From 99933d111036e49093226b92367b721002232e95 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Wed, 13 Aug 2014 18:21:15 -0700 Subject: [PATCH 001/540] Update flag usages and docs for max restart count Signed-off-by: Michael Crosby Upstream-commit: 5ad4879d2a5ee5af95c8b8ab701a621c8b49609a Component: engine --- components/engine/docs/sources/reference/commandline/cli.md | 3 ++- components/engine/runconfig/parse.go | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/components/engine/docs/sources/reference/commandline/cli.md b/components/engine/docs/sources/reference/commandline/cli.md index 9afa691b6b..a90f504934 100644 --- a/components/engine/docs/sources/reference/commandline/cli.md +++ b/components/engine/docs/sources/reference/commandline/cli.md @@ -992,7 +992,7 @@ removed before the image is removed. format: ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort (use 'docker port' to see the actual mapping) --privileged=false Give extended privileges to this container - --restart="" Restart policy to apply when a container exits (no, on-failure, always) + --restart="" Restart policy to apply when a container exits (no, on-failure[:max-retry], always) --rm=false Automatically remove the container when it exits (incompatible with -d) --sig-proxy=true Proxy received signals to the process (even in non-TTY mode). SIGCHLD, SIGSTOP, and SIGKILL are not proxied. -t, --tty=false Allocate a pseudo-TTY @@ -1244,6 +1244,7 @@ the container exits, Docker will restart it. This will run the `redis` container with a restart policy of ** on-failure ** and a maximum restart count of 10. If the `redis` container exits with a non-zero exit status more than 10 times in a row Docker will abort trying to restart the container. +Providing a maximum restart limit is only valid for the ** on-failure ** policy. ## save diff --git a/components/engine/runconfig/parse.go b/components/engine/runconfig/parse.go index 2b4dc632a0..2b23b355f4 100644 --- a/components/engine/runconfig/parse.go +++ b/components/engine/runconfig/parse.go @@ -73,7 +73,7 @@ func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Conf flCpuShares = cmd.Int64([]string{"c", "-cpu-shares"}, 0, "CPU shares (relative weight)") flCpuset = cmd.String([]string{"-cpuset"}, "", "CPUs in which to allow execution (0-3, 0,1)") flNetMode = cmd.String([]string{"-net"}, "bridge", "Set the Network mode for the container\n'bridge': creates a new network stack for the container on the docker bridge\n'none': no networking for this container\n'container:': reuses another container network stack\n'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.") - flRestartPolicy = cmd.String([]string{"-restart"}, "", "Restart policy to apply when a container exits (no, on-failure, always)") + flRestartPolicy = cmd.String([]string{"-restart"}, "", "Restart policy to apply when a container exits (no, on-failure[:max-retry], always)") // For documentation purpose _ = cmd.Bool([]string{"#sig-proxy", "-sig-proxy"}, true, "Proxy received signals to the process (even in non-TTY mode). SIGCHLD, SIGSTOP, and SIGKILL are not proxied.") _ = cmd.String([]string{"#name", "-name"}, "", "Assign a name to the container") From fd70e8abe862a66cd09f609d3434d9ad3b951440 Mon Sep 17 00:00:00 2001 From: Rajdeep Dua Date: Tue, 19 Aug 2014 04:42:56 -0700 Subject: [PATCH 002/540] Added Test case for Engine shutdown Docker-DCO-1.1-Signed-off-by: Rajdeep Dua (github: rajdeepd) Upstream-commit: 0800f8cc19732a41d8f04aaf42427399557afa54 Component: engine --- components/engine/engine/engine_test.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/components/engine/engine/engine_test.go b/components/engine/engine/engine_test.go index de7f74012e..92f3757251 100644 --- a/components/engine/engine/engine_test.go +++ b/components/engine/engine/engine_test.go @@ -61,6 +61,17 @@ func TestJob(t *testing.T) { } } +func TestEngineShutdown(t *testing.T) { + eng := New() + if eng.IsShutdown() { + t.Fatalf("Engine should not show as shutdown") + } + eng.Shutdown() + if !eng.IsShutdown() { + t.Fatalf("Engine should show as shutdown") + } +} + func TestEngineCommands(t *testing.T) { eng := New() handler := func(job *Job) Status { return StatusOK } From 1ff07a2840027bad5f277914c371e581a84b4a42 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Tue, 19 Aug 2014 16:04:02 +0400 Subject: [PATCH 003/540] Fix logs -f hanging on stopped containers Fixes #7020 Signed-off-by: Alexandr Morozov Upstream-commit: badf8247afa378d04835ec19243ede2fb89a7b31 Component: engine --- components/engine/daemon/logs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/daemon/logs.go b/components/engine/daemon/logs.go index 386d9c69c3..c9c2ab89ba 100644 --- a/components/engine/daemon/logs.go +++ b/components/engine/daemon/logs.go @@ -111,7 +111,7 @@ func (daemon *Daemon) ContainerLogs(job *engine.Job) engine.Status { } } } - if follow { + if follow && container.State.IsRunning() { errors := make(chan error, 2) if stdout { stdoutPipe := container.StdoutLogPipe() From 34b12370d291ef2fb188016501884e435a9ed48d Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Tue, 19 Aug 2014 11:48:55 +0000 Subject: [PATCH 004/540] fix check-config.sh to check for CGROUP_PERF Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: ce3c1f376c21810fd6ec062af810d18682fa2d78 Component: engine --- components/engine/contrib/check-config.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/components/engine/contrib/check-config.sh b/components/engine/contrib/check-config.sh index cb6a4f2b50..cde194b54f 100755 --- a/components/engine/contrib/check-config.sh +++ b/components/engine/contrib/check-config.sh @@ -146,6 +146,7 @@ echo 'Optional Features:' flags=( MEMCG_SWAP RESOURCE_COUNTERS + CGROUP_PERF ) check_flags "${flags[@]}" From 04302ddd9eebe2f1e4cf682a894a82454826e961 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Wed, 20 Aug 2014 20:02:56 +0400 Subject: [PATCH 005/540] Test for following logs for stopped container Signed-off-by: Alexandr Morozov Upstream-commit: f04ef96e076b811eca1f7f230b126572369ccc44 Component: engine --- .../integration-cli/docker_cli_logs_test.go | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/components/engine/integration-cli/docker_cli_logs_test.go b/components/engine/integration-cli/docker_cli_logs_test.go index b32b7344b4..83d4597ce6 100644 --- a/components/engine/integration-cli/docker_cli_logs_test.go +++ b/components/engine/integration-cli/docker_cli_logs_test.go @@ -213,3 +213,35 @@ func TestLogsTail(t *testing.T) { deleteContainer(cleanedContainerID) logDone("logs - logs tail") } + +func TestLogsFollowStopped(t *testing.T) { + runCmd := exec.Command(dockerBinary, "run", "-d", "busybox", "echo", "hello") + + out, _, _, err := runCommandWithStdoutStderr(runCmd) + errorOut(err, t, fmt.Sprintf("run failed with errors: %v", err)) + + cleanedContainerID := stripTrailingCharacters(out) + exec.Command(dockerBinary, "wait", cleanedContainerID).Run() + + logsCmd := exec.Command(dockerBinary, "logs", "-f", cleanedContainerID) + if err := logsCmd.Start(); err != nil { + t.Fatal(err) + } + + c := make(chan struct{}) + go func() { + if err := logsCmd.Wait(); err != nil { + t.Fatal(err) + } + close(c) + }() + + select { + case <-c: + case <-time.After(1 * time.Second): + t.Fatal("Following logs is hanged") + } + + deleteContainer(cleanedContainerID) + logDone("logs - logs follow stopped container") +} From fb6f6f58b2f96ccb09225e9d610fbc3ad7e3b64f Mon Sep 17 00:00:00 2001 From: Eric Windisch Date: Wed, 20 Aug 2014 11:10:42 -0700 Subject: [PATCH 006/540] Add Eric Windisch to MAINTAINER for tarsum This code is vital to the security of the project and it is important we assure it is well-maintained and guarded. I am vested in assuring this code maintains security and provides as much compatibility as possible between releases. Signed-off-by: Eric Windisch Upstream-commit: cd71f92a7fda7a8bdf328a91c37a759463862aeb Component: engine --- components/engine/pkg/tarsum/MAINTAINER | 1 + 1 file changed, 1 insertion(+) create mode 100644 components/engine/pkg/tarsum/MAINTAINER diff --git a/components/engine/pkg/tarsum/MAINTAINER b/components/engine/pkg/tarsum/MAINTAINER new file mode 100644 index 0000000000..bd492e8394 --- /dev/null +++ b/components/engine/pkg/tarsum/MAINTAINER @@ -0,0 +1 @@ +Eric Windisch (@ewindisch) From 8d2d67cdd2bb740d97a420c7c229695099e38915 Mon Sep 17 00:00:00 2001 From: Tianon Gravi Date: Wed, 20 Aug 2014 14:17:11 -0600 Subject: [PATCH 007/540] Optionalize the "hg clone" of Go, since it takes forever (now, to update our Go version too, we need to explicitly "./hack/vendor.sh --go") Signed-off-by: Andrew Page Upstream-commit: 78c68825671eb1bd102d76d671ace9de5a37aa19 Component: engine --- components/engine/hack/vendor.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/components/engine/hack/vendor.sh b/components/engine/hack/vendor.sh index 7af22ea64e..b175918a3b 100755 --- a/components/engine/hack/vendor.sh +++ b/components/engine/hack/vendor.sh @@ -53,11 +53,14 @@ clone hg code.google.com/p/gosqlite 74691fb6f837 # get Go tip's archive/tar, for xattr support and improved performance # TODO after Go 1.4 drops, bump our minimum supported version and drop this vendored dep -clone hg code.google.com/p/go 1b17b3426e3c -mv src/code.google.com/p/go/src/pkg/archive/tar tmp-tar -rm -rf src/code.google.com/p/go -mkdir -p src/code.google.com/p/go/src/pkg/archive -mv tmp-tar src/code.google.com/p/go/src/pkg/archive/tar +if [ "$1" = '--go' ]; then + # Go takes forever and a half to clone, so we only redownload it when explicitly requested via the "--go" flag to this script. + clone hg code.google.com/p/go 1b17b3426e3c + mv src/code.google.com/p/go/src/pkg/archive/tar tmp-tar + rm -rf src/code.google.com/p/go + mkdir -p src/code.google.com/p/go/src/pkg/archive + mv tmp-tar src/code.google.com/p/go/src/pkg/archive/tar +fi clone git github.com/docker/libcontainer db65c35051d05f3fb218a0e84a11267e0894fe0a # see src/github.com/docker/libcontainer/update-vendor.sh which is the "source of truth" for libcontainer deps (just like this file) From 3228a8d12a17b0633c1e9c06ac79ba6cf114bf8d Mon Sep 17 00:00:00 2001 From: dragon788 Date: Tue, 19 Aug 2014 18:04:18 -0500 Subject: [PATCH 008/540] Add link to Ubuntu notes about LTSEnablementStack When running Ubuntu with a graphical environment, the kernel version MUST match the Xorg version. Only installing the suggested packages above breaks Unity for anything other than 2D mode (in VMware and probably native). Signed-off-by: Ethan Spoelstra Upstream-commit: 27f44b9bb162dce988913b981f1f21eb149d875f Component: engine --- .../engine/docs/sources/installation/ubuntulinux.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/components/engine/docs/sources/installation/ubuntulinux.md b/components/engine/docs/sources/installation/ubuntulinux.md index 673ea18b0c..115aba27ea 100644 --- a/components/engine/docs/sources/installation/ubuntulinux.md +++ b/components/engine/docs/sources/installation/ubuntulinux.md @@ -87,9 +87,18 @@ VirtualBox guest additions. If you didn't install the headers for your "precise" kernel, then you can skip these headers for the "raring" kernel. But it is safer to include them if you're not sure. +Please read the installation instructions for backported kernels at +Ubuntu.org to understand why you also need to install the Xorg packages +if running Docker on a machine with a graphical environment like Unity. +[LTS Enablement Stack](https://wiki.ubuntu.com/Kernel/LTSEnablementStack) refer to note 5 under +each version. + # install the backported kernel $ sudo apt-get update $ sudo apt-get install linux-image-generic-lts-raring linux-headers-generic-lts-raring + + # install the backported kernel and xorg if using Unity/Xorg + $ sudo apt-get install --install-recommends linux-generic-lts-raring xserver-xorg-lts-raring libgl1-mesa-glx-lts-raring # reboot $ sudo reboot From 87669d6e48ecd1fa53332c688ec6fd0ea19b603c Mon Sep 17 00:00:00 2001 From: limsy Date: Thu, 21 Aug 2014 03:40:47 -0700 Subject: [PATCH 009/540] daemon: rename from "delete" job to "rm" This commit fixes following FIXMEs: // FIXME: rename "delete" to "rm" for consistency with the CLI command // FIXME: rename ContainerDestroy to ContainerRm for consistency with the CLI command Signed-off-by: lim seong yeol Upstream-commit: 239e932485c3e0f72a4f88ce1301ebe269eb2e27 Component: engine --- components/engine/api/server/server.go | 2 +- components/engine/api/server/server_unit_test.go | 2 +- components/engine/daemon/daemon.go | 4 +--- components/engine/daemon/delete.go | 3 +-- components/engine/integration/server_test.go | 2 +- 5 files changed, 5 insertions(+), 8 deletions(-) diff --git a/components/engine/api/server/server.go b/components/engine/api/server/server.go index 96f5bca6a6..906e3d8e38 100644 --- a/components/engine/api/server/server.go +++ b/components/engine/api/server/server.go @@ -679,7 +679,7 @@ func deleteContainers(eng *engine.Engine, version version.Version, w http.Respon if vars == nil { return fmt.Errorf("Missing parameter") } - job := eng.Job("delete", vars["name"]) + job := eng.Job("rm", vars["name"]) job.Setenv("forceRemove", r.Form.Get("force")) diff --git a/components/engine/api/server/server_unit_test.go b/components/engine/api/server/server_unit_test.go index 950fea51d4..519652f377 100644 --- a/components/engine/api/server/server_unit_test.go +++ b/components/engine/api/server/server_unit_test.go @@ -455,7 +455,7 @@ func TestDeleteContainers(t *testing.T) { eng := engine.New() name := "foo" var called bool - eng.Register("delete", func(job *engine.Job) engine.Status { + eng.Register("rm", func(job *engine.Job) engine.Status { called = true if len(job.Args) == 0 { t.Fatalf("Job arguments is empty") diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go index 811cb3391e..968844e3d2 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go @@ -98,8 +98,6 @@ type Daemon struct { // Install installs daemon capabilities to eng. func (daemon *Daemon) Install(eng *engine.Engine) error { - // FIXME: rename "delete" to "rm" for consistency with the CLI command - // FIXME: rename ContainerDestroy to ContainerRm for consistency with the CLI command // FIXME: remove ImageDelete's dependency on Daemon, then move to graph/ for name, method := range map[string]engine.Handler{ "attach": daemon.ContainerAttach, @@ -110,7 +108,7 @@ func (daemon *Daemon) Install(eng *engine.Engine) error { "container_inspect": daemon.ContainerInspect, "containers": daemon.Containers, "create": daemon.ContainerCreate, - "delete": daemon.ContainerDestroy, + "rm": daemon.ContainerRm, "export": daemon.ContainerExport, "info": daemon.CmdInfo, "kill": daemon.ContainerKill, diff --git a/components/engine/daemon/delete.go b/components/engine/daemon/delete.go index 501aed3e38..8a8331300a 100644 --- a/components/engine/daemon/delete.go +++ b/components/engine/daemon/delete.go @@ -11,8 +11,7 @@ import ( "github.com/docker/docker/pkg/log" ) -// FIXME: rename to ContainerRemove for consistency with the CLI command. -func (daemon *Daemon) ContainerDestroy(job *engine.Job) engine.Status { +func (daemon *Daemon) ContainerRm(job *engine.Job) engine.Status { if len(job.Args) != 1 { return job.Errorf("Not enough arguments. Usage: %s CONTAINER\n", job.Name) } diff --git a/components/engine/integration/server_test.go b/components/engine/integration/server_test.go index 363236fd68..d3aed039f3 100644 --- a/components/engine/integration/server_test.go +++ b/components/engine/integration/server_test.go @@ -218,7 +218,7 @@ func TestCreateStartRestartStopStartKillRm(t *testing.T) { } // FIXME: this failed once with a race condition ("Unable to remove filesystem for xxx: directory not empty") - job = eng.Job("delete", id) + job = eng.Job("rm", id) job.SetenvBool("removeVolume", true) if err := job.Run(); err != nil { t.Fatal(err) From 65adfb23623969d63ca7c74d71d946854173a0a8 Mon Sep 17 00:00:00 2001 From: Vivek Dasgupta Date: Wed, 20 Aug 2014 08:03:46 +0530 Subject: [PATCH 010/540] Fix data space reporting from Kb/Mb to KB/MB Docker-DCO-1.1-Signed-off-by: Vivek Dasgupta (github: vivekdasgupta) Upstream-commit: a327d9b91edf6d36ee5b286ebe968bcca6658f5b Component: engine --- .../engine/daemon/graphdriver/devmapper/driver.go | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/components/engine/daemon/graphdriver/devmapper/driver.go b/components/engine/daemon/graphdriver/devmapper/driver.go index 4c13eb0421..5940d58798 100644 --- a/components/engine/daemon/graphdriver/devmapper/driver.go +++ b/components/engine/daemon/graphdriver/devmapper/driver.go @@ -11,6 +11,7 @@ import ( "github.com/docker/docker/daemon/graphdriver" "github.com/docker/docker/pkg/log" "github.com/docker/docker/pkg/mount" + "github.com/docker/docker/pkg/units" ) func init() { @@ -54,13 +55,13 @@ func (d *Driver) Status() [][2]string { status := [][2]string{ {"Pool Name", s.PoolName}, - {"Pool Blocksize", fmt.Sprintf("%d Kb", s.SectorSize/1024)}, + {"Pool Blocksize", fmt.Sprintf("%s", units.HumanSize(int64(s.SectorSize)))}, {"Data file", s.DataLoopback}, {"Metadata file", s.MetadataLoopback}, - {"Data Space Used", fmt.Sprintf("%.1f Mb", float64(s.Data.Used)/(1024*1024))}, - {"Data Space Total", fmt.Sprintf("%.1f Mb", float64(s.Data.Total)/(1024*1024))}, - {"Metadata Space Used", fmt.Sprintf("%.1f Mb", float64(s.Metadata.Used)/(1024*1024))}, - {"Metadata Space Total", fmt.Sprintf("%.1f Mb", float64(s.Metadata.Total)/(1024*1024))}, + {"Data Space Used", fmt.Sprintf("%s", units.HumanSize(int64(s.Data.Used)))}, + {"Data Space Total", fmt.Sprintf("%s", units.HumanSize(int64(s.Data.Total)))}, + {"Metadata Space Used", fmt.Sprintf("%s", units.HumanSize(int64(s.Metadata.Used)))}, + {"Metadata Space Total", fmt.Sprintf("%s", units.HumanSize(int64(s.Metadata.Total)))}, } return status } From b6a88dc4894598cd3bf47ad9e299fc31d4b1ce77 Mon Sep 17 00:00:00 2001 From: Hollie Teal Date: Thu, 21 Aug 2014 11:04:25 -0700 Subject: [PATCH 011/540] Clean up typos in hub_registry_spec.md Couple of instances of incorrect articles (e.g. "an Docker Hub"). Upstream-commit: c87d9a1de62678743436887edecdbde2e5a67a1a Component: engine --- .../engine/docs/sources/reference/api/hub_registry_spec.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/engine/docs/sources/reference/api/hub_registry_spec.md b/components/engine/docs/sources/reference/api/hub_registry_spec.md index b2d29ab4af..1a37cf5694 100644 --- a/components/engine/docs/sources/reference/api/hub_registry_spec.md +++ b/components/engine/docs/sources/reference/api/hub_registry_spec.md @@ -412,7 +412,7 @@ The Docker Hub has two main purposes (along with its fancy social features): - Authenticate a user as a repos owner (for a central referenced repository) -### Without an Docker Hub +### Without a Docker Hub Using the Registry without the Docker Hub can be useful to store the images on a private network without having to rely on an external entity @@ -433,7 +433,7 @@ As hinted previously, a standalone registry can also be implemented by any HTTP server handling GET/PUT requests (or even only GET requests if no write access is necessary). -### With an Docker Hub +### With a Docker Hub The Docker Hub data needed by the Registry are simple: From f13f1856dfddfe67366ee26dfe5eefef0f3c3414 Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Thu, 21 Aug 2014 15:35:20 -0400 Subject: [PATCH 012/540] --help option and help command should print to stdout not stderr --help and help are successful commands so output should not go to error. QE teams have requested this change, also users doing docker help | less or docker run --help | less would expect this to work. Usage statement should only be printed when the user asks for it. Errors should print error message and then suggest the docker COMMAND --help command to see usage information. The current behaviour causes the user to have to search for the error message and sometimes scrolls right off the screen. For example a error on a "docker run" command is very difficult to diagnose. Finally erros should always exit with a non 0 exit code, if the user makes a CLI error. Docker-DCO-1.1-Signed-off-by: Dan Walsh (github: rhatdan) Upstream-commit: 61b129d81802e3c988cc0e67e488b24968dd748a Component: engine --- components/engine/api/client/cli.go | 9 +- components/engine/api/client/commands.go | 229 ++++++++++++++---- components/engine/docker/flags.go | 1 + components/engine/docs/man/docker-attach.1.md | 4 + components/engine/docs/man/docker-build.1.md | 4 + components/engine/docs/man/docker-commit.1.md | 4 + components/engine/docs/man/docker-cp.1.md | 4 +- components/engine/docs/man/docker-diff.1.md | 4 +- components/engine/docs/man/docker-events.1.md | 4 + components/engine/docs/man/docker-export.1.md | 4 +- .../engine/docs/man/docker-history.1.md | 4 + components/engine/docs/man/docker-images.1.md | 4 + components/engine/docs/man/docker-import.1.md | 4 +- components/engine/docs/man/docker-info.1.md | 4 +- .../engine/docs/man/docker-inspect.1.md | 4 + components/engine/docs/man/docker-kill.1.md | 4 + components/engine/docs/man/docker-load.1.md | 4 + components/engine/docs/man/docker-login.1.md | 4 + components/engine/docs/man/docker-logs.1.md | 4 + components/engine/docs/man/docker-port.1.md | 1 + components/engine/docs/man/docker-ps.1.md | 4 + components/engine/docs/man/docker-pull.1.md | 6 +- components/engine/docs/man/docker-push.1.md | 4 +- .../engine/docs/man/docker-restart.1.md | 4 + components/engine/docs/man/docker-rm.1.md | 3 + components/engine/docs/man/docker-rmi.1.md | 4 + components/engine/docs/man/docker-run.1.md | 4 + components/engine/docs/man/docker-save.1.md | 4 + components/engine/docs/man/docker-search.1.md | 4 + components/engine/docs/man/docker-start.1.md | 4 + components/engine/docs/man/docker-stop.1.md | 4 + components/engine/docs/man/docker-tag.1.md | 1 + components/engine/docs/man/docker-top.1.md | 4 +- components/engine/docs/man/docker-wait.1.md | 4 +- components/engine/docs/man/docker.1.md | 3 + .../docs/sources/reference/commandline/cli.md | 13 + components/engine/pkg/mflag/flag.go | 17 +- components/engine/runconfig/parse.go | 12 +- 38 files changed, 335 insertions(+), 68 deletions(-) diff --git a/components/engine/api/client/cli.go b/components/engine/api/client/cli.go index d80f9cc32c..aeeededeb1 100644 --- a/components/engine/api/client/cli.go +++ b/components/engine/api/client/cli.go @@ -52,8 +52,8 @@ func (cli *DockerCli) Cmd(args ...string) error { if len(args) > 0 { method, exists := cli.getMethod(args[0]) if !exists { - fmt.Println("Error: Command not found:", args[0]) - return cli.CmdHelp(args[1:]...) + fmt.Fprintf(cli.err, "docker: '%s' is not a docker command. See 'docker --help'.\n", args[0]) + os.Exit(1) } return method(args[1:]...) } @@ -63,9 +63,10 @@ func (cli *DockerCli) Cmd(args ...string) error { func (cli *DockerCli) Subcmd(name, signature, description string) *flag.FlagSet { flags := flag.NewFlagSet(name, flag.ContinueOnError) flags.Usage = func() { - fmt.Fprintf(cli.err, "\nUsage: docker %s %s\n\n%s\n\n", name, signature, description) + fmt.Fprintf(cli.out, "\nUsage: docker %s %s\n\n%s\n\n", name, signature, description) + flags.SetOutput(cli.out) flags.PrintDefaults() - os.Exit(2) + os.Exit(0) } return flags } diff --git a/components/engine/api/client/commands.go b/components/engine/api/client/commands.go index 81b0668cda..ac388816f0 100644 --- a/components/engine/api/client/commands.go +++ b/components/engine/api/client/commands.go @@ -48,6 +48,8 @@ func (cli *DockerCli) CmdHelp(args ...string) error { method, exists := cli.getMethod(args[0]) if !exists { fmt.Fprintf(cli.err, "Error: Command not found: %s\n", args[0]) + fmt.Fprintf(cli.err, "docker: '%s' is not a docker command. See 'docker --help'.\n", args[0]) + os.Exit(1) } else { method("--help") return nil @@ -93,7 +95,7 @@ func (cli *DockerCli) CmdHelp(args ...string) error { } { help += fmt.Sprintf(" %-10.10s%s\n", command[0], command[1]) } - fmt.Fprintf(cli.err, "%s\n", help) + fmt.Fprintf(cli.out, "%s\n", help) return nil } @@ -104,13 +106,18 @@ func (cli *DockerCli) CmdBuild(args ...string) error { noCache := cmd.Bool([]string{"#no-cache", "-no-cache"}, false, "Do not use cache when building the image") rm := cmd.Bool([]string{"#rm", "-rm"}, true, "Remove intermediate containers after a successful build") forceRm := cmd.Bool([]string{"-force-rm"}, false, "Always remove intermediate containers, even after unsuccessful builds") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } var ( context archive.Archive @@ -262,10 +269,16 @@ func (cli *DockerCli) CmdLogin(args ...string) error { cmd.StringVar(&username, []string{"u", "-username"}, "", "Username") cmd.StringVar(&password, []string{"p", "-password"}, "", "Password") cmd.StringVar(&email, []string{"e", "-email"}, "", "Email") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + err := cmd.Parse(args) if err != nil { return nil } + if *help { + cmd.Usage() + return nil + } serverAddress := registry.IndexServerAddress() if len(cmd.Args()) > 0 { serverAddress = cmd.Arg(0) @@ -385,13 +398,18 @@ func (cli *DockerCli) CmdLogout(args ...string) error { // 'docker wait': block until a container stops func (cli *DockerCli) CmdWait(args ...string) error { cmd := cli.Subcmd("wait", "CONTAINER [CONTAINER...]", "Block until a container stops, then print its exit code.") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } var encounteredError error for _, name := range cmd.Args() { status, err := waitForExit(cli, name) @@ -411,10 +429,8 @@ func (cli *DockerCli) CmdVersion(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() > 0 { - cmd.Usage() - return nil + if cmd.BadArgs(0) { + os.Exit(1) } if dockerversion.VERSION != "" { fmt.Fprintf(cli.out, "Client version: %s\n", dockerversion.VERSION) @@ -457,9 +473,8 @@ func (cli *DockerCli) CmdInfo(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() > 0 { - cmd.Usage() - return nil + if cmd.BadArgs(0) { + os.Exit(1) } body, _, err := readBody(cli.call("GET", "/info", nil, false)) @@ -531,13 +546,18 @@ func (cli *DockerCli) CmdInfo(args ...string) error { func (cli *DockerCli) CmdStop(args ...string) error { cmd := cli.Subcmd("stop", "[OPTIONS] CONTAINER [CONTAINER...]", "Stop a running container by sending SIGTERM and then SIGKILL after a grace period") nSeconds := cmd.Int([]string{"t", "-time"}, 10, "Number of seconds to wait for the container to stop before killing it. Default is 10 seconds.") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } v := url.Values{} v.Set("t", strconv.Itoa(*nSeconds)) @@ -558,13 +578,18 @@ func (cli *DockerCli) CmdStop(args ...string) error { func (cli *DockerCli) CmdRestart(args ...string) error { cmd := cli.Subcmd("restart", "[OPTIONS] CONTAINER [CONTAINER...]", "Restart a running container") nSeconds := cmd.Int([]string{"t", "-time"}, 10, "Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default is 10 seconds.") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } v := url.Values{} v.Set("t", strconv.Itoa(*nSeconds)) @@ -616,15 +641,19 @@ func (cli *DockerCli) CmdStart(args ...string) error { cmd = cli.Subcmd("start", "CONTAINER [CONTAINER...]", "Restart a stopped container") attach = cmd.Bool([]string{"a", "-attach"}, false, "Attach container's STDOUT and STDERR and forward all signals to the process") openStdin = cmd.Bool([]string{"i", "-interactive"}, false, "Attach container's STDIN") + help = cmd.Bool([]string{"#help", "-help"}, false, "Print usage") ) if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } if *attach || *openStdin { if cmd.NArg() > 1 { @@ -704,10 +733,8 @@ func (cli *DockerCli) CmdUnpause(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() != 1 { - cmd.Usage() - return nil + if cmd.BadArgs(1) { + os.Exit(1) } var encounteredError error @@ -727,10 +754,8 @@ func (cli *DockerCli) CmdPause(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() != 1 { - cmd.Usage() - return nil + if cmd.BadArgs(1) { + os.Exit(1) } var encounteredError error @@ -748,13 +773,18 @@ func (cli *DockerCli) CmdPause(args ...string) error { func (cli *DockerCli) CmdInspect(args ...string) error { cmd := cli.Subcmd("inspect", "CONTAINER|IMAGE [CONTAINER|IMAGE...]", "Return low-level information on a container or image") tmplStr := cmd.String([]string{"f", "#format", "-format"}, "", "Format the output using the given go template.") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } var tmpl *template.Template if *tmplStr != "" { @@ -827,13 +857,18 @@ func (cli *DockerCli) CmdInspect(args ...string) error { func (cli *DockerCli) CmdTop(args ...string) error { cmd := cli.Subcmd("top", "CONTAINER [ps OPTIONS]", "Display the running processes of a container") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() == 0 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } val := url.Values{} if cmd.NArg() > 1 { val.Set("ps_args", strings.Join(cmd.Args()[1:], " ")) @@ -862,13 +897,17 @@ func (cli *DockerCli) CmdTop(args ...string) error { func (cli *DockerCli) CmdPort(args ...string) error { cmd := cli.Subcmd("port", "CONTAINER PRIVATE_PORT", "Lookup the public-facing port that is NAT-ed to PRIVATE_PORT") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() != 2 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(2) { + os.Exit(1) + } var ( port = cmd.Arg(1) @@ -912,13 +951,18 @@ func (cli *DockerCli) CmdRmi(args ...string) error { force = cmd.Bool([]string{"f", "-force"}, false, "Force removal of the image") noprune = cmd.Bool([]string{"-no-prune"}, false, "Do not delete untagged parents") ) + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } v := url.Values{} if *force { @@ -957,14 +1001,18 @@ func (cli *DockerCli) CmdHistory(args ...string) error { cmd := cli.Subcmd("history", "[OPTIONS] IMAGE", "Show the history of an image") quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only show numeric IDs") noTrunc := cmd.Bool([]string{"#notrunc", "-no-trunc"}, false, "Don't truncate output") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } body, _, err := readBody(cli.call("GET", "/images/"+cmd.Arg(0)+"/history", nil, false)) if err != nil { @@ -1015,14 +1063,18 @@ func (cli *DockerCli) CmdRm(args ...string) error { v := cmd.Bool([]string{"v", "-volumes"}, false, "Remove the volumes associated with the container") link := cmd.Bool([]string{"l", "#link", "-link"}, false, "Remove the specified link and not the underlying container") force := cmd.Bool([]string{"f", "-force"}, false, "Force the removal of a running container (uses SIGKILL)") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } val := url.Values{} if *v { @@ -1053,14 +1105,18 @@ func (cli *DockerCli) CmdRm(args ...string) error { func (cli *DockerCli) CmdKill(args ...string) error { cmd := cli.Subcmd("kill", "[OPTIONS] CONTAINER [CONTAINER...]", "Kill a running container using SIGKILL or a specified signal") signal := cmd.String([]string{"s", "-signal"}, "KILL", "Signal to send to the container") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } var encounteredError error for _, name := range cmd.Args() { @@ -1076,15 +1132,18 @@ func (cli *DockerCli) CmdKill(args ...string) error { func (cli *DockerCli) CmdImport(args ...string) error { cmd := cli.Subcmd("import", "URL|- [REPOSITORY[:TAG]]", "Create an empty filesystem image and import the contents of the tarball (.tar, .tar.gz, .tgz, .bzip, .tar.xz, .txz) into it, then optionally tag it.") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() < 1 { + if *help { cmd.Usage() return nil } - + if cmd.BadArgs(2) { + os.Exit(1) + } var ( v = url.Values{} src = cmd.Arg(0) @@ -1117,9 +1176,15 @@ func (cli *DockerCli) CmdImport(args ...string) error { func (cli *DockerCli) CmdPush(args ...string) error { cmd := cli.Subcmd("push", "NAME[:TAG]", "Push an image or a repository to the registry") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } + if *help { + cmd.Usage() + return nil + } name := cmd.Arg(0) if name == "" { @@ -1183,14 +1248,19 @@ func (cli *DockerCli) CmdPush(args ...string) error { func (cli *DockerCli) CmdPull(args ...string) error { cmd := cli.Subcmd("pull", "NAME[:TAG]", "Pull an image or a repository from the registry") tag := cmd.String([]string{"#t", "#-tag"}, "", "Download tagged image in a repository") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + + if cmd.BadArgs(1) { + os.Exit(1) + } var ( v = url.Values{} remote = cmd.Arg(0) @@ -1251,6 +1321,7 @@ func (cli *DockerCli) CmdImages(args ...string) error { // FIXME: --viz and --tree are deprecated. Remove them in a future version. flViz := cmd.Bool([]string{"#v", "#viz", "#-viz"}, false, "Output graph in graphviz format") flTree := cmd.Bool([]string{"#t", "#tree", "#-tree"}, false, "Output graph in tree format") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") flFilter := opts.NewListOpts(nil) cmd.Var(&flFilter, []string{"f", "-filter"}, "Provide filter values (i.e. 'dangling=true')") @@ -1258,10 +1329,13 @@ func (cli *DockerCli) CmdImages(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() > 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } // Consolidate all filter flags, and sanity check them early. // They'll get process in the daemon/server. @@ -1484,6 +1558,7 @@ func (cli *DockerCli) CmdPs(args ...string) error { since := cmd.String([]string{"#sinceId", "#-since-id", "-since"}, "", "Show only containers created since Id or Name, include non-running ones.") before := cmd.String([]string{"#beforeId", "#-before-id", "-before"}, "", "Show only container created before Id or Name, include non-running ones.") last := cmd.Int([]string{"n"}, -1, "Show n last created containers, include non-running ones.") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") flFilter := opts.NewListOpts(nil) cmd.Var(&flFilter, []string{"f", "-filter"}, "Provide filter values. Valid filters:\nexited= - containers with exit code of ") @@ -1491,6 +1566,10 @@ func (cli *DockerCli) CmdPs(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } + if *help { + cmd.Usage() + return nil + } v := url.Values{} if *last == -1 && *nLatest { *last = 1 @@ -1601,9 +1680,14 @@ func (cli *DockerCli) CmdCommit(args ...string) error { flAuthor := cmd.String([]string{"a", "#author", "-author"}, "", "Author (e.g., \"John Hannibal Smith \")") // FIXME: --run is deprecated, it will be replaced with inline Dockerfile commands. flConfig := cmd.String([]string{"#run", "#-run"}, "", "This option is deprecated and will be removed in a future version in favor of inline Dockerfile-compatible commands") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } + if *help { + cmd.Usage() + return nil + } var ( name = cmd.Arg(0) @@ -1659,14 +1743,19 @@ func (cli *DockerCli) CmdEvents(args ...string) error { cmd := cli.Subcmd("events", "[OPTIONS]", "Get real time events from the server") since := cmd.String([]string{"#since", "-since"}, "", "Show all events created since timestamp") until := cmd.String([]string{"-until"}, "", "Stream events until this timestamp") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() != 0 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(0) { + os.Exit(1) + } + var ( v = url.Values{} loc = time.FixedZone(time.Now().Zone()) @@ -1696,14 +1785,18 @@ func (cli *DockerCli) CmdEvents(args ...string) error { func (cli *DockerCli) CmdExport(args ...string) error { cmd := cli.Subcmd("export", "CONTAINER", "Export the contents of a filesystem as a tar archive to STDOUT") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } if err := cli.stream("GET", "/containers/"+cmd.Arg(0)+"/export", nil, cli.out, nil); err != nil { return err @@ -1713,13 +1806,18 @@ func (cli *DockerCli) CmdExport(args ...string) error { func (cli *DockerCli) CmdDiff(args ...string) error { cmd := cli.Subcmd("diff", "CONTAINER", "Inspect changes on a container's filesystem") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } body, _, err := readBody(cli.call("GET", "/containers/"+cmd.Arg(0)+"/changes", nil, false)) @@ -1752,16 +1850,19 @@ func (cli *DockerCli) CmdLogs(args ...string) error { follow = cmd.Bool([]string{"f", "-follow"}, false, "Follow log output") times = cmd.Bool([]string{"t", "-timestamps"}, false, "Show timestamps") tail = cmd.String([]string{"-tail"}, "all", "Output the specified number of lines at the end of logs (defaults to all logs)") + help = cmd.Bool([]string{"#help", "-help"}, false, "Print usage") ) if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } name := cmd.Arg(0) steam, _, err := cli.call("GET", "/containers/"+name+"/json", nil, false) @@ -1795,16 +1896,19 @@ func (cli *DockerCli) CmdAttach(args ...string) error { cmd = cli.Subcmd("attach", "[OPTIONS] CONTAINER", "Attach to a running container") noStdin = cmd.Bool([]string{"#nostdin", "-no-stdin"}, false, "Do not attach STDIN") proxy = cmd.Bool([]string{"#sig-proxy", "-sig-proxy"}, true, "Proxy all received signals to the process (even in non-TTY mode). SIGCHLD, SIGKILL, and SIGSTOP are not proxied.") + help = cmd.Bool([]string{"#help", "-help"}, false, "Print usage") ) if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } name := cmd.Arg(0) stream, _, err := cli.call("GET", "/containers/"+name+"/json", nil, false) @@ -1870,13 +1974,18 @@ func (cli *DockerCli) CmdSearch(args ...string) error { trusted := cmd.Bool([]string{"#t", "#trusted", "#-trusted"}, false, "Only show trusted builds") automated := cmd.Bool([]string{"-automated"}, false, "Only show automated builds") stars := cmd.Int([]string{"s", "#stars", "-stars"}, 0, "Only displays with at least x stars") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } v := url.Values{} v.Set("term", cmd.Arg(0)) @@ -1922,13 +2031,18 @@ type ports []int func (cli *DockerCli) CmdTag(args ...string) error { cmd := cli.Subcmd("tag", "[OPTIONS] IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG]", "Tag an image into a repository") force := cmd.Bool([]string{"f", "#force", "-force"}, false, "Force") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() != 2 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(2) { + os.Exit(1) + } var ( repository, tag = parsers.ParseRepositoryTag(cmd.Arg(1)) @@ -1993,6 +2107,11 @@ func (cli *DockerCli) CmdRun(args ...string) error { if err != nil { return err } + if config == nil { + cmd.Usage() + return nil + } + if config.Image == "" { cmd.Usage() return nil @@ -2215,14 +2334,18 @@ func (cli *DockerCli) CmdRun(args ...string) error { func (cli *DockerCli) CmdCp(args ...string) error { cmd := cli.Subcmd("cp", "CONTAINER:PATH HOSTPATH", "Copy files/folders from the PATH to the HOSTPATH") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + if err := cmd.Parse(args); err != nil { return nil } - - if cmd.NArg() != 2 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(2) { + os.Exit(1) + } var copyData engine.Env info := strings.Split(cmd.Arg(0), ":") @@ -2256,15 +2379,18 @@ func (cli *DockerCli) CmdCp(args ...string) error { func (cli *DockerCli) CmdSave(args ...string) error { cmd := cli.Subcmd("save", "IMAGE", "Save an image to a tar archive (streamed to STDOUT by default)") outfile := cmd.String([]string{"o", "-output"}, "", "Write to an file, instead of STDOUT") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return err } - - if cmd.NArg() != 1 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(1) { + os.Exit(1) + } var ( output io.Writer = cli.out @@ -2286,15 +2412,18 @@ func (cli *DockerCli) CmdSave(args ...string) error { func (cli *DockerCli) CmdLoad(args ...string) error { cmd := cli.Subcmd("load", "", "Load an image from a tar archive on STDIN") infile := cmd.String([]string{"i", "-input"}, "", "Read from a tar archive file, instead of STDIN") + help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return err } - - if cmd.NArg() != 0 { + if *help { cmd.Usage() return nil } + if cmd.BadArgs(0) { + os.Exit(1) + } var ( input io.Reader = cli.in diff --git a/components/engine/docker/flags.go b/components/engine/docker/flags.go index baae40eafc..46f52f9148 100644 --- a/components/engine/docker/flags.go +++ b/components/engine/docker/flags.go @@ -26,6 +26,7 @@ var ( flEnableCors = flag.Bool([]string{"#api-enable-cors", "-api-enable-cors"}, false, "Enable CORS headers in the remote API") flTls = flag.Bool([]string{"-tls"}, false, "Use TLS; implied by tls-verify flags") flTlsVerify = flag.Bool([]string{"-tlsverify"}, false, "Use TLS and verify the remote (daemon: verify client, client: verify daemon)") + flHelp = flag.Bool([]string{"h", "-help"}, false, "Print usage") // these are initialized in init() below since their default values depend on dockerCertPath which isn't fully initialized until init() runs flCa *string diff --git a/components/engine/docs/man/docker-attach.1.md b/components/engine/docs/man/docker-attach.1.md index 7deda6c75e..becec9fadd 100644 --- a/components/engine/docs/man/docker-attach.1.md +++ b/components/engine/docs/man/docker-attach.1.md @@ -6,6 +6,7 @@ docker-attach - Attach to a running container # SYNOPSIS **docker attach** +[**--help**]/ [**--no-stdin**[=*false*]] [**--sig-proxy**[=*true*]] CONTAINER @@ -21,6 +22,9 @@ When you detach from a container the exit code will be returned to the client. # OPTIONS +**--help** + Print usage statement + **--no-stdin**=*true*|*false* Do not attach STDIN. The default is *false*. diff --git a/components/engine/docs/man/docker-build.1.md b/components/engine/docs/man/docker-build.1.md index c562660b6f..19222c8f25 100644 --- a/components/engine/docs/man/docker-build.1.md +++ b/components/engine/docs/man/docker-build.1.md @@ -6,6 +6,7 @@ docker-build - Build a new image from the source code at PATH # SYNOPSIS **docker build** +[**--help**] [**--force-rm**[=*false*]] [**--no-cache**[=*false*]] [**-q**|**--quiet**[=*false*]] @@ -36,6 +37,9 @@ as context. **--no-cache**=*true*|*false* Do not use cache when building the image. The default is *false*. +**--help** + Print usage statement + **-q**, **--quiet**=*true*|*false* Suppress the verbose output generated by the containers. The default is *false*. diff --git a/components/engine/docs/man/docker-commit.1.md b/components/engine/docs/man/docker-commit.1.md index 31edcc0397..7f519527f0 100644 --- a/components/engine/docs/man/docker-commit.1.md +++ b/components/engine/docs/man/docker-commit.1.md @@ -7,6 +7,7 @@ docker-commit - Create a new image from a container's changes # SYNOPSIS **docker commit** [**-a**|**--author**[=*AUTHOR*]] +[**--help**] [**-m**|**--message**[=*MESSAGE*]] [**-p**|**--pause**[=*true*]] CONTAINER [REPOSITORY[:TAG]] @@ -18,6 +19,9 @@ Using an existing container's name or ID you can create a new image. **-a**, **--author**="" Author (e.g., "John Hannibal Smith ") +**--help** + Print usage statement + **-m**, **--message**="" Commit message diff --git a/components/engine/docs/man/docker-cp.1.md b/components/engine/docs/man/docker-cp.1.md index dc8f295bbe..ac49a47a54 100644 --- a/components/engine/docs/man/docker-cp.1.md +++ b/components/engine/docs/man/docker-cp.1.md @@ -6,6 +6,7 @@ docker-cp - Copy files/folders from the PATH to the HOSTPATH # SYNOPSIS **docker cp** +[**--help**] CONTAINER:PATH HOSTPATH # DESCRIPTION @@ -14,7 +15,8 @@ path. Paths are relative to the root of the filesystem. Files can be copied from a running or stopped container. # OPTIONS -There are no available options. +**--help** + Print usage statement # EXAMPLES An important shell script file, created in a bash shell, is copied from diff --git a/components/engine/docs/man/docker-diff.1.md b/components/engine/docs/man/docker-diff.1.md index acf0911b04..6c6c502533 100644 --- a/components/engine/docs/man/docker-diff.1.md +++ b/components/engine/docs/man/docker-diff.1.md @@ -6,6 +6,7 @@ docker-diff - Inspect changes on a container's filesystem # SYNOPSIS **docker diff** +[**--help**] CONTAINER # DESCRIPTION @@ -14,7 +15,8 @@ shortened container ID or the container name set using **docker run --name** option. # OPTIONS -There are no available options. +**--help** + Print usage statement # EXAMPLES Inspect the changes to on a nginx container: diff --git a/components/engine/docs/man/docker-events.1.md b/components/engine/docs/man/docker-events.1.md index 8fa85871a8..297e1073f0 100644 --- a/components/engine/docs/man/docker-events.1.md +++ b/components/engine/docs/man/docker-events.1.md @@ -6,6 +6,7 @@ docker-events - Get real time events from the server # SYNOPSIS **docker events** +[**--help**] [**--since**[=*SINCE*]] [**--until**[=*UNTIL*]] @@ -15,6 +16,9 @@ Get event information from the Docker daemon. Information can include historical information and real-time information. # OPTIONS +**--help** + Print usage statement + **--since**="" Show all events created since timestamp diff --git a/components/engine/docs/man/docker-export.1.md b/components/engine/docs/man/docker-export.1.md index 8fd7834a15..d2b22d2217 100644 --- a/components/engine/docs/man/docker-export.1.md +++ b/components/engine/docs/man/docker-export.1.md @@ -6,6 +6,7 @@ docker-export - Export the contents of a filesystem as a tar archive to STDOUT # SYNOPSIS **docker export** +[**--help**] CONTAINER # DESCRIPTION @@ -14,7 +15,8 @@ container ID or container name. The output is exported to STDOUT and can be redirected to a tar file. # OPTIONS -There are no available options. +**--help** + Print usage statement # EXAMPLES Export the contents of the container called angry_bell to a tar file diff --git a/components/engine/docs/man/docker-history.1.md b/components/engine/docs/man/docker-history.1.md index ddb164e50b..211ce6d5b5 100644 --- a/components/engine/docs/man/docker-history.1.md +++ b/components/engine/docs/man/docker-history.1.md @@ -6,6 +6,7 @@ docker-history - Show the history of an image # SYNOPSIS **docker history** +[**--help**] [**--no-trunc**[=*false*]] [**-q**|**--quiet**[=*false*]] IMAGE @@ -15,6 +16,9 @@ docker-history - Show the history of an image Show the history of when and how an image was created. # OPTIONS +**--help** + Print usage statement + **--no-trunc**=*true*|*false* Don't truncate output. The default is *false*. diff --git a/components/engine/docs/man/docker-images.1.md b/components/engine/docs/man/docker-images.1.md index c572ee674b..460265af78 100644 --- a/components/engine/docs/man/docker-images.1.md +++ b/components/engine/docs/man/docker-images.1.md @@ -6,6 +6,7 @@ docker-images - List images # SYNOPSIS **docker images** +[**--help**] [**-a**|**--all**[=*false*]] [**-f**|**--filter**[=*[]*]] [**--no-trunc**[=*false*]] @@ -35,6 +36,9 @@ versions. **-f**, **--filter**=[] Provide filter values (i.e. 'dangling=true') +**--help** + Print usage statement + **--no-trunc**=*true*|*false* Don't truncate output. The default is *false*. diff --git a/components/engine/docs/man/docker-import.1.md b/components/engine/docs/man/docker-import.1.md index 2d67b8bc78..974288c721 100644 --- a/components/engine/docs/man/docker-import.1.md +++ b/components/engine/docs/man/docker-import.1.md @@ -6,6 +6,7 @@ docker-import - Create an empty filesystem image and import the contents of the # SYNOPSIS **docker import** +[**--help**] URL|- [REPOSITORY[:TAG]] # DESCRIPTION @@ -13,7 +14,8 @@ Create a new filesystem image from the contents of a tarball (`.tar`, `.tar.gz`, `.tgz`, `.bzip`, `.tar.xz`, `.txz`) into it, then optionally tag it. # OPTIONS -There are no available options. +**--help** + Print usage statement # EXAMPLES diff --git a/components/engine/docs/man/docker-info.1.md b/components/engine/docs/man/docker-info.1.md index bf64a7b543..03d46390fd 100644 --- a/components/engine/docs/man/docker-info.1.md +++ b/components/engine/docs/man/docker-info.1.md @@ -6,6 +6,7 @@ docker-info - Display system-wide information # SYNOPSIS **docker info** +[**--help**] # DESCRIPTION @@ -20,7 +21,8 @@ allocates a certain amount of data space and meta data space from the space available on the volume where `/var/lib/docker` is mounted. # OPTIONS -There are no available options. +**--help** + Print usage statement # EXAMPLES diff --git a/components/engine/docs/man/docker-inspect.1.md b/components/engine/docs/man/docker-inspect.1.md index a52d57c974..8cbef0f91d 100644 --- a/components/engine/docs/man/docker-inspect.1.md +++ b/components/engine/docs/man/docker-inspect.1.md @@ -6,6 +6,7 @@ docker-inspect - Return low-level information on a container or image # SYNOPSIS **docker inspect** +[**--help**] [**-f**|**--format**[=*FORMAT*]] CONTAINER|IMAGE [CONTAINER|IMAGE...] @@ -17,6 +18,9 @@ array. If a format is specified, the given template will be executed for each result. # OPTIONS +**--help** + Print usage statement + **-f**, **--format**="" Format the output using the given go template. diff --git a/components/engine/docs/man/docker-kill.1.md b/components/engine/docs/man/docker-kill.1.md index 3c8d59e6d5..467c0bf759 100644 --- a/components/engine/docs/man/docker-kill.1.md +++ b/components/engine/docs/man/docker-kill.1.md @@ -6,6 +6,7 @@ docker-kill - Kill a running container using SIGKILL or a specified signal # SYNOPSIS **docker kill** +[**--help**] [**-s**|**--signal**[=*"KILL"*]] CONTAINER [CONTAINER...] @@ -15,6 +16,9 @@ The main process inside each container specified will be sent SIGKILL, or any signal specified with option --signal. # OPTIONS +**--help** + Print usage statement + **-s**, **--signal**="KILL" Signal to send to the container diff --git a/components/engine/docs/man/docker-load.1.md b/components/engine/docs/man/docker-load.1.md index 07dac46138..71bd28adf5 100644 --- a/components/engine/docs/man/docker-load.1.md +++ b/components/engine/docs/man/docker-load.1.md @@ -6,6 +6,7 @@ docker-load - Load an image from a tar archive on STDIN # SYNOPSIS **docker load** +[**--help**] [**-i**|**--input**[=*INPUT*]] @@ -15,6 +16,9 @@ Loads a tarred repository from a file or the standard input stream. Restores both images and tags. # OPTIONS +**--help** + Print usage statement + **-i**, **--input**="" Read from a tar archive file, instead of STDIN diff --git a/components/engine/docs/man/docker-login.1.md b/components/engine/docs/man/docker-login.1.md index c269353079..d01e60eeb9 100644 --- a/components/engine/docs/man/docker-login.1.md +++ b/components/engine/docs/man/docker-login.1.md @@ -7,6 +7,7 @@ docker-login - Register or log in to a Docker registry server, if no server is s # SYNOPSIS **docker login** [**-e**|**--email**[=*EMAIL*]] +[**--help**] [**-p**|**--password**[=*PASSWORD*]] [**-u**|**--username**[=*USERNAME*]] [SERVER] @@ -20,6 +21,9 @@ login to a private registry you can specify this by adding the server name. **-e**, **--email**="" Email +**--help** + Print usage statement + **-p**, **--password**="" Password diff --git a/components/engine/docs/man/docker-logs.1.md b/components/engine/docs/man/docker-logs.1.md index 1fbd229d5d..c896526720 100644 --- a/components/engine/docs/man/docker-logs.1.md +++ b/components/engine/docs/man/docker-logs.1.md @@ -7,6 +7,7 @@ docker-logs - Fetch the logs of a container # SYNOPSIS **docker logs** [**-f**|**--follow**[=*false*]] +[**--help**] [**-t**|**--timestamps**[=*false*]] [**--tail**[=*"all"*]] CONTAINER @@ -22,6 +23,9 @@ The **docker logs --follow** command combines commands **docker logs** and then continue streaming new output from the container’s stdout and stderr. # OPTIONS +**--help** + Print usage statement + **-f**, **--follow**=*true*|*false* Follow log output. The default is *false*. diff --git a/components/engine/docs/man/docker-port.1.md b/components/engine/docs/man/docker-port.1.md index 07b84b12d9..020d0d3bf4 100644 --- a/components/engine/docs/man/docker-port.1.md +++ b/components/engine/docs/man/docker-port.1.md @@ -6,6 +6,7 @@ docker-port - Lookup the public-facing port that is NAT-ed to PRIVATE_PORT # SYNOPSIS **docker port** +[**--help**] CONTAINER PRIVATE_PORT # OPTIONS diff --git a/components/engine/docs/man/docker-ps.1.md b/components/engine/docs/man/docker-ps.1.md index bf22d87da5..09cd6819bf 100644 --- a/components/engine/docs/man/docker-ps.1.md +++ b/components/engine/docs/man/docker-ps.1.md @@ -8,6 +8,7 @@ docker-ps - List containers **docker ps** [**-a**|**--all**[=*false*]] [**--before**[=*BEFORE*]] +[**--help**] [**-f**|**--filter**[=*[]*]] [**-l**|**--latest**[=*false*]] [**-n**[=*-1*]] @@ -29,6 +30,9 @@ the running containers. **--before**="" Show only container created before Id or Name, include non-running ones. +**--help** + Print usage statement + **-f**, **--filter**=[] Provide filter values. Valid filters: exited= - containers with exit code of diff --git a/components/engine/docs/man/docker-pull.1.md b/components/engine/docs/man/docker-pull.1.md index 465c97aadd..fec4fded8e 100644 --- a/components/engine/docs/man/docker-pull.1.md +++ b/components/engine/docs/man/docker-pull.1.md @@ -6,6 +6,7 @@ docker-pull - Pull an image or a repository from the registry # SYNOPSIS **docker pull** +[**--help**] NAME[:TAG] # DESCRIPTION @@ -16,9 +17,10 @@ images for that repository name are pulled down including any tags. It is also possible to specify a non-default registry to pull from. # OPTIONS -There are no available options. +**--help** + Print usage statement -# EXAMPLES +# EXAMPLE # Pull a repository with multiple images diff --git a/components/engine/docs/man/docker-push.1.md b/components/engine/docs/man/docker-push.1.md index 8523cb539e..2d4dc8f89e 100644 --- a/components/engine/docs/man/docker-push.1.md +++ b/components/engine/docs/man/docker-push.1.md @@ -6,6 +6,7 @@ docker-push - Push an image or a repository to the registry # SYNOPSIS **docker push** +[**--help**] NAME[:TAG] # DESCRIPTION @@ -15,7 +16,8 @@ image can be pushed to another, perhaps private, registry as demonstrated in the example below. # OPTIONS -There are no available options. +**--help** + Print usage statement # EXAMPLES diff --git a/components/engine/docs/man/docker-restart.1.md b/components/engine/docs/man/docker-restart.1.md index 2a08caa5e8..f954e6f076 100644 --- a/components/engine/docs/man/docker-restart.1.md +++ b/components/engine/docs/man/docker-restart.1.md @@ -6,6 +6,7 @@ docker-restart - Restart a running container # SYNOPSIS **docker restart** +[**--help**] [**-t**|**--time**[=*10*]] CONTAINER [CONTAINER...] @@ -13,6 +14,9 @@ docker-restart - Restart a running container Restart each container listed. # OPTIONS +**--help** + Print usage statement + **-t**, **--time**=10 Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default is 10 seconds. diff --git a/components/engine/docs/man/docker-rm.1.md b/components/engine/docs/man/docker-rm.1.md index bae6a7ea8c..823cdc45c7 100644 --- a/components/engine/docs/man/docker-rm.1.md +++ b/components/engine/docs/man/docker-rm.1.md @@ -19,6 +19,9 @@ remove a running container unless you use the \fB-f\fR option. To see all containers on a host use the **docker ps -a** command. # OPTIONS +**--help** + Print usage statement + **-f**, **--force**=*true*|*false* Force the removal of a running container (uses SIGKILL). The default is *false*. diff --git a/components/engine/docs/man/docker-rmi.1.md b/components/engine/docs/man/docker-rmi.1.md index 08d740a3be..c1f131f40c 100644 --- a/components/engine/docs/man/docker-rmi.1.md +++ b/components/engine/docs/man/docker-rmi.1.md @@ -7,6 +7,7 @@ docker-rmi - Remove one or more images # SYNOPSIS **docker rmi** [**-f**|**--force**[=*false*]] +[**--help**] [**--no-prune**[=*false*]] IMAGE [IMAGE...] @@ -21,6 +22,9 @@ use the **docker images** command. **-f**, **--force**=*true*|*false* Force removal of the image. The default is *false*. +**--help** + Print usage statement + **--no-prune**=*true*|*false* Do not delete untagged parents. The default is *false*. diff --git a/components/engine/docs/man/docker-run.1.md b/components/engine/docs/man/docker-run.1.md index 225fb78cb8..1e7a39e84e 100644 --- a/components/engine/docs/man/docker-run.1.md +++ b/components/engine/docs/man/docker-run.1.md @@ -21,6 +21,7 @@ docker-run - Run a command in a new container [**--env-file**[=*[]*]] [**--expose**[=*[]*]] [**-h**|**--hostname**[=*HOSTNAME*]] +[**--help**] [**-i**|**--interactive**[=*false*]] [**--link**[=*[]*]] [**--lxc-conf**[=*[]*]] @@ -132,6 +133,9 @@ developer can expose the port using the EXPOSE parameter of the Dockerfile, 2) the operator can use the **--expose** option with **docker run**, or 3) the container can be started with the **--link**. +**--help** + Print usage statement + **-h**, **--hostname**=*hostname* Sets the container host name that is available inside the container. diff --git a/components/engine/docs/man/docker-save.1.md b/components/engine/docs/man/docker-save.1.md index 533b4c8435..3741a34603 100644 --- a/components/engine/docs/man/docker-save.1.md +++ b/components/engine/docs/man/docker-save.1.md @@ -6,6 +6,7 @@ docker-save - Save an image to a tar archive (streamed to STDOUT by default) # SYNOPSIS **docker save** +[**--help**] [**-o**|**--output**[=*OUTPUT*]] IMAGE @@ -16,6 +17,9 @@ parent layers, and all tags + versions, or specified repo:tag. Stream to a file instead of STDOUT by using **-o**. # OPTIONS +**--help** + Print usage statement + **-o**, **--output**="" Write to an file, instead of STDOUT diff --git a/components/engine/docs/man/docker-search.1.md b/components/engine/docs/man/docker-search.1.md index 3937b870a3..2d23e34cf7 100644 --- a/components/engine/docs/man/docker-search.1.md +++ b/components/engine/docs/man/docker-search.1.md @@ -7,6 +7,7 @@ docker-search - Search the Docker Hub for images # SYNOPSIS **docker search** [**--automated**[=*false*]] +[**--help**] [**--no-trunc**[=*false*]] [**-s**|**--stars**[=*0*]] TERM @@ -22,6 +23,9 @@ is automated. **--automated**=*true*|*false* Only show automated builds. The default is *false*. +**--help** + Print usage statement + **--no-trunc**=*true*|*false* Don't truncate output. The default is *false*. diff --git a/components/engine/docs/man/docker-start.1.md b/components/engine/docs/man/docker-start.1.md index e23fd70ab4..965c5bcaf7 100644 --- a/components/engine/docs/man/docker-start.1.md +++ b/components/engine/docs/man/docker-start.1.md @@ -7,6 +7,7 @@ docker-start - Restart a stopped container # SYNOPSIS **docker start** [**-a**|**--attach**[=*false*]] +[**--help**] [**-i**|**--interactive**[=*false*]] CONTAINER [CONTAINER...] @@ -18,6 +19,9 @@ Start a stopped container. **-a**, **--attach**=*true*|*false* Attach container's STDOUT and STDERR and forward all signals to the process. The default is *false*. +**--help** + Print usage statement + **-i**, **--interactive**=*true*|*false* Attach container's STDIN. The default is *false*. diff --git a/components/engine/docs/man/docker-stop.1.md b/components/engine/docs/man/docker-stop.1.md index 0cc19918c3..c0d7b9e432 100644 --- a/components/engine/docs/man/docker-stop.1.md +++ b/components/engine/docs/man/docker-stop.1.md @@ -6,6 +6,7 @@ docker-stop - Stop a running container by sending SIGTERM and then SIGKILL after # SYNOPSIS **docker stop** +[**--help**] [**-t**|**--time**[=*10*]] CONTAINER [CONTAINER...] @@ -14,6 +15,9 @@ Stop a running container (Send SIGTERM, and then SIGKILL after grace period) # OPTIONS +**--help** + Print usage statement + **-t**, **--time**=10 Number of seconds to wait for the container to stop before killing it. Default is 10 seconds. diff --git a/components/engine/docs/man/docker-tag.1.md b/components/engine/docs/man/docker-tag.1.md index a42ebe7702..76806bab36 100644 --- a/components/engine/docs/man/docker-tag.1.md +++ b/components/engine/docs/man/docker-tag.1.md @@ -7,6 +7,7 @@ docker-tag - Tag an image into a repository # SYNOPSIS **docker tag** [**-f**|**--force**[=*false*]] +[**--help**] IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG] # DESCRIPTION diff --git a/components/engine/docs/man/docker-top.1.md b/components/engine/docs/man/docker-top.1.md index 9781739cde..be2bed2210 100644 --- a/components/engine/docs/man/docker-top.1.md +++ b/components/engine/docs/man/docker-top.1.md @@ -6,6 +6,7 @@ docker-top - Display the running processes of a container # SYNOPSIS **docker top** +[**--help**] CONTAINER [ps OPTIONS] # DESCRIPTION @@ -14,7 +15,8 @@ Look up the running process of the container. ps-OPTION can be any of the options you would pass to a Linux ps command. # OPTIONS -There are no available options. +**--help** + Print usage statement # EXAMPLES diff --git a/components/engine/docs/man/docker-wait.1.md b/components/engine/docs/man/docker-wait.1.md index 798f6d652c..a1e2aa2129 100644 --- a/components/engine/docs/man/docker-wait.1.md +++ b/components/engine/docs/man/docker-wait.1.md @@ -6,6 +6,7 @@ docker-wait - Block until a container stops, then print its exit code. # SYNOPSIS **docker wait** +[**--help**] CONTAINER [CONTAINER...] # DESCRIPTION @@ -13,7 +14,8 @@ CONTAINER [CONTAINER...] Block until a container stops, then print its exit code. # OPTIONS -There are no available options. +**--help** + Print usage statement # EXAMPLES diff --git a/components/engine/docs/man/docker.1.md b/components/engine/docs/man/docker.1.md index 3932097255..90abe4e52c 100644 --- a/components/engine/docs/man/docker.1.md +++ b/components/engine/docs/man/docker.1.md @@ -26,6 +26,9 @@ To see the man page for a command run **man docker **. **-D**=*true*|*false* Enable debug mode. Default is false. +**--help** + Print usage statement + **-H**, **--host**=[unix:///var/run/docker.sock]: tcp://[host:port] to bind or unix://[/path/to/socket] to use. The socket(s) to bind to in daemon mode specified using one or more diff --git a/components/engine/docs/sources/reference/commandline/cli.md b/components/engine/docs/sources/reference/commandline/cli.md index 7b9e2ab610..25c38a8c6a 100644 --- a/components/engine/docs/sources/reference/commandline/cli.md +++ b/components/engine/docs/sources/reference/commandline/cli.md @@ -15,6 +15,19 @@ or execute `docker help`: ... +## Help +To list the help on any command just execute the command, followed by the `--help` option. + + $ sudo docker run --help + + Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] + + Run a command in a new container + + -a, --attach=[] Attach to STDIN, STDOUT or STDERR. + -c, --cpu-shares=0 CPU shares (relative weight) + ... + ## Option types Single character commandline options can be combined, so rather than diff --git a/components/engine/pkg/mflag/flag.go b/components/engine/pkg/mflag/flag.go index 6e3f039707..5c7defd2f1 100644 --- a/components/engine/pkg/mflag/flag.go +++ b/components/engine/pkg/mflag/flag.go @@ -395,6 +395,19 @@ func Lookup(name string) *Flag { return CommandLine.formal[name] } +func (f *FlagSet) BadArgs(nargs int) bool { + if NArg() < nargs { + fmt.Fprintf(f.out(), "docker: '%s' requires arguments. See 'docker %s --help'.\n", f.name, f.name) + return true + } else { + if nargs == 0 && NArg() != 0 { + fmt.Fprintf(f.out(), "docker: '%s' does not require arguments. See 'docker %s --help'.\n", f.name, f.name) + return true + } + } + return false +} + // Set sets the value of the named flag. func (f *FlagSet) Set(name, value string) error { flag, ok := f.formal[name] @@ -468,7 +481,7 @@ func defaultUsage(f *FlagSet) { // Usage prints to standard error a usage message documenting all defined command-line flags. // The function is a variable that may be changed to point to a custom function. var Usage = func() { - fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0]) + fmt.Fprintf(CommandLine.output, "Usage of %s:\n", os.Args[0]) PrintDefaults() } @@ -757,7 +770,7 @@ func Var(value Value, names []string, usage string) { func (f *FlagSet) failf(format string, a ...interface{}) error { err := fmt.Errorf(format, a...) fmt.Fprintln(f.out(), err) - f.usage() + fmt.Fprintf(f.out(), "See 'docker %s --help'.\n", f.name) return err } diff --git a/components/engine/runconfig/parse.go b/components/engine/runconfig/parse.go index 2b4dc632a0..24640548c1 100644 --- a/components/engine/runconfig/parse.go +++ b/components/engine/runconfig/parse.go @@ -3,6 +3,7 @@ package runconfig import ( "fmt" "io/ioutil" + "os" "path" "strconv" "strings" @@ -75,6 +76,8 @@ func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Conf flNetMode = cmd.String([]string{"-net"}, "bridge", "Set the Network mode for the container\n'bridge': creates a new network stack for the container on the docker bridge\n'none': no networking for this container\n'container:': reuses another container network stack\n'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.") flRestartPolicy = cmd.String([]string{"-restart"}, "", "Restart policy to apply when a container exits (no, on-failure, always)") // For documentation purpose + help = cmd.Bool([]string{"#help", "-help"}, false, "Print usage") + _ = cmd.Bool([]string{"#sig-proxy", "-sig-proxy"}, true, "Proxy received signals to the process (even in non-TTY mode). SIGCHLD, SIGSTOP, and SIGKILL are not proxied.") _ = cmd.String([]string{"#name", "-name"}, "", "Assign a name to the container") ) @@ -166,9 +169,14 @@ func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Conf entrypoint []string image string ) - if len(parsedArgs) >= 1 { - image = cmd.Arg(0) + + if *help { + return nil, nil, cmd, nil } + if cmd.BadArgs(1) { + os.Exit(1) + } + image = cmd.Arg(0) if len(parsedArgs) > 1 { runCmd = parsedArgs[1:] } From 2ba23b90dcb9608d9075af9453f1dd0fa5141084 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Thu, 21 Aug 2014 15:55:00 -0400 Subject: [PATCH 013/540] Change version to 1.2.0-dev Upstream-commit: 61b309f0d280b3b05909f294a30d73317a9d6a4d Component: engine --- components/engine/VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/VERSION b/components/engine/VERSION index 26aaba0e86..0c64b5c3d1 100644 --- a/components/engine/VERSION +++ b/components/engine/VERSION @@ -1 +1 @@ -1.2.0 +1.2.0-dev From 0ebd331b6fcd2d84bd5d9c18ec4ba8947dcf86ff Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Mon, 28 Jul 2014 22:50:16 -0700 Subject: [PATCH 014/540] Fix multiple attach test. Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 01094c15680c0a33367e1dcc69ec9f4018efd2ac Component: engine --- .../integration-cli/docker_cli_attach_test.go | 80 ++++++++++++++----- components/engine/integration-cli/utils.go | 41 ++++++++++ 2 files changed, 99 insertions(+), 22 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_attach_test.go b/components/engine/integration-cli/docker_cli_attach_test.go index 606480c875..c9568229e6 100644 --- a/components/engine/integration-cli/docker_cli_attach_test.go +++ b/components/engine/integration-cli/docker_cli_attach_test.go @@ -1,6 +1,7 @@ package main import ( + "io" "os/exec" "strings" "sync" @@ -8,46 +9,81 @@ import ( "time" ) +const attachWait = 5 * time.Second + func TestMultipleAttachRestart(t *testing.T) { - cmd := exec.Command(dockerBinary, "run", "--name", "attacher", "-d", "busybox", - "/bin/sh", "-c", "sleep 2 && echo hello") + defer deleteAllContainers() - group := sync.WaitGroup{} - group.Add(4) + endGroup := &sync.WaitGroup{} + startGroup := &sync.WaitGroup{} + endGroup.Add(3) + startGroup.Add(3) - defer func() { - cmd = exec.Command(dockerBinary, "kill", "attacher") - if _, err := runCommand(cmd); err != nil { - t.Fatal(err) - } - deleteAllContainers() + if err := waitForContainer("attacher", "-d", "busybox", "/bin/sh", "-c", "while true; do sleep 1; echo hello; done"); err != nil { + t.Fatal(err) + } + + startDone := make(chan struct{}) + endDone := make(chan struct{}) + + go func() { + endGroup.Wait() + close(endDone) }() go func() { - defer group.Done() - out, _, err := runCommandWithOutput(cmd) - if err != nil { - t.Fatal(err, out) - } + startGroup.Wait() + close(startDone) }() - time.Sleep(500 * time.Millisecond) for i := 0; i < 3; i++ { go func() { - defer group.Done() c := exec.Command(dockerBinary, "attach", "attacher") - out, _, err := runCommandWithOutput(c) + defer func() { + c.Wait() + endGroup.Done() + }() + + out, err := c.StdoutPipe() if err != nil { - t.Fatal(err, out) + t.Fatal(err) } - if actual := strings.Trim(out, "\r\n"); actual != "hello" { - t.Fatalf("unexpected output %s expected hello", actual) + + if _, err := startCommand(c); err != nil { + t.Fatal(err) + } + + buf := make([]byte, 1024) + + if _, err := out.Read(buf); err != nil && err != io.EOF { + t.Fatal(err) + } + + startGroup.Done() + + if !strings.Contains(string(buf), "hello") { + t.Fatalf("unexpected output %s expected hello\n", string(buf)) } }() } - group.Wait() + select { + case <-startDone: + case <-time.After(attachWait): + t.Fatalf("Attaches did not initialize properly") + } + + cmd := exec.Command(dockerBinary, "kill", "attacher") + if _, err := runCommand(cmd); err != nil { + t.Fatal(err) + } + + select { + case <-endDone: + case <-time.After(attachWait): + t.Fatalf("Attaches did not finish properly") + } logDone("attach - multiple attach") } diff --git a/components/engine/integration-cli/utils.go b/components/engine/integration-cli/utils.go index c414c9a2d9..b01fdd85fa 100644 --- a/components/engine/integration-cli/utils.go +++ b/components/engine/integration-cli/utils.go @@ -10,6 +10,7 @@ import ( "strings" "syscall" "testing" + "time" ) func getExitCode(err error) (int, error) { @@ -134,3 +135,43 @@ func convertSliceOfStringsToMap(input []string) map[string]struct{} { } return output } + +func waitForContainer(contId string, args ...string) error { + args = append([]string{"run", "--name", contId}, args...) + cmd := exec.Command(dockerBinary, args...) + if _, err := runCommand(cmd); err != nil { + return err + } + + if err := waitRun(contId); err != nil { + return err + } + + return nil +} + +func waitRun(contId string) error { + after := time.After(5 * time.Second) + + for { + cmd := exec.Command(dockerBinary, "inspect", "-f", "{{.State.Running}}", contId) + out, _, err := runCommandWithOutput(cmd) + if err != nil { + return fmt.Errorf("error executing docker inspect: %v", err) + } + + if strings.Contains(out, "true") { + break + } + + select { + case <-after: + return fmt.Errorf("container did not come up in time") + default: + } + + time.Sleep(100 * time.Millisecond) + } + + return nil +} From 5b6d05995738a1f245267cde6f7c62fe99351567 Mon Sep 17 00:00:00 2001 From: averagehuman Date: Fri, 22 Aug 2014 17:48:26 +0100 Subject: [PATCH 015/540] Update usingdocker.md Minor rewording and removal of unnecessary apostrophe. Upstream-commit: fe845c4da88ef15baf45fa600a077a75f3634c40 Component: engine --- components/engine/docs/sources/userguide/usingdocker.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/engine/docs/sources/userguide/usingdocker.md b/components/engine/docs/sources/userguide/usingdocker.md index a882a79c7d..ea13122fd6 100644 --- a/components/engine/docs/sources/userguide/usingdocker.md +++ b/components/engine/docs/sources/userguide/usingdocker.md @@ -156,9 +156,9 @@ In this case Docker has exposed port 5000 (the default Python Flask port) on port 49155. Network port bindings are very configurable in Docker. In our last -example the `-P` flag is a shortcut for `-p 5000` that makes port 5000 +example the `-P` flag is a shortcut for `-p 5000` that maps port 5000 inside the container to a high port (from the range 49000 to 49900) on -the local Docker host. We can also bind Docker container's to specific +the local Docker host. We can also bind Docker containers to specific ports using the `-p` flag, for example: $ sudo docker run -d -p 5000:5000 training/webapp python app.py From 21c698ffdfc1bd7e0a91549ed0e94db61e79361f Mon Sep 17 00:00:00 2001 From: Chris Armstrong Date: Fri, 22 Aug 2014 12:56:43 -0700 Subject: [PATCH 016/540] Fix typo for --restart deprecation Signed-off-by: Chris Armstrong Upstream-commit: ef9a5926e9af408d68b3c68638a69727e42079fa Component: engine --- components/engine/daemon/config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/daemon/config.go b/components/engine/daemon/config.go index a396bd0232..1ca8086933 100644 --- a/components/engine/daemon/config.go +++ b/components/engine/daemon/config.go @@ -45,7 +45,7 @@ type Config struct { func (config *Config) InstallFlags() { flag.StringVar(&config.Pidfile, []string{"p", "-pidfile"}, "/var/run/docker.pid", "Path to use for daemon PID file") flag.StringVar(&config.Root, []string{"g", "-graph"}, "/var/lib/docker", "Path to use as the root of the Docker runtime") - flag.BoolVar(&config.AutoRestart, []string{"#r", "#-restart"}, true, "--restart on the daemon has been deprecated infavor of --restart policies on docker run") + flag.BoolVar(&config.AutoRestart, []string{"#r", "#-restart"}, true, "--restart on the daemon has been deprecated in favor of --restart policies on docker run") flag.BoolVar(&config.EnableIptables, []string{"#iptables", "-iptables"}, true, "Enable Docker's addition of iptables rules") flag.BoolVar(&config.EnableIpForward, []string{"#ip-forward", "-ip-forward"}, true, "Enable net.ipv4.ip_forward") flag.StringVar(&config.BridgeIP, []string{"#bip", "-bip"}, "", "Use this CIDR notation address for the network bridge's IP, not compatible with -b") From 0b4b4921d3e6354cc53300a8a0cc7bda1ea858f3 Mon Sep 17 00:00:00 2001 From: Hollie Teal Date: Fri, 22 Aug 2014 17:06:28 -0700 Subject: [PATCH 017/540] Initial commit: Increase Boot2Docker Volume + images Signed-off-by: Hollie Teal Upstream-commit: db3db49e9cd8c8fb0f230987e9f111a0509f4666 Component: engine --- components/engine/docs/mkdocs.yml | 1 + components/engine/docs/sources/articles.md | 1 + .../articles/b2d_volume_images/add_cd.png | Bin 0 -> 81538 bytes .../b2d_volume_images/add_new_controller.png | Bin 0 -> 116318 bytes .../articles/b2d_volume_images/add_volume.png | Bin 0 -> 94268 bytes .../articles/b2d_volume_images/boot_order.png | Bin 0 -> 92862 bytes .../sources/articles/b2d_volume_resize.md | 45 ++++++++++++++++++ 7 files changed, 47 insertions(+) create mode 100644 components/engine/docs/sources/articles/b2d_volume_images/add_cd.png create mode 100644 components/engine/docs/sources/articles/b2d_volume_images/add_new_controller.png create mode 100644 components/engine/docs/sources/articles/b2d_volume_images/add_volume.png create mode 100644 components/engine/docs/sources/articles/b2d_volume_images/boot_order.png create mode 100644 components/engine/docs/sources/articles/b2d_volume_resize.md diff --git a/components/engine/docs/mkdocs.yml b/components/engine/docs/mkdocs.yml index c45b717d91..7cdab81c17 100755 --- a/components/engine/docs/mkdocs.yml +++ b/components/engine/docs/mkdocs.yml @@ -92,6 +92,7 @@ pages: - ['articles/ambassador_pattern_linking.md', 'Articles', 'Cross-Host linking using Ambassador Containers'] - ['articles/runmetrics.md', 'Articles', 'Runtime metrics'] - ['articles/baseimages.md', 'Articles', 'Creating a Base Image'] +- ['articles/b2d_volume_increase', 'Articles', 'Increasing a Boot2Docker Volume'] # Reference - ['reference/index.md', '**HIDDEN**'] diff --git a/components/engine/docs/sources/articles.md b/components/engine/docs/sources/articles.md index 51335c6afd..325037b4ce 100644 --- a/components/engine/docs/sources/articles.md +++ b/components/engine/docs/sources/articles.md @@ -11,3 +11,4 @@ - [Runtime Metrics](runmetrics/) - [Automatically Start Containers](host_integration/) - [Link via an Ambassador Container](ambassador_pattern_linking/) + - [Increase a Boot2Docker Volume](b2d_volume_resize/) diff --git a/components/engine/docs/sources/articles/b2d_volume_images/add_cd.png b/components/engine/docs/sources/articles/b2d_volume_images/add_cd.png new file mode 100644 index 0000000000000000000000000000000000000000..47bfae64bde640812c8f5925235654151b393042 GIT binary patch literal 81538 zcmV)yK$5?SP)vTJK(a zpMAypThfBbk}t<{aQ%=Oaz$xh|G`DlYUPk0Gy>TAu{26h zCIthprcA79`-x0UkIgLk8Wp=YQoyksm80tv&zk>!083j#NyHVp%z95 zvVl?36|^!}2qp&st+s;p{bzNFQqq3J{4+JnmoE=3Uc4BJnr3mO)~+FeT3fSCb1SgM zAQRO=05Tr1wJw^bK`)uwtYqRqxwElkHSrT{O2$Majc}A9@HCuUro4RDEu}hY1P&Usfu~L_r(^MYN zm{K`08p5ZmE0Boc|x!i5WiIJC;L2|xiT0JWNCB1hI-8K5qiOUD1oGZ!>e2*HA2 z9Wc~J2|;Y}EDx%ML@BUHQqx3$NUXGJO!KxYR)*2*AqB zC4f|1)oPjvO$Cz1I2ge6ropY{!Fq#+3L#h!tgI@f7|KK>ttq9DC$`}E&-(Cs#eoXXey92#=!ulHw|tr57rwr zR0zR>U}aS)#ZV?9X-z4GL@BUHQqx3V+80zmR_}*=xG|v0M=_=qGb9YQgNw+LJ)wJnM(kvxT@7O6PgMnjd3u5=}m)M z%Y*d>4HZJLAXr&dN->m)NLo`$ZrVbN7A-Pz2o!-pP|OSgw0Z&16wGS6z#9O)x`G;H z8xmju@-JK8qQ%Mp!I6Mhvz0O!T88pzo?8jltDqK(CbFD^QPaTYM0$}y7E(%TO0diL z2xe(CZ$UvAOjMK~IW$8xsliw+Co)H=0wAbCW@vN?j3EEk3|h|lbDthrA4PtE=E zle*G@!#6HdM7brX#ghC(YyM>@KH&p-`G zC8f;4{FmfEv|zykKPN4l3)_m8cra7KkR996)Qd&}CS;Hzjqo%Pf?1Z{tOTG*k!*lq zAe7b%QcamS%bYD3WO=X}rMQ{K1iC1`gBB;&D*=F++lGshUd6Q*i~X|i%fjmDIcsc{lai=qf7lBSV~!pW!1r8hDH(4jkN%Oq^xT77VgH zSdCKLJg?!AeGj?kple<}Zn%2sqWBJ4oS30ua^~N<{-sxOGnvGU*B`$9&c~+LI*ZYV zp8cC6cP{hY;v9|g-#F#3hn)BHm5)BZS&3sPo&q?t+yIp;>YTDM$Qi3(T0~y9B59hO z`H#B(Yp30P^|ccwyU!XrbpP2Y7oWdF?|cz6dLrzypPR%W02#oV^6yrTJhZQW^6(uA zT)E3q*Pee;Vfi5&!2?a}P`%2q@@CnSt(tUZD!_3T|vAs+7Zmw zdGQYzYTNO_K-yecI3JtEtCuMBnrCF3Pz;FxCg{pI%PqA4(u1T(i7l>>)wDdyId~N? zm>>%;K^PhO4qV3Q5;yQPTUl9CcsZAqyiv;>fHaClEn8|zuq%kC3#2H4k*&b80xVZx zex&?|ih5`IloT3CC?Tuami#BCzxKp4A1#z&I$i(H4Uc)doPF!vcU*k<$WI>s;4mF29|{h!MJvIkE)=jksCPPq8`tA2OF zMoT`dPAB1CGyNZbd-lDC+pfC^2Vr1mt~_p|F#U2C9MteL(`TS8KW3d7y!~(V!=m)eI%DYG;(b#4_`7i4T9py zJXi-YrZ0GLRrD17~ZCQ1q#qMK}fFr)~t-e6NBlzDJOCK~_&C#vNQKjsh` z7D7TW74*{NDplTOXx`++T%i{qX=K~VIZ9k^3OC!LYW9m_;lAj6Ukk;v@!qb&u_l(?n8#{w?%h9|DBJX_;QDWaC0m%;P}gr ze)qr!-uZmRk%P-LFwbK+yaZejWsNZf**vUu{>9m)i-Jql2+C(rXLI{@p%;t#a7D{#TuUU(0lnTTM++Mk%ZI{3{PSC`b{xS}*%g z_QYmc){@m65Da~AR?xGK6*zb>h!9{CRyM>BMS5x#G?*ac%?@}I=u!cOQfCor0qAlb z13r;a;!Rz_8l{hQ0KwFhD{2U!5i8X~8cZIf6hK|7(aVX_A~0R(H8eAqtu`zJOKBWd zwvvYW|8oABm~bRHd*Uru-~HxtFVkV~GcP}Ghu&l<+%)^48?T-4$uja#GV-8H&KlRR z)StxqnGfG|T~0stlCuu)R~nk})YT71qJ@wD;n*kY1|M_n`TO?`rIK|G4xesF7L|m; z^$`}Xo0r-z{(8m5FVBv6nZEmusR)NllxNS2eKg_ES3UR-*USt(VfAeT9zxK(`0QTPd>??k? zZ83`{HvNW^Z>~6ax5alq@NxPVcTYHsC!)^Kzj$(dGMV@{lg|FlllxzL{qB9-Q^8FA zM+Y6P9JnX9T$M(u=N zZG8BMxpzMBZuG)?@9s7G$!l+XXjYv&xCZZf`gteq(9zHE(vK&Mzxv@NUZ`}))&rWq zZW?mzrN@qrhC<6epK#guhtOxb?sWN8Cl4==V#x5x1_I^3a{apnKnAQvXy1RdB(zDo z1m$vqK$nV?ZQB3c9SQ5q`SZ7R60KaL#}V0fPQZ!Nu zh9TVO;%WdrLeQ1bc255b@?TIAUi$Ry_cZQ)<^NuJ#Ae=0x1RU>>_*R9_?KgT_tYo- zFS+^Ndv5#vh&fMP@XI^rC&<(MzaD#ji+=Wm-yeJDf@Ef+9mZ}I4t3md+(p-1bHolk z$eTY=F8|57Z{9n*p!?2Sba3fheCP3(zp{LvD{jB<)+_dy_T0ZBk#HvM^8eLCzrXt7 zxA#5oh6f+K?X*2&cU^w+bF&&SnEJ>C*E}+*?=Q~2?VfvXxbm{Cy80hBha#aoZps(k zdFDm0&ffmgvv(^FhrfF8qU)ckJoDyz@4ey7^ouv$_|js`*~S~2mc4l2!<|k#|H|uj zD)LvLR)rP}n8LmzHw!QM%fx>nQ|A2h(a$3Nw&+)qNz_+;c+X|my>tAf*ZgMeu*vsd zaN=3F_B-|RE6>`edGg<1nO=t<)(_;hx>Vabw1p%+FfV_|5&Lz||Mbpdj=k!Y&ljU1 zT;ays9nmur4)r?W!mGxgvU3M-AsK%9(|%ytAGqiD+l4=yyL{Rw z^P0FFpZol2S3Wx6*VjJs$REe#y?*(H&%nNY{geMzvu4w$X;l*p0vd`;tciezA|$mr zM5&dAMoPhO^541tWM7>p3yfdcQPz+xM|3Ht)MSbbDyODY62WUSXi6i<H|@s5K3A zQ9#l}Q0?oo=O-zJ7m^w#XiSi+phNXagDfW0W*F4SEiei)R`d!W*}4o#FRl#3(F=yA zQBu?P9h#C6@M$!pr$&Ph1Vxtb_J+}G%{~Qs?d+p8XD+;>| z*|cYTbobvm-z2PU^d}MznplO;jKlHK_Ms(}YbF+P}|KpM2a8t(1 zgcCC#e{NxieXcxphkk{H-S+&=Z?_DGUix4@`oBNBFx2maD}J?0kMi<hI4j^hWG6u%J0s)V+Ts{Q2u2aen6Bt~ngu?wr4# zGiJLHgL>tAjkBh^GHu#4|G!_&Ue=UObRBczu)Kdf^H~E^yx_(AW|kf}u5UQyh2!DS zrdK|C_W`2@?X>fj+?OAD-DBtMHEP(7yO5>gX!fAcs$h8}YUa!8S55*@<9*bx@4D%ngDaXpzvt?+Px!-x1wimzJ8Zb+1y>xY3}c>bj$}sv`pNN!ZMWsXj-kxPJ016{JvT4SWO|SMd3hvK-xOz& zfAis_u=leIPv5;$QODt9&O2cMr_2K0oc{WQ7s8|4x<)b(PsH7+AQ}zl zMZ=+E<{~H09-OfF5`{+0-23>0mq-i=olHEPm&{ zb8mZP@Gma9@|Z1}Ya86EFJO+!`*lb)$60>K<|eoB!l7_FlVX=`Xs)koa_0559ftSI zeE8YS75nxhe8)kX#OfMZ0d#4~^1FnVJ@?lqyu2YN9ojFoBH?kWD~N={(W&>Gea5|R zDnsEi&OH8&BgDFQEvRd7&;2sZvmYLRwnOhwO;bGF+!PCk`VZ^r)ipMI@y4c5%L5PR)<5*-{Ns+x9{Jil zqde&1KOZ=-M9b3GXPWC8du?~rBRlOs>Fz(=^z4(DKG65C$B%4o=HweqHOAt_o=bkH z=in}xc#?$08^fJ3=P@ov0BpMt>YJ`>Z1Te`{otV+uX$`ebY$3n%Kugd(L*3D6KR>4ii_pvH-MWkRijH{pY|TnQjQ78E5& z3L3gVQcJKdGYl?Dk;G8x@_jfb6v@(CjT7Ad$L61HGtV8v{_vyWNTf86yMuTnx^&t% z4MPVMlCDJ45{AzN^2u2^vSh}>=AnJvn-tQsdfc|l%~w3TQPR~o^XcE+F=^{x-**14 zT~^f8|6Dh+wM8*&Z6s%{C}O@M{eP8haE0>`0On;k6t=n%h?oS zFi*rYnLMX2*z}rbpUa+@aQ9K!3r7Ty$yj4`Q{J}6 zU9s%TgCG8Q_KM?2ate(^D>-wLicBg_hNsVO9MaEy;FpdsWxOHJ1%ggE9@9>oiGBIU z>z=6G|KbTJY#9yB_|2GeLtZqUE*-LEx9D?I7bN!Dn7k$ze>FER(lrrJmkl4;eZstr z|M<+Mo46dZd!!p`S0p{RtbBH30xO=L&oKY0DS%(|lCBQR>K89wXZb^A&1ljNq@ zFbF8g4@hbW0th3+_Wg%!WLKNg#FI2qL+;2g8oDVG(34HNs8Om`PEo2?w$zj$MjFA; z(?pg)ExiaBQUL3ciDq53x~MS}7*~>2%LG|e5ztsTGYKkXNLO%l#?#!=ixtIAKgd{7 ze0BEYKp7es+U5!YZ>^eW{^RqXUmUJ_;;z@eSR9Yn{Ntfp=7!70?mVDylkK($hn~9c z*=d#aO*Jzgzw^m(Xp3$8los{%_4htAqq?!7YWib;nc(#OI)uY{rJX~u7hjydA{I+| zndH0&uY8g`4=A7i_CMeIZ=Fk6Z(%olW|7JK`%miif z2OP3Tan&=|zc^)aELQ#LgvUM%NA?`mGa2oF$U(iMGamTUQ~z3Ay?owR@4xkl`{az( z(45+Er!($4W@!5LKmYdcpI2q_2Oc?g576FFg zP_nkVx+YLK^SDV*g+`A#II{f9Pv%F*9I$y^WK&&r zb#-km5nKrB`j|Urfn^tJ?3?HR{_C>(BFFmHK7 zLqjg}&&;f8YOJ2|=pD*%N4IDlo$R^COXYL@8(C2^ch1!3{`8l*;Yec@-x*Bz-EOaN z;_`>Sn7we}yqWL5{?3v_%TpsVK>6=n z{|sEa1ht=r>{(4pO&l`$rcfDI$(a%jB>rkAC#SwNaZ0%JoPRv|)blTYI%r?)xx zhO-71Bokiw_PY(4o72xqZFBC8XAQ{Xv01oVkD?dfne@)f6YKl!xLK##NfY0$3WdLX z_uUUZ`sl+CKYag_qCNK>5{~xRW?<^2i4)&{^UV(?clzbY!#@9{cH2F-@0^$3XzM-8 zm;U47zdb*3;wvA_ShClzuRUs1$9OW?ZHrxcHcfl+g_mD@>6JI$`MAFKw%he9`FhgC zIlZ>sag*|4d+!&W{MxfGyi_uB*U>xeIUqIr(Z`>B>4g_wp7hrHRU7WHUB5`O>irkr z>9ym&1IpY-N~_Pm7wOuq>6Mpe@GS(=cb^8%wv{ zYln(RCX}vz?}fL!Znx*4iac9ma*h=tG~Jqd(<5Y3mCyX?j_2N-H1YZ8Uw?N>`Ol8} zpHsGv#N!2>yVSn%`U|hW`r-@WoetP~x7~)!nRwsh&%HqAvl-4$q%w)GUw>gYy$>Z>nLTHbTVEla+6{pFWx2kf-@z%BL~QL^xh4?p^1*-oeaX5^AL zXZ6~B_rYbMicR<4wBXIZ|9#>sFTU{7tM7hLHFEFmHpt8F9&n?GJc1UmM)9A%{@r|0 zTuO6WrJs!K?qo^?^wboA1(OC35|l$F&DI7=ffb0FCdy!LrBRmwT489aV2D6OtSl~q zltCv_$_g-DKjQuqnlopPNW%lc(gZ(^#73obsA)o(!M z!VVqsn;T+~FDNNY)YUa7{p3Uo&^OgLGr)r4f>>>B+<(T9SJa_HUL1HNlx&Je%gRe! zzWm}3Gg(trN8a;_N=rlW+U8_oNogpR$u9^u;2}-Uqx5*OMjlW^c~dh{SKpjujv!J} z)-jrLAIEu-lDu?dZ9}4@yeu!#P}9H%aM6;E9e9!&tFLKHgbGSZ^E1scFBY6ge9SglwIu%cZB3@Gy*8&9{Iu+*gv0S|N zqwyzR+qnP57w*}EwHL`R?obk0QQHuW7M7IcHB{FmLfN|z90r%GWNHmW>-Il%{rd|v zFnrCUmPfX4RsU(P4`E9vDZgyh)Eziyi@U`LQnFWp?*hZ!o9=nUy@4QcmcV#(W~+gh0W#vZc$w z(#Tv&WC0`uWx=R}{7nhc!pT<7QAz+nksPe0$K)rQf4Gqp-Zjvh_wEJx+}WMA=0EBV z@y3{25PtD{d11tVk%u7%N6m*oAw!K&Pi^unFstMvw`#J7ob-2_>;-MJK;H|e96HdzS6=vBL8sKC`c7eC!<;Y`j13; zHIuh?({7%~EB|Z!;+%7DD;v1QCY_o;d+*D}^hRg@@v{E;&AI$@#AGv%bLaot`6tn> z@@4=(|JiFhGel_sQ%V!mO5=NVZfPQ$pH_6~HA4gq z%RbTt))TF4*_fJ%G* zH9PJ3Cl4%%|1;}9oLcT2;xAmlxoT$N(2f)^~6$6@Gm@qXbUE9l5OlDbv-COwb|m6 zro2f>jYfW`%?Sc9x->>$6f|HYBS^Ly!OW2rSGAhR*0h1hKl)Y}MQ_i4d;YcXs97Pl zZ2YD4tuMf$jMxMatMZ<=;&d z9%S3T|BweI#I3-uzy6vw1zGEiMBBa(PI;H0rKxqPgrcWlPA!e;5wHbpf*;2r1*Vn; z07XsL7jT8%2uN0MP;b$F({EKGfGQXWO07<))@#N9bjK$C01&9<5W$dgP7Ni&j4(>W zi!e?MDJQZ*Mz9d=`ESp^mV}lKwU!ObNkUL>3yH2)MavH*7z$PtmRbAyCl9UCqNWl^ zucgZlXO!*vCqJwo<%AR|T@oy5*3|M--n6-y2}&g#4YD=YSN^m6tfFeU;~GN5(=4hB zrFL7Cz%0BlYKpXoN`|iC%?dER0wCj`0!$ienix{kYkFk!fKqx(2Uci;p49|kfsiTa zHC0@*`I2!drX(NfCKy z&p!);q7|iOhK$B!1T|SsN*Wqu3VIT#rZChJ3~8R_Fqm*O!KRRyrCcdptu%O`;0infNDBlKB}IXxN2%!0p z?il9w>MNj{wpFfka6`BMcgfvWH#{g-0(Z=mn-pLGN7n1?T*iUU@*EH#p2J zu08*`=~hBWV|)I!mfVu^*Qx~4Vkxo}NS9U}HHGF+fBm~VHXR;ftm8yOwW9(-8m$J& zTpZZ}iLEdK$Pl+Q&8_)FQ2H#ctPF4AtAj=#9L*H3;q{#S0k0D5LKq(}(A_@jZf?x(lP?vh!^RJw{)cb`r zk{L}+d;Ya-$OeKIo&@Qs$(b!P<&9c`dfV5(G}bz0%8&T7shBN<~bN(MyAXH)Oh`l&!*PjHX8^y?KzP zl{b{q;8_5CnxQm`EZDC!jxWb~>9(?EQqpHTjd zwv7({lEq&`5c%v-{juAqO~4A70Rl$AkV2EXef^UJOEoh2QJziNo`0olv zYf^sCx=%&urhW2B5!?t(2x>I?#>1Z+jg^54|dR8UZ$B!g71VDhXk)1aJNllk*|@!8e>x_3YA zo1IqS)x;Gh<`5;NUnlSQEyBG!MHxH26r3AX0J2gSO?u4_go}%d(a^u{qVyN*VWZYrrFj~US59CK?mV8KR+MliXP;NLp7;2WGxl+fKjT@lsQe)D-}YD zwtD~ae*A`y(uJYq<6|S6bSAZV^XAQa?6Jq_J?f~V*aw&$@Dz;;KR=Q6&sbmu9}SAy zhA)k}P|{S7irC%S@)hDM~I)Ia6@2f}U2 zf6HICRqixkC7Pk)i!7^aWkHEpvSi6^x7{Ygb*s5+BR))=gX2cH;(2IRq>78c@8p%s)Sacwe` zLzEIkSPUc^Kp2!-)ItiT3{z8d8wci_n#}Ppc>ny(u%4aVpQXtLP?+zmn-b}-7B%mC>$E#|t?#oz zA(u6{g(pS`txO@Hv7kpLdVPI8b0H*}waNe0|7M>LB{w9zxMf;2dto|{4ZU)^!prl9CZA2GD{b4 z_{2ZXcf0ozpyKW_dtQjJ<{AuLKLrMILhOO_ds0A!{0 zgN7!>4A*=9$sx`ync`qHq^C(ih6#XGrkyT>8&|4x9Br8*z z81o>*wXa#zc;L6jJ9czGD~=y=z=L_#?naZzrdN6Z&~Vg!@)CS%u3}FCAUr~re=1#{ z@Lpf!EvZNMeM@nwE}eADOG--c1$iS(Tx3yF7!eaykwG@4^dL2MHNWT1wes-T%c`oX zxKxLpVo@vSCJcN{=$dL-eM|G&-~bt%9JB|j7{?OJ@%*p2Rb^~(!( zN|Rg7zWf8wsv`t6jDX^zfgZ><<)2@Nx}-evN@w?{TU4s^LY+#Yy}FhC?&ZpOqIUny zI&fQ~xBwIjK^hSwB7#`SiRcM$R?t%~wdA$TzdRGg@~>GSs5xAFK?fa|O{7=X0k{fHqHCCh(5S`7^a$vU5{AfTf)#+rC&wzU9LY~h_Ul=E-wA_%aqHxLo1ebx z#w%G=tjUWnzWB1sF5}#`(MB8L3OrV@!U;_TY2-?>m?(--6$fAlf?17#AG%Z|;{*?A zBp{=gXB*CX+kgDS1phjq5TK-@pc)Hte~A1ONF!BTWQA5x%ZVif4M=*?$V3=fDPzyZ6X;4L^T*ohZYLM(D3M`Xaz_!=Kg94YhOQobOpx`K5ZeqcX&8BF{gG0$~bqMH?A`A^|-D#GuVAv^oE& zREL7ds2=W*+NdlojuqucH|kQj?ch!qzqUM`Sutj_4(z{V#zOm=~Xfjpk#@X zfT89$7o=_Zmw#%C@^4JqdfeGT2NSWm(6eVx&TZqzk3Z&^W4d?mt_P&Sk&-)p%n`rfO-+ud;Tqf1X|1e z2Qm~9GjomNr41Wp61VLk=2JeV@-pcuxp1Q3&7v5SG_OjsHANYiW(U6Q% ze6UrQ2q^#V2a}TSC-CXT75Qf+AlpEY{17uGED&vW72L=y9U;PnSwtk2^c)@F|D*L6A2Eg&_j5 ztZA}=!Jw3tlroX6^vKHpqT0mbs)p^a_~g!0hHu=zd{ML4t#`*8jvKoB?O!~4Skb0^ zyKueLyLa!4F1qN7E3V+atyiyJI>sS}TX{zQ>EvIm7$B^u8Smqt#bX;*%s6Lb8i9?$ zGSngf*ze(ae|~%JrMvRi58U&fA3FcysX!vE+NO2o{RaSJRQ-P<|Bz&W;+#D_SZ1{l zwR%uW&)5(!pjT#WH!M4pAkAHxea}7rYeT_S1wRxEgi3O^s22( zgd8k;ceRFPCw%2xuTyV{tFB37#@%FQ3+_dXHUd!wKIv6A zc{krZ`Nn;FoVd$|wawmhGd(_=>{#Ibr3(4GGakPcUs@1(@WlRCJ-gt_dnTWC^2oes zCWGIt4{eBzHUsbC~TdlY}@s~R~H^Nv}(}Cc|4XdS3C9A0o0uCtQz&v3hLo}uoK>TG$7Xp8ji$H9+YrJDy8P>1NJ9$LrynkjlEC4tQ z=l;wwO^Tu@x;~DAA)JjQUE*V`tQT`&0H}Ru*`?<6DIR$`9X;;fw?4cOwspc;Dy z)FL>~LLf-i4yC3gN==X&h)g6i5DMEmhB!spD*vWruXLkue<{V~`LSodK7R9#oYkgP zc@t-P1yQdg5C6_Le=H?G;zjwRV}4RE*stf5`SlZ@pS9n9{T#p@NA9nR6A`fD5=Hz? zgCGqx`<VLw@31=-9kAoZhmIXMb!qI#eS2SU+h^lX9xSQ7v;Q>=y3RWr@;Zs40 zBEdq_1V$|k2P93IAZTt>15oONwb-Izuf&W$tkLo(zgEwd2nHMApVe;vJj88WdGD+Z zy&U&Ar--3C#Gjg`(EvjewvL8B*x-l&ubh94k(w(8o!H3wQ->%>%lTF9mFvClOGf!r zC`!PVD+VQ2G(>>V4&mok9K_!o8Vo^QcA3whP-2C^lEOp)nw+0$&R^dA`R9w@ynX9s zjqa?*WluQe#reCG{xac@b{0n6xlM(+x%rs>olbdY%b#^G#oo^?#3;TBrNtZ=QF>tBX>pnuC8<#x|t5;>OrT zOhMrwPZEO6fr+Px(ZpnJ^3R(@x8HtyfMDCiGtM}pv1)mKX{ShjkqA)Z0)_};g^XYt zdg+22Mfn#}V3aVI2}tE%oX~4rG?&$74!>>w0Xy~KtTv-6y`U!Z((CgN+okNUf17&5 z*nuMkbY9$)*`P<+B`1zN{PvF@IofM=Zqt2RFrp}lB>w5r=^26Y!{uLN-};uC+S*mD z77hHx$&)3leZ8bS@0Se?T%)jreu(@tO_niONk*_)R#5WB3<>}Sfn*9sO_3om^JcJr zXa2>Oh>EUJXzi&+qakPCiiA2UipE2Yr4^deXz;-N!Mf2(uO=VCMB98~bEf!_2dztd zLe8h-SW*B`(@QNR7yvR9A4W?Tvhd=Dl4c8-z0<#4%Z)(JR#BhzCjRl3?K)-C%&nh= zKK$IB)lBJ5lK!5kBxrFU%LXQ-OWcg7mOFy-#M9;mPGRlBAnrh@?9N`gcdBW{ljbZ z4}Vspzs%{z;Fr?;@P)e<4cySZ?nF^S=#i{xRgF??!BCKc`0vg?wwU+<+g9=35Qg#k z6`^Qp#>*$HToIi@CTT(s3^lSeq6Z}eWm_;zq(MMKkp?7VF(s~+*QF1?Y3}~J_C5IE z!P6^K-&7_Ze&~}ux9)V~n7)&LUbXKZzC7%pftwHMy09U+!G>kOKWWss+dg{u*v!a* z-SD}|CYxMv!39@ddF2sD9ATfg;h!#%L=Z!`5t_J09zDI3^_YJ}ao3m+ZO6*aZ48RD zjx|@<8=o?X6%K#ML)(UcM~&|LtWVx>Y;njby?5Qd%@ z!WMeS2-MmikinqO{(WjBsG|~^rq+a%G|?l=g#_74gI_SIcsi*|aoTHF2#X{`}3V zo84VOtfiVGssx|STY zOZSdEOZ|3v{llf_O<3~KQH32kbkH)e=pygj`9;$mv=&Kfm;Ke}-%Q&2CXu}ZnT#bO zq&UnT>gEoI)J$lQ5(H3cPT@>pI0731%RgY78k8Eit^cL9i6d^Dz5lNL4?c9*%&OG9 zY`31Qb}Ek8+1(qCr}J2gr7u9C*Og=s{9DjsMhl z-om=xT?*#b`>%?m-J6gskeLe`F8j;7oAmGer)Q>peC;;n9g8^C(Zvwq*sDuX-O@TH z$hq^=rJzP0K^oOW)LaVyX9`_#po?NcD?fBiUXuC48}SwONxoAzFYwjIr43wBv79qJ zfn+<4M#Ba9`6b2C?p+E`9NoEFMa%n>3c6$W{JsBY0iS{C%LynISNw%Rc4-N0zQ|Hi z!wnMz$O97++43(Z&ZLd+9^(}&oVyDhvK(fPvY8P{(U5;MY7!SR6o`p~03v1@0GQCE z78n8Ae5>T$uVQ_AmK|~Ah_9;>^DC2&-1EU+TX(tTkRhDazG?F2#iN;yT~0c7(_8NR zBz{XTi%RGfMG&yM`#yAK|p89Ass5$)VIZrnKT+Xw^!1)^6;Ll7%!qEpaN z3yG|PmBG*mCZ#b)SY7_t4?S~!Z{_#ijhjWZu!T` zvS9*BMIn%sXpp6(MkzhDVU$Uw3nc}l45_7Wg$E-m3nwds31CVH^KWSZOmx81 za*LpF)M#41pbZo=f>8t&IcfUew#)&zj;!@oPi3Wg>!ax`S6~S0SI=`IqYN+O$7LMf`xvhM^{q{q(eEIU})2Gjx zHLKg|2ZWQ5ziSW(oHSwuFw}{y#i7_za|ujJiG=_en0!b6A;ai21(?v}2_b~h5E@%O zFcfoFbI(Sy8)H0&gf;I#T6zEDWdnzF-D~Wo&;R|iPo`H799+chnhIy?l4!(haDR(g zZ=B*E&q@Wg`G>z`43$a9G&eT~)4s<1Uo^34tAU-Td|lm~^1g2Q;SsNDMW`vBs&7p2 zP9AhPu|*@{4#nY$j(HslLS=>7X|fTO@;PCeFDJy6AI&3dDZ;=Cfh-|VU{2lE{Nn+K z{$jAmYZiPK{+5y8feK59Rp+)dit!9)5~bE;P^p1XOX&|HdthiRbYZ3S&yT;{b=O^e zhm4*wrS#D!r}q6>pU3WgZ?7#kxaEjpoYm$vd0#hpiyFQ9R3yKm^U+6be*e86Hy@h* z+0Y*I>yll{D^5Or>!WUY=bqy-qlff>q@CMNKKW#R!vT5}W}LVb0AeME5DSh=N;J}c zpZpVx$>o^H;q$y$AxUOIDWNA1nV5pok390b!a@WfZOU|Lns$pbS7DYOMeaG(u`~hio2gjQHY%FX)9wsdcpC)*0L`CHXsk^=io9dD?7jow zq*p>H@xNff0{*HvKcUGd6a0AHDv{tRZjJi~Sk`%N=Ta{;6gt>M$)M0sVlX8=?F9VLH}&UfwJNdS}=cy*l93OUho zV#|K^V8rB^rrzDqh)`05K?6@@4Rek8UtSyIYX&dBJ(n}<+`xDCYwEqGSfZ-7nLWnc zv_-#@-toc-h1!Rp+k>5?yz1x z-#-10cRD;j?SMV{-F(#Wma|%u$9Ea|4WPIeDXi#x(BY#Vec;37;h9lGdoHR^b}B1B z=GR*vcgsKTK0Y&gXiwv|Y}qotN65FnR^ERgpiKjAMi`|iX}HMWGyjBOYJET4(7S)% zv*3X%WAVh*dda_L4R5$L*_tRdYt$qPy^j^9O&)NC=b%HPSQmOitEs#rtH=afnliD8K@;pn z#tS-k)#{&rkAEptJKw2Q%6hr49&@iYd-iOuI#H61)gkHiPi&5bA_9hn3L5z&bqLG> zo}ovt^wh$j5l=M8!TcM4_A-6OmaTb7lHWWDyMN{_D69-~Ed2sZi^CYAHYW7aRNX57 z+%_=;Yyr@va0Z6CljnRMJJ2o%enXrLjnN;`aDh)jVACStgT z{5Lc$tc^3r?793Njg`83uf8c+S<_5JW{m%HZ_Mm1t8RLJPN<^FfLUSo0(XZ>10<{< z01cW5GzC%@GL(YHBml8>kyf97IRTuArz36oBpVYI){MLFcaI`nu~^0jR!Wz}5+y@Q zuR+O)On_;~2y^Gop!<* z1;$W^kCq2%M30OU$x5|knb0fczrEL?egFVK07*naR4M=d8h`+CRm2eHG^K|Rf;+LH zg}UAGNP__g$>20LH0VL90GdE$zYAHu(6z_@ESjYUNp;MOB8NVIk|u`I z(5vB#9yP4!q81n@mVX&iqcm5@fVts9*lP3ckH0nl+(QR(V#tf|+mPtoXK5We7IoUF z`;IqE-=sYH$jSW=zioPLbA~rHDhj;^U!F5yP`4!3{z*;I#SNKxM}~j}rAcTt6(Z;OsIny0FZ3sC)rFrR)ps2 zh=;#tW~1~dpV|kvhHjOAHq=-8jZ1%OcQ}#FbLEFIAZ>`LKCI@ z2#nr!<(@vdxA)xE=0dnHxA{#U@~sMhV4VDTEt1s=Ng*&~P|A|RSs+5|=mn$P(gjig zloXkWp)gXSM^Fg$`uAJjwp(rdyNg~p{lNabQm79E0r4pBfqyK$Xu_O?Npn)y5WCcb3j{F;@t*>aYpzuue2TsiE)vKViH2WhLB1Ua|+-mn% zCd4RqC?WgwT_sntT4nzE80^qP59P%6_SBMlCUiM!d))ZHulCs_-Kmos1+kdW;Qph~#5E3JXi9@pY^gD) z31K&Yz@n8#1EI!{5HhEU2}NVfZXn#TamU%RUgWRMHBS5u#QlZ>#_J{j>v8|l{6dT* zNdD3DZ!@S#(d@tweQ>&6GBs!Fpv_&p@{3*uWC|Mq2x!m;$0-fHyz8v@3(&Nw$Qy2P zBBCOLj30|-FbQB-Y5=svG1qcOucAW{fDIT8^TU^c-DhlWaH}ZT@)?_cmXvOqt3%T3 z__?3Aayit}6gOlYT2MkG0?5iFUvWr-M1mHfBq zGnudc*i#tl0VmGocSiU+Hd*8L$o=2_Hj2j;p)iC)AR+}>l+Z|k1`N@Q3>blFBD+-h zJW(P5qejMrE?G%NiN?L705ao^-ec6?Zh2w&qf^g1bnu%~Y7V)6^0;j`eDuswe3`i} zp85SlGmhA)&(8fK-AldS-v0UIZ))~CX&){ooNq_O6`ZpjQ&Yr>5Xe@8QIgTXYVGrX z@!=cZ_}J`BV_{V~)7a>~0H@Lvi*v`eVntkMHER9+aEK*hOTDNZ9@{7x26K59}=gn&L7BqR4+^fai%{u?$2{*so zsKxmgPm=9eEWx>r4?CNhBVK9oyZ3(-`$b~JsJ@Gqr%Q^9cRpw5Gp~R1=?jYZ^o~G8 z5ff?!rKTv`2wDul)?@y&K?%ucYJH}NhF-C zNL{P_2R#YLp#%Ujp{azRL7=86+Xz2g{w+EL2uG~d?f=MO-}uhTA%|pt=!xESC?w*A7hX8*u)~Neb3z~!MZ6V}T2oFJvgS{C=y4EIgj5q- z!^;~31JBaT#c55p&+k8IrCJ@*`Eg&?ayJA{&K>haRC3Tz;6RN=38WW>R#1u|f~8d6 zq(Mf{!sDN0f`<5Y#Z>02>)a1C1j~%SY)o_TY4gMU-V;y$IFAE%_KtuGp(PMkwrCWK ze4?S38l`Ak{&l6#V1d!4A&5LCG?Asx)_z*z87~y^etzW7FTC&NJ0~qz9uM7r#-=-O z+J(#Z6>;yrR~N9aU2{m!S<4gSE_(Zm1@%8adRH&v?x)>wIeGg<(@F?91k)l8K(rEQ z!h|CeCJ3_q?)(qyTYkf@!(*;nTIs%e)$$=*ES`wR(oGRQ&f@fgGnW%rqI@-?m{$VT zvbuK3@~(x6yu4zNFjQ{E2MqKm2=tm#7?fz%CjX9vU);-$>-6%-?z`{arArsi4P=Ih zgyvg!B0z0LQJ@EBu?3Gnll&{6fPtZ;DF4FHlp+2rIu?6*#XKypihDeYtZL4^E#l5< zWHrr~BRH42Q(AM}oz?gwu}fFX`fSO#1Bd=>cK`lrT3yhC60|kZP=X%ohk_n%G~MMJIIFdMsnK8tg0&(q zf}y8LjXgD=NZoheeS9eO=Rf~h*MmwyZEfvor=14C3V1dhU_2|AEj9OfW5OY5v|ymGNgZlOBHd zqC|`H5njX25nPLK4+qrMlP)Xk-?L!SnInse^4a4W`5I7T>dJ?|I&rVQ zr(XO1)2~kNGkV}2$L|=)V`p@hJmS^)m^}F0-S7#QbDm8PO*c$`4MQ0I8YW1TYs^2k z?$3gI%WBi9=Ej!SBDs^$=W71f6#ZD_vmnw`8T;bxRs0@czi!E2Zs+LfN21}NJm4Qe z*`^jxdO=d?UHkm|BwQ+ZGiV)N_s5WTI&_3GqF#BdI}& zi5oy}6OjjcwLECzfj`VTV8gt5mCcReLVkLtK9*q_u#Iz8<3fwuwPsFiJb{cQnws6U z$ciO3v;MX4$OHO~*?-`SC9wmJ-{zqkUdLpU!QChR@9X;ys*lGjU}D4=5rNbs95S=7 zY||yG=%s-wNb#iC=iavbD+KpfMCHr6>*-M>wA>yAB?=5F5GED^Bab!87I3OE2Y2hG(v}*dl?+jNE~z zi9k_KvC?j9Fax8pfuKaD#sdPgOD{D}7#@1&N3Vn+>#TO^Tkb8A4lPghyeGzH#y$}W z)__|V?uR%^eV%k75CXQy)HD^;#SL8i8aEA!5g}-#bV*PkWC`?t`;n+yXxu&IaXSD;lh^LX<(z)l5JS*ki)bBD^E}OXmL;Mp|w8c{qfoNR9(nVpu=taPrsL~W+ zlp2@yGH0;o{jp_>>R)>BjoVKecFdlA>iI3AMt4@@+TzY2@)B$>cXc?P?~^=WNP&L zk1DzTt#6LqxnF*oM~>-czHi{4*x=7uO&_gMQ|dXZeelf@2MriAX5g&l=|$Ck?Wq@$HYF4eviNGXuwbGUAT|N2RGDn)Po=6`M0|99*^P$HkoFgZj}+8OMRm4Db82g^A;MNfMLdZ@O% z;z&aaS0JqnQbQ91nj}5w6udkVO!B$so@>F@Qs6;9PW0$p&P7h1aU!KP#gL|8#6_S6 zMwei4mP{8Koet4}LBl%YA}M$A;a$E%=8`uHO@hjfI*^xqyQR`l&xfxium42Z{@hHKh0wdyQ|4kMg`lP^Xa)(Y-JjZ>BmJ4x z_9_~107)%M@+@Lf;z7ef5LM|76Kuk&t*>aApUW@5Tz71o+nSo1^xyI_KXR31tcQPZlFo!ULhC^uR5fpQjO1SvI z?T5?1`$!<;@qnGhp8Vb~kGLboT|i|w*!7-&s4nVOGWi5%^j5k5 z|C{qKhA?N9LJZCb;!l@G1ZT%e<57c=Xz-vVgFr(8pfxRHYKky`Dc44bkA>8ShUOJawiC7jjRVY%0FW6VA1W~@Xfv^2^C^e8Byir&wMTL8+Q zn&_ojWB#$iWZhoTA_ReU+if@ASA;oD4m!~jReDL9sM3ql7Nmv=fI=5dF`-7r2?AX* z(MnMM`7>-MKT!SqUvGNeC2yX8(e|AR3##gQ@R;F6Q=as4Pt07o5iP8m_0O4yA2MXW zvBPHjXSLU!{i1Tpw2StPckA4dZ0mA?+QJbLCKTd|j3eh?nW2P(2BiV6ul(a54vdr0 z@);YSat1HO{P=CI+z;#KF2ZbcV+iXd{|uj0e9!$y+0$HWa-sJl=HK{0Ln{+9BBqtV zsI~uRA2nbAl$oKMTA9@Vz~KT7MZHQrCWZvS5~Q?wZgU3mudLx&hZ&s^)c`akV04KI z<58Cp1CIwe5qZ@BP`XjD%diU z8Ee7Q&YjW_jJeE#p`=C+TOJ&pa>^;>A6Mo<0vjBdR!TK7W6-55^8ykkgkw!grYR;g$&YBG^t0uLgG{{+`N!4wc}0tdA{%bFAtyEj z7_yC0U?sw;VI?Jc(g9D3FbELv6>oNbNg)C9qtcf5^ ziY6CbL8gY|GqeCf-hJ$jI`5!Z848QC}!B$S>4XbCLefF};E<;$kj2}OK z#~pXnEd_>}IAHKWW?w@|L^KH0<`aQYh@nLUpkz{$TQJ(t<&Y+L^MH~MN{Ip(5Bydv z4{iExJ!IVPUUkoZb0xZAr>&0Ii<_Z&;!e|v|wQ2KD+BLPqh|;pM zGOi3btC?H*!6zCOqQelM>Y|1rwI~@$2_itRnh4*K{}WC)p|Y})H;@$wheUblrI&cX zmudQGos<;(|O09FESH44Q7 zPZxi%=2y2Zy5zUp9<@c+DYeO}@-995m)?BAi<|8|yw`wE`Jud;s=CT~)zx2rvu)(% z-L~E0fsay8KRvbY7JXlT`m@SUzdV2cOt;Q1+uT+XR6~$}f2fK!g2)q5BclG{@}CWt zPESszXH-_rUmAQOd3L1-ZXLYPkPm) zR*|jnXnrdBU+ewfeGCq75^C%j63dhU)1_f+kkk@Lmb$d8S>Jk+pkv4btf0BTLBzX82DE` z3IqoNi34oag%Sa!GziiQrqN*z41hu?{~Xx#lG{7)ypz*gtLQkXs%rhKg(ykpGtWE| z1hX9b=eSTf(L^}1EHqSlm;0q02`I3Z<G3Kbrls)h+KT&uYL3y`pYK^~`TJD0V;UPeggfEzaphP?8l3J_u+)stde0 z(1lD9238WJm$|b_r=ofM4Ip;8I7(11?$)&U@t@cE+ zw%j%)gf>gsgccPcgl?BKeSw|=$yIIZpotf{<{9fmI&pZvnpnJpbIe(n_ zoX`2J@AEn5S-#(ykr;#mW{AqVohcQom2Z1X=^aT~D-LChpRzq=&ylwu@NE2T!-lm1 zdk&dp;$y!0WmeU_^QN|K+uS;PN#~Kvi!c7ov;Sa^mcC_56e3fKpNdrgicnz_3{8pT zN6e8y#feH`BM(OcBnZ>Cad!Blj?>Cz13R?(BCEh}A@PexbR7a(O`P(@m^YX!Q_%>( zAxJSHln8x6@Ru;rDsh>DDGr4A5|c-k4>1H3n*;2HhQEL!JYhml!1*&$QV5t&gXmGv zGog6hZp<%x&_*6k`EJ3LwK!OnRUr3`xR= zpg$G<$g{Um!5SZ7^0)G6%802G8m6#}$8qDv(E|}Z4Q8)iy&yQ3vE~FR*9sL=2oMI2 z;E1M|FdiNJ;UJtJe>eyjZ1Xjk&2IL4@3lEKpSwLhJuu;zZ>GNSn!7&vM2{zV0QRPN zQjbI@u8n&5j>Lcf^W7pMAutGHLtIh8ga#ai#1sOWRZ>EuAox=i8y9DU=ew|R(M>*< z>e;pLnMPdI%+mw!#4x30&0qgcc*;X)z(i7kDRT9Mq~JA6oC+0PVGbXTXnF}_O-sY_ zK@S`_kT;6NBaiuerAz^^K)j$+4e%XE9;1sDD~3AuF-wmYrjQXnD3TQNDmG@}C=1b2 zAvTzb3Oh_8Z*s7k_%N@%B5=smov+O)argCQ$9=syX6?4un(`1VhpKMR3iYW`)30>#aD9ZSlEW~rv5Z+7v_geOKtVbg!9X^s|z zhV;lQNX;s2XcRFbkYS3ZmoSP72K9lRF6YGabKr;XNVP4!F@&I@ z!Vp3hAW%_K(Eljy|LP;h-Ed)(Sy>k0^l~k~vLIS~iIppALX|o_uIU9Sd{D(Hk~FkP zO*;gp;#Y!bogRPW&j)0%IP?f027$Wd z3xYrLvUawW!0K}?!50nJM1?7ua?y6fvcg72A>|hn6BQ>NI0&FZ6JI?;WXcr}{V#s2tWj$B|Cn@&hL zrNPuJy$%2W4u4jPTMD)k1ToVSgTkOEFgOGZtxzEd9zG2kaNvtWFBPSLH3-RLL205T zF{u;~f9%LY0qY;()1N#GLmC843&4;)!|0(`oeDTFU|M^dD{FR`DQD-Qdjz{6o6a=O~8$#}ogr7e=hH8!x0YX$j zO2a;unN_q95+G)#piyUv28VwJ#=nPs^2sL|;uIrNbj0$!nb-t7Q#Agb0IzVdfB-|( zDKlOq&^W~iLovu2vyyR!(voqQG#M8kUF2b6)1J(|7-I(kBnyH+lGx!hHp+l#Wm)Rj z)T{{kl5zFCi>5^N@hXytVTvgT3CNoGsGpE*eo15y0D0$FM;8H_vd|Rp{`z~|^34g? zSI90|ER=l>jHHjS8tVM!>o?zggCg#3yX`h!KT=)JXTVxJY$5iAvWR2 zvMu%B!XGc^bN&z;LDK(M@fTlqs#NaHrQAGYi2zowf&jxn?NbF@g-b3es_>Ra8_?gmSGo zrA5z>qU3OApChj@;A1d<%#LNL;9au{3?@zPAee%NkP(LLSjlrHLgUo2AU+(Lw2Z9+ z;ExQ?4eWWjBSI%g5%3+3yx4|wJKO;#*xH`|xPHSVDHMfx`g+IC&Bp!u|HQR~t0!@Q}BSNkirs(0*?9dE2N)SRun35#M ziCjZ^6&O9UsK~Wa!xXyoh%qHXPNgM-$iRe_Ylg^6m|nA}OMsyWg@=F)N?wXgog4lb zDR})WFuW_ZO9TJh+ihX$EDsq{Wb|-=n9MOZ8&GKU(0U9&{@W+7D zWD_QYOpzvL)sQiP+7~S>BSz1Zd`U(E&={9@I4CldI#Uo#(eOg=m_;T({z&4T3mXVH zS`cVqQ-pLKgR+@l01nSj!e1)#NH4QOfGN$w#JGdMV@i23lrIT8VPMTRU=BM3Xn2H4 zgJudz90>%54ikbY#IWqx)U0!)GArZ8oZS%MCksmNOko^aaY8U;R`%)TS^-NP8A5{Q z+6G@T`SF)9GQvb!*dbIq3KO%m=n;09@TH3jn5dsK{#ZtxObJ70E(A8Q?0AuPdYJj^ zU-3wo9(m0wS%&0-HHP9yModiU2_7+7P%h92D+aLAl$Z$6kmr&{-4c&4N~+pOhHQvd1@E4 z*rYKFO=H$JX0Bu~F+z_P#%VC=k#}aXDc3SCr}BslLulETS@rp=5HW_5lnOGkk1v^` z=lDPdQ?lUj6(mEN6p>LFl0*Q49&7OFMM#()MP_NT;LOU`g^9mnrUxjcDa7EYk&bX+ zNY)G`CW0IxL?fn@k(3I22+bNH8yVI}rm!QX)5|`yOrc0~@RuX0$P2v)mL-KF8(S`diVUHY$zCdHs;yZ{~u2b z&S8NeZFq_df`(mshH}H90D(MAX!!XHR~%-=M+RYT`XKm-%Mr#VCl`$=R2V7^II`?m zV3sNP3PS{TAn2tFfjkXK1t2@9(BRV(2EAgYmpTNEDJ*CfLg|PJjQ}=j2#AnhEFdER zX))BXh({z*l#GV-G$d(E(KCc_XsI{`CC021nA{--Azf(16fgvQapXv*VE!fe6A8uz zES3eJvT#C$4^3m%B$lr^;4>>b5X?g}1x?J*G=(j+9U1tJfGi+}3_VkDAP|s@dW>I6 z_zOTX5?sQc+%>dQckBPZSpP2mfA9HoR`}<>!_i5>L4Y!M3OYA+WH?8UP8?pE>x}^_ z%2WGF`wbONc6w%Y#6vqf5DPR6GD~x|A{G#H4kHL+KvDwG3QSti7}R~MZ7=swlRTy% zkc4pJ)D&8BtsyiGn&w1^mfT^1Sw#XNvjk~$^4@DPD@DyRL`%6tOA}VE_f@cU*Lwe*D_63MPff2J4wp;%|;hsOLXVow@4~V-&~z3+u)TGfI2#@rns$EvgGL7jDr_^2?1hnK55J#qrC;R-O$Ghy{R4$OAVTxIuZqUdm ze(YmP9HoXBv+y;=5P}{fBDlChBO`eT)a4EV9;9R(`;wOLN`VW_BN z5K|B`NRJ&SerVyZFfa=TT@ldObbLWvGWe4(*#V0Z6wMHV=GH$oK#>52Q)9x4{x7M2 z7k`jsLxF=fqlSY0e{lYsHU3XL@dR6iSP9hLBc@XVI#b}QRxqtJw6&yyB=Ve(4Atk~ zc(Q<^3}OlzrehxtTJ&)8S0o%7Q?d{31Oo?O`9ozEvud&57R3)SY;cXBG~G z<4!7y|9^o0mMvTOg#o@^fk!2xfaz((rUs1wjYQ}f5+?++Vk#+SRVN5QGfR&oggEqK ziX&P!9Yx`fSrN?gs|9=&zG~H~j=E4H;ENr9rx?hWq)1kcp^^n68bgw$XI9JP*1uq( z7f>JxJ`5q?xaSYsN82Q?rY?o^-|Pe$3ru<>2EhVhV#!3iyIn80g9uG6*XSm?zkG!jl(z8uIzo#iW<6qCycz zVmdY<6sJQtu4Ps|L1ILb3Q3W}QIiXVB~R}dyu|Q#>tAdAch$d(|HXyB-&0RL#c@En za3bh5)RDmuCbV->h|nPjUs_}fEk!sEq54BbP3I9b0r9S$0ZG#9(i;j zn3XRGhC*31Mi4_@y|kEuPqg$ht6qE=XG%6Di6Tv65J=MG9RWCUiU54k^w3NphA$^n zm<;8`>0uI~qlit(BLJ;gS(A4;6-Q3t|6Ta=`$qhx5#MW7Jjy~eah{AnOxkJiSJsXl zERY?{{0;jUflm(~VaYg{z|oX^aWT^q8v>UY{$!-|mAiwRz&ROz#Dt0PaZnYXp%i6P zl5l8}gg}z!*1xlnK?W_FhRy*bN2sVN272V_nMH*uxqv1@Szt;kOo>T6 za)%hR@YOp6@^FYs))+e0WK-(Q(j*LDOe7t5jw7rwORw)ALP!jCDJl|VAYjtNhd@%+ z2ZXz`~GO`05=3VG?)pl_Ja&8d_4MX9~;of=;Fs155;% zb?jey_>&QdD?u`ac5-)02oS_{@JEbU`05=3J8<0kr*ho$hhm^z;O7tJdRFys-jAU} zV(b?EE-gc7)|*t}v-T!$n_y!=q$kEl$HgTjrEyt6hND~-xSiKVVu(7z(q*&BCLAp1 z_b3^9n&Qr{7{7h#lC9C&#`G9LM#72^8Uimg%yNk(9%z`(I!VQom>3_QnC>-SmmmcM zh>BiLWfMh{XI>)`>54D2Fv(YbnU#z*FbIbjn1v&GXt~ITAzuF5_$TaGzIgKyMN5Aw{7K)*=r6&a)RZh{ zX$<88!Ysg<>fb5CQ`CRv&L8G)KJv%Aaqv`a;|t@$UrsNI`u|h>Q{v)|9ZTjvH-Kc0 z_vnhbOAmT-_Yr9dqWp@&nXFY>XTslS&x#+`?>GO<29*=epVQ+XzkS)_O^1auP}|MB z{rkCFqH|yHz>!(PyLj;zp7~EaRTn+&yzxKo{5Rk6(|HPZ(Ddv>5!y5K@(Qw6+TKa; z)w!ox%LiJvY}V}F`gMB#l5Q>!G$zr4u!A(^qCgpHRn$APS|MZ8KA^Sv<%rA)3H9jB zJ>TAH{-dVWQo58EO|)!c0l&z=heLzFpl#dortY28t6t;g%?bIQ2Hm%(=3c$9AOU&_ ztM=>yz7LuA(j{suEL0&r%|Mcze*Q>`r zRI6LJF8}hl>$~HBI%uAQeSOoX)~!3{XY;?=XmW(E6EGh0b|!iIS>DB<6oK( zWt`GTlO|d=u|}q+tpB{SL`GqtMZ*F^HSRpOywx`<+1xlHMnmBI>OXDndv&Pc1`Qh2 zuH9|y!e7`V_`>P&_?rvBS)4yMj0zqQPE-H*A{R;0TNwxb)3bJyR;^mJXnJ?OZadO^ zylK&|zyC&Jw!ws`&RG8foZg22Pw`LL^v1he6U{H|BBT2E?4HeDu9vr?C-2PNzY0v? z(%6UG~&JiwAp>V|VY|9~5j>8n_W-Rius< z9Qbf_5~0k(sCr=Hh^7ZDRRBZyD56Er5EcK>>#y_+k{y^xB4hZraR}To3qh{{P=tUZ zchCtt=8am>X70vUukcUVwS8Yukdeolv%#>5I*K}&?C{bTywUi(n?4=hvJ!lRX>uw@ z=wca;2n-@dcq{-+c_%xBVWLZqfW#osWePqV+Hv^%1e3|LpUiE4V?HgS~ z0h9h+qhwgKSu?x=VG0#5*l`eJh)ss{@QugNF!PrM^Bzp`B0x~L6GZCF_+yQRHB_)5 z{FRQw%t_of)4SrMPD`rxdA)vl)ScXIV6%0|KNIM(+SsKe)*!Q#Bt36+*4Aw%! zg8j_f5YsRv;}E#pGyA0{=QNl-xIX{5fmsFbxKmUx;n1r=V^e5Dqec0LRo3g2AJkwMszgis0!j3D6@1poN$^FCQ_4uQ*jlYZNIATWq0w%}W> zTLXN!l{a_5n02hl3xUC>G1L?ZLcq_DKi=Wku=tm(X+;N_8h`^bMm_}NRYooxds88c zlFjj^r>2|xT5KW!LBpmm2c3`k)3O@c!2}e$#j--!O-7g|r?w-rQ}A+H{0mh7#(h5g z@rzmYcw~xR2-t#V$Smz_@kd>N5I^b4$QjRnT+2HuxIPp9$JM`4Kp7pJiPlnKi)a*q z@=5u1&tOev89P#3aAJ;GF zS*K3DdiBOH`CWFRH%{x&paGl@W^Xg8rtTW~(y(RArq-`t|H~bTN7j7#bp86=;?-~W z@s>FI{35n&Q#Yt%mcVrBmNkY7OkvYAt0{V-LIADIq-gH5_x!T&_k#&V%asbW;->a$ zGj@%6!$~`^_=B$FHf1I6p49g#o{$xK2L6E)>k5Y+ zVCk8HU`oN~$DjWw8XD@Cn3fq_=*q{2&3V%L^~+_ub8=Ewjs0lJzEl+VubKqf!1&tq zov8a|?fc^@Hh~yg6~xdOtO0)nT$A zjQxuTbsfK10b?0LAsJ}w?Ft8iDGfA%MX};=9Zm#blLb`?b@|#|K``frI@n=?=%q#l1OMuhaRod zhiGIJp1UH|Eq2E4ne zXrNiO!z;&px_CbXg|>CpCwBSQ?L2Jukqq;vicx1u3r!3dp(!LqNWjd}BdLHTz$}V7 zQ>XSBv@X^pXsX}NEBVm651+P6aqzs@tgQ3{^PcR#*4o_f-Uc1Nne|zlJ_}5J5v`Nrc#dsn`e=LNU`TYzPx@-XUn5+VzjtjUm3rVlt{Wx*x0Y@u^uE zN9KI=I&}zEAI;suPT&>L(!o6^EnPaae*LE=E*sW%uw^Z8*Rb~BdB6Ln@B6ynQxti< zdi{2!n5<-00pQW$uy=^lY4|-E|Ev@eGKavyqshg}m-gpWAt@{8P}KKt)~m?BAh*y;)wKxiub-o;~y4=r?`I%nuqgco~#Vz~6-7Jv4LB6C~BX``f)&Te<&O zGT-@QS>?j~(vs5B__qvc=~P1c&vQnSRl|l2yN_6K)N77egMPOCke7A%yTMNqK-(AJ zdUK5xz`ryFf0#qsvbF2C`y?vfzK*hX{iZLTF`z+%mwxv6{{G`cPEG`Rf42*H8iCQ9 zjL!c2L6MMHYkDlu@}tdAYYibs1;O7~Ijj1|$MNS6%Zj^#pZ~cRPZXr74M|U-kdJbp zP@s?OTxD4=l=8-=nrFT&Z)SQ*a!MvAOx*H+y*Rw<{PkN_|Ht=(=fC?sjq@~iHXJr% z)tu$^&`f>3d=5^3Z*IN%)sy!v8@;H}f-T$DF7I(waCW78yLGN?Rct?c z>FOTW6pH!$UoS?yI6o?CMTeC4KUlC2WUQR%S^w_!Yqd9*&;6wI)OXu`Khe zO899(QVyp<^4i{?-8y1XRMb!X@2iL%5{}k(=b^T3ByzHI zf@?lLbnUinODDcOYv{CJJtc0fUu1mG6~syUGy2Z0U;jFc02=WqW`+bw)4D^z0d{5) zI{|;c$ZNYctMt`?m)`zz$=)P$6)%2WlNRNz(v7+d9{xbtfS7Mz8nClk_u->IdHYBX-vVHpNV-MBp_wP?$ zYJHbwZBO&ExYpLmuZ{J8@RL!a-fVEN@8@f|CJ-1n6B5lViVZJ4VHXJh^xfZ%*z!u( zc5R;QWPSDZwj}$$+sE3ph{7}VpOtg)w;WS!Nl_EJ3`zg=`!(yv_pE!1<&$l;bXww% zTT;v>k6ZW23m^P8dj6V?>*h7tH{h|4Rehiw^i--egQ?9*aAFyJXyxjcV>)Jo)zw zAM41L;Xm%3`2AL{Nc+}I{PC9RC1O@R^unMzpU>U6W%Zawhq^xa=|PTCf1j0$J{p_Q zaN+Wgt_?Gn&cL9YgUg0?91uIM|5K&&A_q*u22TefB{Me=&u>svSPVgv8`D z&%w#VpSG+v*IgO7Zq&mA_ue^s&6YI_K1~?VW!Tcg+$LqDuKKjke{TJH?xc1NpZ%;8 z&o{$oE`Rg>tB>tjGIC*Kw&YJMdsZ!MRzXcgs7MG*04h8L;3&Kk@aGWdZXW`Jr!3zS zpOo!m_GU?IbF1wpRV?C{ZkWd0v0vs)S#mhT+PifN!^PtU^&K{e_d2N=>>1w_%Nq9m z``3nN6)97Ze^1YUOga4PHpG4yKlr_&6A?@DWJ>Id@mnmi(v3^eV@-zd&G5V8 zuIG9CwB}$|(uPITtd4hI?hP(p$+AX0-TD26JCgi-tn^f$$RbveqQTiIp5))Re`8rY z7LD%HXZV7}*2*~Z{{a2GNmje@JsOtH4zE(LveotLH?IxLDsk1d{1yISyJB!nBTjl@ zOSD8qv|^HllaU1IZTwAkEIz%Be@bd*j&*sVU|&BUUkZp9Tp?FHU`>3cWB)Nf#M*cA znK{|XR^^GGbiCZ(in#8c4&0jBw`o`~I0Tfqs(8}8@t;rraX%FpBPP-J-=*EijRMx zV&PVJL=pb6Y3AXbv#iTn)xJ6?$2a22+aE7$ZP*iU`C0r!ysq7vm5T@u@XZP-ahY%Q z&r6rCI}%R7epXie)&*9}R<{=q^b0FlrAApR%hxX}^XQg^oYR|UOq;f1^HytfLYfT` zkvKs@D-i-S=${Gy*bR&3Sxu{EN5@9oP}5pB`=R>pX&jLg8o zS6US#g8BMR@YOF^zpURCx9_Lb|9I%h%F8zF@x-kiu%-7s|JeTFrRt`FHAhAlz z&NZ#c+xMquVE)e85Bhx+v{KNc1 z1A=`6vaPKB>t|9eRRa?b#RS~<+RN6=WxEqSIp%`MnYMr9SGF~tb7hT>PSf^nnZn)O zg7^CL`Oo|xtrbb;Zo(h%Ul`Zr&YBjfBUFZy@4m{PPERVpW*yRheE_91Uj01yOB3IxU!Jt+{d zRvJQlC76f5DNtKIcFDlaH{Mw#kc*9My<>PKQPVCw$%GTz&cwE@2`9GA9Xr{vt%)otJk`#yh0ovwHhDgn8oTtQyvUTTlu-WFnDV@ zb;AqD`*5Xx$w*1>)a>roSGp!~+Qm70E1!0dKLn{1>z*c!pl4~D=7Xo+k&kO%ozKx@ zcWzQ_B|oRe)3p|_9|_8>=|yVR{~=m5Q0dhn?14T+ z5vYNIg?*qma%(#%8II%xPOi%`Sf3YRY@`E=v=UECl&MnA?zhpbDNCR$64yZPu zx7EHu-AA{FH3PwExtXI_mcZ5qL|$AK+c?!z+7#Jrw*sm0z1uff0H7g-piFGj?ccXxCAaj5KQ9WxFcRT?Z4->qK9-dF*(Vgfc!xL3w zco11OFc4c+FSZ})}=VS|lC%;z6&e##yze+87b=XeVnM1F0^Lz}^)?$ojJXYTu zjn{bA#hWXS3~jle#b=~<@sfk5!@a2VS0yAH>Nt4gB*0+MeZ6fKE7yk_gF|DM>W=!v z#ytD|b(#@56{irxaP`C1exY}e50_l+sJ^A0(Yy0%adFf2E=Ip!rp2blWgg#?rcz6l z(3=38F_ zRMRLmFtgB#Bj@dPVERZ|K6A^8AT3Fao>VFg5P=2L8(B@)yVvA#)s6Q^YiugCV2J*u z6b=x}89crGlaVlHa{~rJI3NzmcjgurE+jSDr-nSa0Rbe?)tW2byo!a?Z18lxnM;Z6 zm9gL~)3$dMN)5(A?QC_gNaM5^a$PkdB^s3kn?l($XIMS%1w2mhp>T26531|)R56*&Bv!3VZXPZynYy z()N-#T$S%tMX9U9k^ey zaSK7H4m-g*-n5ef)C~h@^tv6M%L;rtxA+UFIh^KjJ0`6!DW45irWO@qV87^vVg*nz zuV-`n5wUltY|~A40oUcxeWV-Vc?8@qqh*f-SeEm^{R<`z;Z&F$Ip>*!dhT$Y)vIz4 zURq19nnhC0C5?8^aXur3$Flda8md3=qX#QJj7b?8u6r0dVC$P#St@J38BM$2q<^)3 zT>o*A!xVUlo}(EEHdNCS%=jIM^E4ZR!iRft0ENJ400DIG2jt_wpMTS(V{RNE%bpV8 z@9e4~UZ6KW6Q?ek<3Ca3pZq)~bR6+zHFQ>ESEYlNAz?G@c5s|0E7i&1rv3vR!fl(7 zvoEApQo#Bi?#7L9{%L*?^9!;p2DifbXC*+-`h}CNh(+01J(O7M)&3FRJ2cqv4-}DF zh~L&FZ{3Igy{epAyVJ?Rcv_)M3fGM={<7+YBy-cbPAB`chhuL-A>SHMlyLtL*dMuA zPH?wgk$0Eyek%U3u0_+;##T+=)Q9MO?nV0mn_4~UInHf;U-ww?3FUZ0TCu$VAoQ82DrVOaZKGD-NxE zeVC*0L~3(mB=ve2w$xcvx6>l>^6e#e(#G?CqsLr*zhtq|8BXgZ{JC?rvogJA#ll@P zFos6SqZJl&&#hPq9u{F#6dY)NBAh0SRio z!o%ez@JJ$pe3X3kuqNnH-Jk4ZNPNf}%fqy@vH9AcJz1G0CH3-sMo5TwIec(tOm%B1 zZgoa-ZT6#_9l)rG%;*;o&F${r>BU$;&XAs}QDdkQ4J+-wP0+}0;o=xaPU*e5O$xe& zC;%IuNn19r5lgCkA)58Yv^rqZrN-mwwU*DSWWC_G-5vSUYhsyqIIHVOSU_1B zNt#JVpsTzpil3?DR--;{zoWjUA*H%nLz=U3GjKot8~6nIvL zz02!?u+_p>m*&+s`%**~fwzHb0*QUKL}^Zwy|8-RRPu!rNrJv2nkX`W+J0eH<@|MX zkgi4|zFXTcpf@X1!*~Gi&2kdzX2?C?LkUmRU)@IW?lh@2 z#AD`NZAtgA(@Xb~w`vtWO*8kmild(|9wJ?9wz|yevl#23lG&5l?1&|oQwq2B9Ix;G z2`>Qdt?1nlt#;Blz_WQk$FF4TrDQVE~>_WdLdPepcTYe7@|)s4@LP~<8q_EYUj zT3kJ8Smc1)bj2de_o-azOih=xMnztM|eAsw9N#Y>g1+lA7zg6swi{cvUvN z7eHI3^Mh8rpuMwd<;p$!&du{+uNyFFGu0woYu`zB+wpU>Qlr$neDJ~bKE-ZeN?8sT zxKBr=QBPzT09G|6;3f9vLW2e1-FOY_dxzW|W944`3<7ynuN(`tn7)rHqy|2%eXlLY zS?RdjOAMDD-cJBbwcfTtW_sx%qs{H1Qzy2XX;oceS-}COxpi@8IvfT~;H33fGc%c< z9`2NG@i6`5N%bWB(euQ{DscTof}D{*_?8Z=X{j>7vd}N1(r2njE)izpVHCrJv7L*o z0oj&Wc+Y~jKYo_7RREkki?*u{#iaon%_}HL^^e1;A1NvQC9DVGmI7F$o>BQ2ai>V${-oZmayb5v%hy(%E6K!z~W?v_w}grYf` zo8`ZS1>>WkIgCX8nuHzW1+%ew-0oHWVT>D2XVrMD+Ss{-HOqT%Et#5!_vspw!VqV6;+<8grd zaZPtnr`@u34A(OYq%4k6pd*RhWJXc$5Fe^CsuVkJe|!DCIg8(<9GvD_I35P8o0H&8 z8DgnBB$RveW_u^^WwQN}{o6qX|IrL8tVHJZ+hYnpkniPNKq^YhO)T1c80ZbmkLU=R z9hvP#>LwZZoqETf*dwJ5YOOpYk-v-aDZ4nBaq*5EY_v_%%OMH5;tCY6e~FF5p7Hq* zzhhzQl!-I}EZmcHe;4&h{-I0vysJX0^@PEo4~3(qnIrdy41x7VSVK|E3AwD!g+A^R z_^w4R(O*!chg_u~Dy_&6DgQxhUp<4=k-29SjfRVUk>&Pei~G|m|NX%`T-K>WU5h#0 zg-FG0dPda04GbL@JssJLg_C)Zzf3KZ5T0&xt|=EwP&5n;ZbCxlkfdbmtk1uiQonyx zR1G@VK+%mWltQ_O{o2ebY|)j<0FMuIbQGzX3k&UP9XwkUcxak9V_ zawxM&?G%&CJO|hY= z&V%Lc+wJ}E&IqATZdK3L3B(zlimiW@OrMD?97X(BU&Z^rCay$jjruAM@8FoBI zsJLrrH1v12OgII!@Qe^{^2ta@G@UoBVp7QlhD9jiUzvA{N}^xO@!IYs2X*OwfxwVS zmCG!dK$mVehN4A5NXa@395g6W9+qqKp?~BBK46iDuo6k z70!!!IeZNbORr3vei@ObF!qZJIqLvLt;ono0DI6t?53Kfb4Wq-eP#!tKmP@+_EKne zCz{lCEDQ`IiUvD9e&-q@2<+<)(8(I|1MU~}pWMCa!qz79nBY`yhPArKE zy=53Oh4@Lsmo+&gD>np1hjHv;3uJNeB=unW_#i^+hk5=<<^h8N4UQm(yOh>0O%m~~ zgF=ht3X?qhJqQt(;(3V4*spe$1Ki)g%#e{$Ny@C6N%TDmFYJCu!`?#0ObszG$&H4K zEalYOOvFfj^KOo2l%AC1^s1Xc2~< zXwpjQa21pe`pkNV)@_L%cs?2grXIVIlw*H3AMaX~{ZX&ZJpJ!kif*BTJ1oEqFxHy8^ zbl8>~I-bm5VH-Ye%`IN0D`eU`YrXtEcpQVSI6hwA8Lt95;>oV0#>Wsq5|41h;~5kb z6oXf}B9rcH@#B}DhB+zLmyS#v7W6fbgv=KSxyLrf@%IcO)>qZ}p1I;HafmJ01OrJ+HV;OEEkK!-btta09i9Lb)6{|+ac90^VRuw zxgogtExxtS7VhH(!pa$bA5gMMXZ}QmJj3{n^BzDxK~p-G5O6#h!Vg`NOetz>fKpw; zG@+a_Y5vzO?XB=0P!KZ9@AHEkdjesnn=*1sbT%FySJYVU!1)SV4#5H##vdNy)n|5O zMtk&$`YGTYpRlTO8+9>x%FjT-Ks`IU`3Gh%P0ceWHq!>a&GRsN7qnnl>QJuZ+g2Ap z$fr*i;YQ+3HYtwJvf}on`u3z|Q5i1XiYMFfJh*_ZBiCE4gCFQK94MbQC+)|B4ns;6 ziES@=wR$r-2iChUf2Z8hp&{R9uqFGRFE1$zDhm(314+dkDzfm^;oOXG*VWxqJjZda zU!H$l5JiuOk6tp@_%jIxSdbdXwd#Gz(i9ik$6px+Dxm;IZ{!bfu1~Lni43WPqgifO zq-tUx;gYT}AHv)YXc!HheYFq@GDwm-A2I0wbJFke_)e(X3^2Ze!EB{A>`-IGG`qwM zQ4ETRMFLZMprG(cM03n}j8f=fSR}C5M<}QR<1QACpq01zbo!3_64Hgia+qOQsX>B4 z96~|aLTKA&l(3BT8X|tA<9&KKzLiApoI95&8Ucq}eE~|9#n9N^)y~*&-+PIBNI>J^ z`>!67B!2jP2EpO{K%+v%#&)NA0}oUvDD?HeazU35LDKgo@jG>WW1dxb$|vY(LeZch zo)g4$>g$r38ct;n$FNy_X7K;2FTRE1A0Q~4{`up>4X~FWA$Ud3ut0_(6x|uW?;sq>`JvE69plV(5r1JKWjtdk!3r6+8DYjzS+#!iyJq5l=88wx__6qrDuEUt;luR|gMxBPg1vyf z{rW*h6^0^8iY1A+>sGtGR(|Vxl|0jLib)I+{caLsVd(SaetPdH-a1 zXHW{Cp%e73!qQW71nzdU;E#fo!y`3NsU;4#Ab2BAm}CYfN>5Cq`W86CxD z|3Rw5oWcFI$C_YlW<()62p@JvP1BXlsffr>P2xvs<`}Dr010AJPYXRPZ)dhPTyQqq zD+tTqW@NjjkHUu}DbF<0e@(1y5CbcQ=%Z2q%Lpoi5N9@AFQlA)Cn<<-ghfVmcj(_4 z+Q*iYY*${yP%43WFqpLu4r&q#b_w47ITTAGVSt79ldkSKG+pPfz9OTU3So#!$Ieg` z$Cv?1)RpQOgYjUj?{^tuC=!x1Ga`sAqHViMAA#$g{_P>8T0hmBv7TEMdK+0BazIfXOr_)C8myY@)`7cwj%_(8Z5?o zV%3vjW2b36dy*`%kh0ohf>r#~P{gH4Q-oAI7@)G8<+p%aT_BleiGSkIZ2Axsn<)f? zBoRTeZk&*V3zmPSkyAmr2h1~rmzXi;33mB1aJ>+A>loPW;dP45K_ub(>**9oV;$>A zK9xR5{QezNMuiB9xb^}G7i0I3pvbTVVO9c}oB&rBL`8&JY>LVX9(VC9EDsXfz}ap_ z1e^SIvOZ*_$Mh_3@Aw{Pj6Vhb?&We38kn8<=tL@;4#z4@Ce+U64WYuNlFIuEh&dfx zZ41m=qGMYQ3D{Of62l2GVd@`E!TzLo;zU!-haN|j@g<6g*suYIgbWX*M^bY(h*x({ zPG2Xk5<`)puT}6x5RA8Lvz7ac$zT&4g98C!&LH}C2rR59iAgh2u;A~mmOM}oZ=^pfC7pIJzM&I{)7UN9mheLd~|Ns?|7=q z;e$|Bq(qor@BC!@7yPf;;~NMf_P3H8x|A38O5$HZ;AD(UM)78cmfMN6t=I(|Q!F@e zio`pHAn=|glC{#)j%5Nx6IMDG*N10f=FsXrT~PsO5bWy=NCkgj+02uL;_#g+G@(Lv z`zG}vgS+NP$ehLu6vJ%IZlHYC`+iq1AKdc)6y^B=-O)DH`=tYzIwF=vQ0y5J80Fv< zUJjZ*KXtB2?S2TvqhGm|l!}$X%f)Mt6 zOL_s;9FZZBNqCzcUiz#ETG}o-5IR!vdU|IyEiOUEgf$ShmVsXEEi`2)(cJrOc&HpW z;`0;Y2W@py8n)h%Qi!BqraHE$L?x53^b#nObRv4-k1t`3-w}WxIMMLoWip*?n`$vE|GWrw@Ln%T{<%uF}7BevR6Y*fjX`yWicl~iW_cTkbHuexn#$@>V zI<8;0#n1=JiyOpJ7c!XrQ|uB-fY1jiIZW^-tgo7oYyr_90yiKul3W&9T)JB?a)1W6 zm;a>9X>rcgwS493e?BQR7;@;tUNc4tx;q8vuuF+whNTh!v}1AaT*pgqZ=FxXhy zH%Jb!VM!!)4B?oy&&nYvj3&p`1HT^v3k^q7{QS9leEzCh{eaNMj)Of;QRrX_@p==I z%D{*DZ_vQ;Df!^&AG~mA1?fZqTD=LzrWEu=dg9kzf&fwdykx^d087LAk(J; z6yHFa$jUIBCBhXSG8FV&CiNDjxE$ls|0fq5@89gt>iN3xz`A^Cdu8p|xa$RHdDnLg33 z{}|zx&e9r}Ez*CiDG$+>-s;bseamnY)PD_wtr0>C>_0|F3AP5a`m;XWhKUaJKXwr~ zUJiosAM=&^0rJ@6{EN0QE#iNpdgwb?{x_EBR-8~*dzH4r=rP$Y@z#IrD?Il96P^KR zvt<3xvye|`0v;Y7+*bw({q919f%O%`Hyj@1G4wn~lZjpLe?!g^eVu`9a1{69e?8hx z|Jy>>^3&maha=L}06?SO!o}|yQqRWW>nu4;!6x3YR%7o`bS@T*RTAu`kLEu;A0&IX z93CDPDGNTC%B8a0vVRIi4#yx;(~ct+7gO$E;LN>t*fQIug?D{|`WmKnc;EY9p1NFq zZrvjt?$MiXw9;2}Jk+zNs@BW^y|RDBzaG9X7 zEi>9 zhMHoFG*pps!suDaoo-WfYesAf_EV7C_;&Em;=9F2MZQzm-jaapvS-ph7KVC-<|csw zx6bQhZhZZHXk2|e!5hbQF%=NVU;~E132ORUE|InL?4s=5=bd4#K5)$EQZrB4Dgp2noLpf!3I|!F)k=~%&ZS#xRV5wCtA5zGd6lFVYzo~LNlj3J6 zea>jlonoamKL}@St-6%8HJZHX7KAxZG4WzQ@KR|sJw9w68ybRMJrfsRjahAm(kg*U z-|j(IY3^oDnm^QKXY=yXN@ySawo{{l&{$no%FV}Y^zk-$NtN+&s+xFOzv}XMq%1EV z-s!p9JMp-|Zyz41YI4@F4{-6!9=ZyxJy?Wq;DP?t&zIH7MP;$S#Wtz~;2eExiK(yr zoWFk^_dY3APFtJ=)He(UkE&Y9?Nv|JutnQ!<_vC3{;}S8dpD&7@J~4m2=>zc=I*}i zc%+&?!Qe8Qk19I$uLK@q1V{=UO=hCuSq zY&OddsZv|EV7-~j-{};%g%ZRwlkxj&=Cwk(bjSX3tcT{b7lRATDU}DfLN4R|_S9iP zfVZQ8)#~y*sd*M18|mMq-B}T~`{I~m>`Y96`*s^2$n8vXzRg_p@g*Nx6}-IIrq$J1 zxaXJWX7l2=UV;1R9|7I?1?CJ?`mwgS?Y>L2RlEKW4&KJ4iltE_UDj6_7=PuS(M`2o zS<6?n#ZAX}x7S9uyThdWxvGtFDkifzi$ zsYs{&MK`ghI;#UmUtKt>bo|i3I*6ZbCs44Kjd%07C1?J0O`*G{WXCa>i1gd?Ye{ zG_ajK^I}o|%| z%@J8SH~fj~ULS;jx^?VsDNvX$J9^7VmEjF(*lN@*6Z?{n{i_8|#GLg}i_b_BP z=3k=&ZHqatW}__y*z9#ct2xULb*@V~rml|=V!7_r8?8vnW`C-+5%ea!%f%u%YfTrk ziWgSA^vge}OWqk=PWJWd1Yb`aJ3Bj|JVa(bio3prQPv`mDi)>oLh2|}x7-4#Eer&Z zp$*Zd8!u;7XE4;sE@2D?`WuKyTs%gFCp<$sbmGbuTZeU4IT-hvMI=Pk;&$pEb1juy zjMb1g+F4Mc;y>$17ZTjoeUK>Rhtm)@uB+u@R6SuzGaX@m=!)7@cTm9Nv z7&`6T!zRFivZvlG{j|!w!Igo1=dJS5N~@(BK&)Rg3BQnu`9V`9A92vO;N2iLx|=Qf zu!PNV`C_nC?Ce=?H7#>;Uvpt0@^#ko51Z~<^ow2oa+h1V{UR2%$7TvU*JzfTceymm zkw^H0Q_IH3`nQy7fBL5PTajlPVV8b-P%uveRXAKrR(EUL)6#GZe1j~2pqxUQ8%w=L$n?Y{1kPcypI5REbs?#_`5!MTJs@Rw6oYLHo<|PH^Q;y}oS*{P(8h`OcS{SR53Rl19yU<4gGr z99^$|wE0s$#irAvua?HB$Y(QctG`O;;G)}I3-1-;Q|B$#R9&YuUDQW4ls%jpm9N*e zr8X~>ET+k`&f49^?zZI|x@%oZmEVu$3Lib%fU7Nu6-_%Qr#6;1&s?uDPbeX7awz(p zH+Ba%uk~;Ar_Gk;(H@;oi`vSSO*smYtrzNEb8p7Meyc8HEdk*^{#`jpvz6}k!jV_} zHd{RFWLVyh^FKg$6ZjO+2pnr%#O`mw#;%mq`iI#WoHM;x5gAakt zU(-wvYTeszJe81)z)#!YYg1b+yw9yGJ>Y1;Td%+WGieY1BQyAAn@&DH-n6O5nZv}P zy$*uxlN0`@p5sKNTU|pGEfm!4a@gH^mVyaJ- zBv*~PUsFD-Ni-U@y8?HN)J=OCks52x^Ud$w?Vnr<75<+HP)!&Op9rOA2d={;SC6_& zbZ#N*VD!ZQXu4>fnoZG{SD`IfU3|{O)KQoJvV2>lCI+N0o{w?R(j@FS63~ml zb6j7C`TtAyrT=*eY^JkO`d_kt81j`saEotgvHmaphC%tq`1LEoaT5PG?cgN-;@=ZU z9IE60O)|E6ME=qKmr?Q2qx{lN#dH^);nZ z(eLA#eEKAxbq@NUVDJQd(%_kV4uiSK(` z+0}X0GoV}!*zDK@e!hQ6u{OM4&lwE|-tLcE(7ytrfwfgryVu+B+HZIBBj22PR_=Pp zXWqU$ZX@{9?Gs;pqWN}yeQ)@B@mS0iDVM77z8vLxz1)G!d~r0bt1fq!_qrW5k$W6! zwCXlH{_+Sa&++q5iW8Ua;ByF9JCYc0z1@)I+VbUJ^Dg5}^tCr-Mo&l%RT<>&cq|kj` z*1>sSYOwZvePO&6{(U;_&}5JuP;a*0lDpnAZI$D6dH|SwqE+1^P2^F2JQNKV@ZlrU zb>7ru=5_mpS{t?>Tljf=@0xy7-L}DhG+T;h%k~-mw|Dd1bfsGfb@rkBl3RZ+Y_95N zpF~&@;n5@4AzVYbca?g0*{ExP?`f-&HD3?RO7MQFMArL&1MV)Zq zS!d}+cm7GV@%{CYoQ!P8?W=zr91h#rM*Hj2^{yO&L{DmW;D>zSV?Y3cDUD{Q#Wsd8 z&ga8<%zSYAxVQWHTkS^qruX&!%;s(F4@( zPtnQMR?~Y(iQbrQ6wI^o9Cdr)8z>!kD^61_d0ILGuEo^!%;Z9O_3y$f6wzKBN;GkW z4mFY+5wEv9;(BlK!hdjii6Ti($$8|d70P#go}nM^DmU9!?(U1zlDzS;)JwFQ6|~6! zavW7#&=C2O>(kb29c!hUGd1$sc~47K{mqYN$C@6ZV$SdOuh2R_SZHh#6VknYdOz$x zdOTim8@)xOH$|?OX!3UgCowb?ZqDjF^W`cx>N>n$oxUdTqE9~@k)Ae5Y;`aiii(OB zbvz;`=gFj#8QgC64l_OIKI!cMOI5z~aaU^%U)4Gl$({8aUoVoJ)>Zi{k7v#%a4Z)9 zv(1|YV|9xbBIz3YO3WLHEf4;M-|m@4d#oO$_Vm3tYxB#aixD-YIhpS=m*p zZ8w!&lc=Yzf~yYo@stBLUPl$WQ&>4$BGJgHl1>tTNR;o5_bwj!jb z#W!WeG_?gEmG81oX0)_K&0>egr#U$$z`G^(cY>79G`F2e=}>jXn`3v{PCPd2?&L-d znIlK>{1XISR{NJT#!4%KMQe)$%8l{d)yAXh$6MnxcHpP_$ST5Jx;`-I5JSCObCA1& zQeL3Sb=H<@*b$&{p)`F8A)5yFer6i}>8khU&y@)B=aSgg1WZ=Z*Hoq9=fr8xz%3Rq zZ)>aDf3?AS7jCb{cvPiQXT3z3`WYSyYG`ES2Mo+=tIK6^&aX|z!$jHzFM=qyBFPTO zpPyTLuj5{0a=QF>85@VscTYQmYr#!-GW05y?2Z>}zO-k>T751vKr7wKVGy|T z;+X81^Yir@@GPe(yQitLa0$aTQMH1Aw>(|L=V3Vl&33O@&3b9wGe6z7EWOFKQy;kSj-X0^@CEQT_Gs$Wy~6F(f$l-9ju$~2 z-AsemK~xEUZH)1=vK3EBg|YRL;UcF?&g{XMZbz!()~hl9s%8zLm=+d>Z#)u(9(ZQi zk?j}i=qM=hDJjkN`;t)YzI#6!y&)xL7 z%6q}F1^*aBQ3&93Z{&V8IT&||em_skSdR<|>0+p`S#PO%7@>t)7Ix!*OxnM(t0&x{ zXC9>AdBua0l7PC_tar~DEyVd5o5gUyo#^KE3gO7-Os#jhWyuHg$S>kCda)}{yE38e zGpkB=Zx%q_WOl%6;x|lC2x@abDP%~2MQx7qk)!d6q-Y2N+t&TNy^e@|hihl6NT#G{ zm^LzcxKrV#ycUd@vQ^&$RpkzW*}^(Xqh43U%S_x$ecDdwnPqxFHk_;X$-;EpxaR-Sy=nX8ou>K@(d**hYc6`$`+ooLrxV|n@^R3`sJw)s1g zW8H6BFsf&8`?Ah3;aFs4e;=n@GRKe6hSP`uyLme)!niBiA0e@8!G;e+Zy*ckOW zo5cZsO9Ov>GjZ%?G3(BR5GX}{l`6BpM;GapV-8PPDu0Xim-Nt(jthJXE%XOyp! zMoAqcV)HapP`{qJm_>s%?S77N&dxV9Gh;);3fY0K6HiA=r&*J6^ZH9Snia)^rLoG) zdhz*I+a-m1R@D5p&*de2tv=FL>sKop+rC~Q?#bGqMGEosefOB1Q@e*O7EYAF@JXZe>+<$!a zHls)IQ9u2}JmFnq;~%*!WTapxHkc}yWO;Hg zc#Nvx?zDhlTt%N0TR&Mx|HK~E%8XIAX167#No8`=Im{Rhn%gzy_quEQWm*_kJE8-D z$M;#5KM3{8gbOYYwCOZl?bMXI<-*bzZ+!B-e>{)K)b2AU38$mOTc1^0kxc9A@2ph! zva#EwB%7gmzRWTGqeM%ro1SFJ5&e2BipU252_>-n9z{VWA# zMS*#}0cW?Or|ZJ`eo4g&T`NL!z99Xj`migGn5&$ed}GIrBN|X`$D{e#)cP!I(pKXH zO1iGYp?}(=PjWW;27PN!KZ(PuuM?`fesJ;OVE$O8{lwM^uGliH1lQP*-tZoNKHC6B zCVRFhp|}E5R9Z={4$s}_Z-}I>uJNP?b%c%i=Z)vN1)`=^w8=^C9@+RL@qK@Xpf6!` zhw@C!-?_GLN8R{rPh}-?^Cy0%6rDeMsK7k*&^u_U8Z>?RomOQHl`Vef8?S{KHZJbl zU#Y=R_;2o2r(}6=RoIsrmMe9XS(EGx3|)_$$|~CZ);VW=s>`my->%@srT4(ZNr#3e z4sWaZY_MrYCMF8!VCHWLz1>sXkX4ZR}?jC%^H9gke`(i|itBadGjd$BPO&JUhddNjbUb6qLZ;05sT9(%eo`w8EXQL*`gOdEM`d%;{qJMFf6=CQhm;6;m;hfqv~m1R=iq zfR3qZ|MU{T|N0>S79zlkOsHQfmaK&KHLiaFfS~haR;racUZ3qm2>&x$k*!?v-_|_~ z?H-TO_+%jea~PuUquk$>fJowo$4=(q@Bch~L+W~LRKf@-5w-I8kolyhcsEdD+r#k9 zG^s=nGR!!MI8`WYY0Gi{uTMjgFP}k3X_6~RF+^_`s#ebW*Cj-eQ5r0>TY}Y?e!C9s za-446&p%#~vu&yT$mQ&Pf~&n_aJCvSt9S zpWhp$3R6u=LTVvT7I^AJhcD6y)x zI{Zy{FEko88eHF6jrs4hUoVj&pG<{rr+2=GFA_$qL;!%h+`?4E*Pl#w-4+m`so0Rs zHCuDjsju60px5p;+x*=jYI7)gRq){lwiQg;OsQXi@(LUpJGKlot=sp!F!14Ys5V~# z3yYK6!^!ygcn60~SI#Xs4jruFI&AeanEl#KQ^!ZaYB^tl8nJ$o4Bd_Y5 zBUgDnq3`dyvx#yoavS<|pd#*`YxZY+#g-{!=s@++>#E9}J_89UDU0p(ccF>lX)^d$ z9wB@(E|*bsywVsejDz1_#_u?}L2ai^Mk>X z8fpx;t0;A{bp&g&p{Lln><7q>zE8OirPeGrBkGnt%N;*Hi9NtCw;V^-G#D+`|_g|f&Iaduy9&;tz$PEmBRA#Do=r=q&&-= zq}F-4Sf>zG&(tgBeCX&H7`V2@mfw%f1K@)^psBUFXdZED&bgIX>u~q^*dJ`oJUy?n zc`7$==IRA~^nYssgyk&cl(=Qcx}srt9xDt6 zjg59BHus_DBM|>h_=c~J&0;oHtXSB{Q$u0x!}br|EAn7|p10@i=-;8xi&n?kNu})y z+!0Hp%pZwfBa+w)Gh-MbVKT(w(mDmFI1RHGckSY(`5wK&9%{EvgnO)Qh<+(_d3&LC zPGKpGV*AB}FkPo@OOMPfcIQ=xHyg66lj3mb>vs@pKo{-F2h1jx^(MgW!$YlH&_rgL zmze$s4`d-7@0K02I5|1lOKg66h_H6Kc=yqI;em74n4kDz@=oiYCiO*7%V>WD-O~pC z2}}$gHU7cPmsgxkxVpi5de!pI0}qJxE3<)KPs}Qh!=3DiIW;wgf!{u#Zj~g?(gY1W zj@|2JiPp9_n%~*>^hOS0(pL4Uf!gZ)2DlK`MJJi$hMths`V^WvAGw)EfvU;DFwwob z2hAKUt;}vCS~VtILd6isAzbw@ueEk2FE2-FnVI-|hr9c;ZEdRK5YIFh)X)2EB$Zzx z=umn@Z}CWZW|6<3zUZ_XZ|{$rXf?{CMH3-1OxVR|iU+E#LGIbrm9&)9z`CkTE|EcUzJ-CzxCV+H!WSQG4^>_O5^CC+V8F)v`+%Ljj}& z0hD9(MspBLN5SfPGqnyKK?}Jn)=hDpfOMm8zo9^J&#fj0gv|&|$7zBNhrybD{Sma? zRWNJ#9a3X-zLX@-+MH)SA(ArN&|B1Ai}&+;UR?R>U}F~u;b_#U-IG#kbkF*jq(0=n z#hg{^!NTQ5A%=4u%eK>FM`B33{7#(K|6%VP!!zl+zRx(Fq?2@#4m$4Gwr$(CZQC|F zwr$(CZQFD9b=}W9@8Eck`7obmo{x2$XYH!mwfC;Ie(S&1{;gIn3-;V_%4oUXtlJml zxP8JT(FWeU-dqDdDdRRoN=z*5TAt+iIz*~pBs%-f==~?EuM3JKGh02u#j+>6M!45r z&ff_Ro5RVRCvN=3Sa}g1dmm|Vc`R=GeRV|N>$$C#_E#z;r3VAp^-(Z)Z_~L|0~E%S zxy9U@x>wzc7KRBuu#u`C<0Q&RXyC8_3mUXJ6|d5715`gvPL(&~VID{<&qvJ0S}D3d zx43?a`Nf_*HtZE@ZZ9p85#$5nBn#!FDJ!Xwqr?>8eU4Sr8RwFtofJ>|w&YPn`FCCe zvk~(^@YE4GcgpuM2UC)^%_N5{cr|BB{o;ba+n?CK6c4R`Wzzt^TC;dMn1=gfE0s|v zejYTbdI(ZTMnBT-q!HW%(2XP*DLz{rGn~Y!q@a12Tr*}(ntuVy?8*iDCCKuBQ+dod z-n;0q+36*u7tR&u-dOb++uY=u+q7&Bl0-#CRqiD?8NG7Hca6kI?`&=8G4Jg*!uK8n z!j_umj2(_Z-zSEw;%;F6T~%DEX-wYLLEq+yL-cZUxSn~|iQ6vjY~;b0ruFCPqR!>$ zQ=EG1{VfS4=L$Xu=yTlb^@P}vo5}EHy-nM)ckly!Ek&C0?#?b++ob?FjinCfh^Me4 zs98BC0oKu>M*xxoOK0qag_8HR$mul_ePl@e;4N@z*=k(Hi{Lnw=lb+sx=zY(W8C)w zcJ;o;+=#xzIiPUgpeVpfjRQl+?W(aM@c`5W<6l>blojM1A4%|~F)M;{g;@lub+RzV zIK^^$93l9{sB*)Wob7e6=4wL2n*;fCJ8qH4fY7yGu+{pSA z=B?{~-HDMFpO9@oF6%zZPr`(0ocLK9US+my2ZEz)p(een#Ckamdkd!}D>gF|5y$Dn zEg-k+v0VR7)3Okg!aImOgst_omQy)kw%QH?@!2;SS4iSBPgs`r7!R@9Y z5oitN6FtKGvy3e>;Kl1M!>|E`SQ~Bb2yzf1Pwx*!G71+u2(eT~v&+qHjs6hXh0s+~w0dOK1lCwl~YVn!0PvyOTVZPhj7C=|ZwrDRVImjxSo%hPlPRvpFy z6J5D-Rjn_}A-cNzjhHdaAq6V6Bsj;}k_Zy9pG8C)G-%t}!kvMg6bklv>(xkz>!bwGQ|QsA{7W6=DE*+F(4U7<$EQIpHWezw8gPSgKv{HIy?P*ENF1P!SYlX3|iakKSTYLGazn)h~(qs9|gn_L@yp~+`nVX65PNwQ*U$QF4I!iHvN!sdo)}XcVV9gMV zP4@n_pE?f(i9r+kn)3zh8{LX5M9fcJroB{T`POEsBUbOoN9;D8gRDpm;y1skNI@m^ zTD3W6ubH>7vnOv)Y=%c^nME{V>k)~IZ`h1OQ z3{)C`xZ~^Ng?ea#!K4Tw!~v7wV1Xysl(xFK_XGj)*`j0peS_Rx05eX}n*}`G{y}Bh z^6OH3t4C>Y4}!ht_7yZSe`pr8UoA43}Ux5Z&;6noi`tjuJ{PaX4Tv$tFWMpOK zxiznCT`|x(gk}r-ltGe5xj-XcQ#OINXrl(NlPoG@g~uNQ%^alW&?fwGG2j_Z;`Uk31IMmiv6nn+>}+KjP7UqSESS5JYgnSm+dCl z=+lOa5*lqCJkA6td6Kw*F zRM|8w86Oze50Hk7BMK9yU5u&|s->K}*QvCf_u@E$k27QrxMr9_eSvOF3blzl7>!Fj z#*$HI!rsB}pVDaD-YR#7bY?<4ZgF|tmI@7Kzrqqe zO-W4n8Yln{pn6fPOQ27OUe5zY_G8=mLyzj6?&=&?#i2dgVZIVdVDif=>tV^?!XEn~ z%M&HY>ddTs&g1_99p*cLrnBK_tgilXP|@26B1_A%!qUd3PM;nI4V@xyNmQpo(63wI z$7iHjJ1pMG;;}y{%?$prLchLlK ziUwH*#+&O-OJ~Iqjle4fSF4wRy+-w4W?S>L9m=^#vjWuD*w5ZXLn5~J^svOXW(9AT zu-~~rT;rCF%~!7393Pvo^9-E z^N*YHEWz^hRsjP9DzOj|@n)*wu-LYT4H}-RRs$+V5!4%;L&*q0P5~r7UDVVxe)LT{ z1`~F>-Hd=;QJ|I5InU=5o2#(Wp$S8M4bRm0Tv#BNt9m3gux$_;J$k=Xz-8YGnkKP?71X z;Uc6Qh# zw-f%6?N_pbpCLn#5e9MTl5}%pbEERcu86|=on_7f99SB}wKr9Ddt_&Gf+}dCK@tm# z@T~GpWHZRn+M2q>GHJIl+Hk1r%1cZtpMjB)&>GA`+!^p>3SrBQ8ltJ5=imyrXtuD+ z9OXA)MQYYwtpF~Wy$b+u!w4p;^`AXlQ8Y z;^Lz9ia-NYy4cb(N|u<*?#5uNFBMlw_BaD+BXf#9A)fp3qls}Ip4-um`lSw;6qo{@ z&y{ZZI(6Q?FYYHJ)OV-M^H&==lh2!nuO8Eki^GOm8>%n&XtEB&T~+35Yz*G;M~S%+ z#ofYwaFrJd9<6(C_bt#}@C#ufv-}`97!7B$y#n;~Y|lI9@sn_N&RQi(sH$B!ARb&e zTh8G_s2;AKgwb4X+>^3pI1IoZDJY-s1Sgd2YL>l)a{YyQBkPGTEFH(;SvW0>3mp%R zDul<+)%HQQRyhtOrCstGIf?W zVD~)+*S?Yldq@$jTuSXw+{>8sbZ4EUWmQJQw`h+f=Zg?*F9sKNuHdTKUReZ1yidc+Q=dAQVL!8y}1H)G4IkWn4qlQTU2H-qnSTNL`pS2 zpHwOcEIm`mCycx5aLO?)<}63Ho^=SmBUM?XQP5&kAM%BEfy1LLw^pru9XS~Fp}5*6 zF3A6|&n2!p+OgRmD9mV^b8T$nv&V;XamsS0*&kKHmKK+mHoxs0`ZYBP*Mm%1;Uw=J zPOivS_!IpOqEb9&9w^35pR;OXNf(4Di=R;SXvvGzm(KCUnz$fQq;thdKw@dtRX;G{ zAKH55^S86i5Y%O9u}fjUKaczZ!H`Eg$Yysh|A>)4@=CQ>cVsgU(y&KKWQR3Qb$ z!f(E0v~V~@1#SXia{WnlV%)&Y0f{>~RD6+vWl0@0I24#^3w3K@zTbyEihQK*gu@Ms zW5xVG@Y|LSZ@`udx6QB9UM&)_>ykNB*ZEp=-J2a?eo)j8s=D^4GnpkQbLIavfE&*E zp8;Ik=d(_}dsmcQ7KS?u0~gn`%pc{e7vVp3i7@gwS~uwQJ^Rt}z)fzX9*NCSi5>JB zpL$PEZn*ai zbD(`$mNnbEYx^jmAwcy4{ zygQCy?tX1Mb8ECV)7`M%>zn}EB<9y9A7iezIh_SPWw3X!v#YgKcokUz@VYFOXup{@ z>4^)UNmLHDA%!;g&~(SS#Y${Q9KD8e#Gn5YuCtymo=7fR%#+B)=sxW8*BpJvhFBEA;3zwP*Lq^wx|8vwS{rr5k)I1Fn>+ zaQsdFp5p-xB`tv5g!yzNqSA4JB9Ch|b=+5>Jk@AO0OpB-n&M^Z_Xa37)Ux;bb!k+I zz0n7b!#;W%*^e|*Bz5N7)foKJr8NjthPxYa#Q$tA$C^Cqo6sN!jMtCC$IKi!j}WkY z+J5yX*awNf#IH^Qh6RN*$f{$_tFHem%6U8Kr2dT*&vJ!`e8#d zQR&$i*UUeeruyC3N-8FwNE4#xQ9NfQel>Sdg}srI6nCTiFX>wX7P`p1AmPrl`+7!s z6OXXSe<4|)D9^{D2+=THJE1n^eExV@boZ9Nntr_-X}n(f920$-_P?ypM$8w5>qU&qki_2I^_#3itkb*y#JtxtBdrm8EW8$7Ee9kdO>%!->GX zOn^8FyS^9%B>e<5uFX7B!5a$fSpw?2qzeAEDc1Ug%ShUCzTGna(wv_yyhGc3Sm)Bp z5ZxKd1B(X;ml4g-S8|e531P9g-p)KvIyzGt5S>|bW7)r&WjG!+Za}VXhkvKl+p|Rr zGf2}9dLRf@Eso?xu*d9re|F7Dhq8A-`QJ$&b%!z4(TtP=<5VAQy3jDENfPNNE?q;h zG5#SD7_X6?XhU`&$lDz%j||EaFB@=5B8n3P3RxF_VenV{4Ij7xhu*V0h>9B~c z&3mst-!X)mepgJC^4t15GcA|k^UAk1CCgKDvt53C@k` z%i4GYyOp5u7RzHt>RB{lys*Rh;k${W{-*L99~!fj#g`#x<5C6k@$$sxJnEzONy~+q zo{*TsFd_E|7I^BkMT+!w7It;Mavvks~^^t~8vENPL-uxyj6v+wgkipjdK%2{@B)!)@%e}MrK_&TUb z@YwpjGjx;3Tnc}?CrSLAsvL?tmWSz6g11qz0|wO+Gvmc&VW_zvPBJ=tsH^==4@0NT z5Ag<%YU9|mL>?B9yV?+WuD*v8pn=HwW%-)I`1ve0AE)rcS?@K4k{09ziQ;f9VpY z7Y0Zyj^uo{@|TsIdQ;C_(xq4BsP=7L_#U@2cV4>};e?zM_}@S_nV>~)yB{BI3KK0h z(-Y>D)zE#`RsHk)M0O?A-9M z7E<9)^<~B;3R70H^M2vB7%Aeaqqn?I@>7&RT@K~O%{!OoB%>aadTGap`{#p1(ef`T z`s)|bV_n@`Q7~BV~vwLS#zF z{e-dgVAl7K8I*3LgKxoc+oIw_e6xsNW~RDm>u9_+yRGBPtVsT01Mp1NaWV&0BF=&G#gW>a~eXBA@HK89O-jAw04jjHz#V(q`S zL4!(@pb;;vIowC5-@fb_$BB6kw&(7z z)j0<<)9O<Y>2Yrjx7)SZf?31tQ0ic)kWtu8zu(kV!FQh3+Lz0`6lZvvC{jz?c#u0=0 z7p=PsMwj>EZ@gYgsY5f!;j}5_qoPs>0!5k{DowY>g1Z}v*=1vpyiScj?!S+H;t8y* zM6e}HK@h%JIDzY@j?IGeItg`(OihESQzokr^N3GXuM@@MroV{qCr?o;V=B+k;TV2< zmdKhX4W*;2t??%^bmo~j@$Ks3p8USM3*RY*Pe=$(IWazdz4(nvkc%Td)m|#Jsl z>iNwu{A#o1V6jd9}36 zxUeDF;2`M2;?(X{u3Z}vRP`q{E*J(5O?d)7bjdI<#{(j@(M9$n$b z6P?4$&gY4$WIpURF!WbSfw}c3+}cO#7*q5!PoXKtz){(f?)JooyEDoavEJRUxzpa( zHeuz>c5ecfT@R7{z*%qEul4X2v^3NgGbPmDTy>Rph;rc5jQt9q!rjJnOR6l<{dwgxor98Le-Ml)Q%P!pCKXj?K6A(6`^^*li*#fsghzB1(a>WXW ztSmW?C+=)_Z=ivB2c>PUmnD?WsJ=!3uOXYJt}_y0O{AeSsP$ObpuOz=WF6AL zV2km9d=8Vrr2kQ!)Ou*mmf!Bxd^#rhHJNv#r8vaf9$OzSAD78>}Jshzljt+t;ZKPWz?3K}({4 zjLpNAh{3n}_jJI(jh9r`ChN zo{A7)SryJQGJ%5nj}D;~T+T29q)=CBJT=WUR4~uzIy$pPH@C>#RO+`JT#ro;Wi!!E zPFQJeaGq(h6l4$#d#Asohx<(sq~pP)u-4a8?~jAYmF3!{E(I^I4unJ`j#j74$#q@`%EE+0Xw5gtle3Ima^aa!Rg&byml z(QwOxt5Zt*z6vM+5Uh-D2NspJ?8Dvm`)MRl8|d(olcs_g|0oipseeksD5>Tw2Qt`= zaS<5RQn?C=)s>}5oOpMX>f9wO%7~@@gv%=IYJP8rb&p-i)Te2_4Bo9|H3&~J4f%x^ zzhDvp_<;zQifn#nc6xF4M<`=C+d~GMc~U;Nhh;^J)>bFg{tgiXPhHqYIb{oQ+y<`R zWsL6T9&lQPvc~f9>6fK6JNcY13(AmG|G>L`9oy>i^76xan6t;C-k8Gkv+3DR*C*S- zP<~g`m6|_%mcAs~Z&x*3M;?pK8k}`#mkdykCTozS`!=p4dt&=Jt2NMFg28gEGS2hX zTlkp`q;z$Uqe(Eg6cs`G#PBhK7S>~ss_OFflV9`T-`dkvn35ZWJKWk`-Hhj64^ch_ zJ)Tt9qQg6U)|Pvl`-RM)GlN^ROKVE@XYmZyVVc98i{UOzjE#-&PUd-hPz((lEU@Y! z{tg_uexdzPfF!L43_9}OWzbEhdemeWl0CN*160(jI z!XJ8haruGtZkcBzhp&YkTriXwYWm$n%#AOHRrSvy-3$2GlvuYHo+tVJ3MDCG<}&x1 zKRxZ3CC(OF4b&@8{DrzJuDr=xUIz|Q1U0W)fhRw(#>f!6GUp6@xIbBtv~#q2PH@&c z*=NaVesfadZZo3}&l@pBRt;o;a7dTfSkg-77D+J98k45fJD+}|*^z=OH8(XqD`mn7 zF1gI9=_kj@0~IeZ!zhXE^sy#n;ot%W_LZ>h4clQ~C%^{I6MOtg+uym*^hs zUJBN2S%ikG-@ktAOjx9cEj2wWjUisDd>nJWrT46Lk(P8#Tr=)DII2yq>)0D;dAD(A zPe^E2>53~!pKO#HPG>xZ<5TtI|C!@v?^E;kBJE7~b<%g8nwAxPa#V}(wDV=Ys8hvi z5)TUOYEGE0q0;t>D)wMi3wpB0!SE#pxrzhY7%D`(&>x~60PNE1c&0bA7*;jXP7l=p zi-awF^G9AbmgQ4)+~535ZE*&Jsor=X&0a3vP6q0w74|ggS0&Ou%}VRD9DEDicm(vJ z7v)JNyIp!Sh1lu-8T#-Re&2j3vv1-Am@HhQLghoPWcxj>B{3WJqh^zv;hn8yLTcLR zqN&DG^E+dc-JoB_{5U2;XQ0MXck?`DV-{jG9X-8m{P<1=CT1kXl|>6%L0RtjIA)=q zKl3wg!F)W-M%Faabu*bJ z-hply${QDrnLn&z%HszadDZp1Y%eURZL@Cn+U-8E@t9|I&{~sm)*4TePf#M_$7JVS z8PbD;hWDS6R-$Kyoi7KYqtP8Z?EX*z?YYtb;V2-fj zUHAOp*_hRxgPg-Z9Uc+_sD&i~w#!XP0P&_}ImYoW{U^B=&_D(`!U}(rFgphFjORMe z8g<;i3SSrT|9EdMuq}?BnjYuQ64(}x(k$N8oG*r2A3?7j?DN02)-?0V zQ7aN3WPf7aUY)Hr!cB}tsFK%FWl@X4LwQ)tSBk?RJ(7YRFq3On+3_AI&Z7J)SO#Q@ zUmbBVVM!W+-0a=w`f|a8m9RE-S`ltu1Z3q#tjBi3TjlfFsQnIJTHJqOce3Yrtp|Yt zgcLA>mTT%-T-r%7q>UA-b?Cqlkk;3ugcO>2<#K8~3N?CC^2i~mUeq6%&|S&Z{?%Ul zKJoqA2a&dv5se%F z=WVe>s{F6w0XGvJ8vh9hB&NEJ|BVMI`5|eW6CIRlw~gCF)J|4?#0{a{6;gd&!z2$kE0g~n7mx`9c$=H-e<|+*USqCaJ4jG8 zuE^w%<&<6$$c+{Ki(m`4Y0r@^+7Uij%SaFpXsqB6$)RtR?ywk{uY%nbK9bmh;;*U~ zu+;Vw<^LsIjRjMDa`KolzUhJegx|{rS>xu`j_v#(WP9XqNnlIJx2Os;QgV{<&bxgh zvjI1f;J?ukz|ElkPsmvU-j)P0+jyz4ZgEReWa6xygMb`g{C$nMQS!d)gR;59lm3t~ z2s5Ap2*>;4|4f|;%}I!Nr->KybnY+Z?b&Hk1*IFM*^gRZAJ@4qDAL&7KV7>ujnrCo zSTCnytKHTpiJ-&R=wEHl7V0b;$f!xe;l#~z2>%`JF4})5ZZ&A!jEG^Dp<9T4tlsfr z+eN7GN|q}m6^2fyyV9C3_c}tpp%9T#!|A-5%&Fo- zeRkRsE_DmIJ||q9g^uSnrV=0~{mM@;*!BFDCEXZ^^hQmL%)!4?Wod7JM0k&VX`|r>jy~v`^iW18y75Mf<&!THI9_*1r`=7-Du~#_aoF99f;3bu3P4c?WLC79^7c{Rv z?)Z|!J4!OVnhApcrd$B*c}F3Ob3n}^?TKLjuds|H{M=vK2JTxl^Sw>|zGgrx zC-KL3<)$ibsI#uiu?TuH>JSW4gujC%geMa3+6#|KSBp0XO(Go)KHWX4M^|OcipSZ% zl_-w&%@0JEE64&9kLf?kwD4Gp`3K;sS6v^)n3oLA%;Up;FVOlI#>KI5$7KfkI1W2Lp-iM>7Y-Ow};!@M0`wwoy=K3H8vDN$!XMo zr||rDkcCGsro>i#x>Jv;mq&CCFNFYHZkVkb1+`X{h#n1DDZ4OSwu{}~)*@9ynmfo)%aBYz?Adn;5`Sax#G3 z(j!b83^q10KnmvgzdJB+YKBitOpsfnZ%GZKACGP{E4f0gk22GitYR%FQauYL|C^b? z16CT@{f5wJ%Q>EbUZA`QrO*HY+uXTcbz5pe{_pL3aDZ(_SMP}HljG>WyEp+oB>X!Q zOOw0bQjt|VJhNB-%{u`E+P}qAkH}1e{O81PU?R(00UaWqxc@Agz`uZzD{Cfp6hFDl zRWkvy7c&&!PUERXir`@kz)SlS2l-j^k?c@n^`AL)1UP+@)y^#D-|GQ>C$RV;)GST^ z&q~1hw>iaKby>^2gekW?-_))yBdJtnPbIl9CeLxO-U=@7*<5KqRrYBnpI*$n1Yyg( zN!6i@l7JEZvmIqDV-RWilE~&__v^3K0Gx_HSq-yBCZK>@XH4T^!~~XEh;#Qu$H0oj zqP*N#yWizzt3vMjQ79CTd$ft{tD#wUN3|Kb!M#SGADbsg35&g5hV8e9)h>O{=Jrz8 z$*i=9m``$lP`Z&%Y@S(;agx`uz9%SdL3=bCKicdx$q1J)ojG zG_bPLYOYXnZ+AC0FE8A!d8y4#HM0JKk>~ed+WF@oXem?Y{Kek#(^Wxov02;e)n@Co zDPIv=FQ3aT^dFcx#!~@iE5goQL-*X^q2#W5OmDaLSU$@##WF|!4+n(){T`#QfV-#J zc*B38{>+<>iHDbL>r!y^bBvcw@vUN6K+l^&_%JYilXMKQ~EaYcpi)q;D5*8RX#^m^Lq=4)$W zL8_F7SWj)<4ZbIi%S83uIQjl1QZnjNIUjtN!xE`Q)b8}N~ zva+1b4;3K@3k!3bSrC*-m*4lNep(+aO~dFW@zDY*h904VR8$oK4N(}-(hG-_SrG@D z-U}O&Unm3P_#6c4bWIn1E^V^e{snRj%mLaAQVrvBOh%+o+Xf_huEanC#1r}DBX2OL z1>4#z=~U@Xi#`d#FT}+_2ZDk0QTW=>>feSUG$u$h+G%B9Wc3>*OL4!u4;4LhN4cx{ zbK(JR!mJ{v0x1Kmu)*f&Z+ zSC^MZ62`yLeP?$%Phqje8?-F8#3LpS&&J(YDwa$3*Ne1`o`EJ|V=% zK(AO{E`uJZ3E4+pRU}u>`6E{K`^;eyk@RW`v+INm?H%(gI?cna zyHAWD;JQdB7Z%^LrxRfx#nk!fC8Fg8rz%7D`CztOkKNA$3E$OcbEwt^gx8*+g7IAYIaw z;PViBB%`-Qq@r!(3~1R zMOK(76{LzfL~_~C5C_dP6H-Kn=}yQO4H;Fwh3yXL5yYA;q+z*2gDVXXoJ1%^!(!T% z+Xk%_EjC=Kw5?$U_PSSF*Au{pTb9%xwMz)x#qjf{-6w6LRx_$}A!jH4|iZcT&XKr9P_Jvo*J4P=!T2sC*o-mq{n zT(Hl75W=lw`XO4&Udv=%pL-DChwY|YaD@fHmZ@;2rbL&ZO~}010NJ30*!tYS$%iq6 zZIk;z;0p1MCe`O3BdKqJ%fP$D|H4AV0sCVRQ>~GC9K#u+=sBN)yoSg0Ta=_@1Sk}U zbT$M2QJr5}TA03sg}>{vj0o1QRuCMOit`k6JCd4DSP_XwBJNsD7Qy6n_i|R2hD=={ zf|~{u)XOfYd+?_a>+vMEc^0v966*@-V0QFhV;6@J*lWQp8g=1vt1Va;J!^`Zib_h9 zl#@t*-N?+W6;P*TrOtS0a1aF<+0e|Ckwn2JrMHkU&L_AgjMRT*_W`VCUkuA^S@(xN zQIIN2=nRC*Ww~39$htmEo(q$~F1?m#i9~KH=QUeh*)oTelr5;O{^D{Z)LuU=kkh%@ z0KCOF^(HXdQE7Rm?%t|7Ko|_w{)6YHsiHghl|(stR_1V-XtRAZs>|GZ7N`z%BJ&{aLh%0*OrED(fqMM zoNY{*4WCvbf6P07Tq^w1uQm8kHe)*halLq}>8%ru+1gydU{k`H(rat#4<(JpV zboQn3h+ny5qoZ-A=`tk!FZiY=c=|;QDmf2aUrmM*7h8y6j{^bGG;_0$=`{0Yb6x+FAkDd76*vM>cps06wB-81MU#l z*z8$FYOJa1FeI=5od#@JdTZ};)jwuTMW$7N>V5KA$ zuhRJ7dN;4I7>85o#8sBXW^8P1)JRCqA2*QHtScN`S{W%JNb8A&5epKj!2DWo(8(nP zcmzN(5&B{V+mV;Ko`g_&l|tu6sl_DpM(RhA@q^*x{XwVVPpPFYg9~cL53Wx*iw4Oq zH|Z0TOO4JAknXVG%K}`?orD^nwOVOj6KQU2twhAUjN*hW(k3s|@H)ciLtF;X;(A8n zqX(TU-5*+RYxy{drV9oBexb#-BgJxlN@Nxnnc{vLez*y(oi6aV0rc}3-&5l=J$JIa z84$I@tRc;i>6tBd6sZiM^ph`vhIrZ|GqZgWLuge&Fx*vX4g2AJj)tQkKl_w?$y7vp z+xn*oF_8y$M(wcp9qVkm&ii~QgTsIu@D5vHe~Z;1ZqMqRm<* zLZR38$74QmrmzO99kD{>LUt7#PBU4e(hdk6r0lb8{< zbI?0Rf>yA9{@mZH%HkWVN1+63Y^*by^mw^FsM#B0L`2$g`XQ_sU-csoXQZZFLnk1) zfkvASm(;q-;#VK;d|X(tU}y({NNInzMnh?%RwYY?5<$#J)t)h9T}{PDnyA!b#hJ;8 zx#Pp^qvpoN?VLO9O;z7V_r|#=44>#3 z({GvHWYL2kDa41j-k}Mu*r#MWEvMUyD_WrNGE;n8fs7&7@DRo*BgG0bnClQdoR}l} zD1XJ$wOE;4v^1Pw(9BDTS>zdM|1luwk{q}jvQBxrJwiAzV3-A=x>lZFE&?_Xxc%&c z0f+t;dO z`_p186L$Uj-e6nSYmjME>DAj}mrez*H!4PVgI8vGO1UDjYL`?m2AGh-eA#XRu(}JA z6J;NT$;|2;9l{=cyp=)Y?t0s(P>i3;#4{P$ug@ZTQ*u>Ze&^thbmy}i9J2MquW z?;m4eyW__;nT3>;)YSmD*?%Buh>sYU35gt`hJnPt|6M{<;@`*l*Ayuh@ClIo zfAQy~w`DUoZZ3hZ#?9edu0)7|U1kR<|0cWa6Xhs10Q$17PO$QNJXbX^$X9s}N^|AV zDpRUJXR;_RC?KRPU3E4X&C^b@9;DMMLs3~YEl}GLtN3b5BezUqLIfnIKme?tvKID{ zH;L6e9LxSTHa^{)T5rKNwpZ^tbV}Lc<|hI&vQj{aRzSk>Pcmsxi0|EPw=;B-oHU z7=9tb@NT6*g2d+DCLa7kL;DFRRzM;h7#Il1a0;xdRU_MQBE5CcDbtrsXBr5S*?6qMEZ{R`|%|2CBkw<>J7$9(Rd<3LBV3nE{`@=hEL0ei>@-&Nl!Hb zfB_f@HO<(F-hLMr9^N0L4aWTRG$o%)?TRNdid05sf!NYJwbK_&9#1tcZ0Ww|$P)Pc z3B}EL)gO?|9g2jjU=VX~TW34dP6Q}7$x{6i|1=2BJ>F=oG$0)P>C8xe{>|`juSWsQ zQ?qL={Xoj!IKB3`;#TFhdpI1fMUW3t;0ioUBS*@$5xId-c@6FD91#Txs=GuIWD60B zA4pDSJvX7D+^E4u+G0mT*AHP>6j;pc<47wsujz2Q`tX?>^t%xqiKDB9)kZh3IW5E`rd6g?l^Y3* z3oko7y?@vB@Zd00M>b2c7GG3d@q1r{cT5$yT2 z3A6~f!0`A2>B&J~f!09W>H0>4yR++$h3|oL{?rDvArH;R1Lo2Ji)^w{Wln*vl32#OQd*l9`4DkV zi8=6v^d?Q-+gt(7IMzghU^m_aE^(Va@0l9zW?Lic47dL^#N!iC0daMJ7crrtOCI0{ z(!4(ug;levM1Ycy!Wl`{Oo`H4VE-_V-rYa@zINbg4kiz0AW(RpOKtfCr(DU7h7Wvpe%me0Zx9_F{Z@>K zJ(u)ezE*LkFf3Jqf@JVDwHjy$_a#D^MPw8%ewVn6SMfTvM6%LIt0tvr#F&gK&y4VL z`-kc?o;W#96>7%Nq|QXMDcx3xdxf83ei`OR?A?F zeD?q*6*4+RuzjgFyh-j8&f}FqS>s-ODh{J}|Di-|f`%6xdnRE4e`U18h(l&q2j474 zV2z+usq)sY43oS{g}yB1b_abZZMZzZ$KRjd#>R$^&#$GWg+TmPJjN4|6i@~Ju@aOk zj4ZNiC5=z?xMN8M7WbQ&d^IkJp5RWo&#>>G<4|MXYMmC)nY#d_DQFTV0Uj`Z1VJ~1 zn9bNYo^PTePR>q;pIh$qb#>_*2K*Df?fcAcqfee!?py6IpLe6<{kh;2I^;dZl&Eif z`5u1EBheM%TqP&?{@ImreY3{1Mu^|NLGY96*4kk)*@A;;euT`-qHks7()rpm7_h?- z&=IWR3c;;D+Bre61Xo1U%37}012^V?hU}o%Gvm=NB8qE{fwTgyF-Iwj=zT!Egx#=q z9z1(@D@8h@d`^TbpQs;>q4$zy?YnYSgVN!+i<*I>3x0|kR;&yIWe-I>bGqa7TyManO5?TN1Jyp@ z7N~uvGYc=X7Y$ihO&PAVNxS5tHk{Y{VREYzmssggMgHF}qt5l#bnmS)?}Qkw{Kk(5 zP%Kb5h!)obIya=E;(kJW&pH7~kq!L)>oikcVUJ8p3+=@O-c2X=5>0{`vbt|2!);GO z6=4hnbrS@oTGJ(6SbeX1QdC)yoL?my^7b&y?rSY<4691|xWwZg-{XgnWp`xppw$o2 z0Em{5Z8Xg1NgLi^5PJXA$#IL^9a*@})p(oXY#<$bovq+M)BSj+yU2lo*e^UX_MI-- zxVS_inK(6L?klbedNDPYY zOH&|};bE>wacKd|hsoQK#K)HWiZO|S z0|69|3{8Nn`*YYj{vzNqc}`slJ4?y-!9S^w#tMFq`T?Eb)P^POl?##{T5g+e#D7NY zM4Gcj+Kg1tn?)a7Knb_(v* z3`?MJVP1BL*3f2kl-jHM1DdP(Z=3=GW$L)78xKn5Wc#~`N-j#m|1H-rD9^V^q2t@U zkA0=|>>oFhEj3+MRe9}CsL-+;JVEBHoE0&q%CjC8jy72xvZDTns>Cx7ez zld&sraQ`)xZJg_Qb3F(&{nbj2_a3t6Z1g^{$oB7%jn}PLilHj7jXIp(VUTGB%K|ZH0Snkl`Y97$21f(f=yf63 z4+!tXn2kvaQ*lHbV>+9J=esDMGO)HKyd4ecsF?C8s6DQ-6Y#`4ZmjE@xJ%@5VnG68 zRrO#Wrk~~du^ChMin@!}i&QE?K#iOQ(Z4(xcOyOTtFBJ-{d&w+x1MxG3wtG(1cg-^ z3^2e_hL@EtZL3~Qs$A86&qKC^DV~|fNRY0-lv;OQWh(hq#KqqL2Qp_Ag)l>CWuF;nROGk<)9PM{@AWb!mt}uvrhs0 zQ!#=7bS}rxpXci)MM7^EHgwTAqZO4djCSJOWC%@+L3Hu`bb6{V%#eQnd<(>9o(kqLF2br@T|5!KQ_gojJz?$t#-w~s z5iq-ceuVvXdn#&$Qc^~aZg>4xBj!muUncwW)5i-0aR`f6tM)?*o4SNZQkjWY(_imh zKsEF_#9Z|F{uEckhSP~?bXGEZWtIqn1blaY=@j!d(1w1%{8 ziIJ9n={EYvD$k-Hx5Dr_1B9d7yss^DkG)!I)ZUi#tGsZ7+OCtWQyccpVpFh=a*^hci$J+FWL9xM5XT|?)DDf=(qj*h}`z@ zJ+2-N2{;jsZt^@b6U|b)-{>0Jp1&%_>z_W=JM(B@x|oy^r;?kE&m2-?L_|y>Y6QXd zrwT&X{3wrtNoFuF$rWpCq7R6kX2vt*n3F=Db+jx{k}bfeYf7?$m#c2%rpe_}5D{b0 zhKQ_4vY-Ep2#yL(_lYA#{5)BJ2Kjy4k=I-_-J5n4f^FTe#P$;#SekW<8w^y-_Rn1` z@3q@oln1_HK8++(5l}6-2ww%zb+A!Hu_f?n!$pg=d_xVPm;ev7h7)t;GyHQ10;R-w zO>^0AYuAXeKjmM9{xX3M0-jH&CiBLwU*xCJTY{A2mzFQ{XE9ca zGJ|=EQrs}1r-?oWTkw9Tbv$7j>u6aZhAbfNBV$P6%TZO~WyDeVAfFh&gfRxk0lEv< z?$L?Flu%0BI#tGOns4e!R_SN8-)&NpcJ}x*%a0C^ySXAV z@Fp*tD0=x7-!cfB?;keY&5JNks8z=mky_GQnWT8U@Yqj732~#3BQK?a5CT4l>f>WE zp2@Ol(oSkom-!BHH(Fk5mcVxX3`n4*C&38{0#TlT5dc&BPqPXRzW#So{w>3CeFew$ zmE;c(OI=ei`RMz84x zt-wzH;Tirp=>27$i%YFV}>8 zS{sQt)^4eHOJJ(}`8FFj5y^(>lFATc)=uAI$mdOg{%UDkRTr`yZ@wD1 z`s!7)$=fs%-frkZ4HiZ)^cP9w^B^n|OvBMkbeItPLlupItbr)$CSvGOqH7sF4Mid@ zYO;=&1!BtrflDj4^u8RlH9U*qbPy3Y*W3~7ZYrED;M6b(!BH#Zv{*a3wKe5bNO8T2 z!HpKAE?wAr^Z7OnnPrRhD3yu*52y$bLpwN7M8HOZ@`W@-LIp^Qif}xLX~8N|>z3?) zOND4a2_jnE{D+pluv38-<7m68Hbp)8m`J3^HO&bg=AQ&k^6j1cMOjp!;@yz^7cVkt z=B$S~&(mr;L@{;ea`|vCXVr#|VR6V+m;DSxBk)7(IRghc0V<4jXiS+0H^Y#DH7y#g zVPh!*%!_J5iGfg5n14iGvYR>i6(i*-84Al@CvWNRN@;BG-c(9)v%O2??IygWbHtVQ zVe~1qM+Q|OIU&xkEL)*?#r5Z4dv_6dQ#B$OQE;MmgI`F52-71RhW&Nk05d1&NgU`t z!7SY%qpe8@=5D6ZnY)lC-TJXC5CaylfUTsTB)A)>XdH$2@!+BnU( zuO~>g6lon*XYYVL6j*-4U{3dx!iE33O?{}b)chuAkLA939t}C5a9KCY0x8$Un?)lw zq4wWgzC+me<3(m((s-#{vcq$({oS(v7uYF<_?YcS2ZUE zs!J?i!3In43xjj}t8+K8ls1m1?<28u=c_)hk}x`eE&C)fR%l?a>&JLZ51Iab9($5o zUHFwRjh{rlpom{ny|8=8c^7q>b)!Bb@Q>sYI`U(X{<<8|tAcx4;I60$y{ux(0wvA@ z7O<7LQxZub;e1ev2+gDkpD%9b`H+Hg#QF@0FnKavV*l>6yJOiL|C%EbJHm5!$SZr= zJ10BtXmEPjLD%gy9Irgae%Q)7c6U_cqaxb+cv@a|(21g#sYvSB-L4k_@Pt3r>e`y- zU3!(fb4B~phG+W2QFLlmiBsOFmUlteit*V z)POQAY_%9$v{KW+&Juy^kccGtd#wlwl*wfBXt#HR zf3L6%1~eSc6016%>8)VbXT=)!s~S)(zt8f1dK$k%b4`DPcyvMHJc+IGExp;@xsL1W zVZIr^s;)9pn+EE;|5g5A?8`;+@HW`#$@2HeB$l*RNoN3^U){gjx3rfV=6(A~_VqHw zRm0wh$wOx-GncEay4uH#bG4WyZ}r(aw6ULF;eBye8{G%3IbFiaga zHvh>X?%SK&uIb^rMpJ`r*+dFwWm6jC8*LKQukP98d-FYI6<*=Y-S17Qz*2wO7D?8c zK>B+zkW8>$b2XnT#0c!PvUHJe)O_7v^D6ePmbc&OYUEaaT&Q5ziBJewMPtx1_8Ynq zoFkk(?Em6(@B6z+tfny3MnL^xh~+On_r1T1TNUkk!TZK&SC{(E;q{4wo$`@o5ZUMd zIo;8tBKrl~M({{D^pYgf86!sQU1aJLuXx{m%GIulW58|1m$eCG?8mP?mEzpPI@tT) zt?9OW19rNCU9<~YksxBAsIV=i0zqWz`UhytH#g!gC(s`P+<_RcM?jj<#{#8R%(6gi zTEO~(c1b*M!qH&aL#*m!r=191uh-}EZQZ){jbHj|GeyDy7VwAWyZ&GjZ5j~GHcw|6 z(_GDKO6A?^lAW4g)f_CB-@GO(?_x`K@r2oF7I3C&vhBv&aPTS~^Io|_JL=~vl zygn3=uS)Oz%bohC_sW0Kbl(~4PrN2v2*~F`^)gaIt0K6r;QRo&uvKy;*1*m3a@5~5 zsTCn2gX;~9o?)-Ll^6z^*&cOY7JW!gy9@%w4H%*!}aXOtYm&>6Ckl{&fJhF`l0yWkOmIY$O0@jEvMotvDdh$vF^RWG03qhbl zU?pz!b(b909~qe<5|muO7b1ids?IEj7a7D_{o#Ky)bBF{d-(D|uCBkDS(}^1u>8;cC4`gdv2pTQ1^RTE?B(+SI%YMx@ zw^7fJV1FUv93Q#Ah{BJEi->mLFHj@|OM)6}Oh1wsK0hX=syL+ZJaI6#iJQUF zEGdExX8A$n=DH&A2I)Y|MneLU%Z)&oFWr1^JfoapujT}pgWq}f60c{s` z3DL$GLK;~}Q3&NZNuIarF4Q?V_0dVpp2+Q%}21>NhnrvLZ)UJwM`}jd|e+A{Kep z+;5lqOxa*!I`#2=5-Q>kXPdH%6OB~e=8x~upShynD|+1ax0gQtJ=1s+;?xYP`jg02 zpI$R*=!mha!nUzE3R<+51uP4cEDKn`R_DFTXQXm z-zyNW#Eej%6Yun@5WbBOIIL{T0+t10zycPq#lT5A*D4M=;~CZ-d#fn{pBwYkNU^Ie)J#t;9kFE|M;OdmhcM8-1V-i zemt;HXgfpAEH=vmmIX?(1uS4I$!F)h=;qlx|M`vfhsKW|sQQ;a_4zJBF)eJL{aUKS z9TykZYUn?gZr#Hw2A&=(q)6x1e(^5<@IgNI^~*z29d=9`+NGXTmhIQb^8a|Q$94bs z@7M2-YKEdo>u7uzeRaOTOk$-$@2u{t`nSCL#qYFkmjC^;eXjl6H)1OC7 z>2M7BaEn<(VSx41N2f|XXKvNMB4DPl;+6$03&fNKEMSYN({(PCT|WJF)!+U8;g3H& zx{+j`FlUW6QJC?|_>_MCSa;7G3l`5Al>gz-iQ8CNt-eBv3Tl*n?AV{_e~OTv{%86r zoy31&_OrY1{$$pI1s@N&ZownhjN$NuXNpfBO#A7zNA7rdVb}5F$2Tf#FIIKBbpBha z&EH?Ynz0?H3GKW`SA3VY{shOZV^atA{f|0o#)1XkOr6lY9OftkA)c}QKfc&@;2ULM zAJebNS&T3PBCVKZ0m}jx(*j}FP>NRQ;K7534MLXqk*edX8+uM`7-1d40ET zrCGNi{u-r@ZvL$PP2>Cz&iwAlj%Rp11WB|KCD#IQSqBarIC}JGZZ5tMAA2D&F|l&x z$~9}>IM{_B(cEty!18Wn1QnH#gZ=ZgOWw1fwyJdp+mOJ}!R4ZO}M!kWE zl%@LnwXcKTZwwU~bEn+>Oyf^py+8T0iGTmktB*a)(KkL6dQY5RVSbezJ$UMm-w(}C!}>+dhV_$*JRSP=T_hnV*tTuk z?%liV)Twjbb=Q?H9qv3Qr!A#NKrx6Z)sAuT5?5w>q)7KeAooCldC3HxN4NY z>*F*3@!}0NpS|ZLvG}D4$np>nicqZTbSCk8V)5s57`x4BG(#(P^c=T-^_3sJ^}^8C zhTZhazsK!aGrEq6Mq+E%?(^JGJJRxCa3$v_g|8GvFBo5wiJsV^6czv^RH;&>UAuO% zYY>1L0={O2wjdH^LsqUnRJwBc)>k(HR%B=U@g*WW>;q)u_pMRNxCmsl!mp}+1)nxl z-DMM@|Ek4X(Uxd{tr(XFPz}~hO-=38sgoJi%q>PfNT%}?dsIp_&gcyybKeHS)G$$Pz&3?etqO3d&=nHsezj=y^O`R?mgsxYt^}< z8`w6kJ*v;g_y>HpfA{QG_OE-@x%X%OO&WvY!bbpC(F7=FeP8Ab&JKD!Zobcev81t} z6=+NJT5a2wS))<4+&qsb-|O-Eyk6Pk@p(MnSor7KdVSCw`lA(SOEe9S7TClL^@}H` z4E;f}?Owea6AJ}GajJum#j}1~G=I^e`Cqgt#mKd5rAL3)fxUoQXP6;0iJlp=E`|R`FUq0} zu|Q5vPV}Rk5Z?2iluxYv`RAR1*9#O@AzFd96h;wTmVW$nLfHhbSHb75WWUX;Fpt7~ ze&#LN|IiS6LR;tz&7nV9fwlxUE_^ClV8igMUcGu|R2w^X?4Ut|uDRwKOiMoa;Da+} z%rMWTfD-i9pe?-Bqs`4;F#ge3X77%cya>8O3ntG|9)7Z0MTW6G2KbyjuKWEH5czKY zwoXs|_}0BmW<7s*m#%lszj4O5Z{1`(Sj~%?&K`4b*8)Wa>#SM2z(A}e{FKc4&L;lnI|q9mv)W>(Xz94kV4r2X-n(SzSW8`b^sJ_?yBt+#{*;$*?bxb*{VRrkk~-n1e~BTTK~Spo0|%D;Q?gHP z+2`G31)FphIYN_S2*7Dk8Lfg8_@__zh?7dm_=EgZ%t$_jm66<+fnR^GiMj{|wKm`ef!ki~m!57EOMlZMQ}V z_`h%HU+1kks7dqZ{QTzq@6O$>B~NYo@QFJD$>P@tJxN=@Ff{i|Xa!?|HH$*bE*(F9 zypUp1ggub!)~)N;uOIg07{pgybrptX*g~>z-#(NgzjyE6&ph*tL4bWn-+c28Xsmsb zhE1Z3h}(Qc$@-{kgZJ*5zv#XucvjiRgV*cbx^?S-0Ry5GWg=7kGM-s# zqCGgMN@m6}A4{xMG0a?Ec4m6M99J=1ks(D@>1&&)Lga)b6@Si&lipHg%f&gEoSm5| z$5%||+ae8qQzV+|OyogP#V;$&=D-rUDdcBo`()W!IvKTxC}yH6JX&nNu$qLe1Fj15 zkXR~5fZ`%zP#QUifKqr{qx38z)22;p(xi#Y<#O^Mp7ui(cJvl3$nbEMRg?twPe1*1 z`0(MlxQbTBvtd|bn<qG?jKX`x??2#{fPIU ztmir~f6zVi80-Jmj{CaTU{dz{TPw}%``h~iTQMm!ZA7&RX#*zwHnl+jH;PvqohlWZ zNU*(2@yLEvvdx+>^W90e6e-2DfF79^z*ehPEufnDHsSm4zb{|DJbH<+@@JoYHfPS9 zr=EHWSAviPdT@c)0=CGeEvh7$MY}*;lq7RGUZ>><^7(;6Oj6n%_CVScLs1yGGZ7$) zrCtS>j(*XEByILm70PQ24u}ip4M{~)T?k9z$+*&`4HOMgtZ+tiDS=9$eddz0jYo30 zl8V=!0Z?I6?YxMK?riJ3EcszNvlEMCgUug}2ddrq&Z?Rwq$a86EsG`x{y z7Ll*0*gMR%D|!!+;bV)CX%wrn42V#fO;v4vCZQkk?-Lv4#fV79<~<8k>+;M`)7sG9 z;&u8p{ibzb*&4F~fl(F%rFWjm%lI3bOVnDy^k36wmuAoy?vD5^@MH3XGE zm|B#$2<|PI4Uc_b`#!efm;-kCV+bKe62LZa)U8_={l-iKF7O5mvr=bd0q-BlVeN+g7Fr-SFiZn(9L|q6iXEjL-)K`EJ zg6N`za9PGirjR6+pmS*Il8T%pR7*oD%Be5u^oEvbQb=<|(!}UD-;^8qhAj#zR*;6v zBs&Syz>xSzHxz=^c_u{=!ZI3}P~WTx=P2$0H;xSVA*czp6_+_mdOjqhOITdUQF6s1 z8ITEq`c+|J_w->iS<@F@d9b;eDn8zc{i$N=kMbC!(GqUQP>7ora^V=iJM^hRqY}7D za%7ysuV4g+B^^#plN1F4-*XEZ^KB4$d5uv-Ap&!d%nuFlM^2J-2_(7HfNRD*5N?7b z8^(7u&p^!qhbGm=F`qEm@@L>m-Gau96@o{3~gW)MTnCd7yh z$HH2WoBju5Hw?X@N{Bn-Jh>;b+C4G%R#7OX3!Tm0yltvY63Kuq8hP91#DO?!@MHy zDGGK7+|R!F;){4{ZOoW4_3PI+pA`^;D@LF2FRtm&H$A#CHUsq^`|Y#6Yj4}Oi6DTg zQImwL zjIWIX-${6pLW)bkTcov0Yg=(e#0WhM2p`4G7+GVRf+e9Ddvnd+%%HA)?Xbu29@3ng zOzY}f=gZ|Yjcy4Pud-WnAO>2f0d;${+}=!iSz=%ym00yekX zje!@A1<&*sUwna`Bab}tNZYn;^Yeo~*$C@umA=OMltxn zg-Qbwcth@S>Eh*s9XP2d9HH5B8-jx(H2%X-1w%BrY?H4?H98%H6x-nz@S$i2M^9a7 z;Fqe!0Iq-rIz!Gl;1bd zNe-)0(Q*r+5GMjh5h;W+){C%uf-wi3qe4Qi4==6hP+EoiDoAy7&1X+uKXNW(O|Nc> zft`%!!9eEmVPdL%^D3MrCs$z=s32qItW}Ktt+F#eAjyO6>x|7D(rTtAyKy|8D)Tr! z*!rhSD_E;32j{2={Y}JLRFVJ08^lxd_z8J5Y9QeT8Lvd_q0?$IX%Y%V9Xd= zCl`p3sL+uPX4xn^J+iY>9DyRHV6L)yq)oXVzrbij4k--7u<0f zLNb=TgPjyDuc(hV{@?=h_$xKL@0;6tvZbRNuH1aYAUorTuC@)WfR&@MR8+uLsZu38 z=pJ_bi%CdSgAbh)tPJ$v0&l@0D<>KY2p7X$4V;bUZ(vn~!7T&Nijn)n7!CJf!8c-n z1vo+7DMqT0!~zrrF%5{q1(HK!Db4E<3C-EjW)R9p^%OKtsA9yC6_V75BK+_sW9f}> z8vA0%nF}jW1BC{HGt^UX^90&qV6PC!3qsTkC>EYZYoIUI&Hf8>>Gcf8f-jqiRZ$p^Rp_S?>=T=iKQSB`f`aZV}TB_%j*2`>8?|HoJC zaqrW2vM>8jpYelF&U4BqjxKoeor!bV?cZKm(*?0EOm*7*39ho8#_j0ShRyqH-8H+j z&$v2`(P@L`q`w0lGAe7CZZ{$u4x1bCcH@>UTVjWZ=>jK)*|TS(_lHbEA|II;U+>+! zw{`2*kp){NQCUFv7i_i1b4G~QuU`+K(sbZU+dq3wm>P(NF`6KQ?SXJKYsX_$gs8Td zMdU$M(ooC>AmMX$v@)bYVGt4FrZG+s`%FkSR^-5^&GOL@5uyoY`HUf7K7;h2WU$l% z%1{QEDnJaoQ387}_%M|7Q}cowL3~t|MEl*i4m7gl#JZZ8GZh&ay@|aTX2nEPLTI!G z3e!L;XQWzq`zT4qBO3%UM$|;;Q|M6`lg=YeLh?=7G!9ku=PwB1a6>_NG3O|J^wCFH zEWqkGDiwjM;Pw^Ab5u`^iAijF@2=(L#yvP_==A_EEev^ct|PI@;1~M!eQ`kZx7hWM zy*m2#O|RbB(w(+@WMleNyW0`!P7@p4vElpN0XIK+?Uyf*lT=~Z1p6oZ~T`jlU zGe7pdtt$;~B-MreDGruE??tG6)4w;$16zK5-*uJetY}@8uDde`=~tXYE*TaO++Fb`xd zwcL_kjwPo7V8#-W!fKD=Jo>2?-2 zHV3t=INb4t5Rn*wX8}Q2NdRIvoo+yw78JaQ4mG;9jF6;G72#L$p%PK%`*YT7ALQRS zh5%WvyJfGNrUF-oL#;?<>{3#qx1_Zs*1Svf*7=`FhNs&!kdp*K%en z-?q**bmS85#Ku{>xFSLJ~P{9`bWe=Ce{sc%6=%pOeqxO5utBLW7)tGAG{=SISJt zSxItSQQRS-aXN6;rcRw2{R7&AADPtSsi%PnE+HWWM^jN!vwanRTB$d za3M;cX_D^X=+=(zmc7`TB1sEgA3x# zOoi@!>L%x}`fC1u*7mtux-=V zgc%Zs=NA*grXi*2Bw!_BAwQI4BlL6a=-^6jz zqD9EzceUEZ0Gk2QK#8|)f$RLX`x2E78^X3m<3v}+5q<~xIKn-N+Y2Pkr6OMx;b=&R znTV_2qyPBZ)_uoLpN_kB*t1u5XjLITW^_L%iVhw;c0eq7j`~T!iS104i~W zwPAS#Gb4(`hz*m6+F+XVS2Flo72x>C88Ih&me*$0=f#0 z#@r*%qf+FHBWg!Pgmb9LMHhvSvF+Kj2XC*9(F+7;1UAI^LMzag=aV-6pOHEgUY+kEt_!uIW((3WU)juzM;3wMaXGkkGv=gytG zckjl444XG#eg;|h~+Y4N) zh~Q2F_=f-*gv;4(R@;RIME^nGKtNo;82Sm4IEp0Vh!Dl4wWt=-2XMEI7l)5 zj^|L-Q%BNwuHTZqe^%(WKwOmKh@?R&*o#}KMStm8KmZ$#0=EnRL(%{? zWD2N5#Gr&J4Bkt_EVx(>9XfR2zybI!%q|izFY%Cyh^+IZ<%zyh||IH!h-K}5_q0^0yuNa6?&B>)UZ5n`iNmX;UF z0_Z0qph7*W0h`D{7cz=2lu}kbmIcn21uS4YUzR;5a^ZsjRK`)r6flN-Bn7-7q5+yd zRuiS?LN5JG$ci)kz*vyMX}y+OaIH(0v529^ivOyBd{$*QIRi-%mfys zg&4|83JVD6GRKi4GR+Y)fn_?&0x@a<3)o`d#KG?fxDpZJjG(uXk2nYnniy!3rQ$`h z0QwAqs5~SRlDtR?TGd(>I9m&3W@cKzcD6>mF#N*l0J;qCBkDym1kXhB!f0jH53=0x@TS9Xobdz!pnqEgHWQ4NWYy+0ym=Sisy*%<=P6nF)12_w6aJ11Kn~{&(m6w5U_( zt*ZCbIrrYax5I=MFJ7ETBq}Q_tE#Hv@%XfdP8@dI7afisH}RzZSNiGw2b^}d=M9!^`ukpFQ`0SO0j|4FkHkUZyP`zsHdiy?&$b zIjw8m*S8KE{cfLgre5Ca%>EY?4!ZRGLpQIQ_2#e(Z}+^dFS_TFexWz^KmO*E?|Ayq zZiRS%H}%5fZ^*uR>gB!i)0tq&xi{=}+~@n9J?gmK+n4w`{ekbMUVi)yZ+iP(IAKVi zRUbWe=HH*(;mq+@9@ydg*GC^a=B@qC96MyUj?4e`^r=@q(0k}@Hw@~LiRS+K0q5k3 zclJ7bl=p{|?m26({E9Cp3?2E3chtm}4}E{wLAT64?Aiwh^(;z!^~xQ8yLH~`x!<$x zBYQDHul=Bl&)6!rB2nkn<#pL^`_u=Qtu^%*kDPJl-CrI&{KkP>HJSGG*fEp7*x{7B zt_)TzKI7`Yobrn24H|Xlp}oTIJUDvXv)_-N^h&=?!=6|A`;wB5dunW-B3HVa@1DvOw!?z+{&LEW^%bu9=CS=xy5o=wZXB}bmSwM9 ze(W`G?t8(F$Mns9X2i)8XL~!GdDoS@mz}V-mD;mYR{dJHe)f_B#=Y0?)C+bg@am$` z=&~8F-~Ge~FnnU%L5m+b{nWd^8Z`XYgSKt4_@9rkF1uZH|A^f}+7WdFRiAM-g%0RS%!AeM^+}*e%{S zQ!YH|){@b89Jgb))LnZV`MCGz(f6FNb<@h1#vXUed)`%(U+G=((*8rQ>&O-zvP(|s z$JY)U{fQQ)7x)x38O$cgWvgJGI;7a}U1j(=Jy{zN2^LGl6662POS(s;acxJC_`A&3lK9d+^Xr z>*hUoSFeSG;@H_i4uj`4$= zeY&<|?XRsOt1D5@#I647JOPU3L}Q>n4J0YNtfK~dHrsm zdiiEcpRAvCxPAlcWYzG<`a!zDxhVC_>FYXvznOCSNzd*vb^Jm3UiIta4j7XjG4-6? zR-dHmr#0O_D1wJ@W;HvU^vL+bH}Sl6oP~Z+8G`9d(tgn2Ck)-T{PT&2oHgF#WcAu# z*-2KnrFII9P7faV;$m~$FYDF%vII}O=g&BEE$6+>mp^I;RM}f=JHZ}Mx#me@_`M_d zY+rHvpNBl=?KJYdz`S-_!p1pQ3Pi0DX1PR(LrbdH97DO&VX`xUWxP-&uR4RoL z#fBOrRb&M*%$hOHOQ9Mdg||=|H5VIQGptz}1Z*(D23<>p(jb>5MOkxH=}a0}7P;8y zk5H0h&|SU_TpH`&V0EmvR`6iO8tZTMX|TZ>bb(o|8dO+F12h=5_)-jP-5?;iG}wb2 zf_l)mflK55|CQ_CVEI)4SgiKz_ntjt)J>m#_L*Bp{^16$b?er7d3kkpb+%?gv$Qk? zVo0M{P-I6D@<$dPBo`iFatA3FOA!nkjDv12W^Z7@Eg!d4i0 z84N{3<|2UM4T)W$)+&umFiubhVEnNQPbeCCgDgS{Bd}ny2;W$LD_XEPGFs_^Lyh$h z?jI^ct!Rz=Ke$O6>>TQYMF87BRz@kRq+sCHm5X)ld?FXKqcqlEwF*{M^}&K-h2@D+ zRYmz%)4$CvERGBuIIvl>W<^Csl+XNCP1Y%yOv;F&SSF9|b9^VWBu6@!M$O-U0bDb|Ld4iiR^H*qG|uwVHNBO)4*azbCE?|WMlnR zF)KA)E0Gz^5-hJqkygw#Epk*$3lel$pZep@nKL^lH!F)vU0LLaBaUd-uAN0OPO{L| z85~7AQp|iq=JEg=bs2($Nr5$`1^{&hFy5Bb6aWe?i>8fk7YqTg(AGp+YDNud>9ELX zVMShX81kd8z6x3p;RTb?hERg;%7u|eKot{!u5e0W94sITcy$}=Z}m|PDGSZ&BclzO zUA1kjKeY;OGwRd0|Fv5viz;IUvCU%&04t!