q63F5{_LC|LAzPif3r zp$}?EDFh<57G>S0JhIkp6qNU}E)4pw zNyjC%5oGg7Nym}W4`QWnB#WQO)&WuMLgLwx;(Nt>4(Ut+y9Jf z?Z1Fvz#PdU|MF=)XV4+Cb+0c0=?qfRG2a@=BEQqu`*4m}>D#>fe@#UH$^UNo?dSJb zTF8BrO8h43OEzEOjPq+q=p4d&1OH7kP=kb|Fj1;?pT<*|ZycYUg*P=_eRH4Kks6ZW z$A6t`G+Yg<(jl8#iUu)Ba|nbmZYow7vbjtCtWUWK{CK#0RHC8^^cDO_==*sFe(?Cc z&YTq}2DSx$K0iJJfsTRxA1gB}BYSUWbAf2~-m!sSe)n7+cQ3<|ib_9^^#cw9!nYSo z$7>Bb`Co<)@yP*U3QBStF;HZ!L19BCv1E?7#-F4RvZ~>#N2xsXXZ2x<@u9wvsxx;j zOl3NfzrX;#(7(mgyBA2S)5Uv$i4E%GIr*l`mkd!tr3jdku4#e1k>0OXZTA(GCSy}o zL4zg@QWmS0h+_{W`O^hZkdqMl`;Ow8*ce!g zdEMA6t#+~aV2Zk+yr|0YCJ3~o#LuE2TdPx2TWwX~HZnqOpMNlQCN6Zkz(7|VFN+e# z5j5I&&YQ9@JGZe5HY$Vb*T;@Ul0opne{=L5LFzWbr!9b0(C7~f5Ltt2mZgU;;@0kx z7}wdYNGGd^Xr{u;7gyO0!MSVnXw&IjU^MtxHs~w+Vya?NcC@U!eX)v+iGGVUd<33y z(KOMY!Y$7jRl`FKfNvq6=h5n%i%hkuU@8W^48S=p)13|Ne{rZc*D*N1q> z1Ic|vw1~?|OEAJ+ekCpWjY-`I!EAHS75ryqQfzNmW8 zg>=}8iLekN7d!I1QCOZt?!}m>7A+0rbSh97(d=41i7#i&7rlA~`SxrONW6Kr(a0@D zIVD||9Yg&VbSxk={)}&LFeef^a{kL?m^ztMJWcbr1qJ~(blPhov;)e+PPx|Nj#b5* z*l0Iv7TEMu-KShW2emx%FtBU|au|1q+X^@~Le@hA9GJmv?dhB-%V4CCO46+qiD&j= zO&&xhkK?BLXAV%ACcVb+hG#IuX zac_Nu{M_GkmZH;zMMzK;dV=wL2^#(|Gw6!E;q{2MJ&RlJQ8}JP%!^K-XQjr9XiT35 zzMq8Ktxm)cv1ENkka5i`N*w!}*iGQS#^fmk8WJT(8X6AuyB4%HLH&F z9v6Q_iEu1U6R%<2Qcqm|8kk(HqUEN9cmXd9QFGrYNoz)N#(afmfUA7-3R7BB2R3b= zm12fzBh}gNnu^nudLo15&%&rT@L_@yZ;a9}DV-Xumqk!Yi(u9C2b0QBLd#MnUqYma zGQ?VMfD@SwF#j1vl;yh9j)!%~Wu>g8d>(_4eLP_YaJoES$H@?_ez6QhzrDrLOh}h$ zrB5_b{-@dQVBb>D3Rwu zuN>RlJ9NPMz1J$1lTfw5V%0Y5MaQu;n1%%wX@QbP9t4dCi>|>fFDV-X+uGU#$Z+m9 zCOmyyw&20Qu_Xf@9WH0=1LZ+P2g$T_xu%y?Qhx;|fn1-T98Uzgc1;a#pV+Pkqy$+Y z@^Vv0G(jsH<$1$Qyys`UP4;7o!sE`Os5!%|9F=C-BuzetMi;Gxbim~7l*DVz+ulXl zgDGU&xyf2>{CJVbc{;vN8Ke}q;y%M?^>ZT92lDwX!%b%G>L6gz{ktGzKXiJTxfg?r zE|Y}@`%Bj%_1aBjM5u{9ni^8E=SigToKoNwo}NZ{)UBHq(_8h#jH?)XK^qq)>5=HS zYf$h)1nmyhAM<2(z6U!aSEo*2Cu;a&*O-2vo(rMkWf@by%qDipCJ@36g@qL!s{^K? z$v(O1S(uWA2T2bxs4?0(GTJ&{02NlTEcazaHFK@nBiHX7MZd;Z66`Q=CJrsgZAslN zNEiVltBRwx#4P^3C?Mq$F#-1rEc#RtS!dGQXl4_L?ERctxBds>WHZ-otd|} zM}2o|K>ZzNd}b%uoy#oXKBYn$y3$*ti<&H)ywLCwkP9*FRnN_Pz{0HNr1p%*M01M) zc5Ql1@^XL$N`J7yqy5rQG~#cA`w1bycK}#xevpk;OB2r~Y06DoEebE!lkc`spdV7l+f0CTih)VE zz8{pE6bR<)w9tu(dN9cmI~v_@oT+j!Ux#aLuR(q?MbVrz1TRUev!qIN7?Vk3(0~yM zv#rfyfGiP#|ri#i>ueQEwZ<*~G}CoF)fO6zemBvlru#cDqx3 z7J`d!J&!jW{|eF`T_dE6MdGq;N&(fZk45S6`WaQ3>^OEj&c+_{k!yGTK-`H8#w6;Tz|Ddg|E z(nGwBjiel2xUTA-dSdqKGF-!!CI(!C&J45>;#{IRX)b4E-9^Zl`~#*U3bvsXK?AIc zXiJbg9nBdi)16VQ| zYPmPbkzeSn1FPmXU<#o;SiW( z{dTYMX>y4Ea=zd6pUH_B00TGEHVW@tSCkgKma9VB%T9o^SGh#`;o5Bn#?F z7;K6flMooT$uZ??9&tgd7fuq1ARH~RiEoC`ZVzL(Bn;iW(wqNU?sm<Wp}>WkbEFSxMS2>28mS zk8Lo@qUk%-gl9*_HpIH;xt$c&YDMc> z9<^HI5d;admF4?5Bc&6OUZ7_L?-dC+U}-DB-fjpi2P1->S_1AqJ^RM&Ma>ife(*`< zS8!O#_bcD~>8(|)80c)w?8)grk&SN@))a7IsbW*PxPH{8;*aziRcf^Ijb}rbmj4_e z^Kxz@B+Gj^zds8aUYjkXUvm6Csx+7MQPQH58^8b&Wq`}tN#6ckhahnj{>zrj9s@*% zEyunxW=bqB)fgFpBipz2N!UR+_neOac#hvIg5*j!OPCH7mG~Ly?TC47(!ItNt)}dE zNN1!Rj7C|;<&&)!881l}-*FL=F5(qAwXG#{N~$(Wn#j^>($%rk{a|XoYKVB_;8<8T z`Mx?GVs2)&O9tnJ4B$^>@g0fabbx{gaM&vuPHgi-QAXEo;ISmoW^IG*b9 ziUGAQQfHdsn#QjzO?Wk}B6|7*HcDKl>aj^iDYAbUEdozzMdRu)_%BgA52|bXn?M~N zPJ?$q5X!5VATKGE*9i+iNn&skEo1A~&!H*C0Oyu$V0FdnKa~*J842~cvjU|f*E`EL zfafpNZZDAwD-U(D364MU^qUdP&SSPTvXru=#@(dT>7ZdF#MEz3uQ@}wp z4YqI1jnsfZ^xY{`aQX3Z)Ge0NC(wMWu~J`^HU&8`nhvkV1nmXdfEVmf5{U>Gs&gi4 z(JcCrHNVuV_9n`|BU>^~5JzT0RHoe*Vw4Z2|L(c`PAXK=Sxh}!B;qWZye#;@pn>~B z`J4DUdkY%yb!)G(pooV-cIi4wOx&r0Fx1_ZIZ{Uwj#>;ABVe`EWAdRn92lzpR|_GM9cO)l``>HaQ^!V1ua&FkftleWJpsUQ)BhS4d~My&Ft;&7_c+6-16 zd@aGL+mP&rPDyB8#d;Np!TT=69$aplST0XcJy}Uf<7v*mA-?k^p^R1Y*J9KcZAI#-~9_; zotr=25tx%St|~5f!3%!;!amHW>X%;MPv|6`0P%(o6EW850zwuEFNvSW3xWt_47?qB zN53T#O|{ktY;{<|g@N(J0Cc*ZlJ0p{IYVkcMMc^yK1Jroe&iAraT(YKrA#6uf5EFk zMTih?gm|2%;!ZqQ{rn7*2|TF`+x>=&A9=}ws7-w-6W zUoN%VL9`K*V#d>5=#q#Vh}WnvW=}*>-Tztf%-s=UOFornOTl5R@B#cS&i{h{WMc*9 zywvZBf%1noEz$NcD0I&A6k+_NufTz{I&_ZDNl!fpA$%Z_J&@MM@(OaT5%W9RQ7C2> z+v;KLhrnTOL0yD9g$-qYbwKbfIc7G|v>yh`>CD8jZ;dBg-Z6YyAe-{E#SegQ&KW~- zY|XD!7?{2I)RQx5`NeDh;^%BhG=U_9PGp1L6(Y}#cV|Nk#3(F`IVY5$gz-`Iy_cP> z5_J$xJDF?&D^y)BY-&jGp+fj2M%2MWx9%i>n=`T=le;nkRkPS}0f5a-o8H4!ZW-UN z>*A~RE39cN?!4+;J*P&r8NvOBqZB#I((=O9d#OL+SNLN5E&sP2(eaW7W3I#^yjHb$ zH%bNF8etbv8jvkjsH46JM;*YPKM0|}rL$b2m%1!s%fy)nw=S)nSwTBfJ=XKXVQVvc zja~E9X1wS@h_1x$5h&z#=|9t-nsu`sbBY<{=2b+~oi7KciP z@%hmn@~83X^O)F9o!!*cWdmb~Xv;G@NJMv$?o@W507b_t&#IMDHhr3|&Jaw|jO0ej zoEt4?eH?MjbY?sT7F-ls5n05l>`iCJ+H`xi#okN?FMpvJd!)LFctB%DPUpeoh;)T{ z4_lHH@_>hqZsSx9F?v$SLMlE^PC6>hWL%ufTgerK+`vVX4jtqLc@ykWb)pL=f{p-$ ze6blycmAJ62r9Wt(;^r>`8Ib{F-na%(GxJAfpP*-^2JL-xlEPU{+cQ)AV|6FRn{%M zq6LcU>Zxhj#SWe{y6ZI)!+!RjtCgNu`$3)3$q zCz_1hg`3mcPsjn^+3Xb+P4IiZMhpnZ6$}@kXzLpwD&k8xQ38!-oA5B3*3ykR1nGdH zMxAH8q@`^-Xs}|^7`3|2lzSC=EWsj$t~p0EBzR&JJIeM}7xSBGI40Wva=pAn01KN2DGkUD*b*?3qu^fE>u+3D&B(WiLMMG9E!9J!ab@Alt$Of8_PI~eu&D1?c2cO-~GW%oM9P+=U z5_7VAWqMzC>PQNisKg}1s{>yN30nb)!w3U6`vlsPys6Z47(CyHo)@NWs*WQvYj!J` zEvwaA>1M~is0h&S?LiK^OfxSQ8uJ1#_OH>q0a1P*Nmwgmi_TWV~_O;TATrt~h z9@XO!3pxnH$3A$kZ*v}dc@A9yUOqSevpsXRH?C*?n%^(yk4oi#bvgRAY&JMAt1RTc zSxCjK+@Y>1F}8PgE3<1mLcl14zB&PC~H2Jgp<>-=%x;&7tTHdxIu zh!P~>5x|R;BV!Uiqdb8r_;ag>-$B-hu7@|7(GXAYLWne&I%MwVoxIiHPvA#R*Ya^t zK*R~42mqibS%wl%ZgJ=C%v2v)l zSWjI(bXVw(N1xRy|04OBU-hXJFPXZn`Z#?B^NO83nby%-u7sFRMh|b_^7?S88F73z zIutLmNN7-yx`2$-Lm{wyTGA|D!M+tl6uiDv$Jncd6Y_dLV8rZx<$gTm6 zN;&uy3Vv{5IJ|e$gZt(k{r&S(yTOLM@G~&}$-_g$rFc3OI5^z%5r5&)y8mrDbz^1R zJ)w>q(ex@^;?n7=lb`g_s&2LKz7Z_dZs+Q@x90#oxIi1?~D)%}s8h<8KS5P%$i=SS$aXL##qTUL}=Mq25RCE?%)oYoxH+G>!pEtR?;3T#K^F z&S4mY;>x|tlVZLhRX?orHp!e;n{Cd>xdv^TE#)>DQ@Qc2w*V1=kZ)fUAGTsa1=6rR1`l{(In6Y3}`$QHl z9>Zt-jw7=xx06r&T>WKBIp3odUvjO|$a0i(ftIITITzgPR#yE)E~3uXZy?8kREXsy zaouS2Bi%E?z3M(~Y2`6SN8Es{X}Y(?d7B9j*I-UDumNzy7Rnt1Y(gR7WV29&V9KM> zerQ1=n<9X0rm;(`d@-}^Z~8zxK3bezjUabN9YZ!bT&gEQYS7kuVFYux}-gzBN$oq{Pi77IiG8L$C!aICFy$tI>YQpLJwATa05!R#eJG z%o7FJ74BF-jLE0-VrB(6qN^cpY!VtFHW9Llg3K<&<;7k-xYt?o_3L$lV(tj0Ke1jD zrsh`&tpfCyf_pE`jE{VM5p#YUqO+kTL*-Xz}AI? zN#!Qtr{zjY!cE&ijMLi=I{7qPC9Q*+!^H{B--YtKnoM!#m67`iS5h+Dm&FEvqCUch_71UCqAO4=3zf70idR@43ixYW7jVkPpFuy1Cyi*GsLF`X55a>Y8zxI?dMNYfY z6wb+v_Ua%SlmB}D3Kd^>J?E__`iA^KY%hKKvQV>s(ii%Kf9@d=SoC!T^Y<~(7j@^SPgx^`q(yaE-ZD3=wgCUpkt{0)gvOv5X zAr~;^(K1jqTX4l%1UYv97h9;0Kv%MIibJ@z@-BLaQ`6=godmk>Gi*&<(|2sU`ZI3C}C7Hc32+COeof)2gD)cAR#}mwc<}MC`pl&sfaU zZqI`q732?wC>b;XeiTR-7rtuy&+Mb2)z@u$2Bf2NR#bIf)9eDc#8rsHKWlxBgB%bCP6biMS-=GtiFR?v^UBu6!*^(Z#_Dvx*2Ny|OgtSOd41!E&ZMr3 z$-|^(w|0B1H>DiYh#lZnR)CG2cc};Q;J{U-qx8@qi*u`S`UxL^#;LD}Niy#9VHY^x zUuRTFNKSRbC4!V%i< z4iR5DTkcY`MGjanH5@+2QUi4}j+26IsmT&QfiPfhN(aF%Zgr_Gkp=}q@!>do8(kw* zKSrF)e~BHqVitR8&ts??Nui_f5ydCY5})~Sjj5N`tuqyB)0r`@{+Lur1wDM|CAjm% zK#MXX{Aj&B!^~%_J^pd$u{*``N;zGv@rUP1VZxP|KZSi8aumJ=D(_7@8-`r{Mt^Gy=OaP<~7sF~I9Vl{47fV#4x|B?5TWVG#X7DUC$1{J_w=y{?| zshbp1?%DIuKcBSNXInTnYIe4eF<>@ewp1-byxvcb&3&MCf^ga(FqR5Br9I^fEgiS9 zT|$}GaGUB{rp>pU*@d`bb1udAcIylnMX~mM`lB%9lnWI3K*=uF*?;Ar!`47X0paNN zCqIx+k82TS?h&%?$x2!Kn@99ekezEKW1}fcEzz@a&W**n3S(Of8EQX@gA0Kdk2!ia zcNpG@brGwNN34Ig|2uw?FpP@)YY_xc=TjaiET)GHBQHg+gqH=4LF%ZbjS=b&ew!VY zX%uyzRhjX6X=r!5a%(qA@sa$`uY!5>HtujIpm$WjiZmz2H~`E6r<p_+*f)+zA918Qp0?D+HE4s5J~*i1YXGwGGw} z93k^}N~Q82)GoNr`~K6!;PF~r24ii4q;0Q6ky?iO_!o#xcD^C^>)q@He|cub2B_&k*P_>xX)&4vWT?jse?Cvl=S{xW$sNn84?knC{HLyTe~?$g3Ki zVs2s_7O=s=eDdT3CKU4a+PI39kTt$BOG19wu!M zOTALpL2ilXpP#dAYG46OX8gj0_!w_-n5xV!Pgm7W)ZifdBFny5_YR-ysF-W3pex%R zQ8k0~L22+%y|hAq!Hd^wIh~%as@Vol>>PeVbcZZ(sr^7p3`i2o=-8p@e|6p1;#=2# z-$DzReQgt21~T8%d_IM;sD3v*F%Vh?OBNy3vEL%;DAj0jj-9CqWezhc=bvc3^I}fP z^6LH~zGn9*%5|vafCQ~%THT~G3q^>ulLVmxoSZ?B?g=h7(Y81cQ_z%Z<;_mKgyg~x z3c5gkV4kom<1T3dim)*4$WMIY~@JMp@v|RqUEeozoi{6m8x5^a_LQz_sFnXJc z$=0MYz2s;f6TcDz4pWIn5Wu`oi61Ln^^r!6SYV1aOd zRz{CzNO0Xt`Hz1s{d^L4r9cFlDK|MWm>N|N-NaHzaaHv0_jnbtF^RRWb4Hl zh!tj+Fd2ARSmgg+sYhFj!WqMO#kHuaU8K=pi@UZy?R|0Dos})g zz&@i$i`%Y^Sm%*316XNDFN#BqSFT89_{%aLuXyJfBZK6< zM{#sA0Gv)`D<(g3>8*Gc)3F80aeH4R#`zv0U4C8t-leoSRjBU~J7hjM6IFtky=;Tx z#-f3~J!K{}nrCX$t?k|#hy!YvhJfoxM&3Q~y1!_wX4jyZI?E}?O&?2<%4JG8E6IsT zsM_l$8JbePoK+GY0cxn&`&$Pf&VBA6bG{U>Ol07a_a&GiURS8sa!H#A6b}OlnCf8o zB|KIwH;u;$;1Wk`uuKbIQ?SX%M7N?+FE+dABWY~$`#E2lH0+e<(Ql}e^qYC~ZFp&H zUN&$v`ml?;T&VHRo1=wO(awpfWa~SLR^U}XF8!do(*<*$@~vT(&*Z4V-TEsw5{V&4 zn5(~5j;&8$T>sa@^rOu$s$l2T1jT2EBUD4Ng8_N5eP^P=Ds~M$H~ot4C2RY;y!$xu z%ckL2ny|8_(Z5p`FRf;C5J1mom0*EDATZQV6seyUkPC_$C%W#gOdCI2)d}-Xje3$@ z*l^`uY-$J;2SHb`mkN}XJc|FamA@R7l-J+BPL$I89lSmXg_dL77C&9DN}5*oGK zf9^Y#3mS9Epe~^S4KAdqm^3k^0@m-A=>{Qgsg4i~-pB9?0YRE@GDQps0&U1hD>1(g zYP^ol3Ed<8CKvyzJ}ehn-BOJHDNHs$ufiRa=Ap=Gt({y#N?;ZKcrVnQzkJSL?F{i^ z-Mocd1DCemx!H`SvIV`&>+@7ns{t#WlI85OSz8IfkP~1~ZE)7hsimP_$gkl_arZq~ zKn#h5tXiVIl7{{JUG}@EGb1cRCk9YV!ef}tCd$*dU7EI+#ZsH-2hDNa?Jco|4k1(e z>(juaXfbM$%4e3J(+x23ly5zuh0vTG=AjR|8SHGD#NJ=n{+tIv zF5InnucMjPIGhQi$#W7u=> zC)2-(7cEs?gwp@6u~<~D*pZrP)aLA&X=<9!G_7*t!dH}1TP!m6kfd8=Mm|Wg86ZlO z>#6rABJedM`nL@pFtLgy0Eb>EX2!gwI4eB|rHMa!7ok7{!CuE#d{f%lDUZL{dZ+f) zv>>_2Cva;Gy?;B;a>&^4i;knh@wL+IT2^q5xaPa{xAf{WM`y2*$w@>N^0&zoRC~Ql zoSN#*x}n8%Qo!0jg^R}LPb^P`l00<8|8M5 zWObvRp}@V{2vb8QY>u78LvaijJo(SiS}^Wu1JZjufp5GiBGJv`Sv|Df7w}H~0XflCjyp>~~Jq zJoQGUJX)n-v;UQ|aJfeLMz3o1iahS8rg=`%IY&x%oO)N5`i#ZLrft*FibGpH@SH1! z5@1MU*@8P;%85pM5@*UE&y}StbK>09sitkI+I&FEUzz6Np_4cGF!TCcG)2SW@GRTj zc7Rc}-R$dF%0K;Df~MzY!S!@DbVW)wqQ=gyJEnhOK;@bi3;|Gi$k{K(r8R2 zh3YM)pfgb6$X$5IoPrA`X6vCx(p~pLHF9)jk{5l}h0pvq%nMzl(Hyd4tZHL)Sm9*v z&kQdxySy~5W`Jq(`noB#BrT}a=9Qa)6U`a5YE}gn)0N&W22=gKNE?J%r597z$5%1+ zN26w8dk64296@eg)Bs3kHzNN3-cOM9XnMaJHb&8f;uP%X`4KCqyH*fkwk0=l8lm8^ zM*pE=VR2(X50gbV3};b4V8Om$QkB-VSCr#&`c839Hh?{x&3cO8*F!W} zHyhGwo(iaFQ_{5M8rt)_D56_F(;bv~+#__tos~gyz{}k;G62(fAbSkEkK#K0t-k22 zQBq+~Yp@Wew(Pc$KaJ)DgAGF{2?(!?YOL?pi`Q{NWGz;!P5QMgqJkWfm8Fz`Ol4m} zFc3WaaBTl*=ej&E3A&jyTSBEWaQ7ChzXF~E&QX?gu?R34q+E)c_}a*$qK5pI<`j6! zOhIP;Qsi)H_;O0!O%$5k{-X{$^DcRo}ZhOO%7FLi#>(31Qt!$Cw!^H`4%m>2lz<* z`4$71s!3Sf`6TZ+e@+jqx6tNklhr8mDfJKU)F|>v6-;DfhQol7u%nADrIFFFNNOQp zRF51C;l?KKgDH<3GZNW}afyjhiI=AvYZGiFcW*Sw`32+$-X=}1vO-H}d1H&2DVNZE zGP48d$LrgOcTAqr#wPhrOyZ6Pb`+ZCjhKR{6!>GJ>S7XejaGIdsA6+H+_J5{nv$Em zMX?Q#*0Db8_%hofFS^B298nNbQdM($iC0xnrvC_O5YTixT+A{lJj>{?DhizL^ak|Fhi(I{~&%uyYx(k9w zk4AgGfBmj!WYh0z@!J(b&MW3=!ll1UCHPc?+M0?iM>W9!KS030^~GgwqIgjlqUgx3saKLT z++-UW>UBDaTPjwUV_mi@nF+1gv89a2APLKURbG7`2)|+w!t5Gc$>c{&0ias21sX7T zs$&t>aT@7AN{}#oS2epmg)4n8Ly3j^YUj$?qGUNhl{tj~fmRZ5H0lX^x zy2Kb~?dtU&=zrJZ{|0FnU2#k&iagmPD~dO_(*v0r>pZiUup@PnAye-VdpGy`SumoWG+g|@IKSuX3pZ^xY7+>Fu;LRmK$aM~kU=uho%iB_)dUyKrno{^re zG2{g4jTBh2^Eag$H9S+i+t59oa-Wou(a}5+3Q}fi?ppRbT+5~!xQGSkp67U@D4e(m zF-Fegw#?BD^NXo$EB#_4h2(b}>vh`lgz^BvWn`jml3P9(tG@?s*Mok-w#zrK&06x z-_dlrbdEss+NM#5jzBxu+>a-u=Ov;@Ob*JOBi*q!2clny4z0<_1kk^bbQjRT{PR;{ zjTXrWS7Fd4VvETRv=Gf-IQ~$D`~j{bI(p2ER5(5*Qecfvs2zafb12 zwuHN&PrWA+`3txV{ZM-9GASn|opV;PI2eDP+)@kUz>`-I<~BoCF_-O|UwGZjd}dm( zg?z?evQD1Wwoqk9Y#3SesY?|c>{HRixf|H&GSY846t2Rg+En1zyErvo`P{{)W32l+x56)9XLtZ3rRS`Izs zI}C2fUW5~0+{tB%xeDvQsB$0blFVQ`w*W8mOFW&)-a*`X%u&-;bWw%{Tv>J!p))5n z#_kgm>rm92E=BG!6p9!TDEHZBO?6pSSNGotT^nq?^|*^s#OifvOfGOF(t`2|%V1lk8lfSJiejtTx&iWcl-KMy4t+DT~x0 zO%vJT1L0rY5X>LMk&q8aZ|@KR0xLcEhMSA;~{c*ci55evacb{iNP51yIs= zC17HnF)E$76C6(gzF&iQen#veTFh+IPrYJ$Y{sF1*B5~u(y(uAnvc-{Pvf{X$yiBu zF(5%HN9KZ85ukvf zViiujLNDeBYR{Uhvd6t;#-UhGDelWuaW>itKB`Qt4+;ioH9F5nHVq4_fA+QVNabW# zE{>Q7fr)Lo&?8VfmfRFAXt3AxQM%*$iRrjIXf(c2Ws%4jOox=J3^j{Fjog2oc`U&5 zTMJi`33|Ohu)~n;E?&9iz-HpC*y!iQ_DzvqFSZul?JsrFruCp*aybSv!n~U$ID?dkwZ>Mc7_^uJ2-{m!i z3C_YzUtvS2QD-x8scxYb5B!Q&mAQ<0`jG*v{w@Hb(u~Mj8{_iVu3~TQ7da%E_Ci&} z%F&eBM8yMbZ$H~F3v93C(45Pw+6Bybj&R!hk!Gg+9CV&%h@kpe5^4id_U|_6(M#KV`mk*>A^i$WR@?QEnlSu%|#?UbEz zxsFlvUuGxecXQ{xMASvTj%efRa&|oLR1~eL+wG?vefBqnxHfi{=TM6^NS(**@jTX7 zS>R0R=VM))I?zq-PmS_mJ01g@cmy?#P&vF^VUisD$w!x~u<)%uI$1Ikh`yn0tm$#a znq>puMs_vN7O(cn(*u{Uyyl=~p*vE|sY{Ng7>-^Yc8+?)wqde_=ecG1W0_;@1Qb`| zAL8^TwzVx_vn|GQYH;k)-@Ys6n0kf43`5ac5wy%Ra*=7NP1+?!Y*$bOx;1c?#CwNeM!HALwrIck6YaULswey*0 zA8tf2TV9e>SEt!cu@}+=75YCaIT)k@g4g-l%^{g)?S^YP4w%-ncUhtKO#`x9t*{=WCsNMTGjcjuU3*7gKVMfxalyTyTWP;E~T*mb>&} zJ~r1s?WJtJd{aZvyK=77RD_GKj>?1=<8Fz(KUbxAS2V9R3@O;Z(eNMU2lGyvbNN6e z?f{TbE>ILwkChcvR2>CSlnl+S1zkgr@>2*c8q;9;@oWNRSgW*BhWUOn7QnYkfJ^We z4CVrs0*E7*o?oZ7ZJBU=)cIt!9W0V?G9#S))Iau+sd+htMc0MeiL#Dl?>*2paBD>S zImG|N&OIasqW}gFj&0kvZQHhO+qP}nwr$(yA3N!yUGxy|Th1Y-Co^XQUYB6^^7}$^ z-h|NEtuI7KFPmEP9}Vr=*~RXh^B!hz+S^IqVGHnOY}_AIPoW=q-X%YdtsyR(_X=j^ zDjp|eqRt>we?0?h*xC(gW@5ht;dMI23zS5ToA{;$dyp71zMjFgftnUiFG%R$XKwSg~b2K3lPWs3kPSN)}L0g%nIx4(d%DsvWtzg?3(FzMtiOx-_2A`$R~B$ajf8R2BmwGEyT(Y){BtnoEHd}UD(Av3^yVq3;*89 zo00w}-ah?8dM|`e%Ph-~KM7E~$n*LL#Z>m4pEX*Ssl(9_Qz5G}oUwwTj1UFAkt1#F z%4n){nz88kOxlMU84PeC4KNTeUM3oqb~G^^O{mX$s{qFA8pd5T{rmBI+~T!oi$$~c znnt`>Z{QH0tuR_k0nswI3HK2(zzih)I9j24M4WI%YwRF(Z--!o7%>x?(rE?z!jsS> z^Q^heaQ7Lz2dE$3y0HK+<2ZqF?DVOd9!B$>wm2{Bz@EMH3a8-{YKMEf#C1hHep6Z% zVvC9RF%{8FRTHXqBuFA9clRd`*Nmky$=maIpoLe0o3w4JOjK_}t#9mGzA%vt=L!d1M^h zj}fSz5<^kL0InJ$I4E;s?$~VMX@#H>?W07nom$no#a`aj{Aj?s~0U6V&f|F*nX5Uw7K3IXXH0)G{+WAiXtm$lYdKj?F~OYxZd=Ey8+07 z>?iD{HJcugwRO3Q)*l&-+(SXaj4aI7065>Zka*(Fx@&w6>wOQ?tg{^&y+8mj5;Kpn z{`J)#wg+(oqr?-lSx}YVEM0+pP4TGJoCCw$n3y+=q`L_=vZGO&dE07XE7ocZRsX&M z$-Yt$SX_MB)7TY3JL|B=PaMAtBkQ5)LT$^PVju`;uEVRVkE zE>;-?e@3usg+pN&f;KAJ7`CTqYu~|!tyEVUA z(ZR^fB%!ZqL-olq&{{}>%J1)8&wct|?ZGv2cul8}E8g1W0(fF13{H^vSW8i7EQR+n z3dyBI6T7HlfPupkI@%Vmj$DVaW$o2#2Ah~1pxsn=Ejh1k$W}*1`Xp>&S-vJz0~$&z zZZd^(Ub$a@FYB^(v}En+ZjR=rEi*~NWLeN}Y1#XzQ=y8m$gG8qL>Vq>!y^{pEfN)N z_EawzzPw4nSqU`~czV^-K~-Vp{d6X5*5Y{=;juiM*p~$5_`A#MIlE$ygR`8fctK9B zoMl*N3SYOtT@H8JZ;ne??Esd<=+ z<_Ay&-H#{x(%wtbA#z3SGAqDzj`is}8^l8pg3WzD)0n%@tH|l+ z2%^i(4o`$Vj!U9)dO5O?ulJmQ)<(}}^4q!VH;k6n=!y?iy?#gJOkjDHsP+VHIxUAS z+A#ckVbN%28=aO+;>iVR%zu0 zxTGyv^c4b=FH)-MZFrepzkD*u56EB-7$-`vrwx81$aku<3r0Sz>UQFZl%JFSOh!35 znqM!|F7IC`0p*mZX*N4MW3h0BD4|@)-^#M=B#~Tjbhn3Q|MaHFjAepzC`ecw$BoeP z(G)nN4lFu6S?1E{(je; z#YQ_3lN3)Nd(e;!*bBG;c4O${%D+xsV$W!%@XBwP;u;Rk4{Fv?KmlY1kFs>;pzG?Ny)jdL=7gnZ4ro9KvKGHqCmj(?ITROfSekqY zB^#T*KOjC|Y@{IhLRhUlgZ<%~sgaUEGwXvaH z!I6o5C)EI83MYbR{{Z4kH^eJ;PeFeXgx<4h@p0g?SG`qffQ2^`OBT%|ck}@0p4Ore zlXJ13w`!3p6Rq&0(A5A+ByZ3K4d>TA=b$E=U$8Fxq_w7Iv zmS3m&GtQi*h(Y3EWc=lKB;`*lG7^LMw*>iE;|Y(Gy$51z z%^D}lR>A~vz_KiMp3g8m90swEEHE~8qx2o@j?Cj5ZF}68-Epkyg^5;GbpP|L%bwA9 zw2IZ!`Ih9y&Km3%V!<}_b=6oDs?P*)qK@PMgVKZe+GQZa_$x$j7v7C_Li=7@ib)fN zCRz*h1c`izm9wA=bG<)n{}(TXy||2b7}VqS@aX$xJK8hzZ(3__9*ff&HT!|gg^8?y zhUDz0+yGgnMN^)Uoz=3oAU0a4?{|kd4Ka8S0hmCO4(7mqP{Il72_lvKL7s!we38x6a zsVSwkY_>~Yx@OV?^J5EQx=M)nrG4JS+Usg-&g-Hd}GaIsC( z_<&kNFP4LWV>LqcX?ot4%4F4}V`$^X4=)gU_a%Z5W|#G{Br@pqMjc)Ce$}OD-CdZG z>Mx?IwnlwfN65$-mKu+*l*g&eb8^&t81{&%3{~?r4Zm|@+}wA%1oG__RN^Vuafk!o znc{Uz3SLQr-en)0x1+tSynm+xKN_>oSM7B7+n+D)xKEMJhQLVPETuWGL$a(>!@RK( zCH+2lJ=O>4^1gZHD|v1fT*f>rroA6$>ETpLXe}j>H73evqPAuiP$=3`R(h?WE4XT+ z1OZIv*LQTpRk(S(K>dUO|NH7R7@Wh0cGG|_T@vIHXw(7tC#m}Z{dL>O;ZR$vR5R&j zSGy_T3yaYRL8LngH6SZi4zNrpY^Yl4weIk6Ij3b$*f&k}${wx95r+H*&IA_767$B0 zQo?Ki=0M?1>GWJz!EJ;rm6h#!;n0!S|M#2I==8h&?{z<-29lI>+N0CgxWUloa9^({ zBl*ws_thH0zXnSbtw}Sx{R-O)792tG`Q=Zi-+#Rj?l~W%c2U;6UP!1T`|r1Ve|FMZ zPnZmb{bP`gD4ES#S+R`}1wlhV2I{)aT4u%)pb#_(NUBeZolIF-*?zDYOgJdfbxHz@ zxlz%7C54O8hydn22IV^~vGlVl&2}|V!HC1AK{og+B=^EXvGELfj8OD8xwjX@-Ci<; zjJ9!Dy@sM*l3+DCLjw-tM_^mx~He{qhW|p{2Zh|huZ!on?E&y+babcaIp`6^TB}(GA*}LiCPiqY(IA_&*1k2)g5xnq=Q6Mx2SQ|}PxxL* zl6^s!m{IJ@izgpHnW|9%S6k z%fjMGF>!EuqLF8z@pvg`>i&%<^#O|`Tedbm=p($*|A36;t3sSfPu_vynDx}7PX~?VP1^9LJoj!&z~3%oBB!Ty29q6KmqL>Twhd1x#@?%^7x|0kjDx}29oxYXLM?mOD~>vkoCKw!L>12{QUaP!$nzKNh+MV8{AB$?*JL^GZHViBbqaB zFff=RJt^V}zTC#r8_B{`=8!D?1&4cr0bmVrd} zQ(GAkyM{PsbzovcJZ$xgR!>(SiRbLSM(xC8z9s?Jl1XU1*KhI+^1rfY0n?7%CbL7^ z&bn<5DI6miQCGCI&N6n1aS*kRL|a=QJv1#mD`8XE9+nL%)e9u67z z{)LOVQzpDv9312*elO8`4?9!rkUn<Ks zA*K4Y-7$^GPy%=Z z^zp;7XH3?Btl;mBdd+ltgnF&CfiB2MBnA0jQLUXl=x;4^^Yvm+PS$~N%jSXxs-wRkyJ;N@HO z!IdhoD1nDA)o8Pt58eavL@j2{hDMjJ?}RGPkb=vJCX) z@+g5wU1~hCo!;1ikohhIE}L1YD13d3Pj0Bq25#u;BGAsT!VJi2=}{A>n)Gz{7k8o} z?(OR(MI~VdbxAhoCf-nWUS&?QG`L{;LR3EPu5cO~YaGq;3_C2qtbh+znLSaFQ4o4x zmBb#m$6_%P_nExp`thndYIue;&Ai$tdAW1;c3fW)P%B#0&SW+W`xM|{sY!IX2w zAa8}_nk1a&$~)nCK8Yh_NhAq*DTxa=^;^CdxLN9B$sN~HG8rKIeXvh42MA(2>`T3_ zWLWY>Q+l=Dcf-fWAKw_j{9K`hwrS1#$Ye~IG+PV0>~82PZWh;Bk!2e^g)^sSbZIktx<8_qJEjJFF9^lB8(K;l5Dz+; z|7eiiPvX|7_>7ozXQn=I)tMr7o+CRv^95=^5Ua@U({rEnxyWhQyh|A0UKi5m{UP$=pvNCJTIbP@i ztLX|6xdp#&((e+SWM(8UV3K{QY?fIn7n6^l`(F2e?~&X zQd4UzdkH%kV{OR}^gRGD;K6=^e@}b-B+!f}o%Yg@16U6H{Kf77OV$GRw=$r5Xm3VD zvtNVE+AByqFGse1_3~~P6CZ+w89y@c+f^+DkeJN9`fPci&5a);J5v9dcUuyxVnKS91tx0>Wo8ip(#1cQVi4p( zcdOSDD;ZxrbSdGAMNPZ1W~+lUQDKkr%q*6b3s z41pBg+To$^tI^Jv-)7G%O>8Q+MCMzutIzza>L4(o`CFINXWCgo6!O@xwK zexGvDkQZY%-GN79axf=T)%9O?IL>U^CA_`Bz_>lGB(5IJAD<`)1EkSX4T#Y72E;v8 zOP^Lhl=)%y5pui>MWw>Gtlld4!a-1!xQ{=jp?LrqoQr4sxcWxUKCX6U?lL=E9vSXE zU~NnG;bwC6O{3&6#4`RX#Keo5UxWoX%M_T0R3)MJOrUo#E@{T(2TVI@qrLGQQyA;F`-}gLon!l}jV?q6hLCd+?m0Ms(nAMGtmeR>f~Yb!!b_vy4X~0Z^mU$nz#O8whivZ?LNTJ-*sjHxHTL-1$Yd zSz}Vgwy3a3P+Vgv@}nMH~^6I^ZrJG}`;*LJ#phfg(_Fursuz5Xvt@%F9vU9V=Z(~Ixh)D!pj1MXjl<18>o3S5|*mN@|r$7(SpYDn*pjT zApn@0cUp=H3m=YqPQLqLfbC0g>LjU}eJ<2kwJ{ql#CU*bR0&2?kwosR+ixkuSW-P* z95i-RHEcU^Ltu~5jjBNoH83QWV7nIpqGBV{ftUpuDiK~vgk3>h;5lQD5cO`c}#;$PcD!T&Q3s(u;Boxi-FY*&49Ix0(9ftA)O5r`@Lcb z$iN(~1JkvF%w}((fu>F1P+xx=3d}6>=Il|QMR_!OJ|INKK_Ruaki+JpB>AFsC2f|e zfR@QX2TD$>xnu#UzPA19F;S?cLrV*^#VgRyP9cVhLWK)hl@yLK1?!WnCOi zORBJdcw$u}${;-zp0n_f9O{;OLI~J&=|-wD`+P>i{?;N_atedsmz5?&k^# zuZ?Q~>c5dpyNPU74>~M0gN6o?HtRor!okw>`TVI)A!pbl%{Hp~wEtAy*oEDV9)kik zE$pjksnqY8J5Qy>j@=@j)44~^esc~+#>c|>k5G+%yx;2@R@r=4Xe|8#=U;=@vcm(puNQ%s3`q20#KT4}hWde#R{FJ9jq5phH8&p}v3wlxH?NVhg`5 zdj4D^V+0_*GcTtq&**k^jF5ESO*#5){Rv9T7zrV4)LM6%HW&GiV% z1@k}BbM^Ev)qDubfDh8vsM}m4nWqMh_;v%`I}yzx`TAFch#G+bQ8?GPmrE++fZkUn z+cd^A7*oH+{W}7NW#uI@ZSqk`s3s~_cH;76O6dBK zGy7*#TLm(oBa(X4RZMQDkIyyyO(Lzalxq8opoe&DwZindw8QYOTL}J)A1Rx6R`G{( zhz#c`KE+C)IPtFCIcws|O$+a~&o#kk&I>+Z;qD7QVRgZ0%l&?*S@F{(8Feo%kX(8Q znfQwrb`osgu$lGr=_kO`C%Dy#5Bfee6$?%G*i+FeZT4{x^F3g#exH7Mk!w2QJz+Xh z%z$7#qV1MIHdR@>j+ZOew_?W zg|M?_he1Qz={iAX8*DSvoGd(sk7*Z!YP`c$8_erBHPLl&Y4y+bk>h}loiX7*5Bl!@ zJ`J8t+T0-WXV0Uqk(k}wCE-jK`|P3w>7@2pX2YX9a{&DMc@PRG`eEb&nsCR%8{+CU zGt9q%YL4^3i#6No#DpYmH3-sJudg#Cj2g}=tzVP6ij52}zT zr(}!ilZ;km;{X5h*9_4ee1*qk(O$qWRgs9a-nrK{JCR+xV ze`QoXFkQa^Ts}zaO{aC8W<#8r-i3DLFHx}8+XM=4n1^Leu(up6S4iX+S}~*lzf}Ne z$d+7*v~O>kOm8wQ&z~e3WcXhIDbuSXT$?pac(~3<?kPA4}CWo^=;> zr(w9_6@_JK=iJ}g5U5STAG4t1X=_%pb5Vx|>WuyH)@{!^DSNed32Gs}wx2k3SR}qm zM-_)tC$WE-Gc-+bxhN32v7^g0o4EP54`t_Qv9#j~Vaba}Lh|7Ns}D#&DG(15@=_ly zkUX+&zLLFH1?oPAkv^(QrAkHxtw~rd8kkfh$?S6Lx?K38fl`cH&5Wch-vSbB=cMK0 zRWim*JJ{E6QPcY zXtwbxng!ksB_+3cJmqe5K({#U>DB?=IgLy!9t`Q6019H5u7j!ByQ6si1ig|-FlLS1 zL0E{psJ&*~8O00qt%+~xC9M8ROplf_p~fMgP2s3r%Y2KaMVlBtE@>7rN)4x)39YKI zR90=L!vguxV2S9}go;zjM>)kdvNRlSc9w7$Pj?Y-$8EQgh`q6<4?uGNkB_?SU;|(V z7Eeea9o!B!+13M*#7UD&nF?K6O`W3``V0?(O}qZ7yIoX4%_;9BX{Y%C{^}CM2u>vm ziHZF)LSWWpQ27cSA3(_l~rYkV{= ze<#UwWA)?`_UJFDD#V9@c1VSAM54~rmPlR~zN{cX@8f<}b0cajRG3*Qs`cRI-(9!+ zCBf(TF0*m9C;c^1|G6hmxPBt??t-NS2_)2I2^7C!>h*8lIWifr-MxGetk`<8z%va( z9`oYGtZumJ530y}Q*Q3#L6 z9W37$y?)U32GQu791MMwCvCJ2;%j5&ICMBtfH$2q?L^mWT1XVbwUiPro;1dU|L9Oa zmQL-X#s@1^x8{X!Zkgd$PJ(18wK1)l3T1c;(9FgS&FcK^Ba|pu_RU)z{_s9ES*I=o z(}q<|MhR90TX->~`&tZ31dwM1&Bt{e&Bu!APg=lu3K+QU-ENab27PS8sV3D}EhaG< zOtbl{rBx!-4Kz%JP(b&p`_9->au=$R&tj4Y^OnMBRt9GseZK3w#oggO;uG>(*$iZC z0}L>&h?zf&QQk#sQ%Y+#1~f75Sw9;E#9r-rhnXhG4pro*Y<%Cx+2hNK<KIq@rFEU%^1-S*-nD&gy`C<@lWox%lMQ(c zCe(O#DlWkRaABW1=5-D-r+Pblpw0gNb4M+`hQT7-2fKtl_GXfIFuwV73btM^3A#`# z>-9ihyB>1!p-6404nazRm*q>c!7#FH#|i?SrgXb)5hLxfCIi{)MYgDg^(1I zqJNG`Vlle7v(v1!-a^;FjXOA?!98^Li0LgCP~H2v_=(8cLU9a~5<|AAJ;w}KYf!}8 zYvl%>r^}Ojsyvcz+=Jh}#LKL-dOf$fstE1J)#_-DkFg4-GYzr&^6@$gth>)tr0iA~ zd;>zs#nU0Pf%N+R3+FcyGFlt?2rF_)MXxEOZsOXoDx_B(Cq!vo; zEizq6ht^OVI}Wb=uKNdxD6FVZ7dI>->zYslDTulAapwpU-aLG5!J31!1{gLgYKN}5 z_kTOSL)plWduKZ#q-=f9$gW-k;<}bef$Sq5&}br>@42iR`_z8pAaWu|0_uy~7(apAFqbDG7{_~&&Hk3BfMP1@h9 zdwr#aUG=hMIvg&5D_95W$y7m@Ag-o_0<(#)Gp<*g;n7d)_Vj0_zX)ifB6^Z^Lz%_e zFN-(CX>K>@cnaQgSX0D|)w?`wO-Z3TuWE;ckXYp|cE{Kso=y;w% zR(}9_)2d}2Si_;(-aBdu)7R?j>Aw9Fc@N8wfGdKao-_1JZW%)sc;afaYb{*%*)P_0 z0N7Nz0-K&o(}M#-3S-!U9eEc7g>JSzpVJ?xg|&ITV=9Lp1ttrz4_M62Wbq3;ZvhXR zXn961@z{L(PsXA&_br>l@u+so&o)i?)HnT~AcgPnJeCIHf94Omj)T~8*qZW>*w1-R zWGQN_O(VEqW-@rQZNA`RJ=3Rl!MGD-7Xl3D=|a||EJ)64@&0_oLA%*}j$b?E za1IaS>65FMZdQ$2+KTD|PlIf%zs6kK$NW*W(v)y7{w*y7m)>s}W_`cU$UgvoNRJ)#!gEnstf&Z7n}^D)IN@&U!K9!53SRIkgk`B zxd8&JmuR%k{o45bf9n6RKeDJHW+PLvL$W)WRQ&~wg8Gdi)~I|1C){C|7#aleEx_x*3G>fwtHsxPkLiT31QRoAO0w$Y6E-HPDT@-ymnvzd;k2N zN7oV;)*=I zfZ<8(T@D_-p{)Gl_g-Jy;fTw9>gfk!&8FJMly)m8WmeI;7xq z%7|4sq2NV8Rikl}tBcNBY&aTHqGFIg@GEYfcmkdYmwctiD_?e(y!|NJqYw-r_MryIHBKGNKz?{l__D3ta25e;>J;|ucZ0I zr~BEBw@M~YVUogDIl`eC3%mPa9NxwPnSk|0>z zkBydS*Dl6a-|SvKw+8@bv5om`J+fvY%M3c8zG&MU+mxQ{ihrrTG{`CwD#kCir2WzDXuQ}nR|Ub zY=k)yT2U$R{)^{UU^EQMo-@dTLy4CL2CQ_~*aY$1uX=~_4>~)KJ;AKfZ(ItAHN;s3 zEgodoIrR6Uo|I8H1oKeobl!n>AIh&{TQ|oe8{w860~4@yJs#n5*oFXug)Bmn1Y8e+ z0|rsBZ_j>DtEvH}D^OX$Kh3<+B+cjVfYG}D0TV*g@?JQ|XMe zeI0HHdJ8If5MUpCQs@tSH45B};#~wQPF$$@)2}NK3EubT1P3vPc9B?f{z$O0khSwc zLuYdEH368LMy~Qqd>)IbbH2B?6zVUhiGHS)2t!)Ym82e*K6cDhv2tUnVF4f5LYZXs zI<|_%6G@UT@@ZC4M5)#IcFCIre(k8EHg{hlQ-1X;fuJ_BI)uo^K_^F~$TTr@uHIKs z0AdYgR<0r17cbjmT{kD9EpQz)MLfwxT1MFr7Udwkz(|u>rq5!h(vLm5HWp`UiV9tB0PW1%Y zVvLekGKCf>X8{N~;tSPGoKlX+ief?iJ$S_BB@6=H`W>T^$X!SvS+2bxX(hrgN+stKvLn#@kSW>JcZV0s_KUS#65Lc$StTmN3)XMS+F}MU~5|0)pzu4}Y zK?me8TxaN)ySUxAu0l!-@bm4hYZ3dPr&BclVCV6w7fRh=@j=kCp6l?ZbkrxZ?V>z; z9-H2+I3-m#glfx%1GO4bTP7(vp;AuG}4rGf{|S*D;HZ?#V>B3eDsmi8Yp4 znnxQ6s@z)h$xE?Lrgp6!U!xEN5H1R2HAm4~B|||4y6U&p3mKpteBES0=9?J>x9n}L z@(Dbjw5d^g%e*WN~Nszhki33I`LU$pmt-T2-Xc2J*3&I+Da!52GUEtZbHI zqnt@R%6@V%Q^e0!Z(q$k4Dnt@rRMWgNq3hHRgN*%%qcHf1bMl$ zr{t8?#vjv`&9$hn&3nX3=B#0}^!r&PeI=^PT=;<(3raRiU*1b{u(5Qe0m-6OliBZ% z=AoU+$u?$bAh)_sn{A3(dUs7;Q$^IS!6cLN5b`lhxxfJ)>n&$l8@od1sqePS4>i&YZFB*@D8o0C?{=IFx!|xvF@dv{y(3~H#c9)%lY)?f1lIq<^H+Vf8WcS zZ|3os!uG+jq`uTGHWc=Sqk|#GeU;Z*ai+Q>VD@J0Q zFlo=+BpNPwP&#H^?%eCS7x!8grI-*Bn2<@k{L6#6X1}0`%5A;-(Hj1jhiUVqAxQ!_ zO3ui>Ggz*+JH0jiGmZa@p|8|`c6g@g6RW{&*@!CfkXQ8_i?(vZuwB%oPxDKAtVPnW zPVz;OVrP|<3GXgy{b!V*^~Y&ijnlRmrD;RY7^QDBO5J9ZxXmg@b^f>GHLVO-U{9(> zR7dlJfe zKz_~eT(KR{J|}6{7qMfUl?}nU#pxA|F%eak_$br@s+>1m#{`+sAXalw+OtmS*$Q>N zi!rjrx%)R&0H+u{Wk%3~`GJocA7}c`@Ebq3{oE9`g0f9m(o10nwTpj);1l&-OPR5C z<4#iS$~WrRDp;(Xslq|CHJa2eAg20u)HDIz*oJ9{wT3(VA*G$s-lOdtk{za)LksD? z#}o6suG=*mK`TJF9bN=hETEXCWz;Da14UEhzHo-Ht840~^eaIks;~*7U5%!t(jUhR zAL@*7q$}MrBl~r_uP^n*zFe+5g|UjDq@Xf(4l8l#a^I(VPyYLX-BLn({8ZhNkyLOI z>xHBvHP(k#L6QOee1@bdx+}Fx8dYH2^nI5dVvJ#5Gm=fI4VwanP}!0Sq(i=jSpJGl zum+37-f|(ePt{rgexUKdSKA=6hoN>F9P-;<8r>RUU0!m3`=aqK%5L5R!U~z3LwSXPnwXHEhR+L~GLXGLQDwwwZi&0vHtWy-sN{DrhZ=!Yr zdiWcJjHL8{=}FNc5#$;Q{+XSO{sL@ptZGXcRo2pcj5`7@EF&$+&J~2a&K-8Azu?wA z7@Gf)x8+XI3P8a|2I?4$*|wa&ST*zw6T|>v4oF$@r7qPu;jlRyl>F6neTGsp*2?a- zb?;JVC;nW?rokBSw!NQ9F=YA-XC7ZN2e_^)E7w=&Sel)z4Pui7ZvoC^I>-tu>msAi ztWfQiTbV}A@{-CP{tgem&QGm|8M!D*I;#ub_}I3-jS;3PcdkP5Yj@mN1ai2O;!I4M1oN-JkoDMKD42ozQ^0db@U6Fh}N7(y`JfQ085J+b;ddg6y*9#6;cG zX|D+EM`E1{fx&C?BQXDptitKJdaktj{_pOJ-($l5q+%6a!~`AFG7UZJ)5Wai{Ib$Q z7h(ztVRIIl0F+rPtt%V5SKOaqb}30ljBMlSJs;h-s*nYb;9O*HmtXA)nL~AM%n;gs zdHp^Z3>`jOM@ErR6rDsd#~W)#_!;T5Cg(IwWrPWB^B{XJJr)99^_hsfu4yEj&Q$ z)P3d;voD3!Fm6Sh)Bf?$cKmAvc&`_4#M5Iq7QK{zNo#-ME%C)T54+_M;wlMj7U?IW^P{TEAAQ2StuMS1SM}l&rUAJ zG-}4SuZxr>WPXN)VzH72O|Ai*FDl6SdT$ft`FW86q$82CH5vLg zMQ+vutM;8k87J^3`D1<@o~;tp@!Eauz}_D?eHS8|Zx3jr@g3UW0WP1iVdq+qFb0nmmwR%m=g1?D@oU~kJYl_>kQ0Pu8cZC{Uq$L;yQPu0UO zLDI|tZv>G0DAA-S0MxpRxSEwX`m2blsXcXCH=!+Con2R#R#zc%Df`%$w605tCU4X+ z2V4P?;Z&lG!YxiSJ>g!WFV;Ck6lIgfq;^D>H=4x5t;#6QS~t#82!c8Qf-Wx3(#*1U zGSB8Yj-Vq6Qm2M4j-VP>5Rz3Capta$tssY02a(gky(q{dDp}-f>Fz1Tez#;e|AZqM zc_)(`m-(13bD8~$0t;XHC$>Djxr;64--l zWR~?>4!_FM^Hi4K@3x_tYf%gX=T$q3GPG&hS-cb`3_ zq2h%40g|w)!)%R*Aex7&0$SjyprZO`b$vdXS5AZb%^`6A0SNc7q=3hjI{0r;2YVMa+m0m@6&HyMmWtm5$u3~+A z7*C6Si{8bt-)SOkef`pNm;q<8Pls%J0)Fv(2Ka_SY@K6p2d138-M((lWNuN<_`3Qq zL<{xpApCdBx2CZ{6cWk(SaNse@i=O$XkyH=o&4+c$@0u_9XO1AfFvHD)ogr{AMlB@zOfV zzlF4r!kU{-jhd>jgU=Kh#rYKiqPeNIbw`RNY_S08S7lFj9VZ-@;^%!KP zQ*=Raip6fj!h~tJMtO@|>CvgcU0tpowp6A(QLr zTn%o@DIy5cJ78|Nw%TLtcftnCYt3aZG6-s@tw>Tr2f}QA_Y--TdyDx$4I$e;x0zWP`!>E%BssyIMXA(p$!>-ZHhsc> zZ-4zC;m58$aqADCKK1?J004h~wjkhH02x>S|M|~<{_~&z?|%XS0RR8z&eya6&K&?@ C{rtoL literal 0 HcmV?d00001 diff --git a/assets/rancher-monitoring/rancher-monitoring-103.0.0+up40.1.2.tgz b/assets/rancher-monitoring/rancher-monitoring-103.0.0+up40.1.2.tgz new file mode 100644 index 0000000000000000000000000000000000000000..c17b2972a30d373ad8634621c0332cce34c9ddb5 GIT binary patch literal 406536 zcmV)4K+3-#iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0POwyb{jXAI110dKRpFLDc|uWsv;#>iOrs#Gj7{SG;KQ?$xio7 zpB@FQ0!c*0LIprcW-R~Kd6x5N=Sj}O-nbTv6n%}8$ZK^+MB$E&y*Kt%(z=*2naxGb zwUE4?4j#>@)cJzWtAF`0|Axci@T+_G;J?G+u=C%&;n(*L|7Gvqy|2DH-2dw9ulN6D zxOX@_82$?xexUK!{%e({@?VDUJyv&dzmb2mu7#$Wi&~Ag2%%E*2`%)j9p_vODqf$f z5xLqTgpiEXbk0Tu;DelsRu&9C5YozOL}pqyYBU&3IW#ZCe9%ZSXL`n3l@($>Z)>g> zgBh#lSz$U+Nxv@}r6r?taxBG9tk9eHEgB}N7IJXjj#(ByEHB8_9Fc7;TeiJLNI^BN z#56Cc))h0AXsboWYo%#bjmYv1$qHHic}{gP>up{zGbU%HZ`)g~WKAU&Did`k)QDX2 zx)hhHzbaQvMHdJhp1Z+|9x`QBIgFdLG8C42e)*XGY#y-iL3 zs-XoN5iE=strkkNd2hRh$vM{w)=}}geYLx8HH{P(ykshyUdRy%BjkmUOek}>c{szt z#a?eO?pTtQ?&tUILih6rtJf)6#i(L-KbH@9MWdfvrnJh6rX7)chr?n2X83w@HWzX+ zBKL;F;WOS_S1%f~*Hx=DlbIHx>aEstbA1|7vs%YH)?e9Pqp&l35AtDtutgjGgDbk& z-=a<9e-87*2l?Js$r@IdtS&fHqpge-qAt0H8dFIpw5B<$>9}I$7O|JsmTwUvStFF0 z*kVK`ykeulARpj0AGlgcmoq9$R7d^xIFV~C_>ZKjGV|J>kX3vPw^b!@mErLH|8a zZ;DrgeDZaJ0agIJJZBr7{yQB0^=H58=r=q0-h;pH+~4ll*Pi;yL*MYs`;UC>iND2x zuQ=~%CC0RJypQEMmxi+C8iYRu$B&~>K71gXH-?3^=u!mjp zEpj`gq-r)6RF-O&(7H75n(#1@ZN(HR#C*(aR+3AuXQUKGJ7+b%$Dj$0t%w%Hvdx51 zwJ^W&DZ>b>%S?-m)n>(p`;j%%rfcLXBX$u739}%rGNpRP;==Fk6Di-C31Exf?din} zV7zQ&NiTEkpjAv3qSma|oxY+!ZC%68&Z$|&fGWijGH_OjsmO});o*3ESRCB@DsSrP z);U{T3Rwd8>ZZ1pMMP&SBi)&1F-L7a{t!JW+}r8a)|~QMQ(iL(y|X#x)yN!@WS9T` zb4$xY$i}>0^7h=r9)6ylv&+z=V5Q{6zn4sz9_QwTTIUn#+aw=Cvni*wY{y*u`_vSe z%?n((`xaM+9h{z1sb~CL^|f-}LaWZ+7KYms#Pp$ z@DRR7_2;ynGNyAy=aMeh|CYhSVwH@+G@Z5M2VZZkd@3rCg8)dpivZ-hRx9rpJ{@V( zRJ;Iuu@&BX!-IU755H`id&7J$-``pz|LKwcUC^p!>H`V@*UJCy?HwHMFUkM*zuvo% z|9y&oJLEB&(6-V9kDW|}?8gH6)(&|w#WT-rCtoOJJTo z50RZ6BH84fgpmU+85F$x6f4s&)PtSSt1CxBRNItiUoicgB3-+)mL|f}el9jC1oK`BT z*w_^f_x84Iv!|k<)l4WIRWmQ)Q)W0)A>E|lbu2~2@^jA%f>avU)>O1+k@TAoEh;91 z27r)^u*rlKdPKILizlyG(P~?jkVt<1b*WtZLByUSxtbSgLUxpYaIQS zmCang;{AiK`xeYl{Ig=c_cptx1(W(Qmm@M@x)_9;GEl0Ds(iyM77d%-%^T3znSbYO zvGh4RXN#yxK_8`^6g2v(*i&A&ufA`h10cZIe9JGGa-uE*%0Ojq3NU|?QDhI5f$Hx3 z??&CcSTxKqmnEBkNQBqxxC_TPCUd|XBemO% zLflKCkYfi~ZKZ@OAo1|6Zr=LkuiSuZwqRwuw>h~>Ao5`u_uK*@ z4$SJZ5!|0}X3sciZQ(#gE#y-=W}V}atTKhXo<=*4JK}2pP-)Ff%;ynVI>FC%lL#a zu;uI_KX+E+dQsu0-n9=dGu$y3M9&yG`RkK?XIZujB}vtY0YFJ^Q;7wb;_VpBN=Ys1 z%xv{@rZ0s&C+7buK}(`ESQJeO)zIxkRF$|i1=g%ZK_{6(%NOR7=6m~JnzhP3t0u{Z z*)XkhkUvPO+*_`4FF#1C94=Qm%!jrLls`1fkW3jga>+<3NG&v}87m#2f#IIHb(|@) z>PtonT9cAXR_JO$3dyKuxF=2?MD)xo9OMTIHo)%;810#oDZgMfp-ls30oH^mF&S|5 z$$RR=kiP^3jl(NF-|V#TtLj_?+BBUj5UhB!F6g`sBHuH+--pb5R=T~t3QhMB-epPm zn#;f94qtzd*WTp~?(;S6>14udt{3ry8c{y%DJDd+pIa_j`M5Rj4LcUEr$^IT_+nfE z7j@d!Ocdl`T@)Dq0|&S#uNrgO-EE3HI%kU!*i#AOU;cod3u+zCg_Sf+<5t<+?ZdZaWNQ^OjPo3+I%=KRIN;LTV=I-Cz{pFpw zx%T8{B8YC?rkEhP7~nZk@q(%m+57nD;lQE?%gf!Mha2>;yc0L*;RB!+>6k|z5L(?J=~y&<(;@e55If#umzg7hu-?=lk3~IcDk`DK;R?lYC*;<90Q+# zG$e|3@n=})4mp~*rSB51VV?|)zzLrw7DJ)8@d7?Ok+$ub2(Zt@!=z+u$L~fqrizus zInJZRsT53s0Lxx_3mqsFN7o(Euo|=^g`^F0qQiWvv*dR(bMv7+-o+~M#>VZfZQMSo z4(GRUsVyc zvqN4sQ%Osvwp#qdOk!t;oU}EuB|gBxm`#M)=kP^HVpy3mEzZdWr-YLK5MweE;=IS( za%YDe&FPex6KNIvN4Cf_*%7t~;id*|L>vLa(SJ2#6?#)>IvtUVVZN8|JwPwWCI3{Q z`?h5$9W6}_=k_o#evUB)9W)T5$s%g#hVOZ<( zX|+ObLTc4KR*Yz_qPY=@Y2-YCT_Tsfs)&{gw4;y;ea_QB8~6FVL}7hcM0L|&deC1OG- z79rMFGtpM1IbPEt?5aDvr1#LvcIf(lAwG6gkrd!<4lYczX(|M8I&UiGkrl6}Od0H& z^p5?UM8uW+Z?YSSN`;`3~{)E zP;Ha8QcT~;zr5vpTO#46ogv+}#{YWnCCU|x>ti11S$G?tHKIH-bB8JYGt8JZ)Y6YX zbvNaIZs&LJeBnzIw!?H~b>XfJ@CWc7C130Xn6|razZ({%C*n;{%zE-$NFP@Cd-AH`?xkAjg3&rzRY0@?&)ff+;CvaQj#^1`y zV4XNVz=&)wyZ$2`_8|n2FY>6;1Jp;KWLE^YDh$DPXV=f~D=&gDVA^UC!YUCy2ZjtO zJYlZ@cJWpD0^p=$cre0Hs9!m+h!vH#aTX7&N?gYF3y$-{iY2Sb<&0Mh4LV#TC5t)T z5UV=x0G7FV?O189Tg^NLowQYjhhzZGQ!&%G`P4am>=Ng8IkS$ z?zZj1Ue5_USfg9CMJ&C5`-nVx2+iGFKMvguTr0K;a?mP_6#&9qM4U79k;t_x?#jh(VKB=P#`M;ed&a3|Nx~hh zvyf@B5xh>=lq)S4Uc`>%zTM$dd~u7k&poeh2*Pj9wVN>yp=jw-ggH%=hx)mtKHmun>wk zZac(_z9CNJu%931_wV@8UI;I_ihEXODe)ZCE>VoF+j-O6#Ug{)mo5%!*ld;Av1IZt zvsFd4$LSs#+=`E^z>K3DHc_ zLNCQheRQIB?c?wnZEQ5xQ&vc(oshl5*4jxtoK7X1uAc{>DzC-6uad7$?d1A-A>3t$ zI%EMr^+%?E))y!ze00H2JmB&&T>WIQta_jD` zx9i28dDP2@+$u$J&ZPSmdUTr`x*RjTQIE2%HJ`K4rQ>BMOtKo~kfH{8`&>w7<}R6b z6cr?CU=Cnzx1qNnMORzPM5N~^G*#ztARty@nK_C=*f6>S(_;qRWsT$)RI^N48a8ke zPxyS?R+YVOR^GJZY4Nu0!1RSv--ho1ho)Lzh5m4o@dI?pU?7rfxYaopWDqwT0H+Z@ zWgY(rL@*u1F0xl;(BZcq_Ox5^0%$mL#9_)P_qK`=OF9joY4u@I*Eu;BO7U^UoY)=0 zdG76!i+w+Ann(mkwWym=#NA7CwuCkR5P%cPtz0^@qYi>NKPDujWx7F#3ju7IrT)Ei zK*9ibmR!je?JLG@39dT5N3-GbWLsxZ0N;4I<#@285Nq>#no+X>VRRha=@j7M6T>oB zgwN-#Hb6xTGPFxCfo=gPIK3vw=pX;Zv(FVX)$kX}081REhhK@pctwA5rCO#2_YMyp z+;^wZi1M+Y{9j=5D|iq>=DfDDnTk0(p*el^vZkSQ+r7yW082Lk-L3dVFREI1nUih? zJIPOc4MBhKufM-bHr7H^QJ+$@=D(TY>M~Xuw#tJl4uJa+-T=f}eN-3h%%E@4>Jd4d zTkXhxl^M+0Sj5wr%AlB)8IX*c9{e*4xkAj{f!&C!cV>z5)3&IjSe(2#-t1Pcdx+Y2H>2 z9;s*J#fbbPs`t<2>m}uSL=J{3DGds^!?}mXhEW}T+1sD_PX*%_OpeH{x~)81!CWE$ zT~W>Ite5s7+QwX_EowANhC5oW0`KMY|_@CYr7Unu0^`$1kRL}e&aUos1}+}EJ0O+_h@`()k)Ba zZYtyiQhk2!+1Oy0S`ZA69t4CtJLE45_te|<4ZeZ;=43#(So%1beb9+E5|eQJPMiTy z3u6=2PA2@7w{-wbNtu&V#w?KK9*zhdiwjH93~LA^f0xj*Btp-aw0$uJFiT66z9nCF z%^1qCNQT1$-5~bYKNdc;i>d|5u23ut@s@=8;~e$Qjyc@qY^=!;3PH~7`6<}&5xL4d z(t7IQ(>j;o!`+e-7MV%sDqNrQ~Ax`a-8M_kcK zJm}qje0%c!%VUy}$4paRsegv}tKUaYKw42bS7@!n6_NymGcEaa%A{c>NxX%5Iww9M zQ%!DHtR^`aw4!Dq{{fy9cgQea*6!?rxh<4+4dJ> zn`}GC+$P%=hPLnYEZ1YyF8++PwCj=RCq|r`72zhu;;zki(O!jZvTcENn`}p5v`x07 z^L^({jpgdUrJap%zO_o~mAasAg?uAqoIVcoM&AdsFKbw71yYIMS>$nc!Ku~Nv#N9z z9#vGS=fOtrG}3*gg0XQWri1q)%joSgt=VZT;w{CT@*47> zxxtR9o++pMoCxWcgxd8CGz1ORGY1RsWQX;{U7t3r$l=+KCLZy$OzYHKbl``7JJ>Tl zL9&3`CDTmKdCe4=iA%pRFjQm?jPix@jvMad0^yix&17aKk-^9Y91Rk~BE4vs14Flx z5jips5TE-I6?VMv8}#DoX-7b?Bws&@0er`*Cq4YkY2DJwN1rO4DSj{kjgCrJ9lKuW z3-3vM+?h4G%XH;dW0mC|a91LM1 z!#6-=J+lgs2@mccvvk-WU01Y$T>T*SGkszHSG;~WOl${aClor5og`LF#dn8|6K{$2 z^x_8Xe;~APkvPDzl?Xc%YoG{BS`iFeQedw<(RZZ{x>BbR9f*M86x}yiY0-24wX>&` zlSj1n;HSlufiw}Ae6yY?aCA(MaOf@uT@kXZ7b&cpTL&dLq|h^N-mFClzPbIQaW^qO zn(a*~Um!eP@2+c5BZ259@RU3{PA{(EM3;tg%6lzH#g%3?0SSJ%#4ai1foDh}>k#y* zMMo_5N=y34Y3iY2a*~l7THM{Sb*yEt8ljkBmEnwPQ98zid|y`!9FR}kX5`xDjJow) zl)yyaibtz$;fNdz9}N9qPq_m7!=q!vtDA#oiWtN=esJIsm)Gv0W7={k(wo@N7;P4~SPMq~9R%olK*u0%mAVpu=C1KA}cPIsXPVi0kCyudD;`J$EZMJUc* zkVTVn%7DcmxvRDT59*xVy#IQ@NRdNdFDu%?1lO>WD_^qLVu2VlZh#Tq6(ua;g7-uQ z5t4ozv~bUl`&7_!Y@yTY_zjK#5s!Myk++{lp#Fyf{-X(4SnXPFBE&d$ff|-f?NYG* z6?}~Gd=#rDZt%#k_T#!8t766s4*u@Ni(~sEW~+Ti3D*SI>qlKFL^MAl3c;7PfgDiD z6RtEDWd7pmDNe%;6^-t@81+aP>@>jm)BC{Nrv|`M4h;OY#Zp^4;@`X5OHDtB)>wXsdXg^xx22CfL zg;Uri<5sV9jou{jxL?{kEZ2HnM@#;Vc$^y!>DryPyXv<3*WT0LzKgp>-P*7n29PJL zKn|oMukEqA`0)E2531atTV!c60qbj8msFNSjDKQgRq-f}r>L8~{IIc#NDy0#kbp0j_8wR%#ldi3Cpk^VqO~3EXoJ%PrE8~y_wA)z- zeY1ZrcTxV-j3z|G5_q#3loNnYi<2rzrW#SB1$pGaNZtE;$>KbvI{y3x5*{~_t%WY2 zZY+)wDama#C<6Kv8}8hJLouyI&74%j&m%~|;*D$-gAhi%p5og-70){1320v^@W$p? ze4!nK&f`cgw8w-H;d<9TI@OHgbmpS1b>zV4pM-JSV*@r2O~#E&WvA(~0h#sd7$oqf zBCiTJRB&`k*BF<7=wEFOA;l_IFjY13J3;d|*>ua${$s^yS#w62H#|+9|np$ z`t)@*vi+^M+3#yN+Ji940pES+mVtPAxRKX!$H+DX*2sg@P)E^_%5dAg4BrYUwUv5d z(`*NB6`|I1YW1cD#TshE;)z|!CL^inZWiRok>LI>P2 z;Qf;lwfQi0&)Z5&vEj(pk0g;(yH|Z~lw%esRk=)^DlvU(+K%9j6!=#D3v=uZd(|MC zQKrx;$Wo@<#?1iUA~G%jwwalC5vmO5^c?x~s3*?_v^A(Jonb7vFL`}+JcZo8xkGqx z&;9W^Bc3BBW=OK>WM6Kb+k{cYRQH2CF5>rfo$f#N$9L;YR$& zFnjRNFK^G)mAaZ=&F+xfb6!sY z01OrAWz4?K#3fO-LZYF!;cR=^LiN#QPeFI326lS+Jb5rF7YNE-QF0-wcFrDEl+Rz- z=UBL9D!lSZ)I72PnOgC4gno*GDfLX07y$c((eiJSYxaFzuMJL@{tGno((U(IglY zVl<@Xx_r_ZP+3v9yf8e26muel(D-tB{QMMfT29brmPCr7jsoDNtVYQ?QO96)-5p)j zlq=x+L1aCnby?XrK$vl>*rcs?gG@MfhA_9$3DCJBl3hv;k}2pAod$6Q_S|;;GoBU( z?IgW%MU=)Mv@P3pYZ$lM8(Ug6DN`N}@GuA^C7(bP1f486m1`Re403QoZ)^k{I|0-@6z31rvCw6?MI@Xj|CEewQ2nlML8 zz11;DD@4f>xr)=50ar`5m6+&lGH0|_-e)u#%PP9=np?u;UDP;gUxDaL;q}Ii0VLt1 zJAQPyn6)6&mP%S{2E@?WHYZcFQ<_m(u9*^7}cw~gm!qvpiN;aqBK z(fNSZ(hm6tCao*ueOPPmlkaq7t7(tH#@pZ#yrfa;nOIktG>q286~Ir3=s>jCja7!b zWI}n>N|ss6@Se~zzlfTxS;UJt8%}>RobXUkicf17)UC63_Izj`S>5!i`v5?xS22Zg zA(V(Y`Q+031WAF5F?G@eNjvYD90{3<8121aa^88Bu6wikS8FHn^ghezFIl1q5(N+f%9)q7qMEA-$EYli#dD$Ep81MB z*}xFIR)`vG0Qy8V(4+dWjJLNP zBb5-%m=@=|o_g{qSHqZ_N5PaDRPPv3a&+v^=ef`}CL>oU@pOjk$*3=ncA+~+moAjz zO%&~_8^yi~tLSpa-daszj6g+r{gcz52jfhCLeXQ*uqrwP7qlT0XdPQwnkThCwX%ammpCf)*Ba$l!i^l&^@f1Sld3C$vxIl05_88IdZGU9hRHccPGpyqToNrA zyJME&)QfJroZ*h97>_qdm!PwBD#?P5B^Q9M!9R!~e-mb&B&RD5J$RPABH4`(0 z@8p|Ddk^;RlYi{}liY6Fam9-}!Bjqna$6@*H3)f@bEYS`kki3T&#Qr)6sA&w&iYr- z#lYVPS+FPY^08}vCcunUwUTv|FHmd8H+_1{g)+ zKm<};^LCe9vV!tnXn))r^&7OcgJHTAOWj=_2oJ5$x|Y z@<83$!TfdB7#WO4yyUly1iQ|wVr|4pQ|1l7ECFuyY(%cM9ATRXG5Ufwa_@`pzxnpy z?~8HsMRERg_|12ZAD)Z9|JPCV-GjVXs24-u!XS51Ggc{PTRwjF-+$l#?|VOg@zv@0 zKaVDh_UV6?`K!4Y91rLFMUIKvKxmsthiv|>9u>n>(h0381PaS+RIs2s^Iev@HZYe_)AQ(zlr|1*f*va!6Jbfd`H24Prh}Yc4>gw1+jt0P; z=XREW*FYFiRcXXd|3n2O=c@CXBb-2lX`e#0)#40k-Icx<$ zN6o}#?U*2NMYTsr8aj28w9U?DV$RNd+cTTnQqP+~n2e8xZX0E$QT~&%dOY_i3UfZO zf*WuwnU7f+t;|4&3+rw%Fyu_S;Ovq-_KOg;|N7)rQwiyI4?B5DiOK=Uw6@MEf}lY+ZQ=Dvt{12@pbLKqXfn^AJ788y5at9@Py2cDDO zVbaKU$yD6>{X|^B2b_lovSb=IX7Um|Dc6Vn652mm3Z)#gkU zd6K~o(}69u11ifA7NewnHtkii4%7YLX6OZLt`Tms?j4XSLLpA0R~3bCR!s$T5A9dG z!5zra1b25g?mkR951n~D=>i9@9@t?xXEpmgEH@H?geA_{suj4w#)~-pLf~I2Hqm6v zX1s>GXeZRx7A1#8E=23{w85C^O^3eysJq^dc@brY#5l+>$gFn|5ci^fb9v>!j{AgF z6{B_Ad|$tGeRPsS@;UoO)FJEF3TP+a!&)2&Q^`hTEXAcVh0?H?)_a_2+v6_bIm^kD zR*HrVp0=;pd@NcyU3q!jR7RxL;Dk=gIj@hYQkRg=#60c1$-q)rq1gA!VRz@6-+`z2 zLC_loW5>1hk3HC)PPd+8KlL!OHcn2*=yh%IiJlPbozau$Uw`U_j=dk!Bh;*A|{vtT!FA3AYv%rmHUf4g)`A zKV$0H=hx8|+s_YH*|E3nB0#Qz?;Zjl;vzVXrx)NM?5KVE2EBJ0)qDk?NnEPG>#A8W zjrs@f>m`2)v1e7vyaxVe%~pFv=xQ%<5kTX(MS)hj6*kg(g+}=n!ob~)+aay2{PUul zKQ!{r89f+27!Ld>&h6EP6x$6c9ilL|;ZKOfg>JA%&I=Zv^j^*3J6>A-Y0_*&_72rX zP_xXRUJEv%+hs1-`^6uNvXd? zvN2tFQHWC2z*g~|NvryhjF#Wm)gpdb8Xh${)6Q(1!Fh6?J17h|Dy@-ilH(+jj8B(t zwIa70szByugWT(;y0d}A1ei#!w3U+h)8+MauoLy4B#(?vdTC)X(u5^CX&IP_j)+qS znKBS>JOnYC&%hX!M!YQrP9ph=>d=xF!hT^T*Qo4v_s5j}q(p7zJK73LY+b3-bKd;G zB%dsjvHk8_%{xc}5~YbL_C&%UnAfjKBYCYSWc&ZGA`+3Si(;GPC#+&rF&|>o5DweT zh0D{k7v(cRmeHNCYRCA{vdPu}`B}Va)B2JztHfn*AflkHz})p_%CX)fArYH}8M;68 z?BDwb8M;3V-F<=}Lx;n_jcyz?19h+Pb#ph~ijO6gi!6Rbfb;Gi`0i%3YIyD5n8?o% zTKiORLFCWt&VIg^GTVbyBgzPEdiCEGOx4|F$65ykZme{MdeQPSl1=@e7_)$g$>dMr zbK(CSKtufh++b7t#j3)$lc?&LM$<+1KXXaQFtWOj)(h;_t3?i7^1(kz>7Bkk{-cC-;nSYV= z8lrSeOZL)YYhGf?5mbM$YGp7Hi8VbuGT>25pk1sQO!k*0Hl&8&xOtUp6A(Chi5a#Bwp%A$Nkp|#MtkqZr9yVt*!4RSR)Q6o%|Wci9oKP`iCfQD zXUqE~H6J1F5mK0?utzp5kVi9VARVk?x_#l&kR1%wO=K4@^Z7L*yL5aMQV#{^X0RW* z8Gw_)zH?6Kx+e5FCM0eNnkoH_q;m!-`O^z*#kTN}m^Y#}cQOeVWwwyehTChpwX?Hj ziXJxn6bky3zX1jj0HGrCnc+k%JOkZfF}EG^9sjx!#Xe%_u%E=(!cpON-R@LuY1?CE zie!;2*sRdVyuw7)_7U#^Fcatd2 zRw+eb*DN0J&CcxAJ993rXV!@44Ey`j?P0!mcs0!TuZH=7`Jef5&-~B)@zvEZ|N3f} z-@h8>53cs|{llxh-2CtB!>j$PgR6u5@ao>xz5MX%tE;cC?q5B)+B>}3KfJm(ygD4- z@v}-$UBq@|#D(rk3cWS=O)#;KNOJrJ;5l@uPhVhxzIqntoproI`l`A(erM)kk~Ua( z&K4#9DfILw*i*l(gv_0tS;IjKR7;dD(tFvSb9GUS?%g}+i-(JRQoOlAX7n@-fV_kD zQe;f!b>yjHDE_d2XEUJ;^IJSDFSrt(WL0SRwbD`v7n9+0a_d(nKp&d|1+hZ!b_#NOcgxU|Zmw74rg^_qd%l^YDZHui}YghiN>|?!4VYU{FvzaI|%^OSz@e zoGsRl)xyT6T{lvUoe|yIjNHL zp&2yv*CIi2IFHom;~O_AYZbef@7>>Bp8Viq4-(|>5eY0Y$S0R-CF2~YPq^i-wtuHQ zi`)EX*YGZ&{z5@Gv{)pE@`vbp*B(&9{l4?@3xuHnM)ccq`CrMyfa`=uk_5G z4}I00Z{$tbu)^a^psI%WRbXyxV@71qUG~vdVWyDZ?amMrx4N0ZWNHx{%z7rk%U$z* z!}0Sk|8#4$`~;V>iz4^Uvt^w*CTBjn_98&_HlE1$6-`8Ns;h(K-*@;85w?%8&8 zl%1peeG&Zi87gi_{SB%Au%uqzppz7xd~^wV93$3+?XgnxNB)ZqcaX@?V^=72-IA+1 zbm1<&g#~z}HKN@0c|wnl!K>Wb4NXJ~u42v>#wWpwOiK5L`QE*~{9eAlzf^LtRB|uO z6a!oKE-?24VXPVq6lF~;gLNXvS8e`@Wy{KCM+F?WZYwb5Z)>kEKp$MNJ+X;VOHwXs zI_Cv=z>KLvZ#En|j#FR_L`fMt@w(B(#0!aG`n-;t?&bUYOOY!^FuyI*F~jtQI~@)6 zPO6RuSxGqgEQ$ctr%UPGqu;A`WyRjanwEg{0bgSN879%FoZQA;s3sW(TEX-vC94=_ zs7Z}F2j-`c{1-Iwgb4FtgpUP?X(oHr-2m`dXgNLS%~I~$3tI6KrKShAJq`;<1!b8knC}-a)`*oxb+|B%3vL{ zACGHgm<(I3Pc^^ft1u!D_6`r0=#ww(qfh7eRR%!`0Rxw{`u%J6Z?M-5_PW7d?}xoC zhU&#$7G=37QWtx53|Ot(c&+AC{p=pJh|Ttf!^3-9@w@f7Q?AYzWv!N59j<6~c!LLT z@Zb#|{KMhF-xsJ`WVv3)d;{_Cv9%jZ^FMdM|7Z*V(?#hh{1Y46WUbuOH292!oMz76 z2|5*dnol1|%84Ax{(+759J43B@ER#1Y0n= zn8esIE40RSxWj+|$}a4D8mb7K=964PyFMB$c8<2LW)4|VaaQZBU{bq%GJ`B}S35f$ zmp$bQ*EvFAt4LH;iGo%$p|ty0P{@#v5h~(XBQ|SrcapY%`u0rfcj^HOTrcNr@$Q{u z=WMag>-E;mbSnj%ME9I!zcXlIOC5hAqdH=9IN0` zsBEYwO_E`KCY(dUEBN*NVbr1rA4M%10Ob!x;8y8E1LXgaRG=S02YRCfylG8YSDzh?{D?$yEtSO1KP83i zpF3eP zq&tMjF||ozFfg3QpAut_S}JM_qafCJLt+fv8~g3!pkWdMPcNh5ct{)C>}^KW*kt8^ zotSCKsP9PvqEVK~fPu8XGS>K*b5hLhWJ-wUy9=~H@)AYYhI7vpFIf!C(Fik93+Z6F zb6_6;d3Gn5kqo_f}7!+Cu6UQsx8@{|7UQ!WEWSB6vdTVsH+Pq2NfR= zN>Q9MImo~CB{mGtApi2t?Juqdch(O!QJG#eEE?!GZMB%Ft1+)9bA2}Fs<;|AlPe79 zu>XHv;l-M$tCEdd{O?7h;XiubOw`q+Rjkm})vTQ|U5zK|iYxKptFMMv^PgMRva4E6 z)D?!QSm2V(|4r0Y1IZAtWK*0qykQe{<g+bVFgyXSfQuTgP_4{$xpS6(`Bt)1)mLHU~UUIXsP(F z8;X`@5O&W%l~QJxa;Asy!$E~UGgp;d4D*8r`49%FC{q0fG*mC1o|2ksh-8{Osh)Pk zyhkQRAecSo(n3=0G-ALYbaKIpiq=!e_0gP92ZdZT8Zwv-cAE2PR*2frdFz_1EA@=m zKe)UU_Kz1&PxqVy#!CfxlV<`Hfyh9kt7!VSX@lB3OGSkYZ8-t{}WFgp`J?FKoJ6ZFQt}b#N$idT#x4xg?i#(PzO# z8lf?-akX&WJ7?Yy)(T&aHm$o&1_*2Zo82OWo(bhuE7`HAc(E9fZz!)Eix_9kv~zw?TXaR6rce4=WE_lgM86hrRq8BS>rZYw%tCu-p zGw?#R_>t$#bEPB~va8cO0TU$_EK}8+OHTW?Z1vU_})sBz0Da?oeU*=3@RN#>*TU zHjlDbZihr8<-^|me1@c*I`v5?rjrS;xn4v?T2ziR3F#Y=&rZ{PkeR4TgG$S+Vi&9m z){sC}b@?d|+}fasz0!jv?tEcsy#CWt~qH!|5{t*!8EDr$XmLzO4 z01$Y<0*(iY66FVc#(dZ=CUq1zf~?95xs%{b0Gh6y0)gU3OhyOe01b9hcEb*B{HCVy%gl<3x#0BQ7;)TbwdD>xSS?cg#?)ciFYuX2tOq zK?c5f6C9R=tcaCizU$Jr8wA#i5cZ`;6 zm-Gdr&FF=*w~BkqLh7C@DIey^PnQRD^kDelp3m`v9o`8u`qa}2S=e)RQRH@<3==EE zT)l%pdJrSB?Is200AWC$zx@tjxJ-1kC`4N$GEd&1Xz7)2eEVIv!f0=#+(na zxL2p>5#x5pi6h9lkCzitMIq0Ztw#IO6<4W(ws0x=qJh_E41BA6fj!v*hxaW_cZDy^ zbPk5`Gt;Y@A$gpci)h%=9>hz(_5=%27p&20U|Xroh9u+l)Rhf(AeD1wMs-K2wtBSO z$B@%5pogb|mSb8O^dZU7ak@)=o3w3O{KdA|4ntH?u|1P+G3Ez7q4kudImREeS{Swy z-ZNbJ8&EO@1}|C=DO$}4du5Z>YH4`j0$I+IWpIJOQQKa>OT)B#JE-`L;`(@jUAQNK zrQMx7XtO~YqGZo}H{^ocCGlQ_t>{S^iF?hJHt6)|nAjW}hSk>g!P_Bame{+5$XpS6 zL3w2;vg_~U8o)6;cs6Z$$vo%`cHHta-t=zE(QynOaq?&@qOqjHU*n)L^;B>^hZ zzpoceKMBo)>MAteU><1?-S?F3Mj3XKP;%UTjlm08lnOx}ma^i>wq-$f!fQsJiYfU9 zWIJ1qQ?A5xGS{9y-7!%4lM=Q0Fh$ACj`3%Ou&Y@Wv;3TEb2jE4BG zho|QKHo`C6jDyM60J(EH2SG8%NJyBb@3Z!n z3ECN)uD3v3k;uhf4|5o|lDwhLzAj1Oo=@7UGCg7X(9GrJh*EC!(zs4a$9a^}G2Z;O zc^yBkx&LWm3G?2@Gs~JSd`AZDdYTgjl~GP@V4oCg^&Lw#gQ$7@%-* zWt{rP>nLukwwMvB$iu&#k|%#Xy@O9``viRS{3z5YXvGV0XBWna)AUGDWlcqE=0_SY zpuYlWCCJ*^8XZHRcSDM98AjpJ(c=@q*|e*{z;r*RwdDofmd=FI&yhn+EzK>>LUzOO zGYYT0A$wE?&$N;tG;Y9~Ml1&KVQA~kMeW}YOCn7BEDiEXe-Jj|MahUEPQB!39ebR} zC%{;lX2`5Grbt3BfTVg^u=o)~{s8#C%4y#gfK2sR@(W(E zDSM&{T3JDHkXcJcOY<}~tN+H^gRN5Yd+r-_UTzkV0&K1FtA|VOE5r9DXupQ};e#BZ zI#zwHRC{$Nj8lu#d57_siV0UAd%F|WevHiHU#Mb7n7;q#mM+ZsMG+#xpAJdJBCe&m z#G#doS>T4LJ`GFmKD^20JyXIyYAnIDE&U#@G@a- z`=8{>?BBN<<7n$Z{G$ma-*8ry#8EN>jT6)qTp9|-N~?HR;fZH{LaV^>m_CC+F-2;=yJ0_(<7=h`~ThXcdlO~6NuzBlKan8}N;@gWf%c<;zVlzU zO{FlHUlGVB;Jsiehb5T=wZm{v;FKttFM_pOE{UcPhj|j7Y7{7%p%>|jiczWt& zbU0Kry6<9yu^|#&T^vLr$rkAqLim6F>IL9bNbD-fvgdw?yAO3JkIEmdIK#xCL6OBGG~O)09?& zBVnxh?*jM}JNCQcd-9&D!QVQL{q51YM5nm{`hHgoeT|vGhqev~%jgUg;rog!&1wv! zLDFzg4~7qhzMB^!Ma#}@2i(;jg(le5EkCT%%b1WBHHU^1BJIY zQTSb1C%hA@+A&Ol=LTv6IGVtp`s>zjEkZi>d-%l`J0W8fYXqL^D1vMP+>=Dd)N>&o ziQ14Pi5_sYs=_XTilVUJSxL4fqvc|ounSf@OL$Oa=oy|btG?ZGb zM2^rI$KEXEWp1mV5zSF*OsrnSt-+?Lf`+ z^ulb;Z66*~k(s#kD}Qjr@Is`( zkm)MuxDj^z&vk$UbzE))!%Eoc7Liy@3j$JpazP~*tpc}8GjCcW`(fvWz1)TuhfZW~ zzK0oAGggu@RlERJ*la_Ie!C!7U||m4{*OmCc;Hg#{W99f&B`&;YxN?g%*@{Y0IRH4 z&qm~G%b5pEgcyB68@czz_uqVb@b|^I`Jy;~I{fCl#}CiN-~a2V`tCtqEYypkZ=uAT ziJGxWG28O-v;Y44{(s;5`HQbk$NzaWS+r08v&>)3#o%~2-!F2r-~0ySe=v+6-YzAV ztk53oq1#q?k=X}bi4Q#M*{q^x-A+n5l6RLu<#0>A`1aY`qxGHT%NZoR-HRD$z-IWJ zWJJ`6kR61~y;pS@#-Ott_}pX3yaCM(S@=j~A$kLTB+{@<93rg&;>XGph$Rvctj;1x zw3yp57uP(wYk#O9lK}iYrwy=KhPhgPYp3o#(ZEZOKEFNoI(aK09Pyf0`VA_5H&pr! zH|TOA__wWjpJd z`Q}Z6Pj`sz&p8$J%_=}8I5hs4rNjQ{x}r_P>d4oV)ul(oI85v-U?&thkHb){n2PVt z`!{aiFz=rhOP_{BRnFkiX>hv<2s-F{)p@=vD%X`djgWQ(3a3_t>FlTaFP%N3R0*!d zltErrG{I+5yR7;h@_|El@#m^Y1brxB-P}3|!J&knar0&^Lh#M)AC0?*foOE4!YpR_ ztX(k7GNd>ugPCmug1L7RoO!!)>|@Y~GV{i@whRSM&Y;#x0TC5fmAGW(Bihh0uejzc z+-dvG@SMlVWxo(rI}c*bU)yDBwJXz&1;+;pF!w8(bKH27{not6Y}67(D7e}fs7)V! zAKG8F7i2>d<%Ud5!OcWGuJZo44ONPuMJb)KT&r@N&*`gdT#4d5b75)zygwsJ^tarH zcA*vMJ4tC?!T#312qw)g+bc$Gc_ikI+r>cZc6P|aw(9pTpN_(Hq7tcgQ$reSB7FT&8K4L z>E8We_H^(5LA*ko=uw|3pydR_#E@(Vw5J8Rq*laeQ%-3?BvXy3OLxt|ufFps@pD%I6?h;}Pt+TWW7#899&l!(nvA9m5qtR7EvYdhm10 zq3WaH%eKY0bN`%(b~!xw`k0cam08If%b2ZG))W*b5PNbQub7)iAD;jEbLm{@#F zCX8ysTU(=Fq%Rk?D_2`ZA^RX)EC#`>{T=odQ6m5^BlL8!K1@{tH;zJh<~0IWaLnL3 zaIoOn7qxq6Ll=n&`GrYAgd~*}2h><%VG)no5gsoUo6}dP{1*nU(NVBEyhz{Rb|?~G zreJ*r9V$uJr4l&{AavmCsJvLu2SNP=Y+y8@Ub~{e#&w>x7{W%>H7m4} zV8*>A$?_U1HOg_gasdewmeVxk_4G+6PhM=xxE&xo3NsUxq8*#J4e#c85A~>?b>*u| zZ(Uc~eeT9BXv2LN?u-41NLq8QsvBU5){B@~A3=bi!~ofR(&y7`it1ntVN7 z7N}dwnq`-4oa2v7vboSKyOdm;9|hxv9h_8jn)P48ZKpnrMtG#JcBBRS+I87*cpSD3(ZHzDKOMo8I+Os$QPk{DTakT9-sJtLAXi@S)mkcInT<4wnF#ElX@15amCkP3Ju0@=tiA(XiK^D$?UQ zZPXxHX5srtRtgT)rwuET7w6CDW-aD(NP1x|n;{97BDv%RJ#72O=1gE>%31K+r9okG z8Pj0Sz&u%)?8_q&+`l7iTJvhxHY4J)4riQS(|gCGb-D9cUHRd6D1=9L0TJ*)L#HW8 zYpW25xEG;$ibBm^7_Q{?8~d0|BUI#Fv!1r{Jz9p4Vg>^*-E3lG3~PvQO{}f560WaX zf(q%~F9>m_r9j7+V-=(uxZ@R-h0}=l51~lim2cB#&&wUety^8 zU9~j9Rrk~Zni6x=AUYshG4OTZ76rK>zRwM5>vhzxXG8kQ&|B>cuj8};@3~LQ^Lf7w zd*>V4i1Ks4osB5h-OS|`Tu(=RllP{fp{Mn8x*p!*Nxe06^$hqiZ(x|~=gNDA4f#kM zXd}h=^JPI{cKz2So_EhpNsOD0v77hiGshjf&Ug+R+zgz>+h2-gn2&lN%t)W@RWOrV ze+zszT(B>Ic<>=6QY4~;)PtfPk-cFV%&)BSQ}JIwD7mgB>KP+3n+?QPh`D3eom>;e z#h7fa5>spCa$3`-Nh$p$tsaHu9SB}0vuvaQHKuuYM52*Y+hFBY$%dMHUM|UGz3$hF zauw)-DN1Cd6@x+_vb?J&sWp4IN64a{THNlB#K`1F$ttG8U zCD6Y;;3BgEH19;qG3yrw!EtNtuHBDkXEy%K+1ZZ{&Ci*p86d=z$A)c+A?c}@63ivo zu_+(3D0C;`Nf?Nbzk=5jk@SVhQs1((<#ZY(a-eW33CX5hX(llgg4!hl)8?Bkij)HQ z+3(^@#U^d#c!O7*S^E>o@E~5EJWWNvkptQ&a$h)g>GM%`drQF{L!wXe49zzuqF2fp zdHq|ponAOfVb(JMcOG+Bg;aymZ0tbsX+~u+K9C37j)Oo=OU*9CNcrwR3q zxt-<-Y?hA08T!?t^8r0NosKSC>)b)i!&>uhXdFk{)2@Oqs^JM8rSY~INet<@VQRW( zUBYb~4x+_wY@NUBk|w+0?PI3tN?VVezD2x<%|+6d&iO2uZMwfy>Uso~d$!+DPyjhv#jC@804GniChTCPdV3wFcy@&glEdJpY0FeF88RSd>*&nagKEG<%P|D7NIm1JXCPE?0At= z_0-33@|Dp1_n9cc2zT3DVStVA>w<0nGp^Y=ZI3R~!wXo{jXxrX!*6*s&pxRIZi1dS z6J?j#Svw>$e#~Rb$vG=|J0Fo}04vVaIf{vB9S#qj>o-QTt0)i@pNyIKA=%kroeU&?Z&$QU1RLPb+ z+tZpMh>lAa(vvVcC;x$o(&L68Ism77h>jqnPc2B}1jANdD<%_O@N`9GeDS?g*jrh} zr%YP)_fx8eH5R8VtH5 z{&1NmOQN)4eA8$-$o2FAz4y)?vr1gzJ88lpaVH2bApOH`2+gBsY!Ltzod5H?bEWgU zyWV*;)==0ear*~fKfv5_kWilKq6{v>A?^>HjkC2AHHi14APn)Gk~c&Dt|bi9PhxzA zXbnGnZe{e%pr3LZMqX5kpLUg;133iYo=t|ih;tmRWHUT4RveJan%qS}=&T5?% zOln&|<6fB5wx74`1qz~`&e_6E=v{is&e3e|~vqbo>7*qd9clh+pr$ z85z)CJIUS!re4mZ-}~E7$6m1yH_SDAlfZe{l>F}6t?=JaLvywUFkFw(e7QJt;)yFO z135z($l18FG%n60n{rWK^?VVkuawGS)>rN%8fSXZY%=aIqGoq`HWXG`N?{K#k|8Bn z*F{P(C|k0IX^#HIXr;Xi;bjbwyQH;t@}z*=BUOUs6AU&*fwGkznGOuGP>ezRnGk*Z z$7#VL^oB7ZtP+J0vo43kR-)4@x9}L9ZiA({p~_ObD8jHe>39(~eEnKt)*v$|8U2~$ zs2t9xMFShG-UL{}cv?T9+n4=oZ#!n|O^XrPe*GHyd-EpwXhT5n4TtggtS;jrRst%? z^L#522nKGlmxV+o(fQ9iKOszi&Fg6ug1zvH`NKlBK35J7{5d~))u0mCSuo1jzLzcO)qC*{PnXVR=z;8n9WO+!+Nzg6WHz9~$X3crc99!+8{I#Q(RjZPBnGA}SglPD zCA&y?oatE1K6E^>CV{P z=V+)F!4#lt&GjpgnV!?X9zJ?VP7iHyKQJEIa(Ipoa<$QxR?CNC*ftG1A&`P>=;4~L zD^OM>lz3-h(T2k=3y}IGM{Yvb3y?k_A%Jb|J_cfx+_&!^2PdyU#z9)~QE>8R$T-;r zH=~b$l+zp0iHp8E*j707vykUyv(Q@MZL|hgt^)Bt2(nC1<@$5m3|YDfbn=jsnW##z zpUKde$_H_z+M3~^Jx(F!b5VzU<~}G+YSK_f;jn5^6Dfqo+X_oe{JJ6epK21GuCKVSi=br!n*n89VxNR&^IG^<^Ftjs~GOAUZrMKPlI+m08 zj-9A2rF(ihxoU_+RUu-L42jaxvgWtn2P***+^R~Yl1zR`EY`t7;Nalw$EZF(NWn)& z7xKGKVjS}N^FB-xQS>xrV^2aakWzk<D(Oasl&%6+|(Y&q^PIVM^r~7tp=DhA~4^MnyU0E*R&5jrY7ZL^iCKzcr32rxPb! z=N+@{))R;eWq5o9#%`p)SIM)?bmJ=Y`?K+yE7`b~P+*f#o+Q1OC!c=)Kkwe2oxeX; z+Fp8%^M6Z0S6=Q;reDBx7oyMb;&+yRs(TBkehSH*4u$cXQ!Jiiq;~~lH71AZq#bOC zlMvo0M$br}RFOc*#}_e-Z!-o?mO5$B9qxAf9q30mKzfKgr)!Ea#KG?(-J^CtDe|Y~ zNSq>Z&v1hVh2|ODwZe3mXCJw_<({)AhUcQfOO;^JT8L~Gc~Ch;vzj}Mq;gm{U#~2k z>k&{WVKD-;4%8aKc&zz3bbz^n9ncwTfAB1%l!yHPbP!kjqsKbn|Ls!xq<-W337oq- zrPTxuPXTi-u90)@IUCbSjPp`36+Oiv3Ej{?0%vbe)O*9mtqsF6B%DApITFj68>G;tZ#Je!&V}v- z6?9{9Bq+EpLG}t9WPcDB;Xo_h^gh6(=0U>-XyIY=7$cm7Q7e=9 zlivAen2I1Ss5|b8bWwnWmnh)9@h^qNUy&8ff94MG=*KV!W8wA9DueMfTk#A@A9=*^ zgtL&EC;o&s6gDrGi`(caVLjm>6IrW1+6XHY18#F3KOI&df&#HG;9nZ%r(gPoXLyPd z0;iF#;Z|`NC>VvYi}-*t*QWr--12Su6j&yaj*y)QcY@6YW#!hJ+50gA207?71*Q_0 z(pXu>qM3p18KHHXfiQ;wHcS}!wq&bi~^#kD$$eeYTJPeJ~5xK zl`XWVAlcT*^-t8*t!2RBf@nAbVT{K(NHg)>oO=MTxi(Ld# zUc*}!Vqz3BkOxqt2a^3>AUd~f$H)29uk0se{Zz9!hMD}~-3?1b>wO=GQ?XE>qf!Ow zuA5py5F{FLwBUm>Gs;LVW@afIm8eAC-3JA|w+t=L^r8B;N3> zSw2+l*-c6Xn00^7Q{?KJL<)II3JN(>vDQr?#SEdsX#cp5s)JrR@yu z+7^+Y^gAfe;9IFbLW;zpYl$4&np5X53rA!EA!z2&V z1#f&721f7|@^870Q;i|I5ep7MLOd$-s^62Dn>u?Zpy#2ho`4}C3uxtE!~(tIsjApO zv=}4pwx<;$3eO~urN-q@;5s3X{n>i$8 zD`tdl0yaw&&BAk;MKE^!aNOgb7k_A5TSV<)wcL=9EP#Pb~Z(2{4 zI527vQC=#dBEJ}m{Vm| zIbHiG5;9*QHXZ0Ig|YTc{9Ae=Bj+segpQb3Y4-R!=tz!7#t01KuVsOB?FyrJ7o=>U zAeCL?^3l2|+MF})Yh-K=%xw?5A9GtI!h@}wq4%30wIL6)8Tw#yGuRDYv>`IEx!z9b z-OHWWuH1@kN*hr`H06Q_C+3ZC!V-3G)5FZkp9_USItYUfOXh8M&uZ6DUYlLNn$DZ| z6NF;JSa2NQUK1a*4^jA_xDgb01ea?$m68j$9Yzu3&XJtWkC7XelAICiTsL&iQH=By z#8H?K!O3;f!X?|Hh7G~7@|jhOElX}EEKZLuO<#mU%9ZHyy2s24MVDD4cv<$mQ zTrD1;YZRLc$8KEfIkGLAkAg9oXy3~W5jEEi3a)^)Vb~Uo`N20<^9ijRqN*3`Am1?QT>%%C*!T38rbT1Q?#QzG#1iMUs zDhtH0;naJcnP7_IF)}BcvLFeeAFrDR6lF6oBndNC31I}7MQ%8y?3ZB;fYym;Kkp+B zGDR0;;S{?0BELCZJgq(*tB9tG{Bf(LG*^i9gP7>L6*q>-M25<-n?w%Jqm>ivA$mn9 zHq4ZV`(Tp}sf9P^8ZbYAkgk0q9qj3}w)j#^aqx-$dCEWS2rvVd76?e?p6|o>EsxUr z#N6PS$(Xr;!U!{!UvdQg0UQVXwxL`qwZN^}sq1Yc;LCHwHuCO`PL#FB<%F7wGC{L~F=(^y{C>NN> z>4nc_yx+qMPQk@8FfWilX=Lfo zoj*lkO#ZBy;VI={06583Pmp>=c`4+o*u9`5=2Z;o>X8@*$w;O|$a!+|?uAUkxg)cC z%_rSd!PXptB^W5_KMEyxk{?3KyISTW=^>WNj_hvCU>l4gADi(hFYNJ!TFxgndzqC= zjKcL9JPVZBTVT)b$Eg;}(M4&EStJvrr5~xBdTUTS>Db_77ZatdNOcD6U;I4K0rMTQ zn0fX+nQ&pL!EBZ^5upQo2N zGJ3i~G5;qHgW?`BE8!L++WfDyMV5Hjr+kTSE2eshZi{Bh{Z!c1BNHmI$=$*RGyf|T!ZDlmDjg+*J_(n z|DHWDuX)8YByy#NvPp|HrE8}$6LGTIt>7JWcFm%Ej7n7<^%RhqZ`BoT{R*xkQgub1 zD@P%*#llWJWQo?$6L*zySLkTM%LgZB1*i?J&UTt}hP#VVnJeDNx~%cvx;X3+9QCM7 z9R?^MNiUxHs5|v~8!ujLXdN7hQntrDC#2rBm|rHKi-YTdS#(Ng`F1cL*QCiP&~?LE zK(dX+CEKl65uCu}GR+!=SgI%`G;8k#&({%y_T&`B`#1bGM`ljSHGfW{`j-8p(o*P@ zxOq5OE<4GdKZw zI-N1g6bJ)1%?1nup(+r$v-rhy{GB*9vKEau zg2kbCtS0{*oBWZ`HsvA;r#N^cH5al5-W1;a62SB=zcoZY~I#K`gYcS{z zUNIMM!PkmKW(y%YWOx>bKE>H9428uI`JMz&9=c)_-TrBA_Jtpgd&B;)-|O%8`okWc zMsaw>Y?VoegdH+L9XTqDa0dsSw1W;^J1 zqM4{SA&IhYrimFw;63kNOM+)yN0ciw#55}1uyaAlQ`{BV?A%aGlLW~m(Rq3C1;W>$ z1Hu4t=|OB(ntodESxbPaPbf0V{nP2B$uXPZ1?}nVHbP+2Lj=WBcAZbcYqcb7C{0pg z^F-cOs=awg1i3(jptwUP(P1M~RG|zde?@L171%AmlrV$wQ5Bo#4C1ECh#O^Pw z6by24H4TH&--*b~BBG$efcwm(nIB$oTLK%Ad5y6tcPTzmBJj;mp@(QE-{`{y;^h(8 z=^ys@6mu{5zxO9VB;7zss%s$Da^6y%gOgO3E&KaazYd;Mr}bXQq`Ms)DXGCC!!dtf zx-wye%5cOKDq}rCl^p5)Ns8Hi2)*y14+B@BNcQz9)0lr^9<2t`dyIGl86FuLM`1r^ zlVwyet&T`yI2vJ>2jqCD0?D5fBE!*$Jq#9f0j{PT?R@CAQeldgRtsFBNPcnO7z3OT9D?cDhf_WcIg~cKRxNf8O&NFnsT`M5myy5~3vcO$F$$Bp!f=c# z?`Gv&_A09gP0f8wOv}UzlaT2dSOkZZ&3Uw?{Q7N{KUsK_V|sLrXu$_h8Oo-seX>BT zss1%M$OL*?vki$r&u=I_J>TR}9tk3!)9A?0QRsbEclc*YSw1HseP4peR`);BfO>BJ z`;g`*qV3Mlf78-=R<5-4(bsjnkGQ6B!D{9{HJgel3O!porm}F`|GU}!cI%~jo6F8* zq#CXYz?Ipaq@XUmx*@Bk&QGwSygYzyRq=9+QA^~Q8$h4QX_`Cq8RxUtnTyJV_DT;s zg=40*HB}GkJ*G#^mB!5R^%nmV4Oqn7RlhrY)s-Qx$pjjgL|dHn!Hbh>C!w1;6<;E7hIxQG_(uWuZ!%-jf|`R@+1rGJ=;P$wk_c z;>JX}R?!zgf6S-=8s=xv6m~k4uAWP&1v#E`8@qR*#etW?E6^y_sRcHallexOu|{5 zY-P$^saj>j-H8_LDx}K`M6MBHsWTE*g5nARM9+~(CuB(6>iv6N{!CdP7Dg{OHO-Mt zH)0ZA%bezh%eKrZq_1VZJk+D-o!6>-lqQnT=8>g%XXsCsjI5;=mWD4a2+sdf{*JNfkP?VGcA z$6a|V{PO98Fk`di)=20M^^NB$k-~l2wk>#8fn-G5h}v~WBBd3xP06#*qhguH*4C}= zv{8m2v)C`dju$56FR_1QlvYtH$X`Bv&?pedkf7ALL7_8?i%DI-14NH6jG0D2=1K!@ z7{`=VV0F+euy~XiFcFHu_)3OFvg|}mVR!t~DHA)oB5As2hs-ELMS(T5hzwJ?M!f2q zPG@E1w}fl(CNS`*l*?}}Ic1)-bURg%y^}TJK7HVs(uF>eIc#6Ym{A7SAulM$KS2;F z6>CjpetQ4vy(vF>CT_@2xR?>;<|`E2jNRfyPeds};NcMqy(Gr>nrc4jU&II!mA75u z^V!!aRrhl~S&W|lK!nW7OAbr^zzCnz{N^p)eUE*_SBM9+g)#j$nQ=)3*5{iUq`aWp zOlT=HSDK;Ra^e|^kNq@)_HPpu@N*9RFc>G;6KiQ1bh~gS1YV+q?vIN+6u7AHyG)-u z>3gLmoe->>ILMskjv(gMtTjyUf;URNZX|^h9@^laoZ_A{HIK|2_s{g~^H_N3d8(!X zYsMXPW%W1NrC8P|^u9^bG;28Zlk(y)ic(`Er^b90ET-=FW+nv6W^#R*@&{u_z-L(^ zIk}VCC+eTiQA&@> z>UKu1+#ts6L7ZEmteQR{y)c@wR$@-6ET+f=J5;*XsP2!ETUlDGujq%e857E^d`!A zQh!7D%}24RFPL|u2*d&Dz`*OIof^BPjb+%j*cv&P=r*mYkgkOD?vEMt(_h#^907;@ zKYfjuo#_ZTKZRmKZIV=qa=&|rz89C@cuhm z|Cxp1aHkCHZ3<;9(-hvEUZQL1vG_u3$d0f4qmTjsz>Mm@1PLTK8DZ|}cpUx|61ipy zkTElP)n=h`Qbv! z=B6`cjC@vmC*(BcF9!TDj4q&ixvlO_On?_6F7aMqDnpJTrSy`41n*C>)$g@TFEUa^ zAM}^^+pIVGejFwVj({+tn$_PqlbwD;mZ@E7rp+L0R5fPl+OqmBr$VE>zh&1xe0~WP zmzgQqmYq=-SxtsZrDv3x8JTH{#85c2x|)X-37IU9RFY+8j$nxfxEH4IT;;uNvVbdM zxM8UtCNP;Gk1ItP9s@U~LOa3GPqsDy?@#3TmS2W7A2%lcDlvMdX~<+%yVBqWAj)Kj zKbWt`j7)eEVSZ_h!tm%NjN-w|pTGZM=f7_+qL=RFhyM3J9>2K^|NHOn{T~mz?rn0` zS1l<1gaJZ+f<(*XkN@-E!~fa+1S7mrlpG$# zp*LgJVjsbPY14%Dni<}?yOm%W69D-pOz~Le#YD;yZiKdJg?Bl^N=#?AubAU5&-czH zGDZ?b0xlLr5e5v0F*{ZXfxa&&;ENX&{eFLccbEOY-|uJt-{0HW|7x(iyT89T+&?%Ne$^lB?+p*W z0{vxuWZ5&LwCt?-E^ehwn36834(@c);6EezGb_ib85a`*-OH{5=1HId53%ah4h5)^1o|}Qr*sz$0t9V|3PaFd_?(RC$Ze5(Ky>oxh0P!fT z=g2bpbzMk^kGj02@Z9($+Nowyi~}+P&euuLnX3a7c)5RX+}-uQ-LO!C3G&5%(tyRi z7wq3uzCi)$>>eB(9K6~&9BllOa8HFhfCH9z6gV#Q{Z4=qf;4gLwy#_e&&<*HljZF``1UT$ga^zo>^3w%`2}#G>+5!%rkfX+M z#9iU=`HH`Q^A<*s6%WA-n*OH0+R99A;{{+5bIi=j%bq62j>uxDOxyF0xL#N2n~hTv z#tP4~aO#Kn(*B+{c;iir+6;{!=$H;=t{v+^;pe1a_HUI_m?+j(=TizB>2s_Gy4*>4 z9+0BXuQkrF7;2G)ky^Q03z7rYCs_Pr=v3VzRj-*V66@8Ja}fR+o`KKA8K(&5@fKBk`_{+_bJ zsTXKRR=8Z?Y%FdTxh4I?Z)-`{U!tX#~tB>*=7&yppWb;e)j`sk|2F_HesaXCB5 zO2P}>LfU19C(ZwJ;|2H|4!rO>0jINw1>keJL%x-s@jO_@^VAVyR#~QT@NqD^;ptJg zHz>#j^22NKTC>fvbXd}u3EVU{pY#c0I`c3=dXHRWFz|@|%53(UK{(;)BaOa7>cU|! zWI+|uy35+q7goEj%|4tF$*j|`qHyN;{b|r0?9#JWi}uidEM6C3a>N%WPeluXY@+20 zTfJVs^WX|kk9aK->?3j;q1V${!iql}0U^KjzNNy0^xD)_)eIZ86v(sD2;azfEu;4I zwo29r0}6OSV(1bu*x@crECY2y!2XWrWt$Tpi}i2mR-`mPRR>C{K_L}2{|rbx3tX_* zXaB_0Q#O0xbQ}v^>wUZNR^|hcLr`J&7Ertq^^~KC`{-``4e`zyJo_rTQi)ReGy9d6 z)`hJp^Nto(J@6E(z)PHfO%Wm?ynvYrEJE&9cjNsiE!|5y5hlZgZ;eQ8N6dH&=DtWL zFJ{XlYGjfw?vsdR4>AivYN<zE}MrKllyQHJfY(Ye2J!iSL%X~uUJYpSw7c^;RT1TOzQ5Di*?T?Q@8%T_c8pP43fmnde^iJfVG02xCJpyX zFi9R>b`7!5HyD%(WYy-Wc9{2KDwWk-jkk>_m}UnfqcH$HByJ}ty3r}F~ei}lQq z4@sNrk^u>C*y0D7T0OXGiy+s=Io65O?Vj z(mP+qF%tKxc43Lq3yd{_i4i2op%^#Zt@~xHO^inA*N7|=!1)gcIOmR}zmgsMoFjl5 zeYSqX4>IV7`$-6Hz2^KlG&?XbiZVQ)aOdw_+%ic)kz$$D$l6FAAG3)tJ6hmXgq(AC zSG73z_l~892*#unj*jXYOvRB&MWCui=_ay=$J6fIQUL^%qWY1tLLU+12? z;oRLRhNbG%TQ1}7R)diPfvN^)l9_`e{^88qZy`rw*|5k=`ZoVAX_tKCeQK~ji{9S0 z&06**Ep2o3J9EM9F?fiY8&uL}>04y52V1qKFyA)S?y<>6k$if>IrmBDR%&ijagzlI zot7(bt2UqaCavj9wO{C0txEKk}WG;$^7_*iz@s_gqMhuZ|MLhw{(uNSPOOW5X-Nv z2h(CpGv8`Ap=cI$x1y+h;|-aoqa|(&uSf_qdq9r%)|PKC(@yl6R$D)9rq8U=(?0tj z5K%eB-<-S$vZtCe7Ky^UFv6CJ;}O#UY?>2)bMjumCfy%l0-OMm>oC5=!MJ<*ii@!W zXA5lR4547q9UON0)w&8}A-h{!YM=SMIKyTiH;W;ZGB=<81tM@@qHW2b2DBA7MPqbB zP{4+^wkqb}n7_2#=Y;UDxox`3I5}k%9*jZ%sN4-3l29JFc>OECfZIHiG*5nN;Zm=z zp-l5YLQuHulmu!99F~;7;j+ltoQRS2Jw>PN z)jX$ctAxhzl-~1@n8>?WjJ!l_=n|ST94wEfq=VHs&I-8jD4Tz!%gHkwsPvicEN1C) zG(^5?w#wSq31??^mFRQQTyIksU+rhD3)9h8g9&}lbnDfA3(&Rx+m8O5yaKh~cTG&V z#DVud0S*pWC1NLSWAF}H`@S*jMkpYb!;S~+WAuRy6fhv^k{FQY*4t4>eOwLVpW+MU z1`8bSC|8IA7Us%=&Up2`G~c=~<~O=F?7oAlvLDNh-vq(btctKJ|FeN$vjoKqtBcUA z{`Q+^g!|Dek8e&?hRk70%~?(^okbbB%# zuvlwu>1Kr$xf~_jWM&BhBBF#P$Ud3*K98|Yx8=AbE0OSt0470ZP<&zT?zkN*rNVY25}o>EM^~-?QyTxLYqE_$y0>szKO(R^{%<(g z9qgF#f5V;rejER{lBdidBmL5u;akcBM<7L&E-&H2g6*yb8hOnsDwFOoczY|yq#;J6WdGJ$+NUgm=NSEL(N7@$gb zN%MBEGg4YQ1Ki&qHEc{j>;C@#PbP42?yAQ3E__&-Qz4=XNGsbr- zZ;R~IWJcd#Vlg%Cg}_vOV{m3o7j10Ywr$(CZQIUdV%xSgu|3hmwr%IRdB6MT-XCXI zovKq^UDb8E*WP=r)!h}R_f!|vQ%Ev`?ctn3i%}M#WVJ#yf6DF4P(_N04HV_P7MMg* z-IsQ3Je*p>mO2#8=537OI9w+geD6cFFCCX4(n`g8YHLGsY4E@{cU~9_$@%BS|IvbJ zgw9bg4fa$EGtxVhv`^u-+}tb-X4!Gt7`2?O+TO~Bi>Ybg$BLv07mR^0hHUrsp z$lS@T{-wzl&}+AiqCq0)lT6;Id7tfRUpEg=B ztA(F<=FBcQrO91Q<3Cc{>aZ@=245*&va#-_GB zj9E4`Z6e;#sEthHC|S$;ZGtsekxx%bjOsnBTnH2tmkH7L!zYOMCF4 zbG>|HA3T7r#$C~z5*thCirla4B}I%RA(v7Kr$7v*iVvbuAz`o5MUz^SAV?Vjv*$OS z!c$Xp?9GX8Y4{zkmsf;?>H4?Fs-)9Uv8@m`P@g;bcC`^cUZK z`K2v)GV8;2v^tyX9cP|d+3b-VTl%tLgZi5tz|#}mhul8|{7&@H2Nm2huPBZFPDmAHkYy?DmH5KuE29i_kJMPU-Lzwb3 z_JkSJTLJx2kYhd_-Ba+UE@p65{3e6>nEvL=^fWTr5>Pwf7tNdR*{O=>CodKtD>wHqcPs04wT>(Pe(?oh5?T5usU!14Q~fJq;F>8J;LpXkx?%s-r*W6^9$5Nh z-6>~X*yQBQ_9}h2pG0l=IGS6Zj9|M%H4DEh(BIjfc~5(Q+UT1ied6bDlA4c3^=!&q z-qb1kC&5%xS&}?`pGAL5j1ZexxwMzHvkz zgfKO52;-fkZPz>yQ+pq(8tMn+&wH8gV8FHqkg+q$#l96e(ndxu zqXi)p1iIiw`ppkbEgB5qy{IHZmx@XrXCPOz4O6EWAD=Sawp>WvaKhiCr)&E_qNC)< znXUy9o>u@(YVALE1YMKEbl3QoA~`=w&c)kpsGyh%Ja*kr14CIXz@p*m=RiS@eDbNz zVoey;s@3|)UX5(g8vmu`^x-k6;T>cGs#fZ-9@Ekau1iSUZHaZP zIj9lKP7B|=IAAO5^?Yg>en*SkU{T)D6}A8KWOdZrKrERAm;ws&Qvn_kLmJ<@Bh3k) zmZFg%CBjQ)Y}p=a&3!qCW0{Q2O44kv%@gz~%sPwPf2a|*D?pO|ohbBBw<#`O(3ZE` zvax$T$O5q@vu?BJ-Vi?0OGq6e!%+LA0v5QWHKaQ47*{Us;8s}I!0gp*qLF>-7=s$gL(^A(-!P2hR zvVYh%l4D*i^u1Y#GM}Q5!!4!j7?MaOd;oXTbi$XVb`v6>-o1<9&S#lkupH$8%#2b| z2Pb&7_rRBkwaKi$Y}u-Ju|6F7uAc-VI%2;h|9Ii|_w3%s*UuhAcn#P5_@j zHJuA=hLNp0;6}g1W7K~@asvSSYd?iYCY{QQB5oxeBc86}jJ(2pSjBXcGKB<)+=OEm z^=ILZN`>8k{1gvLs>iThw*Z_p$?Kf=@L3Xv&sbyU;%E_%Q9^k>L+U5zij3U|b;g%H z+}`;dMSqfz&=UHZkaymZ6wm6DnTQ4N&SlP0&Zb@{9j7rVZ{im)@94aeKa+?G=e>ay zl=w!-_EP7~Q+SDp!w*}@_nFAfK*)h8c5&VU(%pr~8%S@bDc7&Ecb{>~Sl@#}*JAN@ z?Ltt4&wwbPVVf+#^+n@7Fi4qXotPjTi%#YF;7yT4HBv+5jDQq&8hfM0vcy@W1~EgD z5#F8CkRWDOlGoT%&t}p*8VhP`z^!I(C{W|o$B+X;jzIO7>pM6{G1DwEonJX@R_4VaH0dVo)5Y|5e(PwiF zmTSX+S3$CcwK!R<(+WH}xrn)tA_d!n=rG2|_n|(ZcEbz?1SAOl{Nn~mhY~NH7l~vq>m)H5|7T?$tQajRhDi?| z>6d4ZidA{9_C&6WJJW6t9I;}C68R4fN#-=wGC7xH+@N!$aB11CIq2bF zDit&})+A-H3OR$pIoz4n=&s@sa?d$y6R_FmeRj9g6&kP%FkRiTy%4NDq?R`@#@uPm z{%t($syXN4$QVdAE7e#Z%tb=Tt(VS$0^mS=5lx9r8f*4=wJRIYgYGvYgdHK>;L$Gd zNWE0h=;Z?Tv8a2YOx>_-v-^Y6BscPrET^3OLiwaAa${ELeB8#ANkK3u<+Vvw!E_?57`JAc11Wl#`k%3xZYFLYx7PRH{Bm>Db zZq`)5(=P?%B`;?w5zfc>{^6`<%ff00DZYRfU)bDfGI%zzP7|?J=2`5uTl6PqAw5( zMtI$Q!Ul(XQDpr<5b8IZ%@h>iG-8O=cO4OpyNF3@0l$52Fx-Ve;6GyTeOXNWhZ0OG(*m(p^I5 zub7jdxs@+ALGz=STC)eXOjFg3OlCqfFXeGr-3F{HmB>aB4TgA)$s8a&Bs9Z`qJE(9 zKHF-zW_+zA^Q9aZ+M=o`AlAF|FMVH{rh!3L=}l-E&18VOVT27^ULXo4)F_nzETi%* zze4c_YrU;vbwStLiR334`#vy%&$OYMP92P|O!dYkrd)z0qmg)_DIb4sti&q>7r$j4 zTuBc#39|>PE-tbC2K@iqv<0 z3$saU?>gokjm`x8Cio{=xw)%RMBx}~l!FK9Kg$I;Itkq1UY#8cyhiZQ1>B_aA*KMX zjPL8!&6KC)El0S=T`0}GxyN~0lM>7YQc*+~R1kYt%}l0bNG*&^n&AvbU3JyHW15YAYbDsVyU#-YKE1HYZWx_O{ zOC?P4ahaj4#>xNv##D-#zx=q&edUNsw|ADT<1NSmz`@n6Oz5;8)Om5 zm1fSyuF_2ohQgNh22GObEmpWPF_R9%&MQ0LFh}&sRrQqX$ zRUC&&=IRZsu?G0n1*!dYW7PKqFq}w6Zaozsgq)Dk2b^XYB+%8F$@7BjzTAq)RPJAW z>S%@*8q0g%CaR3tyj&_82XVj+GDNO&iWaw2c^Gu?sCMRGJ z1>4aDUm-As&#j5ev7SW=G8&TOw@us0AI)TLFV9NM87x>Tyzh*|XpsYM;F=x-J#PyB zL)=;OfTip^m8`mXBT3T18I~LPP8_<|_Mkt~{Kn@yFTx$Vvg_m%rfq-xB!)UFpqYAh z5Bmtl87g+Fp5#N|F9X)LT6At)+AZI5Q(MbZ*A8g1mYc88+*GDuH0PHE0%ly6xjbfz~jq=4Q#`;iMw##%?jkqnH z7xvpqIG053{Y&Ys98*nI7?{*X-^_>Swb3`EN`64&GnC=$meF8sBt|nq?nF% zA_zGctiwe$-z{vOL?329se!mI+oh)24=M$h_#sQa(?;E$wrOa-S#(dS&D6>AnMF&4 zI7xQ>RiPHBx2MPN5PHh8QG0j^ME#zH2SthKRU8OcP3ZKU)as}Cm>nR>1{eoAme&Fr zlg9P|qA%~Y>*w*{aYEusAcQdVk~d_-Dp*4x-Fi8sbk|(A?F~TuVU^Y%i9{3okrxxk zit|RkhgT7A`);sbXmE_-D6SZeum5-+nadq+z*AFG*&x66ww2n;HJ_cbYy%70H7Q!7 z;2Y}WJHa-wB*uZW1r(r8IbO>;T^V;Mx4zrW{R|j>`wNeZg*^79@d|Er@q(&IQxL zV`^t%iekwob*aUM3?@2#PHzm3mcK?xXx=@QzNF}g%Qe7-S7_v`k8^crY7+qY@%3}` zk9!kz8yjcjlU z#biR~IPZG;=VPOY`gT*e-}mhDZO9uM8bAxE-EUM%Rv!zro)?@-_;ZhJbpFIsX?7M? z#`H#7jW>NA#^(g$_npvCgz(_pwtPmB-foR1bY#cPnviH0?N^0c7$l9s!AHo{0EBW$-5I)BbzNMiBbCh*#OpzG(|zqdx7&jYf!- z*4dmDHAPo=K2cS5BWZp)qN4L9?HcTNDQc)AytV@gQGflPK4>e?ElVkITtE1JOZU`M zsZr>h3Nz@Dy6RJjlKuNt> zn|n+_zL0dzkzVq~_aa((w{k}@yNgaQ#}iE*gI8I%)ixTJ)$wOEF~r^AO@a6~wlaV# z7EskG;QCr2?fV99{aumP`?v@Ye|+?XvQgr_c6l3_~mE6e?7RkM+YJ_M|I6z-VwOgpPSE91jJIdExim!M)WWrpd zh-+pSY%0XG+G05Os#t&DzwWhWJ^R)*#aSy8SFN~)8X;qay(`=1bD2KTkCAn=^&m4? z%#x^co;*`Hro89{Wm^z}^< zZNPVhx}Vln5#MVY^*V(MpKd-gP-!I#PI z0Z?~Hy$et{($Mu5`dX2k1EuBDLy0eYNl!&z*jW~%)N6P~EWp%Q3s_1Z*A9W~^!d|Z zE+BYYSg7HUK*OmY@ei$|)U`gV*nevpu3u4)UV!k+u?)1X05FuBoAc#Zz67W{)=u~q z%p!O-z6pvEcr|7WHYay?lqx$R{im2M#z-mqaS)iE7v3ZE-S7Yn|Mc*dSnd8uZjV#0 z%c*EyU2FK=Joja|0HNdzxFNVax#(+q%h!0IJNY(Lsi0q|#eqoS`s6 z`F?7HMZ4Cq-w?VY(6Az;%2Bn)6*fmyM<#Vo%Fui;0nglowR{O<`J)-w&F<<8-C0Xv z>bnPqGkVH)KF0R&*Y=Sb&xK$}F?2@fU{;mo8_nSo1foF4pMwL0eIEc#Cbj*mhxXJI zF$qVeALhHSFMR=Ub@hM$BD-h5k(VX*3EaAb|R_<>AT z$=}ymO{%!Y2s1*`-~Ivo9JT@Qs7S@uUg6ygT*ftI8RSrhiJSkhAfbilE_g=DFQloy zM;3NJKYssB{qETRM1+KdT>BL4@*Uy;%*qfrV{jVp2Fv@jJgJ_Ml0f&Ty&Hp=B7%>9 z)YAcBvYI}Q!HtcB&gf#zA)ty?t@m2coj-wrix2f#=yikQZ8Ro7Fk0CLXzo2u*Y8M+ zMf$&eEc;Ng`-!=%$6R_=8>W|a?iTB~W4QGn+0ybvSJA>*Z@cVimDO_Ro$Uvjj03!x z8w^fb-GSNHHF%e`c`E7KR;+kez)&c%^7g1dT^COV{%9d`Io*7dZ zBaNz*DQ~T$E6~Go#Ovu)XKRr7%b--6%VH*o)B4zET&(@e{uu2Vgyv-BARR*{OD3I5 zR;hyZmZYyVkX5m#^ioU?;vBjhWPzS`sprHo_C9G+xc@$8bzoVMScu!d1(_b$F#ipG zQ$|isPpu8BGB|&?2PLfxh)zb{esGDD>YXi3O2Bgdb}%4GYVA*la|W3hX7)Z$TWl#g zW|oc>n~osm7$K!oa4_4MBIjx|uuaNYykk~WsM?fYZ|<|O3>4=7J4k7{rz1Nn!D)n- ztATt=j#sUbV-Uy1-v_7fajFyihE33+aj6H}xZrZFgWb&k;{esBCQZ-SG9lQ4rJToH z5b!Eo{%b`dcP^@qddIadY0(hWtQmW5rSgFF0Z@4cKo2809~Z>^6VOyX32?Q{s0Q@8 z&K(1^CR9%W;+~(mtG6bU4f!=n@O%Sy_*$C-cFoj}(7u=K{xXVZZ-iq`V4$n6nL4g8 z#c`0y6XH;&^}=sElb?v80Sthf>xNoDSCV87fQdt&YGmf5Nbtxv9-;&=jvIMoQ^$LnvXg{< zPJlhAlaSRCEeN+^w;|`#IRF}Mf5K&9+J(alxUny?7R%z;S!Wqir1$ev&EH7h{q7}& za71eRU@^CPd7Go=nLlDn-22Wmu7)Z{mqbJk?#c&-1}LIHwEo#2qcFN^o?E#5R^&me z{=?MT^3M1%WX$kgyt5prJOj)%S8(39@% z2dArl-FuxGEs-)^E(xi<l-;duz3aY-=q+w8WPFQtkenroV#jfY7Zj$doO zkllwgqc19FGTfIqxW!(4Z|94b$FA2kCDAos4{Rb1oYXewmyf9Bd&=YTm-;yAFfE@} zlr{(^K zc-Dpm?j_~Apf4|W8q9fl!@s4m_{$+WhxcNL=8MA8J@iw^B!yoKRm0 zMXj0V4Czd55)A7=Hs0r_C1*+8|D)$ynl+||G<94_%hB&EPy5VY8WSNLF@pi+l5nQ% zE@~I-WYB<2nF9Di@^*dMeUIgSaR8=d2z;)6b{sx~Kmt^Ql<^b>IG6Fie*wlxaN~S> zunauMGUO~Ue;V@)E5*%ZP#w5bF}|5yHJssGr}D-@l2pVnODdoX%s6{MuICcWwg+5h zm6n^(UEj`g#x}2kpf{jMqXbdF&`0rRA*f7)0wAP#lwiY9K1OKo0ba48%(u=?-Yvv} zp@AYE+YVg0GazyfzNm+ayw_l(WM_$3!~(8&gFd1!6mvbBuWe&2bK4VaQy6Sm!=`g|Gw(iz)^&@2pd9Hdcb4ynxvh@SZ1f0>T3TsW?8lMTZEKpQU%~D zkYbVUe!j8ue{Kbo-)QwxAp**Wu8m(BT&*JNY?UYd((TGft*(b+2wf}pJ`-PG@Ng=? z|B}iwpK~pTo~h}2;#9{iTB6y;HJul|{pD9&T}?(-Bvkh{?@R7Tl{{^{Mmssn$v+^< zN*v|}0jw(32W~7AhXEv@V}9YxBrfxR%#T4cXEz<6*ZbCz9vX|pH;|e^UX?osjr-1W zgADwAd3s@vp|CVQMaAQmG%EOF8z5l47%j}#@)=IsK224+FJ#6Up~~cv)blO{pcp)O zyh~=$4(x8uy%?ux^)f;3r}m362?Yf7?+2^Po|I2E=M!qUy8xR`MIHB_ z-n|8dFc;EtoN5Xc`RL0C|8^LZy_#*3pmH|FQwA%o-PFcga7`ux8AKLjhL)1TB1PN< zN`MA&Y%x_^euDbwjr7n+AT&8OMw<&&YJ)q#@}=AZ!5wn)(E`~mW`^nBq@ErSCX5f| zoXGrQThG>uwH1kiuYl$c=X57_RzhVNJ%HvOG1zjHrPy=VSGp|hGmhWume#M?B_o@w zUwcCDD#cT6ObVPt8Xg0_2p(>3GL;yp8<9-eYYR89$lsC4T6p4yb`}!&Wk#OGHJW-y*(^xkrKio!~DbML%c9OI3 zz&qm6_q}77n|@wzm}^fA-SD!%)5r6oyStBJN5ci(8XFqc-!HC9?psU24s$@g;To|^ z&2yrwTV4nk{YubD7Bdz3$7VS4?ZxJAS6ATn*4M+gfkNij-R#E)59;sv-;J6xxaDZC z0St>|sFR%Gz3o6g3+P`02<1zZQ6hN?w-uv%q!|scGsc(!YZ}~Q%$ew(mMp={2iueJ z2odlHFl9hglYt5jq#T-fUav5|tf!ba>TBdgAI9CTYm__vxH*<*u11)wFG>05IGEdN z2|k_D=)cdHper@%_e1I$_s>!2g++~|sMgButR45@bzr<@sil!1)L}<-m?j#QZJckN zKJm>$q$a@Y3%F4=nr&wymcW)h>T+&VUX~cFVf1{Zqt6_h=85DGn>A@_B1N*CzA9^;_;OiOpyOvxpR>zDwA)DZ=t( zn*wIyv`sS~2^nW+t#?jT_&)6~u%jz?leKC~C#zwbV_P|N^iHk>R@P2lige_X?Z2;O zHDslpk(9`+-O(V7s*4-=X_uA5lN9tEkq|!5^%sTpa03x}sPy`uZrTeu+de zf`6hJ=<=b)IP#-DZU#KtS`~7SQ-5QEW?$+GgH6N?*(M)b+%~z(dPPMQ5s`U?>F))n z76kD@>d!k=)7rR;|4hEKNMsyx0iAimk?y+3T@{DlIyOPL?_>eh4%FV$0C3*D_)WJ! zVr8^3t6Jzo>oNrK zCQi#)CGa`lii?