|cK*g=wDJ7o7w>m{{%5hcpIf+aVPwxe z_w3oTrx@FcYAsoNmXjt0BLKP@HHkuNFl3uRqbB`$nFzS(48G>5Sx}U{0SCI~OH4vx zF)xu(d?a>(rK_un2qRtY(t{QYi_z>T7R?-G6b32I>I#gMV*KeEHw{S!-4%x{3|Vlx z(v`iz5HS@;qb6~Y7ZQNgPym0>txm8hdjk%}AEZKIF)xu(e9^Eu3PV>kgpsZx=|PKy z#b|aEMQ$*PQ5d8+t1B>4it(pw+%zN^bXOb_F=WB%N*93!L&Q`ZqbCIyc_9HPwPF0h z#`?PhmQvXAHP*ku=23kbY%pz};6Ahhf)^Mmg(2Jarf5j=zoY(HSy`Wa@=4^3GtOw< zyty4+Rw=5W$|7~dYDm>lAsC`-IsjD@#f%DK7VI><6b)SfrBgH?;)J|x4J=47i@0Gi zk`@zuFuP@xUGW8Q$^51v(LlGO@}TKBr&4MMY_7u1ygXtXb4FIpn~8!D?$(tz(&!DU?kO5Qlu2&<$}a0i$Csk zH4TXdx}~-tas(_#*}+>(0n|l;lrCftrr?Ir5R!(M3Zg7FHHNUOt07U9&M1m91{q>h zOpPiy7Bga3IzRM7haT4XjCWOWTD^1Q)a8qu&!327vC^%K& z<*R5xJfmt1i7{P879qei!~((dg;?+CO@}Tfm_`5u79m@X5sL% zZRwKvakO^YB$|$fOfrO*x>{Mwt{uXV+=XG3W{KpY$VhdOVAPd@uP}5oamuETzxvuK zpD(6c)O!1qFS&5%_SxtH$V)C3O{3bP3W8)57>X##(SlePrE&jL1e!``iVA35DM+eH zLustP?J-J6L1@2l|FehPM@tmWf)ZDUu_{j20IUSMzanl)Y$%8q24C|M5~+n$MszSt zKt@I_T@bHPLNSUi1)U%?L!yY7EC4LK!pfouU{GiVBNV#2R#Sx{jv5$T(6OUS38qs7 zEDVVoc)AU|tSh{N%S+Laat9!bav|l5qy>k9c!oe~E@0#fJBl$j%n=Bt9xwTY`HE}!qH zZm>{tXH*FcpioF!a43jp2)rVL35J!I(E#%s?f=H}k2{Edo%*xfQSBrxKN~^{Yj1We zw#jfXq&ART3}Cwoiy2K}6n7dH%@B)>Nas-hA`uK0?lNH_I~MIux-Nv@(4Bw%;Ur|R zOBQnv&d78Fpb%0L#gCeygl-3evSSIBf>FBmIX6ZHQ#28fWQgDzl|{bFD7(_(E3oj2 z8B8jRg;F;t88VF7iKc+WCpC5&7Nqep%YUr?EOR83j*yohBJe1jzaQvsVEt3mZn}T` z;aeQAZEL^&&4)bya#2pWHkRl%^s*uEAN=5Z(^ehTvse@JJf_1N(K%6WL|6i{xrJEo z`irwG7cE#@#R(dv2QfD4vaav`PgGT<^YXGpp9xAqDv06`nTC!OAlRjzUe&T`mC-iG zUp#Q<4t3sEf86irWOYS#BDMVU`zJq`(|gYyHqUX6s{97lKa;d^|NmJ1{Z#=#ZM8H( z9ivvQvHq%qPD-lhMmhg*;JAyNZE>YhSI3OjgTxqvD}lSpWJL`xE|DQh|shbB8x z4GS*lMAJO6n8J{njQ$zTJr4|4BpB18;U(Q9DbTGe09}PbLV#|Dmj91o1XBbV1;cI) zyMm}J0yBzTQ!{t@>f~i$8I8l5Ua}znFV~;_5suW&dH&|B$G^4QOBd~X=4Hq2+@30h zYvxQGckPrg@wYo;9dTVQAJnf@oK2=qhR}czUM%cJ+Y0AI2`-)3mo)huXo%iqGG#oBaojou1?f}E;to;0{W3KOc)va64y7}*4Z*}^g%12)N7%{gx_UhBOSuo~| zo91|-g1!T?``>K5M7*dmwJ;T{=J@>y0$c0LtL}AaN(@-e7>W-ao zK(!;KfDs#{bVg~;IdB2PS6yJ@WH6-*x+oNQi|Jz39}l?87X@E13T`Ph3TH)@9T;{C zXnF%L`D#?|=u+^Nd$7x>xS68`#IBiQkr9g`!;K*djvYmj70PH^SS&QU1_miFx!?{! z+>jV$S2{@%zz#sHeAExlGL})H=vqt-5d<&X<%@y^jDlMVjY3Iy*@0oVfTrgZgqJ>j z`-JMf#{7NEkz08$-Fp6WbE-XW;a$i4?Ws??j=br<3AbI;`@5%x|Mi~v3B2duee8v+ z?Q^DFbnHC~>e8F-JYdIgsL3vaM_hBwkvq5XnLElbtegAReRFbJ@3w7`Gc3Mm=w+`g z-|vds@4xkmy=Of8aU>E>r(FHNnt0LGliuC`{Occj=(f}Lj@^6NuxDpi;V}K-;nzI; zdgnvWxoyIP>&INWV@vn^1}(2UiaS6QP-S3V2jTm7=Geew{|)8vN31vSNr*6ugt92;QD88e&hkIvp>D( zm}9SeW!hq`MQ(?kj%=F_huWQR@s*=b-mS=6NQIyNvhGqUaqXkwKc8{;gA*>= zDg4>oABO!Ozw8dwGTghWB;r-F1z>{*f;Kfmb<}Gqhm)$hYlZfDXf>4 zEZAk#-!-dWi(5eK><}G>GGb9=jPB6*A3OgrUw8CU3ns5xAgP5aMQLd00B9PL1&JeG zC=8hqj4WChy0S@=BnHloA+rODs0_@)}c6?)S6)Jcdwj$(Rgpm6K*=HE97csIQJtiJ)w82qPAP@ zH}=M(!r_{}X*xvlm&`+^<9p_l$OANyld7lyi=aK-Vvw<#&< z(tDfEO>^92x%;g7ZpziCzh1f9wNIYaCSF}v{nca7F7$fu*FC2;me;y#Bs}ene{-$o zp073>-s#-C&+Wfc?;h>4z3SOBU7ImuhX3zZbC%Vl5-t0mxJA}Kp82eb;w*Ua{%;Bo z9^5&c^uqCQsLz*B>Fa|+MVsz0{EDMgVS?1vM$+4z^5p1&JMGZDNhsZ6*W-@gXY0arx_#e0 zN+OZUnm9H8{=?V9-u4%tzE`unCR_GD|AcN_K64`J^tbiNkP&KtS%BS>2fEaPRhi=j*eYkbTLXt(&UH&MoeV1n1%rqk~1@H8coqqYHj>}{_Z?YZZ`DikUThq~v4 z+$n-$ik_x`h3@~-{?BYG%4Zdj?h03bZq#X{@%-cOVRwF(f>hD0bXcsCg4qUR2tCT) z0!^d7L8)O~*klK-aJXoXngqa5P?C&>#iZPo&L7N>24gVAXH?l0Q_HL&f@oA;GV1Vv zjEFHLccsP!3qdq07o?gn=<SRkx2FYxz(voD1-&Ty2MMPoen#D|CM*$HsP#$ z@~%7T|221S(S^fBI}e|9&JJ2fFBLE6$_g=xW z_daI3)NNBI+@AYcXp3QeixR0MTbKLAG}oG_mvWtOO)}=C`D_SxN03Ro%`8e%dLA}z z>R@-ghyXHPRbJ)puQD$pQ9#zks!MCK`W<)0vM&#t^wFGEL;G?$jYL;)6{QsEWSk1m zoL{|p7xxBXD!!EYhCG)DI^lRsXXSM4%NwtIV#R@%OgUkPXlT~i{m%<|yh<+Ie1}%i zXQwYn{G|hRty}!n+^k5;L_AfzW#86Q=5@I7nNb~G4LN(Hs>)Z@d5!x&bLykInQhZ} z{;9v-QxF=JVc#Ozx;l%hR@&9FYySh*sg)h8Gra7!|D93CfVt77aks0WAn4*olY-qH z0QE1N(HWAv$YGH$lE$cEWD!hW=ndRmdVhL=85ICYS9Ww*(UsH?l2IhlXwoGW2VFE! zuz)c~-{S{UkRt$N9>iE!&6H?%DN-&)Mu(v&p&J+@(Xc2c(HeBI{MXk%J3qYgiF;rB zVsSiP_K%4-&kYw3*sWV`$DOtfhn~8B>WmeYHD%vCe$SKP(6;?L73OvJ?e{%1tF*dm z<;+L#n&RwTio)Tn!semai!aVx6^kXkbltp%#ym-#yOqp;_ni+u`SjC|zT|zSP;T2^ zt;6A`CQtoh{`}8gAAi=^x58of=S|Yt-45S7f8{e{U;KJ;ELQsIlt(`dNA}sKZC$kM z;fJ)3&U)~cr#@a>x_sVO|9txs_f8wTp*Fecu4mkPOs~`%cU$nq~gnI9c+qi9^r8Hf_cmN8(a02f99LAn(ES7lkZf8o48Hu=wuEnFPRL=S&fcC$+|CzYX5;{N7Wx36$g=2{N+mI=lWeuEC8qYtr z+o=*wB{JzASJJ4aq@ZECag zZW%uIqN}et{{>fvf}PI4^|Z|*v3R=exwj0zzTTeB-|4(tPiyP(@G`Rfp@Sa0YRYxz zeY7)w5wJ&XnX6!E^4PJIhybbFeQ&+xkWlVcmz>}KjImR1yzE6U-RHPrd)$B59Eu+D zQd^&J^YQVECyX8OxXb75d+K$Ad*xQt#(NAJeR|^Ww>^Ky@aNoi>T>8MJEfa&&hbLA zs`9%1t{9)Vn2_M-Xs?x-Sx0r`gY*Hs~{52@%KDT*1i9| zX!l+BDthLX)ZTk`jwa)7n`Py+;Nh$b#g2_+b3JBza4cdXCQ`eFQSFwW-v3_W>sKCo z`jy9Bz)+~g4nsy9zfE0rb$*ZCb}f42v1=}PEWPjb_a5#lKm3}j&wJ6O_AA^jRLh5c zcq20G_PgVj&g*>mem$;x;qJe^@3rgKf3M9KzjoK~bm7<`eGa^1WY(Pzyzt5^p*_wX zk^9u;uND-tl|yY0x^q-yHI=o@JtsdW zR$d-YyZxD!S5%Z02ObI4)x@L4B?Xz63H}!19k{ZU73{gJyu!jzyu7w9x1cbTOlRkW ztB8=I=21qxSTzqWqI}{rQBhgzegKH2D=2OfO}e-5yhuS-s=B-?QBYExm8dGK;tjiK zL6ah$w#F*UsuQ7{g2L={ZHym-^&&Z0DIQlQz3h^v1$C8WmGK`e_uA^8RouKdnojU= zm8TN`vI|QJv!Pwdi7o6p(aO@&gva$YyQHKbQCV7*@UMUVfo3~_a{08^w*S4X;*y-2 za_)91b#c?eP-R7xD{45qNpVhXc`TY6uC1<3Q{lqw+Uf?C54%~{RWTEP!=wsJnucN( zHR=2&xn44rj3+`7ucjtmSC>=NEH|6C@#5wG9)04q)dya3@jh+Xdy(w?qJqe(@~UVw zx1b=asKnfP@(gi~X`I`}>r4wF` z7%hTDlO<@!<#$_uxUoEZPC=jMcOSZ6T`OMqxN$x%=E~X+)-$F`>EVxKyYj&Y}jQKjJNLCVSY%LOhzOx!2J4yuMbkc*(?HhbWY~HTL!4X zI{t3z?=F6hDPNrMr>|+UkElPKH4COr*XdaN0-~#_lG^`~C?E0U(_!4?QFy|6>FO`e zJ@2;S?%Q^3R{PlpUsk6!JLkqryJpwQ%YPl4sk}v_xade#vO(Qs1mM>{^8%Nyfem0r zS%P+g|8DA^d97n4HFwRrfsrANVwaAT-gy3@0;&lGk*?|m_m3>vV1QqL{q@KJ2OQ9` zV@FIh?Fk%&Gl@dOZV7}}7aau&fW+#8Hw=opz!b!~@{+rv2_s(%LRjfY!5T!c$p=Tl zs41rOAems9umdv-U|Fb%9s@FJtdvC-l}ozpawI~7E_Q)YG%8B+#rVHdf2K@z*eq0l z?Z(_`82$RYokpYFSOWFW)YDz2>Kk5sb{a4yMPNiq!}|NX*CG9t)hJR;UJdFG7z)0J zLpe%*Lnno@)TeWl0Ki}NAO?%N!XT~7kiuFtVd&B<2w|lo0ni#m(7x4>je=1F&iA93 zol1?7;K1tZ?_S{g7H6+_%3uQZ&+LB)XIQv@{4Jf`tWSqld_E|Z$m!W{|6%9+wSA;A z;nu`8QV|m`g8ROiEDY7t%S3KafAKUvDwMn&U4IIGd^Z=m0DiCacY8wLpYLGG7)1t23Q5tHmp%r99%Mx{>oTM!U&SPpOYhIo6ky7Q1x3@51$<-u8|$xa zV_S>v|AGCVjJDrq=WaVh_^3=O!8bZeYf|o1VB6l5#{I9daL7}N#`6!=pbqSCJDICK z8*%>=FtY#t`*-TpNkykmbY;b2nQV^+6<|7>V?M8P6FI{am42)iVTomRlWTriBXBNb57N4KURbQ=W0 zqC^51898F43Da1AN})QdIF0q!cGc!oO-x6j3E*#{)vxhwYe}&!2TXYE8*l%olXVHc zt;l!p;)yyv5e+UPxkP~MB8(IJd9Sfs4D~gq#V?##mNI43FP7@m>L8PMq5Z=6m6abz0G-cEfT~VTI zc65t?QFgH<6b*~q(dCFVCenj^qzh@jbZJCTWa;Epd_@j+g~VNWV`TwlM+%9;kbPCa zMwv1IBFmyU3ZfyHG}gbd{%&{r2ZeTsb_->pX}3rh1_=O*^YL}Mz;ql*$Bu=DVn`H4 zmNB^Du>`w9;x0UjS>!7_Qg#$Djr*VCs1zs^gr;&KrKoPwg9XPD>{_*jCyrTyaTxty zt3Oq8pXQ(3`dc7<&c?J>GKUuhJhy1@Fc;2$^F!`I7j$L^jApC=)3tz#(*OVlUyMlMrK>AnVbC!m*BakOd|+Bvp=tTI?A8eKIze1b0Mjr-pU*m(ZY$p^{Kp)9}u^ACI5eegtQ z2fGWQt6i>3l)5IFn9WcJiD23Xz|_@l5SSElLDGbjBCrAEMd7d$ie_QWQ86{t0H8Q7 zho42G>Y}4)vgjy^qg=|O1(O#5IN%~j1(XFaM!*_X9E&V>jDRs}Mixhj=*nWjiPl*E z#`-tze;pS{9YIJPBPOv3qeBTh2by$&)m0@0<}kFdiYz-)U;{MP-wI{LvC3Q7O#$=! zuRn|HE^?e);3_HJnuaXsG+=fX)>gm>7+vQkwo3!N@0YpY3mgn$+e>9)2n-RBSct4< zUBx#JR$O_Bk~yLf5J>|-BN{qEup?>YLTXe-Wkg3&Ky(x^CPPNAr!et5(f)Nv&&0N6iwW)izklCt_X&gLL5c~4hDfCb}RtU6`2Si<-#b(+B#AH*1O_^Q!Y9q37 zP+n!UdC5^OfUzS%Vv(;&kmy0Xyo?Fm-?sinn_0jXJ~nrlYo;iwgXRK8^HM>OG}YW@ zhef_PqG*nqH5er|0AM*1L@5}OQ5NZ3DB_REF|+`zy=l%!yRl4z^$SO8;GK#U-zL-ps?pMZ*>P)dX@N;V|Bl}L7x3A$M6 z01(0IkCKyvlSMdAk)MJK%`@H4)?5i^X5JJ=%ctCee}_s2M9Fd74^=l+e?zK7VhB~5(MD0z9tJM}QYA(HYW0VSl8O>!NG%;c;_s&Pf4~0B%iYPb zFg87A6||r;XN+J_G_dROPd)Wieq^?|xLEt!N-Pd!AuL7|Ea`#j1f03^K+?`1P;9BH#r@)qm;IrN8933l^3xO&HZkV5GS#2vSHCMs2{Jg#$X+O$!2d{J;m!FR37Z(D!ORI?Ua2#XR%*{x`*l2ryI z0C{QuV4+Jh$BkZpYDjP^rZ^Z4+3C{IVFF;SWoJm>-*f$8=AEW1j%a_;)dk>0zi0_ z4F6=RGU2_k$Xim0?U%OvWJRjZF)t`6AQt3}FnQ5MNohn(RT3F=Gs+H9b658lp2gOj z9_O`{D_8Oo9(u}!RLxBxwK!n0>F8#fE-$?ql^p>5!PC&CXhz7}Kd64?^xo}TWG}Dt zmc~4O*pbWB!WHosK3x9Zj8!w{S9|;gft*OUHu*dDY_jkFYra{F9D>lYL*c@f`6C8w zcJHfS4&OCJZMFJ}4?w$)6wojN%8LbhAUCM~{0hs+lE^E~-JhFLE6oZuD~PshRs6S? zSHu(L2X0lw?T+#SP%ac%M2w6mVx=IWC%kzsfzACX3Zyt3Xl3heGVN)d9WZAK{Yc)^MwbWvncDCuINEJjrvfT0Lx5`{Pn zsYxdY5wJ)>$F9gWosD+>@edQ?>wrRmlA4lgF68}B)SpC}sq&&LwUSy*tRPrGGKxhm z!pKV%L(2X4R)1J!-jmZ>LR7qMQJE5?H8CrVHVw|2Dx)-ufU*Arr5aj)`Sg&c981I` zIE{el#6)KwsBlEXs9Y{({muXbK=iZ>Ak_sg{#d|^BzOYxC%YC`c;BsBe~#-!7RD3& zDxeGNGvr+>B_g$qRyz2gV>Eiqj)@D8J9e6dg0t~oXZj5s;JijyF3H@G!3S?;(W?Qv zG9qCGlLqyV$K#w0aiJO8AF2O0%hTOA%~_uCrd50M<6dRVoBaH|e@lJc+plM{OI}-^O0Vj_RT1Z6Dr2er zO03@hbQx7KQJ`dnl7geww?4^+)nDwWq?N6%PL(T%@Mo1NXZZCkE$qeqWE=9ptz zw{ES6sKJ?1JtYz!l>(C1MgKMH51%#n|GCfBOkeJdNx8Uc16ZL*3Sp%dTXY(Ep=8sP5gI>Pe?0TD!aZ87zLP5orwa0-B}M%0 zQ^K?u_1dyjvi#s}+(YR#_rIzKj$A=L*sY`t(PdPMBodH^tiKw zPAetOWK=XIg%}D$)-@fNz+mJnM@<2Xd^6nY>%XWxv3O8*aXj(xe^L_lY zcx=kn8d zkTi9JVSo1dUjgB;Rz5N+o%V)h4=U&?CKy6#NTpcU{%4e?$Vj~CO5)BwaThuIGHHwf zy4VS-o#cT?jBwbEDY(W4ZEp&==pnFER0S#X@;?OJ+MzPnZ*|ic@EJjHtj5dM1 zByC8994vF!^%GlA_!V=#X6>b}U6MTQZay=O@FGSZ1*%9IU4{t3EQ0(Q!suAlkJ1Hf z^_Sf@rt>!N)dOBXY>t4Mg{2E6x}r)qNC_qy1%N`A#=4^eW3j+vVU#9cbu(VB<5kvq zr8VA7<3As_f149`-?Y5ed-fZT_cEL0xc`#5{H+|1-?T5xi9B>-*DI$k7&GDXvxfD} ziiTo<_{-JxH}{qWid(gGT2gBpAa8L0>w0gsf*wrh5{HJubr+XlaWte+!0S_gz(NwxDj*}jkeu9*<4%PV zNw`^8(U3IF0?wLi8vY*Y4=c(7XBDTc)*Jm! zY~^*ERj0f;39mHixg%s9jZ^2z{aPOU>cXRYt?bbui^mlfN*)`x{t6CZ76qwgLXu15 zQB-6qtYuYKcIhC0&-D*h44yF0T;wz**xNJ&1wm64PLf{^Xt9ny@a#-mu>3^WVvw zyZ{g^T>s~r>C%)%+4c4n4B>1f84@33Wuv$Q1Az2{WwxEOCwVODY>c@7e(+|8uni^W zST|qyG#AB176L`O&Q|JLq0|MbiO5Ad6QOa6$C02I8`R&7oHyMp++TNbb$;}jZ-;K( zge%;PmEQB;csWt8AdC1eHh-m+>KR5e;1G+eXJEq(Z%8(JT z@{&dT&4MBel5?N3wkv@{aQ~B6 ztA?VQsGfAimL(>#VU%S<>pyw&Wcw77!tx=~GtWGeXx)Rn*R6lE&6VLO?|5dO{Q{)6 z5T;fHw0#I|hA<-0#Zwkwni`5(P^>8wm|*>vS9$~QTy)Sb9gY~#efrYaQTw+ae%oiG zhxP8!rRk#TaI3b(mmlAI&|RNCeB_b_*E!wK5h_?Z>A!ycHD#(KK1i*#t@7xXswbV? zo!$IR-1{QtmDYJb^1_3QT=S;6eYa`x^z_QpHmN2Q+tor*PvRptO8tW?OZ7AnTR|ID zI+a%oiXLPF8M?pQ`cpBQ76p>*TlcJwEzVRKKw@IHnx`gXRnUYn%2Ntn29tuUOQa$^ zgxZjXml{rDf&v+3S0n&*C53@GUAdrWog@Kh8G=%5v2fnRjXxc^`cIZA$J!(r4A#xR z!reYC#O+;4`wW^<&H)6ciJ=C>A4%6}fT0UpN5h|Na7JsbzvhVK)q^f_RQ;*Lm1Om` zR{b^QzW3Kfc^4^4!qu-HR9Mjv0a81JzZ0|v#NPrM3`Ils@}Egz#0!P(g^K`mxmMGi zzr1$Zw8d}T{)c7N?h40Cpm5TQ^EWpAZNeWQ&5gS2oEmF$(=lC}o&4So+qW*n->)si zXso!hs2ik&1$V7Jc2bK268rkp-~COvH5#9fXx1by;Um#<~FXyPw^{<)O(mrF{r{#sSV>lLQ(pQyjK8Is_zQuR<&K&q#tEEy{(02ma8 z1Vhr~2uzCHvH!~T7u)qY|HIRrk3<)iD0J~x2vNsq4UAwa1TZi(0J5vgTQ<=RzQ|?b zC;~-9A*NP^L?|>8AsIyq35HSZbj636OBY_;Fw$KO<~-`(#?{Y2!PX+rdW-l(&J3O0 zCw=Q@p%16IE1VhK1=Bx2stDRB=<ov(8PCp(X7O|_%N0;f+qAytmaoC-Nnt6P_@L0hb1&ApOxvaj4BbbFgtwlUU}U&bsv?YsUX;;Ygr{Ria!|I2Gt*5T#y^u z_{s9W@3C_KtG*m~NcXKbZ@I9lZj()mFFI+P!MFW; z(y{5j-CGf}W58{?r`$!>~Q!)exui)>8mCx2)b1X#u%BD){ZWt0-(zXK#i^}zj^&3tXjhd zw$KxEq|Of*!HBkd)gTAzD=Tg&@&u&)AtPPvimMV>EEHu0lZ>b8^b%dB^^hEII0A$Q zQk1a3m~>cB^cu%t!iXwTc97s{;)4+dM-(-AF-$V<-a z+r{-KBT`cqnsLB|t|WX!iP1IduR{^LFi0FV9Yyo=WNuSj3iqPVdvDsZ(HCx2TI=qf z^Rv7}*u4W+!y9#rYd-#b#n7Ewv@Ocz_O80ltF3d_xpcO7$RAogaPt>C_H`FIh$)3l z4Mkf;L$YgLAQ|GbDj2cQ)zp5n{@}zx(U7a$FR*%9QI88-PBfaA8_vs(CBgf4-aL=xX9kInX zE0gn<#~*(1qkaC^{FXy|R3^P>)8?awZSl98K0o>hZ`+=mE~=<&*0SW>Q?@qu7DeSa=kcBrNgbcPe zr$41`leP`NLhi0Rj!WjGfTDsJE3(s+9mNPY)gz8DE=T>fmelCR9A#bg=j0_AQVQfTB8fm`#UTr$ z&f-5Ap0}`~eT$sAmHx*}QtlI#Y>;mjR$Y46`yIPBzvY=3A6@&$k|udv_84M{aBSBi zuVQHh3*>0|m1$5na>*h|My<7G2Y;GaF+_umlm>Aye!e7q)tm8Em34e)Z(iW5lS`|3 zb;Wj0^OTZPYcv|p$<8jwkG5`+d*XJ@TQyz%IZP$prFHhcmoMNwGkxI!qw(sXR$fJ6HyD~9sqvEdgkfdA9dsV4-HNC?a`WycAXnMcrf>KB!Ym-#i-Juh!qkV zG%QFV(be!W7#6`~R6r~!>#9FP&V^$t?eUr6FRQ$Y%p-&P1RMTutTdrB62WOfR?Jk! zpI3jptQw|ZR2CA+hy`6nBu3ehhEXL|E{rsgazx7B01rl9mQG#<6TplLhzrV(*Wbzl znCyU&3X7t2NGt%NHPuyg1VyS5f_R*7=Kuge07*naRKzs7VH8>lx}pFJQjrT7KBFFv zxushF22~uvD}|jjWmI;gn$EMD0~Wdfkw9+0nltXqkeBc_VJrZI6b8a5m`KKU@^_SX z@~fe;?^ly8+00#54>;feOv{%qpE+~p?Afzht$RWQ3HfIbt0XTS$U=iZMpKjnBP}x- z|F(lJoPDzs;DrQ(f<;}fRhgSJ|5C>XPduLTvAF&lMZyH7?Ec49aMVR^bwII2^3s?Z zk_$!KkpY4MV7rAI8T$CSf+9azeCsdr9 zS*8qW_qZ~`mg4&kstx0-iD-hof|f67{3<*JsLb=A~K{#5ks*8Aht51%l=F1PYM>7X9X0ZCh3(Wyz=@@ zOZ=bL_>(PMHH{=eHcI`OJ~5fHDWZpw=Bnm5a?#aV`y*>P{{YmGT&%pmRsA7A6B(9+ z3DRYD%%Z{hAKKAGUFQ8Qn*)j*klGD66Hd}XW3lMC&_$|-t>%Jxk^g}6MNeZXD z!9A)Ja>B0S(#38wqzgTrsWpFD6it&tcUk<3uut{4^3FeJn1es*l@LbaFIceP+i$;} zK7BgxWbk8pYej;mx&7`RY?PStL`n$q@IQ4H`Fsp_DuA5>|N$jsgq?BMlv57-@8o8&rSX{V?vq^#&bf882Qg z_^(0T-mh=)L4}E?WA%|y)zc1<6cR7$&(Q}AM~pP)f)0$I3cK&V`+D{2b=+|S+qHf7 z^gG`xdTz!+dw03%=q*=Y;c7g-E6HyU#l1*w)8>Z^+Gg^DAJz>@Z_}&oqRP5v#U;m_ z@`vMYerNp9^me`48n880aFL!nvqL<0+jRoUSKLv$KU za1q0wsDD+>!tyw4%=wq!!Le3R=~dR$tthJ{BP+)L+%vO!%SvmW`!3XUr2#X_oCWUA zl@3T)K>!+bQRoV!A#^AOk52$%>oTpo{t5y(5l=-n6+y-KCn`` zESD%5Qg%&BLF58VQ%0FPcP^h596EI9qD70E6{h>O{<^BezBe7)o8NWQJ>0??kFQHs zBr@;9a-GX=y2(C=ZvEJU|Bek#ZM*qq3oDZ)B~6b!eW&AYczgUwUP*S%4L97d<9Nn}WD4rCcPkTr$E? z76^k;ofVlO6gkS?fHtE7r1WkI8U5D~u1iq=W=@y}a!nYOAdz6?MOPP+7{yQ)l@unT zheT%xDKL1ezZ{VmEfhLnZp2V_+`9GSZ_hvPh#p)dvLgIeB{uioTTzp|W}CI%<@%W& zOQH`C>pJMRndP-kyAi1M1rBba8qp= zg(`Mhu(llgLYfgp7!(@6Jo)m=FHf2@sZ*y;Pd@o%RyynDD|W3(dGl+$IXtDTzryiR zqePv5so<7~A2BU%wp;%`&phyP?cmgQTXtAjQCCt}a`>5lI_BEf`@|>j`NysK;0cda zs465IoPXd0TbPSK`hTMSs)im{Cb+`IH^N2ET_*kVQoxN>f0n>jR%MZ8t@~f41E8uR z1x7LiDAqtiMmp&OZ>--V<9S79)D)F{n0BvNGvL=;){c%>{>ACfEl7Gj&V~EO-C39AUKQ1fBqTc*yq-A zC&wRE;5$j;Pc_$t1i*Qidii8sWmPxhkHuI?r;7p&Fepd?95H`k=!&q0Fsdc%pHR6^ z0dkQ@xDvT9&-vYY)ari$2*!nwk5{sDA*o>;nUt!ebYjIQNwq7$tXY4Iv>?N^)}J`4 zgMT09_1m$--$uM}`oUfKXrkUgWU4&wd+;AiM@*T0^}(B+yKmdwul(ZwZN3Rqdo=fE zEUkOy)fofM+LzBRaNi+TNM*N*$!-Nl0idqU4h(Fuqe$0Gu@DCfG90U2w5XcP#KThAYip7VmsAy$RORKmKdl#RrR6m)oWFIE!7Cgv(IBtN z3jhmjkR8a=2h`)mihtrHP1gf8|X=iDE%ku zPZ8V__|GS}k>)1M-G}|MMg*$NcA&Pz-zfFh0#OI3Y2m~XorX>>tuhjemK8h8O&6nT z=+J&+$dKs2ZT;Z}Pp!Cgl@6vTngw?0(Jx+}aQNYeYf73G1NgH)G$q`m;AuJ*Ff0aB zRUk&Ky?>>9qj-Z_FbG*xX!wvqT*Y48kPtwcQ3@Hc3vU5~LjdR!92}M45}=2W*b4)c zF_M=*`s0v(Ls=Kn#pM4a8^t~3aX_D&7Ci&BBjM+=8Kf0v%mhB3j{&2;cUzd#@x_S3zUaJCc@TLFk zx=p9NCIwYxm9BPvNg+d3NewZi;uu>L0Lm+p0K|$RA~3qH`Zvq2d;h})=|o*=GF?-( z`qEWfo2aaaEn5_hbJNU4j!PXU;&`g6GQM>2f^6~YagBqB0F;P--YaVF(ln*iw;Z6()oE!4!&^jaesfcQ^!=ZW^NYbVnKuFAEhR*aR5VC7K~zx z#GNjL-2?)gRu)YJi6bfGP8S!N=9oEwa3{x|=<5BVcpEGU;-5g=?=|4OQR=@D&p%pU zh*1RTzj^&_1+^$z9T;K{E;kkc(LQ_ZVGgXHK#XyxuUZ3=GgZSM0E(Q0bC!isK0mF` zCScj1rf8%ih)9bJI&mzQ!K8qJHUMpR+_m+wtLd-=V3WtfTJgnW_nw@a+*%sGyeFrh zOl6qvx{!=Ie(oo>-1T1DRNT;Ym_Z4P2%xKyfN9j3Ar$0~)L#_+n>PO(m-Mz7zAO>r z$&>#H{dD@P8`}zl>~`W@e&2+zep5AWo815IH(5MhDGEb66f)A#MG1=(XuuFVvxYMm zf$5^VQuzA>BMLAiIxY;!OFBj@?(+>G)82M_Z}Z5_FKjt^`dLTxeCzA7!^eI;xZkFe z&)kNG2^I15MH6QoxofB0xwn3hO~*YtCtaPpGL^2bc3-eltBJ+AlUubat}7f;zith&M6AY3W^Rk?;T$z} zZqAN&=1>w}qd8jkkh(xVXEC z=f8NutuHrlasG?fQSDeP!F7%|M{8;$USaIbdmOzdjqk^JfrHL^iw3g+^Dp zq=EVK#C#`)n?meAyRj-Syzs)nfdk2_AY?=*i{?OA+{Bh4ELuz9p~rDZ6H;A#4X)_d@^?4dn?sU<=8kp9FbaC95!Q734)9a6aGO9ROXmCJcQ2`l+p*4(Rh$1hB6ipU% z>}*2*lTOkQzxJ3+e|4SvVTfRxbyo+vJx`k-<~OH!I>*vZohu_t|c`T*&>VWhDh1f@N_Ge4g3~=rG|Z zg%yf?f4u%%bS}C6lyLv+macGL?OOe&Tr8f5$5J&B-u~iJL@-wq*P?vgBA<^Is%Nr% z$?}%DiL9)AkT6tj#Rm-ZXef-DaYO6xNchctNb+ZW@MN#O_G;0h1=k5G14;Pstv)1_ zkk*t%D=W6(QJ4btS3Lm(!$@P4Az|psk@!uUQyw%3t6^=i6yL8p;&z1~6xYzbu7G6B!twb`_W2=tKc>$92D$`+ZL%Ac@hY3W| z&+iC`52IrEAF4m;piVO0V$}Vp747FKT;%u;EH4y;?!UbLia=RtKfeF9S6Mz3D=B1f z#Ny`rQ|Es$fPvxuE7V`Ri;U!jwicS~ux0tiN;oaufC>aQd=2`g%F_GH;Smq zV5f^D7Ls?c?!W(j-o(1&jyv=^5f|*`<>jZHb{dK`@SK2v@oZhbNbdgz3>d&CgL#>$ z@6vJ?MIz|x^a=;MG*Q9@9jO_@1SBaGP=qye03aCxAWA6ijVvsI$CUuK+{7F8r}SY{ zesHK8?H^O9L;Y@m09i<(;z%m5Q3WHySWsx9EuNALQE;T?1>=9?%|Fi~(*EkEQ(K<1 zC=ufop!?6it#h|-5kA_T#r4how!aI)=S}?2D7qm2dclzT(8vxz#S|0R+F1-(gZkrw zktVQw(e(=>bcqj!Aex9<6YdiH53=${b5g~{UEAioerDgiyll>Q)qKsUIyq+2S110Z z^QqVV^XXS-cG|A{-a~hZWO0^so;(KDwV68j+}-p^S06l69=dLt{$UAW_-mRVG5%!z z@pXUh+*?+jO4e4d{&*#K75 zlM)j*f%+4QA~34$L6->pk=bsWX3bksTOH2jCvPfaX|@5Ubgpo`=;Ai6mWv!uDPxJ6 zTKBqS)snK=A1^%Wpf3Fn>^^Hr?4Y54oOt~kxOD8<`uV@VabSAU%rGQ zf<@EBStBf}02bB6Btv%o5gEFGu|oqGO~K_Wo{VDuHR`|K=YRM_6IB(=)@k*(8k&g; zft`j$6+y?&Opr8nr6V~`HrZqop7QZqb0}QHobwMGFv>v{_`8Tm8j)$EMvdaCMr2+E zaJp1*TuBX{E(%Tc#Y<;igDD9BELsK)spv#NVWlx53Bm+$VXgFW5_DbRM!oGmfl{>k z$)EScfb@VTLP4oqKakufam4yOv7?XzGU!OUO6v0Zy9yf84UF<5_19d$a9RK1V^g>3 zxU0zGHYpNL^7B*vyvWMSFP>O(tLL6o@;sG$*824#4h>?~V2DL^!)V+D)4T*`h{k#` zgaR?VL=PGCwNb)RYd(jzY*FP)550N&Nn0GVPp3+L52@N+;dq^K&(vAvi_7kKdPbYB z?e;$H(EO%(1os)a)p3gd6(R*Bg;J9j#VX^wWKIXrgR{{_S)cl|@pvszRh5d@RufH) zPeZu7-^@YH)iNB-jg*&H#pW+LY1c%*9`18nLW)>4n#($B=c^!O7XVhW2x(q)g;~$~ zYsyI8>*O{_an?uTqBe5mNDfb4P+olT#T-gp>bS^R1ktmLG+ipsq>Lm;bl7T$m~z2r z3NF%-*bm&MVC>u9AG=$Z>=chBQ?-1D!N17CpDUc+ibK*Wxx)SH`y&tO*1v!E*~?Rl zO4A>GR$AO5wCeeHKbjgouzP4gzXHn3Vu^75oZLRdLON2T5DJ|p+Omi$M)?YFnDwkb zUKEXFq;XGN{r@cB&r|%5u4I-{^fqq&*JuC#$oU6K)Ke9vhA1jKll`sg4_o74HHW9@ z>0E(bYZ|RCtD*#qY2ymiKnE=h&J3{t!2|?SbP`KH@4WLY@p>w}F+dPKYFBU(Rb+z5 zXk9U+E0`vO1jdkHaFz}Ri!O~=z+hod@#3leMTvLW&gqeFh2HzrD{8aaDDwIWok;)< zn!8}SJ)b%6lSl`l@*3wLNx;y+0!aZhBN-d$7+nU>`(TYv^tj7FiboxGw<91&J11nm zyzHJ<>eGywf%<^I4XA(bsO2L*gQV73 zOoSb?`lgA{BQ+f8(&*y#ll5mws3czX`Q0osI+NwaL~gXKv~uw`i-zq{w^PsTl9Cc` ziL`>G)0F_}u9yDGilk`30VGnC6j{V%B!Z@cBC4_*CfJ45hJL)u;#_vwWxA8&I#*Lu zqX#OmGM=g!T_)mA=>GkLSRqLbfT?MYRx1=mSabjP+oJH0Yd-u_x2Buq7S8AAR${5R zyUuY-$LrlBk1LV1ip8a~-<>n~@E!*q((~J8$ptIwUVUNu%CBdR+9%n($X(c|EzBW| zqUn$n8t}m#qY5rc6!Sk-qmzuD=+<97;?F&M4x~kY)sD^o0u-MrY5-9LbuS2AGu!fv0rP zSZLZhfd4;x=K&s7vG(zkULo|ZC@3ljHm=x^5=5k1KYK%(3P`chRIGFbuYzJhl&d05 z1Suj?1XNJEbU}JTdfOzM%a4lA#IR4PFMJ5f*LnH%sF> zFpnz_Cf?unthh|)V1~H`mfKe*t*%kGc0^31`?N-Z{L&L37ecVbvSP4vHd_4RRI_5z zBTpj7i$4d9YyX!!eHO}aFwY7Yao+j(Zg_Z#XGLW z5e|e$gGs3HT|7(y2t5tqi}SnqqlLB$EhJUV#s69XHU3lB?7=iy`lA6VsSFt3$a zE0fXw#GT8w-*(G+?QX31lY50*IBP?~k6Q+|%BfPmG-&JAf!?~qBazVXt6)rU?p+#8 zVo*{_@Q=bD`@}$=WXpSUyesN^Tju&d?#}$7-=Z5bd$^IpAA&#W1I0<6KSEDyt;Hq0 zzYu>L4`HY>2}Xgb63ANTKff{`TBZP)R>=${)MVB`S8@bdGgGmpcXnDBQy?b}?$CR}o zg2N7(VoVKDksVR6kf)^%H!KA?y0q3~! zH+NBJn=(@~c*6+^R9 zApFSAedFVv?swU(7nD7-Lioc2zwFlUib~Ou*&eTlI^t=txx2|v*|K}rid`39cKVIC z)!%j4dmz!faOV1i^*{D+>#bHXhVw)p0j10o36VqKny5tM@xOyV?#LI%s%pN&S$JzC zP)?{f7Tg*^8~cAC{=foC^mf%0AVZoK7XldR<=rwF!q?V@dF=E5zl=YDmGJy0>|m-# zRYFfDN{RFg25wWTObIDlXBy%RLKv|&GiJ;{36&FTSddfPS&wprL1ytTcMKIaV(=M? zZ-uoaRz*<}C-SCugQWZ2VB3CZWPSTzQ6b}^uSV&ZlOv+Sui}KG*u+tGFeRgOVE!up z9XfR2uZz*pl@VD(Yu2n;Pe1)M#L;cYkReT)G|@{96t!@O5f3zH985gIfuOfGA;>}z zT8{__OnR_Ih8`vjgA9?k7GUzmDqaxA0)NMr2RpScKkxR(zc9~;i&}8ya+lq49WRo6 zctvyW|9sYtkCg|R9cnIPIHGBxiO_J}{Rz|J#w@A`(+CLxX5lC{SHp0W9ZaTR(iUY#kVVc5|EB;NH*QP;U=5a_fM)4Q0lwr= zX9}kb3Bce`w5M#e%v!#dm8&4~5-{gT(ep$3LY^spWT(?>2L?ZO;^J|=4E;Jw{IWaBa=cJ?^d#((cf6bMbOj?yUbLQq+m(*G`b8W(!jZd^M zs8Zgb&C5-kDg_bPCsc(Eq2TeTjOhP7{0rUX=dbtXZ%atr8<(B^%X_%i|M3wa;XIT# z_zO>Z;3#>iyIsSWFL4nq*s%!Jm0>UfI*cA+`Az;Qh17iXf*{B0;V_+ z;!8}~p^g{=av}WLcg7abfS) zp@9VzywK!SF(@63Xv(I*5P4+aC=q%ZLvf(dLg2JA`7duthzyTu(5m5CjT>^77JDiD zt5-P0aGjc#nzVgS#Ypqx19+5W%wn8b2*NgAU0=il0S8Gb_b)%J^ z7aYRx78QPh%s9#q2o4QQj7vVac~7^N1y`MKE)VuSA$(zq-WM^nFlz&lBO4(xNC0;* znWf1H1WcN*wWIN8)%XIyv}x0dRRZe1Wx$YE`E%yX!JQiQ!|LM;LLS8@Bt^myEdfXv z3RR$q$*dBg*DVg=VTz%|AQUh|R90=xs8z4V{g+nRl9sppK+dG8n=^JDdgdn2nxB67 z;k%Gs2h1|@wqR`4mCdfY0np5vEQSoD);@BSyR53E|T6q!=|RICC}gbJHr zXiCHvF)M?LjY?r74@Uwd2-CH3eE6e|(>m2cyWH?jUWuPn;unwTS^`>4oEqhrH<&9^ z(FnjHNHHOl2z^QLmoU*PahZZC4utp;lSh^hF$5Hw1@`ZTzknhysTktHXJJ#c3PbKl0c4mKlOE`Z zN|Nv)=zj};USG&y)rc<#C$G^NC*sq*pOCKFrfiQAu)x3W|frCC<*>l#hOJq(LNVB zF2Lz2nVubcy0_vAXI@qCebl`Drj_AyJ37N(F9K1vFC6&tf~ zl!a)i5F1QIg&n4lH#xXXe3X3I9DtkbW7dMd65AP8wFLV5Usa7RdN`{HI^|;gI1`}2q;LK5lkeB zkY=?YG^9sfL26cEL!*chfeceLy@XLzFsKjjb~<0z(=V+f$&?yX3XdL+EJNENOlW-h zMvE4U!e?rj0?9uLf4t)ewP?;iZ6J^n> zyW*3D;{lGKH_i$+Y7c51ToWNgoa0Y zY{J1lv>U0Z5M02gK@$&rapVq-`!G>bnt1a#`uiQ6dYAOT?;It@*C_xEhhoNj*kHViR2uy)Cgxnzs-#0vlYSxGVAu1rHVIRxP zDq08$5HnNIs53=_!;hKqQ@8ira}PtDVnm8otjL>*O|UaX<8K%6m=_BOFhrd);{gMW z6OAwwgRC(t89S7gjKieKxcKNI4-=d2qya$|AdoBx{zzhn_v9!8qLl@yV^gytjHHjS8tQzr_LEOOK@oSCUw%1{D5);{p0U;rn+QNF1{;#lvqNmck!6^)KM8-l zoXq({U<673r{XWrN?!jKD*=e2FelD`F8(h+`}i;4W>tNV6^-;5s=SmiB@3TySzQ{m zwgDXR5oZ5T#FhhJy0(`hL#ZH%5v>8e)|*)f?)9`);L9~btpP@mL03UqcUlHTWh0bp zhKNavo*@OwLC>B?USYt;pl{69vQ+S{Sp^1@CU+1_K|{z0Lw2v^IUk{MYAuKlhbAp! ztLVIAR;eMcu$dAF5WJpX|0AQwZIB}1TaLUKyG0Fm*a2JD^DozOm?VXwYzj%GNhHPa z#~6|{rsy#x^T6@}VMm2nj%-1uf__D=qjC7B}fCJYOS%3l4-#A!(T< z$DbG|VD1BKF4)8%0Z=fC-)09NT3OIT`=-MX0r)h9Y7>Nz5vFA1xbR08gT$jyvF184 zUK9WX9BBEqLzs5;nH5&dDpUwK(xOLLiXxa&`YK~8i)~Zy! zVgyf0-Fp>tvm!470eP-!9Xod1vSkZTUpYglaI(WMQ}T{+X)%-*7XDiNi9`hkK``_x zOGPDEd{IJxEYw@jB*0L_pMgJ4OJ4s9jC7RRseyl7W@Yoi6H)?Y7J#M&V@Sd@rYJZo z00-1ao)v|b7PG23Oo^~l)+T)E%09G?TJf!S2Nc8Zr`AL8xa+z9b_7Xza+l zj5CxvQxHti@Ir6RBIAocl6dDLN7z;i0xfKckghc-o4x{YcwHs@r6P~?GAjg_(kx7j zTl}pl<;76GBy7XLnrpy3n?-BdrjW#uKwxN@5KJM4WouKj_IPDh#*I0*A;AAE zD7~G+IJDw~V92cO)62C2mO3(o1kH60zGQsymoPHIL|WJ(R5uC}v$W_DwoLfa#RW{% zPZ)nJqfVxTp`#xHn^?A99 zLNsDZ8A++YhtRAMa*<(;WC}ZC+FtgVWeP=_#b1u3A}{nJU@CYNWl9$8EOwCjd*Uy& zN%Nml{~)Q0F}+3D7k>%x!jzYE+`#En_2aMNr1zgclnn(#&&E97`mY?8X6~(M>>1Fc ziPqtQQE_0pljbB6M=lYAkS;W0zC|n!v*M$OFgJq`yd`FZvB@b$V+s|9N(qiETMNuG z1z%x^zzzhxbRm$ZA*ldl2NfE8dcvS53!(5%P-#WF#Oh zhB_kgh$M=V(U6{oB#kM0h7gvPiZv)PW^G_{hZux(p%GKS5b(v3BbkEvhu}{n7#FZu z7J$mah6*2=#;i%qr&;isl^qD?p_zgvW@wti7TQ(@z7>!K#E_w93JwGUl2MQGQwe_o zNJfH7_>;SaZtDK}{}b!qkN;nL{u~$nHO{}V@WTSyFghdXITSF&9fZzM9Ut}>LI4gA z+4WR`V?{Y@kI57QobvR{>bQrtyAcaC3^Gfz+Y$?i*@Fp!7?6|zv;vbBGzN7)>)IVu3=u;`0sIZ|CpLmqoC+HnCShxdZOW2VBBGTVT7p8o48oL{95IV=Oj$?P z0vsz0ffzlrG6ju*WTb*Y>}VE_f@cU*Lwe*D_TLbH0wZP{w!i*?!him#o>jxtJeZuS z=g;xie}K991r%=Z!3BMq&IJgzx=t3m`H`XN6!1NCbcmqBmO~u^F$g5pSOW-VWmfVC zNQ|K_s1P(H;ZwM1A%hkTrYvjm7&42n;*kn8uMrWJWh4>M@=HJ*nKGW-vy2|^vV&71 zL<|`krkK@92aSy4$38ORC^f{Gg|8`w5cC)k!G#tY8OcMSE_Vq0gYYL2r680@#2{7F zxb+cS@M$3MTlh;ucv=~Tpn;-hF$E!m^zbDww1vOI5JylO$3?FoQ9s4-CttE7FF;e) z!pcqBU;qB|#~e)*hRWVw{~0;npvx}1tZv=9>=2F*whcYFXv5G07Le(D5nl9gKv41s zNJaaNs|7>#zMD`Mgg(8Dz_j+^phXV{;}E`$DcOfB>19*)>ES4SDUvBnaj*kTLq;^Zl81>r@zcYhL7*#I>h#hT6AP%@ zl#ypvDOh(>QT#$){hx&Y`t|Gi5&|F1z@rjT!1Oc$MGuVtjYQ}f5+?*xVk#+S6(<7F z%+ez%3(&HuDN8fNh*gAON*vkY>k53lp2D^&LWzL?>G<1XAYYOK3N?mG7U*aUNtT{j zEt9|g1q;1^0!i>;2myy(LoeJQd>d0j5~d%25Tl}~J#9ekEaCHCIDd{8{~1$1G3!nB z6QUYJLT6(@z=4oaZ5YWwGpke~Bur1Xni3OX2<=0J8S1)%LE(ZU8Z@)g^-X{&Y+|sO zebpkC6`lxaEMOmDXc~MPLz;p|5u0M-(RWs~f=5@bA+Tv|xsgL_NRK=+M5|d8piT|5^A89P*-(ln4?R2$mzhh5{Bv@|BkO^fZBH35M2%rszRQ zsG<&mFfuTiQj-fCjJz-faf;#ZuYavIwIqUK&~mFtR0Fo0U_xuVQ3=fY&!2zv`E$JW ze_?|LL5&(U;)a(aLni{&KuxGJbbQznv2`Ot7bL4i!9h!rO0tA%5fwF^P0$F)zKT+Q zp|QiPm{vfR6(qCr1p(g{Iy6QwEARBuLJU69(#x!R@g>HTY)TSEn#3TGq{%x1aO4yL z_@e2dnL-R-HdL4l<;C_eiPI`#Q}PHvYgX3eT~5W3Q}}-s{(PT_Z!+=uSjD3(L=)%H z_`{?f1Ak?0?Wizd`Znxigskb|BMc2;F@d8g`QkX!D>(#CG5pC$=__}Oo4`35f5e1| z@Uf_h&rpi8DM>gqNkSk=^Vh%K)PDS_iofdop%jk`|IJ&r7M}a4>2M)>4hRxZaZ~6l zEwh-`{*fd@`z8~Th_OB3=rYS2Gg47N^a2G77-y*cgA7_U4eenhN2sVN272V_nMH*u zxqv1@Szt;kOo>T6a)%hR@YP!ac{oHRYYeS5*_1l7Gzr5O6G`jNI>H*W^!gklgv3yn zq9Q>C0wz6t2qb0gZ;n6F3L>Ia78*h;M+BIH3CF_1kXiWZErBqJ+j^5C%wi2KDbh2A zWqLs;Q;Gp50?b0HBw0X(m4e{F2^cX=#!io?Y0xvYoa=9fQXqa}*q~b|U zO-f45_L>iyC|ROHOipDJMW$>c66uOBvoOh5ewmewR4@pK7?_14d1$$?W^KT5nDs@Y zg!oGl`>6jG{@I5&&6&T6FJ~Zp!uVsKXlbNC(~usUFtzA}LCeid%gpq63kqL9F$*#h zfR-X!G=iZ=#TS1#$iOrbZiCixGZLSk29uO!kdUklVhr*1XXBr|W!a*2hZHUSZ{bh+ zHlsfTe*vylQ2KHKU&tK0{!tXLzfu3WTfdsW?$9sqUm&d7wpri>Uoig>_5Z8*XCx-3 zq@?o;6Q(k~am(i}+3zt`M~*Z>zPu!arcw@~>9!H9x=uv)K7_ zZ2XfpFI}|uAc|TexA$)Ta_;*0!UsQaWcDA8zwq=u@!*h`AU$dPk2wE9%p3=5EQZcj zxX|?MNf8JLS%M$}XeVp;htD^?w*B=tU4MQ1_N`-^4%n7$E)|kQ3qlbitDqTbh1A)|X;F%5P*Fm+fq)VyMM9U@?@N2KNFcH9@YuoW=?*4FK^Xocv zAmnRX^xd3USV>rr0KJ6qNHfW}uL<K zJ({xkW5l@hxgBw}j8oUS>BvI8O$QljK#)R%mT1gEOAHGNTLy(Zw1)JOv_o8=awPt_ z^M^Ny?KCaPD3zf89VcP^fM?dHVrR>Lnl*iUgAEwtzW6I0Y$8d|P(4E$!(-x~v+$|r z&7NP7UWEUqN&Vj6Xq?hWlO|d=u|}r9S^q_4iHyQPi-rY;YTSjcfBJ=u>E>vE4PzdvD1K@MgvLe`#=PzQF`*zgz#vsQotn8EXeWw;|PhAs89ezh~zh_Hy&0 z9X(}h;r>-%0-rv4<3J8N0;Uz=pR?(i7uP45zX^;mOmM^OpML%v`}{v){Ex5x3(tS@ z)#^~&Mevuj{!uiqW^A?bm=O@+!n8d`VbaTu3w^?St?zy3lAhC+-gjPwa8G)|&aHdH z!i`s;M~oGcI$Chx!_ldvMN%cf#1Ty|yi^Sg;iHHaJwsH2BQHENsPNB^!9)@n!*`8C z;0}2RdIf+Y1RS!H<>W2%-dKL`+%=Ea49?iGc@KZij9IMN^s$LLiaMm+@Uj;SzV5S2 zCXBtlHhhF>awfO$%EtOK5%hN zV&bm3!*1()$Kqih{<~qNsP?mGdPAZVDqgT-5o4(I>ERoXkx}L^9lGzS$cq3$-Axdw z-^U+oG_0Y55weg+B_(D->ZZ}3tn2jbtCv*?PK%54l)|TX`K#R)*B#P7wg&1pch{H+ zPXQ2#0@ILLt%!#7z@jt>0AXkd)X`!n%Oc>w#}Pvm8Dgp=_y;Dge*QBo{d?Jt)~(MB z#|Q)U_`(i79MKv^#$0e_pt%F9bMt4P=9|x&DmKJmN*#HkRWL+_BJFtaXK5Vgix=Ly zqTa(zt70uODm=(MB{2eU32=~^LdLoqhk4i31$_%b*HFc!l74##-`AQMvL-~ ztmE(s2d0eB^HEiczs*R1BZg&WMaVdr`qY0xFn>h);fbp|pS}L0A@@E%{Nl?d)Q>KV z0bT516GfV>|GeF^Ti*ZeTl1f<8CZxpG6-8q2&JIF2og?7@K4%2Z`?9-2%Hv}_S4pV zp<%p|3%|^{EF^&2`ohoXT5Iw`V7QidO_3l3d|&+W4#$NhxKbl0KFrhr9FQ^c5g0#r z{1+21DdkYI1>Wq;Y;%u`3j`o&*bL;L3ow7`Rzq^+kx;oy9Vdd_WQ1vQ>N+ZX#ClBp zOH}{Hy$}BQC3y9CWQtx0xPoSQV)&yjK!~4oW#o6ye_YEuD!BeV{Ew)A6bo;hWr7}k z94jR)8+M6I(I~f!?JM4KoVUi@UpYUC-;hhr$gftrX6XXsJMM>Row#jl)@;~k8?Y8q zu>bWwuYbLI!GNYsn>TMhY4Ojp6TfD9mliGHjF_{@q@B5Ae7`YEmrjd~js0Lt>Y;Bx z=o}l%tzT@X*VZSxXBiOZn;JqLvjnC~x~wr&U<#X_SxwOs6#{7Grp0sry=&W^pZ6!1 ztzJ3QNt`zD-ihCur=YZbi$*;1-rBtMogcn%AFrHRv>3W2)7iJ=m6yJDHjH_oS+h~w zvhs5h*1g=NMboBD?;pK@TYgvT-=n9mT=2%jMBC}LuXgWP)-N^|fsa-lz$uMj=m~?u zB?f+giZzBq53ux1K`^D@eevhlQ6nRRQnPZyOPzVgn9uKVwtuj6XF);c%89Qo-jj*q z-jyGMHZVRhV=L-Gd3#@dWW=JS(_s?BgoWFAW*X?QMGNp(;63ocvv+|op^lib)?1J` zeb9aHt~^KCmHfZ2W&*G}&p^rAu>XdZ*tFw3B@aI0=WnAZb*3TMF zdB=9{H|)8!Wkb!X9bED5ghhKHD6|c;$GPR-tml|HhjPrHQAV99Ei^G;gr<-bAptW> zkE8;Y0JA9Se4RFAjuR53@k?OHAA54v!r;{V->QTd3H8so3B^C}w(v4PgQ^gK8n0~^B1>dn5<-00pQVc*gGI;8-9<*KQDuX%ptHpF1=ihD#4s8B;^zw*!bmB z&6~43CNJHG!Q2BYhIVP;Zk9)9ZAikSXV<*JFV0vzYeb6{kAhM${7o3%1G7fnO;Qi^ zeP+-%PT>z@`kX(GQ#~puD=jOFpO47OrV_G${CqrFwQSk4@9PWVyyloS=;ymH{_+lf zHtHS%xWCWSPkrlz@bj$T4|DYWZ0*=i<2EL_*HqT-#Tkoc4r|e(-;bWapTC~W$%(+A z&vqbBBQScC(ea-@C=wEDO^*edFWL;X)(~=368w#oxtunM%l@y=*hl8CUjNO1 z0!KXj+0R*=tqE(U40?3!y`L|e@$wB52Cqy9ulQxR^d5uQhHpL$8rfs^9uIYvxOUc4 z6SJo*SajbxF(EY?4PW%#`t@J+51l%3=}tTb2L`ac6ov(z`xiJ26)-(R;sI-Dn$Xnh zGOW?OSHDYVb-TIcn3*egC8lP0VlI!3nfSyKLJA1jKjZni&0`y+?^*ih!d45`Z~AW8 zlV^wL*KXarXC0^318*+*=E?I*9e(@&`o#2^zj5R8E*US4Sg;4&oPzk-{~ox#-c!rw zj;k{5x%<1UeDL$7Q(tKHR{u3A?q6CV7$Q_u^xAa<15@eX`#116=UYHQZcetxla-zn zSNgjC7p(n!M{0gv^7jkU3OE_kzZ>+{Wv?&Xxbgd;ZEInNgp=0J9x^@mg)bL>Hoo_V zFLqn9$3vaFNEGB3gg3hLmG3rfS~B_3*{@9B?x}cLY?(;|mJ=uG&wOESZ0rRX0W{)K z%nS*Vrgeva1MJKqRt*23^7S8SU;CqB{hs+?@$NKpMXzu{n~pV{Dy@2r8hcZ{+|j=v88Q%zt`yO315D@ zYSMsampTFYW_xF)e!V`!Z1}`g<9dwv>CO4yu30s&&7NU*ytcJoxf?*imqA1 zMlIYIe0rOAd-8I*=ckL`yQfv7-HWFDoD<+2T0i#d-IKrEz}0Ebx0AoVv_ZwgD{tvB zvgzA%*R22M-Bt%4xp~5Vj@96R6$@XTnB4M%{S&I8{4*R+s4Lrvaz$V zZCmfnIp==&{u@;Hbk}s(^mIM-6nqk3p^@*sEc)_-`&r-K^rVu@mZ0aol4rXX=-MBA zVA%bao@bN+pl~z}Bl_jEI^raFv3S?t+Hu=qc2RAjxaqDiUOT+s+ZN04`WXr8BAcbA z1VEuh1w-?PMFQo9t;7Dp2lLq!{k6Dg(wR7a2R^w~ec;WOf4%m8RJRlD>2womd<9K5 z)8#T$7=y>4jLY#sqii82qJmAqrcp!N+4Bt4c6r|NvLLF;)n zcD7@bb!)=ufq`Uu^I6wa+*o&SxLl1-!V3WOlI0o zroqe2+m!}-+*8Fin(StYhDPiC8P!TK_g!Zm%{p?iDe@Xq?*G-n-7!2i6b^5`#g)%;S)>riLVR`lCib+@pP-Y|3daF4HXp1 zOT$vWr!;eXt`*(>r0wq>oM9MMbUTwHTz-7`MRgQt)oDL*w$)=ef{j$+?i$kMk+hY2 z_o%O5ANB(yd+vo~-T(t@N2}L7bfHF`!0Ay1+da5cqdXEblinC1Q_I}aKa}};bJ6N~ z=tfvi(SY?e#21NaGX(`%w^FwWjQ|izWHH6x=F;M{h9Ex;LkAtrb05iD#Upqj;~0qV zJA0k5by+nc76x%7uFA*2{53)$t49Xkt*cwQ-P`#MYHF&<-*mmR5hH>d>-SqDid{W8gR@@sc_jb?j$s3pqHjmMqq z0sfxO#(0O_K6k!#v$Il#G_M!$M;>VXg#C(5O2%+nn600_OWW3SVP>YCKfq}fEqU2+ z0_Fls8u$K;jEx~M_>=)WvJK~W^|CX|7x*&yll=`vU zpi;%G8`v-^VJyPKqYb=xVpw(Z2u!_Yu&(pmXyPPXf#UHaGH3ZD>J&`^G(c>S3hjWgW--yf<|shWC1|O3oj6 zmXT2by6!@&U9KDh$9DWS9gD!FdNHYKdEK39%=d2;%ahbF<=($rB-CKyHKz)L+t z<ebAvMC%F~Nn-g{Lj>RJTHS>@U4O4f?g_gEfzKht0Rn1?K* zGU?=sILgSf2$snf$$)cqb?z9-}1h$!ayz1>AAj_rX;QNH1=+IGP50I z&)MX}VS2y5mZ8<*t^FjeA}*Gxy2g?}*X6nzQy|bc@C?_eSR~Mae{?dtPIUwd>t(a`a^N zB0HlnsQ&ZWary$4&AFsT>o;2XpuJwhKzn4@=eny}Dd{WB3CsKEWzM<2B}Sr=0Bxa! zyI3vZHFJSQaHY8+t19VE9LQZ$`U2zW!_jCbljD|7dlt#EiTa=(akcn;EXiwVXed;g zBcHz0kHgTMUfyfU^v6v+{@hHz{I_>7YBk4-fM_|cKsA8ESY zuO(@^Tedd-yo*&gaHyzY|hL)`yd1oqAe|9;x){@nIr_Nc>_ z$cO#>Xf1v6@n%ayUxD+AtoFpMf8BsSTY$gaE{)f&(|LNJ{a)Yc%0l%!F4Qq+jfY1! z3;b>&sU2ACe=odUfsx|CJ#01Y802_5uSQ^Yes;ZdLt`vnB~Ha@bhJJv8Ij%XYIw`x^0a1M@D(OvOgVyL>Lqp^-5uG(UM1Q|6z1FnN)! zYiG*1tOuLyRA4VFV87K5ili&}Wp#g|M(9v>FWGZb1wy|l7R!7(t3w$k^zo&N7!X4z zV17Kghunu7hGeFy;+fjcj+N3Yvb$Nu_B$lC|Dqv01R+>@w)_D%K2fRP5Q+FZ^n8dO@jZ z4sF!cjog=8)<)e_ts7l(o4K(=gd84KTF+qD`TBNFl+9|h_jP})F%3)_=sgh`Jo`iay(u}QcvDT!JU?kf zaQqrq%R_7oX0l$*z&*L9onUMpLwDucBJi|#a2auggn=3Ch?$Il=uErZojGWvqf1?f zT%{2)%~gi&M)`v$)?=vO>w%t2EagqY+Dccd*;1`iJyL9vpTfQCS7hS(cgDAAg4WHI ze9NzZOF<{kKb%)=T!3l_5O#KTIPHPl>x-ekj1|_Thvi z*1>_k^Kua{6#_vo`P0+Hc>S}Aul{pUnPb#DB*ItPy^S}nqVl+^qwgqlncuv(^#wC=DK~V53bLEbY%3)i5!vWjWSkL{qh7&c3gVE3LI>%Q;WNZ8^eL!&e`D?2qcdu4PZLsa)^u$n+s z#r^)r^|Pqi#rxAH!*uVNYG5f!R{c(dPWzI@)(VF&O*@p?xxv%kFeErcuY zpVf0jS5Bm`ZFg!Ne?l6cMuPv)s;*jKOxP39Z-l*25XSx@4gN(U6WIIQcZO0m;{nV< zSXipj;qp0ax@Edo@g0t(4_cr8*9qu$5R~h_KJ4ZYrRm+t#4`Bfd0@sn-@x`%O9&k3 za3nd(NcXy>2t9eT;l0A;aSD4qabMzEFmTjv>@ws~kKcHq!(P4BG|nv-pO zoOn+3=4mv;Mb!D8lVaMfS~wnfqXtQ8{Rk$|^s7uVo$|w@s-QZl-tBq|JPgt64(twG z!D@90hv(I5%Mo#WmH+tFWqH#(K}$TT;`M`>fwYj%i-lssJ2{r2ou+E98Hw+6vBXrC zR3iSyLDKHVjcM`$A`}3SwVgam2#{v_Ky$O(z{xw3mR)mVjsf9@KprfnQp7{nLzUYW zaEfqRCa9UFOZ&K2cSZ6;;_{boUO=af_5A_NmqB23k&xHR%}#SOzpOrP{b@LzaE!$C zBj+JFNID`SA`DICKBpXRO|RE#C^|Y%%#Tj6WCL zO27-nYGXb$ckaXXxazR;o_3MDMxuGtpAV5(JS4VXQ1Ehu$W_f|)o=@>dP{qoVupG!ZxZX+tS&Xm0u`jAH*jv`7L} z91dHl%lXpe+y!Ma$$=`7N>Bs_K*9sVi{X>|s6wX$xZPPxxCspTf$3gUtINDwZ$)^* zymsj7ce#LA##_?HwzqyLoUgvK$XSvBpmzPF6F1_@#_`8i`^$0|Q@QZETh%GBcn4ng zWaHNIYGHkBaXj6Xm`5|kG7~#T44D~7;%9^zM&lTYgcj>)8ji^>HeNcmDRI;Gw<#2< z%TZ@Dy*jx%a6$XQJ~Zyq`5lJ`NB0$VsdwAsgjAz=GixRn@8n?7YJ1^yt$X;z>aPNk z{q_f!MDxXb^6y!P>Fc+%ldNeNM1~#T91`=;%uhpK&3U!T(_junh&&*f9$L;2PA(8ab6Ll*eNa-u1u`eA!Q-SciDGBbLa^M!rgp!% z_T(hmw_ss%0y6e;@%9wzFaM`AS8aE!lisr#V;%b5)Oggd9iv@@+KqQZac+Jy*gxN|>f<;{ zJJj%4C8R*$5Egr*fT_bt*}PEyO55n6cL@QHv7P#X%0>UB=r(< zECd8anIj?KEoK83!`o9t<40#>2LwUZ`R2rjlkjJ6+iw9nu7~X+uAUY$4$c#d@*51Q z!2VmZpV`V4S1$Dm%R1Vz9xsnLmuHKe>kh8l3)I|Pt-9UkFUTVd8miL|o`DmbIj?u3 z1Ra|*RQ>xJw5hZ25^yC05Hjc*Wj z#1TY&?J@pHNhFc8lOjn!L`}x4#3CD1(^u1tLG!#eCBV!0H}*rbvrhc;~ zsfZe7XA|Ggu#JL>dY{tB%vCt`6w9={n5z!T`afXqZj6Oy=I=caQDP} zeu2&Dev~0v_iMbnG||xZLHT95=k69I#`eN(f?mbary^phPb3&5#O;}BR}vJw9)*M} zj3wqh)^}&umY|lUp;Vi3W=syzh=Gr<3)VfX{>ZG{tp}gF1%c~ z1b&1>8+&YGN+vq)SYpMyxXm&pzv%@+Q7WbK&~bhNl!aZ8L4YPn5klbK(^M|qHn(73 z5(YL(Vit1R9!zYdQnPhm0eD1vzw*EF5EBz#6vF@y?=SXkY5wf&v}UW5$IVRn&ohGr zE%%Xx%xu(}N_?;$#JX>a!tcB}v4XSFU5P4o==V+wY;53xWQAk{N;E@xVH!Iaf1fx| z2^AHT%-!QF=m86Vl)_SZF51!=R2l9RmlkA&o!TJDz7{b8*+(Dqrb2 zv{$vXUJ(U%^-iE&Jd%Y4hBLFXy8%cLdCejd?MsM6j$p#!%Pyr2c?dp*<;k@zYoOx)fJ=!UKi!Z@)cIFj#7&0Ly zlms%9%-0^^1jG3@A^4)6w=7jO6eai>E)n^6|EfYg6A{UciPgjXez~{9vcyu+2@;dC zGxL*x4uR3BR^cZ5ax+eO`=^@FXta0j?|vod%wXG$#oxrswG_9{arpjof=SS7FD+~< zGmeN@7;Tr5(R`6iuF?I;oE66fDJCWf<+Z<`)E%I#R+*~6`$w>mn3)=EC0q0zO~i;c z6=t_4ax{F0Z);{|Y(`-krcPhL9Ju9v^(FOW{t-lGM4JpNBmbPrhz3KLEB1%WD?Zm|TUs&^><)I@RD>w20>^u@hvC~L^ zRVQ`t&h=JuU)kr;>;4%kg*JP`?0gYv)>#~uUx9EO!Q4tg1X(6w+=IK|+Xo4J`cj|~ zK$Tg!9#0q0Xf}g*vf5~t#c30s!UOI-7dixm0UkzkB_NhBAsR{;kiUa`MHdk-c^tl* zMUyK43H9UdEk?uEzS>0GpJ1}k))XB4<>J?`c#koQ>UO((ke|*{=G2%|Z+|+aCZ;f1 z&~e7V5;cg_DW6E7UA%6 z5K4w;tv8a8JMc?C{)#B|=jPf-^0R)XXe$eiQBlMWY2=qx>P- z20C+V42T($?$HGAM$VlHss;V4+o4<9Zm2=SD*T#t<|d2V6B+CbFVyn2Ih0|Nl99;# zdA%1WiNRI^tzb>6uJ*TG37{uTr%QR6tG4qg2cyFb~aOjfVF47uA5vdsVzT~b! z;r+Jmf#<`?T&*5&wqZhey|`UHnWs2-SW^HtXuo7l(T^Hv^x#=#Z%n2pe`&d33v$RL zLKpO1X1D-h*(_LlJP1>iR0kAn$#fcMRbq2TP*A7|vz+-_z#!i)MPlL(a1co_nO2RKmG!Rm1`Ay#BUhqlV4JZJ znM~w6Jmp;K!>N(=MFoZEErK2kEyAB!jDW>_?fbo5^4a;?Ck+139wIiJMLt&S?>(u= zL8XEDf+*Ehq9OV6v;G9&5&!;8d_;E3@q>mN-{L2i%pEl4k$7RjqICo}x_s^^r$W*2I`zlz;n-&tLG=v6sXrYT4gGsdG7#t2rAZH7Pu*N zcFgb2YbH;6XdxLNtK8iXLe$baaA}p*C*m-DF z0ni2LI7q`r|Grq%fYcw*L(EcWHQdT#i8SeQhF#wul1_Jhj?gw=YYEoC=wZqJZ(^YZ z|JHBrHDn`N&JdZnG(keYq$R=XuWvv&WU8O*=ld;FrC%y);y3o2*YyH=?T^6cH1GO3 z@eX<5tc%D9g6OZkrg@Z7tF0x`?jO2KX3w6N}6IQNlqm{LGv{ z{|EvUIpLzHE>CV~<|+mmDfQv`wj}x0vald*Uw34~O+z#R6d7gK@nO#dMiwbZvhQFm zKqz)VDU@{6fp!6{f@cXaTmw8B##>VVw%8u7@?@L3>Nn~i-sjfLBfwvawBJkmM$q{L zIZ;zWJOa+fle7%Wd_@&L69c+1rH;FS46$(~nCt_CO>VWG)jnSu!qC_ljbUhqjhyca z54l{a01ThUNc~18SBqOSp5tPc+@AGChb$6jnOo%`GPr>0Yl$~ur6W0GppBWG878aAV=pf zQ6w|ZK|y8~Kc^QZjIGje$AB<^V2`RT9SUBW76U&?JuWr_>v%l+*hhq$vmqL7&KEsKqSz{SA+H& z0P}@yR``F^1cGu20r>lht@AllVG5*f^UG=CAMymzF_0}3EhHD<4Eush%Rn>Zi-DcH zz2Dg#hy^6=Cm33((I`Y`4@xtMJ(acTkqGPh(fN<3e5jJtaFKDtNs$aXiyGDDm5UDoStg=W+PP!0F z=7pyw>a;f`=B%+;wTh9T`?k;_hQHz=0T7XL`QhJ@rqK)OfucxgU^p-fRiB41BO@dC zAIRQP!Xz|+EMn0^kq=ITcoMRvA=Rr)wb()$a1=~GD}0to)+m6vhw|#lDvh^?A*KO{ zT1Db3ZSIcv9IDiSWb`ldJv!6Uo!P-)A&G$pOFy2kVBvCd1z1W?E^U_2M<)C}C{0yb zWY-!7BE%*T^h-fMkYGsv%5p&I*VO*_bPn%wm4@QEyb(R8bRq+uM45l2P)6gRVI;V` z)Aw43Q~-0QuWW#Q0$pAbKG<^l5Q8wp)l5c~8V%BwyqdWUCoF=w+xU<4AbR3Mxf6n@ z5I&wD6cIicATE88B}$%VpkR#b+t!N?n`E7LB$5(_Kp5zs>@p|&m^-7ChS3-r=bL2b z7F-OXuSFsoMu!Kb#~8#Ogh+ike!LFb3=3hhhe#^k=w{G=1&`AkCMB4jrWD2ZLl4Yi znl+ey51EQ&99TbxUq+Jhzaj_e<;=4q<1q8UQi`ovt7weVLtYh!^3o%8Gv4+TCBELu z;5Ci%XHl)%D?meAL{w29Cg-U|JX3It1~B6dE1RfQp@FYt;a_+6$L{BT$J06e8!3$+ z=%%niz zA46e9b(~mD>ZHr}V+)MQCF;yiBS3?&v0{V^LnIRDA`g_qBH;O9#?j@Bi-*w>a6RDX z$$|{hM}OzhILwk-!!(+ui@<|nWK}SWiT5y@iv~vUC9c$8{h<$njnl8C06~!4I(2D| zAJ2;cuA1e^mqQ4VyOT@eDjZ@VdXq|q>YJa`BYCGMO6n=es-#1MdPe_>q0tikk(pZ{ zL>(%a%J7vbLii5-8v#H)fVFe?10V{aly)Ep=C?;>3M!?KsR)g#tYUmz=a&*wsc={v zc~=9={k>VgSnHR{eKIf0RHIgvsvy0T#UM7lMvhF2o&w#CNbrPx_tODcXc(LJr+j`* zA+)rL4yq_tU;!@cNu(%~Re5+200O(gtDs#>*dDuo&Xx+~f;pMVn7qOq1A`yTp4fQ% z=P;bS84F-sqx&OLf&dJ$Cw>Hx7JKnAn#O!NvHfpUJkwCPWa_C+b~!VJ6)ebFT<@&< z^+;Y~es*xscVLvrx@0F3t~WKtrFlB)FRp-e1`=p#%Q|T+oKQ>X!SAr_B_))RI6-cZ zz&AhAuk}_tB+JF}IW4msal~r&b9sU4?nJ{;aq$wN8X;ndB!AD)QDT^a|GaK?mV{&n zn3Dkz`6QHoIIQ!9VRlvWat_dOq2wCSFUU8CdSxK&2m%OThDLqpqUOPKfrH3!58r{< z$drV#ve8?xLd55;;Bkwewx7bz7l8@E)RcOH zCzqfM9=qk1zhObmo4D&(3IRH257=SSN#83_b#c?-`m-BlmMHay_;ExGDsQcO0+9(y zS9BzNK3eipa(K`%dThtbdhHt<=1ARJA+l)6ru>At!;$5Da~=`6#&E+`jp5X9{zkOX zNQkw+re!kLSe?*t;; z3kymC;4QdsV2l$#VJOJ-1i$>yKFnq^Y#3!1%;cC_ZmQAnbEelgwRs}63^7&8IIXUA zKxuzWi0MxtNpiZh>F}~LmaPbf=Kifm1nAF({2Ha_M{vO{JsB2;%*-tvc#Mgsv37Kr z$I$-%mC?c(!euRIv$BBhL_juGSD*;(LV&>)ACQp4L{E<D zFMxiZArjhwFMulPz4_SfI=KFXenGh*+mY;x>!S(kTTm3V*~-7;5(M*w z`1tP~`!kYX`Zjr5<}C z+<&EfA-;}LcEGSSTWvRi9{3+1|No=Hg{Cq&K4)kZ`&}N(4!)oM-vY$(>FEc(qpx)R z|5t&67Q_cuJHXZAGvf8X?cDLh4`?u%cwuq`?sM!YZvRiPj2`UkdMu|w_FQrD|B4Fr z0cEBQApgIPjFbNQaxLloPc=&LpkI-0-rjtZkr;G$T>4Q{Z(;wD`yfNU5v=`?q)!r* z`aczL3qyRw(J3Nx_h$a5=l>P^M7c3I`1-Osh`aGa0=1i8OQCb4%pzjG|F7Z{AOrT@ z6|ZK`o{26ut)3+IYya&7Jcd7PYk>;niIJ=kQJrXd;V!Fejspuw_6Y0#=~cNqQmi-8?u|;K%qW=Q1G{h)BDa-(`v8F z2U8;X&H7>soO_)k-K~}I*nN*W@5e1B@08i*uWRj>g&%jE8+sKHZbQpS*Syb)&xdaI zm1Oo^dA0CT>Dz77Hdnu6|1PvlTC4PLQhMOk)-E1AQ9yP4gX8eWz#{}7yde6iZZ$Wq z_Tbsw-{0#tsO~s1VtBJGiFS87aivc{MT?_juI%g=C=D^N|E_ z6{4)pnac@S&;8uV8qit0Kmf;c!@eIo=m`a?H|&2NZBpr?bj0qbU5F$c@pqXH=^1VF zKgF2wHhCFVQT63W>%2)Y$#1ZjDtAo0rA%kRu~CdXgw(Vdj7V>39u$u8((Oea$e8v@ ztpR(90*X*p9#(^66tWV?h#ay@u4mrnpxxaBwyR;%xTe94#Aas`@Ud}fIU$>0bSA>bVcLhNMz_`T3t^l8^{(MC z3*gay!hOEwoxh*dxvk$}yP0NZ!soQ$pYe{+Dpr%e%|El;^ENy>N7rhd&2l#2Yh$PH zy@HQPW!Nhw{1Wm7g}ibvoEI{!=l0F>(`}t(@mbm~IIr2V2^c)*nbvz2Bo?qqec$@BCknI>?T7o)S}`;9CUPZ{`vS{lwP zBm%u3tv6=qnsy4~)MfXyPfPPO;O}v(b1*>adEGd{#p3E3U)8-IkY!|1gkJ7`ZQ0-8 zGMzwwkV#SzBue}Ib}iEU@B=DJ<_iZw`l-UwZ2LWR?04NM zp>0Wax?K>|J!A8DT@G$CQm^NqmY8u*w*x!QP@f%4GRVRd^y_^RB=|5QjS8KK-mTa7 z)6#-iy#I!-5*WM~UX#g-Os0&vE#SWH?8PoI7*VxY{QFZlg0}H-HO=Ij(ZchY8;a6? z)V!W*1H~W1*!5;P`kUP^hX@=Wxafx#khD?eeKX|N`=Ni(uV&}{FvaQSLa_R{ro35O zt!y{*>2mKFop{B+;QL~ovT)WTBW_A6^Upq;``(g%NZKWv&QhH|^Ls{K-4nd`oN^y8 z?@K(V$$Ncys6}2eif**BN1|s}AaP`Cb91NZY@oK1ed0E2T-iOz6uiCaU6=u6tiSQW zr6Fryz^`3sa!SfCVI23=ESGT?Z zU~Pbpf*8qy5|U@Y2zaDFY9W|3H;U|S>K-?I_>&y_C;MSAQSFbNIrni6z*3aPd+Rju7w*~1gNg(u`X?{ znoZ2>MFyyA`(3jUnSZ^d1^0`8$w%fUsyDK`V*$Jao}(^A0(UK|9n!kH`dS_L(;Y0G zUrs;@B&<6Ev%$>nRr$(vCUENy&ydwg@tSEeHVycWN^|FIAl9pkqkR4h)5gN3$n!fS z>prA`<2zN{i-W{97O;~HIsT91i&)t|w4$q@W!9bw3g#1~2m)=_!?)Ld&nwMoSx^`X z=HZ**y{yjGK7=XdYI1^o>OX-4Y)09ii{}@gVcl3u(2fmmb=pU&=ATj83Er!3F}OdS z&ivAt2lxOq)L*2x$7|TI@O>ettPvl0$-DW~BD`1|%!Z zHedI)%^&Aw>c=hcAjdTkY)2ZwVcZt@2(^J(2?`So;S=9kIQDH9{%jy9=pvE zB*FS|kAo-AUCAEGeY6akFn>BOj;|d>I!Zpir1jNgXS>DKDR;Ktqs^^x8GNs=o#O@z zW)dXDhR1Gx6~jwuyzp7=j6D3GH(NDy8n&$(!~22!mA0J%8%86DUq%ZB4-W@l&CYU`~Rs{Ztz$SvK8ON4|)#`)elkq`{xPGWn=?b*nqZx+miusfkDJ z%~S5{hcn==qV@1Wkd;QQK(xQvaao@C>w=-8+*G5YWL5rwfl@q@-?iipQG}4Rp!*(w zQ>kC;5>_^#)AP}ZSAgg9wiRpBlQRx;Fv}I^ZwSLv_QFV=bd1I9X%-S>_uPGlljV~2 zY_->^Vf--Qb&ua3F$P=v{c&^+jN*(d&Xisem8Y+F{gC-+BzY*+kbBF0IBu#5L^S%sGlC426l zRLgv)r`aUCyK_C;0&n1#dAiQNm%Ts0M&9|`e?!=u#e5>`Yigcm87YwKfj0DBqQJJCJ(^M80aPwj!D=zy(j!_UaJq24r=ESNNI==Asi z+pDSqRm=r95#FlujKgU#>w98tw%>MN6(^3&1O!Dzf}*IXt85BnT1l;t4tVSBW2b)u zN2PY{##m>l>7R__X``3*&5&78BF(EQgW5GnP!%a1Ro)N=6C?!n$lh4C>GsXr0c5%r z?V$?dA!$9&Tz%Q-sM><|)mc$kN`gs&zz~C)kPsh}K^U}axiI{UZaTS1p%Z@m?+tRL z7-&`JJ!uY+KzZ^1$_5aHfc$JHI+QcwjR!#$0+Y(82Ia|3qSHox{@*zW3^gcd^g;3t zc|pYgTL%nSv(>UX37_RBiroJ$`9t{ffzblLUZ3NZX{}NIQ_p|eVJUaTY4radli!e` zB11!PQ$CaBYFeZHPo$6b&&k0J>;FUoh*E^~^>bz3iJBc&7|H!1z8g@!1;NV7x>Ghph;U+LJaCb0FL#heAptzWv zb9ag1u>8WBjjgdSSH+Gjl_8{EDxVhh#NpORjlD{Ht+=*!tHZ_W!Rg=Kfkye<&hFJ_ zrv}N~dQ%^=FJdd;6de?Ff5d*9U#MNokcczJPelj>2ziXJOS zdKU@R#D^gckU`zC=g!Q`Oreh+_H_oc_npUSDoF$CP{+E-4xGvq zkg1m1d^)w%tU1SP{_jw1;$Ay<7_5(ely}zLpJf4J%S< z$tJJeflT+KXa%ef_wFD@dRqi8NN_%-S{fd|0UnYE=+pQ&U<1TlnT@pn&x>)yGMM4d$4 zW}~2(8b%28ivw~(+wT?>6cmt2#s(wYy)~=6w9f<|pr~XCJlZ>{Q58$Lw8Qs^^7ap2 zo_71KGsW&}FCQF#|CNvO`bNr3r6I@%b9LD$xH;n0*M_`%xanp1D#%VW^_WKbca2l( zfbBC1%1OVZ>$Ucnwx)7ycH&qzM3e^LDl5x{eYpu0wb4556WRp9lwh%0>*v~3NqTXp zFCC(#b$*@}waL&{NP8;ukMMSu$>+LLW~=-&8-D#Q>*X}8y+DZnpzBfcp2$#yUtagy zc5yBO?rW}EHtwL`UEh_HB0VSPpM4)^Z@^FI3M26oz7HiCuz4)$61@CT7M_SOICyvn zBrE~~pOe`F-_JMx8V#lfBgi|L0Gy(%VPO8qnawaPtr%@;Jee58fnRW!YPgCBVR)8P z_@77)C|s|oKd?g>C8%KXJqo~1ae~5@epKY7Vk2?#SD99aip#<&C++9gilcW(w#<( z1KkURvm(qMu%JRA3D($mKblvv2XNg3&PQJI9^G`Xs2lREe$6*2i%LNbe5WkEh&EMT z|7L-yEGwa;RV$P#;M`DQ1xt)NkiAe(PfB{S=l6VY2Y&f@dj8aOy!r zV{?L8Rgj`4VGM?+Du#or<3OD5x!qqVQ-l(v0)4yL6{Vso zgBBemmrkvYf&Ph>%hp=*4nGBhBORVYKjwHZfa<7)pOivJ4*=n-6`A)Mcc|1vnMdx4 z4;CsSKW#Rb#TFKu3G@$hA}!`1iG3(g5QAQ~u^^7N9wSAy8E?LAnw!Dfi2mV?`Wkpr zl~ll4Tt#D1SR^pfYV~Zg#E{yM$@IJV#-!$Sfxg4gtV8tMi3$tbHipXkU!&B@MhxKlr(`QMv$JZ}raam3%kl9Mrksc5>MM7zJ-s6j$oi9dwhw=)IZB z-MP6r?`%|u*Y|z`S4*o5IJ}^_tg!^FV@Qd66%vMpMAq33q$c}%TFP?c{PB4QJ6T-u zNo*GlM;iDC-W%jpp?IpQj$*;Hp$-Wq&XhQ=*=4sakn-{pJdVzw4e2{>aeC(aa{_(KJvYAfu z=TDR75he*TZNxjcmYghcbf+*3I({K9xFOt-5M;*}CmQB{cRqR%LI*NncunR#OMH|j zfln6I1!Dn5M#$rq3BQIV7Fza5R09{=LK+x!U8@R&R|`EYqFVxJxF*a;*JZvsXvF+;^dclTTUsOveZ2-?W4JCI&_L2EYLA=6$|jb_wwQ&P#PUw#l#y$uim~= zQqc71e;-r=Tce_*on2gNl#4w=NpSk+2M?((@C~B^}>u1({pv; zu|>x_?NK9~A&^4swG<==p>LJmyI9N^3Tft4j7F%y8|?^lK;wu7&%$`b(GKGZjcSUV zp%e%j_AhrdK{Q{J6eAkSlNTeP5TbZB82uz6Z6O;V?M-B8eEic*i4x@_1f zr)Vbemh?$YqE#-&kJ-Nc6B!CA$?eWFQDfxHzrb0zoFrU-5@SqO+qXovf_v`t&+9 z%R=J8c)hYaa8J8>zgMuyacC+g$p)c)3zSr6{wh~narCNPFo-v|!499K$BfXMu`^Hx zokoX*@UsU3_ItXlf#R;5%_*laFw#N^m}bJ9x?K~}TjBh(WvX|h5*csi3jkWs&wEop zX1$dKp5#$`C;|}|^H3ukknCmYGE^$)Z!|^Tsw7?;e~Uq9yge98$qqP{^fvu{;KmFe zVEXr_#Af&p!!Khu%TiL)=2Wlk_xzymK&Z3)jVwnXw1Kn>%=~Hyk=&(xIC7WX@5*ZC zkoXSgf2cXc2rWDqn6w*#+W8BQtSI{A5FfTgq``)qQoE{LloLYMhS-J~;jM6RSeun% z35Bqgv$-;^GKh*w`9wK&Ko)U;+2S5!sOfU_J;{^|K3p)v3A4Gf=eeibE+7u5KY`QW!IS>KhC?&wkqg8&^xeN%!r_K z4YzfyO{6dRUZav#19{ZKg%YBQ8(dR-`&H$BIvCn&(m5fd;;s4bkRKaXB3~o}_hKgGG^3=!ggH#{JN})p5SFM_ zk+k_w-_xKtu`&tpexG%-oR_6pRa(EL9bb#=-fh5yjM^q~=NJqF<8jR<^>n(;$#LAI zfn~{c&&*)jj+|qJ#i{HwkxC@ ztm70>6)>Zs==Sq|iG!Q1h=%|ul5aQ8_uE&O)?Uqzb#7~C;U)3n!OaT{b!k}qE9KF- zxorTNADvmd`2zg*IZZ70Z-hziC!ZXM#=aMD(s-2$v6o?0_bpBB?M2-L^?(5TD5SW6GE-=x(i;QcJ-_f#&-nBt%(}au z8BQ9q`O2(`zc7T#C8o1I&bC^Xdaq@eCYJNTZq9P^f%?ht`22BR1~?6wTmM+|n!JU8 zhh+3z@mGx+O!%m~T$7nzpDs*~p+*h^>Oo=Ra8a@?)|8(<5+@6O-enxoC;2sYYwXL@ ziiqjFX^o$@f>05G4V>i9bsA|cIf^Y;+y5GB5d{x+2v6#78aTZ@`|(P%FVZ>M5f&bW zrA&(i)3S5Cc8r=PsL?V!^YmYIwn$kYf0_OxA#RtVwLvwfUe-!3(gk_GsG=M5>p!qL zSZOiVb$#002ppWlNvLBrL+`9>a>nT}jq*9tuu^a!2+(cz(c={)vmi zWgY{jZtk<>h7Qa3+;U;iYnYs5-cuG@4FCUO@2!F&X}B(3pm7>+pmBG1*M`Ommqr_R zcXxMpY24ji8>eu0cXyq7zxV%VCeDdC=XNgUmJF>D-XZe%4xhPoW&&WyWd*3OV!~ z_cdcR_-8ZeH319ptxjk5{sJQ!d^GfYz-mjp7Mic0tc0^Qy(UM?-3M^zO_bcg8Z zZ{bEp&JK;Vc0aaIt@y1tP$M6n0&E*wEm!$RNJSTH(_;Vt z0(zRsTHaW?<(tVNXD3&<-m#k8C{m>q(oo5^KHtt40h)gI=is_A%bXTX)VFK z)a7to5D9^4JP&?1XLT8w&NvlMV~R!=cn;D{ZRrslV^=}$n>viFStnhn-0j5yY-iFVZ63QrR>WzNMOfkxpXfmTlFwdoRottI*tI~n|^ zB1}IAQmtiNuj6MTSz$3h@xxsrlNmGC%Mq~#ZYqy2tn`DA1lyO~>$}_)@LIm7->Lm1 zsK4v#OHCu^GhrjRTOXCXsQmT?XY<44OM_bA#+fbLO;Or@;zk5*GtTvq8Ee&$hz*dJ zz36`TKSzI0dG&k`+?&+#q7QtgTP-E+UGA-Pxyek%{&h?!I2e>kb_S705(!$_x$+k{ zK7x)G@Y6k@gW*^cefOGFSp|-dlgBEXUg_b2TeVB5gdtX;sVx7w>A|k?UNq~?vWnx) zGl6nMH!swAB*szck-tw57qs=~N*=5kV1*B2a?&laH-lpFe}D#mV#q>fPlV!DBlMod z$c*fMNWw}m#7nIrGzT#{*|Y1F9J7w_W^)i^hCwge860KvnQy?n4g2F_i_)VgtMCbL z5`EPbRvuVeWE;o^%Z#Puhk$uD-;t4Dm6mG6AXd%mk{RXq{Zh8j*%0z2hwR0TDug^JZ%f&*s4p8XEkxSTznqFR$*aLo z*v%rv)Hi&uQd;q0Xk!Y!phfHxlfZ`aStkQ{;#9|ubJUEoFze6U0=#+yGm~S;QA7AwpGDbIbT!qIi7C z&}4~T4dbO)wqJO4e1~B^s$IDv zZt+#YC{5-_utpNTvPY&@pU3u56J0`5@_9i;-)lY+j5qp3RawYi67LEb9jycs{7Gft zjS0uQNu-dNg<%=_S8p9g8CX!40QgZ@o7XExMbO=Sc^^(Z z`F23^IGvE$peBk#BoXzDUzLao)A|1c=KdjtW#~ebYV$ypm5_h`l0+eI@9z9u#)09+ zSLo@MCOz}!**dkW{1s=^HlCTqK+v`Tf>|s8nxm_vu&1IlRMksO0w9`)` zoh!JD@GEeF;r@kfu|ni~K(^O6|gO%iC>YTUn9C<76GS(Uih&#w9A8tYJ*v0*I8J|88e*m<*k zd%p(5LlMW>ks)(Fms|Vzz6e*dr?f12bt60#kaC5Sc^L~?%G}#4$GTVb?6E@ET&w;M z5+%#c{O7v%a1wAk`CnqDWnbQuZ-=FKJOb9dW#e7nV#pY@$d!W%Svq88KWisoDm@Z4 zUm}i7&zAj=@bLg0@^{oIeEiLNzVsDWpn3kdz}e~!Y8^Pnhmwd0r@%EGfC5KxjxO8G zYl}!S5&Z_++JBHR6)*Upposjn1jE)sG4NL_`s!TUOT1QxoT7uo7j6C0>ScAMa#A~$ zfabfsgl*@>B^sP=LS#l?N?wwuoC zLja91{-qqcS`^A+9{^vMHt^~2G(LvcT0ZnIVKx^Mx<;3y5uj*3)L4V&G;meY-$Tf& z1_ZC5v_q58>T1iaE8wbn1kaD?qI)CO70K0e4-v?`aQ^`fkv7Uk9i4{V;-|HA)wJ7> zCo0%{8o?!qw%6Ox)^Lz=pX9?gKmP4ePoKenpY3*{TBauLIsuW8%TOYfkM<#3A&lzd zL>YuYNiBkUA_TD+FQlkA)9!MKhK5#GH;Nzgl{!QVkwI@$`Y2WW&0wUTgLgMDMhG4rPrkkZ%*NZ>vXfpRBqL%hjAI1)EE3L-Q7# zhL1X4&r|+YiJh%6hYi`*n5-@uT8KXAuW$ad_;Lu^o9ZX@ z>vgvoj*dAZp+Sq8AkvJ^!yYT(*Q#K$4n!;V12njV-BvEUOOEek05?UU5x=H=HjCbD zANXx;C+B#fU_G8q_3iyZYBXbo&FWq=zaKfQtp)iI8mlQkta|;Jm@YVrlcgt-mb$+3 z;YlF5+`D_xy-j4iir06xPY8TOt4_+f+xL6SalLmQ`ir#pcmNBPMkBVi$XpS40&AHq zdi&jSVqU*_e6BRA-j{xFU`r@q-{L@f`U|;*sambm35v-3Jky`yYDUj{eSxr5>1hO4 zgVmzc)yaCYe%((Wz#)n^aHo@g{f2;sPd|^Bohu~Bqx)$PUKE|=eu`mD5%ER})1Fq# zz1M4UlPzcNAgSLZl%*te|06lueirV!i|+0eo@A09S?kfJbJt$Rr`L*5WFh2zdKm{I z{V(p9rn8!CI||RgqW1_awyu#5Yy+E6qbC<(4$6i)?H$qiTZCc_$quRHM2g~IeIFiC+sIzpJYsHY8k>pteQaX# zW3D0R(w|`5=s7CZ^X+N6w|5&?C3v2S((hm*^oW(pn+|;au_(_gfKTZiv4O|rgp=h zE}vB1$?VESQ|nY1z?$~#mUu|)s4QwFe|%0Zh+n_0ifg?G8L7tu_Z$erpSR$c2??P% zGiPkrG=R-%z8JIChMC=a7!bkYP?O7-sjSFZkO!pZ9k%_%Mv|eVakz{1a5x$=n=$8i ztPQ{I4dY}_UKXN`D#Nr8`E=(0lrE=usfZT%Lzv56m`bJs%UO;L-lUrK7ZG=%TDP0R ztrmaAo4}IO(iBpuxXW&Ie4LImSlYwZ*70*1{83Qaa!js`yLj_xSD7-3YQKwzzwOcn zxQ#nPrgJvZsIvn%O^3S(j{BulervvU|DED8Ji(KFaObI+2HlqyvMPbGS^j!G34<`< z_GsO3BRS+?z!NWRBQUjBCSiP$?BxqL8el<-^w^DzG-hdm*y54@$O1TB;NzV<|GVro zMsn^aBGTISHiHlUjy6F8?eH@ZkB)|b7Z-E!mCA9NoD1%~`kvdFim%#`2$mRz4_+3T zdpLNti65&&86$R1gpXr#Y7^(8g3=c?3~YSTX9|`ZH@kwz;9E*ecEKIvju(v% zbvR~S+aFW_xi2M5(UNrD&zsXP(dboh&x99*=RUK|=PRFaGcstW1KsoCLJ5<*US6Kw zpg3sIY_Leb5Ar(LD(LR5)MfP@Mg{8|s3^Z^-UUm{1=)7$o*vYPoeif_B+1b0ya1)#)OW3o$)QHpA>#){JO*$Ofzz#xgC?3(bSn%9-5xKgG9kT*n{ zoRwgX;4_MOcQ09f;6SyB^WYpXfus4u< z5gTyX=gKD7;?oDFXJM+oj3*>A02^qs(NL`m7A=B4d1|W)q2it4c+O@j8N{$Kjg+C z{j|R8+Dt3?WmVF1K`Hm?z|HysIKO*TKIsYNmwRnx(iXi!S6+PoEy8fjRQTf^nz`do zws;l7VGB~DCIAlYdycdVN6>GiB4_(Kco_M5olW;-o?uk!H$x+B{CO|fdYgSaCjiV6 z-9$m3VvEW-oNao8xh#qIvYV43t@#qy!)UY>&|KTvxW^~`ZZld^+vV%3_lpm7^#?Y~ zqL*b>Iabk9&}I6PkKP4Hh*5p>nAL`1a4BMqPR7ta6 z^0QJ?Qzqx*^&&xz2har8C=Uvut8mBr<8kaUrR&GY@c*P!eUhzbcHNsb&z zA|~~s;^AmrtPpZypI}GFn~o@&DJuET@*smgWr5qz^sVfo7y6KYkC#vptu4ZNV`A?M6X_ecz&tYN8Yl`j8 z=k`MZV{^(F$j1De>q}-`m-mYVO;@*JQp}Y6_>_b^IB_$D8zF*UE8dK=WOa7#JU``& zxr-jryxEHwer#+{2eZyBbns0(>wQTv2xtnfJS!m%-PB)o(|oM7fe5ykb*FjSzPuE4 zI#FJEAHL(U!8A>^!f~NFWJE9zpbH)UWi2Y9I`E)TX&m#qdnGSD!51nvKVPp)fX__2 z@4Un8p}JI~0q~doLrJ-u+(4}F(yhwcl9<{wej=6JlW8N|0|Z_^-yY&2!7MbeFf(6Y zU&qbCN67dktTtI?WZN75uvK+8pc-SE76IQb!Lv*UJ& z{)Bj1hCROv`200ASVY0)29hHfQo_4OCAJWc^0i7SSIKrP>q?L29w?s^3GCv+X60m zHNZJ;9*lvq73KoFzQrA;4{mupzk>?uqq}^C5Zlun(vi{*&$qwHtW;gDe50@qi+>7X zVkDu8{2qyha#CgZA9;YXR>J5b`C`v?@sSZSN;72=p`28v!vm!W3vw;pau)vuU(e&c zN(sGkE{*0^_iV0S5GJ~ks2VI7diA(;*wH@HB7b0Ngn6s%Z}E7-U@9~LKw&+}vaDS5 zkK~2~K#}{2)zJ(M2gEwM=)s*|^>hr^D7QJeLGJZjqZW@R@b>0L>Zg6h z9#J=cLB?a-bkWN%H@B0jNmcOOw~rMMi|BG$f_rH}+CvBHs*)6TS_FIer>WJ#^;{)n z7L()nPelG*#d6n{WJ<7FPbrzor$6DT;VhfkU|g;7i$C|rQ9h;0wak7M(x8rvC>_fby4wGNA+D0Kk5i7NH8zWb(w*>1_P1@Zf_8+;= z>#PO&<-o5iFGaEr=Wlzytq$C)mk$oV?Lh;k&wOA=C4hqbYnow0z`Cz$FHj8p?(Bd6 z)_u)-3Ba^UMdz}}T|PQbNpWVbq#TxsaJvK6di*U932GkRw|c+)%>j+a zMssJxu>Kkt5bk216utLtgHJgWgll9VG!D??6DYq4CT3j4$8wYh&&OwD7nv$wR%KPP%rEc+w?wR{S=XiprF*@VB`B4d>TEPpEsD3J;>`UR5p_dB|; zup9vDTI=k)=N4XA{o}X%7V=6z)^ZD49aR-)T#tWf9PA$B#r3jl+`W-fZBSB&U3aZC z-hFSj6nMKV*p>%uyYQN6+G<)uw6(Pbz#t2N?qr`I?|PaF?+JrvJrY&lQP#vD<`aB{ z`W@Fc3}{!R5lz`o>%19;!7}~J+^TPa-~u8`R6oH8P^2U!{bY^_F9!{6o6}KZkGFHr zZG#d!p(UW6f0L;R%Ton|zRx~brfT^5`g()x&p}s!o?((M>TSEYiVB7f1l>az`TEC)n0=q*e7AVG_~@vtT7_ty#} z(fRqWmE2U8ezToxqDe?g|FhWOYC9k;4Pp(wJ-WVLzcR%_#=5t)#YEu1_`anEMR+7l zF4lpR#$YQt#me#a8Y3c{U$z7h&Ql!Xihx)Bd}qDgW$Wa39BJfU*KX?*w942jHDYHX z$a5bwPq)qUY=67tbSg#g_GWLD2s&48^_ryy22L>{9is$#Kf4sdA~MhMDox#b&9U^0 z^{?#9f#t>VVx7SaXJ#D!DaaqMTK#{!mR+7CsU)J{+(s>qEy)kf6E?5cux%p3xm61?2UIEI!E zJgAfm_acLg(p&Qn(4m{AQW7tP-u1UI_+6l#>1*kzKEM-R<6Tnhmw6&j$4b$4__|-g zVw-}}vJ>AI){C&FRd(kn57@tb8l1dxqS1r+t`Hn7)y7C~Y9`)!aPt?0kZ*gcw^y(1iI@h_c(C^)Jda3U{JE*=sSmPJYv)W_V1 z$w$HYSzX1ExdUti~-FodcH2vPQ>xexFg?-f>GONqwLv;DGmw21T|NV0NfhfEz`FF; zO!0j+A<38hM$+$82`Ohhq^f;yg{P?Uvh_FML8<@Y=bOR4J6V~Yaa!KsYfX)f%W$Q9 z(qCBCvUv>})_rATcp2U|rZDrqtaA1(1w}Hv6C-*PvPZ^w#F~%M)8D4Mrm6O@(Q0^_XjX)k56_*uFq*IWI7>yoLyjr8QFJzwI83^$7v((zg)REo0bNPkv8=t*8j zd?jfq6MEl1He;@bYuVM_T3x<)(Tz0D5#p>b@(<1SM27%9aZyH?y{j64BRO7}!1UkL4rLm$~I{^BCRJ9T&1IL(6&Me~4~xYc9S*oKj5oxg1TMlBu?Ne`0MkR}ppC z)vqj@S0HD8D*|A!&BSi`I2bB@fZp+Zi}*(jdOG>%KG4(5%%5E7g=vOVvSjx zW9)bj_iJs)_R}$>|*k7D0*-fNLEnL55iVm;-czyA%E8taw@|^lbGJkx^n}w%g$4e@B*7IGz zt2G6i-y<-wSTr_ER^kfgDL28FalTbE0Me}uNk@8^5MApesRWhvKfit52r$?0cHL<^ zWxqW&#qKe_`O0xQ9F%&jYIu16Apl#l`7 zDFN?AbCT;OxMl!~<+Ldw*b9V4rzFb}0>-I5DHv~$t@8;Y_+mO&*hI~l` zp_N1)CP9m!UQnSx2NBC(pgW1Wks9MQ;L5}NXGpRFXj#XKEPl^|nT5+r3|piyZ(BkWcy-;$Xsm5PzHzShJZ7t7^r6(i$;2zEnF4HexdlqN=(k7^4N zs9yATw$6_I&NhR)=M+{ZEI!sGCw{K+GVTD@q2-MfXpa%PSHjF~v29}&89d`$h3vkX z5N<%n@%Kae#krw!SJFsxvK6O2Jo{c=L*UT_SUKS1Ue0s+wk2%*-*8QX*6*VI&V<$R zj_0hiYjSwL-U`gn12R)x!2HVKXKsSr@SihbQvArZBd=~&h58lw-U+$vk3)OoyR4Pt z%hEYNRF7;HK=cL9ypv#RtTd0zv3$4iSDTW{#(g@2j#*?No9aRQt3JeQJA6atsCiv>Logvnz!C%v$*ac3=7 zzd6_iVaVt48ZY|9=rlW67(nB6G}}1dUyT;}|7WQ=xTmaIhl)7lb)=753kk>F?`n zXl%ql1J-Vx?>Zce$0;ja{LSKZ0nH9m2u{_C%lx<+(>7i$ty%hy34?@o2?LgRcnl~b zvDYcn^&(waw^$We+zgvCM$r)o+T=Pljk=j-#tVgwtxTuI2P*gEOj1x7ruB7xnnw%$ z5GORJPc|hDO%Ddt{(#Vdp5Gp3$kwgkI`cO~Y9Z?@S}Bl`j7?7mN1S7HhbRLeKz#Y4 zr>Y=!=C|krimLh>f>*d&iaUc&u;kyMWL_nZJb zuCU1jO1X^=x7oQl$EjRl845glj$lgEWQ#9tFx?JhFr8IKk3UA|3BLV=kP;_)m=FZlkDy?o? zOCY>SB|0yF^6DFxk?z%-V$XGKOT3dB$stIUveh-1*<=4KkScX`7jZ1P>{FU~RwQXD zO@! zn*6Vw7<^Zgz{&q!Cg{E7MUqA?|wP%O+K^7E*tkl zZ36IfDebT47@(nV35+m#zD}Xy-ywTiYjVat*e0q<>^%PxExK82L3qzh77e{K%*@$6 za(W|Ip?fTiap=Zhtg^zE)tq%v`HpWPAjsy!fv3&(Wn2q3p2+wgJtdxo#HS9YeHoaa z!QOFgP=s9Kl`>F~onWs&A;of?W3{`I!4u=-VC}wFr+XZ9x>pS*t;`G&nGhi7>Hs$` zsfT7MeS=|Cy_1Fa(>|Psv!wV1Wh&SB#CWa45&Xl{!rtB>I=uzp`gmJ46&i{QF3mZ9 z#%(%;&NTp(da)V0%Qo1w6m+%&#wL3uzgtTVA6<`CYhkY!NQD0NaK8QeM0kjqr=nOW znOvk5`*yH!OPQBM2`lM_jh^1;isOA#uNe`Hg!pW>nS`+Fu?|`*C278*Nt&{4pvT-w zt+c4yx^tivQ-Y&DnLV>n*5s(2v^**6?-DvURTx6es+-j+%m=f=#19B=%F;v3pE{}- zEg57{iSZrCNm`RntVJ22?rK-8T22Z#hdU95kdg+=#^m1JIgueDq9IM-d_P_ANAI#g zCf?U@e?S!hOFI8{6KNS>t>XUdP59^_01)6F$(#p2RAx#PC`iM=42Kl3 z_nBaHDzqXCD_>2NxG+9Mr@I@^O+MzAc8!iN@y^X~BU-TFsGQ>Tm+iQa?uLGG`j()G zKAexv^(Vg4_d?3)UO&ZAvNZfaLU#s(Ua1N6eHq>M=Km81z0y=IKcHu=Hu!C6JTH%| zdNShrB=`MT0Kn3(@dM`Xnm{2!C}suZ;=)AwwQX+DFC$Gbue8AnSe%uu+~^Q5l&_rB z9~g`(-262~wAc2z3O78W>hdL7+6F6@0u?rt&fas*wNMjgX`^0-;vt#5A7q#$@;4t7 z?JZhANTbs!R8*=A=T+UW?_4BvXw|@z%Yq?`09j>E7gCwpzYwd*EN@a!ne0!NmkXol z&$opVqVIu~!-cRTG9um^9!G<7zt>dkugm6)Djxqf*=I@&Z**d9d`n^Y!QFWC6of1} zSI0;8D7!=-#+vW+%{`rjCczMJPDi460+@b=YV$g<;d8yJVA|hE%;>Tj!uxV4XUaKB zeP){%OnWYKl2nF@tgHti22v|oz9kn^eXw4RStQfOuey`k{T+EM$h|XH8BP{P9O5?b z#c?S_*hVGGU4wi=iNxsYjb(GdmKuKRhIko2H;H>a+4*|O#9|RfuJ+WSPHX1l$o|wT zw5#f#C*~uH7R+BXPV7^SYXf}Q9UljGUI~1>p2#=wSwDI>EW<3M0&+6>_o;ng>0hLF z54vp$h_qppS3OmwJA0wk?=0oV{WW&i&`O0p_DM5&cMuGb0yKRqU9`EsHLN4OVPyjp zxAvRbc5K@z9e<3hVdK0>(fBYUqKN;b`z;Gq)-RSgKUt8;{iMpB_b0J9BEkQd< z4E_I#oYGvCWt|CyAR$reB=!)yx?A^yX&#t>Tg?2ujTeq4iSH<}V_=}nV~H?SH54z~ zDn}oCWq1q05$g$r{3hl*5#$n`cq-7-n|QF@gHq*8ul|COEJbtCETsUjpdBm5w87gC z7<23!L>OLM#COQb$-bdRnkjbN2BmVpZ1Y_3k|+uE{*mJrxwBJ-FfKdkE@bj|#qQb!V0~=sq5f0vBUv_USg_a{1Mc9vUelYBhSWDUr*5)ufFbX1L0X9=1?ech0?Fnx zik1{8u>$K?>CIS-Iz7@oy+CHT7y7}BvRGtsjC&64L0)c9Yi9cW{}m2=9#2>cfg{VQ zq>vfeQdt_QbyWz#;_ja+#3|oD=~*0CA-{L$p1=`H{vy-e;S3ppW-O~y7vauUY&z=Y z)W%wVTPyJ*OvIIleb8ICjE;mnILh$dX$fSXL_MpblS2J>FaZl}&*@H2$a<&8BPjAe z#R|ua=gRdIXf^ET$pz2CA~l*rE_diL*f7T49>1rQA3ar=^G_abi)Z0*gTRXO_pCuY zX-iE@V|bes!#Hob5NM>#KMq8HN-HFI?R(R)#5DdWTmhghD{W?C7OvC6JDuIi)&Qg? zvJ28_*VasM59Pb2VYa3~m*E)KUuUb~d%f3B{F6nD=$~1iUNE&8#(DR)Cdg?}&)ARI z>m2l@Fb*JILlp&fJ4aMEQkhvEP=FxfQyUk%Jg+38wVSEWVe@!^^8 znb~ZkgL{}MP4}tPl@cZnZ}(8@l}?}ee+9@q`Ok)|BiKrZFfLw3oVW7}+b=X%*(XX< z6UKtbu{#(M%tH3oZhD+P7kC+lTGAQ~PevnoRyHiTuv5r-g-u zz2DkzAg^0y(0zquS4MsR=&RNgybT2a2ONhl*wS+J+;=^AAwL&rz0xR(vs zD}|C4(&{vfj4{4B<)H}y%&nSADR|wt$wRM>ACJc-q2~=<3!?wAaLujEOLw5l6vNn* zwx+C5e0hn}tUrKW3v+)avW*1rsvl?mV8jH!6<4qD8`5Dpy|&|(drEj~H+aXc^R`B& zfv4*v!W#(u*J!U2)#DPq_q5#VCZazjVH3MZ4j&brY?TuY(pS?C!CYJ4@L>08P(~CC z>=*hrSH2?_f>(n83pzygT7%2o1<086!sy5DHkj!J0#6VT}g|iz5oLqC^)PtyxC$1+(6fF6^ESB@h-Rc3~sO~DJW_(St zSk25qnLi8RD?qWEh^lNKKZIxIzK6_#KNz)|6#2XTji)vlK^X( z;+1H`Q8y`QK0Lav$9dRX{eR>t5UAFJ^E9D^k#0|3M}F@29||V^XXr<4&m!ejmI=t^ z3ayX$UqJ>hxZH&Du0sONXvi`yzmn9YCNBz^>`S%5bJ5!}7Qf3i?O#dLx&Oo-KniQk z+TtFR_jL8f!G7g<>5i`gCMk)_stN_u(zromNMg~Wo3P%9f7}Mz>^95T}-;% z@2ect%2IA9HA60{&cA6mIH@H+yeJs9>CmoH%KraxR1tHT)@GoN}^%P%^$7!#{>=^pdn#3� zGbJry(Bx?#2zO@gP8UaZuD2(KvAI2ueLg~B1YNISHR_iMXFQ%I!h6IhVs>F$h!}tkYX|=6`{0~zgqC*BGX;UmIwFI1q zyQYkXfpRUp20n)QD|ft%Zqow6^pw>CTra>MiviUYw_DX|%d@5r)W5tXY~Py&06%=V zi#Q*bl1{Or&wp)KIOz`^L%M0zrMqkElRWas#Wzu{L-TMK@*0^kp*^9()&#y)biAE) z_&?tsxY!@t?jBgF7h`^OzQ(pV&0?DB4I!QToGjrFgg2=E#KLVHuZTP&8I;;o$PdSo zO;Vx)p^GB%ma{_oKz7N>Jg1I!r}&1f-<9I@Uq9dO(yanpth(FvEIBn1U|cp6Lii#_ z{3JhOBDx95|2HT?e{%MFwaB3xy9*r7PF%xm7GWH#GLOV#oTe8ePFV-r(SFq9V#=N@ zcN{VhVzeAiy;`?xe0Tq)O8sGHKI6=D`$cfU*vQ!2)O=F2hKae{7j_@ER6pS14$Ect zSVTBBMfH8kKQB1!!no{{llKW4v)cn z{5D^2gU$!d_dvIhZn?m001QA@Y16o6SIVLIC2c(hG_(Kofs%V zDK^jw)3xLJKh6Gs^y-b>jLUI-!HC^3tcthh55T)2fjoGq_fId!v(8Q>zI2|810M*R zXK+Z!-CevEgIj|pg2Qu|-mmuZQ|vTQP}&{ufhf}+iTy6Ek9TWaf?GdDMTaMs&33hA zj}+K?JJ;9WqFuW1P%)g}31f0j0w#Yl^beuw^BA4H(5kIvj%fy8-6pIz4<9wjQW@0k z^pi?7GizHY@$M-1yQ|BI=={ZUvhOhA1p1OXSu3!-kOe-bned&sFBzDcRrd&{WO@BO zM(em`H|I5ZeN`E<=JUpLe^K8|x3t}kk{GsJ%yEh0alW290Z&x367G&BxU4 z9B^Xl6|-|GZ>0!sIH;|XIfvnv-49C=)o z1M47E|F}=%vaLI;F35`)Ia|>JpH;6!l4Y{{<&w!_lSka0jqr(eK0=Bet--JnahrUB zY$xl$NpV8L^O@KmnR8j4awf(B3A>`}OJ5K#H_A9-hMe(PM{I6Nhh-k6TmnZMuG4Ei_+wfn;h`~r8Pf#qgc#)>t$`_= ziuD_f{p9x#QvSF|^~47JBS?a1KwfTAfxuUI(!IVO)uyJVWI;J3;sQ4XEKTK*o3lR& zO4$xU$s~S+;X>I}(9&`NM`m?_G!+7*>mf*l@C4SqA~sR(QAFrSenQt5QUG)lN_%b| zNfDCk?QWEm?=!57Cp;}#k^ooecc)#>SHU761yY zueyThi}9rF@MJG;_23nxf5Rg2tFta?eq|{*{YJS1WmPv|XP(J?`nz+Gd7uHilT*qO z;`>52qTJZHj5{Gd4h|_RJdH+>Ym5QAnO?$_7;Cg(^zJp<<=HBH?N*C36F(X0)6}2X zML5e&o(UZGpeiZZvcUgFO$Bs1X-n>;^*xznbCO8j{`J3lG*O2*_jYaVml_;l7l zXb7)ZSj9qoS!t*+UN45)0T#6Q*?W3p%hgm-VNk~dinQl4#kD*A4T)sLQ01&a9F#dUBnH&yJ=PELYIRYiBk_DPqK&V|zc&xp)7q_m?27t{HJ;FxlVeZbm)bKwIpScL}QUOg} zX0si8shMpWwY+~ykb!O+g;}i^3EEbCM>At@m+lSzKROzifVJ6Tq#ZHV3vtPHp2Hacnhh;<4R{H?VrC#g zGurfvwbt2u@tAO_d_1%gDM*m|hL4X=tB;xkl#`Kx905sc<)zc4xER#IEEp8FH*<|k ziFm6>=aF=g%Vl&l(?;9bG~eK%p8Gg~I{aPFx(Vqx0npA2rR=QK0_Yti8Jg9qaSZ%A z6iE~F3(58*ca~rKj04!zc-jk8m$@SW9BLrBpS}MF7*2#C8VGGwyPk_BdEc?upk=yu zRs6`xd#<6Bke14GI+>rL75J$plbVv2m`we<{*QO32m)0`uJh=4LjxNZ88a6vx;tG2 zuBJ?}t6FSwvLy8a!w__>XVM1(5TJaJsCLZp#|~6$Q+)w9q0I2#g86(Q42zLVHnZt; zhi>AS5Ry4iIM=wBf;J?AdpwB0nZs{4v<`AGOir#$K)m#0P_kKgeKb6R3~AdMl^(9W zH&1#z^K1F4X8c-cIWtSU^E$>VU6JxK#-OVDlFDM8pP=-&KA3|PypU49JXv^i1K-2Z zLKjRsp)Ni=9DZO*P~&^$yt}5o#V-N?Cd9ZBB)Fq}cy1^UsKba&0DEFW%G#p~*^v+u zfZ%FZ6wslH`nP$K5(Uf3M9ZRM!}vG>$xNrF9e{lAd z0c|zSzX?Hty9ald2B*c{T?!?*J1tt=-QC@tVr_AE*HW}d@j`)?!cE`jdH+{F-t4E7 z?AbGxJ-a(IzsdV&XGkpoSGF77z<)BQ;mP9ch_hoX6IqfX|0JY~J0TqH@5_cG{j(nx zHvku=Xr;dhdq?}9oo3)By!%)j20HaWm(4ihOcm_bXlK&@jMoX@IHr)368(d>35N-V zTZq9l!Ftp`7IcjZ#>9lfL{agk%KmeMB~4*X4Sbbrpi1<=JIyXEz>(zsuTEuUVgGNZ z*;(=byHoFh+Z>#ivH#)a6~f8M37j3N@cDn3hjR;$))f}A6f&@3`UfC%R1R*`ejnAz z{;_GeBRpmZ9!(xKO`IM5U!wm$hwHx-Gtk0$ic%%||NGgJ28XKPuTcI^e&ML4{|}Wn zw^uqM<8Jk{s{d^K6AJ*cZr3jc@c!k4{;$@?q9kAZt2O_>TC)yk_*ZKRf3=p3A7=Hh z)*kU#%to)fzn$+SI>Vd-$uh0@Cz;*db`VQ*1zT|2Jim=&v-7Prl#iH*w`4x(7%%M{wtdQEdKtn zU{S=I+grGFKp2+)(*qnP3EykFcg<@4OJfS0C83}q!GBr6hSN0eUjIKoM*!aGjZ2~b zcYrl8jK0Fb8sqF=09>@cC>EyL&(;^hfEwlxKTkQ1Lqie43^>%GM0VndTS#S*(NFyO zpV-D*%(?UnkZ#u|S^|xMwwh&k>EiNW7I6eyoO$<+r>~QzU%K1BF$UuCO09~Bz+-2! zUUVOBys*^6LBj<9r$M2Z;6!_ymyG*_WH|q6muet0)oHPpsH{c6|Fod+D&Wo--=sgj zCi=g3EtbQ-fgd;~aY3p7(`FO-s6{)&H+?1F{d*U%fDDKFQ0pbFmW}v-T4A4^IEEho zYCV4Ne}}m*f)DdhL@z=6-(diMhe2Mom9+TpFg@^ZgnD!sz+uRt|7m2|$QYO^Fq(#0 z@x6I*7nerWLoX7(oGHeXu@bZ!pZ73WA-#eqF^CWT(XCmcYm$GgfCg@1prL7Yqnce} zVS>TxGLm0)baZwq%OmCgKminJi8Tc$(kw+m?)AW&DI#24Q*Oa8rGZW3MgQ%<{rVt7AvSDy)PLNzH}h)uKNFZlrWL#9!$6-0{$w!9(oh}3)r?ARaw$kG zGlZ}~enZ$%Lc1crST-?;Qf~0OVb%CyaFo|)9?r~fQQ=_B$33#ZuweIX*Da(=Pz~CP z!LU$M1dkp4n#snTZBjBaG^uYnndAm($VB*M+ZmNClyuxjnGYbI8Kjrh?hWV`U{h05 zR(}^CdfMH23n)HTWz1wH!ayKp#=KVz!C)fh+3s8526c{HnFK~9aTmg{l)UGI5Q=}O z*TKO7hhgh1qun07FyC9-a(-gWpqhwiQC76hL{bi&q2=^jqKJK)ypbmaDJbSI=@Ra- z3M3(7r;cGoC8hW6U&=;$?kLb0N+96`xa)^%Jie)8HD8CP?}!D zzDL(tw@4I${-fKU4lDH(4h02+tfWp}qkDuq%2s%VlRtn3)Fie1(c=Cnq2jDDafoc+ z0TSVb*Lrl6_l&b%EC%6{NXYjNx+)Mx4Uh0A0F5yn51H=IW^?D`fA03L6|(gjjJTT@BCB$1RyS1=Qj?NzkDpNF^Jp z5j%nXeXKc;UZfzGoeB9R-(ZPvN=-yEzXtb$SFfJ9y&B_#g^-X-XsS-~`Pt}A5&h@1 z7?;MhO*dSz$Tmw;oV0}{-?4UkTL`{tf{6_E#;-pXddOiqwT_*KyvYRE8)!SnA>5)9 zWG^0USPU{G58B5{%`uKi<($aX)@9i+OrFDFc<4nc1m3rdWD@s|FCO0F$Mt^n_bUk2 zltUj&F_RMBXXtFAg#kjcJ8JL-BGnF&*0hPtPBnex&oVmjV{lQ+0g_(vY$>LgO z|63D%s!)fG?Kf1jrtc>?d=^8LZbL&B>Uyk`YUDPA?}hQWA6!8Ooe`WgYnQ_F1W?0| zd6On`SX4~nMxp7r^i3}x?w~fvh3K=zQBPsIb%q*apV+7}fM*nl1;Kq;Ar5F|0Xin! z+HkmfVrtL6n{u1chcX~FnjeAPeJ%fW?})_!Fv5?!P!4TOk8P~DZhzsoLWM4z7rZx5 zL0yWXrxT3#InZ8>#36!|GpZ&-A{Qj{ifstd_1R>h!GX?xmGfvpHz99K)afX7`$wg+ zE@laym^GyRJ~esW&*RY+kct4f*Y0^srE6&Z#tIIR8k!2ZK7EUp@3`7PPy6zg`FJG? z?{r!l4_KMU>^~4UpiXJTd4vW=*(?U5Ogv4tTdZ*!hDKc5MVH)z>OZ=RP>0PZYC8Du zD`{%mRScYFW!1|KeO>mrp2yV8{Iax>Bcqz8#d|X(P@};2dL?85zhbmv0@Y2dGhz4Y zgNKYzF5UcD7$R0&WG_qZ5BxB=HQ|sC_oWNMR|J&Qtd3Lh@*eo{|-z~KtLc4 zFUQWHor?UdAR{RF*_A^`$p^86HUq^WEAzG!v_rjdNf{qryC%2wELF7l1egzW*+y+& zg0%X(0(1Lzes1E)NPE;h-Y^j+2`gFBl;(IL4Q0{mB zE6~RcoHcUnMKNpnz}ftpTSdZa$49spSizp5a;WXoov;*{Am+Mhw|twezM1g2Dcy-M4fK-QS?bnAG{cOr*;pjIfb*~IJ7w*VOPM*9}zCGOTq;*NG;b+MyOhS;0z`1uJsUO_L zqXZZ7Sk}ARlYK#$8PHl`-V3_ya_SECu$6kggaRUEdZhr^88=!uSQVFn1s}6%p$KHn z7AQ=v5V;#|94rN5&$7!&kenq--pp!1&S zyA<(NuM`bmUur#YI^-e^=ra%T{yFKRHl9;@-sb5d_1NYx_^FO1V9A zJW*1J90k6l5$!$DFAqVL=g+|33J$(EM-nkLA+R@*YWbp3ZRGkD+d-McSMLVN1p?pL z_1ct@-IKkaq__r*oWmg&m6J!(y|y8siVC(y<80Vqazbr?iqtkW3bCCHw(uqRvGD}gXYu%Vm4$o_}P!+NqZcO`-vwz{pZE>U{5&*gTT4Che? zpcB2zS7vWI4%uT3DLj?#TM(+7`;=(9yK%3OWd~kKynaU$92t>n0Vb~pDp=dC_$0DT z%sCB@XsL?wAhnaqC+CrUgv~LJcH-CQc*Vlv6T4kSGiC_vSad!H_31d)rvqH?tpS}9 zC*P|Sk2SGg(X6n=*AMIir*oqb{VEd^i;HP%p*yR?#6V3$QIyNTw+WLppsl-;rHQvc zLRiToa|DKf*hGO+W$c=QqqbvS`R{(>viPklvwZuC-GvPcuOFQndJ;l&tDaQGvoKxB zYn~j;mo%Vas|Af#C9hQbjb|fu!+h_~rzR#s0QyGJw$rlRCy0u;)D=eLyK*+YRG9Ke z3=;67c7{#Z04qfsonJc?Tlq<*MwirT-cP^Xk#@E-ZZ4GH$8Wjr&$@Oc;z<;v{PJPq zYm|7=h=h_|Zm5>l8%H8o1gI8iG8}gg)w>W%C`b6zD2xnTaLAR6grs;1^o(@lTSOG7Qw^kyoBR)zwds1(cy5AZe3b|O7!q!it z7o&5@h#JI~5FITUikvP<=QkZYeA-7baVGTiWcHT993hBjT(OTmdup=i@mO&hF$a>0 zE}n)+s_~{ET2%Y2=X$CCU0-4S(UDC@kC&ss2PXdMKOiHv?AJ;{6J0r-^ME@-`i#2UJ&>AJ~rKc_(L@l1Db%GIxKDeQ1DzE%Nic(|w# z^Fxp^i)~+HRSPK&#&y7xsnJ9`@VklX_k@O*8*MRwuXbxE>{()QmCk!jf%G3F>3ZWp zB(S8N@(_ak#w!5OcL!x~j~I-?eux&j7ejEAa-!l$-8wQXNqE#hA8^Vi9e5EIhX%mF zDv(!rDa%OTS8L+OlhZ%QioImNSU*`BHe(g|xcV#}p}AzZZ7p?rnFz0s!bXhj$?VSB7Ay795+5J zc{MU*g{hC3?P%ACD*v3YrI^npW8MHlw%t%^GiXGNN3fkqE=5#+wEA1UvJ(;3fhb_M zD3eE%Fvw~7-KTnb)l`zFV29{1u&a!EScuV-y217KPnpprbw6#9jveX)*3C0|IL?KBq8`B43WQi? z+Nj2W<({5(Q$(25ossPkbktOhPXoj5R~5t5^%b4Gvr{_2kokSr0b~^ z{MV#8_?|AOca?rGcxJIfdw&w==v(Nh7RguQZ=LMBHNs4kZ4$c?E(D3JW>ScJ)5Q*bLpMWi9U zhSZo-=2l0Z9jfJ}UQFT#12=Fwobq0fuVeu_hnKz{ZYb63C@961Abhqf_`h)4V; zL?)XpZ(FRA^jpIZEfZwnZ{kwt-;Ts8#GB@}3xRt+^NxCu$Ln0e>$e6T-JZ}u1w3|Sq+&nap^a+kS@lK^G`lX39Nqe4!qxM zwk9CgrsmX({gAyFF-L&emFH(0{P!b&bU!=u$BF8}&tb07#i3tAkV}IXOdFmlpZB>q z!FnY4%{Sk+Dt>>kA44d=`4j|E=9g{So|%iYZ1}3IXHf}M0>LoFI$kRPytej?gMhgI|B->4|I)XbKv+xw*;Bg=Cj} z{)Ol&_)b(hRJeRC@La!nh94VNtEoc`4exuYOl?ZTz!6F){DYE)0?H*ULHj5PJFyp# zsPT$bA4YYiloM#NCoY=34u$#ds;ONHL|lb-QSbzv{9IP|!~zImB$~0%=?=`p6V{$d zZV!zR7_nS2VPdqejrNiaCaS2$8^WYYX40)@@?Y97vp?T9!e_83{4{HUXC+j{qM#oV zAf*gW3c=ZPL@$EMkF1y7w=_LYI)_`@)qmb+SH!}B#-kmE5k6v)*qnz|LhTUI*Lb3l zR!ZRoj-a^m;e7%a-8+N>sC8)^ORRh`Fef!vG@iEbKZ_*8p-iE-Z=HaX8hm*d5|wfH zqe*nVh9~AtGG~oL`c+56$*HNSUVbQIk1tvYO5U`BMTKJ9cBke@LR-eb~lJO21K zrGLZo?o{7%dP@_YD~9sna(|Xc74#KrAZ;X`V&Dz9%M&4}JE4-`jbX-zQg^oas@WyD zH|)ocA0u((6}1X;nr4{bOH^!pb^srRy|@>iNPog$LxfDuDItyGjN~VhinJyfn$4?t zMNIrkVk)9uCt#~3yl_x-apM6GU4qX^VEg?t!S)&kEm>xA@_f6q2`0!yqY~jaJ^`BA zcm(D4@9XKerXH8u63U}O>0i1m1hN;}w|tb~rk1@$gn3&9T(iJ3YJ7R0({p3F_|rCo zMZEng8EfeMx~!aRe<=b6OauT!W3*K`bKOTEhm~Hcul584*!^yN+S)GU zJSR`qrLZEFy%fe*t|Zpa76yQ0eO1`&&l10DTqHVl-LkkL>msL1XVb0ieSx{eubTnG z!Vbs=uuG2sQ!caUkuuLZ^*(>e}I7N$)fsfn10JMU=lNev>*x z&5F3d>(J^7U+AvaJI7+)osR9;^RnHA`+Z(d3|Kd2k(rYqFMpe4mgA0swG5egGF&)) zgUHfYec2AX-*)T`?W^zm2_)Om?z0a54!T3CXjE@(6zqr5P#|61V0MR7xHWDwN8$=0 z+U=bJxdeh7Wmo_hUb_lZGB7F)3T|W>X6{A+X&_1<)Nd>KEc}sf1{&}<1a8o$5Q$I;4UVJ{T2WkN3jX*U%GD0I54*o0&_J5gfz!?Ow_r65 z5=I{pKiM+=@g+TMrGo*9!OfIP=R+V)rfBIvV&CA!S_{g%#1}h*xp;Dyp_X#nzGNEoJQLJV#~ZY7%Bp|^5NqX+^};5QNkaaIcn?hZ@Qj0p^<#^cSxf&1bh8}{|G z`9L8-amhl8TA@`*4EkaMfwgMeZ~ZQ)8j!XS>`UZJzz2CC1D8uEDUi8rJ6G0$!tqjEY2yXV;cH14jMYfbwf<*>u z!q8<*D{;p6Q<;&3yc;CouW5Sl#~6ta0;~uCM;j+Miu8_8$Vo4b89>5Yt^`aXiA@c# zD+ULWTI$@=qW_X0+TY=YUYDeVY>vLA$^IG$rQRz^Rq|B4Q>kvB?0UZj7d4u^)%V3O z9hsQ(<1r-(Hx6t0zsNZ{DI#2hrrb(ya{*=~d?aL<+?g~mz$6Yk*}Q2#&JGc2m;`8J zoT>}R1om2uxYCSTLhB$!l9Cn&{Xj8u;!HyLAn0c1^xBkx1~lKfT1h5L>I(5@8Pq^T z#zp824!x>OVn~(S?v7${hFQR$^+CYNVh&5;lSBvn&3? z+34Sm@nO^_tSy`z0{1_3f;P@f5?$F$@NhfcDOT)81|CI%G4T5$LOQEz#usEUV3LukOUjFW7!6zii=ZMSZU1ad?IyD)S!r!^hMZ4g3Qrn@XHEqBLd z5X_~Is!W^LVuzs3-6=OSrn(MZp~)=?$sA1qM_u;-)P2zpG}xZR_l{$Z2@D=ZV9N-U zc0mT-AbT$&(^5nw7Az^ir3Y~xPfD}buahj3mKf}W-He--RU%@50#OpjXQ-2zs1;InT_m+2992SOAfu_L?pp|u5rNyd_cA|O{V6bkzAs*KaAp5;|?}7 zOLZ$ctbj{LUtDz(|D~p#j3mn&^__l*C9co5kJiNccaK%4(hhqPKO^S%;PBmbA8!LlQas$jl#A@pHh5lvLsHfny^GN) z`mwhAsZDgLV?6h}#F>p}IL=agF6+!NscTm`c?Ftu4S6~;dzwyoJF%pd0^@QWiem<5 z@KR+Ps@sXiLrR&H-W)O80HRN6yMo0?BfrpqNZ$(Z!%iRRC346Cc0dA#cky!X1GUJ? z;Ci(Vs9HsO^R@8IbyCgsmFymeF~<>4u;vrNO~fQQmGkkFz?#hU3*6zbG#^7YHL5!G zEa-Y9pi_3^7PEPWWWMQr=e$=ir?m8}qnJe=H(+M^adA&$>%IPyL#LAzs|-KaWq58i zY@mzfiqQDAsSHIrKTI682GnbiiJf3b7$ph9lmWrRZlr8O5?hjN0Oq{k%#ns0Rw~c< z&c}m$!mc3L>WG4auQ7Yx)NQ03ths7+;%MUFH=7#jndcmle2B)=qQ2Z}JXe*XEtUkq zN7Do$?2}ov^QjgAU(au#d+>Su%8TgT)Y2J=If(z+P}QXUpxyZq7IU+QOz{S9M^0WT zcHP$&{;GPx{%(X-@!loVU?=6#Kb467?{J50$cUqPD_`hBwfMxpbZ}Hj)EM`O&^ao# z4>cLLrtw{uYkOb4v;E?q7v?lp&8N@M?5O;EGiI;x3Jn}lC0N@x0R4>8)2RC<_^$(X z`{QCDpz}xb>rizkvc^p1aDf0%B}NG`Ct8&2eL9(Y#tMs}b=&|coyMmImb{v-Hm4w# zj!Nd!lIoFHzyLOUkG~{6C&EekBNa`&v@8Q6sciM{;beaC^^-bGm!{8zLdw-+wu`Ns zY@=+K2~kel4=p7$LRm)$|kI*7|+7G@VFHBPSf{ zoVQ%3pcJbvYhEG{&dh_#6wW-O-w+%$+xt)n1iBrXH-NKR$qL~oS{K-P8zaD0=+nsE zoxLkeQc}9b%IlVje;`Uh@L7k6ISiSs7)~VL;2V2s-i2Gn-z^|wCy^igdvSCzzKBc8 zC#ojxlbk*@bTAsOfCVT0oam)NQ0vCG9k9(970K| zzLndz23{elBxzT;Upc5p0@T)nee8@QsZ9gj)&S`{n?0D{Fk))zocz`?!IJbPuC;;`r0r23<}z@x@q~DFmi{;jXLsP zuxWB1qm4Bh9TQ4`8M!kaKCcz0s@mcDK`nzcW_-Hzfap`}TUnD%XE{H@_y7w{_EJ&& z_tDL8>r?$}eMT94XhFw5DYfvU*OdYVd!D5BAJ0B1{#SKoX582jQ!cxXjMl|!8oD-x zH2?9Z55DQXv>f)qKNjmzvg+BIK2V{kG8fL~RPCjQ$O&F40G*@pjwM0Fjd041d-FEb zbC3n5n`sze@Wd|L-YQ*Fq!gcam_5tRz{3+{CQF-s{BLML?hM>}@A>LZl`d^c)7boe zCisPepU#AfL%5b4%S>Vp^IwaY73ZTCuMc{+iNwbLUgf~k9>Z(rIxB41_j>oMA+A~a z5c5G6i)JbjnawJEw3Wu+7yT()e!CXEhio&7-NASJh+EK=bf5iN7kuTvzWx6yz8m(J zq3bPLgZvW@OhxOD6zH} zSLt1zaZnjqjQ`K}2;v5%?$#WO*#hHl!8x;me=Q|QIApUo2sHD95%r3!5}Dn~J!MAh z_PM6wt({ecirjj7%C&Vvy%viE`(O5E`P8iw?T;{tt_uptdVTQ!By|a4Hx7pu$sGM8rD0Za*1Z;KlnW}2Wnf4K96F+Zq`)x ztVom!S6|>?^#Sr$w{rq-86}=y+lv|>Y$ay{C}v|GECdn82t;epuv1wQg%U9m!*Oa? z_7052c?Yku6{W>Pz^`iY$;eo7ri}+^Wo)+lm*Eo$dUpW1`1kFUHMbZ9PY7ppf-prb z8|GY1J}EMJT@XRNHur!$-7XMgQZR6*GVW54t6zzxKA%=5R);^(UNVvy>hcpxEq;D_ ztm#snfqc|!F6}bil7fbg&c?>p2NE1KWkD#kz^;BhEFLH1${r(;=_Zbl5ClT7K5(ne zh%HWp>qA^>2~J4(x;t^~CP1hai6q=P%j{chNVZ6F6=2vDqXJ=!Gt*uiDs8j9X$zlv zIv47;Pcx7KhWaFUa2)TMtYUy17e^`099{mykTDMGU$b!f8_fdv^Sl#2UqM8K|Jw25 zbXI{&C8~>Mj06HXwXTVW2qov|PrqlOk_qHNMMb@D=6~d%vUt@zkFK@l^Xom1=qqbo zqZULChRh#D@|@x5`L--Chu^#Wl;^_x8-YTWhCFEhiA>y6tgS=vV2JXX_)pZ>{@Khg znddTWPauQ%#51F%g+(kx$Zb58#p=TJdVkCd1YnMdiTQI_Tc*q<@9q9`bAWx)`*CW& zM5L`V612KK)91T~l^gBOX>nfB=Jt+@R`Wl9hqS+wP3ZY@k`s@F4!>k|^~XO4S@QCs z($ySq9kD;Rg~zS(ZH0_k^ka~UH`eFs{L(p&;b(fBuQwLaMlAI`?0h~KX_lILnKIhB z=f|iS1)pT#Z>0qIsCi=VcZ~5qA)d1K1zb>PyjFQfloN?5uO9&@Kn)2ciYZ(71w5vu zry~@c^y*1<{hHmy=Kqu>BIkb{L)z5Tw2Ft4>-# z9ODap8em$s(6nSAKUAr{3Fb>9ax2!XXB%}r>c6V4slP@xmq(di5_Ue+NMOU_^t)`& zN$8%|2i?o8$vg;T%QG@3_wPu1#C zVU|x{^}=8O`u1k%z3`j;w6KiWw5k}ZKR!z50kyx!bwgTsGTj)R&$z!jPmhfOgFip* zizIx$fxQ&0A*^04mtADX6>{dI23&kR%MMWI2D&{LUjL~lyFjF&?+LfaXSB?&;>k&a zn{XKvN>wHr4HL?xu*fY`yiS z-$3>YrSm1dA9*#F<3T`{7XJ>8i8vVnN<|-Ktp7&!#BoSz2?}0 zQ#e+wq~aUJU;pZCZBv99z|C|8lJc&bT}S{WW`;?iUZ$f~)c#MCP|T^ncx zaY4CJ!JE}zDY&iZ_=c9HNXs1o3276>#jlfch?2g1`eXdP0ZFLCz8Bf~q<13@8zP8< zkG~fOINof&jC5dZC{wKka|#>h>b-F?{=FyZS5M$(j=;cn=u+gUq&sBw0Ih<&gX#zi zpXJe@pMUul(!xLClPucl=Abh=mR#I_&HFu*>4{!CgG&KvvGh0_f8&Z4u{_KvW3C zbJ1lG$rWC2qDH^$S^~`to=sm{-XZ73a(h3@F!TB6w;x&!r|Y7;k1Mt)2jmtZs-IT( zIZN-<-45fv`ZMtK;8WLo?sxror^u3t-LqV7K7o1JQQxhQe#2_bq?kLZ84QscG>q z#c3&ZBO9`#m4>hIDGZJ{w$W-kuu)D6sh5S9J}A0v|9U3meVqyr>S?>h#_M-aQb78# ze>si6Mw@1+>%?i~QOMq%tFNY)k&&LEubk%lHfTpv-&g``Dwq&pMGgBZP>5v$67+xU z_|OUYlvty3LxNI9W)<7@e8&IlB&i;Hh8LSe~wLFv(n~R8gEckVD108hS}s9hT&4` z1KAsTojT(wUb4G}E-`a)MfeJs4T7C>+tS1KAd{F@_fB3x^f=hRDNQM;!{<&U1ZNEwLl0rN(nBe}V#L+gM)n3_d* zVN7=dM-R$1UJoZfTTC{UmFtxrbNExtC7V3Aq3=2j?DiLY6Q&_nc1x^V&%b-mm6hPqTig!fnLFLftthBNE*u%~8wQnJD)d>tUx+x_CboS;E<2 z#axZy-5fcLv@eK)_AA-?0~r#o3J`_dmzJy6v^q*y!#p;VGuE|XRSD>5>S&}iO9@|M*j0@N@V=u?#vfFI7b#r{CxlN>DaZ z=m00et#+J?`~WVC9R%N(n@4coRr(bw(=khuI2@=rn)6HNm-^+Z)U}B7z?P>*6V2{n zZ+_EF)EOS-e78)Id1cH%#npaj>(w>UfMaXhiu?tY*zZ_k2fwiAyW*#-%7agFygWze zUC~1VtGOQX3T-}m(Z3jS#NK-_UfbUm)+yzj8~gk3&=g?T?FCDtT*st*AXS#O@%y`N z0Q`a+!7HRWdrG8;U3!Y;`Wocp;oxlhe$QzSK0k)+Bw~?B1$Ig_>Jy3%T+;J5@wiJd z{S-W+HtW*`N6V#Bwaabd@%W4_uU|f>{OV<$XmNhs%#4cAu5~kNyFPe~zq?xBjtK1^+-Vd>|W-{qEs?`%^cdJh_yZh{~7Mk}=y zTvZ8eDvH)Ve*BY>Z)>{`t5WmLlaOQoZh=>C?mE^L@23919DGUD{V3?Z((`!-m`zGN8ya_5^s`%uu+&OOYZV_x!d|FAf0>~6D^)~)bw-|LoJ>bX%2Tx z)&hb%BF`{PxOT+QvP2Sgke-8yZTA_IEumYVDiWbDJc?rS0%C<=AIr`O8TKR!@%PsE%~EXVq#B9AQUM#Xwg6nn>AG zH#buoq4eT%e79S|AdnQh`{yy};Dyl(R-Bl(iw z%bNymiKcSZ>z4HEHqqNLX3tW9UvUZRjxNJb^!&dMPt=T$EnrFD#x_tUiYpSOqFyGMb;X zu0o1>i`kK-5LCUoGRd2$5I;b1R(E89r&><_0C!@dhgmCsuL5~%`L&&xAZ*ZtuSO;G zGuxuY`$H6TQ5ls+_tKvEseww;sV@dUX3f&`Wr&Yo;O1h>NaEeElWxW46^}>$)*< zUJfq8GsraLcAo?ld@S`c<_B2KleM8NspJ>R;IYCLZcb5Ny{*U}`A?Q%3Z$Ajf(%FL z^r$QKWrNw#thFRR2mQUhARnSqLY$5-Qp57liDZz4M`Zs9g$uagvj+khlPULn-^uG= zzgD^XDG@^F0S~qnYiGVja%0Tj$3AvY#u)zI!|u#Eh$Y(=$Ln5YbCvkv7jXm6J6O%T zYNcASNdb=03Iv%uv`i6&r(4g5U4?Kg8V@h`11>(QQzrZh6sCDowSm_O4?Oy3OI zej!eNQhsu86EzDis#>}pME?d=2$;dxTaB+Z)%E^uxWM*3%cYhuvT04-P$aI!O4bwl z*`hkC=35SsWG@+L!S~*%tu9)6}IHL|@+`E&eWf?`v>;BpV|8 z3G{G8r2osv{G|t{z4bwV%Caf8%fy-mH*vB_oS}oeyb~9VKY0l9k>P9HP~?+3APH9L z0dkn!Vuh_VJO7xOWq@dKiAujbnb>?}T3**2^`C3tVsL$yvtb_gaMv8Mf^H6$j880D z7YM9pW!$`+T(@!;8%)T=@6xCMMF$_|hUJC5BlUoqEd(XEWlWS)a|zZ2Pi-iZFO{R0 zS)Zi{^JU;|9N}%8tdl`3jGoG;nA>+TzMHC$8_1;gbXM(zYy`Tvjblw*_&S7x|MZ+= z<&v)&&b>d~2=ZnA=;O^8=jq-rseASl(M zV2_6Bet~-k0XwRP`u>LYFYVHhV^MQogrb*2Q5>~Bu{C*UF`OTjs7l)Zv@IuV$l}Q% zPdYf4@OHQi^BOP9RX;|GpFNJ=&LmXV3%)FC(op2vosO`3GuQL7|5siOt{ic`At|%K z@=#=@g`Gt9klVuoVZE$BZm~(L9^-cpR~sX;UL<%z$nes^VQbrF;U%4bfK@Hq6(rRo z+WeF>Pt#V_LB&JL5Kq(M>0@ZCK9^dz;)$?0)yH*R#ZorTV}K0g0OjUdXvg;q9Et{tcZhyZ-4pWwfEaKHit!XmJK3OX&mSg_RgnHB-{LF-^NI+3n2?-Yt*6@rR$J zZqhwS8;Hf3$Dk%C)7sC`pz`qqqiZ%r_U@1iI`oNp06{IYO18FKE(~f3?DJH(~c#<`?ma+j6Q*>HYZ5+Ii zF_JL?&Z}DJN8)fS<8e`R@*D1C)coqE;b9L$l%&bksb1?}m(3(r=bd27Rv~7D_5{A# z;a>;s%LpI}BN5lwdSTO{V_=($J}MRy!Ccb7zTU75!o^1m zGa)O?T=(m-AGp_S*3i6ILtpxi)2k;LS;d&|i+vk-QC??5q>41UibY={T86igq&P3C z9^Hi7nunrZJtZv~7%egUg;Z2^jA;qz@=Y2ZDR8J{gr$lmf+lxyosom z;bP#;XL!8P{MuoCUNx?SH0EZCxe2+BL#`YUwjD?($l4i86n+!^3d+#s+spQ4$qjF- z<9g2R1KyzII5&DIS{Fdo4jD9#ibx5i-R4D zD-upG8~VbLD-+I3=KMlqISOECVPDMK)In zfAq%GaTo1J-(Xf=KY+zZYcp!QRi+k9AWOehCyvlr9HLXK^TERjG!h68pgp}6lS=n_+5S`LkpS0AxxdLFN@9-Fa_VzTFIn5Xj|^HwZ6QBIn0zr43ho6tqSByW|54 zKRDaco`O#_5;n&(vkoN|+9-2UL^nf)NSiM?!{5-9J~kdl73{;F($j1P&{vLL|Kz8C zQWYB&mn_vMUz2(`LT)p2cjGs!g4gh%(GE%W$cKY0MS`-Yl8`A!tajT>8W zc7#zry{#3T*dX+AgG{JIl6T{)ks{xWYYd@vHO)iSw~Tfnl>xTgt2xH=IZb~%7w6jS z1Ge4$rp}+;{R>gyG&ntOt(-adacopNfN6Epi3Z_YT14Dkge`4LzG=8iZFueCuyJW~ zwh%$O67vB2^pU4P3ZMx!e^Us+utDl_gXRG?8dtl1gi3R>g}ID2JAU-{D&0A`AIBU) zC~xPR^iE_Kkw;G8Z$)-2Q_fJ=HROl9p#5%{&45W+*KXa{?@lKlR+t~mD~;;W$IUQ> z=2#ZshSsQVM_JR;fltWj9dx{*$Vx1O8FGGZ`^$~dA~4Cqi7y~)NY|DYJt{37dztJF z84G3?<9)aELc(j*cc$1!Ra9GHlLcCT&fO-aj4?`{30+R~ls?RH@3F#SKRVzVClC0M zot!lh(k3TO{VJldGTTU#^BEzh%(nW?A@jx$hhEuXn<`D07Ns^z_q}9BFLp(izYThJq_sYkP*+jUAG`TKWDKbn<0rGkrMhWwr{-dQKOeLJud zVP&ZHm_$bSdL(Efg=^x|k~l}$wgD<2=GAZA+H+*-Qd zaXUh#TwuwnnUzRUOwPZ!185U-dbq*qs4`Oucrw&7z`LBZFm^}?47gLb;N)sO6_asb zV!wMX^)>H$8n-76sBv7vE?;pI2L+l!R>#HVb=1*#I+)~^omy2BRy?W5X5UxxT>#xl zD@xU+4}d&$>6Rf4%g`P!RwNz~cOTL@lY*y(BI@Y+{^Bv}@j zKCV-7~8`#u=^^Sb-xcAo(Mn|cf) zAySs^sbC11`Jr;LL1`grwPr*ko_SfN_(KDRh_oFV({OSn;CjWBo`-o?M{uRABYCsY zZrmH!}*BKGT6gc3TuI3_Ptuv+!dV3*)EcFm+|-1=m56$ZtD5Y zAm?*F`zvId44D#vcFk%m<3Zhp_Y)Vx7s`02*IJa7U*~Kp@coy9LQO)gHH(;i`~JFj zkrvVp&81dd7+U7Mf``q-o*+|nerE;CvbLC6Vs%&F7-pMmHRT35K@Gv*L_`6K2LvBe z39m(LQDFm&jNS!ZCkruHGi^`C^aK@>piE6-MI16gPqN-?v{xR(;$af#tR=m}kEn(` z?ctpKa|*O?Ba<~m!uN8=gM&V?9x}bhWP8IB4<;jRedJqARMyJKXjbK&?YEPHuI*7+s zi|U0@7tE9MxsvrL$K)CwWnkysu4wPJ9MD2LHN67secgM?1k4+mAql#Rn^o`dy$a47 zd3}=wEepUbT%C16I@C-*jl`aka2AYk`}P*+ev8wsqo31GqODENs(}v=VU{-VI8X1tWAMy8_=@vluMH$NYR>~R^pUot@KUNJr{6h1VUA)#M%@%o)d0yLrwX+H)WIo;+sT;v7+G}J9mx@K-5%T zQ(tb6ZE8IANqOn!jvq4kV~jOb`*GFRhPRs zXICe0&LVQmrPC*L@6e(DxGM&=)LZkmW-^4~<1HPAU2)aKVWTe{3S=ufaf;|8`;Qxf zuhWIb_a8E3$bk4}V94CBxXCw89X)z8N`!_4;X~jwn7wDYwJ@gVn43H1ZC$n%C3+LBN zxuIVRgV##gprIQNHNl*|=Lp6xn}^y;N=k#8Hzk>sIlI%%@kw?MlT#Wao9anvBQ@9jJ%@C&UCa8W0c*8aA?67=hVScGyM>d*?CScv_m&_ zT-RDdeaF@<11Sf5GN^rg7|E`x@Pf0TFrO@-GmB~SKTBgJ=;6ev>K+kXhJ>DN6;^6) z1C79B9X)z9KR>^sf;~qxv}S~chPG_kGB!3A#lA71AMGLQ$_Vnqvlpa1%0${LgTl~{DJ9p{yfy1RqU7Z$L>chi> zNN)MDyvn%t@b)|eOGO!m5;-*LeJ=X&G2-Zgd3JuhIz4W9?+{06s4r-UNxG<`fn%qI zL`Fd({v5%XH25PB?!bWqZQ8Wy-Me>PLE=1VJerV|m4#Mx@7~@2CLB6kvV7IisMx4! zH+62=HXIiNZX^l!l0?)S>O5(nDh3@!z-vrx#EP#T5|V$cG<9F@@>NF&iS6780~xi4 zdV*Y9T3TjiW?Wp{*s)`qG-;yN)0Bny_;`TdzJ2@l?%j(>mo8mY0ud1!s8s{jlC%Tm zQfR`cDHp|9O)#%|QgL{};%x=H_g8dJz$Gh{m0>Q8Idi9v9IsFop6CL+W_ho&P4Aw8 zdsgH1$i6D=IZSmN-8u0s2Z>{@=-Gne0@iyLr!4<7`DAMPiLTBY=AzrilGL<=t2cF< zF*ZsA&R7hpH-<+U*C*Q`l^&1S+E`;>qTdlbLKOeu}(!WDPn zXi9ZCl*OD;OVKg-$Duyxjm=sI$|co?4&A#u+m8zhxZZ6xIWRm7@^4?0ing3X zkORU&v;F$@>(-4)XbBy$MTxAdCjRE>GhqMwg6?bf?LuENXD>>Z|gya*Xi3*yCbbh*8v?PG~R@>OqP<&9S3U?2X*7C z_nb4&_1USznH6$WzXYeTK4U`f&O26R98Ntxee{&P-xj6e#UVLF-=^=t(Dbd@ib$Q@ zvbJR5*06uaPNBl%Z+Subjuq)UctY!*V=w70t^3MXrTvBi7?hwc=ES+>_#y0bXg#=x z6Tk$;_G=TcE;lEm*wQabxy7g$#L#E*j3!%GuSw3^xpvu3g`c7GFxu4SeJ77KEnS(s zV`0`d0GK|i`(>9U8D%<9DCvpCV6d_{c5vgHLdd73^(}k#X})6bv9*hjwHtHY__j2y zNvLMhFTCsY36+bM?E(SKGell=$;8e~R=l`H{RoLRPFLla=njpwi?eAFLVCCBkE51` zB{$$hd3m}2-p}9NPRq$%oA-w&4vvrXdV8uOp%rM0dRl9wsHifeX^6>$Es&B;FJS3k1VMj7s$WVOmBvkk34Tl^GSnmv2=tXZ@Cqz2iVHES^8Idteywa5!EypWNR z0pBh#Fc9-|Bzcg!W&&Qvc+Nq8OJ&{*z zAKq@lmCLhc_7Bfq`0DJv{XTwrybG9B?0dW2sF#-Koa`S4)9f`+0KveA%?8{+#KMA^ z1(V5i@ZiDguDi}-Vc7)-+ue;0}njlue8{$Qcay=_ZZ3IzkY5Wc=FXja!won1S;^fq7ysYG(}~R*5Fk;#;0DB;oS%g~kyRgA zGylDZ=Px{f%(&6FU32H7WBSB0!t$+e-Iv_`$=fC*(9??K@1A?HYRpT@DWj;4Vs91Kn- zCnsY;%9Bq%sS@<+)$6z4enVNY-cr>`T_gF+e_h=CfoJMk%p<+Q5Qjl4X4x$jyOzDv z-14*=oe{ppu)19wPCP7!*Dct1s<{erfI|3FFf*KrV&j?ITNuR*^@MMXyN@hYMq^N@ zk>Ml7XxSl{N>E$Gr9rikyW|^#BBDINGo_+nMTaLjk|9Bja31ckr}qVKypS=pu1K!0 zdl6n$13BXP0M}sc!q)7)Cp763LMA=?-G`UO6{PK1`uV*dZh8E^@$G6aTR#e&4)__M zhlzFASZ|zwQ{J*Xrenab#%j~yYrs~W4R<3HV68vMRiu7;&2&5~Oqu!l#~qAE{+x0B zYpXxYn0x5v(QU!BV9gKfB4*9N^Osbz`r(WIxB9xbXLm7~{m{85(Rndg4crc9+_M={iQUc^u zjnyL}HzWQ|F8jf~)J_wB?T^LR+E3UooH0E724R@&jDmIVLofXI##cVDGr?%OO@}D} z|n>%{bq&@>KyXN-t@@jv|dgED3x=qHr?3i>88|$rzYGb_-xTNC}0?Gi} zBs#yvJUKdGS+5`!ESU|28!>y;yrdSmod?{uwS#rw;9nkiefXaDV(}L92of$6lPn$j z?$)u%hxO5Vl;4jEI1{M9O8>5bxTBFYxnt+`H7@&f2 z#F0N)bm-6l*N}$9ic%=+PZffu77f&-JT+|U$E#MoePz$zF1K)a45f z**7&;?EZJu@NW-P=I{J=#&AX!6?Nz9e_~~wOUU^7u^|urstoFv?0)mcD2zo%Ma}r{ zvJ^t#%(;f@6Fc6#YcS_{`*#PG?9&I{xurE0WVdfWao&zXBxd~n^2_-7<|C`cLZ6uN z+=Wv-ez8*;#l->Fjs|4Xr!ty{K%*>~-RDZ0m6EIUc2Y{LkUIZ3n9)I0N1mFl*5WRh zI}IyOA03%|R7AR-8Jv{{(FlUaf@&hf*Gj@l)b)UeNDR`@nKaZ^*TRC{MFT)71bSWh z3Yqio`H6IUcFwJdTB_h+BTjR-d~sDjjEvH7;|qTjbBfB{5BDAS?$V`iUdb}XJiY0J ziRa|+`0<``ERh!Y{xnT3Sv~g-o^<)^%UKFdg{U@5t+LU zM5?Va{%Y#=SDvx>f9a(6?AH>b^a_W-zL&p?nXgZ`rIsVbf+@6+pi^ldKlaL!@vk4a zxLsiVD&nQMs7z)mKV5SzYt~EoY5pIVW#ObH86l?>LfaN$g*e}X48;J-6hb_fRgkHRHmss!&yFh=2B24 zVCl3HFa*dl>)$?M z6MBo+p|l`%(*Uj}7aQf_w5$+smYZ zZ?~nTZTzOV)o4H4S2vYM^fxP+M{SL@Efmaqh-D)0ZS9<3&$b4!XDlMI5;zbp-^tZ$j^| z8qz*#cvtd6%F)sRJraBNCn?Q4a?hT^0f34gJr7neu%KC3MZt|XyTD-8*#IZN1QrRo zc7b39yiKDy7u4%y+z~YJbY4IBVVxE#q5^3Iqw|JLRM0zUU=6Wu9}5?>!ZT5Lac|5~ zCD_=T;E;q$<453n03lG7O=zM@33nL=6V!O$z)L~K5CSQa`7YJ*YJAgpE<*1%S|^1h7v?k(P|SJP z=SX=1qQLExfLt`<{jr%Ar)raYlE7|FkkL8`8&URpI_sk96k$BV7G+yF5u z>2zTxzG4*=oLeRpogkeaTzYZY%iliH-6|a#Gq9~^Ms-Q$k0oZTu*6+qV>ZT*;&sFF z$jHdz;$pCMvr1&?(xpfrKYqLm{&7l_LRmlL5hVU;!0ZY`a@3$l{zX3h@U<7`JWa0r zbZCs8)a(Yrr9HbKzqok)!p|-PW7+#NjTyIb%Hd)Kma0n&Jj!8+=<)D3#W`u4U!9)v z^Ea;%26DDHD#yp3c6EeWp-6MXsXIi6`VSG zs;so!v1giAUhP(d3Fs)u*i+^dnP?O6uez`>k5+W5%)w04)LNs!Gd@s>{-eY=NEGLo zb6aa^N>G!x?)^8u=O0|q#{DYXn2AE$kDW-iyzs)hBDZIinms_c^k){FC@NaN;Im7i zCGE}S_;fs1Uz5bk`V+D}ANPxM=sa@)UeLwE#*eRY*~#Nfdlt^%z6Kg}M*e4%u)U(* zf1#}tV+dKkaufC`Rnn{n^W>tvU*31Mu`iL zRZyUC;WxZQHh%Tt67urB zV`(=qNz-+P=>)LLQm>^^UBpt&3huxb#g=3s1_{&zrY7 zE8h^&qEl=KeBK&p7TRqR25p|5@cimjyzBOKPTJms#eh9SXbY0}{d(<#CS4cBVal@z zPN@_jFiMxdVk~^M$)8}_kRu7aCdLMft2n)szx|m9uHQ$8QI!N_@PR1#_|_*MoUyNx zr7H~il%JeGfA)yb$mV#Bc#CGug7o+B@}Mb6TQX~m6cOF39p3vC9UT!CB=voCf3;+@ zo|yO4h|q{=nj9G!DBYV}O`oGvzP?^B-LktJ_Yoid!Y>P`RI={*<<+sekeHa*n3$H) z&6_m|Hs1M_Z;x7O1bz%U34cIKKqVbJrQpWZN0F0111LIh6!IK17wmfQ@i+3>Glw?r znOdYeG!S{^lkX6+{)($u-uFw*mMWv=Wd4dr-g{>;x#stQ?E=6y0K=gMTS!3DAunZI zoXDk5<(75>|)iyg%AIXdE#tlEj;rvF{D5OI$40qD6~fBU}b5 zQ4)#p!Lzfo`}FDKU?gH^pn-5~qrq^4TWH#E(i1(Ndd2$W)ZQSW_;dSn(=LDR+8*za z2@k#c#Pt2IT+=gXb=J(TbloK9U<_!huxUE@gWq22HSMuWen!I0AAj}eoj2`QvK&9g zk{$QobiZ=`?6*H81mP-(eIk8LzyqUh9Q!rTcxJ(_PT_$AuX&s-c@^I$rE4>A5nvL4 z4Kngm2TLX9X0GWp9XYtaS`md?~B768Ia2 zs~oN5%(-ZKgZ{5q#*BG-qfMUrzYQ-BZ6zH`-M;jbe{J^9z2zgHXbYf|$_-evWPShY zJ4buo{m7Kg9PI#nY!Z=G==)#{lx_4a%QR@?JVhM6Yaq1S4Tm>3d-2v8cU=M?Q^K8Z zE-{35z2n(wmp^}9;=AOM2VZ$&dde%;^a@;^IkO9Cf_ZPe9>zI@#$UbnkBaLiJu>F! zXKBtQA7l@Y?|H{(zmumgzh%^GocPKQvIpTa5uQ0X^Q-3>-kB4G83|bzV5IB7=wLb? zpXwVrU;EY5&AYz%?`h9|ps*PI)Ss76A4Q+AB{@Jxuof8K2*DiWr5`1mukZQGzs9s! zwykd~ek0etR=m4X)?pKYiOwkEmhgKvq)u-r2@@tDzHHet zH3bo7adbO(?t~|YE#w%?(dLTy-=Kl&@{(#277>PhEA&OZL196@`hZefg2Ezv5K%T3 zVqlE8(}F7jM!Bl2tOhR{)(7I;YM_UT-|~xqB9MwElW!#F*Lf`^{f;Rdm5PkE-)B zY?}Dn_R>Egq&99ZW5FDHkdH36)1Cjn{=f0$)?06_eNN8NU`t6+5v~IRF@!}&P`k}S z-EJ-vu~e6oSL5E%-i7SGq@3&81-R0%{owP@KllHQCwJWa?zqRE#M6<{K;HsGuS#`H zgg2=kM_bvcqH5R|UDH;f=WN{ty(Q=n2A%oFoE)aASG+dolMiRsDlgu6Qa2ojO~G4p z;Fcj^5Yk}?JXM8U&~Rdu5(wu>N#{Hbh(!?&!R6laSTm*eg>VWRr<+t^ggX~&Xq_y$ zPPGOeEAyQwSMFW>)E?a}bLL!UwXJ{h$1JNIDDVN*MX&WU1Y&Hw_g(*4cQA`Ir?&tP z_N?GOce`eB0!gx(stP3C-sB9r2ATybwe`p{Ae?pb$4^X&b-J((XobaN5qojRuUasD z$>;lsbnAC-3~TN{IMAv3IkMr)tMr)6py8oU{-R_3G*tib)YL0p{(b+(ug0^iu@C={ zi^V7Atp7~EVHF`8|M%dyetln9dQ_IH|Cl{>+MMs#{PH{qN4>ERg)N1<=G@eil{1XF z>p#h-7)zgrtmSi|N%W^Q=9yim_@gnEVcJXIul@B!m9tMC4KfowrFNDd4KUDwYHWnk zARJ27?dC!OLlEvSEyA%hs2`!WXCF5y>(~Td-Vzch1qR@mMi(4Ff`g=xAl;e%g*0u` zu4T)1ZJIYdV^%(efwYhrl0$y9LYa?oQ;T~-oi&Tk^kISJu3fvpD=sdMKg;8|X3ZL; zur)>0f#U%P2THuq5~bYh7AZml-Zda?{qYSVkGlE3hpZ)^efRp@CA*$|U?6>)U(v=_ zyH9({di@)#Z||||vxo1(=RGGYYC}q%Zn$U6%IsCU=Zr8A z(}~oDixwGw_##is{kQ{I6kixw_f zM5LK7zTPV-l9cbfJ*NNHws9XW{HTX%=l$0_)aT>O{Z$`y_5P$$wD$SVm%TXov3YaH zR=zX#mZT9eC->bGsgdD<=U=6qFSrmK9E?r9VPRn~Q`~QEa7~2dkQuE&Tl^P3A|ljM zS`-!)8ECL!fE~M2pa5#G{b%t{P%<};b`=q+q!nUg!mSl=4#`K_)anHBhtj>sK@6hu*n3 z#8`9FW76w)&irD-Jp(T@kkTb@Jz?!J=h**dwIO8G&`XjMx{O-Mb><_>NvW+yK6~J| zpzhOVKX=W=&st|JK0J3q$1uX)WR}#cwG*lR#B&jQuG??vj-`twUB7a-43<#3;JGJc z>%;%g-c`Uyadh#yi-!aVkl+M@TX5Il#i6*B7Aer;6sSO3oC?;$SBe*};FMy)p%e{4 zgKHoGqQvj+`_H_)xjjh;6bWS~`OUp~HZyPJ?ac1ZUifta-!HAY#N+YtHd7}b`J`SQ zFUDV5WNgZg>!TawXSzB^f7o*L;(cx7a^1#{-}&{L$AgD{*uNAh!CA{1O~qwF`@5In zqdjEJnB^LWc_-HQuZU!=zU}YJ-LU1|a1YOJc)W4)SGrPj7fR>Ml`-g90 zy|A5zeKO3nxD%BA@>eWhY{%XcXLlKjR4kP(OB7WJ*Zh_HB;-eLXfJ-4ehW!!PN@sEI0Fg`RW5^0c3?B-ub zuM&N~-&3Q?&~iQI&fR+Pod%q=V%^EnbsC$QEFmkAj)TRay_P&8<(SvE2nu}cLR7^H ze2djKoV{}&?v%C?9ogBefu_C9rm2ksK9Gn~S6Nrq|7yGj`>G8r_TIL2em%0b~Mz z6j36rVBg9u@vQNH-t(HC__Uxx8oT>0+shD{47?#2<(%^T=SGxgQw#%)0)27(?RfPY(lf%@6^TgpK z&>Wbx6m@@NKuoiI{uLqpg~qC*bg3f6ixvD2R2+3lXT=rcFP##WY|mXT8o57`QE<{8`x>qxI$Gze*0lmmHcio4?^~>o&I~SZ})ss zx&634V>+P2>y0_0>%Ov99)3StKJjUx4hh$+1r6-`wQCO4>s!XRfS0Q^ zXX&=X{RcE@+jIQ>d42OHpZ~60UxU8!sE%|4&sv#CXKViXSK2)j^R;)|Kec-Sr|2^W z4ri+WUISli&31*~bmUt*altpF-#xtPtxV$fJrTUjC3 z2Jg>gKabk9{nGN$J7$Np8v0d_%{Vr2%$f~-R<`=X$XP3Ol0sKfQvAj_!?w&Zp~fuy z`|D=>9vGf3xqqzGCw)3i@7oBwr4-r>Uy{!)>3S+6?%4`6cF)AC{B>>rUDUp^Q|tBl zwoCoxMuMT-jGZ|F7i$0GkwqRg`gGj<6{pneJAcuv&g9LV@uQdbu=$o_GOflO3-?$x zWLA$U0i~ymKlEsPHH{@F&M<8l7__FZe-aTb7s(|qy87sH1Sf8&a-7C0kV0Cy}9u;GLKY5>>+LEx`~ zi_>p$!=qa_K54#;fKw##+Pb$lxdw|I(jZAboI;7CBvDScYP{Gxrs1{Hypjtq+fNFuKS>P#0 zb3IL5rK=WDEudOJwSa1Y3~B+~lH)76h=_;`T0pf}ss&UFs1{HypjzO$EI_VJi`Tj@ zU%vcY8dM?G0;&a63#b-QEs#Mi0M`Zwr^Nv!fbd!83|dUJSgHk73#b-QEudQ987%;( z2G<4$r^Vx1v9Ym%fr0=0^AFCnenveiyJ~^gY=O{!R{pT+5RS;Q4QY_Tj8_7}!^0zD zVsN5KIzzfe62impapn9yg>>qEv1}=)H_!j!_hV$1#C!XH{C3R^yEb~U*{a%93uFKb zz>yt2dK4eVfop?<)2v>-8mG5m?-D0|;zK#~&J$vK|4F_A1ptA+6@|0U#7j{GD`V6S zJcxm$no1x8R6Ju90q>K+>^SWct7#lSfK$+9`C?eQ)|Idf)lwjhuAi@>IUk^;BU zUZ&PF|6*>W1hq0?U?dEHk}fVT*|KHBG7g7)@)J*Rsxppo!v_K7^rQr6{sKn&Ho(eB zO~NP^U>O4dCt@|&S^!@qj){rEg$5b}_E#RX^Z0QDlDTs6qcJjmkgX4Zx()gX1uSLI zyZ%iTLbfg5i*CDhVBoFyJNlZh1C%Y%!^U48F|c;O9G+4ur{VU+6Wf38c_3DyU9zSJNV&0Q`kdQk z2Y%AJXnNQcJQ^2VBk7H1(KzFEyd2y_|Ee_<>N6^c&kNvmcuaE?)-u-)>_7R7n=9$sg9piwyZuD!}!p)qZ1v}Y(Yzd#QE;sxnt1x zoI18kaYsXOzv2P9fhqW0l`+`QG))nsq~_tSkzXD*=-ckO|3@A1v2tJE;)GUG-%u2tA*<~FPB@KC8d9KaKpYZ%#K1k zV)`6sax5#=w0VhaVs9`deBY*>ak*@4k~}ixz@CsON3lok=$W%v$r5?9h+Q#L z9nxQNTh1e^rs?(ddwn#FMJ`w|eb&|!Uks_n?^8ZJG_7>|ar$oG?CMwgHdW+TQ>c<Z^d$K(*_S5y5fXJxS``sS*-oHd-gZf>dM z)5E$BFTdd0xhL~Vq<&i1!@XY@YdNXq=#{e@#m#Emw@STS;b(B)&PKCM`ClV~&pEil zMhUPZZZLv&%VX?!$zdCRTv2t{*eo}X1fGen*0M<<4^DwdWXRsYTY1|wHjfLtdR`1N z<tp}-36S*E3=!)Pd&MDIxy(c z-+vvxm&yfPO3clm| zQm@hA8NT?CSj$CkoAJ56)P!5hMg-JuI&x|7&aVrxDAJJz$s!Y+zJG4rB%r>=*L)m4 z`0HA%k(_v9+0-j+$j}-^c`b%Tpsm_GT4Sa{LAHhKHCWs^P{`OSnj2K|w9cbH?|E?<0xRcy;aANA|kuUqW` z(8M|Q{!33q&iH&(?*;`zwtT-rtDSpnegD?AYQH;p_uffb?a!0fg_sLv4L#mCd4j&= z>_wA1*A969r$0w&FAP0;k1u(wG+WEP*0k}0oR>iX+AEUi?1pRmR$TFKo6k+7kG*~A z($Qab1k3)L5_$E^CFQs*$CRP@SH3N9fU+C5xB;vGd5KuxOoP@WdRPHa{?^ zXzw9Ix;MzOXYJg**PqyyQJ)fhJm`3=I1)WJF*;tyS0Fs-;`B9I^!aGWz@9DR&+J~X z`JA)>(M4>yx_imIYIf^Cuusp%^LeKef1JMXa9QW zVYJRSCs(8FFqDgJ%)5u(&cs;g{y$b}wSCLy3cq_#=U5Q){)UB%Pkh&+n)8jo4UBd7 z5G%;i5w(rcN?3%im(H#>9uUSvqOpz&XoX6%AT-`EW-+m(YE`!DsaG&l!I2 zUWzhP@lc{&5vhykJ9G6CZyegoN{wk%!VwEHl-99Um;Ra`MxVM7 zS;vbPUSH>@ferHWC146)QD-F`32`wR7L`bAY@=Fzy+N(ZWTHfJEMGg8FN&|Naz~Z5 za^p6J&u>49GqT$LB;Gj@h*le#(`l$A2H%c-CyywDLbIg4Spa%da>V)dXIR@o#huVQ zwPFbsyy0MlVoi$j6}uK|6OEIja=bl54fWzSuyIVGhd)J)R)ent(r8X2lU$VseqPlr z=G5{zN3^nFx(8QwGuCcs(<0sutU`Hde~T4rHmXl;(ckhGDqgmB(-af}cEZBhw@i&D zRehS&D8G36FOOrApdfqc`c>J?U8gE{s$^$bnMNI-N|Mt60m>xc)B=iRmt=*vaB{W+ z;6_`bh(w~Y;;9vkU*P#LR)nY4L}ic`ur;-k1Q-kwlTJX0gx<(ma0g02DvWJHrcPl^2}X1f6uy>Y3s_--8^4`hhG%HE=EhSNRwWWIE8Q0nal_hMxQ7gC$P-K zD`F?O<8V&ow&g)^3N|AKpW)G$9J=B0<8&7!-Rt$TCo!wi01d%0+`8lVKD&@SH{8P~gz{A}$|e`I{Ebg3_DI zf8duLWyW>L>tfVnBqfIZy=~*>V>h56XXRF1n^*VdZIXCy>n|bRbqa=W`~9%fhvPqX zzqonBZQtgl;^!{f1ahTLL*Ma@_~YAOE^w)~z1mdCs%6o)Pi)$-?!tZ0S-FNiTQw-b zyQ0XS=VdMkXRrzmt{(1q&4ckVC|Q#d@QwJ~K3On71MOb8LRt1lNLW&p0_I-B)dwK*RBBn^ zf9pe9SI%j=mNTjQcfYc91jrbG3|6k|sdzJkglqvTrASgBPQbPzD(0CiztBdbd?sF|~7kb1?A}hKm{}Lf(RU-hwCq2dO!E`IJQ$Vpcjh zCr~^*T?sf)N2;H_8=TxYoWZD&)FResQo?UV<|~;GCPQGFNLHeK|8D5@r~lY}NnivQ zCr0j_FnjZ{oPCCj9zFcMf_FC0ny@!YY!@a+-Z;K-`R^$;diHLM7ccZlPp%(XJ9p8! z4t)l8YvzCA*V&W4{l%wq-~QbiJ~+PN%!5Se(kCPqsMmMY*s=XPR1Vs`JS4(6Sa`vB zUQZ8JW6;47RSQkf8RuB0!&QjJc141P91Gh#Z_&!F2Tq4t40%n$!`qiHo;$E{&eFq$ z-|JP$)w&2t53U9?pT>oKY_$qj#^Pcl9zMKtjM2 znnqtBeWFwFNU7c`sU!h5OG*L>SczFBiCOtF3K-PzOcvnQ7ftm{QfVF#-KJ9emB9QzH`J62+B&-qZk`CtxwIxwd=q|+q z7N}YmLv?TPZA%W3(qIvAZtnl)jvqhimz^Qi+YP9g?eVdlSF_jdS-WV?OqsIsega|X z0YI3B!m6l*%5Khy3Xy6aA%_7e*O=rd{U!Gph# zs+haaN-g8hqhOs?xLs-_K{rJS>qfR6@#DHvmu}v>8T`vA(+}=D^V1H=e8;*=G2U>rP+3MIw8(nwmwuM78+jPP45?`QE<{XYBmA!d2e?{ouKq zx2~Q0XZzfd0gY##X3VGkxZa}J>#p3ndu;v0fKQL;yN|A&M+@;}xHlg7a3lyZW_jk8 ztq@~deqD1gI76MlGV*EccHSm;T{ro zJP%B+yhs9kY6M;dr+cnq6&PE#dgskY5qHmRpS=P1SzQ!#qdMp8r9S-d!xlA)#sBr& zkJHAT3`>#uBtE(xbm_w7f5K6msF(zaHvvwLczh(2r<*Cwe_3*Te4@DC(mJ`auzi7R zX8v!>p&P7xQSZ#y{pCT&t#dUl*|sc1fAKMS8FVqLfSi;VN-B{OHo9@%c|-sKmuD19 z4Eh|9ND>=jU?>2V%)k&2n1M&2B*CB(pvGhwGOvu4W+9{!lU~>%YlTML%2utld(FJS zwKKi)Ost+ud-eEMh#%ax>9!|}xpe~YmXkMXhbO)VtVYXygk?_t# z5eL!=cXu!RQ{Qh@0A36*cNy0P?|;u0e6nf#rRAe{%nE5W?CTzQ9I?dcRqOk#Z1aav zU9HqfiVTyI;y3>=eCrP;)aV6AzHX+SUBR5GC@aV!)A=JeZNJbmehWnAn&wrAeA&#n zhe`Gm%3Rxj_jqsVDFOXwbPZU6LBqG}4F2Em1+qamC0Lo9ZodCQ&gX5NIz(H|C?BtAY*%v&p_fNP$-<;R1@J85Cx<&}OE|J}gHS zSEJWBRczhw{OJW7HtlO)Ld)DanfnH$nVV{5R`y&FZv~qGZ$dbtB1y)SF)>imib_cTUmpJrQ6N2}p}byu>^!;GDJ4JMZgodU(PDhngpG`nA!lDYVeHhv|ldL9 z9vd7T3{IJH`FNQw3|uPpoSD*TQfvxKVNPEBqu`_=bI+x^Ub1*D{!4V2N%`(5OjW+i z?D!Uwa3jr?Z_{dfE!Fkp8Jq2xwRFedQ(8TKj9WO)o?e+8jI_)~PV_Gg%Ut#&o!LeV zPtcr%W81cETPJLq z#&%;h){}nUpWk}UpR?APy=Kq7XJ+sFx?dOBH(Bw4ez<4vD~FwF7&#Q0YEzU{znh%U zT#^JtDz)ODb_`COhhGu3XTiY;p`lzvWcpu%MN*reT;EIgn+gJv%5o zHe`~k2JUT;IbL4cx${&Vslho&M`gR&5+~sm* zG`VU_r>#{l7excKRXKj`3ELqtV+ZelvCobafYkBC^vw zmnrvDvhlD7aT}AtzLn3!3q@a5S(>%gO`$iwR91P4=9tAlBT`Kvc*xAk5M0_lqENKU zlZ>$?6^6oL7<`G^*LPg-^+@SVvXFLEkrxa&$f^BwcS6TuhGTS0)!ZX<2IA{ZFHghw zU5O!Qx~o_Vxhr^ueHjTZQ|Z1~)E{Z`^bU@?og#6bglX7)38PUH66IeCvA;_3iBB^O zma0m0X0m*NBGAQyhV6UgTAXKqj%>0INnAtTkf}@=!z0X0`|4s-!zJ55<$IE=*Ze^$ zyS+C_=??m0bK7|?^~R?L8YLoJY0Yi;Lh00H-O@fbDi2MhY@=?(0TrXTSHA%{4INtJgQ4< zxP{z$hP98&FEC7EtMlq7t%lwu12WtL%K7S)=E2vF@A6n|tMpm^J(6cvwIxZM--T-T z^0tO(dEen$$#Rgi`IuzalcF4Ad;A?=Ms=b&Cr$?C(Y^eH>E9G`Io4~wy*0f_Ti-S? zb~25y!3BUj$}9&To=XfwLKZuAp`#+H0)Dl9WA)TW7ldLZ{=VDd2yP+=MFx#0O99~2 z)Dqd8p#U_P0HW2Ej3{Vr`>*zALe>0jSXeo|Ka#9E_U@U4bDCDh{4Pe(5DK&GM-Dx? z-aHSVyVRTwvq^X?HZrJ%kCNfhh@6reo;jn;+*l9}sy8YI6ZBEGB5SnhqC5v39YQDP z9YtY;ZVSCdv-Cy!kU`dd`T{stfl!k_U#7qXxSavQePm+=_;&c||L; z)kmfxP9>qyKw%gb-0?KyFWf1-YTZ|os4PuJkP#EGA(9-gU^XI~;{Bzo4qM>#@%E~R zV`ZvE!Rc2a3o**+%1{Y?g3~!a0+Xmys!M&8KcL!J+)fB8l-kMJ5`&RXa4T5WL~jGL zVg}DGhD;heOAw@_{xW^ru-{9>D8K^u$sx>M&j|aoyuM{Q(fpeK{%(KYc{^~h9bfkL zIItQb?DIgmj_@r61LDMebV_KK5&Y5wS(3Tr(g%2LOM&ggu-eLEJ#0uEI3|(f3t8(*@du zrMrxz)&|{61!A2s35<_fxp}x<2KzBm46CPKSY={P!!0n5YUQwK1694>-NnWm*`|g5 zpeqH0vP2>0cA1dw;L$G{t9HG1Tcr+=norsbKdkf`E@TozETv0#oObbFPZ*noK{4eJ zjbBU9aT2c=iXv0PV7t3+=*O+b(47~i*U2S*oM_ymf+qv}-5{udgAn;7N$LS+r;9b| zTr3`@@j!Y25PlmnfG-1eR9{QB5Isn|GT;~Z|zRd5WS)ez1cthgf)MKL~hNr6w?6M~zvawO}a*M|fa`>~_XpeI7 z@zGgG7g_?tNP1Ay=yD3tF++G3$jG%!7wRRgMgk26`;FN_W-X&J(>MesUD5zNfI9S` zk_vjR!SPNtAcMnBgDeIPArZi$1_S`hQ=Rbua2UBPn6e7t5UIex1x-sZQ}Tos%9Pbm z2IhogDBX1d-DLd8;}mZpp|zO+BNcN8H`kCVKcSY&WUC)XO#q~-sgW(b-#eP{xqa?j zo!l<6naMQjG)ud(43Yb{K|cEl&5I-I2SxcgAF3BCq+v$R`xRQ2-`V!Q)s{ix#Ho7x z62@q6H&s~5PPiiB@Se3_P4!~EZ>&yJ>lz;gCxM^fb9a3L)v8MfcCtI6g!kuL*T!A*{A}ZqszAt`nD(Q zQNf|_XkR5+aa1uO037~Lfq85c?_B}UxX`FDPFkg1h4fGhSDM0BfBUP_TaA5=B z$I}2-N)!@nH=`2q^)_~J0agu(5MYB76_JU-VBCy1$ncZ@OnT?qzzo7 zfRjFtQ2*TA!fWuyBo;OZ_n??(4^xv7PD`XU3M+sD%8I|=LIY#w>VS@dWVQF#TtIc}glqX+2y0C&_}`Z|I$%q@zjtoF}9!}X9?Zi6?K zV`cF$#^qj#x`e}@7Oo#7dFkvH%fZHOY9+ZJQN`kVt6Y^0VqAFwy`Pn?*Vmv>#om+; z3Z5M`W}(C(1!UsSdVf9~zMVP6p-}}P^e3{@r(Z5BvCv%`ze437_9G7PM7Rj(cGa}| z7YhJl(p@9cMJb}Y^t_#bvREk=#^ZnnGSUbDD>y0!3MHlR4zS?UQY@fx8aCCY5Q|sA z=ogCk_q9Ho<3yFV4)KmwF<~neJt57z{llFU{Ml67`Jzx};oXE|VjG?I>((fQjnz?d zGLHy+Qr1MZi`AaOxc07WAN$+HEhBiY%U{Li-~F-NtR_SA!{Q~P_|5MaH9C9>Y&<&C z(+F@?#mjwarMthPHk$6(xwJ7txNV(n%q{hbX6rgND7%P+yGnlQPb!xlJ}f2FRM&WE zX=zo246+?hLS{mUUj~@jt6Q%5Ksd0<{$GUEEOmTS)BhyhI;rAEx;G2yweRgo`dz!% zz4thu2V9GKSj>8qH*Jr7!7C{$h)5{^36?~U1~;ZYyK+^(+CFfX>uGor>`vE&?;VRF z48{j1%QqQcYo)CKIWefElng1sge{P2&9aw;Wi&5FI^f=5!LgH*`htUUx!HX9hfs7@ zztHR2>b&dst(&w!kL8^(n)c>-4m%c;N|E+Tw*sim9Py*`dN}W7-}@wpXkuOUaYQHJ zIWQVbb0D}N-3)hFdO{Np)uxwP>OifNTl%Kfrb8kkml{GmnT67{8WKEt@Zm7giuYNZ#_-IZwyqAmvh0~5>1VIyJwEL`mFnKE)&&iQ8oy6@9?FZ)4O z^Hpqbqx1ax_pE#5Co?%TM{I_=AXowCF0k)mn`bTQ6;M?J`9r}qNZ+}SxKVes58u2h z=l{^9S}6~^D-z^zzH(9#P3?0?2Lg*C78=!WLmw{He=`ghenJ{HF+S8z_T->@V*B=| za){mCJUmsa6lF|mM=`{ry_9T_ODL$Us%a!cfBPYRv!+H4otZnWRkTY<>pRM>Ggz@g zdWn%Yc=ZyqIKZ24(AhP$v=h-IA&==>D)OOLbT$K(&AT9sqEsj%Rvg$w;f(Glu)xMa z*{CO>6W6&P5(lCZw8FyM<&v6A#yPv| z8IOGNebu^?yZ-#b#{aq&YaGMRF@9Ve)7$4OoGs^K&FDmd+53XoKpfNH7Bf z1FH+=U?7<;+4r=Y#51~NKYTg9VmgRQsobdkh;)o$lkHJtvJ+(JJWBA@$TNUJwf8=( z-0HPXyBBCKKb^f<^wH@5?$yeilT$ZJK(HHhZ-c=`jhyXE!?Kv*5R$_0a{T*zs9_$a zXK4BSB~B$gqB3DWwtY z1Yvg8=dtmK1um)>WRi*#PsMs30~+J^JG-O_Y#n^5dhcKkMNk0r^7LBnG5f7F+UN>u zprB|-jm@eq+qlfd98k+dA63p3D}+?8QX`nv=Od4)9}j;_1E3F}S> zyO0H4-0MSdvx-gT3EAclLtqsB{G&_|Gg+T}g^{#%>+ay<m*4wda(oPyuW! z7fp-)M3cxBG35Y=)PLUjEvBV5H`h)f<&d~r!lru{X^dFlZs{dm;Pr_1A$2Fpgu1Lk zCOm%yYd-GoE|}MOgu?XZ;Oei#`TE#(y1wI;ETu8aeP_AB&dz2ISEuX;ie5ylk?A>*6m zWR|hx1t6uN+4bgPrlk3O0;N5MApz8egG$PyW-)Xov*2zq%(&AkL4qBs4zFGxhj-Sa zaVXo>j3D>R;aHt&r#zvW>$w2mu}c{NFlfS3Z=@|fRmh<|=O~5x06pI?yBLtCiotI zV)M%685~*uJux9Gt$#pJp4!SrBszx-BkDYRR+6MnlOLglZFlkVyIk5W!gYund)&W zA+$^7&e3q#ued&Vn%udY-NkW<)*9vP-PWenRM7e`@6DZ} zXSVKWCJ2V1yuP~l>q$|Ze|q10^i{&?!$ta{;PGC-ApVHPNK%rqQs}dq_U6UM(^j+I_>FcGOrO_>fTBZR6t>cDL4}0 z{2pdJh{|F`mT}F_-Q9%c*xDJ@n8{(8za_uD1O7#>=kL?-!q&=N)dm+6U(D|3#iTekH3A`1vCEipST=6`oP3(XE-NOxcefD9F4rUXOOI0>RozZw zwYw3Wnbu?dSeaGZ!*_k?B?`@97U=iKsevOLNDL&)KT9ju+UEYbDGWf3Ps(Aja z=4ccX83bO(n3Ef&s(Kd-EW`OC+n#lM`Jp3{VOxE5D4Q*>fT|a@x3Ak^pgJ4D(O4ll ztE83PWP@fk)qqU#Rv4`i`=M|yZ!_`^%s)M5esgz|<~46mNw&gmglt9L zgzvoR?US!M{6X3&W8X^Th2WR@+~2P8ZFQbAnA@LP$++dIj{~bL ze}}$3pFj82{XW&4sFc=@fiVsn^}D9+^28{ndZSvr^1;e*ZNtCIFN|3)lz=wbag zV$!eE2}YK;I>5oc*0Y4}%HgNkxOS(CU@Jc#l)lthn{h_L_qNm#i;3w}YGPbB;x5+W zuN}y;d@-SN{FZ+BfzPzW6^~OTI;Uzkj><7<)PABHoFRw{`dzDW*VTm(op<$qmaT9{6OIt6gw zd~_Q0$KZK<6Vm!yli=mg%_N;aq+wQ_Jj!H}?+I z`?Ul>(?HnUdmHxp-D2EK0h|;r`fLRvwrNdGZ-kW?cyr;>pVh^s#o*#mf9Jk zH%DB@7a_i8IUABeDF*1n2*3`-Fx=5n`O%8Ms^7O+#XDcCa}J?$*=gLE+j=}&J%!Q{ zJwq}yH1nbK1%gwPsji>!Dik@z1T6x(c8tbMG}(XP|2AN${X5+W$nfAOCpb#@^=h@E zi7-QciiqdJ3*$qBq`*YMk!pFI%aML@kt?`+G)_xzmh9mEbEGMe7&&j9!{6tz1By8I z^h3JMNtyibr&VkrdsNHk+Z2QLE*3>}45Q9>6F7>U8h{KLHhc8S8W2Sakqwk5%Hl@4 zlT^$OLA(Q&AM_1T1WyT_f|g3eNSsuSTFR^*!#U0fj{;*A8caOGQ@wwnOLbPUPiXFK z(z>7lc}2{BZJ^TSr5xxN7o3baMu!!7mf7ocdNH|CnR3rEgYpWWC45HG6fOL8R5#T& zJx)Za`4!%|TDj05mv_>Qh6#ae!OC`4$J zSx!aA>$Cs?iJ)HecIM$F^^Uei3@p8f%E-S>`TTHd_0=@0^n&K@K#8H!K@5u6`R!#p zZ>ozB=3lMYuE{AXrNUv$Xk@eb4ES=;n(x^~Jp5pb1yNYFIU;`lYZaZ(b+SZnQ@n@o zn%?O1;b>?2Ywll1(6{9!6E(UQGOqn{_EMPBcgrD}^rSGG%8Y3XPfNVGUHMQpF7uh? z6bNe<`cdJZmhj!r1dHn)0cDzv4lJL77%Xjhc8#0MpFc8k?IG!lA0-PMx_`YmiJFQK zzGZ;966gVa6y$CnZ>W5H2D!VseYV#JM+TZ<%iGwQ-3s8Rvr>Ov`HIgoH7nQnF8^^R zwX03v9_}{UDN)8y3;}hzM;P&8(JTg>uQq(hOtykbRVKxfliA{(91j6D8Gmi#M~n*nn?iyLaujm z4}XQTh-Zh_RZq9gQKxVqpPFUmx;(jP(9GNbR92#ql>_7N>Y&+AW2-nU!n2yFvRJa^ zv$XFGNtR}?@5Tk2O7}yxEj`0MOO?<tBrR)OY5e-*vFYH=3rA01`3&%)SCV^hPls9@)w=lwUbIi%&uJU6DUTr8#iR| z`m+)#`o6W#w_fCQ_d3 zcw!rthX1qq&3g~R|4c)~eW%Om4KWnDh;MgAgy`{*IFG#j4P)muL~0ISfS$9wf{@Py zq~D^G3eutJORCO6H40r%=}Ivyg1LJw__@1CxgPtv?*C;Tk!TUpbw4gx8)h@HWEI77 zu zRr0bR)-DwllWp?I0sofz;0D&JW}tQgR7HRMVE=XPdNU`&I)`!iP<{lXHP-Y=B0&)I zFq_83%Hy^XYl2~cVePjzh3eNQbfM0y4J75WLt%Wa1-%e~=EDLDhP3C~UyLGe;$~t% zJc#;`xy4|Let5~mtMHB_vCQr-mjYyfApNiCa&K6y6Qr6R;`PJh6ae^PW0{IRGlcLR zv+KwB;*R$AT`>WJ_;eTW(DF$Hvnd^e-HYp|xENpKB}L)*zA^3+K{*UKp;Mh|zq+qc ze!L!bB1Nx0{wPbwUldapx)Zyct@w@4Gt(ZFF-iTS23*_T>NzPIwNlQ^)R37TN7dkg z6Rk}1euMeL8Mjo?p@(o7r4h(fjSaCsn>@zmuhohzjrIiGA#mP7LYipt5d2z_cs_xR z12F8%f#2}k^mXq+u`6jhpUlG-vr(B?t)7C}iA8_h6|0y{R{r9Y?}-Uw*GXF{9rGZ# zne^>D4-HiI%GvOqftetFWb1F9!R_z_ZZcZ!`ThQ4=X-Q{|K8( zJ)FPFZ;j5^8(}tiof^vCbl@T8BDurVe5ya3hkmK_S3LOJznxs3dWgoCzB9aTQqRuu z;;83ShX~$z^_7xqAM+zxYZ<2RbV)t;cDvCQx)lmUKSi(mFFx%l4C$zr9@&2y8v7)c z7v)EBl6NBtxsPe?RM)N>dM;`@dOozjBfW4j#jSu*9(P_%d1vD@4BM;PzV5`x{xBmj z2LB$iCIcyilhK3e?k7pr5YE94A|it%QOMl+J@sq!T*gN8@VL>&>>cS7%!=P;mUL8QWps7tFB=nvD zOGHM~Cj;>-g?{NXgG8B;2PPdE7o+&AgypDOYhCZ%qC`^4KOT%f6$EZ?reqLXT-MM_#MisNI zISL6NPk@}%1d$}zGXkv14QOOUGRah^db=J-t?L?Z2`iDSL6ydtNOzxe^Www$bl=YgaowuyqVW&kBi_ z7%?=SQh-x-o5e>fwr4pd6z~SYD4Yz;(Z|)L`8HN*a8;N8!fs1+xodQ2QCH1vR*~Y@ z#imhYmH=zm3tvcwdTXKFPcKY3NCwek^xE6Q(_lYW<_wN(^k!I3g}$q$oa*x1(4B;6 z_uJ{vBycp4D1Ox*5pTgS8UVtp_J4+EG=Y=7cq$M8i%KFg8Z0U&dP9>$RrqW@2F~LO zzK8l_=C??-$wUtSQHwPu~0g;BjN069{@mI2^ zJv)@Y9od|-RF$V$g01wx#RK5!Tak5ZTjMxJ2e&4I;DGFk~y*Rz`9P6IuhZf zL1JIwAv+-^ze}GF3>vqMbj7q;bC(ACQZoH)sPZL44m5x;^(b~+^7p?ZrsY;%wAdoX z33}kkteNN(rq(h%oc(9}`@yDAN@nO06pfxh)(lG5Z_D>c)Y`spMJ7!26PgHqI>cL9y}(pZ?9RT zA?lkq$1)TJ!_`Ncq5}p{DR^3zS3#m8GrH*U(sVF8aF$rI(BQv$I1$EsFcBsCVb!y> zn#}GVn4MoAD`ZmW_Qy$QAL@6#rhzMB7F~&b)YRZtj}i-d&QHJ3w%8EH=YqkY(!rm2 zc_DgDsXT`&>EEy?? zumoNTW^put0lGX$X>mD57Zn|F@c2X~OlNELwoqy5v6Fa1JtHzog5}EvOA+e-@0vgB z$xy;@ebHH66^1c4*^;^q7bNfthB4{EDno5V!6};16_xwP@qnMaZ=}pbktF9-Na>bD z(MBM;Ve)4Nmj?;qlLbp5An>{~6y_0(KJfQknID~&wi5zGJx_%VFMqBG9|u`FM3m-{6Jb(vhA&|ONJ?DUmwbALK(9v?67;dGW_CtoxsWaj05 z@FQ2|p?p=-dUvsU&{EMC5+JS$Vl!04pFk^@R08MIMaJV_7Bhj_=wi~85x6EcH~{5{ zvf?kY2=Pflc|l=A=!{6zQe^eQn|VzL{Xo8=)Is)eaH9CH+x`@+ zy#y9e9J3f50~`jhF{*V<_LBliX-Z?1dYHlnLE4mLB?Op4QSq7gcX0aTu2;NQUnbg(Fkej#Z180@;y=k~Zi&jB&*)pg92vDsg5} z^m=i05_T#&*7)#YngnrWV;zKiR#XE;xaAvE=%~Dx2jbw+&9IPbz8_8Oy$`mI3rU&V z^aJxD&~dAGeT|m)%}NMl)Q7L&(U; z$^)=pj!LeSST6lFO#~k-g1Ud=eb_!kHAx0xn+?1u-UvKd6;4WOOt;+u4aPTx={wu! zeltTk1hqn6yoFBB)w7-WB#u z1khBDzzYPRvT5f0-qqA0Y2ixr07sP#P%Tbq)&$XZ9PC2@ZZI(*3;>@`BAkk!jM=AJ zLK{FuMvo>^UyP25h2{I~;!vSX*=UNP|Jq1qUQbaek`rtd+yM;*2@RHnY%s-tB6+3oX8Kd@Ut}`u$lFUK6LyW(c;%rEEkY7a%t= z+A@;#{RefTBV|}{dMraXjw1jC&s1(ooYFN>lnRc7mcBSM7|Mc!&X~SQTuLfW*dJ|7 z!^;D=Z^~#SUNo_BEni^J^O$wXpaWVUFBlS0z$y|q3GJGMO0>iSx*|b4I@%IUj)zTY zDUsC+$ACAp9~$>l#Of-|WvnjGh^0NY2-_+hK`KIJiUAQ%0X(4RmE(}1l9|A*4k!sQ zX$7Z%Pz5HU1GUN0r~K(L1`LV%`r~$Zkh`=xWm`PO-azw}i0cf%n(ciFI zFfFwLR%Jn?tgQhiNi~SkCggO9K9per&Dky#G4blG>6S8Nv_`1{Y`_3MPc1xgs+6E4 z?tp_3M7_6A@1Y3l#4T)#jz4p6xO)r06rWgq&bz7Or%XlMg2I>R3swP!`2XeTjt8k{C~1fs_%=q!ID0W+~5K7!BH7e+5wx=_nXb{Ay1e zav^WvxTB#a*-gcT>!(3)-6iz~+2|ELv6(GS6iC-IP|JB;ZoVZ_MwNUT*tFm3r*+~F z;mF1Gb^Z1}D1ypq+@H03dt$G+F9D~iJcBDoHZTAf%s~hE;E#}Kg`{b-s6F|E!2ig$ zf^8s5M;?4pXe@XRFn!f;9QAK!`fbt}s16)lBdhuHd z5Pf;9kkZ(K=s7SN0NhsS>bJyKg5db#bU*~!^Ka>vfDowtV2A(%ydrBjg1BTB(gLV} zXvXBq2<~C<-+}5ODdWFaH6o4_kTGJ!(HP2zl;u_X(V4+WfI*F@iTV+$h9yueB$jgM z0h-E=Za4}iew|22uc45|SCN@%Y357N85)z|O45I^o$MPk`<3Eb)WH_Oj~f7^P*6rxxNqXAmV zq_+(fTcs|U!aAbIy|^H(S3b8I&~DxPV#}EBXebQP$K64!WIaWvWsea zgvKc-!T9?1)MC4&_nF&f8@1;(Yp^dQY^eY(ab#k+?w-_Vlm*?DOc_lr37zii0Sr`| zGNRqq5wW5avMzy%Xtm`D@co_f9yA6#108sDV}!q&SVMmq6v~hy`{kMMNjS9A%AFk@ zrKNwq-70m5)NrpWI6*7g*f2D&Sk(^>XCvv3YtGS0FcWumU)(ajY5QeMIjk=~^#O0i zR{i-)JW1P%PuKb~U#kji+8o932g@i!2|qk1KCmx%^_u-=Zxr1E2!)V6EnVYgFE(Cy z{FCU^qIfJhc5v=rZ*C{BycJp0&vG^iU%Hn{w@>}xe^*{u-N-iwI7MsTIb;nj=TLDPZ8OX>G4VGW4Fan~qplHdi*i4CGd-3DU z!e!@jee(yb7rvo6g06vHIizG%e!U3xD%JT!LeV2A%_|y)KYX1W7Tlxnve?`1Dl2PJ zo1oTa{$A|O>d(nWAPc!YDZK?_BA=4A5%JHsFbYYKUH=Lm^=)NQuXtIu^D`u;{<1*Y zRXo;)W4AFur%uErg5hapnDpRpQvDczd1xx!_dGe0)W(RU_405uqWd!<*H-Fx`j6+^ zMIDkDCPpB-$7#)-8NSGIKsi+_V^ubgLJd4WvyDFGBwQ@w8(kw?ma2J(6dMw)&S4uo zL=muy)(}^8ds_9y3@AMeK|KKK>@tL7adL6_YQ!KbBNHJn-QjY<6)`+Y$tvhh!AAa4 zS>NV)nb)AB)dW{_+xhI4y=?N-PUx&oc%oICfnb8PzA*4D^6M9@{CV+QVOW$gx|mlx zxwf~OSuP(oaXDU!-1g&GkwML`S$vPZxxT*&-1Zw_e&9ABi5$=Ru$11 z6~dKJznTLY$!T{uLR5`L8~blLvz2AwR5mC^&-Mcng(3hTNW4JXYh?=K6^5ZS==)~) z#_@hx9?twgZhlvNcP3iOzj~1B;@6HquQN<5&e~eLjCE%b_)SJq-pu1Y<@x;Kyp;xA zP~T{rS2M5k?*`-SX4|GD zE|fBLx*RE0nV~|Do4*GynXBFLR!WRlmyGeb*Eg5W-#ATZ5SF<*Q|y)59H^-YQz%eL zuFG>%;I#~Czv7m_vZ$-lmVn>bWq0#Z+kzK?(I&b5Foi&PjO+8`3=#Chh4L>Qt1Vs} znBKTMdmCFKH!hY=S(l`yV08=FckY|z89I3&&?qDEuW!<7!iUjd+HyWlvmF2dl^^@IssJU6%+cdt+BTio94qUe;OU7W2oXEe+T z6Kyu&ULwMRuv{h|VbGzq;s2>!6Bq2My^mQ&yx86@qkD8T3^dT|=dj!lS#Z zE3Z5C)EcF!&Bn5>R?b8+tqKV9_4QSGp5$uIzfLbk$6EgL*dkpu;$xd;G>OV3TSQC^DHIQ8%Y{2!K(sp!ygi)>u2MFXt z4G+cvPSg6ShLz#Tv5`T;3WYKzk6sV6m|OPDFg=x_jGdrTvK{C z7Ss0m_AxW+ZGZre4BDxEsTTE_VNmd(pBaIQi|+1^$0f}9vzx0W&}v!0MR^T0Dx6_; zJ}lc$OT;BigPr{(f`z`@#7k`a4z~K-fANOEuY8Va!?CjDzPOj?e=U?IOmrhm$ND8h zCn)jFb9|L0hfSbL>&C=wozD;jm@-~)s!vX;p?>s<^ANda=wypMgx<6(`s!KkRiJh?1U~93_b9LR? ze>D)RBC&?(4xaxs%wo*q3X)O#zc}gtJbSr)S6;=Ev!;Xrl_|8(CYY{5DOZ?)E!0~n z{ufLA&N?D|bw^qtTIZC=WN9qFN~m$Wa7q#h3T31JChQ-IOt}d#U0CsLT49DsYIRUq z{JWd9N;j%V%Mk)=QKk4l;91)MxTRwH;kk@uR5KJs7P@p9vub4b0Sn{OxE&-t68MyJ zbD(k%{Qm~R*bI=boQPc00O}nj1BF7O$}QH9bhoH0)7SooT=TaCi#nHa^}T1Vsfhf4)U|%= zwg9IUgN8&E^j|763$&$UGIVkOX8Rvr?G+zEpvqqP&~#@%Irwk?2i4x+KOZQ!{VwXF z>gv0clK(%R?TO(k`7%{7PgzaoUkv~EcN0j2as?*x=0I)e{~A7Lnig9rXI+-{G^>>3 z-~{wWT_?GU&3|(e0YP22Ltk+WPaCI5#N$BuHI2zE1^8cA%v<1_PNV- zM`5EZuT2rcZ@ou$fwWn{w@IsiU(b!IX>)S7+HF%#)SllO8Bgzo*OqFUg+@~iaFQI3 z-#T6W`~J#lt*I50{foHIwc3awpRWVQcub@E;5|14@k8Y+007ku6c<&c|GInod6wGP zK;?0L?T!qQzn=QpcNt%D5g`n$@1yr3^zSg%jd{toT&;l_W`wDgJ6s++bfhzu_T zTib^UOi(+#GGfZH7qg_5pOpvy;&1yv>$4B$*;ZyPXQM{ipegyWH-Wjl@2@vU?90t^ zh+lT}-L5mJ^QkuZ*(%Iwy{HS;5}gBu54K-POWQEN%&huu6bDf)Yv&Y--J?zI2ehmVK zX4=$Q|FV0R;92*_<(sn?h41RReaPMS9{fCWdf}P9qgz9Fh$D?Js&y+D4osdWM>Er- z)fp{}kE1E%ruOzY6aQXF{%_?O`HX-`8pdnpNi-Z+v@g{cm6Ri3?$3h@Ql9jSHF{)K z<7CcNb9?;i^x2F$wd+34*FQNOshL?b8yeP-g#C5Pv~va!{4FP!U(Yol`&c6dyIkRo zjXxK@Yv~(%vliag-~tTu_YD!+qQU<#gB~0I;`Y?;2TpQd zk~MI&a38t!=gG2z&(C45AH=^IcS>pPS2LnFhuY|K*4M#%m!~_5^{aCxk19+vHY+|E z37!b4=RTn+w~p>6w2lr%Fc*&c6Jjz>X5hay|2M{=e`CZwzY-{kzldlUCua|{F|O&v zd}vnM|8wv$0xjmU{KP957|Q*{lkA5?uJ*D)KT6b$I4)w@QrsVtfpan}Cz7Zrs02!C zGQnF924n`Toxd>e8JcWEeD$sR*yPquY}mp7+aN_o8v;)D*%WkeWdo)7|9ZWtMBV*) zFNxA%hK7OpXgc;s>ak)nM|ywVfnY{x_#-HrcG36cWIv@z^T%Mcr;#_C5E~`~FahP_ z`^JayrGCR>RP@fJ-Cpkcz>hsYelL1bQk&a0Vq1d)=oY3b)x&SCZ|2cRbplp84i<89 z!wcJev%%DCaYpB>^+7|DwE|wpCm`D%0c+^5DWbGx|L>OPU`t=(E7dhc+iPupLIfRs za9C;pc`k;lU6f^bp3lBLR_|A}5^|F~XLy}F1*U{V#GZXaFOs%QcrVXo$4Jo8mdOu$lc23DZzofvq{^3HyLN}~I@7m2BELW*OEj074mW%Ac9&`P z7atgghdB{<4>Rl513U9e*7xOl;NuO#({?Nd7Q0P71?H-C@Be!~O*KV=YRb|IG!`;i z|82+@8(lbGzGSLFa&vQoi1G2gZ}u}{3DgIWXNXD-RiE;rZA>~snW#@YGSh2yqZTzr^CO0kY(xO$=7^1mgt8y+E@x>6${ zD^rS(A)Xe)KaQV_Y;bbY>4BB7v6UhAQ{JoDuLUWksJK_C_%*h6*d%Q2D<(|l@`-UQ zb8)#kUIp;Kj$XYH${+UMdyw?&q1Tfp^Mo%!Nutb}b(ISL#iM;5lqz)^+M0lVZ#T-v zRxe={3#^zSW~fpc!)VDPdPu<6+znEauX*B8gqhSo2ihas?{Q}SxIJDtq@?R-mc|(o z$itEZ^!q|;Iz=|oMTR}p;l3m%8WI0rtNdqcVUSZTV!?SQ&*zJgcq6I^0L&9CHTxpG za)L94IMn^Uc=Ds*PpEPz035a)-XUaLIH{xks{^cdDkt$w%$}c+#*(6S4QqEMLA=K& eW&m;qiVIn*a`$%2djRnH14<}}*M2n!{Qm%eoABuX literal 0 HcmV?d00001 diff --git a/components/engine/docs/sources/articles/b2d_volume_images/add_volume.png b/components/engine/docs/sources/articles/b2d_volume_images/add_volume.png new file mode 100644 index 0000000000000000000000000000000000000000..58e53dce48485fe45d526c04df3b2309bd7bc286 GIT binary patch literal 94268 zcmV*2KzF~1P)E7sVJ zHMS^rB9xarvD_Yz74=$2sD~I}E z5x~}ul~IZ+DHwQl7*OK3Gt!u+eC=p|1AJNnaJ0SBA^W%L@w& zgO@j;>2z8Wg|cc?(djBdu&d}wpi#?57ag#qVayUl8kkW5WI@ufkli2239Te`1W+_+ z(*SxpbMb6H3QSt`DQW*kPE>TQ(dhmEK1spgJA?i zT2q{0S2`{ti2_CuqzfQNB{FvuS&WGs3B{0fVS>7bltt3w0Hdi64ABG@H^Imy3^M2_ zFcz9>B?T#W0CGVF!HOmq$sj;3;BCky@F$K%aU{)4E(VigUA)Xhc10xP7 zSmbWGa8zW0Eu-=p*hW#nE2ff~MR6o8tYHLG97)A7iyY~S1CoX@nM{8E`R8G7;20w@ zjR8qnmYcLdsbgzj5 zKp3Qkln$u~>dGApiu9me7Q-{7W=Oh>2BnMg?Io!DNMRrY-bkVdFOpzTXka8|0nOLlCDCTbWz&Yf7|}^Q`&#H zw9TJCKXS$yXJ~b@YNfDh*=KW$I&kS`6ua%70Bk#!FB0G2LRS#8FiOMA5(%JmiY5$F zUb-S$S9t3h87YS{<-r7MCmDuwJw#YDkQ6JaxAS2{%#1}T6QA&3u-q7%VLs;i_( zDZ(oPm!6qleEdygS?8)^0T@*SfJHRWEwu$f5mJt_YdRW|RGfUe<;ws|s&?kbsa*dS6b#GFBL>t{HY~pefh6BO%@Gn06j&J(T1?2i@XR2VM?cH!dM(D zLJ%JuMJKXY1u^Ks>~v{z6cf4vU{sSuG|(+IF!{<6upDLAbTlNXIC7CLq;$C}xM4Je zqybPt@S@q&7{acuhD235qbT?)f{Zq#q)3_w2VqL5Xu==`up$KU!BKRw7)f=pfDdM; zOOqpZQ>4>1i)aA0)QSecz$j|KG#$DIz(_ZkPF>jrQ*gtWi!3ULQrOfO!mh4{L{+*X zXckH#J5n)Gu+v1?jM$Y<(S$(?U_}VxgQMs~Fp}z8QXW@^X3w6DGbT0ZB*RCEu?GQk zi4vTrRJ#f7{#rbT`?_!1!)Eg zx{Hz_rI&9L*ARS4_FfZrK%| zE-jdgZZMHjH1m~<^UV7;%Pu@dar3-}$M!hjzJ0HH^{9<(NG`!38ZsGh&#h)lCncLr zPJQdq+wOj1O09F+{J=AQcj%6lfjvd_Z=8770cSru=JCI5QkL5<024fz2wk;8${q?e z204>4SQe329L>=zd3P6IF;Q@rT?$~D?3#;4WeFz2BBX}Yl?zge8BubrcJjSfUOjHY ze7Y4~e|F-9=Wf^2J+`st=XWQpnx!xR3Pw#0U6cR|Da9m8+xn*n!Rj?D;EF?35*M|$ z`dfV{$oE|TUwrY!@<+Y-3cH7C=qzYi$cLhXBx%P(LqWU_55DGQVdZ68zfO1yW$A)= zjS`Aci;PYXnjwvzEC4LK!pfouU{GiVBNV#2R#1f^jv5$T(6OUS38qs7EDVVoc)HEJ ztSh{N%S+Laat9!bav|l5qy>k9c!oe~E@0#;2eT`zEQ&zjlAhUKWyJ;~6uP>tsef|H8-IT8qq%a-Wa{6$_6hG7XWVk{9Ty%v z^pmGRU1zdv@p1s_&tQZT8R^0z-d|3O23J-b@?XH9GBuNveI zw<2iDDxl`8f&?e7nh1}suB0Natp2$L28@6-A>|dsGlWrd5g8$o^7_&1pL^>;%thEu zpl$#8QT87Wchru(jsaa(IZH%#j)aa15;R@xW|50^n+>TO9CZgazXWwIDT^Ux1cQYS zaMHz{hDA$Lx{H!0)+|D>tA#F?;EYT+015#mQ3yhFiTy1A8Zy$A5-bIyba~yXXmYe@ zevF)82)lyFB;RJiF%n8(;T1EOR2B=RZcs907_$>i0f|o*>@+M$<71W|tp3~uL_*mJ zd3h_?qj33GFs-bAX8es0+*T3W8FTPq)6pqD{{f@cx@b~w5=)LjF4&AU) z6Z1T#!zZeWqTGUT2y%63as9>Fm5Uavt?C&xN)KXe)Mahy`cF1AWJ^j4M4t)f=aJju z6^F<)bff^mu3L}|i^kVSyB&T0LEEjL@;2FO_rubSb&bi);t3Bt{!r17owgWQJ zgPjE}2J#grNx-J8=tvxz>_{~%xS$hFlf+^QLuxYm+nIX|7%WFHrbWX`x=B)?TUP+O z3WbCK-5f3dAHxWy2r>$W-5PcUv65;CyQXID^3~2|U>S|Wie9oH|C8&_`Upo-GhV#u z%6s2g>}4x*`EnM~8ap1J>~M_#Y@aR*%S&;k7j z>#mG0c-^GCF1`HIp2v(mY3tH((+3Zaz540T0QTJNjLVMRx|GEepK|R9H@4sZSM%?E z=;O?O_l`S=ho#QZe-)+mkoe}!Gk*8W&YDjRyx<>!v*QILB%)zbA}=oaL>FFs!!?^cqDCt^*6 zjnDY=?;ouWN4$#;-LHJZ!*3eBM@7?&K!si9d%GglzkbcxAFO}ykePQs^nUdG`|s^B z6EjN->#is;e{WM8-3-Y3%pSIz@PVvebqGZ$cvBMoX=-38b9um z(T`xycHZIA%TL&-%I!8(fNG%7{wLSJTLM(TBud-H-rXgDG9mMWMi3OcyJEGT<&> z6nw!bxTVl2oE2GiVAw67>CL?4t5Lb5OTky}!7iiXW{wsRyJm_-Ml6a9H->mwfE`7V z70PH^SS&QU1_miFx!?{!+>jV$S2{@%zz#sHeAKtL7|Wx@{WG8Rz39gK@4NN9 zAzwc;>Nj`KPU1cLt|QM~Zl5vkyd&?Plgh5Q-H0v2p?2Gkyx^*<4%x1o&)iXlVQS_( z_s=Nmy5nXQ&M^P(V=jGd@$Q%1_P{Nd?K1g=e?=nUY{u39%SX<;^3iwqIQ!a%AHMbE zUE=p#dcq6S8*rHP*r=->d$ad`XWV+n#^o|bv}`s-eqk30K$W7DFSA9%FG@#l`YW`~lM)xWs+&`rV% z?tJlIj$k(X_1_==EYfGQK4sZt{n8KbyX2bpj=A`%-;EeN;lWYIoqkK7lP(=|`tGp_ zPrf##uGRG~9C*l{T?;?G`-meie{KAH9gE`iw>hMHHXQ14?D?0EK5@qiZ!Q&n_R~I8 z{{GuW4Vm#Y6`q^nxJMF87EO5S)(6ug&bi>iKBd`sLt^ORm)`ZzLt~EHe9D`*{Qa8* z$F%Y5ai?DWMEF;y-u2LZ=WP@IZ06$0pUi6F27TsVP9F1kzu#W{*kd;gFL>+H^Phu# z+xq8lH#=)|?&$2$>4PqX@w=Fn&mIVEg*JQh)zQpu_!V|cWV5P?LY1|j6yJT z6#_{iR3_>|LkB?9kSs{*ju#3;W&|UPjtX5_q?j>?*AP-E7@~nxSV=P~nvfa-$*A#{ zVgTU*1Rc@E1Zj>ziwFRtp%aZ!0i@fIAsHoL|sQ{Q_d5;T|y%DWDrtzTJ4YE3Zq^=l`dcdxh6u{R#t z7jjLLo%?~896O{-MfXj1AA7^0;c!#d%Z8KFo_b+!#qMKH+OAJ=ahF|xcg_~!&@2C( zjs3~z=Z5+md)d*y=vGzLXUMSL?Tg%Gx$kWHdfb(#yjj2F)lZ+^Ezy{2{PM{c=6XYR z?_U&)mvrqL36Fp4BQDh3?Zv|3ZO**w%;DP%8PKE9Yn(pCwaJqw`~QA9V^LEk*?IVJ zgA4xl+-D6GXU@wHOe^1KWbbg=3n#*%jmJEG@7}`(?6Bh&yjDH*nkUZu^{~O)|AH!& zM%}Tt@}eheW>1|sb<(6sM4mcz>ZH#nEo^Wvp(wH>(TDx^p6k!tzkO`{eOI1w>=onY z#Ios7*DZG+!o6(oO$PVw*{)%lE7AUA&!NH<>uxdXvO`s2f}~=R?B>6Hdh|itY|+16 zD7*d+M;*QErsdge&!NApibU$064d;g58n)XKRf@Foja7Y+i3XN$M)meSro};zxwA( z;ZVOF29+&YQoQBxZKF&6HY4U9O=~^;FRyIfmls`((vdVdqJR+- z87-z^K+0%CSmY=LNpR9BZ!^4*ie_FG!3Z;iJ1Lm8QB^2S1l_sDd&({4dp?i$%Cwhl<*|Mk1Qkn$J0c4TBD_(DeL%-d zEWr{@dj;!Y2cAha#X>wdOvK}HEIKap-+SP!TVLC7zYE43v01FP!L7U^4nb9)igYZ& z@=L{<+`uW1E>XZHOvuVrr=tKH;12%})HL?O2A_m8_uv2K! z3wQn5D;RkEfql};k{;K*qDVL#opj$Br{3=lWhh+9CCI(9$wI7a=c2j>_ed}soAK!A zF_XaijetG&x#;qJ`gYr9pUV5Ldi&!ggS!9qZ=vv6d-O|rT$~!cF5C4C)ifo-v8H%9 z)OT=qudXrXB^sMTx%Z^CY$U(_+Z~rY_LW7(xbKCx@6*4GYQWjIXJd7ZJ+?XQu^sk$ z^WH12fBxxV7pK^zS+15__ba5zLef61V zz$z4~2#5L?h1?baG11c$u+aTqTK~C4Mft1((p};5d!x3Iw*ALn!)}L{f>hD0bXcsC zg4qIN2;E)bXcRXnHKwbY>_8PumoAGUM}~lzBohsbNx9=IBX+>T8;q`V%kL=~)iKr( zK{SdBO-7v?I!TO-kYG@d1QBhyAk~PbI6V}KfA-G;cQX6akA@?W@&fJ`5|QY_$=@^#>Q_v;l1&SkJ_nF@*TRtn zQ|HD8^>!b-ke$`z_Frzt61g3dp~h*?{{D_PfBxHB&)uohvYL9rG8T59SE`@BI5wnR zA*GJjSG%W_Ze0|_BayD1+U4uNXzHxOcDwa2kA_Plk;d6G8#BF72n&GYlBkaM+W&WZ zEWPvA`%b^RRwOfNmNa*YSuQkDFXKAlrgYrP@?j9}iy)JA zi&>PUY`Fh*&yRGck_aFZ4YdvK&MNl`5(Q)`-dNpKu=P=wE&5{rM?api?3kfkOC!-G zTtX>DHl3itQ)V{~?BoCVLt-KG4S6mRbi#?aw&ZO5iyN-_^OC(T9Cz#%(a_Z24L>X7 zMKhW5fm?KmzA$M{^4IHA*VOzkXBI>{Cli^OhfIml;`#t zHQ3Um+sdblPG*?@*RFq8S=Tgu6lQIb>9hXbuwMkfNbV3D1_dMa0g03%fG~1w+kdEr z+xCNnQ@yy!rA8EyVJrY>Qm|82hL9K~Ra}f3l`oPO#K57F_W`DXX*4qc80#%Q5Xh}Nu& z<-flEg{9%8f4=99&*vu+HGg~LrkUZ&5j*xP-e8-}!l7p#cz*Jd`lgy`Pu=}=IJDW; zy~;~^`}X^vn_Au2uyo23caC%RJ{93`L3zhe{N-KY= z9KSSM*#FQG>&O0n)wSdPF>}tGuP1%>_FpIR;DX@L&?3Mw%(u*|t7`&{OOQM0>CooG z_m3?8;*;6Y5r=FUato8I3VEDD^Dm%ua;Ju3vZ8|PKh;!MU0q#UO9qz$Ss!=jEU?@{ zjeql(Ctv+?)`D0fHsix*UYJ!-zIFe~Y_{wA1H$3PIkOfwG&JNZ|J<~irpD^2kKdsR zw{wfu(aBweymVodd%I;dGrykn!p(Qi3`ZK5^4-Hs?`?h^j*P$L;yYe=;o)$mvP&QNe8$|lv!=cO)_V(*%O7Y{0owoO`e)+WCA2@#<#3x(2aX}? zZ$qZ!4y(V${AJR%|F~UOWuZzm=_Yv^Q1x=>*Uy02GE~L@H4bV_7f?Yy`wmlA-^g`X^$1L?rUu z^%p$mAEUiT-Lyr!bS$&pSvQXwd)}2-o&A!lL)kWG-*WPLk$588{mh$3U7NROOSd`e zmXo`CJhP1aY`=pax?&$6H^# zebisvn(VXRh1+D?vEg{3ctdS!_si~0UU>SGH=o<_qMLU;Xv{g@wbwj)^?Q%H2-&{- z-#m1E?zqY#;Ua&{!{ocyzZdPl!_F1Yy_VT!r{2+Y!Y#9cqE0-Mb)i^4kwPxUEDz2_ zOvFTLwJ@sHvikM!B`3c23m$ z9=`Ejw_j9n$Ad4u_FCwdzq_FLnLoTI7riz65P;jv53ewyrFw%^&e4(Ske z;Y0>LD4LNZS!nz~Qev`RH)q^g19YUMXo38ZzY3@}*?CQIA?W2K`Yb`f!Po-tzv zW2&!;MeQi1qz%a*01aJTNwc8fMf1mu#C+J&<$eD*CsC73U29w z#uWp~5=1U?-ZiZbHG8+l|A<@24%y82j(V+4`1%68GTd&|y?loeze zYa5bfRh0$FhMET6q>GldtKcDPyuPL}87e9(FU-c`UNq`OiV8A3rA&K;Rqe}C^)>a0 zZyoNH)xV&!V`Vg(^jl<>guG&#kH`isw`Pw-H`Mze*TGO zD}i$Pv{$zNy@JZBqNZBzb18LY`|?nIU4tuXxUgMiQLHu|Ee^*TV_7O(UKnd^R{5}- zb*h1x_zNaeUe!JnuWQPdwk!71nRFrb>4 zSbLGe(u%Ukvf74dw79ISprN`Z8Oq(45KwELS(}bU6VbZ;FJ1pk*EO5Ij-!@`hE^)u z_MbJ_|KEQ5?af6b~=m96gTVz))ckdA?tpy6cnqtT^-(WoLw zVkaY)7DY3oh%t(LkiRS#h16&;sS=r&@MbhGSu7n2L98I=r9=jn9U}@2F9S%yf?c{` z$RK|+g0ytP%MqhRuxPRb?YR78>kl^$42lw6Q>zCJx7d>vA4~Mz(`OP2Y(5|EaY;gg<>vlXXP>;jCFOb-GT+;ujEIO_kL8kMMU$Jl@{m z_Kw06&dWA_e&$)XR`%a)gATFJKKPt;rVG>Tn1QhM9|Lj_b53L;(A3$7now7>wr z`R1FU>C>mvr}6fWo^&yQzo1A9Dwu_^Apx`;!CXm|ktqtH}I`N}9=c7;WPTnpdXN(MH&Cc>+h~`Uw!qJt$WJBT2z_PQKXwh(W&JI z0#^coRa2z8gwkU@JKyADr3Zk{Wt9sFF7iU^d|(K?`O1hzFe%O_|4I;xj7V|NkaZOh zBMObAdYI`#_(_p~jkaKNmu_p?=W z=p|k5CPjd5FcFlRU0H3^90Aw^QX&Ju3#ou8hE#B*!Hh6Q!!v4Rgj5jIQ7lDU{oCr# z@?c5OY&l8SN(SDXPYysr;zTmNnQ&wu>>@AguD>__`4d#DyY>zng|t`sfzW+w>% zc`>S!#JUWz3v2t9wu@ zY}3nK%t>1j&doB zt`>~a1po(J=qdt6Sx_(n)+pUzWVs7W5Y5QqV5cb{NSbt_wbj3^{%z|&c&2D`&^cmK zrw?8KOmb(UV9mO!q`;hp78XTFDe^TyTm7w2RO!E?{v2HQJu?=HBonj6BnxwB^ow_A{R;GU;$}%d5MXliJSPK z|0svi+i2zbAjMA(NhEdYFzgZf1(-d8Hz&IL1MaBX^80p*) zs5p2@!BM))=TkyzUIalwVj+kd&V&7^E;V6k#zA?N(dH#bxd6tF1c^nyCPAVH?ea1v zbfE+c1u32=#1t9BOCg$pgF(P!7hB^=1ia+JD9yTxuWHDs2O6aX|rp(_!R zh8I$!fYJSgjuMLIh>ijVML`%6SdKPj?20CfbkQ(Jxrl}hp~yv&I9NcMU0z}$8ses~ z=r}67A{br@aTpai7)0~M0svi+i2zbAc*#*+FpQE;NO=h$JGwcdC^Cv@XjF-iG`x@+ z1&j`chK|%6(NVylApP;S`sYqtRgAK%y8aZ+{Y^q05)>LHe6Xm|l^u!2MupVzKu7u0 zpZ>IL*|H$s99yWgZ{L3S@Zo%Rv7mq-;?14j_%a!GM(h~TY04`Mi$GL`WJvrO6+pC& z1EG$7s%d_GZr?Qf_fdMa4_&`|Axz*#95{%Q6f9cM>WUR$j7kcaA?b{+S^ae~C_7TK zCafqaxDl`t$u2TM7b_hAB3S)Vii(PeLj=P}kz|NQC`CrjtjXT~L1IR=f0nx66L#D* z8jPUq!O=b)ykj;C_v{db9-}m}iwrtQ+)4-+L7 zCCHFkI()?6P3b?s{>+OXQ_a1UU~WtalUY=8j93`e(29yGvS7i2TW`HpWm+?N(n%-r z>#>!Um85gk&DU4N$U<0*C|J<#AVEw+LJETv4HN)KMsdM7eo?CCy3P6BrgZMG3b=-n zID^jppt`yN=EcRuL{VxbrAuCBB$7y#SBeNLv2+7qM928pV~?$L3o~C+l*=Zru+5Bs zJ9Ox<_uhL`3YvULr25FkmN=v4uKM#Lro6lyN9;%;1yckhjnfzj=9`-AF)w+4|J~s3 z9o%2Xap79lnv$6>=f(E8W%3<6)%RMbnAbN1geTsL91H^i%>^Sm+3V};ITk`{VKcLMrCkN79AtPN>LG1AB;+BBvGsy=)fRj ze1va#{S^T(D60Mo7cTrh=N%^T%=7U3cAejg5_Goplx$xo+LMDLcL>xTD~^ zQsv)Uf6Y|07F!655=PmrXsVJ`1|$G^Y5icKOEbr{UVmyxa4V)b7!BF!($HZ7V5Mbe zNZ_Ax{bA^CjFk0VXokZdjhgh$EoPiN|r-dpp$1@+jzZ!1mLWm1lLSy>seAa8`p zi!Mq^BVt(Sij1)h!ZdfmzULOU;`G?mmM&e&i+AXW22wRQh1BAJ#ipa%Xu7=UW>j_n ztEm5NA2hyp%8;I&3Kyrmg>jD`ZR8p?cS+)<4;Q~TdD-OIjUIm&peWL>Tj`b?w%hIh zI;R!yXW;UM(vQHwmSM&C9OJAL&FHDyjY+IvQ_ox2dFNpioDj* z{RJ7d>Vi;*vS^PkmA`*=Ng`Rh*CrL*=qN7$Vko!ul&R zS*-p#3M93FEmw5X@%oAK>IDH|#e{%FCJ|?lO^WQACMh&)@i99JcB6zNy1C#5;He4m zC1Zy2GnRe2mp*XphWp(zVUO6e_gpuIMa7!D@WKl(x#SWqa_gG8N7*%lqh9a0r6yh+XCY>Nez#;`5yCU0k*4qB#U)6}O6AA@NYD%iPkoSkEKZ!I` zi6pLJhk(Vlll>1Mu{;>Mi?>&mN9Z}{3W6jFyq7{Ru=E*2cOF@?5 z4^~TQxqSBU_MAw>Bsh(L=)^>45vXcJ!>C*?Wqw(J0U&xh1|Zc1FaB7-izIjg@v{r_ z>%6a*wVdO3BFhs=e(}$R^%?R`l@gI!Mk^hB&@mc4X2-;Z#~nM(Lc!Vie`oqu4zQ^a zmg_OMV(`IRS@cqXu8c@n!K7LJ6Nv;{AucpyyNdcxTb%8`ZqeeTH@?xEo$%`8-s3OM z`p5W17wyvZoMSfVvkpIn5#kSTPF)y(?1Lo-U-kJ`o369(uIm*Qh9V)aIP6tbMyDz=J6dBgd{cRn!g{AS5!svRPinrdd!-a1w z&SaMj-=u<#n95jczY@#WKV3#uOcW?tp`_rb@G#>iY3#W(y0u zckj+cZuIEUM;viP*REal>@+x2s;5Naqf$W9y68V<{o%9X`ako9rb&z4Mbym5^Rb%A{UL-P*-)d2n6ne%SBRc%001!;G zlLYUG?A zEx(7W2xrPlqE!|AAydM1y7-MnnRM+w!`!pz71zHC2##DqKEaYQM3+%1l2}X$f(fM| zW`zD->z^UD)}D8E(&h;GIINV9j7q1qVcCNUx{3*gP#RJxzH9w6N>gMc zUUVgKXPvlDny9YLYjW{$*gi+Kr zYIYq4s}!Ro6Gkh*CTuRk7PuS3sO&4uJyciWk3BoZZ=_d>=h=$^T_#4#u+j`4_#Y(C|X%`LZO$HhC5dBcVR-j ztn<8eE`4Kx=hX}!+Kzh*@&?zxF7{R{=)r_8acC%9ba4q5M?)F~+>-hO7LtHg0U6V& zOu9AaoeCwAaI>zWA!(WgoHY?)u&cJ3%Zl|EF-B2>^`BpxKIops`)u7~yDi$Ebkmok z4(d0sU;8i8vYdO4=c(7 zXBDR==8gV)eCajoHD@OviYtp6&4l;I9Qj+R$}SuYNvn$MmTW5aFHVxGYTO7a%2dFKN3bFcHY(A!>tJG zQ|X;BBzyMXb2}FRf`#*ch?y=;S(IIGS-}v_Mv@`%F;+H;J1_u9KUi+fIeVI?q0Z*6 zsqV50#8AREmu#?ZzV0C|ii<3S@91=GRq9%yY*Z7Gi*zPJV}HkypctFg-;8XUZWitj zwzxV!@!VI(Y}$^?+vKI*i_^TKs8?1%p0^$*Zqg*t86 z<>4sra^@cSf~2+(rd9;BbqH;SFe1^#Qx;&F8j4v^tSJ@V5+Au% z>K{C^R8JGJBWR;ar}FB6q6e8khVDiY*p4P2BkV9?Sm( znR2X5lEGm8{L9;I<3rroRrSoF8D#??I86*SApS_YMgt68*g6{iWP>wWY5g@vBrhFw zg`?`v9H1o2FSP2fD0h1x73G~H_nFz{FCA1^(GUSrJA}Uyvx0KkP;T$b@Z{5S{#trTT*{kMUFw>A3hM#p445tdjjmdBu&ni8rI|T3*;n40eb6r|@A}iELq_x;(y!zErtCW1Dla;2=)t#r{Mg}Mvx}VWr2wk_HJ;hFoA85A`ooaHax7_EU3OjQ8pChbpK zc6E81Cfe#NTrQ3xP(c)8>X48Kg$5HOqevmaFp8b7_%Lnh!ZQR0Bi-d-Hc|fuE}uQ&v62BQiJt{zs?!GXOE(S@N@p%o4dTF-IGZqtu*SDMETPz z91~~ZvR7UlIcfVY|M+O`)|PiZoj7CCp=GR{FM*X9o)#y)#DiN~0Fns>bCH>cRpN*oaAlRkD3eJ)k z#UBg}J%|^1jLZ%^4TT0$LnxNCLA*v01WAXVppRp%fG$;5LT_>ql(eh9JN27gAwiA_u(k6O!%P44TKhljC8RpsOE2h zP?Qo(I+01~#kou^keqBd0)z%q6Tkvp(qTc-s~dv}BdSQ*L4v1=4@MLmQPkwcFv+<0 za{sKZwOemF?9{hI)!%sS0~Wm99bSH=!(SB>bCMbv?2M|5WJsAsX%+Q1g4t9y1|7%I`#^rYtn$fD2to_=pmtE7o7%#d>hdbyk z7}8Zge`#5<{^ru!j~&@3CsXlcgc66@Ox>{~Ad*BuN)W&ZXBwPoOh;fNVD$$KOm>W# zxR_&KSercLx*2=z)OY^_2Txm?p0zmf*h3%hx>d)U_Zv{3_M+`OUVOsf-`_alumio# zHe7dJU8+OpsxyDP*&#Rm^O2)HUF3TA?tT9G=W~(cPLA)%aXKp(te~Xq;wH9?GK5su zhRluO_~Yq9>S5@A=n{#8lv z!R)q-HA;OfpcJ!{;zz5$9X?SN2bB(1A|^gi%H6}!w__|&kS@BqNCgs}&?rivA!It4 zPU*$DL06}6CB>0OY9vgUgJ|HY(*~&_q|P^B=w#P~!HZ0AB055HwBSq?Bx_XP_`c;A z%O`cxn=Z)QoAyQqTenl5QMX<9=HC-{7adaOcLWp_#8{D?rtBz;f>AUXvCx$fiBWc> zalkQ^&P4q;ICbgDq%#rs0SMkwSq?M23+Ug*00R#OEJu$x!nhpy3$2nO#T*6l0suzW z>ESr|AEeY2gh$7S1P>UA9VF6O{0G9b=GOJ>R5Y{R|6EDNeSVS!GHq_dC3n8RLEnxy zKR5Z~tGB9ZSHd-qA*Kk&9-T_+7S?fqTsXg6N^0a$WRWDJjm z1=%a!PAscW@!h;xfv-p|Y~ZC8%Q?%#N%qxfG+b0zSXLVC+Nt=s%{z8!zx-2|O1gd5 z!rlHbhxf_!-3E-xEB?ZuTcHF%%7}y;E+~)(CM3GmUqPHpD?hPJRHbvTc&KuiW0Wh1 zNQ#EyV^Np9kfA|L90U+CvjD(_uE=W^(B?}i?|&KZ)xGkNLx+5|G&y@o>aqL&`Rku| zy6J#{T;9HE@@6HX*>;_dKXT)n?*1fkP-gQDyUwXkb?Vgqv{Qa|=nd~bd`x!efUab; zi`>YOBe|0!5d_4FQKdr>DG9&-W{U-YkitM11ry0wOS;gU z_ILrK7D$Z@177rLjLw)mE=Z;EHwCIG(|Zu(sGmW zZ#d|}**7}@UPv$~Sk&c0mAftTuXB9TgwF}NYn=b)kT5|hyZ`wV9Cd|T9#CwNyeOuI zPK`@;Sv2A`xW5*ylh$SMWW;=^A$j*w>vGO<`JSoYP{|AH5r zw(Q?=;#bwNwD;BWpEU87E(N;F|$g+i53XfQ{%w*EvQpuZR_^Xe6!g}-+sdBnofp;oy^J;pOwNsL;P zL8B&ul+m9=?!?es7{W{IpP!Yv=bn3d58Qm>#PY|Vp49tiy`H%DgI{m4&P|65=JGbH z$@{9oo7d>orz3^!J05=6rVrl#aqPg%&jxjyU6<-q)&7K2ety_Z@7;G)cJqPVn4Vqa zPB`HNeiQ$lVX{rf|7(xsS0NG_km;L+HpA;Nio)U0Go6=rQ(yPrcTH>!+;}5ZL z$uyD#VP25`p7kdJF`2R{qKA>@s^&MHHOi$S)eSJ?NP#sZ7c1|-tNsw6i42DW!gQg^ zESl~A(9S)jvCuIrwrRk^+bmE3=s@bq#v;{I$~%6QV-Dc>*FqSHKWEOIufF7$8N6B9#bc4Q%p!hs~;nh{RIKtPu%c5cT#Q^`4lf3bE)b{J# z^325NV#x(xFaE{v`cJIQR42lG>I6VlkyppXt(Yq=SGe5!6Glvt>FR?Xnh{2tFj(M; zu4%5e{)=nld`scgcV}{mof-HMfSP)*DV|(f8)LI^w{ej$pV=v77U@hZ9pa9&S>qNk zlyQ451du8Y3NWn=QH2;rnqaM}KcVoV@tCYtXIajR2a^5^P`CE;4L+#w(R83KZZfKR zS|O4`;zj*A`+(tyk;Ys!S$+xZ{`>DAG-%LKM;+9o`@5&y@m|GWChxsVpBoR`X!+%> z$>Teb{JK!Wixju-xbMNk9)IY=)WO+dgSyYFPj#rQI^wrKKkBBx-+N4U^FiH>+oDB_ z_&y@v9$Rt$fq*s*xEW!LqNM4ff6w}pfaB zt+I#vE;Dy;GiJ=-btp!v@m)wp{VSYfp^Sh@q=rQ?DIE$2gUHZhRCc5=Sco7ada(Yo zyZHI{;q-2t`)DPds z4&Z+_rd#`>SqqvvcXBsoh5jcexx#fXFZ<%=9p3)eg5A#^eBB$1$G$kXqaZzK_1AB?<(6c3 zOCkS=%t&G(F9qi{E(*kci29So70vzQCA01)=lnmmAr@;W(g{d#tEo~mq)kD@s3u)p1U9y^AaTctmxiQc z&%FfWDW!k!aqn)q-G`y0UgTA{yQHy?i-6*M7t)P7ZwlhplX8*Ba>)ooSs)BXbyj4C zP~<3kGun&_kkLCRWb|J^xGq8c+c;sG$rWK#f<%Im7hPRQViZGJR8p9T9ul1)q`=^< z{&GZOv{2}PxdlVna?`F){dM+P2M*v0Q4ryGD6zTs+bY_XbXc$J_Sa6?pep*<34IT~ zbxLh4%f~v}7kdxC`gOknT~c`aS2txBH*}Q|0+y5^Qmd=f0%JshzeujM{-JpMvG*4@ z#8NZU-qOJPa1Hg@#-{X=+BgxYnv-sG%Pv?F`{>S-G1tCeQ}6I&z}Boo1&`}zfQpvlT)7%(@wG&!RP#`J6@VMLeRMajQigi8yX z^U9yP;)=wgnkv3HNXo9GB^@wBG{rG)3Zm%<;{XKb$nl@QT^#wBmE6PerxN(?k@!=} z??M7#6Q*81Syxuo&G=(6R?_LBKm!a4QUFKHKPq%ZSVI`q()kBd?lXT}A(E~{?oQ6{ z=26T41t1t#K|V~$vW29Eab!}elG2G4qa@X73}(gpW26NcuC)HdQ62m{FmLNE*Z=(m zFP*YaUp|PaHw~F8Px&7D+rkURO}}!V_0HU_`!6p4{Qm~71JwZ?y~ztx&%Hi*#Ob^7 zVFm6u#0shGRx#PF;3xppwb_AzEp`;?nkg3IU_plCv3c_vxn?X%XY1>nQH{%6V^eBr zO%s)82~f{?JRNIF&t1?^R@G2a?EX|F%?XnvbSL7iSiS=7WzE+)T#;h9ki|6@^i2?_ciT8E#bz1|f^8 z3?EX6sHlq@5&}pwN+Bb5;Vocr2moDzgQE=W|9bX_y*xk}BYF8dJ`U+OlQ}893Gk)Y~_MNlP{KF{RyIGH^=TNljnVUWoP7S8;rvK$4r=f zK9c(vR`Ru?$)XY=;j?1>^@!3q<82zsLcPLD~|KXf$GF6?c`<47(nJ-u>Vky{Qqz&Ht}wD7aYU}P{)EB>$ro~3 z`IOQfeNyu?)~szx6yzhFj3}Jcz@&?blA>Gv0f3~z6CFtdpcF{lJ9qBPMQ-B6i5I^d zesD<7WhsxpBr&(qtM=b}b6*PyT;6!J%zv?XGR~)LOUeiRvhSM@e3U#qyYb-l7uIA; zOWN&o?k?B;@%3ICWIA+kvmh4-G`RmLHF=E#7`n1x6k8BZcOe;d{M;{SE&twy zxRFuk7?iMx0J192nD%{`iq}`yXJ3jX>Zu5Maei1ocs^tXR}}4&|Mg0zvE`| z3nqNOo2qfco1BTd{^@{a(rSR7YcobkrbX*vcmvoF+ z+y@#!X1&dK8TO}}UfSsKNv9vU;X4y+4j4OOGwB4dG7%j>PS@EOhy4w=P|}6qZ)TUz|}|S}?uQo73bi;qEQrZr}MYk#xtGTek%NB~ny79#3+S z;|3c%Z29`vK_s2LDBT+D|5V0R|3|66 z2*Z{JZIXW1{twc<565y*HBm6pL>GUpBtl@J(UmS~VE)iB-+ejYfZT6MF}engL-Nu~ zFCBEyLFAP?8PUn23D6Zcv1JI04y5qV<0PaBsV=^TS2VUE@T}2%p5|nGo%hdXrtd6ayu^+FNvmxuoH{0CmW`^`Cv6QKuB-FU~1JMlt(S;BkZ^*L;CR~^uO`r_os z3*P;FPW>+r-^q)(J8U;yuHt^vVI>6|f@N_Ge4bhf=rG|Fg%yf?S6%(UVWs!`fQjRQ0~RKe3C^ZU3#B@_%JGlKT!S21$7oC zZ!79f)QYxd3RgJ3>&mOdp!@f)zanr%XscfTTB{sB6e}rYaKz%~ySn}VN3OqC7xc&r zZ5?Px!j|%BJP-Qf8c*? zmA`|NsjTeVz39!;hL)5Rve`BAb)v@fm`A@n?$^Cfy80i_zCNYb=KXg$X8TA1Tcq>k z>8~!#)WPTOrcb(j@LYN5x@r37B!uCwX@bPK+WO<`{&2ass5X<1H7@@!CHEG3@6G?Z zqo0d<7Dbwt#6N#`CBHq`r%UQL+ct^2m`RxxCRJY^-2NgD}KUV8{^CNNQ4I;wF&aO%#DqEf2ax;4jAZTeo1= zl2~K7m>;#Nk7rp1?B`tGc*VsHT#PFm4=3ZvrkHzCvTQ-k^ncAgbniaH_v$}&L45CH zwtD2+w{Y2D!>%v>@vXfE)F%?{VPeFX5sB0#9Xdx})n-UkvC9HgkmAXx&%Jf^R|@X9 z$jX;~*V0o;Xt_NKN;DYKAWSY4NHT<6gZj&tP(-k3q`=NG!h%A>qMDdw$o3zRp$if_ zG=S0QBIPTdjAHpQ>fhr1A3pBezV4s=O@^kSDqyE!Q901DGYuq7UFk?pl6BTuhlhLo zjvNXXFz5X328>!z0{+M$l160O#TQ@9C5_0u{$j6Ga9l|Zo-PVa#l=h8uECT902Uns z4XNTpK;bZBL=uDv;KG5@=SR?WdAs7J-!fAe8%AXfmdEv!_N^bJp zBT62la<`g4Uc{k6%o+@_sBRdIn_!xkzzoqiUJRi?3@_0`27PUmaMYSloh_PI|H{K} z-*)`qBX;do&(9q-y2~3cGVXqUYVG`*+n=4>t#6NAPTsGyeF?#RM(*f1#s8|10+K?h z$%|r@@m+Fz0rcQ(v{718e-<7u1R5GLiC81i)cE*=yYJ1N(OfFS(c(yLZ9{zag5!5c zZau*L{-ls17L68j9JTUQ5V8vZD_MjzFS^3Cu>P7dlJ_^c0aBcnNLe&;Y4u#*{`t)z`}P|?y#MsYnR(UOk3Xxf>=at|;=3O|AKt5fXvEfK zl$V1g!udJ5b%=#@q(&hWI!&}?5mk)x72Yr{tUq29jbx;84_f{IEZ~|c{%2Kkhf?&` zZv9)b{#UX8K#6*)!qgB&WoNSguKL5)I9Sc$DSFx~u#VaZYYP?L3?PUeuPeA%Dl$Q2w5}M^6-+Zh0%J%pI7D zc-fSHIpSTqUG}1PLhpU*Rdic!6nTAB&Ln_l&0Q_sg3oRGB+?nEyv8|55->EdKvDqB zNXBM5Mwh|!K3L%+JnkBh;R%P`=LpED&Th;%l-)y0eReT7kpD+9O~QeskYQZeA1j_wOXc3Q1}JOigpN zTA?VyitB&t!R7m2_2IVt+OJbwKARs@iDwe-BFD`fFLu*Br9{%|=2uUDcgDyA2JE%( zhF>j8&smas{iR7uCr-I|*L24UcU7adFo!UTrbAL_zz27XD!3?7%pb1)?%jf{$Fp}9 zd+K|C(!`xH?v+$-gI(+OSFNuRpVtD6y@ib+ zoNs{T#nN=i@^8W`1;NP+hP7^d7=n@C4wSPH zp5N;#j?^rvn?H5#alc4zH>ixu8(S@RKU#h&6mumzsd2)hIzW$x5vthzdbkCk>Zyxe zmetlDFI?8_^IW7L(XW2>D?a52bGn>#q9>}1QZ!Lz6eF|KbTmx>G=}Jk2@;(kC=AJk zxnoiN`Ll2*JXC$&Z#O>sqIb@{VA~GGMN8{>CYj~qsXPScE}3KHW;A!{^uJF#_<(_X zjuQ2mJy2j@fldI7jM7+(v{oPFyn`R!Z4;y*vd%XKVN7ro z%?%hsV#35Uq^=?nK|w@b5&%ZP>}AZBS5CppRcY66b@PmJMj??w7sJ3+*`Y@Y*wW?g zMig~bvE_LB`D+`BF_$|qj7aRT<(blnC!R?C31tzau+xEQW>gnP9{jH8!YB`>WVg~` zBo0PL%O{3hY5j4*t|2gZ(a2?bkPJrc1zh2{SiJb&>;W6~To!i^Cl@VgeE6wP-uig% zFHacp9W$T^cspjqBqPz(L>`OEixE~BX&9woX?6YGODMc^4<1SC>W!r!%-vh{qT2aW z=A5uodaHp&T-$i+pck_o7mzR^9cxlLT`{3ceMB3hUoAHsbmSV;pHScD^ISY8S$Exa zxx%5qko}YfD-o82m5kUa2Rv!Qpg_Pk-WDNwq?%|2M_sracbVu)Em!ESTbSas6A5M z)~RGa(FZ+aETzD3vVu;n4Y=JqIH%a8g0^2s_rK^}3Zr@Mxch^7M# zLud6*PK;JJMsWp9gAxEnv51@R;VhaRMuspVoiUp&aL;v@|4kf{afK@^jxOc$HhK2( zJEgZ9QeIhE$x8$-Zx&W@h>1mw>@XyzhLA8sijt9(A_9!6i?WLPAA9VvOO`C*bIVFZ zK(f5@$}2p3%qP$N%L3ST+ih6@M8l*~pmXS%0(RkWXNaV9A>iteKc|c>qh{A(TYlrHmp9pMqaOV_6ov|Fmewtq zRbBnnH(N(u{ngf+J@irf*=Hy9-mLdq&wjS#(=X25E8C@`t2Q^9B-Iq85Fe_djUw`7 z)QpfnT>W$DGMNdf%+w`IXD^J$m%ndo`CF$H6!R?J)nD~Q!r!{exCZqnf(|;0RZJFA zSlzGyP<+a(E>cat!ejZV)ZZrzH>;JVgM=h@+yBvXUo!;C7?rhYxH11MWmcL$7A+^FjJ=;`F5rq$=i3U9}LhdVF;|IglefLB#)ZFtff z5D2}f2v<}PD_88&L@bEd?zKx1up+jrA{MNGfPw`S3!+#MP!XglQlz6u6A+OONk}2} zr2p^i?__ca#ejOR`k#4thBa$en{U>h*?aa*A{WA+E1X`i9W`nc`&>Ei7)ebn{~Hov z0_NwRe;z2zx_s@m*RnKY78mY59U53ru@IO3g#pE&;b25vZU{7yM+S}tLQSD54m4T_ z98tCS#dRsM(eWpCXz`D8Td*rSDq1wO9L+b55{( zgL@BzFHBKunxIjkV3r!b^XMXkBLUpOM3N#S5HKl$*7n7pS>s#(2@@ui%LLQ|(|{(= z_fw`!u>pC7{9*R-1tE{(6OtmKiIxB)427y8h)J&oLaqB7!ow6zi9sk}ny4&YpWUcg zgRZC7S(jNfe`o%f@oTd;B|dqTZ}~6Zf4?MR(@r~0yb5evcVX*uPV3tBmNTZzzI)`n z8nb@!ZQJp1=g_(}D>G7(pNv%iicnz_3`GM8M9j&c;-XU6$itBU1BB_>I5hlG$7z## zkv*<>yQsnkl=#IXx{iQW5vM@{{T6eLR5Su`2vST44TQQP_)C~*HE@}NDGr4A5|c-! z4>1H3n*;XGhQEL!JYhmjz=0#upb&sxc1lSbP02A}jo%UCYvj<3SwIK{_`K8O^5eRa z%wg2rR}z3?payP?Q)?JRLK7O-7^lfJQzPkW4Hb^OOEPeJ6giJv3kr+V^HMW?Wk23~ z7y(PAay;?i(_a)VU9{znA%F}`F{y!$s3Zv=g8D%CBhN*S3f6ed$?xT(Fl6}q7EECo zkMF+wE;SHQQ(!*&=%WxU&{%Up%C$np8UloYBRHa|C5%UhKOBSu@rQ!|UIIgcdD%b1 zo_XlYmUo<$mlv77C$vD{$@=FfP&A+cHgW$IliB_-qwNb%|1_XT!tx4YheDn@H7me z0TW3DrpQ$jl7d$+aVk`Fg*kjUqNyc}HBAlE2R&%eAPyUeM;-%f4VeUBf;hWV4)En9 z57r3@38-Tqv(#u|3K`*pB7;I+$wn_6jY70khz+Kq!VX=?+c9`We3;FTiX1v&{X<{Y zyx`<|?|!^u_mVXab>y+E=84C}+!7kfOJ)3S*^<0-XLbF8=9*Q)u4%fqC^n=;%dk2% zD(N++QVzqo#xiCp&2IbZNtX&;3Xd9&EJM2{OlW)sMvE4c!bdc8{f_wK9Y+|)S4Hxl(Md(%$w?iPqB_BZaSl z%Om#j1)su@HSfX`4l)P`G#M0!8ezmBP?vl~@JC+O4mA^)eKr+*QE*LEn4)Mby4(+-Z52;tH3O8rWCN5ZK zC>)utS+mCdf@V0a{@FAkq3kOjxxg$oT}U{kz*H|a1}X9jAxQ{ikaPjl6o*;{AyAim z#qmdydkZcl2x6wj2nCPS*o1?9XfINmA-I4~fhHdK;!sNkT?*EyC65IS6D^5J#SI5B z1Q4Sj179^wXzV~BP{I61_^{W18~T3{f58YEICY2-KTR;9IQ+pOWWj<3QlJ~c6%=Fw zAzc6nz@bTjpkRxdCKnHfBz$}fM;1IO|LzD!Dq`YZgyTbKs;EgFy~*bmk0xDmfeJJQ zCSEid(t_!15~L)F9|B#cg0MJ5%Pknu(k0^(qlsl?Ow`hOHts!#F2`6q3QZn`~ifp^+FC6#p5^RHKB1N4g`frToalgSz#JM z@!(yNBSuujzhC^{e*5j?k3XJA0S!>X*r6$#&ZF?B3j$N14Iy_(!Ve6OriwEnK!^%R zDcHv{y^0n>0>n%gH0pFw;PA)E_`9_?-+VJooMJ?ZPOQ|MjZLuAMd23|aJq{H1Zbj8 znsKy1VL2lV#UN|+O2##%CF3wDGA=&4$iu{@*J(kJ1qdW7f|v)0wYN3KNNp~R`L9ISP4KBg*kElb@6}kssEI{bx^u6D#pejm0KDu`KsJP zMq;`K7`*rhbMcVDjssu1u9hNAsc3>V0o0modLg*W({%!0u4!rlFoF!a3evgL94IOm zpzE_mb>27C+##_TLh1@G!rU@$3i2SFD!gpAPS(v>`mBQ#E(1@Ylf zq-AZDE_U>4XviyUxQPZC`G$S86bqzL$qBQMr&X~7+Kz}E9zwvoeRP$WJ@F@z_4G=;`=#r5`!XI4>5|2W~ zn&-rNQ2-Edpyk&!VY=C;S6I=jP$A$*iyC1mil9rwhelr7ZdB}@io6H}(+7T${Iq3GdldzCGQxQ7ENhk;eU%ikto3+ z2!>i|si*`?AW8@@3e^rY3D6YrN8pdsis!!qV>lYx-vj@ooZ9wj8i+xkqS>O!Xeo4& zZB76VkTG(m6IxpID&c@qgzIuP;Y(Ncp|#G6@4O=~`v_2=5s)v!(Dj2b1T}t}4G3B(^sytBg*w$p+@3!5UO>kP_fpa2}6sD!^%6LwIxmLhZM~0A~+2r6$CJ=uKBO^?tg&jimqOdVbiyC3agfCrO zz(oD9@y9aijFd36?n7V`%g&3uQ^O3*f5jtVYUI_c!O~ajp6L;j1&sw7 zVZ{Je>Jk$H3i9l2n@Djt}> z9e;VjCYBkyEJNcOnqIo7p#$+(Na8En{{sFvr4R|R;ncAS>&2#A%eb7%BQi9hWnX4h2c{!pG$kn&WMm&-GDXcgf()i) z!SNL&O^OteQ5cd$0D>B8@To;em>NZTDYD>tcZEVy3mAoJ(M zUuZMTze@gtq;_Izhj1YN65x@PhdJ)vw4?^{S8`GZ*B{b`grVlbJk2=y=NF4b?3_`llhy`Y_IP{8-BEsATLhu^Q31gEbj6xSGG&LSLvg|C- zOBZ~FAp$!P)Y64Oo`R$TkR4Pg@Tm!dnlKQcmO2E5E-a`QLcf*6pL0JH*=7BmKRC+pes zuWpjZ6a3l!CD&>~Q=lm>LbT)#3-l@y2$>~Ft5f>OPp=f!OA{@P9a@qQa-oo% zBiW}ZU7CoYq5%Gc_!ApJDo%wB4U@1n#cs%w)IdaQXlMxv)sh!2STG1vVsb<;#xdm_ zISX){Fa%=M^vV=80+Nvm2C<`FI0~L7Of{*ISJ;0-{0WShUD(0=2a4eOqkL8llk;Hm zcU^xDJ^w@OiomTsprB0Aq5#2lu4Tnt`N&YT1O%=)T0v0ZdP5xoF$g48m;eZRWmfVC zNQ|a-QwR!@@X1=VkU@(AQTbx$ z)2kskcT!ROLSFSBg#XHwEBSc?zQw?!2BLteDFTWb8UYFep{7Zk5Oj&DLD8!?5rC$b z8cA7zmQ8gznkGh^A_QIH$PPc5z?bw*n>KYSLWzL?>iD~4V7v?pC{$=_us}zl$zZAJ z)iee3U$9UMD3Amnnh|qm7dA0i z&b|^6%L-2fG#0RrFf;`|g(gM8qlis0@fg@ETEU|$*AUpWw!Fxp)ucuq8KPA$iqJ4= zQp=r&Op~ZkAq>^tsO2uT+)cpZsfGcHfSl5MvhP-qN1XO2^s;}S4PS& zGs`Pb~2@tm4rqL=)$} z_`{?e1b>a%*->J^3@q5k2&1Nkk1#ZZ!vv1H-|fHRu)2Mbs&0WHd)TR zViCK#c%UI@x))1GBF41=M;k0JW2B;JsD%iM7^kU=2N|>|YPyw3j!;oi4AjU|(~AmS zasf?*vOt$q=n|87C0wy(l2qb0gPmVv)3L>J_DAa`37!jZgCL9L~O?u(0b_Bu<+~u1TVU{asNs*c^ zEK>_QnNkce5un%E|NG(3h#0sA$Vj2x*j)+%f|w3}#OQ^u+7Z}+6U=`yC%FEQ43t0l z`a`-NV*VTd)xyPqG9%=&(GTa+gl6IyGklW30^ku`ArN^PY00UnnVGrl56G~l%K|s} zx}s>Jj<9sO>SPlRmIFOXhMJ-Q1S+Pjoilq?vaV-pj36UnMFa}Y=j~oIW%?R^4g=xC#vl7cOJN8UHL0-)Q%W=4BC+hX1(M2bHwwJq3+7)U z|M!c3c53RLJz4zS2%DLON%N=9+2ONU#~3MsC{Ph5L#8OTlx&`?_75>C9{8N{Do)WiU)^r3DVz;|6c1q zh}q>pGoghQ7PCUl1u24F!AbyJKYXUug_m`{s&nVdF1xsGtG++w*?mHiXhA4k zWEC+@O^<5VtEsX!y%A~^kRu=o+ugS|$Dc-6kN~xW@kp_Q@ty|s^XZ6T5Do!jme`;rMi+|k6$S(x zWYm-vlCFs(1Q4?hN(-Rvg@4}K=i9X554^Q*-I_nje9zNkzT07+jQKH*39Vbd^P~M+ zaTGa1*9DC6K>Q2SR}6S&EkA^aB=YpCrb(em7$62gfwN!y8H;))iI{UO!n0Yhdg`#- z?(TEfU3c8x^VS)ged==fW5l`)xEJxXtW(dqtr&%BHymVuMUX;+mT1gEOAHGNTLy(Z zw3^hCbWL2KvN!$((+8d3w%dd>t5kvfHzs9e-zQgQU}xP2ty{gd$_0$^K>RfvY$8cb zQ#DNr&4c2f|JCDdT0b)*s}%n=WA1-%wRK8im=w{ni8V%g!2B;wOJo!VS`;kMRN)qM zCrbd*g3+g1z$p;OkH69v~bJ zlK=Q(EE*=Y$>07#-}5iI;)=^J?|4C*KI?Kr3UiYmdH%7CVv7mZel`D*Q8_UF**`q? z^r{T|gTKfq|9u;$a4okfy`smh_g}vXOyEy6=mhI=7x_= z)KSz5<%O3wp1JvEvJ!3XJ1wbTr@ZNR>lU~h;dZ~d$!^9WD&=5$XLQ|GSz=4k=nhF(D z6~R9=b=fmtVCj{4KVN+D(a{P+HNG%QO}A(@W8+UcI@I2NHM#nW&x`GsrHTzPnAC8P zCt3wVR47so1%IZ-n3>PMc~-MKTh+x{Y+Q7hJs+_JQ!);LyG>K>zxm5{Q--wV&qmOz z;GH`~1rrXn3N$u_HZ)qKe{2)Ovkgocq2|L>hrb(<07neV^oo#iMjDX+CE@&b=sQO* zyY-lrAN9ZGnL($XF{*hbe+=ki2b(BTT>ckrp4`6c;y0&1b5y7wb7T;9k`Nk#0wYK` z6~RAk?X(f|>>_YPXyz~Lw?{_t3>STdIU^#3dwTyDxz3ur5E!oIU0nJ^+9G61-|W(nT!Z>v^q+O!!ndyDKOFQ3?>T{}20Oj%>cob&U@ z`-jb)JE3jcw(qaYNL>8>t!>+K)7Q4!t1DBzg$#U)Z33Z=Spw5$E^9Oun8K!}S6$RZ zg#cOwnaSLFZ~AHLmL2KU>er4msS_T(W%Ocu_(|D5>xFyX{h=sp$3!ZC51cR zf9ggMCe#-`{h_cVbz;9R?=0NKCaQuIqHP*E5(W8wSJYzLeg0+IJQ+hu&m0!KX z>};Dh=;_ZlS=YtBm6HaM-feHaf8f(UREx9_?OO28s9D<}NVHXxM|kPq`tD&<67%iv zM@F44O*AoJgrblXApz4%jidsW0KF(`ah=eA@X{1JK%4#ExUzOGeeqT=6^BeqDJsg_ zKJDfKOU#PrE^gQJlgV%1(tn1{kCNo^eQ$niZZc+zQWieidqQe)aq_A!`gl3hrq8QC z?6yAzTe$73$DaRe-sB-|+T6b~%bV0t`^S}jnmVZMqZ4;~3j`5j1EyjlR0zdPt*{|% zz@@99b?W6mTBpW@?%AE+w8NEHO-suu%1`|A`2N=Xiz7dRfR#BlAWu+e!NW^u8y&Dw_~ti=Yjz}+Ibht1Cv&z;nBBg+GEdsI(yO! z?bNNJiDZ zef#@fn~_v#msyK`vG>?lwCjr@HxoeDd!KlGv5DYst%5(yp#20C&5LSyc#U6_(%-@6qR7UX4T zWf!p2q|W=-y~FRBzHH^94?BXWj*X9K&~nhMB`a5c^GM|Q(Q`NAF+4PcYfE7` z#JO{ULsJ1$(oPmvhHI+u_YemhbU?mkPlUp`xPJB}XtY zH5_~&0DrrZQBqtI-SUQ)maJJbXY2!$Uz)hVSM!Xv zRmb$5Pn-<@vuCHaZF>?%0F8JQGfje|Xx<^<06V>imBT-*dh>fOYy8o``=5M&_U25x zo!2<&lFJ*IIvsis8Gcp0h~1yxKX84s`-ZJhKM z{&>3`&%U*U&4IwcnUE-UQapI63A;l0=WYD_wUrOv)9sd`bD<4;j!j~ge1QG@B8BK zo4#hvf}XhphkUg?{K!k*xtj;&yFZ`(?#&%qZk{!6OMZw+Tsi#P&11h_#n!ZS@z`%q zKe6WSh1c9QxYb)zm#+BYifANg0Eg4o!)-tyqBBD**!Ees$|F9mwFCN zd3QjUI;D{VCSijo17XzE78!35gckl{3V&rge46PQS-HL)vlmZ1!zayq{K{kZY??iC=0#kR z-!16dw2GYt6(yk}Aus``@DPBb@XF!OB5cdSc~WiJbCK;pK|iqLtnjp;KsLRE?x26bh72TR~B*4=-t5E zg=^VcH(+hX_bcD)e>K+NaI>`J^&4KS_V9|;t3SPU$6bSG+nZ%mOjM)O+7VUrxb!8D z*#%+En(qf*c8tSc*D}b6LsJt3N`OYe%ptA+zXgBXX?CdbtJu6K_MiXq6}bMOf;@nf zTYnf7!i-TVM-v&EM;vj4|8@*DlvS`O_u3wiqv>J_3(qo*s)prRrnS50r!U9P-j#1Q zuUbiS*1LnB9rhtdJ~{bZJfYdf4Ey@|=9P-7)@@`=9DlfF*M>ESeKTgrGcS!rEYnvY zvA4(cZV(+-V2WxsY?`z3%Tc4oZ?0-Wqx?rks5o?l2vNZ#LJDCs9{8F_CA!4uB61Eu ze0f!_9ku9_p?%nsuD@jX=KQdu&b^a^sl_{rGQa<7qUm|Tk%iGU8XNQat#>~^b6sXw zh{?+dsb1AotrlIJ?aSJ-_7h{)ef38F{=;X?G7D1eA1Vwh%rxD`Jlwusai!zhG%@#l z{CM-YqMFAv=WhT+d#R%tB2EZlOSA+=v|=&}MGjK})E@qJbYuawhktfXL5VrCa&%}| zNGOlmoPEU{b(I-=Th9USe3Rnc+ZU7+XPG8rNAx^0+{B-BVGnLry&E?ySmO~jkExM4 zZOmKazTL*NdQ@0R!*lOo_)C*Qd@E;tYI6ga|DA!QYs)-1w^o3^(&%d}ryd(70GT&ZM7} zicdfN%Ji?zg55roUl3X4XwxV@ns0rgkG;$MwCv~9t=}#B$2B)Mnfv`FU+R*9EBjse zk8QtjZ`!wGlc>b)8OL?LyQLYoc3WOi2@l_QjqZK6$;m7#EQzdYW{n+m)068)%o=s9 z$pBvBq;T)6iwjf*HBAC0pEU%SlB6j@_(xPS8%N%D$tBl)Reb-rZ|m)92of zm9vvFBb(j%$ca;CuH}*l-EO+S^-lW+afJo>Q888R--)VJoRyUmQ}G1jh+a18(eKmbWZ zK~(g)@4}djl*0IvI~-$pXD$%rH^0E9N^y8xcx*&;Xhg9o+O}*G+0ryJW9ROOOCNf` zOq#nf!&hQ=M%J`#%Rln0@#HIO;Ges7<#=xMW<1ls{|D2*HS;s=ZACcX-}P?qbE1k1 ziVEY7zS=Gb1K;^(PniD|Nk#JCO&p=B9DM!%E%+aD{(DQM@(nyuchR~@Klu8u)yeMa zDAN#uvW(KiE=a1TNms3A?ajuIR;Jmjl&;*}s|UaKVR}JPWE4rz@q$jBFTMDhk3XJp zMWdLaLME(brJU{j>Xbb`jN5fRBEpKb?bra_Kq9~CvX0jycJ(opc?2&uEsHXCX6NM> z7VVkzz}Yu`yuIn!ZB9S&$h17~_Rt=+*}?=6rywRmJ#lI?CwL0IgeqY*p%uR=&P&;q zRqKrF)+`*`(M4!mUk{9`4rZwYiBr zpOSQ3SHMviYJcrk+e@yxx^t)7#*LeFWkZ@Ah8|t1Bq=T1my-pEg_*n3vUAgNNV_84 zj}a;ppa38Um?01ty3`DTfZ@pJ@u5?gI1h+&T*0KI^Jr|{dDVo-+lJ_ExRY) zd&LEBZs+sRViwwJdFi|NWas2&WU~K+6na~qu}e?p`j5`L^rp?R$F)80^d^QE-9@>P zcK9Doo$>jEw=a6WL&P5YZHNl-5V>l+!-S^j0)T)?t$~0)0?1S1k2tN{8-s5;#k{+4 zGfg&SX2Y8xtX1MIA;XM}j1I4Ce1&%Vddop$P(r=NCa$HyM;--7jsNH9w+LMxpjv@!e&{(F{<|G=0@ zPj$YukMgL`Okc53Ju6Q8=u&~$}sbI*%Y!TJtr@}pfIO^O_u~^UGQI$-H+eZw|nQ2-`W#bdBmO8ANkVN z1k*uHHpy$;K}pz4-c1Vw#_K z{@Ev*)Iu%*rq(oy%}LGl<>mYK#lN7KYd$1DldR?yn{t(qh=BlXdfOGO?d4ZrddbC| zF2As8G!IT>OK5(EuP{8UI5Uf@$rl-c7;hCqxaLVN5-qm?W0^dSTl_;panY)6`)jZ6 z-1+u#6DD0$$qucAxywpU&-HPq5_WFir4wGeF?m9t%UX}z$;sya~Nk%p}>n5}Q z!RN+qNVUI&uq2X&pjvpSsonHER*IjJB6%>ZU#C*BUBb90DakkXWP_LT%r!)v=2mQd zQbfIab?VlNMa)YBP8DoMvPsOEZ?3=g$`k7r@7%D3rGts_j@tYIfD47GA{ec$3R1W` z6krNFI7p(BzGcnE-C5b`ySMJj;Nq@cy;4bj!6`RBuyM?Qk#pK!cSZsi-kvQhe)QFD z*QMWM|1^t}GdVn|TFZQ&ZI}MoBb)P7G=EiUjRp-G)TA#Ys|8&LYpX6%%XXVw<43XX~~<$G^rC;%qGKnR$QEs_!DPDSGGUi zq;6l&bh8p>=bn7S0~_BP$ndXinZOG)i+|}G7h)4`;7=h=df{+?M|g-4Kllq?YLk=n z%XU6Vvp35&p<*M$!Xo3UnxAsHFilkLf3z|`PXBHPboTbe@2oTbY*Nc=d5LEc@Fgw$ z!L(_0PLsM3soRsddtpbc-O_ye_O$gow|zHh=!e@)ObOdwt&`iCAAU@Usza6?QL`$W zp#LJoFY&Pc5+MW=Q4#zLcP@Kj*|F~}S~X$CiWL*bPZ;?k5Ah3r&b7F0T(&u*FzNg8 zU0&RFR3zyae$=TaEgSsB&zX7I+m?-dc11#jJqq)7USg=!{L;%e4gTzB`;~a^qKVI& zi!VJo$|A2xCnWo5=oL7CsT>vps`tg;@>!&EQfhQ~=;70sefrIY;)syw1}AXdw_tTz zorVqTd#MP3(X|?xjafKn#i(=E73Q-MpPBO;g@!e|=$wyVe)H7-TwEo$sQ!s<&Ci48 z{AB+!_?89Z7nzP{HjF7^S>NbCAj3|6x;d@$9p8?=`;7;0dV8UrFQuqPLHJ4o5iWZH zA6l?eBTNzgykV$jvbSy9wli_JuPCHAeKJKV3{@$)kO<*{+x#Y#H8X1_>!asHM z>W#^nzRa|(yD|xYMF25O`iiswqRRlYHheb6+<1M5;}g=itmo?Ccio0?QEjw~A&&Ng ze^{*(Pd7ux&rdHZO8jBcGwV&1*?axrA<$%{>`F^bP2HW6QEcK)>ezYH3!iSxCG4yP ziy#SmS;+vSFK>%s2Bl7u9HRM1y*4hLF&ASEbH{dT9%m~&h zlK+HPZvBBnkuGzpV5o_in(!1njvy4dJ=&&&;;ukhfv@C{4opng94e~Wd+x{ak6&}! zzuximsQwidT2dHy_KZ;vUeLYMP>*}ttDko|(p2W2h#w&j1F{m+*yd%vU##;>rD9hc z9fBAs#u`-^*W}ha&+BKj7kkl$rp9xPnp4$e>74{;pT+<{B!QGs5SYRim;?#1o;QE4!$(F* z23@dc?SQAoO29O^tY4ePq*bG{E;mD;?e^Ijj}Gs4`4inoJn=*?HeO>cy6wp`Yef|1 z7RAu;uqX_#-M-@q!(O`oYjZ@~wx=gfe12xL;cc$%f5W74L!O+{?#3RM)!&fCQA|-- zvn!svarDFgx$RwR=$M;^KX@*wt=y0?LQ+Zt^{?W;ZuS^+L%*Xkw(Ur@n|E>eDFZJx z4}Q7&@_Wv{waJTjTs6g<()IqEkN(Q0TuFm={qCN2)$Lb(NCsVUy2;_b8W&7_K9@#e zwR7$r+WqdHm$kEjwYYWskhAh~><2Rhqe#Gz0xd|bn3p*Oi40{Q{6nzKK`tu3^pMM+ z9yz{!Pfir_vZ|1ZL)-T_-@AmG-#+q%P7P}{y{N6}c}@FacfR&%$0p5gGG_D5EyD{6 z5}IAaR~y%yRXeB97hbK^XD{B-sn-?HShNLi6S(;(2RnnM#}RcNm)6{UYLvmJ~z58 zADwXLT~}Py0S$9Xx1le!iO)&Ph=@1&VfLXJBc}E#54Y)e&y^io-aV>E%-C)NzP6&K z;~V{t1u6kZ8=KVF6o5jHIJwJF0E&ki6(w`_x({y~bdvz9CTaHmSar&>uzZB^T5YGJ9@xbba@*pBP^)25B`nM{?7|7ue|@7Net=Y z(`~dC79s>Fyz^#(cQn92Y(&VNVf?xG4efqsuTB?OS(`0q=I5k`F&93LEh5f+cyP-r z?z`5r#(Ovx=z{#*lW(8)*i#o?*~*)}=DjBkxzqyI*cxEGrf~O%U2gR+2>*GvX-tui zWBtQlf9zZfSmK9fEQ|=wZ^2(_fE|q3xC5pS7yIPD{{g@PSi1h8OHnW&`K#+cE<&bF zn}!ZnC?F-8nm!Fo=9DzZzz>V6RK0rD!fbv_gB#~4j;_-alXLjgxN5EV$U)(GpC2suMb@kux+f_;j~FPR?1EHmiV7wHYs`qLO9Me5CZSGzs4pwaXQJaO zg%|AFl}av~++Uu*yjQDFX0@!uF^P$-R;OB2A%R85MQ0}`Wfhc!$0gK^Vg(D$NlnU+ zs+v$OIzK0m@kbYD>`2Lut5HARr0-10;dv##cFoX?q?GJJ>#3^QwIhX7NIM>HMI#L2 z2@DTDg-LS5p-I^Op@qcMu2Yq@5G{-p738KSCvyvIzaFkzCoD5L#TQYhZbE)m79d6z zXC|lR@crN8m%efL!q-m-@#TibL=>bX?eT@j)u>x7ByneIL3mufgs9v+6B89$#Mh?9 zCS!McQSPPzoqM$&|II&RbMcNN6*(nZr8oq9tz7fw%}Yo~;5RQLuR*D{ip2$4IXNNW zF_mJXQ1Ro>nH6|NaqU_OpD#ZwGCIs=mQ83_s6)$p0e?6!CWgzFzY!4`9UWTW%MXvD z8It?U&^`lBdwlr0b?s-naTMz>r~0#F>F8}Iv>V)NI7L-KBM4PmvBu+Ak7R!Xe%t8=`B6KuO#}Q3kihoFr z2K7SHb|q!m+otf?YPA#Ma#MDs`AR|}E7h)9iBHaLDwbp>rsal2R<2b&BA4|sKWk5J zSoPY~!gAAgrsjl1bKS+}rX{BP?2JTLsa`F*B->XQ855PiCv{J*P1joSB}qF|?Zs!p zs@JO%nvtB6Qy5vfdX36aIcbTh+4em*(2)$ftdOHgEk0(|r9o+o^m;^C_4;)qeQ7&W zvJvy+9~zxdBi{IOi$h`}L$gv+KrFOIy}DspyOT2Q=dw&oLhb6t$IT=6o$QRwR)rX3|(4fYSXzWnL z5lxLpYP|2e{tyOCXF;(kDwwFa3tU~3Cr`FJ9D&kdQ7^q3aX`Ajp^N(t5$I5mp++Dq zJc2t)!sECcF&xvyp<{ShC{J!Yv%ztehVZ3eXqbJ{wAQ>=J0K1n5gCa^ zJ2_lhjL91+Vkpv*1thU1r!ua=ONJXvm=qb53isTAz-c!DBSzUWrBC-4JI$QkswCfD zez+zu;>W4-1CDn++3_IH<7jMb45Q;X-p1*HrjR7acs;}3w&d-y^dbfm`wWLBG=UKk z!f;S@D5;4IOaxG&>p=J;18^4W5^Eu>Wb56R4!LLIOO4`yl20S{!JoHchLq)wGCZWj zzU0_E<-VT7I?ep%{DNGIBnAZ+G!YUEHB8|QP2>v}ET~?+Iy)R5B_lCpD9{=yL$=|S zK3!o@qh@H5p-DjnF-o8>_;AqO{oUxkBj1`hzF+>f)`EA zh~OwHuhU<_Cpj~T)?#B()tq+037(`@Q;X$;uw_|ms|k!9teNdig3=Qib~kMd4I_^10Xm$ z82-g2QIY%r0xw<;iobU)*paXf;D)!gMgFCn5tZT3&n1S1*lz&fdIfo4kBN;14WG~6 zk!xrQi6;27YH2~Bd2sw0IKxK;Nr#e}D8fX5VCXu?`Xd(vhFAshSN1B|&^i$QpiMAJ zLWD8C5B?Qe|LqPpefo4fVUBPyMD2hhbcF(kF@rAx!j42o3tH|KfuK=v4lK05NKAw& zj0z?->L|jY7XpKhw$tww2+SfZ<03GQFkKL+Kv3iY0uGiTRMVu;%P15xMrh(OBr1;E z@tovzj{K!AVRYq4OjpAv48;sh!5~c>AwyH4if~#ALremOPb5fEYz(DG8ER4=CjKF@ zRe3VbNY5#>$w9#{)((PyWL$iu_{hwiyE)h;l8WH}{rBHju3R}bHugaH3knUHn!AQi!%z%&+ADv1B@oB!kn$ha7Yd2jqnPZUa*8-$gm2ghGx!Xb#iAO(kg*PkH% zF8BVR{GT#qO4!v`U(IF1N}+`Snkmt>=dzR3XEK-}5o~WXMeCkg>S&=$tXu}@>N23I z^+g=yb&;SV`_#}daV@{PLUb|15g&p=7xK7v@-S&q=priF#2_33ka1ZM6L~QaDBy<( zGPAg2QK)*0=0=ALWROQue&Ilfi7#ovfdCxLQpAK1-{VW z8Vk_$qAR8i^;hxdHkZ$(3he1Sak@wjf+( z1ffkrYYj~>VyV*lrCyp`7y=PmGStXW%LrODDNYi3HDwtZ8FJFuL6Hj#3vei|3j!u~ zM9>9|F7m43AV9CKPeO7kj>esA%04w5#PGxUgL8*X_(Uj0$!ILji*$)WG8jPsS|g>2 z5ol_VL`$v}s^X;95M)7?VWL9)TkyA$ct#X6t`!w#6$#Bi{Fz=LpqEJSUJ?8g6BCid zGAbIl(55DGYJrAL#h_k+AX?)UM|Q-a7n^W|zhZ_dJ5B};Gy_2x8QDY&G59nIkDCSr zYSgF!M~>(fyppFE4i;n$I}{207W|zN#f)nlDRM=8;JxL#Y4z>(8GM|DS&PDeT4@Z{$+Z)dDm;i;(f;J%xz1 zKtRA0t%VGEIG&z=3j|yQ)QhgV#Dvymi2xi5R}r+D(Ad{}pr|fph_@-!y50~#OOq$R zG*Oo#H3eM+@MRr%%O$!BTLfJ+DfCh+BxrQ$LIwgR92N@%tWnP_9GQiQ7i826pRgrE zE&C7zCRzi;nmA4Xb#&#+VWrXi$?@O5eLK&%8kay2ZVU~k#sUI#(bNDTkYT*yL#Uua z5pL87tELxJ(V|I#fCC{dnrJzWyyMrCwSFNG0Q0(a>q__Uguil62nZr&AfpC^VE%&! zx#6xUXeA7|0h;mwCTRn$rcww+k_Sa~fn;#~A*p~!*OabkY9S1m(9{$_6Oz<_HvBhk z-01(Y34$Y5%{?_V1JDJdwL?r21tzqHgqTuCGN@4Kg^2)6*;L*H@?9_T&J$!1 zJW>=PUMQGF1tz`7BS{n2#3L{2#Rvj0DR5}Y4utH$q{~|O9!GFN6BX=B5y?Lx{)DYj z+ktue6VWmv;%6YlOo2n87bXP)WPnJ=zX-t8IwBfHPtc|TrqD$aEg7Mv7fE%&7j*C; zR0JBcj~6&Hi#)=Tha)etLl;~Oa$Q2 zr99EJI=<^g9-0I|4Ef;t^Y_dDu$ykW$>oY$;FkN;+urt9#m|8N}q+kk3YSh`l5D>@3&sqRS z-l-9jIs?&eCk{+`gupCJgrOH>LQ|~i zCI@J`3{gr@(@P-eFpsSp~j^x#ZrYM=jfri7f$m1IK_%sQCre31ZbO|R@ZbL#H zcQhpsxM&O#Ei{U3Cz3}UCNk6vP^MraBQ3fp(8yzu8X5e;L>~KeiGvnl zOPC9WF2o>EaU&ImsK^%vT}UvIM-n^E9hPNK;Ze)A1fb!_JGHh7sr=FSA9Ktxgh~KJ zf=9+k!KwVhfluVfPzw#6_P~cJdDI29B!!6(pvDN+=#n*5ps8sJgmU;}+2OA)#cDz`8;plqJd!YOOe2V90B^K>!tNrF1EQc8Ve-Nn%M1T?m>g$e=3@ zwXC5c4o(rE$)yX;{sh5F1V@)T0bqxwd?6!AMXRW&5r6|B`_3s|C|Zc=(s)(NuV~aE z;NS~+?4W`{ZDw>qdzS15FG9W$BOY0%c5$LYm#irO=pg<=TXhhBQi6064#E5f3SBBtq6@+1mLoI8lh!eyg8~{P}UlIQe8#aVpcinXi zfN5s384MGzk;QFJ* zisgcJgQB%4xc&eL7YnD9Av31W&;_IALu)PoNrFt$=0WXNXUPjhr5arbK%>QCjS(%` zQm4i^Op4@1Q!^zpD~?l#kBXhK(z7YoRGjc-EwBkKo7ho2aPX**=#nr597aKtjmK%h zcflxf#RH8n9?^nEMte`7LD6!A7G@E{a-fRKMTD^?kQE8Ei_LYxQ5X`3bde86WU$!aCE&x2xn>vDsaG7%|O6qSu3Grq#MNl zPlEsCDU-t|emb$-tTRb)v^49Q(X>g-2{VgYvYGh6=~o^&Ci0qlII^jg-Pw_GImHe# z)D+fqnDT-y1WkIWDX3F0MJ*08(9{%VZD53SVUwLn+p{FGCbKe#HDpky*U=E}8bFv{ zIh7dlE+l9a2^%q4P+&5SJOs5|NL@??t2wV?lh`Bz{FG z@ASGb5JQHV62w1klBXhERjj|8V_b!4FAE zNzn`i>mUL_1cC?z5eOpiw?W{EC!VnHrGh1hKoEf-0zm|V2>i_uu+Q0lvmphC6GR}0 zKoEf-0zm|XKyZf(WaEJRF&TDW;K?H&b1Q7@#uyyO!;0_l| zgCGJy1cC?z5%?P-aMV#p1$Vf=;k*Wi6ht71KoEf-0;#EK_Giw5g81Q* zKW&h|JurT5Mn77_NGZSFV9-Jkfgl1w1VA9T!~Je)z)yn){y-={^?BHfHNPjGpH-v; z2FK5;^E){yhiVo(`ki62hC06u`OmOrDllSWhjSz4M{61BK_UcXeurnE3S&W@alzzo zf(Ldvv->3ip#XC?eG&$0BH6Fv{}U#+9l#QZC%=D=X1R3Ym!}_UPX0duFgVQrEdtf5 zRSoWNzrz%8d9x72#l;2MVu#~z%>=FvfxQQ!`As5~D_7pHmfi6pB3Qw5a&lOF4`d;b zPhc__$b@EvN=r-Iua|O?6>nlwzXnArY*Yu?jB#D5QYD77uYG%)5EcfWtecc_0<5|5 z@$u!DG&Q1xgaick?L7zw#njYPFlW~+Ck7`oGm}yLzCe}p@*A5330%$yu(Jud=5HZL z9-uBa_I**p1@oAmo?cG!x3~`K1`+sO5U>m2?_%ixvk^dKSt+-@0SL=IMZYAhBKTm3 z)t05!3Ug97^9S?eR951o4vE_OgK5_1M;bZCayWWv%rhjjTxox+J2scO8 zG)<2*?N2e`Vc5h%Mn;CSz;OI4YM_ zKLmx}?8;3hvvf~wT*uU|2A}(h{qDs3xA|Y>0y|m9tw1@SjEI;WXytk<*d#ZA)Ee14 zbNuSx{cL>RJ=RgRO#SNGVt=o6s$hgcu^<8!K_IxpRRpE|%dnJa6)0Ox{yorcOO$V( zGu0}wz40W+zO{e-04}Q)M*Q2`@{Q)Xac1qdfPRmBWwN>CpXPxpOne-h9F|$}%UqY2 zw!gZQ=MQ9T&w{n4-+Pu|KUgx9|Me7Dk=U%(feT(3X0>Y7tOz@V-lDPa#mBKd=r5)Q z21z_st5)@IMXyXT?|)+o>>ps-t1!|&olLuv*;-h{*(Q;fBmaUv_8T*DYMIL9$4!G8 z{;{NGncH41>pBQkx0;#SpMEXSCMVByA7*@|$C4dSH&5S)P5k}|*KVRB0sLs}4Lf%R z+!kh842<~u)IU6h= z<yuJvzknDiEUb`cgwmg!$zYgkRHRHV>Z6f>ThTi&faag?PUJ8ejfLqQRe<59jRHkp)7)F^f-A6N-IkYQm6AMQR}8 zZa@e)9OMfe0xh_xVB!%k$WufAKY!~Ph*FULT@WAxgFD>eAjw6`vxR>N;NCxJkC`yv zd@#G5EtUx&rW|~+KmddO1^USk{M#E3TWwD=r#CUxtJo7cj`B9{vi3QG8#T?`cCpq4 z7)0VfWD9VQ&Ft)K9-&w`0@!6F9$9Pld(4F{FTlzcQ18T*Z2*sD`X0pqktFg14X|Fl zdOS~PAwvUs|90}-hO+JLA9c<7&CMx|?1321ub(fr_Xlj}558r-e9}~jWj|n(!w9Rk zb-QAd*}B{FUs|!@-Fl%v27+vURB4Cz|C+6)$OEBLv^lzVSr@>1#sBbEZr9`{W6o;M zOL3Z%l;qGZQxBkcY}zjfZ1CXYrhtJk{J> z@@v+iY5%{JW(nX@q_(4Hv+SV^6=H>inILm`6rkgTbrAQ znhiTGXYOitIR0lfaFQC1Tc$_5P@1a4GTx3sXj)vjIpK)Ni%7-zX5 z{_^kG@WS1Fxc$0;b>DxoT57i3|E%ULYW)2Q2;t`6j2Er;opM^pg{YeCj{U zuPLC5$SJ_cBMz%SNcvrn zJUi12J8l*K%S*%noM9q%!0nA!jFA>7VD}#j`^}aAuWVY&^?0#ip96z3nZ1Ldml$xt zzFtoIAWepL@N~i;2~g%V&=xmgg+&aF0voXdA`qw*q=N`l0D<5RR{@ar7U2qH!Qwu8 zZ}#4;LpkALhx6a&Z%($Cx=OPn_p(?i#%_4;&9cm_TvJfQK_zReZRQo25nq})tIVcE z`{>iCj%nV|bZ^hADYh|I7Avz)sZ*zpT}KYAiz2%h&ldituH6}C_$2$LZBvqc#;RS_ zoOQgpxvk-q8-)PaW?b-NW|wGmc|X(-y8B&c7LGt46VL-LmaXL0;0rygk!? zFhbdqOvTbq7zASj#>Ld{Bxr7EZ9blBH$nzHfKF&DL9n%GWwD)Mh{?3y3U zF+cCLul*>%c*0TUzRrBF!RWB&U)+1Y?*HcH?v9)eo6i@T*{e-by8Y&e7ld8fnK}2`FENF2g8ngkY_||cJIQ&x@8MnCiW3za@S+>D- z+Gj8R{qq=ehUKw6u)gDwI|KiYQZKi8Uvn$Q+Z4_R`-E$c$_v+QFH*Bzxu&=ak-P(5TQ|8T^r$38Wy?XU?&N;{SyCceT znwm>b_wR7*rZc`bSDwx0%BdYt__rU=AOrCqIkK!j_Fmb(OD~%)w*vfQQ+e@LqOx}h z?AgzbGZPnh+ND)uy5S$_J$<8T)x69;=xLbjvSYq3dqK!}-`RBz+LrIXUMz zm%?KrN8fC~6zz);6$pmgBdb#J@@whjA01KYPKZ$q_{8v78BjxR&?t=tbhP6G11#pYE-uh8yuD~do05WZgp9J+>0U> z$2NUUkC)Ax)6Mrk@8^RHq@>VzZBS;yHmSEWgP+vEYoE85r?Cc6S}2Q7~W7Zr5x7-24c!u0>Z zZZnB#etzkHsIY0#@*h!7_VzQ{{P@H%^-PqDi4re($u)4=e4sRO2S~3T*_w#GkmB#=qOQRn-!6+8I~%DD=D* zF1h~hKF@x0^_lg5V-Sa}9@U`L1JAUw>P4$o4t=+<^Q{kbIqtBnRZx+;OP0J{yLQc= zKcD@SCMSM}e8U^y3=4dZz$Rz!^m%T(^=1El#v89i>+C-YFNaS1hyC`1Ck*dRn`KV> z&Tf7x{jay@SDa|^;|ezpu@*Q7V`=Mkkzb(Pe-+n#Yo`A_78VBFVmh2=Ex$9<|DeNG zN(}dQw&q*(@kid{LVZgKk2Q-OMf(#Y<<7vqy1U?H!^=fB02Mwx=ZTPil={_e7h~ZE zKv5^Q#Re&)p!PFg8T=P-k|(6Pg-x4KDe`O^Jv9w%IYoV;dcyY&J^xcILqbe z(uwi)(9rINV`mC`)tw{k;U529`NH(S!7>92Ti~#syo|Iwo}_!d;_qCy-3EDJ*vo9_ zC;Y&Z<4RsqQVu(qGNb!Y6;CIpN?_bf@F31fbrbK9(|afF`h!Fef!~NgMW5k3H>-YF zx~bHk-4}lx`(Pjbd*sgZs#kw_oLy&Ae)#k@8eVzo{YBn$9!K-59zD0yuusO`XZdfY zo5Dr!JmiT`T|RQoCKM@!yO+Okqu4hMfBmUW9iLtA(*r@~+}C@nf-#j7bKNxR?L2>H2`)@8K_+0lL{8Nr#~{6JyrI@&U|vB!n?OlXV~qH!ed;!(kGjJZ{Gb1 z-sdV6)cxuQzY?oI+Z!b|%Jk@9Lp`>>{kP5g(I~&rUjOkpwS4(*Ca%Sm04JV51>uizr z>+{P^{Lg%Qh2w9qy&=G(e%b3N_3+%ObG$Yumg#Z+X$-qE&lX%T(A12}e}2pThx^fv zNB`wl=XtC9g?@1OjFYJNQ3Sm&?UZhL4?mY~yI-OV3PrYx<&=^^2zs zI`iJnldnj*qo&z9;Mlf9OqY)q_W4J~lE>P2n`bV`@E#ObywUyghx6W=yP`$Gk~`X5 z)%U2CFLm`1S2tQW=lmKahhd+Unq`+CTP6V3 zO0G$FYyWE@?WZ4Wtg}2K@G6d-z^=J`!NEU14xIm^eSllB$^TV?v^kFJGs=AQA5%3> zA7WTGE93nEpLFgh-E#QBvOU@S@b!KidmnN9x-JKj`q^GYy(3WeCl>cGj^p0BXFq25 zW=)+smDeizc%7kv8(W2bz`$-!d@p+ErDoweJ5rvOI4uk;@-z;y-+|M59xe!r|bL6XC1gE#OW14hO zi6T23ljYyxKv;!e7Q?A2KhU^scY_8s%w;X@KUds~QkHdZHQ$}Q{plOJzBp}~-M92} zflMOz3Jtw4cbuYU)3r?91p7N~C;>;NWxWTYF0}V0X^Dw3)e@rl8grjuxKU$Xjy?9+ zUkTU%gy-*Mls{K3`THdrq@xbJm@)Tc-~(=9#bhw>u`5TktpL zrPMoTl8r2H)oTyUG*`ZIVnSG0VMET3Ui)~?GoAijdLN6#!AhXt>>uC6MemDGuIw{0 zr?+lq-dnzD&-s{?HGc@Y`#<6?%?wvb#a`wpjxL*M=+1S`G zPd)Y2y=3?@kbnHb2-Y%oI~H+1hvP_)!siCuhVyBqTV7dT+!C{w6+ZLG-~SF*L0z7i zyayv|m3@UL^^}xt+qSiA8L)hp^BB+s0d@iwFMUbK-f-4gXYF;O%MQwkCI2X#p0T6z z-02<&_>Cug*{G6|X+JYj;hgrR&;2x?JGwGu89N*g#GE1Xgnj(+$Ge_DV#}5-M<0E( z{~?d>30+~gbF05Q3g+`jK7DLlmwDu;(6qzxW)Z^bx!sZ1lip8I3>x&*^8*LPMD6{H zY@ArlczMgrNL{ORD&<)Iw&e0V94~qUKcLrpJDI3p%|N^_nC4EJbis``S*3l0$@KDy zu7d}25RVm1r@$SK!%449n>LNTjk_PVH%@CvumgP_brAo-uD>M$C!Xk?IvnoUSa2$~ z!{H#j?v)R`amkH62lu>iNUyUSG~3#>X_5C8lsz6aCiD9*mYNP--2G=v7y^nRDNH=JNaA;Kg3EW|mbN!3oEEkA{{NVb6lf%J@54jQ6*W+uzejndIKo z-hOT0OI=&PaD`C88*HET~8kq#bZ@|KIN1EyvvfcgLw*eDl#`Z|2RLH{aQt zw^Mf4VExUTH&^8r|M1x=T!HfLTQi9tV;-zRg$h~jJyK`HU&-z9(VLKh?f$o)3J36r zm}%sG5u-Y+NZ}tY_Hj!b4_JmlK!1UL9|22r(%uc>yGGFJYNZqd^YR_uJeN4nhHj{6 zQK_9Jb@~sQG--l93*!UyS-^!$0hN2h>J;CdkHl10FP6$@S1 zmw|wl9)9CCj`@C3AvS9`c}=*L!o|_s+neu}%$ltFhQW%e55=$vYNdc{2)zNrxbYp~ z5&0eTs0c1f5CmE2PCmZe#n^xW1GL>6#5{z-iV)&d{@BsU*~wkFVh{$|Qc&N7E=8!$ zfz0p5A7L-0cp_D(Qz`jXoFncN*D(fdirEN3bSaWeFY-ZhU9)c(aVH4epnX8y75aD^UM??kd1g^?*rHF|Na^}Y|A6N2?9 zKEO&#eS&+P93}PYaX?(~I=Hu`r|$Q!Q7~-dkosfAxk#b(>;FDUX;xe~=|j$7N40S2 z%0rcjyU)({Rev+`uew~8CKwuU?D42Ns^68MNHpGX{kpiZHiNN(YQjp#G)%`~oX6)g zH51|6Ft>@B862Rygc!yLn9XDGTi8>_!|Dlw-_i`;jSvDkd9a`01omDU62U-q2*Q z0o!@9n-S5;M-fCI7XtX5N-iiT(XeBy565`5Z&B65CGDTh>q8hDQKLBKPFzZ`yK}ev z+qXhBH|L5?dolLe&+9u*?p!0~{(-U6F0zTUy&RO>i%8n#aS=F9dlmWo!Hr+X?q8X=NcU+vDq_QeqQO+r;WZP8kj$=K)!M}+{lggy6lD!{v=F5DSl#uB6REPH|g z1UK6Au;x!yi(?^8e4m3V9+zBr=-Q;NSbi;2xw0@q-FQ-!gew@VP3jLa{n1*nYV2Ck z{A*-HOkxV2kzF{Gp4u4U>I%V7WAv#v{B+XEjnXl0<3l%TVnauYB8Y$~1PpQ(iim$_ zjQezkTL0A5C;C(teiF?`EM{9jYgzT@&ksMC;4}36`uK+Z+N~0=$g$<*)^ydt3&Sxx z?86pAvAX>x`TjVieZwh?P5t%@zsX;8^P2ik#5Z5v3o85dvVAL76zlQ(u6Ad-j0@$1 zyV}El-KCt>Wk`!fJb(9}9yY3^cO4FsEQ+jaADZPdo66j9JV~5 z)5lm%>f$kOz}-{`{hA9q?9nmdA0EGpjn`NzgCFAkG6djFvkQjj#aiIFm4cecSHjcx z+xZB0ZXLX+QVg4$dZ~^vvgCtitfgTRvUYilGEql(dhQi)c@D>bNlW%&Gj>?D^-)lc zY6=fGu@SafT)rz!<*~laRGKAMgzxaOa0Xi8>`h@nh5)yO$FF!45Uv=q37C`Vl3K8)$`_4d83xt#Nw*!q5BJ<4B<*Xaaad9>5s^ zeh&Nf`PSC8$AudS8dVjpS9YHh9%{V^$LK|y&m zMpv^CWBBQ$lOH^B&B3YaBvJ$s$P)pBJY1!|%c8r@k4=!{NmULW9xm!k?)8R7NA$+( zjDz?{+)8aHMn{Z-n2ilCcGW`mb^nNt&a}~`%FNvn6CmT@;$XuRJq8QXIB@V99m!Wl%DO1UT&{j2mPQN=kmG55%mz=P5+ij!?CUPqECuOWZe&5reCK(Ln7eD5cEo-(}#yckBPn#KW|Ls!O3}ec(5<~3xgXz_lTZabCrlI z!p4E`)OS;1D;jpFV;3dn3^C5Yuun68Z5O_Y0X(1czTFSiIww+M8Fw7Q~QO$0Q;ir?9S@e|%yfy+D zJcxHt8B&0QiyJ!N;+gJEl}T`Bk~c%&;DCuK%?N$Eg*@C_olCm?BbwFFj(Cub1^gO*DM!&`Lc~>BtMpt(C=dz z53cU|_3P+5g&V3ie#)kFdlC~5qKj6WI1d(dm{#@3W>OJ^4Nu2;dp&xNHp?CmV7YNLk_A6~g~rDMmA!dMCcJ1O7~ zFapOapm+l{9=nB_0tNQe;F%@}_3PKi<6s0~1Z)RIO>qw&W&<$GikjjRYggi+3jMMu zl;s06gn#|@7vJ}R!IrYH>;lcSP(vYBOu+>14egG*Ca_&r)dYMP zjV8dD56^F_T!LR-pb3s2KaK%<>(;GR!%EDK-hC=yM6*^ZDY$d7vM2;6OwF1aOOonx zQ79@4fa-|MztFF@{;**H06+jqL_t*YeGLx}S3MvGsrpVQ*oj);;!-#F&6_vz3j)#{E=qKBQ4A5tmB5S{GxCdv z%hlHWDF6?Lu@pL7^aWZS5H{>xxNreKTHHFO^}|LkxCH#Fxrf7#pU+ZaaD%=TJKeF< zFS}nmma=dee(&Br%%s61;+gKakxrOW(+M!_{Q2{6D(%{}L;t9mj-C!xhF^Wb*@T%dNZD=ypMSxn8|K&{pn9u{W@o<*P zl`HFQS+x75OPAn;;QMRT5Eoh1s!-^uQ>S26qehL?ajL&C7+w}vMcHALvPDQET>GYEuD%Wc@)KZ6?<0~+9RtPWj7PZ62DRRzF$*MVYkbfnF`a~8Xwg-v_dK88-oMWKoGRz=^a*jg3E^=g54RYaY5|9Qtd=OG3d^l4^PGyk?qL<`5T2O5i zpF?ioUZV%gE*14@+)oS;xh^{VC{#Xe2GGSDwLUIs{`7L~+#RAjc zaFEku(7+G)Cv5Ye`)ZUp2`6-Ol6NtP+5{c8IX`($>gIq6pm6YhPSDat@C%%bxvl&X zPYb2}^~4Va!UkcG!NVTZzE+3ft`AWG#Rj2#f`Jf@DFC#t#~Kx?zv)n(F$NADkH9j_ za1EwUS^9&dF3WWpAISP7W)Bw#CLsY4-Vf0z)WL?ybd2QyeIVnu3>us11FV*Ds?+fp z_RV;#up~pcFi_;QYcCHtfgBSU#b0JyXAFc(9^5YE8wk$}+%znIq7SlCj}q{-CGyRX zfAEwc7{x_6#3LB@yB}04fz?7=iO@nJLbFs1~``Zaa7npr5?U7OTs`N%|2r?@kc@to}k$I5;4S`59xv zHgs?su605>hme;kM7y1wXDT3Y;vG~oFb?%2%pVuKPxme+5V{a6fH*-9NI{-liNI_v zgxD-(njBhyjZVV)z9(P_HNGax%m6akVPI`|He<&%W^u$#L<$S-gNnD93I zqA#GJ-8#Wti%Fqf!>KV8jt_^nd`4F)WmFyU}t) zh%Bkk;-Thw^B4yK*yff7Yv%IQa@lr@H_>zLjyB{!%65MM(5{<^*D9eq0hl zD9-lA-w5Q$?QPRyg51ZkQS^xF_pk={6=%9hOD5LCsWVVXz^nIe- zO7_{C=t(h+$S{=d>?i)erb1vge;o><$_2!iv2&C2p}3<$5~=vI&wqyo_U3(b7PnVt8;753zx|sZvFDDsXrI5;YRt}h zEWifDy;$o6e2#&j&_qXC-^gEZTUh{6pph@ZN{AQ^UIZ1a9KX72QxF|Ld=JPY4gu2* zVH4fxH+L-sFG3qh9KvO@Kac@)V98P3u?0bhV7m!2uzL+^E1accSuY9-_J1mU{FNF?dZhr z(Q?>e%oO>kknjuC$VUa#IYCkEA|f`wVB0i|;uGA$H@P9jQY3HV4vXz3-9?H9&}~># z4;jUR8RiC+1!xT5iJA1EKzarsz{Xbuac?tz#{bODaF-`E!XK|LmL=2^0on0>#&KtF zygk%TD3ZAs%@j%?u66dK<`%n^8w*4x!YMNbhl|KVow{Jb?@N3k11qX+|9h06VGy=R z10Js>rI3@|pWvs{oZvtUfgzqlX6~~@MHFs+G|iG@DbyR=%#Up-gLoAxdM7LGlyR$p zG7tUZ4lsB=nYrJjMr8q)hO4>9L3|-VPBlbeUBxwIIg*(POYpiD(FWOy*gIxeLP(J(*GF(8a_0c+Wwrjt*0>ippc3j;#H z2l>5wiP%@g?%vkA0j9+H&l`S_U8o?3dpgi63KIXFW19`c$}^9CRox1L@jt`4Y5AB%ewc%9V&TSQh;H13sUC1^ z;Z7D_0L+31hVSD6b<_KqQ!2q6=BESVhU>a*OWn_j?atoqMv(vs@4q4mG^! zQ?|(3B_?fhJfMKYO;o$m=2^D>`N@&yR;>}+d*(Z3G!O{?_`}%aUXo80Zp-8=QPbBQ z*^(Jp!=DLrtuwWsnk+n>3;1gLM!~Sl)A8kIuY9FO+4mVU#KH>F|92>1sJChIo$aUS zO2XqLr{=g?NP@P9n(gw8%0^79jq4kgY5R?l*w#(z^Bh(rmI~D=*ef+$6|yjb(2MeTIy?II=Jv!qL9LNVSK;aqT7s_3g^h5{nyF>uu|5$TnX*jtFPVwfT2L-8MVw zFKK}3vG2RvP@Q&vfIQCe)z+Q+k3H`ygRt%{o6RmFYt!%5+MXLnsrF{~)kSZa;h`n2 zsyz}CC0Te@e zbh_Ni^p}enLZuH-gI2J^(4Q{!=IzI?W}roKlbK)`UC4N@~vh&Ur%Q=qj0pBs@H-i@logELGk zT)O{BtIpJ&xMKwnfM42+>~>)B8>p&#qd)F-!>c`W?ui>*h;>L|WmV4blkjcnH7eBa z{5j3-Mr$_Mknb5AOk#SLfTzVsZ|AD_eGOZ2;c8c_(8IjVqC278e)fK?x|ISo>W1KH zZ~6$0@6=#qQAh+$gr809UcbSOE3?quY`JnZo=D~<%P__1a-jyuacbS%HYcV>kVjPL zU1I7>q8|0DP*CsDBgbe`w;#+#Y|f>}82)51$TkDfqTRAw?@=0>qFeT>sp|hOlUke$ zGgNx|X&8Sd)&w>&>|9oe?i)OAcR?6K+8$Z}6&?%63-xqr=qvpjZi!sD`w=$Sqx zfvTqyoHfDD!Djl^g3edk$m`5Q$!g`&Ze_XEG0vEDD)BUURR@cL!xmd^VQlJq%Hc?7 z*6ZVx%xZkmf&=N9Q$!4x8obdVASv53h8T#qQrzb+eGB435T)fstRmIZX>Boz!BqoM zJrcRb!xJgJiiwH!brSpC0F<+zj@Qvk_ z;|=1P&(&wCC4VRMz(+X;TUl%Z$=OOj@5OkK&U9!e+F?A|8`sOH&HmdoWM}|Fz z&$mB_wL(8v22~sbrz;R_e}8{!ch3O5^ZF>bxwWsa51?@zgTVwLBU9jhG=ZY4y8|yf zOHLuNBM^ojo;ltR)NiS=WK@Oh6CIVW zpx~CrsSrZHRJp#p?S*04rzXTu4z9T0Ru368d1eydq`ut$_~+Vpr#FBwI(S<@_(H9A zy~m+$5a;wS zyT|g~-Gg3|nM(%8XT^MKOV?Ui5!Q0`-|VdTM%jKH9=BO<7bdIms9a?Jnc5SjTjb45-%j8!e z@gs8{wP4gJ&{dFKT)jXR=n%pXejr9KURqQq?cx49z2l3*RPvxGp&^&j9iw?yaWRra zp4R&cDJ6`l#FpDsUcVUKEuK#s<^rQ2E-y-Iq@m^Q*P;MO?lo@KdG$A zu5Z`&nwVW&ZQi!r$7NB2pux;j6qaseaVFTlJqFoFmVaq_<#3dd-J?^jI4r*4`jBX8 zRj{0eDKh*;`L^FRU4Osn-ulc~e$T`CtGK!{iZ^w&w{jEsWS2NlWIFM9v=Gy9(DKWzukQ*M88@tn-8`<4jqv?~l3P86>HN{R&4HU-wN&r>9fvz|+RHp5A?bnC#9v z+g5*fC3&_t@;+jZz?Nke#iw#-nQV|ws@JnFsK6MsrnYGMG8P2Asgh19baZ;A&}``M zb4TCGQ(JD9Wwg-<$I$Rsd3RTUgIh;1>%Wi&UmALK0bZK4rd1h@$d*F_0M$jggU%*0 ztiRrF4yTZ|vZ3bZ$}K}WtMx(kJEXmEy4-iq{ZZf-9oVUkz<_zE6BPGogQSy%m%H!> zMwh!QzwYYs)(mid-^1amyPtQnRBhvzAb(7-e8eW#OLPZSo_-r|e&yox(blEkh?3du z_tGbrG5%#ZJXAoE9S3kZ>FJEIazFoS zz%d;GkL)^eF_NS#!v_SfNv3zM4@63-2zzIxbDYORsW(uLiSAS-7$h7;L4{AD$HV z88`psiiup8e3v7t6Z;1zK!m}PA2I4`fC8E!`I#HdA;SJbN|Pp4>5g_)@##a zkfx)HXw-9a{1&F#3r~rXD|i~j_^(>VV<|==^?wVw%bpXKkVkH5#rF-jA9hb6HbSG* z=il2OUo4Z$GU(cqZ>zS6`Fi6`x5tqbx>=fm2eM!6EG;@env*-$k48-Al?54I!}wDY zhm<-S`1F6xq0g-Hx3y|cNDmud@@BbF5vsTM>)zO+r-`i%6G>5VJaEwto8#E&|B7+~ z&Gk&mxg4AhUJ&ey5}|PBIJqlgAdF!F9nxAd;O+_Ic96 z>Ovl78B?f+OcGfl#F3aq9Rnf$jW~zo^20)%{YF zZbs*$Dw)mQ){oNGIJ--uVmrTf1||hNt@%5!R!Mn;1j|sxUR+*Yw#Meegs%jtpl;>& zTedOWNYCGs;A#!2^RBk1a0D7Ea)aD$Z-b+SvV`dUwY|Q(IgP0`U!F3dC2cKBSOqc|*}}EB z5mRhnPO^wdQj>|H2UpSH-V3I7psx+rYdJkhXS5g9t)H1B@#6l}2r65! ziAidV1>CoDs)I@@0S&7C{1qRMmC`r~kH_cX_!AYaQw<%(*eU;6*A<>d4_k*y>axzT z*1}AUW^{W5R5N$&b#4d`DHU0a*$^2Ix+MAM<;7OwH@jV@c`v2Mqt4EEWxe{tS^n6E z5I?856e|>_gEJ}zg=*d)FK6thcLdMR&oTzAtRyD_62pVbm$`SSRhB+b?kt6L{owZ= zg++NzN`@4RnN=72@d`M_j_?IPbbJHmkW*BQKotanNnVnq^O_%Js!}aopsavtqT`5 znJF9Ih1-}_2^SrMTVbzma`1iHe2m)d(JsPIb-VWZ^=!t~|EUHXaV~7ul@6D}% za}-Up=2sPJd(ldYg`=$46-+p-v!}1R=iS9LS?WXOKsPS$0;4be-jCjCp2!aPH-O;H zoCEO4lGm|N%BG>rH>}MCIBAMqPbtfF6AZ7AT0~-aF2wm@UPWx3DPku_5&k)~%iCwY zZX`u**t}W~W{Ha!d-o&lRx&CvIFB@XC7BJ-0%i||SRGz6ML)DhjJ0Z?6N zX5vUrQJ?QfTL?3W?cS)HKVtr;uEwB);X zRE0$v8UhaG@lDB2=UlroIT{uHvC!q^Uu>a1+{2m2-F2cVHFE0|4~Ns&X4_TXu(UQ6 z?cP{F(6l-+kfLVeg*%JkPWZz zL)*4%V{WE+A~lk}G=BaY=;%2?yWiOb*LNY0DzuKk`jgokQOQ1NWK&u_^c|siFhr@+ zXEAc?Nx)00pu^qDOv_(F?D~&{SK5TNDvJtQd%`TSU{sc83?O@f9@du!aj{A>9P$T$ zV%#I$YgoPzOT%QSXJMR|D0Y+pG56ouV}^*kbkoI1qwKqub9N*cxKJea!8}O<6ZL8} ziVdVV?54aG>_oTU{}rj(R(}r7kF8Xuu{t-}Fv`#de-6-Rct%P{v!=A{PzI{>4A3AM zk!^pdI%+C$wH;5?<=Mm0K79RC(KSxZBaQKV_?$z=M`=O9zRknc$Xzqg-y8?}_Uq?w zd}x1aGVv5-qMj2Md=aA%a?W@nHQi3?Lk*%1Hg@8r;C%ZGr9U_19zuX!4z`W5#a_a( z1!u}TFrsO+|M&$&(MV3b@9^3w4n6dKD&O395Pg{=o2oL8*Bj+eOzh97xke6FgS6qn zmZtpO)hw8QxGK?JU}9|Gb#Kr^P}bqrp(ILPf>YN&O#7`M`vZU*eTYIHI^)C`^2;J8 zO%w!eOa>L#cD1#BL#kGU=!5O{o%M7md@iB<+GLP)@8UjR`KI$Zha5Tg*up|qh2~SD z{)kh78s&m^cPBQ1wGho_($mdLfqi=`ff^bb>N+JX?{bae*BQ0LMsu;=#RDhQ0|C}T zysa$Y?Sz?#W~jeo#mGkuNoz7qtg8Bc{cS2P>CF1;Lu;Ze zTU5oFdKj*UvB81@>p#=zLsD{kYOldQ9FSF-e*Oxce zP3B$yTMxP3@)0ZIUwDJne4m804903iv4zj8{*o8Qj8y7=?kEnF2Zx(kuN(WrT&GpC z+HhD@qqVIN$5y%C(0|Y4p2wxynpn;Qamyz?oXhUXPPf=}IxxCS=Rk=>jlV79reG~}`_xs8UN zRo_^S=m=@J@09P5Rrk{S9xFcEF6KsVxnz2?l$)#i}?d9HHysM>@^N+P8s~7Yu zCo`vM1(sSKL*Z<-Zo~l3^ZSKBB2(KRUTW?lr69NQ)FSnErO}_RW}IPC!G9?0o1?0Cw33usdP-2(8|Ush-(sETj8+TaOjxx7ion zMyh26Y+=}>i=sN;4ds!hDA2_zkWu30ep}fOV*(8~aNS|Xpd+Utm((Bn@o??<0YQh_ z3%luXx{>qf22J2Ip9ToE^G{~`p$aX_9d~U%mTDm$J{#W(2BA6G>r}~7r0;TXunM@S zxx4f&Ec>^UDibli6s*?!etbgI8u5*gkBaG})T?fYy0EW0z1Dtq;k$jm-0jiu@x~C1 z_;hB_7qM^+SIXOAo+uJ6m!`mVxWm7A{K&7JqWYaEWu}q%m zx^z@iGgLBK+U5VwMrXhKJOG6IaEYh6_)jWBwuSWOKo&`*q0!@}KgPO#*%`~-wo2D| zjslZ!r83`nf_i2khWfzZ7E!v&2WB^eb(!zpv$2)(`1n$8J1t)?4%0uPjjBe1#4BgA zvDOQUOwNlp*Llp??l1pRb)?+*4ZxV}WV_$}9h}RvG39$#PUyN5Vry%qbJ2x`>#f)K zaH@S1{>_wz{w+KmykQ#>to@U7xv1@}VgMJk@21x4d}@2kc^JEmP3-A5_eM|hW-v6B zl}y_5etdbf;I666lC0zrOUrCJC(p6^2EuU~-tl;`oV;rm8+5fZa&Noj62=$7<#d%H z7jfW(i7Szr1yJR18w8v4MWNH_5(tEFzwX_xJ5t)j!uM+gIfj^l&mwcDliAw%tDRT| zY{>32$nTP?z)>@^JnkSYlD}~poHNYczT9L<-|Cx;;h)d*rrKCqe5#2gV4+Aiw$R0cXzWz8^P3wuIX@_nbJ(3MA7K<8B1juy@kT< zlD6g3eT#I?;#CU{O`+SXFQm^+92^8-4J(}wzSV3o<--yx*5DyF)MjrtWiVAP`z|!I zhiY(v?Il%8j^I_XK0jp1INx3lzDml_uEH_BrKS?(IBUIcEZPLjQfR8cn^3&aMRqn@ zC_S(BC(`!3RdD|K4MSd*(-|$TA#9t}a5a>W1IiE;=!w^Q{uMB@-={QH`#bSXS$; zd*QmwiHQ$6Jt6@W3;tB#bGl*imSWNDtVQ=e6@3p86osp6?77p*%opK1e7KDs zw*Zg##;O+ImEs@40)3x6x=y&al5GzQN|6gYA5uW3kTZ#0nr1$5rg_qZoJpB?2gzqu zZ+fgH*p(sGBv5dxm!(#U^qNjl-4e#Pk%OFXy`p zBl&Re*po*o6LKs5G)AH&5+xc_GK?VBe5>5LA!ze7mw$t`~JwR?~baom_VQnT?w)4QYhkx!z(e{8RFUf{N=|qcTt-%agAZ zdVU@Zj1AY&wCS5if(gr0BIW5}?wFbg9F6upuEt7Q?)+!RHG;oAMF_-X`t4ysw$yhM z8s+A}cD!P@it~-c4oIAEm+c;H*CPDP(QJ zaQoSXQeD9jtVCO&YA_p@$MgJE)ZsO7r2k?cqtWr!sI}zVo`O*T*0!LnGjEwbNvYNC@Kw>E?E`Y2_UPOY;^ttua%QX3 z)#H7W&_}nzC1cey_Pb%=G#szGmpaYfW46%k_2D z<`D*}zRK&_PqO#fbU`!uh4+Mmm`{EA>Tdz6W9!#DBQNjW-n3$=&8eehZHw>zF^d-x zwnYklZ>RO(o@e}c@PsOo2~)C*T-i<$_1eiKmneS@sn%05X}OoE#Oe&~m9(lZKpG8Q zp=S2(UfZ7H?^R1Vj_F04lUI2s`kQwoOI*)gk_xdyL*FtVY zBT@ylgPRN@Ro}21>)R9=n9J3s`@_lnr;aF>-+IJ>B3Lis59-7VM^%&C+TDICL8-O~wLtb{(v$lhzn9y*# z@4+r6Uzzm?a%(u(S47n)VYwO{USVPfQMMLpL_fP7+|HA`RWCjkKEHZ$5`TCrJ)C^S zI|uq=EE{`FoGJG6ntw;#UNbaaG#6(}GX7g(Szn|!z?Yd)Je&&-zIdTXbACN7oiH5n z`rLT3oEBa5(=h5U&2H{an%{!^z>*Tt*EH{#qb_4C=B-R^4|k=8Up$ZndDaC>o@f0FUfG58l5$m zoAjG2f~~Wy3KRa!1Py^zabHtPX7LpjnIeRGJf1;8AFTZd)|$b_wo2pX<&Ea(=rDN$ zIqc_^()SSL;_P&j*Ai7LwQ~QMGzu=XBuJ`2`Aw8oU0A7-Ac#x%Ys{+Ypt<3IiZ~Gi z71uh569dETRO89iG$Fo&MhDxL-+EQfyF0(>)X|QF(3-XHTNPyK6;8{p#$ef}qA~HhVq_ zH#|q)HLPdptqr42y*)!&o`h~l>yC0ph6rqtP^)L47Iy?9D@Tz;2(=qPeQw9?{CSGdykXFRFe>S@#!yv)L&x|zL)q%#xx2)u zz*L9*l9QRN12_7afiHp^6F7;N>wy)S3Gr-Fqb~6X_0e+v%T(m+!kP^v`FjSj&is!j z$h*zH|H4Hhj`h+rT#`vEUwUWH`r%A7QjIOTr=PRt{LpmI{{I7TZVvf-3beGO+b{c_j>sNi;sbWmPCYw0}BHJ1BQ9pp##NQ z0Z!(_>jj_ZrNvo3kDR13KeaY|zBs*K7u+g7w|5 zu&@^v1Spt1TfdeLe5?%w;*%c=fk30tc6q%rx|%qjE%p}`uSE~>$8l$^l_v-i#??Zx ztKwne@F;BzC53rLv1IH>ZmJF-8LA%;0H1$Bii!0hO>1ivC7b>)411gAXwH}9Jxw5arWM5$ah`A?A&^|4S%UsdH#TzOSk&^{A+%2&5}=DyV>MYtNXjVF}N3-(@rT9 zG~q6O2OFM~oh#}!2#c8fkP5_bBr2W5kyPYbQWg<`B?;{u7rJPo zE>Co@-mlxY%*zojte9;w93AHy75|I~=vwJmY8hC`A=_w8V@gQDMr2Tn2n)l^OF7i= z{*IEz(5k!pu>;1Fi-Iz&T^kvS^*p}x{(-sl^KNgqAN(RhP5z<68^7sXrQemH^ zj3l`>7zp?3x~={m=o%81FuV(b2Cl+i_qbNr11N3XOT1^u8IAJ4vzfO>iqxxu?S*cH@Q=* zU;LC<7NASc5x&onDykc86?-@#rd0^&`SAdOHN*Iz8pO>GDu*w;^UIz4>XBBf&2Bt_ z!p2<)_7hD8^mxq=4-Zoladh}4KrR3Se2i@j5Uyo_ z%;j{lC`mUDh?yC4s}e7+xJJE!u=F!2$sW+HSa6g{k@;vECJCG=Cg+4OSQvi}b(+9m=5LRxOp#W40?K=8tnD;J?OCI&)^$4}_j_f3(Mc@&;bRyA0hXi_nW$t9~E+_B7qPQI4 z5!e!Lt{3yg_OAi%s#F$oo7_*M4ehx$Pzb&5ua7sEoR-^pe;xok80#t+G6J*XvUBsA zMMgxdceyuKR-OY;qR)>HZf@>8)bcn6^u51oGUBc( zv{{S&r3>R_PC_(tzj433kH*O;-VRYld(Tcb&KGEG5?ir3dVD9(+I?m=RIZ}pCLf?O zQA^w0%|4eK_ezYHC!Bp}(M}fK(Cf{1B%=?{HJ>pqG@xWmve3~&ppidIpWLsU7Hil1Jj@) z3i%}!AsG>#)AAv=^Os~WhWe5@-%zkz6YEV`;H+`b(c&?S&Fb-#BH2dSa{ZHM6p4+` zmiDLs6q*pQtn`_ljK3EDPNfr(>`{3oJg{6h2MS^i9^nv~16GGHj{2&QR=Y4DZ&>9e ztf#}$NzoOzN6Ra*%~9u8Whxm>wgW%RZ&@5x>%p^U&}qrly2wdW`> zQ|S@w&Tcksjzc#ml1+te{8$uZb8rvIwttuu8TSRtewr(a2rd;bGuO(a6q5aC4cXUW z{^!fVzEQ4&t0T&He(cWok(St4_+zdw-&f!jRV@Jp4a3=WvLWxw$zBA_50&St1^by5 zohTUeyWw~u&vv^CsqGop z#b<*e$#M_g9_l8m?6*gR*xir4s@HvgbG!)6QkiWJFH`B>`Odd$4@Um90x3u?