_);Dk5y1G-qTkS>d-172>OK30H&Y_wnWkiH(kI*fP8PjUneQs*v; zS+rkPj9@=?eqq}%FRShI^O2!C4aQSE+jel(8xWg_7xV-~3)uz<5hg|$*CJNbvS=5Q z&`01-*mcqjQ;kGz*AL(|TOM(*n0zZ@74PU3X1GwxE4|xSgR`{;?RsfUv$yi}lQd{R zR`>)0;Tu)g>(oIs=+83F-uz{Hquctj8)~9LpiMv&|3@E%)%6~Kn5OtQ^sY3|GNRu( z&o5)Gq3jg`GR|EtF%cT_Ac;?W4Y8S!K;BcM=!pFES8gR+pWT}Kpp+v-cVuU#IUh|g z{ZgTO9C7e&i<}{CJw~}o^F>(V-%m9sQ#2>G8A4XHoqxOcm?MAupWf(eArslXV$++TbYWn1=yDUX%Z)l%Ri6SE2WfWq){L+2Ib87h0yvW z|Iu1o+pid>2$=CE(k+h%B@Y6i=_qh3`%x{B0&jzr!6V42Ys*R1BUH-Wj*_C2?RPuoadboTWQP!QI1 zIgL^p<#HP#afK(Yn0KyjQ{X>MZ04>w?;HkvEu95?RJ%G_VQqwV#DrRRH{Iis#P67}wkg{02(W*|M07o`aKvk#^uK$Q=YO4x zh`ni!!_6qEc#n1ud| zLQ<@=3*}R^ul&`fChFrKzXf*BF??5+ck|&S!b88SQxv|_5n4ep? zACkdmoL)%%97b^^ab^LQ9CBo1HV`6ZBBEm=X<#uE1lKNwy2dx0STh$4 zYDy5(tz#F5!KRW4TE-&_!s7*t`3PGsT$Dn0YQh-XLz9M+7@AHt48 z!qFY!7Z<#U<^nSb3)ss18gRWU=lyOh0)oyij-fVSjCjV~W2X}%T)1Bm8%FJY@b6oi z5$eWGGq8@HnAiO#fh8>M_1vNMdVEJw*-c?J*h%-MUhri<_X7+L5QdQoIbuy#gic2% z$Z<)^Lr=NKK(B*v0rC3p4s3wQ?V^KVLV*K8Ot42KmYcKQIcirU%RvbVbKxp}H?tK; za+mzBR7&fv8Niwu^+wl5u!C_VyM}vL4=`87liH=3gGi*FM85?+LBeT!hdPi&qf`%| zGk4HJ%sK|nSEtf!Wb+TW*8Aw$U@Jk z%a<9ygrPBHDcCT9C@qNY%9((^7nyODbJ7wR;C{I{#zOHT0Zo*#787uogbxMkC}Fz- zvUMN5GC@x_MWZkao2nt>S$#1UDv4h<09^dTs7Z1)?}MunZnvWq9JJzQ$ouz4nIO7s zx3u!Ed^=lbxA6QE_*SYR*8HtD32HQ50P(P@z@PN;gH9_W7jrW760U8)=+*`o&H!J9 z!0fgv39``BX}aszj0|BsBIl)J=)j)Bk^_&qn`~CA9F}#SduM&+p@DwYlbV7#~(C9y;bBm5>s9 zW1w9~Y(q72Ex)l377QI4a_BQu$jE}Eqzmd1Is9qIKP!tEQEyB#u;vc;(g08(`sh$_ z|Dih@2m-mQBj6*78?6BeLSuj!#Nu|uv_xY6m3WwnV)X=3!i!-3li_VD2BZ)aF9G&y z>=hZx90V5DjP=+R5%Eqt}7ZG^;8PqD)Cq<3XpI z4KnDrj)ruh3wxxFJ+3N^zRFC8ON~V znPckZ#nF47WfdADYt*+(bl~IH2;ykdqy(Su%XT$bweLYH6Wq7ha7?n%+G&v@i1~_U zz{p>>2Ie4tS4-VnFpnaC_mj2W5pL(_*#mB`YuE>2=NRXp3@K#mLrJRG2iqmQHWqO9 zbV)y>Vs6dT9c;rG&vzrS_NZkSb@tYpS!h2gCx0FP3qv166-QzHfCSu(|JJw{mKM`kF0&|7ED%@k70`BAshw>sWOYo8Xdwu+AaMce?zw zPVh6p^CdWJ>K6k+smtjCwZr87i0ZLPG~k9$B4>zu655_Gc2OA)dOdqNX*DmXI^r+; zEEXLR>vVl4QG1#Jp_~KX*DZltKjpw;+cp7((Z!XquSSlFfJ9)6IZ}F#Mz6l=cS|X` zW~ET2DesCKHIoF9gc%0pIOs~o@6}&mcGp{*c1tQ{HOUM|1xuwZohcgW_u!{0%Tgiw zA4K5PgEEco%*<&V{y($}9^Wm8MkQDuqmE($|2^#hPgAB_ImM?H{tyAn%c`>Opf?~bQygxy5;@K2|5uJF&VFYo;b zPfrs5mkvr9g(;UG(bE6WOC`>G<{zMTl17A%AgNC#^-0~rRftWP5qoWW@Xa*pdI$qp zU6*Tn+}ZltIOxsMhxWTq@Ypnr*;$oSTLoxJ!Tdabfw!Z}hl%XwcEJFFfS0|kwJwfM z!=QlR`L77ux=@?qkB!rSjRlF9_W3V+w?J$w+$}@O&U|JmMXmOB3!HABy{|x1J!{;Z zoza)}yDyA>a-C({$-r68^*%R_3!>c?iRb0273n$?w_*chV*2~#-F3XmIvrlW#@0EV(;-v~Y%H6&Wm!r&Z0OF*@ z0*$85QIyxu0~F9XnaYl0y&@1|ES>nOQm5|>5_CeU(7uNN8?|T;1B7cttF)2F0WOpc zQh@R)O>ax9QLhODG?~$W1_bW%oIDH3M78IkWH3R*pf zuxK)+^AvQ~avuDoj+l}v;?Hs(Y{sz_LoA%VV(j-e1~)y&{n#D0(RLGnSlM022BBs# zCM;sK%aZ*r`zBe)1c*;RIcfQDl{N|7SU0ioSaZQu(msG*8#x*-9Y;JweB{;P7XsxM z!ZHl$Q;Gp~Km{`UbKIy0z|m)}LAC_&$=#?W$c|lga&G z5XWy-DNo?xM@y8Zb!r1Sp#hsQjk2q4u?A`TS9Yb{I`1vweE3t&O`~#bgI$-&F-#iP z9%U6&k8GA`zaVw0i$r}SIqTJRUO;#QkIF7pMpu;B{`*1V`24eLZuFDVpu+oFM|!*?nb&Qw0Dq=C;%%k+_Nfv8RGRL9lgv8mypdhqpT(FvtO_$fx6Fc(QO z5}l~B!5?fqMC*p2L{k)GlI)&MKG$Lyg3xGn#lxxV%x{6&iFk3-^(JC7`BR-(TcVG7ycUwCh_3b4{vlYMrqLj zKDN}~{|saw5k^@DdLGP}LEs+zR25ewudpgrm4F!w z4mWhi5$c1HUnTr864%TE@`;N_@IDZ7irfFi`C=huiHOh$qulFPuUy0$?`DF6SxOp3 za73rS@T-%#a()ckoBw5}DDT2~q1J}6?xE-mlvd8vxWYk$m7AONbQ|Z$fCr&AWhs+m zN&BcRJN$h@Z(~}A(dgvDPkaVu^~(WZK<&xxE9?3RIk>WOq%XW z7023Dg(vdPUevm+Ehb%a{UXKcXFzY#$MWR&9!=+EB8rvO$%ODZ}GUhi0AUVjC z^}eTU`2CDCR+52RKcLCZL!@%)Ka8qUz#|o!y%E|R6KdKmow?|n`!xVZ%@Q;F`vNhC zsQVhONu^#?ziVMOz@510lh#Z} z@#LCetjNm>%u+yEMaqR@H@L7$_9zvg0w;JH%t?6zOv%Y}8M79g^G)nxD9j}k5%ID8 zZFT7LQ4ax$iRr|){=@)*>61)L9`m?1^%2|E6}KDM>yxJl2kIHJKf?yc1Z|2J<0~R3 zBCTkr$asXu8+vWjPC4!sv1a-snmJF8o4bc6?HByJuGG6Pxqmp1MgF_Z|% zCN$hA)NTRl+nhK6VjGg^M;Z)@GD$cAMrkyBj&i_7Oe8S}T0HkMWQ!LQ93MJW4F87x ziQ4qwF?8mJVdS!rO%%B9Ovywc9X||pml=(jS%1z1s^s`1NRM^&EpVNsmh9~$=kkFE zYXseDX9~ew9Rn*ak)_T8I{ywr?=DH{$SZ+|``vg8)!z@AZJbkFr_walOZa0J8K-<0 z(N2A|)wFzpcZsob@plk#*5JF!e~GtVNGlECC693Ehl=))+_hV^+RCI}3h zA4Nl!;(jQG?`PRy$|gt-p@lr7@!~;noY9eBMi__UGNjC{M}@S58O^QEaN*tlsr=+K zZ|okWB}u+jI`>;nozQN&9W- z2P}g?5y8PO?+vhJ^Y9vR<%~wBaP*rjx*^x=lyTeKz(#;$94|P{jQX*;jFR(i<=JAT z7LIjwcUfOeF;G$z^bOW76|uxkJU%sO*QFby|JOVz<5g+=@~gCFbwwr9$ih6jffhfU z#TS@Px#AKW6J{gD1{Ph>%WID6Ifr$Ix^%_}iek4N2aVOik>`vkTd4Q?Njd zV#0+_gBe7rZa{(HF%-nD#jOAE3gYnGKH$W(3Nh5vW6wmDLRqTxDZ$GNK-hkzq6p6# zQ?sXXnk{0l8TckaM7?O|Jpe+E#>n3wnoY4+U!ZLu_rZlAL-3Erh42iVe6(=ppI0s? znjIY?f1dO2ZW6qAq#NkAJ%NIQ?Pku&Mj`)OYjXKCRs^zdYcdUiU2|IVxZHuWZ4CiN#jp$uS@Dj3M)|mkG$z0dQ;-LVyD2mQtA3p<2ExF9XEtH zHyUmHK*2Y2LrQy%OLWZ*g7y`JHmx>oapVovhZ6j=AQi$?A&ov&wLYb7r<}%z<)T|+ zN|r*a4!O}7mGjhC&7P%pBEs@7`G2`hr@QK}%4u(k>ryvpkmZ}MvmV-u9_4N{_~5qO zIvTuM8ax`y&J{J?PBz?1>uJsF#wt8AI_X`5qD^_0W~Gv5k@N=WP|&6>*M-Adauy5n ze~ZpHnTU`esRR&_IuH(~9C@TM zX$IFun%945HL*Pu58FwldE?*)Nj5I*n`G`U<0w>}^>BtYL{Fa(24Kb z1dig6x4S_~Y}^Q)kk=r2uP|&hrTVg@Ar(AI1#0S4G?Y2&^XGT!^tvqtYox}xPJ@=_ zy|^4&tI^{Ac-*M1RossK8cd8`vJNlS;IauP1)qnJ+|7iRB>N@IGE$Nnr*l@J#lwTD zC87gdiJq|dFd_q18&o0~4J+kvI$H)Fm-0+eRS7r6O^etn2kL^go7AR`Fq2DYkYa#n z0|N7EOmU~5EbaFql zm#4Tp__1aDGo#ZiRfxGubuxdyYW7bV3+ar{X%(=(>|;znyBSA>k=La(Wr`{_l{{1v z+KpfY@*TcE#{jJX`nWpXhzb_%uB-WWdfx8S4Yi4Xxz^z^Ib%#n0(>8a-+ct5wYD3aLRYEpP^E6=k4xU_eEE=3zkC+AXmJF-OS3!)ksO zq>bm1R(+oz;awc@cL2_wEpr2$ojaCR)qsBhRt9;{E*C;^MNh<)QMKrh3jX(ls3DoJ)nOCabn)PhPJl8zrSa` zX*~fzaXvZ}DtinOq0W+-M?A`>b6ur$ISYTq!!i5HzB0>-8d(<+#ot|qs4;C$NriU@?BGSm8H43O zH#ojL@3t1`@b12c-T7gw{ZlCcM^S*b3QX6TVz~y%ZY?sW8OaVA3Ft^*AEu0sGzf%7 zm;!t#fhM0=NFX)b8j)sVsZ%YxcHX|{F9?K}`7dDbuN>O7i=$-^{B8LEckB{$oZX#0!nH21|n*A8bK0-1wdiXsD*7CqfXJ?`iH45WJ@ z=QU~OBEsp-5BJ`6=mDhwo2wQNYs}c{@8u3r*=BC421~8S_GMsOgXeZ+P$h+Ppo&QZ z;`~->B)vQiVRo%{l{Rz`D4=*X+&}s=$L7Jf)$cl`!pP$~wD2^+7)vO$=LVawt1E#+771r%Gpa*YFixBLhhPu1;6kOQ4DQ+4CYAh%lJ+>=17_8K4!=Pr1Ny28a0A_^POUb|sA4p?C0^yA?>8uLI; zEqtw2R%oRp`t>9@wrEq!%X40zI5>l6MIpuxwic(Ih$=a^tpOu3NvZ$P@HB$j2qY#d z?JkT@kuLO^8qk$6P?dhclRX8qXgJO8nc=m35HC zIsCTyylIP0XH{gL`Hz(Db0G>3IU;u1BgyMM_8qIg*48U+>ztd3T%sXMI;-srx zlerK#s%@$BaV&k(&@luY+0oRVYzx#ft(ffhb}F4wo@LArf32Upuk%>6oD+clDq7km zIVX^%hX$Xo@?|^K*jlLa)p1v>zHSt)k2M`FMxR%CaBLMAeb{Uj(1wI}`pev){)H7( zdp`EuQk4(0tMQ}?{Ixo@ruJk?*p<2&D`6OO81N_P@H+$iU1y>vb#tm;XJQLsQ|6ky zz%b*mSKz6B39_ZA>yFQJervyBUgk!lU&E)JzxL4pcvI#EeJ;Kyr}lAM=7zf+h@IbsV6yUc`~E_)Qh zR+X|2yG*Zgl|%>l0#iR(%)r@BAc*ti#Z0j*_J5fIle`RCgsK>YRoY`l!!L&-CJL(S zJ+jQg63$aZPlJZQuDz7|x!kSq>Vey(nQwz?CglFw!4j}XS(S|LF5;6P&wB+&P~sQ{ zX2-Htj8y2Ye;OCl6Kim=&ZrMBCb8#VqROWpZwc!f8bT+Ci$nq z_Rf{w42uT&yP$-1gp>YGI0?Gtj^ASP7|lUZ9q59if&F&g)jCfa-9o+qiuz zrl1#M;Lr8r&WFMTDCX&$V4*-M$Wn*%Wi7FZ3+6oRd8@VZ;Phe|8Mwe^pIH8&tDa@`W_eo0Z#2)Tv}ge+5xQ zA?ac8?s*EjiQxp+!NUeEj{U}K4fc;%>KRq`Gyi{D&1HP!U0guBxb$FN{J;p;FwbzX zA-a#Dp6{NYHT=FPQ1nvZQ9WmL+$vA|*`q=+GS};W@Z|k|bX#C2-oV{s*FTT~+Gzyx zz&Wj}SUL%L@eVmY#!R6s`kd@Qs~ARH^ie(Ye+#N+I3Z{L#Ss(?{x5KZAa4*+c3JQ+ zgoj@8htHdIMSMK46fvwKTxA@#Oj%Pv(v~iWyAm8%Aj9|v@hJG5Hn+Ifa@hN@Q<)#1 z!&_@Orz;Kx4~f3%RNY8=Z@+?NetD%?Zzv)+e{X4e$@WAm$lNP9wLU3_%yS73P(TJ$ zTtIX;J*Fr}Vl9Wc)#n0wmpO)rj~iB!YfU{Sfdwk$9+(n@CbC_uzv@LaJHl)}<(H01`@s9nHn^$8vUjK2NX_NVM7lU*+<31WsBW?b=9 zOLMR3%?LFyc~-j-`AQCb#NfrtrCMW_0af3pw-|J1-h|1M=zn1i78*<5!yerHRh z+l?+l>Z84f3%?z@!{JtOz45<)e1&xUV1<#9uSS4_?hKRk4vUGPbV1pMdI>AH z>T<8Y=1wWWH80t$NhCp^D^r!HQK(8CXIs(zqiboA4|7=$+|BX!@Njt?ojl-au>Xfr z7Z|T757z?G#d-t~8^v-vY^^zr4CM~ddW)>fv~=0?3;HozS2)A<+Wqhdhk$UZi}Xyn zyQ{Tr|B7j`gT2g(ya$EXYzn3P(sBkCrzJu}6>T+MuWpju4zZK$!X(5?0a9IQhMJqy z306oq8x=)4lZGb1b~B+^Zdi$|R79`#rMHGuw{ZIs!%6AM!&#pT1rQBfqTeMMdPaTV zjS0=6AUXHJZdcW}iGe02_WQt!KKE*c6mVobj4u!NfUWHKOh$6H#v>vJB}md;OV?Md_*LbO)JG(a*g-18kvQoJP(bP#P_|dU* zWvowci+Mo@fG9@hcK}HM+=vo%dR35G01D?7e>7AVh!xJ24eLK^ADPuY{~9j)1`!hj zTdDh>p$4Lqo}0fsMSi~Lb0d!FjqgpIg*4q^ndeQ`YL*0o*cy|_cq29 z+7FoTG9kTMCf*X|=8Pg=>yv+|N4l`;oAEN5<+^q`Bsjevbmoo)>ky#dH357ZVApuB(_XPW=DjzYb650Q%8TNt~zMV`>FJlLrxmr4fW8E~;$%R`VV z%stQlp}G9vLZ7QA17HcHhBT{E2|+0i@)x9*Gz_c~0)jye3AwPtP$qTO&(km@s}GOB zg`;Uqzs1}BrwGs_ba)*>lyaB=zw}H~fB>|hg{_ZU$i*MBJuoa`CM$S8eOavrY7TfH zs-SvTz2H#`-B6VLaKE-;UKsjpy+8mgVGNQLd`WRt!$9_R0j!{8bHFHgGud}Hw^2+r z0!fPJS;#!cKHbYd@M%^4aei>pTpH0L(L{(h%z6gaAwj0ars1w5moDMzd0(P|`!hMJ zkgs@Ew#$|la+usrWKy!16`$#AK7l38JqL^3TQy}o);EjUv>Z*U@8*G@rtHKghwFHA z9jR^jt1c|Jx1e$bv8y{~g>Vkr9tgEE z05*FTLA10lAfHtF?);tiL4Iz=aO}7g;paGSjn9E?)YIB-P_$xgb7^G1Qi$le#3|uT zz)&R3%2xsVv+*w=qF~{ln7=QwmUiE5`%dIlp1ZMdy2l3(p(^hqB{#U_oEA zL;N)sCYQ>Y$F}5W*oDaT1vSqH??%W3h4;;d$M3#ar5{AA&_;?g|D%1XFTD?zdHM{h zPZalI9UdkeqnwhQtu07QXIqn7*_DziPd?38ST!e)ODY5(@sNew3uA|L%{6 z8zpNrBIxi75%C4>?d0zm*}`y$#>}9+MxT=0-GqTe$kVq%pS{SKgF)0Q{QaI+j6)j23re zcyRH;)h7?33;(Q>2lnUEAD!gJO#X-z7tp92d);}f)snDk<;5fiQxWADQ<=F_fl5rA zkgtLTTDhFO!Wm;zdk!7CKCY$CZ1Nf7`u{ zdVIV++EHuXKWHoUMIN%{<4LYCELIfmk_vZ6AQn8oB2TG3unw$H99W-Cih<3{_elVMcXU{?B3qdLkG^v1*OwRC1lgF0DI36jK zYA+FD@nyKkj;3z#^%AJ`=^mB&<=(z``0&HAB$=tV_3-+aJi!fAa}ZP> zy3rou7F@L^_(>x=AwHc?K3u8PY@WMz%pe>tf)z1W^!u z`K}ia^g3$y!&P%1cwna?T|`6V+f207NqhzPIK_=n_rpKWVr^t_e`HFv3wVl zIYlsN51U8muMURgX|Ba96mNO)IbcZ8LfC$~GVvTj;Dioy6k4&Ixn&?4eR+=*k6PbU zS&sFZBmDf4w+cE=1i;@+7>;RytDpgfhSV}wo)P?lyXw+YA2(8 z&bT%!>h$sJ9SnAty`M4#OnhUWc3M6dBd=cdGK%+1O-n2B0mJzf977khss@N?S(PHP zQ7q3I>cu}Bmw+f95ZF5$KgKe@0qIuttP@U*=nVsdhR6oGqk1Ix4|6MbYmeB*dl-)9 z$W0tocsKr;#^7No-ZEvagdN4xfl*|Fphc=&*3pi|4ox>GQ~beRfmQBC zqv9EMD->Af8;Hc%`mG_y8DK{uLxMpW!F**++m@>wuS!bn6;led!aMjaR*_Lh z#F$;WUV`KmOe?J3}i;F6QGEU;v^dAf-u| zRxgIWcr^wfdDHC>mDdj*jdkB^WoQ4+ap_S^))Ow#5oi)_GN9bn^JV#>Edx}(#QJ%- z#isdObu8jM)ekLq3I^xygk}1xFIT+l4Z`sh)={Hh1aaI`i5X#k$5@(AZqDt$$palVA?nqQPj6EZfhx=H0;n_1S`8NZHX>Ks19$$TAv) zQp;3ocO<=-oiQE2O&6t|pN78ZPG`ylaP0QP@D{ZLwI*MEDA95zi9ai9h^1uRfzG0> z5$!4;rcgD-d<3|z%2k;a^pvU6(O@cW4PYYGkN6v^AElXZ9P17Df1EL{INlgUsltiN zL(}oV5GfW!z_XN_L{2R7+v9j(A{Nwtc`x!NiY9gFK#6io&sixhMiFC*3iT*DH!%29 zt6zOH+)p_L!m*oVsyU`?9b=1tm^VImy%+`2nz;Vys{7hpUsi6ZF*P>*fr;g-1rLN5lzmNzH@wp4!97gC-X{>jDS|J)BRLn)8#f%WW+S)iI@Aarw?DvdV z?vFpZbls|8TKf4kCLsw^TZfJ*gl5;rftZ~RzFrA>sdx)kTOcVNzQ&Hh3zl0TD1wr6 z7A=U(c^gMS^UwL^1By(HJ}w9-P5!3gf2e=qAS^NgN&i{yTXXrWzOft~75SBgEan7y zG5V&-3_XH0N>_4Wg+1K@v4lkO=}x-L)T9VBSV%Q~B|Ni*jj0Z5@gZQx$}pyg24We~ z&ZSs0E;IUd1hiqowCbj3Zk9SvNuoZLE zhA^mMfIP@C=Gr(sZv~v^O*dx|&(6X_20=muv}AiBYIh0tKiW`Sw9vc@6cFe-bmpxL09A_(z(*Qsx1u_6Y1EAL{#sHvGa(65M z6d0&1`_Yjy?`);&o8E|pY0FwWtXS)6aSNrvmGR@F!c>E`tl&lka4lo2>1P_TbrjIZ z{_O%6HL}Sva|?z2UG;@gAD&%u49qa$K|k7~`xP`O&yD{fX-kdeyVC}33RCAUqh+b* z5iRtpvSN9e`lxV`&&F>T{R$r|6=?bJHO(@o%vkQ{DrEuO$))RqW10pNWbfy!Jm}{f z8QhFc;hC2YfT!Erq1o4Am#ZS!^{Y2yi+)<1pJwmQUkE#9ljn%px@&eKI*%>upv%?F7n8UV@8VQ~G-b z78U?zTL}FMj#vsDbU#KoKgPFvAogE&lRw>{_cBajEO_@Za3$bgL+{99Q1oWSD+0Kt z!@A-+soevVE}R&7IAXr?xKRxtiD!x+~&bmrsxuiHaus z=z5wXOiext>uppb-X>Ux=jgji1#v7LCS4)4iv3^)2e+59mzgOSk}sy0$juS%nQLKX zAoAwqw}lW=bsJ;O(IBd$N%&oGyAWs!af7^5rvA#gQ>MN21*ia+j~GUo`XRhgCy(z* zS&FC-uMJ{8*sSAu6&78ArW6@vXLf&9gf?VHzGD#DMRyFXL=zdpR#MGtMzZ9Wk1+Ne zXM#)AN{M&Zl0EzjnPJI&XjvqGsbUu4&kUyLt#+XjkMHb_bg41Ia~A*@CO49&r4^$q zRqhiv&(CXaK)&M`DoZQ$8GIj4QBR=>?#H2>L&zT|y6hcGU!Zaa>-f^=UD!O-EZw}1 z*n`W~P#U^?0t$@|UAPEgS?5Fpc)FA?EOsLBib-o+NueMY==PHQ&85(PEp{-sZcskJ zI*{`K2ZIbs-?#`aLVPwyf!?Qb{sp1I%^95(NJ^qQzeJ9VJ@q3&c)W2J#+Qt=r<0v` zDbD+{ce!$~9*zB~^>t^C6yxokf+%`swTz@?0Ry;J~Cf zxCJhZjw3da1;|kln|oo-lk635DC9ofU4Xt%$smFO$OnzhT;C;YpFME@cF%ycF(X-s z@Aq=-QwY*X3q#3OKEX(>d2i7~fmgOes+#_v{R77{=VN$Yg1q_P($u%0cgB+e=7Uya z)!dE%?fuvV&y#V<%C#7ER>af{fCVvB6N5O&YDq`1G8nYOuy?Y9aoy;1R(sZ+$#bDs- zqqP8AARsj~2M3PL4opI>$(lK)`&B%xJcX>-Afdro8_;NTBd#{yAf(H7JU@r6017Oe z+CQi+3og{h6jhstqPm-_rrMfB(zlJVU_78y=gU zxZ0|Ps5uJ$24brSCRI3@7cb1X*GJd2m5CRm|VzCknps^oVn2KhmG zyFH~Q`yUROhcGZvER+H29p&B`hr|Ci-xRQn&ZGEbA~6?rotCC| z)nlGs8!0`>RfofE50?@xFH1$(4<%$)PQ#y{{psnM4BEz0XQ4s3G9`|ZisiK;mXcqg z^4N0dN4KSN9wWspoE_+KyF+E+_C29;_O>g0ymhp9A~uXDSFNs;I&yGV*P3HMS?}ja zZq1+c7wJg-8qvp!R}5#-T;WGj0kZwVS*sx%XHA};58e|U1Q#Lk>pvmk#ohl53Hx(O zM!NPB$hv%f{PrGREvGBfsqDR&*y zK`XKonR>&4u%8PqEc+D4i`|dK+ZKTscb2uC4Ia@DmSvUoJGFQAp+sIL&Aaan>U5dOtc}r2<-h2rA-^ov;awoV@h3tshWE>zxUAZ{Ui_ zY2%znXr!cMM!p7lsCe|vIQsS*tg8`Xzvw9cB}~KGrLIhu;Nz zftOe8r>jY}q?^ zn)i&XM@h+NZ(H!@jo(nt~@na|@K{ye8XB1(GMOAH19r}}}y)=oI1%#cruOB1F;M46;vJBoW1VwwgJy zj1p(X&_d>0&(OW+Hy^_a3?7h3&3gvV9CmoUXx+2fR5rz>&<(7o)-^FUI2X z@UX}`i)%%hmS)fyW)$mb7-`-#DBHu(NtA4LOdA!Zfn(Q11y`+VA(J&F=GloODXZ#v z!12Kk;PFAN(DXd%#LwnJ##`*f@PiEgw9*PjgrI5ta(Q7ct} z)w9=H1e2t?weW$<)iaJ9RoOb6{$hhJvxX_rM@Le zM16(##8DCZ1V4N5<4^D+-|&4nm6V&-IYtuDJRrVBW$p^;NkB(WuR`XVWfY8WpZLRm$} zJk5#R`J2v@4-;7Z`7}bNA-dNE;l$Z84@gIYKiez&UM)nV%euCM){-dV%v~=qE0ROQ z(v2~fVHHK*s3w*qY;n%USkpUVylky35k-yTYSYL@aXrQ}GFkixW%@315dp*bEpHkM8DCpt@- zmd&E%77{68Kda2z-(R3P6AgZ}99(9&?~3cF`ZdWyn}2_v`$sGjWH{^j2qs(FAtx;D zXiC2k2Xk?@M3Y90ih^533*hNdM(4d#J-^F%EX?L6`l96UPwgy5-!%<71?Br7R^t1;`{5>Sf{|_65DDi z#gB-T*rk@dnZUbm9X>dX;*qcR$eKWj&bRhwk3f0 z4Z-;Jk0bmkTg~)M6%z_Na=)TBtCUgwig9ht>;{)pt)_{CQe{(%DI7y=WTk$fR2H55 z%3sWP=zB;3I$~0jGuH|ax?bwg?L}Szg4>7~+xu92zydiZ&ZWz|wyr(qL=TW)gM!&y zstc8Wc5yI6ki3?sc}uA^FQ`?mu3sJw44&GFm8}RUtey`(_S}0sJzU~8A(I_1673^X zYt5ubO$myc#lLvjZtkGW5PQm0SzV0%X_*c=Frrx>A)81O+E#Q%2mM9TeR)xk(kD{l zWnKP~s9UVJT`Ott>z@6sa5zzJy|d7;Rbo3&*)FPadQ;|jKe`^K6QmldT6TOjLG`T~ zB`HYY6HQ|hO`@x$q>@%fMK7BwDDS(Qq&<_SjlbUpMiI$#y#HE!&0hd=rS_1b`Ya3% zeaIJ2e3gOnJr&gIzDb~ck)IHhM`LW5WK%zcpn+hfx%Z)c_E7QUO7Y}K@nlPRZ!GOh zo9IeC1}mC$Z2RDSM^yjY)zG~d+BWa%-o0<(YrLv`KXU2LhP8Bg2YGGOq+7p8#POX5 zHBr365pujj=lG*vY=*C9+X<6Vw_iTgQ z3&XL@nGXYEiELlp{N}hU;jQ{@a(@fqZiP&BN&0356_w2JNGx%qixxEjl(C4bXgKRW z{zhs4OUKEAlZBX|tek6e0c&HXJsrESHCg-ccUh;0_9;u-4jo3W5QDQAXjb*0vf?43 zx`RS~vebc6xdLswKr%Z&B@Ui4Y|LSFbi@?D&-Tj)+2|%JnvvV^VK*`N@58rZJ2xqp z*5H8@#hKII^D6>g5WjqjGkBj>ylZiS(kvoIyAMn*J^#!BK9HcK;I`TY&-XB~TME>GZ-R*z1= z6ZD$n*CA`;@zyHl;xUta4npb7qiPOT)d{cS$mfFNn8ws-zQ0UatAe3t;T~-?jah5% z?%$e}+}(hX4Bs{zn3hzg>c!uCA90vhj9q~09SK!&~Qb?lVYh#{iFVL{nLYJ9fLe}_#%+sHPhMJ}KM9!5O z6$S3i<8GqIW(H)<{I*W1%cDlzom+u7a4_WqV68-Ay{Lk~;?37VVZ8ukT~sV>YYP(8 zPDtJH_K%&)%;@UP`;(de3D~d!LJg&+Qj_CnY+3|3amAgyt=*l%lMM`cb%J>Pmv}j#X%F?q~-Ua3xSV=NtP!*VW zi?lt+!`=RNiL}5R*M+@yUSR9y#YK6)0*~rG^|q?*N83k6Tr=q*ccJ|(sV~_( z+(|N8@-HSHp*_aBUx7wd-N`hpXBWX)atKeGrF^|}^>~*w zH`tOVl%2mWAI~7Cb2IkpBx->np?nXzGmF6A20Y*@^`vXbt;R!6j|}3AUooTh z*j!aZ_vavh&Awb1F>T0s(WbUXHCb*z#Ev<}7_8m+*eSNmubTyv#pVO*zUmD5M_T}z z+(GyI4D~2AVa6b2n{kG~OHgo37;2dAr)v0}kp!)Ve3|81o`}wxv1HDlPy>S~s!0Zq z9&lO0CkSgqPzxj!SEwTj9}vWCpVIo~!bM#63j?3LnnHL|wtU!v_tO;&w8h zx@n(3@VFE&g*K97j#Bdrb(nvabJM4DoiV5s$YAuN&MIZ9VVW84g!|#o-@moy6q!dD z^RL*&BJR0h&kK2M=!u+MFU9^BZqt6a^?$H1q>O14SW+Q4CaRa%*#hj9(XuRDB2~Vg zoKHkZ&tQAU&zh?mKCj|7oI8`|4BWv5H{Wf+!KNSi#0^Mx6EAefQBZC2ep{kvRQtYc zzH4l5!ld`eIBD0C%-Vlwe{-x&n-pElQp z+n)31&ok4qF*DOMF*!~#GtuwIa`LW7!0^AY8^|`rT9iLpL%8Egox6EovRjG!Ls27= zMIP8rp}%Rq?EBmBv|Ko$x0^>2<@)u};Y~bf$!KjevKP|Km1t&S&K}i{IkDsaUW7&m zmaW^@N{JEgU{o|Qs&tGi`SIKR?Mn*PiXn0g*klk`w0>n}9n+nSp}k8LLEqDPBg&Zt z_){t~8&>Z}Bw8CRnr-dbvWP>J(Y~Alc4|79BY)9y${~BA=(C&#ziys}H0d_G8x`An zJQmrn+7#4P&eV7G*td+cm_BT|x)62|SSwC43-}N99})52)c@y7|p0pLcpfs2%oc zdB6c3HiCl+R$JYXbE4mu?uBMX4Hi~FfxM?VQSC5m5Ndr2E zVqU{5BwA`5$1-en5?4YdIFq|%fMq(Kw5HiK9CoQVEt8x-7U>hvRC9D&)=eZbD^gZi z?*e5o>}P~|`w%hfCvQ1u@>GH$G1~RHMHOpPlBm;maFP^g(`=4OiCK@RqsU}Eh?1`Y zyFhukzjCOExg=@gC!<1d6;vBN%g>@5vr54oWH~|Ylya##p0sk2{`RKyg~spOsE5}F zE`UlN3Y-BspZ1**8m|hR1Cd0getBEn%)T@#4m<-D?QOXDH$PyzekqKJu42>#QS;m? z*ToqLQ1X5&AnUS|MeE>W=kh_^D@m8}-qIkZe+&SMFOoh`P>`FP)sxut(R zCe*p{QSj%*=09Gi$yAW1Yn zE`};B<2b*pIZ>6h#sv44UX6=qS_19Ah*CDyPQq)ajXlNgpXMu1Vy`0mFBz(cu#ZUx ze=+BPHoi*cDeY`>_ARaanXPvN)6U%^{M6~@kQht%-NOD}K^?4en}%dWp&0hk07^m% z-j`(QL`{kh( z4p<+r2vkowYmK1}n&+6hdIH+m4jXE;9lzR3_qgCl_)j^Sc8$L@5VI1S6*-Sd~dM{T&K4 ztVs@lE+?5j;Km0r3>X9kUULB$#3lvpiD~rQB-yFCk)g`&E#65fGZY)#p@l@EvQg z-gPX7?HzxJ(W(c)16DDZ(W-RpSk0gQH~#70h7t!Q77L$^-$qfA-v+c@BWr4Cw1QVQ z)!rB2=n`=fSXJ836W|%(N*TFq-4AGE-Llp7mmS=WP9Eex*Ae5hf<3VwhCymmcsqcf zddZM-art@tJjMx~v1Y4;x`JEcjkom%$y&W6WPQHlkU|nFP!of$J2fTBXWL>vW2vu< z!#Ns;zQF>j)HrAhJmkKS6BC#Yvk+rs;61z`Ap|3XV)&QJalsS4V97D$9r7Z;a*a@O z041wgBx!YmIOTpjZ0`f9CIktvFOo60_u?|Z!>$v3Q z;iA>^Yok&0_~$?a*~e|J{0cWmY!HKdE;ezA_ubI@n_dP_=WsUoEzDQ+l()!9tYcE7 z%Z&pqZLl7=6>os3+w#1eqLH6(4l9B8BflP+fypA!=j?*_al=4eOYHnwH(YKG6);0N zXo6o`Hzu`^b-2C1pR2XhexMCoC3$gja#`a$#d(&vp1i=@UkErbfmsp>(e;Ox!kREr z8&OM7S`)zdTYtQ8C}Q6v*jc#2E3KjvSSgN`k&wg;0yS8a=p{FJ2stRSma3#RtBOxw zbl^!yzs)MAcc(9#ft<1Oj3r$BbC2**$5Hs?(Q_)XJdjJO!yOMo%5?@A?fQzok8Bkc zK10z#Q|&s->`HgxPWwcyK^L)W0~Su01%-Qb7UyLR*ZNVRAJbX1>XbxL59O!T^8R)f zD350gt$sPYaU(38&2CJAf)SJdn24!uR`y{)8cQilR~uf}-@@NkKUgB%?G!uORW|O0 z@PZEq-*-wB_>5#yi;uaCGwTDZOdAgm{SsJXfd!Nr4a-pFltP!{9G zFNBu!8xIqlGU6b7iOj;!n_zK9natp@M zV9NOr>K_Y-t{$;Pmdjbf{IFJyMjQc~jGL$Ht(#-<3{h+5EFZ?~ zyaPSE9YbFC+p!bk@2k|6_B{WQaarh`yher`EXvo( zI1lUrt>#gVJqsIPrs7ysAOfFqA^$ubOtJWqOGXL~_+m<+ui4@dP!#wGsD3Q0d- zGQ^TfE)f@o2QVwdl9sEP3QfA;mlqxUoHt7Sylu@b$C5&}<_??ZyU_6(g|-$0wiOvv z`!Dh}2zI3Dlmng*3PNJ+Oc~^9%Sjb6?8mZ|=1YGv{k}ZW0LfHW_{FGkIx=fwdOyHb zXb8Pk2B0x&)6}rr{O1pBu$?9fOVGLv#fHk^6S#c~7q)9fpwckEyoI;`n=ieKtFCusOgv zbGwsMQjuevBM|ojr-iy%P3-l4e!HLhh3zoWgU)OP?B;nw126n8nAx$NvFd+sIL)Hm z6PiH+DM@yd0WA)$EP7b+;tTyVH$pH`N}Gky0-agSh5Vg3gX<`g{GD0(ykRZtfo@#( zzb&TgmPkH+(mQ}r1JnIS+u^q>+x6v^R~;UFbE1CAeMFspdvc-+Z{if%0Db%O*LZ}! zm$65YY4FveTYyI{u_o7AAlw_uLvXA3;#OE6=pQovl14={2S`|AT~Tl)XfQZOztQ+~ zuWIg#T!X@-*VHNmoNOK+9ShA{TpKAV(ox|XxzI_g#NJ!L=asqT_gced87xsw5c0w- zclJuZf(2BtnEIpmTj$G6d8m{>6*GXIg+(2+xY&Rh{C9RMU^akyf|PS9b%;!c;-`A z29g*LK*VW71;2gSAf_MkgeRCdLj_JOA^woINCcE^hI4d<#^LUTOA3QK9zBQNogj+e z7+?Y!F-+gViwU%83&7Y=Lq+VzA&kD8^z3=!fa!|Y6;Rv+^#mgSle?hbMLih4Cny8| zljIqxpo{xH0P)W-fF+W~q4^R0hyf%hNC3v%>oI{P*f)}pL5S5WJyT+hXgA6I#@qz~ z66(QvjX)Xv#(o+Hj0Lw$aegmtBJ8-S>5NV1dnC!imEy|tbee+Gd5&j5xU0ipoVf963Cr1zhB(A&tM ze)259Tk+iCsR-nRWJrRLGDyki3Ylf%ym;53*L zpb%JGPTU2c@Oqs_&u{6cd7a0t6Por=C5)eUHatMb1z@j^0JL9Me0#W`_7*$9Xq(_0 zz#R|(F~F!G3IIMJKPfR60RHopg)V>WX~Q|VqQe>#zM?ERzTy)=SS9{1cy)fg!FO zc2TfUt-i?6=zV|Jy4n_gec$aRAavD^!u+xS)E^;a%PR22=8WcOtXcPY&!D^dBeb^d zr7u+RIhBI{wk`9}Gqd-dyb$pfQ}8T?IULw3k#-8;9f%sbpF9Us$Uzl764=(K0Q6WV5@)2ihyHbwSIExeY;o|feYzc7{GZK_XryFDuz@RR1}IQQ zaPgGjkeOb?O5qftN;=iS>;s{TqSi0EQfkChWy-LKnBhdv%(OK#a?k@JY)vSCjTJ)g81#)cnfsBBI34b7_l-@0+t2h{X$$ zvqcAopxiTSGj&poTGAVQ4vVNbX-r3vi1~19>Wo zJSt2((a^jTA@#C(^kv{N@PCoUuRpc;U)4H%-$Xr;p87vxHOtu@x6W1r^th{Gt$vAF zhZECusPVCu(eVBC)Zeb1wUSt@Fs)7`@laBtC!h>_&?AswT(DgyKtx&}+3Q&_n9_8^8(74mn`eS?BFMXXQ>Jx=r|bYm8@z6}=eoV)?= zXvO&#RH4C^4#721nROA&SOAG{9BF17bjfIq%QpJSi174{3B!SB&cYS*buLIDp&_%o zDAGnKsi>Pk&sRlRD*VWD^6{RedE*LODjk^BMFPk&!LNh9J2Wa4Uad~f6IQ275QrXO znE0Ujd{NYwM!PKD+JZh7-XY|HsO{tg~F0+DR`5}_dkzOs$tAX~F-kQmLz2}pD zPbdOmjQr#;S^Cty%h^+x3H@?^_0ozt)aFWXmD$?g@BV0dn2vQkT~DyNt&qYvl#?4Y z6_b*%FKQkI4`uBcM?Hgs;7Ol&W%>R1l~yKK8mQwLjpq=sRg~>G*AZ+y4=w@(9T;_U z-w?Od&~9?w8X7b6_W5;laR8kYCEJ1a;{KDoRD3@4E9LYjYny5nExWhC1Kni`LZ4>D zk>VNMc_d3XgG7KV?RnbD)aG%m%O~yI@Ew+`x$uuo%R0~b^H9#FjqBG;!a~Bm&$UF& zHXj!k4=)!VpU?cy2hS;=z@`i|Kf2vywiDi_%KxJ6Er8-|w=Qkm-Q6v?ySqbhcXyXy zjk~*qV8MdBySr=90Kwe}FwJ?-Ip6!q%vAkne|?1_Kt!l* z#1zXo!sjU7R}`GRfK!Bg3@i?(7Yon3>1;#AGsf=Nz>uiu8)|@P?biRW!L*x8%>-w- zh_=f7??E-|4lIG#5tH`=h>U`9Y#ME)&o3PJR|#t=s%Q;`5^SV40ZMGoZY&0+pC%Q9 zl9~>Ib84dDM7ml%s)TKS+h2-)`D=ektHJ4?vucn3)2!OY{<{1xp&mhnG5vz<&0Y@o zO1axLSE+xkD~Xb(LtAFwygvHZuMyoUzx}xJW~WE2aGhUP+yxlrS^ooG^5%W|JG0CS-BtnahQ;$Q zma1Sx+eVBrs7oS{QBMq>Ds~$Y1en|+xZ#XGlREo$*pZ;Y^(CY|b$ zb%=2X?ZhC*&J{~HvHl%K{C&-p=f+NEic;I5tfSX13>O}y&uH_kVCi*b&%Kk8qM8n^ zirQQMylsYiJpFP;6C;ADP7_tQj!)X7geus~b3X)8W+tG3Ok2*sl|$d`;tLk8S@v_! zLxsqJhbxaO8SASP3Y3>T6ex=Tm%C&)f~Y0Qd0%&RThLqb75mHZ$Fc@5jg8Qp%z-Xp z(by0mQK%2bhO)^dzYBuEbxszcn^$vdy7>j+dt>*bS%yE(otey5o;mumW1koec2XgQ zK_GOz^QPZ@$B$cd?dtleb;H@}oHce7UMgM;7$NgiKRG61Wly_gX__8VsW*Vw6afeK zo?7xnhge*Pvv9m?=u#LFsXA}oun8uB2vmTI0zjl0Ok{to+!F^Nq^mWZpaBq=F96?> zNrq)jgyT|ypL3K;0th~b5vYG5Cy^440}y;q0T95uaR|q;^&FrKn|cQ8#_Owk^25Ny zqhnTFOr7j2Z;4`o9dA2l+2$b)XIz1R;VI+}<;`-LY;H57lYA1Miyo$OWTyj1s4;QJ-6*cc)FXEec>jx!by-FVz4N7G)D~oY+g(p` z-&rcIj$)~e)wTmuKuk8-*L4y6M(Y1tiitWy`&*1954mMqcoP>oY+cZk|HwIVGQ-I3 zMxD26W%qcsa{+OKC&%_uMss(8VPU7~^u#XND4y29KC;%p@6ui}0|g|kt23Q}A5{UL zD{qWY9IHe+#)$l(?wxAFvCBcGn{-zCPs|W?D{Zq|&TShd-;oz-*<`U)S;Z27it*3N zmz!dD_fY@GojGSla0Z;Ce@RBnTI1%vQ5*L#C&I_HR5Z>@@iF$hPi!0NbSU5|_4XQD zvcRPMWct_>4#wLHS6&XXg*a-ROui?sjJi>sJEbA8>c?YrkSG5o^?&e!+dT?;0v z3c=#QdK&AoXNN-sxr@y#I#S7w4fw!axL$LE{SRq|Lp z1bg)#kLs#lPm>rt&iN{Mk@$vtl&pH=8}Xw5Q$XnC+gH7uq}iv-$0Dbzk_+wkmfi{u zK5DN-KDNhihb0T96nEIDOqNLGY@VoB!57+0xkyk{wP%$3OUu6ozC@l{cycE!0A(Th zf0l(rW_!?{b1T2)3CL|QR^<`gX9W~WEL&S_5szbE2*Rd}Sp$KMQhJbvk2{o{Je{QJ zIx;%|^0WgO2Jk&jZj+aB@uU|}Ep+>Ejz)RESlx;wH_{$txtriLLijXVqX`AJ;eHwwu%iVp>PsMM zJjCj5+>8t2Z0@JBFI*a!dj=qRc-FLImjn3u8*AE^M~|Vry{=Q)sgacir@EA#l*Ih+ zDH0k3%e+hynvIeV9y-C*Ia1rl+kM+$A~Xm}EmOM-lrii!hyyqoIg zg>`aefj8nvj~Cjg*nkO#Uu1a6ie=xEfO`YNQ(Cf4cq0#jB3#*%y~ETzWY zIHvx=zMiR}9&DJurWp9g+^l;}6MkNy%7a?pdN6jAR|NDN!-v`=v$%9tOa-;Eaxu?Q zvNpus+w@A4HQ;EKbyXC(|5S(9fODut&QUW|oZ|%xT7W-AQXxxM6_eeAqO`QKV+56+ z$}0%lLs*xc0?|&ygkOoHvTRXC6?TCF-ar++hX8C{&dJZgOJbwRRo`SKVv0H>WP$A@ zJ;d~=)Ux1s?kEwI^x0)w?~z9YLN4!#{|vdt!W5#W_$FYlC69_t^P9Pwf&;fx5-%dR z*;yR>u^^~7T)9V(MihhVx$ML|qOy_NObj3tL;xQTK0sE+L_SeA@`y6!Q|^c|cs;M3 zN*Kw6hD6sLv+jVvo=@6lEE0;t4=<9R8r9PMlvsWCa_tSdPP${v)I7gc(=UN9Bgk4Y zHoHCXf!xSdk!;7e?*fDf1qR3}o`LTKfkHO1h4$lGG1Om#F13KnieF=Wd!yWZBHo#j zSsOf~qDiDa6&}|~Tcrq8Ph*{1Z{zz!l!9509imawnq;31lXZ{1Od^!iI&Hr>ahSR- zab_B??kmBK&%U_|N&yt9O%$}~!a*siI55Q#T~MwRTX6G)iBPw7sK_dZCeu<-0G+i# zsVt_FD_m5wgP65xjMLy#O{D0x!OW@AtI$D2dTxU02TJcNyOY2xOrsNE2(r2L?#X*6 zAou5K>qt#*2YvAmMtjDgjjj)3TY4nyPvGX-0-ME(razmo)oQ&l%vB2nCOAlC zfdd&JjSETHp(;TzMb&}|lm=QEDK94mE$=74c5HsmLOxOrfl(`mQS0|QHINKCAmeET zG9Fiu0}spz1|Z|HF11MwN1xFTn=Ci;1IY&E1h-350kg}c{=s6GHVgym0QIvYj%{XN zbrJLn;{{>fZy?~vvm~Bj%lplnX9UiNJTa$?U}$LaC)o(^Z5Mai!GR7%kHo1*DfJ_BP>H8$u5O@qUFvEkz zam=k4!l@=(W&-eocxMZ+LFQ0XL*!8Vfc#cR0iXI&$QGZuR558Y*{+lzuap3 zu2ViB_sp&LJro=XngEGgPZpNjH`i{Q`zOVMAc80~;speWWH_Xn+ej0mzwU_Qp?}Wp;-RH@k#;vDIG-V1 z@NaPeZZ|-RbmadpinP6fa}Kt~fC9FbDv;3I8iZ5h0HjE@=Rk_|wYmE@QNL-B{~yS> zm5*oF3T10`FC-1f8d{8UFMzrT5F@Ft6seQ`8zY&~pr~QNPS9eC4@!;ea;L!VtD;LS zwlG=#f_ePfiPxxh$_6H^{^Np1dvz3H>wgH^+;oXu6*Jo9+dmCuDvy&n@F#jPYSdqv6o z0gSQegjT|O)QDouzl)f7Xq$9FMkcbWHw_j&`T7g0e(Ch|LgJj@GN9m_3UHl_W*L2Wv3S}PR2k}dWx=L zJoyP_T{ff|N$vMN9?9c|?sL2BWU#4HJ_8Qw)VFfCqxGa8_NQN;+qrzNMuF`Re`QN( z@y@`+d?#Tgq&eUrOvp4Gr!=;BUTKJJ4`r$p7r}Renn@7%>)sY2x-J*{<;vJsy=bC_ z?1wLy4)AyqrT9+tdZ_FV#i`sQ$G0(wiI=#*S0+RDS0mz1Hyf8zy;J5IyC<)6s&SjI zfQ1-y&r`#Ge!bi`R4cVBj#Gc4 z7YsH0YY?+PB8B?^O)&_#J~^+qr`RQ-NU$}O)AlP=eeGj`k}gqC%Y`L1>QP5g5FYo- zIDhyhENtq-T6ANRFyn7}Z^|JGq#Al{8CFn^D(2zCPFfYt4Y`=H44wWP@?2#*R7$wG zD=F!fuiV_#cweP|M5mNpH})Bs$qUk@4A@~$`^|vmo9W3}5U<}mj@qR%v5j9vU|G@+ zBaaVBl^|g36rtKgGa;;*hDogqo&j_Q1}f}#j971(>w}um*K(*p=4zpV#6_SKu{z2k} zcjcH)6Ebvxso!F(!ydFH@Em>~f>?N{`93Ja$0Dm*USwkU<1 z`QVoqjePfu6L=T}EZ&KI!98n=FwO8<#v#r(yx(873Xl^b>ox*4V} zw{{Jw{@LqUnu zh!zGRxSvQ)XjSBt;(%e9`2RCzNm}=kL zBd;}xOoxf~arq+d1-nECX?oSB_{cG(LW$S%*txv>!FkC445~oEv5D|_Xtj7e!(Y#V z3X~T~)zz9Lbr0FqT1Rzh3`%bzQ7ch^j*X;*Ai!|<`)}<&hD+<)^h1gAU0@kYhX3Pe z2Isaxq&cNeEVgW^t&R)pApcYxgzq$-*;INuo2JStUXpy+f=oz4=WQNi%ZdSgZPG{{wfSx}HT(Q~o3ZGf3H%(AF+;0EaV3i54IC`dq%` z-6B}jnpREQpAPp3*nvkd%nD;_5im=vA@xk^izVdqH4R7d9hW_`maP|%S%6)3ANiPn z@!X3~0M4dO3hQ}j>uon7d7G*@ix>v>q$FKL_OM@O#X*op1URVJ`4=FC3ViSbviTlc zUe4~}fj%(47@*S}_#Wu#W@j26NC&O9*Um_nu-RR~B7M<~K`!#;{fV)1*tq(WpaEZs zOLbM`4RW$~dyYgPtjA@)oSn-TF~(5O-vrSJDgl$Aa`G%aFzV(u-{SmzqQQ1V4Z6_5)f2O-x+R9JCMwElaas{Czd zl=n#^t2mEFXWqj~4z*7t)do4f>CY5CnJ9UaCjnClL?oJk(y_$3vkczGdg*~gJ^*9L z<{#**=Nlo>Rz$?5z{gWR?69)D? z#3}3g8qW~1@%J%0KrfI{S=hrvC+CM}Vm5r8IbatdJ*z!Ktlgk;D8kdW;yv5kA~%7C zP$(ImHQYEfml^+unguGHgn-!C!T+jocz`8>ufW-=#-0)SyJKZZlB~TW7_xlj#KN7efS0riwO5k*ZnSXc&yG!fw zgpEK<#WGJ=6xpY-C$*6)*>GnLrJ`~M|!T7&*3a>mCj{}MS8`~MU7kziZp?l8w*q6sUD9{?a-D|1Y%; zZtH(&osPGU*sl3uAS#5>Fwcxo>TG#sSj*SyH5(-B7#q4yre_K8HB@OC$ z_4@CQ3C`4ic1&3H_r#F=x?m#fb@bHL7rT~-zJ2$Z?E;oeFzzj+wy!ng^8X)VJ6z!2 z!DNRP^1lanJuyJFGYISXceR7?Z?zL^_MvuU{=3?t zCH|+{Y1dt~qhkAq+Hqnh$D~I=c2~3WM^l;7`^gLxJ7GYv)6T0};DTPx{BA>&^dWX8 z=0C&^{kgNlnRbQ(QWAX1+h1bGUqYK`v_rxtObOm;@FTYiL-w|@O)Y7~(v?<& zkF)`*9Y0kbWBn>elksAG_O$jk>((C`cz$Jbg|7s4GPUXBN?1yxACXNPGvyQXdF$Ge z-+?wE&>JfOn>bl>Nw?|?Jb~d1ev(-@S#7=5l3p;Q+}N{TGF>uJCk3!7H5tEi4%q)D zWS*w<#8x!U+#0-TSFbBUAkD>s-{#u>lUiH?S zPNr`_3IE6r6vrhj^ta28S#IS^SVIb(A!@zGss1}_KD#uH{IlY$?;Pc^={SU<%(Cgp zfuGxQoYEbXY=c^3+o;I7Ny2Z6Ib1Oi9z(oy)(7w&Lq0Qc)KV(*1~@1Pz7YKifu%f6nnL6|LNkCkb zq`*QMP9Wjy`SUu}vCV{DXshTVAnfu0-2jiOFehupV0Xei5*^jgMyW`V(AGGQ{jqRe zP~#K__etM`h1rf(N2zb5Q8!3%0KSY@j4C4-NCyw{fM78r__{fHp+78N0v0P@)}{u= zevqt4@1mD}L9bppRsGNmx>9tz0;c&mSRck=F&%TIUiZ#j@vdIQ=L^eVmEro_Pr5rU zA5S?7I;U^`K!Fe;2YxZXmD|!oISj=9s5mY1hKqYSD?JL&n84R{R>TgOfEynKy+T8v zLf8dcKKzlD1FLWx2!f_6+jW9w%GeKnhlblyqpm`%w*rUVbUchIM8$hq>pZ~cb|>Fo z<;?Nwgo$kdmVUYnS&eU?n8HN|2HziAL#KPVknRW;f4Zz*i>P-12n4cx*T&O+WifIW z;U0#d?+Z@RM!}*GcqdaxSD>^u5y&gDzCGa8C^<|Z`Jjz(h@}%av%q-84rBld7_V50 z^Xzm{uuf^PDrmJxX?tjThP7@E3^RwCBU8v4Eahacwh%b8-ThmVLHF}11~r<~d+YTr zgz{4@^qQi*gQGDm&ok;Z4~(;nb5XA{?ioPE0dB`zd6#Uy1dw}?#x076zx%%%G{&B$ zAQGWnu#c28rZiCD1@@L#6+r!X9;!Tkf+R*bxt7JV(W5ex-~;=J)iU^1R<k9vLVOyipDT^r8nPk8BJ5?+MIG4hl;4 z$4Ghhg@|2IY-+^hi|%RgLP|1F_5A@+A-6|Rp$w`JE*FO=LmQ_HREr!e(I`VBO`;)8 z-H>0JuUUv@K^Hyd9qC&6gDKlc@~J*65Tyu`B;Z$+hTI51lcpj269Im^2IKe1N~<_Jj)>yvpUzrEaM?6!TDAbi$rcwI-&YJx6kNI9= z7HRCwcY;BXt%nMz@4j~eKd43xJTXSPqj~T;`>HURdVGQoNaIa|FQ4d$>$t&qt3i3w zxsU+PRSBF%{LnoxfLdip5J`|2*ij@9NoT7)Wu%DDpHWbLRh&PQ4jGXyJG+qNy7(Gq2GtuaO%tNg((QXH7l~|1miL z98-0H*!vh$b(x5B2jwk?19Qt++#op2Ai8uBjyDeh5Sb(A4a1oT$EPkRh{t~f3Vqps z1qwIk%sQH?AbQX(NKX2auugu!V8E%6kvx!&*f6tiCNfcr6;b>yXyM1#k{5 z=H4(z7Jh&;0h|MWTFCkJ5UA`F=3ICZ949DEB#10nN{R|tN)9j*Nzvnef}}5_h0$`+ z@N}&y+JnH^F3LgKE;q8$sxv++R11Aack+tRwSbwH^_? z{+e-~$oJd0U*Ga|b|jd4JAlX60R{~av+oWC?|xYC%{dyk0R){wNt?GVU%*Ad5uh&$ zwAbs(wr9UQvD$qZKYX5_u+LTU%u#q}ut1d8IbpVbeH>qZFsjd@hR9Am4Wt{UjqJ5i z2aetTNbPX0$(_KQYmUkRs6$kch0^xWf@vg%6p?D6G6auM)n#!_(5nQrw5n>L3IxMk zT7y4fOpw{i?+O_kaOZX)rs~q*NXd@&a3?JyjlT4<*Zn9?1P(E~9C}X+gbhQyKEnTV zSkQPO94JCVb!b!|XW#R@N>a-pwtvs_%Pk(i`aT=Yf<`?dseB7xVCf(RADSh+s^OIeGv`_r<8}Z z$+7yvfWUOq76hwSVHhjzdjP&LB#Y5La3I@cKeV}h7wVFC!*%DjyCNw}hn^M@i?#&} z3Z7ZZ3Xfhb1_~-#0gv9quT2z5fysnAR4hKPPTEMrnwnNnXVa@-f-*%%seH(f=SHUI z;&jof!sHw3O1VzG)aaO^1<2#C;do+Q$IXVSsu^SDtvyzlqV8LoXl&DRumrbBeF zoX1HqbRrKj5ywxRG{y;lak2;5O;-80OowaC8K|;Qnjemo=tV~n>9gy#m|~`t(<4GK z=-YJoOopuBcSD$kO|kSBON(I83!QJNu!}}AjIRu9c{7HFHqPb6gp_`6R2=*MTy9|@ zN4I2d)<`_|YI^0JICViJOneMX)xrivu`*5Ax3PWce)(Vt*0@kQIF zrUreXWz(_Lcp+ugoJ7ym^shk-EaT@Gmkk~`tsC%#MkVJNer6#ikwulLJe?Oj!RaNUQ092CtNrW$zY-sNu8 z>#6;4`;5s5@mCh{6RaG0Eg6jN(qi!lmz;cO&D4r8)b7*wtgL7*RA~ggp9qXgym_UR z*!?ezGJwoa{|TST+j_h(f8h&R zXDvpPCSKE;?6t(|j8Cs088rnfg9TNWhlpOa_Oon-Ox<$bK=K}x%~#XNS?KxVRXh4x z;I@She}sDmZUKKgEtRu1c%DGIi!BXpxwPVEod#!C$ixxtabZ)H%eF8;BZY+nDdvc{Y zjIxGdqV67p>>97!J>bHzj}LIE9*rH?;~h}1R%^3FWbJHx#o()oS^34^J@zL2b6RBQlP2(b0PYWYYoe&MR zPg7u}c$7cC4?Z?-=uXgE%H+OTq-x+Q|5h-Ctn6Sv~k%On8)C?C2bj*InsKzf^mF zF5-DrDTld_TveB?)!Z!CGDt~I;C;;>&Oof{&7LmrD(U-2fEryH`m3{01ciuD@<8J7 z!{)TN6rD<0VMSqox&SLT8MwzH=D*^%*DTW6zc z$Sp#Zj{z8)rD({Rt0X0MN-W=}JFz~+a;&eoF^xWFn|ZEJtPK+PiD$Nqi~?~R_lWlb z8*Cq!8?a(le!uW&zj?nPc8_oCwCwENK0K@maP$2cuyjU@_~q5I^aY0yB@`{%a>GZ+ z_G-UrFUr2`#_xo|SlmcP4p+Y66hu9XNXlwp zIN>$ob0R6D9$CWPYP^f67<&Pc2sy22Bt$PGp7Zpt<&@Y&snvaJI-l4*Osw@Yr>%IL zRIabESHA0+Mx_057$Fo4N{;j$sg?o=zSc79tT_v}|1)26j%C(5$B1@oFTcTJ^! zVc@uwKB^Q)z!B6toDgCa1`s&s17Sk`Tg`&RL@&@vb8Y!s3eUw}CUS@tevRIYR&*=vac_CAZo4cOf z8@buBHmlnk(NOv8qT(7~_8(w{r!isi&_H~PnvJTZj;Umk1tI;YlfZg|7GMJ|@|!ai zi0?tyu&CDXQN83 zL$3&@&o?dKXy@h@S~Mrm45`B0DHGeTBzTgfM9Id|1XFeP#wEsk$ks8H4)}F-SM%Lc zIcNJ^h7dnDl<+vP_~F8ca7R1s(5}GD-&JMLpO8U4m0a;M4Tl{`BC_h)?KV!0 zuaH-}qaW1CcZq+!|5#p?!sfDK@(vH1ZL;N8r`l%Bp}xthZM+B&=^hBXQ4_V6%wo+gPdKT`fc=gL`Yp)R$%LCU29J({d2hWB%~ialq&6;ID!Q{ zvY8BO(DMz;P%B!TU5RUY6HbT$VhR&}UIZQ-0>M?4_tzM!OU1+0dL0 z7Yp|?5Nl`H^5fAosh7t>YMxnu4%a<>+rdKl+{}XN&X>~dqKe!r-6*gemuX=scBEW% zx&-HW(=DuhRxPNlh!VJYQNHPTT#LKCPpr7kx2@Sz&0k}6eJNV4Rf@OqQm9a%`eGs@hF%hGD896-|+xI&qHk>qZlqV*3 z_HoWSVqw@c=?|zp*j{XAyGJUQS4jn|%J3mXAi|7(ygU@mR#)r_<_JhKdje>@B9vOo zmu>K-bmY!fn26>WXK!+43 z_6Vu!r#EqW3wYO&ibWHn}WCfupkww5|)`cWlKJ*d2Hj80`qCPDVDrrnhJc>?3$M}bD~L?mLmC+JzB`}nT6K|lKnz31?zWwHS~6{#Vz&4txJB^ z?QKt{0ECtl`7O`+@4|4n%73D&>$0P|ceKrn=r z&)Ct~FY}936&FGepP>sfFg>8+gunV^zN;nIg(1}FEB+FBu6AxBDQ-UTBEpHjk zl`K$v^e2W=#5VGt)STbIP3O2`Xz9VWX%|`zqd&JBl&H^xyDCAj4?}US@C`AW{26~jyW3r@!^g7USJo2 zA#~}u&t@52{Uv~--^Nm;QHi(QgWS^x4^guC5|SQ@9*Q%P6W1gN;xu>^Fxo>kk`;`w z0(?9D)-ligiz)!*Nz-E?dOBdM}`Jfl*jPjKN0aJF#0pf>JC`1?=t(oR;{l@aKJWxn8RL%sHcUQA(@ z$9l$tUVv=^XZ|i3w>Q+xurC=yh`_fOF~NFt4TgikHYHoLL9Wu8kx(2B_(%+dJKCeX z($5{1+uBCQ`*og?T;Z7lbwM1A^WnC!0J_o=O`*Cynx?q;F0!fhH^iLJ67@qKHNl>0Rrtik2XX%MH6tk<`ZZExDy1w?SAir5R}?yyG64 zgcyv37~s1CaV_%hB;4g1dQ5H@oCR_%0q_NVvY`Zhnu@k(y$(%Q26;Y)2fbye{`EPp z`hdhyxcepu;O~x|w*_Y`+?_hN9^wCS&&>H8JdFDZRMcOvt{dT)2HFevaDuGor9w0r z8`veULUD_sNkf~Gk`RuaXpMj2<5iN!$O!iqF(PuqW=6*B>)}_EbtJ#Z3*aW%X%)Ro zyaXjN7VZOb7&It~oTyVUv@r4=P`GS(Pz>Pxp?`7#2)hdcgaJ>n13X3l$0@>qr?}(o z=>4r(G2G04;TSp<^7yDp*0)#rC3rXfn#wvjdeD3)Fm2$MxufwQ8+C64MgG}5Q;PN) zwd^i5QCdoDI)4MOAJwKaVN(sxYf0Ea`dUK!Uq)r9@{>?I$!3UoEfs7F!xed}x6W@Z zliOZ#RkL3a>M~YZ{1J_F%={@6hW~IWWBQtRag-x8xpb*MaB>MOk*~q(8WNmA*alWI z%JbEfhQvOb)kn*;o~)B@MQIl7^WnvNYQ@4VYk2uhU;1kVu)IQW9l{qVk+AHs!;|6T zLh+kkN0QkGDb8w#nQE4)5DdKrB<8Ij?y*prD1h1I@VnX7WD<4B;W>15kaQW#kXE@m z=Azm2SI)Pc6x~M84Eg-~0+PY{+U`2BNXlAOr{~eEgFLtHH6+>M?nRFT#c$)M(!0*r ztM93u!et`naV?*_2R<%tX3udnfR;}~L7Yr=2<^aZabs1(7(HGVB~`~GQ9c2azH(UL zgd^`HjWAS79Z?Lq1{s49<5sp(g;Vz25^wqqc{EfJn_H)t}*#ve0a?*W}OIIfKe>+TM|)hIJ~aJLBTmtC=>5G=m7a*%NvvU(Hv4g2{&?8?^g!<*-7 zq)uYgV6D@I6(C+}BRDvDb`;jzdl$v`P!Az)bQF^3m=HT!Z@e6GFuUtdmvZl&`N?ng@+ zJ5K4lC-CBE@5F8|uWz&Un?_DFf>f$Y1uk)LLg)xz>*G?YA++*7~+&9?Y zECN0qhQj;4FlPoOwp3~+B1)M|q$XPO=glLBx#`|#5AU@x19I=sK@Yy459E^j3YMb$ zTOL$eBQ@lZq%!04`0$SAKfH3LAo$WNFZf1ssWjgCv0h3GY~}`$+@9gSSHU+jijp#lTGxem<|qb#wqGl?#D_Wn%oChcG-2 zl8=V3XB%l^4sM3%Hpsp03p;0kH|2sA#^4jL%^oC)>eRdJ`h05MS89-u;o<`eKS(Lb ziMHp8p>%W-63tWF9s~crZ1@tK++WXY?h>z2Ia|72cpS2%P#0R$tX~?u~kB0MFD2c_~uBK)}Zp#DtevMoL;(47u`B00K+-5f} znZ|tmAjlGe;~C8Y3F;aCG?X^KiiJ%b5%xJ^*bE0PoQ-SplQ*8^o3eelbz4rR9gp^! zb5MfAG_1~eaq=K!wi5lSzRFUC{hCu!BmcU4kX^%L@|QBi)l?V9<=h{g!224?P^&t~Q~VNK}b-zuzEcQ^HJmVRJ(W?uCSYnY587{3U*zh)wy za@e*lpPs%l9j1F#gb@}gDu+p`j4&uc%3YW^FPbTjqHt7)QS4;UDm~~^w&(Xo_ABJ5jYGWNyDt^ymnFsHqiFpvEU!r z?e;lVqVA1do335wYrvS(@pjj(7#j=3fz9BqB3nVdDL^L>%(EpJECbs3m%W=LOYbqW ziEu0&?N}8|_Wr{{#e#)njIgUTp!e41cK|ealJ$)(4Kwqc8P6iMwoTa0s*RsI%zod# z>lqtQW33nfLC71%drGK|d7#Ge0sWi}mgRT<5p;hcVkE*{@8jaAE?Gx}7et13vh)$X z+R3`pVL}+TY)RsAbgIcz-?gyLdh#8;M<$%ud*jwwz}J*0Y_;X^q4PhPyV7H_c+TlfH*Q+|?!2j&425|gN`WsbyzVKxZp*L|D76Jj zcmY5LC05ZmG!QIW!aJaf%NUIlnQ@=FD`#!3TGsImxpIMa>sa!FC4%6W7DHCC1rp=z zce-6Pq1257uzKdDd)~I(`R>%98ZLd$-pyNCTxJa8L&ej8ZEp>l;B`(L_iU+DM~xRm7-^2WN$y5rO9s^d}J}QaBQw5 zvmBEvdiZO~ZBev*q^zq5yZ0$3f0bdwhQDlv%9=Bd5s&xX=y6eiC&8(~Y(jMVWumug zH}G3gj>^RGGS|cG{@G|A*D_bh3HKh@Z21S)j_BkYRc@sTPxn=sj?GuLV%O{8x^Z45 zx1iTs#}LM`BESa^UT_w(134vgpq(+<&qf^tGg|ftA=KuVP}m}2bp!ZPufaEQg0+eR|nQ?K)-{8oDukezMc@*+4$RR)fw9w>3AT2 zJEeB_^%-@-qiqR>f1&DGpK|S0T0JVPZ!gbTv1<@PSKj%WV{P_v*Q~X#G5x03_$pwp zXFJPdo5+bKy~s@P>cHtNhgLX>4?O#JJijH!DQ}JB zKui8g_=E|v1iExJvs9btjc9{NC?c8^=ne43fj=|A3i%QYy#l>5JpVId%j(f7nFEU% zof+LUe`CF8%MJ&W50o!(W3TbpYi46l8*r->nJ-xBx@oM-V@J2upg&Vn`I7>1eT>*o z*LwpM>^|M`;>|@BegW!+9LQ*x!x0ZGYVCqsWu}dSpClcbxx4{(0p6ih?CS z&NEA~)vJh#ZY^LM2>y!?d@-+`DAUG^a3NZBi&+mr{KLUUemK}`po2y9jt9L4+XFgS z5+>nIpo1l05{Cjm&}W3m@cf$5{JEGFq;tO#d?tGtDGyutq6*lO0W^zk4%gQ;1zr8O zeR6r&00ZD7>JTyyTP4vxANz66$ZzYttDx$|UXo}VJ>nuX;xfyPf;tfQO zu;2td*i&9Rz_%0y>N;QL3;rlH@HA-Cz|%x3fuMm?05f`YoB*t6>`0vK$AH*yYT?%9<+vJV-Q^K7N2Y>3F*CvJ z1)qam=ZoTugadyc3gTO2Xl8!RQb8O+5M~4;uY5R=evmNLM17EcCvpBfV^vb&{%k-P z$B#>ph`S(=2;ebxfyWs5I7Y;WdA0e6c^&(|o7d$3i+N30>T&$Ld6lgG%e-0v&1=`+ z%hfk3G>fTf9#UO`$N`&%r#MV zc)uW*X5EYAJ=)60=3%TOUaxkv4Hid8X;<@)Xs(EsVV~~TR>d4G__1DjXl-cJJo4A- zz(XFs6J`8{YR}T8z_%t3k#*jM&9fs%Vz;}wHS&k&wRQo|P55`8TBb6kFbVQ*!{|E& zzBw+1t=%`_0NwEw0^189R@rJ(`~0?TBQx99sUH-@h`TeA{F_JR53r7^^?MfX{Ov<3hfw<@2&l^`1BS z1S>W@`vm({5B--=?g2Wyv;V(@as>BKK%0xY`L2y2OP}k0@mevMzMe$a)H?N0*&Koz zNa_5UKPdly(e_T!m9C4nc8rQ`vtn0l+qP}nwry2VQKe#4Y}=^VtoR?9bFRJSJbUf` zoO5w5Gt$}^x%fs}?{9y4e=lYLKKJ@Sc!ZGq%o(iHHtuV-FouG7aBl{w^bfpqH&fEW z@t|gMy5!WQ1_Dmr(kj4BX=0?wEso1AjyVUjJMtE)C)p$eWRB$NG0=r$@Z6{Ic2jY% z4%^59q?5kMDA(oy*ZX*HK}9xcP2L@9$yy_^&qCrzNfvNvrJhRcQ3f3hlCUdq>gC( z`b)+7{OsF$Ba7X4n)idGdx_^h-f1Z{cqKc>b0)8vj_aYM+j*L~jX0Ps|55}_5w(s5 zGL!SqoV(V-gBSKw*Aab;3|uw^%PiUo)hX4M2iI3li8~d5f3!&?#y&VJo1v-&)tYD) zam15K-QYZ%a>m@mw6|yyNQ{tpc;$YI??Not)AU32)q5W4jCAuWO74J1KqT=!)TaiX zPn$BLlXyh?Cn+{*BULtXZbibEv(p3C3g!Mp>>bCLk#gB2VFnu8V+>`(p^tFR6~e0z z!FYD(`T3Cg3D-fwRA#ai`&bSa%;F@mpym{(bQ3|Q%=KwYm62OgkMiiadFe%L=$0|A zOSOkrjK&p@Z`*q4?P*^p*rxV9}GRKEx!f~vGBM!*nOOk!+ z6%P#H1zPNu%Ho3jnNR}1RT$9SeJ17Hic^kx zB$?DOp+}T7K9O7^%5h`i5u)J6)T}Xq1C#c8QoTLxFAFm{-BAO{<2#&HMmF8zBE@wD zehouA09!p%U^Ub%6?(O${?q##L*nlwR$3z=m77e_A-2e9oyc%j6`CP&xX=Xz7oC)e zP_u1*BqPSuN3R)!r&C;j0m+TZa`oE7wVy3DuHH`ny4(P6L>`@i zMz+Xo8rheJ0D2x8$7tQjpB#eB9QGlJ7H&=v8qt2`@f9VOl2Jcc*>3JfKP;PPuds*VBcelvy7_W&CM)`yo@aO`mM_qIAOod7fS3NzrXEw~AI zIh0OEqtRuco>J{ZYY40_E|w_+&+J2Ep!K&95E&lKLDzPmzaE|%gpG?3ueXOy$~wux zZ0EOZ8>o~+cQp>~D0p%j66>|1{#PdS-+L4op8TN`&TPDIsH62 z7G6w&{+1<+kQlr`#@B(iR3d?JyyAFqRi2z%9U08~jSt@fJ+$)La&fXuCr7L;-ub7z zjLFLBvGX$Ptg+fb?03QA#CI7Kc^pUDxuIMh9MSI*2ripr*`!`{96w~Oa3)y3OVqlA zDpDM|xYVDFkS@9;YN?UqRi)f&F5=8fe7hN&H#w_Gsecj(bwH|fR`biWX5@m`Zr=&R^HS6mSE(;2Ks1rzkg^}6_T2A zlw@X+B;&i3%~;}_YMhf-Jrb#%0N0|5zQ?&7SJ{BSh*?)rk4xX{s*{%9fQ92dGse)u z=;bg@+IE+CvLIQZMV(=5Vz{#()_dw5N8^RZj}XOIjmCpX!iU`*hT@OlWC%p?X$Od4 z|I<09x4iKdc~Q9ZK6qwc6li367aN`ksWQ1fbT_h`{ywa_;Wh|O9k6<#-(ogRhky@F z!I>x!3J^J>e?&>378p4>OR_gjE#C{S0r^+4`_{9hB#d(S5&I(NH=K{7CS3A{f@%<4 z`gpM)M3TVrV!$rOkzum3dtfG+Fi>EK;=b-%bQ3==0{C3(`G9~lYKf+Wef+`(rfCft3DtacdMjBz<^IX=Wo}Vh8yR@> z$)M9^rmd0p;p9v-^r9t-x6c+-wGarBH^e2)i?9dp45>R1Cl)+L!6v3V|K1-6C#A*UQZbOSpG~vCO{*~LK)T4n7}}$-+YaF9}JqDntMLboA^04`s{EYsFmSSP^>R%bb!>VtZqsi6HtO^H#E?L0258}6o z-?6$UtF~grbk{+jPL2J5E;aZrTbxK&@;8Bgnv zWdb1l1qA%__L7&&a$eWNlT7#};95|S(^_TwgE~-LVx3A*fSDi2R*uF&F3xWZHK*CsrWBDSMq+)IIR?(#PzsW}(THv|r~ z-~3$tNn8nZF{7x!EtZ+wwFcI?tV^5~tmyd0OV@Dky zf;_3Ieaj37^StY;`s*^pw zVdUD?-~+<^GM>Ag_PXF6TBFhJkHtH7X|}`An@8O&!tC7`94~W|LpY)ai%*+c-s1^8 z_VmSI!SDVJ12v=$y0?#j{0%FFC!%W^Ue@t~@oICKHz4BORPM!PP`i+8{KX}SKK-$G zj1MC$<6XOlHuEv=(S8g(&bW%c`xoDx#_Os!hQ21k>{CwO&!69Yk1Dbk4*byC6;9s` z7t!3LYqW0hQnwaisI+M?{zZF|X#E+XUP;oSr}cA^;nQ1vM?(+|M3N9(Ez_fH`2KI! z6ZnJm)Rc^9N|%v>qaqo`C}Fq&e~8GAA7Xd>oTZ0oSJ<{dn$ecpvM5arUevm>zfqgz5u4o%R=RaF*4SC?S$s&Xdo%l&^<|GeHmAKQVG zm1zqqnW^Al~(3&W5ypfWP^tPw|ZD%;A zUcV*}UE9`+diY%CDwEz*P&Z$bUYK6&B(o_(tPm3@XaD=Yl~ zO5`Bo6ijb1kBcIs$SfHA8>xwV`X{N`hxGtT16BWaP4(m1b@5y?^NVKc`;EkNv5#Ti zVF@+QOBU|QkN+|I?8*CqIO3v8boM`GpC~$K7OO!UKX}s1zh7R0AEyKk!g9aM zGvx6V5O5P4e;(u@p;Wq?y-Z@=Z|y5ld_MoMmFQFl9C5}Sr$(LaYWhUV7&(8?pw#CQ z!9#*JnTG*|$6)D5aG0~gP#kMF_K2Aa-ONafgi6$7rP4R&DeYwv=lJ6YA-S4Q3Qd^W zXfyFIZ$+dQOs}7M@*W#SH5?1?6A?lD`JL6-Y|QekcAK z5>8CyZyA!sv6K;yxo|Z!B_eBmQd8%|fzEA6Uagpj6=se~rRUrDR_W)s1M6H<;j0Q? z=4bx`a`!|*Kb8Ls;<5_3dO2spuO$eWw|mr9sEjrSWL*TJdw^Rb7`D=WrtvRNK@$v4?RtoMe;^@^xZsGN2GjWxQ6_F zwsO7`x?neAu8GJ&wsrmW(ZRRm#~efC*q{La@^2%L50 zsYYqfNb8?{39bCa^^IR4ZtvjAmuvJU>iRAk@;Ryv`bF=Ex~qg&Q-xk|CommIrxP9P zZU>FG0r#GnvKU9mL{na^`KgK*^woLEws7tl;=`Bt(&D8sA5vcVe45Y53XsPyn?BiB z^QeaUMTDcG_(=K0owtYMEQ%I^sj~6gMIM>Yf8-7WO?td`-=E4ermRokaYsW12YqLI zWG{Yt|9U0c8vVl1!6FWvsC70tHL_oQbj$R>xaJdeq^L!&R#98~INTMt@A{q#?6hc$ z^*v`;3n$;P6m+$n232xL0?`0-+W5v{^FGeH#1-|=#yhl=fnWY%j>4l07!7&vBN=1l z<6-M|jfsKj#|m8w<)Sf~7xwl|_CKvNh6$h|FIxB_|lZO5DAk!_0AUP*yjyKU9~P zMbfbE>h3i#;b}}05h|atxUeUsGZBYI4*@v(ut4@;-2~E-Xp2P)UZ9HKS1vQIy1vA@9;6TG2IY&|?AMCP$gmnYeus{3%&0_!pC%Bt_gN@E9#bqJ zX*MYOmYMVxqpvovNS9(mW=jqMDJR1ok6(X9WjFP$dJrgBM#6;^L z&=cSBu`!}jA;cF+cYchcTM@bE*x6S_x8juP&XUb5M}CpjQHDb+&3H*;T0EXw6W<>I zoQy>UtnlQo%x5%wQ@m5((@Q4*B+wYXlR}w`b?}Q!-~nIvAzI$V&6$1|izzK^W0!Oi zuRKrm^lEMrN^!Bsw+FOBujeWNBC`))4m1X~|J-7$5LEae5E3}L*RyU=Nr*(O(aW;j zAviyRyl!w-m_(t4EA#ipSonEqX^P#ASfxBmlT)-8eVf=IJO>sopbwJtw!LL<@9cee zD=S(gRHihfkoE0ek?jZQ`5OYpF2TB52VaTAs4kv!FP{#85J+`5J83%(^KYxkMF@ju z6hlO1X%7U~i*w9U&n;D{(-AkaP%+|r{~16L5L=a ze29TOmD9em5=7E~(Zzdcj4;S}15B^}JdGt0&WcsycQPDb2~wk7ph7EjdH}uV zLlidfr6?wa_e^NsTsSE;uSG}3MNl89Z@jvtoWT&q!?0NTbBC(`x@+0>aSqL^D)xOL zhlgF5qenGk*djb0*4LhV(@dsg;#@j^{gC%^<6f*EX3IR)9`$d7 zi~H_<=yAFd*CCx2LS3Kq?eccCo)J^FEBhi+hW+*0MgRM-OU{k?Qs8Soq~5uq8%-N- zH`&JtOB&`)D+@4rCg=@tIuOI>H(0jp@_~lqVvU z14gy$(TB!LP6Ea`t|X^2q|^c@GmO!o#>uP#r?opBh4Um9K+0O&;o>t#7sP|ZsJ>6a z>K^pL68@l6gD`CvMLn^BXlhX>iO))_0P|oT#?E&m*9P}JAUpZJjIG~HXa&~aqD^a` zty5~J43`>Jn6fzon+s#e%I{34176xtDLOKC7EUmcwTfzT0G^e9);{$r@1`q5dz&Mb zrQq(mPTP1W$yTLYaK|CRY)Kz(dJ^fj z=v})C9x@(gaSOz8SyGlTt%@(HdC!x3 zBXEB>P7O0OzjU{t3}w4VHe}4jomQeiH?k+lJpgjY-}3N30M3PU&qc0-+xK9juuxT^OOt>6=bZF z1}+`&7mmTF<1w^}dal=D0j&UkuVEAgwQo~Jv~N2HS<@wgZSD~CTwh;CZK7Xa|E3=E zMbN(PNj@gE^h?$4VRf@`jh45mc2D5y=TsO#L+YwVI9OuyRu|nb`O9!tGoYS$lI-4o zYE$(S*Z|N>%qa0GB=y}gkXUvf?$yGFD_Mw2362`8{T48muoqR|{Sf#pEE|6B@2{=- zcm#e$UX>U)6sn&**8PWB)h{%ucNnT5wWq=FYqgO)QBu5g67Gw+mQ(rgs`XHK0t0(d z+tCr)U;pYO&a8!gaK22%!c@oNMF`8uBBPxzXS9VRbE+~ht40B0>D#X2Iy?H)t`6)i zTk6dQt8v^CO8L|HUN0bCHa{;z#I#v*Tmkg|m0)1$tnZ5)`X-GB(?=Cx53+{pME~y6 z@Q*&?XH!5QaaQu9kLU*IBd%^f_E*ZOuJsP%P%jONtOe9P{6+FaW`(VobG{mP@be}F za&9wpJ6<0r%}czWvoCcN5@F<39l<1bN?;jMQ~GJd)=B=7J6JP`71(hoWO^Ub?VO8b zx>zlj+XYN9mO*5C`~O7-&rRrP*z^Eshtb?HlHp3nG|@x^Jp9jGe3U1KWGQ1-=%T|M zb)rR*Rj#h?D3Uvi*s77&2q&@HOoh>s1V6IEO zIXjnuJ?mVZa-4$G!+oNc!~rhqNtBn>rl2NcAhh1}moFVT!A7ibwrK1X04?JzzsQED zbdxQSgRJ>Z`kktV#m!8#KrYIdT1B&szaciUQ8wzz%FBYiF4->9uR*dBw%qA!AwD{l zY}Xxw7i$NWdYGo7_C>d(DTk`uLFw(p=<#3KF7Cx2txG$JcimH|zl*9b(HVJNX&?#aigxUbxqFaqhcWiLE> zy8L*zN+9K*aR&X2`LWJA4s6wfM^%e|-dCkz4F3MrFYrFZGay#9QOTk~S7OkGS#zBDIz1uc%y}$c5`AzY8F5tk%#=<{~4GzAVt-mSw zO?id3#!Uk&P}aFGbUZYm>)A?uTe|1kY}!B;1xxJ{xjKyKoc(a~1Qd!8+ZJUcmo8q? zzerod1&MJdNDb=G?7Nt?Y#KZe7e__J7<>N_@m4IiROB4I*p{`>Y!37rdbo&Q3 z&sTJ$ZbV0~{dg_%zRR7WbU6R=eVsxoEde{%EGj(?HN45*%+dipz23xMV&-@mrWVOQBx8iPrEeqmgz6 zd+a6PA&4S0kJ}n-}NI>GD_eG9Ot;byCo)uH*uVFJ30<;-aYL z(5a6sgOw+1y`0YhvA9}Fw56Ut(^rNiXXPkJt3O1;r=YlU*YJkGK!WQ4Vgi6N*8xyw zCo|^8?f81a#L(ZV+w$>~NN7<7ZXy|hmTP>ZzlaNSUlOqR54lkcR}XDwyoP>^=IigI zRZJ?eNXdsWH-42sTHS?dU-Suh>ezspIr=d_Pq?Jlwnqdx)XPi zM>$de6-G>xJZsYeG&{)^sUzrK(;>&v%bDi^n7Bj_kBqZleUDiI+cEY2;;%z zXReHzbpA4FQy(m6Y|^Q(LwOCiyRIR3Ib_zB{a;-XGNX@p#qLwv@w1n*Uerw>I-X4P zB`#)f+jWD!*g0z3_1D(bmEC2^dTY-cbbL0+en=HK%?^%z%!rYFn}?9jf`6lBZr>^8 zi@E4}9`0)GG4xQ<^A z$y<5|Xa1fx+6mR%_8t)f9v4_3ChABJ3QJ$_SKcA@%&g2f<_Fd6g)Nl)n?T5SJe(a( zxFE@N+$W%(O7C@(qVjdKpX>Oj&imzEZh>VPGyS!->-{TDx$xby=LF*fPTUr|QE|?L z$@8P`Aa-uq&h*6PmbsDglBe0+)>9bHBDU5j#^z0cE;aBV0nQj^EFYaD_si8F&<#H7 ze#+Yt;=z%rjsFeM0r12q8PGuiUayA-6&jEy&@Izf9SF~mTU!4+pp%ltB=9f(cae*) zb-BGALtjpD%IlnVi#QsmY2Ngpza2K1BFG6Uy^XSS@4*d)5R@X-WU=hrfwJyYNsvqc z4BLSWw!<6$Km8l8Jjn)|Mc*o8tuX$nS{YKyCC`46TS2AsmS*lfKX4bb>C;M2_0Ub%TqxeRSwo`IM1gNk>1mb4=8MWTGDWtV{Tfvx1KawSt#^hnr z*_(P}oyw|fa~aQpu@bhi#N*+Lw^~Q-s3Slx2h*%1-}Bk zoNvQsN5kag^yZuE@pD;$gWwSW+a5OkUXeV+s<<#<*l;O$qAfouMAyY8_|iN@|C8Ao zMi@GYoD8W-_MnFJ!XgriV$LO^?iH!1;-FW;8iX1f*-=C*vYffPV!vPD6<_}KSo%Qi zYv2dVjS^8%_-WwqY8!28?0%2cAD*`z9(#K2{BR3FO?ZnDn4;O?lezG9Tb2J7*cVaA z7~zTYL;Yo7w|rktfPv#932DN=g8{rFix{gv#PJ_K@8t~O^K@i?gRy$Mv$8P#ZYv9Q z<8FXpx!Pu(ZjNpMIJ_>_g(z30^$NMCwzMBDIlFJ8QPWp-ySJWVVzz$HQ(WxLn0E+z z@Ugo11RSzu_W6*bH#WaCu-?L=uHw!sH}Ynx>}ud!xAVT$)|w$XH~i+f3yMrsVst#7 z#%veb^*M6j?fz3?wtzndH18!llzHYL#+srHSlt4kKAQ%@UTDd;=*(I-`-|Bp9sZ z&uI}U6*W!1%2$jjiFj(QmB$$0ay-mb3#mZm=rkx$ug&G_C*ygQklZ2+pP@XeY; z*EJ)RdmQJ+v92{E;2I=FYuPlBl?i-2xRMECTx#Ly5L*ixrhY(LutmE%T5#FqiF;lP z1Yn`^>WFvc1-^;y7ihOy!f~~Y*<$zXjIHF0Z2&L@lwaUkq?98t)uajvx?0sG=h`dL z()Ch)Y~&S@BpM<#l4!>nNi0Qqf##8c^*IEM%&QX>`U0wev$WcCvGxk(n`_zk+dXCKkZR4}G z%%I$4C#q-9O^!#mqmjz?lyTXyVdrx@C?Lig--t^6>!BB;Sa_(aKg_gN^5je z{xU-+f#V=|UtrdL#S1Qx$dkL4@qj?YlBC(R3+0Q(sW}iVH!?cB1A|r6Fr5>$I*le0 z0Nu!w2dhqS&yD!n(;xSI&%h`T^RURrSJcSI_xA)k79i_bNCjZTqF0UwZ|=hoKNuZFdzq8PCd_xUh#dDLuGAWd z%{(9SYgo+o_K^AY#-%`gQbs_0z;Dr})Uc0YBC-Q!;RE_X(5=vrSPr=v$@1&>!2(8R zbofnFpg>bph&s;CttCy4^5CTVv|0FdP;1`Co~`|_-1jrQMI4WBKnI(_@1G=enX+w7P2uiD0<#u;Zxm5>soWV%gHhVo zL24-#-#y*ylq;z!hEbVqUV1G`EH4-`xXwg+&Hyd@c?#|ey^-Am8z!aw{D zF!=h%g#eeL52TM%D9TgdLa58?`qXnCZQ?<;sj=+sB(eGg%zRm{QGKfi^GzAan`jxu z4eHw!HhD|w@cxQsveBfFH}Fxgg=2XH`d3z*b9t|e9u08N$oOLaw+^~K^(YGKNYRoG zEoiItMP=hs>{=aRW3tj-Dvjm0h&zF8x>AZVmxI1Z5g&VPwX;4QG`H_=R-8xPV@=@i zm9@p9#Lijp1-Di2-1_iA2e+(8orP@@gTybD7LeY11|2Qy+d^_jY;*l%3)jc&*f~HI z#Y)xj?!%Gp9rA&vvv|oB{B)UqUFtuS=lCHO?L1;a0yR0qERWVlGS`cHy-G`R9$g>E zLtQs*xH%6)>ET~7N@D!6ZW84?ThppO_xjiRfC^?%)mZVD&y>u=L&9Yr=XW|`S8Z^l z@Zz=4Bu-Vd&#dJva~k!4B*pueG?ptMBN_rCa(Xz5)N7fmzq-OIL#u$Ua1*|1P3afV z6ZtmBayNal2HeUrCne7Vle^m{gjP?Bv(L=`Taz8``gfC!$qz8u7V|@YmWB0LK0@*q z_Uh%#o6Q?m^*I4PvSJdG-QRJr(nTHb<2!SaD#BE@tF6t=hr7E)Lf&(H-FsUm7x}9f z_#A`hfDyjf)*{1%O7CU%h||m;wsvRECC6CWtn>jH%tSx$If@ctMh0@6W3mDGG!kcn ziBQ|(IUHwnTc4~2idOK?x}x~+cC{B4c^?-!hy?{a`8BQPy!+K`p5PPkp1?tfiG{ru z?e4xc*uIx<^11&9mu<@VZ7=anN+ z^Z5dvNN%|R6hL&I`@=$d6cC-0_WZBWdD%yFu3)@vadM9?@rHBX!C8R+_ulYN-R-Z~ z0!nutx`fL+%Z~)c&v0x%Ei?U%g?F(N6Ox)_?Ve z1^=rztj*O}bbMh@wWN1e+|qC~X)msUC?Vv${uf8xy$Rr`Sz&=4SW6QDX?K^>1U54< zt3r$f>HQ#gce_6nT7&%`RpQf23ARVtxzc57734y9dE`QMZwaS?+IkX)sL#EUarmKq zTH{S^*jo03uixB`c}qM7XuVdO+MI*f{1=ed8}af7NK!7EK%FhD%)EP>D^cz(v8gQE z)n=2C?X-Sao}c*`LMfn2j^R3DPb!AWBEpeK@L*T8^jg5;A-uBitBxDh4=u^5;%{&g z=%cGWy*iH5T<@;P^_E+>JRfGMl}Fw4)xm$lJ2gl+rPYzRi|hJYZ|H_A7%G$EkyprN zTgme2;#hUK;h`&E&r}j_mG}V6K&$xN^VB9`_!5`V5*zC#FzZKNP3fhktGM7KI^EFv zt#S8hY>peeK3ftv1B^a;x3#7UylEOz*!TcruVYNZV3_%xB=&2H@BUv=wo7%S?ArToE8K z;MikQz)Mlq(6~8+;cC8=b+`~l1n=M2C^yJfuA9ktHb8WKBdM0HiZL^itQ*3V@)SAU z#0Nu?k40f*m!9VGlN7>&Y(nWi*Gfv>OC$s8?Bj~RUWzBA0;J-=a0 z@hhe&ykA*{Ygi`D8L2?dI%4N3nSWgBJ&oZ{?_6`o+j?*@Zz%&W!^?y_ zaX}wJ_M{}x_&bv&&q*Hx*>ZdY_`A%7T?2g`z!7q}T{lhd!FdVe>D`F+A`8R-(PnoC z&;uZceo&0x04fD)PIGah2Xxw~-zf1Q2!Wv4YXirM9QEk~KtbWFia%|2OOkzw00qS# zxTO{}!J-bOYbnGkb+d5iDE3Ylv;;uL?I(}0WG&SAdme2G{U9cMq&i?(>BmaY2Q2Nv zd~YcATFIY4O!C_Z+xlbWA*UMpVSaweg>~iuKKwM*Sp3QVTS+32&Vh(4Osj6v(q6># zA*L%D0tDdkR1H{OZe`bB<`C$vZ-uF)(O=d%T`pC3Jvw)#4J+FqNbLxXgNL&G!)Xd)V4ex-XSx)-|GG5T;zYmmYgyD7nc?Q=KOr2wP zdgeC#-vgAVaFGCQTC75syBezjfjx)*YaeG!v~GnO4WgcMpzRd_!00_ z{}J$r8)w3kO}GPwC#^q*Cj;-M>7dTQeeHapmmi3KPX2{VI3{_a8iO6QLPyWbw zxK%n(CMS13E4MtLx12Pa5t8WC8#h(c9}Gz>DS*ig^wGs}wHH3LQKJ1}@AO>*oXti%8TJqc}bN8X3&a%kZeu+4D16 zVqNhm=asnk;hiipxze#K;?O0S5jo>$Ys#B;eH{k=)mt4KrZ|1WV^ZMwce$Dy89&TKH@^!~({BIZORYEVh; z2JM+7>n#uYdc6(jDYh5fRvt8w%AMtsBG=S&9;*j>f&D2Z=?7LgVCLMmemev3c6|-70NKLvKW?fl7q0;pAPF#XMh^r3**1$@Zi&oELNZZq z@hs7(c8bMJ8_LjUBM)cdx~vuI6yRg(3y}g#c#nV9uoI9t-{w{I0y1)cT#LmGCdL(60-C7ApU3RwV{$`PB33EgU8+ zJE?p3OT(4Xe^W|6|3N8%E`2Daiu4#Y@cgNtz%tZ4|EX=}&S67@Dz`S@njZK$h1UGP z7tYXEq=2F7zaLM1Osp_~dUob9!DmQl98xC|1MV;RXE31z2qvf`DYyYcJH*3&y`5^1 z256FnHQ`KY3=t3#)t@wj%PcA7=J)?Tv2sHCkBOCWzyCI|vL^Bx5kzRC!?c&;Gki;3 zcr+(Vfa{kKIhpt8AmpAV$CpUJAY|mrylf^%mLFVLGI)Y^x4cNGCHn`{-cL-Sm;AXr zIAEZH5s!>6<;fn=YAk$CK5CeFc+mT-4CphO+n-vArkx^z2By&>5H6CQGpG|Leh~S^ z6N{T47OhYIh)O=wEHcU;k%|nONEuPEk@68tsNB^+Z^7GA9el54Gd(T4y%8-f)j0zFyaecm+gA%-@$t z1w@=G2_l@0u`C&W=x}-;3XH_4&aExTsR+~h`N^% z0c&6AfSoN7{-_V}Fun6Z2(UT=V07_l;P4K@oAPiUpm01yF9|gNB`GrCy2&VOGQ$VJ zs>JwC>-lWpS#8xSR8yA{6)1IENud9{3x>W+_wmPD)wRAY`=cCuvLTga84m}hAnuOv zM{!96yd?4inL_umpwAIA+UKQh1?K^**Kc!svxOfRALVwj8OD+aYpPH%sy}3-m|%1A z2?^cn034YA_?s9+{Lc`h6EzszKa|Lt3_yu&g0Fojku}@Q7*Ja=|5f0o4<*v{cO^m& zU!Yd3WJa7wbSHV}dciSM>Xt=L^oSEOMYNYq7oZVK}+=}wO)BDv0t z8Z8iKq2u5)5btEy-BV=4_k4j?r2P6=oy^|SbeGYUCryjYtN$`K#>e^;Sd&M7cc)Y+ z&@T@C{eg3VI2lez!wm!!phjRn)Ck0>3y}A?B^JY>0vHjBT!beF#4&hzS|XLd=jW6) ziDPgZ&WAvM@9FSUu*aQG_}ngso#SgT-hBDG=Yk!my|EME2>u?x`z0?R`z3@Oz}&zL z^e3jefI}&@Qw2^~{!1hVeeeu1lWtuQPzYFc3AAqi6iHiTPzajnBemk7E1@*)Y1r{L zmUdi4UN^%tl)j6mruUYP*GcD0=a{DhzkS&~n(Cvk7etC>Bk#ZE#5okGpvraJ1V$q8 z1TH?5$PPs=tS2|{E!1IM@hAScl0<)efD(b=0Vt7`2p9%r{kAr+ej9ENyd zD$h%P1t^h9#>-8$>f^OK8=}`BZtK~5H0G;_GrtNKUf?N|)|IB<+~0^^pVSZO(7+-E z-GD`aQTyrcPnC)(=b&mGQwvLukf@!>`v$v^k;pHWaZmw#iA1F~H->=SpX#Fl|9@5= zTNMFs@qbqzuzyz{I#T<;TZaGIlQT9Bicyj9095i-<{3hhrLF$lleZJ1|}qLOfAwjGiR#`>yxeOGtzn(15ZI5;aUW@#bH>|-veXY$F}E9wxcaULi1 zuUf=^KOZwT|35k(6Y!eDbfcNCh_qySmBo3tAE{p9lHS*V_NN{oK3J->rZ*S3lPc|> zugH_F9F-OW49S(er!=QCQ=^Y>l6?GTWH5USy+gs4C`63`AKa4?h9OingZk zD%#=MzgqKDsxAdPw>NOiGvWx0)k5peKaX7+|9dgQ0q#$k688*XD@NUgKdnoaerao2;#k3DIkDY~XN)OHhs2*E?Aeoohkx|GPQa?HaEDj!7CHg;L%r^W z1_zT}yvGj1gP9f?xE5=j05lF&SH=G=Goi#Lif@uuR(;BvsHSe+)a%1%sJsFAp4`}& z1%|+KDIz9*=kBPxRQ;h@bRu2rwEWZ=bZW7ak~?TfFfXYk*_Qt?RUP*?X2LIyPMm7a zSIX&etc7kqxmv04R>L`%!D$*FLkgZFDD2N(d^Q+E^6Q<%m|@0XJPdX zVFx8NbFl>Jb43+UU?z^iRdzzpt5bqrpYbWb)_t7l$ZSvFyawZsRsqTo|6vIZKN7G6 zHyyWaL2b+XK~LbZ<;x@ch$OcJOR$Jrs@%L>D#s-LgPtHi^X{o_{tCD%mZ;LKpkry~ zA)H{SwEy8@TJ4r&Cvhw@R|aM-j~(i`T$JlI+?;d#JLwxSnjYU@o%qHEc3przc>?GY zO^&Q(*gy1%Ke-5#%b)sW=UPFbG#?3KpmBf(uws2&6kEkeqSzY<5E2A8CLS*}I_ z0=#p(PZvJBy2jq2v*cPkljNAEq>cZfn4z0X}e%D!-CVvQpO11}|4E(lxpfyC7-FfNO6J zFC`&#Qp+hJChvuyx|tEWxt?!fp2)&!j52OP2i8)SaDoZ<;SJB(sF=pY6=^A`Z?TEO ze|W91(XtJ!=xy<5U^lxKx#r^meFN97oCLAADInci(MSMWRAn7b0@Vru)``uL?Ep25 zo|>7pZ8&zPtib%aD4a}^N)t8MHAiOk-fOn_7DoNuZ$5|S#O{6K=EQ%3ipTz5ohKiv zB2!y=8e$qN)>6^cPDVAl?2I@qt~^G^*va62zRGVxj~w_ePCRc@?U>nKKE$wFz@&u_ z2of!t1aBF(w0NPjPlhZ%UqEk*Zn8nHtD8ufJ_2~Hd?*#4!M_{mxB&>FR{k2C$=^h5 z(hdXk5GgLI4bwR-Z|-}e^-$TBPJZpZn9AaKG3f4Wmwcz3@~`E@b>zIyY*_^akw_8y zCBGbBZVY3;C?lHLv@EaPfI|n8HLN8HbsN$OcL_%g#~6!#(L-x0F57&5V`4j)hFZFd z-W$INdyhT-AuXq@P>nEyLao^|ei7SH71+qR`s-5_q^c#xZ*Ka?#hIP*@VM0pbHY~Ef7kYS2j@iwZ@Oz+yLjt=ASs?TH zD+(5^H182KfS3@}wp60yrDDQeo*Q@(xWu+Sm%BB`t&At_c3guCzJ0~4v7$D5*m5Uu zX{C5BUyS|qc;83LVnE(|YuwRvHeRVScOBO8yUW$-u{CF|JS)NY>NNeA5rez(=`#ze z@A945a&S9-mk5?f7DK8@&p1M(4IR%cK2dOuSeq3I>b;_<0psSpdq_ueisqQRhqrd( zQKURQZx+EB+29SmaToVj9J_rlr(w>sdo~7I1Q0kY5{3YcEhA>gb<|&5_Qf1WDthN< zj{6u)bX${)izehrXSWA-bFsPg{63clB$o$4e0n4;5^pcW2F5>dRYKXRjHGgGAJEpJ zsK^XxlTwCt1nFJz)1QXX5*<-#^DNP7o`J0LFj^@rJ+s4F)wvWi+#lQ5N`rrAmbtyR ze0SA?Z?Qdl-PDe^*3eBV8M&3yxl zAJj?7vJW*~)cKmwoFRbe^qPkWBOlOM$v;z{h4s!*27Yw+M13X)!ZUR&z_eM-%5BI| z+jZr;^*eGu^*na}E5mPpn7(ev>|bv{yjuuws+=_2-`Z>}mJPkCC}f*9aIC`ul$j-< zUsHI=zf~O^LE=LTE{S^hT!f!oXPLa_pY5;8R75jGPGw1ORS!pa$V8Jap3Jy};|(rX z8BWvMj;Rps+SYQ@oYn2C7R(4op8tSw<1;9lcTTnSq=>sq2$M#Jbm&DgDfdsMZ(`{oxoi6ZvPkMs)$<>Q>Fdj8sB4d3rn*yB;$Z9MaJPe{U>VkJ- z!@xXQPPIz`S#O3iqH=}@K}Q5(lTNG5@!jdo<5E%{C2d^#CoCdwXNf1!xigP}#9(F1 zEJ63x*|ru-vrwCEFt7@uxTjQKd@E@)4C&Pq@T<|++7%xb*u5ONP7gPW{<;#@R~5^` zFW1TnjNT4?hMJ<~3RfOy?8W4k68_63b+RWZ{mm|3A{+GA0g&?Ha`0DehWaio3gead&rj zDDLj=?oM%ccPPc(DgF)j{k)IuyPMtY4bIx@n{q9;r1pcm9JBpQ2h?APG zR5j-)o`oFQ1QPwQYUM}b=1?^rz#H{b1made+8&+8!p$dAk~tSHqQm21os5c`tl_sA znGAqL^wz+Tb`E~(b;UIxBIeFjXaN=pVi#=gjR1<&jX6j4S!DB9?Z#(5(b84Q4{qm1TE({Y18I*;OnWn1FR+?V9mKcFwMTi zH$Nh%Nke6hSnOvm{Kj(85`lB0HelYGg@Kv{Nx(Go^r`Ri_sFe-b;?_C9T95);PK8_1FG*Xo`^f-hD2*ET9t=8( z0J%AeB3%_<0C%br!MQaEK9^-Q&~0hCb!czx56skT_I4JSBT&~45A*|A(LmDK-3{MZ zN2@qOHf0Riwb`uI1f2;sepgW&Q0S`|*|isj)EN5oXq^`JQ33N^KY7TeBow%W&F>06 z@W)Wxgjy?k88*a&fl~&YC3Xl0@IXQwz-192$`3D zW2!HgU7EmkB~&+t0l?wBN5R#FXlX^9!qhh!+JVY-FW2d0L;U)8*Sy9;Izes$9fa|K zPf(Vjz0hhAOIlwpaW!>G82I|na+W$TMx0glB8}dkb8BejP8NW0kVaxT=c!TS0Ie3` z7l=J#x`6D^v@E2OgacCB_%iaIIqV^`A%oZA*)&~G&G@fB)q~Za7rN)pj^#S&18bf| zN}Wp^gjGwbyuEXMH)p}cG(*-}@ZL@Xn{_loL@TQwtW7VzCu|?Af9u_oy7n*wjjx8bKX3Cxc-;O48hd54* zX+XdRcn~k3TTU9zA}?m;{qV4J&$)RctR+v*<>C@2lmSwPyvBkDgvk?^)`k7^9xYmB zWG@t;s_37bkkmPA?&4830tPY3b=D@jZPv1WUZ5lQwrbO2`f=ujh}fQ`mZftE7}@az zjO=(XUf?@Ld(_Bx=%^%n_VF8Bmv`N?98kBA$rZ9yv2pPsq5lHg%^fkwzf?x_#rQC! zDI&;h)&SXN7E_My7r;c)cLelS%Vc;~9k*A+*+80W2ZPR~zR%n+7}Fv$agzE^C|AUl zEpcEeiY7hDr#Cr%`n^{TCq%&%maep|68^6ALh=WQ+KGnPxkS#;*ow&F&V*dp4$J#& ziBYjqtBc378d0qd$QJMXOiv3xX!a6s)+nCP@rWmI z8^;F&Hi_U6wRUMb2^{nj9CtfjZ7dQVW^DL7Es3XE4-Exk@0VR?^=zAQtfiC+M4of2}5$qVH!c^CAHbW3vR*_P@^Pq=F@(=D7 ztxa3~9NkIs$m#zTyG2}~Kd9RuX^&;w!?W4;Q!M@i$MZt44DUUrctu5{cokVd7RJ%mELin)Ar!P;$iid(-^V({d<85{OP$H1-e=ANe~ zpx+C{L84ehu0-Ts?(9Y4c$c!e6f$8;C_#ec$!>uJZ4;l(Ink;a^_#VF!@;FMVXH2V z{dKXD$4|L5g0VJdw``}QNAM>UMaJpk17nAB`95h(8uL)0qAeBcD9kwQa*E;>`fp3T zkhN&#+`pw^E-X3&>Jq%^*rL8N>&{YorE9Wk25i&N@$0konSh0n&f*!62bb0?ZD|3+99>X@HFTt}Rw zg9=ydewi*3!AtQfdWBGWVu=OoAZxj{2;h5opi_sPMOMNcs6G$z6vu;`cO8`%4Q_TH z*=rnVCKw`+LxitT+imShVuRqb;g%fD9Y;YMELib@>ZLg7r7+F$VPs#26O@M;AOs^D ze*+ejXT7Y)B^iy17V>9}B3OC7Qlx|B1JZ(RRm}n4Sre4#X=)%|ueTJ?=T9*#QL;4+ zK-SP87|=YZJd6&>4=3`H5#}%$t#^B^C~kP*^Kv=&Z54dsTLZKKz4`j!&8QbamRGCk zXd+Ssl#^qqG-_J>C`jkN@m?8siW?VO7^16hV|cMx;ya{I@Ou_3oW7*K$6_xPWZcQE z-yrY{gc*v9wt`T)pd;8@N@y-Y{d0I!$jlFml=BGEA*diOa1>;8|T!b*FrKC-)=HUVLZ!Kam zPU=4lLaDL@RcUID;YE|&q60o&Xur|}DFkuv9ihS~D zj)q&?2vKYmkiN@r-mZiQh=`sHCb(D{3FHY7kU`i=z(lmlb|y5hU66K|PF4>}lHjkC zSD9^XG2LeT+Se+B9tia7$Ybt$lK!>skpjQm={Q6$zt8ei1-i!@)IC$qWQ@F9f{xvhXq0grXq?S= zph5~vJ~^NSBrYbR)@J0!(Gyg_FQ)_ zXXh~m6)>;#$X!2w+wY>YYCr)O62t92j=pZlW8Z#%A;$$*m@XlCRCC98y~!;%d?=38 z$2vCYE~b^TO>_Fkl5N{Y(KtxKX-9g^Tt;@n(txy0hoD&KjJ?(fEyBj$uo?!-HE>_w zJcflWG?84fX{{-{8qWoOlk5OwE5_-A13#=WxnTqU9QALQPhstTaqc4`GO6R}g_u;q(i z+l`_mf>zzD+^L(1j9cm~L+FzCY~y;pkd!jPBi;>M%ELa1K!xVA<%(@e=~d!HbirmO za%n@;q@?YiC!IB>T@SP+4A1MLu?7$g%%1Wku+RQg{)MV(Kt zLQ+Xt((x6d@QWviS`d@k2;n@R@-qqr-8&geHp(m=!T<&=S*4c#`tgZpod@{Y6+hUg zt0RZ1_C&C1UQC>tu`cPHd@)0g6jIjYwGo<#H~aPOxTj1Awc4mB5i3I%aXr|R61|tN z#I~)if&nW*I;fE62&Hfu0)Ra1NY#w36qp`0vtTV6cC#S8q|Kb_QIW>&pzWS<9q{E> z2(SCD%SiccpWt3^xxHvrNtSLj=RpO@RqosZ2O zH?;7_tt!72CA25TULX;IJ3+O%@Cik{d^Go}YJu{VH@8U?!(4`Ex14$+dO_}9ZKP4* znFHJioH4qp(Jzo_aoQXzG%Ft}RpI*;t0Ni7!NL{I?yAFP1cPQ%v4hmb~4azJ1<(Z75C@yhkO#*p%Dr*RSG zPccWn11>_JA5=zzc(=J@4U2X->m1&q5>(KDissDXn*}tkL*C% z!MQ0>fvl$Ay}|m}8LQyFjExHT$74uiG!q{X+qyRz(Wb%jWqK3a@WtX#29|}q&fEhp zOq-&fv)AJ24o?z}#3Eat0I^hxj7;G6@|Pc};3R<=d5*?naHe880oiuGP*7T+OB=w@ z7xc?tDl_;|h|bDE)+=ROrs@uV4L;OW22kqc^;zolOo#n8=~7^AZqZ2bk&II%8; zc>hHRSU~)=%Ys`t%GFHxpboD(k3^JUW!4;hQJM0Gle)?nbmlmlTZ!CBBRwgiVcwZ7(24JfD+P^4x^|D z&6NT*{G<-Q4Hk@t|A#hoP!4v)V7iXruO)5#TsuE2*fcZVLs^YcV}Ii}z`CmA0PhVZZ7li@Q{zqrdr9G-2v;tb@F!9B214OaVN!} z`6sh^veV~c(0uZsVqzPNNUBtNQQKKch9rZa{-NST`*#77rC24Fh@{YnMi@;{W!dlk zqBLmtB?VP#In9||rs;m$g!(!ja*PEMZsyvt6YLVim2SXQuiP9p2?e}Sd(LrS>6lBott7=EnjCFH{3NjG7$UAM^>eosZ`!QuMgX2`+o1` z-Uy9Kx4sUk?(cI)T+vr3&O)~TH1y|?3@wl%_BvAOY z7T}|Lfa-xW^_71H5$tV`0P5L4H%Iyz*zX922#z@(=2@RVlh%)U9l1M~SZDXg=0t3Y zO5nh5yLDK1B|dJmx1kaB4`@YwUa8206ud)JHcYVRBQT;Fu}5x)T*TiK6gHRYAw`wk zYC@g|1W>oLV*;siSj%AgyibR}`n|@Ef@N~|2`3=?yqpk&p7>J%-x9+FQ|0ti<;*8W zTo}a`85uN%UIos^UvFdU=nM zx*?m2ij4!h76hzMMh=af=W*M-{5H?@xB|oeXyVGHJq|X zwG&sc5Qti%uy-vP?-~)1v3LcMR7Qv{F>&^JtcN^4M+bdSir}7N23Jxwe8mij0oo1rEL7kqEy6rbH*e{C)bPYOcIlwic%h$-|F2F)Hc=Wa7$7#$o+#ww z^{95n-AgP;e+@H>9tEpjQv?u%B(YV_<4ic&_CK`l>le-tQ@;S64cSPLh@9Fl)-~3L z3EYRLHf2o-oDmTp6-tnpi&tK}Z8lyB?zYGT(LK0}FT#Z{nYUm9S!^z< zBUjU{hg7h@GZqPKT)lX|IK2K$aQC7S~1@x!2}Pn+;MOFKUjOk=1EXDNac7=}=4D8|6x4 z)tOvLsB2|CU&Qrf`%M%yUQ|&xTyTl@LH{=FkfMZEn=AqK?~%#fVJTv!lc5N;fw1N6 zI3+gxPGW=&8lX{%EiP>3oZo&rSEpfv~|Qyh3OLj$oW%TK1kU&7%#EOD%89PH(h zhJ(u=?g!YX^e{|1iz?@*vUjzRziq0pW{Kz?UL9EGq=@WP1Q8XCk^5f38idP>4CsH` zQC-39L+#Uh@@9AJNR8NwRoBbUs@}(=sm3M|2vuOW25XXxJdZqco{~_f>Uw^UUtQZk zUS1r!rY)4JFszsPRyCzxybz;7sn9-4DwVi2LaM=0HCv}2m8|$`72{~%d1)}zzS`y$ z82L1mdIQfmgrg6~+LO3q(GO4mL!dVaM{9z7B-d!GVym})ZVD|Bk9z!EnQ}WXf4<=a zk1~l%L6Vc#wR)Nk?R&g-22&U%N&a+b=dayzdcaY`*eKQi#)Sh*699PSSwlwOQ$(|RjU z%h_mw1VF$fWcR?4NrU;S6NqLR26|$Fgh1d%Gf5dpZ#jU36kmaa^4|y2kSBl-y>EC3}_;&B}E*KxAK%$ED@EDKlsyO`X%u$s8>8`x%#NR@HIW@ z*BBKj~FN&Iy9lX`su;kPHAFaI^#60{jmHWkJYIgEsEgmPLlFIbz>93RPFZi zDchP~`<30TLuZ?)7niG)bs7vDx+M2$^qsOKft|`MLKK~pJaofXc_^nxY{Ma3&6W?R z+Gl%VBHmwKKDvH>Y>y5cMnB*Bnz~rfkxu{eLn$lOy|*N5#8qWjSh~*-8A#GVcGk8J z*u2|o|3-~>X-l6TKY1xTvwIQVfkJg5&d`q2yC)lT(t!kb&`{oih>qyH%p&oG2Wfn# z$ZEs;r^s;b?8v);yI%cWn(#B(Jvd+u_sCeSzu8^THjEbX0tM^Ol;}}{fca~DM zWrrqHWGCRV8?**jW$&%Xj9>_JbiKvz|}@i zrAh(KWFiO-HN`}e(cKm4~*Mi&zNS#SNFqK!?8%G;DF$-}ccvAk@YG&puEVpkmaxfMG#Qcyl@d&mqX9%LXM&HPRHw970I#aw z?s1)q>T^j~ZWlhpbUkC=ZkiJZxm?bnM~NqPdFsV);T!`zni$1u&xqtvX0`A;CdSrf zZ)@0ys*dGN`rtYB08?*xcXyqc%(}gUjS~dFE_tH{V9%nN^3blvK%n|*Nl+s>Bj9>a zBgm2JI3J^tZ1-W{22c~-iQftgo;HR=JuX#*JuaJ|wOxXkdY-{|N^GXuE8SNv9nIb7 zIFBK`!M@|anJos4T%91D1agNWetS!UuprzGrx1~>m3)x`J!c|;ZIViDK7+)l+qsz$<6^W{Dzlucd7Wfe3prW%qa z&U(7CWts(J}DCd$t^GnFl$4%hjQ_qR*0 ztBbjC4fg6fL4Pe_cuaMIl#x$YF+klyVW8W5o_$C@+nTNTzkkbP{F`$ zp%HpsFedj<&FQ{$&-e(7D(Xcgxj*6`t?|q4edHGgB&l?kCnn>W44O=m#LuxmWlK}$ zs=a-JC0q_8aV(i7?gkR`Bqd7n7mDA)Fdk8a zKcOCP@fs=+)}qeUX7>;uEUC{^;%3)mrBo*NWWOYJpr77{R#fduIkJt~(QcmTO&kPg zPoySMoQdKz2sN;*{1T$?VqNf)&Qd0K5&r5&WiCfeXmfVOa+_G9?J8dil4iE#8)ubg z25oMs;{YnSEq)jqw^dcO;*8y?bP$k6>uRc{c(Grc5$ICudvuP04q_4ro;LxD(c!Hx zxB_Uu6;H~s5Cr6!?`0ubA}yvj*zcEYGhu!rsG19yX{(waOfC?l;`rB{`t+J6ZjMdc zV#Cf$c#QgNg|X%o$(>W9&9bD}&n>?-T0HCP;aTu_d4Q_cj@5B;G8M7usEU0&=T@aG zZ8^^_cAv91kQ}!>H5cL^r=$gWkS$@Hi|aCbhjpyQSpYn-SpO~yq3xP%ZqvKD;(i;* zqn>6uoDw09G1)CE?*8@Dv|DjOkZ+JMqaN8JPmYOV8%E_zy>ld&?Yh`7E5|Y3jt)-3 zh5lu&tCN?RtL%?{A+DS~&f9|_V6{)tNOYIq!}tbj;*1d)K8A^^E!S#6va^}gj7-Hw z22VXowqf2<1}_v|fSXR@x2U{Cy6cJ~%YR*wamA)9WNTaj)5ko3>Emt-*O+K7u^RdH zQV42ZeZo4oMV%+j+objQuZk&48Ce8SBp_0N8}d;8C5*?Pjz5QWi9U8~7SLYvxC$Hy zkox>VlYmVqR_lv>mY^4fDXqptE~96m@&3dn?unyVuy0DuqQzE+SSpwllWQD@q4r^C zj3y)j6qbMJnn(Zc3k&6sFX0E&^%T$Q-IrI%LMjW^5NX~U;0lZ-2IVsrE z4F8QMI)kT|E(5fNiXu%U4AW!FdfO~m3c;$A&=VY=Xzp? z@Xr5-Ty$bOTlnIMMEMAii*}CZazEuFV+sE6Kj}wOV#A-lF9O6O4oQPnI8~K_yl<}#xR1e5z#CMoq+z?=Q>oi3AI>fh9w=_WN~UhZhHaX%L{LOTA8YSmC?6U z@fUo$9kaq)R20DeOxspxU$&$a{y2dE5)kDRb~bNyN8PpV)D-0d%k?K8qbTE1PfABZ zw5eqeFDZ!v(?Z?t9aT&MnZt&pHb=GlJ_Bu3mT+h@@BOXARthO}Y!> zIeN;Klz5*x2Wa0-uy%9dcBjyJmsGQ>`kqgg`S|@gY~{*+u>5FuPod87R?qyMw?@q! zWa4|QEjEOAwMw5O;zjN|5}{=QRND6|j`a5N8?PRjAQe-N9`e2> zTBBwgRDFhMr-6ZYtCemxpVFIe0EebQoz&GXHfV+(_u7zra;p`+4Gf(S5_U! zBX<-^6dHI|x9sxIz6f3053wK%?%Yw4z|JD-1R%;4-*oG}gDZhmK`ZHyC$ol8%iwqR zu>^X?+aa$UiWqkGY0c-`-Q0hjyWssys4I~3OhNhcW=f`u?yO*!fd+CyoB(zLQX0WA ziXpCzi8t7By%B5xG?w)N{NR-W<~?=*=;sUhgCq6)O3fZl*k~MHmV(p*K31|J^JP|Fbd- z=y3y?^>d$i&h&L3C?q-e8fIs8dWci~8S2WqjGp0p`KyQHa%JV6{-+NLY&|6EP%&DO7TMMwm6zQ7qh^+q9k;uC?B7ob6s7kK>0sDpu}Y$P&3lD&w& z-_Ytw^u#~Y07;=sf+T06xwC$sBLYSn0Op2vb9i&R;Z~*VN#qphNoq{U zpmQBmja~$bk6QaM5xs5%!!h1^BHxPm>tB45_OK<)r}81K0EM z7%lta@b60JM}dVIvsnO%3j?75lLEYTqyTRnk$B|QFZkq#)X*;k#cs%U1_uz$9I%46 z=^#KxfG2;dcE~FDKvzZqiU%Tv#RrOaKZXb50V2)87pLpo{I+dtwcmRV8_N6jrZw~( z2#JT#!yDc22$oEjFrS|3i)P>vc(PFod(S!md+VYfRY7QJdwuYQY}tB-!YW_a-H{xN zrF^U~nS3Fv?Ub*7U^K1E7SL-`MQR1#1ohuf>f@)glE_#h!?@dqkmgD-BVn{&O>6Zt zN7mEmX~dT3X>1^#2AfA(tvT+}zxKvjf_GsB{d$6~;9Acfv5W_CrUe&$U9e&)`IdTWyU zJ&l@k#eU|xFvYa%L{O>dz{TLwfX7OIK9+%2Usn*Nc*O-x8kPZ7&m_zYgz0C@J^Y{@ zs@_2*VUP4CC_{rHrryElnoZw(GQ)V7X!PsF=5nh86U)G~8>NTn6M<&$P#8c3{~_1bCD!51#EA4AF^JS8DP z$8VG~-cwTRtS079TxPoAiS}a;Gt}x0O+ZvSN0W)>j8phKdDKyjf=0Z=t`k34Gg z0Q+>36vWzf(oerx?th4w^+(3NDU=PHGennYVQL$#5DCpiFe=f0Ot-O#Z@;VpKUqTR zg$}@C_t-Yy!tpr;@SF($#B+ZoPPBQDQATUt4UleLC@A%j4<^%+K{7S0HOBlUnGFZi zuWA|TK|6_v$I6I&o7<10+AL`5sx#N(fMhnI24LE+-A}KD1 zS*IosXGn)}Gw9*i^yuu4K#Rm3yY~n%5qPsiCo4L;UwMCl!5CWL99o#jpk(_t3Tk^o zE9<+&P+UzrWQ#3!Yg9qzev_e+`U#cy`_jkRkGp+N!e<(ym-3R2jvAY45btWZvM-#HiOm196yoTI6v0qYHt}{Yk@p}(!ih^ zBhY%ft9*F@S3Za(LeO^4_OFi+#-DTxb8xjaNrq~Yf7e^;ymKD1Xj&W}oqF>o5wNQP zGXZ?ge+*+KY00x%kWGAn){tn^P)b}mV&>{nMOfL;pY~R{Zd^ZqP^c++w`y5$@O43m zUW4rVPv_)Ad&s6*sdmyeXEsCZ_fCtN*Q%#6>rvD)!PChp#J`qM<&B_bUFY%N>3o=y z=MZHzY5i@}NvMW@5yFLr*3#?On>*5%e1X3ZOS7L1=XWstci1~$BU-F`2q0Q2#RBF_ zQ=b(+Mlp;y$inLVu5~hhXVZlM+4MJsXmh_G3uI>EB7}f!y1@UZ8)>4_PnMyF#i%SaSC?okAHLXXr3sS;>m*4z>~7YDYP) zwSCx{*gVbH2)9^}O*d}q2uGez0o}c9>ru@`WwZIOy0YnCCliLkblT^3ymOFcxmHRf z+LfF(SKIO@H~?j?@W)60Fia}{WtaphXNMPYRq-iI8x`9QOQ=Zf&Xq=pySJYC!&*CI zQy(vq+&rAoKjXZ3g4(r}p&vcFY_>UW^|^c_*){#kPTV$bv36I^08rnflk{&umsy*R z>^Ypm5h|e+J^ zQ1MqyRBPnCJI8VY869Du3b=i#G%<|nuVfYjVGAz@d*NOYbc#4o2$+q}VH#JKI?eW# z#!fX$7}d&xG?8+$Ka;x-wrvSM!$HwQ;Wj7u&2O5U9&iZH+K!#pxS*QEdbl7RBG;7% zvs6fSoCJ2^c7E@K0emSv^Izd8XuAea^ob=^M*1~C3KMx$FyvGr@r1e}24O z`m*u*SY_rEd_31EO>@CVg7A6M6o^PH2viLr$zH*Cj8{BjQFD30uD+n z{U5(XTsWgt24?ack|u97rIy(TighLeu|$3=n&fUV?J^$y+1Y)jY#@tsrYk)q4%ucX z_`@_-?SpIs-OE9etu*aM`C9TQN@amrlEF*v%~|pQK}j6M4L{{sX@3)8ixd{Fm&^U= zfAgyh5(c(QKtFL*I=lpnf-l)K))b{z-aT2Uh&WV_d{qjc>Vtrwhl28p??u6$Yr~fB zC@3j>Xo!F!>H7xcXj2N( ztNFeO$;xf+>-oo}uH|v2x)6VLQwV+!)+T}Q2oeQ$Rjzq@J(C02$z376ay+UPqMuH8 zO3>taW z_@P*@`S!@)9c+0${5$@@AN&ZedSybfY{S6K4;}*}V9+R~u>j5wCe(n+4~{qOniVuY zRJNJCb`&@|pCS;z@GU0TVC=XoN0-R6;)CkqVAu3G*vRgi@TaYnd;WRbi|-N0xu@qD zou7f;HAUoLZ}Sm~WjQ}M86n!js1n1w&G-@wq{;4J6OmhPYUIueuL>+no3JICS^mM^ zQ=BGDX+=ft-zQ^y2nlMlX0@Tb)aIAbjL)WG)+gFijB5as*)0T`p^GYz3C1`1^0u`9 z;0eO)6vs@+p92}lOFx(cS!)`hH@!r+0Q{6FVM}tO4#+Lwx8E8$=W^M>YB{b)Fjf$n zAQGDR?;Qw9+fCBK*gy}^;J9f1PN%jTFAB90S;n=X-LTWT21dKlIz`nyIFn);zeuTH zB>JuoRtEIU3v}o0D+7j)e5dZNJ{u$PQgF+lo(oJq1q(vH#IplKg8{*>McEbQhpFX% z>I9xl8x34y%_eU9zbU{&{bSe1J&Sw(&95mPxhsa>(^lwKm6?TUxkKQ zGp=P(WD1%-pkX||9qk+yKx0%uS=`H`+=<@2XNYbinR*@VDIqA=MBxz#como5o%?%L zA1VM{XD+8q#x$tK4xwc@;UyjT1W=MyG)Rf-(q+J6>g4daMFLAl9FB>`_VYaoAY#zC z#y3D>X(lR|k|^wf@2NY9IWW&Fj|CTY249rFjv3z8#Y5obnNNsm;rPiQVjsnsVLanj z;OrCwh@4D2q@5Cg$Q4T-TMx*<+O}9W^iK=JNLJTfq`R%0T}2|FFcL0+Nbr~X$vYxi zmC7|pBA4T5mb0>e6->j1_fN#C zcBfUS5=oLki69i<@>K3Xl11u8@?-ri*CJ)eSF1upr6=!Fp=pISV99`FqLk(K)mWZ2 zSDHEtTu(71&njs>v)xU-4pMHyg?~cIcrY-Vili-x&F4$c<{gY#e7rq3v#;~P-(M}X(2O5Hc`hGYi%H>kZ)Jfh zJH4aCaoDeDpU^C-Xz49#B0!VNTX0QD{u_R^0|4uhD=)>3e3j7Kc*;neipn$YD|MC8 zFLudu+p6XWMHSO5xLJDegh&(^PzPiT0Y0vNOrK}Q%zAK3%n=oJo;9?vRZW^)aKaG6t<4cwQ zp6XfA{*P1--e1b?zvX(2et!{^!FVhUes`A{U?F33AC+$lx(S?WpW;`XpqKquwr9uv zA*N>nA9Xgh8cP#8nM{Csb|5*SOs`=6>`tS5r^WSui}u`cX6Zbtlq_>`a-QMi5xD9$ zbwF+gZc#7zT&?}|xTk_6MXy<-_O0G8hVU03P#R^|&ns4pB;d#e7yHwmsUxxV7UnELM_h6{CIE51t`G z2wF<0Fsba$)Cv`$wi^vYE8X)>^SmKa)|?uWI@tYKDRBy?X9ThbT$btD7|4a9`1stX zM?3z1sIy-K0X{xk@_(tb4E{(zAnEMUxBiJzv$XzSrF-_z9=sLT%)4Ar-Ez6(wZw^) z9laEnzLsSMr+X%hB0QMi6#Wamo@6h?tZZM04j_N$0Hl3{#!5zv=B!O_6h{A3q^;D_ zZ{qw*qRoW_82duY*12H4qx@hRW@r7MsqcA1`iZ(kRQtn!{s5E|DAe^HPrdQPzizKM zVo2isMJG#sw5LghbrX-__K}_pwo&P!WR^qonV&90sFxerBPg_Mm@6kp5M!dd9zZ8y z)^nn-MOpRIU3;msJ#FDXhj#~Q#hcI0qeVY|eRwN$y6#k42$Z^+^{m7L7 zrS>;WsCOzxnkB0k7=_KwXKO(P^lNB;%7Mc?Sl1pkC-|`A_feEr6J#Bl7HSGKdr70@ zZFD0;PwD(%UPSnfJyzGYKYr&GaXUoRl(SahiJ9L}s$Ehvd{447SGo$QT*W8gBiztM&Y?TR056Ou+Imd9z@wixnv3>e)SDVSKB=?s4Xw!g5;aRx>PXSqbei1zG zZ%X=2N;GYr1wz`~&^Vzt5SMY-RwLidzl?1Hu|=!~j4tyBk%Kw`;mR0wF}Vh+*Y1QN zjgdlA5pPjUY3+xI>)Xl2NdM+)`i|=cE2T_X`068hfmg9Vod(+ zs;<@Hck0|*-i-M{31hboq&Z^8#k_|)lW#OVRU;1~gmaZ7i zuaHRu-@+>?;X5L%Ua?$-VpPhGo&&5=|0MOk1?~VAF@=qGycH{<)$JWz;V*u?cb)(6 zC*9pFy61d4Eh^gRxumP&Hki#l*?!vj3htP0_AN}&T^Pm!(wkuXxGfqUJ@w2( zS$rIRWPYiyvvi`eD~I)YWltyo4h_3ui!UfG4H}1zfTGNH7sI!!u7euxcAyFK(-lW( ze~b>oa(Z}}-?Hx*7q7dlHBf+Fx5d-LoG1d!y&zr4d!RO*NK`8Ef%Qlb%?;o;)^r*$! zrxN6C>LAyuUtK9P2k)pNbF;^FkY7~6=|`#&L1ppt6HOC*s07hLhffizALe&m8FVhc z`6zeNyqZy8e8Jc^H8DEIx1a2Y)7hpJ8Qh_Pj}WKJjIKbgApcnostJzq+j)%`0 zjUyf?7$-&sKc@P$E{W}zgZ;X|k7IS!Ta6=!WA?fbIf6r1{oF0@6(F_>rM0LM)}zve zOLV1FX>~NOyxL=0g$zc{|L8Z}F6dU!24p6CrT!E1k9xDlhUy<^UdtLq8@MOI!yK z&Ro|GV)Fw^uEi+4v0yL^;wSXazv2t5g3Sp6I=ME^ds;Qah6ypt#GlJ>8tCe^-C%pg z+m_PMe&~@BVl!h=THgl^^lp1dMu7Am;|;o8B%AA^rZDgG65>2F3c_ELlj z&xf>w1vv6#>#yfBUcvP+O)R6i{kTCirSvzY_~Nddo!7|GoMh$~3K41sR1WOIGs(k} z3ZZM40VbduYj(uA`WQMqsO@X_RpJT?8Ai0norwa7{j!jE@1wL4+U~8AaK~fwcBEBD zz12FX00);05pZEb`ubs@XRK}xqzY0gjqjHf#?Ui{GHVJ-ofN}4nA}WYLU-I`J5g=F zLC!C87nygkTB0kDDXa=La}Y_GD+5Rb>g?GUl4yoTvMwdS!NaiMg8!PRZx!uH^J7YY zv@;=wV{Z_?TiuyJ2DC@-SrQ8`upsh2m`Ui%+(RCaq>e%yjyn!nQ;O5 zx^)|Ktj0?r0UyVPY9EHUL&cB9uf06P!=yA>5=r3Ms5L@b-+yBcph>5%rZxeVaE~0Z zZsbfcE8v~|B;k`+2KSKCq!TWZ8@R(f3}>+>J50d zfV9gs(LY%!s3^};-ADq`s1=JUN@(o_^ieKCA3j)j%&TG&91&hN9B*_z?2FG?G^r6o zAp-^9sR4nRD!bf5h-TFYk+Sjz*&)4+PH;hee!5-aqqeLnf%$&EO{}!v+B|Q8l z+fEPbIwK@^D&MkO`**O$vMQqY-*PnweJ2*%E}5(Q|HR|_|B1(=FV5>8&ILTXmx9A@ zAk_-3j3^IM#1OD{XOgf$VCYcXnT1fNvb_ib;THtQ`t}9|_w(wb5!wqqosME%9`}x{ zr!SfyH=}vjd9hbo*|?AQ6SPb*ORIGLLgu6Omd`C}S5{Xf3=PA=%-mC@dja(d)czR& z=S2BZdUX#@mPyHSIAJYnyYOeiM%AZa)21cHgXi9~V>A1$!EuI{_oC}RA~r3{7tXqQ z4~ESAnBp`#O=|B;Ui-~^VMFHsl8>2N@-FK?<>UWbY`*jbo~@N&e^7*4V~n|&uaR3? zeY`&sL4uI!-oog_S@uVwg7I0B$$6&ZK&$WrW&^T7B8wNs`W_D8XspF9O!)s3oIkDp z8#oXA3!KwPwGw}Vb5WdsfpaYN1L4vq(8)ceh@Y`aCl;-PT=Pc<3N(yranH-_|s?LiB5jWp%6JB%Yp zVj;p&h2kr_3aZ=OK@EJp^5`yZzEjg&sY!w`1I@(*Dix!VGfgATYS90o>>YzEc^Gcr z*tTukwr$&)WMbR)B$+sqi6*vf+jb_l_u2pFdCocSd(Wv`_tyT@wX3@NLwD8c)xWit z;r?s=x4SOE2TXt1Hj0I!(!Uu0N!|0-mSLw7N&J(#zfmHZJVPH+B&7U#8KyxFYz_vh z@m^r;9<`Ld`rm52mTm^~c}dhvW3prLj*ZuyhBOUPs|<)uz%pfrUMxqUmYcqs6CX() z`%Wdp#aQ$FD|k=FyAM;*w#hL^{~Dt-cSFEa57DDLi2l>-E-L<#HCpRQfa4~3WAkVq zytzgyByzIXmatUjjEa2E&a>=4FgLHh)!?8_kY@+<$a~p>;F@&TlaL+vPM${ii+-Ss zkDy;rZ0?a|9rOewx>cSO7HB=%7%Gxv-Lj=L@d;88Lg3N)tVf3 zjRxA?lHfl)&owX7VycNGlCV?;X^H|sJB}a?>U+M;)D7m(mkq1o*WrZOx(-J%Mkn}Z z%etfT`_Nlq=0m&4OvoJkD?3s?@LBumXbUH*aHpxpS+8mMiu(Q+c2l-(`>uCcLFh3T zu;}ANG2JjpERvW)GdF+W=Fd>Q$@A3E|Abinx55y@u2UlQSriD_^Eo}Mo?OauczbSZ zDQ%;EvF6wpsU7uT2Uc$Y<2I?G^{PBzkdu{}iQWFW zG#+=mc6Ij-G?kAs;Fg#~#-;v76AE|c8k!p_W+jss|XAUUt;9f-%SL6$)jm=L-OUHW7 z_l^2@A-0en<@R6sAF=gw`z6F&$ZIK{0ci}I_5=-RI}gczO?)>FzqfzZxiite_xlsy z>z|{XX*n8*HDyfGtE*A^uop~%hL52M#rIR>s>s_42^7vBA|QH58>sL;iG=QlDHn?_ z5Q*w0E~=F_P-~RhUquip7{|iqOa0itDk~8@VRkitIXNqP$Cc+Xb5KI@hy-?zZ4*v^ zRtflct0Uut9)}$a86iCDdElTp*YtK(K)0?);Iys)g~vdbmT|v>(s;ECx-07+L&BwR z8=R9HGn3166=LI9i?CiBM;haCvyh))TAo+(6Er_Tx8Sp(a;}eEyO}b=);v!SB@*U( z(7K?}ytGhcOn?GKI;`7k+9e)?g~Q4a%xjO40501;S9ecwlO4g&uW+>Z?$#1wz4`9e zc>{X$2{cY%^NIDD0bP|!hUC2&Kg--5=wcqqY0EDs5^S`z6>q!$oB}g5y&ns`y1cYX zIsCag2d%$32hGX?oQUWx$7@Dpnmv^kuP1>jqXi2BsgW0xbs9rn&=?z3?r}I91XUF-i^uPK$!G zISZ3WJtvug&1CzF#~vdD^^u;n7EVZN&^MquKaDuBmf`NTGF@druoy^9Ld>0KKMr>E zLTLU+k~;h&NmKukqur@591QC0k1`@ zMYX#s7v*{h*`R=V3y}~{9P5@AV7ht><(CbS<`?kwwF!DvR{?qY5k*DcnWhuqQ**6eWvHBnJqS@VFzBOv~-XKhcPXf-U=r>NGU+f;fP!DiDGE zjAjX%`bXMwNdxynLn7JKE=SrSz?><3hI#HH74ku3rs2Sn76lUtGXxUcEa1P-Ky@$` zDjq~B|mfwY_F9dD>lWn zOs4xk!r9*c4rf!^&*vp(JpES^I&8?1AzO)WIP^DmdkQd(!t3%1(xKRY(@Tkzt+4+5 z9MuXcnkvivMjva0<;NS0cD)7nBDBjXK``0G_~!-PkUmS{HhqOI4}-ujYUP ztgO?lIgL&mZk>Q7JZW0K?T_HJ_+nf;bGFBTffv1zmuzo#!#kzBSlS9V>uyz5#zQM5Uv!y744~s3~`7+9XdY`J?33UEaNB?DeOjOE5?t;Uw3%6HS5f`ijj@Y&82tztAr&WRXB*(?`v>Wb>RD^JG=B-w zqiGQIo>O_v`@_VGN3a(v>a@!D`!|HZ%M z!a%y=B0qQFYVNl0UobDm=VR-8#g?E0v71q$hwkscKL0KF{R{Embx@*#K$JJG=-SE` zi1J?Q$O-c}HbHdTCX^9GhO&_KA1k0y{p5PqQx{m;4M-!!uCh^cR0y>3&aBUf#3f7- zvEo}Eb-Tzxpe-J6{r}DLmf;8ee@cF*wfz2{R0GAqg*$~up#c-@Mv&4@;h;>xG49iC zP`id28V9+25)5ZxL6)DLDVB>I5LM6o{XcWxajk9VXgT|DQW2Qn#Felq{s&> zT}1jX2CF!E$u`JR{^w_zyFl|9&c3<-%I@mjL6wd_QCHlqlgOttOq0rK)5qKK|FcLm zEl>!Y{~ZzQm_ym2%wzsbwX-2^Joh6>o{iCmYfTa`*qxuol(!Po&UPlnk;RdMe0``I zBBZ*xs9L|KB(vo5t>Qy4O5@d@oaw}E`0APVUYxguV}?D--+dDU^FAR32=7vBmEuB^ zx*sL}fpDJ`o0S6pMB&D_2|U-bc>p#%8Lfz% zUV{J5FaDJj4sn@VXMGM6GC3aXlluGAeW6XOZfR3oZJ(kt9CEHH#iAv}w7kDOFC&>- zp&?C^jTjoD_{|OngRoPF7lH41U{~Z`ToR+$`@zh8v1ksqW}GU3xQe)9=!+P&)1ZQF zzm9Kyj-|hjPpO}!i1i4jVVMqSvvRZk>;HM zdi{(F{@_%)lC64%hN+&9sGbdJp5m*{rJps%bCJ{9-On6vrOfdvCP=D5WOy887%kt+ zBc2w!{yM358&S;ZN5zy2mo=KYltex%F5~+9Kb8Pkxm=EtMENoY{+lT}8}|@3nNvKS6zu@L*r_&*%63;XvVa`fSLS z)w3abq51GbsK-4qt5s+4jm zYNC{i-W>0{+?~Lf-;=(fAQC*d3dA+$_-cZja5y(Oc*K=<6E=luTGUlB9$Cu)Qv zW?*ukSw6jm?~ct-7DsVyXfA2(O_Uz^F7VsF`7Uz;4PB6Mnpp1oiz5zuo*fKHj=WC$2o6gFQY1}iX_tU#^EBwi;EP_jw>26&0Q=^s_Bui-2T9cG(R9h`JX z1FN;{w&UO0_3sq2$w)PV_t>-881iA$Y1FBT)9g?;N|ldrd8N}U3l(`^hDr3~YvchQ8l~G>zq@pJJ}x)^vMB zD$@l1mT1z2YaMAO1Z#sDL3&~CYNDC$YRX9%D%cfsTcnRwIZA6)DQXOlXlfgX za*4N|4foCeEOQ(0k||ruVKu{+cpp%rvlxyjVaRNrQh%xx0p)Ta$Amz11Z{bgcrWw2 z>SdziXh2a2@uV|>yvP=_!p_gS&Z4s|uYjL6k=7V13nNtZj-C?I05{pJD79Pc{l4x2 zK>{tp^vn*z3*zzL$O*OlUj6g)^8IL!|#zwK4X0)sE_+em#kdoNG^_WNzF z1Gm_7Mf6(aVjgl0$O?ASg#*U+SR8(Tx)#$kOtUqA9I9Z835P+J9cH_3U!vlr6C#=qmg9! zubJTs{~J=Bz+7MA0^XJj16UG{n6TM(Sj6H`N-Z-EjvxG1XuUR*a^S_uqhQ6LaZoIH zcxTk+9QCJg1sp;1ItmbJ5lo5Fg&Z!WLLilem=Idx&mfhmqzHec{+(jfG6!Y^F8i3d zt`a>H2DFA>7uOyNI`B~T{fzJ!tuRhpYr*KXB7O&B{!E9`Vn~M6LeOC~8RD47M?X1$ zA;QETWhEJLi4G!IIJ%{{6*?6lD(p>~f&ml%?Hfc|i2@bz=ihCp;=ci0CZbg%bzm`+-46vv6P&g}y;Y zWhhV?#s5ClL>=%J-4E)<4vBq?1iiG;BhOAM_GXcrvpwm-wPdmOxI6ow*77D-Zp$n2 zk)Z)PbZn(x9-X<>Z+i(?-Chhskf56A2kQT1*=uTN>+cI5s~z0wiELSCZC@_#jz|4&X??Ejrp zMpprrGw~TV`~2UMj8;hr^`y!ujt|wSG7Pfh!KFWzDMCwpm)Z^7mQ72TsO3+KzBAp@ zEC&UaxYH6~l(SYXNvKww|4F^YYOxMh!AXj3g&CGc(ngl4d_5_;-cz}&ATJdkd*?!4 zsuiTMGo!?0RzIfd!mZOwmH4CV8BCEk$B_IZQ0MP{5~(GJZvP}woT9*rRlTsK6j&W*8)!>AHoo>27WvclLKJNR zSt+CTtVxNjKt}+WXuK=;1-;npL|JXi_LwFG#=JUZwg>l*2J=fU>D~S)9t+rSSm7>> zt_D=L`TzvNryv-Frp|CzC&k%e0$yfEeZ>{0I0E_ycTXWyO3)|ZqVOZRvxdS;{#%GK z8h*O-5b8>oJXc)Gr={6!#r8%iOWeO1NQcU{{rLFrqsnxvGo1>R(Wd^!&e} z7-n|Z$N$}K)kMB@Zs&ybU*CD?3O3q%jBl3sEuzG=^Q^1i{(-Y4MwH0?zw#uz3$Wg3 zJ@!?oTVin3UE8@AAzdv7^c=>$*w+Wti95-Z&dAfT7?zIcnFQU_%EXJH{JKe9j zrzW_3Qx_9+H@jxeE{nruWW*G}7(mvw%%7bA1R#E(I}~a~mhxmXwsy(ACM>-OR#2hA zmXGfvBTrwa1%b{i1ee7AfnFbkimRW*N|>&u>=sE{NdH=P4PxGEBrzN8i4CZpEJO-Q76xfJmBW$<;4c@G8FsS z^YHX8-4)ssWW*?#bN^x>^7LbS-m!$gg(@*e$qRy{j(rm);@9L+N{eV8q1e#JykUNE z3wI{G!f<|3m6WsRGlUNhj0``h_9yj^%vEX85WL@hC_mxMzuAuzBQ^h~E^v=dT4A$@crC>PWPK2O+B^07LEl#2 z(76H(zILu36X!pA0Q+To08IfGp$oylJ7o!!P_Q+VFv3Mhr?Tv{Wr!43uuL}rXuVVZ zn>>(lhrytNJ!#fHgC#KX$yN{qQT({FgIW7F48BZ*Jb^5jz1!5TE>pR6W88%EfN?$ndBbf zI?zU<7rmq&wVBg&+z+_Pp)8e?5U!#l2<;7U-y^BIaX2OU7}Le10eN#RDueRp6xyxAEU(2||0P@tpx zudygYR7aA@G-qo1i%@Yx(PA!CEfRr!H`oV;%_=A|7@cgxX+9}Ev=e@|OI4~|Gkk)U zD}go}b}cx3HNP$dRyty9(pz(^F(-8a?~#%3<&S_?&&HiUfJ!fy2Y}ZiJ5|sv?bm(3 zxR&Sf2aU!RbJ9@K=*q=_tpG0}&NSevO4n z6;dI|qW4kbA)ml%QV@twr&GR1&J+#-gf3xQaM2lh#Z09yfwRgJfB-;kGVlVgWWNFxCKHz? z08&>w9h*JO-o#NE1mCZDO{`V3@^g|L!>6!fKTpe<00(29)dCFno)E{QfY5DGW=cRJ z5)%GvPYN~4_cTccO`iFCdA~5DEv!AvI0|q%2%qq&2mlFc<*u~f47$M)4-4}66kSknfRccYD7;|@& z8Y#eg1ueq6v}|k8>_qXpnUW#0x3}jaN8+P-^P7k_9MpxmT?3}FRGMZA)YPd0U2DC$ zzRIfshB^p7WjRMR`QA@~Twez_L#8!z0Il0aCjj;FNDO0O_4>Cz0N>^>bPJHAH zC_8&3sX}WefacHxd`DZK&VolIYiOOy1)sv(o50wMFMGr^Hrv0Y^eL2%VfH8Vk2MM)qr zSq|r@1Jm<=&)|TWLq&>PgrXKRW#Wohe(}1UI?sfs^!su(`C+4Waa|PRpZXx}`?|#O z5y0;JRWdw@W_$lCzl6H6uYBA<2PwM2CuETwx1ayBvF>pV&$Q03*-A?W0|DWs%=;>lqaH}%qPSe zYqi+*CRD-+MPgtVPV5*VIz;rYZ-kb^6v}I!n)cGJm7c`Q>tJ_*QPDB*^j!#(slZ3; z>}6(PTeat(`<6)S3-GISK7t8+QS`*-*HbIlD_5wHvRG+$o4~Rd;uUfanLLCUJ4a92 zY=C9?eU37n_j%lFAG*mtf`xL1%euSzeARcUtsQl}FW1ez@y$O05H<-P*Ilc?N8|JJ z>pM9>`!>zPB?^{8!=*C^+&a$46u)i->2SPm?#vBsB8cg?d6VkOeyi_7^fKtF7kZ`} z1SQCF4*>&p%(;P5V@-F=fi=`#@uQV6Eh~LopzfD6cSs*3Wbfun4Z(X4FQ6s6G!w8C zWq)-cXBCIEDzLO5atV^31D0q?CKWvZ6?j0X*#YSxcYWn4s^6rtrcXeSCSSl=%71&j z@9!NowY z@h$NEw_QjF|B|_8PZ7NveSZC&@J;jP$m?}+@u%B|HoyybO>HUGd!IedVqubep!goW z>c}x;C*_fFI6QxFF+1Wdy#99m<)v}amHUKFtX*O&gyypLd42t9;6ca8b2-S`nnN{B zgYNofk`dRDtWHX^`e-3rOe^IdJdK05hrgB<>iz98P040i4mIyb0Ux)sza9v@&x>FW ziija{$9s`Uom+B6nm#fMN;Cx+B zSk>H4h*U02<~!yKx7AnMTuo+p^}||4Ifp!YdJM+vG8@sY?~U7VIemT3zWFVc7JWYJ z@{%)$@K4F%h2CHE3^;t8h}Q4|8d9uH-<3N`c1r*B&Pwu(KqzQUvqR{UJaKI&c47Cg zv`*GOri^B@(cMKcISpln(X;KrsbTiLo#W=-N zBJO(4_@yXI&eSsRpXo9dk->gC-m5qMN1jV%t(E@IcBWUNwj}p*)spS$niM{GO_pHn zbROPh$FI{0yF*KRr`qx#?;4E&fkB)*0*5|0{$Sws9suvTk-k`}FLTbB{wL$n&8S>x zbh9rjQ>DEWD0AQnc(LkGF;=gfzA0XTmA|P}+vEnsWJ<5RPB`d%yV+WTW5Jo0FB-~$ zuM`tw!`~8)C>nT~vXEWF8;#@KlGE&`^IGwh}nA<0m z%OR|ukyqOf%LYc1!0?t?6J|TxKgL3(oYLb;?3c}4C};YI7T<$UIp#3LLW}H|Lw1^v1OlmH$LpddQzjg-DxPG0S)bv3^r5Sjlsyw0ZN99YoE5!fOHv?I;+com%Vy z3steC65r+POX72`D>uUOP)W}ITbOn6emFgsy4ZHJbJDNG**^sbeNk-KaIf-JxHAF% z6-+g*WsrmOF#(bA>i6NwfNBo?Fk&XU|1Hp$!8CwpDEA#1e ztW(|-99o?;p!`n#zKf>#x{E9~Th6Zu5I%eMVd{m@12ZmM=teZ~V&8p1c3Z!WCwDo8 zSBbO7Ae@9G`@XRA+q9;b?` zxm5(g-piHkDo%I6wxR@QlF=c2?7X$tn7aGvM;RjolfC>GScS?euujI%s*8njAnV{q zY_2OKhx_u)1>nB!MtQP20LjJ<&X9zZNKd|k&a)fP{=P|6564)c z7H|ohMQQ`((7ezh4J85Cn|bD1!Oev8q&{CxCkl*wHJaS{Z$#J#qTC=wCH(?872i&p zzM(V<1fH5yS}u?8R^1|Aj&})CMyB1q)j!v_JR{$mXhlV89LLZ#`9TKqjcdD&{9 zAMIVMoDoKzp5E#91qAld+BALLGCcdYJSJL4Ki$AwgcT`?Nu9@Srgg z?7s)RFX8Wu>-zBz7wad+In_xzG3IY209uc<&0lwjTdF<1;z?IR$;01ck6{%LYy*Y5e(wEb6Z`7M3h3qm+-5X|x4!tw46 zYYPM#>l=fWbw78CpYSKMYOdlx$67`(r$J}<0rWj3`+zrT#g84iyzuA1JE}0#Te>!H}14QDzGdFYjVxdx(N(2^DTpn2qg z=lA!sm+Q~sPpPk(LtULO{8yXuPu5I4+p+x3SI#SKnd1^>aF67N2h^~&j`BpdwGXpc zv9AD|+_saxi(Hw+bz*nAp%zoR(J*6%llM4{SK~7kQZ#O&?m6%uUwPN1I1qfZ(lv1p##`cZ#^-kI`qse$8alK59uti zy0((%H&&}Q$Srjk)pO@Df(pZ+gmLiC^}tEH5rqhqeNMmaw%j%lvdP5YEa9EbsEN)- zVRV>TU7wI&jr}oS5a=DN>BLaJhfjSUg=J*1rQk4X=4|*P=Mtu2P#EZ+PY{iA=BW_N zbn{;#T*s`$0UA&iOfpF`H9aMd(Jtz&o%O~}deD=pe!926<1q#^OY7;BX)%_hRQqAo zOuij0{e|OUGR#m8akDuuCA#n;x~Ih+C4|_U2ag!egy&j9Z|%)WS%DKLI&wi(Ia{XF zNHc8fcn93WZVK~NtEoO$TIP|`DZfS*jE}#U$-a+Dcc=40H1j#=pWRDo^MX}!q*vYs z2!OvrXxXt;=s38ii-B*!45DcXgN%7vCdf}gW%Kei!4%!jv{1RV(RF*EATT`RmMDo- zrdJ9vELvq9%ORdzaOuI%(ed1}#HvV2Vil;NmbD?K7tJ7?#-d8oN1f22o$esOyCpD$ z)u@PM_RmnRxl+AY@;t!1rd+&+^9BboxGSf_mg1{3;~awxk>^g<8GzMNM2MnC?k)!wb42KMNR#~xD>Tug5G283f`i32+ zXiC0&#f1ByqQhe+p%qND-En>`DHT(pJ@;!3-syNvUA$ou%eGG~U&hYcv$U93k9JE) zl-@jrAx6H1k8->)U#?&Da+Nw~wcmr~)`{=Vm-^w{PCh@4{ZYMP-Jz@kH@A$Ryf_Nl zKj9*!ND*5p%H62m&MkvY!z0tMxq^wH)$a5Kyj^S>mPVVKfp{sP6ik|4V+Awhjc)rE zys1DP&9gY7t-Z6}P{Am-tETZ+SUTNQp*_bUqH(b)r@8hrLk<-au9?W2Me_Mv1 zcE$!<5SH|bE6Rz333_KmSRANT;a+!0LQQ9Z?48BV56cmQpxCpsz9IKQh4`zw%6@#- zG~AFp(%>i>r)8<5VuDvpUo4HD-oOG3s5?zf28_&ohfgnv*=x%%JU1itl~lXm7wa%m z<1%*>(O(pipqN;wlhUz>zU#R5oiy?|;1WJTbnKPgDbxs_YQhy$y(s;6^=oj*IFP4< zJ(Z>wy;*%2Yx?7M9VdUl9x=m6h$wL*lK@rctB3u{>Lnpv`N+5E9^KA^fl>+hhfSGV zks&sG5d;w4&S~|&)q(EmefcJVq0I1lAUjx=(CC|`A27+h;TgC^4zaK1nsAAd(YunU zYGVP`JKBHkkTxl;%&_$47$yfgx^XkX{k{9KCp&Q=u?S=2*uQDL!+U1WnYRBtu8bj+ z7ty!!$qItA)*Y0PRUbUqaQcQQ!(O;gE;-gHC#B zy)Xu^yA0*dgoB93mhLhgXUTqzdhD;!5lNf?4tsjXkhJ3KD0Z*xl6>4xA9e3txA)k@ zoa#Vk@gE|Nb9M3u+K~;Qx>eq1tP8yOU!46}8l_fSG!m<>#x$xPx~DN}Okn&i}= z5-AVDo<93XZB`J*lbKcXqCImmS}DYNs~3Nb)!m&X&&^X560YT(f1CSiP_@cpv;kMp z1hv*OG|GjiUI`yTX*5>vhYU6K^A>n!%ctKiGg_5fBZ5fAr<1y#^vr=@XvqukRom|s zX-^$GMylLRq5l%1=F!NyaA42S2!)z4l6Q( z+2#mYxGh}tMS&re6OLT*0Z3~z(#4V!bJoKNFIwbNmSBVG>&K*GNkK!3`QUzR&L>g` z*l{9PL$|@1WHmRqFlVLYbqQ8Ceg*M7?hW*#^PH=(yeSl1c3BnqhQ}Lmrb97WLpy1G z5e1Z3&*9LWWat94q*BgPWHraY+g=!dkQRXuq5+Lp%+#|{_L>Pi2Jc-gHS48E zw&1IZuj;b0^S23f8X5kV>~21l}CXkvNK^BBHvd_KZZ z;-yo3F`c|#ym{$!>E@VME7U(=I-E8DhbYKUhqtT!^zo%v@BT93JOe)j?EHN&Ok|~L z8{5}_S^7bo=DC?P6{|e+@mCd>b<7|GypEYwNdu9Ui2;_cR+tRgS$J93BjoW5wJ?{i zUHdh4d-fn^tU>;wNih$IIhp4aK$TmqJL;~}IbTuP1HM1p?WQM6pl@-U*E?bHl|CX! zP7a>uaakqf!x^|c=`p9(%EFlGb$d4#lrugvn4Av_Lg$wbLMD2`ma}1(qBvM-v zc;oK(MnWDAKeOP2(B78sdx=snP>p<5;fdZ;r8b(0TCh>zW~NyZ7=?kn<*eaq!h=`k?Hb%P*cj$VhesQjLt_@ z&O^;I?4O~Wb%>~5!=I(~E6(d!oL3}g%x*ph$efX?_{yd-pY|!O7 zrQh`chs+&ds;Y-jIK=o;Bi974vh=_8HHrCr<)}kbs*Te+&tjvG-w@j|xB0$yt#|dD zujKsgIQV{@d>8^>Evj++`%ig#8jIxen5|ot<1^>OE(*Vn$zTUygSey04%`&SQT1-!MbNC znQ@KnREng?j5F^uL#POcC{Ux|f`vvybVw#cd(1oHLn4d3N9dkcjd>t@yk0PRdYvif z`BOi&!A|Vm*5*o4K)RAa7p`^BifMObNDDf!{7e;9u2@={WhTAHC5eEAFrD^W@X`tzv#7`;D~Z=zYsHy z2I|nkc4bUfj`wR ztHj6)t6Q|1`nMBHtdUpT_z}d~9Dc4S*_-Wxy$fR2=lO-df$TIo6ACIoy6I&-c-5b4 z;wU|j&&s6tB0j%Ao1M#xDlJx7#z5TzS6!*wFYt-)b^qe?=L_Wh82wjxF-h%b%`O5f zHayZG#E__vh>9+nfjKK^oEmB(I&@N~{UOg5^F+Ta=V zNpLIhB-bV8HJrj`h+&i)UMlmO@p~iIA8fq^nKBquNkOqKa9ZE>yH9xSIw1Ih=d7_l zPhAUR{+epO8>!9)@Jtmja`K0#o}cUVpGlpd87L@;_)+wQb5rlWoSyEU!h(=jW0q(( zkD)XMl1@M5sNEv*%UGAktBYLnHdR zE^kZc%QR>)6AqDxf-S&W!#75QKp6NDQNdBOED^41GJi{8Q+VC$3r5rMc#i9b;c|;_ z3LT7UWk9osD5WuuM++cSU{cNt>zWmmDRxv{d4$DU=z?|GOyCSwxDo6_nU8{Ic3G zWf~F^?aMJX+Nz*$cRildK~D$=k?LoX#Wl6ERF-Mo+XzP*%YQ42s7~EHEm1I9sjyDR z?(@@F#?FwNnQk3c`RvqV@2*DaBlz+~7!gC=KGx~51QWz*Bp$x~Dq}4|@OyvCciQ=K z^@Pqlmqot^Q@IAXdba$aJy7NUSdCw|62evU;l0sid*P%E&?L<@6slXK3b2vLlJ&8@ zXk)TiKre`tU@AzWkYbS8&AfDpqHMoig>Ai*U;)5=#SewOiQ(yj`-HEGm|$N<{F*Nn z1Lke6S4nhq+{lzehE;ay2R%WhM}u&xPgYh|45cE4u!+pD)Qaba+?YGvD#T^25k6V> z3Ckr0(ad@l)XmMwLF)!Oev{%Hw3?$i6!;1`lVF1@wtzlsKD>{5cKeqMEG)M;t#Mvm zRX5?sw=$tA2X%BTZ`DX&IXOD};AIt)k1L7voM3ITjL%`FSS`WU;$W?YC_xI1bs;pm zHHlq~%5}%E9g@35M%_LS7E#>5X`)l|f-I{RQFuA(juoz^qFKX9EmAjwDg*7xAP{YI zG^h|eb`*rtHck(%$N+v)^TcMk zVLQja>|G**TGy{+>)ETt8|p)QS2yhsxu_ERQ5dQN#3VUUzlr+(a+FEF@v<3o2m^)Mza6kjY6i#b zzmDx}ZAp36Y&@AL7BVeaX)7;5Co7|y-%(XSxk?Vx4i4ezm^u)P6Q(rso_t^8-96hl2lbCC&v5vP2MG|%&$q{zHXVP zB)5%n(EYMMe%9Oc%&h835UUHyt*Oh@NU}ip3J;2xCLgqzfb|sap{^@g&pdeexxtHM zs8NNDJI1jgoBm{l=w`Iqe^+HPU;_5~s|o(@3GJ|yl3`px^=6A!1}5b5a$Oo`F^Bsh zo8cGnSj^wij~P1OJUa|*@i3Sh!J`}xloP&sH?UmQ*5X|errzWYe~)~hM8d>eQr-Y9 z8gIyrb$klm$KXW#ej`JYk3K}OG`He|-%%Y*jRc#g=-Xc$YO znm6oMyR4Fw3FLqd3VbvJx(InYT?|u1Ymfp7z6dD6uR)BYi&61=<>=~w>paUJ>4bxC zmYHiZTlET&=68gNs_@^1R4g<@9DCi#k}ZGf_fQXQB<|LtenTeR%x?X748)28tZ2ze zL-UhzF~0>~z0Lq#9Z|loo*k#@!0JQVD1dU}?WZ(g#5e%fj>8&+>mDH}Pyb|Z(Z|8` z`mB5hqRYu<*4L*18{RuGH**SmRSL_(3Agyqpw?#GxV>!y`DpYsG*z`6tx;8E1#>^I(8ZYphd|Sy@~)${G&bL&>TfFC zZKqJ%6b>6L$gcWnamach-ICDSGVoYmr=J~~ip1E`vDRHO%(i1Hk`s?>sBqb=6HOVg zRC(f}b4Bn)P$H|r4b|o-68Kg;Oxal2A#^doiSZQzo7)48sp>!Lt`w`jA5TC&1X3_` z41Xj-1IN}PX+Hx2tz&@J>{1cH4|4<6lOLLVnH2!&bymudy}i6xr(YG!fJ;8FQCdk$oal7AC-Q}7OKLpAKyi0J-qzT&$9gMgpFf+; z-z)m{&aYz%2fBi_s1&Z~38na%s!~t=bXrm2JYo`3nh=k;=Vj32OH46GqWkchev0~o zdZ5$^#zf1!-Lzc~OZE#Ualy2x0UX@(=?Ra$|0-1!ipvqs#^yexS#lwf+2q^$bQF}a zVnS2>#6`(vwA&>egd#v?h1o})GGRe4H-3K?{L=5pMcAd=R9|gJFG^9mhW!Dy-X9ee z^mn|@MrnxAMAPAcZ@-ChRZ}k>Hggae+4z{K=&+kV_4Dmgfa(qO;(`Whvht_?!8O`E z(W)}RDgP>5!i$73iRIc4v(VZHtjW(^181dKPn5Y_9vnp)XADcZTM+|3)~)o-lPE({ zu1pc3SxcAFKs7I?A%#!eMC$ys&KJvH)_eAZR4U)jv9xwV+6=t3jAv?Dw)^9rXOroq zdxr+GqdfcgBLbc&L(W}?ozN-+d#UpnFh^|`@^ir%|+6udwL*jmYpLJNKs>)1AxH!`|yt4m`;stP9J z60iXu(H2Dn&pAvcSZg_B>q0P6yu6Yx?e1W(fP$QzZqZo}7EvcBhA;<Po9%8s?MST* z`JC81Yx$?EtL9OvRw%(R?>ju56DR=cihbgu9XN)ie$O7S3-3y@OG$O$lhtu3r3Pm> ziFtx$2NM2AzczNDO!*?%WK}-Ll6H5`BB4!^*BSlsj$KM{ys)8GjRT-rpV~;?#_97b(T{S?+TPFl`Xx=rsXqK#zr#ug&pzbbs=DqVh!kw^Cgd+H83=q3FV1TM`wz$B08^q|2X#zz zg7#u1=OOA24DxpE49?ofbrO7;b_5n&gi^5Y{wemzhnnygd`p#4i3fU@C!a>hA23GW zimC4|r zRcmF$44TqSQx(&ZREVitiMCz-i$QMMq9*!otde(RDSCQL%vqiyW4EXKtl)aFk@bbS ze!e(HlnmU(Cug{B@UPJl)?=ymq2lcwxafXJOXoPOWl%pOCCtoHQ3`g9>aHB!%FsRd z8~{;eL%&jaW&RTT`-f+b=ZBfF``7!;P3=k!z-UO_`HP=*_&NVWHXs4{jVn5z>%P^C zrM#D%A0#jH@09Efq9AM@&JndqGWlLM{CF-@;zV^x1+ncGs|iPWx5eRKtzA`YNG_(MeU&; z+qQLihY1qN+!iQPhy;x^%U*YmFFFmz3@I6lI7uflme;B{5|zw*Saivp>@OkpUQV6I z5zZVrNm-_@4m2upa^9{wn8b5P$p{)6O5DXs7DuqiK`s$8kP#KU2fDTF@Ec4s!yDb^ z!qwr{A*uJBUQCP3H-Yb2Nw7PTYFz`HN7+#4$E2B^r?PEBl0`qxyN$#Buse$p3V5A99#u&FigkU5lOL-hN+VXeYi>@>m_4Vvuv;YjumoMV3sT(g zb^|s@9_W>{avp_5S@+E>s-Z>9dI(GY&nJUdQ5sQuI)Uv}RDWeEFB;6LS2PM$KlZ_> zY@o$`)P{y(vLzTa7IjW0z}gU)k_y{KzAkaKeEbG@@{Js^1?=?A1*8JLQz{1onDGvl zUcPWd!ERU5V5D-{q0ts!K)4s6y3cGu3!W4mizzcg}^rq*MplF|v zXFp(HRlfuQ8wGtZB@3hu&M;00iD8ELg&^Tzz;x`V@x5yapNw12{9dWesD4MUWQb`j zvH%TLX;s(mNgm`S{bc%As3DKkPHwZ_S*1yzYk3;hV@Z`Pr}M1L1&UoU7s_Hs&eEqv z{(A=<;eoTB0wXZ+{^Yo;>Pv#z?Q~Zn#{F|9i8Pk&U1AAeqE}-ns+rog+^^r?vq0*X zO{O^tlMC%nBrtmK-sD;Rg=YaZR4SjS@dSn6yGns8ZYigGI=3_!$+aA}xK5*nS(|Y` zsB0msVC`fK(g$N4N}?xg3Rh-Z>EbDuVq^$730L4!=Meil5qA2yOBoUCnkt7y&ZNgr zuOTQLw~iJZxe@GQJ1kJ@36n}&wagUb#wa(QUVDFvBy^VtDgzvHNzKgJx&>E2{{#~k zWoC%tQ`ha&ivCT=6OrGgcT2~S zS@p|*;5S+cjssJSyTgxzVO4$ys%Tb502yYs!H$~v`*yqO!21O3sLMwD@3H~<8`WM- zuL}RH_S*C>f5{>25l#p2;nXX z0*da0ka1Mj1!aOKU(9AB43bC?1GZ4Ez#jdbA|m|Pc%^ayj9x+F=MG$u^}`QRvEsJa z&ACs9eVvVWOV`0m3eVnMj}(@IL+UXO)D~h0G@Lu|HYL7z-ew}dV(O#tygU?WWrsPA zQ5Xb{RaI$aS~R%p&1q9}B2WF_Pzq(8y};}ac-+p&$l%Hx)CP;5WL$Kze-!W3IZQLL zGj0nXs3fw{YYH1KvP)&jZNb0VAMhcI8WFMgu2Otq6V~Q78=gARCf1Hx_nys=-3qw` z7KA-U+$zNP;qht7-R}n<4FkKmPpJ0;kbJ^E2dTa+F%^|RX1ZA%_P#sO=ZEeGo3&^X z^(rONcjI|jEX3F5Tkg}FvI=%;6?*&q8^W>Ii$`VY?rTvIf3%ENMnfa2>%yA>%A$+)ikj==a`RRzL z8T=xT#sAs#xcfPLydKc|N#ICY=FSDF9C4IQ#LsYN*{A2%EAW2z`gE~)yezcc>;1la zdE9pIQ>cQp`BRhPL%*N#Y@A3!GtYcSwv^~l_UjX1G9KW`wS)Be#F+lM`r&)lzE}4t zlWos@sHFBlNb}K{)1z37P+KlKfN?F5t5B@{J~!Vrk-P~x4Up5#;cPtUCgiRnFOjrM z=)jM6+4}IGomR^mL=JcGAT&Er=(cu7{k{SfkjFAH;i9)MGF@rxy`Q;7Hs*j^Ju@aHu%#}Y^R)`sR_)+A zYA7_4FnR+!E%!Vh`mYc8Wu_{<7&#>;QBlND!dcz~TG&|y-Q#8$Wjrv{6>_dnvXyD6Zs~HFvu-umtW(b-VWbRP z5?kYx9Gmc#!mULfGTuN4 zIg6PnXX0_NC!+nQ?(%xZWrR4ZTcifpqekouc}-(OugfYFm@@?mqa_Gn%5L(>{?Bc;~Jz$2xMR73)f-M3Zxc(X_mlrMk2f%auW-9)76)^zoUbN^^Sr{a3PY_V0Q%`Ytbv z^-{#yx%h9Zd~NDfJ!%)}PII+!ZE99=@8t6#v&ZwH;w^WR`D%36rHD_9obp};vk0h6 zcasixvbg^qa>1KGIbo_t{iNBaaIxH_aKUvx)a|~Pf6NIlaTrP#W|OZ?o2pCeV%=$O zHqL~}qvjoLD*-o^!hjXQX{*JEtma^~t6E``j}Eh( zQJ2`nXgK~r$+o%Zpk(20X*k{p%&ys+LEs?D716{xQyMCu+#{-NIBA6tTo^5i0o5Vc zyn*3<2tu5FU7x~yZDJ9&-Spd{dy+%n-(7W8$M=1tx?Ov-?_FDQ-OAn8Xt2!0L7vI2 zT2rJonR(5kUtGEOQc$QrybqB7f$cV#ubU2H=kZmywL2%moC7=`9&kB@+ zIG_b`!1fc-fUeB!%K07O_Nx&5D+XDQ#W1Qc)&wLZfiuu?zHEkx8$n+_bTS)WS-8gY zT47JhA9q=>a0Q{xLkR^N1XZFZ9zyUZg?Muc^;1kf5H9MWrYJO;b~uaa*EyO*IL}Nm ze}+T-`gDLbGyonWO-;Sw3pG7{J0^Z40iRD!BwT^dvbipAeFXcGr;f>A&?;}t1QWy^ zz05qt%6DyI<7uY$Hcy~yDkPT&oQ|foRNZ^WnwHnwtdgsWy#kVZ)On~*_zgf9UV;{P zX!G}35xMNZ51$~iWU?Uyv^CDu;e7IdK3Oz3B1rgi$%hX?i5VsLCe${Zrx26%Z}{|E z#{!+14C4CZ+YuA2r39z9op}P{^FwX(LQ*MR@prNTlHXCewjl|hS^@JUsHf+MPvKVx zkw!kpfw7$M;XilMET(7!i)+BUgN7$p@KZ5T_dlTvqNje>+4HBjo?K@INVG1BVscNc zVpMZ#qix377DCw(Y7!U{HTeSiq5AY(kSOCI#*?8uDz)iB^0q$^?@AgB2O9L*8rt4- zKMV%F4p$Df*tVS8+9%NRe4#w21Jc`apdl-0G7Q1x%$ENcJ^bW zv=v2;mEXLhxC?Gy92!U4tQMjQdDTEz+DA-8{Tl%P0o+#DUJF~0A#3G`9)8H#xxv4l z5;gO}(YMc;Vd^y@>ba!+D~vzW!rk1u5`Q+?^ml(75`NKr-RE!fSzQI_kE^hy(+pnklBS^kQx`%<=VBd8zmpT~ItuXnf?TDg7jdL>nt zL570E?SOz>;N79!&F*E_44-{X-K8}99gDPwANKcMV+{Qd23&|LTyxIPlQ8}o4@ARsK1()w}li&1A0%mzWP%5n;w7*I9#Cl zF*58B#`{95gEYPznh+- zeEc!vf3J?^af95rOFrfc}lXMI@>H-(HlYBMFT2?mi#+Dg0ozBWYb(N`F zr=aMC=|Fv+W4@{58TYG$H>rwBe}dg@5^nEzIZEb@M3sE3iY!(#orYoa@zn`F2G< zwGhO$LX!M9YD4kPB6cw-4G0AY&xvdepUWd?Ita8Y=tClD)^+fVO0+2wfnP*6ZGHX> zB?d!rd73GkxNvOn2W^UVtndmefr=pw*ttHX@PAY|cRh{i7}_+3QYngab_p^FrEiTv z1=j%lYTd%3)0}bso%ml;rMdC^oH5>n9cZ`@5)h$y;Yo-R9#+RR(ks5b=90|m@se!m zh)%hm#s=juTXAP0${mBvJeHQk>$?TRW@CNd^3*6e)S^2L*#z5Fpgab7rD@Ap0zw29 z8U@^h4TVfbDV}m7wJZ~r(lE`hp$+vS1MS>mQoC@a+w!TPX18?3h23>q2CDv%B2*JJ zhq9tl-LSt`KYvk^^CM-ObOownA4Wi8E0nO$sSH8YUc+3-j0fv$M^=y`^wmn*-57mr z9K1}W5*ky|it9}dZjtlR(zVyuk$`(MRF!khF3=yXa=u)#Pr!66@=pkv)TWjUl+A$;a*OIpnBM!C}j+aclxrdWH%F41L5K@_-Y2);kW7Phkx}IiiXeb$fX^f>`YESn(T4 zdrQEZhzD!M4Q+xr_lE)2c6jnB-fL(%{c`Th)TV05}dqnJmAQ>H9)aJ<|sq zKsW-F%_IPk6FJ)1fZy*VdaVxkAPG6yr^FLPC1q*u8h8=CwzJ*_{EzkR;=56s0eJa< zKYj^$dirLt=GKoztu@lU|j=59a5Jf3+jh0&#xpW zyTYEASzp`Mt$?n4ry0Risj>jsDIW6dB2(C%QB@`HFaf#G_Z5QA6r3k?%ww3ffAf=g z8d_44HDQX>@c>d$@jFt8kVGU^jD>FQLb=1JRM`y(v{@lACaPZH?&*&Wq83=pNt|#D z^l7R25(LbG^t2+~j26^}V1(FP#Jv&0oULSfO{_p^2#Dxwc@nANAa3(?A8ZKo%+BR)#zHBCg=&HXG5;?t?6<4t zM`qsW8qfIljm_=^mne!A{Qs*!!S0b&RT#ysutMCEot*>vxzFNFUP3AI2mw(L`SPfm z;Kkw1Rq|?bc6K5`?a8!Y;jpaA342x$4FJ0z508q3XMr$A3(D6e!3IU)(JXPNN(6k# zimmnh_5PUZr^?f}vm$WEu|w_BMs%F9$}pk$gq7>C7a|*DE``$=R@*sPoWwd|Ep1&X zjYkCDNUbD>YV*bCbsgCi^7SDmBB+q7vf=so$l745fiG7mEW%QOkO#U6wV0-OoO-g+ zY8P_O7k5d?wPv!I$l3rDQU73wKw?XdN(t?i3y^OguQX=`d{FDt8!nBNAS_o8S zoEQckjJa7*qvv^Y#CDE`)h~%gCoE7r<91o&_VQ02^r24pAzp@Ay;rRz2#y4A5d4My zo@i7Z;ZDk$SpwV!6}APtz6LQ{OkTs}aG>~bM`mB&OJU>ec(9gdfofjz9KBU-asIEG zXM4P7aa?umd^$iBK+M1E%`HSxlron#ONCinhsXw2Ur8wPx7_WS}C! zkTLH$Twe>9ZzY%JJ7R$XA3o!B_IquGKMoT$k3H@8&lylVjnQn21eni#8iNCSpt$S>IJncJoZgZZFUPLa5S;{DKS#VQAr&}v?R=!aw5!qR{f#j+ zVQ9EetPQM=Tt4y;^)l^1Eu}hFspWn0vQQP9RRtSJ88-@H*vTnSoiC|>gGeX_4=kKw^?WEL z#BOfs3BkD0!a?O~QLw$L%|Y{&wi|*DNygj|!pWSb_KeJsRAo^PjPmqmWw4v~b(D<2b_xrO$Rk*TWN_IZ=um(XwS#|#c?#FvYYfcJMPsnLp$ zfYF|!A}ZiEUGD2Eu#m+e5rk6)b-<)jl92P6i&2Y98iM!c6;CD z^>2%qj#bswB2S&*C!EV6Ln8+f>GN6{W|p79B(ULAYD`BmN;dfD9Rs2YwFSx28m-k? z5^Gzu6Nl7$s%Yf)a&EM05z0)4$s~$;)75CtJY)t6tG0{m<`C5^uFG`<&`K2;TBWDI z=Y3}=i0K3xN~!MHWG3IRgjPmer+xgQKkup@85Sku<>pOYjSDp!(uXO^rWb8;R`72L zg0-s!pCjPS(suOjV;u(m@BMmWA3}iT-TXG(nXvQx-cak`Z-J)(tG9QIf0nxX@6dLh zwlfQs2f4%DUtT&~9T2+A&3D`MmbTF*M@xOSyVpjP4qARtQS?auhwaHxp1u3YrdMhu z?q=tTDGJrbNDqj>;nsd!6D%^Y*eQSmc_8FWD@uc*no5IWPNFDih)uZUEeb9x8C4)1 zT^Dz0V^nZ3DOltD#Xsgn?(O3-g$t!CP=2Zj{4R9E$;T8V_fQYI15;3zq9Oxygst;l z2qCpT1CS(CeNU`3Ki%1n=aDHCH8bd zi>u7=4gQwU#J0=sP5vOm0vi+2{PD0mjAD`blCFgy66;}N*n9X2ZaV}G3Sow92ET9w zE&}P+D?!=EXW!y6kmG&mkUcDF-V$zQXg5D2OtNZs=oNo`E@OalxiBpP7Pun(%%eXLla6<4M0*h4}IDE z5s}cq5e@DC;V!Eps2Qsx zBV1<|fQ9uBdh{Op8*D&wARYf>z(I_OIee-R&&SzZ7xpWbNVig zLH9?k&k01{vG?SJL|N@OGk)!?CCu`F%6~crI$$VY2B{fA%j(?yOa1nZn-okX z*Y{(&5#^MuGO$H4unCF8+6luNNl&=+7o3l8UC?n|iZKh%`5Ok)DI@tQhI$%-NiJCS z|5n|Ctb1Htn6Sk>B1ybIZ?P!3X7?RBPwNO4xZ&DmP*SHy>x6y6Ldk_9(gEhwfy$9$9O+aJ| z_Xgs^)E5H%YpXj$;m)ga(dgi92>(_)1d#Z?x2I{voPaaes80?CHoAn`Ukr{mVcD1X zuP{iSThO!Sft3&PI)ST+xcV z$GT{XRvy9DEpy*=*UK%b!BHg6Kc4w0;mX)m%2WAU!4bsI%~Tjd6({>O2$ zgSh&(-&D=;Fe`$5^04kkEB9=h>+$+Dk1@ye^9cbJKgrp)?MBVuZNo3(M~_q$iO`Z# zkFR%XG%(90Xanh?z7s9)5E^Vc7I;ofc-<#G4D8|N7IgUUYyCcJ{fu!&hgpFD+fpUT z&$N!?`OQ2GC;wv`3*x?H#P7DecNs}iyjxOk2ema{*wK-nVB@bE)20GTp!>o~R<;V_>nN~Yq%>=;39@N6aTX!&yTDJ~xpZDl>W9B0Sh!cooS(qCjb zQl*yZ;M~Q%@jc4ws%e|zn|LRwP?Cot8%u%YQD|An3}@&CJxC40Dv|ApkI5H)C4-#l zMocH^BAz#0$PxWWYp3qMpPMIwy6zaWBKGyH7YWKkRFtcn&AU1 zjp`PREi%Uy+?
R*oih+O0n?rsHhPJ?S&Lc zbKW!?c|G*~(L^z$yIFwSk9mrJrAA6lD6I@(4AR?)EFWMks24$mKhT#Z&jRXT5mTCa zx(walUmKV*=(qf9&4J7F>u#|j;IIT`oWYjYz$YZ+*yp78KIqS{Igut{S7h14m!n5? zR?LnCdHYq&&hi|?dpUJR(2K$^GxJheE4^mnw$GF2#3s8%J37ayQWuY#v=x1YCJ}G8 z?`@SA53wW1TM3<)XxAuE(^LujcY$T7IV+7n;PQHBh8nrXS)jHI>r+S%!lASSH2?kq z__?Lb`*nZQzJ2l?Y$AIOyv5=22`GAAu6fQIkKiy|)*N1v?TcG2ojY%ntc!#8clI}s zf4t-MQ}fe*^k4)fQqj}|f9ikhz;aqIO%iHGYaUj#f9nH?E91Saz5xfmelfd#RV{Bj zK70p4r91>cM@YUpCIc@8KQVuZ7EL>*@LrQNv@-!C)=vJfdUiSM);1;Nc(YvXSGGAG zj(!WFt&FAtXEK-0yFMWX#YQ(IF<4)eyHkt+F9^m}<6yQ;!ZE3ZQpX&Z$uin9vQsXM zQ1_G9Q4_b6$!PU(*JqQLsjD;rYLRPJ-VS2(+$@Phf~Hx(7R^(+KptfhgEfvxWT|2Y z{f`i~N7Cbl6obIoTY^~arLfvW*t4|C9we76Pz!7xpdxC70^7SmP$dHB6`orEOy$G~ zVk-58`dDJZi;1UH(9JuMm_1+8PuHgDT)#n+_f!wj!&j5qomsMcL-!#s;cpDcgi34Z zyMsJT%?@r$74z@nD|NddDG4%K{wJf%+gK2bTIT^@=Y3>u2^Mil(mE z=}eUMaZgz~rzGBA&Vw{YhUz+(_Xy_qznqxMmLzKpW+_zHKhqNNT= za<_t@Tu+T_&5ri?}`CBDJjt0XyUrgaQLuTUew_Q<9Il}?N z)}O)PRBR^+>XKk|*hv)KtB=i;Qg!aoy=>?$r!;G6QtF3uMcsA{nN(yPY;q{a*90ft zE=#FPQmpFB%IyBRBqi6Cu^|yNComzw*11G=0t~Ctj|-%7a?!2^4ZjSVp3vOQk_i%; zk&;e-9FbHfBBn0uAMml+1%{a9sefGmy2MY*r^0=gs_#p&>CXU+IQsdob#K&+Lt-wc zod1DTWm+M=fzej|E3$K$0)ggbRuO9m*g5>k0-9^^&;SS|d@yveAw7nadI6<0Z||_s zA8?)J9%2PD9k_gs62N%T9yaDad;L~B!G&^zze)+1D@O7cdQsvdn75#5P#Q`X+u7@$cpEEuG|B|-XRsm8uh-ywmZB)V0q*>_U{)G8nWL~-8|O7Z(>lt z6H_JK_XU?PW&}xtldra|-7gU;;OM}Bvg?;4rsC;+z#I-2HAohEpnDz&!v5RO;`gY? zT6MhmaNkT*fUc|E54`(fWF*O?o^I{<^2XW`5e8(UdGTd8ngJFS9Ajd`vVst9utDVNfTdvn$c%%^#7cUDxUpNIw zZc?-$)_ln$hTA*}@-GwQ2wDMhUN&)}L_oNEd5|t>nDBlSYc%KJybjEcD)?2tbO~`p zt%q#OzFMJgb*|gv3hQ>&lznQvElz*iiKhQ<=XyQ@*EWx9T022q;L%Y}q*Lhl4lQEb z4^&O>dU<_`?H|raV(ct}>)g2asm5;V6c^qYaZKDDY)=D2qaHcZ9}?}VIbk( zd(WV(@%dt;DBWCQLT4@qR{7@jwUiV^-4zcddW|iym}pu_o(Q!zbbq)_Ps$tgt1bzv zr;<+>4h51-@q~AW4~~-{6*~HzTAyEUWq-b~{@I2PGh)N=7NqJniZyZ=8bP~qWK*NX z75(Wohq+X;dcH@AhV8UmprtsnLuvX3ka4`iX^rUcJeF1{RI+gcpaonKey+ORpmx+1 z+U|#`2EEu}9Exf0S)zHNeJFleh2Sv5;|BK4fIQ*ppqnj&pOd?6v#53cZ3@!ocGAL1 zw01l^wEUa@s(mMkd(vd72=ZeXyn+_P^*H4(BnG(S#h*G^lB3odEhmd6TyF1dY%bex zop8S!Nqy9WG&H`x@z05{907d&%NF2r?75EEapSo=@Yl~;y@k(rM*OwSzHOJ+nUs%X z$xquZ!dK?x>-8pI*4dhD3=^#a#buZ{YOqz?*$(zfS2GLIHQW60Ly}S$k-f~uzo24R ze>6eSr^|*s%NWC`eAzq+|JuWDO6x-<-S!teKFj`)ZjTy<>rAmZ`}K}FKWnj|J8o3* zTZ3KWd8@+gr+3d9cfkDoR~}CTaX`j7kcVGz`XvAf*^vEqo8EikB>-B2_S;C43 z2;_dW!apJB5kKb=Kd_r($%F3!^+Mm9~I8~{(FES42<1wDW z^X`pU9sXrm1$VDW?+m>;apdt5a8On+4&DT;aG%sTN*j@L;x#xsn(P~W4vh@#e<#M2 zIF$EcwH76|;Ab>+Pxia4-C=r%Eg1e>R|1`A=?q)Q1E7jofua_DF)->QVK?VZ6s^33 z;(0HPHL3IbzEUr*iI7`2Opx*0fPcjb-X!2Qfuvo`KgjYO;&&kkpyi|mYU{G zhND+>o(}$-0w~=z6>63#%1g@?2@W*(6}bxYe{SPk$x>bdEK#CG?D1p}w;JmskL{{Ma+(Zv5MDX@_GwJz(y_IEPyQCl|c9s}`;Om0*>FWd$ORS{#+fhR$j{F2e3E zlP*hKzK~r~lqKs>DK;=)hsFrIEcrChRT5DCMslH@k9q8mPa~a~Wk6sL3iOlY62+sh ztJo*`spMhIazdK2SWWOe8C)ORP5ut?r-)WKAHQG*S=$&GZQIy>W+QM^Vkg6i(NYvd z4v3}lWr!}ZKpqA)P6F2#HJnTFwbMJq+6MFRx>P#9+e6du69KERk5u80uV{@$H*_ak z_Dm}Jx}_=flx6sl4VK1=(a!B7um$M|`-}^gCzv<>2aA%N|Ec87Qh6kvGP}Y~mT)F( zw$r18VHNUMMD67PH%@esFYVvJdL?h>=zgY7+}XMCs;H|4(s#dK%4b>$gNu>~hL>sp z9KGzcV+Nn4Q>e?v^Um)Qq(fm3nZ(p7bALhR)jBujSV1n3a9&wK7sAeP)g+lj zIAaOYZj$*irBP6<+ZM-7FNeMjw^vjTu>bwnW=yfxRQmCU3&iz`9K>HlzdZYE+9mB( zynBkI_3|JdkD&(UNfs5sHJ;AWYPzSBw=Iq>z6PoRQ+EWUl7H!?vJj2p(K;DrwbKRtcE zB>QBR%9_il9t|ym#LN{WR9M`kkZg^Af`^D#6(l7b^aF1Rqr6HS{3xwxNIIjdbFFx~ zNVp*!hDX)&E0^b=(WJb=__i^053B`^IdOfI#A|$%+OWHs^lHorqPZTQ@Xrx7>C071 z1XOE4mbyil#saoDD)|)-xKZhzR5S@SI#Z+r)$DOl5&gQa0&NAB5=$fW>^E#J@dZW% zC3-+taFddlnG>B$!ALXsvG*e zhCclWfbKc^8vRyy+yNm?yEChZ_ct8m!TJ&9L2!oV`A4z?Kpo^K`s5W}u@Uaj>#aum zNboNFaS)!SgK{-}EX&HDcEj@`JD#<_pWFI5sQtbi{bVQyrgc0q`W&4CnPdOG_8}V(aJ&I!b8+8*m9_r1 zOux42=mTx|iL+p5_3m45p@dJ@Hz6LG2AuG=Gw@^fm~P59q4+-a2g6SPWF263H8y0+ zN~Rd$Q82v`d9nBIysIJCuE|`qOaHLDU8;qsj#a-3PL;Y`Vp2-;lM?dioLOhwUrKst zp`K~>!6l>8<(FaizpDz*;Os~kqQ;<_Ijj&l~d zywa~kqsr*z=i%ifty1K2X{cZGxN$sJ{KP9FKI3_Km`t1-hzrn_mTNT|Yk?7GDSaniI164>N##3z){)?juDBc%>|# z!vW2*hA@-j9eT6o*8Y+ROXU1{`bb)>0U_{2N@X+yZFhEiIcm{&aHC^7W>-#{#I_V= zZ3-jhLkPsCbwi3>&$%NXdDU7ZoG7O=$_VW|nvh~8y6o(Le0rSnbaMQj~#j+tV{X%&);Fw zYA8}2@YN9#2h;o_OZmr_^|pgMC(q?bk@J}bzrHTp&Cj)KYXO3VP&LGrlcJ-rbxfLc zOzi(WEeuTd(Pvo{4z=cOoIkh9nba}4n@*LIhLmF#7+qphleuw=Q%6e^xFb!lRZSp| zd9YBpoiE*!x$2r&AXC7E@@gJpJp6&|?D&_#SqdnP1uQrnk~t$to;znG3aw;^imJypIf< zzV17&$Y%;TZHbuzE25(z?F0_cIgpjJF0mGY&^xT3qvkasQlCfm|<^!mn4Aje} zMC6qMJXY%n&VsWsOH^cd77Ni7)2Pj5Q7i?uU9ppvH(K28mFHLKNtQm2b~?oaGqcDz zdkdCWI-!D!#b7DFRBvAiYTQZ*-5@naCNw=GOH=y~KnM zxopP7#~*HN>Fx(SO@eE1ds>!V2ZE#JjAqE>*N+QgkHnJS>vG5F@@3&A`5Qm2jq688f*bEha#>XrZu@Gdwn)MKw?&ba|#D@db0H1ib#m;D1arReD)~O`)uH-yU zobqbw#Mk~mKEC#ft67FO@loDCbFkkdN;AfTn_n=&9 zMJO@?^{&s;=&8QoKJz=2`RQJ_)U*~pCwsQgF#3nO-x`loQKd@n4-+EE?`aIqemjbB zW~l9fOO*aEzA_a}u4|_qIu`&i@ME}=x__}wxTixVg!h^KW73&j936LTZ>yBCM$j!h zG-6gw0Rfa_E|2;WdfIB~vM10*$*I%q11mb%81iS(PBf&=lc{s&si@4ZE#~*A^vy}B zFc+bqD3C+718J^NU_Jked4IlQ?to`T+Yu|K&}l_?b}wT-b8-?^6CGM2Sn_23uzW-|WRvF3=Qt4@IXfikiik z)v2R3Vxa({n&cwXY48u;)#6tHjv?Ht3LIz$b{Wi@W@idLjs(ra@^XVQ9Fmh!$`YdHQR>$OU<)H-=!PEL<{!dN>Dd&RzwM>5yX_J<%hlLRs3C|spf^`9=A4>~So{tei&K%u{cESkS8gxrMQ4bcUh?U3mOkQAN~`2T2?7XltGNwG*#(O z%vh{f&en(3cq&7Acq1DJ0UR&qe1s`S<8lTpYl74;^aV`F9HrFL^M6n6E{zE0?ZT;vv-(pzo0dua`|j`C>6lDL<2}5SWl2CXD23yls3+e~unpQy zO^xE^xK%5C0QsW+liOEJ8~WWLYkA~0i_pLH66!|MHQ@3hC@M|wBb`><{?LF897ENX z=ajZyn>@u>{>m~WbYNjR_gyXK&JT__p6pHV%V>a)4R!TM@L)v9B!bkWV~c!rx2S?G zyTzhLx!qT8@t@~(76OH#=eE;eh9=!8-IuH9O9VCzoc>C;y0ck|rQY`EDLz$OY9FbN z7W&PRP7Mcqa3M*RI)eE1J=DdGlQX*rZ?q$I`6Ds=C&y6YsvGLQJ=~){qu%7pO4a+W z?e)9f_OBxi&r*cwcxcn#2dPN=t1!ym!^M4td?kcwc{TrndYuu64z>aARd)KEg2UbO zm5b5*d=!!v(!`?d7lj{)E>h+;Jf_-4Ft*zqh7utVnx!4|z8bA=#sZxrS%#qu+?Z`@ z#sZc3t?|7vjO0*sGmS%U`k!JTm7jNu(8A?k6uxe~9E!qbiui@Zyih9O2ZNcT(0pQk z^auMY3O8{>d4_ud1?nf#&hXm;B6Cu}%!i?JkWDr~*I=bt4C?K%CIS$C6T3x8IMP9! z`DYTMC5j)MH!s>86-rF4IFXht9;<7836i`L^dV~#uf5Z`BkkY_Er9c(TeC6$ty~_1 zRg*Z8;K2O%2F_9m@{^ohgcv#=Y|{7UY2{rKqW(&o7+UBh8l?cwZI_t1L9)*2LF5Cg z+`o&6P@e}o;RTOtzV%{)1~gR2J7`Jt3&1m zQn3_BFX{G0AM{iEod+{-kI2DJjIJx}-@PYV+rKdYV5<+*3*4FHh#)=RGZ@Qg+KmxI z!72Q}-|x@CdzjJh!SwAg-K+1_(0ELu-!hL69+}TIyes~P58&yAH8b!0L)_5~j*q!? z-aWQ3U?kk!leIeo!*I81z!27J>DFES!>evXt^e|v4${lt6*S}ZZ1I^624fhWAMsd0 zuZv?4*&@?7GNjbwW&juI5Nq8E<&Rx;HR3Q%$S%Rra!Wb}}M)hlYt3xTPnt0CtM0*EDInvP?<`%Pn zdRUnisv3O?dO68f+TwH<`z*BKFU{U8bBBtuVMoljxdP zd2t%9UZ^1>ut+BcdIv$xH6J8bEhRRDdT!FFnI1&{sr@sxKJczQ38}_L2iHV&jF&LZ zIsA1a@S?jKFF*u;x*JYT5cD!Khidloe7RNsv4C>%(v^57@whK8FVsLNvY!@v0WzbN zW9X944Da2xu6%LjK|kEdSyl;ub zNvr9u>A0pYKM!PtAQuc|3Gq*EL1G(oO4?t&6c*!mc(3B)ZB*T*(J3 zbZTiQdgy2=qsUo0A&&DlA)Ld8%9zT_tjPduWi~oAGBa)#DR1609%{sU{WZK&lYs@) zQ=n;V;Fa;;Ek-^+qd)q#wR2TPQQPp zCanI(e;i{VBZcb_>%X4c8Dn^Vvk;bGTojm-17i&q!JgTH$Qc!Jir|l2aCdvs&k@sa zjm^YXxUK#ue5-J6r9ACpTB7+B!g*+V%li}w@CCLdSn9tSn%$=xgVEZ!3y7i`>&Hz# zHCBsgex**yXqJsiO6^VDu#NSc*2M+^-w5DABEcXsGHZ`F;UBB$XADv~s+_6oYfRU( zN6PJIUd@S&=9Iwd7U(Hzd8!c&G$!MF1o@cwX&%Uf#awd@-Gr+xB{X9mxevm(`uo+` z`)u*xEUPRL{@4Hpx@lz#H2coh==jt%Ap@Z=8u%SC!k-|aJ6AicUg(zZV9cfTfXCNC|RVAF(U8``>v)? z%2rJ6TLKQ^;3>u-kf?p|7jq-@J~90Ii$J=odz4;N(SqHZO=&C#5;3J6i4ORs>$VsT zdy$M(Fe_vTUfkRvQ+T!)7l|XJl2k^=SgDVCfpBF=tr!xZ53_Qzqf2<2ZhibG!NKgH zT_ny`B6%go?w34MmGk@-O8Bd(s}s#AT)ix(ucty)DdhT`!XiGk0 z^4hmDR#%x%3QCzakR^nCl4VkQ^SC<$f$K$d+>zfu>5}npz*GoKZQX6LyF>qxL8&TX zjn&cE_HQ=44SPM&5BfY*Ivw5PVx^S_pW{&TOa?)YYTA2juz1^&)*ZvTj+z%B#xU?t zi~c!^((2w5%}smmchjHN1xVr051|v{hsHM`z#xDg=(wk?4b1Cw>Fml$*#ZSd;yN0~ zTJSm~H>&HlTI2RqPFstj)c!#aJ*ph95aq9sSFu8!<3NI&`N!Ev>Xn)_oLA=;al?=9 zJo@1HBEmZr>g?~5_gA+Gr-UaVd^B;S#v`c>5)p6qi-LUBdM&}b2#fZ;M||gRjtCqU zr$DaOk0W}l!Ltw|Qwhd~VMG`jM%uuVnpMXftem|RqYMSIy#R&_>idCHI$djHM_q$2 zj6BNMfRJ(&nFi>zc#z7EfH>$d?XQ65N8sjU)72-Crw|*Dl)*jE>anBwoVG!9#=xh7 z3L|tk-!yYJr~EAnFjyQoc6Nv+T_D;JTvGZrgur)o@HD)(Hk=*uKyV#=Ed8DIz=Je7 zgf%8Ap)zCQYHh=QKq$Ysrz+==#cnC4-HdC>(tYHeP)dhTG^P+`yDWA+k%DWf`$?vW zQYVuVSQ2*=GoWN6K40ES#Tg#@XYufI-UWKU+CB!EidpxKlCc2W2_w@)l&hX`w#dSo z^I^%}X@L4Z3n1^eP(ca`+!mhO;4=<68pi=cJOe;P{7x2#&dMETscIUlr)X_6@p)Dg zx@*dR9TFi5IiY*dm&r^?*ttccDIwQv?@u!7M38&aJxyaM3G7IrRr;TUqs;y9{-8J5 z%6}Vq7RrCW=|x{42PQ=ly!eMki`6PgJjzwo>TWuMp7Atz84|u+(;lMyy$(vPJJ`u8 zt7H!_=2JrPzf=O=>sNB8CqkrV7#Acca${cMb~=GHYd$YXKzoXUS(i=s#2DIw%%Bbq z8HYizEB=n7357n|jR@oE2k}FH$+yz+QGht=M3P&zPrwL`2}K?GP0lVR;ja9}Vo&Ap zS?kXGxjRaUa!bo*^1fRpXg@J>@6VLPk#&!pbV1PsGfwUG)AtzaR>rC$bGAT^!-*zm zPWl#>l$*u8qSOtdBdg&F;>q7}EAtr5gg$F zbBtK`Z}AA}LfxNnQr`5HYw5QeL@D-d|7nJ1H;A5*Sp+Ep?Z1M4w}05}b$ab0NYdkn zUIy^#g~F&8e<)rQFjQDd2u-1AgPD@4Sdp%fY|dxMiz()F*)m3=MmpDWc0av{8Pcy! zZOgu(v(|?E_H|ko#~xuB%YUU1-wU5A|G(p-O#JWt{r%okxBqHXuxe(gMbDQ1ufhL+ zR6AxX25edkAOX5SV*!NWEDM&dWi(>8l&nGZjY`}cqnz{4>G?aozO4HTWT0&p83xf5_O<%+88{U`!5BdvQv?_e zJp`^_F>%%zv;g2dxI`WaeRewLi2j5_%%;dckx44uINEv=P8M9SG=W2+(_74^t8Al) z_@_(USad;EcC`jfSsKEKR|_smR+%Y^i8yDT1&}dU$)5XEV)?sHAGwM4NXQ`$5iPha zNQg`33Sb40WW<9mn?hGvFJEUCmdzPQvn#EAxY8V`22Qnq5XoJ8mbCPAm*pSf0ag@v_sI z62@QGpfyHP%~00e)vI=wXWdCjMJV7H}J5QoxpN)@g3x*&@Y)1W$gYb5+?<2cEfL>n?pSx zl4$)ipSq__EEJua%m9b+T}OQHn441N9~N31609XY*qvvLL#qUZb-IO4`V&bdOzx8f zAe0~oCjru0`qKHc$}~NNR?~}TFbDqXOg+1utQ+;rZd_}-ITifUoX2Lx_Z$%tifaSudU)| ztN2+Pm$r(Zt>S0uD@{6*Ucb=}a5 z5ydw+KojJjfH4dh(rTuF+yakK1a3$W&ye)xW8D_ezZ3U_7s{37J&azMH)s~|`5R1= z7ZD|YB99|Kd83XR$xol$hPROVr|0j|N&;gUM^!l>N?-cF24N&Jmqq&H$gHRAT`+5haz}L^xJ5zGRn8i5 zfKI@R3(@RpIDa9-SpF)6GtekYSzqY;qJIIC9O^{0(@lMbaHtfA z>Y2g26L55RxPRCJV9b=+@+SMF2>QQ;!Tf>{{u2(6(pH!i-b!oVHjM9|K1!ww`|}sI*x8VMz_y5`ZUY`i?c*mp8xXk zpANV2zc=%2`TvRutGA5)F*Ew&TZwI==-gxCTIpSKX2-Q^DiToD{qNC1KO6t&V1FC` zhcz?6#m@%le}=>^iqe*zvfeMi%ciOEDi${d%%p@ci;^>4QjZdc;uO&FU}sFp?8Hrg zw)bx=g{=*o6l;K5i3 zX@RvYu?+&5MRII4Pr$oLNVK_O))YBYvJs=uY)C$%I#sI9ocdJXJC;t1T2-_EGu7IE zX}1c@Iqf3uDx@KP72(V`d3N#k^y6FS)$iwT%quUzDC9ctoNK|EHnXm9mbOx>fdaR4 zC;YI=3uiHi%#`dY)O6h-DkypZMT0-ap&zUwSvy#~)1YXsMr0sc9>0?@mD!1MJVPYr z+UIBa4&3^t)uh}7y20o+L4EM4ebaC6g0{9EYOAo74EyNqcq|n|-~$Oad6AIDKfON* zuuA?r>}UNy_m7`^{O7Iwx0d|(_l0=5l>oOA;8p_MN`PAlP)mTCjc;YZ6=c9CB&{|7 zEG?$k%&ew#SRwx%93N-mzYY%e`&<8yjXX_BKAlwQzShpijKzpvps{T688}n7JrFPy zj2WJU$OrFanO%TGK&Y>5&OK938bzO-N-+nIu_xY+32i+CqBagEKr?zp^uvi=k~xxU zR#HlYQw2aHJ|1FN9W}0w8vELpL&h^fG<_*sJ^`PlyeNg<>7VOr4#AGi#D! zhI}!T0vKmb#Pmsfb3JkO=E!Qgk%rvELl$7(u}-tuI^py>Mk!AVQ2y9aBXSw>q{t|fC+UmXC0 z^q9@^Z}!GGgaQ6n(MRP^tlp>KqWp_J#vzXj-e(%;Qy3DdXDWD+Ev%&qJxtv=@!j8) zjB@Z8)n4Ld(*ZC3@*+QhFp5}yzN`$bbsCWlKba=fyv<-_24XyaR%t9Eex_=G8JB-3 zqq=&{7#Yp^k)3iB`Vqll7FOk-WQ9{t@(?Zyh4i;B8O^PX*Hy0>!;DG*t!gt=KI>xZ zB=-54E^s)Zh_RYIJY~IIQ_nj5ziz_7D*Nxjepdf?c--6ie{JM>9Q?oBpX#ZL0S}p} zE`dLFJ1TWLTK=jkANMXf)@(hGp3Ji}{r6E6kogRy?md;yV){SmA07;{=fD2ZHvYp# z9+_u4*@58XwPpO#t~Bnjx9*PFyU(>|>u>Q$2$`2Ro(y;FG~KyYAFI1?>_=*aM=Y~D ziXxUWpEn5_H_dd`H63_(rd31Jm<=ml7E-)k6Qz;9j8d1PD8L?MC!nt`wp3hHIY%=g z%m3;`CSPaTj3tV+bCRt*cdVXV9qr;M@ax4(Z(uoJ)mzSp_-X=+W3(--u`v2)Ww%Sk zr?1`8!Wgw_$oLu%HW(Pbw5_GWzb}P7mI+k#SQm$bZ#Na^eEE3h%g1-OhtkeWLTMoP zM>4`3yp^HZ+jSauVzAqN)z+j z$&FcwfU#V|APa8cWY?LEfJ}ZObOw3R1O#N#8OyH~V=rxG9k_l)Hz+6rD-a*6p(<=+ zWuSZ%&J*KdRs@S^0cHKVd20t{BaP zup3}jxRzpmw0QBsLhyyny%wT_fZBffJX};Rd>v&D8FAhGvA$?_uDo;Uz$5cKF5JFGq^sg^a_{LyILX zhZtjBCBtP`?{H~Gyxb7gG%hhfy?84PFW1>U3@&|DZ}lt!xcu5J?Cc%}r%XoPE#ix+ z$bAY0HW14YZ@bKF%Hmc>E^cg`Ex^F;Q~I7^3R{mh8M-euVMjDz;cb|_Xf%}nx~-X zALWn)GK)wD`aVUBy{@7U0qf$BBO1csoX|q0m}r#;tTV%5=SJPnRc+RQiT}UHp}x;^ zn~ezNxm1#g8eM=_xqB z!P4ybJ@L^AI2gFA+?0Px1}*C3D)d8r_(Fh7%FiPB>^fSt%iBwP92B zz^&9uDLhWTB@5B~keMqSZSVCHri}js^XV_DN`7n`NejAi`p;SkGgnUX`A{i7Yp3#j z{Lw!1&(ii^5sNxY`T$kg{~q-FS^MAq!PfqFBTr-Yzt#B|zkV%n{Hbj-+@zIOCt}f~ zu(Z-%Lh>q2)cgqP1aTwcp1e-3yt`*Gf+HMYjuGqrEgm6VsQWWc%9|y~we;H!q7?hc zVqy%-5@1kbM2>xMP4%FH}tE7k{*D0XS0z-EkDkSSqHR zq28(ZDx2~RhnKBlB+45H4oT@hy@(l-FHOzmd_K#p^_~owzPD#x`d`Nfq>BFU_p|;V zN89-S8+sm?{u{@S@0<-h1}_mg8%-yuspBoO^%r@-XBGOtY*g4P|Ns4?tpESusDH4f z|C@L=OaC7zk@~&31TK;Gywaq7l`QDred_YX3jLfaZkyqJo8f#bC}f|d`M(zAmXQG} z`2WG6m-YYLKRDRN|Jlg1vO8rqQ`**za(OpOvzLP9obNK#7Dxzn0cgOVv#6;Gzs~yb zX@%3fa|K=Uvq}gktiRF>p*v+8@a|mCko9888M2#dVC@0|{U2cfLob~m_g&pt%D1#O zK$lWkdm;IJ9yI%_*r}HLiHChE9Z=ToPiu%(gYr%BHJu4wywH!#bSWfa&^|L*)pk+h zBZcEJ_UeV?&tipBId{jJ7?#wFwVbo5=wxk7bUWyu^@sg|_~@Kao><0(`bFKLn(`$V zyOC=i!{tqcYF~rxR9L~Xq?0q|S!Wv7oQ018TR0I12m6Kdz_JtJy2Y>S17F(%ejcGp zA5>@NzJ6_QMe)b-tSbL!QamqwD(`;=x%>a#R{yt|XEps_`4-m-{*tI*_0uaqibzz= zog#F7c{NW%#F4zuS|OxEr(jQ(wC<5vL_!pDJCD&l9Bj79m7nmlD*e~xo1p&({a&8_ zA8g})ZRBa1{=e6F!B8;Pe`lFMVF={CENjq}w`!%b+nXfp@5!o%pvXB(0KmK{a*stk zVEII8h%Rqaor|>(K$;7q*p9x5loIB-M(P~ij0=qiGtNA)$bp7LDsD!4zvTLg*z=z~ z$^kGXA)z{|S!y(1TM1*fp>%1vNrQKo-!%`ZWzA%Oogq%KcY!3z;?M*XS{mA1J86F^ z225=wTX~DgW;)tQaWQAdULfD-8*QUXv{t(Vlue>pu1{B2+F9!A>W>5?)cIYOIWZc{ zE9@uVDT)H<$@@BIbt<}F9(1vLn}A*Hxz(UAiGH>;zR*0TP#X!CQOg#!nc_-L5%-8< z5GG9OG7nQ?CYvZiR}b%5oV@j+1(@x#*0WIlFZj4Z`j;yC|LC~a%f2&T5#gUKs6U1-<_7=e(6@ouFD&Jsq`vg&0fc?Z!`Qedm zRcg9$4#*yC!FJ;)^E@oal5;oAGqaw*|_r?2UEsx&x`-%2u|F=9Zp0Ehm19 zGq*_k-s<+hr)OFI??W~n5lH4X)^5Zn1Gov%X4;mOWdO<`dxH$25>W&Y3h zpzo8A?dhERop6G~yL1y+qCu7a$H8%i|L^yYj<^0F8+nTOe};e8=Gvy9#)uCBAu8R+ z&rA%F9C2NPbSAc=R>t8v22ZI{@c9mCJDA;;P6%=6funuxk8l}}$M_DkJMH4TDx)RE zKJp;#rdwyRzcna`4^ywH!rQY%!DyQ+c>5tLXnA8~<^?-|uhZe{AGwlKwvci8mN(66K^gXo8g12)%Tzu!CTXX$@`e}7B=H}S~S6LQyrlh+G3^Yts{?q$7!RqZ#})QY#<^9{q1&Sv?>UxSx%$Pl;RwGDmHuEs#lXQKN1Xz9kA7tgf!>#LOz(Lc`K{~d4X|7IR}QZm78Fk~LvkGLJ1K>|G($TuzZ>y&rC}Y^pOglWs-tW& zHK(gg>?u=+5>7l4oPdvK=Pf&Uc`h|uVQXpGqA=eX2d}~wZ1rSb(pX$2JLB1u0U9~- z%e}fAZo~AyFfB}#{oipm|L=bP;ApG=-^jD2{}uFq^Vw>$+k08M+b}y>KT}Q0jLcv6 zlt3X*81E~KLY-A`67<;FUK~DGgQsM(uq?{uQl~yBOC3@h5*fqvcbc?he%A)YR49gI zgdj!qBe_PQI9Hy4y&FjPXdLe8a8`S6raLz$Wd%tu0Is-iW?rb@|Wecd8QtR>*$`x%{vDz5T8K_hz2^vHw`Xd}DPvtC2YK zjyl;Dx)izSusP#sR-AsX(;UlklEM{a;Pc=r?W>e^x(OUI#33fG*Iu{=ixwL6HUP=#EqNhUsKiWS$&c^@WKitay8+oMspKK@T1nx`E*Q;I|IO;N`*=pM0+tJCE z8-K(My}iSX<8YF|l6Cc!p1#&l+E@MdQg$V_(`_enJQ+dmO;dT|Kgp~~y zv~?m;t;1kmjhmm^Qq^sFn~q(JsM4OIVAf^Ry(uBr?Gq3Y#ydD<90tLz`V~hL3VoC> z-tkd@IO;?sz}~!l0^~~;dmchQ@^`@qjR{2^`C7(&#w1M6LxyUcn6pAMHx8F5AB%Vb zM+01E1^_Ss0DW{x`O}Aboyx-y=JPWWa&%|qAg6J7%07_rf)MVUko2eD8KNhk-|O`f zU9%u2{9I1p3HX3+kV)nn65o}s6Ztp5VSFdO)jGv8@2m9i#7Tgt6(+K%5vxpTJ01x+ z#37=|TnoIXFq|Op{Aw3G4<#kAcawDpQj2M3vGe(}EN>-0$1^y|GIDi%zS8^eilPZ- zoX(Xkl4Av>4nczPdpzh;6cHx4&s--VDl5q0BnQKJ90X=H7F3OrVs;B2na!Zs?4R1Y zV0#y|<*>yc?g?AG(PI;Tb|Ufb=l|V?F()%oz!jaOqTqkGb#C~t?ez2r=|r3?+nrFh zVCFU{VTn5TaSkfqD$7u&6%wQAc}!0~;FF9zy$fE*W?%e~iz4rwmLnF~v1aYA!KW9B zroH&X>0Z9~&Gwf?Fk-Th20=WZUc?MJHQh{AWpmKjLg~ZXy{?x&#?(8V6rD-xz?7aS zO3xDw@zLyrXVr+N!v|;K0?=j9+8&g`>Ajo&2ytizcuxFFjnImsJ^UCAgN`V^!2y~e zUz5ES08_&F2gGj)y>?%|J3n(@oWFaMzDU`xx^0OAbOK(yj~TzPc=ijabNW@VMyH%C za~jU&_c)3Isi1*DN~!WqzEE!khqP{jWp?L&Lc3@1?gShi9_}Bu02nj1j~Z%@BIy4X z26HhmX>2R`X*wl0B#4t+>JE6J)WRx4e-&fTZkJH42o5JXx}+DY6t|2aHVguCEB?)) zl$I3|tPlvB$VCFT^yQc)u<|B7`$D1q$9ZJvur}q8f4^0K7T%UU^l|IaJl)|bqVw-=?vyNlk0B0_U(n_)!jma)pMZ9+z1V-k>@?<49Pygo6HBlEs{8*>GHNRS z=YIcqKbQaWc&q>0$g|x3ud4-nu>HS^cB$IVdes4YBOLCr zsq?PmIY0ku{Q_W2C}04G;Q7lj4t=nPxMx@~=tnWjx5ia|XVE5p-Yzz$YQHORH1ed#M>aaY~w{bg|q#QssCK`Siqryk)m) z9XyMh@{EvY_q;9v*`CE7)w8PnCzXRW1;7gV@A&Abm(Bm$-`}49Hu5Yd|E-=Ub1M`! zB@`}{1N-gLyB8SA%$}Ls7av6dna_~AdFcQjq8SMp(mxr89F60E<#UKz$w1XGR!*zB z@PcEDH5)!k2ozfFIw*S&wBl?nb4~O>*zpJ~P}8A&&xopM-Q&C%URyxE&wJx7wrz|o zmfVtmKh$xl+xIQM-#lVJloi5utvA2ci>xu^rTw}2@RoTnkR9HWy@q3l@x9t>&Cq<|F!c!U3#mL}B7q zxxVXBjR{fvIHHAG^sc8%t{;Q0*< z1eVppP&xL`pJi1UEmQn08u$W6M+YeM?3ge25l-RBJ@x6oHp^R*_W!qP`hR$EFv!yX z-qDu+Z{#WP<#Kjd#-GdnW)Q+U7)b6AK|cLBk5JjJHT9BmUlIb|em65xo*;3T5%TaD zdr82r=h`wL%X3e>xwYm? zbip#!vt8MeKs94At){g!k5&?du@Np5Aso!QU$Gzoa}AN8sErMY12smbx+{)=xuE=l zXh-XYpflmQ?cJb-h04+B|DFYqu@pVBZ=H}C^_y{)$@!sm+qFOx2X2wu*>Y zHO1jm{5&zS%~S)=Q}dcB=awyqq(3Kamyz@?P?X8B%IV1BY15J2u6it1l=6^LLX)X% zDyYpIm6XcFe=*Mpde_J`8L|M%BaQuNx{Yx82;=jR+#*vUVevJJ|Z9QO>{_p7MAZ!11(A&oU-^jDZ`L75eN-l}2 z1-Qr`mC5br`Fm9E|BXD0t}lvdc}1Ysk7)~ADqTjU7tH!PTA^CnAjKgTK#)~XN~au$c$Y~Fg*By@ zPyNzts;_ahH&S~gcckimN?nxd4e0CF|H-CsaCo#_RW-V{eL7xd6&_}G9%Q76Z`fnU zgLY2Uu}O&AOUPFhD8;6*RFhy@iIv+7PVm2F%sQM z&ZGqwK2{UeTK+6t=#C>A!XUlr0lW!~PN zQM?Flb62CW-p(=@?_Q2s11yBe0%;W?LxHfoSW!kbvMI`(t+9r)aFqy=okY8<>Pwl0 zwHMqmMKET_uf0!IalOyU(E`S-P9DsHko%gMs=#R2+I96!GBQcUM8&E6gM!lFhG?5uNcuZXO#0w zalTbrY8!}F07%8=r_6=Pdb{kB=UQEuzGoFsb@ZP+v?fQ$8USY_3#|e3Kg9yQH3?D_ zxbC}UA{)COX zzT{(VnP@@dt3ewP|GidpYDqYKvFs$;ZB@-Ap>>-)4LLp?k8z0kydGmPg%zjKzfM+V zVODEPGAL8CYA(<}SDK6V6jHx!EEzIiQ@QD%F{a3W6H^>cF1;!8;{b<~caxALuixGw zFP7(p#7l^ihy-LZ{~MauKNYzkd`z3L%`N0sbLBntNU87bT_n!isXv-|I^grQfTj2f zYZs6RQ79$7ci}F$k#7|Ze(V4v>_lF=0P^1b;?gLF81W}A$Vy$>;%c@$ehL)#xcI776sKKwx zh$85pk&tl;Q;EFv^Ri5W&E;FS@==!U!Psn(QaYJWU^~`-XY}jM8x5JgS=aF@Q+^fZWtv#WUa6>!)$Nu{ zYbNXSxfa*V&#HxUD=s$+<|g{xdFHzO-FfXX}b&kk;3s9 zdsg7;I&1CJDiqChJh^aH2`#Y*D$$s@qx(R7>8_KgNJ9Ohazv(JZk|Ds)V`*f1W0nI z*XlSen)F5qCmsn-z{j)mS~Se}v7kOM5X~$>KeH9f(sJYs%WGSa+bVANCIp z54QAw6VLkezewM)oXgmy)6loBPg>u%w~mkM+T5kCy{IbNpn}X=tpbzQB*c1hx=&+( zRR;jGS9Ztk6s4w#GTO+ZqvzuD_Cg<=%p73H(i;F=W#L^>zaTtIJwPH#?o#Vqd4|4I zrn&V1G3D2VgLzYwPNe!(8=;)KD}yjXkRmEG^ru#50Aya*1*)XAm7(K-V+Ab3pJ-D; zP)o|nH5lV(&=zB#LL3@pz2yKzpyff-&me3~`D*)^4dyEq`4gN%L?x(R;i8 zeB>HPhfo<2rn0Go{vIV^VhWb7JZ`$tC|ePOIzX8VYl;m%U0p%nr--qut3MK}8Ku;c zWloF+`wIKXcZ#9_dNNX?gNPN~FAusPYfZo|DDP^}X9;U)w4l>cvFfPKhO2ZxNqAn171Z~p#w(CcUKfBVOW`&;>c6VEffk0uz8BKb9u@Fn&1LH zMZhDJA{G&u%}G=N-V{=0SY%{?=J|i` zsF&6M4SK!fE&t!db07S_ST$dqO3D-t2?sAr34iw&$UxgoHMN&ZGS%KmS{y?hfcD2J z(x(w~4go$vOm;SfH%OA#Tr=SG{9WP>nowjPGZ`}O{PJAp1y5~P1JtCrYH!2*xyPyi^IvTJX>>ogQU{PdJjXt^$dh)B8drj z8A**0^1&_UQ}Ew+y5P4km;(~ZngS#cAqoNHU-M!**%SYmpX?^wOB)(NPf)xu4iIborOR%k)?d0Kc-{I- zm(QZsU;a<)8TdP-n8Xacd-ImHx)CLRB9FJa*hg?rm80a()-xcs&Yq+Sto7SJKD@oS zY)zqez1Q;aUMs7U{!5on{?%&5A?6%0&h{RF8WimRvtLd>{QUOU-+u1S{6_j%y#EIW z$NfzF-~Pez*8XEN&ogi~6~~)^Oj@TwAXuYhbKX?hQI08@Nj4crj8g<>AU#Tg-?aap z=7YC52*3yd==;bQ-_;bV9*=%I=$mg|A*GIXV1W? zsNL$Q|AJ3ecc(s#IHG^NoN^wqlfAtO=F@m2PnOok+v60Wy%`kzevirF>{+`Gs#bOY zWB>vmMJV)9=*<SHSJ=H$HD$5nBr?I!D|c?B2~3WoF=osp1J5(J38SL&GIu6(bZ zY?I&Tl-$jSyJ}SQ8olM7KLqD7n~E=Tz9|=zFB(pX7r1`KKw<{NByYhXxcJ*!BLT8P z&>$FI@3TupZxAi$2Jk85rW*#X_n8bUhp64x%b_6fg##2H>=DXQiI-}aI|feC@Ip9c zrBi=a+RLdwbEZ85`w z2S_O)z6t3)MPMQ#rodz_UK1C2}xDUc$O zb;3wRGts~>cR@Y`V~hgd3>=1Ypv>|7jBy1Z6r`F=aCX5IYGbag3YZ2wqUc7>rCXoL zfu}8K8mE$&O1Jndd0`%f5lTuZ;g1uudTHDpKw{3YuZEb6P=Uv%XfE|+$qeD}KcwA? zB*7p=$d`0jp6Y}MnHlz;J?ebddfphiK@+DHT{RXqC2`=(gQz+TtJNklRykl;Fb2%Qtt_P#hoa_8^rbB=tA=@Y zAqD87sZ{L-_!?QTcfkb;&+BOcEwtHkam5@rXvCc6JiKbZNeb{8p^F>?W&n#7wFCVb4h40#-XR}zL!+(NHyGUx6L5!?euxcIfk`$fcPeBIPeMRN0r5K# zrKCv<^thUoB0=TsLQSv`xL_z&$taXYb3v53AVb59`bp}uL?;p?ZLK^6FEzv`V905V zhC5yGPHbL2kFW;=aPi~mnP@YPcEOy)V1_4C4sOLJQ9ujP!5Zw3SgPsekViQ5#dI^2 z4ikb)mB2rp6SJ)aJBcGfp~YN+VTSS!!5$b|lvn+B?sb^LT~$5(G!$(P?K`lcr2NpM zgel6Vxnvi-8&}O7oJ^=V#3T9hCql&(4FzKBRoK;IwoyRsr=+S_WMW8aggmJ)Fu3E? zOLp~W4*r%HI~O9WVljm{t3OH9&0((om_gtbFjpLXBq=9A^aS>jg_Op`y61HN4h`Rt zOkGnr3osQjdYJCk$A$IFq5G0U&2Ntx@$q;LjAizoO$a$Q2Tq&r?E=HR=Om`U-T=C? zZmkOn5h|g%g*cUdEk>*K`~6{71uj|KauY}-r$9}=XvVNg$Ur27STeRRC?5jh3g;t_ zXxnh>FkWFeaV&&%IFBtl?>D8q~w2?->0=xl;-1}ltc2?9LBTpe(R19+{)mFo7hMx)QVDq1FzXsP(MNXHg*M-tJY+ z%7rScC_NdE#e0LoI0S_H>dh1dQF0tm(*7-+t8k|3GMu8&M-=&D(x8x$g@8hZJY-3t zwiucKyyyTWgLVuo2Z9jY>O-AG1@{t7k;^w~_!l~rz)%isR~(B( zZvhspSn=JMlNsbWD=OL zqzf~6El*StVGL_hDru+&@&yCGzXNMJPsKSMi+yZIn4mjCOk2+&QZ^h|CoR-9S6EV&VM>XxF<5Hs$ zh)Uc8p&HzNuh$!{jyD$BTLE=aTuF61&7(~U;{#w$e=W?pMWaPnlTk~pgE&@GwQ=W% z-VePpx(TI`6gYc#2`)VtGNoskLh7Rs`N6rMe!Xl5hJbK))JVE}^o)Gs#}$ZftcD_*`Ul zg%yP(3eF$;y`BQ>hvOfP7PJ6o=(ih0DfUt6K=dwDw_ajXgvdjTK{_|Ozx+Ma3zl^9 z`^B%| z)kG&cK+n)46m|TN4NuI8Md6hB4kO%A7bK#Do`dA8tl=eBOdX@)Drro-3lJBdEez6c zQ%nM1zY2=-Mj3tinQ2ZZkXctg;AQ4WjmL@2?@lsW=eSlih-AVI1#~JPc{{eS2urTm z7MGLaM?smCSC~N>VQ`pE!X>AWqlw~H!wX~-1mZ-ju92J>lXy5nVj>xjy=%cJ4R@4R zI_H0vVhQI^YTh|9otBcT|KWP+e2Ee@=@%LY=&z;eQzVedF*3Qx>w;4uxlzR8fbW7^ z1Oh^?)lG2_Nad-Lzrwlp4F>wA!P=S@W>Cnd>YN;^yL16P3B~?}lSz7BO>QL;-`gTy zRW=Rs0LPpYTp`m=j>JZsOU~{yOsSw7no<&qCpd(GX<4qEF%!svF+x*#gO$NRDp{oZ z6!ETH2PcofLV8ZTjlfjQxh2J>1_&XcGZ+A|jv&Be{ttS?<{ zNb+0wds6a0z?9sIA?>Qk!ps=I`Zi8myIUeIVG?g->tdbU8(#%f0*;m!^bo9Bw3utr z6qe%tFq2qhs5NNBA13-5_r}9u=kRlz#^EXZK*9?`c>4sjIgL?!7pV8YGepJ9ey`VS ze^nx{c3`w_JEe{^V$tsmokr0qoe8PgHlfLtJWZpVy#D-k=;+9bj-85x+Da`_c=}Q2 zy2Q@e9H1_d=aHGbUNQjMAzDQD=a=WK3x1axJHg6ea0}<6Ga`=2oaoC!MOo~+>Q32G z){428Lf_@NHWUixt{xZ}8OU7lI4hfIpvy&!G?unHB*_^Q6T*~>4@D70424{sv=W`2 z-0u2{cx34sM{`9^UJ5!i@x$wloY$IG>T2nQAG^OfQaE-a5s=CJvlJSX9S( z026*7hbq9qrfFNTFJ?+I86iS=JOEmX(C2#7NTLM?zrWKYFa-b!JwD5|KA_3pBrpUWi)KNMB%y5VWm_jZI z1eX_sU>?PhQkQDu4^vFen`P1H+?^`Yq;7T+#i3PLNrcMq&hLW%(sWTUW~1b`sE$0# zYfnEhOLC#~RCUv#j7joVKqD_~VT&9w ziaZc9wRd*qwRsR2>N>VeyTlP5j}hZ+7ktt(j_OGCqt8&HqaBBK3wmk$ib&Fw0%)Bh zFxm5o=iCm;!y(^u=;9tl9-%%CCs(qqy&XYfM>sUv8lQOa42AkWL)wF<DSwJtSJ%woXGYp=Ph zR5C;sv5sA6Q!FF>?tE@x1t=82C!qG``+dw(Eg;L8tLo}F6^;@wUj8=Q?%6m+T zR6(iQrb>Gvs#7!$q;00QiO2RP7-ohdud$`6k=zZt=H^fxz>5r5F;f~J5~6gp-76_- zol_*w7z}eEe06O6=y&@^|K94T1M2?2%kn=Xu6|!6QWtm^j!COE91cAaG7_Mc7; zrh>==#8@YBWHU*DcyzPl zq$YUQ7#uqA$IEBV?;S8g0l5{hsnT};l|$C$YK;1gaZD2eW$Q;v@0Ox|f}Uv{`rX8% zjjKZJL?F|r@|ke#!>YD*TGv7d<8X&V!owq+Yl&a%}aocebL0`Gnp<; znT5URLOZS2N0NjJ@U0~TzVeQ-ok7%zW4plmQaW;tYndw6{xD^C!+E8m*Zc zAn>T~7^b~2k-O;+_5R^_URn7u&K zuop9_-q3N3m92P)Zov%xNvKgkwOXh8g{zm+hAl7U<=aiaJLv9%&R@aJpxf*Ab^s22 zsh?(vj~$g(Ffar-6qF8fd5tro$W}#3zeVv=tq6efJjA*R{+}qBf&Cx4cLLUfUiVHD zRRfcr3TBC#okY~+1l;txhd*@tyS6AQUJttaue!ZmkZ02R^HH}aF-C=I(@hOtb$eYG z0PPv5p%7>zu|}~(ajGls;h@`prF$r2&Z?N0+*a!%4z-cLUTx(XAyGGRI5#nPU=#&& za~{&5bqlGkED1W=vZNzDPdnp89H#JAOTRIbw3rJ~eTl=)+&oCQx2{-*`G%@3ax+=?YXF_2TK;AsM`1e2!(dsa4jO0YZPnFL&lNS7Qcn-h5_ zQ_55f-#QRXdsl~2AU*=AeX%}QGh3@>9a<<--abC^wcS@Lu(+vsluSfI4@I2qksC4T z=yvaxP{IE@;+)eV(oszmo6ShrQ4Q`%j{rm!KbwLBwCS>U=`vx zQsXNnH45obOO3j1N9H0KX)!OB8G-S*+k4uQ*sE^uNlRkQ!2h%$e^^Ou4Y(gl5?c%8 zhm^#c0Q{jOvDIOJcu8z^*h?g_lmi`W4)jWJpbK<^s4{OxS${;M8L%^JNZrnUe4ou6GjzD|k)Dg=gd6KTRm}AnQd6;DCPE*;2Kdf-F2HX!NoU8@%LkcHN0RB+I$?C8_yl}EQ?3KdF zf#yJmOL3s1QVw+Z)Q`tUPn-ia1OL;4{9!rJ8gM@p2U-i{hvYy_0RB)MXm!{ho&&88 zdnE_j*Bs~|%Ylsfa2XRiEM-Fb-NPq-U4Hn)xll9kKP|`~mJ6)`_d{`^wLpGIF4P3z z55% z1#vP7p>?ny75j$M7(HLb+yvkc#e-Le{o#4= z>abVx;GSk^{hWcf@t%>vwPGCb4i154L)pwPg0q=$H53IHB_YSN34qk?D~m@R9p1T; zvq`sonG1#6A#uv;F%*pT-|C7`h7t>MsfcE9-ZB@D#r`q?j(HLtIEnp*ZY@8cWF80F zP=3G2P+lfwDK$sm*OGzQ(@7UP6;DA7^{(#yS2#k!YZ>}p`+P#*R}Hjvk+zQK#z|4< z%5H1dgr|@J8)RHuwM3@aXkKD`cT4CsAaN2=X+-V-oIo7z0vx7pfcmQp3s>BbhE{sd zCKtyrpa}YN6^6KAOfpVV!R#oRPEHORTEYB{8Kc5#9d=F4I>0;${FBbTv%1=#ZSX^G zb%h|w(#cDr1((EBlzqCf5rIDs;S75^O1$&{w!~K_P_XWSwN!{J6`eZqWW%BD;&x-w z*5CBIgMqS0=ywPER??GT-c5`mb$~AtCOONr6{;DjZ06s0OGlREEK-p_SZm z%OrYqzc)BMUf3m#!!X4%7Ki8NI~ti{LN;rjm?ZG6cMFHll{3NK(bV;lP z?X1s{ioqtM?8wAw5tQ){bR>73BS8k4Fx*5hvCL!CRWgd`YAEMDg1&u9^MrCAS3{d$H?O+i8YN9 zQ{GZalKhORf7S=$qXcyQRUzu>h@p^+cO1{;>V2FdppvD}O#mSXXgnh1`gf|ybHTWi z58TxF70#zZS?3dA@G~@P|6zuMYdepYKg=2H}ECwmq2AUUp? zc>9(&l?o1v(@u=vl{ntI@?E#p`iaou1&|ie3kNOJUXWWUiIp9W^Kwk8B2ihwMe+B# zbh%F?gml;!p0`0^9$Dcgzh47668W`YR7Md>akCa9cr z1SJv6M3>_fj>p*3XZINj`JQRDleD_`%yikwf86P|T3^5ysaaD<@I@bzO-+JFAf9pLt{?-h{j~&)c^S3o1-5h^g3&_p#wU{KFQs?`RsPi}>e(bPr znmXT0oSa7m3? z(I_|>q}Rq-{egq@gL+86pCJ9g_lES^ce5kL-WVR~Jb%ba#5%(hDxL8-Nt|Y6%G0Sz zU?vq90puAyfVMvB_nl?!*IU*>vaI`JS(9WSGMAuUb{JYYGQsfFLNsNF#fEaBq$(!y zhx%SoWWQ@bTBn1i>6KBJkp&@d2WkmDV_})kc?dh zp_k}dgtyzBz-z#h7zw33zL-3HE;~d1wiQ}8m+SIavTS; z71g^`)G9ZK0`!Iqz|?nBIrB22%0s}>EDBT%Bgl0YN>&Ftd)sL!K6wZP}3?QtBc zG>Bk?#Hz@+1z5$hNF0idTKZM@u6t+JS6g30$HlWK54RYX^&T@2A`dYJ>0C5UsIO8G zS_Ed+1wUcR_^#cywAYnp{s};2ECwj8rkYL%3OXIr%W?Ox+e`SbGu~JC-}@)ohtBi+ z9*1}a11B|>HMgdYLgOS?sfjp&85j<_LY%XAvDWM#TPOm}MzTVn7(Cqt>AVPZP#NB( zBM?)h^{=mi?8Tw~T0?bI(o1SvuLE@yXSCdPoCA_>hi?9?&X`b7+O?(FMNvm>A;SiB zchVz@>-{VEfpigoAwZN89eIIxUQA8eQ56|Qp8W*e^t;lB=292<{2p>|ssenR%wY71aY3N}Q2+VdE;h?=pS1In z*Z#T-WNUBlB8r%dmT~gwk8F<@YF5RdUWPc>`Ff%Te-}W#N>j`@q4QyqPS%5=n6+5@s`-c`I>RB-VO|XKiq>xly%udr zmo%OHo&>=Nde=ikB6NADP!2OpoIDx-Bt$aB@R?0RTP>L__e_V(GvRPlD83&RGuNr| z#cC8M(v?ETo(yquC6nqt^V0S@e2SF6Uq=ZC9h|hc(*+-iylE7|L_*w00n*W0m=b+_ z#32s!1ttn*`uQv^VpDRPcm&oaKx%#eONI`d>-)&qOsCc4Pz63Rq~-+!pX@~Jf4qEV z|5SN|E%v2HqY1?Y4819$;C&*8WEbV56CgrjqJ)N-5u&?@FqMuu-`a~bcRzF7B2QYa zFW?+fI1|VRzJND~c@(RlMB3i z&BN~BRfwG226 z)f?Q2XJ<4XQhcK^+O^8Ff(pv7Pin_}%sd%E>zw#bQD*Oll>XV_uN29Z6yOUOj$y#$ zPRTGP&5T4Hz1t<@^YM6$sF-&j3;AsnD^_%aA^2qQB8u5GqU5e{*Xu%iKDx>5bFq>3 zBIsSi31WNM#&){k5-Ad&{RD;=Z%^O6f7_k;Dk{QEED#P=KplC?3c;<69~T5>WLjo3 zl8GLlT(y`@m0C#$JZzA&(ra<**MZpHYj0|coN6Wm6Cey#RpU^DOGJyZz;4EB42R(2 zZ*S9BZT5OAU@lF7wl#rB1HIMnTh8&C{YG+~>i79BoQQM7hY1evR__|CRyv_*W{KY4 za?fAASHwMkiOvT1Kh{BM|JVCWrvY4jefL=>lezFE^yG1jEehC}4L!JR$J4O&IQF|JLlg*`2hoQ+2R=9|s&qL2@`}ieWNw!cl@) zMhPI!nln?WK#*fbN2!|7qAMOJA!+0R8hTTVZj`z1F2LN?J?d_xNI*iA3W<(#*V5L8 zK7b&CSn8wg+ZPZCK|&sFL-5O~tBu_Sw^JOble|ieYK1VhBJ%2>oC-qdd6!Wu%B2(R1-W4>bxaW_xSv`&c_Ih@AoRL(N=Y2*@%=3%w;_1PSS;31 zp4oK-QxbxR;v0cSKU<`=)%u4x!TwChB(UTKb>dKaS<3KA^=?`)wRg4bGG)P^$m3n`&QTuDJ0Cl$CR@T%x|qjZ*IOwp}8!Aq^WB{?Nc>n1qK4MO0TzGbkYLfPs~9i|oB zqS2I)>lDY-=^4sJ$xN?GNh{+`r*rCFqd8EgXLQk%TxDkkGw>TwBI0+IDoJc|83(FJ z#GHzDiRe5#S4OnV_b6~XAqAhrcb|AHm7KkR#C~@oS4+yzsiw4p1W!gvQ8y*G9ZvT2 z{B#WZJ%he~Wq`So!0fbIr-8hnQUQf`lQ^|z%gVbi8Gf=j)~2}^=|X>or4sfZYNC=| z``X@uDe;qWMZu}51x&S8>mL~fNpkgKH1)mie(&FR^`@h!uxvzptvzE>{T=%9K(A0u zs=;x{ku*3^I3?rqNZqwmitFWeXy4FA;xU3;ZhayH`3l^e!9d`E*aT{&#o13?M5#Q~ zMoFg?1&ZYSqA^e@V~vJT-;MpErsNc)kjec%i@Exd?hyMzFS$yPca+K4iB>`@#j-pK zE7gShD0bb)UoU0!QY^M9V_4GzL6_smgrD;e<#>!eb%jTOPc&1K(b7UNBVrQ@&bTWn zQ!wr@JPDC+*A!i#ki?Uz(wH#B<4EZYF|&4jG8UQcTJAORF+g{KP;V;8jT*F6E~*I3 zQg5wVTe|k(;1A!(ItQa!naycZrChe(fPASQ# zfaug&9(^H%oIcI9hP=Jjw@?yFbcZ?XwgzhM(p?USy|1uC@HOHD8XmoWunhy$^FGvce*N1SMdjb=V_#hKo$ z3N1{tqq!xIsrzi6zTtR=c7fRRK%m29>M*M*R9A0v#MQ;oI2MdvZ=sHm+!AvQWoe-Z z8ATokXQ%pliXq-@9Y|avjJwDrR!{A1QQT;l^!>jz1cCfOMKX^d7kfn(TyDDcWJQ!{ zkst{4UV(-loSmllsCyQBRmq2@qTFIk&awi=PjSDzXEFVRiAmI}8OgxsKrSC6b(>P8 z*5Y-n)p}=NT-d};p!26c5tmm-djeU_>8wzTRakOIi0{xQR~!LGg4hH;G@`vGnmj=p zi8359j{bl4{=B(y8{Hqp^S53FqRyPy9__Zg)wj>D9CteDnqGXm-I?E+cCH#CAqiuO zU&j$A}J8S1K|1KSw4sZ4aFNDV#ma)%4c4DekT@( z8!Q)`aEBRFLTyPaXhcXZ(akG#gB&7`l89jviFEi()47kY!rVtiFD{pu z?Co^4i7LuR;NKkQLSPZ^PObo7W{jbl=6;#<+g+&##k5wAyBeT(u7zx{Bau0uVN&|L zVxS4@r~tKJM$o$ceTV;l7YvAFBR{z*34_`Ibnik|Rt`w@zH)$l%D@*6s@VvQHJ&0q z9%5I-k$8mijs4xstxUO#n|+7$rJqSa>Et1EO*<5D+{G*uNFBO%U2Q?@QF3czZ0~A* zK3DXW8sSmr$g%S}@I}AAiS`kaVpZ)f>NfJ&i0=qQI&T=bm5St2{&c>t!tRjPG+`}8 zs8XqeFF9CwsS%MZGb$?PPr)P>KVS!vos`@l{|2MmrYJ#;{M?$TKAr3hR1dw-0*D^o z6}_9Rjtn!CR+~JK6RKwh1ZL=V@c4^KN??zjk4atN&{ASPDT$ba({5I@U=Db7J z);d0l!J(QFxz@|@5U)@C9v<__cc;R8w6+KxqY9-?oDv*ksDR?oY^$PCZOCBgYWMBB z2Yq%YqMJnkotTVgEt^x$LXKysa$SVgLiN6Wx%M3>Yroy7{7P=ojW)az$CjZ~o{t9jTf_z3 zN8lQH5heaDbXj;Pn*4>FS<V2YE4L~39n-a|FD(%MhAtWAOB_qI+o{5~8 zJsq!@CxUr`h~2o~re60^Kv7+}@auJ|V&TKUm7LefIKaKV_k^Lny;EiAiiaO7H;ULT zNVqAw;%mKb`*(GIt6sNJKNzaP_7SOA9r0M$*E?a~sjyN6_V#irw6_X6&mH!s|YAJ8eM>H5CWrJ6zEYo;w2>2S0{D}-ynshqG zBQ6@DO=AM)is6V|wP%PeI^j7A68wmn6Mv6__F+B3pGphc1>g3|2o2;@Oc`=5^c!)4 zacIM71~l5<70!OKdVE9-V)rYs9Eiut!f;xt002O2Ec35Aw?&v8fOpgUKjHhCdOfe{ ze}lRQe!QL0E=pz!Zl83lePph&5)rW^4^-Ja3= zicKyLf!#H_| z3J+N*H<4bplYv+l5z?&z#H_}yX8)JEiZm*f{Ra3bi?sq@#Fl*(2?k=id_;rrSP!Pp zZIO$>Z$DCTEI^>VE_yid=gw{*cDPQS+)vY|be-LK2>hE87u3C%KYqEd60dp+s#Ob>7pn9QYYSPdvyPV@?L`M@8S0W@s zc(mX(0yK1{E9vVcf(#~76kPl!bxSg=Lk{F{TN=eCi0$gx zzw|DZ19Re{(BCG4XrM6N0T_#wJ^L4jS}Kb9w^}^ONBUL<5Q{^f`G8F7L*k+u81b1Y zF^(LW93Wo&*3g#ZP3ljagT40`6E zEjA|OxA;g=7WukOxN>Xs5re5zuRn>4PWe8X)o&4H^)?KTiSZ!S`(_#*mI5iq<&r12pH5kykfR75bi;^ZeJwamU<0j(w zyuA25kxZ|}rL=NgVjJu@ag$VZ{IlqZM2?g=R+|XR^DU;MC=(>M0hbFK3FPLUVe1+( znn;o5py&%1&{CE|ETZC?-II>=Ulf-pashQ#PT)Ar!=uCQu8wZO!%^KqH^>3noD zE+sFXdBM>!vOzqxF3t@i5;4US`;*i08kI^NyeBrQYvXB6MC{Z>FkxLq6Q1(jZ}RAM zVU8rwmWnrCX5?266U1$~%SDcgnbH#=Dz8%4t~~Ls(61Nnu7z1&`4j8DjL3oU#6uY+ zpu#Amhtx(E^wlCj!#F(=Qy~nLI+0Gy!^nZC)+Mgd#?Ygwq>psWX#>2@OPNTHxi3kB zzm8`U6`$FI6B(wH9-L;FzOkzY$3N8OMC~V%PG!AwQM(&CRw6SDcH^>(K}-TH2Z?0= zaGgjOrLkgcM-(@I#Nxh096Db%!nl_(pqSmt{h4S|;FN#xD4h|60lT#M;- zQ;wMk)~3QZp&PyZ>`&hLHm27yyjbqbwNAF6f9Y!=NSHg z9#$+Kr{JbtxyG)2nlUL<#)v`Q%N(J&0vLNYRz0r@@r$jBhSqWTTmhgC5^$A2z}x%^ z(`$*AEhr!`|G_DEPh7bNIYW0 zRX?^n-TMCEs1Nti3A7ISP2GRL_$2UXlM3O*-lp%@hx~!2@=5x%`3_q?p=7`s=Va^! z3^jQ@Xmj>@59sBchfYDYD!1Q4E;6*lR@)6|e{h|{8nza zMguo`Zki)LwPP!=%EoX=V1sbJa&Uqj=<{*s6DUFeW63Fvn2r@GJZgucw3pa|LfiKFj$1RB z$PiEABar?}M!?s0=SVQpw@=%x&cVr7sZ4UA^4^~07TMd2LhKvDyr@)|4BL(>p<;o= zPE=j|3A^^0tk+i+FB!(7eQk-Fv~*39Hb!6(hwn*608yh-c_qM}O8H1clIo554gaAh zPP>*ks=@#HDy7&LI3dj5PoRZn)Lk+JB>!GrmijfJNAnrAlJ;4EYz`8~F|kZsuJm#g zYsD$}tFD%%=uuvrD6OHMygn8S)lC~Z-Uzm1%XT^@|(Gd2fIBd_URT|0eXjdWhgx@s3uj z)jB*l5dXGXt<=BmcBk9xWMz;WW4ihXNomhw zRJz5WLp0Ol%Ay{3Yl&K)t(|8DN?4%N>XcEh8BdQILl+M;)y5DCY@*NX1aFwmy$I=X zw3Sh&Ze%kaX$=V5Q7lt8dy-5|@gRys3t<42yIYs2(0IkplxyTj#!to~zH5;mjRd|h zf5d|F)FLQ)SGvy>sl`pF@vVv67!73|s(Hchb(_15xRook>?Sw5kyYt*uK3+zQ}iy! z=a=z-e1#UN3}K7K*w|=*T}3b@@?|5jL@}?@#!P1k16Gzqu{^v>XH?`w42S(Ci4vP} zn|5fnGa-$QqUR2v9HVT7PSHH?7ir)oIH8K+1gR9g{iGs!Z=HkwY zmu;h)`c0>Clx5C|L9}$~s)Sv+D$vkJqgUh`=wlMl{Fwuw|*t4cMKBr05=1 zOUYGEea#L`warw)!6753wp2t{_yk0X#y1?GYTW9nH`C%5QZgvZd#tO@F5Un|l9I2U zc*VpF5?R5>83PHkql8(-PxRsi_$=Zr6?a+eB{%Ixr~CIxB_y22ZsvAP1jd6;$O?SS z?tn0(317>Eh!Kmp7V;QvQuVW@N9?-(QkMaB&E1%%Q=dZ@CNC!YqEV@wQDI%7BK~}D zFJzpa(6qfhutR+5i<5499q=W5@R^>_19Z2haESCndUD}m1bE2j0sznj*saS*#gI~a zkYHXDL86MEPqLmhJnBWMaw`8+Q;Fb#PWcnv5pz202L)?gqw@d$-~UhLzoR(7%7245 zZVnl4P2^1JVw6cl=DI@)Af?2@Lhr~dE%y#we7cBP(X*0?^QMQcP1!(M{OP3jHY({_ zODl}-y*Q&p?kLq1CD?- z<30#6Q2IW(My`k_LwTHnG>{%U1_ml=OOzoIfub{Y9O=d-{x#V7nv6gET1z!Sg~K&? zPlbKu>xFoT7@#b$uBGb*%Sg8o_& z9}~thBhoToi@B~vi*-a`W_X2OMK+$rcCade`p=$%(s;CU4m^A=OaF-?}OD4DpD zW#RlP)?_tk1;G891%f$0QxO%Cv`B_$@V@?FS&)Vya4beBJ`m$fj21y@O=Z+VL`0%< zs4Chmtc^OgFh76~Stv-C#Kb0m`FJ>#!K0BjbrrP- z!(-F{U-ml(?Zb($P}HI)m?ZSTU&f1MILjZuJzjYthw6T~tp&wH_HC>h)^uF^N~I zr;<=Nx<0~o&Q)v?_nbJy7ZLr#KHO>5K&RcVfljwu1MS^-(eh9NP(6#91O7{zy=nY8 zu2=YTp&G2Jdk?j2W0TGLA@+5KMxk$>s5uSBJ4z$(h>6!zld%_ZP4*<<=sA$Go{t;? z?H&z;FLn?(J&{h!;MnU?WD(b<_j=>{{mZLr;EGlMs#=Q|=s-$e{^zRtL;B)XwH9hJ z@j&?Ps`~I{zeRuF6+{s`=^rNgTZv4f&Pg&8vN}1G|0QMS;4$XItletmNK!fq!AH>> z2^rE6xfMe&{xiyuNd4GvCFKo=|3G(qXjjwiNj)a!#qaTJm^tXR*zRZQgY3LPB}&ob zN&NeJMUAW~vN1~ylA0$-dElIgZ=KwVfWy8 zza#EC*u9SGUiF}h92!nuJ({Z)v_|L>j}Zx2?2Ymsm)K9xx*iHtkd~{wFOqxnZ_(IV z0kqr?x;4-}kpHzBCke^RC-#qOpxrsCfrA!*Dxr5yO}yz9w95mi1m#Ur*N^o_-257aGQba?ThHn}ig=AKO|tP>TM8AW6G?Gw>Oue7!ES0U4Y1=R zmBD_y2HNf88fYJ%@cG<6PE7d$e@{k{@`B^V$Wl6dWjNX2O)G|?c_bF!bK(SJH`%Ys zAywRMT9J#jafhpO>_di%mAQ_kyN_M-h@H~LtI^k;@$b94yenI+gmO(RdK^FWDDp9) z$w%~ze+~H#I|=Iem_h@go~o%)p>*xRgdq_wZ#320T&XH`s+tKtD&k8Str>gPhb|vl z$YmM5qgAdngYu1f^gA)#;}hjLK2gNo$rD8;k-nU9j_B28>NF7#zE{f?ycx=8)etp` zIyq)t;-Y7wsSjt<)W;p8sg0&KntHmX<~kbQ4144T`C{{2tgGb>#faKdqXiRpb;>*b zvLZcR6PD(eS5;^+d=n}51r$1EFsm*>d6fNm)Wt^A8%=)-svhz!tD=Dsj+j@bW@`3`Mwnk@! zLC5HHqtii=PVcm5)am<1ryHGaboz9iE*QiXjMtk-%NJ{J@bV>SE#m=5_UvZ$_FG8x zNt)m_#7=xNJ!#!txEqHKhV)$P+52eh_MxBAAtGG$Epmr~%(~r5Tt|72&!apezj98H zqP*_=V!$Nd!l!&fA#nYbY)qj>J4$J^gh4znd~H87$wvqeM?zMeR?GWVO{u!W=sSIn zZqrS2&=3hw6ss6?@X$S@m-zv`T$GuMiUTl5>5s6Deja=5uHfFkkWaGZjp4VP=f~L1 zx$5)wf69%WjxCPytJp^W#I_hj`w7HDi7$FmHz#%L6{1$QIEhQM^^#=3MQbx(;b}%1 z*hROhW}Qh`WESnL97=GQ1-9bYT_4&w;N^Cc*R%7;N3M;0Bs9XnA+g2BM;?M1{V%V+ z5~RB_Ubi}mej}G_ojsIlm{|7nrnsO-$<&N5${w=cNK4bzlYsE0>%oqWu0Is1|^Shh#}I=S*lDd8T}I9#!3L&8n+o z1CV#pYY7??W13(8G{S?-U=Nl18`X%yIKD8RJ-+#(ACW$NHD?W>Bj_VLX9<%FRVTgN z^fXeif^i^;fHRpLGa(HTfgjcV8~lb->Z>0JhUZjw@FuAxiT7B11y!4t)YJJ(bhvhY z`8`wpJNRwVMk^ZcKKjE;jdVeL+-LN7sw!In2PIf(M?$EO1#i1m@lFAK^JzJEt#@z2LjW{y`o(wrxWRT3Rbh*ycIC|_DljKuFkU&}%!BpJUqxetMqrv!* zLuA&MX0r;M^$}SJ-z3N;R%#q9P-t3!bugm{B^cT+8BVbMu1p-tM~+9|1*HYrqOYE!A@l48iG$nUiJF7Y zyyj)}%s(NNCT7+a;IwCNtXv&ZD**)CFCzqNr>Tu5+CNjK&!dy4jmzYEnO>J7;FY># zfLFPI7ucC%7E4hJd4Xo{?FmtC!br9V0DE+hWqHB65LLcVMYdZw!hOuJ1yeaQYLU#O zRH!_d%ypSsFl3YR1eOPN=NF$BL3Ek09usPruKvtmFOg&j;uxxG5kG?ipCjB$*7Nbu zo+a|XQp#c`W~wNqsNIU^6cys2;}j0+9Hf9y#t(d$#X;B>nY>!dWu}b;McqmI+Ji%+ zs(utxs|%zmSX`r|aRV3VuL#;gMJMmbwIbFn7ID&t1Vr|vOyeoLb0$qVf!t$(ImvMx zU%)e?FejH;cEGfJ=GapcbDE>)iu0O5e8>Ye5M$)>|NFoH`@i*f@9M8!fnR?;9gk1b zP0Ta4Dv>jWd?7!a*EgPzDDrQjcV!JJ6uOwnQIow{V3Gjwg`6@UyTjyrMZ`|H>`Yy! zLIJBJ0wdu(35%?B@FJbJn~!nCz2fR=;km)MkNkY$5s%Ixx}U|7Mn-VOg8ONb;MOgk zi*5_Ng$%jY-E)>vD-GZ?Tf_q4ov&7SHnY{yzjF!k#0W7X#H_4dl|xo1Mpn~h^>Z0y z_2&I^7SS}l_4=^@$4_%mQt_H$?_=bsgi2v?B?zfri=`IIPU!sK$l?$?X()aH)qbP>gh!}G=fXp-o5(C_b;!iNn3Ua z_yrtP(|Jx40!)RkDRFZKT7h}VdFIH#3eDx`)936&0iPHFms`NEmKE@c5%4AjY$M9B zt2EII=O$TNTIp6Cp0qnrFk-gSv+Nk3nfYY~drGsh*Iezc zJZ(=|d|y5>{-08(hrW5(M?DqZCC`q(4*JM<5kr(?0inmUfM8zjE*1NTP__%|K%BX^ z@>6AUG&z6a1PYSjHR?HtQRG_woyU3>@|o-td7gT{_AdxCn+OR~s{b7M3=gmc83I4^ z_uUmKc#a1|SM=a;=%XP_AB~rz)+_4Wyvlqi^7~!+n<}+NXbgWtK2--cu!>JWWPt&DL+sVkD! z>50%MM^n#N8+-9`ru6YyT62b-`$Mk>6O6@iq%jqz<@Y{zEhn(iSuTaQmdty-YQzg0 z2M)tIv0YkTZr+b#;>s10cx6up^i3u09zi;)fxMl}?t&uDNnU1fDC9{0N7u2MyqjqZ zzn1^78bGqOu^RzJm$IN-r1(TfRs1YbzAK$)aHV&&YaL_v#nIS_;U{X62+cNQuk>SY zu~E07@iwb@Cpj)XVw+Jpseq6Jw&HjG9My)|B_?3Q;xAK z{{6k8298X42oZUB$P2lxw{`foKF5XJRuez-uyrl$QR>I4OL}_O72j{_?S%L{p7> zkALZmqrbbczuWOI`>pt$Sde)q_IKNsQ{;Eu2EIp(qx5NSi5GkrFF5{|&O!W3EQ#&N zj@MV$CDDC<5|Qdt?fc}Gs---}l=I7*_y2#;1mOlSx#m{`VPA};Kvi#|En4N_yVZPr z=vpJ>*T=-gjQH3cHV4>2w5jGqUA(`krel2sUE9I#uLNbDSN65r7t3~p;j?N z%3yU0+TG($`{1y9c(}i>{2>`%Mb(2YO04I}f8&VsD<;=J|3%=KB3O{)7Y34@L> z9RdcgkqZXI2V%hz{<6TM%tvqxL^_L40V6;q*8&LCk|v&{$hE~K>2r&}GR^g=F8$&| z8%xj^Z(g1wD(i~MA(hX%qf+PcWz1VPaz9CnXtp!Oa5#zAIVbf!OmEM+ybI~%i;~=n z(%g$uDT}ky<7t*D+J|^^a+1_jY3lLTXR^{$XWYd=>wS7ndK*ra+?o_8vuD!TJLx-l zqAN^kpOVx*A+5bAv3+uCdx2LWxtdRo7rJr*Xf?Vu{x1#2D!yh{Tn9kJC&)hmSU8qQ z7XU&Z{mcJ=xT8ToAP%>cUv~LFyH{?;9aI?4k>g8<9WNh>E*oW)7%cPm-N_7{w}oAI zQrvext*-A*p6I|kIVtSDvqbNOe<${tMZUx;Mt;#(c5r?tY>dkBzD z#m{3RC}tbTwHaj?2e5178*B%#z@U=PERf4BFo9j5m|viXVPJw{%(4t5tDI#T$jpsc z4u57e6=d)i=kOP1@fYUt7i98Jp3jqb2R2^s+?kZ+At+`dn7~C46`yZ*EGzgPAql;y zhg=4T3w*&nEoSxzgeSQh0oGC_8m&Ntk_LV79t$VD=WnY!wdtNN}f+q;m=w znjG-6r7-<*yZ*`H^zwG!wgL6eT0@7*+hBBq(R1r;FnSp=`lhYb$BV=0{pm1z5>@LX z!R+G0P7MZsHW)ktD;{K{6`2(+61dBOm3gqr+&KFF9`MGdL+8tnY4jQMH{y(WF0~8D zMh4TY7t>@9l;1c$Ft}!WaZSqh_?q|tL2D$JB+?fKMY{$tqhO3|4Bg1sSh$thxXp11 zuyky|k^xImSC$zp71(_;_R1Pq1Wc91_Vax3)VoRRtASU>WMrUKs`#yfRu`e(0%QOV zzR6I^?zeB@M5h3bi8}<)aiVLDGFhQQuKf9tRXcIsp@CMbg;oGk@F((#fmkbrSP5$s zSd^SCGC&nzB?;IVWP!T%<)GgEy|Kqpl)z8ByPydkuQKYL2Bzh~w2(haoZ%+$v;k+2 z1J2aCB*GjjaA1Lk5!?Oq#f}EtoWGsoU=?4oMHELsG-%As;ZPa8Hq8u38sq?eN zRF&8(;zwmg6!w|ZvN|1oBXeF>`oygGnOQO3`s}$`Q#rKrPn?*3e%7=Tv{EA^=Ol^g z=V(nkNh@`h767q3$)hqRpQu%IL_@(L4HM7Rnsjtw!KoifDI~jX7KkiD`Ucp=I-+mB zb20J{ttb-NgyTQr0{x_PL-rt$;-f$&9tKi)9LVAaf)qA<&cQ&hvG>_`KHa%iKK{;} z=`rn8kK!X=3QqQzaJEO`=^jPI@`+PE(&v1{PrXPS^^yF2>bQ?72Yw`v{74=8kvjGx zdGJT_P>$5G9I4|!lIL_Jj{u1s0+K#$Ip-jdX>U!w<}mr1bQ`DUtagGKhS@L8YppSNF{UrL*e-!>PFLY0?LrD zzt`3Gx=UPR92~Td%=sUW@!?ZF_Z*K2XLshF;4$O*9Yv>i zgyxl|q>iv&r4HLjAGHxKwkhjfRNwo1 zxxKZ}!vnAPi~XaMBfFb96g1b!S7hQVF!0TE4m(DUeJ+lXOIFlI0~k0ggUPLcGNF#{ zA98n8Bw?D#G)oy1TZs#Kro`fN;E!T&yG@-7pLYy=D^rO{rb8v|@N16MFyCfaY%$EY z7v@_F^`$1OrF=BYuqX_ZRH(CInAsU&7XXeR*pfd(419d z%*r=qdx}(^F zj{d>GN9w^8GLRu_>B7Zfli7l;Y{9u@J_8%sJJEb&CId?X4Pz!VD8!(U)i~Ua762h# z140Z4nGJ;Ogg`+=w@4#I1T5}tbb~GQ{eP~iJ|S#C|N0gBwvFlaZ-N=2@%O9hLmW*w zWGIjXe&sdFU%#I={=R!veVBk`VilB$gv(bjR?dPId=9R|SD0QK zPy`GpGN8zSqEa~F76Cgrux)q6jEueGjwX_}8h z@)YF4SP8?Xr``dWgPY=zW;yumjI)m@JQe)nQkZ@@siMC0LVPXNkC*)H6t`bmdz+$J z;l3yQ8Hh}D+Bt4>`C%yz`w;jVVD40!?u4Q|_{|!yPqFflKX22?;;EtrDBPm zTrQhYLPb<>7s)n-5cx7+Vm|$iJz1{*mCAWaD49hoaE3c|R);&)KF>P~N1ZR;UXl59 z(^n={LD`q3=N^7lylLWWdD2P)9}0W6R8{o|Lya%>IB8*yF7gfm>g z*9fC%{3pGg^V!eW=|QtAtM36bjzql z*|zZGR>7XCp8mW8nt9)s#&MV`9Jq0cw3Wp%GFGlJ*_;$~XBS*5asZE9+?01mCVw1d zk52GsByx@z=N5WqkB;zXL~;%c;Ty+tRx4ZWPL~-@QyXUY_his)eFG|= z(2ltu639gF1r)<={ z+a5vW3le7D02548`CMlP5T~U$JlR8lj(#4)j%?GQlKpCM)ILhZspA+6aZL5Ng4aRV zkcs#YN5riU`Jn3|I6jRKWJ_x(yc6|bFO~H;3*Bq&5aby82{2elqQRT6ZWO$~w|^%t zCS`U06&J*OFICW91Isvpvp_Ot?{ffKuXCuKY za7O#=6yh+w`orX(|G99lRA^Q~hqG#bK}z(0hD$g9;7gg95!kMU3vOv6H^&QbJI~hy zX&)TY4NTCIoL!PGi*>oFL&7qDPT$GTa=xEzLB5z&xilKgfMp&!j|YLfDB?RTy6L_j zdhFnK2TzcAyGN@F0EKL4zJS}5>S4Tq#XmM}`ts&6y$hL98$%9%3{ZY@;KTqiZ}J0U z{W7JpI2FUMv$bo9C~*ge5>L~gUH&s4l#}U*_*;7vkvtT4irhCf5aZ9)=Z3Ct)s<^J zx1Zp<@Q{(9flx7ELF#TUHb2jEC2)@=z4%J%XQ6gQ!*=*$dghNS*5oGiCz$p-$IaMf z)4Y$>gRi9GeSbBAe=TA1zvFgUr+qJ@YutP_xa^H@>_cBg2&Bjaq4*}lF>+2QE>jWi5fkbWHv};reUh-V&+(Lfhd@>NmzBxgF5>e2$fkUAu|&6vJ5yXx}0s z_C1%T|Ds*2^ScB$WT~TZj+`IeF-Y&njJ`91g$v$g2_dmD_h{&F=3ODU~pXNH;ADcPi{JvD9NT+#goCeiJ5=d~ywpOT`g}$mUXzu+zjjfYWDa7W=48 zCW_N{vW2K4ebYlKxxB0n7Wtvh_H=IT(Rj0~OVOn1@>1`Fk^61?3zAgfpPVI83Xzc&rt1Tj9B2 znD)msrATNtdDE*O(_;=|v3;_8Rl2fUmpU~LEeh}OIdHvC32sgML%>n1pip6_g2Lm# zQ9IcnNszpCA%qNJ{g*JEgBS+@&-n*vh*5*k%4mhXX`>M~qV4|@4RcM5wU}AkD_0zL^_J&77WD3ax_Z#{ia}&FJK|{v?7?p32|x}sO;Hz{rQNSP^Rf{*a8odp>aV7 z@u=9^_+pK--f7I>_yTLgYt%^7Y;2GzP*zffe+$+|!kqrO=O!{vw4F46(7%eqCUka`4b$W6KG{kH%kG!G8av$> zO#I81W6#^kCtuxR?l$l*+?GJ*iECb8cANS-1;!gUhu)EM)>lVT{%M%Tfm}J{r0Mo) zPA$Wq=`$D4&D#QL>vNwUwdJe>kF!u8g7uVL0}_l^>m9x~pCqT>zKpbBWhTVC?rG#b z1u^%z`Pn%|!94OJI77q!?Oc(X{A{9!c%7-~a+A$7ahPsl3~vS43KoQI0hn(5+g3Dh zyOw^EH4%{p+Bk?*%@z6-s7Hg4h$L3FT~``s{81o*Uk8Ii#MlZh8N_+!kVmAJp0V0kgvzXm10vPH@?$ z%1ny-mUb)F0q$ad7|m@4GrgsptW5g{)c>TAtWW>ADGymk>W_-7SX<*!(wZpLs0RD!#Imo*P5ZH6y^dcr8k2MSde81E9t!?w95N$Z(j&{YX%% z)(zEUmWl=D)a&!+jJDCZW_1V@V&phq&d$P(f<_eDi|050K&#dYq(BjfpXKVI!%y#YI8Z_&vbgA&u z6uoZm*gfnIg{&1_k>(JsZ!zI9_QAT5BSyMwwPN5NyJ?Y>@GLI6;x+zwnAc)*I-@j@L;@Gflqc=PmW;`1XJ4Oa>H4%xV|CHQm@)c=B>lJTxw;6YS zeG5$foT{o^o4+SzK~o`}Q_MP6KS%{n6CpyXhu&^CrR{~fV!5%)+J;X7X(gcm(dyTI z^O@8P`~153U?*hoe$2gQ3yb=2?Sv-1%t$DwxHle73JX_NSgrdBTmI4@bmkupz+;t? zOTIHQs&q$#$g~A1TWqZS@uK9Ed14NFPP+#FTe?pNjz~5FDo-#`UyzD4AN9Ees9<2@ zV<8qN(4zDE=^Jcepb4xdsJw zRfXNe$nqXuV*_2?1GH))f3z$6`eri9DEDAQvQJt zeC$_PLi%7dp2&(^Y%a!S`N5dEDnb$kl0R|qjXX`CX^4GC*-T6*UrmV?Fl2ZD+xN(1NEeP0ProS zknhN0%+kWhVg4w1JXe1Vp@v8ZknGqliSRt5z?Cz)AaGy3>|*y{y>2B^%6t>H;W#0I|cHRb+c=v zs6QikSWiHb18LKx#2_^o8KrPFN=1D9SLeTPlmM0?lnonhWo2738#Rn!*|zyJdPl z3)MXD7Ly8N&ICL8@nw22rh|Km+LK?ENG`(Z~_$(>x_I{v07!VTzK zGnQr%_m5@w?9(|QQJv$ycf|?N&2`)23+U>)U;-4F5pk?76HswNn-`G3xZ0h-Ihg z6EgmuoTU-xOOW3>A~sVTOPJltZF5kifVJai1*~)(;LUySDRjRX8^1Bul4+CQ<6&#y zx}EAD=2GOco~JS;F5TW@&}P5AK5o%=Slo_bMbVese9?q=Ik5)QTu*# zVXogczDCL7il6gB1*Cu3sVN%rWB|SG-saog_mLi$-}kL%fS5ts`wu&L(Jn(4QG}bL z=3O@V;i)D=vVl+$jrj49<>1k4(HcYBI}drHLiWo(`9E--`e_&Rc8e~V4%T(ceiTs| zSTv>ba@D`~@-P3j@C;8wZl-5!?x6mBA_YhIS}I3ExE1~kF#~Rnp7t{Al3+qAiHnjL zs8s`A`)X{g<#5P<=on-8n;%j`q^Z4%f(gHSAKPH60&I%=GmLKlZ$Yc=omcNtXeO6) z#izsSZQQLMnqI$ST68i=w4lR6OSafz2|9lJaD}~ne+S&vsV1etq9a9+~q%cV~rQM#ka6VkYl)sAO& zj>X%@Hy86(goJ=a7mi;OMoER(C|ZGA4+^>b8Qsov9QARerPXbUUy0#Cbx#eRw}klZ z8lr=&wU)s%d^h=&I0Om_gH5iV41CDm4A8Fu32}|qwd1=+{2KAc*h2esf-qNw$zw?R z_wCje;zbl2rx;<^P>jQO_^Mz!XJ+LP>J1-6b^{wh5Iv${bed^~=WCT?nW(Jbi94Jw zoS@)Ziysude*Q8;k6s(G{#W#!L4fzWG_h;xb|a3-K-5pElAyXa$$(VWj2(yi3E@G) z^$Id85uy0b1$&$oujyawtSJ_Krs{c$=ZmdnA|GFwtQ~2jyHvxnO+}$Qc2>?G=j-u1 z%xNIb2l<5Lhd=?@@bI$-(tllBzb8OGF<&>R-jC1t(>#n^5YUiWo2F(=w|esTN>h?W zZqi$=;%l7z4!w&or^e9j)x`x3;}7BSVT&U?i^dr}e#V&*dh`34b9KjWndVJVbaqiR z3eH6pTvZDB^e&^*lMfc(GVq!P-P2u<`>HuEN~&#Gs+1h*eR!tyU3C@zAb5{v`D0ev zKEEEVUt}3#`Hb0T<=wWf9~Pz?VioNsBXb~Z(*f6@lg-Q?-&W55Ef=RVWoW9GG9^(z z$V{ftHCot?Yaa(QWqmZno{=cfc&Epp+{Tc%O`Ot+p7Y=n(-a-ZTe(jsO|UDVjB(^u zypU3)QcZ*H?VR(Np$T%91%5rOPFv$Pa@;@12738HM`|K8AoJK4QsVF1x&tq)=JE(adb1m+%@11-_L4oATSftc=aq+9aGTx&bBpY*>l-G zE>@vZ=!Kf5Xt*B_(tN3GO@4?yS~7nNxv7CKC2|P;c8~H)swc@Cg6O}rmXf@olQegD zqYY3Q-4!Ur4?Vh@=xFZ|&E8)8t{7xI;Slh4m$_ry`EoUQJab#(fcTBO-Y-x+mR$}$DH+4_iV>a zw9pELX4f}g67$SDL<1tt?Is}Y3YxV5T~ew`?xz%z@A&%X|0g}SSUg+53-5(y0XT^` zu<$}aJf9Hqyn`n7$t+9^YJk%F^u2Rb6QF!Cgs5%&m}Bzx;zBrL34 z$4z)6VhMf*t`B$01eo8{1wk6&@_$LoOsA%wDmzY>N{#SJA-F`NzdROIN2RMz#0yT{ zu^o(MF;@PJto#GLG&FpL2j}fBKbF_tuJ(I?|AGtqY4%lcZa2)l*4Ex!?ig55D5Ylx z<_h=ipi^vo&Sx1rpWsKV1`PxGO&= z?9a*8 z9I{~EOrCcM(CA6ZoaOfi7)`<3yB{AGjJ=~95&steiof{$Lr|Q#ieEULYbfCgmp9KF z4@7$D`HGfwg>Qkw)91Nf8)=bJJhf!)