->iDv z;-8Mu%fpmT`WJ#`?3Hvy3Uy{6VFO%)2_aCa zvg210$5Ld6YMDx764sSpOmD+Ap(U5vy42-KgmVj8E%H?QaKp%_rTufrK8ks5kgSxx zh4YUX+8Y^7I$q_6@`BIz8I|_7G!=da`#JRD8UhLTT3TNjJq=1ji&-*kL%s5piG!V@ z4bx|*p4s{DF!r>pm11@C3ODrjX+`+h{=v8Gwvvqyrl8XU)_>vWSR6UF36W?OW zjDS1llhKtgCP_zPQYf0NWRBEg{HaMpS=67-c&13P7TpFLa`L&`#^UqkOO=riraL44 z1Aon+Bi8xQb<-IpD9I$}O5|A;B9cQx5cSM=7z~XvIf6So+b|XsA+QFbxDnTcvP3G@ z%i+~ozS>^+VP zBt(P4D=i*OdWXNmVCpUtIGdA%*YSL_ylwUl4&x@hh73{X6Hg1v#bBLWu9Lm;;SOpA zZZ0p+JFdDD_tT)kUfX#7ga>(ldK5l^Z#w!ZvngC@4T4llz3Q!K3c#R=>+JRh00Nnh zS6f)Qk!W-$t2??15-D?KG;hpM@h6gD1Z@a&GEk1fmL1%Ka5=_ zs(E%aS<3!&P-J_5bgX^fyld%_PDAW(gL@MRhyEp+!~5K9ut-n-?lCx>KPQvjcIB(A zoiR{^)kV%Pl?mpJPNq7HtpWS$il|q}iGgpeVQ{fO_!KI^@k+}J>+Q7qpjY_}g;iX6n{+x3UTsMVl$aa+aHcRDCT$>Dk7v#Nw~B5oaOtbj*MAOe;L!ceZ4>4XtqrC z<}8Ny|B&3>?GFUVgfkEEUTDWeMFklF(rzp3;m`LFBc|FYLEKFI*7|;?W#?l8CdmXc zVsiYV9wdAw0qz8{-@`voSplVaT3Aev26rwVM$_53 z+CBBVsP4DH-rYQ;v!EE=9W}nZBVk7 zW<4i8y?;!zKgV*BAIRN{*LJg0oz3C7l|tHsWu>CxE_a{KVEKH1o;5_V4~!fU&lNRJ z$_9i>Oo(;%c8-c${V9PeZmHOcJQ3&8vm)*@>kr7p?0P)&A|fd0Zrs)9lc~4k=2Oef zMhMgP*7E{XLR{V`;YkA|k%uvZV*%nH)$n$9c70<%ZN~*p?aTr98a#Jy^E`OMM`1Ln zkLJ!&r%ylxL>za5eIw0s2rE`2roj=&{-E}q zY(00t*a`%OsP6z)5H-3u6u`lZAnZ=k{}WP1k^ue)-7YTy9r8Dvwo@W^KzyaVO(NV1 z(~lNfn1kvU6ha|L{}3jq)?O?88CLPo&2c1YV2M3DVcDTW80B<07QY1oLZ`tKN!Q^bW%#{3%ockW?+#{UG?YnP(S z{~hzY0O+5_q9Oa?|8i&g8ld7r8!w)S&i^~c=K>IC8i<5$0hjKQ25G$tVYy;=8Zw36 zE75P}m*-Zc#y$x?h83M2?oPV=2 zsdtvA*Ma5C{dWO!xjX#R$H(K`dl*z2rvy_@Ot_ysz!r?)$RNPI=|TOOeEGc5)0aC; zFDaKI)is&YqsD(%OY9ZTUVMFy(r7{_CVt=7>@0utFeQmnE`k~0ePF#!OpkVMa{YN+ z;LPecI;Hz3YL4hD-YsSMQmqLytyjIJenN?iHl!Q&W$#-NPwW+wRYay%%d=7brbeZ} z{bsD#DF}Qn8cV9nE`0lR(w+G%M7BQhCw#kB2Nk*ON#ux;g5sjD_-1RBRxYdEeHqk+ z$!+CYFp(#9I4FwOEOI!CZT00rxb8v~N*z9*B|A|h9-*+o)#T|Y*Jv?Mjb~csMb(M1 zHgj`wlJorjTsvn|iY*?C4{c0JA><10^9}7=xLFk>i6EU=*gq-<{JJu}LD+1%y1$+4ix{+UiTnBkxu{HDI|$zk6?7zYU;j>QE#{9XUm4o=X}^H zZyq_~EBBO$^OhC2|DuZH?djbyY<-tPH2Q3-&a*P>zA=%FF!Exk*=bM}an8l)2MUn! zAK(xHu#x=P#Q964B&DQfC8l4jCQNBESh?))q#Q5@dq-u7d^MhksLi*l#=kRKgVj(g zADpJ1;OCICNi?5yt%5Jq1I>S;d_Q3EQL24!Xe9@yi!L+b=5Ehm!c`xIh^xCe9v2)% zJ?h%;y~nP*t(5VR>%E7_qpac$g4Xs-WP}%oUSGB!f_U0)_j;N%Rb6kD86VdJpA!wR zy|zJmNJ0KA#A$~L?mD6dd?6h`TG*cU@j7fP(mi?*S_>z9I1Q8Q9l*ylV(@17rcw?lRiiriC9(iwzoC#X;1Ifbx^``XoEd$1p2-eN2%l~ z*Y~#FLn*_~^K#1Pj8Y0}uaL*p<=O#XibiFsduN}h-ohFo6+{_`Yx zP~B`We(iT(0aOubas6-b%wGJynSNeCrmDBx#KYy9%jNyEIfLC^D1Y=^cPIYP|q8+({*ZB!ecP8uWWiL=Sg*vF2 zrTbjz;oRleID{}zU`p=Y*nFVuayk3>F2p&56~&=gOPBYO{QOJta$tEm0suO`tsx@M zwa2nMOcXe4@7m5AGwE~>xFmyI0Gh?uCD*8AdDxq+t-UUJ-zR%hv2{E@d}=3_77`Hb zFICj6o<*W3BQvxlmhNwj^Nr6JYjvfg#!iViU+f?=il#^Z5Jx%Qg zTIx$Hb+%|(M!i)MDGs6T-oEb*eh8-zVTtw_S_$rs#M4L;7ATcZyhIt_M!j11bhIl| zc>c9KX0tXGMC8u;tVXJozir_aK6JqP_8&xxT1Cj9A3J=N?Pl#s7Q-CuM!8TTM{p~J zB41Fvw64Cesz#Qm{0XBGgU%FkP*>lWO@Ddcri77z55xf2X5*6a0NH%tMd$`@S-F?J zVexwRn5LVm&2@k|8=fxce|Z50)s-1cv46fkJYG|r&z~+(2Rd*n(HKV1`oLlx$b_x^ z{wy4Wy3mpn`>!!)BQk#mDjsaGJviC6Fp^6trIJpB%ZO=qFS`y8XY;9K9Owp!M%GO8 zIHo9}WC9@>m8*Z|6hf=q&**q%u&5OCupW-eM{h;Cr+nt^WWlS%jjsRnl}L70954GC zY8ct_+S?w=!>nmYRSlqJZ0XI6ZEbB`c_*4-RH3N!ovs*k=m9wMtQJDaf1EkL1+Zv( zCXu6K0!6hE&O7YcQYqTz#^UJ$c4VpuaRPoGkEFTo%xo%74-ScbSl1nz2yxE7N~FQ# z`*lQ2o4%GCci+n3PMLtxttI|_qt&ou;_@2EO5hkf*)$d zA<7J3P4@R04YY52)s4`eI=SE%GClpI}e_n%MJ0>6%~K7sGP6HXQn@e zn*~WnN_Kb{FPSYD^LLE?Hr%RO;4%R=zMDQrGucs-6`Y{ZSlUhO6#8>6w8H z{LYelQ)fVTWllET#Wg8#ece@*XK;$9? zIolj=H?^y03M=GOyGOPVIR-b|;pHl|frH!8yPnUV3ftRHwS=S}^T7yagu=_M=vC_N zJVx}gf{0ovDCa?>3GPht%e%hxM@k~1Qx`R)cGu_P53m%Bh1W<)r!Ge zaDl0+K0S3E-JYvXiZ#J^?){!D0o~?C;A)goT%7es`UD#91^7mr0|x(-fPge52%3H` z35lXUsUBEav2+P6FXQf^3Q;YB$Jx>IOicBZ-40UV6OSL!#e13oFooA~`e#%Cfak8z z9dg9V;%`mW_m{f?BywoOKLb@p{Pmy_)aGdBdevtI5%f7or*p%vTG=H(Vm!V_4F5Pm z%(JGRg#Rq*PiYvIJ*jsLm-Kxgi1@;_toHHjSyP3|?OtQBz^}_#^?DyPu$EZk<>OUV z))HNpM<>>_$spOn|5%$Ap+hAzp-)-U?Og=Q5j`r}Ot9Aw{~POx594z0+qrbzInhAr z{54J{zi&4Xb~<<>ffRX^9|DnpXSvouNa$QbN-E-i-LnOFq58PUK8WTk00u_F`Nnxy zJsb71`ovG7Ly?ejWoq=3@eqznJ>D0$w*Kgij;8sA^sf&*p!74td97l}X*?bQUoW0GV;sIxn3>Oa1a^t?fRzH*0k}Yfv6~q3S~Bx$+8b> zBG%RcxyxjjxbwF!e;8~N7>ma4T(U+1fBh$3Q2wn|>=OD<^wyIXr+2mGp@Y|nTyW#a7*TGt=$G&TZKUYlP z<{zu&{lny;nI=y(ZMdm%t%tkpst}| zaQ~)$YA=%a8_#v=mxi~I%xWyn{|3ChJuUP!w_{ot{J~P5-|7lGL=wh-2;T!-x z=D%62H#t8Z?GHPW`dFab2Q&cbZ$KrZStf@3hrHzny|sVoi5e9IJ_D9#GX{Zp0F+7< z2>wHkegeI~gHLv1xPLAw8qkT9&J*?cPklGhC(waS`CJSA@5u{bGP&KNc`|3_DZznX z%fG*8zF?5BXn)`OUlt2sTHD&=mhi+ykd}{rV<`STR_wY!q6T|+ghWD>(y2C~V{;4JmsG5XY1@eCj zefq1KS8`(Tf2twV=P@a0dJ!uMR@lGT&B51Prp$vzbd7&7 zCc}THgr|!q`!D%|PW;_xj;rCc|L8!NX|Bw^Qt^M{ri}uL+M%r)8rA)$Tt6TU?HmbGf{}sD7-Wiv|HpJ_!~c$6 z-ZrZKZ}eaw9hoOm|8I28ze|(ViYxj@GyYu~7COv7X%+n)t*8lW1(EXb)BP{9vZhe-w zFouVQ`o=7Vg;0Fv7Zy~ckcf?pjM&JUAa0-0r{J3cB{Y9b`*(Z2D9#C)!-(sB0~d}D zDuwQ3M$4xo#r6Tos%fHEbinH{<&P#!y+2)`X@we7miS=9?}cyW*kFgGw`VMrH>Z@( z^;4xeX2(#*p4FW`+}|%;qo0m}OXmnC3ke673xFb$bYAh`@N)41bY!d)VjCJ7h@6h7B4p4IVcTjY$);t5z?CgroB{;0!P|N6pNUA!xxCWI zN?@TDr0U9xgV!iL{<%%>*MPaCpX1D4h1W6%_i_Z_ z`@_hm-4*S2C3QOpA4Bu;rFwg^?2z!RAeurS2y*QZ2LI5dt^D`8pVS{BK6hM?WpGVUwR!+# z%VoSt0;&c6CuA{I7#=}yQhaJ^lRD2w8mVe^Vd^X3Q#_TH?s1^v=xdQmj-fKCuK%CJ z`bH6qm{wn7L%vt3hbCHR?T3JCtVBH=>M3(suolqa<#RUh1OB#Uj7xsx4xJMwI?#F5 zm3ot3DRUMPgP{)ai0OD&n+(r%x+LUm=nM!h?K(Weoz?k!yA~*ahVYQn?>whF6&$As ziD{s0rcz^Y#^IC@rblueMXH3Wpbv`9q0CP=u%%y`2@n!npaj+FU{f?fR4{@;=M-^F zhb0r7hmf3|f6yX+t3C|^;8BxHK;%$w=YXgsOeN+FO(>D_ySM0l$bB&camBBYpmO&E z)30Ud0Dr8U)PkYJQxQgBu~ZQF-jYHr{LN4kKm$V}-Q`RP|25FV>U)%w6uM`jaD8FJ zXwv%YJ8TYRBvrt5vFA^}Vrzs_RrMq7sUlx`abB%^eR*5567EDc!!M@$&Q>2bYJoPgm{WLwpz#ZsvvXjV2a9BUieuHrEHa7Hdj*mCRnGQOY~TQFx0 z{9L+ulLbj?xc8|>*hJ8%O0drIgo(*m(^l;^M{?N_QNtQ0F3pN~$?vuDy*E+Th;J-4 zFq%L>`N`cpU-Eb8bYKTo1QGa{Z%(EhE}lkBGn$da@R(<4kiY|SO z{e@g~*g9XeLf30S6)5UhaX^dJ@^ZuWXG-j`RvhF*?>^#^L`T`LJ_O4IMa1OW5%?GIiP|9#DPhGS$Dv4IK zW5h#0CIj>uOn(s})iLE2N1Df0BInbyS};23k)u*mhbKb>Xe7(0hPUiPvt3%sd_PNb ziY;U=9colEMmBC-+tIXmX<7Z+r21|Bic;dA*fa{UN`<`!0P_~ag_7-o za`w`ndp*9!2gvomI(p0nv$%jb&E{V%Hhc4Z7d#_PnKfrf(lFjFIOExt8?9l`s9^L% z0%ErE7s#)?xux#DDAQ1U$u!Ue#K^Tf%UI?IPG^@^>Gzq-97ZkAZ_oL%lpG|W4E8n* z9-pA#mrOHKQ$_OeMZBG{JG#K7+3z4?0HrBW&~LxE>6?u^~c@*1e52(8AoBv*3yR7T-49m&YR)up_tu3PQyLfyNf(U3kO$E zDitu0Op@3pEfcKecCqz`Xv#F=%N}J>5_8yLPySSj26wo&lA7mx&zpDVn>9-dfJUIx zJ7>O)H?sxNW}t}!;uv&6siHg zYJA9!B~8sd(8VjrE-xqW=(_wg@>@?z`jHY^&srornBjZh=ZcDs-NH+CH;qkie+OVv z<*Mj7+<6$jc`;dqY2&eeTFk<(moWN4S#*~UIedzLAvX3L{Rp?n%M%sjXVUFPmb4Ge zm{PHFilvSUciu&4B=N1ITaQaAlc^JzA_5QuCG-*DYQmV4VsfYI(|R!utUZ<_$?=yJOzClhWDYZY@$3Fop&|0kSWBn2n7$FEqlZd$HAJ4p#_Gp7F!g29O9f@9>Vu| z*6Q4k1|gpNI&H3>%IH`$dYaXJw&(P-w94v*doK3_?geWl{#jMq(zvqSf*QSGMZlCLdcMmpQbU8B3}3S%(f_9 zuS1-$?Fy#VoC@-=5|w7jkWLUHhBMm%)Q=idtY|Yz(pTi&4dUU2-u8zTX<@M{Nnlw* zexhd-dVu%1@G1bCrxj+&QoeNv@!U#Gclt-VL3`cXV0mz%jr}D1Qn2hZiR;>;MB=ZY z=EpQ#F?W4do=aDvaL=Zxdy&{{yOS6Ky4k>Nw|EcsKsA}MsnUH(Xw^lHC+91YObm&c zRu4PU`+GH4E91q z2suH$AfQw!&G%5J_3(ZD)?G+RaTXCz^W&a1t-p5Rl#bbtq27iAcdvKQGnUF-*^+qr zBz72lDGD2BxGDQh`%n{fL#7>Ua#%`8_(k!y>aFhPo9S=OLG@L!0IxjL9T=Zfjn3wE zWj}5aotPMoG1)hXb+7J5k63(%x>mEy!66b4mvYWg(Z;Q^Z#7`y=?{N|dOgo(GrL-jZP8CTSly+$^Tq+TOt|LO?QuDXP)D2~soxV2RYMXRGyEQ&iNg z`4OykAoNq)m&HK?t4w=CsnpXIS*dmElkY;o*iK4*+@4l;=!JDNO;{wcu*>*2A9xOy z>Dt-jtf`jiX>M4)ZaT)*gMFhec1D^29w1t4T_T8*HtclgWEFKTXHOOSUJplsKmR@| zwCHQkHL1lW$Z0-QQV_`xA}xG4B0as;`2=XXv(!VnB`aGj3WW$kLkRun7eo0L0pZZM zCn^(UpIE`SC%M{4vcj~;o}LeNGua5iFHk89G{YD{kZ>5avGGMTk?4d?-z3#*=`xGB zFLLSpd$~B0J@s2^C4j)DY%)uQIfX(6Pv%?p(VBl+O{4G{;a3aInT1bM3q+;k-!p9U z8Lf*zxPN}AfP2F$=ii{)e}y@_N5dL$u1s16mhNg3{ytYr4N@|*@tX|jYE=GMs?rJ( zlql0su%&wSEFd=O%J1_iVaHV3j!zJnW=xT{4Z59{t#Rx}k*c{mp_ZM?! zQigHQ=eynYN1O-pbOD`&GwfWuW1P5f&Ib@A{+ykPphHf@K}jC@38_Np^ZjWH*m*&$ z&6n6c4hHg=q0<yz0wU zDqN4Jzjxc^H(>S6-NCxEBi&^=Mr_*W{hr{&v6gD|wd_5}~ z+nvNZe-{UBk~86Oy6O;t|myB+s@>%4bY6&g=}=S>oweWPTYK z7%)r|%34L9hsNQoJqEWSrhz1m1238mKKv0r3+f$3;rx>3|2FNrYU`)mZ4F+Fc*eB% zFt;^cWwF)mZO$YW`E9YqF8Pc>opTJ)ttmy|z{oJ9hm8D9&aS@!ErR730Fk|Vl^5GA zX%!MW`F=wCK1zsJPG7pgH_U1mipKx2Po8g5uHGb49SKPcQ=2?nJAN7*2SE0gydtcZ z3oJ-%2NZ%mA=%l*JDzI^9$HeW`!aD>>27>w_7t__ih&AWg4T_UuJg?Pfxd$iLjJ1h^TPORYSqvKdxRt z>!pA9b-da%NS_(*j{bO1tF|nUk-{JsYFwVCvr~;BCMcOC7G6cfXI0zIKH< zE{G0X)~rbi>*bmfyxG9!yS(1!1gn9iCAIOuO_)A1ZJ* zsoRBVl^s;1`aSsIc`I%4JaCu{JlIOV;KC#8eJ@AB_F8_VeQ`>Qw4jlX(7UaSSPR|} z4nvtK0gQM&QN4ebv4K52>$JZYbvh+Hbm zsVfHG8v!ADkss&}LQ=R@{GAUUS@clC5oM5*=&JuMFk4-a40{VI78dbh%wXE!t9`98 zGy5!H0{At@jIy*dCNQ0^^ZoR}He80SM)NY%aO!)*6XR)6jU~k0L)#8JwK21F;y6(U ziXJO>Lj#?yhE|Bz=;uoyjkJ59lHCf3A0pAHx%+-4MA{V&8_RPkR@F8O{5$I_O~hhd&8ZV_aWAB%U`Ue&!7 zM)JE@OW~(kf&yFCIYWz(M#;C5YO9gu6w1`-bZl5JnySp+Osbp~teJeNs6tf4MLaQR zHawU1kQF;Bz9o&W@rhFbCyN)^!(s0ABS6dyC}tZPl{zR0;4F0a0ipQ3x>eZVs|STA@QA2-BChh zDRXTW{FMnX_@1R}sGrFXgR>Yk<|_b;Thz;;fu=uzMFIvO{3!zoo62pFg2n$veQ}-U zaqC6l@O!8)4R;-I_`*bRuFtZFU@43*kYE^i!^~l`N{U)@@~u`Kmhl3~i*hr~B%R~@ z*FZ`}M&mM*je7zLatX!=w68Klpw~4CRgtqS^B_@)-uAVK8+1=uF!NRolvAM7NbD z(Ws4w5vuBUdsgt6{k#BG?ZtfCrypv-yPMCZw5Akmu;g@D&@hFO#`FX+>?`~Ayf1$Z zj~O-GM~s!-0VbqX*l^|9i+#v$6Xhxl*2-3+L*Z83@ED(jX05D`P(ol;1ZzY_&Fik- zG?O8R1S?6Pc@IfIszT$}y(x*MiTd8JHFMSTNgwr{?-fnbUHqP^Lvk{2>iH^1p52)C z<0G7Q;$w8;H)Dba=Rh3W6vp;L+)}sry`ZGSC`VB1&QXr<H?F8HYsIOF8&&MCDg>n^l1)l57ne60b)3Hcs zX1Dsp-;}R~6(vi&nzdL<%twfQ8XYo~o3t%>+f2EZB>F?)=*RM^DEUGb46Csk14^=- zL)yp#e$?C;_O{nlb*!fX`_ROY;=R_REl@){$vOc_yfd#V|biL5I3LSDkFD@ z8?qrwV!talnP`1G@DOQekmHw26d<3loIfWisI+8FJ+5IOVl@`rs$&HY{0?G1KkDeH zN|-gR_wqkkwu+v&{XP;tROm_RH0UL2njuYt_CAX`$-y9q7^42#BaKCriKsEifb$j}ryc78-+eoPQ2t^c9{}nSx;+q85sB5Szuc z(Q=_&wMx@bzrmy2#R^9gJ}aUuIuYiTY&*v#Bi*MG#5C#9`Ep$&Tb(dUsPY_G{Xa8r zF1=6QQpPl?!pWc&M9tA62Vp7l%>VIBVh1miE{uvPCS{}w>WXMj8pUk4{H;q4ncK1x z^|+{Zo0xKOuNE^3z1jcAKEJdN@DH+b7=Gha&jcQ%V=CEF9kP}X8XLGRrZU-WR!5hbc&-S422TPp+gY+d{#7?Fvmeh5Y$Or*qkS@tu=D6?+yt;dxw7aK`!A4?J4Dn#ys>I}CbQQB$~ zH<~RQ*$q*^EyUpLhM61+@iuDDu%&Vk*rA~||5ReB6|m$i>i^CXAVlR7io6&-lHD|~ zj>E=OOkGr|ssHQI2_A{H46+H5S=!PF94Xf!2%t8PP2`f#^m_yk*HpU7;~OMocrvK} zVjff(^u-tORNhcVl2FCrcnAA0_hX6+GZ3tNO-5E#c!J@FLO+|;aiMY18YPjW%LSt1 zAsvpd5kbKViSRlREK4xvxgN@QYokQ^PL)Wg7<*OCSBriMX?+C?#+E4;@rTG2!rj43 zPP`#O-cOL_3Txk|%KCx3W$|lJLS|op@{H(tI~r`5F)EDfu}TRqO$i@wR(iR>^}?&P zeKdeW2a{ENWRpmud|q>QI<86(zz5t&tPF}uj-cesckM`GdF`wNxt#J>u?_2Ot2_lN1}*W;AGg{(?;=k68O^gOAmfmxy{KNk*QRS77} zemy3FMI#$srv4R{Uuji>cJ7~hN|uF&#vu?M4{ic_+TTAGCx_TfaIct{R2oh>!A3~n z2Pd@x+$=)a=;gV9x9RVxcwEo{<@8v^FN`4FvT7(wy8*r?VCa0jCg^Zsloz?mfwM}bNZDR^IN1h{ZHA}r+X@_#LV0|>-@OHL+Itn)6p@SMi^HQOONbQ4 z4bkN>lnc!@+XB)Ro33GSR%2rcjLu!6!Fg; z?&R0?^>p>Y6-qtj&|_RaDVY=@n5Y$$Tr%H_gk^AnJ)Bg!5*JR|U(Kn`XNVUl$95G! z*Fw0d4V!7G6j229SeS-UD|CzQw()gx9h>5bgD9}&H3|#Z+^3rUY%5T}HRU_xf*?Xm z;+sD}AqphY7JY}Vs1FA~vavCS1%wfULm$(Eg-d{aka3m_{YSR65VUY^)z7_gT3}IXsC>Q5jrCOIhP< zZJE1%sZMZNQm%QG_CWuV5~l(4JxB_fRPwfy5n@t^jE)~M*07whjy^R(YdN|4tKb8m z5QH%fCAa@nlFA+}y>g+IsZ{x~bf%=RRFcYkUy7JINRdmy#36`w$e-tuP*Q+g9$=+ z_6^41YyMQm6m1q^pk0%MFdKU{WEX z#fL~j2`-jEhOQ7a8G{AW)Jjru(XfISk~cR{izi#A<^+}OHE0unc72U^JC%tkUOb_&=uv9n-mF+7!g}`CxgT=gN|MLuBaTOg=16CRB zXQ_!%QOGw;-Fbo{+W-3d>x2N4t9#?093GVThLOHcWJ_=xgtt=N88KogRB|RjYLXT2 zhOWxmfAe)-q!Lu;YYFI8lnPHP^D<-ifCOv=J{IIcpv5FELhys%OjfFvI4+^S?+QN%r;D{qSTVfLy-Eh_z(5l z8VswS z>hQ8Ti@Tf9TOjv`0!*E9wgr;SOC}vDKrHl@Axw7NePlps5@^u4y}k60E(x^0)@dnC zuuX!q^k@VLYv8iuk1`mI@O^|?Uqrue)^YME0w-FJi#IlyX|uEZGaHh@R*`<*`4*z? zVjOeE>NND>q^G@7_S_A`8yFOXlN#yF`f*w&UFG|7kYb?0wOS%aXu1vT45>DWtHtK> zfuZ1(hVbW5-u$))FhnFDyqGezLz{ayyCn4Z;uW0n>lqeNvqVAd*|g z9?=YuF9A%q&J;RY7p83{DX~^(CZ0SrWN`GV^`^nOJ7&~-jTOBSOJz5I?GgQwrU8YK zT4%r_!10A#v`R37(tSUT%dx>hTXl%c=oloX5upH8 zNk{EyV4ccr#3}~qj2ap*&PuC8vJ9#PCZY+}9KvXYVr|H|ZMw!A^g@PN&uU8iV*rg04sJjo}1TVL#o7c@^ zR^~jNPGTNz)ft|2Yt(GLLsGmtIKH7i@o*d$gGQBe#Hdhb-}e_tUz~^RHIjnS5;9yb zTk}*=TH~3t+$Z_LIuW3&pf0k@LBVE_WpvZ|7f^w|N+%RhUAUhq9?Iy@L~Ccz7{DGd@OmI*X9N#XO*=osC^GrT`x z+cuh?yYe`qnY|KwK^bI$Hi&7sAu?Y{zk?*;KwJW}iYT{6q)vhTH&FGGK-DV@IZBhJ zuZ}RttUS_Q@s`XZ7)=~FSLmt#L5`t*z~tA+WSi^UX$ry^E>hwzMeju$%8z_$jM9F? zpKrF&`dPDYw`qEV+00}EgN6?SEN56gr7=NFoMlppNf|Kn)@Z9!y-!ne7*S^F^dU5j zbWob}SE_=oH@}sxSFG>L6bib{t&GZy*YcqvEI-_%+p^qD98_i~JG)ub?BJy+glM+i zFs)(bJp8d)ZfLx`cThm3!FkI~;`iI`i*jN`+xAcA5LPPsk+`clFln)uw_7C~OEeUI zS$d0UJY1fMR3&C4({A@>Mc1FUsEK>Iv20MZb+x)XT(`5ejRnw98U{b(j09z2Y3+~6 zx(WwGT5Z_Rnjzp}>=V|0f7ZD(u!By=Jqiz+EO+%;m+D$bHa+AK)cVJ zyg*RTlHE?*s9IhE9U$-`ueS!2lY4ibl5yM{pgo=|m7u!6Vh}-riB6 zzEIu-SdXxaNfdY0d)nMmFDSawP2M&Y(+GIG&Rg3kKND%;~LXh6e)JD~|>Ckn5XCZu#HBfHbsqh3~xvkd+j(g!)_|$oR*DE<&yg3`}(}UvF zv9)COnPT67(tUm2AJP(RLl~^bL@;z`1&LntAcle+dfs{(69_5z{Te=o1sGAS|HDPb zfdyi=*bQjLYHF(^v;X^HUpIiRnGUCR8Bnpz0oTybz3N-vwzWda2_z@k_QzJz&>z?9 z-4xleK3Fn31Y}lI4Vb>8I+4yL$xE=xIG>%;`Ts1WCZ>}>V$-BaeR5B6Ob{9byi#vG3HIa?SZXw7>&53Au}Y;}40#(#mBYMyW) z(_s6ybDM1wkI>GEJ@K|lqld?0I*H4$$2kU_bme)Iu(fYr zq+LSgMR4`!iZ7K&xFx|73#Q+5mCi24^X%bBOgE$bBCthFce(qJ#Hm>myE(YaY@O@S z`_$vQy*)&<83P^(6E)x1eYFnHEK#w|VYtfp@xE@d_E!d-|C?klLD6K*AS}M#8k(hI z`N+=GdXMqzBeJx^;3$09}r(B4(-Q~)+el#m+xO92rD9&Mi>^cW`)HCHat?} zC7crzDi8$)y3Yc?HRKEaIbRd~*nWCUYk6<@z{gpv-Z)Mqcqe@6=Ra#t&NbS@%ik;- zsK#NnKhApM{fsgLHXnFHJbGQ?;f~SnTI=gD*?Fg5ddWH~$3d}pP1C7vJ1wsWUVlEu z)gw^nJ^)iKh-`cQwS^c8dr{Nf-}4rBGvP>dasLfeZFv1@^E!*Y+#7+TWW)?G^zt48 z-)VR~y@S-vWU+F4<0f#|*O0Ac^x&_;Cb;dGwPiQ0lA`e2yT}5RR<)lHR)r@vKXYQe{=x1_n_XbgXtD&iA|2rBWUY&LnnvYCFWb; zYWSF3vjYVg1w{+i<9Um36*_t$NuhvQQ~PDmm0BexdO>SwYp^f$$Tm_AXOm$r^PZkB z|LiyIP1=F2_&|fCYOjZ*&Hm3N)V&mf`9}?F_3NbHo>yZ{RfnA190Ckwsx=A?gru$$ z$9DC?Wphw`$M#X#&Gset$oR6Kk2!jol-1pNR*)f`Y2Vs8)RkE~uV-$Aa5%LYq;)Ji zi6P8SKY8L>d|%w{+#Hz$tJU~eP@Ph{Yz_6qo@V&3=7%u5e|St-@&Ed&p|`R0TDe9J zAxh=;%hSpoms6Q~XE8>V>dl2kS9G3Cl9YQ2=Vk3OHM@~qx75EAA7JYzShYcJ3k+L` z1J5B~T-#wGe?GjP9*wA%=5Z)X(#KWj<_HSyNSOW%2|^WyF}%z<&Oukre#K4Q8;;Ls z_3DE8cvveW(wuVPow)3>&Ys)Xt9&Ksi4OaEa?(SoW}LunLyATOdoB>}*N>-FV2{^X z17#Cd7Bj*`s3*y&cuevBuWgx?Pl+5E97Vr$BlewLUod`A9A40s5wzq}j>js=)~{0Xfbg`ja< zRC7~4;cz@f&6!Gn9@Zg@I(B*QsED^@E8oxbxUg!7d=aGG%rCKhsRg!nCKH)z&Y}3N zQ9p4#MXBC>=2AmXaDDtUO=-*brmvlBUoB+zhuDK*;6JO&~ zL3(EqY@QdxV-H_M^t>Ec2$c_E4W|~`&xEO@hk}r7BBg3n8zI(Y=1Cguo zs7lEkB(sVv1bI`ZwY$+#2H`us%wTm}!RF0Fca>04>7fh;GK|Eqo>vM;z1zS(oUXI( zVn(} z&p&gxBT;~>NrIFO_br*DlK!K@5rTVmZ;x}MluXCNT!pzyN4lPuqhFszxFvL%-E+p^ z*0p5zcoKe|Yt8l}+P?JH!#& zt8%y%LX%x4ppI25=LOCg*K>L5!A6ID>ojF>U%Xu=hF=#{3Sx~I?p*PeWK!&Z>#vm7tHymXXYWvvX`c^kR1E`ubYjc_04N>DI2?fLI+K=xNe7Q3GHYB>T15 zY98HNuEIL1!uiT+|1r&;J*oh8N$FyB!i|8T{9JlxsAeveTTA-Y#X;LZ#dMCh5TY@B zW;Mj`#|EGA3KsNhakNkP1C~+s39G09Ks|?+x_*p(!amN6OSenDs>qjxTojkG4V9zF zl&Sm8=g0HUEXAGVw(5|c6O4t{Vp2^LDk~$eg$&oTBRLlt<$XtC%Z<)8yoeE!1cC`* zcf)}lK4zC?WowwXB^2n=w9j;;4xb8$#H=|rFly_eFqZQT=A%`KYA3zt%PfDHND+VA zk;|(;94B|P5lRGr5;3OrAr&qAqj5>cHQ#i873Fi1!0KJ524mN+mMz?Bp(jg-UR@*k z$YseLVMA%HG_VZcSI9`}ZzoEa;AO|Pf63QAwx$rL#2I zj>ZeE;IvrrDXDw4`GWG%PiJ8!78nilU@g?%=1RoLZ=L-PncHwb!PLLyxLib$LZ{K3 z|Fa$)=dsl_b?af{R|9+TqemmCe+A*Y@yFZmD|4lnQzY#}M-;cNRE<38#NHyzU=R?7 z`oCBJ=4|$F_BB>3?=GuIf4n~GeLpl_j~M3kI^HL38E6$k5sy|q61vm4jV{-*bNKmc zJ?4CV|H#;QT^XHIsdgJ+kOSx(W#aAr9INu}z>v-|K>M@%tDAmoxlL}8V7<7tx^qb6 zUHN%ON*1mmI>9$p)@J_crlJL-#*;wFq~_Dr%_!nwK^S^aP_}%|?d|K<6A2fB=RpO! z)zU|s`&6sjQCU&EOS|@9HqUtW<2{j#s-0RQWXO*dx8+ygtIyk`oV$|F*F)n)#boYR zUnDM_n5EY1uq!od0db|_F3uxD&hr;N|7J_b?xqi#sf!;rFoRT}mls&Sy)z-K8~YRe zRG`q65p2@mAJsO$x`2%Y`HG@VrL= zmt)r!O=~_J3FEsWxezR=N0EYE$|+#rG;5?zT6}$!yKHN-3(=%5ua)il$*y1bo7>X@pW?_&s4k0!8ZsPsZDQZO1^eAUBFabf(x1W+Ez|aPTJk09EiqE>@sUtS1MJ5z z_yh&1-YPJ)PqD?I6ol1M$vB|8_M5l`M?nP7eIV^+M{Zyf?8s7SFmraZL%RPOA00J`G7%gz zu827qTg`H)CE5owj+y@)A@rTZ(Lq$+Lt{01iRfgMJaHWJ#)t4DQAv>*N$&L}_KzbG zJG{z!muuyTqfud4`lHhkE8O>Ng0^R>oGhjaU>PH;Scn!O$6Jatt4U`SgZC_#h&(qU zUeT$qd<5JL$uqMv)%$U`S+7uz#f1iC<=X-O?a*Ca*uAyDKEr^A@>5ReM)iEGfa2Qk z0lqYSxZz|!I$!`qOcv}>GJ%9bDkJ_c`8OJd$AY5o)ek(Gr0td?mw{m}eW~8$UgV^| zJ6U*0BXyA8*WJw^zQrO(9R<+w5w@V)(L|98alHdP`HlbZ7O6Aw5$S{YRyrvmqlbE~ zWT0+NA_dgJs-M;WtU6X@#y}Hd4k@&wv;JlYGfe7{c}+OW z$89LJ-J0lUvlA}e@}tvnFWxxCWE~r47#%z{eLzB*fY?Y*#W^rbx>@dtr>U&9n_p>jhf zb>?YV^_Q}bc+~f`qE&X4GRH75jpz$eE|baC@D9DMp#$9n&yAAXRHVS@yXFiaXFP5_ z+bgs*@y=)iH+Ocb9DRM?KEgSwr%!woX3?Wa6(FTjwQOZA&6K-_ zdO0Rzc9mxw*liB2w;hu+ciC1;M}JOyUnl}FV135jsX z`LLyE+ke5Py3}=X)YC4Q1^bhOHR|KbF81U(1X?qiqyRqhHmBi}1}UD?+xp``+$~@( z$EfmEZL*b9aFEPPcL(9t)cm>i1<8IFDKi*-dl-;uJjZ4CBbriUR--Guz)@w%&nk0h zbMnJECM%Uy8er&u%zG(yjsIfhh(1LGoP!r4Fw7^DcAgl?iNAIiVlY`j@JNp{j z$Ng02M61hC#^e=f^I2J<8%{ImY&KRdv`k7p;AC$g9EijyodPcR=TbE%Fy$QaM%n2Q zcz)7c2ozCo=nwa45P(o+n|B`k>PbS?$QtVzi&4n%ohoTllAb%lbFeZzi;upexA)-onl_4(XzSL_W+j<0`G*xH7qQRKqwrQHA3gVBMA^#-wT0gZ8!?(*fM z>Yl7y1Ov2>2hj z7br?PhDTp=I+7cl>6WnRe^27!5pc$@oW1Q=tZ})|-JIWih@k84+&uHlYTZ9@F}$3* ze$!|*AxMBaVU&=Yl3$F>{jpC}1Qzto8z2{d7wr#&UoJt+_~)pljpPXDOMcY3 zZ)eANTSf{dO^M0IUBj`5t|AsiJlFxPPYg4{rLphj_o1GrxVr2oI|s~~eZCU)sY3W8 zx+Mx%=c8!%l@8r!oJP6Mj*f~>2hIJd9;aY0!3A==FvfFx?Rk!qc-A_5!ABOU$V1A< z2R7kg49*eBB}kZ`+Ys;kM#ornW6^cd#+o;AWlW_skmX>O&P&(8>OcfY-mGGt`#zR?b9{7Ra@2Jf&GoSP8zY%H=-dvxEb#Ett4E@GPE{Ab>>jkMfvN? zARB7~Z*=^yI`JqcJ+OvkH>W5Y-4h?5yLDDp?)Y8l5%U!vUN2eNInj2z`tqUbMa+8n z%aes_DQXd13i5=fh3j)6}8gpyN&-kYCI+$_sD zSHS{$Y?Ve-_$ikP5tr=83k->s7%*y}_BX!}cQU0NquepmD=l_}%)F3Cwo7wzKKcFg zq|N9tRC4R}_1=Zm_DV8sZ;b-jm#uf%ozR=-NGxQIf52%VYV1gr6!derte(J=$BmEG z%)O?EX>1gwE%yL}k#d{)Bzf&rrH|2wY)UQUtR+Z1(>9&}G3s^Q65g ztTX9YUWv9&K94%onLtdE&oFVbHo55fkDnuy?w5^Ur(1}-i&L;fLtWJQVeXM9G_pc8 zi2N4WalrH96;V6=Ig&a0Ti}aEQNdkM{S@4-;#` z$qc2fq7~oeJxsM@<|kdR3QBuOGEBpbQ>t)p26y5BJAXY-;{5}USWTTO2X@p+CyPfI zhV!5ZH>w{Q(iD0LhTMct@)~!}Edw~}qT>jlv%$;1DsFi&gg!~3 z{s85<`3AJ6&!lkC)A?21RNvn!G}WbO@&f1weEFn3fj#|5xrsX%plqs`Yl9VZSdn_t`rPx5KKZ30?dR@(VNHtnXpV*t-^6BE}=4dXFYuqJy!Hx9uzE01uer3gaNv-dV|n!!A9gZ@ub)-BAAevm&W>vwy9-e6|u zoU}~t2r#Df#~=LiBXQP)Um>;sdWGY{E4;QF4sFSpFYOMB$GF$dVn*_4hBE%>u#6$^ zyj6UZ&4>9yG35+rNg4-1=uYNZeOZwc2jdp-LNsIl@vS+GG18U6T zKdm_^`ORoumW|iqW5Z^UUtIi?IifpakPN(Q|C>ESdT{Tiprzm&&!ty6+mllY>{ES9 znaQ(l0P`;MXW}czwAaT$T#it?JxE$#C}FGWe*PX&4@N^qMj_ZgDB!|`qUbnG#OjVJ zY-{mXk(xllR-ekeT5J*tE6I`DhWguPR=*G1V1sgZNpCybm;Pkf<4Le6-noo= z;&&g)dw$~%xG7vOhAy7;#{<+%HX|PwMVz9G9{z4Vm6^3vLm+`El{L50fhjS^gwc5h zOmA?M7YnRuIT(TLXaB~;4+Ma(+e6Y`q-Si6X9-#E|92sg76BI=Vu@4c$=^ah0z5deH1oU zO>k*)n<0GH6lf24QnnC{z~}&0)zGQpFjgKc-*(JDZ+PiHvGnh(F!}K8$UH4V@fy(w zGUg*Sm_@`59-fd*NDaZys8es#clX1mlF?axcyKZ|vayNSzF#zx%#OqHmCC6w37raE-; z7oXzmQQj%5nD2;wI2?IbHBYxBK=eq%aSC^`)-O*PxS{}l0;4-Zr5cT6 z(xq6t$GuhT9+u5#oNMyr$InG0rvRog+QZ@KwcMk{?QcahZO5aF=AU6?1KrW;2SYJO zmk;82w~h&}ZX#k8VJe%|=>S<)Yl3@fsuyyWjmfi4Wkrt?Qd$ zp>m5s!6)yM?vpGwvEWaHV)qFWFA&!gi+$~`7!QHJIPAMEBDRq%$h{*OV%Uqth}56m zTqTo)gbzXlHYFtm0WAco1mOYEX{f1(IFvYUn6_zGHl;E5dCFx#S3#uzGzR=hGC(IN_Nx zFPW%O6OS978;U0&bB|XcIB3vXStS$ew~SsCfT_-WaFsXZl&Ey-)6_G7GVn<7NZG8t z_i8Us<2*^$iF$TTw-+ZJ`mp2gH|KUhrA6*+Ho3Y|O#e5GuBLNc^5^)Qt(WV#R-46o zMd%RMgZhLudvR$Y}#n94)UjFttTSwqcOSP*21A+#N zWja;vW9#n*pO;%0B-BXNg)CZSA2s`WhP5g_RG38!*4pYiRzei*Z_sF#=L}WQ7>0W+Z{g$U+5PC2_BTIW> zIv@`W*U5mWe=pBxq_Ai$l$Yt==U@vvi1D9&#Fz~(28OSdv)qo|MKQX(QYC)*{7pHA z@jFbn)f;xTKc!o1lVX7F7|x#zDAuiu)Zn+B=YIwi>r|P~58-wL6ZhupOmoIC4QF>)N>1U&>2%A}}t`+gvLymNB%D&XP&JX$h%%A#A4eY|lMXPWCY7}cVx!GD- zA--N;K2g1h%tSEv<-_}_0S2WV6#=(%>(MB3!1TsAmxc>^J<9w-Q3c}b%q}iGTN~|1gZun64|b0tAoB!KC>i8I1j2c~ z(^=3i_r>p=+rH5#pvqzG1I{lAy@GB+KdA!B(%0jB*S!XUf&gb96H%02bs6bR5K1R3 zeC2LT7++CMcQ-O1uxm7A=D?VK$f?iVA`XS8E)FeQRf(kD_4@+&ns*IpZR5r7<@xFC zLE^J6)i3=v4lNC~qs@C${3GqL*YkvuK@09w3Y<{(-Z%z5;TH%xw#jI(!E;-u`pGwM ziEuAa??DbpH50_`+>e9DJLpnVckI^2tgvgXqC{Gc6pEAmH)AYy)$I>9jmEw@q?jcDQatkMfV=tKMd z)2MuZ6Uetu=cOCL^Yp$M^dpx^g~Qrc#o%o@ni;oPoA`Xz-M=RwO*ZYnyhOVZU^hS8 zH@|G~&6)Zjy=JGTMV;w>gUkH(9l8tv$V-^uw6Lx63D90FA;Iz+gYg+<9jCp=%r{P4 z)5}%30qE+seS(@li(vzf65gOOK5m zN1&|{1Sk&u#`qdwl*D!N2on-0hlLVfNH8)Msg4%eNAbn(p34hG7ao-zz8S)}|HSfR z-%wkq0WkSNnBJ;CEdSO5@RNtseF}|(%pHy5jhETe-eo5~%R=r64`$)%ni}Yu^(%R? zD4Ut^MV%q5>;3YRQwav>aV?1k(EKtl_Z(vXSS)L2z0PqAsU>)oAi zO*M}dm9^fl1<^nqk&ZsRkHTl`iD^bJj{IkHHiapK?Pyc>xE-RC1l=@~%? zQSX`y&n%SuZ*;@xTNk{}Om$uI1k!J2?26)MSn`JE z{-3Z=@4k=6Oz8UAG`7gl(4W$zT>F^8BZXZ?0_Jn|%qzs}v6^J9lGQm~mQ&B^@_~md za1y0CEq?r%d((UE$kr!y z0pZr#-+LPny35=5jc^gyt_$X2uhvvukHKKobd)tRYsn_N%bWF7{4b?3^jT=AP`s5i zAN4ukwI4_I9C{#rs)f(wHaK2QU*nK;YiFCfp%Rn`v!^xm%1o8eN;K;QEG=+|iUHPd zr&zYh)j;Z->8xh&b!wh{ruXPuPXm9mbQCRv2gAYa0i;qmL;xj`uAz^L6O0srMVJ_@ z=m%jen6Zqn9TB1Asa3=P!VEc1Uyi$3q>*jvW7)@&8I2y(Gopfv6^`w0tTe;()3Y4^46#lPwH%m;B zFdq-B$)C^2x_yz(TL-YGeZ8N|Gy74a@F7)3IoXT^OP3R~t+ulYENh`bZSw`(yksk5 zjSKP+Pm&RIs+IC#dW+{#+q-(YthUQ@?&%}T3~socrIiRG6O4kw|um&w^c|C3!U0a&m7 zN%%9<(TMc|bBNCcjSuWgfLiI{LZjApAnZi(UYEc1ex!9Ows>hxSMufz-*;DdH!)7_ z`b0cgxxzDmnC^PW>vHODc%-4$>nWUM#rO7V`?(IU=vZ6wA>l^IMfj!JY>NmCWjR`~ ziqK$VC2e~d`Vlyzw^H$XNWs(UP?e72*HoSJ)gs!7qUgV))FM%heu%;2P<}y;=#5C7 ze#DbCS+mfVrbGE&d|n{$)<*@Tqq|YwnOFMp&*@ z;)2@GwKae8sPckR)8Pa>ny*|m@Qgc{=Ph1xKlh{yg|KSY6nbeAuaA(Y|CCj~u*Kqj zHC|`G!kjmV+i-Kq{)x67?mXTzGml>nqGMum-l=3F%H_&;>^y22_>ZT;Zn^D(CU5z6 zvKD-_v>n6v*Vm5Zud8%XB@TXdK1h$eW`noTTeuWfbNm-?JIV9QLKQe!ly87)wx;gs z$UxG~s?)ZL=2-Nw<2dQCvDz;7bn8&-`e?AFP2wRYYG=v&w82g@>UQ&oworB7mpjMd zxUx5Si&s-zn$x6W&pIb2DZT4LoF}l)*BEWZ7Vw9`e&3N(Ek+gS?`ST*JwE7` z_9Srn7&%2%=JN2{<8`~?y7M4CXQ}AdecD}$`+VOgissmKpPkvYB`Xi{6r<%JI22+# zo~==E0J*=8Ai?q=}eMvq`GW(J^5oeTQQHMRc5Q#G%D^BlZnWA zujhg@0)NWe$i0yhpcJrNU*^71p({m{t3GF#(22TQsk*HO2e?uQl%yF!k(U<@){NVl zT&}L)&A(k4Ce@}iQ$202frD;X}jQQ(^ zhJ`}4%G4>%a9PSZhyhv3WsmU}a@o zzeIn(2TK5r56l&Uy9yevDChnz95+?l!m>Dea_ssw@qi!)ted!%6$26`j?;N$peR3TreN9L?IVMN>Y)2vKy>Q z9C@8trN*H_c)|_71xQq!4cNN=o!a5*q&U&LtDoRkc!SQOGlfB>q92X^>va+;HG`&GY#T&q>%uJ6wY*-vBnoNOycR&doE{;5Btv zck=EEJ4(H3o-(;5CV26?Dr=Dg{q*=6V2nDBamaFN{C$tG5AYRnB=B`%-FafHHs^bum7flmSI-MUYWLSUUtp(9MkhC7%%$w zK^9)dGF3+U+~%DIMen`N1uZizSs})}!Xf8s?#Lj%%nf2`;!N;WB|uJ_O84-mZ9Okx z7U^Zz>c<*cl@Q-8*qY&)XUTF_aIxq$(9 z1MUZM>}d5*VMQpmYwF*C1bsM=ZZz)lFw2Ie5TAsr|WCenN6x)#1w!h`s#&rQ;OR?>~XwB)@3lH`0tM!DKp<^i3eV( zl}ezyal`LWhr@+4{2gD$9Gm%*l?ug4YQcix);wnM`2mJ!@dn$g$LOfYK`|^qB$V0P z6`O(b9VgV0u{zJgXrBzLJ1=D7#KzyTPg~@AStYI1)1^a( zLvMYhceJfNL0O^ITzE0wg^54`EF~wl_)3@_O_Na~ti0N9u3@nig39FaFyJd^HT&}1 z?{obu<~4+C4|;rmG5Vr8;UPl#_;|Z~<@n4`_0u8HfRH=ZJ4PjMp-&*$ky8At)_cBj zAiu?mR&x`mGeaHyOUuH{Z<^FQrY!mbTevO&&UagO0&0BNV%~APuebMEt`cCJvQn1u zuI{zgIE-6qa#k(%_BV^@?wC}GD=W)&G?hyIiv*Wbadg7(0~`)qqRkt{3(Z30cs5xx z$y`3}Z2sf&bdhi^P@+}V?maqjrxIkz@j$^aCQ>}lPGb8~csFON;e8g^sS;X>Z#c9X z8P*t9FNf)XRv%XXqbyy7L2-MaX|TRf_2+k_6rzVVkE7C-E?Y#Hr~eX?2gURus7(60 ztPz=BeYHJe*Bc5PbSIrwlDoLOBVb8!gNX6?t<|!B9wwx7p;+X#Y<~)`qT)F9ik%hR zI0ZDC&Nx>}eFsAF$BSbLR{S2EgL)*k{3GGTgr`t~D zfl?FCy9TZ;6HtTE9+M2(;(KX5-nx(8rYB4|lOv3aE3q2s zLV>HsN3fgbb;W-BW4?*DC---Xo1YjxlG==e-ZO&18P{AkK)zbiEBV%WJ{#U$9wxRH z#?%;_eK&Y+YIdwGzE=e&=NE}qA9qONH5?*>Wpe zvscC{j-fMqQmAe9ewU9mV$QsL(}?{8<>+wqk^SJz8nm09IxLRBElZ|c!sWO*rslR~ z#a3o8eoJ8CQpw3)>6#h}R{>4LH@@$GJ4ls1;$rsn$P7jFU>6WM$AN%%KIo6RalC4)+XnnXpn5ajM4iM~eV%c3Kf!)( zYu_`g*Av6tRs(YXP7e10@4#tcHwG0%l7X@4?OJzbeA1RVyIXdj2XKhC0Q2nm5i1pR zd}aKeo$Yo5a+hvfFrWk_#qO-!{DVe;%BTCvTb)EJH6{E;FU*JnLHFwZv6E`nyYW1% zO1P~rjRkDRx3iXtY|QTaVtPZcvt0Q$^7DJmr?hyS2&XV3;{<#%6LcC#9<#vlQ};pl z@{`4Wc1YwGr52~@_%yS4R_xveqXXj`@gg>>v6tsx!{EV0o!>o{($o~u&wqh0#XHwRngEB_3*;JU0H|UpB1%dA8&Vq3(o}JD$On^v3BeN9J`Y zu&6ng8BprC{m$;6d|&pZUYt+F4=ylFRHJ65;Tmms|LT}SAGqr8hw_N0Wy(rU)Zr>O z`NRqzg6?)MxC5hCodJz7_r#zzs>r4CT%;tsWz^yM@7GO;HAe7%UN%v zdEORGUCkM^%+#j2sg1sdkJx|F#%m)(QuYT)2B~xVSS*(J^rmh6iHj=RDNp~|Z#!-0 zSV+k>Wwq&fy_ut{03TU!Bk(X=H66>8xphc)?Z_e-s*>hm{H89zLPwMk7K|!I|GxCw z!1!&nx}l<&n6p7G%a_7rd5v#k2#SJ*Z{_*maM+cZTFAh#_Vd3zf4<|#-8t-ozE|DIidY1Z*@o4f`i1dla}&`v zC#^mhi*^G#IEuo?V-B~RHf8|MikhX$eoitsA%w2nj|vei;?Ub2)OWgdc2AcRN=@o6 z3H=#9=P#wF=HVk>xV+~wm!RumbeV1#?JSj9KW_J=*9w>FmVPgET3G1j98qm6NQ8?= z{hSi`x?z$y07Z7i&4P)`NZzjcxBFwzcv5rDnvMRtyksw^SYl#}AKOsZez-9SAv6V_ z!XApBwCNi@p3@PhGh2^7v%5QC0W($9RUshtJzB9(!FC;7Gzjv=R+0gAA_-8`Ww$89 zjy!T%R@SAF+o9Ql`nUif9`$f@JmM6pr`caPoySIsk0x(U*e#qI%k;Zd4=>k6)X(#% zTWF>EEPC?%=88&zm?nNb4B6%kqNoU^5Y%|LpVIDydJ7J)T{gmEvl1O=$cX&d$MzRm zKs}TOX2zCMa%3V~$Sr$C%*X`AL1!TGrR5?NV`nDs4n|{WC$RgBHN)qwOwMfE&bJrJl7ZX%ifm7gly-2;_DjUIcu zT~65iyD&{A$}Cp7?MS?H9(IuZ<@e$B)wYg0C2z?OpdE~vb!6-y&FVu2Gx00fj`ayH zG46BG!{-&5SM}z^1RAx9pP`(Zw6g2gdvG~^k0v%r$UFKWF484 zu;Ty097(5cMSrLM&N@RAXO+X7rUw9olbJhR^E&aH2IYx?q)Hnb#@y(nO0Ab`o00bY z4UUN)n~fWTJdQAnV(gDA($DKwd>JGVqSIdZ&O0Ma-CFNW*o;Jx7SI7fP*t|@$alli zD8Ud(ub=H7-xeSlq9pT|GFsgoNKu=FscL-K_`Kp_cUGwQ_H93z1aF~yomwHO=5`5- zz`BD+%Sr1)E5-Sd*pl{e5?MT?q&xn-I?i#ltg?opeuXo|do@~_pr{$7Je=eCnj(aV z5x<6{g-lUJVVVV+Z3z5=cPq^6`iNblRN=?q=$|U5_}C6e8&x(a@O^9B;AmkVS0GH> zmtAkWGy{?OPP{;5zPnQetb1(RXBiN|>joY@U;qhlbvEQ6bB}>fjVL%tzTEB5j2xh> zxUH@q;xI{UzJ-plB>eR3==h#h`U>fFVNqcpMP%E)F;qHqz;6_xo3-2D83#z9 zIn%d-Ysf$?dX19jtR43gjbWj!3U|Je#=X;@+YlYCuT5#AfH&8#K9?j!gS4 z{F(wlG|nr=yTEVqBJ|_5c=6H~D~x-WTfDSo`|XgIB~oPa^%{65~(6u@1oLC6py>Y-#y-4<%p zM^E@PEK>p%9>$wE?*B_m-*;c`QsBdC*?nS{ke)(h>OcD z<3uZZc1j|Qa^#RX(la|+G81pt43U}%QEuN#Jv!C#ngrFnx}3;C(PKc3=@acn$bdCX`4v(4}^Mq%j0+FAeBIgbwg8S+S&TZUdS6ZvewR$g&5=7YT{!u*}nxdgv_$4 zFnw!O0VtwXUytp@^A`WQymqluS9M#*;zYK?_X+xm){)5^{2QXx9bgzdAxI_U{-Jee zEix^U<^fk_9)mA;DtbL7U(lCLMkeZsbdHMJ6zk)%NGfth4yx$jf6`*?nPYYW+8m(2KV|3kEnCH&=Sg+J}S?kpYtUoh*p8W7dC|6d~l z5-UWgoIBirkaXF|m2;E+k1_tguvjF*ztxVJiPa8=r*%w5h`as|s1|V_e5|jN+_vcz zTcTH!YC?94edfr*Sm?r_RP(xy|2qjHg>~8=fGBAC+oMtmJA6ZpduQAmY1$l{CC=lN zZkW|t+K*=h!%2EGWr%`=$wuHN6Tj-rq#pvsfJm|KEScbqtVxMO&bvakgOTw>CT<^Y zXlQkE6)ZE1F#h)q9jN4`%5XH1M;Nmzelj30P+KAx~dQ+p@A~kZ7h7bitki9*mw?KD`oEjk+~b@30RR^xzb}|{!=OQM7h%)9hl O$jLxHmVWs9dU!RT6y-zY0}OX z>+;B+OkbH^Z*_@?h)5VQWk|S!5n+eS9lH)Y)NvN5*fPnSF3Gb zf-RfTWdz$>&D0L7i8?2zvt2vvZpvW9)8?xXQ&{f;TYL>aR9V`c0$XHsD<~d&Xi)Tk zQuzd5nE7D~8li4~J@atu^Bb-{SNT_jQ?W5g+3M@-OMw3t&xvBN>$m?V!T1A#c zwj3m?zS&1G#T0;;`_~J!Q$)&7jOmGkdaR$hvY>s--KNE4awUuo5RVnJFjEUPofZQ;uEiPv+NA$)w_33ktUiA}{_F3;g7^PDV1QV3B%3CCsZ=G^kuw`7{MXQwC_)=& zM`@KJd(d|O({fWNW{p5JltJSSR3~n8WoC`h{UC-eHKK$4VIr-# zV83D398h^>nBVhFBT;WUmB|eYADzf}Bp);Wy5G`;M_4M)vX>gcbw5YNb%lOmAf&1_ zH6Us=mOAz8Q7Lpd2j7)?w6}1p6dHe`iwY);AK?5QureX8JF%gPM~ImSwimOgWsw^x z!u4yYioEV;vhb6f9SAiR0_$KRNF3G4mqld$fA+ZBBNgDs0%*>u*Cs4{&mu`($(k?n zWmJbc&h<;)Z$&Mlcip(qv-lI^VjKGd!+btE8FQQ;WgJ{3?NOf#fEB95U>92O%>uOcADOW{xCS~M7&p^~@>?O~!{l1zLb z;kJ|r-y^1i7k7G3$7bz|*=k}S9076RVQEvF*`(yqku7}4*lI;U_yhq7Pj>b^advxi zUIYB{j|Lf`gTJ+^>^Nduus_jlb{hPw$iXi;)jxRz{RXGMtE9$^4O1PH<@&0X|E+$R zjT2Sl7kgOmaakOVrP#mVW*LZO_mD#aeZzRfnMmjV+>BX=B1hTYFiJYRHz6G%akEt7 zv`vLf!N_O5Ju15t%qI7AJnP?hWQ|fk%QqUEq$wDou_Rt#NYF&&PG5_eTo9zkxqj~z z*}~jUhkh!Rjl@#99*TsJUseKRhw{-?#X75fIF`xtZzu^j=9R90-Yy241lO@2~Ybh#5^z_!? zj?K}%Yr8tuFn-;zKE|%o;b8OcT|?6y4%(*p)~JLXtS_v~eewEvs`E5=UM6}>Cb^ES zEZp>+%xdzq^0a}d5ECv3%Dze>CvY6Br&nmYPi#{Yqv>?tx zB#VKK{7TxZ=F%fw>#UjBoxgiCcSXga^Lf6lK>6~Qsci)VJdE`7*X#bZ^U?7s<%dBH zoS-J*JFQT*UQG&_jU`z-jmqhfovL+kyUyie$weihgY+F^zK|N)Mtd2vZ&S z@NbMq?p?_7*P*Q2<)NUibjJZuF=g#}UbBrzGe7C@#TKyjY#-&^_qCisVd6KzJDL5f zrzw4C7;f!6%_#KRJPSa3wm#1 z3Kh(Wl~i3B-bH^A{=``km`F_+IlHf`u|inkcY>l=;#S@_<8iF?NW)PH(C zkhLpD`4m(be7H-v-!kEabsFqu%|+6P+Mv8H>4HL?To>&VKA;#%H(69c5lXJ$UO+}9 zKCLn7F(P_DgPYIex)w*RTdw9FjLIJtR~789`Y$`$b105<`*dU_ zBQi(_s!DZQj8l=r1;;E&G^68@pWs;#OSwtkd#L=|^NH#d>)L)GkO~UIkp^#6j4XY> zI{GP}ljqw1yIx5o$Dx!~L=C>OS6=OT_GH;dI(c{8~I@v;=cXhuwxZGaC4; zm{4uC{NZ5Cge;rWv$a3ohIM7DH$GrvIJCWN-0C+2n;>TPLryMNOV(#&#BkRglQsiU zry`K3uTh>^76FJ4Vjfz`dQ1e7cU?PD|tW;)S&L9iA{z zFxR4`ff6V^OCRwY!W$?IZq@g2p5^_*!}c__-h=a-0O(zWrgsnAtWVyp;9h;b&CMb4a=3T9bvJUk@`I!pf)T=>R1L zu~tGy1A@$dEewb)vrXe0Fa1|L9E!}3)H8@n{C-)*zZA2na6mlYW|B@Nv5XafPgM}B zEr3ph_^n5*WIPHmw_l+?YK{-e3LK+C#+a1jCj&lcTas@#F;Jfb0Iiift4Tbzi|Z9mzFeHzukPG ztkGM7J=hDvno~p`dc5uC?xZlI*nIw8@o&hR{(60>#953XS!uSM?9dXeGYpx#=)AaR zo%-sbo)Yg`)WGf_lH;B!1-ju&|pR|f$Zi%_rtMs}l;h+TeG5+RuH>+Tdv@QuE= zojF*gxTg>5Ww!AFi$cJ$Biwtp%l?3SD9cOQayf2^VjUPKH((AsEtE0cbcv>z=>Rux z3oErBbUO;1*!S*mQ$4T2uE884KO*$$={MYkuI3eJwk^=1Ad|Su55!+RU$XK)*mq1Y*xtUY_PkW;T5)`>Yziuj7ikV`VA1|$zg_to z_;=TeE=$nmpuuX++*`=RO6}etpmhfP;bh}NNl5x8hL6y3eh+WzC`nJL4 z0KB(mZ|l=?5NRkd+zjByD4ZRUp}V+Abx96>j;2^Cj{h8zg0<|aO)Q#C(Yf92_c|KS z{b_uHUvqt7;-S!kY#no5&cfHAeSTUU*>^dUE*06<~_#8%2@>r_F9R(Z~539l< zo_2b0TLO0V=D*G;e{w+Sg#2VekzZI)j`>WpBAX~7h7#VZ*hnf~XFzQ;d?)Qlg)hS< zxXdzXg5?qO$+3BXGSEG-yxkloQY=JtqBJ&fn*4nps&&%_07jyJLEdHloc|k3uI=nT z?FPc!!fh&VxL3T~N0mgVGba^t87qowfS-TB78(f=6m9}*v)ibY08NB{NYoZN&noD4 z6Y~|A_c07nAKxhFEu#7Rr9RaAXR{yW+)T?F(Tt3=slL8Il4WGRS)Mo1Ko`$&27GEw zsr4#I>}R%Hj~Mx&CJ%l#vthZ$J-fW*t^nN$S>wD;3Tf6NuOvB{iR_~i-Dt?YY}e~s z#dGFQ#@_8~zpwdjSP1(jLVToST{!{Gdk)PaC;K>p)?L2GP$nv}A6}-z>Fz^RF&&w+ z>s{)}d$q1is|3-m;NqI9FDFgTXAvWZ1_Be1X%rc@(`dn$oiFd8_MH~{lqp@X$-15m zgP-gaqFzgHVgJ$W@&-a-Wfm<>Uk-SAL4CPzrydU{>Bjo)aTx?Nb+rRGPc{%ic<0pj zt93z#DQ*W6;TEKE?D!j{p%e0-wocQpdKYgye^b7{_M058Z#*Q^@~v;j+EGEhNA=|0 z|2{vw^#0)xzGuaxf5~>;&i%-+?zTOmR45F)p6A9UpD7g3B`&mwmNF2rVwhbEYIAOW zj2W9~=E;6i79xvwJylg-!ky?xpgf;1^yv%#VXnV0g|R?<^^}fiuLsvHS=C>an%&TS zh{16+LK|F-1`fs$m`2>i4E&bNwZXvL@cDCqjoA9GS*7A8_3V)eLmH8SP2Ud_Sza|D zc%Yy+ED28-5YEL90lTK{A>;IEVKF&C{S!lL!l$$qCfZiy8fz010DX7U?e8h?pVP5r~RJHLQ(MbAcg;> z53AT=vo=>W9A#Ud3ondkQiq62GgYZm+sBO#-~E9s4yG-z-YC)9WXMqOc#wijDEv^) z6iVRYoc00|S&z{YY+TTmzS{TdczB!RSm59ATtjOn0Q+7tWPZ6Gu~?}d-1L|&YH3x- zj$T^i6A%_w7diJrUX}one}CTFTz6t!;uLT#L)rFVf?W293 z;J`)WH^U#{A&BL|4`XP>VV%6(!4P!8h^<(;0~%JdW>YMAbBBDLkvTs@CROW00@n^g zB?}yH`rg|2b~_lmgntg;k*h~7-x0?xT|oDG>k3D(VxAPdA}x?hcM$U(-qwB(P<{2d z3QXtdf*frOIczUl3Vi>a{W|&0vD5yh(3qF^&Tz(i?pWm0uyd*^mAoJZ`LAC!5V5}w zHkFPce>TIuf9M*q$Ip5jTk7h<=kZY&;6y{C;D9+vBZ=~m6N0rHEaO!7azu_u)}n#` z3N0a(gO5oEab!eC0mf{6bUQg&0KFhCnnuJLRwCIx4kfoZXElN!5srwl-1*MmjE!Wr zS1;qq#JN~3@a0m}QK5!8hCM?_Gge~xNKTx4VpQ_wsrZ%_)C;QSuDIy)ir_uYvxhm$@JL3(cjSB;J>{p|k!Z!c%ss;_(f7R7=j z7r^`Jwe4X=+P0xSp9jh|{XgSv)xLX`Al|XgwC6>e3wGDFOzG6pNj<8EC5hkygSRoO zhpuM2?;@AKYQN^g+g*2P;m_7R{(^IVAa_)A_-`~QAIg(ynAQatMg-*IyiF15B-7GW)HEP4Jf^}D~_s5uj6)b=@ETGsm zUAuuhF4-;cRMMLiULM|Y-_zPIpHzb;FF4D!XNUV{rB=ZYeYKLQWd$KIf-DGRXCTJn zGq%SWqRF=RLt5yeqUv_@=9?#oEt#1l=SlzRsB6Q!xD!5Vqqf0b+0`p13tDPH!!cWe z^iDAJpNHU7+Pz93RfyxG<7X1_Sob}#L0_=2QjOD-qIz*F|31Fc${SF5y4!_hJxdXx zSCN1^Ncu@I6Ywz5X@Cx4n4!V?&wlh`+Z^6e)Zf> z(s2&==(t~<+1|mk$mDu{3{%o~`QxH*{!348gXeHT9k44*fc^c-DzId@x3ruAHio1n5OlmF}7V;5HccDv

>+aa zoO$1Nq<%5V%3$y|Xqv*c;c;OTaRoom^Fzod$Qz)tSuvf$`(T@VFg@=q z?H#0EdZ3=afPb^tK;K`uBa#??l&i-G+`Di5Z>3}on_~Zj@ZnRl#FR~T+m+IktANpL zVg7yFqq@Tm;e-DDb4S{RegfZ-&hJsn&S*c(9|GVUA3jwbLUiJkYaJ$^S)}x1PGJ!% z`!smMX|@ix4{9v~-%)Q^r140TD0sO~fygDH@b9C^yjUnDT*BpG9Irl4mQD^o2LQ^O zi~PYo+Ka2g;}*AyvoOGcVwNKkPGK7NZgP~`!quB|mcAc0p)<1bNBeQ^0~62Mtg{45 zz&}#`jc9=vT37Hq`czuz_@pOD5KtyAlVN6y_{)BJ$k=Yjzj9BL!}7aeE?bW?dWz{S z<38}a`u9YGe)*8A;NSu+ZC%{z@(70Cx=htI?d{a7TlO~S@)7vITLA&t?Y(ugFp?=M zuW_yKv9^|5@cW>1RnMTRwLHPtb5Xv zEP?$vO(Eg_lhJ2QgE`!X@UgL*xtZT7DTg5Rn>mqu`4IFqjUy!0{lVo5=Z%2M>SGcN42P zul>8@(I5;~7K}9O)(iiW(Xu*aAMm>ZeEo;xd`9r=*>=i$ooo`Mv!@=+yxuGI3#RPk zg?xA`NkJJPUM?; z_gtl}_d9*ri7%nSq_x|bjj50av_w6CDDs44tA)Fc#Z?Z#)fg07e}k3{d*mG7WJ*Q^ zI>!2=azDFmNLdKSN^z2a>EQyg>jQ^mSwO}&+ASme-2a49ojv^CB$Gv5&vdFAHcx}) zo5mck$DQ`8_){5hrd(XER(8LbglgG)i)T1EcIJ_l-`tX;PdMiZBlvPtMz}IHs&MZ_ zfcJTSq@0$~}C4@)jQ?SJnVL?9 z>h{5MmS1K~=@t`nz#6gFn9%L&#X$%;yy87OA+t;+P36c|-HbI4L~tuo{9{6Rk_z-p zj$H0Dd<&SJguPq?LEaQ`^s|GJXRAsk;-P}-LRrraVnCSr)4Bs)5NikFw{8H|tiQLh zA8A2txPJ_rvA|Ka`tlh=a(y$V~Z@Qc=DlAl<5Bw-VH4UM7-X7 zqHf|>9yqht{m4Sz@>qTbUwU+y$Zd_q<4B!FHj=4j+cv!GLmhyGu*A#=oWkMJ+bzS5 zFw0BUfboF{cxxk$z*)*8%0pe-UQiB=(&fay7a;hj!-=y1!o64oXV)<~rEVB(M7&EiQ~5+cgDbQ8_)j9LRD={yqt96T z5v6HHxIR%kb?+E^XL8uD#uS(giA#J@A}~w-(y~?izU`Xs`x}$FO2wJXipr&x9{gW) zRi+MPfX1r!r{7Xicczz2ngs-IGGGD=IMA2?%&+OohN{$;5zVH?qFaDmvH~Jc={a!hxX@ z0=lRwbkd9dJUx5@)<8v*5t^&qQVK9Z&vYwd#Px1~vHh}@DfQYr;6f~${H`kSFpzBe86re6cWnx&6d zON#EV%cBJ`j9^|2oZy`1N{C7I-^acm$|n2YBCy+mhr5ta11GFME(mF8HH(FNMZ0fU z*s_euC}vWrHQxTUXM(N+L1vu%1Qf9XOrx-X$s=o)GFwd!{-Z6OPm#`20B+UPLh6M? zIia^+YGm5{@yTJML^>j4Flp`FG+}gJW=~yi>_=fgPhAx+8VwbDaT=DQG_kfFZ z$7T+md4tvJElCW)Eaq-IueSov(G$?rxee=N5)zDZtn#uS290!c1V3QP_)Lu3#VDcPx5bdRvmyme3 zZQc|5NixWH&*UoTPG@Hk;cyhtQ7-<`!yoVYsW zeljs35xo5>6c`Ny=}+BzIR*tuIR~87?VAtbf~DAFE;`ZQYHh4pZ{WkyVQcU{C99T9 zIkXYM7L%jlsGAqJ$eI#$Jga?#d|MI-%NwIo)^{x}3(jwKx|QHIcays&9U|?A?SHc+(kXZt;lY}k{R4TR2>X`p4~4qiUgKYe zE`L@hB_*vwS7km#vK-}o!aQp7LMQ^9-QC^o@9($FaLx`h1V-Zf!yIMn?oSLZ)iB?b zc!q5z=)FE<-s|xK)~tvBgct^g@a?TXP77BIt6Sw{l$5vW;7rL zrcn;U4@&1z5^Q$Z^o{v?{|miVj4kNB2B4`0O&vAAa*s+$kT&eq+3R_lF#-O#yLJBe z>4phrY-B?YEWJDSKdM?%>iWxHE1DV6S_c3K=zT-ZC368ZhRcn9q{Y5eBBl(pN0)FO zbRGfbqhyLS+(hcSHWFfmN$czIJWm$Mdkmk6G!S4K|0f%oL<8-Qp>Jqlvh{F_YeD?Q zAaX5jfeLm@nr6FJ@imKOH00#aZ-0C_^Eh*bwR6cYq0+Tpt6>|Hqd22L`rnD@r9!`u(elrv(zLnEB~$VOsW8B4$W?A{+p&9w zxT(Frg7S{)<_dGiTI5zq<8P)?As+S^&Sg4QqW0mfvc^VSgUI2oXOGLP*R+~?H5DV> zU@Z^`6gz5YPPyf1@-sk^&-ArpAy3~`+ykPO{9ooe{@}ImPwwujK z1t*UH+SruDL`QpCAc+k6r!NN*W5#_P4NNo%Dq_6+SYhvPFT5^kBq9d4E1=Lc4EMD; z#~Nop0pI21Jm9zl9F}8GP}v z&nK4m3W|H%kmI9Nuf6#!RIwJ<#j>j_#`Jx$b+4l1pO)NPY~hg2%taWfp8KMLXjuEL`_t1n(Hij62YzJwL^kN(?a~}af`FR{wGERJrFN37dPcS zb$Vh6cgFnee-qKynJ^$s#dal#HXNPCr!8gusZH!B7(P=q!wl&-5kLQMxddrx#$L8xLF$!RSFh@5R`hf(}FYD<>4>d0_* zB#c0KmQke5Es?aivFV7%%C~Nfe`7&G6BR(k=kx@9jDS930BavH=<@00iaLVa{v5LE z#$1tq9oq@}Plz5ST4f6uZPoSdo9udQ_%(FKN%ph5h*>Uy7q+SG%ZnnAff&r~q@zPh zA6g_&XvmZhDYI<=e&ba$7yGapNq>xZO2DDuNyYcWW%mFYJ3-%BqKl!Kjv{d@` zWUZ7Fh#$^4$4xwR{<2i}`uX)Sh1{L2ehwOh40w}~Q&}!&iy7A?+R@=B#-hd(kI!f7 zGAb(1<75*}P5hk*1{{%?0rqTQ#j5*3ad8`Ri62{A=rq5_Hro&7O`tRaPX`K*$HQmH z6J1alfVIvhojhy)vmgd3bR)4e@tjKZu}hyve!B9u%@suy%v>bS^qxxMUdx3op zRbVB8Q1FD;Ek5xhG2b@cb@4^RSBZcJ&j$4HnnOCNEqU>hrm^t_JAGcta$h=ZZxto_?@izP>=Tg!s%mme$kqKP>84{3UKC)5C!YWNBTM_D zqj87hmz4;Z4nvDDKH*ahuqdl_=V_D948Z+Y`+HA<**|+;Earz)Emd#$mn;=p3?zl% zJl#c60c#AdE=4I@_fA&o4+GIYal(W@aCk6 zMyIf0xSA9LY>87=O`U;E!Xku>+*A528>kH`KnmX~zEGu!Y$I7fGi0>ANUqccxF-CV ze&XazUnEPG#)X&%afbUurGd%6t>Mt-BQfxc?|oYm-=pPEj;!_`8vS@~X5jhvryRJk zKmgJpmmz~rB7`mz%L7fL)bW2L?WNgcLW-=vau_!1@Z|kWrYU|Fs#@RRI*^+)izSW} zCUwQn74XO_mss?TEj%w)^s~OttlpnJ@Xs}At-q^(hwYY1qkcfr_pb!aK)ElUHTn%o zwo@KE>UxL2O8?{iM!bmsyvki}&ahi@mkUvxs%Tcy~46BI5>CYl3C$Y|b!61Xf{ zk*~N5n9hr}H^2MMX-Ir#NAoCQ+xm>^`0cJ;@vx(1_{Lf)rew?4AKG&_6`fPa`nv#x zXJRU`UFMIg&@ZC~a6=}P=PsZ~7%jCu5`(#-i510*d{yq$l--v^Pj^dFVCKQ#)U#SA z(dB+4UM#wQIi3B=e{of=P!^qf`%fo-#yL0Ot^P9KD*c2Ug1vHBO|{u&U@ZyJYSpUN z7wVw&-11u==^>ZF3~+jM*`iY4k$k@>*>M9WE$=km7;NBY+-5&?NR1fPkj2iFcKG8p zMSMWTQ}AQ!$5W5e>3*mC6R{!!%94^}t%^EbUyVDfn^}rt{6E4*Y_R+IeC;<{4pxUq zqyd35!a^%c-3*E>-2~<`#+YPKvXp^!=w1=VB+bN()+n zEpwSfy1!i#y$Wj{f12@@dn+9ZJ?3l1nc=pgNYF0iolOsPKGh+CoV-wN%B5I;bUFn| zeD%%VF7I#g+ZS9f!ssEy57})QIV*dbxsKl$GElrbclfe1VBH4+iBKAJt$zv%dfYkw z{`t1%2+*F#jvysgEq-b{K*`&^KbSCMxk&4$($qEjP5Z1j*u*ogMho}q`Y}IGv~<_w zRMgG>bxvvGk6m-8{mj#PFS!+S)cXK2-iU8eb3 zE$N@|W6KZaY=8z~YoxfHF~bo_^xfVA*m-d{qSwniZ3VUp*hA26^k<7hqm5_jWyWyB zD$`M}U?vo08iddOaOg@WI;&my@e)nRY3Fp-4gMM3wHfj6Sd`HwM&~bbor7m_-0Dpwp^mNBxQa4uS%B1hY4#^m)zW!PeVLkVuxJhR0aA^Ir zwZ52JX4yX+tyZ)^wN@IZK5bUIl>i%V?1eav^=2{9$P$uk2+ovag@2MnB7p++-cm6X z$dO~u2O~sp=4*d*e4M7Ry(TeZMBtZF3FYEv9;Sm}r!p#(&xNYe%E%~}FYgVksuHrK}V?04PB7svaW%;T2Jo0>nt#=Pfw*0;%JLXm3sfrkKtn~yH znovYKS224-#~ehoHtH3o$#JAMZ-P(`3}P&y<}Wcr4?R*gq61}Jb?Z-)rk}EL_f=}1 z3h0fI-^r%TPWBBkWA04jk1D9T=+MJg(FHXG<@2e0TP_#K`SoUx6m7ph1*++b zoY`+!!s4d#L_B_|?Hcc_N<23LpQ9A`&UFXFy5X=S+lDP>^paj2#chE1K5sXZyYYS` zBlwuf)lNz%%ovkT-^fu-}56e(~#-`MTV=vy+L;b9_&8DR0b>QD$weN!OE^2C+=SubVSEQqt z;e#F*!pk;JKjt>lw-Dd`K$fKz8=j8o>k?S8RaLO7>~hx{c&n%KX<)f&ULk561CB#T zqXMpRdVmF_CR?%5#(Fv+fTj%&3K=#oD?c69?vx)S*DL~~z&zK-06(JWOmwgyHJc_i zEOL3l`}1MZ)9%64lEQLttz%GT^XegAN|=aTiNrg>9%(`{bSxCQd>OBuz7ixAPN{sA zPb;TI3hv&9Vu0&h{Lcfee0X@p0=Dsk;2CjD0^#g2sy8 zOW!F=Se~1dE#q=DoMy;&VSn>teA7E0oeKd+romPb*freaPqSRNHTZoT6@Pbgdt|^^ zi(t?ezZsy%H)&y3=!G1Fr|3L@tatztzad)GhZ(=_;aGdB6Jav3qGmsx?jWAFG-q3~ zgao+SY05^5N8n(6J(?oeL*Rs2G4Y7-2I5z&$z?8uqDC%NqwXh}wIhwP!CZ5-zR zE%WGjOn4o{Ty}Ike8L)0JXO!SdWqY$_q4dqO~rc$jjjKeKX!*=x-NS$a0IpxUe2(p zNbqF{0PoQXdknW~x#jdCVCCpbzf*rUJEGtcKKjN-oZUtHhS9!zgrL5qb_(DDjt23& z8+9809&xdtxRN?4=d+F}O#=1A5(7{gx<5LbM*L&t-f<&2_L74TT^rd<3(Bo%d0hxV zBmQ{V>LQu*$bzqnyrcM`pY@2DkF*iwtk{^Kd0+USP|G+=61j4A(OA-u%mC!>(YOS= za1F|d#3CKdinTL$7;EmnftLm%hVPqC`pv_~whj!?u*#9YpNbfAR-_DZLOPrK1QNt+ z=i3}tyamIEMXIR$TWb_IMK+R?t(8+?61S>Su#-G!_8c`)_(R+xBSRa*-sf1EvN_J3 zrVp?ew>mZVkB&EYe;yr2o{Al6L{1R9=r-j8H;Qc(yiuELj)7F{!aG`&Z7IY~+)KZ2 z^JG1Kj1hR6@SQp@6~ypUsvxHC%?mY@wyr$MBO^D=&)`aVRgDAPrDO*v;)wD_pny-{ zXOfCh^oQ~iec!C1r^qFqh=|?+P+WZP@a<%wNz-559*KqO=9Eo+@6r5-^RFeL4%+C! zquYhf9GRQ{j`SqwB*D_*C!N}+4j=}TFjRsN!AR&vMxe|Qx;PTK6z5#`e&f%Ahqa%ZcNQAOo!`m2F3vqXp3Oo|@5!{YudmC5GF;}Li@`55VlO}P zKUCJ|aIAE?v?aW8p8S$^*m%)XDsC3_dCu@UNX_`u@^km6!`WmR1`Bm5v<8hm9}}?9 z2>2)e{Bt5R@YBy10buEiz-pcP_`{(N5ZdQt@DI6q2Ch*h{Q_0!i3Ut}&wwrNUU;eN zcRx^jBe_;;dkA0di!i+}&zs#1S{Y}kkTTlu%a#{Do;B!O$=Z{dbY6LcI{H%r0jQKW z@IQK0S#WInsRuJfA6h{vk<7QxB!PK0eOukQsz1|Q%WTTTZA2rDjR=CwM>2OVW-AnZ zJYJsd(iz>x<)g!&67DS#Ti2Xo##CoI_W3(Eju{@zgyVM^=z`Jn&$+z+oS#Yr;Mcs8)sdZLtZ`au~^EZwp$Yl=}#QPFCGnVtjdJp?5QA*nX zJxU_)!KQg}1_1pU>-@>>AHwiex#$v%cfXLT`({4jAn#?>muVo3H(nhI%v_o7>zTaqf$Dy(dB&%z zjTFCX5f1yUyzu>uZ52A{`Sx~4BQY^6S^cGGkhJ}LuDr$#d6Iae#*%*~TqI_y&yyL! zmPD4rc>fmxJ5w4Gwz=t%@RP%2eVPMpy+&AJM%$v_K4+xagN+{n=03lAQ$FJO@?dci z>_#Jj9~gCauJ6_D*C$%8I1Wy3zqoJqt=AcneZf5Fzt>23FcbN#Hgok5f}QPp`t#~_ zmK^Ius9JQT)?@)~$j*C<*Wr(gq`FCkp|pZnpskrMMmVR5?Qee-4JNvL%S5~| z759RtP+7!2nLaf?nH9aq-Fzn2VkVb_0Mevb+{8vV*of~yc!4#p+}E^khLSV5=nC46 zi)L{^eEuwGkcmA;W2aL$02i__i}q`rOHKtqmyeJ$BCf^y%TfCvmF{B2#W9x^MP#He zmTIpF`LKb^pPA2r)}7WL*6hI^d>eMn8=UN5Xd)F|`q!WCDGphj0Eg59D#^Z>;!<~Q*B+^H-JH{cn^8OdEdk!2@ajugkId@+v|BeVt_E* z{Oq#$)ALpb=@<$o%R!MsRDzq8e!tDuXYu+>3aw=jLHM%7%m)or(KNh;*7x_#0r`~q zkJ53)GJ^(D4Ii`YS6#n_lxDNX6tz#KL6ZB+_3^C3i%-ZuwilvMOxk(HIeN*ql+kpx zbE@kkZYU%Y=?q!~AG@*{GNF^o2aQ?y#`hc)!eWk>=e@h%t*CdDjVPBxu>G)Vw za*_#if*5aq`#8ecmHFK=gf)`YV?A)gd z`0arr^)p-cIdyYuD$a@IJPMfBJ2Lw%-n8;^>ULx#Q2|dRk|&#wu>_>Gwo0WlaD~E;#XNfSTKb5BpkTO6 z@n0-Qy$KO}G;jj=kRv#ZQwsWq=`K4KIuIYuT+kvvw9%M*t0^}i*PC+kA*D!;iQL^u zj<`)BlH-yjZ-k1u8`DT#fC!dB|M1^+5oO)*m$$bIim1$+cCQ=Jm$Q1SxuPp(WT0bl zaSFRgQmn}PoIbP>#EbaDQ6rvAl}Si27QgFL{RkH7)9}>4xOYVK9Wgd|4M(&gTVn6knhbTQC+DV)8knIT@w?#z|j65%RTZ@cDIS8{rQj& zDJgusCs4f>aF(b^43cm)6T=_l6-IxI6F@D)=SsVC6|NUwUj6%Gn0wDV>wIA;qxRQyeBq5^xWP*N`}g&Uh)TNCUym~K=f z^hb3kb87{|38U*;sIX~X3Y)`^lN)7?MnUr=!5i^sTOy?^1d_q`8j57%D5{Rl{aw5; zRaVUOKxmP0)04s{1D6VUQ=rlQt)}vVRdENO_tCkB@$PK?hic(2(S<7T z0^*RJ)8j(*#{JJ~u-M#!mO;mHQ92Sro+Sb&=YNP80)UMCHJl-!1_k(>>T{eEkR(Nh zB%D{>xB?H(j{gr`V>|Oa3ZOBY+OtkA(Uo{-wUde_j-}Gt<;C4Sl~(r z#vP@hMKhWjI7r42-R%Fzj!?`#7X&iFXM5bjt{gV@=ESScr0|UTKFS=OpeMD&gA&O^ zphuWKj9-j9Q~u9g0C2g&C;U9(Q~r&b)4uA7uU?ye8RXZrFy8`+QN*V9yp~rexEbm! zRqgKeK)K)mCpVv$;%;wI(b(I#fgQf0xXU^-_HSZe;xKg2y_dB)OT`PCm9gRDCAc&s z_BG`UAP*n-UjT|gb-(U=b7?~~`9;dB4t(C$P@idRN-e965#lzo{}0=9(X!}UUt~(l z1gBXpS?oS4G#D&JeO*ZwqD2c`XhioDHZK(+#7IU)aRaA9km%-*Lvl4g)n?NZMNTe| zcsiWPo!eAS2$A@xD7%0$hMh*2Q8|1k|NI){^Upue-zezayZ2*{J(i!zfBu54o6_Fg zCT|XpB6BA;-X2OM{WAnNK>V<1W&3SL4}apW|3t^7HyXO${JLbjvUdBNu;n3_zcf7l z!1lk~katOVhyttHf}k?G0ERB2kmx@I|Jn7=w(z_JC${)nIJdd8qfal>5xwC5p8RXu zkxdkl(6%Pbh&`(%>Tr-9DQBc*KsRoMv&HdWNzCVm<^P+H|H1|g%`W@1RiIIyY2d*y z5?xJ`M3);Ag93c$Vnml6$xB4~Scs5THW%er$6rN}Sj3d_BN>&HopokDC=AgEqzM}e zAp$8$*A*f;h4|0S*gN#8Rou7nXASr+ksJ0;qTl4ns5?LUXsIqdK7=fOS1vFqhH%4z zUGQX~OLN)$g@qBo=8WA9&6RL>Z+_Qz`I^8%Zk+#kQIZ76{B*KeU<#%EV6|A2cOM1UGKCB&m6aBKVCA_hl5O&XL@)4WATJX zXJ4}Cx+m@2ecOvZ{>9)t#0%5M{&8o1J=_1h%`G#kBh>(jBD5k(jA68{ zbYYgWbWH&ZA=wPE=z;}}oGq55GWB)NsK$w{u_;+y(**N8jeyTsEER1^&0o||+ODCv zsO1&=^4caxpN|b0Jh73Gx)h~}UL3H17Aajt(Z7X%^I6?DwpdVPruyAS=J)7PSXP$( zgB1dXG(0Q}blJhCMM9wAM^`FE8Q~}lsmn)V`|i6h=eE~he|>qQci1UsvL7ytdb686 z?%4S84(`}EvBmw@VmY`cl4;(7Pb4$pvdU3At^eFz@5RTZM-K0`s5V(vQaR>NTR(7d zbo=54eqmC-rM~j?aU{#b~4;`Y<>&%D6dn&VIQETsj(3<+adXeLZd3iB}?3qEWE zW++A&wf5#k?z7+3YQZE_5x?M}1d>sVNE$;(03gjMg^B`(q{)axXNW)~U6-72F1rGM zF=q)^5PX5G1v~ok{+kjr3vvMG|o2GP!?2rC3!rOO_)4uq%)naxtyopNYsb3ye?8Jg=%_ z$$$-epK$Hlx1Q>rDbbeHB@erC`s~Gx@18YmXphnr(2CJNMuH zM)oeQC~e>)FV5cnJqJXwnvs+Mv+{^rB#j|Ti$kq@y0|ffk-6Bx4r7r2_65l|-=3FA zB$uZ$O%2UwtY|b*Ul&`lAROlwnR6RwIF7&ZbVGf7@xplp+<|_*H8jQnK}|6rs6j$N zLWB@XS64o=APGcbT$z8(2+7xMR`Z#p+xnE|ho@QFoC7GWiWsF+5rv%^i*zATQS{dH zPk86fojJWtojUcLXTx_5>$xK7@mC+_H+swc&)D3TJpw1Tcs$8}(O4qJ8??n`L$>Sp z(w*-l4$cf;f4#*unUdm)Jx|~9s>@#J-7DR`y_*GKASZbI(d?)z1&I$`Su_QkFJ0-Y z%Rf0?Djh($Z{xnRdA*QqO&Uq~bcA=gfJ*#Y;eWN(zcx43QN&yD_=8bgA*CaKTKxXM_T2SLPhMP z(kN1jRmU0FIB1n)XQx#xMn;8M8L*>ZVSw)myU*L4VHJ%)K5x^nmon_Ce1j*W{wV?! zuF+K$bf8KSj?NHW9aF%78x5WrLXoooX^8eUpCiCev z-F+7)`XBiPze2({wPB5$B=&&^bnEn@Rzsb_{{RN6wlBT@(RE zq2Z5%@vkF}hLF09fW3`&9C`nwXNEp7?T`BodUa~eJ`+D0xA{5`oG_B_IoHKAXWTpU zfUSFP(>Kz!%schQ4?p^r$iY5j&y6G9a1nutI`GT4wrVG-w= zV+;Pz+JBv^9-NbDEUHdt8XL1eX3eCUVsY-ybuCR>;V;EGNNb}!jDcvCme-5#y?#?d+ySuOF>Cx?CCirCHb=(y?IUE zGVa*o?v|bZ;t98Xxm}C%Upxuhu~>rB8y|c&MI&BW$(wh*6Wc2>Y-FDWOVgz#CEJ{| z%?T41?A`9)GlDiISqtou$Ix3O_RcT6KV-F-NL@)A0v;_SQ{1l_Cis zQfo-inT)MnS@4we{rBI`cUkt?C;LlKjIKe0yJwzxX21RRqpre5A0-5xuF7ef;f94M zO^*=ZvGHiQX;gbG4nm&w^z*Yib9GvR?R~~uEll6!iCdao+kcmYqT~k>4Gda9=orBd z9yLPD&G&VzV!%%nw5G z2#~kBaCY(T453DTDb!Ug7F7oZ7Dka6!GONH{42jp=;x2~x=qB}?!fKNyz}{6Uz)cx z9=hxJ;oA)F$i@4LxOe9Z^Ek9!x=;7nOB3TJy#DdL`t1(h-ix?5ecW{Y?*M>7qyf*4 z!oo={8aNq3s*AHGh=nHpu>grErIIId{XXrk{6l#36^oa-zaZHBfmslV)mnh*SP4!IHE?U~TD3PCEqC(=9{0amf4QIM$ln+KMt>m9@ntR=Gjou~s z^{;>3v13P056~hu>|Hj=AHHbR{wpy<)TtwedV5sLZH-96%2G~wmQ)X)WiUWCnd1Z$WIpsESd;L(Sc;h zeMrS+a^RUHo!9r;;AOQ)70H6slb`%<;iZvp6C0Z;ePDe& zUIh|7sY^vlBh{rGI_!yUp~87B@~;xyWl@zc@vfz3l3f3~MGjyZbD^yj{zVa~NDgw+ zYGWaT>z|@HK$J$u2^N3|Bu1Hf9pbNDylTo0g{2y0>I*q#X6QT zrU^)4jAlfjD;<)iu5={3N2gAmc$CNQzoBsIa=~A3xB-R9^XCVVG)mLXIp-WsW&q`y zi!a|PIiZxspDqebv=XHQuDPiQ4p?Nw6NQ9GGN3S9Sr{S_A^fj5M9_6&JLfg`Qb~F9 z<2~<@v6-=tgo0AFz9!kl+%G-4voCh0<4X8D9$j?7(5Oj_j9S#U@UI#9sdQ3CRdZ{N zdx(5)iX!0@zYXPY6jrF zUwMSt&Cxx)ac`6@Sy2DnJ+IvO`}Ggmsdqg;R@CTDY+PR4`sB>og*AVfGQC^B9y=bp zS4mYdrFB{)5=CGAQE4L$1xOf$%@4^Q>_jP}7?E_@^mx(~MTm4op`)+e1p-hDu5?B=D=%f=Gm+??E=jzwruU>lvb*7+wnq)`m&-D6e% zKY>|e>A#JV-IQP^&)Vg`HS7Odjz2(xPcaPPD54#lKNbI=H4H{OI0esk6QH`!Fj)iw zy|PZQP7K802JgYV_$w*(q@R59$yTqG3J?8BqQ~e;E_}*N5*e*4v~=Z0T@)m4tUM%L zFykg4GN5Z0Wz>CygC+O7B#fT-tIXN2hTeGJEAPh9_-m;3)i;wkv}hb`IR4To&0eQM z!a#MLT}8jKL}=K>hTInSncl76RsDBBZE8;3q*8i@tdnBp%5(U7d zVZee828sfPuBtN~+08T9m5;c^9^{`P%}D(FTh86LJ%8V;R~|gzz+d;~tj23{O+1py zc-1wrn;-jRo8RtQR+as0*Y4R&uDO#U+rm+seX34!2FVYNVlU_G{>6X?3C(I?#^d$3vvLXXgYuap4h`E!ZFey^M~W#eKwHs zc+$?@Lh^gROX6-h+%=Tr9ER6A|KduE3aKs9!ZlA&a^A8xPl)J;9V@7vA433ggp&s zMX@MdvE0Y(DnWAU;-mA292f$U0=2&Z6$J~srH0UHglnzi;6B1}w=(WOwb2iT>gT(6 zAkC5;aFCp8a%BhiiiS@VU_gb`5y7~kuI-Jkx_@+#v;46zHHHY019psH_Dj1}1*L2D zk`5VyO)CIPumoM0G3Cvn^aL*(cRv*4=zr~H-!UlK2t24+o zcfZ?XNZ;bh6917*5T?`Nz&$(m?}@=97}!w+k3y6~w@G243v4V@*M>0u&5aB+VreMk zWQgO6tEzW{d@ZZ9*!i`sqDalMx`i|6AGvMfS3^oUv2l>)j)!viiYTg+OgZ%Sn+m5<>`5Av0e#+Ueo<3pA_C8}wiloLc-hqH6LyMs=}-aNx?(_DIVysL1|)&;(YcEQj6V?nlmG); zk!{K6ZG7Sxyc!dL)s^nYcm0(EY&*E2uND5;G*F@Ak8LKB(;$t80$_&V4Q{o$v10@P z5*?#+{jTG`CjKMvZ+HL?W`WeI10=ASj*dUs)r^N=$rUMb@g@bXWWhqi!YD>`Ld+8f zRv`_`nl(SYJ3vr^%-YjP1y;>Lv%-xbAz?}yvaa9}g(96Hx|$uS+#81+kC>pFN4Ax8 z{aQC?&Kl*342GDG!|Fei1PtJ5zQJ99<3m>f0AmU|c1C3sPNK}n5Y9}ECrC#heKh=Q z$cmzHj8np(Q96M<=3P02Q659dZq#8U4@O|nqyT0O_*Zo@C<%Gtm~$JajHln2J8)>v z6*2cHa>=sBdmeu8<#*?Achp#&=M)%}tTH#`KNGZR0#80zpjTCbv}3`}C?C7Z0clZ+ zb(36~f0vMGx2veR?Smyh%pKeECAAA@%sXoP)Gr4Ya#rI>gDzm%E;v(ya?mB6u5C(? zs2oOgntYIJz(1+J&l_7j8d+zZbvU=7fRH084M+kk2`U+}LkBo%@<9QBZ^&A{oqzti z&0#k!KKJBJ_uHVVcgLb*C%kmj$-nGeRuYRQqkQ1YBVTt>ldhfq#piE+K62BZWA`8S z`O@Tq>g0=4K3ewC)bYC}yLGDMc%qj%Z8rxw7$^-Y=^+1c_@|s(Ik{EMA3D!o5s8#F zk}iY4Mu;Z=TI3&EUCNS<@xQ${~wuufPK^PUlU{&G?2Ud zHaMlDnJ|n+O*3Rj1ljUZml`OdhE4ML}w#&prQ^}uA&N&jZvzr99^wx+_2M? z9Z45Fd}xO=Iu@GJ3a!)q;|oZ?6YQ?{Ly#Ags|aDn?kMbbGim__9VtaRHG#_d(0eYL zoekmnE&PujJ({2XqLD;%Ay9>$eDcY2&pp>wTB)6X{`p&NwUurx2-Jqdi$dre+5`y; z3es|-ux{3ve`V92piRS1%JTH4&t`+io%Vuz5S(jy>$KnWfZuRS6tLyS{D1ivhWEmG z8qa z{qA?mmM!C*WECPIRi1n9Ii57iVv+^0<(6Br0K|zVj?SiM3fSdII71Yr3jn(0)P^&( zjGDdm{PWjsetW}$vrpappi!Nt)+Vdlb?n}+?Ar0qZm{#v9{t-Fgz{^u>y~}FeEDZz zZ60}khs{Ub{Z4AilxclN^?7;92g~07vwk0|ir9#1og{COoMse@9%A2qj$aOy#lr0<_nJZoRs3M*e1uYHy z;G}^Hi5-a@1vkxZmHe}BGYYr2-g+x%xE9q(QeEBhmklvO<`Yjm5p?E=y#N0Db5Mpi zFxa)ZSR#ZfG~4LJt^xm=ktRi|zMUi2%&0CdtQfx2M*X(jhz-?(^HrYMaHI5!x)sZ3 zebuWXdr=8OrA4yX1P}0ZDXLKcrfd9*Z7ekT$U+odjLONxxtq_+=MM&DzxYM|a5|J% z5UyTavvAs1NBugp#ZY%vu+MuaA?kvR5k*=gqgGKRR89_*699}#g5uc!F8OQj84Z2b z?{WCXU8dKi-dGU7`;lo4pD#LZuju=8-h1!u{LdG-iw{2X+pg=sw%KCT;fEi(>C>+s zf73rZzC0&7cm5fBhP!quXQnKER;&OBAyNu>etiBZP0<0}3XU9ed#crsBcTyii8aN| z!EdtkXzy4@UyJ-}V}TZ;$V}4~lts%Aquf+|mB$~EEc|2;Y!sS?e$4exb&3KTqNoc7 zO$2*zMw%23*=Ld{nkoUz1WDHvOQ9^JrUtsgQRdH|&yL3)g}!EuYe_27sD*@Rk|Q+% zkkCb^H2LYWgCX%W$*3Aee9%$kk3ttu*UfluCet;s>bhw27j@SRGg0N0;Bm>Vgz#fQ zp&U)f<$%9R6-O=uzM525FcmqdwMk4SH?^f+!h{JZ z9Gc0d(uAvu>e9sl7{V_dDQ7CShJTWfO~5F6@D3f18UOr7M{g31=GXimd*>Y(RnfKa z+4O|oy8(E(prC+VEJ#%>R15Ngy@4PC7O*0S^deOO0YOlj6zN@RNbj4? zX7~Hu`y|&$jfnNz^T*`OnbYQ(bLW=5yGahp);qAd(_&jV=m8gUX~UTj?X0CUSv5Rjgm^DV*=z#(6g_Im5mCz#}a< zv03*JJRHN7+!7R5V1g_1ArqyC5Qj)0B=AUJ)TMPoYgB2=R+z&h6i=%>G1StqeDH$@ z59ZM#`QZFG(v&FxR-fktssY}Luw1_BIZNsAKXjN$@qx*`;Dbd2C;FJPg za?>#eg90r=JZR>!vgYIWpI6e?qwV|hCeHD(WI6NY$Jl4M9ANOHAw@d^GgC^)v7 z@2T*AplQjsM@+;+e!A>Jf7|vURm(@{jt!rT;s>`dqya;V9CG3cPbBD|Kr%{Lo@I-& z@?l8&1;-zg-&zT*KJOx72niM?qq(S1$&(?{Mn@?rRW#{J2=7b>2@04%lB=bQPNmWj z?>=0%`Xa<`%X>Nsfm?h! zDG?Mxs8L!RLW&C`O&E00bP}d339TH$U@rZFf`2ye8~$AhMcmDFV7Ob0a-P=nAxu9hx5eqc~2VEvASe}yI=f;xzi8(ort9Q<7?SFWVb05%SxDq~<$>7#&zE(8N%MN5~%hDRd2 zQjA0%Y^~h$A`+QMNMJFJ90rU897Utg>ba~Ff(n6&JPS=NgRGD{KKZXvwQJYrX$IaD zRL)5ZWl6YzWtZ1$hjLCU=gQv^Izf>*LNt*>iZ0x^=_GSnutJVd0Mf#vj5%+R@(EFv>JsWuKeU5!bG;hA3(TTBy+r>rhFWIy6_qjqYR}Wo@+xk7xJVFF+^M$5=fbA zQs8-Z_$y&N3x62g0yQ5I!6=+U(-KSRIjxnJEf*lHGCAwqhB8CWG*KW)XJ^3!Ly%^{ z5DeY?_+uh9CtQB~8Re%2c$SMH3Uo0i0oD{^Bjfa-9Fzv5(s8=7l5>QRv!-ZbON$Vn z_Tbs$515nz**Xy&*p;E=L?KCdwLFyOy$rxaj*u2*h8#7=N~y|~Mp4VJiIBOR9)Few zcz6AruzX|Ef2#V*mW<-K21ce&AQ3uzBX-J^DL5zGRaafbk;~1cl0>L^X({2AgOk!< zg+Fnb1<8{$b7U?+K~|8n5XkA0Fr)eL)D#dhidUs%(k%wa?AIudjon8e5sUaru@39+!H z)iN^*!<8Kiqfv#XiyEUip~Y57I^ndCm}rPmqChgi3b|})am9}5Y*kpHCKDKu;~6LL z=*U}sHH7ksNq#42Dj(#Ui-OW+2!cTZ$%?Kd8r9TDlDHZY2=LrJaM+`UA)^qy!-#iU z**Y!Z@IyX!5|EB#b3^qp%Yp+i-bU;obil*NO6(p2i8%;4++SR z%(bCNLM#*n7ZP#?G$asevgV$VW z;jO57r9xLzQ_ga(38Et>450(h1c|6FEj&83jAC+9{K-eDDx#vmL&Tyh2Hxo+#FbW` zQ9R?HQKbr_^k5j3Ls~HmY5I)*Cj5z5yL#D5Wg@wn~r=*AOkE5atj=njnmvFeFW!|5p65#T#y66jZAw zhe`(Cj%*>UG}LMob1Bdjqx6)jqc4V`v%?>61+RZ4CZI629>2_RxFTUv%h2qD?RAcS|0F~^UT$xx;~Y7G z=+e>^j~a{&@dMB4&C$t^zx<#hOk{;0rGy6o33;tzDBp&egy$FmcK z9F#vo2Y)4_R%xKGQ7O|UbG*@&M9E8t$=TtLTTW@zEm^_iQ_h8wLh!W&o+XeBY7m&) zDI8z_2ub7bfWKCme3%jWkQF2VVNQiV`plP6bTsil0e>M$L;zQGB+6fTDq)5oEs*4> zVezq!a0PH7JX+Fp9(GK3aW`Xyqw4_-lPvB9&h+W2P=5lDkbD} zrAcD&s9`RN)5^bNh%FN6I8C|;@d?30%!1YlArFko7C(&sL-7Y3X2(RBl)$tmoJW8u z^bnv%SDG@B5CxzRIJE5G=m--O964&TMIyue_#;6pypY*AdQsq1gh2 zBwzspam>>S8b(pmmV^)6%yqMgg}z$in= zm4+Dnz|hK83?a~jhZv=spJcA|XdQET&=fQZk0JW%!oxs<2nPSOs3~np)MW~EWkM^V zx|lzx)y{}H3V4=|y0j3s5JR+dt?+rg zOdN+&W7J7Z;ZTE-Ej((N$TM2I62p}=;T;c1 z9Ay~gkCl^#G@TIgqfv&?WQZ=#)ulzEwEv0tlRr2((}8j7L_oHbUG4sbb};tLE0E~MC%wt2yFUrqTm3^D7HxCiWX8njt*UArBQN#(FRA02Pc1cvXW19 zlnJ(CXvJ%YR*OUee9%Hy=J-^^e-r+|A`FGLgRQV~@P~nfC*Uv&ECK{WcnDYM2!Ek1 zef*;%3I5SU4G+jQL>GpZAu;SP@aRY%2J-;^0sK`S=Wzd_uJB2L1?rz8PNahlWK?fD zJcZI9j(^9F9f?W?v}D7=h)9AJVhf;)oIGfez(^kjnZTe!iO^MxHwiJ32Q4^1cj$nCK4*)e-{2s93pe3 zOv^+xcOCN#X?^K3Q;5ZNG*L$4%vW7n+huOqpnybh$xyIMLPX1{ts@>==_5oR=d?&5 zm;n9({3!`)<6P}Os?|XKb7bl82U{J{AcKS!2`xf(|4{sMpYRZgs5;tVl$p}fCV~Wl zS8`(5Bk0nyxk#cenlK0%(yX+d;SeE11cKlhm91hige^nbeU9_55|oaHteoug9R4L? zRHUx5!l7VAD7hGHQHB>otI!A?35nrET^N*=ITDdGaakeMl<8_}n4p6YVhXge8Z*4vV5u4B-*drByf~OjovK zf+1}He}Mop&gzH{;D1i`AJrs~3ROT>K?drdBN0ph**S!@i*iUJ(NPRs=zyU%0fds! zO6QFG|8e*Sck0wh`vPI)g;q*1+9o8?f-$5zaICa`+CI>67;Kdv=8z@>gM$2{3@I** zGZ}bC0S0|+VX##!7`pIiipL3Rd{KsXu6XTORtO=orA5;rOeD$gQ<_L1G|`bhjH1g# z2}nVjNHio5PO2C>P@vCu+xcp6ojP?8Dsvf19|g=E6FUoQz6jxAoUCB}w)is(W=Bhs zn!7NeMd*;`MHe-O1gSKUK+=Rk6LRoJBIr;+?!XAo5NaTkAAh=v;r{8}9`2TVE=RRX(F(A&atOShK zm=)D}Yr){PV9o~^XtMkyheRh;UNeyi9>k!7PYiJ`w<;s7Ab7~xgA@o85kuraiz`}2 zF=0ra;WeruaqhWf`ddKW+a%4u5NtWf`b) z1~}~XHCwvy2s5>e|Ta@z~CT{z7=})oRk7#kCjR|FCD2Bu!+!6?Lc#SG6c+~ikJm~@bAe$< zL6M+?A&dxK;pj?E3n6rN1WnfQ0E0u)a6Bk9EfTe2I?c zw7tD;+gonADf))~JF{}%iC_>bOzb?ZjFl^0EsR=cREuQ!wCASdUxAoBDPbPFvHuG{ zS^tDn%PCtb3=%J&cp$EXNFYXWX!|xf?j!R@cJAJzN6(&*Kiu`reQxVaqo7itC6-zk zTtVoNg9;rUiFn+?OHEOTD~Dnbsw*pbb^> zvFi?7cf)-7Vp`+IpKi5&QW8Q!IBcDS36URvZ_>s$UfIT%3iIcK4qXVQAovqPCa1;U zvt~lS7Pq!*-TJ1M&6-T!kx6R)hI+&oAhdqC@zaD&jbf;;FC>5msjfvmX|AkE{_}TtN;~PHy z$w?UJ`SGW#(8`~#(x3~`B@Ix8fsil}W(R{6zv#K>xh9QYS&){8|CX_R$8ENPLa0d- zUOw@_Oz?)>n#S4SpR?)tS2w3w*Ny@QC%+H>%=xd}Kn*u-+VuMCdyQGRlSR@@e~tfd z+<)@wM>w3O{)zP~{5^-h=zsmq?b@|z)4ExcUfVNW-ptr%Umuv_%Y7jEYy5NfAMjMp zr>%cfgn#;mfiM4*VttVpLzT39&s>h>CV5Bn2-0PyihwS146&l6 zi%Ce-f2swC%MU^{(Xr&Va~Q%g3L_nj(v?J>)AlZ#vcCCiqwX#jB~7SBsDaZHr|jx zzrx=Yf$Q$?&+mL`v4n(u^9SA2r~T4F6W+PJY@u7`%=Cs9A~YUwPK!?`H+<5iMUF5y zs*o|Ep?SAQL^%um@dn{dfliKp{Mx5R|M14F)vc` zgTa;|8Mt_X@6 zLYbqlY>^NeLx_~%QAUUrbn5zN$e4w%esp!+$8M;Ax2Qr9!PYYoi*P09FofGTx9@}V zn$8^>%~wnq#VtZ7oU%fQ#0qH>JU+<>2EvM(imGY2pFt=mw7(C3e+a+l{MeYaT`t@- z@x>0W48HWr59<}q&4H|hzY=ijKWG1(<{ejk^z|#}2jyZ;o+#5w6Gl@20T_}*QV{$T zw|({g@(%OYKV2m#b?=TtVd31jMO^E{Dau&T-MK@GDHYFnb49Ajfvz4 zwv-_SwF8~A`o}rs;7?qVS4%{OXoY~SXmuHdek=Z%3lQ?x1aWfe`p@0}39aY_!~a+H zZ!Lqe*TFAdtEE-6Cz5;ZpT2A5C&qj<6h{}v17-9pRG)>w~1q`zZmg9JHUfTg7i!;q5Ck3au}G%6}MB{MssNVWFE=RHUw%l7#F8Q+f? zx%5B=h6lf&0NTL#%#0nF2j?6d+4IfC%cdi|;f5PNT(pY^b3uk9(@#9V_sHij-4DV5 z`{s-dUVp;$0S|rp{ZZyl8V45-={a^Ii78tcrDS7c9kCERL6O6sh(C|s7&`Xz&xa1h z_=@n4Ow8eL-+q0$`RQ%a8M@o!%8p(CVeck(b@ZCIF$P!utbOnG9=3e>bZ$&1?9PZ? z{ROII*sROwjqz4l``kxn4}E~qj=lQ#Y0_u@UN^!V&!M@)Ixy?#PVa9^v9=HLA#E6^ zRg#j^Vns>;rRqyfmMm&tY{Ael_^zFZWsb z_}rUj4Q2|_UHT4sc>{Aq^XSS?KU{neh7;CLbKbWn*!YRzb7MSQQ&|7$jUg?xQ0Bv}h_}YmN^7C>b;D#UX3rtqEG_+xVv)Su?ClQ&zd-(68ciaK6-~X@2v;?0o_NUps?3!uP>)j1;*0)-{2Nw-| zedh8xLz^_|yD80H#USe|m^oW{p#nS ztOJu?dx+(3(&V-6>DH{|RtXT%k#Ovgr$fX&5&xWYCKSJK=Yhk=(n?k?AHuG}q>TT_ z=5L;(qN1b6FFS<8>?14R=-SjiSe~5qQz8-F`@S0Z+Ki>M-fY_RNl-cte=7~|ky%3? zU{am?yfEMgllzY-^BzQ#j4_o81!tyaX7UdlGPBsAvbN3}#jKh)Z{Fv<1;@PB$9Tqd*10-|}MX(-KZ0STY5Y zA1Np$HeK4VzB4+nmqMt-r& z@9Z@kwV!^N5Ip4ZIS1U7SHgx_&yC5NykPM|wTgvSZZvrD>P?%LJR3H3%(6X13<+{^ zRKbvjgEf~7Na!kIVL?8~QKQR@=xR~vmbtX;?X_0E{$#gti+_su@E|DSg1V72hpoy) z+jVTg=;ih5R>?U0!_*%xeSOr2!-upj7vd{-*)44=n+h#@zWH{$Dv?RkpBx<0_Vv-D zhuxU+(Z?%~uq4?T$G-hy`0k2#zx8U5VhcwPd|_RSm*0G@$@|w;vbE)z0y9+{OAt?Mzd;E`yoZ2*|>T0 z^v;JLdvghwxFqHrlO!*A$)B{5Yc9fHo89sFXYKj&y-iQ`?9}1Ght0%ETT-oKiA#bF zizqyMTlXK{>$i$6b@R9$Z)JV>&8jtH`!{ZATt2J7GE=_Wlx`j832WYe{LQ@|e7$P@ zny+p?FsS{=6&xSrgCVG@6{PCs#~Hb`+$Z3lcF+u%JfnZ3bx*xDJ01Kj9q^C&^`Dc&I#B3Vz-Tv|4{KR$2fmP$b zYj{bSxbN?Le8>$S&tJdkhfiA^>3PS8huP6WTq_ri9Fx?1;qsC73Ryc&Sh)Z2vbVbp zivR45hsx(=4s@gqj7)@C(~>`oW^@|-ahQ~nmgzn`c|;duI@GTgwr2F*gZKY;?y60z z7JQgAsK@Yck8-`~$@u=m7r(f2()M0GB9@hWlnIOgRC*{NQF_PWU%5$-J`HC*d`I)4QdK~^ZS^sJKp-1lj zYR&qwFW=ROQ^g7Uk1>np&z!wr&Ybxxc4l}ud%oL!(4LPMuGzTmYpUhmcYffl1$)D{ zHmtLzY^XX~suZV-lN^RlPz&R4!Y$+QYvWu=eU2C_J8I};f6hJ2iH0V0n1c#)V>cxYzEFms@$vfvwU3%1G_W!hr?&8meygGaW z4|p;>95zAe#ti@F^?HSKidU#^Od;3kC zZta#$81Z!X@rS+PRT|u4%%t_PzVvP1EipG=Rw*dBP+4Q6n`+uAB_h;_15@Rw+{U!v9ns)@P)rGE2n;^u}dZosW)fj zV|TThw>{O9;VM(y6fY6!O-)bPzx8udt9QFvX@`#mRlE7Q3(XI^6WCR`H~rw_?&X4g z?wqW`6{=-g>po>~F%uFQWpd)yPcc1v-W-t>>nU>ajTai8^X7OCZF~{PKi_ z-xMJOqK~7@uqzb8MkHepA8PbdxVixf~F8a!}uH%c1FV>)uSu=OtA?sKQV%36p zjS6qpvEpMXv-hr=ShaW8+Ww@J>C} z!OJhd^Yu4oWt`i1vcrm2Gu4YlnCy&*T92EZYj-CcSocGXJ0GmM?8klXgw=yK4Y;w! z!M$9S_HSJ?JmyeJ?Y2)eGLyF*%*ye*xl|p~;~JBZn&b6{6*r5=4}Rc5 z%zI+V5k$e07^n(8x+Dyq%KudOhZZ(_Mm=)#&G#guT0Q|v;XaS=$np3G1sz*6-t_8oV`NIax7dGLTxj@g zoS;rzPqw`YgcJ&i3XKQ~^_iT5YiCg{b;44P#D%tc=1DVa*`5@)-#RBUk%Q|e+TOU^ zl{Y>{%{;J)%HOu&l^0+9;%h2D)w-Yy0sO~5>+#=kUv`eSP_;X(4PnryOOk_gAIPiZ z@TtPndXZKB`gazNQPJu5|KEfEZ?1nkRb@-sm^;}zi?01gauo(Gnil%hl_sBiuFAWO zMF=sBs#>~uEL*p^*)wrdV(uG>nQ@zkyf+~!J0~oh%#f z?U$?%?NIlt23R3%#fQ7>_sm?5$t_vJ$wo;ni0) zY}jhRfETYVM+oLuz7QWQS*2tD=Nta|cx@D%6q=T-0FcaKNJ({r30+3fXGk89h*9S7 z?16ds$1fec@zVd+4&&5l@8euUHy*HV=I9P_(|fmT_R%43lzeQlC9;y@lG8IXQ&KtH zU0(a7XRND%)EyJAYxThXsM^ujHLPj)C_5)Jtkzqt%!K(1zMS?+%hy|kCR(<0RBlOz%;9EU%+2l>(yg07tY(v8#l4V&`at|ES) z$5^-iO&-16o;Y#V9T(s-+s)@%Ii4)SM_%2x{>KX!O`o3Br|W(9G@QF={#Wms z2OCx7W1ehtfycus+2u=1;n$)Ek}am+X4ccIxAOOAGIndfK+XinDBzw{6~PG9EWS>gK&S<~$da-&QOxw_Vm=1wTGr5*Og@qXM;j`!^OwLq4nIf$ztod~ohee}!%%wfKdJuW8l}|u_ndp4Hr=$N z*Hbm$e(Nn~B64 z*PtN?&C~-U#8PMQR*7TOH(J|rS*ODCm304*3$5jR4CbhiP-{1x{tl(+G*2r{HdV>} zXqoU0UNn=o&`R=&P-Zv1H!kkm58A{=Q6_u;qXZrjdHpTYS3#_qi9dpw_*(yz$9=9U z%$7*xcV=jGf#>y8W8eS!#$?5;I+IrDrqCYc8MI2ZgtAVDs*IPidc8ijn9bs<{-w#|@AX1oX?2{wU)k9hDJic9}YRie{Nr1bC#MaX4^QOT`uK0*`CNOeLQ*}bcDOV z+r9%sv3ah{*=`S*IM3HVE-VyLHjUt2*bd5p&;AXj2mS^bv?;WyOoZo05a4;F5@9{# zvVIU5??2GBS*D8qq>uz$B{VryS8-g1=M~!lTby1OtO~>M*t`!e&c6CV+OGZ#ggh_sf&= zRpp^NBS~NkT3Uc$PBJo*#oAPThQ7UPz`m^_-pxN9zWJJ+H9T4O7ZE+Q6sAk#iLuFu zg9`O3)w=9)8zKZWvx+Q!E6AgBgU?fU^TRi`$%n<@ptI)ptD*!Fz1MqraW)rPJ#;&F zlu!4Phpn~%eVzxH`PcID1RmRCpUOQ#GJihl!}{hpf3Cv_lw9xaq$?B(NXGq4sFMoB z0ZZ7N`R!@4UwuU+e4f`*a@oAY2QF$>n`4N0UqpcO-rNrtgVmMWSZL*zT6618I7D%Y zRMzi2JoB%ylDE?Y0Mpdgy1Tn+4)zLT6=e#%eQhy>03W78Dwaf3Od`oY=Kk*(j}Ds{ zS*Hr}e2(lXkTNN|kVdVpN5^0Tsc^*?nJ-nX-F{I~GT%Qsf(wV`KU|b9>NrLD@*uyq z>(kiTMN6us#zrGnna@&)z5_Ln5P#Kom<-0`Nk<80rpL#l;^ghJg`NWJ+pi|^d|0J< z?G9AS|G70WBiq^Nj69~bKEt!Q-bQi*-bP+mYj%*{`^!1Kdg!(41WQ~GXjAAUTAe+2 zt14^juAlzde>fS0j_Y(YKL^;t;&sIbEeOt|8G{|5Zf;BGrYcVcsb@BhuoQh%J)1ya zb$mwr>iG!IPRUKAhDYSlv4CZEi{CZT4}TUqD^QX+N$jqFFQTi;U$EmryHyr#r-VC2?IW zmA{gPC$|P_@lm=K2DtHy*&7N zJ`v?`Vbtbs^XfnE(dAn`oaXS@@lR)bxhk3$DQC8_F+!G8{O)qZg`Da9{@5+f)giV0 zlA>LqhQD3(i|5;x-`+_$NoV_4{;;(`%J~sb%h}v;m;dG9A%M$&(pj~8x{^!BaX*QH z|C*BDoJ>_Z>&NwH>~|5I*2BMA`Q3genl4*`cPhxl3bmWdx1sE~3uAm74lY@_%dTZS z=d}QTwLsUy0RESvOiG5!vF&TKHZBi5%vJ~ zCiM1>@r42n3p2_DROMv2eBo=clBR|8cKA6_n4jPQI9+TPIpaC|)_1q1Ws~hr4Dl)I z_XRbQ-HRP(507N3HE*R{4prLC3gedZ7gLA*Bt8xjXPIs!%;sOgF)bamS^%mmGoY7S zD`E|A(Et*t^{Dq*|Ap;2K5_<@*+gm^`CFO9_c9Ddig=2mC^Ejn>+Yc~rDXBGs&7d@)}ON^zOo)y_AcxleurAk zoKyj_Fvq3j;26yLdY58Y735l>KQa-Iy>y}^6n$4XoPA5Uy6RNr&rtL$p;RH_1q7_B zChn?dskz`PQf?P`TG_lm(QBr@ z6Wr*=f1Zm0Y#7$)cM>;*HP?gfB~&2=-3-Zlmdaj+UEf={k-GqSEUE**&04wrzjzKl zzkIGW@B$GPFc-80t_2G|1NuLMxh8H7(&GHg6o_I|yKB?C>w zj|oGd-eQ{3Cyb}X)4QYmi_W0Sa;>f~H4~0jyNzBzu7D;jydiElFJ%{*PKA%=Me`Rn zk5F=1QjxQYI;^zkV!7J8g*P%E5?N#Rn$=tViy-*wcXo1e`lnxOEl=Icdy7#p$X^cP zXZ9%0FP-*^3YuaewSWm8E*${mQtxPrjJkR=95O-!@rjN-R6;+gs#rJ($Sx*ua&po^ z<+iA%!Gf@lO1C2y&gjf;^jmH6tt5*<0cPJ&|E>#do)z8)-XX+X6 z2LG6m+)|W1;pfok*K)H!r6Fd9o-9NTWoEs`VHj^S{S)i6H-Ty#n`P9>>T|m^F;sNV z#F*7Zw;)tD1^LbbFO8Q+fUZ(=H8COM#2$MiCBu=OjDfP!^5u5$S1hr@WHX~pWUA3d zgC`ez2*DY>fT)bT!ksov2=tqAz%j7MrD6I|Pb1Z5|4*Ws3?A1Y`oyrJB=Vqg;rk{|<0(w0b0~w}W64aX((aO&aFaKo zp`J;|#IjDInB+tb+TKz-S{2zAuJ~*3E+StbLTkyhARs zLA$B!+4sq~BL5_p6aJJ;_HU`RIg4xT&YD>94Y83aQ;nt2C*uWh&t7de$^wj`Hjz>s0g%rbs~=1z&h14@m*5P zvAO{*#-v>P$Q0P8dW{f?5c2_I*@kKd7Zi)XE{E|tJJJ!(Kl;&=O8!|;jG{(g$I&ZS zTcUPv#h*md>v9he5M=Em(W-Wd%q~!bv%L%VCiIvaBM*mTgKh!#^^3U3Mw{8aahY2& zRaz|HXG3}%KeIekXXjK3-@a<;Ur zS}E$zxG7FFEZ3-$ld7!hC_GhAQrtlM0RsaCb-5CEXlf22LE2E6V7X=)y08|Ws=uk& z)NDVTaOhYv!{OfXA(~RGV28+H;_AtXE$q%`WBM~YBRedEsnj0M`^6+7kL%dSa5I%` zCFw-defmhr+E!%uO#Wb;=etnipAsr^hFOHJuMxQKQ{dH&dZ3P}b&T2<2!zS1c$o0$ z^+(#G(HydGn*YQZxG9q>q|o>3xUKhvhxm-(clxoWSb@VU4hLgwt9y|3Q|PKZg~E&i z32^XJoi<{4d4}=?_}F2RHd@@JBSX2A#LPw1D3-hO!Ux%8Z50|dhhOt|Nr}&(be?*- z7l8D58$<9fg{(dv^W~UPApy=*KYkwKXey^584fV%j^0g0yq_uV0K`4UOT1vu$n1s ziKDvR7f@g$Y^%+2^kFpvJCS>#V|z3nXo&`I;VFNe{QUO5bdJFa_A-(7*w= zvFTs}(4k?xhDxqWpmYXBghkNlz&;Cf?R|h+suaq%d@!N6sKl-ehR&kfz&?X3)7SUp zZnclcqWHXy&x;5)8GK3#v$d@tLAEAj@}7aT2^ zT3AgqO!QA?sdVJ%`ud?;Se_HOucW0fhdx1iKE7e^OzS~srM_=^OMf`&`RJ+F$7|L? zLM3aLa_OrR=taWSrL8zlwC~2=RM&siW5sjlLZLMvAnld8F_S1cgE4#4zPD1N>}aXR z=4tP{$S5#-_AsD96}t`k5PqtE+%-W6nDa1vKI)quSymAtj6i#!zrW;?F;yh|F1B`H z>LJF%g2K1w%B$EHuu_q66%M=0;Dl_02!FIa`$Bx{#t3S~Bn&7h>ElKE%%5~s4WS91 zhI`KQ{aVK7dAQ2t^|lt@CcHS4n$@H*TQ6{iXKJO|BXd}K`Da}J~t5AP#8iZ zDu+VG0FO&8oW2kjT{i?tCo<-lwiG zqnf7PPKGE-8SM4@+Cv=c$ex?(N59QrDD%Lm)iny8YNcac?E-}pa42b%r*~@KG*P&$Q=XFP=D}i7{5@OLfx8N(DJnhN^E8y#+)S8NUY0a^AM_a_V4yleSVrM`?gYSsJ)f73HAxs;q>Zjgq z@O2oZ9}#i-h#&)>h{&Gs>**YM0wHuFi3sm2?1>0sf|{HhBH8v$VZ^pBF|)8`dmX2r z-1~Q$75^BeGFqw$4&IaeyoziOrZ|_8Q4(So5oR>0YC}qZSu0%#NhK)T5u)ffhtNMs z*gUes@>^rAD6%S~$lLtAwedi$$M)<8@9%865b9j2(KtZ^g^9y)s7E`l?;_G5HxdK) znd9H%;|k;A83$0MK~<{3ArUj7X)tiJX{b=yQU>|I;R+SpZU#pQ`$ew|9k8dVH%k91 zVj?P2q*liFC}p<YJ&19oqT8BwW0)k&Hx{90>u3_wi8IG?Bd-8U{VN$AH zbZ0_we*zvzdPpE?%wa5^w;}_s`JaIOK|4X}E?A81LCwVzCxN?8WirrLQNonC z0W%VL^SK86T~RRngMcRWX|*^RCpa!!hng(+$6w)kx#(KjGMt(nj+>h;QVh1RkWAZI zC>JFF=fMKpIK}mnc6`Yx7Q?6_V{QsO`?2`O13i7?J41v$DtMu?szz9!`*tJ`)oIZW{$QUsx6?FwQ!n z`q`!B3-a2-5gMMX(quB>E8`gk)c7%%k{egk1UJzzPDy0!8(D<2Aw@DIu?U6;c`GvY zK4v_~!N!Ij%kt(4S|+KigzUoa+>OK1T2_uHF{ozRC;5mw@YIbVCTC*5anM%xYR!_d z{UoHLQyHTtoT6AeD4Cyy!J$Pvc${&=Eb&6GDSqinD%fXoi@GX{lF;o$LlOu5o=MOxBVWd3AE42r7HuP6zX$Hcx$yD6*tkb3 z$lA+=oW$4W?nnip(#hX(zjMfIOOU-6R?;*|9sg{=_-u>}g4pNAA-x6By9;hZUYF3) zKs!2)h4m?M1jQlu2VDuK8xoWT5H;t6gIBtQ$cP}wKtw*q^=~~Kq#0P(7%7hie*{fz zOOIH=IoL5gK3<$7Fq?ii!<84J5=nz&4zc({HVICq_cDw4LXEGhu?tVcxbk2h3aW?; zpRyz5JNzXP&S-jMW|t+f+R@* zh|&SNka2W!LW z+FY`*?Dvx~6nNNg&);y;Ex+Km6{VGk%aO*Qg;Z4)J|Iu?f@Z;?xKSO2lTlGma6>@- zOg=@+z@Y9mE(Ci4TmHNigV6G{l)XQ#uFO|8$=a-&oGHgL%Vv~&LX<;F$wG#M5eKC( zzJB#%hgHK8*-{mxaJ>kF=h4h8s!z#-A^M=A7f6sU9MfXI&Z)AFMPfryGT&Z7Qjr&- zn@U;nj+#*EBdQOGkO-!4E0vhKZrdrgYD&X|mnOvV&HwZ=?u+mE0saj3DWX%gq~{Cv zCG>IjXDMO4PE^`)M2VPC{U@*pEG||>gn4cvVE?bE24y&?#+cxH;ESOm|Cv;B^Q`lP5$ZF*{Rw20}asOMnF|lBI|;2$$=J&>EgX z{(*R?*@LAi#q0U)>NvaDOBLGlSy&IA`i1fqXLCt-*1k^2sUY0rI6(>yLB!cO)m4c^ zL^K8kr5&aeI1GPYO1qdeVdWHxn%L#3y*d_BZ4yg}p$&@>mdzL~LXm7yQbCixE%`z! zJbc5XgP6dK(6-QK5~}NxY{5rE!j~VdQ@K4ms|CX`T;K`S2M;J^$=nLzQ#MJ)c5po~ z@cdbwO-30)frP7lP;6QoI#VP&9)Cy|{!Go-F=2HR_`gPJ?b>2_oaHRZKnbfMFXsT%Cv{A1}ThR&@u@lu>+s7&3#H zJcTMIVc(3KyL2*{?(9#6Z7l6K@lQm&KI$XN9I2uRu2wbIj)Gtq2_oX5RX-(jRpEbO zT}kMCVMQ^Sd^9XPk|bg3WTuP-iB8G?;&k?DWG|0-$6hRso?UUNQC~gdbp=KZ@MwP) zD&UtEh$28;qiic0L7tL8_WTwNqZs5_DMOOd>2;E%8Te|0^SPv`1L@Kcx_`@9U_r+3TNnbol9t|7!>|Zp!XA{(mn2AL9W8 zAf4;ocH-ae;QlM?X=PCQ1`heZDz6`Dw;qoWc1b8-S~K{i(A zZJ;H-1SwE)Z~z`xo1)>!i)AX*j^1x28Y0_W7bLAgpdMl-a&mGRtY*&!POr-ZzvtJ> zuoD9Sz1{} zZ0@=ob1bj#qbKr0IT9BJf&&=mvP_-#27;4Yg1z`0))Tq>Z%=P#k5`5bMPA*#kd9|mKSHlD=W&SAimb;`>%w66*^fc*xra3m_)wT zgFNZnN%~I)&Z(o=fYp!=xHENoM(>+N4jITVGagJ*W)E9J11KfL()TK~=K#OPuPTkh z#?d+z7YY#sCvV>09qZWgFS}7?I_MuSVfCETdABFe4#rghHF`p~b|jBeweoOK3j+F+ zI9w+=9-M;jbNEUO{$CR?`0>OU@to=T`qxY%;oJl*|yPbFG=oY-+)PiwTzN!k4k zUFrIbS9IOuM>TUi8#_02gF;6RG5@)h0Q$KqRKq)I9`3v+IRLtW%^3ITHT>lwZ#)CZ_to&(NdLza}|JbJ1o-EBJ6;GVMu7Epp#?x0xrV`(90n z??(4oC?~Mdc9KgJZRi~^3w;?C2DKHhs=Er`8uZT6Eqr1xl)C1hU)EKAa?qX&rt}Jm zOaT!%{cJd^Tf~C}03{EDFymVt4bmAdEFO7zK0~CJeHH+S9Zw%XJZI$H2N=~8)U7K!h zx>-`#__gvv{zF%sw#T%E2Z5;pi zNxjyDn3f*X4OYw$A=-I6I_!!7Hy4vcXXnJ?$JT=NQZ19$B{+n3TXEJWp_6d|zpy7& zJ8#R|%yhot5rY*|{N;*Qktw~AbufCF7jJ7t?Z?(pA!Y~dXC_Pkqvf?jX3rEJPw>%h#&+gev0W$i zYQW+G@5T^=2hN7ea8MY9nA89DnZomA9xcSjuWM2}O%mVZgAa$F^~BMtdaxmnUKU_{ zxW8h*mCJP{&mepsh$YFOK}~h`9&o9UWQw2P4gb5R^`b`PGcM-LEej#DskJZNO7N08 z@#s3WMt%~ey_xO%Q$t~}tRUgz%imPJJnxf#pG28vzN{@o}H7DnUaiPv5;8)vQCegfv{Q@oSxzSi_O-vxJ3Q_bpcL;Jn?JtayXzuSJj`3ifYwI1=Q@(o(u^4WM{ zr0LCllE~=u!Cj)t4YX8g8t=~U6|@MUlN z`lbDp%oaVtp00=<;?v;o8@GXt6hAH-I(9maPT4tu-VqJ zgCmRW3-n$k`1r0_tsoxoAmI@vsoNHBwTR z3U~rf&*l%+>r6J7`(v!d{?p663p0D|=cKP(58ivl2=HhJm(<91gaSuGAl~N7DwpWi zixc-Ix;wGD`wOB=-Otk^c}Wn8oT^^GA*;21ddeLKkjrryF&)c@Pn;Z_RzZUAd}X#I z8Q4|mLTz8=be1H4svTEk@0q_h#8CqW+g3tuBtGu$PMhQFY+$L}P(LinP-6G${$qD3 z&u_D?gNd4MFg;v=hxOe(pIM6__vFoO(gNq+Mk{X9Zo0eeeA0`AVa4mnt9r)|)QKR* zyTrogtjv*$Zge5<5Sg=hc@ino^qIWI^4D~n~;EGtaeJH;+Cd4Ffeb#l?56 zlaXdS!E7h9;Ir!B2Q&Mg9cc(X&xq-GrLz|wNduKNZ$r8kv+9Z0b6NCmEisH)s`=nZmX`IC=ZVm6GpH*Sh zr0)0}j@rpw*m4HL(Z^B!_@9AFl?d%6;x%KlxtE-yb-f;;as4QR+>Ph5xMl(N%GB}j zb>ypRd?&&0m+H$Iz0F-Bgv;fs&Gs8@ma~8N!XP%f3Bmo#|5`7WW6`S8NPV{u01)we zyMpS%LJ@Ed5!5=i)lo~pbGpAlT%MPfKYZDk`!*Y?1V7ivk9Xl3=QK(TEKKEx~^yQwn3GotB%YbehVOcU8^o#)Q!ZE$znETHnV3)Q$pWrg@mr7-vDW zSXCGV$$K}r4Rky@{Qi=3T+a4ihynHW>3w)V=qN_hVb%nfnqO6>)w)|07W>G))6p%S zvBjL~`2;gL2{@Ka11Wk54bN^Vugb+=w7U{yBMh z9rFuiCe7)G%~W|`#c$DDXQX+9ZO@ej+;m9Xg6reUT<-rQ~oPv5BF)!Jo7?_wvERs$S^SahlAE&)0^Ja`{!M2OctmAR}e;4 z*9U%!ksyD5z*Onwih{?M1ThcK&cSJ8wW)b5zM0(p-6F+%cniXOj1H{DAB0Hpon8g* z3s7^tYWdKSeA2uJG#y=cB}XMx>Ri%sQtBrvbeXYN+wn+ir-Q5~!jDb-p3_^PJoUuB4~oe7rk;lF9D|Cht)Qjj=q3j_w?c&Wy=lmcFg+8@WtfEw?DFX5SB_L#lKRNmm!GK%_Bh`3qN6$Yd36 z$z|AB1HJUo0yM>PY$g}r8d42rh`rA1GcaOWA3@}^t3H(|dmR}+M(beGV)cd({EOEe z{7lpG`o;}@ZTWJVt(9AQXduL9y}k1CMz^we_wnrBdf6e~Th;dM3 zv+W=7*xEaHdw}}hVR^Ltm-^vs?y9_A5m1)$a+hj%g45XX*NutoI$(BM@7Zok;wW_Z zvxBbCwzKUY|9E#gk*`@2wA$EGscMRbJ9)(3CY#OFXH-r1-##x6O=y98wi0;P`l6`_ z+wq{ftVwxMV*l&gj<>6O8Ky2yhwXvT_Ug8eSAAe$^O??51x{8jNuAHxRK13-Mun54 zNgLpp*Ln8qvfR|T`4X=Cv@MFni=*wP0f1cH-6ET0y;;=Xjts5mZ-#V4-(NJ9Z#X^R zZ=Qumf&;L*Dq*|cto#EEiTED zwCNT1pkv~VSW2+NMa_ej3r;JOH@}XT4ABot7CeSF?MUK!x~FGkXvL4b$n0UB0;_M{ zaC{{-(>g(+@x$>|Ww7$z>PlP}$eI!XFJ9tY2$RdtRNxqTS9Q=}uS*`RyTq?`p|0q5 z8~b_u@R_$30l4@SQF&9T`@6_!r)727vYdx!aY_98neyy(87b1=g0(}i7vi2nvhfdK zb322gzn8=oh3}55-e7F0DSf7{7#cL=utAM=QyuVci&C~kWZr+H5W$5PSN~*6>A z?{;jy^)|PrxeSxov|Mk#eyI;m)F8d*Na|vJ@zZzh+8@Kf7ohh^IP!J+miv>C>v+DG zY5R8Q(PQb;_g8F8DAq0}r0!pp=)9QcZok90sq>j8X+Jy^!ngkZG@Q`x#__kj_B{Ko zr=>c-ss#7`G(bnW`(>osqXE2 zWD(XL=}RB9D=JX%NEPIRE^EYE_m|Q5iqozNw%kmrHFn)UzZqn8?H;UO1$eKM&-1+Q z5FD)uJ7_mvwb6210-1R~Hq{j+6uqX`-&w1U^m z$UF2gjW2jW+o2~Ou1`j8)K9h_d5Urumo)+|>kTy?t#zlNf_zRl4|>oUql)6o{vJK= z{QQi7%Tw{eQ@3}2-P4q(4Zc@6Sx2=vl;+3rPAAvh!}8n{l*L`un+(@)djZf8m9R$K zNKUM~$*S@37N3G(?@U;qC&9Wn113U8ib94fwMOr(N(toR{zqu(7w#@DIE2_}uNA{? z0v=)1-0bxC%X1h<2jlKOh8c?!`q+vzV=<+QmaUm^>jeldErU*!phIN3= zHf7G+9M$6d*(G}Y`F6DhBCw`jhL!sI1=-U2({Wp9GPC=YeZL4VXYw|0L0Rb8g4}Sc zR1?YLxcf-qC*Ro1Hf6x8urky-PEcQ=f`QNuFvf`vhgj{oMKVggk@Qng@w1fkE9x5O z5|YYxwM~IsAXLin18v#DwuU-plrdlzsG!=c08PD;Cue@KM@{o-7L*i7g09^0%#_DW z+mJNH7%&H#fWn*C9iu)-*t}GBmbO{bl4N#E7dr1wlPLICL4kmc`8k}_aTokKJOqxL z9{}rUdN#{;#Hk-G0GRrc-vseoH`6j$f`zkTH(H+*Bam+af;zeg&NC!RTU0<^ z5V%k4PhDE@Jn)J0`v@ymmWD$i&|;&Ok#|1b`#LnBionCcX7)^=B(8Efm~XyYG<@YC zUx72@!M{=#fNQ8ks_i(pw72)upTbL4aG*&U2d51lA6s(!wJ#;N4`E}vWNE8c1qXlQ zE89sod`5%l?4=-Z(c!^@i(}a4biCfDm8=?qS-jn)tK6!rq~}gi9o-=eEi($uivr7) zy>+>%F})NrkBEqm5s2snO}89w~rgv(v1^;XV+ijJJ`!^Z`W29wAiB2)4SC$ZL5+l4TK zWQG6TdRr}X&6x? zz$pIb68ruq(3t-@USNl01}rw>4<7XXk1Aa7K_IkjS&vcCe^pUjyPzrM#$mb;w1&S< zGoVZn{jU;`-Lbm_WBYzf5^LO3}&VZw{!O_G#Rpu*bP*$uix$Hghi$c#-)n6hRRW%nAU zr>8Ge=>YUQy>~ND&xV1;U2fqF!yunk5x|ji@mr_K*G?7}6EJfYuqoSiR zIi`AO4LK}zo2}-DR#&x5DQB{pX7KRvIz4YhG&BIvjhok=S*8AUF#odvzBmx<_(-0+ z?TMwQBZerNR5B0i00;R@b~I{EWmHcgpFK*SFje|ahD8|1) zkKO*KtF0)^h2`K@dA~D-e++RE5#Zi;_xFu;bw9S0Jf(e~E{TqLd3aK4B1BmrXk!Cq zVj3fA(E;#7n}*Tyn64*t|3JNHc(}O{2{@xc1i=H(*-~1ad>oPMyO-zdPG4EEwa};S zt|a>#^I>GAbFVZl?KT$=meyaP-A~r}YKhK|-8!85@8%cnCjLpZQ`M9(9PeQQAG!QK zA|wKcW@!!r$ANu0ydKPe6ckM4L0Dfwh-)9na*DWpIYmW5kIU??uFus53tqQVQ*(3Z z6VcMXt;!k1P?Ub(U8@W^D&mo~AqM_%#7EcX1b#MvYAFT=2JEP&fUnQR3Jp=`zf;no(saJK=Ir`o<=BB2oLwitP5s;Ksj)E_S%61@;W1ZytPG&+oz}H z`T1ZfCfBw^b&ZwS_jljhDdlHmDfjdqPlAb!az{>X2#Nexw7{Ek&_0hRQ8u^J-?`QU zXvEBE9goKco}-YnESM>R^ytm!X*=-QB>Nhx!;iOxJ>jTx0bY0FC1GA>+olrD`iX`p zoyuELBAqH7QJK~R7XnXW;@S^o&97`;Ug*!YCZnu#FZ;2EO3gKqn&a?R^GSSV52|;C z9eGvPA9#{WO{^&WOW#W9vkb3z%}PDSZJ!V-quKQ{xFcKTUtAPYMz3Iw9a~^$ zqw#r2UDtaPNjWd0RL;Wac^N0xOg3IFRQPRsNuKtv1}Rbn(PTV;U#x2hmOo3vvUB(i z(a3BCLGN~<)nT{Ad>5@ak7teMLatl(j7XTp2~6)HaX}@+OP)0X2wlYE)5PhE8J66v zf>mdLA@7sMXhG^LKX`BgeZu3neUGabe`Q!C!B10{8fdZ0jH{33sXQ;~74M9X;gpxc zHB@;|Bi)A8{yhsO5Hhry$onK>FSW2?4Z$Y%?LHvsODeI5pM)}!j>XKI8yh={R?8FmowkT zW|*V)@3oJ8dxFl+ap9q{u}3gT_HsJAvOJ9mPU5#5p}6$^bJ6oKedN(JmBKIG>UMUA>7=3zr-|D_xhOw(&Pv z7od_h-LjC6V zAn`m;k(3v^>N^ymK9E>Px4u%-NYXyJwRJua_(NqXR_59crIqW9A8>L0#s707_T^Hf zW>i#vf2);sv6cJsyrjV+w*^>)=I!HgQLa}rlW!`Z(|IGz)t!Tgl$$iIn#ne+ zR~;Q3>vkNoFgsh;B_Mr#3?{ohTqxI$bg3~DUR=aF^uNy%uvbbW@6fWcvOeFzR$&7v z+di6~VbHKF~3GJ^JCmh z)kyI>)(163gKf^DXA+`>&t5T1{Gnh!oZnZkI!`Hby;MTD8@{^E)^oz(^+{b%)I5=` zNfh@5c2Ks2k;tlY8yqS-<^y83(wuZMl_K|EMRajbnlj?lV+6ef%Qt2uu4;&pMKO@w zStZ%ojqzsvYKqQ)tu9hhu+eP^h()HA@MXdz$oKoTtF|W|q7km!0LXWkSLP2fa##an zNL6rf+}I!;%R8B<=4x%(aSL#E;6{kNb$^aN!-U4s1mla|Jo{jz4A~Y`1Fa4r zYKB>E9+|2g$OXY5H~=G+mfE<7t1ElQ1#JeqC8za5soi?B%&7@SbYL54{MSo%_#O@W z;ni7RFJ~L_Y-=Amw1SkR>-=EJQO{A7Us7sE-Zia9rhqYgzgQfJxwbX8ROzw;IFoy9 zl+1Q>bMh|h*wm^UNuzbWGTEh>Eg>SZ4PF!h#!ocsX<(%*0r+8qs@?qz7%Wjz$s=P#hbtSQ>cHwlH1R}& z)QFWXg0M_23=U?7I1LIM*!biyZ0OpfN!$1>UP6tj7`Bhv?aT1{PbMscjg3bYQdb>WpwfUvPTS1(Dx_?g$D`>4=$m%SGj(UMjC-EaZjkk zsiXjwNZ@uFVTAAI2`Ss0!M|4(+`+cXLI!~Byls7 zN}euMglFS)$GcXuGw3XA#N?#^UKL@`p}WJn9^;%U4E&Cbz7|+4o^SJLwm#L znY^?{xN3#gvpDBtLoPVG5@+f){h9I>LL@B_jmzS^FZB#;w$q_P|8ZqRBNvP75EX;i zb$4`iEhJh+-xM-kA+xV~L-ThzJW^7v7dMj`k8H+5$fA#Zcr#0piNvlX^fWemekcEG zW~vL80a)K>vO1JtPZ!)J_w4YPeqxG7IFy$qd>>}TL3}rq$LiC=7gu-}Le}pf-kLQ> zNmp3l*xcP8PXsQHAx|haS-dORFrM6x18LJ?asL`D=X-tmr#S}P40fpq2hf+Fm#70Q zsWO82NM7@vL78;SxPPvBpGpcR)R7tpk)|q$T2He2GmIr;8+L_X>(TYKc0<*TXMZR- zo@#aRR?|&@w|5la?db^#3EAQQv9>{^-7lqoBv8o!o>ODc{dl?Yc0>@v&;zTA1pyqH zoGcbGW;iQ?`g)4-3|(xpyHd|9o^^d}ezYs0Z(qDHMM>K4bSWk;@%td!aWb4OyQl7X zH;?=oi+jEp?Rm4rQX1D+Ow@M8F<(K zxCHU>dR7xpj928_cOZxux@V`-eoj4SBWQXlRKkyc)O^| zo2;YMGdDA5HWNQnQb4C`G(=Am_&qJP+Fq-tm4^q49siFwlMWUmVVYKtNUa5Jr72xj zb6;}HL^cF=3^cD(8b-pKWzI!9sE&ntqNHGu+EB z&Nk7nv$Ip6eay|5GO}C*y64v*3C#n)qIk1mk!Wh(3}xLLUusGo3}!wtZ=9I;&nSJ< zlAWdlk}Vtu&?p{mA)_$3F=$?_l`&v3m}59&on9qGJ9nZmxWn|=0r0exmBbGInlyL( zoW;`uK3j#RN>t>ZAwM@_RR;J;RSxUCFTm$A@dpMr`aSR6!>ifhW8w>xA56lsZckC;d1mkbj52?ffGIV&TQWqxetOEOIrukLI zAfO;u9ZC>rKL(N3Z;Mna1t@zbB%5G_0L9S|D_3PsW6oN!oD*=nZ~t85HiEE360}d% zLx;l6SOjqmBKi}{=XU1TBqsa#*aEb-@Qje;gcxX;1>Q3Hc#4|2rQ3~NN*jS5>Pv4b z5oX9|>e9R*uU*B6b!T{Luesvr0eRW#2fp<$OKJEYz&$!MNdjZJf?(uuKp@ruRf*Ht zyvvae%{OoMgVyd9+VY^}O5wFZc6XPPKR3A(|0aNU<2{3RmnWBp6+#87F!NW$0Kg$7 zOki}Fz{hQXOH>~o&5^gSofHAf(;tr*KSa);L+%5|y1CQ`r_2*d%-!MS)c*PK->kN1 zHXQfa`AKA$^uZY%mYP0j4hbmy>pB&7{Tg8`X;^%S)uWb{mR|R7`rEzX7~2s-4A4K8 zGb#1;^#PAs4_1R@jC&BSw(S=Xz7;a+fx1x1W|uBw;_mfVhCa9Vqog?LV#w<*MRau- z#exF4=ImN-1aDns&Tc6go>b&$n|jc{S65fX%l3P4q0;q>J4vO}dRY1B*EYKc`~Y9O zy36aCc%tM|a>KgZI&hK3YxKaAEp1@Cz0UK1z`N-j6 zJmLx_tUA1p2vK{BL@F{Ktw6!vG<7j@NS&i(*IAQeXD5eJ1n4+QAivM#S8+r_|9{w( z5n|7V3hGZ!k{Fkoj1D$>_@q8R!eV`$5BpW#lW>*%bEO)kAVj$iIw&dhATRL|@jOZ` z1WU~Sh1G09^+bQIBnzb~Lx-H{rn%4O9>bF-~}?_@0cnnE5iT0Mi~lp z*aQutvbVq#AS;#H@dl&l4wScZSvAPRBWW{SHvpaaarJjl(HQM)cyslrzF`H2-RUVk zQfMI0fKJ4h&ldv&$@Ox@_{w@*U_9$E3FDHtnCm>9za=;QDh{SvE$ruEETP5Ozj~K$ z8H!FUb*SkjH?)vSju({Zcbc=5n9pX{$0-j5`$T$rMkEySY@> z+itSh*E9zTSy`=~t5<-tQy!A;=BB~R#9EhP$)pHe_wg=5fK#~ogOw(I!THcleHu~T z5-?oiD?JyD``W>%T=~3mNMlF$O`D{-O?K?J5bTT+ea)w*(KAJeSCA+0I(;0x#aL%= zC3+dX^%O2gTrpTrq_OtL99Op8AJ2wui{d>z@Z90T-%>l3#ym!?x*kf%g-`rIx#`pn zSAu)cw=U29RjyPEJyng4g1}=?QqR<+!|sw35o}Pe zMpVd^E?Z$`erCkcz^1LU19b*9wPVGGX`pxd@7l~v?HFCuUb9Yqn|L881;&4#Lz@GI z!11lYXxrVpU2ZFT0KMh(+n_w7k7w}VL> z1N}oKaX&mc)lSDWQK)c#yjd`TwEZnoD8^*W|M5PPw$Q>Qlujud9KJL^4qL=zej=&MUgP!BkIa(wPgVaFl}SXg(Xpd(A}sU ztsa42c(5*P5~@#SA)a$DOqm?e2LeXrA8sh#UCn52=e)I5_feWa5Sczv?CmA zroA`+t}XlEiRAP_SAs?%PmDITmp0dymX_9DlgF=^gv0hly1ZSF4tooA{zSVzXQHcn z9_Lx#J#dL?Kj3UwjA38>-Gi{{;+U*`razrNN~ZBzyWhBRqmd4)a!yqWyRt&;U|9?R zK-No^tp~f_>&xzxX|GRPxeue+Jlc{?UDg4Q`6_MsAIUopPyLI(Ot0^0qa4S|yl*jP zCOvwA0|ArjX(C*oDmri>0{Q#vE0jR7>h@*JnbAOTj`lo}r+WdlY&!z zlSIn;Lepti|8?K>_&UMsEYbWw`WJbNtQ;~g%l2$IxgQN2 z+2>4X1hThCQMY58etSJyZMyIf><(lIZ090pA0arnBVSoxZ^`XH?Vfc8hQeriLv4Mf zzdf4J1K;-LwIZ}ROy^N-ZDl5R@yAJGy1f0aI1iL!H1V`aU|(2}P2H3{8iX`m zx^Q@Hpqjw@H**q{8U=7Qe)!4GZNcoTm5#%j|$ZriMibhoEc`sy&g<6dmo zs~kejbQB$Y=*gL)fn_$NwUTtHERS(kD&5tcm7vkpiEt)Z6ZZ#q`i$ZG=R6{PvU;|- zb~7EEWrwGpAi7h66!y?MA6yA<`oxv^upRDF#fr&KS|aA6Xw*Cw>-9!Eac3ukQzEY9t}Gf15~Ld&Pn(E*`MdX& zb#t9el?ov(18#xrA2?BUmqEdOtDo?K&Y;ZF%yzaE;%x;+MNkgnAYR~(r2EmGY}q10;mJ{WFOKTtWr@zZ+2i#7|?xt`S-~9UphsIX-nIHV89ipBHXY0Q_(tq$dP` z^6L7*%@R`Xqgi<(DeG?I4Ar(liG1bM}o} zLnmAK&QS*I%QUz46z8YZGs`MZAO>#?AZ1~`2G)BpI6N+zEN9gMD)RGp_q5#eaIO$k z9+W7ERH`%}X^7(2#Xh_8{M~=S`qyrvh@0F?*EVd;(f!f_fJQ~f5=9xBDSW0%8DI1> zvjc#Vi#;9+yL1tflrO7Bc!ygw(x{jZ@9DtLw%pUXM(b;AB!vb)dK>R$dInX#y9P19 zyR)g5l%zqKwcaU(fUd~YgY?P_ z6f_7J4(p@;7$^?5A=Zmi-Iu@E3?J(cSmUgGbBfzBK-SG(yuoGZAbbDF_HaH?3X30L za#SP3bzRCD1l&AH+A&$|p{2d14J*;d%xTt`%Oq%e!}LMTkpX{;xuq3TmI%5{w~QZ& z#VyXXRQBpp^kM~1vmeKFpIlGQ-k{p;Y?)FhA0LIGMZx~eA4L|yZpJJhVEBY&grq?h zbsvg9{bEh!mE1Vg-z;1rKhRZcA*{q{vEa`)B9^**rW(8Eb$GsTrk!w+*;-8=Q0Q@p}jAM zPMnUK|4}VxcvTNt&S6|%@5kGlCF}2hVy=TOfXhX#i(=Ce-{unU=?S3}>klCLK0$iC z;w5?ubRMH;P5I4r~&<6PvC%3AIm9_;nbibY|IuJX<+x!E8j@n z)E9yarHLUCqeCe`yS`fi$=b-0OdZwJKR}$B;d@Q9`^Gfqjsz!a3Y>NR?*l_-h7q+)47b2K6Sa7FE&M z4=^M7PVTC}(dz!9M4@I1#K}vIE!6uFA>58Ah8a+_`1b@EgC^I|y_s3h4 zAdB&lN(hMl`-5*Nxas%0^=tuh__Qm7QnS`Md%(%82RbGS)Vw}6ESf3M_=8s>eVl2A z7JWrR<1-TpH-^o4DZGY`!O}U1O_%3|`A*69uycf4X+UrdbMxYUxS1t&rgxu9TH)#V zrGNco!xe74c@RbbF~@|;WwSXR)a^6=*V@{%C$?Ql4Ia^d)nT+FcLp<*u4eWIQ{CpOnDjp_Yw~RDE3eo-c45qNz>fCi}MrLS7iW4*X=Z+1ow#{@Mfwe0{ zTTy5DS4Bs>>$&`HYAXEF&@WcymknhtWSKUKTgx&JE~UOHzrWHRS6L#~8^VZfFFf7e zfRviWMP&hG0P0N-LI~j5!*b+oev(u}z7iLX%PmX_Ym~?#J<~rrc)FT#mBvBySw^XLtp6^Z-CrWbW_?Wz-{nYEN+8Gb z;NM|frs@rPNbZb&?^G9*w1<@#RkBFbkXJ=Bv(E2`kp94w%$+aARH6*(n_2Rs?12Z= zAUPgj*&OWUvjP$>9gn-?ZMpwwuaGMUluQ_1pS3)GXr!sD?;jFCH>RwNgvO5g2U)mb zSLNpVr7OA^DG)gg;f1d-boKhOl70#0U5gp!1~^XW$<_o)oi3x643;>Pg7|ILWZGnZ zY)ME;mUkGYx&hc@p<;&nhX)LnQ*dLh^_mip%DQ$c#np{>Sq6>hhn;;&cES{q;{GPV zgMR`2--3yi2WJ1!3b z;(eO^MuXM72}dKepBeBHlN5T=RwmAL&>wG@M!yKCe(YOTDC&wXBRl02Ne>9-YoyJV ztgX|DIgf=UQQbWP1Z!45U@Tx@V32=UaT@K6axb-~8mi*FoN(?xb^8-@DYV8hQBU#<~h|T zrK?R0_WY@kox&M5rf0rG$vOwc1tZ5=!sJiquJc=xx;Q@A$^-vU4vdF_f44tsGI8$u zKCWqADJmip5()l5<*Z1Z8`WDgVu%;0C|M7g?O9U66u7hZP2MIcARQ3t>ber$WXx|3 zdb*=l>P~QBbG*IEag|3DptBat6m4V%_d6#ioTR)bwiw-EO^m-g%J%7_iz{Gzc2m`l zW~Yes#r&UVXQ6bCVn|9yM#g?uA7X90m4t*S6@$2ib1DcL6C($q7RyFB%gQhq@y2decU>&>AoDUTI6 zZFT#762{wSE6%lMlAJ)4KeCfkey_%e2M9j?h6RAv~&GMz5 zez2KWQy65vh$Zrn3p&;j?e)_pX0=?lraXNzsn0lAqxCQxCB6}?R$C>bGn5n4+b#C14^+!p5FZd>)9FWw zC1%jjkgnn!!&9_#OLJm}CMPL{OXUgK!$zB}U;2u=QNMi|}|p)02}! zJ^}6%?qheS;m>)r$6{i6uFKX%nWJ#OXf|6dXkwaHEy+~!^s$}4%HqUK#CKQ;dvjc_ zu})Y9hgEmtz~2ExzPm)zK3H-dxCJ9c3WpRf;r>d8*Dbt*c?NN|qz#|sZyl16RILo^ z8yX&bZ?%AN)kREE`?fas)04c0B^(+niR@YPc~R2PHesI`@8^ z)?Unirdp-5oH5$}dmFbvfL3$gH{*Ev^`f?%_pu*l3xcZ|A+uPZ*a~8vzoav7GD&Dv zWHxt1tC`tf#D_rctHEJ}_|v|$90xODzDG`Q{MbTK+TyoijeCpWzefJzA|SZ#@HtFvE8gQ2tj1iqbu*b*=&D4tGK(;(Tl{9zRy$I3XD z3t5r~{D(9eodqP+s`QHSg7bk7l0PTMGkbsH6AtylXD={=G+!MqmPiVBG=?8B>^NJl z;elr?h=7gN+}f`x6B6UNs4$=CPm0_&%Fy_h6_=>gY@#!WI|W=Pdm{@9i;YUQVf{wV z4>ZrAMmjiJtW-2F7a9CpjM?x7XPgGm+^B@%sNX@x@HQl6ZH#urd5KVOmoTXptUIje zW<=oY%*=X8Sb#x;ZGzn|EryTgkkt=Y>OK1ZLQAZWqzl@XOCE=8)nC7%p;|wZuRenW zMesf#UHq_H?YfiFGY~MD^pm>3&^2jpn#~U1zTV{%l(jKq9qvZB!e%SxfzZb&0)cU$ z$%x)hidJD@0ZNSXZFLxuE9*5EkBJS*7#*Ijji-kpg}hf=&)}!iYJmR36T`N|cK(=! zEgql7+WYk`|1MbStL^GOslWdMadKcJb?2ze9%Nv4S>$yME)y?qhwb zmF0B@iq3)H_66??(h+A%#xrpWJ!nv5fW-eZ;;h{)N;J1;-#j8e6GklCXlXNn$>g$-+wXiY(2*Z$zlBoKXPvg2~@(TtFfTRDB@+*gpVzE zpnuZO_1(+uo=pJx^BQLXf!2MhtM*pLCk2Sn8b&gDqfpU8Gw^)9!Np;LI-PMYuqgzJ z`)i#2j?@~m5+-cQsabRe@XOIRIO;t3JSupR+M^gHBxV(-BFjBXua5!@eO#5U2Q7&udqWx_rnbQE_s6A8xfqBLXvH5y&f5& z$lb9uf&U3AW)qY}e_|q(wsySJuiEFm2uq#p^=KhMS?8aCG=qs2+RFoMMQ>A=Tt`}1A$9tygcQODIWxR+oeEUEx9;09vn~+X_lbXXsr9f zejkvFusL0b6*+Gep21?rS8%Pdck{2-uhk96_Dj26WhpheKCI^XINap)KDb-b1vD-x z4KumLX!cp26X#9TYS{{an{zEJ97N`eq$TYWWY!H<%9t|TAQV!yIP*@huoBkev5_F* z#m|tCF7NueUTHq5Pq)D0#_xSV=fC1AX%m;O8l~}9NUL(_!&`1$UI*7d^9sn7R-%Ox zO2AhLg9UmwNCm(>=s|7~5Iio&6ia9A^JJq`il=RD?vIv6Y!X#AH)extr~}2o|JmxL z@e|>|{We*>H85p9*~N(|h&|kYq2jc^KBUTCy%4JO-`6Aq$<3cb1%Dh#P3rr{LkQ9v zot?+%hC>rpkiubRNV#9Uc^(ntxgH@2=@VR#16|$O*0{UvgX{QcV4#2@DWtBp$YQfN zhPWVvWW@alC$;^>oTzGuPh{DLvN!Dnbx@xMlg~@M8=7V=#Fr2Z5!}6*a&Y7RlBIlk+VgA z1v20+B)C;G-#^8{qTS}FVEsFIs`w@%=Y#fd1P$+a z>9D0TB>@GHoT|b34$`0EAz*95!opx+U~O$}wpx;a3x_8r3jE^2bs7A6YoybuQ1?tM zJRZ&irg#!+`U>47E4QL|1$-snkpLJPIxrNdIYYBqpH@6yHgG1C5VnU6Pp4-?CaORJ z?pM;b+imP07%02-)h`%rDdrSdEyMA+s{RULoj*&kHf=+D?gL;h|D+@dN&lU`VuL8e)*!R zYECQOBzx7@MN?SEugmBfchV8+ScS+t?_!8$21Z@V1In815hu-3%a*^IYR1fvbUwNC zc2wHC9YbtCjWx?-Q&${_0GQy-2|(yqu<`J0Y^qz5C3^dtPz^*;Qitf76BiBRh)j;- z`yJ|L4bamV^|CS?|bNV%-x=0;Z# zuYYVrVL4Y2V#UAw9`o%RbgqLW{{$qt+u8zD7ptMqWu!#c#N@2BB-P8;MUT;_a(8_! z{X%YjetI9uj*cCw({Q${MZ)P@o9*OKpaV`dhKBa?js$ByRR12+ClU(;#@jeMHBzL` zjVc8NVTmZq5lA=n$in#ggQHIG&*2s9C6+JNoAsen3Q5j~{c%KcoC)}D;~0%pxVK0* z&O~d|7*q9eocMPh+FOdOEGH|e?eFBAX~(Ac)%$p_dk+2=wBUyk-SsOkm|p-WkzZ3r zv083$n0|k~2zc~vTm4H&SEe_(YtM1K=M0dxJW~FkJvbQbuIiy(+1H`kPQ_!|Kh>R% z*E{iAWKZ>ou30??NVC;oAhW4aVZ67L6EI}Jh;pnU$)`nA8Wt+8eL_3Kwi%<&Qqbr* z+@zd!5Jlgoug-&F5e%3T6h!h1Y=eyUQ z%BtONwpaEA_}w;!U_X?z-H)ZCA$@DQUsE4HnW}eDl5X8c^PuP=grJ~)gJnmjo+=9a z;E2+6JQAiV>3h9qmwJyUzc9AOA~Sv_i{4Dsg(-hZEHx4PLfaMLu%jP>k|lgmW|KsR zA(n&z%p~Pujjta@NVd=`9RjRAqj@CSTrN=0U+#vHX?_&Bs(*Mhf$y5DJ+!&)wPa=-V1Sqm#M*6T z2xX1wjO|wj27(?(p>S+iE22tQs78D%2qLI-y=N)@|KNccI`BJmG@1u#s-1wecjf|t zXHR(Do@vS&`h_vWT=%qzf0EX^UeoRg{;tez_{eFY2M$_Udmg5oo#eLHRTE`VaKGZ03Tj2u>HFIZi5CdGPHl#yu4Xw3b4McwDP`$jHuj4O2m zd^Ap*;Tj4Sz`)%;@1`_ElWmGD1&IAy>1k35HHVcNPzYdRVv|7(!lPsnKJ_8I7 zC+{d0n8Cmf09ThN1IPTFHv0WrLjrYv6(!34&jjwa{m7O}R+ntPBD<0_B@7aE^`=P1 z{Nu~b-R zpZAwzN^J5L(h*hCFV2%)%N2h`m!B$C|NUkiq=_4~qOVn2Fzw$Ug-3h*1G-OuzsNu& zi#Tq94B`pQ#fmmtA~wBZc2d@OruzIpL%ZJ2TnE@W`3FhF^Z}7vIS?f`PsZlnfxORB zl`57=n=~i7wQdN(bG@{~c60fc=VpbGpee=QX{*@f(gX+t37N-Hknmgl+hr%*<}nPr zRH?fu!A$v^uJlm2a&+!VD?v08d;VPskGv z4vxiYUEL;`!n*!AfR*eQFhE*U%JQatfOO5S;aEnRIrd8qtMM_7#{xAKTRMTqW%U%B z70jOxcp-5b+ z7cCb~^sCePj_1Y2(+1DJBkDNe9Du+rW3cx<5g}dJ{DrfC*W#Z_XIUJ~U+hHe9 zzfb&1y+0|HQn_+}wcmqWvL3$OHWz3~hML=_liC3$ z05rX}wl*{b-n>p3Nf9ka^}P(K%C+rs)xpy41E2LJ*!C~6&x4M==Rd}B>R*)iR zXKi3!IPJ6JikTZBx9s)v%c=}{2yH%-zaX{lc^@9H@`f-Knap zwaAJ{pP#Q<8fzE3CV9^p=nbzDJs|gbeA7v@T7#4PHwy(Hb**qv6O)swV>pq!o;O6r7g-(k~-<_bd+K%($TyLEul z#|io3>Uu7Av(z3xUnhkIdHAnK9dG3{GR4BDNBM5~ekIDrE)?LyV_`bBrER<~e0?_G z@!sPTOO>e)nJ$cCSY>y=S$Qg~R65}taSKKnO_7X>g@;Q9UoJNTQ?0YDy#wQ{Gta7Z zPz*(O`aDTvF89CUzB#&G+1Dg!17?_UA3ICx|?-n4uV$<4Pd}26VlM2_j=yAVpEJs>UMV zK$wpO^ivqtf{ip}&DOL63sHM*9{%8dn22ocJHe7dEr!IjKCr{;1jI#%&?gJ|!n)I~ zHspMvCnJ~i+pMF)@xiu#$(cd0=B$RYR0y(JpErLDJq z+e3`3vOtKmd9hM6nPNj9CKPV2_kxwAcfh<6<9nBEeLVQv=@vm+JDrVgeq)u1IT!l7 zIdEF(A2T3h4lskY)U2!=P4h`xBPjsG4(Q&pE?TG`jZ9DEY3*Xb(`4C^(DD z(Rcn%7#s)n0}2&+j!~Lzv#8r>|3idQ((^B9#$~_r3U6Vw4?$aK( zO<2pXZt6e3Ffv8v@hyByAfbgxzm&O&uzwKAC44WZ1dHZ5qqBw9Utf0Dg543Lqh^fA zrHaEHZjz#M2^f@$Eo1GYZ5P$yYW5}(rWR%sreq}+Ml?)qAOwQlu3C{r)nr#iMGTRV zdcaMvw{o$rsd|`#Kcl6pX~`0r$!A_8_b zCL!RDSBqs;-D2cj`{v9X+lorYW$bYCIa8bKCa86PhEDd?$-Ho~a48*TY2xvEdpeUA z8lzz+0|ZNr-wlKYw}qHFpSA{UFlv1Lq*9?oX?eM7`p;^4B&HPDFdYbS^5t^Xn59xF zWOdo<^LyzqNB{#WclQ0*XEwmFzLW&`ck~q6+S;CZQIv~FO~P>BrdRMJrApGYW3Q|D z3Uij9WYPaQb1D6N-_6XD#9&4L*IXOv3yq)CvI$-f)iZidDG&Ts3w7!TbkNK;hTc}| zv+0%v&dJI7pM?$G0s_7nJy8?lH@-1nLV zpi`8yUrAsTBR^y{Qt0Jmf%T))?E)Am+ge)}ONl&0yzTAnU0vC!hwPo4l*`U*WErvB zaH0g}XBXlj^JRU&u2yS77dK@^%~tOxkuhJhLQjpv?Oa^wX8X4Pv*qUWLGFO72N9IR zA?D@htPp9l6kpFiPu2FnbNtFo0+BabTe!PV?aW`%11*PHWFNz-9*( z{*3j_M~VOjpX*9|EZ`j)>((le0dNk;)=Gqys3>liA;~YljvB~czo7RWu>A8aVJprj zD=RFaOlWJ(B<=$ObPN-!&idZ$UiuUcvN9QVW&$AA+Yy0j_Z~$Vp%|!M$9AeFMK_sf??Q+_kxy}ZSB)Zh5nIr9*`$ec4C z-h(|eriuN!$NHxSEFk_Aas_`nw;Fx@Cj?OaB?KTXT%vGP7a=JVsGOL^6>v^D1*4Lv!BPY|9 z3BPj~*zBgq6GAk%KT`I#qWi){cvQPDafBSbFF8EBRwLJIeeO|YJ}kZI9=eh_1UBK% z-|n(Mrt^|%E;@m8b*FeU>(=g~zTEd4s&)Ucr@?W38^>u7doEZTD_9?x(uMYt9}vzQV-9Ms7`d>=pLA2MYB z8~_Lk77zfPmSVre8v$v8plS~xqXUtk5%?&I!t*;UuvEN|EhGiMW#7EmAPa>ObcpB# zGqAK>YYX1c`aXLAsSf$OH@8FM^*)FdKIQ&moogO+fQ%LrEge*vSycE>U8aHv)XZWc z`;^JtVI|cChc%mjKWAfAJHzu6p6q#9xl7|7%!%%bU~;j!vbyLcDk5 zW=WeqYAo@^-www~GyaeDWp!4|gH9lZECcRy?BEa#XWjD`%hkRi^lMtwjDM1c;Jn(z zy-A1(XpR#u>R_qXs>{7TYVsS)bp)V4XfU5HGeBQKDx2= zhLm2y?OZ+B7~{Eu|89Pc=O#S1|+nW86A!IPz9W&Sxrg{ zb_K0|AmJKvb2dOb=2POi2-k<9GPO!>=y&?3b{Y=ov79Pf%^Taj zKVEAtP%Qy!1Z&!a^|`q@y?${y#U)rC-uPizsp*N`6T`xhmHb=5&Yzt0Vb$=OX=zmWVUlGi-jMHZS8#Eu*1B02M_bV$qi}@k9={G&u_!HE0rS zo8xmYK>#s(KR$zF(3!?Xq_^<$m2|JELheuz`Mq2b02&;n5=NzAl$FD7qw&AAw6wRV zwfxz{nKG*07<^NyRoT2gDs{d~OLgveNs(G2(k4=d=ymvSSdu^P&q;%VqAc*Y!ij#c zVB$c+)jOK2m4$o#_b&rfchbMlD$^>#PYocol@IcZi=UX99*fmkoD=0iy(~o44TPBN zEJa`$4F20UxIkR93fh+OoACaFiS$5;5#=_l19T{C0WlBa`{rX##$D&XELjRYTd@Db zpZIqUJ<^NE1K8KrX@1$D~0uDGfEErHFz z{^X=(>f0YxB;*NUu{oh-LV@`&h{BigJL&?wP@@?6*FzybUHKmm7YnL?MK20K#Kfck zwhG>SindC@Zwy-Fi=_0$zODciAVmEJs3h=xA?7H7H6~+_(6BZqR^@SP`Cq>K_)2@V zSdUElyA~v$*tC0A@}%)R^FM_h9j>p|LW@OVir+?svY&tkb1|e6vp6F&QyIQC4(tb* zT)7s3ILP=ob?kG%!ajhmcFg5z{D`NL5+Y!td2SeQSp4jWA0JcCGptBlmOO;*jC&Bg zRhT2L2nG~FVgS%(0yRX&8dkx+kfxj>5>ePF5ejq~vst`}_`U^aIR)l^OJ?pnGlvNs(ERZ0iHJC*rf02MjaFbgn0M@ zGN#w9%H)5RnSj~CHfxb(2O6S)Yy26G!9)JYL~uY*dcIKP=YjdeFWPX%64>8TUk9i5 zN~aSyi~F*^sE}n@EPloH7!^+RmmS_H#uh~j);Miu$Hi>w)~y$$V}z`~)vdN%_MGlF z?3;$wT(utAB<5i|d5NB##IGv#e(EQ|iHSQpiq>|xoy!8o_oT?u_C6kZTrg6#{UQb? z0C2oX!a&_&WtNLdGxVm=%B4R}cW-u3?#`$TwG{%ILiL@YiQo0f?y* z!H-v)Gw%$?o5=~*O^2=R-_JL{U!NYdroF+kt8w4eT*AEv=Gt&%?l<4q4bbVH#g=oU z)q%~%xurNV5`8lhKwho8?c0+xaS2Celp>-Po}Nr==WT7C5g_#b?VguEN|Np@jOA!I zI{#Y$Y->RPZ6_cxWwcQxhh|R=RRU4d8dMnAlC`}=3j#WPjvS5*L(dpt1u=s(-ssZEgqz8c`;7%F? zX4B1%pS$bMmKQ41V#`)5mX7rJQ1Sv-kZ8Eru%KTdF zRN=77Ja#)Ya#NGB-nLkT&_*NIweavVIY1T0#yX!TW<6YO{Y_gOPE|*--jHtCsQ4e8 z&X70oWS~+eV$8)n3DiNLPMR-mId*r$1k48d5%58o;$IWV(eB4Y3?m`oJ`fuP6KOWxq2$>S=z-Z&xqRr1EqmBOQ#NFj%HmyS2( zRj526r30Mwa*R~M%Bdvf);V*)FWmzf3K+;p{RKLIXMh`nlwv?&as)Mq{mbZqMwQXs z#;4#&+W4!Kwk5_v?wb}5m9R1NTJAT1CzQO*oG6j1g9aI)vr%Ne)9Gg76Bx+lkI|%o z>S#WhRchUIxE6JhZVg9#oGae^@-dUE0|)mQf{>X2pY>fc_*BYP!#wElwv7$?Txe`RPc9w>5+@6 zS7>of5Kf)|%*aokfT?mSZ}S#4^v7>4raeNAq2b8!4@A}I(9jYU8vA)`8ENkn0Cvo8aA&eYEx|fi0ZC_rM>C5S-XM3xn3tO3=dM0Bt;!!_26eLBr zJC!w0j_2Z6=W}^uZGGNr^JQ=hoHXq10Z}#s$Cxc<-BZ>6aKx<>=bp5Jvf2Dp|A=Xs zvc>g}84}fYhbE?v@YAAk1p}B%UwM9Rd#3(>loU-u<}AEV<{KVyopFLPg?tZ|5FWV883^Ldu*wT?!uMh>lNd>bmJUK=t*?{6)3b18%=7?T30 zAmDUB0-Q#FvTwp^Zrt^_M{fp`qfr?2Uv(sYkCeAJ^2IZRvL+usSrTeelP0G+ZmGOY z`GFnpk}HSXi;abfifH!mp$&|VlK(*rb$3sZQPMj$>zDm;h}naRiUzl#E$-5fXCHTo zegDK05nfXx+L)6Nb|t?D3j&bvR=6zdo$JA|ILzxScNoSG2zM|LD>k2e3fZWUNfSa0#M){>{y8R zTvRa#$#dx@t^8}F`^-a+@sgSN#A`NyME*ZvqjmEl=k-EskJL{H885|G)zKIJnG~iq zCnk>@AT=rQgZae*bcPb}H2*~I$<0rKHKoxidZ!`2LMysm3)`2pzptR5axj6F++8<^ zpNwhy%;fZp}zI&p@w9*W1C5fqtEaUNMiQy%v_t0a^Rfku6xH9<6 zylUau`Mmv8tb_XJzQyr5hMEFQgdC(vBR<^g5DmUQQkFfVL`NAA=&?-k3g!QFz$Ku7 zevJ}1O+r+^*;4L!Rq5y-nHiPSWuU_RU0pKl!rU_Jd@eo{9Fdg-Zu(gNB&%6XnP^_F z-#rV3ahp<)E*aOdRs+bnfo^H_V?7KJJ`T|9D^ZS& z1!XWiK}gh?do39l^oM^2=HTwril|xxo2OxiYCd}ydxYiULL0!Y^GBUEp3Ra8Z%g+GlJ@wH~m({h?P zQPozgcN6#X%`pHa%K9lza&sDBb5@b=DU+zPG)Zsx(Or|asQ4?O2B!`|uc=n@W1DV6 z|3Kl7 zL?Dbmq8!*a79v2S)D5R3q0h@^EGoK5Md$dTo6MV;`&!w{fdJVfl=V(f2?O4QbZo9K z^xb`z2?IH3F7B4jmEOQP-IBWXE%;oB>aRU*TX;(#Sics`u`YA(=~?)oD^Z;v_MPvO z>ydlJ3QYC`Cqoj+Rel4CDz3^5c4{9gE6pVD^7b(LDx9@rTs(qA6fkX6`tv#|^;O{_ z<(1MPoYFlxg2+)8MiZ4LW7g(yRJ1wJ3r&10w*QU7fFbF$l(PZ_{g{uAEs%KS#3Nb_kO*o7Z(@%ygkye0Bn0T*GHQ9x2VU*$7*V7D=RC2yw%c<+7&*)UIC!h zH7_c?@tdx%Z8bI5mnt>W)60C$)GB3OJ6kB>u7q|H`p2t{_t@N-huM;v5s zTGx4V?aMgETUyvn{Tl$`ENOS89HaeMKc6o!Xr*-~a zB&CCv0yOMd2jcPb%!^5ba?`(E(|g@fP=mJcIUn@p(y+}B-Z+K3Hh^j zK%ctxb9|V(9RZj}XEz@#U`Q8oTJ|RotLyc1K#XMegYFL(INSyX*!$MF^$2f{6dDE8}?7PxOP3oRzhxblQb3 zoxA2=C~rLi$;;3xRoFm9LSEu>d(|5W%I!p2vyJ2ARWt2bUrXP>t?uMS6MjcPaf0n% zE~@3(D{nEie1yhJARJ zr~3_OU>dHsV}3VIZK)6wTTC4C5fdW!EX)og4peK@_`#eh3Bp-)XEuFP1~C=tfESC~ zzj!B?;HLUAwT`;A>&RfQ#__QcDqLM(?hYSKo_-9PY#;l)!T*P|bBwQ~>)L#5+eXJu zI=1bOZQD*dwv&$4vF)T|+qP}Z>HB`>otgLdewweTU8nXrRkgF%e_hvFNpoMmqmPG~ zBu;!$95?PN`ToJFmo@h@KXr7}=r=hYR)1l*u{U-_9EMI=K@x|}PCwm#4ew)AXm_8k zmQm&~^R8l#j>;Vvs{>kEyItu9LBRh+z^69AV-+DM``0|g24>%0$;{Rl;aNir=c3n~ zN!GMWW)3F?9h+X?#drI*fOANs`Scw}q^Sz#Q-{m=#w1@D@j3Q7r_IY{Oy3~ZH1;FF z!I;EB{*yp)cFcpl!(G?ca(KmX=h`NZ^Uo^4M65;|P|bGNrlnQgg%_Qcv#6oP@EI!e zOGdI(o`^k{Ln9`a2RM-qj@j~L1~$(c30cShtuM4kJ~*=>$H@||tyRB2JksmcRtz^N zg*9J_BK@0`d4dESyJ;6jBMz10mu+Mxa1FScy5bgx2 z$6n`)wRz*i8L!{m=l(FM<7Pkdch@bIu#qyv1u3S_Fl3uy5C&)EJnoLyN!Bw%>O6LL z_Np95@rr%Ya_@hFDBzMMEB) z82h4t%)Qxdt1)TJW#>&DWgC~vywH$Fs-F`F3i+Var~BDrWxdzY8Up9{v->l83T?$W zYA*zQE->LmKpyqlW4i~~L0R%o?)g7P!Lld;K*!W%8x`I)R-{^Zq8o-W=7iVZyQ|qzoVS-ewl4HLfck$JXkt{xpNc6A@{;{}c=h3iF>% z755{ZZ!gINPn0}kHXVIjS?YrwY}IOZKJ({WvbsDpWtgAEuC>mZR<1?75&N-{=H15U z$z`TgEqz7E9~cMhYvxefL+{Ye-k+KAoS{C zgBQhiFtZ=#ErMz$vJRRYkrpx-8A1!$jLVMw3511zOaA0efTTTjGUK)6fBJvxY$>!- z2~`G{-ax@BIM66ysiem`wnT%MV^PTe;;*=gfREPE!8x7rAG-CQ{x;B=CS;4+WJt7U z*UbL5P6XG&XtKhfGv%3voVWcg1%L7U#D6+_E9b&))~Q7@@%rMUVuVQb6V1p>k|kg* zmx+>UVCgSxi}<^~F{9_37@P!8AMODsZghrRFpY?OvmU4*ou0p4LkVh8=F&egS? zkKb7H(|Ev_lk|_Jjn+o)whO$Z8jT9jhBVGugMr>BPK3~Y(|QwlqS_X3bA_g}`N{a< zfFVO<9yzENZ3I}n%od7HKz*Bj@$-{fj^|+Ymd3k3n=D^3yu3=WVQQzJQ=92M0}UU* z?=rIOWW1;0m?ROj z(vbKb+P0?K8UyUH=fobE*dHX@`{rLD-m59frCf&)Ikmo|R|lq=*ygr>jLClH7R9DE zM|gj=n77|nJ~aSVCKmVl?K=rwCgrvd3}?q1nvCk2H~v+!Zntk|ef`~U#e(g*p`p-I zSPC+Kur6wl?{?+e0A26cS6lDZ-FgSauRD}X`)jA4?femcK%1y#^ygKQ21sVNiZ#~o zD@~`#X+HWr&uCCLkNh?U<;;vVWxsO{uS0sHR{81b;-b@JjV)uTs-j{#m910mBYG4Egc2w2Kd@uJ zpNyFzDlX1pF)QL|(OCoHBp}cuyJM_8Ra4t|?|eLzjNaGx;Kamfij zU~_=t*EFYSaGu#jG50%gQ%YCYI*sjsXk^kpFOfm#cCmzOe2rM-Z>tfu;l&xM$N74^ z3zEvDR$x-LLgoQ#+T8rS%JMuNg9jXy^M&#yK+WE_`x8(<>De%I{RN2%i1sL1(g3?~ zpur}bl}tk5b-BP*hAz%pWO94$wxKa7gPSAdQLt3}-l3 z>x5`7i%%)S2{B7F5XJHJ0Ufl0vs2O+(P#~TKLx_crJ)CyhJm2x2|%#cET_7jXS0vb z&iXUi0R=wO%@Ub9lDj~+;ef!lMSlXpPbbqyHU1q;3mj#`Hr7p{6{;1yEk=But5I(X zQ1h~#jH=H*0&wi!?k-wK(ns<=^o9t?7DYgv5$?wvD){r}1t3|0i-pxQDJv!Ad9yok zG^P4*n`IZPY!ItYRcFxulTNb%$T_4aO&COCTN+t^H=d+28GjAUZ>p5!B2VUm7$}yW z)p8yR!pa>TkygSt)GA?|xnS1|Y#$gW5p79G67blUMfmUD{61e+Q{~Ic(v$!SJ<)7Y zo+bwzp_T{ob1J`un*l))0Qvhp=>LA{rB4Anz>@~}OYSWgW0Pt&vF1NVi2_zdfsC{+ zRtb;c{~fQA4fs_@Swvs~=Mn*vDYQfBTbJv+fp!Z1{WPM0QPiGgHIJX>z<-bWgIQt% zex^n%zg&+0jQ0Rsj(Q4-?w_M^0v9CywUw?Hi1!fxjt5N7Nb3MQ9~^KlU_!rj0JB-B z`Uu$k&-epqz~y*^8~!;e0MZx<)CHOAdJ)TTE~}}D)6sp=ABqT&Wa+h7SYKum=a!a2 z+erZoem98x@7EK~FxaRkiI&vV#q z_SDX|xd0xLt*2UrNKZXi>;5O(rTh)mqAD^nvYu9e#mFUDQ`Be+ANV^{U{X#FqBz=M z)0OR$-wFcF=jKISbu-mx_8h~SxOHV6*k-ri--^+rnu0!L0;v8*&@tbF1Hj6X|G7mT zT8&&~VGe??ep($8nV!h=;}&)Z$fsxpKEwRk`0#_Pr8OT1J$Y<$^5@(I zN&^c+rLH}-WcZ_Qy~h$?ffzTtD&-d}=k?jW#S!T@@*&k!xk@bBPEy^EPWNW}-K)J- zq~6fIvy@7`+8h*C!q=fDI+lwFw@_OWO^ZLH_`=Z(e{2hLblRS)o5jwaywasIG1T|m zD#?L{Q1BER7kQn}y+{=vJ1Pgm_q!sOcdjr~3M_InFPiO+tdIC~Q@2u%RedLe&OY%3 z!yi;ai0HPDKi@{Y#Uy%s@M>skouic|!l^w7h2B5j`ON1zrWc;yO}AFjt3bJ$*U^8K zg;h0-hx)^+qw-0oswfkfJ{A4&^)u_%V=Z?u>O|~aOO<(PO~31!|I)FTH(B-AFi{V> z`sg$|Ez-IX?R>YlSQoR+YD<#U-G4>TqsRR8!A5RrdwJ3DiIykd$Fz&I?6bRCWI-fX zeX#=-t6KBB`Qa{>T?oh07zTvLlF4pEeKJf{+JWH$r1N46}3e%IEJi_F{Q7*oa+jq^t@nTu$Y@12*<>0WIj7hLmL`6VqfS6b3ZF?XsXtK| zPjzCwKE6h!uIXTbetg1w0#Q#_?IiJUMJCS)KjJ*TT(HI78szyk{7!pYwL35tgYWPe z3EByI6F46+-tuZ#o9D4e&fDojHKePZVD2Wa5p+*X{T)ZSe=w{1z_q%HdK(@Sh>RFy z^ygM;7w!R{(EVpxoAdNY342n5vr4I*#LEK?9B@fJma+`?9TjvLUuuqTVdU=QWSiXE zFY-s4qt6|3YsC!j*BMALmeVWFi{hN&LJmH0{EM;6vnN*ECO%5uA1pJ!kO|$6IZ3s9 zJlagZE1TX7b-LvXy;Ji8yQ}R#-|PVb2}=3w;Et#O6uE>^9tcGsXcgFiYKo@Py3&=k z&>;>tB*P>9kr-a1OGcIvTQ`08=Lg~Jb__V&`Y&+Nu;eEaYHIG-3^}N}xxl9{OOE&L zW1}O4>Q7Gnu|gUqBoAjukC!wQX4lC{1-QfTmX%9*^ABzoeN(mY6v@6nyJ=gURP zx{vXj1#&F4M>oAQM(TKap2wc<#|y4kQ(4iTadI5J=E?UKe9PcCFdhja60;EXU74&L z5MseOx?7u0e_Gz~)b?CW_Xkg?g3b!<4%(4Md6aPk>-Fnq--nJsZ-@m5-8I`ZrMfs<#POGxag zh(JlY+X^Lkec-aN*~$;vz!OU0Y^rnGdLpAL`3=J{e8rHdv2lh$7gD+1NyC6-XeT^z zWITHWH*1qO^+Sk94pLav^v}UV;nGfhCQ%G?LaZy-Lq?OwO8VDkhXnqlom~VW# z!oV0@r1y0|{LUTU2Duym_4BsH^d$k!*QMXn#2O|dh^YqlG>BctJ)OGcE1&P%;VOOP ziVwtwHzJFW3_9`kUweGAH=sqrGoUO&GJ7wc#C?1ep+v44(zhW)jfvNG=f~#)h9Lbe z(Vvw!*emZ3dQQ;kEdx$ajgt#o7j;X~y_>$(L)CUvo%DTyG;2-1dE#EUW${&(O=AqE zev{vOts?){!sd1wMqaj}(?0mdD2>BwYkV9-sK?$vQa7lW2ngp93 zCmu_mHhI1sQ#qI)uZpuK#48JVo$RsZ&X*QaG5q0E=cX%uE@vTQ zh?_ZvoJ9POhqvGAjAGd`6)->3u#!^p_*JjGCA3@T`m-0>MN1-Mw=mm!Q)_c*nT>9P){4S;zEziYB5tht4 z+!(BG{PbG6St@_^{?3{6J?CNr&lQT-<_)jbsMjUYq&Wq_9CDUay|TUeWV8#nTD;L( zoRhYY@@Evf0-)FWXbC+Kp9l6BQ**5aj4C+z`Y;VHw1eCE?=0n90~<3r1pcUxW#!ne zZ%}n+MjYh^p`iz_o1L&>Y!)%zv8 z!{G<^S@T8ru(BQK2(|GC+_nrp@Vi*ctqk zGCNF2v3hL+QXi=FC);Ssi;t0zymj%-zVMj&DS2RfNlV^z!vdYoZ1D-TXJQq#)@Y*^ zDjNcmZ_H?T(<_K-W}UX^Rxe#bVM;Z(s?e-t+R=h0VR}W6(o;uId&0D-ZuHfCQ^0ks z*j5K!bsP`Z=PSvwGF}wig+AODffd5WNFp1sDz} zYsPe%Sf(UVkOk>niEqC*i>b{zovs3!iW3wH7m8!aHSTUniN}|-Qz4&XS(k#{i4(tz zINFX>d`OyPx)ICZaW_=Re?mGW zRdnFoNpr(n+=#KuA?#0Q%VxH|g_UpVrxO*A7r$mEK}0Lx2q$Q^WI^AbQ?FFWP%tns zaB!$^c0@CLBU-d+bH19*sLPo;lKu{o|B9c2$K|!){-xAYD2^E-k1#rqV6o!iFqVm zuK41*CwILMv2d;6D71{K5RhSJN5O9?>jGpl1!NGtiBb$FhVa73!Hv*<8yqkBV8@nq zx2efVEdsf9vCJ~S%4|aEY3cm-IR}@043VUy@>`(9mc4(BdEV^z8hdv^J7&{4@K_$> zUgFx~+VF7N^Yim>GdK2@wD(={;!BM!S^3{9p3`_?HlV)ks1E^S6JfEQ_X)z{z?F~6 zX1E*6&7@&6&ZnCKgYay71i6h~^C(}}!Eka??g|Ph7A!t4S7|z=&APtXy$6m7MnXb{ zrJGQjka)bFobOptAyT$=&q|3BLc4Z^t4mRlM;Q(0)E_qb^(DR_x?jl9af{Yp1tyen;eIVbjz+1&S<&;_sakPw%zblD zKT8iYHfP!&zU0@ZurQLbI*VKSRF(Wy3o?Js6L`gsRM zr#$o$?7rf$6(KV+`H6=4axI!c_8IYTt;Ga#wp8ur>Po<7iRS(K{QRvrSVH%ZKEmi3V-yH$z(YI9PPVR^9C|(J2R9)Zyd5|IeW@aYAQ<2N^RcrLC;v$yQWSo zpEg}Zrf?XoMg(HZ@$;&?ioKGv_pYzqynZ3CFD=U0mFQ8DS@lPAa;eWrkRgJo5Viip z=Z)7QH>)3lA<46Yk)(EI6Ia}umkh;=M~ha>Y8;}z}?|zL;(fe>AGuw|%4#1k)O)vVt z)ZLbZ)>BTI8jnO2P|E&x%Ay!E1X(b9!duuwQm#GOT)W+JBCUJL@@s8tqt|MJJA9?4 zrmi=O6!be%sCjEl28!(8NxIZ>c6LsrkhMGsF$87^8Z)bJY-rdQ`8oSGu;+M}oZL9S zAdQK-00S0GXSpl9oe^X7^~`b{ZKOPt%o9R8Eu>O_#JJG#XAn*4psx>KQEg5s)mf=$ z?>4-S*`ORVh00h;6YBCPo5@HF+A3i-P{~90vBa97N8xJ+vIS(Q(CiJ*lmFL;?-Y?k zK$5qrvB$~^W2;g564k2uW{Et{1J^?Y1`06ZI}N=I7U}7!%cy7<_4=2qbq^5|7S{3A z6~FWG^k%1*G=q>(a#`6apw-V{6!zVPGnSXq8&r>C>c2py*lK|lFL}il9lB=0#TgA& zZU9GRiF(Kei}2Fj?HAtb*m=My;nmeWEQPS!6P2GnDCX$G?>{C`8wos#2IZ;zX=7=* z90n4BWYxvN%dnIg(#0yG1=o*+ z7JKAa@ff|{D_{U;@5AE-z}x@YgGB1HKRu-AflyeNDFjWXKn0@bVO_4WHI}EnWq6yX zQ)#%%=?&VRRpKr6COGE!qtZjsR3d>7n4w#K)#wwBz8k~RI~i)w5w;U3?u%0D)?P2NY)intCgy)vCpJCJ@Y|+9@?}8oM z7fxTn{D=1Je&!k55CL^ZZ~ayz#YzSP0j8DM%`moErfTekG)-4@kQdOsFN5&z5puBn zrU4L53>DNFX@%ek6jcWSv5@)Tcjc%4LtR3kzfsYK2mVW708A7Cz+k#!K7w^g{vw*c z*JW&?nuH;b|Azo=pAq@jUYsq?_wA^UJlkJ^>fi` zdU-o#f5ZULBD+AKPx=v#THNwB)N4~9_3DZ0JrpM=ldXBx1=&2_zq1oq_)C-?WURUe zqGSL$ztcpslhV>#KN8MQ9|>b;9%tjCxB1mA{ClLo(<2hzUW>K)l_q|3o{}PaHhQmp zSxiKFsiI1c#!#h69&ce{d&AdyRU*}9a5#9AcT37ZXA0IF~DT?a@v4mh;ZjLRf zS!3;yksWrNmR=`;hft);5Nv*iDLqslw+IrO0}5RnKJWg4W49Dd#!1X#9LKKdfU*f* zpZHm)G#60ek8#>QB@}S>V(867LiiYPI;_ipZH+O3^09CocWd3%>kmi7F29wQZv!}|KMri}|;yNher1Sg`CNy~R* z18!r9ufbEH^kS#opeNgvh7ta>CTr8J?zLbxX;0j;Sj+uyZt*GJZ8h*9F0tTwb=CO<7&x0I>Vd+s18*i9AutPI@uw~M z!?Dt`@O-x`W@kU^;e!K{8^?OSBS}DwH(xHEcj)hp*5N}Xu^`x2N(Ap0UxzG>kflE6 zD(dA)KHmzcS5<0>vlb#iDX7cfC1Gt!70C6ns1AyFS{=@Xm~+x?m`yBzZQGq18q%Z3 zk3zLpV>Wl}Iu7O!tUkRestB_#%nzJC{K&BmHa5A3zS_RddEMNVP*lu}G$0__EMgyD zTI8FuPf`WLoafSGpPCx*Ye)E<7V?~y=(AQ|wQ`y{9{D_TXiPxs0Wa4)956U!VwvM) z?}AYmRr_#~MAgZBs8$N?qBVa{Qo`ArzwF!7XPDekS?sL9chFt^~!w}(O zD7AsL9*wsU)_A4_#V5-aX=bv_&Rj$(P=ZOl13`-CS?%`nUA@656@HcY#| zF0d}2xsr(H?%#}H)sYRGD6em~G3G@k*85!N3txEh<<|NT0WX7Pg22ih`@oh{nF4>I z8AxEug=5rRWovO3ou%+}gM=8(!!7#XZ#u4|n z4e;P-IQWvwRsv{JbxHh@MAvMTggtatrbdQ~*u1>8#Z3ERc`ygu^S936H|BK+92`$E zdyU$o4o`-*p8G&Tufdh+7i$#+li17ntJXy6Z=j*yHlk9uakE}O(BA_Rh{=eLq3&ZO zhsYy-{)CkmVF5Amg8|RE8#V)`p=W1L9nxzbeS63Z{^h;XG=bZ?vVxP5K@iES+zKx8 zZOx!&JRvK^zM7VxY4=Z1Pf$G;|I?PAI5!a#Z=3dc@!e-GShzZ^@A%7uFmOw}LAQ<@ z%osU{qnFMP8irK7cSH-$MeR@+>Gx$^E8T>yvyPJ;uQ zvjfG?UUFmCKcGrFmTb3Rp%I~>p58Kkka{;Da1K-V*}6^ypt*uH`L% z>Zq^zGp*4LO^Zm4T4gWWu;r4nQFmwt*w1C@1ZU%9Yb?xC-pPnRCXJ?P@4eRaV zmR2*+{>v9c?}kUaTK5^d)tBMn=Y2qck>-w&igSP9`M}At*7xA7;QridQ!r(d?#x24 zNbK@IQY;zJm%wu(l%#BNNX<5JKHEz!EyOpy(>$>R_OyqM!d50mlK1=9$86HUjiVYO zrO%xX*5L~Ycah^p0ZQ-1N>x?$v5`sLv&Q}1 zR@mOBFYqjnJJX}z05>9WodaBiP(i;?p8+96NH8U19s@VqeGf=Ut$GH2yYuK6->ldC z$&IoGEWnhBE%8o+{{(A2sa1@ASd>sVHQ6)0T=3!7K6B;pU=LRI}g59c9Uxv-2eL2uV_)>s4 zl*6&zOx#fUmQw{RbSu(;$&KE|CKyZEmYJKy%md_0Y#v9>e+85~^@-lpM()9xC6$VkCDgGS^l!PG{6RmLVpk)!;d* z8ETb1iv`kPQ+8P-imOg`4`>9xGZEWvH9f>xtaSxBJndBTqaXn>VRIv;57+jOVf6Aj z>pBvl?Xr_e{oWcZF~fMMtGT!W;->$WK1L!^zEyo0L>J}kjB{$`FY*IKRl?EWcF&c^ zV-L*=)+%*^n`rZSBRa@Yax{L;O0sbs?rC9bX(X7SCruJfOEvu^F@fS2naQYYm@!{h zU25C}OB?E}`}-mwr|$cZZte?_1%K!4;>gTu$)V5Suw3s);$k0>$egEzY`4n+xX+Cd z{^LLjSzWbt#0}P+-U^2(88#0QHn9!*E0m+3v< zL@BX?+nmjX%4XV^^bBe{Pi9x0R7rs@9jCotpt&HMg1LlFFwaE*Ko+2?M_s&JaQRlYzw+ zXDu}7_Or9ve9fAAy*KRhS^c0OhKy$gb7<3DV?kOmX~9qP{ISF*0I6xFzPs@p4@lru}ws~u`~@7p8L%yK5JxjN2KpW z)Q5UpihT0}wOrq+JN79NqOU=mlBoMuW*F_R>pE00WXHisCzSQ>$4o_KX}sD@ck(+A z3__?@Av)DqnkXQfN&$`b;Z+GOubZU}$wGWrP*rBTzgWL8OH1H zins_j7n438=+0u*13#Ybnk?GyTR*f*7lz>iOUXo-2Bs#j0v1kM7ZY0XRmY_e*G|P> zJ*=^;^2a77R2$C>d<|cVKZXd~p3a1-?KB%3FHE#p<07>bt$rg`R&cx9L=+`HYfEc~ zZvEYMu?8@-P)O?4dET;8@coohRJ^h8guGn1-1FUCN}RI$bTR?syt|vekYtS)n^+Sb z4);pzJ8%qdTe)B8G;)nz_k8hyNF9@mfrbuGc1jGwGTCEy4YpptRo9mpuU9U|!{A5S zkTzWOV_lcs-tobqPjz5X$_@#30u#9_acv5wec*lk#>aP`LwDHUl_(yx1`T%TU@-5KB>qi_;tR6N-9LV?Ir__P8T-U&_<@f{>fqC|~n!AJ2^KT1 zoL?|Ls7qSMVDLoy)MFSTKDAUKRtW$KLtm1UkB$zoin-^D3YU*>Cl!cJmE3qqNR7`x zA@pAUK&iMlHC3*=7utfbPafI>dq44rPLpl2quYph*OitY-UoNUd_tb`4G{}|Xt&e5 zl6aKQIP^kAARl3IrL~ghX6~sOJ`tUtFtW!SIX^*tMZ{qR1hs-6kg{%i!0I7W zn-L~BR0Q?p(KH-*+j}O^W6%_~p(F_>!qj}b@9bB5QxRDe63&c4U~xUEB-h|Znba<> zXPh0OHuBUfD|8W~-X|vA6?d~NV{IoWjgOg^AGSE14(n}RL~7k1+nmLJ`tu6HN2pqK zYAVOF=ena;nEN-!{}k#RW%qxGD^?FK(K3d@h;J^{}3xrE)U(1y^1#-L?v|4pnGkNArfT4vwn?& z)$MixUal-4#&O#5R5OTOj>Z(<)HeTGa_8RGH??|lGN%Tcn)+&s4xz`&eArmC>>I&e zOwtOxN0m;|4mSfSsmK{wKp01vW}62Q00TJSzOptsXfRGLBeb ztEAL+Dtt1S8d2W{$#XVT&OPk`YczOMbh7@vVPn88p*6iT9EywlI6%7NHI=xNBxI;uDN z4;`RBhkpyXtUnB>^RFyW_HLDki|-AgTxn>ShvgQLF1I*Q*@n2>)m0n}OF_`i$vc~G z5K;5cw(Y8`OW~TMXCMu#){jgg`D4mPH?pUnk3yGjB@lv7&Fi*fsIO$I`POO@A&}_T?ON+74t|HBV6F1;m|a z-VooU*0D6(nDBlV6!RGCD|?MkG?d_<*|#IOXN~WJU)o7GQ<(v`AjSUhn?Ost8Yi<9 z$7}`$<+%*H2PpY3qa*o}3UFSsbh1u-M7>j$Bw}N`_zWtU${s2z3?mSYtF5Zm+v>2X zw`IS;W!1k#jxVj|&0JTmhop$%s?XI5THQnS3)Hk=5@;uD^aaBFNenh+iX5 z8!nxO&ZdZ`@eldSeF7K&TfJopGvcGM_DDKk0}!Oz`Q!VLwSmKbWIuX8fwGhRuqT&c z{zX3CoPQA!o|QH9f0z#(K*po@lcfo8xxbJ|F9ra_7>01Pg#K0iFbD$~t)=cnRRRzU zfZ6nzB!Bh8 z=jl?%wD_Iy5zt%Swm>X8gWaZ#{xzh=uIOm_Z-Cil3KG%n)_%VHH*o1THQY+Q0^mTT zO#o(GXsLb1jEDr00BEXS@2SGlnXhzdG_}I%1mEjJHC9azWh37kn6SpfV#7vfYgsv{ z-@+q z33fo|9J3+8!NH#&Z>ea@xrs6h(YPEDgY33FP05&BG#0a1j*fh+^?H|lEgl}Z*H_=8 zt~Fof>#QKLEB~y`{bX7>ISgoWnK+^$Yi264m)cj2&sx?6R@#c?~hJ;Y~>yE)hYSmis?E=eF{KvZZYT z+jb_*BFFRPf+W`JnwiUe?In=ZukER_OE17w6U{H>ka4FQXTf%RUaNYj0pkLr7Q>e` zAcNR{Y0dJd*F;lBe7vHRzL7U5FjC?T%R%qfryU>e^vLw|Z~6|%j$e`kKb_SQI|ADk zG(;PTE%J1DfY7BR4*m=MD8*pm;IL1F@$X|6{|jKcpS5VgfV<&4*j@b~Uv*lPn#yV4 zh`0L|f~ShoXrRG6=4*;Bj`2SSwd8cV4!eg=UuRZg)cBUZAd7GL*Ds;$T&g*qmdU?# z%7-Ap$e9_usEd-RE2u{d%Agw`As?e}Yu0|Lgk0oNktslfz#vd0n**y_5dwoRRR~tJ zT>ZmFQa%F1cO#U@Rjg5=z=A!QWI_^y%7?s_o5qu*ZS!1jeq^9}S=JH0ur&BJ%6c{o zZb%WR$4?gFXEsM6X?0(B-e+EL{olOA>>1e9(UcOA_7Z}4rOz`ha$UV&t#D!V4C^6> zH^BLhlgabxSc-rk`3W2#atpj`y1FOwZvmevN+RQ^0j5=}f@8W&9_Uy5<&NZTk1?JL z2mf}_J=O84h2-hXsRKed`4)siX8A7^h$g~*TyrU@(IydK*0psrPkq4P;s67DBe8i>Cf`eqbgiG zCw2&u0B5OH{YAIL!@-`g>$$TvuNW-19A#@!MJRwr#q~`W>KQnuA)WCIEu9aDd3$wmwdRl^`bc^!9Wejo4yRnWM}b?;Uib6Nh^gH6rCw=ja(iy zw5-!pT&GeIa-W2FNnRI(L@<-EF8!~|c6|BG?*prSt0s2{SalzlgOVIccc+I4 zLfZJNR(D~FN7=<>w~`(2kmvw}0OJeiwuy36%NRvx-*94WWwkc<=$Mc9H307;;{}AO zKye+%V;SfB$@Q5S;DH&5k&pZR;B6#wz5N{l`*dDSU8A*25mzWCr*-O}yAbBhW^0$L zCL}MfwXw1^8)q)=xwGn4F)Sce^~PI9rKAwr;5#Z;;pQy&PJH!H-1bN0n^fV-udj!0wB@m@ zsSn45mWk#<2CZ8seR*()I#{<*5l9w^ZCKQ}7u?srN+TydY+$S#?!UohJDl2ChR!#CnpS5W zTi7rel0QmYqj%X%L~l2V!C-1>b=PQrBG6TEG~rrF%Mo;aj;^vpf$YaHVaVWXfd{r} z|E;>UyqWG939HOwibFECrd?MWJO5<4Rg`b*c4`iAC-jn$-~tbas7_JM-$Ci zP+Dip@g@M3=!KRdI!U0S&^H{Xs3B0d6P3;yhHnmb#4t4CO2GmCL#H|D%(@^mTh~^) zW4q2|t2p0-I?ph(N*ABUh+YVm!!j7~g5dP(-bFLdl;6v@>K2y_4)#3IQi~4!DUm?z zMe+D?zGtHJXlf=h;lnYxIO``y#7yd9HcvG23o^Ri>Oi9qo1|R%Sxax8ui(87;yNUy zJj9Tn!lH$_HB@f_0xu`Y?S~3SW>=frcvZX>1OL>vBj*ScF>x)3OFdQjTMy30ZTF}2 z$o3!pc0b{P;t1h2T(iMJ-jH?MW`qZI=;B0MMM62w%7&t~1xfU zW)zdY%iVp5yqj0h-OEkATZ!GfaxaN)2a1DC4osW@Je1!;Anrd^Lm0bpl>Zu?g0$dq z*}-B%ge)bcxCDEGLcauo{uGW8Ba-@#S6T47g-2>tg?F6MZsvBal-Uc1W<)SsEc?#m zW%BccK3$U;_r97mNiW9KUAN_Ii|Pzn$~JLpPUJ4Ay@oPzfYqtuMxNK;0v5GW_UWo|J`mvsi>Qw^L7dGk`bbATH5QQOTDSed-_Pm=UG zWvxV`NE7Ag#1>2tS@oryNWM4>U}v z25si4T`d`;C{ubqIEXDwC}dTwOT;HNR%~YPL2rM+={2mnC@!^J#gFa?c0n7(m|peL z_WTx%aWT>(tS4!0m%a4{c4xM$j>uZ8u|4Q)-Uu#odCajm0a554_kRK*rTc_#9xHde z(SqB`R5rU!ycD#n_145>(T!FGp57?Z$8Qa%*BO9SWJa4oI>JOrBpv4jo~=ySEB-%?cH2<|T}jRf%5{i?d6q zLlQdD;ySvV+QBq~4JxT=rsyu>gCpu@-jgVfjz6>x)zJEU&=-ug$ROCUWm+_x!0b2G zoX)MPOx#`J4{hQiW>AgyH$6x)SPUz`NDH4MrLA=1+RO4 zwwC%-tGT;sN4m{%9OF!`b@gUxhUf%_6^WHlH@w)S8#bS^wJbC*6j5KmuMMwuT~|#| zvqcZa2_z#u^G%JGgW==+$5){#1u#a?Z7>~U{2QUEqzSCl!dFcQl-Yy+4*NGMlgO2V z`bH2t8eHba|1*JKHP6g zH`&IeT8>+-N`t-SH-kiKe)eg?{Jk3{n&KVH_gkq)CTU7fN# zpLj_@vGs!A>rIQ5`(ME-4{WqUbwr;l{j@eLcg44UPVl_+l1@d}@_jsloJqr9Rku^yo0nsuKdP%)9cl2y}C~*({BD>S#g-l{|fm+v@v1HH?!Hj zTcwR}$NO?VFxA7mBLz{_hrck$@PBo`?` zfBMH;ocL-WysGQ$%G89qx9NcM(cY#G8<$XU%#|QmSy`bvT(aVR{X&$5tj3}Getkm}QMumr`!_ooU4t~gaA7XFgdoj^7a!&D*Wkw=p%?GX zuXj+}lB4odHV#(ST$HouExzvWI$U<Ls*Yjs!@)l2Ud#;)V%*Ov zDf_r7FqoY!%r!YNgoXl#nnXdLB@z}!QhPo_fq}4RRu2Bu*iDtWilx&Q4O_|X84D_1 z%0_mAT~kav?3Z?f+EL3S)ZDWrk5yi8!z)ZGr#>H?ygO;`@8#}-CnWe_wBLMp7^gvp z^7tBRNqALVu2HO(r14VBe5rlq{s{B|;gHKGo<y1&fYiQ);@!nY8q1P=rJc4Pv))AkXRhd_MQoGEOtR)caD0dK2rj&^5YVaxi zd{gQJpT6JpK=C1EbxNmKe*VjQDoa~P6)zu#CEM1GiItg|ne|uOktZ4Psz}^@s5C>) znBB?dHOQj;>4ht8^yaX)@3QTmD@hQ+^mHQ7ZZT26&CtaGpqs; zC!^Mfqmi*+qSE#g3B9}~q-Wh0Tq$b8M&u8%*^cJ(A4#H&xUQj4&Nvkl) zZsG>X-0ge%Yn}#|cn(*KeuVy$>7M4#SS_|V|0j#TIy@X5`@K$1YF=st%8@D#MRwqA zV0j<*w}<7W*=eGrK;08bF?UikjT{8TJ5#*t%!{Y@Yq{Sdv(Mv=AMxV0QdZF%z@~wM zu&enl2Ez8&95!(klyOZ2NW=DIvikfFd04ZZW@iRp(!BG-Zx^PZ90L=) zxLB@Je%l3&e#*?&yaf=|K8T;v@bR2e^5-4cK9|@1XjpCF#Nw%vkP3B8I73dGN{Qb|c{>5V`5^hcr7nK*I? z=H8sG#Mm?)LAVbQSQ5`&A%BMI@$a`<_0}-Gl`>^f@l*fux>Zw{u8a)*`CdrN4uV=f z1X=RE^801Ik>-uMdPz4lyj+PMl-%5Z&%7rsiw$(6pQ}^BL$%1~3yZ>z{WW#056Sr& z?D>t@wOPbPR(j-|5F+T_ZZQTtPj0>?#H>#tPTFhUxK35p)L8i)K1bbjy>}}`8KI;6 zMh0v*5jhm&YQQcl2)7?m)!2y<%t&3GX9^bCbH1Fw*x$5R_ivVYhuW+i+mQzF z8GKSBm=(d9PW?(xT!@zcFSUm zJdPIL?n>}X^t#fqcH~&Z1!32-8rUspcHB-1!fbVW!Dn{%($X<82>?XFkJ+u=mNlru zMnWKsp@4v8wVt8t7iHhOHXAy*33;Btu%)dD$Hsz7bu|O)l$vUKyRoPky)?Qd><=P} zGi8ig%_A>Q61WNH(b!+F%KV4Hgo~iO_`F2SjZGGGyx0MGb>WJj@!#2ySy>h^;R_N} z8-LndSdS12PVLpxTQ{%WPK`g+{{qR8WApZij?$hb=%ae-oq?B=Mo?%gP9ndNItJJm z27e(~2YY)u^5d0>{jcu6vMH`5S{s)D!QCMQcXua97~I_@xJ!`W?(PH_+{54+++BwR zcS&#va))zr-g>L_c8NJk~rtCoHr2G%=;onoa7#Ua} z2K-#ObFQ+NmGvuhN->!{EcdLsLtHqT>&KaM`vl%CkMR=}r^laC9Ram9CV8h1W($!G z#Cucwg$QTbs3g?u13j|yZbxJzd2o-@KO3}`Xxb|de0hUJ%&S@oAiX%`OqD3!-(ShY zx50UPZ0$+}hV%vcigK%8|Q#9!ZzhR!DZy!s*roTwf&0V4zz+ zB{3ZuF>FSL>p!a@+0~}!$;kq`-1pECA(h>ZzR@dvUS~naW1u#hlb#7pPh@~mXXnM6!BMO| zz1!qWoP?Z?8iN_W;zeb0s_nMmCF2Wqms#7np(MDDN4m7(F@^WVaX^<`9#|$M?~Fb~ zCe_GPsR#QGHy>omO2nG>k>m<`cE&B?CV|6g!QuxdB{5@yIZCO?NX-R8a z((!#S$Gdz|2C)nw3>Z-L974(ctO8#39IYe(m%ww63;_!l5!|JP$MRfeN(H}o;i&j< zU$OCU`_eO-!lbn8VU-;V49e&#)X=PI-{9ro^nMF%-?D8B|G=q^nE8~ujqhjaNF$@; zc!&z}S}EfX@$Yw7(a-08ld$ko??TuBO3PAQzC);K(smw&u$v_@N4_b4?!UMHF_do+ zWv~3R?w!JLUMH=D_|`fE-=7wa-8=(4>eCda#l*V0+!7T_Pk!W}qti4OiOX0S_jmHr z9IuhPIX{fJFoMw*kI; zyMySi{qD*2B|n>x^OA^Xv(bj890T_m*K$e@m;S;M6wgss9~aBPgMRzseDEOJT6~t- zW%&LtGAESBpzATa^eR$|O?OcfQoSbj5_*8`pc%Q5X)FI^5gxBgYQQ|4`XN=(^HV3sfpIGHBmh3EZo+*U?pT*>&w_PHw&CaIcops~|Z6~9JnB^*l$Z}bRe z3fGFNW1Z;|x58GkX#WWZ`eObK2XaH1KFA>Hw-98cWG;1;#wO~xf;dj}W`2Zjs?p)R zxd=s0bj(8#vDVkJ7@iWwJ?Dg2q_nyMx^^w6!DF())Ku#ZyLyH~Jb~b#-Zw1Ce+`lhM$ZF+pj00Ay1bLxl7x%TG4qp2gT|fJ|0h z7G^bEZx-6ntlWl$>+6j}+kqsiC)M#JD%C4MSiW8IElw!a16}Z|)r3&i-!FxYoy?&z z7H1D(o5xs7*(4aes>YC2RBV6QIBeW^rlyu~>|M zZ9Lmz*k$V`tiWx_Sir*S8=?=dA-Z`S=nka@;ILWyzb2vbE3jSzU*}u&zosMiE6iUp zameG}9Pom+S6DwwgEjuY@ju%r$N`i^1^JhLwG9)*++QP(2Iey?{~Du^w?oJfq{-GG zDKC%!-SA*Bi5EMT>#Pe?(B?S5_Y~fXyd!qDzx~M^PS-|nO`zx#>8Y1k7 zD*8WNfUmmHUo8I>rv6GPupo{1pDv28x~T2c|0j$ECaS9&%}{fsMR|6Osd7yGzd1tC z{cqq38usmfk&Oif1)UQ!-H`pAULF)2HIiJ^oeC%c2z;MErPYr&O7YKBA=-<;V8l?o zqc`n7;g&NnScepz?C21(u&}6$_>>f7EKT@#k_<58S?2!!U1Ai03B?gB4QAPCX?WQa zdoHbz7Nsrqw;v?y4gjS|O<7l7UQX|l83UpAr~t!q{XY{P0XfC5vl;Q?^{J|Ow)DfquVypFNpd)Yf0 znpc0Af`S5sH$)8phywyGJAJPG?>589A;g@{+mQ0@(NX_?o77N}nx>|v^73!e$Ev$D zE2bLK(ja^#{t!5jaUHW3W33q{nJ~Z)^O~KTIb0PdO`%;TR7d?7&41c%PIsxnEI4gY zAj<1IByAyTSZ=Jt_x9}icu7Y`M@B{_EG!I-h^q_|y|%Qpw6(Q`)PRtX2m*mT#?qLH zxozK7hkC#6q1XggU=JQ4A##x>1W7VVOl-U8Dt9~`3gM0;u$dSi$2sqVz%R65f7l)z z5;U_R{j_xUreI2fiizT0;>bu|-s2?tHlLpm_Tg!Mwj~cvRxZ7J2LLqSzBovgnnHdPQRY4BMNWt65$q6#C)YR0Vx8#C^nKbiU=c_Ohp&XbD_1g0C z>e`h}Ut$mOaeus#75`EvMmJ8o!R38p6vM-41*U7{5H#%KmP4|08Z|aCF|oDPO|n7q z0)aq~6$^O0V;?s5VnoJCqyDl5_m)gZyQ9u4GCEoT;`oHnxJ7H3$kD@Xa72}qSU|u+ z3L4RP%q&J-RV~e|MkSs{KZO`+mEftek`k)>gMJ|-gK8;|k>PltLz-bU^AZTSxV^l# z3#lB^sX^=tiB3RedE;cRk>MU4tPlbHoD}2o&6thtx$xR=dV1WorTR&mYp0$Hs=LWK=j*>ozGlo<%A<(epP z8Dl{h%M=~EyZEm?qwX}~=;=SM8fU5q)IHs-IbzcSP9OlUpIv^XfLx!g{>UI0BBFH; z*&rcn`YpuK6fuh9hb$xib__iUd;aKq_C`dsHXKO@cN6|C4-*3}^>dfxDH}6E_dqk0p2VU4U7Pj_oP1Jn?8QOa+xu_`L#Gb{os8xN2F&B+Rcc5$i3fKekK{h|QAEvhAm!v(om|Mq3S zQ(~XqWg!};VMP&HMXhiY4*cuW8ul&;HG@0yp<&$N=R^d$@2s_?f=@;bE!vjJ%Ik7v zU(X`e68;#J(o}t-0HpHbe>3ow(@Ok=`*YnPQW_A`ddLgCB8&4Y;plsVEN%4d( z|4ySpprx7(8VPyUOg-{G=NBQ-gbd4%-^sW21=9ttAN<gG)3vFYQQZV%1qho1fD>venOF$9xLn4MF= z*-P%F-nFs4t|2_BU;D{sp@C!KOU?BvFOQ5V zz9({`#-KfpRPbg>^o2?Ho2;B14u?3|H!=MDH_GN#!>O2yw4%e+Wy&T%?Mg_ZXAb)o z+JhbiM%{{?JFX>Kfvko%51h&N-uP|n@%%zUy{?;@?^btC4~?R!7@)txf5zq&F``;Qt**DHwMK<+Z%=)MhNu6 z6rH&hkj4_{*Ta}7RVHbjM3KQk+PwpWnn$GM=zOpqg1#;5=osQmAB@_Q&!_*4&Q>or zH$M))4{9r}N!WQK2hKFQeNq5EHcco8uU2Ve9qy`424h-OptwwqL=$Vd{XmEh?y=y^ zcb5fVjt$08T#VwjQhGzGDPr%uN-*BE@vxj0J=NsY9d_OYa z?&WqZ>H@LPW|J3DuV05)ZMcy+V3fK$QrMbZxRa3B@iW7s_ITz1=<-Q=j69#rF|Pm- zed6Fy5$t!$Ps!$EPH%l{piFD9TzV4^;s&#Xw;Tg7nUe~sWA5*E}&wG@)j2|u7R8!La5nTmK z1xQZ^Jgz^^wU984KADZuujl*aeGclj(-AE!Zb7x+5_}kLaQ-TDEo5lkt+Up?k0Oya zaa38l|2xF6HMLSZi8f^-2^+iqF5h*NT$Vi(&yn?Nu|@QGvNVTxiE>Ka#Evo3l#pBf zfX?^mX78@HG_t&TY92IOlo=NG#_l~LIf+f-XfblP!5$kHf4s23&7Y^Eg$e2dqV`?% zANw5K^yo@Yt4i-`1vaG+G#(Cb;toH~Ovf%AVpZVivtpzOSDUvf%ZOT3qPUn)(F88Y z_Js$`ZyCbB>~^#|3#4UC8q8IY>6uHFbUtOZhLHF?L}h0WeRWvTS{nB9vtExo7S;^W zBdE}7sg{t=Xp4L*b;wnxpeI_}fVOY(8DV37&dkg6-yOw;G$kdaOxBznCqeXN5NY-&zvq;7o5}ldRzv+2 z?z8bQcHXW2UL~+B*{!p>tU%{=_r##zQm2j+KOfayey_=o53d|@L3OY<$AC41fZs=( zr(>LgFS1KCHQZw9|- z$2+6|o??N-uJd-&`n?@~=te^8vyx6b^3yAUbP?v@bo`;3tDnx>Gts5DlM`%=T^l{| zqE?FmHH%x+kiL)Al|)h$?|+*CBw7#id5t>T_D5Dtd7lZilbt`-pkltO;XXQgwn~~R z7gWke$QQhBBx~;~x&`ute00+B-X07A9!a!D(Rfqcl=VA0+l_6{sqx;ak3P@eu2h|6 zpD|V<3HsUx3#9~#41%yI(=?zD%m?ZCvvtZ@k)1ORjVVfN0<-f>nl?roGcvM$-{=xjxU?$t1jMqbGSGRQ z2>$4$o@BjRs4OVbXZ;Z082JtUNRz6CQ8`il8CI-E-=-*yW;2pK17R0iJoI^YPnFit z5;#$^z`cfM`$5)xhge&5eCZwXW_vt9Z`!UelX5*vK3aofs%5kVEq{I&RMGhZVd~d+ z80s7yoc*^322HlOLW>}mUHO(@@0p=43a(Q{UW^uh%A(DGSERu9fFsR5wO$!;7UNBl zX`MEouc0*mQy4x^LiKy+3Wd2Nz@~`B&X(785<(cTSU%SlO&v3EnAuPttBR|7?D3e+ zyM)=W=xMl=7RKDpci!Heh%qusLo-m^G4<=|MB}lPe9g1TPEIkRh1JoH#{8`3?W)jh zmFqdr&VBM-j6f{2fID@Y4Cw~omer&;nni!SlODoIbxpZTE;JZay(t`YzUK*lw7cjWxSkkzHc($H(q| zP~k#q%T|t1#cph5dtZ6;C4ktUZ^q3t9ut%$O3;wvHfI(jux#xSy@IN-OTH>^d)dyY zMF*nCwZ?Q|&SMnLlDm-c=$<5ASr=2NbWf+;3n}(DHPwU8;Z*!V>f`dm`0kPf99%rh z&ULXzCgEc!*!8uvTt#gT0E?hq=I`J3eH+1<=#ydmz$`Zm%7^E!WI4Uko2ueWRnA>u zsDlMA6}FafLRFOWgNR z>_fn9rEflDIfCrsUoBoD?S~^cUw|3Bop8N-#hf{!DvWk0f2N)g0kv(J(rK$?RjL@X zi}PaN;^nnREN_3c>}O7!O;Q~57gtZUQgixnSyVlr&HnLBd;-mJZ#sP?306|cJOQ?3 zJf|(?#>caYzB3r&#v;wY5|pZ354k)xM7t*OcB6OJ{tWh1dHLG?G2wb=k9lijO?f^@ z>i71x@BAFwcR^@WS^G^g-&N4Je462D-gPb>hSfNV_^3x1zRAsTu^Lmkyy?^Q2g)e> zItn`c4y#39eiVze!CjmnQF_xzE zc54)qI|cyl?o55?jjPGT+P7@_kLPgS6a%!6LK(_>&D;eV4XyAyh!s@KR}uu2XAcY= z5(=MN*n<-0I9K!WRvbzwp_p++;7IG6wyNb*d*BN=9@DY#tl-aEoX~|;EYy}(Hd;^L z(265mpDBaP0n^tPjH!Hk|9->DgSs{zrY>t#1E~6ZQ`$+k2o|Mhp3NZ(r&L z7Q(Dr$@D$dfWQQ|iE6<_#yyjqiHS^@Beg4DdXJA?sQF#wH0-#5p%Ova!^#Rap7 zuFpzz1GCti#>mESU*`f_c0G;*)HFjs9k44G^eav)&z%aDJa?iwNE8|#0_#AkaNlAc z-cp=(KY2KwKuBqD;xa>7}mJyN_yJq9tAyL{?A;<0=q_#U)lo z33j|x!p6FwqSFB9qCS%U^#9}6{c`62=gy6q;R-Dq zQ*QFfNsksOP3JdZUXJVLQ>5lM^h*Q}@euem7}yUlrore_vDtLWhf2fuK`%nJ5!_QY z<*c78!feQe#}(#-);o03pug|=J#C$CY?p8PiL~LBlPoLl9t^&78(!@3MlOsN1dlhg zQoKb%>Phl%pX4Wql`@YkzNEv%>p{UpaW-(Ws%;Mqe8+Go=^|ow&VDg-LGVBrv#YSY zT&20RcM1-Bt5B2$m|aGjwW4~Dd9gUj%37iRlU$CN-7j0%D9IOIM+aZMncusoZljQm zyzHc;$j}h2HtOKIbky-v6OqRK0EaE3RD*c2t(r$<+sMI?gXb`s3~+^XxjA~Pg8#W6lL9i4{-U-rtW%+GQu z&M77?qe~3j{T&**+Qq;-ZDh-I84?b{H)o$MCVIcx#y)7O`1{8Kddz$)3bf5gzSa@X zB)-%15$LjcGDY%FH)77&aP|Lnmnvl>odx)!KdsN&p(S9e>MQA;R|{NahrI#*K@#E? zv=F3(ucb2-RaY;Wv0Z4kMRA?e3UKPnsEjPAAJJ|R5uZD*+3thqmjUP?i8z1qNMEFq z(GmAgH6#HsaksgAcwBU3Rhw+W4Gq=cQV;=8vuuW#CKkjuV~Cb7U*^ZZq=clp4tE;~ zW+g9KTH_J>Kl6+3jy(;Hj5|^VNpCO>Y8rm!DQ_{_Ssi0HlYMTFy2!q5OQzboFqQPT zHgU)nK#Xzp7bq=soH1jB`0ahT`C^vc!sAK!gFFH!tlxdzpcGhL*5;t1>T`#Q=|h8? zR=RH*GL~Ks04p4)oZCAnMDDk9%uY)aV_Vwil!5_UKOVi-a~dXGKPXI=CE?D)Chb#P z_^BZ+^rwqZ{e!A z()#swFY787U0r5&c%ks$d0Y(#)J&<-e7I@sYO-a{3T6Mz{hS=uW#})F0}|%+tNo?4 zGK9qew7NZyw_63acd?n^D)IX-Jg;cxNJ=Z10h_c+Cg3b{gAH8juPSWX_Ry<;o8SorsGn(kx?GPgkn!ML@7_;}o zAZ*XFWO5H*M+R0F%Vra_6ykYkx~?>@3eh0Bba_W*2{X~6fAGBn7W?RJgtk|FD~yoD zVJBG-)mGOZm;8;GD8KT2X^uDpg*p%)S;gy!5O=e#c;3au)}FHA`f*U+Tc3>6ZTE-u z=!x;Me!+Pe=47`K{q}Nt4^EwXYJ8IddpMkc2)*0agN%9_;(&`lcDhH1Xf+OAXC#b! zhHx(S-*f+h_?OK-T;k#5hvT@ox(Wg%eLE#gR8%k@?A1yE1AXOjjw|ly6a{m(Zc^{l zO*$h1mDE_7{VTi$^FEOu&q5*^dS~kaF>body17`9;}?n7+DIWdi6Hi6aGNrjt4@v$ zM#1%L!_NUO2f_R%F>&hOSZ>DP%w!dG0Luqy6YMLZSiIv~a}I3BhgD5BUoLGVF<#z= z+3bpOXO1!L(Afd3KBpJ zfl6%I$&>enlmW52W);NDOv|Zia2%YR^}$KU_dF=roif!jVLM2)m&w_UfTcJ1Er;$z z)sq>2m`bL#S?H}IlU1z}`&~j;agPz-lJF&@q?mgjUD?hg33nT{!DuuO>m68t6&myg zW0fiu*Om(|scu7`5bl+`zlCE>M*wTo+??|^pIH$yQqSi+PkEcva!ahCR|#?Dd4}k5 zqGo4RtF8$-%p+pG8zaYvd9Ic*>T(%5?Rf64#+kX*Kg)lUZIz#sI8B(vBo+koXKF<8 zG{042>#}a+vUdV+bXSpamK_cc{TUsODPj%JlA$D#oBmR0CT#p`hZHF`9Tc=u)QeP= z%E4tyn|dnc#uQnNv*$bh@iKX?B4<2=eB{Zu+>=pujC*!btfE;J^(a6}t<~!g+l-nM;5+@kN(p0t}9^1@apGV#sh@Z=b%! zL|H|Z>PJ2(Bg=KWbUOvn2G zL$6617#L^?^DY9;6HMj_N7KrjQ>@}_z*Z5_Irk8odIPbduS2LPG)^X;JL(=S&5Ar{ zYl2xPV?dc9=ht<1D-AS)l(*#aZqqsN_jOjeotEb(l!3x9^#u5_xaw+UohOMxM^hC1 zQXzN-0-Fc)M&(`gKdb`5W0eN|#5{H0P2>0(sjW}4D0?vOCNRa;HMF#})YO98P^dowcJ9&I-9GP+C)yD(OOi&n z<`ooB+#YLJX|r}$FtF6nwfi)7k#(uW8xgRH0Z~bX9KaDOg_0&l`V1S9_S>0M=>P?8(akjrv3dRY@0#TuDes4X5Y6M0(-U3aapTL2i> zbEpoQaLQgU-Pof4pYDMW?GD)CHqb_4BwwG6k=WpTaAC$l*A-JEDJGC#kmZA>=&>Un zL-;#jdJR%|sJhut1&IFNkhQ@JsK3uwJa8HI$M!}khu{BsS)LPI-6>zAy^l(TlXV5MCVt*UaFXZD#7-DL~}(^W9w|KK~Rt;Ck>FQkuVPWAMGK& AX#fBK literal 0 HcmV?d00001 diff --git a/components/engine/docs/sources/articles/b2d_volume_resize.md b/components/engine/docs/sources/articles/b2d_volume_resize.md new file mode 100644 index 0000000000..431e377e58 --- /dev/null +++ b/components/engine/docs/sources/articles/b2d_volume_resize.md @@ -0,0 +1,45 @@ +page_title: Resizing a Boot2Docker Volume +page_description: Resizing a Boot2Docker Volume in VirtualBox with GParted +page_keywords: boot2docker, volume, virtualbox + +# Getting “no space left on device” Errors with Boot2Docker? + +If you're using Boot2Docker with a large number of images, or the images you're working +with are very large, you might run into trouble if the Boot2Docker VM's volume runs out of +space. The solution is to increase the volume size by first cloning it, then resizing it +using a disk partitioning tool. We'll use (GParted)[http://gparted.sourceforge.net/download.php/index.php] +since it's a free ISO and works well with VirtualBox. + +## 1. Stop Boot2Docker’s VM: + + $ boot2docker stop + +Boot2Docker ships with a VMDK image, which can’t be resized by VirtualBox’s native tools. We will instead create a VDI volume and clone the VMDK volume to it. + +## 2. Using the VirtualBox command line tools, clone the VMDK image to a VDI image: + + $ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi —format VDI —variant Standard + +## 3. Resize the new clone volume, choosing a size that will be appropriate for your needs. If you’re spinning up a lot of containers, or your containers are particularly large, larger will be better: + + $ vboxmanage modifyhd /full/path/to/.vdi —resize + +## 4. Download a disk partitioning tool ISO, like (GParted)[http://gparted.sourceforge.net/download.php/]. Add the ISO to the Boot2Docker VM’s IDE bus. You might need to create the bus before you can add the ISO. + + + +## 5. Add the new VDI image to the Boot2Docker image in VirtualBox. + + + +## 6. Verify in the Settings for the Boot2Docker VM that CD/DVD is the at the top of the **Boot Order** list. + + + +## 7. Start the Boot2Docker VM in VirtualBox, and the disk partitioning ISO should start up. Using GParted, choose the **GParted Live (default settings)** option. Choose the default keyboard, language, and XWindows settings, and the GParted tool will start up and display the new VDI volume you created. Right click on the VDI and choose **Resize/Move**. Drag the slider representing the volume to its maximum size, click **Resize/Move**, and then **Apply**. Quit GParted and shut down the VM. Remove the GParted ISO from the IDE controller for the Boot2Docker VM in VirtualBox. + +## 8. Start the Boot2Docker VM, either in VirtualBox or using the command line (`boot2docker start`) to make sure the volume changes took effect. + +## You’re done! + From 8854caaae3366982e12b9351568402daab7673f5 Mon Sep 17 00:00:00 2001 From: Hollie Teal Date: Fri, 22 Aug 2014 18:19:58 -0700 Subject: [PATCH 018/540] Additional formatting and markdown changes to B2D volume resize doc Signed-off-by: Hollie Teal Upstream-commit: e4ff140fddcc0b23e10e5db5a49e77e049460b14 Component: engine --- components/engine/docs/mkdocs.yml | 2 +- .../sources/articles/b2d_volume_resize.md | 59 +++++++++++++------ 2 files changed, 43 insertions(+), 18 deletions(-) diff --git a/components/engine/docs/mkdocs.yml b/components/engine/docs/mkdocs.yml index 7cdab81c17..7883a1e444 100755 --- a/components/engine/docs/mkdocs.yml +++ b/components/engine/docs/mkdocs.yml @@ -92,7 +92,7 @@ pages: - ['articles/ambassador_pattern_linking.md', 'Articles', 'Cross-Host linking using Ambassador Containers'] - ['articles/runmetrics.md', 'Articles', 'Runtime metrics'] - ['articles/baseimages.md', 'Articles', 'Creating a Base Image'] -- ['articles/b2d_volume_increase', 'Articles', 'Increasing a Boot2Docker Volume'] +- ['articles/b2d_volume_resize.md', 'Articles', 'Increasing a Boot2Docker Volume'] # Reference - ['reference/index.md', '**HIDDEN**'] diff --git a/components/engine/docs/sources/articles/b2d_volume_resize.md b/components/engine/docs/sources/articles/b2d_volume_resize.md index 431e377e58..d9bc9e0dd0 100644 --- a/components/engine/docs/sources/articles/b2d_volume_resize.md +++ b/components/engine/docs/sources/articles/b2d_volume_resize.md @@ -7,39 +7,64 @@ page_keywords: boot2docker, volume, virtualbox If you're using Boot2Docker with a large number of images, or the images you're working with are very large, you might run into trouble if the Boot2Docker VM's volume runs out of space. The solution is to increase the volume size by first cloning it, then resizing it -using a disk partitioning tool. We'll use (GParted)[http://gparted.sourceforge.net/download.php/index.php] +using a disk partitioning tool. We'll use [GParted](http://gparted.sourceforge.net/download.php/index.php) since it's a free ISO and works well with VirtualBox. -## 1. Stop Boot2Docker’s VM: +## 1. Stop Boot2Docker’s VM $ boot2docker stop -Boot2Docker ships with a VMDK image, which can’t be resized by VirtualBox’s native tools. We will instead create a VDI volume and clone the VMDK volume to it. +Boot2Docker ships with a VMDK image, which can’t be resized by VirtualBox’s native tools. We will instead +create a VDI volume and clone the VMDK volume to it. -## 2. Using the VirtualBox command line tools, clone the VMDK image to a VDI image: +## 2. Clone the VMDK image to a VDI image - $ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi —format VDI —variant Standard +Using the command line VirtualBox tools, clone the VMDK image to a VDI image: -## 3. Resize the new clone volume, choosing a size that will be appropriate for your needs. If you’re spinning up a lot of containers, or your containers are particularly large, larger will be better: + $ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi -—format VDI -—variant Standard - $ vboxmanage modifyhd /full/path/to/.vdi —resize +## 3. Resize the new clone volume -## 4. Download a disk partitioning tool ISO, like (GParted)[http://gparted.sourceforge.net/download.php/]. Add the ISO to the Boot2Docker VM’s IDE bus. You might need to create the bus before you can add the ISO. +Choose a size that will be appropriate for your needs. If you’re spinning up a lot of containers, +or your containers are particularly large, larger will be better: - + $ vboxmanage modifyhd /full/path/to/.vdi —-resize -## 5. Add the new VDI image to the Boot2Docker image in VirtualBox. +## 4. Download a disk partitioning tool ISO - +To resize the volume, you'll need a disk partitioning tool like [GParted](http://gparted.sourceforge.net/download.php/). +Once you've downloaded the tool, add the ISO to the Boot2Docker VM’s IDE bus. You might need to +create the bus before you can add the ISO. -## 6. Verify in the Settings for the Boot2Docker VM that CD/DVD is the at the top of the **Boot Order** list. +
+ - +## 5. Add the new VDI image -## 7. Start the Boot2Docker VM in VirtualBox, and the disk partitioning ISO should start up. Using GParted, choose the **GParted Live (default settings)** option. Choose the default keyboard, language, and XWindows settings, and the GParted tool will start up and display the new VDI volume you created. Right click on the VDI and choose **Resize/Move**. Drag the slider representing the volume to its maximum size, click **Resize/Move**, and then **Apply**. Quit GParted and shut down the VM. Remove the GParted ISO from the IDE controller for the Boot2Docker VM in VirtualBox. +to the Boot2Docker image in VirtualBox. -## 8. Start the Boot2Docker VM, either in VirtualBox or using the command line (`boot2docker start`) to make sure the volume changes took effect. + -## You’re done! +## 6. Verify the boot order + +In the **System** settings for the Boot2Docker VM, make sure that **CD/DVD** is the at the top of the **Boot Order** list. + + + +## 7. Boot to the disk partitioning ISO + +Manually start the Boot2Docker VM, and the disk partitioning ISO should start up. +Using GParted, choose the **GParted Live (default settings)** option. Choose the +default keyboard, language, and XWindows settings, and the GParted tool will start +up and display the new VDI volume you created. Right click on the VDI and choose +**Resize/Move**. Drag the slider representing the volume to its maximum size, click +**Resize/Move**, and then **Apply**. Quit GParted and shut down the VM. Remove +the GParted ISO from the IDE controller for the Boot2Docker VM in VirtualBox. + +## 8. Start the Boot2Docker VM + +Either directly in VirtualBox or using the command line (`boot2docker start`), start the Boot2Docker +VM to make sure the volume changes took effect. + +You’re done! From be7fbe7b1d45b41f0f74e513bb5d894879cad37d Mon Sep 17 00:00:00 2001 From: James Turnbull Date: Sat, 23 Aug 2014 20:01:41 -0400 Subject: [PATCH 019/540] Removed deprecated release notes Docker-DCO-1.1-Signed-off-by: James Turnbull (github: jamtur01) Upstream-commit: df38eb4d43b03728253593622fe4285e99d0784f Component: engine --- components/engine/docs/sources/index.md | 46 ------------------------- 1 file changed, 46 deletions(-) diff --git a/components/engine/docs/sources/index.md b/components/engine/docs/sources/index.md index 5267557f38..8a6882a010 100644 --- a/components/engine/docs/sources/index.md +++ b/components/engine/docs/sources/index.md @@ -85,49 +85,3 @@ Docker on a variety of platforms. To learn about Docker in more detail and to answer questions about usage and implementation, check out the [Docker User Guide](/userguide/). -## Release Notes - -Version 1.1.0 - -### New Features - -*`.dockerignore` support* - -You can now add a `.dockerignore` file next to your `Dockerfile` and Docker will ignore files and directories specified in that file when sending the build context to the daemon. -Example: https://github.com/docker/docker/blob/master/.dockerignore - -*Pause containers during commit* - -Doing a commit on a running container was not recommended because you could end up with files in an inconsistent state (for example, if they were being written during the commit). Containers are now paused when a commit is made to them. -You can disable this feature by doing a `docker commit --pause=false ` - -*Tailing logs* - -You can now tail the logs of a container. For example, you can get the last ten lines of a log by using `docker logs --tail 10 `. You can also follow the logs of a container without having to read the whole log file with `docker logs --tail 0 -f `. - -*Allow a tar file as context for docker build* - -You can now pass a tar archive to `docker build` as context. This can be used to automate docker builds, for example: `cat context.tar | docker build -` or `docker run builder_image | docker build -` - -*Bind mounting your whole filesystem in a container* - -`/` is now allowed as source of `--volumes`. This means you can bind-mount your whole system in a container if you need to. For example: `docker run -v /:/my_host ubuntu:ro ls /my_host`. However, it is now forbidden to mount to /. - - -### Other Improvements & Changes - -* Port allocation has been improved. In the previous release, Docker could prevent you from starting a container with previously allocated ports which seemed to be in use when in fact they were not. This has been fixed. - -* A bug in `docker save` was introduced in the last release. The `docker save` command could produce images with invalid metadata. The command now produces images with correct metadata. - -* Running `docker inspect` in a container now returns which containers it is linked to. - -* Parsing of the `docker commit` flag has improved validation, to better prevent you from committing an image with a name such as `-m`. Image names with dashes in them potentially conflict with command line flags. - -* The API now has Improved status codes for `start` and `stop`. Trying to start a running container will now return a 304 error. - -* Performance has been improved overall. Starting the daemon is faster than in previous releases. The daemon’s performance has also been improved when it is working with large numbers of images and containers. - -* Fixed an issue with white-spaces and multi-lines in Dockerfiles. - - From 81067d8cbdab2472d75a02142c207529cb0c5baf Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Sun, 24 Aug 2014 14:09:30 +0400 Subject: [PATCH 020/540] Handle error from GetDevice early Also more verbose error. Fixes panic from #7701 Signed-off-by: Alexandr Morozov Upstream-commit: 17b95ecb08f1705bd74d6c94c8bcfd4c87ccfca6 Component: engine --- components/engine/daemon/container.go | 4 ++-- .../engine/integration-cli/docker_cli_run_test.go | 14 ++++++++++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index df6bd66190..0d7023c688 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -230,10 +230,10 @@ func populateCommand(c *Container, env []string) error { userSpecifiedDevices := make([]*devices.Device, len(c.hostConfig.Devices)) for i, deviceMapping := range c.hostConfig.Devices { device, err := devices.GetDevice(deviceMapping.PathOnHost, deviceMapping.CgroupPermissions) - device.Path = deviceMapping.PathInContainer if err != nil { - return fmt.Errorf("error gathering device information while adding custom device %s", err) + return fmt.Errorf("error gathering device information while adding custom device %q: %s", deviceMapping.PathOnHost, err) } + device.Path = deviceMapping.PathInContainer userSpecifiedDevices[i] = device } allowedDevices := append(devices.DefaultAllowedDevices, userSpecifiedDevices...) diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index b95fd86d2b..1021e152ab 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -1630,3 +1630,17 @@ func TestWriteResolvFileAndNotCommit(t *testing.T) { logDone("run - write to /etc/resolv.conf and not commited") } + +func TestRunWithBadDevice(t *testing.T) { + name := "baddevice" + cmd := exec.Command(dockerBinary, "run", "--name", name, "--device", "/etc", "busybox", "true") + out, _, err := runCommandWithOutput(cmd) + if err == nil { + t.Fatal("Run should fail with bad device") + } + expected := `"/etc": not a device node` + if !strings.Contains(out, expected) { + t.Fatalf("Output should contain %q, actual out: %q", expected, out) + } + logDone("run - error with bad device") +} From 3af44a7cdf8acd54cad7ae794ba06b20d6e00682 Mon Sep 17 00:00:00 2001 From: Nicolas Goy Date: Sun, 17 Aug 2014 16:14:05 +0200 Subject: [PATCH 021/540] Added manual installation instruction for Centos7. Added a note about firewalld. Signed-off-by: Nicolas Goy Upstream-commit: d4a53a7bce0205ba0cb693b43091b78f6ce8702a Component: engine --- .../docs/sources/installation/centos.md | 34 ++++++++++++++++--- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/components/engine/docs/sources/installation/centos.md b/components/engine/docs/sources/installation/centos.md index b919ca5806..2f7d57d604 100644 --- a/components/engine/docs/sources/installation/centos.md +++ b/components/engine/docs/sources/installation/centos.md @@ -4,10 +4,12 @@ page_keywords: Docker, Docker documentation, requirements, linux, centos, epel, # CentOS -While the Docker package is provided by default as part of CentOS-7, -it is provided by a community repository for CentOS-6. Please note that -this changes the installation instructions slightly between versions. - +While the Docker package is provided by default as part of CentOS-7, +it is provided by the EPEL repository for CentOS-6. Please note that +this changes the installation instructions slightly between versions. If you +need the latest version, you can always use the latest binary which works on +kernel 3.8 and above. + These instructions work for CentOS 6 and later. They will likely work for other binary compatible EL6 distributions such as Scientific Linux, but they haven't been tested. @@ -25,6 +27,30 @@ simply run the following command. $ sudo yum install docker +### Manual installation of latest version + +While using a package is the recommended way of installing Docker, +the above package might not be the latest version. If you need the latest +version, [you can install the binary directly]( +https://docs.docker.com/installation/binaries/). + +When installing the binary without a package, you may want +to integrate Docker with systemd. For this, simply install the two unit files +(service and socket) from [the github +repository](https://github.com/docker/docker/tree/master/contrib/init/systemd) +to `/etc/systemd/system`. + +### FirewallD + +CentOS-7 introduced firewalld, which is a wrapper around iptables and can +conflict with Docker. + +When firewalld is started or restarted it will remove the `DOCKER` chain +from iptables, preventing Docker from working properly. + +When using systemd, firewalld is started before Docker, but if you +start or restart firewalld after Docker, you will have to restart the Docker daemon. + ## Installing Docker - CentOS-6 Please note that this for CentOS-6, this package is part of [Extra Packages for Enterprise Linux (EPEL)](https://fedoraproject.org/wiki/EPEL), a community effort From 579f334a238d33c00fabe35f886af7970d28572f Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Mon, 25 Aug 2014 10:29:38 -0700 Subject: [PATCH 022/540] fix return values in registry mock service Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: e81b68692408ef717c2228986cc74102cae55772 Component: engine --- components/engine/registry/registry_mock_test.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/components/engine/registry/registry_mock_test.go b/components/engine/registry/registry_mock_test.go index 2b4cd9deaf..8851dcbe39 100644 --- a/components/engine/registry/registry_mock_test.go +++ b/components/engine/registry/registry_mock_test.go @@ -236,6 +236,7 @@ func handlerGetDeleteTags(w http.ResponseWriter, r *http.Request) { tags, exists := testRepositories[repositoryName] if !exists { apiError(w, "Repository not found", 404) + return } if r.Method == "DELETE" { delete(testRepositories, repositoryName) @@ -255,10 +256,12 @@ func handlerGetTag(w http.ResponseWriter, r *http.Request) { tags, exists := testRepositories[repositoryName] if !exists { apiError(w, "Repository not found", 404) + return } tag, exists := tags[tagName] if !exists { apiError(w, "Tag not found", 404) + return } writeResponse(w, tag, 200) } From cb2b33e8837c23ac347df64b650a1f5725e343ab Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Fri, 22 Aug 2014 18:37:37 +0400 Subject: [PATCH 023/540] Skip permissions check on named pipes Fixes #7680 Signed-off-by: Alexandr Morozov Upstream-commit: 07f2e794867030c755901ae5479df03e3c4ce189 Component: engine --- components/engine/utils/utils.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/components/engine/utils/utils.go b/components/engine/utils/utils.go index da6854b63c..6044a50c76 100644 --- a/components/engine/utils/utils.go +++ b/components/engine/utils/utils.go @@ -642,9 +642,10 @@ func ValidateContextDirectory(srcPath string, excludes []string) error { return err } // skip checking if symlinks point to non-existing files, such symlinks can be useful + // also skip named pipes, because they hanging on open lstat, _ := os.Lstat(filePath) - if lstat.Mode()&os.ModeSymlink == os.ModeSymlink { - return err + if lstat.Mode()&(os.ModeSymlink|os.ModeNamedPipe) != 0 { + return nil } if !f.IsDir() { From 2b6c63642ea8ed989a6bc25a83015986718064be Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Mon, 18 Aug 2014 16:28:44 -0700 Subject: [PATCH 024/540] Fix panic in validate context for build Fixes #7611 Signed-off-by: Michael Crosby Upstream-commit: cd776cdd77239353d8bd17d3e05d66665f381157 Component: engine --- components/engine/utils/utils.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/utils/utils.go b/components/engine/utils/utils.go index 6044a50c76..8fe913206b 100644 --- a/components/engine/utils/utils.go +++ b/components/engine/utils/utils.go @@ -644,7 +644,7 @@ func ValidateContextDirectory(srcPath string, excludes []string) error { // skip checking if symlinks point to non-existing files, such symlinks can be useful // also skip named pipes, because they hanging on open lstat, _ := os.Lstat(filePath) - if lstat.Mode()&(os.ModeSymlink|os.ModeNamedPipe) != 0 { + if lstat != nil && lstat.Mode()&(os.ModeSymlink|os.ModeNamedPipe) != 0 { return nil } From 8270e6cad2027bc16c378921efdf86e662a190a9 Mon Sep 17 00:00:00 2001 From: Lei Jitang Date: Tue, 26 Aug 2014 14:04:57 +0800 Subject: [PATCH 025/540] Fix the bug of docker import command when import a image with a tag use format 'URL|- [REPOSITORY[:TAG]]'.Fixes #7714 Signed-off-by: Lei Jitang Upstream-commit: 79cf8395277002011b7632e5a040d4f4a7a25d1f Component: engine --- components/engine/api/client/commands.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/components/engine/api/client/commands.go b/components/engine/api/client/commands.go index 81b0668cda..29dbbc7290 100644 --- a/components/engine/api/client/commands.go +++ b/components/engine/api/client/commands.go @@ -1101,7 +1101,8 @@ func (cli *DockerCli) CmdImport(args ...string) error { if repository != "" { //Check if the given image name can be resolved - if _, _, err := registry.ResolveRepositoryName(repository); err != nil { + repo, _ := parsers.ParseRepositoryTag(repository) + if _, _, err := registry.ResolveRepositoryName(repo); err != nil { return err } } From a85c5401f41d3b3c9f56348cfe87deaf12e7942d Mon Sep 17 00:00:00 2001 From: Lei Jitang Date: Tue, 26 Aug 2014 15:03:38 +0800 Subject: [PATCH 026/540] add docker import test with a tag. Fixes #7714 Signed-off-by: Lei Jitang Upstream-commit: 7e72ed70f9cac871b845bebef0f96178c0f1a25c Component: engine --- .../engine/integration-cli/docker_cli_export_import_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_export_import_test.go b/components/engine/integration-cli/docker_cli_export_import_test.go index 2e443cd39e..b044cd8366 100644 --- a/components/engine/integration-cli/docker_cli_export_import_test.go +++ b/components/engine/integration-cli/docker_cli_export_import_test.go @@ -29,7 +29,7 @@ func TestExportContainerAndImportImage(t *testing.T) { out, _, err = runCommandWithOutput(exportCmd) errorOut(err, t, fmt.Sprintf("failed to export container: %v %v", out, err)) - importCmdFinal := `cat /tmp/testexp.tar | docker import - testexp` + importCmdFinal := `cat /tmp/testexp.tar | docker import - repo/testexp:v1` importCmd := exec.Command("bash", "-c", importCmdFinal) out, _, err = runCommandWithOutput(importCmd) errorOut(err, t, fmt.Sprintf("failed to import image: %v %v", out, err)) @@ -41,7 +41,7 @@ func TestExportContainerAndImportImage(t *testing.T) { errorOut(err, t, fmt.Sprintf("output should've been an image id: %v %v", out, err)) deleteContainer(cleanedContainerID) - deleteImages("testexp") + deleteImages("repo/testexp:v1") os.Remove("/tmp/testexp.tar") From 296956ed9d4f324102362dd8288df237d07a3fcf Mon Sep 17 00:00:00 2001 From: Hollie Teal Date: Mon, 25 Aug 2014 16:50:55 -0700 Subject: [PATCH 027/540] Image additions and copy changes. Signed-off-by: Hollie Teal Upstream-commit: 1d1bb2ae4507f67bd7192dd9f19d13cd1bce7d53 Component: engine --- .../articles/b2d_volume_images/add_cd.png | Bin 81538 -> 90028 bytes .../articles/b2d_volume_images/gparted.png | Bin 0 -> 249589 bytes .../articles/b2d_volume_images/gparted2.png | Bin 0 -> 232398 bytes .../articles/b2d_volume_images/verify.png | Bin 0 -> 32285 bytes .../sources/articles/b2d_volume_resize.md | 59 ++++++++++++------ 5 files changed, 41 insertions(+), 18 deletions(-) create mode 100644 components/engine/docs/sources/articles/b2d_volume_images/gparted.png create mode 100644 components/engine/docs/sources/articles/b2d_volume_images/gparted2.png create mode 100644 components/engine/docs/sources/articles/b2d_volume_images/verify.png diff --git a/components/engine/docs/sources/articles/b2d_volume_images/add_cd.png b/components/engine/docs/sources/articles/b2d_volume_images/add_cd.png index 47bfae64bde640812c8f5925235654151b393042..f4ac25d8791caff208133f891a687b6d3b607886 100644 GIT binary patch delta 44864 zcma&NWmsIn(x{6D2oNklZ~_FE;KAM9g9mpHE(?OYyF+jfFgSy|6I=#&cju73zjL4S z3?l&m<2tcLGjI*6*%|R}p^Y=ff&geh0Y5 zwui5m2NW{S?iP>q+Ps!X+BREUJ5W#EA4&4t)OMMRaTv@-d$;K}TmJT9>9AembIl%A zskFN`;|V4-NDZfIYwLaRz{B>M?S<49gt{g?V9A!ZRbIj^wYfstJg>r&T$iAE=JoAj zS%mt_XXw)x#h9q}>a*@;5aw?prGT=M;AedrPKLEL4`08mY0AjgCO+PDR~iZp_o^W` zyg$YC!I*TP{j4$m9<0|pqwwlOtRRt%+#Qu<&_4>vMn@Uw86HPo?k)TvG!v@}X}T6< zn46rtWgMdmp{Sva6SCct`!+V#)<-S2Fx8dHF{wZV(2!^LtH2Q#Id$Wf3CQHP=tF6! z9EQPMz!G{krbxpt&QjN{KVga@nVS8DoP`F) zoCW3LvQy1$R>cN!HqM1!waiciA*IBPZ(&?Bc0@Ew_d&pyX30B z>a=Qq@jY;eI(zzPBvXb*^~-d`HveHOp~Cxzz;2qRCie=}*mv%Y)1rN>OlRc8&_uQa zE;C&P(1S1#pqsSpW_{Z~@ZuE2Wd}-aydDV(RiB^8kN`$*opjyjfDa`KDF^~67yMUM z{b-rUCJcX+g6PGhb4I0QeV_05(O$N@26g$&J`e_J1yY&CT>j9z)yx&hib&rl`xp>a zISc*!0%DQpXf!1_ld4&}K=qu|OudxIG1j6j6&>EeD*YoM#A0xeEX?3rf=BFQ50+7eXsdIGyp$xsw1qg7({?ajm2N++e7Iv=WvjFBE-#v!UJ^wRSI~pfy`1C=u)US+R>V#_ZlC zBWz0*)oTugWNFOjkQ-g*PXT%oa>Mj*PUVXxU{2+Nv41xM$b8piNwth(IadSw{q9l9 zB~M|&4C_(vc>RjJ7q9f&?ib&hT(4OLQpULwFxBm*GcKMJw@&enTnogZ0ob+n{H zdEPzIVTb;4yKYsbw!JkqC7mtiZBSPBxR)Jmxvql;0Sez%K660Nq`%m%8nwuQWu5#6TJO}mFa zwm+W8!a)-IzWk(P^3Mu1LPX+i_7Gjk66hYNka?IhYcs5@S!uz=k4h#J7A6+>prG*# zt5)YrCMw9_huQ9DdHHcw$^J#{+cTdwWiVNon#WXF!CC2B0_z{&iNF@vzE@)-Q&nT}o?@}_!LyaRFWNk|ub|JO z)_~quSm!bcnJ0FfX5L)t#dgTI6aj~>qnjmMv~n6*;C##Z`9{81BeCsT;ODuTN_6gr zz;9t)F1Af(b44mD;g*A)5*%4@huPM0db)ik(g_dNRmhc%V|t-9V@+)bxU4 zd%RUcLpoiIi>H^4)sL2;kBTy?Uq5tN3dntIy$rpyM^?Gg<$H}FZV`tQFBBJ!iAekN z?ke&s@P-Ey9GiN`j+dD7O*%<;+`u(&17%{~dFr8Ya+M7Iy-@pmnQ`?&K|O<1ehqi8 zny}${%Z}!FzxYS40UvXZ5nspB^!ip+S8yHO*oBjjJDE48U$khBV(6`(^KOL7p8ha2PJ6jmPe& z(A__n`{M%=GE3DMF|!M3q)NWl88YBEcUTOYdu~`PiF(A&E*zygr_Sbz5AX(FN{G z0!#4;iHO!Ak38IUy_r(0;O08J=wb5nScFn*_uoj7hqG!0fx_ObCP1dAom2!|(vPdG zm0rj9qa&*FSU9ZoX{2l%Wd=H+aWmQF3oHx?h4o%EHo*&Qf3f7-Q`#UX{$DpY$4htfIbkJP zmd~w7=C$jvcwWWTfcKBX-#3{56d6huY?2d8QlG(R@?o2=e?VnA1eoyC0w~S(!=&2M zu*{d~x6+bl{xUifxWS9|nY34x#GMI3I_$j=jNsv<9Op;V6~fxYPuj9ne~+I!N1^=F z045vipPtIPMg;Zu_i0M%-r(XJ*Kcn6{!6hjq?q8qJ<jp?PriUwpIz-9D~qJ zREk`W;=@O%deJ#~2*db5!fzBReKW@o(YR=yV!X-*;yLdG1??wF)F4k>Es(uywC$Dz zerH*~bI{-146mShRs{I~v*c!vq5rJv-Crct4t5ZcM&6t|TU^NJE%=oEuCF}y#mK4d z&4tbK;&)^UUccQaLdv>I+aq_0-)G#J=u~LcOY^>uXq2SD^jfmeBp^RO6tJCYMj&6o zuLiKy(le5t`5s|F9J7FRqy3Ma8tuVaEjm3Re`f==cP0~cnCVJGnUq-m#&*8+CgLnq zFsGkmVq(r7t`8d<8%IWN^**>MDAlDSo>3_lNMj!zAI??jzg_%anpCxt)R4ol`+y!7 zI*Lh9*70V8;xzi=UjtQ}yS@P#pYb-Z1<+iaE#<*WAtjjcPOiL^*NZ$XGLk`a9xiVJ zHoP$6tO@?dsnbcLMpaOR)qW=!5HQ(M*N<3~eR@87HLY9In<}Jz9;~#8pRm1YxTz&^ zUL|PuF=j283&U6My|t&?A&Wm{B3ZKCm#QOfv}A90ucYmpCvC33l$fh2Te#a30ia(A z7K3=crnFl=%$qECT)zHdDFnrt{NSG=VIX1O$i^vSe7KqnuCpT8X&zsU8uV7zTL$Ow zY}$?GHy!W%y}&2pay-JhBbVaV{aguUAwhM^bqd-akL57`0+(f_!&d~4RCWqvI;IP35W~zeGhZD5*`uJQ>8zg#2|3iqG78N z`&3o4U1&_OXVJeyMW7C7fL+9!DR!q4spvecm{wodRNgb8uH{1gx)jvbCtx`bocp5N zJH_gkuIDd7;dSiU@9Hmc(zP0S6J!h}>YiSg(Nw>^os+E8X{P(cr=8{|0Z7HKP9SN4s#ZOaAMQ}M8zuOX#DN!=@E zV#Mz~?pfA;Bxyu*1?$%a0^wN1`u|5vM}1&KF2!WKDvQplBsFiT%6UEe6$(laN=j5n zmAz_u@-z>oQpZ9&*nOdaJ9)nRDj2c&i!Yzd@nZc_z16KBU-;sCa|8@U5h$?ZU2k_4 zi4W3D%9&h}YrWU;%;I`Tr1p8$NflX<1NO0XECuAq9mrZ(q7X6CUU3m{XVb3ZG!6-_ zS44wRS&#f=xhLY4B&xxboob{?;y4A>$|&vKoF8g+xT0|jT5@Ez_T9R{^sT?0`)Lyh zoBZzZ_PM5DCIU-{m2xjjEtS6|QYD!2tS&b{9*gxsDIj9PpQs|ZJ4Cn0w7#z=g9iZgr)qIXwj z!MWBx+XC!Os6w_l;#onhqmB+gUCpNcHW`ny1pvZdD9~Ljw-t8tEI;Ar*}Z%BE+#WF zS)umND*MrCTMq8+=)I&K*!vMjpY$n~Hs3NtkQqiUjg8A`N492b>Py0INMw4X>aE6l zvJH`c&VXuJ>7qwrmDYjQnsYr#5ZgHS0x&+X18reXfs$1ugbmw>9kjhjzK@7EL)j_!V7qZNKC^_vbcphZ3rnv}<8Z z{m2awHK9D!Trx@6_t13@t)UXGAiS4aW;TiePfg{0GtLOL(*@3_cGn_I&^kJ#9Kxq1`X8hSltrI?6+$lhR^>-wRCr zJ+2S_mZ+fWS@%`T1e|+Z(>nxCNqoS=!#n7=v?u~nzge>2?vyXObH4|$6srX}nRfb? zU-CZ$8&llbk$nB}mlEH|z%2V;w#=S11ck z^KtltvWE_Sp{g_8dPJT#WeWPcjwNwNpB8+a_m58Qto=q%NH+&vhV{aE(Zr6@XPN|) zQjVgts0Q@t=%qvBmk!sMrVFArJOJ&Z?)ZsTBV;2YqJ*NDU4uZMVW_6b3A2@b^6<2$ z<4N=F#9#V8;qY_6FV2ifSamjk36{smx+~X=bIWg5N%k^BBOolF*@7QPpx7C)hb55` z1ANuy99CtLM$$R$*6R%Rrm9?L4ZH?1PX|d{8-vt#cXyLJC~g+BJ+qMyW&l>e)hu&v z-Ul_6b(rvTp8 zw!LYm&YNeA)%Mp%hH>HSY!v9HwC9Jzs)KgxgQSO)X_Js#GUt>=@|9xR!D4zZG)?4)WYt(Z}6%?HrX-_mKT7& znSQ8ev7E%JN|n?8!%odl&c|=w{R{}S!5<|NiHx0ekjG)>*_pNkP`dsQZhan-^*o}FzXGH^AGZtkMQUsNbbp>p zkRKHs_vs7Lt9~UIADuIb+w6v|%1D4H#lWBW?<8=F@%P{{!;mHvmWDdDrcziABkUmcsqL|(5lu$DvnZETI;h5?2weGMx_`3ZLqaLH z;A*@u@Hu*ZWx^yB@>1SOPRPJFZ%LUS14ji8R?P(IoG>bQN*tKcn&0}yX;5e8{k{d78x3*^V zi90(@3SDXNYP-J^*ugLh^5NWBN=qJ>cR^g_FzD#YAma323_F!`CHXUdasKe)EVKkH zn~oXh+Ms4J^o7E*XCj|Kmry6KSRG8%ARNgUnBn;jcOCVy(owql)Zeh)Mto}u=jr*`^ZG#T*Ovys^f#P8Sxc707a#V=*2<{$(sTLQ(X#zd2NcGk zb^>x2s~dLo13Ju=m13yR95#zzai?YwLM7oI9)!^gio!cP<{JfJzM@qY8=vSirj;{h zvNM_Ll-nwKID&dQ=25H|Fuzj?_IET6FosfR;`tzj7vc^^rJJXsx+y6Q)RiOver0VT zuLnA`CJXp>J}*!1R8;pC(xDX?;l1bQBWp$Ck@%-=?b?P?Cd;XKt!;k8UZ-WTDo5w# zK}ZG?e3_KT0(WdB+Q%vEJ0SjA1xiL|q*eA26WdEq2QZsqJ53&JKE3Jh^7jH$J_foC zBL1AKuT8an6gOy(mFXU~UQKpDBZl^eaRJZUlT2=BT50qmLHxAPBqZ5uYd`q-_`E=XYOU#L61`?# zF)_(aKo`hjni37oHYI0XrCG9sN71?W65Q99I59HxbPf^mfjD_?`#_Rw@;DtfJnDba zTOBIAPR);2;)gXwMn<-`Z#3jIYpFuH1h-FRn!T6#jFUI77*;H$5nrAV8+njlh%L7X zQsee(33v#E*KoF_#AX20Jj(ecI*AkO%Vg;XM407BCw?!PYs`Z;z3e^bwE3aZc^7N+ ziUey5*-ZrWy$KpX)gl^*Bfdyc@^+r8vtM;Ow1aYZpJ+4qNU8{4c`lcTB}g7uJNUeB zPe}B61fuc!9J<+Td-`;WjF|q;9DQv>(-DBJAWT0TlCa{6MOXynd7Jk}%El<&$HfM} zIhD+-H8L(f7$ebZ)gi)1SP}a;*>fmQs_rlcUFe4Ou!s)H%}etbis&mf?8qH)yZnGz z4U8O4KW9d8+vWN&dBz_^=0DBC7V!t&Pa!~1EjZPQ;KTE(RoJkcIT++AqC@fp`9i;H zujJJGD+vvBVXZm9@%S5}jN2ro$uEP>VR``^rEvKZFzKz%kAZSy(Z%SAwpBai1vb8- z9d71*a(7zokJklxyJgJXF(PoQ_qXkP7Rhz!(y1$;X=Qr6TM2sHITn7dyqm|bDb>LN zXrhBKVzRf2?FrN>bPCC~1yHfo5*SPB$T`IJiw!7@-s1xwKg0AQBJ%j~A^W6zpWuuL z%&PEPX^>=%-&Pw7I}KG9d+QVUskhuCpp8z#*L*VbSh305wRK!-Ew3sO zyvjnzV!c+nyF$vTE_v8UY+m1{v^M!vlenn)79aDY!OWl_2bs(pwo&ro!rXP#DUtEapZs8*-kHV@-X5?Q;e+dnsU1R_~^oLY4G3+E3f3m%JLl zom(AP2y9$vYf#d3nfsj6riMt&;Se;#YeTN};F@fR2G2Qeb*16ESfI=7V z<)z}(mE@(#-6F9c+e3+detsE2^|mYcW|YHi-v7iTu1WNaFBT-rX@V=Q`;?vXt-bh_ z3vgJ68lwxUkr8Xmq?z!^xXoHw#lyRMvLh!CWc$=2uSLSSs2zX?uTd^MRl7237x{hC zW4Nw@>Z3T3_Mflw*Yoi;%fcf#`QBbHTs8K~Q$hxwi)lD0a1IV%Rr}#5Kk_rdOcyEW zx4JRQqpTILOiy2e&Ar|TPUQScc(;fNCIC%={&YJY3>Ae6>PG%fi0)uZc=u&v)V5HZ zc9!@3wOT#`oTVixPbmZ znDw&FrGBt1c6Xg)siZo}7={5ggr$UyEJqgVdSj+cDKD|w~{AN-L6LJCW`y3bUwFlJ zkY7IO*p;g!-U_U|!a^&$yiubBL^ksYQi=d~oj-|*i6tdZm0Vw7!!QBA*APKzX=zne zRax1H`ub}GbtT&_^-?QqWO*?G?WwM25I=uO&IAh$h&{!Tfz5j&$=)oU*JF1bf%wOe zJe;%`6a+RHEy(TpfqjU8A1y@Ox*$)YZwOABCq0rirrvU|!_U z=Fv!-n^K4q6vcUR;0GQy{C_t#Xx1Nmx-r+akwrrm`Mj5IX~I%S$avEA(UuHv-eeyk)KY9I8shK|Rw;;HP5=4}iVo?-;z$?#g1rgsLE1OCb zo5dD+qrw}HwlzR!@?7%SUVfNEl;!hpq_yt4v%~&CG;8xFBtW}F+}dMtL^o9-{-XT_ zg4OWu!L{AWR8545mf!3=Ho4o2*j=uEZfvMGcmle;y5e`tKW?`>)G`IXY-AwA!Z6A| z7_S1*>vHdkqQ_fwHLH}FU2p5chgrh5MVEy#1?Q z94hhMZDW>zkyNRv)3E%qZ?DCsdT>JpX6tHLco=@KL4v*IVIQ|-E`Ogr4i@uAqJEIK zt1KwPMMvIIyS|aLna%e*iFHz{(NtESU!68@V_eG{Z(Ta;hM`^1f84Tz?$ub)-xHv+ zJM;5h%TXz7zjty0Pacw#QtKlGhn|=ew`6#!uPgNeRQr2uU1r*cEKz%VGk!Q~!^f>9 z8%yHE=+I<2%y4h+#=b{AOnj5hqrm>CkM6XJL7$?t^G8V7IQwj1oz8cT^1&6)Du<3f ziTQbaJcmw;cr>@K(LGhK-=YylFwHnr-{_wALGZdwx%PGDYkv@<{mwjtS4$9?y&7JE z(DX+@%JJruM`;*W_}`Sq_+?s6Oi zq75#LYo%C-eS{xm6{TO1!neB$`%^D|-mpGTUO;nX;$(FqkgtC|UkpOZ(1fTZ8^7%E zrdjQ_TfUCbj6_8aZIn_|QEj+s2+fIn9tcOpyDdUIa)C1mB0f9feLU^3N{53Xf(2kR zksh-s!Q7naoIihBQ`v;mDsofe;v+v)gziW~NjBE2|9I4`4w2ebl3eVaf!HfjGOV}= z>ml9_&XOCXnYO?o|NbwTMf|r|(wv6F!~KHjdl&HI&EgyW~ib*0_FSMi?E z`k(cVXF)$tbOXPzO#H)i!2dr^SF79fUrM*xeQY|q;;}n+$LO3$H-f~+wL{T};%LD1 zQOr}rs)5b=JaR4hbG!f3&TC1v*V!ZK8|O^UM2U#<0RaXZU;FXP2|5ayYIWV&zR}Wl z+)4xeix;U}e1s=rOs*DfS6dyU0yl5d%6I48_*gz5BE+Qsj&S7SfO+@K3S{rlwP~eC z-k+ogQ=zA?%80YMcew(2Y#LvD0a|wJ?xKmI)P74ZK2gI7cjqnM5(!wek4uz9(td_1 zAb(4P1d(&dFa3RH*us?;gZX(p|CStmoJ7(*PJUPTrAVs5+du&0t%C?e7g)kY`SX@z-aN3?5Q+9Dl|)_PE?Aw)X}XNpq;hSp|B6zvx#aO?z(bp*2d5FQe_|63v)RPmY9l6SdqHf#XZ5*=5 zx1o5M$a?e%NeCkT_(d1*@TJ%H<)rZ$xK&Y)+S~XQO=NN%bQ$niHrEO{1uA}wooYDv zCSrNaUNRr0E~a9y-(ttzS`Tj_SJIu19avZ`%r7|YLKjkMe)Y#E1Lq@Wm}cpFZXW;T z*tz)m@YfB-?eyk1JpVYk9z5^+*}FbPSbi~>3+5h#2Gr|_e`v5l5%n7`O`trVmJj&s zsqKpoLDBrpeV#fv`!p02U?rb+^t|~wHYWS7;5HCp*UFuzf5QnKOn|8!8!CfFKj{_}+QEIR7sL$#& z-{bR7PbY!(lgWvV+p2PB&GcJrvcVykMm&FDo)m*lZdn~(U%^#hR-bjX0yN^w&*mp+ zsWk?6H6-B$q(dUnup^pBuhO=vEXC;8e95}+VJ809}sL#Wp1mb z;1LJu>vFg7@VBgGHAPS@Db2hQLF-SYS2>!LkNLnZlDqC93+Lw$f9{gYpO7vG)dNGLmFoQDGnwSV+LyUy~N>U#-=r$7@PRQ(~jSY9^sXM}w4 zjRe5YXCi&vDS#~^UC2>Z95M#%^o{rhC_GV(_5Fiw8!J`k!n0>l;3%wj3ZBM$e4(`) zFf-F;?@I6@yOolRHUSAfO-uI2>*LE4lG|T3?$Pm zv^~ol50lvowzrRq)ZMWMMg=eEQRhTALV(fRfoJ|>OM@ha{%oLO72^J#v&@BKK5}_2d(iHePP5-)^Y? zu3u!DVYJ5r zUS7Z?>7BCMKdx^t^4xS218+YRAI9r@EY7iUlvoG|Sf6YcJC795JMZWGqlLbZ#aT8z zR{`t`Wxd*zz9ufNmYU8@RgS_GmxsdxyXx^;?|8~e5yM*|%|hRWf1oh1k2orVpi;%> zmJ5S>DHX5BYrQGC3Ck9+#0|G(Pygn^^C_yEfN^ba(0C-Pk%4&DiF-!K!r|=c@!;Wn zIEYJ?mAS-XX3C~kK!qHinSAOtyDim+c@LKdDt%jIY2cj#w?~qW+?|F5LU7H65Vm%q z7p@Clzmc*@*tEe&bjr(2;UL2n_62p1@f8Tzo!7m#2ib1SFBt-t9!Cd`^F9&7;m6j0 zU7ZIo{(^`_<{>UY9)A?0>9@T=~?@-405PPg01jZ*{FQML@`ru47R*cb5}Zz-IZfz!Y8O=64!Dl-|Bh|%gY>HP2R{HvxyqN62- z@!2icDlh=AKVBXj)23OUuDhv;gkBWFahJiaxBdF+-(2@XMrA{yNp{cWOvS}_<%yCj zbXqJ1D_@sX_moYZv`5_k$#-5)An)Pp^6?;={>_L=#mhSgWR*0Ppi)97R$*%`Mm zroZL3YtP4zZaCPihL^+(M^kB!5=jsrw{N6ZhHIBH@ULAj?&uC&)Q9&i`$Ro=Bh7JA zzyP)&zK6ThXR-X8b)ui2 z+){8{%gIy%27XVKYKi@toM5xeeaubjd#AFC^#D^YnC? zMyl4U6D_nfFN7GqcxVt-ziew8TRu0P;w`uBHz2)LYssaSGRN0>8&`UiHDW|Zoen*`4j($=!U36>(}Hm_xSCl*ReM%m zoWKe}N1>~uKBSKdbA__gVegbmizf%lZaFm+TEG+DPtld$sX`T7^$jMEkPesLTq}Kc z&JaXzZ8>T=zlSx>{%09kUNh_(n}9h^vv+-NY%{}1JoA4Z%catpUKhk%cikE)iGk}z zXp_k>b8Y$miFG3)BBZm75?Um(MST&ytYPk_mW$cYE&XCO!{KF;pZ~b6A122x%~pyE zSRZS1x)5EFap}jQnfJ}H`laCI2eyY`bJe>z898qAE^ImDy|b$;E39Cs`O{l7_F4b* zrF+3aIam4iXeG-$H9ILt!xoSuy(iRzS2wn6UVHkLCea?DE8sH4v!q<8X>91{x$Ic=Y$(C zGx!GQ;_+un#jhX6hg=YxDmLQ~LU6U;Qtr5keV!*8Q)4s6X* zwb*PnWlKVg32T_CRvkVf23;bCP}MS}mdf}-h22H+zcZ=Z*CLjcP_DVqY1npVYA5d` zU4jFeM1tI-5zIODT`YjM!+VnEMNXE}U?+zoVI5fk?zW1zT!QzUoLj#cHitru0N9qh z&TPCSUUuHex}VnTj?k(LaWI^)3065A)V3aVI*o$f?0wo&eLI?}&!w5-y0}5mi&yJX zep9`4@G5yi@|r&weKI1523uynBfZJO$PTNEzJ-&-1Dk&U>xznliQ8 zniObq8Y{q`ShZ=$v^HDImbfq=m-|eLtIEzXz{ntc0SkF_3qHsJ-Q3)8=*wTgnk#=- zM@|;fhI#|M1^6`>?r)@zmf24S3)Zg$ItBmzZ>?YL! zC6at}8n}&jynxVT+X?k(}< z%}4n*6~LQam>QTKTf%DxmxD1W<0O^Io?UFgF!@@{xW%FvMNvADvgm5{){9V_1>8Ai zJkBN!yN3@|{CEj*v9V`6_nABfv=TglWifX93-UVV&SsMl-O+hsd2X+n1P&vdAXr8n zS#T2o);G?Ws59MsKs`TEx$(y07I!8+DiT2huvilHetu?>-eqP(Q>E0N-d#4RtzKF*Ggo0CKiJ;pf7n$E==EOn!$sl$l7P@`Vm>%sZZ9iA-!wo z#o=^?#>OF;db@qMAu;USZ%BB=Yah2s@W!YDpwIHDRnK?igcs|_)E z&(-4J9kfrP83o-|zmg;u^~Pj-Ym8RY_;}0An>$>!iG%4=&!2r6Aj3m;%*Hc-xp!OP z^y~s*)=K{ilR5Kfztve+B9!OKUFcTAOASM1L z!{Wj=JDF0&HlM0VdOhX8xKAYm<7C7ucXOp_oohn6;mH}X=;?ma)PJjV+a`WyQu|BI z_9uH#ZyTtqe!aCCJY7~=?4=q?r1{IK+%6GBgJlOpmw_0EQeGl?99ZUdXk$yqh4W-o zlomMcAQKlC(~)GMwNkgo-ayuu7ZH$vg47-ks2yk@OkaPFd1Mydsqb<8DXh$tF?fd z+H{TBRGQ|BJ&reEnd*988XNhhWpEX?GxJy)4p;&kaawvDSs|@{2Af1yHShI$l+CrC zy>F2Qoc7AB!Ep+Og@M4;i?{9Iu*sVnxu8AGZ)EvTE$vEw;SqH2+l8W76|Pi+^K`Dr zsfw8B{0kv1(e%_*SN|U`O9j)CDO(jo9<|cKIOs3xmN5T40c~1w1UB~w6rals+$}mu z{0}3YOAXD78)LLfxZ<2d*Wy3>HW%~bhYR*D_ZJq8(v$k6CCrUK#!`RY9CIE0-I8%uMZx8iGM=xE zgdUSJyjjn#xl6>uMeME=5x6y2;tYGdFrx$0`LBpLT=OeZ-b9V9t%Pv+3TesIcP=Fw zqn=okXPhjh)=2S%u#JBz0nlWMpZ`OS*$uJQ(k=c!vkk;u?>uxn#In8FU|8@5n$85#J*sGBU?l-3+^;{tWGkW^xKM96->CsK3iSnFu#c78BlzY>y^M7>f zHtE^$vhZ;<9WC{c;!@PtU^9N{#fo+Uh`u1ntYMV){KP6pri_FR6L-nE zGVZikxiq><1G89TTpX@BVfwy*wb%z?IgUb6nU@9I{d$B`}#XIG?34VQzztb zOd#t0rPcL=p~HhmBw@z-!CXtFQ;V>|Yco9IB1c&sWB#}2)!HSb-r?MjZ