^yJuVWi`=o@?rV^mk8?0>^5+gg#Xsc<4Ku+ zs;(Rdg@y|v2$+WmnEy8{V|tQGwvy7Q^bkCn&f8R+|Av?x%+e3y7rZNbRXhOMw{_Bg z&MCi@I{-z$PH&*-)FjA;$+W5sfN!f}4rXAk{Z$SkYzMfp{t{#wuCOwgayjIK$bpKQ zYgE(1h?`PZ{6W9gP>~19$bnp@qiB8v!77rsHgF=y5zO45oP19{drPiV@A$zgkYKCU zGYH@NOZi0H7)-52kY`Sg@50#&@tw{3<$+tbUJxNlNP#Ea?rADPO%L)z)RGGs)%D;C zbLdR?iWYP{$TST6G#eyQGb5N4`90^q+8Q}+ST=Nmg_{mvEW_9qsnYQIN=9sUQ^>oy zyeoygZOb%c(nv)h_P>^v5n8bC-!yxA4eSgk<43YKaU1ct7$;pY$G?}#J>GS6{zgA9 zY9y;RE=`UJbQ`X~j&RqgPD6xqmpn|XO16%IbPF5rIx0P*)SzPFlqJpibbWfzY@orB z^FZ03vf*rbH`{^&KPD(WvxuA(_vcqCG$>FZO-8Uq9?UM5L4G-UXne-IS1`ZwQC}gE zG`6W04(oOeiLk7>9d_1q)cy95X*LNUk8PXxM$8ik;L=P9i~6IgM!@jxC0a>MZ8FOT zDTT2(mn#p$uk=39cO3V1wMF&)rZe_+z-dKh5vL#fzR``lJ~u(kh&&bL=?2O@wC4`= zADUyaZ}M{#EDw=GPOsw>wV}jR^wQi1bjYJgh8L3##vN633lv|oX9gl+!S&4nx3@Q) zkH~IaV`F9){QEny9(W$=?iYXp?PnO&mcTI&eN#`!CN(fieJ57d(v`he`JjlbBl^x3 z?EZ*K)#_Iaa-1{mGSqa2-w%@{z(+Oy7&)0#n5r6S_5N9c>- zWU@At3d4`Pcf(n1WScCD(RkR|j5mjFZ@jQ4#~)hM2CmmE?zw z!QuKy7Mh)ZN)9jN9|*xbcNO*9?=kq2twAPLAtth8()|{OyAq1=E3RbKMVOHFg=Mj4 zHu6NvB8FgcS8YfM9AcF*Vz%0TDX@l60-40`huC+Di7F9>R%602>(vPBm!u-d7EOWH z39;flRgye8(iAtFS(F64<1$+u<20!2)|d;-cXdY%RA2jTtl`HSuxG2<64W7PCHqK# zw0Cs_pj#BMI&WA!o#k@}>aFX539UP#_QI_zl9X<47+rfb-R6HM(l~E9&jlfXw1*5@PObvpj zpvEcshyF{`=4fAhK~=piX#!q{72kiaq6v<}+$G>cnykQ>pa_Jr6ed}}^Y2cHj{zf* z{Pc42%DW=+tS4V+s#=cm+|B1_WFTVe;%(+0Cfd44EQe(?oHIL$qG)m2GncAsVB|o2 zrMtoZP=Uj5KZ4lIATzb0Gf_|lRVZqYZ|g5-g+kI=;aQ1U_CGi>bT&~VawQvIt8YhK zfk+0_WRr{wWQBMX0=UE$WD7FM^^)-W1S4FLNLHMf80;=xKaG@%j#cB?s48DJ? z3X!Vf+&%T?3CO!>aTlo*Cb&JRvDCU__HPPQAXMIuT=Laj{ajf(A^gyc#QFE%LRU>< z%L7eUdH5`j_zq9=FVTD4OcRSj9481L{PM?>OQ-que{q&MSi>O8fLo5zL01EG9KpR8 z=E#+*J&!~P8N@P_O5njIZTZa^^@L^kuZ75CT>rA;l`!EQ(TgP>gzEl4!eUp2O2Ll; z2r;QglP92MnXcZW7xQ_d$&nD@CjEd!)s`OH zKi6%7)T`@nDE|Wlf27kU_(sz{Y?_Mg`q+vC-?7C@zXDSYaDZg2YWRIvfM+i5V}Us7 zCfwTXzR?TTl~S7vlWLF6V8e>_AVBT5k&hAbjVIK>xoOv ztx*qJ2yTFqgBZ#Qj>076i{1JBq*EJn0zDi*cbrJ4E4;-Ba8gsd{_yzGLzt)k9Id25 zZ<%?@NZ#2ZWi+`%n2hEfZn5}h`Sl8u6LI1k?e!32r1Ld~rG`FL#VUAA_HsyjVvf6Nd6z2vXw9aixQ2RlFm^$^}5 z`y}lP7~4_;I*L*^D03xN^2^Z`9QJAsR`rdM0KZbsc*@4cTQ7qXtHX!o<*(Key(Kuu z&J7V-ROE~zUZfUz=4zJ9n~)ui+D5JhPF`b`;|!GNX54pzs0OPNgxj*KpHvbKTB&|R z+}gx)u0ek6)P{&bI_0ED;f5Rg>tg+-41~atIcD!-nQxBoBe4|}ED_F(k3yL(%|$uA`E z)%ST$)cm};6SP9v4C?ydiQe!!NUhV(UjtMWdG%=j{s%L)HTvd=a^Z0sjS4#-nr|Fm zr#Y?_?o;eMO6TJZ&8oCWJu(g8mHXb0&j|4{V+l8{UF=&hOe-nNM(hPudyuj(rk^;ivl)sU!y z=a#Tl^mRTf9chbXg8q~7jQzYlv}*23RF^)Fz5+C&zjkUXx#QRNGi5KUY>}w~zVb1^ zd&#;nlbuBxz>b%fw4*$5caS~nq)s%b9^RC;!SQO=l!I<9P3er!R~Db3u67LPl z1{KE=1EDytMmE_VeG1~}m?5H`)UPB^y4B~_0nOgD;6fYB0$`au(-S;9BVqgpSS&c# z9M(LQ#5RsJmn_Tzo)jlx;Q+m0d^Fw|moVuU#+0868yc*3oQuCOEYwP5XgclF9L0oS zFESYw40tmX6E{rPyW%;`R#G^&4~Tbb2C0^rfg<0OhOymt^$=yE4nx*eOEdr>oI= z2g+;t3HpCiPe)refaCD%hx(cS*d z}~8Xim|GYvV0L{kY)DMWbqjmRNUxzG$87KCB;=9CtM|9VIQJ68|B(W>iz zX#|Z~@1w@Sd*T&TLn96FEOFF_zs-)(hKUN8kmbiTsLtpPkJv1TR9-k!K?lEqt0+P2 z7-;^X@hAd_#N$|>@n2DE~#x-4L(S3}mW`!!_$C8dY({uOkXuo)A zS+JiCM4XD$@zkRUL5K1R_ngw7n&Jd9$)`#x6F25~O5bi?D>7of1t0BH5y)dcxFxpR!^nx9s3wt5f06m$MB3=Ln2AX zH>{`3TXAaC-rKhMGI}3*iWMPm+L5R=SNWZIj(frzDB+9M$+z%UJj2{h62jaPkWfH+ z=OOGG#YLRbi(w8pH(yI-y^P1@O0)$?Id{4=G4aja(&H!mV-m~V)8O#?7C%x(^?CXd z0fVwhud4Y9n2;+%_Q&uR{u)H>Y5kar`Z)CMaCNDi*CF0T(Wg`tM`p#J7VR%b=zn?k zzMJSQ@BH(utDJF7084e*bw+0qvf>a@s%W_58r8(9&q(AR8viry;ZS4;;Tqrysp0_p zjrVrAFKo3MuzHziivY+$G}EB};2P5lo;_c0$YCA;aU(vZ0ly@WjT@q3VBd3m+(sDa zf?XsGG<6$@Py6fL5!e@lDY5f+{yUt?Z%F&EQw@X4bm}J+jYnev$QLQ-+h^SoXEKfa zAGW|6ov>tO#jJ;6TglfJdh&qM@jUW)`47wX-dupnA7}s6ZDu{r&0Y-qH>B0H^=IMd z)|-q6{~G8Rg2p=9XiKE^v>* zyj&*K$?j1ncA+r;%EoS6+-ViIEAWx_84Vcn)M(4rdJuelP?YOlu#@(leBHmR7`Gwi ztUho|;|Z{u|7N$sH$Cl+(JC$0#+N*M!eZtKo2k-VN#_tV8oDtB5+hBg@*+)hQyIe? zi%_S(xkq&4$WRAQ*!iz>Y)3ABhfO!;3rcQT=5I9tJi|JtRK4)eS-xJEcTI|v zB6*}0TyH$~b1oTeDsEAe((PaRI=UM%g0Subp||J5d2H3E#z=~k2>Bxl>Q8JwaGKO| z_&klOU7E#ZrEk)wLCdynU2pWCbwi$2=DaASrZ1RtxzC3hbsum; zvm$}lWAr@ozCn-J5hAj1hScTV!WAYxm=V`vfM#9_drxf+&HDa>p^!%WX!3|rL#oi!%8g<$RasEPJWos z1J$5E;yb*qmb>jGJ9*8x1r)fzj?J3gq&I%H#cjw|JoPQxkY+rA*hSdS#}*O5a4hD@ zhr*!o-O%!${|I{_RQjRlxRIhq2M3#$?T�5TBQzZYpa1%V(pVrS7o4`YAxFnke+ zE@5`eyp|IV+n5hIh5E-upwDeT-S%n^vBn$C4?0+EdhP?u-6eBy(Rz!nq1_K(4h^7v zfxKI_S)S0o#=w?kYhHb9LU}(b7XN)lhh18n5uiYOroKf6B{k&oXrP3}Q5TlLXf=B&z-nU%2ss2n46z(`24TZ~+q!eLa1F zDWickA+;Hx_B>s@UgXO5=hFn(SAq~4)S zu&;1`#Yl&GL+DJQ9?@^fO2%QvX5QOdO7*fI{if zgZ`1r+KLm?rkjKSOmgdg3k!RDd*W}mhs9g`{AbNfc3|Yc-k81rwxGnroVIVpY(MQg zbbYpN9U&*X5CvHT)M$pGoJq>oG)#+^nQ2_A-DoT2V)2@>}FVBZ1qMfZjG5ZyE)V)Fz+cJ8qCjAG6D>_cKf1g3s;ky-6$1DLH#q7YTN(kF^J* zufvBP#*U9GpuPAQIJ!9=f|-=C+wUdLBQUdy7#$H5`*nHhSf9vfup~=%YtPR0!lQ?E zTxjs3@G{8@NmdQW4RIF)%M%&L*5*8`G|;$8=v%$P zL6Df{7xN>0xsSbpmwar#hgkCY`O)uT86rE5AD-L@6L4g5wB(vC2u6=Q>c>(keM?2=GubAZ=`Exx-OofXQijQ`6vci<9 z|M9cfg|P)2X8PHNA>xlvxwrFO&kvErM0>}GdiK>x2^5Vyrd`ff?H0}M>5bi z3}Cw@s7I(5RY`z6g_3rt`yH&KHG;EpUJBh09kI*M=Zj8E|IDa#;hT0a(9Y?j(W($R z{3bi|khgpT{**vH`FneDkv=NO+prH!^k1ebx_N_)D>RyOGwsSN&7-rqeIFd*lnHP# z$5_c$y}MuOPzfHJRe&Z}0Nx@UJ~mp@(YL1>xZ^Jq-lkE_jH{#7`bSjYY;7pKr;^)Z4w|Bbj;Z3Q%-% zCYCb|`wx2~;*SCJ_!Kp(16Ob_blNVYYBF}NOFL#!fRNo-wE8Hxg$FruiUm1m1ZDTp*4Pf(UKf@WmRZQ}P&#b89s*ciykHYnR#p)$3E`2{X~f$ox|(YJ zamEmTD$;%KB+C)TXV4U6bYruP5$%T!SlA-mw=J4GBm@=%C;Vy^p=FBXl5aryj<3%UFz+V zNg#0CUmh_^HPu)GKe3;e+fQzMVu`89Lh+;rLm+`MmKe~btD5XG1eJIlG6;q;!uwHL zxvNnWqpKDKy-9skeka_W3Vv<7KCg+mzRCCEqa;W6aMTo<+a^ZnsBX>ielmo<9*Kh3 zVCJaNLAaz&F<_+P9SSMJfMrvSDuFq={NM?nIq2aK*c8!ZmmoEh8 zl&i|3h1;|w3pXh@^3UN*0IB*n(bl zaDbig-vKWf4(7)Er^RpDEmWaxOHh#hB79H6FUnelY((YcM8R-cIMaby+NKK(iJ9no zng0HY1M4G%PnD>Kj^xI80K*CRNa`C!eb!&k2$Y0H2!TjMEz}j`ca)S{fRL|35Xs(7 zjHnmrh#AO8%61-fWgZtLTiLDibeH)Wu)C!)J|GwXU6z7)dC)aKi!UCO-j7F=8%+3ptGen$V8K5+W^BGiWgyM=d`xQr9p~;EC?K|@81R7S zMi+6}8S*Cbcys;%*nSGV)6go|T65yvNJW#k$qq3Zr5@V5B{MHaAcrk&P#ZewnDtwv zgwq!(;5rYC)oC)N@6mr{v4Dpn7*2?3CJgXzREQ61^m)=;^`eg{Ux%~;A|hQc#~ zn>0_5IifmQ^TA5%RT5Q_i3Z2q*fvYEt+bZ!lF~bexRAb>rIUSU!;={x;CWC$)5Onr2Tcu--{8jX z94IH?>(ulAX4=XO##Y#wHK-r%Ilsx`=}Ft?j0Vwit?~Y(JoFwfLq49_L&)3**?8#J zq=3p6g$1}i^TvSPU<`+~>K%P`cG*T+vgGt7n-8fs1qkP;sQUxy1v0)o%^JL`KhQs? z9~!1$@?Uv3s#!F_T(72gQgL_lIFhjZ5QM51wk(8mK#!Z`?XWWoi)nOuZo z>PrOahl>7@^~+;r9s5n+yAsOo-2bN()iySPm~Vqfo-Qg)ciryZc2rRJZ|ZmThCg3r zJ1@uQSegfpuDwMVzxyqbwi?NI%Ji~=9=rY%)7xlu)zpy3>t=ZEO+ z9nqx&bm*x;G2#jg5``EXE+QDr3$|vPQ>SzouP*)7a$r{_^`w4g>Tp~H_We8cJa*J& zqaSP1-;Z$Cg!x!$61d*SiVwoIiT5}e(dk|*FJ2XVivYU3NapwD{U0sw&4=cF8lx9| z3!^*MA=|oTflXDWvPZ@iuj)wE4Az&WB=V?6FJM!4#BwO5OOuozP@$BH&z;p$`cI*3 zk50`bp8iy)mtaGhh+DN*V>{Q=L&n;Zk+E-I(Y)~7f1rkcwObAcav`@TM|J&^XAMW( z^gGF??ypAi2f4E%XO5(T!cG3Jt`rf!sN(2@B~_KVT%IrgeWbl9Y=}Ie z43J~Opu<8CD^S%c500z}?GF8jNTB!(ZlT6b%|0#}}*|3P_|j>V{$Ij+g=) zi(^vCorZ$ch-KskdL)!aaXScl;E>CmOMJWV7obo%uU2f++0;HnK^qV@S%%#-3I}vX zVdR=n<06GEL@4IUTqJc@tULB1w@8}HMN0}$Gji73N+crF4)^1T{ z>o+o0??~-Y5OEBp{WP};s;Fxe+*3p&@o7v&TNxsBjY|P&<2Z`F(x#mx!LOid;Ej8x zk9X?+f{6j>F7Klw=d`Oc^?C1!@G9g`$&(1xNWJbs5_Ib zCv4((U#ue^aK`rTI#LH%q01y^yYydGltTtd(3vRPs)SxdixlY3K} zT|pv})BTjdjwf5?!kgM&HT20MxSgqcJ_C3HeD;nD>?<1Px!pl(;uP#!{URWH6cWG|G&y&J%Iy^pVY)ju9EBnih zX<}R$bJDaMHxoiFxccVq zT3L(?yhLY9gEk$>{`z&Vu~uKm`WP~fd_+37Gz=|MX2sTY$Co8^Mp&!-mZRi`;gp?`v)8ZTP!P|(=k z!rk|ScQ5bewzsSIe|U4N{Gf$GH1$?v)hXY&4lvbf7srG4D5fVhLA1{43-A$=_?i8J zBa(LP>a>iw{6$(~O9n32g&MgNfv=8VsInxN)M~vIHM05MpWu!IT0%bltF?I)$}s;Z$Wpx z`x!F&NM_dCjjv>L;O^=_=;`Act;X8Yw>l1BkH5x2+{?QLm65oef3P!4KgBm^zW>tF z6ju}E{B(U=WNh$KCkn#GkDVJJsYMP-w(H3WW${93dLK!y$qVT5d-z=TX?sRiOx&xU zHWpeJ=mS0letv$oMXzoV_{}Y;3zQ1XHHj^sB+$sy?|u5-m3ARn>cK)itKRS6I!qY0 z-E0G^+Oy%$Cu@2-IV|*_{~1~oV7Hrl`GFB?K0R*q=&VTv(&(n2#ZSF;Zdukny;VV3C^u*_>d~j2jN|b<2C? z-p;Fn5?Ax$?;h!HBhY-J%>RUXVCwI;x^-Vxl^OpCTV70b+n?7X*l4^H2$>O2k@1Pa zc3bz`g!!3HE#$0jBocubxcNM2+4tRMq>O1S`7^JfC%D-!g*Db%mTNS=AK+ma#Zh@}vTPa**dOH%GXTV=R&Y%%YWr4Jq-*;3qW3$Ls zYiiN_)$n+aTBbhxHRr@!R^q`!mtm026(r z7iuvfn*sN4n@(wcpPnwh&-)WAbTgRTE#N04@Krto;}K%bUk$+K@{SP+hBPT0ufG<4 z{o-H05V*qgb6Qj^O0F_+dGoFMY_@JLXD(}qij4XNszoN?dChn~Vzng-D6Z%<1h>XZ z{Q(>0r^wiN0==HUY8Ihm-;2}FWAocozQ?TS2^jNtYk-9jrdxWwK=tLl<}J*imm_Y{4guAb>{=P`bWqN1Q?J@*y$gg8C-$@*Mdf!x*^V15E1 zOWhcpj6{8q{>`mm{~z|=GPaJOVcUzDnVFfHnVFd(<~a5-Gc$9{%*+t8V`gTybIc4e zp3l##s%oWHZPiw)s`tCTo{ySh!V2ULf zJe-#Z7YQ6HhN+Htx;9|T383^CtyhU_%_Z8-@VIs7baaZGpPQ`^xfWmYjc(rh8tyQi&Xt z2bQ}xVnyx@x{Nb~)g59 z7`J2EgMaz?^SJ{L^k#E?ll^(EmWR|T7st?))|lh)J;!7kenHQQ_#!dhLg#$!vUu^- zeVlnLlEA6J5BxOR?l$cf;*aZ4LatP@Nj>wun`+qgH#Oj=KId`Dy^fs+n)0}-q$VWS z@`?5^3mI4y@^**VrvgO1K3ZoK|Bb7I+%5}N#_b2P*Pw72cnClJFRs|OwLV3(6MZC% z-v+;GB+GGF*f5Ze#>Pj{_#z_ns3-q+j;qT0YwhdPAYmYoz5NqQ8#2=DSr%RWgJ?X6e3j?SZNax&LOy+-zQ<~>{k*%}3*8|x zCyvc!T^r0S!8QB=v=PVZM>1PjCK-i^h~C^l8)H zZusa6M!NIRFY~1ytIn_{kBm+Rr3`DKmckVaF&f_mK+m^EdJTG;_&L|#)-->z%qSaw z`eG}k2(&f&eq3LZaIS)O7K@8}{_B$Cw2_BNdFS~GA3n=463 zFAZac1ZxFPMSH)B$i7*#uN5-DO=Ixj6fiDMIFGuB+h^ixrJs>{hN)MQ{>&yah_1GkMDF}x!e&d~W|Cm+KRZusSI>xlc8pAZ53pr&AhwPmld_;d=bU~Rl;YPnnO+*e5 z-|>!j+i~1GUC$`*-JFUI@D@`Sv!U)-@!23ul!iDRsd7S>J>=q(K8zy7;u&q9k+VTZ zk`}umplmARBNo2@WkyB8GoYQUtqC*;{nH~j`447FavU)3C?x_re(fs__={8sMyr;K zmy~7MsXj))o~vfiR+tjcu(V${h8;7K)YHXfs+EI?c%iA>49A3#-YluobOrD=wF7tP zmnPnzqQ9^h2upd%NpMKN#m3fYCX>ME9QZC(o%M+;;!pkHrw&%pAnBOKSZ5kS1>rYs z)c|e#@uFP#lmFQB^4B-K$xW}p#+bOA!Ne(p(yR177=GOwQz?(*=>6u2PKeM9KB#qh z3hc^@Ov|}=8TJ$C0RkRAzdV~>4ffVDjLEwSGjEDchvg-&b4JcI+vcq2bii;aSC`~C zx*Dp3L*lN(f!fsq$eU$Dp z*c%uuJ`*jEA_?qrBu%KP6qJOglu>K4r^B;y(P*Hzc0h#!JqLjD_h6cOJ`n141AGMj z1$9>u5o=ws(UHs|;l_Ff$6P>Qg~AUUVp>sOVZ9gNSSI zel4p$wYfjul7D@zDtLg+3xrjE&6@eqU_^X7PEOK0tcfu4NOq!aYh065Qr{sovSw}4 zr{!|kvJ`>_T$>nxYE|s_)`}#10m=QCc+N$L3jV`@NUWi)Jv4k1wip`Ot@)ZzM!Rni z?TU)iIpXFg@BpD?rZA_vvP0AI`7olvD&8~cWc6@ud0%wPDSGlMJ>TyS(1Gj7bf~~z zK=39tOzEc`bg7xM4V-`WuGSUa!x5BRk2G3$&ZpOh9KoB}0k27;kuE;&^&55ll=%Gtr zTGh5UF4=ltR`yRBfS;zO$X1&G-=ekE!V!A(SFX}mg|h&cHA!S&1}!*_6n8yNM~zM1 z96MTvQchL6*~~$m)o?kyhO@*5HZGZw?o~|UahO)}_bQ^=Tsfj+*KQ!2cu`OkqxAjE|_1F%$j!uOj}?8d(f@E)=dW$OajIGqXGw$vs1h^wrU zr#CyKZ^%|A}}bQO*h2wwy}bXT4#)_mc~U(G(Hq`&tK8 zKE{O&=}a0a1Svwl6EVC5+Lj=`yAjv!aLNc3dbsTgIMnN@`3id@i|slnnL5Rxx4zmkjLvFno!r%88g zO}XkC$ann3uW_ZKXRpt;x$~sF-Egnbh5jWwhs2J?;PJlk8f{}9O`(PlG0niPM{J+# z>dEihK*ttXdJXm;RL2^T8YPUG2H7uvL$0qO=RADDMRsjy4l-?}D6Rb^2gZgKFBt8D zN`K(0{u_0{1Swq&Jf|u%IvRCddv-ZzD{-KFHrk5mXp750qh!eylay()*;f%^4g23% zp4jCd0CsX$M1}X?y8PEIH;cb=4vdQ*tY%a$+T`(4Yy?)7zc}6K3Ug9UY2zLlqe^VT zrok8UziZL+U{qtPYhnVnj|Jz+<6o~TphZp75h)ccaDQmp?j{c0ha3W@{VQ&Kn^?G? zn;8y&5w_{C?Nc;M;PNQ^{M?((U;e@0Q7|{-{QlxXS!aHLMK;QR^G$SN)cm%Er!gRh?{%Dk1 zh;>rDS-K`BXi@~B_GDD2B*E#A9qQ=o(j|0=0!FG}Os7iohR=(mM8DP>%*g>!2E`NU zin)WrGg|Cf1--=BK`ZqYdvf8YyhTGouw;`g=8%Bz)hpyI!}x50RE?i(W(5zI4&~OMvWOlCK9oeG}?4)N|Vk@p)Ang zWT8ApX_PTZxZzzhM(OeR{V%XszGP^532LrTe_?8mR6 z7pB7Ey3l}zzw&DZ4_zEnGLyhr_x#Hh)y_>_^5D-x2N-Bw&O~g~rmd02b};9-!Yz3j z?br+b176PK>2UgDa5Fe&77uhouR4d7N68EadZ^`Jz#@9O6QBMeqeP~yJ2Oq8jr@GE zLJp;S$p^@9r{Ilg#GcCKnVpr? zD=&{5>BhK%CELa!bs1Bs4LE)5s31F?4I4YvY!z+Ep83}4J?Tk1ayJHuU*S05yN=xn z;#{ll;U?prerQv!XqRh!sA6E^O8+oxV8Juvb4W*Y1gGXeg{3@+#di9qwLR!5yG;}( zvcjX^S2U*1`Eko`_PvB!4%MMgE=HKqlCD9n5&Ol;!0E#{TAN45!9V2S289-7)Kq-f z-jrm4G0HZxA9kU`ymT#I7S)j5s>iWLVjbe&wyvoWAv`B};3N1HtGh5CK<%M5xB3%u z)*K{q`E-Y%vX)W?F1)}2idx9E!D%#7!8SSlT+UYP%=mGis(V1BF@UZx<+ z;`-#8N?2zEGFOd7Zj2YHJh?w7JT1et_M8DEmHh9UTk|d=+Ip&utTMruYUa{$P#Nv_ zn$LOp=vaXC%3VQp+cZS??Lkn{1QE4ey-MGVd~^-`6jh72J{LoP%p&$LDc>-|vTPVq zw{a;py788B4Oq#O$vdN|I&TA&nYl=C0{!47ia(>{_RY483I_USxOmnZd%^d7loj}~ z=6%pq)>1Qj`3Q$y!$Ow9X}p-iF`-=m+qT^h;Y$P=uC!Cz$Q?us51tQTt1!;(Y>AHN zfM#051@;I6n~O<-?InmKUu5thIp6!$Td#Tjn{XpJzCI_lbrx+2{F86uvncWT5Px(i z*i&RHnJ|Bx+9jw9y<8r+NqkgBq_^~_A+|gDs#03eL&mLx_hD4yhX;xgY&h{+T25fN zvdhUZnFv^#Y8O{J4s;l=uW-Slv1C^KL7sUl}AT%*a`eHGgGC#sn{I>hv!Q`UnsS}^FbKGC=ZVtDy9khD>gszfi+9_B74M$ky$=5y}Wtwilf__*ariDG&_G9JI z3an$|wf1k118|hnf>fP%ouf5Gd;=L(XV$Hx8*CyuD!8~)&%9J{J=9j6+k8Xwlkji5 zTb|S0D@F$utzut?3pnvfR_2f}Oc0vp<6v)}PcUT|i(lh&jVx(QwBtJ%5fGvXfzvA0*%B*+ zN9!p6x?3Bb{3VPMnSQRE6(i67qoc%z7T4A}9-Pqy147DQn!&4T9$&2dC)X_cxookJ z%aI->NilphnPumsgoOm1#MlSQb+iKZ(Uw*#J_B8T>fLwl)r&gC(UghBoQtqlNKY;| zJ3rA|;dLZ%R7RZ~ng^qwf;ue+CYRJ(ks8)G2uB+2)T8tJ` zEqwYu$btoa*Q%}dBnSLjDp_u4OZtJ~(>;f=Z2APsFD;4YPQbSwn`_psOHT57emsbx zzS1=9a|K=r?fD9Soz0DRFeaikH(N4LMfUlqV@CQB>l|qwZnGAXa4p8*@*m^tKGwx0 z>l9r@1_*Kh<4+ar#c3-1y?@4SLf?;Z6(LC`TFjXbuzT6Jm<`Afz^ZyX0}Wi=qt0W> ziG#@-1~B!XkhBmH>gctyam&=-9CI`_cqFoZ9(5p^ceZk z56F*7#2#j1XJVw+HBd*hZMLIrcm1pvV@|s}WvkGdy=_5m6zt5nmaUc^BoKjkDr>im z(IaE*z*q4>yki=Rzz|1AB|*|Dx#*-|S{0v>tFu^RX)1|X?GM9o#@ky`~YRl!1L8WvfD}59uN}@r)aN77Gb@eStUK7r*Vf)cCNNw=G`Y3pS6+dZw z(Z(p5hih}Xz0lo;QECtQv?5S6x7DsNOMEtv=?3?tJ3u9+#8SLFVE42Rs;nt9nZKmC zw@)SIG0{mJ*KLJ5JYodkwUaiXZ+J^_F5Zh&YX5j8agI+a((2q<53`Sr=>d1RK*%)! zPyTP{(F9c=vkCF($K;}GyS+&^-rlK)B!4Y5zh(8d-722xkO<*`ox=C}#Q$T3!HU8& zWalyKPt9x{I^vJkM-tF_zQ8#M|1SyJ;IehS#lPq`5}DsB+0P<*#MgfJApcaL{|ia$ zcwySV`IPgS9)(86&QN&-Amy(P6T6PLW3Q0OnU7=oS!wy0#5wX0gK_Jyla%&sTtT;c zqwOm4U7C&J5>+<+!Z|L6h$57{lAk=*!OM18h_QL^F)_0aT=847yH^=1A0`)^rvO|+aLAm=|o!m4* z3mgYZgB6z_axCED8}?@_yk9^0?p5nLliL+m|0NNKvbq~NhR=3OwzPL8W-UIlE4dOV z;jcdJG8~~26=I7gmu9G+&W|Cc9!Z0}GPa4E*ZNUcvE@{vflz*|{AAm6#*-Dt&3^6= z(AbaBQ?qm$EXv%NHtc#A#K4-f!q^SA29-^ssV-oHAQ+7__m(;u^^Q0{$MZcbDQ_ zn)_tS#TOyT+bh_}-PMDn8LnLNsy=^wY)`PGU=yJ475Q+o-s5S1RvFfEruxhjb`CO_ z4ao(iZ^0SwgPc8Geb=Typa+9b(5P4M%u51xSYp#-u>Pf}Df+i)u9+W%I!UF%b}-@@ zULT$4F+;U`R>q&gr?eV{NimL6{Hx=06qKI9zml@Pe@s%|(S+y0mvE@wb#jp9||G4GfYk6(@=7Do@ckf(#gk(EdM`qwM zVHjvXZEb7hYQ$4jy4D4yLwYU%KSnbSmFGQG`8?W!xh%3^cZZ>^1|@Yl^>6Z0rT)*3 zoHL}hC8scqPX{-oa^0glcGs3vzp;TNIBwEo5>>v)GY)q3$=ZQ^kNGr$y_Um@j@0&s z{2OLx9Sbw5HjDCPV*^tdC87*S{tic_O*8Ps@si*d`H)^_k7tvc|Lr;G{fk}T)c@xC zmshzQd3Vaq5>)l&v`+T z%@x&i`@c!}={=MwGGqVu06%KQ{|4ZX28-2Mj<=C*f6C2(WN~5Wu{!S&upwWe5tgnZzhJQ@fUo##@MCN; zCt@!D4^#ybWVvAd+UP_nf=#pk{tFaP>j#j7L~L2=$=$;v+tr&i4aOA#6GLP&jC_Nl z{-v%4m)iEU0M>cUSy8C@7I|`-x*9Oi^{k6cfTF0xFnV#xOmrSWZOQcDs}LLM#Rh{P z4Uy88sPb4jhf+z|a-kFL4>Sfy*q)C75a`#&+Qe%kHWOU94LS zCXZU8Q4!9~GwSvN9agVeUkC8Lyj-~aCiPqsd3hkQ?qgvJe@7?HYcb_7y=>mxK%Y~8DSc6QSW;>*U=o%t+g*vJKnT1di8KbR%u;i z?V02-70sR8&M(CYeeB38BooUmbq%}W@u_QoDczheBkJ=lq+0rTV5-jN&A4{u$MG3z z`_cCUw`S3ytM;m}P5CRX;`7%?`E%-ZwvDAcDkAVe5ReUUK>u05wo*#BJb3T~YU*X%of1bTcv zY>B<;D<_}`W1DOpH-_CxcnW%t-M~0`KA1kveflwk-zOYh{d=rzY-=ulyJOyoADLE; znyl_2Ci#OlmuLJnI)Qb(@q%-I=ge^NzZ7~^5JsT{F-^lZ%6|&*`))jd_yzyDgMeyz z_2eMi=lXP+)uF}p=UNFf&Q{jmbcxU+u#6QP3pd{wv8ZYP zdT@&?BTPB|x4zgf3aKY6_eLaWa?;Z_4H%y@2 zL&4{JP(4hQtqFt;RMTyAi2Ick8w(yx`J!>k zmFj&yvS>lTiO3784ys`=Vz6LD}&qAur<_Y7#`R&oG_ z+urF~a<2(J^WhuOU8tWT6ttTrt3B?I#(+%nxmJ8?_jXpjC}kF7b87stq?7~-05Y18 zQu?$@N@3!A)nI@{DH*}-LTWWlbEN5s_S5voZ7cA+9cY&Sb`KKA^hW6*0PPAn9tU`O zcf3vi=Xqus0R6OB-E~4SMR@Ugz`!ceXn%Xw#|}XJ35P1fIV}sEmbB*Oq9aA0f#l>a zT>a(Q02Q8-)5jidG-TsO-G4vnlBPRT0;$f}M(Z`DOWx^HKEs>w{?R%LN&dB{~D{no7sJ-HM|FPat^iv0dBDyG+u0e#0S&v6i*bedfsxH0<-QcA4qfyrWcIt=w=eWG=(StUV%8jT@ z(s4gr&%ySJ(o|W&X>JpfQYRDVJI%aioyI!%DQXhN-HJ=iy*q@;Y_H(sww2ZUB0@5} zILAQi&f?!dPJCG&?XVP4{Q7Y=e3he$4!&MDW$_dnR`}pu(j>0w+ndZ$LH|wt({ezTt#k#Ao(G>WD;F5IDFw44NMRuD}3Ov^@r&e~3unOlcU8eqG z)OW8X)}AE8HoLQKH|(s57QJa7h0cQoe4`@EC|X!ahU))x2 zeAag7wOe8*?>_W|0*Oy&6@gLx(Ub-*L5k(C*HpCpLrb4d{hnM!KN)OTMtL=2o!y2SwC~CsAfalb9STxtMmn zH5IYBlTJ5{gF7<#KLxxhHxTPPpJ6&ReLY0)qQ=X}3G~muQWJpCh|+=sQcpqf;$eHv z@EjP=(Z0+mMJpd;9PGBr(hpe~9ivrKHEUv!yCy5Uv^M5KE zj^$Mgr|L83`x9;Ecmo?(|7#e7^2$bA9GfdJ$bh=cN|}t!6{?eXJYAeu=SyU>cru7= zrbXyRAx9^{KqU;vZiR)m%-GBB4bkrqff?yCN6 zNcO57YSwM#v(%;Ypu%lLaLgObGBZmc?=%bzJc+6-E$0CvEAHZK^$v#^RRh&K_CvKe z)Tdibm;l>My;Bs9PbEw7f>Q1Gh+hZpvZ%Ka6Ga8*uJm}b6D6g&2460Q_B>}bQe5N4 z1{+U^#ncS7b45>XRx`?EhW>ve3S?)q5+e;iT*15*NBBt92bqW8jc&Y{PUyv8LB%YKo) zhv)c}ERtIsQFo9P`bNHr)PRD)At;;?$B-!d+cGE4ye5}l(x{H4qf|)8<#6MZ3?v3P zqdKu5)U0GYbk$NksZ?G?=W**pQ8B+m(^Ks~(|0eUd|ch=o!*1FSEk*o zQ+yW=q?Z2S>mIa|C|1s)S~9|L%xNHRmnPw%r2gjD3jGbHxqdN%H{l^1kL0OLvnggr zfp~V$Jn2t|ObllhHGx}%`0mU1Q|IBNp~o9~=VhUKRo%(-%JI1IJfpEFL1L=1U3e(S z;yYZe9MNR|JlNl5aW{p6yrk^NOX4piKy5$yqFu-tLsWe1*a!ev3I!neJS(AwA`=~( z5+|cPk8-{N58#0ep-+9YUZdaH%aoLDDg+0fr= z_boz48!hYB7ZHYkZC$isBWXcP-d(ORk*8*r6XOQ&wf51*KRtS4Ls<$&O8Ia}av&W9kkEuksovZ~^D)x~yC$(?@c z|EnRHj{$A8=oeD6reaoCs_Iv~XzGY}x}%Pm%fRium58RN@H$TR+j^R_BC-L~#ZA&WS!{MGPrwau_6(lL zP}K&=`}xj?zS=lrg(Ido`;-QE+_QtHYs}f8%fL^baO#TR<1!REL2S%EPC8CoY{A#U zE9KPUP-4Spq7beRHS8Ux&c4@0SmB5EXF6!!Z4CN>tSVfJ$uW=7Exj0aF}j+ifo@Ca5CAg`RZ@UaZ*@*yC^eHc1{WUt%2h0H&h+oV%i^EkDrq2@zge_^B$8zU<9Q z79#CG9Aj>w9K#WGUb#*h%GByQzkyv_Z5HKdd}RgaWYO>{c+abNhSD@n9!k323@)kMj>ZXbdb|KTR1I9| z_zzHOg3@~Yue@DCCTdGgbpbo-rrZQLAD>2&DW~pQVYrJ2n3S|E^gMonI9ul`qb{6X z`EBi%_sLhm*+gB{Kn=`G@{|Mv+JY~dTOVvPJ@hI$p;AqKePj{RU~6LX1B%$Bw;^4W z1H}SncrJ5AVERLuP2Jn+A@Y=iE*o0spIWu=3T4V>BtUvRB~=rY7}0Yb%^S)gSHk&y z;?Trn95(RICN2A<4D&eL{$yRyFILr8UI#e^bNfj$gtb%_6e1^v`zkrPFh2=xoop1m z;Ohcnkzw(`d^&9F5>u$~SAvDVSm(M|8jq9cIibYFCoG&rw%&HGfofAzFDj zd$>j;Y!jv2fftciVn~J?qDrwkT2-ZXQ)%=wxjK_@LoJl$96w*lpL1HaWXP9sohc@l zE^21_$KEXJlBIvVi2i;aN9%ewaMSS*EsZ-_K_>N7w;OPA^n>6v<#BnY=ie(Y?1(AH zwkhm1o@)pTZlD-uFsirrtIOZL$Sf*jTjZYFe@~xN(-{=eb)j-l_1?z&TYP+P{d?Bk zzGCYKBbpdUwG9G-5nmPoR?qQpZ8NZAMAfmBf=^Fe5DpLq=1@rAXD_;Pl(U@o)Fi`*ML&^2gH9!0QxacWBw1MMX# zgBPzvG~@4|h;`-d8)_9L^`{76(B`h;uvoX&~ z;RV>cBVz+IG88^qzc-i_u0TFvC++LTj8;Ifbt7nZIVcf8$lz0MT4#X0Z~O9JWZ#(M zbMfl)YKI5ZH|qKS5wy?Fz*g}W>YO4wVgAhL^1#K{C*ja-rLP&dZ5z*I0`h@@Q9;Q% z2i@Fkz6PXP59vlZr<(cvsDn6s$)5;$zNQiBLzd~zS&)b4Q!hw_GH&8c37+C&($L&$ zZ&lqRGrLNZ5;M(?_@$z+odG_Zs1q+x`6S62fk+RV_sa16&Fq83`0ihH8hWSc5X~y{ zdCOCjCL=2Wp}!aMSS?_9oRY5oRkM%Ukd@@I0hr6IZs~ty2$^ z**0?siSy|=*YOMt@Wq<t)ACxH#MwxIL8l-%uv)chq3;M&}2Qn%hjgL|BffAFzQx9SrnJ%4?|(>U+^7# zAy^B0HFdUr=DXWrZLq19TZ3Fdm9~ZMbB>cXs$OXh$i7J434 zp?z=Mc5jizhDw)nk+~s8_5&vJD}O+J=iB#j$$|MT#zyr#he1v{0=6IY0m%28{3^UQ zA8=dfm}Mqgd|)W9(^F>oA^osb-e$YILSo5-8NF*h+LVb>Qaqo5@$m2m7M=_hWxW-X z;4Sk`mw^;=f%oNB2{pjC0kak3x0Bb1aB29}*s~||WqTREUof@*PElcZ;xs>>j6`GO zjCrDNyV#P#;W~djRKJEIH6X%|!~r5#IV zRfwQs0`5Ce|CLbnr^kFM3hA+7VNFg=cUkC8rl1(!PXew)qw}e+_ANXLv8rJnCL@@g z)*mlF8ET1I{w~d__VZh`X&)t`Q#;#h;Hjp7hic*siJ`fW+FXD2pZ z2lkIoWspbkUG9oRUN7v-ggr-VZ@NZ4=N?kv4g=I*r`LH8WoV|l1`U=$DB{9rE zqv-XOJExcrBRT0tGc84x$!)04i5c6%D+89^85Kk>Qk*8ZY!g?o*q&t_+q>(O9m*ZsDnAYCgLh}~w+a_{ z=3hXA!KO3JV7%7xq!l)W^EdFtFAOaAfVEson2OU~7+^xxm@+PhW*?B($@R`Ic zwOEC1qK5emHQ5Aq)I+Ec@WjR#O9;BMuigQn&hkHz5IkIdgnox&kkZ6zXZ@eZ{z2a* z2~j`{=<~nP{(qzW|3>@&Z=(IpQxHD)7uxp&YQ^s}Tm=wb3UB{B0mUQdeYwB>o9+Mq znC*Ye1e|aG&upI;L_{pS4RZhVi3OhLfNa!Y=?qvZmXRT;!3uN_w?>??^v;UiNnJBn z^BEd>x8NQB9$%-#vt!|Ro@kf2x->-COY9x#|FkZgG=jWnm7)wp(<9NldvOUcYmAO(>Rn-2>2A;-w(`?js;zBN zNjiT$05^X;Xdy({RF@redZ?!ixV2P(io9Cs4WeVuNn4MhF#zK9ea`Ogesv0U8H8MC z>c`RMJKm#Lyb>-@(ot=huI6f&L%_7ls0z7;WLoB=b)NlKQDLq&Rhh=_t)YK!Gt|o|{r~llIus0tcSy|dl*lDlDV zU$Af6nbdG0VW*jv4Bg1{afbS%)D%o@?ss5OLO=KkXe$h~>s=1-p7MhIkTVS25Otck zkM^rE>Y)D%qbeDBK5p9;7jvS2| zK{UF=L2%u$<%|oN3 zGDe>FlAnn-S=R6FXz}!`RO4Bs*W2&uGb1H`R=6D@IN~Ek1?2qnwqQQS0(KyWP^Pir z|NH&1J!Y}_OUNN@n^#eZ#QQ9(JB=VM4Oujuq)eaykO)0uFHD`MiKV8T8aH0G9o_TE zw!+Uf+>YK{HFzwSDwg`e7pJADN%`*aW3FL-_J}1w?eK;|Y55plbf`j5K=sH%KS_vX z47vwfV(A4&8_Xfa3NC#q#@aqP_s+cTzSZ0jtYi1RWIY-3qTAO6aNFL@bCnZ^pi-)h z1aMirG84?a3ne5bW@hR`bxY|5WBb4C-?u4&PBLsyvmGrf?zB3#YaUEMPn039Vk>w| zYEC)J>!{Sl5?;z;wD-GERv}LIruGiU86T;!q428KkhD;}f?jm_W25m9U*HE!Xq7VK zeDi{Afnn{i(g{cJp!$XMQqOFV1FGkUV$Hbc-m1#ImcxCNQeqCX}WF2^; zN#{z(xSoV%G-uuY)+6k$o>_IXVDYV4i*bR#_I4JY^I9__W2#e7C2vWRomVA_nw>k= zO!uHuYK&1$PQNr43Ii76h=wA^*JOf!_42#M1i@(#>NXy`NizF)nD1)~ejY~A7)8Wq3W`|C#b)4Azgr3q_e}IbpJPx1 zQ*T#ErvpNrG}x(@7&GZshzY@5RWS{X|*tqfNb>PI4o2R;|I2?rIhHeh$M$k)KypP32uI{MgF2`{GCHRdir#UgOo?3 zk=1lxL&%Myg!trhgus;&mDNn<04uK(kxdtY7nFbGwYn9_Z(+`vH7nqCiJ&L>+SH8LwVQP+y!;z>rWN(-Cl9MKe)(`)b!-@13oiN|bP(lOmS~BX@tP zBv6(YV{R?f*y3OS8y5ihoS=0_Dqha~Hp?=rWzLs^F59?Pbi`&6bu^R9e`t93yh;pm zTM6JaTjwMKc3XPbSuDSb@blUoe~Am;+dfGS*GYjbRk~4`N=}Jtm8?0Xc$9tgHoj7$ zi3da&C2)#OQ9%N5jVw4RC^DYDV(QjOJAl!HQA z0;ofXx{~Jvon62t*lP(r1Zi5*qtw1vA_wcxrorE}tv8mARmqv8#XgRtG$bO{m-Cs_ z!&M=i@he7c4I(wKEo{m4=cMlywA0Dfv9nAl7gZXTH~m;3Bd0m41?mDXq4VpyCIjFK41v%B3@eb(1aPwSFhy zKkX1Fx{7vav>{xtHh|C`9`Em0KIY7xV>jbdc%VFI9)&5R?uT|bDl{q@6vj5>&76H1 zv%>pn=FCOF&Y47DsNGU^ns9q)Ext>G6$r0zq&}GAx*&rxum>^n8XT2=|zv zO4QxuX@k$6o|3He!lmFqZ3UC?73QIangc6-%x0IaC1B}eK$L7X+11vABv%o5QJfqV zrS`KF$v+{Ll>s1Anv*6mCXCHkr&{00!0 z(sKliJb-=Dz$qr7(M&WP=`cp$&-;lG9bXsJL+yplyln+t=hxK1jU|=MU0l9$$*fvvHJ#V=> zzp{kfDDep-ISIota%(7rCH5Q3u2K&2%7UWK>%q5r+p z(hpXWkr?eCJbgaEF12!AYNX5u(8Q>X&o0m#GU#*$iqv?eoMuZ&t#atDNov2Z)&SsO z_I3IY=aJqpSMZERq=aXpu(KWTWm|=sUkGJ+3%%xE@|5uDa(H3TxRi zHMud_vkN(q$D_pbTcLnpR34*>6G+m}6Jgi15k8a$2Smn!S}6bH+^SDW^qat$3qr$! z@lY;cazsvWUGtH3BvZnI4ag$hIKKp6MVJqG0hV$<++vod#Cp3M=C6 zC-ja{r1<=<-fiPqq*sUWF42Q888^syyqJNrkJHsnLCy?eINailkbT&_j+Lbpj%L6J zN|q-KEWXOv1=9713>LUn4dC#~Dnc`!kKsTEI~xdAJ5t(;nG_IH;mD&n2caTPC$$S9 z{ncO@CBUhgsi+8%ZS`Eu$qgBN`mAWyLe5>YHAPBIM*-5ZJj=(lfNg<~>>1QfEN3C9 zdx)xM?)s_ET{mW)#Ktn+4--~0XC>lT6tiKLib+$K63RK5j?!4ql1PeH*eo#pSyrWT zGqGwRMMWXkUCt9N;;8SAY5)Xg$w0C+hS5fq_6-?4KRABg?1u`^C;MV^Kf5xH$ziL7 z9X>KUgmJU<<`4e-S>2|C3kvNV$Dcn(;yTvZ>>`Ni*}gKNyw^Je%ZmmUYeh%oF`Z7M zcWxL_*~3dF86+8HbS#G!rwERgjT9~CYspZnpjfX^N(Nk)1GO)LxH&Mo4%vV{MAfjU z#m$qY&T=1lIQ8DMnbb)V3evCu-7kbe_2FPiPWo+KH$mezSEk? zN-5aZf55Ob)E{ccvRV%(WYEa3cu{Q3X>lfSJvAGIu%(tRTHB&^H7wE1EB%Ym9H@Sh zUrsKMeq{|JX$M0+<}=5D<&eBxHYP5$KQ6<(HgHk zby6cbHsagLvAIP|ZYgqtL!~?cylW7zox8%7WF7Q@cRRB1))@5=&Xkg+XHurmKvHyt z*K?jUlm|$Q1hxm7(=oDbw~6ke0r#ZNFz5N%bjU#c3TH%#k%RMuiXACOtCvgTq_4AuOQ`9tO+J-rt-x50NO85tB zu7nLruRFthw0!<-_t|a@mAj24BIqB=c3^--18D&v%WWKc8xYqR%B^%{#mKHDjzd%4 zY^X9S5SHNbawox+=gMYXPjtzqQc#U~E~=7(z6U(q1=+$aA4b)q{rMRbI@2^yL{9*a zE)ZMkf#-CZnVV`NB0usHCxaB|(wz7(+o>Dg)4)D{N&k`b1}X35|tU@`-NK!VO_0f%4JEsTfM-BI{seWUd&iY!Ib zA1@PDMrx7-!S&7~iJ%Hbh1=hu(KqCTJFTf0A=aVBBMPJ*w>QC@2@&B6*SqO$o zoj#{`3U<3SqdwVZ)%~x-!@Y+8@BZ%I(Kr9U$9UkXv5IyR5E9dhW_+xz#wqVjfVK5W z2QCwPi@;2|))#v>e|SOmqP^p2H{2!Plf7vFsr+-(Ta}AGfw(%(S2ZQ&XUU5|Z`s!d zN`E=$`Y*zE=5vSvYWx+Ioi@a~yLvISr+)qF@_s;z!u;Hij-%Zmv8J~^QBH`Y4M?(e zJgrm=_ED6n^wt(;?3!if67hsfv^?z7TEBhkG`M2(54=pkbq-(3KMYBNkXQpw5E2V5 zn93bf#{>!qo6HLLi+2AEKHT?tZpHr{;paAOtoHvtX!8I4qi^wF9_2wVA;tQuOa+xIM4{tssgtFR zqDcrcROMZ8q2hh@Nv9J88^-AX=L$$`?U@t>mj7JBAyCDT!vJHLuT(_{GiCKQk)q?l!y&JOu%^b4=fOD0%e1=#-iEXyv@tEx}lz6&-? zaEA_j4`uxj{jQ+TZF@(mgmR?<@azMi!@88OMzida8CM&U(252dR;Hg-d`hb{2KANz zXXJ#?xa2~R@3j$7>z;l4G$%xTvR^DNE*-#j|<5ZlX8sHGfynGO*Qe zSEwYPK7+HGqXEaDA)xn2675H0G(15(6BVDD7(t(*C$uQMyT1hOtUUvC!i*0dG)Dxt zhGe5Da2<{Cw5~nxwRelCXnX~Zdjfq$u177dPz-CPqgNs98!oC1B?PWgfbKV z1+2Fhe?2*M`cKqX#S)?7C3caLl4lH^iZGc4*tcb$=@fDY;3P>}29;Bos26(RHf`vClI8%u=Rh+iHf^;@ zbIF_jIm=`4*MsSYAc=;F8wB}T?HO^+;ZvfeyeV;Z)pHN{gKKo&LD70Tf{vZ=OqdcX z7s1<3mWrygLpmR56;I$ZFd#5))i{tc_#ify%I5@PRDr#XHmzIM3s>E{*fCd107l71c8Bn|G*?tyfnzgnVPV0O(CD*! zAcrWCq)e|RU)14Odx479+7xDxo7Cv#uxljRZ}LD&1?!WOe_WEY|F|TtPJRYnfD^yr zYU1gNL_VS)L`0|b-#mw1k6no#gpsIvGr`L7EKOJsEvs`KP%=~?frUhqYMS}B6FXhy zNT_*^0;@+{wZcJdPpJhB>tI4R8%a;SNb`!7*VMj1lf|2K%J{4@Z?&hDEv9S=TIX%r zoba5N8V`#jZf6$^_Np`=>#-tmox1r>#1l5PSXY@qS8%i0YO6yE*DG7sf#wUuax$HX z%2|#9ICU?dp~mT6T@vzL911ozf}$B_q3;=4*&7G_f+ubf{rMqK+Mq>2%PB7(6sTaa z6sR5+=3K;8ra%bqiMw>H!EIk58lY+@KPm>IX*f%IILyJ zFt0}SGVW3`ern3W6FDIz#$gPETuE|a?O}M4!%Dtf`R9Ptt=!hP&Uw;p23lWdc+)V&KUmX}(p5i5`Bugm0(zlR}o9 zSgx(apxTWD>&Vd)N(CZV6|~Qds{j=|kvq$Y@4yM9ko#Yma+t*#72+3lb^?4gURSV@B$$EOcBqbZOk2<1?is8c0;Q+u$4wbNcjz3C9rn3q! zV6u<$T%TUEC_um`x{@B{RoF|(TlD~$^w;jeOI2)D2OO5|xF4V*0UQWwmu>WE4wVjg ztlAX8hGvo2c0~Rkx8M_z;i{Wc*RTnzF1j&%Vv-7rovNKZsD zElH8hN}3UMH9B$nsFB8A!reDGqGjn7vyLjtzh+9d^!bx)zOYvvU%b6~CPIJ{?(NvW z^PMP)-tEYx_u?%rig)sNcT@K4L|;(e+}_kmG~=~Vu+nxV%|!*yry3cW&kYHNGj)}3 zLSvNXHGdRZ{3;oXcNoD z?SUqj1$o~YR^!DLqf>WswZA^xTyv=Mz!T2d#bDOGuFpEvwPzx8Wt^a-*EmLj5dx{!c!{ABn#ArhXcc0e_qOY48iKw8;6M6+8hWLQFGO;zwvz z2!_8*1K>G`{#5XLI;%ig`hg86oL|+%G+`oq;{?Q?sOQxQJng{8CGkuB3CHbUGhR`ArPNaDZ&0_WA65j@ zFL+7E5@SO(75Q^1d9X9Is%SjX10^T!wVVWTb7;s0$OqK0E{*aIcmdK(@H-f%V1}mo zIP^Cv*T$JD0&4-gp>82kjMhZL(D|e-FQj>kBCv%#rYhO>Ar!n%S0Oay@q7Fb%8?1xk*Q=3+Y_AyBwgs#+wyuhg!mAhv|qFszXldGG)v_fY#%nj7WQOW`hHa3D*m;tQrCagls+COBAC@+@``Ff(M zp|rEDC5qIjxQW7&DucE>CB`YA;nI&MJdJH^FL~%!w^wxdu~N<(aNW#fCUn4*a+brD z&HOqod5)G`Fpp$uRb@=6n-wZM7|w+X@^hM}a*ahgSWUuh=mymjr`jynyI3vo7(ma` zTo$3pKW7*}V=5akPTM=m-yEW)C}-ttPKG7Ulu^Y>vS~@Z87ZLC6q7}45E2(N$d5P0 zpHnskUx(wvpHtO8+$ZbB8>J8Se@Y4S9hC2v&pUYULl%}8&@>bcYz-Sdo zfIqrsaY|IgmrHn)vqiNc>Re+8CKudS>_ zNq$XKo!-aeq&vBrPP^>%%yy+xF+@TV#}vUPC_9?OTlf3@m-m-Eg@ad;phVe@-92M| zNGuXB2M55x!Feqf88D}+tj7oOv(Y;^Xuod%HRW5k58luH@~0D}tsj)%zq3^C-iAC^ ze+E?xP!i?zg`)@wZMkweoryx)`2>7rybW|lh?-6`A_=|n>_(-P3+I9O?-N{1hp0!2 zP)aiRH)V|{-gHHE1KkS1Dj+R^$O1-m^)t?f0ssxd3`CX^ghtpN+O+CV@vLS4X9B^$ z`{n(sv!M7~wCQ7&{rB!})&6^T|Iz;YejbMskRQ*8#jrD(9r#A%B5H~gz#v#K&~2ql zXC`UU2yTi~B7?F?#k~m4!UBk0rM%1Z*-*2k@@{WSrDGXy$nK0K(R(ZElMEzC^TN1a zy?+1x!~|&QRpJZ@{5AB7>w3N$4+B6(oii{P>^j)IYl zsx~tnj23pflDGhlfab#IRw&qWE5?&BP)kH4KV!s&?M9^Qp_-k*d!+vDo*UBtPg9a) zBxga9tu_T;LH`eScB=G$Z|^bx`~5r{D$XIKX_L2w=A6!s9H8YmlTO=kT}@>;{Eqef z8#SQP5ZQlw8|ZIw8qq6;&O~Mc&-?PF_taBwRoG9sU~|?~3(LU~mR};k2T2I;wmn`1 zSW@}g_T80H96?!%LS??j!YPU7iPB3_M(h^7r#%j)jo_wS;(R<^bU_wF81RxO@RvDzDelLatfoQ;aU-*${4O<2WJwmiB^Q;BYu4Lj+id zh4AWgrmX92vq2e#RF*SXX*h5VX4Lu#ghM3gl+|kHCAEO&D=PAN8lr<;_%oiJ&Bx>T zGxEE>dqCc?iXWx=;GDq%@p%*hyl|GmAOi1iM6?d&3*HAG5JMvp;yELT(OHQ}gQ0`Z zvfyt(9HEwM%+Qu}>wo#~jF$x?;f#cxz%w#K(TLV8371=8LRryTfjEc*FQILNWy1wI z=#2WPk*mry7HEZiwf-Py9gJl7qWuJ0aB8H8RsuVcn}N0Tc5MI+{p^0n{7P%0-*uMU z(!HgYVs+QlRzE3cPwz=24@oK;R_8S|(+T8QMp zYRZ)O)mcf0Bs3|H>xD9$7hO7D4WO0G8P?>IeXSUkw>mYmMM1=L9ck}uH|*NSmyfnq zcE<&mU_ zpRSr5jc}-#uF|`*cN`pPc36yM8AD~Rf2;am#Ih-+{g)~EHS@5H+Sr--?QHW(7qp(l z)#EGql#IbCMe0hIjL1W%HlP|+mnbW_Czb(RRaA3SHy@WpS=n4j+lO9PLSOa+Yu$y5 zjSmcr(gb8p8MgPBW%?nW8`6JEySzFY$a4BW*xNZctmS{+d(8iOFON;Yah5Sot1E=e zj>%xBZk9B}gs>>lEAiEY`m`yLP4jO=)ow*-?&_SWqRFzBhVP}&TJ`&ZUEbBSqS_gO z-~ozH7f?gwzqi&fRu80pZ_>RUh+a)_4f|}8FWqBqSQ+|IbEBz#hNLW`HuSRBktw!f)+^PTI?^LVNG$;2J#0mnuqMfl zuB+RrAJexw+8sEkI4zb}fB>QDK=`GL=qxUpnn1p610*W~bzf1s5=qs`skwaViVjz= zQZkK(ik1G5F$2~MtlN^7rB$r1v8_~0rc1M`RktU1lsI{DAe1oQ0E=S^ z)`n@-=_2S>^y0~uqVt{VHv_d*3QmL08h{x8nI>Q-ADouBuGDTQqS)NKPDwhk>Mij5IY-I#UMi0He8CYV|qkn2)y2c*kz2WK4e3 z={6BwE0c>#X6fa1U=_*N{3`p;U}$0g>Qk0 zO}PYOQIt(_t?eQ5OQf^Wl8aN#TIVL}Cc3^J);*U0v^9kiyr_; zf7vWRsy~~9*37){x>%cGQ(_E%S`?YzX5%||z%nq_-|!kJd1fv}NfKX@lrVOZ(-E;5 zbv~k>NKxk9GqDw?1SiGxALUOs#bBJqMU0b|B*BX_P68q}MEh2OLImA%eB(PmUK{!c z2fM}{Dd#$?1LH*IAWNo(rb&bT3cYnhY#+PNT974&a=WRS)__!l(-{D2Ve1_I*J`&A zq|_N96;#LwZ&cVHm%L7uZq-#Kijk!`ciLPA%~B4Vo3t8rA5^6htpF`W8ft*EWTM&* zRNH3O38`J+CX?3~g2*0PQy5SLos^5YP3^?Hn+RvS zwLVr&lyU%E!dR_=<3}rzyM1n`|1+yV#z9}E23%qP(cj& z24t1}*Pvg`|FOG2*m>Ol_wm%Vn$=K+(u|pxdQ$fLIXZbGsR9dLV}^Vgvi5S&JE^zh z*C>fDUbeq?78#KO5A5rNph1p){wb^rT5J86*y^@7xOOP1YpX!RxASPM^-uKNl>XC5 zNeRRjy#@a_I2`n={NMiGBmZ|V&zEJ+ycx@ELFE#{tf_H1uFzf3;=3TH^;514=i0_w z%Uh^-UNPp%^7t}N$ixmARJ#9n(WYQ3H(S774VB(V)K^w)1iWH;q+sSR-<%wmU!1&o zXoBf-4#6*fp0ncAiqpOcN8Q^voqsNsgEB|y0>00)EFmJTluUBsY*NId7jYfc zDGBkcMzM&+E|YuYlon{h8w#`m&n!-dXrM(UGyGYEg5S4d!{2MCN~gt<^kbY5p(#=5 zy#s;BP3b?&x|R>f^1HxF|Bt~=mHrPN<3HTbrfNz+3cgob)&~ZE(}O14q3(an*aI+JE}zhV*|m z({DX1{Qm~~hgJXY-NT*7_@DRkNcx}B0&Q_>^M)axB{6LEn&Uu6ZT>Ni6XYKokAjrw zXpdNAWoB_2x>7F7Xf3S@l$RxMJSq;C*sy_xmT-e6}8H_4ukDOZqOyTb*Kt z{N_v~zUkBQk*VFFN-fA)@;{dDPpea&H0IR(^2LgVWPsNBQQ89OgvidavMvNNB}?1> zM>?5sm;f_Eny?q-|KN{V!wMO4nM zv?dHo6EU@3OOedgF1-ot!?g}^oBU5}j>0etw?Skn<)|&mg({kMgkj6w`w}k9Yfw~Dij(lWoK@t*a_daXLbGANow?mLfs{IjhoCBSd}TlA^9F5;Y>uyV4xqkpR;vki4NP(T*kx z^6Q#Rv@F2Bo!He8V03AJRg=bV8CBGY+P137Cx2|p`^R{0NdJ|0d@B{;3i`jZzhCwL z+1ndD(*JvT8a(@8cK<0nX)31N4hQ8-r;$5@+;hr6!o25)kH||`b^&zM-1Ho-%MAhJ zYDVXxWW{dVRoZyq@1c5tLSjEV zyMzSIs9D!zY)SP-ud6nZkSgsq2S#%H?cQ$x%UZYF{|7qP7EBP*oKObYxT};wG783zVgmB5j=;JpqUHzZ`NoQzhQ^T7P> z(-IGHT9Et_Ck9CMrV>$pWzFTcMHdR;w)tKJ7Bu~rUatbe*~Z$CWI6r3_%*kXpx&(N zUzNLQ&r_PJ={B8PFRduBwLoHG)tnO8>2W$~3cBX#wpJBYqO`8w0QDx?WH_i^S<7BJ z>JnoW?;@cSQ|S2c=@X8koG|w3(?<=mxOYlIBU||tM^^kv$agt|M32^tuI&CM;FmKs z++qNwtOaWgVM)%1)r%u{EsMOq%-XJ$eEAx=0o|Aq8^hxFYD!_(TD#LCVaK4;HvQ^X z>mtOowF({WL+>imudi@Wl|75$kp6vFa?@a$p&rR?D1&d-9(o2#rx~rT4 zSJ{8`_iOoI_x2z2|J}>u@c(w^2e~8H?^?_cAq*%jr$3)$Kzf_mwrZd|^8FQd$M9xC zih5O?fw$J}BW$!Y;naW#=M5(Q0Nc1n%KOj!+!g&_W(>HB{tpf-^50#4C_K{t`*B~fwzI)Ph$p=IB8xm#HJ)k&?KQFp-76; z$u>wziujU1nkDN!P9tvvrDOs`5N%~S8ONVVBs6OO)(OxrX|g~xg_;~Bl#v`IaY_O& zczO2ete`pZHqbGh&1j1LdVGeWIA>lkiHjcmE5P@H(LeGY{HtC}Cq4d;`pGWSo@r== z!;5)_#&JTJ_cUNvnfEjp;S29+P|Py#>Hl~e=&v}B>71cAFJCb)$a2aFtrx@*!97tf zr+@!56127UzX;G0%%b)BSh4^2`h%+d&tP}&G5*iJJR7bMJ+DbJL&tm>c;1_o6*x&4 zgs=VJD2yj0Ek15diy~vgUT+c?)A30W>NJ6hTY}R-s5G#i)%e5HwuW7t|-1F2u zaxoG(VsbL0mxLi+h%dbV(o2bVozaw}1w)uI8pgO#hX^kz!b<^cB!LPLcUfc}4oXAU zaI74>F4<=I*(Aqsa5fDe3XnUTcDvctV-e+6k7NV=98YraO-19J&JZj3UC;#+Z(-?f z_q^Ze9ECX5qmR=rsAY$qHwe&&2`R+3jMFjwxV14MMVJ5X^4}dOq6fG!S11;{x`P&U zo+Bcil+4YS7vOXQ`jS@QQNszlcLBDtW`sm$HuipOhQ!tCfB+c;O`BXtC4AB%i#hG@|@3J`J zYy16_DEvlps42aI(qoz=^okEuHZ$~|qL(?%G7>3<4*G(%bh(4J#2>qe=7?YJas=D* z_j#O?sN+3FmY?ngS)eP-KXa5rAUG{_^q!jAqN|`4-~?vm*d|$?2kZNI&I&q<|Dk3Q zHWvB|8FOY;64^MNG%Wo%Eppm}b?^zc!A5A>>lRZYR#A5Z?R8__UME2BDNHgaLzT!?_8{i zSccZyWavXgGLl9l4P(MSZf)2<#fmakYHBFKpOJfgd~W+J=l_qQ*;zOx(L5n}4|ZMq ztY79?Y5%`d)&C9lcOK*a-^){Rjtg;t6FN~wQJi^>qllzK8wiG5J93@>#JOn{IiUuNTMN#c6W`0ORntznCG6emna4ZC6C* z_6OIKGMoF7h8HB~zfh5Q%PfsL}sbaSf;F}q^8ZJPC`gfE{UO25mIO| z6lMjbbV-%E-Ud1XEk36!XOLWkV^(IgMy$xe7;P&e<2WS|8ZBHH`Wdr=A);lbO2Fl#Loh6!-IrJh~RJvjDDN~<*KATVcQn3imqbLSwr;aLa^GgpqJr1&-pyt z7k^=)yUCEGc0#yJn74s&x=@ssRmTeq_hroQL>TTW`U*9}nSlG3l=sb-4Hk`V!}rME z8n829a5e(QF-anYhKQtML?a@_OO{}QUq7Ly=<>}N&E`oFX9-c`Kz#d<6clbGClT6; z=7i&gH=p1v;{eLxiP)N*Z8;86U-bSrgX(|Q`_X)Kr zw}tReY^@|&Aj}w~2IKu$)5%G}hO2*UeM){(f&r< zkcU&sNE&#qg)>ASK0;q+YKO=N4rAbZ8wkmX8N%Pn%AX16=0SgFe@A|h$EzxbhdPXX~ zU7{5U8q;lSl591my>2{KYGUYFD3^x2HVMnw+E&$ze$f+Qa{}jF1%*tSnGsh8QUj zPG~w|aYV#10`zwqIujWOVt|%>&Pd3~FMtmvfGRg|`Mej}Osjw2ycMqOJi*Lqg&ViCgDAZPG zlpM*gr*Gk)GK`a&T3GADUQaP~-7jA>wYa|SLgC=c7fzTmhC_0F9k9z#`NaeY4RJF3 z@)PpNBUmy!wFO zS%ZEs5Y5W!H09?ZXD~H{vJHuRo78bq1K9B3M0m^5$9pjRU4=yya=9=h3?$ZC(i~&- z`u+QpGf$sW2$D;_r1DgjBb2gPQHVn%+Oh%rPZzT&T3dxWY4U~jHj<$q1b>4g^81{B z&p5*f5io^P0Cp@ICwLQ6_ct(QKzzp*f(xwDR9GW{Y(~&X z;LBJ>Q=sx3Dn<%UlbP<4ccS~eAdAxP5Fb~IY^Y1hFH%}wzYq$J5SSC90m)*{?UTG< zfub(rrh>3l7#5zr-azYs#Vt`_AeM_wj#Dotxd{1u1QOCyso8*OfQ=3ZUOYzUWu(d7 zbFR;$G^!Sn{Xr4cr|74Q4{?TQMpbR>zfB1o^wwHbXV!d_#B5qUM!J&Lgx29vn{rOE zop(h9CW@-_Bcm9o;8u>L!f(k9hDLmGs&ArC*&+xIE#@-ri#Q4}3KKey)SlqfJ118huq-E+(D(_B zy6A>t#payXP8OW8r~p>EV#+HZe=)-; zo`|CtTTHNEwt)e~(IrkpPEcWC%dH1@h1_1z)?UV})EGz!IMJqKTOJ-Lb`C>ZvK=N_ zeu4{rt5Fg`Yiy?BO@`9>Y(#QcCNj9b(tV3_9$Mz7JajhVJOn@gSj-Q6PJ-sfIKW7( zIDZ1B@ySAwyF8vu3rBZ+6h;%^l+?-n0mX-??|HyjuDDMW)11yHQ+cnb90u}QV3vud z*wD1TR6OfH>w5^bB3`nXgM7i}fs=Qha^{fZMe*;p5~L*sTZ3e&(KJvj_1Q(R;G6&P zp+)b1h-VG`kMaKbG$lz!auyU>8&%K>{ZD_Vmj8Ee(0}y*xtC`Hol3u!*F_ec>XQ8WQd7KtwqEnBG%Q zz10#1P8o3&8KDX2LpZGmCA44#wmn`1Y$fGui%fA^$B)j0;)pW*$!!JP>#)RxQ1sNxmqJ^xpj420at4J4IL(o7hF}Uv@mp~Q)$He zPTLc9OHm?LLVg0W%Mjc?RHQIoP+EbA5E^zb==$1LuUHW_jEd$f`h89dD5_Zap=Au) z1|lWM^edCKrR*({|6cjn$yW@K7^DPNoDC_L<#&)h*<#uX;8E`X>WeVPsZj&(Ka%|zE1m}PhC*VkXC^|BX0CDyvXc*eRo z%PLNs4dVz@;u}}N(v}LUkw(1@1m%{l{}$*HjQhP{OMtWvvPui@R=BFf&U6#tvIeyQ zdEc=vY`79lyASkLptJGl#$ofAZiCBKz*$*yHTe}J>GUm7;U+2r6gx0Dc`|1NR5do& z;Fdw^Dn_+!)oB6{m6?>tw4c(r&Tjn6hR;PCJtgdAgl<3ersenaLl*o zO|h)l6*sVU%j;meRPQ#pE;Z!Fw%G3NT37?)Hezg?*TZlQUm%=iyo?yzmZR%V$Gp}n zz%lMXrHrsT@X=Pi*N!#8ntoV})z%cV{~`<6uwW|U!t&NcZfRA*m-Zxjnt=S6sw%o} zohXPF&=xGdre-=0gu4G!Y4U2cO48_umVf-KKR1&9Ra8H$3qejA4Z~OXf9&@UcdGH< z4hN6+-}mys9@U)H64^5P!JN$W?Adwb1M` zwA)gVXT~ynpyiaMn<5qVW;snMypNPciOQl5g=B_O{(RV+Gg7MA6bEkkovoTM$By>o z=1<*Um+Hx3&z_^2CX0G@7|momkXV|d1+qc^Yn=Q z%7{#T!72L?ZJzSCN9kg->QhtueoNx1tk5d6EBjngxnf8sH%`r*>`S}qUlkdxq~0jS zUS{(wOW=lu6BC(K5#KK;a1p_ z8)?<0&iwVzoa^Ir7tfvC|8AB4Yp}QP$p1BX%>Q*S&%@mRaF#L7TQ}4)mSc7Uf~~Q< zacn`B{HP2FZQ^x@Y>z`{ao2ngcm=EdMLuUVFGxN_zEl-zzGyAf*+zyACc&ztO(p9| zUYj$Atv^(mluO}LHfc>1e{PIOolHU@%aP+kja`{co4gj55q0BzQ`c&jx~XFNXpP5d zfKwYw1MGIQ%kRgfk~(Vfvl`O}_LR0!W&^Axo29nk+GbQsp|uOH0M>OC;7^n?aqH2y z-XG(f6@QD1>1$C%WlyQaIbQSjii}T+#jpxO<1(-Zw;?ccE%(!Cau)!3tsx282#k#^ zy1pJZ7AvroxW!n-mJ+uJtzxyl3J_=2meQxdHhr-hBIV*Zw{zxnQMWt(JxX6Z*?RrU z+51m#PCBJ;po;9y^W?>ot&`JV{`6MGA7HZhV@_v7>m?G-+)}Ptd(UspL&#n-XMvFR+=?m) z*f=Su0yac0LYi4g^BYF58&!0x-tsczAz@EqH>eZ@$22X-=fcJdNVDG2^pw(~bn@ws zAnHPce!pME(;bOCU|1lS_?d4MR-buAcX`Eb6z3L*GhRi^sbe+XV7qDMie1+BV`)|% z=$eL)8T6OV^<5*9Gn2=SY(z-21>lg~DF;z@)?3X=RLZa7DY}SFZ2}ZpKfYQkfrL|v z{4;`ch!k&mFvE$OEkN8QeR-v$l2~?rtrd=>A$s!V_|@tAPd~nSD}w7@*9(G${gW^M z_3F2!#RR>C7LRIeTBXgmvtNEaJ%07#$<{bdBe}Ez<{s)6i;SQ#f@pKduS1ExBF3pq zm-FaTf+N&T(V%1Xqv2hro5~YOs!)B~W4~oV7)EOf&Fa)TM=g^OI^%ykYC* z`=isJUcI;1Y?wJJ)oP%xU+W_br!yL%y}iAqcW$_=RjTDzLET)u z8Q-{u@!ISPoFA>kdcC5f)=JE`so`X?%KOgAc2so>Ch~+p0L{ha#11~9thOK=(Q38A zkGvrVKU5+>?SV6k>Xxv{SQReNswAsDbjL?`i9H=X!wF<%Rn&o8>lRU&l$*8bxMI{X zdc&q&_m9@Buu%Is7_>W3xGGTYOzk?@aZ0t;<*U2mNM6QXR|{11eye&|mvb*EUE2e$ zG^Y0SX3*8cXh&NhL}`7cOFKdhX^a1un$z3q|HO7(ZvDB^{&RP4ucrUo+kMpk-OF<` z{hv)%MX(3BV3t#em)%e9!~C=6g0)JARQB@v^BaFUe9#`s=<&|y;+va1)*!wMi$@0< z{s0D#4yf+hzHh~J{*lZbA08X6jUDZmH?elqW_FTYUTyVwCx(FL_If9VfDO&v#t^W| zqy4Mosl5aKZ)HY^Rs7%n-eHCR+uz@P^#8e+=Rx>CW&TyO=(;Vg|;$WDr;kJqjeN8tgu?L3$1Unl0b% z>JlYaS7xm%5stFi#L5b6RI;#=!C)N46miaJK|`7h(feazDk9ZZ~BuG|nVgy(5e}jW6|97}IIC$j$?&GOmj*mR`;0$A|BCI;amk;s#u3pFp~z zQha6c0b;s|kA4&9*DLdUz7XMCjmUd{DVp-p$s2jPFso!dMlyn$>~yQ3XOI9@g>KwH z|EmI5sR%zrt@c!GN!KqKm+{j!dO|+OOayh5ZI&R~BERb*FtidR=CsgRiH=WSicB<+ zBPX2%=ma8q>MWZlIzu7)MTY+tl}2Ptb6u{S%p!oPTRArS$3w5z$LDUJ+tL4wW$FyL zIsNY+)bc+Z?Drq-f9~b^7W97|z5a%M0c)h^!E4NrU)KBgY8rnL-V$0I<2XV7`>D!s zs#8EjlrZRQiZ4at!CEuu=;VzS>}o=*G69~Poyf#;Iwg=Ku~|+-LLyF`{W9TP^7li} z{~G&0n37}`Pg0tb_4-(~|Mz$IYx)0o_8#~DeLNfJ1Q!L#MP?H*yF#cin#TzwzshiU zfhUmST_n`KQ+Ot8z_r;)$F^?w~1gSo@2U<7Vi;LP^mZ199T2$#_d7l|&kn`SOLi=Gy52y=0@+-5%VLCz)ZNm_^)#~~b?t#51ISI1;)UO$k&qeOsl-)EjX+f5EIyw2}4=q`N> z)9L;i?kLo}&j^Z@$T!d=1FT z+I;)EzP{$Y`c4JeEICnluEh@n6^}C{`Kxq&fZIqOULB}H_NK%UAJZ$=__WaoQ! zS}NfpEQckIu&xNBX=Q3crtagwJg{L(njDGniswtf1|{)pwu~a;$i7yraCWK43TBxz+;r#>#<9u{9x}s* zl@`8|aY*g~mwQIUwxp0jb|R%wNQ{lrVteR3U}qI1atN9K5LY)59pKWSGrJQNHd#3G zDlObca=JlXCF&(%sM0zvgeY*_beTw5ML9;4kSIjcFyrK|Vac=c4c1%Zq&RRCO-p*s zjFw5h#X`w^fN?D&ctk4+wRfLd<8${JWx9lD*S z|G*qSckdfSpymuBOly|job<^l*Y7>14jy-f$wE(tkF`58Hm8OYC#W~ezxUvdzmGod zY)+UjiOc`R8TW^ai3Hv%pZ#cEl`ac@Ni-piEkfisrOLP1B!Gk-(QRu8>}`<*uZZo7 z9=vzz%g1d?!|&eTCwhME*ydq3P*hyUVkXRqo`F9pAWN9VxHGo+yCc4&^rYJvDXQ~W zKuxcUYj1&t7@waxaY7ma0jNP3t*@8cjIlZHBjIsZ6 z%gaDSlp7#x?}ITIGRNp2LopL++d)?_@;*pS;}9|OlyI~k8k?vv^v!?Wt-A%&MLlEG zoM|1}@}F|_Ds!n+bfyNgd-3ca)R+l&^iEKg$ts|AkWh?P*y@ETam*xvMj-?EKZ2q$#8fdHk?2vPFexaAI^v78C!U=p!B!ax#2 zk3C1Uk?>V&#hGrV7FrQ4gb0xBVJxyIT_q1DE99?84MEqm{Sj+ZAl-vAmngtCMmf6> z{99^w#tn2qhVbVaZIt>D!``uts8Uj+L|X)IR+_lV_Bk}&OG(TAi&AW-ob=$^B3 z_DpQ;dbfIe{un>!3m!wDNbHBKcI(Lyxssq0cg_nX2cn7GEjNP04Hm_#3*11`j*Gel?CZ`~%ekeIf_OXg64Ci0c=c)ifQHJnir&ZZ3IbUnQ_|r4 z-P+L|58;(`fo$i{0V_3HsflQTq|^@vm93N7Uxze2ZZU_7Hs&@O2%&nUUHmOL32uHf zc1ZxytT*gxkAM14COpYNj^3HVk{Mux7}63_&ygyEZBih({AqIPJh<1t_#o-B*j25+ zG9Fxd8!)<|GlSTTC*rYz1Tq^rVWcb%BJpN1Fp<495z?^ZJHjC^bptT8NlGcK$v~h+ zPYn)!jV06f6pbF}DmF3_CrbmB9ek}M4_Br$R20cQvhhpsD)LvZi3}{~P~!<>Pge(} zz6gca3v`YY9()|Wt7$ZeTf<#z6PDp6-{{$&wT2twU6N8lT33u zvVaT5Ca@6Y-X>|%?Nkk)bo4fy;m}nV@^j>!g3vkH)d3kbe$Vs9+JP~eqVZ8J5h$aK zOJoZI103oa5O&n7lnEhry&kPcN7bCZ4mI~Gz%o0{r2G@(BY|5?yi?%q!G?ixGk%q7 zs4t1edxtt0KYdYF>-;js3mHP#ET-X?;i*aB04N#!+68Ffp`u+{{M;F^F_Z83vvHsx zm$6F^GYeNVG3F-H4mfNGGW(_sRZ4gwISgfT*-AE0Ss-4QEC|L>FMHe(ab?nx_IwAo zR7x2#TycY2_e_OKJyla1SGL@SGo)}mg|Wn)>Mx>_F*-yM4ru11)Vm&);R99TjKz ztHF^c3jOCNXu1U05|(C=;YWqV3glg({pE(k3GL+OUEbIz4fyNcfDk0&UIS$NHi$T8 zKslr+?)f>80E<8i7GoFyp@n8RX|G3>NG7ai9@BItfeWRvJ*VxeXDk>OIhWaW(&U&lw17@Wl@aB;W_>c#cWXanqW1;v!wf;6pkEK6?9G zX$ZR@HeHRgfpq7Jf#yTUdQoZHDF=T6(rzHn3WDnF_P!%y+8aL?t&W=|;Ss_L(m|PCFac4AOqJ6EiM6mN6mB<%^pij{QumWtnj#X(R}s5AUkqdM;3R6r0j zzsF!p>yhD=`^}TMW+N^|PbybFm_`w1R;&DJepFH?1oP_1YV)2DvGls_(DFfSZ3AR` z3QS}x+4w|L{o5RFWU|ji1pGyr`ss)gRI~I7J#PgmvSx5lN~5~ci*9>+A}gPSQHg6} z)^Ktus3K4o)0q@U-g4Vwui)k0?9=QMiGn>t3Mlsv)wv%~I@ufxiMZ|InwCZFpt9|t zQNO4Qi~~*PoTXS0nqREAHT@q%Z4Pa=aff_nru|4uaV6CQi~}D1-Km*mjynTY+_{__ zfn4T@`OrrUmN_6}Db5?aq%$w9*%7@bTabmMiCLF{f;`z?G~QbCkQxMTOJ z6s65Eql7%E*+PPhK))eD$vO?^!eF5t@L^C5^SB`xvyaUEPX8i*bK7>O+7SD`aDRi< zel$rg&X>?a%{R7bqJnaz{O=_bU>Mq_nVDmdI21T3;B4Pn91P$sCx7Oak1>NVH}NbR z$nMhWB5#f40l`PH?;e1kHc9sLgI6Z30kLCnRDGkr?GonlHK*0%qd!d-l*{!Zk*NbGbh^t-I_tbdl!*Ku(@m5C6Dy>msigT&o* zCYs-dLn%t)l|%A-^}j_J#M~hrg)@uxKG$YbC=Gk{A&p|6rvQPOXQBc-Y^d)sHx5x! z=;3&EpQ0#YaAiefIe${ud^H*-CKP2}6v=HV?92dc44mc_z*3xRJ!{jyWfyo?>Zk6{ ztlqEvukIK#A*--Kmi}AKP4Kllz9aPO?PzcBb=-N+VCbm>yI_BGH;KMLW~LO5n4q05 zx*%X^$V)Lax9n3qLtaYVEM{(EP4%O~F(d&!CI+FsCA}4N2qVDFe^p%Qx?IY5vS&5%RYv_>6tCbgD@#zV%}_0QQJppLITUZ+=rPDkDo`++$ePLGlcP`6E;Z)IGBQ% zn2I=p5bMG9$@Ku-z2mQgIGy)reN)avNLyFAu4&p2GH?5dhwAFM9o%MYm}{pPC`bpoy0hdZEpSV z-%d(!v5uGS>G3T~)h74(g*&L7@hskX6%2ZjfeT7Nf!Wu1+#zV&k+YdUNn_;mq*DH~ zT0y-h$J$tG8orJ8e zs#FoKuj4u)2`p6=P;bhtk;r0ez10b>j9F0Tn?u$j{uHM!V3bqvR6!agA-B`r#I z81fS&P+qz+`&$ceVvNXdTwiV63H{(b-nPjiF0rjK>WvqF5}FUkt1EgPGw&t$ZbXb& zegd&&zaUMf+H&}=Iv`;P&w3ifBll9VtCFno{~V_Ybl$A6nFPL+ylmEf?#RL45Bwoz zU^1-?24&B~ug$p}*8n!+*vCY*Fo{EDF*@Xw(t*5L(r`S}9d#QBx|GvHBOv%T8HGF$ zRF%$ov3Ac=@R#lBauS(?O8Ye8pSppDvhuO3c`1Qb2fP*N>LNR^2f@Mv!qiyWZcdl0@cFmBt!|Fcyg>-$864GNC_FzKQpkkQwom(9ONvOSmJF@#|l# zFw|o?hc6}#3Wt>81dH91=$Jlp;LLcgR=(U9ghw8DjB(Uw$is8mE7Zo9pZXRNtxgBTt|vBE80hKvy6oFrWKz*)0?5Mr|dCg+%WXfd-jxM}lG5G@U;w(XfxF z`RqIXo<$yj(SDm(Mj}2g6I7%rn#w%rtE5{g0?<_7{$2{`OfeIBZS_DXQM+56l;FV; z*cp!=lFbULDi+lKkIY}*p5n5*6ZWB*BkBZI$c%^u6<_+gtYpg)@@GjTM|k86$OB>K zQUH=>4e&Z1JrmJKHoflpkk(ujdmhIgj4z581170NT~8unyU4XgOn?P(3uT%#x`ViG z>>$ExQ+nohsqvk$LP|HmJ|koV;oY_ZYH?V%D$&^gfsB5RW*rt>x05!*Gz<8=2Jh9c zUVo;JQ>%;w>Xoz48+hx;LZq~le_CYY^7$bJ>Y}4L!gId%xq>$rj|28M>^u8c374}9 zvRkZO4xxWway}(Vw=c?opqX4xFzr|s|B1nO+hst`?x8B`UOiY7*z;wJkP)ukq(%7~nkH$i$=Qrx(^fCVU# zV8ME4?zxp#=ibA1y&@DPns?}gq3zE&B;&WF(KV(x-|h0)r#n<35->`?e%RQfr1kDA z{u89#fnP^#1X>7`VEK0B@YPEf7df+gj`)RNNVT*Bw7|;B zF&3LtN+9`_O%*M#_ZdCrQhn!fs6Rj;jPoTi0x+wHp(Bm6w}neUiWTamqh-f4JE}CU zySDzu2u%UMkE8(keW*4DrV3X2($-+y@OkwqBq9&-dfol1OsAACCc%HbdoSUz1P?^* z8~Ggt10MbQ)Iphy+P(+2Wb2MAopQDbwpH37pr&PBc}DJ`)dir>doNWvC8xZbo>7@@b59?4D&Y!vgzHk zvMknVBOjq9zY|@wNGhC#rv<#I`7Het`14jkUrkZ}?}7hoH~61_1OE*=K!GCX0umpW z!{%xi%6PogNQ0fKf7p6aaJx=6yPXRj9lE=!qNWq#)LxDQ*Ypa4*9uCn5<6dVBh`mj zA&n#xW&tXcPQ2$pu)f5bf#Z~TS@BfQ$w>E#rx~@vf#jPDyU*EIo3b1nv7E)F_|#SVKLYXjUz5DH+FaMOb-(woKd#~F6HS9!9oW6R+~DpS;+%Y8;g0@*=wsKcyr zDLJxFsI==l`%jzftx>A#QoIsv#o||NW+VGMik$*&y+$&sy0c**I=c8z4M0V8zDapV zl%JC^T3D2}dNKzZpR3mtPj3h^ZH3EmJW$|#__dv#eE3k1{I_m8`YSh&VK);I^Q^-d zuW&}m$E8BsO2ym4Lf3Y@8x?iK*u@yHnsOD!+-Q^%Gx_^m)tj1#D0P~1_e$B#D)%^2 zi@~mNwkeygcXmCnT|MQNzd_KQ$yvTe=65@{q$Ou}TF9xUySx3Gkj2#Ba8tpNvv>9z z-{2@hxquG>o}Fk99V)s<`yK8(>dKbmK-XrTF!G|8aTWw6Kcwfo$q=SHt~O?lk3Nqq z9=Jb-Y?Z&B!Ee$Rs?3R+mDS0*+nHKda+o3>lDP@l+?Tx}UQXv6L#YjD&DPokXug3| z*8o=5`Bus|zIElOU2xL*PIt?oS`3A|*Z>dM~az zJZbP}YuQbd!LPjKfVHzUvhdxsb$R`4QNE-8+oS{BWSqGA!)nyDjJBl-b5YU!(x2Mb zSqJn5xk!4$e}!{`bgDUO+B^*fMe6zh(wztW!h)m7?v^w(#7zd8|mprtA@bng>4nkH73fZkIr0JVZk)aD&kwKs=( zPG(`)#K^|H-4oPOtLqA0El4Wqq%MNvTvsp+JD^#Tz`_*or!TuKNYH<&X-_8P{hrG=v;HflU|B34}Hz!&xZQX0#BYZEIXb=?gH0MJB zv&lmJ^@WX#h#iA?A0G|2R-Uc&7$1)e3FHae%vD6dnQtJ-fySmMnDh{vSCWjF8!h4U zFNKDE`}9VYb0xX+HSp8lGwV`N_c}t|JVb3*$kZYb#BpIPiC%OIxHOGd(J-;$OEx|9 ztFm}W74SLL-ex6|$~(6Df1B=)pxFFJx_^OUJEtH)^Q(IaN^A~+=hflk?BTNnf4jr$ z@pN-`y1MEdw72hTGzH-CxISm-uPYcK*2q>lceK7r-<^%u?Qv^tg;Nrzz4pTq-Z?@< zbOuA9f%9NFPgoCeU%7bP{eiL<@vPWI&lSkCo=k_7@N2t-MHjut~TnW4g?=UD9M@Gd?d8xAC*S9?m*DP5UPl%2a=PeQM$xaAeIwTwY$%(r!bv$!-%6 zROjOUSiat{Q!7^nMdjer414qt5vxo}{jJnLYMAt#m2g>lhDKE; zz_D0qvc`C7PAAc&S$RYJd!!dW2}1tQ&P0A2sWp>o5Of38s3rX7?W~TWoY=G-u!aVz zGr@A3h%(ussSQ^ZhI8arjm7e30V_4lf;Sx4B^*i>RN^nCb~u+z#Y*Sbvnr1Gl-lJ* zVARg-zj#ZB8&Zm(PPU&d~HV$rf+<;GV2;XRSkfR z&GqtA0300NqtEl*hBUw|K?U&wh%R-hvg63x0skn66}>`*tFSI*IcNK2emCGrUNpv) z7kzu_N1dB%<_4U>&57T6`N@mA_&&z?>g8s|+~&f(yCbZzfUQ2^;?A;s_!lDx zOY`#g)!O`uE!bBDZ?ZTO-b>VH{21*+@BDke+DMM4oB0dI%B<{UrOqaVjkbsw5aUZ?5fYQxZ$>H3gu2+NGG)rV|%!do58<0|J*7Q zj&pdm{!y0vyl2Gy!F!(oi4OXNWco=QwW2C6oz1`K)C? zMYIQ(RSuC+NlTD!#CyWmIZ*Sk9Rf(q5mQ(GcfjB5Q`3Dv0@xgO{PhlS$W3p<=BJH~ zO2B2YqKB}MrNGE~`dcU$BxET7qy~cg29{VuxTQcW!P2TVlR{s6`d1FP3%xJraja)7v;O)3MtBFX;s$7pl=Jn z+lC$YuoxPM2uHRY8GL~m-^^nH5<{bb zji!1GIU}_=RG8daMr8Amr}dAsikR^Db0}ZcLAhbg@9`4v6TM4~2*A&}Q0Td&*3UKr zyvA7IsvQ8>XMp9$b!Y!q!N;|3Hmtk23{*o>EQ$?jqV5Fq0lgCZ+eq_+B`+VZXZO5- z*A624j^I1U9BR@Ybp$-Zyo~2V21mDU+VOo5#I~jI*1ObfV$64)eLhHobe}OEalyDm z3zR1Sq?F2OAM8yJwMA0oh0wCG#89fud$c7or)d`Xj?-w%iLl!TugVOGg(m3tNwYL=eqqq&rY$SD2X;m{ZjNP2Uuc9jp$qm!4{ z^?f7q%Zx_JtmpF72auZ#Fu1mRp8Y!3&HgO_Se`xqy@FmN>VelW1oLXr=~G>Ni@r;n zH~5cZpgZR;ObHjLurOr6RPl=<30?(jz;`F#ytj(1feLwNbTv$xrbG!?0x9E=g@j~p zVU-?viqwbi;p6)!S#Kgqy<7ZT=0-(~%Daz`Yj--p$8N^wAH9WjF0wWX33{5$01b3r zpE(|R><3l%zuZX8akL|KY%>2kYKV@3z zgozerAde#E9H0_8^ug;tC{{%A3Bmt{Sp7PN>M>TXAEMMN{lazS^B%xeila8xAD$YGrH6dC}sGBjUX?+|>V$ zmv9ASF_89J7#{;4m{@XNnTOj^A{R_3Ub_DV(HffxIqOLVrbhRQL!Qf!ZpS2d;}LoF zSS;ous6wWUv#JTBY2s)^Vi@McII&?$9Gi&nj1^R=Qe0KNMaU(7=(VqOgcI7x)^R`k zwK(xITtZ*!gY8OSxOzvJF5NMw~6K5mAE zq#$uGW0yDps``pXXiqPL zMOMJZG}XtD=t30-D8a^COwQ~8uPT4goN5fZZAK?ubzc6yw1m7$4g$Z4?69fxTk)x1 z+0R?DvN@vRR|mpZrz5f46=7SczqMMOc-66GOxI}8I*XL;Eu!G!JA`-Kv9V9ozTuCx zmu?)8?;~^9-3)XJ`ioQ6DyMli1R0Caxk!L~uCwQd3Y-hlZ0w_8dN2vKy4>oYM9E7YLTi@!-p4FB&hH;2C<| z53&^%=0?o8fMO2BEHHqfR?0*@_16=QdW|zO-9w4GC7m3^q-L%U2MRw586U!SQz;!b z7dXcH1I;!4ShUtCxmbzOvwIJVZYF>|^%|wf>KxrPLMp*2>JHAFIb|PDBcFQ1!I66M+CzKG@Lk;WSoPM9t&J+h^K4b3dG+O#RTLit^~G9Q6j8_ z-9;NDw2vy!9t30F%wmYyADYvQDWkIVRbk&!z=C|Rb%FxBZox;mW*oOSyuawX#okRKHwnb;pG zbE$| z;oX-c(Su5zT+iq&8x3i*rAVQKG%PlSn~MS5xFimJiG-Ru#Xc!Ak$ReATKvr)%&oJK z-Dg!fJ`CAlp@#ZDFCW@4Wy$x7Kt+7MB%*kprUBj}$6Y>j3bfi|_H`(WOd+;X%I!9d zQ+c>?Ubx$XUWM$EC#CHDnc5G!b9QjiA~<_^Q+xVoHi=QtI?pLZ%cv3XYV*{qD(_wX z2K3nZL-1sdt^#5o9w?{wQV7D#Ofd=qh$N>ah|GU9nepfRe-iEU)Aj-)8dY@T`)ma( zwDqyDj)c;EZ!tNM-qWL_2-A$wI8cw9vndo?LnToC(wjkLpOT;ydzp}`_Ou^Kw#*Gt zD{6>&JrS1}kx-ZM$NQI(MJ!#-&yiSPGwpuHh}CmqysHas8lNPI!hq6G@yEhDF2!*l zPt4*#2*}Qb`VOgCw)?i@72Jc(|8;EXi2p{ti;-JqdPl(`7uk-R1p6=tQZ+tG)dS=e zXvp26AV0=O=LCI?S`~u`0-qP_Ny+tQUsJ5Y>apyevS}d|C7Gahl3#Ur2QYDZnw`T8p+!ph}ON1=!**af5* z|DhLe6DJo81>Qd9K1h;p&atmVl?IVfi%gM4ubLB45mdq>4TUMx%bjjoM4x@Su_C}V zmrj9{Lel=;txT;<-@ww|nWM7l5GUSNZz%JqtW;DwPKO}T0mW{K{_>wC6S#$p+P0nB z!!8}IQAG;%6rY|3GsMo#{4QUP&3AA`Cct|4-y^&ldg!Qm{U`h{C;@(oz z-9Rkb3s@9$GE8+VbJXzL`eFm}k%XZ}$ML*o7T56*D)M@qg9v1JQsK~fvI}oy0uz`j zGK}x+5gcR|WY=?{KA#@S=&!)Y!_+YsexIFdQzkE znh1wO5HUer_zeD0HRBr+87G>hU9`}h!wd+Z?bW*Gp0HX;82#vqZ@3b|i>9uSqjt$t z{AZfO_mYWak)8@8WnT5o+1-r*aSg8WJ-GzL470=@3p!0k?^Sf7#~?;>yYOenz#ubW z59*qmNg1-$QZ3SU^7JGYV=L!4Bv{f1*iG&CGTRkYMnYo`_?pdapB6G z7jS0&WJmT)DG@h9OX!YU4`nt)osH|PMY^5X8H`s>&a^1VK((FN0fGjD9OL?tXM?u8 zJ~<&AM!ROzJzevRq0(ZlC333wy`6G6G%HTl9dJI;D7G+BX|8^6scu>3{gJQ$PTr)^ ziZL+zD|hFkyk#>XZD%5PC7M}2N%o-PV?kQZ7#!ol^kT!M9G&K|&-m_LOid$bOA&Nv z3+3WkeMeUwCjmS3Ix6mtQsqiU35t1Mn_i%y6hj{xI=x9}(^IRb53_4{{DAZ+gIENs z7J40$hsi>c9e5cqZx7VSlYuLXl|*75-jMM7#8#hKV~QUaP3%|6x81zO9Spc97zxg3%@dtIrU_n zsbge<=|mFzt&za6peaX97vr$t{P1zmjq^mXm@{u3qo1LYq4HZV=LYeHAgQ5(P2jaC zP7ij7<1J6uxg#R0WW(O_$RHRRRs@A|kcAaFXdvByMIH4a+~y&tcJ8P{NcRYxn@B(M zyOQ5bG?1Vd@h6Gn!5!k`-{Gn7@ z{B#B-Q1-a}F$W9;9G+PCvt30)YugyXOkDL{jj+x`%Mc_%W^{eAhAPM-=%Mh|TK-ux zX$1UK>)v8CKVJj;G^qlV9sUG=Rz?1SelWT{dN)qE(ZnUAzLU}y{yCxRk;^1+HdY;*oT_7>?BO^;A zX@bpXwpX{~@DFbPjuE!LJWj89GvS}TRe7YD0Lym@S*h~ZRQgRdF*?MnPW?}f0|+~s zMx#weuCs}O%>mO`HhD%Mej`kf$)G9U!6~j793rw06Wg z4urgrao{#wYyR0`l=hFC!GrvWt*yve#x}i=l$N>0Z>pxC*-vOu^NTUx00N^S4<&@y-;@POl7iIZAx&SoiWl@wycOAK9vnECTuiN-55T}Gb zg2;W4ge*w;hI*X&Pgt6IgeB+tCRXSM>c(w{&3kX}NMvA|pd=n8Op1ZWANGgZVslso z(~#q(^6ZYKg{0W?I(M>8Idj=U0Jb4yG<6@~dJxD{c6M0=^ft?*nr~A@s#ImRAaU61!JJM(o~n8qygmflEN68<9EdQii)S8(;Rsg zLpx@w^N7Pz+Fkv##k~?C0=Hj^uOTsbb6g&aMWM^INERot>zY#*>OfX~P~4dLQn9u! zCat*lI-t9v_#cwr5R#Ep%6nxhJWur>+qG5fBQ=p$=J;N21s1B44Wf4>q=%E99S zi(a$f`hKI3<#1z8!}YGYCY~7ul>SU6)0^s-#W&5Qs2gv`F8R%`8WwhBvPDJG2xQqv zk`&E}qy$VHP>dkREHO(tyR)nWYCGDIQBoFf!GfzlYhIJn@RSuucX}-8==zg1QkgU2 zFbAxiL@6ZOUtq-y{;ObMC}Jrbu$%&@bmYRC7f@!>DWJlWPUNy0y znS7(Kfu59%`#JUIM&QgEZPxS(}pf?B@* zLw&v{zxF@X=jK%ZPfWkD@C%P#M^jXDA@*-U`vJ@!lyCaGiNg27VZ@ZgE)iSvc;NG* zc1lcXbO*8D4vqgr`bQ5&^XYs9hK!KDW$4`nW=KE2G{Y!DMtmOMamc+fwP5vAH-0VQ zK-=^)W|?HdK6T@R1a#VNR}1SlGJ%2c4F(~d-@AM>#R98p>n9&TG^i`i7KG0gR?kL% z#HAcCO3AX#8&xQID^dGYhIR3~X2uta63mB^Y>8@Ee#@obni9k6e+;~5$9V!%`ImFk zg~GO2=uz3GT*eN89j;siTe&sGorjlffePpcQ7k-Q*QHXl{8hFvIFWST<|uEl3Q{KI zn|<{&e^V8uI|eO64TXrZeg2mJ+B}BO`%Ftx7OKAxGDWn)3QNYGs*zcZ3j=#s3$Bg- z2h9)1&Y!Mk3uyb<+orJ<~=<4=bA0fkaEn|EjUR~|2q++5qhCD{LLwq$kYT3xMR zOWMiHZ%|q+@ag=#dfsC-h4|^`sMkLj|I$dqjB-sw5wJ4(VxOf3KWy0p7f-Wrvu z+XXO<=#6pq0Tt5SsEi-K=GPZiEB*`MXFcdY6+}Wnhf^!OXeFf60x~0Ao;^^DEu3%W z56UQok-zBKIT+1E+)c5zhqc8ltTI$ySIr{(p^zp~))_N=B4Gq9`!B*D8%AXSW7-l; z!w~Q8jhuy)Dmux;$wljU*Jj%J?orMQ#|eEwtOo{ir?rS=2-OJO)MMBKcz_gBki~d^ z7`<+=EM`cH_dFQC&eJ>&shBkWf%F2-@EcBzRlvFOLgRm(~v=R zo6!qY&wl^1Q0Q?jpbelA)n#cer`ZI}nIqULB`Wcv zd<`G_dY>9nUup`kHFPb%s###Z-GjB;d>ds)J{z0v4S=qcW0zO_q_Mo@m)W@Usiz|K zWNpFXpn4?f4La71%exN0`g^<9k^1<#{0KWVK;pdnQ1D5AF+_ITYi)(f?lrNALi{L3 zrTj_!0Wlkh)Es<-%83hb;&>2F4|WS`|x+n z+@R@VN%7NX@_>>?o{Fj3Q)|A%V63cdW;*9;ipyd*6_e&@#rvRa(Dac;at|yt`5jCB z?cIGQs&9tOEgB4UBE1s&$`uM+Q??K8UeIE*x zP}40D7P_ovHzg41uKL$R$61jK;UU19GQF}d)Bi&D6XB?3t0Ql2flwif7LJvjTwGK_ zUJoYn&~^)R9bCw^pgtXlYC4zwk=}iqe%v_wTAm|!3;G=1`s&qX1#E9k8GUvCamPFQ z3aO8@-)hTKOPrFLf2)fKxpb1r}V+UGORsO>#KQT-z zrt9$w9^*nkzp(0)MJtQ-a^M6D9@j&^%{_pwy zO36gI_IE%|=kuj4w%Ajk9z7qZs;nH1UPRr+!0CyT$MSwldndcZ`^stBWx^z~0Ew}^ zG$M|FT|rpA+4gnwhTI*FG7tg3fBXlz>~rUA#8oPYpCAwg%3r9*grvXAJXpg)70=&p zi%k=f@!$Lg*AlPq`DJP6PnXy}aA@Mr&L$HLSJ$m0z;?hQtG6oZ`+rN8pE~=vULAWq z%Dh`Es%f3u#d4j;*{}N-Pv=NI_J~IRq{tsF9aJ)jufg^Q^<{J0b)M+Wx4c6pde#Z zzj5XBXiSvl6>T?)(X=G)O*IbT)-&%=9YFJapNu)9 z9SyGx`3*1Y!|P!+y-M-yx$xqzt;hZcL&l7oOfH*SL$fQ%>F2g@;_?byV1}7@+j-8y zcy)eTr`xY?i-7&8S&?k~iUW^(p=mX0&h9C6UDRije|%PGEDdy}uI9Vr$A(Q1}+kagDsrA>hxWJPADgQpPr_EMXn9l=*BF&E@ls z1Lh77$tv$t_*Uh8Cr|ej=FdBJi-j8*>&`Xjjh36r)mOX89nzgu=%ufps*QF^lbiN! zRdOv)scZciLP~nWzuLfr8kW^`EXc3ycVn(NJF@`rDW@K@In?`n&)M8%?||$p?$;y0 zpV;lo51%IWL1TEko(9>&sB?07#IMyB|HiS9gRO5Z0Jx9GRjyZM?(iS{2ztD`mE0Fz zB0L`Jm!BZq9;I#9FI}kpuVPT&F4GP5Un{fTZW-oc$fhL=hl>g^&qxsJS-RJx2sK4* z?I6HQ&MaCE-j_UYQeRiOfXXO{T1mj4w*w8HFRPn__0JseS1;60xey;#qP8nJ<87hB zC8#tRP2ffb2|vVB_ULrW-%oh{#cR~AM#bVaeP?w8pC_)oTaFOQ$X(O;iU*X>GrMxI z+C3(TTLcfMU~y8qv`&>hq|4ZU(5s2(YKSaH>74FUi#AAtTC@h@U4Q(((yQ`m4t8}< zDh8Cq$BLF82Js4)ttM&RL(MBRg{W(UMP))zC&3IUNkbp|r*Q9`#&+-w$RketvdhP| zephxITv*%uD#-ZA+`fF^BlTDiD@W;7dE3_St^!mql`9LmGlXwBw{tpvC)=J;f@CYWr*nb9gJOrX>{)W`zK~!?}uZ z<$((X&il<_xe z3UxqU=W4nE#bz1T9{_}IDmvM9BL27pLaq^8NgwoYiI@@R5S0Ba7G?rulff5#QCVtUCn1et`I%3L$+~dges2W(;5v$+dzb zU9>fj4}+7_BSM1JKQKNfeR<$R=gBIk%%l!|Un}m6+sKd0o5%qPLjN0X z%J&;R5c zz4Er*3-*dli^Pk5@NyUj(bus9&{x0=l$bEbk3j#x7jUB_!mIyM)7!B6SW*X+h=J4V z;Rn^fG}+MT0ovRDJU;TdJsAU5n;!uP-BDn{h6p(3(iEND7C#(5U$TZW|8$=M$uG;> zw8^6rf_+a9rXACL;P-rCg8YIZ&C{?p0vcn2jr^63ct*fTm3T(LA=;=M>-rc?OR6gK zR;OR#!+UwCxbxU}aK2oA=HCiO7>C_J7*0D$^W&({_ebZjzcG}%f(w$)A=X&aR7fmN ztZTMWRx`Gn$J6eD>-oq_NC^pIV6nedyIByB1x>6=6%;f-R`n<&mds)43dS~8!pslY zV1XO#9~$#8@HrX-H^c?(y{hqv%KNmycJy*e-a+DtGzojEFadb4S<@0j9h5A-B!A-& z%Yep{B)3v6gl$%X!En_I`*q@E(6U1o7b_8|3*3y)WDi&}=7>x&BOXc4=}N$h$rfN2 zMugf)g1jbLYhtHg3k5NM%iA;JGdsm$YpOQ^-elAJ6hHW5rb?iowcbj~iE&$#Pv1R1(iP%m34ntpvt9WCPHH?_SOOK>OFnqZN5(8AmOzA8bO#gz?VBB0G2H5{=2YAl-{U5NC_f z(2M8||9N!8dw#&@alSd*%d?nJ7lmTmPob%bO{L|6la1~t;6Ml*Gg{!LZ5~}p<|3I) zakjC7<}dZV{NLDnr|!(ct=&3F#i`h~ZQIrp+jhlP#kOtRwr#uOiYm^tvp($e-P%5S z+xiW2j{9KrarG-HD58Sdft=klE}MzgSx0zwlGv2c1tSI4A`=}|e_9Fh34}#NSt(7N zC`htKawXw+1Yux@Jy~3J1fLkJsic0rYz1~HoN7JYsVy4hf5ZTL`;v_7p$TsTZou@uXw82(whU68B;iRX7RqZWAmM${YRB<}R6~ za403w<|;-^IaiaO$yBCa$>%>l7#mqeB(kZFf(+_^I*%~%dWMv0OcznJxU(>Vh{Ip> z)1ww-po08n0KH7Gr3qqX$Cun{VX*x!Y&YUe&SvRWxkw^9t0pVVmc$&j2T8U|!n2C? zpa6++o{Vlzm_lJ>(+~W$G#%iTLr{e$;oLXlS*rY=HhYp-w1Vvv{{$wb%I?m$1jhS0&K%o%L5JqyXz+?kWvKzn#gUfJ)N%dib*K|W)w zJq*?sA-cjct+l;E^Hd>5WglP{h`bnj(hE(+Se;CwdTl9B<|@`D5q(|E6dYlhBoqMA z-$4vq+>PAN%>Dy8&h9xO1|SPZ@{^AhSk%g8amLq8%Kboo0_MJBqG4gjn26Paf^><{ zxHwI%yrzsCYgZ`dPfYO8QMT1W7@;)Dz>DSJ4;h6P-N|J95?{csOGW~iNx&xlg-Y4I z7&|~zmlagcj4rlxzukC1cB=^VtcYM?>_;i$=(P^iPf{*pRjD4OJz>+Ev<@xkqNw_8 z&?YU1T39>x&6a#SN{)MHr5OR0B&%66+dFeJhI`VhR=(Wtz zqOCfUFCUKra`eUn`3Ocz_aecoB@VDsvO%N-5Zo-$2aZv!Vt2~duGLh< z&TLS^O7(Q+`*&))4D+>=rpqYW>_J1cv@r6XZU|63>l;E1o2i@X!^J`A(6WRh+|Y!F zzf`)A?hW8mnZfWXGa`Q@ZK&_HX6q&`l+8t2z#m?*Ut+1?;X+tW-O~{+;I%>sRLthD z3^!sVc7~OEnb#4z-)wR}kg=!C_hdE(Y0)B&k>tfKiOF5ICg)}+O^`)A(!rEiht34e z=ard}a3)RC6}M9zcTRa!tKmKEvcLxn(m_aNiZN|kF7{Fsoq4~{U4AN^znU7*Tv_Oh zF=MrAZycaDiKa8jGWz{Jo4eq_*HyAK#`FKei=2`w+6awbYVtG_5wCNXNTI_~1JDW- zMxXz(?rB;IpCrg-rY4#oD>-wvbc)=!RLdwl@uA1kMo<2OJ~0JCzT!~Y1bd?x) zK8z|1meL`Y&NaCJc4@qd)U3tsOv(A3C4oiJf*nQsDkvY&6VT&l^*+TCDN`6r`4&J~ z_U>jvL0e?F^aVPk!s=g+U)AWPNgYh#Hxz|pq8{ZEcv-PaR7_vk>3H>;n4`<aI0Vi@C!;=)i zNrRl;^Ls=rx3XrKnT?c`5~iq{Ede#}3??a&T#u@T-&kbcxFB&-$eywS&h%KyENEe6 z5P@BP9gd1khNXN}i54x%TYgGLi8sdKq_d(e+KslW5^_oYo;);+gM>^A*S!xqfd)zg zH-=(uO@pjKW^iRv`Ymj~BuhgEMQ4gF)T+#dCZD{AI`h)+t^EfpuDYDmtfLLUa$=e0 zDoGcjhOpMQba; zB1x$a*Ds=)=^`FV^e1*bJv#x@pAErYAIZ?5o~2^h3qfk^%X{%|b%4MV0o6V_r#pTe z#|7LvQdg8Bp4I!U$%YPL1^WtT5up-3(C#|sx(GcZn?{URqAq$pj|aSKq}Alak~5Vu zMPb$Elr>a>wP>jED6Cef%mo*;EjQGiR?uf5i}Z&N9}aUvzfjh~;_*UHnUU7zqLt}j zE|_h@t2vy^Hk~1ysLBa7o&Kw4cS%v*KQ~z8aO0813P{v4!hnJHj0%;9R1wg&`F{d@ z7~@&SxjP-SF-!3c`ZPJK>8#S3(1HJZ#y{&K;_HitDK%^V1iH@JF60h0r<)O7y4#Je zEol!lQo2w$sCsUq|1P|}KJ)I~ausje(M)NTQrB?;a8RM6oIE#@_6J?emReAA8ZrO?(%gu~e8by7Xm?=_r>QXICry9-U}1|? z(}q8A<;8H*>TdfGIVGp1na~r8-Tf0p=$&Mw0+X$JV_AIc(mRB1TTC}R|R=YMfo~zZ41(6 zJcLctntP|7x~~__6@ zA&n#19Bu?|1!xqp4JCt~#i}Z_uMBAP4)3aU9uWf)@>DJHMh_bsjpxV5~m~X$0*MZ*Mq6h;1-at#Y#j-3Nu+QHN88?84nt!yTh@ zpe4tu`&dSmQ7Xxt158)cjg=UjImCSD^A_2o zyZN*UteCN@jjyk-q=B!8v*4YxId}I$OA+c4Z{ElEvW2fEn0LSVy3I`w_CGy1eDFaM zzaW1fQDN(p(s=7IIOojE;2%`}N(sq7R>9*@i)i^>yi{RvUG0l&%h!EMXbX;OApMTW z@x99Uv4iLh89+h!hzCO7dq9plWElKt>L2BqY7|DCD9<=)_miROr!^q_RSrM6<{-In z-x=xVCWM!s{Q^2wpOFEh$2gZ-5Q(wh%yLal+(cZJK@$VAH-eSyc2`tqWgbBqiY;20 za((^}%Di|Awlb8~&j~||=kr>xf>sT^*zyU7FWc&}3-P7B6}qNr5NmZyQdsCz_VEqZ zplm?03--uPe=}y*E+)vI_%@&iad^da}y$utvFqf{mf4N)t)yRrqEmVtQOZm2E zSPM5Z{qXh!(Nd8oG-=19{E!`7%nVA;*jV2#0FK}9Fz$hnz|Q$a)2>MLfOQw``3z{m zaLY;a>BpHws#03KZVax896Xiu=?R3gI|MA}+wOc5qZ_yWYt4c&6X@n$+4h)<^HO3? zyYs|Uh;1Pg1A#xI^6?Mc(9vXfGX}J$;yMF1e&pyMgW_5}6?Dac3Pg`S4nXc@4?bcS z>Eun3g|ym#R4Yk)3I;3Fd0v*%tT-c5aI}!(u%){5;Vr{CfKnr=?`r}4FcS%LzEPqi z)5Y)>QBZX)wiS9TUYaggc#%Ok3YmtOrY{;~xlkWU@`+O`*o{ReeCilW6SM7s5KN8c zaABSD=#kjF*B3EA`$DyP?I-RRvUxxi^)FINTV)Fod$4t6xd8c+y%m5M7Kf|O1m+b= zy045q3+^$wMXaiv!M6**5WulE_sa}8Q$}ZO=N@HK!2Euu+uP*OwILEmWA6!LYtG2Ds3j#ThfwEg&`X@j+9u~=5 z@kSRmVdiSBoBR27%?l)F;85403b>ZL8f{d{vLfs&lb)rM2HDxt;!^gN_zBEk?Th8N z?`wfZRPcPwS}w&uUArE&mdAubzB6*Dqz$fgd&S@ef+#-HNxytjN+ z_8En4w!Fft$%dRrT54dPb;FBwzF=^yV|~EQ(r3Y82VbCK3gpdDatZf$@A~O;0FZTk z!|vFB%lqGB7Vufv5BDwC2E@}VC3gqm;y@bgR-f(P8{M=8&&ZQ|;a-Ot1P@}#=dEGz z2mgezANe?TX=!54xdX&oMFW%6gw#N5Xnun@_ zNd*YiQdoE?U2fSX-ULLG&Ck}iM7gX1J3|)!{`hXgDB|;VduPu=mHmmA8lQd&RE!kS zMbDu*G|>A74rK)Cvp;z*nQprFE%C}mx0)u=yT3&Rrb=+OUyYCuav$AzTBfTojD=oY zRIHnNt1YHwa5~*vX!8W)OHjMM3jqjST|U=u7Eylw&>JB=YIVL}(x%pxzj-=vcmZtD$lb!eY>xC z?nlx@g@p(Hruhw_k>X78`?cKjKRSRcV%JH`8!`dCV>R1%v$?c8vyMpe z?7dLr>Gz{Jv^8ip5ms6iAlgy#;1BOcJzf^JpBi=7jL^ilKGk-t2LE@IF`(x!hdg@~ z6x?ir72-fI246NoK){PfJ6PjcYPW6_7o6@`xB;4US)CAUn>2R(y3t6Iq|3lx{l*gZ z7rXe=q{$XL-z5nmr(!gOkssAy&-fvDNa* z@l4vxX;zDyC7Iej!g+a!P)EA#cI6=d9G_8cT9a=^w*AF(`+lb^W{$Z9lxph` zkM;vNkq6z>fnGbW%p13=F>^?dH~d6}qCkWV+t$q%$n|kV*@jKPA9Uvdk@E1ksjM?= z=}Q!RbVcLeFvE&Z)a9D`1p(~w^65TyE7efX;OoxexGTwOG7|oF?_>V|_Ux|w+2`W^ z4Ah+c>;H@XEci`ZwrY+91$_U}f4vL)xexg-GlW6@ErPn7?Uil#sVg!ts0D)R9{jrt zcNSOoTL{4Exk^Ou6>>T;2a$JXEVau&dR!5=*QJmC%D0M4-Z8lV8_J-?j3F9M=KJiy zkp562Z1}j(*qXP27oi*M@O)YJ)h7FSJpT}Fv6=C>bxyl67pq{u)WGvx>oPkz`_6F` z$QTtw$maco*&9<4+vwAD{<20Em2~w{H7k?bsLGK*f7#Jmj0s9S!|rO5If4hqyK?1H zkGorV)}A=y?QyGr~l>r(deZ#-Sp!w%Mdm~UFILLrw>gYfoas(6EAzrvpZTY z4{QxbXXOk!;TqWa@}N~nlCSpdgAKie&3I>?EtL=R+yk0|CYxGU#!T9pi!zu4!I3I- z^}KtAmuaf0Xrl?yjm6_p{FR_@=QA6TDT$Ktj;bp}(OsQZC)WwyA>u-yW(=?S5lj0> z9JA4VPfQt36oKb7;Hz%zEl@#;f>3CiDav0t?$^8keHkT4$k9+lP2-kE#3WNVz<`E_ z*ITXR8HFcToq&Yj&5dy<)7zT3hG*F~*zq&&sVnYbZ|5%%N-_6Fu;K`KEr{#G3*;ZZ zz03w$=E7CzwE3*afm6^5wTyPgnBX=p%i;@J!qo|4)^lyc)*js>N=tUY#_0bdUEL7= zO+Y@7G#t&9`^5O;Sn;QzTFR=>#9j^dYmag~TGKD+z%V00r#4+P6 zc&^uU#dBFP(#c+u^BbIBAuR0K^vmgKnTE=abOV|?8e1=jcRL5TaIHOW4Y50M_!?wV zer$bY0(qVwqE1xGV|QU&WF$KxO`Y+lx7zZTwpN}9@8d{qc*ls96GLUHSMgfb2kWdp z-zEU2uxpmrQT*Sj_}e%9oj9)pK0G7#<@8?gJb9O@(@&M{bXNm^BuW#qXQho2}XMrIno$6H(5Hhp*=HN<$RO zM+Wg2i5{XB(+qt%Hx$sUI9F*sH0~2eQ#Q~pBLs=&rd*j=JwQ}zIe55DdY)hToRX(^ zjvHE7l+BiTvv>-%^)uaRGoUTtdD6R|g!OPy)1eR}^2SzJaO@g)s2QrMYrPZ5c0Kg_ zXq__$=aiWE?nVDnnd4jz4?lz3FKE|*AMB}a(@rT*F(^@e3{T$#qiXzWZ#4&tD$V{i zi$xDYz1cbNlh?Ypo_Kp%oIKktM}j_4TJ-+U(!s*{7NQ`2AJ5z0)BUG~GjrkadjH4s zy*NJu?Vl&)%O3OPOEh{tyzftKOG8DNaU7J=7*!SUY|qkly2sIS(56|WITR_!nb6c` zUMiA#EI3K}5|DaT_@cM+nH8?iuC#6j4$FCvahscsIJDnZyfQjd0ae)XomX_L-MsOLa$!!iC5R&zm=Ldoe!1xu6rWzIASt8kc$csk}eaGEB2vz zrs4#?yo;sIYA;e%QPocsynOA7HyKyh`Xn|@h0@0{3dk+O9eO#rq!LL* zZPlCZUz$4T5^Z^s!d*~dRTL+?+qJ=Zb!wNTUap93$7UCGs9knH`jiv~4YbuA&^{4$cJTas4Ho2gpYK(lKkA7a!9?`5Rq`Q3jw9gs z00kr92kf}}>_r}YkcRU5`Px_GUs(!v%QqLnG^t+PUzCq|!+=*S)P3{)b(I}GFwje$ zOnUCVe*~Z8{_bl)byAV)MPROgr+OUFi{-@)cqZ&;AP!tQFo+4SeMjARMyhBLF;7Yr zqL))K6nl#)D&5TL3CpkeH@TBejZ$6TN#`W^mJ|1k2euM&`w)iaIm!R)MfJzG6QG0> z+P72qI8g&mkJfSGX>@nwGMueC{9F3J!)H#-DNTHX(Qu64pY@)0xmR|rc|C0UxP4;8Hpcel__KCi}$v$HfSnWIz z^7|3^*n9W(-uq6p+;1smEqh9HsHP^&BtJxXD)3Bg2jed`d|2am`2OPAVb}o0clv?Q z90yW6K2aCVNK}T~d(~{^=c{pcnGds9DVFn|V><~&IcDvStUh5X0)S*+`C~pY2Lhs2 zX1`4YERjf46|*l?_vL9TzGX~FyBp&092TGeOX8{I!H?wF5R^y$lPN0QqJsq}99l{X z7yE(5z2PaPKvYyFyurr|9eS*h@`Wpi(*(mP$Bj8n5>lYE!TBCn$8XU0dGqW}`I;A{ zdkg9w59ED^{|Ni+`EbYn7qP628@vyF`b;AvHRS++oWa)+~ub z{MqLw8ghGt?L#e1!u`V#0|WA4stM78oDpjuXU?3D)Ss7+)JY|rh);1+-~)34aqzA$ zQs6^FFg^GA#Q!nxkmXVXJ;sWRoM0FlN~fTGGPuT3jxngFK6}FdfrJ~e^~=3p_)8)x zWDbJc&yy^OiSb2H698$1!n!$j2mzEt(vJ)us|K!MKI8N~tpU#$2By{|59oTGaHrOQ zH#hnwpSOHlTc538gokYl{YpQBe#F3(JafVe)e`nCrMuj6@`GI9RLWyskPPP=mJmH` zhXQ}B3kDm86_Bw-+0hAUl?FPEv5Mf6NrbB4gO8QR!QR*IHk1rkN*iEAKh2f(=)!jQ zruuw(sp&DT5tBIwbBHyRWI*(1qao!#YsSkFGfpZLR_TgvtiB>8{}ZNU<)Hm}uQC4svs1HCcxgk!Yr}9ceUA+V{Xck%-tO&az+-NlGF??F10 zWjFuOSit-b31@S)rP>4G!`NJCuOdwV8pc#jqByy2y=igXM)ay-4dE@?TPg8ajtLl1 zDyP$6LlnE55y*r3{LcMtf&vDg_JUrA@k@8}4ak9+f-px?d?+k`Qgr64l*A5^hfVO3 zMMEktgsKfstr!8jhyzJlO(xH6b!cfk$CS8#1wi*rJdH|^pVZn3(dyOISQP>x%3&;g2L=l%{@UZ|w8M8Q;yhpx4Fz z%82MvdP6jt?I@#`E-|ytFT8BLFkwd`=#;T?Pi_088hTf$OvcO2Rg3^7&@D;`R8^B* z8S8rjZX@;M)}ZVZ(Q$!OIvVs@Hd>1A^n#xkpr#>(`3zA);BneqrM7JHm}D~8GsT03JR2zwRLbKY z)Jsq=2Bv0_F5{6ZH>Ua^kvPkNIus(TlpsI#z*b2&0N@tZ zJh81ddg~O`(S!C>+-4pn%ap>iTGC?NaSYKrAXHlv+>3a3av(S-$=Ft;Y2^Br-C*aX z8K6%*{Oa7%$9`E4az+0bbEe28t5^?-E+OJet#3R^G0maH64H~M7Zt5|D%AT{`~C)` z2P~R=gk_R#AI02lghT&00V6-=tAJ|=*1X1XPcQ~(EZ$n<3lI39s@5%4Ci-heOz-hEU4*;EU~NeoL82~D1cJZ?xQKq0^q>#0b1%Th+uSEc zluIEIe`MnM7B}&k9rLtP@V}B?0QsL8shC)B#=>=ffVhPMP7hP79%!Q`T2%6cl9F6C z73}rk2Fc7*aKd?be-FV*9)0)bMHaH^Qxlg@Mx&7(Aky@##0?Qvr}|a1VM{OE>^7Z| zUa9@;g;GglpvlO0+@9|C6GuK;n*4x2iQqa$v8|RM$kl6)^f0Z9H=JY~Lnt znxKzQ(J6-5i?*GAbmxOGAfT>62a>^{YO>Xy7_vF zL{7_S9l1&>YD zjWxY?+#M7}ih1aBIKvw@tIWk*9I*4LCt3o9+_rE&DmlVc5oYvcu87J{)B1up+bu4q z($+Ku-t1-&P3k1E;sS(a5$UUT)co9(Nzy3iS|~CruvriVf{IgO_7o{vQclX_u4#9g zRa_T6W;h_BTCnkK5r)kR#lG?qbIvOHKCQP<1jYE{?VN6D;`XBpq zc`N)p?fLV=TwfpDXlV%&O>o3z77vplk@~mMG+JzxsY?u$e*XAfV*aJX zt8VsGuL3Fm@f(wTv>M|KY)!RCSV~9xPFzQ)x#sssr>B`evNl);u z0*Zu|6$z!l94ZC5Y^Rd8_i#x5hzNN~;I@Ja=J!-GbCLVXfA9z zJ2!pCv5cXfUZ|15?&Tu5iXf`2%lnA0^((-pd`tbb4iCNA_6s@nB`?S%T&qvoQcPTe zv$s`FLIPww!8{C1^ijJ8S54{fh23;I|DJMh5?51`%g&W330pCoS7-e$z`e=ftoBxu8B+N8?UztK_wVeNgoD zaO>W?=Oop!qe&9@RbWd2X^A^tNrKkVV&YIU%KqD#H3ML6+GZR(qN?vu&PIWRadh8E zIS_g_S!zScW5W8awBSQE6CT+8fqWBWdzgw?bkXqD4H-O3H(|VhsU(e=UUStC$0Iu< z&yJj!=Mk7BO!G@x!YA3TE0)vKIMODi?f~$aeMnmt+L;L-Tm8zf* z4CGIfR;Fdl==z@=vXGphN8D84jTgzMjxTCEgFaF_cH)A54%L31xfFlij>M-UmE;qN z*1fWhMK#A&jFPPBCud3z-+}=(wT$bBI4cK)%7n4~p^#)*D z+05$VI{;9#XC!x3wbhXVAxbb0#(sF!8A@43*giMMmAw5m0wATvjWAyl)L~E=HLZTI zHQ;+5yxUkVRiAXwf$z2seHg&Dwyt;juUlb1#}!SpE*R(tOKDZV+MZFETSeh!cxfmG zRPU&Ou4@&8E8mYJI2LHA_X7ooun!@~gB#Y@xv^cv4lI=MDw7^HRh8bJgmQ3!`LZtB zDLI5D0*^?`j+U7UlN+~iIc^@t$116f!a%X&pi8FaBsLxoK@by))d zB>7xaOci5J)h_lpXoDS6$5*;^W}ky8gTPQqzkVeCmn~-ppEC7d(+_n4!z7rfN#gVF z1B*zISIsP{uws|TIc|AghBoc-@_P4bW(kKO;=B_T_?r(VXedQ5-W=^yH8^IX4{quf zErV57b8`5duFaG=!tuojy)=ybxXungTX!p%-+{G<2~IlPuU0i^wG_{9e?v1$1@gpr z>*UZ2PCUJrXF0R1gpQy#{zapo?US_ABqnZzXgtx5T{ogHY8PB&={W_@ak%)tE_)k7 zSHpz<_7_DT3aXOfMji55?#8u9`8N~Kb3zG87;aGqICa)i5)U-A{?&zk|Jrn|f495W zL=@T#8%K=Gm9bVJh0DU*GO$_A0@}AieZ4{|tO=$LHpecczpMZ(1qJL>Z$+vBoS;(avKqZU9>;a|sE?l9Nj?-p4q0&gFx|T&&hfX4>}#Zc zdx$z=(kXdV;1m5qg1x*2>nma!glZ>Z8tRnW$BIOLen9j`Z z*TxN>rd5QPV%TkB{1l|}rd18g(s@=xR1!!YLVYB5NN zoIb*qxl=6bZSsmsJN8fO(;$j{qKj5+^Tb&*>RqcKxUWXk>RGToA`F_)=yy(@54!YL zdWA)Y($h?VFBJk1=u@<4^^lD)Np&@uPy4wbItWfhnT;|Nf9mXjFLPgANuPD6U?}|U zU)#_>4V-{S=d(?EYhP_`52kC~U7}a77f> zLyy(IpYejs9{@G&ALRaR=Eu(x!Yb2?#NY(KGn&mWP$|PZpSrDj@7c6XaI+n^=OwEI zcR{ix474rVs`UH>++_5Vymk;86qL;2Y80jyJC8Sw0J0S=aJ59M?r8CST&Nxw%w@ZI zi6Y7Vij(JzFA+3U*{nxdS$X=>u9PDxn#%JpU{?p5NZ=iv*Ui7TLy7cp<$`zyX(Up8 zzW8kE)fXQkcWG!=`O3Q^pKjHZ-)+o%VXx;gyGTwk%0@cMwJ#F%9q#A2yzeYk$-{4W zZu`+UvM|r1B(o^X`o8A&1V7x~DleCBGqhXi^4uO8Rh~K}kJ{s(zP#RAyP{2B;i<0p zsr?Pu*j;vdeUIh_z$$8Mqcc`N`7yOX6!NKfdtq&KpB^`RH8d&x88jJJ7}K6wO6;GZ zo9$muecO5TI>i)q$vkgSCbu)Y)gYz2jM|mflb~ubKV`KaqdZqN*16fgt7%Y{<%b1) zJZw;G#^^=mBkS}ZwXmN;rGzs^Hyl1$r-@w>-gh8$s$Z(z2R`zQ!H(1nB%3LtxY?T@ zyZ(inrTtTpq%L3WAQvPuy(BBz(w1W94-oj_YVk=L{xjm-)l4G0!kgk8sy>HK=E!OI-p)#4qhd9cJo}^>4Sk* zEnW72gS7(O(}emvW6fn}>v|;pC-(R+{A;?kncosyR`xh^nn!}uRx`+M$N8Nd@rMbqAH07M zi|0Bc;(smoL+DDJ!;9qEBXu0Fh^)ctI`=fV-|>*Z(-x*)iEzegP0Fi;cZt(^Lj67c zI(c)q@krCKdh@4&v1-=V|09~5sn@|?$AoX@9iEc1J|0o8GGWL!((K6KF+rM(FtH{2 z6Mdlj2W96#t752zT+Pn4VCTf#>rUKPnOH()aV>Q1A`tSO{nNpL3G2%Lzv=z|KfRyy zo!(FUPkR49jNiLDfcCNPyTn^z2>AY(_4&P^!nID~VVp3ZWNFNB_G6xtw#e|V7v)Jc zs3C2OQz+Xa=glXz?+^Tk+>g%vnsNtm{A(yJhhwJh_QD6B?La4`+@&u`{&oLY^O|9h zCPOZKGQSjOhwc>{B>!SL2KTsc`HyqtxcqXZ;#unBXURQ_-#SIy`k0uZilkbZ=mN!i z88w)m3sr?1T(Hb9k2jPAOAt~@Uc?C)(?>R{EK10N_>am(|078gj)PF@vmmVyreC!0 z=D@p_v&*)<&#xQFuQQT0@BWz+;H)1$(8$5U{Y>X$F8HH2}pk?ymFD8xD z*wgznE`h(C0}Q)@Wn$v&R)qu?I}#GJ1sG1&qAWOpEkN`;c^qT32CW?f?&0iK7;y5F zEFPu7bAWWzm^z2Ic3=1YwvPX+O%r&KT+(#RcLbqR7o&CwJl|b{`~u!2Ia~sX{cw*% zQpstNHozs(V_=Uw6Tx286pG-y5Rh)6<0+6##gUlJtYnVgB)Sw5a~zU_N}A;uu!pa; z=d3WGaLG*0!gX6SL^nxe;=c^KhzFnVe)cAlC1is#!NCRpJ=q9rO2qu>7-PYjo6v`! zo4`dahLlTbM)(zV40Z5gAWryIMJPA-elPf@=#=qP6**GTaPXA8q)6oPoMPOf>+ywzip&7-8O;&*yQQk3o z^sE1y@$0w6oLu_5yVo^*x#tP&y#HTg{J;OFFn(3-VLFqBT+^MC$NuGz&OjVb%kLKN zIBragd+s~{)e$^R@s&7cM}e7mRVFZ9(2wEKR|T}VUei8>j>agMoYZ&5ycyEw)1z#j z6Q2794;7@LI|4OUui6OqM|xY(O{#y~ug3j_$eT&@p|cWKC}>6(*v54U{)8%PN zmJ7%M9o%ezsFrQ&bnPW4^80dRFVqg(m1R#0dbZGJErvJQlEX#DPO)l_q~U3IiJMLl5>`=U4`hPkJegiD@X|J zx&U>0I?jW-O49Q>q zLaS;!9Kpiy0x?CT@v|vO($Z^$FO$TD@&Qa~IUix01v!%&)bI~V zJ;6jN376`UQ?uUXAcv6|nw#hZ^$=}|0F3jj49TSDFQY3+p$(3Sgwt>fuz9MoX(`+e zx;v30bSci6pXF=k4U&s*6RI4$3GQ4HMLIml32i~($FE@P}cOrk`Q!^O!-elkna zEpIJfp-{u%$plA&%VY-x4$*TGVpvp|RK#b}dg1uP)@$uiXhofgej1n1u%}yCp4yTk zC>%*k+~(x+Di)T}YppmgtX!klwgIA5TNT({BwzZ4u-RwlgY=H-i*%*pbdFhE0Q#Zq z5xp9fJeiO~$aM@XVm-~9sDS%H8ETf5*i|tV$!443bp=?~^l%Osa7~bG+Srtq%=7(@gV4fwc|geIVaSlYXj`(6NJjZ+YW!>z=Q=ZiDMj)dfH+Z%r@N|11-7Q zlsE9q?CK$B=SyuQ3g)V1q2&!`JasOdx@2h$w46H`7-2Q@Vj>uSrSlp;yf4F+N0X8X zsYtiyTz*2MG@SIbOsWSkI%eymDvUqu*seUJBi7w23QHx`>R6pNjhlp3>_J{gzB#*N zp2dO+ukC_GD!Pvb_m&8lQDh^&nUn`~yN`*`J^*w& zUcwLEH6Im-L~1i(87I$+2$LA`>5HFio%EKCl04F(<66x!F6_Y`Re>wbgOMK3FhwS4 zv;uwZU3Mfk41{mNV*__f6oad zfx*cR*tM641bu-TDOY!6;(W5jnPYx%4m?_wU4@;v98Gvc{iAYr@LysD$`&|c;EEwO zX@5axg(Y-?