9O{4K zd^6mvlUsoZ0}MSSlD?Hh1hV>`0^Fa=o~JtMw%GPTOh*R_NN%3IG= z@8~!o2I2-vEfR#5?T$g2@`HHT`Q5(&W$ORrdPrfg|7Ckn2|7l_OCPn11OErv5(9Co z-l33NhNIg{J|)AU%al6Ps`kBaDn;Al7ks|5~IU)&|#&?DFH*v zJIcYXB5O#50df5(+*=#GWfDhg_`~=lo8ULHX zs8aYjwnSI_j2sy6uP6S0kmubef_X>ojjL)+*-E4BTOw;_BZWg zSo<5i%=*lQr<$o|W4J2+?~N*!V<>LD zQJ$eglQPFi#Cr(i-`yDI4H*-k8Es^L%p-K*_^{v>F`r^(UGaN3lOec9aqgl0AQHAb zBVq1n=Nl*04OUL?sl~YIC;!1cn^*pbqqTMG$bG%^xfX@gL~>6MfK=(pOB^3|dSD{% zRj7~h(0kHS;65A-S`TuyWIfo^94gI0`yaz4gc~~cwl1)YS~v?|+4*LU6kw2>cf{t^ zuOf8fMe||jf@NbvY&|r2SB>djGZqu0-2h47n&LkkrG}X)HHm_%$bVu!BHP)|OmQbd z+C;IA3=x=koTvT8JtGB28v(^cL+yInD#4-MxZ@)pwYdFR++#7T@*W2V=Zi+99hEWa zRidp99T&n0c3NuUanu2enOBvJ@qcy|Da^Kbj$y$6#KqFKaHU$ui(dLC8jebJ$^Sjo z`AJ}~$*u3E=Hqrh31q_xGJJWnIpEE!TzpYvE+ZRmKvl*6uN|U8!$V_oz`qask2eVE zC=&DyI9B-<_V?X?XF?I3`VA^Yz4Y&(XuzO~7$fhpd+_G=tt zqTIjzP6|Vk35B#IAt8_bpC*`)4nXSd@4&xhOy0VCfH&zoB&Za_tgOG>C27o1w0okl z6+67Nx`^j$cqhe#yLgYm3FCWTmrITB;e&Fl;F|Do&K0zRbgQGjX~V?#&x%y?$iw=9 zvZ4U!*xzYSa|tAWuAmE%cw z`2ie1*=KxQ-K4)xr|q6UbR~vqwO~3l_~2TtYq#7Q$TeDSo9kP{sPzh%=8pRXw2zH- z=g^N6iJ53?dlTr!l|7zW+SLbQ(`YYM$lg@VM(}e)2Q5D&Jv=<1;g}p~Z8$aC8 zyIfR5odT))>JVD}=_lY()%7Y_+I2Xh1AZqKTk<>{EwYVUShrYi=(yc{&5{#=5A<1E9_lIc)eFr9Td9-$^_8(n7^T89*&x;guHBK(#-8 zoM!%!_yVA~B!rCne3kq1S%E2r@DCw1Iip`UTHWwR3= zjZW)Rcp+;UH>cbA_3!ZBr>ysG48 zQM1Ww)#Xa+SAjUjTS)-vnNYZdONHQV36|88kMfq(`0_;j_k3CzgP4W6_cY>7B+38R)2mnh`rlU`mPN{Us! z1Qs2QtwKdEAj%_c6vGGRqO3EJ6KIXj*J$AVF~T{)UNjljrcV}>@%b_U19v>{=Bd6U z|Lcm(JTm6d0zrAnFjZhMfa)5|3#?5_k_E-!{wPH5KI+J2G~U^Fxj7kIeu~x@vqz!x zweeO7T0XM8yofWvcz=I);QY;Hb7m=$NROg3ba$dy`s7S*M0?^q(Py9Q>>U{T9yiQ5 zPwwrM_@~fE5Fue%QzPL#n1r34m9^G#rnIoIFeoUf*oMdD=o6nuo$L}oNJIb+_o;Y} z<74#_RHWd<_e$tx=(Xi8u4e5K`(Pv+=*9Jxzw_THH}2jA^Q7SNbQzFV!224J5~3LN zgR)cmJ~sM(9IZB!?Hr^-mxZCx^K|bS;b!S1gliMD?CYC(?u?xk^EEeZ`0-6r$$|MJ z4J+~wCd5Kt)!>!kT?JSuz|1s&RxDWV&iF3CIhgcl_Kwk&H}AG+Y}>YNJ007$ZLF-MV|DCw zY^P(}>{uP!NyoT(-+k}Ld&d8qv-ii}$fz|dPgTvDg=g07(DVG;{$!@cU$Q@90S0qF zoAz5wxpsNtp^`q1B}XOCGuh*#(6L^*6RPc5?oMNXw>chd^nZmb+uJo1Sm4M zuz-aCTWH?w@S;DYF#6@lIIppOvDd~0HPK%&%n8YPr4;0j;$5ef%wypNXTDXioiDVr z`phDQQQWfXjsc6WS>MiPCRAd~A$~9b+uKJn1Uu{}&(tRpR22X% zqJScA>@M@d4bv*yPi9ddjzq$E0Vo{CtLHSu)E7C41&;uYNGtVk_^As8<-1n@JQlY2 zXR$UXfoZJG{Xo|559Je?yE-ST#9&nI!2z&Yh=@rLv$4VF`3aJp4Q-e*+J4f+8~+`* zkf0&?mW`VKndi9hA9lA=5YcX4+LLSwM<&{4QJ}#%JUSW~!M-2kab)KPa2xdmzQ^FQ zlaZ6(-QKFYyW1XB9GBGDDx%fl(-S3TP>5>%aMe0h9zX(Opu41pM&me$Y)@BUM-75= zu}4`ETKZF!QKrdqxPgfJd7@X24ADB0RFB|wunzFpKm-YP=)56oes9tPVjPr$^7r;X z7VNevx5@u1gWC=!E=I@(6y?*ng1!TWhHZnk<=XCUbAB$AYHF%B%OpBI2+W*2B66M987U-ud%w$Z7SrA*lUZ}cfrY7AN& zr_Wc%*TO1FN=qNPs4Pc}0I<8e42Ipw!-LykULK$$wuh5|@A-Ke^%LsZFp(gwKJtoC zTW3sbX(-MM8flx=D3~6@_7}l(w>M;sb@^}o;w3ado3>P)z^(Ui%GDA5j}PP{d_6wC zpb#vi%0X{CPuKQ)(L|oN9G*iPOJje}Z&jM+1zVeRXd%1w5fINj6d~x;xiL0I?=N!*>z^(S@pL#h3L0=B@;bl{qB>jhI z;dcf>I`CUnNn9IT+Qf}2XXJ`h%=xq9y*9rX0kQ7%4xD-Aif@3{eur z`Mn#u@lZJ`Este8>KWFRu>Wr?9rMJZ6+(t9Ujw%eHmjT2<8G!b*ESs*W+fS>&W{Nm zON}D;mW{wK3SPm0(r25lH-r*J|B*^!e+-}-zcAF{jp_Ded~-(E#}4^yH3roU*>3?I z{VkNE^u~4{@BuJ8%o?Kf%vr20=1?*g_JDvRKnkaxa>&Wecz7`Q^+yHeFeH_unMc({ z%CiPz@+=D}*Q2irlLPNDwwcS?#zx_FD|f>0F_}b(Y%!&5^z}rfDD_L(UJHSNsRIfh zS6N=)-`{5*FRSO->SfUrayIX6es6UL_}#CtR;S~%p3SH&Cc_WTAup$4;^ORBFv=fM zQKVcf4!Pib*H!J*+dpp;RfUC;jAC@SkZkyE=>kUEZ%d7@P-%5kXWNB&9HrAyw<`=D{zP1*fCPFI-lm0CcAdt(99OaSj zKEtcgVwoyx&{#6Rrs15+g}MA9cX!PMzew)dQrDxzFge5g#xYvKY3@UbHaY`2Qkvy5 zpAPoV=wbhoyj+9fYpE|>ROr-U^S}QVPg2%APKyLi&z4{Cn0m_i&5~V!BK>xuyR{X^ zIdRE(o!(Z)f2=@Qn!^UzN*d8LoY?}XnA0M#buQ2@X*B1t>Wlu>5a?hB>kEDU)OXT5O@zSL6OO@f=Bi ztuyZU4;M`T{iIg-`b-k)T;TbC|C)!fyaM2Io~RTSmRc}XpmzRBe^GD(dsg~dwgA95 zO!sD@7{2xZNx&pTz+ryW+4PE%VgJ{6knq>~=%Z>h@xNA996=zkSx^KNt_lD3{e(_p z@*fudTL1iCl>Waj4ER5-`2RihzsP|9gP8p{LH~;k`05M)8_o6K3H>iJ;6Lsu|LxHK zA_M-%d-(sl-e3M3|8s-ue+~UFGT?t`T>l5q{~`na`zhr=h5i>A@WpQbF`Jbx32gj- zW(5CDv+Srit4yOM6 zInxMh9p5(Fs@~>}rD#bU`_E>WxB_N?Ed&Ar0-#m#hh4fh!}QdY#;S~igTq%=;yFiK z*NV;I{{H^KK{a!?Pqd*Kg>W=d`U9YUDYDz1hTL5 z&(pIrat?&?w${RsjbwC8mwe?2XqZNt!eLWZ?6mq;$DT`r0bpriup2;rcrTSy>foMVjv#73#FALRw(!W@mXN zrjj^O7_W0&D!R#=;t86ixB>=Z2O?A}r(_Q+TMG;7kg6Qw(^67Wl9Mb>s;X%1=Jxhg zESk+K&I4ve{vW_$ZM;hjuEX6{_^e1!c)*B$ne&hXO|dH)&HY4GHdCUOM4l>YZ#O3R z?`o^4?Nz%BCoaTZWn})o`+N5TLo`4CRZCVg41sfcm4Rfva7t|V4IWh=RPg+{YXQ6h z^!!v>jxx~ds@^5E#=K^eF&i73@l|0l0znQAj={C)g;2z?$w_ruI!Oi%$6Xc-e8BX1 zKUJwY8!9`wwJJ2PS#0Z2N{l6q!Q@stMMRVt8O|C9RDe|AEUP8@1+#GQ_A*Kih%B!1 zIs${82siXs?#86bFdG}2a#+2{1_vu^Uyppvb&K;Aq?)BUfi-Mz1=d|{7bn|DiAiyk zehh2q_?HH$b|oght+_=NsZPx41oZerqjQZC2%JMsF|fp`S*;+u22ehXLe6VU;=EdK zM5n^Biuf(itvXXML8hJqJ7zRMj?Lj4UqsDHevcqwLvu9L=!DwvQoArFmapy6NQtp% zFMY4jP}Xuri29(<9O!W*Xv0Ey;>rg5Qz~!h#jnkeD(r%d6&)+dPGCP)0&xEH0qM#4 zq2cl%U8ZGFVv9`Pd&Kg+GvPwj-(CRTs42uJWLASBX1|^zqaxDPgtHpVm0R}T|HvZ^S)Me7ZWN+OGKR?T;eLjDVm$Wn%m zcK%q8edw#rF#y)arolzj0gyr985PG51*xBy3` zd~H@{EM4YHc0C7c+!Gdpyo!+C>3QDC5*5G^*Hy=Vn5e>~T$4QXbzFOo-XX_;UW?h) za<%teB7vCQl&Pe02(abzVf2H(5^s$QR7)>gDr8i<*93w)3_a3hNt1_#xFXA#sVX4} zUD8I9Yz3wB+x^y|^LXD0pDRtvxn~5ObC>gCPw_ zaDVSf23f&4%62I@o5pWUF)hER0^Ibh-bO9w6HtjkHl54xKEO|G6I&;DH1MQ`8+l*_ z?uq!)@<`yHG7F;L~wSI=gQB~UOua{!C zNjdN@eBP|ko90Uh$ET*!G0U+$`E=KWGrKNf-xRE8^F;G8Q7G}~$9oO&JM34@*E07Y zE4Uh&V_p*hZm@hU!SzOL@3&W0=`mNTJFUd>=RgJJ^%+xWM)P5%l}IzQdd3y9DoIUL zEy3xY{G^xm)=){4kyu1&R8>7HRW{?8XlMeV%!~|7v8WJ5^oMrrGw=%RQ+lXrVyU4v zWim>|`B@b5DDRuK3{8lziFs_KP*Fm2m+UseMaW@5RSN9NR4I*pgMp|@-D@VpRvlK= z&q4W0*ZiO82)4-VEn@a;Np;U)?)3vFMgpzg2Izv!3-UTdFJ%l63m-!C(INZN2NXej zPy&QY`$0KXRZe`~=u8kSl~B(4pyMK&w%d-#1Ny!F1eAz>rKr@sZ!FIw5ATHq;g3K} z%HWv*4m4mOuXg7f84^Up<328}RQMv>1mx4=uAnLQ{$4S=TPrKt9Az4nSV^ugx%Qib zDbh6dY-aXD86EN)<-9STR#daof2?%B3pS~-U!O;Vg&_7(O{gPc8&wGpG06E~&LAi& z2RiF~`@@`bt@b$vxtph=#Z&!a_Nw|3%cHHb3=FOhrD%PBC-#@jxj4V$62*;q|+SPKL#k z_ZZjri3mHNs6(_b_;B4*jihIXQgNB8Wa4;lFszo(UG=00nNr#|u zpK&r9#FBv+m>09tp&%~1?hAUIiG{6Nzi)i_C)!$@2jN$SN91Jgpt}^iGaxk{ z{>H}nfyiykc(f)qxj6N(Fir=^nH&7}6l+>HS`>di`9_b{zxpgI@9v1?srmH$bh8(Z zOuXw-W!U9AlPj2^;`+NiCe=*juLXFn$+m?s8dsdu!5jTgxU%f61g(^qAoXPW_rUO_ zZhSOw!cJ|~`A%iZJN+G`mzdm%7r^5yGn_giG}flBc=StykMOx?z1u#R;k|B6k?l(3 zS^Yo*`{PGX*B!`@g3%Z6zmxV9;gr;4xUf-CI;?))e9jQ{6vS`U(nmHQJ=^SGh-aEo#($)qL~r<1by)1b}PqrWUK7 zmYIwds_bfm@_h1fo0X>N%LV0Yul(VBweic*FpeB@lEbO&v;Ieyy|GPX9v-7B_@2#U z_s*7$(vX44oE5W&GV%qBtoManleI#ys_AxWUgpMweIe5EDNPhcYKZHEBLo-`^>jg= zE=%6rG-O3fj|y@RJ;MFpazFyC`kp3)ak*fU9@_5c@rLGe_)))e0ffNBz-I|lpf2L4 z{5yxytDXh;gp{)$<#u9bo%2qA7$QEG?Lq{r-csc8udc^LhAzZjh@jXw83q66oUn6H zfPcILviB%|d1O5z{0y{s7Qf^T;)G)d0>u1;OJUW zlqbSNId$Ic9}__=PYD<}5q{eOT_+9~mL8jTYdK`f*`kV6QJPLNb-vHOH|oE%yl%UY zNamcED!j#ktFY4|07{VAvN%gI9Or6q9Bg97O0pZK#SoXAd)rFvv!lh|?d?~L)lB`+ ze<~|K^70*Rx|76AYdufLdQLTnzS2lX^onN{)5;Zl^Lfa|}-T3UOCfu*E=y~M;T z4?*Fb?3p-v4Pl`ReZ_X6Ix12m7_lWbr5*;r_cJuVL)GYjZt2IS7oHrK1Ons2j*Bt~ z0W&9N&{|0?(<|iYDdPM2l<|Ra#Bst6{v+pDTL{fe7G|1WD6W{CiaCo7=12vz z<)2k5u|XaFpKZ3I0SElrnFSTIEg^WG^}hb!bNTO~0IBJL+;X1-@X!(&WR$HlX{|at z{WzS^;~>a}q|HU*>j9;Q6r|k|WV{ z)dc-6CKdzVs);2qGhd~ekCp{pz20`I57hI=?pVc$ERQ5G#X5?d?lwc~X#_Z6!yaI+ z1Z5=`(6pel;}G#TRMUyx^Abm!-DEfhSJ3xmV({AOduLglv;_4UO1i!? zrK+ui0awI&dS)-lqNCU(RWDS*yC$GIQg4JuMk+x;L=$YF>;)mD`u7|6XcMw$HR9dze|p^ z`iB-MJtUzkNh%b@aI+UEZCc7t>4dW@R7mUw^5&X`Mp;fDn}{vDz@6 zBt~3LGW`D3Ta{IN^; zPsv}-TRl!2F0_iK>}cGXuuV5^9SM9P> zS0i2>rvkE?gXy?~QB0dAeewgRh`x;eOsa)51WXx`w}@W1D1JFn0alTYi=F`U8sNEq zOxmN4C;nzxixjS*lLvpk7Hq76a!uB2@4Lb_3)l15H`ZiAF5PKb^K*KIHZigO(&p7O zH~iE5aZ9A2b#IMkrw*+LSf${vWB}opBeMW@IGdv#N9_?F5-9EKKXTSxN5uI%zMNEJtJ4c{=TGL8t|fe zrUN}wJ+^_+r}{qzJmM$OV7sst9vHU)&V$8yr~!~m2U?gbutz}v-?n5ID;2*$E5d$v z^)_|BxlQQU&+p!h_BiOth>>?PIiubxUCri><{a@=$@yo@Qc|?#{w%4LXbHRu6J-}Jl3MDC zd{-fP#p5QR19%am1lZr0qh_(Q!U-QNHuGP3Rc)hulga!ifE+$3HWX6!zcpXiJ|U=Q zY9**{R_I7+sG}jn>6h2#ZZ9M&8JD)}yR$9e>6fk|fGe}VmgaL6oag#|Ja8x{IEk71 zR0gQYL5wL(S-Uhq>?bX4ZZZd@Pa}GGG!0y13<2VOyMoJRZpas1_u3~~zONJ0d9)~CM_Al0i;RU?+L?bNzn41dZ^UFb8)2_c9LlGRH>fr0SpYru`$cS}E zz?3paV{#y`jD24)WS-x=+=1$I0>@ksGQi&EmSkQsW@X&NS4S8+S{?5+HUqV;QN2{N z!i3POh3)=+1DA%LreWEs1lzuL)4Y1szEjEb6RI! z&`Gk^a%k$*#NvquhsARE$GuDMHf|&XL@xw&m2)SS4(6D8loWfuM5Se zbB~L5MpP2QB|Ys2>K@0+)PNxp4k@GMEWG-OC^8sumPT6d`6Ag6D8z;rkA+5~$@+Rz zA_O;Zv|FFLySOU*%-Dkut=zm~k8pw;T_OSDdW+al7XU%tlAf)+&@SyP-75 zkj@J!%)TaJJPBj;M~)gju9^JHHoP3cr&sk7K2eqzB_q=6J76b*4X{#YA`%a^r`+vb zy(K(-$qoA}&cK>OC#X6zfT*1TbSbVouu$mFZRku6=MR_qzb)cQYf8cjZert!lybxI z#54Ii?a^+VV{40MbsXi4$roF?UuW5D&f`=sk?7R7>Bj=kM>cJ~3NsN01o&zx?gDdW z@q*2CbizGQb|fzswE*CmQC(+N;CvxxXj^{q=3VMvTg^HxashmMGL~WQ!gL(R%E3mJ zLMa!zlwV<#4)j_z5Hc@+*~z2wu&sDlIoh?@7u!M~D8?b6Yh0WKUHNx)Q$&Q#n*iu(OBmoCZ#=xq8*N0AoOh&UJgzs#c2)4U11)ztYAd2Y9w=I7H;l&C)mq1T; zj9{O$?yq^+pc(HVFQ}%cU5Zg&&uV+1W@d?+_?vi!-h^#R|B+Fb3Fm>pC!Y~1f8y3x zkILP#luc$09`d>>xk8Jstm?BB?OG^SZ>aP!47?UF0BO1w14jPW^xPY!GQ4Aq6Sa5^ z4uv37d?x5~YrfR#b-B@&NH;1LYZUlQDR+p(cT5szQIVZKc>COb3==h8&H@^FUXblEc}_T@JnlEl6U3{=8KHZY zL^!u40GYzsT9X|w8eNn3&F;^@m&gQpyy)K>JpcfaDOz}u-b2fc1vr63E>AVc3Jx*^ zM$%K#s9K4~y_U6s>r2g(vK*BCpI z)zZ47Kcp!rhEihJL>cx)k@H|C6O^anOALNQf|WWH&mx{lBMPBQ1tRi?O5K2g9LL544CuGGM z(?LXDv=UjX9=1SW}&>dzcDeRg}LgG%}22r8qY)?s)6#WhXB~t_!#5kR|U{rFpO|oIl#u&^i z8ALf~xgFQgpPH)5NtLT-Lh23W3utQzhVHG?_T&hoNDpiWD-fg$hUz5&qYH9|Vb*a@ z!pfKRg<{FKeF~x>LHtPiK?*KfQDR7@O52~L2$!t_j|hqiYIZF(DE_lfl5v9!4bgq| zTePtxerU|Dm^@szB+Hksf>Me?DT^j)YjBbX6PH9QU+yWXhVnO-TbFK}06<1N(Ef75 zA$oIsV5%*jhl8`TV7Od0AKRLW);%eYZs+C25t6T4QC4MP(nha}vAd-^(DI*V5tk(5DVdyfJz6mhmhye)Q&)%tVZ}|Uz2WZErJmN2|1QX1yhfs zV?%zjCDo==WcCOu1GX`^259%h3ez@3gB`sZ|AEmrOOAX?jv`Ak8Z3d9G7-gWoA z#wO;ObQA*`DIm^hOQ6xIJfZDU^u0$eO(GIp8S$DC?xe{UO+v?l1(|YYBM^!}pm1F3 z1}Pshd0SoRuSrS(%JLKll+l$k3X)9qS;r12{)4xsN+!V`C8{tIVyv}wk_fIqlbYji z0P=NSfgzQ&Z4}KcG6?ge(}+S7Pzo&p8~B!*AL=93MKX)dLGt_Im?;J5*a9*xuo7Gl z|OBPAeIND6`dSV&|b%SGQPb5w&_MG{!N;Nh$Q-t&A#Xw788U_a==T77@e zQJ{tn{2;?fCfompN*V-?8Hw=0`Of*nJ9gek)2KhE7d2~Cq$ts$1*f_YY^NxStN8IN%l>peyS z$zsaE`Bb$GMfv7baqPUj7O5BrJsE{B=9#5z4U6a}gpF|%1|?+IU%1bxm2d68=IDdC z30YBA0?ZSKnhI2zfW)#&|ER9q84K)hnC~Wv+iQR$#%K3^rYhg*Y{Ba@%NbNS;Ioo=JvM!}6_Rm!{iOM6CBu^~biWM`|Q-ft`x7II=I|wB^IbUvm z%?AOH?QQ<@cviExyPEw}MA~?WI@rAHusd7Wh;|i+f8jFvrBta+#BR;oYK>q5YU3@r zjhkZ;!_3w0s@8NiROQ2&$BH{;wh28!X+DUiP@oZ}s=|4bxlCtdY6Q+-_0@kpwL>|- z1Erci1Bkr+2QLTXr(#_X&zEf_dr~u+>{tOFP`RkR?3SW+qczc*;_B(1ronn;2}5V@ zNZ0fF#^ecsAzw9o?DYqFrhRe7xy5mH zaj{cu0*8J<997k=)*quYiasc831N<2aNIv5Yk_~lp(;S_&t2aGe)%Zbg=!F7z5|A5 z7%dO4a>HsX90HaY{X{Fz&ws8v~~cbs~IxXKPu}c1}_NyUq7{?@-;%53-RO!ZtYPA-1-5gsnL=I1k^Ci zDGSWB)z>JJYL;ynE&epzbWu05gwqC9|#NHesEO6=@ zVa!@JXfZE5n@Zi72ws4_kbbGD#Y~#{`2r5^|j{fLTY1H_g;d*h|h?{ z9q&IOzh1W`@xGhl{%l5jYSJnKnte2xzHAD9_;_Y@Y#A0kk!ksS7BC}i^tf%p8|nIr z-C_E7^G2o+=p6(TSOHih#wvzz*#VXWKKlvpua8IgBTt@1KNOvjpvNX@MiHBNKeiVj&n?le!o`P&ik>GZSJpUsZPM z<4MY+s=Z_Q3zL$rrMoyvRd3@o*xwmm;Xeezjq3 z>aKaQrmIfcJ42!60 z=~WK-hss+Z7EJun5X?AKzq!bLcVE>&9KG2@ui5_Rv7A*m#NrMZ3$wdKkFG*?gz1Bt z#b{-MY&|`Un88z_m$~6j{g=gYm(RC{1We==VSDe-+@3eBx{La+2ZaJQ4YVE{JH%JG zJTFH&BHT{l?rHxSQ!-ZnRTpUNam`Sbzf*S9_VfqXl;&GlDwWNvi;!F>@L2jvf`8Q` zsd+Nf?UCiMO7!)i8Rg z@4m(p$vfvZxE`J`Ik^1<{9+ZOZKGAy&DdwE?zqeRoE;{NwOCXv=p+n7ytxo;PxY;; zd?zav?OWTpc5$>@4K?&af_6H#zt_b+H1$Tiy|%Y5pbz^@9A1pKKJem2c=IY#206Cp zY;n?U>utYSIAEhCpsC(rauT`L?|LT9K(a}ol0dj-%L-J@fq;H2ewvaW_22Ro&xP6yvqJ(mCRH8*E@vAf zT-{B_I|r0^cuSSbRe^WDZ5|=4O~=5x(T&TnrN_;;(Wys+^`5;CObr9B_eNau8o*=0 zfs(`@{rlPZeqN@dkBgT|6XCdShEDGr(>ezLKaby8qG!UcRA*bya;w1VAG@l zHIOlun9m5hNy9}QGgPB~G8EQTas^CTzX)sp%O%Vms~4-@LC`_UY+u)>5~9AB0u~ch zjtK#@u7N{aT!abs=#tRwcQ7^lmR`W8m7FjW?dn>0SqEVuk90mrx1^-4N#G3zrb-on z5)??}bK2KDwU&0E?>O$^WcVHXX}E!3nvqCHzjNq7U%1rqPxJeQ)wxQVgauV?dv@2? zV=ju{x2GyjZq#S#F*7r3pp8BRMZeaU#W!kkyIHu#^eRI`r_rdE=cC4Y3rxEBIsCQW ziG-R){%aJq8STbJnJZ=%U)`jB&^ZL)JedK6#>6ytBJcyhy}hL)bN&r^)Ei8FguI&B z!G)*a$cYwsGlUGDx=Xxgn4rD0cAV`anWQd{Nz`HPX*@BU!Nz~@GLOgSx2~aCtO0CW+#9v5jdA9|(^)!D7{)v?=uSaO`I$7M(Gj|k$XPahE2so@ScY8?I=oRR=l%Zu{ zFdtmZ()hgxrgfPTF{t-zHVZ!T4ooHrzx+hu;oy%Mr*ZXHUSqt2KOmF4b527|>+Q=e zWm>C;K}#=sp(wtpSgD$>4q#}+26!pZX>3vKarw#0AsT}UgMm=ArT|PQv^S)1W7KWq zOW1I29H+81nhopmgvSX%uqnr(;2bE@M}%?+pUlh(Z^Ue@HkM&$3bl>ni3vR2xPU82 zwdM5bIF*eSQ!A0*0Vsg17j;?G+K?7Af3F4F+8Xl%-WIEdsQ)k_4%$<#HcM9b*O~TY z5Y}^r3V#ZH7G51rZ`w)|^Y2QVoDP*HI+v)%8>Pi1Cu@m-kaXGmb2*~_*k@ZyWU||rUQM5A^ z)!@!*@6mCtKN#zv^6YdrMA0e?8*ed!z(Q&+FpSzFUquC-WbjZA0 zVLn9Efu^aq_xeFGs7<3a8`bHkAQRPPrhk+k>I^ZuePsKDATONI=l(M3mb@Fvv*%0w zt-tdrH4VEV)${r?djr^vVRs{30APN2*xkR0Vd@SiP=3VU&wwbA;0 z>~8nEp=`hZqfvj4d>=bx&;Rme6cYls0{GU+JpAnPxogFyzTJ*tZDQz(&I0ndX$e)> zAh?Y%30|Z~gcuAHGD!Zm>xn_n8vGDsYc`BJbBzPN;8boXI4hoaeJZP&Vy&#;F?Cui zTM8E?>!ehkaIFJ^m2gdU|YWSv@OAbd_Lh;!ZboejGB2B?r# zpec>zm;7k8=U4hT6}0=!k1c-EwlQH&+YsG#y7}Tlp zcT7V+;Kg$F|J0x2&b6p!JyEm;WY54-o98a9kGnel{prytSL4I&xj?&mC^O!&hNkO#Yp-xE(xO|m)P;hcX^(uAz@vCUYytPBS(6wOpnl17VXJeI zYfu+IOnR3Nu2%bVX;I4p5k|@}P@th7gRTuohsZ4Z!Yux^i=7?s z<6M$mvHF zyHD<*(eDO)2GlGqluH1`4tGAi(lcY^E#WdCHMRS>;STkoTqY?NT7*MKx<|T76X&?; zWUEF@){}Q?btBAzbrj0`MCj_s>3jD>yxG8?8rbv2tx!-q*^f*i9=v@HIwTQQRy?;6eZuE_=okFTjUQaO7rX zEdk6N7EWK69^*$)%`pu3?a>~i9unf~Tpmum$P-+0OPbQ@Ch<1SMoXa7-(YAYq~;n8 z_d9Gc`@t}%XA7cP6lgb$!Pqm%@7~ASwe|&i;Cz^;KMyk7Ej2^(<8^a!Y-EW;L#`tAYKU`#pR|KN&3pthk z3FsBO8z~~HC}$rR^bU*iuoP}|oDLWFa3JqR0t7X$BO0h!tp5@!Az?*#h**6aNCd3Q zt}d>vU1SuoqK!(U9f6&Nj$X9GSiinsovK@%o&^F|8G!3HbT=*S%l3*zy6erRRkNgo zGiU z6uY=NB7ccLW4Gk4aj4!zTlRaa6}NZ%dv|;MM?ffvbWm0@TQ^5o*La4Ww1sa*Z7D(c z!xL!RX;bqXicz^V`l)YOBz7L8CqTF;2Wqgn-4x(LPrCC9*GUT9xXArzbM{+N6)Byh z88_aKRi?5f#>mh$h|?xmBD|Ow+PQ~ly0~}o2gvsfM74z2xeRqwjqEGpxm?Nf74$}C z9A!HAcnUHP6Ok$PDOTv?p}4aW>`$*q`i?mJ{^^mN0_EnYbUpnkKf{Ple~+?M(Gpa> z>@Wbracn8(yKVEwXoc)Npuse11{XzhhRMfSY-tl(_v;HCeZ zrA*V|KBmv!6`Jb*$2$VmE`G zF^#}|`LU@2(bJhuMhL&nHbqsgq5tYS$Ar+^%A_20W})e~f?8x|A3qP%R&99l`1!J_ z7=qJb8Hq3y!r=LrWz2Nw{94(*fktnUQO!L93)8`C%ZS1l^xKm(_at?&;4fCJW;E<&U zL07X5N{&>x2!sS2-SzTvRT)4s`z(E_tCB zWF_17c-4u1cQ^+Qyx5uNJcT&eEULiB3v7Wzo$zFMl+3qO~TSkl`6atFVf`d`OztHx!NpN4i@=T~NyS{#E z{AI7Z{Veb*fbx$nsGs|O6n&%8C^;~x6D;v>{A)kDF&CfjbBYdCw2N3NA9=*0-p_IK z1LtiQbw7mpxg%TGCh{-Ww=$Ex=nM&sJm`xmL%;HCS2HPm9YNQ{x3BY82*JM;l=-tH zwvNhREKTNFwghZ<0DSU4wTOh9JnrsEqo10(;ht94tZ#E-dt1DFjl*W_*Acboj7y9C zxR7|zqoWd0?21Py(IIH;gE9$=wC>hsO)i!-|5OVRPoFIEp;> zPb5!g2gIvfa6ch`Yls3iMaT^`oeX~DtE)f8J`~(rU8fK8DOB>gj-V&tep7(6+-w0@ zJHIBLxDh(|<}iuZ=I~ZivC~o$;VTws1#Z%z51yetC*32wUKvbQJ!*$==>~a3!WX#dE|GsjX~6 z7P|RP6@&No_U#g%ottZJ1<}9`#XKLXv3%)ErMH*078rnpB|k;U=4b&v!#C%HG`)ER zl-T4FR%*xO3w0>J&2`M9199J0a z0$J*Q{mUeoP{O)Sa5zEe$||-!Onfe@2pAdZzvls4c<^$tWofpFk)kv?I=|>{55Q7P z0$DXp>>cDW-!Pv4CQn`(1c!Sywp*1;8c7{`U#kj}le^`0iQQw@LH zf5cXeKD4`DT9k1vOfK?l>2&@cY6Tx&`RTnXVIuD6*mfKkoYo;%l17EvS(_n#6c9>q z`9Tc$5^Ey=iZ${64Uz&s%ro@EAc^05!YwJ8dyYjj7Fw=he(>aC>F3EL!Zk?)-5YV^#?SY@ z*I(*qRMObg+oEu*SbbV+o2Q-LyQUUPd^U7vR7%&@#hu172E$ zGiur&kvCm)Enmm1`Rygpioxw6@jd#62}ArOZ$@@a#NGd&01+nc*>Q2OewO|DyWz3s zA;vSR`0J?`y(c|)snaW)erE*#G+&L5=2}YrI3IbdO227|UQrct`Pse((oO?Du%+E2 zsYoC(KI9V7BWYsur8{q23Y{YJGn$3RlEpcHo^rTe-7(?g=;T$FT4hq_MkXB*EX({;tI&Pds84690}cf`nWAJVOa)Q|Ik_10fz_USpc5cQ>U(3V@tl; zKkMMU;4Sx9gT_X_T59Dr4-6U*>aeBc@L|TuRM!5dWaJf6D$uicuzg(|m*}(4FtVzD z8&J1bpp8=FCdJGYox@W*H=*EVL)2C(s~tROK!B;NEelI-87s>sbt^vjGIr*<8toQM zjV=<+;LsR6tJOSo>xnT|ede_a?%z?@^2>;lSGMt2BzNR@iHDXYF0|C-@K+~f9o#PS zz01RId~0Xcwfc9opZQO0rc&>Wi(J`%pOv1fXkkRN)l%E?eNtui8_w`_zr< zy$P|*R>96Ha_Jkfx4*Od92&gyp3Gh&BD2DQ{rU&DO)R;8ngcu)KS!_3-ngSHT2;DT z?rrJULBA)Z-XGp5O=^PX;Rjy>HCzKeu+@wQ=rujWW$YZX};`Fv~W$kuxDiDecKRh*?+ zYXOV{qwE{*F1qoOtUvV(95gudAV&=K>vS#frUHGBf8z{-M(u^u!;kzs_5(*a8!LTW zKd>}9_E#(7G(pQ>f+Lw5IOsrsGgOENwk`J6xbO|5#jHCOEc!7r=k(0ZS+UPPkFn}R z1OltH4_Y^P%%K|22^&{N-+Hs;`30J-BQRnUsJ|TI$XjoQpPz5EO1thTd3b2%AssTV z?4V1i&0(z>B8#J6=Z6O8sc%>|!j^F4vMen#9wTcPm3{qvCC}WHxlgly(3z*|a+{_@ zrapVGxJh=_<@*Is`LiS2cT-vEN^xlyQfWrIfR2i8^<5%JVqE?Njkj|ny`04RkSLvq znR*1$+;=RI>&JWz)JzTdU(im+=O%`RX%CszXQiEll9G~eI6Q0CtcSlj*%>Jk16al$ zdVBq)Nt|Ion(ZCVa)-HpdbYM2W!YcObL^^PU=9DCtyQB;_2qnX<29OPjH%rqaBN!) zyv;W6NptOWX3k5hpkD9%P=dd0{rj=3ek)4$eM}GcZMXcotOpko{0-B1o)*HXqI6xQ z(-Y*Ps|HO}$1GL2#r|c3ZbcHy()A|1XY{pK6NRH$P;4*Wq(3Bo=kx-y)xbQz5rS^4AAAke5DoYq zTMc(T|(ta_y0uD3MaPKQDrXaM9Iy`Is!1*r~t#KWpue z)=Kg6^Ao9Y`R)3Dp>A1f&QBn?E0u_mppC~|8C*)qans9}KVE$M|K_i>^L1$|inlH< zeEPGsr3hBM|RZv#M z-VhmhaoBvOKzP_!{sv;A@~94fw!Tj#AP;Y2BNg z)Z_kZ>U(1)j$0GsZSt^7ue$q(a@$xP0exCu1HJ~*O9MWz zrPuR+*gewB`DFN5D-axc$>)n*7)Y);BdeL}nN{u_Y$aKs$R_7&FAl>Jos`VHTK5%J z$GMYspPQd}VR8(r*#H0^B1uF+RQT|JJ#g1md1K!jcIO3qH~i~F7q0nUfgFihL46sV z>D9RWHdau=Pxdw7YoG>bzz4P(@Q`-4h|Ax9dE#~9`OI5Cm0_+AIUzAaaj0-os3a?i zGI6WF(6XJO>gw!R`!g;*_b-3>>kWTZUj6YZPWhivX z|9bLy)ktE@x?Yu2pDUm+nse?|W0 zI7xKr$lDhD`Q;H~#=LaNkz+19=uQJa>?z*1Z0r{gUUu4FKR@(=2Oj8LFIcUA>f+qZ z-`f3ee&|4@=5EtySF(EIhhu+UZ*XhP@N-W7mwm$u9Ho|gcGrM& z9BoEx_!{^vHBjyxO4R}_TefWF%9U%^uHCqCj<6-ak8b?V|&;gT?3Gq#n5B>K7(lKJfUE+Wg65L!&+J zTlV60EtNX#z@z(j?sC}YB4s66$<1Kg?}Iy!ZF8qLJ*ZAJw^{xFYmbqPc1u5c_Va>m ze87}1zHmA)r}`gq&%Dt?JLvau^Gi2YB#D%+?3!D*jTL-z;-XCh8(4aO3T=bZEQ?o7 z=c6!Z^*;Kr!|JHRN|kR_d-aT0I~;dU^uo74yzzkT{5_Q7=-;HT1~6Gmmo8nsdiB<= zd?CK(g<7?0HEr6ob?ep`+iFQacmAfyKjr^Ad&By5i6M?^arkYC8#c=6-lakRzImNG z#Jk&-3RLYMGClFRbLSR+6cn^=+jii4&t_z{)S*e%T6M+`B10RXEg+fxGvg``_e8jvtu0Xxs;w{`QUHBIh;fr1CkS z2~?;!D^BeG)ev>nh~>BMs|rCam65Uer8B$T5MMk}uz1QxBi|i={p0tqyuvitx$@mI zDf@@hPco=hz3SY06A^2Z9UU^T9dEzuDk_!L{m-{{dHMeH8@&3&&HuXpnhTD~i@*56 z*UswjnuN_m#@}NMRQvVUUt6|p*{4sR>H3py2KiWUz??4|P-#14r@!$L)91uRV=8K^)yp=|{AKy*vCLnz z?$n`vm5(F-`>vAE5X_!Ed%=PQ?b@|F^2j6W)JfQZdM0%2*b%^+Hf`F}sZ)t`>Cz=N zu0GXn)4=ABpM8)IRS&;tzu{7+6|{oyzdmm1z@rr-aw;c((|sYls8dN+S<(N{b*~l; z^5RQRYUdfZ39^kpJkfan8={9^`}W`NI;Qn)XWc84Uk-y!#Tp1DRI9ppA^E$0{F@&u zb!vv&3@1Bu)IC4{xbKTk-f`)JmmhcEKkr#Md1yNijishcSzLTf+lrWulCOzOmcKBZ^?NNCoq**^R1Q*#vpm=XAz6>TAsVnZhVxV%o&MtdLF6|5*Ii1H;O zHv52Vrr(+(kKcey&+yxJG{&b5?W}sWkpGAAvuH~yz*dc)2dIWN`}ONLXwV=ps(D*X zI=Rq53B5PVkN@Txh^`!a>4@M7kAIcFA)k@tl`HdqSN;0#;dboFCq`}v)ym~Pn!7TN zHfz40@UgRaBv^4)c}?;{lqbJv!kgFH(Q6le{_v@X9oVlepC{8RFUtwltS&>tpcCf2 z_t4ejg58H+*)P%Qisz~9y-&R4zfayj95~tN@Aa2cWJ<$_U`j` ztj{H99MGUn1ICc^@)|VmeDtN4*uk%^`g~b`yCL^>3V!*2=il?jgbDB5(68wQuLPaN zBcTpD>#M6SxVKDJ%A!Y9c7ukUtiaf}NB;2h_-DIc`l%II@Z*mRER+e=sSYONM|?JJ z^tf@O-?{I+UfoZ7B--QFxBq^Kd|)iGz_EDRZI|Bm;iMUh7yq(ksqSwHq-ug?Tk5ob zIrgg`|AXgxXp<{`i358Xv9>coBuTw6qb`;IOP!TZnWTX&TehU`Bg0RmnyK~ezkAk-ivB?-+lMF=bn3i&_M?=EP3ID7rybv8{V-LD53YAw(_-}YHGol z2d=npD-1+=h>!;q`HJb)TX<#OP zTRpSN(atD(?jL_VpihSmeJ_2v-{W6ACN7;zPH;CE)H3Rl%@iwYNo?Qqlz$M~n%ry7o^k{$TBdEvNcuODz&=Uo1scj^C)n!L>6 z7TxmoBj-Q!$sFf)^Ys5+e_G8Bw>hOj2bCEkDk{c+1!Lb7=AVsc48@x&8vz4ca?fOSXjzyCfo{yIrlCn-jxn;(m9 zdhyVX|2|{%xbwQQS2=7#NlD49S+mYO^UM@kdC2T&g#F8mu3N_1TEP$l?WKbq+pu;` zSk-EhSI$^o!G`>zNOoR-d08$O+ty#(qzXw%x{XD*tlwBtyI#ZWkct#+*bvFdYhac| zy5&8QRI2lkmx{)sk(dgEm?HOtqJn~OB$8350ktOy=Ao)QTJ3V>N>Xkem@390nJOnB zxI|n^H-!k4Vr|{r9gMv8+G}0AcFoMp%rHTA`%y)Zw}lBA6LzqFigYOc$}6v2dF7S- zxT+SWcVB+y zsv__}o__l2v(G-e3c7gqi*q2^SLulyBd3c)$=#D z&s;kC+_Oe0b;^@}bI&`xm9h#(|FOy2Cx8F^IenD1VeC~c9v^$=L{WhW(*RE}jYWifIA1Hf`E~YTj6 z#~W6|1(YoCYe@3F4|adGk3=D^$vV<|i^4qzs0FiF;3sta9Ma zLqL?N-WWff_>U&(HV~}cxRFyJ1iR8@lkQTfE~!Z6x7l^-xG0(=Smg!1xf)aw?epgB zXuKkWYuOxo2B4x-=efv_Zb$3eBg>;YuMw+A2QyxL08~5u=^tLcxR0jUd!OS^|Lc}5 zMX8jnh-Vdl=`owN!$!KQ*ATfjwhEqZwjGH85w;50b|9)O-XrsUVmH4U5o^t;+d#EL zZvEo5{(5ckJ{L{=CN^-;yH`JW@J~;*3aMy)J%dqVtGTaT`1n|L)rfz#$p7o;4& zfS7G-Z;fD^jj2_!tH8XKF2=SGmhZC^#~WDXj|(Axo&?xNiM{sPi}%J$Ln+FZX6D~* zmj+5^KJbUXyfR_J%h&fm>#VaP47BMtRXbtMn4;$D-175?M)i4A1R+eSQV&JC9)YH= zgw_=Ga7@%!rXY;;j}qpQ2n(5#ZgmbXha;{Q(U2rd>2f7sze{m?S4x_c)Ev3>6pVU1 zUPI{7xwg0<>X{=yZrkXPVI+ttHU{Wf3!|0 zw*7QN-@#9g8uiF2CgX_Pzg<-#Ijets>+->WCQ%o7W0OwZICj{@l63MzqfLrVMW3-q zm9o)u)S-IHw`0Z3SDAk$F}paTw)@}Kxu3i^NA(%{V9y32he<}ilb*OOr`B9d2H;$X1cN>g_8TpC!a8eF?8sE z&?JphiriG>@M+4`fDGvwa}(Y$XX5`Zn|Scm58rd>B1RQrHl73H35@;OGW4g@l+xZ3 z-7zxhv}hBK{~n4D4Z4+JCbc0m6ww$S98)@mS`Si`31-bLG~RBIw(?FviNb<0NEJl_ z{?kTM%aXV?Tob05J`kNCD}aBe#~E~gb130(4VbuI>5EjlHE{{b5l*BnRggBv+hEdl zB@S=JU`&#nQfU&6)`o^qM>WC@X)TlHj7pTpymS*hlEfvd&R-jMjR8T5Acv(NCGiS% zP#w;tXp`_vZj%yA6{xW{;<0h9tOZ;1XDW5frN=Z&GH0gD*7ckAx&D)X9MpM#^%r*^ zdC4D-I(_{a?Xy&@B!9-2!%q70xO-k7e^ue5gD)8R#>t;w(Ytug>#YyCNF8|7N0ZKN ztMX?q3It-YpZ<0BF*g*yGHLcc;Yk+{I`M{fbDkN}QoAI)b9$J$3d7BFsrI9>A}qwv zW`T`s_-#Az1~CjWeBt0%B5US0GmQO3t{DDSSu2Tpo)S;0E(mjw2o#}|8 ziy7i_nNuZn@g^iB5e8L%UPTX(f%j&qK43; zKx~vzW5p5&VoV9Wv1qH;nz__%kGT9A&LQ2hrNMqD^-?e8Z!C<(GQcBNeVq5qq^Hhd z(Rk4b2djs5J+WUuf0j|ZPhbE0p!z(xw(ZC)oI31=&(xou?N#4@vLbDJDfRSg;~qHa z%-ROeOrffQt-3>zQHCPvqv1<&HM_Ij=2SNlvGrchK+x7>oAF=;YB9*au~@rn0TzLc z8a_p-!`pS_ZA}S<;(RLlOJ@>R`btkZwV}wAfGsO43&)FV*(d$hTW_&)axU&JIQ@1w-hy z+%Dr%5$*rss^FqwvOTt*YT|S-skXr_V?$|&LC-kT#9v)44qO=t;uIAWGz>Wm#f)ql0Y&;|%`ZRRW8U#RIf=!aZ?u1Hn$t%O1z1XqbvLRr(Z zm_5Pg(9funur zsm3~E?W7SuD0N-ajG_dmVwSHf_4Xxw-gbC*$zfMnaYivq|Ki-r*6K;&8C4;_huDe6 zA}csS%(gjye?gms9dOwqoAo;873-o)J(K^|ru_LzHO$FbR$%3?Qthu9wcqA{ymo8% zh&A`Hfvw7lQ|%Pf6)6ErdG})}VWoF)slw_SG-x1;C(FL~qeihJMjdt3QAwC5l$4@u zg?#;tR5W04NAzj2tWgI~F>|XshxGUyhl&9*mIRuAL-fTVs=^c|e&rSZ+`&)yX|F*u zcgaj8vWCv7$s<`RQJ0eto5m!5wN6Zk;u7G+l{0dnm4eThT&H1(Cn_@P4+|KNwiH?A zG-X)ovho1RFIa&jrK(Kj22JDl8A>Aq7fWLsot9LJSBpls!~{z5*S%JY$?u1_R@)wSZM*-~YSF!!Qe(dOh8~y8WbKzvvy!5B-wvGk z!w;-D+N8&M@1J^<`f6yWNi$ZtWZNByiyfeU6=*pXO{D~EO`0@eqkFmjFN2U&!-r1F zRt7z#C|fqmPf0}sVq%P`!Pq$V2CWhAAgka^i?@XSzam$vq ztCoHL>A$bL=d&VXRIN>0*REYQdf20X_-&ilRpM zW%nI1_sNqU{_q#gdD)!rzn_sODt@#!Z%QGfbi-`1J1&19%E7|qSBH|UyE>;} zMgYmR{2^Y*l(gmPZd9x|7B_Obaqr%}Ss~*2f$IVzM~>v}Pa1?IokaZWMT-{gz4zV~ zGxl>*(ty|(mfEw=hGf_#2JKlI;<%WMnMwlQo2HRw#+cQ|VQdsh^`Bgfxq?wI6E7_g`p)qeG#4F*_-Ly!hgaOcpRZ zPNfob6-K{u-AVP-FgCTiojw1%hWA`}?xjZqUQW2=kxxRkx?X(8kdyB^v*(lQ=xgpD z`lsplpWZub?1HPi=ufq0g_6x_t&XQn{b=i%C){|%J9lUD{QL*%_LDC- z>_K6C%0CzF*Ab_!TnBkfIZmxfK+YxxzSvi=jBMVrSeWC5GqN%& z^Ua}-#6np)l@Mt*fM*#-%p`yq85vnXm=j_gL`RKTPD0XcoT`Gqu`rcLUUU z_L9^4n+Ru<16P?rX#C`3;@sV|U-_BkCQCA+K8nsu^B4yQ9 z^S@JpMg!U%qH6oV{ z+817UVbybNiN-`Wu3cNCuwS9tjq7W}Z9>tOjYX<<=z~N$Bmp)jc@fwbQ-j5|*Y|)|iJLc9)hwJQTpkXXaF?=ZDLa-B36d01P($KgmW`^L+=sI3$4j`mDHe6<-H7{W+>{g|;hfBXZACMA z`azt3e#65V;!dG-`6P97+wkR%T^oQhZOUSHBnl!&ESuhPN=Is?iaLDSj)jp^rm&1t zfo)F-kqHV2l{^BjIQ)6jhtoLHeB||=Sc$wvyfZ|& z5_na(x?_(fP3Mv>S869BVJAxRo3rA7V{8i-F68vu8u|m_iJ(KC7p_*Ve1% zOmE)$U;v#FbY`H>cs`-0s8t9Y&5tEh#4bh;P( zR*BG)0RITk5cXuf`E3^s$os>)K_D(L#(TmoSGgrlL{t2}Ce@PO0eagUAWkAw*DW!OIEA{Dre;N>A<0`o20vNY0u#qTG zN5rK>6>izzhg$ftEMLBS>C&axF2g-LBo*_UqTBN4E~(OO*|%Hn0gt*S3l!b$>JR3#qbJ zpCA7dLq9k zYkd``ss!20t;WTZp=?zZ>)$|LW%JHVFBv(N!t`bNTNQ);pb8Ms&sML+@hyZ?BUjw^e1F1T* zyI(TDMl^tB5tNcRS8R|N9Z3PnxFr#?qyT{*d<~!h!Kb9F3uZ)rfHybS)fg#m+>iJg zs975Dfh~QX7nTLAD%ZY#ihJwLs_6~)<=VU|W))k}g?Z0w2mZa1Ac1TIZ~4QP@t;%}q@-Wh^ao)k&C z{fz|ltMxUoqZ-(-VS^8BJF3LpQ(lY?(B)bmsh8U%Jd@kqBb8rE4bni_H^&v;&2l4d zmLKsoP~$W(ckWyt*lN;KOU3S_LQ|94?8~}qG~j(tyzyOAo6ptPz;4n2hs$VS#st*?|B6 N002ovPDHLkV1m>{0R#X5 delta 36307 zcmZ^qWmp|cx2>_D0RjZq;6Z~EJi$GF%oPSyjDey<^PM_IEzdFqP9)KpW=^N(2o_(EN{Y=G2H#ct0R9rRl2bafHKLe@QAT zN=cDs_x7MaYoJTB-bRSX=?Noe`-J$DD!uzwJnhTf@Vdl%%DIkm_nW%FiqEy4`_XWB z#3}OmBqePnJSeE+OS$DrQ}yj2J^X^83;$jG&ZSKq$tEL9ALHgDA-tp*JaC~==bAlK zfKL&X@#SVC&c)*q)}GIi_UGBU86VOezmVI|>6RS*;;5F_lnUjIu^&}~@h+R8&j4`& zl;zE&FDG#h$j-606$g(P+p(9TzosloHuVxi%Dgq|YTMDxs@?TwT@*PZ!q=$^Xx%x4 zp^v$>v%rgOPtBat9gWml2kIHa7soi!ucg||Is@6E-e07Cb(lm=+ZgCV+VH>Bz+_O# z3hHvDu7O4G#};^A)#mOM-0p3AET`aral}G^VEJfbYHF!F0j#1%N?I6afl|GdA<8xTzJgwVMeGiL_3fsSg;|zmix-uFFlA=Ua z5A)mnWj&MpsEX0W+M_j8OQSIXWk{`Eusx<0KSIaTc+T&2!0jPg*AeF}=`)+|m|V|m zzBtRyBM_d{ax`Iu0i0_pf5{CDMAaDW=qi##bzUBx7(lp^!@*@4i(zUz_R=2Bp zyfz+a(KZa%9(Y$52ukUDpUgk$k}?uY2v{Zm3MQm?u5^*h1da}uKw=)3-|rm@$2I`o zwiE4qirNFNDR_mo%aNmU< zNmdi*V8%T~Q7$x<+QiotQxTVFw>!YHJe}EuG1G?|2h`Bxl?oNqD4ral_jo@<@I4Q; zc!w6;S}e04FO@UC@{UU7UR)+)O+j6fS~ER0^ZQ^sRBWsM@FyK4$bL$e%v3J8F=`#V z)==C0^f;G!!NtgS^T!wZXcS^Tck>$UKB_eSc$Id#A;M4hUvrL|u?Q4I~!_a`=*_O74 z2u7hR`Fc6zP})~7RYCe?yE6%4c8$^(p|XFX?RDr@52>H8=*w!P(1dB9T%oZ}7Wv@2P*;b%j;HVeh?IAaPlop0 ztj3)gW|Yv!Uu}09v!kP1=w?ExE5bn2oKV98>EuaVE<_g(x%zp^DW7Qrge>nT^Xpd9 zfw>Gi+zHnc>=O>Y{>e#8IySgAEbSNudIpW^w97|vok%teH`e+}V~aWPm6lTy?Ub;| zW82Ha8BRG%IPKTcoiK7$<{z1v`0`aOHXtbf@5P;y~QjZjZDr6Ygw=K3w zNjGNty$ZGh2XS28X40Hfe`s;EJhT`8qWbh9%v4E~Wmcy=(qmL^(ImZVJn^ zgf%9za=3!^iZ`U0{#(g{!5W zEZZnSk)Bj1HQtQbTit>(FHaiiYDX`Mali9_F+s9HwzJpb1!NN|WguXCVckE3r?sKj zBin-=n5c}=QW1O(@b@MHSG@LpqZ2Xu64j<&FquqD^6y<0JC z(LN_|R_91b?Bi|QsM3K5)J6?zl4cI5!%f?Cyx6gZlN@NyqA-I5zZ-#i6OY}A)$$Xb z2mJ05^ZxGkPr7&BqTXLadj{l_y?jctJ}ImW=6p}^hy1k5rxSj0+%Tqa*zvn&%RZdm zFyOHjM6_LPLK<_j>##l(xk3)>>`B8a-a z@9H>pyqQ-v$I=Ybn8^oHAFB2`qDi^RsHj#qT{t7Hs%&^PUK^UhGKMYH4p8JP+MK#a zUAkn)Lr(}-wv1!=yt>-KIxD-UFLow(m0I`g&F>VN1{9I&L8+kU(32?;45iHRoS4EQ zQejC2l^P0ny{{gcnwt9kPxyU2oP;MHa1(5Gvv7lh>F zwepBE_o))^Oxc-|3SAUabCU`FW`t?wGHA+~Pqcm2fV!6= zprWE;uvn*Ci;ewQ%gVx{=NV3H&{aTde=zyZhz*EsEs$w9fqWIR z%_@8+Dk^$^cUsOsXrtFOCd-h%_-zU@t_f#TxcEfNlVH2I`6C#1c%s)|A89f#AZ zYv&*Bj)CFd?T7h($mkqddiZ^ba;>{ktqe>M1R4nx&4hK5#o zrZk*V`9fasEl5xY2M1@_xTe1FPjE1+67%E4lI+iL5pr>VuM$Ju!!M?ASZ(V0uF76b zANENL!~oJ(1M3$4C-f-=n{W3_vqJH@UKg4$MDYs=P(a0vsVWxHFjGRkUHSk?dj5j& zyR!AwLxAY*hX72F02?}qZiz^uBIet`{`LSs%}|=FRA_s=wthnWXShP^IaEI^x@KG5 z?jngOA^*AUgZG_m=AvIXDd?^pU>Sh^+Y|&^$6dW5wqLQZx!a5MD=qc&FGcokZ0~f# z3akLVw8O9?`GTgFY}fxZsz>(LXaHJ@#A5vKPfw;Q=8n1-#h=0>)LEz2zg6M*Y}vKS zlApH3Hvq0?b}^CH;vU3HvcDfB|8`WU4K>65v8cG1P3QI}kZ87Iraha%$`T?r)AIZN z!S-8_Zpk^Vc07wKtLY&oK}zaletAf?Ak_El3&OCoPr=ODu`&x>ZJMN(801(f3FEUXT$u9{0vHSWy~9|E>{1M#e9mk z6nsz&gyCR?sAu|$$YnIUFgVh2EH%XOs;xTZ zF7t6UC|pl{pjBD1oxLqkgB>f$#%ae-X6Sj`wLiJ;ez$S4p@*_FoWI>J4XBLQB68xq z-$O%*CiDfH8A_{uLg0DDPG-sR5Qp5Qee4{p%6T=Z*=?}`wECN>O}rnM(-K#J8}M@| zzuwbZ5}P^o^q{@! z#7CfM-r=!x-Gq8+K&J2@CS2Dn;-^D@*wdSK9E|{B3vO+7jW)mlE+DqcV2n?qf57o8 zeX`KT+)kYl8uf1{E%LEuk}j(j;)eGQx|kH51u_LYazo|*e*)p&BWqqa4_~fU2+GYU z-}{r3^DMNJTjb{89>G?EX&1}*u&}VP39O6Epbt#^Py*Z#XtlWL?(nNmxE0xI33m86 zZmo^o-OsalDps$6NFF0v?0mkK&Hp;o#nkmNKQxQYfhBsiwB@V*eZ9bE-goo+t1| zxw6?yz}smX|n>K?%Is$zg0DC`6hxR7yMl2p=?cdfh5olIPYP=%#w* zK(fu&^1&yGA$L2t)*&Q`No1#p1gYbwW&VzZ)#jvf?{ZaUX-pIuYvmeN6>!oTyTxf> zU1_koy1lKD4H!)?^$^j0;ejh);9a+25v8J{e2B_R4HDEU6YbnzDcE)F81@m}OWXvS z6B^X!pv)qDQFV?${G&M7JgWSCYY&h3Ysj^Ib&M)y?YnNUE9b_&-R?M*ZhM61Cb)Tb#@y$o0?f%1~q|dL$2>du;@Wtbq|jH*4P77IuPMdo$;|EXCa5)yCOek+GdiAI0yEV*erJ=&nAZcd2qGN?!mF57~ ztf~rnGqXb+ezOvbh`E_I!d0#@t8pDYbvUEW3F@F>A9Yu2vL^?moL}^19Gbw8t;r8t z=Y*Lth6ZlctYW5MD{^AL&%=!R)3EdVfoeY|YwX$rW^)!T8lu~+QuQHzz(Wz7n2+@e z8j~1}&;{%bz%+;_e6!w?HwOI(s@6Z5kC$U>%(WO5N}2+77q-?AQb6ZMmp%5?cR-R1 zMI71OD<(&Ftqe=(!tIz&n>PcyvuCFT*p9WV8xD7EaY3zeo6(w|)Jx@H?&}WOES4K| zy8|5757?!e-!&{ZRJ|Mh;oA3^ib~X_G~VH%@3UTk_~a8CkRH+9jzFE3sS)dJ(V1B# z+GQv2>xe?c<7g%jJq$KdnMEbq#^{|Nie7(O9MJQ;Z?0y-O`@lFXN3XI_X7F5>W?k! z5b*EJ%%>hTJZr$(_{J=dhH5@+qgVsM{{2FnIEZEp-;_V;WBX|Fsy-U^3&0V2+!BDQ zWth8NqkHJ4XFGGah!z<6J+-L^Fn6fp%~j&ZEM*4v;u0aZc@|A3oQn1~5`kbfSL5y1P}Q9*^a}I*FFz9DD(za~W`2Quu;TQvHwpD6 zQZ8YPd)cX1a~GzQj=W{sNG8AVV;+b#RJym^XFZ5kO~i3GK4;4qHG75pu_^EG6DubO zuX>xhzje}Tz0pO%BAPA9zq05xw7SYSwQA82AdQWUt%gs6#UA@nEONp}dS68-?I?j2J$(%LB zdjk2b0Szj@W03&|`%WP^9>SkP2b}cZ9ts>E!tnf&~wjq(3IWqtk%^+bjt3vNKpVu>^y+Re(I(DfX4o%Z8jeZhSj5AxUSR_R^L^K^ z^h*V>ZC^-o+VfMPUdxHe-bkU7%t|G}qVqsb6dP65mFNCaM1egVd~p_w9(sJly&JD@ z*(7hf8k#31y?27d$mBAGO{5$WOYY9|V-Afaf#LbWxW7b84?-rxBU(+-9MLcu9dCGm zqNZ@h^`b5gVhQU7FU;(vge%Pt?0J=HP=^Ij>EKN5!S$l${7R=wz~aM$qLN8%aK6~A z((9wSy+2Vx29#%9!o$HywqnV6Ef{UQ++o~tsqq|6KQ*eDD$dyk5y(tVr8~3u%(?Iy z@5ajrYw%~-nM+kFs=YaP@ig2nB#e-D>9854-|-yHiD6Lrn1?kZLN_nXTvwlQJ! z8$Yrp?%Si0GM8#Ck@1BQL|lnl=(K@#zDdt_dhpJz^h0%Quoj#Y3ZfL^%klyc(fa~Huocj;}#o`mg@P6+}aw8 z&gBl!KLx7H2zaDSN=>++ac|i{L_eWj!tt3o^rUse4uR!=MQS;B8 zjBrh=N1w59VP(8(^(iOMiN}zmJHUg8^;Y)BERLwvfYb^6`f(pL910E|9ub#)|DQj3 z%j5L{B5ZydEw#0*44OVZJ`cd{iAHdq{-_uQ><+tdZ=MI=n2v@dFhWjsH0w}%T_=C# z$3a~1XpYLfy;Gh%-@hz1*V*aa_`94Z7zS#5X2+L=TLa!TARrIj%fMQM!tT`;Y;FK9 zb$PdiXn|DCaw+T@Ksj&P*uw>>?i#Se9t^V}b^nJkL#LdxJllY8T^JDNo1(&u$-S|C zp|unL(=@ZXytcMBAnuwhZ(`;5T~`7T<0&yIsrBN)GLKEkM$dA7G@l{VouN;rzPkpG zQkd|{KDp_2eCt{p8GSAZbd|Q309vLnzY|M%S9V7JYW(L(9tN&Ad2Cb@!=v^pTEsFi z(4z5C(1}-W(y%#Q;}I|qUgH?_Dhu4|TWxhS8cy^^CzmU#&Z~C1Evg4p&+|T82!HMz zN^UZ*z722VSZI%2czLO37y%7=w3J!)fz7Na-MGGtUPV7Wvf{g9RxhFizd6cbvz580>uY6U zGz3>@C|hGD0EV^`@>zX@lChR@^G#jDlgzcbC@|{RczcMCPT)WX$JPy`%9$LDBL~V_ zQ?-iiF_pRAGP2{zU1*FiomFatk#Y9#sm_%@4Fu{Kgko!3u43^on&^!{iPk5}{eH^pFAB4fYCbTHe9O~(kx-PD@r zY{ezE^Kwep3ktYnibaws8E2yT4#W2Ws_tZu&X|1@zv6&lF6-)HEP3OpFq-`N2$Kh; z0V!Wk28hD5&ZRCPzf zn~DgyM(1=`DAt+chQz*@P#b@*qkDS;wUa_!fLxCmuT}tt=EJ(v^Dl-c=CfmDRr{7m z`{{B7q0v{*jGH-Mb33Aw3=gaT%Olg$Dfj;`O8zgB{Cx+J*_sDbS@~h7tP2Ds$Hck7 z+03QEk`jW5n5bYuS))qcqnqdR-B7C<=$CBcbl>ik<#_kJz_Pq-=$>)VymjlL3xSu0 zMaadYgYWm9;J~3?T(xq>Vkrc&m!}h-$a%C@^q`x{t1Ev$u)wyjM0&pXLsii+9VQ7B zF`PHoL!K_~t!jaA1_eah7ds)91x=b%{709K#F#EZYsnJTHg>yhhN{A=QU57Fwp#DLuun^wm~cfCE?MW*pz_E^ ztwiQ)1)lN5WTTO!$wojG*7zi-z1cT2scIqJKh&#AAM586q~lT*Hler8}N8x zI~QI8tPkf`oWo5&V+mqxZ?zgjdJWKfIM^?ych}cXj9hPdkqFunPzAUZ%8+`&bfLUh zMSs0lY=u8!DE6-jw6)@pE)i?EDl9pgGt4m5u=87^YILV*R zx;#me2Gcqq#>f?$HcT2WZ-mSYVCU?hMtem?O`LCZM-ub%IiLU3ERV11v&}4)o~Qmr zD;lpHEWn2L;h--4ybstoTNuEmP+~u;JBjS>t^QJ$j7L)h+ZXgj$tq0|AMH1lm+Qsx z0*jNAlOh|K82@pqBw$VZEm;;ezibYV4;HvVTi4*atE1DZ)>dLa?jTK09)8xlR63+?OqjLY&F2Z%8IekB7PGTY0%ex<|!eQ%gV+^ zVFlwZ>Gbw)iXrnLP4Og;<9CXeI5x=hJf#;f1?pCwO>Y1*bMuYQ^`jXt)|xnTUNz`T zN=oYK9cbABwy?EgFfU|KNl8gIHa5Y*!LzfoRtrLP2q_YC^H>=Y&YLT}P2LQAMVZ5_ zpFtdnb`+#;`?tnMIi#+88ycrSX=Gp&NxjazyWs?RfER)tvoU_0Q zrPl80;qFTQ0>5)q)Mfj(T{QgF#>u8O%O?0=m%z^&pbPAFFu-_q$T5Akk~Mn2y8GZh z&Nka`puM67zQ&QW?{BX#TjF8`Q1{}p!wNe@eNf6z6y2M)9@?zJSZahT=_@kN{Cq@-4n51p2!dA z0d94Ru6+5P{G5U1I521HerN`9Bil^tjRUPDOIky$kAdix=mXz*vTi|=N)T!mw7af` z!RNosZtrku^G|eNm$G5;Ap1m)LP`Q-2EZKqnboDcsLl>fOgo!iCz#~)cS?%W&-i&Y zHiO4V_jsq1XL=-3%7#Xd;EETUazZ!2v2ZE%>%nFPZMGZmA~%!@uQ(LtuOO)}1oMIq zb!MbYUZJW<9-#BQ`M@#9&010y0FtprPn?}y;K)%r%U={7>!sKUR?~G8EO2-udkj~W z-Sv`%`oM8a+q;iC4uIwOQ?@RgPxp7(GVtY{3v{1FOGTz9{dmTc>5 zpIN5^O24ZzRsT8R9%K5sMQUyy8rHC0IiSIlDEg7pIJ=M6FoY%LP-`E3NdkwFq6j)&1FNk;OFZFXYS&68Lu| zS|4kx(lLzom#Jt_wL&BtBLy&W0hhX+t@_lPX2DZ6?^6B4se(8wr!h0W=KndWT;vDk zMlR^K%N$WQ&Q+{TkLccasEW(Sz8c>R7d1GnsyOnjE_*~Z0MvJm9M6j)6v9arVa>E~ zSBd$~f&ibtF2Pl@IXi;oQ={r6K_thEm{_sq%bjW&xrIj}?TAr(4RI-f`IN=L+Wk-R z_ZSuC$#hKkmAl`A+uxyL%{Nsnyzbc>c4N8N#LXytu*;^Z*xRt){*#~DJmmsv{%%Kx z;_R5=^ksWc86c9Cl$ABRZ0o}v8%62Fq%U(+077Y%xbi>ZUBQ-1{+@>T?W)IHu`;I% zMVTQ;p|&^Y`PrM<0c=H;7bn)X;3ykoOIVPfFM!bsRi! zB%^(WC#i%Mi~+rU{%JM{m*!^M-9&?!dm4_!{K&+X9RG{bt^NGwx8}@mjeFRoO)YU= zG-cv4U2Ud&u>mOvjs46}({gw8V-CSg<^RL!fd7EH{?z{t>Y88ff9ATiN7!cIyK%De z@!kJOS2+WVrq{$FDG+O4;IVXWM=C(pyMA_$Ylw(zWzl^3b*B`}f>r=5qTCW{%%B?< zXfEC7?gKY~$o4K$u>Q|k>4-=S?K#D8Lb=|OwW~Dt)={toKxg4#ZPn_Ba z;d*OXgrrH+Sicp@7m8|m4&Y#8&cA?Nz@|319&OJ@0(Xtvuk}WrDX;sGKX#IHXPmy1 zkkXW2d5J4vgWFyVzXOtio?`w zIT0N3uewt7kN=J8Sxpy?B$UkNNM+-9>;m0hE8N(qb)ZUXYlnKasVIT<)`)qg){D#W zcTP3R%zhMQxue0AEzLEM%25Y2{II%tl zShg;C*7UqaIIYJYoIC*Xz&a}61Y^=zrRMMPz`3_)=(YUVH55zVyg4aw8$bg_e)CP# zksrB}fk~uvJ#``V)OU*v#zw*F*IHbz-Eo4L{>m?vdnt34M5aqu~QEJYWwiWv5kT6xUNXv z!$q6x3hiO&g7WmT3-W&A-O3!P$j~sWVYez4icNsC=0)S5Cr2MdUY-qrkiCN#*5Mc^ z`xXr8Q3UNhr}pl36_9AUBVqg8c)Z>?4Q|NI6y0EI*sXDHVvTGI7C!I(Ner?&{gy<*h1>BGas}+WSL$f1j zf4XNe8rG)urXe(Zq=?}F# z`NOf5{-BMxR(qxQha}R@XC7t=2*RDZvVWN1^Gpf2o452BujTqs&34?X=6*0{W+l%d z-t)>&eqj2bL6mM)p-H$&aqecR=!<(dV%voyjz>qDL*zod{302pm*8{UouIn<4sgmAJxQ}gzLu7 zGt`iiW>80%Fq5}8b5bDUphS)9y{(E5j0X1v(Xa2XyrdoKMV(NQwy)xB^He7oP~r20 zVPkDB?S4hT*Vb!h(gR0j8bNiIO!1F!Avm(YfjEq(;NYN*T+iU82L@yiR%)HuJFZtP z%xH(;#@W9F22r^ADA*=~eY2_8Zeu2BA7MX#n_KvJ`Mw4@`RgX<(r_KOrLgE4zcMjeQFoG@h9L5|Oa)r{F&ze3vwC zo+x{sK~$Nm(v1u$Zu}KcSgT~?ZR5A)C*$U(;5&Y}fiFt7`Bc1QH#uhQ@c0l@`Et~@ zeB+zM(uMEJnH;Wy%r&Yu`7|8>C?)7VsASlpRK8b7#)aY7^=M_JCgth@QgsuCobx}q z#Y=r0EANZmS3v4kMzvP8g@o3YF#Sft$y#+n6>qqEQ&atk1&LWl5cUxj+uEUXjyA+E zd$BJ3SYwOWPZOQ@)#4$M?d4u#I$H6A)31j_dL}3^2HgQW%35|U(Ap;h+_|aav0?S3 zrJYtWR2O5?n6f-R4Swdok9!zi%q39$a#C5U)p@1IKf*#U?mKsi)P)2g5lwwOS&nNd zuTkGQ6@ThkKB#k96S~Fk#GljRNiibt`0lR^P9tpI)#CG=DUqFti2aUW%(Cw~tpyv zIJxe%KI==x_6gDKRWqBAN!1;Xv&&X4CfUgm4(?2i`4Nad$OJ7sG3a{4$f`Hv{qqD? zhv5!fPff6%%k{`|f*c zT51|&>}&m9N7V1%kNeNe6;{lXN#E`#6@R-v_cwYOP1=|kR&MV^*}bkq2NcI6qMusv zx@{W}X-6=MXFoNNy>L`3mjC$ZXt@?8uu!XG;&AMA2?n-|q9r_fTe7#8YMcT&nDiLy zkw{xdxTUn7=jJo+blN;O5)Qi9>>kvH`OC%Jgc4LxtZ^I9D=+2(88!LroagS!>mn@q zqe?^Go0-f7DhEuqw=;WAhDg9Tn=G&55`X+SU2nA}Q5>(OSJEQ_8ql8xYhRtPIX@M` zfAdsM>H{V)Lzxn32gPO3gbK7YRqHQ}gf~}|GE0WwzBz(ET)!WBAr)F!2;+(!gQWnQ zJHFFP8k&6f%~7OHY-}7xgFZo(NT8k7a&-uGIBCGY3_HTYWjLa>d$V>m!h2O%u(Exr{$osIpjGVw7K(puZDv zVt#1*Am5?`2d(yzk!|;U1WRYz?yF;y)0%o+%$NGs9Y>XB%#GMx^i3pi?x~ z@EJIr7wY40>U-ryiK9R6AWvAJ;svd&a%O+kkg)blI@-5jy3`gorIp~68*^l~2XDL_ zs7dD{uR|ifCgz!0y`U^TCk?Sj-V5ZL@ch{;nbTb#d3JNcI-~k^g*$cF)zmDivf2WW zb8fneZTn9Ga<9vwjX25JU{hu6Pkc4ywg9^PyK%N2#TU^IBW7B|El5>ez7(yth>(#Z zyyQgcA8f4pX+JWx-L(X@p6+&w<;KrZxTFZAXt{3r?C$$>dy5wzVRG^oU71R}Zy~*Sa4?gbxxT(>S8E}ssK@D{@sqKEY=)H#+`r|E5)xaOa{`9r zw!;_fh2`G&tWWJGAo`Zaw+JBm+`f{O+2*hLvLcv&n_O|2Y8JaJI7aFlu6z#N-I|+R z;1p@t7HgCf75@YtJ2rEB;=^By3!l?YUvNb)O>j*p#7jQ7)vleugr4Px8bmG=g?$Q7 zsefTs%QtOM&o&(-vl576yhzCj)o5m6Z01#Qjy%qcS5hjl<=Ig{8ax;j2j5BuakiIjf*LRvY{q z%wwcfcD?7y_@-SeuG|*S2H*zHcv#q(za(0E{G^Wjtumh$pdyfw*4e)j>LD2!X)M-og3~{;J zP_lY=fKM}i?WzqWu8FvLfbV__MaFZzlM7t*WOq6Qg|^>~zt}}<0J4$2(O%W=g0&13 zZ^>5vBpW+4wC`XaPTuJR$D6C_ELotc;R^%OJ>JislZF?UnEVVHmppv8^*1FGk&cdp z$;~Jp$#Qfwu&i5$xU&5{#%QuJFfxS8%Zc*uB0;WNe!3dwN5-ZhbW6IWcAOnX4W%ql@qZ20>9^?lz<>dE^E)1rDDtNXq5gGGd{LP>42K;p(c29Y~lu?oG0pa-dJ!4Xa@l{7zaDlFD zvyj*pDis)CT{!C{sWt~0j-4|i3^{8L_$))trnfe}ZgDG{c-2prpt=?<29PQxV}iet z<&C02-cXV-&`eKEj?Yeh2xcqgx=H0Si_hhEw2<))qT=EUlg>G|`dSHrb9KRdE?i8sEW$cx4lJzjp3*{aHGOVRjB1M#OJBEv8uaN3!J_kF`^3*$;Lnkko-r zOKaU7&@V34`FvOY>q&PM7VCzPS0@&Duw@U)n5A7lxaG#jCM?J3in4pGh=0H zn$|>$55IDvbNyLd(~bsqAM$zlkmys@^*Z`EK;Yeq+WVl688RYz!pjqngWMj)qC^R^ zAJm1nq(}t|!6@OBpcw~#LEtsUU3#8a4jXo#VIvv7)*^ogfHZw6f zDrP4REV|wjdrQ7PR(TNc;~ee;$_l*yF39_3dJFf!H;S*~cL9^zMfUpdj#FsZgTpUL z4FCf2cqttchM9`wJd^uY9<{evEH3{2-l*gk5U-uL#0R^>{hfKmZx*5P(l$z^@3>A3 zOHVNyb;s4)$A?o>r?I2zErmaaIS#Ua(wZ{iFbLi$%d3gx5&Hly@AIa3^hy%j#Enh6=37j>Nf5_}9`jo-Oy|2W}uGC|4&a;@sXn z5U&4T63b|2)JB5w@q?qH;vDJ8pN+8jP1{G8e3u4-_}M2EmAy*{fOI?08cw|P6igX&zvOdjf%cQGhrp{9z4Jg zwmk-3oRknYD&7Xn)MBX8kQ zsrOOJ?~@n3P_H_vpfE#v5GHJll_LU=j$_)%BUHak9>5I*Fi1ixU+?BXU0#+;<1>AW zUf3}^Q%EbofUHu|&E%UQL&S25^#Mijb#RS&qcBgXfpf;x+aSn110Khf)B{FAr0`?yvHfMC z>0TbSk$E@_ao3anAdTBLrGZZ3aQg_ae~qkrI+(*dZUjaS1*BMhQ!U+c&16BvMRcoG z?`m*mBORNRJUDBjIoI&SR&U$ulR7<2fY#=(IoHuJO%KXIk7Q_M3I=AltdRD^Tq@emPQU73p@K5W9zck!=w+~l+#l=k!(@e)Z zrbj_vlRqz;{;2=K}>R==D0mowzn5BxPFng6hAU(1MdtDTICqH{Bw3%>7zV@q{o0H{gDGdU1r8r z3EZ`{Hg8IDe&ou}%JPmh0FS2+%a=^e*2;t^N`HbLES-S)-xLt)ml9nUla5{8a4OE3 z$+-lr{;~;zfv=?JogV~NCUvLarpONa`$RH zl4b^KQ!ifQa0xdBc3Iqw+(*L8v!g{2%E(Zd8f^_j2BQQjg1h;2xg-(>aQhj0hl5t9 z!uH#a(j?ZuR_H{(Vari%sFu0kt<^sT z&dqLvxgG6z9%`YG-ZTjOfcdJLM(38#__9Wdl|Pwb&@h&lBSaJ%zR71*x#w$kCg#w> zGJrL1+3{Rx)&JVM0r)pJ_V+h8_FELf1FiDWx+^?wo>PtplV{WgHK;fdq|Ag)$T8J4Qjgy(rt4EQOby$xDtW~M6xN84V7jz7p^@Sye5RFU+cp=5S z!@KAjeY%!43RL=X#1u&Xy2L+t^!@0_5csLB^&t2s)iz0cG+> z?t7BAf}6JqUFH5ugl9-W*}qz#0wPJoMnB9ac2UEvEa;sC0_Lvc9s})61K*J?!lB#| z2?K+q`{2vnknz(VggeT-q>20`AJk5e8SO?&|EC=`3P$P9(S5?`q7(TAbt@ZciJxC5 zs_lPq@PYiGDSivM$A~i1&$QITZCBfdrhi zNmv#n%e~k1aJ$TRLYK_#_Tti^WvJft^XutYRHf?@Jtbo363c`2(M*j+9StLOD2k*R zkVWzDns?UuyMZgAqbI}+G7MaU^rC+4&o-X~i!Nliz%k(eY;#jy^5$Pg%QX<8G^{(E zR{zoOODa>r?_~1hqSI1J;SI~;sYjaDZ%Dkf*-*@N2)W$Ho*V@a=YW#P(c^J*WA!&Z z;4@@F{uqypRG2(mZHVg$RVW=mS!ONN!@mU%-gn}ei>G=DWf*_{aL#RQ4~TAY&#lyb zAl8FklI=@v!!ufGw7BzTe@EI86yEpgmmc0s)JTXvmT67J{*X)URQ8$tKUkAh&zxMm zza@S4kHiBCRn~_s-giaiNA(K2_W_vhTPI&0yxhp7`!|$-eA9{rg#Rt;c+2x0M9h~x z`o2ctRJ|i;U24bRv;7Fl2zqkW`+e1~9iL|IM@mfxGtJJ>74ZMG27ddvv*gLFY_>*1 zvCozAJ)Oyp68Zl|YSf{}zOvRR@R1zX*0tMOen1m1)$@Cm`U-x8qxRFGFcuodApFm0 ze^*M7Ksf2SCn>wG_O~n?sT3U46t{>@UDY8=0Vm%k%IL3;K2W-R0pcY4jvoEmyD z$Ox?!-kMB5-u~c9gR%?4@*oFO(IVlD62rYn!oSrY0x-ql9gk=r8{XkmygZdv1jRa7 z6Z>~V0&h7 z|E?VPF%I>gC*fhl=K1_u#XLy<`F=v;LSmLzjch2r@R_Nly_siBvAo-i#%AdP`|;oA z?L`vmW7TtleUasVcGlk8UENK_=R!?6x;1|dM6 z0?^CR=v7@#6A-L%34HX@zkjbZ zg#)4E83InM93b&>cf{pCPa3y?z>`$r??1CkOL%F@obr-ABnb04r!Fi&eQ@v>{{6fB zq7>R5XGc?%r+w;pnj)v1u8?!Ru&m7c4483C)xQ2S7P*{!xcbl(mzN}?DbZP-b3x`o z>^xFAHB7sG3Ccl5r*jB-TP?WW^~pT)^9?rfDNAi0kLQ0_TwPr?>MboMbA!dmLqbAa zCuW3yq$q6rGTtrs7ANC(P5IGxSETB`AM#y;)kkSxouYj4@%)PT=l;-v)AM9uh+gZ>fH5Fe zS**lqN_&N6@1CdQ2-(u1BXH4Z>u((QmS9DO3t;+}LFlnzCqO^mTz@JJRQ(d(_lPGK=lzZ8)PP`M}I zHHRhPto>~8HMkJqMDMwQ`~utc6CTz4F-cb{9VuwyePmb?r}Mj(B9dM+M$|+(QOYE! z3dSJmc>@Dt9FsISv7hW$BHlQd*b0qYR}i;QR$M`K^JSWR$#1GA8c>Ww$i6AR4qYu? zXs}RjQx?dWgeDdk5LO(%i0=03OSQP9GYF5ZwNXDCjk62J@e}7ic!DAHeUC@4sK3lvYBq zJl;N^RbryiQH>H{0tfeV3hfz07youR`Sp7)rAErP73#sf*neDLLUvHU1+Q4Fh4an! zA4a&jQ;ZA@@>0}%6efSnt*zS}cYwi_dW)gKK}-w`Gixh$DpiNH-e2Si{y%CXsDnnf z?;vV-r3tK;jgUrxp|YR^MC{AR>R6rEK>CkJ5PfI)_I z&`DSr_uP#AV8&oaRYZkpthw(c7{l&|MZVjy~@Pji=|yOrE9jC;+EmY;-iiDpQfF|B2M9v=kAKLsaei<*AksRZ652Glw9=r2g7I%{44L7CEp)ll#o}&xm;YQ<;?2wk6iw+}w<4Xzp)U(2UfCy3i* zOrB|zbVjg-c?@7D{2ob+9dxhqzH7a%6Xv6s{w4a4!3L!NMoZ_T%Vw7pTM@mRy?KeR z9WRKqf9}uELP$@{_T9<_*ia23?4hkOSUGLB)ELZQO;XQ6h6FpJv-1K_!g9M{H*^$Icn%nqV_bcx-dZ_T72b^vQy#9c>~RvD+zImwhd64^$;c-~ zmGYz$Z*cHf1IweCb{sSVcw!kBW~RN{#M2ghDlhusks&HB)>0Md5PE(F1}?H-rN%tL ztPnlug~B?xG+S)pXyfy!L0H_n{zUu-zO-*Yj5{DgU@gWKQjU=)?NvRrs$flq=jW0; zN7}N|@!ByCWb0rp;;GUwsA&UrDOl=B2E2dX7Yau8Qn1FE?qHvY{cQwsB<~IV+*f-} z50w6xS;{dZv{4;oZFvIUv#Ksvw!5Wq=3IQ`zBfahjYG$A23|)_gMbpOmX(xdOI~EBQHOn`38?iYGtk1 zLyV-hNm6J937X_C_|rgfqWsOr?HmbR0luQ6?`~G-3Xe5l(nB;g)tgWHJYDbA?hLV` zqHVb$OQ(A3|ENjxQ;;K|9 ziyNulv0$&St$fRnl3%Pmu{`?jdN+How|;g#=goXo-S^gW26Gc!A90|o)Ashw16Z)| z>5~69kf3B@b}fcr*XoX;e>uJDtG|36$R(}v9Y7!&Cij^s`OGuc4V@Lkmr2#79|U!y zr#~0qF2b0F`p1Fh3y6?FO7@NGx6N#}`Ar%vE==;LQx8(DPu+1^*{GLDsz~)|rsTR3 z15df}E`nWA{u|g}flKUgay}q+uX4fFy;zl6yfpl?s6~h#zt}h0`E5YVBQ<0@><|6% z-x2bG0kd2vt+k4u6_OAGA%7n|@V?;w!=?N+p-@EZ4SiHx)9;oY9|*`lwb5gC4nK(| zjU!}rIpz@`zt?(LHC^vxBKSeV$Qi`^RfD`62cgliyw^0_p~|nf)d|RCKr$YcX1O9M zw>_p`kzI94X^{SWF(riayn+#p7A7ak-{P4H?bOjgI}}8m$_J?gGGB5`!}@qnf~YUa9t*w^q&aE#|J{SWw1$# zrSlosF%jiccL#fae?Q)Uyw3e}GS4BXjCUp@=sv$>5P^vbB7Vj~rN8A#u>RxPp9d6` zxF^;uMPjNL;s8XPyF|v?X&+T z=zo!c|J-o>cS8S*4E+By&HktD2L6xF@c$|FzsSJ<$(QSY4gD`N@PFvN{@;N97a90m zV*Z<#l>c4mf02Rz%xY%xYJds?!VmF}7{PzjvIzXU$o}8!0pR~0^uNf!f1fG&PmTNk z77yW437{2CDh8o!Bbde8gcFH@_h|&He$n0y9?ELOewMxn3{`LMcP}^l^^XHw6-Z6sGlh?P@n!#c`MJzi|lG4 zp>2OVx3E!u9U#`u{S3_E(kqp;Jdn}QlzBg#f2KO4(M`;Ly1qO*8pxAfr|VYQ8GDhxtc+I=TpA6FSI|%N1(Ls9VSRn^ z^|f*84J{CH{GNLtu~@3t4g@&%tv-uq3?MgaQ(diGXHt}7R_ktI-?*vl+xtpvU>zlGj?E)npL^gC^rYSWLnJQ1!6uU*o@Y-vdPw z4Qx=q`qcIcyt@bq#U$rdwqQr@K=Pp*d{&|YCoBlz(TRv*xnBL94p%d|Txg}NE+hIb z>XaUT-~;VNfws4$5{`YWnF_^e{5PcRb>_TpdZd?Qt&;nf-H#zb|KLifi#?L42~8u~ z;6SjJ-JuwQ+EsOc4D%-@Uo=e%J!Wr_^W8XZPyZaU=}m%(g<>rkw4Ewf)EpjO!GCQTt{*hNRv^kCn*| zn8E8xm&PN`8vEB$3MN3N-?Y$tqoqk@WX*#l$z%9;M&=lkHsMDtD=s_i7s8-&7`jl< z(J+kD%ELu_Ch6WENf z+#fH<7y&}_-Q^n9{J?w1HJq6arEA*FTx@1&Ow%H3MRH=MS`z3|M{bzXe1Ab$nm2Pu z{)kxVN9MV0{#hP*)xuD-d-8X`bo%GpeiLM@tvj*PhH+4T5=W!+g&E)0B{~gE#eG&5 z7A8sof$q`fqA?9k=M-`$@|S+d5vM}&=xHh4L4eSoOrlBAIg3)^pM~2)t?Ny_$b7g3 z4np>TSMs%Rh;ZhT3DgPF;l+OA#vrk7;9(BFkZ>SGVwYcg`G~MW-HAyUa(4c&S4Q9< zE-vo1GzCuq^{q;s+Sad#bXhv8!RPcEkRhU{C=D*j(JzVHl;uKdm+7T)Rp$D&X~iQJ z01ZQ-HTn79L(2L_X{kW5A_k4pY+NNOGBOANw!}8!UH!EJMLz*eR8R~|?R7_^7K5c4 zHNcoz-*k+2dk;PxIyOwKW2rZ?S^52o&oi5b?ybyJ0$%U#U8(d0lhD_%Gf4}iE2Ev} zyo%d~q}FkwYh-2WRo71C__WoUtmSFfz!vUM#&AWje^8K!gM)*xaA0d|E1Ar-Oq?$& zHOb}2eHA!=1Wk1JN`|o1Vds(}A`y(VN(~X1vDj9H|8PLgVYr1*jbSVJ%uO)b6dV#tT`$I07jZpzt(|>&;28m2{~+L7I!nN zfF;10&6Ee8jD>8CNc_v{y^|Xh*N@6rW+mIz2GFK_@USi122K*@MN}ERF|f8zj5&HG zRA7&C>1*TK>5ti)YkBGsjZ+GMNF~`M63_T4*FIqP#vy?~(TMSv0cUJFoTDib?av0} zOe>iF12RYuXcu$3XRWzFHOmB?Xc(zF;h1HL86KBO*@ZwgUAu2=1Lb$cf^$aWto$#a z)av7PJp(oVkTzI-$1@90vuBOD1kG8V%qiQnQVx8VyAjH(6Xyh(u*E?D!gshcc_q#LMFm7c#yD9s zgEI=u!-Z&Wf<3B~da$`QVR|92v|-1s;jI(D=R#RdPArx(wHZ>`PErOK4KXFpVjVAtKD*<70DKM30JsoRw)Ftq?!q z3%BG*zsh~YS;l<29wG&AA z6@X=iS2$*xi=0rp(HVm3NC{|MvcOC$_hfqDg`H|V!9Z5UkZ^@^^zHU-r4b3WPzqJ6 zI?HxWolhnjq!C@raD_>>o0TpA`iLmLzbvS<(oj--cfbiKWb!b5ks+06SzF!fR*3u9m4!UBpO;yjXPdv3 zkX|+@&UYp>{s3e9X}sn17{22pDh0)P!pMygkxx?-&7HMj6lVoF2F7gh&mccjqv=CQ zfG;1q5-%gcT=b_!OTno)isGAaX9gd%Q{}SMG?4=x1c*l^Y1h;xd{uR5m;F3;6(^Z3 zGP{n(LSV*fcZP(&a`&EVaa0~6+9H=CRcV9;qq87qx_PnPN%=0ytK@IqyvEg=b6mvW zy~$G{Ley{(n0k~$QY zUC{zU;O>v5n!Ko+mda`+Ht!kN{t{+cD_GHbF7-lXyb~y&g-2B`|4qesm!hbyGx~8X z8CRxSo6PvVyX{A(x$*lZfZDHXtBgsT`V%jORmdjRf~ZPyks?f@INcSkX)h0L=6$(J zs<#GDwO#@AMTI#K#D!sKI``m&LQL2mYwrZOFD_x?D*c5Pc{9n{FXRG+A3tx4rw`mx z8R97-3XO|s_n5Q%#E9mD*X&Vuno0+?QbZ}CsF4%l;-We)Y?1h(vk!aT-Ebd!X_c3i?JD%$Y1o!gw_NXv_dbB&ize;bYF_wfa2w5ZU`R25hhZ-{9Xhu zvn^OsIXzrs&fr2%ko}g;WEx6akf2uccb%ZD7RXW;hIAHWus!>{uySxuUUV#A9tI*G zVYl(EG7Q~CREW*`si}(F&CREKyTpuEXKZ7Ef$=ioLl}c|1NA`=uOgKB>E{QM>XwB^ zcegAl{HIKnBT@q*O>dYert9y3>!M$H+_UCGJDI#6Yxalo@pO-#zKXkHCM*iZCEw1$ zpAzF^L}O&@of<+LY{TPIfFlmzd6;IZfUvpu@*8+?;aW#Ey>o1*w)Ol*%58avL(pnf zVxbvT!Wi#F`3ST`solx+Yu3Zlr9%a z-`pICOvXzzWs#fi5J;`>JhFvEplwRyCZ~CsKy&){UV_=2kd1>>t5bJi6Kjca$cJ^V>_+}H z37OGT_{t`tqO!!+5Wnw>;e?l7sbT}A%$XQRFuvOqAcf_a53=s2B?{-bHqa?1(DxL7 zm#zy;Ew|hKHL|CSjAAkkgoaf}*5!Ug!o@kf)XpeWL}z!*SIyVfX)){>Q}R;L+7vwBP)iiHMlN!Be|E! zb={il z8Ms{tn_>E?M9Vxk5~@;n|3H=?&v4~GO!>v({7^cVe#Nf5Mz|-IT126AMCYU?l3Qa+ zYFlRgN{>Xj*xkX*P(z??@Jr`2;r&U9(resmgEkrV$5QIRr{2P*t#YE<{Uh5RdZJxt zg5A1-*T74;smj4v?3dW~RuYy=3dT$-uP2O67MRQnLXJNZkxU9DYC{^ytJsrOIArWp^-PHT^4{o8D5On`23o*rx zL-KEtAD-DiVl!qIRN`W8aNu-tsqB$|-@~sxWa%nH9jq;uxkRoCu|dy?I77 z$||zflLxd5$*V6#iQ7nrEgpwvKWgKJOIvNx4b0nXuo70*#A|N&C6zr&Q$t=q)4}Q( znDPsZ{H#_lS$arlb1_s&S<`7-&R=*x!}bFLRCGZ4J>UzZxUO&S=rWvkQ+7z0X-5y} ziPxd`ZkNoD`zv%kjTNkqa~^1BR4x;HSyQOp5o;Q|NADNyO5J4)%U+*2@HkOMLXQ$g zkxdrmH;so6Im$+a9f^_)#^vq*ibj@4uugh#hGrgq;_wJ=ul<*W@G`E zG~^c%jOc)h0IDMj<3pu_?>KyjVk8XKbulTB#$#XsGPF&%UHA>`ypdZj$S9mke^5^B zXtL=4&NIRMR-)Z)(Bx@rWZzSjbnJ}y9gX>uL2udn=7|F_-7NBsDmnZOsRRaDgojH} zv`0MfI)qJ37*aAK!htu;>Nkz@Ny;ez$b?u5!jfpOzy3(+s!<8R+Ocde;}GL}N|XFK z%sv78bw3wE{`xHYRZL4YZ+kuN6^oI@YQN&gx2ZX6Zc%2}1E(hkMvH~e7$e7FwbVBR zQPNA1lW*YAT%a^ju9mXt(42j70qpd+l}0AiVB?Y2!r=jms%e0zeqH9bCk#?xj~WMV zOrO&J=tA1c=3+xt+OfVCe2;;<14D0j6b}`4 z5^N=h0=FOo$zYf{QvA?2*9{O>$^$9qLc>QZV~=zh=_g<0#gjYw3`|F>CxQ zf98_4;FVb7hdf+uL59D^;C0aej|>}@F%CMQ2O)thpF1ScG$$D@4%4lDtmL(RGvCX5 z@2SV^ZyG1U(CaR!V)J1P+7OgovvZuTa!oW>Q%W|XTM?*PT=?^$Yx?yW%0DFahJ3Wi z`IgkqzfxGl?sa*7Mf{fMpv5@`M!htUDMreXe}4v^)dT(%cJaxo3FIIFb{g3P20NQr z{?MP9F1-?qEnSMI25+#z91IB$ustI;jH?Iuiff+VSxnNeD@^c1VTHqlQmhuFgO4Y& z0b(wV*~=W3cOt`{IcG)C+I*eH{V&mv8tjyiWioUIzoBF<;e(uC%AGlDlQ?3EFGy>h z56bzg5}3IC>0ij0)h!Ky>XRW4S)}xL->=>YI(m=EjM2HGoq1sfDxEdn!=6~K8Lox= zq?fU~sNB~kaqn&TGv$Ha+JCD`U^**4XD9jOXV8`0qJk<#yyc@90W+QfFKVSp>5vq$}9TLmG#z`lM|yZobIwJ7UfK+$vFl5Y z<)e}7hhegm26ZV5kZgnX?$zdoRJ?uP7peO@mI1ZCjWA$D#Da=7wY;)zbtuZYF^$~* zZiTy{HdlYk*R>FeH-4&6%feZ=9;13OD;6Oh;rz?ILf|u!7kd14PlzV;XEob(Qjf$AP?CjV(-aN=@*reg(!-ue0j4 zKTh#gL^Oari8$L4({jKr!3%SxBWndLkYB59b*_$~|wnopHJ(s2*=Cq;CCEkAC zXWih2=DsSWdGpA6SKUvy#BeEG5k^zYWSZq34`@TpBF*AG{n&QCcxjia_{B6YF8F2? zw#Uf-(AgcSgK_5d`(@BlBlUT5>n=Pf`#RnXdF9~a+xko)$qVF~_@yM*Z35XW4ypL5 zp6M}Kwa2FK=t5P5Nsn!RY9p-a=}`wr8wS-{C%n(@7Cy60wquuiy=qAN$-#cTtB2sZ|Qk)H= zU%hm2W4qpV7j5ut%_`Olih22Czx~}1)fN|dfShN8 z?S-+7+g0$26{f>4>$i#oJi+bMeC{Fypd` zbE42ep$jv7AbiK7EL={~QuX&0q_sxPiF~nV;@W9`leH9sm?Y=~F)GKXx-A(SDr4oV zs{y93qyj3^qsZY=+dad;mIb zOUjnFE*b`meG%@{;`D-+ugdR;x7{7q?4c~>2_n0 z1f!Qt(*3}~>DPYS0$AoRSRuS0uLY~Bx-)hykImPXKz}1v2IGQi^O+wSDn_7^3Us`4 zzodWsB2=FX$HO?PoV!CZ{jLpz3((iz)Rd@_HOi)p`Ax7lD^0~30>s<+gstxdDnfOK zCI>BWGFfH;@OGc`oS|i8N-V^OCgDZ>kF?27P)j~0N^R>G`Ps{K^8-A&vp5P(LHyBj z9+!#w6K>I;oJ&{%8YS7(&4i~rxzxxkCUO89o7A$&9-nb#V*>lAo#$yx2_8W%mSQE0<7jHqw!@T%mPr2L2a>IVP^)F`|AA7K>wpyR?(+- z#Ulf*Uw8UL!|(pS;Zx|KQ5aWCQVC}7n^aEo@$OwcW%t`&S&c0(WrmLMKR_*1pZI45 zX>Z0F8CNO_?Q+MQ?5uSp5*mC0+d0vmTQDS;o{N9%Q-NpM6+>h0yDMK*nr$SD%(_Ul zXw~)o*o&Fm)`Cr1uRr(Asr>JJa~`PM^9W_niNk8S`m9!mVYTJGO|@Kb+718wucS}J z9`(A(p^zE#mp`Re2^0L@!@a&x2*Hb|E*eG?>qbk4@YG-trd9^tGZ0?Xw5lGpvnb_# z-joY~I*|MLd%pAo=VLo8!pcAa_eSu<38|XtFYYESa&>={VlLXnZ5eV`GzwRR%|HEN z-1BL22708pmuS8|J8ioV->fq(Vj#;ieiQnYxK-3koF7+!JSv#bHSH9de|W4~w4o;g z{kF%56#G2X?RQJ~^jE*z^y4v~GvyL)><@5PRp!TAqiD$^GC{}jPyNz$|M;>a76%=N z`zyR3Pto^324e|Jo>Teno*0Cg>1}e~w9EPku&|b_4+T=~*86Cna=z03lss7UyJGmb z6ym?X8xv6`aFfMbEy__zIa?aO{_v<8a{YL`Sh|R{4lR&6vGl?6b?xerH7*hYE-KE; zpPM_L2QC`yQa;}5eXHKqIE`tpcYkU1c}cRF9XTL8IYerS82R7LNfb--S=cRflNkQ0 z+5V^F`;$J~8d*B$%8;bT|K_@|`S!jQE5O?pZ<@0%%xAyTW|Z_=fxt;-;b z2n9mfm!n3Ba}N)rrK_DGPMYtG>aJ}r?>c1@n+Dw(wFJemXB`q6KB-Ob5JQzFD$w_D zvE0^!fsmWB+0z~P`&8h>Ikj&BUCVBN@yrYe=c-4vqL{!*D$_nEH~@w<2WGUS7@>an z_jk|_B*Mwz;ZLEf-J`i;G*r}tgajJZ62(UA1zdJ(^a*<>L3Fql|oza>1x8>5-58N~R`_bRA@9NpLb{Ynozm#_D;6qYE&_g)DZ~Qi6T5A`v zox8H{_NCl2KT6?6g@A1EO$GflUtB__0W5<{H^YvF?y;8a8;PajcaP&8N>VG57I+?t zq*C$~0fSo3a^E^p8O!u2QLh-AUJ0XfD^K5MyCSV-qIcY)7`yk1ce$Ncq{-Lwkr)dP zJ_xA>RPrS-2QBC?_*`DMmUawX$b{a+%*?e;d!y{%7lZ5RQ-FIOH?vBu)Gjlf{qUUt z>KJ3GmX`j#(V=2Cc{^vZfzZ3VwKHK1n){F_o+|<#H&Y9X&+LJA-=U*n%A zUd+zTArWvl_`N;rwY#y~EZ1nW`$WycefnlUQpaCK>yYfUa7<`&3%^jDccou%WpH{o zx}WLY((3}9*Ff7S1}(ekk%thPBC%7vyv-}BXmpzEVJofHSH;M0*~R={r(Ke|JjuK_ zS1&98cHquF*Du1XMrga;Ebt+P=fy#lR^L^;GaxLf==r6wI%vZl0RzXm_|Kc{j)H!t zz*BuV@G(^$%QszLuyJ)ZcU~%hxG9h4?&2iyot?pO5RhSpQeCSvles%y&}p<*(>0_b zz86HhKV1n@|M~N$=w>iMyZodAk7AYAlV1?7dX>^(Of2Nur%aA*MZf&Y3@1OjmqM0- zkzXryfU!6mqvr{#1W zD2V;e;HUlthmGJ*$DP3$sm2n9G)Vc0^jBPdRld9YFDhc$37-nZtiCe=_e-qf!?hl% zGsNR1Dw0Y<3-(sZ&Du_4z9&+p5kAWhb&2H^>Mhnu-6uP&A6MIm?75u>Bl_9|x?1k1e6I9*Q;^m5*g!dHObmyT`X|x5#w4t}U%nve`Lv`H@E&rozKxZb!(!UZr6}#90`p7w4B20+*i7jI4MRYxe(eSe@3o&!nW2o01)pz253Ol4$Z-&{NyU z;NqE!PxJR{*r|!(81mEMkXYk2j@3o4k}?ltNj_kFd39X)c+3g0|Fd{@Jiq$Li*we2 zfEJ;ZooJ{CzxJs{yG!Cddbm{@kjc;)1q?Kv^X&rP7g`JPmN}~U%BF@Mp?#Wwhg0?Y zYVU>C2a9((+@P&q2@s7L2r6@5gMEa_FJ8QMT~q$GKWpfw}p`km|U^Pdw7YLPb zO!zooW&71}zPO->^s7gypwfKV7#%~auE2kyZP<5N{`sxiTovy#_bN{)sH$}zS5}7q@ox~T`8d;5kw5C~Vjg|RLgB=O zKGXY*hWSNIN(W4v2t37<(pSGa9kI|_KB&hm-l~^3G~_3{_a=FTx5vd!IdeY1J+;bx zqT6w>*?!%WS92mVWAZEDY`+9126g8iL=iT8#p+t52du{$z+Cys2GEn#Frks{Pq=nco|2s9ys2RxuDxoGqkSb_Wif@~Tp&V7CGsteZe)x?p}2PBez; zu~NdR3`Bn{R(J?YR7Y^cwCVvfhsGF=MjzXJSvVopnHlP%ZaCezsPyzEnaK%yeYJgX zKY!h8vfL{3ur=!P$vwW2;fMS{m@0iX-RFz^Q1Ql;^DD4z7KeT8wm&pDsQgwUb#w6g zy8m`Dxn4!CVEYVQhVy`pY%js^N$K=3u|3FGLYf4yM+%QK5D55n#2G6E^TnNf?xSC- zCcNLp?$^+B#RxT97Ou13;C?`H1Rg|ES^8&52zcJw{7M0hut4C7NOF>yoLY;53LT2^*C^^k__{u&9Qp9)#V zvFxsp(f}jv_bAx3IA;pV@2F= zVgAY(Z%wvu9i_1hN3U!92WyxU-sb2z3vXyVF8ZE6rZo3_7$^?H8=eQ* z-WQ$CFx;IU%V8JKynZ|k-kc1uS<1U6;c|@h=l16Sp~`ui3EAsg*h6l`0XGvc&3A)+ z^0656(zax%eE+ILJ8}B5_5!ZMOwDThsmg5yPVvgoCY zk->DcF4c@qJ<#C)H661@yFXM@0>*b=G(V&ahE4=2~BG;G0Vlt~Z#|us)Fb=}Y zAz%prYa0GVUq+TL)-I@Hz6H-~EL8XbGp5govdaP(>q^ zvyQOHbDNWPx+f#pb5fg=(6>v$ub21s+lBX@yu)e$w6M;kF6u#6f?fMWSM8Y zk=6?-e#;~>&I-M}4k1i2T~5u`k0PJ&>H-aKZy-!^XrB*W_2hb7VQzJLW7`d>@=?rc z^Qb(&+ExF-4H5c=at1C`!;I$_9~W_SblTm8Hf$1aJ<+2BBvqMoAv;8}K$><^3(Pq{ zpN1IgYxu(7w4Da-_GAJ>ERNd4;V@sRgY`Bj3(jx}1z)dhVG4RdxMTk`Ry>yCdo7yj zecmcDD2jKdiW_X@96_cgvweN}a^$ND6Ug*aIwOKj970qNhTei*3SnNuA0_axAlN}` zQ2bXMS#qAU<#9qp7MZGy2+e3IlIgYZCH0^5j@`c2x4pR7+pL*~Pzdg2$=$-DCfVj*vC)t|-5W+#W@ zjlyFapxM9`Hz99ohRqoz2JfI~xmY}*7A5Ep*jL@YmNPmp

4RFf@f8&u}Lk1y#kn zxDK#;^|hE9ynBVUd5Dm@=;CVp{rBShSbs^@d>V@rjME>m24hPtz^xU7w9%yR>mWI& zhI51YGu8FD9qD0hJD$dTce2Epi-8&cuN65u%UoO@WS!V;cDAo_dhX6x3FoCUQk{L*zkK^q;u`!-k<$G2$boq5Q zD{J?QuXauBoWeeJ1e!;%9^pf0`}JACGFuMdY;g~@P-vsYg;Vb)APaPaZ`=2 zFG z=iD`{sAa6p2bs$BlYK}bAuic0LwxGsXb-k6S^00^V!$0ak-Tl2qZS;7@$4P`A}Ivp zXkLpBz>0yKy2Uc^3CJdm<-L|%YqGt$3F2RYIq?Q~zdDF1FO4#$K-K_Ejbg4fAW#V6 z%#S@G(%`5bBIk}r+j~I-T%}a_`76$Nfk7l}?|q7pB5W--iPaM9+yuesYg?F?`IgWU z3VN1*Q_BWGs{En2#UR8PkQqg`Zg^3M@*Og2qEW>Wr?7?4^kxcx5u-Tpz&4si+GyIO zO-^81>Pxxuj1zo5G9{P<3Ux5cVq}e1ATxA!p|Efj5@Y3&qISp&jijr~goT2>fD?m> zT(w<9Kz7u@Z^8X5BjYmP8=5R~N)0275+akm3bm-W$~sm7qLHAplc)*&S?gaE?T)-T zG&fv)%g@C!w3_AA&<7RDX#)SbImBs{RKFoN!kj7tE$Mn3C6-lso5bNLIC6ewiu}2<0;iFUGm-&_ zfbcGCWQ;91a1GD?F@i@}Pd00!EhwC7(bN1nYZfa^x%oJ>3(KaaTfspiX zM1_Xq*xHm>Veuu?@%(f>5)DG8A#>=+QXSh6!4^?@Qi{nlWQJBzFI?nHpwQtph@A8@ zHCU0M+P&Z{m*4Rt$#-Xoed zUVj;4{$`gO{bjM%V@to1tWZ*mtvyYWSC%LF_ol!bYk`%cnpS)c=nv?Q>?^>yF^MLM z{_zOwk0XvSOG-yjHadNE$>-?_f5C1ZY1!K^GS|H7iVE?n{`mA0@$7_EH6a3({>g>4 zs;WKerOM>IhhN=ZBc&u&gOIY(D-dq~g4zEjp{2xyhr#O8L(Gcaw>MM^{!I@)6%qf^ zhmH7P^qbSzACgOGom#vst{)5?k{L0q7cxP_gnHrx1$JU(#vFN6;trinzQnjc9wT8s zjO6u_!sIC00r$mtI31o=5j+Hd3S^yEakzn4H8QM59)=g5N1(#Y5&xdYgvhR7PiRlS zM1oqlQV>dkqK%&sEx~k&bODmLPZQ_)4P}dC5)++z`caX1K-#3b`%u*~1|=ARERy_K znOOe(V_bC5ud8vShjHnYH$5@YardviK*vL~qrkp%F^$=txhZ~@z)>!M-JCs2WrHNN zV}~R-iCDO?;(&~w3Fx<}xN!oz$=}^O77n5>{3u7Dn?LT?CQEehv~VUT{8!G)^5a=G^NTUlek$f)pm5M=4_%Jg&3Domb8_^|j_8YZ+u+SKnZ(>aqvV z4(CEAUcRrhx7Sa#a7P0(RzdqeyTJ)qXuhZ0agyMD$;7*I+ex9G9#V%~NlWk%%cgP2Sv+j1+5jnU*5$9vnt-=_8g5u9a|Th+ zS%3rE_aPJ2;F6{^v0WjxS;cWEqAh3F29}>fM#v~zznJBbUt}c#4)xuh;)&}SWRwC} zv!^Ix1OA}fJky$auu(;*R2o5qb|o-x#z&^48*yaPGD#DfxP;hgCG!{R#Jzl7!21)TCn8oKs4^U5{3f?p?-^F%vKi|t$Z>-E_H+h?yJgc^^p&ZMj;r*%Idiev&Dd2gQ${3e) z^3mDs9E2IP`H{l6^blZI4g34;^CuB-gw0|zOLbYUIhxt~~YFeD9ebR8H=ciyF z&-;V!)8J0dDd)Z(ee)Wtz@`8)KNkK8ahIG`IVxc*#)Ajf0-TYw5_N`V-2W!nj+VWM}0ePM5FjEegy zkFlk3m5-{l|Khy(op5)PYj=|4HGnfeK*~V~wu7Jvczg^TYm?T`88UZnSr3S3fLEi# zN95-a93vGv`$e&4V^>T}gJ5DR2WMTmx4XAzW@c8Y+sabZK)=!5DRe=*&@piB=w){> z@KLv=r}^YHo;&qZ*=EVfoOZKmlHKJ9<10cKYOMCoAUcX}ED4xo-!JEm3VbOD+pd(4 zFd1wOfSH5@U0+EyX&dwmn$V}_kiALJWH%89=Lz9`OsPy5^_$(-YiIfWdSxk(?3k?F z#HnrRt?&=wpe%reauY>kRCZWP%1Kx04{?Dbx5MHu`E1-b@YNu~^!c6A;s96%O7*cP z;nx)-ywabh7UsKs5KVPzXz=VIRtG5T*bN zuOB1`BKQ)+sJbMmN-hYPVQyQ;Ve;-0%8(UQA)zhG+`}lEAt|9!JlhE_Ukcfz)q^&| zu!{$W!%4Oy-B(mcE_zp*O{S;JELHv}0S-SXsS_394bHi`K^4WTWR=VWkhM}&|Ika^ zNmp7bLFYF04SrHjwb6;7Yr&iSjxz;f!&~l+s{s8X6WckVvB0!7RB<`tS4G^63;mef$ula0M7 z;o~>3WlXtCZx$ub$UD%|W(7-^9)>k6{Ba5x0dFlX0U%~5pl zp)$^ab+YS5?&FIVpk!<61|LR&&^QJ+8hJvnl16-n6i;D!RKY#6x`8|Azs}k@Yz+c2 zc&EyYylNgY=cbIv3$XI1hyqE$+Tdaa|By}E){||oS4(^)d~0xCSM4Du-jBnuld|o z^xmIkPN!J9#9%HH!Mlg`u=+UK9!zGpyI&0YBV;ZkFhhRv7*#RV0KS@){Vgib&M7_zf1D5WWzAT<{< zz5xS4U<{B|P#ALJY!WqY7wF25M)Fas(#46Ru!EY=RqtrQL>?yV8R?XeEBM_Pg)crjqj2p}S}ARMM}B_jQK!PE#FGJSL{nxE(Jx%}+`ePkG? z$CxdN^iYAx#45lB_DBAj)b^`%dbwuR2~$moX+~|n4plXNZ?=6i*$kKE{oEImuj`af zA@{xb7l++q1OH{wFcdo8aH)ZwG~9$PH-fJ;DU1DQlbU>lAi2yjD@oh^ z+IZ<%zyh||IH!h-K}5_q0^0yuNa6?&B>)UZ5n`iNmX;UF0_cAyBA`M&ssWqGK^HQL zE|gMMJ(dN|mjx_fJ71PPCvxF~093|N$P_S!d?W?DA)*1AK2{T@=R^lfNUU1`{YNyx zfHWjUrjcVL%|)@^a7+Ko)&dr=mGn~&k0Y=xL{X71ip&HSq=gvDN(u`I=rYHVBQnhq zGl69~%K|ZK0SkZFV&KHV?+CaO5#fxWw~>!H2n?DSXp*JkMX~_;41%aUBodOmND5lj zS{6843uIMDoIDWz`Zx7AV+r4CRd?BVrU;5z7KG zXMr6%c38j`OJ^+_zY`5jEVbFv_54`C+)vE$^HZB8)v`&z1+oBME diff --git a/components/engine/docs/sources/articles/b2d_volume_images/gparted.png b/components/engine/docs/sources/articles/b2d_volume_images/gparted.png new file mode 100644 index 0000000000000000000000000000000000000000..421e7e585c510b2f8242d0256430a40a2ca76826 GIT binary patch literal 249589 zcmb5Wbx@m6^fww@f(8gyTnhmLMT!&;+TyOk3KZ8OZE;O-FK#WA;%+VO#Y!PS(c)g5 zVmII4-1ok7|F|>vok=D$&t!McIlFt#+4K4A6QiY}OiV~e2mkDLuWDs67#$1G-%0d>&o=9dL zj4eMPNxFS|c=h&p=Upr^(^BOM$=KLoDH8osEvc=r^)6{HiY&Jb< zW2!2wx5vBmj>lye zSEO$>vSyc()TTx9;{U}Gh7}HFT8EV5eP_8%5qF7?L1JhT(83cnr5?je@?JH}Ob_x3 z9Oee$7e6p7#~^#(x4*q0@$sI`Ua(%(jG(-yrQKN~_|_>QW%lK5!`rtF2_n;n@*95o z7C3|u{ss$nr;eT&43#v>M=?};;6#^$va+3D!@|_^@{|SEun;>846TPx0JFa;7xh^# z`}EEU7;Dz=MSZ(QrjV2&#YzMvgoGzoBqwE{(C3P?YNmmjS2IuXyc_gm#{%tb+=wrw zk~GG}KNvmH_Dy=hkfly5^0}Cj7vkDW1K|6!xZd~eWoUk04Ya6_H@eLB3Gbd}Ba&1n zRO6hfR9L9S$=)6 zCx(-RgeXCu*9I$4(4WElKJ98%_JV$?mBT^UjV`<%-;;4$l;iqGz0C zsk}(=rCMpj!vgTb-6a0MQ~S>KzE%bb4%;-_!E(JtNeM}DlBtcSG}F1=I<3=jUuOyy z>K~M;@2@eM5P1)$p9S`W1O2@Eb&_aaIO=Yqu3}=EHk?x~-VbO*z6jZjp%{J)I(x{U zc%(>;8(r`m+o+eydf1?GD>-@jX@nvoZ;&pO=r~3DGJ`u4i|no~G^avgzPPy9q{B#s zT8Xkljq+k`&B`w_GO|YId{RO4{hqE|GG=wmi99b?K;y?{Yz!b)7%T4F(NcS}%i`?Z zoS5B6YE@NLQ&W>kB`)07Hk=ZL0ne9yAE2q3fV0}Tn1q8Eh3qjBJMx!oTHUms>KJXL zVSmsJ3GMgxsB+gv(kAgdahb?_p}Ez8$KXxo?kWbk0nAT^?zfXj-T+S zy*bnL>lXC-DF3m!e~?>TlLUG!U8Oyx&=Gt^Et#eK&UM1(50a+4vx{9?#ORku-F37lgm|t{)8?7G7gzmVXML0p^&f=bdzxOv?+H` zX1k%)yqwCpTi8o_tr6IxwPCfmv+}NAznL^c{lb4x<_aaAnuw&(yxh4RqJmJ2q;wyX z*2~;tzdifUaHIQUf~{y%{Y&XaWJx`0a{30fdInl-2Sq;H9=^F6Y?TRQq?dqu>uxAP z=#o%D{Nr7Vrp>M4as6QhN^s{Sqf}@ARK39#pZ(e51Zg_9>kgi#lngy7hdpa`d{b$o z-NVDpdMd_Cqt}DW77%Iuc+!NgT$15=EItEqn0bNib@s%Wv-Q3xR*g+R7hvlm7P?DIANX)P6b+w-qrTc~aoo zJf$GVrG>~$eCp)!zP}*sC8vzM&`U?8M9@J0?S4Fio`oA%!C%^ z7_tN}^Kfk9DeE;yZK1x+XZAcHtNP^aiWMXORR^~@avLfr zSK*WoMSf!>lGBKMHC_aRwh2i2>3QOIxGL0UaJo7NAURF6R3_H1od!>sD$^}0fp z5sT2RTBXCELh~G^6qzo093B4G59d$5GQvR9ZI8-9d9t<5Lr>}_crjNqb|3N|PE~T| z`TJ^b>N5@(o6nw3cle)O^9cAx#vDJRpPqrJgz^|Vr(2vq!Nm%v`N7LlyHH73O#x97 zEmp)W1T+5R|Pw0&(87>f-8{XA` zU}68qi6t}=Pu7*Zp;op30~n1m3(2u#Hg>PA5gz_cwK{wElaTuGqt=zlx`Z{MtarP} z<7J;!y`k_Ik;jzJ{Y}iqO~C#P+YUV+7DqVEl<8Gao0Wp|$NMSJ{a;@^Sq_UzBkNb9 z@|gnYt(B)mTs)T}ThH}cc|UHwBb2>* zm{jCIsgrru307%T4QWy;Rh#%(IsEv}P$P3GN|!CBW@vO!qP=c*OeP+`sko@@@HBCoIX5ad2YKW_R@mqHzy3g@6r$^2 zW8UujH)C#VEbE!io}RSI`e0z`F$m>5*r9HJ##7X9cE3+NLAiJ zXEgf+A;qR%09PP<(Xy<5GN z`e&!aOrsh~xzT@y4Sm8;|G|?!L0T4~7*nn=*gsoHj8rO4J#kXRfPjFDllmrSD>GsX z>jg?H^0hYSOdM5kS0c$Axy6rD8H}AAYKt1M``S`#WEZHfLUgb8^g0;P#GsC@=mE3|3rAeG& zV9S5D9N@4SjcqEX=O^`rh;vDRdxGS)zjt{28F*j&n{!h-7 zz{JZ`;EA-o$(N3_)_6mCN*`1QoZDzUd50Kjq07cX;F#om_NJ83@Ec6b0H@Q@G2ti9 zSc!8s;VcMBnLe00&(}{A-B&>lc<<|^q(GGLPte+m-hz_m_a01i%`12}(N<6m7{I-! z;?zdX68EQ}HyBZ&V>>$~x)Q(~=8hTWaKnYHdApk{OH!lrbn*ch{jQz)y8B zn;*^T+PFptt?HQhq?pVcLJm@aID0LaQCD+V^F?w)cEAN<&;TEnS6_rh2Fm2zb7~!d zpNV*OUa3p2y(Z1vMTt^<<$!ZTy4G3Vs{7-zdN}qiqSHV*Uaj>vN>|Rz(??eJ7(k#J z#7q=C{N{%YaiMqvYg<%&zY=W469({0eKM;^)sReIIwkwpWYYA^EhYEFfm6x5-9E$n zDe)A&p%x84pLJ@Bvvl&Wk3ownyhVXK=OapJk8F z%x9_;XxabhBXO1>0a!Ll=AMzlB8z1h=3m@5O}%aOC$rNpXYZ7YP0l95q3Sm|lR24W zo!&82uXMYql)RBRJl!*bOWI`zN*et|Lo0${q#g8u30@CgiGdR4GOLqSwg z{Mbz;w$1*7CWUpW8_U%5%Mq>X&tlhC&tFgE{kTf#8H$MEkCL~avZ=sK<_+il010RB z>8`OWA6ljAFT#922v11E`|^hn#xOp-#@WN)s^WdP7KhU6+X(5?;nFE3fD3xCS`9HH z7odcZa!W4psZS7q=AEy>BD5YbUo5X0Z6j9dwbk07TmSLf<4*-jQ=ea>GMNYid1BG{d=;S+U(|e)UH+131ZzHw-MGKa>_Noc+FQHVa%i;g4Px2MyB8)R*dqu`2E%Mmm4 zzl_%Drr)h8P>$ssM~yIPqX^jF2t5NExTA;LPZLEtW05i^6UIXplB`n$2w&M6PTR=QA5CoX;1EEf$WwL!u`D*7DV%B8I0* z5CcjaSRzjl`~7R7Ensew%COgT@uQM z@GYS!wdiTA7$RbB4r|CqyUAKL)6}ck0oJqe`X5Oxs5}^^Yz_4T^Vb3XAPc$p$Q7{jQbhsMv`xpq6mB+*LGP%S$!doKx0 zi<9}03=*I})2l(79{0k4T_;9Hf`q5n22sRet5vu|%+Y1EK?*Qk1o=Y!{TBr5qDQFU z&WECeDj9f+bt35eqG9}Ko?Ay#Z-jPvM5Q55W}_brlawYm;sxnUC{b}6 zh{xc_E_;rRuMY63yMRVB1Xdj@q37DYffZ>eTZPUo@+JlU4Oly^93*EJJ`aBbert^^7!qMePH))Sck75fAFN*nRADbrhAK!2(0^8ko77jvK+ zGmf3p!%w5>C#4KF>ZHY`Z8iUIL39>=BTCUn1K!lxyFsTMaVtTVk(!^SJSv!4czSp9tMhETyRDdbIBuzU{p|4MoC%O;8ZM36XB9S~K z%viEPx3xvD)#&@12)~EwZ<~B>j%~3P2ZKyO?`FRm|E0qU8`l}e>&YMkQ*o$J{(W^B z9if(yv*#BFiUh*gFQIQH6v9=hhG?u42ljg6`xSX2@d%_K&44Z^Ib3mHK_OnRha4Br zw$-G*N@H7t4D9N~#3bP^e+hVN=P*^RRaCwhPf<;QX(h+74aT~cYBWCwJirc~IGXdF zd?f1(9#g58r^n+%(@_wjINaU3MCO3OjibQ&5+GDG`RX&roKF_-0r%JEh*%xT-?I7JW*BFkZ9Av@#7T(x{So%s zNA;wQm{t`l=QCFNVzwDMz3+9d4rIr`N%hny_}VO4B?AQQ6oL-fDaFPtcrs$z&_jp4 z7zG@dwLRTkxzab~QbYgC7fsGIDa^(RbZ0&WnaD8}@wHZs&Y7UJjXGLRK&3@9@qNE+ zGi2VXGD@`-5mBnvLSr2e?%?wKLm>B`{c*yE(9OymNET~QtbE>I(aW2a^Rw#P zeOp}I2r7j#^tkLb!>)^785`ZjyjAgYBm$REP$=3w2niV44J*OCP?7y$$HL~yo6l4? z$jvr>hF%yu9Kdcu(A1%fNroJ&fv8sGL+4%X25;;xSEQZ4D_6FC2{iu&okDo%jn(aN?Eoy|0xBsE5>I!C!S7+v0< z;$*0`U~z2!D$Gh11W&Xwq*jIamH?@N=CI+XHH!DE{leWf+uJ_~vQeRGL?M)Hrj$0( zXkk}AKJJ));B#hpUz`PL=jnPq?MoRLjTr+@a!oqro|oq^0yWW?Cu<%Ie4dictld5% zqc;CvqsD{yQNJU}ffn_}Mno2r;E@gF0uF-xNijQUBnH|4)E$T3&nyxf7boz;@-Uzq z9;$}aFH}#)dqb3Q_g~g~9tZnr?Nr=SXJJwQinJ&HPdaf;9SJPMcfar z8*uOwnx>l*!%RxjhdAhkga~EZWb26fLgR%;kZKVAFR&zHoEk8uTpKatJZk;F={@)= zC24AfyO7o43DFs5dnwAN(yY?!C3T0cZ`0~Sa0Li~cAiRy?EiaMah(6X9JjY~iSU~W zKnl#iM!@~}vo!oSrdR(zC-@=%N6*RpMp3kX3iVK-#JXVx zOIU!x;MhBEUkWxH2gN$~d1`NkCjpYKjjw1DQ4zb-q5M|17+6A3KjTk79hBI8ALGN= zx2XP$?K?uURg5{>&wP>mB=Mja*4yx)yYHwQL^tR z*ZXRwim!I!u#uN+!!EaF%=(*xg`*bN)Q;qYEV(3#bkldeifb6DU{*{TBU^;H9!}gf6Za7a0n( zcM2hnU|fe^s^0C@1d~7E^8vnOH^t(}sP}nn=4*)FLUCuujLW`pUV1#ldSN9lK5n}I zz*Iet?(z2fTb@t-?PSxnjvw<|jHfzh?`2-cSWJ<99EgoCT+}zeoGn-Q7tlw;CjtiY zk~bbbUKU;4tpq&eU$=g`xclQ0Vi@@r)Vy3_Iw7-cSm74%GkYgmY~}8C+xuJJ2R>2y z?M|E*OAZLCx3=xH_f!Om2=jO`neG6LjauwT>R?m1E6;TfMV{26SPybj!J(G6Ey8xa zPXiI=>Ltv@ZG-?ylqXGyGjX&0PphdiYPMw+azYwH0EJyPuw5z9x?w1N6yQfTzmYK# zx=C&0N45pUG){km5C5wc2iGfVdV(ZDb?D%Pp_4k5uNbuIhU1ZlY-)JWb1PoXJ#U0C zp=4W4L4WjI@=2_A453~0Oh}AV6cDMNdB^<9J{rmwtliKR7CP1)P`h2L*xEnpsh+#% z8b(+u8;3ykFjx8)C)e0m#jv1|bV<&`I|eYIbBJ6mdvE2Ww*ecMgi=QmE2SAFKr_{a z|A0;|b}HFkk2DxB>D7mFh|vc@TwE&>wnV$~NC3Ec249Ke&1m;d@DE;n=#KShXdhi- zt@oyLi^!`EENG?WWcm1q68s4d2#?9RPcj^Sd4x@|~tP3>rl~RHvr^Kp4KkE(SGj z!o9n;(s*dRYwhH$iHD5ZJVnhaZ?1|a32$v4ccI`wDq>_M4Lfv^|M|hx8%Rr{32Q`H zw*d|yHbW#4yNEuXy5E}{BCZWxkE1MHt!v_5G(#2km9a!oF? z7vI+S3rlc6uSlpiIygfm;Ad)7L~W=#X7sLrn2Xb+qiUeGL&SaUqc;trGZuHifC!Z7 zLjB~@K?H23!k5(34X?li^pDc1U``PaBCI7S({s3K{wl?4xf`4QXXZ(3?59eIR!>?$ zcipf+8qTP|zzOr16?Pru7g^VO8eMmpqKh~ULydnaA+EWzaiS5HPHtHoUk5V@*Jkzy>-Xe@VK^8oWjyBY548m_1}C@()aqflyt866wbV<8JxN zHzG>y>mV3PS=?{dN)!zLKUt0Y)D90$sr2@`_UZzYhab601dP^mxFHxS&;Xp#RiA*> zCR4E$-+hIO;G@-@VxSa;-cEw~c z+NaXl--{YfKiwXo{EmN^GIqSZ?cIOtB5=y+chV3>Jz?D7`EW`>VjQ5CN{DXm?k>P+ zadS_pfHa0sG2lq5cvG@VIn7po+kepC7puM>p2cfAd`EeFUjA(RhgpmB!h_fbzE zfE$f}>=#wwzt=gNxa$)MRg+gOVsCnN$5{#zOlQZvA0CqlVJ3)qP^R_R8(R0^?&Y<% z=nY!F5fjKri*T*_bY>m?1mK%`@-c}IFlvzTlUoCg?V+BhI-`ttvF9H}(np(Tx=e`CkUsgKL~o-` zbgqwnJU9lW-|-!wW&<~?q}7~EV~tJs1aAho3eV01U&cZ#hSY|qaM;$GBQ4KwzsHT- z+VDD%6Z%dZ@y?JGc$wO)^SLC#yoZm&*q2L!dPJYH&N0JM~`DM zKd)EB9>-0`?j9p<612BVL&je>XkAG%byb$H*q80yizXAn6xxMsRsOA>q#g9=F)9GSd3a8#Ds!~v2@ zE+c2FiNcplg&JrH^z|$#9)2-;HD`t8oGexmrt&pQ5`O?Ppj45nme};dG3CvH; zA4uh!>Sz8_ryCvh4~wEiv2hTcMIj3!tc?!HtxY?}JGE9+QAG_bW`LzT&*L+w#KBA3Hp>xa^T1Y(K5OZtQiUSUQ;zCX5JM zq@@hB4nplUI^O04DTEh>g`~Jc6z?_jg49Yiz;+cIHVXGNjR5$K< zoX4@B`L*}}X^j!OtGlbQ?@xzd;5YTdJFo5OaRLdtfC_>mgh>N*G|tY(--XYZ1{JMf z#XAIpNZmy-zAi0nggq}K+mPkv&Gz-Ht00K)*eBSEgZVjOv2Tf=Wc6Rey&JCgxq})k zHXY6eu2(RpdIt*r0g@PVD1TMBm;prQVavaQ|9W<3R(b2nn=ez)W;XSxeCdU`%dY4z zG2w>#w-d8Vouo$#7hR<*OWymHgB_>(T;KnR6|(*wHsB%$%WGMWyo&9sQnd1)ckMX6 zldP5u`g)aw^DJ;{B1gt+Hnm(gu&r&H4Q9DAG@jd;;JVbfJC&R5+HQNcU>ff~>!k7S zl6DKTi#(CB8)?LvWO2Z)k_d_8&M@=p-W0QF@N!?2^CHdkILUE*_W6}$&F5mt+_wd9 z9R@F#BpH`(c6t}xT5k6OMSuV8NU{7^WS`5DK;)mkdj5x?$!|EiK?cnzD3AWzJgrAW z6VIj)FE{5}gr;jW;TFMdV+K{8XMk{ub*O!-Fu`ahkr~Jc6N|_^hM^h`*->eNKw}(O zwP+&54V{0K+VXORH1s?@SkZrhtx_R&y5^LGZ7DhZ~v9 zAWQ0oq|L;is(!JzW7i3WYiLY@p+H@fM@jI#P8Ux=X1FOI?vDJR3RFij_Kc5)+Sgp> zdL+Z`-{puA6+miz5((}InQt!VA;jJ#KEWZ>(4T3QI<`&c^mC@*(PYrOEY=d2@B^?KfrD>t;=&%fo;LpyhsRmn;YU z7zENb)HD0+Bl(gw>cf7!W#`H5qmZ4!_Gua-{`tenCL$e@)8z1akcHt_Ig|)_^n2kk zB~Eg#8ZBwn;?aBfkFB7GqwTBnqYu9j7V7-Rl!-N{WE_sY+DLAKc8l&lPnPb2=XH5H^B4}~a0{fL74BB-ObathQV1BJz{qIc zKZHquJ~je@CSM{F$*cx2d!ups)mU=}%7}3QP+eJ|EV}Yan0ZnJM7RbgiJJurVitgG z8dai?(lLAFIq3TFsH9N&V|U8sqFFB7HA(6`fzhsBiHuQ@Rby`SrwvdKQ&vN0FvFW5 zynRDLYI!GbY@Ku@u{dM9`wc#*;@9GqLjW}Yslk0v7cw{w8a6;!AX{o`evQxO;X~0Z zCE-DmpNU#KdA_y{a~caT6H&dTf)W!3i11o8+|L)w*^Fis^qF%E#E9GW^D-dMunK%0 zKR;V$w25^9rWe^imfy;}oxgM~o6Z+%YEJn6fkn*bLut+G76Tz0kik(ueeI%W=<@sS z!-Svnx4l31A0CwIQ-;(;ol)+iA}fv%{~OEi$8V{9O5{77j8Pl6L7f(ZsAb)ml^w^5 zl7zgD1P@jl77sPm!u~wA+8QYvH3LX?WbCMVm^`xxv`bjv-|s2uhlXGTH+YCUjZfPs z^wQA%VgEwMUUN^j^xbOVAmm_YpWd{oCG1n`=sl^~zr3sWQNHu}`N?su0yjU!zU|GA zF2sHo>gwuvsnQhMDgik!x(Zx5?Re5vQyeDu78g~Ae={*56E@ep6?iPYFOQ;oQT;HT zVL7kcaj2x4UfDMUC0o~vuBCy%rO3f>zse_Ui+z?5c$(UFk8b?O<|@(R<4gVQpY!zf zl0Q?d{}Lug8POOGg#JD7Ys7~NDA5DQsLB!EmD`VhZ%TU2qys|biyi1dxxR&{mwZFB zXWxlEAW0g3f;=AxqDH8rbKPD%K64(oZCDt0P#&=Tx4`rW29dZ!QYTsD6UY-(_!-;a z>;OTH8{+MtGiA&BkhO*O8yw1A*Sm)Di{uLsY?@m?P0iELKUy9TYw@ZVTBR_>Q< zcL?QLtutV9yg4ap?N>_#pB)=op12tX9R@1|8059wW!fZ2y?IDFYo|V++4j}@q(8cA zs(j(WO7j~ zgtc-~7UI{fvJXU7hWHt`l)$c%skYc_0@+eRGAPQ4NpWbv>^WQ3qaV$JW5%ee^{qmh z{hGA=3%ft-#B##%g5!baIKVb&FAkzm!=I>clXlpNgF6o=CZlp}l_1ru{ppE`S4&N? zldu^wCfrf3F5(B7w@Iw66YRaaDX*@GJ3{=zX-)sX(^Ci_^mL&erd#`I~Z|NxRkK^YQx4$ z^TV=-x_yIN%aN(fGO|)9U{x~c?_+b&n!5doeM~p5=jj<~dO&BA+Dk-of##i}u~nVM zlMuQ|b9iiGr<*MHr{Dc@nX0PcC1Ip6pu>pT;=_a(tV(KI4p9icjL!hhkO-WMe~Yf27nT$GbF;o9EM6G`7BkP@x;9o;N>l5x0aefjqTGv)J(qD z>k6;O_sbeD;xEP25)Plfu(->4F_0}^EW98iF=>35DdV-gy7s=;ruPcD{B}O!Tc`Wc zbXpYSD=?T=A;#wF2mern*{AiX46R+m?nW ziqWw+!7PFF)d*)RB)3qJsS=rqs8s43Re%=uDojp^Sp@>`QPHWYGj_)~F*A{0CnT!< z#BA{J96$4P^Vwm!25`7Kc5(L1c7H;K2?CNMHeGAe4y_(@9X^p5}V z=kF&U%X@nj+8JBVws^n&(=-IX`6yl%Aa;oJ=Rs#{7r0esuZtLNlY};_fH99N%(wO=ru#t{>B5otPLO zTdlkyFgWpj*Nx8~N=cffVFp>b6_)~lMd`7V&+7XfBng88-gfNQsq>P$y$HBOANX<> zy7RXV=AQ{k=`EbPJATz>WKd_?Eb-n{YV5hvQfIS?D=ds}l2|Q%>-@OZYf7-q#?C7k zk+!jWiXitte)xMO5h%vc?!3_b%zn0Ag1+-Tn+>Vhm%A{BIL|Ok``kPnH7QWZ72`6Q z65TykW7T+={e+b7!=JgOW{)2~G6baWuu%uNyB)P72}n#S5h%&%tBt5;vqrCjDOl8a zw$I7=czk@w+6&U-t*vhn?P_${(=?wq%St`dZiQIx+3wL7A?iu;YQ1jaiJKob@Wd>? zSY;?aKdC zgcuK(Kq40G)3lYQ%%;s4a@glM5QPTQWT|K{`Nmjly}(86ieJba1Y5MQ|BO5Xqr9`& z?dhd@60rl~&N0ct`b-Z#@R$j}pPTp8xV!UQU3V4O`3om@CF1hDvTETkhBHqpk_|Ne zWF_^>TtNsM#0_ zv8>;Fy=XR#feW(RmW_^H-Ygy(y2UE*z$GKVh{Arydg&Uu( zj_dp-2l+PjZJi~M1NDAS`=~tqOxZ5TP)FWEeBZ?Oc4f zpRU<{Z2>r&kM=S6nNHotiJY61{c_W$*#LI_XFM_1auvXc#K%uJToD(hRBb*ws;L>g z>9O7z3M^mBawd?mmc+v$E!m`JrW3jfC3RSF^LVe0_r8!4`}pwr&yGHP*NvClXkLC0 z0ixFgvX14KJO|vfj`Z`>7K!Lu6|^Ok7}n{#Dj0M=O99_9 zgR4{mp+I?E?)e2xN~=GE0(3=5+!N@~e1rybx0vz*{8JwcZp0( zka`4WGcgQES{!BmCTk*FV5aP~-M~I5X3nK1f*SBYYxNFY8rP2ORr;KA@jP$~vNh{|HLwf>X>pF#4ODXE3QOuAd+pU_E474HM|9y@Y-5T~Ol8LhV| zBr5y89@^al0ZH0V#m8qv$QOX9W8r4$A^l_!%-=l3lrIbBRM01Yp)yev;r4Y}&kjiG z`my(h>CsS>d+6JSeSr|&n_U2k=aAC32~!K@+IAL?SJinrIo^ch(s*=g9?c##`vF6l!nL%TW>JI{O|duqmNFa-&P~e5+vxfdTa&Mn;Pg<>(7ho zTZpoc+HKDEcoVXhMc-ax9KL9r-kIEq9~`_)Ob+Gk&q&tw*ZTCRj&Ng(!*DwOLhgyW z{I+Odd9&I^%}{sFoz+>TGW2wD-!=#ZN{HV-YOHWIzUsxI*2tB1dlP7Qt72mtcpUHP zV^}(*9vEAK!_iZf)Fg;`T_CRec5Lz0^~c-%@9&1mDTeat7=S998owon7?mnc)1z_& zVqeOL48j3KBqXd@`E*+Do?_knT(#UPa2~Rvu+(rMaSQ&^twgi-K_3kvJTvO z{OA(aq~C9`mHk=mdZRONk~<*BNXnQhZ6ZJP6`|Fh9#J=ZJ9UH}>BfY}W8$crO-uxy z{B&W>i4GCC&NP@mPMdwGOj%a0W93Gy{B9>wxnR(qm&;$MJ?^N6Xhn7u=rBqKP+a>JuR`h7Qs)I}nKhOeVH%1A*yfT#(y;Jk6qK zJCL@xb6g9W}HAej4%R1-kwUCvS`;`g;Uc%LBBgy&ZubrDsl5>YU40O)I zulWK;o=zBfboGh6%3Sx=UX2o6_L*CV%YJ*bv-C_@?~UZiiH(NT>;5N?!(2SIdQ>NI z16`j2kIb%Cd;eVjYv@gQv5QLcx@l@v$*f>ooUIIc*ZVK(tNs1nud9TaoAUy*{3eGr zG{?s|Qk+edfrF$D~ozP&=D;$Pd2+7?BR!V4|(eRqaG zOWmJj`AoaJ=P>}~y^q5C;_;4t`)wcYi^?>4O^~gGJ!N|C)*r*gAof^5vho0rR4e&6 zR25~g;xnOO+U&OSEV|TYM6UkzcvcW9HUe)UIb3bmDDJ!vFnWWoIeGlKTzg~Fvd{@1 z{(WxB4C+&t`ggs@bno!%KH+bopw#cC)s~ce|2yjkUnVI)VtHhe%hk#wiY7nWhq3M; z@oBH5*z&vHAEd5_PA^|P=vP0FG!$@t66-z9`m6Y1{XwS9?*9I+d&j-}{om6Fh6cBy zkgn;ZTPEXX57JumC`hhYsSe%ycZZ#(^zZb`ye{h$NZt@R-zOYfe*afEvs{%mn)fjF zndx^{-Zvvt1IxFYKd#Qx7Z=rB)Dzxs4J-dx!^J>ST_hs-xU7xozXM}jt-huY=KEZL z@icQaE2;&@R*6X|#xpASfEu@99F{kO#EO{Q|D-(P7+ZsWT(aoA%=&(?x_u;Y7&_@n zZ`^M#wfwyF%x&#}kp`;cyVASQgnFSPFlP@jlIpCVz8cCkw9Gh7A9cawlYS8Y%sBhv zZ|eRp)$(#%_eJyO<%WQzVkE56X|Hfl`p?s-@ptcjz9+qkn^k*(Cy@0^cPz$BT?X+` zl4ak`OqGnl!8P_vRtLlhktaWFn*wTDSw~VvYzhDet}s^geG7UAduQMwtT0gc6>xe^ z5=>V%rJ=+O@J`o`#QP9*6{HetD7Sy}{o+iZS4i4?oTk37#Brku`mo^(NBeXTYbRwBkT7KOt_53L3 zTZXU+BW)$|IfYO~Wm{|W@tS_~gtCHC)PG;ini;Ji2w=7xB8!D!3nI)p^ zo=Hhzy4e?B=iQZCZM;Xus^X7)r3v=wkC^yL^_8Zhg!(;hiob@&x4GMu zFP8c}zoY~|W_$m(+R|rdJ#F030Z^S<>q{!B&U3&R z#U~NM7*Z**h6xFlb>(j{+ABdk*o22ijB@wP<8nzzCAAf(vV@|qOpNMa7|Am8y|him zW(24j@2HsXwP=~)5-KPsX-TziU>pd>VMa2P;K|{|2sYc;4mH>qRo$ zQ!bQ{291sk3pX@#R8RU)!`!vDv#D0(@f+yuo1nJyZYH1nXZ3HfQ-_}cCA~2{m|McE ze>f7BJg9ajC91Rv%h-HEloP%X&6S}qLj3)YeI$wz0Sh{HY);wrT;--)6zsT6PWbj{ zIal&M;cMyn{c+GfQ@sD^;L5wPb8q!45QR|9O{8Y$HqeRlgVx-K!_5^}?|kpAz=vy8 z*v;G8>1h)El`VSdvt@y0Q?i=0#|2(~qK=JD`l`FGC;_&SgNkn#fA#wp7GC2%DoL2HB_9KP5%NAzfdWFXnQ*#^;(eHgLRdHdh|5bb~tW6)rFC z-UNV8a~llk+jc`IK3uLCD&WUl2-D5IyWQXXV;QiuZ|N(XPmtB4`e#DGwSA{P|6lVj zW^+Z_#hZ?|4@*wzx(aP%nVh&ZMqfxz51VuDxAT`w!WlgOwNFUDFMrQw>+th}Nqk?O zKK8pk*CA<;-;Ef!WA)%|=bI0Kgw*0KYhOq|oa+E=fEthWD?9fa+f^?cz8d3ooNp?h zT@PK_FF#iN8Wa%U?v>dvZku|3UoHJu*Z(r}Z~gyz7r<@``1)z)i1^k=gv{TmQO3cR z(<|wJ=v%H&jDj|!q|=i{U*FAgEeqa13wqd%gF(_gZx+U6bR6eD z+R!V_{W7%t7nkyIUA^L`W-pj!A!laGBA~3aw(dzaO^zz@<;ZHHz>^a=7zShl{9>_4 zKD$*@F$}=w`9EFY&p;pFzof7t#0-dHm! zqQZYud7{-%GhifO-ZHC)M zaqeS+{fC3g_0O28QWvBvk8So(deTGJXy@JgZ)L7K6^%A>b+pb9Jp#8U^II?O zJM*7g|H$~jb1af!dGbSdq!jq(lqt8yLgT3SOzF9hsZO{2&mJ`th!s=D7$?-R*^OlxSUu!paeh( zhFW7VW8i^^0<=O(h}Z|beFzyGUj%p*wh&Q9#p8yu_*3{3oQ zkZm#!4+1Fn4b+E5Ix1xX3E#fvUb4uEVlFNoigq%Roh{31cWzlbx2L^lYDblSOrtbX zY7A6H`}uuKmC`V84%HI(CdO#2S{`9r;SU6GjrIcrObCH##@JAUzcDvDGCIbGM#IA+xQ2&@ z2ZtMjeBML|f!#B@H$Qft2O%{b_H=PZE5U_@;|Cz>%#l%HUN$<_0y7I3ml$}Yk|$uC zlm!L}p1hDy0I#bECs4dFyt**53`{H&ZNzI*jbLEVf=+k}n|L~rldZHtE*oAK^{B`R z3`G*sp+~i5=M)0iq7&=!*`jbvBsUB5BC(8TdJ^*w5+0)RhGVo0Z%Jb0^ib$=I=!9( zDikf2svUk@GN7ms>b6|7M< zT>Kq-bQ76fTB($V+kY|2pv8s7Qgub0IWj7=63D3&9SKY}3qy*5M=E&&Ml1^q5-|ON zgaTUgA1y+0*&^FTuQ28fj~=$>pU%*qe6DPrlgS)1W@41uk+`t5=0CbePh740KRuxp zNQMOI$n2HJKlQjpDJ$>wegE<4zxhHx zO_yDkJ_#z9R-At79F%HXI~Z1F+j;MJ=ifaz@pmC%PR2^*Uq1df|8VXH`22`1c$W75 zTfY3wRXg2U5_WSH*KzOjznFZ1K4=@gFig)f$`t8J*_?cE=U&pDod*eT6j;F5Hr~8|&XLfQ^#z+Wj$_%ep={sk??Ze+n-N;v^@A{AZ%boDMa5bv@ zPN8CLJMXP;{kWeWv9}v2H-7nZx9mu_cRNq_P*|mz%yl{fRH@F1yceDG_I>9)FMX_O z@r3l>chQ?a`c38s2JDNDKYsDSsewQF(bXG^?{M**u=e6|lgrZ)MOk3@2#LO7RAOf^ zxCFRb&p-6jp+a%lbK6C)Fw!feu;^jy`G=m+pM0)tosD7+88b1;XkdCd6k{9!ht_T* zMM~}#JmlUt^2>qOMF<#pq%tE?Dq>maNbs%srxi4TJ3zDu#Z`OYfd|lRtBQ`zn>R0C zzC0`d>~(OV;HAal@eXd@JgrjhuGibEHGYG1ePpQCsHH#2s#Y4+(e$01vR``QnvYb| zZ${$BJAPl#@Mw9gqgv~3t9K6!?)b@1;EZx9ngx($A~SkvEoorqrkU;KuCDf4y;iD@ zrO%AG7xHx@zLQi%G?Mxw+!#c=w~Ou)t}4MGU)Z0~<;=O)hRw1Fk5>Ff;k zplC!%WR1pSd$!c4v~_m0*V}6R-MF#R@L2ktN0l1C=_&p4Cpw;h>F@FJF+qi2{lwR< zMn?GtRJl=WuXc2_w{^EawtI_5LvkE%G`wfPPg0IaQV)xQ7ij@_tyZKZ=|aj0p%!_h z5{V9`ctpUk_q-yLsrUdT0>NuR!pS0B2?>eV%86v*LRzq8P%s#ECFC|1B^Zo_lUPZ} zh>=(eFsTdyK*4KCaRjL%V_e*b1`@OEFf6>Llh7JKs&E!h z3KAHJ!i6O-J{2^PLa@0ovSpbO871*eZ3vO_cpOQDkqZD`j7Sz3sMrd|OT*cs6iN2Z zgLsRl61-THC^94AAs5SVs63|plAvP;fPw^!-P5tP7#f96F_MD;5J<-f7Z_8ch*Z&q zj6_=GkxHa_NyL`LRz;*bDI!n+7F=+$NTGzpqsfV6;X+!lO(51Y;?e>+Mz$!yU@V-( zN@97QNPO@F00o#O#Sx@37cwrc7DB+Y+!7uDE04o^WMD9Z#|{7mI~F7hujwST29PS8 z#mYefBT=}pB%S6lN>qoPZ# z`OiC$UTnqBy2XFf?eUqv`{!poYsEpe!8^b6xsQFDuK@vA`}Hd}y#FN&7^g;K>$lGO z7oNA$6fQpfL+^a`k^^XMrLp6lFPwGOwOi6H@w~GxIQmP!HKUl)Qt8ouJLi1KM;E>X z{GkV?e<|fnJJr%mh>J0{+KWS_KeZd_Qfy#`gv!p{pa_beaTO-zwlk3{ez>Y z^bL-Vl=y321B`P@S}eT$*ZJplao@#XymC*vHI*6%Kkw-aM@D*emCHLW`owu0AmJCi z^4xQNbAB7IozX|`xcXBc{QLEOi^^YuP`ov8ke#c(e%@VtB9Qoh{q-OI!{;vLCdiHO zzH2`Bo-bSvPwno1{O4O%{?V~hQ@T=V=Ph6V#%eyfK;>&L&wB4!uRC&j@kTk+_xM8_ zw^a}3u+ARet3fGn=|+2UmPp$wDtOqubp#Vx`&p_ zNB{O&Z+pq%UA(PqU-hv!oO3HRZ@c)ibBC6&*07j^a&cDb`r`ac}+0*PXm<`nKCIc+-c!m8$An^TRvSF`x44Gk^a@C(kTD zbpA)*a=~5cJ>{PJwlt2K!b$gc{|A%$P@Kz8I;fMIm~SXtKT|il+NqBefO{Xl^{XHM z8nxhR%zVXD=T}Du(_bfKr6Y`2i!+UoO~yrRaXm_v{?tQusd9dn@N=ai9Lwyd{?=Q5 z?}f`|j^6a8_kH5>2Ql~Gyz24S9&uptflI2Ycw58{Ns^^GuX@Luf8*FCrH8LO`yGF` zJ~eCWZELq5djj8cN*@*R2hIg|%FA|iAbo)j7x5DnrAs;c$CPt5$32f0cTznm%PpUj9kRdV5E$-kv^AY3ppO zK>{IcTuWa$=1TlUUbfg%Z1GCQSQ>t;tE1lD-CpZx<6m3jA9|~_*V6yUU$0i$E9JKI zze-yrZIh)|>8Js#w%2PN?F14I2`7a)&x_9DbXF45(d-}D+0og~-(qX$pSfzQrL%FS zTA9z!*tBu#^uP3p61}KZ`CEOdBDD6l8UY>MZG`s??}Uw&&QbiJQ*^)dvUJAgD z5xi}2i_W4{wn{BXEG#SMDT`W?g zu%bL_V{2X%w&+r+vxUlf0OWbmSu)^?Wgsc|HA7G#S<+%OiX%X4Uh4!I40Hw(?I}9=h<- z2L|}fGebL8efQepEvZsI;p`8*W?p+T_Vx7*buRhSkGyXQf40UAzk1E3H|>C#`_Jw> zFa3VHk@Hjh2_O8>?=0vV+p}j6FQuW*#c%k~Ux82j)oZ?Y(+=)J+}a2E1uh-q-$mlr zY4;DMH?`8p_}7}yo9_Q)>05KbN4~Qmr6`x5@h9(G+13xtZU5TquINi2=v2x_oOAZ8 zXN>ms_V)Jm4NhBr>W9Ai;b$L^-dtFa6xn&Re(aKeyiw!A)6f3>Qx6#+ptrZbe`vuo zUVrwh)Aw{(H+}Wet>j2qwqE#!n>3aiPyf)lZ&=nnT%;h$X!opza}G#vdDIM;H#Cur zQJw+zT=S{FyzH^`?UhpZ^FH>M&ux&QL)%4c(b_vLqCUP5 zmGA!Cn_qfj*I55RX~wgj`%LYf`;apZnBHkC|T{9jwfL>g#@U zf#&-k+5r-sgG_ueh`fmeqb0?JU?K0{oO$~EDd5{q`kmjO$b0{mzBI1jcdojeAxY$= zC4X`5pUkhPAz@W!9rYJq`1r(ZkN<>B7NdAMab$w%6vt=T3J$`u45ibEmj%A{{Lh5Y zBDz6;Y@OYsQS{blS^;{o*t*o&VzI?VI6D-iY!cFBEKnJa5e8Pe!rA z44g1V3L^`J5I&{h^JqRKsn+Y2dRzMVgekA{URW*FxtUh^P7ou_U5+mRmH35jW22QS zzl3@eQ~F2C>U^GEZ{yb(6?u_PD&(X?C$-azix+1A+W3Ts_p^G1`bflQMtoMp2RW$* zKGES@NZiQN;yRDvkdr$3xwji#?#ahqm0%paQ7()W_8{Hq7`1gzBS>9ctj#{o=s z5}{y0QWAC+TRv>&LSS@@WQ(+5qr6^#p+@2g09!Ckmk(nQ65@q6yR4566>LG0Rs%Jgh-7hitNz@yq?G?1ED1l ziC5iHk*wfE0WXy#Y@c}k4X0-C>hL?LHUS1Ky7C(E0`tgJWnQGGvq*GKVa>Sm`6t{u zgOd~{0*TR*WVZh~Kx7;(Dn}v2SV+)yp+ka%94}Q7Ymrjn0*RNZu*e_)BQ7sTNC0>( z)ub?p7lVs!YyP8kb{OeJp+7c?PJ(e5=onsfuPhi=G*+)oCIlCf6`Uv-rILhg3<+Mq zgkxl(6wxW%%Pkdl2bDkxMWVCNsSt@5SZn_234Nm{HV4_7f12PBI_fsWMjmEU)XwH_Up@rhX?%e2{v*qedhD0TyP)1Q@Y&0;qjsRtoD)eo-OyK zAI8&q`kQ}e?(hJA00loiBs*omOr5@|`AcX(PU#-K?>m2e-recDPNl|*cb@x)vq$^M zgo|of53RW?F_uaTPg>6BM{vReVb`H2EG}R308h~mKF+TK?XoRJzY@A}-24CHrCoyq zgT+T1gir}lwvH{#pp@9LxMc>waBn{81*d)e-tS|)@q0J@)`_R_HK$bk&f6~8l>WL^ zW9G|`n^zv?@pht4l+xJKKJ9fWQ zC{9UBeL155ut<&6M&%P@fHQq#Mq}|715HX%DsTMOmp+f407Xe-3!eMlcf58<*AV^J zKEZ5Af{`@NKE_`oNJJEr-l3?20@Aa5Q6csj&w2B^UV7*dpLh-paS_X7Bb_NX8B6{J zGfzuX;87l#_7h!y5>#HHb#CN!k+k%{4+pB6uHHlkPb#d)o}LF(0O&=c8yL(!3}7UdMA%t|kXk~dMl6sZ zB@s`lc+qKyUIVccs8`)mk*wfE0WXy#Y^Aa)z=UIDp%l?694~mOuybAj1WG6p{eQD} zC*ZbSWtphg?)$w@pYG(G^dSj-6EFdZ!VSHM`e0cqlv4UwkKBuvRj6fAlpU5-*_F4H zD<~ymsi>gz0)>XqguW9(0_jf92|0a#cE8qr$NcslSpkJIth+HU2Pn<{?i!o8c-&dO4`k+ifpu)H!* zzU^+<=fJxDy0l?)@=*;b2uFzE07TG>o&@N{otWOXvU<=RoxzDQ4;BshIPvi4;OO|^ z@Q6D$j;aS=i-EY^)q(Qtv(LLNbe9K)R-`b%aAkCGe8}U~Wm7A_^^H6g6OBLw5zR*4 zIJ?PDEqIL?@xYb)X6~Gohm1x&VdV)ZPa`!~96kKnsh52b(%{hY>QZy3pC|4HeY|he zhONA5b=73kmMNLKc9|p@vy@~)<;M`1M&rk@KhNZ!KIci65GV8meY~X)5A^+~jj8z0 zA&8uCddLKgTNq8ax(a%l1Y($-pe1MpCmB7BwZ~iVan8gPIYZGKH*Nj5^?%o+g36|?f2UqfF1=I9 zS(Eb!IZhd~^*nVd<($g7OrPxwK2teQ$*dxq0@FjrbKJsc!f{0~MNeQzPFz;){*M+E zg{Uw|4of)}VUIFGI1K+`GUk!vEtnjdude=cfXXp$DrBW|a%pKyAWdk=49{$Tz(D7Q z^2fRI%UHf?_;WYxcEHVE^3WY#8X+ZP=#@o(&SjSk{QbKLhd%ka#b@rA=$*Xj#@#Nt z`M>0$JJkfdgsauL4}9RjJFg9X{+T7RYr zkktjxdf^M7eqMRLsdv1FiJVH4 z-+uP2ue&Vxw6e_cGrxVN_ZA-!8rb!@J5F4IxrK$}VDTpHIA^Z@ zT`xCrO1Rhl#)~>9PnOxdnQJ9qWO*bA2$$MV+;upMa>g36CIZ=LU z?&Qhx@h-C8=u$t;>E>r#5~#cL(#_pd<<>=W8_TImzj*84{mg%RLoxr-?a4p&8&5u` z9Mic6JoeJTcYVg;-t*>9?7!;abLExy#%tbwstNG$r#^Z^w|i=FvAhjlziHAtXZ!3@ zxzmy6_20b-R=l0LZ3@qhh(c;eSlbZFA6wTi+hPT;k!$@ozsM%4+ckw21!PfXVYq72 zDeH+)hu`yKKXC3uDS`Os6Bw*H&S>+y(98a;%vDjAspk4mZ8yIk%_^?e@trHLywsyr z*}kl0*tZB21gmoIhsdO)w4OfK(B-{JQ${?OZMwPtQW-N$p2;w>v;%1Oe>@`r$v8>FEzMdbwAcUZ{N(IQ{piy$ zhOX2Y0j4R}_WHlP+U68PQI(N~rBD>=U}&_Qo-r|u9x`XBAt9Vc4u-68RnKk$7(>0| z0%kTEG69~ewZ{i)5)t&Kof2?Cb5u8R%7lqIutqt#JmjxD9p6bbGS>CIdhV=@ zkN4b585t{gk;>hivhjO2*;^h#fLq_)!P48yy-F1&ZCP`@S^CKYUfqUbeBu7VeW zOj*6fDoV5T39XNZAd^h>!vla!%m!eXwM0mWIu%1x5vrePs!1FgW{u&$uFf!rCbN1| zg|+7TBe2BHR1Ip#Fjipqw*L7^h%Co233Ej#*EfAHY-Tm#WD)?|2ofl{uD@@LoUG!I zf3D&oCiH|jj5)Uq!vj5KkQGMYr$1KK&Q0YGl+9}ieUY-rTu+(E%rlp!sVehNk|JjyJw|Htc($!Ud;>wh^ zy1LlRdCR$L*Ma#%g48AuD?KJ)%1Kee!8Fd>tBDxHG6}6;!nKf`ya8@?TSjy8b3+j zd%Ur=>rA$$IPt6!+s51<99LF{n*C~I?KP#dd1}O?B+Uo6vpQC*s}pmZI^|o3nmZ*W zlX7FI(5GKR`{N$ieqt3mafo|^qG*;`K^Z?dJo%s^I@Uz%C z`$<<$-0)uavrfJ3{d*qul(PnVcl^WK8j^cEpYX_S%ggiG|JBW!hxt;LVqv}^ir12p z|9IfcTar)_?b=-P=#4z#c?*CCRylkq;Bw7Ra|_8UH<&=C?z+Rc%`WzV0z z@P%*LUtafL|Du;&^536#X1PyNj&h2JVSjW%MFA+G*KY90wmA1n#zf+E2};19Czx|0 zz2&8nWVx-?Ji-G^&tXwEOCCJ6w5Vd6^P)H`FOF;FAwpouEqLd&6=6yU`T)pH>8;(T zD9`t;c`0%E1kh@c`1`ps3w7(WmRy{H>8odc{91G~VQOtxF{}%L)Hu;o#zV6Trllnc zA%XfeWqN%lk8EkR{%Itm5BcPBDEr>B20$q^eM0No{U0Id(g+9%X@=w+I6^k<48tUV zAwCTO*ha{~HB|rlv>eSiN z$m;lHcii_yPjq}PZDL|zY`ix%Ixsr!+klj}is&sZ+6%o`=nc=?ecfYP9UMM&{KUN9 z8$I`Y4*3^dGGwjRT+&Oz0Gio}jprS^^TP|>p`Nca8Xq2X>q@w>iNWFN&d9851mAGY zu+v=`SX~$xI^JDAA!YaL{l2HaG0gWyPIP;7o6b)ubDpz~XA7)3WH!BgtoMw$b8b6$ zV{g$Hc$aT@8XFoJA0D0X_1wc#gt*e@B!momY$+`*Q7D5ntbsC1pD7r# zdQB9{2vO>Vpx4v0tr%0lNm6f0%iltQ$?;!w;=HD6$j?2g{~Vn}&%((Gm+1V6qECo;PI{DbPIQ_i z6RVmw42@okTOMNG&sZ=3F^5S#^RLk}F~uZ;J}pi-zlZe?$xm&D{OIetOo>RTrxZG# zqt9Yv6+keUZ|gtD7g25fr+yHUdedv+N5PoYxApI=!9&h0yBd#Z>MZ!j8VkYr5e zg(kD~nF_Ib&FM)QA?A7^==Jn$E5;Nsw=_9wX50NgEIBBZXGD?dBcSV>Xa6s^7@B7) z9Kq($ue~UzsPw+IvK-@b5p~gdr~44kiRE&+RKS*Hzqd59MOk36>Xw2jvqQNf;DPWp zJRN|BhoWj;CPsV@Q@k~JPD;IX*OacH{79P+sWG-@V}8?He*2HE^)qWSnfm_!@N3_( zW7IbgiK|uS&E|)%C`bKtZg~i)TrlK7xG-tr_`7CVjL>Gi!(Pj0psXvg=u`j2ur7xq zYxj_Qv))c`eAxr&8y9%c2B-}{0`ZavjJ;l&}tw3Xql?kj{$*O==$mrG7C(QDlCv#$J^7d*&Okw&I? zsICaMg-tsrIBSv|zVNCi4qjJ&Z+`Ea-gn?B-#7W`Yd@MV(th;Q&i9+jD{Ge-&03l= zP}l1lP7}hPi3KlH-SQ0C+LcUUX}vZQUB8xplaHYU7>2syvhgEnhk-ZFi@PGM*NjVV zto62h{|kTY?|$}`raFTk{qDNE)` zPG#9m%QA_CREwUWp`M#qNGzpD&}43y zKB-E+ROWiiTC%#xW+2(>t&w?iW|d2ky4WBC2&NWfE=!oh>!p-J<)@kxk`*iF@vJvY zs)=6fA4ZGM1ZAE;$(*fb3MR;Spo|cuUI;KfJzH`xrU*$=Z%X?XuK%?+%wf~wH46@X zm_>bMf#9g13_*caTHzJP+@+V@@wT`4RnY}sChc=%BOU@8?T$|jPD~9JE+%jLr; z$C8+=beBg5PkQm``sDh+(n_-wpKV(>=A(Q=obWGV;wFdGr38`#08I^TNOpA0GSr79 zN=_u4JR`)pJ_Ke;&tdWI?@P_+T76`$chO1%b|qfaoK970Z9B@-Sp8>>Vo6Z)+f zYH?K)GX&GeRu7XS!mXBN0>qY}g*spYjGjsA)+|k?$b{rzHu;#1o}iiK8B7DXxAo7K zljM_yB;okXGKEX>HBU$yLsJza6FKk}59CahEWfD!1BQv`U@|ntE$5=p#2cADJ*5^B zl7L}yGvrWMDCVb`CVbY^9eBgGTI`?WdF;ObhLX8bDkBicmuZLI`>+71G=KZ_dGxqihgT z>n$}_YN)BA)Mx5VkHErd(^vs#X9G3_&^M-~gEC7f)w#YI0?_Nz;va?pqi53Af7q*s zCN+Go_J4GGx0xfgy5g@{u~4v4MO+t z{|9frxxoE&*ZJGsmar8CPqX{hgPk)r6LJI{J{R0~-g1kfSQ8g)A8SrPp<&{Lo^y)| zChMYH`0N{h?;TAN0|Vdvb1!-P_F?yr=u=m~JQ#Mni_7azAssq=tan!VJuIG6Ki;k6 z@e$F)W1rF7T-{Hu$--rIDG9zVNBsyBhfX z!TIiaBmeaEkCdDfUjMn$zV}7HI`zhX|HmIGRDbr3|Mk_=Kl_7^+)9?1Kz?~<)7Ghh zJ>{cqkG$ma2R&>9CAn{1<>+`&MIMy+;uD~`H&qs%b5p_$2S>M_fAJY$^dK~5>yXBk zA?8e)a(O?o^YW`YZ+RE|z_p*cv0r6|g+&ow?*Pn|m4d@xW~Zsn|hAR}i)2_}_p?kkmV?Q}z? ziQTZ>bfMaDMQMS%iP!hOw9%{+)$mUPSw9BY1TTk-+v2{d5E#^1vWPf0HBmm-QR>b_ z@^_zWa(u0vK6B&VCv4xwt#z?NrnB|P;WBIG`Q^1-|0fV%z8BVC*O_Q*%0z9i|G(1v zU#vPVctcoIU2E^l8n)L8HI(YXazr2j!gh+;?3bzkQg+QrO%RAlz+`&1^qDd=l~^h4 zoK55uXElUjuIG)A+zffpVoNZ^GrbnURD1njNe(UH7FQa6YCS}cw}#Zx!Bgg-0~^BY z8`ILk5zF=r-Vs&b!H#6Ivo9oVQ z>}}fA+qk*uHyRer%*^W4^vdKE@V@TA-i3v2-}bmI7hNoLjpCI_6mi3dK%p}-SZ8JR)S<=W2Txvh=EKk2dX5lUNG2q-KA8xV*{t1= zJ}oIFZA29>>pKWA8Gs+MUe47gO_VV7NU1`t0nsfG#EtfO=> z%JZp04^~m9D6J8OCdimT*38Lf^^nZt zCmOwBjl#rG<4T_)!|I=g99Q9%49SD6VhDpM`hIT$8S0sb1cDZQz)2>@$W#&tCOsG- z0JEAL4C&L7QsRmNtYr$A43H>#IqS{RH_pnjAk!OGhcsHO0^?t!gp9eK+yF}_rFd@Z zKfIwU6y?x|TRlDjf@$kNJhb(X2PEVab2d3=>#3STQaSWsDW}Y4AIKS+(lVP30hpl{ zZW#s;KQXC>nPrj|!_2n(fBm|a@sSC%BPUF{vOId@$9FexYX>@KZ<+EoV`%3&XJx4UOyWAo2w(O(-xVt=0#3ZdG@cGYts+sKcHgBFT zPP#MO&RlyVf9mybx*oDtquDH0#9aS)!7jl%ouel=JoexG*QakSuQfCu`-_*p@%j^q zV%9h5oOR9_B?nWlee>>x@}qD*&ZhTcc78+IdVSGymRz!0S%16IoC5vzAB;^HUaJCE zT71HAm~)|Fa?2Ipb*?l-f89%8{HHgR=M;M5PkiLrutV+WKz};-S1eX<)pn~O@gaOh_0R;1f^@b&Ap&VQ7Mk34E3uE3-6^%=54aj=#ykfpsadMG7FqzWQv?{vC=1#0E*xC z`v04<{_iT;9Jw5}=5Vi-PL7;e$5QD4q`8dHAQg~VjehH+uUMSjaQm_2hkaOWaKxjZ zE2HD9Bjc-+<16Fi-STf@b<9vdx-v4hGBWC$S`K%+yN(@QoSEBl`J+=tf^y4wN{#27 zIki|*!Sn#y)(ajxKd|xky(bQzTwP>TUdTpN`ieiD4R|KnKaUF!uk=PKS9_zXd$G5C z_~gp%`;X0cHf}lp$}H0Yg%HcoipYf2w^+dtG_&Gfa`vOfdUFTvIJ|JA+(q)om7(&n z{lVd$+f-}+{QBES&)3!smD~INTCv()IJ$gr&*8D&^kwH;klPsQIZTLZNC{I74dF$})ibc6 z^pXh}L8D0s8UQWBcuSz<6Agy|8e4JziAxDd4he?+KIxgz(368~>mL;wT0$~%uotQ` z)z&{|R1P*2CuVBZ)j~206Vfml-VEW}`o{yJ^eM0u8%tRXHGM`>#yH=^E{ZA<8u7Qx4z-l^7#d`kGuTr9Mi22ywb2lyzQ^w@mb$3 zu-3rf|Mu3kulx)?`+sg}!QFWMe$H#o1U~|N{cB%!Yjantv*qc}dE7R~TA(-ufafHB zyiT5V>A9vvAO75H-gV1DG8g*9?(2U2Kfm&(+#U1MQ;ThQ=XXA&?1$Q$|LU4!jYDpk z^m>Qi@n>(&RPUir+~J`qZ-)kVJpHPKBaiog8mKC&oG%o60lmSETrQ?T9DUt0OxUTLQ0=f|J=lRq@Q zc8luJpZ?z89c{LeL|jg?g9op_;}p6C9UVIUu0Q;hw|>6-8D9%^{KQ+_Hz9IIsqX)4 zGsR;4LPAywWZk5s%L$)y7HFmUB5bpg4ebTF{sfQ@Yw#m39sK&8D|J~)h!fs2yS9QR zZbI*P#8qqS9s0m;{`MPoAM-0d^9OGE=pX;uFa705j+Q7*^OimMyVz@3a;22UGRzpL0 zp4;nx3}d6RiXxgycn**QM~JLPDNQvA+w?TwsQNGWfRac0l5CTxoN8KGTmNcJ1ut(K ziq`{HU>h#HaPg`q-2SFF4No8MZP>hdc*LVOgOlS!6O(?LtvBLTbI>K8Ti>gbtKFrQ z#ifOVtKFN99NT^P*!HJBZR17dQ(auCIc^Dgr4cK;LvjlsMJX$7(-{v~I`O32Z~XI- zaZgkacl<2c=<-0&w+I#$r3x8n4X?J~^ zOlaXaPbN8wgvevh$1!A9m`o@B8c<$A(8HM#m>R6TKl{4DQRdt-*t$Wi0|X zzpvn9%AM}~%Bdp@dv8B@;Lf90Ui6H!ww{|+6xjL;h7fU{1oZNeKu%P0T1`nZk)>)% zo?HdPHdA_&F{Dh+hGZu3Uj^o3#UVc#CNao_ z04Uy@Rp{e3eWNa#IMip!5@yAlYJpKXNm8KXQ=M0ncn&|nS%_JBeHx#pIA@-;1A`&J z1khjq(XTsLdwBzkTYdsadVz%vQ^`MW;qO)bvr35cS$NG>0%>Lmz`|*F z*3{BxypRD31A*y+lteB)M*L|${gcP(oG+Wn5 zPGU3whP=g`6^&s65jZy$Wdc<{v5lcvN!Tn~{^J3LKuN=!A(=^Ls}O$Tke^CdGD!$B zTP;G|rjMQ+hk8!*5(eh2t$!3D1j7!57T%DP7FNSvXskTP3M?MXGB?C9AqOnOM7b1v=gVGv^qJ55&P%qA4z2F~*jxYjO`ilP&L8xgM{nz_ zl)v(=jGcbP4?pCu;7$GgAN=C6XFl%K9PTLYNFR zUlYyG?eBQmTetl9W6vF1S{uC=vKlrQ7J@DHv82H#t&D`7m;1_p2?n&oPcaPlq@%LT7Z|zlKveRk4Ly1qk*<2s- zj30dUCtp)6cD?bJe{0{5e*fdQO$@Fc-~GS;*Q-Bzq+z4edG<3N>N8aE+Idg@;j^## zAG@0m8GZOKe)IOvJmo1@Trk^NJh=CkkG|*cKE3ed7rpTD<2i6*grDZ`bDhrS=ls%7 zo%r{^LvE@`@r!>{@WjUjPFp8K%SZ^2{$)FXe>OZOqp%AI0v03rD8UiLeTod2R&m?g{=~~qpP%;?6n9lre(@_oOO*8&vS3OsyfybhN{qDwMAsa+ z^%rP{|K#>@BG8J zU;NWgJe%z0dSZOdz4<)OIdL14c>c}j98W7+MC1mC38|PVG1N?YoV;Lur(;4J6agGq2GETq@$UF3WI4f_bDOP3sgK+A zjk;*S(q}Vw@&fbr4Y~ebyM>gDvw*UWW+i(1%8o4MYDg({Lx8eDH}B%I81k8qziM!G zWzRL&bf+ek$3{0!&5ZlQ6hAI9npZ>|@ZcTWLU;A>iBq>8*!THE2X;RBNvB_R6&4aP zp?Pyi^brtLHtQz3G|H~m+%aWEIO_pV^g-WUH@?0z-0_)~xxvYa!TI5V6TXkAe5%dy z==tE%z_oO$81PQUOw>Us%@B4W*foW<(1{NN4c^Uw<(+wH7; z_~v(v4UPix)dUihKH26;P6@;hea->S<1kS;sY5wLNyCXx;p#Pd8dEMi z;0Z~_5Jp^@tSET1THMkQG8=u?$fse=jX;wnkU2DD`^EKN4dX4IlVqGE2SEXVt1{FX zRskTe2&qf}(P6SKQ>lMKqQqwadPBWgY%qi&M^6qcEG4l-i8rwb8YgiMPZ>GNU?dY{ zrYg5EfyGI{Fo`RlSP?>d)*HDR!o*?ChbC#HPtblstb(~HrV_fXe>`9#gj7lmaobO9 zB|jwNFakbJr2rhS9G$lQLmg(Yq~Q}YZT+J{sia8AwRkE;?fxHH)K6H-W@T6ffb546 z{yF#mq_kY#bCzRQ+QP24{`o838oB)bY$^38z2N^oZ*bnHC7M-?KI&h+X#a1#=FQC^k)Y5a2^)?F$O zG~vPW&wlii&wk4*c9%EQi|={O@4nl)Hvag3|8w8r$ILuEBFcKMozH&iQ){vN{&V1* zrSE=t`Q|>m*5Jh1Km22l`^8thC-XPF`)%cebGej1>tPRE_{gUYmOC)6N4;>+%VA{m zqhIu+`+xO+UPB(-|Dpf+yB};UbXY3liq1Br2~p%aiB+)Gz$te|gED9cs3P z1E2i6Kl$X}v6ZGfIRkU$uNIB$Z;NX@o1k%ObVqkQ|JVNYOa8+j?kV3jarke4>-VRA z_9ri#C>LYfpYZ%2KmMC9zhW1uUnm5h84hvbkT53X2 z);)^AZ38Ubm)ief78i#f`ou^4&8t3MBDr*V@Dp|nopgoBB$pOn@UrV$nYmkkFJ$3& zl~ei5%3W7J<*&SJhYo73B_+9)oSJM?|3ybVi(Y)y*}lVQ>@nZ{l%Pd9{-k*j-0zT_aCvtSHZU zB;;6EedReA4q5ROtN1rXNkdO#*zW&@?DqN}3+?;g=De^2*y74&((K+j%bYTGs9K^d zXX`i3``_{gKBsi;36XQoTSMMq)-A)V)i#H|YzG8Aa8^jze)W?_XJ__Y_r4Ri+H6e z^DL8k)`?5gAN}l0ziW7OX3uSJJ91*r8QWJkZSG8LSQ;Il9vPfswY++AY4ODTkvk6^ z+;!*feJAFp&U)YvpML&#xSq&zU?gCuw`y@~Xj3_m1XBQ-&=Qlwqb`2J?80j#ey-V!=)Ig}VAB_VMWMW0MqX`BPZGns}5L%kt$JrhG# zjm6q+T0>dI1B@0h4I!~2CwcgLRsV^ludc|P^k-|RMIYY!LkAfT(zB?n9rDZ6KZn4O zT#*Se%<4ifpBmWRZYLRnW$ND6KdX?Oh-89BpTnUSG0sJ?3d1bFu9Q_00E>{R=y`}C zp*SA2@t)_({`FJ|;O$)UljhB{|f=rROI3z&wG0~Z;qz*<}X2*IRYLwtQ@P+a|z zHx}Fn2=4AOSa5d<79_a4hTzU%L4sQ#xVuAecZcBa!H3|?JNNEByZhz6)gNZ+RGq57 z^sl}9$RDtIgj={hFxVszo$g@VmFdDU0HGx|2y!yVg9hbz9})WXlPn6ue=`^=^=+=ujA95Pu<;nOK!FUQm)*tqgdVB#v)#t zZCg9yFups4#H-+i_is;+mwvAl-8&z;tJjw4yU%?gcMarUbK>#YTE8@Q)ny+mi`|8D zh(LY>J`X#4i3uOQ0IBFHUMndcH;0W|J$47oZh;>}Dh{I1av<~50guj|hlfL7^bQ}k z)3@BOMl+49om{qW?N>JNy*Er}CseCni9f6?9`1*4-6g)yzI*O|PMZ`d8#vFtj=c1J zyCr{)hurn&itc}~TQ49I4iiDk?f~0%UsG^A#eC{|g7-aiM`bv=cCYrD!V)_R$+)=? zp;L+9-&u)xIZDgE8xni$Z}C5rcQdoJb8$I+i8v><7cTIz@-*9?x|!+B#XB^eyd8lL zcshC;ta*L1_hV8kaX-rKx>?PIjIw-|eK5LJ%6V+)_F8#<+l_~u`iSi~;$>hGV_NNLO6fKG>Wm3keZ(=38u<*rlGW-XE98xjI}Y&xziV z_7}sBAu=)#f9=HYY*spm5iOO2KZr<}IT#&yFN?@u{^UNV36zJ^2y z?^3PNJH7rmBS{rzTU-!Nt!@76_Kc1NosvVU!!(M77&P&H#wQP>f=#ddqa=4;R3fRr z?<)oQOb7rY_UQ`Ln4pkxn=B4L5shsDeeR|Kk?%K3m-y)WTB9{))cD374d~a>KRrEj zdxdP?ccp#(I1iX}YCkDP&|}PXu)ti z>4z_Frk-mwQ^H5rdksgeiP&jXL#Df^X^}pPu`oZ8C~37N4Vzk@<1f2Rmm{3pZs*;T zG_#IWvof;D??;>6I$js*G>0)sHv(T4M%`6Az`G3;U5*zHTY5G!RtFOXMupx5g`>$U z=>0CK%1jhKv)2x~-nUPRxlF2NmdM5NDWbOXvH0Sp1zJd>v;c4ytI0oH^`s%~-GI*t6l`VgCR}$XjTP6uGommjJNC z`!;*4U=dpX_#$POl#~P)8}D)X%N=qv0xrFbBHd{HG7eIG92%tKcoke}AiB9!H1YGh z8rgguFGx}hw6JS#@fw>lvGerQ!OE~;e700*|E&bK+m|f->UQ<8-79qQnK*-7Uyn3n z?Sr7!67)+Pbc>%$dOP0o!j{#Pm08KeT&_lL1}2WL_mnhAS{yRTcRnLa%=0LaDUK3< zQX^aW>S61*9y^;3k19fKvJh2vvuhua$wOU3YKk@uf+l6jH8)NHp!f%yAjh5 z!3yf*I5NZpHmUe9D#-j3s~MVODv8DE@L9VVm4gXAq{>O>4_=q;kn3^hO`-LTzYFhQ z_X{rDjrll#@`a_sGuS$WC&+4yv5KY8HB=5Ere3Unb@TJtUfBJ;G|&G*Uh=lU65of| zPhSWiwX7v6&+4ro!jv<>{mw+OU}DZ@n~ihbjhe`diZ)3~s`wL`U!VJ6Sh3z+t6s*i zAj1t89XkVV!ECw<9lQS$d2aF*OlX8Cc)a_O-)Y%%nEd{hBOto`UGb5fgToff+upd- zEm414Mc|G#`5BXh4z=49$~2Shm_?#dvdu06C`xu_mr7oWaFda)ppMs4p3$OdSuFCn zqgob6RZ>+qwi3%0W(Ux+(_mWH`NmO#7+o9OqF=hN$U!6<|KUg_MkK&~Wv97a! z7Q<049GmPrNY%OhI$!lX0z^1{sE2?6a?VB{zL=OE)D8^E@qJTq%E}hBzCB4(brha9 z`g1qk4s6bga*thO4HK0j4ne4lnJC;|BB_Orfw%ukzS?9Bv5qI*@ZH~kdrY}0X^q;6 zY8z!EIaFPPI;cE+mtg&zGuThKPHWSk7$WU35GdFl|$?h#hHLOma1Hxnb_dTNeO z`^S5LbQmlm?(h*#RYsI+A_yqiRlepr;Q+vmXQ;IPkf+AIge-fp3^Ok^mawUw+j>p3 z*8W1=IR$4^m%k4+(O7D|;s86iXcLwAi{XIQvEbvcgt^7rdX}SMHr!|w&L{S-)-tcQ z@SNYOy4YhyRgqD?>vd)yDCGV$0r^zPBGKHY>dp?Qh<oRXu1EU2g9Z#7&3vQR2&az5UhV{ep`F` zgvdlylrLYO@f(#}`E_4d#jq&hn92U#P^f7bSlIsj4Z_w85dwS1WbI|4*4eV4zZ1_8 z^~JP|hMjOqicwm`@AN0nA+2C+)6nlBHi)enqUt1|dK=_UIm*MWw5jsiJu0XJ*UOgB(B}Mg=J|lS1*Gu z5Og)G>1HNxyQIEi(TNGjElxxvLWD8Iv2j~qw5Lu)TDsDN;@&n<)49!BQ0 zq|qxH&_&xm#Uq>{ic|E7wAz^T2B3JCP#=yiYL8IeOpsLu zWi~g$+)Bn?T>d(^m?Hrk_PUUkd{SanwZYADzdxDOBpUu}hSQi&_yCoK~E~uj-<4!2NgOR-yZtS-@ zTgb8$a6inL7xMhQ+yhq}hO`t%D!99T$VskIAh@=d8nxm>$T*sjh^1$q)p+vgAvMN! zTXxd$)v0p?G4CB>QmYjf*#}xwPDp0!DLuq0kO^}Z~y~RU1QmVMs-T*N?Vp4-1F$iI@lgD6S3mQ?Ynmizh1^?92}B_KkW=-&)uN-xIwu0Rakp9e}dQVnzV#eEcPI+x;osimIiG^-*m1qxyJ zNr&)o7AX}>$w;NhmIo>%0*GErq;dIMFK!$^t7Ur5ZKb3@K+k@^wgF^^f-15ciCB;b z8eY#;jHy=+E-F=Sy1UFCgx9Z?o>_gRVBjNV_+CZ-Y{W*@?;=wW?UoO_$7Y>PJe~j; z0nI+&y-`?!N2KF67sEx9LG1OZ4csEiMnd`1Z#Dem1a;{(&tm@mc@n;U?JqFJ5$}J@ zsb8khiDD2HzuE2rHai5;biv72K%a)Im;Fc*ySBHy>-%2=D#&itfrRux31TqJRffuR z;7wi{mN20p6)w<;YVszjVxSU@+sW~cw-bA?3j38))UuBRHXX&i-^9$48HJW0NQb8c zVO!7KMlrV$CHZApn^sYI_ZK;L)F3=dEoG5uY<1vGeM+m3&!G>ub0Tacir&ES3Zfot zFERopwnfwe>DXe^v!R^m^Yx9&W~YH_$LX3Uvw8zNb2$>GZMwbs?ohl@lJZUPeX0cI z_O4^632TGZh;~oHJ}X6{b-nCJyTE90#b){y0MlL(h&o+sHAlN>iWV>1??TOfM0DC# zM5XQqM-xj+Dg8H4?)3ID;IU$p9}*;I_}CNU>6H1yjpbxNIBV;J=e zjtRZAVVj)c7O8+tpc}C6fH`UuAt;54{20K3LYtq%_6?Dgj`LI9yD3h+S$kzh*h+pm zzJNshPcSBZqj{Zga>%JO;i=%?1=9Mu`3y7-&?h4;;;&e*$MJ8aNqKy78+~9TEb{eM zSM#`*c`2M8!b1=0BfLeq+>J2DiM?U=pE=4nbH48;*=^xtCrtATx52LR@~jOGi=_Uj zT=K!pi8Ipd48ojxHFVWxD)gf44Ar6mx`JWX1xKl(#PzZnr!C6$E0z45qAY9~DtMg} zrreFn67gh0vL`r&h0N2xPe*xuKqys6R&+(W(C`=mVC>7_Drh7d#7~dDm#V?tldKO@ zd~6C%##Dsi#g@P`fidA0y#ptcTFDm&&)S3PsNKiKsQh1O+0$3HZ9h-%MB~zHzTBEe z!(_Bx&C)7<=K7XG)mgbaoIoWw%d;OVTQlo2u0vs=V}VNFmci{Y(`$q7JJ8C>Qi^W+yWIT1!7x*0 z#z{C$JJ|I6h*?c2c2k?*7NgAMR|-`%gdJb4-_IQtN@$gw#ue$G7P|f1Jh4d!e%*YCH3JOCd;{lcquKpHea;`)ATX62~K zlv(iXL?+&J9Zt%QD`JPX(IU8bSKWDRW;UKh>T#wamR~b_zClIZE7Pm=la-1|(Iz9vgjj};O89cU z^=%DWrha(76=D4rJ)2^8xiY&(sZ>+n;YRqmqgg}LC(Y#Opk5rYBd3(8hexZ@0Xe$T zKBZpJx5Jzl@qxq`RQI{W!TD5BaMQuu07Ar12=CNnrt+ft^&x^=dpj{_xklzAg8i+F z_TaA-5EyXJzcFCV_?WCX$^3>fnK+M|)|SUak8Un$OOURC)`KVVEvFueU8SjGP9i5V zVksmtB_ODbj@z;r5ju)qe{Z#~W)o?Jy>%N7vDY*k!$09wa#0AqoK{}0$cYQajEDAk zMW-d(9;g8w4=Pg(lv(0YRvYa`EDH%QD6^D6p+``mmYuon=joqNq^wKSNVf7Wh!3PU zk-Qp(ClUam;91nuF(hSbS56>WA^#)-A#{pA+7q@&4$xLp+QKjnPM)AD_gnwE#?FXB zgcm3BPaw+V{noWb+u%bb4Gb?Dz)+q}@HP~Rg?A)m$zV8d<*r!N<#qB~I_T$In70v5 z08nQPklZpSP+>gxR_5;*_Xl;k>YWZ$4srU(_gmQWxxQ`$u@WH>Q#OMtZR$TT^@15v zl|yQt0_)#Q6E!TOtT%ygci>;V83Al(xoT5wljSH&iHi!l>b3$)7BDJ_S1<}{6iHAY zy@{{Sdnv`@K^YJy%VA~!DRmLRKF}4AZOXn1W%oyLlRrah;8xnZvV~?|;HXOFN5gaR zObsCEDEPYN*3?C*U*knl?)^NTF&FC(glmtm`SS^iqV83K4w^FAXXjCWQx^ zaIV7*FbGOznjl{jP|;gpaF2SOk_cv72N(BDxRD!Z%JVI}WUx06%FO@vIXAV(leD4S z3(nD~Ip`s>v*M-KtIxrQA+&_&xU^2BqSfOzamcEDH~*l!Ho%18J<~8pn%rt;DMvFL z$h}iCw404yyo?({ncrW?z<{LcwFJ+g-lS;L{Hy6Mp0qH$TK}}Q&xnq%vJb{yunUAB zLj1i<8^&Eqr<6XZmlGj!dPs%Ht`~ckO;UNx<6ljn{QNQ6ar$=mkU!>vS=sam44|Ui&8f^k8C0*cMlH2)&?=CF_1ji^|PEsq8wAB z_uOD3&iGyHee3b~g;V?@-I@YFT zNU1nl{wlQUd;wJ=G7m(-7M}bj+6@uAZ=0ShujG?lI#~0 zAhJ^FF54@8^2@9=XPaphtlUZmbEZOssQ!BNZE@ZuA1SgTorlWiW1o$yQlvqr9_R)8 z7@$NCP2?~D4G1eD)tbMDhAG5UuqL2j@d7{=7(<9v*0}ColXxu%@|r$uivAk0vRK%h z!bCxdY8<}Mdc$-@b5(OxR?u-10*cLI7~&>giw`|QLl_XI8aJ6mQoqL`$)FWCQdSKm zfv%@ukTdFJPcUP+Ejc~XlDRFI%Ob@-#H$*nwh+fzLAhqIO)nsfvrze1nJDv%^ut0J zAHq+DBjmYHwdkWTIJo>uF%=W^(K&3&8k6N11^c;q16~ER^E^AjFqQoH5ipB^agjOn zpXqXKws|%6U;1s5NpW{|avSw-Ue}Yso zbWjh}HR*t~Ja?PbLOpDu_{5RaoH4Ex#BJq51Woy{#-M_Q{>JCP-y?kC7zk!jxaJ=N zChs9GMyk(;r?Y33F3E7VxY%hwOO~xQJG%`bKi@I@=*`>g+1_7R*xyffcDS#I1Yb~O zD25-In9k9C?YC)5rYo4mndmjFc)LrYQ}j205TcRD_v7k7h)#{^VptMVr4Gf_`3|<0 z0-xXRbDv)?)t#uI?d6sNEF)cLw*4Rsixj(3y`JytkEUGyO>0g zd}ES)QDT)e5$2qoXJB+mR<=Pe!a0%@s>49hqh#pusffdOM!^w(da!<%k=BoF^$akt zh$^y9Ou+>{Sj>qpwI2&A`1ou#Udd93#fI(%OR>PYP|_*~jXGp&9VI7#>dcU*ncK9b zf?vkH}-ZSYY=`a96LH?w0 z?dp-8;B0KuiORebZWLVQ7)O;wJV90Dk>KgdoHo(eoHj<{HfXB9@vg=#IYCq=Bnce_ zcq)xESDKB-Aei3#cAa4O9XmC09xtyUGtfsOkMbR@UOg?N29}{7>&xSB%%Ssj|ti1T4!7?JO zC+Ef2tv)W>;NR-zPswIeiqeZB6!l{}1c(m?zL1)C1u&nb>~wyRlk8{bFmX1f_fbj2 zFE*;D<-^(3K(0dpB0ie7k=zc@|3Lt)QUV!mH08Rc=fL#QjBp~lWM)OG6ZiJ;c68Y7 zOO|IykI>ems{IIRRdaI|H1#m2#IAy)j?0>8;_c%V^7PYMwc66+fH+9jC4?&Ob8jz? zLW4-~cK}+V!WX6H4Kx)jz;syQ0Dgj8>Rq`Sx}*R-;;8X>Qe{`|A3P-`v&stOIf3!t<_5ecXwERG3c{v|@2*jL zq&^QabXFdt0J*0*IZ(j*e)QVSK$Ku_9gIS#Zico}rsE%2vr73|>A6lRQqm)+CYnkf z&nI^4q0|;B3z+Cw*&@5jqX0TLwff#w4jW9y=F)HB8ph-#vgi~i=9Q%@{bWy7#$ttp zQ3h!r)hU)2A2%qA5Z+c|iqqVFV{vHDh{|-n=7??>on^Bk*2RN2p z^;@a)qg5aeemYa;AKx6Y!si!iw4j zFjk98-I9Hwb`CXxZuuuEsQO^Rv=mgTMf`Rx9Et0F(oY{@pxpc~z10h^+L&$sQ2E~1 z;^_+U+bAcgVkp**i6E+}k=nGdH9r<{hII#HTSzF!P8K~8r#ZAfZfRl(BcdCcx<7&i-&JU6cn7{tkxEReTco6(8+FDRU)?9bENF(VnWo9O{N(72~tAnR9pQO@(XcYq56=rI7v z`2Lm1VB9@1n1CJ|TrI4EWyaAJ?rrbV=YZ@Ubvsc0F-gabwT9@PSOr>8_Ls%Q*=4gs z1|JEO;(R99rIO?DQhHF-V1sONlprD237a&UY%Xo@>Jt`QDdo?KM8MQtYd#SF5MGJm z@T4~%g|!*I0AWTTxCF@Z*#TO@uFGaM5mt&P$l>I#oNXK08H#v*xZTobKfSe+_7KdC^Hg$@0^KyE3VWeoy zy|gw45LF8d65G;wmqjB;SgH@|9>acVE>KFbD5XA(p+t?h_;)@^C9y2ZPgl6WjYV^Uc0y0 zhFz6V6w0xYY#TipKVrBujEY=5{wbzzCmS=g%fUn>DKAYu^DpVgybwE8DT44G zJ~o|wWY>%1`2(s zgjj>VQ$YEc7E~&YHLYxxqD=lBcO0nKq9`NS^xU09cMyz`U1*|(X2mRq zM@uc^Z6Tk)GaCkaVC{Rglhii{>wcE;3e%9J%GR zKjSqjK-UFoIS7PqP280xPwB&0M}Ol^=N*9AoZoR>)`^D*#K#?yL8B#q!@MHt$!*Xd z(M8jvCme8p{+Vuj;%A{Ql$}wQA!?gV8G}E*7tbY?o{q)M6o8FWj&zVW!Tf9*2Gp_I zi=_;%wMfk-!1!jGKcM)px>ItlzaVSvG-VfC`K_Ql{jRPO#Db3&ERbdS0xIDO??wLTRUn6`^4 zrW1O-z$N>ZcY@Am-H8Al3>0~HY3`yLHirm1PK1!bgnuo8N_eeMDrQU~XZf#1q+25w&@EC{D8TewTOsR7S?kou)G)voGK|npnaeDV zJn6p6FzvzDGyL}|%$OTq14h0qQdPBce-mU$A8N0HctVVQca#nm>T4wJln07?5Vq z_(&LftVY8|KnRC=Cb9TO5W-`3Vf0f{E=OY{ZeM>5d*8uPG=cM5{@K;~b z6DLGtyWeNvc9w4)F)=YejI3RL*K}Y!Fw^D6-x?}C<>lpZSUwN>*k%iOOXkKer%*)S zLdetXf8RkiE%kHqZXj^>Z)v8ov8=HtCntZG4=(a6Q~v*VcCm%tid0|A30d4gX=9jZ ztKt$B?S+gUvJZ=JJu-7%d{I_WiE-N>F;#o#k5At9E6U&l37-QgrpluXpBqT~;fDRm zy2#69OZ1!HE`?ZK{jYl4`Qq>2XUk5?zR!MlG*BfWBm1$z$-l7v@wDYhqyAa0#&^S* zLd@0A!mD*XkeJ-_-o|EzEI+t+%A`$gzuQua6x@DL{BarLBb_^ZcBk{w(lBShgr;|< zV`XjCed(KX{{Fa2Yer{_d*=U3F5PB5uLW42?{gj>HH}NOp|u@GZ|N+bbaXbaT53cB zUVbk#jZIAa;mLUviHT8yoELTbZ1)7$c;j{V{Jk`KK9 z$Jfiu+}!RRp5=}}_nmj|ouClw=)Qjz#sK5{`&`+0Sa|HMgG$8qPBTtU+{{NH&!Qts zei&Yl9-qCXZC!plv>9uWi{G$nSQmBZr_O*y4L+sCs7 zfmihq(+#mVfLNRBUhy+F?ES{Xr4()8pw?Q!6+V+4?EeCE>jpg;tKN3$ggr6mb9haw z*T~K9*;yKBvPi)10efv{hbp)0*4fRiZ}Nv`$)U*lK8-v1$_JOL9=jIbKgYAZ!4miB zT`vvt7w;cOGD)NxoG4Y)e96l?R{c0M;=7>e_7P&*^3&2$*UupP^9?-?dWAE3Uye$J z)PK^@&>Zl%bP5mSIjsG!09ZdFy5iRDim6=_X>yr6+eq_XeLob_^bXJ!Fy3|axPD9e z=FQ#B@Tj|ST0fp~v3nDOHQn*cmi@VP?qg_^PIBn0FV)lP0-SN7tESlo}FK#dB;J=E5@9USWE896S6hWe^*TsDL zx87o(<(}`)$w(+5%VK{4Z{=<0;CWe)+|9vCj-wmesJS91^vJiKU&y{fJ81(OzMM5z zX_od+*_TkK*+TNi|!b&UveAanTKa+HyLT zZH=Cxg#0BT;)y=QeOhQ*?jd|CNvO^J=<>5v7rvX9*KILdLj%vJfakAX?7nA9Y*JG8 z@6C;qwAQS{yXb+ucA(fq^iwC0LTogWP(t-S;C0YHpJd#1A=QH%0Pt@ub0DZ*A<{ z<{DJ{D;Ru3J5zdZ*j8gU4&3ZV_T)BtQ}XJl?tc)Z%Ie4=%6$SwtZQVt(TsK$<4!=< zI^>PTJ%s)T^v*ondg+>IC92sUPH0}<{C4B{w|?LGH5}YFnbAyBu(7j|3A!CW)a~7( zp(!aTRa*-u?)QUNZ%%J+#`2Gf4Xcvl7x~%LE?UEZ{4Kq_-^}-7;0fOQj|GF@SJB|%rfdQ}mF$Ya?XceC&P`E5*0K)vG^%P%$- z$K%4k3yqvAW3v|iHMk7*Y=Xqzf5ZN^dH;fA_<+9 zgJa8Qev&~gXT8omVmhiL1{`ZR#BU&K%)%!e*mx8tQth|-*4$EASt@pjaZPXj)RCru<32KhM7d&v2Fe;Do*o_+4i+93^Fxyd z)Alq{7c;G%9)Tn9irK9SS~+w#P0RgKoT2biEt{UVbBWzk8=>9b38WV4JfBN}fd}S- zT z$s6w^>(Q&Rt?7Ru$bu+*wF}U8GMbo}R8>_;`!ud z5#WDc0KjmQ=&rAyX#Ta0iK!f?hTn_k+j8V?0G{VL;Mbm91e={9Y1vw3t_TOYxA-9( zv`OpfGKzhf^(*&tnL+#Ij7fYnC-R@ALt!WAa!7Hbr|Nq{*vgs<=^e=e1p3db^g$GX3bFN zZw?Tuo3tVspy#8(PD}`+9q6(Zd;atMEAR_hldSa=(Ij*_#_TewKJUh&w()C6M?2JQ z>$>qxiKi-wdAx$R)rX6x4|-9aIEt6W%r6ituc#?;lwuh<|I4@;F3g_5*`#AXo0HAE zTMK53iRKJQRi-03B_ZsJ8OqnSPI9QzN=cR<4lZ9lqAKuUwtTFkE!*5QqCO5%%~)?T zF1)#K|IMPQ{WVWF00j+}iV`6#2pb!2J}anRGJiuB4J0y&V^6YBOe7tAa6#@1{`9S| zs{PnZcJZb6XTLhVOoqc#=hrQ%n6N>tzj7eJ@Dgo?_2J5|hQm6$H7TsukUfF6!_SY+ zWH+@;XBQziE@7b;89Y|`V(q1Z>-&nHc$;q48s|}e!!~kVn(0z95=lBgP387OG~A`& z$d+cY+Q~AMfyAB`BC0~Cte@yBmh6*Mkdgnr%$`Q79{&3u_nWdruIFvbw=zovT(bd< zWIGJGzr*4SH@l3|Oj!lL3K9&ATELCJulVDamvl|*K9TF|$#YwdNiN*8Oz}z7CZ@X8 zj4W8)UxYY6_iZh{ZGWmGAPd|n$}9LI_j8tFVeQ!CeeUM)w9v&<>j$VF8A}>v7Gk3H z_I_T{1rng#yH!mOM{IQ8grE_I=(pOSSdG(4Uf?ULTJVj}V^inxp)M}wt>|_9MV-s$ z^_}`nY(bY)cD~k}|E|MikQr>Ll*(RG3$)cTmr+UMm`LXWkWE&uG}vrDz%fwTf4n2- zja}X`Y_xDyQ@iJx79L&imzbZ8O8C*xMR-tiTJ>P+Dg79f@o;1$xf=TQ`zC*j|FIM|#e}9qH$d~4>OS>L&Mw|5{ zxR2r4)*DJ^xA)*m{r6pp%OErwOCEyul95;lfyAw3`?uvIK#B{PgTg4n2a45;NOFZT(d!!d){{X(S)$=Wzb zqtRHrv&k)#mJy$+)dNfi2MZ$NL5GXmL z4Qpx@u=KN`;3X{~UN&&xurziKJ*1s-X#)iJH*Wc5kR9 zalPhYxbXCidLzW9eEg7IF(F2Y2}Z4|AYA?HJA-`>rd}j5qzmG-2}5Tv+DRw z-=TO&ayWPsoTF3NkkbC}y@0v{#=efu#>QKec^_eM04nOw6LD?UIsSVY)&+ioe#ev_ z3aU6d2YM#SzP=K$l;(&8ik6r1Z+elPWu?3~I=+39N3tC2TK@ZUFkQr#pqy@L(WT>C zb>6;07(iDL2Xe!*w7j_3)Y!~r6uyGqcDd1jbVe@HES;&Jqe#2_ZdMeO{$sa6U69I8Qc7wyr)o5qj~=wZ@Mi@YaOduPpmAO7-3># zUd?D?$c|e+w}#yB8TPW2c`YB&ZY+LO2TQ;whQ%*-8CXIf1{Z* z1A#C>fqu8lqR(VqI(D9r@Er|yuA6d#I#FX|qZ!ls`uc>#QkI-{Sets?zySLFJpizQ zopuXYGhHC{;{7K5G;hn1YZk}CA+L%wqONOHX~+sTif*3 z*H_cOOHAX|3112Y#Amg~hqJS=95oFKramQNy3YJ5{i`m~Hh*z`*)PsYh|FC!V~3+{ zK)tF@-hwo&X7hbp?Kzr8-vm`s+}C(cPFYaRwT8_sW$PV_E6RVVfq!YM5)|0bYlTH> z)>RLZ5YQos^RJH}I1KznJ02Tg`Jq8Dj`*tkqj1CZV;O6PatG~Sr~Yuu=h>WsD6ieI zFP~-!**ph0EeIl^m5CU7hq<%NIkR({>obkV+3!>%UVqQhZSbuTSx;Qgc-$Zm8XA08 zHdVe{Z<)@CT)X!?a>#h2T>5*Gqvx&PRaNCE@fFRfI|G&9!pKeiA4R1_n=ptrCuGOg zywY%VW7t^lpDO=cT==+--wx8z9R_1zZKqj7?0p5} zn4?9aarNQKEE4Tekl-$gj@XCo4rk>8!pl$dV>p)VW9e{5JE1D=%yI7v|F(5RlV(H` z(%1PI0yeXNm1ai{t^pqRL)O9{zK6nx8#^tLKopy@@&w@|5wC5jx%Hbq=NZSl`+GOX z53z^HWU-0s8j*NuEdmbSWc8SKxe|Y>Xo_GhM=OcN1;jM^tsPPd&4)hbL@94%@Zj~q zF?n6n+1Coz%l;t@t|*r#uencDT7sJJ2xn4_F08NLnHI1+6fc^(DsMVCrTN_C{}(<> z2op@;LwT}THavbGHI@h+bD4J~uwN2g>ex`@zmM4Ze+*5>Dl_EH~KwA z=0lVHnzSGtTaTq#dAASG)K#TL8dFcdHV!y#JXQ^j(qdibJ%Z_0Q9Jb_*v`fZ8*;v} zBy)J78D%z&xrQ)gP(H_` z{Ql6&gb7#@KRhcvm{6=DBS)2IuxT7Vd#Wu~t?7Q>`|L}hYn0mWSiT3LOu55vgA`Zp z=PoxUu3B3&ktp2NjZx5|d9Dr-;;8&`J2Rap*NnSvs7>&}%YGM&i#wx{xJ5(Bg^|WW zReKdAD0p_$y)8w9@HJ*zLuncR7ehv#`c^4b%D?dCc6MY>G)prbQca{EIt3!=90TtwIb*kBBlY-xWY)NO6nc{=!%bI!m z-X-=IL9el4h)|)46>Urgu0M|ud$y9v0!`p#y~+2zLXAO7@S+AMC3CI-*L)l4TYa59 zHLtVy%G`3eWNB`CDu^QZ>!x=ay_u#G&Cq@&=3XR2NCalX9~UZ8c8mECXII+}IU_nz%f&{9n|q7bE{l$K-f!||u=GD<((=36pn8ym@wO-}vVl~W&6psgqq^J=Cp9=+u;8I{Xi z4e)_60y2I2r_Yd=4b5iL5hY(TNkkT7L!+~!pD<4}^oVo61bx8BMFMA)kE=gCT|cB! z?KOJ!V-s z)w-ZaS|~AiMxx+n(MiRx$-#Lo7^Icb3RJ$tgLppDEFC0_$co+Hj_JMD4WBJP6_iPj zg!}1bmCWw_<=MgDn$Z0-o)RNakMa+jyTaKaGo;Be_0QS*k%;&iT$gKFMCUKph|l*9 zDRV^^^p^&JeeBwUPVFz;uFr>zmiO-XflKCb178#IyEITN?Ft>N)V*C6Tug5gJ!ms{ zLB!#g9KJg3+gVdgU00U-68dj6Kg2n=Jv-n!VFS4Dn6t+Bpvh^Ztkekq@I;!RR0Lmg z`fy%8X2?=qYyD`sdQr&DVXNx!*ssq)7S|~6hFk zqGU%BK2BuNN)28)mk$$rw)^NUse3RM2iNDhKG-e3LbHhbp@O@cj;u&(=y zaxfM05M`#PRqOQ=(yS#^RrC_!J1~}zwhr;3H<4xy%W2;AL`2wBT!-Qv{_v)crAh+? zrheOB`P23DJkuWAkT=YBzil08E%f3f#HaLz&Bci8C^Sofamd;o{_pjfpyG-f&(Cj6 z>N`A?9{NHj-iToC5dSj^pnTbEUgqQ0aa@ML=w{1TEP@Y5HLXE=LdGk>(=@m9er9dx zW;t9(=v}KqMw`)Wb4B(`+`Xt9csh~>#y;O`&Yv(o**{bMG1Ohb*phnwd#;iNSRu^O ztAF_H5GkN-lw(1Cz3#47V5HaXC+HNP%4#UKU(F9HZ;Q8 z)|*LIC++auT$PN&7Qb~#aoZ7%RGPxVJ}_oGo_b_!`;)uxZ+U?^Ulm@aI53}4UQG=v z)XmGBv9K~}eFT6ZCjw&7665?-edBBRc&q8pbb$Jgi79Df2T&ic(Osp6a~PBZ zv5-zG4qc=-44t-(y-EzTnsN7xz}Yme$%n%7FZO6;Jt4stic?zn*a_IO5%TmU2wBxK z9j!wL@PX)Ml^Z!a$+2h(s(;1M)|E0CA3`cV6JgLUswYqiGBK?i33btlI7QD7qjIzI z3Ce$$hL1;QN!b5u=mE@b~(hm~88)68h ze2-`tGylj3IKi^k$Pms!eT#P!ax|c z^7lqbTEO=Wu4{a778&4vXPG9K|DA1GBt~_gLG1B+CV{n&uThsD-IfZAru)&4;5z`Uma64`FLOy#6PY)3)5y%_($qsPs+4#G)F=5d?6MJ-RUYXe5=llFTDHxTM zW_2YcwENw1`)Y}rVwILL27zPNB%I+wX%_*=%k3#Z2H^)H5NwPjOceskq}9G+?YX_qy3pqi(i-StXXr@(nV}_eN~@RQMg%=4*MwIx zOM@WlR7E_mJ6Cm6Q(mkfHD^Ee8Sdu7#DC;uFq0w-{H}m~-QeE0*=w&C7vDUxAL*6LbJpmnm= z7U*AaIPB1AKi8{=pc>KakB~5a=Dab(R2HLqD_AVl=lq(>Fh+}PgPnz5`c1<6f+=PA z_FkASk;magIRY=6k0PH+=b!6bQVRHm;KSXrWle|fs*94`bn&MWGBF4lysJRa2KN)G zkJ8He@#A^@IaKlGjW%35`OJp{e%8UKca3wY_1&eBSudKYSP8tjzL(MQR9X&m?#~aa z_ZO@CKNk_vFKXm9aaEyU(Wp0z4Ti_RaU1&+npVq(0;1sYT++pNV{)2R8?C;Y&}cM| z0NTj1E{A&hJ#SO${K^iH-jBK&Q}Kqp60(F!!Uriq3q3DW&YoV+W2$|9yxEOgJYFbbLuYMuR@`%$hWmf4xoS7#v-i_pu99jn}jD zoVma$lZxT(!=tUg6q(n}BLUK;H|&FH&Lb4~$2c}pQpShGqA=~-s$Xi(&N7+@i)W=7 zEDu95>nLL7$U+v(zPRwdQ&3@Tl&47S6Au$G-!!t3NCTiJm5Z%b8~%{M)MQ%d>90Dw z`1NC$^Da97gzi6qoP2bU>tptaPf&o)K_3U?{Gsi@fF9s~ps~mOglI8}s`x@6gW#_S zOQ>Rb%=9RGfs2#3^Xqx%8l;g^-2)+{FM$^UggQu71UZPVT$IxKurBGBM#qLm$Uj?(} zPE4)%Y@fLO>cgZYl~VZ9^#=7!Oprh7PE*p|B!TMqVQHz=M}a8hUyhl#DzUbQ=dqb^ zvubRC!$1(xpMv!Jev0({lTX%!)37MbwyD4V;Q9(Djgkn5JKQ{EzIT>jb)0a%)Zxq$ z>K7-s3?=DhQqTK)l}v->xiWR9w;@;=_t|Zn*fQgAof6J?@C(Jqeb2l7evU}@*JG{Y zv%~ToL`ry<60pF?OU78aW>U(Pr4U3DZD3)8%3lWjXK?awSOU?{(x^&5Y0|ACz?hCx zn+0=G_^`~!^ebJ0O4Q))L+v+A3w&9OmJI-_hAWeN}G;aJU;`7B#2)z5Q>=%n7Nsy?wo=?6E^P!o7!2FYWeN z<$H1oFU+@MrUYu%eh7Yb)Kki%Tm005K7?QRY5x8Ie;HVfZYKo5!#$XE zR`ZA^kw6~&JB0t!>Ba~D=NNvnK$B4t?Nu+no*F$ncHlVX!ehhG0;er^fmGze;{js_IV+bgS*YgX3OB`;`5yUX{pFcaKuTB^a-vaYu{& zwMG2LK#+JlE0-tmc4fb!sE-=eA>TPHp7yUrQm02Bu#3G(N=j-y4*gJ7RVCp=9sCoz z{&QOe`AgY9Nubf$_@<64bi!wB`Y`U!z*y8yCZhGY(&eL0w7Rp*_O(jbw;#qw|bE<@N?xnj{)t! zl<@Bl_~)a6F_B1K3^29+3oYgoC6R)NVHFro4VUoe+*+YQQ13j%CqjCGYA=!hd*{Ct zTLA4XL4p)2SjjVV44T8jr#M4rRz8PUr1e*X`5!|3;q$Ja_dkiQBxCYU?Hb7BIQG&`1 zrz6eeV_{27JsPwQ`%$Uon2E8eQh%4X?iIDGRUcA!Fr1sK+5XJ1b}U)CRuTY>#MRh z@!sCd-~(4<+y-C^dVcXbVn6{jE70&qM%73*c9H0>Giw zuta{&4vDIhfsL1=e(#I#tB_pU&7;uj+cKk!RB?;<`zJi|_mV&+{k{lrsAD&lLX1Mb7@IMM@K~k4`M{_bTVL$NgQ*4Jy9ZmrCh*K`t#zxt*I_f>Yb4F z!v(?(sB)q*B;z5Is7}Sq^eR87T}*#HW9juQ=z&DRlZQx*o-!F#l3{ITu34%`0B5ti zyZZ^Stv?+)ls_NmAb$e9q9GM#q+d>(ySuSulYn>xjLE=*{P9MVqe`2OKPas>MLb_1 zEQVcmuoI{nPvY>d9h>>K`puM)9;OV$?amxup2Bd4b>3ycoW{gd07MWR>k$Hkuw%*VD=Rjm%vedjN?P;Z>lXp2 z;Zxqekc80#b7jjf9_u033C}Owly&uUN>u8#0R(|5_}G1JhnrelQ_IWG*U#tu#akKD zZrNE`Yaz7Wn^4HHRN?%jwjrupKVgzt&m~Tl>dzN~n?{$0X?nNvYrU{ViDEjOb;K>D zEzQ)hhVq-Es*O`|p9o7@dmWp!DfQ(F&1zQLxT=g#;?r9qaF3sk=HIx{VLX7x|MD{~ zuPo@38bd8XX`de+^4fe%Glx)P$=n5SqV~@tt{QTTqcd%O?Aw*qjOFvjR}u#_t1roaoK67- zsnIc)xnc!Tq&W3JwhJOJq@7!trcQ-tHKZ~DupgTMfw}2s+}fwjLD*Gr43tDrSrHyo z`AhjhqNv#!-j?q3dz+|S5}{C8i7AQ!EAL``nmbNDpY&CYcsgvFW7A0fRHH$IMkm}x zw5Dw(fbUe6z{UB|(b4(m`FV)rqa(P)P@@fz0#yXdD7-?kGuooto0}MbyL-^{nH__- z)b8M`BuOlIW#n|Ecd~uL!|Uq;$fpN@oNT`iW&5y5*Kqux{-;F7t?Mk4UHVAU7|y-6 zHg|La<~dgU2I5|FaY>&zAG4<1Dp?J)HhIC|!XHy1-QWB{Lu*J8lq?0lTD0>H?sQ`L z#WH$M2&c4eK76ATs|;}*Z8imf^(vTUp%&kTQ$|?M>a9o~5i1()+01mlfMZIR&X@MT zfH3na^K@d*lV7yUbjTW!=r)h#X4JNPDqSqRcY=Lz+@MBRd((?wBG0rcY0YCd1_x_d&gyg-Kz>z0<0l)D02lQ`JHkl@@BQUcGLwGnBj*YpE#0k4=W) zgeM%w6_~?AU(S2_hL0C`oI5)A z8IB}*&wm~2EgdPNwIsBfELMCdCy5$1h{R^^n!b{LzjEJtnbmUhf6x=rZp?K8b%xiV zxld!SA)i@kx~|;huj-wCxY;Xkjz4?sSxtagCl?=mP8~HM>wSO7^c0VH-=%$Lbdcc2 zE0mVI??JLY>(zQ6T}Rlb?YJ_Cc^&t>)C!V6F$oR2!!xQ_wsbq#T^|bUg#AfU-So>c?*H!W@j|o^`4cXMmlJt>4fAi0# zV>-QPiJDUYs^$uPc!TKNL`c>WDOaWd<-@LvMgctNXA&u$TfH$=xd0J$e_?bf zYZRlJ#V`gw2FWO?9cGCj{liOLh1uCzV6q?-o-DPuA70eZ)%6*}&!~=;W8?v1-hWG- z3Gw(GcKZ-I5A0I%7Yx+;^m6z3W~pJopeF(R56YUoV101AB2vDgZReli0-t><@a%$D z`UDXDHK+D3)Aa}C25iysz8BfS;E;21DSW;G3niXERP^u+9wh8>7r;Vdw(W7w zHJOUV2W%KeNzPOb*xDjNmA&h8V2+2U*BfI+g(6&paE`T9R>{;_K9kNB@z0!S&{wPL z)8lNLjq=NnU!g6(Kst*)>hzW#Y1H(fuYdnE!`C}*PHd@e?e+s`_*bnBApLaDTw(k`rm`OdD{?zU7j%V+zrq)soyuc{k3Q*Jl};Cly`pI#h>rmij!P(7TAgJ8Uw~;9>lM@L7x$s|SK% z!8b`zZFft@b~QXtlaX{!r?+G|Vf5==(F6CM7oHOc>aL^A#z=;vX@^X30MCnx*2AjN z8*Go)fgI(puX7rX*=&_I1^Z8P-z@1}UPv>a0qz<&Nc0orRtciYneQ)&P|Dm%Nl!YD z&|R5hjN{zG^Y^nq?kA!f@7LB#N=l55AltSAJ#USP5T9oWBY_OM+k7m3`>%*!@B1^I zU^Hf*&)cN&-p1cko$VGfz|%aimqO-+lP$##QEkFUL* zMw?v_$^>o~AQ`Q?H5`W1;R4=44p-}*cZ_i)B}!#XD<8)>9i%PWUg2FvYQ{K_o-t{t z1|59hJ9lD2X?eRyGhOCRJ{sBep(H%*VR46GI_-v_I4Lc?4LM|7o3Q|(=xPohggDgd z0a>}?sF}lIq?#NV#4^}C6>q&UyMv@G*FqF=88820w|3}ffkuFB$V z?t5??BX>UG+>DHlV(vUB`^@z^Y&kesG^4s#Inl{>8$y}}=CZwMG}MnLSs<_cdf{>ePD#b=ptO+6#L8Noq-H72 zLqeur$QfjUgOKlebb7G4+OvyMELRzanjr3k*V1x})w4VwLJ{%lP`TF!pkkgXN+|_*Ka_zVCmorg=V5sX6G=p8oYV{C+4t zAbp->f>RiKaMTz_Npvo3(U@^_nbKqZF)9>EAl_=2nsxk0JGJPkIewJ8QxD1kmB{{n z)lu&k6Y$V)D6e&kT3Oarx9-WD{`T8ZPbT$`hO`{CC%T$zcVZmzZ#(CR9pNXn2q8S^ zjn{XnpK&>A9naf!i~4B8Yzc;2=v2^-Mn($DMww$K!Sb zPcNF5T^NKh7LL?(88nq@yPaDesN8zFmQB1+haa-*@}Q{u!B2)5I&r;^v*|yj@f zr{m>n*lDcexy>^Re_qSe93NTRhWwE1v+(6Y0yQl|({<$Ah32Vwh-j&=nDDC4JE3Nj z>)BhQi|-yV_qhU}iW7cx+OQ^|Kg_JWEB9$gSKV`tkDBQTbgRnj8D5e0b&Ql}a&0c4 zTzy_#A!|nbAE@$s;Cr8Y(`&t2$Ti=h9nkm4LrkTQ<(U3C*5hOH+H4;PkK=K$sU=UU zx1@sY$=S7gOrK5&Lzq39#@>ynU7C@njc+wzDiZ-Wgh$58+w2PZbARPq^9pK!S3rz9%!^|g5Or9h}v z?KvfW^6$ce%QYK6NN~fW)rc?)%);fQ3IgG(l;bi`EV>5aHRA6ye0ZV*`udbPy&vLt zIjyVmvqzMps%X?$VtWw~4aslNWv_X$OsT|#0+WrrTD&$t$X8L>*2v|@uWLPxXEkec z#P;df{WBSxX16gR-?AXJRQBv#PCK~?PB zp*VFOI+tDINTNI`Vj|*`*oGsI&6Z2f^1H{r6|$mD!Q@&%OeyJN2f#Bk78;kR7iWj| z5i6V3O&q|A8Vqo*d$VTeYKrAg4HBJ;rwBK&(Na(ffdcc8g63M zP&G_c%8v0sE6Jj)TiL%+jjI>lxEAemv(b)$Gd^aV^!E9q%t3Bfva}(gaskRg*sqv+qF! zq=72CDX*oA)o4!z?w%Jp=+ng8HWJ$H08`wNS`>-Pp|j(umhGSJY{%HK>Nbxn&d*Oy zbe9M*)0}Phb^Ut)rJGYlFK;m$J~jJzpKxC{v-mkb=F8u`+?`fzyzbYlS#B0N=?uf3 zx8JYD|4`>We`>qu_Bv8A8Z)=F-0#}7!8_j`_;MC1&`p0*DY1I&^;CT&mvi>3HOOp# zB*nkp;=H5+hszDHJ9HiGwm-JYwaSH4W274$IBgMEv&3N{lNAL*o$5lElIjdG#Q7dC z&P*0c|E}_fjtevVtn?dQ$kPX_p+3mN1S_Q_7O|AcUw?{R23)1(NNtVRc2P!r)7-qe zO&Y7aF=J2~k11|&wva9#OjT1Y91J94(L^TF_}$l|!vL46=Hs*N2|!Pf(!U{yMjm6f zDhU4sl@D1qY9}IfUp%(j228 z?hy7Ec$N8nV#&W>Cdx~xNgcr!>8q#=t_W3rtSMsBbyRoN7aRP*?CAu}D++Xp#JL|k zm`>%+rDACpl|_EGRBKk)u=P?=uc+!d8m`^&NlR;KWlm{VFQJVU)SAdWa#A*R>>ONf zZHhH<5D+p5rY4DysAN~vfNvsl>5|f ztnN84M$J_2kIi9yB%wH%uFp0o-;>{g!>`4hFHBk5AMlbAHeI7Iy3LtSMMVD}LahRi zgBdh^I{tp?anq$uUu*S?&oHyC+7=C!pV4Tfa1MMsm)@u)e38a(Oc8SSu;)!g1%w?t zTI2ze=Y@WHc22WC#RL@=jizV6WWEHzg&55AX54;-=E-dAkw%kp_7aC0yPXGli%{L2 z5tNMOX?1?CC+L5FHdW5hhBllX_+VFGb#!!i+AIGN94@dcqF0VJ!}a1ief*HHdzbC9 zzh7XF0j|G7fC|C>cJ`PaY58gj)$N!{r8;ToM=@u7I@j zl<>A8tgcGvcB3p>jeG9icZs>Bfz~O(eo`4J&Y)aiShX2&DJrRnRYQVbtw>bVzJa(WV6;33sE7GO&k<*WY#e2cne(75HO($d#F#FQi0x&O5B-W z`<3B@ds%MOIbcbeAwYStdu{@sC)s}5PIb|p`$BYCrFGx1E{o1-?+T^{)#wq}Vgzje z_=p@jVx`a?sB4|Zk)tReJXE~AQjy>Hw3jc`UsT#%+}yDuwv{8eHEB?e?W|+eqb{ED zX$V+o0Mi6&%BRUt1|YDhi`*hpDQXDypSpS|8YD$Jv}$}`sG>2Xh+32*qJ#4OHIO^gYJ=5nO#)joo~ zg=1C79>=*Kd+LCA_bXEIDpj$6~p)3+ali^BJN?<_Q>B{0(X=9s}RH-B6T+Y=QL(Y||l)cb! zUC`a3;k9f#z)Y=7iTLRWw+vie_GjY1ov&O&b4+393ZRv8W)t7mLJ#3QtAP7#Y=48NVfUo!4hn6ExDI9H8uj`#RL zgeK`3FRsFo^4HxbVxv*34e9qvuX&_+!Mt z^{i<>Sx1$O47QZr*08RYF8aEM66is!goe_p`mgp?;5x^lot{O$qsGcj_Vwvq3gf!^ z;69YGt_Cq$lou-%^I}L|j0czci-jtkVhIyB>Gp~NeZ{M2Z8E!Yu8wfAX#L6C_Zy?n zLOId?`y-a77MLpj>J)3aco-!{!ADQt&v-rHMU5oyz2oPR0)#-0e&>|K(wEd5H4@O@ za)~qeAiHq>8J|<(@v~9Tk*p6FCK!Kh;iJRo4*NcW9p+3!gJ+LW^ZEOkAP!}oomof- zCix0U$A}k?ridrS>7Yvi2%eq^N7VU)yHD7wyWt^bQ6Ne=C5ecbOS2~gHY`vz5ZgdW z@=f+Jhtf?;uI#SYTF!T2q21{6rh6o_7!HokvT~%PlOB{J7JBI_AX{>QD0yWwuxed6 z=sRjq;5rFS4`;5;q7YJzlVZ`7-OWymH$#N#-W8mg-OPP`|9k+h4`5q3*L85+V^cU|Bch-bX^(DmeZi$zm z38LiU&1Y*gL?_3m`&rk|tz=ft^AeP~-i~EUa@`oduxvSk1}L1ZlJfc0g>#)H_MX#_ zUZUizNa?6hdKe1npxkF+LWJVl`~(sT8Vg<%P5H}ze5FGvwDBQ*+s1*9ewU`#>4%X5 z7~P$$nI<;hB!eV-Tc{ZRE}H~?xnZmzbz@xapQ|T9miobOSV)|wt>!a)+i(17wcp=I zYQ}%AKi)NT@E6c$1jQm~2y@&Sjj;R1cfDUQdU|nzrZ1b;nq*rvns&RKh_&Chc^cZ6DR6|h^|8Kh9y1!&#zLj< z4b!&3DI#zuPq@7vXq^*ENo(;Sr>3UJB9*E&B;Zyvqn-kTx28SQy;8w0`jM3Or&~*X z29uW6VEGJ1G>wUsshgvWw)kO|l%(DgvG{!c!%~I_&3`Jmn~-xHq{FlOiBg66+#3>C zz}k6ul(k9-cWF?}rs(c1J5#mR3ZXnAW-#-*HnYKv9ey|-e$r5_%0_Vc7e7z)Iq8Au zIJ?o;erXdh#bCePZDmIcc))`mU;2=EZ>Ymu^7WEhs%7(~v@>BP3dNn1hIvsPoU((u zbFV5J&%*?*Z2a5Wxd-A{ySz0?*VFBfN=@8mjaKs4j`c@UgUqDi3!ze#ngGnst2s`F zqM>Vyjv6Et*!YC(CDsVXofI>c4I}Pkk*%S9to0|rYs-3XrgABzdza-PI!3Sm1io2WiDOrOu86#Y z1^4q4p(}|-8fjA$vT#y#KNao}ANI6W$XW9*7>!%x>a4Y+kK0tF$Z#75$;2b%b;n?6 z8L4Sf->R9Jx9UiF%;qHWua&ETFprW>Nh=D8a@mN|lM*?Um2iNbauzyaL_Rf@%_0CF zod{t?Lr>a!P|d_AFXo4<=OocbpSR|xiLg6|7uTZOfftXknTg@6w4{utrHf2H@N58_=fT4DT-RUZ&m8yjb z6zR`amg**MxUze*)d1pHtLp<^ZYz0OStewHkv_gUjd4OOI92XdF?q5*nKyv-$fO_T zcpj5sowSn)jH(ScrJKA{mNGh1tj=1))D&OXQCn698l^T@TMl`V`ftPvd~nlPuUFUg zXWabnP)6)ibKXGI;dPXC9bjhmeDtG3?D=6M@O*L<%NYZvUY(a3fE!67lcRk-4qnwN zd8<4FW9HDZsU-dm?&iU2_{F?GV+l=Fe|B8YKpF+m*_$H1RTwlXekQRQ@lrk+9FTQ#nUiO9fbO@)M&CC*=I5oD>gW0RYGQT?A z4Lj$jgs@vUZNR;x^rnX~VW8tlAiL6x_ORZEEj=XFfcA|%b3N2aEICiJI<|gDyo{F6 zgTUXnMx64|W)pkw};XRjB-T7fmFVMIh!8C*X9E0G|mmB@DO$^dVRH;m1 z&R-7^UG*(1CS%|qs*atitWz>^6SHd7l>4EBIwTEmb3VahgLV;{ha0;+ejG)vj6RfE zmmSU^<4n`tTl%6xA-TEniyyB8*j+>B{n7Oui;F5Y-x=Wjks#o^Sa5iCrA^cCNL?X0 z=m^eYo9(g}Ot1qTRyv1(zBKylB(R>49up(~k|>e)cD&ap(V{$z zL4^MZl)|BnQKr1UnGY4+3X?_JC71o$MTNca7D`} zcr+a@+yuT;?;6Ff&FfaaP zY!od{kwgVIv98~o&EGBxzIuaH@T24DION6)KXgoZ%Wif4IAiU&v?sw2!^h#e)doi! zBKG}zKnRjRDKt0DjYlISd0me5YA%;Hi)g)56$2PK2)iWt_B=-McX$c8+RvMOD zbEy)&B2iBb#89?}1bj17K*5W?=s{w`IqN!<>ARAS_(C>rq;KSZG|(8{uUKbAYn3#b z#wI4L%{fH&AEY7gB~l=V^W&%ie`s#QQlci&pS*iI5b#=JWQ?krZg724mESxrC~r(6 zt1cMmy6A-QYQbV&YeAwvHH0Mn6O}59qo*o8i8p&EOxt!dRWr`5 zhAsX76Dc(aT=vEv^bY!i&5Tb#yUpKW|%FE9tviLDSA;=Xeki>GQi;6D(C)wst=AIQM;&*aC z(}BtaJ$~CB%Q7B>9i%>|w}x^6$Oflk%C zO)p--L zX=__eZ&G&vt;V$~kd!(Io4`hxD6b>Mw;bgAeHs5ZyV3>+pV$Nk<$bGVFajr6a1G{H z!`iiJGOdVv`29V9)9n7JneVRVoT^zMtIrr9ltp zTAV0ueCYwzHh+(}P!zOZ&F+D0KrrUj?GkJ)YV~ZuaGIrMbo**hxSixY6^i&@qSc1^ zLRX7|7!D2E`z#vOrag>mb1AUZOHI3b^_VA~2;@qPre+Gn*dMc0R?q+%%sr0C?S$ve zSCr9U9y!IR8KC`BPN-zD{BtIisoGED(>JYlR_}R4@}`58eU?w{OfuCVRxImSS)bk7 zAFs#ZAbdm7sBT=iXy(0KtgFTGAOBv9;}JJnGDZ58jpvoD{Pf!H&EHTl^ML5xvu5IX z_nUjbwDX%vNgHm*rd5_y%%4qZ{y`vCM36BBT|xz@=g*4vdKXV&8tBg+1QXLSGo0#S zAKC>R+DjGKJfx2nJ3Gt<;7F1F=+(0(O<*45D7dbz6x<@IHegUWBVQtzxb=V5y>zmq zEzTvw*yw8t09NV){5b=nd-|Qh64A+QJB2CZWXq4ri zjdgOSsc0=?$2s~GV?KmHx4s4UtS+TE)@{)YIqBe>+}42L86 zq^wv0lWR+;P!9=Is^~BfXz7gW+XyYWgD#@NF_z^~r;>PELqgJl(=@8N(R67mW(>(A zZw+f=M6r`rJW9#@it0no%Tt(z!8p$u*9?Q8qDV?4)z+HMqe`t+QiOguKFB@GSd zzaa6l_ge3k%*apkB~urW^5Iu%j98oNBQ-s_>^JN_%BmTBdlQ&XP>>hJ#N?FFXjoPc zR(L5|?bzrqGvndcxSaC11!%dA3FX&tbr>N%Gly2(JA=UkAt>`q)&cxw1&V?JioX^h z2}B^5K;T&AIMNRNI9^ot>m=5Yj-z?aw1Z>Q$^n(k*GG4cfrB-8#xg0twgM=5G8ZxU zmh@T%3^giLLiYx52-g0a&R3$Zc$t7h-s%86vCg%25r$;A66&ehoRdg`Xu75By*(0S z+uK`v?uy7{cWmp0G&m`tY=jx1K?R?$;!DxaYTTF+i&e`E>W2!&6&;y(#*Wf>M+JQW zUmU^JDh~%N-Oh$~@=|Dbx{{?b9=#?HY@9CbdsFSjtewo{9?9nOYeaVijvIZtENWWP zTP39`kbb;Rjj|CB&n3r#^szUXq_-Bs!npOz7YR_{^dEoygnRlpaB8zlCs}Qfyqa(7#YYqKohx0> zYShrNc*sKrg0YNUbn~wr${PVmMoC1~Ha8ZZQxr(w=W$&GChj(X33ID3L;6#Z zJa25~1$BvK(BPmCkI5dYL^r~Lk=Q_se&5YWMGV%rwbj#Y(!#8Ms-9*1wYNBbM9+Nh-Dh~09FBaiTwgvqesn#(gaZcstybNKrC z^MU<53(L%S+GIq;=Yi^325*7<_rd%34hil$i@Wn#=cOfgBdiE{we(z@%XF^PCwXB< z$2X4nVJG zyA>>7?xNX(om14TKRr|l7?3>J%4VeI#I6jbYIx~fiJc%Vn6UCejqrQaK^dwrOhJB2 zeTTxR6>J;%bV@s7(;LZ8d6Rw|2#~NOF%0S-j}Q&*t>+AqJfibMsXr0fG{M3A%vkf- z%aIjA)iN9K$Il8Yhmpd@a$d1$G^j}i9&@=%sQcy5UI1k={oA{7&N?)~DtsZo90EvT z1^h~RHX7JZ4&Uf}<8SIV{4|4WxZ2v(r&eY@coZNpV^bNF$byFP2~P=6H;G6eS&b!F z+Kmgy6o5eFG)x5`6-Vh8PX7ORR1MAQVuq(c)OcdK&pLf>z4|S2FL%==N{|`E$;X`;)z;-cU5z z5FkGz^@90_R%qZ)(hR4tk8?}Ib02-D`%y(z5OFxegd?>qTznYDlBd1rMvOQ(OiWFb zJecGg6$b(9Rb1&}!d(c);9wvm)z0d;bGoqLzBd`5ym)OSVK{6aV~e(zp|$qU`Y->pV@5>|OI(t|;{)HAeOa?Wp&B^_WDR8dA&I?oBz;xDToWTt?lcJf;`5 zj^L;X4T56(NYBlgB1@ku)SD3kRk)=I>-at@R4rrN7KTRw+H@uyKr4p0|7 z=@L?&<=Z@R!t{PV)b?UeK_bDJNxkzO*^%9+kHu4tc134dT)T|@yI>5(WBRL@hXB8cuel~8ZFzg zSRcyTv77I&eAqp$J-ZOpBGWw^?|=FA-qTTDnAUlYSuLowJWvNx!$j5Jy?7Z8GMBt` z@!cpsp+RKP*>wa-lk&RC^YQq15#vVM)|oYzPWEZ&2?=?6qPr4^1@SQ>4531)>q1>FdOd8`c8Rnitdv9UTla+TKbf~6h_?sSBPbm zf@Z?##3#g0=BFE^89kN0h|NSwPj16@s*LmtX+Xlco0rP= zwbLis^@k%X2uZ~z;o$N8!>dOD?EY|HOfPJFMi7yezptxpqV?DdBgV3u!9L|L?Te8n z+X+RHg%C4v7!62z0XzYefEH{><3$O>*U|gtw0hS17xaXNmFr%+wcCsC$PYJtSeDrzU9U&y zi(bo{O$iOws`ww5DB-o-Z*ScqSKU4CdmHe+cQ;pJnFvrs{64sd#3lC4NNPG; znc`_A;~C>a^X1jL9_TTW>svfR-SFP}5GH2F;yqdXga5ud*khSXc)kA*2=`kHy@g1= zcpnkFKk+m^?G&V>kZ$)qujIwLY-!i6H)M!g-ezg=pl+e%xJr}I+?R(5jL_bk8^2Yd zR|Tz{@Br;3?_1;2cKV&$#wtu38NM0*VzA;n+y+>%kNH(rFs}$$4$AC-Hk-fl0~XSc zcs`QA=7)IUQi8>EXC}s7a+jc|(!1k2E@cD@=o%-m+55cc`!zNp_cZq!es0=1W z*AXdRlqEhc6;7z!NM;ts`9#m^0HYDK$(*H2( zct9Zo*v-;m?eIc(#(;mi{Po!1Tx!?E!lnv;2f6rjbp60v5G2ZL--qw=W*i2Y&7$s5 zg`nsdx=Ey=tJXASGvl?cGR_oW0(Hp%9JiKHtq}J2>$3Z1FwF)}n2wX!5DkVu+kygt zK)SgKEz5e+8LHr|PP2-(diNI0`1H!rEB_ndNerlZ$r>#Z@517<%>ZE6WL}ot{R2Ph zn7h#2tu%e$A2Kzfl(*poT7Ld3U=Q1=Gp#CJ2y(!3efTz3#j;4pag}7`l%HyY1x~#P z?mhAuRTlg=tA{VDSrD-M$L`s`;s1_fKu~MZEdRRTsp^A@~ZJ!WX z+#~`aol$pzkIns|2~y*^DDL4glPvJHuD{OHU5CF;nY*fzffoj zoGdZi)=dwaI4rL1-2$L*m4T?C+y>4%;$RPD#mRU28ML!mGbn5xz1I?s0N1;=p^Pu~ zZk)Kp-lyLj;TpKPG#!ssTtElr&f6mE*-sI zfu&`z-H-TomP^w5{`S16<*) zbrNm$ENZiiA4C@!E)OKSOcyi>KP$*~(RWbdy{3X|q~vDBGzE7y2;cT77`iw=g6*d@H9C=zWHa)pLX z@EMK@PeS5w2Q0|c5UFJ22nP3L^Z8390%3}ZipbNYHt9g@Zcs3^Kl>>QC(ruNz?>P! z8GB_5WnTy>k)wJWN@>UiC1G{-{TdYX{qP3}H;<=1G^^0&ybV98!=`T0jdjJsJF;tE zFg++z9P95K^9ChkMALGgJ8!hITXYMTzhK*|<`w%Q0Yh2iBl{$FrD`R!t|OL@`UUnQ z{~m(9+dwMsc)B2FQv_^47#%abYIQ1z>GzWZG6ZILwSRa7t9MQ{Ce0t7JwxkSC5n#v=AvGRmiw~ql)22sLA~iQ9mb`siK5+tPJiTTE z+&8(uT#n3-#c~2LcK!a^bY&R9O-1|_PGEx(H0E@3{vT8S6lF^nY;B{fY}>YN+tw=E zwr$(CZQHhO8>{fwyZ71ce0Q^Dn=LOgN5qKiBcea;?XJ5z>e-#b)sw7QGz)%oMUP3n zMcbWCy+y}PaJbt~k}p`;(Fmu zPBtSUjxcrziZw{oI=Oge)&1Qirytqmek4b;3?glhTp;(=aT-*Vq4Dz<&YqVIKxKB^#(B>H*Bss^GchVLOf3fziLhfqb|eV}reg$D0Wg z#7w+z$V0Bl)z9ET{jQcn-+r(23O<*1q4{sN`E8a~T6@d`Z(Hyd3-&1UsB|r6Tpynw zp`cpsThyM{&0QbFkjj}Iah0E=Z#=~Bvk19I)UBT>zDJ!Z9XIbjBnQmkri|*SzZxfTBop0E-dYf-st#KYc%qO{41bhh0ProCx!~&^*{hI9izLuACc~LYMxj zJ*j#Dd3Q=*RMm3AxW1tviJi%SF*EUaNgmfck~nly9#uk}+&<^sMsHq+FYUNLj1xw_ zadeC}c0C0GLL~vnb?f9$DdwoMpGH{NnuQt?mMc9xc!A)><#`2!|A+wijYvz}1X{x{ zDzY@Wv@JpUV^Pepg?LAEjAL>K}E;!(KWJTF|r92*_48JYTbm}TKhB_Lv6OszeI;f1-1 zPKEidacgmcWbAn1Shdtpr#yjsz0^R`$xvyJ%bHvQ@re>R(UaJ`QJPw6X%d+hPvyi( z7*HCtX);N{`bPeBA$F;L@aaHn{;Z80BR%nncB0cGvF87kJxa;^Fy(O(-UJMm{Qm_1 zdfez~7X50O3vbwWkw!JEC4-~Z@kz17-BVl6t2$DP7Mm~ESNFdC_rIU24ZZ)6a`QNz zM=ovYQClsRMbh@&x_in!fMnX8FX?edA;(c+Lp8Ljo125%X+qA0U)<)CK*yM=>pHh} zJi=vxxQH+lC*~2fl{T_0IHmhf912~@j~a1hITBs2+6ljykD&xoca8scC2rp{AMe_e z#f_KlL|a|Tx!#<4(Z^p(BaHr+UBw#s8=SxM4^kA4v9{{a7$FZ}qa&Tzk@r@}*(+p} zJC8br>KHPRD5fko2;ScvQfxkuy5hePsYW>voa%$9D?Zy(w|sr?^RY9lcVF>!FrCeX zb~!wq$wo9ckxaFwsn2h-^Lw~*PgT=~n7o+7<9Wx{bh5yb?za1n&I@fPQq}kO9~C$pb-YuW3!gRh#_JV^LT06vYpS-S51C#dS9Uh z^!!#*yb5isE^(F)(ioOm0D8ExVasP}W_S}dLUh_y76%!~EMvLEm(en+mT4yS1Gd5? zlKx(tY@vW6s^pOJ1=&^Wl)qtekrk5QpIQ8`bHn|o`J!sJ>$6FVb|W~ufo1->P) zYv&&KE&39UgZvfj$Jx6g;3OJF0B8M7d!zlu@$)I)S@ z;Af0x5@!&KB@c?qR5_G!>Xo#l=vVQ`JoRXah~-o>3vGb1#815P+1M7ogUie%JiQ9$ z=lm85GTx+_eP$W5`ndhgM5()8N{9ZGsQMD4{##qs6Nd+g03y)hbtB4b`4o`}vD5}$ zMXCzL{6=(8t~^Hn?VE$Z*lb2p@io#;bu%C-6630(?>BPkYBI^9|1%Q92PRGZ?^#QF z6ZnVJ>%MHDLi{5dkV?s#^yxz#*Q&i8(VK|u*p>i$azk1=IT7u83O6r00vc6B9542R=o59__K zD@qmpMK-u%&JfR3GGWAqt^*&h1m=aOA_pVG83A6c8hQQNI=!(v4y zS%>! zU%h^xca|$VTwn0X_r$eqrIs`3ii_(6ZvLj?_dq=EnyXmUZ7Zsxm+l8&g1dlX-{J4% z)bD_=Pm-%^PnS>Efyh+vbraX__l;hp9 z>HA11m;0q!j=M8!?)vwQNvOV7`zI(VHDCLySl7lS+E>e0hp{1L`o2=RQam&nBLAFU z1VTb{d7+Y5p5fipri?{_y2X_g1mazViyF7aqI&wa{ybXKu zHKI>EBgH{JpFsntjv>;;Put%+>f``yN@7vJWD!Ny%SX2_9lRECCG5>41U#$)w-T;v z_LE1@!0!=G-NN5Ka;sqGtM0tPxJFY3>HV2QneZYv#3;ZPaoAomKNifG)yH6E=FRCo zU+&G+sm22?Z|il7$Un9nuv~eV~46i0sw@WkDAN-6|~q%Gv-f^Z`bV6 z5!?+0l$wOUsLcGzkD0q+1rO_ov+^D3F@VNoOA z?I?Y_1S*DRnGw&ofPY_aB8r9ti$+vy>aTtc?2u`C_szKKp|Y(il9Oe;ulSROG*wZN zQ)XU|D4Jmvv)vWr%O0*So%ucYLn@a$@%{!E&hFf_Q4OJAE=eck|F1_x9t3oyV1Ykl ze-!Au;KFy5dMXS<6U{>Vn@9u7%eBho2{p&77N&R<9MLJ`BC7eUjGSA1~d00>fy6;QH-MNaB}?zbDAv)iXT-I+Jdt1qBnE9L-(w;Q0+ zvVaoc`US+lU>IOR2_l)CbL`$-&ENU|M3x0J6AvfJYNqAVOJ%pp8BLWR523VRGiFrL z6&~!9jDcRPJ46F&cCZ(Z`p6^^S_lg|E&5+rP?BJNHOfc;pxdTIYjNYfn0kG(Rr$zPpbPkKy!Sj=}uF{kX$voek5jH>DD3 zj1+gYI@bb5v$}DfE2Yuu{KDM&HNlP}RBNblb51#qQ>Hb+ji*tyz39Mo!M`n56v%F> z>mq+!s7=uzXgzk^PxFscTZ5CrnyxoL4aa;hCT53`&i~yuTM@u)c$4po3WfI3QeLPL zBjtbn!xjBDz8SdGGvCzxz|xCRLfszU+q~c4iyQtV*$v9>?*7WvGbW?^F4^+^vTbKF z?bjuUY%(34)i*NLzLUv|Th)DYg$jWtplwX+Hna>LV23cd#xbSPk(zB%+;yTU6g7Y6K`+OdI>UB9?7!3>c|fCZ;>H?G=XF&jDT&5Y4sbgV&MyYDh@9o0qqgJ8@?i9 zsRs!^)tL(8hns>Kt{6-(`&796VKR2oGB z5|#R4YwJae@iOLk0)i*vE~1My7`BU@V3IPvAw$PHgbmiiCoai86Qh+%5nG@f9^wbh z8o>)Aa#SfpYAAf0D&mZ@3Wu=22^5fHrn+lr+5&3_ND30gUnh)A@==SBAl@4#rDLYL z%z+}%;)qiu1{94R5JX%EDn2OptZ}D_C$00(f)m{;T|)fdv#ul8Q`i$O@q5H__40Tp z`@V{)oCQBpbD978d1>xlH*VB+7$-55$lz^>t5Xp;x9uWm5aG}$!ZAQI2Y3)`xq>B$ zY|`uZO3CAL4cA)ub=3D6onbQIi1W1Q%8z70l3BosE%yRmbB_}>rRFmOLPY8(`2^)c~Kz=NkT^zg#n`e z<2rk zEX+&1!u5JnI&{h}1k@5o8f%YXMbLfsCYK-565Mq8p4)$WE&?Vw+O)y+Q^?MENX82_*-LmE}S=s%wczdYn`$hgw+y+*e42fYj*e>u*8t0=! zQ?aYnKU?*=a;a~`uk-8LPb4Ax{Rh54GHc&wFzBiG$liYF=Z%!!)0xlXUH%7~*A-u3 zt&=5^-ImR1*OyON^9+ti-fM??B+ z1i3WX*A>?md|bB;iAtUlw%`an$0hn`_I`pF-g!`Zl<4zuxP09}j{Xr`8;?KQ&yhtUB$`I{;>t?`<46MV!a->khvo9bxQKt(uiPX> z48-#cH9MHLMyg_{6ZF~gK#-U-rqa?PMhoWE$qEMK(Pu3f+bi=V3Z9qtj@I~u$HJpN za}xZ>$cHWm@gp)qRF7$Xvn@IaWFMdU1<<0{L6&TP&ReZ&01|<%gpn+X0(N-%|}6GAJHhPa%B`XA%*YaHy`j{5uP_5 z2x=4sL!s7jZ{&YA)1=idTx|&mIW&k*=w_yfY}8m2&>(1vueGFMx5Sx2!G_%RlJW;^ zD=3iuHSzU&XCa3N2W5B2VzC4TS8^6XLFMW4f$Q;#cN1Hu*|T%_rl?#tqV%^w#uq_N zFEp~W1WQwR+$TMXHLyo*c+oTOvpxWnPH9OJsawf2{B+3+1LZ}R8piBwA#2FCDTL;m z=2dIf7jqe^<>#O0TO7;T!9V&4qx&?>Bvq8+c#@~23vbv54rxkX_fLohAf_>bRTj&)(U1 zfvYPQG5wTbwe0#HfWsJhOxeC*oCKDo-0UEQc#)mGtVi{qp%1HgUK?9}rzkR4p{?Dh`=}oIV z`&!+7usl0<^zeSusE^*1IWzXorF|iR{Z2a-<;3JkE+^XQ%xE!;YRP{ULlg=~*6G$; z@+#iHmq*r3AvxP#gMD{W&q$wtvGo;G^vBr$V8u@JV9zydWODdB9b}N$$AJY2?V7@Q zp{Rz%$)mD~Yd0emu`U&S4wTj9L1J8)((RO^OvMHmYU8J@ zZrfHg9P_g&`x(aVat~MIEr4B-p1>pg+uoHqYwWmnLcLm#d|L?z75GQ0!3M&siq5nN zBZ;S?5U%a)82kHFwWOZmGGX*(>gfHY_qFZl`|Q(w*pbj;NY0C0`|{uJAfeShfxoq@ z@bgVmB8KAlE(*HkA;ru=S#z~$q0ub*sl@#N24~E;s@6`Q`Ttbm5!4Pj`BmhZd&D!Z zECIM8QJMo952XSwa#A|@xXztI_(}WoOg{7t#FF0S)m4}%=yj3%2@{Kr(a>1q9U6eg_A6pP-5Ad+Xx{91dLQhtG55o3q=LVVpZE7ShSk$ zwP@_#*-B|yju@=DhXC3TT*TU6#a6!g4aX|{@y@6sHMr=PEQmW&_Vp(NTN=7 zSbYge5Ls}L7$dA7;=FEJBnzb>-qvimY~8%0Rnz>P4hKf1kaPJpl z`7;C_71k}!jS0jZQ7ZBv{%)R#5%5!`*&b0W8{=W^QfjW6)Un>20xZR!2)hAmsV9(X zrahVli0|Q8tq` z`u)Hk>{gBh$+Y&ZYY}y~akwEEI6j8iFM5fYS`4+k-JWZKjY+m6Bi!t^MmN%Gej)RZ zVoTLeuOCh+Z8u0p@8{<$e6yy@ORBy}XUk6jFQ@UoF5{GI?>(Nh6B%6(MD0_4iff@Z zm}LpI0N;%`6+{2Ry}<}!dX4z%NjIGTWfjk3qMyL#t8IvTt-2Eg&DUYfGyU%5%!d^t zitlH!XWn3Nq|FiZ*|N7>y=4VgXZ-}Emj3%D` ziVnMRGS=rzvh;=^t}DlTAplSRn4Ze$Z}s7SU;5{Y1UsC!^Zq@i=A}a8=EJYlC1&4= zD=STWnucLd-6ODUXkmFkaChD^Y9~|dIa*pFMrf8G$J~7s7tWNeyRDsBy~k)Ckl7I` zmG*GgrxNskR&E^NjPO7ipL6`RN>zl<9Ik|Nn{~R81)*g%GGn$)4{L*HqL4l*k*8Zh zNlKt3M^1BlmijU?kPqIjVtElZM+3XD%*7tQTAlAyXkmZpl-VRMOCc<=#$qLNf+7c^ z*r9}KhMpoVLt~$Z&ZZ47XM&t^1&T~JG>ym*MHddU*tfVZS))V^hG&+}xQP@%f)TXd z{#d^^KCyy~q$8>fA=elJ*r#8}L=@-?gOx(@`3}fV62rv09vR1mEMY5kVb~S>J!)Gx zSXjCEynN*v6=fu2S?$kL)x^=ZvcEWQj%}sR;5|z5pcnTKRs4XM`ZCIn!n?$Y9cVyQ z-IioMeIQ{B6pKoxXW4oui#sGfqM#sj?>!e`x>h|9*kY70QGFWz?Sqy+?GRM&#H=cM z7@)fbvHUgjL>jx%o_t^uw*261m=s+4jUPS!ht&BjBba}9p+6L#l2X>hFTk7M7^aUS9^n)Dr8Ccr3TtB5K z`=)6-J*c#=ELbL--|RK3R26}H)Yb!5IZ`Yp*Z6i1wGrYIpK2VwWcz^CHXK|^)BvG$ zP(}cGwA>U@R=rwH zRr%3MN|VWTBV#iSNK#6wZE<5B^d%`Qf?skY9@BM9X93J~04nbe-_W{QK7Lq>4m0x3s6I3H~E@i4KSS!zV-88JJG z9q0n{UwyG3%FL0QzU&+F%4TLnv*+jMi;}HXJ`4EtQb@cbwJ()zPy-kFxy^qsPR`Dv zg!c4@H^%zB{|q9KHv|oIeI_C@l~`X-_bVcQOV3BUs(UL#Q$TE7k>92v3G zL}y;J+dmLEs#WSDmcHMOxeg>VsGt2{H(-36hf|GFR$i};d?jG0*}hPW*}a{oonv-1 zX|9kjClTTNhstV3@fM|7@sgq$uwm2-PwT5D3*l_7Us)KI-{!6DQ;2XE?Jk=OOudMa zEj^!Ge1y7=CmFr`i3X>ayTubwa-B?>^}Su^yBPbwzn2dykCMEyG8iF;MGx~$UBB6g z?mk6U@$sG>Zc1TFAG=7@`29~^K2bBOa(r2s-l1%HCtNNkP;!OXzS66EP32lVzES=N zZSHQ4jd9zqFKcK%>|gWgC$yQ}OzVkeisz2g=6drYy}W#B?m<+Z>P8V_#YPDhS5yCw zT;hc6Hz>?b7CtoO?QdS0Zs`a@gcq_a9n?X1k17zWoCuYIyG<+~iQwEsIED}b4Fjv$ zXT!DL#6a|*ykxSO(=vSB->`1#);Z*Y64w_w}l%SZmkPdv=NX<$o0B4uC?iSrAGFQ9urcYjDYe>g^Um ziOIxpa}*dU#MBetgyj>Hj1CB?t3grJ_XOzPlmZRqecDpsWFeQRFk0@rx z7bS?PMX5IK3*J_5Vc)#6(_Y zqKZXCVZXMrKp=u!PFA_=QkZb|YQWfSp$``>)Q?iP&lq=7!bE11ITQ**>QVN{?`{ml zwKpV~w{z>}^)L#MA2zpL@7||TNk2b6^o-aTMODnVQqcFhKNwbS-PFxo6Y)5VW@|rL zxQb){-cWab`Th1AU$BaAhk^-jWar88?~JVbj-dhJ4>Zb= z9S=dRozaOxE?%%0&Fc{MkeS_ms)!gfn&EL?t|Dc-X96js$i3fZDouaUtLA`9 zDjd*N@VTnH1mo<04h_1_far!?boh%e4sd%M1+bj`tRKh&8x#t6_m~0e}WNVuX!+0(Vt&aW~EtS z)be{GD+S|{=?`H>1oy{cJVH{(7ZBh5`=mmM{l`^m?RUO|`4%>vFM`RE;K|;8jgcIj z*MQ6HroBYk#-u{{&kdkha3!i4KchJkDL#}4m#&6a2^VWBR4oV)R;w={rsoL}JkuiU z4U+G3)fp0-e}}k6@eP-c~IJM-)BiMgL(R4?m|as_BBI!z{E8Wd5=R3j9i#;AAu{HT4k)PD0*5wWyL2z{AY_ z(Q}$flx6E#d=J6ew6i9|Wvm{j2GioN`ASa+II^04jf79jcWAL2%B0Bc@brm$ zM06n+VYmg8wuzbIg}a>O7f$ZuY9@p+eIuFjDd!Pzd;(6P`zPqaD7m-T`OUI{ zV~X{$@}wrctwHs|L6z7iWA9!gevU#=5KU^}h3;%l_I*A3=dcO>P`OSLq9hx&d2X3AEwZ}t$e~LtiW_8S!h`^Y&LWG+0;wLC z*%lygt+|DbhGRREA|3VHTR|m)GaAT*W^Vl5GzbskiWXW{xG9GaJUaXvJ)b~S$b}AF z7LLssWl8-$nhn8N%7v#!tmUxHHfwEnDkgE&w%{B$71|v9U*TtlR!$$I%i6FzPZJ3o zx{-fHNTW`ltEP8KyN*kzRR@0Ih#Kv#Jd?Ffj{k>6yg1^Jbtd!SI}@1h0@a}~9hl59 zU<@z)tehY!?T%P-QgR(LImy5;-Pr>*kquh1T?w(Mze-Ysl!VICgPv^Nn4z%Dn5Xxm zp$|W7@=%ri8<`&a+lq5(t$y?xa^)ixgY^j}IA016UMU-ZSlssL8^sCAJ4syZwV5xd zS>+?nJ7kn)vFV*^T1kVb>v2DGjpfOxax!cAl+BAbJ;rygnZzd26w%d`)Sv#3x4{ztQDd?fhBMB{^zpMW;Bj?l9&5+U@CvuVObNX zg~etqJYzO9?ik1C@wNVAq`>o&Wofm(R1@91XRXR;b2tuVc57nq2~?2EQ&1iF0LCVEI#{yD0XU>Vx2Cd^?jnxNI`>1zkHZ zqvkWb)p+(a%f2npVS8oC8$p6u=3ID6FvS7mm5WvTa%uKOP_(!+WqU0@~OzmHq=LDMWJ z{XV6O*Z1|K@h&}(|6ec&0%!o~fiYk|5aJx!4L4k8F^3yNbxz+3j+MEX>}f5cI<>4C zDaP1|5hqI;a)m!bK!Yi7UQc*z?;k(+(%i3?$N}*kG%*z@I|M%`VX~@ixZo?A3wQIX zQIRoc=fmfCxVgn$sJD(r15UM5Q*&{0uJHZC=IXEYI*%N4BnV@+L806T5R;0bhQHHw zKTg&wf(z^!=WxrnB?b`orR~dkC&?b3-h+vim&WNEnUmCB@ z;+POy^QL_YuM0v}AeN?J$HqWl5@eA)u%d=xvetuwXeS1Ua?6?~GmwDHJHtiTZdU|8 z49c7Fhl;qA)%(J6hUB-XRfwN*A{n~k$&hSz%1$Ajk?B>3j#oVXLO~Bt8%a5n#47#b zo!1)j5e4-U01X>=j|X}u64o375M#B5%UC8cv7XbwXcfbTZRNpH^KdxG6*|&!Fx@EJ zVWb-LC(l#hKd0y%jh=3Z+P7N($`Ts$jqBR#&xQsh!6(nA>7D#XS4JBKijXQLwE`Yj z6giJj^B%SdlX9?pm$=omiNH%JR|_|3u9Gdz$E8s#7-{o?+=75wI-US3Bq`ibo`!g> zR}EeE_h~dUmD@VqPQFY>KP-wy!ys7_8y zS`n6Exq@VT+=$ZD-7$<+k;)Cz(OygpZL6W60Q=26?8)$Faj14*+G!3p=UX+H3Id}nMotjjgkqIxOL}~)&4I`rA1-(OS+hl}5s!y5}GiCwOA%yX- zjZjd&#yGhU18;0Q zVyHMXYBUNi#Ot&*bT8NK$FZ6=e5WRLMA$UT^M6+O5j>tQH^}MP3{YZbQ02YU3z@bN zUxk7i#GeiJU>rm>Ya$b)@d^e0TrLw|B$3Bc@1uO*1lSk9Ny?>N_)qB>U|<>n${>U( zd&x=;BmDbOOL_;7Mg9a96&?yQcMx!ec$LM?4h+P&-?i+b5VZSjk`WS}0z2}HJ9m#? ztlDro$}NW~dkwN3R?jhuTGKF`mF1TVbvE~0SLQ*C9j0?9U?di=D4sq-+IiO&_c$}4 z@rl#OR1Z)s0D=mpV_;6k@^kJ}=S26+f)Q!WW`fKB-hR>;5hglsQXr{|&2YCaS4}sw zMf&5*ylxD%;vp+n4t%2(2mlyJzaC@~6+P{b@n#wdhQI>SBnaW)lCW|UI*->7E7xSF zlcl94HLmCFm+L#H;R&-z|HcL8NohYS%pfv7gAZ*}@DZa`Ef3A_`G^*AOI#Y=9K2SC z69vokBp!lk&mii;grln6LyPewl+%zzqnspJVJ(jW@iVdVB7hyi~u(hh-k)*=H&z^W`n8m;mqqR zwvhzAwT%$HJfq`=lY*sus7hUlQ$hRjb#HSqFF!CuKZ#9gVv7)%H93=>Y@)O1gs0_# z%FP+MYsZ34?6}s}@_g{`$SqDs`qd037FK3P#_h-XEcs1s?^pH3MMXXy#-T2m4~&>( zoEvw&_dl%ZX&R-HB}4Q`OBI!4ze<4)xIpkI)0)=5nwvR3Cm8TG zuRET(i+z5(v*qU$rBnGLYFhRjv|~~M0s`?NP}s*V`jl0Tm*J&37Ut&L&5tzrtkTH! z=d3a*i6>DQi&9cjv)bJiU0q(^UF}= zt_zo^;{_5PI5c5T8`&82O7ReS%E|E{(Wl4j8LMJ1Ztj zxi)N{(!pqJD*@d4*c@jNp5)z!Du(?k#tBmWDjfH zS};2eRp`W@Kbgz4O6?}R0g#>qMi|U zH@)1(!G=YD3YCrGhX@m@Qj)3=4A>0`&=W$iO;;i>j~<0!(n#=2)7JSaCWGdm(`4#QA8T|338FT*W;YU@`v= zsh}i%fsyIN*wB_Xh9?)9lHD zD_)axU9%nW7Rtqi*{z<%Nxwj1%px38ZwL_yw34_OSje)FPgCBP4^q_}eE-Y0|IHs2 zb6Yg3t34__Z>KnjFo`mH5?A&jV3&FK3W{GNC~-B@G4r;J%uEg4>HvK8Gu!Vmq{Ao+yZ7SZ}a_u(JU;>-uO&D1;}Ht${R~df}Zz@ zg#^SWZXJIn5&IMJh^&GHwZRqR@pG@)ML}^f4iyPL-q)XJ`-*Pb4kOhM<{CtT8O6j9 zZ)qZx@qL@*j}jc*T_(v^Jd9IU}Owrf@8xJ`~>##1*zLXnJs0`{F|reMsCwe=#$rNi7Fi$y)y@$dX>el;CapgN<=!!yJ`Y>qk^_yD-M6IgTg~ zVq9$B*h@A$7jlUXrzN@uU2jj3H)ETEf9cUQ#SeW6g|{Q9_$?@@4HxLKN^0RpPMq>T z;$#SF5~SS+llg*T@^s$f+BHd` z?F593{Z6fcgRxuA4ATzcM6?bm;xJvDq|vs54{G-RZ@Z0}tiHbq` zrcKIbNh2cnn?6+8Q?Vr-6legz6I_~bat5~-TjGTk-`(!{8d!KuG&SbYpFWdIGlXzw z(_xx$qrGTv^=a1261icPrp4rEH$n!t890U|0NC~pdbNgp90A#^_bE-tUchwCtzIj8HMxBuvh{J%eEdvr83=6~)#v*S;Y!bMkW zePa}7xF4O2qJM!y6kMu<09j4Olc;gEp11EXuRl+6y+JNUJxSjPs(v`xI98s&jq1L? zM*7CEih?SaE81gb)HD=AP=4mA+HawF-oh}t9_J`g{M4Ea=$ay5jT5`&0;-puyYpuW zT?|R_<4)nBnRAbst#`0Hp10j+a6Vs_x->-)2eMMBwENm?o&T)uwj5_Tv7+d5Pu)aF z;e(hjh{?57VF{9%E{CZ;>akw_Plr=c1TqsZH#>t>&H2K049asL^rE%=dFidP@`u>M%=j{y>`0XqHs3`XMW9-+u<`nnmTY=q6k|RvJ|Bxyj7R zVB5*i4l_i}I}w8h(I#3c` zu?5EYpZilr36A_SI>M6g{VmNI#asU)%?o_qMOcSM-ULJu_+fN*-VZ@8Uuj zcKlY16ewGZg8#(6SP*1X$nP(yvBnm=7cU$X0q*=b zo`&WSZk#%5L=e%~BJpyGTs2o6)e+%oUIW!q?@9M2!xWpj0(p=)*n$bX_uf{S1ZVIT z>j2c8*UDA8O{^!sF&lZvH|C$kEhX9Vin3p5s8B>SX3&6s4`b=Al_%BjAiBJH8U2En z(~sazMMcCzL&FEfvz~qx_CP#%8+v!(5Iof0{-nqPq%M;+&e(UIJTx%i@o{lm6@j9H z4y^r|C4Z|r_Y45>8$w`2fwNT8G0}ndm5}*)QAh{{XFBvKGdyB}mbPN6^vN}kr^r+} zn+!SBROEpfV5K51W`xdmZ@jdq6eUiK{*F)DYIG=ix=(B@=EtW&Y&ln^z>jPa3g~sv z6IxX}e20D_AWkn)JO?Iq^zWq0I5v&qgP3htchSJp+b%%Ih(ajSkTWrYl0r{;dqa@)V!~b#OohNv2C)@#kQ9cR(w zns4{KcYZcm9jh@=v>RUb_79azx33$gG>AwLZ)lkm6B*LKQ4GXi&$m(cV0htUj&H0! z&Ez_JFlMtaJrF>@O=(;jgx}e+Z4d92!0tRcV{KF!Q%)7M{=%7fVN@d(wh zuOr2r%ZvvCnc6z@DIFbIA)b@>+ilq`CmUY{u*D)H_45MuwZ>Doi<$#g&YGN#( zf6iOdISl!+C$|kMc_>^fI4;u`YufbtO}D2;O_u$K12H4}nL*5-6oH7NU#N^-TlsnO zYDkpWRs1BXxSq=>HB^dHf{oA9f?~h#3`-|>(uKn&*_WCEY;EB8O>i_Tw(+K+7LWW)?$-vakG5JTWe-+nsJdcIoUg zmVLIAtY3U%M?(W+hA(mEk02t-NV*K~+a3@zOsTA8A28g2VQ}vS`x^r62^q$8x|n}bHD%k*zMbFSNiL>&_D?T^(y z4q_BJo-~B_@uaRFyH4xcHOQ{MPZ3wY5C&P&zqvuU)+S6RReg%D!>AN7JWs%{=JrQf z<18)D=jEd)VjSd^6E7AbzCgHogWE^TpNvbcU%SG6F+2g!oAS~Xv>ax*lpM}Ey0^W~ z&xTkAGcc)?UOM;$LaUpNA4^{Icu~k;BPS^^Gw@8HW^K&9(r|C7KJgty0kmN$%+RE9 z=3CwbQbImrba^(ot8Y)EYlMn>U{y+Nc1uIo5k8DFSn7tpIF)n|&laM|B}o=YWOD3T zA){0|&^bLhta2wn8BNcTOQ$!f>Az7_@7g3bhVY;S+cW}8=?}(dn(wu$M${C2o#aoa z(JS7Cy^qWNkg<521=>|3@{WhaQ+lky%I)75yVee&&3Q+|o>}9BNi(4wQCG*X)FM*= z@$q4WNLUz`=u!>HDa+gP`TQ|r$37{#%8gbNf4M_Tx9Unkgt0hbs|Ym66(MCvDrzXX z-X*}!ktq1r=;?B(m8 z>mT7MA6fTo6h$7OZQC5k-fo+OvdcZUbclj)Lf=%JuyoSx*XQ?%x4AM9GHFjd2WQxS-QlNl-U;AZ9fw*fu`&3p9 z^jtn7s(%m?PE4d9#67a~=x>>(o0^^RZ^Bwo;rhsaE?G>&b5x z>TV0E_#YSbEcl^6g}3`ki@;)8>6iVa=OOFMPS4}ZDW+mieuw=1IS4<5+t1hp*SgG9 z^d;AWC<*AAX)k!->>~*Z2I?Y9;!lA3loWQOsX$~rJh zWQC5atDu3lx?f~Cq0agWy`NUmjW!%u<9#q*dkLV@zg-_)$-@}J%V5fkW%+r3Hti5T zppc{b8U=&=0pEc_?|shddE^rSZt7R&VAqXs1XqA@=8-Y>!VeuIHv&ocJf~XXAdjOU zuL)@s8^mp&emBxhK?hHT$8qFBW|%JZ^D_K~8`{KG_T{Ao)M&B^s)=kH9YQ8+xyi`v zO%GUlC*Yr{!~c)2cMPtqi`sT$+qUhFZQHgxw(Vrcwr!_lTOFrk+s?`JzV%goRp*?) z`_HPq<`{FVIp%#|Lv|}?60}<1vt?3dk~wf?eHmH-`t5@xkxYPzdrbF`HY=b&!q2_* z??2`;AXYVv1E$8o@WDFn%YO2dm0&{pO5J@&2w91`;7ooslf@ByzD0Ov?zv;B^Yhz+ zfK&%5To8?PEsYW4NyxOpKrb#l9zcZiG<}%^B!gvG0D*1^ z_Au-guKY%BTR21H&xv{;@V+mPBam|0UmoMBph(x9;dcP#P z!Nv9x(zJ9&YWfshya9+iL4f>Al3VUBIA`f;TQq*0EP<)@MNIlXz_?Nhy$?1c+nzGD zMoWCpBcIK_ug&ZiQXJP_A&1A6uW3d}8&=K*SBCDT1&KGXT6D0!Y=@6y%_A1T<2B`C zfv7nkI50xyLQkLwJb%^{?F?cZLd#jfIVHtcfJ?#t1)RV2{ITt1-F}s(Si7j}T(aLu zJH*LSN*qfzwVM%LXfE5E_lV*XX3`wkm$V>)eE8XQ2hI*P`-~tV5+5Utw?UKirA~(S z0PfE{lbd`tM=@`2+(+s+`DMBKh>3UGU(fXj_urpuD@gx}YrHUrjoyeaZ1 zTYq!dZi2z|T_Ku&K5YoZixc2FlCcnY9o*K|-jMzbBz>A2t!u~gFnnz^YtQz3eAMV@ zx*CAJeb-N)O{LfAvpkyB3An-?;Mb4;Wg_!fXC&i%-}Af;NzT~gVJBubTv3)S-7-8Q zN7a4%I=$gz!<=*`+aUg&)=xzj*Y5ZNk%ZL0 zljgX;mZSkFONW{FKS$H_l^Dl>#tUw=EOKXb+%8A!#P_bD;OU`dfy|&ywXm=qHsKU6 zsJ04y)Iyae>;r7Qc6xvz-+&ZkKXklcBi_L7lW*!=UDE-63cO}-2o!|D2Ks(e+FQ@5huHc?X`_t0EN_fr;|dI68_ zL5czHGysJC#py8!xf?-p|B!q3MXZTc+!Rcp0rO|hlHEBVdnBQv7FN*C7iIMnGB{2%L~{U;#NuZpgE_tOGx{yc_)3D74PCdg?r9vf zqZ081A-4l2aJ4;7w#V|QCDw?{7<7lyde)Sr1lbl1&eSMpz7ft36?Cd=aK`X4zfzU_ zS0p)w(y0E4cy+88kW9BN(;=y1O|ZGGG0*fZVtxtJ!p8RtH-UX6KV<=0Y`hlj@mum! zb?7bs$2Q|0n$EGwIJEkH=)71p9QylC(C+*0op#Zk2+c3k8-?(TfbMHJ34P-ROA39r zP-QS;LA>!?vD!!@@*m+kaoOMMA*o;JTsl4sf_LOUf6ZbJjv{kov&C z#oeL5rn(_V=(|IumdD+2K66;Yn}$v^AQF=0Ct$!9IV4G-_)R13*$F672@+%l70@IW z%%~CA9WJSbr)rIvq@)}St-}$UIFf{&ol);3s(q0BDr)LPh7qp9d0-zRVd&>ie2{^F ze+wH%!gF;QH_tkJ9o~Db)uyGTxN+OkPun%eWD>>bX=%;KSJt$EI?@90=0B2R1iQ%c z)I)rkLP0IX?3<%~{{peA{&lV=KVaEPsB3M_oc83z+gUT5Lwv~F@2Q>?U&WvqID+M( za3JA$byYb_;E*#Lip7NRU&nJ}D=TkZ`oIE7E-P!FFh=^2j1Bkk+k{jw%3Axo{R5b+ zR8mu`h$HqcJNFBiSJu;ujN}hVMHxQ`j7M0IgChj08xaW)D5Rko_U+;4JoU2-=p9W& z46gZ^67h%^m@u$A5**IttEa9HK|%_T$1djP$@Smi_8g--=?>t-g@GE4&!9!)5(stdMKQ)+Dvt6NEl~1Vm7%a4WjLDW@<`+S>SKf8+F9U6_J{ z<0uDg;JkC(&+wY#+`At!rgBiX8W$4HCQ}DIKKYqdVEl_6)@Y1p;45f7LbNT;vi=05 z@eqj~9MPdZj!ejsUl0UNS<*etOT;F#|GvsjB!X)Qvl>2smYk=vqvthxcyn2D4r;=O zyL{s5u~^<#KdQ~rXaG56PxGb1+p715*Rh~myK;LwUeWDW2W|3gPz56xw~_u`g&?5( z#ePQ5ZN$37m?X2&Xm~-LHuD7Va3PbnEJuQH0c&{L!4lUEt5B> z=>hCHB}VynA(le(zpiUwQ7O`;;* z$NP%r>f@j`&q(j2agyOF_=O6#7)ZK6(ql3ebN>G2F3sKoHKcLXkUjZTqMeS$BZrD$ zHwLaFYoRf*@oqt3>xB}DtPYy}rx+ihq?a-wTsU1WYX~j-zqS#Q zz}|QL6DTj^Vi|pLF*7^V=)D6!8E2yPsr3KQyqo8U%#UZld8sQb+?zD$#;+jhoBlFG z-!}4b3l**|?T7DoeG`;_&AyLMIDYBO|Ckhol=AR}83r z6(o@y(WoKf-eDa*rAWaDkb{{G%$L}X0jNik^hrSRN>bAmy`b$6pdP`_V*%%?;`oHS zb;uWXToRCKOtAF+heOsGC0 zBsRsRST=HHM=gI9fw;a{awp14WVp&nRItb!Kfb-hLW_B02zGk`Nj2g)-~Cz7=Ai5n zdP-tq;RNyNqxP~LkgTXGCOWbCbM--&9Z#ouT;N9@Zo-6`9ty7l2?zeDs8lbu#j8!V z?kh{^1TJaZyoW2+$KL3SHNd$j`_T7q6U zU5zOe4&Gab=~%R#z!H59hqrDZ0gXwgV`2jddmQ_`DbeAdy+0srF2-pgIjOS`lOwX* z=HxMq z#Ny}N;UY`zLD$WKhr)%wa3&?HaG+`4IAGF2CmWChyHgo<>Y`*aD{2Jw3e~a+z$#`; zrlU|h^o!`h6^{;7EzjMKQknlbwK$MTPvq*B2MYojCA;5jg>gc6xnEwOT+pDvn5dT1 zq7|g5W`YDjGi}Ko@q&+`N00j0--f{67SxBc=_JiN}oSE_d<-HHry;lz(C0;%cE~*Y$e|9N86+r9}4UUz@B+yB! zngPihRWrf=WsEy@r((z+)`c}wrnHs%>nyaA3cecKI ze5O9vpU=d=*A&p6KmXar+WMuUurb?|>?*B4|5r9qL{vT>W@j=Zl}H?U)Q~l@Gr`8c zRS27olYtgCtBqE>ZrdW-=;SnkAPL_4sYQpBlqz-NvS8IXO?k6WZPh@r*42J?ycBeF za&jpqtEm|^)nsD4mm{4n#9#R9O%{y%CP%gnd;HFCY~@i#yi<8b0%EZmoSaW*d}Gy} zxAtx(L5Bs+`O|Yf7#MP_ zcwRn)toqyTZSI1T*Y^ykZgw;ouJ!;X$~eE&=oZQ0!n#tTu660!rRyX|R5k8TgW*IY zx|Y3q7Ugs=cTQv*p77V0I-eOsqol`l%UaTy2J2;hC%CVYcmlK}hhTLl+F7xAOM}h$ zNs8$Gxa@^Uq(egbumzU0jC#~wNL-12YiD(CR!)JNpFZ>RoyU(}-8;+EdYL-SOI9Ex zijt&XkUD4rbU>6B|4!oGr4ZC*!9G;dk8iW!F zd{w^542b*oo!9FfCJ$Q71>SlZll-KHhhawyryhLV|?4{_&mA zNAhRv6gO_X1{5pt^pKnfLX_oZMRj>to5T$*c5Dg+Q^grnJ>{(@6DR(iM>5Zaemmmq z9*ysc&O6d>2D>wNZhdn(@-uZ>)&PAy&~2MNnWWv-<9& z%&g_T4$eINW4N03!PHk9gD%$ZMI_|n-EsvzyZB-hJ%|=$_w{B+)+k#)%gZKiM(CKOpJXB`LSUDDT zAgCXTZQe{v5~IB*$!dqVb@d&GX&Pn5euzlAESGVZ+iC5mw9ei><`PM*2ogdUZ@ZCi zA|SMIGJyn6)Gx|tY-&R;?+aG9S(8X^yI2Fe(%hnUv0thKoQNjM8H(d1?CF?Y8Cb$8qWkXUJJ3JH;n43 z8i+DXuy{Czf*4Jn?g&~R7a0n>TNjpr@IhIY40@{U7gZ2(1R4~OWyF%gZXIcCRd|Qu zMsD9J524$PATe8x6c{i$5TmUU&*02coLl9XITVWFV@FRD{wZmUN5p0l2r@(!u@->1 z3S=mSh;|I^ojUYUbhT|!GdawQhB*-{MaT}yl?nb;$UHEvIOr}Okrqj97ht;1NS_n7 ziWv|s7|2WqYU)jd3clOY+Cn@l7F{3eQs00a1qdI*b0MV;eF|8WH;#q@vivb63i_$w zoH5VIdrb+iEH4Q=OchSv;L1B4Yu**`@31QpjI$(UzIAGgt|%T2%wP~13xGUy0<$wU z4R2#l!8U4W2wxF+on+r5-mnuAk`(4yTc#%}Bn2mQ3g>6!mt0@@BNDT27x{pYED;{W z@e>0#nyXgdtQhT+Sy1g+MkCbJRgwOpXB~bywozm6v*dynPp5@J+Q$z;g3>0v*>lWu zo>?>8WwhNM+hB6P0)d!T@cSU8X*V9GsV&0jJ*PZqbsC0=V`k=$ejhMwRbFb0i^NKle*O?$4jd)b)(`UUoz#0f#A3P&3At z7Znia*L#Lhm`K81Kn9o5>qkr}$)ShM>9#Wk5Wjus|By*)kS4|}uE!v5+7ph4=$DRZ zdK}&`4N+A<@0IjfFGzTKZGo(`^?jj_v5%MZM<;~rggqqnl@@nGCT_3>EfElPLQ-}- zRPr6Hsbdfo?RPmE(+w;}D4Dp6@aOGs@+T^3FqHLj@XNam-aC3toq(~+UVm+V31Cl1 z`>wg|V}4OK$dQ#iPNUHxYp?*TLT<43Zf#cW3vLT zPF;*BDU75t(9&Blp&C(>kEXj6uctzlt4@iug-e5kO35tc1^~<90n@MPHCPlh+$N8a zq(IV!s6!#}fF3h+$Gl@t<*r}oYhWwT;usqnh!+hVYB7HRk_UmhHmD(Etj4A&5SqfJ z3t~5$8P|u(ac;{iELCM1tKPp>t zGrt#P(&0-`EvG_Njy^!tGd%!hCq(shwFN5aIGmCeJZ70KeCNU$;ITRhWNN6Hxm9=a z3R9mV-V=q0>?`4Xi zJZJp^w1UfCV)k}py0$D=&Ga+OR+QyN#X7oxRUjtJ6o`a>-RbzV(_s|R3Jj^83D{|~ zq4-`0BZ>ed?d0eK#Q6D=M|aSa^{)Moy+OF#Ot6!q6N$#_??5>d+aQP79%j1UUmrj2 z)fF;=Dvq3l&TToY|F~V^IC<@jQ=W40=^V_U`ab_@2y<-qfW% z$F1~=`i9Ff^FJoQdHJ4mw2s95VrJxA4+I1pl8$Vwy9y^s5cTj5_C!ScE9U8y-ZE#?R{2OjBFJ|%*M0LB5N2IgX4L6#jP0X zObirJxs#j@1VP7S;vJA-6EJ%@LL}j0oVbEEMsdPR+>lai0opD&%S_43t!F1M`dES} z_a`Enfb?B4irSk+6%ys;%lM4A&UZAE(BBFQOgeVv-&$cTH;oLP1@cBFB>z^P-W zsTj2-=#mH~sLf&vGMlN^_UgCNwc{?d!^vu@%oZVzH4}xR)wrCEV}!^|WZ*wAYlU>S zX0;mZPnlo7O9mNH>6(H{oP+rWq6~1X1`JBwa-%~GxO&t%F}rZ3JnYcO;bYof_AH9H z!e}vge7W-sNxNjIt z8Ha>~cJOlLlmh=FtP4bq1G&-RfE^3$BiLzlVk%_AMUobNAtC05+{=)W&q>h)OYlQm zT+fh|$`A1c_O|tavqaz}+ls73r$|CO0n0<7{vlPg^9wS^{+1mlk<0|Zc}klmKqLy2 zIBViL5%#eG6ROvMzE0E68Yw{qY>}A<@EFZMLX6lh4u!Q6|d&;ocuMhk#b6`n0v2^$J3*4J@ zr8C;YW+5{L?Yw|ZJ(es+v5=Hm&nLg z{UlnyD}jU(5J{wSKku;S;fbYdOM3G5AJ0WIY4OA%(Y()8^PjIJ9%5$>MWZloIU@*W z^M}KLe(%6Kll@ z4xO^Fl%v-I`Io9b?2EDiPLX@{K*Hd9%a=$tGtOcLtpiylW~ zw?zPS!;)4iCIA&sFv*S;CIJiw@Q_mnCe^G|;)Jm;fy!*sciEFlvFhLs%f1-B1^mtsdQ|QBZ&KMz$7*e8&0LY> z2-)RuI1aNQp}G)7qqebMvbsrh0@a@;slh-pjh@mK$5L;ogInrJcPGP;MYvzZiMsh* z*HBAIsKr-vTf|%cYW@cokWGaapx5l~>Jq|zlL@-rj{v*V=fKrZ!Bif_PR7=gAYgrI z39K1NMV04!Gw+9yN?#)fMMsPYUG30bf_xRk!=c*`Gl^njPra&bCB@}QV9y=1Oh!l5 zPy-4#kX1V1h=*SwKSYn-dse_sucB^4@t0R`SGTp8?LBqmO|A;$iFnD zqQLja27;gW`Y_!mvRQ2GtiaXM-JD$krPnH#m88FHQs%dXsV-M=&RxZvYN2)y+77D%MZn<1I<9A`HPu3<^i z342hVB>P@>yWi{xk>KQ?AO2J9E+m5m!JJ%Trv~$J?tJR2;V}(kZ6&M03!!~}@*nC!(P5+0 z$0tD7r&o2kH1FAh8isgbPtfv7VJI#jrG{Z+!?+AMD_9^^j|1E(BF>K&o&dh$iP66c^t1%g1qVT!QVaBHJsvBOw0KoAgj&yDv3 zy_@SsIh4~VhPqkI0B9Uj+ou@M_-T5A)bb%_azgaf$4gbVbJ~@`Nf=^SGIoNZkhqG3 zXVnh;UWfe#CpwettnxU9pjNpSQGD#WR<7E=DikbJ2U zkme?0r87^+C$Iz4Po>Fm$k>mMo(1C10G* z(UerMj1GM;lB$8?VnxU?+<|u@dU}I^*3fBza!9_w5Y->^U#1NZEgRlkRBj>9UCrDp z;TF0km?v#Or2}VF3;FGMtXP>n?W8Rw?4=+kM!$m3;mQD5GxC(!3hH_xa9PR=7NVvr z$ea*Z*q)?%IyxFC@_yXdM&*x;b%`ob-?9|*MlrV!JbX;eXg1q;-KFOAyX1sh`OKIq4no%xJH!tI9C<*Qm!@AV`{d?-IAJg@Td~Fk8WV zgjT_O=vw5d#n=++asS%s1!A;ykN@>RCOA=w8Jf-^aE+Uem!G6g?`7&KscE(-I@J@Q zg^kcOJVbzX$a9lar2enNodOoT^EIVeV#7_TI@+#j&+tsfUS8>Yx&ft~F*%@vaXlw=Cw}{9=Do>mbMv^h_Gim`-wa0vaaD>Vbd~3#gQ;#mU2H|ujVy&h z(0zKy)uA%>ZEX^qLKl0_X$}76Xr%dm=J`j;*M|u*Y?1A$ZKgJi`}>M&3@%Xax}!=R z7#+B%X}0(H$^cluxz)W7g_f4a>IfXOTD-M9{syX1X7vjA+T#WhQRR5n|Eft+xB#WZ znV>U_$PyNl(bC%b&+*lJ0BAnF8E|sI*N=ixEm^F9JMU);zt|bUwYTKnd{|;VKdo2P zphN{iA=mWc{^>-^$VlsZ-Iffr66)bmH~$PtTzvBObN%rP?eqZ)ic}v0>EVloExnd1 z_@Th^Bl6wdbiF?dye_e78)7I{)VAVeRN($@CtwRV6|vx7@M)$)FFMh9{=_Vln69xi zj9#^L^xkAGofVEcUbm@(xW#VOC6ct0IiIQX$7dgh$Nd$s`FY;^6>$rP0IoQU6l%O! zCTFqge+t_+KX1z8qSHs-fTb3pfBW|)>J}uZ7tk-4*ZrrkFr0!)iDYzTb+!F^%e`Oi z_C!NNL!v+=jfJCE{s)t~vTo1OuhGM_@Eq^%V{6G*T0$jl-HFa1KH7|+ZuFl$_y-y4 z4TCmA>h)ZGHfKYC{otqI3d?0-v^lWkZOKN{5cD@k9pBVVgkyu1PmfJAq_gT@KhD#`Hv|P1dJ>8YIjqlCwvgl zE;#Ti$oCPz0VQO-yWWDJE8%a=r zj!;y1V+@wKd8o3Wsw!v~>qNag!%xJ7YVQg}V;I3h+9(1d#>xXUTC-SOVM-1* z^aYoYMJwo0G-2lZ7SfJ&Zq}=F^LiWUlnH z*;rQv=3&vzW$m2xEW z(hrdv>exVvf+m%?2XJ~8D^Tp;Ex)e&e{T6-3Fz{C9@Xjhs#eUz%dl4q|3{Afj~)Gg zp?v@M2SYk4pt)dd>jRfL0TDB}dJ&K#x5l-MCJPWX+wBKl1C1K(LqxDic^V6m=q{>U zl%essM9lP1)*bK`U?P;ob;t_-CTq)R8O1djiuvatwkXB8(=+2aE=+Yko_54en6{NkKRu^ou8qRk-uxeE;H^6lv-JuWZ?-i?JJK(W&f!_>VjCzg5JQgm9 z;7Rx8tv`A*dK&LgJ4UiCTi)k_A)+{!pbY#%)J$F|oS1lccOxz|b^* ziHHuKpPIVr4@AKosH?d15u+bm$c+d_Fj1Tkmh~cUL-M`=^JiEqT+IysIh3lds#ZR#zfWx44fS?WABQD4pRNX>%;HR zKZEUOItiK!$x0V4MekMtffx&5hh30gH;NV#$ERg^6bOql(pbV|S6Sm8KJFu(2pb5i z2%g40qR^v7H0l}uoBRJCi|)`(4Fnb(Y0gi<(6b5|EC~ePu-qD*h`_Uq!7-(!!x{9O zMW>HgTCfk9{?q_tMba}A;F&;uZX7z@VQhcnfzum z40+hI7D+_RH)MB#ugGP}Qb6Q|&UzLR zJCCfG#Uof!0CuC^r5mYL>A0ov3b(M+G2i)+WDtd}!bdDLwm`5U? zFSg)IU2n;4=08}%?=#e1E>?$r9N+Od2<446Jtx9mQSxBJB6o+Y_sve6+%SS4Joa7S zk5aniAlD1*5^1xy9uuA;a{qWfRf6zjI0?u#J+=S8)BneJ6;c57&L2R?zvl^Z0`;xf zX-~DXik#KQ$nizdn2tA5%F>PwN?vHqY}dj>Mz*w=$5qJucx+vMrmoW38|%g3eEHv_H0A2 zrb<>T>K&iU+TPDk;H;Xbv+vJoHLm#3%7*FRy{4?^6n0$-J7Go>RX>_H5W^?gIIQab zYqO0C2f1+LL@fIQ<@)?9Rf+c!D=$-f374=_r$ieqJpc^|Tp9S3lv9KbWxP~b&zN?j zppUpXIypiqb>q~ME{yq9(Sj;Po;X_6ip)sfkZU)*q+F$+y$*!rwZGiHGw1twPvI@{V5rA}{5jo9;V}ESO#PI?tkc4`z zsL0BPpbqim_*G032l_<@cQ#S(G-i?F`>To z^FVQ!2$$8B>jM!}meyJ8r2maw@g$G{3D-xJS0wCdABC81y0aXtPurG-!oEHHjg%?vLV;T1qV#--I95YSN|M6>3pq=#IL=miiZeyX< zwA>mQ;gOI$ow#*Df)=<+SF%Oc5LiN^)$%1D2cSbjyLBx_Dwb~@It6cf_Yjmg@dDkf z-0$4R%kg_=0H0p>5rRMbBJK|S4Kh-(xQlkXJ&qzul#yDth>x!~b-oI9Kt#x+wOLTI zI!?pLD01%Ica&IKQ2i*3i9)!D-58sP9&7bgypv1 z99$#e-ATewKe2gX>}39iVl2edUAK!-%WiG|VYu+zQ;YLBkxYq-EMAOJI~-7lGdQjq z-P5VoL$TiU|6$PE2TlH`;p;pMO4RK#La1OgCuQvJ(Sh(YN(H~Z|l`DXoJ z6oHir`a_Ky#Y9?g)WpV{`Ek^)vS_xNHjJ_|MY)iiT-v;gYWK#>lkkvsamXE4S69D$ zuX&@sv`4WTbdk3_`KGyh{xW33GMSRMrKC#}Br**H>W9{%NCL-7+#Hv+H~-V|oR!6+ zl`Yt6z`zPkhD0P7Ko%l6kQp*;7}LLlKKWkQ($bRp*C~&i93S6R#;NUZ>VrUpo2zS1 zWm~Sw@zT$Lay3d)(*0sH86ekNF-(j5!pUknI4RWC^3rX4X`>G#SfhGY`#b}EeNDxi zf~vZqTxDfdUN_tXOic8x+n#Ghwxjghj`r2~ID8&;H8tNA|Ig%KmNyu1a3U8;YCmUr z3at;{AK^erd3i!976l?l-1>Uw?~l=6Rt=-^8j0fX)}h2vU$h+E`za}bf;*9vUy3?9 zUEZ^~9L^z3Q`4DRKjefqzb$P75L)%>9cXOdRu#IEOYr)}j>kf+(qcpY8)t809fM9& zM{8>s1JbN2?+GZ-#R5v{B$==O!ves;QF;I?RN!)nR5{hSka$PLD~9iFYYXzC*JUD{ zw%Fd}T1_lfW>>>RMhcV?3K+KOKT0*M59O=pI>W_LR!L-SYMd&rV2wOn0?|oihSy3$ znIAbD{AELb_S!%>GP2gmBlV`-L5chuV*w&-%_lNaI!YX9NK#Hp?hc;U$clBT3@Spf z8##iFI5sK7jonX1h8EPdbU@Q5`W%$eAqK0KJ3g!8&pEJ&yZF9DJOM2=^^uZ&9WbaX zf;kMxnlYB}_YMi6kyO~1l$rx@H&N=AgIQ95uVk+n~94t-?0z|N#otDuTV?zJkq#%@x zikaE+&-GVMmU~olh+n|STlBvF(%)@;&+f|B+S-POf{u=HUMQY5+<@MYC%3E5zn$wq zzq*e)YdS5rbg4EM;a_rzwco9z-9gIU!@_5Nkc|0QPO@vusuF473!%n-u<^N|1 z&eEvuSr2j%?r=I%4a<8#iJ_VH6`TwCf@$rCQw>RoKvYr!JnvlISy&e4_bxUTm4ypt zhU9++oh@~a8Xm02@lq7?Zy@*Ht?Y-J3jbX-rI)YWf__KVm(bHIaKnr5Tx4CK$|QUQ z%C3Z$eau`3gJ2?lj03lb6`A&wKRh@v6oX-7YiVx5%nW4(eP3C1eSg`(6PQS7aqn$) zL~_K7rlMvTK^$I3_V@@}*G%73QqkDhTV3S7)mqbP+j!?)Y;lXIgl=W@BT$t)~lqADKqjT3T8_ZBVXQ5DlyzefLXU zOUrXKN5GKR^XY8)@bLb3_t)FQgNwa0MmL^-Uv)#nZHWfQrGSg!<64!6yg1-oRX*tR zBn;PnYd){nezhD6yEB>Dlw17o9hD>!DKD-{(<|Lhh{a4?A*MxXrOuYGS#0Yz7;bB zLRGe&z4Tc<=5ehKJyc4}$Qb@HyF;j!Uv1i}?;;%OqPE)SjpC8&n?DKX;PaMEsnod} zz(MpKOlkPpS=p3eRE$%b$Ns*4V_ayA3iqh{mxP=jy`s~KnwOg?{?<_Ir}_04(d=(^ z#t?37(y6O1Us4jz;^O_ClcUJa>kMcHvp~`3$EM%=5|Ouz3~TU0YO0$q7AH~P7$K{Q zx;h2=FTpV0!twqq?4dJq5L59!^T-3Eu3gcjjf6efzIgpFpdrYziiV2(`~=TTLA}1I z`3EmOu^-wMsR_h~v;&h-FRrle2HE}k;?TpCOKsf70-a9fWnwckhAUYdfVB)mE*AcU z*vy=T!@|{60k)u`UNaFON2C~@#XR6GV{upBTFRlQF*-(BMNiwPr(`A)pX1BTqqDI- z6+6y1Js?}gZf=uYyQk~*c}HcI}y?J`M{G{!ccS<87zb&rLQlq zq$IQ!gPk7b-ZA`Z)?Xb)VT=%*gpPfC{ZJUlkG(8yd6P=&QWzkEvcaIdN z!P6!-*PlyCAIgzV52u`UHoclRzEzTz+^dK~rF1<$0jyPEwji|Jb{fy6YiZqAdEVAb z#ap1>w#OSbfRJ+WoS&l9U(E{-x}A_7LVK6o8nKs_ggg$5Bp;T#Tx}8|f)4&Wwkd-I zPF=Lg(mVF5lUa2R0CNe}m3V?Z?}^jJ6nKul*F808EP@E(mi4MaPtQa38Ta_rq?5Yl zI%WyJ?@v_O;mplrmE>T^0V0Kf&pmY2!izV3KmYO1y}f!W_P3^zJ0-Yl1CKwK-6|jP z--oM6FrulRMP!%)D?7DRzUYKnV5+$c4VC`wSiCZl1R7F*D1 z9bH84-nTWk{&|?FqWYwj=SzXa2xfjSAMkTo@@)8wX;jWNfU<;yIB0#mY?E@n%4~`a zJ{-d5HO&FHp>{r+5^wdqpTNaA>kpNfx}W8nb$%|5--^&1hmi~_Ej<$8yN7#U@BT4O z62V66Y;b-yt0*uqFnryxuiT^`og-x$By+9u1tSphD{HBV&3E&|9f7U>8tuZBPws#x zo*fFjrq1B#lgtJFczZmL!{d4zy8iAHc04aeRk_4EyVz{$`gzFhzYm0HDYHYzCEp8n zF0M5~kMFm=y+Y@|)%_vT6#yPtv8%a*VHT&ORVw$ZZMiG~n`POzOU%^87UUoS3Q`L-=hM2vs7)Agsqi9^eJpQ*EwnbAN9Y6np)582nMg{ zOG;^%(;;^A2&>d&T9I=Hyf^xUZP*to*F;3}~Z($Z!x&$4?Qc0sO^ zvoG*ye^Sg!Zzhq!Im}KhU7+@32fg|1IQQ2If(^39!Bk4wzUL^vLGdwp*J}LL$5(v2 z{&9}KypT|ThDEjz4klWuNExt(?{ypx@=ewEgPHTPGHb$LIadC_nYcI;2}DO$3eJ%U z@OulDt~7nGSV~VXa}IZvK|pZ*R+GDdjg5?+9ABwH_Zc%i`oZyhVj8{PK&^7E+Dy9W zIY><5TIfXWT(PrI|6!faHt)i0CKqVUo5Jj$zD)H*rP24RF2uz2hIXF6bv@|{I=58b zCH2H_FM?S&$`@CX4~rM)65iWw-$1j3eJDqsWA^Hl^m-FzIXCqScg5uWSI^t~)&xA- zq0kh>4Oy_ieqZSh+)!TBU>*tIZ8ljD&X(_|j9zrY#q5-jo9T{>wa$sO&!W+2K*^%_a?)l#EAb9!cSl%`b@!ae;{Ypa9 z#rM*2ObTNWp^i9Yy*&=+y7A))e7H1Www3-VDjdt%G`AcDH9#X9fdo4WLNt5wdRQK> z;)pLml*3Pe6d8w2dw`gmJ=!vh%(HzD3xQP_drA@ zbVGJru(Y+V{cTxYQEN15hq8KxWLRhEqxTZ&&9F9m#IFYr503?mgOka^!h&xjX5dZq zr-FJ+K~vt5o|sue_5jiZOW-yE7=D1{-KfhmY79CJ3q^V@_m+!lp!|p|(87F|bbjfqex5 zlCF&Fs8-(=tWoa>doNq6<;FdkfgH@&vhnHn=bozUSrFaMssN*=*r*L$ajvr6)e~X? zYh#_;V+i%>y+#TjWmDxsX>q|Q(;D*<8zEb?s;K3D)Ol4mA|e=i!*qKk;_mzbjn`QU zPp*!QIhP6fF5VgJ5^{rFk8Tn7sK6+<)chCijT7@_a3~W68GlDL9xodcw4;^BQTo!6 zaQgXx1_L^Dw;I#wX|K+Pjy83{vZr3&ZI9dy`5tU!L6StR75+HIg7+S0NGv8|S7uAg zK4I)DiV7!-;cTJhnJ_00YmUNtA^J$8)7iE)ZgEq0IvKQWb6)xw=vp`A;;kH;Yb1M5 z+k~L#>?xe9CZR?2S_)Vt?-}yKnq$m+06eXkz}=mSCKv@hFt76|K@!Sp5|kYaeK2;B zAL24|t!B_IKg%o{oFvx#Xgix3BM1r8I@rfmtuVo)^WTnNen!u|pN7qoI79-fBxuw} zu?_ye*x7sDXWYaqt2FWe*@;mp7WJdpCi%hP2nCwz>KaL3KMLV~gkfd8=Ipj@KiuK- zF~I)R{4`_UBpta4D+I(r=rZ}dZSMro;Kh#;{z;Fw`)JnSL_z)%ss#{&PF^nE{Sq^8 zYqch;+H*Fs@7A*cR2c7#rd-424X++%k?T8;4fCYSU3otc?LRVmc-hv5{GBnonVpmr zojEb}@jLHD#KhztRpATxeV$!IFC!<3FMnzN*zg}t80JDvn_p!0W=_^cAx)O&LkB#? zY=Cf_bMa%45%EUTY|q$g7ZGFprIn>^!{4}NhUYDJ0h6*x22Xz>qy7bQ8LK2Z>p_Q` zJ%g_aeFm%#h^owzOTDoX$>)?bg9=!%ZNGQ?(ko^ZsC zr6c*%{Xoa{s6*AKegnP%MW0!3bj?tVOCCVX&|cy5PrkPXBKT}#jJ z<1DJWOClvySwD(N-Cc})==-o|GN^1f5Uu0t_YC~1x2_a+oJn_aRzI(mX*U2Y6&gNXT4QTmyowyPe1(~9N8Vh>$@YqS>{*F{y@1Zs2Cd8z5dA`T=5jNFP~?s0|KU|`YhHc3l|en)o!z_ z*MV4ZZg5+x^~4KjUpBSGK}Xl;xFJ})4g}ML^hMg{!F^iK^IWWc^*d{V_Y5VkgVyBR zy&2PqY$*mD6Yq;17EA-plsfp21It_>9Mp4^s~J_(QRfymrQ0Ag>zad$FDGng7V={g=OEG)ZSiHqp<*5r00loylnBPZWeUOw< zu(C1$t2NILKInKp^5JlR&eq0p*i9z0l5?VPpQ^V40;Yr$OJE}fz<6GIJ|_-ai}K1n z@+l68;g5>X-`&T!CD}C{#mFG4gu==igU>5u9&A(GW|+w3cy*W9aNAbfQ*R&@5F-EM^9ER z)}YEOFYDF14HDV*<&~^68W4tHayDQfhRJe#0&rTUz3gE4l>o6Kufq=vO;riHw5X_$ zwR&ggy*5{E9ZQ-NVg6=)Jw476e_RL@yR2bKQnEfVW5WG7>X%Pj{q$Wq8k<0QgJpK} zveEIS<A}UvV-lge{L_ zz|+(ak)!arS0pl=W!Bhr2iGDvnNhkYxMY{u;REv$Nm62R_3N9?LQ@kXQ)4!Ew)4Gp z|5(C7ZPaWauh#t{zU9zotG*wZl*96@oCP&7m{n(5ZDw%J&f?j;al90=f+)Vcol%=+ zrCD$7dCvB)sNiHVQ%fjXJ-3aR74KCY;a6ImTe)L zBh%EEw50@8v2AR+aG^{^8vi*IZprI1?FwrfQ+TJWS^ZR`Z~WFJmwlg!v!QV+a^*@} zdf9|J?#pPEV$Rz7Gw)sB*%0@oNmr7xM#?Ui zdNCS6we+{~q-*9E6ND6(^j#t!oiUkg?To&^MrPIuRj@7|&O3>CYprlZf zFUEQ~vRCZzs@uRV$q?j@{&qAkjLmpKMh3@j4N~34=*mi1EiuAw;uh#M_xt5t0cB0i z_^hk|2zlB1EIU6O#@f3GFj^TuMwgwPZTY5=#D<>jEj#>21X z!u0iIXJdnOQ+@-#hS}6_yd(Vii1m~DCqawur}XSu8)ZCPyv@@F3x-~!tLYJjO}_@C zA<~mzP`vrxq{3lbBMQ}T->w{;l2_#0n2n{utUGW(Kvnaje^A_$6cF~wrs`SISY>TBD(|ufexk(dWv$hFnEL!;gkh++c<1Pozfc*?{L{rq6{F+*(=LLWxS}K) z`aNU!#u*)AWC#Z66jKvdq#j;ek^-uuv8XR@*C7I|7CW*p?v;`zI}LNXV;IekCy%b| z-goK9OyznljvC(H2J+6BU#wS`TQEGX%2`yIDNRKvo`{;Pmc}`+0UXPr6Ys=DZC*Bs zg7JX%Tg%O+46^psgC;c;Z8eEsHQK}VMutrsO6nUy*+-5Bmq2W!lq5`cwvywo^AUK1 z2laJs;~d}dF4I_?If4l^U3IL!GKrnH21{4*iXT^+q z2Wbz~sm+Y+zQe$@w>vyMWb~?gR1pz5i6fI}o1DatCScniBFd0aQi@C9_qFR?pr;G1 z!f~FMk=H`<(IxYR>-TuT4$7jir0<^9_sRvMGr4~f`;NTH*FZ-@Z}>cTljSN>2gbW1 zcXvFY4GLqk!yrto<=LMlMMQjyZa`=JUaFmCS@G=6DCl^FubwSIhx(ylB>s_7kyRgD^ zxRn&L)DQ~`i;7Vc@YA?3Zz22f@W1KgR-+X!FK5a^Uz#vPR(`l*G@V8x2(zaQmXIx4 zY*&&^nn$ZEg5rT?BZWCYv;1sr1;@?~g_93qRBb7d9l)_WH8z%U=^EU8qwVz)LiaUt z%>9gnIY8F5Dre7}g;yV4uMOMG@4Z%+q5t#*b!ayNPJVg@JJ;3J7_RIl#7CW>d{qfF@xbtMsbKl)E*D9XDN5&_U`Tjd>AQ&Z;Go@j5Br+Q2 zsJ}n&`?^o`NAEg>5%ADCC@Vi$CI?>oaihgBaWDwv(6ec31uRFycD;#-Bb?bM7x!)r zkPZMqbtkz~*Tk36L~I%QoYjF)+?s+0gDE>%utS5#To<96mY{59m$^r4qP(2NPi( z+ASWYePi9D9Fus3SOEn2#*W#qR`nFi2vQ13=jH_(_OXOEC6TDhj){2=vzPgIp zN0S;ZJn}RuI5p(9!jk4@JaPkQ`7XUE>`!o;u4c~{+pn(cUeH6 z<)d6Rm-CDOB?CckC|;q@PFB0OqXbP4+R;X(xk?MWO(`^Ae&PqRc0j5{utmE_wK@H(b; zA4jH94AH<@E=Mq{YO)8IPg>vHBBUkppav4wb5*94Gp(^ zXDEQdO^N7Q3J)nIrHTfi^hKG1mp}Z~Mug8wv%@V}r*|Y>kK+gB5fGXUMz$ywy;ks; zeP}t;jlP?Xipq~?Wd2^x*G;@iQ;CfDe6(Qvlb~o7TJg0dm$ndO)W;x_NGBP%1V6j$ zgF4kskBdV+fpJ*V8H=hoeZ4+@v>dw!=>cTpH#Kr}#=xV>6aOdA_lhQU;=9C(pR`AZ zn~VERW;@~{TjM-3lX*>N-#2!8?H(Tw#HdzkyKxV#d0x`b%8q67K`3xH#tvu)yL_y0 zs^9Lvq-rX+b3HmTV(=v7r=by>aAfXR>Q8tJ~2-IQ2^L>BPK&WZs0UU@?ZWE)h2Rlbb( zP-d(HtcY8yIrJ;NwtvWtqEx?f1iGa=D6_D0v_n{z6uU^8K){|5FJ6XYjO?S9mq$s^ zzLfK_K35pX$Z52gk0Fp{`YwHJ#Gss)xEw|lKej0HW(FkkX1a-fpZn1h-U4te(3nomu+;gu za1;hr?f0|jRu$pcEW5z#c)2-(XJaE`9O85}93nM#XEZzP2R0A?dE3exDS1~0R|i#f zNKwJxF8u@4P%?BhS{Zw3W)YVHv7bqkJu>R*;@>%jFr{)9WX3nvsg6WTaYszeF)}LA>RGTu4ih0(7`r{gt4XB&7slY$mqzY&ow}B zs|pxV5#mLFdg45Yo*vJ0kJf$d;l$e&G0YS8+iP`$y zo#?RdD-@tzcJ+SP+AuGASh|h{_ZW^^^a34@bRwLDvOA;|p99Z>=BSOA=Z1Qt*f(YmBp$@%Rt<)M;%e4CvK3k>yYU1k=gFroB z9JfosjP0oUAD9C|2m!=EndP;!RP}0o5{syN+?z9;JZvCm79J6f86IrFb|?fLT5I2# z{(!8x*~aSZ^l+5;P9ZtpEiMd493tmbG1%qkK&SsBD_3(|Yc_&g171HR;p-TE_X(t@ z4t%DmY<+t-oCk$01hDjCvLsTWHK>qJHfO=7j$V!TND#ADWS-o`rxuI~nv5A5RhQuH z55nr3miedllCw+$HK6?LTig_i0TeTNoGW{Tv{lZOa}Gt|Z8Dd%K?%lB{K!K*o`E8A zm;C711~FkC63bin-JOkv@p$P*{{!hgn`P!Ie(dU#fbXCXT3*Loz|wkPyQ?84BQPTr zzWd8DV><>G#^%pm!A&f{EiU*AwVyKkUyg^J9C5U)q^)pM|Er)>AGW~w!IO*oBZjsG%Dt!}4`3YHxTVCg7ga9VWpUbROZJB3F zHZ~%r8{4yi=QAdsTxvNZDjz8=#}}xkzZ8_t;2Omd}%_CZ={@jFj9RP3QY!xzl!W4_a=*I~B56 zsd1p9%v*aofur0~%XG%gfd~(M4qb`e&m*A zz-1mhn>yflWG%B#zT2RFXJ2PQV=*Ni4>~1z9fkdjj_Xv=r0Yx2Zu9kQrWgA;1Me#q z{@coyi_WP`jnAga{hAUUsueka#mb(*pXPOrLx#GF*EfwW(fEAfHaL`V)vR%P018V7 z#wUx<>aR1W;p?VqYFN%<-#(XQdrC_gFv$R8kHglUv+>nOLpgfayi72n0jcezMYuWG z**7OklhkpKiQmFw zZeH#?GIZIu*mQ93Fy66HE66Ae4EH|5odFhWw-HT9cE+<{IFjLRld-MQNmgIpc~u!H z;Pg$Ln>VfR1ow#p`;Ah?x+G=Q8N$;1ur!z#{5%*cwIP7aOHCP_k^o2?d-ZH;hv-*#|zvYNG zMjJr#pzpFW)TZh2=y7_yS<7tKJ)?g-+mKXhDpOK{5aH*fYL)>U?)NuuPh6)N(Nb}A>YOOh)80Fk zRaErTYRhPs+|by=&nCF7w!IFsXSB+h#?^D|4q(eTUKe=9$S7GP(5 z3%x)Jy@nsD+9pOvyI60;JD}g!dc~O{Wg;v2UKXI;d)CF>jYx@2--uZtBgYm&VD?rW zCQ3y4ZG=lt3Qu2eCZ*rg`@^o-#JHO2GOk zv+2zlU7-#Rahl2MYmV7}Mei7rr^2%NsTm zsnkLBeHs8Wj-ZU6M)g2gN|J!BBx{YI8P)H*?qfhGO&s4|XKPySthXB6lo#Lq$yU%lGn*pGT406ua4w{YH7dLliI5%D@4t0)JiRWyN@%N(sZ1*N+o=*TqA~>{m5<^0M>U_) z^;ZFdh3OiuX2%k7lma%Czt#~$f4gMS!C$x>c5)AGbA4PPB5jcIIT>HxDZXIu=6)MZ zV?!tCFwD`2ilIF<3*p;Xzu@z@k*$!a>THA~n~tY|pUid(Gdr&-m}5ky}=A^Z6o;Ld(c0g!d;hJ#a_S}n^?b1RW1YE}I3TEGis`EKq_vEx}1_nr4=MxlM* zZ>IoBtk)V2CYvf-?aj-)R=(%J$GNILY>(|EHIx8EKfmBZoOj8oRqtPTHY1bj`>A|x z$s@L`TlS%$<$LE~z>)c%I9X0)uo!5m->-W&?DjY;#24K+-}CyZkKF7Eyath=AHvpr z8%tw}n4@JXuc0ZZ+SET@-eI}gy{o6AgFtSPVQ3D#jud!0S8(k$_+H#ml4IRA{cSRm z2AP0=SPMMc?Z)lH>2Akj{Ddz?Oy8VLKT{{p;w|= zBCoBObZ}4+<~2&faM~L%MCO@J7Ib)AW-iQMc{`RJm@wMgtzb&tYcs;YI?`PQH8>^p zN8=nwN=uInjfFs~!dKhgo?iizhSYB#Tu^Fmq$}SPpke1Y%UmxsBV69%*|Z6HrM%Y- zwId-T&)658|a0CLqv; zz1S@a)gfBS&0wmX3dp$9S|xs#lELEI=V?CSxjo8bF}4qS$?89<5oj@u@qPn75That zk)q;Rtbx?;rK7Ahl$3uy|Dg*zVl@336Vp(*ss(qgiC8A&>k6VA^!U7B%6r<=G9JQ; zR#_eCaCq}21CT}XQqQ7E{0PEY1|5;d<8qEsrB!#Sk*vYEs%~=wus^A&zPwWTD{xpu z-NU;dQ1~%5m4*aZO*Mv!>{0?#N^0B4tFFa>@27Osc*jtoL#^;$rYm(4pY>6%`tc2! zf;c#K(x`sV0?UsRF5&D*m`oDL&iUJ_hCE=Jh8Y6mdm8%+^VN-h`cXlG*LPZ(X?PqA zxCf$r$yHy8tR_KpfBL}!(Sk;MZq^=C^TnA#Oa8;<)q(&U~mTUD6FdM3LqiyDkJJ>g3rr=sy!zhmcoH^*q903qNEh3bAZXE*~ZYh zhwtBK8EK9w8zayG#@1VQl;_P}j9+W30|YF>92{<-B~1pFxSCB^U3-8UC`zFQr*}1g zJNs(9CZ}^Ce*Y*tVqI=&ZfU7ahLwX&adE0j+5Udyd>O;X^Rf3oWZ72*t;3Ydb+{Vx zi<{k=>x)LO94qPY1THHK$B6rxZ*G4MscMAXe~VM1pmSe-WV7~(Ww;BaM2iA$bxCRGBdIyy-A@x z5JRGf#G&Lg_V>TF{or7YBe4nWja^*mGwvpOcbk2d_4aX^gWWKof3u>Uz#>X&g8W_W zl+$!!vtl$sVU9Qx!nwTbTRs5%PUVer3xcK+TB{4i#VnVzA%asnV%;O;8xnSgMS?7F z-a6(AnOvrDLycmN)35MRDUV4yxUJtX-sqS!!gOa(%cLHF00BpZ+zN``?!ZTG>CkKT@_M@dn$HJ}AKEj1GC zsdQsrPTLhfVhfBi7o zg9j&z^XzYjm9P2lziYPTpWL0exPny4K)O~cqum|G3uvLiSw-bqS>Y8fvT4m3o=Iui z#IpLSUYYZDRc|?liF#5Wldc9025&i}sw4c+P(lM@HvJs<^89!PxzO%`_0_*o?h6RR z+yi?QC;n)$J)=G3tgirbpJv|@lRey|8rqv~+d=p}ktH|)J@3BG7`+KlJpv~F?F#{+!6M1y2PXcf69R#*_#SM$*Rj3` z%&}CK-FTS~pi0Y;y%mRH<8gH80cvNno;ko6m+8#vywcz^n>9o~gzA(!w{Crzi7LTH8U^ypK#~%tr(80fc@CRyJLm-`YHpaQI)B z9lineH{WEX+}}o<3dk z3B6+Ie8AnW@zgJ+ryd<}b?o0S;fWzYh}dDXT6Gv8m4)YWJY!^jui2Iw;t3usJ*(N6 z@grIH5ml_tbNVxn$J){e_x5x=TbpT=1Yf(4M%n_8`OKjW_KYbO{05pG_UOnMmsOv1 zHUy`ul3vq?nqs2r*(-~2d--I%k}S^)dvepYGSz~2I1JZd3QC24_-UbCj%17ml;nvd ztTt^3u%g0E59rbY&O``&oGZEUEi?p|;R~5P^5X?O%rPn7tq=Uihr1C7Ji2Qk&{`{) zc}3Ts7;{E*aruVQiV4-M;Mk@X_1dUQi9;Yrl5X9$ zw|C?ET}=xaWfou%`&N(!7a9geO^b_jXL&j^aQf=MCu(b(UD!_*TJ2bCKw6G6+Utwp zU+FvJm>&Oqm==2z zT>^bO-oWM3-A8m-P*zCDkFDEvI}AZ$B9ndMbFIDu`e_~D&1jhJqf#M4oUt2#bY>GV zW$bOl2O=37w;_WIFqYPFnq?ORZ`U7c*76_l))U^pC#oP{-dC6XhR$@iaUj-}LHWS# zJ`sLceJRha7hY9ZkFCepHq98pf>c-phREQX_^y#s%9zGj*L!W%6i5L&=55*y;Xx!% z6nZnTnY4|Gk0B*Qn(`z~SCtnMCxk_?FIZTs@6eCkMsoy`U^zhK3QIT7lE;s*F<8DX zG|k;P40UU7R$GholotiFs z`2fYu;Ep`2b#96|ovuq6tUE+^X#@uhzZojIM!qPyW13zsG?$e`agmkeC0S^Skf89u zo$gQ1SR8GkC$ixoICv}mB29Bt4C(IfcHuIg&LM0VN$IdiHKAg;zIr&Q5PKvQlQ}LX zte*%|N%qWR5*IDM1$V2D3;%*dH}mwZSv}c83-yHeDF{PC+K4iKfCgI5=OgokLL%ly z^J!@9MBs^aI;#`YDe}*$sG7<;-~vr82XJpjV!Dx(1RvSpuKGN!fHIH25HbVL_JP^| z@Q;;)Uy*f)U=LXguc0O7JmI7ruix=flg(;dTDwE%^;a9FX--euH57Q5V6cQ~+a+;$ zz4|SqPZMC568Qa$rNx$CMo{WYOCgyaKjxn}=4DV878lligE&U%3pM7V{`k$e;QZ`@ zE^!WXAS~?IG8FIuvBAgsUYI?vtb$iGYO?z->|?Ca>Qm5`qL#9pXDOfO^)llD_A?Ev zs*3WM=^Bk$?23u&1Z>b-C9h2IYC95=%fMBGPQIWAC@n3;mqpFd2zz{He%;_c%r*oM zMG+>0SmZD(4ansp)0&<2M2x};edP#qcDSQPi`6?5ES0|W3^{?CoB*c%vIw^ycA-jM z4wIHQqrTZU=oD5n!CGUvL0=P7eH!W6)BM2aC=zbdadtzyD@WdZ?Fkrajr}SyPQ557 z;su;IZ6(TScv^ms5JA+o5r9y+tR1qmPU!#vQCu=y|2A1KZFbKRQr`U_lr7MCBh}*P z+yu5zgy9rS^UqSTrSXyRB4-3*V0@gy)$uY0^C|@IK&Dk)Mu3p^J6F>jHv}q1eVOXx zz&wUyNcRs>sjx)+o?8!i9JU!Rb2P#kz*wR)ZTeE8H zsvSI;_ZP(RDFdZ|1b)=%^bhRB!_AfkWT_`iVC#9q;hY@n{iXf&LQ{ zs1#BBi5ox}^VsO@z8gKeLrmVoAjB|XlW!sGJO{iN)a*m#_} z(x0r(iRpy}h8mjn#^qegrbE8-)u-dx>tq8<*A;ATs>4qC2M@@2u?)vZD%2_z z62FzD{4Ys)q9If6qjWiAr5LqaK+|CK5DfPwJU=S*8;t zRk4+3)+IZ&N&boh41(w|3J%M9n6(k>C{7nEdv&|~jUbZ~(EEC~`i{?3WU8nZ2YXoJVLzM@dT9%%(v%yAPQ zUi!Q^v;Zf5@3%>GGXddsvxkUm_cZVB)D;b9iB7?_ZYot6?}iwc2LkT~n-P`XKz+Knf zRKSGb#06Zjh#8xwOH5&9wZBB?jqw{qFDRIoAFdmBALGwj8ocUrFmyph%#p;d0ruw) zm1M@8`w3ZB-^T2sY;Vc=I`#8ETfoO-Z=%8&qHz_2VkJa4OdhyiO0B1aAYdG0?VfF}2E#%W5q`bX&4T|mH4L_olky`ZcTALJIG|v#v z&q>dq`B&&ncF1@LObb_~1Xx*E(q`32578@B1BVX*53hGjWKtZ~QsRioJzKS(^g#vA z8q1X{Ja*+RThq67@zG<}#qukk5>V0C?S^#)s;u3UvMyrqx%z_zOR}74zo;rJyRYVQ zY@mrJ`t9y}fzt^f+qS);dG7ppYw+wpu>jg{6gD>U_&^YRY}Kv$u@N#L`$`_!A7^NW zjM3MWfZE*lx%wHgGx%C>>Q( z$|zW@r-6N?4$uNIT8_1fBV|< z{OH5g{r0x{-r}OGP8gF{+F==}hW_`}JV8izIN55rp;E_e7nWOTjGL+{Vqkuo-qhUK zoOgQp?QI8RdaRNK4{1WWt7pPPJS{o6a@?EC`MbPz-R@{y6F|y~uB38Jf4Oo!|I=Q3;#VIGtL-Wwu=IP?{Rpi7g9l-19#%AW;2P#@wIH=>tJ#^N(;;myWaM@gS^ zy4dH;`Nssi=ALMDC!Ksb8*{t_-)<|&SZ9!Gk|Z(`g&P`aI$?&Tze{KP0qvW&Kxq0746QYa$8y+8kai#Ur}vL z0k3y4-dALIMB7`n2`-&kjho7@QXt-CL;!D#I7{2rMPP?nc!jS5&L{|EaRo;@Uf!VT zI*hOzU^fQGeU(T3D;eJdX(XK9gQcc|?q>_08s!@2=~~gDpaZUL_t+=_KJ`7GK*e=U z+1c5I39+a&G^?$EOU4{DQ{oYCb~32f1k7Y2*}MufEdx*5g6M%A&&k(zD<+4O+KEO2 z;e|!me~d8oMR;OwGJHonZKIFlrx zaacpD^R{>&i-9b&AZt*6`f5fAA6CfsX&i@ndVY$9iI(Q#V(8>*L_l6XhiMR~8t-@Z zDW(NWi!DA#QfdG7nK-!V2=UIF5A_`wDz+(joQ*7=rmy;phl9h!c6&W`eB>!=E3l41 zld9F<9FLrV_V0GwVFv>Xi~p=A0(B`>lI<&PMUp zu1MJ#NdJCV8=RS>nfl$|-kDz*mHt{PW;=dO@$C+8yhHmv_4~i{Og1Fi0+5v@qVE*4 zzit^!R&wkIjPp^&ysn)s@3x}GUu%p1xuGJD&5m$cWX9 z=JPmJIB_>=9ebRXVIas7PK@|7xcM_1{d-P2w95=-U2eFntSmLQnh1orC{8v~dU2K- zt9kRXhyHq%?=jn^ypsE8Pya!U-}`bdNNmXgq`p1cx@Y75( zPIdlg`avJjWpnH5zU1Y_35eT!9} zE`9-O^6-3A)~TER)SJs4_K%_c8f+IiRcuPtKf46U>2wODPCCw7Ku@d|4^q9~E%|>7Ktu5_B(f+!FdH7Qmlhg%YE@ zh&T2aW4!{scE79rXluQl%+^^Vo2C=~UyQtndge~joTM;LLpwIco^k)rsO;Y_^aGQV z>>>T1o%RAL$pb)M?Ej*pFX($*lnBzll-<7sN)Yk^HqfSIbsSdj_7EV9PWR$N-Pgc zPJZ|FV#E)OMoj~0i64CDwrT)?dNJ8+dTLhI>sqDU@Ho;)d0zAN36&l^Yhz&F;g>%~ z(97c2c61e^=Zu+SARH{57yb;hv?OA1{y_UL8la02Q&70Qv~hU`!!eSgqrFJX$8aA) z7^Fpy&-rC$w6wI=5dGk2*xDwi5*yuKwC8DUfj}hT2lf&_`^2ltS>-IgFPPz z>5e9<>q|2J(H-83v3!G!e-%&qx9)Vy=wly~965Sn{K;UyI1q#;LG0OiAVpFi2on5% z@#LQ$u@%4*rs0R+OY7=*Cf^+#9Yp|s!o_*5d5DN!D4#ZU_#~~?q7aSz8gkz0{`zGZ zsKb$B9%nmcAkFj-(U!#ohl}C8kZf|OW^3fA_IkV-%izFzx3%UxvU`tT&7XCB&DPms z`o3{Set3-TDFacex!GWQmL2lcb8o`iXZQ7~2MrW6Q%-iA?_#j|b+{}<+O{e;iCR%v zDutG8=icPrtn=f;{-Ree2q3_o+4_DE%F|ted{lgq$K~{g^P++J-wQ6k^gcM;*@woW z2&~8(yanhoMd6Qz_Rjn{0Z*$~D=P~apDQ-&7-;)ZN(=>hVz)Z1qVjYMR&$rg?>#LO zdaJxLC`e2Ubnmp1Lt=&ZLwtb>AX@8!e@52DjWak8Guntsi}d7fZ2?Cd^K_@n{|_m^ zzyY9~1g~xqS~_EJ%1BxI)lFey*-5dn$wzwKrdtZ(e|SlL zsA#1~tWN_z{QbMIms9)y(o&$@dVg==mW*t#ccP~HI~6N*g`*0`9?xLcCC%Pu(B9FC zm;^W)@JQ0%#Y#Lt(9kfa;LvQVg!kWq_5n81|DN*00SU>!{{Ii|?T_r5cO{8R`^FA9 zZ3P}Z#-9n}ZZape|1sgBGF`1dTfAt5>P>00{>22nbbeCi!f#oF*;keQ{E<`&(m8^I zmj!rq7i2#C#(sV@(p{}0M9Ktsr3vD3!(2XJ=hFa@z;2Q4eo=~h=YOQ|?|ES4gS&cf)OskBlbwC7 z_Vr(V`3C{zC3DwwB~zZCJH7TYDKt6`OnokVUJk256kKc3{@as3g-8|#Jj|M+>h(c^ zUAvx@YGGG~mUA=zhjrV(blBg0AqJnx6pX=|zR!8tQ5m^x@mS-^Ov=KW(2hq#zpw`Z z0ZXoqW17MC)z!z#{bo}1TTu6ojw;Je-5jXFI^;RP%d7q|dtKkjCIQ0S<_icmE8OjR z8w{B#S)Px<_d(4xp~0U!&QHSc5|q$>x8|~X;C}s+{T{Rr#oV|e%^J_D(F%I3<<0+W zu8?A~V5-r@Q7)gB{CE8Y+F***vFQ72N6W8CCnkhlC(%ORI~NXzaU&1-$Fsh$k(q)Z z0+LP0aQ#neNr8M{xuKDA>Hj(yztgkJ3@sMUoYkC`;s4fqsqw!eh4>VeB(y(O;lK2w z-xN79`n1{fC*6Ni{O@~43b?DbIQqV|iR8q@cXOwNC%=<+1`({|pvY3W)~WpCuU|7t z!I4u?f=tR~*i%~;{Ul0yAx7N%-|c{YvW|8pa4|@>GCl>`HjKq{xl!fy)$wv?%vx3( z3Op(=>h{xB*-lhmPg~-*c*UOI2_kC>?zS-0WRt3wYVkl>%+0>4Gqu8(g5ioW?f&>q>}EDO5Wn>F<#2?{8_89dM9y;N$APnG|k0wh20!#Qy( zneG4ONH8{lVi(qi%979j!;1z83Q`s_`If)`zvV>#Gb(6`KIFY+{eivRYIu_%{H5PU z&^Yh(e=rz?3*9Aorvev3n&1aZ7+DgHkd;@|iB;piY@h3o07DE!~V5|;-NJC5ZO z(mxsC?|a5RIN9O$*y1}jrR!oQzwz<$0*M%Keb9kGQc@s@iQZ4;BZVC(Xu5wizLEKc zTg1zYPk3i%NAsDAnR5IKqxeP`5Zh0s5!5JRr&0V)y@ ztz7nDGgMCO525U;CqsdSJh4RrZ@h?Onn4OzHn2<0p3`Z-^mCU}U+ert3qlmhLPvv0b(3E`C*+{4^3^xUr3WIaw8uBD1w=soh4cySs z9HRWi%;++?U%q?+1?f1j>QbZtO4Xh)S{;1K@U~%)FN6&;5Mz&>_IiDB({4GBkB8&( z1n*Tc`(SWI@J`G2l*jNyg4}5AC<}Ujx523$kQcQHHfxNXjB{6VvQCz5t@*7U57UZc z|D5AuXfPiwAnKaI+WA!@VaBUbDJDw`n;#)V;Sh0^QRXb9a30DF=PXm}w{M(CE}Y>G zaCrmioK;$w2qj&h1A-nZQ=yXvI4~cTq=Y7}p!ImTi-j6g#C|ENRA|UasUBzRbm$~i zj9;(J4e?#e*$K3NUc``!5{4Ad5|oe_=njC1A>g?=w((gyylYc_n}l0o>5Dt^uD3VE#l^wF!HbKFAWi2IpX{1US!fedI26%ic4@e=>#^qP!ILZ+R%}J~Z3uLlyK!Mj})N7KU|vsK_8|{|aBEhzZkNR9qbIU~OGVKS;-Q zzRG6ddHquUmv1Oo0lBvwGCxLjp@t`t5_KY^akYN6gMYQ&xG5e|1NMc4bA^Wvzs0|s zI44scf$DWh>UE@$@uB@{It)X;D5A@V%D1D|=}=Wx5=+MsHJRWr zNR<4`p3ixNUNz<6uTA>lf&6|Hd!Vh4yHsd^vU62@ddQ5Cf*AhcZ0QNUTYLj~AqCBb z&lrTcvD5b34S}H8Oc_)+H@7)$2Sg99uR5)mV-wQY$~q|V%actfov+>(YaL##KaxvF zF1AO8?q_mdSUujV7o?{6_WY#)3ncaTRy;|48knvY_uf#`SGC{ZHj*H*hR4UFB|>i8 z7os{^fp-7vY&Xrkv1*mBj-sON!+uFgNe0~2 zUQq*nY7JRen9H(V2-}IG-D!v9JGthn&KK^XMysXZMe*yhM}H{zi_1%fjypqEzK$0A zc*0bMwlna3tM-Z_^X=iJJ^9qpicFEqsj6S2W8{Z?;_It-54UhXj0@p#>ln~sq+udq zph{C9-#oVTgWjab6M@`_eIpH*j$RJY;@=QCpW4#GZAp!7rf7U5iV1eA*7Tup;0l-Kfqwq!dwBysA z-LROwJUK<2nLuJtBbKxEl@kei?bot0Aq8O~QX=MEV!|>-uzR=#{h|eS52q_GHxS^S zuJYRDjv}~cR-04Y7HAC0F>iDjy*^yqKRVhFkb$Ns)n<~Z+AB8@1?Yzw$e*Q~;o38A z*CQ*b{&DZzYRB=mkObYnt3`BP{;OLAA!%ffpoS`qaFGx_iO4kiI$iTQdd{AJCz^u$ z_tfgE!BLGtUw#pAE&RAWl2BIK>3BR9@lO|!5yr-1V%T?Q<_!cR!&(d+d~uDsH&-Op zdsM&lFer)JPD!p%^Qh;sk-BSv4}JNYRmi!eAj2!a?{B5sP?QWK2T%2wL~}k~3|g%= z8jAl_bxVtSnX&c+?J;?>(wYYI*w4}7*AbNOn{5Y@1^re#HhOpzjIGRxUp4FwLdjO(G>>P{P3X&HFpL_V9U#dEAMdCd$26q=sbHwzF z#-m)(^vi^J!V*#FCXjvZL^eRYtXYf+IuGVkZ!vLnNsf2=6W53do`p^+*`?E-!(hMX zN}JoIBI(!Qt9d|7+>!_~UvI^_slcPg!Jc#_2!KfZ-|jqw-3z}N!7R_vqBOhJVqnou zQHn09_w&PbCI*GVc+Vpo*~m{|$W$mbJPv0{ZMM&g+ZB3SRP6Cl-9+PgqV=;c=#aLE z4m(ga?Z@P#`!S9+a=u1FEyt_r_}8yZtHX(_w;i{9;}nsr!fya5^6Kmy!xTPSAT*~K zdaN&)m~>Y}pT~AVXRG$qZ`|+ZDDakiyB3Bk)Sc7w;k(dM{SLnZcf@Y$^~;YG;Qw?U6U0o0XnvV=5%gT5l1*_wK_|O0rqKtK zn6%)NCAMLdfbjq@s4>3)?;J)rMQ_H2GxQImk4wNWG^?S65GGef{9}KQ=GQuABhxd~s*r7Ng zB@$(rMM)7u_=0@DVwo?y=iwM`fn#0UJE;B^+HLp=7Q)dC*)$H#{90il1y>h8V=)wl zTLJfi3W9@2<$n9NH|O=q)TA`ExrbX>S9iQBQPf|-`yxU1#A>0oPm8e}$TGnz^1$GI z9&w~wZ#G3bU9gvHwCuVWHLv}$t@i?@6Arm&dQ>br%F%f*SC3+{JNZdbZxE3M^I;fN zIxd00s`vUZM}uVmoe+DK8B|*8QmXB_crSACy1dJ8D%OD3uZd-;I~c4Qh-7Ldl_=~~ z3O~(Uc9&G;8RU9kcsci{!yYR5gwmCN-f`QG?Bxrj#Wo{8ngcFl5Kg+Hw+$BK6PB8WS)31oBg#@oRELrKGiO~L`)<#UzOz1pUy4Ag{8UqN1uO@2 zToA<@83*#@AawuF3VyuQ72GAN^U_Lilh`%)O7#4dK@J%m(B9aHMux>A9X{fd&xUd~XkT)2^c?TvwV7P9vugxQhSZhWkqPwGy zr56qpjiO%DT(KEf93WJVM&Me%9mXd{T^Po>#qcA#8SyV^Vo4M$(DjD@Cw|!sg89W$ zFGu%GzjE-9*LlZz%?>SEA>hLB{=?VtpO12IOf=4Sblj$!MKMJIRJ#&a2+o9zfipQ_ z(zT+cWQyfF^UF3K#<6K2s-}Zm?1gsf=&FXq$W_UgQ$siXW~QU?aF9GDW#sB6PUnu{ z9>%gij-PGgPyJPvPg(pMy|OSEsqLWs3-@Y#k7xFXq7FSHCPx8>eH`rH;LXxfQym-e zvFLG1bG6XVX49|aMSv2d;A(0$qVLuF6b~cUQpa@?e%bF?Da5bw#P}E5-8s$AT_KJp zYp}Cz=crgvZKf=f&1lm=*)Zb6QG-X0;JQdyb;D2^4(VULy8}yWv1u!bsXdgsn`0-LfS@rLc*-J=?oX_z$uGmYJ^Hut3BWKNgHSCrFZnZuHb*Y|bB|S(f!p1|50E@YSAdz(2;gX8F@XV6- zi(V9CUE)*{4s0rexZwSPqOY8`R^&3|HoR`qtKCJ|sH6L67wA<0L;~_W{;(vn6J-P- z{`Jc&fsKpb<5mDt0w0gKej|W#RON9(54GMgUPxR>koK|@E+we5DyeGWhEyVCA+7|2 zW{Cn1fuChlo1K1r1gx)OIJN>kqlG_$43mqq=-ZjhCKLC3G!