-ILwa1Ut6xTeZh3(X4(`Eb&N#azHEH+&%J)kvYhcp4t@7tQFHD zkx?SGUD0FOBg(h*OCVI!DgnjP;6*VM*ETF(y=}nmUBr}J#eXG(eyy%}!A4an_yWwl zAuvskhfw}s)wOd25TO*KcV}}2?a^$RdeGebSsE08M=uM&M4_^H%OUAxxW5$Iqy-}k&@wA<>z8S*eRM_TWEUQVh#t~yO$wC_>#DC7JSj23BQ zy^WAb&5Tc1S1BDv5{1-J48!-Q05^Wl)w!eO}XQW zO&L5G;c>*%c%HVKH0TZ^Hba|;MY^3+;h46bizY~nhe{0B}m z9s%9qM&2NloZ)s|5%yaF-ubN4o_+$jtW14_*vcxV3w$NUIu{Gpr^4Cb_DugQ;AggK zjAF!Bjw|U6-8Q?5h#7vl|2&2;6<47QM=K$!G~AvBRCvl31n5|L6B583%QMg2Y^RJ` zjcYQdDA-JAkja}zIDcZDl(mY`+?`cz_A17mG4iL6#=>l*;olJZhyV5Q{@y>uq{WCg0oSRZgQ8rhD#Fz z6Ef1?eI@O9(9w9l88N#qM^lMBC#I!T|11>JMU>TkGF0wWEm${@&nnxf`3M16gfOS& z{Tno^;-V@aa!jeeZyNvIVv0;?wpDv1pPN~HgV=>)qU|O5P#C{dfqinP882InGD3m6 z-=LIgt9)x!LOdRG6ht2_Z6e{)F*l)3tO8o~JyHMW71NdH>ASZ66szXMX_;3$Jn+@} zxNa^Z8U%q3rPKd>f*_>}o=F^#@Ap7}4XoxV;l}e*Yhxl*ao1Uh+rzCg$Ss5E{PI9< zA^{|kLAUNwydq&V0@jPQqnw*6+P{d@sxIML+a+9IB$vZT9SaWG>#N9ONVSKVg4k%Z zh+9Qaz%8QHlsVOeHu#5k04c6cRPzxayKs&}fQO02sKGjX-6zVImNB3fh5oo_;Vty@ zH{D-Ly_)#`6hIpX3#B;V&JGX*_)a9)Ze88D10EvQTud#vrhgRjTt>9{yZA?1M2~p? zj#~xeKY_112<(vHPsg%0Q9q(!$LEZXGn3mg-JdYWD-FAq)YJyDTHtO|1#U`jQ(9~O z4fZwy&rHHGK+%)3>w_J=9<1!wn_cZ)c+2njKGcCe7xdxeB?lSQpBzaeGBdT7*l?ZO z9AwI0xf1j%8$Oh zDX2y@m&?uWsz_jzxoSdvMOm{SdigX1y$I>Nm2=SUjF;}W3Sc;fUPQ1h!%}f@$MI|q z$>dY=Ye(cuhi2Z(jxG%t+(Yqoxw}NkyZ0@e`{0mE20^fqH|-F0un!;$Qo4U1xYX!@ zVKi?}o~#AXnFXfN$&`qAOGkm@bIIF~iA|<^hZrFl)+cTTP6AF^r^IWQd@Fv~r%Wdy zC0|B zdEpA%POmwC;*p+;el*FKSNlHtNHI7K5s~GURg9ML<#r#ONDqLQnjx!NyB?b6mRevP zuzx4?p>Qb{#GrPcP38HcK`+4roxvt*i;e-$k07-0_&0NT{CkMo(MT5wreJ(ZW_#ZX z97BdkgQj3M{#42on9yMhnpXq)B%)P1FeQGjOI&`E^?JKPx-L1`+(50VOinkk;7ozZ zel(jhkN!s4@$SBcf_&v;LFm`5f%Cfo0|R_`Cw(Yk@t9(T2wt*f);1c}Z&S#U)Xugt zw36Bz{->CjYU#6^2U96Y1j1>6Nx)O|_q%wPYEUmnP#+)9f{wKWF|xlf`rC;fal)aj zjwy4gvAaFN76D1R+FWvSTsv(MOmtlr;RcrJL-N`T-Xcz3mFK{9Mg#9B~kow+y|O!`KRGG+gu|D*=H5V{#P74|`Fcqpm-tg5N#+5~tHL&A<;6N4;has^Ws|VE@ zgkih^0fHlTi|a*|0okQTs}@fT8dI3roJVRlX)@O^i`N?{-%hIwuVe zZ=WHB=y&rA93QuVYoWbV%cqzH<}-g)Sx8IbfN@8Ey2+gN^&fFet+f89mqo5s;8jA? z-kd-;zn?D}_(-}4Mk%}@L!)xT6C)Cq)7x6`khMOPO!^8WGv=#sOz;3?_4MRHz8h&c zj&m$kYRYPle)0ce?46$@fADzgIFpGvv2EM7ZQGgHwvCCMiEZ1qW`c=r^waa*-P)~N zPu;q|1;Nt@60A2;!-xXzGm2CktkmT~^9ycjtILv|!luaM zH-Fi2)6e^$iIrJcbbuNo)$YVWQb}||j-xA+eV->xGHrPr2-^aik&6(1Zg;-Yvi4#oJz(w!Gbe=^{W|!r_ijH!C}pn14y)2 z$MLP;Pvp!>i9s(3LlHhCVy@XQWXI0iLBs`mUdl$1#|d~)UEcj8;)eZu{s`=&(1}DxixI}1Ry-m}3~IlfiC4E#9J8#22r5*Y29MmW%r`TN#FCDA(gx*>Lf4RY z3HeF$2XVHW4hKb~7$oKaKE}4hmC_}PzbnUkDa%Jkl>Yo;Gq?18z>Dmvev*{h&g}J% ziI!sOqCFoq-LU!$0*xUouQJnX?t>UqdFB^=vENwk(RkIdl@UEXFHd1rWbtLC*6Vme_Ep+iDd2QsKjib!V4#-?ON6^XtHVu-1C-wn zE6UX&5ZQ5N+8Z_yES(TQPY5?MbZMc7+xeAA_`QZyOm#6SehH^Ep%IzKM0nThI?8rE z1K44?JLS1%YbkCXj_$Q}4cvaaH$Bxpt*#%&eAEKa0XpP>WcNdV0#EAn4umynM~(gA zUyz3LI**&$3`;eCyvCP1YRr9_`A+dC{>}BxW2iqB^d`hLyPq@LCsgO(sMRjsr{h+Q7hceMRY#!H7g+*It6GIUt%ZG zrd+5FoTg9aEa>Ls&QlYoYl<$1`_wGFO2I@JpxDPx2x)|hg;|Rb%UW(?>%?ZozjGvbDN?^={%foo%p+HN8nq|!*HDl8FzCCanP%orU27J+irbV z(3R=^?W5Sr!+UZ*`A;H`v_sv~|Uc-Ce7cd~{=ft*Q89})N#v*;Lm=yQ7}12R*~got4CRQE+0gscKj&aC3w znMQ=G9mmhDaq$$oFX>$^Yhdl6OAj(#E;Wir4*Y8L?bywykjcYR-N zkF!6YfYYTP$50sE9UrT4C&&E(&UbL0!OlQ6iQ>_}mrG$g|GQjbS%m5@Q~0PB6j%;( z`$AUWWUKo~rW=xQ`W2H~$#wJZcuD3Z)ysBwTT#pBK%G{y_+xOwzwkp*m$7riu!>>4 z32Q5iY#scI=e6Vab4smt63c8R9~xl8%DRksaAGvos`-BgOZgntOd~ST;XY}LL5VYn z!H(C(t&0_)44MH(`?FFNgSn=BG8Yr#F9~G8sZwkQuCa6GRM=ie1}Rl?$9Qz6?%aF| zJd7hA`M~_BE*Z14?gKS^Dz%1_St#>-Rn#D@GN?g5#~&^_8SKVAHmYb(jKmMVXA5Q? zZ~@Shd+twr$Z+oH0DFENqp7I9ED#~1KJ@VJ|e zIyo{uCRf*Isfi&;)|>L2KIWG=mGT6jfsSHfCNZ`mgw^FoJ~Z_?Jvlyoy^V|5ZxQw- zS_O;jo&wBVY?Vl(<^?$zX7LIuWQzl&!I_4RjT`)P%1^2NSdHYJ3<*tAg^}Uud=5Uw zpgSv!>$U+p7x0hZsAsK{H1&M#x6QAcc*w48*8Slk`xae4IIZjnSx&d^Z)FHx-$Pyy zvs-cf%XFkmbp}vslq#JH2Z~`UlzTwI?TJ~JnXOQfTObDgH5Nrnj7Wd@pC!zM&rGw^ zm4!dpwPa?9yFG{xYD0HC+JCjLR~!y}NLikUw`dLHE8ScXG@mu2%e0YmT@t_!LvtXr z`}IwkrxNKtn;DV+?iN<5WjMv_X!4rpX4hzf(~NHIQf_eSu>WdX8=Z`=Rv-zDc6Tq# zAT9;H;ZL9Ll)dS_>XGc(D+4Lak1{i3Evxe{1EeI#d9nKqZ1@ch<=)gH2s4cvmhA77 zE8ownX%908*?>kPlT`a3KiQZ92wowA8o0IsU{0fVGz`O{p=%k~r)a+$Ws5wNuDlk{ zUq%@@LKpgKru_h1nF5$v8Pg1)bOHfPYo6Mzfb*+MUf?;*Ga}EoJ@u%)+^|({XDoHB z>x_#nt>C`Ks@q=VLeKT|%Q)Lj;8Tl;iq7N}yL6Y8ectns$^|nlT7`j`)#-k7?H0XS z6@f!G)egdg87@n}t-A)fp8_uEVJ_*pqn64~CoZ^N+g#T3S{mGa?cmbvkUs?>;%Phf zmajZb2rcKGmHVX_9hbC^C$$B~5Ne$sMjU#biSs$Q4-VV)+RpbjqS{&Ne8_3?8%nd` z&HYxghzh#OYV1zGQ)S^FYF?=;goeD!zSe^ch6$nHRU02!a|k{tKu&RyY+K_af*yFq zij_3o))h`Sxf<)iH$TU6+qgO`eI#KVtLH_0<({_UO0AS&MP|5u4SOFnkfjZwBEuM< zQpFkGutUU|nb&dc_p~}q^Jk@Y7q57IjfxfN`o5upjKHwNx1s83)_JAD)pCYXE>oPq=Sc@y7PMSm zI|$_K&@5o;OW2sjwo*fZ?ow(J^Fx-z=OO)gUCfTnij(-bkDLN_TWGxEhtHNhiZpe? z7gRd*jp$yRo2komyOYe@Y;E`+3Lh#@nOdsR+ab5DvzUgK9ZsYj1>Uh`3dH;UTbkz< zJ~rvXw9VYL;hQ_`dvUGNw~hFgthIXxWmif|Csa##$}417n(AwHJUDv7xKH&FZmNDh zlEM0RwrRQQg+DB9(f-=mY5Rt!X@*f{(~a-UYlfX=-o5@>l5|vPrOyMJ6Zw#S`8C(0 z=jLSR;f$llffgBBl_zS0J9UlN?x;;eTgw2Q4KckwpSmWm`TI`A{mAdeqg9z_|HjeB zmwczjvr>`fjxYuRd5+A=Do^8Wp)MkZjox==UQL&nn~C4C&?|sU-zcpz#MVN;7ZU)k zJ=b}5E5CQ?Fr7Ya_CmA9q?pQ^{Ii9o>={gV8nSkg%kI$YMS9?_=f&N<&UyfCwhf;` zf<-rLkNq7u=MWc`HSNbD6qw^z5%nzX{^Z~3xtAGDWU1c$#bj1V4$=&4kv!UI<2Xvq ziX};3bQ|?#emtwu;RTyvJ&Nyyxu#2OSKA#2Dc0I_yGD6fyNos7aW^R)hfvfK&&8!Y zEcL6bGE6RE?={Ih?k2c(g6w)h`jxqOdg%|`-uH5o# zSaeGbdnN{dG%#k#y&Xu5@wO%+@0b~{TK=NR(QfVV;UV+>v7bpxba+!;>Cq`wZ8O`d z*tUv=u1%^|ueYB6iJ2(Rni%4UV zoaEqst^vAt`kg!h1m}2H1bpX!w`W^>KyCM?P0+8|Hv1lNraqHW;gu#rO=iycgbt*x zJH;W}XB^lj?I64q@YL>w9}nzP8vzJz?n?L9FJO6{698AkeDyKFNATc>^=Eo_@J{f1 zZ~W|WA|M}>uH$Ye;ZRlP-Q|lf7(9%~8sNn~f!;oCo~*8M!39&oHnm8WC z`bcSNggtH^qyMQ2bT;F*6htuYx;x6f1h`4k`D5}C%l3c(Q*5$~!c@Wu zM6h^XDx<`{TAhO&GZ1_|@whRrfb#$eq&<2#8_==itYM~7`jqq#eor5wY(6QB_#J);hr@6HpUb!-|`klZtPITvZ}pSD{I7dA}MF& zG|u?jhZDIoWn7o|o}r!l98GXo0aQj{0T^qDLkudJzIs~)lhI|P!o?5hS{*bNpNOJw zqrqRD?`D6@_}lqv7l8ll0N}0M_2S_PYQY5n)2*(t%o&st7}t8*|$n{;tnr7uSo(d zRa6m}>jTL3iZ}$msp%@Dt~4d5=Y8LO`FPwHc!Ozxd8tKtW5oxjxd4nptGxj}lRuze z{0Z{No_cXgG_~F0ELoQA;*&?7?hI!88!i)#lo42SanD3e)v;|5=4iW(+)6{&hdx)a z?CjeCh=^VfAO7zNfJ1%$Dis{I438+t-_X1!x*!Suu4goY`wZn$+{)s1Zog}f4AEsb z)Ke?56j#diLZ(+(dM(Ww`-)qV=i8HUTGAeBaGb3)nnSp%w3HwdTZ%|m_Qa~a*ya(M zRODsqR_<%$_f_U?VfR*CmmZvP!yn>Y*EMBoHEftp zp0>f6+q)VFaWROEY!#A#C)n#Tz?r`u;}(c3Fl;NK<-X#L7T?T8m%@hJ^RVj)tGBKi zz&L)y{m}e#CH9S-^xf`w7?Rk)+6LXM`Ly`)yEzt@e3D`=YrCi_pcb}_z4+tKF{s8##17EgBT$4x}U>2#m3Yx-Ujg(Lla?-&x z+~xyMDIzk26JdnL1HUrH;G;VXQ)1kO?vLkl`e~5Qyt6`fFr+fP?%IBs+oE+_5Jlbi z+q^;S=-onCOD9QAfMf>00Q?ac<~_lHhqrQMlYt>lxqSY`{owXa)P3vr?vv%k1GunD?476m#UeDL z--VW2`<|am5E|oFuRG%ZMk1ZBa}J13r(p2&IZ+sNebaOW2=Lbo0joF!c>HUC%fm*o znQ7kSeg$6BgOaR2fyY|CSUD%ivtuFV`)t#Up&zs9Pz9P8%39~{e%x;i&SbS&^=o9S zS}Di0L`uS+15Tr5H@3W`gBcYYkcM^Fe25V6=KTcDxzW5u6@*J*J`@hr2R+;Bb2h&z z^QOWK<0+%u4~hNCB<9J<-I?}b3J&Bz6OA{h^inq=^?TbH24gXe=x2xOb^Kg4`OGY@~?TXN%^tndTmywFaPwCg$T>^+pa>60XA=T4d zAvZj9RBLAwf0sd_BexY|;kO7H6L!|qa^!<55k;bgKqSsOBWdi51liDp zL;tD!;AizGEG{*egKQPck9&r)97b+19PB6ep@Y0XXS>Ho+IQ|s25;?)sH%!#=PIjh zV(3rribLGjE50k{GA;TOC`>2#L8m`gFW#MfLxH-k;=u5G6^YT6zfB=Cd8awB{b8m> zOUbag74R8A0V?A%f9R4nP2#rQeYCEY62s$c&x32?*9lrqiDz54`8a+CGr1;7Z3W9u zg31kz3zp+El*i$0rb8giNk>SZGW^&MKG3Vc)mVd!Y8wJ!qblq7 zBf*f|nV-yIg8eY4Ti$bbp3!pVDvXK1t&CN=gW)`Mp~UJyVX(Tvq)5&~d?)Ab8sAIa zv)p@|j7nI(PIQVna8rH_5=E^`qv& z!drvB!8Q%^r`?%pV?wLVt(xpJ8@VM~>zaeiJ>Wd*Vlr~PSUc?_qEhyoklMR zon$vDx7VK*@Uo`W+~-N_rzV5KxS^Q_zGswI?y!AGTT9qtSAC2C71=>UEmu+0&{RI1 zFf&9t{rqOF3eKh}?Avhs^v=g%N<3DG7P?M037J^}vRSU=&w4cdA}c$?@`?Wem0v#( zW-OAnKt@{NL@E|>Mb)6oGe79T49m8Wz1f6UZ4ujc^4Ti7vSDNU@_B`ayY$QdF+PvC z3(%cDi=m|0`3i?6gy!W*fH`SETD#Yq`~FjC%%XTb#eE6i zc-xFKNoO{RCm))B{ao@!YGxg=QdYjF?xPt7DP?kn~{If{WKYtU! zci|e{)1v>tUF)U5TdQc~=-~BdMUk03Ud``BHDifITx)>=?~9W$(UVk_ny-~&#hG0q zDvAWy!33G%v-C_9FL<9xqQxHkrg#?}<0>cTJqbG3WT_HL6g?PdD{?~}5-9cuT+HAO z#!Ie6$h@I&&03HsOu!mVWQE?N@i!;)8*WI$`u-3|4d-S_HX7x%u14DAJ6nU$`OjO; zj7@CJ^vvs)FLD@=9hzoc`QN6CkoGNW*MyM}tT8ed&`v(N5`8DlMCz5gz``C^0)Bu7 zH)4TAwZem0>^byr8S5>V5F@bFPc|YO50@}4{tkd9q7BTaPpeO`4QEk&GrMDwQvvxs zyuZH~^;m-qy|U^%SODT3cTH=G_4tfBoB79ErRsOvm@~1vd*8X zj17LPz_586PaSRrF1Y$@eApP?%Zm$vbq#^?-)iY3);HM#Hg6TrMACbS0-aq^#nec# z7!S-W{S$%lWmvFUNfN9W=HV-K$A&t=IcA~r;RmQ+*~5uw=$y^+gWPRy0|F`2}Jo{8-K z2?RhF(5}835*NTKXC+=X;9oZ2d%s2-X&g4NZ-+^LYyBk&L2yBFqy|RhGM0rK&AJl! zG5gQUAMa=D*i1>Ff(`Ts`!VU^3GK>rT;={~p(L#6-1o!mG+LqAh8T;G*}kLPdQwv? zTB#Ji+dMaV&Ju{T=Rrx3Ii6TgW(;IZA>zPW_ix;&N+=*;o)B?gJjx>uM5JQ5D?;Gu zzchQqxcNo>pq|!!TqR?OVRn${OGM1$os~pceP!#s@Ez*-rGN=`jG=S33VBKikC3mObsU!U{8<1p=$)uL-KaZF z#Nw9RyW1f&(GZ5L31_N+_5{P9Y*V~YB*6ZE#=9DP;LADk=N1< z3Xg`pGjtUZjCN>_c!Dccu8i@NFZ&N?cQUg%DiHW8J$t9B>Le*cqF95%NyN63lqitc6${`Jx8(#dBL> zuv|A>6e?cB5i>pg!gOQzsvc*#eP{4IF%WC7^b7`A@AOL=^=0P1f^y0!fo+;&frDU! zYPpPD9IQGCtF`n}eJQ9CmD9?IBTOe`NOPk0wa9s7nDFG2y%EgKmu3RH5=`K!VCu*r z%t-AfE=yol%;+l-wOK+~FkYFGo?y!QKn*>;Sp%b<@t3mGyC^zof9U%rZBrQoWk2<_ zh1bx!+gofHDUyndM%r&ZY4l&QGPFbIBWYrwrT>*=eeNt!;27+OXo@6(U zABLu+kwsPz#$yu*VT)a2KYatdAUM$(u|Pa-4o=D??69CwYty84bGu9Kw;gu8)bYPB zlLcvbQEw@S;$!ky6nxc0OLq~@Bj|HEzOo|Yan%1`YVXr1(on~WWQZ)q|oF))$!^d=U(6@R< z$x^17BxPdOl3%4>BDEeJUI2qMQ!bn~*leIr5<$GoG=`iqjBZi|pBqOSPdL|~I0?E3 zO^5|`(@^UtF8vBEwt};SyE9rSMW0p0V&GhZN8Y(7K4lusCF%?5@5UR^Z5rzEzzz(w z$stKw%MD%X+)KXgyDwTY9u>w2H;~y97P1AmU)kfDKkfe`!uMi@N09+OhSI#&IlD+_ z@AgN}%YOBb8qK>Rr8Kdg3+cBh`}xfiX=Xbp4x*o9H{TBq zD;2a`vUPXL(cmanQVr_nBOpEVn*4sH17Z1QcBMzDv%@PE?AD1bYr>*{g8C!OZul~v zENQm32fNuTJhw;fA%PMqJaMNK3E5|Vx}Oi928FuW4`w_fX^Rutiv!01Arr~TBpKLt ziw}lBC6tJfrB+?fRfGPDaOXgHKJn89MO?_m7@oM^jQt$wXg_CsiqiK$p(@HG=chYXsXJJ%m8Q)uxX_9{_tv!sP^tR8rh zs?YcbqSr|s-vab4UUan_VF0;Nr$-6@c!;ugmyH2bnI(*wq|MgVQyHmNi z<9of}CAJ=!i@4ZreqO#)DA8(S#OXZHm+v4tTGx~D=M^j%#Ob|V&A|VnIh_v$UFYoc zwBpYkYjvrzW4wsji|aR9JF4C+*P&ny@~dw$s{rhC;o%ScwouaT5Ur9>cM5$qXNxvS z$MxWizAgt*Xm(wx(rxHB>ZNs`?{{^cvhMqb+Cx|Zm1KTOqxy|;@Tjx*PTHilo)fA~s}HJt`ssG)YDw7E*2qPVJ}k#x+cakO@xwXN$8kt$ z1#Pg&rrY;z`)>x>=zEy03fj#G+NPa5Hk(<7Bm%U<*51Oy2J2w#v>{P#ZC!loI@;-$ z6&@%oa)f?SmE2p3hP;)IU78t(O9&qaD z9Xi`-1$!@IH+DU=jC%x37M)vD$kPIr*>s^*$`)T}9mSqnsX4-Bn%Jk^`-rqBBCX{| z520{Y@3+}^&y^eOrI+-|R1r?em5*5Zs(sYnHN$M2S@MxS#2`OS(7hxso_M}0;DxGZ z>Mb8fO{5BPH#=GHn-Z*4eJVxI2OUckNA>xC^GJjz3EzT5D@OQU#AL(HnrBU~>%qm| z20sMfcn$rKim*}ka)66s)PIhi)}Dt6D+j@_y2nQzp(;S#(d835UxayG{>$o+Y{AIF zeWAL&jD4X}M(?JUp}L*lhy7-K>!bEX?mFr@evm?f?R~eqn*#Bv_wCsy^Nm1Gg~;_R zOk3mL<;Ja@nxhCYs}H!gp)+!^0BwWb5zkE$XC?Flu@`$C-h83g9| z4cpRxfE{}akiQ-Krhj+rvzCq&Y@`W>R5pY%;hWNo(^kk<5sI{>|EBEgYpMd?Ln8Zh z;@cnm2+W89-YE)xebn4oZt%JXVXYdeH{p`14H(3?RP?5D;W@W&tfsO zFZUI@nzUsmJn@ZjQFJBY;kgK6EzTxt(x0in*Ctz6{R-9?m)q==GarE_l+?8kkbe^ykZ8+eHQ$lP^Af zZaTVSOtqlV9^+DaXV0?QFL(WJ(p{39$Nf5(O|_rgc})wrLQGn9;nmwtF`GYX>ZCtq z>*Rm>>*hjjt-HN^1@h~!-fh%CeqBOW%*q16%wBGXI=Fb7iI?(x40iSIGRJ(|HtqWj zH6=C7>qMQpUOA9nr&$Hk>oEd+R}H*>z9I+n$5!pWmgNZ_6*_m*v}h_-y9{rsfp>_P z{RnU~tyhMH|6SuVoYdaE3^dgH{>xC$|9i3LfvkUYYobQ$O@AlrP4s{@4~C$c&pqj@ zWHuV4+Q91&ndBmhs9x}zVytz$nuDj-HPT4(8oV`hU{`qkQ~UI{I`faAWZ0Rzg>ef% zV154N;^IQ>rHLpR8V(i?HQ`2K$wGfpPpckPJX4JL2rPul_2-C=Eyr)&`pJze&8#2L zrRD{r_m62a52aXCspE^{Y{YvfU>=n0l|m^5XVvOt)Q1`;Xn4frEg)Zi3h-;w1VW<9 zYp2JUCs6Hp^}|tEcYwI0drem1Q|~v}ENdsqo+bmAI|lk)eor6kG_o9T75YfT=LEjb zXOjl$7$Tl9bh%3#P14_b^*-MxhfgMfzi$Y*;Nq$1@#>jaL%p_kD3mwx!CbpuMOOjnPXDN1SL{~@&bthA5znUPZ_!_ z#}I$p^B8EJ1c$}PwhaTdM;Nth#???~f7|n}3tBp+WxS!Q(WR_CKtKJ36uYhO%j>}} z1_pyo8+J*&RBN`e(f9{ssAMX{@%{b%h1=L-n@6e%8e8arX?OdMDz(Z(4W(_}uFT!0 zk(-Tk;#mcC=WhLZB^$Ei)rx)9`iZxh3O7|>Sg|7*Q;^wfXJZP2c_p2MILl_80=Q2# zMGcg{hI-n68S2|4tD^oI>iO15pJX55C=yfElqhb+TO%flw`$}@(TjjLZ}y80|DV-g zi#BHq^6mQeE2Y*mHk(_on*M3e?{r_7UXU6!W9a z%geZLi2q8iVf8Ihs)6UnO|Sr-!(5N*-0zX&Uyb3sE0jB;Lq);x210#B!Ig5OPt_SS zwNzU-lP)F~h7xa+o1#2fj65auwQ*isl7xm%-rK;RA};PgSN*9afV!_CdjXI}^pBe! zSN(<{KKERp3(%fE`|TfYovzTvh1eTBQJcn;-RjHI04bz+@h+!zW&0*Pgd7`(eq1K; z&ey6*l&7N2m$rQ*%4QICC_%1?ZTDx?q&nv33VmD10*(k>XX^qRNczg`Yv3B1khWEg`pd230=e}Wj~Q_Mr|~nD zf4KGIj=|E(0jkm!{Kr-MTN+>Xd_ZbHGhWml^+&C{>O2795y86~`s0e9-#r?@Kv7vC z0A5bk;8Ynrym1Gf%Y-0Qwq5yW@g!j-A%G?c#urLzE#azMi4tat2^q~e595C#epLC|*8&1#irYaa zFCn!4wEXqbdwEMNzweHQha)}$UwXC`BGx&{7a3%xJV)==X-O;0PlnM=w7uFg_ypDJ zopO(Y5?evA7bF2R!2d)e1VAtS=bH7xdxzPN+E8F|9@+JZ!AympOF*S8x=vc0q>#D1 zLcZ0-4+f;1+x0ibi$8jYwAcZWb#s}EOvk6PC)VyolEk?$DPu*Eb))D!``b2JU_mM+ zmHc07-RlPIA8H-z?EshA3p-`nC0J3?PyM8~9))-#8Ek$Btnu3DR6TC`^S2D}Trg`c zfRg~IkbJ;$qIg@Z zU=J5Rcoibc!$XLUWd_WUe~;@6ZZ;nqf5~Jz#}=we1es-+MX$>Vgit1CpZ4g}q%3i% zqUB6~f0LO7$UXH67~Qa9Q}CMDJk?tR1h_nu2LV@jz_T~-#GL4obxbQ_ikhRzN)2bB z1h=O_1z+nbT`m^J2dJwZr z>=8VLFLXq}+`RQHkBFRV0>^S7FgH*4%4_nIC-=KD)pdvVt!tHBbH8qQ!Wi2I(r_9% z28c_FP{59f5K3qlC3IwsGrXD3VX%Vy7|v+(3>RD%U#H{grkd&dA}k7wut|UOc4J=v zD~2SGMkpjjdbOzuBm3%tgZJokb?2^w|JR z{_nDXo{GUFjS6_FwGswFWuRU&rw!p(I&S2RY_XlYzRQ6O-EzxwBGd;_!5Qv+?a=w; zn;Q>;rU|2Qhs!%$!6EdSq8f8MU@<7LND|^B7|*}(thIA|C0%l+FtJt$4;?EK{}X%A zq9$`3+dPl9VBYhGJ~c|lrYUlP%x89UgSZ#1uW0KC&~N!S6Z0G4)CSoOQRg9?%7H9oGxqxoim)s&V9EBlrU7M9dJ zIu7`RY4=VZqTm*rE&5Kcp|OZws?khja~%|k+VG9i#MpRBM@ejlgkmagOD&<%`Rn>y z3S|30rulk=g-VJLUOxt&J^lXD3MqiKC zW8i(R0H4SH-B)8XGYY&GA3yM}c%0Qc{)4Qu0FiZ$b+*6Adhi!@@?7+BVSUl)Ym(6^ zQ5dXwuG#AtwXvU^g0?-qwp~3MC0?Q!KIUz$dyP}Nm3mdGyHSC-T)U1=;_HkF>5|(^ z0k(}?GNck_&?;F|mbeU(NGw^Bq5W_TbgN3m2`?t44A%l=j8o0P{0&hJKKWT**9=`mMjbYqGF zZnjI};d1-p%@yvTpci)W+>y+L5V=EV1TFcZHdeL~8=a~4Ox)jY?0p5pXGlr{~J@+rN?hHiMBh@ATg{;Rhvt<4o zS=afCtY7mdxom^JNa`~pn<5j3_>(g1E?Qx;+|IvAa^H$90eB93^ZWWNalvnqLF!GceC=OZm|J|Dh&MLtz z|Mup|FG;qIroy+WQhyb`1wpfTXp&N0F0kH~?W=R;&bj()dFlP_&38-dHDA%7JvtLD z9rUYi>5WBp;fI=UMM2mCd-I2Xd-I55^=1F*%`XXm5Ui?uN&$QGHNf6H_R-(oJQi2K z@3e&2zkBnoxr|G|-u%Qrz4{&?tM1xSL1z zdt|N;Rh!W0?-RHn-=78i7zZUraN!y`{8910ewt{Jrxsy-35p>j0*|kCb_{gmBMuIm zs|3~6*OIrKN@mjivu6rEY^`Cf1DgERn3UERZIw`U=&)EGsHV^QtEN|@`KzX{t+C^J zk%S`Pr^;Q9Xne9APf%|73$0(>g39e{?iKw)(59ueA*pbWur_`Cq^i~9vB)hhMe0~Z zO=Gg5_@!IiXoMRnwVbw)Xv2&x7N}3wqgq|3gY??S8Gm4;oDqulEp*Er2C+G+$gfov zJfBep6h#7biao1IAgRAGxX5DJsr=r@nHKV~vHCYAoKE%mbs`s$Y(@#H!1E%-Ll6Q! z$s1+8ba44jCW#)fXnfy<1-Wy*k zv#b#thR#h$u~Ml|tG5YYh9yR(WI^KFpFHW?+LDy2RA&zeu&T%qSOQ+f_5X7+ukULY-`Vff6iVAxd|6^%X?*{0a=tcl-^`qX2{Rp`ttg1m}r@l~KgkElI!eE06%)^j$zVeP2la z`hVQ?l4CNdFyb7r6ibdq4urduHqX)=R*=7QzcXFUx9q>KcqjpAS&t|3$6S zkEb$W7k1;b{~y#k2asBCRCDM_Hc9;#wa)loY8~EqBJ?k{?xS{CT-Z}sRW%q6N93kB zn}-xqacX3ah(v@9K^;Xkyw;$_lvnzStkm8c44#Yr5If~>|J&| zjIV1>+**KyaFA|({Hd`!hYJkOf1m+_^VMtFWhs^g9R~mFrl;TCjp7j-H!k(f7#xPz zk!NnXcC<}+eN{)RkRe~=2#QOL@1qUR(GVMZDbGKSgDuB z-1>2&%epp{>}3gQhc3(*f@nsQryG9!Ns=om#J(0iz=HHf6m5fTh?U@DZ_JF~h5hO~G8)Xfhti{GS60yFbey#7R ze=V`XEjWv}Ae!`PmgIFfc1?LSB9RG|t8Av^IEy-KRc?Ou7{(w_!uv#c*ay)qe}+5f zjv5RwCz>LJcTS7M%k$VFGZ9;oLso1FY|AdJXP1ZMM(*&G{iD#atZe?5FMR&9u(07e1Q(@9`=IJjE{j>e}tcE)ORsfB7Y# z==VqX2XNy^_nU0wCG>Z52cql&@Qrxqzhe>Q@x-s8wAVq9^{S@8t;n3CL94J(NQkHK zk+=Rl-+|9UM~A9M7;o!@8a&Q2Q z_q+<>)pp=2Men|AZ7K{Sy83H$Pceg+uNO2^60WTfTCBo2D=W=-BDL_TbSP*a?UvFp zZfP1X$Jqs~xQ4hI#otKhYzpvum`^rp^TIS0N}{?3H~cUW?d0foc7!z-Ri@QwCv9cN zJW!5u3T$EM_gFG;VzedSg5-X`6P8KdCRPVAp8aPQK@kL#&CJ3sQ_hwoqo7SIy2`NNIKnNo#I$WcAtUBxRB-<@wNjX#%E zWKQQP#kDn=DF2x%{3N<8W`q|R$fvvD#ARkaB!bEmEz{_ESUNRZ&Kuv{8Y@DM)B} zE@4fKYjGiHLri2!QKy!23GsT!iL#sVtLhEz(G{`B0Pz_jQd&Oc$9X@DM?n>FxbH1* zQTb`C@6$EJ_}6bf^>;OrAYx+fJ^g}^%fEa@Y07K(ZN|Xvm0&IcXd=VU$`0abe}C+; zo|XH;eTYbqgj$H3`PXANo8iiKX@7o~gmAE+_P<*p8Ih>%9P-)zQf#DbkMsX?jCVz` zzb#d(*a8zzAqvX&&J|ZiH#MS&3&Wbm_^~fb8)o>fN_zhuoV$A$LtgTbLpgppCF$yM z;L%*D8aEbK+hl?$i!uDacX-p@Ox^O!r#fC5a@qD0X=DmzOe#9Iyb}p?M>Iv0As>uW zKB5x$k(zxgp^>AxXD&pZTF+x>Pd`c%bZozI$21YvMrx-S5!^Av_pE8HmNzUQjIa&` znG)ub1)-e(D;c$v*zJa?lm@I2qXU(UI9(VAh>9Y-YX2yjOY@8jq!uV@?^?Eu&Sz^; zHkCq_EFy6^&?Chvf{8MkyiEz82~!SFI40;pPbVJps?yf{S?rfI&hR@F!(EFt_aN@_ zfby$Cz@l>5BQ)AoGT$utu=B95aPPy2w-_A&FFv6;B%S&Q z$pABoP+><)xrx2n>U;0cYG?8t6yTl5$wg8)R#_x&EtzvnkDb_@vkfU zjEEIrbCcLVJ}JQf);Y4G;^6;sXHO(be)4(W09NN`Jxt_9{;AG?A*an5{--*xbMMyi zw>mFp$czW9&KpPbTdf1D^F_ewyrzalTf$zd=qyaV9!Rm(SIz@GQ@2uq(wM$iC z44C(5mdQPP&aD;o^4>}-@NH~u-A0YMRyzXpzvp$8-gouR>lbh>?)tL@;Y%%!+4u`0 zx_-tvIbLS_DrG-yn$W88?j3*ow2DcJ`6-&k5C_j4e73u3bL_ci`A0spbxd6d;Ha4; z`?}EguuZQ;1RF=yq!Fj)X5GAoCeI5RE)cyy@y?;#SkqChVqt(W_0-|_&xIOv<&yWU zJ@A`@)CpaB*h)$y*;xB0VSe9+ZJL=UZ;avu_5HVE&8aiRV))GJ2~)donE?i8DUYW# zLYffjV52O8xoY-+QgEP@el!{jm z!s8?Mx)-@81Ny^ZAdQ8|7v`y4k4iZhEC8(C=6i8h26Ynj2ShB*lsIKMzOOj^hxm86 zv*^eghC0cNn7QiLSDV`I^U1$bdVX}gtWpj^ZA)s+4Q2j{=)Y3>kAI}}-wC#;O?ayZ zX`vr)={(gyyPRMRDZ1qJrce9AXvUk~3=P2X<)H-yb$N9`*Ii`vYs7LOYfOe1qKcz6 z2t%`r;UsN)_r{Ad4WH@P7qGY3B~?ls?Q~qTzL1)cl|1^g631hMaz>ko<%0BpRfaI3 z4Z7y{Q69d~b{R6pikmrq*Iqf0oA!EoP}gBipmvOIQWef$(QclTEzsy=7lmuu=`J#& zbf~%7Y2L75Oa3M)MYo{b+Z#OqyrU~)Hvhlg(Jf)r>4bT80bB)E)RTK_EqHpZo5QQ- zkU&e`|Hs~2KgHQDYPvWC0t9yr?gW?M?(Xgm!QI^*g1fuBySuvthu}_6=lj-Lv-ix@ z%&t>sPMzAdf9Zdq-?zJ-=f3ajN>Hf`KwqtTTx%lxTRX1;)Xw(xPYmPGQO6 z|y$>gJ z?!QxgJkEXyzCCt&UIqh7v=LZ#M4^{5-;)inS_1up>OsgZq2OKEGT26N-7fH6O}Gt_1Pq<;xk!ScadfrnI0ZrHUTHnE4WjnN#?*Ad?k0voGI8X<0^L-5bR%9`kPJG))i<6D=FGwvE zgu(sHWIm~sr0~UQ-)nvW`2OhQY}k$E#w@vJfU-B%GSAqswZD05Q9Z{gt)9#FqO+<>M;_%JX)<=MA`uJf!f+)YJT=ZFPZbf&pa(g_#!U!*44X zf35L%=HQKILLEyff7Ul*AeH`Q!IlQtx#PD*LbL3m=m=kYDJ#*|RL}MVn&)jolOpD= zXu`8N3+A!j@yVtMtji&0FXn7_!p|q_o}TkBZX>b*XUi_#S{)WCYc4dE63Mdd9;^TR zTwk>hj54e0GmuJ;hX|z76OLl#Z?Up&7 zAmjZ&E6n6bY-MpP{~Yf;{5z-SE4|iqyF;2&z51N;3J0)b2&B?W4$vueu!JR@CFhb2 zWoNml<2we0@|O=S+P=@r5;@4XZlP&b0Lk+Pmt{cnyz<3=Jl6+O=}~z8MWrtbybqK7 z2bJCeNTqil|C>s01EkW+xW(81A7g#qu_)qGrs~70ij`0K6U0b2HTxNyD*LoenxHDi zNsZgJ%v^|4lL9d(7qppY(oA)U?p;M95Zu}zh=U?5p*Mz|i)BKEZ&aCif&&BSe17-C zqL!pJdVS(&@w1;}^C~eW?DC4>aQdXbEA<&Kmo*aqTp*9($>{2EeZPFISEb*6cf8pj zm%aD@q7OLk*VX-KYrq_nG`lWXDpGEHy0|&grIXR+@oD%T9xq30ozp7G2|O7Z2@$U2 znlF};5QN1l6n%BN`;<>~LQ=5Y^ulNC zhw?n1y}<1$`}MvB?0-u3Sw4Eo{#~-KZPuYOfbRP^8B_LsG`NypH(TrN@X*p@5~?&` zp%Uu(sg|ct4|q1<;O5rS=!$a$-}X&ZT|o#;zuItAEms<^&TDIRW$HGM+HYJH&dRPh zaPQ2^Uy_)rR_re|NP5gvyeN4=rq>#=xXXs`)Mu4;i zM^Kd>8``Mq^eX;KJr5o8M?K%jHwaYEhXB>{q{U}1ftE3)-#aNC?~Ob1Eg6J7ycQFj z6}sp=FS6#jo&k2vRiPhRSO7OWSG9Wp9v&{w6L8_>zy-*rRbgBO*J7yDbi4S!nd~>39ldP;FTtZ=Y9#<3_O4n{08VaCSAYY3Hhmu8>IbRw+@xlJ_sZPuq%^I zUyut`R4pp0r9@Y84U9=ysf5)^jToX0G}ukKk3eHy5AG?0!}YfO95(e8m3L7UEfHTW z*`AYlT;>3Y5DHE>XuZlWx>qG-06c31wX+PEl1Jes8}g5Qxp zU^p*SgtKKr8iFCT;-rq5#QK6gMWcvodu)gZcq(kBCFBog1by}eLp@&V@s~nEydxHTom3a)e{=Gu(K3P5$_3m% zM3+5x#~?)GpZh%CtSW>ou#>MdN{%>BJTKCaRvKUSqMNIGHzsrQXjD3AkBEAq7WE|S5}Pl^-~GL}=!v^jc129a|* z9iqJfP&p=rj|eVU0IBqjf2j0b>!dL&uVO$d{h~=&p7ldJC72+!yg~*#RMPR?9whNB zh=|O$hf$8dsPspFsPq+cK8A%vIM)-2)B);G3{KR;Kq`IV@>#!WeKyx9K&jy6b4$S6 zHdom$FD~8#{+`d};Vs7jK>F=P^8vC#KI@fNj$gyL+o$>0_3&Nt%wDJnqj_hRS)d{~ zD3U!{PW`9MufO#wvFz==O+L4a%vg~0+>Sdy(wGwZC5B2f;WMC1oNQ3RO_2gV=5D(` zJ|4+wvPAX+P0xe9D%Jq92w4li0f<@L|32T>`OlH>o4&vMT;CiF#?Zf;1EF%sSAh5T zfVGcp;I*CS3gGd2wM?JFeJgAzaPBA_if~!Cdp6aIB>l7}8Mz$YD~oXnPnNS3)m5AJxoxp% zO|ME&>;T(3)Ibsi&X;41kngINFib!vF+fPQHMp+wrk9-jAZlOZ2p4KAOPl@vg6iAH z31k>VZtc$6rMey;He5kwc^_Epkg0tn6bc75>rnF$2{T_n*U>u|-x720xG6G21yDQB zE|HhqUiPu!Y>D1>heW^#-8z zCvgQ&+n>RI;rWGX#C7wtdWLBzE=jSje&lWYTvXSzE{H!v0~>`)u7lX1}!`Y5!s#Kb)3Vcy&wZ;5Z_hRmHZi z%ECYuN=nEKex_gr=HT4ysc1n*r`RJ&u%)g1dMwtLIP z$n=OjtNvpu`Vo(VS{onjA$1`JqX=ul)j$0_4OSp%haZ9(Wjfr5h(1sFDbCO&FEH{r z!_;+%%18y5kab&^RcE_g;X5%L57UO`Z*>#8#VX}8+d;nQ4BHm=d@Ib6@&X$RzNXa- zQlNQ0fKu9oIU0i`6iXUto`+gZKBG_=d1IW%cp@+|43BD&3&!d;`1CLHJS2+IrCBm) zICg`dD9}7F3i3G<9B7_bfgrcwKyaoOTp^`Fd~2frhk1U8hMYJXQgz4%B=I61)f~Z< z7$nNRFR~$S9hrbxC%|!j!q-{y>mT#HTl$R<&^)g_&hfW-9{$U)#RYrvU*>ttL;G1- zGj1y9KjwLVOuxU)^W6W&JkMDQTbm%4`ImW~ZO+>AALjXeDY3pHdyYR-TCFtf{YKhf z8&c6fxNvr6_M9yGs=_=HOTdcFJ18((Cd`rNXi#0HGRm^_C-+KKN@O_%et=uSO~lgC zObhe5>9?Z(JQXVcTKaX3#lTAR=T9l2bOH1z~S&*|@lvf4v?1X5%n{`=?vmkG|7D`Yk6EwY z04#2rcvKg2?B{vAa$M!(wr-lvDmC{O;GJC6+9MjQN9z}h8$GH^x&tAd7y%|5VKCNw zyGVN(kb>-xyp?&8XE`L?SS)CZ+>aQ`@(vP48!%Nm3V8V2T!Eg0$c&w?U-`tbQj~BC z;p3XJm=-h!D#kgp*8B-xr3p%*iIC;Ys!U8c=b>x_44fjhd-LlzH9+_L)*tu0 z?BDKrN2p$&B{>4Pn>mKyerg$lLD3&ewKNH1v!5aOhvH-XhE-cz`P%X0_yx@tLFlS! z$eDkQV$wO<)dAh})Qy$CK=(W{&^>SYg=)`Uq4>*aZSVmb=c<`51)#auPPm%z{ zY}9FsfmM$tBQeTV3O>zbmuFufCHuGh4`^ES%g#uAR}tE=|qRF$%S2pPmM#34+rBstSCSv7ET|-+2S6i~CYL-et}( z=8|w-W|k36i#2jC)#vmAk~ufh-W=_?4@oSk1zx2oDb*8jOvqAdcBIKJ#dY;NNNQ@e ziAt13JUL<9kVH2ko8mn7ghE!(_;B4Kjm97$HQe8BPGO>>QGdE*Atkr z%8ei6vmq~qBRMDp%IDLAP%K(%*kWz}lFutskWHrrXXeOYFHg}HZ+%;<#4Ssku#cyw zAK5|Np!_D?zNP>5fVD58|&%2WXTej+%_{W!mj zr?y&S=xHA&nlB((q@tg4Fop>~tAm)%x2~#mL-N&;W^orGGWIYX!f#`>jBR_gRsun9 zw4z%U6Vr>Pwt%I!@je!c@vtu!+}yaU448xI&Mq$Q3I+qQ^hf_4OV1*>i3h~eBdJ|} z17hh_WoLaOwp{T_QLq+kTZ4I@cf~&K`DXGbkUDXXS2e&Ch_F7TNMZ{amDr3 zv%&kr@#;h;EOC936!|!7%-z7ZD2xVMAWpOOK}AE$kg7RfK3Aj(?w1<(;bOGCA(%dq z4ZR1F7Dtv<@`X@}6&2c|FFElv#fk@EpLVP@_l>>^-cmLJkV_vGFXsr!JO}j`mtMy3 zRzdpdz$0td0LZ0J{DNWJZakdc!6Lp%AVWITaED-`PL`theQdv$(821zbLsKSbBRU* z_QU^h=_M51rbcyuT>A8NTJ3ZFjG8<>wTGHn@nR@~x&gIq6LYnv(}q$4i+^zGvA)vy z^~d*0_Siwe`dM)nQEGWF)&RNm9;&l3_fd=V()%#lKHPBXzsiO8+_-P|R@pQ0B4qQs++tw{%$4c{bs`b?^h5 zs8NkSsQ$sFM?C{_>EGyqTzcpynkYa*%5LN^vkAysvG2~g%IfQg2!`E;x4u_Az1=P-4R}lco^p_kb&z)a=s_R9& zNWc34)IM%&>!~ojz}%cFbQj|jdH*8QcR9=+w*Sboqu20(4yAe z=>04zeRh}z#?m@!>>Dp;Y(X%?HK@C4-~OqcKc}q2<(eJGpghYTK%4>PZWia#V0wBA ze%Ep*gXQ?_Oa%4AD(V=A#O;_3};DzbYVJUs-xIcP; z%nS8#?G2z#7T@cjP0?v*#z*w}898e=5*-sAjo=|Vopt|^{e68K&L62T5&wL)Sk^y( zAIW3w4BgAR^VCV_KFd{ymJ_`HM`GlpVNxe8TB(d#VU?Y5n}mRzJtcy6$$*B}oP~0| zv&yNv=4174@9}*LG-n*x>F0~#z0L^hY8K|S?^vY~x9j;bTEuop z2bF>b#X>b;RaVuzJe_n5ae&DVYt0&MR;@P>F8L|T za`$dDy?I8JvC(S|3_gGPrir-?;%&=HU{uqjloS6{~YL^7jPPDvvwvywLzxZ!F?oC=aI&|O{v z#0#7@##65hG94vy8#Rr_@Afx2)qrvKL zvRR7O^RaeZh?y##D2@X&FC+@Z$CS*i7X&m}W3y~A9Ys@WIGICSUNe{^Wi zp;Jkb^tEoE`eFq#+b_^J;N2z; z$rs+ia+pd@{Gf%q8DxH_B~J%|rJ>rMktgB4B|(=$VIzez!J^^80bMFb6b;5Y206ez zJ)JGf8nIbaC91jt#N6=+t{aB1N*(uMZhh_o(ZO?w?O-8H-BuYoI(2Eb(apGP z?w~e$6nSet7e{y>%1*;V={xA)tI_l=U#-@U>>1n6YaRJNj4G*Ty$n*$4MdXu!0WXVV>*D&ox@)%SL+h5k5*uD6+$ zlX`|l$M7>-p=PIYC`WvW*KHuV#v?KCO(RxPN}3dUe)IaSd8m(&^ecRSpBdQ47s|8V zPf=w(Rpb$$e|8-0FFXHEb|1oVz?OjI`^h83pubDA^h=B`bu+JdKFMh9vkh3n2}tk( zn&zGOxO2idP7;{xP}>b0D|Rj6Rl<_&n*tJH_Y&C{k9p^tm&m@#Pfd6u)D^BJ-2CR< zL|MgBsOGMV=g$5qo$`3MMS;)10mz4I74+*^br~;*&1*sb^v>H)x4C&+A^!2s+x+p) zC*90zP-;nE-hVjMOKJ0jndtl^^Bli@DEVp2I`2E=Qg=l;J_Pj6PvvE-24Yj>*Z`wrxz4O}73tT|&JWNp9KfLov=)t8*K0xohb7d^m;Sta~PyTPc^B6ZL2^Ts) zy8iagZ<7xi=!6hkk60;_S+iB z`R}&!(H+)fr_b|Dwu_2GXSRWWsNaL!$37@c8DS@qEut3^aoDIJs3Y3>Uk?YB;<%5= z&9wAc1^DlenJkXk@(k5x_K?nPsvZSpb#0Xaj7iG1hx~biO3-5{t^$qKl0P{rFMCz z3X_{(;sS6(|JqKW6$3*ZByVYL!tP4bd}Q5Pv53Z2>paf3>sY#_?W%1t0tBdDo;BKm zN3TcLxf}%ueP@Ik9w;C%F}{$ zh}iy@TlpLVjv%lmz9#)^7M6Pa4HUg`A{!-b6-uo4!V3bxX}0D%fa;Q9)~|Sas^>S_ z6>ru#p6a#_F2M!wfY0{$k6NUTIzu=o~U4rP@1 zv(d4wRDj1s!QR6%4yhDMbIO(!17F|<~{8Z_}J+(R*2iZ;z~XTh~4MsjgPAeyVK|H{||%y zP4K`o-ept6$8J(vf7JmWTpkY2iah|{74HsUbNpz017Ma0TdK*nP(}`x0H32_*f~@S zuYM|u$7cpt&5K^c-T_;+ck?JN*$Nw_!b#f z|Ka(5Sq{Y}mQUOBMG~s50!#NY@H{t^JR*DB)Sf5J%4Z?f!%3eCs5_HtiR9t+-5e zbY7nZFYoJHpZAwb;L~}b@ETpHJbGj9LXV@&>tcp!Qn#5+uhX0oM|0-ew-tBu=%&rI z{Ju{AA)!V%IG;o`-`2fP1lRM)$ZdR4FQ`0Pe*Frz{9qd5Y~W?s*wEUn-4jxy+4KFo zRuY|d-q)(U2Bwg2&1AMo{BxI>_^8eYL1%6*GW9mBl5MbD#b9LlLjLYyD?#DSWVQC2 z-xda*=5Oi71FF6-QY^H*RQkM78qrZLw;M#DEpn<(XrrNER+r(;MAN8Pr*|EZm) zOI@n$cz8SD>EpGO{iB^9tM2%C>dlU3Gt;Fy{;}_Hy()-riE2x{H`^OrO}I15zgV>Y zsv>o?jC%QW*jnpclmC8borfo#nyHYYD*D}q5DdtqG_|Ch7wg1I&tumY^6Tuw*Qw#CW8PnK6 z_~&SBVFSNS0Ul4a&8(!nk=&4vp^zMfhls!hLZ|*^;Vd*#p9`?ewik=~Uv*V2*x&{8 z5UV{cQM@=aMfsvo`9*+?294xjNxw6!#s?k9#Hb~HF-KQesf0IM+s|WnUCI^m{-|(N zG!n=3BqdMacxZB3s!{|wWL~j|^5Om%qQyVLaE!ru#C#crs5^GL>7WfRveG{qg)0;&oe+fouF(fo+jX}<*J zfQ&|7m~LJ@>Tc=Ut6pd;Q+&o{9*~)0tV{k1#&VwKeBn0U0aIPE0YbP=M%jlOE+oJ@ zMp?fif+y){)&Y8MLI%E88L2kRpzvr-g`5D?*y~I|N@Ox3)^ULRsCbkaf9Qkp3q^LT zVtr2>+P}HOd4apb8QM~oHB-5(y+1VFl~LX*1|NMz2QzqdIjE`fHc0x9DBMPa>^l1h#6?i zLZNq@t}(qq3e1a_BXelc$X|p-xJP8>oRwy%9TK^dAV7c8Kys&WxnLun}>jLGc?%CbS zEpefaBYKM4qCn5zillO!^`Ptn!;L^4_?~v7hYq~L3$lJ2S8yK8?Vr4{uwOh> zrN}r$E-j5HJorFDp-zh1x%D zwDK|2s3BT|6{#G+OgCbt1RJHP$*F1m_%3f`k5vBxp|OTev1*7?AW%f3CEU6u+%eyW zt+p%F@#?$8=uXA+u7KCnNb{|@Un3=TP&E|Cj5`ip?|lEWlVH3d7b92)JGcoh$`Ts+`Wx&6p#%R*bA?rgsu5aIq<`NuUTuhz`#k^$|z~ zxG1nC%JAt_Q-S#{aHWJASkmQQb#U;t_3gL#v^qHZI*HxO#c*!HNu?_)6m!;ZqYCg4r1?Ec9bhW(Qar7?=1WvPhwdqg#+cIe|RQvWWkU(wudf-yCJ_T(lwsv0qtn57w7cxk&yulNj`^!jLJ@K)VIC3cz4ghecU5O?GkKk^8ZM;B0q z;T;W#{HXhTNPe0CJK7BKmypzP3oS}WE802K;7pm)z^sWvv(5Lc+cAjds_OmEg_&hDC$HyNq!om;`*{k8-#NdH7Mn`()i`cTB8^lIV5n|Vr zNTp4Y#seiWOR6I)tb~HUqa|eb-8TIq8p8ueSyU<>9 zcGmsKFB3wC!KM-FP}^ERN^mhl8Kd`{20vQ-hkmf3q7I)D$t3?kC}bQ2igPj5m?jZq zhX6*5zTn=5k+A($E^`YJb>{+eC7Nk`>U4|ByV_o{vw+0i@>0W@Y;Bs$-CB^TF@jNqlhkxBlU@B!PHTI^*uz7Y<22)NbM70~5y# zqPLn&(RIi_6w9c0{l6Ve5fcbz^RBx!DS{r_ScZW#(Hk={^yCH6;0PpY8hTjLR@Ek^ zduqkUX&xT1J5ZhC9jZX|5p(NYlC@a;SgjZfn_87ZD$5l!%94+L^bKk!Nq0T$FKZI> z(Fx!)9ZC>;AYrb9OsG8Uao~)oEKd78;zHa%nFGU_70Wu(R36SY$U?bBU_(0e`2it< zMsdB={IHg2l!Z0SEJ1um%}l(hBBr6>%fjG~!Cxu`jQOQ)M@rRtrM{Eas+b;_RR~n!>>ja6~tRs|_%u;^nmUTIM-ge2l#P@6jyy7CZV4s<>;S&)}n$wVp zSWXDr!j@R`aqdWMXh1AjFAvqa?5_*XA-+KOMt2K#5xwg@mcBUTHMq(is+~@A zRF$?xOh}v5kQuXqEFuEJ!z=W3_M=NS@Al@We#XMY%ZnLP*}i~c!-tA(>eth*)7R=3 zpfEx|)9)8M@Rzy-td+?N_UM1*>$_Y-Z}2@<$B$4?gBwU78B#-SZKHC*`iIm`9<>1R06%G+JkXx;?_(Dbro}I{Nk< zyL42I(t!#t#34n+4f@`>IA@=qBEGn@9ENVaJ(%uuClRE*RGIuV29xs;z)|6|s{oy@ zGCU}#%(!J(yRkX}Jz43t)+B8CF;ix_4pE5%ccy^9uWVxTc(Ubyk4h;vx>=idqGyn~wzdyB|FT^Ju$Er?y4c7O9WAa!E zN)StCHFC9<19K2T*mntx&5bk|70SVW(p&@Mv#D+TY+OSZ-VPr1r2A)(C1}RxTH4K} z0~7g{0%It)nbj*>M@9HQg#j8e^Y!lN$%r`rFvPJ|(O`5g_H`F*rCmrzRcjTy+&3;w)ZoGMdZB{}-s9|Vw^pTjN&}Nb|v|-%l z3=Nn?E-Jce;52!0SzDt@uZfe>jCfAT5}#UQhMjySOY8NHNDUM#sh8?kB>mNfW`*?H z2-7P{r%}gI$zCc6#{Ed}Aiff-&1oq^fGAFFXyxW~RglQ}vVfP1Q#5RQZy2N`@n(#e zh5HE0q^gKRbW5JtzRKl^#yvPhLCd%L>b{L{jl?glG6i2Z1&if*Bqm1bzY5iB7$ z7q2XUg@FYrE?*#~AE0y>x9G{+GBIR9APtb473-ZWDWhM?cMc2)TMo@e@Y~rGJG}C~ z4qcp0r(@J%Bb%!sYOc(vCxOg>96vGQtKx4vIkRs+bU^_Y2F@0!T=a;`DE%=Wx%b0S zjp7JyS@p_*Rsoxh$)u3>1RyrQ00(B3M2hw%B^u3vgv6g zG+dr}Dh+*u+XduYBGOg}tkPqlai}q!Ar}+(`MnX^tgwtX`9LdTk~H~&6wb0p3k1o{ z9tN66XgdyB)%%*IUj7#P1#2FVkeAup6YGGwR+oh-cEglLT{R>Iky)!uBPk(>ZTK_a zHO|PN7>M34*94;XDX|4MeU7QCBH6$ufz2Zw#t~YYpBV~)+BwZ{}3(0bn6^f^! zQ3+!4rosE{A$j#ZJL9U&1_=1vCv8w7YNbb&aTHAxCn zC>4gQkd352JHsU^L&e$-s{L}n>FXQ0?)EgFeI?jaR|F^ydEv;YXVghSxwTbMnFW2A znl>W=tZl2e0cC(^T-oKPR`)N(s`IN63GNLLe$|}V&8IY0EGT;~^mWUvir{1jg|E%a zq`cQ8$ZYW$hGtYOsauBA9gWCPL0IOfNdhP{ArxAO5@sZjP2ZJ`22itOsLRe6RwFu4$#sO#fFs=sG}vwfn9-9NSqk;R7A0( zChU9HS%}*2Z%Y!QJC~rVQ;(Spp;BQ`V74 zMfDn1Z3dLG?uEh;qTbJ*DoMD;>NY1{=a2@H5I^(1IAu-cy?IU|E$j39-rUV1YtFDi z2jg@Y+{yL)!P{Rl*gfn@UejudbegKsn#W~E`k?MtHiB_(&t+^hxt$0g z{8$QRW^9lDq5+Hz)g+~L{g63n!cz!&TlfWyJW7q%s)e?oLWqgIc@gCKa!{tK@&1^R zC=eV-5Npp=4IYPNSoaosokexd*N6!H1MiTz1(!5m&nchsXnnR-qP z5(M(5X*TZEq)Z=w0flBm-zM1qWzlqWrdw=V#;bK^5`L&K3TD&%vb(ae*^9-1H)q3i zuGri?LJBSdRwY`AFRcW7jCK=XDU~Age8*u@p0;nEIchQ5={ek5M%rO6+EaOAoo1Ab z2wmkr&og{SI})-lh#cF*p%qtm6z$N8ZYN`p7vYUWn%N0P(*ZLMGK4V3;ie=O>^+LG zI71iEpe(W2q-cudTOd)uymiay*1!O2>Q-5TLpT#grT_WRPP4AZZ10(b)37Eo*~sFg zL1J`0ZSpd`(%Gy;YzN`w*q1M}(IPjs@7!0q2J`rH2y^&1vO~L-RgLnW9TSNQM0oFB zBl-8fb^@4AOIeZ094f=NRrOXQNzQtk$+k@MN$!t7&m;sd>Z69eI?-(y_b&%p9HQg( zHi=jI;SoMbD=I?`H?7XyFR47QUHT^ffG(In&Jkoy@3i57v$_reo(50P(N25(OU2e{ zY-R4^SV=k8vIgi-aUG-4M`%Ob^3z%*_K)dl0Z-W<8yX*~ zimze>T3IRB!PUQkaQ)kcOTdqr?RN{nyL#5^Ay8}_BC+)Q4^L+7zZptaJG7u&f`R!!5UezK44`rih|MR7`Y2VEh zeMBI%wLI!tf=PANtTW?cJUkq+{%;ubtWwQ>8aRgY zh4$+BcKIu)*o94ZveQwV6gaCT@p$VVx1PxOa=*5#__T_mGXpFau(GfpcSg)NYj3T; z`pH%%o>*d52Nr*Fk$qO-t=h`W=qf?y{O+dSH4=Ux_CfJ;N~oOS)z>Pcv{`i2GyhU? z{>fYRz`SC{qP+Z7OTN`atQb+IKjXaLeUTTNS!2B7wO2ZbK7u*QuRpK0YjVTQO?w3Q zmkIc`zkblQ@y%!?Ie49+;>PsxD=3HSjnP$@=!hEekbBOrZzB24;@rF_VCRVPeri=* zBKvi25o`>4HvyH!I&j%m40r&`{tgDvu?4sq9FtkZmn24@3g8YEdAH#(j5dEg#cymT zbb%c$GrOCr-$UF`wmfwNox_8A!{p(PUt@5=OM3TZ`>d4>&>SrL8}>EkogDg=<>PAf z@^bmjC;RaE+Z)gTP-=Dt*_h_nqXaIt#J8Rs^Ws2?4qd(DuJZwUVy2v1 z7-7TWR28QW7dL}E5UIp`)-6lyV{oL%c0!Zre#sp-P2*QUKA!reK`IsAvZ!1svIOHM zy-7u~xX~OOq1fW(II?&Vq?j=ovZj5K?kI*D*cxzON7JJg`3a|2xk6J3S7j;Eh^o=N z1FN^L26`_PCR8au6micTsh z1|4Otf-Wi*bN${H%W5_I3w);m|CbD|CvYkB?(qSuoeq-YiOR#YsK;v&Da)uY z#~9b%^eoYwq<&1zHF_V1RRm_)#vp#`d^7H0|_-f_fn(#)!!UOh;g_6A;#Z6z~_Okqx)5heW~P~ebIjphL7>vNm$ zE?cI5bT~M>`Z$bnnFT+eED?o$us{3@rvF4r$jHaX$NV`cXZ;Qy#?5*S)b6zk@6tWV z{aIO#p03Na%iM4Xr#!;JyTN`b9Zl1sGUM6Fq9I;w(P3G_dBF*;ae)x_jP=_^;)z+6 zdXq-w?@Wu5ApA1IoO?fNw#D!I^R-lKeC7ES_qiTF?qcgr^GzGT)Ys9Z32g_37tjxF ztea{uC$TyW=dIs{*9sWQ-ZfwvpygVy!Qs5L;$b+s4xcRCPtT+J*u#E32K&$(5aVW2!hh+dmLvPA$%+lOD1?USHwgw|hTS z-?vTOE{gyTvs6$XAW-wWV>p-O+5KkEZS+?L7iN>^%&i@3r`PUYkl;WGm`S1HLs3-kzy}kVb}@R6X*sf)B18{MkGPw&>V|MpwfI4NMVsH2%r_= zQ$QH=UGR0vkN7qfKGbak+AZGIrs%LmqE!h}rwq}mw}-!B-4hy(zlzHeAUJozo~TM} zUsuXH9Y%ter8S?*HCu7FVH3B$1S1u~`6fOt(=42v+PiG-;W{-p1Ej4SrPFddgsJDmbn9T z1ovZhX>$h|4;fFiq@;rt)4_<5r36eB-J`;waVBH)=TWFv8bgRP62~~Ft^YbYB zL`2GV3x83y~HGum!pXlQCk=$c9Q8Mzx)@>;;``eeyQI5xP6GndP0J;JqH}d?qoFEG`{RF3J3$1?5w2l2jz8B#;h3C{8un{?d~S zR?hZ^4v;SOu0+(4)$7^muBb^^)t@*5zrqkfE1dx`!3_@H2``SE=_U`4tb9n8WbK6y zW-qkWSmRXL&v)5MEBmhUo#`WjsgE?b7FFa@{g-b8vKX66Py!$JCXoMMY@xh?yG=%( zE6t4Qx)l>Ul14V-Nk-H!k!<5%9(c5Hpcy#ONgO>0Z<1#eCeUoZ^L(J2NBGGSJ{Ocw zJ^?Fk&8Rhe1cxy}Uh`f*KH74oSJfy1G9kxtv(3m2Q+utcb66Idos8)-9hE4LTBJ8t$5wBhcg{i6nKtuz zZz)z>T4Rf7S|aegZkPO6CLR^;{9pHj-6#Kl&pXd)maES^X?)%$?@mQT3`;{!wR=Gc zR5jR1BtqE>MG~?!mpxn;*Vryta^O8ZnlTjLpO~i^@#Q4jf0PCxPc3NkSDH zRmAx=dHh&2NyW0EJ$?*Hs9@U18Iw~h-r_ZUk27IU8iG150u+3?kX5}jY2q(ITz9EhR<4*xiPMp0>{?NV@!S^7vw~d)-v9f5|3BWh zlgkG*fnNridTxyKZJJh#nY#1lMZH&hZTr3g9fOuQ?Sxne|1^P`rP;RzYj zYmwm{t249W0I~VOvhfC99qKWei^9&{TojpQs@ry{;fetqwcfxuBW}1<+@xvhl5DbT zmZ%w39n5G_&^VrxFlIDS1cM#qmfA;LXXcNYVc>sIjp=E`jWWu_6-yvi40D4=7whPm)YnPGnw$ zS5|HSkZqF`VGcziAsgkCS!|<@B|0?T0CqEz0qs^stYa9d`!*Gc$=bhkFXsZK&X@<; z9Dq31d#7c4VT3?Li9A=EeoEtUdHN0gg$yDGqQ~kF4M=#$Tj8@s5jK?zlu-Mmj>L{4 zeQVqYi&4`^Z_CgKI?cBg@+@2l1=vh&=ZNK$$CahATHA8X?c!LqvrQaYdZ#ArhP00o zN#Hb%=hXt|IZYy(MG~)x7rJNIvv{kOkCH zF~>H~>|$cJNdUk}z}Z#5jJCr2NKQ=$WSDWx5dM)Izo)Y_X5^#yk@)H%`u~3Q z7ZkX(6vrj`2nn#uOl8%)<(hwG5&5XeC!pk18;+9Ow1R08ladTXnjOtyWrgBZIO&F> zGF}rQNXlI5l!V{t@K)arzHxf`wxnbfM7w)WpI_pT8aXcwQ1$~zV)VsV9?*~EveUWL zQ;ja=G+sK@I*0C>Q{8T>bqVcY_I3IY{77#Ui&1Yz6}srX6k!35MGE2`O?fbjx>du% zHvVNPyW-H{W_dNa>hdcT&T@&=)WuZtF62nDN0A-31_7JVd5m&FAW6T7WO=47@u4j^ zATkcrLi!)~R&`6F-30DjAQ~2|hc*FID{_SAT8v9WGEFQfEUvhoC^ET-S$zU6Z3~p_ zu?bQkQx>kGTX<-ela3bD)KfV_Bw%qXG~?#*&DE##d{)fVv)&%LS%Ym%zNToX}V#6JY4zW&^@% zTTxpfQv@QH4n2x{5Gvw!(zg)Kzg{dW1bCr$DhfhWUp-fH@{wGA_@w8o0i1hgD}t1Y zi~^`-#mk2@g=;~KOCGe`Sk6Jxeu#Qx?)jg&n}H)bJ!YUM~v+aVa+UC^9O(Wq+RL2L7|!B_|vCAUWX=|T>vpX zn=TXDdcAX5;-bqEYCVsLV>+GM=-e=(YJ}%ZAxJWg=|n9pZV_CqGE%hKuNgzBf=0bk z3mNcSUg~=h$jwVD>rfpSCaMBOC2pQ7b(|mx(}=61aJ4Jv(0KcrE1YMd8cBn80a5Bv zz+Jzz|78(H6;LN*!{DjyzTMc#S}53*f55WT#2@;`Dy1Gy$e?k%;6>2%~D0tBo&G&J<>e=bCB{nUpk} z>!30a+ey&^2|3o0U`(@cLyhL{0SYXU45T%*3dPi2v*0A?o2KpLRzq)D>Q)U^FJ?8! zmqH#!h`^IYv-`UMsbg?0g3-qM`hp;qLAVyqB>h9oWi_sp0=5=u3d2sPR6hY{}Fq+=jU_MkAEh!yz#86&*auA{~cxxW`1O@{16GI@!9npmoM- zF@V)%{WN7D^l{LVp~TjvLl&T^wmfuzt?aA%Ols(Bw7R~0$Ovo)&H8B+0{Bd$I7A>wiYdTOX>{E&lj^1 z1Mw^HhzcSH<|&oiijLMh59}oHf^n-gDDP?uYaFWPthxwhXYp`MiVHIwoALspB54jH zMl6UVn6NulQQitE;1#-f3>y;XCM%MA52e8kS?Q&wX{|Vu#C*oJ>cnNv~kD7PXI7UA)7H^Ehl%Vt$hbk1gqPz^;Q^NfPL z2Q1tr*~BX!R<%X?^BM#?GoD1UC!vuom~1Tvp3_-uJ=J7Dz7rX421U^EgtS4nT~)j( zu1V4Ua4Rupuy;8BNtar+NiT z1#E7+!q~$&VMoER++m}VP7gj}iIu(;X;kX!jHn-Kf&jycEiCjIBP@Z-l7S~+Q~*Js znvQ7-%B#zWfL*6?F}EA>m$n4{`XWD&~(y-7Up@dZx@aF7+jrpQ{vn@z&?8%0`u zykhf@NDhCC^l%6&RCEKo;c*nwEP@rJVa_u7I3S*P&RA)6QyP>#fZa{m*cL7YDiJ_? z0cx0XKRI+!@THBb{shlr`@b8WMB+vsYuDi33sBmv6Yr`1tg`=oy1!Sq|9!Ie)&B3Z zJm6}qquqFfgfyqIm>8`w7riNC^t#^Zz-XuGJFb`oi_P=m1#{ z0InGDe;vJk<&Q-+qq!n>6k(wXykudl2%2k}aTMS;rBPrhVSUO1&ubVnp!JGINqMY; zoux80@t-uuQ$}|r1Tlmj&zX)xH6R^K){tE>ePU0Yq|2Rf@bk|d7l4Mo6c`+RKBV>U zuc~JuV44L9!l6}~EHT4b5i?^w3HT0G6b^Rr(n{e$OUvN9U`#O^`jIAf^15A5lX)%8 znLq{4pFThEOpq^}GaIMNVpW3|hGtXvnp)Fw1||b?t&r&+{8m>(N7sOaIo*;Ynlf^7 zN@x^iOiHBX497+DirqyhVqnYM0ak;ky!!(*be1(EG9gp@i5}@YC8|p?HQYiY`$$7Q#~_hRi3sQ zGa9;vVvdj(Il@xnpq^G~g(z-!w`a3yq}xh@6P_0#?-&hv;O^Gx&RNSEKXS_gFIb} z6j*-$_xt<(I{m-j|C;~%^E_Q+=jcJ47OnnS9MrKT2w2t7wDl6U)l7(^zsO$aP7Rni z1n%FSV~F_SL+`Qo!YJVlVi^~4JSV>vG)5~3nx;Tq2i{Mhk4Qj>O>=Uv2Vw+CMl7TX z14%KfXvD#w3j{wXwgFUaOs%*in;Ox)d~>eKg5)M;;a1?Cj4M{5rL`f-E#Mt5Ew}({ zfuchJuc572K-S%mjp;$D0V?fxjR~5z=OnR6CQRnm-vN5p5<%?7lqfCOCJM=#3N(sP z=*r&b86|s99bwQmk;2TX!sn&2?ZKYE_vCQ*An+dd^dg!aS3@^Cyb~_9vuzqQX@>-^ z%?zpUja7Z+O^Pt&v(w5ok7AZ(T1K^VlT zK5n}+N}8*jCQl1NvjHiu_xdqHo3rKcoA6r>5m7-4D5zBQsX8B>Z~8%h-{0xfg0(n7 z27~W;uK$E~fCgDef|ObRVFH&IbCAWurB81UZ?O0+iNYEN3hhMNn(J-9SWWrz%vZ$@QW~qC3CW|m+ELz>4EqLoL!M=BBY#!?URKMQ3ar1*G zIh(AtQ&!iw4G?OVr!>4`xg3fj2Q#=Kcx<>GFDZ4`&N3DIyC|c<(Nk zj;~hg-ksGij>U!U-BpoXCE_Mo)tN4Ko9?1S4pEpoRQ&RAG|$URW_hWWJNhHhk&^Fm z^`9}|?|3pPJJ4YvMaCyQq473(l&~A1tZZQ2RrEwaJ_0eUz}wOkIP&%;miD{hP*oWY zF=OC_y$3?p_KNX+9cSAC*-+mVD4#xUcqT@$jwEhcQ#9*6sUa|e{oQ9HW1+~RwlTB! zDaJF_V_h_)FD;7uBF|mqzvy;3qv@K;;Fa;;8ulOi`+HyG|9+OIondXH^J80BHn+?_)6{9Sv9Sac3(y zk~q>bN7L@2Q0ISaymFWG9~qC-hdKWTd;9&y`G2zW_56R1=kDi!+0kl~Nd+si02(*t zyJL~EcR@0{#!oyM!l{#It_TT2Dd+WwMsdh5u?7qq!D^WD-tvOM#hHEV%H ze-D@b&YYkX3Gk}L7No!gy?oOZTJ#~-VI!$Hs7PMDUTC3!XvQrYkPVr$z}CDj2> z^E`DD<=L4zU6H)x0cH8l5YfzL^)>-bM9@g7S3_sF&)HY;_+OH{uO(|Bdi}muTe4-E zZ+Ig8l&AGQMbINzVafsd`RCwgRpw`XEe}<#VYNbIqn7kiON-9VShmssR9ieN61}w- zs9R_@sjN7fakYS83bw4~oj2k$w-qzlFODuQUL6ll&yK%4`RDNT=;8-wxk|N@(LSS9 z;%#&{O~uQD9*5uKAl%{zG#VN4gl2PpDrD}bG@mZq{HjEcKtqgvc)z|Bok6_P_dne3qv@p}*^^&?XvKQOAl2))XJENB~=Po~XzN?!~o#KJkKK zvnQD-(n`9>I%4%RR3HTqWdY65)n5ao<<`@XXpKvC!2Z`%j9;I|a~J#%L2hp02e<=T;u?-7fWcN4{~Cu7%~-AMR)&9V`EL38?zU)mb3&tB4%f7tROaPvt;xh zA%`fE*33IT+b73djAtH;sR-9-4jt2ZShWAD4T24FT1TN zrETi`buodv5Y_C9hBU7yPy92ki_PVp@oOHliR)GF#4W47JUM+)eQ|p7vV4&h$&vg~ zGOYpa_{eT=id9wG!BV;TQe>_lg8KcqLB%YrM0kJbtgjr5SMGWVY4a`@uVSXA(mU;nU zuvqkiex(_u)N$8eB#>L9loha5%Z7t?@o*cf^xsgdbQk*HglJ!v1z08j>F+e`Kl=TH zuk`=tcv@sRO9ega8iMKD`cHiw7=3wNR#Qe&Fp)Dprlas+Ygu2I`lgs!Ig3p(}=45)2@Kk7f)z12LJfrfHu!d0c22$_^3 zldV&Od|oTGGhSq1>KbW$3h8gs4*~d!%pGN-o{?q-h_Wz&d>5@~L=Pbi`a=5&TGfBv( z;4viXHPM)D^ha5wm@G?9SsX)7S-fy~GTDYRpYv;-Jf(b3lgR6mgiSCg&?d%UFj2Dq z*OtyWArh#mKq4v2NX!!!c)`o_;dw4H22mAfGm(&gyf`Nj&!iVjc;1755qvKg{g(CM zU-M!*>8XFrPkEj6%7#WXyed-6Wa2#z*UXod2D# z@n1jB(_I`b**mg1a52DGHF4y!7@D?`^;4nOqi@=j=zu9qa_x}DihsD7alb5xS^ssk z=4A;FLzFi34KAIART8PoFdqAp~(&IWT-N+jU#mljpk0KNoo@tsEsO@rZi9mw!lY;Wt9wA zn4%ffb=9DxYV_OW-J;04t9om#w6)#LkZY3@-ay6DVJ zND?(Ip-AVLUtVnr9u_gpY;F!QwnKUde4v&m6UD><&7^}$qAIAmK=pugNg(N9Z3|$^ z%6MLmy1I|r&lG0DQN?G0=belz>E-95fTOB&IAe-RyUQ`aEhS+gb1^G(=$l;s=4@Yc zO3wa%+(*C+Q0Mv_X-Ud9hSEknrQFfmkV5j4G<065c$oDMwRUKa!@jifT20A-R)01Q@$RRmNuEiDekKd;mgG7d;^B<%H zD2zEo^5v@ZM}-KkS(bm7iJAXjQY1R;Kg)|OX@Iopb`_ihax@DIfKkmor_ns-52QJX8I?H%*$Z}X`pTJUjQeKFV@5VB#r!xYwMpF~I6*&U zJZJt7>SlVhxdC8^1aB&cdpKea1Rr)jnW%@?ANrpH@LD)cW|j_J%QvuTFIr5*t0V&js0 zs|O*HoF|1E2HcE#`qBQ)4C1CTg4$gEk@4~8er}KdYYygX^s!3*x3}A{|JdF8s{i{e zPuF-0dXHi*bC#Sc>hh3uoHuUvu-|o5n z`Pbg}x9DTV`QP6?sQdrzKG}Wx_56R1XC?h-Nj7xr^{u0?CfQP&(HYsawxRFf1oC=%_Ir!3})>grLR6>RGl@(zivUml$rSLZDc{-==81(UfC zWFP+f2%|TDDBbDDWYdTE(yc}D?~8fLi1pUra_g(7OTw5@oo$uQv<_p;V^%44#%AK0 z`6oG>5&w*ZMJ5^XzY|%=s$DvhOHNR?@{znPa{o;c$F|8&o)e5gQLCQw_6@ty9qIPf z4;Y4BiAtYN`=6ZEyU1uF$1L-|Q-itP($$yeJPWsPUFoIFS1c(EDrR(S#`99 zE%gA)Y5`R1bXFv|4!}@pf>5?ogpZo35DssV|E%LZn$h=XCR6tz={&hNm1%1?lRDT& z+Mr%gr_$u>qkj(1j{naekIyg4#;PM|lv|JTJq8i7Tt)eo4f#Gj91-6S4Wpr!H0hJ?To(nO`Pz<54+Wm>Kq>SwB#G1Ys}=f z3-NYkcDB3*=^m1-NEGpIH#Ob>KGXA2nH=AT5KSFB+|E}5|3RO{^#3HIW17%=P*V-yu)Ld2jX`n6ygYLJtNTyt5_nEwVP_>38S zyZWYaY~W3WiOLAtDg-4+Snlyqbz{C{^d>-ERv}rYh$5Ecpw==c*Zkio(~42d!ycba zda;-YOcImQj3xPSe`n`?kR}sIsAUKFfAxcBYV8&zul|iDQ_0!%uM_pVlC;`A&f#n_i(#{5lfaIlqO zJr zW+HpQCM63)F-sq^#kmag7#f7h)jb5JU_j$^TF=R-owZLhG3K#}>#-4u@QP(U%|mWy zMWQY`^Lu0c=5-CH`2ndnkIk7WF57F#AlVLWD|l z6nI@iD#T|Ou+5bW=#2g*5_*GPVCn?>G)o3V{X=i$fYaGv(BIwLe{%5j+4G&9oq;OT z<8O9k32+k?=VUe}|#98V^d?EKienwJ?*&K$tI z7=yuiwS(`FhQzt_b!1MHRURkUuDqUb8*DR73;PBgWR9*`MknmYoX0x6%zzy1+@)sk5xuls{SCT;JEIFLadb_2td>YG#f-lHF`@3ug<~k!9zYLdp3$65 z=C>Pz#pyR9yNU&k;8mW9IA)pbm7VmurUS2hd9Gint)^E|fRW;lX+(24B8rD$Ql4gF z1jk&#@;%EnZ2)0rdo<;}DWkF0)S#!|-pLG%>g8QqK>Bwrz|RBmTeOjOaju8xyY_M!TLLgMl+sp zg=&3GV>p{V0^W9Hj_WY6n%y>8ht-V_~uL6ikM9>)9`V3IB!&e^i0y&2Ckk+I0| zrj|!lxZ5P6MgjWw_(dBU=X64Drb03s7MRP@>X?)~Eo1vkS7{QkhdwO8;|FZPD0UBYSOcef^Bd;JW-%YFCDDNm@Um{Qa~HV{*|M& z-(H`(-g?XA9B2{wR%6gpL-7G3Kh5|x&6#gvZ1=GJ=0#=6qST4Ur0-0h%;uT`{yUrF zN43PBmou4vm(dx6&_PYKZsUJ<8cRH)xrBc@W=%TR{a`=ncTBC*MJqyxAzEIDBxmn) z6Xhp4l5a$ECPZ#8aW_g4>BGrwsoYxCskr}i*SyeS$?(nC{pr~iIB)jw0mS9UFg>{X z#-v#9abgpWdAK=VnBV4B?~-FkLvIVBa|4heJhAPhB9h?6r8rtJ(RP*@$tcr+j%Z#| zQTmo-SuXt&9^3^^7;*?EWLRe@q~w!?P;#1a0h=MFQbHE{T)-k>9{JqslC)lA;CYd_Nz}FXlFI2w&@7TC zYoX4t$YMA?68uK=pNwBjf#%uPCXZu<+l`OgbE)z4v1iCdh!@{SQBWmX5R7AvK zQ`P82ROeewL7Y=8M7%S`PpxN1eF>l2=112;UMYJ_j=YnJBZw5&|dS&m9# z1I#>SAU;(uO^h9Ibs#*iUhD1GMIl+{PYNC}6V?Q;Z2hBxxHa-aqRB$%8RF&Hj#rJv zqp2Bnz}(mS{bzl0A&h$fDqX3zYBN|!Yq<4QsTr%~3>9gtq!SYWh2B)jN5Z zb|8kO?F!{a)%YO;9QVl>rhJ>wria{1@NUwi0(fJP(v651*E($HR^E8#x^G<9nrpjf zG^PCwWU_JaM6zPeP&#DqFQ z9@8hC*&O;)tF373WRfu{Tj{Va`A%f6e>{S)wM6iK21zj0HO}rfFu*1yoYa^Dhg|Or4_BH^3_4;mILUyY_?f2kEKsTV1kTB zv5KVdn0ZKX8?!JjiAdr(ob;<_c8PTP3)p@b(b3c4IBmcYIB351)Cyt|Qj~ORl2O%% zbDCx#e+IYGYnIK??kIG<%SsQ?Lb7oYW1s|u2CX+jIak_U+T1FEkL;4w@KV1j1&6D3vy z(%*gdnyXjFLS~)f)-zgD#cJ+B!vJ(IND|jzWF5)`QW4rqwdZxcTCPSU+Ahk}iFfSN zN|q|yzNd(h+^0$8m)RMCN~$DxRF{jQ?#E-E@O<6^0@-BOG%n!Irqbe=t$TomjRTjj z=A_r9x_bbZCOP-b8wIfW+nKXe#9}fh=c!_<$P1CkJX7P9cNE2`+Y8hzxo+B*(6qWQ zOw)Su@H_VGbX-nl6mjGXK_uonvOmO3)?ij$l%f)Z5ir(CHN%;KPIK%uv1&A1SzYf{ zN>-M*bH-=_bUILy#)X(Bq#8|M6U3^V%fNfJc7cBE)_WU}k6wlIeUIX2Epz#`pmQ}J z6FM7-`1$jmA$l-}*8t)i=1>E22Wp|W58QCXvO^>#&1>{S_jzy1 zygmDV_~z*K@wet9SS9$8m{Fb_KDG@Bam87^A+@?bjUsjB9%|-hCxHJ3ioG!9id5zq zqcgwAVpFca`xHv{2f&|n%gmsLc5)`ozhNUQx38rJg^tul_yBREQBn!2^aTa5N)80#?^l_X69mTY`x})_lc9>RCc~@o%e%aBmX)Tai}Kx!W3> zrTN^Cc;;ifS}UamDK z@6+qBov4+$$moPQw4U+wBAWYtEuu0$;2EP4_-DRNfH9Q(H>R$*?>Q<(8#LgUCp6~2 z*_?-djnGT4Lv>zqytK697jLXrF2Sc5++yTM*4|lQG=9vEee`BYmu0IgxBp76v+$^c?(Az7~) z2a8^uX5ck>@)`*UZ-K>yx~Qg%%;JApGZByWXG|4!g)dvQDYmL z36Q1}5Q``x3G!x6#ZB^3$MVFv*M33~%_$K#s>LZ!D;OhVlI4WvMCLTh3vCEdkxfjQ zBMtC%=nE8FWnk+Llsci=i02v2<_cXkIe(O`LhBV^-Fr^mCw3W)6mo?eGUg-IsXr>@ zd?eoM7|s*mZ1?&o=69u$D>X1x=nSE2X;xT4T(6qZ$VyBUidkBKl0*~FJu}$4P}3o( zH6>os$ofTj;URO$k@dKi1W#&WNP!r;%3VO zRURra;7_lM|39Tt-iRz35SeEpnWXx+>bq{mq?qKH7;1|klg{F{Y_CXzl+a-ryU=|jW4 zEe*BNQFgK-3FNe+=-UVe6FIt^4M|>tEf6^8b!{?Rp!zy;+QC11x{*J$I#^5G^NbRf zT=PsIvvf@}t}u~HG>sT6JjU0l(@U!9E{ZaMOttHZ_zorRxgampy8J}*5L~Q|emW<| ze?JEko_=6sL?wjN8Oa1jw*fhO=O;EI98Oz4?_jHjA|`@IVZg3r@R)2SB4-8(<5zV+ z)Gp6pm3ITeB94;$&P7(pTt|%*iNf}>W6p}|ej5UqQ3wP{cw+So=ipd){A;03ei+k2 z8X`>H#@#MDk}0qVyOJd+6fSh8?#Hpn7}TugtltsxW3zr5so_p?>LwBON=3h4dMfx!jcxTogd>tEs0DFcj3Sx~PuTSMIhmt+hOYov1q4 z53G26EY#htrXG}On`XvcLob-IrkxkgHAI`DH?o{)i1`b3U>mFQTY6-w514bc{fB37 zUmXvR&feU`#>_VI)A8SiCohlRT%26|Yk2YY@5gV3-<`ZV9+2KO%@iK$Y0TGa8o5zVU$2kE^)`h zzMMb@Gh)miJw@1}G>T`lsDQ4^?cf<6pcFui3-rOEg+j&ZOv!D+@-RSMM{NT%HTP)7 zmq@NQ*%~*qJKqVrF{4G>&s)H!K*612fHA^KqefJ-X(+GXYch`&-iI(hMhRw`ptzz} zYz|SKVML;71a>o3_eA`|Q_P?}bN8CW2g7o^d%dm&i6z%HT&EZ7g+U~Z^{Sze_9Y`Hz%sbHS))!< zXRP%|2HrAVYgGVl8uJs(@CV*cB1sgR;+O}c1c8SP5WDHpw_SQDG0-*&uXu7Lon7Y$ z@m*6Iu!+G#0e7=!ST+d~aa{wy;S%cuAKb-svV|0=S%>KZgi+AjZNfAF#-h!Us2Zcx zmPTr(YBg&(6x_jEg$Xq;LN&C&(Hf{if)=zq2{{2QcW3MQPbg(pUU6 z^Le7UDeTdmb!WznG^jbBq2zY-QO2)XR%<>8B`@>dcFCf3(VBvzJkR*3$Sbps4W4Qi z@des2bm-N!HMf>&XzWcO!mSQBhDQqIY3)xJvl`g!a3G>WHq|hOX~vU~r*PUM)=;V& z2oyA7#v=I;oh(O8I8#dzQ>BQ;FR1ZYfM1}5R%iG-EoX3+6RKZ} z`|B_5ufME6lb>`zdWFn-a!NB6^(tLev7bSFYU8>MnUqx;C9JuX7wqL_n|Z-*Hc+zU z8h5h}o~*f$SA5LEc^EVDgAi9TAjc>xR8%{v1wt~Sa%v@tB0~m{Cgg{Ui&G=Y^Eys_G2~Q-*8g3}qbDMChRDxJYf}y9U3pyJw z;**SrQ-4&9MlnO9kd!7Y*5A#Hgs}*(^cOdxv}2w|bE;=g4#f# zVnE%kHsm=!ja7>C3Vg1$2Gb2ifa+bhq%LGOWSKd@s6Vx?u<^dgVmlH?BGgcxnDQt@ zbT#UP5H7XYR`1aYET#CT3QKvzFKxTvQCnFS@f^LaN+&r&$iJn~>ZERYRT`rvqyDs? zqSAv|O=~G$Y2O4iW*Nu^H|sWXTld=(reQEp(SO@>1F0JHPQb%b-3s__VlzY=ae>Gt zCsA3TyiYbhd>{b^bpZz9)2HEVK2+Tdp_L7%##qFW!cw#OaLhBA5AlUlqO?#w*pbeA z0J}=I__&y}`H)A$evJUhd9GH|cBJapiYW4hqo3eW?Nb%EmK|nntR|seyn1?mR8VdB z{hghSmU8O4jGJv&0Fv$B6$IK$N82>F6d@)M-@-;rQ+rFkw!PuKl8pu!Z4}y-zbp@7GqSSh{h5_SSLB z2c&;^Sf{!1F$d_i)J|A!g=X}oc@A#kM+T!+%Zx=<#}n$Q#UQEzF2xL_i39u#gfF#1vCSJ;t(r4B z8xWbXq54as91y{TIcBL`iC1;$Q=8LrC3+3h3U13-$P}g5jtddj6}&#r`nskQmPJKg z-^7yTxk;&59kJR>6TD+UFZ|Dc{R-0TaNY%5DusUkG?GheHe5qzuAKk%k+UUdoM`BWiE z{X%4uA&)Fws7i>;{fK?OraU2Uvq@0WZNsQZxVihQq@vK)P?4!L83H^*{qC>E&N>v@ z8aiSz%h}Kw`y#4ZV;QTQy*G7jobt4W>@ubK^wJ8-K+Y5Mk@apYEA+lGFu-hmi`2RP zYFH_UNY`I1;45f#TduYbHf*Gja=A|2r8E@S#zu9MXtM`+A}$pz{8CLjbXuW_OH$cg zW0bYJOPrRXumw|O2U`LY7b3cSw{6Hcv6J8kx$m z2*5U~?O1?%s;p$b02v1Aq@%K$bLQ$gD!j4CXx;*eBmx`;oIrEiV8zE1G7|YTDDjN~ z0W3rH91ZMg2c93rO6VX|Jv`tKfOBP!W#zoPnktRs&DE$i!QWfMvozz1Y^nN&mAFpp z2YCY76^(K@#Oy?U#EfSzPb zLsh@XVz^Y*1*c9rI$kq_0hs^6{ms|d@8kmw!LqeVW| zKGnT04$OGC@T81S(*+Tn4plnP9oB8!k#15`F_e6g3>Dwtev+X`)m|wi%LV}YcE)Hl z5ZT03F7oNHx-&|5?^sND(h~r&`bT8^H`6p+9qZKu0p(C@$qcDitx8iKIMvZu7yD5> zD2I3vgCbtL+vt)yS}&9i*XFBAH-A0!Brhi zGSRdM>^UQv2DzBUgez=!O=Hc+!g{N(R@7gMpwMkDw(|v%+z_dv3Tm-E)(|pGMFSgO z81byhvuasMo{-^`#i^p(^E9rIsR*mV>PJcJ_x<5TJu$Fw`)b! zFy&3oSP8+IGdn=27j}=G-WaZ2+o-P@o|$RbgK(+~qqpC5g_)vj4K5|RyLF`1}= z9hN>Hgphad5cSGmesPq6>cPAg=9l1W7DkWAk=9Z=CLG) z&YBP+WjvHuJRM%MjF0EFuOpsB!zfXm7d$%ri`*8)p~5b5I|>hHbCFHd9~kYRayZUk zU$h*K+J4_&YqQH){xJJoHRP#(1`oF(RddTX3ty)ze#0jjkNm4=(%1D% zho^qfe;(}C+?`fMIBPiaS3UXbzWJpG5%`^TNyC{RYdmRGc(Ma-N^Rkq)Xq|e^&*!4 zz~c&$i3A*UxHGSKO4K2T(`@c%h{8~en4%lNK3+CkvUedKv>y}xYr($bF~b-q7Aw@k zH0pRimC%a@(pO?aVs_198v_u`PUD#96)EEhiG&d`9*~#EfBW(KZF2JFySLlqr=zns z+vND{?Cse$d2x1faq{BmRbZTTz!XvyguY@id8N7B(FT48S1Ey%h5YBLD#>k9jR~p$OpQdVC1CxqcMm3JKm>A!(7YSRn z>;U*1>ucz2m%Ho=Gw%8}KwPX4nYpb~5h2JX3%Q6R4L+b$=Hec*StJmi_fl`+@1U(W zbjIMikSxdKv_@ds%V()87A$$E@(jdA*s)ExrYUTSd|8Zifg*{t4elkrxkTrmB6s1# zLFugTjN%eCU>%UeWPU^YT(HlSXvIQK#^sfPS?u*5N7y8zSvZBGfGg~)CGM4m;Knyf zI<}wEtjJph-VJX=qvDCSZ+83R(&qR#q!y+!$F@%L4T*x=R7kXsS2$0bEg!vlg<;qL zTtx-OaRVUy`lbw^FV;)mvZMS@WM&0zd( zJP_xvj*n06nybkN7)v1#%zi>7qcEAI8zyj@q8WZR-h;fj~>& znnnt1Uv*b)fLMqtoqFCn>u4U2qrEyrV8kt~cdyy1lZ>WQaOgIR_%FwM3mUM5L5*Oz zv|>U{iF}udnYxkWIT+s-8M_1$4S=ekAD~4l@JLf7aE@ykKs7M6%=b~8?~{5+KK;3CV>BAK_l(Wj+H9S!y01hZyPjCZxlE59m}=}l@Q{I!w1L_ z8P7==n;41uvQX=RpeVd%=GhGfcd#Q__@87}gi|u*6E($}BaitNBYOuscAt^W{&WlQ z^_WpSV`}LWk@(se_u2W9fvBeNvs>r|h!JcdptDV^50v;`oA>YAJmODm)7WpDwP=sSybn0>d^XvIz$>NQY4?U8Hp}D1?>@^;@{a z`z~2!AweZxTbqtn(zFU5!nI-PkB-LDly+5?$lobe2X9{N)`xg+BQ~YiTok6MN>ix)nGy>_iRt=k_Jslx_ucPv`SPh#8hR&p& zDkrQ3aV{i-owoHAP_@bis`q`K(Tcq_fk=ZUlP3R-A#Y?BrrD?oZKGR9R9VLA0Ft_5 zX!;N&ylw7}MZ&K^tvjsoI^?=3ertNY+Rqmw*w-gWOORdKw4_P7tVVMGLs6t(3DQLb z=~oizD~Ys}L^@6)Fr~!fl|=6DK>EAlJb@ccz5em+m5vNO==EUcrb6ZrlMZr&fT35_ zzRPK-hmCaZ$|yMKYBi@IuXuU}B`TK%22`(IY4*TV2{BaM(20O}^eu^T4Q&vBz{)3Z zl@l9$r|cZ`A`lNd7X)6=WL~)|jJ1Um-ACZ3g$#S(*@92=(se{ z!$f{9^~rxYDUKRQ$ISs-v1IAiTRhPK8Uq)-YU`(G^s5an>m{cX_zZ?Id%;f7UshU9 zX*F+LHDGXit7Dpo0sm`GG4;L4w!yn$BUkpe`$DTKRpB=w> zd3<*A=KJB%+4tuI;`@p4B~7A{c)#uYT8QsY(qaIbKxMz%_iuO-i5p*S+r$3uvz_-( zpFC@{^ZM<}kV~x6Cr8b%a8Y}~*CXt(bnYh`g`ueC;l2P?bf?`ERvvyb>Fu_?f#hJbx z!A@M=PR2%?Cq}oVW6LW-&qSAlK<5(YQEp&*#VliC9+%!HnuDToJfh*1O}tP#HOBXkBH&4H14aO3QFF%UxBiQJD4XUQ6v$`GddpgP<;Ru zrE7RxNi<4~W#WlWKIWdJRlSKKziW5Ly0`MW`@Hs&tFs@imB@EV{v+ftn>mm$5y0{+ zNNe?dt2{_LAbukk67+PJY)JP3@izI8G~m^oNR6}6?UKKOWl;6lSl6ja;$D%c16tkF zcK-z!rc56PyR*3@V;;l3t~rAnn{>J9y|4fpK-$N~xA3J%HgXdW&B#HJgVNS>TGpWx zB3w)v(a=J?7vROyG@b|KCy=b6aj(uz0p}3X)LI7{jh3;sN`Jt8fP}}$cgjHQ&H>JH z!>{W+*U&FA_Y>DC=l^5x-Mibiu|@IztxthbG84PMP!HR2dNe1!*R`G0cbvq>cG@#5 zr`Lu^NJ32!90HW%#<`#Ux9}nX5`0K!1C{+Y7* z(Ic=?gbf6UG90PgN+e;M8J2N@Kvf}GmCIpM^Fwp0l;xZgq7GSH4?Nbar(AaCj5T(R zK5!zBS#C3_w?5c2fpQsu!b()$=*&SrF)qCtiONKFE~E7en>;_k3?&%K`!$Jl z7-F%=gx?Y&%H!avFz`zdRJY@4?g;Vd5%?)(!k?YtIigR&HIf0=%)FdtvR{2mmg7;# zlOW|NeJV#L;vDn6a*Zq-L)md@lGMx;O;?2*Fv^78)dB9PC7dS{^C{vy3Wi5BOb`L~4PpVFcmYGyZ z`9)SWFU+gvsaJugE-3#gFGPZ2{ZTh@*!%CE{#zwn6AKB5sK`bN>B766o$ZEc&a>xp zCj1&Efr!on86M-1^B!bkV)t5@sV`)N5}6SI412?E5D-N9xtS4?a$I8-H$+7|=5+Tb z)#bj~qn@mkA`ua4l7?r9<$+1|wUvEv6Tvz5!5l_-B61ZiFx2}&MiqT4!l#>Y9nJVE zT_ZHLButz`S`4*M-W8655zxoXnRW~mdlfNg2ac-?=gFrzFR5~(%D{qCKUN``Ukf|X z#0s`y2lo{;APebgr|kho3?vn|*vv=N`R+43N`U3%>8tx9P-gD!t@%>gfAjYI@T|u^ zuqFE#3Z+Afw6v&kK;x@1cJO z$e)o;XR9ap{8x6YW92e0SsWAy`Xk7IG|qX!ZgO;JT`5;@&KyJqv1%-`{9GExa&E-0i(mE;tF8C&DssnCBdFvZN+?TSBF zlVs=35W4k|T82uAO+oh!2}EA+?Vut1dQpzApIWbnz_xL;Y<5O3| zBkDH(c=u0*;HHea!g?G6AWSGqojUrWT1c}eg(Y&Oa%M}6LbycI7*qJoHttp zM<<%aUO*gj8r17(&PKbP3HuSbfW#;{mujrFC)TO5@K-?Ub(>jzV$JH=;ps0&`;LiS z34&!0wI?6-jE4p`_2%Z2kK<2IHm%M5I0t!Db!2(Qj<=S&(3xa9Fr-Ia#3Q&W(i(`G8BVhmV=iwV)ANG!K-yd z>v$r}U~~Z^pRvgjJi6;gwFrQ)965UPYLq9$mZ_AL>NohyU;ZKpfpTl5NODU;Dj>2~ z@Qbb0V)mE^RZOG}6iVhe5*dy_&11HBm!mf3^GmbyOFzrp|IC<4%k)uy{~PW++ubSL z|F*V=!-xCdeLRoAsayeK6-yO_P9CbG179R)iYZHOy6PnH%)7=kBx4x%e8^acda~w0 zo>_s{%c{i*j@Sfr|4RGal^WpNtoV255%^WukWg@z#v<-)=i|rz_Z|IKvC~R_5(HTU z2%*oDvCMFkevsVT(+)2p#bWZcq1n?`0sMTXxvoIx^HmCRPS1=MJKy&;Vb%y1UxkLw zP$g1{UnL~!DuiItCzRh(7RrcE)a5VGWP*G);#~Hb0)W5HWy@WW9k**^s{#z2o8Ova zislQH2+>}GK=(g~z2S~G=z`upjG++qVMKfXNXJMCvdGQ94j`% z;pJb&qA_!4=q1ccW>$8$fF)_VGL;2dp}Ce5^>%3hb4uy`m39lQ$$pnvXSKUXuRmjA`F7D70!TCatZdgv z^p;;S}{4obn1~QNlv&7R}htS(V%3kzsUj3;vZ7 zh6;E5at|_GOyG@gWG5QyO4AC;+e~Oe z6;*Mr6ZC|-g3d}Mn252?XeO%@q5DM20tR%}Y}$#?buP{06=k&=t|<#Nn=`7a-_Z-O z5fXBh#-O_xc0pHK9CRHAswtJ+Y&vi^?XyL9XC4XwM*;efed-2~!7k|9n%8dKv9giC zDA)_*8GMt@!Omb4+=B7$4vPG2#kM(SP7zC!NL%(NBu=on24&_TGR*xL`ZXvPpYtlk zv(>uT?wuT|Vzl=&q@XJ+s{r!i&aTq6_W7I`BbLlgL-`tvwW!ap)^;OnBJOA23BTHe zCnVTQ8KFK5QBs4;SqxW3B~%^YXxd+FxsX>ZQ9##{T{!2bSmN%GsTHy{bWxS4L?EXa z8x2Fu6W1FHYZGh~1UEmv5TTaqMK|i-&0H&MqRQFR@^j*9##+gZotD>q#pXdD7>Y#K zpJTVgBsjn{NrgS!PiZhkwS?VKx^m(lH{eiOVD=Zo{z6s{M_4O~u(dF7R{MJ~#INN|qrPP?}7n%E93($4lqe4}4C?o+JwZqBB z&j-Vj6!ASQ_W#;wkds(N5`Jh$5;m8|WejEBhuyV`#l#(gYS19X+Ote*1wrgHUUGCOS0}GcRR*Dl+ zMnoXgGpmHkfLFGI(PBSdPXtWWH$Y)_kr%cM86~JC+eThZOJBe(i1_s=VqnW5cd=SG zoV)pV)7N{sR*fksd3^IS4mWTEBhD)29yWvsqsD+le=|bsW_Xn0DSCNI++rmmt~xS9 z;ZQq4n{L7gZ&zx>Ri+T-ZgZ0l$%?r{N6yijo!1Rlv^68w5$`4Yx+yOgI;|@&DC~}Rfhy;8o#$j!> zvbA&-{WXZ6MF0YF9fbr2ULhQOvAQaDkd->RQ$kSHe&sHzs!&M~>PPSyh{7EYX=&n6 z)m)iC7~8u)#!;Wn)Ru$El#alA(Di)2G3QqSPJkD;$-NE!_BWs!1KtNaJEDdxPZLCY zbk+qG`@B4myWi|0SkTAJTjB8)x_Js7%a~@P7j>YZXp!$;y{q_&;caB|CJ2f$i{js8 z%LQ(;?dTocUk#mK0uzm!o{#orLgrGYZy=Aq%!#BFz@MVYsFNGDW~vgCs5N#`q;O4? zS-QBm33H1zSf;}6g5St_py${2!4W*I#IHnRc>!}eqAfBUgW{jFpJtf^!QgEaDoUh( zRV+1o)qMu0+CJ(UZ1p|C3sc`Kh5;{LE>*vG%L&`9R-O@dvC6~F1>Eq05 z|6e0sQd@Xw2r)3^JFXJ>~8 zCBTGiu?isF+UvvfpWl}29v_{ZcMC<2_kKD&b`8I7R5GZHjhO~So;x%X<>=2Bb{^}Vcx z2X^RB%?_C>p~4+9LG>-)1q)>Ka6b%CU59ta{$#zZ z&HUu>{+U>xd{m!-@u_b7&&T#ysql4aJ3sy%vp;r5{+!#g^7P+%pZ^ZbUAAslW9}Sn_AD$A>XWQ{hQ_U+n`b|;Jqj! zOoq9y*cTUjZ{EB;-#b5g`(~vrV)d}j)XP+aWi0NW9-W*o30l_J8UU3OVU}t~wR_Y& zRk|Y4XxG$Z^EM_BhbkJt1a$Wy$EEO$Tn?@#`eZ^PLQb?Qy4ixZieX)x9iIMjczSVu z^!o7ayJhFfiRX3a&C13370sIs*O#8R{o|vf{A}$!9=z;Y6KIlm@dO} zzwM?MGKiw3kvY6}Rb@;a6BVwlR4F&9vng8srv6|e^zU+4e=rfU>o(Z^+|_mc!IJ2~ zlIX#b=)sa`#jCb4+B>+rI$CQ2NjP@fYKleg)ys>s!~J)sN9X^%*gJTA^ycE-+2QGC zeZhmHv%Q~=4=;}19GxHS9jl7_r-wo=uvs42>EVBgcKIr?$7h=91IcFH2I+C+cT2=&wu#mBg+@khjuEd~hhr4%LqKsQFKDuxgL&~2u=Em426 zcXsyc+tY&v^xK6m1a{?v6Y z)*m6fwRfk-?grf~(8=4(G-wryw5ssR&19`F1*wIsLJZ=D#VrSMmi@c}tOjJSbDpd! z!n&u~YbC_G$Jtv&jMaeb2RYWivmEO)SWj0Ai{dby;%Ie2k*fb7B>GbeiSku)p8_J? z>sKxu(qP_=U`V&tQYd5axMNm+<|vhS1Nib$DxG2H3Uj1l(CPNf{Q8C< zrlK@o4?1^z2{?1vIQB>8+I9A&Hb~o$WqDw5?1)ole03jxVE|)Wj%fnHzczy)+F)cJ zIsnMN)g8ySlVJYd5uj{epk)r@niyq*`4w@>GOt0$7<9orVp*xQ8Dvee)Hx(X z=b*@K@fyYjv~FCX8(Lrf7EqEfk>02gTfG&r)GG$HtXo=EpuXy%4S3k zT^p%ak+iIOfSEUU-SF~4pJ8xW<99tY7@|aE8><;vR^~GdOt*d4q|md-^i;g7ndwPLa6%IHrqD}vpX4818D4q}CR4=tXR}_M5Jr3w zj==f;iFjKuMfkF6CU-C2qWa?BPvKPE-?un_ccp&H_OU#doM=0Gb9TOWe0*_o{O;A! zo3na!`TC|+i?OoBn1KQ(222~W7Fv!ui;HvMToJF&Pwr+9x9ZtFqoRsqLl(AT5$ro# zzUzWsu@+ZYg?94kO1|gS%Zt;)HwTBOM{izfJ(@!oI%6yz_4_TBTOm1huhOPbCu(*{ zjg6$)@`#J&;ntVU){S9*@A&wqz5RbQXmssv6kI3j$mAfk8tl@eD~_iLqO+nbu2TH> z>gC1B-ucgG7YBRidyau`Oi^|Mm^mSFce58mHj{FZns$%hzABk8wQ4scQ#Ub`?K(+e z%cko{t!n-B?Jq}XM{nO8y?M1-7Y2`C<{_&LIZ?FuMUxOGGbto_CD(V0@Du{@$xb%G z<2=^haNuAyTLD*wN!xn~z#doGmI{Dmw%i<^imWrXg`%B>WyAg=m%TpVT{Y-t@x3j# z1jV#51#;-jGqYT38Al!&$Br!bYYnb_&rNg|MT?gA8w-z1j$P_P?6ZrAq{}dr1Xces z&MT4ot^NJ0YCbuL84q;-P}V8I@6VXvGZ_&Sb$NJ#{2M<+KNE6A^8u;18KyTXD%`4m zH_IJ25AY5x7D}ya&0jgNY0spj#i*qb3D6k|k`*0EiP~VQ<*=yMfZ=32_#xKXAV=|*8U&dmaqh>)^CF%XB)JtI$gt+v0Gx#zO2-nv<5 zT>~1gkbN%dt~C}hLvw=^i=VQ(!lEqT*pHLm|?ja9nMU_-W!* zwCFMiX&7MnbmL55$#}u74;Pc`)PxtCZKdX9%SIt3gAmDejNI2&S-;}q zENhnXI@i`IT0E6nX(>M`UA*Lm$QTY!Ug$Y2o?*1YpSWbsQa*^Ak}z+ee>uOin;3y^ zyzsk)&0v~?WEGf{*6)W9XOaz{|9E50|ArF~g z{~K!;jXBIkok0pdItsciK$>*5b$Z(7rb+`ZBGZkArk0i(_;PySW*zYAhrK7OnmLh| z)TcLum~*RlTePIDvFFku@(NP1MD>kR3YQV=jDdgLD-8E@;maGBMN{uw5-_3x=Q7> zT^DZMhfi^R>psPHySzsA72YXmY%mC@>RRL0W-aun+w&~$1}rqp2(?u6`nPT{&b0W& zl5T8Dyy=w$8O#|$V@(K&dX>PUYU5PjpO!FPs6u($^U@ZZ$QfwN3R5iKm={L<`P~{u;@`nwQ2cke zyY=k5;m*$P?z64k=g+sk8*FWF4F}(W!RH;id{W9_^4(zVzKVnUMjpq-D;Yz-=O>7B za+bw}_>igff=$QQl%hjLhE7R{#NFfyN5Kf}%f-Xrc3_N^jQ#CF`$!7P5iA{54pktrg}H||bJin9dUo9~-W zStV3+12OeO0#A~_;y z{omdh6zKoXv+ZXO^#4AdwdlW#xc?+q#%eTvC7P<%;#YS>&~(hNCQ4}{5v7vh?fE`u zQ#%df6Ka)yV+&)miKvN~X4v0!II5KTxO^h3WzgP*({hU^^*Vv9btT()qNFb*nH~jA3WcmPNv61M z$mnuy>3T+ACS?8+hlrlBB=uRE7{WtYr2S~JG=xuV$zj$YyNMgqTV|~Zg;_4{#FVe* z0~8`A@ZYi(v!2l$3`27L4!?^7P9R&iW>?FbOT~+$h@oTw!!zWQC}`iRv$mn5+#cjT zNkcG0aa%c$t-Eir5=;qWqc`JSrlI^YcdKvVS?T;=O8VD${y*Ou6z_jqyMu@G|6ZQL z`7f`1nXT25hyF6&ILjWXUmHsy$6U02FfH-b4>3L+6x3DH;!_Oc`w_S`&Dc?h=1=86 zzrYZTUI@rOxb5}}$|Zi9Z}6ErqM$p6aW`vcvrtkO!qEbTILHf{23!0U`1A?9DCvfD zb;>v?X{eo9TIoWMt5id!YUOsT440jnqoPkhdraC$)G?+-iT8PElHZDEY~{(b>;74> zUp*O(VM|JOfz{Jj(FOqdjL6O8a3wKz_@-&?SEaeHjYiT2$WnzOh!xN+2bLX4WCdKB z4crSN-7!MiO?y?%&w^UR3RhMP$aNGF7+je4S~K1!U;dB&(obp9ALFQxq6MHcWvRh{ zhti2<0?;rX(8}qmuC`TQ)XezztknD}zzOhT!(oI9FR)@WCBMrm62Rxd0adFRTs1IO zJ+2;?3um+73XwI95IYJSL9)^$G-71=X%YgDUQNLN$a}o!lPE$y^Oy?QxjV={&EW^} zI)7&!*J^skyE{IK7+YQz@#OUAm%Z~t@BHmQ4&RK7 zuI%zPUGY}-CE~qvA#W(+`tSUnL=k)O?);_qL)VzY;zoEJ#KM+l^a6Cdf}|8zXTZO0 zNG`;+Rk~FHbT*Cs>lIfr`WJ6nIYnf~?{+Z_+Y3?D+U{Oyb9;r|?b+Om!m-!{pFZVD zIK&(ALh%*+>x{9Oj`~^nMW4+3Fvi8`aBAAb{*$iH(hrq?H9OVsdE0rt?5z?8sLqGR z0Q#DGca4`ae3EJ;=PEb@bPFg7z>~h`f!_DP^ZI`QwBOCkbVt4KpV}{sd?a>b-KYKO zlWe^d_ENs_J<;tLQnb4Ryud`iT6I5yuCA@-Q=viqvWLG!L_QNy6~Xx`D8E;9lK7ge zo*o|kEF=Fh+-dj%@Y>3Qn)LtAo^2K6KhJh|cOT?G_wiKow(8uVkT0+e9cu6tSm5tCR7=zws4aRl=2TRNg4^>AoJ30&C}L! zv&{itT~NFLEJ<~6K^6Q!hHo%zTgAzciN##~YDC?7o%~efU-E`r*4E|L1h}^C)rMNG zy;mq>p!o~1XAm26?PiRrEZsB;@$2Pr9Y(KZ-+gGe;3yP65zB|91x4 zyG8ro!Pd?L{lAY#a=II(=xZrOXUfU&46#i~N6Z2ar^U@S{+W`%mB({Wdn15QVK^{rB)@L6ooV&soH)j{@P$_Vvgh@+`7i+NBAapk2-z@dNIR$J;N zDDwNfyu5w=j430@P1&=`RX|qNK_%pr%pvn<$Hp90%#yBk?3k@xCyH~DcE%FO&{PG? zr0Q1@%`6dazm;Ytda)_EjRnk~&>F%DgZRNYh?oS&u636K`a=m&{#eUN!{pD9e?`-| z()Ln|j&KydoGE)7Vd zWtjwy_p%UIb5jE1jAUT7uxvW z${D4F4~@U%WYt z@B~ptTVDbi`2WFhP~!ieKYQ^1yO-zVN0&40Tj{xw-)Kv5vlJbApcCKtv&{aVAsB>+ zQcuTkZAk!{^^_k|M&5HEctorSyrw}HaqAHRa7Y!Far`a2?wl@Mw?Z# zVg=NSPGfp#e**JE&Dtsds-u$;ctavox;ig?#Z;1PX=A^yTkjZ&8$3r+g;-=|*d7c9 z;%A7@m+|PqmMdFC^WCaooE~$0&&qL&62Qrtd=d!x;+aJvx&cq@s%W zX4EP7H-{0NqQD!g#0RG+M3ADMK5r{4;)pUBsc~o3bT}t{APDT93j&)3i*`xd`TLT@ z9W0qrV~(R!mr&STMn)M`34UmUTbw= zJ^ddJp6_fI?LVFmw;t&KeLQxez{+$fpHE*`$dvMVSaW+^ZIyYhT5i>zvt)ZkpI!Y9 zZwF3|o!y(QziU+46)WGZ0ao?zJDFTh(XR|5g-#&BItv!(p2}yE~!& z3%$enf>rDP%nf~8S zlhCTk!j4%5${C?-FT{|VzWBz=C7?5#x&z4K1QRjX5K?NdmeQvhGF{Wma`1>>y*LfS zQXU=g=_LPR()n_Pf8fY~)4Hp2-UnCq1~XzrX_Q$yQ7d+R9+GIE^T7IURc28v8efkr zI)f(U3Q;PLRJQx*4P|J4p`saFBxs5$OK!R3>V| z+*DY?-YpE+CM;jekV;V6ZbQZbJs~0XZ)&znzVu{KPV`i;t=78gG#X5B3>_qr2CWa%rW<1Or>lBCz&k~>AOg0Li0mX9-?lze84#jg+> z6s@iAUi56Bve1ezU%b7&#{iUf>W-(INF=sQd?o zExc7$C%Zl+gb6PNL3&2QVBILVFk*5Sr_;z{-DmT-0H(xXLH@z!@x)9YTf^a&vU_Q` zvm9Sej(50Kb5O65oa={{$9+x0t^!+L0b||aUv~pGvUjP~&_0J(9XxAg*J_Kk>Wo|M zfHZP#>DAe|{y-G^kX1(~vhN1BE-i8k{}O*uZqVEIIz z-^3`3Yj~8+heDVBP+(BKw)|QZOX*@KCsrnNFJBV&l<3DXH8wxcavfzL73aQ1M@yS; z40puso9Y z2oOY6aNA+ZFmJ>Xl%4M7bw(N z)oegFbBE>wWh3BLL(goIW&ehWaw9umsQU4v7GxWz5!UYeU|H3sE^f$y%-@qcWgB6X} zGison_P44nJNmH>^)2f^E^2m5&{ju}Y23I)$Z)ZM=%o18=4fiGeyq;dt1B`sZeSrT zYYfYUHw8*6=TD`?tenUhp-jhuc9?cpr4+_JVP9q%Fy)44jK#TRhHuwA9jCchtwm{m z$koRKr}d{25a~=T7KJGYT6DKn1hi0G)0R@ZuEI{Z02o963fbl|4oJ*%s3aUxgtXX1 zHKnm1aY-n>1t3c2V;#=VB;ju1RLMxnfb2~RIE)_JcInu`Wnet_0?V879;RUZDX7Gn zYnQd&ip|Y`z8zX5yASugKgF}m{ZHxE8tpxbPm}z2cefP(<=O5-{KtEF3M`GSY^{*! zeqJ5xJ#+rRWsVkFDl1!N>a1;%$t7YvfPzy&xqSyaUQ&M6PNKF;$DT%ii2Cg$p4`vs^GEO;lIx6rA7l>BSAKU zuh<<6&G+F4hLQ*x!r-D6%xaqAHkqHXFlUhRl8(t#SR15(@(*!{eJtemVvAGL05ylY z!FH!&Pnia_PL}Ep73VIB<5FcOBt#=&!t9dPfBei@6P7yvr#SkcVq-2N1a3J0cZXX= z`_JvI?FawwdwG_Q$gh@#Cl^DUkPkO%N!;_noq@#x>2VOU1k0SBpyVP>h>s{mRPHO7 zGV*uv9VH1#E+Aod{BZL7!I~}WFMbo9ey#-YG_2L{t)w3Pjft%F|+93Rnd@4FD4|JLni4I zj=+=mj~Sk$i;(y*1Ri)y8DuH_4LnZJoG^3&gCODW)z6fog#Y+giYNmck2xq837Vh; zC7VzF-pN&=A8zy@E_6~W`3whtw@Pt}Rw%+t{ZJ@IQRFE0%q}!eClkbplQjusGO>$^ z3Aqp=@w&MZe}fP$P)J`4M_b?u-O!6aNQ7R@Z^XZ&;b1TaID$UI3-n?bfI0kdLGd5x z#c(jq&@qQGkf=)IX#xWT9_JIBz01}>mWf$?`Fr-^$rIp*gl2C(=^i)(fD)sLP()43 z2lvAuM<@W$=L&GEqf>ypPxPa78aLlaNA3WoOsOnQ{mzan0gHcdur~ALhXsZ64;)(hzj;00J z7BIP~8m>y}&3|`apB){7_d{>@xBuyN4V>vk$}VOI1}FhP6UxBj8KKN5#kU!U7Zg%h z855_QiXoM_5@NW1U+hpJ4Bj3LjH&!o)jCBm@n_+o-Xh7vV-rQ~Mr!X)yM zx$SDe4DkZ>9Z-txvXDm(81{yLFO@Km{Z4NybCcE9*w6N#YcJMTRWr+blGE!%@G8^h zK!c<~`cY)3+@+*wA{i_IU~4b{+k-7I44O)A4~AfS&{zycH{jX4s?_*KE-8r<`OYU1 zOGs!|fkB{Am_7gPoe0igUkvkc8dH`aI9H9x!>FkZQPk9G|7*cS+bCb-ParFT{RX z4Eq^(B+{@oa!-AAJEVOv+7@@RQMGY#Um&pijX0d{;xf6z3(MLHhSN0g8t(n7$*o`8N>S2G5>wg34BY>GWY+O1OcW= zDw2eb(_o6)C4y?W{|~oI`JZ;4?>yZ9@8v1GYaC=#{F9jCqV(To_2Z~kWdU?jF8WRA z2|nIkq9-ZGZ^nFYj-$N=#9^*uH{V#2;x^SkR;E62)`lP6MX=Dl^{yF!QWG_n$ak9L z=|MZ)@>!Dp>p&k%>42N`zk}hkBK_ale(?Xfm#07oY{opMag`2OE`a`GI7SQ(bJ~8U z7RZ_!;5(z!$r$>49D8L0NmCK)a7A?0bo5o!&FY9XK^~~4Ig|~*5#R&`2MLMyOW|@J zfdeHtq=?D50tdvuLdjF9Njuovzj*u0;pyqo!J#nH-2eIQuWvG~;@_BcGuld*f4_{Vmg4Wj_OQ9bLmD*gHAO8_-!E*e{}YkqCl+Q zDj{i1t)j0}%0zKF1YyXTokowqOOlLn0ALW{XbRX20TFs;${Xrs_@3iv1cuq|XbwM& z!0xkW+s`@xOsMGfemkuSk0jCha9sX7KTDne3;%QEf7sgDE}s8G{_5fUzlX;#?f?8a zenbM`D)-&=l}NBuz3FO4j%G<-pk`S|HZ}EPY^#Zt#e;|NGUp0XZ|S((Wc8Qw0zu(sudDp z-pn^~&M#@(-73_^$5Q^qY7xvvX_m6l$rR$5J`)GXheU(%Sf3#0AsA~=JMow{{($tDB=r;iYUSPNvR7IMUxoG zk_(iKbtzdgrO0YS7#fcNc;8~Z{pOgtdz_Po`H&d5(D%OE{S7<<-7a5#*ymJSNDzFI zAh36GB&7&8M&Ea{gdVi}6m+GWhjtBgzVA*Eo{1y7{rrUeg{p{gBPZSUw(G%Z&jMRi9i zGsKTN9DavXBS)-faNI51I)sUzy# zg7NMSihNUU_U!~qSbqO6F9B+j{|ui$FYf>0gZ}4!o?QMQqze|W0fRY?G7XR12b*>g zeipoXd2x2Q|L*kY{GS(l2d|IbT%7Eko&Eau^x)#+<z9v3!--vB~ChD(vOJZCy>%>k_2YMv3gf-JS$z@LC&i?8Y{0S{W)7s_0gdUK?EFI zLoLbx#vUW{Fb`X1R*_O85lO9b91qf(ukBgx{BIfXz3?=g|JyrTTjlt#5BC4}^4Njh z?*ckJDsVMIaaow}S&33f32XIVa@DmJS}-HDa&YQ6wV}Dy-1ai5iOWq7Hhq zUQNW+`e^@4#P?r2qW=;x{IjjTO!WTRN~HirdczB@yK=+4A%Tcd*;RaS#jcN3vCYlR zya)Y~16ftU0H-#0xKQ>TeuxPb)u>(26_dAEW78dRZTXA_OXM*4(kJr$J}dBlP>Su_ zvw=7MG&5Qg*uVyAosY>4uE(#nW2!Wicg$Pex9aMP(wr6c zzbblX`+xh{ZZZGI_Vb7QzxVUF_y21(#im(SA<<^OV0u1D5TQMv%=<;spc-2FqF4`J zwxgUIFfOs5<$67rkZt+fsYN~3k40NO;$mQ0uY%Dol&_CktL^?#6vPCpfN zma8_yXiKK5BL=BkqO@PsGy48QL^wp0UR?ZU-S9+-krr26U>$WeL2(FuBvbIV3RScs z(B{rr8Ej61Rsp=YZL4EH7iKUiPkZ88KK1J$ajpP&B<b42Y@4fwX_$`{BFM;PS5=;#s4wL&?F7%l12ax{NK*=lKdgfd-#E<4gJNj8i82@8?dSEJ=+2SPI+xf9Jll*9o5II=eI$Dbkpil+0v z)O}mAu{PoaM+`jfovUH?eu5N<%s$|fw_^iT zd3HP8-`DmFmlqDpK^{1q~}DRGqyC-N(GcE_m?*bhieBF8EDFW-il)75D#Ap&%Rf|8Q7}|FHXP=i&Z;FOS2E z-Ax0&stA#qa;#1VvRFrzu^E+8z!lJO#qfoW;D0(cp*wV;`L#B1p;6EoBhmP7#DVlc z76elKGD0|t-#Q?q)CTEbkg_7h;$L}v_?iWr4^Qp0BK=<~6i_4ow_Wo8f4=oV|L^6w zL;7Eg7f|Wto{Mo;5B>8cct;h?#ucDO9(G?eIE}!_Z_AS6HTHk&P#{hG-{5)C{^!}& zvj_i=dwIV6{$DFX$QL04YlQSzdT4hYXoKHyzio@fhvzPz73u#{rr=Hd-_En`BK?2< z{P_d@zmI2W`u`PJh(D0LyL(pK|92YyXM1a>9RFu`_hJ9v$Fr9F|AYizN`B|C$mq^c zIPcL}e@4hvcLd}?l?r8Kxqug-5HaM*n_G7Tx??mU3G&28LDn#do{C?h5fq@Hy8;E# zlEyM&T8)C$&X~Su?vse24@?{BST9}4Zt7cc#=Ez4kG8{32}qHhxfiElC`})f8dSVK z$=~X@B6ei;iprL2s4(`=y?HVS%g{z7$jv&fWOgBr(hna0?rGg@Ww3u^Y-WSN=}vBy zXbkc1LZxjwHksfEvm3Py)UUFmllE?^?U9iXB}Nh?7dDJC&HnX9VK+9+0yQqcK8YB_ zk;q?AnCzl0u%;&b5sO8d4CgybCcL>&>DMn3G{ux9H*!lEW(f8!5KY;MV(kJ9PL(Bc z)-zwsQn8`TmaALNi{@?kWIl(SvcB*3NzD3V$Y_6zBk@P~Dd>74?5;YAr4F;J4aKEo z|1~EXhCPG_=KRfx@NAG34Of+te&^3?zsj!b~IX4O*b& zPtSRM9Zxg=*W;%qo<<}=EB4WJ|9e)F{||=4?FatvKAuP51Tuz_hyq4{oMv!6LlGFK zI20+zV(4GNDWbj3BXB;$ROljwKR=zJFa*<(jHT@oj;2qATL{AoB%G;?_b>`Nk3fW` zGAaH>oS+H*fC72A{bjQUILQ%~Y_S9h#3%tFj!>`DJ2<;IVV%8V`m*97L<3EzV_`iNJoA&wt^iR5o`gucR=wGEVnBWl6&i6ff9e2L(jp0@2 z`yQLeo$vo&=Mne?CYYoY9333ePH#bd5}-~`=|np{93a@2Lg0P&O+v*R)AzoB z_*DE5|GVIY`kTTIR54y4Abu*0EQAFALJUEnLT6u8C^{zq%MUW60)Hz>nMlznIaI+4 zfy?=gr(Rr+$~e%?^A=6|%M~%R)=!TjY>dA4%(*%l@ z1tXxXt=@2x;}6peE@g^LH^a3O~s1i`tVHh5u5Z;_2pF{!ej==8VDd;LY=ltz9e>;IVOcQiIOAwurFzAki$HOI1 z8;BnfEk<|?PIb{%BV2WWpDqPl1!-wDVD^G2$XF}j>Sp$w-4WP%zV#HyH^S^7do?kC z^Q9tpP=bl*Lc7vbfp!aoB#lhKiK+rb9dQIvil-5XNkC1&*4aT)pv$>0%I_Ri`-k^) z#EXKwXhZAZvcNgDh0%bE!D&;iTkv*)k^~2em(eV=XaF!c1=lkocrJO4VQMl$ajY~c zVB=DFC5;h3Y{l_^xyc8y8Z|cuL1&Fa*T|(a2sVhIoG{$1D}M)Y#hK8vangBFWklXE zj?1IT8^TT!L{U_;{hHuX+J)*(V!)-6qJa$`MtuIXq%+tw;d=kuN*GgA#R|n+M^z3* zk?abkYF3xOWJy|kLbQR4pHsDM+?rPe4U_QnuY@a$I=dWj7F?V}w}(r_1-%w`01YCh z0Eq~cK?c_kgZ1Z82TiJ3_nHWES|I=VgeC(UN*Tt1Ez436~jn+PEHum@-bkj!wY-(ZMN| z&Q&PTp6MLKu>-DUk4gJ{%p*!yt$RIfx~PFb$K`s>b6W>EIcuWLw_sn|&OxB-)E?cp z;8Hk}Ef1Q2s~B3jhJNh@0ha7w29VVEOh^J$@>xSazcRukz6fP|A%+w+NJeh?oKfM> zM)kQ9li&#jeZ>4eZ-?6D*P2HhP5A<8&wo*HB&#&FzTP})xLVMA4Ua|d7s4O`z@$j? z*QBc&uCI;WYqJd;U1SRAesp;}!U zI14VZpX$X(C4BKZ!u+iQuJ>JW1@_PfIFCbqruZ=I-o+;6#O(yKSrx=Nu%f6yp`aph zf?^a2MiwnlawEo|Oj?w*y9eG;G)Y6L7T2F}GzIT{xssJKK&m|Uemw(w$3JBq?vscm zBn(lKE2OS64$-4{N)0U+yrv!u$DSIQ=V!J1(-a4&uRiqiP2GQ_`rqt7CkLOv@Hqfm(kJ`?$ zh5BSq8%Sni-v+qW!Iz*XM-gWG8ADWk9%E+kOJbTLkUM@q=nKe-3Sf19HG~$*8Mw*%7M1{+MOb#R^GKWw-% zocSTd^HTZC;oud%lX*15wH6zc^Jv;xRSW-!bQ>FU{ec>9^uY<-q3P*;c_a!o8ht*;cK$F zF1Vb^?`F7cMfkevZVRrO%W)Yl&i$9}#o%v1-Hca0CzfS%_d+4YXUJf1g`I6h`L*Z- ziWV)2H#iiMB@``iLgXED0TV1m!!e{3iTji`q*?cR7cGQq*~^5KIJF{NPKYK6nFE-k zQm%s@I78BOc<HB9!nm&=hvT821;$ z-tc+<5sDTIn8^WN|V$iN2TqA4`oymIE+yQw!RXM>eQoe^Fi1_8?M&Bj`A4}(*f@-XV9=f_IR zRvHBTQlsEkZgUh_SlAj{8pkN|YG1=ZPEiz~q-kBxF^;b4z&aV7mvt0&%2E}8~QLc1=oA$V1q zm0wF}DB$|V@QYmqF2&s6C0uef@9QAiEsVQlKmz6Up#jXIa2w^){0XpZ#Q8&#Z7{83D=1%s_0TkASX;PB+*o= zjkFD^F2C0L;`~}Gwa0Dd*paU)qcYgg^lO%obUFhp4mVe0U8E2{L$C?6y>qyl5Oxa=vZ6}HP-&od zr*Jj!Ah#yBkuj}G(;#^Xnj>(H%Z-Ffdo$vwK~8(C>A({T;snoOa#O1!T@x-dUrpmJ zLYza#2YV*~rfh~HhW$#d?V3V-N4A_QdVfAsUY4A*H-yuQn=lwdesao|8JUNd!r}WV zU^7gCU^k`H-3);%bR!FTqF~SB)I|ewO4?7Qz*>WVawW1CN=@sqk zO^v*m1YRb(>qEw%Kl5fV3PO~48I&GcposM!1!#gJUWqaxH}+r@cyWR#BeAYUH#LIR zQXoq;d7Ug-BS;$pxa7w!gkJtDg*O}_SNIxF6CCufexRP}ux={KaMgHS72&ew$4?5z*}&g)c8>q;c9ZET2rE|;c7Ir%Hhh2*0+8)>%P%F zGl#2%Pv+ghCE2cb5&l<-Ug8i5Y1X9;7h=-!#)E*fm0t$x6d0 z=#vEKKz;mXYf9`$0_JJRa2z6WN(kwllsh%Dix%>7*1Up!&8@P9=cRJsxE9IZ5KR1; zp#BDjFQO;}0qx6(BD8M=tC#~EWhYq?)+)Hp_VuOh(g~LiG09I#JstX@W-Ye0y!Fa( zWw|yZ^C-UsawTTGv~_rwzyf*Ou2HT97fGf#o6cKs6licrGKCSQGB77!(AP8U%NQfZ zMA8{a!yp&_whfQa2-k#!`7m$6F_~f?hCsgND@1~$kv0_>A_|wt6%K$#xB^W1iaHSM z^%C5IJ)hwP->{4TxF9%?DB|DMdXv|16cnIa>dMv#m+=01hh+oFNTbABGsGnS-2OA`}V zi9szZWJD)_X2uo(R9BR!6oJh|z@}cS;jL)zQ8m76$o$!B#AYP0)ZX$HA44i*`~-+0 zpXH~C3R**Z;8)CM;McwL{h!N+S3m$%-?UEpsg$Um9UmT^0L)}L;hYA;&^WF5;C&yQHhxe>HjqQ$9e6`Q!Fige871(w+a*oMsz4fv17L<~ z7lRNHq|BUCxeyX0g18|Vv>j&Epd@davBnv*ku%GJkV&pSMn0Zk6g(}@n48CybLWZ4 z;}ENfqlPM-_TKUVU1KWeH2aVhQYaw4 z0ei>C;->@>M}jU#_I+S2EQ)Aj<=wkCrX)<63Qfu(5CKeOap3~?0r~tpobcO%sbHNF z1`;IIc5B0@@4uG?_|7C5F%cXJNfnL+y2PdGsksG70>*^R1VsFgR#pVAOVkIJz>;Fs z(xw{xg@Vn}qqcM)D*%vb8r|2pwzs%kVcGr~S9^=g;c}j)O^0a?Ppi{Z7hf59&f~P* zLD~w`6CzFx-<=-Y;*FPS7=knj`86{yUQm9? zy28c~ML|q(#KeUjM+%nvVhV^bcNGGBtyVle{I835r^kZ&@V{Rlp8x#zpu!|9 zzhhZ&WM%|a3fXqVFtAqiEQiNQVnn z>$x>RZ85jiD3n08nOjlPYnovLt`>8<8eI0=O1PS4*bKv@(*eSi5pj)hh;{Z-Msi0q z9a%`FkOYiep~w)d+)bFm46aI3kK00y!X`_P+vNeOflJCF+;T(}9;%3_s@CrmUs0u* zhY?0j0VKAo6yrXXF;ax3ZFY<)?W4Bf*VXW(5*t$V1yCpj!6CYs9U>R z4X^YxM3mhF;NlpTAxXy2ubFwr8sMxP2lw=+z5N>P`I>7$z?Cr%wIQ!0TvQ}AmRxV1 z5ImEGDYcyz#;NF@Srz%)NC8bV$4||fij)SCk3f-W7NDjS9V+6+Td6ovlsF!Ogh<7< zp8Je2@(;ihg8Df7of+JFV4N~QnN&8&v&c+-E5>5vL)YFWS$BLz%us@Qj#UuT_^>&^ zm|6uVBsfzR3exriYzP+HT2N0p@**a>ryxej98)TY8KmGEh0;{oy-X~)-chs{$9u`V zDn1RrkI2*nx*U*)vDhsRV6*%JrLk|;uiYFjA*bS#eVT?4&Y>fnN_&IET&a+mEWosy#ZczA0o>oaGITrydJi{oqK(#*Ci z<*GGVB0%9n`C8@`tU2dpTq#vtr6H7tOL0QxoB>EFATdfH|FE`eQ30-~C@ePM$_6au z{sj;*)tTEQjk_DcfQC!N9$!GGxcz5x4JN|aDPrLbILXnZMC{a0U}np93oeKCAtIK6 zt2&JCEjZCyb+h~G*1=_ej#z^ICAlIeT-2W-x5(laoQZGdm0$HMA>}8K4cCmZ8lUW? z;9{Y2MRcsMa{SYANc^kp7OYic8C-V|_g=$Q?Utp~Ir(M0u*mC0zW@F-9SdrsZqhYq6S6WeGXk z@@f~yp@^(Sg*OoeV>BVcR%nW-j4ZsAqqn?nBB|W`8B@+Y6vJqlaOG*_NEm=qX(=jw z3J6FLXK<|Ym%}ykoQQ)?2F*ZqQ@0~lao{?j$HJE$hHN2?{!t2^X)sd%eRTy&=ExZLxB&{w$z6zL4MB4$TEeW^XLrd5U z%=~x7dhNknVbbfo!0N$l;}Yfua|LYHWy7cg^JhXCP!-$52wIlwI73)X?D>j7V+ z7hDR=Cr?&gn-$?Rt52b24xS>IO(Mt|FkLCaO4u|rvebmVYXY;0#ccqyY@1X7Q-GIJ zDM~h0z>;A8F!-TXJXr&#D}h)&HZ{0QPXB6P*5zGWHsxAdFk2bj*kCFy<;)c!H;Zr~ zBI9bCYJJDj5-f#jABN!=`d7j>upZ16c6wcOf?La{(X~#UaS0kwwbB-`s|o+@X@WllFCcw-h5*}X*cUL1`{8U=tQ za5BNZl;x0!Uxj8UlL{L-1?Y-&(*fq8g0cmeBxN?7j5I*G;w7WbFtv#6>nl&XW9 ziv!a7yj+d-s7pw4&pAkJ!0IxR+;b9=0tv54NpjCwNbIf9>h^8=pW9m`Td>XkqRT<* z+&&KYh3D|0%GOsBw;ZS_+`^au_#w^$1_=!NB#MyVCQ{D|@H?oK3;!QDy~ZpzJI*)O zE!Z=)XF}Gdze*P*SvTYhhrc$=c_k@Tf-gn2{LI^3C0ne8-?7FV@MBHvosAfLv$=*~ z1XMksT61YUOdPr}SCe$Fu4mNPv91YnZD8x`s)xPv$XXc#K1vnq(s$tAfBcOLAcHz(gushfIkmyb}a|7An{H z7;#{Sz2PxoWdYC1VP%1o$rShOZKu=eJbLs9r~paXj0-y?&H;8h!dY9No4dVj z>4z{T3)H#1yu5+)uw#V78+Cw+&&mG+ARu#yqY+TjW*kj>I$NAi=AuYK2)js=a0I%4 z-G~))yh%s>{$Dp_^-Zd!Yh6)8ba25p&jn4#7aY!!@Xzij_<7%I&8ZJSWJjYCC=Ybq z@bKnkYu&uZ%gaj}Nn`>_foMCOUsQ?`rPRKO&5ROe0t}J}ScGId1cr+QanMHMnFYC z6=)L1y(a=4{RK?=As%b2^v!ZA-Nr~MKd7^iHHK04)6-&8k=jMB2Lyw+QFt?wX&MaR za*ci?e1)PKVI$B_Y0{@Nn4qAla1j8t0Kkz9c4?IEoQpjQ`F~)7uEAUcK`=vO23EXG zb;0U^pTzd%6)Bk`pw^&t^5I7YjFibT6!m80Ix};G{!H~V%BMB&hR>!l(Uhy5caR%H z$aetzPDwNZw;fHJK6Y|C)irFUyQ7ZrrPu2jza9Zj=|aSiXij*B3)9F#4YO&6S%|tL z&^_bh&b05{r)HrP2fPRz`@wK)d&mB$C}4L4hS}>+;xC!Lu{_pC(&rvi0JCc?l+fnB zKITjXI1vZVy39YRws|Y&%Ip_`=yBAD!nyw2qYP?d#KAj7lM&Fd=`=O<$=q0( z{Vi2`8XcRyE{ z^yiQ=l$bykMy+?wPkU#FyF1p-IWXPW70aU{sgnp~L7s&Z8b9C!nM@E%lL-8uv$t>5 zM1(hD%NQogSQq27{S%~UcL$)zCjkoNly9KkvAfHG} zYbunC7zJ9lNcEX6KxYI5m|ls)LD(?JhE%2?iWrcF40-2*f{CxLPSof`+j)ng5X(Cg zho8h(hJ;Q>z1TZBl1{wJo<@a-;Aj+06V6l#D{Fs-=5Pf5Q?Iidk|tBph@9&_?0<|C z@;maG$Lam2{y2e=KSQ+tQU2xO;8S0;-~Y(}5x*7Me^mUE-2`78ovbWKsWfHd&^_rt zQKoD-(H3hWoWH=y4S4m~1m|D(If5GQu14w+|1 znCQrbhK&7D8?sIMOFZS9lCrzae*K|Yz!Q549_ z6sDSMAd%4%XH4^1e#%h-L4tzR*H^GCs-G1bh2yGYx5VcxO%iFj#K}yYkQgQ54VdF3 z5#z``lY5IYglwMXFA>j3b+*X#Y3on`h;$$ZW0w~8Y!Mz&WXk(p`r zof2Zo{7GrgyJoz9s7iGdvv3d!7@QZ67#yfcM`U2+QC~zt);gjdNv1Lc1Ex%hWbIfC zkJPQj%bWLNPs;eE{i&8020vQbpuA3& zJ3UZWen~4{B`}_0hUywLu*EOZg_eMLIpQm-u_Yr*Xpd9I4>z1albkEqIFl?cNx)AD zxu$s>vUf+DrA}p2BiTycC+3_FNu~e?JrzJtx#uy$-ya2F$oUn)AL9=*IrG zun3?zYf?7N7o8yMD8S4*c#I&c8fadIFPNej%Vc1(*dTT6izAZFpNx4a#>DxetcwIj z#TE5uFp5xE%fkp@HB{PdOKZI4wZ3yXL*ZOII9$q0E|gfxBjOaMlJ_IRtg^iQyI`0^ z;-`vX78t0GVxU0IK#7PZ_rgV$!d=xdPbJA6@pD1AG`_88rUX_z6Dyv^ipfc3vt>%{ zU9~((LnO08L+D?L-zg48*_6v7kAT!ObQDu?fiv;qBS7-kvai>iuYH?LC7HqWLJOO7 zYD-ZRTqJ0YqW~qwd*$Tf-;BUe9=GaDyWq1CF3`msQ3|Ih7yWY(&JY5ZXKAcrT%RfZ zyKwK!g70Qpd8!IZ0*9bKQ_VP*onY@2$g=tG{GOhhF;T~oz77NND@eYZg)jh2lb}Cr&5YF>h}$On{MpK&8O0F-jWzH z0&YmEg>&MjU?{R`RDFi}Le8h1?nTw?38U2!=tff)1acYk|X^1!i z{l~+`Iw?h7f~M%h2y{7c-A<-q%!tGP+UR}1SyWJ7{XjFtWPlc(Ivs1SKy`=G)91z` zNsjpkeTHNu%L{>XJmHOzOiiCKhCByHxYH3Qx`LGxW|}R7_d>9oWvg46P+Cq^{YOHO zs$1PuyI(jh8)97HP3_2IYCC96LO2B*EpwP|+Nt;R6YgO8T%K6 z|N1RozTkykztRTg0`pgoFE03aKlTyx`>M-6uX$m$)6eRB${SG7FWrbN@ky?ULpx;G zQ+{8~Lg?iAE;)Z;jNJ1)w;)f>hC_~_BMw9N>N8L@tO_KMm+-m zDJK8N;^^}aVl+pQAEp7)++({HGAgOh%^D{Ct{j9X){Q!9_=`6UgBGWwB-gJ=fJR`j zvok2Ez3b<*pv@MmE3;-OjRT~DDTQD^;{eYXNjPV86fu-cppU@D{@KxHwxwO0AAB5Gycy+6_ffq$SI@QXN?bnXU&QV2z)AQYmo9<3*Cl%7wq zC%eiBf(LoI&DK+9H;AJUN2rA7B#m^>E~N5TKE;}OkPsD`?)en=I9bOe<1tE&02PFJ zkFf-gQWUIU|D$6jk)A{Kp7niwg$pb270>ZKi7R}M5;hwND7T0r{nNL}! z(k}aB9SBPT`7@r*z}^Dl5GqSBex{|75Y}aRa>W(>hNR#ciuigUNu%tj#SwsD#@m5r zJNmZ6t3^l(WhAD=Rda@5AaWRJ?}Kq>-U=@DM`cGQF?-2-5?tA(!IoX}t2e(o?NJb+ z4-8O-V$rFN4oeYBV@YzYe>@7jh2q0r2cZXppiX5F# zRl1{4(F6Y^sdlVax?OO2`SGKShVtpt<)u8(m=U>BfGBRzx$8@>@|c%KGHUuR^z_Lc zSY%ZJn8Aw}@oNCcVes_OM*lJRj~&j@x*N#_JKw2CYJd|jw{Po0y4^O8EeL;qhfjf)Q^!`0NlCt?qLpOE?YO!;om6@3RQL4C%CR95lGvsQHbL4^ zCq8Tb&s)xud<%O6Ab6AHOYF*N^G9NlxNK|y8yovdGaB)U=hG~Um>2TiGzCoW^|ra3 zagi7jY};DTF6KUKu9#wMBNv%my%~~ROp}yVnLlyrpc$<5LEubP01I6`q4&SvyhPZNVN7Wp>V`4bh%+!}(ur z|69z~E!NoL{Xf{=ez9HM|1Y+-p7#GkJZnVhYPBp(-XyB~z;kSi=)dj1f9H;QI-^;p zY-DADx6F@d%Gv@JLS_Kqi*@`y;WCedpn%}w02)TKV^Dtw{$5v95RhF^qhBct zgWtjpPy*+yk%rr)WnAs^*({I4Y~Is*5HFXE(O|@0?CtIC4EA2W9BjROxz+dmF{PAl z_vw$j{@#l*`*F}K`dWK8aNiAf<-iVXv5@0TB0i##qOn<|>D}I{v(*A&O$^;B%m%H4*|$$TnsE1z!3X36WkZ zBSG6$PF={>h4E>cq0OhWMrb_OlvY&7E4272AXH%fV&(8XqY1+OYb^UlX%;lPS&CeZ zhP7HfR6+py6T3XJj3#H=b~OcC0?6){vVd#^m_kxEA5jcW zt%jF^O=x#hjRWiJzO}h_s1z>P<1ZYDx7GLhEiEeDF>&1>ox5osZz}WE6s(!-wu+R!{*((Adrs5B8Iq5mps!+T zhol1>#-QV@5uzq$2!9hDENTG&R|)<9<=D09MN26_VuzFH$#oQ19LM(8n*u*?s-jwwAP9rL$o z3!I87*&cNGJ7`^tc}6;rTHus0xAkKCrA^P64ydm}qhTuwG-28{B-v`rM6`3t(bbxC zayALm)heb#C69{=P$MePGemwn)PeLw!hC4^RJpq>J{WY=$;NlK{P8XK!L1GzPBaO< zS+HgXD?2PChnsky{gy_`79piG;hkXsLo+suqL`s@aPGrJ4j5BdLFse?v!$@zIAMsr zNlHgT$IL_Bq|oy*bkO;UDc@r~yJ(aFxK4PIM-Ym;K>E5cC>F|4$}=rlgr21-Pr=#- za)2q}uckfVMlvSeUy!_NCRl5`RBi=OAt@iLP$2!?gw8}5`;3GDE&H5c{#9kQQiSi+ z#0D3HT0Dk3M>{K_ICI%wkGwU^JRG}-mm&Fb?Kp;#G_7B=`-(_~rXS74gb){2WW^V= zH@QR9oW9)NdkHNbjY%GZ9TkkIYQ72PTqp00M=~-_dTO<@S2K0)moJ7|Twl9T*!%KD z5~f5@pIu*j;?noD7!)+W!!KX3oCNIp8n==m-ZLJc1X`cr3Yqd)Ljq+);6@Kr|(QC zIOJEcr*?ioO_Fg8TC+b~t@ zUiR}-h{;BTm2p|_SQUT0N>gEtc&ZtlxGznaNI2$#kWgt8C)4Fm;JT{%ykPUvZ=W7i zi>&EO%C8CfCf6^7%ArZAj};(ED7k%>X2R3d1#c?E&PIVD2dwo5K}~63JQRg7`BdXH zi%Bg)IUk;aR9nx(G{8oO11}tt^D@#ZCaqBZyb-TZME9w!#%z4x8Dbb!y|GQ!i()P6 zGYgfp)nmj}w8pm%kJ^+=irsiuBqSYCUw3Yqwp4JdMpEIobk-~tN{L%gs}@loj7!)s z5vncP+?zhY3Mx_A5r$@8{3yu&@saB4S2=HnUl^0dnS&WCe_2E?&@xmj-wJ>s!wXzV z99%!85Ka=SI*N{-<~3sN0~Ol^(lzn`g(Y}8>QP(5!Pr41{i)4-5Ml*J0ze4S5s7q{ zAXHICU&amF$T0*ZDW2aKN1Bmc>GM97!gX6dNteySb zC>*6Uox7u4%ts*nR3Hqz?SVIN3@4@eoDiH)mD^!eP-R#SbYxVkM(%T^$Tus9`Y9Kp zz`y2K>uXgUbck#4!(WAV2dfcBvd=z&%*<+RFW5ZVwuH(n*d)^YyR8ISk%HZTWEFmGjTB3NZX#Ilt@G)z zMeo0hXEptg5!v_7rYuTWD!eRNSrxQI|I^><_bd9J?f%Z-N&oW@&l)*VidE;!7gzJy z9n?H%SBsmKp!G$Jt(1(71(rS5sa6HuPrhqX`MVeBTh?^X#6P) z@<@v#xnOpS&hwrG(?&3Sb>&yrY8~Z|Z7i>Icel{eXU-+p4 zK)%)@$|30-{v)SRr;M!@FtlW=G{>lIfcSJNBb`?RZ?NO`JH$Jn3EB*XOn84Tr1jpP z!c2?xWjiC5(Ta~lq4Ni@BEg{K!a~in{wLH@l!pXaH~!q9KPU$F%&4u%@HGiSKQo^| zuTm6{-}N$W(n+-A$~56wnzv`|c(aiPFrLZ2XDpq7iU3?mY`}~5mEv~M4ry&rjm>Vj zhG!eOMk8$W7l>6tDny~C-%!P{;IdMsg<&ey5>eTun^s5_@?(%)N|u1fnB)ebS5_ck zQCaGRTwmMj75Q0TtBs20EBQyxGbpNA_@U)Mvd|M| z&>w_rP+v@ReSw9-M2P6r*I#$#Wsg8b*1Es=QMfcoU}0+(uXP+AVx+lXX-j#ePO72Y z!u7ubx{z^y5NshxH$hfu;oS*WWmRSi0dB}+S4Z9t!i5c2qG=C-zQ$~02wyV}+sAYl zT&@J1(W6@A7fI5|JD|dCR0b%vSK#DXE*Pk4Y_6eM25G7ks%@)I8-S$Dq}1MrWAdy_ z%5;CFV?~|-9_bWgD28hxP*+jR^HHD@oEes>q0=%aZ)(=NueaKv;G5kc9pz-vS*aF^ zDf9~10E>an*%=LjlnHTm*6FU)4C=w5nGWfw?`L7K8W0NN8PM`ok!3q6>b-WY2{!b@Vyrf%RQ#FEVZ(x{NE4PfCTdIT5*=kvVx|emPf-+K2;0U&_0qh`o4DC>{9_mgVLW-% zRmmf!ob>ftTQCZTkoumwG0Y+d!%nsObZ`!PH8@4MfE!?f5X*b3ijJDVrfK@DSRo~F z?leI+1?sL-DhG8FDq|x6Nlfo@Fk%_i$T;S~siH3`e8G2x50Nl1N=nl3GK|>7)|p!- z45f4}N5=={LdQpMix+7g?~5YbrljmcvVJ1p?#J`>s!vVr`yGj=wnD4SuIh71<%%Jl z+Bh|HvM;Mu|EkGof%Clzi6jubBZ3ku*)NU`pzIUN?|gmbVzLTXrE@&V~BbNvsXyweqk&y7Q9@Ip)exVPDQ7u@6dV_4IY&}t-M4w z$k`j=t^}1?cBw1=dTh@1>A8>RuJ^xHe1ezQf9&k;?NsA`yx4t;|M4Kt5$bFs z!v-e7s$@(hOPY0L2(;}UMmwXKKYe%Gq3&Um8lS33Yog?HYefEN7$k)(Z9>q1Fl{oe ztCWnWTko5uRzs&1wCMT?5|-q{TZv6Q0?}e@t2$5UPa$COAeHU@dh(&W2xM6Y798&bBk!b3&z^gcKHglYWcc9Too=|!W9=`;$A|TTZ6YuAZd3D z4u!6~aJ`1?pH_&@UfK3gkp$(5*n^6<2C;J8GSEc$={1IA6%laOxcaR>y@btb^)A?a zNj3L^HCOfN3Z1$>b!D+q3oYZWykhaCz15Kls(o(J4=`E$DdjUOiwES!WKmEGK5D(k z$f_cvSuQ-3_S}goAZ(HpQ~?{3CPE6Pb&E%D8r5{G-tr>jA+#s48`KJd10HAWb7tcO zq*=f4_=NMUn%Tq>b&)~8->>57o8`Bk24QM}Sc^(rT8+2ZZbrFc zm$m&^+LZ^UX2Hh{`U~g!z7Z*z$%9rl!sp2xa47DTgD5-eEoUVv<(KgkE)i3k0QuIB zuhvRn{*;r>DWj=B4daRB!3-yAG6!*&^5s>IO1SJgwN`vcpY!a?!Qsh=v!9OM9iIKN z|Nij0UJxwopMClB;olY(LwX4o)|?J>b5 zpq)CD*a_2lRq7Pu-B}gG*qh9AYZ@MN9a#yJRmzeI}6LVg09i0Ag`bu05|WN z;jUJxmR|;Sd+~OB(;CKWvx_+2UyAj5#fDl-F~3TUMi#5Q?;6>Ts&1i(Jb?({DPB(O z;3L{<3v)FsRV(}?8*1Q(N(5+i;EF|cN7z)XiYCyiBx`l(4)*U8dnS5DBaoF&9l>#JPaN%^|)d)J)aTK|VTbp`9srS_lOJ3CeV z-|qH{C;i`pJh#*T*<=-iJ-`Lix|P@5PaeYjv*v=eOovqV^7{UbKO20|9?R(Q-sj?* zn>^Maz7LDX1~mK*3?3Vxx^MfwCDZwPGIxA@Y^-eTXurITwWBe!Q|$6`tH*mW1T1c^ z_hJax(%fAP0joTkO*tR?jQ*C--T1%NGD0ll|8{p?RPDcZUOf5#JjnAX{GT@es#$d1 zAIZK4ORXg|o3t2eVUPkt(r;`v)!ywr7)`Y|UbdMc&JwB10`+6F^6{Qcpwt3bY5>(x z?xD?}5QL@1PxWF;0KI|bQX?0-lHpQW8+#Y6Bf_x6YRN8ibDO2a1ckVp#Zu!0-dw+2 zt+#@9c^RkwT~SEG)$+8QLN`gQb%o(5+fA&jz(yqtD-{f;p_nGlDbKjiqapclfTkiC zci>oe*j80ElBt!4{d*Vrm7ZJke~S93dJ7rBW&Gb@ugd@JZSTH#;{P7vxtsleIZ#dA z4WJgtrjZ>i)}H6{lyNXR?Nv#i4u`Y?1zZwL=o?VNmUu_4B(ccdLcV-i-kuersDTgt zJ0Af{IV=KF1Jw;a6meD*{k03Yb@tUp&1s!+H3G;+5o8PE?%i!bi;kX|95ut&q|>oD zub5|KLoS{pK{{c4Nu$t;W~Ff3B{!|%=?+!+lZKUUiYzdLuf$|B$KHmH+I0X)IZbZ0 z);?bU05Qbt=^a!LuOVe8*~s|+6g+MpP1nMn9U;ez<+W_1#M-oAWJy4n`{8VU7j8PO zyp2x4vj@0lO^S9@;C{{dyB z8FN*7Ki5x#Wm3Q;{NJFzSB?L@yEAx_|2@dFrVgn|Mm8cAlZ}Y;i##EnMe4y0=~#NT zjyyg(oo<)(fk#|}3+*#VS5%6xj2|GT8-DDxaelor&(}c_zSW4j_m`q6?;jtj(?wV% z!!c12)KsS%89#*ts5*4x8u@P(xJpIjA!@a!V@o#uQgIp2Hpw&gITRSwQMFluXoLO3 z6oH|YASq4@la=V;H&z<4F;7joaxx1Krf%uj z>>rQ4UZ0-(eQr(v6OrgM;EwdazgNruu)DMKWdHLZ&$poeH__{_*%z=@dhY#91?iOa z{=J&UAH!Qhi(?u_r1N2_Gn|?f5CLZbI-Alu@#(QjEN4;z zDH5Bc+-EG1)VWh8oD2Sb?D=19|9evw&B95{Q+A6!mhJ!D?cHkr|GmB4r~UsB&l)+V zS;kV#Y=TpaLWNNtMv(j}q5cJ(K#F%vkR~w6iXdXjqKL@-jdGnZo@|noMKlX98QASw z?`a%3Yb0h9%v`pSK-eRlA^i_s57YPY7-~w8NWvg73-cWB?djQR##07)jb}3+lfN9C zk|0cl<4wY>2md1YjyL*e+Jk@fi|M2%|It6iW!x(o8c|yJ9;+^3C( z1nN3fn=aJF6oZ0gg5*g#{U4Q(X|(VM^p0Y?#HC##RF6Fa-m>bwOg4c~K4$RpmOB zZ50n5*(VzrkNaBkWTp#wmIJ^j7_H;FI^KLV|hJKI1aIrQy7wYtJK}{_qh%he7wvIvwVQi znNyIB&|{v;o=MK@@kq|Qj`P7zP9F!F?xalZ>7XEa)DXR~+_q}ze6%*2%Cwoydkd-J z!WvzocnQyO*4D^xMdDFz zP!LpU5s={X)~o8dP7{9);<|HrWew#eQXo2#lwC^BFq)f!S(>wR&-s7<=l?oy$n)pF z@Qe+gKX=}cqtfM3YQw_OBPFv z$_{2U&S@0Qi61cgMK%E+Q zp<+}w((7s-L8bXNLY~%{kbuqPat>HV!>BYhMr&KlxtScJb~cGa3-8pJU6JNdA`6@( z(Y##XG^24q(?H-caiDsJHH)WO!9Hb}iW}0lzzpfa@?3;0FD#QJQ=Mq_OzN2J8gp!i zshLd7HVFV&2{_l}FRiU`zLI0z0r^VaGU2BoW(faE4nNab5;5}C`AS^*5cR)X{sjfj z4aad#zCr@*B2!s8Z@Id^vVgR`V{m0r+lJY(?WAMdwr$(ClTL>nJ16Yewr$(C(Xn|Z z@B7U+HB(dbbE@{w^JDK*yK1ks?(4bk-|GL+oLuS=WXGy>``99!`yfeXVvlR{2XAH4 z-Ncn~YSNI+%%|05`ZZ}fmooNfD@r&aC`pOe*Zpqqeuk+{c$WpT5DK9dAa@ava4`Myfk`p|3&zmuuZjJupKSqGUqe#`SWKK*&u&<@HU+m ztu7|VmLaBrCY^wuVvULB%4Y5!!JeW6jua#}HU**4K}M@-dBLBYNC0>$Ft zS_`OKPufhGA^U?38$~$84vpc=U8V|sTSGAc4T88RBQ6~NufkGRp&M||xB_d*zWa|~ z7qu|S4850rqN7t0jSKUowe=4s+{C)nIFfSAyY291s46E<489h!GodDKd;6g}Ab2zSXC@rCYX-zOT;VK}!XlRd~$9jbHM zH_&v2T9M`Gs@Drz*+E9$1y^LbF|ZI4HO3$bEjF}H@G)cF)X)WXY)NoAl*EZio)AV86ESpt7 z%hM-a;u)p+8j*>kH)`MI1JsyX*Nxcfx(QGQNuV`pDbB7zQ;%9zP*-INso{CEltB2; zMCV%H&n^%v?N*ryxQ7aq&1H)<_9(`aS#WbZ2{-~%YD#ydLr=9T2k?=JCt6TI+Zxmz z4M>M+m;=b`zj(}v9_mH`$AcQjqB^5$-|0ZE#<4m^BJ3M%O*JAR3+RS0zkg)#4}Mj$ zX{Ww&ob}BFjT-dOBl&zk?frd8^xb?81KsoBQ1{BgmSk7gKWUqQBk(^m-e50k!Up`F zAyZ>IyI_~iUVAYxP*q0QMbG4jaLoh0{#W zufI7=i2Oo$^Mgl&yk&-p4-1yY!FXZ#jQ-iMPj_tg!)BDns%P{*Y=jl4>YeVTC1D|B zNN*956b6k3IX9?~pU_8u669T)YGH+Eu*F^TC9T_!N-<(6+7A9DgSE_4`NTdhsTYO4 zTUl(pRE({f=vi_)l3ZPfb~pnK;w;kfNm=1!gF3Wu=*S2A-HzdNp9D&;_6$eU9FNl6 z>P3Fh)HHMSuIpSvB|X`Q=*re(d_hIKry0_Yib&OU4SzfL@f!C@_)f0mz?lkdbg#Ay z2G%HVHirz@9B*ow--lIgLy3jssMjSL>8GyoNWwvZhI8^+i`vcaGjE`yUKXwE+q8EZpC{CZxU-iMg{&*2;p5;2@zWy4a_x5?b(K84q8U4Bc2>v-l4!3h* zl#2bhgeWzRd^Eci-!{e5^o5#Hc^7ngzQ7L{b||t^e6;-gc^y?{^Y#1{RrQtlxg*NA zYg3uO#TER*R)CUYRpmVDqe^5iIuByGKTMMA(6JcXb>V1`7|6ML|K^a>Ndo405%S^M zRY!v*3hL}$Sz{wTJ_EoE+;l0$NSZpLdp7(p{Q_BPU0wRn$nbWxEJsX>IKd`8In&K~ z^QNFgwHZpq2>~~fYqqC_dcoM_oD@J4`Hx8JNx`k&yFXOw%vbHhV4di4YxdM@=+hD3 zhttqB>KSO{^FHKZ4n%_VQGDt_x~s&YXI5bTS+nG8LByp4|DJG(KO^5u-=72aaBe4AD3?;8j{(9EeY*Y@hD5OM zVJ(|IMrGjB+P3?)SnCIQ42jIR(W_BiU0qpy+Y_mOs!|zS-ns>gljbi4KAl%~e3&f+ z5r2sr+FnCmb@WvqELO74{*;_srBj*P_-0!IG|pi)gDc3usZ;xBBVa4p$+8sKZ7hqb z8=h`5dm4@_`B9&*E4KoHP_2Ydh(GiNPWgZQ`UtUFG@@x#W z;5KUEzl*E;mfd7joVahA-wb++#O?d`+l6^N7x*-O5oHIB&pK4p4&RmN)vmgxV@}8a z{s8yIP~|1V-(`Ztx0JU`4InNb4PPHMk%IiJ+M<6H#;4+umHuaLB9xR%1vI)WSaiFJ~ zIMuK5!*0e}#>XZy7HC(+5eGd#JqPEX2IR7#NMgUt9#NL1yEij)*S zzR>B>)3&VDt(BY$OcIZXa%%N76+2)@VOxDL=a-H27VeM|+yvzR02fWGS?Kx3(AbT| z7-6Im7JNdaiB5VAO`@P0Qf$ds(e}yuX^_Ob)M$TK2i5&CV2kCt2cieP(S;k`HYFoT zb#!e!nU2pez|HQ?^nXab@Q~c3g>E_ zk#ynPp0hYoTmI{~6$7PT8%k8eIZWqzEtXa}SJW#AyR;GV(1LeDCbWjPvA795Tj{un z*2>iSGTm(TykCVo_VF7h(iV6rPdwQT^KImuqBLy8i$EQfJ>QdXKk zGJn{sKDMHkkuQ`54D7t4LuLS0yUlT}?Fe&p`Sz+Or(%4mm5kx$H^&e!F7D|U7YbWG z6jrODr0=Vm2yt3qvJRq&3bmprO{hKn{AZ!E>S^u)2_pu5GkW~ZgxyA#3!As;P>*1$93ww*a46sFDoFcX5-NM1{VQq%=zUS2bKgQoj}X!HLB5vWR_9j?7G zWi;Zy?J}_{>C;=v49BF%el*CC+fTiCT%n2czZI}8T`b6W`5bO^l<6d`HZ<3pp(rBr zb6kjFKWzP)x;4~E>vz-`7A^d>vN6$$7gflk(4?c$zX^o(G5A#uIl*VbcfgpeL>8IyyWhsyvv^Ps$JE>O9OS`_D#wy~g zq(?mp*xa?{9|?RSnn{0hbth7&*>BiL{KWW^>`UHmopB%mZd|Nd={=Sa=D9ljvM@511lDPInKz|oz2s4=%zLrJUZ8;z_4e`c34vsgv6ba zLvb2F7}qr;H^g}hn}pdpI`(k0?GHJIR6T`}wTNNaKSOCkAySiR=;2k%uJA0A9dwA* zN8{xEhzNRA6DG`s%^`yF<}M9JADgNStRHq7RA8+!3FJAPm}@{2FwHz@5}TC8K)-TD z*DExGYLN@U5gY>esy4sjfzfvD?Z^;yXDE@H#X`t-qpl2xmNTYO^+6WQy&B7H4)e#4 zv%f9p)O(Le{qMqF`}2ff$Zoh`3#oSm?zG}IWj}I-mf3hz4CFAz|NIJC#;~xYDkbm@ zMfenMg?ttyerXD& z%Dg@xuhN`&=|E^Bw52*mRLJyaSb%P(Z5K~lwAJp(uw4?*t^klmLdb~Zx%2?_Cn>FZ zFkG~4vBW)60EKN342J?1p}HRFHiOkM2?d$Gso3J+k#8rGOEcD|47d0TK zVJ34PAN%Hq30VPR9Kv*7866GzbK=rlm(JFs2uG{qD8r~-?V6#LfqgOBe)FoL$q6ia zBfQQz7GShQvO0iZh?Y)P4qSd?`sV2%UFv*zH zGEB}bi%y;s_mI=m14AS;GBR+fvt%Etfsp!|x6R&OriROF@=Y7ePA=der@gZ|u6U$jkqNmGusJdBfig0CW z*kofG6ipe|PUAhOu&VV`xw0Ol%oV)&yclDQ z$&Kw%zN9(6RjL6db?y)yVRJV;1e&1^Ftc^KVlFsz$-Uw!;;A?*R~wcP;%1H&k)W@c zdJaKKG-5?y90-@U%W5<4H+nd@+nT!-ZkxTG+t?RRA9>&B>{FxAkzNZk`xNWmiaWVb z&q-f@=0#Ps57GFmzjOi^#}MUda<(}(Gt{W~Qcs+dvDjktp!uCZDGkm^hg-HVIXv;M zXBLp*{u?e7V?A|@yn%@T&@JsOSdbHD=IH6^vqEe}7jLqq>PlVESL4hkxcBoPl5(Kd zB(KB)i+9utv(a7GR7pBqY9%WM&{n@^7G(Sot`^UtZ{|FiW4&bU0ULFX?I?mie*-IU zd^TK-7b7dXo3`Hv#$J(@F#*BlNurhgX;DJQqs&KU@6GU{?f%mdB4?NUiIBI$hj;12 zU-wVRhau7(-}Gl3MMQk3yKL1jBBr$;_3SB}vGk)VgiRoM@}1o^gZsM}dQ%gEWcWoi zY`^DXlq~UZIGA7%geRq>8@}vOU(x<3E)}vX-?g!m__M(SL{d12t%TBGY>UhP@9BOY zLW$j*RZPj;w>~`ubM?{!YbQ>Yya!;jL2e`~@t3|f#V$nyVuhnX2f9k%38q$F6XX@V zu2(m%?ePn}nB?6yP2PW)raYHw3&+3h^)eY>aZ!4 z%xZwv&TQ=Qv9{^^GY`=jqF(8(Y=u$rsIJ`63=r^cK8xByro}2b6GP{38+0E5LhrB4 zaHs{GI-KE^l5FwC7zl1~3A{e~126x5znoht?+CILs7DJ|1{~!A9c<7lYgaXtgzZs6 zDeeKrp5&jt`X`g_z~&J{YAmU}b{3QLXGbTqKsQk9Wow(-prugd4Zjfe8`r)~DSth- z<&@?L&0O_~mCwC$r!&;*R%o= z(rCo$C{I|42ur2Kx{oPXI7oT?5nH($$UkqmOmkTA7>TCdLPjVvEsGLoeuFDx;XJ&5 z(qvyrAA$^k_6_>9DU10Yvu`D1Y!S)PBNHR?PFoMybPjpY0@St5?FCajjsnZHZ;O zzcUI&WBU?5*InK+Q$4~gwjr=OOU36MpPF>O-7L(ZYPoY5I?V$Fn|6qz9 zZ2%J&2*bf)uD@$I`=BoCq6w~j8M@oX zOcD0qYrX7*2CjQ|>p;rio3C|QvU(_8M@B}5$A@E|CN{KqaannX7#LfAbz+J3?mzuv z3=N>4+8RQx9WPi*y04o#b$s1S0P0ec4zheXdY*`f05`nrJ`ewsh!))VuYXin%(?rM zy%W$irOevRo0NtK!@^7V)Gev`v^*QJEp2dgNtn(2-M64Q|n;;8NZkza80h zVKh!maD84!ihTR-O5RY5G&D`BXyGN-98An1IB2xB%8Zy0hS;1HyoY@W5XQp5*f9E9 z!A9B#n#=POR*nIjk5j&Uc_oZhAYO z5PiHnDX&%~|I7*XfsxyK1wa5F(Ha7_l`L(RGdGz2HdaU4B%veZ_iKG8KdqQD7~z|z z0BDMf7I-0KIo@xo{Yt7gTP&xGe-$z53p@ul;PEjeqnLwR9UB3d`24KgHla1rC8o{> z%rm2*dVG>WZv8I+i9C!cnZ0IN2c3Zh{PG)01llchZ6ip-h%vL+E(H9hiyr`&^i7*8 z-_9=(lkk-V-ckYs(Q$?Pgj*oB*QP*vbqGJNNG#5T?V3bHlXc%HAb{z4VC{op(@n=4 zFDt+rW7z`Y;+6^>CyMxX?406&)>VMxhx@Xm zxctMfItNm=FhKUDN7%mx7wF^Z_$>YP{JquSDWt$z3)hn4Aem;o3wFaSgW@eTJzL_r zdpUJ$*Pn+Xa7JKgoFURzrtW6(3rKT#saqI+eH`aAgc5(zAU)qUj4bZ-|6QnnWtkoPx;M`mi6E;AN$ex7#&|)dy#2_ zKi|_Y-(OeHZTz2#V)-)x9dp1h1A5@VRn+&9+sq%nouIEBv6>zW!(N@Uwr5t1Le=H> zXB%99ct;reSZnNr>9DeCCmR(Z@JyIfI~hjiTcawRdjH>M;2oi}=W+ofB_lL-nbI(Y zQg#5BoH`+u6NSG{3@`6>C;mg9*YetIaFoo7Yg6x9%|Oo=JP+9{VMHN$A?8-6eBKX!Uv5+ob+iR@XVda2jN7!2qunHM zW163is22P$Sbd(IbAk&59~Fjjl>D!8U(^f-26MCFZ-D*4nA-bIG|hhXAwa zUe2Lk8bu8WF#$f7=<+5g^=`?snnw*21ICM$OQ$;FJYp&$`xje1#b$(CBt$X^#hgEaT~Kgr6+-Dx&x z2>9w11vvCBaKi#yPKx;+w`?pv{-B}4ijej-Z8nU8Sd+zjRKn5*vbB#fpDP|!u5x#~ zD~Kdo&AMjp5Pg@N-`?T8!_(q)!^8rZ3V3!%$gYl*2Wyzn$fL;HFhobl{SUY!v`wKA zengy4hA)y$B+G4wpGB|NBW1bi1tNBn;7w+DgyJFv z5+c035x!*p#LSh0giKHTlRsIR0*Gu|(tp<%goW=)iGP{4*)Pq%TG_KDTeD_7W2y{= zu(yldqGlgdRwe924i;<<1CM$));~Q*xTmbr$7YQ6-aDlQ2<`(;X%VSh3P4~<=#jC+9<{;lWxOGB~?;dN<+cEgO?N@ga_yQ_i%cRwu+k!fm_y_4(# zCo@ar)P`)0Co{w_7`eWgEX?ftRkb45C}piwPefT6`zYiSSVuVE-t> zk9v6k(WF2egjqo*i>Uo!vslLLwlQI^tR)rj6TZL>iM&ueGRB)A>EexckI4Ql-5NM@AdNUIu&lHK!Oa%F zw>xx3{7N;=lTr-e9uGt=q(j8E`knmU7;?eP?Z{lk6E;CR0UhJT7YK)+Y1gY|FXJ#_ z2@r-48H(G-4UTNhT%--3aO52GT(0=t`X zq`zGP^Aqm3-llL=h`Bx4QCO*j#dXfzdXwp~v=wZ=54$;ag9pj9I3O-xNv@(EU9)=3 z>F3+8WG_HdzeC{Zi8AK+Kp`?5H63i*wF!Y0rlfC+7+5cpEGTM-z$8axV-Mgyb;F0T z;y`Kd^-wEvbA}_%)MeGiA}nqS#(0tr?;gs~kXDn&NvZUNtGoMYu&AbC%^P{4;ff`% za)tKC66P6fqsS|GaB%I zryVA79rjPiFkeO~Y5#akC5*YAsi~C*pt0eCDBi*-Dt+&!Mw&OqfGoof%XNYE z)I*hD3Vv=?$>`*XFBo^~65$Ys0!Pc%3L|o?q1c?VG_lzFBt_H_=Sl-nUEYFwG?k1% zCmea$e)W?=s2p3*o+(|+Fb>)TCAb13@xe22!bOi7#*Ta*Jv2+9G$8vS&ua7Y!5vD2 z;~#ch=Kfr1J-KRy6WWms4uX;aQijlkrrHges2kn#9%6X>(FSzj=2|&t4T@7 ze-;b!o0gfhs|oErF}+ziH4?rO?R|NqG=y)6re+utPT*y3wxGC3KsGh1WvkH=y#19_ zg(mF49ffiao%1aztdlZc4ZXX_0FTE0#&}zsu$;q~OOS9;C&=$|qMGcE{$n%xn?MiU z&YNNIBjjZOpvZM>L9&;6ee!}CiKZWHQ2fUTSj-vtSo4;6i+w+yie=jSZvi}Jf3R3 zw61II98$IkJpzHZMjvmwm!!!%9t|A~(c1M-+-YvNUONRXtNyRqcN;?#T@leW2%M)d z$IWP%wtf6pCsg3{|2hETs}6fzd7`3A(r-o;`G$swaN3zDrd z;(fLMj0*q?2m(fR3EfB1N~hM_B-s*b<>4SjsP(1g`0OBx9D~7&;t|v1O92O4jNcGTX<;ps5}b-VexE zV?wpkQ%DaCi9p4L9~SX%II=^oaa_~XrXfr6#!4PY9-QK)`kAn5BmqyLi%dhm>R(8% z>tZUp|CDTf&7j`S2T^zxNwDf+n)MjbaK-;< zE|zh_IyoWcImqyxC>-cO&zog0S3ACr*>Sx7@Yh^FjnT5)G#iWxuHaR;Fq0u`j=Ytp z6n@ZIqm0sr=?JgsO}hYxnyViFnFORCN6IK(MX5@IR@-$2FPq06lFH9LNQ{Bn*mz$_*_+2VA8iZQY3mlYD_N@ov$_#*|a}Hw`T7+ za^a7(y#5T_4FA%doRNRik^@5N@^1L3zx8yrJcN>7Wo^)+oYiZhD#F>k%-?Tt+5AMe>rOKDGy-cUd;T`3!@>SAbX)JHHuMo=-YBaj(pOpKFp8o*i zqV)${k=@x$-c>w+%{TIxP%|dipYV$TD40(k9?kgQiVF%Q&iLcH;=X13B-j#E8pmC( zWG3&G*u+BOFy!AT7@!56(wkLPIPzq;H)`~;qmbD2V;!NoopfSUL`{#ccHpUkn-BUW z7Fj008pP5t7k;#?5X~+lA7@{^w2i*l?U*n!34Gy7dy~yrzf`lbYWVcFqRQfO8k^N_ z1qHKb)3^xCL$7}eA1=b_zJ7|R=ITJOavVM5as?k+2U9-QTB1lQ>Z9{JpYie>j!b;X zYN^M!3GLTN_3*|ANLd)|+9ULKYM*ko>d^GZn}&PKsZ84!RX8n6jStIWL%z=_g=a== zM}6xKLV+P`{L(pnc_<1ccA5kI?@_0!&2nh^S;!R-Q#V_@)b> z<-Hew&HjUrEum{@@qqI9%rF`(2|^hAGE^Mf%TXMg`|??Zlyaaog4-m2VuRYmBIrUT z$eQ!N!#>W?4<~3fv+UBVbpwQfT;%1ORR3vcE0@;vIF@hFK19Y7C}grd{PBe5{XSuB zObIPvM&n=BOi}Jg8^6ONOgD=?XD5+MO4p@UN4`R2w%EII*W88wLQk}V*U&v|Vx-H{ z3X=L!UUKzTylQs^QFl|@O?h|A^#M=lZBor_t3frvwF_HRC?&M8cCHp#M}+CyrW_Rz z8>vTKmhZ5l=(0+~`sg!k;e?LR?Dw0npBG)aTEpN3n@H!oYZ6fz9Tia!<`viZNCxKb ziy?O+LZv@9Z(?muR@c|ev_G_fsilboWyvD$rvV1UuvpCpb zue}qM6GWVLTPA<`@6-&k9)yUp5Q-N>!>A?R_s>e0VmTeVJAWO4VE7}+m+VhvTrl8F zMbLq(oyFaAIuhw`;`W(wm8Sm;OMGTiE+0#38!8sR4Bpgmxk#;Y&&3Hjkq_CC?-#JV zn@6R_sRz(Da3wPFfXhoAmhJZ<(S2;mMM1vcDMS;5bnQ=tvVO!aC1jQ%-0w{)-ZkjW z!tkO^o;VXtvt-Yef`m@xw+VJ$xm61~%m}z=?9O+|dYt?5ApTjo=z2WjPbqej7x!WZ zb$KTj(ezVYBtaV9;osws#{k|E=>ssY^O3TRVg=f3F|>%&pD2r;GzbnKsrV=GRB zPfSbPM@L{#JVCnt>iAl8`#)rw&jxoc8lv8a$0YWt&xkpI;% zZiGJ>+5n%0Df!!on^)*^K?f%O;;ISR%~1Ti1~OL>W55~!F5+uDY(I-YGSW^vu+)>d4X-Rb6jt??iGHEGA-S?kqSW+3CX0npXAGwv_=>hYfBC;AR`FbxBMri;LNeJmdL_*OhJPoGueshp3*W%x(PO9w=T6ND8^1IZ|Mcj+WFNeA#lBaGAOXPfTM9~4atHks6!%z{j3{7WkMrD8o2?h zK?RNHNa!gdElBg8f#bhkCY@Vx0TVyWz&}kF#Sf7WR;aL-3d-P>17glaa)kEo$~3!8 z9Liy1qez&|6|zk&A5_eH4sF1h|Fu(b!N<(4|8kr; zTZjkC|7n@4ykS{>2K_7;Zg8T3aLUy9v;#2zvr$P@g8g^ex%>ASzvqK4{u9XLp%pUr zMmIb>F?kd$2bI-L+u0}yDdsKh<9hR!n!yK3Ngz@8Ug_t5KltyCDJ-7D`ozHQ=zt&*^Pr z=T2_|W>C{v=Dpc(AbA~nRAD;p$l-6l&@Ijttt96;YJQgIF};G+y6K&Sgrr;OD=@dg zTZ*csg`gzr-Cq3Noc&5dfHA_y?B6>PgJ7X5i&DdeRj=-qnP3i=%+*B?Wk1YQ-ej!T z@5(oqF39|(aSW?dd}`jCaq@trftz>co%-W~*oc&OB}&liN^*jl#bpiX72-Rof!7VY z`}3?xDnXI4{s-?;u93r#eqB}xKVG`fc2l2X|MPuLUcKo2|dXSwNN{B)0})Jdf) zT>2el5fLdVjfmlzW+i;P!o9QarJOd~{UCbVpvzOz(7_WEn4AhXV$wh|Z@Q@kDt{u+ zp@b><0h0cqZW)%0ReIZRy)o#9_|}Zfvx(tC#R*Re!D#VPr>Ccw2&;SS=*PUD?p2Y= zrL_Rrk!dQkzkO_!$(5;A;}d^m2gyb|_x4No^PL+h3T9X)b#VoucB(n{bJ^pf*Sn7gL$-aT8YURQ?$1!!pS-4_X)1~p=08t?S{ zO>pW+iY_oZXx;!uhZxI?SvER*$$xr1+sz94bApaumyMXi%D=94uvG?E9XkE4nlVBy z-uGD_>lnS^vURtC-xeaNHY^LjLCdjE|CTFYT}RhFI`CCE`#eHLY9=PCrNZT^D&Y@F zt2CR&_&O=EONs+-4l6ASi}?M}A75Q^T5d5*1huX^59c8X)oI3fii)%*oiz=Y_8*UB z1};RLs;>vg0p@218p!qrh7+^eyAB>I!TtURE1#0#xeGgMpoy@|JD- zbty3QWP8za+ma9isH2y9p7Lc^WG)IIoVkI66Z9^h4LHNs)qSBr#@{K z?AUz;UFlaSPCaspSJO=d&E?Am9b@NvOXvTUYGQg*)9yR*wVo)fVu!i)ysw72A&m!Z zmt^bs8FaNF2DsGLpud~%W6?(bq4?&6&Lky20NTR?80D$XKYxbmdV7sSs@{vu(_Czo ztS)y|`RLIIhA_wEzZPpFuJ?BR?!^(2N>p;*7crC|2%`{481Nwrqeba+lmMN;69^BH z-u}1kK-W@syk+ysr=+-BXR5zIkb&W!bkh7RcvO&Z7v5IDgxLShOz~y3gG8+cTWq#t zG28=p*2_=*TUy>eOWwa{pfOYsZYSuJlYQao$DvD+3Q1^p37wUbri-pW^;%)Lo7 zTSk0mfgJ5MIp$A0j0W&D-(#g6&*;Dl;cQ07d_<t7}DYk7>Rm(E{e(+{m* zQN3v9wfR&E$>XW#75Q)jTIdQ-+xOGOmlggW7aP;Xf201hPUAo$2tWh2!@`DMelIa_ zWJ6#wm81NWU27a4QVfr24R4bipA#vIlyCt^<-C zJ?@%JOKik+4|HJ>OB}8ZXq1nuF}XYGZqMlZ{j#k5%G*p;?VVR-H`Ak}_2#q6EZR48 z+2$#}fX&Z6Dh~=ROh(r2NDOU2`%4E$^&`PQU6jBbC~pU!Hl}U{xR^(4RGOW=$WAHm z2=tcmWk3kZS2?@Q*MpaSQ$Ih(^U~W*23@YBN5P;H$-04TAjYu2rQh+}B7VtlNG!bx zoHr=t)p++5-r!ZuohyV-NjmR#$faib_pbi7^{ubwmDl-@uM8RFrMm~*0XeNuOA3;W zEHawsBJZ+2!6-Lau8)5Uf+C}gr{;|<113Fc%Owadi7+B_>R=ETnZ^zz|Z4i5tz zs*_xiq_p-XaGm1sZ*REypuVs9Fmfr!Hx=M}b+Emk0?`B70)LFEA-vvbyZs8O2wMEF zPCgvjpwcMN+XBtsfLmRcoaQLc^vP~JeA#}PP4Y|H* zLHnm~Wcq%Z(iA7xFGYHe{<$YP!m|ye_dlM^^>uu;N1*No?|-w!dNFd8p>8_RxvvR_ z37=-A*_L+_ocJS*VnY*2idDw42|szQUEF>*GEDsUZMh^jg^`G;JcT$XhX%?#UWm;bD?M&#*MY>gp300(M5N$HxHy5*Y zpCp{CudEdhAc0<3>9R|CNV@m9<=#(>j-oTNep}Zmc$r%#^v0F`XD%)5R`ucGje8bi zL~m9h6y(*MD)M=e%2?~BJ1zxK#mVT_DUP?DLr||5_esZVVAj}ZqoapUo~#R%BJxN} z6J_m4!7y-#IXfPI6<&wdciqFwhD!@CY9yWf8YxVaUFjL?%`i7&j8;T9s854&&b(6| zi__gB1pb59k)u72Wo$TD<$Ej#@&?2dA$Eugt(l_gxC--;ixTkQetJnM7H5u zA%;1PJ;QqMyz*NX2ciEO@x1(er%<_(qO9+CfipWsauf#JDWkSXQ{wvJWrHln*hgjL zQ(f175XPfg;#=N#wi~1(c?KIU&@dTp{)cijl8WlulAa*y+n7L6Ic+#B_Ai8b#xX=N%W%x zjVeud^z0&1iVeq4c@*0uaA`BJD_ZDpk>eCVNA{`Xox9|cAY*zJ7n%#tLH2J-!qV%r z%a_3gU=`bTqheat{OR)e;bc5IHIl7S19Zkr&%jOPOk~Qom|y-rpF`J{-E%(vp>>c) zt-JYd<1xBLd`{zS@rR!%Z^f2~EO(wxiYPVcM?HoyRDq)bvPXpZMc%wuUwn?pDPGhn zwt#^zbpdVBZE)4R+$*5|2E43G>F=BlID$tvn@LN3fEb6;NSDfz3ebUdjrB~bqIoXa zH1AOT{!wGkP`U*%MxJMlZtU1`K<((NgV5%@T8M~Q1rQU!JEBld7dV2M^o8Z?Kn+|8 zt)|ruU}ysVR67uS@O(1h8~e{;pUvlo+3D+lFK-{wnUqdLV0v-3{pd?~48Omp1V5*j z4b-cN>a;HZ#6Q87=JGGXjnA#?E#QGi^wMYa8RQJ=dk$vz?pXI-#;Ruf($-5jWGcIo z21hG+tykvUsJz$iJl{coi8A}m!}m6dhHc*;M&`{|;MpChYX;ID{WZ};``m-2_$o+n z><#}06nnuNwY9Y?#msIaHd8zCF8K*L9_&AVn|p4Y`@O45G-~7#ZCwPG-~zpEeXgm2 z*8_a+zS8VNJ@m-U&mXX!lQ!jyHOTWnS9pKHlDhY-!D*zeYhzy<&NIG= z{}PHxv$G5O&t??^Tjn}NbZ%A*Cl;zM>QlfSqooLFQZ(xSLYD{J(A8b~aNO|eP`ni+ zJbbOE`rDCtWP{1|4o!6;L`T)3kzAmD;yd>U%y(;Bnr`4(N&auv&GCxBxWXCcO;23BaeDaUS+o1^c}NXOxt9NAN)jLb7r3P&y>K^ z63dX2l#iSUJ7299rZi8DIOF4&*jMi^s0Zu22h&D?OeMWp7-6N=4fkTUbi=N9J@$P<9p&Zt;-~*4>PBBo8G5;$b0*) zI4>zVYa{=ZBtMU&AeuP!?=frwuCDn-0za7)J63DhuSwq?fD`l2KFyqy#}Pcp^J(Vr z(+hN{6gY*EWXm+3=GK_8QbU|dV;%%Xri{uxAmf0sJWq`XK8+)mhA3dal=p2nSV-|WvmeR8m*{3FNPUG-= zFrl0JB;UmM(6fZeUwn%Hwc|L!JF=uJXnE+twrVy{b{F6@i(q7zBJ7SK#Z(AmDTz!L zm=@hH3gYQjpnnNW^;}B2Z?ukW~152HpQPqY&YkkxH*|eN?(me&$^y7#@7r48gOL zOOY8?qav2iawiw$*cdd4DshKn`^dN62q`qdz)b5`z<}+Slvy){R!2mk-~JsNW?CBAHD4oh!?*z5ZnRhp~L`++Y8Sv%2Ib z{t1@*Ke)T6Aj#r~ee9zh?AW$#+qP}nw(Xf6+xCvF9qriI9ot5y_xHZ}C#hT{sY+6n z-1c2}b$6X}p6B~~l1jX$@sB?~wvLC;xO0e=ZKU7(VS12H4;^4|6m@1sOzhzX|wlXwiONr69+? zq(i{TZssxKH_&tpB?ZO~qeJG6&kT?K8Ng9ok27QuHY4ursv9N46i77QRt46J7Ub?B zo5>h-K$66jg!|;RM=FgBtUn+V%CMNoH3x-Rq^WO2VVyzBwA}v+5`6Ro-u*#!)?Y5- zAN3eLBr@$h1ZhY{%(e6NZ@A`ibfvJyPS=W~lv7zE2`=cWas(4$|7hG-rI_%x)~e?{ zs+yZMhviFerQ0VnuTMdpz^I)L3hDs&9ppiX!=mV@4Nz#+99VP1Bwrx6=FN&e0s^TJZ>${&d~f?FwAmoAAy&fnw5SkWC|!I4p6 zn5We|py*6HXwZr}5Ao|6>AuOGEmp)en0s5_CgUTwCYbsjlDv?=>`D>wxJ+995o09E zS%PkBTjr`4Z9ZX)Cv;^#{yK1|tpjJ2+NgCv-N(&n`OY0_?_n_c#}xspnLx(c_KwXw zzyiEb4CSsK5yb1j$}SM`n{fduf}}NFCUU8E@JhL!)C0i5%wQb)OLKhXXv>< zWwk7S3nr-|#aSp>d7uJ>9Ma-kSxTC?H4gtqc}rNZC5Kz$1kd9=u{EMIn}RYy(uJ${ zNDswR6EN$)N{tXNZsQ!va0_o z)mCEik^Xf^?=ZcHJ=695v+g6u0vi9gLTL_?5d;5kd9Q~>ol8#E7MagUK-M_gbR>UO z`OW^^`1?VO1m-&1;j5WX;#R3G`=;(<1Nq?JCf=zMIysW591esnml*TtE=1LpfjZQJ zvBp0K(5honND1R~>1q0`i7EYknk!!N(I5xTN-m&R2+k2xAHDl{V{T}~orvMZ?LY8# zDqMci+^0Bq?i(wC7GZN=PmcMiK zh-fSbu6)uy_Q40&P)ilag3CErro9&P_rEW{!C)I?VF~;-f;1C;D0-N<{sCvKvi(Og zoa0;0e+OG2*EyVq2EBJeWlsdza-%t%tNPI}+R$+*0ItCMa$P*m$Ty#sJG@l}G5VG* zl$+V?WAI!S4LMK$J~!HU)^fqGz9Tu&M|ey5;kLKhteih7+O~PMsW#xhxy(RFVGt(< zZylX<`YnNm2<^5N=s>9cYZZ~E+)yNDoa=gdfjHUzWT(ZphHem!b3Ck4pjyCzbiHPz zv287kqV*VXsfAT=a?VAV@kw&};itFK{d0|BRy!F})=M>LQ>E zK6DkRXc%s8aU>i7-d?DkTrBKg>0~@iD3#@pejS^60KW##>si}5GG!!DVRZG>DWXaq zt%;hcn_#;Kl?*>(DP?H_{|tgYpnt-tc%8v9FHoUo+*kZGqQ|Nr>vvnv+tzh zx5hnGVS1)utNGnIj}nVdip-{&$|&WTqEB8C3(mgp6$QI}I1Y|2s>%ZbM_%aQ>g|0M zZAhuq`d*WG%Bb#<;|-7cR*`Y`Z?m+oa*dOGFgJgZ(P7D5uXeVMTSO-h_*z{af@MRTCb7Km}a1w`e?N6zsScmNaw7@iC$EjyF$Dq5&s*CfSGaR-EI z?*IbZyp`{PPo9Jy{m*w*;w2D0d(J-Ps6rCffjHqsQW3Q!4s!UG$X+vMEf z`(S7Wvj#5AvZ<ws^j zz8|o&>E8ut1Y94s3>u`AgovmW zOUfY6YyOOr?HNI*-nf=StGf0!e-6T~c4sRi3uY0a5Zhoj8Vv0nWau=rBtho>89i`Z z9gtUgW>8h#FBj^XO#8P7{^)mc?vr~j)O;&71mgJL)4{>P)a}sYInU>O!ChR4!7$fZ zLd2Jr&%M1{H^~>J%?dP6|eQ?(ElsI}56;D=cCDBtBYf+<;0}_NhBb3%} z*a$RL%C_#k@E%ri{S_u2#4e-SAzS9nO7D8jbxLx@5Z4U|2%pe4hjcO`>zV(-LsG!Y zp00gycOc&dX0rAM)AC}&Rmheng;4G-^^L&Q;8mX3^uTKU5& z;~Zr23Z-*Ydf>-W!!uf&1q}AR5z{0588A}HD)(o-BHRGEm3_*mkrJL0ndbKJYuHR& zIiRUhBSjXXR1sT1N8?ILblRY#`z<}pGz z1Qhd^SHHO$`>t>mAlY(*G7)?~sOgvJ?L!}zyzaeI_JRfqY<1<(XGE~cI0nLo0)Qdc|A zOLjtwtBCPsSVZE)iz6bovrlL%zYQ_Vkfzwd#ik-yx3Q2IzQ~~ouRY405}*GF%xT|~ z2cEYv?zO_rvEfHPk;Q?f2+g%5d7#PN^nH8jq@N4(VEl?&GNKjBX0yjlwqv*W2+pr% z1EtWOarxzDAIqd4PsK6C2PYe76i*emSma;-Stw^g64b6ZsnhsjB*p69SK4{cyZQdO z@YMh8jq%#zGz_QV{z5oL-V_S8!RQUQz_!m_APoqGD>tE-UZaaPiAcdvO#G@~Flo>XeRFPuZ%gLYMi1Plheji8X{0|dhs8D9Adn#$e8cnB5 z7k`zt29!%`iaveZ4!T<1K8DSpE4zh>*!xS&O9gOyo4y+eGRRd+Yn=}V7}C1;Di*}G zzI=2-g?}m*q#6ApLmWAt>+6AjV5JmP04G2c^dEAGVT!unHL8&Cnp;3(uswpKw5T?P z|Aw^_yJVA($rd>_F~U$00)~=wqchsiWJ$(O)y@q}zGHbBU39)rHO z)AA@jS|gopc*h4}PmI|=qYhP8m|gAdeDIU#dlkG%AN^Tc zC8&d!6G@Nqg(`pAo4&kwnDxFe5!ndqiMtcBb6mpBGoVCM!39UNcS1Sz;Vr(j9B30;Q@Y8`c~O+G=Jj}G`o}v z%DG7iJn~ya4Ii?NgIAxC<8H2qi-A$5N)GV}+E{5Oh<7FBDIbhHi=ogfCFWn?KS#{B zO0>opqO`m!eBD9}t<0)M2|pW1bFve27FpD!yBL~i4=3v`HQ=ts+-UKg=Ro3_IL8C| zp=C_HjRAB`GM|_f2DQE6LHI+P+hET3eGOwRuP2{SCANePu>+8-=0~m>lVb78qhU%J zMW^R5Ciuqr`A06}5}HM;=eTL_w6I5#B|@}$e-lCV0H8a926RUN9OzEJb#0XkwC|nq zCapiQPLpe4?2fJdf2EIj?4VK--7bq;`(shwZ&{rSt zxfZFa5R!}0d9LHvV$S@jQLMNEv7vf^*Xr(L97Wk!;H(T{*B z+QqpFddkHaG@h`+_}YHsT{w@>tX8C(5rT=_x=0qUf*9c-@3 zp!%@C%uUER*z6h5=OE`G2~2Ha7-^1>3>&@o4)Q2vxYhjT-?}d$v{gg&Ma@pUj>5(_yF(g$vtAg^`{@l8Vt9_ zA7_Enb^HfDze3SxaL`6No*S1yYKy`}OXF&7EYdt&_QDpZHNX?c+AdMHWV33VtVZam zqwkxpsc}$Y9ur+W#U7$^GePd}%I_Cm)zCe)#SQe#WoG)XI849G5wYdOxf0vBS<;6b z<~OfsS?nQ)8~7h>=WOs_H%*fU>P)*QLD#jLY^B_nF-=&Ig_+Ir3KmpJg#7E|(?nOi zA2)Ny^JqGBCVpqs{lY8h_(PRvE(3q%*L{91a0<`E&R5ueQ^>@?|?<>^BC^2p`2Hvod>HGJ4)ED(%U}v7aa{2<% z9tK$yepB~Pm3fXFi$PD6Z0ZVjotJJUve$eRnp<3undH#@9FzV+V5xdQv= znDlSeZu43|_3gXkv8!GriT%XI5```8sz&szZr=M?&onBs77QFqbJLWDQoRr*8-C%L zMj8RMmsr#@XZvy`R$rA|3% zpwX9^eBNxCV1&&&I-#3DY$UDzA2t$PTV2Z5mq>A;te&PFv~bu|tN>Er{);(n*uMPS zr}Q2#f)cEJzEUnhp(eYhYW<>b-6m3$%rDa2C3%!6Z?!7i;(ISxJCRA@{U2~dQFrIh zo1#Vi8tjKqQC9qwqFq6;KR#keqpV4X=Pbj6rfvL=zs&3Ee@3_I_90ZzJ~|Aa%ZNHS z?0XnCgxfl8S;Wn_wnC`JA|Z164SHo%v2eB1O9H)-*EVg?1n2kK#goF}_U!+7BX`3p zwe974U*dE|!y=VYu~WL1t!3`f2&4bTLvB?ymW68Mi-PDI>Hp)6=-$1t1EjOSbDCq! z9#-1}KUxAE%m6i=0cMDMGCJVHnmvFuLbm&U0errZz}+dRr^@--j5UQ1@(%up=MwTk zUC&6&qY23Fiy;$~d5wj>_MMmy9|~2UrtYPKtjTGD%J{?49eWFFyl=5H&*}{^Zvsom zrFvU{(Hgjc_t6<6zH_)Xb!FHJv^zzIvX>;YBVn@(ei z!$9=P*0e%syzSeHw4}d%bG_`6eT5qQ8IQ`C1xO4Qcy!`4m%^}W3gh_AJ7Fv#q$g1# zL$Oxwx_~Qf*x<|fvS&kLVs&_eVLx5}#PMX&hxm6eT%{EM2@b`jj>t)qmap>i+jsi# ziUg6G8HUHsVi)?P1P%q#+>1q@<%U))dhdYWLL-^?aV*MrKgG(~{9c_IVE5q5M1u#u ze`ZvTTPU-bf!|96jtL^H4}N{^`zJO@hS_V6v+n z=Roehm_158Djw$;rK81QEb&tf1eHy~RDJw50v~$=^(F&#d2iwa7oBAMBr~<8C=x~i z99U#d6E1yIo2l8OS5!?yxP92|b0lYG#%l?reE>Sx0g*v9aV@>ed4LTq)%*wrqx$Fk zH#Az;jJM3P_aXb^Re}#JiHUXi^#Ontg*Pz`Pt6g+y>@k#y1Z_~%)gq5eG@*~#yP)0dvegHb~Wb%gMyL3{`2PkbQ7^5u{(Wt0DV2@ z_%>EjcbrlXu-ZTfyr^ERYrWRe;dwU_KT40!Mk_P^QR5LP;Jv9Y(OeDw-B)pP7gK%) z2!`~()RO%=>6#yls?jBhKuJVUqIzMFY= za_@4B&gV;P-uaf+$?RPNm*O#gQ`lI+pvU-z$#;ExA7)f*PVZ`lzEzKi?kHz+*=1fy ze6fS+uMFW&ZK_o5{HP0fV4cuYtMg>QpsjwK4ez!YSUqXQyve80ur4y+YHJX4F?MuM z3u&FBe+4Cu-97%n*6}f5>dZLM%^D%l<<#f7-}Av$emsU?D=gW89x>!) zpb*mhX+CGuQI^ALmMlmx$m{vM`8?-@9=Pq)Mk2W&^naVGG0eme^#+2A96&Q9vp?_a zV`_4~1~ajpLK$UY0W$l&77C;l6>|MZt3sN*+eAe=D}Q0WA|$dlvvC`Uh7>*XY%f7} zb^+0lRUF08|DYl0A{e#LiN8vXD+<;NzQpct_`zJzsKHs{CjX6!NPOFL=g{5YF zSDC0k=c!&+zGM8FMx6*^8=s2K^AnS_7v?Emb_l;#7e(-|Bneuftk+ZPD2;bf|0z`y zTl-kW%hMx!m34uwKw?`{EPc@CfZQhCshyKRE0J2lX}94H(9%Vh=qL~s?go#np*Wn~ zs_*tys9AA;JR=~OoLV~f3C`YiR7YH0-lA1leS}#hQ1$g;Jvlq~l3X>4dU{((^%&C` zXb3FGU)+2JICV25e(7NYUSB3tBLLTvJE4GU0|Cx^z`6-~>VK&rocRS?k}sC~Fe@~K zDv#-_gn}=Nw~&{%-}rZ4_55y=#vw;Nk#A3ohOdeC=7pE_$Diwd%e8-?@8HwO{8KQK5aoCtn;IEAnL(ZQoha87fM+5GG5cP{71*o zS@X!}iHE?BGc+1~P&%kmg3B}hR~T6>T!0ORuJ8#vNoKCjiB7Pry5og?PlD8NOeJ~u z??=-NmQ=LA9>}t@Fg<;Nod%BZ*LO7X07P=)c#WK+HxzN8vAu#`USfyX)Qp0wPEt#S z9ar)LW7b=zR2T^fOIO~Wh}9#!X_vzd7d$&SamyX{Mts7&Brt<&;}6s8v) z1q#;-`_o!|NswRGjmtXkUbpZENRC6iN{Eag&8hb2r-8rNtbu6A-~7CPXh^tCN%2Oj zlbN{4kM4OO8Zzgm`(Os+A24*Zn%3iAQ)dy}b9@4LNz94ARUv}+o4DDCJK zr>}gbdFEGx2Z3#U8QA6N`B)5WKFG+)Fs}D5C2#G3izt*f5Ki<^y8bT@jYLL60 zHJhmk3Hr+y#dXL_U`pU@mQFR2^T9x>6}Ep4ew9gRmPPT1)jhd6NUs{EW!?@W_>u`o zprrDs-p8C-`CL%W6kt#o9PnpvaxwCy!1vV;<~0z%|0}{D z)HeP23sJ9GVflL3(d&b`m%NqhkMcB+V+GEiB_W}(s-)lRX@*2MMkUxDULPA+9`S|C zQvWtZAm}WKf~7_*ym6qBX->DQzR!{azBcXy<3Fzz#ra}qQ`j(9&rO%Vb_08M2LQYN zZ@`Df`z?bB-pWyU$?{Gf^Oa2blFUJd=6qbomLRtYAl4|t8f2-e$m4RCj;-fnlj{gm z;?uDwB0^jBkNk=vj-lj#;gYA?S)_bRkrx1M=cImy*+TN-C{qw1EzrC7hWP~aE^N|3O*L=Y*$(=~R8DqJn|0CgNMUT{*xu_`tRWuay&`vue zBdg;k;k~QlCZomKt~EiP_a@NRY3#q_lQ~Z54S1FD3CO4j#1#JXs!ZiY7<+uW%MTEN zw5ED9^mlEz?Hv0O^mc!_8`u1z>v15QdIs$5>>qs*@^O2u0iJKyt&FIAc8bQr7LIcu ziB=8!7k{{3ci@4X;Z)0Go{@|cqJ^8?*M0{;H3mWsB8Wo?KxT`gLJ_gg1XJGgz!_EulJh719yy@IMp3A!r>P03^z;7UpW>8{)xTc8)?Ub9r z5HnT_7uV>CuCKiAwTM2=I@h@(fIH4H@mz>>x+ zT|%H#*=ae(I>yM@ghKm{Kf#1n_y(seQJ`zh9w@kEibHIB#6hm)_qlq-$YheKoM|Hs z5nMTJyE|WydR${3s9s9 zMnkSHQGxh|*JxK-upYN!REK+wHdanNPP+;rMCbT7Y#+(?#}LSo{O|3v>tqECJ{@Mg zHq!-f<6h9A@!S-9@xB`v{?z#FS1AeoIbYk*MarTK-p)dP{0x#r+#*ip&5Vp$UfUAn z1&gK=#`G9jTQ}@el)htoyGBEqz4@gh0Px{>2f#7kQ|G2fNl;RH{}})2iVHrgZ=uoD z$3O{1UETwwJop028YQYW$shlEd2XSx0&p@vS`(XD-h>1*HA>fuWE?$WH}4Gm4L$dW zPX6qYnAtapw0B%2x9+pE+S~*Y`DRyeAfgcOO;>T*weB1d*uIP)!PtDhTGfEv2tb>K>gokwAxuDZ?6vS#Fd(H#+hBbshM% z`kr9#2uQ;)`PqBvKW?DOkQl~a{;(fz4axd%QRE=SnR<~ZBt6Yq;ypwZ=zt5 zDC4Q)PkXT(JNFm~(|Hx6L9$NN>qsIK-;awJ?gc8vBjY+3#oa&XktNYetWA=#^|}zq zC3mKJBT)TkQ3QGh50uFbR4dUg7FxlIJHf+7bj`RJ`lG&q%iK%+EY-}i*r@pj)bW@D zNZMs1oHfFN7#Pl>8kTiQJGp>W55#GC7U-phgdBI=l6Ov7w8W)hS4J#a-E357EvFFP z;)XLF<1|tf2{X-7alxIJ%2hyJ;Gb{IU}fVki0sl{W4QY*$jFeuL6J-<*z;yj#= zWD`Bkg=-u9V57eHrY2a55ZdGJnFuRQF?nbZ6-YQZgZ z25PXm7<@3^1TuUS36+*wEnd~>XR5(UTOgZYtfjCuuER=b;eRxK02n+nQZcdM zj7RB%f_Ox$X^hfWyw^alqgN>wPF8WyQFb_dGe${OffvieA2v1@-&bcjO(|i`PeW2O zmw=Fdp)c!rb9kv+Ui2)ZD52W${djnVj$9h(SrW@496%9;GVBy?SgTybMy|P)=1$CP z&Sr93HEZM5u!XoJdgJMjeU}QvtJwdFqjjDS%z||F(ki98x~IFd{3F3$`P)5E+eg3Y z!HK`O^xv2Wf^R39&6yF+HN%CHexeAg0|{sjFhz27axuSIi&|5OSNCc%F^t& z$mVhtsOUk5@X2fJd7&mRW2Gkf@|LA+nqWgxBtR`c7rrvh(bUCy^G{&& zb*^~h)8!-v%Rj-(%PhVMQEOU#w5UTV9EM?|nQO*7M?TfAkrpyC{N`6M>}!yVuJSJ! zRb&g#UKp*)RE}ygW3_k*n?DuWWNBv6n5At{A~N}mR8?>X9x7czLk7weSle{D zO8eox!G0xVp*HY!BFye9trrkH)_S}h**;TN9X6G0S<7UGGG11sB5AG8&#_3-+&?$0 z*gE_ANTSVA>NOPZcE2&!c$c9ywaKae@Zi};@mYv0_P(lU;B9O+9)Gz&OOz0iJ<>4F zJoxnuasJ@sLz*FSP&m6vSq80O++{E!c{s;K;{ zab0hIh2iX55O3t6+X2*o2$RjL;!Tb}2q$o^1qE|sVABmwl4@w$Y>J&*%06s$d{L==VcC^6^-b>14W? zEX^M#-Yt0D49eg}+s>d`y1>8S=qFa12qyWo_`1UKZMlQI%yXowG&Fs0sCRzN;Zoe) zTG|Czj#v{lnHSwe3jH}LJv)TEQ*LZHv-PxB`7HM`tr(4wD{p!%e;ld?8r&2C2hXY1 zO_5aGqkVpOS%X5(TM-2oQ{4KHQUNRl3K!kC9tgPOLZr%a)BM51%!u&Uq%K}D!4*!8 ze!5svx6d+fDwhI`=wti-_-0}|v$96&HjG0HRp(EQDh zJV-u7V@PkMC_RVw>3fB6suG7^LCw5T-PE|}f7J?6L3=RwBB)nW%P?OJd4HZE-e?m5 zJaPVIE8;tXV42(1a*9`T)i1jhzKOWEfr!_D>tk@mcZo?& z^8r&6OJt`G{gcSvoZVid?ysw0!4vqk4m%){QT^3q)nUTj2MTL}{cshRG?Ak3J!rzUXj#Bki`7p@ogyNUp&rtE{)P(z z7XfR1eQLh_*2W=ece0R9GpEU$6~i^mD3-53<~X^rddSE2KOZ*AZoN*X&_W_jZy)yd z_9m|e?~l8E=L)XjLyU&Fj}xIj)&rbw+(_~-pQidab}pWFF0OnHNO{1Aou$Swn9Uuh z%*s)9=F#irG$*lS82biagS|K~< z|Ev&d`Y=2n+}et-+aWV&91 zAB;Y)e8hrE*`ZTFEF^C1dwCUF^mQi?3+eSm^iNmiHN*eS}{O#j0|NdI9W6YK6Fxm3S8p@-@%We~N;KY&oDMiUSVNoZuaWHtzQ^;IMk>^RgW&4on3 zQI2bEG*S9bl|oE*OWGPIB1{-}!NgP?A7*nB z@TbK{N=asr=Z3Jc~^I2a`GSoV6ORm`%YdK5pK4I6GSyjn3`e2Gj1tDR6{~^cu zbj@IntlO=x2a7oB==#`w>8kdx3n7N0ENHEAFItb?$6`txI-=f` zK!rmz7e1}x#z|XEl_HfMaac9Vdkp>Mz9L((Y4J|ou&>HE(o0j&^>e^v~wP z1j1Zg^_K}wn>n6bkHnXo6ojKCP2ls6>6m0g_lVy%bg8k511_&+)pspajhhzYZjf_} z#9x=`{pVy`7y1<%o#1hmA`l(Ve6c_#ZO8yG-Zh`mXTMV~Ztz8#?BXra^HYD$N=0Wb zIz?nAP9>5uL6f%BMa;vm4BywNnF{iM(-xRn7IE*7l)rZwnxI#Y=29MtYF#p^C(IiB zud;yBH4J&Lt22xu?EkJTu*irz2ODKkjxuf?1^!Chi-t+E`wCXXRB0Cq_G=h6A3~<^ zZz`%Va`y|?B0A_i^ma6gHdPUPA{soDf8DIJ)l|=j(Eq9xK;B#mS2~}}ea4WITLdFx zG<62lLdIkwm5vGf&^1XWd}?%bYSRKzY8dy!F+9E9IOy@VtCZ97K`P1;o}kbOn}d&o zO*;Py6z%%#_ZBAyf;_Uf$i7!+!UK2+=drHp8-1ohqS6o3HFo| z*(et{BsFqG*J)aBmYD-X)3?|C?WaI3M0*vWN)h<}KUV^>|GN@E3c&ptM(`o{e6#-h zT91EXQP#(Uw=$9x#_zGH>0c4x6m4~PBH&m8{sbtO_xHj-bx^@9%1$aUv!~<81#T|x z;=qQc!~v^bB``0dX|+(4Y}H`A`7|sTXZeYSn}fO!ahwX?m1rO={!$xMrC=2*YxF*w z{^I2`dmKzz1V&Q%v7<@ucATAE%E(?UE9!<(lVT9SR{~@n71RxFQ4f>c4L&)JohyFT zVX(+t-~*Q)Hl5ODS;`skD2y_)@(KjW{PE|C`WX?0-lh$+vH~r-7uv zdknaK7~a{D2lTBHhdL?n?;zjN>gSuzOsb^`9#C8BnQ)5=10Jy1A8^-MYZ)oKItNIs zSwuXu&l|d*nj0)GppxI^p1d;j!L5tx{^k9()YU~>3y=Mf-OzWZ0zcJ9y>ueA5iSmK z@2Vla_Av$&ymHF3mqXz-ldYcz`!M)&34(%tdi?}zK91$XlcsbO`raXp zowOD(nJVc@eWTx8#{SbD$b_8!V?vN8s%2#M->rrS+Q6JL#$$Lu{lKcjfN8&b;Xu;e z2M-@IQ@n(^i<{0e@IT$+c}9bmPl?7U(w&M}$+Awzs{A)_>4^lAhfv^#X*xWOP{6Ir zmR&VXO8S3f{aVyFvBTL;>qttZU+;(@b^-V~7+ z+Y}Uv+kS?R)s@$x_{u5D2^v&x#CJ`2B4nrCGo5JZ*^t5W!ToCimNilbIDXx_g6@E> zB}D{M#RW0mRA5|MGPXWHY0tB=x8pu5Ht)S_!RKVI>=bIzQ2&SL#~Ibss%`=RncO%n z*MC_(YwWL>oZ6gE9X)pVxR$G;evSoq$d6SmT~F=7igC;Kn04h?s# zq+Z(zSTp$8sVaRn$bW__D3$jG{WM1Y5;8n3^f!=81ce?CN7c3HU_?zfMyd)>bMtvC zm%Ao+=d0@yPlQ5z34FeL z<#`s&H&;1bp>NBM9#8|XT+wQ9wiCtptOSR)|MNHwh7qYb=&tuge4bSE`$T-zBoE*0 zL=j4govzG3$-#7v2CASwl=)Hl{HAt zT$_^;b^=Qf1yefu*3B7)enL$dgC?I%bQ4%Z`~BqR6-$ab zzS5en%vYb4%~4n2`>5eJ*iyeP77U$dPd+nHuHc@NpE$M7%gi?K`o?)5ooKyUfS-1? z^!Az!LgyKdeUUYbWwH+k-f52vh12nqy5>o(yb)00{O*5z=KJ@&1q&$shi0pSCzGTK zGo$<~y-ZPTSLsFN;{5s0p zDWct86!a)kS=9wmiR2g6cGlhk}tVHn}qBf&(w|)(w=(T%S6}*c(01 z##=KFZ5W-_HDS8+u!3NV;AiyFA76s`{qID>Klpf+4ouY=^(|A`1KK(&Z=p2U*UV;6 zXgX78$4Gc(TEfR{#qB`7c0Ve2Qf=1W?k@jK78v%nt=c7V)3Dn#*3=w9hn~{GucuNf zW@I>$Zx3)19kREB|2g92+kG$Wi%RK&FU>E@NW z1w0j>E4HE`o;qQ>O=6Sk(!znS8Al=MxYm09)znTC=O7pv;sJ%ADgP_4Q{VGBSEKIy zY?+@gC9`Vv5sbZmx0;~7rc*Pw{v5TQALxWw{9azYO{gD4x_m67ysY)nf9dsAaQp)p z?(JfEb2a}s-ltT=`RcFmMf~dbechS{SjMW$J%M1#oonoP1-KCYDTt@ks_~Or)-(wG z*i#(GZEZk*@H%$A9Tg?OMcWl0DG7z|4-JxpQuoB)?J(g9RQ!`*Sb%E_#k*m+L$)yw z3`@Ftc+PGWz(A)q&+{O_+SxpFga*12EM#XJ{3QY>=j?B=R3TC^)r7PdFW^};Xn52V|PgfJNZLXgXLdrLA8^+|A9mAK+qu=K* z{d)G1Dk=O5cuOagulj}yaDE0&QT0lkEdIY6>5BkJUq#t7sX}TV`nN;7zC3RpKmpeQ z0v)k{28wEH0dOm_X6NeA!;Sk;HcV=Wyr=VG#R^d!QLuU`iidAx#TtSjAZYiA|Yx~?}1GpC4aohu33;6#h-ZmQVp%P1&px_#`Qp1`n z!5U~_A;`UF4f2uhh4uiDhlReSTlgEdU432KCPChVn}p8e6&=a3wC z4ZR6~>)8hVe&qauQ;Yqvg*P8mXg!Ie_Yc?kfyAL~XrB#zovSak-2g=c{JxLdbU|3h z-{W_m{T*>yCT?7z!_~mj~cVrW# z7~qblMmPX`O)%6bvWSci#-2_{y*$`ClOj$t2@9rdqM zHw(qfpZ@jjvAoNuUR3G;(mu*$3Kcep`xmj0qiSgkP!ne2;Yz^j`rSqu?gRy%3ibU7cQIEhH_MAy`5a2bp}IQ!W`y%aKG zi<-{F@oA|Twxg1>03obfGOmusL-lLo>;ADyKV`a54D_-xbqE-O7RSPzorG=UO1$TH z)5WCybXzc@3{K}E=O}hLV~~4_6NkrVDN0y^I;{E)=F^_W9gsh!3X|=?qhewClM*w2 zWF_^-y={Z1sY+9MdcX4#WRu6^f9F)%%gP?-war6Yw`e_N%8Zt=cg4BE?A~*5tTB?` zSlQeIOjdU{0i1KZ^j-#)1tq1o_Xxh8xe;=P)@#iCj8xIp6udBtLQkP=Fk%`LeF@KJ zmey;Ffe$DDVM4T`!VXO`45AvvOxjPl_yR6{cZ$sP^h=JMn}*vvPE*(nIa)96L5jfI z6*U4F8ok=AVh=fGhN5dvlB~&9=@MYa|88i}M@F{=)hlJFX zL?ykN7BSukR*pr*|5O_D_F+JoKqtL8K+ZPcMl7G$n&g8*W48iNlnb*+0Kw`4sg-OO zhoEf5ljLn9zF<;@2w2t3W$7V#lx}8KX40Mxbv5M#`Q@P%!3Jeb0vhi^6W6M|i9*O` z5aPBt9pphvT8<}i)-$spR`SHCKP4WcVL2kaf=iTOeaV%9X#p*kjD>D9ujtK3?b*Nb z&j<-#F#U+k{%3^Tu17(GAA*rD@l?S!4JRqYZ%Q%OC6^U zd7){Rk9pZoadW1cZp}h+wff~{N68)$kXH|AV=z{KQ-IA6<3l7TK$To#t<~mRmU*la zqH+lO4-vB52~EXVtVEKk&`OcQQ>;%q=8={&Db^}YGyt}@r4(rG816Zm;0|>W(~HJ3 zK`I8_Z_*%er;P#Yaj4&v|Hkwd*zkslhJ_t(I#Le;(k(_)^EYGhQ$6e=W{L9mff{Z` zDi8=^ik7Z|ES^pH)7V^mOOxd`IghO<16|ER8bbDwv7qbE`LS|#+O3kRjCRQ%@a7jL zYGY(zQ#_4m6kQbBuvMsOw{#j8wfs_=J1(m&kJV+{yn$cC9^!%IpSL^eUn-ce=o~nf z{__NQ+?JbTNk}mbAwyT_pE56^dlRJTM5(}>u~(rD^!VbBwB&~282y9jMHu7 zV&E+k?I1jlLG}#s+BnWxxmg38sfyR=X~_%K98dDG40m=Y(S$h4_nViL64=&r7~Hln zjrhGgn(t%#Y}}#$e2_w|ODcO>BpKnj(z5^dK~B&_z81}}Ne7VY)Y!r*``+3Q4`Sj4 z{3-I;qgtNrMw3*Ul!Mx9ukJwS_OzrZ5Aj>|v{odFJ)_uId;w~!^?9s{%BtVDr>Z8x z+fbbunqRpR4q6>#PpjCm<%@+HPzz4gS-n5bt&M#QV0^iv{qMvHdo7eT0| zWr9YOL0aM|E@?S@zFzjc{qfTB730fB0@~g2LXB(E^W01npiwPOM-ab0vJ4gm!NV!W zZvS&GlPxVrP<;5NNdKHSCPPtTwD<+OsKOffJ6c_bzcx)6wc}6t z$dBcHy}tp~p3v5^vVB&zvF*!IN}h^Om{sITj}-m6`Uvm;Q+IdS6<44oXc!3Y?pnb$ zcyM=jhv4q+1P$))?iyT!1a~Oh-QBI4+kJa_dfo1|=JWi7^X05lwfFPxQGD6i?$7HW zoChIz2ql2;sbd|5XP?(WQq<`aX!qw~c$G>?MK`9iAv=}g2hP|5CMW8)6fxUy1ZoN2 zD#X7wU46!fq#FhhW>>zDQB2_^sX{yP(CCpG)>30c*H&^0iKA7Fvgprd-e3`_-f zDn~47m(a-aWIMv~9gEEHKF%!?X)f0p`?y6&e9fnDuB?-B`V<=$wPA93=X6QDBd|m= zuB}jCRi8P8^4vJ?4|urL$H1%7?pw;i3S%i!8Y!EbiDv;Ny5C($tH(85<|~ebrPF~VU}%=`*h4L!s=3zX!$g_eGxMXsym5G4JSMTI$^gxw%`Or z>TTU;Y%?8TTteHXrp%4O4>Vf8(nio{l|xRv^r# z`3aF6^TUiunMmo-*GY|%0?Pu6&5CI!bl{+Pg;$5_XyQ4adE4$4@mt7@yU4Q_(pa?! zCjd_GxcjBeBGT7~Rx5rAG1Zm+a}L1Rx~BNGQ7A}z>F9?ljm>GoUzs8Am_$c&)k~SB z2^RU?2GjK+5p~6X6RQ^=_%$x=_p=L(nCJM%uXi%43#-Yy=+~1S1dn~qgJTz_a*=Y7 zXp7ct7~=&WRXH%eG|HJQqeiT)G_@@3;H$J@$w{*}=&%g!SZZIEeWOH0+j(ff>22E` zF$2oG(3(jrA4~0$30O4M zt>CPSD4idPeo$ajdg7tdLRtLUUrrvJveC;s1$43!_q36A`zcqjgo)0JZ8DN_AD@CB z$o+ltZ(kal8L!G=)(I8>tFA43^e^!s936b9DGEWh3)_<-`QQu3RNt&dsoc9F1|sgD zjbYgo6b2k&3WPpHsIwxh>Kyab){RVmpO54^Q31&*L8U>;U$pj*SzgRGg~);1=1uWs zRE`Gar6lc0r{CqRewC_~mCp68!mdv|^I=~c@^@J4#;B3Mg0d!74j2hQgp zpYIB$3;Z?Z{KZ=VD8QMmrov?s_jwv5Ii=`DYXnfIgWMD}t2gQO5oxP)+7t`}TCa>-Bbdu{(tF3gYJ{7?g>+MI5sBB}p3w zN$Pd_^Sxcm*(V&Z>Qhrl&|p^lkwF`fj&IxY3=VxQ!GZ^nkE^h3-i}_79VRXSllxfZ z5$Lj1B>-tM(5Z;_?;*ZFsdq{AOM2Ueu^cx-Woq^CW5c>-$vnPeE1)1F=bRDq`geCc zzCCY{!ct~Ae|Y@KJ%@o&pxRls>p8RDov^!{xadA)FJS#f7-nLFrt;7%YsQ_ArMErm zk{p%)k2Hm%Q8n4A%ZV1xXPP4Vb@8nW$$pp460|YMaOa=*>URk?z2CL*C2uHqR(SaH zSCp4k=QFRA!ynX;`^Fr7n%{)u1n}sAt z9>9HE2ESW#V}WD=ws*Y=mNCRUvoMZ=fFC+RS$b5%;RRWdq-S0wcX6)cJ#sofTI&ZY zh*lx1Phn4IiFeh$w>;imJL}}I??~lg0pvK4M%`l2&NuEVdKuEt!ZqdF$T=^*4Hu*D zLfGa8UR$*8{AkT|z&W}Sz}C(Z# zBG5sL!Ij9~2sRF6CzTjV;x^_Jg&FsnS^g5DoGC)H4uhy_w3wyC<)Q6BL=x_ECPQco zs{CL{2o&xv45YaI9%^&k8Y}sAMHA2co7AmLPFNm8(%??S_49pwgDJks)4#ju0svDMw0Z0o6VKSQ+vvUhurj35Jsu7a`bVF)bUrsIs4KjT zH~D#m>ieJ!&N}H>1eIp8Hx2V3nmkBm;OBujNLm5>R{2B@6xR;#s&DaXog`UiL`|{z z{zn#jSL0=$OZ!SXgS`XRdkSHqS8gRY?w5RKK6mXh}w2_0B030qllQ0t5{R zb#@PBYx>U}@_iEX>zEb#J&t5n#*yqMn+X*@Xq1CGkGFG6Di4yDp9>AM zJ~EbB4-GYXI-5E^1byX7a>ikL@q{p}d0Ylj^%;t3zFJ%dvbtUkATuh6Pn2GG0T{u{ z$b)RIlJ`8asd9mJ{n*xVqzJ5PsVM#{eN5H%!lG~Cm?~jD*Ef@mFLn&)pnYQDFL+Hx z;6Y5CLU)1jQq8$RhyM(tXuvu)AZe5BM8x#poj-0wp8STVayN_E`I1{;6-{pqS;Hvg zjeK~qzZ)F=I3ei6I&;GxCl~mU%W}IKR{o1MUZ!WbW*=UA8-#bpe$#V)etyaKY#98ZeWWxFqUu)h$){ z4l(A&)D8zvRXC+Ca07br)`PCH+0 zCwJwObr?*NmUtHaRroiJS7I9lfDX&1&3u8AnwV>~-9Sd)55W}qv-ZX~?}dq5V{b{B zZ-_1!pR~UsA$LJ~+sdgH#URb}XG@GBI@06$?G-KcxFKw`# z$1*>cUFvz<0<@)#TR#&2>bUE^%H>b8I!a9Z4re4}uT1);9&rdi7 zHrMI)%K3@;&AQa-3nO^qyowFkr=c>}T{>#|^OVrWGy{9WJ8ef#p66KYfnRs;IcGuQ zFE;>OKMc35@MF4GiFNIGXiP9nYTZI(;9u25-XkgtJwpy*q4y(Jt0T?^b4>$z7w4a1 zvnIh8Y>Ni&=cWb|ODKTH^s{UF4(M57o!-%u8!Z)8k+$MfeWJ=6*E8v&Sh zi7ce`?+H|~2g+L=CNkCztE6(tvrV=@%dc^2$w`BcGr@dTP+Rn|SgsIHkg9OT)M2NB zKgsr=T|EFl@S{ifjv6aQGBYMFGOOJ@@>I8wPZfppCbgTUW%D)uV2dKU@cV2TrXkP> z_#C+`T9r`8CvaDZ^!WekyZ=?EjO)5!78*2U<-L(Krmg3QVcp_GB(HI@9=ezuy0$iW z-mQWhGSr zy!WPa63|)h=@Q6_m}EIq{ zPO$MsmmG)6s#f@r;xHdZum6tsug?ERyie6~{D0y7KgnXfNEu!2p{GA83h52(xjrP4 zf|Z;e)HF=-BQcnj_)eReO)!a#C-_`#GxiA~cr5SL>If{^1Bx$JvdV%u89A4#z9dwS zw26q007ci`q}eNu+do0SAQo;|+RUG(XXERBFq?xJG0aHTRdc(LZ@8e=my7#rrKaiY z)6{*OXI`$P9!Vj|M(GBW<%95-hi_Uo3!C$7em%uk^GX&?%f?Z399GKl%=30oH^u%+PX1Du8ZS(=0nNOd$osU{%`8XmI$Ov$Mz2bqso4~xj z#y;{5Qle8V5V5Bs5PxJ1L?*I@Jc+oFrrgFXw<6kIQ&P%y|9&oNJF1rxdhX%4$Ke)A ze}UKu6?^*PTO9P@$;<~$N{AzGlfK?9s~Y-Gzn{s{l{$ajc!GXh_nYT-4_7OfR!ap_}N%h?BhHucsg7Sk8YreWk!7yM0avv4;cCx1E`V>yatY{b|_emz)dT zIZui@!&vEhmsOJA#r3ywwGM&Y&U41ET0roSuF}2B$P%-f*A{~}wK~DkQaa;&SN|aq z>;R16$e7Ard<~+)=1r`HkzARX$otr_!IfFJd-z7X=L7FnZoPI zsSaZg#U&M-8k~28oX1*!Y+f@7-$fg5^vY%~*3LNsP zR14RBR^t|n9VurBfH;k%v!?j+4*u1#$Nw8ea|AzfgUA{~v1qjq2-IbgB*^m;WWeX^lMExors9hrsL|7M=Fg_TX&alD!kAs6AGd(Ulm-T*|uO5?Ov(A z>arTnM^S^Eei=xPJV|L(s)5I`bd7J~ca;cpAK^>n>z6XIRbvb9Two~Rpy9NhbNp-J zbQdbuaY15T*?08dOl{%5< z4*{JjqXwAPAKEQ9gSUyVupk@WUhRF6itd}2T^N7vjXdA#ydj?4NG9T&rMxFb05Orx z6A>gYcUk-CQ#aP!vp2l^+sm3J&(h4t4dqM><#^2eK2Ryv9UWG4L;sQ-wXV2r6%t~> zl}*RV@0|5T#?P(>R2>UjFAZAtziBK1@%eFkcz~Qg-+%?6&&_a~JvI1YHl zi?F`!;(G}y2zqo5eQIPa!6-+s3 z9%(bhQ(f|71ozD>x;*NGrSQ0{jA43X9=`r1DoTnn82Ue zbtFfK2fG@1A=|aK=H~#H14@{WxKapK-j-T3qzW|f-%UNV#eBdh$Kw=8O#5|_qAb=! z)J%iiU|{awHWfaJ&e`Wi+j5@BN!1UXddVgAtdhgqDA$xW7@jKQXCU{<(~(QN9tRka z;}^!pSg@M11Oq((fGoQw<5IcXQw`T{RD8W;zzJ&8%3K?Tp1+d*APUb}{1dK}?1`kUI`s;APdeaRBRs{vrJ-VY zjQriXjBfg>Fp9JWS&?%o z?f2BTSL-Rz$$wFO&a?lZ`UXQF5?;Rlfb0KfvOn?v&t!iCL{*Dy@bNU78^U>E{P|zu zs<-YYs6*lL;eq4<d02rK0z3k&N6ah(ok~KOE{0;XZ0!3yqfWaHLh-5$&R4vn&78SzMR1?rB#4pVi+8 zrQJFbg96-!@g}?}<;~tHxN(CJmWLH}U`5yISzEoT6A{tZ)y!~6(|MPkJz#O{3RgGj zkPviuU2ri8Wn1|6XaU}H-{qOm!j;LT*GBUfjeAO*Q((>Ekx0X>O+@YfI3*`=V&g06 z+~*4og}ZprHBh{<_V~23ql=-&$gaj~o2lf40nqaGP1g7C{>%n9|HOB-)F}EDt3}JO zck7~D5XD*cJvSDreHe*>&I|Z9^mgrBzL_XZDi(ZFhA9LNLr-vQ&QZv&c{<1wQg1nY zJ<1M_I+po;`}+WX$+rMc440M{@1jJgSan2=^E4NIP5Xc==28=#cqSj=DU(7o{sg7P z+l`g2JE^jLc}5F`u;Sre@guqU=HlYp$rX#>MlJdmnc|&Ud_D2@;7d;eg0oa~54NUf z|N7I*b5Q1CHa0KQ{FKt{lV?~LkGx1pE!$aI4o;G&T4HvvCF!eB1|)#a#9+w#{x{p% zv4EG$^~p}LCB10hXA_x8R1?6g<3dQ>^YFRo!BSJBblbXQxVq{hmBB=?^1u1gt6(|nDwX^r$tY1tX`)U|V^X_4o z(Hlk8I`WxE)*WU0^}}>WE1rH{tPxSbX`!V(~x z;DTY+(~c2XqgG-6S1=~SzV&;d4Q@GIv7OaG^FW9sri2;{YtFbQA(JL5LJoCEFJeRG zf|BU)Tm3Z76N#$vfVeL8E-xPr++GBl+YPK-Z5E7*$%RSImk9jEpAwY9tP)^|dSDA* zR{?<-+A)RME2wU1)DS(VbnC|cT2fc0e1Yo8-^dcESZ1Dl&Tv*~OWwzlc z_)J3WmS%z-$!IFbUtKrMEDMxgQ)~7CVwJ2rq^C%zLyc~PV+gE}1(H$lO-H4?IY}J` zrv@HEQG&6ogM<{KeNcD@7`H+LA){IB8Z2R6(6cq)eS~{8#x}VH(bvJ>Z_5Gb*`3QBy z1F?WFe;*n9Hzsza1DLvj>0S-HX*!M*7x4irALYs2;wnnSb#|@u7$Ck7&#&&u%N_n% zlA+^Pfn90cJA;y5LSk&1h*#doH?3BsXhxTHgA{!YdOlqRrt-=M-;jQN#*hr|w9yU( z9@WLd>8MP}KW4B)Ws-OSccuCCkBv(F)PY}Eb_E&cL5{X+spNxlTcc3L`KJ8Tkg^lQ zWEZC{%Fqe%4S7Ya?f1d?g8*z-X#90-wq*@&sgQBeI%#M2M32I7U}Im5$0J;!@h`00 zO^q;HK;+%Uw;2kro8&EMBBqH0)H7owSCs~hP-dFWojWC;B=hWH=VHPMA=Etp9F&L8 z$U4-@eQ>n4aHY6|Cl=JMV@6hQ2(mnfVwGD`GZt(ysrc-ygd>u$n6A7FJQ>KcAqs8l zmpU!Ju&ROYs*}@S@mzk4Dg1$D?`9*(@+E3P9d-BT0CNZWqQo0yZAN7`{fAs73qdwnb6-*J|G2qm1fTZ-@IGomP!@-)J0Rq4*KgFko~0j_CDW@I}B zs;`VvBGo(7mnoKDm}V4$JJbQo;)xGf1bqHJSDpOG(o>~_%0>dK+%dg%z)^W_W~yMg z-!3~a{vWcJ$6G&zF?OGB%?eR{N>Mvy6<7?x5k)k|P$%B#FFMWRxjB`CnM zJYC>ufVP@geKaq8^-9=i{KS#bQ2@vj+*nLu(AXrlY9(6MLG>Crk6z}LXfVkb=4*;X zX=!lsnH{|Ci-J-?%NpBXS8~JVg^;1cmP&Ry`I1wnf(o!dl84wRlQeq3M`LlVY(^it z3XZ0g!c{Ab*M73ZhNIBhfwDaR8JBQ~AWi$FEjx)Zu1+HfPMi~gYTm=po^+FXBu`tU zQc*UWoq^}4JpSTjb;$f^o!T!=p|#$LuQ) z4)D3!l1JgdlTV(!wR=UWtJ9F?N$D*oP1Cn3_+ZKZoHH4}9doNVlTObci^!Y^~ z-yN%;O{hpUDsD0zEeVS)&F+jWSbOJIKDOM*E7hl2k{ozAPAtr*C+MeKNPo|}>t^kf zI6eGFWEe}?jw4kv&zm+g9DIec!3I{$?tDeZ+A+F(ErPNbf0-fO_?oTST@@GO7p$ZA za^%+9waITQDsC*+;xcGUKx9@>7YtyHVzuupi5bxF{TU6B`!_Y5se$lUy&oLQKXH7p zGgGZ*%{NQA7@>=&#o(NknpIpo%XJcG-?vrKg=H>(Td{(mgmOzp+-0M%``VWuAD3J zD}#eZG;aPje;61Ji7W%o1m4d@4OwxVX72D@Y-q?|bb&k*dmjyC8ry-@^S309SSuCV z@m#epw1FkiqOp;#7HeBp)$LKM00P@Ib@RF3h)(*!TNSVImP|3jz^6pggorT#sjK|A zohoFbWtl8_XUIEtql4|=v5rK+E}>ctNAFFJ#Xc61YrLL#eTex{ayPFJK~P{|AP~VY L!Xwx?57@r}7MMRc literal 0 HcmV?d00001 diff --git a/charts/rancher-monitoring-crd/103.0.0+up40.1.2/Chart.yaml b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/Chart.yaml new file mode 100644 index 0000000000..4a7375f8ce --- /dev/null +++ b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/Chart.yaml @@ -0,0 +1,10 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-monitoring-system + catalog.cattle.io/release-name: rancher-monitoring-crd +apiVersion: v1 +description: Installs the CRDs for rancher-monitoring. +name: rancher-monitoring-crd +type: application +version: 103.0.0+up40.1.2 diff --git a/charts/rancher-monitoring-crd/103.0.0+up40.1.2/README.md b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/README.md new file mode 100644 index 0000000000..e0b63e0268 --- /dev/null +++ b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/README.md @@ -0,0 +1,24 @@ +# rancher-monitoring-crd +A Rancher chart that installs the CRDs used by rancher-monitoring. + +## How does this chart work? + +This chart marshalls all of the CRD files placed in the `crd-manifest` directory into a ConfigMap that is installed onto a cluster alongside relevant RBAC (ServiceAccount, ClusterRoleBinding, ClusterRole, and PodSecurityPolicy). + +Once the relevant dependent resourcees are installed / upgraded / rolled back, this chart executes a post-install / post-upgrade / post-rollback Job that: +- Patches any existing versions of the CRDs contained within the `crd-manifest` on the cluster to set `spec.preserveUnknownFields=false`; this step is required since, based on [Kubernetes docs](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#field-pruning) and a [known workaround](https://github.com/kubernetes-sigs/controller-tools/issues/476#issuecomment-691519936), such CRDs cannot be upgraded normally from `apiextensions.k8s.io/v1beta1` to `apiextensions.k8s.io/v1`. +- Runs a `kubectl apply` on the CRDs that are contained within the crd-manifest ConfigMap to upgrade CRDs in the cluster + +On an uninstall, this chart executes a separate post-delete Job that: +- Patches any existing versions of the CRDs contained within `crd-manifest` on the cluster to set `metadata.finalizers=[]` +- Runs a `kubectl delete` on the CRDs that are contained within the crd-manifest ConfigMap to clean up the CRDs from the cluster + +Note: If the relevant CRDs already existed in the cluster at the time of install, this chart will absorb ownership of the lifecycle of those CRDs; therefore, on a `helm uninstall`, those CRDs will also be removed from the cluster alongside this chart. + +## Why can't we just place the CRDs in the templates/ directory of the main chart? + +In Helm today, you cannot declare a CRD and declare a resource of that CRD's kind in templates/ without encountering a failure on render. + +## [Helm 3] Why can't we just place the CRDs in the crds/ directory of the main chart? + +The Helm 3 `crds/` directory only supports the installation of CRDs, but does not support the upgrade and removal of CRDs, unlike what this chart facilitiates. \ No newline at end of file diff --git a/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-alertmanagerconfigs.yaml b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-alertmanagerconfigs.yaml new file mode 100644 index 0000000000..7863a2bc88 --- /dev/null +++ b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-alertmanagerconfigs.yaml @@ -0,0 +1,4475 @@ +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagerconfigs.yaml +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: alertmanagerconfigs.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + categories: + - prometheus-operator + kind: AlertmanagerConfig + listKind: AlertmanagerConfigList + plural: alertmanagerconfigs + shortNames: + - amcfg + singular: alertmanagerconfig + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: AlertmanagerConfig defines a namespaced AlertmanagerConfig to + be aggregated across multiple namespaces configuring one Alertmanager cluster. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AlertmanagerConfigSpec is a specification of the desired + behavior of the Alertmanager configuration. By definition, the Alertmanager + configuration only applies to alerts for which the `namespace` label + is equal to the namespace of the AlertmanagerConfig resource. + properties: + inhibitRules: + description: List of inhibition rules. The rules will only apply to + alerts matching the resource’s namespace. + items: + description: InhibitRule defines an inhibition rule that allows + to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule + properties: + equal: + description: Labels that must have an equal value in the source + and target alert for the inhibition to take effect. + items: + type: string + type: array + sourceMatch: + description: Matchers for which one or more alerts have to exist + for the inhibition to take effect. The operator enforces that + the alert matches the resource’s namespace. + items: + description: Matcher defines how to match on alert's labels. + properties: + matchType: + description: Match operation available with AlertManager + >= v0.22.0 and takes precedence over Regex (deprecated) + if non-empty. + enum: + - '!=' + - = + - =~ + - '!~' + type: string + name: + description: Label to match. + minLength: 1 + type: string + regex: + description: Whether to match on equality (false) or regular-expression + (true). Deprecated as of AlertManager >= v0.22.0 where + a user should use MatchType instead. + type: boolean + value: + description: Label value to match. + type: string + required: + - name + type: object + type: array + targetMatch: + description: Matchers that have to be fulfilled in the alerts + to be muted. The operator enforces that the alert matches + the resource’s namespace. + items: + description: Matcher defines how to match on alert's labels. + properties: + matchType: + description: Match operation available with AlertManager + >= v0.22.0 and takes precedence over Regex (deprecated) + if non-empty. + enum: + - '!=' + - = + - =~ + - '!~' + type: string + name: + description: Label to match. + minLength: 1 + type: string + regex: + description: Whether to match on equality (false) or regular-expression + (true). Deprecated as of AlertManager >= v0.22.0 where + a user should use MatchType instead. + type: boolean + value: + description: Label value to match. + type: string + required: + - name + type: object + type: array + type: object + type: array + muteTimeIntervals: + description: List of MuteTimeInterval specifying when the routes should + be muted. + items: + description: MuteTimeInterval specifies the periods in time when + notifications will be muted + properties: + name: + description: Name of the time interval + type: string + timeIntervals: + description: TimeIntervals is a list of TimeInterval + items: + description: TimeInterval describes intervals of time + properties: + daysOfMonth: + description: DaysOfMonth is a list of DayOfMonthRange + items: + description: DayOfMonthRange is an inclusive range of + days of the month beginning at 1 + properties: + end: + description: End of the inclusive range + maximum: 31 + minimum: -31 + type: integer + start: + description: Start of the inclusive range + maximum: 31 + minimum: -31 + type: integer + type: object + type: array + months: + description: Months is a list of MonthRange + items: + description: MonthRange is an inclusive range of months + of the year beginning in January Months can be specified + by name (e.g 'January') by numerical month (e.g '1') + or as an inclusive range (e.g 'January:March', '1:3', + '1:March') + pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12]))$)|$) + type: string + type: array + times: + description: Times is a list of TimeRange + items: + description: TimeRange defines a start and end time + in 24hr format + properties: + endTime: + description: EndTime is the end time in 24hr format. + pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) + type: string + startTime: + description: StartTime is the start time in 24hr + format. + pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) + type: string + type: object + type: array + weekdays: + description: Weekdays is a list of WeekdayRange + items: + description: WeekdayRange is an inclusive range of days + of the week beginning on Sunday Days can be specified + by name (e.g 'Sunday') or as an inclusive range (e.g + 'Monday:Friday') + pattern: ^((?i)sun|mon|tues|wednes|thurs|fri|satur)day(?:((:(sun|mon|tues|wednes|thurs|fri|satur)day)$)|$) + type: string + type: array + years: + description: Years is a list of YearRange + items: + description: YearRange is an inclusive range of years + pattern: ^2\d{3}(?::2\d{3}|$) + type: string + type: array + type: object + type: array + type: object + type: array + receivers: + description: List of receivers. + items: + description: Receiver defines one or more notification integrations. + properties: + emailConfigs: + description: List of Email configurations. + items: + description: EmailConfig configures notifications via Email. + properties: + authIdentity: + description: The identity to use for authentication. + type: string + authPassword: + description: The secret's key that contains the password + to use for authentication. The secret needs to be in + the same namespace as the AlertmanagerConfig object + and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + authSecret: + description: The secret's key that contains the CRAM-MD5 + secret. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + authUsername: + description: The username to use for authentication. + type: string + from: + description: The sender address. + type: string + headers: + description: Further headers email header key/value pairs. + Overrides any headers previously set by the notification + implementation. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + hello: + description: The hostname to identify to the SMTP server. + type: string + html: + description: The HTML body of the email notification. + type: string + requireTLS: + description: The SMTP TLS requirement. Note that Go does + not support unencrypted connections to remote SMTP endpoints. + type: boolean + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + smarthost: + description: The SMTP host and port through which emails + are sent. E.g. example.com:25 + type: string + text: + description: The text body of the email notification. + type: string + tlsConfig: + description: TLS configuration + properties: + ca: + description: Struct containing the CA cert to use + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert file + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file + for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + to: + description: The email address to send notifications to. + type: string + type: object + type: array + name: + description: Name of the receiver. Must be unique across all + items from the list. + minLength: 1 + type: string + opsgenieConfigs: + description: List of OpsGenie configurations. + items: + description: OpsGenieConfig configures notifications via OpsGenie. + See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config + properties: + actions: + description: Comma separated list of actions that will + be available for the alert. + type: string + apiKey: + description: The secret's key that contains the OpsGenie + API key. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + apiURL: + description: The URL to send OpsGenie API requests to. + type: string + description: + description: Description of the incident. + type: string + details: + description: A set of arbitrary key/value pairs that provide + further detail about the incident. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + entity: + description: Optional field that can be used to specify + which domain alert is related to. + type: string + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: Alert text limited to 130 characters. + type: string + note: + description: Additional alert note. + type: string + priority: + description: Priority level of alert. Possible values + are P1, P2, P3, P4, and P5. + type: string + responders: + description: List of responders responsible for notifications. + items: + description: OpsGenieConfigResponder defines a responder + to an incident. One of `id`, `name` or `username` + has to be defined. + properties: + id: + description: ID of the responder. + type: string + name: + description: Name of the responder. + type: string + type: + description: Type of responder. + enum: + - team + - teams + - user + - escalation + - schedule + minLength: 1 + type: string + username: + description: Username of the responder. + type: string + required: + - type + type: object + type: array + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + source: + description: Backlink to the sender of the notification. + type: string + tags: + description: Comma separated list of tags attached to + the notifications. + type: string + updateAlerts: + description: Whether to update message and description + of the alert in OpsGenie if it already exists By default, + the alert is never updated in OpsGenie, the new message + only appears in activity log. + type: boolean + type: object + type: array + pagerdutyConfigs: + description: List of PagerDuty configurations. + items: + description: PagerDutyConfig configures notifications via + PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config + properties: + class: + description: The class/type of the event. + type: string + client: + description: Client identification. + type: string + clientURL: + description: Backlink to the sender of notification. + type: string + component: + description: The part or component of the affected system + that is broken. + type: string + description: + description: Description of the incident. + type: string + details: + description: Arbitrary key/value pairs that provide further + detail about the incident. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + group: + description: A cluster or grouping of sources. + type: string + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + pagerDutyImageConfigs: + description: A list of image details to attach that provide + further detail about an incident. + items: + description: PagerDutyImageConfig attaches images to + an incident + properties: + alt: + description: Alt is the optional alternative text + for the image. + type: string + href: + description: Optional URL; makes the image a clickable + link. + type: string + src: + description: Src of the image being attached to + the incident + type: string + type: object + type: array + pagerDutyLinkConfigs: + description: A list of link details to attach that provide + further detail about an incident. + items: + description: PagerDutyLinkConfig attaches text links + to an incident + properties: + alt: + description: Text that describes the purpose of + the link, and can be used as the link's text. + type: string + href: + description: Href is the URL of the link to be attached + type: string + type: object + type: array + routingKey: + description: The secret's key that contains the PagerDuty + integration key (when using Events API v2). Either this + field or `serviceKey` needs to be defined. The secret + needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + serviceKey: + description: The secret's key that contains the PagerDuty + service key (when using integration type "Prometheus"). + Either this field or `routingKey` needs to be defined. + The secret needs to be in the same namespace as the + AlertmanagerConfig object and accessible by the Prometheus + Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + severity: + description: Severity of the incident. + type: string + url: + description: The URL to send requests to. + type: string + type: object + type: array + pushoverConfigs: + description: List of Pushover configurations. + items: + description: PushoverConfig configures notifications via Pushover. + See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config + properties: + expire: + description: How long your notification will continue + to be retried for, unless the user acknowledges the + notification. + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + html: + description: Whether notification message is HTML or plain + text. + type: boolean + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: Notification message. + type: string + priority: + description: Priority, see https://pushover.net/api#priority + type: string + retry: + description: How often the Pushover servers will send + the same notification to the user. Must be at least + 30 seconds. + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + sound: + description: The name of one of the sounds supported by + device clients to override the user's default sound + choice + type: string + title: + description: Notification title. + type: string + token: + description: The secret's key that contains the registered + application’s API token, see https://pushover.net/apps. + The secret needs to be in the same namespace as the + AlertmanagerConfig object and accessible by the Prometheus + Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + url: + description: A supplementary URL shown alongside the message. + type: string + urlTitle: + description: A title for supplementary URL, otherwise + just the URL is shown + type: string + userKey: + description: The secret's key that contains the recipient + user’s user key. The secret needs to be in the same + namespace as the AlertmanagerConfig object and accessible + by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + type: array + slackConfigs: + description: List of Slack configurations. + items: + description: SlackConfig configures notifications via Slack. + See https://prometheus.io/docs/alerting/latest/configuration/#slack_config + properties: + actions: + description: A list of Slack actions that are sent with + each notification. + items: + description: SlackAction configures a single Slack action + that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields + and https://api.slack.com/docs/message-buttons for + more information. + properties: + confirm: + description: SlackConfirmationField protect users + from destructive actions or particularly distinguished + decisions by asking them to confirm their button + click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields + for more information. + properties: + dismissText: + type: string + okText: + type: string + text: + minLength: 1 + type: string + title: + type: string + required: + - text + type: object + name: + type: string + style: + type: string + text: + minLength: 1 + type: string + type: + minLength: 1 + type: string + url: + type: string + value: + type: string + required: + - text + - type + type: object + type: array + apiURL: + description: The secret's key that contains the Slack + webhook URL. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + callbackId: + type: string + channel: + description: The channel or user to send notifications + to. + type: string + color: + type: string + fallback: + type: string + fields: + description: A list of Slack fields that are sent with + each notification. + items: + description: SlackField configures a single Slack field + that is sent with each notification. Each field must + contain a title, value, and optionally, a boolean + value to indicate if the field is short enough to + be displayed next to other fields designated as short. + See https://api.slack.com/docs/message-attachments#fields + for more information. + properties: + short: + type: boolean + title: + minLength: 1 + type: string + value: + minLength: 1 + type: string + required: + - title + - value + type: object + type: array + footer: + type: string + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + iconEmoji: + type: string + iconURL: + type: string + imageURL: + type: string + linkNames: + type: boolean + mrkdwnIn: + items: + type: string + type: array + pretext: + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + shortFields: + type: boolean + text: + type: string + thumbURL: + type: string + title: + type: string + titleLink: + type: string + username: + type: string + type: object + type: array + snsConfigs: + description: List of SNS configurations + items: + description: SNSConfig configures notifications via AWS SNS. + See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs + properties: + apiURL: + description: The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. + If not specified, the SNS API URL from the SNS SDK will + be used. + type: string + attributes: + additionalProperties: + type: string + description: SNS message attributes. + type: object + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message content of the SNS notification. + type: string + phoneNumber: + description: Phone number if message is delivered via + SMS in E.164 format. If you don't specify this value, + you must specify a value for the TopicARN or TargetARN. + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + sigv4: + description: Configures AWS's Signature Verification 4 + signing process to sign requests. + properties: + accessKey: + description: AccessKey is the AWS API key. If blank, + the environment variable `AWS_ACCESS_KEY_ID` is + used. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + profile: + description: Profile is the named AWS profile used + to authenticate. + type: string + region: + description: Region is the AWS region. If blank, the + region from the default credentials chain used. + type: string + roleArn: + description: RoleArn is the named AWS profile used + to authenticate. + type: string + secretKey: + description: SecretKey is the AWS API secret. If blank, + the environment variable `AWS_SECRET_ACCESS_KEY` + is used. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + subject: + description: Subject line when the message is delivered + to email endpoints. + type: string + targetARN: + description: The mobile platform endpoint ARN if message + is delivered via mobile notifications. If you don't + specify this value, you must specify a value for the + topic_arn or PhoneNumber. + type: string + topicARN: + description: SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic + If you don't specify this value, you must specify a + value for the PhoneNumber or TargetARN. + type: string + type: object + type: array + telegramConfigs: + description: List of Telegram configurations. + items: + description: TelegramConfig configures notifications via Telegram. + See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config + properties: + apiURL: + description: The Telegram API URL i.e. https://api.telegram.org. + If not specified, default API URL will be used. + type: string + botToken: + description: Telegram bot token The secret needs to be + in the same namespace as the AlertmanagerConfig object + and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + chatID: + description: The Telegram chat ID. + format: int64 + type: integer + disableNotifications: + description: Disable telegram notifications + type: boolean + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: Message template + type: string + parseMode: + description: Parse mode for telegram message + enum: + - MarkdownV2 + - Markdown + - HTML + type: string + sendResolved: + description: Whether to notify about resolved alerts. + type: boolean + type: object + type: array + victoropsConfigs: + description: List of VictorOps configurations. + items: + description: VictorOpsConfig configures notifications via + VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config + properties: + apiKey: + description: The secret's key that contains the API key + to use when talking to the VictorOps API. The secret + needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + apiUrl: + description: The VictorOps API URL. + type: string + customFields: + description: Additional custom fields for notification. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + entityDisplayName: + description: Contains summary of the alerted problem. + type: string + httpConfig: + description: The HTTP client's configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + messageType: + description: Describes the behavior of the alert (CRITICAL, + WARNING, INFO). + type: string + monitoringTool: + description: The monitoring tool the state message is + from. + type: string + routingKey: + description: A key used to map the alert to a team. + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + stateMessage: + description: Contains long explanation of the alerted + problem. + type: string + type: object + type: array + webhookConfigs: + description: List of webhook configurations. + items: + description: WebhookConfig configures notifications via a + generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config + properties: + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + maxAlerts: + description: Maximum number of alerts to be sent per webhook + message. When 0, all alerts are included. + format: int32 + minimum: 0 + type: integer + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + url: + description: The URL to send HTTP POST requests to. `urlSecret` + takes precedence over `url`. One of `urlSecret` and + `url` should be defined. + type: string + urlSecret: + description: The secret's key that contains the webhook + URL to send HTTP requests to. `urlSecret` takes precedence + over `url`. One of `urlSecret` and `url` should be defined. + The secret needs to be in the same namespace as the + AlertmanagerConfig object and accessible by the Prometheus + Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + type: array + wechatConfigs: + description: List of WeChat configurations. + items: + description: WeChatConfig configures notifications via WeChat. + See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config + properties: + agentID: + type: string + apiSecret: + description: The secret's key that contains the WeChat + API key. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + apiURL: + description: The WeChat API URL. + type: string + corpID: + description: The corp id for authentication. + type: string + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: API request data as defined by the WeChat + API. + type: string + messageType: + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + toParty: + type: string + toTag: + type: string + toUser: + type: string + type: object + type: array + required: + - name + type: object + type: array + route: + description: The Alertmanager route definition for alerts matching + the resource’s namespace. If present, it will be added to the generated + Alertmanager configuration as a first-level route. + properties: + continue: + description: Boolean indicating whether an alert should continue + matching subsequent sibling nodes. It will always be overridden + to true for the first-level route by the Prometheus operator. + type: boolean + groupBy: + description: List of labels to group by. Labels must not be repeated + (unique list). Special label "..." (aggregate by all possible + labels), if provided, must be the only element in the list. + items: + type: string + type: array + groupInterval: + description: 'How long to wait before sending an updated notification. + Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` + Example: "5m"' + type: string + groupWait: + description: 'How long to wait before sending the initial notification. + Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` + Example: "30s"' + type: string + matchers: + description: 'List of matchers that the alert’s labels should + match. For the first level route, the operator removes any existing + equality and regexp matcher on the `namespace` label and adds + a `namespace: ` matcher.' + items: + description: Matcher defines how to match on alert's labels. + properties: + matchType: + description: Match operation available with AlertManager + >= v0.22.0 and takes precedence over Regex (deprecated) + if non-empty. + enum: + - '!=' + - = + - =~ + - '!~' + type: string + name: + description: Label to match. + minLength: 1 + type: string + regex: + description: Whether to match on equality (false) or regular-expression + (true). Deprecated as of AlertManager >= v0.22.0 where + a user should use MatchType instead. + type: boolean + value: + description: Label value to match. + type: string + required: + - name + type: object + type: array + muteTimeIntervals: + description: 'Note: this comment applies to the field definition + above but appears below otherwise it gets included in the generated + manifest. CRD schema doesn''t support self-referential types + for now (see https://github.com/kubernetes/kubernetes/issues/62872). + We have to use an alternative type to circumvent the limitation. + The downside is that the Kube API can''t validate the data beyond + the fact that it is a valid JSON representation. MuteTimeIntervals + is a list of MuteTimeInterval names that will mute this route + when matched,' + items: + type: string + type: array + receiver: + description: Name of the receiver for this route. If not empty, + it should be listed in the `receivers` field. + type: string + repeatInterval: + description: 'How long to wait before repeating the last notification. + Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` + Example: "4h"' + type: string + routes: + description: Child routes. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-alertmanagers.yaml b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-alertmanagers.yaml new file mode 100644 index 0000000000..236f26b912 --- /dev/null +++ b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-alertmanagers.yaml @@ -0,0 +1,6779 @@ +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: alertmanagers.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + categories: + - prometheus-operator + kind: Alertmanager + listKind: AlertmanagerList + plural: alertmanagers + shortNames: + - am + singular: alertmanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The version of Alertmanager + jsonPath: .spec.version + name: Version + type: string + - description: The desired replicas number of Alertmanagers + jsonPath: .spec.replicas + name: Replicas + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: Alertmanager describes an Alertmanager cluster. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + additionalPeers: + description: AdditionalPeers allows injecting a set of additional + Alertmanagers to peer with to form a highly available cluster. + items: + type: string + type: array + affinity: + description: If specified, the pod's scheduling constraints. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + alertmanagerConfigNamespaceSelector: + description: Namespaces to be selected for AlertmanagerConfig discovery. + If nil, only check own namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + alertmanagerConfigSelector: + description: AlertmanagerConfigs to be selected for to merge and configure + Alertmanager with. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + alertmanagerConfiguration: + description: 'EXPERIMENTAL: alertmanagerConfiguration specifies the + configuration of Alertmanager. If defined, it takes precedence over + the `configSecret` field. This field may change in future releases.' + properties: + global: + description: Defines the global parameters of the Alertmanager + configuration. + properties: + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for the + client. This is mutually exclusive with BasicAuth and + is only available starting from Alertmanager v0.22+. + properties: + credentials: + description: The secret's key that contains the credentials + of the request + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, BasicAuth + takes precedence. + properties: + password: + description: The secret in the service monitor namespace + that contains the password for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor namespace + that contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. The + secret needs to be in the same namespace as the Alertmanager + object and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + followRedirects: + description: FollowRedirects specifies whether the client + should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch a + token for the targets. + properties: + clientId: + description: The secret or configmap containing the + OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 client + secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to use + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert file + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file + for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + type: object + resolveTimeout: + description: ResolveTimeout is the default value used by alertmanager + if the alert does not include EndsAt, after this time passes + it can declare the alert as resolved if it has not been + updated. This has no impact on alerts from Prometheus, as + they always include EndsAt. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + type: object + name: + description: The name of the AlertmanagerConfig resource which + is used to generate the Alertmanager configuration. It must + be defined in the same namespace as the Alertmanager object. + The operator will not enforce a `namespace` label for routes + and inhibition rules. + minLength: 1 + type: string + type: object + baseImage: + description: 'Base image that is used to deploy pods, without tag. + Deprecated: use ''image'' instead' + type: string + clusterAdvertiseAddress: + description: 'ClusterAdvertiseAddress is the explicit address to advertise + in cluster. Needs to be provided for non RFC1918 [1] (public) addresses. + [1] RFC1918: https://tools.ietf.org/html/rfc1918' + type: string + clusterGossipInterval: + description: Interval between gossip attempts. + pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + clusterPeerTimeout: + description: Timeout for cluster peering. + pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + clusterPushpullInterval: + description: Interval between pushpull attempts. + pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + configMaps: + description: ConfigMaps is a list of ConfigMaps in the same namespace + as the Alertmanager object, which shall be mounted into the Alertmanager + Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/. + items: + type: string + type: array + configSecret: + description: "ConfigSecret is the name of a Kubernetes Secret in the + same namespace as the Alertmanager object, which contains the configuration + for this Alertmanager instance. If empty, it defaults to 'alertmanager-'. + \n The Alertmanager configuration should be available under the + `alertmanager.yaml` key. Additional keys from the original secret + are copied to the generated secret. \n If either the secret or the + `alertmanager.yaml` key is missing, the operator provisions an Alertmanager + configuration with one empty receiver (effectively dropping alert + notifications)." + type: string + containers: + description: 'Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. Containers described here modify an operator generated container + if they share the same name and modifications are done via a strategic + merge patch. The current container names are: `alertmanager` and + `config-reloader`. Overriding containers is entirely outside the + scope of what the maintainers will support and by doing so, you + accept that this behaviour may break at any time without notice.' + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Not + specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Modifying this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + forceEnableClusterMode: + description: ForceEnableClusterMode ensures Alertmanager does not + deactivate the cluster mode when running with a single replica. + Use case is e.g. spanning an Alertmanager cluster across Kubernetes + clusters with a single replica in each. + type: boolean + hostAliases: + description: Pods' hostAliases configuration + items: + description: HostAlias holds the mapping between IP and hostnames + that will be injected as an entry in the pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + required: + - hostnames + - ip + type: object + type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map + image: + description: Image if specified has precedence over baseImage, tag + and sha combinations. Specifying the version is still necessary + to ensure the Prometheus Operator knows what version of Alertmanager + is being configured. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same + namespace to use for pulling prometheus and alertmanager images + from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: 'InitContainers allows adding initContainers to the pod + definition. Those can be used to e.g. fetch secrets for injection + into the Alertmanager configuration from external sources. Any errors + during the execution of an initContainer will lead to a restart + of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + Using initContainers for any use case other then secret fetching + is entirely outside the scope of what the maintainers will support + and by doing so, you accept that this behaviour may break at any + time without notice.' + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Not + specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Modifying this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logFormat: + description: Log format for Alertmanager to be configured with. + enum: + - "" + - logfmt + - json + type: string + logLevel: + description: Log level for Alertmanager to be configured with. + enum: + - "" + - debug + - info + - warn + - error + type: string + minReadySeconds: + description: Minimum number of seconds for which a newly created pod + should be ready without any of its container crashing for it to + be considered available. Defaults to 0 (pod will be considered available + as soon as it is ready) This is an alpha field and requires enabling + StatefulSetMinReadySeconds feature gate. + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlying managed + objects are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: PodMetadata configures Labels and Annotations which are + propagated to the alertmanager pods. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored + with a resource that may be set by external tools to store and + retrieve arbitrary metadata. They are not queryable and should + be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to + organize and categorize (scope and select) objects. May match + selectors of replication controllers and services. More info: + http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. Is required + when creating resources, although some resources may allow a + client to request the generation of an appropriate name automatically. + Name is primarily intended for creation idempotence and configuration + definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + type: object + portName: + description: Port name used for the pods and governing service. This + defaults to web + type: string + priorityClassName: + description: Priority class assigned to the Pods + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: Define resources requests and limits for single Pods. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + retention: + default: 120h + description: Time duration Alertmanager shall retain data for. Default + is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` + (milliseconds seconds minutes hours). + pattern: ^(0|(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers + for. This is useful, if using ExternalURL and a proxy is rewriting + HTTP routes of a request, and the actual ExternalURL is still true, + but the server serves requests under a different route prefix. For + example for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as + the Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: SecurityContext holds pod-level security attributes and + common container settings. This defaults to the default PodSecurityContext. + properties: + fsGroup: + description: "A special supplemental group that applies to all + containers in a pod. Some volume types allow the Kubelet to + change the ownership of that volume to be owned by the pod: + \n 1. The owning GID will be the FSGroup 2. The setgid bit is + set (new files created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- \n If unset, + the Kubelet will not modify the ownership and permissions of + any volume. Note that this field cannot be set when spec.os.name + is windows." + format: int64 + type: integer + fsGroupChangePolicy: + description: 'fsGroupChangePolicy defines behavior of changing + ownership and permission of the volume before being exposed + inside Pod. This field will only apply to volume types which + support fsGroup based ownership(and permissions). It will have + no effect on ephemeral volume types such as: secret, configmaps + and emptydir. Valid values are "OnRootMismatch" and "Always". + If not specified, "Always" is used. Note that this field cannot + be set when spec.os.name is windows.' + type: string + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. Note that this field cannot + be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies to + the container. + type: string + role: + description: Role is a SELinux role label that applies to + the container. + type: string + type: + description: Type is a SELinux type label that applies to + the container. + type: string + user: + description: User is a SELinux user label that applies to + the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by the containers in this + pod. Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile must be + preconfigured on the node to work. Must be a descending + path, relative to the kubelet's configured seccomp profile + location. Must only be set if type is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - a profile + defined in a file on the node should be used. RuntimeDefault + - the container runtime default profile should be used. + Unconfined - no profile should be applied." + type: string + required: + - type + type: object + supplementalGroups: + description: A list of groups applied to the first process run + in each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. Note + that this field cannot be set when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. Note that this field cannot be set when + spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named by + the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the GMSA + credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is alpha-level + and will only be honored by components that enable the WindowsHostProcessContainers + feature flag. Setting this field without the feature flag + will result in errors when validating the Pod. All of a + Pod's containers must have the same effective HostProcess + value (it is not allowed to have a mix of HostProcess containers + and non-HostProcess containers). In addition, if HostProcess + is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: string + type: object + type: object + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount + to use to run the Prometheus Pods. + type: string + sha: + description: 'SHA of Alertmanager container image to be deployed. + Defaults to the value of `version`. Similar to a tag, but the SHA + explicitly deploys an immutable container image. Version and Tag + are ignored if SHA is set. Deprecated: use ''image'' instead. The + image digest can be specified as part of the image URL.' + type: string + storage: + description: Storage is the definition of how storage will be used + by the Alertmanager instances. + properties: + disableMountSubPath: + description: 'Deprecated: subPath usage will be disabled by default + in a future release, this option will become unnecessary. DisableMountSubPath + allows to remove any subPath usage in volume mounts.' + type: boolean + emptyDir: + description: 'EmptyDirVolumeSource to be used by the Prometheus + StatefulSets. If specified, used in place of any volumeClaimTemplate. + More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' + properties: + medium: + description: 'medium represents what type of storage medium + should back this directory. The default is "" which means + to use the node''s default medium. Must be an empty string + (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local storage + required for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the SizeLimit + specified here and the sum of memory limits of all containers + in a pod. The default is nil which means that the limit + is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: 'EphemeralVolumeSource to be used by the Prometheus + StatefulSets. This is a beta field in k8s 1.21, for lower versions, + starting with k8s 1.19, it requires enabling the GenericEphemeralVolume + feature gate. More info: https://kubernetes.io/docs/concepts/storage/ephemeral-volumes/#generic-ephemeral-volumes' + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC will + be deleted together with the pod. The name of the PVC will + be `-` where `` is the + name from the `PodSpec.Volumes` array entry. Pod validation + will reject the pod if the concatenated name is not valid + for a PVC (for example, too long). \n An existing PVC with + that name that is not owned by the pod will *not* be used + for the pod to avoid using an unrelated volume by mistake. + Starting the pod is then blocked until the unrelated PVC + is removed. If such a pre-created PVC is meant to be used + by the pod, the PVC has to updated with an owner reference + to the pod once the pod exists. Normally this should not + be necessary, but it may be useful when manually reconstructing + a broken cluster. \n This field is read-only and no changes + will be made by Kubernetes to the PVC after it has been + created. \n Required, must not be nil." + properties: + metadata: + description: May contain labels and annotations that will + be copied into the PVC when creating it. No other fields + are allowed and will be rejected during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified data + source. If the AnyVolumeDataSource feature gate + is enabled, this field will always have the same + contents as the DataSourceRef field.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any local object + from a non-empty API group (non core object) or + a PersistentVolumeClaim object. When this field + is specified, volume binding will only succeed if + the type of the specified object matches some installed + volume populator or dynamic provisioner. This field + will replace the functionality of the DataSource + field and as such if both fields are non-empty, + they must have the same value. For backwards compatibility, + both fields (DataSource and DataSourceRef) will + be set to the same value automatically if one of + them is empty and the other is non-empty. There + are two important differences between DataSource + and DataSourceRef: * While DataSource only allows + two specific types of objects, DataSourceRef allows + any non-core object, as well as PersistentVolumeClaim + objects. * While DataSource ignores disallowed values + (dropping them), DataSourceRef preserves all values, + and generates an error if a disallowed value is + specified. (Beta) Using this field requires the + AnyVolumeDataSource feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is + required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is + omitted for a container, it defaults to Limits + if that is explicitly specified, otherwise to + an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the + StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem is + implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the Prometheus StatefulSets. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: EmbeddedMetadata contains metadata relevant to + an EmbeddedResource. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: 'Name must be unique within a namespace. + Is required when creating resources, although some resources + may allow a client to request the generation of an appropriate + name automatically. Name is primarily intended for creation + idempotence and configuration definition. Cannot be + updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names' + type: string + type: object + spec: + description: 'Spec defines the desired characteristics of + a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the provisioner + or an external controller can support the specified + data source, it will create a new volume based on the + contents of the specified data source. If the AnyVolumeDataSource + feature gate is enabled, this field will always have + the same contents as the DataSourceRef field.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object from + which to populate the volume with data, if a non-empty + volume is desired. This may be any local object from + a non-empty API group (non core object) or a PersistentVolumeClaim + object. When this field is specified, volume binding + will only succeed if the type of the specified object + matches some installed volume populator or dynamic provisioner. + This field will replace the functionality of the DataSource + field and as such if both fields are non-empty, they + must have the same value. For backwards compatibility, + both fields (DataSource and DataSourceRef) will be set + to the same value automatically if one of them is empty + and the other is non-empty. There are two important + differences between DataSource and DataSourceRef: * + While DataSource only allows two specific types of objects, + DataSourceRef allows any non-core object, as well as + PersistentVolumeClaim objects. * While DataSource ignores + disallowed values (dropping them), DataSourceRef preserves + all values, and generates an error if a disallowed value + is specified. (Beta) Using this field requires the AnyVolumeDataSource + feature gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify resource + requirements that are lower than previous value but + must still be higher than capacity recorded in the status + field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes to + consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the StorageClass + required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is + required by the claim. Value of Filesystem is implied + when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to the + PersistentVolume backing this claim. + type: string + type: object + status: + description: 'Status represents the current information/status + of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'accessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: allocatedResources is the storage resource + within AllocatedResources tracks the capacity allocated + to a PVC. It may be larger than the actual capacity + when a volume expansion operation is requested. For + storage quota, the larger value from allocatedResources + and PVC.spec.resources is used. If allocatedResources + is not set, PVC.spec.resources alone is used for quota + calculation. If a volume expansion capacity request + is lowered, allocatedResources is only lowered if there + are no expansion operations in progress and if the actual + volume capacity is equal or lower than the requested + capacity. This is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature. + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: conditions is the current Condition of persistent + volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: reason is a unique, this should be + a short, machine understandable string that gives + the reason for condition's last transition. If + it reports "ResizeStarted" that means the underlying + persistent volume is being resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType + is a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + resizeStatus: + description: resizeStatus stores status of resize operation. + ResizeStatus is not set by default but when expansion + is complete resizeStatus is set to empty string by resize + controller or kubelet. This is an alpha field and requires + enabling RecoverVolumeExpansionFailure feature. + type: string + type: object + type: object + type: object + tag: + description: 'Tag of Alertmanager container image to be deployed. + Defaults to the value of `version`. Version is ignored if Tag is + set. Deprecated: use ''image'' instead. The image tag can be specified + as part of the image URL.' + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + topologySpreadConstraints: + description: If specified, the pod's topology spread constraints. + items: + description: TopologySpreadConstraint specifies how to spread matching + pods among the given topology. + properties: + labelSelector: + description: LabelSelector is used to find matching pods. Pods + that match this label selector are counted to determine the + number of pods in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. This + array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select + the pods over which spreading will be calculated. The keys + are used to lookup values from the incoming pod labels, those + key-value labels are ANDed with labelSelector to select the + group of existing pods over which spreading will be calculated + for the incoming pod. Keys that don't exist in the incoming + pod labels will be ignored. A null or empty list means only + match against labelSelector. + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: 'MaxSkew describes the degree to which pods may + be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, + it is the maximum permitted difference between the number + of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods + in an eligible domain or zero if the number of eligible domains + is less than MinDomains. For example, in a 3-zone cluster, + MaxSkew is set to 1, and pods with the same labelSelector + spread as 2/2/1: In this case, the global minimum is 1. | + zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew + is 1, incoming pod can only be scheduled to zone3 to become + 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) + on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming + pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, + it is used to give higher precedence to topologies that satisfy + it. It''s a required field. Default value is 1 and 0 is not + allowed.' + format: int32 + type: integer + minDomains: + description: "MinDomains indicates a minimum number of eligible + domains. When the number of eligible domains with matching + topology keys is less than minDomains, Pod Topology Spread + treats \"global minimum\" as 0, and then the calculation of + Skew is performed. And when the number of eligible domains + with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. As a result, when + the number of eligible domains is less than minDomains, scheduler + won't schedule more than maxSkew Pods to those domains. If + value is nil, the constraint behaves as if MinDomains is equal + to 1. Valid values are integers greater than 0. When value + is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For + example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains + is set to 5 and pods with the same labelSelector spread as + 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | + The number of domains is less than 5(MinDomains), so \"global + minimum\" is treated as 0. In this situation, new pod with + the same labelSelector cannot be scheduled, because computed + skew will be 3(3 - 0) if new Pod is scheduled to any of the + three zones, it will violate MaxSkew. \n This is a beta field + and requires the MinDomainsInPodTopologySpread feature gate + to be enabled (enabled by default)." + format: int32 + type: integer + nodeAffinityPolicy: + description: "NodeAffinityPolicy indicates how we will treat + Pod's nodeAffinity/nodeSelector when calculating pod topology + spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector + are included in the calculations. - Ignore: nodeAffinity/nodeSelector + are ignored. All nodes are included in the calculations. \n + If this value is nil, the behavior is equivalent to the Honor + policy. This is a alpha-level feature enabled by the NodeInclusionPolicyInPodTopologySpread + feature flag." + type: string + nodeTaintsPolicy: + description: "NodeTaintsPolicy indicates how we will treat node + taints when calculating pod topology spread skew. Options + are: - Honor: nodes without taints, along with tainted nodes + for which the incoming pod has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + \n If this value is nil, the behavior is equivalent to the + Ignore policy. This is a alpha-level feature enabled by the + NodeInclusionPolicyInPodTopologySpread feature flag." + type: string + topologyKey: + description: TopologyKey is the key of node labels. Nodes that + have a label with this key and identical values are considered + to be in the same topology. We consider each + as a "bucket", and try to put balanced number of pods into + each bucket. We define a domain as a particular instance of + a topology. Also, we define an eligible domain as a domain + whose nodes meet the requirements of nodeAffinityPolicy and + nodeTaintsPolicy. e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. And, if TopologyKey + is "topology.kubernetes.io/zone", each zone is a domain of + that topology. It's a required field. + type: string + whenUnsatisfiable: + description: 'WhenUnsatisfiable indicates how to deal with a + pod if it doesn''t satisfy the spread constraint. - DoNotSchedule + (default) tells the scheduler not to schedule it. - ScheduleAnyway + tells the scheduler to schedule the pod in any location, but + giving higher precedence to topologies that would help reduce + the skew. A constraint is considered "Unsatisfiable" for an + incoming pod if and only if every possible node assignment + for that pod would violate "MaxSkew" on some topology. For + example, in a 3-zone cluster, MaxSkew is set to 1, and pods + with the same labelSelector spread as 3/1/1: | zone1 | zone2 + | zone3 | | P P P | P | P | If WhenUnsatisfiable is + set to DoNotSchedule, incoming pod can only be scheduled to + zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on + zone2(zone3) satisfies MaxSkew(1). In other words, the cluster + can still be imbalanced, but scheduler won''t make it *more* + imbalanced. It''s a required field.' + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + version: + description: Version the cluster should be on. + type: string + volumeMounts: + description: VolumeMounts allows configuration of additional VolumeMounts + on the output StatefulSet definition. VolumeMounts specified will + be appended to other VolumeMounts in the alertmanager container, + that are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume within + a container. + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are propagated + from the host to container and the other way around. When + not set, MountPropagationNone is used. This field is beta + in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which the + container's volume should be mounted. Behaves similarly to + SubPath but environment variable references $(VAR_NAME) are + expanded using the container's environment. Defaults to "" + (volume's root). SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes allows configuration of additional volumes on + the output StatefulSet definition. Volumes specified will be appended + to other volumes that are generated as a result of StorageSpec objects. + items: + description: Volume represents a named volume in a pod that may + be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'awsElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'volumeID is unique ID of the persistent disk + resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: None, + Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk in the + blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in the blob + storage + type: string + fsType: + description: fsType is Filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single blob + disk per storage account Managed: azure managed data + disk (only in managed availability set). defaults to shared' + type: string + readOnly: + description: readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that contains + Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: 'monitors is Required: Monitors is a collection + of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted root, + rather than the full Ceph tree, default is /' + type: string + readOnly: + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'secretFile is Optional: SecretFile is the + path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is optional: User is the rados user name, + default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'cinder represents a cinder volume attached and + mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'secretRef is optional: points to a secret + object containing parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: 'volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: 'defaultMode is optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items if unspecified, each key-value pair in + the Data field of the referenced ConfigMap will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain + the '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: optional specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents ephemeral + storage that is handled by certain external CSI drivers (Beta + feature). + properties: + driver: + description: driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated + CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: nodePublishSecretRef is a reference to the + secret object containing sensitive information to pass + to the CSI driver to complete the CSI NodePublishVolume + and NodeUnpublishVolume calls. This field is optional, + and may be empty if no secret is required. If the secret + object contains more than one secret, all secret references + are passed. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: readOnly specifies a read-only configuration + for the volume. Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: volumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a Optional: mode bits used to set + permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: + only annotations, labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to set permissions + on this file, must be an octal value between 0000 + and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires + decimal values for mode bits. If not specified, + the volume defaultMode will be used. This might + be in conflict with other options that affect the + file mode, like fsGroup, and the result can be other + mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative path + name of the file to be created. Must not be absolute + or contain the ''..'' path. Must be utf-8 encoded. + The first item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'emptyDir represents a temporary directory that + shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'medium represents what type of storage medium + should back this directory. The default is "" which means + to use the node''s default medium. Must be an empty string + (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: 'sizeLimit is the total amount of local storage + required for this EmptyDir volume. The size limit is also + applicable for memory medium. The maximum usage on memory + medium EmptyDir would be the minimum value between the + SizeLimit specified here and the sum of memory limits + of all containers in a pod. The default is nil which means + that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: "ephemeral represents a volume that is handled + by a cluster storage driver. The volume's lifecycle is tied + to the pod that defines it - it will be created before the + pod starts, and deleted when the pod is removed. \n Use this + if: a) the volume is only needed while the pod runs, b) features + of normal volumes like restoring from snapshot or capacity + tracking are needed, c) the storage driver is specified through + a storage class, and d) the storage driver supports dynamic + volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource + for more information on the connection between this volume + type and PersistentVolumeClaim). \n Use PersistentVolumeClaim + or one of the vendor-specific APIs for volumes that persist + for longer than the lifecycle of an individual pod. \n Use + CSI for light-weight local ephemeral volumes if the CSI driver + is meant to be used that way - see the documentation of the + driver for more information. \n A pod can use both types of + ephemeral volumes and persistent volumes at the same time." + properties: + volumeClaimTemplate: + description: "Will be used to create a stand-alone PVC to + provision the volume. The pod in which this EphemeralVolumeSource + is embedded will be the owner of the PVC, i.e. the PVC + will be deleted together with the pod. The name of the + PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. + Pod validation will reject the pod if the concatenated + name is not valid for a PVC (for example, too long). \n + An existing PVC with that name that is not owned by the + pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC + is meant to be used by the pod, the PVC has to updated + with an owner reference to the pod once the pod exists. + Normally this should not be necessary, but it may be useful + when manually reconstructing a broken cluster. \n This + field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. \n Required, must + not be nil." + properties: + metadata: + description: May contain labels and annotations that + will be copied into the PVC when creating it. No other + fields are allowed and will be rejected during validation. + type: object + spec: + description: The specification for the PersistentVolumeClaim. + The entire content is copied unchanged into the PVC + that gets created from this template. The same fields + as in a PersistentVolumeClaim are also valid here. + properties: + accessModes: + description: 'accessModes contains the desired access + modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: 'dataSource field can be used to specify + either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) If the + provisioner or an external controller can support + the specified data source, it will create a new + volume based on the contents of the specified + data source. If the AnyVolumeDataSource feature + gate is enabled, this field will always have the + same contents as the DataSourceRef field.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: 'dataSourceRef specifies the object + from which to populate the volume with data, if + a non-empty volume is desired. This may be any + local object from a non-empty API group (non core + object) or a PersistentVolumeClaim object. When + this field is specified, volume binding will only + succeed if the type of the specified object matches + some installed volume populator or dynamic provisioner. + This field will replace the functionality of the + DataSource field and as such if both fields are + non-empty, they must have the same value. For + backwards compatibility, both fields (DataSource + and DataSourceRef) will be set to the same value + automatically if one of them is empty and the + other is non-empty. There are two important differences + between DataSource and DataSourceRef: * While + DataSource only allows two specific types of objects, + DataSourceRef allows any non-core object, as well + as PersistentVolumeClaim objects. * While DataSource + ignores disallowed values (dropping them), DataSourceRef + preserves all values, and generates an error if + a disallowed value is specified. (Beta) Using + this field requires the AnyVolumeDataSource feature + gate to be enabled.' + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, + the specified Kind must be in the core API + group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + resources: + description: 'resources represents the minimum resources + the volume should have. If RecoverVolumeExpansionFailure + feature is enabled users are allowed to specify + resource requirements that are lower than previous + value but must still be higher than capacity recorded + in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount + of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum + amount of compute resources required. If Requests + is omitted for a container, it defaults to + Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: 'storageClassName is the name of the + StorageClass required by the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume + is required by the claim. Value of Filesystem + is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource that is + attached to a kubelet's host machine and then exposed to the + pod. + properties: + fsType: + description: 'fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors in the + filesystem from compromising the machine' + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target worldwide + names (WWNs)' + items: + type: string + type: array + wwids: + description: 'wwids Optional: FC volume world wide identifiers + (wwids) Either wwids or combination of targetWWNs and + lun must be set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: flexVolume represents a generic volume resource + that is provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to use for + this volume. + type: string + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends + on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds extra + command options if any.' + type: object + readOnly: + description: 'readOnly is Optional: defaults to false (read/write). + ReadOnly here will force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'secretRef is Optional: secretRef is reference + to the secret object containing sensitive information + to pass to the plugin scripts. This may be empty if no + secret object is specified. If the secret object contains + more than one secret, all secrets are passed to the plugin + scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached to + a kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: datasetName is Name of the dataset stored as + metadata -> name on the dataset for Flocker should be + considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. This + is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'gcePersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'fsType is filesystem type of the volume that + you want to mount. Tip: Ensure that the filesystem type + is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + partition: + description: 'partition is the partition in the volume that + you want to mount. If omitted, the default is to mount + by volume name. Examples: For volume /dev/sda1, you specify + the partition as "1". Similarly, the volume partition + for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'pdName is unique name of the PD resource in + GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'gitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod''s container.' + properties: + directory: + description: directory is the target directory name. Must + not contain or start with '..'. If '.' is supplied, the + volume directory will be the git repository. Otherwise, + if specified, the volume will contain the git repository + in the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the specified + revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'glusterfs represents a Glusterfs mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'endpoints is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'readOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to + false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'hostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write.' + properties: + path: + description: 'path of the directory on the host. If the + path is a symlink, it will follow the link to the real + path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'iscsi represents an ISCSI Disk resource that is + attached to a kubelet''s host machine and then exposed to + the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support iSCSI + Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support iSCSI + Session CHAP authentication + type: boolean + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + initiatorName: + description: initiatorName is the custom iSCSI Initiator + Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iscsiInterface is the interface Name that uses + an iSCSI transport. Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: portals is the iSCSI Target Portal List. The + portal is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI target + and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: targetPortal is iSCSI Target Portal. The Portal + is either an IP or ip_addr:port if the port is other than + default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'name of the volume. Must be a DNS_LABEL and unique + within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'nfs represents an NFS mount on the host that shares + a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'readOnly here will force the NFS export to + be mounted with read-only permissions. Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'persistentVolumeClaimVolumeSource represents a + reference to a PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: readOnly Will force the ReadOnly setting in + VolumeMounts. Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon Controller + persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources secrets, + configmaps, and downward API + properties: + defaultMode: + description: defaultMode are the mode bits used to set permissions + on created files by default. Must be an octal value between + 0000 and 0777 or a decimal value between 0 and 511. YAML + accepts both octal and decimal values, JSON requires decimal + values for mode bits. Directories within the path are + not affected by this setting. This might be in conflict + with other options that affect the file mode, like fsGroup, + and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected along with + other supported volume types + properties: + configMap: + description: configMap information about the configMap + data to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced ConfigMap + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the ConfigMap, the volume + setup will error unless it is marked optional. + Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about the downwardAPI + data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: 'Optional: mode bits used to + set permissions on this file, must be + an octal value between 0000 and 0777 or + a decimal value between 0 and 511. YAML + accepts both octal and decimal values, + JSON requires decimal values for mode + bits. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can + be other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' + path. Must be utf-8 encoded. The first + item of the relative path must not start + with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the + container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults + to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the secret data + to project + properties: + items: + description: items if unspecified, each key-value + pair in the Data field of the referenced Secret + will be projected into the volume as a file + whose name is the key and content is the value. + If specified, the listed keys will be projected + into the specified paths, and unlisted keys + will not be present. If a key is specified which + is not present in the Secret, the volume setup + will error unless it is marked optional. Paths + must be relative and may not contain the '..' + path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits + used to set permissions on this file. + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. YAML accepts both octal and decimal + values, JSON requires decimal values for + mode bits. If not specified, the volume + defaultMode will be used. This might be + in conflict with other options that affect + the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of + the file to map the key to. May not be + an absolute path. May not contain the + path element '..'. May not start with + the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: optional field specify whether the + Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information about + the serviceAccountToken data to project + properties: + audience: + description: audience is the intended audience + of the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: expirationSeconds is the requested + duration of validity of the service account + token. As the token approaches expiration, the + kubelet volume plugin will proactively rotate + the service account token. The kubelet will + start trying to rotate the token if the token + is older than 80 percent of its time to live + or if the token is older than 24 hours.Defaults + to 1 hour and must be at least 10 minutes. + format: int64 + type: integer + path: + description: path is the path relative to the + mount point of the file to project the token + into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the host + that shares a pod's lifetime + properties: + group: + description: group to map volume access to Default is no + group + type: string + readOnly: + description: readOnly here will force the Quobyte volume + to be mounted with read-only permissions. Defaults to + false. + type: boolean + registry: + description: registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: user to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'rbd represents a Rados Block Device mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'fsType is the filesystem type of the volume + that you want to mount. Tip: Ensure that the filesystem + type is supported by the host operating system. Examples: + "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from + compromising the machine' + type: string + image: + description: 'image is the rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: + type: string + type: array + pool: + description: 'pool is the rados pool name. Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'secretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is + nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: 'user is the rados user name. Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: gateway is the host address of the ScaleIO + API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the ScaleIO + Protection Domain for the configured storage. + type: string + readOnly: + description: readOnly Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL communication + with Gateway, default false + type: boolean + storageMode: + description: storageMode indicates whether the storage for + a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage Pool associated + with the protection domain. + type: string + system: + description: system is the name of the storage system as + configured in ScaleIO. + type: string + volumeName: + description: volumeName is the name of a volume already + created in the ScaleIO system that is associated with + this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'defaultMode is Optional: mode bits used to + set permissions on created files by default. Must be an + octal value between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. Defaults to + 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: items If unspecified, each key-value pair in + the Data field of the referenced Secret will be projected + into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in + the Secret, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: 'mode is Optional: mode bits used to + set permissions on this file. Must be an octal value + between 0000 and 0777 or a decimal value between + 0 and 511. YAML accepts both octal and decimal values, + JSON requires decimal values for mode bits. If not + specified, the volume defaultMode will be used. + This might be in conflict with other options that + affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + path: + description: path is the relative path of the file + to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start + with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the Secret or + its keys must be defined + type: boolean + secretName: + description: 'secretName is the name of the secret in the + pod''s namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: fsType is the filesystem type to mount. Must + be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: readOnly defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: secretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: volumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within + a namespace. + type: string + volumeNamespace: + description: volumeNamespace specifies the scope of the + volume within StorageOS. If no namespace is specified + then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. Set VolumeName to any name to + override the default behaviour. Set to "default" if you + are not using namespaces within StorageOS. Namespaces + that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: fsType is filesystem type to mount. Must be + a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy Based + Management (SPBM) profile ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy Based + Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies vSphere + volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + web: + description: Defines the web command line flags when starting Alertmanager. + properties: + httpConfig: + description: Defines HTTP parameters for web server. + properties: + headers: + description: List of headers that can be added to HTTP responses. + properties: + contentSecurityPolicy: + description: Set the Content-Security-Policy header to + HTTP responses. Unset if blank. + type: string + strictTransportSecurity: + description: Set the Strict-Transport-Security header + to HTTP responses. Unset if blank. Please make sure + that you use this with care as this header might force + browsers to load Prometheus and the other applications + hosted on the same domain and subdomains over HTTPS. + https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security + type: string + xContentTypeOptions: + description: Set the X-Content-Type-Options header to + HTTP responses. Unset if blank. Accepted value is nosniff. + https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options + enum: + - "" + - NoSniff + type: string + xFrameOptions: + description: Set the X-Frame-Options header to HTTP responses. + Unset if blank. Accepted values are deny and sameorigin. + https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options + enum: + - "" + - Deny + - SameOrigin + type: string + xXSSProtection: + description: Set the X-XSS-Protection header to all responses. + Unset if blank. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection + type: string + type: object + http2: + description: Enable HTTP/2 support. Note that HTTP/2 is only + supported with TLS. When TLSConfig is not configured, HTTP/2 + will be disabled. Whenever the value of the field changes, + a rolling update will be triggered. + type: boolean + type: object + tlsConfig: + description: Defines the TLS parameters for HTTPS. + properties: + cert: + description: Contains the TLS certificate for the server. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cipherSuites: + description: 'List of supported cipher suites for TLS versions + up to TLS 1.2. If empty, Go default cipher suites are used. + Available cipher suites are documented in the go documentation: + https://golang.org/pkg/crypto/tls/#pkg-constants' + items: + type: string + type: array + client_ca: + description: Contains the CA certificate for client certificate + authentication to the server. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientAuthType: + description: 'Server policy for client authentication. Maps + to ClientAuth Policies. For more detail on clientAuth options: + https://golang.org/pkg/crypto/tls/#ClientAuthType' + type: string + curvePreferences: + description: 'Elliptic curves that will be used in an ECDHE + handshake, in preference order. Available curves are documented + in the go documentation: https://golang.org/pkg/crypto/tls/#CurveID' + items: + type: string + type: array + keySecret: + description: Secret containing the TLS key for the server. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + maxVersion: + description: Maximum TLS version that is acceptable. Defaults + to TLS13. + type: string + minVersion: + description: Minimum TLS version that is acceptable. Defaults + to TLS12. + type: string + preferServerCipherSuites: + description: Controls whether the server selects the client's + most preferred cipher suite, or the server's most preferred + cipher suite. If true then the server's preference, as expressed + in the order of elements in cipherSuites, is used. + type: boolean + required: + - cert + - keySecret + type: object + type: object + type: object + status: + description: 'Most recent observed status of the Alertmanager cluster. + Read-only. Not included when requesting from the apiserver, only from + the Prometheus Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this + Alertmanager cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this + Alertmanager cluster that have the desired version spec. + format: int32 + type: integer + required: + - availableReplicas + - paused + - replicas + - unavailableReplicas + - updatedReplicas + type: object + required: + - spec + type: object + served: true + storage: true + subresources: {} diff --git a/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-podmonitors.yaml b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-podmonitors.yaml new file mode 100644 index 0000000000..f6e208c14b --- /dev/null +++ b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-podmonitors.yaml @@ -0,0 +1,663 @@ +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: podmonitors.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + categories: + - prometheus-operator + kind: PodMonitor + listKind: PodMonitorList + plural: podmonitors + shortNames: + - pmon + singular: podmonitor + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: PodMonitor defines monitoring for a set of pods. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of desired Pod selection for target discovery + by Prometheus. + properties: + attachMetadata: + description: 'Attaches node metadata to discovered targets. Only valid + for role: pod. Only valid in Prometheus versions 2.35.0 and newer.' + properties: + node: + description: When set to true, Prometheus must have permissions + to get Nodes. + type: boolean + type: object + jobLabel: + description: The label to use to retrieve the job name from. + type: string + labelLimit: + description: Per-scrape limit on number of labels that will be accepted + for a sample. Only valid in Prometheus versions 2.27.0 and newer. + format: int64 + type: integer + labelNameLengthLimit: + description: Per-scrape limit on length of labels name that will be + accepted for a sample. Only valid in Prometheus versions 2.27.0 + and newer. + format: int64 + type: integer + labelValueLengthLimit: + description: Per-scrape limit on length of labels value that will + be accepted for a sample. Only valid in Prometheus versions 2.27.0 + and newer. + format: int64 + type: integer + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names to select from. + items: + type: string + type: array + type: object + podMetricsEndpoints: + description: A list of endpoints allowed as part of this PodMonitor. + items: + description: PodMetricsEndpoint defines a scrapeable endpoint of + a Kubernetes Pod serving Prometheus metrics. + properties: + authorization: + description: Authorization section for this endpoint + properties: + credentials: + description: The secret's key that contains the credentials + of the request + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults to Bearer, + Basic will cause an error + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' + properties: + password: + description: The secret in the service monitor namespace + that contains the password for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor namespace + that contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: Secret to mount to read bearer token for scraping + targets. The secret needs to be in the same namespace as the + pod monitor and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + enableHttp2: + description: Whether to enable HTTP2. + type: boolean + followRedirects: + description: FollowRedirects configures whether scrape requests + follow HTTP 3xx redirects. + type: boolean + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether Prometheus respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped If + not specified Prometheus' global scrape interval is used. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before + ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It + defines ``-section of Prometheus + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. + Default is 'replace'. uppercase and lowercase actions + require Prometheus >= 2.36. + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular + expression for the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as + well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + oauth2: + description: OAuth2 for the URL. Only valid in Prometheus versions + 2.27.0 and newer. + properties: + clientId: + description: The secret or configmap containing the OAuth2 + client id + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. If empty, Prometheus + uses the default value (e.g. `/metrics`). + type: string + port: + description: Name of the pod port this endpoint refers to. Mutually + exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelings: + description: 'RelabelConfigs to apply to samples before scraping. + Prometheus Operator automatically adds relabelings for a few + standard Kubernetes fields. The original scrape job''s name + is available via the `__tmp_prometheus_job_name` label. More + info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It + defines ``-section of Prometheus + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. + Default is 'replace'. uppercase and lowercase actions + require Prometheus >= 2.36. + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular + expression for the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label name + which may only contain ASCII letters, numbers, as + well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended If not + specified, the Prometheus global scrape interval is used. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: 'Deprecated: Use ''port'' instead.' + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use when scraping the endpoint. + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + type: object + type: array + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Pod objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + targetLimit: + description: TargetLimit defines a limit on the number of scraped + targets that will be accepted. + format: int64 + type: integer + required: + - podMetricsEndpoints + - selector + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-probes.yaml b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-probes.yaml new file mode 100644 index 0000000000..014ef2743a --- /dev/null +++ b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-probes.yaml @@ -0,0 +1,704 @@ +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_probes.yaml +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: probes.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + categories: + - prometheus-operator + kind: Probe + listKind: ProbeList + plural: probes + shortNames: + - prb + singular: probe + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Probe defines monitoring for a set of static targets or ingresses. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of desired Ingress selection for target discovery + by Prometheus. + properties: + authorization: + description: Authorization section for this endpoint + properties: + credentials: + description: The secret's key that contains the credentials of + the request + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults to Bearer, + Basic will cause an error + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over basic + authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' + properties: + password: + description: The secret in the service monitor namespace that + contains the password for authentication. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor namespace that + contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerTokenSecret: + description: Secret to mount to read bearer token for scraping targets. + The secret needs to be in the same namespace as the probe and accessible + by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + interval: + description: Interval at which targets are probed using the configured + prober. If not specified Prometheus' global scrape interval is used. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + jobName: + description: The job name assigned to scraped metrics by default. + type: string + labelLimit: + description: Per-scrape limit on number of labels that will be accepted + for a sample. Only valid in Prometheus versions 2.27.0 and newer. + format: int64 + type: integer + labelNameLengthLimit: + description: Per-scrape limit on length of labels name that will be + accepted for a sample. Only valid in Prometheus versions 2.27.0 + and newer. + format: int64 + type: integer + labelValueLengthLimit: + description: Per-scrape limit on length of labels value that will + be accepted for a sample. Only valid in Prometheus versions 2.27.0 + and newer. + format: int64 + type: integer + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the label + set, being applied to samples before ingestion. It defines ``-section + of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. Default + is 'replace'. uppercase and lowercase actions require Prometheus + >= 2.36. + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex capture + groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing labels. + Their content is concatenated using the configured separator + and matched against the configured regular expression for + the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label name which + may only contain ASCII letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written in + a replace action. It is mandatory for replace actions. Regex + capture groups are available. + type: string + type: object + type: array + module: + description: 'The module to use for probing specifying how to probe + the target. Example module configuring in the blackbox exporter: + https://github.com/prometheus/blackbox_exporter/blob/master/example.yml' + type: string + oauth2: + description: OAuth2 for the URL. Only valid in Prometheus versions + 2.27.0 and newer. + properties: + clientId: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + clientSecret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + prober: + description: Specification for the prober to use for probing targets. + The prober.URL parameter is required. Targets cannot be probed if + left empty. + properties: + path: + default: /probe + description: Path to collect metrics from. Defaults to `/probe`. + type: string + proxyUrl: + description: Optional ProxyURL. + type: string + scheme: + description: HTTP scheme to use for scraping. Defaults to `http`. + type: string + url: + description: Mandatory URL of the prober. + type: string + required: + - url + type: object + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scrapeTimeout: + description: Timeout for scraping metrics from the Prometheus exporter. + If not specified, the Prometheus global scrape interval is used. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + targetLimit: + description: TargetLimit defines a limit on the number of scraped + targets that will be accepted. + format: int64 + type: integer + targets: + description: Targets defines a set of static or dynamically discovered + targets to probe. + properties: + ingress: + description: ingress defines the Ingress objects to probe and + the relabeling configuration. If `staticConfig` is also defined, + `staticConfig` takes precedence. + properties: + namespaceSelector: + description: From which namespaces to select Ingress objects. + properties: + any: + description: Boolean describing whether all namespaces + are selected in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names to select from. + items: + type: string + type: array + type: object + relabelingConfigs: + description: 'RelabelConfigs to apply to the label set of + the target before it gets scraped. The original ingress + address is available via the `__tmp_prometheus_ingress_address` + label. It can be used to customize the probed URL. The original + scrape job''s name is available via the `__tmp_prometheus_job_name` + label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting of + the label set, being applied to samples before ingestion. + It defines ``-section of Prometheus + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. + Default is 'replace'. uppercase and lowercase actions + require Prometheus >= 2.36. + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex + replace is performed if the regular expression matches. + Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular + expression for the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label + name which may only contain ASCII letters, numbers, + as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + selector: + description: Selector to select the Ingress objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + type: object + staticConfig: + description: 'staticConfig defines the static list of targets + to probe and the relabeling configuration. If `ingress` is also + defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.' + properties: + labels: + additionalProperties: + type: string + description: Labels assigned to all metrics scraped from the + targets. + type: object + relabelingConfigs: + description: 'RelabelConfigs to apply to the label set of + the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting of + the label set, being applied to samples before ingestion. + It defines ``-section of Prometheus + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. + Default is 'replace'. uppercase and lowercase actions + require Prometheus >= 2.36. + enum: + - replace + - Replace + - keep + - Keep + - drop + - Drop + - hashmod + - HashMod + - labelmap + - LabelMap + - labeldrop + - LabelDrop + - labelkeep + - LabelKeep + - lowercase + - Lowercase + - uppercase + - Uppercase + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex + replace is performed if the regular expression matches. + Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular + expression for the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label + name which may only contain ASCII letters, numbers, + as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + static: + description: The list of hosts to probe. + items: + type: string + type: array + type: object + type: object + tlsConfig: + description: TLS configuration to use when scraping the endpoint. + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-prometheuses.yaml b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-prometheuses.yaml new file mode 100644 index 0000000000..d9d97405be --- /dev/null +++ b/charts/rancher-monitoring-crd/103.0.0+up40.1.2/crd-manifest/crd-prometheuses.yaml @@ -0,0 +1,8801 @@ +# https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v0.59.1/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: prometheuses.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + categories: + - prometheus-operator + kind: Prometheus + listKind: PrometheusList + plural: prometheuses + shortNames: + - prom + singular: prometheus + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The version of Prometheus + jsonPath: .spec.version + name: Version + type: string + - description: The desired replicas number of Prometheuses + jsonPath: .spec.replicas + name: Replicas + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: Prometheus defines a Prometheus deployment. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the Prometheus + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: 'AdditionalAlertManagerConfigs allows specifying a key + of a Secret containing additional Prometheus AlertManager configurations. + AlertManager configurations specified are appended to the configurations + generated by the Prometheus Operator. Job configurations specified + must have the form as specified in the official Prometheus documentation: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. + As AlertManager configs are appended, the user is responsible to + make sure it is valid. Note that using this feature may expose the + possibility to break upgrades of Prometheus. It is advised to review + Prometheus release notes to ensure that no incompatible AlertManager + configs are going to break Prometheus after the upgrade.' + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + additionalAlertRelabelConfigs: + description: 'AdditionalAlertRelabelConfigs allows specifying a key + of a Secret containing additional Prometheus alert relabel configurations. + Alert relabel configurations specified are appended to the configurations + generated by the Prometheus Operator. Alert relabel configurations + specified must have the form as specified in the official Prometheus + documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. + As alert relabel configs are appended, the user is responsible to + make sure it is valid. Note that using this feature may expose the + possibility to break upgrades of Prometheus. It is advised to review + Prometheus release notes to ensure that no incompatible alert relabel + configs are going to break Prometheus after the upgrade.' + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + additionalArgs: + description: AdditionalArgs allows setting additional arguments for + the Prometheus container. It is intended for e.g. activating hidden + flags which are not supported by the dedicated configuration options + yet. The arguments are passed as-is to the Prometheus container + which may cause issues if they are invalid or not supporeted by + the given Prometheus version. In case of an argument conflict (e.g. + an argument which is already set by the operator itself) or when + providing an invalid argument the reconciliation will fail and an + error will be logged. + items: + description: Argument as part of the AdditionalArgs list. + properties: + name: + description: Name of the argument, e.g. "scrape.discovery-reload-interval". + minLength: 1 + type: string + value: + description: Argument value, e.g. 30s. Can be empty for name-only + arguments (e.g. --storage.tsdb.no-lockfile) + type: string + required: + - name + type: object + type: array + additionalScrapeConfigs: + description: 'AdditionalScrapeConfigs allows specifying a key of a + Secret containing additional Prometheus scrape configurations. Scrape + configurations specified are appended to the configurations generated + by the Prometheus Operator. Job configurations specified must have + the form as specified in the official Prometheus documentation: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. + As scrape configs are appended, the user is responsible to make + sure it is valid. Note that using this feature may expose the possibility + to break upgrades of Prometheus. It is advised to review Prometheus + release notes to ensure that no incompatible scrape configs are + going to break Prometheus after the upgrade.' + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + affinity: + description: If specified, the pod's scheduling constraints. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + x-kubernetes-map-type: atomic + type: array + required: + - nodeSelectorTerms + type: object + x-kubernetes-map-type: atomic + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace". + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + alerting: + description: Define details regarding alerting. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a + single Endpoints object containing alertmanager IPs to fire + alerts against. + properties: + apiVersion: + description: Version of the Alertmanager API that Prometheus + uses to send alerts. It can be "v1" or "v2". + type: string + authorization: + description: Authorization section for this alertmanager + endpoint + properties: + credentials: + description: The secret's key that contains the credentials + of the request + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: + description: Set the authentication type. Defaults to + Bearer, Basic will cause an error + type: string + type: object + bearerTokenFile: + description: BearerTokenFile to read from filesystem to + use when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed + to. + type: string + port: + anyOf: + - type: integer + - type: string + description: Port the Alertmanager API is exposed on. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use when firing alerts. + type: string + timeout: + description: Timeout is a per-target Alertmanager timeout + when pushing alerts. + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + tlsConfig: + description: TLS Config to use for alertmanager connection. + properties: + ca: + description: Struct containing the CA cert to use for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the + targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. + type: string + cert: + description: Struct containing the client cert file + for the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the + targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus + container for the targets. + type: string + keySecret: + description: Secret containing the client key file for + the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - name + - namespace + - port + type: object + type: array + required: + - alertmanagers + type: object + allowOverlappingBlocks: + description: AllowOverlappingBlocks enables vertical compaction and + vertical query merge in Prometheus. This is still experimental in + Prometheus so it may change in any upcoming release. + type: boolean + apiserverConfig: + description: APIServerConfig allows specifying a host and auth methods + to access apiserver. If left empty, Prometheus is assumed to run + inside of the cluster and will discover API servers automatically + and use the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + properties: + authorization: + description: Authorization section for accessing apiserver + properties: + credentials: + description: The secret's key that contains the credentials + of the request + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + credentialsFile: + description: File to read a secret from, mutually exclusive + with Credentials (from SafeAuthorization) + type: string + type: + description: Set the authentication type. Defaults to Bearer, + Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth allow an endpoint to authenticate over + basic authentication + properties: + password: + description: The secret in the service monitor namespace that + contains the password for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + username: + description: The secret in the service monitor namespace that + contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + bearerToken: + description: Bearer token for accessing apiserver. + type: string + bearerTokenFile: + description: File to read bearer token for accessing apiserver. + type: string + host: + description: Host of apiserver. A valid string consisting of a + hostname or IP followed by an optional port number + type: string + tlsConfig: + description: TLS Config to use for accessing apiserver. + properties: + ca: + description: Struct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus + container for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + required: + - host + type: object + arbitraryFSAccessThroughSMs: + description: ArbitraryFSAccessThroughSMs configures whether configuration + based on a service monitor can access arbitrary files on the file + system of the Prometheus container e.g. bearer token files. + properties: + deny: + type: boolean + type: object + baseImage: + description: 'Base image to use for a Prometheus deployment. Deprecated: + use ''image'' instead' + type: string + configMaps: + description: ConfigMaps is a list of ConfigMaps in the same namespace + as the Prometheus object, which shall be mounted into the Prometheus + Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/. + items: + type: string + type: array + containers: + description: 'Containers allows injecting additional containers or + modifying operator generated containers. This can be used to allow + adding an authentication proxy to a Prometheus pod or to change + the behavior of an operator generated container. Containers described + here modify an operator generated container if they share the same + name and modifications are done via a strategic merge patch. The + current container names are: `prometheus`, `config-reloader`, and + `thanos-sidecar`. Overriding containers is entirely outside the + scope of what the maintainers will support and by doing so, you + accept that this behaviour may break at any time without notice.' + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Not + specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Modifying this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + disableCompaction: + description: Disable prometheus compaction. + type: boolean + enableAdminAPI: + description: 'Enable access to prometheus web admin API. Defaults + to the value of `false`. WARNING: Enabling the admin APIs enables + mutating endpoints, to delete data, shutdown Prometheus, and more. + Enabling this should be done with care and the user is advised to + add additional authentication authorization via a proxy to ensure + only clients authorized to perform these actions can do so. For + more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis' + type: boolean + enableFeatures: + description: Enable access to Prometheus disabled features. By default, + no features are enabled. Enabling disabled features is entirely + outside the scope of what the maintainers will support and by doing + so, you accept that this behaviour may break at any time without + notice. For more information see https://prometheus.io/docs/prometheus/latest/disabled_features/ + items: + type: string + type: array + enableRemoteWriteReceiver: + description: 'Enable Prometheus to be used as a receiver for the Prometheus + remote write protocol. Defaults to the value of `false`. WARNING: + This is not considered an efficient way of ingesting samples. Use + it with caution for specific low-volume use cases. It is not suitable + for replacing the ingestion via scraping and turning Prometheus + into a push-based metrics collection system. For more information + see https://prometheus.io/docs/prometheus/latest/querying/api/#remote-write-receiver + Only valid in Prometheus versions 2.33.0 and newer.' + type: boolean + enforcedBodySizeLimit: + description: 'EnforcedBodySizeLimit defines the maximum size of uncompressed + response body that will be accepted by Prometheus. Targets responding + with a body larger than this many bytes will cause the scrape to + fail. Example: 100MB. If defined, the limit will apply to all service/pod + monitors and probes. This is an experimental feature, this behaviour + could change or be removed in the future. Only valid in Prometheus + versions 2.28.0 and newer.' + pattern: (^0|([0-9]*[.])?[0-9]+((K|M|G|T|E|P)i?)?B)$ + type: string + enforcedLabelLimit: + description: Per-scrape limit on number of labels that will be accepted + for a sample. If more than this number of labels are present post + metric-relabeling, the entire scrape will be treated as failed. + 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. + format: int64 + type: integer + enforcedLabelNameLengthLimit: + description: Per-scrape limit on length of labels name that will be + accepted for a sample. If a label name is longer than this number + post metric-relabeling, the entire scrape will be treated as failed. + 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. + format: int64 + type: integer + enforcedLabelValueLengthLimit: + description: Per-scrape limit on length of labels value that will + be accepted for a sample. If a label value is longer than this number + post metric-relabeling, the entire scrape will be treated as failed. + 0 means no limit. Only valid in Prometheus versions 2.27.0 and newer. + format: int64 + type: integer + enforcedNamespaceLabel: + description: "EnforcedNamespaceLabel If set, a label will be added + to \n 1. all user-metrics (created by `ServiceMonitor`, `PodMonitor` + and `Probe` objects) and 2. in all `PrometheusRule` objects (except + the ones excluded in `prometheusRulesExcludedFromEnforce`) to * + alerting & recording rules and * the metrics used in their expressions + (`expr`). \n Label name is this field's value. Label value is the + namespace of the created object (mentioned above)." + type: string + enforcedSampleLimit: + description: EnforcedSampleLimit defines global limit on number of + scraped samples that will be accepted. This overrides any SampleLimit + set per ServiceMonitor or/and PodMonitor. It is meant to be used + by admins to enforce the SampleLimit to keep overall number of samples/series + under the desired limit. Note that if SampleLimit is lower that + value will be taken instead. + format: int64 + type: integer + enforcedTargetLimit: + description: EnforcedTargetLimit defines a global limit on the number + of scraped targets. This overrides any TargetLimit set per ServiceMonitor + or/and PodMonitor. It is meant to be used by admins to enforce + the TargetLimit to keep the overall number of targets under the + desired limit. Note that if TargetLimit is lower, that value will + be taken instead, except if either value is zero, in which case + the non-zero value will be used. If both values are zero, no limit + is enforced. + format: int64 + type: integer + evaluationInterval: + default: 30s + description: 'Interval between consecutive evaluations. Default: `30s`' + pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ + type: string + excludedFromEnforcement: + description: List of references to PodMonitor, ServiceMonitor, Probe + and PrometheusRule objects to be excluded from enforcing a namespace + label of origin. Applies only if enforcedNamespaceLabel set to true. + items: + description: ObjectReference references a PodMonitor, ServiceMonitor, + Probe or PrometheusRule object. + properties: + group: + default: monitoring.coreos.com + description: Group of the referent. When not specified, it defaults + to `monitoring.coreos.com` + enum: + - monitoring.coreos.com + type: string + name: + description: Name of the referent. When not set, all resources + are matched. + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + minLength: 1 + type: string + resource: + description: Resource of the referent. + enum: + - prometheusrules + - servicemonitors + - podmonitors + - probes + type: string + required: + - namespace + - resource + type: object + type: array + exemplars: + description: Exemplars related settings that are runtime reloadable. + It requires to enable the exemplar storage feature to be effective. + properties: + maxSize: + description: Maximum number of exemplars stored in memory for + all series. If not set, Prometheus uses its default value. A + value of zero or less than zero disables the storage. + format: int64 + type: integer + type: object + externalLabels: + additionalProperties: + type: string + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + hostAliases: + description: Pods' hostAliases configuration + items: + description: HostAlias holds the mapping between IP and hostnames + that will be injected as an entry in the pod's hosts file. + properties: + hostnames: + description: Hostnames for the above IP address. + items: + type: string + type: array + ip: + description: IP address of the host file entry. + type: string + required: + - hostnames + - ip + type: object + type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map + ignoreNamespaceSelectors: + description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector + settings from all PodMonitor, ServiceMonitor and Probe objects. + They will only discover endpoints within the namespace of the PodMonitor, + ServiceMonitor and Probe objects. Defaults to false. + type: boolean + image: + description: Image if specified has precedence over baseImage, tag + and sha combinations. Specifying the version is still necessary + to ensure the Prometheus Operator knows what version of Prometheus + is being configured. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same + namespace to use for pulling prometheus and alertmanager images + from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + initContainers: + description: 'InitContainers allows adding initContainers to the pod + definition. Those can be used to e.g. fetch secrets for injection + into the Prometheus configuration from external sources. Any errors + during the execution of an initContainer will lead to a restart + of the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + InitContainers described here modify an operator generated init + containers if they share the same name and modifications are done + via a strategic merge patch. The current init container name is: + `init-config-reloader`. Overriding init containers is entirely outside + the scope of what the maintainers will support and by doing so, + you accept that this behaviour may break at any time without notice.' + items: + description: A single application container that you want to run + within a pod. + properties: + args: + description: 'Arguments to the entrypoint. The container image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will + be unchanged. Double $$ are reduced to a single $, which allows + for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references + will never be expanded, regardless of whether the variable + exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. + The container image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether + the variable exists or not. Cannot be updated. More info: + https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in + the container and any service environment variables. + If a variable cannot be resolved, the reference in the + input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) + syntax: i.e. "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". Escaped references will never + be expanded, regardless of whether the variable exists + or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: 'Selects a field of the pod: supports + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) + are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of the + exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be + a C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key + will take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set + of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend to each + key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: 'Container image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take + in response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More + info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The Pod''s termination grace period + countdown begins before the PreStop hook is executed. + Regardless of the outcome of the handler, the container + will eventually terminate within the Pod''s termination + grace period (unless delayed by finalizers). Other management + of the container blocks until the hook completes or until + the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's + filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions + ('|', etc) won't work. To use a shell, you need + to explicitly call out to that shell. Exit status + of 0 is treated as live/healthy and non-zero is + unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in + httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the + host. Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: Deprecated. TCPSocket is NOT supported + as a LifecycleHandler and kept for the backward compatibility. + There are no validation of this field and lifecycle + hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect to, + defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range + 1 to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: List of ports to expose from the container. Not + specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Modifying this array with strategic merge patch may corrupt + the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port in a + single container. + properties: + containerPort: + description: Number of port to expose on the pod's IP + address. This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If + specified, this must be a valid port number, 0 < x < + 65536. If HostNetwork is specified, this must match + ContainerPort. Most containers do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod + must have a unique name. Name for the port that can + be referred to by services. + type: string + protocol: + default: TCP + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: 'Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe + fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. + Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + securityContext: + description: 'SecurityContext defines the security options the + container should be run with. If set, the fields of SecurityContext + override the equivalent fields of PodSecurityContext. More + info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether + a process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN Note that this field cannot be set + when spec.os.name is windows.' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by + the container runtime. Note that this field cannot be + set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes + in privileged containers are essentially equivalent to + root on the host. Defaults to false. Note that this field + cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: procMount denotes the type of proc mount to + use for the containers. The default is DefaultProcMount + which uses the container runtime defaults for readonly + paths and masked paths. This requires the ProcMountType + feature flag to be enabled. Note that this field cannot + be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root + filesystem. Default is false. Note that this field cannot + be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a + non-root user. If true, the Kubelet will validate the + image at runtime to ensure that it does not run as UID + 0 (root) and fail to start the container if it does. If + unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both + SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata + if unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. Note + that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a + random SELinux context for each container. May also be + set in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. Note that this field cannot be set when + spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + Note that this field cannot be set when spec.os.name is + windows. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is + linux. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. + type: string + hostProcess: + description: HostProcess determines if a container should + be run as a 'Host Process' container. This field is + alpha-level and will only be honored by components + that enable the WindowsHostProcessContainers feature + flag. Setting this field without the feature flag + will result in errors when validating the Pod. All + of a Pod's containers must have the same effective + HostProcess value (it is not allowed to have a mix + of HostProcess containers and non-HostProcess containers). In + addition, if HostProcess is true then HostNetwork + must also be set to true. + type: boolean + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set + in PodSecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod + will be restarted, just as if the livenessProbe failed. This + can be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. + This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for the + command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', etc) + won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe + to be considered failed after having succeeded. Defaults + to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + This is a beta field and requires enabling GRPCContainerProbe + feature gate. + properties: + port: + description: Port number of the gRPC service. Number + must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: "Service is the name of the service to + place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + \n If this is not specified, the default behavior + is defined by gRPC." + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has + started before liveness probes are initiated. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe + to be considered successful after having failed. Defaults + to 1. Must be 1 for liveness and startup. Minimum value + is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP + port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on + the container. Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: Optional duration in seconds the pod needs + to terminate gracefully upon probe failure. The grace + period is the duration in seconds after the processes + running in the pod are sent a termination signal and the + time when the processes are forcibly halted with a kill + signal. Set this value longer than the expected cleanup + time for your process. If this value is nil, the pod's + terminationGracePeriodSeconds will be used. Otherwise, + this value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates + stop immediately via the kill signal (no opportunity to + shut down). This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. Minimum value + is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer + for stdin in the container runtime. If this is not set, reads + from stdin in the container will always result in EOF. Default + is false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the + stdin channel after it has been opened by a single attach. + When stdin is true the stdin stream will remain open across + multiple attach sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until the first client + attaches to stdin, and then remains open and accepts data + until the client disconnects, at which time stdin is closed + and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin + will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the + container''s termination message will be written is mounted + into the container''s filesystem. Message written is intended + to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. + The total message length across all containers will be limited + to 12kb. Defaults to /dev/termination-log. Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be + populated. File will use the contents of terminationMessagePath + to populate the container status message on both success and + failure. FallbackToLogsOnError will use the last chunk of + container log output if the termination message file is empty + and the container exited with an error. The log output is + limited to 2048 bytes or 80 lines, whichever is smaller. Defaults + to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. + properties: + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume + within a container. + properties: + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other + way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might + be configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logFormat: + description: Log format for Prometheus to be configured with. + enum: + - "" + - logfmt + - json + type: string + logLevel: + description: Log level for Prometheus to be configured with. + enum: + - "" + - debug + - info + - warn + - error + type: string + minReadySeconds: + description: Minimum number of seconds for which a newly created pod + should be ready without any of its container crashing for it to + be considered available. Defaults to 0 (pod will be considered available + as soon as it is ready) This is an alpha field and requires enabling + StatefulSetMinReadySeconds feature gate. + format: int32 + type: integer + nodeSelector: + additionalProperties: + type: string + description: Define which Nodes the Pods are scheduled on. + type: object + overrideHonorLabels: + description: When true, Prometheus resolves label conflicts by renaming + the labels in the scraped data to "exported_