{)do}-BYZIh{3qu7@% z#+C)lQc47P2Z@BF>Ayl{;5#(a@5Hy`abO!C=O9^(!?T$kL}3zE;A@T(RT;K_nnsfE zL_26UN^3;8HEs^qXF_Y6dN-trDp1D@mN!gNZ}|Ng)EBJYhB(kt7?lNzUQ;lQ?u zE@EU%Er4l9`fFdhc6k0pOxO@bU^v1N;slSxCcbH<@V*Mu`X1SOmK}wlg1CInIScoN zgXXX&c|u6G4T@7BP<0VMnP7D*#Qt`%(K?(KDsU|4hZe{0&XXF17qj~%JBAVSQ57uC zaV5O^N$ev~iHo%OvI;Xpw!%d;X*89Arpe6i4vQbpywPgehp zqoDAxt)3OUbW}uiBw7JFK(!&AK?%8jGZ~u^EsUmQ3G*kw=4~?2kcPHOB zZyIf~vQ}RH5JV0{JX2?Vm(k5#kVlC)xuA=Uut)q2xBA);8@XIKSKsiiRtHRfPPn-) zQ5_LzY_w9Z3}r)%BWXl@6DD?!SWHF~4Q?w#k$WzO-I9wI2h$jyEfa_|kcfMiFk=!D zJ2{Ri8PyLCL>f-#5t=d?P6IWK)XoN%DT{*gH`$EF35w_r#X_2Cltn+`#K~Y&!X-qC zs2GdsD{y3ojV~?0z4(>vCSTPmqXS4GrP6+=xWWF9DHFsQ7=oQA0hK-QPAG4i)bTu|NSK*zVGbm?_A2dDHPJ>HHVj@9tR!$I4d z>VS7N>_xos{2+AUP6OvS>-BKt`8f2H{(j>*CfOw3qMM>*w$&;g!`RV+g;|X%K-O(Z z!Tf^R2~oFcCyEloWzy=_m)r+wz%+oaX?x)hazjaap}n57HOFU|oQ}fx3twu!8D90A z3@70XSg*9YR7kY_T=iscUiP{if6!4;5u4LBStR!Rhj}gWjrZwJd##{ z!>TV&!`k)05dr%CPCSJS;lk_jcCQp!RdrjIBZJvLL4gl(W)r}iy*fb%TwN3>WnfPU z2H3QLY|LEkVMfzn zhskTO@}a<>&J^*$z!0I&<^+arJPwosyT-#}YgYz@BdgjR8q#V1H|aS| z`SttKz>ir4gd&HuKrfN} z2W3iB&DXUq1r%<43Gr8nkt{*R;+1jZl_nL_@thGjEx94&Fo!sI*pj-oL5jWo`5j6) zNN9BqN|`gR=pk2j2X-AbI2Z?&xb(aZZYd(>ze&VyJdCsKmW|G&SL|jlqmzC~RfU@c zLWqG~ycQx-XoySYiV8Gs_*6vnU4VoD+j?sXqC{UaRnv!YFvZO_&PF(>Aq@oAt)C<| z)6B*9MEc0SkUpM;Hd{Hd9HNHT4(s{c?#NT+LEOLenn^qWyxRGxsBG&=)6!WG1!IPp z1!Ap8rG5v&0v+$86`@d{tho6On-l?B;GF0>%C zw#PoCNnXwNhD>!=wVm==7xwy?dbfquMi8h*qY0eBWXI7m{KI$~ioosDx(!X@e!VnS z?BNU}!QX*(*#rWrqOR3W?|VO5DSTOtqq%D7V3G13o1pMeO!~xUU&wqURUz0okk>Gv^$jESX%w1Ps@&xKMDo~Bp#ba_U(aS63Y@juny+6_KjDrT+0YK z93|}!I4n)jcoa%pl!{?+X8ZVT@P9GGwOIQ5G%5f;Siv<<=al9kC@p<16`qvQD}*S4Iva`LbIu672ZLr$76V~ZEjJfC2|swzzhFH|JmM+qECfq*t%%9 zsyGL{DPt>K;;&^mDtJq@_gR{lBJ#-&Ih=Oo>l`n`8(A{LhS1HGMR#{Zf*K@LF#5$8 zYg(6D-GpVK%wvT4|HHc}PNB0A=9cGR8?KYdBfRNS6j%hW2)-3&=Qf9%71|thdkuX^ z!gEF}7oP0eT9bG*Rfw^FEnxH*=N?aZjeF69-bbr_9*zf!O_OOrhG-FoyTNHyv>%k> zCP|{iJ2boChcuMvWBF@Ho$&Np_(kLK@0fihLkXR6C-W<@JLso`CSji2bll9$M&ebN zsP(`3&ivZw56$2Uhq!jP;Vn?_(H<*5>>z!3TIFUxw9&DIgmhuwwsYx)N{62@H}i1# zapF#7zPdDcpxFDsKovQ%cayTKX-2K}-Yv56m}t}=-^a-erU;M@7Dsx8ceG3oygQq9Gu%q)*A_co znM1gK#intph!oZxgkDln`7{*Ob#|+>qF-9q^vl4fraYhWAUQ@)DK-IvM%~lXV(+xW zE9CEt4=6FLhbf;iY6CJMS;%Q>p#Dckhs<1QDgWH;o$_+!W_JAr3Sa719`2i;Lmv=h zg^C_1FR2h1n`Wp}k2V?OhQr5(!&xLSG-hfy7p@AZUS)j5gBWg-3!2BRnh_>6d>h`C zJsFM-T<#r4x7?91cS4MXLgEr&(vuh&!ezznhAmUt7d*68v2^gwgLmv1OBDZ1B|lty zpXI?OyjKV|IcotM8IXKJNiFg-h8~m!)tu*G4oOB&qb&1lBVsz9gWXc*NUfouMv~CF zgYAl6B`82AVS@z>$&1R2d$dE>ibd#LJkm1o?`2jo0C0oE(EiL&3BcwD$59 z(|NZjm0x0c-BC3@*iUiW?4X!z(hxGOzWK|Np|n6&<6uJ5NIDKEHFdGog)zH*3Yui# z%FSA3Me+n0#AZSK|BHPvzg2rVIr-sH+1&)BGuI}Oz=x-q)Gc6vsa8A+oGOUYk^0c7~!(hrfGUv=$n&K0nu|Mwq|?C^j*GIrE`0@1V2Ddhg~z8!Ii zQBmLZ;)HPbveT48Y5WzSc-}`oVgo6U-BqC)rA)MFD>jfI!z6_QNohJgJ6(mmI zm#Ninq@|?+HAh_h*@1Yj(uWVP%&DoUsAy@OG!zsRjE(cwd;>hW>m)u|z&%SAV%TXd zB!g+Ru(P9?oSl_o9?mwvSe*?PF*Bpd269CEn`u3siGS~6%6{Bv!85fh6oL2U0bcast} zR%#*1B(<-Zem|;to%dr$jjoRu{`h=5=!={%pjk>g(0Sma=P7xO)1JaH>q8Jpz4O5| z@b!X_8w&>~IVtIdEqgfAl&+HLLB4twGrS;_moNG^nU$23q}ycEldJ}GLG{wnA#l-d zuuul7^#hn!M@`Ln5U6wVIeh*b(EW=$dsrvOKli1|&-QkKtHlIGp_YPz?Lk6&s#i5A zU2ShEEj<{HquhVyJVH-Tf4TR? zd|(!k98;2#B!^DYm6cx0+-^p)PLFJ3+B&c z&a*DlU__L0)2~HuhLx0+jTnQI#UyL)bKWT*0T7~fsBF%z}Qlp1KgR29g%Xx-uRn8PB%;!NO=qDhuXc#8A7JF`z*(X0jBhe z4~meY@~_FZF->wZd@ovA`%$zX5EJB3tZ*0<930LkcOe`@#x7^;J!zcgs9Dn^B6rI4 za~l2!JtjlZx!bv#xrXO68lb`#8}!KIXfsg|TMx!(jv))*LQ3F;bNx8(L(9z76`k9F z7QUm?K;dIFSTB=W(j=@adHb`O^FhMwUiFCIj76p&Ocuu?d=@=7mWO(0tKiFIVtJAW zITWACS=um=^IB9?RR5){fjr7*8=tp;~lbKy=i!7&;q7(j%nr0T?4;Pm&rPYdAka2SYxREZY zG=4UI&;vdq>@n2$>8J0ISh}$9qfsdF^=}?!10G;kNqfyOg(sI-Dr1C`>3XnK)MkrzyU( zX^*;YhSOeHs?o689tYcP7>OFU3q9U!Q9W)6KR%Q1ydAgit=O4Kst)iYBLjosfEP9h z+!==(Qs35@=ZhhK%brO5W;8tfhj>E~63=6HpB~m$fJbyd7kdN_N>tuZj%>k?0qs1YKEqn{_NV9~^abQRZ-JbYsq6-@&*$OOC+dAR8Pt^|`I+5y^} zBVs{>3sWtd-#^>{iY5A~cMDc6?vy*yP=tErm&ZY5P-ijFKr$4I>a!S@SDGh|R#X|H zn$LeJC(SuJqgx|o9q=5ZC8Hr?bvGy}$jSurs;rkBf~66r-M>)FQHc762VXP6vf195)d0ljvAXPOY=J14K9>d9+t}&u%+M zFdVfsdMY59Mi>n?)&PNz&^gGkfYBBR?^{Y>Y- zY4Gfw>M{#Duo@lQqzJBo7rP?KKEx+-<_ldrib42#pW-c``e5=f z+;UFvJc}^z3wiOdjERfb_6|$l0yi?i)$;X}tk*?S>kx@2lYQ!M1+m~9vpVQZybExp ztCqxoqRz(Cu9il=ENcc`kymsIIR}`7#QWM{nd~Xsis$%I#hc-{(hCLZ(6H zC885wmf}!WmwkpnK^jN$t3?94KpA=Etp0hQroKD8lizYS<`?n2XM zuNbxHis$n93+TJ|_FX?Rgv1rky`*uBvLHbkl$S+@+X;lZjN5Gu9Hf;{aayq`CqGWF zo|YGO(>lK(;f`9M)Ef4@PXjuaKB+=sx-Q&Cu(-v9`jNblilI_q%XuO@`5TO3T%Sn# z(z44W)%RT6Q1`v)Z&e%+bQxH|N@pb>aV1VVl&=LSh!C%V#oV_9FU!grM(ztxzTik0 zT`FN%1{Z-(7<`Z@K5J#Qo{4Tl7x+z>f!hLhHKj`Myp~HZ&Bw;^O1pCU#mm!O+wadI z_zC0YuF$6V7M+b)A4IrNB-jcZSGvAVcVO47u|JcX#;p^)niTKP)(3brsTdBsLACfD z%Q<~dW*Rb~RXkUwIL<+Ag8Ei0bPxzu)G!?b92%e~{DUs>r|;vw`PXG2{}tGT_~35v z*)cJ)__eSlRN?2D_~aWUF7H~@Q0V}vnm3Qpm&1(h)L zzu&YC2Z@THqk~Y%;kdmxEFTv$?D;pd_@8zW6!F!KwrscNE@X9?cUuYgvrGC7t2&}&n-Tb$Cn7G8B#|#K75(uJ(G-Nq==p{HelohB@^h^iCV70Z}C^y!^ zW)kCH`>YM?b~i|t0S9@P{F1$rZ{2WA8EW0`$U=Xbb5(wdq?-^MpX3W=!S}X^enxK6 zN~RpiVIgD02QQg46hQyx=G)FC*+?W%6k{4QF_h!iq{S<=RRtV$+XMV`IK0G+40^JyP&;<0gMs}Ln5VV;QexRyz@NDew|A~ zo&tqt41)hJ((ka+l4V-~pl6cXaOz}PaxM+uH&j_!5&!e} z7EBB=MUKtrd3{hx7%`A9X)~HDUmqOrUZ#^;gC#up>c!H)g-&Fc7#pSaT$MU<51HJ2 z>5J>o_lw&mZdhnJ5$qCgt$Gf+7Y(=3=|9i26dN|)^xK11<%)e|M4rd>X-}Ipy@q`V zydg@Soq9Qy#7aX!*k}h3&;lXg{Y3N`+-SKmuRqcuzv8Nz2Sm;n$vwx zN>cx8X=VleDAgOHIA<@a-^2PY049cpMCn}~w1gZyMhB_^V7S{J$QQ)itGN^S3^DJL zl1eLifHo6jU4)z745T0O%p_1gYYm^&BYnkb9WOgbwlsJqh!iK!Il+d=*xxw70-CQ} zO7VNfy06ICB*@?1Hj=(=&|7-LnPADYdo@$E_dSE;MFBQ2&@ixGExu=gq=p^L2A!F~ zcciz&(pOqCXu=O{=Dv4dvoG{dNuSP1!{L<#jN5az=sMdIv3}d+Z%Y9A;|Ie$U?@zU z(aaN`(HuKJ*X8W_&(pS)4Tp_sT1}M%L$c)L^r*UweeH@db04PY^AK zt-9|Kw>Q#jh-N|5;s1VKSkW9CjP47~Z_o>2l?wDLB!mitPMOwSCAL)R!vtfiANb2J z-mxiTrS$96vzHRRB||*y?V=+l(^G4(F%~sG#1r(3{h}#PhB{A5?XQEiB?1mrKCZFE z5*Hj17Z5$~e#DC;?->SRQ^p>aB|GTqUP%af`>TqdTwl97VsXB+QJDUNC)K#%?&%9C zQ^q-5P3Y1y*)@N^&Grs#h}Utun=z07biw-6>vN5#G7_-Su|}PuchQ4Dx(sN_+e$Vg zYUn+GKIAV@8i?*Eya|u}fN>tPf8FYGL>7a?q8DbbOcDhLFHX}A$v6>->>en={US5p zXpLJX*nY=xTA(2i7O|Y$ViF?=oU-lL2?&_7#J#8uvj|o-oeo-*kK$rom0I9sQH159 zO~#C0^SQTWV2Gft9_#O##x2}%7$Qa(4Z($w=z18?uozJNg=SE}$HlRb(qFY}BcilZ zqUfpqU^-Q3^ij9~`Y@|N@Y`N~7CDHduC^zhD~N+^=;+6V#(Sd9uMGi~GV+jmb>v~< zD2ce;>*iY`PFwc9COh_w3Mwio{MgTbHm=_&JdqSm3;B%WW~R zH;_j09a4AK8KNYda<3>XwZ9^&h7ATWVqc#Y1|$5&_I_K&R8@SSFh+0^5fWLNs@JY5 z8a}$0y0KAdjZ@+h#*XZIbEQThxm=2g%}Qz!GxlOQ16Mz-ZI9FeADKUq{VJcGBTf1&3Eir6P)<)(-T;{XvCO230aLV@F4AjWTKZ1ld$C!GQO<5~AJVq#)| zanKTW*C2kF!q(J-<@f*`#$0Z3k}dfq%2s*ywwIC63elv5YQN;VxfkXrYK7NzrPf42kJxF)kwws$49**SBk?@;mbN9UKVDg>Cs$BtgH)J z8Jp5@M?9BJ0pzrNS}Zs%?AD*?mSSW^K*1ry2&3e4u^8idpdIvEQ)6x;%N=|QumsaU zqA3K(tW-0l7xG#3GNz5|W}B{LpShyTZfEOjkSpdq=aEv25JA9FC~ROsKQ}DkI)Thh zTh;#lR#ya(MK-XxUiKVO)=5zP*GR8`&%|S%Fc2zUc%f^6ir_5s(?kh8f)#gipYaB0 z!|hu@Z1Ro+@NFw9<>vw< z2-MuEDHg{Xk;)Qo0EwMFIi=xmCnqAQBJ-?gn_1ZRi`CS!-q$oH1HvPsq_EC?y&qsY zR`RSJqan;z=vpkt)EVJ)M`%rK=gk0XFU|_U`2=B;0c{$}bA0HY`(7=4@xhTUXoran zhB3aX07SCIeOlpL#N^-X-*bHXnZy_squX90=kjuE=-wu(p~mA(xu=FUK_g=z|^Hy+Lygf9MfI#!j0J6n`& z8(BoE#5}E{z&VHt8PNh)&wn^u(39J7w(2eNTp(rqG{_OjfE-MjUQ}~IzKL}kiNoAW z$9K1%KSi$SWWuUOFn}Hz~qHGv&Gz@_ez$U|x!69>?+Z zYIFbSzUiI;kD{Q;bky}(^gWVc)<36^bx>?Y?_{u(`7)H)^WJ}?2QQBW?nkdA4O_vP z@g{NZiqR0{qPYRk*z)6DQaV;%U%sauM| zT>7m!??a-E3Hl*^r5onNAK@3_5r|OGpr9Z_7sHa+>I{lj5v$T4)>LXm@!~G(AFH+a z)wUVckVm?a&P#P!v2w6SOu$AaN>HvmnX}U8UeZb^gKzPWbe3-vz`BSI>Ng1#U^N-r^68C;|ALYVU1 zDHc##F$j)*tJQY!_PL-)K~6$qr~5xCehxFON3sSstx! zuPD^4k{D0XUzLdLf4S}i)UmB7;=d@#x8Xio^}Zj&xeRc>p&-68c9JJ9_=o2q1IrV` z)e!#9EbUs%=gPG~6H215^SX5$skbMXg-1xs?B!72s0yW)Q)A?UUCAftCDCekV|R?^ zJERMu17Hpp3ONLi#66Ekl7>B%&TCfNd`DY4RS*lW5O+{DG3cxRT90tptovFB7bI~5 zEA$Y9W6HmwOm{v~d6IKPc{tYOo9N##fe(NQRG}wi0eX@GrB|Kdj{)7}(lGb=H`u0l zigeI&<#Q|Cks+0yX)(C!E@$3W{DM8Kgl?ZrCF-PsA|Xy~J?M?1N%J(GzK-LQDC#V^ zfun0~)5N#<9ZuWNS`}vH$5R?8$0}04r|CC9O0@#9p`4L0bYfQ^XL{2aOxIQPYQ&mc zS+l6XR>Z|G63a4GI+2ZAP)4a~ePKP8G>X>Og8bPT)dbXKF+jE0YapuIgaP_ELGTKd*v9S$78m(eHB_`v|AMgpAiKW+ zt(*i<)n9#69Wx8w|3C`HE{tYeN;og@S6$K`#yiMo5LP@zQF!xb5>^dP-4;<2Oa0d- zBp~GoDN41WV4_XSL>PoJD!3K9yqClkiPqn7d_hX1 znk2EUZC+Jqicwb>MyAvWRy%d8(iqx^?)K}8_{5#ldN<+q7?G8hcMz4qVcBce|E+j(cL z`E0#JCbVvRJLrjk`Dyu4U)_N6Ad`%(61-m<>v}xjQ$)p>Y+W1M^nISYl@;=J7+@#E zzr1E`gT@0~slWYQ|Bi3ZtRuj4zICIj>^h!KC-91k;L}1HLUpc@dFHRg_0gh&lsy`< zt-Msx;?q@K?`_XOZR4nXCYM_$nd3O*v}2{;6ex;?`A@6^OeG3Ni40QsisVL&4gnWZ zcwjXHdG_ytc>zW_iZpGqSUMLYX~|>}3eS7P&O_$POdhw?Q3;wU+5B-wRhCA?Q5{M?SkPx=K1Qu#+4z(E*}Spwx4QB;*OY_& zl&OysMfgvj-Rv@~5}I@=;BVH9>Qz>)3Lj!e2A1i|8mhuw4Kn1HwZFZ5cfB^d@m{M< z((y5Hxvh|zDE-g3Z{lO6Bdh*{+4!w@R3#Fl~vrQ=cBUd~n~^4|7i(g~{^#j}Ft zDd2#k{FFDt?_L`QtUg`ZdEITEgDjU%m+j`_UZ-3fT)O{^S(R_C_Vts@vG2M>U1mfU zYazxvdmwHygxzwTIM%jO%Qubt5V2|N@+O%@NbjrZPZF*T5ir6}a1_O5H2-l;7$hPf4JcP=UC*{Yp6u{>c-8DYXb>c#(2W{_gajVl>>#I#oDjl4Bxc;d{+1Aq8s z$c$wnm8wHgr%p+sGfi<3uQ*k)8Vw{ohw%~HR0U;cBX`~`x>ZRzETQ>z;oH~rg8CpV z@6YRzgLqG~%ick>7!EySP~8wd0Srqzs+St)NhVifKY`GoqzGv%MZ}1QK{-`8!hw~n z>4sl&WnC@-^kEkE&G3*e5-(Ba%QP+|S>o*_TU0yD7FARciYKIh%osppg5deplQ2te zGR~q*?b2gWA^y9qnXj)8!U4R76(yq2M0Ksbbz5U{j|z$ zM$pbwo(tNC8lRIuK~Ia?^5W17+H5a~K;qhW^TS9Xo;Sx!bK%m1y?wj&B*nG0{+8Tz zDhDVV&E&-;cu1iij=dr+uX}?-myRdYI27XiA7RZVj?qKy)vT9nT*HnI4%LoULcWS! z0J4+>OeZZCQXgiP^K>}0`!3}9P5!4<55ltjUn`_F-1WJ&Jx29~3G`tTC;YAsxJ>$9 zpd%4nW*v)9{B$VK+MM=KwbY82`W8QF@jw&@BRf?qctd24FhWG>AeXmZ#aT@up7m9o z?9wHR2nY!0!g<{QZ2r8sr~_FRZI<2;ro$NFTHpTL=l*%gi9knZEnsL(oyHb5WI)Gr zpO63j0!#WpKsNMq=;EL|)~^9l3E^!sj-S z#Z=&6byu2z3aNF`Q*A)a7?}#qlxS1?Ar1^14#!&OrH_K5Cc+xn!i(`Vu##iyr zocgtXcyv&$^Vw=d_H6{g)v=#4YYh6He?YQ(y_?BTx-w$9xt)ATVqp{DJHP zT_y(ndW@D+nRH{QSh@|H#K-@D{y*AUH@TDuU4gh4Y=OII&N6y;n`lgM5bl>`W(FLU zPS)vYJ-vb?M$OzOwoVyFP4wWFWYa%iT>^ZN{-rY7F&*7n8B6gQ15Xp6N=o zjo``_-sb&!bHdAXv;%#ek|3=xy-OwOKgwU@$+gz55m6hky$jo)}G<^?1azfc& z@`FN+iOO4aIvm*NwDK$nHZPD_!`G6=i^AXc`-ft@N^3$%fRSBfYg+dL3HIAlJUXMx zPfESde~2N(eB$u1RKKhmy`9B&D#m-|Fv_ghhcOZ*zbI4O82j30V$i#Q_jm^t;x$7Y z7jaUM_;0@sKrwU>L%bLPn8yD0*0cRByyZnVVK1e@9a(j4t3gX<%AsG3!&t&*HTZH5 zqh$XFvu+yAr>3Tw{;`7^!qE~gOq1E#4cmtE&$O0V>fGDne3sdnU&Snjw5|J4)$OW_ zb89iW!Yf&u+Umupm+mOb=*>~LckPhT3J~G&;3C8}6^;+*5nkq>zg%EC8q5)FWVhw8+$cXm?W~`@*w5Ew3u*J@BIOe} z#(UtNt>Gnp9mBJHa&F40BXdK9pmUs+*GxO}jLXP@=u7CwQ-wDPrhIdq%gC5*-732O zf&0Jt-v}`vIHR)2U-kc`FM}Q2M8^nLBY_+FBy*7E#7$6(JjTXbd{0qYO_|Jc2XZ_{ z<*&l72SIrUH+J%yRAn4y3@&< z1z)k=K(zQXD$nm7mL|g}P&qiXh0eANee6E)K-jMxUXK>IYt2(TMW7EynQ}f#FJ=!C zoRInv1SgJLJrjKO4ZrY=A8OYoI2=2e#xfunA1pZ@k{?%r|Ghm#uP67Me>W>Hfau`Y zCgZAnaQZ&{A4dK^a1`)kD_}LMV6~ML2@hH@kq+p>nA~XSLw8rJFAN}c0^q;d_8$}B@BDq;khs)|YNCR4;t8UD3p#9vO+;X@dEbTN{7l6eiy zZ%^wdgfg^bY>1Oy!AgRHq-l*V{-Ab}NmB;;^ zET%BtD>RxtHl>Yqm`B{PrOzqi=&4emIwr*}#l4uTqL*;8$}(oiAiCQ(FUBWxSUwSk z=6_u6e9!Z6cU0YzF_GQn=aS9@F7!J85V4AmIFqukcU+>Fj!kY{N6=s{S0~zgo)#sE8>1R~0@2BDeCgyyVI_Pv!NRIAh;8G1v-ij&2@FP_U5x#+0xf?{L`&dBqWYgUEY zZcpp56+Zi@bXX8y%6p1YCHuc|o&TXE;2RD*nx;8L4fVj=17bQYj?~6yw3|-vSXdw= ze89nGNn;K7G4>$^0i5_lkUV-Kx{<-|c-lDhrsL-a%=xfzc1|O8KShn!@hpBq*Mp=K zg8&JgI#UcEafQ%8MEkHG_UAYE-%rd4I*bS6w(B&p1e8t01qG&($1`#hb|=#EPgFlH zomMthrg;}}+pj{m1}d5~h*EO;&)#mv%GRMaQ;i_OmgH3~tp+g(dQAyD7kUNPvvz;i z7KZxV-Kw$G%IauA9q{ie-xH_WK4+m~k7m8(8D0&pXu`y?bnf1+`1f{>4FzOqY_D?( z7g57S3_P9k-gbv{UGr!w6Ov=sS{Vc%+QH|x2&{B{Ps3XdqTIEsQSLTuctPBC)}B%3 zeQ|i0$68DgxX&-G#xv+XF(6dun{vQ^36?jTy~Hf~Ib2Corz5 zm(GX?JIK}3WW?LIfmhq^=xokS5MGCo+jn3{PbYz9Co|0SLjnKo3ljKcX_=j96V4_r zs^K^Ng84)+($$RS|5a9g$KMRdu(`1eM;_r#0o{p|vAD>xx1>8>(Q=oP#>TwbwXs)1 zy0){t^-G3fKrJ?H@8qEai%x8(T`@%7thcpVUQ11{a-%4wz?eE>R2%LMXEpFb)z!JB zX)VqTIAKknm(M^Y~4p1<=Cs& zD%2H{~22R zQBI6}Ade*GzJhbE_j9zq^2EOZF&S8m=wFd__qdttGk?>84HhJ1xFl$I?9)`iJ%#83 z+ofp_LAY3$1?n|IE5a&5UU5^?EFNb@J&1WTftS-xs^FZcj;5hFvng-<;OfpWwp~Jm zBV!&5pecjsc4vgLLw#pV2~%FomMN!raglqWJYw0DMvD~ecqJnJh$j*?%mZUZKlBor z5C)s$-=a9;)b$+HBp6PYRi2yfJARwBI^W?Pu%}4_9xm7x|D_Q|$=ue4&tap*#$F@g zw_UP2JYOc<@yK-33c9~k>i;kr{t@EcO$RMe@=$pi&+%i)NSp?BP@&r1r!}|n-a#FK zy*C|!;ktId)tm2egW>(_B*|ED;-{X5Q#IJ*ufNYFf0EAl+~72%z&G4!Q;~mr9^)H^ z{N-+xrE#h8Bu`4%;#UQyqB)M7@qBy)xlW@oZ={3O;bD%CVVvW3w1!>=;gU^dyG7@ zgT3)M|B9#q)L{X#`T2NP9D?WoP~)QnPPtS}xeR+6Uj05+Kku&~Nim~kuGHt|_43tm z1;2I_w9geNvIBT;d1x)2?0G@{r6MrN2#dkz$)C~VbgXlMAvt9O77us(852tk_l37U z>rb#Ar1Aa2>kPcLMg1UgJ5k9s`o4yDN|NrE4nyu-PojjKJ~yYzlD$@hBJlmCTGf%;Jq>&f@AX@+dRe=E^aj83c?#m~>w2n=S9tvjSYw8!Amgd|`Y(cgRA-0f zRXz7G!jv*N`A>1|QERaA0IQn>oQC1&y`g(omo}&Go#Z!5TdBQOv$UXSyUpFm+5aBM z^)Fr!l*3kC9^Yp{8B3stdYnmEE9&+YmyObXQ{jRHfRRI=5zxA>PrB7QPvFbyCKVA+ znl|(vx8{4J8KiZQrka>L%ncVLWD)E5BumyyI$5Rb0i!dG!3OR7<@L@eTG?ttdw;@> zYA`iMiXtQ~oA7c{2HvFkhQF|eIiDuBE3U?MNc6t!KB`G;*o=wt|JaY5bhqo*J>h(J zg3O;&A3ok4*#5N36GmIDGg=r=NteI(_G0J=&FcaNFEIj!1muPzVWLdq|6arkQMwmQ zKE5Y&ptpYb>zxc|(z_lljb4*Q{1g+)VVM_JcRFXn&%(>oq#<8eI287H6snROJ zXK8xHNRd{zH#AWynhJ<;31K33?S)V{WT!y^WY6*>UKwbuicjk>|2yY5hT2KUc$@G&y8Z=yXjBdE1#0=(Ynr0wJ(3}jSBzf#_G|#-|jCvO`rz% z{#i)XbjwNRbN+Dd%2CHe+cA)bYFH3hN%UPXW7wJou39z`cs{u7F?vk0;E)?d0G zc(>wdlYsS;(~Hp!|M~l6Mjg+KjjY&rCe(CPVkMKz(_T1fgC}8GX_*S1RC(}H_+Jsj zIT&!DYt@oL_y`e@atopy+245*|BknR{}v(9EkmBR+{vf@hJqX$F&khC%g|tlNkUgN z3^biKq*)AIa79ZGDDO+p53Vh~gv3wFlvkf)KuctXD6s7Z(EAEOe%cn4wVHC>uOt4~ zQT!!{Bf%jk%OpY0D6=N6QBT*{qCp1lRGU;-S`)EBgCa1ip&gm?XZoz>)#ow%wm|Ujs*6#fj|$p)Kupy($1al*O)RxUZ*8R=Qg2gUgat(|G#PYkNW{; zH~_uI`)IIBKx@URv)QLH%RBXdNRt0MAm|`RFcB8=!40xKkLSshz7q{2N<0+p|1s77 zxrYBU@ciR-w!OrL?{+k!o|F0Ppp{960Dc1D)P=sQ#>#|9Ae74p+X2F>T|CqILg|F+^pfwKnEME!O z$$9kT`wLLQr-uhYNrouusFv?6Uqw0BYpsR>swEx+{Nnltf>@Nxqk}Whe;5x*I=|MI z-xc+FfNs5vdV5CBj5RK{BC;44E8g<6cq?un31cMZ3ruY3YroG}gZrL-Tk8%iC zx$<6J-&K@%8a-6>b6*jC42bEKx@S`K!aGwE6xYE?=&htni0aQTRV%BuCnE~Ky1Eu6 ze}RHZ6EBST9LL&Nh{!Rpnt3<%AD3f}^|b z&}TTROcaO1EjwK$;j*-|saver$%zMc2zhi^{25G;QrVxR(SJ+>8sKNEoDqplN5o)J z^)c+4_h+<FJz`!ZSxd60yxz z1O?}OcWBgFfAGKh)YzDuWS0je1Bzsss>Pta`YSu<9~)Lefx|usR%?DDK#m(`I(}~? zt1dOdNCe7GVR1zBEo%GkvqKjm9cq_Mw?E8=BN>in74%BT7>T!ol8YnYbZ zr83M^)Q}G&R#`C1;DabAwr$(mamTjZvF)T|+qP}nw%_h^?>pyw@BQ6>_FA*noU>}w7^5yY zlBwEU0!frHC@O8>J&b!?@KF)bTB<9qKG1oBmqaw3JBBqHcB42`lSS*jcu(i3P${Fp zD+i%s=BDP5qsYL&gX717b^{1A#0p{;;uFf3uY@%m=M?q|Ah)Cg9aw<9mzx(ALUPZ& zHv1rJS-XFhZ~uEx{si$2aV4Oyyo)j^yrPep?$Zc@O!J!*%-EE^w-|`$aEU6`*u3(j zpeoi#y7}?FyYOUCki(LC7z6^79W@LIebu;{-NFTZS*_}zik~2*#>@U^N+=mtc8UdX za9$l`AefI;)atRrPUPOy2ezT@50PO*ak4m6Ap(Abk}x(UVllXntcCE~`WRW@g!G!sB`9>iH4&+;v$t*@nQM(H4F7a#<%ijUmmSX?B=Y0|2(T5SS zGMzB^#k?BkPs=}t+!V!UXFV{8JO&TDPpP?7cO5-n{B~{QesYnp17idf%>ljp(=HZ& zFA_$jlj)PjO%Tss*9{-vzA#x09pj_30QW&XaE7S>gk{`txMXLq#!GrKT+5yX#eX% z?LsD^qyJ$V3RFk~m)PbPd{r{Tfdv(!0mf<NxNNk(e)eQtyCO+078{Fx|DbOfzjEb;+Vr{G=)|J63(7Kl6(dhyT>IFW87k z6vhS2lY%QKye3^Lh2D}RI4otz1T!{1lrL?lS*kqcvD?=fQ9a=yxIyyw8U1KkcXX_; zLk$^_E9mt8qI_z88jg&3B9fG?01t`yzd=B3Cq~b z#kzZr9jshSpQ|Hz-&rFmT&&ec@HS%ojmROCV#)^M{VO zcrG6~vX}nuz{N$Tbec}6P!I4jPBon$$pdq7-~-Y#tLynkVSa3UawmPt{0s34KP$;+pBUI65PKx=@9gr*~Krl@H7q<3??~*O-=zzt` z?fMSV=0X_L)Nd9xsBhZlbEZ|*&Zuiwj6R=2kB9ZyeBBXlH1ghP`6Wy}gKE~Z4sjIoBpm7u`; zNVQuyp5{N?2;liL3lIOpv_RYTxDuZZ9Q0pMlg#c2S>9UVu>_2NG?4yAK?>za?;T;!};GuLdjR)wkg@=ke~(g6&L(6Ncf;-&%qtQ zt$)0-9R^E;>d1r)2@AHla?cWuh>c(y1Cc8I#~ihce=9kpa$L`sc%%RcQY}Hfb_I~_ zcL~N=96oz2g0D{|DV(@6KlkjvjV~iu2CmFH7c(ys18WL&;!B3%P`+yhV#0)cq zS{_?rv0QdoF=SaSV^JfVNTDJvT+cb*4JwSKDE))7d?yr|BTLt(&vBlD5+MTV5Fr6U ztf4@R94SoHE!VeQW!|?4G1y0f{!O-mDbG-R5*v(^CzOz>idxX8Xzvd)3dsksa5hsRMKb6+z`OBt90a8JIeb%kYODh8fcFu%y ze?|SNTo~b_Lx!joi{P7UvM!316ZZ6cKR?IWd|I@Q8O{;jp1@f-sdsRrgYV-0nSmQ4 zklF;6HxWlUPOd&PAM6uuw#%&CAS%14V^Huvtj>QIxUlS?4es9WivEaXy7$hiH0Dl+ zc6If*C(_yL#*VHKMhvE>a?sQge{0+VRFKkfo(s(+Wk8jfji6QGsB!K5+>;G;&$r== zDg?(gaxs}!Bs1{EOr;TM$#3#;23Eh2I3Pd&*fw%ul8V6w3T}%fqc{bOFSrsalPwbC zedn$^`sOVpYG!4HY5!UqB1vb)+dLBk6f(ifPxge++dka>TZUjNR|Awc(i zzR-YHi!CiQ*sYg*+i0)ktw7>vT${m+jIR{r?L|J4i)Dw+(HcIbh&Z< z@$e{FqEBT}zg!kA$cD^*h8u;a0BOvQ>R5Y?;oGoo1$Vk~1tF0?BgECyO@b@TF(A3$MRr3!O@&r|uha{3X9GmD9ZmEC!R=?80W zWic{3*BL3;L+*(k%%qJZ4os2_m9Q$=R0dZZ4=1yDHv!}<$5UiKvOoQkgKrbTFGy$+)79<2sPAXKaNO6`@=Ct7zY!&+vAf*~Dm5uP}DFbox~Cow|qckyM6&17of9p*o|W96w0vR~k%<+VK*>z;6nOYweuOHnwk zj#>-O`Z$){TyfY`+2eW}Xf+vb?c4!Lh(!|p@^KVOS;0427gQw&P5%wQ7tEdF(8rQpln`$aUr~$*a*gA1guW40ERMN zs-UHn)4zL4va&7oa~e2$8bbCipVl*{zFrt^L1ZG8nG6B;*!LCBp>-Xv(}P<^JVN@O zX=8qwk&f-@X;-!i`!cn(vZS;WMVJ&~OG2)I_(CWT!J=)d;@AB*MoF z$l%_u@BZERzIEDc*z^3~Om)Owdrbwkn3-8~`(7{GvxY@lTU(K+O2Y=Pqfd^{{k=j1 zhyrBwhav)0ixH2Er6aOPTUuJKhXus|C>SF3*-~N@_i7&={UlhvJCaEV0 zgd+g10JgwY{xJpc#qW_pDD{CqF_gd&JO#Iz?#`PKVAVPj1sdADp2UZK7Z%`9GbcQD z0t)eNw=AAXA;OVBSODJkgALs7k0L~RvNRjO|fS3I!cFda>wW2u>oQpi6>A(1zNI3gNfqQ#gOVY->Qp^W}6hT@Ha zl^sfZ5q_Q;euCkCT-vnDP*VD|6S-X9Q|b*L$i#$#r5O7cK=v&W>B=0zRbNc45~jLz zFy!_hmu#0In~vBCg^@6+&8#CzXb=&kFUsXmlwL_C03dJy5|6}Eq^{a^B!4=#CGiRC zY;O1vsZj+pvs%6kOX~_Az_&E9?nC@M*dA+HKE#3@!l+N)rI(Z?6g7iMAn6yVuRX*| zNJ;B(SU!8rU)*D>heBXPV^e_%tE-zM%b9&?fnKx zeLt8Cbv#^i#rL7~T{nz9%sr$x@qxYeBF7V}q-pgG&gInE+L&Nf4zFIm9LNwz;t`GF zK+m;`3X}gq&8b9{L^yeRo#}Q$;R2iG{=gnyrzBzz)?n&;&c46B;6tZeucY}Wf)g&0 zxO>;BQrjKVGQ<1AwOKwx_@gPGqI^&BACPo52Rz$vfsG7AT3I+|@m^ z%L{!>FyODxzh+CQMxA|Wv7L^r$5Fy{~Xd%byi%YtrRWqofUlfOw6 zBFJFtdgh|D`^Hn(vrH0+=~WbYO$V^KK^p!=D!-j_D9dzJhXh&y5|yIH%xZ7x`I<;W z{U`gjh|oXMhJPgyQoyMm9WJ>G#vw3m_1B`GEm?dV2lk@O%a719GG7UWfhz}OKD=IR zq(-cI(!LFE;80Qa3t{ko0mDzwvUa>#w3#d|c9T8&(<@j=8-XX&MZx}mq4o#9XkH~;1!ZSY-5y|-gBr+Lnk8!v}9Gg5U3U?O~73wXt^ z?$S)Di?@*0o>r} z3K^3)(L9FR>z-HPWM#ud0(_j$8QKF3GDqIr`yT@0N-B{DVJgfRVg)c|}x zKq!3G`#JCCNu5cLZCqnPw~+xS$wNzQF(ZB=~?gnZtH8GD4G0c7+h@+h?)K)00#H~a|<&+=9^?dWZ&~I=&C&jBZ4l} zmG$-&nR5%#aT?)-{I|Y($FmE|mUH#TiHDFdL`XlrXM6zGZ_;VlBje)e z=#Ma>;-Xcvc*Etn_4|Xt1l-GrH2pNNnA8FrQ&&9S<>ba1c`-tO8@&&H*328FSJUIRo{d zm?v|9k#<9gx7Y95i%HfF3;ajmoNuR z#K}ugLso~}ZC@mXnONTsP@^y(_5^}47QIf6&bkT1EL-`>k%ty+yZ(_q3eO>1_-{Xv zeRDP+t9RH@b!&iQY3fH&eRl?Ru1Q84YID`T5o80Mhk8%Sj3XK8WG~(&8t&UeX+_1@d~89A6(;J} zJv9&^dw=&}wb4e67;^XcXpgmg4jV}nsivl?>O7LFcyfB0NTV(_vG+4uQgMi_Ht~C8 z8&H`fG_l|t(-$t-_1KeD_BH0AvzVS*qjSv4U&k|+?cIM|1h(Yx57-^c3^xM+w8{1^vq27WQ+pT zVz?n8JssO`G!b2Eyt(+%{Zy?Vrg!yWbYYg|--YF9>fiosQ3{ZL193dR8BojI>!Hk4 z1t4}7Fdl#Kh&X3gc4kcq5ynX5*QhI!#;vZ<#YKu3IJy66Y(!HKf0RiT`sN^yk92(Y zD*GuO(SvuKEv8>UxV16Ob7=n9_}MEud!LyS>U-zT3%ctrA$xfFTk9u3zyVC8Q6s`J zjMlV_#FQVf1A)x@5K7B#TQ1~>pFOa8#3;&dO87tY{0hD-P%#7RnOeu%xs!AZ zLxauEM(S*2o%BaWLVYqLjr)S-WD}11so@Kp3<5G?g91FA3B$p!ncR00QqNhw!z}kh zkNb}H%_g?>qf%r(p~+&tY>&(t#c9qMivQrnc|>wNjDyqnWqq}ATY-OC$~V@>Qy9}K zQyh%D4sBhv?(6Rh%9<-Hqm=EYd<)7b62xs;5F@XG=rCl><`Rbg=nrmn?>)X;Y0P9K z%yEdUO}Fd71?tBnlahrM1}_+kniOj6hzTr$`~;DHDmjUj+Y@lMmc8Cj06RH&s!MM; zcA%>0ZzYIpVgd5#E%m<3DZ|<4nV;UePP1UDtkgivo>c)6iPFi#MzhbA0xCM#73Et! zY=gjeCLP=NAE>BA-y@kYVHolAriHA&nFNI$jcF@ZWL&4hYGz2CI5|7-dOJMj3NzO; zkB?K=Gc&^g+o8x|eFoQRJP+jDn)7Wk>?9H{xB>sjFAb&Tc zUY%!5cCbKVvPiOOCf$P_!30X|tpG1(Vxi4H*a7mI>Gha)UUB|f7Sq@FZM7A&w&VG# z!&)cynuCl+ni%Nolh2c{%nIc#ssx+WyVGSIVdYo^iuCD;(LgYa3??D)#hoan&k21z zv`c^5D3Qs^o@Y^P;jG9-${ns;eZV+uaF-BCK6#+U5a@bDM39|XF?JK0&Wgg56%h+H zIid~dGchg@&0>%IEgs_W%?{mSY!sFY#Xh{-w~(;5O^&!nQN9sX0w;ypgI3Nz5~ z>>JWLP)m{fOV{h!=o|;<^YHWaq2ocuvKkKQGSkX~71!g}*R~nptRb8z#^6arNB3)l zu(Y(ail;s|!l9z8RS2b1^xo|uqa>}dKKEV4NihFzK7bFNu-WzO{QSB!eS@|l)KNGk zR)o1#J%etu>E(u}aH6U?(X+H6=49H~cib0lk8YrY7j9TTe1B*g&_to2x%oLaN{4TV ztTX{IYlwq26UBxJGF9~$(9uHMtK#GE^XctOy%rM_(?v{uoCN|u zZS&&Z)!fVsJ)bPog$oY;;@eZ+rROIv1}{*t71D#pbAT=qL!+x{GtE0SKmWe2*(r+r z()r%nIiPF(nDzK@|M-648*Ep|Q9byIt znj~gQe<}AkN#Q^nOWIZP7B4naPmCBtcN+XT3~r_vH+Q>Kh{3cNp>JH|fj?MHu~Moo z5lh7m@+JL~vcFRfSAEqgn=ti6fr9urB*md06RA{51!68l!E`D5Xld+JNVl8|9sJq( z@%icLpu*KlAqH=l4T2JaI+(zzhDp7~!x8gVryTn9z;WZt<6~b7GgDI( zaML?;`i|N_)hany|A?l=6U_U2vqh$a9ZY#B7|B61Dqz* zRjCWm9}Z?mB`2wmS{Hz+fnD3wi;Ii=Don8!x4FR_Q-Du?7QaUllN(e1bRO8rfNoT1 zm3&>F2}2AfG&Dy#tX5oP({24i$hBy7e)&5Z9um7#2gPAiq1)H_FwhpOSRk;8csDyxLI^-1yuO#VgR}t|~e^j>XfYhtujWV}kalTn{)Y#MyOC?j%JC^Kw^j zR7%+RTGn*ljlPqJiy-CpD*d1x{i5`3sI(>S^_2nT*YB|uf1et{Dk70;!U0yR>J)+Q zt1Z4SqiV|o;U2j_@0HsP$&?Pp?9%dAwPFj}W?;QpUK`#1U2U0RVt* zX|a?WEk&!OP@gb{I1^5`zukS+78LONr&1VR%Dx9mL687u&Y&;g%B1m=5H%vheS-Z- zeJq7})U1}C7B)~Iisu0t>1>m?288xcXVVUni{B9ggwoqY>t$6c(DCdAbTm*6w!rw9 zN~-naC5^mb5THP_?4s2$ww16Wg(!5I zjbLTVK)T1CPKy%~hk)OIIX21MZ(jp8a?YGq9Tz=;v-=W_LR@fpp00ubbZ=KgSX)sv ztxtsB5#Gqd?48X-_@2P~-&u^!;M_EPsoDM@cCwp^qLQZf%Oyebu_y}{xS-q4$*yB& zeC(JAuIC&5z&z04B{==11$llXJI8LUQd3lC#|(Vsr-#tu7syV6tUp&AQ*q)fQ&ds0+HJ6fpv;vwFC&M^)~SfzY=V^*{NcM=O3A&Q9bB)4?rWs z@0^F;pZBVOFKQcM>8}^BI6NRymEmS+ybKZbBh=i?$O<$KlA+1~|1wUf6&xqeV^l~F z@~sfHnRy_^$f~xGL0rY1nR)I}bIgT6VEULU12hb>dGz?ktqte{V-cfsT1lc4%kj-b z$PazvC-|(`R!Ks1vJdcnv6J)P6x*m~!+{mcU1(5IA+`;j8sh2XMP{H^dD18z;X=VD-i0@d5KAt6*CYmK1%mULx+58|JMuPUK(8wENuIG_-L5ZdsP*MkGuMs(cqKIP(z$TPeX>02t za6Xr@dHAIF1!EgtE`hRFjhC*7nfA>$-yMXh4UhF`@h%H)RQp?~ zF_!lWZFQaoopXZa+3@m!`{Vg)ho|VZn}j$&;N(Es4sGZN)AN8$VNVNN1^C?npmp5e z9gUN+Iu0<=zdrp4);53!%+tOu<#V9`-Cm8`Q2V2#49e{!Wq}#(-g9H3S(F@TBBv%(Ve@SY%uZ0sBG-ztC>N>G;=esZX&^T!M## zj0Y4IQ$=8OSbCoLNOHf_dbaR|l_{5$Rz~$BRjUyvNMyIk!?=Y+DQkP;ly!epu^B^6 ziuU}{_hs{n|6V6F?nkxrc+38KD;zNGD|z*7mX+ ziB1eQ1Ng#ABGQ3LHez1vOJGua&9zhEv+9>9L5viyZue-cYBKyL&ldLi=sFY zInx2`>05dxiG{>%Y}QPo{5ZjbiMTm#9=A4F@hOQEsqB#3SuBS|+IwX^>FJ}IvWlG%Cw;;&v z%HgTHX5cu*moO-@TF18HU;Z3gBt#%js06rNnn0hJJ>H_Q4}3ZCStcA^yW3Zk@ZAwL zj`@KXtKY!t_1<~mVy%1XN9(m6ibPriQWJA%06Qi@vmrT_#TxuxNYimdNKUMVJT?gT zaMnG23Sya6`~hs+&33qG^%Jso>WwW{IKz1eUO~VC-m8j#(f-7Q>8Y< za*9Z+MmH@Y4AOOXA7uTw*M#@LeyPl8aHGx$dQ4|7rAF)Es6644)S3!Ps{E^)4E zA8ys{!u_Y)T2HK*__nyH58q0_Y^FnX?+@%vMK?8h!ydeAB*F9~-OtB$H7elllyJJT zFg25xwNN(ydk)O--nN1v+7KEwNBR-K zLzxu+M>e>Qn9zLz7lSL;HTau1sis6bQ;b=r z@w*#`=t{pXa)>{e-0mH&$7SB`OZSBr@}Vf1B|x7_0nvIRoIJNwWR3!Ja zyUQS_39oJllRZ1=&x0M3S^*GYDXEy7V=?SgE>EGk{4|b+sMIbRP%9Q@^%CWleh5LZ zJI`aJP*@b2V`kTAAENBRa8SP5R-ex}RAcP-@o`s8YAp^F2y^o5 z-#t4l1AGVjrs8^R^p~W1pWh6{_op$O2@764-`@kiWX&%akFvKM`WZXcT4zmO8coPn zzZvhjHxqXC_Y{UJ2QKP7s-D$;HIEa8&TG0c#T11@*QNsLji@Lt#yF_U%iA^oe2U22 zz+Hb0m#@1i+NX{f51926_I%3Ooc$pm4RQ9~d>UzPX*s-%@BV89n6z$miDAZ{xDw!k=h?llY$BoT!pnql!{odGQoq zUKNUx_kgxh;p94`dIEKqr#@mFXI0;vB)$0DER-6sNOK8e%9mS%QbPQU)F^kxwOh0K z@jQ<7-m;@~>O*CJBym_#OfFRSt_-w`nW&~qX{e7Xd;9+JH+u_rkB|Jyr(-XGYx>8O zu$a@=OxAQ`1RRw3jszb97*lKrNfdbCiM>_q;zN%PXoP840h|$t8bG@(ue7sX7OTAt zQ5}xzybEhp-JJ_uh7&z(C*adV|^bm835$sO0umIR!1ceUa+Bi6zGc z?5Fax-%1YTe5=PWPt{UzjrV=)F~mm4-b?wmnLW3wJ;mqkjZe2_SN#~^UoW@s;VaBa z1PcA-E$C@`*b-;Q%FJR1ZOE*e{)RDyc$W@4@;Y|%>F1=Hwk%_8h*RGrdQRoFPLGv= z#jm>JgB2mm^QjHggY?ro4MPrXnZ`kBbjkFY))x0@pU%vN?d+)hEUWjVs8$3~?vmFw zT!(>e3VL|1oqG^%CHfGhJmcHQ>L>dJt$ z+zV%GunEnWidkc6J7AoE@HASFUpkKt#{EOzj&0_W8fa=*QLp@yTt?Yuk^l~|i7{c< zZ$d9ZuaWonuTtz)DfA215)07K*tBXri8A&otB^&Fo4fZ{s1g|?8RLzFE(rblQV$Tu z=UjEj;86ngbGBi^0!$aF_tL}M z0pvW$C`f%JLELTa2^x(6KGpP1F-J-2D7Qgud#dYSxUNSCc$_xc@8X#%5O~<=PnYgq zgDMx2Xn508OI@@_V$>2|%>-ZU>x{?6HJB>?$%;8zo?q_e^LV=^Ll<7u@2kdU3MsPJ@u}xYa-E?TF5ggp0G0<7dV`b zUhlO(rJqM>nvufI8pFOXiER|T?Id;TTV&Z!EDPCNn^_fYHuYlA>KUo8>@Gdt zLzOeLyo^#xG<=~OI2a&(%LzhJFmr7@5n+RO4Y#VGL0DQs#g7Jb%+_vO13%gXwC#+Jaq zZrkK3kT}#G9zYbHOFx+7*3_3vkIK$)9B|zXciB2soeYU8W^jMSH z>Vp9xq`;8Um1zKREtu?H$p(gUgMb@FHWl5ztFV29(7DOu(DGa95p9w5a89!q0VvQG zaOFTI;0py(1ta-dh8G>*)oVZY`R%7WvFf8Nv6}ACj|%NB(~em6z({Z6Sy(1^+?=4c zi-APInBQdAj{s+sb{~zWva(3vH!vM2sUJk-6KAKW7-x)T!szl|g$de7^kA(FP1^8X zKH{paOKB^E#TL7oq$rnfw3g7tb5sl$9s9Qkk(W12n)?xnBu-;8(h@bBfTM#`l?w1_%_C$;a zkrX>L^yz4a>%RdfANXR`QCJ$rtet_AF>Mn7&|XobAGH3TysQ6|>z%~1LIi2MPFngQ zM-`D&@imOM<1-{_g7dO%So!xor>e&e(z^C~l(h%q3OO>gO=ay!5aj*I{NVh;TwC37 z{*I<0%A@+}#2(sR!|DfA98IPey!64s<=Wc90!LZ2!l*lUru~Ha;3Q+5t5HayJhg5Bit@xJrz#N0*%@6EOGKr2a#LYB3JR*Nl*mEbVF78j4C z?_k@fe*o9>?65a<0!fy`7eP{r&HzKjxk9bJ4Oj`QcD^wyCWR5+pQejqK!s;o@mk97 z_4QKZy@a97(0bV(9w`IODda*Rgj6Tab-lHE*DH~W+ei{iJYB+sgnlAcgwn8d7uIb! zXP$X~+`c|Vbi6-kN&(c`#w^r%M`tw~Ie@j6Fd9t=Mx@W`zK;Ek_>&fZ?(X59`(;VQ zn5ZpVfnE?J0v)|Aii7_)%AD;!o*8}C>hUA6#Z{$`55KF5M1sg#hZmS}FR`~6DV#Lj zH&sVW8jowx!5brVeYQWhw!slyH4dKhc-;ptGa8;Y%xt)fUzKVduYdlXUE_n@Uw^qC zH+%5sHzGfN2)r@6_e&FA6QR%F(0H~>+xLzUl&T#T2Nc%67%<|iqFu%90_xD{D9^-(N^jFq z-nk;eZF{gBN7**Q`z7<%DH%!Uk5aD;QQZ3#)GW4&^X-+JuEAdwVP}(TR-)-_DWU^> zkSgyy=YXn>pVi4&?)2amS(~GM1Ao};AEf4Z{AEoiLa|C2g(`Zy_Ie6?9n?oT@&{GF z;c3H$8{{dnBwbtH)w0H7dhqaWoJqyaE6?}Q21qHJmroN%dKINh$B*R`TYg{FXHpqE zb|2Xj#kW*Bx53Fhyt_;@_O53|zf#SMnLkP^l_Zia6gHTJ5!t4re_zvylGMeTll23z zr%s8bFRCdjhM^&zV3M_`H0!yOqJxYEP2oeo;8}G+7#H~Rwvs+O@C(RhJtA&$-LB6Z zk85lW*gvWoE6wYe4e#ov`mdpYk-~%GpkX7rntE=%tE4fg^468?z6mmI`ZUfMs}rR0 zK|ou^H%wse(XEtz`!h3+SNxpsKyBxIg74!td>1iXgD{@bt0M@)Bgw{*xJB#3=Z7NA zBX7eakk6loZ|TFx7xvr!Dh#(M=AIh8W+jyJJB}s-=Xqljzp{!D+h<8dM<#l8M}(UN zCMZ+R@Z$VJ^%9Ty0yHv~eFJFd0R&;e1>)LtVy=gTItha{u7kEF~H`g9vd$t4nN}KeT5u~N1 z3%#%WLVv8M_$4`w7Tmuv|C#*5NNw5jqN9(LLKxI+R{#`!^sP#o% zVd41+dWrku`fUuj7X07>GrNBC;YIe}cMOJ@?oE9qDBzt9rl;!-UIdOeHZm3f^TqPI zhH81~fO_mlb)5-CA=eZ^{*!@tU>D*daJlN~nNZqD-Lb9C7(8=4ugkX5Xc6MdNw%c( zR2{}nU4h?_-#o0%pZ$gaQMO8dn&yoK2&AUCi=>n};dZ)=CAPE2hNqkS1_s`-U%<CABShZbq90A+^2zZi&f_@tbb8s#JSXZDuKI z&I$+CcOC`$T@7wxpRRu=doskPC+K6|a={+^UNiaebU?lixrgo= zNu^JfaEK!JzJ|wQX79V@)*s?zvv#*%?Qyz@e-QA<02Ri)Bs{AZbU=18go1z=&a;SqKyf{ zd8BSy#$J*L4D;q!YRxf;Fuk>W13J{JILjrGgKS8px(=aqu{iGa_C7Lw>Odb*h!hiE zKe#uPLowk$$Mve;_buRs;L^~vY_qTJ;}MU`toR=^WYAbj3?i5ktp=TGGv>*jK0K1F za(froHBGR&Or|6S;L%}0Lp%%a)0=eXcdeHV6`uDr=n0nl%ywd7{&fH>q|YQndwWrg z>t4t(gB=b36k~aHJZoGp6JDa&FWT&B(`BW}c2`tYcHH*h)Q1=c69)Whue&=kYacb1 za{6kk;fBu#p9q>%&8@f|*O>i9M3HoK#XFRF{Xc6ydVbT=24lgeXY#}8%`g@TPT?5Y z2`*A-t0UGo;5tE7s^n&}F*TY?=R02i{w80H96UJ`7@Z6f;MH5_4KKITdcB1k85-B7 z>*Gn>?!^G|S!>u~Pxn+3KG|BY#PoA$`yd@b7O4UEu{$!}t3$KhJ95wxhwqLfuQ>9R z<*jp~ui>HNu@=~0qk_tJ%z0+^#lTB{wNCixvG3GTpy3CILDYF4O^tY$Io@9~i6Mu7rB_LC1iWU zFwSPXDbuCZ#^jRTZLGcMB1dnGJ+S{uIW0A>oGG$aWfMG!TWZEwVwcinXkyli`e&g&wsrgdWEv< z>+eG=JzzeGA{n-kJEOer1fTGfl~oS|#cLK2y{1n^eeE_d|i?ym;2 zcEcP7+D1#i&Yrxxt9iyO^(-tuddJ7V`q$D`U43{GyiY!5ZeuY2c zayH#ZGPe*B+8IYgn)&jy7yRF99KWt;c>Dn^ZEcuMH{SLK@QGKM!kK{d-GGZ``$x9Z zF-G>nH1rWceXW8(aIhC;25={!jCHLoWuH2vZcZX)6nH8&e3I8yUZ3j9wYub7IE098K~qxYB0d zEFNG2DSMS;+3E!l&r+vJ1dXO}LWdMv76cW6Nq*R^}HnMc6hTJ_U-n#UnKvmNZgM-#!&&DLp^3 z8C@97`xf|hh)F=RR5xq;u9Klf*4XrT{Un;IwaA*%Ts_0z3L$yNT8X{II)jIb_{UlU z&Htc5dg7>b8^W#IXJy$F3<8%LeNTNja?*O?tMD+k>%wf4)t*(5Vo_5%cgET;S~r)g zEs#p*3Cr>63Lw<--dBrxnv7d<7=#%c$fS(!6u-4ql#$KGSr9GBCnU*U_t?h3Pxh0W zaRZy%s{`pXZe54TVfZMp-+Ygz-4CohQsqRQetciFLPLth$qx9p&HBG~Wi}Y-Ky#w9 zAopb}*eyfb{szjk*yu%K#mSIl#fI~vtT=G>yV&sIT{`ED%ZD-Mj|U{u`g+N3T?FR! zK9_?%?&thzT$^{TWv$-N6PGkChsVLhFnMn6wx(uQ+@4WXucL(6hlm)Kgz&K-i65+L z#Iao}`$_Zvzo7d02y~soJdl;Ne|5`t?1p9mI~(u-B^MCp+k z!+=qleSIO$6G>rv<5D|s`W|$n+T)77NDG?dho@2j7@ere^M2@z6PX56c2!f|KQqc$ z&I#Y)y(6%(lkXJQwP-4{p5!ydh<8Z+8do`Uu+y9x3jja77ojaDY&- zQ*)Bw#GQT-Y#tU~R4ORo;90W#*<~iCh!eiNo6Kw}eg}?s- zR;tw0<*XkM&N`KkC)S=wz3^;x4Gq#+JQ3cypN*Ba_(hI*%qpD^50RIjSEBe02BM5i ziywEGN5NFXLbT|*T#Bvs`57utjSedWNSOcOCjak2PX|v94>jDRO4p4hNf;xRAN%c6 zq5yvj8Kfo7OQr2NmZ!i!X53BFUAib<;z6oZtZ%oUybJ;@Z|p!JBLpWSq}+4mrAZP> z%|qQq=4nW&*)t(Wy+t&76$et;q^@qX)Tqu-H5X$O!y~55qz)vvnLTYjXFA7{UeDG{ssc0+zK1?7hr2(emk#LApjNcF}T<|avB$eYwcUbu{` zBTcIO6xB)#46q1?&$ec?=?{Z5Hy{pHVtj#6GanQE=frC@*f~we?@HuTBUZ>TO702GB*0zV|MeYo96n_> z*-_=fg;P@Llo0LV8~*+CoAAZugv_73|HIZhhF2CY-J-E=JL%Z$*tTukw$-tnbZpyB z$F`l0?YnxPbI)_XeeR#N{?2FC`_`-)qiPHWyKiY3?cSY2VQL{)XHxO^EkTZ_0$@zB z-`S&=2U5p{nH~9UbSD`t1!p+cotDV@5HW{U+4yW>egM#k2VR`M4iB`+<#- znvMDI-hDVDdtQ%mat{*8qw7epmB>-YRqbmAJPs!;fqMy!4wjQ;O{@mj;%Bzf8iIk; z)_$cW}lwxo=hZmYv0UO@#Nt zFD3KV!0HC^zaX8b{*78K3`;TJii{fg&`Y90$az2h&bf)>@8hw%BIi<84@0FT&!KR+ zQ{Y7$He_VmJ&)~2Cr_6&ypX~lDESFAnw{Z3IE?p0mbR9**3|H2E&b&FIn~2%(|36h zJ@5SXmiXqjX@kL!|CiQ-@d&?g{3cDRm^p(MT;mN1`sx z02%g$?d9#YIb@h{Y7}%cNODoJB-e*RrkluXr{`eW)i`-hl#S=7q$wt5hUDta1kmluJQh~QLnLM7)}u5uG;%YBUzjEV+j3+!L8@jD<(<8O}{iE zKvqe-JosyF^s8U2r6}%aRNSTej`t2NdN3<-sz>Qn_xCkm?24iHBWfK34Gsd4&x7hE z+w~ZGwG?HX%pHKm5h^_a(s0gautpUeE=EQ^+C}u<#e@FNH!^?kW9&DmED_RBjXA1k zql$6-w8~{znTxB935_g~`zS2%+a-hFC#2h-Uui%}*I1-PfbC&W`lVQ4kon3{Ad_;V z802_8-jRSbRoC;g#_brDU;KA3SkWTX6BWE9lZOKN9Ubcy5fAlR_Qio>XCisr>WYd{ zSla1cKLSWvl<=x%jeT8x{iJc4gy07r^gMM@G@*;Nog8AE-W1^NT&E(juaVpSNB&?Kb@pxjXH(fE=e?0H0-+F z-Tow*5=XBAS#iamDN#xR!5Lu^@?h+RC-xn6Y_~f5(_KrUp+4Cfz zhZKa(V)k*w;7@fc%Vst&EgIDKTb$@)Q|mJPdCl^8-uRc-xpoJvWPNmZ;ENl2r}fl~ zX|qQILuE0?Ls$0nQ>`@~@qxty zz58~AI&bE^ea5$y8$AZ;s2Ndz~L4?rbhWM}eNsh0YX^Nc@V0*p&^;r9Mjq7tU z>EiqXtzk0hD zZm)t7`G%nFN^`uVY-OkVrPIW`i)i#Up^ZwjJ&b;n7}XVu&hUTp_-RK!Y3nE=mzNvf z_CHQGBE)lO#LAN3;sgjsO6istQVgIJA1-4NF*+a1Jj4QolHvq)mHvkePEY_o*xQ>? zZO=nCC<7UsT;a@`pqd3(AhLjgZKo{7Uep-Ce@_~fTX%9aKc=2DC9hkL4%N;v1vH?~EHY}ah!{Mun%*=HM$`EdOTUpmuZENexF@vu4 zBf=0e0H@&V>&xd4WS(cafU|ah5vx{bTGGG_BGNf&)TwRod(yng&}uXR((}WE5Ikt1 zlr3Y6JX;F9m8`!hiRzb9Q3nuvodFOgu_{|11gId6#3qT)FV0$cZbdT$i{o|fx^owZ zkA4G*Z$grC0lBcrPO`InC=|IYK3O`vP@(>)iHU8%+@|ccG1Ttk+xdmHFQ2@)Hzsj4 zWf?ymIY=C!8OBexvaYPGs6YxM`4!J0f>Sg^|6rqHeqO^~7HTqyr0_P9Pr8vlPKy3N z8^yZsgIIMQ1Q`jC3_v>;gAd}jac$-ja?rlZn=EGv-IyKQ89}&JeK~g4xy1T8*yaBN z7r3my|Hu#%O@Ei5wzGt(Y4sB3nWA&evf1ws?wp8wl!k;~SA3zQJMGmUGW-tjx`V%W zG&Rh$`sqz|*Dt%j z{Q~E$<`r*Wy(iD|(q)ETSaWH1fAHYInwl#KP9_O-au=)5ciae8l^uof5A=iy1x6coi2Cws5){pP zBW#Kyf4*-X0u6vc9Olev{b*iajO(Ie_{!4KKAwp4UC8KR)7_CeXY=L0G#_7edF1Nh zO*jN%5u(0>oU`=(^|yyL(QYq*8Di?D({`hc_&grjskgiW&_A&T%FdodBl(NC(R|+@ zuz$1O_c2`#p)o_reyykfShe_e8HUWh(J1W5R<|$G`7ih+fXDz9cq6Zz{T2E@p@9Mc zM2XbjLXkPA?|rCLlvUlBIXsg3VEVQ`78ybw8^roKD}MDR^^bw>z6J~3!Bj_+2X&O- zXjUcsp^joT>^%yCKnCjwWtY|sISvW^OP2xD-ZvPdRH-u9MSpk%kvR1-Vn(C~-VRBX z+_qm9=eAh=wnZ1i@&fK4Q4p1k>R&hSb1Q2fJqDqMHTY=gf^tV7BUC&%X>a07H2ecC zF+_>Q_00*0pT8tXZ4_+jv@f7qn^>-DmCIL4Fk_#P79xq3v08SG5lp+4o#ILhdI)Cn zRV%j#4n<5z1V$kv>C9YR*=)p$EY%zY;c!uLH?1lvp;JSiEiR@EsRh&0{Jx10#oW4NX)~KmO z{_D;5C5s5iNGRXcOBeki3_RcJw}3!y!3`de&^xPYDL;sf@2#M6sk2L-<6zyxSmcx?R>r7RhvD>&dQ=sMI`wYU})ff;=MBpHDLNz zWWl}Glo@YROsC+hZq2J%Lz3@4Ltg3dtTa!%^XZcN+l_^w1B*~)J_u153 z3mUqfu)h0O#AfTZ8+U4&G<{FJ^He5ICZh_rDt8KXid0YYv93?V@k~}QLF zDffw&cOj4ZSQi1}l_*yFQ#u>$!Q45=_IiEw>uxY&(0FBS&-V5*pYs!(PiJN(4rAJ0 z&S6um+L{>K=$7?LS!OwrL)-t)8OH<$V8o(Qrz1FlHmS1=K9F&0-FEH)&R6fxCb4Sh zgL~T5?*XeFEltSrnsKtMfB#gs2XB{%*!eQAMbAi2 z>u|-*5Kgu;+tCFOQ)P^hBs`eXd}_%y`)mD7D}kyJ=HZp0!*YDNkobx29nr0x9?$p? z@&F|$f^TKwtR}8rx^W>_%1nKgXtyw5tpmEh({_7w+ZOpN#BgjCUOXtzgLqFSm+k;K;)-!b`STmkv9Ebluy46QSgb22 zi6c_h-EIAZz)QIUCst%gL{u!?)YR1MtdIb4l6L2>(MF8sw1fFN^alC5j*bc3N4KE5 z(PFtO>uZbazgI)=P%8{uah7TLFg;Hj7V;6uMR&Fr4dXQ0R1{=c3jfIy|6c{Od{QC` zvNK52D1nB~`)b@;S=aSg>dPkVp3Dx>yv|L1<&&metU39EO&V{^+o(E{Da$5t-6-na zSUjc!Qv6#wnyhcU8LKS!DqMr~HB~egp)qyG-M@%0-GX#`rYjpI%PD%*=c{LVV<9QByD(B4vP?QMb)2^X$v0@;A}$T!J{B z;Ft2ZN2-C6dEO&1kXdC;q073Ms+G-GM-jBWd)`#X{9}vnr;QUD^M7GM21MJ56VV71*!3ggxQf!~gP~F*) z&LEdJnw&62?v)tAdA=lXXL(QVDXEiSzwH?Vq%RdS}L&q!-7WBzrLQyA#%N zIxQomvFVC*u)qOFjAR;Lx&#G`F>1IFi#a0t_d6wWz)w7@GJ6BzjM2*_V@6YDP8iW5 zM;n^3Xr!!NuOgl-y#tgwYo7L|d zIipTOS!GpDE8|?1qR)la@`+K$T#jrzo-Rp(KH*-wJ0BrAdP0hTG+xYweTsT~?EYG}f)fiT z@M7%Gz3zVJ>oVhe=%w%bEbS>sEu7-ks?XwiJ2lqOp#K^gW%7@gG|1=we5L4elH)ou zA(7!=U7l0=eDLzc#B)q`TNi)WNd>f8?<2V1vm3a)A2)-Xz_#Q2!y4uWcEpQyc=*nf ziXu8VD%3_S$l%!#D*&qwFt57Rb$xS?zo2=Zx6BP~UFllb zpBi}YCmV;J%m|4wT6v$+muCA?`*JRucf>-wR9oi$Kv%DsC3#wTJ@#G3vH$tMQWT>r zGUW|4Yet_zsQ(80XSC5s47QqoVC2&L_+sjvcn|IDwt4E)Jaer9<^LW6XV8W!S)G)dKtX6oYaF>AwWdgrLDBe`bwN78Mz5%YRjakJ?#&rThcn0*v=F~9FT`&} zn-G%7vgz=#M`cU{==G38p!g{cRM;wc6rA>Pk8?$gYE4L%mbb;g$b)5U(+(K8(mQZ) zE|?_YsZ;0?{S7=9~8svbRC%MYvHEz(R8hz5L3_E(SWiUbVv@d zrm0K+m`~4h({u_`b!Wr^99hx`$%h-#I75QB3G}oC;V%29^sR>zZN`fxcelMcWqoyd zn{!k-PJ|uoq_kN7ao}hw?}a@3VXVcqEqGH~TRPz2Y5r#$N-8B8&X#uD)jGe6W!oXT z0W5sDu*DKa(U}a3e~|ju9V+N#gK^w&09%>L-*N5dr;Qd3oPE6rUoYz4&&VcU#spoM;zn)TYbOI1v`jwx%Srt6{4 z9uOjjj7^}oI{;6dE*It02&iRt;Z0&pU?|Vp##8cW@Ooe*NPs)~tjdP{fn!Qs^$vxE zCy@Ny^U~qV`#05dP^Y3COA}iG@`KdP$q+7R9`#2I>qfc`R(f3ll6pkrQVdQtbG)*; zdZ`SfC&bEyO=Ka|wX%)A5nSux8p1cdB@V2w$_k zKSyGtin7O{Lsp9TpWOfp$N?j6X666(I1dVd2Q#T^0ZxpELk_B*zM{va*6Ua@lkoWtPqLx}&m5mqzW+N}|}(YaNZnMSwtt z6N>^}E)+)4f;pNKClFOQ_mfIP97IV@fcdf>B5s(-cZv`;!5ERqn(-w?xJ{mvSoE92zEJAwzgePyze;hW?v)2_*Vxo zk}@JR7PNaw{%`f%RRMt!D_kPzaU^8Q$2|^_)FK_YA0PlV@f<oif(@VyN{|ZyR}SdT~6?M)TW)>C*`4pb*K7?3Gjfy-L;=%nYa|G3aco z!!p7e=OMOtKL6l(N9f3izIE?!%&JJfaRvIhyhREAati-`uzagwJ!m+_YK5T)uv93I zKwMhbLX8zOpUKwKR4n!;&Y&-4!}wh~9uxn9nt_FwD01f@vC|?3^?Uxe+qy>P;MlgS z`(vp7wndWpPGLr7?cZaBtO3}yd??0#N8~4(84oE|rfsNc8CuRMrXM)PF|Wu{r&OWt zhPmCUk%GupmbSJ>44BDJ#ti#cY3igr<>1b4-&ud^cBf%C1*a$12GKy!-MCUqEyZ4Xt1CXEnSZz>#}qjXkGnbyqFA` ziWz4X*0}oPFw4Jsnk^SfE;m}gUq<=GYCEnvE=uGXYNw!%Xo+uw^?e^zSqI*)I^%ln zdq3H|h*7yRZ|94pOJ%d%_ChgHaKxxQ!Ef^>GJMdH6k)+6V(<}0=^Lztgi84NYILi` zzi^tP5rNf*^nKqp85D=%j{HsP2_2(vX4wL{H0idNFiAhAJC;v)=;`(=Ns_dOhpa7a zyFVr>Bi?jk`o=g$37DCG=mgn1UTo`SNtMX)UYfYgzxsl9#Z%}wkLd1ZLh8Aj-o+u) zQmERTWgE4U`4^J*nNz2({rUy)6uynq(AM)jLZ7z%t*8+s$9>5PaRW==7I2SrpE+*R z=J)AkHll6U9vbm(y^Z^ z9`luFwcZ%gaWg(?Xua9`T^@9{u7y^oEgt)IKbpZTm=11=9kaQj%I%a!GUDE%QB1U! zQ{kXWvyn2IT~s&b^4Ki_Ld>D{JbhC{E(LQz?HVU+KQ z$qg*a9sWd>n*Rqj$OCW{D8N#dMi&775F8BuHol>_W1q_ALd{9ym|K6YBH}zcNZ!^W z<(jXA9bg9R9aCUeO7Bt`yFxo0F1L~HPPx>+-+zCO_~K3`PV$<}g{9bAQEDG=I!P4O z>zrSiCC}o&ZnnNpU%*83fU^gh1Bd6?T^`>{vwlIyeac~F+E0*uVRJUg+ zGsaTKwD2y&>-U7nYHF?P@%NtiH_hbLu$@7+#?6N!CX60c-d%79z`PNbd)1>ZL6|*; z%Xl$l$tI2m8aD@m1ICWXWh9EooYxwT=!CtGFG-1z-E^|OCe#-1FemY4Rd|~wda~z8 zk2ii`OhkqPHDdWqq?@H*r?1z6B@AAamYMu=(kuVYBpf$C z1E&D%Ds4lD94mtj{aslZJv0)FOQjS)uZ6)}aS+6>1rNRlfer0fxMy%gTpH5KhWEl; z8Zm{F0*6FXiIg4?HViQXU5^IWS;)(pkLw5WUELVQQBD?CAm03!E1?XJPZXYRY|Ll&ZT~ zEQPeY1B;n71#y5`Ee%NdQ2@dd5U6~z))83XYqq?Pk?+4%K37rBsT4bUuYaw!{8Vx= zCpK~Iy8`vvu6y1aeg*zgwR1{s46%qpSnw?&UhHYuU{W@W0b{aWUTWRX*`UbLwF;m>dI z%2D7$R^_+rDlfyKw%)$)%~qUsm!t3(4J{Ko5QsgW|6>pF6j~#pZhqgi$mdu3!Pmd5 zbU)1vPzfK+aTtIG-0~SM7Z*5k{+E8lmp0ym7?!q9lW`O@I6ozrUfmv#@m6+1(m$82 zJJag3isJag&o@&XJ2u5sslw&Bc5T4#bJ<+Z0DaKsYI|SUY6v3_fGTV7;rF?E?*PL~ z@7G1|%??vKB_a_Y-B>@$@9Au|t9ALCxnG^A4*(XA*_QudR=A!7d-!$TAFwVz7EU|U zVKS?Mx*7*3PtJEhEFfpF7YV2!i^%-G?(-H3ul=4oSBI;H$;}gq16syA!{WAK8M*>m zUURN}!b|0GRd+_{CBys25n|D3lpg@t%hM*KA^?|&b`jjb8JU<_8FykxQ#64j!9zn>$wQT{!mT4EMSclr{uPJ2n~c-Ym_>To3`Ml38FV5*n>-~D>w@j=I_UvG6p2YBo^F@pdx|zR*I9q0D0ap_&TVxo^9F_$oj$h%ogY=n} zr|pT|woRE7)!OlNPNm;G7(I~4s6ZS^x78B07TB1XBpI(JvO+hMF+G0FuMj#hI{CYj z{O3Cgr)a*UmFFsp|CN)AxWv7hv11ct|7h4k%41hv=994+#|3CTZ-4XmxIMY(f6r}X zsx^-yf4_TU`n_ql#&oj=FGt+nu3OhK-O}p!;Khn~5+_7jy`1oWXM_%&^>%mcElga~nzw2``vo zlRk0Xc7PCO*F}7j$oaUaoROa)mO)50Aby>qt_RIJfnaJd^wDYh2cyK`+=$Qg>9^R3 zZLq;C7@otB!Gu^M@6&2YIOQ7UU!%nsWhaCpx0q~PPZm<2QjmcUPEMsI$n#cmp zes5=`a|zRY?>4N3;IJ5Fd?VJbbE239wtN5x<ejH`TXPd1UapVHEwzAKy%fwK~$38|1yw>zW{2Fri>umJ|Q?I#4scf{0bTh zXM}Q`2hlL`5ZnO88*LMnOJZTUYNSA82+rh%o)K^8u*VQZai6VpjYe~q0G0%th9Z2V zO&)^yhLJ?Rj+Lm4B*i>eSO&|RLUP>jv;l&;S{QF=Z9o);IN3fXPE9MaDa2m4&!BpP z868&f=cV$mQBzuULl{6siwq4Uf1(C>o@|oK1@R|}MP<)#pdtG4q@y!|amW~EVofee zJ~O-DQy;3Bu{rguP8ZH*`$}gk+bedSQk|zSN~})uNa?gtDm>lv4Nk$I%MbM0>9MEp z?uVIGP>cyoOU!6RWCmRZTIwuB(31k2`&p@Y_Y%>3efhEY;j-FfZQ!UB;$e=>B;bH( zFj=GhopWb};@CV*w%x(Ye1M}L9RS|ERj0O1VC zH$laSW3{|w{D82X$$}RbAv0tiN7}_#>4st-AJIeLW-A^#_H_{vBR{5d#evmI$lzK|?fw3|o^6~V3{7m~ulh+{jeLz#CDgj* zhU>gB%Kzo~Mc{duV4*(4_fC5TxNYjy8q{_-p8JtMW{D7go)X;=_bC;b4e>zNlhz$a zW@m#0kA(gCX{3z20%#9G{EbDYEwwEU0F^~_MYxRzE|ooITmS1-=XDq^6Ha;3M?a$X3XU=^t)0G*a_wlWDLD;5Y=c;USfK;mt)JuyS``0nm zJKaRPF8&F9vphpGDh{w|G80E2-UH;OVcjFvHg8P5ea|aJG;sQR#sYS0J(FYFT708a z1_l>)ELU=U&OQVOU~)F^)f;fHihvlGjO3WF)+KL<;r)-T_lN5`j6FpA?*ShM^G_gN z$UkT%Zf#t}1+L633wj?h@gbKUW%Bt2c-eER2;6@elVKuq?!t2!Jm~|D zjO0wjj0;UtLoSipBom;+ff$f;y}BGKd>CiD0SRZ-3T`QlNP-f?i{7` ztG0t)|5K+=$^eQ#Aj<*f$6bOxK=elw=$)Sh~fur*LYUB)UcQ zg(5{5W$ad9{0CLFzI+z0D%x5CSBod$OerMkX|7QpZX+WGx=gOt0!=GV2t&0?L_{ zYciN~OJF>rx(B6TlnP7guhfl6wz^L;I|wgJ=iP!~(yw`7IPAY2KV5T%k^0(2pDLPU$an8_)eDOPPL} zz8}|ehUfjUW15(tKnM;9{4TK(1ZHzw&iCxUQvR4bPlILF7+gS}gaC;>?cbpk#|#1L zgsTiX{5Tco7n*vz3FnU~DQ1-z;Z`A$!!rEpd^@i!$25$Rl(uC!r%j=fDz9S=Zy}VPTUyUXq8Z>ArNg6e{AIAkECkV{>PcTzYxl~Dh#w4 zRa1guPC|J^DoP}Tz-)AUIAs)6zMKW`*UN!oE0KUDHl@d$ep6^fpeF{23M@=MNPnzF zj7)N&F`B4@(^fu1!SX!CHo|1W1IH5I(%|@>DhXu6{G}V9zwehkGbAZZvP!m3ToDA7u5f20F3#i$bA496^Ng>Btnaf z%=WMd&afs(V=bi$g#n!BWVSrXaHIkxKu94td@uq3<;3V124U4bVwN9q8+^#0%EZN6?ewX zo@3cnE7#n;hVgk5KKEzeCEALfe(gKS=ikPbh)@ZnbOESCCs}@f=8tmjhj2yAsguP2->$tJ(| zk)(bxo>3i?7uN1Y>!3Mg-J~bFV?;Ok$CFLcE(UBsR}*KtL4szx6L~RbGnm~!U9_L% zot;c(^{#Rmx>1r5%x_DzekoFs-~y-`;GtX<)MAiw;euv`ROR3@clgcV2LqkgJ+S6# zQVEc0G%`Y`qpV;8XdG%E66weamcPljfiYO8vx0#TX&;V35jcTVHP#lZM9E5tKqeN) zlqm|J6et*f%!zsm93J|jqnRi%qJ~+`Wi1)_WYT}X3(GHMvu@#2OXzUkXDqFwb9B&i zm*41)1NLJ{K+fQviYCmr-N?Kt{@Q=PB>akkx&;#rXvXgHPRI8De&1=_$yQdzj>?$T z?CLj;h|F?C?~L;tGJ`Rrr+_GgSuaEbEjjz=L^b*Ta$g}z1P)bFmSx|AT^;ZeR)(#@ z(S#`RSMwjmlktGbpciA{0jfxo@kDcs7{}aI?2(foI2D^(Afgk-2N7`mr?715FqqpA^Wrja|C$e z=b*1(u?jU?&&Wk-@n2fWqOv6Bvn!+j0Mg>Ul>gI;^ZjeZ|8pDybB7|FQLz%F9y0Cn)z(cxWF z^TawWNHNhJkLpSC&a&52zL5di$00+0CacGHQsXlyP&YE|lVBE%Is&%SWU>_gkLD~6 z*j?X(NBmTjs(eGgmHD3ClkB&UT-s1iGL~fN@Kx#c-R&sf&&t&41@nCXt5tIk-_H&& zY@_!o@1o)+6`JG;)_0_RGE-Hu-1S|IbVmN>MC3`)&^hf`y4lfrFtA~!6nw{mGSV^& zWQ%l^8Ao$J(`)yNMhv4EX9__X!;PE`nN7{{Y{o~Cghi?QV*==>bFipe~kmYBUj(uaSvF6GEcbU3O%k*wVU|epg39}Lvo++Xq z<`1$h8DTt^O~^52G8~Sij2hTt*6@Lvebo6jYpQxAX1I(V(_74Zv{b-ua-8xTimJ2p z|N6|P?TL<9WdTiS*rHMrch$*BwewNJm)kAF^21^G8RAOei)B%-mt7+E32}AySvT z)(8&LrHD1}ccIg=Wgmq7Y&IH(xsxQF5yjLES%(ZPq@^HsKKyvSSFE_nQ&OfnCLp2e zOG=T6a;AFv}hb`#fD#mN%`%E1@jLCPnO#SSz2Kolc9=1cXzX*~kCR$b2m&*EYEWdy-rsDVG z9g0T^&GdtbE&kv{1xJZS%n(}$)4`t+qH8I~*b5C&V_&DkX=qY%FhSm(8o-L09)BMY z9_6d_;yioa@h4>PV70YLQzPe*hb#5To6uPtvEx9B#G<@!aGl3x^aY5xRCN5GoF_xCL1rEFjBMt(^sZV;L1uUGS zY+;}n4Vu4-AsM8YnH`))JQIN-zfnCJC7iDo@}C`K@qkg_F&?%@v{UE@dcXPGx6X=f z_1IrigN1Ro=^n{E%JjJm8T{owha*=Ks&;)(lY*i-7m**;`{}2j4AyyhT$J@lP#~re z0>jGIxc>J|+ki#y2VLnuaB?TFIEGkQLt8ukqiwu9LkWEvcX}e8)v- z#H`sC3BZFMWgP*v(WgTn$Ir$DEQHo_HMJ3|Qh6P~PXzSmDRI7kgjfl~&)2`79!c21 z?Gjb`%~lT;E)&=Z3V&yzmfp65z+p9Nm2n8F7?Y9mBGyiyHta`Z2Dq%Lec+N%z2EB> z4IY@TJ4V%<0KM&gsNaGt2a_xESwLq<>~9Q=QA*bpUHAU%CFx1w8*z6sHDs_!E1wh8 znFvfQqw|4QC|;EPc@z?^9-(wlfJO_CN2aR$F&8~3QmJi$UXvk(G0w0|3@_9gQli@K zj>v|h|6B_E7gkn8T>yqOZpLD5*PT?;h-fs1VIazTLg4%<`6=~--p@l}MBb3gyGfRr z-;j4PlfJ6F437ZP>+|D;e{@kI1i_1F+o~&zr_KE9@d}b)dtYTb;1BA{6l%MF^|S9? z*@Fz1%M6vD5WgLiN2@#A$J5#v4Q@Dv;Dvdd^ko6!v6Cz^Sh}-)+a5%TjZf+vWIDEH zMgM(T`!zsI$vBnlC$Sm|g)BG}3&ZU(R`@@xYs6%qa*w{B?j>K8vG}U{d3$o}M)6@X z%LA*QA5s2T=Ob?HkX}zBJ_EXJtL={$P-{9e5z7qJM9?5JqIqFKJmcRYOUC1@*BCJz zN>0&a3|)`C&>L|$1?C%Ux!6ff)^PUy&Z(FYF!5-M7Y7fiwa6eK`{lc%Kb}|5o6d;# zsZPzp9;|LIDy&LP?kYxOlXML|RR1t6jupEfblvL+Qf?Li0zNn~Lu};V>JouISXa6% zPRY_0yKx;~-D9Y>-}Asrlxa;)KaMaorgcCW8y0ulAorA)I2zCGv9sH3}f}#4pcdm>KwHOt(kfVu^(bpi{&?W?=411Yi*ims)NZo*c zE_E5KGY|$L8e5a~l8`Y`C*fwjU?FS@gVnFJeBqXEZa*#}VO!Ra~Hp?hzZim2{A> zC_r+zMLvTo&%b-tb0)rZTF2Y(S9!I6WtI*fu%Ct6BqKR=ZuZw*VP(mhJFN#udJb8e zfEg2*QyQ;D7N};#r~6|oVuxhBGnyEnFwb;VkrCsLD(`BW@b$;q>uNZzbe-T+OhA~V zWNVu^tw{BC)tb2tK7lbAbF+X%K@QY8%WB%jXLx4FP!EHZc;L7y;_-?w1r{VIfFZGn zAEGl&U`Wrpso-2yptl*B1Rs;eSQQD5XM+b&l1cSauaX37pd`TozY$*}bb}lv+4a3g zAjsg(slQ56d;$k`U0FSlEVUN=qsDwKSK&S3n9r6V&<173G;&s6A%~Sm&IO54f|!K+ z-iI0d)U+Eu2E*wz89S*^#%w(=&-Axzgh*pE;DS{`NF>n6mYD!FP^k>pF*&VDP2&t7 z?ovD#G=2h<`0Tx$Q6|?_+d+Dsp4S<mQdsS)E_(|F)3F*#>`sayh&JlRs%7G&$nB ztgGlBh=b$oD2a#)oQs)Idg_`z@m%Zw8SVU_AhLLG1fQLI1IQj_)TenO75mr!m@j7@ z09i$RART-novG*YeoTjZt;=6Jbz4I4(%I0S`L18<<>5LL`RMS6pRFjC{NHUC7+Fm;>lShU@zzHr7kr?a>Weg*WLXW~YN1f62%+Ie6@YjnD z(=110&<68(@c3*b5Gy_E06-m@=)zjtd`(6+IYYNY>9Cq-6#tl)9+%7cO6dcZ>`rDi zZA{#-;L^{A`N~UU^5kKpQ}=ki$3@%9+=-%e=hgPi5(dne_hEDP9e{a_!tNv=w-h59 zT2D=Z;DXSn5s%Qla2iP}$-QeD&s= zBnF=sWz2`<&~`y(EupbGkQ>Ke7{%v>KdB4pUgifUb`P59&`c0Y(CGFX2_xcDWpIK# zB&=<@u?o8*K}rd%BYXSG#M}zrGXeHvF;NV~GyBH}F!(<*+b1}t~yh1Ay=C zR^~is!%umTDsw?i4`R;ZaxOpn^jBmr@b@9v?eLcnt1G-LRCf|JyZ=0&@j408H?b_b zGbccWk%}NOafk!t8L)_UB~8tHwz%9?-yfbkbqAeQBh_B>UT?N*>iieofn$N`QF~$H zR!;8Uy0+_A`-hMw>c&San0i^HnVXnDnNFCwD%w|pQXEq{EnrvE7g5l-7!4^x5g!g& zEGiS$C{1Mr;yJ9-Evwwe4aM^5t@__1m%v@1qZsdsEaS&t?3Y<5H&t*D(#@(~i=C?y zIg4AJ7@exBfOa-X`a)KvD7cakf#2BIsq8U$GkUw+Ef`o)!P9f&o}$rH)DfATH)4BC z9#H?)hgsGfrSOuI8PtH!NYprzlYqv^IZ7Kg@2m%=6q55FDSeXB2`R5;bkuRGz<`TR z{a&A`4tEZ_^*M}a%MRp1r#MkadVRm9O81S46q>=k*(g(S#@W2DepqU1H*cEcUC#a1 zm-(Krw~Km`0#C-}I`urwAGH{03>df>g&Oulj6=G`%!&E3GCw?Pwq|$5Do?2@_l*h} zlwjzR)PI#v^Hd7frjjFr=1M^d@v5>GlmDhwQpDUoTNDLBIPQSsJ9J*Nhs|DU;ar!a zV&fp~nsd9GvMsg32ucR3pufy}5jpYYs_?8fna%ITR{S=zwj`q*r|#lfPGr=o{i73^DDzucbP_p|MGKk~j> z!qpYtYBZ~%QOE!Fc|O0HJz(DokohnU1|r2WA8jl$1xQ8>cf~Wlb$y*nYq!{Z_Q%zV z?|7V-mui4x2YJNATlH*n$(c1SPG|q=8u^%xm}s*y{euU?OUlv#j7OA@mI+kMczQb6 zMCDM>%*h2l>J!|st7~R!JYp`!crGebr1zHr0<{REErTVNwK#_B&)B3iS~6MO$j5?| zK5c2f%C6aNZTzHlLOZ>rJRjKUp47=+HLDk=R_ra`G27aDCt9E~pWNB~&~9m>2;eki zBupgKXSU{pr4Mh18i`gt3_JZ+#~f6+yCj<3*tp;Ib@zDYwpr^5Cm6M!wD_Y>db_Os zHb;EqFgM2(n!n`um;Oz>{}~>?INe;f-v$ zO{=*8#F#mT^KQOLW5a|s{%ma8%x~2e=9zjU(;uUolr+5VuQ7W{@>4QZ^T#KlG}$Qv zM>m`9Pvkb`y|0OG<19w-KTKAyBsD#Y6kp%LYA5HNpRz3{XNi4S1CUAy1g_K`ju_#{E9RP3 z+GF^UxfiPE@TowCrw{h~$x+zg%jNP}-6HKvXQP17h*v3%CU<_>7JpZVPpK+2j)*Z6 z%A`VQ>f2APfx6OGi$C)b>bihPfXH^h60!Jq^8Xa+phN_t2!M`E0aF9NeIB_7amV#b zg>>mGru2t)|3h6q9^Mypww~8psQU(c*?pN*>o`v$*vAJ_J~Cmeo|loSSrqHkXZB74 zUHo5qFN_&T=|B`@g;xNlW7mM1ea+N8`nS6@2WD4IOKD)Rk|ituHlg>s+UAvQ1_$*9 zut2H+0VBJu7WF9;R>l9}2P%MsW&NLL&B+GyAh0&bUR3`=`DrQJKHI@# zr!PC_AuyPRa;(DS!*?`L@U!sqiTSeh*@EM{NJj*P3oNi+DE~bqv^tNA9uq4Xw0ERJ zRw?eko>{>SN(Km3Y0Z!VBo-Rvt0ME0&zlQ!F;>ks`;W3Ji`L|5Xzfhp=f>;0p|`dA z&hN*E*k~xFaw5hNC=<}_)c=RAe~yx*Y1h8t>6)IlZClf}ZQFKF+nVla+qP{?+qP}n z)?3%TzGvUp{?@MgtJccOjLbL#8F3!JV~XyK$7cs)iF)CGt1uw|N(lcb5_*Dp1=7x4 zz%9jQpe_7!wzbER;if-doiEndtbSHG>Z(gZ0FWX5o;PJC^fY7BSo(<@$P|@CRR90< zBsnk$2*`?<+@Od82pAfmri&JAJ{q3aq!&Z37L^;sV_JV9fmY-EMMTp+GqD@w7sW06 z``r$11Vn%S*X?#E@c*Ne+hvd@>s#$PE&g#YiXb}~wUpo;-?zk{v{oOb1@_8>pt^$fO)ywAaJ?WEU@<&u-=PDQ%UtYz!jk zC?*J}xmOn^&)DM$k4v@ou-;@|nDu{7`Csi-w=#eC+ESy+T8>RvKX_zf+}J^0N5^|6 z)L(JzAAS;l_-*Cjt1G2MaN%C_$@xrI=+iO+%kQhnP;HX@I}dJ7iSe`JJ7=po|D){%v`i zbB-`p_a0gQgslhML@c5@lFn5ri;lsa7L<_K70#7TXt6S7G0!i!b0c-M?f*%wW80|8 zSc<>%WJK+eHlbI-9}xv8p+zWIx{+mCSXc$R8+rd3;=0)s4x$00>yqnbiBbedZ2I?u zViyI%TLZuQ*t(8A0zJj|%70ZPe~-icL-7OX`x?wob}TbxWB2xb`H$0?!$@Vhr6&$S zjl$&F18IC{Wx4i>^&p#B)YMVB*S2^#s2`*szm(P4ftqe$2~ez%b~0Bi1Cc5s{=Zwn ztyuTl`BT^P8f+Tt+gw-MVM2|>=0!RF5;F(;NpqG68Awy)6Sp99zd*0!WYHbk+@btX#Oc(%W+ zsBc8V0wIi)s6^~8*Wa*NF&9b8Zrs{sV4ZX2&3oE^_;k6E!$!5s|2NYA#|Kyb7sNRf z^RyXK#ap7@*X55nTL~z@-tTXnbfHcsGRl2%qlFeA>xMxCMr9~u%2>K0H^S?%`hP^& zZ{47*LkkHGRxZJ)wMq^eoLDm_jPqyI$<{@Of*B+`8=T*k@a6~t|ZSH=1-H5HY@p|i{5Q@b`Evn+SjgYNhZYgSCPqBs2Z zYVy^#8ex4~@#*XsaD62*YyEEY#iXXgnC@~Z8IqVMqB z^cV@^<7C?;8iNq*Kp`Elpcb^US_*^k!ovT^B>o#7b`if90_NLZ8k=$JV}T?wapK=6 z5N`@wC8;qnt_>AR#IOU;cVqUvia{YO%h5o>#DxdaMcmrKEWG(pA%t&mkHXcHy*Noc zP)4@O#mW9XZm(m`tI4!(K7FhuZbX>~5vU&R#|-_u(MA>f1vIIR=#KGtSng+XkROZD zR2Y;K`M=7ue}lRlw3|}>AAfR*-`{FuTH8GHW+((2H(CkBqh03Lun(#y7HelJ^74Ag z7>vE9chP3n*S#*B+4^4%#c+I{+uiT@fH~~_3S}h~{8_kMO?z|qQ|P+uHST*mVmMfE z>CqrHdeQPw0HfgU{o{rBd{m>S`9iY)J{JT~GGc%#@@#=+;n+o3z{Av%c?CLr5adP^ zP#gyNK~U6wof7Sk(X!|(szpg3lD_}&y54#)(o>#1V%o;p29yov*J2d60bw01%=0qY z4BwR$R8#^yN;46}W5t(`?oz)KQkEL_%Z?iFhJx}T!ujhHbU!xRkwlPyb%cEZ>Y-@l z>1ffy&#F|O*;};z^buagNoM7uC8*aH79gAT2@1sYpx`1p6XqB>sK%X|TziU}nv&|~ zm7vgD*d7qFy7sa}1q}{wJh0BNpU31x`q~HE__xA`cH41NwUh85Cd~EE z8&LBJ|6HT|udu+-1BFV7al!59vGpRwj$I{=4V#nYf>wp+ak90Qn+mzc`AG&;9_)S#O%THqA@7tI58G-OYW z0fXmtJqx4<)lYH@!JqE;oE9X@-{@Ueai0A#Gon{i(H0{j}n@l@8)*&vik7R;wQ_?dpk$;p|XuI1x$;SBNoVC&UbTFQU|L0l<7 z3@OlUQT^+eMGH``&}6+L3Am^0+NFXKA}Nx~cDazN-uZc=bxzKQ2RokGWXNockoCX&guQTn5M)L3BhjXZw5F?PD7N?2m*I+%ih$_XcU;~+ z`+fS8v)KAoUDLI|#;F@ zIV~&f0ed}v_!p9p!N@1XW(o}*jf30cx0}Ch-fwWyvXzyUDXno5)`plkv9qPhTAsmc zdncFYgCxo-DuMQ4?3-TP%?%AZjRnhCDtk|Ujpg!b9*~fLh!bCYnpap7NLDEnOJV36|*e9Zl zK1d~5!E_wzk>%7Ti{Bba9#Cb}Elx0fwJJnI0?@pQ3M|0z>~O=Fp!(=o?TVe??1dr1 z6wL;rpboEs>Db|I!}+_DkdYPQf$44v=VDhKPgz^|e{bu4B0r_4A$&e^eLl(#wZZc~ z%L@s8U>0Ya!i^_LlPy(f1TPIHCi_B~QM1+w_zrDduGIMK{ekC$`Zy`h#DWW!<#-|C zPRH{)M%-nQ^Uzkw;P@`FVy3UW5Kb;nWuLK5XWhrzR^elm#8`Y-EYB@GGR@KJ} ziyNVi&x^{oh{r4Q#+|s0F%xmf#a-spW{>S<-On%E_XjE}DsLZr?3IWPThm>GB48Ax zEJ)nciST>njXlnU=nMS=PK(Kn_Xm1)-=EfbGspAS0Px)sq2)gN^V&Y|O*NV(3wN-( zzwSFoI3lkG>%#4nACaiinSCR{VS?fbR1;=0809G55gqKt?OS?$CoiA^d!KXcWfI5> z^9V|5jb!n`qqxtp`nEu%U~i&fjASf$r<)(&@PEAfL)UwK=7kjTf{LoLBfbyB zRG4MCy`Bsi&X~W11d|;6%&n6s|L}(5%oCRJS647ufR%(W@|F4h(tC9`w-(KD_$)5+ z!yxPA!sxBwUTHZ90a`*tVAmEBCv0Q4gNz3874s8CMP-3iM*POj@L;T(1bHO<=gV_L z5m{%m3QUo>$bKJs#@zbs`y1b8n9$shqin0HW+Ehxr*}uwiHwo1%=_5kALtp-ANZek z^?ciWU+s<|Aq{prok0GrN+N2g+wQ`WF7fJ2t`xi}8aW1R+m33bN4Q*7wB9{~SCPK} z$J8uLO@S*BeS@wIcxPDHaLduDx7*=3=Dh@2j$xtlIf;ig9*E0qdx(@N!12Ct#wxI7 z@J41W8^5+bKqyw9qG2m5XJ6;7Y6Wfgxp#OM9r)BJK&8OALym8wae7KrRI$XRM1;vbf>3i-Fr$p(IgF7i8mp zsO2eJySaO>L$RUz_CN((hYDYyGje7yCh=`YxPDbOUiR4fHo(OA6=AF0a+}yZC{N|AM!e|4 zIf*3liRbNV1+Bi1jeC@R@}6k*KIwu9%=4R*X#L4YF7f*JMs>gxII16;NbIXGr{rM#ppCc!q(=Pg&V z-r!TRkK|K#b-5j8Nb*mB!7uDnY>lV0bMqmo4EPqWu$xbvPo%O$w0ZU%L&U=drb#T@ z@q*7@2z}ZOtLl$wlxEv4L9gtd z#uhMub-3Nh*rc~NYo)l?Z+mf$YSwIujSU?i-#?6CiN8qu&_OB{K+Y_!uusn-Z7q;s zf&MutW5o)u+`w-8b>sDw`}H*_NSHBEOis8UUY0jBehJU_9kOW&*S_Dtr|YUG81E3K z0*E`T5bY`(&K)uRj6(xO0SKKfxJ>86pP5dlVdYPuQy1=1qplApq1%s)`(23=QAfH^ zkF!MCu719U^c>`ThwtG)5ppn7TPlkDS)eEp@bvQTcsMy^=+ONsg?#hu_~lgwTr_V` zDBI+2gDIR}gmJuyElcj9+K1n1wBMf@V(4mUZtQ>aQ2PvLcN*ap1l@Pw_TWUF%xN%L ztl$X=X!L$#{Y(oSkxJLSv$6(ZtiayF{xr=%K{U?bLxBdFP-i3a|h>i~y^!yl1 z_ARvK2pcu_*w+R6TB%Pt44=-kb;7msB=?5l35Q9}>WgiQHU&u0X{jhLwfA72Z_EGD z)v|FkXvk-2nU=eTRYx}rh1P7EW)iP!Gho*4FwRqX-yAXLn(GvPzEu7U+_6}sGy2cI z0yt<;-JCJb!J&vCu7HRU14*j*F@B*}-OZ3pXP8*d)&9~?myKej4*@9gvWm~Hu&m)9 zA6uS2)m?m>5kAn>HWSo;1~{CwTTAo4zlm@uW;wP{Xb@KIuh zI%tz2f=$*po>|6M3)0VEzswZ<1zNtOtUW?KbNTtVN!u6m9npM#Ok{uS^!J~a*wJ4>t}cN7e2fKtD+@I9l}@a`GX{_?2$KTPcL)&~A!H%jCh~DV3ZhxB&d{-(e#> z^jcp7w4X^Ke+$AQ45^iWm|Q0tEFQiOD@O(Wb}wjbB*hDVxOb|r5P`Ofj~dE@d8u#~ z=rbwSDATPt{DahICwzKfajNPk53v!t6Ry*Jqn^=}&)RR)I0g z74#cHg$Fo)9ki!XSEIh(A8)oOMBQXy2|YyqTF;Qq#Q?XdMu6e(Zu+&|kiGxl)uBk% zn-O#qvMiWt&5Cw0z{h4=>HgdLgD+^1y!uFeWpzAvE6=*do)H0xkf}O%MPAsp-!?`z zS};&bB}!L@;S-?pZ^czW7RzftPB_r$Z?JU(rIA0tqRCnGIN%Z?@hTe==#> zf*#qst(h|0$s;{y&txzvS~@a`GeTRr{^Vk}*z+$(Y0I>G@_o3|=+y7otmvA^;sIwu zCM3D>Fkh*KwPLt|rkAzAgZ(vx>q=CZ<@0LKJ+9%&uog2NsSaVtviH|W?U;FrJJ-Ad z>6D`p_SnlUmfraU4Kz7CHAQpN-4&Os7RW}{uQ=zhgjNl*`|BSm3;m=4`o)>?le_f{ z+{VJn#_#TQp?c>twqKqF#*v@HY0f^TN0iSXkRwqh*Z1e<6@gcNTkD!e{#v^U@o6|A zy^hsm1&13FaN?0$b;aNc$12~723nlylQgSe@z(5K$F4EghLv7)cMf#5RVnHweZx1d z!MzYB6C$xFn6oJbh2h_MI`%v+aXBK1#57rJqV-ZkNeF;P+J)Xp{0>gBWb2mAG$y|M z;;?<8`*&*7jklxL@?p_t4GTN{yk8lB?~kS+;wc7>@61#r_tg5(LmNNQ(9{6zUsRMu zW1tx8yI(h&ShFU-c@WuteVu25Cm4%4KXDC>7&uM}lvk*HD@^34h6EJ{kaQbAceBn6 z4jwLlT5szcJr9G!fMZK12&jI898uMjpr~qSo3&JH<66ydy>*J(s@9!occ0_gnB%GS zJnYQ8YiiY9sMPvWt3F+<)M{>Rb(j@$>}!3fPt&UP32uJ#@#S;6_7CWp|9UwN1d>m7 z4>T#I)Ddck=v!4`f4n+UXBzYsP?E0HxQ~V5IMa?&6>1{Qr5oh-HQY_-F4c%COUVQ! zW#}F^e%Snt(P}b8?eM0|)YVYIt9H7OBj)@pls`a+fcDqWP)X`1 z0~C&d?aj)=`9%Z|0O0|$N6@m|jPlk}z(Rp5X^U_44(P<_~lgMSUTS_kN z7lLawdHu+HtIY?GO-fHo2X2h1Xw9U^?%2Pe6(Jy;loum-QMN(=7V-rd7ljZ^YQ+07 z5^McLm{GLFa7CS&&FMAbAOh+=6 zBPKb2Vp*_f6X99kCOZy9-kXsX9E(Qw(LjPZZ?VC~xzYLcopKX>GUOO}Sj6zL2=V)L zsBv9ed3kelIvyZd^psYe?%2uMbGA8lUL)T87^1_b<71!$>zsXy0YpSlddxRsD3vCrtzal8N_sEP zIB#2&Zm@n}GpQ?{MM+WG&o5WfKzK z>+v)`OPvHFl;EKvegD02;Wj4@ zAh>&olB}vE`?=YC25J2x&5S--3mrxMD9aZ_RqbtURX?Y>T5D=Hx7~V$%Cf;>;Z&XZ z@pf#jHkpAVnV%9OVO}HtieWd0)H4;ZpTIB?*>m&Cr`cDmi z{<~hssoAO~8_&u0`iW3hk0DUg+QSysG&aqRQ|GgpZXDirzR~hX5weA05gFXscS0Xb zCX$0?3UFpapvu`6W?U#Mhswj^NGL<}{+5~@Opyt87Q?4v1u9lJ13S*+FTU4UdUf07 zeCgcQ+h39%}Jgo>sC|wvKCW6t;q%>;>uvenyWeST^)je8vN+2Ids-enE=o%L1t4PR zl#BWX0GEHomP4nf9Ov~vli5=fadl|P;`>Hu!gW8!Pn05>pwa0J<}P~vROg-*_X*o~ zTAx5=^ZgzYO;{zN4y4`>kXf=e1uc$eM!8X7O~B=Gpg@YEhsx<;C~n(Rq03j1I->zC z@b=W(fuT;*p!7b`Olvd~)q}_)9Ga4#uoxks`JXr!v}LmW6hxDK z_3%&+-M8*B=PpAHH`&pF%A8&Ey~(o}ESAmM=hE!j!RcC?Tb@3*cW?9L99ftTK(vqC z8Uky+FI6f&))AXKEL1`F1wnmrI^XJ@SCx7_EgdL3+FtvAEC4;pp8@=r<2CZFl+k8C z;Gl^g%rMXkmQ%7N>tTWeLGL)hIK1`<9SqFI46&$4@P{Z#k+bGwFo_!pxZp@6qMgAZ zmp3BgNMj}G)kwAqkNlGfx6&?KH%-yT_xx!i)So$^rKJQHZOWN6o5 zKH3TJV!`B)G20xDDxR$KmoNtJ0#_M>`U4r~hJ0h`ZDKwUgOHE?TofHhMPubxu5SWK zcY`K2_^pa_AFF?#IomC$Cdxcd13R`6P(89!W!4xhSUE^-nvc@3wO|^1_zA9OXyEi9 z=+%wLFOfjjysgcX;-Wt^J|lFHiYIRexNk;p4;8FX?ml6GnyqUk#q>_ZyE_&TKlVaG z03^%mo6gS81HX*NrdrA1jq2QZVZyT6oROm#mhEv_od}jahlhivjZ97~6F< z?}w%~2-Y?>28naW@nGcygaQQMelv}hofJ)Gbrk;iuAH#EG@>{eTJj$pK#Xrf24C9ga zMbUh!2=Z(M9JzdgGosuevV+3Yr`0F)pd@AV0FzNLBg<@NLD~buqsxZ@B!z_B3h$(k zUCEs96LqV;2EQZ7Ek~$EhN~K?swxP77hZHQi(;>#{GFc%IqOu8OX4G#jNn()e1Q0- z^1jF54UMY6by7~f%L0MS0ihfT6-r4oG+7h$dlXCraulPe)Xh?0JdMkh5U?I)^K*No zq_{e`SeY>^;=;#-9O#fZk!4iLWYq#})I=XrYkIeecwR7s^3mv=2QDzVoL8E!R8DVSsjDUz zsRoizK_HX;`A;rDE!pA1`g^%_y%5K1MFc_mM{fJ4wEjX!91I*~=bPNNI`2{Hwrbj# zTZ(X%ie$%=NA1i(bF&tPAga(cUoRgAb95ym?7)EZ3emBzru-l}` zy4+@y)*TNlvu0-Eb3ve(TDXLf zZ5(u-*lPV7DoH>%U1vgKaii6gqNEe2^uaf}P|`!kpeu|xRI_pJ>fnfRr&`HFe6nO~ z6WvCy%KCv&EpF>r-Hpb%ni|z&&gWwbpls>G!`_Ciw2&4YQ&n zgsGN(NAsZ?zz}|~S*}@FeO+ggEUsQ8*{6aB>FlgC{=?9S+_xAM`|D)(Afe4@2)e=> zE8O_trs7`y9Fjt^c>R$N0B-r_jh6em?Z*leb1W-Ag=?lgu%r0k3P{V`MoNkrvvg+Kpg|juS|ik)P8tOd|%YD9|awmurSfUtJf?N zJef2~T|0BTU{M05`CXkyzspY%tae<}_D>W#D$>{AlyasaQV=VXjG00FuUWW*?2ric zs2T&<-FM;QZKpOnDSpG=Q#pu8mc5 zQwA;04D1oLf&jq2$;NC6r9f{APp!lxEWvvN5y6fk0!2rrIby(*xMzOpwCc4xDzhxm zWi97DSL0TkZ4B`MRW<#4iIBg~!Z_keO(FIP%!Xo_k^@%bVlEQ3n9<@Lt$e*DmQZIA zNL^WIscEtF<~&~-o9ti2c6lpB*vCM^QojlQ*Ss%mRVmhJo5gcgSv_HB7$~o@nBFXC zFFW7p!;)IaM2C(O?NC80E6dtN%U>4#j8oprLWW^G)cSl_!KDjJ3w=l<6()Bh%&e@p zsr<;K^sHV1647R_K_2aRKNv>qir6|$&XbUwot>qxR*d`0$g0=VM0@?a=^-M@RG8e; zS;`Y_!S7)2#a#Br-QwBh8tFoRV_JZP@v+1sQt*)O;qIBXY!x+DSfH_TcKB!e-V~Fe zI5n6rzxf(kkoIYCSoLdCe1B3bv5^C@~_eA7%I)9I8~i<7UlJN!^(~0mC?&}s;aOsLQ6t#XOYg- zlM&^Gk{J3zi(kJ?db;Y7zW{$cPhRxjgXXLrt8+^Q{0j6?!U)MOVf;0Pj5~Su>78jb zZ7xvLt4st#5=`9-I5D&8Bt^d|?%3%qCY@ZI8GwbeD9Ok?_e&h?nLcVC>=peifJ=oE zd8MZmOjijJ3ex4?)<5fX+o?M&N@_e?qRw}Mn~oIW_<+TZXSyK2*#%v3IP1-5ud4Es zpwZ1(woy~liq?$as3{9#C>+B5Qx&cu2AL27>?DPe3qYok%iDIx@6yt3d@Z`2PF`prbYm z83^_ZDr(bN)m^ggBe@@Qj4u>Ukd?HwTd#*pkm(GIap8QpI+B^?>ze9gX|e_=D`#vO zQm!*IEB5dGH$uQ}d9lF1f|yqID9U}QiVM1S|K;dwm`LyhRV~<{Xs&~2W2dvz<_6=f zi>~GV)=6l!aZg0XxP7#+%?L4E7x4#aoC;^e*`i*UxJyma zfNWEsRPu~YwRULr$a4LZi-?kmKBHj^6QMv$U61-I#?L_%Lh8y^2zHelbDAwd zQf2wqQ%N`IULjt9O1_|?l0YAfgiR@?9aM~7HltyRzNXp8yCIatSRHjFAIq1pXFwQb zW|-I>rW}|=ENG3Ne83_Y9}SK^;OF_ALg<6BGdmn15@g_vO0J>)sgwhpzkDlRG-K7#?3&>{p5@SA&9mZ#=^#{3~mXw0DI!GE_7bt9&avueSroQZ@k zu;L^Ru+ybfO1qXnT}+hI(q{_@lI%}V2)-S4oEs>up&7CRpcfbGxuRJ$Lsxg|4E3PV9>3lV+ z0j92C%5-B6(*~)FVALUDj57wbZRx<1Q*{4@HJd!Mr@x&;Nz(l5rEq_U zpwp;3GW@5>XSRt}$*G7!%x+7BI9}r4f?`Uk@=3A3t%ifQw94W#h1FFt=!Dklh$UF4 zNO>4lRqp1u{BD}1h1wxk5*wG<9{lEDDs!GJBPc;6u9LIr2 z*@J1{lz@X)EJzTI(m5QUzkR8V=p`&1c@47_F3c>If#YDKcX3H%7e~$jp-Kpu_G<1^$j@8>5a5p}=T6={0I1>L3W$rf@PN;=3FHDN2*Y<_KH5u1*p*@>6j{!?bSvbw)4bNEAr`#jwJcF^u{l*I?% zU21jKoBk*mS)1s8J zVGa;7rjrGJa!5*O-amA(k}p!xWB*ITPv4 zJLU*KAR`05UFFTY_(#dU>^p#3ru+n*chKQPgbJka0~=wI{U!`BY|dY0wxGCoO5b^~ zr;I$>KIcC%F^}($?%&?$HA_#Kk*}T3*EdlKoRjR^V0}~+zDA_CKfSmRP!g@&!T*B` z%17T1bVS$b6uJC}N+L^sVn_;tzhW|z-9vcq4^`UG(ZNu(pU%4V+c#3mIyM^$sWL_f zHAMqBVLh|vO%{<-GDu=pl7KeqEG3BA-3L9PC0u2&T2-WK42IrxM`Xq->=#}?)SHW4; zg7Elu&Cz!>?nGMrjqSNGP)v}}m~s*)pj^BpI$M|u4qCM&`y=-2Pw#SQgmy$h3L_{~ z(}l#5`0J@eur?G8q#u<$A>mL7$i!YL>^#Bxy_0KgJZ7xqQgrCq$evg&n`Wm2?cG8q zm#+Ts9^x%R7KFNQ_i0b-8QxNRFgz~7$Ek{$L1Tl}5*)Mej2$Q>B|?P&e53UNm6Ie_ z6JPa-e$U#BPmlr%Bve{B+D{{9lkIMNC6D<@|{bly(b>9pIHvKG zgF{jGwNFg2tqYHT_x+1bO)@7rnP$4%8xl7`J29hvo*Vp`yb^dTQ4mO;*2yV6Oo91> zA{g5tFQbZLV2}V!fe~`ZVICgp$n9@-O=9iLzx-HL zn+du_n+~Ls_pGz$2xE~OI0s207%0gzZ{`|ESV#lDS6_$->aTIheON0zy#XgD*wnd` zRW9w6482xF`P56s-7wP%%@=Fo2j>IHx}tg$0IVQou_!!Kx7}`a(!-kal@m)#^Ioc? z-?c=Bhjc96*E!O19a)9psAS^&r*6**7hzP5!xm{(z;49p0@O2dF=?fpQdK#YvaOZ# zp3{m@{%);aR)aIsVa=CN_I5A!T5qijUZgvVr_CKpZct;9h>_2vg<-aAOvKu9F8Wf7 zV!nyIi*8m;j`vW}kP;$-zLYw!KcJX_`)3VYP$L*RlQhf7e7$NCNWz@e`}>MNi!;sP z4=XEmZh>ckYsF7LJ5@t677S7zCilaxNLZN^RZswnEVv~`Vgw~o%d~3Y1*M5e?$2@R z>%F{B(uIaDG6?un^tOsQN*GyXs^D8Yg%BZeN?vVQWn~CUPnyUM=B=88bsU8WyCnZOCrd*D?)532 zCJbg^%uSC2COXq*&@!Q2nMqcxyV<#B)A3Xhmzd%>4^5^k<0SP z*96_FDxa2yI3z1ZLX>bzn7++AZs!Bzp>&U#8UCM0qQ&~hFigvucIAJ1JH(5}1Xm^#XRxGJ$ zZr;C?>!`u->+N>(;yC5_FWyrdr zrQ8NX>w6xF$YhSC_ngRhfVEKNQ?KeFm5Cr0J%8NX)I}qDb&Qp(l)`w+TWL3~&!;lf zEh(YI2jx^t2xMgH@R2|eKIyyF=Ps)7si8WG#(6yn!4ZtXWEtbYEOzkvZr@AMLQi23 z!+L_Cr>cXXGQ;2Vy(MMKl3Z59n2dIhAo0@`|}q z6T+XjmE3V5isRcEJW%5A+1R>@wPAh(OrJm+ZFD(cy zHYaJixF#l%*ISqP>qgmQ6skP0h8U>wFcR!OcMdM}SN@H|zcrOw3D?H7r!)i+6K9`_ zsPPg5DJGw${zQ2oa6PAIUF5eAO2XDBSyAHNf$7?z5r(ti{oW-9F?z)ck;;e!@Ri3@`4 z4p`LAx5}2^j+|pmh>*Hl%=%N|6dVMdsQb@Q@il!5?u)u(Odm^{kliUBL8|8)(?45w zXOLQkakl|G)_vUhBc9C9U|GWYZ{F{Vq)9X`=`nACwi8n7K)?+t1x_ zdjnYuOBOhmlaxWx5&xg_#}Jp5s^RboFuQy^5c=8HBj$S z?+(8NG#=bHGm|D#XU{E%#L71EuzI!dlo8J2Np)*?u^>h7UO2fpd%vyml~h)5)tQU| zK}b=!93d(j*NsW){}D(OL4Yt*{Hq%k4lZPQuR0cv^4D5U`#<6hDr;W zZ41c37+gz%Uf48Ol))e4GI_Yb?!L@AJ{e7u#COeOjLVk$;8}$;clVTiv)Ghb#9?3b z4|lNz*_^|^j@C?4x`#nW(jD$5s6<_`f2It0@SJ%FpoCQfLB)+`odXBzJfHqUo((DaSl zlpn3ZFppf^LFDLnMxvAvy7z+mU^rO%!G(Tn>6z+P*S82)LAI4D%WIp6r{utuD`0q} zSHjt#x-nY;`MRdd@pgAmsR5Eu^B-v>vL8Pt4=tF`yOdEiL+>LUb#~vh+K>hnB%yCX zjVX?HD)12siEH>`oUN(P49@)!W3Y0-ovaq|k@lerO@#o3BH}A^0kA|wOCHtBp8yBL z<_~oJs(+pjHL6e)iMFIPp(PUE3&eg`wLf>nqt>tmVVV!-0T$+{j9vlSC_n$}ssFc; zKO>_0b{p1pQgkic+|kS|%?`F}&EVAxgC|X-W?2aViBmfT-2{REhe(UyAB9+VgGdgP zviRsIaS@!r5TN9*S$3(16!1^Vgv19>fd4I+_uz&qp25oPttO;iZit>;JMju^U?+W#pB{RM*E$F<{=?)BPQT9M8`f#5<^x3CtW3KwtulrLF)q;PKr!_kc! zJ35hdh7ijA+fD%e6;R>AnE{vFH`1ik@^78i|F|m^VFIj;-!76i*gApsxXk4#%3{Ex z52AzIi#=_8=`*Hk`Yw800%Z{d_y6qRTn1dYyiM48S{WG$Njb)k9qb=HC(+IS-={_c zIe@lU`-D>7hB}iZ;WyX~1#5oI`H<);Ta=L{JdkE&*aid8U&3b$1CbZ7> z2MZEj2Fzdrm*Y+9Q`7XP51fSaJNm%^4=%xdNh)$1c-6;=-NJPL)>i%hE?)BE18dX%$ip7tyW5FxQokZq{gyMg=ligbDO-HE zsAZdb4+N&Cx%DoSZg^gG1XQ<}#uKM|0gt`CKTYSwD=8i8U**Aj3Ts4nYwrxzS2zDZ z!%G?fP_ZLgBgr8U`6p&W`8hL1edjmaIa8&PF3)Adv(ygMs3c9_%R3u~Nd8uA@;x?fHIl4HDZ zd!8Ym!R$DZVMF>l&W{$j1afH(WK%M2frwdmvUvB;7Cz4ND7MbKpX*WkpT(EQ!=~uk zcI8t`aTBX6c*T#6z$74`dOL!j8O!@PmKMd~qNv)Q`bJTcUHhs=SOeL41#fmOD zUHoD>gdR*ZNFy#Ym8wY8$2UeyHhIawk#mDiixU;{VI>o9og}gMcL7l3?^jFwn-OT> zy=-$j=hUk0HT%qh&9x$t&z~IFuAo(nQ~RGH|F=!a6G9lz*%u0WZ2W+hG@!t!Sn>Lh zslzTrsQ|u`$a6s8@OnM3ZGAK=KJT1Gk>|NIzr~$x;$NJ(U99MFW<)ijZ=ByQ6f?S1 zFTJHsd4aL5{sYuUp8p4Anf9~&n&=5gy~R8$_;`c2Lt886{a69Y5&G~yvC~(6wO@X$ zD4$>Id958dRO;SL>1NBh%qQFu0WVBX2a&^_#^fqsV>3~TJhW`gNykhc9FoL_Mytup zF(5(t-y8U+S0W}tfD6X+y$4CYxSi7F916^iLuAs|=+4^?86oilR)jJNz^iH1u!N-Q z7*g7buvf#Au`kvVE_*5%s67PS^QbukHFwEs0-C3A2@wW`c4rMB1{;F2#S}W z+%gL4uRB;1Kv5<-%d7pjTzgQ&VLap9C4FqC7Y&HAE!BI^s*!phmd0pc%B07K+xpRY z#PB3__tUB`5F;DH#S^Y=<3M51yTS2eCPIpv(uX+<4iYu@yGX^O36 zg<3ckD(%EOqfdNb^h11`EiHH=~0Qn0E z^j%wcMm8^tKd+6N>N;MUC~m5ZLY3{vEYkH%W~1^LUD`b#fp=>_J(uWjd`yWqJsl`igjw) z&I1KuXdRic)?RyEkhI-;TIL~eRbM0v3`V31{@u3xyHSX@HFf)p?ZQ%Hc7dRR93;f< zF!LNoe!cvk^|3`>6_5p<}4m@b({5A2&!r%B48B%f>0Tj;$gBb}?Uu)T5f$H=o2k3N{% zZ|GB$-1*Md$x+s^%Hm!MO|Qk0|9d)x$?)^UkB7TZs$c4SM`NPu3xunbj4N^ zr`4eIBl3YoSwiyszW0}|U2UD6S?WdA2Bw=c$B!3lsXkYHZlKf!&Q_|e8(GY}{^aLn zx_petV4(*Q6B=#$uEG{)pqJG-+<*mhxj-3Ur7A-uiGlcjGf^`#B0kNxWA_6q&BaTs>MIjwwa;|{ZYA{1LLI&GcKKem zzgYWST%OY7+{v>b)95fDJveOJF(O5RDx>rK5o$Y!aJNe zaeVKOozoq03Kcq?9>BzTbv=&|*bVnygf)E+Q_9v!&=a-1 zQefN35ilvGj-Qtm+!8mx&BT0yHAwfcRLrF=YaEgN9|%a=q4f#$}Dh zfvW|RQ@044%J^V&3UHRVMZ`~eF5};U+{o~@?e3%mfv662o-^yb_*6kNrNOI~++MF* zDus70cPtZOgg)(UZN(DYb9_-29_8xv#UX?|-so_G^jg1I)%7_$ICgt|uXi9D?teb7 zOtE}U1QcH=9MTd&{#4C7P_)SMgT|F!?g@L>hy-rw3i&^sD2j84@WMm8_ z)}NI){j`Z_2NF~OimC<9o9u8}ixuT8A~L26!N?>wMABk_w-u!hy)WLOIwwaDtP}Ja zS|UZ_z(Y?!to}jilK7Sd1%W&{szVR`w?PHsQsulP?JWzIWEBG4sRzbsRX&R|#DndZ zc=!;-w^5^svx5pcolk8#IA>XPBNs4s47Cz0F_KB?xW+}fFDqoI)Rgq!cO)~qIDU?_ z$?~y=rv(78n>d-$5mLlUjC}Yy2X`g=c8_#sEKSYBLLqsJ2T#?;XT+3QV?{rS&^F`a zsyVu=3K2@tn<|;-H~wx`B~rI3cA&)iT}A8mSKS@602Uep-n&rIEd%i=u32VUh<`OVWFl7t~UJ~^4T4Tti{01 zXDBeF9UvfTMEGjFu0ZMW%7O3un7n?5s8#DoojBi8e+cwB=vmm^&*WZacRqWtysxX& zYKg+Pa+j4NL#sYp>3wnCAHnE07_T#xUS{u$`j*t@b}96{dj}oZSjDdA;e@;eDbhdZe(dB5I>3D4Z3bR=_3zJeknoYjO_e~NO4NX zXMg`Jhi(Ru)!zh!(Jm>h`my7(w9m@Ib_1gzA}^1GJ9!O`lWd{;rE+y2@!_>3u+__R zC;W%}7j%3&u%Bn8v&E0}R@NN46YS;}pU!ey+qjnV%}e5-l%*v8m3HNLqF}S5)O!+R z;~#z0*MR|H-Y_Y-mFBi+f`CUT#y>fIWF{-*UgmH|mz{UO=_vNYhtN&Wha6;Oq&t-O+Rq zshh1Ch_Qo_$-$%B&TTr##=@WWhE1Q0XIzYW$}jinhp$Y~3p$?5LXw zNAy4vtiW=xK!{`in-O@rh)aCIcuqwD`OMXeuN{;!+k9R!C4;r73SR#&xkhF@F&>`J zGl(u?UkHPJ>zkUg%=FdO%VQWC%3Psfb7YMcO0^EAMsI%vFTg<3>La)TVc;zo3`S}Y z{Y>~?;!Q1H$gWz}PeySWQ)R1XGM4lPq&#^FavMS(ip3#6rkSMRkm-XP6KCZ&;~6>s9dbL!|AM_fA}i`c{PX44 zXp(#H-J%o7Fb#iglFRy|vXnP5Q|~7%eTi1Fv2w*%d$EVCrdJt-+R!d6Cdl0C7L(l& zo=l)QSpBL73%YDD>d33BCulA!EH%G(`5x5b`CtL@F3-E6$Rfvs)y^1IFHg=?%Bb4X z8yK`(zvl332#33RNqj56v>ELtM04{k!xtM+%iJB5XEf}%%8O+DoeH!@^g0pB)w_QH z?dZ@9Y?EKsLvc@EZYH~7gA$ukMYLh0+@VMWXic&3Dr<|Ha-q<2ZNGd^EFY&1l=0=B z3t!fE1z9YC1UPmt(lJ-o=c}CA(m?tZgqjth5-V<~=fGlgbX87*Zxt{Pt}+Y;M>1Fp zIs!XCy;f^nJl9R}e)rrPaW3V57oLoCMY9?n(6>3F|+7pK>!x~vT^#gnmd4~ zOY^+=!(zC>hKIIPTZ(l>C<2c~P;Koo(1y)awV*nqSdGEpDh31N*m8I65#os-bAn4m zv49U6w$U(IT{#FQ`2_U=8448vo#)B?0&E>X1MwCD|yVFT<Es(|vV9uhV3P`Pcm@UcR?C&6pSr$zJ4;A9Ffe2tL zFt%08f#F6#OgGbn9|A_=%N$4Axnn6Z9pm@F;;HQ%!8}NspqBPXmPOlER06X}-4fPL zE|^xW4%VKcLk4R#VbS?ZNcfRxS%foFr=>3zwxrwGp*}XI!hUnp%l#K}#gWxx+;(r? z8n9u{Q#8>JteT?<_KhF`GPas|C9iGe|3qf$@t;D2Si=WRUm$8Bf zfIWSZ!P;9MNk|^QI=;t-AQG1aJ#h7Ku@1 zISY?pznJdFR%^dDtY&Z!=2y1qYGC!FI<(Ca+-{4HO>C&rT}{o@{hSNw`Bo42IFO{* zI9ENawU!j@L9G(tONtKbusCAzQQHLdYURHLvT%Yz5H$zh1yfA=u z771@^U#Qz&DmeggcnA^yicG*fL75(g3X7M!<>-UBdetzzNRHUC+2@+-J?fC2kKC9r z3ZxfX0#RwxxI_$|$W9&j*6ex@G&a(c$u%z)xu2Kq@CD zeTgxWCR?AFv_uBY_OHO{6gtfjx_-tNL-E)Z=-(iVjg%y-4(qeE>0+sC zX6=3_v0*ogT>+ESC*Qh0QfCd{?DrM+b}+uMOe$vU z9mV%PFQ`Vs(vvH|6hS)fcZ-xTB*KB?yNYGmkwaD}CsIp|hz8+$GSX;S>o_r$<(hT) zO+A|;VErk6juv!Twj+D?$p`NpNSUzdpY)myA4Hcre4aV3uL5r-L<3y*u9#eFKkK!B zoeT&9EcXoDD>vrKl{S>^<}I#t_<&^MoPAOL zYsHHsm*DD(tE(@{`#mX(Eqz&SvSipLs`0onb9G<$Jgv0w6RY6iBK?&Gat+<^x;#HR zvaq(!7oXn;sW&Vqc|D&uE7N0DN+{=B+^ThgtXe=+qc@P&OE=UPe@FH&D=c;!JP!pr zMq+g75Vvvb19zM6ubaj4*`a8<)H^m zr(0)C0N8_w_T1EzKjd1g%cY2K%11N9{Vc zz52D%!baE_3STp~NWJYXS;=pbMEEzHecSr_-^{ zT1%?9!~R@=dzoZ%OFpx4s3aTanWUIeh@{eZmtkyYM*A-(GZKGJ=+9{6aIQ{Nn0UL5 zY^Fo`>6qg%yhk-v&uwqEUGc!{q_~Z)B z%4~fbtPUO8G*b_V^a?pZP4ZOi8yw}ZH-zG>!NamFook*6{uX)McN`1h&5 z#Qx7S+h&khLW7_{3qbKEuGH@gSPr@OYj8d1qQKK`;u#Rx55==J7y*HkYEibwMq?PN<$Rf`!i^`-*m){Ab3V8G7NZB~5cj#Z=sYwzFxVUyoW9xXai;&QWvyu! zV}$`>_44=p;^IuoRlEp%nM?*5K9^%~iqrkmoklO1;Dt4a57fahB`sxc0go(+9 z@_NMlYwQ8v$P~K%WnSM)#a~vC%PLHq5sr#UYi^r9XK=kK(D={`?9Sjvdm+v5n8VoLbfaxvYB+m`}Cy-*f zJ{i_^Nv-cy5aA~-X8`#G2+~{<()fGS{DUfDI_Z)3Hk`h{`O8}T>A`oqfiYNN;uT_- zV)h^+9v+Z4m_plLf^@`efyGUf*1SAk1gEEBO&&c&2Z+wteg3WEmR$FncNLk~f2J@p z1P$RIk_YjH0X0HSZ`Ox|ca=e+K8sRB%P5bWELf84TJX?}K77G(Z%NN<1kJGaF}C5+ z5ah|*xTGZ!A{B?UV`+E=s$V!Png+o{Eji)3>@4FhqO{aAz-RKG_YMM>u%fo4ysnsg z^WoBaYP(&(h`^Yww8_8~Mg1-4*)lMn0&8E`>UOX-Ni1Qp~hs$oO9D*J{ zB{{qN%09uS(F-__9!IPh^!gO*Cit-^MFy#{9IdcFpw2L6*O0Flt)o$aLj-8Ln`+uN zW&uk$O(Aq_G54szK_Yp3clXQVF67Cg%iCJU*I+=4Mn0|eBcvFV20n^FCVI38XUq8R zU5(|(H&!VY7f+ZD6p7Tt_^z-H3$EgTeK>lw0#0wKNf|W#3}P{? zbSP1fU{eR@V-|MhRwo3cK2F2F_czx#yOYemc+`zk*VR4@Zi72 zX>(eULCEKX4NIgS2e{ubj$Vqnpd3zw37?R`r+9y_1sQ~W3i=xKHMHV>I@T9G4N5bt zI8La@uqc}2s~=cYuiNFuxCpu?f}vdXgwGx+ptPZ{a)oinz_nCU?)6erScEU|wH{Um9Qu_*>${h@d z<5%LZL7C%6Fz_J{HM01dIMU13Q~D7fko#Vv42&_Bo;$I(FUYLcV1J56kOVUDk6$ow zNQt39W(XW{frC2wEaG8Ff7l(uyrlAZU>`}Mg_ z{V{GV>HPhi-;5f&Z7Zw7>e<~QO=U#lWbsl{Oi%khpJ8CL>$ub{M|DT*cP=B$Zk8w* zjtsg~{_F$Kmp*E1f}+#U_30MnZF=jy&Y2(A6|NXBg*+O3Up=)LAR0%YeWnt~;fNoW z@?$9!iTm>cJ``)}hD4)6BxB6HKn|Nke5T+)*=SLgr6X13JEx;hn6ml|LiTA#6{V;> zrEFBm(J@!pNPx0Z|DO1i&=}L*fg43P0&ds3wt8!GacF&Lyuz!okXUyu#El=I1aDky z^!WIKZUeCxSxmTjU$5OB4AUE=s=9U9+Gu_H7}(xXF&-eNc5YkFc1K;r?)Tj62e%5Z z7xn8FYA&)nJqrwpPdw(+<1GKHva^`?8LkJETM~EbiGg3A`$(aBfyCrj$#0SU2uxAo z73vrsnn{r%DEl+r>HA77yi4CVZYf4y_Zj>oThI%_r-BU8`ZR7*n%f~I&6ev-P4-as zclcwH{&bR={+Kp1iH;Oj4`{)rLB~oD5nsVmqQfF-Q3-wUrzMy^B(3d2g<#H*7cE8P8Vq~@n@X_AfpYu$P{$#R2a)} zPtHL=62vVRaV+xal#F1S`%Euhe>_2xizl{0x}YdBEbDs#UFNDG&S-cr-3*!N-nU5a zaAf#wdjLS|Ri$0ejMYi1v?`m3=gSJ73l8@~yEA<{Emm}ZyfC}g*p~-V)I>rp6fprC z2x$sbTdxu0L1FP_a$!tagd&`D-}o1q(X_2@L@xY_il|%7W^GL&Mx;YHv!L%;D3&CQ z!(s9~K&SR*vdj_icnBRE>axnpZIn&Sc-M)lz`F5`?V}yau^+l8anx^f11xRPn+n3e zArJ?|3Zj6yPfABl4)!`V6h}2}SFgNsC(IV3s_TF$K1(1~!jUM`q9Mynr35Fc(-d>^ z>COtSHwzSMQG8kMxX<+$lwzj$_67OjS60jUr zf=<;o|csks~y!<=Anc^HEbkjOVrU)0hoqBecsc;J>` zeXcPT3NaWfZyC;6tOZ-qKv=eg`B7N1)l5&BDcwVs#I@iYxzPC#IVXmIKB|r|tVEnfS27w`AuwaAV zVf-&(nM0F)Z%%vd3?RqUB^zZ+lR7(}Q*EC94d~36COIKoVQA;y>u#ipuLta%f&))W zgM3A=h)IEHEgDY3QoTjtmM8pgyZlNdIMlCyzL+9e2W1u&Bpt8kc8ld95*ZIV0*Q?- zr)ovres}7AqTv=XQ&zlJT_2BXWDFaeZEJbEW1wis&SI%n8cGG}S;m!e{N7)G_fqbY zyagsVaSCONdLsYWjp0US+Wg(|JAhcE1j{=i3us-ksNV4l<0NDVPW{OS*V(>s3-~&t zV&-Ms|FBE=?rv#;^dQu_Ej-;3(^Twd=EljU>rlR`-}z;*$)DdIRJ3BMUTRT(bXsnI zgfgREZMGvlz`(GB{*M+w4;(`thUR(fJ!syWbz3udx$(reo?>kZJ=dAtse_M1m_t;e zDmPlQ>xM6c3OHnCB2s44SYk40jcsHbAg_WIuja>OiseJvoi0?8n$S&`KVtKYDH68% z>_=b}AU({hsWk`}7$VAtS_I2hP~UGUJmrPJNen;nSb__BFJNCZ1CNzKjAolux}#jP z$pP{RpSvl%R*Rz%b_G)_7+M480>~@RRbbrX2 zs4ntA9LZSgUctBQznl097=Rynyn|oDY{Ua=yZal<4BA;JP_~exkUNpz6b5rj1!aY? z1CY?1gDI7%h2fR3gs@vtQ%Gv%ghq(L@{qVF2x^Vtq7%|Ol72}>F^2J?@F=h-;qt`A zb5<_k5GxYXrL&CRq9aVM41!rPsIVPbY{i`%IZ7X5PL#qW!Nh&5IWF$10GFTE?xs9V zLl29C22^k<%1_LZ#Y|1--%wG(AmZ2jK(`G zDTiweWHpA7qMVVYZU{u<02nguf*G?huy8fnTR7@0i=!_@WXY0Q1J!a%l>00(PxN!) zP9b@Eu!{snk^&CIr4AI$dV#>a>*=iU8vi_3z5Uuz(b@eNwlEX)NN!9mQh83La6+1D zd@quUuumQS@f%kRMYGBxD;%W}W-(9DV#l!V-;dgd0##9f-mv&}RY&;|US^*O;{>NU4m#6G z5cLeAWn6>(oQxP8A)Qbdh#pr&&s)ff)qY$(Joy+(&kp6u!^%@YJyAR^`X1_-aUD-i zsHPSrSF~CB$pg{DFY za01YO)nQ+EMjH)!z^b_z7O#6eQSXeH62?r3*N~O{smDTn>3ztpdHcL}$S3ZtdCw{l z_Xp6T$@h9JpO0h|f*d#(s>;E`lAHK6;npEM1`RJS+?Po3E?)57N68mZF)&QWBU&Te zPKp2nuwWecroA^5M(Ddl=hh#A(W-M2g9Lc!Q~v0m>Jm0dndKgso&7XdT(X!zE?sfg zvja2AFn%c0rf%l7>yu1XSI%~ME&lwJ<$Fb0YVs>on}6b<@=NSyS~tPrFE{4u$3?$a z^^Idyb-m$N{f;Mwwdx-)ju-l`i`9;uzanTenr>q#-y@H&TE4B@Hk<0L1Tqxd4p?uX zRM^2loWhmI4ppwa3&+}Yw?#Y|+7Rwe6s$b3?uB*?+{*N^k1DEVFvbj$lm|+A+_286 zpG}k1dobg!6uOg%NyVr)7no;-v8m&GRGIV9NK@b``gSKPe;MbLm*q+)E;5|{Dussl zTdM@exrS76uBgz_cjz>Z(3Du9TtR9;rImYG?z^HmTk50gZvOg->(ZuUM6lsp+)GaxhN2eqP3 z5W#stSP>ud@QMu*zn9i zol-3CgT+XxG@;7jD|nbIJr(Qnn)@Pc-SBFGW#O&J{^J612_tyJ-dnLpHkgoBB^+oP zjG`Yu*YOqL!Z?e^Fi%uB0s+RENpk(?F)}Om&$zvkjI&A-CiMXZ_@Qpt)5$|0#SqM- zte2u1JSk?ZaPMG11&@T{-dw&2mE2o1CaNgsVvRXM*LSyg^${W*5bIVLh4IPzOg?M? z^F_4+-zr2Ux1v8=%PBc)COy)ASYKJLBjRls&d9<{MuakunrZXL!a)uMQ=2ll#u;kt z#Mj#jAQPPuEtK+^EjDy`Lm9NVq9Ikuh1(V`WQfCXAlV1RxS5e0M@uW@AK%qm&_S38 z#tXnyYP?IOY&yeALp|Q;tb@5K02Z8_gfYcco5wC3UZM^s#J~La*zkt?$Z?h37lQ5^ z3D%uJ`k)X&dgamp#P~a7E%$a|kuU4yjTO=GH@lhKRQsrBbBavGXA<>0k!bA!%_s|?MejCCdV1(CXvDpA)&dvFPHcZb#JW;+FQZ}$N&Y{u5m96V=Z!{dEZ~@(_b%RTfW|I! za~}}bjL*|2q&;=Uz@u*}++6s+!0*03+f=7$*GPZK^qX#IKFQDP@g&{|baTEubUL4$ zUPr_ou(zNo`PW0gH_CzzkhMIqL>y{bKvhDnX7y87EPWuhn*Y#OcVYNpnYvymiQW#L zltAq9Z5&}r>*{jO=^(zkfcruYI(%y~H7(8*DFuQ0P&tH7xwYCQqj1R1xK{dwcF+kI zR36-Mbu|WoM;qhnAi!wBjV+t|Z?vT2Ylw1C?0FxP`Jbgv#`JpZFRz2>xxt$mNj$x>{?o>N}xBS_aYRc!V|y) z0(^mbnsg9HrwZdak<<6$QO{Ir*l$0k2y-);N|`wF5Vk3$siTI@Vknv7b?B6Hmj$PL z`{jY7U%{UA)XKI3_GwilR}Vlqz>w4@Hz%oTZNJl8Ysh zOp`*E5=lQ;$jO90T82hKIMbJRiVj)nOU%JF{k~Y27B%Pqpm>n|WABXdr|n9kDTy;f zx(;zZiobk&xG-n4+t5*5BlRO9BPMnr&a;Gp0ShtZq6aq}w&GM39@!RQgD5?%YKs}y z#ACBz?Bh303-J$$egdT#+m8DL4}yIn1~XY@nkjST-hCGAt8~Uzmh!-$hY-ey8VOGt zY0s>Kt5Uz1z*Q1(^8Gq805GFJGzT7OVO}DUogmFnmjTnj1I6rTSD2>*%1|+*jVKML z<4QxbqoA2IZgegMw)f`XJHx8B_Zt^gg?4j<7g0{k9xZJJU2NT`rEi9s8Z6}sW#oLd zLaxpgTgCe~p<{BrKSjrY9Y9XfBPeMA_4NOAB_zWah3Ks5e{6y8fr&v_>kYV7xKGg< z{v3@9(+Kny0-uvt=xTs2C%@(9Y^gwp4LSbI1lKb^jljOPDSQ<^ z18WIJYF)WW?7h_mrj~$HI?TO;3~&74D3tQY;SKqNf_ik|ypSs6u3-3=hYxokS)b%q zgOK3h59MayplwAt(0_hH4%p=;Qh*q{f1IQu4vPUH03w7px$6a}BM*rS;1lK1?`Jq{ zovh#6y}ylh#Y#OA=E6Qg3Cgw|2=e5$9a7c-zIXlr#EOQ9xPHy~EOc-5HWq=y{0a9H zi*hOjF(0O4H+qjmWU54puCA_vK+UYk7EXBF4pq-wh+y!oL`H%56PaEyB`SeI6a>$_ z%O}WYE>cmaeTyRZ;J866G8qzNWqO5E7P2B|#$snQFmQ_OF4F}#*b`aoOCyoTMq~>N zRC)YjS+D%Yq_DE}gNAanp@z>16QeE06!DI|W&=v#`S-(0unv-cHTJq{068CKW+1h& zWfE{6utTN^i8T(F2#?Rm49+8J2)^Mk-=bm}6NZkJxNAfj8O%T7*Nb=>AKjqUJ;h5x zd-&IC#I}p1W5w%GK=#BHqVGYVk}@7mr+jdPj6bqwp$3lDfPosYfzW$sBP685*i*UH zFiQCJCLd0Oy3jv_7OF{+i8wO@6{P4vmm>oK-r&9WB9t`vs{vUy91DU1H=wp*b;pA; z-6>Z;8USAsN7sJo^ODt@l8u2XqN3GggHyDQ#B=q5E0P@qB?m~--%Sh;$WvO=h1{@_ReMGzBc8XQ`2p&mAcU#uuzSuyrfiUJ6^&MJ+cz%NUidR7 zcD^@wLyo?mvT%t^eXta!`pR$lGFQH+Ah04p=;nhRAZQF*G{JJr?n4wew}PQ{-a^hv9xk z@k({vF%U4lZWXu~s)%knF3&*?`sb_9zPjD25s^y~PkYK<%i-b}E zf;wKc1Tr5eBGb~N)ygWfp>6jQ1J0TU?Rflo?~jiu&MeOBHlf4U$V&56Zj=wu*7vBr zRK<)JVk<50Z_nE}#IR5B)#PU1O#YE+1_1WTeqP1NnHY9gwLJvRbT-NsffkvZm|f z{7urGz*q912RBp@v^{5XHglbq{0S4o99zhFTPaJ3dx^71DoGI2%X3ZLO%lmTdD`p(XmX<;A92A_$qFY*l+`ZrWr}3IjAwdy25rpdpOu20{%V?0 z0Kh^;2P{H?XE8XJ*bprM?K^zWioFTO5&t1~aa=JgF@Z`UqgxSEd2p&6dc*0EfSD0S z-C6>6m?QU47bsb07U#LBI|!nf;4VmNGO%EXqf~qjFf!=6UPgEYE?6Q7V)d&;2^J|b z##wFY=1@uhfrz~6W8_Hzq;iFPk)OaEf5u?&vyIa)3hU`1Sg*3PCf0hWF5?ShJ zS@(2=mB021i3@{}Y^nH4BGLmDNC!@s&dS5=&&XUW_8~Mk)L9xAxi<(^h6G*c@Yg5< z)%o1kDQvKX;>>2dCcz)uAmEvRpq+su zd9FbbaQ3b9#S{uq5j^$9Fdl+6iEoHsK|oEj!<*Bx<0^!Ku}*kljL+r+&PP1j@=!po z(CqYrl7!~mP{nAC2$|A9`fr~CyfKtQn4=T|_rRP0gj7ZfddL*0Oo+pw$?Po5C5$r5 zA^sbOHUk>8Dep|z>2tU7M65m{!USn^p@nhEBy$Qv#E5x*+cD8d-a?q^ zb0HEZLf{FO8vr5>l2+oS_^dL^d3a_jTm*WcY0H{Wz=|MFY0^rrP+eZYkBWJXBx&3c za^CoKRS0DWar%0Y^{Rw?w8Z2Jsr+3VQASX5V}%ura;D|%#u%3R=PkJZsUpcRgTs47 zb;6J66r#&^mQ}isp(Mtm5JQkuOcAl=_zf=-#?$J{8Mx1rmJ)buLnsC3PLft0F^T)} z>H#N6gzSsaKdUn;0nOsE6~WkU0ebBuj2~}?pgfbp5a)6v^?Vemm_P1-@#NzI%MzFkWgjP}h#h>H!~b^I46qXHdJB(ky5t$ektTc|=GUogqA?{!@;MLU_XT_V zX0y>wfqZ4xx?>caaJuPjEi3!JT&t|gj!p<*r*iv|uN{COf<|9J-b441 ztSUkhvZQYWJjpmSQ-|t)kpC) z%xYKZ?u&RzU=HhOj42E*eIt$K>G_$|moL#fb5tbzJ%Vmt?)&|~3iG{fd-rGUrm<}P z%cc0B(m7=O9jd8By1!Q0COn z;~ia5Qh5QE8d!*f9q-F0`%5V00acyVMRQ2|t7fof9Z-4_CTaBZF^UzjQZU+#g?2$k z`T_cvx8O;kIoSU19_1vApw7qaM_fZy1A3XiNOFwi0C?^|tnFYFWobCicKU>wC#p{L zqnZK{T;4Y=G%Oh4+ethwu#jX}$^$}LM|3aRo1|bezWSH(FDJ>UzXAU;ND!eF);Oxa zvKx=T%;wuF!Tk-Z_$O@gFU!sV2SFnJ5R-D<*U;Zpcvw3^B7aZ$|K$t*{mFofXp7M& z&jhMm`F%j%=eoT+8x^EB@NZVeKfX(y2K-oCsaL4?`pTcW-H8Pllu(tUbPRE~qE z34gYpk|XYyI*Wzyg9fC81|qOKowm9qi}a^lCIavi5pVZA$ZX9 zgRE$U4Du@Dib}LFbm?HZZ^gsi*RTMNSx%xiG-DuZSAjdCE$5bX`sUI7DuR>{<$sNM zfZ-o}Dr1gB5)oq}$`y3r5}W}mW1?VO>mPG24w9S{2=H!aF4h>9kfgsKBj{ec_DG3n z3Wf)Dq|hN~&_N35XDr=H{-1s8MyrMN6Kco-DwN$!zo>%V>|!v>xwly1{k z$n$@{R~h0TR>3+gTIfHY`M)Pfs?DEqT>dKU@qfRU3O;yM*{%jQsMQuQEJ&0%Tr|6! zWzX`xasGiDJ3h4xMtdIpl=I~2!6v3KDshcEJZ%9HE|33pV00SC{XtX#XG2~P|fQZrXyT^e5$XU00jWgWj z>9>3nq>tRU+3A@heYQ?XoA{!|)s&V0&$TczgRTS@hg6anFh&Pa*Q7!bv{F*fy@DsX zFwagtyG%-nKmFs}*^SJ)e%wyhFl4WXJz*P*I#Vk9*y7MO&%}+x3LFew&eyMN8~IR@ zf)N!NqKFtgO@`uAj6$tJ+@Ug@$o>QdEQpLv$t`5wN>Yt~ zI=qx&_rofA_4FRX%FDC&H_ryG^Jm0QjHG{^wt>(A_ADNoyI#*ErH$p^=H?!BZQW?T zN0Z^>e0SSlQ9TyfsS^JU<%4(#QcT0Lyv`U%IXI|(J>|FlqR5qKhU@V(mS*Sk+(r<4 zIL^MIp{~#Fl#`ea3l2mMkYITlB8|Pfy}iG?pZL!HJM+?8+{Y(#mR_8FqN|BW^`Bkm zSpU;RB!VBi>*jbHa0v`=Pm%gRy<#oBe(kl`4Mq<&Vvuwjhb` zV$9WQu6Jf^)OpV*#9MDaY4YvA62XexNTE5+(LOC-z$Q^lFpO;7A?^ zp>$W6#44(-?YZ#lN-Og=k{JI1B@XObLa~2+;yvU*`G8TVve@DKIt^L9x+jx`%k7f; z*HRSx;VIuod}X!Gc-my;!kK@FZl3MMhYX6%+!m+9_RF7sGfPWbu5F@`D#LcN?*BBK&C!9- zvHd?dZcD6t}sn551I&|?rIxAG)G7A3e1}CCKnZvI4BCTG#HhLiPxZbzf z^9D+#CTA$&0%wxs?a2d2h;}`j7!nxg$wnc|4+!TOCOx`tB8A2t0k1%XU z^Q#`et1v5Tx00MS3F%Wl8l~Js`uvHr9J_VC&==vw^kUQFb+K>d$VjLRfG9|?){izw zmWd-sT5O}X3o>l8GX*wK`x*naA80-Pxh$7ZK~!8ctRHSVb0-jb$v3Dfi89fQ{fQnC zQsi(7-}k;Zdpf6!(0NwYfTVSt81pHFX>tW;u0+mhf@_aVYfP30-i;Qx19GEl?l*IF zR3Mkf zkXEYt*G>l7?G03kHHVAt9@iGAVE*j?w_+dG9eC0rD1m3ZilHB=V(i@tUed5sgYDj3Hlm8Ah%G?^p>)^Lbf(x&cKzkd*I!7nWAJccB}5>-{ma>h!T zquZsih|dLJjV*t1ZN`FQF#l2mm9CRcJJyIU#fAq)+9^vr`r|a4^Eawfa)`Vf$}eSP zY)Ehx&WxOEunZoLbWFdexl$Xh-Skt}79F{^PqS>WBIJ?(9IfOKff!iobzg(Un@OJg zrJsI0Hud4$=Odo#Js=T)Zot;0#d1$*)y9K0bj;&x$8zNzpH3P_y)Bkp%qP8AV?*o8 zRnu6J-eLEbhv|IZZ?6m13u9KWYzt64wu7IW+waEGT;b!FLhnzqeloV1-O;q?t+}pp zYiVmIS()iDP?T5{dwM-zyuQAgPh@yp_kXF?h(h(|+k8CCUR+u6oc(UwbrFv5q4lwd z7doUj{`=+=<{U2){}ac8(!&ReefIaw#i6fAMIiF}y|$fL|IJXow)@ihdL)$9LdC(r zK#^PfE~c}*xt!bm?JdvkRc{i=WHFnnA ze(@X0+12%8wV8oH9q*lo;P(gyt>A8x+s4Y&6f!&%t2zjC!G7LEg%8{RlP@`;T*sSA z1=P~lL6#s(00DmgfYv;zWRR||V|@w=3tOsU&Z`Ed@pqL%k^jz7{~X&=VIeAL3MQaC z@2}sNxVri)`acps>Vpo6W)R?@O3C6Q69&ghyi7qtyght*T6)glzI_g{R53oiP>c-^ zsyqd%V0He$sl}HHOWP}B1AiqbAB2U-BROS{XiQ9GJs6*I9BTS?s~OR55p z)*S&Ibxs%)B%64y!qTyGE*2aV_&Tpot^!p+E#}}{>6cE+tXAEN`xwNr>?GF2T%nPI z*{NV-dil2*g9+Ly=rIpX~nX>gq9J zpvFeD8zm!Jd@>hkzW(><#aIYPr75_L(SO|pZ48fg?}KjonMXVn7Y)U?^Ag*ET_&W+ zw=H(9MzVHPZ*7CW?}O1|`RhMw7vNR5l&~G?vK8~8%k~*>ThO^4b>;dGUcWE5AyExi zJ#GBPklSBV#Wxe1i3(=U5x|a1o&|sjS)hZVLBaxC_-e3j7k+CAORTd$;nViooZ=wJjQDr@y>73W=7)!odScRI-cku#o^ z^P8Tl-`_6Fn?A8)-w?JjZ97=EBqwv^b12cFf|R`Zbz-O2DuA8u@v&6T0+cS6%anzzKoy(TBy?GH2Ej*l$>b4kmQ!hj|jD1wBk7%*MqAV6KjLm zUC@y&r(NDF1bx~Nh#CUK1^C>}v>nfP-#ZIMOS2z#`DZ%0q1W)(N&G*61Bm{7a1Igx z2D9AF`LS5p>p1S-UE(jq*vxXb8hS^8fkCLr2!sSRkjVCXLy_q5Ix{EJW1gqUY*_yI zbYC{BH~-Wq)lxt~oNa8;mHqYUr!5BOa-yC|GiSy`KtKs*Or^eEG868nInSXf9HM+TFO{Ip`LSE+EXek-Yc31L{9sydpl4CUwR&vB+{)nz1R4h^|)RHR(h6gM~^=>RR$QjQ@ zsoY84%m-ZP%0N=FYLDqcAIyH@hyI@t`fHeo`~|*uWg#p1x<1q1N#lVNzmn9OJBVvr zZ;<$RrDI)r>0a`jm#8$kFEZ#!m`eSAc~PuCp<3h-4RLY30C;8+wjT9$mt4Bw<=J9{ zZn&971S)7{>^pe9Z6Q^ms8Au7VMW^}rRoJ{z<#u3Zx&O{Syns4S`+3M4S^yTpy~KvT>XXF@;B zT8dM}EHT4`W1Xctge@c5n-)HgNe5OVOr8-`Hx|0(m)xO3*9$oDDxdZ=Fn-1jr!p}X z^*%X0UZYoM!K6i(4iTzSqE;<`7U@%s7L7Lks8|TeiGMzNIv4aSG_SUV`8%$QHaeve z0+x^EL&CDt{JiJL||EhUm?RQiC z|EPQGs3^Pk4OEa4B$N=46cHGtOOO(zd*~sh8B#zxML_xyX-I{&a{G0(GS$Gz{k?rYzhaPKVV9U3}LgBF_kHw{L!9uEvOvHF_|w~J=fOn+<}*>y5;cdvZ<^eU9g zy17c9-Dvs<0a4GouLen}U%} zuE*;JBJpcz7{C8`8nx8SC+O{Ts+{g;w4_w|{z}mkeRJ-j2qM?+01N# z;`p`|2x+_)>R{&HYMsw=XSpS0;CX&R3=5;|p$dwJ2c(af*2WLf{MKER97{}$Qdj?= z+S1`ODnOHiwfnm7!)XwIn)2jH_@-6uIB@U%d!$1{-SzWH2vZW*O znl?}J!)-Fu{MxVt<| zKRqo;F4v;bu(`v!`hgmJzP-m%zOU$C`DA-Ii&@H>JM!7ql9M zQh8djP!uPyjyWwKdTsJZOB0Cf3%fBtYCpyHln;0ptKu8GfAqewVGQ63eKzWmGrok{sczIGyV3_bUpe};aOF;gJw_( zA#g3<_3PK89W^MzK1F)&UpN2pXNWDS=*Q=5<~(CRJ9b zI)Ya7NgTBl<4NFxX}GCzn$X9C@xz(_eR7GdMg)r9++#hBC6sgEceFGIYKU z)Ti%9_)j;Rch*)^R0MfHbAqlY7@d{>@*Nx>$6t9NL*x17$j#6_V1>xqyt~1GsuC|t z^(UOQB$Yg)=6LFuguf$49gMR=ieo!vbPIKh25`Io zqf3ayjnU8~WbtMkZ=hk2(PxUhLw~{()t!&(G07sKE~vYS01Bppr0m))w8F)|;9x8o zVvh7T?#bJHQYunHk$JI)Z&LOS*SbW^tPx$jTabU8_1nUpJBe6%q5__> z&wg9bCIsGVk}i7}LkN@dm}%uiTsW`8=%L~2{qHybK-0jC40Ovt zyq_UR`#}z4k2SNo?8vLwBHV9oZ^E|;3o>(m}*=^xVzH->%iEOlQJJ z@dQws2$uV(t1Oq@AajjLzFDYBaE#8GYG>N zc(#~ssUB|AxJHmTZG+(5c1QkzHqTdL6TeAmaxrzLpFnrEduXPYiI(`+Q2+jvVBk+Q zP#!x#kABKzOgdS{IwZ^E7DT3*RDiOYg+5JN7YzL4v-}e{l*XVRvpCkrNY3j1UCO_o zCRxOBV2{P_NC#bg?RRVzeT_bc{fLts_v*MVo&*N;DynYV`I*Mww*Gt)zjNb}?^$(5 z!&-3X*$)TWF1P-Ie`~`Zc#!r3wA>M)hF=3f6u$B1R+zMVloGI3rS3sszJwHcz<> zEC7SXdVi+$af5HhqH;=oc2PNFy?>!K0sHGVG2pgCas?zek&IX zCIAHe7&Fc<=RggnvvYKvpuX`Ky9)>SFB3*;aHo0A&DJ5}Z1bqUW8c2v5*(Gv?rM>u z61I)A6X4%VtJ>sWj&)>Qtau9u-X+8pMt1_+cv)GuIMe^@O4B*^VE{jiy{_i+_8R&m zTc*)=<-pS<^r@r5dhE_6U?~#;$Iax19*2+dThc$BeWzd?K{SvK!c19!_6lMU=~STG zS09hgsgzEvq15LpP_Z_y>54ajUzHROs?=2W;!E%1x%FQsH$et?J;q^QqAJn0$~1A2 zeg}}VM!LQ)5(Bb@dAi806hjVgi?=|p|I9G(NrweZrajQx;n8ADL~QDR+q(3`l2Jep zQ4E_)*CDM?lb_T(!GBq7@f3ekm3aoe7n|{45>`dMeoa+V{n!2cJDE5;NdMM(pa#Om zI1??4r5W<vXW^Q1q~Z9nY4Kk)a{9s{7O z#l-cc|7BOwz4|o$FKt~5I0ZE5I3ZEuzxDkl4$yeO#;pP^n?vtnEyNg==a>&o$>g&P zXLo2U2if4176KmLyQqCEs8_u4_48Za;9~08m7||7mlt`76m2eAhNfS~h8nmByL!Ka zikt}@r-&lJThy=DM{HX7y(;10K37`kyAhJ>~VVdd*^@k}vPHn5MNa<*Jo*)+=VkQ~^akj!wnarE% z|57I@ku@_~OdT&@i)UWv_sZb)=cvDn1?<8?jJMLGRy~^re5zQ0O*v)A^R6E7JP}hiXP%phO|HZs&Z?GAXN20v>(DrSv8 z5vBU+t2r}WZc*l>-JN31K@a3}=_FNq%qrU|aGPxrhE@nc3Tc0Nj~*{_$j~BDHFa1-&Vug403_-n#m?LlJ9oc_aX*_2 z88zAkXD_?VTc%vK-UgCx_lsa}k2l(}5rShsR*W z>OyJ#0qMIJ8QbTK_=bEb1!04G(OYDf#ktPN|6$I?`CD>&bRVWnM@3F@-kaH~%*<== z<7nqMb#UP?HF#L_bU_JmBXfipN~lV$a%4l%NjA7vgBdne1&+7nV`Y>*XO=5aeYjGp z4=(^kx0qbov!bZDq9kn(|J% z_#bCWr#IbdzXhX~x73CMp$nYm*mv%!}2Qgs~0ltv|rSFZhM~2I?B?+ zjp=k?8kG`C3hO&dopir5dcm@VRn~4WqV%RNOL_)l0f7k2`@RN@xYV^55Dq~AE7?*0ov6w(|&-qpCn601y2 zp7~y8MT|1s{ToeCIQLjidDQo^(h0{LFv~m@3#Oc)ym~A#;xuJ=v}(0p8UDi!X_x~; zqP1UEHU8owxLvm-;31JX^e@(BKDQ7p-9aN|1;32s_5{P^f(*Lgw>{x)-evkQjKDM1 zFC{10o~3$Q8$KQM@g3%AHwKMxIfwl6SmyKLjw({emCI1XLa9^g+s3;UY_~KgLA7!v zN0}O`FmPcKs4OSZT8o!51l2bp+6oT|=Z&_wH*h;c&iS&!7B}X@9F4Z)+w}lktA})% z=C-TD_>8gXKmy;;I(m*+9h$0`A3x{(V>JRy2F}&*Fz4w=8I&)x5W^+6&Q19)d3~#f zJD_~|t%*=PxK<0{(O@qX75Caqv(oign5KD>Yog(~9CkQSj8pVy88^`V9HymOf)FLr zI>c+uY}=|%yT-+V^yB9c-kS_UKUHUBgN_j_>CK?5QoihXtrC=#z&SC5O_>5YID+}Jd?#}wB z7QpThMUxt}eeRw4ZI5}1AqA~MYbB{L++kOH%v?U$6P{JsEo!Oc9Rtle;vz%m^-fLD-C#9=kr=okJ z*A~fpUxYD95e_0&%V|UP18elx($>ivJCK3r?xa|p6l~wAD5ew$d~z*7^pEYMV!$?$Xm=cvH5aNmhb#1ukyjo>Qx6H|5etRKB zwCqHqsbVKt!qZ>c09y#T;_?XVI~Qi8vgq>t=4pqDq)=w-v1F&X2*D#Or1x^XcDzTN z`~y;Px7uB?kzmPTZ1l6OvaLPKhx3h{ocwk|yosIXKhBOxV?ZRoI$j8ErdAAYgX@5L zx0hG8v;)1qB8oDb4%0eb44)=ad>W5=Lbi<5{O+=`(OVI;Z1|XGQ-zPnYCAj@p)?Wa zoP!gAD*Di5i|zy}ixK})aoxrG;xjodyxgU6i?cRRcgN;51` z$)csU(oKakX)5xh$g#f4!HMo+`R9|khux5<%Ms>ISbT=Lh7ci`~OFC+(R?nUg!?5WH{v?^2~(LM~WU<-3gD& zqPuWxzbtO=f7?gd@{hbTXLwz4aGx4Ef?HG3^9ZSHDl66(XBj8g0}|G7?$YTTTk&|h z%RSDg-WCU0F|&D+gzJ(*>I`-2f|g|VZ|w1<3=Jf7=j<3{UsuZ(jOm0oVEP+-WGYI7-d5;1&qHW|@I2 z@9dfz75h?t!5bfOGpDgc`iu4Eu}|beosb(_zR%_y_0<*|FMyQ&if3jxJMrS#p;2TW z_$7}u@R|sWHz1LDA4dntg{}$NU&S)^SRLt_^MPWJlot!CKx(B0T;EzGFR9SjIA%zn zv%qyVcYF=KlMx8MYVR*&qhTaG$y76yRTv0(494qqa)n&3GcC2h%yt*O(IF^6W?8~kGW2)Ezw8`Mr{{Q&``1b$n*Q6)B z0B2Zy8g~$iyntPNST9248RH9{e95$B^+X|Qg~c3G*9Xo#ARY8iaBIwnfkTgY#oc=W zijatT9(|oA32RFyXA69KEx_;=4#rE%bg!)TIiLV$Hkf6d%^LDFdKlhwk=$j5__6byr%ilN+unKAuo-SI_cJna-a;G+2$HA*(lE z>1EUP_HSsDsp(GyF2rgFunTbpJUI+aRMGf>Qc1}by+Df|5!nMy7Fd+ApV^Plck z0yr!5`s}~Sl6XBZ5Z7B%f3wwp_1FJTUL&{L^Z@cY06eFSZqb(dE_pBxd+tX5>{?+h zkM89;(rLJ+D;rk*o)LJq6btjg1E!MtGc2EFV|?XEmcQZvs6p-E*EVNz*5wT0US-CbQpOL#Ky} zGN$?O-(?*XqBaZCVZyWg>lIx|Bxyl1)e>a_2t!(*kxR2DvXTYTMCS8_0zhS!YL|s` zC~tVAitTh$HW;Sbp1+GR1pw7tn1LYUNZO)Tvz=D zef@-^P->4c=a0%WURREMJ(Kg{*HFIQq;89N3XO*(yTf@;Ca8UzwX?f_I1z+2BDmF% zkj_QK-k~?l*G*G^IU;Y%CY93rxJWMm5IppJUZ4P#mZ@ibSP(UEFILJ+yVkY zz!YWv8US!%s@MMIzTdZMUWy8uZ)kwpz-muIq%rdKiN@`SAdEj|4 zqyw%Z$*)?l9E+3|LCi~TP-2{Xt^s=@JIi(1TcOf8Ff|_LSUDACWt&}nhR4#nk`{=( zM-k6z9xyS*`|POOzC5$)M$y=6JeBId@jFW&+`uT7IW=@!gC%b)pv`it37(bf} z&p;Ei;In&Pei2r@JTfmoIX)>VCnhWAYfem*Ntw>XC%s#Sb6X$Mv$>l;lPagY)5v@G z(tr11MRHT3LcAGhd9Nlud51E;W&N^-DP2SVyeJ0b6bjD2Hy^YTV^dZA>NGl@$(VLt z%Bs>fQc87M){{;+eeUuaP)KV=EpvORj^FQ+@Ej%jH8Li$3ZH-6Bnc8UK|NrT^Ex}c zQ;C@p^Hx8272mf%vhJ)a-95hEiAirdMd@!i|Tj)e^(s_pS)J_?+C-KFXE zALl^&iEPP;HR;V}Q$MbSC4EnK4$l9E9Fy8F=@q&6>(rV)azS;G5c_xSpFvtj_# zkOG)l<`yH;xuA&HlU>d+lCki##XMqs3Gn67HimNkUA?5808TV1)sVLfNmN{M2#}W4gSL17FSH z>sye?y+uFIz))Jums*?>Sww9N`dTdaH|yCw7nhbs7tfFIgr*aYvsWgy^_yO_9_=!$ z4zujHKXa>@On2@P^#b^c)egs5FSX>|pu$$LQ&x;U+DMVScAp=uv@|r7kY?Ys3G-Yf z*c575fn%)9c@Zf6;Jyk}G5IJ-D3Y_MZRCU8Q=f1jl`dS1?hb_+oJ@tq1??i67!5AwS@M=$7ZtPcc&He%~SS=gUT^#ci`M!ez zRtM(Kr;F}EeuN*zlqUexMG2+wO1k{XteO~HgF+lNB-EkG2zp+p#>F9(8TXCk?rRVu z{8pb@O!PfI$U@%wEJS9YAT0;?Nt?tI51~*r3guO7B#crnsmLO#=LfH>9ctKfzfEFm15f&5kLy~OZmv81y@L#tEU?{HLm2i?)d9 zajYl1Z?H(ncD__(0vK#`=p8C!C&S$xcL7egy?W7X^bvd_(RV+l+zEgxlsdB20(*Q} z<9}Tc2xmvvhwY7cCfwEr8$+pqJvg$l2s5md`1cym~mUDJY6&LQU36-F?ox` zW;fXyE{v*s!LWOK5V7CwQzV=Rr2pr>{B)d{|142e7292n?G-WWcwkCDCYwWIOqjf(r}dNJIQM52m9^H-k#%URU536=la^EOi$imNNhcDpR&;RgNTfXczK3 zvnQ4~Ao8fY<66v4RgChi?aqdLvnLlcMk0KKG}fd`EY8&C60WZ`pL!g77@g1R8Ep&= z^igJ@vQ}hq%XuZ$*hUr~X%xtAW#iu+?tN}|rVb2HE|M77dg7$c8lBAKIO)$9 ztUEdmft&V9K!TR(&x4&DD?ceF7R3lrbHtC-9^Req|5boec`T)XiV$2N4@zw?Or%`c z&Mhk|>pf{R0xjmwHMOPdK+okFz@D*Wbt37}v-Akk;npJV33c_Ofq>c3<7}OE zY!fa-=J5e?Q+3+FA5H8OU8eVd1rH59FSb2RrVl6*lj#;9_`~@P!OM ziq`;#b{8Q_QkiHX`LHr~pTk#kBqo!S5%WxC60*2a@$%;QdZaIJZ@nTz2~r2k3uqRa zci&54v%*R{?qhR03A1)BT`XV>lE0;{rNcQh;!W+EFCjZFsH|B$uv}@z+uimymj8;? zk3nZ^t||Iq>H#2Kbfu5bGJuLW9*b7aNBa$nlXVPB`>fb9OpEn;otY#hYUCeRU)YqT zm`Fo7;{o>kgV<@{7y^hDUUdT18HQ4&d9JWP{f-e6z+s|!ZT-BQ9QS*9g>$B{b*mfon`#*A zt+Yp(Anf&8>!fqxQD=?k1rENe6CGXS<@4Uw_pz`w0#t4>Hda1*-n09rQ&_U@iVv5I z2k?OEDBJ*3i;K%FBQ^1UIbhtRm+B}XZ1oaOI6j|jO(;(!~%9| zV^sUZj>fWDB_gsgXMc1_M>M5yY@HHpDr`p~pp~@#p$44=L}iGW*BpUqlvI?yl23Fe()lWap%Fy`! zKnnZ9PO(qU*z|gal93u9J}$vS0i%P>d8e=T+V|r3b7GZ$VM|7eZN)xG zz+8QIH4{Pjf@!XaovN8n@ivOUGRk&FrN_C^0wB4<@FxlE-$ z8>RJxuzl~O*ZCUN;groW&5J5PZU)-DYYW!4x>H14HIat+j=ZEi~|$_Kmi z@s((v4+xA4rF#Pb`i#1`SJdQA?%fx@oasvq;~sexjokVXVjDU^p~^yAPc`Ai8mx7l z*4kg%W_P_b9T#7+EwUD&)|x9qhVxwv4WQ?^5zJp@y;>VLLp%9EY|{hW>}i8#;Mlk~ z+b!3{)H4uIi1GPm2vdEJtf9^y4)rPr5L|e6-xeHKVo1-yKXYHCrnRRrY}%q8p~ijz zo@oDjfee>&i+wK#G4ozaGi|!=WCL-pbwPc08*CB7%W~AGd4Wx?%o%gy?9}_qn@8T% z12772WR>>U^*1m%pUsAmB9`6uhxr}#9GZ6H=L-9vsKIf`#qc!kyNBFR!Rg{{Nchlj zq7Y66gvO8w9@DeE>+0#?1qQvpPEUubPgle?+u zKhf~>q za*`F1M*)rWM+QH;1Xz_mL|>=RIVswcibPTdB0E;;}E~ z@%yCE>m_BQCvBKhn-)f~gn`4Nxeu@b2)J(@J&n(&&hiu7j|4Xax9#QZAeNbOtL6)v zkeYx1_j@$qPb>LSiAg%_JdY~OF~wJAFvl>Yh$X_1td+0mOudu1U9qRC!Zk-^LQ4GkDf(1E2qX@ zdVc4PcrQoVQf%)VfZ_Jn_507KLI9JnCf)Mj{ey-6eWdU1h0x47o5Wpe?LT;83kVlj zYAJ6TAkp=|-vSOMea_TDD)|L6_qVyMZb zr|7+ZS!nM~{@)8^HZ|Gj1*d zD#a4xFFyDJds2i!*8n>`;&R_@Q~>Y~xu3+%fN`YU!rR^7&!wb?UHJHLgW~Io&{YbQ zju(*BKs5HoQC$7O-^1;EC{8xO9XJ4FEglAncWc44;1&Qxl%!b!emDX}!W%6r#tfA6 zTbF+xo*bd(wno?Y%-yLB{%5AvQ~-qe>{SiWM^<)KuI{p}t+BDO#~U>^o}Ndwiy0h{ zl5*7Yw^H9nx8J0@Z3u21w7g+TU)uH5@^%phND`OA;w2eCwVocpcq}pMv@_HFG#tQ+(BwL`YlzsAx>xgvgIkwDJWQ)1DZV_N zJ4JB<%4d|>KP6yvOe(%`>xvk+paEJ==o&AOVG0OjjOv`m#`8udKb&@Ch$a^+u zv(K&2w(30}zf8B*MCEcR+~dotq1&tPk7reDUQpF~pMAilb*i7-|K^p!9Y3)A_M(;g0$@G4`*kc`$Dch*WuN?K;TNO%uH1X|N*gXXoX9Wvg% zJE(7NuGI%+IB!s_oEM>bfA*r9JQ%L#zQnbG{K5)6GVlXk-zIv;a8i1@nxmz=`_m`1 zm~YSn#EIMND_B8h&SS#Pn*GH?T>t_$F%Le9(R}<>{wW;B+UlsJtPDE0va+hV^#pt( z%ay74KtxbbM1(JUFFtg9b(VBD(=6AF8+JcO=V9JW1`&gGpbQBpcP|#e3vqCv> zt2tz2%Sz5s-PaivuLf>7J5hiH(HxbMgV1e^#QRe% z(|weuIht)(zkDfepEEp3B^|rCWCk0Xc*O9y3^>lae~f$hvDf#^m^;31ci3)L_8?fS zc5047HRRBHHlOfB@k8eH+1~TS&YC?S-`jetq&@plf7Rm+`TPnu!1jHY(c|z{VWt8f z>$Cf9itMv`?;H@T)J_(Q9USmQ%YItihSTnfJx)pGd6jbzJJWtN6dHd0 zvbv8Q9E_FSFUw4%@fyIJUi^Ie>uad>`s(nKB6cXYl8Q=UW(>N}?%oBQgmfsgx<6m4 zq}20{bpGbLUCF&^b@lK)t#e$?<N-tX%Z*LO`LM?vO zOy5l3Pu2S*$vi>uUDt@qNsMa&>?Cxr27_pEB_%TbFjo{lJK^4kU8~{_OdyfK#R~in z1O!khzTLxg{bt`QXqnOIyjVO@ed=i8s@2&`Ssn@&+3Az)xP4J2GoGSyt2A6|j3H%m zb<6Mq*%8?JjqJQNDI2shdPt^uF6$uXvU`l!OW|h`>3CMb`sKygaM)1Z3uM|99E9qn zISE=}Km8fv2F2a^f}(eGrOK7Vw5yA z;8R;h5hU`*)!bbl>xH46k2Oif*$MKO5QEU=5xs>PK&g{el z7;J~wpMDZ8ai9e`RgNn>&S4S!GXAj$QkZ}Ikl=&8vk=u0)DA(g3tgaHcmC>`O(}gm z$W^}KCKM--b59=8&sx|ox*GxUf{G0jYyOlq!c|^Q*6Lc$4WDvpYGm2GDpfSM0I6c2 zC24({DTYxwxcV+TasXa7EqeB;$DkeyJ49p1YAnC_OON=&JW_kw=Dp+(Pw&ytE-5~A zqU`xlqZz8lfsB0m9`c1>gfCahc6FpgfC?{MesxlG_l?-_m-GE;pVL~)3_MKDGOwl7 zie4yd(%@3+<`v~Gu7dM$M^9Bn(f0kW@;==#ip!Y5+L+JX!DN;8CQM8WgUU^C75 zQp1#JrqlRWvw=BR8?F>^qK0xkq!6ShZ%1+$oU$NWbUK1Hl>eB7z@kFeZa$ABPXmO& z8n;sJTu5dUytFU?uc1hwT>rRL5L^C#jv9ha!!NRxH zwE-9))Ns;gUj!6witwYH$uyDbU&dUT93;Y5t z*p2i@13WuJfFP2q1H$xfO6|_OH{3C;Hfe+DgC3CiEAVrB`@pgbe~P+}We={5*KzW> zZ0GRpz~_t6mTR_>Vys$Z?suv%C*<&jG1orIvC!q;2$d96C2Q z2Q5lgI`n=b)r>So)LE8PPxbob+t ztd}LE&*wrzZ}L2QinCKDZhGV0p62mjz9^Rnk27#TQ1j34c+<`6TJhP%8j1$gG?W8F z>Qj5J@toke#g>8w(P@hOv^>@5gmxt*C7)xx^MZj%RD~RyVHn{j$*ewr16BM^t->#3 z+6}no1c;aHkovv9Q z zy(f>)9D-?)tVv4eRF5y^YI42b>f!rF6lEiGB`-I3ktwyy-h_uHg*b#FKLM0uP^dXc zQ~fJ_1^ISOp5>S4w_9w+VbaL~^is*_5NYi~*j^QPygo-ADBcNSA(Sfp6f;SJ{y1Gi z_E=bv+O%VCCE9?Cr;730fcuO)?yR0CvQd1iODV$8zChfR!a2>c2FIhtU zPHMB1!Vl0;=*EDS&5GEJ_PKIUg6n>EOG5W+j8@N+mz0_!Mp+|T8RK~y?+5!f8>;Ady!Nku@?DyP=-IHpE* zc8CArZvO4$wSXW@DmXo_uJpg0m1&t^{xc7fThl>|Ir2$pg>#cE<AIr`GC+-=ou!L;HP3b>&Uq)+>}F`*Aj*>v^ZBvCvgw zSi*fET8yc&0*FS9AWkkpkI7wuB?WA3Qv&Sz^FS_(qpOdTaR85hM_2(NvdBZ@ILiRQe*z&`#9u*OoopAT%>Gf&Yr?m5QLZXXW2`Q{C9)Z zJ#8r!{3e>AK%WCe%3p&ih>~8wPRDl&#y~^zLq!Yaf)&t&uz83GuKjOH2x|Ez=1YQn z$&%sX9cT8G?mRF|zc`cDtFG0)+N;43Nr-_CwXLq^uZH=EW@y@Lh#JAq-xWdDMQD(O zSa;X=8=qy=dt5yhT11VuVp)>b8_4zDs?VmNvN;Sf7`lpW(GpYoex>o;_#@NAJrb5I7BWFoOqFkzg)$Smn#7b!OF%y+w^|?!}l$ z^YHMnC#r!o2f=To;+;I8o}Xu3@+{N|>KUjAR_oUW0Uk=H*+6V83Z>37?^Fwh4ew}F zaP!2v2!#W&TTU(zyS>ffv+v%yx?(Bez;QM_fd9sX3I6xmNKOx85BnoGwRaZ(TN^3Y zDJYreVZ1y*3omkdE$TDLB#{;MQ5iD0H@P{v_e-JV+hKM+@tcF7%^Gpm!9mdsj+32$ z48Vq-?o~&!{%~1G(&C3O7)Hvh&Qwi4*A_}^oa?D45gYg1@{*WUt?(nb(#HTKKr*pL z_?CC!1t2+$$%7~6v{IRAXvuZOzH{rxLj}`%?qiwo5FCH{kpm9ifd;8c$9xoj((GsD z&P@4cDTZT)5HoODQMz!}whB_wNDw!l6Dx0pi*W)RvG2F)+T4bn>+r@njpjYDR4gPz ziJn%AhF!H6#%wpptDw0W!_bK2R?dROvIJ4c!poL%ve#|z{m$|QmMpdD$os(DL9rUK zU(Dkrel@MWcZ-OK@Hs1K&fJ!N41Ixvg`TK?G=;x9vZ`SI)I`V0OB=LE6V3Fy z*k;4#SgJ4ngv)sSwD6j4;kFq7E0=!8pdzq*bX$u|^+6&+t6TmnZqUfuxPG~ohDS~+ zS?YY{HKj!eQ?banNymdwsd&A?f@e9`8`;Rh4ke29S@^2+G-Q?)wHCvIBt$c4Gv0Bg zYK`ap&SR$od2EuB@~RheR}YK;CuMyZOxW~jy?YdI1@JMc!s3i3n|wSy7xpInGI7U% zoU;aSYoAOg+7Nu$vr zyFAwq>5M%*5;tq9Eww9j%H5Y-P6N-E*lM; zzT^F!J=NTT^#6o?WwEOt)^{6*XYyI`R8;sj8*ybx2RhXPbg2|YMxTqaEjEpi>_!P$ zpbVP^s8FwYI`K7=#^IM`P7MeQ!nVpXX8WX84stv^E_T%}v_MD!7ePx*cOmHFAk1)1 zC@ssie@dg6NVB)fg2>|(eb4vo#-rKNdJ2?XQzRawH0~Z(vtTZ-5H^Vc8x(GTFvT{l zVmZ)G9DPi3sJcFIo@n%VABvj{0m;M0n$CLfQ=6P7_9uR zUTdqol_!|NJ^e-SBDek5X6_VU;OeJquGv%2+zBoj+Ic4mqlV?e!v+c2yv}*il`jkgWoExbM3bsTX5LO_v_Eu(jFhLp@`o+<*|Wn z>!w~#&I8A(Vt{@kcdWVZV0apeKVy)3O~!+d989+Y8Ib%uR%ipWFZS`<0ton}0whox zzB$$KbjhsD@1h;XPW9nVW6zR-^keQWkdbufeIJH)Jmoa*I$0cD5LLBzS2ZaINIy0g z=-n)7r|w6uvU-|Q!6!XI<+1%HED6)@s=7D4aP(L+Namhqa$r>Mj{&q)HM}vhck3HL zw#w~W?bL;;{c=p{1^33{p;Fb4)^V2~HTaewEb5Ir4UnpxO5Q&uSkmX@da6o?aY~!KQ ztYgjYig!D%1dE250scBl&+@qH?D1VktSg@HlJ!M+aJt3ijxik3^6AHq7a2`Y9>dn% zTpa0K6tbZbkzlo145^>RKV>zI&37@2{8s^`@2GC2u z!=KCVNxj_n-(Ot=iku8e%FZXA@6RU!HP$YA*hnIB{AW;8_dvDz2fg zi!k^BSVD>M3!3!FKPc@wW?w@zi!+qo8k5EM2{ zL5y!c=%W3XXN_qCJaN8SY-6F@2Su%v_!Mtn6^{S3xCxvHMQonqUi-7gm%6s5V(dmX zaF+c10yovU@lP0|)eY~Q2XHp4N8cTLsF&?42j5}M-9YNU`M`GYwkJS2&IBac`HvK~KVV8U;1A zjmtfeM!+aOBi}l>;8g=h(6O;hEYm!+m`Mf|p649WwExfXii;vHavy;0SkwfZ2MG01 zR8%Cu$M+CUcM;0o6wR2PwTc8tchFBlI;YP^Li%5iuek{WlmKC%*p`r9kDJ9vaer3U zlYD14U#;vxgIaxnpaIi>JYfvy&*-e5v}c{|oUKG&?-ju4xt!<}&%j+HppVB3I*PCj zZl4j8*>65X>Q&}?x;k2DvGLK70@b3 ztxmB9NSy}-Wa-O{&KE}yew-f%ozvXJENMQA4drb!z20rCuF@3&pqGDbM@t9Zh0xw< zI`|-V9#7-D*4}(()bqULgxUQbU|{<0Wl|+s@lxUj<>%)EwLKojf1|0MFO6hqP7NSr*$Yi$LHOqA0y-=!Tkv-lSsz1f-MD2}Nos0trY7Jh!KK@chpE`CZSm{(Nu=ci(&V?3rt> znb~GV$;MABGl^n~y5H)96540Or`&P^8tjC@1&C_@Oq((wfdWLsP5)x6y{-nDay0N* zjH6t-mX!#($`|Gku=E88KGs04UZOGy9MRU=5kXm_kZ64VT4Veu)Qoa&= zvn;bcfzEdQ=}1wY2`ywV}O>S1l!)i+Ii}mN=iz4oGRx* zm%^j=m++p&I|VL~3VRl=Kw(Kq)WpF7TSK8}(9Y#_9lzAIf}{@*NR$q%05|pCJti?{ zwd`1`ID5rW?bSoo>lb%=P8R7K=U3fqwmYgo%tL|CxSmVnBrQ6%6meMB@IgiTN61sZ zY0>rGTN*_fY3Hg~+e_;@ks20PA8;MBJBXE`iu~$U{WE-4Blm-J&U^ER8>WZS5qzU} zF?Puvo&A<`7Az6hdHnGK48l|IXw%7?@X``V>w7QTxX?%1E6gNmDZnPSj2kF@%LLW8 z7*5OKiY?7!rcUyWM>9Wrc5x(QrFz~B1l724gKso$;TNTj%ey1<^y|o@l}7StYxzF% zUm_L-xqM*I;4 z=|bOoLRuOyB_YQy-e*>33cYdhG=!t?riI!KHO_w1Do$ou zY^Oc~L1h^Vs#Rv6uQ4w^O|G}HL5o~H8kb0QfaP&E^sygec{3OEKn@6=p_l-t4(cFR z8WHBC*B3o*0~PFTUaPlrblmR{3uty_Xtv;Hre^V5E&*Kq!=3cTHz`E>w&YHmAfg=W zc!fhb_;zaKNKu9D@X*j&J^7M}FOWNMNlS7kD=z;1S1+S8?{Q5XRBsg(79C;vMzASd z?HMAj$@cxFzh4@7eV`VMyh{Cs>TNB6G;t^MT&SZSPLeeW9Z&k=2yTuD4}FZw;l4P~ zmbo(6_XYz_98kKOzW(C$M|%<7>~!Os07lXGCPh-uB4*>Y{FHgVar^v6c$ytu(Sc5L z_V94lTlMxH)tkDorELEjChc>j&GI_jQZ?2M$MbOSh4qgcC4|lSiWGKvHcM{9R#S_# ze^ItT4k!Dq)}jX;eF6aM|Hp3^zU|>jh2D1B<;e|1Y`DFw=f>#~+Lh;;${t>YkD@-@ zX}`YvgKTUl>MJrMj$0Dx*T?}Aa1pODYFG=B$Nq^ z`@UEO)OO?dadm-I&$&0SucSWpqJ<@zFc)T4R$N4Cw^N!)Rw`;r`N{FMx3n1kZh{%sdrM=()I62|Y zcC!fZONs!-x0-*~0tmU&aQ`&|q5o~R_*|IbXkI4?b<&3Dlzu8g;qJv;1#HZvK=7w~ zGLPz5fg%N-SiA?cR5Y1F`dz78XlsD{n?`)m^H>lUc}^_Ki03mZXGt9>)zHdQjug~@)ompM zOXUjJrL#N}Ux7WVT`g57Q|5e6KQ%PtIehOZNM_fooh*cXI zA?o$y4jl~BcM2p)p8?eP)%+du^-vTflam{VNXRjCL0Jki(rHVgYVCZJBU?CWbzdx+bLCYe zBF>@KD~ljA>N^Guh9=YyiA!f@fksldX|!{N>Sc5S^neblO5#8k^*>re(lGc`eq6e& zrLy_QQ+5xQGvD7Wcv-%=T&BA?aK0g^aXQLTls3XktTlr;|3#>~$4#YnZ36i=Gs>)5 zT~Rflgf;cnZC33Z@Ojzq(H~L?h2-*y<(yO$NYZD|t3Kapjl9j%DKSINJx@*j-9J2f z2?+1l)6UTPZ7oBVHyXCnL~n^_#3hR%+!ef~_m+ib;@17P#t54}Mb&OlGmMLs$303- zNwbi_kiqjUGcVQ-X5{E!W_vemvVaWxZg}bPRC{%GeHqFps(mvLVV=ghg3`qka1!W=RqEUUkw4F&i>+!5dx zI^|L${i8_5IFEN#xkg2v{eh{>XG7U(>T{f8D03@rdh*hjjT8>HXS+$q+#iksr4Bfa zYw8ZgL-HS?O4`Ai4uT^3){+BrYK5t5_Vzk!CF>9O?8bG9;xX2BwEYhw#3WMNt;(Y- z%@mEs!~21T42nu(coU$S*%4eKmE+FS0f}xz414hu<^DkvK=w#bxt?|~Th#Z)qrj$; zx{d8riaX9QJlt3-sjGTrtpO>9(Y&FHsKX78=3ZGCbMMw~M_y`cQ0pJlng}dSlmyYQ z>FpD{bhTMnSV{zMhRu|-CdtJjhq+G+Ic0SxBE%?P7cIo?+Ori?Dt(CucQi z@&OMy{K^#${D2RLJpES3)v8{QytnSvNj!57nf` zMyJ62WodC0cf6*mVYc%LIRLN+FC$G%jH)7+dX^QDuw)CSqtbgJ`Zt=3X2$@}NSPvB z8ld7}GjWQM2y(ygJy^X;sGUNz+ z1*}BB81Av{(NSFzU72(-OP{Oq7lTyxcc59qME)DbT|0nu9064L3dA=Az+$(a%-6Y? zn@_$~_X_C zlgrY>J!2Q+y9SnI!)*ymG%9yu4;n|Z<$<8$qDZ>GMn zQCwk0=`Af{Sqh{TJG2NSM~H6oJzSP(wib+jbj99S*fuJ1c>w*8IQ1h{y4j#e14vgF~}H2u#2Mnv&==4w5e+ZK1XF)t+2;*NrTpd z3M|8oPx&Z?x7ddfxs^}*qa>}X2fLn!mv6)nm+v^~d_+2b5%^U>Ts;0fIx+YYH}Kb{ zUE0^LT3x<>h_JK_!+p^|ncy?NpO8GF(tyKHF3=oVf2S}~A&UCj2Hxasg*CK5- z2?k}&Xmy?YVfk8K>tTC2zK>0Y4N8}Cma@F8v_JNXbid}l^Hf;(DgMXF=dKmUdm=?Y z-C4MP^m&e_e!p4j^t|;R=TT|;3m>VtbX6Xv9xw zhy3pP|G4G3Yj>WOUt^_B{f{sv4jg>So{v;5cJu}Ry5%)sG(|sIzCB8Y{__yP?4i1F ztsq-=`#-=Y(Wk%B^gVl|;qgn=p+C1T1NGl6`CPhyw=|bIJwPA<>EG#ud|e^{V2IWQ zcPwt4Jf@XfrY}OEK6p0#?R-2yYWZUp?zB=}>6YEY95jpXl?5FhL@GX*JmrxSyn)0^ zZ==Ea18+Xs4girAHHyspkLG= z*2~q1kH7;LfqJLWOO$#d#fwTU!2m4gbX+)8GpOXXji-}yx5+=V5g7wKy7g47&4r=w z6uY)*Hi$fM6aKs7{_nRb09`0R(H`~sL!~L}3G&ad?Fijfc{ntZaAC-U!nA1nYgIZ> z<|y|fZ5wy^1+npCHg`^8@`LI7aBd?GBb3hnkgQuP$<<=;?}KVglfFNf?LVR%(#a1<&2ajynWMQ$e;wE71&&$BGyZ(le~c5+ zT445Vf#V6Li0WT-l``2~yq&UZ{|@6sp87Q;eYN<_ z4+-z@x8gm82@ihz7L4VEz>8ibxmmkAq6{zt6R%Nvnmh`EV_j3GQTQ3gB~n=3s@VBm zf7T>zKh+rhS^FNYU)D{r=#N!6(`7<4bb*2@O3%j%LCQCVl=OO3!nm+~&9HoMH@&Bd zhzdx`%_^K!YIw%#OKB17>1sMo(lch~s{TTikqaEz|6Xus&Rn?0xBOA(xFqb3r&5sy zeNO3|g0|Lddxh(LtRlbJEub8w*3eQfQN&sW(WB3mP=+1(`d+>nBlC@@_n9CWr0n7{ zM4mgyu&MGazxw28Vl%MrUjCRcpV(K&LM%b|(Na`595zPuT2i|7OJ{vcroUlLsB=fx z+-k?1qo5*6uqb>!DMl?vOH4EO0j^UXtK*H!?ca?;3K(OvDucV7tTkH+$WR0di?T<& z(a5pEp+x#uytcQS$DZvy@(kJgYeD~|Ta)ht>W5ZV@7dF)cFK4*86p9Q29jo9Sd34N zlzKK1MA&81K~c+)auzK@KqOTRF-fIp5c$e3uhEFdaelKIoV`1PZ-Jx{ao5bWhr|!J z{S*#nF5~rhut5`t?O(0-rSLn>7I3(Q#oI9(n2_H zRRv#U?^G_+mu=UJlPGhnN#W;nvHC9kY}9uV@iCCjXgrVrL)LxnQ6EatYF34rj;?Ly zjU)Pd7}eS^`6h6+K_9(v4`X=D7lcH@YpqYYZfa%WHwY^aS+;JY=d9QZ@9O$tA84md z{iBnv7S{kmgC?jGPC1H)s8wuDGwtL%l4c)vTDm*=5sC+q4Dhb-k2)azOUHafLOK_} z`H;Fqa!1u7FbZn$FK_!0HR?XPP2{dPrS{pS%|<^EcAPUy*q)L4!X6iP`T6ZTpQ3m`pi@_1aMP?>eCk$Jn#9*w$gnAu7vKgxzvb#S<6b?TSe!g40R_?kB_qDg zJsQOs8(**E~;RsvY(1V@C@X9XxFz)iIurw-(q_G1xe`2$~z(46j@$ z*s1p-af&s>Xr!muJdPNTn_AUfOM`{9?@&_vKaq_k)#jF}RsmP|{gx7UuYDr_yD)h8Ryc+5b>SQ@%CA~}^&k(a# zeLyFqsI_cX-f%cZH*ToB-?h4qzaJx^Ms2GJQJF>Uu5S4lKPxNZoJI|%`S1<0c%_#V zNKG1zYbeuzGw=6|(>YW_L@H{$r5d!K*B*spfVe*=uy=TEjWL9H-prWJG=Bf(vSvbw z0gp90D{t<8@WAIt3>#{p z;7&MhM&Ds8re!LdTs%nbb(s7x6+I&GH5}zANI>bh`BpH;jj~WHU$W-rL%qQze{N}M zMbq&#F{ZyRR*x2D-W#`CdR2&38%0fXCsNmAH0Qqu$YyK8JV#+%V~j6I_7h^4sFoU< z>jLnIu5!-ji>B_R_6P6I0zmK;tpZ3VYBf&<4XC&Zg#i6Cna{DdsriWo+T%JEkz%|0 zLOj`O$gPfP;&(l&xyYv<;JR$JP)4MvN2(~}pcKM#plC~Cq*&Q0y=P+RvWOhU8viu? zsQp>|h7wqOoBh^~r+C$yFxc~234+bOSFgCf8w)Lk1ZDNi-$(VmPRV(v;-}|BoDNBu za(i0GZ!NDT9S`vDNv-V)m_uwcC6*oQ@IJW6S-%w^akb?e@uJlwhfTLR(*=xo)_E@F z0DTM33*k7?($*dxBZb+Bb9$-?={eh@qR{1H>&j`FE*L1gbwmNwC+ zcopxgM?QXOQN8-|T?#+6&GD;p#9Q{-M=Fgx>?Jn2)h4V^lM1zw`;J*H1?)*mv#&%k z1ugvbIhqyn&pPaJCh%cGsRIJ@ME!7xa9~yT=8-?pTgNVyqccg@DjWLAx=f;;pPw~~ zhsbcnz>36X65BQhUesVu1Heb;a!a}mJB9oRRFsDbGE%9Am?p7OwT50$Zi`Q(E7IqQ z@MB$iq+WCpR#I!sk2bTo-x=eZ9h)aMaper<6QIv-a%ZA?0vtlF@GU^Hk|biH(U8u8 z=h1p{*|i1&u{>WptP`XR3EKJGCfU>rtCCrYc@!Z{;IZX~VTIyu7nf!A+nje{?X*+O zN40JkpmpaSMZTg4vAmjLWg`t~Phft6G_87&l`E`Vu&P7x)nkFr0VS|8;L!f6GQ!J~ zQpP1>r=B%w(DG|I)-UK`v2nSLzCGV{N;awlPy~Z(f*T}8*ZZ?kz8+^^g1;&!Z!J|D z>uY+b?^Gy0k9EE*og7!Fa{bELOJ|x}Sq~qAQXBSGWlVYtnHs}gt|da9?MF?l9T zsM!>OoU}LEFK?We{+6);6a)<%CXfQAcDog8YCK?)sRyl64cnuO_?2-#GhUqcx?<23 z>ab)47EY=XIP}VBJlyRj8L; z^-lLzHTWb`WB~m}pH57q$sJrCM0JPUzpos$F~d19KVG}-;psX4tvaZGo=~wH-L}6{ zfbVNGJ3HD5xhiK;uvFt)XOtbnp2)QC+ox`7Fmv&_) zh4xvKx(WK`S*1v&2hk!cnhDAgZr2@hVa4=Q&i?UA+)&AKmA(x>TZr7w{(Eyf^9-|V zFL5V;U|qZOKwnw@eEHXCHJ3|t+(LahqUC0zNF+z6(c*E)Zr;J?c@pS4BQxVGC8Q+d zsqY_SR743X*K>$yEeF%L=f(%uHp4J`)I{P!i%x;+fb?A+CBXSIzmX|d;&qA&?btJ=XL|X1 z1rT8~0o-&KIhJM6_P_`R(09c>fQ^I5&cMlY|46 zzQa_o6mSL%TPH0waB$QVDQ~AfBqAKVSXL8S#}}|Cz0#0sd83VfVc<-(Y+z_4wdn4c zG)gvTt#JIsJ$Z(>am0uGpu>4F&`Vw0^3qs-J&)OvMEQ-N@3Aji0Y)OxtPw*7`NHe> z`l?1*_S8C)CKS4kdj26K0bmC{NT-pxH~IbaJClgeU`7$;unCQvfn4Wo6%cRA71LFv`{tpZXs_GH!QY64)L)l+ewqzV<;(=PIs@+YdKd#Y6E3GFVsRf}BK zrZE;x@Ap;3mR7jN!s`d##3m}Y&zA%32+I^(#gTrUW}{4d?VZUi=D&b5q9K4XyZPw( z+22DfIWodC8~BT=^okNItUP5VANm?c`Ww1zf*CDPRBeVjpy~T{I*wo7mntxk2jIQU zZV+881`>^GM+n<$$_?<$YIySHBlWVXI%wC2&p@jBjS>#+7TL-6xZm@&lpn?(2s`-D zJ43B?URr+@K99eDu|Ac9o4z(;}R%INtx|1i-(9}?4VsB0L}(H?@@eIPJm30V+_xPC>A zkW?ZX7S66fRdg!ULY8OC3uH!|zgU!QEnF^oAmTg=S_w#jYj#{;LOj0z1j zmQ!Cne7Hg?>TdAHI0>VQsUM`V}S* zT{zoa5H*F9BGNAreOdS9$#YkZ0vH%hKxjxr;e|644xmX9V@~Rmw8QN}MVe4}SLT6p zJu|Nv29=d(Q1bYi(*jZ@Z_+_SPxo2o3#YI_`BKZ9WjS>p7TpI)BjpVl$^@mx8o3!y zY`0`duE26H9}fPU%0f%ZDGbLn;TKN7{3nhxNXZ#1g)mLfOH@sG} z7IxQ+xv$he+Q-o8%tQaO{WZ)5HJ_pClMS}FumES9wa3Q$lK`}&<%@UAFtlL4q$={I z(-DL0fuB5A-rcMc?QVZ{6xa4m;BJ!)WshueYsv zHXde87$k{(9aLW}h-Gh9olm*=GFL51_HuWUM*3iT)CuJ8nhs3b*Bx?p5?^yNx;jPd zaQt3X;>7^wx&oLmo3U+HCHG%(UNozprN@%<4t;Y+U${s;BqYYX6sWmRxIp>j{Y?18 zJHzW28+K9Xo18b<{J)2VN0h!PzlbcB&FopsZB#Du-`k;;b6H7{^f~ZhV`fYLzB||$ z(><>~yD>T0)M-|2Z)aCbDxcf(W%VnIbNprcBrgN%VgCH{)oZTIlquAT(y|{J&iO5A z2}wZm30MaZhns}-v-U{LjcCl6inXGat)LNqVgW1*+zgvDl&aW>=>l@=SRJZJv7*+( zz9B}?PtTu?!@am2>$jx3 zfTHa#F4|@ou@Sn6rynH?>i77^(4kSN?qkQuf_gY47O~+&fII@7=>OE1md47LB~xmB zuOvpxVM}u!JqhrDx#isS+s{-5Nw-dn(Eb`h5;`q@IK8yVD!o7@nR8ORaW#CK=uq>N zB$@3?2Ab64t6a=(UHLvKvBq@e%DaVFlPOm#p@@`{t3B5!fM627+CBHg-U2cTNNxBd zoP5mi&5rLnNiCp% ztP$P`^Jp))-!;2&l8j)?TXYN$LENO;+)#A5wBz`Gm&r(%Qbcp@+r3JOJ+HBri2<8q zA=anuKFk%R9W;j=JK0E_Em}OB=)prdQ(Qlk!X~YLu8I&WZO>AP-}cx8jmG_N0?P~+ z!s)+S{=UMNAp3uVcX-o${d)|dgt^jEDDqFPH_>}?Yf{n)BB%l%ak(sX zNvOzXM%7&qQiy=j6$m(NbE26!E2ADRgyQOYiq`u<9M08l;NZ_?UVBG0_=wmT< z{3uv>!N4R$iLNiOHMy%{S9d;2*qPKLw(9rLb4`^1L~Uq}GghcXMw>xY(i)!EicP=x z&hj8#U(M}AKxDAa;D=!x8?w->LO0Cgu~vUu&ArQ_IF*r83fWOd;Ta$>_3|_`NX%D6 zZvVa9E>v5FnA9!FEHHME9#}Vnn`kclDh_m;e;y2aRoU_wCcDRX?Dv9n6YSwq(DKEs z6Cn`WuO3$rMROkC>u~ME`Xm~*pYr_2mxO3ucYVZ{CI6mjWJ^GY$1k0=zw4MjwM@m>8{KHTNACvG2PUFyy|p_XG9#3FF27|EwciQIr3V>sh?SpGV`? z;*hogR+j-TU=?@0n%==r0BQYzVIy;!JOr%~bL({++y9KRK}~RPN)Om*S25+sTWelT z?b`1?3_y>{3~tymIq?#K9A8m%usx2L1Q8yoH$3_I-QN!mImc)IXg}g$oAP_o?6bgV z57v;K<73X-iF`(LQtg4j^q8BRzK7HyCuBFi!$FD`{^{QneEik0Krlga-cShqAICHS!&7wX9nenk?{ED3e+xfY zTU|c5SHBqAf1YKh3z*xQ;`~47^Ph_)m4QR{rCSux@fM- zFQwRa{*rd_S7=@oz+?aK(|!hIfE?BTo3$gO@k2`fPayxje*bT+{jJFU5|xnuQzQT4 zfBe5hjl7a56yjv7Cb0#InhXhwi?`}{{TkW)bD#8h-DC_=Nmv#L`W|PS=8O8sbp;?C zA9ZQ};65~sQMfCrIEMwT#tr{!r2Tnn&x;?&Qx}?EAB_t9J#upZH3*UP?AZU__cw}4 zfM1C}{_k}N>~JB9zy?hJ`}D2(`1SvT*UW`SYbZaAL5u&(QTfA4?z#J8 z*jZhIPM*G{_upgqN+PmWS!1_CIR1+yVO7 zuxEt^hyz^a|Cz(dtMb$8KW+9Sl2iN~z^~cwFdqr+|1A&~fNP}w|9eevue7Q7w>TI7 zdDS90vr)H$3N{~QcR8m2`99z^S@;2G!I$)+K8if8`0$nS!xy<9Ay;JocPxVMylets zjJcuigZJ%G#A@P~sv)NRqv4F7QhSFYj6G}my;&fB>k4^5>O@rh%?D5aV|as`GEXfg zq{}!P?Y~!^7!UoW{QJ+*=A(!>)#g8AizjPZ&Y!kjyHXj26D+DqX}S4dFF8+TKm%TH zDq5|e^zygzgN~25e_MAM+vx0qJox%w1Heb2|CHF?%~rPUPkiis98*vtbvS;ADE40e z&ji*PN@MCyi`wzDX0NWjs_j$Pca~@Tq$VhT`!5mA2}Xb4?e|;8^GohM4YnzPnEFl^ zwnU1FXzG2<(Dq)o~QHVt80Ag!Omg}!>CcW<*#(`KexpUOG=Db z>EdRlkXEtSe?I&N{XdD0#i@QP^-0Urv5>fl&4ZRonfEK-oDcp}f#y>blBrvLlInBO z*84^i0SDZCjivuTJ`3@AD^dtA;u|l&uzm3TC7Ue#eB)11I5K}8#lchJhYF2@5buE~ z!7D=#J4xve8^rZx-~#`BepWD{OHQg^Xz()!axKL{Z0~PRrYj2#AY?$q#9c6VW$CKy|UZnbD6Zg?P7XT=|3O;yonu9K2Y~xTTlLZ zFLO=G6s_Dr0=65n(#%d1TTcak{lXEwd%+IqGxzT=wu1t!rS$zR{9v~ilR=;7%X=!Y zTiod#I8?UYO{h@k4Usn0BSZdk8qh$gnHGS1G6)qzV^OuGC^2IIa9B%Kvpt+6;8W7H z3gOWIdfpxLMGB)z$7=G{XjoWS4sBeHp~-HjQ%ZH#seFAjfbFM;galTNj<-0y`xQg_ z^V=qesDQG&uHqM|LgRGTEl1rP9JIpvt=}bGx;C72j<}5n$l%XToHR0e@LzImu6f)) zFer$(a-_=3p=Rvcf*||#sww>+NwK9PGRT1A`dsGvoo!DO8n?EaiS;HA9E|@V^8TsM zfdIy>v)!nJvcW<*x9ag(unz-G-|nZk&{JRN|Dw2$1pPs6eCzC7dEpm;@yDDS7&jHl zfs)jsWOlF8^i7+#?w^HQMM^BbI-%Lm%)~UPH zY;RrY*&BJBnb9$e@R_IHOGPA6`%V7O))=D6eyjE%FS^^Oe!`3Wy0y}<_Yi zbgSHsVP-Tm@Y1Q{-O`%@$BrFiYgm{Ds`$zz-zzM5z-zquwz-ewEG2?zP8)@%y-ef_ z-YIQ+_b;i>;Gnb_WaE~T+*!%xmy$;fF6~&z#&v!owWGi5WgF`^M^GT)+0qgcvmWot zsxkD(&hH-6g3jltlnqYXlX1gql@8+{x8P^Y8%92q|B}W7z>2+;b7;8@G1-pD=<=t1 z+CjTzZEfFm8}}0)yaUq9&6JTQf@;})RrrJRF3i&6;zM{mo74<>4XCEYG#+_yG|~O9 zRnNkH%ZwazG0W>_DHd+Sep^N)K`$^XTE#_UZE=x4yOJCdoT!9I(}F8z%_SGp-^V=_ zFUXH~!Q=xasu2#Loq&cpgj(n6hg(bX6)+j*vyv&1{tbC(7E+DYw;i&i+$Adeb2$u~ z^B#ej(GHklJ?AkX%MEWQ$6VPhrw6jGDq=+6{|s+@Er4>dsn1Ci8P||QSHL?RiIq0` zY6&%~1#}tAT2b9dWX%1cSsdBKOUiO)W~67R;=!3bsup;wD*?L4>?FKxS9|UpNgsKi zlS-ntss`Eb@Xo~9Tb%i!(V>Xr1rgJHJq=wR18Wf~r^RQ^x!9RIpJDGolbZs@A~xGQ z;@<@x-aB_&*;13Au#*_RD?3m?SDjL5-jm)jI{*n_@j#H@I61Ew)?|*9q{lG2jFqfM z$oMNOkH>V*d$!_ieZSA`|Jwo!@#HIZCCA|By%|=mq1WhMW~U$G)8{usH@l_8aD!Ez z9r^`t`JTCQZIr0XGHYKCBqG^PJ_$L$JjOsBc6qY5aa*$tp=IlZ-+R*52K4gtM;Y)g z`QI=C2yi*_IZ=UMrwjRKud+%VFM(d}Yn+htZBxGFFTJ6CIAG9So3n|ppD{T`CMTJ0 z>7=^6lMdHgj@qCs7$)|7Jdd_ndI4~Xj57_uj$TVr6NOtv@AloW+KbT8-y{!R_jZ1e z={_U@WICOjajLm-lAGut@~i=`C_}o&%{af+dKWl+DLcs&NTE{2)|+-$(pKd!E&WM{ z<7p`!m2jP$1j=$D>ZdlvKpDNyN-L8a-Qog8*Rmt#(zb+&mkRg4)4>lj!-DcAYy=J4 zUPVT3kw~Tiv;1Tr8&~u!frdxUcd9w*;)_o*wQG!`pDL>Bt1dr2pV}CYD)}gj zCNvUhxJz{|<*ap^c(2ft;s*mhZ=9L3 zjc?fW^CLzCEZGNGs&BE7oCcGew$uDPTW$8j*1iDwL%*(LgEfjXgKWdfNi5eE)7!&A zK%X>W#+Ahtoo5zMoSj0WJ_>R}r2U!4$OmcAopvkte2<$n+8UagVsI-=DT@;qQb#0) zTEe8zE=#>aaHOavs-)zh;)(S~V>7qgXWO)t`$--R)cFV2FWk46{qhZ+gc085xeua%JUn5duq3)wt@G?h zjvF^Dj~#mwal8%X2kv^yr72?O>jhEllqI`661i%}b8l5>m?%)ICi|+m#>o=1t=1@5fzUZVC~* z)FzT{PZ%Hmw@+anK*gJVppvg%t!L`>)avk~k({!!60m_TvtQ=6Q=n6QHj0$L9xC|q zKta;%v)s3)C+$(DfjibkgWI75xyy^CI6bx8{=-MD+ksN#+IqjWm(9EU4GZUu&~JdO zf1o?rThNmR*N=@a?y*z3c^t6dYi$pCidO3n@1_RzvYB4Njq!&8HM3-Qk*#{(n*=jC zCWa1Qb zRG;7tYwFe*PN{jLR{RhB4KCxdB5wlWCb0f1Mfk(e{lWu4C4xWV%4Tpt|xmg;Foqi zl`dt!fQ5&YGxs%3-l+-*2!kt)K9`)(t(G z@!s-|nCIGPgLVvyBz_g6lzBQZ6JQ>i-*J#uQ!>Gh=)Zk@h} zG));Ogp(R7@umVMnSfJ+uoekiqH<_+mq8ozV=kgpu4jGjPV20?bACmk^?gu2hoHmy zcdMDbnf}Y>u8&mkY_{XO-94dVzx{S@Q}y0my@TUV?kY;FGxxfk)vOP_?@c_pALDut zKcs+fGQXNNo8&J$#Y^@1^#2StZAkVY+aeZT?U<8#N|nT-_S_#9BC+6dpkTrTdu`}f zt`c2&IU>3|@=F6}I+$g^Gku3R*%a(XAId0yHdFz+QsZIaHto{5vn`wMJxG^S(f&*! zv!n2xhlka@AnH^$s+AGXH(iY+oD0u%_4I~13pE;{$}_W1%$0*Y_?#C)AL&p?(N+|*znO~cm zYXG|ZatB_4@y)?Wp>F0WWAE|J6XeM#J@oxAP*_(Lw6Hg@9<7cQL)cmsu@w5I_>1P= zh!7mEyLgpQ;mpTI7n@g+HsMUiuo!C7$-$pwwE01=EWVQfF|(<_D25S5#mBQu!A3rs zQ5`&=dK>0$bd1<(D|7^+K`4M7d8|a;d`v4zkcMw*%ph_}B|7(Do2s*i5o}F@oJQEx zC-7L43>8&7^5kLGhuKjo8;Iw*Yue=wk!#xgX7_c~eU1YgWsL1W0i=l$AKfB`J2(Ni zFex*4;@+M;%GmzH-NLDvSCf=O{k1$LfFaQfKpM&;Q2L;F;+!93)-I|A6J&mw*iz=N zldTXgw48dzAdj;1Z66QT&(D`=Q)Od{j4%iass>{%+I&0fv>cp1NsbJP&FnWAVDt*V zh@0ue%rV!mw+saxpbw#B`;}M`zfR!_^JttKoR>G?D>WP+o>xw%>BmF>rJ$-avx=ls=5FO`Yl)krf zeJ<|wZk*f>2gz)$!*41yX?1^Me5s5+u8#;L73{s9YamawaS}=@O$Fz-;CliA_b%%4 zVg2!J0cl$kP!bst#$-821Wh3OMs%_kzj; zqu<8aTyV|%Jy*dGlUi`uKwS`9E?<^t+qc{Ad(M9bYwOGTI#!4fL~Iojsc(_A9OhFvs#tYZWewA45Hu?aZaj7V zL8PQy{z0T1DEUF8#M%NxN`+8)AE4unz`;i|kiJ8`+DiFB4M1RJJX1C7s~2meT=j}N zBIVm$71tpu9_U!SE+$ZyAyT(Jwii$^w+R$9z;@%*=f-5I58Nlbx3pd;B2C-_gDx^A z=!+G-*%E_qRjjPo`zWavb&Cm$UxkQRCoeeod|4YZm8%B0f4=|`K)@UrBrru^*F90P z!boHUIA71wDK)&lC7LQaCpV`;SKw5?q?Dvn!|KRhLa|*hD_>ZOM)oBM?wJyy%h=mD za&!9^v+zaRaC@yWox88*GVBxVLRmUDMJyeBCEuv!md97U&70d<3f89t7cmwsP<`69 zKupYfF@U=Au^`m@w%KqhA7QBTRN#m*3KlPq;X4ON0waFV&lYm*Y zq~Uv%z9pR4=f20RS*5!Zze`I^iM^fFUvSFa(cjp`wZlqKaNtg2-w14{do{Tw1Cl}{ z_aa@$2SfOi0jdL#*3x5r!`l+2^F2bKq`0>DZUXRA!nV6KzW%v>_#alnUx1D^1y8Z1s$8B#pac*sqKrD7noXH*I0fRE2ySoFq zat|88CZ`9sSL=A$bRnA6 z|JyZ4jIsAhZUyUo0^i&iPOqqiw?5oWtiH)473!Y|_DE10ukeeS_?*~g<#ZBg|0WFU zhfVcbNf&N6EK-_!HMgfkIN16zZdQo;HPWx|;PB%)2ga`N!@klJ)(Ws_wRqw~kfJ+( z?6wG#G0&mRNd%K`&)UQ~KVfh4$sYTZ3SoOHQfk%L(ow@?g=FZWA*G)_C*(VMut&!c zI2{KSYYg!YSX;%un<-h6Soxnt8oSG}H)1_#|88uxVS=?l*+fK>Qb|plsH-jSz~rD1 zR~?_l)o$p|o~%Frf|M`(7spfzwXP!tuzr)<;?=V!42s_7F_d-d@#^v>l&wfp_wjZRu<9|D$-EI!Sehs_Eh3H+bv?virvS4!;{KvI~_R7DOl`@T^ z8wGOm-Q6eTQBHPWh6hrlu=N&q-K-@R&UsGv#i`}Q0>z0hE`qT`7x8A5`UhnvvriTj zg)RNaz$4;h16~sEG#7@w#iFh^eyTwY^L1CX1}e3WPSeuDlmd+L`^F8<_>y%N@j365 zBF^PsGnN5%%OV9&kz8NnbCGj)!!+QgwZkWJj~eGTG_)3iZn{*@1_`?{pd;tvy;I)a zKy}L!Fm~R0B3ft8E0vA&zniQB>TlaA5I*~p5{-lxHInRVhL12>(bSy=8OrXhmFeZ0 zMQ;z=I}c4>KL36C;mn0swmKfEw29a97O3j89lrT-+5v_WA_D1-T+sqy2WK4GYi40uKjtZ*tC5 zk;n12Wy4mId|?3Xbk-PZymedRlvS^i$A>?30Bbo2rMH);IAhQF9y-1X|-(c+o-C5-{pRJuxhfaMr@4|mm zXfk9%5(e4wZ_bw}vl)9m&8lG~6UH$(y&2@-FoANz_hV9v`J;Mr2~hPu&rbzI^H#xeaKpo7Y zA}Le~=U3^v6LGlqk{M2*7)(NNxkjv8O3Pgni|+vwc{htam6MBvbRjQO*MteLBO8j0 zTwKd=_|qro>Sj0j>(@0>*B_lD0o6u0jFdcT=PE{ec2JM{YC39)%D`#8Bd`4Upq9N8 zU3O+BSn0b3BOE8abza6h93XVp-|S)>(G|YviuAIo!JeR&=fn)sJA#OAlqtc$&lGD! z;ow}Qt9{SxB;E0dNNNZE2L#$Ty&v4potHz_%t4nTi|W0;N3tsXo??w|uB5*FzB9-2 z{J&AtR>MgHEE`>Tv$5z*-Da1RNQWvL8C~l+^C$Z^Jx4s?TgrC+#JsxM0Ro3V=yJj{ zv#|6Ad%E!_K|T7oC`)kzI@dFAgb}qD?pwZ}%gz`Qs~FYcjtd0-E$?;AWl&@hcl}12 zUZWMT-!gcpWEgxiKEI>p9%r6qS$CCGhAzOr^)<;i?{q}r810ifdi-YTPAq~HL0f#n zw_O0vFT`C-tUqG8&1|UvXJ0w`P>SwO_5R&Pdb&OjQN^>J4ouq>{u{%ODG3;YX(!Ts z!oiTyy|PC*JwPuaDf|XnF7(6HffU^%1L|w_y4~5=3suJ*b3HAc$hJ``0aCn){qMpR z346$Eb|##B`q`Xsha2IZ%b<>n(86pE+sjmkq11@vaE;@Nj)puA@MV)=%Z1a|g9a0NC${ hi-B%HS83$IAq@I>ck8Vd^f%x~RZ;6+p}hIy{|6gyM<)OP literal 0 HcmV?d00001 diff --git a/components/engine/docs/sources/articles/b2d_volume_images/gparted2.png b/components/engine/docs/sources/articles/b2d_volume_images/gparted2.png new file mode 100644 index 0000000000000000000000000000000000000000..0226a047ba7a0a37b6883cde9d17b57bdae4c05d GIT binary patch literal 232398 zcmb5WWmKC@)HWI*K=9!1g;E@f7AWrSP~6?x;_hz6Qc7_t1&VudEgsz6-5qlByx;qs zwa(A;BP%P(+%vQH?AdzlM60RDVxg0v0{{Rlc{wQ!000FO004djA;Q0jGYOS}zoEIx z>3;zLh#3BRA;@dIIR^m50P<4eT3!gpZK%0MR%spnhbOdccM|gZ%33kVvek6vKl9fJ zhW!Ex^aegK(V^1|9L_HZB*a9;aLN&a)qyAyG^t@pNnzk`U^$w`Y~Qm7(X)UtBS)9% z4oy)T>q$$ z!mS93b5Ry-K`k_LdDNPPuuLOyKOk|$H;oHvYBFHjsYDye3i94gl?)R`LKP@;LQ;x- zcddU>#&XfTRl-$%O&FWgUIOqv!>L^1I@3HlNC-NC5B~Em2e}y%_++tE;H$#%QXLOn z+NVN%<7nuD?9ffgyql9P#}gkx)02D^qKJc-Ag>Ji5RnnDjV7bViYrD|^52sKStAoP zUOmCGcfAv0OC)Xe4`%UdAM6Rs(L}UHI#v?+=q8Ak2qms(x4`8VG?L#JGkJ;FWi(lF z&o>GF?+%(^OVniABcfN}D@g;Ij4?dLNLi7ZId>&uM5mF^WQ*_JR=5*1VIP5^zTh#Z zLd^*-%k&5OVbsKXIP3a4MNhz~Mt$xY0UilNA08BVI7_5~S>7v*)Qn$RJk6i>uJo)RDDjXL|K`;k&O zo4M2^g8DEdi%CpBr<+&#+|-Pq%8z}=SgvB12cCqsd#R{^613P11gFN6g(vmuV;8*MQv*~8d}L>a=X@i0!s2f;i+F4|8A zcm&FtodgP&sie$Zsp>>mF0sdNv4W2^3_I*MK~?#A!DyMunQr&Ooz6Y~@?*)i!KoV$ z_c|dpO|Ypj8X?jO7Sa3l(D{5fbXzeozMorev)-&dsV+<;JP&B5Xt*|6LW+s{DTY-P z0EMU`vt&Y`?Ial^hJ~GLXeZk{(+%=d=a`~|;t561MpCbEKvX2T;N@?eqQ}1)`u?fJ zr=UWxMYyeAeq0erI)Y4;8oDbWn;20s1b`o1-Y@l83FHh8E|O0h*s!n@)6C_GLKrZU zlHo}QE4BfLp=G`HSnLHqr4YwAdrsmkY+zi?aJ8=S*YOeyvJkFv&)J zByi-5Qm#=*y?KlyRD`F=W?DN5`+M1JI$PE z4LehA37Srww9JtVE&DfsgV{P5R53Vc3knB&bq<0b{}zyWF{SN9j2b{)6I?GM!ega4 zdD+b+z@&;pRgTx<$#TI32%)?Z2ULnc-Y)u7<9<@qp47S4I<`F7?;NTk3WLYAdU-1{ zXd0hGUDHEiA4=Rk#_pcJ{*YmW}@zIA2 z^mmWAScQ>_V?)fBk;y91hr&LiF^Zb%A#aD9zn-8`7Px>FpR6;46*$DoyYrXKxBrLO zzLzz(QGWCV=P7;zVx4sO73Bw0i2BIc9FtdsQcUkx_#*|;ygN#u2s&gUYnITCn{o(F+7^?%2YLQ9U!X17Y8bw8P;O4w=v=$zf} z?6Faca>7?KxO};$ndprMNm@iAbxtlx?03y;BmLIxXW<~YqW+?ik-P7)Z>I}6rc(43 zNFcs)kvtv`9N2>$F0H+K+^&NKum+9auo7+`QbxJ?B&n@hjzks6lQ04WbguKXay)UZ ze~I-&LZ)@`eUNtP$?>TOO1mPtLu5VZ&nQhiDeqK>-2g#fN!R6Uz~y=BoRrJlYB894 z#-d{c?RjrMa!8|yH+)j$PC$+t|6<7V4`GUhlD;YVio?BsWI!BWQL-6V@*RE`64o0D zs;s#q2|d8)E+8%=fXaBVSTiMq_dClqNbOi!{12RL0g8Wm7nnKq%tW3OC-w zW)bLxCzD1d%KI0*$swn>K;l6Lz`6Z8u5b;xes*F`VuNQ(lm%UeHCIiIcvTA~l{`|G zDk^IwwGH~(1peAP=}^b|bV~{haL(SF$v3DZB~xcMw)^OFj1+Qv*>99QMzFt888S)^VvX#VP?#S>{|>zGXDV=y9GF*vSg zJR8QCXol7YX4X;_I^ki+y%izDB4d~x;qrc@3DH0oQIza)%aElgmvL^k>Zpof%nv4h zj~$V1F(yln%1HwOAp^R@?QsENt)^*a+^^^7RkOnU*oFw2meK2(a<~ZyGNG7wU9<0U z!^+XIB#x6A-odrMbd~-!1C1h6Cr$DO9wU&qd)h$NlE4(~6(g{_uK_RyGkUYg>af*7 zm1JK)bQkVItn_4v;=mr-bfzLd4<5aZ7IJ12K{81zvrni_JiNFRMW^1v$wm>}+{}8I zIzW)wS=^y~As{gXmxcwci=kBvA9^m4GhyLnwtw}sLJo$~rIN&QWim)xhI5j3Kmy4S zp)5>eh@=dP2~_6q8c$pou^S^nK{HWb?dI1(KwQj7z5LY61*mDb0ZMZ6)fG50JN(^l z$Bed+weCUOO6~XC_X5Rmy@2u(YzrbFvrJ{RW9-#PkYV0k%btk0O>k0L85xwJZTOV_ z5?LyVKgZGj>&mNZ|7z}O6<}ui-)6*7g0eidNa2$dTwRA5i|2_qs4v_TUzrHQ>Zk<1 zM>ZwYB+I|27nG(Am5T5!n^up*bxm}jc*A*ZHaRC4R@)mUMj?=DW^hN;)+q*A$9=0b zi%&Y!Q^ab?1uG?m_So`DEL&^F)-q0U8T-oh< zARq=5+20Z<;69KJDdQILI1JkOtUv$ZQRY2uD|4syqzBM9N({_PXVe`}ZzIptg<=-1 z!F@l^Oi5jnASE+4E=kei7DlR!waj4X8ODh_YQ+R+8jBw0>@{ODH1vqRI|>)W<|BJJ z9!nUN1Se03ub3TKvzKK?OOs?%JM$IEO?Ol|$MVdzM3Ql>n`YolW_9Oj;);FhaLSYB8IV~}vP99aa)UMETmwIU&T8Cz zrJi$amxkL6A;PImBhcx5+>e|leP|o}hgzvhTaa>SzQv%2c1oN3;kt1mQ$f*Vey~RF z=Bo=w%pPp>A@F!FbMs+f2~jt~6E9;G?g>zzl|d=asAn4g?ywy=XSNk~K^H6ca|M*_ zk1hWGMVoE$45^Z_blLCkjfu?zcLMt~Fonl(;-a@BH2N)N(p=Nqv1wU;(S9-oyQVr= z*?j;GLO@Jtn|OX82onHHSTL?FFDe)BO^psuQt>*1E4|G7b}NG_++LDi(4aR-LQ>J; zH;vtIzkvnd`kk)9CJ4WW(+6e!!RfGhy;d>aD4O+$8B{Tt z5f&ujNUX|HLIi}A7(+1Lf0Ua#pi{z<1M>EY2kmuzg6{dVDXjrCOKN68;Xxmn(t$kX z-UZ(#3W9sroe`KfSpV&7h+{z!LxTzoSrn)A6S=f^pURD8(Z!-_My=+5DYJ0OX}U_# zA_XOFn8vvHEc{n~f?~1^th1zIKuodQ++h zddt!l01<~SnhdS|aA-2Zk2y75xDAe?nFZiXrY1(f4HHhd&OG&#Y9w^N%+{2(uQPbT zqbn~_r=Sa{i~o)SGaVfO7M>N`j4Bt>0Z!41^-GCG^J;_z{aeg;{F3*URUyfI8p1M; zL^E&O&!37+ZW4Ej%Zby2Tcc$Jh|MVbUjYdkb@&yP8_ggEb_hbX8azQ7?G! zJb_QdAjf4tlD3BccI5g0!|KN~A=nNUIbRch18_mWAdV`Yyn&JjV`o=L$4TFNNwVy0 zx!$a2Yl*tQZahvuC4=?5|GM}W98vRE+Q@taYa4fQ$zOhAmcMk$+%O9zP3?@6S+9&) z8_P}FE>;a1oLcUxD~_lGS%-zZXAAXXZ8$!01$NNyv5AoQt@fSdUU(UP(k8G-caz>U zr>+VytPQv^x~u%uVRaI^L_Oc^i#l71Uo!r)-F4v^3ER+T|5XtiF9IVv=>{34nI6G@ zy*Dh9c%dh35*;^=k;GZgE9gohAQ2@|nKUQp!5lRB#Jekz{uR?XEGl#rq%NuTD}pAA zQ6ZVi`6Du~n4UNt2^O)cNn2X4uRJRhi7_E)uuo%Bfx=%K@qH|XQk`7T6M9*@k3I=I zlYwCWZ35mTF+y25EuewVk_%UsWe607`BJufpLjvI+CVz%cQ_*J2r9S0MLSYf;+|w;MfzK_P@jj+J)1Dswn`M)%EUOGm-8 z9YTIEAj~S7xI6Iv8GnkcCl40#)KQU?l8i|66k+-$W{>)D9X}Uqp;g_UByRH|lBmx; zmH2Yb%TN~k$DHm6IpRy$E5`2HRlfE6Z)9*|kCac?ca@mor^GGtFy0FL5lf%~HyjO! zf5Z&_YF))E=pMDW9|_auEjt`jBI*h-jw#_^BC)u%K3xvantZWxH_a_Dte6|RIVR1A zI`T#QK>9l~53Sx_7&m(To03lDUT2&PDTKqEHxpDes84DrRRbW`ibd~EqRoo3^%TlW(+k7 zzomnsf{YQI5t!VnHf)03)@w(`v1Rn0K5khn6B?={bsH!*V0M3?Nd9p#BwaA|6 z04y&-L?8h1++f!PVjQGT*NTxo$Q+Lp2@I3ZSO+;H{K0z@k}w_JIZ4?p#EU|}O4a6- zn%?`j?;i?E8Rt3Q+Wr1rc3`U7HWsZ3A%Lz^n+(g+md*(7u`@l&7YH-@?%>K!fsdJW zfRqJ|ta)$`?%PWqZQrwy=!lXV%##m-4g}>j!LB$8jskDD$Qy4Hv1b!~po%z|>BeGh zWfS>pdrzWQ$5z<7gKK=v=jy*Va^dS?!~Qt1x3~-8{GQ5z4dL4eKLqF=F&?klA-b(c zNHEq61;yc2NFuXxRjPE`g*X;j8wQ3zOS3|m7^-V&pL#eSS#9@#vh|Be$>%T?kmd6mG$_~@IyA9+i z-(A%lQUCt1Xnfz6mPtuTleP2Hl{TRU(RS~F(@_?Vm73dG$()D7f^7HS&44OoFJXiv z-1v9vpGtuU&KhZh8OFXFY5YcieO>ob1)r3D@cK?(%cn5jef?VUf_;sB;&U8rB;;{6 z|2QA-Y4T+}LMYpJMA7(sL^IwZ%r8CaU&60=1|9D16Py~wCM%|>X=Hz@P>MWGUNWq7 zb8r-9w5)vAvxN?1VhSISbo$-I-1aLf674Y5f-nw+bPNwM1u?CecxID#4tY zgCVBcrotwaSjYqD*p&$sV+03^uw6%C%HzR0EJ8DNPD zc5}4FuJIAlS%$TxuG3D?kx2(m%r~y@pHMNHf{U97EtJ)3h?QNk`w_NsLv+=U@UWKe zLF=@ftMTEa=m}`gffp}1=J&)&GsLew(l|xBhtM9?Ph3UA3gx2O&%Pe85|^H~rP<}$ z$FZe3$K{%>>em3C6k;mB?&xt5YZ&RX<`0pQ<27!WW5WVP6D;4w_*t!DI?H$a-S|&+ zWmz$%x#LQ!U@MRT~S~5lh&grlMYLVpG443Df|zrKD(FBe^R?-&kQ=^Ul;ulc9K8OrINniQ?eU= z#Cg7hi?`tOV5ToM6+6~k%O2ZL{$xQn$1L_UoI&=Dh1aQL+NkMptN#&$zUKngw8yji zSy7|s`xKXOKHm>2!U6K*^OfThGLpD3QNPy$l^QiAcoH4ou@Ba97pRg|>ya-&uOM+- z1+Jo#WF{;(Bn50YF)q)$(#3_62H!(Q@VH|40(~|KW&h7Xb?lA9{_3x_kiPRmz5BX? zv?O-FFxTO6B^uyw?faC6u}fL=^1$6H{Opeho{S^=%PxKSNQnZb9ny+KDxY}TER1E{>DrO#TO030 zo80ampZFY`9Cq4p$`>wGMPIwKSKk_6gv=!m`yznC;RTB*Fvw`8X))sLDkJMSu zk^-SNtQ^cxnBms_`&*Ix2_}RI1z&NC97ycInTibPVJ0!*3tzQehf31v|Axlk;gh8w z>M!CWd?30~{c_BSg%*5T8Y%00QaB2X{;0%UaK$=9!U@kRPUYKvhTAZ@Q)Vue5n2M> z4u8?7C4^$ zJ9N3N)1LgHxH>SO+zxb8kk9MS?tzM(axn}K7Sozv+JapRQBWYe(m6tl2C5j4^AIta zQq~Izd@~sFSYVs+;jujBuhh3^zWdz??d?#jSRq@5=4Dvt4)y&+qHV^@1L11c)n&>?k((WUlXTKYbRw5 zg>C#c9>s6_j?uZX+ogi8k+)W>f8&}Or}7a&2uf?e_FV-!d_3SBkW~fS5-5k#Pq71k zl%g05!gc;wTqR>GlRRdNb$S4#%=qv&FJqaygg0x39NVWsj%@Gm|l2NI?m?W_(SdzxNgG!qETOQv~SaqC6M$a z5k+=8tB1C1{`!!K5$HO~fA@W^cJtQ@w#adA=pHpshp)J*zlyAtMt#;t`Dvq{P@^Aw z^%nhc+3+bd=S944j9@iH840(4h((@uoM{zTeaJc)iql2DF{BUDw25yqO`@}rVCnE9 z-r-41;IaT$s|Km`i&Ze&8ky-`yOKWLfrIjb@uv(~^V%>tlbbi~35dL6;h7~IGCyVp z2SgvhAS8)!f(B#CsEXu}Cm{i{Oz&L*>}u<*uHoVKqQLsIN}yLEsI;G~eaPM~)ji#* zkEcv*`3c>|4ogx}ascTai4O$WiVa+DD9MmIpmLq&$?{j3#>lyqO9byG8`9cdv#pY_VC7TIrh*E-v=awrC6%=Yenk6R>M!CHv_1B>LJf;SE@jO2MH}Uc3WhK zOqXFcDC-^qFOsgP(}}Go({f6wp~)i63XGy1Bt&9%s(l{_Jio$Os+>7g^?i}efzIl% zRrsI9uC@QxV!tUtf3JD*oMRm{=DR-#qKZ)vPypq5y*3KMvL71DxX$aylvz*sQVwvF zuTE)!W;s6nA& zDBa#KLrcz2ugG7P788E(+jR8B`s|LBHq@t~qR3D!=r6Xl@_f+PWO8%F%!oiKbGpfH z{&GuBV#_BJ(BgJAbY{Y7u~5?&NvWbVL`Nelt@OFHTHv)56^rp^ccsZ=$7s%^$}4Ab z3MZ@Ht8elY`OCj0N6dtTj~dKpo29ff`hQY0dq$IKl~yoz*-nl)aIkpJ=Ib6y)_(HY zTzuP+#T_yW*&{dmLn44G*Je;*bf}2;bu=aW|d$M3b zb+Taj_D50jYjW_I{lN3V7gU^mhd91dQhm=pj({fDu}Q)wDv1y8BgCpthmV4ben`Wu z9){$W{ybM|w>btnA66VRNIbLqr&@cgxN)kX#JL>S>Ty4R<=h*_R96SEsh%lVe0_f< zBkR6+iXUDrBMt5*aIHfLC6_8>^d!(hUY7o(dM+2n5n5PjP-WdD0!4y{$FL*F*nFF6~?u@)wmqfofF}sW-ueD!<@l%PAF1U45f?7#DVSBv4^;J50#(L}v zO@#*U>BK z*V*wLv*yH&CZ;nX=k96+&?@ZxH2sa0_jSht~XG-Aa{3 z&yfdCC=QwCc27lv_j0<#`K9&B!O`o5d>B4FDr5@7_$ZxhOhLW&qeCH-rmI$E*w<6N zJXb|^ChcMkUauuMP#Yk*A`W!v%l|o+gpyr6fR}(mE0#dBmCI{LauwaL{}mE(8GT{c z6kV%wpe^>#2mbL6HY`sG!g1Jb??piy>&bh>pPt-MSn-2PTjlX_NdG{T3ZL6q%jV_K z>`CNE7Prl1FZQdn^?3G1znb0B?4)h2Fn8u^x%}P5=h{yjQ~5<3(A^0&Sp&**+E%Kk zhuM>+D@NQ4G!@IHLdOpSh~K{^-<_Hm&n~n+R9U51E9V%W9Xj6LVkJ5|={#(ikA6fO~d8qGsLi8Ed|UT+f;;A2i! zUFIT|sGb+tblFWjs-E0ShVuSl3`$iIHc%4tx~{x?xB07g*r+P*`j z=l(%MtIU|JwVfESOYe#lnYwhIaBcV|g$ka+8COy$k4VEYI76FyTP$7z0 zFg)DPh7xLED;tZ=Qj&-#;Z8Hv@>IHMZSD~1C7cxVYS}V{ss(pJyIJu>e7lB&T#+f* zQ1C-cl^)_q`6yGm^kpc_Tq#88D*(Nn)z)PuZgc1m$TvqzS{sV}RqP_O1@2 zzR_$Zi`PtJ$o>Zdz{@HoymH~sVnQi~1ahR56OL*;T9tjRzJhV_p<^bt#SC-)(Od$J zlyRTZ0w%l|e10G!d5=b3M6=tNryow>yFu0Rk% zoFb6ta}qegwH&(l#%6kQZ+XT>J#gn$Rje}$**Ew{s*xqRJckqFI%I@t0E4ca5oq|D zvYSIN>!Lk4E6<>AY+R+)1jIzBEdRVpIMkjWi{-}ea{dChOA$3lqu(`)J=|v^BU)P0 zg|CWWXKs<>zN11Nb_h#UXDp+~lgRPm-x<=whQ>?0*~FYnZ<((_vv%bAlg3FM9HI|cC82K5+{^^9cdsu0EAp-J}i z2WC7BD0=2^l(j1G5Nv&iOQ~trPqOpfdKeQfW=J`qY+4u8G)*p;O5bX*ni4s*lfe|^ zMGF=e%$b`8EXSIiR2bW@kED?_c{S;qqaAzZz?ed51iGE*L$sxFX7uDgw%?eB=QliS zh%h2%A|}Kc$8!&_@xUChFbzMS{U@00T)18TBbn-nafA|`>TvKPC*!bK0R|ZY`_2dS ze&~BVG%-x!-|@EJtKBu27|fbruOoqv4P=dbfAl6bf6E5Bv|lBl{%Lhy8*4yzsz1H7 z_0DzqI^g=9KXhN)XC9Ekj`JaDd5WC>I$xj48PIQ~XtU%$XWV*GxHm3(4;Cvv7fzxj zLocEH^xi0Qc=YIWzUJ|;r=(%@d$X#qY6TBBPt6e&DpI&D#j+q9sp%c21j~q0C5T6K zIQzX(1GDgF(KTs1XeS;q@Tp1`5ftcpx0F(amwr!g(c*jZ+u-c!VLKeZWbEhs>dePw zihy!Y-R4IxhG9kBnnHa!l8^sV{Be-7xqUbPG^?(+@4oJxG;VitZC7GOA{TxhIK{Ta zDbn`VlvEYbFE;tE#R)(`McoK~o6FT~lFQH74sta`2TGyXfw9S4cOSRY91E_Ib4)T3 z@d=C{$VTXBzQu%nvB9O-iRK|wC74{?)_U*oS_G`8sJ*QpYmbBehB#R8%m zU5Ik&aeskH6R5;ZkPgG+&`g>Z;t$fHav{+@cz|VFT%fqVXHzqH!XT(!-Hb`PhLR@; z0fN{T9fy(&f$c|+S{~d(>Bw!5)_L%$A~oO`3)ji@L9hrMM4F@Hbs)&;7QVZON}6v0 z_7eIx*gTEi*cjaVX&GiG@fC$Mf628a!-c>}HoE_xl+2(IVs2ZKaSQ4z{|Zb*IiC)| z9^a7SzqDweyXw96XEm?O`b&RJ35DnJrGNhzk6BIPqs@I@yyr^2$5#4EtIr)KR@x#X zwd=lmBzw+Dj%q%hqBdZhSlXq151zSka@sgb!4^2)@6j3Az~7>aHl&2l`Y6j^9ysVT zTWRbMbNzXTI&>o+OQfQRQ@p^l$iN>CD@G%z)1Y(Q57U7Tb@8JKncc7cm)>LoSo_YIa#K>$XbM~KR38CR#xOte}jA3&NMqseIb25T;;`iKq_FoL?(-dOyhx>}7H}71Um-(zNaK}Fe zz)q`63{~G26@Tmc>AB)@b@=4LNmTzQ`iaWpSo8Mh>;A60!IO-AQMSIK^|j@f&E?7Q za#6coS~?Q+F|*)cn{-P&u>vJv3G9IZkT1WnqY__G0JvtC?uO$iuR3Ig`MWLbfB99JQ02#i@l^eU^-f%+R)F z$Kf8ofRf2=k^JK+Nt*ZPu8*#&Us9+2qR=?mHGL29v-jT)E;FF^p&+D8JJBy83t;8* z9qHF@Bzzti3_CEQTsiqWH#4{Ik{Zd}bKsQW*!uiMOF+$!jG^sz^B-C4=JOE+8#d!D4MaEVb6G-qC1<K0d{PXr~w|%`Kna0Zv`%;69Lym*M3;rEW5I z#g+mS95T*$KB%5{%A8hBrsfAvr}i<@h+V%GJ@MeCM2#q~ri`!8$bQ*4tCUv_vR4p& zIk;>8yl)_SkuF(MY|tVbH{6*{E_xHp@rU$D-SEX-_qA%l|JsiFKDNjDg1;EA^sUw! ze85!~$I1_6Q@iJ*KP^n>C}%6KH?ki+kd3WPZrW7Khm5g@iuBK(p9N9tc)fyYgtFGL z3FV@kK0<|pk{*h6?GYt{@>Xx=vb}ft8xwbszwD%mKJRV8a&06}6YI1L;P!sjUXtJB zzIpuR${rD~*C%t-A@IK95|=~p1dBr?%+p_Kqws=*fQ93Axg?;9tS~I2{pYya4b`Q{8ipDySM$9(R~$$A;HQKr@lywTq)EF86~6udLi6umlC zbs6!4rVh^;`E+H#&U;Kg*tx;9a~>u{UxrmuCwb=#Ur!2Pn=Wg9hBkcPvuPN8`_gd* z4B?R$kzOH^@-k&Ju2=B@$CH%UZM#fEm&_yZ6CV=9wyC%7^>{h)`HM^abk;?}_|MvW zdJ$bnop9Cb+4#qdH4u|~&htS>pq=V0zsl8N?f73yRi7cBgM%DHxABbemUZWCA|uZk zK?4eZf`mJMa#5Q7k1xW^12Xd5_l|}{&54- zrRlJTx{VciUIcLv$8`>GhU;kCV)d>u^L7JY(dbk}ASY{In`+H+$F@1~lZE%Wwlqed#urWx3NSacRQ2X&9xIqZkXm&9KwgU8~ zwsgq~WnRH%!f$BzXN8r1AmCVFy$ioGhliQ-;jGH`7r4nek^x zu0U|w785%W6D#qY!zq4uUoBe1@u;0JyQ zdz9&wKB@{JK3M~G(69H2K*#Whn&eUM>d6Wgy7BEf#Od{ZQi5G_0^r@Rt_M*GW zUIOg^k{?%(TPCj^LK{M6xty{ze-+84PsSHQj#VZlg5D2|Fa=N2%GO)k5F_f*Z5`dh zBVgsGvyXZ>nL5SCMY;@R=cTi8BZxTu?Hf$UUQ@V8k;_^j9grt6x*jg8wuqp#y+(wl zpkWyzH%W6^Vr_odJbf4j!Ad8Taw9|xL2m_A^QQk^k3NHw2Xb%Z3B>=tQf0m^5K;{@ z-#*-cOz8bCh7N2n z_PNhbO%rlj>+pN@cWJT5H^KiN^-p%8<6@`-F(;o9G4ME9@l%(t3$E(6mdTI6&fiv! zJF0z3J0>Wj@X8u6B!#XO=JK?o$`_l%!{z@O)uC(=wKCvHe{C`OJfyDkR3$Vc~d~CLe3fyYY3_ z_xK2NyYY6pzs5P^7V?|@MyR+qA}-fjQ5cC8Qj%KnwR9;pvVFSobn5JRIbo#ssCR12 z?*Rd_yx9530=twn+54FR{86=Sr)rS>oTr=t8(lMe_9B|V*1G?wcFUQkwc>ZN=D+cF z@L#0;)2AG2{tQpr>pIfxz}J7<2OQ5mFV`>s>hEag#Zq(>e^fTnwasa=vxz?3FMwtm zJUG>?_8!iB#%=iHU;535eh{AjRDE929eV5mCBHO}bh?LVDEd;i~Sv?6UO zKe!bPbJ3=RD<>1jyq*TyGg^{M6xOiz{Pt8f6(O10?MrV9e(rUgIOUvE(#?7xZ4_7f zzs?#R+&b?aP$6n%jv1D)fthCn)9*IluRR=HW#_Cm)p;2{&KW(Y*LDm)gArcx=@ayX zS$NO8Oblzeo+yZNj_k)1ei)u&a||K&{E)iFDxwex?ZP!>&JNr!kqoC<__8EjsW!>d zRJ9N9dXiM#R}J{%_%q%doAf=`rLAcTMGY5rkfcN71|8NZo^V&2%XT7CSr`V%Cdp8o ztK9BXOHT4g(qwB8{WO!OeO)TMF~esZU$mr>)k^qaMk6 zYql2$t@_FGgu?Ne)Tv05$zO5Ux>NiF7f2LqOH(B85bN@#GrOz(CNPImtMx&73p^E;u~GrVc(BANE1u9o!Xoa5B${W)i(@n(H)ayu>B zylqi5M#9e%c%RX#lGq*^tGsd~UOrWmLKs2$f}iDh!(&*(Si-H3LHwF2IUBFclqZh1 zz2BC`BOaqqX3#<7iI;3{w=U-ev~&Yr%+Ye5T`Z%dJaJk%NffRgt>{`vXv8xnR2t%w zKeUGD^w>JP>hUbYe~m(bS{4+N(NZWWBEVd)&mD9r_QwT-Gz`41<`PZAXcBbko!cPD zI*}tOLA18M3Oji$826fiu^olBAepVRPzD4*)KQFKBVp$5--zJw8e}*{sJh%|X52)g z=k~f*#~~{R>r9bOkclx@5qqNJkwkZgF`D=>+p>n6e#x^$`;JS+aN%u_*d4#+fk_u< z2&l>rlQaeOX>jV0jp5NMUTzCVHF`03#mFR>S_-%gA|I$QHQM=w(iETu0Z`*sSE}ns z$ikJlP*9O*k`nM4Ig4e$rMYNS(bFUYYILKDbnx~sW8FostyWs?-4Op*mbJB&% z;s6jt$OOV>zM|BjB%vSo4T&Stt3xKXV+Sa?|1U`i84QG1s;&E&SiuC2x>@BVVsB5V zI9orBh{ngT6JF(@FFV(344jt|@5jY)Q z2wT&R&al;kwGD3;<&Djhai4LPjAKa$mQkZSzl-as%B6JY=)IhP4O$cb(K<&3#Ue^k zfh)w&L{>kpd;hm39rBmDt#f`4J=87E20rnC!2P*b*Tq4(r_Bt%qi4;z*D2Jorfc!* z@xZga*XtxS|4{lKh5%BBAU75H_uWH*KLh{7x@Y(u9Eu#wYT1wZoK6vAEYz-HV(t+!Xy_nTO~r7JHuu&+lkqN0xG3cAcE?KcK%#-qOYQGQxG->HRPZcvp+ zjhP}Jsr+rX#tvEej*c%DNWw5PoC`;HXE8)S@BSprHc>1<{d=1d=%)0&V>NBX?&!v7 zP5A2hD-K%*&O^`C+Uq7#i5+CH{n#Y6%(>AT2$QN^@a)mP`+HdR@xZlQyw8E7#p7+{o`>+ zkG#HG(dfU0zg9@3GLVZx_|tStLPufHGJMj1!|0$m;7awMVX9T=iCt0QU5UXecqjq3%6eFx|(g_1;9BkK(V?n4qy;v~^|Hx{U0TKUO{Bp+Ep+O$9HBT|n6!S>{z*QmQRn~2KGW{fH=g2tCKxzO>316xVA9ivVTqy(*Vo}gVrIG)q zalCj*(IH#E(M)ax=sIaNO%X9mmF)VtH^~_Y$3@*VJSO=j%LMcdl;7e`AXSyc=^xrT zziz3i^UBEq<`YLjZ70iPU@F=cusrY6|~LjR9lQc(QU*pTPI}nKY26V$xUbz#fh>+!cHS+)aUjVF& z^X`u(KI2iw)4!ijjedhl+bSX?Wj)DH{o_}pLg#-r;x(e#45x3eR%-x!QrDeg6)mGQ z^oM3Tp<+5?10Rwu7($*xB$)`!Lt6@@XoSL|i?S4Yd(f=(fLow`+%lUmV#YRj52q%Y zAp!?i3ld+Z*Ho}2n!YIDDF}n?8U@OQkp)qp%SA=W`x-5zz!aNFQln#rODe)pJ&pVZ zaN(K?iHhb>j4o=;MQg&C2t#4PRa0Q)(q}_dC?Hj{oR0nm0{dWWeIzW!&1Fhl)XO9e zW~j+a)yEt10c>BB*6w<%DZ=sgxqV36_j%5SS{+&hRrkfxQ`6U~)3}T-}d5Z`z z1lQ5g=K@tNS2q410I5J$zh)sXR=FBD8pyoG{L?FlZrCN;PJi<4(kjd&u#Lt1J4Nsq zKgOQ!W#eDWe{ui+A9epvw}tG(~M^mydnZdsejd19REG_WG;((pxr_@_}cb z@yclC$ z9Q%edUYR~?1Ks?M%eRvwW!Zkw7jITsZa)32^WM0uyOE_J$w>E%g|qibFL~4qm=`pW z%@Ljf_FVg^_g(Qw`UFa;`?=@5?|JQmgWP*XK5_e{zsUYcrn&I7Z+p@H+hGVl;u)vROm|ML zFMt2%-|~{9x<>m4O4FYCoD)Yn%&;?;lR#8&&)Z|hCRO2O%2#xXWW>A?4W{!=eGbbfhcurl+huYc77 z)%QQN3nVfd8T)V#c~cOSmJ}0$hP;1w+R5`LfNwkck6t^L_x^2tXAebLRk-v`Mk)G5ikYmNQ&b5hb9#B&pgD$aw~4VXYaf+H1r5UVAOaYhWC_t8>CvV zSL$u)4HD+K&Z}LuROfbC<#Rm@E%z}##8cv{(?&-sRle?d1XcP2V0GS;uJecM3CL)| zokfB>>(t@AV&d`(KpXD?@rqTi@P`CQ#JfVg8^l{RsRrJ&;gdw%suOWF@Hw9HXk)0- ztT)?J4dupYas=9zo(8yDyoB5l>AZd{KohbTKc7P4Ul!7iv;UEq_lbD!fMw~^Kd?X} z=_6Czh*>rGhp$@tY*CfJAW%=hO1+-mUx(NZU{a720S%mz&_gVF!5 z(uBqZ6EFcR!MH~gp@AYGF1T~VXwd6rgbbMe#XvoA%x)Z(f>9DA??^fWqO>Gh7qw}H zYlTN-HcKv$q;OMa0ZbP2!d0SCZ}w;cR(GUTN5bL=$Er+TOmHY-BA_&sL0JCw`PZEq zz$+8qLA41)K%*&N16E*enX1eScXt+v%r2}MlVJtmZk-X66ea?R(vkq{XqN(@5L=7N z5pdC$Am&1V$POnOR;t3+A`OKJU#wJx#s~sXV)8hG1Hg(&M-m~37lVmqG5^sz8wK}J z=#Pz}lVBVMI))Y5lLZ4sW3}334+{=OOa$5U60Cr6PeI3~T6d3I89*`r#r!)h zUgpe$0u#c}I#I|d;Y=*!#Jm;vfBN9n?L~@AyWn1Q{{{Dd(q;F6bklgzd*5~V)Y8Df z07t`;><2yXMdhD-6S-8`(O2r=dvbQH-N1^nJC8nLZexJoy{A-&e-CTcmz;9qv`=1> zzPaY^hjx#Qq;KTiwq^sIL+?K3_}PPf17rUN!z5JN_kG!Ork(eb48LVp<;d2jOZ+w( zf{c#z4-K{PbWQ|Pq$;vk4ewWIn5)NDfB(IIe>DKC^I!ad*FS9%cq#`;itYE^X7;Y* zp1-g((4T!|1NZj!_Db8-c~eW}J+0THl#UzSo`>&Azoo^h=cRwJtkD?o2PC4AYv~Ek zn{eSezP-8Jzv0oL`i%DB@}6z$(vRDTp8l3Un$sBIpO}bG56Mm$Y@D#ZsQG0uASZN> ztoza5o_}}xyi%#T{5|LW+02oCGGU@x=%F=trHG}{!lU=&9U@|S?R4#X zWZxm)(;OP&5X+;(ohc9*Oa7V|D@vuEpI)pgvd2ezj{MNc$#H#*ui zcWky%^5YQt6d%qX+{wJi#WHEsXJL(O99n^i0>}c)V=`kjPN9HD~KU;*gK+u1W?cw}d(R8SD{=rq0wICe3Nn-xrC#7a`+$@@&<&lYek*ZI&C z?~L)@So)w)8=sQmQ%roKD0`-8atq{M+~5m|D%Hlw5SM=D4Xf}=cvB`#CmIyHMkcre z9ea07O^woqM}JtxQ5so7;tZI-Ez*{o{OZLJNJTM6u8mzdZ0RuOV2SEy~xY#IU0LWl)fdD`VC>7vX zA)=v&>#l4xF@$2tGy1ra3~N2eM&nrrFOV!P62W@ZkO%?1j#}YSfWBxTLg5P`TNpz0 z2dhEkM1V{hV2gpHVedv0Z*W{NA-g1d7AD03j7e~+W^6}j2o)w^xL}Ps31v+8g5Kl9 zQImBdLLp#6kANexdGRXdpSI8<8-+|yknNIZVfRof*hBkoCv{gg zni!9!n16ajE9A71MzLf9>6LScV8f%s#r)G5x&fyZaGGWV)gU9#H?DfejAh*4&`7}k zo8JG~4#lTUX2Ni(cW9`cRzRqkqS}Oc2b4=|(m%hYzcR&l`mS5^AU8a$%MV*XYd|_z zyt1HNbl`#IYi~e!^v-pICokx1_TIntL4L|0{_?{Xa!&+L)52@{Aw@_o5(Fh8Z1Bd6KUIDXg*mf%FYQTuNOh%-@HvolF;zl(yM1=Y$E(%lJi}@}_kU z?b&xheQ4`O@%%E|2?tFa7LXVJYr&c zso6^a7`?zl$Z`MA{<;}ic|#_(g#lty`P-V?$?8hS=kjH*f6d~~Gy=vaCV4Ss=M09w zvE1MvjtP~N$&_9H%y#y-nDH{y7`}Auu`Bp^lrP`xrN;02XEpgb97J3wI}4O*7+v_B z6%%>CW|$(}5${476AqCS&V*x4HDn#2N`j;>5=ht-=h$PHHwId7P-3c8vu{05)t1SZ z{;|E>zj4h@hvex`UqCvFq!@hJ9s3@8M>1Wu=^Ht+>B>^`ofwQz+5wS00B>K^X3fBq z@ls}KOF^dnW=l-qAUUTUWt%EzUw21CGz;HW>2@K7IvM&D0{G-7Nr6Vhz z|FZ_!LmC1(fpi9erM(*0c1?H*Kmca9<(vf?^u_$s3c5sFXo!8YIVkN9N;~QEPx{qU z(3qXn=%CJB3+4~4ew2TyDe>Jv_4ZM|!H)M%Iy#!XTT*XN?-Mco92-Z%9l25Grp4RW zqm{(DTk|?F)GT$*pT|9y>xAHhh4NLBmx54w_Q(hwlNJnZf26@zRP!Zy=?x%0xWq?! z_}gk7Wj>!=;V)mNtBx@!rEiz+&jyD-bH**QR;r{IwV{zx=hOuTcjs`)ow8-hVDD6w zg-ZRJI$_S1{`F1n%;_74($6qtZL8MWD;*s*exEIULlR)#iQ?O=`%8n((g5w`gGEig zIVn;4R_n<xdOc zU-^{DMFf$8;V6xdKFg3;j1fw+ghmW50cL|_fkP+*PjF-9F-9utO}tN4+m@t0LaDs(+9dlV{Idx zo^vSlN~O)T|Mn9MOOHk?921R&unHpx5j2?v6H6TR0#?j_G5=oF41<%ysL&GzDL<3N z{hx-=8OTe_rm>`HTu^rJ-**4UH{Enor0hmIGC~|fVS+|R1~VH!RBqbzNdNMAqkdm8 z+2_va07*%};wDhtXQG9b22y3{{U%|QbEdcF>t`37b*X!TsY?U=`Hv>AIv#zi9=_Fb z>;=MIqbFt-XY`KmpZ%4eZWH;OH=XsWBd7C*L^P+>AIs-my!O^}Ccc;m!sm_f&D{AX z#o>`^cE75(UQVMhcZb)=Naw^UrS$DT*?S?WlI*YBXF>S)&>{YD5)+g) zFa3xZ&p%lz7{3U$hu>W4?n!SG4Ig>RQ)lqet@IfXgW$pqIGRQ%K8ceZ4pKVuEIjWc z4fBpy`dzg#LSN}iaXb{%v@ZMbi|_EX{QM8)0SHxp%AWc&SepO5V>{RUf_JR?uDof> z(a)b-X+Ct_m06RU3r{?1Mx)X1{hzsMMd(jsNiI5{HHxUICjP^R#`vMbR;X>+vR`zf zPVht%Km@!zK3YJ?R-EijB3`+HkqFb1?;%b*k77nXne z&*$(aOm@l+503flBqa-gl)Cj64%MdMyprKU;jslqfPa9)ogkFg7|PzG^gYuIjGlmL z!`YTAeM5sxY<69wfa%3CwSx#`$WZAaBhUi4}dSG226N|F>Oq1A(^KG@IkWq4cKh(oO{vyY``hB}g}V_ocVq}t1jHS37dT>t zgI9wKBmhCH^Gp!qpu~iW0$ef(zQ5!AgG|ZBh$V60u`euSL*}wTzHY! z0Zt#o$O=v`GwhuYs%OJoYIZdE5P3&>?L&jffPe`?1b*uyZy`O zT{`(q&zc3y`NzZufQHAij2w09TaTLFmwif$fLNvB+H~GIu$eq#S`uHt&3OPLd*tny zd+a;jdN8L#8JdU?p%8dkoU)KVN#FY6aNlP>r}E46*V(sSdgCL{e|gv4KU?WnRv+`i zrTl&3;q>NydYv7sFnyVL)^OryDfowAlBYe6rq6-dr|hkevDq*?yjA~R&p((_$Se*; za|}cycnX(^ry8<&dgM1CSNQTQ8Xvb;|1uU~&vJ8OklB z5AtL!A}>v1KJZHQkF}0#i$TEMSL*an+{q#3O;=roR*b}zSWEA(rl+HHE?H8>ycLRq zQW2^DK5o(1tbJ+AgkpPX+Znk{M1<@p(;XW}mT>e$3JfN4Q4|_DCa8G+w@aJ_-LOS) zWb_KO%QHm-ObjvgXn6TmUHamO~r z7-QpJu;qrzXf)FFa%blDbKZCD-@SW|WR;OE89`u)rL?X~w=cb$FqrqsnG zf;uHmI1iq(bwW;WYJQ{&S%Phpj72S<$a)~zswsJk=jhib@W%BJAeeSS*7ZN4u!OW6 zTujo0VM2%{3f1)Okp;^^q144ZwuJLv|CebIzudJMWF8pF zrfVL3;GJ*x4$ei7ZT4%gQ8)68^(H2}lhd8)ss7mbkd=jNsLPxeQk)*~&^o!BL~hDl zTwOci=G)PcxoaNHd7=o>&c%#`Mrp~)2sdB&=!4h4`PAad(%R5?*Xzy7lY)BPiO$$; zXKZtSWO}IFOoZK)&e~}a%XbmorQXO&zdN$jTROS0vM@Ap@delLED9hV3DOWqF+fT} z@v-r-N4R9?l^^)RA1|F;rX8`%3TTN&$~@fp$c3-ZqL zYI9Kh0&Ve>AKVRdk|US6$-(f2lR$C+$T5pX6U-^3nL{3yCpT0SfT*L8<{>er2>;$6hb(pTN(5al9|6Qr7eNsMfys?q=DOM%AXZ6LL>jdwFsmSA0!h<`)+E>Yj~pe`we02C zW!~y-=_Ti&U{CKLrSxD*XxCH#>ijne6;vREpvF=mz0UvU91J<84MI%3(4rZ}GK(@l zGvCw*ESxq49ynJvU`+ruIRz?Lq%u1XbVFaoEy@lW;|YrS{O|h}@^^zl*WI zCz}K1?^WMdmBkF_LJ%wm%Dp)LIvw&fA=i%X8w%WO zupY6;#)Hp?;A!^Xbad##Z3Ksse@EP(l(*k_V`kLkBlnCqC!j8vIFSSA1{F-kMY;He zxBT+En@eMo3tOW9om#sUdJGYh} zpnb#DPkQXNn<>cy<0?nT%_j1o#22>!&F)h zU(a*n>ME0X%aJALD#3q~ZAMqpZm%9>PS*XL?JX`WILza7Px`mt{%5az{mraKKK(nd z{p1z@@NttFsk)4N!=y}#vbnj==i1q`$II`o${A2LYntb52$3_Q2vX^ltCRIl$*S1{ zYEB23(jTfFSCkgGZMtTmD3c_4?&vi9!$7t_)@y>7Lk3*jH#4O8ZFW>e#JR4?^4p9u z?{p-8J6Tf`>(lA8pFjAlJv+HIE~z5Z*?Qu5>6K;PVwUy)dR8Tj-*%Ktls458wXXj+ zzKjeT4gmp^xK-EnKQ=OF2#WbXc>PCFrc*nqa;}9&hD_9&CMw(D1BRs0rKxC=IVUG# zt`c#@kSlToU>J3Kp$Lq_##z7q{TsT_652HtjA0nDIVgGwIW&4v7aEZasXjOVb?c*5 zGvGxX4YRFRT)E>ZPd&K2bg185^q`;V$+hX({_I?D)280smj2eQ{Vm&?dW&Y!%+9V& z&#X>O10U*j4lXY4{KjW&zw)YNkSJn{B5r0w5&}q~1p4i}uiCoz8xNjZJaN`Z| z7M@ZsrCOn@Z5JheU}%Dj3G+7dxKcwhk01ExHQOjmG!?GY zX@a%>X~=Qa9#cpjWEDdgM8OPt6HYTphJ<7reZXWMa*Wyp+R%EFNdSs%9dYIrLzePU+2cAZKW%mfl|(qngm zq*vIMD62R8)~~%MR*(CK|NfhI51SHtby2pHis9<&`0mTMH-S1Ic>m{oqEH$d4dl>? z>pyvG`71?>x{0tlvTM)YvIk^i5q1SYEK^M`vm;hC6lYl<|6`afV#7S}h|gr8xx#=YKFR!thEfaHYg242L-v8YZ_t z^+lISgTFWY+>igx=gNbP`V-IohP`EBn0BSzI)%=(7o(sKx${Wa@XaCa|Y+paJAAij+eezWK1~il!+Q$3)@K8RU z6s|g*lkfQDUprb75~yGsvHUsYIuzN>P)&3FtJ5-r(oyD2xmd|Z-H85MHkVp`vgLZf zVq^Wkp=1KaB-19;!Nbv~Xd=G#(qyWC>=BQ>OcxLP-u@Q{n@3xao5jiL_r3ZT{$yc& zZd3A)`HWh$SY^wJGQ~iYAjKu9SrJlleo;0d%1&#OSeX*B1t#Ca{MVHb9I}Pa@F^K8 z^fV@+I=xKjlVJqCi3^;#ZNvcLXJc69zcdMyfwYFf7)~(iWD;2T|HCN@Ikf2{I<|8FH-j(m*mF)X;0TQJ82dT&dG!*!rg- z$5pr`L-HW27{VZme$bmhnn^MwB-`i%PBJ-0Z31m*yX(Bb!l$%EvM#>`$<`M)HeI-*u>iC z#M;!v>cm8^{F_`G*Hn+Kj*hR6j=4qkc(1qb)XAmUP1~RJWQUwjN0D1XrkaS3cVdw# zGe;w9?s(+W7dl&RIe7Z`nYATG<)doUTwe9{SI3>p{<*1lWVJs=xz-;uf0z0z$Iq({pYM+J zZA7jA^Cq>?z6Zn&mo0kVIIQ&+Pp%xj_4s&y=FyivDPzo;Ag)5A&I6EK28 zqbm^slr-ZlfzlfdhX4v&asY`-2}uqKnxeEm>6y^blY^}D9~BB(LNao&7pl`$=Rao5 z9Bi0Nm}zHSJCXFlgfvWsH%<6D|M7q*btYIQ8%bsq8^0!8@|_*|ehk{Pl-9Z*wMiq3-psfAvkxzSYq7Z~e|^>~yRJYJ8Ma51y0w z@i}?XHJ9lUedLR;{qq|alerM5_kZ9&{`=qho9uu2m}n>4$R*$Wb>(`fyzO=GIn_Ai zmPx;V{N2C%wsiF$|Llw1_+*XIz4%+N+Z5%}$A0~Pf9w!h6efBJa$rl)Y=|k?-rBsU z620grfBY#^<+vz+{#!r!XZzQG7-9&!pYog?Y?Q^n_|4aSB3n3oW~4q+H=Gx$p&B1P z+n5%*2IoJM5JIWM31x^%uM9clgwmh2mp=Kr=|Q(%$Nnu(+the&cqk#9kZn)`O*6ov z%+Klwz;{~z&=h@hFOOJE%)?}&i<4r$vHn@#sA&de2*A4HR$WT@bzLdC78WL6@O>|z zS>J>@_B+4)M<<)hNFuHz+3wNn51d7ppku@HfBqXk{f^tpSLjNp<0szYz6p^%qY_9C zEz`wfV<90c6J*1rqzlX^yg;kXBd3#WXfMc(yLkNIf**0|;5YWB%*!%`IN>e5>mz95 zCiKNmxNd#C!yo+lUwHHWQ{I=eaOB31{r1oP>ACi(xlT0G3b+sum(WF%13#Ik? zzj5_Oj)FkUU`)vY!d1EmdUH@<0(Lmi7%Kp>t{e^kvaZ%VU79?{P@N+Za11FmTSHBF zp6mJ_!`Nt9MG;L)cn**QM~JLODNSnF2*tTf=7S}W6mX4oVxcSy&`wq@uc*Q^5yzAU=zIYbGFq28n6Co0j zlE!h$5xwNXE3Q5J^!I<^E#o7jlVcN8LzDeskKpzgYh!RbXBmsY&ASTxTzIIruzL2y z;=x;v9=ZMG)2@8sMLRAFp9Qw@ksw5zCjqs5B#={)oYJNwnaC2;B~Pw`VVf>BO{?dh zMl*p3p*P9|YW>7E4#g5hm%_G96-JXXIct)c#D6O=7b^}!V^T^c2|+I2n^CCaHg%&e znmANv$P#A7x!D3^<|Ijhl21(HKPK@UerPff0Q$hxeCpzyIXT{v3499}od3}edSIx; zE!zN+USMHESMrbBjDq2L&VN=3kvgenP&7>n>uLB8uy9JOXj-dQ*2`QoD2-7&>qnA z(&qrh93Ul4T@IW&ImAywwB}K=Vv=dO;iJy~au$T%I{#6Td7Ij7G4~V`shwTsQea?!9RJ`kDq+;_kQ!$JI03B_J8~xzx~!v0Tkzt{mv)v99k{k;^|LM~&8(&@!E-2_n*0Qvb#3F|BwIIYd&_OVPk0MWiNcZUpm1nmp|_nd*Acl_cuQU z`pED9{4Jk-{_~&u$ho1VqX%#N*!%wIGmFpru^)QoL=K!7;itJFdT40dcmCu*KmD(M z(cMX+z3W$gapqtA;I*5}U(SmYSAEY5FaFPO-Uom1{jdIaH$3S(UiyufY?)eKIDP!^ zzAt?0{U4nFhJW!rPw}J!3FOYFl5n%tL1W-KWlC>ziF43tGF9{jQwX}N_0Qt$qn@{? z_lD*+tKzo5=h;uXU}3?7BF@dIyge&HOO%ZdvS3OsM%wIjlo;y=h^{$s8z0aN?{fVw zPoH?jMR8KDw?6+2fgdLJRpQ5gG|PnX61SzL&Zckpfp7cB&;G#|O7xR|@*D5E>Ia{_ zm+a$ua$?=&1HbnFj(zKswhSHptGE8e?L+HFvrK`;l~aX7&xFc2V=HpPHD^lGQ;7DS z8ZS@=DW{t=YCWZ9XytE#jpaf1Aq#G!!26peEmozu{^#GukU1$!m;%Y!T4*Z)N?aW> zQ7_J3`|_v0`B(qaZrD)g;Co;7bMK8$Mh(sDEp{o|xEk)PZ}9QNx#;w~g zSn!;XoxD8o_CQ$wmxt?_ad%<IfGSa_`1l7d>;SEr}u_dKXSvn$G!G`kJnGkj&+vD zdW*fWu9pkIt@Zs9YGHAC@${L6V~0*1*njx;{U^Th%IAOG#_db|%RfgtiiFNn8A{QPt4T$j|x*IlZ4z(o|d9|{SPhXPgu&uO0yLJay^XjwY>f(rIqqmWjS`G zEbe>9@BR8aBA0i$mZ|>SANap6?=HAKw;9FQ6Tkb%4*!=|zVkpi?jL>AZ+`Sm>*zS? zU-;aA^W9(HTk(3cavAaCsV9BUzdQ0@e&(GA%BRv@HpkcytDkgEsOPwu6@knM?ZbE?6Fvn`rx3K!|1jr|JXk|{4@XKJ>>4; z5C4x}`cPw`!cq~R@x4F()NMUKT*_z7%G725{71jzKfLmHk2RNtBcJ-C|M{suVk=F1 zHJwf6dx=K&?cqAlI%u34y|IhG|7ZX4EC0=J+}iOGcKi?j>#t1z>+ic_vMk2-JnQ@a z>HN?C+ItR)*g5o}-~IpEG)fNrO$#0fYTl5org>BBW*Er&YN-i9*2`IlPoRn@UiRp$J{m3o2`MLn@;6s?sF@j@;&bQ zp@Uj4Nl9)crzYFX|Dq{Nv%_u zPha(?SN`~Qdp%2N{3$Pa-s^wi-ISf~!S}xHO~4inj>2^>d+GkyzW$5FUwP@5PdjOW zojXz+8hJ`%ZMk3GY;WVLSKeb6N{gZ$ns2Hd^~OnDt@WD6Vu{eK|1)Ru3qgU(7MN|R zhCP6mI>Xk~AAWjX*SrzeZDs!U;oM(1kN*2V^1Yp3{LR0-y|@}EFZt&`GV#uz`n}JT zWq-L#&R-|Ze2}oWLsORhrmTCLgQ&{V%a-s_J|jJp6Wd$H%)g|o+xA3t>aZ8zSu*jv5y zTVJ^IDNpnJVSYGiFZwP+GSNuo0u8xP8YXpXO@>vFPymj*wKBr?>}^UVfv!SyyAjKe3KPJh65vq?W8!E7~^=ozx&s>KJXmxh162@QD<^PfXtNUq3)7$(Wko5aBGv|*$PrdQW} zo&T&taw3um3cUn0)!fFpC`O@~;kP3NO9EgK(iJ@qF(eG?qvVQD5$pU9;poMT8Yc)0 z)rdu1o&TAKb^e-9f8 zpamxi>eS&4har^!`~h#O9Vk=Z_-+6ArO&wBkAJ*8KC{Az zP7lqz;D>(h5r6WBzy0RFg6Di=noT|VrQh>y&%9#!^y#JMj&gcdE0d4>{vUkVul?88 z-q5(_p*PVT_vQq@f9Vfx>UM5h&+c604TnWDH?{umaI)3r)Dt9A{|g_TTxf_x{NDJ=HS86U486@xT6wN5B8~fBSXU zdnMXnncRBK<1g`{iz{h&x*{|m>vI#LW?pfwmytA5Uk>&z>E9-uJ!yqd)z-$8--3z55Lx zc;fdzZDMV0a`$t7^t*b$@ajKBWNe4}7rpfV{{ClOdGuFaCy7pPqP&t>;mRUq@JLaH zE*<@`F^^t9P>%21NPnd~4yt*j*HCBU5Nw*{f=P%{kI!!FbdJ!BPn0k4ax8{N%EP}( zxVdo$BjfVTT^o0-YkgIckuA1YyCd7z8jWNy8dsj)$RPx zBrzdP56bA%RA=U>%_38pkV&2^QYO{<4BR*k)78%N7;-hJkCH1sMXc-p5FVb@I6+{j zMl$NY2J8RMAOGoGGnekV=BmA4zjM=GPX{y{y>jL)AH%#+(xgjonqfFYrj!r8=y=v_ zdGiTMpDs>fr3t2vl{#tDB#@wHPsYU?tGEpkOl~yRf-r;t2Hi#@4GuE|y#z&9i`2|W zDdnID5r+h!6`06+HQ5@J#aTPk;B|qi<2lGgXF`C9D_vp%ODto|d7?L?3oItls1+Jr ziKS*m8E={#3azwR#ZP0p{!vOEjKVf0ZsUPQVu_XB)&oEy#)&!+Terp)z~KB(Z@>wm z7Q(s{jWLNsvVrg!CvEh^g;DgX0Tcp^8h{{YN<#3EWSVdlr6#@Tx)M6JGT3kx%Bhqqk8{dJre6PZ%3vm^&pluN zVF1R4{UwRak@2Z9e_1Y_I(%$#cxrfYzBhBh_Su!iMSt9KtDqXsPDb^_#Drg&9X@LD$^eoEkF8P!7tHwAf1m;=+_Xy@hw8d-TBV z%cC>Ht4pJsc1#VIv6wKjl4{mz@YX++@aoCQ$>sSYM^CIw&W_E`FHdjTzIA4lb0Gvx z&4dRDNXZ!2&Yn1Qa(QCHS6{=E7RQsLhQ=p=0dmMQLrOuDdBRy(YQpfZ1P{!uvUu{? z@w2Owlf#QE-A$V|O^px3@Q||rAV?nO=jZu1d~V~!FbVPuSO^-mLZeImG~t1gtQd3PIdO;0G6loZsURD4!AzU+KXHF?MN$O$_tcz!|5<>!WFh#Z#6a5eT_n&&( z!I9q17yQ`wJ^9>@Sf^ud2rUOrQrHS1jii)bep;6FvKsF!-+t)K#7yVx()f-Gwm3*a z^P^-GY8pc`b|#wER6vc2(V{K$_#->e0u=W2ZX z(69g7SKaKFfSaE4qyNv--RZ|lM9w+kIa8W4nWPpanmB=Bq7amL2vQS8n4bw~pUpSTU54U6Sup-Jt?*7ZLskd_)zAqO*|$hj5*v4>c5 zGPFYi)cKDe>|rD1ggwl-@;IX@(M1VU%Aft&pMg?^TpBW5YF9%7fZ_mX&d$!B-nZ}6 z7e6<@Z~wy4gG;AQ`REy+o1WaZYkKcRo3FTP=Hg3SB6F4GheNgwQar?Sj-Rdo2yJvQ zaxOHnaztI1U4Ks>`}%4a;YbEUq4x*u?1O@u{6tvzKnW;F{?zmpgNO!Wp5$ zHbii)aGQb9r%6MQfN_zT6x>DumZXn!<@RIyZaw^k6DJRzICFSmwS1j6IWoCvYWwC* zyY}q7^1^MG__WT-gR9I=wj3seh)fJhlS~jK5y5grNG~O%UV0jGU_Kr)A|FWP=;ITZ z01p{5g-A0_C<*Zy|C*F>NU!ja;S%0MkRtkX}=rxbYd=cKB`d zwiiH&6(tXen^=LxbDRj5SYUdMs2whiSh$g-8@s_%s{~6I>+5ik= zt8RxzA18!_NUvJX@}y5tFio}6Mh7GFmRQlpl{!&!Tmnc}i)T&~4`0dr=SPv4nnQw# zYJC&7HDyjtQ@DU(>io~qR3k?n_VCjlP|C=Iy#PwAas-(pmP{WfdUIseb^h1+ZyIC@ znJOkpE+#GoX=eW9Jk7kyM53o`XJ9;NMo7)GQm_9HvFpD>pFd)Ad^1B_v`q{XfHHNi zIh2_UV6HYuU%l!-y#02H zZC71;$=JfF{>~>p_bC_Kp5)EZ3^KNS(nvCb1QOBQ;FA(qfgy9Qm(a#dR+OnmW-m8 zPg_p5y{BjPUb5p#mjER&fW*~%?AS3;fcaO%9fZ*^(Hq0$mWZs3G}nC&88!||l0Jsj z+vj%g+OpSpqvwGVk|9n`o;<1MnGt|@v^Z& z&LoDxGgtJsuyCcR$N^qlLcGNfIk5Q8SVX+L`45(GykRNL)SPD&!tnzpAFk^B5B~^3 zR45`KC(Szl@zc^`T4sV}Qt7Jm-#Lp1v|x##)ayS^TyT87Wmufc(l!c&APG)zcL?sm z-5nC#8Qd+n26vaifUz>e8Q7c7>Qp3I zwWn&SaGBN}`csX}9iWz&o+{hlf^pbcVsq=86@#ZI#Z(pZYril9P>rvm*+sp*UE8)#llT!$4}AKFwsz{^oC$r!^_SObdu)Sxwi`Z^=N8x z6WVfnax4(cB;nY6E5urYOi++;&>E!d!4B45634w*{7RXrYaR9r&Ks_w@V^#va&9|G z5FOu3uRbWz#!2yCya7<)8eLaXn1Yr}2ETR2>>v=unN|xAHhvlMvutDDq{6SKnM!d5 zT2sm?i&$+=72(MD?()j9H?ToV%j@UGLI(`qZp1d9GJ2oRo$I;IqG#Qu&@wJ@b6VFN zjK<=v-xoA^?tM*#7|rrp%MA*;s;yvs=D#^)WGG`4cDm)EEvQ!bMDpovmqyh;Y)}B) z(I2LRIfI;%Psbv^(Zb=~&)E@VAt@}x1|gVu6pJxg^0xHJyqMfjdNnCoN{CXnOTjF4 zDPq()D}ztJsr{P5=)tB+5jZhHi@<`6F(I|A;AL)y$BtmN|MHR$N zbUP8Kw*<^(jGPuPKIdXbgiWYwjjRqRUnFyEoX-E~1#VCiu8~>r(_bk>^ zm?E^K+d31ZA({^iW)qO4A*_l0sV~9l-a=qzTo2n2TY3@3n0jo}ZdMF#5K$mR0jDc2 zEr+&Jz0S*ZZa740bGJrPMx8Z&*5pu6)3i$P`G$7T{zOZaRD494-0wZ zh2#v5ayqiu{Q=61O!;WO4DQ(M#u*^9;_D4wW*io476leJuu=XdnGuhqluECj(-o&V z6%dLRKh8Kj%M|hr4#NFMVetY;yIu2$^f$fd8@OYxF$KEwUWcc{cNF|y&nxZ_CL~fw zWvOxIS-RlXNBoYKV*y_5>nn@1Jtnknn{T~P^REesx`?8(;O`Op~3XUlx- zwFCg;TG9p)q@fh2PGUh3BF-MK!M1#!hcBk(cC>y>nEMv;XKWyYgRbB37Ab7#K*}n# zuN4JoAX!q_f@BoOOsqSvE%b&=e)r!6#{##P(cTXtKDTN_F9(I~c24=d{!K5<=U#7f zGf{zCRG}gz*B@tAzMp?K9*B}_A+#UMy&GL>d5@$^$L}`>|5+Od!RGl3LoS6nKN1nl zmKSO%mLL9kV7B15CpE*JYFi-9xV^rHYn6A~MM1fP_bv^wLj~8uf2b;3S{k3_z>jgguEfD6A${@CX?_S-lWwB)7&21*1Y;bN>5Wq3g> zz6fA-IcO@5m0LDQD_DF+XaFtJWDhNsMQ5reu*+h9?cAF)vD=7NurSo@8X^kj{8UUd z-o;heN=zD}u3H=8JzdveLNlC2P%+J;8u6IYrrGj41$atmIZ|=O>mJsg8)@RIIOPO) zx7=tSN`2vrp?5f6g5W=qrwGeaTB}w`V+8{tJ^&;YXZG>vZ3082w1uX76<5<^I@vt? z@sMLvshJ=WreISGbjJ>0<)%w8g++DLrB^#=5mFnB3hjTg8&O>65vaK*a;V~Q@~>?6 zFnyh&=8ZuoP3^_IRwWj(K=RiR>*?@^bl$EWMQ{7ib3no#U$)*`cdw8X@eUD1OHP#y zCnG^0{Gl_-u7;e z2q^`E_-Ag=N)zfhYdLw3X_y_G1vuF#5!mBLJ3E#eC4>$Xut=$I#bg8IE}&vUC*Pkq)X2WwJ1G`rVe-bTL0NB1yHOm;Pj-Q_ z4a9*IY+EyHvWp|1D1L%#)Vt8pi;Gm?%G%38a;I)!wYO1K20p2czF01UR(Ot=m zni(94ahiE~s!Ct77}jH$E^v|DMFlU)JSfAZb(;W3oq^~|g`CRc6Luz@xpprrp#!wD ze*a8)TXn7w`cp~+IEPwcU!tbSj%*<9B;T7uReP+7?K^u(8L&?6M%G)u1McbrWLJDK zHMSsU0C}?XVwc*t83D4lh*b-plIg z@m;gh!YHCnDYH8}o$wPDzo9M4(17%|&TnL}=Gi3~M~&UOGFIw=kg5)z?C=(Bq$=i+ zqwE^lKnR!~6k>in&irC%k&p&BW}3A>f};&9*fg#^<+itd?xdO_b74D&-PNgY6(Evc z=UiQo90K{yQ$*6;4GB-0gSoZwp!=&t_!b#F*Magyt{Hce^1`ix*^n`;nsiH?)t8o@ zCxHc8S_NztT1(yppl#=-27#>!v3f!_!6>`H!2356w^vTxG=5|I_U0W4gx%X8e9uC; z@!%4iG@5h2Y$pR`t`K3eagC-EBXQQ_MK}m)9Z(t_)2lTX7@y<2WhQ8C>#ItT35zvJ=ok z(E85mAAjCvIV#KbgyIsH8?IjwQbeFN1T=m-HXcOw>T#C?$un0oyQ;39@ z+{A4M&G4Oo_{TPC#9!cughoR6U znmkTzp`hjz#iQY3Tsa8Hn)fh2cWQJ&BJVX(a?CyhNrGiVt74K0z}3?g3qJ8(#>2gK z%$yVsQWK+7iBP{~^PpK{;b?B3HqiWw28%nA7C@eRNi*#le43que$%U}lSD%g7Us|;shleq7cQ-sOmyjF#x!PAE8y>dX-s+B;h~w0Hy`!OAffC+%47< zF2sohB7bc8iI73r5tGaMO4+8@j?<8^8}*^^XQ3yQWeY-lh>R=$g5aD0gt*M2#LfpQ zPo?c;=u5Hx)?Zal^T_D6mfI2-BllH@im=HKC&T0Dl|S3C45**?=d&ifVFp~#I28~G9k`3PLc1UL(fQMBeD{ROre z`R=bSXsH;tPv>m*%0-S*07J7qAi7Z5mqhBhJ!EuY{^xG;$O08vM8yh_D;(=$Cx(eI zS!SZs6m51?9KsBkr6k&N#kCTf@=SzVtc0`3bH^QiM$-^gvH4;Jq!dXBcR=K&;Z01K zhitFc0l|Vuczx7zY-bCr7)SSC_BjXLqpiCMH3~;IPOBNA{lfD{zB76Il1Bkxoi2#^j}=}KOVK3-dxsi z$6eqVqjxM|YLkEOSjY4iu=UVvJAKF&uX!)xFpY^t%rquTBS~4NRsFH~lFE?x-3SS` z&HK9KUTd}?NI@(Sf8kW*u;s|3a@VKk4D`VYlBu0}xVOa3fA&YJXxO{eBsxL9Ji8@$;>#Ev)kk^n>0-R1D9 zyA_z}Hf}@siDjZZX9pAC6Mo~sQ07%6wfCECcbKmsY<099@KfvM~~? zfR8Ump}LVSu~jh9;No)jQwmE1cJk_!vSHwSM%@xpv4xNeaM;ZU6ctGQvXCR0-Eq~& z@TC+|5p_nhVJ^dfjNtbr|Cx$%*{N;5MhW|%UK}XNqCchL&;GrSNgDS(3;q!XL%l&M zB5n%M8h{j!AQXy$40sZEkypS4D6bjh_q?N5K-@}zXT@_vl`awa16BPIo8Oga53V{8iFZg}2&-AzL+u)$d#ibzFC zgfFE9UZgUxBWa%($)YLi%Ga*FxM=KcxJW*@$kqr1-Gr?=_cc5!@iGMiyq&)}rddw9JUIOs1 zsl?)^XNPM8s0zoeMgifJmGex}5P|5f>o@a{M8cE#p1a3cu?roWw~c!VJfF}jBW&cJ zV&qfNWTV*Rq6|xOBBTKBu9dU&bmd!15CORc*d!!o{s?HOe@3PN}KQ58z)WsUU$n zf|BD?c{q-~Y;(*ChP=IHp8iTIlx_3xB7~!P{tbch9z=SHizXF3^`_ixbQ7r0!Ud5k6$>y$rg@^qfCbFZd17r%Qpv212R*^ z1n`wnQaV4q0IGxL;Rl^l3hIX&pbj*yaJk7pmd#p9;T{G%!kXA3YduF`&oiNrw=ad& zoP}z+$=IRR@qJLKYK~fbE&_sm!YKk7ZS!o^2mUc%BWyWsW8nd5K36g98xi?T=#;LX zKxV8c-LhWf{qL}vS?;-;0ig-R+p4Vf5Yq0sv(RJ>>?DLap|H4PvXuU4axt;-zU5u% zS|E2Zzprp%<wC8=@gb6yywraS4Trk9~GHw!TP5 z8Rti0>KTs|7fgrYwv5U3nyJi?G7&X3-s^RnnCzNOb+M*;?*{f`QcYixN^GO0u~d za74U9<0n{&9jB7xHx&?#j_qKHZOiOQ(W=SbIGa9`Nz40xdE9z z7>8R0LildWp;sej=+>dN0TE(=#PMIEF*Ha@j4%K|$cDlBZ*kFy+}Gd#>s-YD;4j#2 z?EIw23nY>t*HJ1!S~*P+BvwZlqM7P6>mGndXkw3O!2Xpw`$$x-*$kJ`WzhJCc5{UT z$2w6s7~YyWEHf|@?!L0EUFMinseS-qfIgI?z5^bulD}19)z8#Z_kS$a&--sCr@>UR zodLQ{t>#M6NC~IKaL_l+oWzJ4nqfqGs1xX`F<@qVr@jt+-wD@yF-#N1`1~%>Z&=Xy zCyOFZ5yDrP|M`; z7k+OJbzW`{_}qT$*x9$bmCp&@hc3!3|9`je*N!U31shgcd)ls){;!?>HB1rb%l*O0 zu-M;`^pAm^J@Js|UrN$Mktam-By|3N7W|F>?$z68NBdYN?@h6zVfpyhLq?~f*!?;QsZCKlGL9tEY9rL3&%l~2La?!#xXss&~~KCdqhR$L+@Bgd@Q*;Y?* zG8D?chpb-&38V<{32?J0e@_t?KS4%ZS*K}WbsmvdbktI*`2leGW%c3qr9#0;|M~SB zh(PnS!ovD%iDQl9#@oFv2PdZsKm1qOzdv4NH<%L?uZwr*TIye(zu_M4?99ezUe(Uc z&2fS@kN5W#yb^Op$H&_)`h0B7%^w9os}uNK4m;k_)n3ncK93>-zX)$U7t%z}?wQAT zck_P)BQ2A2FP&&cMn^|SmESyBl97>#yhh29u6(JFG%+!m*w@Y6y1r@kN!#CR-o+%> za(~;U{JH-0Dr`JbBvnxiD@uUq?L~y58yYNL`t7fM6M7>&tOLx=ry2(as2p<7egyu2 zwcSI;44R;taQ`$OoF7*FCm3PL-tljrpk(lQ?3E<9qAYQ7xn1?DF@~YEtpf>iM1qmL z*>mjp59WWKxyKJ8O@W>=KyEvOn`t(!U3a5ogpY&8#l=fYa`lmS=Nk=`l^0DDy0*c4 zVG_Dk)+=|(o+}M4xu%onI>VS1M!7~>9M*61Sp25nO$w|a9zmTGW5cIncOgL|6HDUF zWbPwTicO(|uc9I)ZS044Y0HeirQte!kC7%uWwDx){t{2#7wk%ro1ti*-bSMP2dc*X zM{X-N&All95YbY6i*oi0n76~j_E=hmF+QTEg6FBZ zsL!upWaU$iY+x(Kcfd8cX%KBoH(`x`@-)0Fy0h=yp%<}VG4}E}ELBAKA3EXzmr38+ zZeNa+N7VMMhjW>P+wkNlNc(xSwC~AVb^g49 zj!|ZOJsu<%Arxt~%mQ2QW+T(UJ5W@bLi9K|(l0Kta8@bVGVoAW^OsschJjgSYO%YE zXb@j@7>VSEtMHsPdf9rmWxj;fMdKne(op`r=j!h z-+JF}0wH~cyqa@c$Aor-mP#Sxi5^Q{Y z{23M0{H%=LytIqju$SN%h+E{0AuNdE&j-wdr-4U%3Y}%-n6+M&Itous<{xE(I7A$r)@q?s?gPT3;rQi2XQmZa6 z&)t>;E*NT?je`d(Cg_qpQ;QFk);XdxpIfogdEFd9Z(5j1NpvRkF+mc+Bm9$V z30Ih`Jlw`@E0=+3E@`JNk6-{TXgl{6Ol23!fyN#dw=S3Z`a;M3WGK}JnlrKuMzRwV z*O#Twf5+~=S?u2>4u!7o4NSC~xjPJ>j|HtRv}xXloCTfz`j>5lrF!Q*>~;0P%p+Rk zn6^5!a)SP99kuhvsq_VY8+&T1}!VV#$Sh5Ost3$CwC$}H$l+5D$};QE{O zk0V;+qXO#)x1*iKgT}Oy2AidN^O?P~gGxT^SprJ!=;D zY8JI{G&OYb2yt&$Arx9oPBxa;&ZYP+mMU=m+SG3b?1THYwk=&!9@KhzhxqadjX-5< ziJrm@NtanpHXG>nnFUtFN!uQ^h1kbcdfOmsh0)7PsdLk{EspW<@-dQnZ|86B1H&~j zVb?9gR4yp{=KK^{l+r^Mi|Ft8eoRW-G_O4HW{q+|)?4PvOH)81E8cA1I2>QTwqBEl z;e{k6B|o+8X#{(J-WxDPkFO7awsbgfX&G^)rA=}qPn_L(cgVwPByqcBuYh>|Fb0Ih zOFZv^8Gei~BVe5+A|Nz6>bKzsLWhyL(2K1o)}pGal)+?cc>*lX*2~sCUB~z1^l`Bn)Va zQ~t|=3PyN$N6;!H+~zgF-~q`Y;dz#{7O|V3X4|gR)@V1s0dgNf>O1^s_DI|gNxpMjVz=0o(k@P1q%ye zdcX-y+tb<5?Rqtvj#poW{oO<{EnG6P?M%W(N7Es<<2!15E^`)F7P8&t?4h-p6C}$@@}6av>Lh=2OtID``Rvk{Xl~J z`RM)x-;Jev^kCM`B~PnehgMIRbfkGKIY!nqqbN0Sq%B^(J&`V&^a?^UyyJ3nF7<5b z@N8>vd0BFS6++xyB)2C#m*94%k*LU7!n14P*p)jLv4A;dlbw?z5v#osZ&kV6CAe;} zEx01&FHG^;;ZQ&G+epxyuN*xtTHB1$tU%v+eR8&e$tHo=u$RbL?K7O|7e`}^L??># zQXZ&rPQnW2_PYOwWm~eVi?Q+U(SM-hHqHA<#MsB&c?sM*4y5?#+cx4EP-ku6rr$8g zO|mg>_i?mFEj3QWKGZogbz_cM%BhFOG7d4z<^79;6F$fNTj`RJB(`ZzWmXnRp5*~NL{End0(bTb+y10yob3A^ggNG~dI5iZw8Cx7~+N{zugVpHP z#>snfJhW@wq8fxb@Wgqisy4s6wDVEGLxmz+^Dj5!;NbaZ zH;)BtSev>H``x){`+MkUo#hO%<^b^}LFxyN3$!TnUXi!*G8=!i|)JC)YmF{G)k z729~X%y{g@SLKgg9k}1l#)gt6y>98`^t9bSU zzBn^F4@RK3#9k~crVm+e4@Y2_c$LrBbz#*;pq1{eJHJecq1rr;F2V{9s?lnsbP6#bekJ!fXCf-+AP;e`I#8Y5P`-)=@=ew;*|_T7}8oeH1eS zxxZ^GcfR}s;94~MmI{W$rQ&8)3h=Q9iGrJ35xUG9f0{fG@!bN( zfTHm7ihrK*{Qy@b1)`uvztzw20py6bv>4NPGjsDUYu$DTOYg+`%>(}E!4HL&O}oK{ z#vSIrjfruDGyP|y#E|YiOGkdsk9d9gfJb@T@gFfgFFp?TDtWcG)pt9(TOfT(J5NiR z$1GpDq(akuQ&WQ^9|y~k=>=>wf%cacyERU}m4(Rml~&WY(yyh)BMPrAcmCoGi|v*x zdu7qhThhlHBCr))+-y#leVJeMx6PK%2g`M|kLVeYeD+u~0&6l9h;;BYxwvX7nW{Wb za@HpY2crmhO#ACw4AzexGk?sl{{;r#5bR1BhpS%u6*kATz2P=;JY>RpC5NY*R)y&i zqRsMkDP&BRq6{7eb@eYED`n5HuyA0fgXS6Q3_gdkMc4-Qvw$wG%UCB|$hc|2%MXg+96qH7ouUrEY>XEa{ua{TSD3 zo7Da`6?U48@#!p0nvIcBF4kH5;>3XjY`=GwIDp-G>Z}bDtkr91zhWBStB>!i4|F{e z1$rQ;^U(e~+2VS@Y8Nb*bGxY-ziObN+zzfsu9B|lUhQ;Zvm(^!0k;~S8yh3Z2T%KsdlU6B47XJpp;eRa<;ioep!xdmJP%u%|K_AS{tbTSBjKIgy99BsUg?@gFe*2G<)gK8Z0*=t(XBD7FAa7U^kEU+gQPq?Udjp^*;Hob3 zeaSft{jaBzU8H>l&nt9Hxs4le3)a-sI)-K}n6*!B^?O6JnOQ?Cy*B~7^Q$LTO`IOC z0DJSxAUvDe`K4yBks{;y9nt%f?oq#$r|auimBOcz5%loup0&9(PDbbY2rG}N)!tQ; zi9WiLrWT!=H5u-@mcOh%G8@bbh0j$l^KDNsmbNog-mmJ5Mc8hEk_6HkaK6?vR`;0~eQ_m@Qf5m4QacQ(n9j^N5jg;%yN0X*{_ z5j#A*n=?W$rDTd~Ovj)6?Pk*sUvI3eZ%>wLbe&DU0Rj^SEY=-st5auMLrUS=X=xd6 z=s7!|P5FKSdL*FoKgpU7vSO*KX*kcT;&m>c>>N!#Bwbd~2*|{X|4?3tB$b{0m;Z@u z1H-#BU~1UJnYTfEpYK}r+H{(6MNC2zeMgWmwRt5bzjKB21tOPGONN6E$eHW*!QmOr z=~;+gD8YvDGxFpmAZOQDfaKgm=K!d%_jTXTv!)N)?% zNGxza5XEx^&J+~T$HZt@nX3myZ2}~4`^)gp$_n22l zgn!ShZ~;D|3yc{hyX*f@jYU7s^sxjPM@Ztj@GVjXqwu6mJmMddduB>(%1CIk|ECf! z#s1PD1yE{y&RLr`4UWeDUih5J=P@EeE79C8@A*=<5smn`uhkE=BT z->tbqT4ttFbxt$Z77*+BJ72(Z`FLqf#fTt$p!n+4uw&&mBCuJ+iLrL!>`#WfGBN#zRS4hZGYtP8 z>WSdaR_7IVm-#6x&Su%UVLUc>m!Cj^jHN&%*!EtQv|&A=Ei)48&`mtk!s+?6VHtAC zaf-s-Lxe+EwRLTD-`pcQ8qcA@c4O0IGj||rk^IWd!o_T4J|pwjcJ5>5^`+gZ*8PUn zgyG6v#`l^Bd$rj6Vz-rLInLF}FRgj05#s`mt}E*GsaBp33x|khcdE$i-X+ZLaV|?N zEgj(mRXRM3wI$9a``qk!Lhb%wxvx2$yL3mmS2QxsK5^ST9r@_(6A4E)9TUAed=HT0 zzu#2Px_^1R3eqV1%b!!kaUEp(BLr498cCuDfAW5Rzf9Vrg^@*4&(y7Jcy>0S&rqYP zj4^K5r&MkA13w?%*u~4i1rIA|IG3|5bv0y%mZxL={;qaP_mOhuvx;`bEwvK;ple13 z%|_v4`&UdOn}~Cy=x7acaMoqH=iM-R<;ZrejF&h3*RTK1TmD2y(DNv3itb+-_AFoS zq`5yr+Bw1zY*(~jmU)1a_xYUiTBTxdZ^cnCYnB7m^Vc#at|m_PF&j&@MLe7` z&W%Ql(ROQMR3Zk0=Ov3gyXxpUJ<&bEvm~Rf?D4Jm)2{f=l^KzS)M|%c^xpNDHdK4Y zRnN`bH$5?Da+@AWlUl9vyAIM~+pBm9~Tk9@x$2`z)SdG{xhnfopNCAna%cZ!7iIi`tvCxK2n zo?pL@+t;sd= zgQ7UOzV!@w-E;3m!&YLY*8F+GXxf$2HB`+p=z{YHHeV_O%jzJH%@6W|BH)>xn2 ztsRG_gJV~1{yNW#`gag%4K}n|tS)p`jLTkC9?r=4i>3?PPZOTQ3%udeIjI0|?f7#}2%a0AsMIGW6??kvydix6lN@VO7Z z&OSD28|0Qc7VLD~$BkHLES)t~C=rA|8;gRCO#3y|vlpl5rDKYHd{RpjpV!b7?}U-p zo5W^&RMpmh`Y0jHV6+!$(2Z+&(lIbNx9oO&@q7D-quZP@p&CNY23403M96XPLNRFqg(Tu&D>4K*h=vgc7m+X=qu8BosT9r zdrT+NFK#6ssnIP(6_51ixe2K3bEMOU|n3R~s_mMI6KM z)!bOyE?H4xcRv9KUF%WK!}TZfds29HUg`Z-*5KOXE^>kIw15yzm|$Z)I3jN;*bz|%zXRvqYGbAeFTY9^+6_(`%K<9^Kd zkN+uk@K3sBEk!UOP+;*kA z8c(&)w|YI9Es~k7cqUx&@2e$b2N=)8O%vVQ^>D@-wXGg|J3)T@*O1Zni9|J>Q?jXn zTDjC%o2CZiiN0jE6?|h4F&Yor+#Vw`^knU;5SXSnnjw+(wr@70OVsU<)f@J=xkMi| ztkQ^n?*4elyspBlb$&)tU2!?B?fT@nzW4?@X@m8}@5?yfV4aEQw9Nk|2$%K~Ur3mX z6y8rrQXkLJSB`1XW!(GT^L%>ae7)tww`XG?VmuUl>kTOk{XRiZ63Q4gGV*F~sA;3H zSuJ;pax7@-tkm1OsraF2Q*hbV`lU%!BPFvx_4CK4Fp za>5I>o5>NQ^xLT?_v1c89PXs$TDlrTx>bBN8WdZv19WOKk%~M;t|5l0wd1|k`yG$T zMb~UqtB3^L>8*$@fIOD{RQ|Xx6rkqu4$NhmAbd0^VL>=JND^Xb21+Q?NYMnK8aID# zVp1XrJ~A|r%aB2hgQ%fB_YVch^oY@TMt zNNCQS&NZ%w$slb{N1;TBGuR-SQCMu2mVQe(>%3kUBT)rz&;J&dYhnwfJaA1@;T1WRB>b8izAfNPhN2MB4Aq^7oBRkz%Q@M z|9v0>10%7ZxafApf+N)CeI-=>7v>B_4`aL|0BeGS_fGzB?48GXd+?IkEG$D$(oNz0 z`soh&qtrhSG(Zp)Rj|!tZV?`k!p=L#BVp^Ac_?-HtmW;ljLD_;=OAB{#znXbG1LB0 zuB3}R6ytsCNST;7Ia;;-;TVs5%|!syRAtPfp3m<22jOp+{!--~P8=hE=T{1X9_=kOQ5vXd~5IkkL76gnWua8UpJ4>5F@FN7`2`)_C( zaE;PJiJ}^lKVUFKr4r->I474S^K?J7opqg&WHs*dtCFtNIa1YE(aeVT z($Irxg3sX8)=&apgg*IXmh-)WJ71QyXTP;xI+E$9a=UM_NyOP3>kJ3MBKONW&ASMm z(V+cnTf~1t=TDS^aWt4EXi0`@N@_nqLXktJD%3>{2m>}36Aq6B=aX;2aWKuCE1pHW z1y3+k7MOcS%945wKLbLk|DSdKi4jPWNq)$c=K+fqkeHFKIwfxC*1HgADcKRF=z=s2 zwXU7n#o0xznnNaD5=FxeCDfh9KfwhFmYIK|`d?cUq=G&=K7PC20CAniO|ByyOxKAX0vXnEct6!Csb9nGswoBn?6|3p~ zhpa!x!ue&QO6DsU%4c*-?l^Hv4fPZ8$taHhJ)fxgp(LUS+g|ThEG;byWm8!IgD7pk zepNqwAmRG^SqBV|Jxpk!0R!7nX?Q+yao#7d_swZP)2aSuSCAx%p3qyDi?JfGQG`60 zkpVSL3o6BcJ7oC3CmX>PY6!rBk0jom9Z^hDJxr@x0_)i(0~z=)QX&7Fw|3r8hUDA= zWT7N~vk5;)1;Gf>ckN;MzJJG=F9MLvXc<|tz5jyU|DvbUmx@?C2U4$3S@6Gq{oe!A zvwX2b$0sBW|Bf{MPIMHqDc=f1nxB7%vvCDM0iREyQ({nuUz_XOqvBzZe|w5A3V=Sf4(F^`Y-+Vhu&BFW1gBlFf@PWFrG>Qm3;EK7>ly6-i=|s;;b+2 zx_j38yzp~?M;6VR7#2o|PNZH4FP0k6+M{V}xMN54Ki3k3(}sY`A#a9=3BN+?d!B1^ zb=0Lp6obRcDQK3iE4lm_YbvGk-xJ{cAjN;eN|TDn;NjGpeF2W=p@#;INztMuR(PuW4mZ?ZV;(P zq~;~P&C$#II22?1c6*EX32dd~R1MfOId(0%VzM{$XU4|HUUYPI#nVoxO{NHJ3zMvm z-liKnoOsmJj$3 zOUJcdP=VJSYgTz_(Ze2RyGg@JHJ7bSfqGQ!FJt0LH(o+t1l+HE)-2ygzb#H-f)k#a zn%(m)E^-nH%k_~_hIbR&WkqpAZ<8PE@|Pb87C5{?d24Rv+>AzNO^*Ykd@|ktD_BmU zf(;R((jp1+l<{?i$3S3O8W8xyPoFeaHec2pmCPfbNqWH0KABZ>W3qFSFWv^#MO~Lf zKK;wkAW>jQq8bt-RR>R4kN5&&bOe&?VrT$%RpA)-H zoNgAY^qCqR_ZhM#z_lyn6%%PIE>i6w~!XsaTyOge}Nd5CVRBxp0AtKPXo0S3%dJ{gN?}U|PM$#IdBw-dIMYMS(RW7g}V0 zz4gY_;^Y_CL6lJ`<9z8v4kkL$rK`R9>TH~$FEC4Ay^KV@eDXfMZ7Y;tc->!US5nrz z3S{)eTsi(Z{0kg6r};xKqYdVNZd26acM$zwX$_ANbcql}C}KKdW9JAK?sBCYCQlw7 zz5)Vqp}r+1Qu|JR`JF?J8O=I7AlxfjqsoGEjQ0?N+CvgGSXA7*f9dvlgqFQ$esael?F4k*eL?x zurhWmvRgqM&q!9m`=+&`QfHMuH6_lFyFp&1RC)o8#{Ub@C>t zr!@0LLVxS2sV%JHQ!~=i(9+Ii$S-#eY1TDs)B4Ch&N3FWv$4g2Thh|pp4l;t$?3#D zMfMp&Pc~|db+$T%J&cW+xoLV*6&Jl5q2e=@y7Nhb*ggCbXs9qn>&o{iSG>RZN&lWh5@uLecDRTtF>OQRtpy+49{Vf zh8a2;e?6!uf4fSEd^&#>yWkgAW$pgIi1@_!hY*m)Ua%g|vyNDeE>4ZUYj&Rd6?Wy& zFwl3=13c=M#8?~13#CA4E0E6se?#3(Be! z2W-Ar_RUUJCJbp@kINdi?8P%-R4mF{w}!iZl-Pm}tT8Y!=4E(q_1#M0g2_s3HHJF( z`XU*#jXppFD;d>$e$Uj^i9WwzwOb)(Ydszt05CoT>bYL_EiX4G>#a-S5nJS3&cskKnA71H_HqXw>XU#jVxsJJZ26kB4+Om~9GM0jA6XB5o_d>Zeew-}OVY)94&4-r4}m|l>a7MWt_~H} z^i)`(ag=PvYu*a4O7-YOLHBxZ7#ZWQ_v<2fc-&6Z>ps+2j#Mt~&EcI9hclOGa>N<( z8N60Zah z>_;QKM{IFY$foit`XQ!pL9_L7Zf2eEJWg}x*>QJ5UXERXA{@fxHO=-3C4arq99;p0 z5NB0UO(D&H{v_!er-*C=4>QSMq3WMbJp&BX8Z+7@l8&Cw=>Q%66wfcHG|J_+fjX0ZATs_Oa2HmULlEfAs*pMf*DCHW7zjONDu-3!n2ne zE)q>3dzE<~vp9e9%f|`2mtKt*pfp8d%wPg)Mw==uNu054IMc84^6cz(R9c14ffaah zvS2NJO_GsVgN?TBxAOT@N1*@aUI7GQG7~Mz#%PMr9v&{!u!)5%Ei7?x{!jYj+(<|Kzkb@8N zU<0e&99w$t3`;OVu}M`;!@4(Ps__28mNRXZay-|gE?tEJra`$(XPEehh}yB1il}iv&21!7s#PKU9m?Hkt5JqE%O$H%9FxfI*{k2v zCJ2)8HvE5tP-B1Kg!R95zLEW_j4BLl5!Y|Yd8!`ZR#GKZ|Id$)*@W<^kPkh6A@pO#$6 zf*t;qI`}gJpyvLA{Uq01o)3sH(?m~`k)B<5jfs^x3l0AtU+)-R>C&`;PB4>9G_f(U zZD*1d+qP}nPA0Z(TNB&1CbpfNHT!(~ynDaj^_`#3^{mxTcUO0H-Bov0^U*!VWxZol z{<=0CtwxJLXBo>mIdr}>Xn${sjDXEleV`J{jb4A3l>l2VV`TAsS#Np*eQlZaYHcr% zI6_o`eM~5k%lddt`fA{bPyd7Pqza;oB~5#!XUpm19SjBq*JW#?w$_fsgzjAP<+iR{ z=kdsKQV(CP<9dIlRt|Cdc(SV+#C$Gm;{_=XSb%co07H;&GopXPt84#j=eGX(6cb9_ zhXwa=T|*S2SgsWMy_KjeO$4@W=;GOr0L17)I9xV|?-@n6>_}_j9f#2fWs9! zxZNVX5SR`49cJHTu^x0xXHGQ2sJ!e>{Xl`n`J9_}g{xvoDS z;5Y6(@0kf@TKwBi-6Hrtg+qu?*OWU=7KS@8(9UsV%7GTYx9975pKTa5>^44xYyCA@ zED|{k3{_Ns;J2Mo5evLcizbX%$~B$CqYT$vK7*){fP%6j%ZlX~@)jqZx|N>@75c9i zPp=4QHWhMOYGbH$lYuJ2b+XK%Ica2k0wa z2^%z^b7V9%sW*?;X;>+v7h$kQel8iAM1-Yi&n`g7pEtO%!Wf@w;}oQbcapl2;56G- zNTEB$2cP2zclkKuC#^<$(qRiRFNlmc&KS#@tAx;L(N*T*w5D6FPkXsfba~N}Ge`;9 z`_B6h_!NE@7DnO|_Fw-wFxfD+E3%nez&6+_V?NmgjpQ!*RR~9$EG8sxt!8Zso^etx zFM*$t!9<1_I**x!iI8v`us1wf3yQxf?<@@VKvFqK7v$H^(7taJB;Sm8a#Fz=(q>IJ zKw?FlzN=I8J@|XW&Ou7qX-A@a0%*|7588P3*7J2+|Y#d=b2;>tqvjw4Gv}kyYTw{Rf)dKpbzp3#UaCz z_nx;$3Igq}Hi@xKi^(QZe`t_S#pB)ooisbW(E`UHzaq|r?pq0a$a zJtC3gL56cKKc?dm8G}!-#i=Bvb<5FQ$?WF)g0n+WltX_j>Pn)rb4OwbDUa>9t6&>; zagiO$EAQJz^(Y)(ugk5RH4PM+h`8+Xq=H7}Vd72i>ot}v9GojxPw^`Ch^y_VgUkmP z?nNz5ur>h}hJjRI&Bj6fD|MwR1Bq~1+86mUzW2M)^agtU0iC#&HfL?kjHIt@=;BTn z%bq)ZqUE`8ZC4y+p&1;^?)y|;ZZBufL%nn4@^m3nH0qkSes3i(>L>->Ha}~)A4HVu z;=D_SKVF~gO%Hfqr=!V-U|FdilAcpQ#Sr3)aztDPqmokmo|L_xeD>}_OA0H*f*s&^ z0c+o#H(i5U{b}09&YYH+u~=qTm8yvB76g^wfwjy-{oa>>hHNGp{G@8zL$TMmKWPuTfojPYc?9Mwq8PRm$R!?pY#(2MJ|nM=(4JkN4{L zit%AwjPd>eEui_vYpj(Z5i=JSi-jr87pNzQy*^6S=j91k<7PFi+bmJ~yq;&ZuX1)4 z=9^4bR6ERAz!3k-2?Q4X2k<<}%T(PJCA1wXY3tc{VNu4((+$mi5h8?Sw6W{sE$4M9 z&@BWz#u+Gf85SY7LFq1KbQz;lk%Jwa8T+ay5;rfY(xUe(!l$^l6m&V}IyYm}=;>M~ zdz8Zv<^>~6B^CL#4ZyEki3%f#&P9k@Geh`o+a{z239h9Ddx2~;7}ATIf`YO)hHQEA zVg!vwiGCjg1>HQoAeI~(5uaLDA_V{2ij2N5ZBSo5h?#HnheYy-*uVUHx#SH&BjiaDbR-l)8>!)0>}3|~K+c&!IejAvN&%G5 z5)-vtd{1j5xDfV%+?hTA@;GYo1gc`o%$xu;EJtA(G{pp~Tc3R>bEomj{fplgPX`nS z`F`Lp>a=q={4*E~SWSCTCbP8tJE1BOFT_7)$2(9nP#WLEMxa{R#0mGSmus+f$$lg! z4lk+Q)wCSkTQ)bXAZkM3h*(KWk@jYB!ROY9)WX(uQa5O5{(J8t$Nz;uiO_!}!{vjK zaccOlw?yesS!2Td8ggDhk||^O?Zs*|HY@?r>7vbH2T)X;A4#(w5HTps^7uHE9XOEY zc|snE0!I1uzyD(CgM>gpQYzxBPU$Z~&)6r4(iQ1Ar}UKXL?w_i?wbsh34hJooWhN-A&K4iL?ibV=)jn4@?iX(u zrFgHuih&?p>h$n9kVgs^RI*#QYz`nB}~hJ8ZK04UVu+`ZPH zL%3Y5I=k|XqXkJxH`Gmtn`9vf=vjm)B^4F@pCao=JGA#%hLmq$i%hgo|tb+v?~wqw@k%auy^=1kll5eQ1x5dy664T zbr|!)27)&tv{lWbDH&J~_}y~M)P=?h%lm`Mhks`q8SW1Z7tO6vi5$>DZ-HrjJCPih zbPC=B8PRFzEaXFiB5)w)JMVkWqj8@|u(zM)NLQ{@%Tk!?dJ(5pnBs5DV)HCK{yl-f zI}^4}g=~cd7Bx#P=NZFu-efip;DveMTD^nn57U^(muLZ+n-5rQDJZ;t8 zB{2#ZPi2oAIqt)XNho_gNdna~+oo6oPcdq+-UO)(?11c=+8vC}1DO^}(QCZ;1!56e zKy0WIUoB@VeESun%;ERVp0d_J?>R9cZGRvu=+DZ;m9XeN=XbxS`c26+R@vf|MXk}R z@w7%gG)&rr8bTE**nP9>V% ziJ~!Q_u`HX4GNN?C3pu`0P_bmLFa0qvRY@BT5L(OcemRM>Zq~xL7;4)qW{fDHj;sW-m2uYB#*aQqC@m`w)Q5=r~v?2Wf4;@Kmb(IzhF zjbI2dVJqjo^$w#M;{$4?F3c)9TJ6 z7(89p{b7b?<5kulAI0dGmSL&-3+3iDb=iZu#lvh!A3rYIUy6`OrQmg%XCklZ;r2Dg zXmF!P5A;W3R!dICBVoK#7r9yz=f~%sZxc{l3&(8ybSd`nQML6m7!u#N!`<#R20rZf z$K>9lakayPc6#wzBK=@WD~WoJ?Md4 zCEGR{jw8e69*3FgsMX3*oD_0OJU?g_QsL`Bm(BDaorr>JHa)qDoL4z)%1} zGx&0^HzFy))exsScUW>8zx--IIk_FR;i)Z9z)SbX9gYDf3`l)>04<(hnH&WRqrG%} zStCx#!St17cjgV;sTh&4DKf5sYBkUxIIxvr%+Y%EQM2eCUc8u1R`q9YVTj=n?r znde$!`ScUMQbYrl>%T(K&A-4~^@(=o*RHp2_Gmpo65jWdSoFJ}&Yim^tLYFUFN4On ze&)Os5YifIo^`#>kxnDid7PPbqo;1XPe(6gR(iho!$u4Xbbrc|5bAM(OQqjUy{@gz zpuHI5m4ty>q*je!`7O-r7LZW76AGRhZtZzCyT>1t9 zx1ZIN**B({Q)0;x52Wm59<t3Sz3B5O zADO-B`C>AZpnA;c<&()XA7Q(SRy(V?NQzuSQR$-4{-5e)h59=P- z);7REu)GrJ((M)Q2)%4U(3D|tne2^g??mxk#GR9JIMXU;+>ozTq1B?9sfPjM z3~PkIA$RAwQ(^WNObBegvkbV!7KCcqKA{lOVtDn2?G?^<3T(<*-b`ivkv2aJ+jA*p zOIhbr#RUT=;$8aeQR{UWWl$t`i^r24uC_zwTZ;d0$$uO9w*-I1)^Zu$e)qeHjO!5L z4x!n6kNg7ikj0|$kc_3hh0)Dmg27=y){D5X)W|R%ny4AXchLVGlrc29n4iF9IRudW z)Z=(2l{AqYM+w(uz~*0U!I4p9QBe3g+Ptn3VlfOjpKpN@wGD8!A8W{=>Z9+Mh8c2H zYNIIniL$rsOCx12CjR=!Xw+>jcJ^9_^i2#dII>+)afh1}=q{imSvR;zbg$TeG9FDc z_R}1vfk^sJ|Ic;AyvL8LgSg6{?)mqV?{#dF=?p2gk?dC4H z<)PU_qr$2KN>b`~n2%sdz%^Vu8M%$ZT$nwJGI)8Ngr3)Leg$aizNgAK_9B?ZGq?_* zh7}h#^`fS4bEz^6pAGkIe7YdB)zhlhDz>aFFLQPnY>1RbGQ6i0=VMT0@h{k&q_;Y6xtS>>go{M#&^!lcB0jkyx2E zH4F|!Uw0Q|XHDc?b#s@K`v;BcFKY<-Gsx<&eXLOl_qOu5WB44_PH*oEB2jkBNn!dBrM_plIegSIJKmal(8zV8yCiDl z_K5UrTcXl$`@3kuvp6|UY=cFl!K`(f{Yla537S0-1^SGsY@DK!Ew!O{wF_U@a7R%|5 z%*xA1?!;4G@2ld^f9YUDx#Q|ZGpsDc^rNIXRT0joIR81Edw>~;w_<5Zx@px};m>}c zB$rLNVSaljMCt8sCax6PoGx8)p1-oe-o@a(p(QF6vdmieej(tot0!LQ?HM`xFSMqO zpz}W1x#)bQ^lGjB0#`|4H1-S2T5>T0uprLzVuc)$v(GLtVnu{slnmag2Hh{xS!P(D zDny@HpC`1=4GI=5AneiV%;jAQRzmFI&B*lDtRMH8lTs)7?>Ocyly4obgc~ut=zoX2|6|c- zqkkQ8sM{%PsFa#LtSG@ii&X%AaIXSgd<9|t90A=0n`39TWA{lON5rzky&TF@>D_Uf zg|tJFlVQD_TAiH${2xp&n=AOkz$2sf)Vht?e*bds#9O`M!0?=ij3yfVDfX=MHwuNe z!3uceyWrMe%*>37WH`S3@v<|>p#PGFpm4T1PiR=BORVnS%%n3!bPdh7ir~%(X{ypG zD{%JzqSw)|02x!QOJ*7)l>cvk!uY&p7)2%jO{Kie8I zB&OK9c~tRV=JY?tI92uM7ut%!215T<@BeAiQ-IHSysopQRzvas`U!tFEo9%WZ7-dg zrt0RybEQ)7Z|VQ96Mqx@{x|YOHnSA>4_8b`# zsIx34GK&Ad#54^e@R=it@9;Kl>x@QY#U&-v;$mX7v9aRx|9kX;0H4X1!RWFSJYb5p zGaI&Gy!~(~5UKa``*?jJlx1mp-XBk^^A`E<&i|R)=dZp%9KPZ8a%QmK)b(~ooTM=$ zZAZKe)S)`x5vre4o}b;yWS)VP3JAHYe5!wq=g)($9;ps{JZ!LlQ`@>xoi08mvzY=# z0@b~p=sU2ZhrHl+FDVw4xB3@dNpAw6|LgBS&gH?sID4M&h}Usa1;CmMBb}2sBp84C zp#wj3W?V}=(~p^9i2t7j@%M1}yubgHAnD!KA;KO(4@$rjV6288zO3M#i~9Wo5(Wm; z@&#kW5D(ojPVPVJ;J-U^8vx|fx$#R+0GVrlxBIt@|N7#uPxya0d2%swF#p$L0JgCa z7q_SJf4ztF#YL=Mz|@!KC^tQ{Ygu}r8wV;ApY_!;wR2xbXwOgDm15C_t3||Jp6wL_T-~U0ng* zo;yE7#=>KYgPF;S{^geV$E53ghbMb=U=(0v5Mn}@hZ*0qyHRFB3`}1ZwGk2F-039e_Sgvn5{cw^u>uw=j~F>xwfX?h#U2*R-5^+Wu1f8i-17Rl6DO^7 zV8Ru$zwaj^fo&6c`y0GW7lw=pDy?Q8v?1e#s^H^brSd69&q?#DqgMT=+5$tv0z+c2 z;NEQqt^B^{XPUT^zh~%>2c&nXPp%ul;ly<*WZ$m47)qL3lD)d`c+xovF-~Qx=vA#3 zEBuhuTGlT$=Q;8Z*02sDS$PbkJferla!Lzde~UpQaXuR|9Q z69W0Fs;!+R(&xCAcM>H-21DyzGNZekVoJ6`aDz*hn-LpbqFxeGOQp&!{)y3wsE{e4 z++dg*C%o@*eD|jM!YMf|dBewj`Q%;$NTs3D=MguMOK~8=3IOAq?q&qVzP3 zT^+no_SCs2`U>g$F71O$m>@+YU!zk?9&ZtnkEvI(U*DT0HP|~Wq{jSGA7jU{2G=Iu zq*_W~`unX*k2v`6o%&4Z+k+XZSMzv}L(5p3!R!vlkod648qc`=$w}M8X}8O54pybG zx`LXVU#Mig;M-N<>38Wh;Sz^fJV%JIYB+-7Z7+#Wl6!^Jw6?rbDIT!gO9SIrL#Mf) z!

NEYnyhEB1Omiz0y9O6&FsFbU4ws7G0fBToU)p23+x)0w3YOkMQ6bZXH!t&o)zU&`xzc0$}Q*gUyfvXtm_ zCW%v9y6xZ9`x%gF@*N0;q4H;kB?dwUkxCS5Yv`xe*03Xm5OkR#KugC{$#g*LV-fdW z(_^A@f8XUU=}`sj4;eLKrNHEo(COCA-YE#^Bdrh?MKunIVoGf46Rhz4E`o&3kF@2N zFOEV~OoVe%L~*1d zTw*1$BSVXBr^se`OmkNF?H#{RKH}5M&-xzbYT1yGF&MNVYP*ciJpM)*AyK( z5uUGgq+@jisNz21khee4N9ZdeZ1Z1{blSCws`>t=VMV-BAj*s) ziV#^zEWTE_hAeu!RwqN5$Y$8-3c{6QnqDQHLD&d`=}^c#T@Ros`uabbyt(-+@`6Y} z(Qzme$#s<1>7y+b0O$t{xCdsyx*Vl2nIdklw>i~iak(7u#cKP^;Q$GNib?KOML_r?NUnZC*UU06qXm3de_`NGc)8VyIBTO=n9| z%cRoD;2rDkPK2Opo}<*b(FaR4c>&fMwuE4rz-n)Z#!oYQA<-;WD?@BInbDh(nTIu- zyaU-L8*8rZY?a>U?5EH-`xAx{ziF>p)+@z>U>7q2Ex*oXTW}M>M=-sa%{CRkaqfHP zay&M+k6W8o45IysDlFuntie=AS@SG^(!BT=7k%ei@#<8UDA^1rx z>6IphDWq+i>ZuY1n5j~Xcjfp`nT$t{L9fIUc3EXT1)-Le>Qj3}e_I1+tiC;|UtDko zdBMePuTU#Hm#1gnGLH3Ks#Hx|V9FF%C=M)6dOUupn9GEgKcj(j3J)Omi(Bno9D$zdxJzW9mx61{h49a z?T^$(=S`mb!l2^4$9&N^j4!9G(bDO~On{efr@O$ic!QTa?-QIC@LG)y?DsKfS}svZ zWK0Z0dS4mPaFdwKcypHHet_q{zYUQUx}I-V7BViAF--` z`0Ea6E_(K#*NJ9-owVW{D75K@llSlLrj;#zJM`!y7>dnaA6JGj%p z`-AIushUxpq7ySh=r@oJKb1?K7`QB`4lF4ah`1sc_tL^+#Fe7n6c+3fk=E}0YFLVo z??I9h_E&&*8rQWUqTEoQ_3E-c8iRjiS@A9Y(Z2EH-*zz?PqV#NLKTb$gb1#a70rUsh-38aSQXci zv0-(lpxyY13BvAEurfJy;t@g|`0`m%6Nm5jJZcN} zkv4cS6^q%=v}|&XaDsBRsvIx%b&Ug~R5zn)-3PKP9j$Wl*W;_l_#}AZ9r*`j^&;~0 zw9MCeU>)Jh5o&G_MbYNDADeom3g<~`fR`0+qIy9 z=KR!D=2@4OpBZWSaddAcQO(II9LlUJa~5#ZPJ# zYVwXj*u4sm<2QaQSEN-Oe?fZJB$>{akyZ7N45$@S85KeV?NKyptsd4@;K6fs9_3B2 z(f)w9B&{_CRkPWpZ5l$7(iwK2xJq^?rWlR@Rl1rft3y3 zW4_gGUX3{IP^EW;%&}N)48^3(8gFrzW`X=XttWwxV&?8V;GA3Zq-wdfgWh_uYdr^S?@w#P(>bhxu|oGv}S_TzI}5{8Ke^F>|8 zwx|6BGJ;LF6WC0+Ma?F^@{8p>kBz+`pgID1KUu8moni9c=1)s>J=v0y_|3ZhwCF^5 zbwAo=HG;gnJkPN4TA^j-zy%T1_2iR_zZ-^J%yP=I-WEIC7}UKY1=cS;hr6g zJT`S+7*Z-f{J=n|0Ak1b*EI%&r{rx<;~JjqMWw)(zV_MG326du_wQO|7KkyB6_Bt8z{aDz8Q4l01qs z9RHYb*^@IPtb9~OGYn@GBW&?t{?~hHQ`QUuZjt5iV$B$JdG&x&GB}&|h#KHlLpnfh zhnWf0JLU%K^gdR&T1+6ujY^6=v7li!*!7fI$T?Ym5YH z*;&nZhZWyR=J~#a@6g@?CgH`l_b%pgFG{)+$4UlP7!iOG=a}Ae+iN!4t)u=qqc2Pl zU+=FJa2QkpXA2%a0kE&|#L}iEYMRmp7OC@#>82KftCthVTRk61PkJ>DY>7|>4Qx?R z36um$=hf_|Y9s~y&Fhv_$HsLvS_C7ksWe|?7D|cy)E{o7akJ4nM}CL>jl{lu`E#z; z@`U1gT+SAU-JdhR!AmAXw)qFcT_Tph!e-1PslJCQq}$&DD57SNuIzYiX8>P@Umh+F z#=VZ`O7g4C7iprZn!P^n791?_j;6ik3WiT1wP+qZ9IaZH(V;`V-8*;bcVxa?v_M2R zx@)cWSKFMgwY1-;ZVp(h*b=5}w%njlaem{u{H`B5h^Gw}%z4oo$HuAc8u;k^)~|W$ zeCCz#=Jy0${k^@`p0sa@LC0*hMjwlOEQ|A-RrKra!J|{hb=WsIF3%FuTx4OmGeTYi zn9)UG@rb2|RgTt6j2m|ftCag?7l!x!HVD?}_+4`i{z5M;n!K5|H`;oMFPmJr$zP|Bh z8=AIt`Hf45ym}qpWcsdW?Om2rn)KDANr;pweLH-i zIZYSFB%Aj}Q;;K>1?Ik&GEb;Tx&|mZm+H;?`ZM>og1lPvRw6Lo204~T-$8B}J}7sG zL9KbzK9N8;OKtei<68O8aXmM`2A^ds<+N$% zHUS}WSAY(INHv!*tmCU^Bgj_4C4Py+-OFG`~A&6v^p%i)-UaAAH-V{9y<8=b{SVI`D%z%>T|U$P-)fdYoUe0!_mS(HOzrVhiX zs`xhbtzeft)oC=2!d^%qzH%1l%dA>PW~~HArOHg^G^*~feYTare(w9Sg;s%cjlBF@ zpp$nSaj|EEh$;!LWYEr0^|+-y+cZQA-Q!Mh2=fF(s@(9AQ`Lk+or9mWn9!F=ztq+9 zheNNT^$N=N+P{%2&{dnw32tHCRnn=0X0qGAcNi)!lAS`=ue=Oo0bd^5PrVxPSe>%b zm>q?ZL@2KijPg!{%NxhH-7j}`j94SQbE1FZYI|2jo{uAu+G%hYT}TqK9Jn=?{bsq| zns9lGG3(mD+2l-1E61wQ6%ixgJEC}KAd79WQQOhNZgcwh65)|ZtNtStNHLZ?GScEi zvY$Mu>JoB!zQs7b8V8TG-5t=yUwtaQR(Cjyz-aeS=ZPSZ%!El%mV}*VUX%!)Z#-K? zE;|Zn0OCZD`R;jvkr6Spv9!p^cz(2sxLf_2C14ba-bKCI;B!SmP3J-?^~^9i+PrjR z_v|LHSo+d)r^D)^N9N3Wa1#Rumi<$_3D<3%@dp^hT+`$mmm5LWU>awE$PvQ(BMDEa znY=Zfy6*K*Am6I91LMOqyeAb;C=c7QoP#LGW;(>7OT|Y$WilSOm)c!0-0OK;Rr|Hr zEa|k-x%TL{=}hh_1mmUZoVCwO9yRY%#&X)h-|&oholcjm0)W7nA1fQHJ6?maIV>{( z5N2y$&ighb;0>0QX7y1%xaabakVTJw8f$(r%e|*UpaabAB6Dl>hnPo-eE-SadAS1H z8<%N65>H+qsr`P8HVp9CC_idN_11r>N>1CyYM4@1^1Pd$?bztlSTFymU!717kAWLF z&KlAA8rD&Kl9Kw3%C_~5ric^4+{<|KTO9rPFXEWgQC7r@r&jZ3;ANI%Y1WHn>F=Q| zoBBQr?0B@gqc1LGS2NOy^bJ_yzsJFt{TFNCNaU{|C#ru!jNUIR&SGL>tkxS` zdVQC`0L0*nKukPeEztkXw+N}?+)>G?yyk#KxC3p|b#Tw9f^RgIEGsWRdl3&n72MeR zN(MWg5()MyuZJ%G5tIds87WfK=a7qs_?io%HT2S6xR9=|6w>oq95~t(JavhahoMZpN7#io zzAY}AlMWM=ZC$A1ZMiH*v!|uF8EbQEknu}1P>!?`1o=M0!>96X;Z@oh!9~msI$3JR zh)3XW1S1?aIT`ui>d72yi-<4FmT_N|4ooTH6u#E^zRRz9ty@h_!_QN|B3Lugq@4q3 z^3D29F_+`TP$JXLJkykVF!NamO~o^n_*44G)4;-=T1qJ7R+irVJFM;b@qSJa5r!6u zC<6Fxj_*6sVlj8XmGF&7R*K7FY%IKCG8mj}j=O zf&OhjgvIdbMgm%RLZ|N4d4NhH>lfe93{oT>D~Q?S?v_ZnH-Y^bBjsA{z_P(!naL(k z0coq(lU)!G}i53-H7bPnu!fbcwqdJ2Y4MzOZ{FE(@c2JUmc(FU|8N zK@iivn}=uXzLv&f{d>>7KMdi71uRm?vIq?UG>o^UXmX!y}Mlw~ca}Y8v;VBnp6|jipWr>$0_= z-My!nEVkjQ-=7b5dFa|pos@kYboNa1Y}2IzKo6|>E*>vNo$8?cF3CHfliGM2FcLz3 zSi5Yhad|wL^n|_H9NhPqxRw6ha0=LoEB;`ju(-i_A(Bf)^FY)cZF+^}e*9H*iC6Fb zV0At#8mEBQY&?m3uL(6vDV4@TjTz2!J=7aPs9e!rQeI#G@##oTs=c#zneu#)bb6K3 z%lFpu_EdT+?y%sDQ`0KCf8<&^I5Q-+u}uowS#`Bxdw(o54(Pozefd^{5SeoK)dR8O zX|L(fdN8`B)H(s6={HLnQ)4}-&IFhw^elV&n28<@n|}RlbXX7 zn1<(gnJ%9s)ej1LGP7-P>7Y{g?H=|mf1P=0yLF9Z1kJEep?D|7gl*ZO+R2>>=Tdnq zXNj3B&d}oQ=}{!N^yeTsdsrwBiy;gfxuFlv#g!))lIO)Jw*Ls*^s@3r-k@; z?%xaO3)CM2)J-H50ghZ{v#*>kE8I1>mWjawc0Us84&D~BE)#8YOpz(=u5kWa7nE}( z1hFD%v19m*Q}2Yh(}0)J8^bJNXu-EyE-RIj3{?ZRi56^K>wbC+3Q}S8Mf4xKncuT# zlrHi$M-%$a*+G8Fe-&NWt@})Hm2EfEt)>tPNq+N|0hI7QnX4x8t9T*50**XlF*j(v zYtsyp=@NWgiGjQdd3E|kPA=)OtK^+4)LM_l*jGdA^*R;D;d$5IdMK%*n^!b4uu>hP zZMTAeeb0Qm(vUl`u+J1uAEJ#7L1YytPU{8BcMc@)s0<4dMij9!xQnGla&WbWS1zwU zXoBi1M%w52`}1L~5$R_TbzYW%GAg1oxs+bCywqL187Yf7b%IP(V(aFL%wN z>oJ5Y4B<#H|B->q>l*|a5>mR(5TKW_bE1$RpSiWF~k_{$gUl$txHp>VR5O%elX3CK zs`+tfp*CZN@+9yo6#K;M3jJqBJ(+;X3>BvPUOX>6&LPV(W%i8z=kat`q%!4=wWXzc z!&TH%J@F)}{^y&X@JaoL7OP=7kMQi_o@f0^XCq#h%TI>dKmg1{bvD1#FYdAkFzyqH zz4Mein%kEgff!fJ6J}g_?ZtclRTZ8@H6S}DuCBfF7-lGbCE6z_`lAt=&nM{-YO-Kk z<#OwYdhXO%=_9=NeC=fbj^-^e+9UGqM7Yrz87|+ijzoJfeuNrgf#JYtAz_iRe&ufe zX6}f4vB=%mTkktm>9<$oSIgmWprP_p7Z0Ws>=RMWwJ9ZqO;l>Y}&-?eQR%3bXH-> zn{$xGdE%8+6?*`!4XN{)c(e&8m5M>1TU&*fhO|9oBldCsW(TvrlGp7q_{zm%qg

  • ex3=Un!0mRZ1W`;Bt|bq$1WUe! zq?2)Ld#;@4n;j|Ry#bkG7E5ev@7`3qRUTB^>h$bOiaE<1{mKbh75SUbqU=uXi%Vy6 zR$wjj_x}l-{Kffli2QSWR9yGCyOt3?y}IsG-6+mVN{&)!_HiMxX9c`i zV?%{_QlrX;cQc-DkK%to%5d;7=7Q!99Yb4w$$*tqVbKJGu-4&=fjRF6##MC-#0&&! zi>42k*rabP6hyWY5}8gMggfL?I}T(y@jxn7QxC$p0$E43k-Oy#Qv$S&Ik zarM2&=NIXu&!&aF%X(&u^wr(=my1H{bT;@&XgXTOEBsl!PT6L-9G?{kFm`j7$im`P zYz;Y)&7apNsu=Yi*N(mKTHn;aaS4uQvAcbK=n3-d%A>L$SR3=&-PkOg$f!#1`)(z9b`XwlvIIe~FDM&K4y=avGp8+Z8pLX`!e z`s_7d9=#i9GD_KYd7fbyXvnolIz3k+kDjKENhw|?h~7viTozcE(Bl3`BnH6TT)qc` zLC-r_^B+uN?n2B0;A}z(QK0ZM+a+*z}{Y}JV(+e6;Kqh=NM znI_hJ>pM=yfuXSwKsm=;sHJsO-enOPhvuwPz3L6!m#Mv4FI+?t%5OCyvs^u(t~n7R zv!}4^gQYfIJSASC(4cFI!TiSbxAY9sJi~<9NyN8}Qswe!;%PLM(xeTn?gHx`1B%0NP{I zy!Vt0`BD894{%+UQc{$4O{=9?p=W7~@f<^yn;84B&N{y@o($_QL>OZEguVc7mhT)+ z!RvcYk269eCsgxiG~$Zj;DOSrOLAk(;`szu63N74Yf@E%do`SFu+ugSc{OXy-yPTY z2SVkka7Fu&fCcsJRz0QK@Sx*O@iFiZFFYGGu$6XoQfwD)4Z#Y}9rG{s9Z)TBoqSWu965P`U^3wIr zwAN~mMEq^H{&=s-H7`W`hIGagW56mZRou6l?VRQ9M?z5+n>GH+LW`QtI4gJyTz7Ld1VYS)loR^72#CzWJ=7WX*nw92SJ3Oa?nW@MaQXVLw<&1SUpl zFuNbcatDCG-5pvho4b;Ph@UVyKTL=KW5JOdJV+a4#q)|Fw6AIpbcHbquO``O`0brd z`aC{hO^g(JLb9=E*V<2t(ERKq|F%s4oF-UkFQG%Ql=l|b8>4e!@q=2^S(5$ev34h= zBoD;Byd(^Cp3p|#7f4i_QPSz{3f_TpI_C{AOAo}7gYbfy9&L50$83~+QClT_!zZFJ zL1Q3LYWxU0Y6gOYy4AkIlk;u34kqqXN}+3m-K)XVdzq&YLnn8|nR_jvaH2dh`aZie z>MYB6l+eMpXC!Ed(MCe5>nG;@>}5Stizptl2t;ngM2z%e5i3fB}$%1a29u(It+RKDmRMupLDnBbeTakgvEZc2CU^cfKNuOI#p|3tT~x&>9y#!Z{B0^qlZ z8Dx9*?19ysd2^AuZ`-D{LbGSj!4$M<^JezbrcA?g_3s}01IOphpUVp?$4PDR!uf-$ zs<@EOd%x=PWxEgrLh+_Q?0N|P58m`o_|GEDbdBrB-p{1M_4|KLT`wMcJ5TXV2mhPg z%pbjq{f0x2Qa|&qx)l@B#zT*CWZszDII`i8inCzMZ7Plx-wZ#$_m>>`=={$z>+s>H z|B18ya^?SFYT?@b-{Y*CCVvJU*$swM_5_M%)2*{6rV)UI?raad0eG4jC2TF zPbPV)`Q)$A6IBdfWY;fq>YF&(;hIhy)5#tFmz^9jjF^#$#^XD%5Cuc(D@JLlrW?4i ze#_8GJ*6X3>56pxtyH?%f%|GlVc$&7Q@kGhjD-j*4;G?*r#HsZLBkW(y^g7)X0t?r zLvtijv4ekpJrRBHXmG#F?jJX3VTrSRXvq~^@O0?iV6y4$z$=D5dBw z41qp=6{DBwAxbL+M$|nwjrTAoy?i=g&alBM#K4C1`2v9W1UE%d+^c5zK9Imj#K@Ch zWAPXfVv!hTAdaiOilZVEHrF=8kEU{Rgm%TIwEiGF11;xTy<7@Ou2TY7LX|fU{!blc z5=_NFNkp}VZ2GHBWdNL!crKeRaiL(p@Ae*3G`=FG-C!@ z4z;gt4mC(?*|K2*vRya=>h5j1npG40K`pBk$nrUMkhcee#6^(z7cmhFPF_ zB&B-0Gn*CW9%17aJ5w!ZewP29mjDE9KET=BLr@SUGnJgd!-k^{hw?nFJN%l>l~R6q z=$F*Pi$Ce@>^7%nODex>=G~xrG9!ph2^}l{QbxkanC{rr??t)Mm51>Kmu!ke&B9?-FoOLhR4e$-s5wX`8=g~o3%5L;|JLaK!974 zR59VXJT80^aYy452cJZ0ZAZhf^p%rME#%(4`%r$(nT^)ZhF>;(oVu zF}WI<+%R#tN>)3=J)XOU*TC>ev~AtPmQNy=Zaef6{hn>k{0H3rN{c7Y4k+#2yBDfx zub^@G@L@|R&t zwWgj3zsx5aPyEtuPgIYbsk?lbkkZLS^RbPoM8cdwt2uqlfvqYZG}Z358=ljeR+ml& zFl)OF1720`XZ8+JOafV$Uy{7sSG(jb$rS$VjBjPpmYpz(t z9eu3vEj&-Zd-`Q&roCCeQ!N4KurtnbyLGq6Q&WB^D^Z?E?@t(^xE7-4uW$}>WSr4v z8*5D*J9X5NaZMR~eTlQO)HMh{M?4^knVIBW2nd0K5a3Z5jzl-Uw6!_dRQ&<>uo6$r zl@8r)N7s1fqe=E#3!fO(w?wrwznhrBR$oxmuh#d*L@JSrXX@Xz#lyyym$#LdR!*Kc zo^c9~R~1J#As_?>1cAaDiSk60+pTo3harXBMDo0Du|#7=5)uP^*-}QvmP&en6v!}8 zAY_!!A~nl6l}ac*3LnPRnlfs&UGlu*!RRVoQKvf+7Om`ir zGrA!L25LbZJ}cul%BH0TWtV&IWv0(QWemBsrF36?x0jwcgK&o zbR(kW(+%Hl96@UdmPjXSW;!|}{PqM|9{1{YP!BYPQ5`DcVFpiQmaz|~nmjICF7eQI zIdxVjQx9$I#1ziOJTixlR!Fs62fcU-yON4(cSF-ZK2DX^~h& zx6`-NH)WVqTg?4;M=0gE5V%MQ6xK+jd~j@dkyoMzAN;h>=d(0KxmuxIJyGuQ+_3uI zt{I2Swa><}4jOBpwWlZIJ!#+7Fe&p_yb`|sn_7hZgUckz`Ux{)J$UQ@n`mM>d|9pQx+UL?G9 zDeI%@J6=}lpfjqdDCa`v1!Z@E2;h@w&F*jUpuKn5-!pi4Z0AEf$*&vtaYjea9ejjL zEE#(bPv&R#{fNiy^0D`F2Y|D%QrwcYT|ftEPV*OX4F>{}b&;d=deqpqnyfnE#7J zA{#evusa<0eEeQimizXpwHl{Qo5tP>qbH)z{P9m7p_aAycDh@$12&aK$~J^c{1JAo#HL;0(s&|r zR+Kju=DpfVD?T{g8+5(<|JXb8IIW5+??3zg^xjQ3`yz-N3MxAY2)M);w~Qt+8I8uQ z6O+lz`_5$E`OF{hGVd&TC(EqKWHp$~OcFKjpa`g-sE8sUq6o70{_Oj6-|wmFe){RX z8@ikB=3d)NJ@?kF%0#<+ z_&P3LskbT@m4V7sKQ`|pK>^)7YJDZ`lt?95p`p)0-iahDF41k_u60{zCr0Q%ilsRK zk@=)weHoEd$I&IDrM)`3XSe_A_*at=_NY~dAgY|_D7uyyH*wF>7FP82j5L8lY8~I3 zp@C39rW0(*a5_}Wl#?;g7;4C6q*p^zoD|ty6Rfrp!_~?*G^S^2ms)gPWmlR>%>rtP zFE&~xZwK`kB7Mk=Pzb4U9;g&(}E^D*>%jyT?%uiKjEMaO^tkAU0KEE(3vJPD!x0nb;05! zk%%Emq_bI8gQdYzW}i_(m-DX>v_fk*M2oncPFlh1^^Mx~`S5~7U3?N1>jxEw=gpf( zCuu+XO#Bn=*&}|7+T!e$FlV2!VCt+-w2uXo_D}TA-aRZ-uef~vIP*#L`zN15atn|Ql+?OMKib?2*mb?ut9#M$uc|6rr@%K7t5pF~h;#4dai-FoGN(M0H_cb>rT zZ~ffQ-n5Wn3@ZO*BR_h!+tHRe_bPsd`N9LiIJR!x zN_%O4L+Hp5lQ0Mo`bUgq;$Sw_uf7aAL?p|%WAsYI!^J*{-rD>_FoO=fI8) zJYTf>PG3ot$6qo=33X12jXsgPbh(kk3$=khQRDH4u!_p0aWRy(TT5+@3HH+Re5T12 zdEIK9O2?1qvtgePf9)VbHMB@Fb|PmS57bVzx$3Mqw;r<>N7~OQn~&q_=FH(lE`PG= z80U~qFeYIy?(vseY?x`_raEu8JFy`Pmbo#(~^FX&;S^Q?Ia$%ZC<;@R$?&%*7(&{OPSkp!38c*npkT( zk+vk8EU~QRWJ_&6=Jh*Ix$GV?V)r`e4-75z(9qcU;5WYok-qm2->I#gFl^KsiG zT~I39`21$h%RYSQus`5`;0yPamzRx1waq-bQ6Ll!|L}+Zj^E*#GiT8X>(;IrwFW)I z3leps%s?K%o!TzeOzpw*?_bz9e{C0ZXd?wQDUd~!ip0B+T!iGND262k!jca2lr-c; z=c{dxK&P+sI**CnPUn&PSGNYuMDwuLH;@BVOX=gHMO%!iTKRBQVNS0>aFUN`I3x$& zO7B3n=um(l4l}qDD>hL?!dsP0_G%SS)UrU=?cYhjyhexustFj3%+0!iXb8P^AZOS~ zTT2Wy4(Jj^ZQ5(;I*(@gwhw(7BC|~7PjiD_6CD>XbR7#iR%*=1K!7XqkeyG>8zGrB zpXN{L5XmU&7!UGpT+m`9Df{2`^gJ0@|#qPG`oxn&I z4r&y)X|w{z;wY{JTeG4`gfi?HroPpJl20kReUYS>v&pgV}~+^HIvE5Irg42@8v`@!-mdijp=I zTEg9F^Es_XiM>8(wUoOpLAS-@cGzwCl*8i6S=erZAK5c5dj>z)4uBz0Y_cn!NQZ=0 zs860cb(*9I3`v6LFp+au7gm+%c{S8Gv^2LQ(`k3kBmKa<21$XT(gmYA=nNb|e!9LM zN16P`lhHY$4=+g6uTP?4eWGIjM8#pwIHMi+w(AqYgZ3)_M3-E0F`b+Q(q8 zA|tYs!T_ns+SvCMo=U(_gc8FntmYb8E|(LQv$WGJz+Il%v%5 zu^XXe zb==#}M0=}meHjc`@|jF560R&S;SeQ09E(>cpG0>1oMp-<(JOCwyxz~>dmprV^UXJ* zDsu-^>g40;XFq|4cieUd7}2&DMelO<1+&p1dh>-}ux!3~$!!)RyMNoy0Nk%wbAKkA ze`Le=h)W3GXNC(6t6__1~e z16CWzSrkPp&O3u5*o|Sn0kV$)N2?Le=2LOw6da?%b+O%WC!@G6%BK<;jxGq;YkZE9 zD(@689-V}q=4DdAq<~3*o+-er7m7r}v8WdfADc62v>N%C6SiTs_?;*UO_&~7>9PbJ ztuv>e-A=>njxDJBO^MGkbqWX(jx6GGEQ%yxDP==4XE_nCv?shi zXES>+;b_#(N<+Cp=(#}V({n@t)yv6nF*Li(jeK^%}BCQpKIAP;#9GinUT&e--09Nd`gWigCHc5O@Pf^{f?dUV* zvS@_rYGwlkXe646|7aJRy);llOT|-2k`}+q&k#(;(KWCzPiWOZ!m2T4wCXX=_-0)5 z6U0Y7lXljlUXO0+7~S+`XnGWgn0wM<;X)MEJNR<^UYZ)+>&GYq7MBZ@C>`feDcM++ z@xtcknBSu8Uf*-`M5yma*U{#xWvk4Jqau6^3F{FbYjTPErxd4n!L#tKhs&KzI+V$} zZ1%~9t-=BmW5;_eUkr1%L$JkwvkV+3o@&XnKF?&~;;B>;a}QV6&xvGGeZy{8(&&(~ zy$@Y-RynsUn~!p$8Ja_U>$G@m7I!R*Iuf2|?Zo%ky&k)t{Q&fdAoN(KlUa6?0wx89 zmjW=|3~{1wIa>hlLL7+bv(0eXN?h48rxEnoDlK-W%gf2SsF%obpEx*# zA=#`AEJuQNO90(Xj=ifl zDEv7BCFb(6Sd@P+02_LH?XY6 zYl`F>@Y5Cf-A}%{+Vn$~fcbnPhFy4$l%Wjum5PW?kJW)|L7UCzk;6u@8Sibv)w)I8 zyAqQDqRPhdTgt{bV+AiuB8f<_qN0o?0m!VBA&zg-Bzu#+<Id`e;p9{WbqQX^;1thNiygSL96GU-$b01E3e_nOWR+hv#wc9yJUa)@UM|M zFTHrK+wL~7d1AL0rw8WZbC^e9&|CJomH(|J((uSm{HhrE3?jo{zVLV4ue_A&&)x2B$ z9{ddjTp71FGQX) z%*bL0Rz@nCKg~UvYehIi!w4HZhsE!(1WS!NBkMTUuqTtwc#I0S!#B0`Qgn#ic4W6P zJdn?l!sh2D1xyMIgaQbk;nqkb6m_|sc84pKPXH86^{sOnfl0<9becbU?Mq`(fK-~Bn(%G(yGI^v zYHIr6&|!`SAu0OLteMj*D=Tli^%nf>5a=8J8*Dn@IQ#a$+uYpp-1ETgmzS4ce9>GUQOD}4s_%XGI})gD>$F<8NLxe}=*d!(^<*#@plq`*xByao z;^v#M+9@q9)4Kc)yM4lh8t5}~`m|&!x&OTb4b6>LEm%POLL#FiFuWkq5LU7vXi1vm zSejLkEDSfzfjn6@UHc*-WH@6=fCuqM>N>AfChc*syQ`c;^p&UiZU`s=wc&YtSX}28!gLMvfcTGpr1@k>2r_NA*hNpsFxY&CF@fYW^#;79eorTm z6s!S17~Dxy6p8xoTSPLiA*X=sEy%D#AqAoHgmv-?TbGUC`Dbug`yG6Iup*? z^GSCkZ*66L$>JmjFa*+%iEP#q6OgFR>Z#0HN?DzL~c#b4MAfg3*#MYlg(WIU0$@%r`j)Yo3$35tmx5KC|ElL%cQhQS+e zyvhB_1y>>eJoC)ce2(4_akgyTLhoG8***C@`{z&zJtLlM-1sbUuDy0GUv1y9ohSGt zLUW;|r8${QfSWQ!p#4sK5*eyKV5ZZZ0w_eH8s>IS{L+noMT_`cg64ds_OH125r&1` zzF5vg+xE7cQ+Ct*FEgEQKky7GTs{3-aDb0m-UOdscJcKn2l?D>_Qugv>!WY{051O7 zHUEuf{q;-Vp=s}2@h5!s@aDgzCzw8ox;M~pJSiSi;Cf6FZK|zKIaD^EW}0QOWdqiD zVe4ji=DmOTc{+*Ki&?N>0Yxg-kwJ%u1ogR)=*z(Oy6DR=U4_G}@NCnkO?9KS!A_th zXU|K%#U&YznhsN%oqQ5GY;%`?76p`@+n=}D9ZOe#0({}8Km7?=7tV~6@Y3bzZfxE9 z0=<3dlI8eQe*L+J;EID;?KeCu3G!Wf={AL=HioR)a~jF z6K#huSx8N4>h5-xu3|z-Jq`Stx3ocHLi;thNro;iIpoF>DIiX!ao`NwQ_eIX_{(81tOaPlL96MdZPfV zzUI~z#C=f_a=EI~^W9cgxn(Ne%}yR`!b#!{>uwANf`I^rFm{Ji?;%+^ce3@wf8~-# z(~)f$-zb5=5^4h4w>T>9OJ@RmK41geRXcSuM>IN|hR2h3dt8XvEumJHG-TRadGvGk zzu$fLee_Uf%$Om7g-dj(N7Xg@OE_3^u~oKb?>T}s z^REEicv2N0&Nnifb14#EoP+7X-ipv=b2M@dtQoCf) zVoY(F`;jGP39;il$%86GLONFaO+M@TcNLw9EBj=sz-a?nb3oNj- z18KwV@Ow*q?m+hfDd|gY(vQ%;(1Gsp%qJs20X@QsMl?bBrFJpoB{t-#1WnYNj!f}$ z5Tasz8N_dGS*A1&1A#~QHaoQY&TLPx5#KTWK7DwpIq%zEyOrb3Gofrw)?Lp<=r+dje*Q1|bQln@Tr42O3AbQWK zQIcGiP0FUmCTKom=5)8m-J?kw6vN642x;z|IaL*vwRN>V{_{m!Dim&Q38BBkLNO2s zl$V!Im@t7rMR_^Ip{<#Dlc^L7X%Heh6La8MJ7J6NAYed`mo=?z_`bcpu6LlukTdsfG&f+4UL^mj(L_3vFq9sd~!YE&R?KKr=Q6D~u zw(ocu*0X-yb>#BnpZ%Q9|G?+(@drxib{xnD0LS$E%!dc ziFEU$yM6#Gyldq*IIH5h-M@hkT|INX)8Vdu;TTgJuClTI}OrJ!WP$PX8Z!Kz<4tpCG94Lbu`DiT8Q~ZT-#@WLg zHqbo^dNFW@Wy@Aj$e;Z9-{twzJ$n|I2LVv`Kf=0Yu$X;*YQd8+Oz-0(r4bvdx^7qHHA)k zT<%E|EZE3|4XYwTRMB_Im7%Ag}BOjqdw0`~i(h@wR1VBzS-#K0x65067vsiOaoH_|lmmZHBwqIZ0B#29Yf-d6s zfrAG*M(ygW7NAvumJ|C30552QJo3oz>l+$&?b^-07aN{vRjgjM3K1Gd#b|jHH!EeP zUihZLx6v!F?2Kc8gmI9|HSe;E@u743ZMOl1a4ZaO|JVQi8$SHYzxXq(fxKRXxXzEj^~~K^Vj0{^DqAVzw0>NOGp_Gymt^}a6C7$0#4D=FV~=N)BbWmNwR#Cs`^x>z+G zJ$e*-z{yi4;R*)@u=Y0{|AG*49Q*0h^?Ud219|z(XFkPO|MBbJbi`;6@%+Sz6EyWT ztCr*5sI0WjtPD?k>(;F~apL5&8#jWE5Uu@-p8p+eI=J-t+E>2>alCFH3Pdb=S(wqB zAfEIS@_qb?Cz_h=G*-{~wLhh|JoWUmSeebe=tBC*?YG`a%4owuVFAT36?eJNjhc5^ z0HA07{L9IN!J@w&;OS;01r19|N@zIjfliz}`TX;nTSB2OG@%MJXH56|e2+f%I4(oG zylpRU*ME@?o_Oj>Y}__&+6w%3l!12PJiD82{1~0K+xvbV3?oR?PtIrYx=5d* z_vJgwfBrfc!dc`u(w|DvVS-!~pCO^clwzQ=3ZL~akn%=oM9mZhl=p9IPBe+MC-C0FKo*jMqNH*K(?(U&;!j@b zOMb``*{BhY*%Lo)k8A!b6wt&g&@CrQamue2=F|8dO6GHiAtGxqIwx)}5kgeItjk;2 zyDJf6OH0myIV4-ec7ci{!Er)$@d!dy+@L&GXNkKCtjA&ap-?W9gA!o4Sl}61!~lyO zbtf%D2( z0*GmuLs^*xVX-U^m_@lb`xM9d`E-ksZjlFI)lNX7DywUv;jG2GoYh%su?Jvf0Thz* z9CqfkW;rTLG#Mm)i#45-yky$!{o*BGpoD@O4e^5%5Um!biD)DiY7L_af?Hx(A9H<{ zorQD;A2j?_OQDWLd5bmxY9Nh`xWjmCKu4u_}#k$Kf)31P^fS3pi|r2~zr^2h=W5Ff)Om)j+aEOiaKF1Z~3 zqye6i3637a&yFqt)z5*N0V42JzqON`yO@mDb2&baFtNog+ipf-pL>c+N$I2BKAJdt< z(u9gknmh%=w6Zc>U3Y>`bP~{k&$?Kd(aE%rY66`S?fD19=}e!_(a4BCi82kiBwPMc zmjPe27dRIe-}d$)=>vE%K6Kw6aN3l2aV z(q+p5q1|3iRAI^4!4W#ud$j(5XecfwjnwJW4Y1LhZ@P&ZZF=rGTKW?=-^|e6_2wIN zh^0%G67!8Wb}<;c`y|@Bt!JM^&u@O7uWr2IM!tIfg%^M=uU~sDU6g)?hUdkX%%#6F zz(*@>&i8U@ouE*x`T1S{2`5}M>jt;e8_Co=Eso1)Eb+L!{OnGnHlIYf{HIp^F>imh zZfuzD*|=P9tx zvgY%wW>lU;AN7}*VWNjZIjztEN0-^Wb;mYtN5hDxBIvK60Ugl4PRop`N)Rvu|AkR^Z&T)HCam*iotlLvHD&0 zkkEN~(K)HNU}|7=vLN9MWm&kSMT*GeQ>TsWNlQw4I!ELHd^DXxv)z*Le#x-c8o3H< z+UYRFdLf^8FabHlAWZ;G(i|T&7cWA%DB|!?tGmWKCGD!VR@;)<=&98EnQY?NiDSGE zmIc`0MU$6We^h^jm7mWjcQ`y%?#X^oaoURQUCLrqN$@gVi4N zRNrQ?m!$KY!Rkn7T-IzVk;Sk$8Q1vSTKKnEE;>`%{O?m z{@QCfCA~cvi}qy$3Ul#AmtdiW!j9MD&0DhFOW4%dxM9PupyUnLt*fZ4xNy#e6kGhw zL}S}tdN~$L08{B?2U{1s)%^5lzu@@u>(;O5^s7mAbwGHaPbB^9#urHKsi&WzV4u3{ zPCYdg3O}d-tt?E0zPDa7q{uM2~X{(&$AOT}%mIerY?X z&FX7c;wzfDANp_JycJw;`m`DJ5Tf;6$g@vJ))?tDWyTj0jBK8jpMET~9)AE=U9(%30);4Fxx#D7sB?(HKo7r6ri@VU@-R<&)yKy@k=R zyXl4-NfRgDILv-^=j&>K^bj2iFIspNqwMxuZbfVF%p4vKBS<6*Mp@uB^v5+qqX zv+{>r$}0>j#I~Y?sKZ)IGx0O001ZcTxm`Yhp_G+51&e6E+u1j#gPqDYG+?}B%-Gcb zC^4*i=Q;DjnO_cy0t`{D9YC|72_(l0GH}J#-BaRWoN|OMZRKMDXBeVSWLQ|uaL1o5 zEf`cf*vxt4DPb!o)MjX9#UB{$axMvDou4?VN$sdR zVeV(C13uFL06+jqL_t&;W)!Fl+eStvhgE$RJ_}QX_>zmti-39cKmkQIo(rSVzM`}) zk#Y>d1Bgcyy_V*l$p`Y*8jG!xle=h0TA0^X&S|t54rPAZruD`*W2L+HK$P}Jia2Vs zldAlMt2dVih}KhF#k0vU{c^bq5!-UO%;qR@c%}dqSlLh{O`6D86aCyTYvo@L?jg1ZH5Mc+00?UNDS`6V}amXfE{SIqA8336&QceEK+DZpb%bLN(%dEEeF~V9?K&QekZ{*t$?7%mCQE0|`Qm zubo)SRzWr|M`Gc4r^RN)zKLQ>$_{ zszRmOBewlZZ>g@XC=Es6_s+>JJGs)*yZQhq(f)JHxN>> zfJCv_sgtL1GF?_)2Ie9a?DL|&G$j%+ormSLUOg7R&?(EPX}?%bckw{f{-)z!;!}71 zTLyr*BodH_3miwvCRaCj4t;+)ACPrV-YSMe1GH_{0;BL&H06 zzXR-i=g!wyjW1ld5QfKjXD}u?%M71Huk+lpaM2>V?B?g6Cn&iLlz@; z(Ui+wPJEhTq|oz){?Tn$KNya+ys-Osu%o+{f0KCI-g$xv^4d%Ou*6@^d1}}_*x9`| zuaTvI9%%Y5TL|z>CJF;rg??GyWmu3I)m0UYVp&ufmfG4{?l_`k5}Gt|B6lDmicFa4 zg^oeEjyOEeq5onjFRKuINHRbdMs$ceiIF2)*)z+HwM`<<(cthU@k_nq=^xW?Z@lws zE{AR3iw{A81?#^+%KKk_nEQftMd9M-y@cl%#hRPP4u-1al z#FKIE(1Zg|f+gh+S5?KduYd=gYB&Y+DDzH{GtY1-m&?>Qora|oQ%ns+ZOB$zQycX~ zckkMT9*6LoTt1OZ;98MP$y)e#w+jQ>!yg{O2T)~Ig_2-{pg?di4sd+!^*7N-y64`z zYpQEl&+wM7eF6WScieLP#EHFo_Z26GO7)H%JCKU+zMJ^f)22=%K4m~9TMP8{Etm6erW|Js+JC*7?0tM1{mNk{tzf<8KHgxQLU zim!h80W^bvFT3Ye{Dl4)iAGtifDD4%bODtLDHlE=&F}rgceodxbPr&S_~19bMN1XG zVkq#F-AwwSE?d7eDgL~VFzpyD34Z#nKWJ!Z#6l1{ym#h-_mM^6)$mG&6iYxdSvs}>nP*(kLWz3|kOkNW7ZJ#XKFgmhqsH1r;o-3O;>x;m zidS0E_EBcHc%H{BESY1&QG`G%i*cA2!;>(~1$NJe&_SGU;oX3P%GA)6;Y)}eUBCcl zjx0vV2KKtZ_Q_-%$O(2pMtn;;V~twpU3qCEIpN+LOc)8ytZ=*heIP_ohu-9M`7)W5 z+NxJj1mZ-FK9F}iyl#ibZ1mC4holv>Xvf`dWwhq)qDvv3Bb8zX;wAp4xHEz&uv4v~ zbXai-aV{XwoubaFR(@88Q#QD0cS&1aqoJk)EQ4?@Vc~KPpHM^Y$iQeuan6VsZ!@hB zBdw-k*$fzpFuW0n!{zb2J))GZKo7}XG&Ooy^b*Cq`l0~cRkb5WW;!kQ8h&On@A5&; zRb|*JSk+ss{b+{wmHOy^rz%e`*8kF>2(mO`mc=;{W72K&ix(nW(869mUb{htQ*`y5 zO{_YcZkx|-3lLM3*_4r)Vavf2FgX*MMHGrGHd%$DV`L)>&Ws~@+2>JNNF;eW`pIOL z(4>G#fuW>;Oj+uZ1)y5h!wFE0W%bX>fkgstp4oZI$xf6oCzk%K|IzHoWc(SiaTmu0 zL~-UgV@p;Y+T#xo5jhY>I4liM*z7zhBnoaNs}7ZsC@67}UUy-FDI3EY@F^Tf1GT8r z#)Lho=TT%g+yeueP&_ScQ_!;Va;)ZwNwmVn+#iX?kcJS4Pzgak2jt={(oH-X!?{l+ z8mE>NnkoSV;3S*G`3e{-nM(TH;6b0oP**p$xujaQBEDj@}CR z2xtgOQAkfH7ExMFWRe|hT}T<_7gil0RwA6GWo^SGK|1V;;bIvZH*%3h$k|{mxq17iU z=n%mLo`3#1_{Os3%TZ(Wdfnoqbgbz|FfwUi1~a3~Z}%=xkaP0B z|4;u64Z(4t=awxm5MI7)Ipcr#?l~z*3~6Hww2NvmbkXO9N07rUyU?FqGW*74I`+%0e^2!5Fa10Yj6Q08%N2J{o_LGL)`K&n zK2tSc4lxDvl-%Y+O-&YzMU{tG>Dau&s0I0E(=X^KOuq06d9LE?u#Uv)N}e<8;K~{+ z75-C^`kweD^-**wT`I!>&4zdmpgylN-QddnbpS2sVbUxvV`BJ%P11C=#`GB+BZTD9@r*U^! zyr@{E@yKP(Ll?fXg1O1y7VS3tJn;-|ES_Vz#%uK6ARDj|PbBxTtcOJv%*&*JNrAyq z0D&2+AHWg64>zMQ1(9;2i6k3G_#Oh_XlOnS#sMaw!3V>Y_j!Cs2d}^W2G$tqj2s8? z(a~c>P;KEC}C#S*WxiB~6($33zDlp8cm!)-PCa1u=K;ejArA6DQZ9 ze^gUbRbEkshEY5d@3Dj+P50k_FPU!J_VR%P2Y>s!N6CdMV8w&Y3Yr=h&7F%xb_R7p zZ|mr>W2F3hIXA84*zptKP+&ud{Sbs)!jTXv9PVD&ZEAW>2_biGqxrCrc97~8gOb!@A{ zj_sslcI@QDwr$(CZ5tiilYYPXX6C<`b9pY#d7fRht7`A6wbpe7W|Pg~h0n)Pv%-<3 z-Um!qY<%h0$gJRYiH2#`68}@>@$?2dqqmj+yKs;{lD95L{ zLr{CZ)%}4Tl`NT6uN|&%@9SgHcd!AR5Ww_1?nijnU_n zpN=_{2#`0{w+mOj3l@qd5=$PjSoVY9^h1HTNV}@fk?K|<2>X|>XhC!sJWfOo!S6`- zU{S8-Z0K%Od6L`i>F9B6+!V}Bz=w6xg8vDu;aInuIn)~{KA>zN({LCSdZ{R|wH_ZR zd=}HT5z&4&3+~{v=E@s z*UBFkp${Y}LZ#gqjx#5cp8koc!>7(eNPB28GqyCQfw8%QvnR9_9y?bVI*c#Pn>!^| zyHvFb7`~Z(AdINU2JIh)>dlbDYu#;KNd6Zxk9dC{^)1LVWFOJ*Fp`_$NKPyk591pp zwN|t!49LlNIvwn&v+e%4I;o>rBVr09*Nm$jJw9vaLOjCVoJ)z@ts^w}V;wC*f;)MH z;t^jIQljAm0ReVbG7H7GESb;Dk<#(MG#H%D$#IBc!$>(SXcS|17ORaT z%4EQStibAH1zJmT9L%kOp$$8a9l>IiJRcnrfLc8M@+VL3H?-Mf32PVPZhjVG{9RL? z{c=zXZJw{ZUV!@tyt2zu^i4(fgKEZ|Fz7Q4FR$iA8YA6{lgxoKkN^`@doI*yKI)Vv z>d_Tq6L$hL>N&0gDDAHJsp*j|6@TKIT1O=uRLSr;@GttQT}n-?naIS^zo zmE9UAXKO&pxkZ?gA0frkl0wi9FGl9+T>kCIYA%(txPl2)5;3pbOvWsd zMBfHX&Qgd9>P7gY^Ak$?o;VHOhB@G%NuU-KJ!GAHy;qb$ywXwj5h-7!-PQPtDybZX z#d)_Hj~ZV8y@1D-|fZp5#d_7ht7@p1@ZUE@s^9keD>I!9Ubdxw(@E$SQXf*sH z#ekvDg!pT4)9{u{U8?W$!WsN+d}CX+S23@;F|*%29=kyIQ~13ga5n|sXS3N_ttGK_!zeHRxMNQ@DSX8eV#Y^Oi}{dQq%L-KC)|W zlqcA}{Tz<4L!c(2%e_;1FW}U!2w!*!XMThw2+;!G^|P2AtgI;W-xup6mYufkewyBO zwqjB$i?`Q$B{v^D za|NWv!XU&$EWA2_6H9Z}B6KLoR`F6+9OcNEm4Bfmglt~I#^?zBp)gNrqX}j-fL$|m zD0=gl?vDEo&j4c3G@(H3H4YZ&TOjZ=UaYJr@U=8PHj^x|N?J3JC%0%!WK$)HyNk?J z_uouw1_v6@Uvqe|8O7_m-U;RvD>r?tAg2Roi9O^FIA~5|b)=d`Y0{J4(qL4)Xnvnh zbkFq}Dh5}|U&}1G!KC!1PAoXlc@4cH1!ca3j7j30DB^W@uG*^=ka9sX#?8|KdS)!( z$-=q$^&S|+d{_g$0aw5xp6^HLJ=$z2#1?B-zMMTUg6OWjf?XygJ6wDG;tKD`GxB8U z=!BW1zM+h~c7*PPC6Q?7gD0F5JDj*n1_fD(%N1mW^jgh={)6EdH=gH7$qG@g1CxZL zz_Jxi6I;?yADmp4N*4nb^Jc#L#!A@taa(+LzHEd(ds1j64A~sfJfUz+3^}F(Z!ZuL zW2$s|{yrJ7j2%d}TTm8c;O366_oo71k6$O4*0VuZ`wWNKEab@YcwFvuIMMPYsX%0k zA&7_e?}4UE65B5fsLVQIKgsjFf~g5-ubV*M6|ctw7Tiwy`#W@;C&NNf?ZdRE)I{?S zzFVfmg=QQ!1*;9G%EZZ+e)aMI2lveuW9LduFZdV!&xQF66*W$aDvzjF=n%N$d18g` z);D^m%oE#;*JZ5(R&P1^9#G^D>rMCEQRQjgNN!KeG;781G6$MV zF*_5Ug_W`ZCfPr|4rBYypb2OAQk_ia?Sc9C)^B@qF>V2qKpeuzM2vrNpG^0R^kn-T zysIfI^@X4LoGGIOr!inx@bG_$;^LLP94_!R>EVwIr+NY==KhQiL)Z z$TZa|2GO>fIZPTWt15z%M%W`!?~8T7tuXB(H&Hbyuv?#)IY^Eyo`WMN(&80>gIIA1 z@;l=s1FuQ6b2?~H6nBWJ&bikaZ2SAls?>=Q6U71%N=K_YU_8EU@&MFWX!3nR@d0EI0J_;pYD5sG9ct5;F7b~nAbR1 zk_-`IXjS286<`u`Y1vjKL_4NT@Ub6g2WS~bumZ!%WyTu;6v&~Vv^nj-NT}Dl0^B*R z7_E2sSzdOCXfOb#HIN5ngyN|~!K335`h*NRF<4!C?|nfLe4nGrvI=2D&~zMEUH)w1 ze04f%I;ECEZM3>?9LDc~eW}OIS|AcHX%H`<2 zI70iuV;`|peY4`f6m&9KFCW9B!v0v3?IG#VW?Ndrv-0d0CbNNCTQLfN2@L~K;!K;_ zARYum=2YjWwwd4i%#8;P)qj($Df>=cLEeWCiJ?Z}+;FAfZ|hqIms=@DTM~kRN|z){ zijh_)W0}3HUnOe%b<5taw^~J6;>Ecf{NkOgfaesr35|~bTm{&+z8JApwv08ef%GUj zj1nAaG+$ybe_9FrQi;KBFvQwP%*oT9;_4HD5S;!7U$IO%Vq;_LWx8cYNFbL)a5;9# z4H*g>*G^@!hF5b*f=}^zJUUT8b5eVvuBgl<{%BpX7i?xdPczdJxqA~*0?Ja?p;?QF zsy(u>j6wgApN@tELxnK-UhJBa@n%|1SFYbL#O2I<-6V)N**=4%Mi%c3{TKNg9cLsZ zA?RUsBcIH<*Gb4p&6&y6*3C4A%^DDguBT4#s^qIxrxeqOI4ugLCi$u`(RjeA%b1(^ zo3XV#UfYr3Cd%U2lmF8o31vWpt=?(BaZv3JO;j~7iEPb3?TBWwR)$$eV)ifUn&hV4 zG#E3dRoXWpnOxK#_nSK@xD!%Ch?8P>TIPqsx7?x#x%fmqp1}jXD)u&Nna(B&v${2_ z@!9v`f2TC&pTGmBOOjM*@Vgd3qM*>Q<~>m!Aj#!jyKK6lHN(Py60QX>C*hyW$UN@v zOq?>xj-b*KhrKYq0k1{McEnNa{k=hk>MMMseq4p*hXoqj3emObSrJI*NVHa`5yHQ% za?MxHke(I?!2&C5o9T!BvdaK&Khs#Saq(QLo$whO#j$SEAF zSW?}mZ}a*;pei|mhp4=PNBE0UdwUXi;r)!1|Ln!5!cb8S9d-LS74KSWIOR%U`Mh?_ z1_#e|TpZZ@JBXtu7^VyOy4XQq%4AztIy9$QRq~qoGgE3gZ_??TAE8+dcS*+?uyfe`r^O*{6 z{xr_eiWPRT*_=E$H-z2- zN{~sh^wSs`03&8k-v;pV-iGI>7?!(!+y0`g=;RDRH)$Z3!SKtUjTH>TLSq|)1Vm-< zy2bfIP_-4$KcNN#fr8QO7DGp}dV*39i)0cd|Kk2wx@_*HJ)Uew%cMvvy<+q57-vc8 z+qZuo*K_yfB=;iUW3+JIp z@C@oCH2|ZG0~$F-xUG)cw})I}5SXw`Q1<;vJT<`ljcPtd1rOA?$p(2>Z1Y{V->5n< zp{nGLDoku1Ba@J$5rj%UhPZ=OVs}sCmC`c7|EuKgSSqWfZhS49hD*s42U_%ZBYd(? z;|V5po!k>TeOZtSXz-T@^y#mj8d|%+_{-FegfLj^vTZv|U%8JMo-cc6x>m@z?UShd zw`dw8t&bD8GvWlKX(R|QH6YSM3gJ)ks&||2dt;pz8IrsL@I~&4{vVq#JjWN=X9aVnkC6 zZKkQAB2xu)eu)}P3n?A4pn-#4cMy>&gM^X)j{C}$aMqyFi#ekG&OLW9{o{-1 zROFjySPP~btw4b~Eq(DBfeana$AD?pOY42x#0laIrZRgN*tAk=q0I9Nx|Qf_rC>zN zlZQ?TKG@UYDl8~KXvJNIDMiaR2NMbg1>2gB8>C0PMv@hxOrzh+@Pd&n1jyw&iYWm7 z-R}fbDg~%}`B0?0%|YM9-l+<03+!J3n(O)i`EK?5m7*U9;YhFqD_^KPvLY1cWy~*! zQuI{6(7_`^?+881`YY2L zjtH1F?7zQD2KhVOOtK?RlDBEp+}iovYHu_dh%v--_1C#|LzzNexTd-?Ye2}f7+21C zvG?4UrlnD^mINa@XL|1r0yxoMSAZ^jzcc2-sFuk-hLkh)qq2DmA~}`Ik%ooKpJA<; zpc%Dw~*-Z?;E7LL;*e@6%$;7o$eEZ<4>rQ76 z)Vj9W>!FX9ww&g%qrRDn8CHLK>~I`7U}Z!o?(0wl5mcV7IXGpPmX@aU=xmX82JtKp z$o~_W-${^-;Ozr7;pOgWD}Ws}ScdzsO9o2Z<+MZQ`sH>U;2qS1Xgvx`1?CBeFB%P( zb>OK0rA^b}Ggqs6H6T=KLR4$e+T=zMY(aXt|YPxFk<=ty7#mY8ZU>d;kC9)#3 z`+g7&#aSU#S^U{S9_OPhDwLc8U2Nz8KqSg-q#lr3xA1h(vb?K74R5}?x4`7C;Gk<`nN-h$onCvE<-$>(1pEdLE8RhS-yX) z^p9K%)5Ifqoy+#2#+dE!kjeBpI8ogvc}08LwYiyq{8t`-!_4r&fpBJAc7^GMS2IVt z8SEu1c(06E_Y5GDpEGofghq!f`+XGo;Ys(dec2nen^IpSKl{@rj%xF$1E&;mhJ{Z$ zMDs(n*{u)i$%vvroC#c9G!G^i8CD&r+khxI;du$d_uRxzO`P`J3JBqzYuQRmDh4DP z??@@L+((v99rRnkkeDo#@F9MJL*wOYmRI?T0=XyvCrB^IaSxp$M6aua@k8T~i>03@ z1WlJG9OE<7H0Q!9N9B`%w550@$H3%y_){Rbt;XZ+QzU={=3zbiC?eRb&0$;VP<_v$ zE0T81?IcnYVCq=Z*=8&*Z^RhRR6x#_PkgRNe0uC}T4jo);VT!hik?A=BA z>;EbHC5lp>4k4x^)?Hyw3?HzwB zdVl!ouU0sSsz&MV(e@@(q!{{1bAssFVG|ME7=$&EN<{h-=APf~C7CI-l$2DV?Jix3 zRFQ*DJ!0%PYD1Xy7`89jC>2;lgeU(&?2vaeolF7o-2eO61AI0mLRx10@;zW3X_@&= zI9(+CtmRY)^1+C(9T}@|2Nl2;yZgca6^1?@>a*GQU>tITFwL9`vMk($iI!8Z3sEz& zHyF+gtJ(P*ok>We22HE1uU6G78EH?)ZP4>pv&|J+T8W0S{KPyqnfpjs%R<4ocL}^? zZ!i2P?iT%9S1XGJ!{5Kn?bl|tRyRU_+g_Vx9Ksm_v!VqxEq$*KQdVfzW=m*1U)TE} zBn{20lFn>b*hq=YSz6KRpix{zVq)>Pn zx+yNbB;TL1g+Q{mt~}t+I~yhJ7etjRqK4wZA`Z8$SZ#u{<}9PoCZ!H)*g%l6FBr8M zK%+(~8B;qJGjet zic2U6SLbT6CrVJMu(lbnofOpHoS_vFMW@YN5OII)2AGBNc5}*7i~ena|8u4O`$9Yl z#C)kCxG&>@;C_+wz=^dOkRLgS-3afD!aHKOBSMquZg7q6DjJ_{XhYvV4~q>0j{elUE2$6286hG4avrX)B+r;DS~_f z+1}FB0_=UY1FTSfUZn@{N-FQZD-P?%Prd%8f>@mg4ybpwtS&4x7q#PVP@Cfa$r{9( z4>a(#hk4mQ5^DqrY-f?iDq{xL#Uhl4OjMT|^#Ail!LcAEH$WHHlxDmm(Ai^Q!Enre zv3HSNMrrZ*oO4<68+UlK-~V4uMELO~&coMX83d7?BywTPOC z>K41u5WZ4-Xbr)?a_G0G5=nnH1OgTNyBa^fBuptDV;#T#)H-G;B2|@q6{xh`TGh}<_tZbnQDnLWK_b&a04{aNUwiMou z2MsKwNL1AHgGSD8gF*f0V|t&1&A{c-(qhU|5sBif|Dcd#P^K8ip1D0GxaG&N zyMTtQ39!EqF=Wz~o0DDuHdAnb4R@Ik0}G+W&-! zu!QlwD}jY4DF`s;wK1+ozLB<8zDC3mmi{@iW6uyPyVt~p6J_eCaUUAOh~Notj}Xb` zhlz!te+y|}@f|*2a5nSV2|M%50s|~^3PtIXq<0TOs%PZlWD=6Y7<`Gf@iFIIJ>!DVC2c^e!_VqIs>VqbY87pzdvd@JU+$>!x3vw9>ErE9+YcVSn zR8S#Gf%Uo_RNX4sMBW$?gq{YN7aJYU%Eex_fp<)_=^26-vGz$I8WW z%I>Qn?A1cwd1;FX+Eko_nu(v<*FE|KWY-`>YieZuw$vELM{q|}+UG>}cc#S~)#8Vd zKIxQ*h}5WoqssxUsf|N~*VFS6>OXT0A%TODvsd2;0q^9lwT-?bV-fzqId7c7(WP=j z#yWRq9=HA91o*$+$HYwy#1^lLd5z?gYLz5_C+mo`dX27bBy=#8?N_Q%)d^?KE!Ce~ zpIY~ChxN<&<%*&74OpvhZ8#-Tbci`Wgp6aF4of ztwNCgKtdvNW(46u5@7kz&q01%sPYWca%KwqR8&FA6|#m)8G)`xrUYaDHu-y;b1!4j zX@mHI=%d1`NO7c^b??#uW{*-@aKGZ2#aZN2&T47%k=Wo*JUlGCm{GAzr}{!@BEaLm zj*uMT4wxi{**QL69EJ*F2}0)n)lnO_}|hP0YF5cQ7k$`jah>7U3vE>x;?Xo=UL^P z_@8HHod;lK|3J{6*$D!bfL&uliK&=?->0%Whm9XPaA)?@z&@-K59@_HlzEtuYLcX`+?<`?uekCSN!z?ObN3esIt7N=^@#xZWhqc6 zCk-Nm9A4;B$RK-I-oJ<5j~?91%FBTfrC@HjW>cKC%4`5><*>+yyWl47wX zXJ1j#t_-x(u5gr+b@*pB%0OYeF0B_ycYlKNC9SuIg4uua zQ2!TS3->%TItZVQ*U1Sti34PS5Eq%C4%hqV^a&bVo(H-8l!`6Rw_65% zB4ON)HCQy8)R(w^6Dg1(b`lVNC``wRe2W`paF$FcxC{ z2V(BQD(+G67fnO6%llTkwaZ(wV~dqmOG>V_I*XMin&O;+h5#kaF_<+17T+O;nl@Cz@dQ-YCiZAtZt39>;CB z1H{tnntmG(#Y zLbR9U!Z*(F^VFeLIW>bX{-Fh_gQp90(cJtu1VP;a{OnJ076HT|Q;81%L&1dn%5Zr1 z=TJJ`Op$EXFBJ_w>mj)4b$lo=4K1-ggPHuNEuI)zGt()DSqdpRLM}af5~yvHz#+k9 zl+exgKmEjr`1~+l3|Tzs{eQ%wy;d0Nn-Os>h8_E03?e%3Z)tb!4ua2@d)f6iTh9YT z0Ja^wuYx_>Qe?Q(#!Tm?-%+;bB+qwvU(@yQJ!xsCieo#BGHzIIVSH=Hx2kHk?UN#w zfM67Z&Oc)My!H1d`u6}kn!aFbYV3d3+(g52kAX7vGk`s!ku0moi%`nQrDAHM6wWd3 z)!T)SfE$HjBuLf9kSlN^pj#6FzwH2`QVoC1=%chLmSNvppS7=q@4YkJB&QaP^}*P~ zyv0cc8U!V#VPqVhl3YfJfvSW*^XCHxhJjjPbSFfB6y}|VH6Ii#nf*f#5$BI$xj$km zOyew#Q;8lb>WkZ!VhB&x*fq|2Yui3UxC!>lpm#rq*WipQ4TfD}Ym6A_-;7yI#95cQBw#{0n<}18y#f?U&=9s`Lc3{EthfX5#C2;X_M#}I*a9%B5R?;^W z7?ke*u74axRuZVj%8_jwj!AQ+j>GqyqghwDUE~~`KJpmuY1Ol@nftF_6z&lck`e@8 zdbQ^0nobit7sXVF9ry|UEx(4?7plJ*cVKRj3;>ss%Gx5mA+4T;i z{)h{oEq@O;C=jpZk>>YBhA|Ng8>ZdHEgCwDt9Vor{Q^eKrAJ}5V00yg2c-l{hrm)f zi@;wSxL4j2bXiNb7p8?eZ&>r>kG2VCkWLmQ^5(^$^kzwndoHkP>>F2rd3f=<&yI4r zQtH}$my%kLl=rt_X)@YwIB`6Tpav)$)Ni6+evVG=?ID3z@Fr+k+h4AhM@+V{a=kzLIs2? zltx8MZvfsC%m>SL06WPApb5V`g(7rpSJzZaAijwyV|dfD6+59M zCpVGgjD#;{J^j_~CBKZ2xptJKI^ul&@f6!rOBKi|8}t4%n>~`B-NG>Q(l4#)SB;?5 zN5M{Mnat*N)=>!L5(0q|RWY)-W9aa{xx*xWV=gpu#3;+S&P?lc9i97~52vca# zFt=5J_Z`{cIRbmW70?&U04{Q!U)}ZfX&^p-`l>uY3}Uw)n5KE=(F;B=hD&RE?eZ3- zcDnPO`VY9u;|)_J+Z5PkGVrS%G zG5o=cl`S|8EK8tKW{Kq5O}5A}iIWqPLi`O_koUJ3gDixAkabKp!+Ss&Q+~t`u1ZKm zqp;r^{?yP?i^Mqot5JUv31{rv&9Sxdb2^*XB5(M-w6b)TPq|nme5Wh}L+DDXaYUs| zjJq){ifiLZj+8Aso6CqLruXrpT2ZrFU?fT8c|cM9D*CvjfG>ZJ2F2_UPaIy(WYFag50C#^ZI>ddyMZ-t$X%IGxQx$;4z($Hxxx zsjZFOd*mQ_+-#=Z?I3o0nS<@`8u_bX4f6BWnM(Ode~-)HmgjdT_k7^%16AH&vC(ol zeV|yWf*FG@C0eHX8%0`M0ETylcd!1u`}qfPVVQ#|hIVYcy492%+~cM2;#BsvGvKN@ zSQt}}4YQ(t1}shW{w!U<8};7JU>w5~c;$z4t3xmPkHy924R==OT`UW}aX5BwVp0$y z(e1BZ0g-Z(@#J5>era?0@VBCoFmY>YYEr-a>3;HZS^fMw{Z&v@w08a&`HrEPD{1;4 zUng-c5b4_SQ`<&WE9Qi0>)=EP9vchA#qaU0qdV8t7e;DOO5qk}`#fR`6;|Z$-cSUH z2qH?Ytc0||=*SitJBU@O)XasdmWumVGhi(YD0Q@GF7=zA$q-b7BrFkbywr)?a#%`? z26VW#{bIn_3vpXSNktRI*nG17dh}>eSNs}%)q)I1Mk$5@!`hSfaMuR_8c*oPT!+a; z0!|!uZdHm#?nFYTnZaM3?A{nWyJ0YmC!M<}d;uX1KU;Zrio?n0@v7M%neprzJV_hI zJPcRk>`p5m-5RkX^3$i|QV@gT6`oIGmlT4(_C&Q|Qt&ma3ZFAxFxrYJ{6as=MobS? zk5%)de{O(`WH3~X5R>ILKsUD6 z)F9yw0(uep3`-0`Y%x6@L$h*QWS@WOs34UrWIb2V$N(ienJg8wQfWKkh7vP+2folc z8u$)Z3UmQr|Byw)X-b7P2B>oTh|bq@w@^PwvpeF5lk&DnLC{`Oyrc+Xt6Z^iB2T`| zl_Y#plqBdj=)Nq2IA7|4rc72|rm*gwy04{B?LOBV6ess!@es$%vs&gN_?@x?Bzsa_ zo`an||7`pOql;!tRGbYbASE&~(rG0Pr^%YkaZ8M}R^fZTM!m*rZ$5rdM4NklW3EDg zk%3G~ERUJ#yhyw&=J`Mp48(I9zB(fg2Z^ZyJP* zf2b=+MDS@m)ZpMu1IV>MMTdz>KS*%aSm5l!2FN;MbFe|!-*?C3{@x+RDOkDjws5Jk zTp{53F!La&8D2D)=BB-Q_C7E~RH_aZ(EpAI)-X9b!}h9t=(<%wTwh3CDvIdAZ(BIO{~5rKfFUm$8L~L0gnR97TM$ zz`>5*(^s}X0(A~{rnqVLol~S&rgWu@&S5x?EhB33WW(pC}0V%z0iU>^*Zblh|KdM-Dc^%NBx@SQ1~+PpeEx2vAs03fie z!SEGj_-3}^`cq(K5nj|k)l)sEqf_*hcC{aG8%Nd(T{}Y1(s^LL{)Ewrr=st4G198%IM+h@wLWBs)^7_?eC3fCXNfd@MT~dwE`~5Ofw<@?}-2BO0CiT+^BNVyv%gO zQ9>jP2@sK~Y)Pe&9(Oiqg2C0M{(@{KccR5xqMB}Q2B){;Ryq6-R2%{yQidmRn0t&k(BV6D{b+u&fh;w3vJmKfXwmv6pas_lqo~M?u)_F(kwYjay_MRv{#gNg zC?V69JbE$%%9L_a;j&rk66td3{P4XGBeVJUbF1~H?j4uLc|QYWZ}~jIv~3OXaSXaj zm5b{^R~OU~0R<$-FSaQ%mmdpjP}TOaC_I!qoAhZX5e&`9awua|De_^-P+ zs1FNHQ-4!^wg1Y(83(=wL_I85i7OC1dD^zDBS-z&>1khFR6*pm^O0f-F~sCN4QKqm zB_Z^>zlocRv;DZ?*tmoV15RGQ-#8i?Dk23$?+{+de?1E^A!8|W;(cC_M(5IsD(@AR zDd@|MthU&rLe1ui07AYdtG^U$3Idx4zN)w1FF%qHzjY2$%gUq=L8%m;e;b3CvvuF! zy42LrR(HjLL(s)~Cev%dq&%#hw__!$X?t_+C?@yyTzvDM@j2ymz3eRSAUfHe-KKBz zxg1DGI$P!*&re$w=!awKPU5RpZ1>e>Z#KkwR=1te zz=@2F)9@DIDEjSvC!`+rBA{}O14cVy4qZQWw@5O(j5okLWqW>R6YemJ&SYKs zKXwhKdm`k(z#rxzz?;~{78q~RxFfTGRh~FROUwnl74HE%O7%X)S-e$zQ5P{vf3z6` zBn#9_qh?g0xyd@AEOc?>S`@)&vry;|hAvuB3{;BY-&Yce@OC7oIZL#zv7~C(gi|%OfOX5S^p-i1&?WIg+ObFwEf9ycxQPeELGZc#$et6l9N*f0lTCoNxCnPmF96UR@b z3sKzJVu*wr$Hs$oP;dmPid+X z23^|u;C^hy@ni!0qS^X#NX6oEP(%C`yCx?w>|+S9i-|;q*@&UM4U`Jtb(fw>2(3TL zQuqfA%)#~izh;>Q=gi?PFf0<}QebCGJPZPSe9@LX(G{eQN94KTz>39M=GhQDP`)V0 z;29Hbh#=R1AKX<+!LW~&Rgkc=lq$57T!JK)67rtV8pfGD_u5KY#7XgrO3-8z1Xvw_ z@c2|8Xj^OXfr|5vnRsSCT&0?YP~&gLPmXAR67GJ2V&%d~qKJ(D*1qkGwQBsD-b(k? zP)c;$YQ54(l(~Ra5v+}%10l(4$*c6=q?c**-&mfh~zFF*l+GAtwjfgJ@Jc?7G^%+7JO(eA=4m;Gkta-AEDYcwzXJo zaYGg0(8fRM2-VGQ$^cbNU^zX%9$#;g^4yVgOs+af;{vJ-Td0b8RMa zI7kk2Jl532UgR_@Po0e3Mp(v?809UmApmx7bZG`9(_pXR(#R2&3IYQ1CUQ(0 zRjx#)_S9&T>jyWF2$txS%?=!VbVEcG3w&TwTE>u>OGSHm`jbvpRIHczr z&M;Z)Y0T(-7sZcH@RuBjN$<9!RAYiqK-fx7u)G{S@EwM<-QSD1iuFjTQnIpP#kQbc zE<4=rJ7Es3Lo16v^(bMAkkY;HqjilMV?vAE@9_hDc9~dziki>b%}Q(9-%5LTZ)@*Y zV4wJ#%C&z#-&fPY#k*8h0mmpd)z15qlhwd)j?nFZIjZg5ZQ6+F7c(mtJB}d%<~ZIT zG|vzPNSssA2ocR?HufLz@Q;zvCVBl39x1!(?Oq-skGJD`A8B_teRtFQvV+5ccP8tP z^PE>mN#YXy`aIU`$5*)l0Or%WaR!lS^=2D<5zL}rOcB!qQP@M(VX;F&m|60z-~E^U z(^vVY&kUjGsrf&9c5K{iJ+*Wh<8M!dfh(|juHd?I5%^r;H`#f2n37#iuPSNs?tIEW zi`*9*8k(4+F3vB+Lkx_#e_p!p2A=volMmwMd}JK+0+`R%epEK7`}i=%TTXKZJmP<@ zZb`Jx>Dqm|nNub3bE@m9DFa*`D$0v3j2l{+1EqoasiW~u^Pak{gBS}Q6xS#z#F;5% z=Ei=whBoQb+>+QQ5Pak2LgHEqk)C*>;u*XDDm~h)HAJGiI2qd+d)j%%jY=!0v%4T5 z{CGcG7F{cAtsveHUB!f0hvgJen{&1e#i6oo(r(m!f?T%VtTUNEniR4xfzy0RWc0um zIQipwcs?$Uz9cgc1q=6a?*FR!%l<)OWL)n}(?+WS$m4eGT= zo&f4}`*w-LdZWhRe5rUo|1$P-WR^6$<&af-*hSCB`n9A`7ZJI-tt|?V`~H0UJy_;Y z>^QsI;*LU2e2lzp=G!{_cdOI0YKVmV10A(fQF2q&17vJdmet+CVU*4i_ZyvWnrFA8 z@>^pc6A#NeA`PqH#nF%s*aF8Hj_d0@%MDF-?0gMoh_9Q4n0kE=*$NU9NE_`>$L|Ck zr;!}iYYnl~wNmy~l7b*8F}`4AM1GR`rJ{K`#&-qHZNaPX`}+gma-+VO?-Zuk4ED-{ zSaHR68wz!O8_dCcaH6gD)12Iaf)u<)rd70llsISSD^nv$6Meo-b#d)d7;G3W^>VG2 z%YjdofhElI^BX-T+5}i{3UX5He5NKK!vi;NyKJW6#11T6`Y^5*fWU>(gCt{z-)ecJ z@^~LZ-oD3TC+NMI{#+VPZ97ivf40LL^0T2xdjx)+2YL z{Jp#q5JzQQ10Gx%!TMoqVc=qhdOUw~PkAD0Ji#!;N_UVxnn<}d?+QkA0~8sD)v3&8 zhNG)_v&wI74+}kr`Vz7S!Xmf3vyLK8kux2G=vB#dTigVTuHp_MAm`0?ykP(CXre%5 zkYU!R+&2Lt)gXt_rdK2b!07d|A^`)W=HN1Oi_z=_fDbe7kiyO4OhyuiS+^MODPRb{ z{F*0efX;+mB|oKiOl^04tKq$Q=(nmmqmvEEm&pNVdZ4)9hsona)+YwDGbq#j>H+c! z%?2~v*r^k8r%}?vJsU?EG2?9w;}cOkaIU@%9?MwheWSY~wzu8VaS})vYkFjFfPN*j za2+HaLtcids^oMvVW8esV1N)2322}rUjP2ID9q|w9rwy>dGH`G8l%tQ>v1Agw(*8hs%j}Lq`;7N+lX*H?o zr0?LNV-AzhyU3AV#E0@M1dWbBkUv-`T)D3$su1Scj}SM-FDpB{JQHf&Pn)QgC478% zxYG*Cz+4ZZ6*SDE{T~knhL$8kQD=#zis$1XDb8-nG`J2B@JbOn8j8flYFk+5L#^Ym zfUqe`u^x)QXz%{8wz0=rsR&f=Z2B3W!|EsejOd6m{bD7@dU?po&U0nc(qTv8JE>>4Bk|e$anYHDVbip z{T&=$?wj+6{iksVteqBcva*(!GwaV~-~T|}P4?(V<-#V-EZ)4j-5*EW>uNiUimj}+ z+MsGG+g{Z&)xjt!=9-B%gzfTOY4?{+A#6P@4BWs~QBhe#lwBN6;=aC~xqTrV_r~Vy zG$?Khx{j|`u};Huk)iJQiv-}s5pd~4uR7$}Z#6bG!NJ2B63bCOe=uL+M~1Z76`6s= z1}XBL+5;2&WI#bVZ7wJPtN~F3;GFBoM@!Y)z7n$XPs|yHJqny|IOS;Ei+Joa`Tne8 zDj^Ng>U@02CUtIATtTQ5Q5Xi7`M}!e<}99MZ|-f#t5`WKi4k%mCN@k>l6<-Ot}jN6 z7wx2u_}+hOhfg~hy++YjUdr_ZMrWMfn&>0YwX~LNylT3$J?HREqtY0bsv4>Zi%FA( z5wzMzeEk zT@JK&s^@Ob?Mk1fJ1WJWfXFC+__$?r_xOcF!&+(7u?YDR{X+7o7|xGn3-=_7@8kz);eeHu34GV zPr6)EySYz4NBy=hCa}z8_^pd`Giv=BQ}GZ#O`N&Aca$`h>in)9A`&zYN~_V1@s7?P zLGT?gZWMErW0-w-_ln|?fWn=(mZd1eUNF^p+|j%-*)*&#fHtFp_sM19R8O@*175${Dii~`b!MMgyis!0ds-_miKBcWP_y#VG7U{r=i$i8+Y6JJPe z^Ma8JEYfax&D@o}=qE>8r-hMo^51uC(eYqiyXC1$dbp2jOMQRJ%vPJyvWsvoAXGCX zG{SwY&K<4lLhb$yr|f^@(h9ssGADxaYFUezA8a|$H*2Gh@0v zXOIX4#tlQT^=?a;qW%$gzZBVSRZW1o?4ZUC50f~uTfcAkestd-sxhk?2jSkdqGC2; z4kz~m9v$-|71$#9-pz3*YVu%#PlIfO~jDka|(J{`qHr-nk)4%``}wC^g}-w{Nt z_aJyZ)s@T0-MEgt=U9^x9e`NognAWe_L9t3hYI6498DQ(e=VAVWlLw0XFnc%*Y!mkGu1 zt^MFz6bn2v8deY0G7K(2>>a-?9QKLt5u^|Ns_wOC^lGJw^w%~97{(;K$q;)Rxx zj37FH&N%Bi7_iE#KOG@1ht=g!9F-;_&5vEdg0dsWcIU~{5k$F>5j69EvGp6LJ1H?ck73Cb43;oEVFeldD@Y&LZjB^ zO<)Ym3DQkV7klY32U575V@PHQA|d&J>PlJq&FMB)jVv};y@6JfUFh$$YHM`_?X_DN6;>c{ydfDhps(TJN^sDI z$7J>K;!UK)r8hU)+VJLKPbP1U^AAgeGkiTjBRmkxy2-)LUM+k+kPwQ&?Q9_QlGjdV z^4@41{l{A!mHcrOWWR01ZnnC|vtW=n06EBNdw)s_hN}o?@&!uXGlM$lk`AzaP z%VtlIjW`jY9)uP$l8k5U!J}9knlY?Tx|#MF#3nZdI(-rqw9ju84cbZ6A>h`|uOd0N zD915#Foa#;k|rYx)kkaviysE3B1}hRq)!M2h$n`Xv$2ViW;k3C3UJ(Lf5aQEp<63+ z4X^aH{4l+zS&wv!eWw$|73b;E{jN6(=)BV~r9sUXyOH8*72Y-wP3C>d#vZbQ?ph>A z?~wHtmfuJRJ2XP%(}aeRx(>&)tob+ZUWt884s4^QD?Bg_x1r&i)w*#B{kSqQkvLhU zU~vl-r6tH>F@Y)}9?YEjL#|cdc)ED(m7eV@e@Rh7@zQ?zR7YQeyn+7pQqoTwjr?!- zAFW|O(xO^9fiz%c@N>sv?c|BGbFd#zM6vD+P8!dRZ2Av?NAVcjOgs#(sAnnu^&Mg# z!6>_$$n*zX6Yq!P#@ejD4{|)M^2IPRbjV1;!{O7l>c2KXyqdffxI^p7s2k@G$PlKi za7dB%lAOBVnpJT6^78KTKC%KST+yHB`9gq1e>NYS_#)7GB+mHd)+b8>&WeFLkMV52 zB}&_scX2{ojV(xXnoc2)Wz=`Q@K{wTW9da&fDZHL0C?}O+38tddJv(1BTPBXY-9F% zAWNr)%?Xi~1J;fj4=k8EaJ-~w=10TPsN;z+?;qWx{RyNmIYRWxY)5<0v9BnPRZ--r{bdq59;hi|aU=mop11EJ5h-@bp4! zwkTxfA1%->>_bEioh*p>(8j-P}*e3>D25n~zP)9>YP!N7tFT3c3 zMxBTlTd8NACQE>O6~j;b!ldU)p0^<$IOI>oW%=qG7cw-l_czD(Y}XZcFpZQ<>Syi= zoP7LAGUn~g`$*efb7i(-6NocRK`x%D&D&noAP+eOR*giV1F*;EFEO|Ng2qTolU51F zhyo%qYwuH1v+8SkZ?Tup#2DYN&rKTZ-wkVUi`aWD+X-(S9#>rKjU-v!w?n&KdhMU& zNPv9K>KHq}hlW%oR=&K(;&V2R}^@#}yxwgx7iL!`HJa0maZc|wIsZe=g zkSjyn`0RB$n5jjdagv3P>)i4*$9~Bh`tmyDoZsniVr^UZmF2rggcYB~6i0ID*;^U? zR$Bvy&r8ldh`V)Pm2Ixducq5BDLndU^?W{ec3q6s?^U{gPo@vF&{2u%m}9ZD))K!| zdq7H9NUI6S&~S0ln7uaV8K<2U9h#cWA0_k$kV7*(9hBOkM1o5d??T2)fW_5CK@Q=< zEGXb*9^*|ICrraT0p+vv8d56k2eJgf97i6o5Fjod{TOUwfawUyEa}~yO0mmwN^m`A zLi!@~tQaW<$?)=G2lqsjWzqnjiNC#^XAVyo7gK_K_Rh#Tlou~WhUp&-B`)kQrt){Hx${`jLdRw4qj!+)q-s!Dv#lb3F>SS zyd%fpCe&8rFo`a%Nv16Y0d08#DTUs1KSM8b^VD}(H-nUvu-&4PyczwVYV2Mw{Gq22 zT$$m_??qxrxs;2?a~zVzWF*BA;2g$CK_5Q_MRe}KaWjdIXSBzU4H=sY>lApJd@Erq z`=B3sA0*!e?aQNJ1{s&l16hO>6*qX88JQV4fbQ|7O>P2+5eP$T6lW0jGzZ6efjTRwt!o2V`@ z22E|JVGk9SB+7P@bStg#Nlfe|vs=H|VHS!-MwH7b`N0~(a4EriUND&2Sbb>oXf^-n z*;g*6iE-}1ru0>`$`jS+1(p2HI&0?CvJ-p?-(Mc!wJ7LlXYYaeoR{CfT$|LZp zpzwUEcej;g8uC1jMKY{)*sF1eR2I{@b*<^jrF@UHhc1mWt7pB^x$Kpzs|a*aJT37o zn^mH&=+@VP%6ePtGT66LBlgs={U)lQ)el{3Ye1^)Frn+2toc3x?#8?C-)yK-mDGd# zipM!9o%e#?Ea^ME`F!&fhko!=n7TvUPmJ$B5o8^jCS_dcdfI;V%MX-nx#SWtEE05k zub3|6Y?gyvl=XcB9j{l~Vw@I5ZS?JQ;njNK)=smY!&NWT*zs{z-SRD~fO#P?%U_AT zZQ==PS;u%06$s55s%E6p4%a|B2keujP@J8X>h*w+^c9bg6B|t zN^bjf1m>U!JBz3luIb16HZLsa+tCb;FQ}iU6Wr@QA$75b7sOe6*Kp?!d|ztL(mp&` zaz;gy#q$bsEzr4CwqqD-om)CI9AbY{*q~TIpCMv@GivW6cJF?7!cZdSqkC=*2LSBd z)m9>~1=AA5-jR<5s`QLPgYd(616`lqMj4vpx@>CWhKHbyeOC0B;oU-XU(Hj1fU5!(?On(9p02<+38%w%>oldK)g#ztrM=bC zw?FrXXI*^KAn^X)k2F#CBz%u16K!FpviWd6<8btw+t8^daj-RhB2V_rauuFR>2}OM$g0$C!?na?6-T1oK{f8K@NUw>d$zRG+t5Jde3xth zWg*EZC(oa3YE_A^yF1<%u%9lDl9iM{dr$Tcm;wa5PVjWalD(iHB?i1q0sKH$j;g=Ohr&8PmS?YJ47lzJg(FIc_ zC@>_r*c}=cqZ0Y^4+(#M%D?M5Nb=F8y&b1jY(fRskOeBI6va_5fM*&+iM^H^7x%(n zHrX0_ljWTtILN^Wm7mkm+i+xv9!3P=gmd@e#}S%i@puSIj&;wGQ;du-6^%#pZcUmJ zoQC;@oA^nP%r!>KlDNPycLZDVsyv(cz0Sya0ow zieVXZ2jh*n0srj184u?41lKjoq6l&9vqL0Z_u002+_45CD7=QGJ)lE^bI6V#9A~SR zf36~7H^Mf53f+=I=tSgLhPwEUCp8Mhn1b_usV(zS1^sAg8c|jjuVkrr{GszSSN&&w z$tKrIBmlyT*5%m>wjGh~i5+|Sy%oOZZ0K-I^p#_t2$Gm8LX6gn7m~@^SIRbdu*%*Z z#;{-AJUypYojwQ`Lmu-bTw}ZkJU}+b=dMB*_VTiaJJd~@$~dpz9W72yA?3T+1(l2! z5uL0_N4yW$lwF*h_`JDPg0QQslk!VlYr)XuxZMPryK1#WTn*EsB|O8u-RHU1S_=B+ z`<1f^$z-#W9`T%ZiM7Jg`is2f@_S^Y!5pa}CNun)jNz;I;&z&NijE}xfpm6PVG3Qm z<;=oq=)G)TLVI=T7Tpk{a~&7PSn<+`xN8}?6eB}QOA`Glp34g)5Wa7TuE{E;b+kw~ zokI7HVgr?N*sY9xrcV~;>y|bPBoqh}f$_uL!X~JR_29Qv?qb8e+@#WXKtVEPjZzzG znP^_Nv7!u@ri7fFeq0M^#i5&yezJ`Xi>olZj(N+fV2{LzGQPvrTGv!;cH1ANDBxm2 zA_Ck*qlc@ZaTwk9!sD5r5V)TwN~TfbNmpa29uE(1<|4y|(1fy98yQ$se^gSkkC}v+ z`2GEWfZ@J|3MKKbGov>Obd0eCsxdV8cn|p5^@a4^>DorX9E@7Iy-i*_b%y2#1U{Z` zM#syK?9Gi0F>!bt%#3$9)LP{$8eaAE%fXSQg}uax<<1L9RO{dwv&{A_xR)0{s34nR zDaFMRj!YV1Cv6>yrA2QQ4~E4f?kRWZzM%5iw051`UAa4JERcTXO0-rxIfuFM1drm~ zpo<0C3L-ZChFb&^_Z}7Mz7W*{Q2p{^iXsIRSJtq%BQ&-j+2ndt%c?MnZR>iMoy>VX zA<{jMZ&FXnb?ovuJ8d;+gkS>Bcx1lu<)Y?2*m)p&-`!s?c8F^c5O3K*1~a1v4PQcHZg(q7y7rVfa2EbqH*kgIVJxY*UmCG#HB(x%0+I^VIx_ZUAgD&j z2Htn+(UG!q_UD=`Xjaam$S2B0yecc`m5y};mhXaRPx-%a2*)i^IJ*wE5~znZ^itKW zT^Q^gX`e(IKADyr9;O6@eaVb9K7@B)PKX#mUXQniYFHLQsjImtn%nek9ZMLtDVfBC zFNkc{k_{HoJB9~m>Rhn5vpDY=p-d<26|1oZ3raTrk(^at%Gkz2tj*AOEciDVS5}Wl zxYq}mXd|vqOz=fc z&u|!BX3B3@$;DHCDmc;=ti<#P{mKgjk^e}JQ2J%s{5GsO`MA-+v8)u5=!1L5&OTk| z#){(|T#>nnr(0|kslxw-8<(aQ)NNQASr!`bXwDJ+^Gy+uu*Bob6Z5}e!}1!99kVR> zd>9 zBGdGujBG7IDEPg1Piw|iZs*|&G3xZ(u5=cb5ThcaSdiUwePboyMzA5IXhW)@wWQa- z;xiqnh-c`1OL(=%(KIvLZqKnq`d0Rhks{op`@MbCrN!xab002?s%bC9jFm*8qEXfz>Stf+Q|kNdgUS|9HtfjZ3WMb?4L_x1Csq7gd+yjhjyq`_R1 zRXa?1Ihaf5#RI_-hCw)*W!|i}7)#<+FO|YZ@8?Ii9&&>^A zSA(X9JAkPfHEUZ)FdYYWxUTP7>wbNKeI+G!O2XsAj_8Fg$mKkytoSvv$X!?=`c7yg z%yZMn9|nWT*8r~KE8y@?Lb+k#lcCWlscQ^X4943HElwXNhi0|nGGta1tQEmXr6UbZ z6g-6$ajDo?S~Jh@{LeC@b5)khL+QwKuLAkGdzXztC9)Ybrh{%o#<^-kZ|`N6Hh8<2 zMvXK7)*N7o7#xY^bFrnPD&pFX#RY3;R&##uXOXcIM=^{AEq$p=t|q$AFR%D;Q_qBd zf~!Uv#XU^J6hb=3{N6;WIe!CR!@;gOgyB4yJ5^K#S1K4GBuq$>)t3u(b;wh(Nv{vvlV% zM0=*dRUX)3a+*S_iBpFulj_Xj2D8a$9&p3V8<;acL24g^Z#qn1_tph{%SsLj)vP-N z$9Ms~FsrR(^BLW_4Ifx(tgrnae#m#Or>KcPvb@@vB!`9$fJG%XqonLW?0U(B5n?mH z&RM~-p|0@{u24M%N7pX-ZVFC|1U`}DaW=aCk^hIZ*LB{D99wW_NBbQkEj`kURu$SP zP_06{`=0Fs5&dClVgk)O`G?WX#r=oQ|3ylu6!@~f&O`o=^$1df>1R9-;UiB6Bs7T zK%4X^fN#A%C{`gT>I$wj+r2*Qp~*qlVWXIv+L|k z%7Bg*2j|n6tubApEg@L6#Af$9{B(z>M&ImP7l%*8d))ouP@FZ=hX*Q!Mk$Tm0BwuK zaRW=E9VU+YDM9v^!Bq6eajtaeY3-E_!OfNd0k;?Fe0<0b(E-a8kKyUiAG@T-+z6W(9EmC}Aw z2J(FOh8u%){UehSgok~J{y_`=@$6%GQK;6OckS)Oad1HvPEPBphQPCG8}$E5-UB-P zkIxAMrBx$ZLRBIUk0X|^;=e5X3qAhjlLEpu4I>Rnwn#$$9Y{SSsQ;-ZN}rrmdiJZh z=wD(4cR{!W1Q}^*Qj0wr9P+Y}C7kaWfbR^tV4SL0d&SBwcSX(_xg<~%|Cs9MM?W#D z*AO;-AAjQBSqYNM-HD0M`6;Hs03BZ;v7T9mGNX65uSy@CwI2!*&JTOMCD4eXE-1+&r@klbgc3D|j za7c*Tm_Av9WiSk+ngy4v&$D}Wt~Ra z!0oH3UeF=}M#hA5$a(`@D^Xe5pE`W7a#EpOEk*FZ^Z&Er$vJ}hzV{W4J}3%(>40}c z=X;b){oj-PD;kOjF!%%nZ>`Iys7lJDyYOxQvkL#`QLcIz%rJR+Uzy+W#jn~LK`06# z!MIXLx)Ax_sOfw|kt^w9b*cTk6yc9KsNtc)MJXnc@c)Mg|Bxq7{}>RZ539iWg#SZQ zte_M~5keDYHUamLfBtiN2P^oGCO86oeC%wh%zRmGw;LTAYHFOE8mgurl&7azZ+i;7 zvc2H9{xUEiII&{6Wo1rsD$qGvi*@a05u((heEQejr=5c8?-TA{d|FtzOJDv}QK6;v z12xL$c#Py6CDO$9{OzB6@)tFoLl_p;wqAQ`g2{*Oe z_((43L3KMnSO_tt;5$^ZAC_Mw%Qm#ac(P}1J~Z6P{`$(dML6HZ>$X<2D$>8dR*jBV3h z=gjl6vhy)d^lYRhw@pP9BGfrj*ka69Yd(92^1eWct5^<|4t%$|;w>@{8GyT_bUKvwU5!=za z%S@`QmcJ88;ZWXq-*H#9c&Q_Zm1d`2DygcZ79^~?+FY4yRJP^HmCl*-^{X^yJ~Gis zglH4mr`d{%QbkBQP8s~KrTk5=<`7I7LVA2s$fM~|Y@yMigqn=MJO#YqaQJI7B`x-p ze(Aqy<05dbcCzfE^B5}|JTm{*9dgT08K?}R+WEUymG);C8;@Emj7)d zXyOAj$@F~E`P=#kY5_);=Iz#$=HFzS4u0GGS0>hy0e*=3Xi?4IXfm(_Xrf2f zaQ-V3O~nA!Rh}+m{5P69rvMG}0>5&L=D%3*?+*HZ3;Q7O|NptLxy9w>pMFad=%-;O z;&qEn8qMI;(9lR>PfSuxskMWP`eoA;$gY2Fv`vXeK|8@C=tcR*Zv}_ffk##Absj`0 z_Xci9O4Y}${(%7!pNlo)f#@vH{bqW4`W?{^wq0JE zN$o)+bUpUeWx^L2N5_qqUpIUn$bdLN0r~~Q;X>?RF8QelKeB}8%m*(2+S=M;x1NDK z4m(^meC{bBE^cOKR$Wn67S09@4eeD?UOrNr9QBRtc4vorpfg_L=<)Yz4)~=<4&?b^MsE~z#YN*pCf_HQh=RST+Y=~tGnhlz_EsS}YhdFEn zZoInkaMEjeMPF21NN?`xVTPwa?Wy~F8BfrET8Fq_)I~wnldLizWbKZ8~ZF7GZB0xC3@nR6W zH7A;o`}mE5Hv$QDWbdPJ3v26^{r7vJZ(KH$H1f^G5F^SE#p4NB4}c~l27nuwu^lV2MMJ4EobR%lx2JZwQ?X=-{p zK-wQBV9;M$*s#2?gR(Dy*s-LlD&~|6q3@K?|Fi#svbMI2I>gS##)N#xVPp*>2#$#A zyGzfj8*fmFro$)jqNZqN&_+PA%f+GLupD95T&N71DR{?(NZUT59_a5M zq`E*e^~$YAcoL;M_w+5Dd46E<@4{|_$ADqLel#lbOBcyP!SU?S#R%MStq;zd=d^iW zzj6UJEIAGkQS*0P^f9I~p5@%1`1Xsy=D{RwBx~CVWeM>~5%^^v|ETiKItA|H5s06F z6}ad+J9~xFn-eO@x5J-vy|g`3p?zM=*%mhbfw3d=`|ADOxmL&7f^}SYeEHz^;_4j- z%?NNcZ0{@d+`ioFjTfQOCr2^9ncrJn4_2xTd!FFvyq?GGJqB`)2{&J0*qj&|7(O16 zlU%}eV>GNWzcU^{S-B9m+wcOK6eTQf3*28uM@PH1?dg7Gu35r*SQLmu{7*j|JvZbb zv~y5~neYaMX*yhj$xVo`2~9wesW`z3pmu=^Y}@7cSXzO-TzA#6lzbAA&;{qnyN+u@ zGlufmS13w;4miT*VCELd01Xs$bk>E7Uh*({x?O}rtRncd;GVc5$^II5dI+soA}ERJ zDL2qKi5@fR4dDl>6{)bG4J}n&uGpSu_ykNzk|Ki&bAq~x1#^8SY-|O<(cOB7-!*V_ zuK_uN%5@KY@CYKrAAN_`2lECfih#62cLSaVO8b+Hww84?yKl<$$W$+HX0ay!Bi;AUzEB@=8Y;IV%DL=X-uIyCQ z$Jt82QYmHuhY6N!2SaWyAsF$Fqzu9vuhDxo(4FCU&;UTHfqa5gGLDNzq8Zx=HCSvd zY-G|-F%e`p7r!Z`YNI=t=58`4-Y^&Qc%xGTTQ&;NS{w|*(5XQWtVZXO7mVBCg1>*T zTc1@yoeCkYfos9eW8B-M!?|BXX+aXHBS9$s#$&)~hyvkW231ILd|sdEYEG}o6sxz* zYP+`^ao)GW^ZbhH6d=X<+$c!52`&y?<1?Y-bDWUl@DWQxM@StoGcl=2uNEvzz#7b5 z$lH|hqh?^~X;}Wl#|UjFW6$3}#l;U2nv<#0uM`H4in4e2gxbvOsp={McQJm@k3T69 zxV8M&Ws7ix_#-_05oD{MkWD@QYs+txKtB7YK4N8qeb@`w@{iU6Ncp)i@<8AglS^2v zBzu=eps0#>(jzq>_&sJH`I19wTTps{hP;=GCZ>*}iK25g%s_sxt0f2GP&m*VsLt^$ z4~|7hshbGCiY%He@nt1*kPVnK-v|RAUV+Snu039xH8FdiX^jTBp#{8fbPHSVBrG@DU_i6eiFNaTu|Z zPj*3g$q=zQ0ezJunJz9A`sk4nqY*+r>aODx;eoYSTu-z88PTe^_>X{;yl(#@AuGN3*}JJ5uGm>NgTQNbfhk?q)z*NYThi=rPV9EuT0FbQZ& z_dxU&t>9NZuh~gCzY_Cf_!LjuQPB(Il2% zE!vvM_maVoMhgp*nStQ*$wYL(CgkWU*mpv1=s@2@#2P|h649c)%9dzeZWwl&g#feO z_&If;2Qbbo4GarS5L6I3Rs)zo3DGOD^f?(Of<}DDAC^h!XWW4x&ie3PxfW0teWXFv zpK$`<{H=Q8F9xfh*pn7wv!T^)vA+LKI{MkDM~V8`E?L5<0`CzFJSg~ZGi*pPT2U?E zSl$Wq3AmkfHJ2KEddR`%B$y}!>Gp+{8T7IPWcg48Q%K7VHE%bUGw+K5l~VX1$7C4# zB0@PLY&>+Ol!=(6eY9|mFlIzo1~uD}k~BuHi&d9-Z&GS_BT(3+&d-iVnckq+QxbUyHMeg{vb#lKm9_w9 zhH*vK1Z#T47K}d)U}M3yi9v8!AG*6>V@ev^e^exj1?lkkDp_Vc*F)Nw5HaB!BWLJnu^8geL0=(8d4H(~qk zoY2!*eP2Fw1tj#q26R_&R;+n^HWqJ~TNU1}{z>}mA(jB?6eJnoy2k{f-XT;p1?;d< z5aE<5#btF{>HFA=^$12vk(C(nu~NV;8A>g`(N$lTdW7H=l#k~%`htshl*YPB|H1qL zHNu!--=03$$4q>vLA((Za#c`O<3JoN7WpiSNu0@)`pin}Vw`-w02*sU?bPFG>87AXI9vjykTN@<=)uxtJ@ zE)UVu&!sn*1TqEmJj$#Omgc_zq)h>>|bf>c9b zii?X;hylD=X{9&>GN{p0LGiG#!A))6>oEk|i?>NeBpJrZ_n{6WWW4f==tSl3KEahk!PY zp-HI(XR(p8`N-w5tT{h^{ID4s^`j?zP7sxfI$)%2ZB476DTJo?&>Y|f4}&Y?>a`#T&<~$hsF%g@$gzt2oRUpHE&|86MKGRPQ;(eEz1O4DWHd&*9YyD zsrmV^$4c5l=)w~~>(a|VQdX09=z`Zjg;#);Oumah$H&>(kig@O1ch~-fOM5mZ));@ zfPg~Ly)MV#@-6;wn;0`}7n01dd=0da>h4(}&QBy~(dzK=##EP#kqVV|<93A0maqYi z*(A_&ksu=>#n!%gW64pK(@TtkM?xZjSWs*t+29rRR1pz@;xPhdE!tBjO#Lr48#yx{ z))`J~OR_x>#OM~%7@m-W!&ot2f-y`A%GsoherHbpTW=&HJXXyHBGi*m%Afx$aoV;0 zn9=!=&ncIm0fC>e*l#_Nk2VdHXB(<)rG;G24e$pqIRkDdQ1p2+4)h2+geRlmh(%qz z-?G0eZfm<0xGlL4q(WI7x=+Ztfp~ywQHTL(WFjPg6%;;oe<^Uk9Y&RX5#oCR+v=lt zR-2NCu}RNt*X#5Sj7cWFF?TX9Kw|#W1wb)GG$&D|N+fcrTm@=&G%oq368uh2dc%s&fN+NNweDdHX-B zma7U!8vU8SXNk5DnbM0{jizc5k)W>C(&$O7u*1D!K6d&CpgwWBCh&L$g!kkg-y|K8 zq3ID`C~uslq|~lgU)FYB2yu58l~TdsDVXmHWdU^3&|tS5jwyCkDz)|_z%5WPp>SNA znqUa;Nq8?N8w(4%v&g1lkP}*%VyNbv7}i8^szq`WWgPd(hd~IfyoyOJu$eWf#d?(u z{AqfxR@yuZ>ZWYen}5f2f`V~_cE60%8>-hZb-wpL>ma_vPG~rapP|%bb81Qu2@G7QIS0lBW6H8kegu2uA4J4F~x+W>da1#Y7mO$XuVg{Jn^aDnn* zl=i4?@|?jOHHeO|F*KND=)FruFk~|r9eJ%qu~>)_aYH|5^~cNG7=1543@YR1aJCUV z=!957NUo%b!h`<&{1HR2T&PcwN9c_Zg^;_@xzH|kFH3LY+K7KN#wJ#8oN#nhnIat& zeK5t?r*Q4L4EaumR!?fg#X%B2YV0lq2C;A5X`%Ed9_Vq8#NbJCSjV`aO=+aLcdd+` z>KjjLDdPjr2>U}_qH9!!%*0RRH6MS z+n+_wjSTV-KCcoMZ73At5rP&*6>bt*mx9vxQUM60lW4G%`dm*T6B}tF4rO9Z@4Vs2 znh|1L*hCpM&-aMLS+@-W8X5i_Efe(RxcJ16LENU65@4jkaKS`~yt*U_U*sG*vH_yH z65`fqjWDQ4IIs>P@=Kv;X8k19yhYpkUsB(I1i=e+=BPBN)1wYA-MbL=UcU+;RLS+W zV3<4)@me{_KF=)?tuSBdiAz|y+2X`_vb%bJ?W-XAwd1;_gPax!`Y5|;5kTMq!2Q~@d9=6Xr@ao z2(Ps1LM0Zy);|tm3)}f`}31M_#Zg_-W4CHzO1JVN2uKK%d zpvCVOk-$d8d~v^5Onl$lulLEf01eaS?FP$h9~V>Cxi$LObi3;Qs_F=d=b-h(LEmH4 zTCZn=FrG%8}w!C6)M)G@x7MAaD(u<)$3LQsh7TOdr z*3FZSMi6Ewx@%(+wwbS7bNJE@8laeRV9hHqI-!ZBub}kVNq0P9tywI^Vx9WBk}7y! zzQID|WAsvL@A<`-7-Q#+v_i)RaQiX*uhNo#t#)$KBVi z6}CYVt!$RbUI34OzTX7R2$}jE6lg5JR;;pL5W_DGT)De?+wy&}k!sCP(cz~q{dT#I z(-F!CiEt;|?|tLIx$4C#0k-VhwH(w293NB%#P^5Yh;eCK-T}DqZg24s#su!Z2&~VF zOr8)cyA{PJY7zw1Y2xsPg$PQfABESC4n@u^z<))&u^3RH7I~wq2}rd6fz6) zF=&j1Fd_!Et8mDQV=wMyDE#QkhMb|&x}i*M{7bsU>6XJ$Fg}{)I_*#@#(0yFC|Ls6?zCE)AC^aIsyQQp{_^-O15Ks=Q_M$TMk2E z_Q>Rp>v6rkY_(#>?*a49b>`}O?wYV`=0+9Ax)v2Gk_dw&48Hp5Ud*|CiQ+`}fr}}* z(Bp8rTiWIi**Wn;^?E%g=tfZVeMEO)Ic!I!w~bO5^cB6Xb7JtP8=-_v5s#{7Z0L`R zqF#=9m*423HK;IRTJTE${%ST2*qUN@LF0Wg=9|BwzPBMir4}fX{WsZ2Ee176woA=x zi80@&akfP%SPqU?($K(3M?`e)jd!=&C5(SLHE=#$ht3(#{T1mwI%~(_x}lHON7vMD z@l0|KmdD7<)C-;9rZtcloMEVxLtz*h+6#1!*r(56!B0adYo!rJTZD~j`()rg1;f<1 z9E(mHZsB{@fNZH31cN^^)PU`SZDg%dAcBzY7oud;n=}8Pa&S!g8p;U(uTR{8oWuI- zfOzHdWm#m;^On^p?2}yu->aGdVsa>@NTsMfP&y{Uj-Xgsx05T%L`<* z9=M|?RHVx55rG`11HLx{Bc#TR%1Z0*Y#Dsi{LG8@7bN%OP#D?#r5bKn0O~?iSXx|6 ziCM}z&YO^b|84vZNhUVj>;t`>gfSV7$_p9cx8aw)4l)NGvn|z3Z$2zFH$Rju`KieO z0MjRqHmrYx!9=#lkeD68#2J3{h_H_s+lJt#UXZ{~53{+sCJ1^6wu2bz5i=Fy0YS9b zX4gPS)CC^JWcj@O)z0I<7ozwmqM<^WM)CM{Ba&gYtX0C8w&b)dhEPOmf{%nV*EL)H z23Z+4BJDA=l+ZI!HG{ z8FE~Jr?KqphVG2un>}|u4*qyv~Yg7p5(^R4U4pS&t4PN^Vi~sKXGtXxOYZ(YmZ5z*(FI=`>jkn~ zFKob-DUB7`k`IugbE6u~qH9Yz)sl5;ESzrnommPeV^Xl`%RgqR`K44IT(6%2u3#F# z1DfgJX`6=$AAFFXPgSP^#vMDM*!|x$<)7b?`mq3|MykcgCG!vbdx(Yp6HYV#45umO zPX1aRV=4`V)3OBeb-%pAU#VaqoHhbzdLf&>1=J7zIpjY9`EVkjgVH!M%^s3653cdg z5&Zf9=ki@D+o;UnV*JEsfZNAn%Qc$($85hoMo0l-%50gQ@;63Ns{pHFy5NxhKc#E` z(1iWd1{zJVG5&>Kh+;9o#Nl^qY}$XLiH;JWsjtvd?{7@Zl?9lXWZ7fc@Hd(?WdWKZ zq^4W{Ygrz^j{mo?4?O#S3;Ph}uuv$flrB$Cf8kpWf}ji)mmo@UyQaT+lUCV&)I8nW zmXxGc&+eU+WE=$H_~qdJDVUmZFwsBG6conknyiAtMZetg3EVHnsH%@2xU>DI{;bX* zARgKimhx^@+ecSdEzKs)JBTetO%*fV>5O-Y{I452t@Goli~aqCzqMkiWZ)_5%3}Rz zBW#DyA5Ud9?1i#L(?%q46az#4uPXQ{_o7fIo=>Hu|F*Rx4f+80>BW(p&6B^XnHykV zZkd}P{B6@#um7wYzMyRI|MT@9G^c?Nu=7q>S$^mK9=-wef#wm6(~6zCn%bv@_n4nh z=G8YR3(II|7he#h<&aOz;_1=XzNxgaWsBCO`RCcvd!Ua74}AaY zYjDGDq}|sO_PqegW&eA;|1ewd*-uEeXl4TYZ!B^M2U0FsWQW*)Eqap<1Jv}h`rwAY zEt{W;D3B_}^lSW8@9^jJiqgQsNWWo!_uFy*V~|WTfcGVEt$h!;vRH@mX%vsSd~}4c~f3m*qRQUZ@PEFv<6D?e_4V*J{F1QHaBllFm{x+ z=RL`?FmkE|VBLnqk?Fs(gw(Hyf{Blnm4`QwS~ZH_MF+pE`Rn;BM%$XL-xm3QUNt!Q zX@}=|mKHY9jq{zE?eQKB6%#xA%frt?q&6$9&F|lPBu!Ue)uC1AjEMJt-<0Xp(`~mc z*+e8a$kE5;jG@toI=ei!eNL~B`}q2%yQw0$z-SehkT5kndkp`_^{cv16OY5+k|Rta zr%_0Y^%2>8RTJs-skKV?z*76D*A|YySY`${xBVUNZPaUTpZfZyANAvlux8{;604|&vU~%bxU|CSr_-bBr2@Lsr08;T^29t%G2^Ewvl?K( znwm)olKB?<`@6Wcyy7kF>wcPV&_Sy6KFV+u(}_5bJzu)lr_5yY0wV!w>5yYGgB-@H zv#EsyDuWyW_h4G~5SP_K?EzBsQB|P4cb6$1XQFI@iN7sdq|^yXXuyzv5XY9l@^i?7{;7{*V1Tojk+ducOYL!La>nSUkB|OZ^{E*J$f>&V zTW#~dZI4(WtxAm;`a5Iuhj?{b{d80CwU>GR>cr3i60Rk9^Vd2^b#lO8_%!!*M(b}X z?|%c_KV_{NAO2%`zqIzYDIj3nFW>Fq_EjF}Xy~f6ecROjJPfY>=xzDtM4y}9Q0_l} zmU{|!L96azn=e)**6CdMZsE&Dc@4Wl^lG`po)jA`zAGJ>AJ89u`DW$(WMG)g%v$|z zY^U;hQPG$$7Dt-ee|#)IQ}WMMbG3O5xhxc)xs{8NQ)X?nSs9ZPRyF0bMf+%i`iceI z)3-qI8}T{m=|CYJlc!c(JdAwsKLg#HeBG}>*TjQy@+DUnZz~Uik@kDtVN^7Mu%I{$ z!z&@({4%_LbcQZj({J~~P(rC@5pV?L2^s5rD-1+{kqqOf+R&_rxrx%Om$UDCFap%x zP?vmR>ni;GId23_#nga%&(utHb!}h1eCh1$tY+p;*=1CYb?s6!cN$^%#cG^fVO0_g zUI8hEC=(^v@LGD zb+iAdSjq0BTdO?kQY`;4@jzjPWE-|G9@nf&YkFaB&TVXdyIgzLeYw60fKKF8R4^8C zK42b)ZPp&gb=({l%MsK$>2=sGOWb|!v5_?iHJUaz-I;v?8vIVMD{H~Nz|dGUWr^+T zZRTO-V&i6Da0rz8aL;_IHy>YFTU*P{&Q43)U0C2r)@_lux3>0N!(z0tw|~C_RDG2ETkb%oSEd z1+B!#l*ye?aJ?(3Gh|a~y+>x1>ap@)uB6Zh8PWUZy@BIaK#qmaN2CUcLq0O*{OreC z+~o47s19)vk)HK%QRi_QQO2crM=+bEbEj1BA9}#CjrJySL$+_qVInSGT6vU}Wa!PW zE>HJtUtC;lY;26k_MN&s;h8)={Wv&iVf)owvm}0qy*;;PH`AAGPFxY~mXZ>{aMvpJu z2L0hTaKemU5zJH#I8%LPQ30y+Zg0JBZ}l%1vYITtjv5wucotS~iaG1+D|8*^i8b3{ zro72@5$$d<1gcKYinI?7NG>*3y~`RK8`~S&i<&QERxTTolatTtZDpefiHY$@2<}G{ z6ymo$S6dq2H1FP=j9J^*X!013{M_`NWn`bR+|<|`lm5+}(h>Mg;n_22C&`rLHjCz8 zl-uvk(5F7;xVv~Lf?fu4DVJy9q zmB7)c7;XnT6vaf`@~m`xBE%!>ImyiQ;46=EF^SHP5F0roTNxSFnP?<2>oj65Ee#c2 zHQnW@sTV|d6aPjcQ-;J;x?y=fFK5^0B z;LD66^gP{B@(LZ}{SwJ;JzK8dVfa0rorp*Xf=@(DKtw=9h+p=m($d1lARjO7i!6|X zBe?nemB6y)D)_3fSp` z%EZma25wADDEj)|A0ATkgw%mqeNH=e0>{ za&pKv5L!F4giPJI&ThC7AI5ZF!bDG7g_MkzS!c-Tzz-cL=NL}sX@Rz)i?}DcaYrAI zXsyIaxO~J+ZMe92N3htNQJ*!ej#-&o9;C`Zq_xK!T!5;+$acN+_j@SBJg541dm$)< zyoAMPOrip>Fa@HkynZkw7Usg?6>h*ctNQAv*EY# zxWLk_Z8^maG8>R^TbQ4B?Ad#D((Hb+m7Xpv73`&P6>s;3dn>|;0|f=;wrAOugwNw! zh``O{;o-#K4zBW85DsrdL(?5lsq2ZAl*Rqp5%#PXqhmc}TmR;$rNL%pX>zjbNzr?j zP;&N)`ce8(>zVRAS6!b=XYTpk9%@mNTax>PR~_p?<5Wk^4DG2i3dg7_R308Ngxpse zB$w2V3j!DSUXS#fseD^HT1u`zxO%bI?J=F}RaDTQCTQG^(eA8`cicEZ%G^E4#W2-Y z2V>jMVOy#S4!i;8IpqVV_*Ej133!06;6E2d=|v3j?*86h0Jsewr{fD>-3c;hdvtcQ zV^4p2WM{f+HH=1hTW~K;WF*q+?RU>mQJ-%V_S{wq)B7jwr$(CZ9A*MUcI09{+@U5Z|sqgvHq+d*LALW9#h9WW|qTCrm9-jPXa&R5BR;b$O@G4$Z~&ftAQa}18e7r@7eQB@2Q5|(ZTY~3VO*^A1O ze8XI@!7TeemL=aaD`pJ2iS`;)H#mKL-4B=&>qX;l4~fJ-Gq~pAV&>tC%#*z){dKs% zkKUyNzq33Lhu{r~-5Hyi*9>QbDPH4ZZ%+b1HC_)stnlPvH$f%OZ$XkQilRb+f%*~z z1VXh&Iyt#KO%K*!lxN%S2=-S>?N=|dxrX-ts&=+Twro4Iuw*&uORKNOa>^?#d<5;P z8J5KDRq(XdR9V{8x@~zVibK}ts=c^`wPNCg(L~H3Yet?_HzO==e7;4WUCe>XVgB;f zwGg(W#vMnuart0(r^kV=ZhB>KaF7x-P)v_HgczMXbVJG4(IHcg*Zn~WofIe7Oh(4O zX^Iz&B`E1B7cT$!@U*b7w9^}h$2TNZ^AG{g;@PS&ifnXJfiBB;&-=_M+tgB0(qyA& zYisKX?|wfz&9R~>J#~J%n`3a@LgN-wylg2EAcIB}y0Ext^h-hU>0~4%r1FyB6$teB zgYt|F^+IM>vwvhJ;sPq=xxt`&Lq-N+-s1K^A|#|+G9Cdg3$)gEYe0yU)*V4ELA1$l z3&nKxCR_tDgn}NwoX$<}OXIx_T2ADsm^6n>^MSMlRES(jV{sxU290Te*`=k&rOs4L z?HQ`EzHJRDT%i0hIDAQKTQ6Gzv3Ywg^P@p|&sV39cYhx5Lhzwe%uSmyu%(}3ndOZ$ z{EXKj^6wkR!^dShFH)ZLjn14Twc4?)JNl$UAW%<#WO2hQNcw1G`=(Y;ur6 z6uBKy6(A0Ng&0&rBy9 zBwIy=tZc;m)8^I3C*qyQwXRp4Kwc5HNvSMg*ADl;ORWhVuDs#SZxeC zW4v0|Mi#tWe-fhT1Sw1BYU_BfIG{ns#fM9F-c;Dk64H0vf4?=iIm@o#e@mI#Ewf)J z^DfG(^KbeSL#H$~ZP5AjMhK4(K{SOvi;JnETc0CN0ONI);q$!6R$-Z{ndYYP{N`~b z3=VA5sli~$&O$9UyM1L z2#C0$9*t0q)pIr44|;m5E^2z(3GxZN`^LXwmt^YrYd8Uwf{~HY_N*c+<qd-7W@EM3pz9D6R&9>kZnu7%2qOiLX~A$fD{u_V=wdqh()u@=W) z4P`*)R$06yKzMw*+2uosRPeq4^&X)3b!v6wsBx_`yy}yGBx`!_AJ8s`T1^HuveAAE z;!jdOgmryiEY2+AU{uPt<^53m?-OM;*>?sQIeB~1%boBqc$E{LF-Y3US2ZE}r#o^w zb6QH=`T`N!lRd4@Gz>t37MG#aG z`~K5!d=SCvhSu7eL=G)dnFnIn)dPR&PZr;qd}C1pEiXb`Hx-$}`BztVr9EZV%YmTa zFkC55{G={mpe!!OwFkbJkYshW<;l;3R&6k8abMNWagPsVX@*ACJ!y~g<(ct~pS=8@ zxEwaS){XYx)+g-yy3OPM1pGWHHJ_x({Ip>nGANiyO4E6lZUlKmU?YY?WP>6aL5ua1 zfE(xjGs$veV|^|X4{xp6?u!RnU&QfPEcy@EE?GpXp#&jO60x*5Vlt^ME8SOS`A5)Q z9nFrPVb1z^g4&#-!|%~;4$6~kj-L;V7D1?b=_pGn6TK&CG^MiT+4(!J(rB%}GOour z39J6abDZ&Y1RUvhu&k;50rXx!1%h&64ZYB`??9A0E1N5=xm6*pvmnsCRaWc$uJmyb zbn5+bhlfw3D=5*~6w$`PL9Y1nJPOY)1jfcX&w`C$=U}y#3KD(=Eg=@m-MkLwUMgLu zgDYb&9gX0)#EQ%L=b zKt+A`lPaWz<2=Byp(p}g=PBMTW3ZF9_m?#{YGFa94%7Re>+3oe5Wi>~^q-Ih9#26P zD8enmOOq`i`(-veS(m?TO54gC6yoc-X;eH8!UdHsm^26CEgsdDP7P1u6z^s_-K7-> zd+z<92t1>iPBgb}G44OlhqSI{BW1Vfy1X@LDf)o)N>6|on>KUe2^&By5=D&;VKM_y zas#5F8=&qO^$?ySd1H?^^==v3CMQwJ$VLWrQ?ew;T&7`@%FHmv1qGt0EGLTj6N&$6 zaH-#M?jP%!ZA)~-XK@9D6#5GUe?A7g*&$w~$CU=kn@bDw`U?ru>G}0GvX`lzE!K8_ zY6@LYa|XsZtFf%9IMmG%F3#DEKa9U9EzYm!@CaGt5*#QHKje7I3HKC5W%{$*Y9Pgq zg7Vj$XoWY|U~&0NQglUK{!X#`<>k(qyJG*!@51M4cJ3^vUwh}C`vK;*w7K_SSxa=~ zo%@7;2s&*fxAL^!n}zf@Z#t&#Wt?{&RK$24{Fb6mOP%FL=heqg##OoIhmWsCPHA

    %G4hj( zJ8j+D?ofw%!QGk4_CEp5+K<8x2M$o-B(qIjD?jdze2lEC(gds~31cCMw6Xvf$}O_| z5V6J4iNV>Zr{t!dZ@Tf(+==84SPrPwW7c5ap<2~)?b2@Lq8FZY*r+U6;10|S=W#Re zS$(W%M>}l*(a3^Dj>%-!+$^^E@aiw2ue?uJnm#@mn%5J1ce_sU8eYBob%Mr3jb%Lq zv0%a58ygRP1ZQKv<^Z7>%kw($uVO#4I-Wkol>zQLiX4(pMikYBgqX3S13vi;>!s=W zBd}wedboL3Ej?DQv~68(Y#hB@ZrWVAPq_DtH4u7O8NxRXlN?d%3qS`zNI?53;F;T> zpJblgzn#WAIu_13KHcv(VY3yT&AXjd_$-uMS2b-iD;?!FR$5b{4xkX7rAw{~k!-gH z^Uv*uU|_ue>Y~ywVZvB|UL%~diC6C2v`%!UNM*xWiWdBV+s^P&_3_3qP3Sr9Eq%ch zHlRnAmWoqTBInL{LLvXc!-te;nWQzYbY5dn&4xapq!4fZrA?Bf9eCsqrRnW5M5vE! z4Ggoni+~8ugyVN0_L$4`d53h}1yPiK&wAdL6zL010p8FD+JD$rr`ntMBUah?{J|{- zj?z?JF4x@oK`q6=TCOHjY2Or#sc*f{*BU1~Q#ASBAK2FS>so9GbHG;>3Qo{A zBkX*Ya}Tq$u!IUCk+iYXA1+GF4uA&xB|r`KyP>smmGP z!~D$h%*nERZx}ZNh8KpA6hckYASbQ>^L>2Irox=5M{l@C{9()@$W7eDv16S0ZsjN~1!AAO4ls^HwhcvXX<4fN zHXHkuUqPv_GcF&4?a4h&vX2TSGlC2!^E0kU?b=0ovED-`Y!&^vkBPxldio7srRVit z*qrX(HiMjYH+e8Hs!L4nEUh*E-Y6m`IZbhczUcooU51ToU zzWyWl+&jxO*$k8G(ryvKY0f7LJ;{KNpSz@Sh5dR$ zP}S5VIfhBJOmp}*Bv-E{l^)a;<1R%C6Zu}0`3RCh4W*JNy$HqkNye`_-(ziL$A~n4 zLHdEt>NA}!PCEdT&F{suKEtc)0*@DaD13O^&yo=!w~?RdqM7iqdbM?bbTnm8XEJ{v#$s#g)w7_*!|(wy)2+B3tJAZs#Y+@B_V3#naC34I zw?<=_WR~h6g!z5^kuDz7MYP`&9ASVu2{@O|2lk5S5yE89$q#PUG!;NluM{?!=?fcS z`7GPb+Yen`ncz;Un`TBn49pft-&h?!v<|ybvd+)W-hRApe6X4xssPLYk&XC?xaQz= zPjL))p;42`5Q4Cd&Q3cG`6V?o=Ezo;Q>&6gy+jWtcNp01VgYV z`DpU{n&Ok+afevDAO%?62&l>t6t8}Y2MwKJKVk^0x;T+{4E%cCr?Q+e3M67QfJ+Yr zhey#lT3cQHIP3BbDoOwm#tneKUmT8hMVU)1qdB;~^1@(qLloQ4qBFSymOY_M&3b;l z(6{02YVe0s+o1=`3wug9RKndsd2#&bt~}#)r#iE)^&AJF8SXOib~c<+EwP~a&CKtB zA@?;CxJ$$o3Zu+H|7f@_A9{SW*H0ZJ)!K{!LrxSI6Cv74fxH?<@y<>|V*$|nr%F=0 zSN1rPmWWPtY(^HJ8bwA&kd6NC@Gm>NyzC8xwhrb6fJpzY9{Q>{W4`IEQT*4mbBFcK z3Ubrq_nw~daj7zapT!9#Y4}D3Y?wY>T%P27^-q~Tt>K#ASXfwFyLhmthM3e9lX{Ri zz5V!wlD%F1mIKFxxOcsNIG0<*+O>0{Rb|9d`BNfB4QD~56LcJH%NzlTy2mp5 z10}Uw*|vwDe4r3vO~wi)K==B^t2txPx4oePA7**9MEEIQnlNi6sKyGFl#_sg<{^(o zOgdWRXYe*2(_!>fhrkw-vqL|{H50AF3aAesp z7;v|9g{2Z=--!Q#G;BdR3OF|Wi=7@p4Z}@K(u5%9YpmGB)ESx@lVCS*SP>^;bLuYaM;4Gp{;SezMNbDG`2OF$Y zl_tEa_j@^cuJ1=h(Ge)CHP#l*Ftc{`8-avO{nRcfjHGWfIido)c_J=E($U!7cb9=!)~3V5Bw4lJ-O+&8CukH0n`{=`vlGI27Rw$Lih zne|Si>V@5xo4QK9-_%&IEMPX=qi1fJ1DB*&Jw~`dK~MI z2U|DaaCs?^J012w5uBb~X*Qm#@f4=m)DZDom4+G_p^_-r!llP2ZEkLY2#<*8T=KjR z=$l*egg!i^jrHK4-16eG@|>bL|fFIogCK*#IP*E4D|t@_i&TSTu(;3eGAS6-wiqxyXK#sKUY4-+d0CHF$)Av zT%euIe{ZbkOx{c;iw6eX3lIU<6%zoH+B(r4-tzQ@#M57nd^pTS6YoN%8$j+&4-ImC zj4ytsncg^YNoSQ^gX!u#_uH-W|2V#|#yIxL8BPa%YG$TE0l2Nt;NYN+6yIagjDVj0 zXV2$&Kcwi%jDxm0EN|?I5C8o6&)rAYN9j>2+9TbW1@(v;h(GuJgk8j34MalyA|-A&R++%%kb*1qT+eaAJua?Bp}nAWoI_^m%B#mSr13D8i{xEMFz#?^lj$!Mvk zCEjNpE7Fe1C?d(Gw24BKX=qn*#*=3mt~)67z8{~$z@78*S>=6AQ;U2fxHida-Xk%X~}mymhRn>b2uw43!Sa1~`hLyhrnA}u&44J>V=)xXT^>H_sm6QOfxM2iZN>(Sc z;ctQBO8b(fDXp5NueRn0q$mq`jFe<_2eKp4lF-A*O89F<(A9ZI4cIB83|%F`DHaY) zsckBpzqRAUr4aC0!PLzC(i%QvD+*h-ezV?2vThGw|E+l#%smXaWTr2AVLwZo^JSpt|X2}2WI1rBFo`g1s*BS)f!qZXjK-Wfwjz^p2Tk%9Q@{}@x=f<(6Q{_Pn&q~ zgjWJyHmw@w>Mh37GM8|zyi_VHpd~Vza$`f&R)$mP_>C-0?I7Aay!DImIn_9+&sd#ar$ox6D)ms7}YubV1~D zpMwGf*7uE$jvo%5+sqT~*ROY$mX@kjeB@4kKKIG!s=u5TqxQSrZk~>&vV3kZJ7tdS z?VkUt2RS7nMnD)g{&m!JfeZa zBGN9_gSGyfbaT^dKeLmT} z4QrukHpA|YsH%RdXciWN`O-{y3bYZF>_ww*cGi~-PZkFUr-FF#%=0cSG+BAo>{8gfa9YT7WHMx3!h^?nrT1@Fb?JPd4lP%5Xhv;hUSELRU7FM<_y4g{vRYSoWEMNEnwj)#*v@g><8b-qN@NM-Z90ebY4(Raoem2svH0e}4z z8b7iG|1YUEq{35n7GV>U3_@9aIjgb?Hi`%9LIS@fvWsB3|KQ8SES!l*Ah{v|x5uDR zoTu@34*MgLScBW2I_Lc;-b8*=*q%SG){0&&^jo|6V4SmhT4Bl!=V=G*x1+>hhI!QZ~NtKB+$p z^MA+Tu&UNK-HcRPJ+^7|&I23mLsg`67Z(>lnlGHQftRvdL4VRTQc$fRKMM*VBSS#^ zua9I!=xW?Y)vi}J2ZuY5;>g+ASy42(;=k7XBc$(Dplh`!8)@1XVH@X;gf`In?Zu~7 z>Gr7Uz0D*q_@_oPfjJukNtziqFxA zu*iRwcZV3Gv4rL>u9FCqqh?bv90d=eL$Bpev+>N&VKh>RRayK|zO>RX;k`s{>aJBs zM;Hj2DR6c-61OLY2Ib+tL`47VquWum`!w7M_JHY0-PvN?a|K3k2j!t=EuG!e%1r>@ z9s!M&wZ8=-#tb46+=gs@>687=LrDi*fwB2di6Z3T6=m734cb2}_NxD%Gx_fc`ISTp zRP#S?_eE829rxZ%J|qG2o^vlRJ3suO>~uS9cYd8($nj^Xi;KZZvM!X>A2a-~$NPUh z>~ErO!6opX&pZeX^^Lo=T&T)A%lg3p8pF+3w}u8brTK4V$h6_60c6xzTy6^ge-Bj1 z2=}H!_U#+&fd9Q*y@q>_1DqC1AbrEyB`0RJ45j*(r6b13DTL}{)hO& z_s!v#qFn5clPqA8T?7uE(b&_B>Auwe^;{;5V9n%+LBgI12glD>2omr`@Wlg_S8G`g7oN1c^x5k+xYbg=^ubWIkxK%k@$}!5i~__{Fl&O?6)yh zEoGg|L4IH`Py*urz7XEf-N;s+Zwm@$df~N)cQ5kV9fAIhKESw-jm=6#G=|Hf#>U4X zpSvedOx5%HB+xe|Isg1Ttj6?tbim?bbTgVA$^Y64LbD&5oH8EB<=E)4!=Zs%Q5c_H zZ#p|Sb8>nT7cnGq3H(W)TzNo~Q<=e>8FI9~u3Oo5*%70o_9Vs$==z*c=$zlhZ=@9{(xuPK|=;0MDEyvXIe_hugb9Wfym==~H z7$5lQQ`E^{X_<~>M2o0*$7s5deiFVPYWtYp+-&?4r+v*nM5{Ai;^!v-SwHjs<{_Lj z9f{P~H%+VFo)7AahpBpFhh?J7DezQ|X)7zfyfAjW{&+OKA;D~Crjlk{d5li@^B;gam(8mN&EAp+VAelIk5{^!j`q3`eSUr&>o;{2~R z@3%lA1x5BMB2O^F0v0m?f($Tl|KdU%(r4n3Z@MWmvJur!iiN_w8~FGa+S(b@%yLC} z@w_Gl#@<~>KodQp02o4cj~TQ2jyzrr5Si@0`U4Gv>d!ZMEMoRV!Osc8CI)*4f_fnF>^Zcs z>FNPs#DO>t->_Mbv{e+ol9#!MxxM7CFeX_uSePjz%s48~T4Sr%2fQ;4)_2a-pT^X{ z|ATBw(4aRcRM3~TPzDL`d%5DnD{5MX4V}F`x>y^?wsqF@95|Y9nFDGA$$IC50bRg@ z58mbV*XO*m)6-LakC_4me)T((z6UlGJa$t`tk$P@Cp?Mc9+sF5#0~Hs5qm5&@@17o z36a3S?V|0>=c%)AiFLW9>1GKB%FYKv#SnS<17Vo0+Lg;Y2xjU^iD~};?tb8>dzU-E zw`;a2-bcpx`+}^laCY0r^p<-57MN%?QDLGuZJEOBTyiZkK_$_t^*Zi1`*@E{^1^?? zn(+XngMboeA(s;>5?Gl2m}_f?l8vJP+P3MmF}<_OQvXod8JM<1TQ{tbU)0pr)rBN4 z{JOxw$|zV`uCV#A6Brz#jWpY?!+`nx#ZXAp$lE^2*7zarBoAXZ;^QazGV)G(aZy{^ z^R#e*H~*v5q#C2XyvW6mrF0(I;;yQtoD;}ft4zcREv5R;HqD0>JVv=RD1gww1 z12&~wRQkW5-8~GweZUBq-dfs{1{d9%U0OPF_LwhJeF^6VGql2FS;S5~1xB&)k?8&h z1hW|-?#Ja!-hStBWMoQZJWw3S#fS(C3lsia3niDB<$d9tL(bmGW>#~kI1>ZOVqogn zxVN#WWj;2tPujsFLTnIBaa6Vj#$k@pQ0D}(3ir=)3G1w@-k~MEM~i2*9iuLOeY)Dh z#KGHtu2W+@wB@Y*IjT^U+;hBqqhaOXv7T<#=rZ+LB6ly5zQi`6oa$|P577m(SHG&l zt&`!jaZL&@T02I92P34Z9*I1+Q5YqQL#KtuR=s3u%DWCVXb$6RHoX83$|go<+&M-qamMS54jvGL@)ZR~Vg-ChZ}o&Ia^rBh z!*ppnIzuysj1WN;={Bs0ICviFXrAZ9VeoCz^*8BpO_0H4@S5=ztSiZ7pXSt0{~I$_ z6QsaBkjRwM=Z#lIyy)@a(r!P-Jkx%r!Q>6iX#a2%Pj0o zryyiQGOj$;RjF_Zs?G%W`(Oo65lNb9(+R*6*Fx{RMlXMt>PurEIQk6dSw&fywD`7= z<=BKwKQfafY1FIxhPa~=d-Z;=Y5pb8u1_d4c@%ZmPBj;6&+=ONefH?98 zfcv`EPRMylCUY)#B4&l}sUjrk#i4o9p*D2XZHOilOmhiv|8bmt_0Vdj&dg`>a5M1m z^L6j_;6g`iOIm-mS0`T#JsH7sVrYvu3{&Tfk9o5a%fd#50Ja_YZ zSQQ!er{>GZFJq(Ua>f|_0me@hZ95^=t2wuv_|4IUi32Nyje0X+asnRvF;Fl=8LUtD z@Wjg4_`SmkQK>Uz@gUKIUUoM29^?#-In4{$DJjqWNO<-D93gg}VMRifLNRNxHYOi< zehCoMNUb!n1OHJXzpHDB-~sRxS*23qM~2ro!hhaIEacNG++no;PLI5^54_Ud3xk%N z3-HH5y1zy_%rWtIZ0lXq z`##$eJl#r9Jv~0wH#76pZ8}-$I3qc9Tw2Sryq?!y~Oc_d5}fcu3iV8s)gA0^s=QcgZ(!!!k5)e zGlcPY1Y%%KJ9b_W6-C|`7(SFN$LiAGO#SQ7r)Ik8!Pxn&;pY-f$pQcz1u3D7b63DZD+i~2Ff_#47AZ~ zmZ`%$yK*fean~EK*ZuVr{}U^Yvy)3p`s7|Df6NHDdR}EJk_iJ_D1(BcplHjHyvyD2 z!jhK!)zw4E#s2I5O3yTriqq5Pow)aRT$sOEv+WX(KawnwGF4TQj;o(mQ$3zSnbeG{ zvT_18MH}K`s$nS|=Ko{}=6?nI*-f46E6w*Lwq=9`rhsLo)JiOsfyRz&;r8FJB!|OA zKaJV4T+K(&j%A7%77sON?cg(E1A6}`Naax z6X@%W%JY`9Dvi7L9M2_xtzMq&WRD`%Fd?LD2+F8Qo{P*PHf`@efNuNgSqD3T!Dh;% zAGUTa2hp?tEtE7+KTZQnReA~li2cG$I&UuwawYa+z9tBNE_!;1afCJM1biRk76%Ze zd0DXz14sPPK0AXi`kye#lJnQF!2A|QEJD-y!j;FWP$(I(Zm6-aPeseUy`yjNc+T-cUFUt8}je{&a14)D|eXd@G%d$EqH!%~;Hrf*V!Au70{`^oWc zU9C4vkiAp~Z0a-yDG?TX+qK~@q87&;!uOAVw-BL6fOsy{8$lEm^SX1biT(~L3C$KQ zP>PztJ`-K&#!Fvs9Z%~7)(I=GlcR7g0qko%IOif7D(6hOrP=wPAN*e3;c#3(J2xj< zz3T@I4cIu4h6Y4bTNJ3w0BJZapgrW{-YOw8qUg1)fST`JY5Z~YSVqo{#Vl92IH{o6 z32TKWkPDFIl`|F3! z9$~j6 zxw4}6)rP#`ho3}*XjxdGlKhQ41PGu-NMq#rUa&HAD;pEPlvZ{|1|5y34EX-M+U(fa z;FV6Ilf9J@G1XF6cY8z7EdtT>I$VIo@*F6^C%eq zja^C4`;qe~DJf}baRCj@I;4Kn=c>cjm2oVartKYiq{(qS{S;0cBc37Sq228+lK-8| zec@tli^H{2-%gyi0ffJa83~~51%BmzCy1MoNwdWwVd_j6)@`ftjW@ZI)4@cTz%CWi zQ+?I~8E-Za;j9GwN9pQnD?^2vr23q$(#}LJfnrd8Dhn<6?cZw)N=>>2vP()%w%#wc zEG#S_kOYb7z`}1fSMDul=_tkxzDK{JL&PF823lL}uu{Da%O8Y;8w5KXEC_6E>pYL} zF+1xp(mS@|MGH}jpa@;_p7QhYbs=GXaaRNe7vF!VPL&{-19+-ACBczk>E%l{ly+&u zxHIf@v-?kK6BgG{2~4}DzPh+WZ2$!9q0rbVI>WHQ4F~h_P?(~)YV)gPb`MDZ32Tp0 zx*5M=o%eM^bO}X6GHxSJzt1wak@7J54n$`_FaD^mAi|0CD=k|Hu4r$Mjecx&HeR&r zpA;IJBK>BSHwHt#|CA7DWnqJ9RYes6*NDtQOra>+);#}Xy)@QMc6@VF$1L(RRU?>8 zxG!L{WpQOiP|0R=Tw9pDt_UjS8hTpowVwn=@|+$-UE5IzKu=+hTJujMb|opO-YR;5 zY(**;T-dYlugySk><*29)w}=#|L|HLe1T?$RtaX5^|RAfQnEaxfA}SSJ6<(G$?XIN zj%9!rXnh`{wCNR@s13%V-Zv7->|M}D@{Je&4Qa~0qAso!o_OV9N_B0XELuP|n|9ln zQkU2ClMyA)kA^{2b7MNTR%0n8H&XlMn!)dHfAk@Kq+mVJ9W(5~&wiH)v0^_69tASp z3RPew^Lik9e6cLGTscp43>XOJLhhkfs{EfS+IN)fE&WbiUEM5qX(5Qu$a>SymxufM z`oOzV2nInS1_(X9`Q(ie1qFmnwDN1_)Tp5pwwpMZ*xf)9_+vEdBDf=bx(vD;zv-4E z?P27(QwUJVafQ zSzLx1t>D+Ju3Y-1NO+Bxdyt$aBUv&*ks^b`(yrdxJz^TWC=B{vLnU&704)6+ibT4} zuXCL-__i5+5Irr8!O&-aw5QE|qwM)wB=3vQ2sx{h;W}$S3`a`~t<`Bj{yKIzVIzn< zy_ho7Jj`3@9a?{#+(%H!vFQp5z3#nO09c#1ml*9-Sss^=YFOs}n3h6^Y_O~xghsJG zHwC)B#Irb+Y9WCcSJqx_;^xJ?Vuao#m9n(nnOy;_bEs5JclEw1X_Lqkily2Fe1qCg~L zA+Ss>zhxY+uRL2J;UB z|H-!1k$rJ|IeH9&&9Aqoqdh3s7gi)+b8;BdtQj|Ru*tw?WXdG12qCQUE3})p!956? z$kRmk36v})P}R<&i89?KP>MkFFwl9DMiMPDy_I?8^{gW%WK=G;k_vYkG+}`Rdt|i6 zZH5t9VS!&}qM%wSBO}bbAF$P)ON1kr_6B4|L=J7~e>!(D3*2xgK#tBN;=Jv2Ju7Wq zk_cNo2;!S%hl{o(^s}lbjC*J3dM~J(V1>UhW_?zJ*L-0CHs^)tvHeg~|D8fBSEfii zj%~%R=|jjytTVBBoQDF}GAg}R4`USVJ9VO;DAE#-11Zj_i03QsN&g&8x%Gqd7BNAL zQ$wD&u2h6hnGNBNJ8Nn5ORAmyOiwuNzkwkrTu`8e5aZOMO2i>CwIJ;l5n6-Qr#Esb z@%v_-$3*#kZy>;4zFUkn+!yPTBG=Uwf4$ZTE^TU(`wGlcvl^LK=+F)pH*6;bXN@f1 zO}aw{VHEr`^f&gX8uu>CB?=kjQp++eITf>xM?VGiJ3+)l+55+Dxx$;aS$zZ<4W`p7 z2jw8?R85_ck*UxL9QHYELCBWBDfnN88DPt}Oi|Zn3RGBYYis3uF~XcP!67j)5bGhs zZu}x0y18kcG&bVMr7UD8yet>C0SjZdkC_?be6>2j=2stQTwuKH{$pv;E>MGh-qY@@ zVWT{#yQEs#ix#&v^_a*(9cZFan`B-dwPsWM0F z{HP!Li+t?L`;KOszH-vMKoEXr=w=8Kh0>aDe-a0Ka<6{DR1b1)V`YH7@(t>-mi~6~ zu<5vnnx>3+V6ttymuiQ@vH!b2bXiG7fkRbkNnz*3T3cI3#n;jB*xRH;gYT-EszC=h z0jXcJ+AGE9i5bjM)&E;mwigtT$kkGa1*{f`(5elqyqM}e< z1#CZQl3-HI)jiN+4A5ugO=78)EePA(o*G+7S=?K>-YZ}>=LSYg#SMGW?779)o3V7|C9`*!r?eb2~NBW zHYEYL3o#Ph0AJ6U`%snGLe%+zKR#C^i1rDFgV;q;x7@)aqQVQ}&06=+YWD8!@1xX+ zGu_&FbdKr%vkCMV4#X8WQP(p|ha3nzZR5iz)(N&L;cdk1w78~*2>D`*#6cdg9*wj| z3A!NFQVw+vB}sa)V5B4eyWu zVRax0%9lvfa`iqgYQjT2Qqp8fKkwSTfYp-qS|J{$Pa9oTDLEAU(bal8LV>aLL18xg zE1t&WS#Pusm~2!vE2CQ0lqKrkO$cqIKE7BmZ5a*=vFx(p<$?YGL|=LUuzC;ReD&`z z3}GnS)UV=fDT=nrb^332=l82^rY@?cLy}|ii%n)oP1bHu{Ip}L#nCS8T@gjiwxw=IBhO@fWMly)`NLxuq`KlF@z1MGeTQ??m4Yq-!VMP z&?mB0BTdtI8kRvq4Z%S7C|p;_;@&umu)leKC=SHa#ik9vb-WQ2Q7H5%TA%z$^}O?7 z4H;KWUu*DwlRobT-iJ`svRyRGXLUR6l^14SUYcgQl@>KYk>-ud*cmLrnP|WBcDm2<0a~{k<8m%p`G$&tJCEiTb{C9wG0!6Y*KHCsz{;mlEYU zi#^ct2`^#^lzh}^>1g2SQ74$sXM$1v8IQ;Psa3@?KZqQH(zvvzkH7lWrKWI?nYhW4OhV3tlI8&D=VU81=RHq> z9+Du&`!Ym)IfJ|*_R}fkQxXJZl>2cYzabg!kq?5v8D=3dGv^9^?WRIuewn6K?=Rp` z7@D&h@@Ljbl{XgcI@oRl@F4#k^3{{`zVDEG3x3m|gks66`L=I>)mgiq^cpWY$H?F4 zB-2(Msb3B`;;a{K<8y?Ky7YDBZHyREhe!!Nu!sCD2*t#?M9zf!Dp^iIKU2&n(!NYf zYC8Ato%1rIsi--%>IuUg^YP;XoP!-dI7G08Pz&%p#Dx0Z@DP%&rr9D!r&49bO@pQ| z>kSo-6xNU$l(jFp)X2vg{;jJML5HJ)`UPSz**rSE>wCRZTH&g}Akx&Yo%dHrxceDS z_^af&YIfJ2-&w}a`RNLj?tyx3OIKse&N96}5Ssh^%Z2#sFNx265m}p<<(pr_lHws> z6$GY*Y9uHpCFcEE$e>9ZHiWPE!v=G)-jKwSPpiMuFRsmbe1J#U!y**r?U3)VWc?9R zHz%T^d!hQrja@=-^S$)p6B?|!0&@9h@0gcZt(A2!M?glP9zvevtpx6H_&LzmgSjl4~hB3YTGis42PfgYzRdq ztF6-7rPyn=;7k32Ww+HE5VJ(O+is>3O}a?3QK_J1&Xw9e;s4v}1?F zEbPvQlX93ytt&QX=z28(^;y!`t@2Bim|R0+chjC*&Z5b*ykY-sasBExLr!)lL+J|! zt)PuP0_p7q8sv?<2Jmz9-h!R@H0w6D?0SLP$mi1~mvZQ1`CpvEQg7S>7ONun#LXDq!OF_YfYbsN<>I!Kmr-f)P;RF z6Gis(fsoS5wf4_X5gQRMZS-v3puOhvTbi6%a}JoGGa`p%TO8QK3gQSB@0fLhrI$cu zsv}&=uE|01BaJL5QzK$ooq7XLVJ=$j)_9%6xh%dOBGP#1zBAd~dp1)$D-r<{)l5%V zrYSWCj19ll-{p<%38Z8&W$Slo7)SM7bKrlA%_Uj3yOQ~p^4f+;c>6IXwa3HbG6fyO z`97Dcgd-}v zn=_7NvAZe8kru&0L6ol;@XDQF4JFpt^Zn#fRFlMyRGoZMheea?p9NnTO}FhrKTm^K(;~G0H`=j%t;6}Y%pAiN>)oj zwI8?nw(-4BQv0f95Nu3_yef{o&_TUc7yDdNk=+a}6h zBB7$;lKhNr#$xU?RP@3RE9ONXt<~oHCnpKV1*?yf%v5J4&+r(BN1gvd(?uvR`8i2C z11o`8W2Yx?vHCjyK=NOl(F;e$vXmyNV1Kihok&(gjXp994RL*I&BAShPt@80F880Zh_Xz1We_Ww{q{trQG5ZW(CqK=87B5T?x90yL?61S(ijw?s7?Sj#M~<|Z zA-MR53@9FI^^uCbnyg1za;8;;f$l2ipi&MTMj{`zx z3S5cBUyM`#;P74~(6!BH7>d{>6OW@ysYYSo>|% zt`c6JeS{wC^%7X?mC5aB0e*np4p{zuRa0ZsZNo8yGa{30lpt~oIR7iEl7aNn==0oY zv_r_iu*}~HR7m{2-i*lo94SCiMsGc~0@=V9E5y6|rZA9#Di1g2s$~Q85&i{q_TR7A zQ2wq`%3bd_L1+C_KV^KA^A=3zVA71%Tm`se90-BuS>BT{;mqt_mLf(hU@wC9|9XknY!4eQCP;xP~wBWYW0yvhln*Gk;sG7fwh`sKHB{oxadbxZI z!pSQLOHVSFSJAE^`|`he_Fr!_I|PP2x{!g@QZ01c0YEqQZJkOIh1wc?Lh*SJ0g#K9 zRqZhHP!eDZ4#O15cHu*IEc0ZuwKc?0m2rWkV;iVxZ2y0YC*?kH4q6?IuA@r zf7GEL>+6Oxd@E5r#V{Qcbtt>@+AAQaEc^!Stj#w4{Grjm=4s?U`#kHuuT%9PIF+wo z-&faP3F+hbH*szz3BtnQKCjq8{?6(Ed?Op`>vR0E7@M*G1(x~G2>;u@h5vi|a=up2 z_|Ew5O|AqZcNZel!($>s!P3LKI~cs0?*%->@GSmDB^Dti%$6Y0*4NTz1m%UCTtC8* z<0X7pXBNHSEZRgzgOk7*qTx?DB2lA?EhYWF5l5mYxxns7h8j;c?Kdgq{^`Dr1geIR zknn_LW-uuii@0a%19FJgK@kn<>^7dsmt%8p%f0ZIt4$4MTsC0?kh+FBIf94we;-u; z&%MKeg-U5+@p9lCSYbNl+!2ezF@>T`A@`f~HGRD3MIjZ6;=5aHcG&OnNA(jR#3BBD zWZ1db`7+w6p9{GJE_3y~{!Zi!bJzC)!*c{fo>%Av;KK^RZ~DMa2=n; zPsDq*;<_E_S*6>ac7cTd$?mm~$qT-82s1DPr0WWfZSr`v8-M}M2(t#}r%ta2Bux~zMt zqpUj4d|7JGhByJnZ?I}OBH+-%V^-Ln;B|LpdT+(eGZp$=S2_Q4to#d3b&>Q(F4)ZH zqI#p`0LiRMI80w2Y8*UQ;wD7?lot{xMt>9nr~tI*o@)3WRG2?`OLe9q;i$O1#Qc3V zXK33()?Ol>vaUH!i}C%VT}gCnA6&7?9Kt!dZMrF+WMiNK->*vRls6$BCk6=#=aF2wi<12lV)uXZO9U0f2^H?d4td34K$mEo zs2%R&2ZK`xe28H`d16iyb@UT6Kn*Ioc@o9@0`egl8Ufo5G#PqPVe4f%k;Mmi9{oxJ z4;TUrUF2WRecqpOe%tkcE=kijLN7)k%dVo|AEGB2MSr+;m!XjYG=BN&*Ji+>gjAtE z5lIxwS#W~?nI3aY;H6g}hH=DrI%d}GgKEu|Kh+j~DV*?!#|NBr@^% zFKIu?cy^$zQ3yEg0Qh|G1NoAY#+2YY;HMBj2r!}+?4%AvbYn~+l^31d+&0qn-Yvd; z6Elb&RsO$M{LlQl{X@{jWy1En$$FbH6kcS=SGc^8r|8d zds$x)${Zp+AIYHJ3rV*u-kH~&i_G^B52KS-UMgL8f(QiYOOyh`l zxr$p$5Ys177ZTlKc-T_ zkIWI)xTXpu{B~RZENF;m^`mAfa&VXhg-6k{)TB-5ixgjogp#X05I(_{5qK%3P-^QN z>pM(B^^(mv)5Hgb2$SR~;2ROg3BnN|?MbR*U1C<2D<=+9K$$Ys z#~9RXa>amNirAK4q-1{cs1ybvvUd!JH2>8m`FE$Z-;dD0yJ!*09s+bS(6FG3keN$} zl8c*xK#u$Z2g3nnxSIb+*o5M&csWHLk_x+J^w7)C^qWHj`A&kn16OEtCkffWauM*U zLIm}un%PnBXZ!GPYUfV?K0DEbsA!I3vUtKM4BAbo4&+uj3PEP5+*-e^g!X{sHoje) z>70fgXRB+cFn(ylEc(}9cX0}4Dc~Ch@lAIY9L&*QLtPq++c8^aPrxqOAjJFm&pLX@ zJ|$w295AUM!VDS`m16wYGy8vEksv@|h@%^j0C^qX4;&f4A;(o#hKxWM1LE4x93}l1 zi3=PlN?+eyuspg{pT9boJxC5}I{1P4qq~3N9bdo{YP2P(w%|%vC#oI~X-`6^R-bQD z4>9UX!aR9+(8@F`3lAA<22h~$EIb753e}pw#RHif4_B0h6`Asc-rtIh39hd#1Tn37 zGB6AYEe-5r>sZdu5SR)Wk$}sDMO5>U9j*W8@cQTZ`&~%iP?GG6b@c+`HmF{^-VBZ3 zpS_}2{wL}Sl!3V8y4Sr>f}IKO3eu*Xc<1x#`G#SR6Eh)e9W4I$ZfH=o-brQanV%BS zBXB^%@Kak2SLI^WOfhM$C5%>lKjNx zL}Tr0{Pf2+%@<>nCI!=SVC;d|>jn*tB&d3KYDzy!U$x#K>JbxOs6%kQi(2TWtC|E{ z2_|l6N3GT}gqi>>7Rua!52_e)9V*&C%aumBd>A9OWj6&xBnsh(l4o}~uFR|!W4P>w z5t^66aegpC#GYqh8gONtfwDlkEpA)^xlY-m2LBIy>c36FeqeC2h*D6ozMsi{Nie8a z3&wM(DM2En0dCL)*SPBF>NvbeXv9&FSG(nPzk7Bki@v0n2TD8ume5e~5WRk5e+z-r zue=CU!p5A*fT|#r5iuv`v2wL=!1

    "]},jt=dt(a),Dt=jt.appendChild(a.createElement("div"));At.optgroup=At.option,At.tbody=At.tfoot=At.colgroup=At.caption=At.thead,At.th=At.td,x.fn.extend({text:function(e){return x.access(this,function(e){return e===t?x.text(this):this.empty().append((this[0]&&this[0].ownerDocument||a).createTextNode(e))},null,e,arguments.length)},append:function(){return this.domManip(arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Lt(this,e);t.appendChild(e)}})},prepend:function(){return this.domManip(arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Lt(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return this.domManip(arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return this.domManip(arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},remove:function(e,t){var n,r=e?x.filter(e,this):this,i=0;for(;null!=(n=r[i]);i++)t||1!==n.nodeType||x.cleanData(Ft(n)),n.parentNode&&(t&&x.contains(n.ownerDocument,n)&&_t(Ft(n,"script")),n.parentNode.removeChild(n));return this},empty:function(){var e,t=0;for(;null!=(e=this[t]);t++){1===e.nodeType&&x.cleanData(Ft(e,!1));while(e.firstChild)e.removeChild(e.firstChild);e.options&&x.nodeName(e,"select")&&(e.options.length=0)}return this},clone:function(e,t){return e=null==e?!1:e,t=null==t?e:t,this.map(function(){return x.clone(this,e,t)})},html:function(e){return x.access(this,function(e){var n=this[0]||{},r=0,i=this.length;if(e===t)return 1===n.nodeType?n.innerHTML.replace(gt,""):t;if(!("string"!=typeof e||Tt.test(e)||!x.support.htmlSerialize&&mt.test(e)||!x.support.leadingWhitespace&&yt.test(e)||At[(bt.exec(e)||["",""])[1].toLowerCase()])){e=e.replace(vt,"<$1>");try{for(;i>r;r++)n=this[r]||{},1===n.nodeType&&(x.cleanData(Ft(n,!1)),n.innerHTML=e);n=0}catch(o){}}n&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var e=x.map(this,function(e){return[e.nextSibling,e.parentNode]}),t=0;return this.domManip(arguments,function(n){var r=e[t++],i=e[t++];i&&(r&&r.parentNode!==i&&(r=this.nextSibling),x(this).remove(),i.insertBefore(n,r))},!0),t?this:this.remove()},detach:function(e){return this.remove(e,!0)},domManip:function(e,t,n){e=d.apply([],e);var r,i,o,a,s,l,u=0,c=this.length,p=this,f=c-1,h=e[0],g=x.isFunction(h);if(g||!(1>=c||"string"!=typeof h||x.support.checkClone)&&Nt.test(h))return this.each(function(r){var i=p.eq(r);g&&(e[0]=h.call(this,r,i.html())),i.domManip(e,t,n)});if(c&&(l=x.buildFragment(e,this[0].ownerDocument,!1,!n&&this),r=l.firstChild,1===l.childNodes.length&&(l=r),r)){for(a=x.map(Ft(l,"script"),Ht),o=a.length;c>u;u++)i=l,u!==f&&(i=x.clone(i,!0,!0),o&&x.merge(a,Ft(i,"script"))),t.call(this[u],i,u);if(o)for(s=a[a.length-1].ownerDocument,x.map(a,qt),u=0;o>u;u++)i=a[u],kt.test(i.type||"")&&!x._data(i,"globalEval")&&x.contains(s,i)&&(i.src?x._evalUrl(i.src):x.globalEval((i.text||i.textContent||i.innerHTML||"").replace(St,"")));l=r=null}return this}});function Lt(e,t){return x.nodeName(e,"table")&&x.nodeName(1===t.nodeType?t:t.firstChild,"tr")?e.getElementsByTagName("tbody")[0]||e.appendChild(e.ownerDocument.createElement("tbody")):e}function Ht(e){return e.type=(null!==x.find.attr(e,"type"))+"/"+e.type,e}function qt(e){var t=Et.exec(e.type);return t?e.type=t[1]:e.removeAttribute("type"),e}function _t(e,t){var n,r=0;for(;null!=(n=e[r]);r++)x._data(n,"globalEval",!t||x._data(t[r],"globalEval"))}function Mt(e,t){if(1===t.nodeType&&x.hasData(e)){var n,r,i,o=x._data(e),a=x._data(t,o),s=o.events;if(s){delete a.handle,a.events={};for(n in s)for(r=0,i=s[n].length;i>r;r++)x.event.add(t,n,s[n][r])}a.data&&(a.data=x.extend({},a.data))}}function Ot(e,t){var n,r,i;if(1===t.nodeType){if(n=t.nodeName.toLowerCase(),!x.support.noCloneEvent&&t[x.expando]){i=x._data(t);for(r in i.events)x.removeEvent(t,r,i.handle);t.removeAttribute(x.expando)}"script"===n&&t.text!==e.text?(Ht(t).text=e.text,qt(t)):"object"===n?(t.parentNode&&(t.outerHTML=e.outerHTML),x.support.html5Clone&&e.innerHTML&&!x.trim(t.innerHTML)&&(t.innerHTML=e.innerHTML)):"input"===n&&Ct.test(e.type)?(t.defaultChecked=t.checked=e.checked,t.value!==e.value&&(t.value=e.value)):"option"===n?t.defaultSelected=t.selected=e.defaultSelected:("input"===n||"textarea"===n)&&(t.defaultValue=e.defaultValue)}}x.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,t){x.fn[e]=function(e){var n,r=0,i=[],o=x(e),a=o.length-1;for(;a>=r;r++)n=r===a?this:this.clone(!0),x(o[r])[t](n),h.apply(i,n.get());return this.pushStack(i)}});function Ft(e,n){var r,o,a=0,s=typeof e.getElementsByTagName!==i?e.getElementsByTagName(n||"*"):typeof e.querySelectorAll!==i?e.querySelectorAll(n||"*"):t;if(!s)for(s=[],r=e.childNodes||e;null!=(o=r[a]);a++)!n||x.nodeName(o,n)?s.push(o):x.merge(s,Ft(o,n));return n===t||n&&x.nodeName(e,n)?x.merge([e],s):s}function Bt(e){Ct.test(e.type)&&(e.defaultChecked=e.checked)}x.extend({clone:function(e,t,n){var r,i,o,a,s,l=x.contains(e.ownerDocument,e);if(x.support.html5Clone||x.isXMLDoc(e)||!mt.test("<"+e.nodeName+">")?o=e.cloneNode(!0):(Dt.innerHTML=e.outerHTML,Dt.removeChild(o=Dt.firstChild)),!(x.support.noCloneEvent&&x.support.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||x.isXMLDoc(e)))for(r=Ft(o),s=Ft(e),a=0;null!=(i=s[a]);++a)r[a]&&Ot(i,r[a]);if(t)if(n)for(s=s||Ft(e),r=r||Ft(o),a=0;null!=(i=s[a]);a++)Mt(i,r[a]);else Mt(e,o);return r=Ft(o,"script"),r.length>0&&_t(r,!l&&Ft(e,"script")),r=s=i=null,o},buildFragment:function(e,t,n,r){var i,o,a,s,l,u,c,p=e.length,f=dt(t),d=[],h=0;for(;p>h;h++)if(o=e[h],o||0===o)if("object"===x.type(o))x.merge(d,o.nodeType?[o]:o);else if(wt.test(o)){s=s||f.appendChild(t.createElement("div")),l=(bt.exec(o)||["",""])[1].toLowerCase(),c=At[l]||At._default,s.innerHTML=c[1]+o.replace(vt,"<$1>")+c[2],i=c[0];while(i--)s=s.lastChild;if(!x.support.leadingWhitespace&&yt.test(o)&&d.push(t.createTextNode(yt.exec(o)[0])),!x.support.tbody){o="table"!==l||xt.test(o)?""!==c[1]||xt.test(o)?0:s:s.firstChild,i=o&&o.childNodes.length;while(i--)x.nodeName(u=o.childNodes[i],"tbody")&&!u.childNodes.length&&o.removeChild(u)}x.merge(d,s.childNodes),s.textContent="";while(s.firstChild)s.removeChild(s.firstChild);s=f.lastChild}else d.push(t.createTextNode(o));s&&f.removeChild(s),x.support.appendChecked||x.grep(Ft(d,"input"),Bt),h=0;while(o=d[h++])if((!r||-1===x.inArray(o,r))&&(a=x.contains(o.ownerDocument,o),s=Ft(f.appendChild(o),"script"),a&&_t(s),n)){i=0;while(o=s[i++])kt.test(o.type||"")&&n.push(o)}return s=null,f},cleanData:function(e,t){var n,r,o,a,s=0,l=x.expando,u=x.cache,c=x.support.deleteExpando,f=x.event.special;for(;null!=(n=e[s]);s++)if((t||x.acceptData(n))&&(o=n[l],a=o&&u[o])){if(a.events)for(r in a.events)f[r]?x.event.remove(n,r):x.removeEvent(n,r,a.handle); +u[o]&&(delete u[o],c?delete n[l]:typeof n.removeAttribute!==i?n.removeAttribute(l):n[l]=null,p.push(o))}},_evalUrl:function(e){return x.ajax({url:e,type:"GET",dataType:"script",async:!1,global:!1,"throws":!0})}}),x.fn.extend({wrapAll:function(e){if(x.isFunction(e))return this.each(function(t){x(this).wrapAll(e.call(this,t))});if(this[0]){var t=x(e,this[0].ownerDocument).eq(0).clone(!0);this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstChild&&1===e.firstChild.nodeType)e=e.firstChild;return e}).append(this)}return this},wrapInner:function(e){return x.isFunction(e)?this.each(function(t){x(this).wrapInner(e.call(this,t))}):this.each(function(){var t=x(this),n=t.contents();n.length?n.wrapAll(e):t.append(e)})},wrap:function(e){var t=x.isFunction(e);return this.each(function(n){x(this).wrapAll(t?e.call(this,n):e)})},unwrap:function(){return this.parent().each(function(){x.nodeName(this,"body")||x(this).replaceWith(this.childNodes)}).end()}});var Pt,Rt,Wt,$t=/alpha\([^)]*\)/i,It=/opacity\s*=\s*([^)]*)/,zt=/^(top|right|bottom|left)$/,Xt=/^(none|table(?!-c[ea]).+)/,Ut=/^margin/,Vt=RegExp("^("+w+")(.*)$","i"),Yt=RegExp("^("+w+")(?!px)[a-z%]+$","i"),Jt=RegExp("^([+-])=("+w+")","i"),Gt={BODY:"block"},Qt={position:"absolute",visibility:"hidden",display:"block"},Kt={letterSpacing:0,fontWeight:400},Zt=["Top","Right","Bottom","Left"],en=["Webkit","O","Moz","ms"];function tn(e,t){if(t in e)return t;var n=t.charAt(0).toUpperCase()+t.slice(1),r=t,i=en.length;while(i--)if(t=en[i]+n,t in e)return t;return r}function nn(e,t){return e=t||e,"none"===x.css(e,"display")||!x.contains(e.ownerDocument,e)}function rn(e,t){var n,r,i,o=[],a=0,s=e.length;for(;s>a;a++)r=e[a],r.style&&(o[a]=x._data(r,"olddisplay"),n=r.style.display,t?(o[a]||"none"!==n||(r.style.display=""),""===r.style.display&&nn(r)&&(o[a]=x._data(r,"olddisplay",ln(r.nodeName)))):o[a]||(i=nn(r),(n&&"none"!==n||!i)&&x._data(r,"olddisplay",i?n:x.css(r,"display"))));for(a=0;s>a;a++)r=e[a],r.style&&(t&&"none"!==r.style.display&&""!==r.style.display||(r.style.display=t?o[a]||"":"none"));return e}x.fn.extend({css:function(e,n){return x.access(this,function(e,n,r){var i,o,a={},s=0;if(x.isArray(n)){for(o=Rt(e),i=n.length;i>s;s++)a[n[s]]=x.css(e,n[s],!1,o);return a}return r!==t?x.style(e,n,r):x.css(e,n)},e,n,arguments.length>1)},show:function(){return rn(this,!0)},hide:function(){return rn(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){nn(this)?x(this).show():x(this).hide()})}}),x.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=Wt(e,"opacity");return""===n?"1":n}}}},cssNumber:{columnCount:!0,fillOpacity:!0,fontWeight:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{"float":x.support.cssFloat?"cssFloat":"styleFloat"},style:function(e,n,r,i){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var o,a,s,l=x.camelCase(n),u=e.style;if(n=x.cssProps[l]||(x.cssProps[l]=tn(u,l)),s=x.cssHooks[n]||x.cssHooks[l],r===t)return s&&"get"in s&&(o=s.get(e,!1,i))!==t?o:u[n];if(a=typeof r,"string"===a&&(o=Jt.exec(r))&&(r=(o[1]+1)*o[2]+parseFloat(x.css(e,n)),a="number"),!(null==r||"number"===a&&isNaN(r)||("number"!==a||x.cssNumber[l]||(r+="px"),x.support.clearCloneStyle||""!==r||0!==n.indexOf("background")||(u[n]="inherit"),s&&"set"in s&&(r=s.set(e,r,i))===t)))try{u[n]=r}catch(c){}}},css:function(e,n,r,i){var o,a,s,l=x.camelCase(n);return n=x.cssProps[l]||(x.cssProps[l]=tn(e.style,l)),s=x.cssHooks[n]||x.cssHooks[l],s&&"get"in s&&(a=s.get(e,!0,r)),a===t&&(a=Wt(e,n,i)),"normal"===a&&n in Kt&&(a=Kt[n]),""===r||r?(o=parseFloat(a),r===!0||x.isNumeric(o)?o||0:a):a}}),e.getComputedStyle?(Rt=function(t){return e.getComputedStyle(t,null)},Wt=function(e,n,r){var i,o,a,s=r||Rt(e),l=s?s.getPropertyValue(n)||s[n]:t,u=e.style;return s&&(""!==l||x.contains(e.ownerDocument,e)||(l=x.style(e,n)),Yt.test(l)&&Ut.test(n)&&(i=u.width,o=u.minWidth,a=u.maxWidth,u.minWidth=u.maxWidth=u.width=l,l=s.width,u.width=i,u.minWidth=o,u.maxWidth=a)),l}):a.documentElement.currentStyle&&(Rt=function(e){return e.currentStyle},Wt=function(e,n,r){var i,o,a,s=r||Rt(e),l=s?s[n]:t,u=e.style;return null==l&&u&&u[n]&&(l=u[n]),Yt.test(l)&&!zt.test(n)&&(i=u.left,o=e.runtimeStyle,a=o&&o.left,a&&(o.left=e.currentStyle.left),u.left="fontSize"===n?"1em":l,l=u.pixelLeft+"px",u.left=i,a&&(o.left=a)),""===l?"auto":l});function on(e,t,n){var r=Vt.exec(t);return r?Math.max(0,r[1]-(n||0))+(r[2]||"px"):t}function an(e,t,n,r,i){var o=n===(r?"border":"content")?4:"width"===t?1:0,a=0;for(;4>o;o+=2)"margin"===n&&(a+=x.css(e,n+Zt[o],!0,i)),r?("content"===n&&(a-=x.css(e,"padding"+Zt[o],!0,i)),"margin"!==n&&(a-=x.css(e,"border"+Zt[o]+"Width",!0,i))):(a+=x.css(e,"padding"+Zt[o],!0,i),"padding"!==n&&(a+=x.css(e,"border"+Zt[o]+"Width",!0,i)));return a}function sn(e,t,n){var r=!0,i="width"===t?e.offsetWidth:e.offsetHeight,o=Rt(e),a=x.support.boxSizing&&"border-box"===x.css(e,"boxSizing",!1,o);if(0>=i||null==i){if(i=Wt(e,t,o),(0>i||null==i)&&(i=e.style[t]),Yt.test(i))return i;r=a&&(x.support.boxSizingReliable||i===e.style[t]),i=parseFloat(i)||0}return i+an(e,t,n||(a?"border":"content"),r,o)+"px"}function ln(e){var t=a,n=Gt[e];return n||(n=un(e,t),"none"!==n&&n||(Pt=(Pt||x("

    6a+%aRN}XbV0AW9>A~SjQi2)495c+O02;n< zrl$)wytvBe^|(MRPgAbL&0u}yuc*$B)A78yA#nEGg}u6%W_x|Q(sMtguw)!M%yd~B zCN;Z|*a2D6{HXPlGDf!Sg$U2I6lCCy#p3(Vl^=$0C}}8ju&=7cZR3R)vkMMXscJE9hPaQUSAGH{qN(4n#t~3z^&*Og&|stm1Aalpq0Nf? znQikY%}9`vIb0cT{C8E&f8{VYQf3x%w40IE^9}_0zC-gT1iF?Te zD4BU1!io|o$DiQ!z-9vevb^C?(_0Ym^YyY^0sDy{vMTi&2;Yq8AY*k>@|=`Zm+z+I zJS62ht!i|FWA(&Drq4v{X`C|n5)l78mH$`flYY?0zdyVHrnT1&tMBp-=c-Gu02{Ji zlJYpEev_GGIV*%vt7KY9B&3Rl3RAK@T}LD<&}fS$rDWDrS>*c!Lfq{y&I+y4p9L%6 zgwI1t`BEYO{}##lZ@%43pXpxA{?^bsEc09w&ilwg(ApMm{4YWP1@ zGc`AaFgg~Y5*qb?`WC;gSrK63Tk_Q;ujW6mo|pvio;(rS|9CG2ftL7R#KrB1Ec<`{ zK{*G&dsG}H#r|!L{$CfV{Fgyeq?;N#@NcjBAAiIo1UKa+Vro%9;~Yngk!BtLpi=t} zsMWu$6B{^q(RbGLba-eTb)uPhBvT(BAF^0#**snjk-wi3`Jh?*kBP~@d};;;+~i4i z*OPy}emK^+pa~AjKMc8c$x5w8&TqO_VqWq)UoTot+(qgpiR9hC3GEbNxC6J0vHN0$ z*vPulmLT$2(XDv13>l#~jQ>~@>9dlNkWU%YV@*l@r(*)j*IpdB2lg=9|G&RyBO^jO zR1R1rW)rw-s^(4sobUl*|6Eb+=Cs-+YyRkoO~-`9#N|_Af@s_uGWEaz&X>jy%u7^D zf@l3e=3L>c^5{MJtXJs)7kn|ML@D&Nx{ABfT z-PHwl35;G-O|zyJ7cUa&s_2Zwp*7R)(Iy!Idwp|*yFGx0aHI!%$=2N5(uUu0L(qX5lZ=NTY*_y4Hv<_tS7Y|{ zBi1eu4EpF~%-ELwMx+kt!k=wu`wdxe$Xeht$pi)&%+W{M*{RefF8hov3KL7TSp(%O zRziP0l9AZ5!x31Ro7VNA5Q@88pHQ|e-G==`xj7BfP5 z3xq{vmwGu?bl?~b(p7?*uC#+RD4UuIj+~Ul*3m_NV&eT81Pn!%Y+zJJW+6jxlCA+) zj0nCdUr5*yNZ+ii4vo6B4#!6jgyBNAO7PBp(?{mpqV6_L28NNh=GVXeIupMc z8m9ifZ&t=r*eFP1J^ucgnL2>9L&%H1T~1Xa6JF>dp&Vj}dy7Y2teJ%A{>G%f)3=7f zc)R8zEFB1l@~=?-xxT(6pG0jM2SvFFDDA)mLw?Ma#fVa}{)4V6CZSJX4nH7lGR4LS z;UFp~%_fmkq|H8Xy4NAbSoFl~J+djF_+kG|Tz&!1@B#94e_NF}cy!mWV0-{te9zzC z;NtKY;c9hy`N)y0Ipt?uoFgo-wViY;l{c_lrTu zuhYe;rMcH0nW~_k&8r{lhjwG>Y=3O(D5Nho2!i))&kq)BPrW)Pe1=Vbo5o+ni48Wb zRt{%35ODO>Ivuxa)!3h&oS1yP8Ns5OQl1hB?A`qQxqWqMs$qAv;xzNLOs)Lpsf}wS z!R-HL$Q?gH9qZGIcY6da+mLd?y#1?$zEmza*#$fZy84F{u}CB&%lQml4UJ~wOBUU# z!F@VHJiL`QHyIh3W8$-pvQDNZK&5$pKB@b-GL?&hkt?$vPL?kY&K;|l7c3Ko_t(I*7}Z9=nkA?BL++GAlpXu{?1+*aJGwZ@GQdCjAGC_%nZg96i3tmjb{w)?~z21R-bPGo_CWGDvBrS&E)lH^dcGwXz zlnkjxfc9EJR)a&KuBJ9%H?x09#wO*~AdNvpZem-FqNl=mA|q^RAnl+7ihwjp07 zI12bv@OseG@V*;3QKW=P70vj3k4`OUdn-YO>h(p1{#@W`PLX#>omLiI5%6SAGF&7D zTWmy4o>{I?lHOdLPGe%xl;A;2X{30T!0{=%Kb<)cA_{d>@1?`Ty6e$^dSPQH%Ig%}`uv`qn)sAE`ELD%OPwT#(8m~=3I4SC zax-i1%NVBeH~iij;Q=GLVt+zrEUZnS&nAR^d3xz8Bje>t$?aMVUE`SC#vF0;5WatX zwsYYwg(;MS3ROfTr6S3=o0=L4hB(zN!a$g*Gtqf7-6i<5qy*eTcnO(e3$mN2rCk)B zGW)Jp$u@NStFA6lsCc$sXUCYHriP9pplUCm5&bsasDfMH{`MqJAG&BMK2d+PlQ@Qt z`-cVO1w2wO1p#WHwv)D*9qt^usc`|tXH-=`seO#Li=v`_BjL{jydXjg^L`K~yMl;F zyBjhx-2H9o#LNV*#F+J;Mqhzg-xZPjgIh*jPeg8Q_u>A;L@cD++vaEAqqDQOC7+cb zy}4D7yQkL<%c_nKy|;5^^1bjbaeIzkw(WJPDS*N;$Z>I{*&*a{yYor$%NGt7+>M^J z+nXEy$JuzZrtRKnFjx5WF`e0;Inb z;3u=(_m+M~Mcp@gb;nr-o1WICTeZUtKFJamfQ4fdA#1MG3l@S*HCUt zd_Na>_nG|@6%|!FGLrtjS0(jLZiXIlibliY_D_1G=4){4!{Z#j?Z(+K-Pa4bOE&Dt zv%%xV+$5jpVTO~kijtDeGl92>&a$$y-O4xhbp$z0Qq-1UP>j5_HIj#%yoS>U(0*pI zoTjhIw7kZ(uBxirjGkvO=rQpY-__swe69Cb{$m$rY%;fkn)5)~Osw5q8XE_KRiYr> z?DBk(NE2Y!`MxZzpIfmMbildP*`W3~LNMN%twVggI<-CKxCJy1Y4P*)JimDXE?B;= z&xg6xjJzXL-bzh+Z7&E3Vj^CU@u+O(mQq-h-I(8WG0WySpo`k6%h?;KEjI2@ew{D1 zQdM!6WD~ZoNsltAg+_?WmmvqXcXBh?EmT-nIA$Kt^NB+?T<1p%5}i%&I{waLE6&T? zYO9;*(Z%nP8*KE}a;ok)oWICBxVz|;ZbWe@nu>HjYIIqV@)Bn$LssLf(~B;;t=@BF zKR2nd@DnFV&hlcf&^SA-!^)nWrop}noU56N7*tPw9XR5naAupkTm~`e z?p(V8qU)ZzPW@-_meqMZzHe9@A(D27JxSK zV|;CHX}5aGg0@UGQ}&kvZlTilGp8jJ{k<63gU*)7vRrYiQVmgJC_4UwzDExPOryTI zqqY36w3-aZ-Z0pFx(f?_*Xs6)*DhcGb}z5sG!*1bECQZnQDIdvqXsHgOmk~%fH!UE zIXSgtum3JIFDV(wIcD@%<%M23cnNWE?IsDW+4uAz zCA#h@65{k!TKgLS4(=1L%Wk9`j5JV_`?HZwFMozYK^>PM12 z$sfIaW1>MjDZ%+|a&*>5dldvmX%^`qb-!x9m`zUXgn?$9@f|-y<6aUHX3}6bVP%u6 z*H=hb6Ji`V)$vpgt$5M=g-KeW5uMKvYO>TtEOhsrV+bl}Sh91&9d8P5&CM;66?=R~ zCn~qtgiZP(QaP2MM2%?TB+^ibwy=#9ENV-ylTa*_H{I-Gs-(zll-f!0Tya^()A?jF z>!)W{N7H-cE%4CF-GaaGYD5o4B1`6Y<4H6e)M*MgbqQ3zgE4?bLN-0V7BXKJLFvLO zgD~sfW;ZnyIEdMq>ebXpKMoPxw%StiZHckiA^S1gI$rxiVm`e=!kU|;#%!w~vs;wz z{ErrZGbaHNx9bH7=T}v=C96X%sxiI~F)?WkWc4j2!pg!|j9#(qfb+Y`}c?pzraT8zxP-j~2}a zjMS^Xel2T|Iu3@1o4?Iv&h!ki#QE6roxi2EejouL`M;p0xWp6ojQ(NTjZI#@06I*jgEFckK?O5*d-yd?GZ;xZ@<%X zogN(V&Mwz_4I&o>j^S8ZmL+>z;Fhsdi|j|%Ahs<^5T6^02mj%1;QH1y7olqUGZl7$ zuczShusG}N^cX1+CYARh4K)~n5M!}fOjF?Xup$LlnJaa%8c__&1`XB~m+1EHu4~D9 z>B`2-YgO<402V0{sm^rQv6A5R03ePI!`HJMavugO-7j$s%(}clza@x4&YX~Vm%foF&OOxA1jc@?gk?nQn_Pf97 zb^m>8$FiPQ0TZckB_5kO%&)W|rF=oQF^Q-ZN;i&HI`@3FH5qpSkh5t>W?!4P{_{(@ zEE4)9?tXn8#@2EftY;oQyOsCAzBQRqM>um3v!6Db<&ci4iVC?Z8aIj^5rRalL`F8R z8czR9Jl<{dgg49|GPbmi9QfCMCLbgxOgw@D;T}|sN^|Td%xxptvEACd|I&kLhN&GwES~+K6I#_ zG(RCnnZOG;sv=fh44l4~dz8(-V5^b!&($%P-?aAr@fw}5`L^SBpg{LZi4=AAXwJ{S z){q`_=}$-;XIYz?cCRf=S!dI4%||KnWvI|}q43kwJbm)?1ZMH#5NO&*Q8%ABIu*Bo z4+SYmeW>~PtRdnO@O#J&u7)k{9GG2;pal7KiT(o_vP$I8-_gOZ_N+0mvoC58OS3v$ zm8pOP9KH4A|4US z?>t*ANiSwNO>A}EwT=`|o#JK1(Ug_bA5+Z$lCRoL%4T6_2sfDm-H8oj@b~e_Ke7~ZTRnS#V^%%C;m!S)|NCiC0=e;l_lj0 zD%;GW16QzSy$!h^UkLr}%V(qrl{uM86`DF=9W?_&EUkDH)3swf}R!Ra+7PsWF z9Laniafrvwm75Z{Z-sCV?Wzg_zGQm&vZk@m#VldoR&1B0f6{Wxi4f3Lw5$-Me>=1{ zh4eSNLhjr5A4TL>*ZV%M%bd*99!WG8@w8{RD18|sn#mpkHyLcVC`*1|oo-!mYLlEk zuU0H4n+A8LROTc`QEbZA3ssJ8@-(6+#n+Gh{0qt?fyB2`K*h8#J(TOp0pNJZOka|(K(zhUT*pnm!G ztHDX(bqMVat%M_f-k)6QI!i{9#i@+dkxd&F&%Xm_e2?0R&hS`B4#D-aTWQEPo#r;0 zgk#I>2g`BsYjHrqB=$Hja_K{vQOiE3|AiY(h)3uI1t#0|ibiRr(MJF$%jK;3K?GnV zAGU3CsvG?5o)@^2YHxTX97sdqy#QnA`WVe8*W$4MJCGI+P4#*1NTPjXE003q?J^m3hm}N4VDkRfqaiUY-U56)LdzwT^RRN z0AG@C1Fb{GrK|JvVQQA=ZeVv7=N(?69xs>0lNV*5wS(`8%Yuw0CRWOQ`&&#P-Y*BU zbErV7s#pRKZ}+b2AjY)w?=3(3ciP)4BDo%aqX-!8v>cu`rb@-l6wHR_!YpMMmFJ!^q#A?FVO zF<4mEbMn$5EGFzmPM-!g!W+RQnO-Vnx36LQ^T(r4?irU*5y>?t6&Mx3)VXy2aNsyz zi;A6~9V&Bts`YsyO0&VM ziK>$hI(@%S zen44y>qdr1X5jf%Qgb;%*D2`}hE~II4vfTP;UI<`LNCAieGN<`Uc)wten8x7pW{aT zO&=w`!b|3><=vT`LJz^bFQt?yXmj|$Tei(yuBpVrD zN}7k$fDw<`T$XHbD;#!pd1$AfU@#ZM*}NZk$#?0b8zZaf88e_xJdBq|J`Qi{lbVX) zowmUC2(d!_@uk_(`Sxdixz!2C=u6hTMk*R^k;w4H&(=kwjeJRlt}>)MRAL>z)r|gr zD`}AE6`S&ABkN56IkGXXgJf`KUHj~%t{k)Ca#>7i>4sp4m<205o8ig8NE3|Yt#UBy zgA9H;9w3LfKW1~~$~Q7S^1U|Yl4#SkIsVDY3pAbA|NY}s$e1)|qJVWqfna${wf~RQ z57b5ox>bNm!bk?$B*>PN9$dLl{~b&sEC{x@t@>eru^*o+60WLvRh%M+V?$&b&h(vd z^s~FVhTb|Da|S^`iK>wZVFNJ8oUDc{qa%`4GAZ{t!Yfk-m$e)4{y-dzOvSN+3zyKk zk`?sC-8mt{^JB)o?0uQ+h;mm~lvx5(jLYcF-z&!AG+G_KhFzXcv{TS4$Y>WB;6THO zlzJogT!@|!?dpBeLcb(oa{96DFfz&>Ts9*HSAZ&KZ5V|!C}c1vF`6?@QxP_WH;HjM zl|EG7*i@9COIT7-k_ug{t;OTv9AC>7R(jh0r4G+ri&OcF7Uh+9+BpXlswe6=4M;Nw z*>^)SF8g`H^IO!PRz1uN>raE!TE$Z`liyf?grCeh-pF3Tict2qvew|3T?kB+w7;cC zEgO3^(a9t;TwyF;C@v?(DVVV}oXtvmMH30j!(Ty#Vn+fVHf&a<60%|qAbsndm`^si z@+eEt!v47bEvjWEkddJqP4eCHD;_|g$DSjcC(LiW1N5TLBLSp_LeMp`muYEu>1k;P zs-uv;TD_CQN8c z=SJz6G^LiKp3ggp5kd%goSAP6sr*l$W{dgz$?q)np7FvP)9zU7m_Q|PILakvwtDYD z3!iGeEY8Zs<=FGp1e0+P(a2*ox#iy$RU{+{q9h6t%*(4H#SQV-y1B8Us zk7cj6u~aCji&y-|bB#TQ$8H;HTxK<7G@8_C?Lb<($dq7XN3xn}bQdsaxO(LTX+rfWF(N z4i9I1BfzIM02>qr(cISva>UEhhbGbMLfnTL5b`Z&wR^CT8=}y^b52FOhhw;}l}~89 zf}<1Z-b=cC1yq7udeIp)n?lU`sF0rrTtQJfZ7I?a{`oVk%L8zI;~4V%G&6 zdd$IWZGK*kK}@A6Bg*IDq3yZ92lr2xwq`L96I)v3*2nDb@WG>IvlVCR$xa4N=#vA# z8l{Jw4Jeef`49#^_=qe$jW;{!8&vX5+itCJQ`~=qjnMr(Fub5EbIg9+^lemqxrRq2 z`}bl_ZspqmepRvj`m2xk2>R4eX+a;g%`pqEg)k$ZM~!A3Cg(LAHRIp5jA7&;AdqnO zHq+iF!Nb2OwBUL~QMQRi_ORu0>Rk|1_Gi2{?VZuSKrhnpVWU^b&O~CCw7ZPMqw_T@0CIpn^C&<=`JQ{e8r-Z2eNm zgDTzTRTU-uav{Rqy*3iCx?G-ZPjEuki-O-I=9k8yZMoZ-d{iJaKZ=MrF9f0?I0WYB zEicnH{*i&oM3qRO)H33NH7j+$a>rNgYk2p`4|^Iiv0j?+3QB^iyIz38h# zLcKI5ffjF?J<6GiIL8b zlgxJ0_hI{^PU3&y^+0|o;-8B5bNiyGx)M!kL4Q4s32-MXA_!AlvPfHUE90xlgq#`uO ze{@#|UfZmzBiwF=Am!+|TTQM~Y%W z4Z!%qQ-+c_rZk&JxGqs2kEb-PtP+QmB3jmj5wn3i*8uJFAa` zAtZj(KEdaat+2mwqHKUSO&h0D4p32)BCQu&(7ng<>|1#Z7Eolz8J?N-tmP>mjXDQL zh=K0+YxiKV_^S^M$M#RH7X8vgf#h7Nm_s@uH236^k6i95%HNJqor4X!LUtcBH0qW> z%N9*x!9@iUu0DU9t!8y>KDUZa@a@ZP30xf*b-!)gof21*)Yz>-z@2NJK9?aQWo>PXZx0`&Kcd|gx3ybNhC3Iq`4c>4O6Mi)#$E!7a z-1op!kJ7{|KW82?s8VQDeFA(iSC8oCNpVvPTjyl00z z2cuqts-&=)nBKQQ2U09_Y^{d{ZKLu+`ogHx)rs_Bm55cOp$`Wv)E`m!5$TYE65$yn z2;E5h7xRX3lI>iH`JpJ=#Y{Zc+$e+lf_1xLpl0wHaoCM?MG4|QLS!JXGYheQ=GI|j zdI>Q1E83(fN&pCn^>|nGhAe|5SnPe$s1+&Am-GV)vWqtxIKxFYTzi4AZW)gZ+&Q%6 zxE48(ZU)^+TI$R!o3hg@V}9CZP|T+g1-}`wM_W^sDWnOGJV}1Hel21hNWEW*Rbofi z4Y!*`D;DLn1*^-i%+f7a=G@~VlCSh#3jA`SlV5pPogCnXw?N(dndvKbMTnp=(Wdou zG`WNc`hoLhaD&KIg=43ifktaSVBXS!cSx4BG4#XC+_n%&R9^!ZJLKV^cPb|MYg`Gd z3EGRI@tF6fwHr%lk)Gh1TIEa_o)?K~guD_=ZW|&b&D{!C3Pd%)?;yj;X40*~XG6=U zHlL)Heo3Zrkz+^ONjL`}AYjbO&&--Y?{Fq@(@gOTm2%*c^hPN47XovGT99S85=U4` zCLQlk^C!&DM1e2-0)z2r$p|o+P}5>P^-35avK$*ix=61_sfVb@K2RmnjS#VTaMS|s zM2$zDmvdt5%ko<ZV&ON>#Wq8Dyh^I|a>wm+HDF+hd7?@_&Z(?AdbICE_$aovDcnE^Y}*^Wo}KA*7gzPcMH?TMEvrgai5mAKvSllbZfG>QW<$1cy@j$uQWZ>0FmTQ8~#~z@+rT=rx)!o=NAdm|%kG;i5 z4t30Pj9|v!*$B9Rq6}*|C?RT#=H1O1-ue-_mC4~$gyi-bxzs*9mL4Tn9l#TTSgz^x z5ELnipRGV=rx7}Oely07Fs|$Miga)&LA3V4!EQmvA~>IIf>Xo+mV8za*dXJ6mL#P` zW3^Nk(RE+adpEIPPz#lYS3R5^OrNV7MZ9g)JCjl&oolGJ6tzByJhj~&9g92%%X4mW z9>J@|riFg}cm%0f-lJS{<1is$TMr*b`g9<{AJ)8bIY^8#uxe7Lb-0;MS9k% zfGitVU#;Wwle);KU$QB+_&jfI--CqUT@LQ= zoNq6}rA@%N(4f-5|89bm!hmE0927`DBs8xtX<&kz{PFLIqbwwT?74}>b)#N#P2_DI z?3**+4=~tj1DOr^@bX+osw2Br3{WMtQ$RaLWC6|KJN{^8WgZkm*r)W49G>2lZIN>>$xfj@E_R|O#QvMrQKLxBgI06?L7UTHIs1zCm z71=+6bKhv+mXU z)vhne!sBxi`D2-Eww=az)N0U2e8pJ`bDPo+`P_%@GK6f1?qQwc;$M`pp%!s3WfJVj zWgPnpt?wqJQ*9yHixK)$KLu-Rf*J>L z+bmQHP&>i9m@b(;z@eXkG6@zXXI31GaDYf55bW!2$`tSlwt&o15x{<{RxmSmjEG~7 zcXsqMUL;od5G2ygtZ`vdi(4yuJj*&K+{+P)!h!g??M#~%R!bBmi<&z$$TCDQiuUPR zWu%>Sw^FExvaEgBMAOYYw^IY7w@j2{+oNBO+VdwO$o%Zr-6wvNa+*T$-qjRuYqzPn zc^`_i{gPDAFPxHov@3ISQwx9ink+b=VdX!>^M7L1?Q>G2wa@2PDMLvl!;>moq!!`H z(cG6EIPP_Cl#b{pHuu6#l&a=lf9+RgNh13MWtv{0tZx0MNncAN*2|KQX9<^wWgT1YyKgEQl|ofawq>s5sG07I7I>(IGMQr~QS)SG?hEUN-qK518;1AG;aFO4QB| zruF6R-`)(C!hKC@Oj`9V3rLXg>-tVs9Y>C~-3U-7V_A0g#?x{8S=?v2_9=EKPvJx( zbd3tn*`9h7Lew+VSqufk4R~9zUJkS0X!142QB(6=!`dg(I4n6g(ZZ)fI=o-qVZJ^v z`>l7&p!wGD3&M3Dm>7tQPDA;}(v*>&%$W)Rqo!$BlI0pB*sM5IIc#Rir^#UczH)lq z$OGe#^X9rZ52q{57{dZjQ_&Az0Bwu3Q@<((lB58Fby3vLTuktH1sr)?Nkz1P?>=F} zx|@uoBCieThO{@P&0NSh1)~Ax`#BFS-rfGayoagM8r6LOM(SgOBnk3)%ETixjo%&6 zb|#&k2U5DskOx!C4=lNP(e#T9T7M>sq?OmFW{@k-Pfa^^y{GAHgQ@&7m)PI4jHLwF zP759#f2>&kjy<1Yi)ZSI@msj}fQE+qIxk5YJJMGT2nA+1%+pjAJ&XmxBnSN-?EcxwBl)~F&^$a5!C7YFrxpIkRLtvRPgHdQ|k)tC1niNw#-zH9vDL+0}jMeqAQ-XMG_ zh}k0elG!DP>LL%Yxd3jhx~KJn0Ww<#=;y!ts=Q>9t?ldy{{p4!%ZudN%e~(20-oS+ zXkQaSeF`bE6lC!r^}&=R9w#zk{5}J$9-L6fX;^0|Wtj*$+!KR}Uif(UfQ1(XL^N&m zdtBXV^uw-1_8l6CLpKpb7IHyML}V-E0`zi>ec2t0xS`UBOb7Ab<<>&D{Q7nx+G(Ds zhFnd(1`@NmI7J&HSQjg?Cf6oy&QR*G;Gd(BU>HAD57LgYS*pbUC`P>lxs#=aWPdXQ z@2uLm#)PYcF!vxkO$`an(#Gb(q^_TuosDSSm_iotB(i0zavjY3Fb|eb8-e^YV^#^# zV{t!=p^Pq8wCR2?k|f1;L;{lxoscwQH$#nT4ULn=^+*5#c4<<5S_T(fPvtvO{Wm&*7<#Rpr8RuHWwDvFY?f{Q%JM|WiO zJF1N3&jdx$Yff*UyVF$!wju9pC<0vEqR>TwKBDk#ZS;tX7c|B2O(+-17q{TKFt#=A z(%)yR9)|^n=e;DJ6Ki~vBJ@c4MvB*#GNSJ25sL=hW(@wEdGNutxc!OB>Q-=|NX3DR zA!(X~0KCbg%T`{zv|)R)-L;?J7k(N_^-+cP0!X~6+LBCew_IWRNs~grr*74?!P)); zkE9lKEIWU0DP4Ay{v?843H4|*UfDM#YqN1zjR*Zp-`tA61P~oLEef%aB$+ecc3{Qk zm)R@pw<~Z8F%ebOUUMf!#QlSpo|C$h1ikdUG5t^9AS5%-J5mi3Ka{%{s(wX!?x~$Wnq$gkPuEu$Dbu1Y9wAIG)DZIJn(4Oc>8L+j05U&at&0|0I#C>5(1;i9^^8lTP>gKh z_;t&vU?B{MQFH%|XFV;x@?rs#FN&kN%Eh+x+V~Z$yV|H`oDkQ&p+VugDkQ5*0MFX@ z?F^Rx0^DR6NA`%C9V+Dr@L~upW(s$TUP@G16GD6^d5S`w2#$}&1^_u#okUz2TG?p^ zIZiiR*G1>v_pK7*;@)r9*+!oo@0Ls*vR|igu(o^Q{!l<1#3Zs86dJA9G*~X!EZ2v+ zr0XwI#Da|9Hedz1?1yQJGkTbWGxh@K$o@8MMiedp2@9h;f3KN?5eJeFzk&YI$tq<< zC}ZZd9t>~1^2}mqThlgH(DZKGZh5qdo%qwhyqxV1}iBxYG_ckINZ zMWvIc2lAWMm2!ljkj;0cWGEC&|IBR(^~f z2f_p16MXLwJPxPsmiOtcYds#wAqG%F!H~W&SuvahcH9x>Zs4TV7C33b5#?H~*eES+ z(TlRDYwfV4wx{0Vxe4Cj^8AO!a11rQwK41C|ODQ8*&ibwNvIV68d7`!g!#NG4<4Ib9A#PCE0_+tP z6YC0_k_>5=lVlSL_`7o^)3U;b(hAWey$L165`93`m47`Sa5RSTASnG-cn(NHF8$*~ zKwM=MZM2@?4Y#rFXb$gO(Dkr>t1w_;Sa(da?H!+$M*r_k^IDHK%LdZxrf#~M7HPShjDmW z&6{Q1OtP37vYN4p=$SUuSVXemDMAxz`lyc*#*vr?gH7gpJ!2giDR4i~d-30J@(eh4 z`iB!IGDmmnaC`L{kb`H^{YLj09RnOPH?4+}5guxF8>vnwenDS1QG}T?^D04Nc~$4Z zhJ)0R#L8W~pQTf5CW1XX_8{WP-d~9y(dZ~O2OBiE@!IE`_4(*8Gdq*b*dg^A{B#=n7I>26gapG z6VGFq%V7v&fTs}}F|P1-0es<;_ysMZrj`HmK#(gWIFZ4`Wv($|@tYkAiZCBx5d3tp zg$SK8`vm5H*x9?|rvgR_ROffl!kp00Q{HwDk0yKwa}G`$A=JuuiG~;#4dzs2nPo6w zegu7Zo|iAIr77UoP1T6?u%MK?FPSa$Obw{G+o&$^fAGq;5z$zsC%QAs7a~KObexgZ zPGGxo@z&8v{IESu)}2V^sjgh0PEiP7XRc}<5uu#$nrRvHm{F&$PNC z`PJ&}5&*@{!y+w_yM|6dMCxH1I))tnprAxiS?dh5vHAkvmwFq!-sP=&!V(pE4ZLxz z5Pvy7-k#Y>$SetJe#x#HFR1>*nzc5mWpHsTE!RHtx0gX|Qq@C*Y~)^+#mOI^n|ZB(cUm}b{7pxvwyBbZcd%M z-n5j9=wR~qEGQ(SQQI(k4F>vjW3Z>Uecap^aKzYZNfu?iUllqvvR}qc>akiURgX=x zAh0hxp0u^yI}PciFj*|SQ6Z(uEJ`jspWij@Mu>-rs5h(`l^A3I7eGh^Bl<34tjA3_ zgU9|bSc`u!ff*C)!B{8?P!a=ovm@mgF~<(p+S>X#Y}VjI(5*-T3-es?t%xGT+ih`m z`iX^Dum>BJpVV+ufL$>zDt73L_l>#+lM#NXW}pK}rt?Ak3F!N5w=VDfoPRVIfOCG+ zQ%-Z0QeLmjoVK4)HCr9wIZ-0lj%JeK#lZqLUwV3qupPlDJ;Y)BR-J879|{U6LwUa| zAENLarTCfDO=t4~sJ`0WpWg?VWJ_#L1MX0qE$(OEMMAz->U!`difKk{%JAN%z#hRUJV^C#YY#lz{SN`x4lT6{^$40wo5&= zl`&3jX`(n1Fc=I#*J%&ju=}PxLXd$dR+W=9(?yMoc-Xyv?0EY@HI6sdU}|#WB1ku6 zi`xU9cEBXZ9aX|hviC=jHl-mc?IPW`+W}e+oZ4vaPta=K7Ju?>L>M4h0|;oR@wKRv zi;I?f&nw@(e58D0s^}o)--YX#N|zW)Wy)mm=8^SPI^I8Z=pkgym(mu@+d3~Vao*ue z4~)-?R~D0wPu0DbEq`{J2IF@6rpXB9p)GhQ=V*DY6e{9Vz&$*!T&$_7rb(88MZi?K zAZ{%)jpr36J44y-tW71frIkW4&TmIMkRcbo`Xk9@fpu zEh05O*1gP>lMRkeZkyB_5{GZk)WWjdoLk*h``td!sxYxJJ02Q2pRGCpG?G>Ud5K#1 zb5m>Hw~V^d!mZcEuDWW0(iq}af2(`4l%K6TZVm>ZwwxVNDyXO5Z;LZ+Ia)VvGc}5g zjZG=cp0G~lmKXQY*h^gbQ2{e(c2NqODN48e!rQW>3DxQ0`tKj1R*fU*;M2h%(yZb z#KI?E(=JoyLf*!9=SZg$-oz5>JN`fzV2f1z6^=Bk-z_4OJb$7`2;~d0W0Qtv=L`BB z#4r_>qXPcbrWc4=L|xr-hPE_66vqW=fNQ2_8t4vKp)ju*e1!OIuLeztBytJ>>m*Au z{CQwdC&2#4E379tRqAlVe^X#s=NQ6x4FpgS#EvYpKj|E3BfWp)o{)apzM452QgBR6 zQV3OncjLmH%LmU{o2r_S>Spj%AG4%!6~$F#70I2O#V8o~8+J3H^wiU{1}pPEq^wxr zn_n!mNJ?$WEt-hupt|pC{%^mK$&uX!Gb?bc#*U#~y$KAg9|_rwHpZ3)Pd-o6GvUG@HD>={LeDb0ysttyXeJJN~gb-f1)#um`t#Q_G+x zm?x26IVu5G&!NFY498ipz#5Fw0zQJ=_%zYVT@6s+77=MBG_ep>699JuQGmlp(DQ+c z%+FPUsW`E3J0F2o8vX%`sNed-kxt~BAO{ra3|CQCeRc?V;>j2Q!5(IzgoL-Sgf=y> z8lSrt&sOB0p*IgZQagzGyz1=O5i^A10(x_*CyzS8`1-Lx*gFsD0&~HI6v}ok6T5_i zxK9XU->e_f7Gi|v$+Urb?dK}w9?t|HV%p#4m0j@jjk^2fzcox)*E0(v1q;hy4OhHv z=qREC&->RY@swZJz#ER5KCCWO&i!_Pqe~n(kL?7~%r(zktQbtGElFCW&2@t`f8mIR zRo5z4SDLy=F2d$^lt&Syd0Q$QWT@1b3WG>U5FUuJzk;p&Q54?ZrApb$AlN3$NN1Mx`WWpYUo&pO2XQ)S!(Yo;|p*30sELKaLVR$_eeK(K*V zc6C=ZW|?0qKF7t+U_#$?tU@uxHpXDS32yN6>%(eD^|e=xy6^2Xj)Xe3hpOTIY}Lqr zvOZIoW5sVP_4YO4Rc%4nC9TeS2JOlOKtB4BWNN%lqc|^pDqe1ryCOcKO256*r3Bc& zOgeW8rX*{-g=W!z;13G_C7z@KH6Ne`X#<*{NHyN!!>?-?WB37OL97+i3NqXSg<18* zn4{ZBa6-epPwV!vx<$PiU%#6+zQY9u!d9Q*zW3njPBPpyO8Pe+(W0Kp+BC>+o^t5A?&{L!6sHuv?#xO)X4!Rdpcr z_aic1aXK_7<`!>M>yGiXmvo~af0-fGu$q0eC7%mAA1EGUXgpuR%Wm^{dZqa_z1Ckf zt4+JSRxdzC&g*MYMdY|R=tYeMagad-MZhVr*t{v{78BZb_bwVSfyQ;vr4X^>E<;GZ z)?6#B7mrJyr5#SkcTAt|G_YLLre)h{FbPZ~wNFgaB zBarn2ThZ#{3#-!3LhkjYaa4OuKY!>;iK<~JUn>NAXrq?#Cqza>+GRJd*Ip?nsrdNg zlQAp&u+3e&T~TYJL2a(Zo8DtdN_RDdIu4mOV0_u7a7*Ix8(5ooYd5*d21F3+aM98A zq$YGeuf7IM0a^8lh#c|!5>6^orr~}Us!2%g;2HQn`Yabsn2rq_?s1)3{T~}_ashb{ zy0VircH{>JJc+-M5|L1n!NOdG8H2-HKHYDB9$Vf@aqnb6$hcw0M!CN2r9aJqoWj4cvLd?zZr>GH( zP{fD}Ywgg2&x=kOGD zSi~9w$h#(B^__O(46`8~y9v@~VLGh)rp}iyK>c``HK6gyEE9e_&$LNKDtJ4qJy1Ts zy|Pl_1Fi3CQpH?jf$m;?)Z$)u86*iRbCa>U zK;PyuM@+T0{dk6*JULNINjWb|vIy~u{S@X4t#!YY&YLJl4Zx?`I~Q$*NxpTMLlr(` z$RL`_2CnjHAX#%l^FESwbJ*0)=zEjL&N0TVqwjpMBtI$Tu;%O^BoW#@{p&tkSJ0F)IgL%0f%13T|evHjC$P!$<%Q3 z5Wd~Gq(&|R>Pb0&cJKZ)1tjS^0U;v1NEn8^@5FY7hXO~Lijv%w%_sIaH#3wS-Zopg z?aPx9ywdZQh)z5-a2nRz(x#hX!`CAHA*GCQXD~(|+EhWt=mgz*=eYL=y`Pq%blIba zr125G)E+)F#J6NyJQ3ZoQ*jNw`|~g)6y@M5%%qKOn}elR`!S*X`a7e=WHfav!p`TK zw@^Q=d(MH$IOWcRbDK}@5EYK2i=boOwL` zHdSYwR9=Db$ysQ~Z2~+t3QWuh!h@K2lt+(#nXM0QmR1T$ zVw*48%Ylv)p+b&;!hL7sK^qh@PMAfK)RC}Oj?+Bp^n~Of`Y>ccQ6g!&0euuwRPjd) zMh#9;9)p>`Y*LtWs5Aqi@7b$Xhs$Mh^(^ME6unylMf#>#c~MReopQnA9h)W#ejEOa zrOsS3FzMpun}F6wZ41%41p}JkCkm+YH{V43&>Y@nXc&o902h!RTb*NMO5#`c^B(RO z+XS~FY9;&fbd<$iMtN0h7#a%00BD404aI+mSbymMA znTkHZ8ugv&B26&CAZYzyiKFG5l1Ybc@I~QMix}M` z4YN8fpNdKYh6KQJOtJ5ZT;;U{cYEm(ej1NP$e;AfX+uMq0J4pGbe=}uUV>E3MiH}7e zlLVtQdwYjVHt0R3rv(Z9xt{)Z1Xz^(^tVeUg8(GBgy7a zMuI?I{$v7YlX?p|x0A-HZLMJ3v^`F^Ft)r1n^bgXr=;bz{>h1EmU4gmQO7(rR^7fj zx6xp9hajaIInj;_Me6XGW5piDV-B6pe@Kl!A!-M+QIouW=}G#=V<06=#fKr{6JX81baiGwhbaWK_63&}u+- zWiLbM?slSA^3@tvkP31Z(;P+qjAF);9?|1ckEf`|9ZrCIzD&}6W^D+{nICeA1@QH| zafvfH+x`l$-Yp#ws~(Dk6Gg*esnA0cPbx3u^SK>tgk1tTuk~w^JHI-<*5lsXT3Xsz zi%iEquv3llhXo>k@~`?uEC>zXJ)8UfDFrQ{)K;P+Kzwrhs3cJI`cX(3dwPOnF2g)I zXqcrgI!Iz6iL3u9(lM}x%pCv-D?2!qZ79AJPU$|t)^e$eNvYyw5TgKyOeILZi7Ol9 z*O&}Jr!d#1G|63&+QFWd*0;Oe>ioc7hi|MGUfv9p8e1tbad2^2 z#Ej)f+OZ@%AA1nG&1Uy(W{opeV4TXx&-+7GyMDeCZ%fC^f4=F{yFFG46B1P~O3J5%XRpfv|myau8EOn*t=(50V8~*!0W;S@uBQ(-)H@abo7sT_cJV zh%mIvp6z0>oG$Zu@x>huj@VqTaT!!mfIqnVQ!E4o-S_pWvlKA5@B0_!0g?}I5-J1> zbKLV;e<~!eh!LZhERXsJ^~soXYhA*a08^++0IF=2|C*e7*$90eTbgasVs|WFSp^7m^-PaHPqO!$WfP4k^LUk03hMY z%P$BMSIk3-GuX3TuAfkcT7gGd?y(OSq&QC+ZeP!WWq3q&|2Gxof7n^z-~bX9Hr9d5 z@PS_?Ma@qPz@|<~d34(e@feh+V=0@uGr>SW=ge;P$P#cST0@z1Q;Rl)qj1UdVGV{O zZ0vZFMjQ(k}z&?Pg|w+ACMYloax_37S|mpI8RI7@>tO>B1-sohL$WC0BTj{ zLl~Wg0`xP_g9HPh!_N%n7#Yi7-95c@s8A>P;SU%B1tuNvCVFch`Kp?TpBj5qW!M5m z&EM3Z{)Wf02N`F^1br2QP)zRLvalAFZ!D)D9 zUkg3jCdK^gKuG!d#0W{r!{-HofZDJpNEYli6HE55tRpLbHz!GyrZ8Dp4H@2zETL9C zhBzer#0sBWx3>zTW5Gz1<%~nY){ZW3+St2m{&7YGQ6$N62KfTrBZ;4AZ;)FM#qORb z$+35frY@j&SvW`TfwY4~js?}w)C47Fh)2x(ub%^s_;+4@6%x0agI=qAj8|t58SrYt zXeic~dseI)28K$WCQh&oV;d~2E> zaWJ=YdsUI)!j2pS#L{rU`Q{jBsM-;v^LMNde_^p@exkM`7)4)7I0PzqUA3dj)lQc! z;p=?XH)xzKvHUj+V2<#n`;mJ`a`A@-)0iN+IaCrECq4V&-OFOd>6GCg+V*=piGqU& z1(}{dp-5ikqe;R4I+=caNccHi=V2p)NGQJ)$^?jaOusMOz6fyPL=PA|6Nwkk(Fu8F z(;`G0F}e`WqVm+4>vPQGj5-J1;_I+%Yk91_iMQCd-BEvP62w?T?#H1&ISg`I7%`d1 z6mTJ-XjZWK2MRzq=2=l=i8gcO!{ce*pUQ60!>|_G z;j6;&3uiXi(d`_|bh~c*@=_mejZ8+a0sDw zTjE@~s(=s!{MP?kRJyM4y6{6TU6qx;UE|^vVc9@`k|#&qdkRqE*nqXXL$Qhx_sqZ< zPWR6vk4@0w<*`tz2*n5v>h%f;Ke*O*foIw~A4O5KU2$NlfgBv5nfkqx%9B+rKS$RVUD& zqs$|wRx5QhkTg+zE3NoEp{U@}0!$#l@cfK3%g4|CbyGY;(s!cRj-VD3#zn=;k2o}g zW%w{Ndf2I*N#{EoVw%eC+|X1J4!^LV0)fweUx^i&JT+u@TseV#WaZ$NE(x04%-fP8j(eCu{Z9gPa{-(Khc zgG&5|aF~+{AG2e@m>6^{j}AoTkXK74%8^gy;K2rT`>GpKL!HKaieJ@pz8zV@IG$w4 zu8Hu%h0>1Dq6N>dN{EvBVsmlVy3AO43?w3yzD>d$v>>n|R# zCSox{RL^OVrj}NyH)xZZ)-Hs%v^8{ppq^aUK{7iHNxB$Qhtgxckgwf)`JH9TtJ@Nd zQWm$v#CsVXEy(OwIk=EsuG~9_ld|A^r_LQXQfUosQ$gF9me+m*`le}6@Fk`Bn3~pjAGk&X4J)d_vk@1fYd@SJ8BF)%81ar zlQf<=c}t^7NbXLc?6{jsmOLdhH6A0$Q7IYGuFXX@5gy0*|2WSe|9%)Gw6LPO&$sZg z!J#41p+V>OLr2Nrs0}+J?Q&AmAx8A(e0EF%!tZBeQRh-m4aSQO1!`!AjcnD9=?e8;E z6thCz0L#tbWBrbH3XpqiaChdK>2R}|K8kmq0F{^i*NIL;@O>d>oG8gWCW5F*O!+e! zdK)YTyU6kU(K8F~yr8Ks$rK*5BRG8Kv=bI0H37VdwHZ?86RZViETjh$d?* zCqRTa3M!z6lNs^j#s1p-+Fl$PDVeCm$Fm^@q!>lvWVOcn<|F17z`##HOSb4UfbW z%+taE)T5)t(sy8AeYO7=8JGzPaHlgXn1#?lBXmoXC65)% zm6Bt<3*`gxY6QF5Te4ZR5v8#bGBh$nzud+0bu!0TK<;0w)yvA?BoGIgH#TJ8W3xrtX(#b?(-TbLD~`KOrLaZ59FisQJZ=0Cz4o;8&TxQ zxB=9MC`S4+#K$20`*PEL0W3Gu7y4x63j&|Y=`7E;8*YO$AKUW{m$7Gu! zHs1^r{hD%+R0;u-V=e7BbPfFYYt1-&zm#_|Z>+5zdI6kMC+_(*oCBXwBBXW4!P6n@ zL%%ygiz9X=ezpbKX^k)@2{7B?RcZ@h?C< z^S>`MD1hilD`OK%1%uF~XJWsa8~Rb_?|xzlTRpwf;%Gb?0@7+k4B4cz%c;iQDOmBI) z`&8zH!UIl@P$)q~dW7yRc#F~NeMUxZr0_wG)>T{4gsHl=)Sakb?4emd!gHmUvxndi z%Et*l2RaZ=OxcpGAX_;IvKqKMV{}%49EI9Dus0`B#}g%~%QE3BxI>=sorhI^xj?7B z1H6L*1#mv_Gl0Fk2QPdt^m8@2QeleacVvHYAt?zeXF>iOp0@%XFnE>l*Kw9gpt`Es zo_i0q0OgoU)+mU{!J*p3%)m1KkteK?0-M>+GP4wSVLGzgwu;lY2lcEeS`BTby~p9T z_nNV@pB89xf#Ae#AMD>q<=LL~z8a;dLDyBv%8mGNk#Q~fGu72^G%Ym?@HW`q#`9|I z5d4%RdFqwmbZc#k;(R>Tr85mm_%t3nk%D2p{RunQZjL&Z>9`4yr3x6@b z#aZe_Ge&5gxn5x{gCEuvFQ?h*4KI7$YH=bKWpNY?7%UO@-*m@c0QERl3)G6m^$2m-|Y!+U*FgXe*CiD0zo;VwE=sPMg=6Xv(=adpb8IS>BHKWa^t5u$|B8T}WfWS`Z0LT|r>3Ck|R?dF`8;OWQ6A&>HZH;Udx_8e*yk z!x6n=Mja_d%^Z4GC{&LwgjKjEar>q!6#{JF+G_i=a2Z*X8m=xAV1Q6u znhF40o~I(lcQXZ*Ke@l7?F?Yevm`ltdS2C4xE5jJ63T}B91fG8R$;rSQPq(sB2Kt_ zId>zRMSPSoUQQSiO8MKR;hz+vw<2d)Q+} z)j|BDs!RSpW0ksNMaLq)A(@V60ffA?q~vZVI3_{gNc7GYX>#_~qc-~&`E$ohl}!~= z(C}UaK7mS0J7&=FM681utgE71-6%HTeNP&VVQF({-xgDX+K=v#^oPQ4Wme-)izXFA zAIi-0d;;{8P^u=6Dqb|;Z|o3?n|yuZBku{7A2}Frnmv<%>Y*#zg~iQXkHrKE$CFh` zgo~J!eFJa(lmaV~GCHk3k~e3`P12p-`c5{0nOO*OsWsf?D9k$HN0()Em&?AKGX1H)3DYQyqV@6mFwmUwLXzPqub zs7u_ApoU-YCT|n0jsX1j$==*B=!fq)#jGpyqwx`2bZGCELSe%^{XZWb( z+0gCsOuGo%;=L zoIB1k05C~|Xm*xaM7QynE!>Pz^N|SgMv)@0%RGB2 zdCVx~t%2i}pJ_8h-T&oLm*;#6^hQKc!aOo!&*?w|q{Wa1?dAy4%b96UtHcIBeG$3Ft-e8 z<=}jKdsD8~mNLl=GmIqay3-r}NiuP{lBx9ZnX_~T87#P;V8FB7%lJp~3YvY!C4;mw z7Q)lthAmGjYpmc8U8}3ng`8rtnMmwEhqABnU;4T+WvrkI?zi;DyrD7@e3N$%tBihXD9`|QwH|<-y2THrhfmXmaJ)_H|26;BpJhY9TdmwF z`-?cARvL`fXtN`U!|^Z4wdTY$^IlqESyf)#nNca~D3#Qu3EPRBNdO~Q zZ@tB{9KQyz-?6lOe_-{Bmo5j}^X1zP>0^DochIpLd24OuP^nfQSXvAiTZSU!VMOWx z*suY#eWSHE4^FgVv`EUXq3lGzfxA9L9fFuveMH0)JF~L*r>|p4K$eKIDw9> zW{=jIta*{*&SUgR!}96I(P3e!u5~LFgdj)@^Thj-gV>QT*@Q>To&|yW3MUO5$CEi8 z663o5v{Yri+BM=VFsqf$vZu^C`p_}by->K#ZV zi<#sI)6v|zdc51!th?)b*qNKVdFcD;xDYd6^oy!p0Nx6$$-js`KA)GDerk>D?9IGf0$t1k{aR z$8&RIAMlVaje{C1gUHR#1xV?g;dxAuTEEOFwbv4mLkt= z9TXj&xvG4tFj5m@Xq|70dD+rz}pj^P+iKj;0# z!W&H?ttv{o9cXY5a?$H*y&;?qj{Ba@%Nvl?sjV0hFb0e>7}`E;`DN@N21n8c?I6Mg ziN(k0oW*ECO2BB8RK!qTtx47f4-?mGV%JC8V&fvM$Bw-X2e;OSaJ+~^({jW^Y-M!p zQ#h>~YbeiWf8)~D@=I1YZC32tLVwTQ_1v z0WQxU!HS?9B0e;79GPPDaw+2UNXJHq(^q0dDT{r`12u!GjF&eqP|XCV5Ql=FmfW9Z zo;Xiwc1c1}N=-sGZO{lhoeSB3cN-$QGsjVC0}(^7sW;R!r0fPyG^M|2pyc;r5C@x+ zCG~!)k5zrUg!fdY?z#ND;XlhT@se-MX8ngY~cRW17kvid3AfOibXAiGM1X@i|?z@wDFc@DoRjh`U{iVxyx8}gR3I5TRx_de6a^z z>D<$R7dF{Q%^qfphnKmXxt)I8MyIJ0;2Z|vCY66w%?7|0@x47=6f+m0@e_*Dr8Qgq zg74eHEs2VV&=qv(-wAGVu77%XaISB1cBYIYLqB>;j~LW<;e`nlOj%B`*7;pqW;kyA zoBm9jC0=-S`npDW2o0+e0~_^gg=T%R!%CS~>(Clai)lhd_aBx#%nh-$T{bnZxr z764!~_a;tayPhy?%=q!~!PQGxVC!Ek8a7~|-ia=peH`7KTJ=zhol3I37-C2BUv4GS zFn<*+OrcH5SE3zV*+ zzGW!Xd~HN~d4P9({q1q6lCp5QWIy7=*{KEof%fpHU@q{n^*-(?cJTv_t2>LK2IoEq z&{zU$Y((3&JNx*^0(iv^^!2O;#m*oY7hE;pne6TDRd>Ep)RTPZMm(`vudXjGz2(Ab zM_NNmQK!BL9402~d>?V#`hbfqKRFSL!$b9lPbb4K`>uE-o7VC%*~VwK#v&_D5VoG_ zFdORW>6zSl#l1i2aC=&hTms3d?V8Ap!Q1j7ErQ+GCkTUK>*6~Oz3Itgnqm8TqKA2I z!WFyR`k(@%j!NxZ{JfN(E0XUf^<5J7?G-6y6g_hA5^(1OWc(10I{{8KaUA)r*Sa;f zV5p|!K_WKx#bRt(tiVn5oSQ`#$?|wZ{@=BqpKriCZ(rPy_jAH-$;qZB`c%Il8yZj* z5x!|ZMO%U*!}UT$S)3DgO=!OZcBNk-U0(jN$Uadz3HCy{hM2_Tc;CrZ268~>C>twqM!O6ADveB=VZJ&XG2Pu%c+$MHCL*soldn2 z6)T=bps69XN&)^;@~US`)+t$8c{fL6pWPpDF%!|==NKu3j8GA?fZikBi=WwLmsM5v zlkDlD8n~_r(qoj>orC5b22ngvG;1){M~38vt70m>|HNdNKmoBJ4B&i-QfQ!{WSH!H z#yQm$vgG)P+?!pH^j=zh#>z2G=Fx0gM`T$UOkL&*d27S-GG zjx{dETDB_2k;~p3O4mTYnbhU^eWog08vuTkr|lCT&Wz>U z){315EKgF5OmuAQVwLjvZzPZP20|BiFQTHNKy_W-eC~t?Gm=a!?97Z&ceA#N@?M$K zF|G>hv51~iS)Q^eAq}T$ZdG%Ia}gfPVtq30 z--_aA$E=Qj8O!TpBgxmRIiEBqUs1u4z|-(0!dVHj=wQJK4!630Ea@;;MA+)yx~8#K ziG(tI|Dyg}_4xSU(tfF;^A@>tX3hUr%~R`PO3p&1r+3ov3{&u-AeHU4F?xw7r%^G> zwOUPGXlv04BGd0Y*GCk5dx2f>`{e5C;f1TZvoRj*YM#E_FwLSfOVYPKfbe~&m20=L zp=qbj)Z9GoDu3e9qtrvocrO z6{NYe(xIYE8ljiFiZqC`MJb|LpNHrgb|% zyY|=1R6_%0u?Hk>VPP;7*Tw*rDww8 z+kR8_IFIQn#QiwqRu5=jyv*-CXqVobAwe8=aa(dj4tYM{e++Tw{Q+9`A&1l!)BhWi zI}DBO4|v$;T3gvM+ruK6a6})XH0j;CVP34MKSEhAl|=-h3~Dk|dyz#QH}%DSuJA=5 zVD0$Z$f4hAg?e$X4YU;#CW3SrBrM$^C{U`zu)JIY=!cJwA+-8*@rJDcm2=$_d( zt$dgL66EUQQDBL-(|zjeOa6F4Q3xq@+Ntuuht_W^AVGcq;(-y~j)3^;oex(Fm|TI~ zhBHL9ZTjlYEC=26 z&}k6B>FF-Gu@RNzsC*tN)APfkYaQ|m!uxR4VsV=1@bMv=GS)VzD24jxLp!v$;XLl? zK>ZLi3r7!Zw4ya7PvYdo(prmyYd%^jq>~*t>4X~1d5$6J!yi+&G87|X^tW=VBPVw%ZG8Xol96 z3TlWqK|z#pzj7-~gpJtR@Xa?hSc`7yjAC9N&1hRNFZAO~eW;ly3Eex5^N&*dJ|)Cv zU}X{f=yLXu$rjds=!cU&!S5LQOM|thnw}dpQKaS-rWa*CUWQwc_s!YsDebfKlNkVI zeI^wzXgKg!(djg~+5}X})+!2oIO8$!Tz^uES=lU59I~JE8+_eP-c7ExId5G!uLojt zk+5^1aKZm}KSZY@_c}t#{&{?*)8U4)nVAq2JDjMZJ|}0IB78a6ps%r^k2qC7!p{H!iPO3X*}TaQJgrik~n8DaOIPLdfo;b?y+9C|NAGEAN{VN>3J4w1bonTgwV3 zOFy0p8#%U-^(NNWJo^;6qgmDJdWG#xoP#<$~zxqXY!mqrq z`I8hjoX##(nwc54^qoWN&>-QenxR_3U2T1(XL7c9_pWWSG@HZk!o0Zn^b$TleV)DH@iNtCD=l$v zaC_{bO1Y66(xjDu{^LMtO7%BYhbj}RObATJ9d<59DAVU0ZL35fLCq>r$`eK}WK>;) zxWrp%n{*bHmg?W!D8)UM*&rLUVaWQFhu=9Y=btUZdZ0d=ORJ0muiW@=Rk#JOwZRdONe0-&gxXG5WfJ% zDqr3#RGX4hr}usvH4}n2abnNAKUoGPKqCxk?N95XK!))9u$Z&5jqW0_jFO=V-3?63XHPhU6{Q{{e_dFw76q&|0KVcd5*5$9e zDGwgJI*bUIc2Vu;S-0+$7QGWuf981?RRYQDNvih&1>X9AEU%ZRY98z`0{^&dMH?7Z;Ni zb9Z#?BZF@)qMLEabTzoMLN{Bfytzu9Z`PrCfm%VtK{VHRre~#MU||Vymp2Zp5Gk4z z6INCrnsa6gmkO{KF|OpTpD3Ou180@-Jd|#MMF!)nwi*nT^S<8v#_O&@J-i&Hq%p|c zo)KMH{W0VfCVgX_5VUXuI3=z)Z7$ZDzQ(?es?C7dByprF>BkOix*E(Ea&~~*-O^4= zKio7lq)H0-0oo{9zR-bk!&#k@V#L-BF!u!D&g^9!g(#el1(2U}ydwL2+A;ZKQMDGYFd^EZ#$me<3GYZOn zbp`{1ixVH|%~_MqMdbAeclv168jvh!#sWF6E;i{cv>`{`8!BZO-&+9B zyAcmZqCf8@>yp8qqJDsj;G0DNKEvUi1oOjmu8l#mImtJ?7@>OgonHX*z0b{}MqAF# zw$M0T!vI4*>l)-oq-lhVN<^XIvb(uQH;|wfk9j;&e2oE{F)-O(0|^W~z@6>e=YBuv zSeP1NR}M|$*uMNQRdUq&KVGk@>VK1C>K?+cc@Vln{s-`5+aS5q8f{zpN!3kF>9Ex9 zRdc?%f^8)MAY|X}(V~3OM|L=X>?*ptz)eO1E%DPwTR|K~j9Cw~da&q$#tvy6a)wAr zj(=BUV9g&s)u$Pm4lWXAzb-CC@m~7Ehv>8U985(8 z6#;Xgt{te_mtl=aOV&3w;H_lD4!%qR=t^x=m9H0dle&8ANz@u-qq4uG%1IDUa&vQe z-?G2PI0otBWe?1wrpMdN1Grf&>((pmPRZKA3U}?Wu+e)Uh2<{G3N#)OhATAcoF=wU zA23;Zla1t44Jlr3qp;^=IWOPIzuOJrI%9Pi?JYXZ0p@&W8sTu^PB>IIbLe%%g7-u0 zk*@d2wR9z9p{Tl*>FuF0C{31lDRM%1g-cnigQVK_`l(N8B9HI=irxO< zvE==V&R46646F2__=Vc_+ugo`Os)BOO&@F@K8BE7Ec_XUwcFEQT{c?`?WTyWv%78kVpkoT&C#8oFq_`Zz-<(UnMQRBKQCs*Zde{c4mBC zRXsY@LC`d5n0T%6WK=s>;UpJsHV-+A$%Jg&zNG#dvQjIhUCU*y_)+0l)HzWzq3Anb1eA1wTqY%W|PiL-L9~udR4BGmK0W#=VI5JZIhrPF8imU0`Mk6G+ zyE_DT*Wkek?gV#tC%6Z94-njSfFZbRaCaHpVURQAzMp!ZI^TPK!TGADiYaDhckk}C zS6|DnrNGi>Kwkz3bS9&wO0~^2MuKoQ*L~)sVd2ds7&@00mHFVaUu;<4#fsQy06I7* z{Va;ER4ZDP%NF4%eX}r*n2sRqY+$*&y$!`FhJgzz{rK_YJPpEHx5k99oYIe^hfz~4 zacX%bM+{%ALKRO(%g;Quk%&%R)6)rgC|)z8dzDg6;!K)`{pIY1BfdPPYJm11Vn@0C zBJXdeiW=Vx=Zg@0u#fN)Wp@tpxIQ9*)BYF&>XQiASk2b!JJyShINPE=Jx zp4r(iz5&@Fa^y)@;%7wG@>IloTDU`yor*{jpDKIF+nHKeT=&NHX3vOQb`*m_Tzz-~ z_3rg`@{mv5Cd!sLV0m6kzX=qo58mqy4x1t4?fS+O{6WRMZX|T!dM>9C?IPu|Ywpos-yfCG*$u92vS<$Hud4W^t07=e%O6 ziZE=r$V=g9@F@yCD%6ivtF4;qVWzFG$^<*>M-YTGLDNbnF|&hW_$u|nga2VCA^hs< z>JRfUsK~4p;9newgcVz26fTyzn|=wYJJYDkuDr)w9tfc5ibSWBX9_kbmn468ocgX} zSqUhMg&7kSO_o7LyP<7(_p@v6(}qLB!u1DzfAOC|ulIGNcI`B9|=m=BDqhJWsVMF^JS2VZk$xl|#4 zhZzfAHRny~m9lj9jwgCNx8uXwdUw>mkdz#3cBOM)rkulDP(b08z8wd^YO?zLhkpImum=E1&ut8Xtgog)$v`G}}|ogdUspZqA;VcNbDGF4CQ| z=7elKDk=Cts@$#Z=bb@_SP>qdwPgDQYbrLI`FtnYG$v*i!+SVjt22lPZbJz!g<}(! zHX2|Zu(C0=~MZo_}{0=HfUm+v}8$Ek0X)hIuL z<|b%%ld7j~H$ukvFA)xpkDFG0*T&rXty``>Wv?=3BOynBjrKi{^zu*^JU@@!m@8@h zl)YHhByS~ht;5BMUAR!5{U0eU|E`|p zPVaj=ej4oEeo-rn9EuNLKwdG@EZX-Zo2W#JYcfj z_unyEl8P842cpL7@gZq$pc;_janlW8IOy9UFE8z%F&CLZxOmZyV#+ysa6}ghc&fiC z)s>fEbkK){hM=EAQFhkGl%##~M&XohHe&YaVK%4G7tG-zQjnJ$t?r2WhEvVlY*?A? ztO~m*nE5Kk65*|4u(kLETXehrleV7e(N?BYB`R)qTpx7VDXJ?vN=pZ!1`5xodu(+( zKP2$+a16FNYik282thW?3fmYj4;;=B9xhk@txZ*-t_FK{uDkHC_JMf2xvDsX_+}*i zk$oA4byz&Vn)<+oKq{4S7b7R72#xDMGTnR?n1yJxDmGe{Xmx>5f8iv;yG5KvL?rpNZNdlC_JlOo!OiH7=cF zO|W$-V`Hw)ArHUfKV+zNB#b~$d?T@97bWj5Sngp*zIe9_&kEDbZo3^h8{QXz+2b8W z#xNvUPf4)hREF1Wjxih6SOWo1=B8Hq+Vok52X+vVEHMTV(#3BxCXfLZYQmKS6%x>u zy*tS_P$Y!m2u;3he>+6ng~_O$o#jNxTAv#^8jtMFNSzxlh#7OW`y*ozCPOv`t>LZ) zl}P9~3rZe{(ftKdLGFwou} zE7Go|<%|I&rDJ6whF?Eduid!lHwQQm!x?srWi~_xknz#x4~XqFH8K`soIt&)OsB=IEd}*2+s1()lzZ7V&~I^;sokul z^v%B2UZWBueR?81CY?E+$MqIQs_G~ek8QWK9Ho!kD5_rK=%$q+loo+99t{REI%?f6 zZY~8c=^SPI+8N#nG;5xr4R3P&)h%$y+^B3u6&B94M3qIZ&k_Yd>rrwAfXTCprd{?c z@c!oXlX|5d?Zh`oK0_v%0fj^{Zb7AN$e`-ZK%lCru|6WMmi8NC#-AzPEV0tD#HVQI z&7lwqCfqa90E_V%D|NPd<^;yk5)PMaUhzStJDx-xdh@Q~6hC!gg_n3GN9cwAu*d_W z?`bVgDsaY`N@*f|IA>IO_LvQWVen8m6PgUwfbOc4rkf_N;{cU;1vlBw$Bgz4{* zzS(O=zhK*M9W&EntBzsAedNXY=}OzrqQ>*r{V(q+gZB+-m>o0OGI~q#=UN+n+cqU>GVJ)+b;x5iOv#Yel}rC88P%W!)xdl4&f(xI9m7Qm z?py11yS8%)-gN!DM`G44Yn8(*P29t}YiZ5|6E2#Oqub*pyVMwDHgCL)Ok)^c!e|z4 zoJgwuKSit-ywfPcGo?pIsdLOnld?+UE_>hA5IO@{zc|P^$=00@L8bZRfA=`p_R1$txl1-Wly&f5R9A;A`ElbKLLHEbb3ZjkN{BQO!MQ&)UERJ~`fz`}w_%#wr)hUq`DOP+pUq1QoHW*)e#PJ_HH+Cx0k0e1?R16QbuQrfc#ttF z?)_|<$tFYxI~E@e0AhN{+keqwMRwnQd)x2BGq%W*4G?h>I%(7 z!%}+pmga4$g}fB~bU-b423(4uxE5{N*TPJxk-UIYhTY<{9J?L;W=?co<(TWADyG-P z^5<3h-FVDgb&51@A+iM=GQW~CTCr;KlDb9>a7bfIw|47S^U)M>?CLAh6$R#a18I~wflx`I*rsT#46Ff}VK$}+@5wk4HU5$g$)oN8!kK7hExYO+ zqdfbVpwA(q{pAd^-lddgF!e7;$+MSe9`Lq_pTEi_mB6yiN=|1pbG>2SfJsEjVK>5j z$)t0}h!j(a9Nm^KOb%t1SQ)NUjAOR943Z4|Do|qAtZoOXozVPS$!H(;CL6`>VNqyv zZIe#_9*!yv$w=l*^uya$IJdQPQAe+HO7%LZ3?(7L`1|{0(GMR7&6G)V`J9|haiYBD zlV(BV_xqLKs0bCP4q9mxeiJDyj>l%GS{#kl;>i4&KhosQ;DAw+*-|N%O)I%;v!pBc zzwkg1fKuprEM79Qmx>5m_v;m4=(6IO3y{BA_h&neHGh9GQk5)M(Qfqn>Fd35A!WYx zWZEJ_k|JKmRSbvPLb3TTB-*H@x#26Oc0KM$=k#klYy8mmk3aFpD;#OFlzDL^;ufUu zImpRSJcDIykPTP46jH-D$9ZVVT5vmQq~*I4P~h-)nuY0<1M(9N7n23Wxf$hAz7vYY zeac8FWUWAz$$><9d=afWmq$cOo*&{!r!_X`Ov`j+1H`FsKn$paGmt~uH9b@8aeRT zubx`7=?|wO0^B3l!58i3M#0!bE}M@XG3Kb%m>=~EwPdv{T#oZ$>;D`{-SXQD6?$OF z{>f##-1+d%J%49f;w#$!Sx&Z|D-1ce1M_i^*JVG!eb5W~!kNRgcli-cZ%3PJ@7!Ge z*SgsfIB;9>F}9YWi+S}u9TZ<*C8?f})kt-sI(__RXb@?w`r=ve(VuSK?+{{p0y^Vb zo=jjDN{!%2^>t{CUCM!OS2jQFzi64{AJF{oAOD?7g72Mhqy`gYm2Ip!=j$IrM%Mv= zOKap)9LP8Oz5{N1O zMz6=d3dZ3(ot!&al#Rxx#9>H#LFR1rijR@3D#|({ZBmnwIw?X_XJ`*J&@ALl2WveFDM#^ywem57##n)veI#1>mXa4kziLa zT)K!VANO2$R)#2g_HNJcRX&O>;!ghlCjCAfZum_t#kcowyJJ4yKn;D;SM2cm6EJMa z^|BP^n+wHqM`|M1^I{F+%ou+!?ln36_T9+w>6(xjlsthL+jq`!Sx12u`*bV5jSR`0 z-N_y#TWI~%_a9ygXW3H5qhsZwqGS3u9d2CzT+%}8I}m^6p{-yWy%gvE2`9oz_qv0f zc~Ou#ggPE@>8|coMATcR(@p{9imfZ)2ouvvF%iPmvEHVAVT6xdhSW&~kU<&N+#S2U z_QQhBG&b=#)gLbL0kwOX;(Yue_rnKW)0kLk0Xr_&lyYz;OnSgI;bm`CAwFZfREe3T zMIBvk)3YG|Xn+v~6+=<@Gm54usQuG7@^@uU(9DgLQ=4o9;O@N>&vtmk=IgSmVNRu+0c^XdriS4rJneJT-?0%DN z|A6!FTD1KbRGB}6SI+S``K#I4d3nDfssK7Lz+|ViPh1#E?C(oW;BB~A*=q2iKg@^> zNt*Q2mf4GfV2;qm0Qtj%rvl$~qCNR^oo=%tJ^$kwxw7&!WZLw5FH5H{L?*ixlGJ|J zP-<_QX9&`7Czm!%u63g3a>q2=0KT}ZKjZn3#a*>`2<_}@(86IIDb z-a%f3Xg{R>kbc5M4^Wlx-^NIiF4UlpiH>HATQ_r}10)d2sJLkY^C5*Wa`KoFl-+yO z;&-$lJ@pI#o?EqH7y}QqvO1q~mUbRgt5MHl&gHBc@>?Mmu_31>5y_>Kv<5sNs%uq$ ztJdEeHAsV%qR=vh{^fx>F9SsuH}K(9(9hZVh)y4@K!t3UyJ^wAdtPamX-d4X;5>O+R zNbrRpl0c9?Sbz~81RIi1*PvCQRizY^q_lFb8CIFgspeUezrNRi;~sc@SE` zptivSnpK;du^8-MY8G_xO%V-7T7-kKr6O@CE+OxJ&t@vem^)8J7L_<5Tb~}`5bpT9 z@l+45rxZP9=D|BpU${54?n`AXNrP}bp;w)GM?>WQNY5l!1%Bqvjpp6I&AoiLV>%gTT8+T85xd50n5pg+RB6}$ED58U1iRF<2xD7oV}$|O<=Dy@~c2Wq(&AZHF&Nat*bLo z2;KAb7W%s*kOl=56$jG_0&L9H$3f`wxzj=q8_MYD34wv{KYa$D0K(a^nwDMpaCx)6 zFKCjBl}K<9UfWFv1_okxfV0lI{j46W)66&MiQs`ta7*QC{nUL4gWDBND;yjg*PD?{ z$qUCIjBn+b!C`eo{qOgDhWv zbFXDw9A{I~ESrD(=`*yq;M#j+!GT}G=-+yX+>RziA*-qHNGgjE8yk*}+%ITCq+Mm| zv;a8m2(7ugLs$4Q178x>rkgR&=VfjVGp;4Qnx&olTxk zAZt+Pb`sQ*|E1viu*Ge3#C%-W{Wk!$4eQv*%I1azZc;Aip1$BbQCZ;x1mZhMHCmsh z520Ve5!uS=IH&5V61txj>X8R-3>()GdYV;^jt=ppf=^^)7gvE5DL{uKdt=uVtEKE< zN$b6a(HZZx{jL$EJ@RBa-Znq%listl>H2P1dW z=sZgIh%9qYS!l+TVo#6=hff8clUM z`a`=oVCq<6y!d@CcWz&VFu=glv-EA9Dc5h0F1;|1FU55m_CHySnv5~PzwfO%$F&cf zBlMK#PnbBJ3{rkONHGs!iESoIQyQZ_AMLe#XJ^7Da&+ z?HX~*$qQSZ$2HoMJ9~S2F7B}nnOHr(n?!88< zs{|eHV}N|t@y91LVD0hK%LRR|HyhJGs=T_-CMA6raq;kM&BYiqFh9pAM>BbKP}D52 z->;Jm%{&ONwz}|L@FF%`W{tgq9)Fl}ns;d7vx$J21rA9Pw3s%q?y0cO-NW1qI?aZS z9Um^#t3xUno5SH4G!1?f?Ap?#zMZ%wGL?RTxVu@;n{O7^qWaOHzOWEC zU*7;&)0U6jR)a;H55%$iHfv06oRBlMg0pUyy@aNt)%86vJ-NJ(ct+piI(@=aAfEiUG)fUjsjI$ z^$dGIB#?KjT_v<1^)^N*mO%O$5n<#Duudr&XZta%w^^ zK8ZmZ(WRhPj0wH)OB}#bXA6%geZmp>VZ*Sz;jrhEsZF{Sea9-Xp5^9){S8z>ojvhK zn@0BP_sXp|w&5#r?X9|<0Gep0Eadj~Y7R-W~45SGvJte}oF z5X~$(u<#W?x_cTB?k4Y+4X5cW=f;aPsbhRD+TK~cbBV)o7o&qh71@-WjlDz2(JVt@ z5Sp0dJ9a>qQ7EWeq~xTFmglG@Gje%Dl?gCUtp~zL4P`?b z--NK(1e1N!>HJQ^yBb#G**%BkGbAFFk8o7eBZV*a$4C*iGuSu6QPN%4Y7Pe5@Fr>S zPSUMf&py)&K_3AL(NKd7iyT+c>YHSL%ma6ssUr^CDok_TWz5b+uz8J?E5%2OmQLv% zv?aXViXn z#q`e>jrL5YhYqg&4VRNdk5R!2d+gS!HWiL{CGQfDPET+>BfWk%PI%nMbnxvGLQHZ} zbeJ<2BcHG5PVg;{KguSeK3(b@7E=)qvBiD%ev*sQR?7UX$czh+rON~{| zoYJa``NzUR^D%Zfpz8md)167g{$Y?wmQ`6dtbm<;SA`}#xwX_wiE-82gE|k zG$}%7pi_JzJVV>qt2d~dI;&3iz2%wrT|gg9(u0d(#)Z1nAMVe0$W>-(@Q5rWrmTI$ z06{uRr88aZwggNYKd@WQ`eXSTXEaONlzL9tE6yL78c((gvf zkRsF_1mj;d+AiHJ zI|(&tQ^agtO)K=qzkpl(3KLGf_jX~1koZRP?Bm{2=YXGYiADRs>wbXbtldwt%MIC-l{27iLqk~7;b4?uG=cN%)t)NdYdtKq_?&@`9-8PeFP32nNv1)+^8#uHH810z z;^c8MjCB$s2|NqzjKD`Ui6d;_ok>ssFk}1tPOafYCb(XVh%96XT-CCOCj&n2zq@T- z{^gsZ?}>^zCOw|WghAwc1;pueTXvwXD=%9E6Pa3t0`Eu5KlLC;hM8iXw8hpjZc`c^ z{SZYuK0c1^&!@bId%Ek_aCv0ucbsGXvit0Lvyj7*xq53g_k)WT2cd@51Q`Oo1a8t? zZ|wjV@{&c$`b}1If6&Z1#vW{B>ZJ@k*${fnuo)4f~d%xVO zs?d5UBlHC4>^nR%7)5pszV3L+=a_9taVqf<(m2yk!ZCpm6lb{%+H1fBGjHG<^`_y41ISjM4)^Zd4@-u z;gh6{mvw7cshXAZJBdDeNtt{!Cf16u20>Sk6$-A`yU?VE_qHVIEg>H)9OxK?c;_Rr z6?4|iKik^KgG|R6aBhktwnw^}*GqC)LrrosLIXMydp(Wp$U8a}#PGLh_RfF&id-Ns z5+N6-%~wemGm0WGO*PkxY7zitwcN~`Ev^8MhxiE7~a&?Z$vclKuF2$#n_Z z)PLT2$$xq6VbF&hp1G|cI!jk$TvXNMmJ0-ywAnK=b8A$lQka?sjJA1bxP}(ABV**9 zHfead$k{ElA|AiD2@}d<30bh_O~Av&O`Bm=xrbB&C| zDKKAI2jh(_c!u(ISUZM0li&+9p*soDH#c}w%FrCF$w;?Whadfkd7(0=uGxg zU#OWA+Ab>r;mTf1gVY*M!$ggbMq47Fk86Re7G}r->9@}|>Z=C>&W9k^u z>4T@GN^F@+3qImwnlfuEzT!!Gq0<3}MadyIcQ?M{s_6^)epfyw^5VWD0Ty%tvm?-#kvl!SoiLY;_V#NTVDzawXmMS zLJ3D{*0nQ7H(#D@voAz)41J3T*~dNQxqg;f3>uJ5iQ#(}c#jA2 zG1}y2KX8Y(O!ipIx{m^rWvRpOgw3nTS{5G*W6qreq{zNU53mOu_7FcInlLD+pmuQI z9s@R~ZF=Dv z#~*e(Vr{MYogX!SgeLmUY1l>Pe*}cNlL7g3f8$YW2d=035wO+mm`P#H{pd)?pan@tAjGySMpC3~9VOvMi>H2BL^sGl+@O8D z9_(m&tm{VMj_pkNhLkSvH1YVw>1{H_?ENOtC(T5;ILnju93hmz5$5v9U?Kwe31g_B zpuq3J%uoL3$THrMke^vrKR;QX2G1qm+%p#6^8^ndqoP;pVo1=u!fcm_uOY$})n~Vm z>kE;AqupF7rviW>`6cuDX4+%#cPLT)O(yRF#hB35I=OLY%YK*JH}_A*48j?=0g&~c zH|rjFkOLpb7OBywhDmuo2V?&_o?Wt~mf!wG9=n}pl{IC*80j%ur?8pjdO8&`9XDG^ zJEr|bgPJ0_RFo4zWeze zQ(ykJ95F9wgw3>&QL9UL+Jksc%OqzbMsTybJM;m1@G%(A3vAz zL$>)&cyd3F%N?&urf`%9S0D!|Am{>u%F+pvz5RpP%HyAf4UFBxPBAR&e17-SK*RgZ zGPGFee){Kh#Cts*qxBL-$<}}PV-9|ouVwpaw&!3pCZUCfwn?E(W9qX{cf+4EIuSox zX*Ou^L$~#Dl%A(erXC(xQ*ipjFa(#C7rhJROG*O8pe&U~q>uzQM~va%Ham-$xoCMB z9ubj*aE%j14Ki08ZX<5wtPysucr7!D7Dpo{JmM8{uAYa$N1>mymY8I=jxA&tA3(cU zl@leZ2BgF&R|6MQ(y`orH+7-VHL8`#u^PVTlx!Ho8W;EZnkBWE*eeuZG``s|;ANRgPU;u*{F|df#w0>c&Uj3Pr z($2+PeMj$(+M7;3YZ^m7uZiUFlgBU%oLGbLxlzVJ^6rVAM|7UVfg>=}S)F}FYV)!W zrir`_r?tjCF(bbQKNr6}F<#2I5myFa#d~VRr&b>sg9R5VWhwtXzUCZuTQ@#cLmR4= zO^4#oAEzu&GYbJrGc&;DUtlzS@{ZgUwxIz+zsYw?MRgpfz*a1%+v$$~hp1-Aw$KR= zUVEoL7P0YlL)+Ke+UibYf_a=TPUO{gSm96RV-i-7dAfs-J1UNN7l>@U9lsm-8g3wm z$>V*+{l{r~LNdV`co2hBg8dpuKo^eT*-bSXbavXaajV^X0A9^a|*NAQxs-T~XG|D0y#rk0ueGJ=CMd>8Nw%7UqctcJ zf5CYP*E}(rR{x;oh*n8zy-(II>0fN`2=qJ(soqFbmTzPw@ByolIafAcIQmAM67TP< z)J($CwnGT_YaZX9`VotayldoXfTQmx^r{y>jRDN7+@;^@+St*`My}oUjV`$z4eUDl zFlg(L>JoaMk+z5HVGyfj3P9p4BlDnZ+Sc*DX#9^KHBjbm-s7%pti5c>gfT%}8jKYP z2sbl_R1pZsVhA$*sUF;g8}-<1$0N^7(-cq`^u{mrH}OXA3Bf6rfXwMQPQZ<>{`;FH zF27Lbe6`)Rhuu+xUQy(RMi;vnjbcF)`fO)N3ba7eng{ku%kJUr&CN~xGIh@I+Wm@G z90OzfzKGf*$LMDYlPck4Hs9@TVltx#p!aiR&pawrKU}}lIL}fHwbtUR7Rcxu5ilT< zTAtw9%ajwWt@1qvO*CI^Mh-|~MfSB5=_~g-9cC3?n^$_k=Q!}PW<7Xrpn~cfgTYfR zTv@BY<3*RlY1ixdz1u`pSDUP9jd_Tl>FDvqby2@~CoAUoRYYtPX53CYGKftppBu{3 z*VMTDKubS+1qbEBvef+T`^i3 z)P`yiMxY!nM_FKr>FK0~yHp9qs!BtkkKV*U$fH0w|1 zt6DEYHzS<>%+hJ7uaW2%LCxKR#k@<)y2ecz|+ImgNe2+5g%p=L5>O_F?FdDNdn0FKcP)Ooy(rM>x^(O~mP zYeoQD_NOE=pxP$_&A(gjR%12>4}*dqtfEqqsDz1IGXUs8Yh*-p{=3mJ7Ll3ue>XY~ z6(A{8z+K#wl!PeS***se8PT>Fp6$Z&uiul<%FXwBo<)bZoOpe^?}!JUA*9;cw-`Dlin z990f@jG>7IF-F5_;_M4`=KLDhT>-JcLOALGnR@%4z?RY0?XsIt7lcXPbXRUi#d$Nl zKS3RQ-cNM;lL&y2KYUP}9f8wxfqQY`dmz-&RcWI@#*8S*xR8vl$p7n$g-eU&v z9CXyym!8`~sXbnud%z$`gmlmJ)UOUZCtWms6+?pUoHoqZ61F-i2WV5qlL3jBLBa}w z+nIIaWRW*}g11a()Z)CFcIiMNK0*s8ke$H$Xi+3Vn896TuIKkjx}X_qoKYveq+V3 z^@mReq+}JDMex_IYCj8e(OT*fIQ++!KIXl)0C*lK;>Tqu*IFD}Wczo_)A9zV`E`#yz8s0@=0!ZZ8d*Cjbo5Kt8>2#%N1xiVhfJ$}5j zFU$6sWec`iH7IzI2o zM|E`}hv$y)Kjom)MkmF)%CBldW`#J{$b$+N-~r-#XrrHV5g(8=Bf`8%l~AE8Zbpuo z>@{Eq-U&c@0K`i#550{#67QchbdAn(kT9}nH*aWMVDgr}!qQaQIHj^J+}Uvc*`U)p zoF^9o%ioGK6}4ukLYr+lBc0S6){80tyBak?17;oK!?W0r`sqQX6Na#V)q7hT>ktF8 zbB+h=njX`uW#zkNOO`zly|p4%kE#%47CzA3hKrxS!9k5J=$xI!F>#>{<39X&3c$nSzn;KV7=Ko?pfH&Y({kyhTgIDjvTplb;=M+E$ z^^5Dv#dSbJEh{HWRZxRdEFbaGv8UPGL4E8$!K(U4w7whs9M0%5CRx)H09*NCIq}}o z;q{zZM}_xCA!dy=dWwrB7nsShWzSttWwU=09a`i48wZc1n@%?5Yj!t7@NErhui}vX zex%J4RqD<>mBNf<1jX}EIDR}xh%?pD?3Nj+`2h1QOd%H5!pLNU?~#DeEJga0u2i+m zBmr^YP&SqZJpxK|M5LAM8OMf^)pCwas|H(klJSe|X!@5gfNX>L($F_|v!1&R-fBDa z4nx@RYD{pmyi5T3MyqegTt7cOd~cgN8Ys6qPLZ$JEXDQYS!BRs@MQlSLW0Ji$*u_8 zo#-4BDUphWfe}&M52uuZIlKgG*<>u~TQXwG)W~B`dH31*YWLO0d@>vTT0N!&ST`~D=N9`rp?QJ956>sYn*017)w6O|H zJyuZX!MxrdT1lV!r~`nj`K+s%C<0^ z8GNBjWHEQ2-9BK`%qKvj2gt%ksviOe=rZ5o2; za|}fO;&Ha06g*k{gI|?eOC}jl!JROcJVa^e2lK7_s09vnj{DzzY5%q>BFUyUdb*=| zo1(1G#BZ22J6nlg_pqAB#Rv2=n_08$LuijVY5s6%F}u*BIx4d(u>YS-h(2dmwUw?ufhB-%34x)`Ck0Z7e~_3)eY)PmpF z_~-1_hS+I`YU8E)|GK;q{V@@em>$>9iGN6XFEtY88JrD}#~SPq0`#kt$POD}%01pe z`oU_iwFD!FI*sv@6TqTl%1U(Ed0%S(tXlPZd76lu44>tvc>7Nfx*CEFrnvukj}mY~ zYLGs2e$Mi>1;Wvro|#QmW}7G`w@n83F`Rrq+qaY&G7EW_YJ_A4?m=O8Ue3P$&%NdG zKZ%3G8m7Ruiz!mwnhWQde=2JKnXN7)?MF$yML7%gpMduk6crVf;6)977^xvTr7N}f zsaF+A$fs;6b|;G}2f@P*m~y#y(TSG=-mKM36kdwymnT@yPHI&_;hU^gr@y2P;;^{RGT;X-#Wl+}wO<&%CMQT|n@NEy34J#1guGL?! zyGsp;YWXtq()}HhrS-6viy--m?y;Z=JXtCh+CpV@N4_Z9V5M}B)IP6>rGMP*_J z3aIl>HSNXpni<#C+gHcMIb+n__j@*#aSI)`CgomcL|No3N1(5U6zp9;1jS$Y6pZ~ho|FO8rRo|)B@e1<%zSR0q zT?9VnXbXIL&(9?M``FP7foU8*aZ-ClvXgyua&oe@tYaVMprfNqk}d+GUom%(aQ|Dw zOzc4QQBzfd_pkX}qg*|NX4>yzAi0QZcO?oJ{A(F};~t1c?kgX=&lnUX>|BTg7_=L` zkC0#H+36xunt%`gUo3#$3r-y63QxQ~3T_nR%XXIGB zrN#=ivIT+NoqSzM(oJH|-}#iPx$rQ5K-Z2fnd5u+8o$tt=YPW-eAg?3r%QgFG6)Zs z>c4ctL<5v!SjSC6)iI)#(7TB|re=sK380D`ooc+b;|E&lguq zXv$n##3S8&wA3Yio&W!?#NNCWk959eRt%DI1FN^A2UJq5bDz}E(fm^W?<@Y#`|3W} zPx0o_$ZuTq|3xgX2AIJIR0FF5NCGbc-VyP-W`9{?;M_!q3*CNWJPqWxS?G|c3=drr z#$O2aAE4GQW8iJL*&3^-fY0T7n7|KmPjbY;#a#uw7jO8RBfm-tfi0)@sulk;JY=cX zgZv3a>y4Zf-}mNmlQz{3Z3<@YJDx^;(AMl5#QU3+80DYggNsd9a688vP*YQbZ`&Mz z$SriSfqZj)UFkw_2>c&$KKd9?q1~kGGYXB+eLEqFY%^c&3j$TmFJ+$2vq&$apmpcG z+~=T$)=H;nzBP?zitCQ`yH@uL9Fas&QBc^VR(L^)eL1EUWaHuaK*0Z;#Poze4j)C* z*B25ER?6k!#QId;)aox>qhTGBV8GlAc^G~UL-Oo%Iu3|&Wgwg!{h=Wtye(oTvm^o5 zoKAZcYq?txGsQzt-(Ys!T!ms1j{x?t_J5`u)(J=H-^|R)KO(f$vHO;ZPr!7z-m^ik z0`czswN?Ws=ZPx-nvAq*4s;D+Y;#-kbRDBuL0U}Dn{OOTiz(0J1y!CPLzT^qwrZBC z!|yncs$Md8>16veZ8~@%Hm!LUhQ8J&P`=hCw91G46UhA6&4LPH?F_&dve_Z6H3~~! zW(y*9;?>N`&ThNcP6`k28rOFQKlz+;k8|-82yM~ZQSkeXUVB!2-C$^%+cHc(Ra@P; z=V9<{oQcJp7FqN`#>gjZNm1@ShxWU#YLT8gjTZL~N1xS4K}N8aCD^_E*jhDw7za~M z_!>lwshUy#8yWaVegZ0~gv}*O6q!=!_#{RT4j!)R>5?4HzS`yhYmG*BF8&M`La0J- zaEwPhwgUK7XlLZ6Gc(KQEVKRBcCK-K1jL9mzbaV`a#c=FE>a4&##@exkxFCr!(BTs zB)PU6X17u+6S=jN4sHr}!URX*D2eMq+LS_Muq@jDWNBuXW#Kx^|~a+H|VoSER)TRjHCotnolU%P+63q2t8K*YoRrEhDSOhrr(B zkNmo{|E0qqwsO#$k}%o2HlvZ{j_!9TpC?9j zBM#gY6*;l|p?&ux#Fj9gp`t3QtEP<6-D8Zlr~4dp(id&@U4Vwi%3)tN z%7k`O1s0g;mCLvUYGDB%wOPYOv^6JI7$UF2IbxYnBC}&2+g9OJRqiJ#B9MWECM+qr z6oPWspF_jp(frF2`n4Up`tX|3VD?_A_7@JDl6*KDwyLw;%U-q@CBuOO^Tmnm)$t_k zoV}Sv67OE$JgRMcxPNTDaTUtQAdv~8(9agYk#u{aOm}+@vK?W4d_J61s8?CE`5{^A zq}M52$`}yf_5@lIEgWH?u8;ctzT&|KF>YuP=;YF`L<0W6atqoLy&Ue*>REglL%Yg; zGfPPkHy~feBSZDxgZ&QvOyH^gD(oBcwx_)^*dO4Uzm~{fzr0>yeAOD$v4gk#nY={n z7b=ZX(ee-lWN49%(AhOx%w0L`=s^@H3_W<1iaouQ`ugc|-QTA8&irVR3zaA|w#kwA zX;2Y_Xli?B78)7PO~;qDymZ$*`!#ekFIK2Ar8@E@CLIiB~l21|r3 zV!bGxg;N-wPekvjQb@NAi})*qhc8n}Ev}qTR_x`8!!7q4xJi2kYq<$-N#8w}8i2OD zml-@eV)-`!m`H~WQHrRETYJ@uRdLV|5dr05&O-Y+rl{62gXckhrLE1U#u2FO>6%|{ zz`8|5K*@eCQ^|IJ*yU?4eYZ|n3gge8y)8W$XFl)Ny%S;i4f~VQ!QQ1^y~aEmJJt5V zjf;{bnrzVw){6TQ&*M~Q^-mzq{CTa*KbBz{7z8?jxV2ST3ROq9&&&pFFOm|T?37(S z^dv6rfe$oK?oh#}b>AirZRWVreED=Y8nocI+4SFuC=Y|KK3cL?h%jGsi04A^+bEhX zi4KXD6;AC(U}tNzd&eF$K1Uw~IaXVPRg|>bcE5qrj z1zg63V5c?qyTDa}sB*5v0KR8Q&0ZZ+h=0fQf)(?Dy|#A7%*NgUE=2K4zGFr>_jmmG zL`8~e7bZLStSC2bL=1e+Omynu^lE3tBHTuDQrXOyyX7Kn>d6@4roCGrD=*xwG=5~d zM)4rd_SDpfxi{FM^>FCRM~ z*@r~D$@nX)uPCHjG(JxSg@235G0AV!Pd;|xf)AbHN;f4jQyMr{TLQ96AMQc$Yv^hx zP-SQ3f}AEzxA-zOXpj;%_xCD%g6FyRX{wB-3#&C~v<*S4<+>Z@B~{)feVRpELdvo! z3v{2x=#QSC%DSLTe#LDF*HoD_s+1>QD#7GtLWWg39Xh2}phQb=^qBsw_IMO|qFaxC zH8@}~*bCvzm4BL`?+tFXTC+@FEF4+Ns5~78Z0t!e{g0qe>ZfAOfZ<<01FV91GZV#% zKaNx&gdm}FQNKgK$^C*g7sZ^MQdDMbDHn}Wc>-dwr2NLHJ?bi)7& zVXR^B+&w=WlpkNZMnu?*5(r^JqXtEE^DZjSt;f^}?(c;7n;ezw!@B zlE6_>Rb&OIYZ&ykh$Mq0O;Gp(?f;;u&C#p|hpfQEVXB^tMYTCm+_kR>6 zO|M(=c+j@JnldQDH>RJT+}(|kAi2B^@?&vhsHd+fD-thrG;QmcqookY^JbR_@GmI*m z=o1FH&Uf|q?6w~rQ$tTLeS0$=y9djf{)LA?02{8R*P0YZQ27k@zSUJZwVy%cAN&^h z3iFx?TmNh1Dqd_*n2=YXZgMeORY+`7pE}&v8F;KN^dEL{Vl**|t}t0)1Kn9yWonFb zHKrzGtem^o5B;`GRvbATV#MQaWeOBrTxZ_iEz$M|@V@J35Eq`8Z{!dJ33Pqp zmPG)RPAAz)pRNLaAi`@Y13H30SuZM~WfdYZlI%QQ-kN0Ka3hG7fgw}qLn)|NBc=7$hC~{s*w`LM}TGN@eI9jW@_}I^vO+=n} z7?T(>_vO2N2rE@ay@BKtYW$rIyRvA4=3R0lB4iJrw@7JAu7Rlpz zJE6Cs75aCSXkFUHGWxT#or{Hq^fv6YE2ear5(Nr~P`Lx;|PM zKis)Jmo}bA7$ z+S9LVcVH2YB}ChzLXkN#`Q)+k5gdn!jm>(>mF8q`uY&YZLyxh42TED%GrIhl>q%qA zZjJ;=C|0>{=iBWaWliS~qX*L^jI%){XF4Dm!-hb=yY#cO;NA=;5RT}Os8W^;M;5WJ zB;%+PBV!4qby=2_#+#N0vb$OR$eoLNzKSlJLc&Nkb8G9$>mDBpE z$RaLM+3_K+ild0s57oL)Db|+K#R(9Z$~LqKW^+Lmu>O7D0>rl_Mz!2K&PD{6i;4B=x;RZ(um0P61%6OFwU#+}a54c_ z_w6bOmHbo}8*S~C&%Idul*1rICK>5cdUyF&O~LecJTJX3tV~R^Zpz>UV{ZVh*WMdx z>dhY(&1-~2d|o4h_!#uJvhTt6%8T5W*o{bCDHS>qg9i)`K4er)5}3uhTIH$<5>X%_ zZQA(11#jZ#U$zcnnq_1jxzHvc&&$h0Pz?waj`|ektriP|gx)2wyk(2vKkh=WUMeXe z!O%j&1wC1jCygZd=>B*^iMq<;L#QFL1 zek8ea=kPW?LMMH%5 zu2=B2cnSGhih55+>qmkuR5dM}Qf0qFqKuXQ0r7Ru0K=UjqOxBm1N}oMGdvHCzLC>yfqSE{#fyL~VP4a_IEE*>IyD%KrZpNFJX?&Jv&pmjM@SY00; znllCEATkS^PA^cMTh`CTgIx)r97tL68Iyiu)k6K(w=YHr2aJIHYpqT^S{s&>=7&Z& zI_lPqkw&_;X65EUvUDSVG7zAyCFf_M8LfwfGZiWk_ttt>`R`xXP z#EAe6HkN4F{8TDI;`or}m^`-w?74WX+TeNS2}$na?oB_?@v+oCmCY<(_h=YRz!Pe|e^86;4t+QZU z?tZn_>_~RVGn479E?lmc$I;-6`(1n7km%@UE$RFpE4R~*TJBrb949TtI$we9&Adj5 zWP~#{zP3!?E6wrv1JD`FarsIU+Vvoqlu1z>lCI~tWvB7G>*HB3qZqm-W654C!5Hz+ zwHQn|1@n)!==Ca^U}}#%z6)MhfHR`qL4lj+gIe)dY`(xDNX$r8=b)fSI@4liLRT63 z6#TPt$MR7Qy4B$B{*y{FQ4lhfNdBld7sl^x=e&7BwFF;J``>|je8F3f6#6$9tlY=^ zYnkKxhEW{6{kcgA^EH-n-F+7f)ujI zF(4OB4zD|i9>33kL?s{wIW@UbJOGpVCd*ex)JmG*=(D7hgtBCZszXK2RH33{*kF{$ zL~g&GbCZgA!oKQ{SbyPChL0Fz1Oa^2CVjiF5nmv__J7Hr$R(dnaCV0#;0e*ojVhUB zu&iC#fORnidzifFrdn9;)%Oi<1DplyazVvS3R5<@F=Ba8-5`YC#F|v>zNFw}Nn`$00_0 zP;l+2m?*N_%$pMf!?~5`B~mu&S0Y94fX+xj@%^Q853b;f;QNmqrw^dUY0ld~Mxj;x z73?$>&~cJxlmh=8K6+>OX+}db9q{lR2?rrT9Ys~pv|bVnFwJyjTD!kItmJ2!mDcxA z)Sr-0KEa!nfwYIxwCDiEEAlXT^lzaHO{;TaHKAX8VQOPz-W#Faat^u7b5CuB zuF9&Hk4w-v7IDPUa$jAhPu;jtVOiW-)~e{Qt2j@bpgAP6iu+uN?Q*x35EdTkeio`N zcb|CGoH|$S5^Qp zmUYHk->S~Ed3%i=L7i$Kng6>QCo#wGdM5w!HGc#ly6N98>{p1xZkH?2S>eS)*4rS4 zTZ8W-6M&n$lc#`L^F>3Xl#Nb#=UlB(h|cXuwIAFYM5tOGzU1;_^9Y$TeuJp zs5*r1@Qq+lrdc34i!-$OypK24%p!meX&bXPNq&Q=j668}!~F zB_k9KxjeXldSr~xI)`Y?Pw(f%gG(A!eh?s@o~vk|p1rMGt2PqK+3Pp9osH?={xmYr zS44?p-XBLz%(%73XOYZx)X}x#hjeBlJx5i^p;E0yuE3C9NUA!oJ3Tn=!mKP6Q`T@e z(#^-!Wv$31Sf!xYeIiASN+I%jmv6d28|Jkuho-%MB*cuEaixwh5s)eP z%!`*c>@`P~l5@Yt37gAHB&IM!lgWPQCJgD2BXo(O&bjWDP*)){MCe2x1z76eo7}0D zGN~&g!m7hRLKe}57TnE6wjYnBn*>t1w(Y0n$PK9tCbfFLBi+wC@M=L)NmOPXsL;{Nc=mmIy)xJx7{W}MU$=sd zO9xwsTy*nv7@xeyZM?D~4Hn4Xq6t=4V}fB-t`KD|pk8aKFaM!Z#{Kdh6YT?wTMyCZ znK%)a$L*RhtGNn~-8deDOcfs%yO(i)67z;C>^=Bfu`Qr%W9POiVeh9qBYv!?q}^28 zQC-w3pjb$T$oE(&cJDKX9Zkoo#^nVm?shq9*V)I?Dinv3t9=zPB~HNNr(70fkokuN z_@2b8M~-R=f)E3{NJ@(SMHq*VRL^DjSz4*m)ZvA|1OmHDoj5WyE-T2rMFL3^%-)ac z<0hn@FTFGy0Ijqmyf<2Vn>1BL%jW8XaMP}U8<+1J+UKi4h)eguH|PfcwY7c7VfuhKxI?$1AEOR?%gs>0710OPoK{JKm~K+Wj&XW+q5dpO#TcIA$-^KLi}> zl!U=_E|eJ6O!6eOZU1Kxr>i@O_x}i#;Qn-}O4%Y-q^Vx-kpd3hyIxP7#A?uy1qn;+ zlWU7jd_7hxWP%fK@Cyy{_tAQ8Dc6puP}`9iHi`qw5*XBP&K;fIv7GL` z+7r~;yO1Q}x9Dqz#>nIJ_>Qmbc{j2&LmcM>C;;AZn(?xCQPy;QzXi1NtK{26TX@su z6dlhA4_%CjUcqISk(8Vs(NnBfS3RXFHCU?^I^xo$8whs=7sCUUV%2&CyG)FU@Y=4` z_2}$p+t$VDbN2V%rTBC&fkrcS(%63`a{Y=zT9WAauav74tDs|-#i;ad@nKasWa(*X zQZ$HfVWj+ca3jeSs>Yz_`Fbjpjl*(eO2uxA5{lCa(Y0ZZs3sjIpQlAN1$2*EQ)lD! zg~zOMAUGyW5~IHpe!`yzmGma&5lD|h>lt{jP_k9h#7Gk#f{?=hL*N~8?2j(^OqggQ z6DOy{A=)m^@#D=dB1~m!EXK-jxZ@CG$bBqnV!1)Ndj06K6hvB;H6Em&90@;Hmk=_E z2@P&RzAY~|`ReJF%dZvby+uYo%P(X_mCq5%(m(;Z3N!}SE!k!mX3*0mKPbB6q^b0( zYSc(7Ihoy$cvUFEwr=S8AOj}+>Mgl-VLEk1Haf?asy=~4y&bnIxuVNs3V~3@DCR4* zKrl2?C+|K+WP%7`p#T-N*_FX*BP%chT^%~)HjXf}5QLnbHwG^iDLMkt`KjI7-(0R` zGKVg|$B{vpMcW%0LfELaR1;1{VxT|<>Q#_U_VkdJC)H7G&OkgA3GxkhN0un>sel2& z(fnFFR69k@e{BR4r2U=I3f%$L%|h))_{ zKKcc$JYL-(u?i4NREhElIGaNUs!AdA4vEqCOXpg)Y$;ubS2}z>(d3Ny1fa;#O*!|v zkW_~40HZ2;`aZb`C{?u(`u5A{*2&{>GZ{pJmYpt@CGptnHuC&bb3@_#>yoj$^?|{6 zR6qyBtr7re1l<4tje;fa+8$PRm@vLgMN*QI%8sFOShN<&byqxSJ!#~olN*Lsh@3>H zNEw3Hie3n=2RkTu3{;kUa~wlD&#<0FH_=Ct#@|UsqvYbJI7qaL9YrZo3e(HH4V}rj znB>dHJxk&8Uh_iuv=dstBTD;}O`4IOn5emA`hYC-SIetL zjEwUJt}ROSyjRf)Tv)K}p&3uHYZv$T_ud^lzB({{&pT|MI>!()8p!jA&(Ohn+6LO{ zbcf37xw9ZKBZ)*lz`@DX)kvCgskA*cd<&~|tZ|io6BZf1V!QGL!EYWGVAQEcU;~=w zw0;)s1lavJ+F!>7SM)xQsTwzP#ffFJB2=8uc|LQ3Pni;9L8jRZkPDzNS80RuX9Bg^ zQ0O79{LH(w?<32~D?d>r>77dxL5Z&c4N#aa^YXSrS(d2A_J#9hMTW($Z@qhu!XLo1 zT9(C^AC2q9&V!F?a~R|uk8k=+3QNkTuHv1VD6ll_lYP;uk<#=2 zs76no7j-kk8+V=uqg?a!^5Y31MR%>*$T!YuDQZ;jahx}0<0I4DuhGi|rOh3w8&$f-?3MhxSd2(v%mdNX~W5?2EWmpNgIs}g=j$=-8Ts+38*TEnj4_@TvQT6H5 zQgGceG|L8@bV?yEkI&m9@>SjwK?!cXrI~9VYeXWu*AJZpRp37u20fHti``(7Q8l}B zaW%h-S(;5C#HlbtQ>yHBu2&e@;S#ux+Uee5m9eg~dE!1$EuRhpUu&BlOg088dp*#E zzJ?UFh~Z*M1^AO(Sljv!tEK;XWQ&&)(NqL&=i(G!vJ`V^Zm z4Utuzi!tL|JFkbKX~u=*t97e#DA9ZHkygsyg81ULjIc6oYPYrwEN?h2$q(nmF4RQ%u(C6(7bp~}YdPLM zHuq+zFiE~J@|12?-WjJ~z(fWv+teA)5Ybja^OF()g*e+vpVC(JNXgI984F5dw`RAD z$Puyx$o$s%u{|F62smI}FEaa(gmLYWMg1kOHAtgtFv)w6putr~s_vR>RY9f~<;`_T zE}BB^wipn{ZyQ(Kxl4XlpiA_f_HsgwKs4Nf0p}m486$H}mgYE85VPdI;fyDlyDqnQ zA5W++i*wdT!y~Oe9OA%bLR}A-Y0MTmj`W@J#Ws+8p7w*;a0FB zFArB-#ilepDjXa$*^}t=n~zUlw_mtjoyHevBSR5OcSAJjJ&?fGej&M$Vi-cz`?gd$@Y<0JEGA|ZQ7y^%wz$oAj*o!YSiiX!a_2pj&L7H*mVN&R86*N3^U8F zQM`0LK^1<&rQCs$!CIG+YDhUZp6AY9RVe4_BrDrg|{MveUSB{>|@9Z-{4-D!i)7Iq?=AxpB~*?_r_Qm?>vF%lY}Rp!<1`upvJ+> zj88iQc`>N>?Hg33-X3j0d3kOq+VKf>%P}6=DXx(T+P_-PT(g-PvYOL-4>hhI`MKUG zU%TSSfV5I-$Sgin_-C48+D(!3S|JDE9v|ozWkStfJHs7w{jN$GF2G_qfCTrv&NFaz zXx2&F%@>>v%N}Q_As?r0t=M|As=<9T38h_O zY_F-5g?ipyUV;i$bZ+SgWLIof1_^YXM%B%8jqRWx7P&SFyqVIR!cdd3k}i=eO;mIU zXOR4Hdbj^N-eqdgAH*9+BC_Nb-`7w*py+rT!(Zyqf|W-62@Lse@pak4?mJineq+gG!}7CMD5&9*+$YUbY>fzX#Vyxn}KL6RY2(U{&(?+&*T#bUGCfKruITORJ>^ zn~J8YT%@G!`be)dBN2IIO^oQH`=U8_sA~R?Att7khb7xm zK+UEj9j6-0sf@UN@DW;H=YOU%&hw~yy4J8ckLZ1lGmz-T@nEk{^|-w!jMFo0-TjP^ z&2x+mQJ1Y)r6kC0myO5rY;|Pa1KHgZD#SKlOp;9NXuNrdX8*o^+T89P_+jC7bmS5* zG=ghxH0)mUNwW`HmXpupfd!)lZ6=B)0m%QEbBqUK0Ri8yEBF>++*`!&bi=`)zv=uM zE-Jh)Oi-2M{Vwk1<<+#?+cmgG6ZYvAqqk!4_Q+LpYV}w^&IT@p(l7%(!FV0V@71Wp^t#ky1=%P)hGQdsWKgqaFMS)5S2tYEG(gSZ<}a5XBWgL@T&YSMJ5WF zQnn0j3e>upbuIgiu>H$(!0;8h~W z=?#O$DN4|?Nu&|QFOw8k$-Sp()~Pd0TvlBDa*-h1IazK%+Q!b@+jPcoe}h#1_upJc z*^9V8+|4JvbjGFX(POChf-gHHyMArG>DpKtM+3LNuF8*A8{T3}x)=>1Rhy$q_|X8k z)Z0=8zIn$V@6^=1wM9SxYz-0V5iMIS<e*@JRHeJ2uB>Puo5L+!^8+05KUvGb|% zRwcH^UGh^QnS_z9oFiK1TAe11sOksRfK!4755P-7rGBINTkisjWD0@|ogV4Ho0X1M z#AT3)(8(~vf1f1W#6Ose0X4#zw!>cQO|Bz#=@V6uygV(`Dsk%2^|Xqtt({?H+Jp&Q z;_fsYy`CYMp*g8S5u6MX&^J)&%%l%u3rt74?BTTZ?3fuPJ6F`dqIg$!&%gZqm1Es8 zki1U^|4Sbv0zuyphDUg@qSnC|Y<>ep0A>uq@5+l^X}Yn-1lj+|xe?{T*|F53M7Wm# z*nxrYOm0N%+@B#+O~E$VL*GCZyu95*AtQfZCpJ6ve0aCwrw;e&V3*tqC8{wM1|ua^ zDt=Y7w^nal=nin88}3~}J?(t+m1=ED;QhN089NVP1pAxUYn1Suo46^3{1$s$3Et-v zrB?GAt3A~**dney2hbUWf9-iGnaxTNZuYU?8!L7|?#N5mglbOee$xaSilh z9;`L3QF@ph50LRyS=ArDRbA~gZ#7b(Cs?NVlwWd65CP**TA6n?{U!Z{(Yy8w-e#6a zkg^DWIAhR9%d#th?(ka2QW8^*D#wN_wS+)k{)P7OX{YiGOnqNcjT767@y3!9{&G%Mt4NTw{m;tFG!wjT2I5=V@estC+#bwyg~oykHVEBpB8-p_Gq_ZM95cUm4g zNJ+iRC4`^3S93>WlD@iKdr(BG80CXa92hEtmN^l_H3#BhH(Dn!Mn2dnkY z1Z$pNfN|%r;CYDhpf#NF`rUy{WG>RrgMLVK@=*Pt?<2AvvI+7mNOdlleFU{s8W@jM=O2TL0Xvdtq8&s~9mCz{Zvh zKl13Pcr73V_>T|Y177+@e`(Y|eaS&>IQW2(9ROJdKx8<7!eaKFu547iKLmRf0Gay# zDtR)XlJ~F6-=F>aq78$zEg~_kludIZXWHhbx2MOlZtd-lVmF}9%i+O+<{;UmTD$pm_hm+L-F&uFieQSCpXP|>SX4^}tyNZBAhZSLW&pS3=98IzFa zpEBUQ3?w{<@4OL0(AV$mc_JIb!h}MeR@dbHszSxmD@uo^VdrNzu~ks8C%tkR8I~LA z`MAN)&!47|#b6f2%aT%mF>N(=c0pUmnL$f;V9aD%KlfjthY-BBlj>Z#0y*-9=}RI+ ztl7B;`^7g{)}?5QnlLTQ+xh8P7xsgU91)igRN4 zUVMI`$|1~^{6C{1>_0bPP!S4(e`LqIe&MZFTdFh^r%9Q+f2nfB)rryA%Dmx_gvB&s z`Q#tP3xN+xqG{gt7VHL;2p&Sz>lFet3mh(sGFp;rc>A?JR^1G)DA>YiccKoRj*lOh z2wrq}JCQD-Iar5~ZuMst30UkF&(Ua8@g>IQB}UC=&Bm8&?v3O^`JJX6$3o0BM=8aX z>XZzNl7)c=@zt?4LTJY#`l(_Dvn#v7e33R3V{(k*SbT+80n$#g1>rY9dy3aTf4q+o z>kdjAX__x5G-y~kI5x0FmzY_OBJva{q@`+7!R_Ky8+$Wd4{WNR ziB4J&>T&)WtrrMsWn28&8Rg2^v|Pm&DSAd98L8w7kc1guan`eR1^MaFRu9)=8}dWN zo5Q8gsC1%si-B#geo^c78!3XjbPp%X5EiHLE_xIg@u@Ly1qtHeqD+WGN{wIU} zEg=q&iA1LPdG_SL@BTOIy+Hmqwf`XH|KD8m<`dgsIUIrdGPugvRudEj|!jIasvz84sU&;Kx zI9!^o8;gd4i+f@c%aZrc!Ivw&W)P5Af5d!Idy-nd09I_1{)*cutJU)3{Y>lfRmgCt zs@y+>k*x*9ASiJFdj-v$%N~$qIaY&Sd>v&(Y;e1j{}{f^*D4Th?Yyexn*aFf&mr68 z0`gpn_1;(RpL6~xx$KmH(EjhSKk5GeF-gc|3KS#|?Z+1K{@w0!pQg|PK-EZxaWXc!|{l8qqVW*zZNYdnYA9&7s|N1xuo{YH7C~Q zC92Z3n*Ub&t=FM8D^(c;9`y?C{h>X&}Pu{LPR3H|PExHP{?b z{y4B_2_?;qj@>UUaXr~r?sk!XJn7M>ngH#m`^y9!0A9rx^G$*3Xs$8A(_BFChZ7Uz zGR!Y~3otY_L?;zHb?N@CMwI)!690O0*b+Nar2T|3&8K~LU2D10LQRp-lP!B{`CIE) zA_Q~|*PafMe~XFEo7cy*`g>!gnvIsNPuCnLi*dA@;qA4B@w7&VqlH$_-iRaFIVPNNAIIN(+GTm2@egy=TEQ!2un+7k zGTe<@Iv@yhcou?q!s*gvW%0M7+#rGHdLZq&Xo!y<@ryv#w685$7kED7ah4@74A+E( zUocWc|8r)&nyahr{3lL3uJQ39b15%J54~I%pugGhYgqvE*)8X#Njbp9Vzb*lU0A*z z>CVmVXni_$#g1s({^Pdak47}Mjg6fmrMqcqzgV}(^hFU-AiG4kO1%9=ioaDkNU||{ zZ<|~O9u9svGHH+9^hueYq6;K=vE=+85^25o#>gnI^*Z;!w1W&9E^_klT=^G^|CVrG zZzOfRl;LSRI^~PTR*L`QtEql~sUp?!v3Bs!q5O3tZwX+Ds38D-=zp>D_r#?50G^Vr zeO)m8?~i^}0xYtUpw@pHVE=kOX(n&x6gTQ%XsTS_RjGqsy4t3Q!!L6ZU%?NLTUxJs=RTUFG7D*bMOKj_KJF$%cRF&o{* zh2H0M27kVn+p(wKz~hTb;Z}S8ml~8&oBUrA@dp*!J|mmpi+<@>7>LXDwRJ=|-d>Yu zNb*LRL5dsb2Cb?+$#~d{&TZZjBS{$E3{4u+AdfAv-eq%`%KLBE!0R_kNWjY!3Kb%T zq}?t9ttjG9XYE=M>}(y;hg&VR@-i`mtShwS}(&-v=zy> zB@s(lppX9#T1S-eUWjHvddC-zV$N5qq%QH;3bVv6aemKcl`l}0R_HI+Gf8I_Xnq2H z0`(KBJ7B{dy5gl9)nsGZbV}--^G!ghRXL=CKcT<_9L9>uBXjG*+ zv4kA(F<^H>oR;`B(*00BKi$O?($$)2^LTG?eSLk@Qq>twFh3Kw$$2+Y3r zi&Sg;PrnOqCaP&6{Z|I-nV3bflYs zi_5(a6b%|Crt57dE;lFV(2a7nfNy42*SSZEfw4<4@{pYFWa8aJYH2>NVzj z9i%Y!&VIV~uXwU43#LdRKOcL8f~)W|adS&q?gH(IPEJlDO~p5a#7UYWos9i==;^1M zs&;Lhr13wnvk$ly%COz9l@o}#ho0$CMu@1-hpXXxU3qdd?F!zeu2uQBgoTBjQew&; zP+I!UvrYEzsC)A^YK%T^D$J~0T&7mLKV0iOluscLv1qM{L1nCEe&DYC z6goszSR|;}nn5G8!2W`o>D_}N)Wj`v^ZR509CfDN*%xj8>xVavnmqKjJK;R;Cqo^} zaW36lAE1Qa8?(Z~UR^(3IZx^X1W*5cXIbDes_ZO%#1I`@mKXxa~b`3TUpbUIR` zaUQ0m_~^oW5oYEcvp`YLzU#*xzhZRquy9OPSZHVXY{UvO2OhuI#OpV56hFoF=7;pq zva`ca@dTz9wF-s;e?dG5WtargQ9 zJ#}LEsfn%;_mFeqa16!z%&D+B3C_@avNktgbO`DA%nu%#p4n*y-mCS4!Oqy4gskml zX`gEElp1(CoV3wgwtEgg?P07^tcR>qF%agUs;iB_TQzgkVy0MsafG3jE7b^Gvk(-X zT~#g>Wf0Z??bX;2;@aHnbBa+lNo9X0c4V3`|IO4Q1FlQ;;_~Kg^D6vcaRk-}J_b}I z4`PeSy8O%w52_AHEZk#(hd?^+Y0Nd&}F45QobxV~+q{Ln_Wg~Zv?@rXO7{I<0(gE)g;Em^3!=w#^Xx= zIyIcz7-8T8>$2l+MRWbL#6yi604J8 zXr7yd7n6$bG8ChwfnIm7Y;hO_teiSA6RRtyeOtq|?ZyQq^l$aKZJ|jphfFOSk64WG zv|sLL>TTDQfl^v`_31(!4m9#960Cmf8{0{tN38fKQo=S2N zpv|z@-gur1P^T@V`KPe1X^~bjFeDnTPJus|`ZEsh60{b(b z<}#u=IPyeEq3BFAZo5d!-G}sX_)|GQ6}4R5RwM9;ouGXl*+Pkz?2eqak}uAs47}$7 z*2}4?aC#65e{mZ0LBOrTORwi+uew$9RS%|>0rqbFPP%ydx0ZU7NJ1Rhy3D`zA>IiP zVO!p*d<5!aeHdBKmAl7>2-I$ER2fVC`0ty+uMoC)(PNMY%Gb@F+>FXU7`Gs{uzt#lpnKr z1Q^p+Ti)h58+-}Ub#REEpGD6r)cnwVQ2i_zg1^`m~xCz}c3eVp}|)+Bj;6%JlG zs>`7B)NYooY@tr=zNC*8tw~p?-$wuhX?{ICBI&fSAkmlC-a^?md}xmbq=7+Ff&c5rb#mDMicLKT0i2Q%vZlSXNZT^!wKRJ9@vGU0BfJ zbZh1Shx#lNdd|H7y{0-MYkl9CoYD?i4*(?n&9*w@i}{2fi3(~bJkKUR+!{=`>e_Gz z{3#{<<7prdbZ4`g`q@+F(!=si%UK$wWo?lrfyT}b=o9@=FSa% z2KZmK0Ir8wSHeWm8h49t-!?d^?iHamPj+78Sehv%{b6C=6c&M>~(y zqsR3U%ByIBdq&2|`uACk41~cVNP_vwZ03gY7WX>m#+Ph)@DaviG5ey4^{ku}TZg$1 zRXpZRYUKJZp|8xb`);20K}RxF6Ym$PJwI@H>X^1@sPxKv-7TIe1Y0W@51c)Say={T9rP_0V>NT7jDh9QA~;*byb^I0UL zIDTVSdZfo?_Ls-$+LrF7G^GB|GH_KvJ3KFU3gS-&K|nh{8IRS#cWFSN?dNz6xjv`!A6%w{RrQ5*T~pDj%=aTd&k5XfyE?kp)}Q!>#?x zp{W;hdZrLbPB+CmewfbNJo!QJt3$60YF#swhMSc&$IFtmd$X8?Jr8O>+r0G;X5v7X z^sp(JkS}FThq)|NZVqA4_`Wu;E?u^_hRQ&(x_Vik)TMVQ1?1!cv%sd=gj7g zbkp`!&DmnL8EV2AoX06B$hIkd(@o1wb5UH`+~~s>*_P+~gAWIh0NSdrgH>y!bFU-< zFO8UG-xvk~q=~O5ww5tNwrNE*qZ_BRGb*n*nC`xsLzokC^tb&D*iuqN-t$BV?t_Ld z3~`I*(I;$_*V}JS_2^R`=jPl(*q>Y=DjYf!-HJzWR0!{|ACm4Kotv$d=V@syNK1c49`< z2wpa_lyOSy8YA;MSwC!^=$9RM%ttYQtSp;K#4iTiqaNq95<0hWddNoeNHI{864l7t z@T#vu=$rGqWf*WQhFRVOd8fiUXGA?fxGIHGKr$2to)0DS;ffmhgLL&EN1!Fz$)flt zT~x*Db@fZTe8eIB>R&i3O=K5~8aqUGeh*O)_<^n-dY<@vwO14@5vG$z@+7BS!CMuuod z;uyOZ@;qdyq~Wg3ht4!FKHyL#pY)?9&TLgqxi)qTm8BY%d^D8aj(4kZYj$l4L_eGeol;FXpdTuP{Uh+B{=kA&Z(Q9*C)>b?Sp!9_I7TID3K;Tfed^ z8F{+<6xGH?LPA!Am2Qrtw>{*QQ6iS%r-_Wm{tUkb+{E0AVeZXf75;X}h#k(I4-yS3 zy#jYH_hm17T8=&F#&jHdVm%qhD}apCS2#az;EuW_A}gAN^251|`6iy)u8ScoHAi+# z-u=jU{_<&5)i@2MMLCpfM#C0H_UX`=hp>1~{TM@jKz;k&Z zSJ)FWp2s=&6+%qOsuj>Id?BcgFnHn1X%4=Y_TxHgK}HpyU&;T|-dlymwJux32?_2V zJVQ>~r&9{WpuN`8-UR zvtNp;8l!4d{R|ZT`ZH{gswy^Zqx_XxQDkaGE5zD*!-FYemC5i{4)Q`;>w;GkUXD4> zxCbjyf=TX$Ax3Pi@eZVdg0+!e%-U24K56B^;95|Mz#0-xLf!AS5X-wR_ayU5Pd>Lx z1?=yS#xz9#Sl|mOD5VRt)_p`sqF+G>VOI*s+O{M^+~^;C{UfSd{64Z`lOD~p!sS?Tf6semqEz`MN=(7!}2fh6Y|N>&c7Lf?OjQ;yEUeFu3-d5(t~vYcWZg4 zw%(Y6545`?b4tgoxk2p4W7%WJ>EV=@(zr%vE%iaq54H)5@1}brK2ndoW#iH^*BV8- zt=!|exEOnJF#69^qJA8fa-wCpGx4hhSXzJO)Fk~kSL25(`h{0kA}N{dEc4`TUP|6M zRPU8ET%n#8m2CG!*bUpAo=@zR_*9}~!f*_6A#9K9CVgA~U{(&*`~88>S|3%5m04X^ zEn}zZkUrkSb0M0u4X30?cE80TDbcwhIzpScyFm+9m0@vWy;hF#T*YTxV?J&-As$xA zH#Yl{Oss;59;i)J{pKqdUJl>_=)+lI3MVgfXd&D?nL&tQi%U~Pgu$_r|AOZf1zobL zhp*5N^t6JVVO`H4!H|Oy1s9)f@Vj0!`Cxo)7UA$*asXF{X_!n?7&41c9(ypoxRHb+ z!N<&Dgt@Mgd~(QJH~x&#cM(9%h?wGJ-ykT0dTM@k`jFCQ4w6;2LBktE{@4kt)E7vJ zB=3@gai4iplJrn&6vc2AhXR(vHR_AvH40lk5tS-z#bp2i_Q+#47&g)t2x4_ zm;Oo$((7#qvOecwKXKWSk*v)zTc~eNh1WI1YV-8Vr9!4JZm}du?655QF~0^6C1xJ3 zQAzmUopin~aUu>}Cc9|L9)-9e+MV(4cy~)(-gdeAYu?a2eQIn!w%H;s$J*>ml8!He zN44gRkeV;RCmeDXcXp&99b=Om%_fB+D$M5|$m7(UGuKssn1rH$c+;vR>i4kxQu%1*0w4kW%#g6?Sx?ivu!F*^nNw%WY2@waKJ1@ZVRr-faLt2g*j8Is!hY-9%7eWYYj;2}FolD2C#%x|wxGO}(epe$bGS6wMOJ>+XG_y3 z&{8~*$u%ji6rak6b`38_g*I4?1X`@527nJOR1|r*bXP0&Xxz(BTgU$~oz!~yYOoD5 zRbl?n3EMs;>mf!pI>h=d!l2S8tcVakB-n-O@OG%}{w*o^x_KuS1L=a>v*UR(K9l?` z^c3?k#ueGT7Rf538Y%IW<}lHWCe@B-7DZ9k1wP9hv?2CgKTNGUVCUL_M0%MI8 z$EV+u8bp6A9JKkYAAlP^8=Qq{Ix?K+X0em>ox(T^LFyq~vyTrWEB6XfUrU*N5*9~- zg)b=~qhD(3+mtVkSBs4zapt6S*2wy>0^Wu=i@S>{$mnug3YKP2F13fIE2cL$G;62z zLfGo8KFu4z_RN1MQdRmkum89s?p=Vy<0+`_oKRjh@_vluCnj_i^Cn#&U)K3JjAX?3 zm;ZqjS8g?$Z>D|O_I{Y{6aIWiLa6RNfPej5R3lPF=>`p1yAvO^&#g}IQ**3#wG?BR z#qgQpPVq*IXkc!z7WIGy14SjMA9&WSTePBh5;Ak$BlH_cc5eJ-W{!m6sLas40krpD zbqSa*?iGYIjq{#ZQRT}6Vl4$^yX~wJac*ALFxVipURz%LIrH4r&N%9$5qjTS##vtA1%F_jQ+-jC+A{@7h&J@b>( z@rpyYxw336k^=p`#=R_Cf0{&a136MMIfsFssouWXmqNznK=%7W*H*I!^4YE(gv=+CT|3VRfj2LU z+4R~9@~}5iD7|_R$+Riww}Afj0xloyD&s=NC|r4oT)ktf2O4vlJc0)}aPPp*BUr96aD^^NeKB*t&NEa@p`GTAPYGNycXr@N186`1*WzcYD{ z`FM)i?aw>F7PE)cg=bBT+aaa*a_{KM5M~lY)Z1%kMf@|E43q}8r=OAtdpflb*RYZh z`42lN4Hh8vDVdK~hL1d5-FEiOVr#_a^hKYM?_rDW1frlzD-UGUcfa@)y_gZc`o*kP zSnPu8c{zV(I*N1vQMcS=tlVZO%YK`Ox6a7KyvkU&dsj^y`xXPs1lmam+W|QXLxx5M97V#z4?C+bD7Cy&b9tTiIV6x)W>TyLXg+`r2*Y9u}D~UAy#( zh-b%Lk(5OlX?b*iOQUNYr&3y4kIQEfo@zY3Ii*Ah;%quU&_(n5@p`@Fs{i+zk8@f3 z_@Ov!8pZxnlQLLKFLjGZ>}^Z9Hke86!GsIUkWhAtmrYd?@^y+wl9^!tsKV@RqdY}X zwj{KoW-@7xKbc|y;AmadoG^B!Ar}sa4oQKYze}4oZUE)5A4~6N#SE2&6f2qkA*Xfp9soTZC$!!3#nc zT6eRMby+|BXO_+Jh1ObP9&kA`o8z4nr*i{eG0abf9ke?|&qLrSbvQY5kwXGxiMek7 zGKPb~m|~=~+!ujG&rwACbDRjGzuJ?YT1yv2@?guqB(h|`<=H3n-c;{7vJIjSkfZP@ zBXBLbJFwXh3}sE6iu&=OL1LW`V&4(ml#;{&2hoNuLXq^3v z^*vtcIW*g10k+?%g%NLvGVpon+ZQ6c72HpNR3`_ioFxzQ`$(Mc^pGc|>SBS7{&CZD z157nTI{-Ex{j#3QOgKErn4li$-a;$n!flxK z{qf@61pXs`#*hVqXOQphWWhB7gbOt=Z@rTY(YK#C8z!a|fmQH;(>E35DJz=&k!p;% z7pN(E@5@u)P^nDHVJ63&(V&`J!Y1224zC<(C%1z&7z;l~Ds|=nQ*7C-jGH>~!nIL+ z2QhrbER@{8F#AHx2fOe6CQ?4fh^~zt(y&3d455LItU#{(iD=L!bx}-AGPo);PQJb$ z>ukr#M~dsQaNN?LXbDDK4Qr42LN5jy13bv2tym>`hFQq*?In7`BX2Sx449}{=Pl-w zUC)_)xVfc?Faqu1HtwSPdrmVf7e9CMDOF|Kt$VDY8p@=8gv;8r#y0uz3wQ;ZqvLfb zqv3+X#4<`PSDnFqc#KxHY!RF*_EJH+MM~a`^?I?k#iPVYZDUc)&xq*3GveWt&5BUH zovVofWnH`Q?hz%Qb6mBR%Y44G?RALpWa0ClsBFzK5zkg&TK%wE9iSSRkC=^hTNyaJ zQtrBNev1{@G>>o=%q_=m{0jS|+gzR)1gC5fpD9uzi7y-HXq@Z*4ySXR4%w90zQWY| z)yZ^ft;(8STn{LT>cnvH6dSwcnxy_k?ZS^lao<~{Ev{gm=rtg<8Jes^6=OUN&zScH z?o~3yiN5gq$aih2-;hWR5~%{t7BH}?LseV6#$z?Tb#XaSusseO*mY5z^27ORVeBhB z*g%aL{|;y>E@Ybit>`fU3eM6dz-MV2lq8@^EFPm?M;+Dih&@Mg6LGR2@F3d8Nmqad zGD!Cau}`e_1Vjd)lAxQv=NSo-MHPrTm7v^~S<@?~debFFk}p5p(5dLd`P4K{9QXbx zBa;*bNM8JYTio`r;6+tcX6IUWs#I46o_VSSZ$Mix7aLWNIQtrwMOAR&E`z$Hib`CJ zyORk3y*pIiP++hW%uYW>!^n*Ig_^q?5R;l?gcNcA_U1JJUW>FNYj=)*SVx=&oho8K zHw};W1#L>H#wwjQxpjW~JVb0}_vP(N!6@Vs-WPBXvB23M9fgEh(2cwJR_gDYS3r=s z-FHFF5B$V-lX&L750p}21%@h|I+>j>syL&B(1=lT76pk;lTFWZwQ26Jy%4qJyeLZr{P-s=wT=hkoa|Vvy`KkfANS;&t_y&S=WOV=u z6BJt40uQ7C`#v=)K-RmB;B2OVF+RwsS4vJdmayo}CG8X8LE>(#{gZR-iZ`df_ZGZk zffb7;HD7=xi~M2yPxS${h5}m?*O^2^-{r}5sQ3i#Vo06MxgnxwFB@RT zHxe@g@{uL_cmxyggB#mz)~CQ*`Eoryy+Yyn#yn;t&M$bvj})ok`TB5+sdV(1Q5Y-YAr zp&tXQ(!yHw#jo8UDQlXMZ(#JPHrDM^cZQd#A0^2zpZw%_? z0(X#tJI&a&O*>z8=XKV03IjdJr2bFx<#NO&ElRxoVxqHz7DYf zwVBo1!d_>xRAL!dargC#`dl~~N1%;w`(9xL$w7^Nckqrx}5GyHhxFVA$ zPgaR}ZPX;mV4f!5B2&R`u^|i}#d%=V+2x!dKCGA`Rtda~7r^uRfc+sa_F%IU>4f$ikFtbhUt9Ov*^6w? zdFU@C(=roXhLt$C=rUqf+k5QipLA2o2k$2 zP~46}`Zk<@)9JuiC|LY292iX)3SZo+^g4e{f-u^AljYkF3^^8ohTITmD`Q$k2F}UX z#jHhfYfvt|9&(DvPsU-dr*S*o@rCZl)7`uku2$8+=eRN%e4|gppX_idB$wdPMY7y} zADPn2!Kg1hY?fThE^jg*%wD~9m)7s*7%)$M`2{h<2eLQjeGDvOgbeZGT7jdw$)}01 z@s*a1mq|3FDyc#%)*&Tr5GHfwQV|p1{<_i^2op45DT#1y>^PpYSIFGgr4~Zr;J8=D z2tDyZ^h!YaO`nGu-;8A#xw#UqIRq^bI@mjth|6!3nl$+3*obC&~-Q*NY z9}oRfl^OAb$ysKwd7G!gm`xDbrl zB)a;=U|P3A_Df{L#u<8(4)K}D$YIV*^-&W>R}`X-OKELjZ83L3n5UILN)hGvjaw(} zCe+#1cs|tRjngt&EkD1|Y}r@e^uLj6)U|I6q{E6G`jS|A9{4t7M>LSnXd}O|y@9a- z?(wI?;jMcnv;_Q)8q4Y7 zeg{}p+OsYa{b-T9GKWnhd92Kl5FwP3pgp1ZHp`18ps1qS2eTTE_QgFsnBlnqF>Tc* zgG^rxA~IXPqnU29b1b&eAhrS*KgT_CMkK^qApH4ro9F#Dr}2sW#-8$nw560LI5JPe z0)ca1kX<<^a>TY}hD$qDcyAIPBqX1PNm@+Rzt!E;klA84jN&^v?DH&2pS+n#CEbJ_J;vxk?x+}(;h(ZJ z94J{VsX3I8Pfye(uWIHA70nU^!pUPR{X;D0WTla!Eo~s=5S&L@W&~ZHe{gCPi8J4fqyL;8qSoIJgXZzeJr$APHN0yq1Fp@T z;Xm*MF~v+21>~sphpM34Si1Fq-&uTvZ5;KP;*&t!paqReco(se{!|7Z5FrX@G=Oc$ zNhbHNs&$x3j-nx7P14tdh8mlVi9+y)x^2oUB86BYUv4#~%N$E6XwWisObj`>%^~%B4x>H zIlPb)rMCtml;hqD9~v*eB|@oGcy(y;X~Z>Ig-a-Ew0O>FZ{*wZ73;Z#@zn^b!6_V$ zJkR^W7?HZZoNP*3H9Tq^s?t5|*lPNh2|J7IWUmlLvkALHku4<4l)+c333O<#K}2jp zS@Ii50)$L3o=2>&h;ms&P06zSwpE#n`t8VNMzz=|>&xKQ>bBOC1dD`QqAS+cjy)cY zvmE2slkKhw15-bxd9c`>cs(At%k6}ubKJ8dl}SW$gw7&~ano}+)=>&n@p=WC3;GWo z@nc~On=%E91;?X>Zv$f|e!uo4?y^F}%c}rXX0_TN*A0$I+X?O#t(_fl*h&=}#+?}~ zz>I(=Q|e^qC)tqTYuc)_;#h}0NKr-G8TdQl;H2Kv8gtawkhmu=2(yb}ps~WEXI_W+ z%{)q`z#7UM|8Pq8ASIphdWb8@AteptUNN=;*a zaRok2mVWslLf>$EDDz-2K2=FZCvzZYU$Y&Jppd-j{(%|XK#7m9vkAz*5q$t-JF+0d zRR?4z*^E|OMlcn2wwQ?e4PcK^7;OK_`S7~J)KfAPhuBK=T=r{Adsw=MBNN) zg0_zK&X(v$QajTQSU43fKElf4@h9t$C;Qh%ILp*btriR`Kdw{_eK&+6?>becpYoJb z`Z)h}nt}_fTy)DC@e2XnB_&eL1N|(&$^S%ko~J6|ob~T720_nuMAj89k1j{rhKaKw zXxPE$jh(aK_woksJ5oY>@`jZ#LDexs5kH+A=J!bD!ryvrm{lRH>~$%DL%O{Q%AgO; zEghv=y4TVTCbP$XY7a&IT#;)MY6rHfh0+k}CR`0+y`xN-X+u99>4@J3ozEF23|`=w zqmSQw-(wbDSN^uHs3}xhx>m8WSk%Gz3|ccz(wp;lBhFt}?Z~v>@3}&c zkKK!!yQjl!Lc~Hp<3fjs0Gf_(iy^Dmhva=@4bFyd++6_KH!Ki)N5)Q zxg3?;Q6K6EK2!apRe7}=Yq#kRtca%J^;_4_zh67|Ev!?ysdvcoH^23-7H2<+=khqO zI<515W3m6$uqfID`&OP!bA-m<>FvL-WF%m}k*ZXq_}`ECyUFpNhy7M}f}QF=$N0Bx z{B`w@f&612@Ob}tkpJ}k|2X3R72W(#zV(lR{9_>h1kXRyvVVf-Kf&{#;Q0so5&b84 z{(lLcU)Y6&63as({|{WJY$WuzM4gG@|0juhr|b{A|4W~qEBWzK!NI{{gv&n;sa1`U zApC8Xd8TYaK&8uX-8ui(z1k4&9vq0=r6XPdkJP!nx4S$1&BEvn8jk7~QiX>;{pneM zVH0E&Jd{AYg}SSs>cwwC=WZ2evXw3Jut~8gC<=JcYu)8U%eNZk|BZR+zvs3W6@VdC z(cZ9iSVzIMKY?so@fNjtT3H1JbeUuId8|w-e;O?eOKU}o!qoVur~NSX^qN27w5rku zusX%ITv-7zF+8u(Y;Dl3+2yXzZv5nLefn?jP0Hri3Wc(4Y{=Gwck*EhdaL&*$NDO| z@SGB_-M}~x$3buzc=Y&h@92tC##u}^ZnyBv>2&K^{xh+73g4vgMR`}&`4j0h*4FuL zPoN~ZWH%EIy@akk{dW()2Sf}#=r_&p$B7QU2S1O>Ef4OIX0!j(4Yv=x!kWfnVPytw z*zn-qUVfBYj{B>cKf$oBS* zMSg)hyX#z{MC8=8<0L+Zji~M!-YZQrr~i^QAK-;lP^N;xshJsjM+f0E9?q{+v^qM* zcG>IOZ*!Any6{=C14({6t^a|cF;spK9togXi01(I)%)tXLTc%F31fKahHE;~Z6Xd~ z2HH65=FULG=nEkyJlZmXjP+jP=LvexQVafovGm_XjRIkE)7b<*JE=ZV?RTI@P&nbg{_O*j;sznR>Gwt0`R#it7Z@)BG=sT;UU1nf)O9( z^6FaE$I{ZW@xDbT|9){1?P_d=83Bh$p`wCwKbLgb(Ya_&W38m%xuN!@zTRgOwul zT|bGrLp~c|buY??e3q7Y?}d7+CoBR0#8p5a#SZN|yaoac#c0Ts?SvJzVlz{UqUJjR zIeJ9~xO0oEMk23~6T_+YWn0Wddxf}Ucj)PSwvlzT2VcZ9~|3eZ)_BD^MJBEw_9G{E-YGYg^cT}lGmrl(A5 z0AXX$-d+kx+hyLv9VX~*VI?IaBPGpn^=D(S@FwYg+f8;jukDL1O&qv{wgTu}I4g)? zFOkiA>p)diH9kI=;Wnziwps__;B&AtKd9&`?R6iR6q7uVWxDyzMl(!J)7ZR^U)?WOnM!AUx12oQbNO1#(mkNAVz6G^uwQKRLxt)YHEz&Px;ah+3my}SQ;F6{-pv90U1-OUYiZDs@ zC!v33FMYYL%$u~p&Y3#0GdrdNj#q%Jw);I35(@0;F{#oraZ+}&vRYrIoF0}Z2M@mo z=H%qu=K?0~=H|3pbC25n{1NGjuL#4pW1lVtL@!c;=wyR=7faWb*lQ(61d%>GBD{-i9P}Xg4ivr!B02Am^wi( zO=?%)L22wOc}t0uyg{k*?wioXnd!0x;_VQ@+<8#?rLm{=cK@1ed8ng0GqvVtf+P%b z!52+L^<_zDUa1Zo{S?BSE{@srv`Mm-PEJmH-?R4LSKG|k$3>6J^ys?%R!shjXZ5Q= z<*p72DIKD+d0));W+|S2z-&H+CN(4NVV%(7rTAs$<83A=a{dGwtr;B=MfF-h;5Jmr z2Qn=#(stZ*(AU>DDsp1g)zuYy1Dj9)>!DKBxV}H$YUASM6mw5_+$<0QF0k3R9i#Fo zLz@ePYCSDfX}S3L9&0OnO-)SJrA3-ja(^%xoP8Z1M_=sk)ycIHaeJ7Y9NsDa21Xl~ z9P`}n-<44lNh#2MywI3_^$@N3*hV5H-Dp)(P#>%ti9sfO55)vo`q)E@lspD|BS~D3 zXWtM+@~}-zOc>s*YxYZdLz@n?WiRjFW)gy@yXCS^(`j3Km;pJ0i}nOOYSmR5k?Sn= z_W>^Q74AI_QBe_S7#LV8=1=q5U! zPYP(!uB{=mWZk8rCB2m5I*ns6vuU5J^io?(tKTdtO4Hl06Z~1{9&To>yF>rm@uqP1 zX)I1OKef?`$b9#^S3oJFn1V#Oc9UUVKl71r6+P*H1 zhV|nVm3K=^t{-geS{-cHwGQ!%T?%rd6!0j!!_G`9KIx*OWOi^Lj@?q7iz&SbH$Nu; zz#}xmiA8>hn+Wp={>&F^=6Pkh^|p%*R*ps=y}t6=EwZN!$&>P{6$`)LJ+1|0#V>mH zM!Jgoi^Bx;OA?K-=m0Bv()HG|7)4@tNz=O{`x z>jV620t#j!uE&5^liyeA=*r*tTi!t+h$Z7czM%sMLnmJdP!mJWVtv_gx`mh$iMdCz zFba8z=&muz`73>Ii+4@6>W^ke)nm)lD#AKC-o){*Ew}eBtyx}h>ODdHsaeql^@GN) zVV8G(t0?L4qa^pAoIxDrNUQ$i06)SN;ad8jk1yWe4`1S4n9ii3VlX#gCv_C&ep^pUsNu$uFbmwnXcDD_%QcAsfu&AwP2|pa+4*`gLqkr$~ODW zZRK?ZNHeRTJty#3{qgjBb*6sVV}hz{j6RB6xyr|Y@kdAtla{)q`yyDXGlW}0=_*#@ zL8)yObnFl7D&Ao^G`uK|=dnh^6uA~4#6J2-CZYRMM`H!Bw+K9GvblzNLhzIlb41v+ zeeKbvdRipV*cke4rNjWA?EziN&W3x?e@L^Z{M#|)Ec(&A)}Z@3-qrRU!Y#$3Gw!qN zA4$yt2Qf}3M@0s~o4Kq_H*+;N4v((DX7l<#3po57&r=P>yT$dlEi63mAnRlfJ91Pw ztcxX*1pa{}xkml{0T$2B0x}}gct_ZnN5{qp!oxvn>HxUuD_avu20owfU1cj)d&i0KBvu^%T83X3FhTR)>@r@w9|lDa!qVh06g2R zZPYyyrcQbO_23-shOAEQE&o}1N|6CRiIipoqq+G`VKLF{wl09N&8cf?qxJsFnWMhb zoo-D+X^Jb$pM^NlYt)*iAj>E;?4ftZ-o8q&<0Sy($RV}icEl7U;hdbd5e{=- z8`L(R_Ri^jHgQ_qAFrxPJvZIhKn;J(vn7k*ggJh^h(!(r%m}S^B7kva7MpWh>}m@oj+{e$L3@#Y(Vjh z1W85X+0S`yEx~U8^c%u5_v~nzh?_p#Bv?18NNSDsh10s@X8)$OCVY+_7wefpcfGE4 zl_!}-0|sAIv>ir@TrmnQ>IJGo-3x~$yZ_44wZClrE8kRZH3X|+mzasoz~X^5HNlFJ z?^ylv%yd(8nD|@ijV9ySiNS6DymH)4hGmI<7RVduBoRU92&j`6_QONLT)k>X6po?exW2x2w6wQ(I$3V1c=YF+2E0o3v}UwAJ(%Yv zR-66tmmkB#AmNQDcUPA`HFE%C7_bH&g~3QH%g5w`bEVy81Wo7Z@m~OwB z<>xcr0>YCMtFf{<=}rs}1FT4oEyHKp=6Op3Ferq(iK#w_Q&UsJCJW{05NNB6b^9U5 zSzR$u!WkuE-(na{^-=QJTG$bnNG|L{H}Z5S=(_m0xrfy|KK53Gu@9mNWtq==5NWg_ zmU)t~vXTpfax3Z`Y;9Fv3~uU_p458%3x@nJN|n+1^_g#QD)q7;tJ@#WcHO$`fv$=s zTWgrU&y{W)kE>_SGOpQt&QNc^0_R_UxH;_;xg`RpJ+vdHH+t9tM|AS{Qc_APAZSA& ztX|`&otla9rjW~m^3+tY;N4+0ufsB4B3cU4M> zvh!nldFfj=K{RcsT+a_^=(GFHS#XP2PNXvTVsFpb?l2@$Pq^(pC}NAp>-uobYqY<* zQZd*hK0bazRW%$HHLZ^in4~o#WKz1AVyKl2&RD8PSU8UV|oX$rVrbG?!G?e;b5mrZ6(12*?-x0CRgVM>H(B|DnI3>#3oX4mL_P;h-M6=T1A;&&;1(cPb>jE+^ZvS) zo-2ui#y{b94PzygM`AdmajyWPygggrM4^CFCAxjS((-8-Ble7$ywwOCIb;Zw>>syX zX+0XOZ%fQXUneIf1r4f#K{uysw~Zd)`|~Kb*7!uhgq{3Kt`pyFZ$+W4`wQ^kgl|JN zvjMW3yU=MV;_3Sfhqm)2P?dMyyZyaA@Aednt_qc)#LMrXV0P^YYnN1 zx(W3a(=^^aibmZu#$P73mg8`a@}&0vjoE^Fb0X2T{}&x zx#!B3f^7FUH%GZ|Z zGVPyj2{XlPecPB9>)$pvyi(`PBQdXW&)|(0;d+z$uNRj|TFD}EG2J3#F=pADjLqB| zwo~5Rg6t>q6@>8iS(sV2^1bbxzMx(z6bQFq^jbcqu!&sY`BCJ;^mC^388w z7T`hdJoy~c=6cb`HT}oKW2R6%%2Qb@;~m6HggGo6V>agwZKD>6Ixa5>LV~&H7z)5* z!12Z`K*?u!0?s4zB!Uh64>kE^8a(?pmU_PTmJdIj)XISU93hDxLZ5DhjtkXaJF0J9 zXr~jI5nLTEHu~S)tdH{W)Gz|0L4jT*R%cPKkFBZ-L}_D5&`P4eHd%P+2xa`2Biq&S zb1kDxP0P$o0W&6sZOzJMAI`LX=o-x^_%Xc%I@C`@d)dGQVpb;(aTP%D@^PQdI zt1AA5zyT|bzP;w}bEpy1Tx8?@2z@X1~s^z|wnTTq@ z38KBA-Nh}}l84j`aL$rkotWjip*dGkbFN;Eha~50=^$ZZ5sg-=enHk38BXc`|1PK&XeT~%` z=L8paOz+tocdhTQmv6y&dF$he5-_miVB^fEt)RsO9aKx7L>@cVKHCj@U1H-A6eN{o z$V5;$C%YbGrtGrQ&!JxPkI zCPm#7UxjarlrGv2xkmZDFU(utS7aC#Omg=LWHQ4aqN=M1ZQLg*cPaJ#A-`r@i&g_;z-c2Yy``6Ue zf45ZekHg1liFY4aHCwmd4bhB;`Y>daK5UFH!FF>l);ox-r1sU1<0pjyupT0~6u-g7 zPFxII0Q?Eh8z>8$PS}Z?==eFRF|ZMMw~GWKMQqJo!Cr zV!4F+%;W?&-G0&ft{8$j~V>t9>I)C@%nj_xQP`R>14Os9ss5?zW`}h%Th= z>vr27Gqic%9}#ou;m8~?kh&eeJH>I3yQJy{_8c}Lu#^>@3b7GCInOELlYISO7W`!a zzM(M!ULsNc6-q+cJEtN&Mvb<}(u#_0ZLtFZVjgVXuNN1<(z3$2gNi>R(=Rr+Px9jx zMbG+=^4C5pj0C_yP~Q1ty;~nWTBq`hj||S(7AI?=fNITCglP<_Pe=ZuOtZ39q<>!wqDaKj zTk|;yVQjdVJXA61C|*WwzygK)^$(Y&zG!QjKki4uqJMQ-C3YFvArWYqdhDWa7;Jna z)qa*%rS6#ihWzNDDIad?jELp$C;ZQ&{Csigb-6t942z2g#VK@|YVAn0y;s+ zet(}|cdz!r4^GR!^PJ$G@c>uL_87>;;^SwhXU&<@h5X0M!)|s|{9-#olPB_YU)SOz UwZ#wVC$KMBNkxfrF{4la52Z5IcmMzZ literal 0 HcmV?d00001 diff --git a/components/engine/docs/sources/articles/b2d_volume_images/verify.png b/components/engine/docs/sources/articles/b2d_volume_images/verify.png new file mode 100644 index 0000000000000000000000000000000000000000..e1c3763176f8d726b2a178857379f3b3e0c8ae68 GIT binary patch literal 32285 zcmdSBbyOVPn=XpG1xRprC%C)2y9N>@xFmREp^-r2?(R;IK+vGU-8HzoHm6CxnR|aT zXRUMZoHKu%wW_PTYgg^suRZU(pIzNyYAUkmD1<0bP*CXda#9*lP%xuVP|(dtFpwkQ zAe9`*8?uv}zAF?ID$dIb8Y(p%9|}qgN?uA_%LDqb4Y`Trx95)MNOKvS#P{IfX!f#U z+OKaTYTokDdYE>a)e1Nl#?{m9DS2&d?RjqRQFF$5-lrVzxh*LQL|Ad?SEJAM_A(>< zddD8|7RFo*p8^@nU@Sb^ZPsbl zWdjldJ ziKT*1jkt?Zt~x>P_jJ#}aS~vdL48r=y@nGR@YYFrZh0cy1m(1<>5}epv+GXR7u1@b z3KjYfY=;vt_&mJK4kvhzAfds5o%3i6K)wtVZr%m3^)jNxP zL$PGBy6WHCHE+PMy+T@GhfDZrs$mY2e2dI9j6icISl(~?2CX`H7W2*5wTXl`I~H$k zC5B7nrPPFlYHVINc)=aP1rBbol~niTBsYOsOxV?{2L}a;r>W>&kr*S|w|jDu`&T#M zap23!%YzJr137@%wYMKth{J6#&P3gIqt&8gEI^VpE?fOE%ilkrEH<80G_C}Kn>M2i zTio`}e-G`9X0fTC29Md6ZzoaDMaW!a9}_vY)_guO5kl+qdOYi6)33Gs8UETp7nTMN zNZJ33|E>b$6%N{VhSMX7q-*yI$Gjfn6E0RwkEYh)SVWt!iq(sb0VemaU@+gyD{1j8+I489o{T#o`E8S0#D#|47ZdbMNL1T)JF~YxOxT(+NH5z@vvNu1z z9gJxeIGX*IryD6#=A|rfUR$^Dozm>(%b>Z;>aUSZL4B6FqDEWabTgm^6x9S14eEFE<5Ud3 z*%2stAn`e^b)24_wt8OVhiu1+@n7~}prgx|zljy{3Y{BH;{_f_fb`;LBnWc}y2^Ua zULm%pg_tqVU19}_j-53Eb!15CDp-|8Z@~HSw@{=R2mo&)FB{ITJtMR=`=f zv`1n1GIhlf3gONeL*wVow$%l8uWg&5d!-qRd*_8T{-v8kpFAIBL7s=I=p zkT^xY)ys>r*gE?0qQ{T#QNRJRHytr6z6$Zx+h`8O&U}K8blr`QU_PRM0#4ZHgIGvN zaV2^>PYMH0`wD?rj{#Bb!u1^Id^YxBiI(yozX$g6yA4Vweu@W6?y*nwC1POalVMUV zM7B_l_xJZFvKS&DAdK+u5Vz)zt=`)8_4L4*xOccity&Tg69=1gy$Z!bR>hA%#JFm- zClU6V(!`^k`Uwl{v2`a1q}QHFq;4mslmho8Ngh^czpIfg?RPr+tQ0Grx1}Z&Bb!>U z(655vuESddeU@amYsyIvty~P_Lmjpq3^h%7j3Z~j=E@IjTJl!O&;~Ms`*WSvNPm&h0 zmLxr<@1z}X*3TrULb<|FG+6n{XG#-(&idZX&RkA|>;SjTv)|CF_z#XQFdaS4QdrV5 zSFQ%weAnXdG}LPwn!yK~-&Z`2Z_mnT5ec|(@w#a|rrv|9G zG$E6H*F9uJ(pJQ-jVoe!-W#H!oYvkV5&UH4HB(^-Ou{+s#1Qf^3-XtwS4S}YQ1g?T zm;wnnfP;!dY>B@C!g`(B`vZJ`5GrkBr!pFgSR%#dJ%DD_z#|bPsUA)`vJlkI7aVl> z6Q>(kcRNI?v)n@fL{HkQdqt63<3&^^EZ2z5gdQpbyUsA8=wwxe!l12@us``PcNmub|v*<+p{32<3U)4*%8@G0LM8yx6RT%}WjfbY)pstlc6 zoA|k-^!>M!1v=zEk{~bdo5U*e_s2XY8Q&_lKR+Z9&*E2I zB{9|}t&ry>-jYvi`EJlB&#FbwX3bwTYJ(;4)lmotGmtO=Z_Q=;O;zF8_b9=giZucN zj);k;&LG6IJ2at?&7TN|(qY`tR>WPwjapb`gu4&-_m<;p6^Vs4r+8MDap|!v^2W%x z047N)BJ5oAw_)T@-KAc76hrX1!eSky3U*F$!o>Bw17U4?>ue>|C>%Tou)M9fa7=KK zfgsBn>~{?{(K)!n*Ar=sM2R+KmXa>FW>t^&%!6TRNKSQx18fB3Wyl=4*-3i*!LQSr z%-I61r5ttxjrp)VdrFaCAvJ%z)9tL$SgkwD6g&oi#VUB7TgybBz;%i6Tr!_U{YIBT z_Wb^5Bi@TYvmVEOGKCP~&5SRrKCV^vHIfGVSuaaxwcN+P57PXe)$&yH;|G||@%ek! z*L1g^SF`Eg>)WdYMBYMY?Q7YaWt$Lnb1Fl%37p@v66xg*v3cw`HyE6PVVE^F zHy1O#*1SP>fm#*i%^RG$S>FXbe!jA96uHXtCcB%r4to4K3*P>&%Ts7pS_32dS;T4a zsEXNl^@@xyubt!D(HYqiIL=LBY-R<1^S=f5XI=o_8f@FeO zj8@s^sPD-^RprAja1?W8boqISgty&oqRQ|5F`y(S%l8J-*1S<4lLcNYG1k$Jdh~OaD>X^KI}b$ppiouN4=FZ(&zZ%+BDs{Bi3$jW^C}Sb&bLFdym#{2 zSQ84IzEp<^2X$D2R&fM93kr>ixV#1)MeTqYSDLnjjxZd5j|oB<5X;in43k%xK67k$ zKY+X@79C^G@-TH(zEVe-NfmQWk;Sqa2BRSTO|0aR_(en!vBK-a0`#kx5Sp1(sl=Ah ziQIiE+Pz^$ilGE}+Iclph57nQ`t@utB$v>(mN0BW5-P4#HKCmGnjt4HOgK9Q{MumN zsQ|l*R30j@=2K8YkZ9XYjwb8fFDuohyErl-=h0bJy-T7U7T<%M_PgzihDlM+?xLir zPoh4H#=OtN{pjsiKcpL;FeOZduW)7&@5y|3MjXLcyLf&FZ4s*Nr}m(eIp_PI9wYdC z>u>}m^#aW|&17xkji<(RnCsIegK47o3ylCCw-vgo_S2@kswMBmpy`Fddt8%-(nGJu z#6{ji(Ubjym4+6_MVyXU8BFrcemTq(ghv{RZUhJuf9Ey`hMCGWHsdX_;sJ<8R&@H`JK^YJ2{;Y@NuzD z)xK(GCaVeQ0%@{84fu_W1W(FB_FAR225qy?B?aH};}Aq$K3(%xIq{DCZm)}ueeOxxuU2rXjp(kGTWeZtxR|gXCIUbE;EF`fg^UJ} zf!kO8YFzGR+fP>t@~W1fD#%DnEATUlRdd;lpvTZmIMVONfR#+&uca7JH7;uj-(!{; z=SGezw`*mO>?4bZFgsu~>BvvyT#@0#Zje72#`Vux@P)=|&6R7J-qaj#c)ORnG| zp%#ghJF7WjK=F~Ei;Ck-ZahxpH5-tS^2?T50+yRvZcomKF#{~>G;8XF1a2M9i0N@f zma^b-bUC@EmU_6dtFO$|^U)Nj;Doa?gR7(2$DuNnpETE7Ab{nfDPU)Q*n5N+aP$QX zMiq6RZh7x}RWez5cS{3szu06uY~2mqS7f`qYCo9NtuhW5jfQRP`(*64w~wRC zR(fdYv9UirR>szT9sBw!Y+%4REvxFP?I16yN`Hb^oBw8E z6a=1TVMFlS6eL@9GFzF?@^~f~qTAQB0-Q=#+1>Y!@|*|)#;0(IFlG|lPH;~6Q9%~B zD!Mctzsa-piIy+6jzoR@9*?r_hB28_39CRSKJU5%_V;hf@p~TdBXq8({lH6!F^yTE zB;MZA=}D2>FJ&V}p+MYLt<&DhrzRFImo>(>^Spq)a~u`ElUnUGQr{1Y-YUYLryaer zpD?SQr_K$0Z>Bs7YPU7p!FzECeRLqxhYrr~tPe|gYzEwVS;Pi+9T%_(du$$5)4w>7 zM4AIU#Q`3{T|y4GE340LC^!a?GM=r~Y8cA^Q>cvFhn2)30N<{Ysic!ix1p-#aborM zQ4mObfU0WRU_N^AAiLj(sjR&5zVmkyc+eg1S5_&rkj2%cx2Y(f4!<9HF=b6ZRgLNW zqu@?w(JOB=H(M;SsFQ>5yOX-@_HQ$NR?eCaFrIG=0a4&F_z}kXaIs0BF(Qt4RcQt} z0nEVDSDnt9ZAdc&wFWe$TnB)A7LUC#3{A^=7W9jIDluF|nc1w$tyMOVvaxU`7=CrZI?4GsJstj7o8r)$pEmZQDw{i=&8;H}2GUiWPthbFL#a61VV5_Ju* zon}%#BjUC)c($fGeYW4lnRrP;l2slR70_LalQb1wBoOv&PTtv!wPlx%8{q#8f1(1% zHf=^A4nPp06};}Lz;qDi;NV%grDjeA{#a=GyxAV-?$g70Tjv2)_4cc-3ZLtA$E}B& zhfk{k!C_zBYZE{GAaGAW&D(5zBC@iXkcU%Cjh~ukYB0i6OjqRBU$vhsEN;Q}ScW7L zb`3L#3yQ!Z+CVz4$IcaxA}CEfH-X6>rDxYqPZn#f;C}v4?f@1&wMb2DOD!_yqu$t% z*CNq1;uwi-mCq@9$=UH({e&Okkq;*h0H+HwP-Y*}T|$NZHegoyettIX#2`A>IPE;Q zz11=6dLS88?9S;7$@+cT*9A@E218DzuuU#+Yy%7SI+23qi(j$hjE*6GvH&S#{8WCF z1_={ll{LY4Cy$5Pb-#*8kA>EehY`QDR(a$ zMS&e9%v15PE{u7%+(d>&J({8;Tp58LsG)n!9!7+*!wyg@p1BW_ZG@5|K`rN))2&j9 znzaRfBEc85`3*%s-M0cG!z{jp|8ZLKJElrGDcVS0Sd8QtBAuA99;}C#8hF!D=wkT6 zl<(+i*7PFk3sqhx6;juM2SowTx1EZ!xE(~g!`m21^ydMC=MH)>y(yLt9dR>b0`KRe zgEYWM_&RvstU{m#uqyQ)-UJ%S7T(bJT+V(^P}FH;9Z2T2MTCj&3$E2Xy)ypgVZVD> z*6uOA7!5~sT(ub~OVh6>pP+EM|H0jCxCrp@xsWX}(iP=|@#~uNd+TYMk7bzl9=AUN zjvBO2j5&n@>^c{T^42suQ8DpNDtOe%(#kP5eF7-(x!+Kga6@anD<6IB+wNa*ooBJcS<~Snqu5YZhW}O-+cfWIuP|hK~-t(eUly-iN1p`vK?kR(&XAMvkKd)}sa%Ny%e3qf#RKP3PG#FR4jie{-d-2lk_pIma=&(0j`UiH)1F z$y;JtjTehvYRL65A?M&(jdz>E5v1x(L&IDW!a%3RkBQxq2L+pf&`-@@&+EM69VZ8& zY<%^ldb0Dgu9lDQA0*4vKq4HV`rTuip7V-VKB8@RosAGuzrLFm$KcKpkdug0S7{3T!bECy|Z*-I)c8t3^(=YpZA@9o_zhKdU5^5ZS$jW%#LtGO01Z$qccL`3T8 zHM>3@)A&i~E-y=m>7%MK&s^iB{g~+0spc4nbOqVBz~y|8=`>!ANXWs~Zgcb-nSek* z&CHFk*MlZspU#MA{awLuRonFflOTqeaMP{Sqf~E5meA9}58o=G=P~6Qu+KeM*AQIU zh}n8|xlH8jNG#gw+pTHHlu$RrTso^`)a2)Ef0K73)NnM`AJbOV{D@8v8<69V2SlQ8q$R$X}(}YGKCm@Z6HSXFJ~VD!^%s$xva{GGkjisbH`Q{;sz@Y8Gt2n(K|k^m%YR zS@8!oB9yWBgSaBoIfxJ6$MrZ>1Jx8@)xv{_2Uo_6F)w4KuASaQ-b=E5A$)=xF_2D| z#ss`_F?fbB%kgg_>x+axK93Dyxv{Cc&?|T8hXkRLaK&Q1OuHqK_;7h4JyJt@++Y~l zz@ko_Cq{>n4tjE%=mo5?5?%ofP~=7V;^Qehlpk;d9>ryLmD}SeTjOz|)~#4(%JqW| zNJPGc(LuFtL6JS??q&*mpEkToUW4LAj&WMv)D=kWRY1fJ)DQ62lHcE8YFcQMGH1Ie z1J&lY^K_yQz|K9QP`eQGC&ieH zAm_NoW|FTDZwjMR8hMioSm66rd;{ZE3cp7JD6rjkH0ZA0 zER!vrMMieoJMGq&Repb`{u+SFcE1K`d4ROs4O>Y+=Nzm6U`$H0$}8K}j6o+Wr$K3r z8Fx7ct8I2$PNt`C2l`Ha;5flz!0s$Lb${W*t7_hVG(1`KII$->OFqxM`SElnd;Ko< zwAE|EyRyyh{F-dl^FTGavFg+D>#SyLZPDXtCf3Kf*Ks#O^=DwiEQ}B4cVEbaU0Fmr zupZk$ypAK_IX0CgzXMf($Iuzs^Uu1~yR)*QqC-kZEtgr zF0-ly1kJ%gWg|Whr*&*oqXHlKS4yHU-uY!2U5^8t7SP`*=V|-UTU6JyzQ1QbnLHp< z<>`D-)AQ>z*hO9GM@rn#v!6#4_39K|tyzzHFl{{xvP%DSra$^<-F?$um*cYGiP!FX z5Lbm*=7yam3te>Y#yC~F{xf-PGQIQQP2^{*z%-o-9<{Q|%@jmMY{xg;KXzb?WSDJv zbX+PNi_fr;5Nb}Jc>NAA!To162PQuTfjTvlvze&F|c?YPQ$e^7PQ=2 zsDfdnu-t|oGDdm~!x;(jtvN_pIT!DFBA8c_pZ!_VT zZ@F%uM8L0v3#Z{8KA%WCqv>$;PK^~KpO zJ)?w?;Sw4HeU1$r1ze(|=^T)=J35i$i;MYTLm>b|9tvqs4Nzs!Z~W4saXPnv`U$8|s$R8ZGOqYN73WiWn^^vAkW3e`6zU#gS_=@$}8jYi= z{Fl$XJbf^1j%gVPu(LNQ&!{e_9EDd;Rq;Gv1)H`rj5T#(|Zr+Bn5 zme%qJ-Q%2wF;$n#<%z5N3O(15tNW3mM+QxOs*}(-h;PNH&_hYRiMtpBsXI-4 zd&24I-{YW5NQJfaGydX3curvC!Ez`KCKu^vfVp<+phZ_?K?Z6(O8d)W(5Oj3I`m5J zL052=G?D=5d~^|9l#whaA724HtO!4DAr7 zR^E?h!fvy8+Q|v;fGS67O+>V`22vK7l92nlYsSu*d0VAb6L6|a19yh3zzazLusmBp z<_2=JpuhJvPbFNv=r_hZ_Ho_1brp3RzGM0$FtyXiuNaP;@)!FE&=_-CuvYUBu?eHZ zy%)r$?#UKURU04eRwmrb-n3l}Za-c9&}4nuD)9OuH(&LxY{R#P27XtR#i6nd}rE}@O30ybD)f|}TCPZ@4cO(|Aw z5sUY2SlT6&u#Z-r19s&d&De)GamN(aq)pOim?N(Q_4;G6yllk6-+?6cr2R4B4yR?y zLt~xZc9NyhH$xgS8<{ zMH-)8q}J50cN4;J!?0PDce=X4@4T^mR|N>lOwq^_CK=M2sE zzNI1t&PAgG&w=0fDddQpun54XudJMd5E`U%$WV}Q*Dw50Op%eGO?en{*+1}NqX7>joM^b`{OR~o6`p@P1S|kKnhh)U0NFt^J zVJA@BCZ*7RCIFvVfKqOHJLPV=MCj7xeYU#GV7ETJ31G_rh1QFvepVH}fL*&9U$CqF ze!r|r0WfD#r@V`w-i*gf@7_VF$Xw3XQ#emPgl$t?|i?yh`y^J(=mIyeSu zZ@y3&L3LF=x$e1-nAkKTgp`>I@{iIC12wZMTtU<^k_=MdYzn>LG_zNkluW|J?{IkO zDdGU1E1uWv>3t|gn&8&cgm63@!w<3!OjQBtqxMK#tg z#cMBZclv_@%_S_<$kW%V${WO`D=0H`Dj}jubHE2T31YIy*zg$w!ukpTnc@d`H40*D zwyzxml6s#f^P7N9k?}BQ_&(G`v19AD7{SZ# z>1Gum3eMB-A=dj4Pw9Ofn(#p8Q~z4NSp6D-f%Zy^3>}D^CW5GkxJc)-Rp>xcj)r(^ zh;FGalS*09ZzhXKmNq#MBv}s!=tBp#%wrK?C{ga_@CgD_J72AR5bVjJ)lxmz#ob~% zP?!mO_ey+?FZ6IfFb%yvlYKq05~~+IJxXcxTw2*o4dvLz<=+=ShnM7 zP-Yh0AN>Xay4Cs>X+Jve5>!DSE=Eqs-;09bZWm;b>E5$`qsDxL@2S{jME&z^929c2 z7#{Z8qzs-4p&>0aHaTPqsHE&DimXg!)vlf7c#`lMdk zgysCJ>@U~yKW#=E+&6^?eBP8Z+$T^qh`}^up~>Myj)p>ZONYwh5fFj5gN*#Ydn0#+ zxffJtv__sT&ZY%rk1!V3*=ni9$*Nhsp3>)LEDnQt8Bw&@9rEdH+n}iIVe~&^YDt57 z&WJzGY!6=EqzR}ldIUE@RHq(EH)t_&TD=x_p4{cxqKHG93a02(GGTi<5 z@4lZ@VV0Gk*rxf8E;4Wtkuc@`;k<&NL>tG6F6Jz8*S{0O+%`wjPFepoO@AoVs{8%e+BD=yRBDecS@xCYsvr4Jrd3sz)uPOO8sBN^@MZR z5zo-h3rrP)$e%q@sxGdK``7M+s{ZZA+W)G8+mrlwXYeVWPZP`ClOu?MIG0d0zAt~> zyc6g5+bkCZP?&-a?gdrI#~nZ5stwo41sggHdrgT}~u83GC|B$h8bj+BS)o|GZa*5K9wbqY)5 z2tOT9RQYSgkT7SInj*x!1O);d#2Wd*^fzcb2q_$R-QhIZHxC;{YHkE}8N|tALOjpCWl|5n4rKYSRA0Tx1PrfTbQNn@{)9pJiT$FA=wL|P$EpeR0&l)r zIJq5(cVZG7@fd&CnB)6KvhE>b=XW}+kISNjo^drGOmKVgci>aR+~ z!mjE(YE2<%EGRB^vgE}!+KS4W_A7>i0@BCqtF_M>u_^>71oHCk38sFS1c3oVg=LAb zX*4e=rh+pj8YsAobYP`Q-aatQ=6a2r9P=No(h~m?Yy~)d-&`rMZZzOloaC(r3lwQz zdiXDF0n~6Uo0_@z(85pEnP4Re0ZnW!p1NDZ$bR{S(+Q_-};NNj3REwiD7e9w1~=!aXJ7USK!Hi|qO^P0WJ{&N|Xza4xhRG)bIhg>=x^ zyZ8a%DD4mC5YZ&b<76Y9uy?+QX^#0uvQJnh#6zG*j+{Gy)q{@aYHk94|H^=Ea_^iy z94;0oTDy-XDIH%Ja!N}C#H_hH5xURTtW(=!+4T|1S*=IecXF0CY7mf;lk-2xr-qZ} z#qR$i_6hrwoyafnVgYLjG4Syg6R|S;czPmKl8%AP*Z)>*qYr@skmTTxluP^x_Azg` zTf{n~;e5+lSyA`=f$9)|1Br&dYFeEKJRAS$Tk;YYEsK@HyZdDXeH4m0z4MXz} z(&;*6Bl+9mko@7cxu8Yt>v^7h)~qA(+KAw8i#xwSVv4;F`P3%wH+%vu}&p)qS}k>!)T`3_wcq* z6G$IH5w4RHh=`efvHSmf>yU-y^xIwPdj2YOYg`j*`Y?IJ+~`!XmJ%i7sDQsV{NLQW zrid-!5ukj~h~+^c#sZ4{5`Gb}dh45h>-5&>tWgwMdk%)cDg%r8{**x05IHfR^&7)?$X3 zL67imkfwPuDL>LjzcD5QL}=e(LH{yfDV((;sl4W`9F_q(D1`|b(%{9>0ollF0uI=} z5WR!EtB9ImUqEf|_C}&fpe8s)P4b_L>faUko~~omKHfKE&Qt)#xk_U#k{ZNd%p&tw zB`V7V+VF86ca2zZeOqR!!zXmz(l%QVTq zCtNZ@H0I{P{cW}|RhJdVvO@TWeNMS^%RN$2q!mVqL4g_q%ilR<=McGfRY_Y!FIF!vJ@ z@ilzL@(XetYpk~115UgDNzv5NArPpK2{BlC>kO#f%!vA>oLOUO!gLXwxot!Fx2OM` z_r+dVOKy|OF*8ICO%xic?|HH5T@r;GICv8*S%o$k<$=b_2xp(JE^9ph|7W%U8057J z9cQxUbGI1Q!MNx`Bjo(FD#|<;62FxJWJcYto-`&CTDkxu>uytgGBE-)Vlcz)*7tr$uAmN2)K^@h8!IKjnjYK26x-B{!^0b#lLW+I&Kb3;2SzP zsG~8VeW%t=#(%>m>%Tx0IYYpF5qdLMqnEJ?UP8U#{d;BdWuMms2}hv?u3L8Q=0zX# zyu}NM96Qx}3|~s%05s&&jCeG24(&apUC9uUPw|z~Jbz{_uKti5w%tKJdPH#^VBs(- zDys@Zt%mY~5k;! zF#vfn7!&Q~PPiv~#us_2R=BC}VSCw*{~7APn<{raox9=-GK4<}`;`hupH<`GhLtbod|+y^PH>_sj@#>2ScJhvaQ z69MKsyw?*Sw)5jZ+0NZSoluww(1HN~{Fp#E1h90n1F4 z8k%jH279FMsD+H}CRciLb_A9BbJ895-iWmnQzGMzncv}k^6QvfSH_#3pkGLjPqZCR zfkPo@e^@|x(^z=|g923C4U!1wp_bwdjfKCVdh~6IZ-oHYBy?p0BryVHFd9GB+PLTc{HzE5vdkz60tmG3} z@;1TJD3eEscC^X*zW~L%JTSNAYD;}zgd`z9<)M@!q-UvgcM*SxitKZO@a|+-DiMUxR!Ux$d@h!?QKSz(*ENLI1_zUItB& z`Gf7C5zWt91`j?40p{l})@1WZ7k}pTG%tvfu2rjTj8Prm##7$J!lg zYu|V>sG2Zc)efL2P70L>LauWVxb7m>kQ~YD-YVk-?f;U8Il|ffH7WDp%PEP8MSl)s zU|B($Oo$NxA~b@fj%Eq)Q%>4|hw3Sen8;;8mY%UKdFy^Wjd6jm8>4&CWm^E7z^b5Y z3@srqz+4{L^+qYSS#ey+JUjMMl?)pTrmo7~OnIo*0a>}FI8mY4HKw87T2Z3vQ}SI? zG?rOJGwmBA#X;x!dMWZ8*X;xLT89`^+FIx`rCFu7*>+j+^4Tvy8(CQCMjoJql>gno zkjdDx!i|KZ)DCWoLQhA<%6oJFh#8+pXPjy>W|g&wd-e8DyD`C-KiOKP;#s*Dm?jC2XKrl0+-kdK{JTTsfBbtQ;%rKagk>M2nrQ z2{-sqA9K2-vYXhKPs^M!X7BJRxvw~G>u@cf+6GgECCWqVTkwGbC1 z-??DZ?@h`mTDdEZ=qpPqN*lUl3X*)_o^bON;9y{BSct(eWL$`KRkUF1;5WY5%SFM* zP>dEEK(>57Fge218`%kNM<}ENNIYLJN+NtpM()L+-RrNlv1ujQtA0fNP7^}9()xo_XitSr+ZUndJNXH43)E_rpEV{j47>^^QN`2Lgw_woV2i#hNwcQ8S%x1% z?kY$ksrvUi`!OjP*I==*Or8nj6U)r-X1MBZQb8sTQyx8vTDe-71W#a0r2MD>(*&JL ziTXT-P^Hng`xosGesldm6;Mevc04KL@AUspKzL<(7@~US?y0~%PTqU&ry08neo?%37>&S zJC34~5AhmSavlLX~Jw zY0uU(_rC&^$$4<4_Y}0xR-&3~;@eItEOf}i80MOa!qz!F7xh|Go6Jx33raES|4&66 z@Cj+kpzWE4xsccUpz1~iH=)IxcYLwf%|*v^Li=-WSGOB6C1%9ea65m6f5NXnSPVd` zk4?)kjU(2T+3j%u3ztXQHr&TrPM4|Hp7EdQCOH#KohnfbulmmMdosKYB^|O9O#=|u zyq=(hY*s!x5ym_NUXt4KROgI~3$0K*T55H$I;-d!`45vk<*^+9HjRQ52=lW%YXJ}R$B-Yi$PnR8 z7Lwi-Bo5=0)MLnR^?%#sh!A15w=Cte+W+@yu@GF8=fdgj`}g7BZ>$nTJu|6CapZks zb@S=|>GhW~Ox;O7E;~3%$hIFR=sDqQVsDfd!H16}Tp9oLl1+rX1+HIj=Ji(EQ|qO< z6m{y6E;yi&)@nhRkS?$WQTzidW3&NltNuTIhd$IelI3&C^F&SumxeJH>D)#T;}v_U zUht%~*kl_N#L2ZW+BY&-7QNx%OUdX|2ush^xE#g$7XbXP@K^t70z{uIc8ad&uq+2< z8sq*$-mp}C&heCXZ}R>?jC#yML-h<9Z(=S{DfOGLIFXY^4jK0sZ`X7~;i+FpO36l& z*!Le5vGJoOf(N|)i$obK6L~D)(-f{2iY&C-yn2y&)bh$TV5dt7Wuxic>wq!Hua5Z? zCA0AWaNbu$A$!_6sw@=FREu)E#)%!bA9M58Yzy0Z+w_0e34ipmj~&uEcUWgL zY})-w(?!ABJ{dAxLQB8dRRKujNKHgzTpJs--~QaiU564SdCT5h6d5U5ArvirZ1a1y9nOF%OUl;mk~Y8dYKcEIT0?DE^eA}SKXU+wa2MzY&e zWKH_`IdYbkvsoz$*^uNXBt2 z%R{P)>n&YGf*?^wdiFRSOS&ak%H|^F+}~Pz)*A~>ONYBsDl4FTms~Am3QtB7>FvP! zfHtI*of9nyG{gc!nsipi%5X~@n0;92d%3t;4Xf#5@&IQHzcSjr_%)kR3zW}`v95gS zsr+&f{#RP5#b{Yg9=?Rp%B~64IY_(Gx)$@hwC#pVxT|6b4XIn4@XbzL!#RaY`Sur$?f2K==c z7tDduk8u$w+vh?<2O%h;l%s_&j^vrp*IU16T(V?z%csZP){oLuDx{OX*8JM|B!ctd zv_6Afa>e0&UQ(1^OL6P`!lN@uVr2Uffy?CeM(^*f7|DYrE>}wg#vMXvKZW{M&ZrB0 z6&wB(!8v-uT@OqWViCopEU|4xu8ZKiw@NM!;UFW`^Ml|N`3^~l$fSHEobyZ>&jH4zx-Ztp@{R?5V$M^PxVBJ--oTh#KC#1%GpX>UV|yUOTj6x!`+c-z+~|I^Cqe|hjXtv_bq{Aggpcl}SYe-~&3 zU>*_d_6md1{~^)DK(CUY5X!-4`#zl|)6iB4bn?rOwiK?(L5XoILXi9yyIu@>W6KGm zy+r+%-fy6*94meW4t_VSN5`m=MP0NRXU<5+`LZ+z;Ym5DA+y8~S4BBvsxqN(&`Vl} zg@r=46#TX}$gics!fT~lI`hFtNcz9!CxW6BW%H+}w+L#Bg12i#QZ^O&a(>{Gcal*+|L+SmQb zq&v71&LwFA#RKxm_w1e$N1d8Xo;<49+ zXd!n5I`b{_t!&DKn03+nY_2W%nq`I|~i2tCek~Or5;3c6*bn0nIzX+2EM$$C~=TGQaS#p->L{UZ!m7hIU{6uvOWL zNR}5W3Q1^*_Wyp;f8?wFmyB{pI)z%~V`YHfYfZjTP+qXSMR#E!bZ%VKjoN9nz6#PV zWqkK3N2p<28{!y2iR;{m$7>h-Dms>2gY%nwY|W)m1N*8HfF`i8qBLl-&b8RV6Lr1C zTzOkKTPhr$JTfN*wJi*!_`F{0k1X+n z>zGg9o^h>Ol$77@d?-8OzH;0jo8OZ&HZGFK{yzW5 z&YqLMu$X^YOKk{{$PKnh$&mC#K##~E?e}p4TA}+ zqT>6-{nAS$9&;lVRgbwX`Q5kkLQ!elG)WoM3VN3=kbgdyk&JZD&2MS3;oN5#h z)mf)L={vimzD%xf;UUj+ij^fTEkfZ5`;fRFL!iY#utpH2fu3HmRG%1SP{#F|OA6KI zVodI5b%~9Ez?Qh#bpyIm*ofvs0;Q%raY~6H90D> zYoxLzAZs5M;IW@06J~*}@7pY)II7*t{QYQds09`k2*mD9CWMqmT@(sH~Hg&fY9TqomTvN`qxo zWF?X^K7mE8Fk`M5V0^U1cOh^$OtRCHl~%XLoP!%D;ea7Y`UyT@DT~MHU4Jt)vCgMT zK~lYeyz-*BF$)(V&$$b@YJ7GX{QxYXkKGpgtO}pV!J4C9+iztmq9i`OIWJE5IC3pM zj}}f-Yjv>aR9DzP7sVt@;-y65n1*htvX*RmGjUMGLKR`i6(tG5{#Vv{v1xYMbP9x; zKS|D(3I42p9N!Ub`+;K3aN1PB%!g8SeeJjmb{EI@E~ z3GQwoI3&0Y?ryczG-FmAdsvCG;AdID#Kveo1#EZY(DK{>QyTIXJNrl;^?Cqa+GYn zC76pQb@5Al*1|nqahl!LH&PGv0%CwrCx$)pM3>Z>P*+vd#OY{+ZiI&qqZ=cWeU{@i zn)2qjiI|hy8{HENwtV&eCN@wQDkr8DU+2NuyIDDf!NsV!BN~p&Ah)MwUKRAZVM`0# zu(1z4$`z-oo?KNM**@S}C5ws9acgC>iXJFIYE9}FOk{qwbRdR zgj$-<9~jUT@eaDxmE;ikKhP{kLLKKrEJhTmo`HB*FcZNh=T(#lPY)c*0)KP{ryrEz zc;dIF_b*1Ufb@BO56cKCa+#>mY)(maBnf+U6jx1CAWNm#*|M~WlTo*wJ1I6$`0xX9 zpW4%HfQwku%D_pu2akaB7-z_RUNm%KUJ?KgOb!}H876^D$J;LRV~Uw z;hlSrAaL_)QdW^Kdf1Uc=0=(x6<<0R^j$o@0S$g(Ie1D*x3zSQVQ`W_j_S4qlhsLg z2dt|5R>bj6cXA0A_IrIgQi{v*A~hfR&|r}~{}sk`afGYQ0nW?WqM;O|ia0?*oitNx zq%1nJ0KC~n>Y9fYI+bKiroefEO4dpO`NN-Y2J}$E5 zPMAcY8eYF{o=mgZZ0S?bS+2@(qX`r`D~Gv~7MrN=htXMP)>V~K)8ltbxCmfl;}kgN z(@6Y85*8x2sldt9OVCQ_P0P&RoU6xVET0wGhq7J&uhN|Vr&mD@7&vI#K|{YjEPhdJ zG&+UE6ek9RL+wB=y?678=+`ZpJ4of0SPM9YZOG)U)Kt^50Qw?E3p5-xUaAeMs5qTzUkS|C2KgTOn)Jfr1#Ej8~JrM|V_ z)#qOm>>5f(ld$x*YUt@twQyJRzL~E@5D3V(hWLi!3+q!UI}aq$v?St$X465{GT1zH z(1ZLQoKkAQq!9D@*p0{E_A4ksX}$^#kv1VT7?dAR-U#2Nu0SdV{wQyi9T1E!tRTDn zL$FvjM+83=q)x?9450b51zzIAaGn`v zsJaB4FWg6`2jOX5!FI`O1BH1%1=Zi#{BN#fJ4U3?dt^}PY01}1lu;(yk(0$k<))u- zn6C$I5P#>U?!hEQh~GE`CA_Oj#~}fQX@=Is3aC^0XQJ#K%s#a;XsY9O@qe(@c4C-} zv{cxNP+)3~Q$bvo1`L(GBoylzvtCKMUzR1>8JA;$zVA*%(F)S^NO2-&?y35<`1F~k_bzG3g{H^04EU%nZzMh5}n@OmWjT@Rc z|DlDf$TiILZyWlPB84V2a(Gqr$2D~y8cBzs4;Gcm_WL}LUgipvbNFqNY1|`pbTDuy z(@0u{tV2S33)>f=X1)y5Ct8T|Lh?Tn8P%4gj&gTh!%J%C9-s!}zzMdorjwO|oC z92v2BQZmVpTJQNLIL+5xCT#(w1l%L1u*x%SdZzOR z3c1#%Bnu;fWe8bvR77xmFOTly6fpm%c5KfV?nLm_swhp&pV0BQ$|lzU>i)8lQXXo* z0?!azQzoFqYqn>1ma-at+Ye|U7&o$e9uckwyGD9g$>g`Z!JA<9#IN7LORimk`V7{qrdI)H z4pwDVW&Z$p6*F)=XW?h<&xG6NnkUj{*jeZYJAc6q)5mSK?PeJ;!$oo87Y-Am2C8)> zmNY4e!*JndCkY`@Ag@4aOFHuYovW);RMkYZY@y>+IzN-`$#O*}LE$F6<;8r_E|r+KTkMl>{C{`{-dUVgTcP~bEUANTe7_9cYDTz~E%B7*(6cl~< zT89&ZX4AVkc}Spt<%P0a!@wzFAb$KhQ(oc-?OTx@>&_JJ9)Qy?^$6$#{0Z_{mwayQ zc<^g~+F^&bIPlxAFnR`3K`y>=-6!T}GZQxAiw$9;pH7;@6jq@>47UiWs^%Jw@r8|;R zsQ+APUUJ=9I*US|H|+d^Xg!enNxECL95pCy8%KkE(5Y10?O5e7goih9+L4c%JK>!@ z%Z8rg=T|6EEgdr~>Y;~t$c!?F{&-DOFH*rtR@-L#qkfQBM!TiQsdc|w^^$7QlTKN? za@W;5>c3b`1+L(FFejGWWBV*d5X@Amz=N|qRCqlIr}`|^Pw*|=OJ?7 zVc_r!n@B~is7F=6zbX2pv`&?()0K^)I|#&Nzr~v|2E3DP3Es*s!JZo!TDc_KAAL?@ zGCaJ~9-ea$I3)6OU-S|Jj=Vr4WB8L;ho)_GmPAk2vpoij>wNbw(E+F5^4zu@V?6E5 z-r4;O20Tw5j6QyMqC5K6gvj7nkbn94tcHp<-!8H{_!;MSVm+H;9e@5V--@~!0u3){e~CcIXB?1eYR$I zrb$EsC=EP@GcvyW(yj7;-gj36pU$3sKWf$lQ)+kKibiPt z%ZX%&Rq4H7d+Sic`^@NS-onl*a`~;`JJ@u5I$n#}g&yZe;)VZ~a_edRcyDr-b~xB# z-DO?0-fg~D^?EW#-#?_IHectD`W7mvkAOL`JVYY=v>DX&d^6>;{^kc=ZFKxYFF!kY zdf3cCTCZ#*R*Yb}ZX=3xET@UpV5@U`?~7qu>{r3y!M_4D6+JkgY^B{&ROh1lsnAJ%$`5qx4^q)&-u&-dT*1_w|}% z&MfdcGIIUJoO&XQKRA|EhluU$i+7Ii=AQlRVF|au$^5sOBgbw9=o@ibJ!}ucbwZ4?u zGJ8oGC;kMmF?xSNU!FyEBhG>1)Bbk{`z}WQOlm)ijWWOb%Ym4L&=%a%4R^yVxGnWW zzxGGD3JgGA10h3+l?0K!iBhe~FN7%>t zqyN^iTZy@!H@knySg*D1z|#`gXAx;@SfYl&_yZ%<4mXS}AUBM=@71&2(|$E$xBngQ zQ91bDM40FPg`-~!S@KPGtLyrU|V*-?D4EB%XqKL4qka zL&qdbgKTA*P}U*YL`KbX21r~HB&GF&ZX`3LB&Ec%o;s^E)}_>|BaUq-hifd|rmA?* z&)M~s#VoYDZDU;xm8EPjw)0Jg0o#Y0s`O{~&b;sp1({ebnQp1C&=MD5WeMn@I5eh1 zU3s-~4HcTp&Q-;4O%n5P+Y!dGRNZ-By?sBdNc)3#=?7d8o`Ijj0Wty4gM-xq9Mbn0gcRj)Z7C4l`QHrH=j^gKlc?mvJo(~K-hDZXZ9N`VK zV0!tBdJ=sL2>uot%9^Ws8uHG*lEAnl1s5PS|K3={f){gu*e#Vq{A=jJ7SU#YVN$Oi zB`7+*YdtYPG?zps#c_36NaY|e#75j^){&r>(%Vg49oJ;wF1}_tpuMXmA^izO@<-#F zue?<=$uG3m*pm2iWPSL!QeGr2mK9udTz7H2-#JVI~qAf9ClYH^X1ft*lX^KOUibS@M>lZ zzgc1A*`YRO6sV|v;{Sm7aV!5Kc35KEWhyyM`ry1j&nlfmf<(!t$expv!>t8m>-)jr z^+e#SF_N@tfk?9bU#ik;GdD!n=aK+3mm&Of+!;*8cY`i>u z_Z5KzUcSe{)_f9;#N>&Hn#%k_0)9D4&s7p@+_tY-1SLMBl2{`J3``>lsLmyY+b*BY z)Y^Mq&N#hq+H-yO_{@Bco1PGhxTWxVYfFt4}Iz2;ko<-!=e>Z z7qYDa?{;0$e;!JaUX!u)HFQqh2FmZI(zui-h!3Lf9W9HvdFoU!SC#MuDLHxd0+n?& zHgqyNY-=qI1nSSiTtR0}l|W`{%;V9qfE&uja=E9zF6JI;EF3qhoRDJqsUN)IOvx{p zVa#wgo^DLqNqJ4vC?4gMMxhHa2O5JyiDk~4Uu)sm(FdC=Me1^ug|A>+mZadk4K_!A)xpy+Us!ahTCbwZ*Eq9 z6HoqFFNiAu;He7H=AF?|^78T8WT^bK)8h^lV;OtWX3@2@QEHUT`1dX=EA+>E>wW-dA5QxZ z8&~hA7P?w^Z)&68-szNri8HwwMNdA0&!*P(8^K=yLJr2ZwYExilz%_$3}->u$sFRX z?03Fe5z9*U(Kl1WuTbAzhin=dar*6a z+?`n>$Hs`>ZX-R<4SDY7uov=*Tt-3LTzso_u~O1X5z;dI@XdK$0ipY{BHb14rr{)5X{p`{G0bbyQrF6e8#5`|L&l0(W#yBt}A zgwZ2ZSk4_PyRv`*Ak!)mXqGz+q9rvIOa>#=N#I#&1*%EP=H&p26Tc=)C zrTqq7OvV5ngS~j?Gturfzw*d6m_(#264G&IX5{}XBm<(+wR*Mt7Ac+7zSCC^JO=p% z8p|6P-9p7{qM$X_4!}_2c@;E7G$xgROgBk1<~CP@oHeJGqdS_iEXiM?TEb7ex6mW* zi&3AFqN0SBr!XI4Sy-oI-->D@au56>w!*Ml`nn16R$17|LQCYSA$nh@<=5Nl%j7#I zqflIe#gFAd%Av`x*JlqrW>olF9HEs?y+J;FmL?1{g|t6)6-*LmgCI+? z^DqV72&}s`4II%W(KUm>R(HDvRh_YYX?&t!W{y5xyZ0=Q1$v_)BWaBFt6tlDplqCU zHJq?JqFr@!6O?}*?l%Z(E1=0#Q8aghmi-9*ZvS4XdmGOL%j^mD$l?IhW&o)UeXR=G zN#G8&=4)4;F;XRoLLJvCn!raL7x2Ib)mWXHEBNd|qbPZ`>Ux_VE;etVaTIFkPf1-q z-az&FR{mP34tZG46q`%VDsf>uX;_TP!%~4T^dl|0GS-%&mc#S2Y9nDjU3kcH=9xy@ z_ICSQ6u!D6#rg&T^iDHz+*nP;Y+E=jvhFbxB?m>x3ssK=20%jZG$F2^pv@fc`s^z8 zNelJLyv{BttB2%#97xH}#$?xn>g|}HiDgHf+I?Tup|_PU)LH-YQxU~`l_Yi3Ap_vqvEGV46I0r`@x#AVpeN9Bmt6mvB7 z`n(!fR{YkO&)E?=FttdodcwuUJxR6+69UVb6E?38)h+n#4YIR^C2mrMP|>*-Z!#OG zh3f@;z(I2nPgM-=H4C=!qlX$1KZCw()F{ElOW@$g7xR6fuHp=Pu0{Z)2Qtwnt%nrG~r#3v}hbRmPKn-tFgDBn~9 zQ!7ATyY0xO@?!#C1IDc+1XL+^Rjz%h-zSM$X7bGI4JI<)Mv=-o`zSO_RUz0F7wM5` z{`d*5u-$0yA=#gr4E!>CNS(B4%`>NN?lvtku>PvVUh6anl;<|Vg!W#Z%Kr7vTQVpx z)h=b>{E{Z^VOQ^oh{EXli|IG|;V-&YfxG6&GcM3*Y$jVge@8G|N+#3eRbF?qFUdc4 zU~#P+W~cew6EI3uJ8H%=$2BEGUOB6!fm{)lILptOp+l>bpwh$Rr-Qd|?IJ)uS7=Sm zH`*%&CDUcQ%?y`S7+>SeEwsmr^BzmUXP_xt{DWAR(g;Z)XFglEmfa#VS4jS6oSjEz zRujW1rl}~BN!xNS442~Yx8z4_FmTkO=GQ;|LKWWG1P(@l412E8P?ZdF1!T~iR2$>2 z{VS!UV(ZJD%uDh|;S(u<%?$NgjHp9@%%c*N0;HBy44AXcqep%P8a%xC=C4^_uSoYL2cYxm-|2b=~ z^5J$jiC`f*a!8a7TXA-aQSgu2FUV`aFNV&|*tz>g=Mqi?#u^6J0*pVX5KS~>zUKm6!o+)>|$r?&hs>PT$ zTTyrC`2QVE@%lw+<961HZU=l1dna9}G~i#h0RAH+dJ>kouO(|F_KPL1a$FV9! zwP{V;vkTu|Gx@&4fAz1NLW}~Mz{S)VJP`seNIdRQc}?o@ujEGu%rf-;&H4X*hlyjT zZq$zUY2|YX>>`Kq?mKGx?StX~FCbXU1&H)N)lTnajBl(ZC=ri{bCX7ypEl z6Jg?(ODxD_z4}kQ0d*t$C77OYjwjFMu2;uV29$hPX$4ufQU8@HGl}~Dw3f(Wj<6=e zCVLoBRg}{Dn|y&515x?w#mADA((iB>i#WPE&grKA1>O;KDt*UB_D}Je$36a_12Rjf z+bFMNXquBnzApUVq>17fVLvs_-+MS@&!%Sl`MlhDlo4=>)z|2#t^d}>gzR75nCJH+ zq@%H1L@ucE!nKi5`o*tYiT^uw*1sB<-^Eu;(pqm5DlZn;oW|=i(l1Jbw@ZuYHE`&e zhY0tP5+9mq&7qPnYymd%crEQjOOTxWMChNz7{}l_Li+A;Hz&NauRR-H)YtO0zX85(ahULPSr)^ z^NN~>=IN*(6}2KU17=nJ4O@z#8mkQ5>CdvEpbQlQi(RB&bWw^scajuC&jf?&mSKvA zOti=ZWv*};6w;04Uv#gW_-WPq_#dx%2_j7ENc>o<{yx7{&~k;AXu75fI*~pA^+^Mh zUdUR))o*!KNTuu_0+9n5s&Znazw8=bRX&+mWH<%+)YHb2q;d5!nN!JG(6v}5*k1kf zEvMEY)Os#it#s40^Bi>O_Dl6CA=M5N?#8vOL3xy<>geVmVouy{k~Cg6<|+PQ&T9Jz z4UGRTwGgF8LumdsxGHtxIKlUpbkM5ux%Cw8_Jb*hU3HeJUyago3XyOZK z(HdgQV4pvWRem5gSJJW zcl~Pe6H<5O2kM`mY?DL|LsKk||7f>+L?!#>YGVUEq~2=GSI;x)1B@_@BceXP6M>;hEha)cNOeqss1F z2j5LluC{b+-uKjK-HVF;xa&uM*d5Iv$|=6MX2kY0>)AkViq?=mNZwc?I1CZ>>vEd! zIOGF_nLYG~K1s-!VMDe7;NJDmZft7cWN52iY+s+Nb;zp9w(s-9^@c^Z&y6nAxbW>t zjU3ONzR!I1d+2-~5!by5=&fsfI;etg{>+_r0kDi8=vqjWO3HQU6eq56p}=p( z=*Zw>qvtPm&^XqM=(UsB@zhzY^f)F8d2;N7YTA}t-43A>YS_LX)qWUGk;4z+;^waZc)ZjX zNhEsrGZ6Yyq5btEZu`watP5aeeAi%zYtZ6gg_WgOI`FOnCRO5b6Ni;7k=bviY3wn+j?X*%2-$sXv2S3OW zflVmob08N$SET+rdeYD3vT+=8Kkaw5eE1j>rRiv9YrCNZ-Vr^1!tU@oU}Q6No>oXE zGAyr5HA?HS{Zw1)V|1L1&P=r8xSs&&Xk+n@H~=lpuCii|(&SQ6Go!##Gtop?x#DvK zNGo=K9_|f(Dm7ye=*4Iz|y+V3!=PwIFu^D5+YB#jG0s=0_HNWb_J+PavgpG$Isuq9}Jx`gXKyq>?$Sd6el zTteCRz4z7^__O!^A%9DmQo;TR)!m?jWUVx01&U!j$kgLcTf=Gl~- zOi1^32j0c^51tAonBwh42N#xg37q3EE`G_#>@tW#zWPvp(P*OfFg%c@h!djn{8@Gd zW67H~D3kLg7S(l0i1scN$+;{6!CL@)O4{}HdB6Sc?@cj9b8++C%x8N_O143d79!fQ6;m`75*r?jthms9 zv>~b}8pHOBAr=f(Vgdo|l#`mj-j)Ux}GMjIt5ETgWTDBoxA$Z;cv z#<4L#=@%p{2LFZKh=SKPb&;xx^QKtlQNyxdW zo52@ya&hfX6f0$nFbKj=WJkKZx5MN!Nw)gvGW%`3(=wX&T4p`#>2_XgH+GJ$BLx@Fk8!c%jp(aOa1QV8EtrkpPPZG> zajo8PFOV8eajP|CCsaK^=Q{`wO?zPr>0&#QO-O^&D4Cs+*Q@CtBjf(_1>zn%W&Z1>x7T&1Ol<^ur_$BFMYAaM3tb#6<(5 z)Rb+`F-dtxGWjnj@+64GpT-6Uzfs3lp(aL07xL(4$Y2*b)*u9S;ZRcg?T(S>B3yj~ zN>lp{_aJ)21DvUf{ITpn%+yW(A*xwg=*nn(6j)}66urZ6@AO_B`w9p&Cr}X)WGx%C z0Kro;0fT`)%dEXLm1VD}F46k0v6H_ZH5_I4kEESuQ*A$6hd(FV2W_uZ08f^CNDAr& zPic|q>d$3~43u`I=%rf{dz>&&!@X^-!MDVlNiSglDd12@$a`;&u{G9MhO?Pgxy zc|_icOGGWqMHWSGjF(qypOG>>fATDSL)~<=7raS;m!r=&SM@DDm#k1qDd0(SeRUV0 zlY6AfiWR)vQxbny~C+L`Rwl;peuw%BhPMT zYU(%#{~3NV>zydvWuaVRDJ&df7Qb~Xwnyi?5e7Jky|{^u$&h#%Qt8B3ENzG_Xoo9E zX5#?S=b%dlV|e_}c6{HQ@6I+75^&LYOwG(-d5k$oU=aHNrrwG|R@>i@;*iSa?=kW3 zdo~SL;DAh@dCfVkkSv#Xbe>EX%W+vMTWcSyw0Ej##sECKv-xgOY;!#w%m_G$j=gJwqcXW)dbYWw2M< z8$#m{{2aV3?l;RI;qCQ_7XUsb+<2&e5xeM2yo8|`c#&^laC9=ipM9%_b)}h|L3V%8 zYE!uAVKoWU5@@jAE!shgkpIS_q4ZigCPKa%tAS+oMB3H0ZCp^f zu+Sf*L?>THr3W?mIX!s%C02APCV`w|Qi2_TWxe7U2@FM?qZGmi47_#IBxlY#T3h%q z7-TBqKxDV#!?`LvbTpqRHFyLxfr_`o{@oKBibBK%5}R03q!wccV*v2c$Ox8ii1X=M zTWKj1jz68_HUTO|rhZ;HrdTu-Xa&G+!)AO-3phfgWm_@)aW~pnrJt9>zE#6*9(BfV zGebj8X>FJq7{<6R*>q|USXR-Fu^((U(e-T~_q^|w>(Y%92L z{Z17`>P@oe>Fob{6KiZ^#^AU+qSlTy7pJ}vU+crjfbYzs z83nY220oUTMQib}qg7V$Z!*4(%E_g>NskpQY^$ms9+8}I7%vw7JR+BRl^AeLHn@Z2 z+!PEIgafNoO~x5sFE>yJ{~vi7dC(B-A6*sh2iE333qrS&jlOB7vOGU zvVom~M1N;%WrYLX?Fe4t^AXprawTU;9S_7bjG;`S?u?IC_JMHmo?Lu0P*upw0P!Ug z{LR_rpRg~G;O%nx;B5nuu|>RZj-VqERSVDp-vmj<#KvN)5k)oc%tamb#ZgNP%PT+| zbh4bg(#pgrk|l?!;<4J;RbdFJ7_aC*?UV#XMa7=Y0FOhWa%yj?o~5F@7wk z+(eyBhkjK#CS1&l%LV!Sh~FvE-+b*^6a3hHq+`0`W^Z#z8foNrGMAh+Y{9B08R=fx ztZ(Nz0uaNT8PA`R5+{w_=MR5>@p&6|5FRiG|A~$_(FD~b4ZWSo;1jjG#a*gZ&bL#- z10eSYpoFQZVqI}{TUL@`76F9G=Ipep^vg4jv~<4KRu+C!YYB^RQKRO>OcB{odIho61z`iU&Fl_|FMOQdgiihX2b5lPypv2FP)6f@ z)r%pX6F^{bQ@Ot~q$Gr{5^Mw=tkd2cEe~=k_~cGmzTlb5$-zym5{OJ@VGqU#kPLRS z4^$0%W`&{B5uZdFHHWeL3^xGU5XDGozJv(1CydSHC()KLYTXjouA@krH3_k7dqeZaNT(vdgfD3z|KJ~ z)YMiUBo@C`-463Rw+`&~B=S%mXKX&Mh9v>!$U(=R4yUPCQ8nH0@GFa=jPIIh$+z2> zW;(r>jl+_b_rj*>DE{#sPe2N>D9O|Z&QsHVWG4>Ot+h?j9m9y1Ulz(LWFqOq;2kGg zG10JkLt?^j7CxORgD1=7P+>n|O1vz4lif_Dp3D_yD25Xjm zBSdXS+&fJypJ-`>j%&!sTsPi#u^WyXDI47l?47)@w=)923(Gr~Nw@$y_+k5yQ^N|w zL`H_J4|P0FV&RRJ6Oj9Tii-bE`NCDxCwOL;|Kf4-ocgzy`$#0j0z z2^&uwU|MX>R!uu_#hhKXmeVAJe0ROcy@$(cFM2tMNs_fBZF5F*@#)F}G_276!>C}C znAGBgj*Dv2o{l1hu3B(^S7L65z+v6f-m_eM=P1ZZJ}{|9fQ0>e`3W&%q6;TWJy*xw zibFbWmmRXer{O=Xr*Cg>udDlVhQ`#SY4hRwP!>jK91cyos&7}Bi?+!>JuV`mwH8+x zC@%b|%~7g&5ByAm#>2{kYq8BMpw)6~K*cm@2Z-)h0rJuzNK>lUN!$D^giL!fO(`jvnaQ`AMrYe$r) z{o9ScHc_nRKD>9Z$CBW(=tN`YW8=rZeuxYAT-$X*mOCS&d78VCxa+-hYX)Gh`hBDd z8k#SfBon%lva-E{G_VsoHq*LVf_nG|D?+a(<(GA)T3;ev zQl5=A4Y?lOc};EYtskgs)srE~I8VH2B+jpyCUak68Dq6}1X3!#Ye6D$CXK>xTW$69 zkySB11%ZKXK8dZ9a5auo1RTRbW-=fM_o1sMHid?k7PSMnl@;q)$HL5Xij`Ug4_a`6 ze4lpklC4*Czm;W)sSBylS2=b40&2sxY;jzPuhqbbS8Z)}GoA|?_Da1*ASe;IwYhnQ zOnWknrtJHyNOXe;oV&o4`sa8|K=viTJ`$L(xsi>omI~rrTFR^cqJ;G|jhNDy+#XR{ zDDqUu!1V&?BK6w6BjwHm*9dTro_A3y_7aY9h`llo$=nGEVZ6-K^9jCY;tZ6LkPx6B zg!k*23=aD^cL)~ngz>FSAHn)?DEuZ>P_~2^QJ)#zmwmu(4dcFC3HvcAfJH->mcVuq z#%|#giOej}+WOV1+&e6I=qacBt_Ph9hR1iKWacbkVm0Tuw9NkY%i3PPkdWYQc+|n> zF&-}NRM!U)VOvuV>XRPv#m&sNGABsD)O3kuLjwKZhyrlYNlSV7P3O?VdK&)v`Z}z@ zl?cWJ7X==ssLe>0h+BvBOg57mBtlQVP5l{u>AN0jcok(X=2LFPH4c*_Rr$O4OfiXY zrW^O4irm|DwioDj3i?AcQyVmEZ&JB*x^vShWm Halroo>h%s< literal 0 HcmV?d00001 diff --git a/components/engine/docs/sources/articles/b2d_volume_resize.md b/components/engine/docs/sources/articles/b2d_volume_resize.md index d9bc9e0dd0..8ed4cdafa7 100644 --- a/components/engine/docs/sources/articles/b2d_volume_resize.md +++ b/components/engine/docs/sources/articles/b2d_volume_resize.md @@ -5,25 +5,29 @@ page_keywords: boot2docker, volume, virtualbox # Getting “no space left on device” Errors with Boot2Docker? If you're using Boot2Docker with a large number of images, or the images you're working -with are very large, you might run into trouble if the Boot2Docker VM's volume runs out of -space. The solution is to increase the volume size by first cloning it, then resizing it -using a disk partitioning tool. We'll use [GParted](http://gparted.sourceforge.net/download.php/index.php) +with are very large, your pulls might start failing with "no space left on device" errors when +the Boot2Docker VM's volume runs out of space. The solution is to increase the volume size by +first cloning it, then resizing it using a disk partitioning tool. + +We'll use [GParted](http://gparted.sourceforge.net/download.php/index.php) since it's a free ISO and works well with VirtualBox. ## 1. Stop Boot2Docker’s VM +Issue the command to stop the Boot2Docker VM on the command line: + $ boot2docker stop -Boot2Docker ships with a VMDK image, which can’t be resized by VirtualBox’s native tools. We will instead -create a VDI volume and clone the VMDK volume to it. - ## 2. Clone the VMDK image to a VDI image +Boot2Docker ships with a VMDK image, which can’t be resized by VirtualBox’s native tools. We will +instead create a VDI volume and clone the VMDK volume to it. + Using the command line VirtualBox tools, clone the VMDK image to a VDI image: $ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi -—format VDI -—variant Standard -## 3. Resize the new clone volume +## 3. Resize the VDI volume you created Choose a size that will be appropriate for your needs. If you’re spinning up a lot of containers, or your containers are particularly large, larger will be better: @@ -33,21 +37,31 @@ or your containers are particularly large, larger will be better: ## 4. Download a disk partitioning tool ISO To resize the volume, you'll need a disk partitioning tool like [GParted](http://gparted.sourceforge.net/download.php/). -Once you've downloaded the tool, add the ISO to the Boot2Docker VM’s IDE bus. You might need to -create the bus before you can add the ISO. +Once you've downloaded the tool, add the ISO to the Boot2Docker VM’s IDE bus. +You might need to create the bus before you can add the ISO. **Note:** It's +important that the partitioning tool you choose is available as an ISO so that +the Boot2Docker VM can be booted with it. -
    - + + + + + + + +


    ## 5. Add the new VDI image -to the Boot2Docker image in VirtualBox. +In the settings for the Boot2Docker image in VirtualBox, remove the VMDK image from +the SATA contoller and add the VDI image. ## 6. Verify the boot order -In the **System** settings for the Boot2Docker VM, make sure that **CD/DVD** is the at the top of the **Boot Order** list. +In the **System** settings for the Boot2Docker VM, make sure that **CD/DVD** is at +the top of the **Boot Order** list. @@ -57,14 +71,23 @@ Manually start the Boot2Docker VM, and the disk partitioning ISO should start up Using GParted, choose the **GParted Live (default settings)** option. Choose the default keyboard, language, and XWindows settings, and the GParted tool will start up and display the new VDI volume you created. Right click on the VDI and choose -**Resize/Move**. Drag the slider representing the volume to its maximum size, click -**Resize/Move**, and then **Apply**. Quit GParted and shut down the VM. Remove -the GParted ISO from the IDE controller for the Boot2Docker VM in VirtualBox. +**Resize/Move**. + + + +Drag the slider representing the volume to its maximum size, click **Resize/Move**, +and then **Apply**. + + + +Quit GParted and shut down the VM. Remove the GParted ISO from the IDE controller for +the Boot2Docker VM in VirtualBox. ## 8. Start the Boot2Docker VM -Either directly in VirtualBox or using the command line (`boot2docker start`), start the Boot2Docker -VM to make sure the volume changes took effect. +Fire up the Boot2Docker VM manually in VirtualBox. The VM should log in automatically, but the credentials are ``docker/tcuser`` if it doesn't. Using the ``df -h`` command, verify that your changes took effect. + + You’re done! From cd586bd31edb4bd82641e372058b00688d4c050d Mon Sep 17 00:00:00 2001 From: SvenDowideit Date: Tue, 26 Aug 2014 10:15:12 +1000 Subject: [PATCH 028/540] small word change Docker-DCO-1.1-Signed-off-by: SvenDowideit (github: SvenDowideit) Upstream-commit: 93d574298da0f420c19db52b75ebf31ed3cb2ec9 Component: engine --- components/engine/docs/sources/installation/ubuntulinux.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/docs/sources/installation/ubuntulinux.md b/components/engine/docs/sources/installation/ubuntulinux.md index 115aba27ea..fb8fdf66b7 100644 --- a/components/engine/docs/sources/installation/ubuntulinux.md +++ b/components/engine/docs/sources/installation/ubuntulinux.md @@ -89,7 +89,7 @@ kernel. But it is safer to include them if you're not sure. Please read the installation instructions for backported kernels at Ubuntu.org to understand why you also need to install the Xorg packages -if running Docker on a machine with a graphical environment like Unity. +when running Docker on a machine with a graphical environment like Unity. [LTS Enablement Stack](https://wiki.ubuntu.com/Kernel/LTSEnablementStack) refer to note 5 under each version. From 1dae3fa4dea738f125db8c584d714de233e6c4cf Mon Sep 17 00:00:00 2001 From: Avi Miller Date: Tue, 26 Aug 2014 10:28:41 +1000 Subject: [PATCH 029/540] Add Oracle Linux specific documentation for installation of Docker from Oracle Linux repositories on Oracle Linux 6 and 7. Signed-off-by: Avi Miller Upstream-commit: fcad8ee83a2cf9192ba4f9ec7d5c1d0b03a6aa47 Component: engine --- components/engine/docs/mkdocs.yml | 1 + .../docs/sources/installation/oracle.md | 120 ++++++++++++++++++ 2 files changed, 121 insertions(+) create mode 100644 components/engine/docs/sources/installation/oracle.md diff --git a/components/engine/docs/mkdocs.yml b/components/engine/docs/mkdocs.yml index c45b717d91..204c6769cc 100755 --- a/components/engine/docs/mkdocs.yml +++ b/components/engine/docs/mkdocs.yml @@ -34,6 +34,7 @@ pages: - ['installation/mac.md', 'Installation', 'Mac OS X'] - ['installation/ubuntulinux.md', 'Installation', 'Ubuntu'] - ['installation/rhel.md', 'Installation', 'Red Hat Enterprise Linux'] +- ['installation/oracle.md', 'Installation', 'Oracle Linux'] - ['installation/centos.md', 'Installation', 'CentOS'] - ['installation/debian.md', 'Installation', 'Debian'] - ['installation/gentoolinux.md', 'Installation', 'Gentoo'] diff --git a/components/engine/docs/sources/installation/oracle.md b/components/engine/docs/sources/installation/oracle.md new file mode 100644 index 0000000000..05bb3d9808 --- /dev/null +++ b/components/engine/docs/sources/installation/oracle.md @@ -0,0 +1,120 @@ +page_title: Installation on Oracle Linux +page_description: Installation instructions for Docker on Oracle Linux. +page_keywords: Docker, Docker documentation, requirements, linux, rhel, centos, oracle, ol + +# Oracle Linux 6 and 7 + +You do not require an Oracle Linux Support subscription to install Docker on +Oracle Linux. + +*For Oracle Linux customers with an active support subscription:* +Docker is available in either the `ol6_x86_64_addons` or `ol7_x86_64_addons` +channel for Oracle Linux 6 and Oracle Linux 7 on the [Unbreakable Linux Network +(ULN)](https://linux.oracle.com). + +*For Oracle Linux users without an active support subscription:* +Docker is available in the appropriate `ol6_addons` or `ol7_addons` repository +on [Oracle Public Yum](http://public-yum.oracle.com). + +Docker requires the use of the Unbreakable Enterprise Kernel Release 3 (3.8.13) +or higher on Oracle Linux. This kernel supports the Docker btrfs storage engine +on both Oracle Linux 6 and 7. + +Due to current Docker limitations, Docker is only able to run only on the x86_64 +architecture. + +## To enable the *addons* channel via the Unbreakable Linux Network: + +1. Enable either the *ol6\_x86\_64\_addons* or *ol7\_x86\_64\_addons* channel +via the ULN web interface. +Consult the [Unbreakable Linux Network User's +Guide](http://docs.oracle.com/cd/E52668_01/E39381/html/index.html) for +documentation on subscribing to channels. + +## To enable the *addons* repository via Oracle Public Yum: + +The latest release of Oracle Linux 6 and 7 are automatically configured to use +the Oracle Public Yum repositories during installation. However, the *addons* +repository is not enabled by default. + +To enable the *addons* repository: + +1. Edit either `/etc/yum.repos.d/public-yum-ol6.repo` or +`/etc/yum.repos.d/public-yum-ol7.repo` +and set `enabled=1` in the `[ol6_addons]` or the `[ol7_addons]` stanza. + +## To install Docker: + +1. Ensure the appropriate *addons* channel or repository has been enabled. + +2. Use yum to install the Docker package: + + $ sudo yum install docker + +## To start Docker: + +1. Now that it's installed, start the Docker daemon: + + 1. On Oracle Linux 6: + + $ sudo service docker start + + 2. On Oracle Linux 7: + + $ sudo systemctl start docker.service + +2. If you want the Docker daemon to start automatically at boot: + + 1. On Oracle Linux 6: + + $ sudo chkconfig docker on + + 2. On Oracle Linux 7: + + $ sudo systemctl enable docker.service + +**Done!** + +## Using the btrfs storage engine + +Docker on Oracle Linux 6 and 7 supports the use of the btrfs storage engine. +Before enabling btrfs support, ensure that `/var/lib/docker` is stored on a +btrfs-based filesystem. Review [Chapter +5](http://docs.oracle.com/cd/E37670_01/E37355/html/ol_btrfs.html) of the [Oracle +Linux Administrator's Solution +Guide](http://docs.oracle.com/cd/E37670_01/E37355/html/index.html) for details +on how to create and mount btrfs filesystems. + +To enable btrfs support on Oracle Linux: + +1. Ensure that `/var/lib/docker` is on a btrfs filesystem. +1. Edit `/etc/sysconfig/docker` and add `-s btrfs` to the `OTHER_ARGS` field. +2. Restart the Docker daemon: + +You can now continue with the [Docker User Guide](/userguide/). + +## Known issues + +### Docker unmounts btrfs filesystem on shutdown +If you're running Docker using the btrfs storage engine and you stop the Docker +service, it will unmount the btrfs filesystem during the shutdown process. You +should ensure the filesystem is mounted properly prior to restarting the Docker +service. + +On Oracle Linux 7, you can use a `systemd.mount` definition and modify the +Docker `systemd.service` to depend on the btrfs mount defined in systemd. + +### SElinux Support on Oracle Linux 7 +SElinux must be set to `Permissive` or `Disabled` in `/etc/sysconfig/selinux` to +use the btrfs storage engine on Oracle Linux 7. + +## Further issues? + +If you have a current Basic or Premier Support Subscription for Oracle Linux, +you can report any issues you have with the installation of Docker via a Service +Request at [My Oracle Support](http://support.oracle.com). + +If you do not have an Oracle Linux Support Subscription, you can use the [Oracle +Linux +Forum](https://community.oracle.com/community/server_%26_storage_systems/linux/ +oracle_linux) for community-based support. From db566d8d046e4d9a6b75030fba34b06ccfc554ac Mon Sep 17 00:00:00 2001 From: getvictor Date: Sun, 24 Aug 2014 14:21:43 -0500 Subject: [PATCH 030/540] Updating LxcConf to match Docker command line I've changed LxcConf on a previous API document. Not sure why it keeps getting changed back. I'm seeing Docker 1.2.0 command-line calls are still using the array of key/values. Docker-DCO-1.1-Signed-off-by: getvictor (github: SvenDowideit) Upstream-commit: 216ab880f96125566f2816510ba9d396dcf103f0 Component: engine --- .../docs/sources/reference/api/docker_remote_api_v1.14.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md index 9a9c36e54b..3058a6770f 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md @@ -407,7 +407,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], "Links":["redis3:redis"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, "PublishAllPorts":false, "Privileged":false, From 73e4ee940c46cbebd3eb5a57cdf2834df4268f94 Mon Sep 17 00:00:00 2001 From: SvenDowideit Date: Tue, 26 Aug 2014 11:35:58 +1000 Subject: [PATCH 031/540] Fix the other API docs to use an array of key/values as per #7706 Docker-DCO-1.1-Signed-off-by: SvenDowideit (github: SvenDowideit) Upstream-commit: b0edced87f2a9bd2e85b0a59f6a6c83aff36e445 Component: engine --- .../docs/sources/reference/api/docker_remote_api_v1.10.md | 2 +- .../docs/sources/reference/api/docker_remote_api_v1.11.md | 2 +- .../docs/sources/reference/api/docker_remote_api_v1.12.md | 2 +- .../docs/sources/reference/api/docker_remote_api_v1.13.md | 2 +- .../engine/docs/sources/reference/api/docker_remote_api_v1.6.md | 2 +- .../engine/docs/sources/reference/api/docker_remote_api_v1.7.md | 2 +- .../engine/docs/sources/reference/api/docker_remote_api_v1.8.md | 2 +- .../engine/docs/sources/reference/api/docker_remote_api_v1.9.md | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.10.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.10.md index 6ffae3e07e..a188418057 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.10.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.10.md @@ -366,7 +366,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, "PublishAllPorts":false, "Privileged":false diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.11.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.11.md index a0187dbdf6..9c9da155c9 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.11.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.11.md @@ -406,7 +406,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, "PublishAllPorts":false, "Privileged":false, diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.12.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.12.md index 9ea83e2853..d0fa77b0ae 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.12.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.12.md @@ -409,7 +409,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], "Links":["redis3:redis"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, "PublishAllPorts":false, "Privileged":false, diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md index d782391476..69bb59d76e 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md @@ -405,7 +405,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], "Links":["redis3:redis"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, "PublishAllPorts":false, "Privileged":false, diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.6.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.6.md index 11dd45229c..67e0d1a2cb 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.6.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.6.md @@ -391,7 +391,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "ContainerIDFile": "", "Privileged": false, "PortBindings": {"22/tcp": [{HostIp:"", HostPort:""}]}, diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.7.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.7.md index 10ff841799..768eb9602d 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.7.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.7.md @@ -347,7 +347,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, "Privileged":false, "PublishAllPorts":false diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.8.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.8.md index b8bc0087c8..41b6bc81c3 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.8.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.8.md @@ -383,7 +383,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, "PublishAllPorts":false, "Privileged":false diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.9.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.9.md index 38f4ca8f54..a8ee8fb658 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.9.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.9.md @@ -383,7 +383,7 @@ Start the container `id` { "Binds":["/tmp:/tmp"], - "LxcConf":{"lxc.utsname":"docker"}, + "LxcConf":[{"Key":"lxc.utsname","Value":"docker"}], "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, "PublishAllPorts":false, "Privileged":false From 71bf8c685a41d8afeef0def323f824d496f95258 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Wed, 20 Aug 2014 16:09:54 +0400 Subject: [PATCH 032/540] Use ++ instead of += 1 Signed-off-by: Alexandr Morozov Upstream-commit: 1ba15b8acaf8625db23ccd7d0ba7d3acf7d2f69e Component: engine --- components/engine/daemon/attach.go | 8 ++++---- components/engine/daemon/build.go | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/components/engine/daemon/attach.go b/components/engine/daemon/attach.go index b1b06e2765..13824ea842 100644 --- a/components/engine/daemon/attach.go +++ b/components/engine/daemon/attach.go @@ -127,7 +127,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo ) if stdin != nil && container.Config.OpenStdin { - nJobs += 1 + nJobs++ if cStdin, err := container.StdinPipe(); err != nil { errors <- err } else { @@ -163,7 +163,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo } } if stdout != nil { - nJobs += 1 + nJobs++ if p, err := container.StdoutPipe(); err != nil { errors <- err } else { @@ -201,7 +201,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo }() } if stderr != nil { - nJobs += 1 + nJobs++ if p, err := container.StderrPipe(); err != nil { errors <- err } else { @@ -252,7 +252,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo // FIXME: how to clean up the stdin goroutine without the unwanted side effect // of closing the passed stdin? Add an intermediary io.Pipe? - for i := 0; i < nJobs; i += 1 { + for i := 0; i < nJobs; i++ { log.Debugf("attach: waiting for job %d/%d", i+1, nJobs) if err := <-errors; err != nil { log.Errorf("attach: job %d returned error %s, aborting all jobs", i+1, err) diff --git a/components/engine/daemon/build.go b/components/engine/daemon/build.go index a572dc2ec2..b90c2629d0 100644 --- a/components/engine/daemon/build.go +++ b/components/engine/daemon/build.go @@ -908,7 +908,7 @@ func (b *buildFile) Build(context io.Reader) (string, error) { } else if b.rm { b.clearTmp(b.tmpContainers) } - stepN += 1 + stepN++ } if b.image != "" { fmt.Fprintf(b.outStream, "Successfully built %s\n", utils.TruncateID(b.image)) From 6eedef59d9840f0a366fa627fe388cad694e8cd9 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Wed, 20 Aug 2014 17:03:05 +0400 Subject: [PATCH 033/540] Remove redundant elses Signed-off-by: Alexandr Morozov Upstream-commit: 698392cb512ba0c85e69a669f115d67c1d50cb98 Component: engine --- components/engine/daemon/build.go | 8 +++----- components/engine/daemon/container.go | 17 +++++++++-------- 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/components/engine/daemon/build.go b/components/engine/daemon/build.go index b90c2629d0..6812139663 100644 --- a/components/engine/daemon/build.go +++ b/components/engine/daemon/build.go @@ -476,19 +476,17 @@ func (b *buildFile) CmdVolume(args string) error { func (b *buildFile) checkPathForAddition(orig string) error { origPath := path.Join(b.contextPath, orig) - if p, err := filepath.EvalSymlinks(origPath); err != nil { + origPath, err := filepath.EvalSymlinks(origPath) + if err != nil { if os.IsNotExist(err) { return fmt.Errorf("%s: no such file or directory", orig) } return err - } else { - origPath = p } if !strings.HasPrefix(origPath, b.contextPath) { return fmt.Errorf("Forbidden path outside the build context: %s (%s)", orig, origPath) } - _, err := os.Stat(origPath) - if err != nil { + if _, err := os.Stat(origPath); err != nil { if os.IsNotExist(err) { return fmt.Errorf("%s: no such file or directory", orig) } diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index df6bd66190..fee4853db6 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -910,7 +910,8 @@ func (container *Container) initializeNetworking() error { container.HostsPath = hostsPath return ioutil.WriteFile(container.HostsPath, content, 0644) - } else if container.hostConfig.NetworkMode.IsContainer() { + } + if container.hostConfig.NetworkMode.IsContainer() { // we need to get the hosts files from the container to join nc, err := container.getNetworkedContainer() if err != nil { @@ -920,16 +921,16 @@ func (container *Container) initializeNetworking() error { container.ResolvConfPath = nc.ResolvConfPath container.Config.Hostname = nc.Config.Hostname container.Config.Domainname = nc.Config.Domainname - } else if container.daemon.config.DisableNetwork { + return nil + } + if container.daemon.config.DisableNetwork { container.Config.NetworkDisabled = true return container.buildHostnameAndHostsFiles("127.0.1.1") - } else { - if err := container.allocateNetwork(); err != nil { - return err - } - return container.buildHostnameAndHostsFiles(container.NetworkSettings.IPAddress) } - return nil + if err := container.allocateNetwork(); err != nil { + return err + } + return container.buildHostnameAndHostsFiles(container.NetworkSettings.IPAddress) } // Make sure the config is compatible with the current kernel From b5fb241c167dc52eb2f8a14b07e20457a501f199 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Mon, 25 Aug 2014 20:50:18 +0400 Subject: [PATCH 034/540] Style fixes for registry/registry.go Signed-off-by: Alexandr Morozov Upstream-commit: 45a2923874a9b1f70674e627d0d112851d5982a8 Component: engine --- components/engine/registry/registry.go | 51 ++++++++++---------------- 1 file changed, 20 insertions(+), 31 deletions(-) diff --git a/components/engine/registry/registry.go b/components/engine/registry/registry.go index 9c76aca9f7..e2c9794c69 100644 --- a/components/engine/registry/registry.go +++ b/components/engine/registry/registry.go @@ -105,22 +105,20 @@ func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType) (*htt data, err := ioutil.ReadFile(path.Join(hostDir, f.Name())) if err != nil { return nil, nil, err - } else { - pool.AppendCertsFromPEM(data) } + pool.AppendCertsFromPEM(data) } if strings.HasSuffix(f.Name(), ".cert") { certName := f.Name() keyName := certName[:len(certName)-5] + ".key" if !hasFile(fs, keyName) { return nil, nil, fmt.Errorf("Missing key %s for certificate %s", keyName, certName) - } else { - cert, err := tls.LoadX509KeyPair(path.Join(hostDir, certName), path.Join(hostDir, keyName)) - if err != nil { - return nil, nil, err - } - certs = append(certs, &cert) } + cert, err := tls.LoadX509KeyPair(path.Join(hostDir, certName), path.Join(hostDir, keyName)) + if err != nil { + return nil, nil, err + } + certs = append(certs, &cert) } if strings.HasSuffix(f.Name(), ".key") { keyName := f.Name() @@ -138,19 +136,13 @@ func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType) (*htt return nil, nil, err } return res, client, nil - } else { - for i, cert := range certs { - client := newClient(jar, pool, cert, timeout) - res, err := client.Do(req) - if i == len(certs)-1 { - // If this is the last cert, always return the result - return res, client, err - } else { - // Otherwise, continue to next cert if 403 or 5xx - if err == nil && res.StatusCode != 403 && !(res.StatusCode >= 500 && res.StatusCode < 600) { - return res, client, err - } - } + } + for i, cert := range certs { + client := newClient(jar, pool, cert, timeout) + res, err := client.Do(req) + // If this is the last cert, otherwise, continue to next cert if 403 or 5xx + if i == len(certs)-1 || err == nil && res.StatusCode != 403 && res.StatusCode < 500 { + return res, client, err } } @@ -198,10 +190,7 @@ func pingRegistryEndpoint(endpoint string) (RegistryInfo, error) { standalone := resp.Header.Get("X-Docker-Registry-Standalone") log.Debugf("Registry standalone header: '%s'", standalone) - // Accepted values are "true" (case-insensitive) and "1". - if strings.EqualFold(standalone, "true") || standalone == "1" { - info.Standalone = true - } else if len(standalone) > 0 { + if !strings.EqualFold(standalone, "true") && standalone != "1" && len(standalone) > 0 { // there is a header set, and it is not "true" or "1", so assume fails info.Standalone = false } @@ -306,12 +295,12 @@ func AddRequiredHeadersToRedirectedRequests(req *http.Request, via []*http.Reque if via != nil && via[0] != nil { if trustedLocation(req) && trustedLocation(via[0]) { req.Header = via[0].Header - } else { - for k, v := range via[0].Header { - if k != "Authorization" { - for _, vv := range v { - req.Header.Add(k, vv) - } + return nil + } + for k, v := range via[0].Header { + if k != "Authorization" { + for _, vv := range v { + req.Header.Add(k, vv) } } } From b22bbbc6cc8bf06265ae034407e0b034c51d7cd0 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Tue, 26 Aug 2014 13:08:50 +0400 Subject: [PATCH 035/540] Bump docs and api to 1.15 Signed-off-by: Alexandr Morozov Upstream-commit: e261618b24b6837c820dccd8fa734eafc8b7f399 Component: engine --- components/engine/api/common.go | 2 +- components/engine/docs/mkdocs.yml | 1 + .../reference/api/docker_remote_api.md | 14 +- .../reference/api/docker_remote_api_v1.15.md | 1411 +++++++++++++++++ 4 files changed, 1424 insertions(+), 4 deletions(-) create mode 100644 components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md diff --git a/components/engine/api/common.go b/components/engine/api/common.go index 5cc33a9e1a..3eecaa0455 100644 --- a/components/engine/api/common.go +++ b/components/engine/api/common.go @@ -12,7 +12,7 @@ import ( ) const ( - APIVERSION version.Version = "1.14" + APIVERSION version.Version = "1.15" DEFAULTHTTPHOST = "127.0.0.1" DEFAULTUNIXSOCKET = "/var/run/docker.sock" ) diff --git a/components/engine/docs/mkdocs.yml b/components/engine/docs/mkdocs.yml index 204c6769cc..796b9821e8 100755 --- a/components/engine/docs/mkdocs.yml +++ b/components/engine/docs/mkdocs.yml @@ -106,6 +106,7 @@ pages: - ['reference/api/registry_api.md', 'Reference', 'Docker Registry API'] - ['reference/api/hub_registry_spec.md', 'Reference', 'Docker Hub and Registry Spec'] - ['reference/api/docker_remote_api.md', 'Reference', 'Docker Remote API'] +- ['reference/api/docker_remote_api_v1.15.md', 'Reference', 'Docker Remote API v1.15'] - ['reference/api/docker_remote_api_v1.14.md', 'Reference', 'Docker Remote API v1.14'] - ['reference/api/docker_remote_api_v1.13.md', 'Reference', 'Docker Remote API v1.13'] - ['reference/api/docker_remote_api_v1.12.md', 'Reference', 'Docker Remote API v1.12'] diff --git a/components/engine/docs/sources/reference/api/docker_remote_api.md b/components/engine/docs/sources/reference/api/docker_remote_api.md index e712f864f2..9f200a43b8 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api.md @@ -18,13 +18,21 @@ page_keywords: API, Docker, rcli, REST, documentation encoded (JSON) string with credentials: `{'username': string, 'password': string, 'email': string, 'serveraddress' : string}` -The current version of the API is v1.14 +The current version of the API is v1.15 Calling `/info` is the same as calling -`/v1.14/info`. +`/v1.15/info`. You can still call an old version of the API using -`/v1.13/info`. +`/v1.14/info`. + +## v1.15 + +### Full Documentation + +[*Docker Remote API v1.15*](/reference/api/docker_remote_api_v1.15/) + +### What's new ## v1.14 diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md new file mode 100644 index 0000000000..e2f96980c0 --- /dev/null +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md @@ -0,0 +1,1411 @@ +page_title: Remote API v1.15 +page_description: API Documentation for Docker +page_keywords: API, Docker, rcli, REST, documentation + +# Docker Remote API v1.15 + +## 1. Brief introduction + + - The Remote API has replaced `rcli`. + - The daemon listens on `unix:///var/run/docker.sock` but you can + [*Bind Docker to another host/port or a Unix socket*]( + /use/basics/#bind-docker). + - The API tends to be REST, but for some complex commands, like `attach` + or `pull`, the HTTP connection is hijacked to transport `STDOUT`, + `STDIN` and `STDERR`. + +# 2. Endpoints + +## 2.1 Containers + +### List containers + +`GET /containers/json` + +List containers + + **Example request**: + + GET /containers/json?all=1&before=8dfafdbc3a40&size=1 HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + [ + { + "Id": "8dfafdbc3a40", + "Image": "base:latest", + "Command": "echo 1", + "Created": 1367854155, + "Status": "Exit 0", + "Ports":[{"PrivatePort": 2222, "PublicPort": 3333, "Type": "tcp"}], + "SizeRw":12288, + "SizeRootFs":0 + }, + { + "Id": "9cd87474be90", + "Image": "base:latest", + "Command": "echo 222222", + "Created": 1367854155, + "Status": "Exit 0", + "Ports":[], + "SizeRw":12288, + "SizeRootFs":0 + }, + { + "Id": "3176a2479c92", + "Image": "base:latest", + "Command": "echo 3333333333333333", + "Created": 1367854154, + "Status": "Exit 0", + "Ports":[], + "SizeRw":12288, + "SizeRootFs":0 + }, + { + "Id": "4cb07b47f9fb", + "Image": "base:latest", + "Command": "echo 444444444444444444444444444444444", + "Created": 1367854152, + "Status": "Exit 0", + "Ports":[], + "SizeRw":12288, + "SizeRootFs":0 + } + ] + + Query Parameters: + +   + + - **all** – 1/True/true or 0/False/false, Show all containers. + Only running containers are shown by default + - **limit** – Show `limit` last created + containers, include non-running ones. + - **since** – Show only containers created since Id, include + non-running ones. + - **before** – Show only containers created before Id, include + non-running ones. + - **size** – 1/True/true or 0/False/false, Show the containers + sizes + + Status Codes: + + - **200** – no error + - **400** – bad parameter + - **500** – server error + +### Create a container + +`POST /containers/create` + +Create a container + + **Example request**: + + POST /containers/create HTTP/1.1 + Content-Type: application/json + + { + "Hostname":"", + "User":"", + "Memory":0, + "MemorySwap":0, + "AttachStdin":false, + "AttachStdout":true, + "AttachStderr":true, + "PortSpecs":null, + "Tty":false, + "OpenStdin":false, + "StdinOnce":false, + "Env":null, + "Cmd":[ + "date" + ], + "Image":"base", + "Volumes":{ + "/tmp": {} + }, + "WorkingDir":"", + "DisableNetwork": false, + "ExposedPorts":{ + "22/tcp": {} + } + } + + **Example response**: + + HTTP/1.1 201 OK + Content-Type: application/json + + { + "Id":"e90e34656806" + "Warnings":[] + } + + Json Parameters: + +   + + - **config** – the container's configuration + + Query Parameters: + +   + + - **name** – Assign the specified name to the container. Must + match `/?[a-zA-Z0-9_-]+`. + + Status Codes: + + - **201** – no error + - **404** – no such container + - **406** – impossible to attach (container not running) + - **500** – server error + +### Inspect a container + +`GET /containers/(id)/json` + +Return low-level information on the container `id` + + + **Example request**: + + GET /containers/4fa6e0f0c678/json HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + { + "Id": "4fa6e0f0c6786287e131c3852c58a2e01cc697a68231826813597e4994f1d6e2", + "Created": "2013-05-07T14:51:42.041847+02:00", + "Path": "date", + "Args": [], + "Config": { + "Hostname": "4fa6e0f0c678", + "User": "", + "Memory": 0, + "MemorySwap": 0, + "AttachStdin": false, + "AttachStdout": true, + "AttachStderr": true, + "PortSpecs": null, + "Tty": false, + "OpenStdin": false, + "StdinOnce": false, + "Env": null, + "Cmd": [ + "date" + ], + "Dns": null, + "Image": "base", + "Volumes": {}, + "VolumesFrom": "", + "WorkingDir":"" + + }, + "State": { + "Running": false, + "Pid": 0, + "ExitCode": 0, + "StartedAt": "2013-05-07T14:51:42.087658+02:01360", + "Ghost": false + }, + "Image": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc", + "NetworkSettings": { + "IpAddress": "", + "IpPrefixLen": 0, + "Gateway": "", + "Bridge": "", + "PortMapping": null + }, + "SysInitPath": "/home/kitty/go/src/github.com/docker/docker/bin/docker", + "ResolvConfPath": "/etc/resolv.conf", + "Volumes": {}, + "HostConfig": { + "Binds": null, + "ContainerIDFile": "", + "LxcConf": [], + "Privileged": false, + "PortBindings": { + "80/tcp": [ + { + "HostIp": "0.0.0.0", + "HostPort": "49153" + } + ] + }, + "Links": ["/name:alias"], + "PublishAllPorts": false, + "CapAdd: ["NET_ADMIN"], + "CapDrop: ["MKNOD"] + } + } + + Status Codes: + + - **200** – no error + - **404** – no such container + - **500** – server error + +### List processes running inside a container + +`GET /containers/(id)/top` + +List processes running inside the container `id` + + **Example request**: + + GET /containers/4fa6e0f0c678/top HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + { + "Titles":[ + "USER", + "PID", + "%CPU", + "%MEM", + "VSZ", + "RSS", + "TTY", + "STAT", + "START", + "TIME", + "COMMAND" + ], + "Processes":[ + ["root","20147","0.0","0.1","18060","1864","pts/4","S","10:06","0:00","bash"], + ["root","20271","0.0","0.0","4312","352","pts/4","S+","10:07","0:00","sleep","10"] + ] + } + + Query Parameters: + +   + + - **ps_args** – ps arguments to use (e.g., aux) + + Status Codes: + + - **200** – no error + - **404** – no such container + - **500** – server error + +### Get container logs + +`GET /containers/(id)/logs` + +Get stdout and stderr logs from the container ``id`` + + **Example request**: + + GET /containers/4fa6e0f0c678/logs?stderr=1&stdout=1×tamps=1&follow=1&tail=10 HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/vnd.docker.raw-stream + + {{ STREAM }} + + Query Parameters: + +   + + - **follow** – 1/True/true or 0/False/false, return stream. Default false + - **stdout** – 1/True/true or 0/False/false, show stdout log. Default false + - **stderr** – 1/True/true or 0/False/false, show stderr log. Default false + - **timestamps** – 1/True/true or 0/False/false, print timestamps for + every log line. Default false + - **tail** – Output specified number of lines at the end of logs: `all` or ``. Default all + + Status Codes: + + - **200** – no error + - **404** – no such container + - **500** – server error + +### Inspect changes on a container's filesystem + +`GET /containers/(id)/changes` + +Inspect changes on container `id`'s filesystem + + **Example request**: + + GET /containers/4fa6e0f0c678/changes HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + [ + { + "Path":"/dev", + "Kind":0 + }, + { + "Path":"/dev/kmsg", + "Kind":1 + }, + { + "Path":"/test", + "Kind":1 + } + ] + + Status Codes: + + - **200** – no error + - **404** – no such container + - **500** – server error + +### Export a container + +`GET /containers/(id)/export` + +Export the contents of container `id` + + **Example request**: + + GET /containers/4fa6e0f0c678/export HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/octet-stream + + {{ STREAM }} + + Status Codes: + + - **200** – no error + - **404** – no such container + - **500** – server error + +### Start a container + +`POST /containers/(id)/start` + +Start the container `id` + + **Example request**: + + POST /containers/(id)/start HTTP/1.1 + Content-Type: application/json + + { + "Binds":["/tmp:/tmp"], + "Links":["redis3:redis"], + "LxcConf":{"lxc.utsname":"docker"}, + "PortBindings":{ "22/tcp": [{ "HostPort": "11022" }] }, + "PublishAllPorts":false, + "Privileged":false, + "Dns": ["8.8.8.8"], + "VolumesFrom": ["parent", "other:ro"], + "CapAdd: ["NET_ADMIN"], + "CapDrop: ["MKNOD"] + } + + **Example response**: + + HTTP/1.1 204 No Content + Content-Type: text/plain + + Json Parameters: + +   + + - **hostConfig** – the container's host configuration (optional) + + Status Codes: + + - **204** – no error + - **304** – container already started + - **404** – no such container + - **500** – server error + +### Stop a container + +`POST /containers/(id)/stop` + +Stop the container `id` + + **Example request**: + + POST /containers/e90e34656806/stop?t=5 HTTP/1.1 + + **Example response**: + + HTTP/1.1 204 OK + + Query Parameters: + +   + + - **t** – number of seconds to wait before killing the container + + Status Codes: + + - **204** – no error + - **304** – container already stopped + - **404** – no such container + - **500** – server error + +### Restart a container + +`POST /containers/(id)/restart` + +Restart the container `id` + + **Example request**: + + POST /containers/e90e34656806/restart?t=5 HTTP/1.1 + + **Example response**: + + HTTP/1.1 204 OK + + Query Parameters: + +   + + - **t** – number of seconds to wait before killing the container + + Status Codes: + + - **204** – no error + - **404** – no such container + - **500** – server error + +### Kill a container + +`POST /containers/(id)/kill` + +Kill the container `id` + + **Example request**: + + POST /containers/e90e34656806/kill HTTP/1.1 + + **Example response**: + + HTTP/1.1 204 OK + + Query Parameters + + - **signal** - Signal to send to the container: integer or string like "SIGINT". + When not set, SIGKILL is assumed and the call will waits for the container to exit. + + Status Codes: + + - **204** – no error + - **404** – no such container + - **500** – server error + +### Pause a container + +`POST /containers/(id)/pause` + +Pause the container `id` + + **Example request**: + + POST /containers/e90e34656806/pause HTTP/1.1 + + **Example response**: + + HTTP/1.1 204 OK + + Status Codes: + + - **204** – no error + - **404** – no such container + - **500** – server error + +### Unpause a container + +`POST /containers/(id)/unpause` + +Unpause the container `id` + + **Example request**: + + POST /containers/e90e34656806/unpause HTTP/1.1 + + **Example response**: + + HTTP/1.1 204 OK + + Status Codes: + + - **204** – no error + - **404** – no such container + - **500** – server error + +### Attach to a container + +`POST /containers/(id)/attach` + +Attach to the container `id` + + **Example request**: + + POST /containers/16253994b7c4/attach?logs=1&stream=0&stdout=1 HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/vnd.docker.raw-stream + + {{ STREAM }} + + Query Parameters: + +   + + - **logs** – 1/True/true or 0/False/false, return logs. Default + false + - **stream** – 1/True/true or 0/False/false, return stream. + Default false + - **stdin** – 1/True/true or 0/False/false, if stream=true, attach + to stdin. Default false + - **stdout** – 1/True/true or 0/False/false, if logs=true, return + stdout log, if stream=true, attach to stdout. Default false + - **stderr** – 1/True/true or 0/False/false, if logs=true, return + stderr log, if stream=true, attach to stderr. Default false + + Status Codes: + + - **200** – no error + - **400** – bad parameter + - **404** – no such container + - **500** – server error + + **Stream details**: + + When using the TTY setting is enabled in + [`POST /containers/create` + ](../docker_remote_api_v1.9/#post--containers-create "POST /containers/create"), + the stream is the raw data from the process PTY and client's stdin. + When the TTY is disabled, then the stream is multiplexed to separate + stdout and stderr. + + The format is a **Header** and a **Payload** (frame). + + **HEADER** + + The header will contain the information on which stream write the + stream (stdout or stderr). It also contain the size of the + associated frame encoded on the last 4 bytes (uint32). + + It is encoded on the first 8 bytes like this: + + header := [8]byte{STREAM_TYPE, 0, 0, 0, SIZE1, SIZE2, SIZE3, SIZE4} + + `STREAM_TYPE` can be: + + - 0: stdin (will be written on stdout) + - 1: stdout + - 2: stderr + + `SIZE1, SIZE2, SIZE3, SIZE4` are the 4 bytes of + the uint32 size encoded as big endian. + + **PAYLOAD** + + The payload is the raw stream. + + **IMPLEMENTATION** + + The simplest way to implement the Attach protocol is the following: + + 1. Read 8 bytes + 2. chose stdout or stderr depending on the first byte + 3. Extract the frame size from the last 4 byets + 4. Read the extracted size and output it on the correct output + 5. Goto 1) + +### Wait a container + +`POST /containers/(id)/wait` + +Block until container `id` stops, then returns the exit code + + **Example request**: + + POST /containers/16253994b7c4/wait HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + {"StatusCode":0} + + Status Codes: + + - **200** – no error + - **404** – no such container + - **500** – server error + +### Remove a container + +`DELETE /containers/(id)` + +Remove the container `id` from the filesystem + + **Example request**: + + DELETE /containers/16253994b7c4?v=1 HTTP/1.1 + + **Example response**: + + HTTP/1.1 204 OK + + Query Parameters: + +   + + - **v** – 1/True/true or 0/False/false, Remove the volumes + associated to the container. Default false + - **force** - 1/True/true or 0/False/false, Kill then remove the container. + Default false + + Status Codes: + + - **204** – no error + - **400** – bad parameter + - **404** – no such container + - **500** – server error + +### Copy files or folders from a container + +`POST /containers/(id)/copy` + +Copy files or folders of container `id` + + **Example request**: + + POST /containers/4fa6e0f0c678/copy HTTP/1.1 + Content-Type: application/json + + { + "Resource":"test.txt" + } + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/octet-stream + + {{ STREAM }} + + Status Codes: + + - **200** – no error + - **404** – no such container + - **500** – server error + +## 2.2 Images + +### List Images + +`GET /images/json` + +**Example request**: + + GET /images/json?all=0 HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + [ + { + "RepoTags": [ + "ubuntu:12.04", + "ubuntu:precise", + "ubuntu:latest" + ], + "Id": "8dbd9e392a964056420e5d58ca5cc376ef18e2de93b5cc90e868a1bbc8318c1c", + "Created": 1365714795, + "Size": 131506275, + "VirtualSize": 131506275 + }, + { + "RepoTags": [ + "ubuntu:12.10", + "ubuntu:quantal" + ], + "ParentId": "27cf784147099545", + "Id": "b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc", + "Created": 1364102658, + "Size": 24653, + "VirtualSize": 180116135 + } + ] + + + Query Parameters: + +   + + - **all** – 1/True/true or 0/False/false, default false + - **filters** – a json encoded value of the filters (a map[string][]string) to process on the images list. + + + +### Create an image + +`POST /images/create` + +Create an image, either by pull it from the registry or by importing it + + **Example request**: + + POST /images/create?fromImage=base HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + {"status":"Pulling..."} + {"status":"Pulling", "progress":"1 B/ 100 B", "progressDetail":{"current":1, "total":100}} + {"error":"Invalid..."} + ... + + When using this endpoint to pull an image from the registry, the + `X-Registry-Auth` header can be used to include + a base64-encoded AuthConfig object. + + Query Parameters: + +   + + - **fromImage** – name of the image to pull + - **fromSrc** – source to import, - means stdin + - **repo** – repository + - **tag** – tag + - **registry** – the registry to pull from + + Request Headers: + +   + + - **X-Registry-Auth** – base64-encoded AuthConfig object + + Status Codes: + + - **200** – no error + - **500** – server error + + + +### Inspect an image + +`GET /images/(name)/json` + +Return low-level information on the image `name` + + **Example request**: + + GET /images/base/json HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + { + "Created":"2013-03-23T22:24:18.818426-07:00", + "Container":"3d67245a8d72ecf13f33dffac9f79dcdf70f75acb84d308770391510e0c23ad0", + "ContainerConfig": + { + "Hostname":"", + "User":"", + "Memory":0, + "MemorySwap":0, + "AttachStdin":false, + "AttachStdout":false, + "AttachStderr":false, + "PortSpecs":null, + "Tty":true, + "OpenStdin":true, + "StdinOnce":false, + "Env":null, + "Cmd": ["/bin/bash"], + "Dns":null, + "Image":"base", + "Volumes":null, + "VolumesFrom":"", + "WorkingDir":"" + }, + "Id":"b750fe79269d2ec9a3c593ef05b4332b1d1a02a62b4accb2c21d589ff2f5f2dc", + "Parent":"27cf784147099545", + "Size": 6824592 + } + + Status Codes: + + - **200** – no error + - **404** – no such image + - **500** – server error + +### Get the history of an image + +`GET /images/(name)/history` + +Return the history of the image `name` + + **Example request**: + + GET /images/base/history HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + [ + { + "Id":"b750fe79269d", + "Created":1364102658, + "CreatedBy":"/bin/bash" + }, + { + "Id":"27cf78414709", + "Created":1364068391, + "CreatedBy":"" + } + ] + + Status Codes: + + - **200** – no error + - **404** – no such image + - **500** – server error + +### Push an image on the registry + +`POST /images/(name)/push` + +Push the image `name` on the registry + + **Example request**: + + POST /images/test/push HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + {"status":"Pushing..."} + {"status":"Pushing", "progress":"1/? (n/a)", "progressDetail":{"current":1}}} + {"error":"Invalid..."} + ... + + If you wish to push an image on to a private registry, that image must already have been tagged + into a repository which references that registry host name and port. This repository name should + then be used in the URL. This mirrors the flow of the CLI. + + **Example request**: + + POST /images/registry.acme.com:5000/test/push HTTP/1.1 + + + Query Parameters: + +   + + - **tag** – the tag to associate with the image on the registry, optional + + Request Headers: + +   + + - **X-Registry-Auth** – include a base64-encoded AuthConfig + object. + + Status Codes: + + - **200** – no error + - **404** – no such image + - **500** – server error + +### Tag an image into a repository + +`POST /images/(name)/tag` + +Tag the image `name` into a repository + + **Example request**: + + POST /images/test/tag?repo=myrepo&force=0 HTTP/1.1 + + **Example response**: + + HTTP/1.1 201 OK + + Query Parameters: + +   + + - **repo** – The repository to tag in + - **force** – 1/True/true or 0/False/false, default false + + Status Codes: + + - **201** – no error + - **400** – bad parameter + - **404** – no such image + - **409** – conflict + - **500** – server error + +### Remove an image + +`DELETE /images/(name)` + +Remove the image `name` from the filesystem + + **Example request**: + + DELETE /images/test HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-type: application/json + + [ + {"Untagged":"3e2f21a89f"}, + {"Deleted":"3e2f21a89f"}, + {"Deleted":"53b4f83ac9"} + ] + + Query Parameters: + +   + + - **force** – 1/True/true or 0/False/false, default false + - **noprune** – 1/True/true or 0/False/false, default false + + Status Codes: + + - **200** – no error + - **404** – no such image + - **409** – conflict + - **500** – server error + +### Search images + +`GET /images/search` + +Search for an image on [Docker Hub](https://hub.docker.com). + +> **Note**: +> The response keys have changed from API v1.6 to reflect the JSON +> sent by the registry server to the docker daemon's request. + + **Example request**: + + GET /images/search?term=sshd HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + [ + { + "description": "", + "is_official": false, + "is_automated": false, + "name": "wma55/u1210sshd", + "star_count": 0 + }, + { + "description": "", + "is_official": false, + "is_automated": false, + "name": "jdswinbank/sshd", + "star_count": 0 + }, + { + "description": "", + "is_official": false, + "is_automated": false, + "name": "vgauthier/sshd", + "star_count": 0 + } + ... + ] + + Query Parameters: + +   + + - **term** – term to search + + Status Codes: + + - **200** – no error + - **500** – server error + +## 2.3 Misc + +### Build an image from Dockerfile via stdin + +`POST /build` + +Build an image from Dockerfile via stdin + + **Example request**: + + POST /build HTTP/1.1 + + {{ STREAM }} + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + {"stream":"Step 1..."} + {"stream":"..."} + {"error":"Error...", "errorDetail":{"code": 123, "message": "Error..."}} + + The stream must be a tar archive compressed with one of the + following algorithms: identity (no compression), gzip, bzip2, xz. + + The archive must include a file called `Dockerfile` + at its root. It may include any number of other files, + which will be accessible in the build context (See the [*ADD build + command*](/reference/builder/#dockerbuilder)). + + Query Parameters: + +   + + - **t** – repository name (and optionally a tag) to be applied to + the resulting image in case of success + - **q** – suppress verbose build output + - **nocache** – do not use the cache when building the image + - **rm** - remove intermediate containers after a successful build (default behavior) + - **forcerm - always remove intermediate containers (includes rm) + + Request Headers: + +   + + - **Content-type** – should be set to + `"application/tar"`. + - **X-Registry-Config** – base64-encoded ConfigFile object + + Status Codes: + + - **200** – no error + - **500** – server error + +### Check auth configuration + +`POST /auth` + +Get the default username and email + + **Example request**: + + POST /auth HTTP/1.1 + Content-Type: application/json + + { + "username":"hannibal", + "password:"xxxx", + "email":"hannibal@a-team.com", + "serveraddress":"https://index.docker.io/v1/" + } + + **Example response**: + + HTTP/1.1 200 OK + + Status Codes: + + - **200** – no error + - **204** – no error + - **500** – server error + +### Display system-wide information + +`GET /info` + +Display system-wide information + + **Example request**: + + GET /info HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + { + "Containers":11, + "Images":16, + "Driver":"btrfs", + "ExecutionDriver":"native-0.1", + "KernelVersion":"3.12.0-1-amd64" + "Debug":false, + "NFd": 11, + "NGoroutines":21, + "NEventsListener":0, + "InitPath":"/usr/bin/docker", + "IndexServerAddress":["https://index.docker.io/v1/"], + "MemoryLimit":true, + "SwapLimit":false, + "IPv4Forwarding":true + } + + Status Codes: + + - **200** – no error + - **500** – server error + +### Show the docker version information + +`GET /version` + +Show the docker version information + + **Example request**: + + GET /version HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + { + "ApiVersion":"1.12", + "Version":"0.2.2", + "GitCommit":"5a2a5cc+CHANGES", + "GoVersion":"go1.0.3" + } + + Status Codes: + + - **200** – no error + - **500** – server error + +### Ping the docker server + +`GET /_ping` + +Ping the docker server + + **Example request**: + + GET /_ping HTTP/1.1 + + **Example response**: + + HTTP/1.1 200 OK + + OK + + Status Codes: + + - **200** - no error + - **500** - server error + +### Create a new image from a container's changes + +`POST /commit` + +Create a new image from a container's changes + + **Example request**: + + POST /commit?container=44c004db4b17&m=message&repo=myrepo HTTP/1.1 + Content-Type: application/json + + { + "Hostname":"", + "User":"", + "Memory":0, + "MemorySwap":0, + "AttachStdin":false, + "AttachStdout":true, + "AttachStderr":true, + "PortSpecs":null, + "Tty":false, + "OpenStdin":false, + "StdinOnce":false, + "Env":null, + "Cmd":[ + "date" + ], + "Volumes":{ + "/tmp": {} + }, + "WorkingDir":"", + "DisableNetwork": false, + "ExposedPorts":{ + "22/tcp": {} + } + } + + **Example response**: + + HTTP/1.1 201 OK + Content-Type: application/vnd.docker.raw-stream + + {"Id":"596069db4bf5"} + + Json Parameters: + + + + - **config** - the container's configuration + + Query Parameters: + +   + + - **container** – source container + - **repo** – repository + - **tag** – tag + - **m** – commit message + - **author** – author (e.g., "John Hannibal Smith + <[hannibal@a-team.com](mailto:hannibal%40a-team.com)>") + + Status Codes: + + - **201** – no error + - **404** – no such container + - **500** – server error + +### Monitor Docker's events + +`GET /events` + +Get events from docker, either in real time via streaming, or +via polling (using since) + + **Example request**: + + GET /events?since=1374067924 + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/json + + {"status":"create","id":"dfdf82bd3881","from":"base:latest","time":1374067924} + {"status":"start","id":"dfdf82bd3881","from":"base:latest","time":1374067924} + {"status":"stop","id":"dfdf82bd3881","from":"base:latest","time":1374067966} + {"status":"destroy","id":"dfdf82bd3881","from":"base:latest","time":1374067970} + + Query Parameters: + +   + + - **since** – timestamp used for polling + - **until** – timestamp used for polling + + Status Codes: + + - **200** – no error + - **500** – server error + +### Get a tarball containing all images and tags in a repository + +`GET /images/(name)/get` + +Get a tarball containing all images and metadata for the repository +specified by `name`. + + **Example request** + + GET /images/ubuntu/get + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/x-tar + + Binary data stream + + Status Codes: + + - **200** – no error + - **500** – server error + +### Load a tarball with a set of images and tags into docker + +`POST /images/load` + +Load a set of images and tags into the docker repository. + + **Example request** + + POST /images/load + + Tarball in body + + **Example response**: + + HTTP/1.1 200 OK + + Status Codes: + + - **200** – no error + - **500** – server error + +# 3. Going further + +## 3.1 Inside `docker run` + +Here are the steps of `docker run`: + +- Create the container + +- If the status code is 404, it means the image doesn't exists: + - Try to pull it + - Then retry to create the container + +- Start the container + +- If you are not in detached mode: + - Attach to the container, using logs=1 (to have stdout and + stderr from the container's start) and stream=1 + +- If in detached mode or only stdin is attached: + - Display the container's id + +## 3.2 Hijacking + +In this version of the API, /attach, uses hijacking to transport stdin, +stdout and stderr on the same socket. This might change in the future. + +## 3.3 CORS Requests + +To enable cross origin requests to the remote api add the flag +"–api-enable-cors" when running docker in daemon mode. + + $ docker -d -H="192.168.1.9:2375" --api-enable-cors From fef7b9ee0d7848fc02d81ac0a04bde6b775ca15a Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Tue, 26 Aug 2014 20:32:10 +0400 Subject: [PATCH 036/540] Fix panic for DOCKER_HOST without :// Signed-off-by: Alexandr Morozov Upstream-commit: 660cc4a2675d34695406b2506344a2a18f2a59e9 Component: engine --- components/engine/docker/docker.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/components/engine/docker/docker.go b/components/engine/docker/docker.go index f2b4ca90b1..e906b2043e 100644 --- a/components/engine/docker/docker.go +++ b/components/engine/docker/docker.go @@ -44,7 +44,8 @@ func main() { // If we do not have a host, default to unix socket defaultHost = fmt.Sprintf("unix://%s", api.DEFAULTUNIXSOCKET) } - if _, err := api.ValidateHost(defaultHost); err != nil { + defaultHost, err := api.ValidateHost(defaultHost) + if err != nil { log.Fatal(err) } flHosts = append(flHosts, defaultHost) From 62eb5165d17a6747b607761398551bf4f8d4bba2 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Tue, 26 Aug 2014 19:53:43 +0400 Subject: [PATCH 037/540] Fix race condition between cleanup and Start There was problem when Start might be before cleanup Fixes #6904 Signed-off-by: Alexandr Morozov Upstream-commit: 12ff89a3901cd2debf13e7ccc3a1a780380e4dd9 Component: engine --- components/engine/daemon/monitor.go | 25 +++++++------------------ 1 file changed, 7 insertions(+), 18 deletions(-) diff --git a/components/engine/daemon/monitor.go b/components/engine/daemon/monitor.go index 1a929656fa..7ce6a6e7af 100644 --- a/components/engine/daemon/monitor.go +++ b/components/engine/daemon/monitor.go @@ -101,15 +101,16 @@ func (m *containerMonitor) Start() error { var ( err error exitStatus int + // this variable indicates where we in execution flow: + // before Run or after + afterRun bool ) - // this variable indicates that we under container.Lock - underLock := true - // ensure that when the monitor finally exits we release the networking and unmount the rootfs defer func() { - if !underLock { + if afterRun { m.container.Lock() + m.container.State.SetStopped(exitStatus) defer m.container.Unlock() } m.Close() @@ -146,15 +147,13 @@ func (m *containerMonitor) Start() error { } // here container.Lock is already lost - underLock = false + afterRun = true m.resetMonitor(err == nil && exitStatus == 0) if m.shouldRestart(exitStatus) { m.container.State.SetRestarting(exitStatus) - m.container.LogEvent("die") - m.resetContainer() // sleep with a small time increment between each restart to help avoid issues cased by quickly @@ -164,24 +163,14 @@ func (m *containerMonitor) Start() error { // we need to check this before reentering the loop because the waitForNextRestart could have // been terminated by a request from a user if m.shouldStop { - m.container.State.SetStopped(exitStatus) - return err } - continue } - - m.container.State.SetStopped(exitStatus) - m.container.LogEvent("die") - m.resetContainer() - - break + return err } - - return err } // resetMonitor resets the stateful fields on the containerMonitor based on the From 24190e7f5361c7cb4045ab62f27c20beb9e48f3f Mon Sep 17 00:00:00 2001 From: Hollie Teal Date: Tue, 26 Aug 2014 14:01:10 -0700 Subject: [PATCH 038/540] Final changes. Signed-off-by: Hollie Teal Upstream-commit: 161cc21f245cf05c6c2c168a6f5981989026e2cb Component: engine --- .../docs/sources/articles/b2d_volume_resize.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/components/engine/docs/sources/articles/b2d_volume_resize.md b/components/engine/docs/sources/articles/b2d_volume_resize.md index 8ed4cdafa7..5ee0d21f49 100644 --- a/components/engine/docs/sources/articles/b2d_volume_resize.md +++ b/components/engine/docs/sources/articles/b2d_volume_resize.md @@ -6,13 +6,13 @@ page_keywords: boot2docker, volume, virtualbox If you're using Boot2Docker with a large number of images, or the images you're working with are very large, your pulls might start failing with "no space left on device" errors when -the Boot2Docker VM's volume runs out of space. The solution is to increase the volume size by +the Boot2Docker VM's volume fills up. The solution is to increase the volume size by first cloning it, then resizing it using a disk partitioning tool. We'll use [GParted](http://gparted.sourceforge.net/download.php/index.php) since it's a free ISO and works well with VirtualBox. -## 1. Stop Boot2Docker’s VM +## 1. Stop Boot2Docker Issue the command to stop the Boot2Docker VM on the command line: @@ -27,7 +27,7 @@ Using the command line VirtualBox tools, clone the VMDK image to a VDI image: $ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi -—format VDI -—variant Standard -## 3. Resize the VDI volume you created +## 3. Resize the VDI volume Choose a size that will be appropriate for your needs. If you’re spinning up a lot of containers, or your containers are particularly large, larger will be better: @@ -67,15 +67,15 @@ the top of the **Boot Order** list. ## 7. Boot to the disk partitioning ISO -Manually start the Boot2Docker VM, and the disk partitioning ISO should start up. +Manually start the Boot2Docker VM in VirtualBox, and the disk partitioning ISO should start up. Using GParted, choose the **GParted Live (default settings)** option. Choose the default keyboard, language, and XWindows settings, and the GParted tool will start -up and display the new VDI volume you created. Right click on the VDI and choose +up and display the VDI volume you created. Right click on the VDI and choose **Resize/Move**. -Drag the slider representing the volume to its maximum size, click **Resize/Move**, +Drag the slider representing the volume to the maximum available size, click **Resize/Move**, and then **Apply**. @@ -85,9 +85,11 @@ the Boot2Docker VM in VirtualBox. ## 8. Start the Boot2Docker VM -Fire up the Boot2Docker VM manually in VirtualBox. The VM should log in automatically, but the credentials are ``docker/tcuser`` if it doesn't. Using the ``df -h`` command, verify that your changes took effect. +Fire up the Boot2Docker VM manually in VirtualBox. The VM should log in automatically, but +the credentials are ``docker/tcuser`` if it doesn't. Using the ``df -h`` command, verify +that your changes took effect. - + You’re done! From d13bbe9188905a11e1867f6271cc6d411cd2f687 Mon Sep 17 00:00:00 2001 From: Dawn Chen Date: Tue, 26 Aug 2014 16:59:21 -0700 Subject: [PATCH 039/540] Bump containervm version to the latest one: 20140826 Upstream-commit: 9cd77818bbf07ac5278f30f302d82af01243a5c9 Component: engine --- components/engine/docs/sources/installation/google.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/docs/sources/installation/google.md b/components/engine/docs/sources/installation/google.md index 23a9bfbfb8..37a9b32fae 100644 --- a/components/engine/docs/sources/installation/google.md +++ b/components/engine/docs/sources/installation/google.md @@ -20,7 +20,7 @@ page_keywords: Docker, Docker documentation, installation, google, Google Comput (select a zone close to you and the desired instance size) $ gcloud compute instances create docker-playground \ - --image container-vm-v20140730 \ + --image container-vm-v20140826 \ --image-project google-containers \ --zone us-central1-a \ --machine-type f1-micro From 054561d764b3b1369f66113038e950553109fc44 Mon Sep 17 00:00:00 2001 From: Brian Goff Date: Thu, 21 Aug 2014 17:57:46 -0400 Subject: [PATCH 040/540] Cleanup: applyVolumesFrom Docker-DCO-1.1-Signed-off-by: Brian Goff (github: cpuguy83) Upstream-commit: 7495fbc0e3f23c932562cb02ea6e7df204d29dfa Component: engine --- components/engine/daemon/container.go | 44 +++++ components/engine/daemon/volumes.go | 159 +++++++----------- .../integration-cli/docker_cli_run_test.go | 19 ++- 3 files changed, 123 insertions(+), 99 deletions(-) diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index df6bd66190..9ecb6556b9 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -1145,3 +1145,47 @@ func (container *Container) getNetworkedContainer() (*Container, error) { return nil, fmt.Errorf("network mode not set to container") } } + +func (container *Container) GetVolumes() (map[string]*Volume, error) { + // Get all the bind-mounts + volumes, err := container.getBindMap() + if err != nil { + return nil, err + } + + // Get all the normal volumes + for volPath, hostPath := range container.Volumes { + if _, exists := volumes[volPath]; exists { + continue + } + volumes[volPath] = &Volume{VolPath: volPath, HostPath: hostPath, isReadWrite: container.VolumesRW[volPath]} + } + + return volumes, nil +} + +func (container *Container) getBindMap() (map[string]*Volume, error) { + var ( + // Create the requested bind mounts + volumes = map[string]*Volume{} + // Define illegal container destinations + illegalDsts = []string{"/", "."} + ) + + for _, bind := range container.hostConfig.Binds { + vol, err := parseBindVolumeSpec(bind) + if err != nil { + return nil, err + } + vol.isBindMount = true + // Bail if trying to mount to an illegal destination + for _, illegal := range illegalDsts { + if vol.VolPath == illegal { + return nil, fmt.Errorf("Illegal bind destination: %s", vol.VolPath) + } + } + + volumes[filepath.Clean(vol.VolPath)] = &vol + } + return volumes, nil +} diff --git a/components/engine/daemon/volumes.go b/components/engine/daemon/volumes.go index b60118c953..85836f1be6 100644 --- a/components/engine/daemon/volumes.go +++ b/components/engine/daemon/volumes.go @@ -16,14 +16,10 @@ import ( type Volume struct { HostPath string VolPath string - Mode string + isReadWrite bool isBindMount bool } -func (v *Volume) isRw() bool { - return v.Mode == "" || strings.ToLower(v.Mode) == "rw" -} - func (v *Volume) isDir() (bool, error) { stat, err := os.Stat(v.HostPath) if err != nil { @@ -42,10 +38,7 @@ func prepareVolumesForContainer(container *Container) error { } } - if err := createVolumes(container); err != nil { - return err - } - return nil + return createVolumes(container) } func setupMountsForContainer(container *Container) error { @@ -74,87 +67,82 @@ func setupMountsForContainer(container *Container) error { return nil } +func parseVolumesFromSpec(container *Container, spec string) (map[string]*Volume, error) { + specParts := strings.SplitN(spec, ":", 2) + if len(specParts) == 0 { + return nil, fmt.Errorf("Malformed volumes-from specification: %s", spec) + } + + c := container.daemon.Get(specParts[0]) + if c == nil { + return nil, fmt.Errorf("Container %s not found. Impossible to mount its volumes", specParts[0]) + } + + volumes, err := c.GetVolumes() + if err != nil { + return nil, err + } + + if len(specParts) == 2 { + mode := specParts[1] + if validVolumeMode(mode) { + return nil, fmt.Errorf("Invalid mode for volumes-from: %s", mode) + } + + // Set the mode for the inheritted volume + for _, v := range volumes { + v.isReadWrite = mode != "ro" + } + } + + return volumes, nil +} + func applyVolumesFrom(container *Container) error { volumesFrom := container.hostConfig.VolumesFrom - if len(volumesFrom) > 0 { - for _, containerSpec := range volumesFrom { - var ( - mountRW = true - specParts = strings.SplitN(containerSpec, ":", 2) - ) - switch len(specParts) { - case 0: - return fmt.Errorf("Malformed volumes-from specification: %s", containerSpec) - case 2: - switch specParts[1] { - case "ro": - mountRW = false - case "rw": // mountRW is already true - default: - return fmt.Errorf("Malformed volumes-from specification: %s", containerSpec) - } + for _, spec := range volumesFrom { + volumes, err := parseVolumesFromSpec(container, spec) + if err != nil { + return err + } + + for _, v := range volumes { + if err = v.initialize(container); err != nil { + return err } - - c := container.daemon.Get(specParts[0]) - if c == nil { - return fmt.Errorf("Container %s not found. Impossible to mount its volumes", specParts[0]) - } - - if err := c.Mount(); err != nil { - return fmt.Errorf("Container %s failed to mount. Impossible to mount its volumes", specParts[0]) - } - defer c.Unmount() - - for volPath, id := range c.Volumes { - if _, exists := container.Volumes[volPath]; exists { - continue - } - - pth, err := c.getResourcePath(volPath) - if err != nil { - return err - } - - stat, err := os.Stat(pth) - if err != nil { - return err - } - - if err := createIfNotExists(pth, stat.IsDir()); err != nil { - return err - } - - container.Volumes[volPath] = id - if isRW, exists := c.VolumesRW[volPath]; exists { - container.VolumesRW[volPath] = isRW && mountRW - } - } - } } return nil } +func validVolumeMode(mode string) bool { + validModes := map[string]bool{ + "rw": true, + "ro": true, + } + + return validModes[mode] +} + func parseBindVolumeSpec(spec string) (Volume, error) { var ( arr = strings.Split(spec, ":") vol Volume ) - vol.isBindMount = true switch len(arr) { case 1: vol.VolPath = spec - vol.Mode = "rw" + vol.isReadWrite = true case 2: vol.HostPath = arr[0] vol.VolPath = arr[1] - vol.Mode = "rw" + vol.isReadWrite = true case 3: vol.HostPath = arr[0] vol.VolPath = arr[1] - vol.Mode = arr[2] + vol.isReadWrite = validVolumeMode(arr[2]) && arr[2] == "rw" default: return vol, fmt.Errorf("Invalid volume specification: %s", spec) } @@ -166,34 +154,9 @@ func parseBindVolumeSpec(spec string) (Volume, error) { return vol, nil } -func getBindMap(container *Container) (map[string]Volume, error) { - var ( - // Create the requested bind mounts - volumes = map[string]Volume{} - // Define illegal container destinations - illegalDsts = []string{"/", "."} - ) - - for _, bind := range container.hostConfig.Binds { - vol, err := parseBindVolumeSpec(bind) - if err != nil { - return volumes, err - } - // Bail if trying to mount to an illegal destination - for _, illegal := range illegalDsts { - if vol.VolPath == illegal { - return nil, fmt.Errorf("Illegal bind destination: %s", vol.VolPath) - } - } - - volumes[filepath.Clean(vol.VolPath)] = vol - } - return volumes, nil -} - func createVolumes(container *Container) error { // Get all the bindmounts - volumes, err := getBindMap(container) + volumes, err := container.GetVolumes() if err != nil { return err } @@ -202,9 +165,9 @@ func createVolumes(container *Container) error { for volPath := range container.Config.Volumes { // Make sure the the volume isn't already specified as a bindmount if _, exists := volumes[volPath]; !exists { - volumes[volPath] = Volume{ + volumes[volPath] = &Volume{ VolPath: volPath, - Mode: "rw", + isReadWrite: true, isBindMount: false, } } @@ -215,8 +178,8 @@ func createVolumes(container *Container) error { return err } } - return nil + return nil } func createVolumeHostPath(container *Container) (string, error) { @@ -247,7 +210,7 @@ func (v *Volume) initialize(container *Container) error { } // If it's not a bindmount we need to create the dir on the host - if !v.isBindMount { + if !v.isBindMount && v.HostPath == "" { v.HostPath, err = createVolumeHostPath(container) if err != nil { return err @@ -269,7 +232,7 @@ func (v *Volume) initialize(container *Container) error { } container.Volumes[v.VolPath] = hostPath - container.VolumesRW[v.VolPath] = v.isRw() + container.VolumesRW[v.VolPath] = v.isReadWrite volIsDir, err := v.isDir() if err != nil { @@ -280,7 +243,7 @@ func (v *Volume) initialize(container *Container) error { } // Do not copy or change permissions if we are mounting from the host - if v.isRw() && !v.isBindMount { + if v.isReadWrite && !v.isBindMount { return copyExistingContents(fullVolPath, hostPath) } return nil diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index b95fd86d2b..22d47b1b99 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -374,6 +374,23 @@ func TestVolumesFromInReadWriteMode(t *testing.T) { logDone("run - volumes from as read write mount") } +func TestVolumesFromInheritsReadOnly(t *testing.T) { + cmd := exec.Command(dockerBinary, "run", "--name", "parent", "-v", "/test:/test:ro", "busybox", "true") + if _, err := runCommand(cmd); err != nil { + t.Fatal(err) + } + + // Expect this "rw" mode to be be ignored since the inheritted volume is "ro" + cmd = exec.Command(dockerBinary, "run", "--volumes-from", "parent:rw", "busybox", "touch", "/test/file") + if _, err := runCommand(cmd); err == nil { + t.Fatal("Expected to inherit read-only volume even when passing in `rw`") + } + + deleteAllContainers() + + logDone("run - volumes from ignores `rw` if inherrited volume is `ro`") +} + // Test for #1351 func TestApplyVolumesFromBeforeVolumes(t *testing.T) { cmd := exec.Command(dockerBinary, "run", "--name", "parent", "-v", "/test", "busybox", "touch", "/test/foo") @@ -1181,7 +1198,7 @@ func TestDockerRunWithVolumesIsRecursive(t *testing.T) { deleteAllContainers() - logDone("run - volumes are bind mounted recuursively") + logDone("run - volumes are bind mounted recursively") } func TestDnsDefaultOptions(t *testing.T) { From 04c32fc20ede503c707bb51eb32f9e05afce92bc Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Wed, 27 Aug 2014 20:24:27 +0400 Subject: [PATCH 041/540] Skip "no chain" error on deleting chain in Unmap Fixes #6904 Signed-off-by: Alexandr Morozov Upstream-commit: bd049b3800b967bba06d03fd23ab135c51467ae3 Component: engine --- .../daemon/networkdriver/portmapper/mapper.go | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/components/engine/daemon/networkdriver/portmapper/mapper.go b/components/engine/daemon/networkdriver/portmapper/mapper.go index a81596d458..b9dc531b38 100644 --- a/components/engine/daemon/networkdriver/portmapper/mapper.go +++ b/components/engine/daemon/networkdriver/portmapper/mapper.go @@ -4,6 +4,7 @@ import ( "errors" "fmt" "net" + "strings" "sync" "github.com/docker/docker/daemon/networkdriver/portallocator" @@ -126,18 +127,17 @@ func Unmap(host net.Addr) error { containerIP, containerPort := getIPAndPort(data.container) hostIP, hostPort := getIPAndPort(data.host) if err := forward(iptables.Delete, data.proto, hostIP, hostPort, containerIP.String(), containerPort); err != nil { - return err + // skip "no chain" errors because we can safely release port in this case + if !strings.Contains(err.Error(), "No chain/target/match by that name") { + return err + } } switch a := host.(type) { case *net.TCPAddr: - if err := portallocator.ReleasePort(a.IP, "tcp", a.Port); err != nil { - return err - } + return portallocator.ReleasePort(a.IP, "tcp", a.Port) case *net.UDPAddr: - if err := portallocator.ReleasePort(a.IP, "udp", a.Port); err != nil { - return err - } + return portallocator.ReleasePort(a.IP, "udp", a.Port) } return nil From 94a36f4c63aa79d8a0ffdbddda946a7385a50a66 Mon Sep 17 00:00:00 2001 From: Eric Windisch Date: Sun, 17 Aug 2014 20:50:15 -0400 Subject: [PATCH 042/540] Restrict repository names from matching hexadecimal strings To avoid conflicting with layer IDs, repository names must not be tagged with names that collide with hexadecimal strings. Signed-off-by: Eric Windisch Upstream-commit: 0bd1c05e5c36799e0740a155092be0c9c417f175 Component: engine --- components/engine/registry/registry.go | 5 +++++ components/engine/registry/registry_test.go | 8 ++++++++ 2 files changed, 13 insertions(+) diff --git a/components/engine/registry/registry.go b/components/engine/registry/registry.go index 9c76aca9f7..4233d1f882 100644 --- a/components/engine/registry/registry.go +++ b/components/engine/registry/registry.go @@ -23,6 +23,7 @@ var ( ErrAlreadyExists = errors.New("Image already exists") ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")") errLoginRequired = errors.New("Authentication is required.") + validHex = regexp.MustCompile(`^([a-f0-9]{64})$`) ) type TimeoutType uint32 @@ -218,6 +219,10 @@ func validateRepositoryName(repositoryName string) error { if len(nameParts) < 2 { namespace = "library" name = nameParts[0] + + if validHex.MatchString(name) { + return fmt.Errorf("Invalid repository name (%s), cannot specify 64-byte hexadecimal strings", name) + } } else { namespace = nameParts[0] name = nameParts[1] diff --git a/components/engine/registry/registry_test.go b/components/engine/registry/registry_test.go index 303879e8de..9f4f123022 100644 --- a/components/engine/registry/registry_test.go +++ b/components/engine/registry/registry_test.go @@ -224,6 +224,10 @@ func TestValidRepositoryName(t *testing.T) { if err := validateRepositoryName("docker/docker"); err != nil { t.Fatal(err) } + // Support 64-byte non-hexadecimal names (hexadecimal names are forbidden) + if err := validateRepositoryName("thisisthesongthatneverendsitgoesonandonandonthisisthesongthatnev"); err != nil { + t.Fatal(err) + } if err := validateRepositoryName("docker/Docker"); err == nil { t.Log("Repository name should be invalid") t.Fail() @@ -232,6 +236,10 @@ func TestValidRepositoryName(t *testing.T) { t.Log("Repository name should be invalid") t.Fail() } + if err := validateRepositoryName("1a3f5e7d9c1b3a5f7e9d1c3b5a7f9e1d3c5b7a9f1e3d5d7c9b1a3f5e7d9c1b3a"); err == nil { + t.Log("Repository name should be invalid, 64-byte hexadecimal names forbidden") + t.Fail() + } } func TestTrustedLocation(t *testing.T) { From d3b31ca9dcb76f736ca770eff142d2202ac31a54 Mon Sep 17 00:00:00 2001 From: James Turnbull Date: Wed, 27 Aug 2014 11:16:51 -0700 Subject: [PATCH 043/540] Added Syntax highlighting file for the KDE Kate Editor Docker-DCO-1.1-Signed-off-by: James Turnbull (github: jamtur01) Upstream-commit: 7458a82e0bbf4353729cfac3e1d7159b9d466161 Component: engine --- .../engine/contrib/syntax/kate/Dockerfile.xml | 68 +++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 components/engine/contrib/syntax/kate/Dockerfile.xml diff --git a/components/engine/contrib/syntax/kate/Dockerfile.xml b/components/engine/contrib/syntax/kate/Dockerfile.xml new file mode 100644 index 0000000000..e5602397ba --- /dev/null +++ b/components/engine/contrib/syntax/kate/Dockerfile.xml @@ -0,0 +1,68 @@ + + + + + + + FROM + MAINTAINER + ENV + RUN + ONBUILD + COPY + ADD + VOLUME + EXPOSE + ENTRYPOINT + CMD + WORKDIR + USER + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + From 8ae7b79e2377e54bda74963a25059ee2dd6f81d6 Mon Sep 17 00:00:00 2001 From: Robert Bittle Date: Mon, 18 Aug 2014 11:06:07 -0400 Subject: [PATCH 044/540] Truncate the names list on ps Signed-off-by: Robert Bittle Upstream-commit: d2ffcd986f5e371fe39dc8d6b8c7390cfc4f305d Component: engine --- components/engine/api/client/commands.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/components/engine/api/client/commands.go b/components/engine/api/client/commands.go index 81b0668cda..ce2dbd8b09 100644 --- a/components/engine/api/client/commands.go +++ b/components/engine/api/client/commands.go @@ -1565,15 +1565,17 @@ func (cli *DockerCli) CmdPs(args ...string) error { if !*quiet { var ( - outCommand = out.Get("Command") - ports = engine.NewTable("", 0) + outCommand = out.Get("Command") + ports = engine.NewTable("", 0) + outNamesList = strings.Join(outNames, ",") ) outCommand = strconv.Quote(outCommand) if !*noTrunc { outCommand = utils.Trunc(outCommand, 20) + outNamesList = outNames[0] } ports.ReadListFrom([]byte(out.Get("Ports"))) - fmt.Fprintf(w, "%s\t%s\t%s\t%s ago\t%s\t%s\t%s\t", outID, out.Get("Image"), outCommand, units.HumanDuration(time.Now().UTC().Sub(time.Unix(out.GetInt64("Created"), 0))), out.Get("Status"), api.DisplayablePorts(ports), strings.Join(outNames, ",")) + fmt.Fprintf(w, "%s\t%s\t%s\t%s ago\t%s\t%s\t%s\t", outID, out.Get("Image"), outCommand, units.HumanDuration(time.Now().UTC().Sub(time.Unix(out.GetInt64("Created"), 0))), out.Get("Status"), api.DisplayablePorts(ports), outNamesList) if *size { if out.GetInt("SizeRootFs") > 0 { fmt.Fprintf(w, "%s (virtual %s)\n", units.HumanSize(out.GetInt64("SizeRw")), units.HumanSize(out.GetInt64("SizeRootFs"))) From 9ed3d21c9e2efbb8e2eebeb88ea93f8649c82ca9 Mon Sep 17 00:00:00 2001 From: Hollie Teal Date: Wed, 27 Aug 2014 11:49:26 -0700 Subject: [PATCH 045/540] Added Fred's suggestions. Signed-off-by: Hollie Teal Upstream-commit: 77ca0ae9decbdcb8958c20f16d35ec34372b6efe Component: engine --- .../docs/sources/articles/b2d_volume_resize.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/components/engine/docs/sources/articles/b2d_volume_resize.md b/components/engine/docs/sources/articles/b2d_volume_resize.md index 5ee0d21f49..81d66a6408 100644 --- a/components/engine/docs/sources/articles/b2d_volume_resize.md +++ b/components/engine/docs/sources/articles/b2d_volume_resize.md @@ -9,14 +9,14 @@ with are very large, your pulls might start failing with "no space left on devic the Boot2Docker VM's volume fills up. The solution is to increase the volume size by first cloning it, then resizing it using a disk partitioning tool. -We'll use [GParted](http://gparted.sourceforge.net/download.php/index.php) -since it's a free ISO and works well with VirtualBox. +We recommend [GParted](http://gparted.sourceforge.net/download.php/index.php)-- the ISO +is a free download and works well with VirtualBox. ## 1. Stop Boot2Docker Issue the command to stop the Boot2Docker VM on the command line: - $ boot2docker stop + `$ boot2docker stop` ## 2. Clone the VMDK image to a VDI image @@ -25,21 +25,21 @@ instead create a VDI volume and clone the VMDK volume to it. Using the command line VirtualBox tools, clone the VMDK image to a VDI image: - $ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi -—format VDI -—variant Standard + `$ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi -—format VDI -—variant Standard` ## 3. Resize the VDI volume Choose a size that will be appropriate for your needs. If you’re spinning up a lot of containers, or your containers are particularly large, larger will be better: - $ vboxmanage modifyhd /full/path/to/.vdi —-resize + `$ vboxmanage modifyhd /full/path/to/.vdi —-resize ` ## 4. Download a disk partitioning tool ISO -To resize the volume, you'll need a disk partitioning tool like [GParted](http://gparted.sourceforge.net/download.php/). +To resize the volume, we'll use [GParted](http://gparted.sourceforge.net/download.php/). Once you've downloaded the tool, add the ISO to the Boot2Docker VM’s IDE bus. You might need to create the bus before you can add the ISO. **Note:** It's -important that the partitioning tool you choose is available as an ISO so that +important that you choose a partitioning tool that is available as an ISO so that the Boot2Docker VM can be booted with it. @@ -86,7 +86,7 @@ the Boot2Docker VM in VirtualBox. ## 8. Start the Boot2Docker VM Fire up the Boot2Docker VM manually in VirtualBox. The VM should log in automatically, but -the credentials are ``docker/tcuser`` if it doesn't. Using the ``df -h`` command, verify +if is doesn't, the credentials are `docker/tcuser`. Using the `df -h` command, verify that your changes took effect. From 676eea0fcd7a7c5335ccf65793796318c62df502 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Wed, 27 Aug 2014 18:59:13 +0000 Subject: [PATCH 046/540] Revert "--help option and help command should print to stdout not stderr" This reverts commit 61b129d81802e3c988cc0e67e488b24968dd748a. Signed-off-by: Victor Vieux Upstream-commit: 2e489073d94a7e2a5df115704a484c34f0b59f29 Component: engine --- components/engine/api/client/cli.go | 9 +- components/engine/api/client/commands.go | 229 ++++-------------- components/engine/docker/flags.go | 1 - components/engine/docs/man/docker-attach.1.md | 4 - components/engine/docs/man/docker-build.1.md | 4 - components/engine/docs/man/docker-commit.1.md | 4 - components/engine/docs/man/docker-cp.1.md | 4 +- components/engine/docs/man/docker-diff.1.md | 4 +- components/engine/docs/man/docker-events.1.md | 4 - components/engine/docs/man/docker-export.1.md | 4 +- .../engine/docs/man/docker-history.1.md | 4 - components/engine/docs/man/docker-images.1.md | 4 - components/engine/docs/man/docker-import.1.md | 4 +- components/engine/docs/man/docker-info.1.md | 4 +- .../engine/docs/man/docker-inspect.1.md | 4 - components/engine/docs/man/docker-kill.1.md | 4 - components/engine/docs/man/docker-load.1.md | 4 - components/engine/docs/man/docker-login.1.md | 4 - components/engine/docs/man/docker-logs.1.md | 4 - components/engine/docs/man/docker-port.1.md | 1 - components/engine/docs/man/docker-ps.1.md | 4 - components/engine/docs/man/docker-pull.1.md | 6 +- components/engine/docs/man/docker-push.1.md | 4 +- .../engine/docs/man/docker-restart.1.md | 4 - components/engine/docs/man/docker-rm.1.md | 3 - components/engine/docs/man/docker-rmi.1.md | 4 - components/engine/docs/man/docker-run.1.md | 4 - components/engine/docs/man/docker-save.1.md | 4 - components/engine/docs/man/docker-search.1.md | 4 - components/engine/docs/man/docker-start.1.md | 4 - components/engine/docs/man/docker-stop.1.md | 4 - components/engine/docs/man/docker-tag.1.md | 1 - components/engine/docs/man/docker-top.1.md | 4 +- components/engine/docs/man/docker-wait.1.md | 4 +- components/engine/docs/man/docker.1.md | 3 - .../docs/sources/reference/commandline/cli.md | 13 - components/engine/pkg/mflag/flag.go | 17 +- components/engine/runconfig/parse.go | 12 +- 38 files changed, 68 insertions(+), 335 deletions(-) diff --git a/components/engine/api/client/cli.go b/components/engine/api/client/cli.go index aeeededeb1..d80f9cc32c 100644 --- a/components/engine/api/client/cli.go +++ b/components/engine/api/client/cli.go @@ -52,8 +52,8 @@ func (cli *DockerCli) Cmd(args ...string) error { if len(args) > 0 { method, exists := cli.getMethod(args[0]) if !exists { - fmt.Fprintf(cli.err, "docker: '%s' is not a docker command. See 'docker --help'.\n", args[0]) - os.Exit(1) + fmt.Println("Error: Command not found:", args[0]) + return cli.CmdHelp(args[1:]...) } return method(args[1:]...) } @@ -63,10 +63,9 @@ func (cli *DockerCli) Cmd(args ...string) error { func (cli *DockerCli) Subcmd(name, signature, description string) *flag.FlagSet { flags := flag.NewFlagSet(name, flag.ContinueOnError) flags.Usage = func() { - fmt.Fprintf(cli.out, "\nUsage: docker %s %s\n\n%s\n\n", name, signature, description) - flags.SetOutput(cli.out) + fmt.Fprintf(cli.err, "\nUsage: docker %s %s\n\n%s\n\n", name, signature, description) flags.PrintDefaults() - os.Exit(0) + os.Exit(2) } return flags } diff --git a/components/engine/api/client/commands.go b/components/engine/api/client/commands.go index 7eb7e0fe1a..cb60f6980c 100644 --- a/components/engine/api/client/commands.go +++ b/components/engine/api/client/commands.go @@ -48,8 +48,6 @@ func (cli *DockerCli) CmdHelp(args ...string) error { method, exists := cli.getMethod(args[0]) if !exists { fmt.Fprintf(cli.err, "Error: Command not found: %s\n", args[0]) - fmt.Fprintf(cli.err, "docker: '%s' is not a docker command. See 'docker --help'.\n", args[0]) - os.Exit(1) } else { method("--help") return nil @@ -95,7 +93,7 @@ func (cli *DockerCli) CmdHelp(args ...string) error { } { help += fmt.Sprintf(" %-10.10s%s\n", command[0], command[1]) } - fmt.Fprintf(cli.out, "%s\n", help) + fmt.Fprintf(cli.err, "%s\n", help) return nil } @@ -106,18 +104,13 @@ func (cli *DockerCli) CmdBuild(args ...string) error { noCache := cmd.Bool([]string{"#no-cache", "-no-cache"}, false, "Do not use cache when building the image") rm := cmd.Bool([]string{"#rm", "-rm"}, true, "Remove intermediate containers after a successful build") forceRm := cmd.Bool([]string{"-force-rm"}, false, "Always remove intermediate containers, even after unsuccessful builds") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() != 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } var ( context archive.Archive @@ -269,16 +262,10 @@ func (cli *DockerCli) CmdLogin(args ...string) error { cmd.StringVar(&username, []string{"u", "-username"}, "", "Username") cmd.StringVar(&password, []string{"p", "-password"}, "", "Password") cmd.StringVar(&email, []string{"e", "-email"}, "", "Email") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - err := cmd.Parse(args) if err != nil { return nil } - if *help { - cmd.Usage() - return nil - } serverAddress := registry.IndexServerAddress() if len(cmd.Args()) > 0 { serverAddress = cmd.Arg(0) @@ -398,18 +385,13 @@ func (cli *DockerCli) CmdLogout(args ...string) error { // 'docker wait': block until a container stops func (cli *DockerCli) CmdWait(args ...string) error { cmd := cli.Subcmd("wait", "CONTAINER [CONTAINER...]", "Block until a container stops, then print its exit code.") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } var encounteredError error for _, name := range cmd.Args() { status, err := waitForExit(cli, name) @@ -429,8 +411,10 @@ func (cli *DockerCli) CmdVersion(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - if cmd.BadArgs(0) { - os.Exit(1) + + if cmd.NArg() > 0 { + cmd.Usage() + return nil } if dockerversion.VERSION != "" { fmt.Fprintf(cli.out, "Client version: %s\n", dockerversion.VERSION) @@ -473,8 +457,9 @@ func (cli *DockerCli) CmdInfo(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - if cmd.BadArgs(0) { - os.Exit(1) + if cmd.NArg() > 0 { + cmd.Usage() + return nil } body, _, err := readBody(cli.call("GET", "/info", nil, false)) @@ -546,18 +531,13 @@ func (cli *DockerCli) CmdInfo(args ...string) error { func (cli *DockerCli) CmdStop(args ...string) error { cmd := cli.Subcmd("stop", "[OPTIONS] CONTAINER [CONTAINER...]", "Stop a running container by sending SIGTERM and then SIGKILL after a grace period") nSeconds := cmd.Int([]string{"t", "-time"}, 10, "Number of seconds to wait for the container to stop before killing it. Default is 10 seconds.") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } v := url.Values{} v.Set("t", strconv.Itoa(*nSeconds)) @@ -578,18 +558,13 @@ func (cli *DockerCli) CmdStop(args ...string) error { func (cli *DockerCli) CmdRestart(args ...string) error { cmd := cli.Subcmd("restart", "[OPTIONS] CONTAINER [CONTAINER...]", "Restart a running container") nSeconds := cmd.Int([]string{"t", "-time"}, 10, "Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default is 10 seconds.") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } v := url.Values{} v.Set("t", strconv.Itoa(*nSeconds)) @@ -641,19 +616,15 @@ func (cli *DockerCli) CmdStart(args ...string) error { cmd = cli.Subcmd("start", "CONTAINER [CONTAINER...]", "Restart a stopped container") attach = cmd.Bool([]string{"a", "-attach"}, false, "Attach container's STDOUT and STDERR and forward all signals to the process") openStdin = cmd.Bool([]string{"i", "-interactive"}, false, "Attach container's STDIN") - help = cmd.Bool([]string{"#help", "-help"}, false, "Print usage") ) if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } if *attach || *openStdin { if cmd.NArg() > 1 { @@ -733,8 +704,10 @@ func (cli *DockerCli) CmdUnpause(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - if cmd.BadArgs(1) { - os.Exit(1) + + if cmd.NArg() != 1 { + cmd.Usage() + return nil } var encounteredError error @@ -754,8 +727,10 @@ func (cli *DockerCli) CmdPause(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - if cmd.BadArgs(1) { - os.Exit(1) + + if cmd.NArg() != 1 { + cmd.Usage() + return nil } var encounteredError error @@ -773,18 +748,13 @@ func (cli *DockerCli) CmdPause(args ...string) error { func (cli *DockerCli) CmdInspect(args ...string) error { cmd := cli.Subcmd("inspect", "CONTAINER|IMAGE [CONTAINER|IMAGE...]", "Return low-level information on a container or image") tmplStr := cmd.String([]string{"f", "#format", "-format"}, "", "Format the output using the given go template.") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } var tmpl *template.Template if *tmplStr != "" { @@ -857,18 +827,13 @@ func (cli *DockerCli) CmdInspect(args ...string) error { func (cli *DockerCli) CmdTop(args ...string) error { cmd := cli.Subcmd("top", "CONTAINER [ps OPTIONS]", "Display the running processes of a container") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() == 0 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } val := url.Values{} if cmd.NArg() > 1 { val.Set("ps_args", strings.Join(cmd.Args()[1:], " ")) @@ -897,17 +862,13 @@ func (cli *DockerCli) CmdTop(args ...string) error { func (cli *DockerCli) CmdPort(args ...string) error { cmd := cli.Subcmd("port", "CONTAINER PRIVATE_PORT", "Lookup the public-facing port that is NAT-ed to PRIVATE_PORT") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() != 2 { cmd.Usage() return nil } - if cmd.BadArgs(2) { - os.Exit(1) - } var ( port = cmd.Arg(1) @@ -951,18 +912,13 @@ func (cli *DockerCli) CmdRmi(args ...string) error { force = cmd.Bool([]string{"f", "-force"}, false, "Force removal of the image") noprune = cmd.Bool([]string{"-no-prune"}, false, "Do not delete untagged parents") ) - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } v := url.Values{} if *force { @@ -1001,18 +957,14 @@ func (cli *DockerCli) CmdHistory(args ...string) error { cmd := cli.Subcmd("history", "[OPTIONS] IMAGE", "Show the history of an image") quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only show numeric IDs") noTrunc := cmd.Bool([]string{"#notrunc", "-no-trunc"}, false, "Don't truncate output") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() != 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } body, _, err := readBody(cli.call("GET", "/images/"+cmd.Arg(0)+"/history", nil, false)) if err != nil { @@ -1063,18 +1015,14 @@ func (cli *DockerCli) CmdRm(args ...string) error { v := cmd.Bool([]string{"v", "-volumes"}, false, "Remove the volumes associated with the container") link := cmd.Bool([]string{"l", "#link", "-link"}, false, "Remove the specified link and not the underlying container") force := cmd.Bool([]string{"f", "-force"}, false, "Force the removal of a running container (uses SIGKILL)") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } val := url.Values{} if *v { @@ -1105,18 +1053,14 @@ func (cli *DockerCli) CmdRm(args ...string) error { func (cli *DockerCli) CmdKill(args ...string) error { cmd := cli.Subcmd("kill", "[OPTIONS] CONTAINER [CONTAINER...]", "Kill a running container using SIGKILL or a specified signal") signal := cmd.String([]string{"s", "-signal"}, "KILL", "Signal to send to the container") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } var encounteredError error for _, name := range cmd.Args() { @@ -1132,18 +1076,15 @@ func (cli *DockerCli) CmdKill(args ...string) error { func (cli *DockerCli) CmdImport(args ...string) error { cmd := cli.Subcmd("import", "URL|- [REPOSITORY[:TAG]]", "Create an empty filesystem image and import the contents of the tarball (.tar, .tar.gz, .tgz, .bzip, .tar.xz, .txz) into it, then optionally tag it.") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() < 1 { cmd.Usage() return nil } - if cmd.BadArgs(2) { - os.Exit(1) - } + var ( v = url.Values{} src = cmd.Arg(0) @@ -1177,15 +1118,9 @@ func (cli *DockerCli) CmdImport(args ...string) error { func (cli *DockerCli) CmdPush(args ...string) error { cmd := cli.Subcmd("push", "NAME[:TAG]", "Push an image or a repository to the registry") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { - cmd.Usage() - return nil - } name := cmd.Arg(0) if name == "" { @@ -1249,19 +1184,14 @@ func (cli *DockerCli) CmdPush(args ...string) error { func (cli *DockerCli) CmdPull(args ...string) error { cmd := cli.Subcmd("pull", "NAME[:TAG]", "Pull an image or a repository from the registry") tag := cmd.String([]string{"#t", "#-tag"}, "", "Download tagged image in a repository") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + + if cmd.NArg() != 1 { cmd.Usage() return nil } - - if cmd.BadArgs(1) { - os.Exit(1) - } var ( v = url.Values{} remote = cmd.Arg(0) @@ -1322,7 +1252,6 @@ func (cli *DockerCli) CmdImages(args ...string) error { // FIXME: --viz and --tree are deprecated. Remove them in a future version. flViz := cmd.Bool([]string{"#v", "#viz", "#-viz"}, false, "Output graph in graphviz format") flTree := cmd.Bool([]string{"#t", "#tree", "#-tree"}, false, "Output graph in tree format") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") flFilter := opts.NewListOpts(nil) cmd.Var(&flFilter, []string{"f", "-filter"}, "Provide filter values (i.e. 'dangling=true')") @@ -1330,13 +1259,10 @@ func (cli *DockerCli) CmdImages(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() > 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } // Consolidate all filter flags, and sanity check them early. // They'll get process in the daemon/server. @@ -1559,7 +1485,6 @@ func (cli *DockerCli) CmdPs(args ...string) error { since := cmd.String([]string{"#sinceId", "#-since-id", "-since"}, "", "Show only containers created since Id or Name, include non-running ones.") before := cmd.String([]string{"#beforeId", "#-before-id", "-before"}, "", "Show only container created before Id or Name, include non-running ones.") last := cmd.Int([]string{"n"}, -1, "Show n last created containers, include non-running ones.") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") flFilter := opts.NewListOpts(nil) cmd.Var(&flFilter, []string{"f", "-filter"}, "Provide filter values. Valid filters:\nexited= - containers with exit code of ") @@ -1567,10 +1492,6 @@ func (cli *DockerCli) CmdPs(args ...string) error { if err := cmd.Parse(args); err != nil { return nil } - if *help { - cmd.Usage() - return nil - } v := url.Values{} if *last == -1 && *nLatest { *last = 1 @@ -1683,14 +1604,9 @@ func (cli *DockerCli) CmdCommit(args ...string) error { flAuthor := cmd.String([]string{"a", "#author", "-author"}, "", "Author (e.g., \"John Hannibal Smith \")") // FIXME: --run is deprecated, it will be replaced with inline Dockerfile commands. flConfig := cmd.String([]string{"#run", "#-run"}, "", "This option is deprecated and will be removed in a future version in favor of inline Dockerfile-compatible commands") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return nil } - if *help { - cmd.Usage() - return nil - } var ( name = cmd.Arg(0) @@ -1746,19 +1662,14 @@ func (cli *DockerCli) CmdEvents(args ...string) error { cmd := cli.Subcmd("events", "[OPTIONS]", "Get real time events from the server") since := cmd.String([]string{"#since", "-since"}, "", "Show all events created since timestamp") until := cmd.String([]string{"-until"}, "", "Stream events until this timestamp") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + + if cmd.NArg() != 0 { cmd.Usage() return nil } - if cmd.BadArgs(0) { - os.Exit(1) - } - var ( v = url.Values{} loc = time.FixedZone(time.Now().Zone()) @@ -1788,18 +1699,14 @@ func (cli *DockerCli) CmdEvents(args ...string) error { func (cli *DockerCli) CmdExport(args ...string) error { cmd := cli.Subcmd("export", "CONTAINER", "Export the contents of a filesystem as a tar archive to STDOUT") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + + if cmd.NArg() != 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } if err := cli.stream("GET", "/containers/"+cmd.Arg(0)+"/export", nil, cli.out, nil); err != nil { return err @@ -1809,18 +1716,13 @@ func (cli *DockerCli) CmdExport(args ...string) error { func (cli *DockerCli) CmdDiff(args ...string) error { cmd := cli.Subcmd("diff", "CONTAINER", "Inspect changes on a container's filesystem") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() != 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } body, _, err := readBody(cli.call("GET", "/containers/"+cmd.Arg(0)+"/changes", nil, false)) @@ -1853,19 +1755,16 @@ func (cli *DockerCli) CmdLogs(args ...string) error { follow = cmd.Bool([]string{"f", "-follow"}, false, "Follow log output") times = cmd.Bool([]string{"t", "-timestamps"}, false, "Show timestamps") tail = cmd.String([]string{"-tail"}, "all", "Output the specified number of lines at the end of logs (defaults to all logs)") - help = cmd.Bool([]string{"#help", "-help"}, false, "Print usage") ) if err := cmd.Parse(args); err != nil { return nil } - if *help { + + if cmd.NArg() != 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } name := cmd.Arg(0) steam, _, err := cli.call("GET", "/containers/"+name+"/json", nil, false) @@ -1899,19 +1798,16 @@ func (cli *DockerCli) CmdAttach(args ...string) error { cmd = cli.Subcmd("attach", "[OPTIONS] CONTAINER", "Attach to a running container") noStdin = cmd.Bool([]string{"#nostdin", "-no-stdin"}, false, "Do not attach STDIN") proxy = cmd.Bool([]string{"#sig-proxy", "-sig-proxy"}, true, "Proxy all received signals to the process (even in non-TTY mode). SIGCHLD, SIGKILL, and SIGSTOP are not proxied.") - help = cmd.Bool([]string{"#help", "-help"}, false, "Print usage") ) if err := cmd.Parse(args); err != nil { return nil } - if *help { + + if cmd.NArg() != 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } name := cmd.Arg(0) stream, _, err := cli.call("GET", "/containers/"+name+"/json", nil, false) @@ -1977,18 +1873,13 @@ func (cli *DockerCli) CmdSearch(args ...string) error { trusted := cmd.Bool([]string{"#t", "#trusted", "#-trusted"}, false, "Only show trusted builds") automated := cmd.Bool([]string{"-automated"}, false, "Only show automated builds") stars := cmd.Int([]string{"s", "#stars", "-stars"}, 0, "Only displays with at least x stars") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() != 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } v := url.Values{} v.Set("term", cmd.Arg(0)) @@ -2034,18 +1925,13 @@ type ports []int func (cli *DockerCli) CmdTag(args ...string) error { cmd := cli.Subcmd("tag", "[OPTIONS] IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG]", "Tag an image into a repository") force := cmd.Bool([]string{"f", "#force", "-force"}, false, "Force") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + if cmd.NArg() != 2 { cmd.Usage() return nil } - if cmd.BadArgs(2) { - os.Exit(1) - } var ( repository, tag = parsers.ParseRepositoryTag(cmd.Arg(1)) @@ -2110,11 +1996,6 @@ func (cli *DockerCli) CmdRun(args ...string) error { if err != nil { return err } - if config == nil { - cmd.Usage() - return nil - } - if config.Image == "" { cmd.Usage() return nil @@ -2337,18 +2218,14 @@ func (cli *DockerCli) CmdRun(args ...string) error { func (cli *DockerCli) CmdCp(args ...string) error { cmd := cli.Subcmd("cp", "CONTAINER:PATH HOSTPATH", "Copy files/folders from the PATH to the HOSTPATH") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - if err := cmd.Parse(args); err != nil { return nil } - if *help { + + if cmd.NArg() != 2 { cmd.Usage() return nil } - if cmd.BadArgs(2) { - os.Exit(1) - } var copyData engine.Env info := strings.Split(cmd.Arg(0), ":") @@ -2382,18 +2259,15 @@ func (cli *DockerCli) CmdCp(args ...string) error { func (cli *DockerCli) CmdSave(args ...string) error { cmd := cli.Subcmd("save", "IMAGE", "Save an image to a tar archive (streamed to STDOUT by default)") outfile := cmd.String([]string{"o", "-output"}, "", "Write to an file, instead of STDOUT") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return err } - if *help { + + if cmd.NArg() != 1 { cmd.Usage() return nil } - if cmd.BadArgs(1) { - os.Exit(1) - } var ( output io.Writer = cli.out @@ -2415,18 +2289,15 @@ func (cli *DockerCli) CmdSave(args ...string) error { func (cli *DockerCli) CmdLoad(args ...string) error { cmd := cli.Subcmd("load", "", "Load an image from a tar archive on STDIN") infile := cmd.String([]string{"i", "-input"}, "", "Read from a tar archive file, instead of STDIN") - help := cmd.Bool([]string{"#help", "-help"}, false, "Print usage") if err := cmd.Parse(args); err != nil { return err } - if *help { + + if cmd.NArg() != 0 { cmd.Usage() return nil } - if cmd.BadArgs(0) { - os.Exit(1) - } var ( input io.Reader = cli.in diff --git a/components/engine/docker/flags.go b/components/engine/docker/flags.go index 46f52f9148..baae40eafc 100644 --- a/components/engine/docker/flags.go +++ b/components/engine/docker/flags.go @@ -26,7 +26,6 @@ var ( flEnableCors = flag.Bool([]string{"#api-enable-cors", "-api-enable-cors"}, false, "Enable CORS headers in the remote API") flTls = flag.Bool([]string{"-tls"}, false, "Use TLS; implied by tls-verify flags") flTlsVerify = flag.Bool([]string{"-tlsverify"}, false, "Use TLS and verify the remote (daemon: verify client, client: verify daemon)") - flHelp = flag.Bool([]string{"h", "-help"}, false, "Print usage") // these are initialized in init() below since their default values depend on dockerCertPath which isn't fully initialized until init() runs flCa *string diff --git a/components/engine/docs/man/docker-attach.1.md b/components/engine/docs/man/docker-attach.1.md index becec9fadd..7deda6c75e 100644 --- a/components/engine/docs/man/docker-attach.1.md +++ b/components/engine/docs/man/docker-attach.1.md @@ -6,7 +6,6 @@ docker-attach - Attach to a running container # SYNOPSIS **docker attach** -[**--help**]/ [**--no-stdin**[=*false*]] [**--sig-proxy**[=*true*]] CONTAINER @@ -22,9 +21,6 @@ When you detach from a container the exit code will be returned to the client. # OPTIONS -**--help** - Print usage statement - **--no-stdin**=*true*|*false* Do not attach STDIN. The default is *false*. diff --git a/components/engine/docs/man/docker-build.1.md b/components/engine/docs/man/docker-build.1.md index 19222c8f25..c562660b6f 100644 --- a/components/engine/docs/man/docker-build.1.md +++ b/components/engine/docs/man/docker-build.1.md @@ -6,7 +6,6 @@ docker-build - Build a new image from the source code at PATH # SYNOPSIS **docker build** -[**--help**] [**--force-rm**[=*false*]] [**--no-cache**[=*false*]] [**-q**|**--quiet**[=*false*]] @@ -37,9 +36,6 @@ as context. **--no-cache**=*true*|*false* Do not use cache when building the image. The default is *false*. -**--help** - Print usage statement - **-q**, **--quiet**=*true*|*false* Suppress the verbose output generated by the containers. The default is *false*. diff --git a/components/engine/docs/man/docker-commit.1.md b/components/engine/docs/man/docker-commit.1.md index 7f519527f0..31edcc0397 100644 --- a/components/engine/docs/man/docker-commit.1.md +++ b/components/engine/docs/man/docker-commit.1.md @@ -7,7 +7,6 @@ docker-commit - Create a new image from a container's changes # SYNOPSIS **docker commit** [**-a**|**--author**[=*AUTHOR*]] -[**--help**] [**-m**|**--message**[=*MESSAGE*]] [**-p**|**--pause**[=*true*]] CONTAINER [REPOSITORY[:TAG]] @@ -19,9 +18,6 @@ Using an existing container's name or ID you can create a new image. **-a**, **--author**="" Author (e.g., "John Hannibal Smith ") -**--help** - Print usage statement - **-m**, **--message**="" Commit message diff --git a/components/engine/docs/man/docker-cp.1.md b/components/engine/docs/man/docker-cp.1.md index ac49a47a54..dc8f295bbe 100644 --- a/components/engine/docs/man/docker-cp.1.md +++ b/components/engine/docs/man/docker-cp.1.md @@ -6,7 +6,6 @@ docker-cp - Copy files/folders from the PATH to the HOSTPATH # SYNOPSIS **docker cp** -[**--help**] CONTAINER:PATH HOSTPATH # DESCRIPTION @@ -15,8 +14,7 @@ path. Paths are relative to the root of the filesystem. Files can be copied from a running or stopped container. # OPTIONS -**--help** - Print usage statement +There are no available options. # EXAMPLES An important shell script file, created in a bash shell, is copied from diff --git a/components/engine/docs/man/docker-diff.1.md b/components/engine/docs/man/docker-diff.1.md index 6c6c502533..acf0911b04 100644 --- a/components/engine/docs/man/docker-diff.1.md +++ b/components/engine/docs/man/docker-diff.1.md @@ -6,7 +6,6 @@ docker-diff - Inspect changes on a container's filesystem # SYNOPSIS **docker diff** -[**--help**] CONTAINER # DESCRIPTION @@ -15,8 +14,7 @@ shortened container ID or the container name set using **docker run --name** option. # OPTIONS -**--help** - Print usage statement +There are no available options. # EXAMPLES Inspect the changes to on a nginx container: diff --git a/components/engine/docs/man/docker-events.1.md b/components/engine/docs/man/docker-events.1.md index 297e1073f0..8fa85871a8 100644 --- a/components/engine/docs/man/docker-events.1.md +++ b/components/engine/docs/man/docker-events.1.md @@ -6,7 +6,6 @@ docker-events - Get real time events from the server # SYNOPSIS **docker events** -[**--help**] [**--since**[=*SINCE*]] [**--until**[=*UNTIL*]] @@ -16,9 +15,6 @@ Get event information from the Docker daemon. Information can include historical information and real-time information. # OPTIONS -**--help** - Print usage statement - **--since**="" Show all events created since timestamp diff --git a/components/engine/docs/man/docker-export.1.md b/components/engine/docs/man/docker-export.1.md index d2b22d2217..8fd7834a15 100644 --- a/components/engine/docs/man/docker-export.1.md +++ b/components/engine/docs/man/docker-export.1.md @@ -6,7 +6,6 @@ docker-export - Export the contents of a filesystem as a tar archive to STDOUT # SYNOPSIS **docker export** -[**--help**] CONTAINER # DESCRIPTION @@ -15,8 +14,7 @@ container ID or container name. The output is exported to STDOUT and can be redirected to a tar file. # OPTIONS -**--help** - Print usage statement +There are no available options. # EXAMPLES Export the contents of the container called angry_bell to a tar file diff --git a/components/engine/docs/man/docker-history.1.md b/components/engine/docs/man/docker-history.1.md index 211ce6d5b5..ddb164e50b 100644 --- a/components/engine/docs/man/docker-history.1.md +++ b/components/engine/docs/man/docker-history.1.md @@ -6,7 +6,6 @@ docker-history - Show the history of an image # SYNOPSIS **docker history** -[**--help**] [**--no-trunc**[=*false*]] [**-q**|**--quiet**[=*false*]] IMAGE @@ -16,9 +15,6 @@ docker-history - Show the history of an image Show the history of when and how an image was created. # OPTIONS -**--help** - Print usage statement - **--no-trunc**=*true*|*false* Don't truncate output. The default is *false*. diff --git a/components/engine/docs/man/docker-images.1.md b/components/engine/docs/man/docker-images.1.md index 460265af78..c572ee674b 100644 --- a/components/engine/docs/man/docker-images.1.md +++ b/components/engine/docs/man/docker-images.1.md @@ -6,7 +6,6 @@ docker-images - List images # SYNOPSIS **docker images** -[**--help**] [**-a**|**--all**[=*false*]] [**-f**|**--filter**[=*[]*]] [**--no-trunc**[=*false*]] @@ -36,9 +35,6 @@ versions. **-f**, **--filter**=[] Provide filter values (i.e. 'dangling=true') -**--help** - Print usage statement - **--no-trunc**=*true*|*false* Don't truncate output. The default is *false*. diff --git a/components/engine/docs/man/docker-import.1.md b/components/engine/docs/man/docker-import.1.md index 974288c721..2d67b8bc78 100644 --- a/components/engine/docs/man/docker-import.1.md +++ b/components/engine/docs/man/docker-import.1.md @@ -6,7 +6,6 @@ docker-import - Create an empty filesystem image and import the contents of the # SYNOPSIS **docker import** -[**--help**] URL|- [REPOSITORY[:TAG]] # DESCRIPTION @@ -14,8 +13,7 @@ Create a new filesystem image from the contents of a tarball (`.tar`, `.tar.gz`, `.tgz`, `.bzip`, `.tar.xz`, `.txz`) into it, then optionally tag it. # OPTIONS -**--help** - Print usage statement +There are no available options. # EXAMPLES diff --git a/components/engine/docs/man/docker-info.1.md b/components/engine/docs/man/docker-info.1.md index 03d46390fd..bf64a7b543 100644 --- a/components/engine/docs/man/docker-info.1.md +++ b/components/engine/docs/man/docker-info.1.md @@ -6,7 +6,6 @@ docker-info - Display system-wide information # SYNOPSIS **docker info** -[**--help**] # DESCRIPTION @@ -21,8 +20,7 @@ allocates a certain amount of data space and meta data space from the space available on the volume where `/var/lib/docker` is mounted. # OPTIONS -**--help** - Print usage statement +There are no available options. # EXAMPLES diff --git a/components/engine/docs/man/docker-inspect.1.md b/components/engine/docs/man/docker-inspect.1.md index 8cbef0f91d..a52d57c974 100644 --- a/components/engine/docs/man/docker-inspect.1.md +++ b/components/engine/docs/man/docker-inspect.1.md @@ -6,7 +6,6 @@ docker-inspect - Return low-level information on a container or image # SYNOPSIS **docker inspect** -[**--help**] [**-f**|**--format**[=*FORMAT*]] CONTAINER|IMAGE [CONTAINER|IMAGE...] @@ -18,9 +17,6 @@ array. If a format is specified, the given template will be executed for each result. # OPTIONS -**--help** - Print usage statement - **-f**, **--format**="" Format the output using the given go template. diff --git a/components/engine/docs/man/docker-kill.1.md b/components/engine/docs/man/docker-kill.1.md index 467c0bf759..3c8d59e6d5 100644 --- a/components/engine/docs/man/docker-kill.1.md +++ b/components/engine/docs/man/docker-kill.1.md @@ -6,7 +6,6 @@ docker-kill - Kill a running container using SIGKILL or a specified signal # SYNOPSIS **docker kill** -[**--help**] [**-s**|**--signal**[=*"KILL"*]] CONTAINER [CONTAINER...] @@ -16,9 +15,6 @@ The main process inside each container specified will be sent SIGKILL, or any signal specified with option --signal. # OPTIONS -**--help** - Print usage statement - **-s**, **--signal**="KILL" Signal to send to the container diff --git a/components/engine/docs/man/docker-load.1.md b/components/engine/docs/man/docker-load.1.md index 71bd28adf5..07dac46138 100644 --- a/components/engine/docs/man/docker-load.1.md +++ b/components/engine/docs/man/docker-load.1.md @@ -6,7 +6,6 @@ docker-load - Load an image from a tar archive on STDIN # SYNOPSIS **docker load** -[**--help**] [**-i**|**--input**[=*INPUT*]] @@ -16,9 +15,6 @@ Loads a tarred repository from a file or the standard input stream. Restores both images and tags. # OPTIONS -**--help** - Print usage statement - **-i**, **--input**="" Read from a tar archive file, instead of STDIN diff --git a/components/engine/docs/man/docker-login.1.md b/components/engine/docs/man/docker-login.1.md index d01e60eeb9..c269353079 100644 --- a/components/engine/docs/man/docker-login.1.md +++ b/components/engine/docs/man/docker-login.1.md @@ -7,7 +7,6 @@ docker-login - Register or log in to a Docker registry server, if no server is s # SYNOPSIS **docker login** [**-e**|**--email**[=*EMAIL*]] -[**--help**] [**-p**|**--password**[=*PASSWORD*]] [**-u**|**--username**[=*USERNAME*]] [SERVER] @@ -21,9 +20,6 @@ login to a private registry you can specify this by adding the server name. **-e**, **--email**="" Email -**--help** - Print usage statement - **-p**, **--password**="" Password diff --git a/components/engine/docs/man/docker-logs.1.md b/components/engine/docs/man/docker-logs.1.md index c896526720..1fbd229d5d 100644 --- a/components/engine/docs/man/docker-logs.1.md +++ b/components/engine/docs/man/docker-logs.1.md @@ -7,7 +7,6 @@ docker-logs - Fetch the logs of a container # SYNOPSIS **docker logs** [**-f**|**--follow**[=*false*]] -[**--help**] [**-t**|**--timestamps**[=*false*]] [**--tail**[=*"all"*]] CONTAINER @@ -23,9 +22,6 @@ The **docker logs --follow** command combines commands **docker logs** and then continue streaming new output from the container’s stdout and stderr. # OPTIONS -**--help** - Print usage statement - **-f**, **--follow**=*true*|*false* Follow log output. The default is *false*. diff --git a/components/engine/docs/man/docker-port.1.md b/components/engine/docs/man/docker-port.1.md index 020d0d3bf4..07b84b12d9 100644 --- a/components/engine/docs/man/docker-port.1.md +++ b/components/engine/docs/man/docker-port.1.md @@ -6,7 +6,6 @@ docker-port - Lookup the public-facing port that is NAT-ed to PRIVATE_PORT # SYNOPSIS **docker port** -[**--help**] CONTAINER PRIVATE_PORT # OPTIONS diff --git a/components/engine/docs/man/docker-ps.1.md b/components/engine/docs/man/docker-ps.1.md index 09cd6819bf..bf22d87da5 100644 --- a/components/engine/docs/man/docker-ps.1.md +++ b/components/engine/docs/man/docker-ps.1.md @@ -8,7 +8,6 @@ docker-ps - List containers **docker ps** [**-a**|**--all**[=*false*]] [**--before**[=*BEFORE*]] -[**--help**] [**-f**|**--filter**[=*[]*]] [**-l**|**--latest**[=*false*]] [**-n**[=*-1*]] @@ -30,9 +29,6 @@ the running containers. **--before**="" Show only container created before Id or Name, include non-running ones. -**--help** - Print usage statement - **-f**, **--filter**=[] Provide filter values. Valid filters: exited= - containers with exit code of diff --git a/components/engine/docs/man/docker-pull.1.md b/components/engine/docs/man/docker-pull.1.md index fec4fded8e..465c97aadd 100644 --- a/components/engine/docs/man/docker-pull.1.md +++ b/components/engine/docs/man/docker-pull.1.md @@ -6,7 +6,6 @@ docker-pull - Pull an image or a repository from the registry # SYNOPSIS **docker pull** -[**--help**] NAME[:TAG] # DESCRIPTION @@ -17,10 +16,9 @@ images for that repository name are pulled down including any tags. It is also possible to specify a non-default registry to pull from. # OPTIONS -**--help** - Print usage statement +There are no available options. -# EXAMPLE +# EXAMPLES # Pull a repository with multiple images diff --git a/components/engine/docs/man/docker-push.1.md b/components/engine/docs/man/docker-push.1.md index 2d4dc8f89e..8523cb539e 100644 --- a/components/engine/docs/man/docker-push.1.md +++ b/components/engine/docs/man/docker-push.1.md @@ -6,7 +6,6 @@ docker-push - Push an image or a repository to the registry # SYNOPSIS **docker push** -[**--help**] NAME[:TAG] # DESCRIPTION @@ -16,8 +15,7 @@ image can be pushed to another, perhaps private, registry as demonstrated in the example below. # OPTIONS -**--help** - Print usage statement +There are no available options. # EXAMPLES diff --git a/components/engine/docs/man/docker-restart.1.md b/components/engine/docs/man/docker-restart.1.md index f954e6f076..2a08caa5e8 100644 --- a/components/engine/docs/man/docker-restart.1.md +++ b/components/engine/docs/man/docker-restart.1.md @@ -6,7 +6,6 @@ docker-restart - Restart a running container # SYNOPSIS **docker restart** -[**--help**] [**-t**|**--time**[=*10*]] CONTAINER [CONTAINER...] @@ -14,9 +13,6 @@ docker-restart - Restart a running container Restart each container listed. # OPTIONS -**--help** - Print usage statement - **-t**, **--time**=10 Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default is 10 seconds. diff --git a/components/engine/docs/man/docker-rm.1.md b/components/engine/docs/man/docker-rm.1.md index 823cdc45c7..bae6a7ea8c 100644 --- a/components/engine/docs/man/docker-rm.1.md +++ b/components/engine/docs/man/docker-rm.1.md @@ -19,9 +19,6 @@ remove a running container unless you use the \fB-f\fR option. To see all containers on a host use the **docker ps -a** command. # OPTIONS -**--help** - Print usage statement - **-f**, **--force**=*true*|*false* Force the removal of a running container (uses SIGKILL). The default is *false*. diff --git a/components/engine/docs/man/docker-rmi.1.md b/components/engine/docs/man/docker-rmi.1.md index c1f131f40c..08d740a3be 100644 --- a/components/engine/docs/man/docker-rmi.1.md +++ b/components/engine/docs/man/docker-rmi.1.md @@ -7,7 +7,6 @@ docker-rmi - Remove one or more images # SYNOPSIS **docker rmi** [**-f**|**--force**[=*false*]] -[**--help**] [**--no-prune**[=*false*]] IMAGE [IMAGE...] @@ -22,9 +21,6 @@ use the **docker images** command. **-f**, **--force**=*true*|*false* Force removal of the image. The default is *false*. -**--help** - Print usage statement - **--no-prune**=*true*|*false* Do not delete untagged parents. The default is *false*. diff --git a/components/engine/docs/man/docker-run.1.md b/components/engine/docs/man/docker-run.1.md index 1e7a39e84e..225fb78cb8 100644 --- a/components/engine/docs/man/docker-run.1.md +++ b/components/engine/docs/man/docker-run.1.md @@ -21,7 +21,6 @@ docker-run - Run a command in a new container [**--env-file**[=*[]*]] [**--expose**[=*[]*]] [**-h**|**--hostname**[=*HOSTNAME*]] -[**--help**] [**-i**|**--interactive**[=*false*]] [**--link**[=*[]*]] [**--lxc-conf**[=*[]*]] @@ -133,9 +132,6 @@ developer can expose the port using the EXPOSE parameter of the Dockerfile, 2) the operator can use the **--expose** option with **docker run**, or 3) the container can be started with the **--link**. -**--help** - Print usage statement - **-h**, **--hostname**=*hostname* Sets the container host name that is available inside the container. diff --git a/components/engine/docs/man/docker-save.1.md b/components/engine/docs/man/docker-save.1.md index 3741a34603..533b4c8435 100644 --- a/components/engine/docs/man/docker-save.1.md +++ b/components/engine/docs/man/docker-save.1.md @@ -6,7 +6,6 @@ docker-save - Save an image to a tar archive (streamed to STDOUT by default) # SYNOPSIS **docker save** -[**--help**] [**-o**|**--output**[=*OUTPUT*]] IMAGE @@ -17,9 +16,6 @@ parent layers, and all tags + versions, or specified repo:tag. Stream to a file instead of STDOUT by using **-o**. # OPTIONS -**--help** - Print usage statement - **-o**, **--output**="" Write to an file, instead of STDOUT diff --git a/components/engine/docs/man/docker-search.1.md b/components/engine/docs/man/docker-search.1.md index 2d23e34cf7..3937b870a3 100644 --- a/components/engine/docs/man/docker-search.1.md +++ b/components/engine/docs/man/docker-search.1.md @@ -7,7 +7,6 @@ docker-search - Search the Docker Hub for images # SYNOPSIS **docker search** [**--automated**[=*false*]] -[**--help**] [**--no-trunc**[=*false*]] [**-s**|**--stars**[=*0*]] TERM @@ -23,9 +22,6 @@ is automated. **--automated**=*true*|*false* Only show automated builds. The default is *false*. -**--help** - Print usage statement - **--no-trunc**=*true*|*false* Don't truncate output. The default is *false*. diff --git a/components/engine/docs/man/docker-start.1.md b/components/engine/docs/man/docker-start.1.md index 965c5bcaf7..e23fd70ab4 100644 --- a/components/engine/docs/man/docker-start.1.md +++ b/components/engine/docs/man/docker-start.1.md @@ -7,7 +7,6 @@ docker-start - Restart a stopped container # SYNOPSIS **docker start** [**-a**|**--attach**[=*false*]] -[**--help**] [**-i**|**--interactive**[=*false*]] CONTAINER [CONTAINER...] @@ -19,9 +18,6 @@ Start a stopped container. **-a**, **--attach**=*true*|*false* Attach container's STDOUT and STDERR and forward all signals to the process. The default is *false*. -**--help** - Print usage statement - **-i**, **--interactive**=*true*|*false* Attach container's STDIN. The default is *false*. diff --git a/components/engine/docs/man/docker-stop.1.md b/components/engine/docs/man/docker-stop.1.md index c0d7b9e432..0cc19918c3 100644 --- a/components/engine/docs/man/docker-stop.1.md +++ b/components/engine/docs/man/docker-stop.1.md @@ -6,7 +6,6 @@ docker-stop - Stop a running container by sending SIGTERM and then SIGKILL after # SYNOPSIS **docker stop** -[**--help**] [**-t**|**--time**[=*10*]] CONTAINER [CONTAINER...] @@ -15,9 +14,6 @@ Stop a running container (Send SIGTERM, and then SIGKILL after grace period) # OPTIONS -**--help** - Print usage statement - **-t**, **--time**=10 Number of seconds to wait for the container to stop before killing it. Default is 10 seconds. diff --git a/components/engine/docs/man/docker-tag.1.md b/components/engine/docs/man/docker-tag.1.md index 76806bab36..a42ebe7702 100644 --- a/components/engine/docs/man/docker-tag.1.md +++ b/components/engine/docs/man/docker-tag.1.md @@ -7,7 +7,6 @@ docker-tag - Tag an image into a repository # SYNOPSIS **docker tag** [**-f**|**--force**[=*false*]] -[**--help**] IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG] # DESCRIPTION diff --git a/components/engine/docs/man/docker-top.1.md b/components/engine/docs/man/docker-top.1.md index be2bed2210..9781739cde 100644 --- a/components/engine/docs/man/docker-top.1.md +++ b/components/engine/docs/man/docker-top.1.md @@ -6,7 +6,6 @@ docker-top - Display the running processes of a container # SYNOPSIS **docker top** -[**--help**] CONTAINER [ps OPTIONS] # DESCRIPTION @@ -15,8 +14,7 @@ Look up the running process of the container. ps-OPTION can be any of the options you would pass to a Linux ps command. # OPTIONS -**--help** - Print usage statement +There are no available options. # EXAMPLES diff --git a/components/engine/docs/man/docker-wait.1.md b/components/engine/docs/man/docker-wait.1.md index a1e2aa2129..798f6d652c 100644 --- a/components/engine/docs/man/docker-wait.1.md +++ b/components/engine/docs/man/docker-wait.1.md @@ -6,7 +6,6 @@ docker-wait - Block until a container stops, then print its exit code. # SYNOPSIS **docker wait** -[**--help**] CONTAINER [CONTAINER...] # DESCRIPTION @@ -14,8 +13,7 @@ CONTAINER [CONTAINER...] Block until a container stops, then print its exit code. # OPTIONS -**--help** - Print usage statement +There are no available options. # EXAMPLES diff --git a/components/engine/docs/man/docker.1.md b/components/engine/docs/man/docker.1.md index 90abe4e52c..3932097255 100644 --- a/components/engine/docs/man/docker.1.md +++ b/components/engine/docs/man/docker.1.md @@ -26,9 +26,6 @@ To see the man page for a command run **man docker **. **-D**=*true*|*false* Enable debug mode. Default is false. -**--help** - Print usage statement - **-H**, **--host**=[unix:///var/run/docker.sock]: tcp://[host:port] to bind or unix://[/path/to/socket] to use. The socket(s) to bind to in daemon mode specified using one or more diff --git a/components/engine/docs/sources/reference/commandline/cli.md b/components/engine/docs/sources/reference/commandline/cli.md index b06bc5dada..bae418d10b 100644 --- a/components/engine/docs/sources/reference/commandline/cli.md +++ b/components/engine/docs/sources/reference/commandline/cli.md @@ -15,19 +15,6 @@ or execute `docker help`: ... -## Help -To list the help on any command just execute the command, followed by the `--help` option. - - $ sudo docker run --help - - Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...] - - Run a command in a new container - - -a, --attach=[] Attach to STDIN, STDOUT or STDERR. - -c, --cpu-shares=0 CPU shares (relative weight) - ... - ## Option types Single character commandline options can be combined, so rather than diff --git a/components/engine/pkg/mflag/flag.go b/components/engine/pkg/mflag/flag.go index 5c7defd2f1..6e3f039707 100644 --- a/components/engine/pkg/mflag/flag.go +++ b/components/engine/pkg/mflag/flag.go @@ -395,19 +395,6 @@ func Lookup(name string) *Flag { return CommandLine.formal[name] } -func (f *FlagSet) BadArgs(nargs int) bool { - if NArg() < nargs { - fmt.Fprintf(f.out(), "docker: '%s' requires arguments. See 'docker %s --help'.\n", f.name, f.name) - return true - } else { - if nargs == 0 && NArg() != 0 { - fmt.Fprintf(f.out(), "docker: '%s' does not require arguments. See 'docker %s --help'.\n", f.name, f.name) - return true - } - } - return false -} - // Set sets the value of the named flag. func (f *FlagSet) Set(name, value string) error { flag, ok := f.formal[name] @@ -481,7 +468,7 @@ func defaultUsage(f *FlagSet) { // Usage prints to standard error a usage message documenting all defined command-line flags. // The function is a variable that may be changed to point to a custom function. var Usage = func() { - fmt.Fprintf(CommandLine.output, "Usage of %s:\n", os.Args[0]) + fmt.Fprintf(os.Stderr, "Usage of %s:\n", os.Args[0]) PrintDefaults() } @@ -770,7 +757,7 @@ func Var(value Value, names []string, usage string) { func (f *FlagSet) failf(format string, a ...interface{}) error { err := fmt.Errorf(format, a...) fmt.Fprintln(f.out(), err) - fmt.Fprintf(f.out(), "See 'docker %s --help'.\n", f.name) + f.usage() return err } diff --git a/components/engine/runconfig/parse.go b/components/engine/runconfig/parse.go index 355e72310d..2b23b355f4 100644 --- a/components/engine/runconfig/parse.go +++ b/components/engine/runconfig/parse.go @@ -3,7 +3,6 @@ package runconfig import ( "fmt" "io/ioutil" - "os" "path" "strconv" "strings" @@ -76,8 +75,6 @@ func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Conf flNetMode = cmd.String([]string{"-net"}, "bridge", "Set the Network mode for the container\n'bridge': creates a new network stack for the container on the docker bridge\n'none': no networking for this container\n'container:': reuses another container network stack\n'host': use the host network stack inside the container. Note: the host mode gives the container full access to local system services such as D-bus and is therefore considered insecure.") flRestartPolicy = cmd.String([]string{"-restart"}, "", "Restart policy to apply when a container exits (no, on-failure[:max-retry], always)") // For documentation purpose - help = cmd.Bool([]string{"#help", "-help"}, false, "Print usage") - _ = cmd.Bool([]string{"#sig-proxy", "-sig-proxy"}, true, "Proxy received signals to the process (even in non-TTY mode). SIGCHLD, SIGSTOP, and SIGKILL are not proxied.") _ = cmd.String([]string{"#name", "-name"}, "", "Assign a name to the container") ) @@ -169,14 +166,9 @@ func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Conf entrypoint []string image string ) - - if *help { - return nil, nil, cmd, nil + if len(parsedArgs) >= 1 { + image = cmd.Arg(0) } - if cmd.BadArgs(1) { - os.Exit(1) - } - image = cmd.Arg(0) if len(parsedArgs) > 1 { runCmd = parsedArgs[1:] } From c4216dda04a2cc5e1e9fe47db379aed08a31038f Mon Sep 17 00:00:00 2001 From: Fred Lifton Date: Wed, 27 Aug 2014 14:16:29 -0700 Subject: [PATCH 047/540] Updating B2D upgrade instructions for 1.2.0. Docker-DCO-1.1-Signed-off-by: Fred Lifton (github: fredlf) Upstream-commit: 3304d4e98479e54eb9580ce1c42adfb085cfa374 Component: engine --- .../installation/images/osx-installer.png | Bin 102026 -> 122166 bytes .../engine/docs/sources/installation/mac.md | 3 ++- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/components/engine/docs/sources/installation/images/osx-installer.png b/components/engine/docs/sources/installation/images/osx-installer.png index dbb6bcd2d903d55538103eb343c9490d563b9a7c..b2437ec0126c599c76371e592d56dda8648c04b0 100644 GIT binary patch literal 122166 zcmd41cQjmY*Dx#*kwlP0v}g&@%OHA9qDAx;o#@fK84QvLqE2+8_ud(8lqjPUozacX zV1^l;&wW47_q@ORdDr*?ND`91>#399^v8P5i5R>)x^WQyLkI@ zJh*?`LYAnaj)(VX-d09NT~S8nrMjE5wXK5{9^MDyvIL;EmLg^Qfp1an-@92K9=1Fj zD>;7g_FeI3rq|zoJbVBCNfl@KqjCcBr|P;Ma9*L5vz_&>qu{IdC}w&JS;0zrDyeuB5zRqNX6aVe2#*V20T?idL?qdP3Z z`bn$_?t<_a&j#N`Kzc>}zKgG=iv2l(d#;+_%jW*k0a z(nS`=OVT+L!nu6NYZ8v0*xREOwUGL1wIjWkdlM*{svV?4!fO17tm?CPRbb!`O;-w= z(bJwA_ukA)t)em1E z$)O(wba~%-B)(dTzNDYtv5ajeKH0%1G+j?!6~Mnf zzkU|_F6P(s*K|)`@moHue!(u+|LdbAsb+>Mmk%-a6KWAKwAi{|g6+WV3}gt9jOmTWoJQu+l&E#oP4^SR247^aHz zJfRFyg6FNgZm?>2W+YmEfBLI^x96(Us*kHogBpl2{hQ5-BiiJY7c7w;KGF^7tmx5Q zC0$NAq&rPHmAd4;runA&mucpS#6yP;hxcM;udc0E@@CijIT*+z`=#SsEb+_e5+&ADZ zi}cFCMX45~j9+c_9ZQ_w_o2IzxO#Y%!!I+dnp`%hWm0aGH=hfZIjakc2}=%Z>j%fb zk9Ui=;F#74){fU6(!tjeEgsM=(N-&7)S=U`C=@M}E3zsn(-klD(nke}DJ~dE>ZKK! z3uA zeu4gG6_3fZ0We|z{ep25rAJ8q7iIMCjxWhTw!Pqq&%{R`N_8O3Aazk>PUI*JD7xfs)-dRzj~v^_Oim8ztRj}h zwybv&RzIPQf%%tBHzV^65wCFP=j3tjGAU@YCR=e@ro_}|{J;Jvyw=eQf zd}(~$VJD!I^GdKL*#B@FD~MS?ojR4mzCk0;P$$0o&g&T~0lhb#U;VzmUY2bSc{|dc z_s#KLL+0Pin9TCe*yYpZ{$cxiA=bZ#o)0-heP{EUNGR+Xr5J4-l^$Un4olY& z+|`ee8H`C9)|21+J`-4VfV{gZ1ec7ck4WsUXDxg^s8XnO`im+~FJVU97qORDQ^B&$ z@-WsQMzQZ<-$ks##=VhQA)C+T1M{nmzzzLD&Lp6B>;7fwSpj7s*D{w#!ut=3%A!e_ zAhPbFm5AJGtrD$}#&7eed0h$V#ZQYbmr_jO0qGlQpAvA43*vrC=b7!g>O54>?myxT za^~;g_p$-^M)a2s(GGkZv>RlxDX`3VUKGwRM<;q;lt5I{oW`}PL3sKN&~U%<_4{hm zun(Jxh8Tg$@0-5|HF0UBfF;&8jvHjhkD#7M6OUvGrYZCR2K8IsW*=4{;pp(j@VP`P zZvDnw=c1c2$$?*1MFWV$6fS^)R3)QF_qX`C_+-uieXF)&hslf*GTnNLZOSsXog1Fx z=5zCPb4B!mpozU#MRx^xIm%$O)~Tn-nHd(tnTN|;&oiBJpEf;PT)7B4=n=|w+(K+M zxlXgJvW(`7r}zmouxW8}a_uhhTPTfxnwp9!3ve>5M7cG(pY5aKP}Qgw@@R5yab=(b z0-dL+?%m9hSzKjM;bV*qNrR;cd!3=|X3E-{Jx(?men`*Hku?<*!D0DefUEQMqRquK zoagn{wZ($}!d2cy+f5nccOXO4zsX%-^~(j{i3M@bP?T=Q=TtV^_rECwiG_)N`x?d=_^1YFI5=bNB+)es zBXtE4syb;?5-sS*>&m0aRW(623WzR8na!~gY(3yh0LUMAW=K~f*2E)g)ZoFlwtA*| zGhCAh1Ee+Wd7rJ3pKuQ88dnGzyEl5RQYM$!zp&^F^9AhNECd|Ay!o@$Ne+1c`AAVoKv{ z?5lP{fHn4gadB)WU4Jv_Jhs&O__<_`G-rU*DQrIo8Lk!hDsTa?38Muu`wNO`Up6BS zCM&p28E!fcAoiU#A%u$`79(1WZ&WvpQ5nMlP>3uxbrqg~+kcW8yOZEf+K?eAY@G;ztu=DjO`Kp6^fv@ zSgYWnyrEQ^7{d^h27fh>{(4G|7ww4GTyCS)kOq0?;Cn;;#!WH8dUNoNbnp${ zcmD^wm3+V6!A@$e)-Vz-};Rvubi z?qVQG#(zVI-G2Y88Nm4R-yk0Ll8kyP>Mv!S-K<^;@(A$oGD5XGJf&!a1jFlfIuJ*@C}c%n+EAHD8e5j%R^n~EuyEv84 zGnO=;ll;!4mrh!ik~;@lfcuXFpQRnGq-~0hc%>gn4oIG~9JJuIg6>J&rN0CDs?g4~ z{Pgg_|9^iq?u}*NHFbV=2cjSQ#2fz~5??DlDZBw}+mv`5wV|J!EzN9xO6HRK`A?0$ zeUe{p+gbL{q<>F3;a`U_I$8M-wfE{D(7J?R@K?T`D`Hn-?QGi8uB7<>!9(Ki!zZV? zBz+m$;t!h|fvY!NotF0N^9HUsr+cva|6p|^bQj z57phs!fgX29E4a4HfEmv-9WIu_%Rh0%hsCs9~d)BPrsCPI=UkTdRj%H7qkag>v*%N z5}H*i-7Jrsl)%}1;DvvR^Ht%q+C2j|Jk@SiavG~~TEnwij;mVIlp)(T_PPAydpzVR zAiVksfC(4i=%10|@{;lISfC?^zsjsY9uVymRkm9{eOch0sho$(cffrD;Kg<;=Et@b z{I5WJTP@?rpB8Sc<>gyqW2n;Ya%3xbJuaf1KW5FJlCbl@Kw=40osZ`fs;0%)viMI) z+XJ56d(v$XTJFK25LhG-? zkVXIDCN-LGEs{z3s|B&cY$cGdtv4j^esfVuJ z&k^&-bvCdJbt%5XM zrCTi*!m7rilpp?m710Eqh{DRA%VNGnXrr?ITlfDtaF@s5zntu}VQiLl!}d%z!;W*& zYcZkub_WRNFchLI{9wm$@L(X&Osk4)I|uV6EiGPI8&7t(+%YauO~PA1wRZoU1!=gG z$dy0s{m<~5NqkUyyiAR?FD{pA@Zw=mQ%iP`wc6Zy9d1K5qKeB7z07rfx{yfNDO;7o z1VI$@6sxipE3DT7twKTF|7thes!ZLdW<7^+s#?|hl zc%GfPIHPllQ4nE21wohyb685Tgk3>X;qP!=NdFhkMIqyLDj z>+z=_JoG#-))5Ub2cu+=#_TUmig?yy))-C`?Iq2|%ik&|-GBJ>2SH7RTpA1UJxF8f zZ|agC31ZgD%RJDQji8h_v?plr~LXqY72YFE?iRMBH-iS-rE5_nrI}RaYcslx@ z5p~GU_(ZY+u9U}4qnq(l*JxXgosuDMOtD<7D9j@}t{DvTVWeK?(zsDad~YlBV~e1y zVCFyjS#7T&Wss=C*hmC%kX_$J$Xb<`{eQ?GSjg$_ja`ZlrHn*0xM7OJ#}?yDRQnml zHFPPcx~?01`n2NvTJ>uMNuxr|<<^U)jGNginv}Z9@X*<}X5mR+jE{yS6t*3Qu8sNb z{71}56MO>^YHXx`pr7nh)xP>9`O!FF`?c0W-l|nBo4=j99I|NtKZhtj!JU(@B~o%$P7CX{6+UrIRjb=2^dzHPEe=5XZB+U^(| zz*nQ*xKB2A+wy-+1XmBgSrQIvdsc^QV#njd3sfbFKz%wuPqbwSe*J zCkN{NQVkecm_2I>TO{HGKy(*vi9SX<*!ILIv-*9excwD?s&KL^Nb zCzPtDl~6K3nxJUV8L!T^V$Gf%O>=c*b?+yyaxPvMhitJk`E?ALC+hY88d=v7Z>#b1 zOO%3aq^%ToFcUfm9qVb;=3-P#B8l~hPmpgL6Xw+a|IIhc8_@(Pd zI{siIF-0@7eyfv)OsX*dy4U645BgNX2Dju9x2un%*2)5CRZa^Hbc{J`^rIjtcaBr* zX4xUDSbX8SiY;MwU6<+aXc&D~!9AVN-eRBf=m1Uz_#M_}A3HdLs&R4g%K>u;X=H$~ z+DKWHo{d>X|GTu#c9_;Pz{ z9vInOG}!1S7d&&3%c2;MzRcmTr-vkRQRfY}Bxx68RmoVCPv^Hrb1DW$Ms6O{+1uMI zz6cX%7kN51K8{a!_9a?54!R~7y|c6PD>{1g@BQ_$(cwDX$8~?29N3r+HuCjinER$Hh%9p>98R4x&%mO*I>Mu+)d zokwn%Pg{4qT&;V0@0$h9uM*ag_r4S-hl65BOeJ^AY9rdVK#aX&>uwG)ktc_plBck| zM6x-5L1BfxTDo^Jo6T9XsCq#Ys9rUB4WUk+s4W`Ks^gT42EVp2I_pdDtlJ!G|9f32 zX=2BOXr+mj06=>f>Aa`aJT<%Hx&3Y}>Mo0vPt`V}?W=hp6IoOl2U-1~Dm^l z57@1yJb;H{N-xl)d@tc#T`F>VH9RIhQ=S_6uCW02_1dRuJ3UJWH>s2cUcQr-EcGpBX7<)MRs%qFVXDN)F z^V;s9@ceJGTzFb|j9hpU%%hxZw8O*CwzDG%!yI}3k->N?uEw!joxYUwe$h_3vK!n5 z$w@!=jNx9TbgjiJPtwS5f3JC2JP~-tqTYSf(~;yuK~dsp1B zx?X^@9cis>0Kcr1-VrZixN#|eLL+^>@^}TdI`6VcCm2`rK@~RN_*&BHw_$Ch?nLme zjLA{_^}ksr-Lmw*3ekJ;#_U6cQMxAuBJ>=4Fx|Ex!^^%$I!$e504z_1t(CQ0JJMBD zrR18{uzZ?Xr;lh1ZScetvyL?iRjb4soCcq+>95gDb+p~CeNsGa7wnAXito)Pg!LCD zqjinrB4yV{JL?>b8V3eU<8TuvH9!sbMm~3b+xNEk)A>0~4z>EO7+X!Zn5qwy+ItXl zO;tlgqY$Q`MO!p-4_DZb*xc**2%qi(W!KyS zZmY`=z1-zxm$m~qW7G4(jPf?OOn{$uK_mzpQr zrW8~9RB95twFQxgtl_$7X-9G`{~dfs5MRQcR3EycqD1}^_EGJCVHC%4S9x(K7XwYF zvcDYT-kYN%WWeVr=^ni!wIh8`>1)F4^AjXPtE$WX(b)BnV0*ZnZ>z_x*T1w}vL4** zg-sWil)wWeWFh|dcN+}2xCSi z)W#T-D*%pHvwNmXJp$m+GLHM!tFWul=wS4bCf#R^29g*hAn_^)ca_Lvd=8_C6Ho4n zt&Ve;|9N7X8cu$+Y0=qFey2l{bUQ>QO6o8%N+bTmZImyu?Y^dUzwfT zzD_DF!Si)e72ZyF_;2}c+3;>9J>Am#n`1Vr*&|WgpeQ=4)9XCj^w1e5PI^$G_fu#0 z)A$`fU-H#Me}xry1!9G1o&_4AhxN`9?Y4hD41)$WcwrF z&pA1u#auY<7p?x)b=2Zv*hvlq8~aXYz})gH>=i_j11yM7nJ(ArfE$pg+?5Wi4$Y%Y zxSLg&Qa@Nfu6{2ra3_L1vZskg2`h`ti2f8jk2r}oY`fQ}Gw|3jGv861=I4vt_^C{D zi-5g74~hP{lZUJOx=4tzp1_Svt@!bmW7MxuI(rIaC*7HdkBg~G!ZX4Z_Prm3>_pfY zg6|>$g^6vIdC41=6Q-V;6w^JCwT%P5K>D zEKFP1B(9t824gO9ayd7nkrpJ?lls--yq5I5%O8!|Z9{vW$I=H3mC5dA_>e~eYkHQ< zWjCK8cQDACCDH2|n-Ta#kye!#%HVislE?xc@u#RD9Z^}~V)8|LRANHn1@GtfJ|RHj z9P{BkzK|8nL*yfT;M2tXUDGLj*=~j1nAqY5p+3v8?z~7&K)F~J?@nUr{*K2>>(70P zIWWtZaRBuJLcyCJw&^0HF&dt7|2KZy&H@mPs8vwE#L;YxH{$sHUj1oEh zk}7!#e!OG){FFb~oI?SqWo6XQ>^>KpVSf0x+@GDnaiX|{cv4aSc?KVqu77o+vSWYG z5ch-U7de5#B@uGs8~I{$IfIb}dfzk#Auxw*pIN?yFozG`MJgDMm=Z`_Y(W`soN_}U zX@8Ip_Fa_~XQTNqJEJd3lHs842zZe}8|~Gb#rL>(40z<1o3?F+CFbzB)fe&V-9>*O`TF7x(zKN- z(G=&N%D-X)Mpa6HMf|v&QvLa_k59r!7c145lJPIvHi8HbHxs8BS%pkm?$blYc(i&cSJkZJPAm!M7FI(JFnyiq?#ug-SripEetE?mzi>2^kgT*;RUu%@4Q3c@(c(u z&+E3@zmf`g3in5XX~$lbj(Z*Xs;%M_NzL=F4yktu16G<(mz<*>Y$U*QT3hc{T%M^) zG(z#^O+_gbJV;K|ugwweC)f7@)&X~G3|JYDLPYlSzl&FI$c&ncRXr}b_5~DoPaW)eZ6ZZm# zf@s+sGj&9k#f2O@>;o=nK2o#>GNgO5_@wzfa#KA8;{m&sDl$RCw3psf4lrBQvo!G> zEeJg^0G28+e_35!{k=~n9oV!feWN=8@S|Iz^CfAb3!tbLkK#QL&~{7-hnQXoUwa*B zB{@4IFyhZMjeE-f1a}Z*M`}05IL$&IzS&Ui9OG8v-4NeI9(Rt&PJ1cbH=b!Yq8l{0 zbiVZ5(JIU^439#I=eYOqe2YTQNK^ClP?(e&$3<^jA-xWd%Db#!zdLqN(Q+-F@yRH*}9F&9z5a7yT=Mj!b!WbI&MKx8L&wZLjEvj8gzC=qJs zXKj-l6Ze!2uIto)sjQeRvyLOJwEW{n>oM=*p^ss-=Fs$bn2$u%6V1r=9(`AncL>5->k&1GgMKf34=H1UE%8o5DwD*rh!EZ=AsknXkKkdZKen z4|dT3dsRIy8_71SJ0%q)xC{3YNy^5?#?#wz5gMy1#@?$CFfaOE-yu~rxq;gK55}DJ z^e)TdOs48bY9f@?Cg$7NnassuH}A2I(eK<2@hpSk{j-nb9$d@|wN^Pnx0$HwOfDad zo=Z!BiC2Hx#H8)t*GkitYng7}V?M(B8a)=nXZUU$ja*LO9`DWdr1Kbj!(1@DJ)0o> z8qevXZf0uaGV?YLhNVboyVUI5C=MM;nt$R^s0aPbvy<5JO~ZyfYnj*glUI+AcIj!j zF)4xwF82Jfn8e>v>mW(74v|5{lt=DNBk#{HyDOGEhr(S~dtXs$i{ROp=&npc7>LWU zlih4$r!Em9HV>p`Y9BZoNSq(85@VOwC*8AsGY7SJWBXFj))Lb&frZ+gK-F#!)%=r zacY_j3L;1&16K=|!it3AXm&dwQgJoB(*1d?c~O+>5j{#lC@5-?s6+{2hHBz>FsOeb zULWuiaV*q3I9yLWW+FQ-oV|twR<7jKtLrq8+s-;x7B^YAY*`!C{YhGTBW9hIvp`2V z?4TyvpvMt#Udh(;wO&DC19r#(%?|q?fCjJ!=K0~@fB zo<-*y&X<;Ux?GLGk-FpgD`W4Hd%66HN(MTO$kvrjcRnQF9-aW+KJud0ZHJG9rbA}c zO{eo81b|ncf<0&6dhB_z@!V_^|4BIlO6yS`i%UupQ{&jxm)^979)LH+PgfwU%h3f4 z-D(PS)?VT0fbk7NKdX$%{KK60dc1)CAaZt3m>r7xs`T+dpWCNV7?E29R>iRpQmbNh zwYgzsSnkKypd>0(Y6^iU^?&zDu5kOTY}}vWSo1fSA5APZi^4BGwZ@$#N_{!3s95@; zYZE{@HBmqsC27NT z?K8lfFd%m6eNJ-+J}E8@#fh7Bn z4Ra&4E-$VHe_CB^HhKG}@ZqUuRtx)2<_g*^h4ix~Dh+tkVGfPEO_pOex*)X`rfuMU zNv-8w&Al>+OUiJ`H}ckGVZa<)M7JE*>SnB~(GekucHe#u_`)fP>Kjn=?0*&+ke#}% zM8`h&vf`52M!7$Z%zIXe2OJj;e|Kf(RI8(m;fgC!fqyo3(}d@w;<9U3y2bpwiwcbq zoqKzGpH66uupbqT4dj4gcfaI8(h$ zH<2OEk@Pa6Bx!#kKBn#uK`1UdOhHyi4qkeM^ozZ#SGe+Jz+o$B)IkK6{J!ktILD9Xf(Iyslw!ZG5z5!vw1RfQbSmab`O4Mz`^9E5R7#-<63vt+UEk`yMPp;B|L_JQEOy$Fn)? zi7SUBLb$oamFVVx5Yd6NjJP{jZI?_&CqY6DCkk!tEW15qZH*LadmLSYvE^NvsSxy* z^EK(4#G@On%CQTP%g^&v&pqoL2izXJRDuIlmhNrPFUv&Cn69=<1XhJ^D+xKl;e!Il zT*?aP{W5LL|3#|@3`)5}&dQeW~^@gL? zkctfN*KRx0NXT?>qqKLAC&+F3&%6DQjl3MUIiCxUS4IHCT{pgV^H~+dOwx=Gqmvc$ z3`}%N+E?sq%h?1{WBMYzz!ZF62_W(4YA)Ao;KJR7)IGfJs`03z5(;_y$swJ${^G#* zK{$E-O;E#8PXQsa1HEEAxmPR31@_?I|E(W-u;?Wi#oi0w=zhb89#*IdGUgB=(KVI6 zk3Wazab@37Z6r82zGl2nuGX1@qhIb<1TG)W!?C8V=b}b8;R<&LS&gwO6Ic<_woCME zZ%xI8&pOQ~4p_^WL$e(xGSF2spKIxWq<^V4#Y7z)rDn&7( zMrUa*QTLE-?#$Mg>+d8)GsvRz9!RHO;vd(rmI^4a8DobB{(#SMI;PbJLJsmOUme-2 z38OmJ6_k52O#Da&6d1xyaD_TP=RB~h)w|E>eSe|z*s7R+MUS4kiq5U;)Y}tE0nc=( z4*Q2dT~ber4q6_Bk3qUBT1|d9Hk$|b!I^?u2P565^91JRuod$SEP9vM4Ey69sUUj@ zYsJ;?I61Kus=as6rOSf7n|@!@sDPd*y1+9v*aUsi+8VY=Hf3wKE%bp9>z7VnEu_AP zUQ@}Cm^Y$7ihuI#dr!C&Pu-3ab1Gg|Z=L&6|MVS!otmxy!?5g77GoGKiEpa{Fbf5hXMSWo)Uw`-O}??oGr98>dW~ z24c{#hUL&=EFw#>lb}dWzs|l)GH{{qeeSFA^lhbzIszlQ)*7`E_Id>yAb}VHTN%S03Uv?Z*GQF2L>%K|sF zCl#ERd;NT91;(k0t^9$mGx15KQ|#!|UlFNmNeVpqqHUwUKHq#QEju8U(i zf)Q2@b(>B<>|(uOUpfa+fc4rO2Jbo<>Z7cPAZ-bYE}EO$EbiZtNJVL=VzCql#hkm< zDmxH0%VJTjzCRW8aDB~NuBQ#8mAsHv1JFUt4;E5?4I5ghYPr&4+p=bTFE#Gysx+{p z4lN@puE)Le%S-dOla?P!(7~~VOmYhW;=gX*8N0VfQ{NtjDFflIFGhiDz{9pg9ppFD z#gLE;@uy_10(hJmDPfzs^uZZdE8-$wHtkB;9Bo3bxWKOS-KWdLZ5Hi~NSA#xI*nfz zXLBiw$Jb1*1M!`IZ8v?BK*)vDIVINRd;rN?uh0pHaT0A-pF;miGSL=lSsF~-Oet#@U>bdmDr~9_Xo9#Zk&of)pfT&2=}x(P+Kd+ zxVwhCzUQxFSA8i8Y3_J4?9%*C_45RB&hPIs6fM$quI=p1C~!@^AQkBBXZ4M)G8}yapM3|l5VxE=ZMzvU zT{#&k@79-YAlM{dUmj|^A~{(+BhxlMu}?)z(^D6fwNC{>kS9chD|6G=kMSS*-Ul`8 zwoT>h`uIHMX)bM(nS2W$-w zm2Rd9NCQgvOW8fyDV|1N@A?PTk0DlWjNOS;YZN|x0+>R+KQ3nnUQI9OoFp*jbT*1K zEs#uT3zXkrPH(Xk$bei4q=xCmpFOwDCAPq|%T&7|-3g99fzM75PYI1MBst1Fq?dRW!hSY6@R-L*y2~RCxRmJO74Oc&i zdYg=5)u=7pNwd=S`kF6ZAvvPlq9feMZ!e0Q#Lj+IR~oMuiCxX3fpaow&$J=to;+W7ijpn$WGQY!5IXh2wc`BMLb3@BP(0iJ=)!UnMKtB~u zY`)=_0Qy5?ubx{?&0i^2qDIF#M)48)(%Q}FG0-72NXHq-?~s2VOi0r@A9nckG4}_@ zXMeIf&0YC6)@BmN#nxX9m_$^APUg+GZDx1u_qrP*7j&w{H5|p_nQZJ&(GI_UUb#|2 zS*%j#m1~_-AeZwJ&2woXsSysfeP76CK22J^WEvomnu^DvI5c9KIg|E|t$6kdnl%dP zG#sT$$w<$Oj2++CJ{?J#7)Td`vywO{$>Dewt4D*^rzXqYKGW9a$rYW(DJh7l-Xq;P{L3=(De&Ak-CuXL~_^RJTc^ZiTVn zX(T|7?1ZA$bwsjyv?XR)z&S~aEaR7-mRsr*vIfwB8rtgLG{v`$MOR%s1i6R^8G>6| z-l*F;d)d2RSR7l0%;j{7S4!qE+^<*bnVX&E@R_PUCTWi6qV6JCG3w@na3Q6>iOaDw0V*! zw<>P-*?X6o-b`dzoF|W%5A_}(E13uh8&4!1ezmk)W){O}J#p4QkXkm<uu>_ zWa9g>p>=H=Es3RSS1#ZiuIF<@%UMj)kXce#;G~s}#pm*tZ$-7@%{>uSYK*FK#>sv= z8lR%R(0>iB8551skObA#dPFnjUO5&3!=;+j;UN z=>r9j?TUdoh_q5lmjHFWMJnC1yvOew3nf~IUQ)$UZayyn%gYmp5uZu~=Z&<#sqp{d ze&4e@91w5ORo9b=G>8gWQDR78vS{`EQP)DAM|Ym})BQE8@XtE?Gw@(Nh}G{T@iahT zeMZglZV25Z^`uvQV>ZJ0rmnZI{u=6N;a)a|`*b_CF;$$r>^xP3nZoe>NVdOo-dy|A zUKjKwiTP6OgHLQ}eHV33&wsYkwq`!b3C5b%kfH9A)ScT08v`G2nLzjrnNle;;ODwg z*@zK6T`5|^ed^NKF?kr=6gM#{f2CtIYY%Z_w{XdbftcG}D(b&Jxd_-r-MnBJoua>i zdIj(N&BBk8mbz38M7&z3&1@|~3u~n-+{xj^AqP1iF}wX9E{@yB#sP_ZrT19-gAMBOXE(tW?imM3m#x2hVKKSyJU zZ!n~yRN{MyN`DtyBPRN8->NriRTO8VR;}U@#)o!$Z-p>ob7|drCJ~)fKCi54;yh6^G@f}n zf4()RNmh^Xl;C6dF@Yefy5`CjJKtYQX?{MlWikhnLP{^1M2nZ=++)YHetANNy!2qYDMSBsvR}y1p|;i16NN0`IozJP7-ltwomrAOo1#kbj8d(h_mTh# zc;7$CN{RsD`O)n_Oimg7-BDAdS(LmmC>&wPY|FK`pT`jZ~%2(v{0n+#uPUrZof9pwT zpz%HMrD{PVkb;=l^|n3%MKi5VU0xMbO$Grko3RDi=$UfPdGKHHOz1grCK;Zid*@n7 z47urvT-S`MmI~gTZ#05d2{JEck$k1b4~0-`r;a@s=Ht1rrA3gIgUJRpDunjp9ygV4 z_-Ko%T3l(3nz%!$XuwbIO-J5qq5He_M~892VUBZE%;O};y6r!SbOZfRvxSYA_SRA^ zvJkq|C}3h~2ky-|LS$CNgCT04ynDt063JUW6^tl^2HN`g zgfZI&oi5#(ojJ?uu2d7gJKvwMazaM4`N2>NRp@UfXJ-FhU`o%?w$XHR~N%i=SJ ze$Z&fZKAGEXm(?A#(@yCU)5NKZL>y;TQAYcwV>WQU!44&Oct>nR1xu<@I6Hi)vvCz z`iBp*_8x`PsI1uluT zNAt=u&9TOqV))f+SF3vK+^KNsO}oGr{>AFa&DLp%=a8#;-|qPQ&B^*H5QUhe*Lv(+ z{o{?rN!tXW{rJYC&4dkU_KKPLO?kND7JacNZ$8&O!HMxHNtY5HyPeFx8UESNIas_Y zwsXLl%I^TpEbOuNsv04&XRm9rRDCqy&luDI)a*w(!^PvKZkm0}L|#vw80Reo8dAY= zXggofQ=u8lBDSrtrn?tq`-^^G11~~!0piDA+re(lLNjR_xIoAQmWWlpd?9A|Mt1*! z50#M4r!4+)&C2FUTgSa88FPFMV|!6qSA|ZQ7c)-ST9g-Pxf2x83F3&aTnN8bx=hyW8w=ZZd z&1vrLRx?*zM;8x+c1j#_!hgC^Xr7OmK*Ktlns3WYQuSwm>+ekwRS#G(ahytRW^u&Ch=%%_EJa@QQeTE}wtm_>ZY7gd~JKUoQ z=XKvt(bKhP<2OIjb>vS!@7I$69pO=IIAlCKBv!LMeSGWxgp_nK#6FjO2;k<}Y5pQ) z?y&9^3cZs1L zZ79Fb*iPLaA=+tki7sm)sHOeJy*u@J5@7(wO^|)}gjp#`-uKI=84FJ|i#1d5#nm+V zgml-amD%krgSfCtRo!b7?w6dL^)y3rPQS|n=+9LW(#RJhZRWVb88RYRrN2NpS(hSL z7C0*xr54Py(vb|y<`n>k3bV`lHb}sbLHKdUQ;}X=N+rr_W-lV3j_x?wP}P8k$a8V3Dl}(b z_cB3gL&9EM#4$w-oNWy=Z;W)DX=`Z&2SRRlRHW!$CP3De?PgXdlz&2Cu-*=KEIb^2 zd${!@4ROzH_A@XaIecTf(OHFPn5Ab>Y`WfcIkXXFpjgE+&wcmjCp_2IF72E{^D83j)J#%LA{j+b&K%ir~0XWjbQxg7o|m7j5E;Wun*Mak#K) zC{IiB1ngtwwYT;7S){;>9c^;eHz}~IeXW%-rQ>Zewo-0^gu!hwD{!}HMqnnS!i{*6 z;tl$R%7nfUqp`%tmiGL`b$y#G<;L*DG(*a^xwXwq_nOV_F^j@00iC7ygMf-IRdJB+ zEZu?F#rxM4#i|4|wg+Pyb9YK%KxdDOL7VTCfR?vga)GWMNxQQLB5`>q-OZdRl4QSJ zBdd_WrWqZpa7Z;!7wiBWInT6T8oAfV7bPSD_agPV@}>Lcg`vX18(S z1h8H$dE>dJeX5z0tzb&(jaic}mI!&Dd$)%%E&VZAl)D!M*fB@@5QG?MbQNkUENADs6#L11gC(uf!lHY^AH z!Mp0O0<=2E$j?S%#}<%USP&uB-`ngs{t2m;=8_jVXVd+ec4vmgDi@~rJUosc;d%)~ zSUf=OsjR%iU33v*w<7lDQET4h5Ax z^iy$gkT+tqe}5yd8~;IXOuDd6lt?>f_0ljjK0;#5>LC5+CrcL)F#Vvog>b`;erxMwwtp+1kHH&xCgM+ zaOK()NZ2|!NT=6qPW-9$hT|GDP5GTNge1-V@72~yzTpp>P5-aYd>@;2jx{EU72Hc^ zO|=>kGE7%Ud$MISbdt@)G(r%!5KX!Wx(~eEFney})zfg03SW9BSD&L+D?y3e z77efL#AVju$bj#hdNRIs48AxPIe$EU(0&zgMw#F^Z$0v}qIzk_n2t8djIe94Ur1yl zqU12==)T#|5$Up;d&2DLbk?+MfnG+!a+D!MyZr&rpH<)z-2F{Pr&#mDLB5&{qZPyN z3saFB*&9sKR=tC@Ex9c7WX0n?7889a4a{B($aPl!LZE$daOihXckoc3f`>vLwuk<6 zrK{b%yFdte%261En9r$2vZrmqUkLj=MGYn+g6RrGjZ>ZT2h)XdmY|54Jmd9jr3o%D zk5ibKliAL;m@Xn|4J{-g9q5gd;Z9PE^sC>4!!g{a?fzOI3vZ7rd~b!wj%2#(JsYb4 zh(6J$xkL!3MynsW_0={HOea1Rsc@UXwj!Py3V{0~u#yflb{TGaT=1H4o0)ggWO5<6 zdB@f&hIks2&IPp!cxJd$$FE{+ujrYfNRA&%g5;GjtX^{7Ih6Tg*t1ViUb;-b-`MEO zxWTUJZenb_>nzKh&8W#M>h;j+0Ay>v_sYr5Rlv=XE^?%?Yg)N{dMj_*V3>JGbl4f_ z#0TIMt8dh{dDmwoj+xlajvP?Hj)iJgyr))@NL%~%XYq12ML{L*vpWLl*VP;c7ui@KiSP+WXVva#yu-S=-CMV%}uz zw))>!v`2O8o9y8}8gOubZ;cAmq^hYGj64x$tTf4}HDpI~$L-6DbT6Ux-4A$D7!#^D zpQ7%M@ZOX#IIlHL3k2wT4X~pj7abPdG!`+C^{HjZEO0$vRedqJ%1NWWEcuzow=gBmT5$nXvFymfpN(Sgbp z*?fz6g3ewPae{A1THuOQnj6bM0ecJRJ=(zM+ZXAq-$jMm(u=pIRcK8SE43LH)^Tu`GLAyhP{LRszCFbrimJ?gy`$o8Ak|@Z?Dhs5nBf~HF z6wTKkV_8wGqsJ3^s~RH16gF4RF;RC%anfyT`b2U&?TfR@vunKMqE1Nta%2Cr-%!=L z7a>>9TzeWbPgvQ*w2KUwPI7Dovja)9+1VVd!<$y;zb>SklAhJQf;BCDBFxcOBX*6J z`AmjUD^D|xHWe@X4~%&i)+2$qDN*4v>4CL_J_^D1_j0`IiGvx!HMr zr9je1twJz&Nt0)_w!mx@Ldy-u{9*F!y`WpxN7z6jiOvf!O{JlN03Gu4z8oPlBd}C@ zM`h4NNoZ#BQwDi`$~XFmrkgil*P)Tsd1&D~oV{8sCBmo%&H4{bM<$l^o+j@;Kwtk} zX=*eUoo&E~!HxEOq>)P(6#Hw)@_|3WJH&cOGt+7c;`CL2&Sr1AgN%=u50P^RvYNNG zWydXJqx)And@S%UP*^I-+~70)LS^TPXj|09WZl=+rTVt<_M!E?X-CAP{wTJ`PXx%D z02&36K4W4MQs`nLhviYuraI9|LsY3|w(%qNWp&1$`6?=c^M0_<@`nYA-gXh}$7Fi$ zNG^@*G=R2Q&WkF`Pm&zcnTPRTkDN zi16xXH&y8~$%+*4E(BWb&k9D}(%?*~McLB(y-o7^2Pv-* z^+g-+iJ5j0NGsgY5kGEAy{+WAWJ`^8<2D}g@ATv2*k5dpjm@UDi}2iJvl{KZG6 zi_8dFIzE4wBN_}Q`fFGD#~5o~(cD$f=HXUrYfpWmpBbqhEjz?7&OMH-rci^g-imH1 zU;W;WrF1HNo$gaHNMXlAlaBb4oqC@hT(#+-&DD00 z_a{>Wdd3~qCnT?0FR`->q`Jcu1i>R3nGzSPPAMW6@(NXS zr^D$F+czJ@JUnorbwho9@nj3G+DFlz(i9i;T!#11Pof0j?oLnai`Si9%Z^pGMBE{W(znUd_HIwMdGPBW1%YRIP-~&UYnJp?H&|7cW>aV&Gj|&4RCag0$2B zppaKsQ*|)a!f$b0g%hb-FDO~(Z4Hp6@8QOTzWNhSUXGW!q8qEn{V3SKm;3U5nGb5& zC27UHeQGziaQKz%$_f}YIG-4F-z5_H9Bg5pM+O}E@JJe6h7A2}IW;Ts8gP70=t=Dr z|2(N?^<1!xyA~b5M>(>R>s5OI^h8BOetb1A^}Wt;e|*l63bD)hyzNH3_vmXGCG6WK zKIUera9HP`bU{t~O5~1v;2xTo_DsWXz`hXdV(xw>p@hdxs9&nel78*hYH3UDmth=A zd#sywkjpq-^m!vMO0GvAq7KGszBzXrkk(7@`b>qY^u9%PzbIBgfWV+Q*VTI9(BV2@ zXE^y1&pIU4Yzg1lZQL&q6u#PMZ7NJU^lBo5K+=A>s~3E{*nr>)!^4X&NAv}c8rg*L zMBFI#>FH_h+t`3KQ9Wd!p~r_v*VQE%pE&X&e%VnvG6|~;#;bYmykHxQwHs!y-oPkwM317mW;w;-;j$f9N%h`}72%x^1^-PzXcNn)D(oUkmrU*HZSU zCp6rVe8K9galuESm>_6Ys>C$DF;v}Jcp}**DyvZVV)Kr@W3AdG-m-(Imm6MvR?`Qm z#{jmdUW^9WJ1*lO*9ye9)0y2)L-JaO$L;WcS^)Ad6=}UOhaAMF_wPCKD^S~i&EIt& z^=W3zl(QN|cI!T?t#k(peS`>?pjIF8Q(fQa%Edp!Q(EuOvA*1V)T@6+7v-9CAxBv~ zVq>ZQs*8LkZcbVp zuJ#2Q)Nc_N)d0|MkXw)qupV)6>qZPji)b5oO_R)gSP{w%H@bY-8W^U%V{|a=h3xI zJtWgN0t#fgD0Q5g>;p&W5G4q$?53FyHl3?Tk>U2`ga-l!4&Mhk_Z6VB>^IRhM|Je4 zw-5WN0VLwlt-eZ%N-zGSAj>Vyq{Yj$Zbyg+bk!W zCoaZyF)^}9WfbI6${u;9Y=9rjI~j$C42f~!OQoZB4wvA49wd*96K(B z+P@)4-Pv)0HKTGYb~XkBQ;~6apu#>~{1}HP?Rm|E8Kv#z)bm|PfWX!D>1qdzaG#ph zdiK*ag7C}0oUpyo!YU-g-6EWKm*XUR^8Va*<>eI8aegi37=8)548hyQJM?))zx60% zIeyH3^mv_{FZ3?+oKSLjUhI1GwHk6lUpevn>(vTkNfHQ&mbJBlW8pQg2DLNR8pf2l zB}(4AIS<~@R-yCVMnkYT$}_)}G}Gp7$T-WCd)&!R7n;7&q7uV72IY1J7tkA+(=W;s zbsc2R48$xP?AgpIV_a$Qwgs%tGr@8Qf}p9j9&n~uDDH=6W3gh?#43USJoMAB0x@>$ zI+z$q^uKX3N@*9W^4qe!EcJ3E-u>*tv+?ZKTACT=R4B#_1dci3cqRgjY|OyQ=xXml zV+bFz$)B1xf>q^s(D{}efpZuO(LfO}k}+K74NRIB<@wG;_h3GKtF-2u6fZD_E#YBQ zE3Rl9(ngzzzFidAVN}UM3B&}Sr8+UWy%TMgV@#uB`Y8C{v6te1JwP2C~V zs6=EPX_+ef#MO*z2w3AQwNI-S+?6s!ZqSqUU2m?2uvA$@oYS=TLZgH+t(R^&UTHUp zcb;;NM08$#o?cttwu$CXWFC825bGxEZMIqluNd~e^&Y(VW#=r3J58Z#N9PSalH+AQ zYizL_W`%sm<4+eOAJ?FLn_s9DdJje3P;`S@x+Ly;)iEoA#-OMJH5!turPSS%O;9tM zCST*FuOb55VRHP-bm~OYmRP0`ZQ9K| zF&SFx)|3Ih#Tb16ttk`->JBG<8NNh=M+@!)auOjPpT-~9~KE-lB56DRm zPrmRUyumKyBnL%xa1s-(&Rxr_i$RPySfif7AR!k)((f3 zg(?+ihn5F^ZEB%4mXal6`ZV*#U8l_{3&SP7Ug|82jd0t}t=Ha_;J>%TY<4ds+3w=n zmh;@FGqpO1qru~|UV5*{kNW`7v?(0)i%T?O!$sayrcOI5a^yyt-IgP25O>TZ*+gcU zo$$j`X=<{3A^rEkBfI@WwxQBRkn7$37-^K4ql6f~h=mSrx@;B~#7 zcImgW6WS-G4eC~{xfdF;W0T?*pa{t#xrzO)&;YF_sfAK~?!-o4L8SAX!6UuNbWx?? zeX(%0GRk%@K4a-+cG}a7FF3mls!Upb>bv(smbwUw(JjV=@NJjRUslj0w^X$N@5oKS zB#h$im{d;np;2)Jr#eOrWcfzn`{yx`ADbYjN8)}UK5&>l+}5Meba3tz<~X0gr1N4{ z|KGARM+J!3*w|i+Dmq4Z=tBZpEs36{DPELm44TA=VGS5xQIrRlK@KzE77hX>y`}CR zb4zSeFZEt2bG9~1xprQ>&4XwK;fsUBp{Y^4|4?lq^?SyGxm}{xHx*4gR-m)T#-TUcCv(oudy!>~@h$d%Hr3ncIqc9k$$g>08T0Cmec1SSk%LaEN?$4r z!Itw@sbmJ%v0od`v%oZoi^_UWJ+4WK{gs29bC(i^iRIs($}$P1P6K9YG?{c!`fu7G z=8$G)@Dj+zUGu+u^L|snU{4+OJ<%T9&cn-#40OgF0Mq15OMo`Sx0#9=ns#^^KEvFL zo7d_cY%Yjz7socQwX|A&pM;p{|EKE5n{&2rvKNt#V@?|q$uUDE%(8l|l(B^9?PW5ZA!T&DH@g@TEDj{OZZBod>t)i&E zD{=siZRXQ_6LyG-6QZwH_0CXsF*d+<`6agZ(SHTEC!GiQiL zzKG&uE+c}cO)p0zhoNse7S*bHY8M(=W$tH+apc?O%%m(t`{FY)GbV40F4T~R_1U~c z#VUdSkXl*8oPWhwOJ-Wpj!c%^j*}P*j4S#Ep(JV`wYU+;7?kvw5O>&D&G&SqjY#~> z;COE)TC`_Y!=1=4GI8Vm-}*MMqMd>*$0G#acI7AB+T_*o#+cI?^@%+DZ+6z&q$+o3vCFe1TN2d)^#XP-!uLV{E*k?A)%gPY<>>;t82-zq7kW^x+e+&VhRiD^10&gkh0q_Yi35X=ec4)x`g3&ji3YbyPRD1;ll5D9$tF88e!-uCh(i8Et0 zCK)2|BLD792%*`iH^*l2{K{`wfiFuL3(1))S-aX;H*JVL-AIm^KJ7qZ!nnyj?Z5mg zh!RoV<<%UsTIO@dRX#5s;$jVZlF4^ez!{3?1ldLexMqLY{IWZ!n+{mwbDzm+waRmS zJHK;Y<(%mI|J^irFln1h?5W1N^na?D-PNd@EH@t@o3R7Aiww~32(}H5HlpWS%E>x3 z6(IXh`^K^K&W;zY|K-q2ut@Q4vzyBSsxxD`0`0=HF5O$Qw=0^>D4VY6CT98EYO2IP z$}rQv6>kJZVQ)x_=DVG5;H!UBVx(dG;%iR3W;6{V9(QpIe!TJX)PCFuaubnq18wZV zFyjk^aaJq8HsTqo48=ZL2*s1~CfUr-B_$Z0JaYr5Loo3H7TD$K0z{9^U?tK?Br96| z(0HzVuuNYq2iFOhh%4u6ir~&0C4#-e$a3b?c9N`VV61@IcA$i zP^TdC89q>`E9&rfwx4kaz zsxUJ?OQg12L}z0PS>NF7$J5$cex0g|kKwd?kuL#Ztj2rauyL-XZZS7m9gB8QD@|<- zBXevU5o~d|p~s|6O`Hf*5s&p#3>l4>yL#*&FL9Yf3vL!!ouL=hyS@i)bl{#G&Y&Dt z*P26Z;&SfD^S#H3@BK|o(FVMaKH>Cxf!P#dfayLbY1VvA;LgS$$*HjTM$;uk?7lv4 z=?QXd7qW==_ObL`&j(W>ixX$FEn7_C$UBFqS_He}`c+OIR?IYEi%FyHo2l+NIwd|V zi>_v;IsNCOc7Lj5F6iIX8iwm!t$TepYMT&F-AK$7C(oZYVIWE6WmX#l#)r^;#p<1{ zJ!?VOS3^XnUPGF6{4IgU>utl6FGFY3tMU8Z)@+ui_G{$shn>QNIN0_)LWePqKIdM5PTPl{sIRiidS>!+XY&D_{~I8g)*4RFwpSLN)E>3pW0&KLdg40m&Ws zVdqm;=Zi@zxBXOZd+nk4u3hBD;E{Z)_J_+y(UI)Mv$g?S0t3I`3SqdZ@D!e1KH@)3 z1waMoCDo_&AUZkvv)&mhe_pTGjcL5=^veTbD;7C|47k~G!G=&*I{xxzk#A{g;B7r^ z$|kGtqMKlO{DQZH{Pv>^%l{KnP#~Y!U33DKGO^JUcn1IT^5ev}J8dro+h6Y~cOfr^V7}4jLi^yp|G>DfG3>%> zbYC)S0TQmP69FD>f_k7q4e6bzo84OPsU!_kmr3+0wHv^)=e;AFtQJehNsqHuORQlm z`BbbALBYzpD&hOwQD~0%&H;jh6L%YF4nCaV#@%XLBa7%$lqI(b#3fe2Be{{Cw=Z`} zjsXFzyUIBgeOH%&H&*3pX)NCZTTm=qqxi_g4@W3m#FTZ8*}N!ExrZq;XGC4RC*eGfY3j*S90yA%2)?oq{64eHc4YIVc{S2A$G zXo+l%j5HI;DqV1WNe?{*Ny%O=qmd-X+GgqO%wI&eW}QjC-B8!6Jum|i8v-q(O^>j@ znMV}%LyVTzac3cTJ{B4a}6SZEBP*gXXFb$qAPHz-%&6 z<=)k)?^1xRVJmyGsKFMn| z8B_u^TFaAC@CK)Xc(Ho$FOMSTX1KkGG__QzY|{eef^#40^DujYO~)e3QZVb$8xQkg zZ57ZVdKoX_?e0H+T~6+IbegChkNC%XLedN$!B-;f>obo5?%7IVl2MyfKNKoB8$bg$ zxT8JFIg*<<`!&|3jocA(X9K^8CN9fD-YASav)~%u^IZC(L0!-D^Fkv2^md7AZ|Ac} z>R8%)UzpwDMFT#HXr)DH>CiqzbO_TbcyAgR-M-a?+#GgSAL|n?BL2`3!0gF{QELX;5By@bVZFb83;D=>Ug!& z1>TMI{E)9~+0{fHl`0~drK}%;;~H)!>0xd`WrzC0Y3d1lCT_`QXEhw;K*?~+SWZ60 z_M)^qw_c}#<y{*i+EQoej)Qk=Z!K5dVBnSByRPGcmi$6c5Knlk&VorD7Uaips3e|3=cN}~juGZbMlGTQjfF;^fCbma!eYYa zl|A};738F+QSp-Xy1uFrI6K%$zQ6~PFe4{g`M4^bv*!^`I+62Lac3U+`c0ATjZB6` zqwn;!FoO>_@O{qt*;1Z@(4z3x7|0XLB4>5OyxvDqA zF#u&w9t~Y5ut3kBp}Y}WtogTVLXW&0!1KZ^mE8{kWS>;?#CPQ5WA z^xEtT;*Bv|N)&on#D4*vZIseAcAuobIt^m$5;u)J+=k9&?}?^F;mP-ABd|!|S!QMV zN@%W6R;2o|=(F+h+%f;<;PzslIt%X&ZF~f8C-J)?leR9Q9ks;EqwwDHuT60<7U*4A zw|M&U23;4Lv$;YoNA+3H>8xt+91C=bTj{cGq9z?_nTZ9NF@#@+DX}|Va@*obLM?sI zB9_sQc*R&vhBohRn#A6y6)`;dzWC--AA~@YJSX$OwBrfN`ci!oBxKLyWKG4#AZ~s2 z8BTn!bG;ismUF$mR@XroF*r+MUnEh4J zwk(sCTivh~Y%i(UnPS;6@6pk7(}XSR89OUZzQQ{yIM(Fxro;Cp=+y$yb&pe;d83!B zwB;e3CQ#4BkzF@$IE(OcM>2pe!q=gFpnVfkKe%^(kvu1@XIf6DW42&U7r5(QRVA=_ z&)r}hqA&id$URvkq!KXr`>i@YXz`532s~_)!A3)>2IIs!v+>Ke?2TR-eg6z} zwC@WOToq5S>3c{LTND^|^2EA`&oCM)=CwJ0#Yc2cMKMEdF z8HRDJG-p{ZW;+7hQC9OtYm}BozbYHTNG=Pst=p3X+7h=Q4cF~Lk(==deI)Q*MmbUM z`t-(-*1j1oO|P&`k`C~G9%ywI^{98o98Zqmn8?G`YcpoHmSxd_*5%grSL7ksewqIx z`Tn=j=j@{SCa!Y_`|D8Xxx?Gr-cO`sQxg7J%a|+{T1Av`xC-YTCBPg#QWLd(Pup`I z;3hnQ2CCBB#;Wi|A!?Y{OPjyGBXvcEyZrE|?RX=Q$uL`ETZ$BMJON@davoyHH|GiN zvvE4N(QVC6D%zRDry^^r!W+7noTu=Z`QDOV}6L%oq-4OP(68Lip z+SAo~7sIH9o9d()_GUGa4Z|YbHrQ=#)>2er!k)IaR&~_AkFqpWc-XLY9xs4KkLR-+ znjnV8KI%A6>tIVHs^gVC@!^WMl>;%*J2X1q!F6OaqNxP^jwG*t-_5Cqr|WwV++As6zg|&q z>RzmsmH%50&BtC05fEque{*EtV0Yat0h0ZoYVxnDyq%%DYlt06k)*Bh(e^j%sz__g z%W}7OK+v0^b#t|OUYA~5OKK?7*O^8yt$%nr15vFh+5+zx8yWEAz`jam0^4798Ngq( zbDdHm6HDA0iU2rO@bZ=<(Ni+^I1DZ7I`o=kGgks5n0GT2nW%_E0IJXk#*A2p1oZw?k4a=l1c7+ixzVV%wzR58%I=S{~WP9Ur@yaLn6e;!h^XD zx*ACgL}M!dtp94gDFLbsPYI1W|1ykqb%}5`oFVS4GEh;crn61ulRF=3v9qYv!AFJ= znF`L7!V(Wma`~Ag!)Cjh`o8C=OmtI;=6Ry7d*5HlaNC-qFNukWhS0q=o^5`h zUv2bMds~hr^Wq$lVJ_H(%HPO3f!}v2)0#w8>A@v-gtFOnW$5#i3vp4y##x{5eCez) zzt3CA2 zeL3bEM_QKh$8f*ofWX(90K>c3`R6(uI8t{>wZcN1$xC0z&+n<4t-QgwXZidC`-Iw3 zDXgfI~N>5=@_Lqb7-cma7#?=1Acb0i_$t67VcO?6hy2_Gx@U3OS|GN!h_D1 z1i}oopSW!iKtDj=jVAhZPM(;E*N-zIV#)ox(v=H$o8QF-lRfQqpW}kot0`?~ZPl^z zR153r1A47+r_0SJoMSTUmaf+Lb9Aef=OPp(EVPrA@T*r+31&g;dfcon={5vw{q8z2 zTzP7)9_F`0Ta~|@-5Uqw@k3D-gzivPKKC@22m=MM&Pq%@EJcB-J#MZ50Q|}e+rbH6 z+hCY`22EhJQ0@WG-3UEn(j9QPd3c4a&3650y3R_p`|&KWF4^Fc4pTKz8y$j+AX`yz zJifp<>kWB|@Dew`X0)mx2)k z4bGii>Q%(8F%pR_1rwBva*?|)D?*^B7YnKw+FpMI^n;9^5r_gMY;|OI=4EPRy2)EB zjSvz9CN+zT1e!Ofa-y+eWfac~d#L2-t2V%pPzQ#eN)#Q(H0GE)7wBt0JGl5EWkYzt zm5n-o-Oc>=a1wQ2ta=Me998rO7e_Z(@tz(1KXkZY$ne?05q?0MZAG47*=pb7)naoU z(m^76d~K!ON~`ByQeJz&t4!uD}@A zEl9iu?UrzMBObCK2GtiwVCu6!Zqssa{Pk30t}(IEBvZ?CIw0coxMsf_ueO;i%=bZv5-I-FVom|01x!{HmJvwe{ zCg-W$i#5u+CX#Zy$(y3_E zJ2nRPq}K(03?6K43g;AErEi!d z4#`I+yMD%+MRpiZP3QOsf!#GMw)0*LlX(^RVH+iJWG&lN&n4JiFI_EreSdC2Nj`U) z+vs#9&K#ORQsHqXj>sEbXDJ%)`QAx%&m2#1lGp8G! zJRmC>y71rQ+}7p0=)_z@Q&{k^W3C?AWr=+mb*#R4ovNrVWs{J^Nu zozr#N*50JvDfatPT=wCu!ICcvTi#VkMNyyqg0?-$L-~cuH0r(=dNXjqrl;3V6G|1m zo&c=NY>jx=rGS$MXZ6&PLl<2Ag)@_lwF*d{uN-QcLWRsG=9WJXs~h5hhgTX}y)yK} z%I4+!UR%4dpA$cf?k1PuGV(BZSN*X&m>H7doGn%0<1WKzw&JVgtN-q~TcO<=5 z=Mi4Mjvu9a7|xgEdMRbW<%{)pvSOY{)Y>Pc*6o0D2ovLbx*S_NLfiu7M1IwW>Wa+F z^G|`U9tT{E?XRQsCi5I{6Q^ptisT0qFSZ~V)=o$Ld-KW<06x0WNR=P=jMDB0Ij!>K zYOes3#yawXn2iG}RR`_p-I~T+9=UsY%!G@)9C0dPSy_%DRmegz^?A(3r-&!one8xc zm_9hEUsV4D*$$oume|jdz>kZ5MSkA|spk86LY%cr+=fG-PFT&uAODd(t>}wfuR5cV z3+->aa^~*IB84x&L32-p{BLq$^{EXd0`BfQn=1TFB#VQwQ;z@GgNc0izvgxI;J;5E z=T_guMW3q$8)TDoQI^>hwoRVEyUaA*Sg4Lb(oih;(s%yHkN>-_u^CaCy+|L5Oliz1zAE42IZ4%oWe14F(OcQb0Od66>j8sQYO zfl{Fw>2oUWextK;{n!&XUFFZ^@4+o~Xf3eOGcoVt5{E8x-7KHn zdH+2`Fp-^ge!p@%2BQ8LmtW+vxfpNHIqe~a-EPCWji7gLyF}0J{`(}(7(~`ID{7u` zu}=-U1h(}4H`4z%!@WI3J8(-*6nSFC|Cfe;e#{gj@5DJp1IX)2|0{_9lcUJUcbcvI z4~P!;|2-9WSl#mzjGo@Wt$+8R6Z35lGd>T5#wTLGRZ7^yxr$dNmz3M&{~fR#6F%MR zV!%@TPvn;mZ?9F*$UEtH*cL+RFrT&#hyF3i7CWq~Kiv!I$G*{018C1GcjQ*lmT4w0rQs4F1ouE0=(8-0)_KL`n?(&j_q(2EQ5ebru`s z@BPnI+c8nT#m3TJtx^8pme@bh>EL@a_FO`wvO@7+QM1H^DR(mf<#d~D{AY09N~||y z2FuYGX#eH2F6b>ckKc)Ln6dtAniXg;F9Ub~c}-`~uRPKjsi>Tr7D+dEcbJi1niVO4 z%nV_tbc=Ty>=qV^YfIW1$#)*kVq+;bejOE&J;QI)s>Os+QflF<-rjnfN@rcjue|1W zzUh^)dxy*ZZm4EvXMK89*%;jW_9*95^&+0fI5X<;hPDe3o;SQ9;vD!97apC&@A2B_ zoBr7_ZBl#)4$ZHG@y4n#5%|@|cR^8vej=+S5rH_52_s#WWa;3D_B zdO86{WfEP76-E*(igADCv#pdRr>#@NOY-ZrEu#rC!aotZL*}PiJM2GQBr4kdDJdpL zRVusFwTE&L&l&dd+md&`T8w? zhbNtj*LglDF8sQmfI;F*Uqf^fhcDkAa+d0i9U8`L%*U+cN*Bv2!Y)6}mYtB3LpIcn z4sW{0Nx~v1WNh7_!$aC7%C#GGCbi_GQ~fH<hs0c5NRckl)=JeC zZTf)YN%AZc5g`Q$0x;h)3u;7iTTer zHT}?oGMTdPQaT&Zaucg&Ic8SuW#7Hu{%zM+1sM4W&$X3O*iLhj*=P%6ef*$LoLDJ0 znwib{ggANktc6O*Y)p{ct*;(il}Si3r5;#uwX6u+@iT=*<=rpY#Jxp7XypewDbSfe zy~H?1XITjIulw3do3-NF%F8JalC@*J+KOhfMHTSClHkKEl$F5U`h!N_ZgbsFu*!WL z!x^Q`0iOyEm_QiVHJx3Td%R!I6FgmhStZPvoUSjwVs~AA8ISOaBqH*AxkZCey>gOz zG(_g8)wC0y;cwbI`-7wJ_ zM}Fc4Dd6)eM=WlyDF?Kj#;@f7SKob~ePnKwAPX1%y^QV~rP-;>>G-zxn#q}e0Yk>W zHxfO(@06M?csO8d)vU#fH%;0%K+Z_9=@F#pVddZu3FVKUol{%CYx?;;4uU(gjN+Y1 zru8gZ?0dj(AOHYnPc8@7nIm62JDWY+d{&eraGD+?24xCyR~F?US@({9k1AG*%t^*Y z=884rMj!7{(u}HR3Y_=6!*1$XuLn^Xwx1KQ=O_f2J^=RFHoA>VnTP_+v)U^;K!;SH`yK-GwD_ph zWV`3a$VzVEvvi^`&a=d6>3V~uM)0%e7WQ?eyjZ_5;L-VAAp90+ePV&beZ>3WhgjWa zaY8iKJ(s?L87Tsh5^>=@xl3CY{HHL0hIFFm)-@u+phrkz<922pzGUXIX;QEQ=Iex= z^|^4P(=Gey!P%i%ilFl1dSgl+YW0D!gh8%9{w3U*PM4Iwq54cIE3)DtT@<0x7NTCP zs-@k^-*3rOFoa{yLET5D5_u^m52zrps5g?zG4~Y~kDP2wjX^Cz#IRApI1$IV)Yw;Z z$@kr=#B5t-EM2dE9DZsdGQ**(c2UL~u^b{v#Il7&14goV=;Tc3F6@;&SrPYde5%<5 z!z@-H(mQjC$lF}Q86ogZ)n7``dJR>-FyYqnkEX=DYO$iY_^fL+o-ya<6I$1G10Hx) zT5$xdJ`Pa`tds3*0j*@C{Dd77=S(x}z5beAx5FR3-78Xd_zG+~h}?|5dSnINW>Zu> z?0tVWnBwalYH!CR6B`g{YN*M-HS&Kyzwe^V68VYkIxzm-74ecLsEespZ78~iOpY2w zdA5SvP}u>{IheYPRHpAU@vtyGBcGtp5|PhJdJ#6^s~KNGHukPs7KOY^8)gbR zO`tGThzy7F99}B3hq6;of$wPCzKa(&F-oKdJ;MKd!lF*}A^EVlirM<_26Z7i$=bLS z6Se%UbB@!HI2(2Frc&~wF|Wu>(7sK)4S&`^$k{J9hh2=3>=F93RYe-{q@Eg_k%V+n z+1jtSFa)b6UC4U9M%w9zg~->UAPMyn>6E=*ARuieyrb?<&m%MF0wvWQSix`q>7^vfL%cgMIUz*h!ybw91pH*QX=7Zs(BH;-KrJ$Ix;~E02_p_j$}Iedh|Y7opl#XqF!&jEbX`sRTgZl*jcw;oyeWu?-xxomd^Gy z>6hcm9?UxJM{;h|w*;3O~tT`#GnG!zJq1+g)K zB(m3!8GvAPBxm(`CQb~}Foe@%mYtH9L-bQ8=rfhM&4+Mg(@7M~pg&=oH{sqDV=l!7 zQL>_cHt9MgQzC{HPRQEfDG#~nT}x@7_JxE!b;>E*5KuLKdU_)7Hq91P4n1AF|} zb{9z~fS+ROtw>}CU=1at zLp^vH2JnS)3~N_os!JfplML(sKCYeeH`s$8Huw|B_}*ZG%yZyrz{WeApvGhB!;^jO z#dV9%4%YY(wxdbTiHeQd@K9%u+EYHTfn%0&UD>{!SS~Rdrz&49Z_hO6C}|eBf^!Mh@?~K1p5D%@!iz2z><_cr@wO zN9i4$ST{GjMJ0SBXBqcQ!ct!QccV*KJOA1>e!uXnTtkqsP7$uBR7(EQKIKF4QFc4w zC~7|l@yohNE;B+DT%fGw?UFA(ae~L{x8eTe(859<2iuSw;3u1dVy-Fnz&s3OTw?~t zEg9b0(+BB=bjS{iy+}0_$s1K_zO%frtSqYnb9Tc^(-%d3PbhHSx3_MGBvCoc=mKjF z;f{)Ye6{_@7}IZ!8931JC-43FCJQFCMT;49t}Tm`g}InSZmsg`|BhKaFfW z^?hU_StYm2YxGOwO1g^ViF|Hw%mtE~hQ<%yeV^Vd>-=S5`T2&DcXDi(@xAqN_j|#z zmJL1>DAmswVi`$($;wxl41}+ZjkKTlZ5;-7tJ%zD2Nb{h#d8>mQSWAZ#VYUkZ?@;P zzW<1L1VC1=Pt-Y~oB8r{I{llxVhs5y26hWkamhJ{R3;o%X8Rx4wQ{?Ow;q5W7ZrwS z?+d|gc2f*j8OAVhsh|&ZaX;bFDV^Qj14~w#JK-5gy zgmb@jS!%Q;^Jht5x|lXVv`o_@QmVRmhBmxihc3yd+si67lTuZ>>jA>?Gj?M=`&NPe z)PiQaIL<4`B&@0VBgM$m_f%VS!}S1N6$9CwJRky(4CXcYiF)^(WQ>ov>+26lE9Y?^ z-u2j;+`?S^Nynp$+i?ySSYrI)4)~+yqdP+)(EBTwch=N zbe_m<^o?=xxmS6IPvZ?-WPwK)!$vaJ{=#}rxYJBIwvFiY1HSQX--1qxmqumRgeV?} zns?k0M9vXc&rj6tlZ8*fizx?U0L1P)-FyqVU^zH9nF+ojrpV?H1DQb6_bLh*PHg4^ zu|sG5Z>^tkKGWl% z3DoY9m0rC#Kax*mJB<>q_*WsvBcF53ZO+bSY1UG*%MV@T*lA|S^(giAlD0V=9WfqZ z*59`38Px99Q%s)0ar|Ax{CQhW3-0nZnFspHUDgss!wt^}X`t$9e6Qe5 z1z0?bj^(WJCam7LTSqq|`@yngKi1aR^n9{?OtoSg3bI56VeCa@b~!~KI_DDH5PXtM zMkCS=D0xVzP^PFb?YTs#VXIlVM~iZlVz8R74}cDrF{upLIw_h~}8$q+l*L|$H5rzm&`ZjRAwZs8!*T7(a`mMtbrTT z%O?(v>ow{U8xUWHoW}Irr2gIp{IC2L7B8KpDZPNvVoUP_ORzL4*Tjf(s@H3T?5gi` z2>H6eLOcPe${hl}rQ>jQFmp})c!M)Ucz5@n(qV&GK%kVY8Q}{L-{vy7hu7k3mt0QT zs5$}_AmL5H2wz=5?4DXgp?8Yd4=w0jgImMYuji{NCASnI`tx3YSOL}&5uR#}Ay=~D z{E8mQ`O#5;#Z7uIrdArS`2JX0v zN3C~OwF|bxkYyDVn3qyIulQ4yVQ{u>?+T}*2_UBTT}u!WkgJ(=iCkrF5K$_p(R!Or z2AkAT?fZ`8IR@z99q|MCg5Dt>{X<^Slv>8S#Hv}TA6}pNU$c)psGqM4r2)qM=!#>Us`Tsv;y<>PK-`efn9ox1#cG7WH>~w5( zY}>YN+qP}nwr#xmpZz@h-TR!6YgN^{=2ca5uB!X~jWMo+5m-m5V$?f($wH0DfoWoC z3PJOc=^2?3Iwy)0?&Qq*JAO%;oO%&t{Vb;N$B*#x=6RW`bBR8FuFa3|JIx*_=9yAF zoDs3ns;`)mK~t%*TKOVSBxJ2Hfq_RFZmj{=TKzRha*m?c%c%}fQfew-#>&w3_<7vM zIT>X(sd)C-;p4oJWC)v9Dy!ZqBc}149cWQ3cX)#$lI=(QU66Fd;4Rd^X58d^k#^D@ zj8{P^l17Q7p14(4>J<9vd4FsxRKG}^%opl9m5FTAJOQn$c2(Y(rvGGnu(RUoK?ap{ zYkD(1_*lH1SsIeN_XQs)Tqfa<0C1B1$P5@sH|MpWx|>pLB|oYSCI62C1(2-sHk^qO zTrrw*Y(Vn}p(w0J{LqMUeEBT5)Rh1qpU-YnjyAfvx<4ldL=9Jai!LsUs7m>$psuKs zKUoSu&gN(3WCB}1042El_@vY( z#sf%W2^~>?xB*pG{u*9ThTtaWuZ;E&xcc)PZ6gQv7>S`vTQ!T8 z$|>BZ;7ervgMezM7EzwvPc*zA4VpG}>t>=?e%R;m)(*pOTT2NMtDC#WVC!YeH=v>- zx4B3*M@Ss_EYzAg#ptLE{T;VfdH1+4Fdo$6val;7IuI$HFhRySwJVZgm?vX-DIs3n z#;=0yMAQ5y{W`gM?+=@!ElSB)k;_7$#g$CZZy#xAXEKUP-u>Me0}>4PPiBh3DrMKK z3%`NttL+W_@!k26HQl8?>FSHR_~rg7bQ*uxus7iPlAf|UoV(^^)@|e9O|iG|C%rD@b_Q85DNG%FZ{r|`w zJSh!3YS(24brXq2vp8a$zi_iwQ9NV^Z=T-_gS@tvf>`&i1X=l=$&W)2k>_mu9p$ZQ z=w#kb_{`TD!G9n9dK2Y#JSx=NeMZ#Hg7oV;GH-f=R_k1kEZG~ksa zcs)Jzu4+O<(sumZjfcTR3i7D~DIO4rM+CN(z}~`Z7);CgNpCK%3O%y=(wbfKOmIjy zT00BMaD9eH)QB2OU?hs2Z?w}nrdC|6f5hT|x!iK#(gND~6N8YV^3kK`p_wi_$Zc|w zRAG!}s1OtbofCSDagILFF7W0!Zw%m&>I|)3^L^aUDu+1pQw)`vbvsHRSAwu^uEe2RWdKx9{ihRx zCZCUb=NoOPVMT&_BP&Dnmp%lmxu#Tw?bWK)G8@)Q9teNIX46g))UNIFo;zRHN}Fn& z&eYx=W>Khl;9~~eG3J1S^d8I1Y(6_(=sRzHd6|CQTIOGo3S}xRz8_r$?kqHwM64nH zepPb6b}T?bG$RIhx=}5Z@yGoUK{HqnyRE_oU9AHThrs#`S%st-RrI%?s%pG1JJ6N+ z^G9>yQmDMa*v;eGm`%Bl2`?H-(W5}U4nyN5uD`NUyD#5S)9ymoVD47m|zO zW*fRy7YAq_5v+0Z$Invbkb}CsnkO?c7v<1N`3rwu4Yb7(M@oobDS^tc4yOy((DIdV ziz@bbBf0w7Q9BgzVBXVGT?Mek;Z+cJM+nZ$VdpRh>1eBZ&<6ar>F9;}$NIh@ze3}* zUj9a&Mt69@QjZbm=kR`YcGHKz_$oQYzssMSVR;u&5o(5wZBWpieMmW*t}Z>x_Bvs# zSvpg?apEI-aPLwUF|dut4Qy=-vzqFnD+Xc$`u%OO@hsn)dz~|f|{w}cUV_5Ussy<>&N6|!1&M?2A`lov*$``|M#v zXHQJVo^{s7TXaSg&%`m+>p-;9?84@5iTugF)_8P%k&!dA8Je8(Ww9oHW;5<-L#ivh zPB|?BM-Afxqyo;>Wo9F@$!5;RPqEPxvNheO!JIU!i zu9NWzsWGvgx{>Z#2*AW(Mm12&8?BPN@hkQ z#ETYP731k07?J@}rPVPYxh4^SW1E=ksJstetve<59RdVI2NFW^+i1Q?h9T>VlQ{dP zw&Tc=R&M|J;ojvuKV^7D$p^ZOtQ3v)1fgT!<9sTmtT<29AG^Aw7H%%^g`(Es71FuO zkmqnz6CVYIAWRwYlts#~mK5QcjhhQA9ttj5p5mjEy-0UfH`e`I|E+0Hg9H`e`q&_( z2cR^g(++g^GIv{$7$Uarl~b@_;<$h#tbt?I&pG{gu{Iy}&75`=z;{{gB$x5y{JPF=2XXEDsGna(Q@DLPCG8A^$Y_LXVbc6#s%BK} z#S_2P%b>ev)Yw2%KQ}ddr$~F)Fi+rtVyylA?v4L6FDdaW+M zf)}IouTP>=ug>60g~?<6RlPFXD7Rxm`h?YU8p=gq&mL1%K`N$e?$qQ3!2&iI*o8GZ z-PFkq6c;NHsOOcGL*8Yy1&6N z4NVqRv!U(blkVpNq=*4Sh&TkB!^};vxhTgyI&^SZpg^Z%Anzv8%O~Dz6w(IS zO|mzB*dX;j$R}~9$Q$vEztsH*kq@&?-kIn<-a)07yrL%SnZVY_`<@ zv9<`4>uMmU7L#ROUQFDl9Ot!BtL}uhH~e;v>JjFYWY3~T?oFPHW>0N$N>Uzi$sST1 z-KS6NA!w|6(;I{7rcdc@9FRX&HD-hYB!>FDmi1BoIs++Y;S7#&fJZjL=i@TG;{q;q z^YY`VX+-Aa(1~OcS+s#Ho(}6@nljk5_XW+(UDMy)qjnW8oEjfIHnyFHe!K$Zoa*+X zWTUOtGFedMF6cSPBdY~AUo6*nvNTLjB?=;q4vTmA@2lodw1_YtANJnr_SKXHKG=ps|%C0 zyA3v`thm~9cx+T;m%8EcFzfU0rkPKHN=pyNpedzdZZOT$YrDXolh!pbtOdDDHFEJJ?LT%QlLr z$E_6RXT6J8qg0RW)%dLm0bqG@<)yuPeia~Pww4~;6gqhVd+4)|2n z)D0Vw8i_#}8p`C!)aD`4aSKXnfGyoJ%57XY?fm43C58l4Xom86n5cPb3dq$U`13VI z?{7gtBK7SV6gNVB6R1Sl4*`I9&!p+#s4l#|T2%N|Tq5gXdJwG` zfQd;H4EIN+s9q+kZOO9BW-pyo2{HZ+;eA_tb{@@Z;7nBq@LTg#w9b7S&Y*qo3piZP z)&c#F!#^lW;18$YE#ofNZ(Cn@@Nl^PYo?9cXLWy$@9(ar>&C8TLgufS;yVLwRoU~* zlC+imw+3GqUf8Vn%henG@ctm6s4376j^AsT|AU&E&kTOp&*IO7b(Rux)GF+bESHED z2_*`Ub(HQGJp^_|*M0k%vH{DRWGQ1qV`sqad~quVE7L{|D3}^OU0w_`9BxC@4Z9Il zMd2Z*xTN*QAARAoSQQ1N)@7kYtn3x;ex|+Lhg>YA}~bf3S?gmT8S99%S#-tJKIvnI|kjuG1*UFp0#R^%0Fp~CsI8!OHB zlLf6yEeu@?!Da0UWAT0<&P)q|O{ud3Eep;Il^DXiP+p*kPHu}!Ol#GJ| z%`2lx^PM1A*Npd4#7iAB!^3u!3)>u ze?m0dYW&_VLiK3-%yJqY@hHxTbYC^@4r-%%B2GMo1+|Qh3PUM|6bUuWf_VUOX1=4z z42fT@e@W=kk-`qZ=e?G^q0u|hAK5-min2y}KR9i97N&D0YrZ=snfotZ~_bF-YDRO1ix zkrP)+lcVx3m>CIp{L9iuVngY#w`;>HU7ps@39>S1TC4ydDR@+XG6 zCc{US4Gs*pHz~fC0AsNnN2Q^Idr1mqy1UqP7_`$MpmMZ*J+I4cq9#-c*}i^xf&)|IHzN!*$>6 zk`(~{|3a$RfRumyLp%M9c0vBX04bdB@9)_E4gCG{^Z)RF%|QR4PEg+CY5y0W_Wf}n zZR&q_`}f9fRNn6)DgV&l1o?l4M78M-_kT#W|2(Sl$2XhS2}E#5`u~ho>{}W`p{_#_6>&`nquHL^}n&-oRc2-V7 zQ8A~a1X8ojQAk^xptrB@=54FZt7clp4eV$d`QzPPyCK=;b)UgqsH^WP?fRIhrujnd zVK3~+=DLIX7zxKmTWqBBnb;J2l5YtwaO-bs7xFUfa?Pct!f&U(jXr!~y0ay6uP=Hm z+S*E#?@;&S@YaCUaj+c+)1G|=b< zo-B*q<5JJDG@1pK?vxv3nw~4OfIj|hdRkua|<9m(A^V4D!0h_9Q8?LOhVD6MdhIP#jNaI&g z@;aR;Rl)RKrU)WWJrhfnyK;8LdThk#AvS{0;vFDEYG-Rj-CABBC@_ZN4I zA*V@q%njei=K7Kqhhfi`kWF8MD-0K#C1>_<_2<cy z8LNjS1MuEFKG_K08xz(D#L&-%I>Cow28=~qpSr*!?FO~%&;@sY{nwlzN3gyE&LP-? zbb@%lbn5Cm%JRC*x0kq=#56hxpS+s}_5)`)sK?}qmD+TFCD2UJ~4S|c8%rQP^# zXa3Z9@9`b18oj=B%i4~Nf!A}Ek!HqO^9!BJMT$BkRq+5LqGW-yk@fO+>JvNXupia? zBy-${5_js_k##;T8A5P%W7?$C2=gmS*~hD=lUey}w-gZVvg}S_EZ68n#K+;Jq8kXo z#TGs3^ycBB95t<24Vb_uH_3;hnPDtnLW`Y^Si70ds|oh7#|eZ#1+B310+GGbw;SSy z=MLuye6X765i*U$|1aDX;-3YJkqk(_xMDF87gNP$4aI6(L?Vs=lj+{`p(W(AgQ0rr z;rT`c7wDnsM}){V>Pb~@#k;z@rdi-6i*48O9PqI{?kmhG)${MCQ%;1B*N2~&Lz*Ck z+D?7L%_QMi?%=*bL9$TKJ45(FY8Mv47_2ZJuA1;06CT@SnD^W}TkcSARM^`KS32R) zmwtHMu6v&%gWIIL=CAK&FQF!H+z1=?CAqikj zFwMXpuj?R5(Ue$wkpKRps7D7B~vm*PWysQ0d;MHwD zU6&RPcDa)Q-o?dA$83c){*sp5)1!CL7iNL2{Yvt?dAwtt^XWVv% zwfZ%=q{riT5&S&lkSQqU%j+*&@uY`;gjGjC(=F5u>Om=&7mhvkVeF!B>K=^Q-}UYD zG2bxsltgL1OH7hOdv7l$rHB(s>Q@73uZ6DhcS(C#Rj^gaRB_(TtL z8t?36^M0*MmaSIdqW@{48B>cAc!SHy-1soT(Y4r{W+6?IwqT*L<1|8DuZnNKbwmNG zx7(FljhWbzh#6G-8{uKFP(kVbc*p1HNx8mCT4$1B?UB(Li8;PXH=j_! zFS>N8-+$_}G{)6|)%5o*UH*-*+oOH$=NQ1_HTu`9i2ddIN(lCt(E$y3!o~fYo^J!j zrqiAwjf?u5L*Gu|W$^EQC^WraRht;7Jg9wLJbtw_pwGtAh_A4c{5;qaurJ9?7@|q~ zuKD?{5=m5thqpawt3vzhG|uLyUOB9YIO8n6`Kws{++R|;-0Eb{M$3ZFa7I|g72RpL zoimneR(z*Yn-G!CIIs<4HqD0;uFRMO2yPpn2!#N~;(*XdBB%PM`(Nc$XVymC->gwnR}- z8Nf-W_|;DmG%Cm;p@RtXaQ@8Qj}p0zuEIP9zX&i*sOa2g3g_wFj#8|VRbGT8v0Csq zr5%Szst6M_l4Y=7%!o=fHyCjy(Vf}&N5J)c-u=PgH)7A2MbVf@AG0b^gtI&>uiZ?D zRbHH=gBto(Pn^{yZp|g(@j@#cG^dtVh)EO4tSR14z{69(bz?qX+Swn8Gd7P`+6$3XeeDlH=4a2dLrX1jp-=323q!wfow88DByj5D)Sj4i}Baym!XD;MF6Nv z-pjtD`NuZM!;)`cUD3?|deJWiT#E*Nw=v$r^WVB>T@u#2=D;`X0n$9EFB;N`V2`}E zpJuT;NDK}Twgq}v&!DF{OW;J;nFRL*hgMkDtU&%;+?HsWQBu1WwQwPe*MjCHNEMWe zR#CcVpLxCNP!blHXaj-E#=5fB#giq(wy&kW%p`?00*Chu{29^x-|xbzg=G>-kV^WC zcw<$$*g6Y=%n)yv`Tp9nVz3?eB?Ey%A&rl%L^iTN{n0eZS#oVn2XbJ;h8g?IO$n15 zOp~0w8kC5cY&a4t)PJcMC*j(vgi|ko2IIzoF&fHOYfGq6BQZIJEOOrwj$<)F2c2S9 zd#!2Bv#{5{B_`~+#_LNpJ-8q$(Ma^=0<9tq$ptXiURspY_z>jl)%bAG4Z+@f>V$Q8 zV%6SB%+!U!no4|!4}_vJK#KK)p(pYOz9pYv<5*Fgj?rhV(&RW+I0T{Sk*i|SC}I!q zHu24hh$T2IJ`$}jTs#c5iN4OEmya2hLsnipM&7mP=~P=!M`bm=IjvIQBNLzy47mOV}|!+)a0il58f6kB*ISg0Oi3@tOqFK|pk z=V+oI74hTs?=(b|)wn*Gnp1CvwD9XtM0yctqCXVUFvHC{7{Z`gusespYolrfftV~Qh|tu73T{>>dx`8%=-N_F)uWGXv zq9!CvMutG^YB`M$uM+nk%}a`24~l7ou;2W=!Vc&dU2^^Dz( z5L%fDvaKOb?5&=*tIn_rH@G~vE}4EnoPQ5XT$%Efj*Ut%^kbu5BR+4pp2_k_3I#Bt8~tHJf$jkv%Uld`Eaqj>+wg_6BDoCvM-@7-?u4OATe)UgA%`!GSqnak_ZaSf0n*29hmh z2%Jw0;T3@Hob8)<%kUX48P%9f^9{}Ene9GmV$WHk8^T?+@y;caDG(l1E9B57UH)ff z|7yF_^(OcbXc_0;{xSMAQbps_N3dHmT481xKjDL$#b(>G7VYf`!!praNJ33d?BxYYDQ>5ug#f=t`&5-*2AwIQ(hEcq zo!i=F3>6+&BdQ_9NGNN30Ife=!DN4UzoQKv5{UbawFwRcq`Wg zh30Tq#Ho|-<|OTkLd#sZmuFWxDW0K(`$Y3fthx$EWVYr>-Tp)lLvga~k;ezMtwD0N)cL%M=~z5hwHP&zK;nTEDi7pPdA#$ zGsFcFAzdz)*C{)xebCnB<++pdevA5}=OA5|3=8k0d-BIOpr%o4Hut?9VU zg~5mu(VOX^rPNrDifg#RsU4{`Wy1;#6;H*t-;98h6lhrRyBjOvVR6?8FOt+x{fc}U zTb;^#M80hxr!06uRSb6C(Qw-MjL9UXCngSA9_Wd_2RANdC14{3bviK5vssS<(d6j; ziY4Pprdl;;xPe@xQx9+`Q_@+;!UxnJMH2Xq&bF!*wr0u ze%BEkb}u5f%9hG`f0(R)wN{6+Qo?|d)EGv|oa?JW5&<0>6P*e>cY<%O(eL-*-k^P9 zSR(C+CsbG135pY}ZUMT{g+>6_{J{?e+jV@#D=YkY#SSEizq7-LsQu<#7qu@aA_Bc= z5rR9G+9p` zczpdYdHrA(4MfLR49U6xnz12)@+f%yV&`=5y-4Dzb6=hQ#aHIKYp}WzZhI9n1A{+8aM*&WDn!zhi1eO1>QQ{wxO0h~ANFRqW95)=X)qWB2D!T!08cE07Y zX~P@_%L)-8eed2nWiel>c!wk8nzuE3j#!+tf09)d{6>g9N*3wOUx~0w{L>0b5x`s# zhAYyeVt$gudlDWN&aOtqP9buqbk~4p0QjBluB(852M1q9%%ZLcs)b_n(D8A|8z@b6 zBVZXxj*%3w!D9+#5yn~@^#IaYf-g*R6u>`z?Y{G@+!c6GPvYV52kxr2>5Ino0qvplAMb13?;j+%pOXM z=H$d$e5Ly6^y@9Bz16e@u_gMlm5&dkqrNT*yZqtYBsegnEj<$S6Ndfx&U?Vah^kFJ zLO8kN-C2{*lBWQ!q5_Ld_dUHuNWbfZd)pCj@%V{bQ$5~&m?RD zlE?+t(R>E^M4`u9!BoE{>R6G~5k4=5nKw@tF0(O>VJH1jQULb;R}c47J|^I@XC%4S z5T5i*$kRvAvSK6X2zW3SO8V7RkbXj4#Cn`#d+-z3ALtRSNQm9n1J%}^tm{%lAa=&N z9gSs5WPb)&6>qOFE39RUdvV982$Q_QAph6p{^thEGVFnpgr7xt|bP=N1RKG&muw z!<;xHK;^6HVsFPB>0>;zcC}n)yu}krR+v3 zys6lpN$oL)z=bpO`iW>|ePqe>4a!$)TI&eb$~7)qp%qt9vSkU%qmjpl4N9>F&7@?j zyvng)O)F_+n{rEPnvYl#Ggu(nxdRQaaoJbPV49GH3Vdf}1mf|^r*h*fI08Q_!NgSD zG*LIoRW zUk1;|AKVaGX%bcGf0o^jiARYQ&E2B~k5^*K&+w5CE;`!QPOOT+A#3y=sonfH_ECG> z;SAz!<{lzhag7^#rK(i!c@)ud2JbP zGY_z7?qivhT**n|qV*G4P(Yo-Mn)r%Anbd1wPaB(XrcfDeLD*|0~LOFW{aXuM&x^J z`El{!J0_n2ZMMF`Bw3dI(v2s45813f8$Ybf?t2@+PW0ZyVidBh=YmNNjX2qH&O zT*$3#L~Hn+Ku>y7BF$^#L1fWQ(>3dTEeGndNm zqE$2{qTH-8$li%f)PWe!1)`Iqm8^6{4CLKe@gHFdXYb^?7zs2hXR95Z$q*?!RU|Jb z(e&!XTsZUwf3(-mKP^-IZRp6gqy-4k-V!65mjs? zDlaVQLdw{p-^M9je+oTfD;>GGd;G(Bd={j#_{u~?%f9olHBx^Nw=1e(YvJZB6`?K#Hx?<;Ie zlxWYQ)0QO*^*OwPAx^$RRTGDF z$x&76LTU?+uKv$@mdx1sOdM{`u0No3v0*}9uJW>e(D~*{RzzbD>?>lIV)BA>Wliw* z0KoMPY=ABOx#h^n<||0y7{% zcW0QgLipxgbf|$hJ9+|I4Ll}=`W6d|vD$#$Jaz6SwT>vM)kB5Z3@y>3q}HaO1SP?r ztyL@Lm-nJmG&Iy7_Bt6;UY9?(+|~*+tuYqltB;JA(J-@8(mRfhkL**l(2K%T*3W#8 zKX$kK^^~#y>CIgrZeQ4eRO*1}w-SrJz%u&zMJL}uy1xV6bQf1A-q)hJ8F0%6ZxeW_ z=^F=lX_NQjL;P|z6wYl!K1n|6EXz|~%C(($;wHlAIWBz=CfNqzZ&vU!H_VF6F))hazD<+4LJJr^Qt&nCCHmW&B&yk^e8WLFE{&6BB=bHSg9Oe5mRi_lsSIXm6QEfaf z88$dOJU@jZtNE34pS$X>`1OgPlmUkhpyC}qzWHt<)e)7zVgv-d%H`+l6OUq0HA^2` z!sg-~629Tu)Tmu_n)m$D6=$Qk}im6t5UYgXfPm9bA0wqwct={#J5tI zKt95 zGE>`SuC@ne+EI|K+l`x@`@OP(0ecbW17N9K=AsIi&@o8T_~c;`1s0#Jy7xdgJ@-30 zA2Y1}CT0FI&Wwo`%ii@oWYCE^AL~I3Dm>}w_QuKK49);M+(m;z0>0@4SPaf&t*~V< zFQG&1`pzA*a%l-f=bEt5p7#LJe9-Wk`slS9l3awkukl-5la8Mqgu3%Pn8_HYbG112 zJjlO>mrMSdgI2NsO4q|vYwX!H7B{?`F4b>3LARN!M&NYv71{vFf|0sz{`<-A^e~gFtzm*@iy{zcHoYK@Dh=Y;|KHoUE6VY zdJw+O5?zWHWhH$MVCTKM*3N zn9QHaorMc~4Hm*6)3EB4p=v7rN20RUaGk-DV*He5AbR#lu zfW-FunTYfVia{SmaqiK<^Pk)JQ-q+Ec>x3bhgM@7#{VIh+{Yg6{PU(n<`H%?hP47R8}*$2{mgTEW)e2OE4UX3a` zmSFZcF5KB@k-n$G!bS+t30XLhR5IfG24UAQQYD&a2F~61lz*4poOoEEyV{M-pfZ0% zG30Na2kR_e(EeH9VbOxK6G*L3lSg(U~b|#~y$d!bItT6uO!6lV?I~$09>!<{%4<`)wHP z4|Z^(b+jv`hO)-(UWziZ&z8${bGmS7Syb#n`oWkN_1}!d+vS;!s4fCG71Zv$im;T#^Te24e#G zlqcBE>lv|8EE=MG&=xE;>~34?2Zv_fx2UJx ze`yK(Q`d`x#_V!!WUMRCWHesJfaOq{xi&qmZqN8B1oU>*(=!_%*KLX07FZ>w7A_5M z^q1z>;tXaQ!}(djs%G1h%y!}7FL!6MFR^)4X@z#(rdjcYR_H&|_7{AN(Y1Q;Fl~4B zmemHG<OEg7$!W}A7{bgR<%X+p z@@016X+;qYyhHoNZM=sbf1J>lFri<9vWirT`QSl6!wLHW#hL9tjK@%Hh$X^or`0hW z@mdpSUPQ1#_79lkY>rpzj`&AQ^YPc> zd}w0zzOBa|FGcRjVR}+uv@p;4_L4uriIVLBXCVtDx zzpsBP;`Fim&X#ZIa$@J(^DBiTM)YazK(pNR>#&s+mMySxg$?XWgt(Go$XEiGsqB|0 z(BRx^dy6XjG~PI`sUurxDfn8zbgWfbUeKetfnZ)9Xo2OcxOik%8{=TWc&Uk3roa8S zk%Qh>7m7G5)#9=Hwg}HrceP!6fHiHBt>{m)24JL$+v2<$n-!|XzYcS$r0sDC0+pO# z`hQx1Igw%Lg)kY)|A@1iZP~f3xSM%AMo+bNb=B(ei!Vfu*$@@|)X5>@c8-}XhWlOx zMjh9qic;OqOq?zx;Cq3<7uM(Np9$7o(<;f6aW0FR6RYi5#bMGO#?(!}u_B z+jt2A*@jZm8;HKG@6rjRN>r6X_G8yC=v$6YfE=Jt8=>Yn?&&ANni4cS5Z-+Sw;NADe*(pZ|UuzA|<130U1{2X0|2zsEp0W;t`a}bWFgq+A?hD z^r;tN|5#1BP~0oL!Syw6Joo+wt=eV{`KLP`*Eh*If!Hhu5zV7_VZt0eRj!_8-2iGxUiZfwU}cXBq63e4 z0*?&jC8%dhm$|LILsEu0qdl`)MGeE926HnGr?;b3bw`d4Oo3nNdJWEwgUZmlZU5k^=HtJjfT9;P~j5A zu?iImCri3TQo;BsB$?oKoM~-|a`ZwYZw7x(I<REFi2r>M+(=+3ut*0 zyj_9J?n(}$NUosoEBr6S>|adSb(&x{L>AM*^egHk+r1?slrWz6da4HTGBiP*B zV$P@~L{Y^p3w19>EfCXpGqK!&O`%L77Bf!Z>@PCFKDVgDV#-RxcVyqH{q=)#+@O`| zLi_Df@!$H&#A%@fEjZf&B4H| zA_Y>Ym0-EV!|@$bd?daauaO#ZTMuaZD2_x~?WcJ~Cbl$Nv)VAolxa!7pwsEBv)>y0~C4yZ=T`<9+l--;I`cls)BA8ws zT8TheMMJA0>eXu6&^&0X0XNF?iQyn*9zfN2GtndmbCX>~m9s%p(yuV(Ww{k;s&aFu^FsXjIy7$p0HKGiq#22@3UR*ZmpGMA+VeyEeee_R4ivVii6<@l72?n&! zPsqJf*!sGCXfq53&`(8AAiuz{v6_RSGK3apM0Gpp9Tf4k;ie?L&e>64J6b-`N#wbs zBjmMTSX%M7;j*0sDQJ;*_kO;&Q))@!;w;V69uYKRnA$?OH{bR4iTaJF0W6ZbiX(Hj zfG3ny+Hcp@WeWcAFr%&}Ecqn`s^=&SCN&l1_sgBUfU~-zW!m)hf4jVO@N(bGw}>iVftQhi|WY#U$QmQjtzU@^Kw2~l%%v>Q~ClLK+-HKUMrEu7=S@s5-{SnCnHv0t_}`djD?xXN6S}CUC_FBulcDYrpAORrKJ8xQ)y+*N zH`{y1a3WS2U@-H&@1E~-a6QGZt;WFU0Jf+p$&5QLBPHbG9y99$@On&q!WH-Kw1-lW z*t6k4w0#-@&Yv*7|Ah=H1lr$*FVJ1>8H)f41`iU6MnbSWh5WM)NziMl(|SJBJC!1} z1_#+=*;mw4rKJPs0>2BcV8xKql{v%U=Jv**qDMHuW&6B_xVJ{}*{N?lApM zXgR$V3MlH^ZcTcv-Q1J#^(Nt%1*vw;In6*Y=x1 z?A{nnCNHbKCa*lT%=U}Vj9qF!Nz-P z6n^()uOC8497e;PEwP$(W)}^XT~H_O@zpNTrIPavj8qojkGchw|Ji4~vJHM)!GX^r z;xYIaxUr)C14n<6X|NL&g9_N~?UJ*F64&kT8uDUOUOfjmRSgNL8F(k?A`!yK6?<|? z^|1a1bsYfuEGT?HXg{mv2kppYD$;3b%qP069S#aT3aUv=Zz&1Y!o_tKJ?PZ<-;gI3 zQfPLSIpMQ2M;$(QKmfR2OFl(ZRyzM2bsL9B)?dPu`q$HZ2>%-9o{{GSdX;0WrR_YU zwHdRVJYuF63avMg!^*rE;b+Qt)_T1W1(PEFIOj+ykAVFObip~K573jzV~Hmer++Ud z)x6%wR?xhb`>`=+PMa+$ z#vcNmDKcf~t8-ZC<$&-z(p1ALiYa1RORUS<)ZIg_pl~mgE|*h^@niz4V3I`+D!M9rR89o)k zMS5GncY7Yfi~5h)(Bgf=^M|i<&y{7>&)%8mCEtk~M1ED@rS{MTs=slhrnB3G87X5b z9Ps|_1Sm=n!5)Mlc!{$4W-U}^QRdk+W8Cy^eTc_rw}^=(3-A35?N3J-sp;&vAu9{? z5k(m6Li8T8WF6u0=jP=es_*;=pAajn$15ZY4dmq~JKoE}FU_p~Gn3zK5w@|9*L@q; z1q`t(D=V#S8I63PKuu!A+QxhPdV5=^O7>6yqvZZ;@dU^4sClUrQ?IZ?;aijaqRQa* zjf=WhJUqeV$+L6 zC%Z34T<&g=&foW=t4|=Q>feS%=*@%)Ugwjvhje7MK3^5sT6nyVTjZ@jyG52=X0c~t z;`&1@TV2oBRJ}`?bTx_ye>#VX)+X^z+Osu#V4t?*4<3&tkXM@K;-n*7JA)K%a3&iV z%{e%RKA^!VL_{)y-)uhmVPFH`<=ua+dX=E9v3kH5SST3vZs1GckyB{1>=B8loZvCgO27JiW;DA z2CJ=$)El+z-?<7SgZK=ai;Y2%TzzTg$+14GmJ~au?*o7drcHje_bxs#yxBeuQWj_3?cN6!4URTfey$#;&NGh+co8wQOJ{K4=b&YPD^MihLmfS5UVSubn4m`grq##2ZbQ>*?JDMPDO z@TWg5_zwd?49A-k$;TV`c;R18^#WHcXgg7FeFYt8ZMR*#HUZ>ABm!kc%B!?}cD;Ma zfI(#R&Q}mOI1jLilpm6}7y;g%K{5-A@bFxp5P^@_1jc8abgX%M?ObCQIF4O+gpqm> zcv;-gPMpjLkaUAVSH}nq&R}53MIGy#fpbBRyUd6iC4$G;fUU674ufRtE0|~(o2ZOA zguk=8o<0HwTf2l?ygdqqTJoVxf@S!4rMyRwxT{i0I!`7}Alv}pk4eRx=WF!mp-!LR z3>GBZ2k>h^jOA4}=JQ1};Q1Y&Gy01UQY+l!9$hRB<@3&XAle1YeaqBpNd0!9{f}`` z);6iR$lk7SeH>rx|Hs!kMn~4D+q#pEZL?zAwr$%^$F^)?`UfBGt7NBM&qu|737 z7bGeNPb%jUBR{1Pej7PHv$7(6YkoE6pJU%Jlhd%0lV4eWUU?YQKTBf{`Aoxb$JBA1 z77<$>vy=^eWMdbK2+O+qgLgEOP9#^~(Uzi*d%~ulJBcl{FhBj4v6{%hgv(bd{Vn5P zGxQ}02>VUvg;$TxW0hSZ{PiH($IbkSLVM``;EG}>>q}#5 zz&vxs8S0VK>1WoP+xW7y{Mmm##z$qIzT8$Tc#;1;HIM%6uPTlnX}bwK6a>EEa66OA z?n8lKbZIGSqJfHfURAQ|P+V1M6JP~`G z2O7!O`<|2=JEs;cDSSSd?vVd-=I@A!`5|B7cR@}-_crO{zABZ zm&Kvo65#9oj4wsRIsw(bKxqstR*!uc0rJq5l5b& z*2#L|fV@|UA;|PhLzRYO#(CYvgD3iNabX?Lq*A|qf*5ie#)#|5+%_K;8rAw5#{Yt^@GP016hE&IgCNd!=NQ0Nz2$I%ow7`_kc}i`@Mt@ou*Y-`wkgj+ z4D|NzhpK;W(7mKzBhPwJ$uUrOcXts(R{*c~K`~*JMLHjJ5A8C=@8*so1vi7W4H374 zIn1PsvBCUlD0)Y0YEj97xmf|zG+g#pEAV(*JMOL%wrc>dJ3%1n=;(Nw6QcFrtU_eA zaQpf@{_x(6XL!((k<{-{6oDj~lq%e)JuT;K>yw#~D~rd&w2lFR-bJc8N%#`Td)D9P zSfymgKMQYm;<}#p#^1^9d1VSC2|(0W>c-1zXNN6Bo6FU+nNb(k8}Q*;9>t8ci7|)l z|F`n*oku{g8cUmm*B2a|m*b00B$F$smRZOf1FSmR*i<8IAu}O!WIq^@$*SNDsFhCT zH%xzXgE7%Gp4(tlrEplel3mzMkj?NLd7?Y*YijJ&cvpLs7ZtI3?asOH-24)<&VJ@K zJ>XD6M}khaTo$N`v+ENy^k4Gd{h6GRa8H+1c8f(7Ki~Dv-BqrHYhO}Y`5ZNf5HzLS zdR*p-Z(vO}yV&5)K^~HU$s5ZalE{ER{-k1zW*{yQLFR%Z>N&t}RMeRE5_;TW2D4X- z0j$Y{kd4*d`+|MGm4TS4YtXUG4+##>TITo*VDat#&+=+}CJ6iJKa+W47MS@iPENvt zg21=tkrvUSMl(KC$&!DqJRB=JiZewpRRU2NR*ByL9S_1drtbDJ|Ly`9pYrnWO89df zY8L6TB)jFdvW@Bqf7Ms=>z#goP@SBN&oAOlXeF^Jn7MNc0z;yCb$GnC$sPiYXNbIm z0UsQ^xuWF&WvkIMkLyv@H{=gR`PuciC?~tYn>}ij$5?@r6>x^m1LCpUZ81z>1fg+= zjAGZ@{;V>x_{;`yu4d(ML5k1e!hX=nj;!d@**<}yF|gn+3;om|X7>ygwZStTqFbT6 zW&IK_zWPPw8qnB5t%APR@Xa_#plvZ(5!=#$I~+$@U8U;{7>LRY>r|o{(UaXs(Ezmg z-I)JK317eZUK)`+HTa_Rq4;T<*!rWa=gg0^p2Mc|;h1KhsK;7*mqu>0ECo2DV@I6v zLL9QZ@^T9Qy-n5S4p+MoJ`N($=EK}`*M{M#7&xamiiqzvZuAiYssoh8fw{q}459l}S%P#eX0($oj^s2!I`lR@W&e*N_bV2~(cb75R{ zCaACkzlT+7m7sY}Q#jpY|g8To~Lw{xx;mg9CaW$=x4U&FtJKH#awz4s9}>AkI;_S&GnlzEKOh6tKN$ALHfi|% z5UoqzSr@Gv&NA5;80fOT%On}|Sxxb`9`er-Gi_0KbX?Zk{U#hX5+f6xF@cBXu&ydR zQAHzaBTXN#w|$OZ0^NSV^oFvQRMpDf?#e43?UB)1Xg)MP=*f2o@XVkySVGx35q5ev5NQ`#%qTz3z_xpSa|| zw;;TI`+J_>{U#dzuS0+Jmw&(QKk3OG@UKUyEBtT9IiO-YUsb`8_oq|#F3lfOqZ0lN zl(1{~J$ZcVNak~;Ldl9Z4K$x}-8=12(ylo%j8xgmS_1FO9H2BUWk@ZWIh%%%500W4 zqR`c(*}oCLN5jn&X`IPvT1Pt#-8W{Qn2|oO(xgW7drQGej#>6To-`lB94=cR2u)`@ zRct@7YyDA@yKBi+gRWmL$pe6KbG>ji2MU67i^8d~;r0-P1oe9Vc7912-ol6H&`U zB{D6@(+?g>karAs z7d=Y6{o#MUi|@`kWMVtuV!entAClzBAJ@JF--yUR2@9`6b9YJyW_+sn$!=mBQ4>_T z!8$6UUw)UB z@U};_5sKXb8k~g`(+i6a6F;j~(7X{mFCuJM$o;U4c3Q|r8$*}QmRW)#hw?2~Alm~r z`N}c1_U!h_e{B@i62)3wD#PyaP&62&Jp2AQ*1+|YfgaS<*%n}kG#^**)V{!KQ5Mgf z>9X!F!s*yj|A8MKSQ>T9kJ13}q)}GPDG5x==yxioo{}Go16wqV8-0;GxEBr^)5Ucm z5e1MIs}onRK~<%71EbPZlheH5z+McwG)i!m`*`aBJ%pf8lT5O`2B4;=MT2pa|Af<0 z6NdVjs=zQ#WpT0*?PB2beAil*4{5sP5lA~wWfqkB-lSKFByI|9N;ioH_G6K`7kNF9 zK1^CTJ)d523GHC%v7zYobyV}inM5o4dAP{w)4D+Mm|B8g`H1mJBdMB7y=Clpc;rqs zIeWZq@#}i@u0(w27&+?yEfMx3@mZYqi%bOYF<#qeZ=-;M!5a3e#1hqKKl4*{)ViRxqSDiAVw zqcazYq)G@Enxdyv7%Qcoic_JCR?DO7z|NWU^B;jo8J)BwBPA-q;CyrCd{jD75FZc` z`Ti~Wehyt+;iq(jI4fd$0%y2MJX(syrb@h(LIH(90keG=@t)CTh%+s;g04z% zK&lra{!MOxL|}I{qy{Er*pxyZzfKU#?sFQ|PJx)i9&(sCyWax$ZLSwyxn=KSf}4`) z)c4Dh8pvWdKAL!l0I2!!ERkx}G`Lyg1SBmMe0AGDITiW`D$XRk^`qc2U zN~?i-c@nRrL`3QDc>xtyMV3r9Zcu=78s+)az3eRNTQ;-}(;Sq_!6I0dc_N7+Cu1q= zJJI#>kTAwGy7+J{1wmm|;?^m!HpTql@AKwlgKCEP?I`Y}iE#*sVfPVeCv?h0Eaj>M zjkq#m@lCXNSUv1z(5(GDRCtk0X%?bv7g<=LZP1qSo$d@Fx~yZBqu!W_g^6YGWeS?L z2<6OS;S#0Y5~SFXW`n!4S&GVPsDx2pE6_(-=0T`By=E(PL;LN%$kOojZo8K;$vGNx z?^?|xwD%CM%!r&$sE~|e4@-4z^$!`emtb^xch&-D9p*P(x{@>+@!X48&{uB-e!V)! z0>2Y|zJsOFY(bgec;6GRn%zxP}VUA7s3OT?N=;PfpJ5T#zXpJ9w<-3RPB)^~r{g`iqBTol zjXpG9X&zaq68Ja_f8DqK#I7B1Dql_vOa-0`ZNQ&!b`KAGKJHxq*$eEh`)zbS%4hv* zuqrba2}885d|5P+aUASU?XKHOH`5U9%2~uL4qA`;7$_wrm1g?5&EQ z7_C9g7<$eWoWS-|9RQS$RE{r6oOxOzzNA+d3~6w(rUh=4&~-XpCRd_bO*G@!tXW0 zzT3|EYBCo>M({*uY5lfOd{ClDfV~>mkZEQ_$XyOQJvE9lveF*b5ijR`z}yf?-+E?8 zmP_{WT?89n=%XDJB3&h-r)+UVS~rkzN@p?tT%xV+mS+Mo!*7PfSA-Ilob~)OgfpGp z9zl^_E2?aArPZ1=pk(S-<^5{0g#3x?_7o`Wdfh>KIYw37VN;&I4Ol>;RGqOY0;zO% z?A(I=ft@_|`KYrR=gx1DKO#CLlF0as1cX`SL%YHDdDr9fGs|j_f4{p7@VU`809(2XvaBr&Dc5^|-9 zQ*m3+jsmG<;In$y`s!sR*WimdJP%H%;^l99(TTFZ8z`*8pVhy-f#kKvK?%dbiX-M_ z0@c+eLdb(D$;?|k>gauJI8dIxBtyS@>sfsuMd-%#&E!Mn^$}2i7C_vrmLRWxyVvLE zj}2HxBVc#Nd?Ud@Au1)z0iysVqm`$|e;a-kNh=y1hAh|feGtGc@iibEWGUAhFDF8s%>P8-j?e@U_`0_fzXEK1bmEozjrXrow#$HWvm*mS(1Mj zk0d`b8>{HI6YUlY!Fd*p%s8&F%BNea!jm8ul-!?i3Od@)EtHz)G-)dB^Qu(kWe>uN zY%o$u)W0L(fBg%*Sgp3)=UWHCv9LD{enY@r__t)Ec_c%vfO*615E#x#!Hb^e{Yk;O z^=5j@64Birr92qNz}QdWCxmioRW^M{o$pEvBH~sb%S&DuQeJ?x^p1mm5}7X}H`bqq zq66UwiB|JWdC}$F?oW>)@a=RnO0|l1I-fO1I$d2|5%inz`=XVyzn;p_I z-+tOmH1h?LRDOnZgJQOJTC=2(+id)yL3NWr4ZU7aZ#O}J28UPOeDvl1rs1)u-ALRuInGjf^= z&On?H)=Ujl{`_h}(aCdG*z3K|AjI5tn=5>(CBHdZoUpA8=zDPC8@kV`(>JQuF)^^H zSoMeYI^{~o zG=UA#ABB2*?ESJNUP%!c2^E~dY2+KV^km;eT@_wZ5*YC2gHEM8RQdCEc7&ges9Pz( z@%w{m(QCHrR^RD-DTCX!J`6UiG<&_((R9BJ=a9P%*dsGP^yEz<`}QjGZ|X7TMTG}u zbTm0n&A`OPP=~DpjZ2n8_klr~UpmV~VZ-l`fSKhdU?vKkVG}^ZnDK&6XV}n?DKndL zq2B}*U^tQvpQB=iL=+Y&tZCV@$!0D%V`k3 zjY&*jMune9*UAGS@)!{cjTOMEsO1*Qc&PZgoQk}d3B5`bND3x94_rFGs(@h7UhJ(+ zNxT&-N(D6$;>CX`pWKyy<-{ab+}z>Ng_ue%A%i^3G2!*(Xz4@w6!4~ zinu>1J)K;dxP<2q4*F0Y%D}@J4{-}+SwsxdeC7nI^Ky)ZC6#pfymz5@(=KYAs zN9Pnj!u>UI02h6%?7xOfDD@@|;rwopR-)nX#?F)liuFk$B4>EJV*~IP;)0CEf>US= zACkUElKw#%Rr1h$4jCe1V!{(DxBETiC3DpdQ8j92N|A6@azC!g5HI?s4+xW;RXQF=1>27AQi2Jvl5@YtoezbJ);m9OfJK_2M=v`)Jf|LaZPH|qCP-Abb zSEAhgu<~b-g9DiFBM3piroa;zpTw~Ft7VJzSFo~4A%9^N4dh=#Ms;1DZ5Z&~dhJeeq{wx@KC?1w6=7io-l0C=W6wZg`lGZ%J zWq-xpkk2Dw(Gd+jtdM!BC9k*+R1;cp;NWb1FyraP?bl!(V#g9KK{iM7x_L`qL3$fp zDqBECrF z{(Wi5&PZjGV)}mYE{Hq49|8~`sPl6T$AxV_?%nz6pJxy#eDqX9V%(*UCbBM}n0T7TM{2eCrhB5f+k$o#T5!@@Q9}^T~!*8KFM^ z+(OG(DvI>MWsgki{Wf6D3(O|x`)0XjOxbk+5;wKu6bXl0EltM_@vDmjevo`Mvla08{AWrzvv zN@sZ8mRlHthft+AsBm{eTYDUUhR=-~1^e(v|7I*%y^Rwyv(WGR17P*4`D$&nL5i?- z7&p-G!C)6x={>W?{A*mXzdunB7`KthNK8yb;58b8(e7}W)I>q?Mv> zfH-l5P_cQx?%j`_k;M28V&i>$XzG;ZnrNK;>(Z5XzyYRjzrk$RHWciO{6@iV&k|bR zz`&3eza2iZX7M(nm%hRdFJStcKY7trJf;}*cQMh=ScbPASBv2QwlpGPokYG%LMDF`io<~u1_@gm-dQ;e zQ~W8Ewhe|uRjRJ);2?D0!Q3`U2Ltpyx(Sv|1)>4QTw{>Mpvt<>d>lS77sXjcmgESs z1pm%vZx7fv(?FV;2?)y9nFvifC#uT4FR(Ed6hoN3DXR>`!EoP!15GZaykZ76EjO2eo@J;ymdW$XCB@oO=Q@pl z@PwyEfPw~rxDYS-7LD&ZD~Z(&ix(cK=L^t2C`gE`wGV(c$E(iImQE@W#Ccxx;c5u^ z5u9G2Z0;&H@n*%5!dD{b7piP^NU2O3nowW@%sOPtdXJs5T9HLbMP=d!aD$amo`4eh z<|$1HJX#h){xZ*eVjO-#@tXwakT244WQ$bHq?O9_S!(T8pK^Mv+*&%g2fetTju^x- z6{fTXmkyFtl{B2@u3@d`9U-+Li&QotJQ{)}sScY#>QoS!Qp3UmP+p2HtBg1r9qZ@o zd&3*4CCgG6Ud=Q|y00UYGW4?QlhSHnEO$wkaLV4B<}36nX&tj38^(Y0VfshI^jWfg z;qtfS7962f3HNB$B=^RdnnKuI5XO31Kw|$M;!-Pa;gP&=6r16gbU}nJwj4v_=A(|M zdq%3C-lhb^{ciyinf;OD6fun-Q*Sc96Wh0%k49g*IXFcWF3t356QIcG<6Jw&$lbU; zU5{T$De)~QZ(Qpv?fucJrYi)INOT3oYi|JZZ5Q6R*3hxwS1IPz&N||5SoV>Waa#)W zkxJ}aOUhR7Y4d{jM_2&Fr$-|CMEK~Kf^KXSzqLi?eZe5bBC{V6T3`YY!mX{^#d zlj4J?=LC$tK)JS4{pAcpUX0|qh`S7FN1o`i-WmS5deK9Xk$5a)#%+nDzsG{@>YP0p zhQuAtq!@2@^WlQ%Jn*^|RZC7KFt%15Fo1UH60C2a`N5y7(cjd4;GUeux!9v#Z{F@= zp+Mx5R%0;fh760I#lDv#z3GSdHruRU??uvSdTcLQ=|FpTUw(UmzbBZiy{Nk9T!Rq4 zf?z|ZiXLs8DOwEa4`$xf2{vz{Ax>kCT$)>(Lh`6i>276DP!GPAuSH%Ijmu%Kjy|!+ zf`DhEWTPTm?9;@Y1c@tYtGfYYK_IhHJupN{p>tA_ReGkDJ=)iylN#rJ->lH-Zq+!l zajz!1;6kxg78^%sZ%!o(Zi+LN7tma!eW(SDEu0;#OC*stqf%h1Yw4tR^tqH=Q90&( z-wgB0I9Q!q@l#d2X@@J|)xR2|m-s;?``}c=tk{i*XKQ+xFB<~JnC^JVcU>}GSW2h% zaJ;^IzzvZzXRM>@QgXV;HTN#c*ZzEhm-n{v!+(==VfbO`rB$NX=1aJ7<4Zr3b8K1w zQ0vSv{>UY{Gv{A{vgLKD6TK&dR~Hc~28n{vuSj zvCpH&xAC1pt>+_eX${;NFOZ1TpVklj<8E&+;DUY+IelODrob1JGakm|$871frYqMy z`y05I*@F_X98q(E=#LtgIif)AV^pJasZ#m0mPqDDc)&~MaOz4w3zga^9^tD zH0`~G>Cy8BGcrW?zI3z+0FO-YFc01kx}lv}WLA0YyJ#$Zl33Cyc~nAs*d87qCJ2fx zUfhG^Bh;ZdoleP0!|xN&Bg0VYw$>GC3ze+%Q*pXqIX!TP$|Yi0Na$;iW zZf=jRqoSv;K(8xg)VNP1fmdo>llWOcNfHxu6J>{@sExTXfA;l z(hEyfzG-2mA1-ms;qF#)xTm^xYY!(Mca2!~@6TNAZfR4wtPu7^aAvJM)R#a@Lm~7+ zPDcZ(@k4kUy!h$AmJv!-x#>~WtP-nH7H4nJt;K6_+E!TM7_(W{_I1K~WyysWb zmrfdso?wIW!Dd;I@F=h%Vy zd_me@0rz(`yEZ?8h!$duk5l5}_{Y-@XJx&y1YS2wXw8BqL%=1B9Qc;*Gh^!C_ zkJgC&Mr_~N^zzOp&{wG3;eFkj&CMi%5gS#xg4)h4UT`g}uu4y`4#f=\s*$/g,At={option:[1,""],legend:[1,"
    ","
    "],area:[1,"",""],param:[1,"",""],thead:[1,"
    CU>3uaUPxLnbC$J{C{`uXcS{ahF7aAbr03LjX$ z5&pn+LL&LNZ|;&#vBp(nRGx+h8Qny<2T~h{XRQ%5(>y@znGX*Yj&9Xd^q%F7i#-hJ zi&7H?<^GrP{t{9D4(i^x#J-F5cvI?#;U8q!Tm6?f5Bxugvvllu|H|xbmV**URQ9+7 zb*y97I%iwLEjmu7F~z4b-~R_UHz!2w1cfI%Rof%+w>zC8y^vr2PLPeV{@DJ%c=KxO zJ>k0IxFE)WJdOm>rSPL4nh49l9vNFmZ!^Au<6(62y@z5Gf#(G)2(1>dL0>E$@gnQO z4s&(mxo@Pkre|F7CV9sFsayVoN)lbBKHF9`^um0-Pw0%#wD)zXJ8A~=*yruVs9vQ+ z;4pL}v(aVAH#3si1b}5@jj`0r`&%|C4N`@hMLBxpZ;%>=eWT{Y zNgBts2oyJIFs!xI&A94z)kHXW6$%@lMv0BL6SU;W$Y%?pUNSY8bY%*;dSh5KkF8=t zOpe1#G=g3T7cxY{E?v8)y0aY1c27+ZaKNIqx4o5DDx&T8Q&V7x#Hu)PwvNuTpE>ci zXv^Uc?fmVl!NEAJOA2w+>qT1P#7T+C$%(ch!*YG6wN@0>u`(SMoLs|sf{l3XU7&@| zTZTbzTd_aJ7_qsS7mElz7Fs}wD(tsfk)2^7h1ST9^ORBCb99ad$*G!On#FH)OI z+3mU{Xf{Pm3s#`l5|iOg{OXXG)o)x39(YC7RHBAOk~nE)fcWN0P4TMAQIUx`6ys7d z$-orx1JxGs0Igaolk%OK2nk`)n6=-eoQ?I(ggFfjP~lpGlcna%h;z5Y;*Qyf4Xo(V z()Hb7Rz`+#%`C7Cln%9xhF0mV9`Q*`T*_u-b1sAjdn)Q$>S9y`ZGv})vQ;{iOG2oL zqS!sP5C=}qEA0Tq3O$(maV%lGjtAs|FyAk0brUJLm74frb~o@~V|e7rec6aEbTa*j zqQPGtETH;DC{s#`h=N(gBfe@6ZfklYtfL8$RdZ3T3v+Xp_*|Q6F%c6?cOP_EYLlkz z>7e8)mWrnjp zdxXBePl?Y3pS^d@>$AdJJu$UDnWFD0qpl&8q@aT)9kqt-E4e8psSxiHz8@Gasd&h& z{6j0pPA#eTF?mNq&gM<*nMB2kMz!J@gxJ%&>q z?9Redaz>=RI1x_{-Wsfk<{z)|9&79rT^HIwI(jGW?^n6PS|wo*pAW49wMlv@k6aTG ze14O^DV5P|ge|==0AbfmUY{aQqyvNdqXhuUD@bYx=)QovK61*jfv`6a?v~(PQzxhz zg;uRZ|0wTak?Enpw9JfH2B59lba+_1@db^>{-h1tb58tYaUSZOoc}P;%eod~W8?=R z!e!gFuV33tW!3f&QM-MaeCdq_Bt+q+JnHmOKEV%E#y!EHkD?y==!GIp0p4G9k*vM5 zPlEzFwF)PEk-;BEuOIY)f$6`lmK=haXx?%%fE&)=z}#`LUsWAbil$ymWOIECKlO!| zIx=F|5@UT+4r&+^D2qDJBBn)y#qem!q43%V)O54so0&ax2B~D_+6fmuvlEjfo9wTd z67TCwX)Zp|B%_GYy&;_+%tw>tB7IiS2+~|sFPYr&FLOf|kh8s_fNu(^k3__R!8J@& zH%mCaYfppdR25@4gC3{}a&M4SCJqttVcOy#9+#YJBDE-s;ScKk4`boh175{lDsH%l zS*d}FYjr9dap!64c%uKQ6Z30U2a;lIVD~-maYW_zR!Ht>QLmV~5s@`WbdbN#kyDQK{=gC8>?WmL`qPBagJ zmuH{sIV{zmyvWZ%p2oFUl@Y%oT$gx#%GNsZfs|!!s4-a*k^4*B_}SbDFJ2@ra;2R~ z-Cn8{pjsj05BS9R-g4dox8J2#93H$h;DQGTos?<3?Q3&mlk3umRl);8F48O=YerTz zxE_meP24pn8IbaWJmwh<&}V!`neCN&{07|f?H4>}{b(f4<<6zRIDl@)gY*_mt+iQ| zT78@+Gm+pnH}L}?KK^<+@4o>hE^EUZ-jRPfse0*<{E42+g~M0@?jOqjOYR}G0;d_1 zX>X6E>d!k6a~Qzx&cbULzJ$Pc0;j0f75D`D`K7Rl@^^%!uVV9_IcY@Y%~W!Y`cUhV zo#3+DwctM*%(af#G&Bo4ynxk}GK91em>$`H7CBh1W6AreE;!F^tUyFZ-C4}XfXPTSf z6L|SKs1VdJDC0pf{$Qpj7dG|0f9XuXU!Es$yuI>;lNbW@6BWp7k^FKJ@)}u+G0HOBm$djd&`ij-xia%?3?br#8#cXkwo&L+m8k#T=Faw~GYa=eg)^jHCR z3etb!ACfQpBff6a!j_rw7J0;S^pG*ulaYkLS3bpga?$1O774j zI>4TQ8k_}o(%jB&NK|UemQnwt`$%z!6cN^|ejflz8Lu`U6&bxCI~h$*H})&HUrZ|8 z!)+!Fq7({ppt%OTno20*aY9nNb4B`zrSPX>bf-$}3h|0*8zyO>r9+ipSz)=yljv_c z=u~@r{eJ7S9!e7;Rmaab(#qsi=6PHQ@FU$H#8<;muc8dRVX*%{&3oPAfuLSKJ?T+07-^$TI=sJ%`J z^DoZ{lERuf_&*tpuc9?FH}i{a7%{K<0Qj)5BdkFB*A$h))R39OJP09Zp~T~&>g?;x?q=Dn^O4L-#IK8?)hW={dCGX;^af>YCxh6JJz1e8uT-g}_%gIjYme5FcO02J{hR<4jEs zb5TZ$=x%4RNMm7_o4<7si1uh-N|`SJu}TVjh@u3!VZ1>>}+2~Ymm)w zc@5O~L{PIkG9+P40e1Kws8N8^;}J<9CzVD*YB3Q`6j_ZCd~MI5i|fCs9v>Xn3bNp$ zjcgo^aRCa?CbocLrVli(Jf{oozxko?Tt<^g%M6vcZ!O}A`GAm)W*+x3n>sU}vW4C= z6-;T2_ULO@>Z23HAe!a3*fz1G8@boA4_T-l1R5ixP90b0f-ZBQ{11#Ueqp3KEAqd0 zMl{*WU+qL@(bPn%b0b=P*0Kze0q9;){L-<+XKhi~R`h@P(U6ygZ2p6v09j^T!+o!O zf!ugNX>(ND42x;KE;ZKh8zvf1@b6y>yfh;^@Aac!>m^e!?~HF~q5nwBt<{;`4s?3H zY$v`39$KA!{I=lzD#hH9_Mg+KN~@8EkvAABidp@z+{8~%IVk8mSxe+<-kwo zFhj%;ZQf9HTgc$z+ zpqCeowlu4#Lq(!Mc=!XrA$WT$cH6CVyzack^Lkapk;%)7`hX@cV1%mN3y4pO3#;EI z`(;iKII=bjw^Br5lh(!nmD!-4z>}8+V?CP6iz;0-`Or;*>WM=b5rNfH@=FcaNP}#T zen}rss8Kww2d^@ZRag8ujlBZH8eQ9ZFNFGaU?WB$quunve zYt^9Nj}xE)_sTuf@WR!u+*^Gqm%_BQ>Zs|trLm1tR; zJ0|;?i+sPH{-anvtZPt~_dX4e2s~0*$^EAMp{6bQ<-&-5a_Ccpp46<$bfM zu$Vj1$4ZwBQ;*^YMUFepz8Kc)AMmquL!SF;6(`?v#Ae5C2(*9p7qt`2R7T3F!Oyeb zwjC-gWik2AzS8HtVmcr4OCP2=NA-B-suWak?J<5Y&b{L*DGfY+OC zenrxCyPe$;!8WBduIX3is;`2{kDGo&0=3UimXyX_=a4UTJ>Rp#8eVf3c~ouW!3w6x zK?15plBk)FZ=Q}{3U0w2mSjBB9bhy9>kj2>>9G~<931hO8)7T?WkFz(SMCD?ty+3{ zyJ%$*J``z>bppiJ;UIA=akImXU`spHej;wrkyOs*)bA z!GXBdk!xniTDiZpMb>L(YM-)d%W+kA01SNp5OZ^sp6}Npl9*fQ+xru~nG4nn?s6fb z^xKnN7SSOgwgRorMNw&%O_bS#y8NR?O$-|t#^T=0zSq!ik<+Nr`OFK8g7HMygE(qO| zqb=)Zs@pQ_Axz$p3=o~cdqqROL(?GKq~1WZ#oJT+M#%cBfJ{zY3?1OaL#Pauu#Kt} zoEcg+iNaLeCnaYL84v4gU08v~fhF($SXSjyRQKYcPE`o%<06~}3VA!>WqT7Gur^$z zW2eqZgZ~xs>PI@soV^8xo|_C>n-bd<4UE8^T9)kBnvGE%So>3NzMZp${}_BLAJdB) z$}gu&<%&bz+5gWxg$#s#h(oRL!FV=g<=lZdW90WqTx9D7#Z*|bbve=M^>@%m|7*YR znF%>u-1}FjgjTp8FtX`XVK7bG{y#6V#e8cBJo>L}#Rdv+LG&M)@TVIjCN10MMrhZs zyFLVPJ9O8Kz35xG)w@%5TFM?X>q9~JHcQm&U$LwO{;$Cvzge46Y^OBX?Lu0+_|At+rhmv22FlJ*qoI@?ze3n`|&r#bcSt;Gg@UfC4m5J&F0%ewM6N#K`1 z3l9KZ)7&rDh$gmoL#_(jiMkYIq>R>_+jYZ=UyQwEtgsp0$a^kdYRWgp9+Y$0I4K~JZnw#-3(oOu$aR&Fx3t6R&+EgO8>P{8>otfg%ehs_n?JHhQ8-9$`R~e1>2|RbdFC zJ2@`YL%6AYE=_V}YT!zNH z!@WMf^6#m>97qIetPN;J=aqKu-TMRte1_oN4FR=UcT#Ac;hjp66V``;p`Ew_Ex-I1T^Jv7U!ULaRjq;nU{I7(*R;dy?9<~HoHRLw~C zUjmE_pw|Tp2Id9z;+z)>Tp3JkA5v`5}SDwzSF!GKsV6;ik5Lp=mU*#kO$uj09O{dr@Oe(4ey> zCz@neku_SB;}U)m6Eh4GtCjl5gL~K!U2LMmvnY(Q()dnH+Wy~1itluIT;CpA_DFeO zhM=mVQ5^K^n=_V{C3%9ptlv*7Am@dRk4q$MxNt3k7w|}BwL3IoBhH%?pHd*?u#u#x{VWP41N%u+N3I_ zR98<8)u=!^rTeW)H57Yf4e-sWf0~#?o*(_?Mn6W>C4?XJ!ev-dL_eAh@ zZ9+D`c`T6LuvCyWz?Mj)uV4Vlfb1BT1=R|r8AE-4kxA)0n%^G#JGjl)R!)_ zVje`b8_6RFm&I=?T{#GByS{Hd`J(*MDfA+(tcwbxBHBEAa3ejz+PDPX`05%vr^;4m zL0Kp%IKOl5wO>>rr;v77W+5+i0hm3qL=``!OgW6G7!M&LZmnaNlXS)3@O3#Ph`+vw z=xkfP9O;rj)u+n)s7|doE6Y|O|Ju+0Jl0=ntSDIt1HG&17XI_yTj7amoO>Op22H68 zBKDk3WRg<~U#hkCRaBij4Ob>>#@A+`CCT$fn9fU+h_rc8w|#9ZjAWvr1@ms2$26u% z;_)qs$bR#0reQPAS*CY{MQi@{{&XIL+l@X17Mm1jmF2EQq?^mUg`-)dZ@^lM+B}v2YoQ(D3 zH*(&sm(C3B>3T+7@_#E)3Jj}Cvj2GQ<#l7S z$O$-C;M<%%R;bXO{^iwg1Y@W26$LK%fkG~iZXn~vd&JuU`?3pf;NwVrh!}b7>&ZJ6#zf*eV+#B(sBsVyzpjyaqyQ{S%A|IwB6s6?nEnrk~99OMgVj zE)tQoAfa4LpCO$Tv2^(UB{G^m^vGuh7a>RKEE+UT8?UjFLlvv2j7Yik0aw_$L|=HM zMFo;~6ris~Bmxqe3Z)5&EbS%+W~OTRQ3u9h?yNi$~7|1S^Nq4-_>3C824V zf6w?E-jF?{a2rLxLHwjhBW3Z)i3kf~J&5194KV(aIs4X-0FD2zjETsev0^8-gk49L zXdmrXtYP}hPlbDK@3fQ~Bkazixu1FeiK#4nz_jFyFiAFZcZ6_E$LVR%S)S>N1O8qm zwCda8f5d-u7?Q-dXqqC;Vkahe7#ws~lKbpaa>GCNFVNioHrdw%+{Gk4!j_cty1`Z& z)(FlnV9%#M4&8wN+)HfvDfpm6$1SjXZZkVO2hG71mZZqr)04|By>Utj2z{^FmC!?$ z+r7ua^A3>xEv(4BfX^-g@+VylCr)bvo5dKK*F=Hr!>q(vreS+R_U%Go=YbgTD6BbO z?!%j+G1K&6NY~lYkt$E4I<@KPDez-j<|ejX@(O8B^PZ>Hhz$w#HuvDc ziY*RV4jn~>fC+i|xa4DWL zytL$OZ~qM%9vV8aizWv5>E{v5B`%-vt=a20hSFbs7whtD+%P@q#I}}F8)i)7Bmz38>29$ zXz6{m{sLcqMtOS=2)vs%KOQ}t(8OsB_QmYpm23C3Jt|mS+C{_HlGt4yE-a;x^jemD z_;Z%EpXY}ru!m9*HPmdo9x=`mMqyXN%M^jJTqki z#nIDQh7nD>M1Ao&OzC^NN+m{k#Y zIEB!cJl>^28Ff$V9f=!DaC>W%2k#)%w-h0=-oFoI=3Ru#=yID`?)@fG|v+hRXOj4st-n6 zO&P+|?PPg7P15u8a1sjUl~F;*zU8!0QFfH2V!SmHLv1wcU)7Y7LS+e$8p_=P2e6nc z@=r8AVj}1|&`?XJeh+~pOk{Ct2$D+B4DNwgG+ecq z=Heg7&7!i~5m*i>nP)L16aTPYK(|4$P#yOs3X0iG3~+w7kym;`GI>YUWSz-O{ zlX*8GN)ARGP&8N8)8XareCNUDqu*dvcvW&BdnZJ_@n85@GgDYYcCXi_5*y|%I3@us zW1l*aArA6CK6&m^s$P&rUw!Ca_ec|ao~U%boc}Mn-ZCnVuIU<1a1HJbgF6IwhY&0T zcZcBa7Tn!sa1z|z-QC^Y26tX^+5LP!zF)o8tkq|_`&8Ag+9gNnV`+QYS%BADPTOb} zan<8`-i_z^lR4GeB&_$*Rw_Y`GS?kB=^?t&3~fi>L#x6q0g7T%--J2ULDlN&+v!{RqkXNFwa}#Ml9}#Y8u?kN?wR50E5EmuHbky93xlgCv}LS zq;Gv)zMgf64WWp6I41MvCUTA!v`NWjV=V&M@R|&UGZ;EeRB@HBXTXKy*DC%RUJ{1bV;~^~mC{O9Kha7lt zrz}9o+85JgY}PhzAt4A&gT}MC$l#7! zN<@|qMMRr4kU!r@jd*;QTBdZ~kYB8imN`3O%jXoKfZ!K7wCq}y1N&I8tD(5$b9?L5 zeZEajc5zOJ_)`Sju&x z)coF|>W^JcMiI@zwyMdJ0gF8-g!mDNXF<$e!yW2^aRw*?fG`gCq@dHtkhE}e&Bv*=b#AEw&gTaI4EX0?Cjho!+J9#OyqKXS2?9`H z@kth{(&lxj!Z#V=46uP1>0sJ%JNC;r(FUqKbyFN6(N7@`@MDOblVE-v;70j2L<0=?NKXfc;TzRdmYH#xa)axai^c1q!O`5Re$#}T=5L!7iqj(0ia#QVT@ zOJs_wye%~NwH5gW8V`+6O1d@m^X<>4%+I|*2hXIzhXDzvC`1))R$e*$U6hI~+}E%+ zC<{Ou$oBJZ`ySF%c_~Qaopg-#nK8TlACohFGGLx@M{F(Sj#Hzt%qFyL`I^k^PxWis z`uA)ra(QW7AXk#iKS|!wKP|>-qA@5xTGw7n2fIp9tT|mbIl_P<6OzuPl|hx;FER#biA_(-#@Bhejra*U~Af-G9D_nRM@toktyeZ5*i zLE*r_38_1MFme(XV`lP(N7egUkwzNmMkSxdh75R=cUv(>=FZu-}- z71QnzJuO-xv&JW8WL*daFKFB=m5#W9j7PfG7^6b#ZdmTS=z+YG)!baY*gVXBID}`J zuSq6F=Q_6d@pSR!Xm$j9Z;L9A|XKIfc^lfDVs}JCDm!bI;C25$; zI>8;j75Fm~iMyw#qYIMhDtXU!L!9q@Vl$XynTwhAUYMfJe6rS` zSfM%k^tWb^Z}MjY224H<@a`vO#G6kZZbO=^hUiAO3s@~rh&L>}*8%;;?VZ>FlvUY7 zB{ID73W#|$U`ncmluWN%mE!v2IO?^Q9H_oo~DjncVG3a>OjG@#?;6>QK#*t zx8yD@^wqW;=10iBpx&6+OCz(X6wGFA9pP)nPo1ygaQectCv&3Ju9QD&YBaS$;yp1G zvw303dAYA5jOP@o`?|&T)dLK3Thnus+I690u5L&hToD zGgZXvoi~Z(Fq4V9clsHZ&!L+{XE5g@*WAnSjJYjXUlxlCC&!SiI zaMB7axj8JU7e3@quuRkVA>`ceY>E)_8&2u`ZU=w#$ZEM;hNiiY|NSeRR8dTjB0HE0 zozRbd0*qc>ojXrt$vD&c%;DAg)Lzcco>gvCriy(f-Tt=Xc4@s$s=ak=$y`SqD-SPo zGjQ%h6)8_;Y?%m9qc-mNmPXNfF8uevr7i0YqKa_f#CM|3CnUO_pVjB$u35> zX7+F|=mU3`2gaeS3^lz%uo&Z_*E%9X)D$h6m{c3~$0MWc7u6}71~B>;RUL3)nK>x= zyAj=ldA((Udw7lP%!V1t2aS;I??GE=K74)fZhvH{<(U--ckQb*{EjR!^*~5Tvn&^@U=M zg1s^N3F6%gQdlj~r;b`8@D$tIqj2bD+o-?Zqny=w<*d|+ua2r{l-@d@zG>GmPE(3y zF~T@J-sLlb)i5xb&(Zk{ljP;+JNk%R=C>5?j063~Ux$C+pYnNkx4qQx%0{*CUpCfo zg{I;z4aJuB$IRWu$zt)nI3B#WMttJ!4W=EvlIxuxzlUg9kVbvQezLjQw6xRVy0RI` zYu~)7*X}tA=QGrlt{@i3_L3tueTXI_2GFgpgXX>ZxaK$3b{V&x1H^0z61TD)=aXf= zBT`U8XW+GaQYB9n-14H{=dYMHWZ6KnCT(@0os?tGD%#o6-$|VhlPU*KV!wM_fC|5NO=LyL%BwuWly{@UsG`~>=I#P6w z2ibcyeOiCo(H~o`jg`{!_DAFZ`U++tZ~)=c+kI|Q618vn#tvmTi|?IImg;c#%Q)eC z7eOJLffKW7NFtlz-4{DIcn3dOz>|`duNAyX(XX^xwq3*8rsi+?N6v-E8wTdW7**OV zRSfhL2)lPd1agH9j(lgzLLj{M^-2ohc!h^msucWH?t0{t16km@cM=|?8DiUcy==r) zW6I^aY5wh`^~3zJq;7d=eLkD}O#-0PJ;OvzIP__dF%qbl-+62V;AsRmw`UV{Exq24q4)0?1oN)jc|{AzCz7;rYZw zpnK-GVoZuuwIeSZ8=KzU+3I~K(tEdq+LF_gz_+J$cbv3TitXU;0#XjLQ2O#`9Pj1t zA!0iBxU%V}UF+WNNbI}#A&lwFSnfI+5%bP0>JY&4`+CKDXqMol^ENaM|8dP|NE*?+nCxTt zeY6n;M{v~?xJ8_Ah*-dBa9X%VUFpE)7cDt8@1^EPz;OyEW?S60Gi{fcm=Eww@qEXT zv6~tr%*hozgc7z$)f_D@9ewfZR$4kxl@g>a3*0G3sj@dyI5&d{L3CZ0H%nPJV4nG^ zx6m<`8pftM7BxUzd0HwfwR-(j8TdF0I{zx$hITuF(L+t<^vN~}bkz%Y`5-QMZJkB? z)yMh+H(prHd6`#^W<6u06NgU7&2<|Y7;5EdP8h?HDpN=L&!0b!sf8u|RWTZc*;E?k zUI$WVOSjjW$E~#LTi+!PhS`32XYEBY)BRjK#pq~A=@LM$gLd^bV24P{Gbrx(&>jm0 zCgm1{^i(^q9Y*P@+us*~r%}32PEOvi6D$37cuW{h{POxfYa+{hXod@;_s3O}M(1OI&MLRa50LR2g)1*%0}+SZK;4t=6}M)$ z&_JLV?r2P3wEssOG2zfE-hnFHR&pv>OXzKOe2X3Ns}E0w`jbomQXhd0jx1*i0rkp{ z&Sh?pTw!C~NwVo{Y8az<5D}CVJ}+`OxO(xZ zpZ_6x_sBzsuw>q`ur=NyJZ~)!srD8?Y59tIB z*q0U_k$j+QE9ufpJRfPQn8<*@rAvA`JFLC>_F^Q=sFIYJAc{N$`p3U6f%qS7`zPKP z`vkUzk6(3xP50b$&7h?KRY;b=f(-*v?T&0soNvSM^$QoIM#|+(Q$EY_zTH}K&(QJi4_fci@!rRuq*K1| ze$!h1h!gV#>GkT^0?qo46Y1eYRLtwRbh;nY2=YiZ5|XviJCr)(@Ffr9~_vu57I zGfSk`7gUKpyUZoZN+4i%;;4-`)0=(SBAh6*@d1aCp?NS2_%>li#!|;Tv#>|$!W8n^ zV<8OKBFcwte!r=)eBBnVd}@bDIbXbPwYh6K6)l53bV7ON!ddXN?j-3^wZ^j6?|KkI z@$VPatw5IF;!~9@!WSd%Mfv5r9A==RO2y3>SlDJ_Fq&owS59{LdfAQXWh*j+pJ%(? zO{jUn6SPp)5KMVw8+UuOE^fQ+0k2co>xxHqTC!}inR~>p-(*E3mt(Pa=<&?^L=pAV z3&SNo$c}Eoa8sBNo`91lP-)op9tvqtRqW>{)JN9x%Z+U@=I4Zd3C6WigKEY*+%5dF z?C^F_e23XgLg8LSVR*4J=zDtryR6=HO8)|H(1is8@`Auli)R zd{I>nwfP*J%DU=rLV&I}-Fx3RiDJ7E>hd-t&(K|+I;XH~VSZ}e= zAdquDZpX@FtlQd;*8o5bTdEmW^C+=Wj1aqpJ?|QnIIVYIV$vgp1-$DUFsX)9Qx z*0eGEWZRUV`sOi10^G{~w+p_vZ(E3x@$AYF=)T{@iRsZ)<=%`r>e|Nrgj4NZ z9ct2Ut@a35;YWRCF=+;cM?ca5R-D&2J1H4+98;-Rv8>T*OzLDq=C6c0@0=>#Ejzoq8RFwtiBk(-^Q`JKRWflSQw$3C!p*OzU#qAf=ED2itZa z*wq%C@~Lq?m)7?gi~m#w8AV8L{fk9CVH4Z@@yeQqEiS%NO=5RRZBifp-IQ%GI}MAu!snY@O$Thp4YH zC?ZuYfY7If^`!Pu#8?WXhM2bbt3_Rd=f&2V!3x`JS9Y%f#MHNVf?mWo3xi%h?XT@Y zY-W6Kdr}>xauaY~wt(!+2s|yJM&{?&X3WGFxn-BJcFsWW+yuUR-vJxiI<1!;%5U|s zv{veV)n$z>rGn@GAOyNEKj}ttc$0O!YJaO-TT`O_|ApD-!m;>4wg>H3#6+i9#yhKw zonj3WAtR&R+LA&k6l^va-un%|hOJQAN48AdrZoRUQc~ruo$qbyl@M66Kd#Ez9Zk;| ztZSk(%*iJDexl?#wq$xuW(XJ{2Y;jG@VNB1l7C-i9y0YAYx$ zgqT0V?(~F=k$#o?to7++&Utybwm7Qg%;EpfBWry&VQ5U@r+vpaNfE)VZ{|mMV8fBd zFg?e+=jH!1`x`I^?LFZA^5j%tWMIBk`#n@y{}_lrP#XyUH^%;j(0}3H-|#0A?t^+x z0;SsfzWhIc`1j?fPgCl_ogj*&c*mYLY?%AcUG4>`ogd%+1#NU+=8*SWnYm8656X}i zsyw03G;d&V@zORx2nqv%}GRk%fz<|M$LtKlib%axY{en;NG#tr|hg z>*&bk-sz&9V+(IGog|BLPyJ`gslW^n-;KF}WuIfqDygn3Z*U*!HA@V#9bio_Q$tqT z@j1H3YS~GhYK=xaFnRysq>f-$f(0sR!g;COnC8Ei5*#AQ>fzZf5XJaH072*fB~pUU z9>2t^$$fceVeOLT{tHLpSjBg=f3->w1sfA0-USK%Wa%(iP!M5Fy8T13Ddu?p7S{ox zdYM6ue^}>|z96wJPGt*kU1&*qqD5sQ9tSG50eP6R{W36cLEshaEfPt$S~Ko%H{;J& z4cCH*hYeqCoR7H!`$#(^V#3}Me$7)BprwPjPFCM_wE|vocPjeG*p4_6d+Pc==ftZX z%*hgC>g<7;x110B=l>Y4&hC6W>k2dJC4F3S#)cxN#*R3JW z!aSd3iQ|sU77-k%wj>gp;e*p)D!H_BL9qhlr?_UmpCp&cxMt6m#&mT1~$+iP) zq1A%Mn#~tnuxy*q@qVjExj}Ml{S0TVti!rsvv4O&GB(UL6=x0&3sZ;(Mig7Q!?v0( zHRg;&%vf|6o7W4~U9gw52e_^OOl2@P_x;y3B+J@M+|2xVs)NEw1p{F-#yG#(P(k!s zfOtQjpR`dDq}@Rd91uejiN_il;-*rsaYXIBqNMA+Oq#IXBftnI*kX@&M1BGu~rP>L1HhRrEy+vS(~&8gl< z$JeL3ayHD>jlCe-P9>yz_26XziHg@vyo!ZzJ?1uVm2P%|Kwa=X6SR0$8k*lr7S62-*ug0Q#^~L8x%|ge1fA6?p zIg0$&s`;;)98#t)$iY3OHF`ms92RXvS8~m$_9|t4dot!153Te1wv!Q(1qq0FYUd@p z1#5whQTjuxDh8Y7I^-WunmijWMM|0ue^}6IN3s>43w9P2gKnDV4UV>^Z5TG`8c&SV z**TzVd6e~fZ`Jz*%XVDkHxBu&vcq@^L%3pPccV;dHn+ z_ZKjAfQC>$5qCPFXk{(1IxnC*oA25=@x(*g5Q%FZm~d#-t~z$02$!=y#;Gq_UmhrR zAsOZiki!J7r<0o_aHUB&!+FE+WBF=@^}3 zA#7V3Rc+J{>MW#P@ueuys)kFW-R@cD6^MXiK2K`*pT_d~q#@@DbIji2L#|QYw>51o z<{CTp`0H;=GT{v|Gn@CeU?wf5`fSI8M%h_WepX`Zpem#^{oy!A zr{?#4ToRRis4aDuuIV;UxHFpCKb`OwByGGL*a(wixoh!Tao03trVvZoPI)*(Pade6 z1}x0nh8l8rvQXt#-7u6jo8f5Z<2NtK3EW5aXam`J8Y>P+*(^LVFQqH?2#2t2+HK*j z+MF@0v|m1sk;vv9xNIWLZ-|ESpEV^kIDxJfep+wDPk%B{;Fjh40Y!>89pT_7ht-e< z_q;jd08Bsbqx7~cxm+%L;0@;8TLU3mrM{7u(7#ZOrA&spJ&C`^=YK)O1SQ0ExfyWd z-9_v$70H4+FIx)E*U_2~HwAC(!^qbx$twN*(K^LVqV^FPEAt-l`KSkXrMBVt)`3W3 za5AW7=(Z5+17OW?W-MRqM~&PTE1#KgUEE<>DC?Jr-$ahbMCE}|6@h)HY$`yX@M1JW zdOosEl83rtkWCyZhl-P=S9Z~QZkl8ZK>jDux=8QOq$eCF*r1@4!pTUXV4SM}<0?b)N$t$1iqlEzs7teo|B z?!bEROPL41l9l6+n8+LRuHmoGgy*cAmYclJsH>8MZw!^SGUA6gUoJ}gH zaSFtN3D50yE$}&Mn!xcuKJBo=`6SlxHTCBwHHTNKEb=7|aFfZ|hcmoPAu}eQk^$M0 zJow>#<(T^?IfiEl>GwCl3FB5coyJXa3Bj&$gLXSUpt62vl2zwp6)ptc(8V*oPCt3E57Emy zE3@7b*pN;@Gqp~G?P9UB!2|9_vGhKuPQ&E78QY|75D=&n=!Tq=Z7#(Z#@Og?tB;1Rkq}q zJnKoE`Hk%J)@9{#LoV&7vC8C_`mEvGND;vU0}Cs}#J=9j+T!)J);k!tl zNbv0r?+G?zwUB9DFy|ml!W#l!*B7YwE)E3EtqUQ5Ci##r%%D8l5E1V3K>i?B#4}byii? z)Jsz2EE^&vSQ@)^XEkG6cp`CW?^(SmC&rhf=CbUM8g=J_0MvXh%v6SFh7+l3)i6ve z^*T$WcID6d8cyMN{Ci?~{_B!*E$KQU>Mcg5-{x}=%wMDj?vH7D?lnJ~p;|Sb2}H-q zT=M%|Z}=g-2c>1$KK_w1ctgYTvk2k9Z~k--qerA{GZ#BzhFMIE!{OtR8aM9C{0bKD zSrJBLruKo52d(wt!Khig6S7Ngs>5_RoLdtzU{j+AmG=#lW{WX(X7gT;Y%fJ*;WS)G zN+(qOyhL=yc(jidbjU8>+Vt4hmozedLo7_E4z4MAk%!R>TaN%&%br%AN)&x;(8Dje za}2n-nXF8hL41lr;{AGVgviQVuR+HfwRh?7qX2t9d5)5y=^#gl$U{h|^9H>sgy@wF zp^cyYuSCPJP<^EPIe)X`>aE@B5m|ZuDodlYK4569PrceQYdR@dnZf87a4wMflv z?3Sm}*55@S{TM9~Mm^KMPEL>z?sMBsP+F*d`>;2X9C=b=dtmw0!vF?Y^_1q{iK%eP z%p0j)YG%X5=8rnVSD8R*4cmz<4BNV0^nE`}MQPUw6->PUo`2AZ{Bpy<} z#ufm5*!6Zc`C1E-gv=ttc@GDY;qMU?2MdF(*Gm>?$;CpuJ(_nJmG>V3(7pO~VW z&3D=5C*@Jm3r5@Z6z8uKrlb+f5?7v%HwN`3naeoMisohSOgwJpadKhCKZ3|oNLm`E z*71hZVh#T*9X3$?3$A6=yCs;<%hE22{U;7l6%`D*Q%%3oBd||nl<5&oj{lNoj}JfqYtBwxA|EgSCQX_gzR=DnD~_bIo4hHb#QVf`fZIbz@a zPDP+8HE&jl%M zUF82tEJ$ky;6r0u$ub4a)`8FxO^Nj_F~e#v^pMOlRMVsaWxmiQA;hZ7sdN84*6wIv ziy}eA4!TIeVuiW>TBv2N5z`+v!0alFg=QqpRh=hL>F~DAcp>0~$Dt4@as%4$ph=(8 z7C2l^keNsCcNnh=dF)ZH&5{X@Rwh&?* zd-2d)%^3mW!aMZ)Cw}}x!U%~9zB%HHGAVtxMwWaYngphnQLH&@i?2;Pv&7q?^$CFR z@|dAmhw8E~qUt-!N_!eq2qo64@0eEQ@9V8`d)N6Rk+cL}V7V_z9g=ZbiV5uVTU zA-(avL4Ka=ynA{Jys4MaJzopG)@Vm;wxBFwi|TehhszxL7EtpZ+28EJchucQztRS} zBG0472oYMM!sgdL(0_H=!3t)ZC)+4(&l0tfhSZD|5M?HR~^g?X@{b`%% zjm_h{1q`1`Y?DkNNULqxq9s0Iw$lqM2C14?6`0aKZnfpfYw(KU~_ zBI>Q9h#)&Wv+&0cA-_k_z^2u#=oSl%o`aB$QC;K+{6ymr+@#9rQH??5cXP_vu~v|H zYGVgIfT#k(r)uhHktB@DmAY6f6sh8-Ym>*_+$c9UqiO*CS`P5QEZ`^IKA6vCUMBB! z$Z9;EE2#;39y0T~a?`Nto7uKF9Upk58hNm+z)Zu#z;F^7UNZF-Mqx zxGBFsq(Wz}V*X9AAf*mhtOn1SEa{x0#sI@&xq(!I#-RO@RHpv{ny^Kfxul8IQBxXy z?`~&}k=Fc+?|7m+;|^t<{<6Cq2Ef z7Ae$uvcDR-_hb6|VGo*u>u!%n{e#Y~Vr={iO{3A*G2Gg-8h^V2??jOW1b!XU!Z)SN zcV!Kyfyk*bJm-^_rDeydk2WVn_FsYRtFnGxWwl4naBQfqR2nh^tq;rlrPW&!DRCa? z{!hn<-*t@mz)V9-H=I~rP0PGwl|@ry?L)Xpp2_^BHOpa6_h{*4N;pk78n01xN%YMW zpSyy1SK0p|`R*^ZgybQ_3BdZCJ!T?)s6yAY=X6AGy86vY;VyR&3O}MeM$AwbJMDcy-7J6$rPf z5oWLy)>5IvZNAVG9UBiTi(ZTW{V8-y{v^^$#yp0insXOZZ>QJHPERaPv{p&VXQeZO zG^1XfiRX@(L?EYnEZIw!_z27xc6hv5^tTHqcKtW87rzBR)lIFws0eHPN89Cocqf-~ zbx|E*24TWIs?vCKHa)DYJ_(o1g}-cx{@4^B`ea2h2p4O!9B0yPtOdGD94~7%GTl(P zO8xJD zIbKzv5_X%4Dw%VGN80^I{_elTXvZ(HcQgDeW9d7A>QrFMcO}J}A7X+fGsX|Zud7v+ zQ^O1Utx{WdEDT7ME5iN4vc-2FGu_nICl=D?)Fu8C7e^Q>5TT=D>Jd0Mwhosg8%~L} zFFxJO6zY$wvbzTy@rtA#jd)~^xDZyCs(hXIb8>n%B3Ip^r1=tZ|7G36sUSWufg}EL2?-swpilz zfBxt*w>;5h)Q16v5QD}0s7SZJ*V!W)i$iW!!s)>Lbe-+Q9wmlkm?{&vOWxnT=gYha ztN80~vY?$tJL2`E|6qI?9}TfbSR4HCFoZAfw$)WbuMsUZx?pt{Jk;dr{MDK_pCH!-5C4ubO^J z-D^snDkJTH-Web*buBq_Z>DY+SScH{kKY+7b#JO>g?TwrY|~j_FrK%YMs7j5JB2{f z#Pk&yL^W6|cI} zD6aXNnNl=jO1r8Kv|Y)b0TASF(7O;=o>TESFIYgUJZ$*)f!4+1mRbZ> z-WN!cSCou`s@X`?VMm@FB4$(5&&kY=aPvgeuf-z)-@@_e5kY&JpCL6|AUuP^kZrXl z|D*N85h1=k>l{}y!~W(SI?Z>lc+6LE(QMfM!7Q(p+h>yO`%y~xg?^OE<4{4p>8V1E zQSBqDi**Hxf_fhxV8plZJPSi}g(Q~t_EHTKViYlaO(={r#bc9J4p-WVQNvk%bl7$& z9D;NcISm`_sl2@9tb~WVbhUW|p5KwwiG{)Gw!xMvmDlVbm}Ao>Vx@}f8z%nCmnnuI zN^QagJsV`Aa|&_k!%!Ezdd#hJ*<4rS{ywE&I&h|B|B~Fg_kS$qvwidwu1gChVxz(p zbLdnNt+KJf&}qFOYD=o`dOGq*N-&!c*kFZ8xM9;Wb+V6 z9ABia;qPXYx)imn*k9RX(j!%&1upqvC@QbmX2}Fo9FD{d;pB9}HQJwu^Gj)VU2%VG zV7w%!!iOT0Kj2GVLgGP9wa8g|mgXhGlQZD@e~x>-l?qf$xuS)~1(hPzVuQ8XpKJHs zl!?lC@^x(nlT0w%lIbfoQcw(D!6a&vY+&A=@O0EOp%|J(umYtZAqU2X2`b>_^nw2; z(aipC$)NEjCuyScXyaqThNjyg!rGejJ!{M=>->{@{XfIAl2W5~p+{ZOwN1;quJHNp zV&>|+TTNNf$rnY-q^#viU;Llv~%OY~qvFI0N3X*9l8&(_RatzDT&}|fqlI|GVg42na z{g;&c2K(_rMJJAQ0vf^;W$hZbuhezK!f?d(OxwlD0*vO4^lovzvw)n(bMc=dbOO&)$%Y2y+LXaAHeCobvy`zzDC3^5~19!57 z^f+(#Eop!8ePkosXT0lNx@GW;awa)XY1W(OmKn+%>R572yWdDak38i25upuIe?C~15zoo;JE}omUc2;^i@MK z;%K~g?f!JkLdWb+e0c_^vleH+`T9P(=!UK5j&MQgX~~cvueqdzE(j^^LVf19nK=0B77s-JlVEacd=+~NP!V)dP0=^txL@g`UNY=D>akrH_Y9i0}ac`bruq+R`wwD zor2XVJ|oq;G53WU*Wy07^W$ez&%aHIFNuT?1-neBAQ3XL>tzf?sI?P#>5STwG)g)@ zQT8>$+PNq_{m>yB^oD^$j4>+dU@_1c-Ow+aTJGozyPA4!!bMEDxMZG(dp!xe7fT5! zZe#rgh4h;Gwt~@mm*3y)^!ju$bl^GnE0v)4p#+R#kf=5-l6LHZ?QXMzgewk)JMuR3 zK1x%T;rVjNkD;q?ZzGp{;%~Nq6`Al~sM$Or;rZ%xMIm6l^$nF!ZL1o{IlPR=JqI)> zxx4c^k0h-WshcP-zn%RJ?oJ=DC%X0NrNM1SS=qM@43M(g5w^JFvcd!PG%#_+TMow6%1~7DxK7U^B#ezEjYi z>3$B9iCkrp#9=_&;2{n4Hoh1RY)pYq(^%P7L^(dZS3wrn5ffSgDnzS^Ee@?96vb-q z4}|Y^<|q2s=`R=<$y}DW^c!(AkYZWW|DX`l$sbqjmKxg?F4$=5<|;De$tPMdR;V!v zV01cs$Q~n~$*aHpWvecsxS^z?t>+Xo$7rW@T8_v;!hW z4(|FRIhDvU)ZqYpY1FEN29IE`k=)Fj_CafUtk?lNvu<-cR66xz=bs4{#1_5Z27YY_ z;TwLna)>fa5qU^YNHOce3>8y*=AdiC=(s1fU!V61zz@QC;*IC|$gEx-G0w621K*2& z&KlKnKH*n}&0aIU<^^)GbCcMy3t<;3bx@3@N9|LL_$od;w+^;{*Fuv4< z5M;BH$OQC1g2o)>!-V&D`I|$CkA?0v>zNCDNJ$S1)|TZ}sVER_IgnyZR1}k}$_FLZ zGPrK|*AubA5-eI$7+qf9E-4)_QQYuk6|TIY$EK1LK4CBbE#Beoqk3u4-|i`s157Zr z%-rxBXZ88@LNCdn^J%A4eWs=-rJMoS3c?2@^DF zDXVVDo)ykV^KD7T&x}nuj8<*3cA>#86=UZbGVa&TLtg#5BcHxDdlt~KL*u|vc{CI= z7FGGHy71>SZ;kp<-0^Ys-z?30Ive4SKtWB^zGtxjq)g_I-%+h6)7z%6^AnL{LE#KR zWV79XRjZX#2HH<~f|@F+c+s}Hg)yYc57(cGKBe&46Mw5M{co{@KZ`j?DrJ!}aib&; zOq1AGS7%@^8E$9?T0n>pIf=CeI7kQg!ibRLw(+A^z#JBsONlQkyI`-1S{&K=Kd-2< z#;`@|A^#8WssAJg&{GkV#84!SAOOMxEsNC~_+)Z4GSYQPl|#EU$`?I5(PznMM~s!a zOy>a(tX|H2XGqwT{HB;62p==#QdENv6|v9c{|gwS_1_;-wh|U6;izWcu$4&P1dp0$ z__(!ariA+b8Y|b2HwWa}n9St}M|MA1m@2yRqsXuJSVWu}4pJR{Ey2+putyu9;1+ zg}6GT=vJ#fUJpP9bB4%b*tXv+m_ zW=)oz#@aWj6K{KP0G%Ft6T;WEgx4?>!VNf2%lg>e4pv9kpu8^}ZXxsgVtQWuU-rfo zr}(Pc)QkS!Sc6Z0idn3Np!s#f@b-8q;_*eeq`&Up>rus0f>P<5um>b!cLq_`FpnE7 zxlM^3M}6sbzO|&*O;MoR?Svp42GxvpM>yeK{^@P*f19*?7e+mxmk0pPk+#2d|cl1C0pE{fV zsZRae5UKrJxQs$pq*WlJXCN%qRe~&*uC7;g13rw@4t2n65S=icJMW1g z{0|qP$3dt}EGBJgKy~Hx&+dUjLS5q|?xRUD+In@Hb2R(=J8G(u2a$B~$Vil&l z2=tmi9xIk?jqoNxaq>L-l4Rv=_cs1la47JGIc~4a;jBr%7yiG0<({$U>dcI21xvmH zh*_5>fre9h?jUM(QcWfddWrO}H!Z<7;q1pt@$+`qg&znN3DbD}+=!6wpJ52ReopEf z)!@5Ub>?Syv8eX&?bX5%kTNSz=|7oP$+W@FHh_6 zO9iInI-y|@3AboU)&PE!UN%TpVKeti5ZMuVHX12x!PI@l2+<^!SRCK|$c1Kl`oD76 zaESL>rYL_kTycWw=hxfTFfseNP1BT7i`eV}wDAC$c`y=b8A{K&od5w_I(VtPoNupc ziE;i{jkZg?A|+es!vkz{rw?Je@V^ltQFvaYE6g@AhOJN1rDZZbN6gUsN9}94`^Q=q zDwX51#Ktp-C>@2L(+w2_+?O;z%aLUpy=-i;{=yxWI>D2D_&FFh#vmjg?3xET+V35> z8!6TZ+PMlhS|JPjzyZ6N#zn*&>)o7>!;F&~9%vAndB=8yz9X!Qsvi_PbH#sq7=}Qo zZxoerg|QuFvD17BL5n&UXtdwG=h971iR;R;_bBHXW7%6}t>CRM_L7F>y+o2jXU%(P zzc=dZ+PyJEmMkp%l&UYBwfL*?Hx8TQ4UBF26D`doz6CRLeQ$KhGq*m$7w2sVAb_K@`3w54I>*t~pj7KvL+)7_cU zqjXD>iIlN{mLfg<5>6jR?nSQeE)`%Nc^Y7b7c?~wc!W&zL5s>^!GyKP=5aa=Y{$Zb%l9UkalAo{mWk~Pm035l zrAGNgKUixK=GE6k?*`pR(pL{PkS`5Of6lO(`1tAYj7GU0Qb!2~Z1xF-^^rW+#O?D7 z_8owR#04kE(tkRmM>B+^x*tT}9X}YyRBDRKO$U>a`l$FX<0EMX0o5V@%}vwbTVoYC zbj8u(?5|yMP7)fw7}A;vx2>+8P`qEb5FF4+nhKd*ZXO>(Q}uAYbz(oG)(gr6*!205 zs|b7neLusCrkflmiTf0SFr)nGr&r_`QXX_T1C7Ho?a_K>`F@-_i{yAf8NU^a*M+c` zRP1TZ*B(0x?0W1lD^X)x0DMKyqXjl;Oj3n!cd>`$=s zujFYsQD9&uZ?BVo&+=!U`5&?I{g1BAq#TQ$2Nn>&*qdiWxQ^=B|2qr7 z`Wu7j?_mH$;l5$8fi=x7T~TSEo{wb|cq3~OEDrux0%$D(eM`zlJp`8t7DJN>{d~*> z_cVXqVJO)+|ADCh(KXbb1C=O2O#N*;-FzeLDtcvWaI2grMEf0gl(R?&#j?V(zC{Gu zywsc4Efu2qlqgL)P6sVbqaK2Rq3wYIksZw#sKYU>C zXKp{3=_GbcqaK7!Rsb747i45@Z5%V)Aqa9Umx!{H}qqr=2dz|`xK-5TfGidqT|RVMSQKaNF0_j%TH z5{je*)bO;a85ZBNgQNM8(!a8RP4LI@A-FRAe^h;CT$Ee)wsd#bz`y{aba$teh$7um z(%s!T3`lpXbVzqM0@B^x-S7B+j-K;=y1($d=Vq_9uYIj+#gA2f`O65_*skd~2**KttlOv|{ zX6nUw8?Gt->}T1$O#!|rGGMoe)?f0%n(&)ihMVXq;p2bKwk>{Hl3i1trv$-fmT2H- zm?%~Wf6+>0_080OQLXlHgmzKq&aw7GP+5WpOcz2ZNLvZQm;$P3`IlZ9k-;o};|$+w zZOLYMN?GDo;j7EH!jDo4VNXM@%hOtrZ%`CJAt9iPs;G_HN6m~tMT^a#i`D**E=UIR z$t2h8sWZ}#QI31GyUF|R&>3%8LvbnBY%9e2Wof$hnxo79#Nl_*9HuGj>y3AmSo|pi zCq92n2vtvgwZ7p8js=LSI+RxHX3S_gL--h-KXm!lI|+(=8x-P?QpMk~MzZTypJ{=#{j#Ag>V zVWR*n@mB(Gqct;z{OJjoXK<)Q6{9`sZKmZ|;11-$qBB8y+r(Ux+-RPlY_&M(YsSr}+2NF0M^b zd zK9O-pAb81z+;oG@xQBeFK-R1p>O1HH9Kd7RBz6^0*uOj)E+?JKiE|9gj`Xu39sfL6 zyjU;jWZ!Xfs>8jj=;wJX^59CwZMD=PC5rEKdD(1U;Plss@lvAeu7xwd;wirR)}YEl@p)@>2NQ{{B#AzKF&LVi`^GRXa1wD&V^T62pXBG)L<+nNZ+LH;S7+( zoZL`TrMthu6~e>Y?(FT3K0Qo0&QNc3dz0UHpbRq)RfU%@QNqy26g-lU_&j!)hAmj(B$Pfq zxE5i7XV^vBe{?|_Ko#a>Pr)<2`#8F`xQ1v-@Mpwx(H}5iC^?&@cnn{9p;nYFz#V&( zwYA=2WUR=x8fzfe;eEQe=xnqRXoA+aI(9fpnovZ~00o2IIj*Z5ff3?%=s<$W8x8h| zhi`_zswSx&$(Fup-Md)|I#GosEWX&iP*nc>Rh*XtYjpvo98N`?`~bDjUj@d5pv5KJ17BeQYw32jmb+eoAw5hON%!?J)~z z)%)+`!>=OrcZ8dKIlVmRyDV}S2&CwLC07l3`!di)WX4jraT_v2{=uG@km+T6(<}!` zDHB>UXi=43k?!Mq1s_P%8v>LM#SZ%s<}5C5{NO~ZjGS(nhBy6U;ObxjdGzU>>$RtG zXbzuvS|LWweAdgUxh?m+)+=~J$Mn!4Mls7LwsLcnA64|cY@HafQCgNktfXtiK1zW1 zYgJ&C^K5JD@Hk!x($+Rya1Q$z%aE6-c6z~+ z5&Sq35jw<+t^)XBt(<|ep zX?6o@ay?KhPR~6!d`2v5Kh;hnhdIB*m;Rv0^xYy|nOAc8?8c?=!(ttND*yYbUn|4c z+-pDix?lDUe%Z|VmkD?MPI?m;ey^w?A*;1)cVKC;l>GtTx5n%L7!O}q*?`E>QbSl) z>_wKHKsb~kjKNVrD7NrEuo#)-6ddnfm(7xptT^7KXkTq|C!02I&QK%UkS|zeNaQJw z9ps8Si<4u9xd=>#N)6PM^p)mhdclwFMLptV$=a61Srr;+`rG*B4mCvAC>2Y06BH2o z6k2u$AOwPbn~N!U__puISdiqDY7IpOT>jRqhdxr*q!b~xIJ%YHI#}3vB8Mh_J~Mg= z6az|r8veXGe@3`S$BvWCPIOhLEg3-s+l68dgS$xHn=js12+YE_dcTR)9%@azwnS|_ z|GmUF#CyYV^6GdIR_hF2UL(&@sxFR`E5VHfEv_&vg0kUe=D2mBR481$>*35Pmxt7zo0~&kZ6%|;g<)&op(~ zL%~wHqkm?fhRcoZMBoV#Ubk|)bQcPiMG9c*L$*CyACMzIp=vF1!oV=Iu-Lj`Y?(FB zc`ZlNiRm6?Q{N{CfI+C17jM}oBR#$9xsLka)f3;}H#od$SXG#C*tPRd(L7Z6VuYTm z!hPi*Ck$&FEk$&F?kSoS2X!>u5b8}MJ-?ccuYP}pPa{oDlez-(YI2}=J~F_^3IV1F z-m+bGBWWHhCSL%J6>-DDtz^maQDP4zENEB83zEItw3fL`4zYBNc-S$~DvHT9JJ7K4 zV3#y-#rsOTAr=Vx!*s$$vCN<$!djf%LTsHa;v#Oj%ulh#?@YfEp-cn*M+M(~_e{S4iXqlz{SbXGP=y{jCaCLN3oML}d z|CT*$?5(9{OAr;Bf#e~1+YI6(N0itv5T@JteZYFRhemwPuC>0W`T@d5r#cj zw{YW5Nh{d}xIk$&uVg1E8se&=6Su(>xw9)dzDk_LlIj!WJ9yp7(kyROk#KAj+HQa6 zZyGh&b+bUOkf9zrB#QX()Z&%tA!J$dPh~u`nH3x6k;uaLh4ZwwthAF9g7dLRTa=-| z38s#eGn=N|hZ4LP^&IX#X-+vWYJgmNcpz~JIM@q?PZ6YIcV@w_-vX>CIqdhA^`w}Z zN}0V*<(;*pb;xtUZSVY^8xguI!pyGJF{HZh>qg^FVz_0@KlQQSMYhz z`ydFR(kDXru;o$Us{=XS$7SaR$XmJ^hp?K)tlgT<7J?LOomoRW(#r#Hr3 zug~4rY&A+j_^TZ6fu@#-xLS}&#pHEC2~%HEw|mBis%ecp+iXKq6Ck_Q64;7o9 zAh_YzI}x{MBLtzoi<=7Yer?lJYv@k43=_1w^?!}*?lI8QXUS-CJ7trJ?Y)Vz^e_46 z)j&>T@SK)Rv$xUt9$9BdGfNcN+NryElogG-u9)So ztxEssq!%bqiP6iy$mWX>h;I$f^1=6hs#@V~n_zq;^#H5VNxVi&w9d<<8G1}hw_W>7Mn&Ego6jGKQ_%rAn zW_IT$16~ohI_ZcAF9>q}{xT&@Z+qSI;g3(KK>e{v5Vu`JE>4&uKaH)cc%=Rq1sSf7 zc155C=@(?=RRHJsFbkx+89o`eY98e6GEO3p5z)*%<#g)q{tsvRT@CVEs(*P0n7LT~ zaZV51YB}2u?z*rD#&YZ&b>db#9sNSHJGr(9)`;q~) zIs(00w_LV`B-OafFhBfnk0TNqbcvAAb_0IKbb)J7={TM^^zI{`x#d1eFSZ;#TFcc1 zWwC+J#D2bQwZ^gw!Gp$ij;c6|^IYI~6PsTjs%|f6zx)xc{ea1zLN> z`#Xldfu}2Csi>!^!d&-b5QG6=YfOGpBH!K!4;uyTu>EkSr)FnA-aHJlW5Suv9`U-n z=V8SXTs4U-TF>S)+)eOy{cd9UhOLog$osA^z2&cvP_FhnD4sLXRiaPh5Aj}FkMb$IS&uH7TQu_g zG^=kOF&K8|9#d=s&omNj8}Ye6D^B0wWFb$hk#gy6RXtHHq;G>nbi~z(jYMM^e-iq# z-;yJXkJ zA9RFG%{jwa^~|{_djW-E`z>FTM@kQU)1Ni&4*x%wDUE z(hwB6fYpxi!)>WOZOCJ)pLhEmPDJDjXr9}+U29uoBs5>yjnZSaPxdMl3fvRlkVc?k zw})~e;h3B4xiKTX4@hN@P$Z`JUUbxpeO|ew<~I`VcR@Ulcf>;0wfd(slhp+0ZN&B0 zG6A0z zMUIQi9)&WQU)Ga&vmwVcfR02|qS>Z~hNIRdgn#7;48$?WH8h(jzYtiThwS8$h_1#T z5n1M9x=}#KgZ%GrE0=Y`+VKh91^?gx$ZjKnnJjrQKIn<^y_Ao#2VKjMLe~*j} zlpYQiH^>{x-5-*n^a}JiswZl^{z>a^bbg*{=@}dHCNTi`kxKE`XQ2@h36h+HG{_m z^T7}Opcu_wmgZugF>u~8%@Vk3O|^yo_|lsLBC^pBTqOC@=teF`(^Y2xS9PX8X!0h; z5>91YXk+5<>O`WzOTSbl!E@kv8Gt{4FMMQ~5;lPzdp;3G<=y#?}1^J`NCv zoyXD$y++!^xG5KoWbxUBRmkAP8NP6`US&vCR8&mjv0-MuTO%qjD8}3rZ^A-Uwklg| z%aAmXs54(J%?(OT)uiYUVy$Slp`c$B)MpTaCL;%>9H;2@2VJCTk}d#BCI8I1$wI#H z^_Aw@g~^K5WmL1VBSNNd=Nw=1pkRZ1dwA4R;n;jDc^2MRo;e-BoUQi1~09Utjms>K!^g)e;1Ee{FPkvCF%ALpuYwTu2` zYlp)Yn3}y$y0?O}UnJtIu2#CbBJe%Mc2`fNYcoW-drfteHBe>21hAwLbicG5Egg)9 zzwbIgPeQ{}+_S?@6KkZ&QwDGx9|rqH>Qa+2JTfUB%DJ4bf)>+^@ZPX);(S2(zZP%k z;oyf81SL&4Tsn`cYSd}^YwxSceK6TGeERCJjVH!6T21lxOaW35DZP^n-2Uu}k#TG* z#$|EGdy7Zz4gRA=<374D=Q;$nLl}UfZq!g^4Do=q$T;a|?5&Dx4`p7;iZm3^B-?xL z;FBtznsaiZLGmQL99r$14B3;YU-XObArAVC3*vR%K3cd{Sng}{@XB9Fk_E|o2eIQ! z+G(a-nC)|_h+dfQp581X>2Msr{VP&m{zi~XRdPxy<*G;uhgZ~EQxj*8K*LCMcJupG zvyt>JJm$h!w5t_+Tp~OpZS%%&2upT?`ZC3vi?pkW;>_!k6BEByEDwxL+`FyezY{k^ zZ?IH-ANmywr)BJrsr^_zq-9`d7kkyz#WdIPL&AW5C_8mJ9ko-9a9V54c7E+0wTi|X zTF~l5SYE0%t%kN^a(9xid~t65I!>zH*M>y&`7X2Ge`H)Egx^W$PX$2_?vKdnr)4Kg z&v=y|t)-3C#G)bK43{}SC}&<(=V7o@T^52wcmoi(9$_qlZceE z$+BVtn){&}i?+l2ifwalBI*d>ZcdN(it;Ra+t_+3`3A4h+6HJigSvok~b6$rlQGd>U#Y0O9 zI12>00q~}YmhL^#QDo~?w?{fRPH%bF>ef#}9@*l9ISeWy+Z*FN6o*ZL^Od34``n$} zq|b+v`!x~0wI`D>tDemp&kIW?bh^@GkFN;5wV|YrNYyI-rOEnK`=7^n)F( zu&0-RoJ%VCN8L9%>&9BhmXW6;R(IC(xapF=2ulTujpwDptp#EU;mtOkI}rxNWw%)Q ze-LvM8AN{(=&o=M$^H1ZkS6eV6HlPB{_-UKDYad6+7-)*+Bj5A=I$N#^(Tyvr*e64 z{l&>m)0Z@kBfX3~In6Og!2^#TjpEXjl&*$l+y1%62I8-EPn9=*0GBgA5=)LPqa~X8YFUV#S++ zu+i${Y33L43tk6}%AnPN-_ikRGpae`woSdMhGRtC`OD0EEC63l+)xfTb!DARb%`*s~1V!&JzxfAqo9#DN>LC=(^rYf{tkhv>Ell$;rvS5;hG!zHo$`-JBj- zIq5J^lrcH7@i|#AXQZSBMctF?vw5zFDKd`{W?C@|cI8+t$Of7fGR_hP!qWrn@hv0~ z^3N0ER8boU{m;HJE#gS@L{V57>S= zMmZlsF<-NuF@M}vI{xnF(c3++&qNlY?7gw)y@1#H^=|$*W{Q~ z{%l=>tPX<<)0S09ngH;^`!3Pv{DgXsqf1Y@^TT?VZV!;q8-S0WTN>MdC`pzw)V$uP zI2;&XXpGB)OJ@G#9{izxFwhKt+)7)Xw=6a}q=QhtmeE(X;eKYO%2VYlr#BU()>b!w?PO0`xJkKF-Z_Z`R*a>;bMM7|ESl`QBBr{*keMlJa4_3r-Tlpo?jvB}WsQbSs3 z^bvh&p&gMyrgh8dm~*dTsrbP97u6KA+UYT}_uYpSQt++V=yPfpQOv&en@cWuS3tRc!;! zlBsuNv~%K0IuNE?8b7m$47$@2-@1svl${tj;|~YEA!sBd0l)pU;=r@30KbZLTK#hJ zM_0E}+28Es2~AchU8e}rw`@ObRmkxSL^=1CBeDIeu#?6z8vZJ%@Hz7Ss2S_S#Ux?t zal2A!svLWTbwR|ygQW;_h91>+7Y&_E+4TjA9SqR8`ioib4+4KH;ee9IcCgH%kmqZC z8F0nDmx9MW%EUJrLLzp$`a5De+dE+B2p=pr%@i-$%TKWXaYfPZzenf1PY!$kGr)MV zE3iIAOLuj!6m`z>K#iF`y1ua6Fs3&hw}klteZqcxv%Y&> zWeUHCgA$O{?SfuHAosodI0I%9XQmbbp>avVLCy;tZs>=5QUA<>~ z)bsBsLtkpJJ#r+FFwTCauv8r6{*qbjB&URr43V9reviaE7cjoe;y=_ZaY@Z%glUjDAjDN*BqTvwP4;ynU zhXr_84wm(r`6K)7{u11o=o4jHBYdQwKY8$wc_o9K!5tw263gsqOl#k$S0Azs1f zS*mxy3YkZatKU_!cwT`GVr{(5mtX@($^B2)+dDECCoZ|eTN1UyA)tVxUg*zl0e&w4 ztj{w|aS#8xd*$bQ?ggj$vWkr^ypwMe%AJA!uzlYWBsRUNH&VrvPmUuB*Xc9^muEEK zK7U>Jq{P2S$B3&W`Sr1uQsZ7&TKBeB_H!xEl$FtH!LbmBF_F3UMU6^gx@{h_7)}Truf{7g zbwk!;WSrHez&N&vp3lA;9-mT(eD0I%in^Eij?M%lUtU&xesy4{%dN3$l6TA^1--kV z?>j?42%!~lo?Az8g9*+Bnh+lq551X3iw>amUMOA%IlbPcInmVlV-;dGs8z6DKhS)2 zuoFt=q*(QVs+Pri0T<6+s2L5f@+PhuTWUy^h0lnePUrS{-DcStwH@&*tE&3RNN8!5 z7LY#YiMIqrGK<)whF6ZCp7cB_eHCL1DRi{&tI>FgE$?&b9a+REWqr$?hd>s!RYQKt z%uKsxH2Rf&brua=5H&tgLW9fQ^WESmP{3FID(JrfAs1p-~7m@9HqGJUma zqc<$)bo$oT{NA@$y6>lJ^K`rLjG{~ztTgZf15Q51T7Enf$6U85{K3hGW8BqXg;}3H z7@9^sa5KLup)3{{`>FU_w;+1&sC%{T>s6&E(w%?HdDni&PiqC1NdyTuGax@T%oqoe z{Xw%=e1NCvOs*q(U0lnu(U@>(z0%#c!qd5w#M7`&tlpgN2sVc;ba-|SMPl&^f2?0b z+UUz-fbUgihJ@DqpSZ0(3eoqkfAN8)Sr-l3gt~{)hnL0k9j6Mr>-fu^(4`p!#MDrtd!4Sa6!M=$nCpBxxHs{}#>`g7&dv5Wv zm|S#ORy|#s_qxB*bhkKezM9(=m|Qq6)-*jnS|0@;jM2**9!Lsm=m#ytq+QYl`vUcm ziD97+R%&e4H6d#2b#Ha}+S1N1scwOeJ}0Aj9^IcI-cLX|7CjI{7Ztr7y65~7x7*n% z{YH>!#usxAlRh?wm@jU~63MJ~In};_*C*8qb!AAn(H&kb^xOrT$I1ed0L^9z@3T3& z*@fMGD? zU`B2nBPU(RzGcH?NQ_r5;N0I~8<)Rd5gkUN4Vx7n`p`E9>UVh-!sBEWE z=|sxuo)_flx=ZdQGC2xlah}kMx!O#Z>e3dem4ZVk@6w0Txa3WSQh@Xsj+K!l0@8F! zDK8mtRdC-2$F|XAd@2y%^%eql>iK5E;r(YX8@Vhsd zPX z?LODoLQrjLl1YBA`|ssPVuh7%!dgk?DK5yk9^b-j|CSH}V6xJhlHZHkrft5_kh4Z) zL*P>?I9a0_|1h`=*&IyhS3L>l`BB|>(1{txw%#+aaC`pgy-{u?sfbul3<-v+w0&II zHN=*7Gh?7#G(ssbL&2grk)_!vxGD6p#pmfx&CTc>@G&#guagSH-B8J4LY$V^jfy1@!r5{#9`2mUg66@V<~tdN{oI-X{xsH=z+FJ73t@&-@C5ASO!Dm=lZ0 z_0-hJ%JVZsem%QXIH5g)fDD^DzpqLaUcys^G; zZ35k5uCVGD&t)fhJY|x0d`2a%&p7D(pU?evJxoIQNLNZm7kA3CxUNYG1Er2I*7zZu zb5Io$yz{z+9Fv#IJF<^&7NxPZUA^}E-Q*1GYq`ct_NNC6e#DyIP6nZ!b13^aLR^*O z*{GIEc-i6A{aM(?c^z{* zdk%RaSX_4SsaoH`N1YjbO>D1(R9CvKd#=J{n8D<0HF&C~VQoc<24qCh0ebKX|8AI- zmEWdm_j(TTz64dh;TL=NY2*|FgLB-jJC&|AC1*d6h<%y}8mp1tn__YS5qS8wy;ibE zb4O<%(GgF}DjQ)+HJ;ciw)|?ibrH#vlUb0Z7(GORo?^rcOfD!)HK2aep@DFAFl}FSC&kZ^ncj%4+M!qmvjDFe;FwH?t37< zF%OSb&4w+y`)HGkTxpR+L#+*=!A{|gU|c9Y$sSBu70uS< z5V@{Rd%$7nj%jaX;z1V)qy$N^*Hwd@G(O!9UVD2+xeR^}8Bb0BUm|k-_Eu>O~;gE_xs!#rPVWy8xKx3-rBU z70eg%sWiF=$XV;Wmg@>b6Wn5*+UizKxiDC;M(*cc-&6$eEWo=Kk!j_YincijLYhB0 zZnT?}d8+sII&m-s{>=LBKQ_6LQ3uLLFx&C-<=F#s7Hx{aM9)=wWjL+z|78^}Pl z$#;Mbu@i{jAaN4?PSZ)9S=uS6GlFM96fo?mi>nk4l1nIhNOMw?Y^(^eXAp4yFY{*Xn}ET+lkKGc_n>m^);L|n60Zn zO>X-x5Y6Q-oveKH-vn5~?mop#9@^grE7cyg5F(vK{rE=q2YG|rz`xIqzATD*iiyvj zk`Cf6cIuivzFoqt0UI7dGDU1t2VlVrsC)pAWsXF6Ep*UYPbZP14O0yf{K;{U$(Y2f6zw&}m_0)*W<#l)$wmqPx@F%*%*Lg^e(T_9>g;@obF@kXbG{L7tBPFO^~$pNR7 zo}sbGjgN}KHK-roYLIRJr?PgRe9Qe3ACbKZ}J3xTVN<}UnJKpJO=E^a7CFB%y6-VBaGH^ABE2g+KRU7p~cTmWBm3p{kZOL??&HN9QtFK|5HF!IR= zTL0Cvr%_q4IJQ98|8?6i>u>Wi4KJPW`ear06x6;;qs9=+07hn)4Qszy6XY|b%g=uXDQ zQRXb3hjter3GDIho!f%%_f7LQcwIC3Kw%>LZdNigSBF~e8zUte+j525589Cq13P&` zuyRQBF5@q7A3r9YbI&|mI7oB*S65|L=#S<$B{I~mi|MPcpkZ7wvxNvlA$(go0`plH* zy3f_g%PC-%0R2|9E)TkI+2em5_hWBJ6^<)shE z<^}?|C%3ux!eymWSpxGZ{{{57sD3TzIq~_EB(R^bscwy3kx^c`R{3tDy5Na{LLa(^ zsy(xt<*`wj3Zv!vdJBFLh>H>{bvSF(wNKdE@U&-uQZtT}mCNEjnbpDqL7sl+XdJ51 z(CZa+TvaO3Ecs!uu3mzzWqMRxZUgZV+87BI}hu{|s z^f!eIP2XgWmZd8r>OQj`D|haDDlBmbVJ=r+D=75G;0W6f=kXJTi?b_?drjA%cL-G; zZA$gH>4lucIrPw_6Ez|j-|h7~om~9I!!1Hm7n0ePNWotdBGyBQ9a8r6Q&~O zFOwl)Jrwq*{7%icdtdHr9M`gaPnVnd2mdllD3)S}yx55d1G2Kh%eo&gX2fRN3=LRI znuC9~geB6nqK-FWR#1WR(NXv)RskGso-tj3m5abQN09*HqvL=Z_Jou`cOmWBWz7j1 zG_mg*%D6s^2d31e_q?{c3A2<~<+odV01dxR58fr_$onb`ja!1XM!BqP`_)&fE40s; zclU9$I-&PRcDk(FJZ*oadD7s?#t9%RcJ+^ zJf9CZo33+BTmS#(7#5Ty-?tecguLkB28ER&POyukWoX|1oX2UWGv7=M7w|lILE>#} zIu#UHo~pJJ-Q6Dx>c+?2_gFnN=|c)*xz8zuJM>1Q9$h7QYLBD26{l6L$sewQ0#yC$ zGfxM>=s{t?Ooju?Tk8G3$Ly#R^<2?4g}57h`WSU6O26y7Nq;8~x1+@ZW{)|3lq zD$fAYfregzcH_n8zpCFb7SPKTPT#+lsp%^;J zcKGdKlZ_1i$GI`zz%%yTXEhz3MvTx_H1?iJLA=iZa#r(H^#z2x{HK=v&Fg}kJD-L? zJszT-B&6ce0)+5Rm`Xv~lbHSr!RWxutyR84!)@%vju>NSb1nR-c4tr@y+I;`7Wq;? zc_E%*6Th0q+(Z`jdVDFmCta4rZn!1pbGw>|MTP(He-di}<5+F7Q-V=L{2AWPdC z$*T2#s0tF^@9?RhQOBYrERQAxqxDude zV_8(AUJ+rY4^*d~tgd+H#nQaf5-SPMAx4^;H&aVKfP-f-OQxG^UIkNny0=KEFG-g#l#pq(*Itr%BrD{f^M z*u@-L9gN1qQE8`8+?fonk0@)Qw43*6$gMk49{m~-D)8#rLQPXQ73{>ey6_n2;Zp=| zTMmGB@9=kASRN>KJju?9@G@*(?dl>u&4tqSQek@HlY#{&_8)hmi;H2#=-moS)AW(e zgHNBa#=X*H8fK%1>4Bvisl7FXhErh@Wc*LplZTbY9}ARcWM8$*Yacw0b?D(8zWb~ za~D^GN&t|ttkcMQKLP#fg)(2I@|hQJ(}c{18&fY$doaf$&Jm@-zPS5$F6zL?^Bl=s zDYwU=6$XQmul&hmU~AKuU^M>#hiV-f#5#j9Ya-a($13JA1eeB;)T$7AZTFRigs)UO-N<|Ty; zE*__OY^x#fv&1sYqwybN#kQuEEi6;^{h@0AoWMUOr4)2 zqIEwD;C|8#U?SvVp9$6U`8Tf8@0xFc3vLsO61|xbS8n}J^ofoDeMJcDt$rGjm$RQhsDSG2=gLV!Y;eDF0B<>31I#}9yg2fY~2Ox`Z~#AA+F@oK>< zheG@#DG|=^q{WCv3s|K@xL(paCmGP2W4N0HRGPj1QgQadxpwb{Bh9)6%X?!>3}2v&j>1{9iexY+&(x^l7U?B! z1b?w^lBBdByj|7Me|XQ+x^Tk)X_L!1V$BA2Dcw+g*-hvw@&W$}?}ntaD%ztx$=WmJ z<{}loO3dhd>}3Z{&oYMz3DCBCz*1-KSVXiSH6iV~Yh$z_zYF|;%y=r%mO_(>NMyT{SEPhf1iFK6N_I> zm_c$@9-xW~hHpNHB;@i>1t8Jy(*AWF|rU5`7XPpRt%##?J|IH;? zS`J(H`f(LvklKk-FsrgIMW;YuPJ-t)03D)IKH1iVW4)3%6L8zytbyy{B3DU)6^)>9 zehs?`m5d?jUW|08o_Ahhh}>A8t^Vwh12m`>a*P&_2+VBtw$*;j3oTUhPTJ(_@YRXi4MHTsoI2z~ZPLv9` z{bHQZLPe42^#=FHMSl8rzxGWrARQ>5$%qif z4botJ$Rli@!#%MqJbn(#``Eg=)(~VsFd5#7nHD=En)jJ}3;a*<_nJIq*N&QHp4F|9mCg12(^f!ng6pI*RrfvZ>hw03(o@O%4 znpd?ae=Cdf6ky>wGBSKbm0L~3CYl&MjzObg;7S`eJb)PFYHEPa2dSNY^aOU;x(SR z`i(m0n;(G!NvW?P8{&IrSA4}>C8hC`F_~tdxTIq^o_ZZ7ezjrh^U*|50jnPAGa-> zEUu=##)-`Q+=f%Qbyy0|RP~Roj z-SO#3W6S&%J}ugCDzy3#E+l9xbhP;vtO0Sj)K?{{n(8pCtL>-IV(X#S528>xW7`P2 zdq?8^@x;*7;`X)ci#d|mqjy(nNJayE^n$;PWt2nL_T-1l-utMT{&9u_Q+Nwoo1<+K zO3Ti;m&|$~MHg?PMxm8Wy-LyLKeGV(iEZd>1J*GK{3%{Gn2^Jju{PyU*<4^k@W(s* z5~s(D66%`f=UAwEt;ss@Lsht7E1~^d5BfzaL-DS}VR2BsG}!{)z92~{WY_|WzlB*wJ} zWOsF97j355`t12!T3zE>9I%ii86nO%wLBx@xIQ2>re6?&w=HAxY-8jhnz$N6A`y#5 z_KLZ-tDBPrQ(pxF?dpzE0UeM!^4-ZFcX0lq^ezFsG{*D-9;Gxld5`&BL5T;8Oy9ml zEOx$8Vc|JuSVEy1;TwA0dkouZx-c2|ncj_sL+zWJdioz(^N;S!!ow{`(i9PO{eT^a zJm0c;t$s9t4q}{Uf5WfLt5tbE8Z3j&lF0yr$iRG{2?LplB7!E8gc)`d0m0kkEc2U2 z-|jCyO8I5XfegF$ajaE{Cq5tdF*~pC^eEvk9@o9K521LC0uiKb;}-$9qxTgS>(H4u z-Kbv^iZf9?hO&zbyxUikC9RkgI)2QfG45`vLhqF=_L3*{@o=ykS7bSh*KqYaf7cIi z%K^zAiJtA~IB9YEZ^W{ih}esQ-vmMLQj(t2>pyaqnN`XxEy-dG^;+M1?> zI<^u%%Ol=xMnqA3^i;!jtsgs-#pS`=O4n{(5CY+!TpsSw1}mBz821~P64o+hqiwdk zz+Z=USm9Q*B9jjhGc_;cu2*c{MJLfOhEUQkmbFqvVJ(n1 zXC=p+GY=s+UxrQ}WfwXTqyW|>tPFZef*P?Rr z1Ogtb1dbR2K?r57HwiBSYkW_KO1U&q+- zA>rB;q`mjnRWkUS%V>j%^u;+|bw4MjtJrXpbGU{$4h=d|EvBQ5e94e6b;#J?$%4OCjF(NmK9afcWl+Pv6$i##4N)n5z&KXF2-{>bM_u~ zab|q)FjFE9;pQtmq&sz%C6EUyy))c`2RH@2LmY?rV7iC^j@u}gbZM|*K2I+1YTeBb z;Lzk;wi}rf59%r5>k%87d3c-;*CGw%%Wh7O9Rv6(b#n`~oST_2kSV`Q)JY#m5Hyc~ z7LV`KWEsXWEK>G&W1&PzOpT4{I)0^q$ZJI`(pX?H5lG_R~0oG)OY6y?JM&CBkQjNqU^fwaaaKbBn1?dE)nUH1_6-#B-BDJYq+S;Wj%%Ot;s%Nfn2c%&sbWg$JW*cCuhg_J0)?7?~*?=MeTT} z_V7B*DoRY4J%5)A;bR}3J&Cey#a_F3?^`3B`aF0M_p9QYHX!+Lg8dB`JEX^4IPg@# zt^2ChPq=Jw$v&M*I_g~f=Lj*{;^_b1T*w{$$CrV>pUW5;1XnRpsyld3@J955ymj8$X1U_ z9Z3ux^Vi*D|1{lcq;`Hpy;|brW?7|%gLSOX6@-!~`gH9W(bI_Q_rGN7ljL z=K{V`YB^+(f6{CI1}y(wWVl70BuH3w&BPhI3M+clsWf(QO^A21e1)spJ$hQOAK`c6-|t6d+`{a+BW4r_dv!Uus~KT8yZCgw%PK6 zKN(euHFi@By@@RN%^V)wohv7TP2|$!DfvL{>_d+Dd}6An!&5GgcZcx%tS`#D#h>`C zOh`9m+h809-_#&qFVSaC%RI9G0T;RC#DdyXDI72_B-VJ@_kWV3Sb5`N_m4nHg^zA0 z(Ac^rrAzH~4^D4}GxdQ(JcmCF{o+vFoRv0%9NQWZa0OV+_M@ z+G>l@>1VoNsWE1mkTs}h{|<@$o4@H$?9sw5>7Hv_AjWm_V`@pebX(fz1OLCqX{a?8 z2AH>k-1ALwxam{L5hu!8?srLCO)j)}V`0>1lH7%PqLZA!mC=`&axU&Ay%J(<1wZRCq{#{0)x8{A$BvDmaHq>;PUNFjwT>aOt-q4&Q? zBYs6Ttiwd8R>Abf#e#QmUm&9+&XZtKi5B83f}?q^w-4xF+QKeATCn{iEHF}|RiVxu zLOD68tB_iz=)}(qT7doNqCyD6@-nC8i_9|G_>t(j7YCCc--s`+hT;t7N6`b?n2|XBm=JY zJ}LDabOX^}Vb5Y|vGY&U=%_cC`G=)t{)w@0!T83vzs8ZcXP<`cBTQ0@b(IE7;aXl# z4W4ei7|H*V*x?=Asm0K-?$WJ$_$=@Y?)jqnGqn_`J;W{h=i4qdQHJ)<=eTEq?-twv z^K%n)iWj^VpBca-_VnBkF^tiOCH zhO@ka8TC&NuqUSfc;!aalQKW!qvwO~-myAbIqluJxJR5m)K-BrX`iR~lbEyBM44@- z?-wC3m?4NuO@`?{jn{pt&UWFwAe6Y!2cFR@-W)Ldyk-jcLccL(^|mptKkau!x+qs!_-sgsHOyn9|I+E$F| zmnp)m26e-Ny(#Pj;iv35k@zL@X6{8%m|kH%DKLz9QM+P0IVe+5}^B0%y)qCd7>k zGXRa+5BcxJARJVcfC_U7Q{#+Xfq?^(b^STd70PkiJy$Rp;qo#RA!h9S{mO<>vzz)< z!_ijT^1oCiR1B-XPEc;)D^buBcf{(+FnMhLgw(6%0D*O97ChHzlL8uf!};4~NZ8zz zH)j=HK;4NzNlO=JIhY0$7?Tl8MC#>3w#@C&RB?$*AdMF}5|BU>g{3-8MkBB3d$2y1 zh4f)*n&5l5?;4)yxJg1~PfDrZA?)L9{z5f@y;CWbym{;(?)g*GfBbnqkHg>Ccpu6M zy}W|B<6q!dk~UTMrA=@7iRyhc36~;|+`u~R4rlzhH_`bufijQ&6I7}UyW`2yho9*~ zdc-a5xeH7PruhPDgh|IMVk)0s4?H@Y^mKW_LP2V|g6W9adQ!T1g_N9^Ti+Qe7wKsq z5dL??7kBcQC-O| z4G8|zY7h920@`i!I}NK7+Y#L}(D_PZN^tWg*}7+81~FxVSDSsg`*ai`6DAxQ2e@fi zTY~J$r1EeAe>?wpYQ#q~z1zOiK_GTXzy-0|<;CK}Z>f{fo@!YSDm<5)AZ4>n>Y)~k zG{2VS*NODr*TJm4!mXuPdm1)gm-2IIq&%KRn5*U94F1tP;V&l?8_S}k*j9FQXQzCp z+Fk90gOaRAt5z98p=WD9YNs21vdHXTepIv&nTxnniJq>hAWFYD_1faQzYo58prfR! zCcxY>iLR&-?a16mz4nAMRyBt#Wp&Yr33W{#FRAf1Pfhmk>N1{DQ7qm})s4 zP)%`_aurCmeE*eyh9Ur>o@{rceT?_zjyT(Q={|d4_8g-0I(2Qq!MJK%@mFiIzSV!v z1qH?=J#ks__VbhzV!F0SLMqCIRU9qg$`Gc@m{R(anP#W=eH`vu+ud?m@A1v14WGZN zi;;cG(=zAZQSheDNrR{x>@q#W0LxAXSbDsVfr*C=KjeA(aE-h6R7C-X6?NR)Kt<-% zcQEmGaCGPaN}(z=I$dG>$|j`OKIRxSvef=%`Bf(pq_*?h%(mr>CEBgv(NWlI@o6}9 z2+Q*a%f9kfd>HIyw6!6$dFIs9IkyLtmMzGu(ScO@c!CWh0Xz79uj@k=g#hWV@w4I0@jx%PgI*5lMi;9(4&mbf7OCyMyI}s?+t-13J=-kjvfr@m?mZ{@>$HvAlST7EEP0k$5kMRWQGnH1>I{D?(Md=;CrLvLEL$C1V;yZKDIsy+f{ofDG3_{!||BujY-Y zbG{$QLaw0Dq~A2)Dq1Cie{6Xl5B}hKH(f%2TIeo~fNF!PSP^ZeV;3&=4*&Irq%3+F z^559fuoMJc9~H<+7H|aZhSS&RHEAXZ-=+l#L^RF&w|p4>vUA8h0L3C%E2W_)bZM26 z$AmxLG~#g9WcS6scO2t(fos`?=i!jacHHDj?VZb{FL!omtC5lDkmx*4I=qW1?r@0g z+DpHSrUF(`4MtMfrAF(CF*&PA8aAj2@pVk%!Hq>XFCMlGxh~&w7Jl(EX`YE0j$>cI z{q4$C*5dI|x0Ryxb61pGco>lEoZ<6Eb4Ki2QowIn@4wr%{C}{?b3^O}Ht6Mu&wDfC zjpe2uKm=1?K^o%6A^BbMSttX0=BKYp>LCZw=qAZc2qp87&_|kYBsjRbn|+%K7=U#s zm%HOY8+rsGX`_Z8mtKSIFYg<4zvUSHaqWo98nG?Brmc22e}?8Yrg@w^%Z7cqgDzj3 zhX8%sg2ZQ%vK5Iy`O+Dp)%wOo_X1>3gp7GwC!t)n;JwDKVU9z;*Z_wPcl0|3xzDSUv=_aa zpY~NPTUHyR8?FL}eUZ|*@(&dfuS4jWn5u@6!O(-RpKpd1Bae@CsLQtzJc*1u@VDFb%Y$BT!GO&(rG2H_#*RRY zu3Pvr;K#Z8hC#@jQZhg%{-53!zRxRS3V>&k7SEw?N37pz-FOb@gmUZv|C2N3(UU0k zrnhGu`%E{ND6~u9nUL`T)(#57bXxe1iU&vg>)K^IhpohN~1hOrh0dr$sopSE26PP;VZ~k zvqR1gpA65JqawM929L0B`R}$x$HLO28Xm8vijv7?t@^8&E6u&JU=_X=i8Q>-;$O;< zbFK1#0=5JJ(WfC2?DeiKc^{F_HILe{1Ky^Yay7jZIiUM>zBd0so}gzaBzpgaTMGhh zfxTQi#}2-3{_S<<65a5Ch?IKwX5SzDjsO12qWc;~A2ko{nT^`o<4y6U)PrAfAiJ2Z zZ#s{2kAzy-lo-Vkt3D;W+jmNSXTRLHn^ieL|0|bfXf|&2H0#Ft4Tk$d;19~iq#p^* zk18mm&4>kve`B3m+j?ySqBd!xtx*=%XK*TaM}^#_6P2$YnP{&0%3(G@A#cGFK8Q8yK{bCF!toOoEPBy^!dT%qiT-=zHu*reu^WcNS z!Qf%A!rp`XJ3pfij;GHIOm1nuSh!Mqels1uBMt&C8i^e}ZN`O%**t6{ZcKfv8_YOp ztX!L7KuE;FB~RUis*fLy?uOy(?T|=^k~F%01T=wH;QrzVr_r&V=O%2xMsMVx#os9vsI@O&zCGVW(YYc42;0%uQ0$K0_TQ=96Zs`aUe@ zf35fTf8b@&Jy2`n*TEy_pL=W)j2I&h&kgQ`qsf$iHVgH>C-nQljm2DUE=L=ZzrYv< zu^RnGqnye;4PG~wT_RXdAAW+ndyw_fQ-{1m<~F3W$J0RS)NR-c1Kc;v0cm_Oy5@gz zcIhcjO5zc{=e{3poBA_xNyG&F;84G=m@%6)SFuOSo0CAOpxn0eTT7R4g(Hovpe@2y zVR!yPV_d!io`bQ(H>1}2oapGcDTX>Mr$n1d>7||95^q{ag|;P7a#Wh^MuTkZ z>_{)tMNzwGu&R@-H@g3ls#bh%+l0tgoDUDYhB!_abY2*(3?Dgn3s_bQC6n{6f9vNwA#WS4`Ub!h%C43^NYa|EVIS>=t` z4@`B~e#dYpAhDbil z3Jt`RV6S^0@k%sXxO~;4JdPd+RXH$b44-SL+j1Mj3!ucOnva-!MzG#m5^5p*U;F zHbsv^Usn7wIgsstbIC;LoASj>(B7}-rwqUFH_|$~Td#bjJLYXE=t#^BU+p@n#x~^b z#~r8O$x>)zj97E-tL&voEvAMnzrf4vq2O7XKLCJDl-{%l``a3{T@Uy{475Hl)TcNG zIYZ82KQ<>>n8OkzkgrR>1u@`82Jm#b6rlPmf3Sx`_Vw*c*ETZHJFh1BtKMNKwR4MH z3GtXk@v?8RZrWBVUtV^)K9V>RdK@FO<0c3o+ij2cuUFt>ddydgrEueCiEc9gT$J;S z!t~ssi*E1B5c7Kp?s-DuvGZb_Fbm;)r^ZORb`cqQ4?3ggCRDhF@DpZ!7vb7U;yfZL zw{6e0T^~XKAmgY72tI8E*_M<96-jFGnlC*VD+pYXpkpc^X@?9N-%t(Qk+<#Zf&1Bi zA1<|f^2UC>nx7nH&E9^v4qSXcJaH+3^Vk9eib)f7?O$m2%)!eveQ}600f#FoDTRbS z<9nB!a=52XP~n2q)~oy+W<6Wgw`?RsjtwDQ@MYD=?Jd@;G+lX1RrOh&51o8K0i|A@ z+V+Ieds0tGG(12os+a{0fCdLKPZGbvy)g1Qr7x_0j0Yc6Q};hGHn65GvHZxbjicXv+&tVefYN@Ji?a+WC$l3t;+ zsbV@pgpUTJ#9Mk*b=r0V@lxYx_?H<@@$b{MeAM28Z3a2)c>vn=Fun<`q|&Z@+dQLuxiQ z)9Vl*g<@&&8fE(SYjg|mZW>m8vTT6ERgiGX#|7gg3+jp|2YeY?f`^`RAentM-XO~` zRUOa3P4dAfD~XqYeNSjfq9A;`g(c`rO<9zz7H64zat>RoN%RFg!E#@SUWkHs z?A=t-#p+NLOx*1JI>iHfZCv=e#|BZeYiC?LVrC=vPNF3jS9O^F z`17x9c{@SzEH|F_@-*euzzknK3rr$Vc%zOzn-cDfhb!1yZ!qt-H!=%{S+B#~! z)Vu^5t#6e+a^#tGxLu!657byvDT9xQ9}xu@D_34I-|Ny{SYYaSPq;`rfSu^E!$ruD z+!m4?>Kl&ZYL*Ukm3}#uhG^;Yf3%)E{4n@kM#C)$a3ff`NLl`C z!|RhrU~7esc~qH#G+ZX{BnRGt;>yp{4*(xiI<2N=?O2;?n*u=#p*0-V7V%Ux_YA3o zX&(ma9^}(;^c8z~tE%SyxX8dHmHFsKS7tjeVrgw1o5W{M7=cTDuTr-WT;lBPEQDb+ zfgZ(GnkiBP`E^sMEBM`TY`f^QlS?&m62oSV*@6 zc7VWE=9CWNd@LVv&(q#2%k%wAg>IZsNbn)B0{TWN*efFlfZfTN-PF^0(d|vXD;TS84-ts{yMgpdKrCsw1BpK*PakD3RH6lwDTf4CaY!}vX+G=!J0V`>Q6F6HWmpYw}?)z zCoclp?4`a}R*rXb5G7pTcZ;1`8*+kXlh^Y*^9U8clXp4<8B})!QiUj#KCNCk?TSuJ zo(MeCp4ZTpk z7#fi4+iYlBU!?zb(f}B0DjZU?Pp<4$AV-jgmx1xwVUm9iKG(PRMcxq}Kq2RCcM7h-n zeFC2w|9jqziIKapqy`*=rrz_Il(qaA&jQl4IG(v*obLC@u+5fnY_nfvE2&1s*Kky< zgz1mMbp864n=Jy;NK72GJHr zJae6Sv+0jFe3A*?-c5kpYc5H;n4>uA#`FZyyVeh57n7kAH4#ce{Y!Bn{uP7^IE<|< zj0-Ye5#}qc;&|JQYXwxdsJLex3G9Jx)Kks$_H^`Z<0>Q8wh26Q)w1k^Yi}A{vBwRI zn0=EtMm81B${pv;Ir~VfXB>~4G}ff86%q@32tNoM4CD_{xQ|Tg^wAfH9~}_2uyE}f zetREPxz_tU$#sHd(-%Z+yZr`-cJqBm0(dmyZZv9-=nlbml&!XGFWi5vu{KsD8EhXC zo_rZ9vUM}paBy|hdZ)kEKVrm6S~kGGo{xmG8o}v(u>+Q$iY2dUm%YH0ZX>25_FAVz zNj`-uD=IoMf;(T@**--hHtsiA2f3Kg+2P*67xYtIpBk})as_B#VNuZ!kxEB*D3%H+ z#n)}6f@kW_W%KM(u)y@Mjz?>>Y3kNrTujxrte4s?9(^gcL4tr~W|9|@s`K+zmhr)> zLW4rj#=kh8eRf~!X@)?M*tG*=HuL`F;HHz%IY$ltaLWB2@5mbI4B;&Y)J{Az(cIVi zYu)&r-!=$y!gh~qk?z7N&rHanPC!5G$q|au_ObBo{yK;@0}eCN&=7$k*dlIz+xcIG z$-!v{xH1-X%Ya@3tcz>m?0kn>dqaqAlN<$ZGwZqLHmueMcwQ5_+voH?HqT%nop#kpISv)o zF0FeAF>(k9ovBxc-gQ_BLN^=o)&gB`rC#@2hq{CrqHdMecUH?zUdc^vzR-vpm)82gx62{qeUffJx?RpCQ7dLhQ+b}fnY!F;^FtX(+GI4UCX6Zy^})9 z#E3`U_3Dh_(2V1_I8nc=#GPtEkFHT8AYOLFnsv|}o-4PGfCCwH<^*K++}3C=X3av@ zxVSC~iU&qO$driwPJ`2@J7=~h2v~G$2Kbv-_4+$^hjrfi&7T_UBb;@H(AI)3U)|sn z5~UcQKbKuUo@>orYD_K+x_893Hl0Lj|78!?aovnXx>EURX#nO+ zYh=Hna;=!t$nMb+9$S=Myx#av*%|`A^{lg0)<9JXW)6+dctWj+h1i>7gX_Xd$XRuQ zNpT;q`vz5#q<8oaqYOIKmiW<*jNrfxEF|@?9l1W3G(8{*zCP-r#GGWOs{GVZ@`Kd; z9{P$_qs}htLd~vL{UK~Ge)aCO_Gn#cW10I0 zw^q3xtu(X2qu0#FFv3q8VKnpzbUeH7aZ-DvGU0tV_F(KAP@GWo#84RUv@c|!_G}iJ z%qAb4)7M5^MzQa+tmA-G=u7p2sz-R4X!triASADjv_sRLJ;!)L|7E)K={5Q82#dKX z84)Wl4^{vV#wDq@fJWDhxxKPoTx}yS?+j|W7;@dZKCCmlzM^Kx#YY7KMQ^QUzsG@l zL#hNH65*}ZWtuw8(U?^kI^4MM@?F%3U8MkfJ8Pk86|}dZRKQj#nkFPbuYvltWtlBg z_Msqq%nTb_!YZ?x*mk%|Sy!(SH`V1qv`0J->(DG=tj!)ut?@Xd{R#h8IC#w$@^;}XxWU!MSu0hIrf{T z&JFAmi#Aec?zd+;vhUlhzWn0C)gKg|?R@fGhsyfrWtFqyL^sAWe_jQ*iH8vn*z-Q@ z4>o4s8hK8vBeMCxtar}ydPi!UJrVUsTMf$XE#Em~jDK5eQN(ZUe=MnKRlWK>%<|^Z zFil#dBsH9KYhy}Ud0yiALI4jI`bN$9S)6nzl3-PI-S6qu$ZT)R3^sCGo!4XvpBK)UX>xc%bc))>Qi>1!6fUM76U-tnQG)--_b47 zE|Rje6`rr!`hik83d-r;4Xc)-9 zypcS-^U|V;@I`QBs{S59gM+%B5)`ERSMtzJ9s!pY16Fiqo^wS}rgX zln9xTs73ry-MP839O>pQ-BxbBq!XGvi*Hh%QzTD$2r+Uy+&(+t3Muwj(XPMh%Q*te z)uP1q7f5-4>XkpYdU{QNz{IZoisvWksT-&I8Ht)PhD?P&i}?yg$cG885~@QXNudXUOGg%(I%fdN{**c6TYISM8FpGuxmY&ps2m zC_(JBZ5exEZp2JJLdlf^Y%qY{o*Q&Oqz$+%Kk~V|uo*<+)*mGz*L1j=SVisa2dBb7 z>swc?EWqp8o3T+LozgpG{ZZGV7XW(lD57fdmD;N8M9Q!2Z1cea3zZmiYJ$e@3fqf! zwHk`DVMp&g;G$AH8E%)t?oPWYM=3DKdx>K%?q0il3nFLYM-RyEHkx3)`{Yic)D@o& z@haRvaso0*yL1fSBjkOjb6m7Y?nmxMs0{Z1FtTwpaZPhx5oB=9GU=Wylg zxT!`i_i*c(MMY6t&8B?Kb-d@v}hgA>F&Yq1u=?1uja%f7_=ISqTRae zHAn*+g~s9CZNS#;Brav$H@QCAPwK28rqd5b(t9c4L$R#}r-}TxGc!k-mEMNGH!^4p zSe*_zL;G6fzLT6q+GSsGYmNL(a#8IfxyI>0ff5sdO^2pUIHJY|vDjfd-KXT~bhJBU zsn;39A&TJG^PHZiPx)n!{y5gdsa2dU6OFW^3*0o`JRW+?nN8Qa((w%e-p6k1aXJSi zD_-PwMxa4!*B;K9@$e<$E(t+_W&Z*GJFLrSAMDph!MT)_*kEhVT!U$?=ZF=@*k;c& zMTkiVS-{(y1;RbX1qwbQZ`JDc3%eAa1w3-jSa;Nh)@0w1;39j*c^6Az#Ni&FV#Lmy z#CO>FukYX@4(u2~<7ANua~foMkAp7Q=h;0=7~!uBUk{G#>2$8l{aSNM5c)fcFL)~~f%8LfEm4ADg_R7Wf? z7#{CHe}%-9QhZJ+!@JP){Rl%f^SIHfUB-@93ZjHpEBY*5x}&#fDv-*yRtUT@5gh_z zmvU2j?HoskGGQcgcSpG4k=#0p<6DOxWNkQvX82gL$+iW#=ExKHP`7q*ur}ETe`y-{ zX|`Uv>$(0|EYBv|W4X^Wjcys&dOv1jkv!ld;ZzPiH~Zt>E8^6F`&|w9X+*cSqGgtx z8tf-%+=*^GLJRn~&dQoxUl&y1OtjBWkB%-cs8CSQvx`pLw|nFDvMZ!ci%n%3?tOK- zJND?4wXRMG0M@*K{YgPt#Y*n`rJcjBiQWJSjXm>0$H%KCCHHEZp>5?V{@_KpiGet%)y*)Smn?P3* zW9FfP)F1Uy+^4A=Vjj=8BobR5F*=r*{0wzKG&nd63i9($i$0Rw<3Fo-v9(YQN>EPK zy+M2lq;d>uy1hh}p3PL64@}<=a3)LI2-4Y~E|<|RHDpD?VF@PT!k@cft}n?gy3oxl zYKz676wn)5|6O71*^FvIEW)=~_Rn+B;{>9KDFm!yQRr`n*v?eQdU%}M>bgHuNY_8f ziZ>AGRHD!bPuTNAzyI-E6(<({QoYKbj}K14JAt}Bp-ja}9JOOtZ3oeR)X5KW)Xe`Z zJgu7lzlQX}cXYu(LAeN;T^#0!i&D*ZB+rUt4<1vlbaP|pPCg30LMxwCmTQ=*0&Y5@ zQ}Q(|r(No>sHUk*K+5C&%y-k5|5)2Gu;fjx=%b|swTtiFXAF7r#q`A$zRxx-?b*zP zHQoQ(wEu6I*cu%gBd^UV8T?~P`_DL>Hts*eZMa*6Ukm)}37;rmv_KK%#AU<$KY9Pp z6P*-)EQRMA(-VKsf#Jq_M~H!qc{offA?|3KT=LgdZhW7|L2W^s*4P+_oM6&?xKgX9 z{;5Vui4Vu&vf%e^MFoUxD z{mip3>L%bkw60OVd$xrAwkLn8tsYgKoj^T-83ql`mLs#(AoM6V>z(JKU~4C|4o`~B zk0w(8xI5a2rzLT$XDZCDI*BB&k6LdKt>Tao@iX=w_L}AGpX)K3?EOvo<4y5en}|U7 z#ivGOms3p{ylTd@G7L;b>s_^@UWVJq#LXNm-2tY{!p*v3BCgr@c?B7HrNc#dD61ly zq$7q=nm`bH=|e-S9?i{ckyfff-;rkVQ3lLu`iBx7BOvEP&Fq*|_8kyH2l{`inl_RO)J07}`0(4ysLFB&B90Axfh^ zzF;D?rX&7!kg!QGn9^VM!>% z+|!iuVflt^ha2A|+KVl?DdIqRbYupahRrZMRH{xso7R*-L0Dttu(BT zit&(In@E9uctN-cNTQf%KtwJ2^NB9V;NOSPC+gdm5l{a8yupNq-b}^GE0?ZFvnQ>p zC&^23-Al~Rw5wn23s{ALQ9jzYNaG*iD3oDt-SjK?Nq@qJW!+rb&|Y!e$BwW zVc_DxT9{U*+9!zm%QN#42kja^Z<0en`@PDG^v6^@6%D-$;hHwOxfV$UT!m*Y$wW2- zTh-9_W0?#KhMH8PQwlwkY{XD%l*fe)Bn`dp8mRDKLg85t8c+qPgFblv4#Nv1CbTq89as^i`YT2?ov#R1ULcWV%B_g^d8dUi z0WIm_@+uW|8#m>v93w&703@r9cf}o(;$U z+%D+sUdQ;|D+o35Cl{2GZR<`cA*%;9U6QSgbhRM@tPQRmugO|%er%=Ll~>e^dq_?~ zAx4uI?F5PSJ zbyqBE_hbT^R|l`0Oq0O>S}{HgmUPR?NSK$L>~6ls-ddhjQG<}^q-9|ZRKIvQ1ACVh z`aI#x#t;*xVrayZRzv+>grX}YgkA3ClOQ3{DNEX9xU8k0;U34k*h)AeE6-G!D*4%6tZrjr$ou6g&Of8HdK!J>L0A}r>>qezG?Z9b^TMV zQ*5BADh(azQ{w>%+iZPBB^legzYE(Ys}|r|$wa#={S!|}!;Q3G(Jz>Z7L0x&WwO+Y z^Z=5HA~X@A*IKH}h;WA(af zq9d0*Fk!o|@>+z0uY?I^GpRjL{X>K$*P%lqBpA54IVqu<=fXVhL%d&RqRJ3%vAtF` zTstnNQEk!+1q@j4BX~wAWyCdT9_%MTj&?Sysa>GyHmo9QxgJl(dnPN@p6n_O{A=VI z_uS)y`p{u57v;{7*Ar1n7cTmQ)!1w3%m|1U z{XR{4I}8(v{ADa%rF~tT>r|9hA zL@E_nNO0z;a?QrrStb=6aZU1_psYx@Zz@jn(CKNrGZsv?&8iQ(P-jI-k3yv(D(gNZ zcB;8#^~F^H@*GHcv5f$8WHDSsMGN)@eLP`sXeKzzEW^HNxHdC9VOVOQYE(=^G4Y-L zzYh0Oo9q{=pq0G-c1_qix0dbCSQqH?jp}0Xtl)`$o@Kd1ex3zHbK5|hvIKA3XDaaK zgq0}P4P>7BgG6m8(9!}4uMFQUSd|@Z%5@N#DyO#dt1(YsiLsKTow5|2weYUWl-PTO z)Xn`BpJkco8h85FP?mr;Zn-aB^0KI8b#wtW);m##pg$*(r^;1rp0t9j4)Bt?kY?rTkUNxWr|;5YZ#vK>;}ZO!R; z7qabYRg^x=W7Y~_b6s(|n)iQm3*#Hrx4}vUsFVKgd=mh&lNVVfF?dy@pH~A-I~@}F z7N4zttf!oJnmlHk(c6Ls5|Jd6b^ff}Rp^CQMGTNy%<^e{E!nLm)Pij5=KeOEwqsQ< zsi`udY}SO`SQL8Xk^yNgcgFvF3kgl2e3rxRxko4(ri)C17Sv|q4F}3xJJuTFr-MJKBWJu*@=QE{-b^ zY9)=5@mP;&JCy=>#c2^Ml7A$YBsc2y<%9^({4a|wH&y^2hJ^W;d*QHJQUqHOz&(k? zQbiBup4;>iDq4MrT(Q0Z8>gE+y2`S+OD-JN+CbhkEutZtRa!ioB8Yhbx=B?>(LN!f zGBZ4a&LRFTWYr(aAQ3g&7I|2DE>?Lig`3xI7iQs7p4$SjRjX%Or2qtI8<~`c&RLe4 z+gEypA}|W^d-sSb6y8c{mcnx4{>DMmf;f?9WTfb&fCoW(D5xT(BPVb(A!OYW=AyiM zWJNl4<-xzpS0hO@Rq!5`<*uT&pO>@k)tGf*6(opFiQ{n0G61cTR1sDf;v+y6v-En% zhtIy>3{h**8aZ@BpXM1k`Ieag5o(}Kl6n=@hLKr|1Sd@7-L?>;kCuhQ+ z1kPDiP#`wlC2C8ODu$b%F~&J@aiYJ8Ow8k+6!Xb>DFx?s+3^)rMV~&4Mdi3JNTHUJ zjJ%RX33gDcGGz31%ka_P6cAnhV$Cm{&@6x#SX{i806_=c4X+Ctnz>IVyc+-6`kp;j z0LHq@53@|=tazR^@~7<9=zrR(9c{|k=7mtB$S~A+2V++@(YOpLELd$!I|wT5((4%& z;iv?ldK+A7ON%3rz=Pb7k;JSHvCKQ5p} zJ%CQwv$PuDfTu3{o1sVGWElVC?W=08X#zhtauKNjQXGX`)o+(&0OYjtDY;RdmI0So+13oqRlTl21E0$18HH(Dl8Q`cFcc^fya9Mao@i8F2LESi?FzzRk+!EU1<2PfkP@#k)EE zax|@o4O2}k#Aq~u~N)7wA3hTjP*AAY81;RRR=_#+JqS8J34(Tgj^PE z=&9ijpbsuPn)2!`{GBo&{$GxY>kd0a;MX`#{k5pOlRw5dRvXRW9=`K<-Q*oI-+REa^tZv6F9}EMW3ix45`>bS`M5} zd`QgWU_N#P(PnZWes_b>Fn*Fx%UE1?oO}P(?q8$4@qIAK?q?*RrBtKn_@n@G8!u{M zT??4Vc3igQg4#_}&FF1)+P39D$Vy&vgjJT>AB6N1P4oWXlb45_uZdZ5OeaRh0W5nkH|QLZ>V>XN zq#v2b6}@KOomAzNsiJlw%sd(dMykf}a#g)NUkSZ%iTzZ7t}5aN90q^ghC(}W8$<*8E02`Csk*gZM?DwG)+u8V=iq50=1yrXoB;@ zbb{9K1noj|z%!O?Y2Ls!rMl4mG868e7MT0os-wa?b2`tkI2=q?0{1dhr1r1*7rzL_ zLi3B<^*T)#LqU}Olvm;}i_vC3Z|cmdaBxz( zN!X%#ZOm?U)1|=yZ)JAMrJ7w#akOCF79$6RtXx zlDpLvsekJr*e@{pNBP%ZT{o3}LkCogrruR1LH+Y?J94zLeq#yPy*Y&fkOD5gZnU$s zTF?bP)})e#Ff}TrQ!34XUB$Q?5$2v9G{5L<+SY{mCGD;pwLl8Q5adPX)Us%(&U*4H z86N8)2?PHd{E`qKDCBMktY0R=D>AGWYCjnKp^;%3mun5W3$^A8v@)ounuPN}51Tyj zdcTzpe@Pts&uTn0;Ej#>D8U}+QGKW}iyn9dgx&CJeceA>-kb?vLGr^q%p+?LU8*!# z<0Fdx|AD^r*S`A81~hl#KS8`F2NdV|d2m#Q|426bwjJ`=1_-N3zT6cUiCsZh%%~;h z{o;%jGO`%Y+ac|dc=Cj-qb8>xEhnJ=gHHd;NU@?YG*q7jXv|hhP%&D|h<;lv)s?6S zmAHXcqXR>kd{+0L%gFzM0e)|&GVxuElTc`Q+kKRordC>AN)>#HICu9R{NzC`qmc%S zPg3`SFq^^i=j7yR24=2K9BgFJyvs{~)#fH-wUR2@yj3m38f0LziTFT%Dnrd&g*VWm zl4w5jFVQqA;EUS3)uTc@jg>cP+mKJxQy1XDp2rrgv_l|K$;p-?1&F~0tH?XeZxXA{ zP>3}E*UZ}NL4VyT8tYeza*!)c{)Cw?w0cnjfyD&7tPVAWaQ+=%k0&K2^|}(p<2C=< zNP9X4ViM(6L-rAu3RPrh)5>?W9zVEjb(i#aUXKsEUYJ2F*?Z$fKlv5fok)f-amf?L3 z^y1YoKApBK{HxGYS>X7sX>RT#(HN`9rF-nxyIsu@$5hTziQ#x~th$T-K0b=}HnA{b z+|o$4AbRLqs1il@iAL~nt+50nAcNZYE4xU@{v@l?5S(8{wc5UKuq zb|)I~`n_TOs%M!t>t9eh4hN;9DI6M1fM#GJ;|1ax-|S#!I#FmUXEl0Z)4zcoLh%&I zGNGe>YSZCmD6E=?2N%grjws45)rHhIlu7=d94#;Poy2h)eP}*?NAni1{D>md$*dYr z+G0Wm9Ez6tlH!YW5WiGUp5)Qb6xSJt8ke_7LvqX(IR`;AY62q#mVj}gG$6UoJ~EMr z*&24zeXRd)MvDFa)pqSaOw(=}#fm)!v z8LeN6pwmPmqHz{nEKG4A{X)NJ1%y&%0fHiwkn*J)Fx2`_cdjCrI`zesYOd;J|xs>^GPm+L)%j z_O@S4?{ox(*jg2H=xE_hux78eZ7|J?2z9wPI3Gh2xf>Vn);`pi9QmO#(RBE6PaorA?vO_l@jp00H-i_E#t{Uy4SNUvVQY=8VRFO5$3#MY8#7Py^exgC3==Ja-TXd zUI*XTcPxVGk}mJU#fz)2cz`cKt!Lru@R8cMJ)aB|8Kp3xNT=#Uv!TU|()UU2>kW{r z8>MyzRLN|!A064AEU4BTx@I;OO!RMl_JkQsK12|`F;GUv^gy+C$@@oP_dvKRJfbh5 z^GhK2tQk1_RbooopDvv~G4&nynqYRz0#XprXX#{YW-d?Tu)@XSE=jlK<=ZF^q*4q+ zVx0cS`>7__;|?OAZp6J6WJimR!3Yo|dvuwH6tKB`d@eHwDW`-1xvx#TtK|3S(nNi+;I>dyqk>JKPZEh>c?QHqATh z-ZHGsrqdcdJ7!U$@JABi69S8BN)*LRQ@(O*4vNj%-v>_{sMx$z_8;@UOl?WvZS`>oUO1+Erny>D-x2-J3 P0%_leMV{e?q+I?7zM`N~ literal 102026 zcmd42g;!MF*Ep`CqJ*eONea>pGSt9`lt_b=bmt5WLn{bKOM{ejHw+EZFbGI9LkUCo z5CaS`Uq0{qjpuoP|G@9Ab=SIgpR;@4bN1S2-!L^5d18W>1b6P-Ay#-VqjBfXy~W#` z#FKg&vJ^4K_L%au4MFS! zS+4!nNLi)2LHv|&vfl{oJe$(PzQ>?kUSaWe9qOKfU!3xO1CS?~Wd}1n>Re*De~)oF zy-ix<0X4qI2Ex-CWcAP~HM}Bu{tldMVt}U~u|5qrezP1*!t~8dN!{L?D_$@EJKeN@ z(60s~X8#!#?2g~oPiJSrDi^>rpu((t?1Ft*c z*IsP}Ww;b0|h(XI_=IKAXM!35p3yZ$^ZpBKwQP35{&;f zL+tkXKVV))hX0!4W-r00tE|Q#?dW33AjI>AhmTQ`fPsMl=we|drXeHuztL~sBp7Yn z+?>RCc|AQnc{~Mq99^t=`9(!VdHDo*1q8TnXK=fELEKEC+z?l$|0eQ(=*U>Qn!DIK zx!F2G82&@o)XdS{O@fi}KaBqG_1|(@LT&#aCy49+R_j(l-v5m7^7HWV{$JX+sKEa~ z#nfz}mJYfywqQ$$>n#sSVZk@R|C;~*8To%4|ADFZ|1gDw{)PFEk^hYey9}j2a~Pi! z^L%?LZJ>TE6BP#(dT#zkE{a7C_56lchCio|`GfCgFSGk^o-=bWhBsFJWT+Vs=&B;_ z=DQ>k#2vdYITqOLXFPbwtb3ZfkuIj6fh}onZgyNE{2L+vi|OyP!$;8jz@=eaS8*N9s7gYRT zCN`$H=i^h`(t`G!IoRnUzC7xy&TbN#lq5LH#LA;Cn*S-m-I%xEeq}Vd$%G+)z2Y8S=wQ3qUa=T(E*Tm-R!V4PTGi_?ZJb3Ua#~X z3H(csOQw4*E!E{Q#)bg*EyGr7vmNXnKTa9Kwlm>j2=FPP_*~yxtjrpqD)H|i`-}wC z*KZl@Zr99dO3amThNP+HqL+FKY9ztaR<$i+f#jpYnPohmJ^KqQQj8A%DeGU*<1Y({ z*1qE~R#)dD<&GAy-pXNPK$Kj^KCy)#Qqf{UO;jozE3Iv+*JUGXlB1on=1inK$QE&U=W@rBO^prN^b>;x+#q(CA+r0)r8q)3PZ1P{8 zzWMexCyM9tQ<{qIq!nu0z^J{xeoW1$S80{iFZWNS`LV7Jb^R7<%Pzim;#rZ5%NNQi z`JI~5sQqYFFuHZ*U$oi-f9*RcjwpC%5nX12NI-5PZ6;qh&l=;~a_ zV4+7yi~6mcpN%jc`g(JTSjkx6%iMMkb&&Ddzg2sswlr+b*dpU{+CSCOdXk4;jSHKe zS*%xlF;^c(u{3o6=nxhTaqm^hi-G65duR)&-+fx%0#i4VM6ZsCj5Y7*Q+KrZ*Y}=? z{maunq+b>mpmNvSC8Z=48AJUOnk>}nh$gYY6+};Me47m;Xv;HVe>loCXO=it9;`*7 zRY*FO>w;{lk!f8CZ}zAk%sc)cR*Zbx8f6Pi<#TcmJ1;7?mp9DuW^7vNJx=7=)=xIT zF65vA2`yx7D+z26zcqF7DcLE5R_~8;`hzltsb;d473KD*qtj~VJ&FGjAGBX&(zF_k zE24&m`Vzw^5{cO@)xG|Uw(MyOXR>k7*5a(lG`V0V4~ODM&owkuM~>lRjK-JOP4=9I zz*KwQ7O241zayp!#Q4+^k2+Cyr>8TqskJoT;Ny8Q&o;KPwbXNMOr)g0wzzVnzLa8V zmbxFg(mNq*2{CLf5?h@fl;5d~S9%j0>5>HXQ1>#Syg*@PKTb_yXFpQ=^!+OmgulIY zL%rlpY<4j4V>EKkr^q+(P58jtw4KK>9;UH>gx(IbNT`*$mfnI~fp?WnTcIsX@iA;I z!5OAP$BLpjSu2~__6%>S zbJdW#TYiz+jVVoTZ5KcYe*>)d@vD~=wYIy@@W4y=HPH9pw%PzwOCt(BEmw1yw|V^- zn@%#l|G9CTt4c8}$|W?h#>uKu@6pUl?eM&!J-Q=UY4DvZ&(y;(x7U*AMP`29-+QT61B|w$eMHxq4-b zE#AQS`QW@R&jFS*YCAirbRH#Nw@5uYxpZU}ZZ z$nZ6Mxn{|`4dYC;0gEA^+y7iqOpM?Cgb`c$xz|K!oK7T06siD=p@UkU?r4h|R!iqS zEs_`2pzvyOftf;;_G&-~dPT;veyZ5@RNcrOA-l6}^HH_QV#QEjXT2{Wsk3p7mw)0xP+VknM~v7MCj9@L9rjVO$HE_R!>Xxc~RxIa#<8Wc**y8**eo}ebBJQgEliY7135wLZG0az+m}o)Z4|y zr5>o(cQYU-Fs=7O(PdD^wm-L~M&KLwHdfY4I0@+vF4DQI02>0$s|IGuBa)5w6e@rQ zOGt~bmG>&}Svz@`sRfT>b7xB)dOK2_)^9cpgy;x(bv~0$^3s@*b1^1BWHd*lu~zjs zJi!C_=1e9(*Eqq`d@R{}Cd9k`06E<&_%OnEp&7b0mAMM*be$~cuy;c zPwkfK%Ok9b$S<1R(c`5OgNdO#`e|J1G=mCMEk#8(?j9bPoly|(YRGfmx&IxhBP@v8 znVh987v>Gj;3QRruk?MCQ0uw*`gZDl&M8zGWgB=3?}MqCpu|1X~jKuCtoSk5fpE9aY~w`gMNI?`IIL_<)x9Im-n$j zs>v-}c^g)Im@p)_*WwY*Oa(@fZKvWF>#uIWdxoZ?6f#|AR0R-&qxI@aV@1*KYpfYI zt>_@|Y*nN85yWR)lSTZZsfOYEF>8tWLQDX0NMLx%(K##%beWZu6cQL1 z7*n8>>T;0bxp)yB219oCejrRb$4*+>?~7l|XnVS=OBzYUMjnX`jfmHZ4SVu`+cx>A5gS;pEjpZL%3Op7>x*}o{GTkGs&FG~THq~3oJ!Pp_vI2h*FDmP2=yL>DZ1vUkL`|r;qahgrgH%DS`UzRoI!&>C z$FWM)l+v)sT#P{pz?Rbo4M}Gk6`RvE5RP_WH|HW>e{!<&ilUmUbDH>I*b>SdyYAChmA+Iu zV)Yx_RH1<1Uxc+FJazFZ7sZB1{>;^yd?PWP0zfhA0XafpB&8y<6?*_Tq(ZUlBzuAf zN{Kak$#_Basy>+D-Zi{0*Xm0O|FLiI>^Yjm`q2j2Mu_-9QFgkl%gWja^A`KWd=9uZ z2Vg*d^rP}5S!J)uyDyK}^>8ELTQDDKNYB8Uo^^Ic5eRpEQF-xHiQuyPI8q?Pvm(89 zHOlWsf4<)D64UnUhpugC3;#Of%Jg7q=KBrg0IYqoOQ)Z8lyRww{3eRk_0;)dvT=NY zbib9Uy4tm?5!hQ20srVezPbL%zhZuE3q@B~D2ZTEYZxCNHxaOXXM1-hCs(W(s?4GM zVOlSTFqPaNZadU$&lG^=VDW-=6Nb1H6%{?Qm{cziySC;0AQ5q;kVp-NvaxQbMC>Z) zS^H}A{xm?dYtr0)Ciz@K?i=jVscuKs8GEJRX}wKO$)~gQ(^GVQA6a=;*mcCO-hU7? z)iE+MS|Hz>&!I_3L&h1*ma1?V?QyW|aQ#*U?yM$~g7rMXtGxPCh-mEF)V?$i3xbTi^|!Jm}_fh;wEYKeRqG5zU%@W6vEZ6E zyGybGy39te(;VKy&|Oj}rS1MKwy(kGPf3Vo`I#SVhZL1swUy8jn4;IM$ z*8I!W{GG(kWEhDs7faO&@_TZnTN!Iy3t&|*2bS$7d?WB@KLP5mp1Pgm5b9e;mpIgy zU-zoQT;tDu=`yRFOFMsMaRo2BcwG|)flBAWxKv6A7t zQ!oM?~}E1OJ*k5y=6OTE^uCc-|g+VPD!vy8m>?$cB2*mR_!`_YG$N zl;Q;GTtBJ@6zS0Aam6_cZcYyh%Do}C6q|)n>$d{Z!=*|@PPFC{hC;p98H{HZPgyI| zw|0=~Bj+_?Ffz7u(Bu%vNJTwhN?|IbtEt)`btO)~n0$>}eC?;0xh$%BzfVJA?7WbL zjKQ`4orN~{yV{yjV*N`ouOaeZPg?H&u6&Ee-kqKH79r55rR-TK?4u7p-$hy4jBW6_ zIi`kR)hkvx_z2Pfeu|4Ih6NqI@aPIk2=*SlC-ooB#JAO|w(cfkV~$G^ly?)e*Hkl6~6!?mOyf z&{G+K-Y`Y`k=DlTuU$pPV0WEDVtzbDm6vPG@xVp7H2&9~d$~a2Mc1aEMVl)HU)FzB zV%?rCV*5c=>)mH#ezq4P5W|z4&#C8kT$gN*-0DDVHn1Bqc?(_Ks=2Bv|ou zG&vv~Q90bx#S4;ap)3DWY%gA0+S6R0R%Hp6e0cgYazaG}|JsM1=3F4ej6>d2-O>Qg z>^c`u?+%nYNziLluL%BhQA|9gpl34#jg;a5AruP$Yp8Yd`{CEGV86qHt8F%>5p=wGC{)5eX(1beYP z1nb&J8}YB@Qd;h`|B@PX%u#5NeajzkQphE8cj$xX&!QRv<+MD;Ad=>Cd&}Sj_2%oR zt5&puT`YUw6VhMyXw#n)s#QvyvvTd@%&&IyGS^?M)AR9XdcDD(Q}Fhw2Kb7rG^3o; zmpZ7DhFkA-_-xB4Vf!Bp)ZCOF{0_P{zQlf1@;>H#Bb1r%+HtV58rz?vDJPQI#dDjP zHVT-2fai{&D+hWb;^})MlO=lq)Dd|}eoi;40U_$r&3%0xPb*cM>5pNrUtKBPwHeQ$ zZ9b#_Y92}~6{>5bB#V-R!}PWVZxplIi5h?sU3^VXJ;b$W<=eO8S2$o*x#`!F^NI9p zo##4by=}Rbz4z+g;k3Pq#LQ{>G7!8rtnUS;t)%-q7|)olPH#4<`0e@pJ%(+Iyyi{s z9#fdDw2kJ}?SwUAYe>IuMaq8HBw{-K;#HKjsy9i3nB4RJQ?|^U`A5(3NYGIgl#1dM52u${%%*kp8qc@0R=xw4 zS>1ugMt;8c)(bNNsRP{J{OFtJTkE>YL3K7iiHgNmiEniHP950zz=MxI^)H=3+NGG2 zI)(&|a;8m!}SdMH8C_u8J9cvd!$)D3KvC;=ii9zN$ z{QdQXDbfa|%s@&T)pnr`EKnCb7e7`vY!$PtPs&)LE}E)ag#Spjaa}}*_iM5=L6gS~ z)9jOzl^ZV~nZK@4TrPd|!$j&SwGG*mbC`14;d-6zEOt=75#56tLnXxjS?yWAJD*=U z(p{3g@wd~<@h>fPxK;V5T;=}gDONgGVpeN!Z|}E*8*7j%0x)RW1o4g02j_Jp0M zefv#1VAIX*_si#-Gix1D8ABRh2w2!rI=EPb*^3z@RuVj9lZ~f4J{^L9^ zL9>9E=b}bnE~VFOOJ>=O(Rf|Shy2Jc!utrwW^KyV&fxRRhOe`(J?%w7beiQ*S zA=P@Dqg~#n`E5s=na!S3-hl0{HTtq9pd7VGLcgN7iWf zF{XI>_+Wh{d#;_{VezZw_q^lK_V8CmDHB|OhX5vvb$SC;^D$d+YAX8<8{$l_3&r&7 zIkZRxC*Ngz+F{INVFvrI7et`XuJ!jW6eau2XhH<>J>~Uow@cx#gwi^;626TDu}Dp(;(3a9j_VDo9e4g%^GKBBmLG{My@{m!i;YRr|=>=9GNRF z*i#Zmqcs<*+wdXQYOh74$}nm3d?Ey&@Ul3ky1b<1m%OHb5NLGpZglG%RKS(t3%?tV zeds3p{K<4nlv>ksPOKnkje~<`LCgy|&boL$ z5n8P`P}>NO)gd|}rVY4|o72&slLq2^T{>8>N9lpueg)ku1nd5lC-x31xvk^OXjW?@pGf>+nk-`DH+$sHX|+xdaT z(mseW9Uyq&-Q}UhBNRIic)Po$+9Rz}@5?s*JB690+=ASbunkqclb_tj@oi89yQhXu zp;SDV9%}_TfySW7-y!nWFJOBAZ-hQ)G7WSKpVx-ekNz;Rd7VFNIrtR4FVTYETu$%% zdCifh$jD%;^g#q+AV6nG(w{bQXt686uR~ajM&Q??=>-9^v2H6bo!k_xev{A1p`$)|YUXT94;WGTslLL$>im3==Y@%VQmzv#vt zKVCFGv8u8e8#T;(#6n0RK;CD)?+^nU^Jsdj!K07Rlv|t{3jsH!Xp9C4(4D-JJSrsd z!iFWsAmd`p)JD4ug54RaKoAwUw13G&)-`M5@4XJB=k-9#?00K@t~kL0@f*m^cF>`E z%S-%T)44h=rFy9*qy^Emo(xrtOT8*+8>%K}OvmBS(0kXgnz2DhdybV^)ZVxo);e0n z)Wohak(R3`c-g}uO5G${$>4LL$Tn>JC67h9DyJ1(wPj^c-Kg8~I zG@S~cPn@Kl9|UQ9uUW?{MINkk1;FGp{TNi?j9xAu9R79QGoo9;UVVM9Ef zajnDeX`QI7uF%gJnzFs5x1%3>MMbTqYxa0=ph;#3ks2y(W;Mjvq9QPoqX2oX zN)v#oSIv@~ZS@j7IzGljws;=g!N>IPQG@l^W=ypLyMr?l@Xy@JS_De9=bFUemaInJ z>hOhkP2od|+7#fbm==#IGGMHvdTyM2@roLqM3L)WuRVjss93~9IpFDd*hVsEkizI- z#h@y_@;P@FPfxb;#26y;U19)?(w4jCJB{x&Bm%1N7~Zgv>uUMn$>96`byZ2JsZ?t% z)#tsdvL9J(_mQf6MfRF?cA3#fWSD)2h@|(n;|a<+Ic4|7VUC1ub$Zq7=Evfkf3`@D zEg@phk}U&5Jg#fLBWfO#SL#QuE9>Vdh~WfP7z)c?T*%Iim03PSo{e@LRg$At;S+cP z+d_j>F|zUcs_#Y6!O|us0k^49b>^653jGBRE@mh)U#s`$06 z?FeS7U{|*=YCET{Fg@5=7p~JD#M4A?=A)qR@X7t*586YTPkCk1AGA^pY2fNc)x^bC zKOiI!ux{0Pt=kL7O9HCy5m_yV3N}_)e7b`!Ga_DN?&x7-QhATD|23tUffG60*q6w4 z`cv*+OkaJ+4gbTsy6REm=tBAn!gVfAqN6R>k*LPyRU)8&_uj0@HFUkgcsVr?&$$ik zfVFn$`Tdxb-v?3fi+mxvk2k>M@k1D4a`~Mh+SVcjsc(=t;>hX=Foo&Z92Zoby-4IT zmN<;7w}ZT>{uw^!WVdyTs(!% z9ld_QgI#^gm--7= zCMcCQeI!|Kuoi^2es$D20^JPU#m@W#9#@O#Z3HM&u7@qL*4Xcs-xl6IQF)5%S~#`Q|+S0B3#vpPNm-|RL|sMkT5 z;CK!Vxe80QPHUzUhlhbW)kis?YtL_z+zG9*) z9ZG6G6(rPm$Y>d>B4WpNqd6V0)+XHFp;fAVSNkd#^Nn+@B-Gx-hP>@2Ey2V!PuwL3zusIYw3ra%k~b^2^*HsM9a6m4xz7K|v0h8Cn{V1^NvPO?9(IjYPt5 zKFRt+%i9K)cbH;*!hRL!0Md}tSL8eEB=pl(Ic z8!dq}JHFh(3&8R}$$H7Jy51{BvOe@6S)koV9xly#XD%rwE!m<@E0%YsBHg{7`2!US zZPLO8p@XaXS^FeZf49!&C0q;7_NcGUS6TX5kcCuwbJG*Vzo`m3vI_+d#sJ;zVyaP5 zpgmp6WargNKuQ+2NVg_8tF$m3P@@xIQ3%j2EbohNb^1wSUe)fQ$^R*d{8g>(a}D@q z4zyb}cE;`{(zCA6?;$@3JHo5<&J+@m0Nx5Kc|Lc&JNu0`O`EZ}d@AFnc9;QYf})LP z=7`@-Km=0YFv2ImV~)s{x_dE8XdU3iHs94vq@=EpC&79J<+nNdw&xiQm7VY_rMcb0 zmB><_&J9nAFYVSin%sx5ccnyWrOf&7_guyLjD3iZFMPv63nzC9+R%pcE}tAfCLs!X z4(o{m{So~?dHdZsm6-dMShq~coglYV;FuGjgngz6lp zsm@=2p99$WgkIy;D9Q3rj{V`K;H62wPUZ59r>cD6Gf?+61+nZ{&cJgEZ5t*pnvHJ}#kVaEumnM9n%Bc+c z2V$=x7F`dp#${z>ktMPX_&*R{5X7UEkL>lMcp^J!jjNfb`xPE&{4%pm{n-$4hDzTs zsa&@GIDpGo^XqH<D$FmUHe%ne0Ej0j0bv-4B$Pgy0qEbmZRA$me7%WB za2NHPQzfF~dsli#qv-P?MTE$n4$66?lL~q;c!{3zfxJT~d!l+E%IaEr;oS6~pblT) zQ&4T;Ra;9a)M?Sh|6!<9d^+$^vf(uT8S-+T-q)W;jCi1HT-aFVC>s|w5!xC$YK2@M z*exx~vh@Q;Uu{#?)tq%4-0THGkD|<-F7>X}^)iD7XReAx->>wZad7S?cI_{9Iu8n>59AMe zE<>|I6i4X3Eba+%9XMq?9>LF~)P_RVlTP}0D%6;;`SuL%I^cR~4uxx3x_+|I;z?q}c`;;s^Zd8r2tp-8 zEIR;q)49Xiu;lM^T0fT&+S%lIJVBuPWbe2U@srPBH>&y_)ehH6choz!TouW@y5)y~ zlibS%X4ZZ{aqR7>IC^_n7}KXuTq<4G(z+cN%ObXdu;bfgGJ2C4$zPHMt<4FOFHzPG z*%SGcFC<(0+sbDAH(*{F9BNNrIR_an_#C`3HFQ3mWGCkZb^aST@IZ;s%&D{C+@NPX z?e(1aLh5_)!aZ9|1y_~_Yku&7zjorB6<2rkD#x2aPFZir`Lh?U=B7rUB8Aum1$J|< z$cM*T^#to|kT0m%l>>u3@)I$!UO(27KLsc0tqnMusZN?xxNwh$_j}jbROhEdtCZ`9 z+Q*Us+lAy{gr+<-Jhdgf%93l_&GeNe-F`@-J901t7;&^An<~~@Xdqc<4mr8aPo;cd zd+RK>XPWP)=q|HqD3gJHQ}XTo+^sL<8`VbMi5~wqLN+*gmo7cZDLc+vy#=tGBZJ!xosDxG)~|B2p2!` zuvKBaQSu-vo5~i4ZWy_QbCm>t!05^&LP%@rZaf=#fz6ajciQu`{+_oe)%Wr7gy?`X z)klX4D*KT^V#3nZh_Wk-_N|b=!sapZ6Z7{hh}-XYrk_56qzO^jtL#P91UufxF5UQw z2mrv+5lp;2d)Dm{bGTE2c5LUU^Pg!!k=d4G(W-cO$=n~v?u9}Yy=JB{-m z^oN!2$u+al1W2Ogw1#~;O+g>Nr&$Z*2KT<3`RTW@IixjNLb!=sTCU4Ho#$LDO-=_T z)Ssr0+Xt591BE7F^T$IiwYiv55_4jaSYhxkqlNY&NVEKutA^|8NM=j)jB z-}J}IBSYNec$zWwIw!k^msi7C%fZPV?}lO<{&vJ{f1M8`paEfC`idNUYOOxxoP(ZK z^CUgoTfCah5Me97(;GaeZsF;ZzLQ>>-c5!vc_oT~JoTZCGF8C!bSxPK$6h1NZ+3zy z(P`bWiNk1unaEX^HvaV*so8cfQkeB=SErr=bZJ_lkJI4h)nbFMYBN?n#X`Dr?~ZDJ!A6pdjQfypm5QKdl77> zgKDlzw~cqwDm8&ZdfOmVfE+%k*-yw!g6`|%uE=Z+_to?C+B!?w-|9M^#h z@-UAEnbg=Y3@Gw!BL_xKRe3l#N{n6yn!qSs?=C01zSlniKJ`ii+|k3xzP^+tt+OMX z>;0ri9zy>ZvS3%LM0ez%8H;F=J}n3%Ob~aj*A;S{!_(gzGHVk^V`8p-5V!YMEI{Yi zyCl8Vm5-Otbw!W<+#jCvD3-LXS6I0})fX9GC!Gc(^^i^xN*wOs>o>d%n1D>lSTvc2U~RMHSwZg0c3_d9)+{=5LO_dWzxMn2Zh$a#=onMfob;rY0I9cIfbM6e2alrN;{d{!3! zlzsV~ba(38o4mfhBjW=-qKb@I*w>}EuX3$6%S^0N4UY3Mou33{8zWg-oerX)f7gvy0@EP9 zm>2+4(+vA;ELfN>$wy;Q>_t9;RY^e>BPRWkOS@QKVfBJkqjWL*=pig89f@wm-u2DRwtn}#- zGm6~bDw|XEb1bbhXKM8jL6{y$!{JF%Uc+N#g&JhAKUZP@lP+%{EW*sSx4k)PHL7w& z&nG^Af~w)K_%O^wT5@z4tlQL67B7s-T)N>&q1MuZDX4CntM(5mIc}u(Zcer^!OHaL zefAiE!a>fn$7U>ShP;K3Qr*^HOY-Eq$R-YxtT6g zvdS-BY{{~J{QZaVBssFWXGVv&MT|Y({=Isr{c-Vdh}f1am7*`O%_8r&j%cY$z@P$i zGFPM4MsP~#!{qoFcb@OV_%xC37@6iGu+K-B#2t*@<3FX9*Y_G}7aS($_U}x%S9wbB zxhLGk3knWvH>eAYXy(>V=ZhR3Z|#2Tz*hcN;fK(|Z==(JDrMhVKxgdaB;YsZep++- z3N1#qAqbDY&zz{w+>}d24c=V8XHOw~Nusiwc9e=~S15J!f3d_P^66!kt#PD%O}80@ zLw3dkgRbp0d!?lk*&TFkMZIqoB`_5frT1GqjdLwu%v`X-o?0SovzyTv8NZP&vg$sj z#kE$EZX<1MIPjI!TyvzIjpAr>LfhlS+B75d=+Ais2ZhEuBRvGBH}5;E(`V)b-0bci zW^$?lLFnpCvq}23+Z|Lr5~}%O9`gC@4Qy>bGXMtH~-vGCE(tWV&mib_*t_<9S&VMoZxU; zlVo{sx7&GUsSrgU1B%Xat7BcpY^nSyK>W$%wZU(ieg2E2(4z;-3$z@H5*-#Uzj)56 zoxEHWA5C)Qy7yq=M&4cK=m&3A=Q{CT7`REISgG1rMWKGiA!-*VV@wwWqVd4HYsbFtuLqvq%*{C61AA$Z@E3J zpp>9Yv%-O{oToRck3ocZPqLSuHC`4M@(ufsZEY3etokd*#F-*VSG5hkY1k)&1*{t! zd(siEC@`Izo}zqMlwZFGcS(OyjSF78uK9sIJ(41oyq_!9z~IXs48sq(ItE4Rs~ddY zU!t|G1~t%ZX^^{?aQF$yKw2nb#+V;V!Y<9DXV$HS{$`H)Q~ zx_4Q68pUwgn|CK&Ing00w`fcwcOL}wE0)GPPZ?+a%JR3Ei5B8DZN4tc_kkR|xd{;@ zM7x8(g60a_`T|`B-!Gtb0;pod=)`bj(gITomZbn)oy%=~rx8(D=ehn!q$;i7B#+M3GtL66>IZQ|4G)lQ&g)8AA0|a>Uj4^Ezz~O!r|Wv>KKK<6 z&8+%?mYuNL6D)MoYKxLCmIHtdkWXFZareU3HVUA# ztu{L9w=DGNsSytcb#ySF!)Dkl<048PZ>^{!AAQ_5G;)5!P@`ptDT#PU8bbOlROPJ- z9bHB!k(7E29keiyXbwsLd3<`Ws=NK^VD2OUHTPumv!{a;dz~`0zcVN(UYqa>3j^u$ zyTRFvCqRN=b_w(szh%~?#aG<*G4Y&x8zs<$PnQXPRStqM*3-9_5c&I}{LwDv4t?W2 z`*WvHEwV|cXEg`m8ZB%HD~5cy5r1`%Z{lE)y*lDC{;3F1H!lUBklmc0g;iYjspRrc z13-fMC`NBUla(HeHjy-_s)K6EQ4iLoB+gQ3kY#z3_j#bIJIYF9!j(bD8WjnzsYG6P z;B55nyslIbMjq8E=BmZjXL<>2eEMDBiSunQ!Uxbcnf%4~Ba>KOFXULV>?|AkUNGsY zU8n$TSR{d87%4!$2DIrGsdK(mqFoz*EUrPvl^5BYQa5q#s0#T)j)7}#lySI0997wO zhkEodF9!l;hYn+Ab`!refTT^0c$ym&8kX8CI%WLSS|ar=4@y}O^92=MMqKN>-(Dlq zt>-3L^Yb36dJGLI97?FV}O5Zb`}(r_4hNU?Z9(gyW^~G}w(>o35tAz+Tm7 zsVAY>HSqYS$4k)Gr`q4-%(grBOy|9 z|8g_)Q#9Ta@u?Gi^z3ASshHLFSK;UKHMn%(Ri;1N4UGd48qi1TW_^)AN$8kKUg zO;B6;t}vUaOck?ul@ZXLM$g;FO5Yxoj1$5~U|u~nrWbGuDulnZ))8?Qz`|batl6Oc-U7bhLZ)-`{Vm95)3IBy_g|0RY>&TkP{_NZ5guUzO z%M_MDyqw50vm*hL-a)_!kYrS(BJ{dJ;bcu&TQvLw$L=~)I@1uyo1}7%#>-5R05(gL zZMb$fbVcOYCt#a2rNfODHpdB6q~MWJQ9rqAXdon!AOuz6zHJS6fIcS^bufxshab=U zT~jz)UWj`^b7oE*y5drHxoLU1Qo0ZcsaCZ)npx>Bw91}EisU&K8jj%NP7nTOQ?&Pd zCOqhQ)oUN?(X~dIni!bRtJIy-dg%K)Y4>u*?}pTxj?4cVhbhPT*k6gpxJNBZc1y4o zX4)%&H$a6J=}gTHgawe_(ZEx&&4VNLHn*I~QnkM4s;pinRjdJ+RV`BH+3y%bdNdDn zWsq}kJb@B%xCLY(aZngKCFA*t2p*gnH2Us`Y2{ZpN%U(6?@Q%YGZ6Fa)DH=U-u5f& zXMnP~&%0zpYIgMI9+KXax;WEXicWccTM#+neaaCkJ6hv=akpDt?JoD_*of($K>+9)6FlexS(d$nsZi=01_^?IMi3FO_W zKhnmay{f8|sZAAU0k-5!1N|kbfSclK(YI7tE-p+XGrWK~)ferD@BY$ViLS?`{aMI- z4N*M^JnopGB^kcJ-_J}AKCZYC4axMBG-|gOV_Cw9ddi7_p`hRX*Irka+T<0YO;kUs zX%&NA-yn>LmqRKT0UHa|X3~kp%3vDB!%9{;Hl`cd*RyT2`WbA<5I$v?$;w3tvt`*LO1K=QFzBrx#8oLryh!AwO zmblqTZ9YWOi>$jLvEC=w2Jx!ZgdnL3(d3j{Zf5V3sy}Di|>3U16Dph%xwtN($ z(k>BeTx&)3L}Y8Gk?w3cb0f2dDUssu_(Z6AS7kh(e;3i!>7s7oA6g3InT6@6Y34MV zY4YhCFI_WAr%;ZnI~S`N$3NlzL)9g|)ZWH?Pe2?vdf>%bD8KM@xh78=aiM!XZr46- z;U+Hx_0eiW$XHQbY1nK0d5agSkQiXA)?80yeY2%agh&X)6KF8s@qqkJdzGKz_fkDE zoN4r$x7F>8NXd^covAQu7L>w7()Q=MPS!jL#q|Zt-+=wDdE1!2qpffB#xpbPO2gPu zzz~4Ne9{j!c9i`%g&)P=sxI+b!fDL0vhOkNhiZ?AwjBc))xn6NiG2OtkeCbNXnQS( zrHn_TgNIkVUFodGZ$HGSHy$+>%+_V!5hwVtH<3Ano_55ASX;FQEhhW+W7Uqo>NOG& zW{UglTb!I=D>v|ex)(B4GqHCsh7y7Nt$-@;xtk*gMIse5jdiQ6H_lzI3(xJ2 z304sYgDyt(c4K!9#ZRQpp5X18V+%UvGKia;=YtddER_&NxZnD?$3%Nxe5`QGp%mns z52|pW!fhuEJ=aNLx;tV()q9yuUt=cA9l=I%Awcf>98#0m;pUJQd;?sG>M(;xCy0z` zJFks4!oz^a-=aa_{9JC=r~5n)9YTWv+xR4DW37h{Fs&OfK9%q{?JR&bJAo_*o(1$-lxQCcp@f3+5>Oo#yYh+y8>+=jAL3s4$M%vlK!t!HR?mho)P<)=!R=!UhrWZ;JXWb0E{%vL5lk=^z)5UuIYJgh`i;fBRenK-l5ZkvNj(x?@KfJzCLfzhwGloS%iVX%1Eih|rfyE= z5{~bI?!g-hw`gWO@at-LX)0?yQHp`bthJ~wn^wk>!wtN|bCsivx#fNoCO%KJ{py2R zKbnwcrg<2h9Dpll9Qu9^g^bD@h}xTHjj?~MUJv<;B;gA$BR3Dj z@M6j_4-_?wfRquWa;ydQ)C2Dq!X|$M1aANQAz2ZsHde^yokOh-4Gj^l*lNI&4-%a3 z=5bS)VXF<-yP@-+j}_j4XUVeyIq1AF5wdAOOrnQFDEcF-YSV5ig?SA(QcbnhhScbN z*V)QI?f3D}1paTFUPwVt@}u9fTZYBeEos9EkU-Gj z4#9%EySp?N+}+(ZxYH2aEx5ZobmQ*s?(Te?^UlmQ&zbLc@2*w0_Nuk3>Mr-{A_Pz# z5}bFg^Uz}Al77ZrU8(iUqU{p}0F(Jq383S>-9*7hxl4yGW~G_@(V=#w;(1eU{Q^n; zoOgE!eyf^Da_+Ync(7fl`fSVd=85rJpzpu209b4d&JPIeV4|Pj+|4F?e4@zNGKZ8N zYI%od*msFMZvj{eW4S92mZV<9Iu>a;@iR9^ZxcXhaF*JaZQFBvqb1vubBcBSw9=Z5 z;KWWSMH_&qx>@CmGP$wlj5!aBPknUftDAc&FB<^XCy}8|(hxBn)6ZAKBYRz+e^Xsw zx9%tC?4k4>$8?V^`ROutU0h>*B7GVM6XkmQuzbveeYgB3`Epfk zJ#ftbc1J1B#lJ~aoxExJE6V<@aKSy+;FWS4Pz&ZvW|-&#{U=VXz9g zo$k;Zq&K&C31iibplnd}dytCTgLd4&LZQ!iH^-Je{V4DaTl35H@9EOH4rx}^@J+=s zNthF>8AWal5BHf&!BmgD<6k z9#iLN1ul*5Z=|FSCe|EwgpbAy<@QH9ZF?!s6!9;Qnn(hYAu|T0aa;0nyY8GjkqP`B zxM8qVUJMsQ@h+`DD*p~!^-?m0+4&>dvA+B%phkgVeF(s9^qwnL;xEp_KaM2HbY7}q zU~`{kbva2}(v!iMqb%fi-<8&VswQ-f>UyD@#fnH>FCC;F+(KEM5`KuaBSTZP1=S<>le35Y1#0<~oBN|#YBME9(M5t~RiBe2!uJdE zSr)Or&^D0P_9)}jf&$onX&#itd6=$G$a0qJ^U@na*cYsJYP;V__-nEY0n~Qb zu8tN(VI-y)!HSmrI58n@M|@n;SbodHRB##}!HQL!B1krF>nc|!Gv0by^(|f!ka1gF^HHzK++am!=u5FJn8M~9nbR=^v>uFh#@LnRg!As3 z4!+!>Zr`e{;0Ql9=x?JW&j+@CHr6^?$lS3|eKnvtN+DU+�cEZ>V$;rHn%|t}Dzk z7*>t9t{%{}F79aECWNZz?@4lwCSTs|c5yX*c{GQ8H)VW+B?qZ=#G8A~h$}|roUqso z0Ua=w!V3|$2UR`#O||XO=7GL$(I~hWo6;SOpe#33Oa3>JI+HcaHw6%<%nIf5`k3!W z+soOluP)AeVW!7XmP^YeKD!Q26QMFPp^mc4++Z+^#r{zrb@0h*i&0IKVn1-`Sld?O z(>xo&hiZv+a19n?g1O^UqiT)fhu3yjWgFZ+TAJhUvtD~n!0rn3d*Kn}aP)6WpUe!q z$P3Z~J(x;H)7ZXTZEg*7EY(%hWjgfdr&mkNe!bP`3lKR$GUi!e^Ztbv=e$SXZXiFl zKywqIVJW(fKnz%4Dbu3@F6s)Ms?(%#XqAz)t@6UT4w$&@o%zxA~Vpe{|n_ zS?4R?H_5kK-X4zM=UrdO+v#;ssUjkEYa$a@Y|fpD8Ic_#zL^nS)mjS7Mw; zZ*wy5X#NffGA?|zc8gIZB+bjZvU?`=RamMX$ZA{8EX_-Yw$}FD1GRkYJw8}h1Mn7@ zzpp!kIn_43a_99?*U?a}E)?$4farGL_mk)?S84sv__-G{6`s0=?vQ-;+8ZAQo?Ms zb6mm-!qr8;RM1FUt0!BJ39zppEFg5h9o{wH{|_{qu8y$Zt+uF@yg7F+CG3GUjWw9( ziXXj=`eBM6UGpbrgw6)8uL)|z?@veO`%5j(gDIsubP4IoJlDv8qyIxIO2FwH^h#h{ zv9byoKCc6G#u)5f8gpKhz|8k70fLr`D@0sT&II!tjPgsP#GD~guMRdpGR7`t$MPe* z2Z^r#z#iE^UKsv>V(2x0-#@$6`l!-9Qd2XH)$+2AZ!uFyFY;o6;+eW9(x);bL~)A>KREw0ECbwI~^r!CQx*x^z-DeX35_jpjPENPrA@hja` z<*};lf*lLzTwcgYuES%?RZ%(HLLJdLLEUZt|3;tqEv~mND&Wa(Ttv^VD5vu*aMT~y z!lg}2CL?)kr=ATD4|JYhuc zT@Y5!o8M0GkHf;9a%+^dm9NBdqM9$|;(zQ`&=Jt%9*TT4BN~fyx+8=>ZO-K<$yNUo zapOZz_un@%Y1ee3Q^a=TMel>+i{-(@xQzrBE~{BXVjhzs4u{9G_eM%M^xrv;pYr@$$*==N<*M~j=wrP1Zmf@lLd?zy%eJ5sN83ES6j^8)mMCHni^z67{jZU zhax~*i$PzW&GO}q--s+%jsiZca|2uL(jR+gx^cH~+U6psl6g_f;nCy&*hn4jP)AGS z%^oJlbAz>^;i}pVehNDPYp!|aYAyAE2hf5WxdnrcL&eB0c5iu{D(}#+ibo@zrs91? z7~B7kkYMvcm_kW@R2ojo|ueh+tW98Ux z^KIlZ{{cYrZ@U$pchF^KcnIT1SfWa~tf>x(aVb2O(xpn!dAFMxTDL8#sCX{O? zMJo5t#;JaEj29Vr{0qQh2GZ}BBVqsTye@F?y7pMVz4N0C^(=229%!GOrCmel)Bxe0 z<`~m%f$rdNC4U)pGtkXqYHO(R`!NozKXb8(#b<$5;j2e?=MtgI|CelFP$%dYTft&| zq`9EgO06SX-bNbsLpyvFbEUz4iSFgs5;MLv+&=J?dc5jrMFOu;X+*T-*9QS~_V~4uBI4D9q_^1u~NlzK-Y~xsOwZ~-5 z?7*Pkw5ZKlI~FB=xx~(3JcP#c?0)w4bt13$Kkw( zAFUvp{Q-n>&SaaF)(joiW43h9UJ)9#Hmvg627{p+bmy`6r~86W(;zc=as4-wd1h{& zbq&%EjwN6jCd7H3A0M-%t~Uy=Idai_bxlXZZYNjtO2iDf-`s)*v13r$D_EZ^I? zfZaV!lDqmfPb^*#A3zn?d|e6MUhQ8>x2%?=6GtOQcSYR$i!{f<_q5nfwP9kuT@wsab}4CsqlAN3|1f8wA?NR(%<*qJAcXAPu4EcA-anc1$Ai zR^X6E#*3pH$s-w7-MW0}ha|+(^*8Ut4?6^{vhH);$gIv*=Ndd$^zi

    DH1sX`y<2OADI9Zp6U%X!#c1Ey zaIc9`A2H9ST9wm+pnI0PGu(>D<8T+IQMLB+87_D`F-2dOijBTIZ@Z##9=<1CJgS+1 zdA-6XxX}^GGK{46gp7XMPmNz(`|*YJDJhY?(rA9;Z<8gvQyA$NBN5V*{T{wZ82K-`+(-tSFl!F_ezh}1v zGzNnc+ono5s%b(Wn2Cgas! zl_UF@S|~R?KcqOJHy&t(2fOwIQ*#*>Z1GF<^PCsXwH5y-@@OnSrE#nPZo)Qf$W-tS z@}J3T_>pGn$m)&gW4l*c)eQ?vi=C!LEasw)Mp{-ZxioHemo@lC=Pq7bsf+FryOrC+ z@nn1YuN?GgoQNMMecBgl;QPsQgU$&24yP>uaW9OI633BD_jBp9mSd~h@=}jGhs6w* zOfu&@DBN;7;Ts>e9f?N=GIHqI>Pm|n8+oR3eh1UMju+1nD7tW+c5!XVO*~FA-pl&x z1C0hhyt2hg8)tS9tOV@x2@z-w2oA(8`r=qUb%$=b=37|+R9X{_wr=N79gSLG{XiC= za@YfOO*mG9;ukaQ*8heuLe<)X^T{_RgT}zqtjJZ5r_c-sJJO8yPgZpuJ7S(F9@Jm= z_H!24g#2uF^4*M{AUuy;2yO5oWEuFczlAt4$F>fo=e6)c$Wwuo|I>5ZLDUN-8bA9U|)xTadO93hNr!-xiRhJ zyNjr~F%m4^n}#OBLGI0}mr+bc*FDIG(@`%IP86i|8*e*$W%2^&8(P*pGOm6coQ3W0 z=}v2lSPMS$g}1iv=fc&vb%F;dtAPm#+{J9*0qM$!*>$i+YjFuP_zziA%lfyb?h9SL z&{Ye-cqMjnSkJ8E;ox7A^|cT>h1=o5ng?i*5DyHE^)rCp^QiB1>UZk#H97wJ| z5>?ZQc~9UlFj8$+2R&F7NPwTt&U0=# zhKsvL2GHM8!@d6kd3h0uo&0oBZl)_F;D?cc6upWD!5hsD2_{%s6hm8RaYAO;Ax|~| z+@H4=K$`%vLLGe>N#0}?zMJp!JD1a&v+3A{h}bf7!VGj-Dj;p2A$6|1@`eL}VwvFm+ro zrqGy!iw_62WDf@ki&!ps*8TyV^ZYV8FWJmp;AZRT3)?0{lZ_xck zfKm@a58QcKSb*&3OhR9AicTYx%#LTS54T4r@Y<7ux6sMMbsL5EJYvI9UG?s?t}^4p zMKuWoWTy4y>M-AGk9h8x%e0W9!M7TqsEm1joi<&;f~iTp=so|smo$mKujMLgW#~j; z({jm`?x>|o^E}_%Exz5h=+={Y6;0sCoC)WOg5^6Nv9OClBABjr^qKR#VsU}PmVh9f z7Xgah)17eJR!OKdOUsTb`hBgriSghat*x!;j@%x&V#g>3Y$sWHiROWY^dGffO`e-= z^p6(bUV82sRRJPnZk3dR^yFJF1|5>kKkxA|d^KI`j_OBGzV3Hka6jI=CTk>@2xiF&RvJqK?3e$#or4`>?7%v^uj2*AR3A9_(sHnO;h%6p)5!jXi*8ym zEw>cj_D(!;*RmpJ*Wk%?-t&t6j||Var=63XQk@cNi4%_hHC+dB(d+eY|A3Ee;^WW>#fk$N9doSpsdB(c$Jx zD(cFv-;?+HW4-fz>89I9jv+bM$>PTka)RP72dY=qo7jvjSZS&7M|&0w@Z)LoE7!qi zyT;W&j;rbD5kkDrsaCxAIR$;W2)xAP7_j%mnpF8KXId_@mQ z9*EC}NA4Y>TG8+J(CGUq%QcI=4KOi}Q4P+4JLAAy<-X}L^W;+1jD2P0=b&;s+F6ov zU6X_~*it!IB>|n?pgE9^apV+IDo&b8Bp)wgW@2d>F)!J-{!&7#?Rd=j%dw{wntLG& z@i!lwsT_5p{VI1(1kS==TI60nW2s9y{pylz54sJMi>C1{BXq(h4yuX zE!R%Vx0|<`79*7@Jh3XZXQH9Cq^|r`0=p0D;r!i6Peg4CUI#`32g{ zQ2q86!;No-))=*IK-%g{gc6c*Fw)nVM6W1&b$0|^)ic49g{*UUUeY%$`zY9H`-#wL zfAYFoTRv=lF4tV|lr15=>2gt;^JM#O6q%}dm6m%Pv&tv<{)GjEG$G1LxBV0=k>#5+ z%$i!&6Ax7ND(qv!VA@oNf@RqOPIklXA=gWW_0Og$-j4X|lmno@nq`F5Os~ON`iX0| zu~nHYYwp7HdywN@-boj9&VJroEHc{!U$h%-QRP}$n)A0-$YlrU?#B$j~ zn0)~8W}$cG^fXn}8}Ee1P1Gj39|zu8Z4+nnYPRua7+EMdKT6PPB(2q>u76K0TGcQ- zIRj}5x)v&Y&cO;Z^FGl^b8BvT5;=8i7T4<(*yzduL%*t75ymZk7?je z4Bb11>}1~U0$O=pei68A!=aq<2r?U~G2GfSb z$h?W+*07H(bUF$nPkXAUB&eeXn8RDAqB(BPqn^{$>nXTHSHnjODD!>AVF;dG?Uo&* zt%Mq{u@Bmg9Yvr&$vQgVXtwqgUa8@OP-N4WA9p)8N>$a$@2L73Sse*UL4=F@Ngz8t z@rPlwS2>VK8sf{1{?)HSmG$_hSNMmUBk<6jkULw!+hy>C(T2i-zWF>icri==w4!R3 zg`MW1=qsu?65^UL5}NVQBP`8^68MPo2|n5>i*GM!jxm~bv`I_5xwYXEv@#3r_2yz! z$JO@qjduKxCOy{O`=TdqQ%Omg?+ds4Y$-8H&=)qd?9Ji&3&x39f^7I}G6$?}Bwn7Q zAIyqSoN{`GFN2J}V&9^%;Za#t#jt-q=wD%l;Y5840_H?Tt|~K0NOot#oKh9dKb3py zobm44o$rcDRkuHCjrpj1p4NAIW;xEOo1S{ZXfEbb&v88MMYx4kA!#H6zaCAu{-I|h zEi-OD$uM1FJ5PRqGas|++gl|^>&IB)y9E3ls`(B)bfx;_h#jCCi}cVs9yW9z8vy2_ zK1C^fU6kyB++hZJ@sKp9_mS;NN>z)@j0On9J2#SWInv|sm5UKI`&Y}?U)skzIk=RoxX{z7O{2e6Jjy)OSg+;i_aC`vOEvZKC5Ps_qWpdH=q`ki-*02Z zKU#~iey)Ys8^JhTCU|wKpQUqNpq_QpC8vo8VIPY~ z2jkA86G}K3CD!vK)CRaot7V_wlG?g$>Wje8H%>yyI@uq{ii?HbWWR>Wf(rwM=(jiwD+Cq9z)!x`*0lde(bu1{==HK8iJ z?gARd=PJKVRCH$U~2D5$K z`7|s-{6?Qs!k*nkUh4;zlg>;OtFEXu#7b9ta zDMZq`0Y+=aQ{4{i*7bGzbm-%h2;?Bn&UBM|9y9K?l$DrJ=;k&WIA0h*$3?gRutfQz zHn$1O^(qUmss&x{G>5avh52r_zIU3T`{@(6S$2_`t`PwT8tj~{$lmAemuqR-@`;upSvAk zD`TlIB711dcxA3j`SeD_=q7}`D?g$yuP__EX#{ZmjkFmiXLd*lEo2foWoN&&=c#!n z-C)CioDJ&9ZOkBbbkd@dr^J?Z`VuXoEG|t`{XoVpp=V{N; zWK!9Uh(I*oJlURvtGX!Ozud$;W&5NyvgKbK=04!2?8K>NcQ4J6lNG+=+aBh&1ipZw z&5X$FcZb_njPVr7(~?}~DZwsL3dpCU-q%Q~p;l7^YsJn}QVrTaj~EyIAiG#C*=L9j zrMVIzilBi*-Q!1S;2c5L@Oqw6`qBh!_=83u+gM=WT8=$7#_Z>}w?4COBlc@kHC(i%>fP2IJdF(@3>WwPQ@cmqb*x_aC0E z)iCF8j9OKs$L8$m>{-a=JDLRV{0{?V$RY_h!KI+{-tZh4$eru9_ETxA#bo~jP9m6; zYYz3p!xt}Oa)UtUPjqTkV-z>119GX5aBpGJjE=GN1A>lRbcoKbydiFzPYtN{&4eX? zs~RZx?{1cI(;1kMeA-lCC~mnq=?Gg%;$()S=XspOVaTHJ<_QvDd8p%jX>_A&w?9$R z?$_qE6XqH6H_JrVl5pqm*5R3&p8{u%-Qx~ejdAeZH(>0bxQO)pnn&RyGvwVP#-*poUOqT}6N0DRIR*d`9UvvF2K9Zt!`z!_}(;q#SZInL+@ zC*m0sHLfCWI46kARddNZN)2SxOvFcHpW>Th} z=42z^%EG<5C3a5pWZVK&1aGFRt+3VRu@eWI<(C@h| z6~FEcw!g3N<~_rzoPdKeOB-NSK1F@f&RKVzitVrGcacmQR@agozuINu)E!eI=uA3T zh@Gs?dogr!NXOspx>Aq1t`j#-5h!{E$8T2n{}GF}1j-B=3#N>3)oju1GmEN?B>|bD zt|+J{X#lvUrl}+1(Zei5d0I)-YfxB7c%P#`iT@_)LjISsD@>t0irkpW+ze_JNw z$9GIj*9?iN&b|*;-f`&ZXvMq2yK0Pw%j^j@Kb+#<{B!|>x;}ETzGVeAO)gEPg9z+@ z+l2pvvw0E-t;-Gq@u1~9`Zku|ChswfAH+h8x5Nj_FpdeUk_{q z3xCMZz7lhVX#XGT2g2C(KYQSz)1m%TWgj8aC)GCFCZb*Zt^a2G|G9P(!H1UbZ#k&6 ze*VKYcz(EuAIe;}6CUFJPnLO!KUhAtS8kH|4=LI4AYS4w|H+wvP<9@|ZB~ZB^x`!Z zi`jR(Z&+@})>y~K2uWuapD>tlaOARYE#ZFs>}Vmf>$FB|;m*P3MV1HQndb)o=DvM-byYUizIvO(1$89e zSC*`-$ea1ZUh&oHV@r7&S&G4>-z)5Qxl=|c#&F|8jtY1cDN82iUBSuu3$i4(xSpx^ zB!<3cRof;^1|1$j;*MJB7@@O_j%bJpILACz-vAET~(CPJqm^x1#9n!Ec zuQAG|nK=b`N_>91%`1cJnG*!YG;j_ChDVcgK)fRR9X~p(5?<~wIYL!fLeXGqC|HyP zzP1)=+zbsV8dZjgYg`hQrSBKgy-X^(ppD@vawKp8^E2ZqAr+gh;tLQ5FX`Dfo=~ zc=&%6`XxfDF>yf!9Z?-A=ObV0-$V?H8qNtd6-#sH^SnaZ7g8ov2sY#nHCGzE1#i`)#>N!J2;w2(T%X-jcbX*jBrOtC!o7V*UfGE0e^{~ zeb@Vb_V;Tc7om>~98P%osn)j(+Aa94YtIWRmvi<_wl*AlAvoCJLjyXf#OZFLH#yF+bbnQxlsZ3Sn=JBK*z+v%l7A2mx0m zO*~&N$*^G}74!t@FB(snh@5gT8cVzLJ`owCVy~00pJ*@f(QaN@Z?+p?^8aSc_fD|HLVXh&BV#w=O&R!dVfvosg)l+67wS@M)Q}eJfJUWlRSlJWh=jH;-0?`y)2pMXicUDh5n+_q{5h7u*vQBR{^_U)q6X^{waI$uXZ_Im5?1x zwD_{!O{&=Ti|4P1I6|)Y_`!~$)lg{P0emi_QEoMtV4cT31b6KrVKNiR;*x{imd1)V z2m0b40_=3o5HwrM>g&*YUljFCXpTn>w3oovyf5{$+(8gQ3M+K{($WZXH0hs1E)>iA z+Pu{;cPlH_O@utWe#|WtB(O^OVK=veP4+yNz2w> z;z;9@@@bVM!KYY-4XfD}zPJdc5=E5PjNg$zY(Pn^LEgd@KEvA*_7ly!);tV^add0g zP~=uupbTX@n8YIfyWj7M-M_4XFP6H9~|!zFi)+Q{hbN2BbD6 z#VRp~#y7C4HeDo#Z(_n+YjSq?%IyY&dsUB`|0lqhjdHbIYOt(-H3BMxWJO~&lmww> zTm%mBES~jRPek0(i`3|B4~Hfn8o^YGon$mR!w*5~ckvnuJ-HNnsS%UG*#la#QLI|# zs=)r|c6-I(czzKM`@>6-nIRD}P8sy~f)uF8)W1F)MWp#07NUrEb2E9PR-S72z+s`= z3T+CirJ$oD;*sO4&8|7Et|_M?&BlbVYLOk%#j=wn#mqgJ8`XbB!MY!JoKfThNGK|$ z-VH7%3N3Bz^3K>igwXNC1cW&lb*}BRMvaP6Hd1OG`UoMcT&0+l6fqSCXT6t*BeJNR za@gUz=!HIRGGN)J^ywnYZ`5y~cR)2tKCWsSl?_=Ui6%-YRddPyy zIN9=_e1S|MNU*f^MKQQAnZeKJ_~d(*Z;h|d?Q*TYefh@3me#PNcFqg0=csd$C1w0h zC8jVy;q+5Vfn3%tz%o9+*Ef+wlPGQ#4uX#P>7~T>(D}Z>qZ8!bplhvjk5;ZM#r(y= zWbWQim9Z5t>FrRZ4p$03U4cJ?h}Vk$)WT;VWtI;(NyMsOmf^cHgzU6^T+3{~e_S{^ zv8m`N#5Zt=VjiHEm}IAvmk~D-Sf`%7B-7*lg^SkeaK3$`R&YAQnzL{^SWtbZRGUS5 z*+#EF_9OZ-JK9>sMf90^9(_}7QNtNJ>hOX5v~C0Yd(iB$j&MbI&=6EM zsvM}Ue>8s{91qr$r`S6Z!_PmlXrB={zhpRFB7TIIwniZc(I}0rk1h)(r)CN7K%R9r z;qJ)*H$?6xmtx1&)fk4t*~J}bUhG-yt?R>?F9Y>e=cH(KGlCqQjgO#zF0t+ZWY28#u#~3DM~_!o&qQN2)8S8s5Tns@{_DT-~clK2i@NiTI)~6fgf#>K>pi1u-gi zHNG{9<-|+k5!m*xzD<9i3Q&uXHJmrFww(hoYt)_5hj1ak$o+u z=;8MVV&R#RlPlT&f%ccIQAZ-gE*H)D1ZfO+BXP1_lg^#zfga(C64W4}W^7&*)4F+O zms-7p^c~naOkZP4r?B!X5NTaSvvrz{bcyDc;PZpG4s1_v-e5aXYP5Y*dt6E;B~89s zEvTp_2E04jah$W(z?T9r?6j&!cL=zI>m)L>u*j}NX4_07T1&2&@|LOwVhk?AO{SnP z)O!%Y^Q~Q6UN_J!)QVH@R3`w3velF(JWt}`cimWq0B1ct@{n!bUI!83yk0e2{4lO7 zhK`jCr@Ru57##L`ohzRT9)UrntohNAK<_9mTExjcijb;G144|*=Ez_V)RMczAKQR_ z3j<2yw-b{3`sFH&u<+L_$Xp*_{DqzVOI}_tGW#Q2t5*e8TxMa2Io7~A?8`Q+d^@l7 zrhguhGAZ1ApF!I*?9893wOTz;N?gexr3!tSpM~p3=5}`m&+iz=kD$Y@z2dniX#3-; z>k%&CgmL%kLq*pZ=Pbhj)D~MlG<0L8CJ+nKZ)M=a2Lxj3r+cX;E`0;0TU@^;UODM( zLs1w0DrY$bQ#zJ`4%zXTK^CL=Tr%*a)P(9^}!kxbLw!d0m z&nf!>mVE-0&>KSfyFA4V^%7h#LPrl)+Zf+!zS+L8VtyeLdlE85N+Z9z&|SCHEE_Iq z#j0v4DteB*sW`Aut{>r&^C?q#>wRSeJ&g##Mf7gTqcvd3)`wJeK7D#?Y=Q8M$}f2| z*-nWv_6_T!>pvrJV0x~8`h&^UED;uuEisTP+U9?vy3>s3=M(v<(d~Y_dpq~z)`{VF zk!@c0n#2zQ@v?b7?(-QYqw%|XowiOm2-ai64Ob4IyU6A$my7c6O`~3VNyWpE=LCan zK}JahKVjjJbBh2#l=3Ink*nUFgs^FTnoBT6WhrTvDJFM)%b3BOWEw2!AVmMiVSYPU z7)jT+{=Tvo`di_a^W4SUh__(-cffvlmMcPg3HmeL)Mk^X%=v{9V-iX`xPrOyB4$uq zbDdkYb~n9UMDu5~Sj=o|F3Rk$*@rH!gUw_iIB5D(-Bz{ZG)w6XF0SvFH+MPgQjH0d zvm#C;jEhwKhRWghZ?v6^HRDZ>wc|5iK5}de63~FoPa-rjT`gtA8shedQO+Uq>1lI= zzU>b8pY`nvQi}u7${!`{t|XOapT0xWxUq?6^Ak@j{+%TB>^44QhT@Vt>3%w4a*9le zFhwCeFd98c3#Q?)fB4bC!To)^K&JoH+m-$t_tHm73$5~PcJ;1Dq@axQmTL+gETfM> zktX_7#*0wCEj>eVEE!3kp=zo#=SIX(Q+X_sgi#E;Jl68;=M{{JOI*&^?9hMk(SJXE zq+g4EWKh&?NHcy4F3CiQ`96=!yh=XVlix zY?QS*3r_!&F-``zlxjxrWDg<0z5+=gckeW>9|N)_y-m=5u$~Ztp0~ex9UqeaW&o2y zkxuT(E~0;in-y`cWOlYQdB&kIhd#{JI-{cpr)OkvYaXd} zq4+XpiDgJ$b_;S^OSuygq;*X0Hw?T1-Ni#{A9J{Z<@zcYLL>_@<1zaFyOOV>%NQp* zhhKDcbt4H*rNNU6RyDp+dT>{W=%iFfQ+FQ401Lj)6%=edf#Q3k!XhGpx9sG0Oh08Z zBL{CMKE4ocSJVz7IjsYgTW*D0~bW#W*%E2xj+dDv^FLzEtRIs7!$4U_+)y@ zTj5->qE_9mr(4cbIIxMOa!opdLoBlzXeoR(if*VWZW1a-|3_W z_K{;w*?jIqkER*D%Aj61(4})$9j(U`XQDhJ5vK!f63`nR;;_GdPYavukeXvfLJ!h* zzfG1TRCm9f_2StY9$lqs^VtzGzr@&yBQ*E%>9}pw|AnFj9-mjs%N-??e5>82wouxR=3)2Q)p-u!i}Z;YmU9_sqNQe&M!bw8Elg zl~vR!OV1W2uzk26hse(mPjwc_uW-t8z>ayP9LbK>Z9AXFS^E&>n8~GNL&=7Eq-*NN z!G0g*t~&2TOB1=j$5ht7>_s}BAg412C|X=H33&+r^ywF(g;`F`qLmn`x4TpCA8Z)u zIUecHz+fW$w9Agqt>)Vyz>5J+a$l}`x(ye=!^sNF~%(` zkh6pGDfK_1tkC*v&c~0Yzs?o_Pe1a(_`g1pA&H$wHBwdW4|!ubr*ZSW@4-q%>wJ&a ziC?>3_14>6MF30B$Dvy=&e?hrw(0^f$~JRyBC1dGn2n@3g66k0>AEmgc#6TQd<0i4Jq+EjGNz%ce&wQT%Pm$;p9< zlIS92YqOv>td8DR%c@FttL#^hoWwMa>{^=IR#{>Wk*-cW5DE(MkA=~0BLI&^?|ey( zR^DE9kt zIZ1J{De+eM$uHzy7--3tEJ(QZ4HuZ>=ZAH~g~OOy351$%t3RbE2zZt-PBQB}oD?oT zgS|36>jI;5Cj=R!@1%0`qcAcumgriIL~v|wDA_!(%{T}My_?r-TRyek^tyKhld9XqNU1rzYW#G^5{AkV{&9`3)sYx50bN`ni~o6+^~Y0di+l98?0o2 z@BOYON)nw*@NoLGzGsX=7GyNS5Q$My-Vyx$?^4Rb7fwbMSDMZN)9fX^P`CJsFhBhp z3H{FZSe-mZGE%Wkr=LSgRbD1Z6+eHe4|91#|FE34C38h#rx~0X0z~*_(K~b`6K~|wo`mt@29K#&o@FCCJ4P!J=84z5 zF7TI;5Tt~9NZe`<*U@~>+4iSeCfofb_Py)rUNV+E!Fl=o9TH%@B4r&Z_AsKr(R3Ty zr_D7XyL&O0p?t2S6+>f`8~KaFO^k)pr=B0zl^-i4O2qX#*EA;f67OfGrSP+8S4SI$ zm;Db+&BndlGrZ~FTvgnsbc%>NJ!2(d18%I4sGW;pQIwNS5q#656g1_!dX~S?8*IGr zkod09#-dC*K;kiJEuVgwvYcCyO+MxTzlV;Ab{G^wWQFd_>zSTwmuBXgvDLm9r(MZ} z&pFPzQ;~`Ms8?m=L3Iyj6O6|1i6)0#Ggyr?YjoNe(dWjgNt{bKTtt|j;*)y zwb~^J6`8l>SrLlOD*Rn>fx90o}wz+d}rC|E1_TN|l%?2iwA9EmUHAS5UCx*y$MBD6K zixg!|R`$Barw5<;GYBz^OVG`fD7~vFSbLwom!xMDL^{k!BKZhPrevULEs>^)iQ%J| zSH7J2aIN-NeRtkXvG^*d^wsFsO!4FKYm84(_I2}7Ai&j#Wgde_=6L;&nv5m0R$2OO zom`%Prv{c`wZ3g!La_M9*D>smberz(fjW(<-J2(76a0Lybs)i0j>n7DgusFJ4c2A> zn1QRtL2SPLNBdUVHQw8-mOno~>Q5D1-q07oc~@m-bQ0RR_+^M`CaCi58Zk%9<-0q} zHZ9AUHE1o}jHUgRssT2C_~L#2;J=v(0VxCS-(JsqIcTr3!46zso+_- z!~{CKyOIX`3CZ38Mv&QQnGM0x;}K*LkrZQII1!lBg+9`A8)up=iK<0rZ%~y|V$rHp zZ-M=t8j-4RcO?Uk!$0vJ!gJ?90T&jcyi#oMUxxpZ#{`?yN({fdhW)n5ZVMdaEbbP_ z0!K>=>O2yqFW1S}HVuA3KEBh})k!t{*&ViEV<9FKQy32F{~qK`eorKO_>`UdX^Uxi zLM#50vuqdr6>vaGnVO@HG|D1N*s(M?Y?|~`f;hnvGjFlfL{C?9getiB5-*YZ9^8O( zPk_`}M1w~?epJUDIKsujhzY(c|7c9dFnMGj=y$>^et<2+HJJLCIkxx!_9>`3KyGlr zlre5TLMou(sBVxcPy251i>cmv(N0PEn7E`?haXDlQOLM_mixp>Si1~Q%_upb9+ryO z*ndS>S@S$9`?yrTqBl@Ckcv`Y0zNP)J@5Y`>zv~=dzOSh@x&9`wr$(CZQHhOXJTVw z+qP{xc{BI^cK7bS|2?0B=X6(}>QmMA?J71eYc%}VL}0@G0^EVk!eS@Tw@1DYs!YrG zyVQoJpeCqsb1q{O?J?+C5x>#18tPt|$>YTt22y|{X=Q@?xtIJZ?CjJafvC4*1Buo8 zC})QIh+J4rEP)>NO5}<|y-;a^wBNND^v=1Q8h6e?#s)9-cNMTn_$FNV*&CZDnW}dw z^q>pc>&vp;^iG7u)f*UlURo2uY;Z-CS53F zXj%Lo=klX$u;aiAzb6O;2htrO=^R6qjg6~YyDNxK-(ZVD&?``C{Q`o+oerPXb@0&r zeZ;=^1nBs;h~l{Z(wXK7f4hW7JJA$^{G&Sa>63MM$fo(nm?i^5*J@3@9?}ghtMyYy z5+5RFH=APsBkeL8JQ0wKRdHvFWQ|tn6yk8&{0%(6qG2-w=^5E9nfa>n0O2H+FgiIN90c>S_PFcJQXJ6bf}WTR+!O^uwKh zg7+$dP?Cu9sT1K6yHauLb(pG1`$bah8jDmiq%%n*7``$}9$PJTPS&&f@}5`d85XL< zk)N$lfgAGCPhc}`5vuBeE-C1yJHJQJr<`4|X6?-)Cu~r{>6g0w6;RB#LgbPRnwg9h zKHauOCtN@NF~3}3pBHrB2~p`~!Spz=fGq}S=TL6=N7W#|?5Db#6FtM`YC zO^>^GV8aq9eYa!_*7L4vRyqk6O=z{@)DESGb2r-gMyrz09Th{V9I4OMPk9_%V&?!a zH?-doPlmuVahPJZ_u~|)w86y(X`o^y*`Z+tqW1PVaJ_6EZ{y-d@7H?-xlg`$zTO?C zD-&zJxUUb4$6D*hQSvetAENgi0|Cw<*LSe|Q|IX&7YW$e-1okFb8D|WvK^cHPe5UF z7){js1eY>ho4_cm`81*4URcXRUhe_NE=-Xpfd;Vt_mUGp-^hh+(ob8JgmRGU;vBrh z&Sp=QJ?2caPG5knFDPsQ>)s#oU0sFus-q?cEO1&mz~%VuNMFNi!5>3i_QTG-??V3k z5d<_lX%9im3a{+h;z(BO5y^o&iyXvwlBHh2kOc@e*~n_316GQ61=V?OkZek#9?WRq zc`gF_cr&fI`!}v}64s3HrCCo~TLBX*8Fra!`)vf(832%JZW+CMV=4uXuvGJs-;sh% z2W*k;i}x2O%6~(Qg^dsqQ2IG@2?1-4`zk2je|UN}ep6TR7X=g;LZR{a-xX9SXcK=F;(BWtM?7XOu=sp6yEk(kw3JD@Cd?btF%=TL{lg$oZ&ySCX z-hB_~kyCsqWunJKM&V6Y;tpzaxybK;0WWxptP833PONde6Hj^qz`#cvqY)<~8f*vn zG0y6qbzhcVUPo`XK>mGg{|7hv zh65=6#;sID?YaNYO_%^A-zNAPIBR?8|3;*~BPc3=eZ}h7eb4`cRj~p}f5%pu5o}%I z{t@Fp7}s}0tN%t_bnr%A{`=5>(SMn^-AFbh+t>L28uckc-O-&Xr|@_(Q43L-q}`_DJ>?_IY3-<(#KZ(qd!*J`hz?=x=@Vv|R&LfheJ z4Fr3~Yc6=&io9KLHodrf(Un?^Lw1@d_-4tiqc+kY8k=EwHBs zJ2Y8?k6j%BYezx`tEG5eruH_Ag zd-(9QHklGzPZ{62tIwST4eYJTyq@phO@aQqU#et$=MD#W) zlxc3!bKUt}XKDJK1J4=x>b>z-jwX7rhe@zOVG;NnIm|BR&ZZIWdkFjt?@-?~5v1_6 zdppFHS6N@cU9p~Ev$^g69xCSVc3So2FV$XkzQI&?zLJB&Vn=4!bgDhm89zKcu!>W| z$Z*~OTmKoURhg;*XQ2B6u=)MrJa0KQ#L*bF{5UE1Zv7dkJ!&K@WrZ~;C1;u;;Ca0t zj?}SVQu!!wx74uo$t0}_7`%ZI4OUEFLEKGy0RSDhw{J8gv_VbhBNy;T#+OX5(A7oH z@QPVMdiZ|^zFP+LFSXbsd$syq?%Ng?lawPeRPw>SL-)e?z~N}pX+3@*pA-Y|>m_D) zf6Pb7>cX2*GyR8+{H=P7%5GHr$FEGv;FsN*fv&)qu^*aj8ZlaHoA^(Vv*Ki~k}<-T z)41(vN~F_^mScPqMH)AxYExdIjJdQX813FjF}n0cIaTESU!FG(fm;qBYvNA2VeQZ_7}bxH2BybM1xVLC&)gxTs6Z~OZ&7WBwlL3 zVZUMY3x^PF!xYoE>53nB=nAVCPeq)Twiy0tf01pW1q*Jo z{4Yw!nNCr{51b!;??Z50b2tIi-<%mCEX|h}EU-Y=JTfP-0i%;+w=L{CeU$eoiA*?>rFPC*DfIUy^5G_%qs2kw_mc=Us z03jY2`tp5NYO>fS|$(xXvMyJtObxkI#ZV##)@<;KBT?9E5Gm* zsz~H#c+Qm1C%j?lV2=w#T%$FXv!|oFq00b%X=9D3ctdLWi%j@c4S4D?p2d9Ah7vG; zQ-tW|m}>KLUIbg!_GTgv-@h`&UO*rrfeC>5 zCdbnH#@{dq$+A3=#0=xa1S8GB#nfe{YWJiYaseyz+R?>a3X_(=*1E8RDma-t#`KR` z94b`5i=dg5m`n{ySfd0I8DUf=nnR$*i!nnSlm||S;#F3n#eKP@?~Abp-Y=pUlbhTX zu}ZJxcj~iY!|xO}ve8~7*mZmWO=$Q&0akDes%8=riz<;1I7Uxi@!D+C<+AGm{rvn= zxi}zBUX*5;CbKd9Ld92ktCH+DvKuT5m@;mI&Mf3RN0L{-YLkJ4fnl782$DJKU>u*! z*TJA2kiYTqr<+S4Q7=!=z${5n=sL0*`ZbCD)t=ETunF4K7|2EamJP@$ynS|hb5xk7 zsP25EFDddo=1BaAhpS)a+yNh73ZWlg?>OsBH)4?qdHg!PWfCOtRB9xeQJ!e5Bk%DG8r}veUAt1&e1@^x~J`^ znOqro4-&ThD%O-s6ZqLhb-i3T_Qa4ozBxi-~;omc|ab3i(E{Iy&rQ_kwh zT18nqizye5L?TNEB(wyUppT8(zC6G6O@bgEjir||tI~UWGL`N=YWI~I?gDyeBAgTN zRG_7wuCPP-Q{-IqU?VYVf22|!0E8L^>5 zLduy-7U^)oG#dBBNIz_X%q%awS0Y7i*3Qho-fw8qDsi(Dq1=(Qn2Ed9@!)k+ZK|-T zZ~1(2;S&(poz9c-y(rfitU+XRd#RI}I7as#*kstgj+-$uGHySMcw8T4!msMbYVzXq z0~?t%d>NLlhO$6X*d1DOtWH$k^QG>wN@$!gdEVnmLQ}QSn*wvTFXs>VHRLA1#4~%{ z)+5k1bJV+Y#D}k|0#mK~JD5!EHk@E7&IE;1Su@s?Yu(`NOL4CR*mfRLDK0d}MvSXr zZrsWAz;oSD%M3-aleap8CS57!eM(ZSp6C@9eg1%9Ao`T1X_3{y``iy!Pzk=kSyb>@ zvuiqFydZT@N1hvOgk0qyenGf!OGLcn^%_&#o#W+x#m8ZBIqbFvuaqJbprLC7zcm8nI%yf-6}^0-?O=n2oSj zH~}b5Tl$L1bZt2Qo=Dz9pq4Nz3j^_-lsVttoKH%QT`f3OiRu?cq{qOE`R}1%BC+8S z76{~3O#6U%0TD0oeB)|Bw0bf}-Jvp4%9R?GhRZaI8vRFz`G%~%&Rf{&!s*K_iasmS ztysbbHmt!+B~hB+M30TCLW><((C|O`*&&4H-H5Eup_gDRK9p#YReHT@2<=3GZdC-s zQh}-Y;;?Id^Ta5-MKb6FAnvi89P|QFMocS& zskQzcql9 zh;Xu8Uf1GNo`>PM=q(~KXkGfzBXnyCKXLFwq`y<#>r<636aG@+xXS^9y$M{Wl* zvz#b;^rz!-f)N%QMv}<+_j3^=kGaeK@*tf#5)7kRq9n&ri8!{Pfx!&1+n+AiYQH4t=byLsb1m{&kjx_zD`TA<9v$2i$g15Nmr#<-rX*P zB12Ke>Z(dB*!MD(=ox(!`q-p96-%m*A38d%fi%&|xfQfA$e6}?_qvdt0>*tI zXqzGHez9WKrfjO=nH5WRnwnFjo~0s9^03onl{5IiB-4J4f$e0+o;3K@z!kZ*lDak{ zeR^Z}?hban^fYukrd}q?o;h;^CRZ$44)c6$l z@us+L~98SvV5e1>mQ(hv)#6w8|nU%{C*jDoL799Or5mMk9=_8gcX-BR%z zKjs&teh;y|Y0i8@T(OXzjj9G(QxK>zR^^1jV#s5?pwu@W7l1-)rI8fwEk^%iHjk_44bLC`w3GT9(}C1SToc?H@+X3Iba0C#=kXcDoW&hn z+aYK86IO3tIAEp@Lcn=Pw2s(P3guAbGSjn@9mr$S00D;?^=_nN-zjUzN02b#5Q*OX zD(5(+0Ymvo$7TP@C{&`4Fbm0;i7P_^V$g3R#=Dayw|g$bxsElgN>>Vw07|{|$ zh4552I%lv~!?B0QA#EMwYkp{UFlB?0$?qGBa{mG;NUixO!RNWOToG2os_=d+LnOm9 zesb`Px22gzQkFzo*uIR&tsrGYV-h^#PeS^;Y+nrl?!k}&15IVLC^ry%bOpHMBmn00 z3!N(==K{w#_*o7zujs)7zQpDmy7ZKT>#|T0d*P=0AN#J85OsAvT(Kxr9&{F?-%&L( z-iJJUNsjEuZZ)-heM2MBvN^C7M&_g1j@7`^I!VK!5WJ7R9&}C27=*q7(d31~Jw8^$ z{1?6>t>xzC0%U)SRJ>xJN0Vghna!32eP5w>s%quzfU9h4<-p z?TM34$lPDQaIiQcS`XH0JKn!Scz6-Dv*rk zPaS>$a)dFNZX~V@BwNx)Wqzl8JnY9amST=Px)QqQv`MT^7jYoLAddf#eiBDjAfU5Z z&@SU$`-ze~>%@#*`&&2_{eUB7cx+akMzu|CwBd=B`eZe8`-dj0LcnY8mlpJCq+d>Y>&vxKzZFak9yd%;RE~53s&GB2^HMs{W zZtB#>Z5aQRb!p@aK2-WZv!z18&nE~;63A;JbCd2|JXFI6N;KfU_M#RFNlrf@8dMxg zrSm;5a#m!D#3)$#l(uK!1fB=SI@$!Iv{i!&lhg@Bl%(XUX9k}8To4(2U&`rm-m2u7 z!~p75laG4PI>n(X*Yt`HuV0S4FXmRm<5wCcmU#18R18>SL4S-qzx zkLMFs%SqOPwujt=)5`I@KOT)b0?=BMOe50p7}Hffq0Wv$OCerw?rT8yXI?`IpJZf7 z5igP61-W=!fkZXIX2Ak+@$GRS zoZIlK2BMJLM+vI?#SM+d@s&vi*|EKwWyW2T7=Bj%I&;D5<2+H<#gZn|mx659(rw{M z#TMM`jZ6b**l!bdHONu+j(-)eQxC@F=_ z$~LpNxE28yCPX_T0H^k0jHVBx;7C8^krUt7NiuOi|)!05ujb=ieG@@(vSoKS^u?p?%{SQ?pV8njVr znRX53caj)s*K}kv>_M-SIOi^l68_wVy?_Y2;=$@BYQv%A2RXO&D3_bIE^rQtm_JN!5y2A_Z z?%DIi*!QIM*A4ojg#boV$3IZ*3bWGD^vP_b7AZSr8&y>lCDVtPKU z&@OVevLtLT16^hl^Wn}b-*)ktNa802xI#r*ycHfK{#uXVXD#EHONHxG!xYf=?ykPl zpMzB((Q<5h!QYN!M1?r=XM3h0B{3YtB|eaAF8f19cnzk>bjCWmiqhz>QHkk{BKe1m9(C?F zjp*oFaBmwqfid>zj2bwC|4j1V>{JtiNEFNAq|uGoR_Bxk$Z4{qRtQiY4?!q5M5g|7 zZG{bbYfq7tm|~D@MZrd*88t4wbG7(Q(*f@?AX-hPYol?6S<$W(ejfN`X$735LOd0# zod-J*Nm%zJ%8g#ZVjy}s$rtmZu0p9(Axhxu4Zwd6;yCF$@y0x6{?cq=_(aZpYj{0o zT@_C8EnRkBrDDMeU+>KB59b6G5PPDxSbA%RdahNs*O7;TkO@?v9hvI#5SRy|GbRuU zZF&+L!76BBy-NUhRi0qVKVl>kS(HfJpeIELMGx1R#7lBGR%ONPIn<8)!Ior(EzzjN zBjQGn?a&9n#M2a$~v@$=hfVPwsdi@V)LPu9Pk3Ry#C<;BnDml6qflu+ls>2YR9GVSJpU5P9U*bS$C5vn!z z-fVO2QfX_Hj5Xxbm|zGB$xmyR?&`h_nzO}BVbRI2Q?6xbfRK+FFu;Hs)1Cs(07TC46flwyMd zLb|0J=ysdlbC$oR$UrJEF++LvKKm6mqnnn8=EN~@L=+LU&x9pdKi;_q?5rSA7%h=k z&PFj8SA}1XQfC<4WIr|_d`hDxZ|2Q{uvr;3Br9CS9S3@1rijnf3?rz>-1kMOr{ilk zXh`|JSDTU^eo;DQ&yd~3B2^!s9E*#+tN+uHDZ9-0kEr9-J9AP6AxeZDDUUP!k?2ar zTDE98bs8oYWV3r~&%gwgM2}0jxoz>wBz{x#WMfS*?mXBY zvp(G{(;X|0Sb??aVtG4Sdy3NJtF($%9zNk|~T%_|^tR zysS;)qw~_naQ*K+PmEgC!|=W+sgMv-t#|xp_+>K8b3j9M>MZinb+;&V(#)bR?hws& z_1-N0X;_rE=mpfavfRGQtT)Sz!rvjUC3j%gx9=?)r~pMwKTQXN$w2$9n0qGXV4t|I zAx+%V=CswM+oQ;WXBvj50d2Z|1g;N_S6$o}v>}|NR+?xWFEo~7Zm>Bcat>Rncexr>tkTXq7M(g|(eC6@_V2EFah3Tk zCNX}`4Xaz32R||*9B3j0afv|fB3X!y-1}VIqFVXeJYgFi4u@0OH=8P#q6nlOS)M;T zO@d#-22$}ByiY!CbxK`vg`XdjUa6B+-CZ(U3Su?=U^ZWi!P$^gj7v-~H0Ni{iA_-; ziWN!glM^A_y(E|&+Q8--%I*Toh`o$8G{@{0ZVO~7`ZOW?M6~rN$7%L2^xH1Isal(3 zE0pUQo@D*Yca>#F#h?NZh2bb01oeAtTHuYCH^G4Nz?{&CJ3D;@JR~&BS}N1Fwyr{j zoP0Wm_n^xxo$yaqESaQvEfQ)Dj;&dNVqUW%Qe#`@Gy*R0Q5VUOXm3Y&Ibw)kfFfx@gRW6TOCgUi*at zeTi6M2N<_;U3eh1{#BWwE1>RF_!C|0JRd=eESWt#v+*F>=lSwl?|{kEfPrbScP6$a;MYW3|K_7)X^(D=tTUV>jy3 z+0)+6<6n3s6>GE`-SI2S@|w|4o1?`We!a9TmLedqx#F z2tF+35s;wdAy{;O@FS`sY+RTsxIrJm)6tq01qWJT*7Mz7kV#uoybvUgVH;hBG1#<_ z2-HBz936&o9FcpFaLLGg^;aGKlti`gD3Bj*q$Exn{X{ng ztluJGg8wip9Nut|zwS#`tKCb~Nx}1+ z(0u+gDz3#i`YHN+iec5lsKS9+0+TRIMPLl^ViJK@UlH9@eRsb3Qgja6xM#{qv^dMh z;B&Ei`24=O-~o@L{zFRn)IEV!c~48|1VKR*sTgGb&fZuzp;1oCW6{%I29ubWTtY|$ zGMRo_zwepH5I4M1<614;tF^%hzY<9_8p#aGPHj0IzTb1^oBTwbP%ynQGH>7J?nU-O z#&M6X!YXuW+oG;WE2ESgNI(#tMfSJvBSx(!+9soTNfNRLsElYBfy+#dSkhJ{{Zk9f znnDnOyy(r%lD7F8R!_uQ`=b>STy-u4@JcU*ditdE2T0f%oInKaTr;Pi{{@n1cu{Mn zWJEt&5+00^MoOQ8i@d9b2~wFtpfXpaGF1BJ6d8=YOwgG)i8kk+I>B|l_0QbGxV_Z^ zOE#02QJk@*;sZ`+$9oLiq}l@J$*SWD>@gF&G+~cKGh!wd76})<{6jwiTOeHB!i^uv zR2t4w?)r4ixwVa0Kp`!CbA1P8hTpjg@{yi!b>v`MT5IOipw7=M+0}pb+q18#UsGN1 zc-Mzu6jANhuLE$U5n9dLQ@xn-X-Gg)!(v8fY-G-i+qkBp zwI49g@ha86q+wi~Sq!%M4Tepa)2B;UP;{UHMTn!qQkh^Jf+n@qU@&~0q10mL29C2y z7R`586;!5jj;#KB_122RQNWrQO?0IeGX> zAsmk+d49`=64kptV}c~9X@9Nu!$2~dM@DmdRaq!`gtnrLBg8E`+JyILv5kf%!)9w* zVA{4i@iuxg}dxF}#ovjg=)YD;vFV#$Qo@#tN? zdC!&8%Cil_VZJlSi!Kh^8sy7B&wBRV09EdYs^NGe-=#K6!v({Ee`w!S&qMDlc&&BP zF*m5Dewxj(9>QlZR!@Lv-x}Y;k$o=GP z*3Ndt=0b|qzv&>ADbYT?{oyzZvNMF&S}wHCglNjDkJ={;`Y6nlIr>V?94xGlPL;&k zmUn}DdrfZnCdx~Bngd_5;j0gzZ_gZb`)4wju{jWz_5&v67vv% z)++5<2%W3qcD9p1p=$c9kAmoT;k2Mjbr7!APZs1m1K);q&g1eWf(6vbI`)hKahc9a zW}^weOm-AkSN0$2iI_4XMv+))N-9*^{!pvhR1P|M;wQ!f>?ka*v(*l|%T7ZjS%@{% z9MfqWV|ID9wQCfMI#zRkoZHbb#Hu*LhNB+(JZi;ggG}&BMZ{Sw8sBc~UKStD^MrnH zZbsG;o37S!NTZC9k9wY*^h6{ITOEH-0M}6+FkD$8*^iS19$fKv{SFl+jr*&o1q_(;iJVR!xZM@Kod2*w zyg2y39{CB#!yWvlqH`xGu-{HU!ScA2k*oP}H>euG9;)M1oPSE3?8$#HAHT;6Xh>Z&okHu_h%YSOOY9qeK>HID*%5pn03p*f8!-z zgdtfj=>*pXc)XvHQcqg=j9#VuVekWS=G>B@QGBjG-CIb1>JLbYU7=r`5HA4W`VhCiezMnj@ z&`5|Sup!c$V(RH7(&u$-iCT`%KBAl8#XOqP|0?D2yXv|&0jadH_FQpEPFP7AK6p~w zuc`^}%7R_w_S*BGhP2%L%}o`>GuR%22><|aQ-F<+T6}KK2r*iQmea0cDm47~f@q<9 zh2QYjUjX_#&ak#b&IzZcme!l>PP}?(F?ehe1bd)*8u1IYKDcQfLPXsdnSO2=;zgWr zX3>QRx`}3r4&dG!QZ{oKnM7It6SD0jFAo6YP+kkd%xH|m>V+6_`9p+B3aqBD1yHY{ zi-}x@ec7j_`s5sbmh{w4G4uVoLE=h9P-t1pJMk$vx=A7Z$?Kj40bD+P*!lqac|HY!%0 zua4n+jTR)8Jm_3hosC`W?d|~{a44ZV!(xsdWJmZ%VeWfIg72yh>zkVGuDDbW>6h6psc+pAhx%9V62`K^SbjOO*8=>##^)cT3>ItJ0mv?M9!uTTo%wv zfH%m6#tsHF!1e8-`2~K3{{7s9he4z@`Mpa1B99!i%<8mE{K=@t+|qpy$&#iy(6Jdh zQ<|_|zJ0Fj#GY<+AuI6OC}pDj$+DNCyg4u^L5XSE5sK+eIuj|Tl>ra>(inbVUZR3jhrMgNp_3r4v(ih}I6ftns74v%i}vYooP=G;dSEQ}>WT3fZE&mUDj4Uu^&&qDB2y z^~<2P&DmLhozL5pi^~qqs%^++5XQFNRG&G|Rd#jdapQ5`*2x*2qKD zcuoXdldh#jzRAWf)9WDulii@oM(Q?0sQ3@)owFa~YI5+h&0sWKjgfKdJNxJ%XZsr> z?sZpPPiF1+_gpPImtZ%?7DI8HlY0|O1UBtl@A&)p`&!M2G77m{@m}EAOj#Q-Un3~^ zcQn~%?B1t`khS+W2d>^Peb1LqSIlmG_Hz@p7c$V^UQ-i;$t$oQ7}zaOCOarhI0IZ` zM4H6x2ixgFgQ^NOt}{%rHZme3pIiPV_i9iW%uqT$O-_RsWjWSd!23iCA+_FJZsKN3 zDcaux{MNhfZNglPaJV@7&>Nh99Y`aCNe5qGCt7&o`46Q$r0XPIG3+lLs`L2aG{;mv9v9q;`F zwnyXr@j~@-9lud2crb#9w$g=k7!#T?&$QjJh(s#>T(+CFq~Wt|k@qK~WcQhXIN0W0 zc~vmjbhXl1ZC0jg%%?HdO@ja>--Cy0osa3%f_%MXbm^Z;ZS|e^+EUh<@MycfN`0sF z^|uSz>^=+mUOWzBa<$rknG-u~VQV=UM62N{qhH$UXj*~KF!Y*p>5A^1zeH0*&eHMG zx_ML(XV7d#$xuBxNF16QG6BR7ghxi^Xr z+Zp1~r0FM;vSp=A1>m9fH8`u#d_9>tSp>Yay%}^@ZmKWUVBvZq4Tt6+2Vl>V4Ly z_tnj(yHQS~PNw};_;oO4ZgQpN<}~c$)uIhG*zv8)zX~{EqBI>w9`+QZ>}IzBc6SWY zTBM(%80)@L?H`p={ki4XSmgQn{_-=3A8XNU460jV z%3$P=({Ls|7-SXHc9v2`jrACxWU5B!EtOB+6&)sI=(6Kpd^vSrp3@rb zeSSHufg*cwSm&+BcQp+p7B3_CS@fs9#uOIa4d(KkrWh?-jzcp(t_!%HeL47EwzAnrmG$LsyEB0*;=CuhYbPGE+iR#Xcv3k4K5wO- zk%U}&DnOo<rcS5&sVVWQqs z883(wH?;@87ohhIM_nj0X@bJ$uDci6*WDVz&vIJ+teep{UXxQAY=EgP0rTAi4X$Ti z1I6DDJPJWx4lMp@lT~t>wLDHpOo|vMy=t8w?|1}Q{q)UjDjq*^p{ClKP8M13w5198CBPB1CbSlobJ#|H>=dye^ zluVWVxmP1a-u;eYTtG_#^jlM#YRlPqP`5wS%z@5F8LloNp7zuqpP&i@{lwTgrW+CA z5-uhVMY1=r7Y@#DXOSVZ`P?AfT6a~7CBGCGjO}IadcsC?FmvO1J9jA3`Y_H7E%|+0 zSTaL4&-#>nr{98?OfhR2hPj4=R)|RqLFRM6b zf#bsa2AA-`R_ks{5Oq2Ht-tRJ9`A(M*8(14v|Mphnj8J|^ltjH*=D zAhO(*X8dL|5GS4w%-%*{bpFohYGzT_$MwfMfgYqFIIRVKZZgdf%sH@ahfsky$_DzW z<~1_r*G*-glZU+RjbqCR*H&j6`krti>Wt6C(FH9C%sw`#@JV0-2Eov^*dYSS(Cv1& zA810?Aq$22m|q@OT^}}I%zt&^+vYls^o6*Z9L^N>*3-lD$+r&F0Jc`Vefx;LofG$y zR^}HQ9axu=MUg&De6sLXrFgAPx*F8Z)Ah+A|8j93;ED-g^;3%sX&>j6*T&TxdRUvJosft4T$|L$_^MjS>5e9Fx1H&RK;O zaH$+^s?r(}5ea$y($2J8KJq=n zw^YFurt<$Xi~s!{TOrELBQ_aU*=@4vd@;u4_FN9V8om^aOi4+}xV_wKBhYYm#1>q6 zq#~s%=bz5<%jCSlpOc_0qpz5Qz2y24vvez?afJsetD+HcJL|M8*s)@}9}8Z4T>7;5 zy&d)~T~5&~gl9J{y7TM?%+n1xf>LL-|nDzo?4T6b;LMNauFsJRL1 zOvT1P8oM|$GV&_Q(kN?9AV+oQ0zHBft2DtfKzylyyPTwR7m2?y`FK!$|p@jT={B`fQi^HN(>J-FCT_QaqtL(E- z!0-(L4i?=xjYVTzd3x(f{wi&J69PIDapFZwji8d|BHf-@ob6pUhMUi^j9T*n2B>Dz z?uIZnP5W3HgsRDbn5xEP+J+&!KZZ(Iw&Lhv6vg|x6Vc7rmqu)*#9y zTYfJICi?4bZ#5?eI(i7jJ22D)%T*m5I9r;IT;5;!&F9|5{ilh0QyTYC(tG1sb@IUL#Dak(su%aw|48ZYD>9kLOKI~iv{*Y;5Yu#|c}u_(kK<)^ zG*Vk1BT7M*U~u2cNx5ufZ@m=8z3Nn~sI0s>3e99UqaCwM*M$h}N-%a*#bFI>Tu- zWWRP`i+>On65GX=diM`pK3qc!uEru-30lBbAUuY)y~G9Q#2Qm>4}wzD zwqw?bg(|6Q_KDujQn)F=89#&%(N@0@gjdT<_g`ln7<)UqEPS6wK4Ld{xjlH^f%S2% znwY-%XNvy??|M5zQtNuNtDVF4B<~uUb-69#?O_d$bHMpZ5LfMt^|s#GbhdhNu)HFY zoKZivzy2wj?PZOVW^_6#cS|UQLvSYQcj zp8C@2?~DaXxLKT+ZItPe(!?qgA=Sor&;Qq||Cci;3rGhqyMskgs#=x>org8n67UD6 z<7OpgvWE%0wFURI75^!p#$d80u?Z}c4_ch0`oA?I(*lsZed+;g`erK9mjNh&I%`G` zM~r}2FPK_o77ybeSNiW`UbA^McFp@DZX!a>?yZ(fnDyu8uPEi4r1Sj zTMMfVDE{+uDD>~=flX8{hW)R9$&~op3?eTqjsNJAxbE~X*&QxZ>qcqC|2({{2|s-R z{Lj_jUOujGdKtNE>y)~@G7LS!15Z!DIb`mf()TAj7C|=V3HJ-|_#O-r05(}CC31g1 znnxzZ^%Yg{hY``0flJa3LWFcvg{$K`J=(y+Z)~+k%u^T$wo{;@!YEVKZA0V z?)yh$@~?1{cyoS<_P3KX>kB(@?sgD8KV}L&k4Bu`Y>c3pT7m{ghOIu{RjeU)zfv6P zo)~D%xQf8t9&trKOc+eQme#`B_PZ7hIa;XvXryyQXZ?e%g0kT|J1}DKf1CfZA0H7(s=r^NSeKH7#j|&Sl+jJd^z+(H6Xh{j$9rv$v=R>I^!M-cjf2XE zDvei0=a7wZqYQTIuD8aV-KHGwsG$^XllF_0tw+YkxrFw&BA*`llh4bso9kEl`Kyia zD37v}-i??Ln>J_}o-ao0w)NY|ul<*&D3PV+H=^~r`yypnySK9+;@a-0DH&{<(K(bc z6A9}pp8XB3-s%^-Zn>vk@At{qG@vP4!As)N;*HL~_g`{$Z_m8_Uq_{^EuC#qF7;XG^{Gk0d)cS?Vj0($m}+}^Nu+qQJB z9aFTUBfS6V{K#d>V%G7`wulqHbReB9PQOJq(R_ovcQc(`TD3c{V z1PrK0LlqOx*_JaDv_#z#Xk<}S?g)g8*$SI-#1(F;c0y*<;U*!~0ozn1xcUG1`pUSf zn)Yi&BoyiH?(XhJTIp`3yAB}T-JOC6(%s$Nb?ELxH~-_~t+)4w_x*Z)`^?^ZX0Gd6 zv)0-(XN|V~4D62cE%j~~Aq34h1Q_()0c@j$jWy!aV!?LR6y4-rGRWT!(vlsV@%$9ciSb3t062KAgv|w^q5BeG^fS?L2aM^G7 z4UjioddW~@LEBR>t-oejqPpe>nXcL#TA#S|h0k86YX)J)uqUI@_IAnmTS$dE!>=Ts zwF4%`uG6#`sxA!fX=qLd63%pX4_F&c3A$5@RP^r^OFw+p4T?|fs%rHO!Vpt`leIN-tJ(NHZ+ zJkDXdCD4UtPsu1GTE5)=HZd%%_Z#%fr-j=4r0Ll_>VeMeRS+XRThQtkAn&8XJp-KHES^F@{tL%X$)Ql zb1qrwI7>aBBQho~4_jey5@eqJ>#ic6+YH6pT1$awC8~ax-Ph~i_bP4fADa*Wf(xNq zTCT&S->=o{Of+6h1Y8@_qX_*-{Y!rUg4(wp5oIUx=ZYt}UDDZgO7ho2%dK z<#;$Y|ALm@_=skY9L3O<)l!h&dW=EuaM<;FBk;^DELa7=M@KQgw%;D|p4WzxwB*C)Ky79TqCw^avMwu##WXJVRlX@*w-eXb+D`U;TX?OOubb0NY zi3coHT$MNMcp}3sq?bvx`rMHtpHIh6q?z3NQ8i~Fg0aX^x9VJkG-II`Wt(L*41?@V zfZoQHpUWQ3Miyld#1dsKjuzvi-X)c~zwq2^q_TrEXADlp=Vu*mu-P)Ce@*GJR**OI z?BaT*_bMHH9BB(gzq7=LR6dS%;=8KK+f$4eEn2S9%sE&10l|JU$f2ig_N+syKBxoJ z&?l8m2acXlLzyuUoFJ@B_3bKq-&75@uSK9m1ZL2%%;wn%V>X*04^lnLVFcuy!0Nh< zeP|MzI)2oebgG8e>oQG;5n#!Wy;BqI$E#{(rEL53eLhoo_R z^m%DLL9eE!Kjv06U_%Scec?EM7RFfVAK9+#?~<%+{6?yB*a7Qqv*Jlxkf^;rjiYup zG^4HdJZ7=vd?b)Et+2o`($)Pod`CA(CNA9`?BHm zK4=BT<_9o99$9P69mkCETB8Ss6_04N*QTrlK0bc>8-K-H^JTTj)X)zO*EjfPB0rId zAnHrBWko?ZyLzW1jg2+A_eNQ!qA}*KiqZpy(of8&0wDWh8mjhvQ-XGq$kX$4)v|(_ zkQVrvyr*KGP7%JLvh{Fm%0S zxe{rV9|>Q#$JMaW^>$FV1*v;c)P!}_I62-yB>N6ShD|#_Y2jzc?9e0Zyjm;TUK%eZ36Eb*Hx7yh_NYHb3No+-;YVi*>g>J|A$y;c+EDVim&a* z@br0;y8;cP7Y}CTh{A4eT$K5}o&bKr z+3*Kd#!#!5912k-BHMA`6V!}foD?tkIcmZibSw$SS>KX4eR$V>8M>|i?HaS$kT`6q zZu9$~jTw*~u6dVw2s1uH-^%2^*=!^uB(;SZ_EY#hXkiei%qn$Se$fRl^A-mHxV8L6 z%gM~@O>ftp>UVz_8mNCUsl=X}NA#LyM>~9JlQu#we8mCcX#di9`*uNV zLzmNuxn^@7DkkHPH>>03uE*`=jtJ|?$+`wZF4@2~T%J?}_!9$Hs0FSE7SpvY4*U*( z4lVBjbaf!DW-Ek$iD7_oCCuv7r<)b)rB3ei(+TGyTbXRSwZc*R((d+amDLd%^tF(W z`Z!e81a2Fzme^$0RZBX~X-;~{IBG9jUFM+xiOVMRXjZOQKlD4jSP97+7VmuQdo}Yn?MS%R&@Z@4&^SE6TB`_ zr|rUfNCf_dm%8BQW90+i*su|0wIBJ z0MQu`$EFR{;n}pSsy=D-vu7zrAqHxD^DPWEHkKx{0c8IBVWIwQldvW|U2c>)Qv|R{c8=af3*Ld4l?d-8A+^nDLj^D|Ge<&Vp zw=IlF6o@VVe3kTKBUX3a9mbLhrIxn>?fir*H z+Y!Dr-ReT4j__p;b=sy^&_rEje)!znm`mVCspnq{Pr*o7hnrFJNOzpPcVZu$;~Quq zEoi{QhI#+4Bnzp~3C?9LUbnaEEPk%0B#A(8fUVZx>FX`(>`Rh4Bt%;zmCg+2Vx3!R zzRe+fmdHS5-J=lP`Xeo2SshQyN_C`;^z|AYpSKv$!;4x?yUd@-zyxJAm6@s1;(=y9 zjvTY`#EnX6(X=VxJ%e+NdZB5vEFoK<4^M!cG7D87_csjl`@a0~HT7s?yv)WZsrCii z7-rB5337xQW}}U#li{Et3+Lr|z{1B024v;v$?d)xd-;tdGmFDRuTc7ulk~ySJ<@~r zEe8$8H1b#k_;gmO&ByTkIjN7sD!*v3Nz$y2dsc7956w}7Uj5SKR!DV<{U_HV1M)Pl zxfQFWwAS>;BW>afAX0T1dbVqIdSAzSeSw8riQ2UDm#2)c{ljFsHG0bmctMg~z5S?i z8S#8~jWZ79G{*PjZ4EN0!yV;6BRqlW=Ztltn?Bsr2U4C`y(tR*|J=WzY=jEzxNjD%f ztB!1qX%P8@uiiqgDj<@aI7 zHPt6M#WQcMEwN@wmwTvPlb9<=1U_k+yYJTE@+tpCsihb|SGksuyrFbLI9mE5Yi(&ZjLTuF&pF~o zy8XVtE5)+t^r8lpR_*SU7OyG!vX?81$`6--Z1UGhJ+FggoUA)aRd&`T06VmHxCJ!z z)$*j_U1-X7WhT9vH`Dw91!1W@)uHC)sWef=a;>ki5I8gW=J$iUrM7`LNDA%_#kh8=#bmdb6FGE%7C0kuk-4GV87Bw^R3FUkTvcn& zS~2vF@K-FQX_N0Nh!<0x`{MBfQ#!t%D74d0i@aExg<3UwrguDzeg{fl0Oq5^}_ zW|xi8fU#q-^D3JEQfHD`boA@E*x4fg;m#<%z2(51nqX@ux4?g{_Y?vfB3kR-efIn7 z4smUQ6j>eaSu6VKnScK**h-ky(Wtuw#r8LUD6N-;0_NJrPRd5)|K{4VbiouHkip6q z`=9m4uTEtg`)M26bynLc_(LUv$;dGV7_h|vqgE*V7bWr!^M|<$UXmkR@D!i_6)j*n z1>@&RJ#;Zk{9hgu+&rAaPm1skZ|0WjZ|3mgEkuc@em5a|j@zhsQSoCj#SCx1 zBQM@*x>){c6gCJ-bqxsqi1(L^=zovU<|^~Exuu4L1oVfq#8y#ZVF<8wVo0I^2sTkT z9WMnhTDRia+7^gk-k4LX4~Dz0G$V->@}@JwR&GOmEhPWXaJ>ZklE96PRh!RZBRB&9 zfW~EH6qN8<&4Hca)Y+2aqmD>lcNzs&OHt0js|feAbgPhEC&DPks=Wk?EzaDKIXH_Uk6)6R9QYk*z1I1rs8TN$ zYp2eu`9!a}ml9FlOe7y1YL{906#wL9C^|6LnYs1@LkPIEv}DYnM1Luqt#I#l44{1g zU6<`4SnEw5TT(tvvxlWtN8x{t-cb2`B9hotqlq4+e{P~*2>LR);xVogXDQSBLqH=4 z02O?X02mKLr$+Xpjl6mrG(?fwKVamSz|4qZrfln*+<`UHOk(Y1l&GD+Q^|A? zAeN-l3|-`Tjm|P8pyaK*U4q;Hw{P1zjrnW3td% zSoY?u0J6MJd1?ErygMmLlQOw}7+r(90$2tOIcJ;uC4=g5oR{1-`PKg|41Pfdi`+Ul z@TlnM9VZCA_M(>*U}uoFovD0V_)5AdpkE?lrskvb{HVClhs-?4h?!+?K}~J0gN0l8 zE{&B|0tRIV4!Pt&g6B<&n{foId@oHUzpzMrnhgj5KLTgRY2wF&nsFljx5||y`>9uV z5`RyxSg^Xv(sY8%Z+AY-v2nWAX@b?>cWk8Ies*T3>?xfDOQRCk6z-Vnl=FQ?WKAb@ z;(D1wXUivgp7x!vun0E%v6$;eu9~JZnc~=MvRr@X%`eTaR?wgSD@IOsQ(C=GW(pTi z)YnC0+zN%0-^-~%|0~nzF(Q=#3w=M0G;^!|za+xSxU8vYGU#08vSS!&c59LT{F<0x zd#esw*s*-0=G}o{N>_6n9W9{~+Y!{EG?y2t2({CEmto%@Q1v~f#YHRW_bL7@*J!W3 zw(CA6B`Jpj4^;FV@9>hgr6YC=j#z(cd4b4>8!LkpqFvclAIDk#N+WR65C!zrw$uTA z+*hs_<5y`io|_V9xur+ETuxWfH<15-i7q#-@3KM6Vz7ssxQXY?1;_V6$EC@0CUJ^0JsX;Vq}Br9^1SIJxGFBM`7JoxKtW~z&ZKB{nr`6ScI)=a^gHnl`r$n{ zot;5y1Le7qUGoc$;BvcAVqKePXiA`d*+Cy`e^26iRqtVxP)H-uAB*Y{HpGIK^Zc!s zCq)vW#8RKGw-1Br=z+e`L3!$IQr%A4)zsf3>O@Z3@-2pK!+7=6wZXZ$wc@u%rgQt( z9(w8Uf7LJV^FZ)a(`iy=f<4l~EnRUGi*&jAYHuSeOi$05DF5~mJ`6kWuVT_CmK`5} z%&8190{6bbp(pt&=ja#L{L5EI2rG$O^`8{~vuKPkgDbo#R+-bkV%z`9oZpu>){prA zsd$v${6A|l0^tGTZ_M(KV(nk+3H?XB{$D8)B=}j7p`#pO{+bLwTkFtlef8geXCeHo z#;^Lg{{suaxn}Lh%KzH>t%`#SH}ua^{L%>TKbSxeT;yj?{=Mpdvexb^aCyFeQSo<& z{%q}o%YpO%`r{w*3;Zk>FJGz>gk_6RdY^|0!oUae#@1Xk0JEcVXYZ%r|MZ~uxi5G$ z&NuiA<2^+6u3JV=ht6C5XAgYGmzz1QzLEJI9@0K+;K@W~BrJsTng5GN+inHHaOl=1 zajJ)(WcAY3_EhpUHZQ(gv->O$aAE=i;dL`E+rN?R8wtKmyYr}Hk2WG=IdB45l#+CP z?xjR!CK3e^*O9t`GUo=OU3V(K2vPsozrznF{u7RDXwP!>O18aR*-VBZFK8PVX{IFt zf<8(hdEHE6_D+5N)AMbD;GuBOT2@b=O-9Kwy8?htkos^CB+9U|IVo_F$vYkpU$x;~ zgmtco20cqSvm^FmFw15%B}rLxHE+{_U?n|I9P0+1DwbTg**_ut+bkG?B%<(ITc=|$ zV?c`9P&`@kRd|6&x~9_w#X+5t+K+Hr64&~D8!LeadQ?j6%^`=nk0|S(i=rMgpM&C_ zJ+VN>JW-Dq2y6KTi%4)6{)OBDe^BArDD1c1#>^E$wi8?wy`kFN!to%ha?%m|7|?>% z#*vef8Oa!2VB}T?N>3-A>L^Jm5}bymM#?A%(!u4=EX-;}RETu;sz>=O@k~Zolsaer zc3@oRNK{yc)KSH1w(|3y?w@Oa3bSi`eXTFJJ^uXm)1A>m1P%jh&I8In@BMS~`KEyf zPUz|N*xrBO@WnfDfO&MPOZ;2v!J&e=`4elNF?^BJ{j0V}XIcM@1)LG?kUwt?o~Lbu zKOu6I*Gq@H|J?C^4&xP@8O8s^9uyb&hQ1GAZCUjXxBy?Ui}N!e0xBbN{!JNRw{71~ zguJQyBHi;E5|>VhGbQy$h_?x+&r3p7gNzki{Q=hzQdcE{?1UP-qOVV2wfdjn0pDeo zFtZi>_*EpU5s}u;bP$bP*1XuJLn3`x2rFXtV=-v~32|_&TDGq=m;-X^^^ga(VCs>_ zI3EXLHsu9n?hsi=(jxUfqvyC;thDO<6#xN0`_aDWzE@P>&In_ssrjX>tn6cF7A4K+ zgM(G;oY{pnMl#!QM>Bk(HNJDVF1GvCR5!Bb`3s9cAG5l%)C(()N&sz&eQzhyX(x{d z{@@;wX?jnxuAvw-?o-b}JWVoPEw3PpvoBA|$k* z7DLmog;j}(Mc`1Ff_FZdKgBLva4@)2)8hr1pJ7JUxr{<9ard~p)~#cbhhc?ZR84ua zvZaUq)2?@=FgWnl+rOtfi4)S(N5HQUYLL>W#IJXNCeo)P$plC}dbngiLK~Kaiys$$ zFJO1-8V?;DLy`jZMpm?zA#!l>-E4%3yzTq|6?1w8-nwoBnAvf1om*1^uS}oxWsOV3 z{e?v8?-Y&6`*TKRxC7-)u&?eW?r99F_-hgA!orWsC6ax3vTNQ*O-syY;yiWq!_=dY zY*TN{Q#a+Ff8&+FUH?qI#_!Y?blVV(g6KeTxx^n}PyDO@K2v0d%cORDEbYK;jc1%VTHm@rJ!1uiuK zQKI3uJz6Y&emg1|Ft$B9wKS%5Sfgl>d9tM>Yt_auWMmtNx>*vQh#F5OhWM4(IQZUVTAvsqPbI!*;{tQ8|VY3weW%$y07Q~m#~{pmUt5b0^OU5 z_~HOrG;wR%9>3|+}CCI(jurIc@)3tc$ zVtk*pAPK+1o`wAJ$rPYjfxhu{K@;{cI4H@j6Hz$&Y@LS-3|&K=LDBWVjR?Tjx*6C= z8_kRc9J0KBdTb@iKFdP7xe6OSAQ8LDCXrBd%vpf3L;}(U7pf#7jK1jwae_SHgt53b7FsDU$eXujB)7FCLa^TKNY2udjXpxou&x1NGdrtP1+{kO zhB!Jc)>XQnU&m%{Y_Dy};a|OFTg|f>4Y4#n^`-6(r3nV4_Ac-O52j7sIgOa_3#V># ze`1Z?j6LhP`{EL$=@F<*m8U|$tw(+PYAWS@dFR$SCKKI8Xu7Q@!_jv!+ux*?;)NO6i{g*rIu{~#Q}TLnO^5xlS0#fPdc7L`mNUQv*?6sUP)vKer!CmHcC5^DoPr60PG z;1bh7hN!nI$(0BX7aWye2cK_bdrsK1J-NZa;~b#GJpTT~`K{q`_{}y0nnc7$gV|+| zAHvOxLRCJ$6VA(@#LJ7;_ML+ZVhAOTf-yxM^X!bYj}W~@@;UvZvXLFf$9hf~mpMgz z--Ax_SXn2}>GUaxTgVRc!gS8;-q`#*`Y)dMKEO!pwIM0^FE`f45jW&iyjj1jF>KVF z2=LpOB?&+VrKgP~S<~-f?l3zVv*gJ01AQ0n?t((xzW-BT^lZQwj*s)iy*0BMPXhOo znS^WfmYb&&3?!D0lBUEOEduL$zuYkMAiV~bqM;I?HV;9_e%Ynyi{-Z9J6zkC0xfHha6j#b_+&wMN;o=O)Q(Chbu_FEupk%Ep*%* z)5iv#90DLoasBbFU7f2V@K2hxki>qceDC)6;GWWJxqsz!ywf^&BwyQeaM>~X6%xm?01|O3NpH6D8M}{8fBrcvnh_5zf_BZCzEBpC+YA1l!OlJwJgNQTk z6v^UC?$3*hu8;i*8N)vU^vSh`mypMnEUO#~d*~ZCIuV>-T8`jZC+MQS8Ad&E7vM3w z+p8!<|Lrlu{0UDH#&8zB3c%kKHIURVDC#_?@3fT{w=bH>imx|rP&K8~>-5?XY#9$$ zSwOPbscFxg!`sdd#(ukWfr7_P5B@z9Cc#Mko>lMD^fDo0D&Sah#xZWTT&#Tdu&#M~ z0g|*Sudv@*TgfF9gNHrRxemGp79OXQ3~F9(#P=n5lW_~@QiId*J>9yBsU zx%Tz%NgiTBguz^K3Uw*2M=_;r;xQibsL-Zliq|>O7k7~A0?R2Vy+F7gcAwS&6LleTny+63~Nq0NYU^A=3e# zq}q!evzn%=h!?e-rtXvSUvS#W1Wq;1T-)7-3_WZL!~(VPrwhV%;1+kX@NCzf(#|@v z=P>kJjR|&0t_CrgmtE70j*e@nI1%k8?D1rhq&Cy$g&1iP&E0v1-%xnEjYX=eO3aMe z|9MrPFOcS+l^{IC35j(4G>zV5GnulYu^Cshz*CR|;Fr@BPxJF~_k9M(59Ne`--2!2 z>Uq-#{ZTNqpmfoj3&L1RQaF9H5fpXx_m|p&gm3ak@+BSGRUOEDxNc#-nq+}u%!jCP zhI7fs?Nhr>10h|&?j7$nL!|eE2Dj6+^1-YlFy^{5FcEC&@~=UhTu#(J7pv@Kd0BR6 z?_KKk-!F|RR`CQ8_7-K>Q0=h1Y1w40smJx437;xNZitTSvz#7HG|Ips#>d~}7t`ut zeFt*0cSO16#Fk4@K%0*$AQWK8-`4nD>e>W}5Wi|b4OBVcH;ZLC%oeySth*gO>1*i_^9Hu|<}jcri9q%3O*SzrnE8hYFy3iJS3+ z=2lFnxi9d{Mgp-h#MWGn>IW~7*g}&8_x!E@!r^}W)ZaSksY^uXd8>QKTzv9oG&>kV zop&vRVfpi2d{2fsMl$q^LCq0RlGb6V)tuQB0*)7(hvTw2LM6*i^VS`~|O$CKge@7l?E6l~Y*N;(#q*vn_^A|?bnJdN) zP@QaUM6bz=M4R%Lg1VhBxH z^Stt_U81hnB}e+s`{9DLT>Gsmr_h#ZzCdOvY(_wjoPRA=x#LpJOEPh-Kl$rC9vqeD zmm`~pxQ?NWfLiKPmQX`AKmY*4!uaP)K$7+g4@2%auzmp_}O>7UYSpdN7e~ z?i5UiA4UpBlPpC*!CDbf2$INNqx4+|=^J`M2x4^)Z`MCqbOpy!45#@B1r$i8o(_j? z_@+`^du}?gQ`JY7L|5~qPWulCEmEYaI+n3+=U)M6*WM4gt z(TYS7)AT9828BCbKs1gIF~T!y2{#S$NuwIrUQ(8$jKtScwK)<8XV&u%z_{#+mqqTY}-ki#=*^_1x_B13bMAUDxC z9%(OAm;g?eNn*|VF4k`Fp8l5DKzYR#f6wcIfwh2aqmp6SCqJ8nF56;}!Xwls;VH}` zhjdSx|ct6XY2~)#2U{I#Le&i0pvzG(t&~L8Jr$Qw&F| z_eJ$!xE^ilr6cR6T-3bZ4ta)_r*ImI?sC<3&l4r1<`K)4J-mUy5&l`fyM=Q1(}*WB zQd%D)exz^eu1!XdruDhNkG1|xbJx_5ikmu|!Y21OZjsggO@wetk|=(+T~gwWs4d&h zB1ur1W^XHbmwZ~HGtP4X>dNa&5}TWPA3W)qCzRYDil?m9{;{ZniJnl%OhTy@b?*hDT;6*ed)_ph<+qIR0 z^}jxcmmhe^-eWTzM?ME1HhYOkcfWkEcFBr+IgRQ>{L~S=Kl0eG8+DuN#dI!ZNI;d= zc;2OG#OICxra?$-@7)$25pl!ujUKL^i9wG7?H@r{%wCTSHh2t%5=g``KHTZ{sW*4A zHc=~m*E$mXuJzdaHfuD`5pXqw3#vZCNc*zklzHi{i?i+8stfgBM|?67oMj6|#^Ttg?oPGN9;nn| zNJ&$5Nkr9I`hpN>kP{{h*zc%l1bpZS06~#X$Lv15CX-b;zb8CDA)=G)Rl6j2R~sRr zaNIg;aEEf!YGHif7~{S$t1{eIl?0-Q3J`l6-5Vbse!~a|oRwm#}@1rIbd0L8(<-B!xAP zh_=kxPH9X(zi>wXo3r#T;ZVv-)#oTo8y<7W_sCpWp}M-V6aQ?-oJbcY5zA|% zfY=LaFB0o;eJ?q-2aldJCnusT9)YxY*5=DO(vLoGcUY|32%r4g$isoWwK$F#B5j=~ zJ0HU8iMm4&wJ5CB%)he}>8) z+j`;P%gEd|0uCqE$h*w?NvOhizn>Cu%qx22jmlA#DvSea%%Y-BDO`TKgBT$V$*WI= z{cBP0N*w8nih`mN%Azr2A{hcxs_W$kW$;CMozOxKMET)JXFmEH9@aO=s*nfFXSg+H z;QvPHX(C{hK1u|@(|}ErhwO>KHioqh*{REiDq*$ndxNuQhYWv%wTKrrZ7`CsYtmZM z<3_5A$Cw~F6`X4Brpswn+~efzYF(x9s|W5OOp{-xecur`Alj>ig`^h!Lsp>13DSz8kvM$c3WV%SZgG=Ol)uVv*=H;fY@@3_94vP%ZWqof=qSp?pyCbwG--Br}eiXL_c6JCpv_ZV!@rW~n%ADsJWPU#5sou)(Mb}v) zlVj}EughW?*czy>ssmyr!>Uzvn&22fvnur%Bb*t z`s@S2iLwc-zlqb`K*$T-Z=Np7Q>0{LnJ|(;QjW581MrEtU_#R;Y>|CbKwlqkXh7@> z&c>YZq6E{DaHMl-11NkIp4gjMps*oLvn%wb0H(kad6JKn2M0qo1qKcHxR;t+^NV2= zWCbt4$3-t1+#!gY>Uh&gq4`qb-3ake_18U6L0fu3-c7sYRB{7U9eLpF6PMQ_vcSw$ zH_QPR%R3Xd-+N62Qte zNk4t$I8>M2Fertyb%VlO!Ltg2!u(*!?hBEt$GFR`<`{D3m$p;kDg~F+L<-kP!yO$<2h*3YM=@&AFY!n+f(N+fAXAFsm?UHwTVkS?JnM1+g+_Vt`6V)k{H zoUI*53p4GZ`G>q|v`tBmT#AD=EkkRkWM5ai{07I;qTo)(6iu+22>HIUZP1G=tKg?7 zO(^m`DM12Z!DqmTEMORUoJ=t!u|K_~7m=}p(m+-ocj?DKk{)A7r{ z$Ube1RiFdJDo2aHTsR26{%CS!ex__Ro0C%!qH~N5Sw}1-IdFrNOoJdwbPSI*G?bg@ z&N_P}!<!(1$>*S?-rlBBL?1}1UR-V(W&2|)tz&CdM*aYgN|vq<=5 z8`(!S`R|FGrH0t|JQ|7#< zH7wm~Kcd$s-bGItSGP6>ORQgrabFS)m;lYfCD@#8M(7ShGptF#d-T{v3>$`y(OLrD znMHBu5bvdzw1RqZJ7x4Upr1F@c?%xTTdbSSB-{6I7t&|yhbYq0F3M)#5%`Xlv`i2E zSkGb5cvP%9ex7hPi**5Y7Mne1W9e3I_n!Gywn}NzMb-f`Y3C`j(aXtwL*sp!B}VGA z$3qtyxNkT|4dF;YcPa1HLwR9rQ)Zfx892IYLw$IB^~prUA*4S2&@#4AFKSd@5G4;W zQr{o#mKVgI3QJ5uvmn`wyB_I235>vw_=l$8Z*$M})f_KG~^?p;Puxmv)Vx$@8zD1@E6?UFeqU*#^l zqtWFHe439Hy}$Y5LvuqYs4)!Jc~g9dxP;mbBm;foIQPyfX~DmI_inpopcHNx5QL~m zBegF{8T?>Jc#dHWpd|A5amQ?4B6;xyp|3UagE*C4!Qr0FDA3+A6IYU7T@K-qX+-@v zSexFkIz3f^?2RSKu`Gd8a+i%v6a}KF3?dW=-TsmH&QrEa}v9P{$i`wY$2zF-PGulda?3*FlljmPQD(0u=;yYG0 z`NUg@8b!Q>Y#x~@<(z<5H9Xfxqk74N)jn|2t~hmiT)W3?@BEhkBP&(P~0F?Kn^r zv@(8!?3<~eI}A_u)H-}XV40sS!;fxH@;K~FAE9G~G}mcwcXMV$Ui)R#ASk$-sR5z+ z7uWuh%!VJ#YkTl7eZ{oAU}epT(6Qbq%u7L%H`tMal)LWlOA87?DgbgE7Y78j>g-W2 zz3a{e>Xtez9$fVUelUhDmovbz)5e8EbN57q_a)r+%cP(l5Vw)}iSjPeQ6;0!e}W-5 z)yS~yu^V*mKeL(41=9PAaS#k~BLlT|!G_WgEbOV-EWC+C8<>eex7<7itjs`8idN&Q z-o5ow>MAlG78Ef3BDpgXySMj=y2d~LA3`1z@h8p*0u!#n9q<~IHO5RZNNi`wnMd{E z8Tl~uu0nL;&FDa_()*X*=q;4k?(2yi->jfJ?UcrZ8EQnDhQbi6*WRZ0i)%kr2YhFoXK*7OUX9OZJDDo>0} z(Jm*4T}j%kjtnce##^xiX0j=13*J`ai>$$X_FIwwXLa4TztJTe6vSQr#EXW(%cX%u zw@(qEMXmFc@yb_bPTcX!M2LHL{OR~4I(diRv6_K$B@M**)(7`HZD5ct`MyjgVDEcj z!f&MW)2EsIE{kW0R;Gcee;;4Sm8qoYGTr@qD-2fs5jx_=&+r&?-zBoja{h>t70|Ex91Z6S2+37LwwPDB8bAlx+fKb zCTk#lAu2um^48!h?H=*q@j#X~8PC;dy7v*AbCEqJp95O>?IX>Hsqy*Z6dH(gdN;Ion9 zYSH6Z&5;$IvI}+X?WguL+Ub9atK)ZE>VIR!c2e+>DQM2#lBX3{Cm@j(ryR$(`N5wo zLUV~?%GQ_c+&uIZmX@!(8G9l%>#QkzHuzwL?1lvMDf2%!#s^y=fC$z)hPfE>^j`R0 zkBiU+#@Zd9f@Iaj%E%IIP~2(Go>~mEEG9aB%*ED}3f~_S?Ephsk#C5k)H#U4qv;1Q6cE0ryCC($@Qx3x0Oe}2A8e7FDYS?Vj zc>}^!pV2_~wf6WI0O!k?z4^2ky=bHEIgDDDoM{=@c@{4C!Ku1iZjnNR$DU+uw=yu9 zeb`u|csbYH%>asx>iVrli|>>1U(mCMb+M5@FE#=9J{9(1#dwH2q+;1sZ%p#txa?R# zeo~dSe8jpe2>%@&;0+EMBChLOUMX%6@Hye0Sk8;T?2@&)xdo;c?cLJ1uh7-uPck$F zVON}+evSKJPSJ_zA2a`b(L!17B~TH04G+)4psA;LG)ZSR8YsDZ2emFhvqnv|^lno5 z?Py|4;A+{pR=E!XMEi2^;!$6f)wyV~UFbO?hqtZGd_$M~iqJZ=`5L#PTq(ynS+OrM z$K&v`;N&LFIOoQJS^v;iU|9M|D5pNslGeu_b=MdDULIJm?zOhiP^XKH+)puu-X z^Bga#>{B^@*RGJGZD+|Q;6}ZSv3xV|tVCFB+V*hX>&3feaT>-zotsXH$P`%@Vgkm- z#}c#GzZILuAaIiMbYO{4wBWti99{cVHM^0YJHOLeaL?ZYFOJ6skrXD+o1+=ndI`aMv_m;C-8f4xilO#?z z{~kxlcer4JR)0Tv4w4AsnsjY_o(&oSk%vrA@9jfHGkg}br?)1=lD0U~BU!*r>Q=R& zwy!XJ?oxuMB7~m&QLM^F1&msx(Wxs*pxb7`k3E*E?MGa}CJWm#qe3jTsgYsX&bEQl zg@(Kv7SW%2oiYQ~4E&ou04~(XUOTaQKGXa#Q!Z6xwS;equ@2;c04NipY*```LEnx(K|i z#8lg=a7VC%Yu(B>+DCB&kN-{Oa4Avwg*GerD>SdQ_mCA5Ib`XL$kLq9VmUBuNcZAV zIBRqD7uM-tUCKUb_UT(2(&PDc;!p~1Q10XEAgu5CJL3UgVTcvQ8Z5RO9}D+1F7?l< z-Jzb;)p+w&Q(E}6II~et$0^YkA0BKLzB_S)WH>VbI%375N z&t`~;M1RE;ELk0s*4?J6(brrX%e7Mt1F&*JS?6KX#Mu84-ONBfLmug+Yo(SJ@v;el-nwSF}7$ITdPnwPJEpqS49l zGINE=wwSo2@jWVjyTXfU3Uknv?o-IS)Rh8-PhjTb7IV;eG2$aWN6z~^HQY`iW~vX5 zsFK8#+Ni_FchsaG3D}4*Y*Cl{Dd5|?=gbxxKX+xpsJqqiyhrUM!VrO_G(r)$wGNQ6 z5T=Y?H+Lb5EWB9K@gwBRS+|5&jH|Y>s6(Op)=A8!6dFuv%513o(9KlbE)-b=%2DoX zh&aw|MTxDVq`{`$HF3S`syM3&n5<7jpX@f9o%rYTi=uddlS0d7oP$w$q3fwKq%zAqD`(q zvj`QLuNhrmYHz5TlK5$O{6x02zS9ppbGUVu%GN(1$yXt1JMH?w@E`$r7nWyd27u{) z{>6K?Eb7mrd{s5BkF9 z6EPh&#-39qo0l=6ON+%kYr`25WWym=Nvi%yw8uPHUYL;tnkWPWk47k_iz`B(R(;XN zqO&wd#k7$Ys4tmO6BN;%ro1m&9a+Q|0og)HO|>>jcbJ-Cdd9XAXTCG$X_ts64c>2I zdi*eVEJBSS<1xu7)UqO&OA6R`w`LEryH82MOnt-(?N4da2wdY-l5N@9=0JjH&{wow zb2GU}l7%4>B+^y<=s$omEh!@R7qhdlas5D&@PI-)4eNR`{WdZeJlfK7i1q*>$=qBnv44`1t; zOid7x<`bN!sX6uo3-po5lli2OJ=;lh#-uL*XItW`k5W#S{t`)mMm2g3iXjvvU4u%? z+6xp9y5;RTU&33-?^ha0}DSMFdvUe(}ATb(&HkjQ}aNsQ8Y6 zg{zc-HDY@+!^IRF6QEVb5C8Hs$xNinj%%F?VE|qNA^R7zPXy~^Psu*ln`Lhm*zTB7Ajan26q>B?VMMq$Q+#>F!>T z4#5RP8l=0sk#0~zx>H_!|Bv^5f7)-qotbmyoa10Iqe6WYPwXkKD75l3quMG`g?z<8lVS3#+K_V2BIj zA$OsKQlLce_#@&ICB4QjuJ?QATh@43R%ZN8TLbL=nn>yu7#4`afCdaRHUg-O<`!BM zIJ^G1^;`A1@cdd_+*mAfb>8suUHMAW`qEL$)2%^8N7<%;ZVN8|6?sqOC|b1L+-+`| za?cMm_?GkZ#)jMd0>H4J(s5KCFgx`@L3|+Vw$mi-?^}APIc&Ay6U0o+<@Y$;{W_FB zrR+9WZSOe`f|Z7lvDM(6G4p{Y!Ale(L^&`)KNcdxibuys!}szXn~d`4nrGH?T?_ZO z;+o>bdcR)F59!Y#vGZ&ZGGZGFqzC}=6^TUFf1h?hJb|!Jt0s zFQkU#0!@qKGTphSMpG)*xT=yywa=sJKA|%sMf%fmt)c5|EFn_A zLE9%qIVScp+b5dh=btj@*1imT3yyCj!^u6PNbnt3cjty1JO`sF*55_CblEWFH4q8V z%P?TIGC*iP;C${fdpoO3d{OxKv!BrMpQh6{6N?h}o#)1-i8w+q@xr*@Rl1;&FDpjxq?eq4k7uXvEu z-3|9HPcn(V(NtUEC%n2IUYn166Pu{>9fbl(P;53KqB{4i3wL-LU)PFbwfTg=k|DpgbF6NKA9X-MtrUBEvxHs`qyqh;lTND15Q*zEGUFg=0N5 z3(myA3(hWsuGOL1!V{wsqEej(&ISYnvM#z!e7W;FQnP;r_f0w#Uy@Y z|HBbQ(kvcLHlHAY(>j-QWRQp*30ui+DQMG`m!$c}uDqL)VXo|l3P1nVNbK*=^x6>f zC|Un_{~xor{JFrUrO#pK0^Be#{S5G4lQ3RWL5z_YP0-bzX}~%j!}T^{+|^#L@A=yF zXK$*T6EE|D$82uhuUvRzGj(RZ6>kpPEX(c}i?qPqP2=V6`?lANPQ39{on3iyOw(zL*I{JF-nQKm zr(xRv9&zp)m@tyHGpr#cSBf(&cPEES)9#e8l<$sNnViUpyK8hw1jFIMJN1%ozJCRvS^8L$(M@Sri~ibO=Gof2AM(Av44%tm zh)0K2C+{bpZUHUv`DJ@@=d%`wE3~z^HA=lqd$sIUe!q4niO)#_)KVaRyRv52NI{Yk zAEf=JXLD512{V@woRC-5U$Cf`GegVaU zKn@j{=og}4Z{a4>%tdKDx^zkHpeQWz7nIlbx6!*B?955;Vvccx;CMr@Do4%qlNgkX zB~a732;NH;@y55!x#n!+{RCmT)?D)MxUq@-3|-cr0^vOTWh^c=vS@M{I$oVjsVrlh+W>RcyBbR)*Aywx|uOT+KxK$_Hl|jW9Rj@mPS=y&)*a` zhjneVoGrJF6e7@-1O6;ud-*24?f7Ol!P@RxuT7a?*$cGQ$X! z@Qb*HpEcv!L^bTf2vB#jogkHt*hq{uZ%6syi6@sS|1=(oKv@r!i!F zB1ruahJ2)CEK>?a#sNrCoKhAVu#e;`B5g$uWdDr!e#kG4r=X7!Cczp3RV;<0bBLZp z1fylmfEXQJs-3o+E~uuZ{$6W{^Bf5^%6?yXMy<^Ft8i~;*!LLP=_6uCU2ryIcd@mHt#!BKM!4<2m1e!HrAt}HsDlc{9 zm0*XFm4LFeppqO#F#HrIfGo14L|Cl8VbQtc*?Oi@W*R~g-Km`MX&d-6 zQF&5z`EWu_Eh3Gc@I1OO9s;m(#x2}zPS%{2bHagO7B^MUIt@0bY3k}BZ8xbWXL=+@ zzhF<&*koF3dF2gAX)h4*IO{3hp_X-fx+BfTImiq}cF`u8LS)4jnbO9^nD*tg%dt*9 z*!d_E02F+ew^{hs;4sNcAcYN@-)R_1?V*%QqsJZy;9Q)b(D zU(2WQ+h-@eexoE~jemy_1PFOWH@OsS=^n2dFB0_W*#goAC$oR^f>rap9Z1KKG>DIs zM2P^-^gi5kBlsQ^zTP7YZ^r{oA3EI!%wV9? z2^?@U@yn@E>8EIqU-%LciNxgLpkT$)e&Ph9iRWlv0sgi!9sWb;O~=I;#q@M7Yv z=Wrg>xT}0^16qcUuNkFODY}JX6)7BL#!GNhn?qR^(+aXeK#LKIWK=dY=g=ihgc!Gg zRnBJ;)MdgdjaNEKCC5U&j02;uc33&(53k5cq7%zo>&3M`21w4T)h1@!eyF?I1J|;% zp{~?p(+4^@8^2zH;!nantJ^CDHF^nH7{%UagD{6076!(3)LH&wzeunj-KXv*$qC9q zpCB=LT0zUkeJ#!3v2qW9gylVVJ2+BQN-FcszV(_O~}`czpjUld>ROZ^gWhtDuB zBpIg0htMp^SI1oCD%IMm7&kF31-=YGBY1%yMLrtx%uPYzwal0}Ido$Yhhdq7<5uf$ z!XPt3f%&DOL0?hYSNIAREUS_Ol_)C z3a%ccJfw9mdQxV^`xHSBV01$REFX ztXAw`$mjvmnh~zZe%WMB{)gb;NzAPl}_SWI^9m9VeS9mKOIm6Yb! zTUA}7BZY*IQKoxTb<5A{V4-nPefwvSk?o&oKWQdP1^J@mV4F|~5$|rU3$c4#O2|?N z)IE1fX!1KHY`AayWp;C_wRRo@9CK4I5okRC?Z)KgDAFKFLqBqr^ zY=!`ntxHd*=A1s0M7KhpY{?mf)7?e|hb~1WADvp~OLj(umB!!fflB^VUkCZ1g?3+) z0BvQIJkSKBN!lFR>KR@T1P^#!uXw>P+YuY~Pls~lJ5W^yIXrc3)P>~v*Rg`6dU-1& z=^dhtNWr(KX&%H*zp5|h_AyQ~u~-D)Pj*Y*{ZP6X~` zPiL8%SVWtrWZAf#X;OQK-qEg~@Pah-jg7$+|6R*?@EX|=5b*O0K~N|{MA39Xo$`}xFo3OV~ca`6GJqQTL(NI^oNZE#^t5kt|P zQ}&(Jtl1*vNfydtv!*(3is{_pInAcotKP%6tj;rHX4vlOmfZF7oPs>+@{A+Nn{nmGtyxN%>i_Z!3X7iFpFxzP_cO|?4i`y!$pQ&td-ufv_B+}kiZz9xB07E;;Vyq zta2k^v>0?e%t_zDDb%GU$(9!`kZa8EL$sS(@DtAsQ)aRF<7m+%k5)_cs*9}501 zf!)s`F`0AMB0t+b(;hDAd2X_{;T1nBx~0CwM5ETHjwDX0!}^n+^@AhfvU@)ckNPz3 zwEsGbXNbRNv)8j#$0f2{)X%1cN?opoiLgRHtI46J3XM33tAWog%Y3T`FYG{{#hG-t zV?~^G*vK!}_#jcGzl|*ieH56e?Iy6*I$zZmy%*;T`TDG~US@>nNrJtEw!#l_*jZ;> zcSG<}prbRkOP9?pL21%ljHnkblKh+T5ao>epCYYS|4KTo5gFeqhF>mU={3c9moxnO zW;KF$+y>5s=4PAHbkzJ#P2z%2_;Dl3>^ya%vn2U}L6Y`{vG0DtD)Gl6O&;d~_)V`q zeHJz%b9DyzNZ>cnL`q}9<>jDt9Sz@_fN^*`O8+HyCnaxilkI>UAk(k0|83j1#_5s7 z`P}cUf1RQoUj`g;h2KOgGfEM0}pQsCy{0m`z&ljHgsT6=4hja7|4Vdj&%x< zsh8@d)VUU-z`#FbnRGjS1`u0kBVY^0x9k1(eIyY=cCPwQTxWbL;;0w}Ka7vS&rtwj zp~a7Km~SNM<;o@K%6@th1~t_bX=Hov(CS_+6g%BEY!3_!B}1%qF*HXNaDgVtw|jWA1J!Yo9IS?(8s?lrQfdDY(*3>AyzC8z67=T)KwiaatSm28&hL0{Bc%v#9RU`U$bTrHfDzmjXQNnW2JwOg!IUw9@)J1tTcUQv`x873SK% zpHv<)<47pN>UOn^yI%EB^(NPjyyG$>0ZpGvZ~7dKQdU{qx#?c)6{AmTFeetMBveIW zrn#S*u&^`7Pkx=?`I+6NYSA`k4=xO#TPluwHCLHdISs`rPzIenn*odDG>m|1Zqt|AJtMi06_Ak z<|HWH7J636!Xx5I*MEt07CAjE6W&WVq@`9>x?&rY_WOSX!b=o+q$g5Lq4OP8zc5TC zulp;b;;;ExMWdS^8}kpb*DE&}(5q%FK&#=f44S$Nl9|x-3}ePjDX;CDmQ&2kPBj*4 zUbU|;Si2GP48*rl()7gTo5RflU!`r3^S^n4UsW-;Df<;Tq-*oM@Sa9p($*w|t&}50 z`$}-2D+An)SCfwYtCwG`+!ZNJFt>rj61hkKNG+9o(k3_!%6Aow5esf!BDawSkX!bt zA`Y0RyCnr9uh_iey3Z*_xIgkQ0UXdRuzTmjVqbi;z<#t4gkiE&hhbyjKbGYEi_En$3^ z0T7Y|dL#b*^g{-wrA$?6wrx<#f2_mv$2zCW)Zq<@C5#Y@C2ed#Yd^lDl)i&I<+lk} zub#Ra9J6j4B$id&a>rL+qJKsWryDp1yjdVRCl=OZbqynQV#Zq>D8d@Y(;RbQPVP(J zolERaCuSkYMWg7-*a!~G5LlCKu29J{T_2Hm%6KY^f6C3Hw=AGr+7Y;qrpOvZxBi=la!N%9!u4#9gOQz4LI(4*+}}L?2g;59CfBMPy7sLUZs_uj z9Vug%i%gJRVAdSd#s69X|A!du{t#I>U{7IDB+%!r&)AoJI8j}>vWWss#`fBb&ITG^ z^chJ+e%y2WrfCPpqzDaol$FHw4~5Y?F_RINQ${)nsTkP)(}f}mkovRYpE@PI(YAfN zAAZy^ZB_m-IIi0gd%qgE*T$ zRgy$0N49u_$X-v+n+WF@Q2mb{{Qnuv0sG0V`YOghQxJTbg{oD`_zF$E55HoK!MHgs z(D52gqi6z-e=weFE?L6J$WoN#Je8J_Zf#^ZD^um5X_aVFlo04h`QCdXQMe>fHx4g- zJUH}+PM>8Fv$p();2}Y3Y|zXJZYBr^2XYsW)0(ac+abGW;fx7RlO4=YpB*~*KlfKA zpIk=0BP9}s({xqwMq69NUAjOTwMHHmqLGR?T<~rh3KvTH{(9n5X(03`sZlJ2J$!MX z!4mq)A}<(2_|gzPuIPbLm?`3*tb%$bYR%vFz)fuRUFEMTO2hp=P|fgoya_?;zAx`x zBLN*nbz>!Jad^_Hr>QK*yYHYQ-Farga{FY|=NW7tslqaKfAn4ptIXKJkN)$wbOilt zXXFV&J8-W61eR^)9GL=|p<6y^XC zNa~xkJ7rgBgjJOcv};XB28%`UW?CFo^-Hv`f};E8N_VUU7i_I+77AW;x8m2 zrSyCi{ypKMErB-kAHE?HEQqdSlb507sY|efi71$zr^L4YB@1^$4o@%+(yWdu+=`RI zrB43CG9~+Eq!T~-m0+Rpdpfb1qJz0?PT0wjiu+*5=d51Vk(2pV0R9g3sMCPvxiVn5 zmLkp;3Hq@!mQ%%L&;mSsqCxUecvxtgeB*$Nhm5bwTrpwF@nDY|_l9TRNX72-z-Pyj zy?N2iql#n6PH-&2pOf{d-e4Jrp06q*CbjjS{$nIq07Zl++@|KdnQj~h2~-U#Q(Y?& zD^LJ_#o08z+1`!z8CuJ0Vk41Ko zOwtbq_qK`6TlMo(O!qEQ`s-xiTFTS0bWPdx3zfa&?PVcfvyEeO% zG4A3%3{IP@`Z41+C?FAN0yF~%slx>CrQ@AFD|b6uTNfA%mnjlid+XO|-O0vksm(ly z&o?DkC`kvUm`xk7A6A7%tw2oYfqpj4%64-7?W@y_Tg{kZx?~lU^;I4<{@;!QNgl#> zf;^o8K7ivcvg^Byw>ZXE9bF?g2`+w?FvC{W~?HbaaY_b=ZgOZcpiF$ z=Xr7jJCsQ0c9Phg57w4d{;^R)F`aa1bkkdeUEOn#JV!E2@bhz35!I_^HpEsPPgiymYWlzq>>5nl+ffY~c4 zDKfGGQcY-qehHzI(qWC$Q-xzk}c+a`xWbpuIwyUgy2i` zE%D4+FQhexJ1=c!RwPI3%s+&QOnb=?Pa5nzn2X+h_oW>Yz7y%Y{CrZkO*$Z{E|=Mz zRD~7&P*5{cwWm03IjP0rDzSysi#02Xa}2icO8KXk1STL$K>yO~CA)ITmgv^d-Q*fW z)N;!leuWru7X^ZD2m^H7xSz-0>Zznst(fmr0yTmu+=;UDfc=;a#N6K+a$zC-yB89r z(-VgQjA_fkIC0T|oo?sMoKj{9uJIq?DO%&B$?4;~J}5Ckmf#+K;VWtAXwj^IffY=T z$nzU%E~V|74rn>Xq0s$s`D@MrllbvRhpANz+o1*)au(gk(t=cP5{L`g?Be2bs1lpW zQkWZr_QXcy1xB4h=ahONH9a%B5-h0NE*1RgZy- zIZy+N>>M;s3bu-}yMl^y<*WEI)h`ql|EmJ%L^|4nQiO@YW0+!;xOIo`l@Xj_N-2-_ z>r>Z?ZqKWuWLYx|*x@~LC+bQIr`?_gjEB_ho>!<(Vtlw?S)fae>P(*_Btfl!c6i`` zDXD*Ba_a>W&ivzNbap5!Y?lI~XKmL_Z{n3h%xSus6XDvfrS->2g(IS)-|R4lJkIm= z#mnSwpJxF5dxH`pgy8?0l>1M%=dNqai11w6n6J@TVvm7wodQl}z`?~Fg1U_;RquLfA)83#~X3jJ$$4mP`#6#OuA zY`3R3Z*>jTc}CL*kRl?A-3p<&b}2&ni~}3t!995G+YFg5e<`LSD2K|vhW;iSr%Id? zxE{9&JQ5LE!u7ZvBX}Q@{ec&JI#M+{8RHy14d}SHAo8Ns?vS0tgj^O`ML6%j2yt-t zvvIAiT$bo_w@5v7^XlFr_I8u4)C^zy(fOi-EOkLC?q86-29@*ISBRn;=SSMzBB+7L z#&vo>*iBUxZOXry-Iav?^Q4c+}(S(%4xoXHsp)5 zY!o&|-1Z-7p}lQUFa1GNY)Q`ds1NrPC!M#0ezb@`a!vsFLedDSER`h!{i&;fRfI5WQMFoCLC7bd`;#nX`_2P2C`^3P zl9m!G+Xy^ObgzJ%h1}LRBeGzr0Rd{os$Tc?SSO8-s3TWi+&^uCu}Y-Zh&|itIy>&K zdh5mTT7<-RlZxg-;P-Op9*YvnsAoi-xRWw!Z}&TI_HAN@@Z3>;IP?3SxVd>RzFu67 z%S(J*US?z`P`+CBmBRa%v;`9=KJldP&uMPCB~cXL>?Zhbyp+!V8YM-KlNZg=E~EMd z>{+JE)N(8~WGLmIBO2%i1waCeFf0~44AdA#3!F~TKId^sjd?;BqPVC8ohFf2FlPmA zX$MC67;Q~pl*u-3j!U9-H3JV`K^0*+jU2SlzF!1tAsOs7|Dp_kx^d#CsMRE`Q2rwt zVSodRKC2?WYGHdgf=zN?WLUzA6tH_3NjvjJfd^;1fdw?RTvOBc>#H9JLhN|RN^1|V zmu-4_#FmA9uJ*q(GlKu2qv0zzzUhJymg-9Ci;g8L-$u-f4-&@Q-i`f>&YtQ=&Oh~| zoXRg&q&{LKo!U88Qjr_y<5Ozwso8;lhKc+~j)#cSWEdtr10j?~Nf7RCwh{P9!H=kl z+GTg#QxcIS?Qs6t^;=lcR8g86=s<;Xbnc_M;oik>u>#eDxefu#8k|QJ;8X`!lz=aC z1f{JE9eofvcO-yb`E$03fp6H)c`#w?XU<;Y6ro!=V{=tU)55PF0t=CJVM zEDqy>%Iz|D%z4;9{3zR>mMoi{774wr398eU^am$xpHj%pAvPVGBHFEDXOv1*;!j1F z4V8%3uaxsD=IGWQ(i$`26T2i9Q^t-0RDh#P*Nw78pXj+Xs|kUy?kH9epJ^p1o`F}S zpf{b1_x&a5$)?AN6+SuCVXD+1gxd~yF&MmBsdh}vkfiMJ7fMK&p7(x5QL#!O%}fTcKV$P? zSU&+GQL$3fWB65qys=@pRrV&$Z|m|6eV^YssB>8??6kMI*VY&r8}-D;ktRb*i0Yl! zXV&KrNv*&A!~OkvHezF$vjP`f*w3+RX-l%YFx%6%&VRDM_<_NOR%2v~2*ra<=P{D@ zb;8#OKz5C6AX7H7v~~<-WOVRy7{jiV+tKQa-*wr~A+ZdX_=cG0OU#)TnibXJo*=m>`s5|z4>rpDTvik- zn1)`j@@U$-%MP~A;*4i!qmVbkP(6UKqp&BDmxoQxqGVng+v%g%JE&&{Fmhw{ zU2b2`wS<3s4S^0~=nS*m)Y_;0Ek3Y0{}BA;ckc)2+VvmoC0IlJ?mk2JE>nS^wU!^O zDI0PxoH?7Dp4tDFTOessKq@rgaP-sQP;Dv?dKU0&oQlQshE|3s3*>yv!30je-YXN5 zw%u54>}{qim&9FMVd@C6_zXnXDM{hM@?0}kUmuiQzX+}e%g1~Rp3^W-kU8;h_T-X$ zTpUw28VISd50OK;i}Vh1;nlLd33`mN=UhofIsS$4RW733qg`Zv7Wm^_vsA31sp8?H(!9}W3m7fhC`WV8p-Sh(TAh7*Q;_1;>heVq*Z;2kp zcFWBVCA@g_)1mnn$F0oI4RDZuDxkum4K z{EPv&uemg94KUAESnPRLLzyA6yO8s)>LrGoK@ z!+)8-kPOhJpTY;_nmZof9Z45r$8j>yH;}|1A}PKZ{C&?mT*)uGTVQKEXZ|aP8xKva z@?e|C7_BI{VKgS$1385U5oQ-Zaf;Szk#LBe4P77xiefCBVpXpw$izxDwk*!-!83xB zyG6Cuz3YXEjxgj2j9ZeN)6!E}^3=6AjiXNl4jIIbZlDtrGZ>Hv_q(?nHnw~Kcu9pL zH`wb7%XT2@(R4;1Yu|b*>A&f;3ok&7Z1^~1$2sv3Pyw%Q=MFX& z&ry5B(D-Dy%}8z!ErkX8R5NW!a4}?yXskY?rkO2O<5eMBMl?9|ZzcQ`zDfwvygbIs z|9$J%SD*})XgcFU7JYmUZG3d9liT3293Cl98m7louc|ElhN<^+K%Vm`v|!G|rEMb6 z%iWeQDiNjS4pOz-UNEhAfgM3hryTd$cP`uRL!*03qN9c!`R5;>^NW@@bE<@^DD9W9 z;+^F!xZwg1zZWhP&5Zq?=;LyL<=u%%FgcM@+_iVAJ6rc~CeMWo63)i{e2Ye>R^>c* ziXy$`rll>V&S|FM7r!BW|%DWPhBx6hy#zN zMN-bWmi)}X2!wEgX1MXctOZtspr_Ah;*Zg9F-tyxm}~n84eUcNSat4@=wigs#%|W5 zQ3P8aIV8JU^PbwzzugVSR2my-5V-MXhd;JYMlp!l(sq(1`-?Gb8!v{D&BubVwg`?C z*H?4+*3a6L*kK<{5Pq;`Ba7y5?KZ)8Bgfu456O2bPP^N~U>1i`+9YYpyMq+ZIZt;W z=FV1@mzofwkIywf@b&EosyHcXVni2}azM|3C*^*`@M??$LO{q>&5ight-3e~h4@5v zqKoOe#%~13Rc{Gg^o@wpb8T;fyv>65abRSpz4_{AS7aGPyzHM~I=m`IM9u=99(KJy zJe+Z+x{>I5x1XKm%df`7G;xUW&bVf(v$uz8l8kj^0n)g-*xEHY-GzQ4MP)l z7${$?1yy!f!TB^~m${=5C7ATL=Ek@n!oU6%y@awLK~VWrN~saeNhO^H``sxObuH8d z#d~srOpqZjNydpvEo@^RDj8YSfma*HLUq|!##W*yVl1A!SDM!|SZ_c?8FOYIk`5@s zOVLj9fk@*sChlJ_(@@2aN4DQZ^|Kt+Y|$n;rjCbXiPyT6`FQ=k3t$?HSH%$8OLrnA z_^#8VOF3sn(2-f^stSXZRNq@7FUjml0eizGqBOwUR@FRRQDche(Itq27>r`mu!h=Q zEH6vCkX%%5CewRj*KoWE&}o$xqlpIvuNPr~XVx2zFm_Rk_~7KHz#}S~%V7{_ZXr4C z`SbF7rihtgL^t41r8~vIO0X$<`!Jk@2gmX=eWJNC#Y38O1M00k=QXsXojx{o-ncna zRiOgIiPynqcS%reYN;96(@CQ-Su?wO-f?}JCbpcE(Egb+jcY2}dcWcaNT1KO;vn^- zC;TrvfGzk34SW|x4cwLUwv(rT7@5BJq}|2MgvRn2-a-iMoIW#EHc4B_v!S2zE2V3D zt8FO4wazDlAoix|3e`ic%+~0Tlc+Yq^c}THd;kl+ro0ku8VPi<8Yb^W;mL!;;;y(8 zT%90mQI#a&DcVV8_iHO{J9Ioxn+i5QoXF1U+PKwyK=`<2c&n%r?0AM6vI;Fv;y1jlOZ} zpHQ2JfQ6*pl{*Y4zsfRzE?88V|1>i!2sqFD2U4FCv|rWhg;F6I@zLbUu|BfBA?b;= zi3CK@C|Y1a>Ihesya%WuW}p|P+xoU}z>;ig%3A^~L{0${&nuff*~l0ogvO-;W&7k~ zmH0z^5)_XCWbkc8cz8@2D2DnvFSt*Yzwrq7Dm?oQ=q-!>1;~te1viCR+2I@2$IkC# z?Qd6ZPJRY5)UOSLcFoOI*yK-HO4Rd4wGGayP}lQ1<`-!4$G>J&gaQ=>#V5{P1obf{ z#XZXS-w2RHY;t7;sdmrpIgF@z-)V+reY*d`1W)d!v^AwU0_G5G;Jg!RGv4VRwBpKs zD`tJTunf!qcqx63R?E~o%%1Br{9IY&ujOb($o@q%FXffRhDKu=Vx2vtDAqtwaWOpPTG?2Vw~)+_~Vo=mdd^9Q<&hPhW5$7-lTe|5Z9ysp@W}^fpHg$ z;uUXHU_|wC%rghYw(Ny4s()(UK7yx$H*8@9#1h1`U@8`E)f-@`@W}@^%Yji5=rZM_ z0p22{@vi(fnD70`PAcWA=wFxLlnIme|H&7|H^H~Q$zHd5p zGqz=I-iVK^AW+>;?RZ$D%`QJ@Y(4GQT;;!nb13`&pI>PZ>D2dE7O2sc)XEAO=VaXsT&?}X@432UMl$rB z5AR_aFD3WECKORi9mq?1c>6Sxw7M!R81Zdufm4+P#M$$QKT{{|XmD|M<(az}ZJ;<~ z`kCar1;*HSVRMUF5NdpCPfJU7_?#)HW28RP`D-opi}m z^YVG`l)zc3$^sG&7OH&2#6KioG#`pcRbqm`U9ON}JV2oyC-;1ZWgqGVu;WB$4hN!Z zKOGt=s&9MMNx1E@(w{1U?=o3-i<~S=^W!-K7Xf3RapqwwV{NKEzA>t(hgv{f({KFq zUC5DSf6ahRTJM=6CSf)bhPosR1Vsy*dSAw~5z<&rvs+Lo>K+mMF*oT#RF&-3Y6-3S zT9Ll{-3aL^X|Ly1fD3P;mB6H}Ro}K0Dj%<~TPQbdtnwzA?z@Qn7UML%Xhl1u7n!fCir5uVPgd3kNWXh0e zbEzEA*@R%wuM*7aD#rGmA{W6Io(!By0mM23$A=pTi2&#FCXbO`uL8z zJdWhyL7=HciP?LHitbGWy0~O?&f!a8Y$SVDf0YtX98J5S9=i-KVyMoqS77ECi@K>0 z31KOdAw`nqP$IZz0K|GSoG=2OK$05c=3_Ehsn(BHi8zgMhyUqt?nXZjAuDK(d&-Q& zAlq8o=XIROZeX23eBeiQqb`fFnYJvR&;qg)Dn!N~FxP%LY%cx;<$B#@S#e7871Q`b z%kNMO)v&@0$ITPn|41Ouu>-OndXDCG7G5ZzL~qfTaTN@~BKvta?+U-5F)pwHMr+HAtj##sw(GU;!yYa@&8 z;y&s#8YtodiUus_a5s6h%)L-BcLIPx^OHvf(4Pb{i`DMV9P~d7(cml9 zUey!!?#HJ9);em41&n}4U-75(;?76ahZzLfrSDKO40l|J3(}s`0S^%-DSEtTQlK}o zxz*cD(VJH1ff2@A)tmB1)n?ZwQ4sG&=+Ml2QstrioV^mtK1RK(*bB|y$F|{>K1A2t zC#rhu8yKq}_}aF+CTs6`tfj!Z$`a48K6R4%aXuY1!`s~}+O3TouxUJ}vwFhL%YIEJ zf_ptpbzcpu)G!*;`zY z?}@$dXXJss!~}xHg=%}=$r9?F{S*26CT7^>w;}ursRROcGB1&u@uB?=RB;RB<`tTC zA3ZRNPsSV9J(yFZ5a10rEuzU|%41)pF-< zW)ZxV$2q{Bnf9#s(ZuT8V#M=()O8b`#+_8i)1!pwHgM19qlNDa;Y6sqm=C`U1Xd=+ zEV5ceNS+-olds3D&UthMfFvd+2rFL(oQG`TN0GpK(W_WsmW3oRjn&?d8)gN4t=$~1 z@!3>bhB&A1Zl}xPYcWr>fSE!^T6j3jVC~?FVuf|3w3z)tXrN`0U5-3IPpOOFu(x3B$FWP0i}in|Ch@1gkRvr8MoBy3ZaD)Rr3@5n%>B%vfAMNH z;cc9DbB1<=-;`26uE>ixwm2vL@GGKzUYIP&5dlao;!QN-yy}@}&@plA3DFi;6VAjh zu>i5Lc&?p4*~5fqH)`=v^-S0OOmR?uX;ZEmrs1R3sB>tSiwR^5ANyV3G;E=_67xR6p~-y$Jm7M?6-` zPd6@tXOQbI(PO?C58sCqRS~W>k{WMv+kShO-zC~c8Sql#f5U)*%JVTzQqJ^U0_>rn_)cW*YaS;-I+or6>VO&w3i_F11mRJAm3I4Rh2GygR} zANs~Z`q@Tz(kX-AEe43}$c?e5AsuJ(0GyXyrC?8bwH|bgf1;)3%Ku+)-~H9p*0rmM zN3fxI6e-e+3IXYzph%OZqV%Fv=>k$h2#5uwh92oE0wN_+LMN#78X*vRf|Sq#0RjmG zLT=7?zxT*{|A5QbKQI`KwfA0Y&S&;#t50OS$Y*o!JNH9J0d+o^CwM-8BRHz4@6<=b zD(<%Qu{4cM*}Kn`o#ar;8R)3AXF*O=a${jCatGg}Y=K@*V$ynd!fqlFQZG!90>y6D zp%)d>{7!gIG{4MkeljgS8_t1q`7D*IBo=2BS9h_>t$k7C$20lm_dCC*5aR!W>}MfH z$>@v5@psRLBA3{b2B*5->+s)Bo;K3`eDH&A9HR5P*(iQ?a3NdIy;-!$ZjVM6u}hq1 z*7FYe{oYF~Ps-QZ&XD5i|Mb2xV~kdEx#^ast}yQK99)0z1l{?f&0M_^sj!IcS$H9g zhy1suu@(yce0|x@%6s?Cu*kP~biWpxdAiIC2cY_?<)%Yil3UQ;KD7Ai0Xa@*6ik&PPzb9QYy@x5VE zx9ofO^IXp9s|XIu<$=qpZ4OvHyq75%B$20!RcTF9Zp}-&|9O1|Mac<9EgAGu{=;K^ z?^yAIol-VINqKz_T|XU}g|l)$t3r!X)dHg~zs|awD1|YBNDH$@rwC-QZh8f4_Yn6Q zf`iIyyWA$)mQJ37=1E2@5PKz6Uy@Z`zP%m%^Q_Qgz15%FtCI~nH;H?S!Q~$<3wg8W zxcBrkA(1mbylsL634G0aA|}%(hvNGoIon;|kM~=nsENW?@rid8n!g{i2w#sJa~b2; z12j@*&flQ-E1ta)X_0(?^8L7g4FRQ3SOQSsAyz%%^lK6~k>bc5_$MQ_L)N72Pqw7? zyi|+`hp0N~8qw#}R`cQIH{PzLTM}<64y^0#Z5fkwfx4DseKjlenpD&5s5CPp)cWu4sbi*bpF$5kR zBqe;4-zwv0_X9AGZfYXl02m!S`_3lWC`9wqU!SHze|KKUU2mLyGU4AN{P6U?Yw5EP zZ%%nen&51HccH{jCo?C$$SJ|U1@KF6$(aux*z}*<_(>Xkv*z|TNs%d5Dv{9y{O$UZ z;L2YFZ}mm1O`fUfJ?|Ac^9j7pn-rNg##h7p6=ryHLzwW#*re}>4oRl0vCqlwC9wIO zqfbilTXi7=V?(X6$#@bxH?_s{QhzGaWBQT{*eMZmDWRM)Z(pqPn}$BHOMDRW-Oaz1kHt<% z?c=b1*3|*qAIB#@r7YeX4QLm)bjS%O#>(Lt< zBa093MV=+iDlMTC*H0E1phY&?Oe>j&CcTbxI#=d(l=!3#0S`2r5UQ#dTuYh}&wp23 zVs*{lIHr0Z^|ynL$@41&y|(^W$KO2C91}T}Qkq~IHblB+pw|m7*R2_1x&b;2%23CB zFC$1N5?5QiMOb^}!m+WJ22w@!?%tyxoY5MqlB|5$C_CnWC;SctsXiBHZwd-c--y>N zbVyd&Le z_T{1Ac0l@p$ff1JUzqGyaw3s$RO0y#W0)6nnP%BQF`II(&l20>KckywI2CG!@Mqsz z1s8sS3Zb82G-Rt+U&P$KB5?79E998l1pKuj3nd*s{OVjnIaOuTlsG-2W7Vfvx1>I_ z@k2`gZ?52b{+`8p?m>8^0OYP{d!iQ>W=JYfzpAL@?^|O%QVdoGCCfZj z__N!*LbGiRs_i_phTWr^Wv-4S@o2?v{}A7oZ7wRP5aH%)rzaed5wgJRMjTVYhWU9` zr{0V$)mH7ejke#p9v7FsqZq0+VXW3G!Q1C>J*RJSr!hp)|0E~~RB-a*{X1s{`XmCn zCv>?ar^j;UM7>vroXvURHBuoctEMAKRzM7J-J}F+*kc-Tiy#hJWTf^2BRtXiH)8Eda0V^YA3|-ovb41L%q$D*s;e#vK?S5!Owg{MD0x!*ITJd@^_XJvG8Nt~G};-#E|!aWZUam-Xb zZC!r<8MWu-?e!?ShW`y-#_-jnN5am|&JQi#;j+}PN3rpxtAojUUS4Gvf&hC$nuN}T zYvL)QM#*2lemzkAb!ClZervu6QvpTeygGi8iluT*=$?6V;2Mr`A^4^`?S1UYeJ<#l z$}%x9XD{mfHR{ckbHSjG0s{8RHj+Qm(~*2xekU%7nNRa35*2R?nn#~to|=Bnl6Cnu z=ArsmVXt38y1ktam!7aHbV`3}?`F@rg|0lq`&$EW@b+}&5=%|YDSHUxpi!7(n*e? z#KUVzRtXNR>jJ%z!@!r>9&QC09>E>@>`coEg4LhvPwi=lu?SdF=cPW+lr5H#uZk%J z)h7x2%DU#^MveVD<#Tnh! zSYL0Mz^i@}u&b)#()YfpTT!1v-B~SYXs~kW&vd4C9d|EFjy#q(+MlJ^8*$>4(~nmt zX*x(>Xv^D=iZkuDrn^EOj4wDI3i?*8j&+h<8_TD2iQ{(LXU9i_JzIhYG-`0ZJ;MvC zsEW@mMY*zC!=zix)E#4e(NlZ(5#YufDn9ts)8>bweVVDnp& zd<+WG=fl6rs;`xIy!4axLax?-90JWBYpQ#9;b)s{_XDHt^LnPA^dc`siDn3p;!eri z3#P#rB43gMe_wnlHu~89%q)c2N#z*`I?lIpYeKJyc~Jglr!|*%Zjl$Q?BchI*G1D~ zf!i-d7WDduS?gI^l{$JlHN`asV^WNN=7~rJtW}4YZ#Nxi=th_aNTYxk;c*r!jZc z1|9#K)~UX|j(vCGZU1|%q&H%%jy}Nf<(>V5Dy^7l>H2Up!>`Q;ml-|mSGiaSleKL1 zbxktPJ*iD+xuV-9|9ZAKkaPb|r1Q@=tmNWsEG~HNoE8S9u}{ce@hB+27`)le(O>(Q zLAu0pg995pfqB-*>~lfhg&FfH=Y%gjI&>Szw!z0Yg7xFK)^)G`;0lh`50<%nPg!sG z{d*Vw)6rG5%Qy9GJ-6>h$Cq`h$*lVE2GaTvRI=ykz_Z01+>gC>OxWEStYnjo@%9Ix z%ZV5=QdyUM(MC`4)DO|elK0~N?y6pJ_{t&TjNBYL%{s^ZmnmV799X_wIOvjkE145P zKk?zwTio}vn$b^oH*?=SDjs$^_6sAhb^9fDGD9{6r-Vm8XCA#K@1E*8UMb?ky!5e| zP}#fXU35-H=vL6W4d`IAQ`UaCN?Cy6&WODaF)RN2km`ng#}l*HKJxf8G&cZOf0@v zH&m*6^R@4nF@s!$7Jp2=w!X)JI+=dB(gLEJjbFQ-sw~@)1uqAyp5GMo-n(M`DcMK0 zERXYe59D2OdM+cdY+M`*m>gn7k%k156de<9o@L)#!swNKVBv{k`31`R4)yQ7a0+NT zwLkZKK&9aKYfYlCko0&36}~l$4o|VliVBH!CbV6er;XZPcf9_quZm#5_eHIScRW62 zO~=TFzbFSB6IWp}Kh9S&irjmtw%eh$H``(_P=8~rk?*ruUHhJwv(LTfu!G;7wcUzz zoL8m7IO?ard6!Y`AvE+*u!~Op=(*pjxDe};dz})tzopSyF4a$vFNC=D-69x72LW-_ zq~1$gy+U3tr!;|V1=EaNh$j2-!{Tc>EIr8%*1-H<3gSHPFi|k^=jMF}8sm=rL9s{jT zi|!2pbH&t`2CmM0k9_{)@T$vhzZ}{oKXV?KH2~228+>O%q|R8wwn;B6K~joN0WTE6 z3{$kSu<1bD4(DEbkM%+ohvBlCMXoCuevor8?+l;XDxmZ(IZZx6b8n3W-4ovKf4?n} zV34ab{{X^IwB~g=SMv2<)BaxINbse~KE7m*OK(L}o&ed3{&~$~7c~RX{`ag3WPZf= zH$R`ekr|^2Wb}=4#$n10lh@yFbxYYuI>vdSov@!w7an%qve^ZvOj#wtMljxSr|V~h zM!Wwuk3Cozm~?Wc>5N}iGIyaQf~+Ba;qsn6y_tP!V6EL}S|(RiR*8qX0@I_|&4wvj zw08PaG07wYjTe{Zul(TM$GkxM`7zK%BA1KcN%qg67@e8$Sy1t2!lppIuqp zOCmJCUwC-oXDG4;hw#pkUh5N=N_?>V`Rto7IW{$GX+^xD78rtu{7&%YimOzoF0MQB+N)#h~TUU6=FfAK=sLFPz|~_~h>fRV%)&n!P?AYglcqPl*U=BX-2H^9P}>{0RqtBAqa@?8v+l;5@qR&lRa=`?xp(r} ztkUAN1@}J(VaHOJxb(ZHGSM)QB6Hf%F5lhxAF@onCNG(1DI4Xu6P2#w4n*)`*Ay#n zZ;GLhU(u)lXubw~yPk5WJL#{3u^(kWoEo8)JQ$oO1m|~C{AJmYK zod))L3t}Kqi8DohA48XPws$`Ie{KpZQQM*9xJ>=ZHJ=xwynfMpHZCB4DtPU&-{H@} zS*J!}o-iJt19T4m^#1&?2T<7mUedSHlzvOXJxrBv58H1?gfj0w|8dmbh=myOLu{|c zrX43*yKy8abU1Mxj-|`Y+Q8Erkz<0RISQ6x6ytnO@!>~eQq!B#mVrOkwgz=`)Aw6~ z5C_Xye5sw-+qtpPy$fL1!GWszA}A05JS6ySJ}JGAwz6!gET6^{PQd09vZRtOhiCIc z)hKnLq{^MG0)zFmX8p$VJ|KO&FCK1ioSzbcX1q7L$v^!Tm^`AY&^rgT63uIT@>b0} z>(rHQ-w-fg!gNv+zEPxXwJ_)SVauh% z1Q7H6f(}2BY31*`9NM8Y2Z4;WUkY4_k&!OZv!PEGC$}WO=4}69>w1-WvpDnlCmYBJ zdp5}2jCfa#wq1jly?wg3myK?myUT4+`*-&|YnqvDc)U%+tVD*@%F^fr0yp|f35ib z&h~;Ub~_qNIpykjGJ`^cJjm3D0Kd*MXzu}BO{A95`kHagwd)k}FmFq`x^W+FT^bmD zB~-`6^iw%Uy4M{rs$b^XwG79_^r#E&zVN|**Dl+k;)b{o;U?g()L?&DZ2)i{o}JT&dbU&d|?#D zT0V6%pswLNfr{ZFRpv+TL#hXU-s%`mn0065e93;&U1m1raNmF0y&^R39vinb*x+94 z9l7{9+MMxyT)`6CofAwCI(APbbr;>Dq*n7L=O@02Gf0|P4?E-qJqai&-6a5I2KCfp zoMx}Hs1Xh!U8%9jnvzjue|+4IP_8CB;0BBha>)0&BjAx8c*zb#9R;TEcGC5Yx7Sm| z_(JX~41YW?vvL~SbFo3;ibv9#^>tu|=;hSUpN&LvHK#E_3u(2QbBpjqk-3M2+a;mS zXPN~<&uU#gEs*c85gufHXNX1BL@LJM*44HLk*^4S+2lwJCROFK-;lOoOGsEe57M{h zjnKKJ`O}t63(?DBS7qL4u%FIEm31lgv%hkg;uYZ$(0%uQ)jJ!}prjx3^wg?_SB&rg z%G*YFCs=scTTAJch*qWg*;_O^N*5)=JQbPR5jx7fY87#qcYP-AJsUBX8wwELY1DIjv!`J%6 z^igbi@2x#Sp{utERyH1KCv>4}H)7rb{9qp+M43jaHr{mZ9@{0y~^`gV8WyWQ3MPa*6V{L<+My$Zz)%1~r3%mZIz4J-ZPbK>pG!?#@5 zKc~!vmfo8$O#W+AkW&+LHsyq8%K0LevmVTv4b6$~4|- zG%-PIDbv>2^rF1!msG*SJMiz)Q1&Ezht7EIZ>cS=?5VPS3fE6%U*5{0SMxx|5N~CE z`2()iz~0Dn`^mpgJT)DYibXXWn@R8jPMK*4w}geAQRNmbuqmf*L7%LaY#r_?cD0t& z>YZTk|I<~h$#!8Q zq=2cV{Sfpb*5*+XIQ0#0+-IY|BYx<9mp3k_9_(z%JPd@}?A3YNXE-Dm>6~7EM>bAm z!#>YY+nwxOh{$X4di)&`>r;0})G4;qjjVNd9?^NB{dK#kWUN%3#X$CbVSsCnU{BuHTib|6Q4QK;9hL`UMA6N-h+2RqtJDTc{DdkLJ`M zO>sNDof3nVg&Bqch%oMf9QR1h6=2MwolurtaiR}oD}QU*U`E^ch9aH9$0!=OhHl>8 zb6ZN;T0V27)}BUHhj)oxfn}k*eHNDl=G!!&+ASS9|Z*!T2QBSc=Jq1S|J zX9PEEibbhp&%!Gy+)exaC15XS`1fwMP}{HfI@V zblOjaj5E3)(j#>FVJ(k}0|;~5L6iOiM^hT%kPR*z8oF0K!H9-O^}}md`+zT&ewjb; z=}LRt&$@@b-9mV`|6%0x%e0bpaM!f3{4+hl?}-t)vksO^ZYfe`i0-L72btYMYU7F7 zsa*077c3eB%OtF-yOzpGgMEdVbG7pK47jru#=hC#zb|pp?vT|GAno>AH@n^X{*%M| zg?9a`N>{D~E&w(%!`{nG#Y#^`we4Ja^jzTYr>?3p&{SwgRsbh3q(4)>^7-$deb-!+ z!8iz|+emRbwWXs`EBt|*Qs`AGgP;*!_thp@pmx&ZWCUvq&-49?y^-1Bwb2IPyL$#F z?utLN&JK4(L*&K;0k=Nzv~W~ip40($M94@Hf9}ta_U6kQ*OOPv8zqV4dO6K|RG*K$ z=Dyo{cbdKbCwDLvcx`{|&~p?qNm8GTZRQ&j7Bc^ho&D1NQa18cP%R<&xgYAWCLm_(iR@w~tRP*R!GR z<@K*}o>4=03{7>sFaV9zNtRI2(#w^BRPEZoVb;7`+v4?MqQ8mdQP^=7sMxJO*B_}R zYeHqY48Fvsxn1Y`vw>YjC71k0zPvj)&TW~Spt`{SlO?(ndRav;SRx?`aw~qg;&Q}o z&0`)W4Hx6MndrwD%%4tS=ep%wvutdz@4}_VRPUbRJ3PlQsgc}FymwEzd3aos`utE> zrZ|`ITLE@hGb$R=7F)MqUAL>`H~%j6iG7+wj#NnJ$|NPif;|3e-GU;tqQ@XgtDkmk zKEFp8tDCwdDqy{F29KzzBY2+cE&syJ`D2#-_?ZVW(s#YnGY5$*w*)hBmtkD*%*5(i zWtx=)T(3krsUUGXo7@8NQ8*$+^VAZMc}ZF$Wcy1T9}t_ko}|a(B{+JyC-55b65KeK zT+Ss1kLOl2uJN9}X#kV-q6Dwr5j!>W@aq^Q!jI2E-w?6Q!ze_mca{^ae^%)RU<3~= z9`Rh!)wX!Gv2yZ@+0ZAJIDY1(wZJDRE$L)qQ2tZ>U_zN7vw&@{%Bz=y#k?FWsp;wW zY;AK0xEA}H;^Ld}3BV%w22||lvy}RE@9U2CDKAXT84tL${xzt<&eZg^o;bJD$k)d* z5bBHKFW=?}0bjq0HE4c7BJFCtCPh!3=SkcnEe1U>l?wRZ(fhVl)>`w>tGJ>dw+qBq z=hcH*EO48`Y6s>Yv@a@!UHCwV5N;?g?oQ0mYdd{5=%DW#(d7Ude%8M&2YdYAjoi0G zQtl_eTwLiMK-g*2oHd)aQOA~cayXxF1K@tPS*30#%E?$?*RM-IxX4d#8wy*%y{`Gj z;861t`uH#5$M<6bnu6#{g36lsYv!%jE!E1s7r*5h9`<%V1v=;aU)KC1TqYa;3_k?- z1>F5p^ZbV@=i)yDkr#u}0X={I_a8c!6HvzABRXw#|M1iNLzH+m;-6(A6m5(C{m=u$ zx-b}8Hdx}AXZvk&MbteHga|L1zn7eT>JnyD^lVSfXz5X;WMHP(^9-hy5V zVcdU#kG|UpY{qM^0sbt_9<0jbXg)c))~CKD)0e#nz>+wic1^h1*|6Q}OTWwx@>*zX zK6Gbs%Vy?#AO3UA?6dDyme3Z@)xHOR+&m|QyfM9^8$Jdao~8XV$UzQ3fhvltl^paa z`@=05{a_zQKeXr5DSQ2Ag%8ZUcV1pwGjE}e0COT~&qMIMi>iL3rq<&G`vu}i0x~@4 z(09MN0n4s= zVR(}Tsj40Htp5@urL{6-%_;t{r!W#V$K=`f2|fVsMn!SSc~PH*U#nlX_K?CX5{(am z*|{x1b))iBR~|Ocre(Rk=_PMs>=m|2{z05;9j2%uy) zQrB&ppmvD{^?mC*1l!!HzLJ9SJY{)o8IUAP&Xwptj72o#-3|UoRuy|!vn~*Dh;2QO zfT4KKMyqF-jy_BQfghRxXxT~BZ78N6skLb>g|&MHwE)am^F?X+yBC}E+pJKV^5_B^ zxX_X^!VQSVybW>_{72wsiZuBtytL|FYgCzm;!gI6T0oh68;_$W@6PbH>ze%Zffm6U zfDIjXA0!WzH1W$s5mTCrmx~G%=9Y;IB=y|`HV2}0Dg4N(qBLJNcjxB?u0QUmm6#@b zT4GyzjMRy4wA^%MTADMa6;&3i2n+6KZ&<-mzYT9f-XvCpS*>SOXwdU#fCAFStI1v( zxB?)6##8^yRFz}9=s)`Pfm!3&@gVNJT(d!lD{Kyk6j zTDnrb&01r?CQ@ai=_QwhoXnjSiWP?+cHu0pmyQ6Okw2pxs3BH-bm5c7gTys- zfMww1K#vHG%vx_0-gdhf<=8UOmk*a)#Z77WZQ`}I?7_`V4OgxK9T5aEVnwb6Jqc4V z8RRf%^Nj|qtWE%L|EpiA-(7`gG}>yHi`psO1*#CzM02)0#e%2@7lTwk&dx+)lqUew z2T%9Ev}c`J7$TfBqYle-P@eK4b!m3Jd{Y^Hw>qeK>AM<;(AvWl`xKaFAXOpy(0*alU{0Mj67rL`A*~;a2MhVp~ymGY`XLbANJ8n;arQ(jaZK{knG6*H2b_ z6!9>5_q@_DNWuh~H}auyxNLxs0W%_j{X9(?GJU=rCHX-4Az_{B0~}+u;x)ymfufWTD|>@s#EtO zU-T#ZX8T>Lj$2TnKbP!r@B8hWP(e-&*>lYIt=`3+YdI=sOc7J|+lVPX`b6ux(>bJx zd+lz~MJdwK+*qFP3U$IV>acuKo}nKok(Ah?^uvQMLdx!2zG3dmsHR>S`CW+-i-B~L z1Roiwk70tPyIcR$LG|U5k@SCo{k!a?CpbpPucO8nKrZd$bcF7btvo`ZJH}%pPw|*; z8!84a=if+{kEQVRiI~L}!en6qREyR3Sx9M`WfY3)vmb1;+d$8 zt@Z^eYE6iP7-U#zfb+xGxkIKbm)VT|8K zz+&Ld))gUMe+;CW`0*e^Jo5hOc~x56 z^6xK3^lXC3k^3nhC-b3tf;wef36{=fRyEd9xjrUp1Je34J7NUh2Wy4<~14qUqh z93omah06&uOD4v;ejd2rWm#1@?0W8HjxIz4|7%E5qkB;cxTiKSjA!@0rkt1NLQF5{ z%%=VK@r@OzQN?5NTI&1h(iob-wJfB(DQXNv9?#bR1n|5_0MXP9ym=Q5Y2~{JhCq&6 zOG5Fq>#i3kOHK-d{H+3Ro3^Gj_?v9)U0wWHmM;HH4g2Fg7evB!B6i}47Vp+Ek3}fC zP5&5O*T-4IId>LdmA_I@V-dcGuZa>jIVdI&&neqqwO1mRpSgAf>%sbJ!DN1 z!sK`pkbwnB`B2~++HSVZS9G58{uf_f`K1z9{5$1gziI{u?3@0_%e&8HV*C=)l@HhM zq-0d6C~z#KLGh02(qaMrOUm>wc@V1GrgGn$Vb(}fYrrH@mw)Is3yDi-H?!%XHO!cCx^WeiE4y{&2praqY zC=Y=z?a!|2_KlMoTnI9#vNM=&%%)g1?eTMrj6|_UazOw);(Wh`9c{m@DF)qxqzK`I zIq>U%5zIqfD73-9dd0$cg`=S5h=NTqkAc<1`HXCVfM$Y2F(ww`DSC zw;s_FuoO=6Co<#?|F9U}-d{qJreX~Hd3Q?f_YR&aZEs#J!Z%jqtCu8jRxcbE-Mg0^ zmC<&?z3}?s71&Y0=*sB^e=TUYZ(mt=mK?I$qFV48lPy!~AA6CF^4_;fB#;p9i}SEh z>UdGPylZF|wlR3|xm^?DNhW#-hLld%N^p$-MzXIS`Qm@utZE=zg)-OuKIlHQoCuCL zDfY*Pd9Cd7`0=cXP{~136ffueBU;VJL{PWx%uZ)0G_890n}0$2X1YnUGNGr|1#b#O zgpt;pPARiB=-QX$21>yKvJL^Uic;YI+4nH#1X8ulLq1i=mL{2=!sGF4YksS2U_ZEz zQ`S)uxBX!+%%g&5ZaFW-eoNfGtmX*XGmbA&3?k=%NP|ZP=(c_>Y8mRSi-&E`Ha9TCT#p+WOb^TWNXmzvH{<)p!|}pV&SfJ?R=3Yr z0dsPS;^ajgcA>}R#P&OyxbGZs7c*GvTov?)U+1 z`;~2|)#A0X@M6Z%(PZZ5pGVX?h1}TAP=v{D7oQUCy(I=&{NTGwY~G2s{jk{#^*?5wrH&2-(j_~T`?ZzV`uBtQ8dKY z?^}-O5I1OvQtNCm*xngEFkd)N#I$F@?5ss8?oD#CmBxHo$be@&0u4_t&6SvHu~kq$ zkDi=Val~n_Vf^pq5Z?s2SV6Y3IqipgiFT5!M|B2#@j1$>*$4k_gj^Z`#x(bFIfQzx zU^3^*cRMhj=KRev8!%S0AhI8Zx442VzN*US{?PGM){gtq`ZKB< zy0&wVTx{Cgs$UY`Z4<_@7n#FDis56(z)ft(MVKF_QC^6Yp&cKDmqd1qSbkUrEx2M! zpGQid+y`3mbD;==_S~-VoLljOR^pKe26dM|NP*@yUaz#IA!`P7$Z(yO2jWtYG&fl& z@nc5{a-w7{pTkG8-b!->?YC!{1v=Jf*tk2CZw!da)*!vxgP{j(vyL4*-K&51_9Jfy zVQ}$Lh=wKfyXv5lwSxcR&oA=j|Lx4$EvU<4?8k>U;ximW+ZvqEMbL#OXcWk_NQ0=^ zSHTE>!g3#n<9)XHDuVq5V1uFc)M`wr#v5fzI9u1q7T^hWqd5vgAAX~hXS!?Dl$M|1 zXcz80s5E>e?)~n{e~ThNm-cwBaWj6Ws9(i@J&<$NvER|WA+rjxV)cTJi($a1|06Cs z#9W5BU>j^)OsIB2I|5B7zDP_hPdc7Az_y19QYVw$20ejh&9Q(wU~{F z|A_*j`roe^^_qVsntv=_CAJTIjI@nUftVI`fT$SPa4H_L2y26q5{ID4wiJA>4Ns65 zbe=F7E4%2|rxZZg9vQZMziho{*|LakNfYaohQqZfOCE#h+VUf4rg0*|MrH>Q%7^r| zqLo&dHNvVyy(CAi!!UD;s@qa4qwV1m!G;0aO-bUDLz1m_Qqq_njwfYOsBR5c*<%==Qt2+W# z8r%^!I_AiU>gSrKsP+(i<@s=g<{}Sde@JEjN)}?52j?3t*&+@g8Q|XfWvKC&Q%w!> zd^@Z$nSFDMDe}cWJNHqRBVRoh&%S^v&jP~n{}quz^`1z+=k(bN6;mdmVXqqkO=?}N zLJD;l6V-Qd*v`-i%i109!jU4|g^}vMd?~1ZsCkF`aLHW0 zszFIPA_%{@UrZTuv^kQ?;!FFE9cWc_wqsxyF4u~x+==Zgv8=spGEJGNt+Y(pD+UUO zt+s>h*!d+3mrY$u5ilha{LW$@CmLF4Oqd$p%yG-L+OIDD?ce8Yzq0u0@JPUV>C$^} zoOw=22X$gRKVbxwIow}j8=E2P;a>wnaH;}HKKMonB>rRxr|D#Dw=+Yzssa}#TPg4D z-SFr_AE<)=E~rv8;GlV`)XV0NTZYnn;=?)JQ&0{B;1uK?i1O#j; zq-mvsk_Z`gsLPZ^G{3iDIJ=(HakQ}vU2`;QV%V=xJ_ARpT``5*|5=hR{=1EFbNGt2 z1_ED0D6KHg2`(txDzREo0xOdie@X%OjCayp))NE9)gCpOR%iO(?d3Y)-0$hLl$8$% zaq;#s#uJQGA*+ZzJNY%cfy{{`9*HOu_zZq9I{;11DPB!McdnFhyLuNeLKLUwP3297 zw@-OC?mrUFcwTwe72Vm=jKiCDZeexGrH418YSLQLvq*6sM@(_m1*OVt7bEJeTe)T$ zOC>fd1LH$}X4C;ABR(*|XRXu}=($)4s`GtNC-1SMJ6D>;&|^q>A;UgrSTC5i=DCuy za6|p0MGtXx zg?C^)msvZw%9<@@5v2(4f{ddnIFueg%(g`eu}#^k8n7^sLRJK>bXX(=Obid4v=5Vk zhdrt~6y0BH_w~WvR7Aw>Ai^vfUMhc~f9zm%)!pRk+zR}6k*`yP9{Tl=nv1Lf~u zH4zuxDV47ss>C*=x%?N*2}O(usvtO91rXb^MdfLE6$;=XROpI-!sb`}Gs)HSdp-yy z?|${KC>6&tzS@`~ow7^?c~>KVN0lf|NZ!)E<&OiXp%PI)RgM(%7^+o}hm^@%R2TcS zTQ`tg4(+CqS!>pk3D#9UgRW&27&dH7kuk*G8tIR)tS$QQoilubXe*cFbn@=aLs;s1 zi(`j!YFFeH!SH1~v9jdtR{8DNLXWE2Ek@W0e~6}1IbGMb*DRO)2jZ%NP%X7SJ}&-8 zy!~|Mn)E>rVm4&dVbR%^TB4RIZ?!5@RP)tx#1cNeA{!2athR4V9F!g0!=cH3mkcq5 zz}0t*1Q<2jx7wR5e*{2@+A~W-^^a={_SG{?aB6`CC2mlR>okT?YT1uEm_7tcM2=!B zVD<~->c{7mtQ%%r!a6W(NJ+~qbQ`4SDpC|R}Wh)F{#MvO{+)}^}k$EEx*TQ{S1^_7C&(aqU1{3a8H zVwdguo9oN0*ZaXvC`{?fkxjhF>IrBB<0@Ay-IN`r!hHtzz%-0nAGYd+#>#>&7E*>s zfLfe=2J8k7k7)e$h&4Jhvw|*c$|C^YkMn~?9U8Sz9)f!J;UjjvC)V})Pj56sN-Rf? zWWr?G>uN6eKuAeQ5Bbrpy>)B%D&ojtl|*Xo)STX0QYI@gH&;2|_fK@6`W?zTRYl-k zR(?3=Z05FH!TxUsAawF=~uUsP{tCf@vGgi)F^4-B^Q@l6aO!Ed3+QN^ZFFm{0r z2RmXePOvtOG9B0vLHwEUe2rBZhNH5&YF}>m=cPlvnfOAw?PzXcF=tjxHnYsb_uY>i zS2Js9!$Jt#GuSV6l~tRJvie8=I)uB+7kBjm1HfjWPfOh&&HeK-|E9+OfBk~Z{Z2oz Y%tu6_Y+|~OF@E&5jqjG Date: Mon, 25 Aug 2014 11:53:31 +1000 Subject: [PATCH 048/540] add the [OPTIONS] string automatically if there are flags defined Signed-off-by: SvenDowideit Docker-DCO-1.1-Signed-off-by: SvenDowideit (github: SvenDowideit) Upstream-commit: 8c6c4a12b7bd53c01998988593789aa16a6d9ac8 Component: engine --- components/engine/api/client/cli.go | 6 +++- components/engine/api/client/commands.go | 28 +++++++++--------- .../docs/sources/reference/commandline/cli.md | 16 +++++----- components/engine/pkg/mflag/flag.go | 17 +++++++++++ components/engine/pkg/mflag/flag_test.go | 29 +++++++++++++++++++ 5 files changed, 73 insertions(+), 23 deletions(-) diff --git a/components/engine/api/client/cli.go b/components/engine/api/client/cli.go index d80f9cc32c..fa3be2d8d9 100644 --- a/components/engine/api/client/cli.go +++ b/components/engine/api/client/cli.go @@ -63,7 +63,11 @@ func (cli *DockerCli) Cmd(args ...string) error { func (cli *DockerCli) Subcmd(name, signature, description string) *flag.FlagSet { flags := flag.NewFlagSet(name, flag.ContinueOnError) flags.Usage = func() { - fmt.Fprintf(cli.err, "\nUsage: docker %s %s\n\n%s\n\n", name, signature, description) + options := "" + if flags.FlagCountUndeprecated() > 0 { + options = "[OPTIONS] " + } + fmt.Fprintf(cli.err, "\nUsage: docker %s %s%s\n\n%s\n\n", name, options, signature, description) flags.PrintDefaults() os.Exit(2) } diff --git a/components/engine/api/client/commands.go b/components/engine/api/client/commands.go index cb60f6980c..cd954b92e2 100644 --- a/components/engine/api/client/commands.go +++ b/components/engine/api/client/commands.go @@ -98,7 +98,7 @@ func (cli *DockerCli) CmdHelp(args ...string) error { } func (cli *DockerCli) CmdBuild(args ...string) error { - cmd := cli.Subcmd("build", "[OPTIONS] PATH | URL | -", "Build a new image from the source code at PATH") + cmd := cli.Subcmd("build", "PATH | URL | -", "Build a new image from the source code at PATH") tag := cmd.String([]string{"t", "-tag"}, "", "Repository name (and optionally a tag) to be applied to the resulting image in case of success") suppressOutput := cmd.Bool([]string{"q", "-quiet"}, false, "Suppress the verbose output generated by the containers") noCache := cmd.Bool([]string{"#no-cache", "-no-cache"}, false, "Do not use cache when building the image") @@ -255,7 +255,7 @@ func (cli *DockerCli) CmdBuild(args ...string) error { // 'docker login': login / register a user to registry service. func (cli *DockerCli) CmdLogin(args ...string) error { - cmd := cli.Subcmd("login", "[OPTIONS] [SERVER]", "Register or log in to a Docker registry server, if no server is specified \""+registry.IndexServerAddress()+"\" is the default.") + cmd := cli.Subcmd("login", "[SERVER]", "Register or log in to a Docker registry server, if no server is specified \""+registry.IndexServerAddress()+"\" is the default.") var username, password, email string @@ -529,7 +529,7 @@ func (cli *DockerCli) CmdInfo(args ...string) error { } func (cli *DockerCli) CmdStop(args ...string) error { - cmd := cli.Subcmd("stop", "[OPTIONS] CONTAINER [CONTAINER...]", "Stop a running container by sending SIGTERM and then SIGKILL after a grace period") + cmd := cli.Subcmd("stop", "CONTAINER [CONTAINER...]", "Stop a running container by sending SIGTERM and then SIGKILL after a grace period") nSeconds := cmd.Int([]string{"t", "-time"}, 10, "Number of seconds to wait for the container to stop before killing it. Default is 10 seconds.") if err := cmd.Parse(args); err != nil { return nil @@ -556,7 +556,7 @@ func (cli *DockerCli) CmdStop(args ...string) error { } func (cli *DockerCli) CmdRestart(args ...string) error { - cmd := cli.Subcmd("restart", "[OPTIONS] CONTAINER [CONTAINER...]", "Restart a running container") + cmd := cli.Subcmd("restart", "CONTAINER [CONTAINER...]", "Restart a running container") nSeconds := cmd.Int([]string{"t", "-time"}, 10, "Number of seconds to try to stop for before killing the container. Once killed it will then be restarted. Default is 10 seconds.") if err := cmd.Parse(args); err != nil { return nil @@ -954,7 +954,7 @@ func (cli *DockerCli) CmdRmi(args ...string) error { } func (cli *DockerCli) CmdHistory(args ...string) error { - cmd := cli.Subcmd("history", "[OPTIONS] IMAGE", "Show the history of an image") + cmd := cli.Subcmd("history", "IMAGE", "Show the history of an image") quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only show numeric IDs") noTrunc := cmd.Bool([]string{"#notrunc", "-no-trunc"}, false, "Don't truncate output") @@ -1011,7 +1011,7 @@ func (cli *DockerCli) CmdHistory(args ...string) error { } func (cli *DockerCli) CmdRm(args ...string) error { - cmd := cli.Subcmd("rm", "[OPTIONS] CONTAINER [CONTAINER...]", "Remove one or more containers") + cmd := cli.Subcmd("rm", "CONTAINER [CONTAINER...]", "Remove one or more containers") v := cmd.Bool([]string{"v", "-volumes"}, false, "Remove the volumes associated with the container") link := cmd.Bool([]string{"l", "#link", "-link"}, false, "Remove the specified link and not the underlying container") force := cmd.Bool([]string{"f", "-force"}, false, "Force the removal of a running container (uses SIGKILL)") @@ -1051,7 +1051,7 @@ func (cli *DockerCli) CmdRm(args ...string) error { // 'docker kill NAME' kills a running container func (cli *DockerCli) CmdKill(args ...string) error { - cmd := cli.Subcmd("kill", "[OPTIONS] CONTAINER [CONTAINER...]", "Kill a running container using SIGKILL or a specified signal") + cmd := cli.Subcmd("kill", "CONTAINER [CONTAINER...]", "Kill a running container using SIGKILL or a specified signal") signal := cmd.String([]string{"s", "-signal"}, "KILL", "Signal to send to the container") if err := cmd.Parse(args); err != nil { @@ -1245,7 +1245,7 @@ func (cli *DockerCli) CmdPull(args ...string) error { } func (cli *DockerCli) CmdImages(args ...string) error { - cmd := cli.Subcmd("images", "[OPTIONS] [NAME]", "List images") + cmd := cli.Subcmd("images", "[NAME]", "List images") quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only show numeric IDs") all := cmd.Bool([]string{"a", "-all"}, false, "Show all images (by default filter out the intermediate image layers)") noTrunc := cmd.Bool([]string{"#notrunc", "-no-trunc"}, false, "Don't truncate output") @@ -1476,7 +1476,7 @@ func (cli *DockerCli) printTreeNode(noTrunc bool, image *engine.Env, prefix stri } func (cli *DockerCli) CmdPs(args ...string) error { - cmd := cli.Subcmd("ps", "[OPTIONS]", "List containers") + cmd := cli.Subcmd("ps", "", "List containers") quiet := cmd.Bool([]string{"q", "-quiet"}, false, "Only display numeric IDs") size := cmd.Bool([]string{"s", "-size"}, false, "Display sizes") all := cmd.Bool([]string{"a", "-all"}, false, "Show all containers. Only running containers are shown by default.") @@ -1598,7 +1598,7 @@ func (cli *DockerCli) CmdPs(args ...string) error { } func (cli *DockerCli) CmdCommit(args ...string) error { - cmd := cli.Subcmd("commit", "[OPTIONS] CONTAINER [REPOSITORY[:TAG]]", "Create a new image from a container's changes") + cmd := cli.Subcmd("commit", "CONTAINER [REPOSITORY[:TAG]]", "Create a new image from a container's changes") flPause := cmd.Bool([]string{"p", "-pause"}, true, "Pause container during commit") flComment := cmd.String([]string{"m", "-message"}, "", "Commit message") flAuthor := cmd.String([]string{"a", "#author", "-author"}, "", "Author (e.g., \"John Hannibal Smith \")") @@ -1659,7 +1659,7 @@ func (cli *DockerCli) CmdCommit(args ...string) error { } func (cli *DockerCli) CmdEvents(args ...string) error { - cmd := cli.Subcmd("events", "[OPTIONS]", "Get real time events from the server") + cmd := cli.Subcmd("events", "", "Get real time events from the server") since := cmd.String([]string{"#since", "-since"}, "", "Show all events created since timestamp") until := cmd.String([]string{"-until"}, "", "Stream events until this timestamp") if err := cmd.Parse(args); err != nil { @@ -1795,7 +1795,7 @@ func (cli *DockerCli) CmdLogs(args ...string) error { func (cli *DockerCli) CmdAttach(args ...string) error { var ( - cmd = cli.Subcmd("attach", "[OPTIONS] CONTAINER", "Attach to a running container") + cmd = cli.Subcmd("attach", "CONTAINER", "Attach to a running container") noStdin = cmd.Bool([]string{"#nostdin", "-no-stdin"}, false, "Do not attach STDIN") proxy = cmd.Bool([]string{"#sig-proxy", "-sig-proxy"}, true, "Proxy all received signals to the process (even in non-TTY mode). SIGCHLD, SIGKILL, and SIGSTOP are not proxied.") ) @@ -1923,7 +1923,7 @@ func (cli *DockerCli) CmdSearch(args ...string) error { type ports []int func (cli *DockerCli) CmdTag(args ...string) error { - cmd := cli.Subcmd("tag", "[OPTIONS] IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG]", "Tag an image into a repository") + cmd := cli.Subcmd("tag", "IMAGE[:TAG] [REGISTRYHOST/][USERNAME/]NAME[:TAG]", "Tag an image into a repository") force := cmd.Bool([]string{"f", "#force", "-force"}, false, "Force") if err := cmd.Parse(args); err != nil { return nil @@ -1992,7 +1992,7 @@ func (cli *DockerCli) pullImage(image string) error { func (cli *DockerCli) CmdRun(args ...string) error { // FIXME: just use runconfig.Parse already - config, hostConfig, cmd, err := runconfig.ParseSubcommand(cli.Subcmd("run", "[OPTIONS] IMAGE [COMMAND] [ARG...]", "Run a command in a new container"), args, nil) + config, hostConfig, cmd, err := runconfig.ParseSubcommand(cli.Subcmd("run", "IMAGE [COMMAND] [ARG...]", "Run a command in a new container"), args, nil) if err != nil { return err } diff --git a/components/engine/docs/sources/reference/commandline/cli.md b/components/engine/docs/sources/reference/commandline/cli.md index bae418d10b..f67527b380 100644 --- a/components/engine/docs/sources/reference/commandline/cli.md +++ b/components/engine/docs/sources/reference/commandline/cli.md @@ -625,7 +625,7 @@ ensure we know how your setup is configured. ## inspect - Usage: docker inspect CONTAINER|IMAGE [CONTAINER|IMAGE...] + Usage: docker inspect [OPTIONS] CONTAINER|IMAGE [CONTAINER|IMAGE...] Return low-level information on a container or image @@ -690,7 +690,7 @@ signal specified with option `--signal`. ## load - Usage: docker load + Usage: docker load [OPTIONS] Load an image from a tar archive on STDIN @@ -742,7 +742,7 @@ For example: ## logs - Usage: docker logs CONTAINER + Usage: docker logs [OPTIONS] CONTAINER Fetch the logs of a container @@ -832,7 +832,7 @@ This shows all the containers that have exited with status of '0' ## pull - Usage: docker pull NAME[:TAG] + Usage: docker pull [OPTIONS] NAME[:TAG] Pull an image or a repository from the registry @@ -922,7 +922,7 @@ delete them. Any running containers will not be deleted. ## rmi - Usage: docker rmi IMAGE [IMAGE...] + Usage: docker rmi [OPTIONS] IMAGE [IMAGE...] Remove one or more images @@ -1249,7 +1249,7 @@ Providing a maximum restart limit is only valid for the ** on-failure ** policy. ## save - Usage: docker save IMAGE + Usage: docker save [OPTIONS] IMAGE Save an image to a tar archive (streamed to STDOUT by default) @@ -1274,7 +1274,7 @@ It is used to create a backup that can then be used with Search [Docker Hub](https://hub.docker.com) for images - Usage: docker search TERM + Usage: docker search [OPTIONS] TERM Search the Docker Hub for images @@ -1288,7 +1288,7 @@ more details on finding shared images from the command line. ## start - Usage: docker start CONTAINER [CONTAINER...] + Usage: docker start [OPTIONS] CONTAINER [CONTAINER...] Restart a stopped container diff --git a/components/engine/pkg/mflag/flag.go b/components/engine/pkg/mflag/flag.go index 6e3f039707..0eebfc18f1 100644 --- a/components/engine/pkg/mflag/flag.go +++ b/components/engine/pkg/mflag/flag.go @@ -472,6 +472,23 @@ var Usage = func() { PrintDefaults() } +// FlagCount returns the number of flags that have been defined. +func (f *FlagSet) FlagCount() int { return len(f.formal) } + +// FlagCountUndeprecated returns the number of undeprecated flags that have been defined. +func (f *FlagSet) FlagCountUndeprecated() int { + count := 0 + for _, flag := range sortFlags(f.formal) { + for _, name := range flag.Names { + if name[0] != '#' { + count++ + break + } + } + } + return count +} + // NFlag returns the number of flags that have been set. func (f *FlagSet) NFlag() int { return len(f.actual) } diff --git a/components/engine/pkg/mflag/flag_test.go b/components/engine/pkg/mflag/flag_test.go index 2aa6fdab00..9321926c56 100644 --- a/components/engine/pkg/mflag/flag_test.go +++ b/components/engine/pkg/mflag/flag_test.go @@ -428,3 +428,32 @@ func TestHelp(t *testing.T) { t.Fatal("help was called; should not have been for defined help flag") } } + +// Test the flag count functions. +func TestFlagCounts(t *testing.T) { + fs := NewFlagSet("help test", ContinueOnError) + var flag bool + fs.BoolVar(&flag, []string{"flag1"}, false, "regular flag") + fs.BoolVar(&flag, []string{"#deprecated1"}, false, "regular flag") + fs.BoolVar(&flag, []string{"f", "flag2"}, false, "regular flag") + fs.BoolVar(&flag, []string{"#d", "#deprecated2"}, false, "regular flag") + fs.BoolVar(&flag, []string{"flag3"}, false, "regular flag") + fs.BoolVar(&flag, []string{"g", "#flag4", "-flag4"}, false, "regular flag") + + if fs.FlagCount() != 10 { + t.Fatal("FlagCount wrong. ", fs.FlagCount()) + } + if fs.FlagCountUndeprecated() != 4 { + t.Fatal("FlagCountUndeprecated wrong. ", fs.FlagCountUndeprecated()) + } + if fs.NFlag() != 0 { + t.Fatal("NFlag wrong. ", fs.NFlag()) + } + err := fs.Parse([]string{"-fd", "-g", "-flag4"}) + if err != nil { + t.Fatal("expected no error for defined -help; got ", err) + } + if fs.NFlag() != 4 { + t.Fatal("NFlag wrong. ", fs.NFlag()) + } +} From e59ed0e9b10413f12dd5273ac3cdaae5ea70ac86 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Wed, 27 Aug 2014 23:34:37 +0000 Subject: [PATCH 049/540] move TestKillDifferentUser Signed-off-by: Victor Vieux Upstream-commit: eb9379c5d05848c525f7c3d75b66a4b356227d57 Component: engine --- .../integration-cli/docker_cli_kill_test.go | 28 +++++++++ .../engine/integration/container_test.go | 58 ------------------- 2 files changed, 28 insertions(+), 58 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_kill_test.go b/components/engine/integration-cli/docker_cli_kill_test.go index b8265d8cfb..6ee246f5ff 100644 --- a/components/engine/integration-cli/docker_cli_kill_test.go +++ b/components/engine/integration-cli/docker_cli_kill_test.go @@ -34,3 +34,31 @@ func TestKillContainer(t *testing.T) { logDone("kill - kill container running sleep 10") } + +func TestKillDifferentUserContainer(t *testing.T) { + runCmd := exec.Command(dockerBinary, "run", "-u", "daemon", "-d", "busybox", "sh", "-c", "sleep 10") + out, _, err := runCommandWithOutput(runCmd) + errorOut(err, t, fmt.Sprintf("run failed with errors: %v", err)) + + cleanedContainerID := stripTrailingCharacters(out) + + inspectCmd := exec.Command(dockerBinary, "inspect", cleanedContainerID) + inspectOut, _, err := runCommandWithOutput(inspectCmd) + errorOut(err, t, fmt.Sprintf("out should've been a container id: %v %v", inspectOut, err)) + + killCmd := exec.Command(dockerBinary, "kill", cleanedContainerID) + out, _, err = runCommandWithOutput(killCmd) + errorOut(err, t, fmt.Sprintf("failed to kill container: %v %v", out, err)) + + listRunningContainersCmd := exec.Command(dockerBinary, "ps", "-q") + out, _, err = runCommandWithOutput(listRunningContainersCmd) + errorOut(err, t, fmt.Sprintf("failed to list running containers: %v", err)) + + if strings.Contains(out, cleanedContainerID) { + t.Fatal("killed container is still running") + } + + deleteContainer(cleanedContainerID) + + logDone("kill - kill container running sleep 10 from a different user") +} diff --git a/components/engine/integration/container_test.go b/components/engine/integration/container_test.go index 4462aba08d..9d55b0b365 100644 --- a/components/engine/integration/container_test.go +++ b/components/engine/integration/container_test.go @@ -13,64 +13,6 @@ import ( "github.com/docker/docker/runconfig" ) -func TestKillDifferentUser(t *testing.T) { - daemon := mkDaemon(t) - defer nuke(daemon) - - container, _, err := daemon.Create(&runconfig.Config{ - Image: GetTestImage(daemon).ID, - Cmd: []string{"cat"}, - OpenStdin: true, - User: "daemon", - }, - "", - ) - if err != nil { - t.Fatal(err) - } - defer daemon.Destroy(container) - // FIXME @shykes: this seems redundant, but is very old, I'm leaving it in case - // there is a side effect I'm not seeing. - // defer container.stdin.Close() - - if container.State.IsRunning() { - t.Errorf("Container shouldn't be running") - } - if err := container.Start(); err != nil { - t.Fatal(err) - } - - setTimeout(t, "Waiting for the container to be started timed out", 2*time.Second, func() { - for !container.State.IsRunning() { - time.Sleep(10 * time.Millisecond) - } - }) - - setTimeout(t, "read/write assertion timed out", 2*time.Second, func() { - out, _ := container.StdoutPipe() - in, _ := container.StdinPipe() - if err := assertPipe("hello\n", "hello", out, in, 150); err != nil { - t.Fatal(err) - } - }) - - if err := container.Kill(); err != nil { - t.Fatal(err) - } - - if container.State.IsRunning() { - t.Errorf("Container shouldn't be running") - } - container.State.WaitStop(-1 * time.Second) - if container.State.IsRunning() { - t.Errorf("Container shouldn't be running") - } - // Try stopping twice - if err := container.Kill(); err != nil { - t.Fatal(err) - } -} - func TestRestartStdin(t *testing.T) { daemon := mkDaemon(t) defer nuke(daemon) From c2d0e99a2a85aa36aa4ed478764245c6c73e80d7 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Thu, 28 Aug 2014 00:25:10 +0000 Subject: [PATCH 050/540] move TestEntrypoint & TestBindMounts Signed-off-by: Victor Vieux Upstream-commit: 5b27fbc0e27358b794946fe9e84a83a6c4497be4 Component: engine --- .../integration-cli/docker_cli_run_test.go | 62 +++++++++++++ .../engine/integration-cli/docker_utils.go | 34 +++++++ .../engine/integration/container_test.go | 91 ------------------- 3 files changed, 96 insertions(+), 91 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index 1021e152ab..7de2d334b1 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -6,6 +6,7 @@ import ( "io/ioutil" "os" "os/exec" + "path" "path/filepath" "reflect" "regexp" @@ -1644,3 +1645,64 @@ func TestRunWithBadDevice(t *testing.T) { } logDone("run - error with bad device") } + +func TestEntrypoint(t *testing.T) { + name := "entrypoint" + cmd := exec.Command(dockerBinary, "run", "--name", name, "--entrypoint", "/bin/echo", "busybox", "-n", "foobar") + out, _, err := runCommandWithOutput(cmd) + if err != nil { + t.Fatal(err, out) + } + expected := "foobar" + if out != expected { + t.Fatalf("Output should be %q, actual out: %q", expected, out) + } + logDone("run - entrypoint") +} + +func TestBindMounts(t *testing.T) { + tmpDir, err := ioutil.TempDir("", "docker-test-container") + if err != nil { + t.Fatal(err) + } + + defer os.RemoveAll(tmpDir) + writeFile(path.Join(tmpDir, "touch-me"), "", t) + + // Test reading from a read-only bind mount + cmd := exec.Command(dockerBinary, "run", "-v", fmt.Sprintf("%s:/tmp:ro", tmpDir), "busybox", "ls", "/tmp") + out, _, err := runCommandWithOutput(cmd) + if err != nil { + t.Fatal(err, out) + } + if !strings.Contains(out, "touch-me") { + t.Fatal("Container failed to read from bind mount") + } + + // test writing to bind mount + cmd = exec.Command(dockerBinary, "run", "-v", fmt.Sprintf("%s:/tmp:rw", tmpDir), "busybox", "touch", "/tmp/holla") + out, _, err = runCommandWithOutput(cmd) + if err != nil { + t.Fatal(err, out) + } + readFile(path.Join(tmpDir, "holla"), t) // Will fail if the file doesn't exist + + // test mounting to an illegal destination directory + cmd = exec.Command(dockerBinary, "run", "-v", fmt.Sprintf("%s:.", tmpDir), "busybox", "ls", ".") + _, err = runCommand(cmd) + if err == nil { + t.Fatal("Container bind mounted illegal directory") + } + + // test mount a file + cmd = exec.Command(dockerBinary, "run", "-v", fmt.Sprintf("%s/holla:/tmp/holla:rw", tmpDir), "busybox", "sh", "-c", "echo -n 'yotta' > /tmp/holla") + _, err = runCommand(cmd) + if err != nil { + t.Fatal(err, out) + } + content := readFile(path.Join(tmpDir, "holla"), t) // Will fail if the file doesn't exist + expected := "yotta" + if content != expected { + t.Fatalf("Output should be %q, actual out: %q", expected, content) + } +} diff --git a/components/engine/integration-cli/docker_utils.go b/components/engine/integration-cli/docker_utils.go index 5561fc24dc..cf1dd203f8 100644 --- a/components/engine/integration-cli/docker_utils.go +++ b/components/engine/integration-cli/docker_utils.go @@ -2,6 +2,7 @@ package main import ( "fmt" + "io" "io/ioutil" "net/http" "net/http/httptest" @@ -368,3 +369,36 @@ func fakeGIT(name string, files map[string]string) (*FakeGIT, error) { RepoURL: fmt.Sprintf("%s/%s.git", server.URL, name), }, nil } + +// Write `content` to the file at path `dst`, creating it if necessary, +// as well as any missing directories. +// The file is truncated if it already exists. +// Call t.Fatal() at the first error. +func writeFile(dst, content string, t *testing.T) { + // Create subdirectories if necessary + if err := os.MkdirAll(path.Dir(dst), 0700); err != nil && !os.IsExist(err) { + t.Fatal(err) + } + f, err := os.OpenFile(dst, os.O_CREATE|os.O_RDWR|os.O_TRUNC, 0700) + if err != nil { + t.Fatal(err) + } + // Write content (truncate if it exists) + if _, err := io.Copy(f, strings.NewReader(content)); err != nil { + t.Fatal(err) + } +} + +// Return the contents of file at path `src`. +// Call t.Fatal() at the first error (including if the file doesn't exist) +func readFile(src string, t *testing.T) (content string) { + f, err := os.Open(src) + if err != nil { + t.Fatal(err) + } + data, err := ioutil.ReadAll(f) + if err != nil { + t.Fatal(err) + } + return string(data) +} diff --git a/components/engine/integration/container_test.go b/components/engine/integration/container_test.go index 9d55b0b365..60f3e55bc5 100644 --- a/components/engine/integration/container_test.go +++ b/components/engine/integration/container_test.go @@ -1,12 +1,8 @@ package docker import ( - "fmt" "io" "io/ioutil" - "os" - "path" - "strings" "testing" "time" @@ -179,53 +175,6 @@ func TestTty(t *testing.T) { } } -func TestEntrypoint(t *testing.T) { - daemon := mkDaemon(t) - defer nuke(daemon) - container, _, err := daemon.Create( - &runconfig.Config{ - Image: GetTestImage(daemon).ID, - Entrypoint: []string{"/bin/echo"}, - Cmd: []string{"-n", "foobar"}, - }, - "", - ) - if err != nil { - t.Fatal(err) - } - defer daemon.Destroy(container) - output, err := container.Output() - if err != nil { - t.Fatal(err) - } - if string(output) != "foobar" { - t.Error(string(output)) - } -} - -func TestEntrypointNoCmd(t *testing.T) { - daemon := mkDaemon(t) - defer nuke(daemon) - container, _, err := daemon.Create( - &runconfig.Config{ - Image: GetTestImage(daemon).ID, - Entrypoint: []string{"/bin/echo", "foobar"}, - }, - "", - ) - if err != nil { - t.Fatal(err) - } - defer daemon.Destroy(container) - output, err := container.Output() - if err != nil { - t.Fatal(err) - } - if strings.Trim(string(output), "\r\n") != "foobar" { - t.Error(string(output)) - } -} - func BenchmarkRunSequential(b *testing.B) { daemon := mkDaemon(b) defer nuke(daemon) @@ -303,43 +252,3 @@ func BenchmarkRunParallel(b *testing.B) { b.Fatal(errors) } } - -func tempDir(t *testing.T) string { - tmpDir, err := ioutil.TempDir("", "docker-test-container") - if err != nil { - t.Fatal(err) - } - return tmpDir -} - -func TestBindMounts(t *testing.T) { - eng := NewTestEngine(t) - r := mkDaemonFromEngine(eng, t) - defer r.Nuke() - - tmpDir := tempDir(t) - defer os.RemoveAll(tmpDir) - writeFile(path.Join(tmpDir, "touch-me"), "", t) - - // Test reading from a read-only bind mount - stdout, _ := runContainer(eng, r, []string{"-v", fmt.Sprintf("%s:/tmp:ro", tmpDir), "_", "ls", "/tmp"}, t) - if !strings.Contains(stdout, "touch-me") { - t.Fatal("Container failed to read from bind mount") - } - - // test writing to bind mount - runContainer(eng, r, []string{"-v", fmt.Sprintf("%s:/tmp:rw", tmpDir), "_", "touch", "/tmp/holla"}, t) - readFile(path.Join(tmpDir, "holla"), t) // Will fail if the file doesn't exist - - // test mounting to an illegal destination directory - if _, err := runContainer(eng, r, []string{"-v", fmt.Sprintf("%s:.", tmpDir), "_", "ls", "."}, nil); err == nil { - t.Fatal("Container bind mounted illegal directory") - } - - // test mount a file - runContainer(eng, r, []string{"-v", fmt.Sprintf("%s/holla:/tmp/holla:rw", tmpDir), "_", "sh", "-c", "echo -n 'yotta' > /tmp/holla"}, t) - content := readFile(path.Join(tmpDir, "holla"), t) // Will fail if the file doesn't exist - if content != "yotta" { - t.Fatal("Container failed to write to bind mount file") - } -} From 98e27503894e1d1ad671e5b4537f6da958d780a0 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Thu, 28 Aug 2014 00:28:54 +0000 Subject: [PATCH 051/540] remove auth_test.go Signed-off-by: Victor Vieux Upstream-commit: 2b538bd555b001e69346321485cd07a5c5c11d67 Component: engine --- components/engine/integration/auth_test.go | 75 ---------------------- 1 file changed, 75 deletions(-) delete mode 100644 components/engine/integration/auth_test.go diff --git a/components/engine/integration/auth_test.go b/components/engine/integration/auth_test.go deleted file mode 100644 index 42cd1ac64d..0000000000 --- a/components/engine/integration/auth_test.go +++ /dev/null @@ -1,75 +0,0 @@ -package docker - -import ( - "crypto/rand" - "encoding/hex" - "fmt" - "os" - "strings" - "testing" - - "github.com/docker/docker/registry" -) - -// FIXME: these tests have an external dependency on a staging index hosted -// on the docker.io infrastructure. That dependency should be removed. -// - Unit tests should have no side-effect dependencies. -// - Integration tests should have side-effects limited to the host environment being tested. - -func TestLogin(t *testing.T) { - t.Skip("FIXME: please remove dependency on external services") - os.Setenv("DOCKER_INDEX_URL", "https://registry-stage.hub.docker.com/v1/") - defer os.Setenv("DOCKER_INDEX_URL", "") - authConfig := ®istry.AuthConfig{ - Username: "unittester", - Password: "surlautrerivejetattendrai", - Email: "noise+unittester@docker.com", - ServerAddress: "https://registry-stage.hub.docker.com/v1/", - } - status, err := registry.Login(authConfig, nil) - if err != nil { - t.Fatal(err) - } - if status != "Login Succeeded" { - t.Fatalf("Expected status \"Login Succeeded\", found \"%s\" instead", status) - } -} - -func TestCreateAccount(t *testing.T) { - t.Skip("FIXME: please remove dependency on external services") - tokenBuffer := make([]byte, 16) - _, err := rand.Read(tokenBuffer) - if err != nil { - t.Fatal(err) - } - token := hex.EncodeToString(tokenBuffer)[:12] - username := "ut" + token - authConfig := ®istry.AuthConfig{ - Username: username, - Password: "test42", - Email: fmt.Sprintf("docker-ut+%s@example.com", token), - ServerAddress: "https://registry-stage.hub.docker.com/v1/", - } - status, err := registry.Login(authConfig, nil) - if err != nil { - t.Fatal(err) - } - expectedStatus := fmt.Sprintf( - "Account created. Please see the documentation of the registry %s for instructions how to activate it.", - authConfig.ServerAddress, - ) - if status != expectedStatus { - t.Fatalf("Expected status: \"%s\", found \"%s\" instead.", expectedStatus, status) - } - - status, err = registry.Login(authConfig, nil) - if err == nil { - t.Fatalf("Expected error but found nil instead") - } - - expectedError := "Login: Account is not Active" - - if !strings.Contains(err.Error(), expectedError) { - t.Fatalf("Expected message \"%s\" but found \"%s\" instead", expectedError, err) - } -} From ac32065d5ca5db1d387131774f66505383f21843 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Mon, 14 Jul 2014 23:19:37 +0000 Subject: [PATCH 052/540] Update /etc/hosts when linked container is restarted Docker-DCO-1.1-Signed-off-by: Victor Vieux (github: vieux) Upstream-commit: 450740c891c60dda15b7abe29f35b8e142c2c40e Component: engine --- components/engine/daemon/container.go | 36 ++++++++++++-- components/engine/daemon/daemon.go | 9 ++++ .../docs/sources/articles/networking.md | 5 +- .../engine/docs/sources/reference/run.md | 3 ++ .../docs/sources/userguide/dockerlinks.md | 10 ++++ .../integration-cli/docker_cli_run_test.go | 47 +++++++++++++++++++ components/engine/pkg/graphdb/graphdb.go | 34 ++++++++++++++ .../engine/pkg/networkfs/etchosts/etchosts.go | 10 ++++ 8 files changed, 149 insertions(+), 5 deletions(-) diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index 59571ed814..23f5f999eb 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -297,6 +297,9 @@ func (container *Container) Start() (err error) { if err := container.initializeNetworking(); err != nil { return err } + if err := container.updateParentsHosts(); err != nil { + return err + } container.verifyDaemonSettings() if err := prepareVolumesForContainer(container); err != nil { return err @@ -390,10 +393,7 @@ func (container *Container) buildHostnameFile() error { return ioutil.WriteFile(container.HostnamePath, []byte(container.Config.Hostname+"\n"), 0644) } -func (container *Container) buildHostnameAndHostsFiles(IP string) error { - if err := container.buildHostnameFile(); err != nil { - return err - } +func (container *Container) buildHostsFiles(IP string) error { hostsPath, err := container.getRootResourcePath("hosts") if err != nil { @@ -416,6 +416,14 @@ func (container *Container) buildHostnameAndHostsFiles(IP string) error { return etchosts.Build(container.HostsPath, IP, container.Config.Hostname, container.Config.Domainname, &extraContent) } +func (container *Container) buildHostnameAndHostsFiles(IP string) error { + if err := container.buildHostnameFile(); err != nil { + return err + } + + return container.buildHostsFiles(IP) +} + func (container *Container) allocateNetwork() error { mode := container.hostConfig.NetworkMode if container.Config.NetworkDisabled || mode.IsContainer() || mode.IsHost() { @@ -878,6 +886,26 @@ func (container *Container) setupContainerDns() error { return ioutil.WriteFile(container.ResolvConfPath, resolvConf, 0644) } +func (container *Container) updateParentsHosts() error { + parents, err := container.daemon.Parents(container.Name) + if err != nil { + return err + } + for _, cid := range parents { + if cid == "0" { + continue + } + + c := container.daemon.Get(cid) + if c != nil && !container.daemon.config.DisableNetwork && !container.hostConfig.NetworkMode.IsContainer() && !container.hostConfig.NetworkMode.IsHost() { + if err := etchosts.Update(c.HostsPath, container.NetworkSettings.IPAddress, container.Name[1:]); err != nil { + return fmt.Errorf("Failed to update /etc/hosts in parent container: %v", err) + } + } + } + return nil +} + func (container *Container) initializeNetworking() error { var err error if container.hostConfig.NetworkMode.IsHost() { diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go index 968844e3d2..8ff79801c8 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go @@ -621,6 +621,15 @@ func (daemon *Daemon) Children(name string) (map[string]*Container, error) { return children, nil } +func (daemon *Daemon) Parents(name string) ([]string, error) { + name, err := GetFullContainerName(name) + if err != nil { + return nil, err + } + + return daemon.containerGraph.Parents(name) +} + func (daemon *Daemon) RegisterLink(parent, child *Container, alias string) error { fullName := path.Join(parent.Name, alias) if !daemon.containerGraph.Exists(fullName) { diff --git a/components/engine/docs/sources/articles/networking.md b/components/engine/docs/sources/articles/networking.md index f9aa2d26d3..43443e0e18 100644 --- a/components/engine/docs/sources/articles/networking.md +++ b/components/engine/docs/sources/articles/networking.md @@ -150,7 +150,10 @@ Four different options affect container domain name services. `CONTAINER_NAME`. This lets processes inside the new container connect to the hostname `ALIAS` without having to know its IP. The `--link=` option is discussed in more detail below, in the section - [Communication between containers](#between-containers). + [Communication between containers](#between-containers). Docker updates + the ALIAS entry in the /etc/hosts file of the recipient containers + in order to keep the link since Docker may assign a different IP + address to the linked containers on restart. * `--dns=IP_ADDRESS...` — sets the IP addresses added as `server` lines to the container's `/etc/resolv.conf` file. Processes in the diff --git a/components/engine/docs/sources/reference/run.md b/components/engine/docs/sources/reference/run.md index a933a32bea..6dc7b40721 100644 --- a/components/engine/docs/sources/reference/run.md +++ b/components/engine/docs/sources/reference/run.md @@ -432,6 +432,9 @@ mechanism to communicate with a linked container by its alias: $ docker run -d --name servicename busybox sleep 30 $ docker run -i -t --link servicename:servicealias busybox ping -c 1 servicealias +If you restart the source container (`servicename` in this case), the recipient +container's `/etc/hosts` entry will be automatically updated. + ## VOLUME (Shared Filesystems) -v=[]: Create a bind mount with: [host-dir]:[container-dir]:[rw|ro]. diff --git a/components/engine/docs/sources/userguide/dockerlinks.md b/components/engine/docs/sources/userguide/dockerlinks.md index 3624bf72c3..7a5c1514d0 100644 --- a/components/engine/docs/sources/userguide/dockerlinks.md +++ b/components/engine/docs/sources/userguide/dockerlinks.md @@ -241,6 +241,16 @@ to make use of your `db` container. > example, you could have multiple (differently named) web containers attached to your >`db` container. +If you restart the source container, the linked containers `/etc/hosts` files +will be automatically updated with the source container's new IP address, +allowing linked communication to continue. + + $ sudo docker restart db + root@aed84ee21bde:/opt/webapp# cat /etc/hosts + 172.17.0.7 aed84ee21bde + . . . + 172.17.0.9 db + # Next step Now that you know how to link Docker containers together, the next step is diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index 7de2d334b1..a080788dd2 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -1706,3 +1706,50 @@ func TestBindMounts(t *testing.T) { t.Fatalf("Output should be %q, actual out: %q", expected, content) } } + +func TestHostsLinkedContainerUpdate(t *testing.T) { + tmpdir, err := ioutil.TempDir("", "docker-integration") + if err != nil { + t.Fatal(err) + } + defer os.RemoveAll(tmpdir) + + out, _, err := runCommandWithOutput(exec.Command(dockerBinary, "run", "-d", "--name", "c1", "busybox", "sleep", "5")) + if err != nil { + t.Fatal(err, out) + } + + // TODO fix docker cp and /etc/hosts + out, _, err = runCommandWithOutput(exec.Command(dockerBinary, "run", "-d", "--link", "c1:c1", "--name", "c2", "busybox", "sh", "-c", "while true;do cp /etc/hosts /hosts; done")) + if err != nil { + t.Fatal(err, out) + } + + out, _, err = runCommandWithOutput(exec.Command(dockerBinary, "cp", "c2:/hosts", tmpdir+"/1")) + if err != nil { + t.Fatal(err, out) + } + + out, _, err = runCommandWithOutput(exec.Command(dockerBinary, "restart", "-t", "0", "c1")) + if err != nil { + t.Fatal(err, out) + } + + out, _, err = runCommandWithOutput(exec.Command(dockerBinary, "cp", "c2:/hosts", tmpdir+"/2")) + if err != nil { + t.Fatal(err, out) + } + + out, _, _, err = runCommandWithStdoutStderr(exec.Command("diff", tmpdir+"/1", tmpdir+"/2")) + if err == nil { + t.Fatalf("Expecting error, got none") + } + out = stripTrailingCharacters(out) + if out == "" { + t.Fatalf("expected /etc/hosts to be updated, but wasn't") + } + + deleteAllContainers() + + logDone("run - /etc/hosts updated in parent when restart") +} diff --git a/components/engine/pkg/graphdb/graphdb.go b/components/engine/pkg/graphdb/graphdb.go index d0e049b07f..59873fefb3 100644 --- a/components/engine/pkg/graphdb/graphdb.go +++ b/components/engine/pkg/graphdb/graphdb.go @@ -281,6 +281,18 @@ func (db *Database) Children(name string, depth int) ([]WalkMeta, error) { return db.children(e, name, depth, nil) } +// Return the parents of a specified entity +func (db *Database) Parents(name string) ([]string, error) { + db.mux.RLock() + defer db.mux.RUnlock() + + e, err := db.get(name) + if err != nil { + return nil, err + } + return db.parents(e) +} + // Return the refrence count for a specified id func (db *Database) Refs(id string) int { db.mux.RLock() @@ -466,6 +478,28 @@ func (db *Database) children(e *Entity, name string, depth int, entities []WalkM return entities, nil } +func (db *Database) parents(e *Entity) (parents []string, err error) { + if e == nil { + return parents, nil + } + + rows, err := db.conn.Query("SELECT parent_id FROM edge where entity_id = ?;", e.id) + if err != nil { + return nil, err + } + defer rows.Close() + + for rows.Next() { + var parentId string + if err := rows.Scan(&parentId); err != nil { + return nil, err + } + parents = append(parents, parentId) + } + + return parents, nil +} + // Return the entity based on the parent path and name func (db *Database) child(parent *Entity, name string) *Entity { var id string diff --git a/components/engine/pkg/networkfs/etchosts/etchosts.go b/components/engine/pkg/networkfs/etchosts/etchosts.go index 144a039bff..6cf29b046f 100644 --- a/components/engine/pkg/networkfs/etchosts/etchosts.go +++ b/components/engine/pkg/networkfs/etchosts/etchosts.go @@ -4,6 +4,7 @@ import ( "bytes" "fmt" "io/ioutil" + "regexp" ) var defaultContent = map[string]string{ @@ -41,3 +42,12 @@ func Build(path, IP, hostname, domainname string, extraContent *map[string]strin return ioutil.WriteFile(path, content.Bytes(), 0644) } + +func Update(path, IP, hostname string) error { + old, err := ioutil.ReadFile(path) + if err != nil { + return err + } + var re = regexp.MustCompile(fmt.Sprintf("(\\S*)(\\t%s)", regexp.QuoteMeta(hostname))) + return ioutil.WriteFile(path, re.ReplaceAll(old, []byte(IP+"$2")), 0644) +} From 303526eefde1da33d3d490eb51378f1c2aecd66c Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Mon, 25 Aug 2014 22:19:00 -0700 Subject: [PATCH 053/540] pkg/graphdb: tests for Parents and Children Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 925a3254e757407c5bfea5575df3b807f6596e70 Component: engine --- components/engine/pkg/graphdb/graphdb_test.go | 80 ++++++++++++++++++- 1 file changed, 79 insertions(+), 1 deletion(-) diff --git a/components/engine/pkg/graphdb/graphdb_test.go b/components/engine/pkg/graphdb/graphdb_test.go index 8cddd0bf48..7568e66de4 100644 --- a/components/engine/pkg/graphdb/graphdb_test.go +++ b/components/engine/pkg/graphdb/graphdb_test.go @@ -34,7 +34,7 @@ func TestNewDatabase(t *testing.T) { defer destroyTestDb(dbpath) } -func TestCreateRootEnity(t *testing.T) { +func TestCreateRootEntity(t *testing.T) { db, dbpath := newTestDb(t) defer destroyTestDb(dbpath) root := db.RootEntity() @@ -94,6 +94,84 @@ func TestCreateChild(t *testing.T) { } } +func TestParents(t *testing.T) { + db, dbpath := newTestDb(t) + defer destroyTestDb(dbpath) + + for i := 1; i < 6; i++ { + a := strconv.Itoa(i) + if _, err := db.Set("/"+a, a); err != nil { + t.Fatal(err) + } + } + + for i := 6; i < 11; i++ { + a := strconv.Itoa(i) + p := strconv.Itoa(i - 5) + + key := fmt.Sprintf("/%s/%s", p, a) + + if _, err := db.Set(key, a); err != nil { + t.Fatal(err) + } + + parents, err := db.Parents(key) + if err != nil { + t.Fatal(err) + } + + if len(parents) != 1 { + t.Fatalf("Expected 2 entries for %s got %d", key, len(parents)) + } + + if parents[0] != p { + t.Fatalf("ID %s received, %s expected", parents[0], p) + } + } +} + +func TestChildren(t *testing.T) { + db, dbpath := newTestDb(t) + defer destroyTestDb(dbpath) + + str := "/" + for i := 1; i < 6; i++ { + a := strconv.Itoa(i) + if _, err := db.Set(str+a, a); err != nil { + t.Fatal(err) + } + + str = str + a + "/" + } + + str = "/" + for i := 10; i < 30; i++ { // 20 entities + a := strconv.Itoa(i) + if _, err := db.Set(str+a, a); err != nil { + t.Fatal(err) + } + + str = str + a + "/" + } + entries, err := db.Children("/", 5) + if err != nil { + t.Fatal(err) + } + + if len(entries) != 11 { + t.Fatalf("Expect 11 entries for / got %d", len(entries)) + } + + entries, err = db.Children("/", 20) + if err != nil { + t.Fatal(err) + } + + if len(entries) != 25 { + t.Fatalf("Expect 25 entries for / got %d", len(entries)) + } +} + func TestListAllRootChildren(t *testing.T) { db, dbpath := newTestDb(t) defer destroyTestDb(dbpath) From 31ac70b2bece4cf3c4e07e66f26361bfddf2bfc2 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Mon, 25 Aug 2014 22:23:56 -0700 Subject: [PATCH 054/540] pkg/networkfs/etchosts: tests for Update method Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 9f09ef18a44d6e14da3d8a60d923de9e38ffc33e Component: engine --- .../pkg/networkfs/etchosts/etchosts_test.go | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/components/engine/pkg/networkfs/etchosts/etchosts_test.go b/components/engine/pkg/networkfs/etchosts/etchosts_test.go index 44406c81b8..05a4f447f7 100644 --- a/components/engine/pkg/networkfs/etchosts/etchosts_test.go +++ b/components/engine/pkg/networkfs/etchosts/etchosts_test.go @@ -72,3 +72,37 @@ func TestBuildNoIP(t *testing.T) { t.Fatalf("Expected to find '%s' got '%s'", expected, content) } } + +func TestUpdate(t *testing.T) { + file, err := ioutil.TempFile("", "") + if err != nil { + t.Fatal(err) + } + defer os.Remove(file.Name()) + + if err := Build(file.Name(), "10.11.12.13", "testhostname", "testdomainname", nil); err != nil { + t.Fatal(err) + } + + content, err := ioutil.ReadFile(file.Name()) + if err != nil { + t.Fatal(err) + } + + if expected := "10.11.12.13\ttesthostname.testdomainname testhostname\n"; !bytes.Contains(content, []byte(expected)) { + t.Fatalf("Expected to find '%s' got '%s'", expected, content) + } + + if err := Update(file.Name(), "1.1.1.1", "testhostname"); err != nil { + t.Fatal(err) + } + + content, err = ioutil.ReadFile(file.Name()) + if err != nil { + t.Fatal(err) + } + + if expected := "1.1.1.1\ttesthostname.testdomainname testhostname\n"; !bytes.Contains(content, []byte(expected)) { + t.Fatalf("Expected to find '%s' got '%s'", expected, content) + } +} From 9d40e69de70ecd40a212593f83416e81ea424bc6 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Tue, 26 Aug 2014 10:59:22 -0700 Subject: [PATCH 055/540] Update networking doc with clarified text regarding links usage Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: f6a2fc4c3370983043a4284be5d8a09c3ff3bb6e Component: engine --- components/engine/docs/sources/articles/networking.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/components/engine/docs/sources/articles/networking.md b/components/engine/docs/sources/articles/networking.md index 43443e0e18..d61ebd65ba 100644 --- a/components/engine/docs/sources/articles/networking.md +++ b/components/engine/docs/sources/articles/networking.md @@ -150,10 +150,10 @@ Four different options affect container domain name services. `CONTAINER_NAME`. This lets processes inside the new container connect to the hostname `ALIAS` without having to know its IP. The `--link=` option is discussed in more detail below, in the section - [Communication between containers](#between-containers). Docker updates - the ALIAS entry in the /etc/hosts file of the recipient containers - in order to keep the link since Docker may assign a different IP - address to the linked containers on restart. + [Communication between containers](#between-containers). Because + Docker may assign a different IP address to the linked containers + on restart, Docker updates the ALIAS entry in the /etc/hosts file + of the recipient containers. * `--dns=IP_ADDRESS...` — sets the IP addresses added as `server` lines to the container's `/etc/resolv.conf` file. Processes in the From 2fc0dfef1821ba6db3c0d7bd7da589e15b45108e Mon Sep 17 00:00:00 2001 From: Fred Lifton Date: Wed, 27 Aug 2014 18:34:19 -0700 Subject: [PATCH 056/540] Adding release notes to docs home This is a temporary solution until we have a dedicated release notes page with automated content. Docker-DCO-1.1-Signed-off-by: Fred Lifton (github: fredlf) Upstream-commit: 1c3b732f8a6ed6f1d01a6ecacc6753899842c2f0 Component: engine --- components/engine/docs/sources/index.md | 64 ++++++++++++++++++++++++- 1 file changed, 63 insertions(+), 1 deletion(-) diff --git a/components/engine/docs/sources/index.md b/components/engine/docs/sources/index.md index 8a6882a010..401381a270 100644 --- a/components/engine/docs/sources/index.md +++ b/components/engine/docs/sources/index.md @@ -83,5 +83,67 @@ Docker on a variety of platforms. ### Docker User Guide -To learn about Docker in more detail and to answer questions about usage and implementation, check out the [Docker User Guide](/userguide/). +To learn about Docker in more detail and to answer questions about usage and +implementation, check out the [Docker User Guide](/userguide/). + +## Release Notes + +**Version 1.2.0** + +This version fixes a number of bugs and issues and adds new functions and other +improvements. These include: + +*New restart policies* + +We added a `--restart flag` to `docker run` to specify a restart policy for your +container. Currently, there are three policies available: + +`no` – Do not restart the container if it dies. (default) +`on-failure` – Restart the container if it exits with a non-zero exit code. +This can also accept an optional maximum restart count (e.g. `on-failure:5`). +`always` – Always restart the container no matter what exit code is returned. +This deprecates the `--restart` flag on the Docker daemon. + +*New flags for `docker run`: `--cap-add` and `–-cap-drop`* + +In previous releases, Docker containers could either be given complete capabilities or +they could all follow a whitelist of allowed capabilities while dropping all others. +Further, using `--privileged` would grant all capabilities inside a container, rather than +applying a whitelist. This was not recommended for production use because it’s really +unsafe; it’s as if you were directly in the host. + +This release introduces two new flags for `docker run` --cap-add and --cap-drop that give +you fine grain control over the specific capabilities you want grant to a particular +container. + +*New `-–device` flag for `docker run`* + +Previously, you could only use devices inside your containers by bind mounting them ( with +`-v`) in a `--privileged` container. With this release, we introduce the `--device flag` +to `docker run` which lets you use a device without requiring a privileged container. + + +*Writable `/etc/hosts`, `/etc/hostname` and `/etc/resolv.conf`* + +You can now edit `/etc/hosts`, `/etc/hostname` and `/etc/resolve.conf` in a running +container. This is useful if you need to install bind or other services that might +override one of those files. + +Note, however, that changes to these files are not saved during a docker build and so will +not be preserved in the resulting image. The changes will only “stick” in a running +container. + +*Docker proxy in a separate process* + +The Docker userland proxy that routes outbound traffic to your containers now has its own +separate process (one process per connection). This greatly reduces the load on the +daemon, which increases stability and efficiency. + +*Other Improvements & Changes* + +* When using `docker rm -f`, Docker now kills the container (instead of stopping it) before removing it . If you intend to stop the container cleanly, you can use `docker stop`. + +* Added support for IPv6 addresses in `--dns` + +* Added search capability in private registries From 68301c38288c1554119f272cd8e44b6342965cac Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Tue, 5 Aug 2014 13:17:40 -0700 Subject: [PATCH 057/540] builder: parser and beginnings of the evaluator Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 22c46af4b358cf3ec4f7af47c701064c00cf7de4 Component: engine --- components/engine/builder/.gitignore | 2 + .../builder/evaluator/builder/.gitignore | 2 + .../engine/builder/evaluator/builder/main.go | 31 +++ .../engine/builder/evaluator/dispatchers.go | 45 ++++ .../engine/builder/evaluator/evaluator.go | 118 +++++++++ .../engine/builder/evaluator/internals.go | 247 ++++++++++++++++++ .../engine/builder/evaluator/support.go | 33 +++ .../engine/builder/parser/dumper/.gitignore | 2 + .../engine/builder/parser/dumper/main.go | 32 +++ .../engine/builder/parser/line_parsers.go | 99 +++++++ components/engine/builder/parser/parser.go | 147 +++++++++++ .../engine/builder/parser/parser_test.go | 56 ++++ .../testfiles/brimstone-consuldock/Dockerfile | 25 ++ .../testfiles/brimstone-consuldock/result | 5 + .../brimstone-docker-consul/Dockerfile | 52 ++++ .../testfiles/brimstone-docker-consul/result | 9 + .../testfiles/cpuguy83-nagios/Dockerfile | 54 ++++ .../parser/testfiles/cpuguy83-nagios/result | 40 +++ .../parser/testfiles/docker/Dockerfile | 105 ++++++++ .../builder/parser/testfiles/docker/result | 25 ++ .../parser/testfiles/escapes/Dockerfile | 8 + .../builder/parser/testfiles/escapes/result | 5 + .../parser/testfiles/influxdb/Dockerfile | 15 ++ .../builder/parser/testfiles/influxdb/result | 11 + .../kartar-entrypoint-oddities/Dockerfile | 7 + .../kartar-entrypoint-oddities/result | 7 + .../lk4d4-the-edge-case-generator/Dockerfile | 48 ++++ .../lk4d4-the-edge-case-generator/result | 29 ++ .../builder/parser/testfiles/mail/Dockerfile | 16 ++ .../builder/parser/testfiles/mail/result | 14 + .../parser/testfiles/mumble/Dockerfile | 7 + .../builder/parser/testfiles/mumble/result | 4 + .../builder/parser/testfiles/nginx/Dockerfile | 14 + .../builder/parser/testfiles/nginx/result | 11 + .../builder/parser/testfiles/tf2/Dockerfile | 23 ++ .../builder/parser/testfiles/tf2/result | 20 ++ .../parser/testfiles/weechat/Dockerfile | 9 + .../builder/parser/testfiles/weechat/result | 6 + .../builder/parser/testfiles/znc/Dockerfile | 7 + .../builder/parser/testfiles/znc/result | 5 + components/engine/builder/parser/utils.go | 86 ++++++ 41 files changed, 1481 insertions(+) create mode 100644 components/engine/builder/.gitignore create mode 100644 components/engine/builder/evaluator/builder/.gitignore create mode 100644 components/engine/builder/evaluator/builder/main.go create mode 100644 components/engine/builder/evaluator/dispatchers.go create mode 100644 components/engine/builder/evaluator/evaluator.go create mode 100644 components/engine/builder/evaluator/internals.go create mode 100644 components/engine/builder/evaluator/support.go create mode 100644 components/engine/builder/parser/dumper/.gitignore create mode 100644 components/engine/builder/parser/dumper/main.go create mode 100644 components/engine/builder/parser/line_parsers.go create mode 100644 components/engine/builder/parser/parser.go create mode 100644 components/engine/builder/parser/parser_test.go create mode 100644 components/engine/builder/parser/testfiles/brimstone-consuldock/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/brimstone-consuldock/result create mode 100644 components/engine/builder/parser/testfiles/brimstone-docker-consul/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/brimstone-docker-consul/result create mode 100644 components/engine/builder/parser/testfiles/cpuguy83-nagios/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/cpuguy83-nagios/result create mode 100644 components/engine/builder/parser/testfiles/docker/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/docker/result create mode 100644 components/engine/builder/parser/testfiles/escapes/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/escapes/result create mode 100644 components/engine/builder/parser/testfiles/influxdb/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/influxdb/result create mode 100644 components/engine/builder/parser/testfiles/kartar-entrypoint-oddities/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/kartar-entrypoint-oddities/result create mode 100644 components/engine/builder/parser/testfiles/lk4d4-the-edge-case-generator/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/lk4d4-the-edge-case-generator/result create mode 100644 components/engine/builder/parser/testfiles/mail/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/mail/result create mode 100644 components/engine/builder/parser/testfiles/mumble/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/mumble/result create mode 100644 components/engine/builder/parser/testfiles/nginx/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/nginx/result create mode 100644 components/engine/builder/parser/testfiles/tf2/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/tf2/result create mode 100644 components/engine/builder/parser/testfiles/weechat/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/weechat/result create mode 100644 components/engine/builder/parser/testfiles/znc/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/znc/result create mode 100644 components/engine/builder/parser/utils.go diff --git a/components/engine/builder/.gitignore b/components/engine/builder/.gitignore new file mode 100644 index 0000000000..34b1c07205 --- /dev/null +++ b/components/engine/builder/.gitignore @@ -0,0 +1,2 @@ +main +gopath diff --git a/components/engine/builder/evaluator/builder/.gitignore b/components/engine/builder/evaluator/builder/.gitignore new file mode 100644 index 0000000000..85354a2b0e --- /dev/null +++ b/components/engine/builder/evaluator/builder/.gitignore @@ -0,0 +1,2 @@ +builder +Dockerfile diff --git a/components/engine/builder/evaluator/builder/main.go b/components/engine/builder/evaluator/builder/main.go new file mode 100644 index 0000000000..8c0b6d1f0e --- /dev/null +++ b/components/engine/builder/evaluator/builder/main.go @@ -0,0 +1,31 @@ +package main + +import ( + "os" + + "github.com/erikh/buildfile/evaluator" +) + +func main() { + if len(os.Args) < 2 { + os.Stderr.WriteString("Please supply filename(s) to evaluate") + os.Exit(1) + } + + for _, fn := range os.Args[1:] { + f, err := os.Open(fn) + if err != nil { + panic(err) + } + + opts := &evaluator.BuildOpts{} + + bf, err := opts.NewBuildFile(f) + if err != nil { + panic(err) + } + if err := bf.Run(); err != nil { + panic(err) + } + } +} diff --git a/components/engine/builder/evaluator/dispatchers.go b/components/engine/builder/evaluator/dispatchers.go new file mode 100644 index 0000000000..f6c99a4db1 --- /dev/null +++ b/components/engine/builder/evaluator/dispatchers.go @@ -0,0 +1,45 @@ +package evaluator + +import ( + "fmt" + "strings" +) + +func env(b *buildFile, args ...string) error { + if len(args) != 2 { + return fmt.Errorf("ENV accepts two arguments") + } + + // the duplication here is intended to ease the replaceEnv() call's env + // handling. This routine gets much shorter with the denormalization here. + key := args[0] + b.env[key] = args[1] + b.config.Env = append(b.config.Env, strings.Join("=", key, b.env[key])) + + return b.commit("", b.config.Cmd, fmt.Sprintf("ENV %s", value)) +} + +func maintainer(b *buildFile, args ...string) error { + if len(args) != 1 { + return fmt.Errorf("MAINTAINER requires only one argument") + } + + b.maintainer = args[0] + return b.commit("", b.config.Cmd, fmt.Sprintf("MAINTAINER %s", b.maintainer)) +} + +func add(b *buildFile, args ...string) error { + if len(args) != 2 { + return fmt.Errorf("ADD requires two arguments") + } + + return b.runContextCommand(args, true, true, "ADD") +} + +func dispatchCopy(b *buildFile, args ...string) error { + if len(args) != 2 { + return fmt.Errorf("COPY requires two arguments") + } + + return b.runContextCommand(args, false, false, "COPY") +} diff --git a/components/engine/builder/evaluator/evaluator.go b/components/engine/builder/evaluator/evaluator.go new file mode 100644 index 0000000000..9b35bc2e15 --- /dev/null +++ b/components/engine/builder/evaluator/evaluator.go @@ -0,0 +1,118 @@ +package evaluator + +import ( + "fmt" + "io" + "regexp" + "strings" + + "github.com/erikh/buildfile/parser" + + "github.com/docker/docker/daemon" + "github.com/docker/docker/engine" + "github.com/docker/docker/nat" + "github.com/docker/docker/registry" + "github.com/docker/docker/runconfig" + "github.com/docker/docker/utils" +) + +var ( + evaluateTable = map[string]func(*buildFile, ...string) error{ + "env": env, + "maintainer": maintainer, + "add": add, + "copy": dispatchCopy, // copy() is a go builtin + //"onbuild": parseMaybeJSON, + //"workdir": parseString, + //"docker-version": parseString, + //"run": parseMaybeJSON, + //"cmd": parseMaybeJSON, + //"entrypoint": parseMaybeJSON, + //"expose": parseMaybeJSON, + //"volume": parseMaybeJSON, + } +) + +type buildFile struct { + dockerfile *parser.Node + env envMap + image string + config *runconfig.Config + options *BuildOpts + maintainer string +} + +type BuildOpts struct { + Daemon *daemon.Daemon + Engine *engine.Engine + OutStream io.Writer + ErrStream io.Writer + Verbose bool + UtilizeCache bool + Remove bool + ForceRm bool + OutOld io.Writer + StreamFormatter *utils.StreamFormatter + Auth *registry.AuthConfig + AuthConfigFile *registry.ConfigFile +} + +func (opts *BuildOpts) NewBuildFile(file io.ReadWriteCloser) (*buildFile, error) { + ast, err := parser.Parse(file) + if err != nil { + return nil, err + } + + return &buildFile{ + dockerfile: ast, + env: envMap{}, + config: initRunConfig(), + options: opts, + }, nil +} + +func (b *buildFile) Run() error { + node := b.dockerfile + + for i, n := range node.Children { + if err := b.dispatch(i, n); err != nil { + return err + } + } + + return nil +} + +func initRunConfig() *runconfig.Config { + return &runconfig.Config{ + PortSpecs: []string{}, + // FIXME(erikh) this should be a type that lives in runconfig + ExposedPorts: map[nat.Port]struct{}{}, + Env: []string{}, + Cmd: []string{}, + + // FIXME(erikh) this should also be a type in runconfig + Volumes: map[string]struct{}{}, + Entrypoint: []string{}, + OnBuild: []string{}, + } +} + +func (b *buildFile) dispatch(stepN int, ast *parser.Node) error { + cmd := ast.Value + strs := []string{} + for ast.Next != nil { + ast = ast.Next + strs = append(strs, replaceEnv(b, stripQuotes(ast.Value))) + } + + fmt.Fprintf(b.outStream, "Step %d : %s\n", i, cmd, expression) + + // XXX yes, we skip any cmds that are not valid; the parser should have + // picked these out already. + if f, ok := evaluateTable[cmd]; ok { + return f(b, strs...) + } + + return nil +} diff --git a/components/engine/builder/evaluator/internals.go b/components/engine/builder/evaluator/internals.go new file mode 100644 index 0000000000..8f81624381 --- /dev/null +++ b/components/engine/builder/evaluator/internals.go @@ -0,0 +1,247 @@ +package evaluator + +func (b *buildFile) addContext(context io.Reader) (string, error) { + tmpdirPath, err := ioutil.TempDir("", "docker-build") + if err != nil { + return err + } + + decompressedStream, err := archive.DecompressStream(context) + if err != nil { + return err + } + + b.context = &tarsum.TarSum{Reader: decompressedStream, DisableCompression: true} + if err := archive.Untar(b.context, tmpdirPath, nil); err != nil { + return err + } + + b.contextPath = tmpdirPath + return tmpdirPath +} + +func (b *buildFile) commit(id string, autoCmd []string, comment string) error { + if b.image == "" { + return fmt.Errorf("Please provide a source image with `from` prior to commit") + } + b.config.Image = b.image + if id == "" { + cmd := b.config.Cmd + b.config.Cmd = []string{"/bin/sh", "-c", "#(nop) " + comment} + defer func(cmd []string) { b.config.Cmd = cmd }(cmd) + + hit, err := b.probeCache() + if err != nil { + return err + } + if hit { + return nil + } + + container, warnings, err := b.daemon.Create(b.config, "") + if err != nil { + return err + } + for _, warning := range warnings { + fmt.Fprintf(b.outStream, " ---> [Warning] %s\n", warning) + } + b.tmpContainers[container.ID] = struct{}{} + fmt.Fprintf(b.outStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) + id = container.ID + + if err := container.Mount(); err != nil { + return err + } + defer container.Unmount() + } + container := b.daemon.Get(id) + if container == nil { + return fmt.Errorf("An error occured while creating the container") + } + + // Note: Actually copy the struct + autoConfig := *b.config + autoConfig.Cmd = autoCmd + // Commit the container + image, err := b.daemon.Commit(container, "", "", "", b.maintainer, true, &autoConfig) + if err != nil { + return err + } + b.tmpImages[image.ID] = struct{}{} + b.image = image.ID + return nil +} + +func (b *buildFile) runContextCommand(args string, allowRemote bool, allowDecompression bool, cmdName string) error { + if b.context == nil { + return fmt.Errorf("No context given. Impossible to use %s", cmdName) + } + tmp := strings.SplitN(args, " ", 2) + if len(tmp) != 2 { + return fmt.Errorf("Invalid %s format", cmdName) + } + + orig, err := b.ReplaceEnvMatches(strings.Trim(tmp[0], " \t")) + if err != nil { + return err + } + + dest, err := b.ReplaceEnvMatches(strings.Trim(tmp[1], " \t")) + if err != nil { + return err + } + + cmd := b.config.Cmd + b.config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, orig, dest)} + defer func(cmd []string) { b.config.Cmd = cmd }(cmd) + b.config.Image = b.image + + var ( + origPath = orig + destPath = dest + remoteHash string + isRemote bool + decompress = true + ) + + isRemote = utils.IsURL(orig) + if isRemote && !allowRemote { + return fmt.Errorf("Source can't be an URL for %s", cmdName) + } else if utils.IsURL(orig) { + // Initiate the download + resp, err := utils.Download(orig) + if err != nil { + return err + } + + // Create a tmp dir + tmpDirName, err := ioutil.TempDir(b.contextPath, "docker-remote") + if err != nil { + return err + } + + // Create a tmp file within our tmp dir + tmpFileName := path.Join(tmpDirName, "tmp") + tmpFile, err := os.OpenFile(tmpFileName, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0600) + if err != nil { + return err + } + defer os.RemoveAll(tmpDirName) + + // Download and dump result to tmp file + if _, err := io.Copy(tmpFile, resp.Body); err != nil { + tmpFile.Close() + return err + } + tmpFile.Close() + + // Remove the mtime of the newly created tmp file + if err := system.UtimesNano(tmpFileName, make([]syscall.Timespec, 2)); err != nil { + return err + } + + origPath = path.Join(filepath.Base(tmpDirName), filepath.Base(tmpFileName)) + + // Process the checksum + r, err := archive.Tar(tmpFileName, archive.Uncompressed) + if err != nil { + return err + } + tarSum := &tarsum.TarSum{Reader: r, DisableCompression: true} + if _, err := io.Copy(ioutil.Discard, tarSum); err != nil { + return err + } + remoteHash = tarSum.Sum(nil) + r.Close() + + // If the destination is a directory, figure out the filename. + if strings.HasSuffix(dest, "/") { + u, err := url.Parse(orig) + if err != nil { + return err + } + path := u.Path + if strings.HasSuffix(path, "/") { + path = path[:len(path)-1] + } + parts := strings.Split(path, "/") + filename := parts[len(parts)-1] + if filename == "" { + return fmt.Errorf("cannot determine filename from url: %s", u) + } + destPath = dest + filename + } + } + + if err := b.checkPathForAddition(origPath); err != nil { + return err + } + + // Hash path and check the cache + if b.utilizeCache { + var ( + hash string + sums = b.context.GetSums() + ) + + if remoteHash != "" { + hash = remoteHash + } else if fi, err := os.Stat(path.Join(b.contextPath, origPath)); err != nil { + return err + } else if fi.IsDir() { + var subfiles []string + for file, sum := range sums { + absFile := path.Join(b.contextPath, file) + absOrigPath := path.Join(b.contextPath, origPath) + if strings.HasPrefix(absFile, absOrigPath) { + subfiles = append(subfiles, sum) + } + } + sort.Strings(subfiles) + hasher := sha256.New() + hasher.Write([]byte(strings.Join(subfiles, ","))) + hash = "dir:" + hex.EncodeToString(hasher.Sum(nil)) + } else { + if origPath[0] == '/' && len(origPath) > 1 { + origPath = origPath[1:] + } + origPath = strings.TrimPrefix(origPath, "./") + if h, ok := sums[origPath]; ok { + hash = "file:" + h + } + } + b.config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, hash, dest)} + hit, err := b.probeCache() + if err != nil { + return err + } + // If we do not have a hash, never use the cache + if hit && hash != "" { + return nil + } + } + + // Create the container + container, _, err := b.daemon.Create(b.config, "") + if err != nil { + return err + } + b.tmpContainers[container.ID] = struct{}{} + + if err := container.Mount(); err != nil { + return err + } + defer container.Unmount() + + if !allowDecompression || isRemote { + decompress = false + } + if err := b.addContext(container, origPath, destPath, decompress); err != nil { + return err + } + + if err := b.commit(container.ID, cmd, fmt.Sprintf("%s %s in %s", cmdName, orig, dest)); err != nil { + return err + } + return nil +} diff --git a/components/engine/builder/evaluator/support.go b/components/engine/builder/evaluator/support.go new file mode 100644 index 0000000000..41f9c6a5ba --- /dev/null +++ b/components/engine/builder/evaluator/support.go @@ -0,0 +1,33 @@ +package evaluator + +import ( + "regexp" + "strings" +) + +var ( + TOKEN_ESCAPED_QUOTE = regexp.MustCompile(`\\"`) + TOKEN_ESCAPED_ESCAPE = regexp.MustCompile(`\\\\`) + TOKEN_ENV_INTERPOLATION = regexp.MustCompile("(\\\\\\\\+|[^\\\\]|\\b|\\A)\\$({?)([[:alnum:]_]+)(}?)") +) + +func stripQuotes(str string) string { + str = str[1 : len(str)-1] + str = TOKEN_ESCAPED_QUOTE.ReplaceAllString(str, `"`) + return TOKEN_ESCAPED_ESCAPE.ReplaceAllString(str, `\`) +} + +func replaceEnv(b *buildFile, str string) string { + for _, match := range TOKEN_ENV_INTERPOLATION.FindAllString(str, -1) { + match = match[strings.Index(match, "$"):] + matchKey := strings.Trim(match, "${}") + + for envKey, envValue := range b.env { + if matchKey == envKey { + str = strings.Replace(str, match, envValue, -1) + } + } + } + + return str +} diff --git a/components/engine/builder/parser/dumper/.gitignore b/components/engine/builder/parser/dumper/.gitignore new file mode 100644 index 0000000000..d80aecaec6 --- /dev/null +++ b/components/engine/builder/parser/dumper/.gitignore @@ -0,0 +1,2 @@ +dumper +Dockerfile diff --git a/components/engine/builder/parser/dumper/main.go b/components/engine/builder/parser/dumper/main.go new file mode 100644 index 0000000000..96c0db2d05 --- /dev/null +++ b/components/engine/builder/parser/dumper/main.go @@ -0,0 +1,32 @@ +package main + +import ( + "fmt" + "os" + + "github.com/erikh/buildfile/parser" +) + +func main() { + var f *os.File + var err error + + if len(os.Args) < 2 { + fmt.Println("please supply filename(s)") + os.Exit(1) + } + + for _, fn := range os.Args[1:] { + f, err = os.Open(fn) + if err != nil { + panic(err) + } + + ast, err := parser.Parse(f) + if err != nil { + panic(err) + } else { + fmt.Print(ast.Dump()) + } + } +} diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go new file mode 100644 index 0000000000..d9716698ec --- /dev/null +++ b/components/engine/builder/parser/line_parsers.go @@ -0,0 +1,99 @@ +package parser + +import ( + "encoding/json" + "strconv" + "strings" +) + +// ignore the current argument. This will still leave a command parsed, but +// will not incorporate the arguments into the ast. +func parseIgnore(rest string) (*Node, error) { + return blankNode(), nil +} + +func parseSubCommand(rest string) (*Node, error) { + _, child, err := parseLine(rest) + if err != nil { + return nil, err + } + + return &Node{Children: []*Node{child}}, nil +} + +// parse environment like statements. Note that this does *not* handle +// variable interpolation, which will be handled in the evaluator. +func parseEnv(rest string) (*Node, error) { + node := blankNode() + rootnode := node + strs := TOKEN_WHITESPACE.Split(rest, 2) + node.Value = QuoteString(strs[0]) + node.Next = blankNode() + node.Next.Value = QuoteString(strs[1]) + + return rootnode, nil + + return node, nil +} + +// parses a whitespace-delimited set of arguments. The result is effectively a +// linked list of string arguments. +func parseStringsWhitespaceDelimited(rest string) (*Node, error) { + node := blankNode() + rootnode := node + for _, str := range TOKEN_WHITESPACE.Split(rest, -1) { // use regexp + node.Value = QuoteString(str) + node.Next = blankNode() + node = node.Next + } + + return rootnode, nil +} + +// parsestring just wraps the string in quotes and returns a working node. +func parseString(rest string) (*Node, error) { + return &Node{QuoteString(rest), nil, nil}, nil +} + +// parseJSON converts JSON arrays to an AST. +func parseJSON(rest string) (*Node, error) { + var ( + myJson []interface{} + next = blankNode() + orignext = next + ) + + if err := json.Unmarshal([]byte(rest), &myJson); err != nil { + return nil, err + } + + for _, str := range myJson { + switch str.(type) { + case float64: + str = strconv.FormatFloat(str.(float64), 'G', -1, 64) + } + next.Value = QuoteString(str.(string)) + next.Next = blankNode() + next = next.Next + } + + return orignext, nil +} + +// parseMaybeJSON determines if the argument appears to be a JSON array. If +// so, passes to parseJSON; if not, quotes the result and returns a single +// node. +func parseMaybeJSON(rest string) (*Node, error) { + rest = strings.TrimSpace(rest) + + if strings.HasPrefix(rest, "[") { + node, err := parseJSON(rest) + if err == nil { + return node, nil + } + } + + node := blankNode() + node.Value = QuoteString(rest) + return node, nil +} diff --git a/components/engine/builder/parser/parser.go b/components/engine/builder/parser/parser.go new file mode 100644 index 0000000000..c2715d43c7 --- /dev/null +++ b/components/engine/builder/parser/parser.go @@ -0,0 +1,147 @@ +// This package implements a parser and parse tree dumper for Dockerfiles. +package parser + +import ( + "bufio" + "io" + "regexp" + "strings" +) + +// Node is the building block of the AST this package will create. +// +// Nodes are structured to have a value, next, and child, the latter two of +// which are Nodes themselves. +// +// This terminology is unfortunately rather confusing, so here's a diagram. +// Anything after the ; is a comment. +// +// ( +// (run "foo") ; value run, and next is a value foo. +// (run "1" "2" "3") ; +// (something (really cool)) +// ) +// +// Will give you something like this: +// +// &Node{ +// Value:"", +// Child: &Node{Value: "run", Next: &Node{Value: "foo"}, Child: nil}, +// Next: &Node{Value:"", Child: &Node{Value:"run", Next: &Node{Value:`"1"`.... +// +// ... and so on. +// +// The short and fast rule is that anything that starts with ( is a child of +// something. Anything which follows a previous statement is a next of +// something. +// +type Node struct { + Value string // actual content + Next *Node // the next item in the current sexp + Children []*Node // the children of this sexp +} + +var ( + dispatch map[string]func(string) (*Node, error) + TOKEN_WHITESPACE = regexp.MustCompile(`\s+`) + TOKEN_LINE_CONTINUATION = regexp.MustCompile(`\\$`) + TOKEN_COMMENT = regexp.MustCompile(`^#.*$`) +) + +func init() { + // Dispatch Table. see line_parsers.go for the parse functions. + // The command is parsed and mapped to the line parser. The line parser + // recieves the arguments but not the command, and returns an AST after + // reformulating the arguments according to the rules in the parser + // functions. Errors are propogated up by Parse() and the resulting AST can + // be incorporated directly into the existing AST as a next. + dispatch = map[string]func(string) (*Node, error){ + "user": parseString, + "onbuild": parseSubCommand, + "workdir": parseString, + "env": parseEnv, + "maintainer": parseString, + "docker-version": parseString, + "from": parseString, + "add": parseStringsWhitespaceDelimited, + "copy": parseStringsWhitespaceDelimited, + "run": parseMaybeJSON, + "cmd": parseMaybeJSON, + "entrypoint": parseMaybeJSON, + "expose": parseStringsWhitespaceDelimited, + "volume": parseMaybeJSON, + } +} + +// empty node. Useful for managing structure. +func blankNode() *Node { + return &Node{"", nil, []*Node{}} +} + +func parseLine(line string) (string, *Node, error) { + if line = stripComments(line); line == "" { + return "", nil, nil + } + + if TOKEN_LINE_CONTINUATION.MatchString(line) { + line = TOKEN_LINE_CONTINUATION.ReplaceAllString(line, "") + return line, nil, nil + } + + cmd, args := splitCommand(line) + + node := blankNode() + node.Value = cmd + + sexp, err := fullDispatch(cmd, args) + if err != nil { + return "", nil, err + } + + node.Next = sexp + + return "", node, nil +} + +// The main parse routine. Handles an io.ReadWriteCloser and returns the root +// of the AST. +func Parse(rwc io.Reader) (*Node, error) { + var child *Node + var line string + var err error + root := blankNode() + scanner := bufio.NewScanner(rwc) + + for scanner.Scan() { + line, child, err = parseLine(strings.TrimSpace(scanner.Text())) + if err != nil { + return nil, err + } + + if line != "" && child == nil { + for { + scanner.Scan() + newline := strings.TrimSpace(scanner.Text()) + + if newline == "" { + continue + } + + line, child, err = parseLine(line + newline) + if err != nil { + return nil, err + } + + if child != nil { + break + } + } + } + + if child != nil { + root.Children = append(root.Children, child) + } + } + + return root, nil +} diff --git a/components/engine/builder/parser/parser_test.go b/components/engine/builder/parser/parser_test.go new file mode 100644 index 0000000000..1482a011fe --- /dev/null +++ b/components/engine/builder/parser/parser_test.go @@ -0,0 +1,56 @@ +package parser + +import ( + "io/ioutil" + "os" + "path/filepath" + "testing" +) + +const testDir = "testfiles" + +func TestTestData(t *testing.T) { + f, err := os.Open(testDir) + if err != nil { + t.Fatal(err) + } + + defer f.Close() + + dirs, err := f.Readdir(0) + if err != nil { + t.Fatal(err) + } + + for _, dir := range dirs { + dockerfile := filepath.Join(testDir, dir.Name(), "Dockerfile") + resultfile := filepath.Join(testDir, dir.Name(), "result") + + df, err := os.Open(dockerfile) + if err != nil { + t.Fatalf("Dockerfile missing for %s: %s", dir.Name(), err.Error()) + } + + rf, err := os.Open(resultfile) + if err != nil { + t.Fatalf("Result file missing for %s: %s", dir.Name(), err.Error()) + } + + ast, err := Parse(df) + if err != nil { + t.Fatalf("Error parsing %s's dockerfile: %s", dir.Name(), err.Error()) + } + + content, err := ioutil.ReadAll(rf) + if err != nil { + t.Fatalf("Error reading %s's result file: %s", dir.Name(), err.Error()) + } + + if ast.Dump() != string(content) { + t.Fatalf("%s: AST dump of dockerfile does not match result", dir.Name()) + } + + df.Close() + rf.Close() + } +} diff --git a/components/engine/builder/parser/testfiles/brimstone-consuldock/Dockerfile b/components/engine/builder/parser/testfiles/brimstone-consuldock/Dockerfile new file mode 100644 index 0000000000..5c75a2e0ca --- /dev/null +++ b/components/engine/builder/parser/testfiles/brimstone-consuldock/Dockerfile @@ -0,0 +1,25 @@ +FROM brimstone/ubuntu:14.04 + +MAINTAINER brimstone@the.narro.ws + +# TORUN -v /var/run/docker.sock:/var/run/docker.sock + +ENV GOPATH /go + +# Set our command +ENTRYPOINT ["/usr/local/bin/consuldock"] + +# Install the packages we need, clean up after them and us +RUN apt-get update \ + && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean \ + && apt-get install -y --no-install-recommends git golang ca-certificates \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists \ + + && go get -v github.com/brimstone/consuldock \ + && mv $GOPATH/bin/consuldock /usr/local/bin/consuldock \ + + && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \ + && apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \ + && rm /tmp/dpkg.* \ + && rm -rf $GOPATH diff --git a/components/engine/builder/parser/testfiles/brimstone-consuldock/result b/components/engine/builder/parser/testfiles/brimstone-consuldock/result new file mode 100644 index 0000000000..b6ef4f817b --- /dev/null +++ b/components/engine/builder/parser/testfiles/brimstone-consuldock/result @@ -0,0 +1,5 @@ +(from "brimstone/ubuntu:14.04") +(maintainer "brimstone@the.narro.ws") +(env "GOPATH" "/go") +(entrypoint "/usr/local/bin/consuldock") +(run "apt-get update && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean && apt-get install -y --no-install-recommends git golang ca-certificates && apt-get clean && rm -rf /var/lib/apt/lists && go get -v github.com/brimstone/consuldock && mv $GOPATH/bin/consuldock /usr/local/bin/consuldock && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty && apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') && rm /tmp/dpkg.* && rm -rf $GOPATH") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/brimstone-docker-consul/Dockerfile b/components/engine/builder/parser/testfiles/brimstone-docker-consul/Dockerfile new file mode 100644 index 0000000000..25ae352166 --- /dev/null +++ b/components/engine/builder/parser/testfiles/brimstone-docker-consul/Dockerfile @@ -0,0 +1,52 @@ +FROM brimstone/ubuntu:14.04 + +CMD [] + +ENTRYPOINT ["/usr/bin/consul", "agent", "-server", "-data-dir=/consul", "-client=0.0.0.0", "-ui-dir=/webui"] + +EXPOSE 8500 8600 8400 8301 8302 + +RUN apt-get update \ + && apt-get install -y unzip wget \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists + +RUN cd /tmp \ + && wget https://dl.bintray.com/mitchellh/consul/0.3.1_web_ui.zip \ + -O web_ui.zip \ + && unzip web_ui.zip \ + && mv dist /webui \ + && rm web_ui.zip + +RUN apt-get update \ + && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean \ + && apt-get install -y --no-install-recommends unzip wget \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists \ + + && cd /tmp \ + && wget https://dl.bintray.com/mitchellh/consul/0.3.1_web_ui.zip \ + -O web_ui.zip \ + && unzip web_ui.zip \ + && mv dist /webui \ + && rm web_ui.zip \ + + && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \ + && apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \ + && rm /tmp/dpkg.* + +ENV GOPATH /go + +RUN apt-get update \ + && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean \ + && apt-get install -y --no-install-recommends git golang ca-certificates build-essential \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists \ + + && go get -v github.com/hashicorp/consul \ + && mv $GOPATH/bin/consul /usr/bin/consul \ + + && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty \ + && apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') \ + && rm /tmp/dpkg.* \ + && rm -rf $GOPATH diff --git a/components/engine/builder/parser/testfiles/brimstone-docker-consul/result b/components/engine/builder/parser/testfiles/brimstone-docker-consul/result new file mode 100644 index 0000000000..739dc6423f --- /dev/null +++ b/components/engine/builder/parser/testfiles/brimstone-docker-consul/result @@ -0,0 +1,9 @@ +(from "brimstone/ubuntu:14.04") +(cmd) +(entrypoint "/usr/bin/consul" "agent" "-server" "-data-dir=/consul" "-client=0.0.0.0" "-ui-dir=/webui") +(expose "8500" "8600" "8400" "8301" "8302") +(run "apt-get update && apt-get install -y unzip wget && apt-get clean && rm -rf /var/lib/apt/lists") +(run "cd /tmp && wget https://dl.bintray.com/mitchellh/consul/0.3.1_web_ui.zip -O web_ui.zip && unzip web_ui.zip && mv dist /webui && rm web_ui.zip") +(run "apt-get update && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean && apt-get install -y --no-install-recommends unzip wget && apt-get clean && rm -rf /var/lib/apt/lists && cd /tmp && wget https://dl.bintray.com/mitchellh/consul/0.3.1_web_ui.zip -O web_ui.zip && unzip web_ui.zip && mv dist /webui && rm web_ui.zip && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty && apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') && rm /tmp/dpkg.*") +(env "GOPATH" "/go") +(run "apt-get update && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.clean && apt-get install -y --no-install-recommends git golang ca-certificates build-essential && apt-get clean && rm -rf /var/lib/apt/lists && go get -v github.com/hashicorp/consul && mv $GOPATH/bin/consul /usr/bin/consul && dpkg -l | awk '/^ii/ {print $2}' > /tmp/dpkg.dirty && apt-get remove --purge -y $(diff /tmp/dpkg.clean /tmp/dpkg.dirty | awk '/^>/ {print $2}') && rm /tmp/dpkg.* && rm -rf $GOPATH") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/cpuguy83-nagios/Dockerfile b/components/engine/builder/parser/testfiles/cpuguy83-nagios/Dockerfile new file mode 100644 index 0000000000..8ccb71a578 --- /dev/null +++ b/components/engine/builder/parser/testfiles/cpuguy83-nagios/Dockerfile @@ -0,0 +1,54 @@ +FROM cpuguy83/ubuntu +ENV NAGIOS_HOME /opt/nagios +ENV NAGIOS_USER nagios +ENV NAGIOS_GROUP nagios +ENV NAGIOS_CMDUSER nagios +ENV NAGIOS_CMDGROUP nagios +ENV NAGIOSADMIN_USER nagiosadmin +ENV NAGIOSADMIN_PASS nagios +ENV APACHE_RUN_USER nagios +ENV APACHE_RUN_GROUP nagios +ENV NAGIOS_TIMEZONE UTC + +RUN sed -i 's/universe/universe multiverse/' /etc/apt/sources.list +RUN apt-get update && apt-get install -y iputils-ping netcat build-essential snmp snmpd snmp-mibs-downloader php5-cli apache2 libapache2-mod-php5 runit bc postfix bsd-mailx +RUN ( egrep -i "^${NAGIOS_GROUP}" /etc/group || groupadd $NAGIOS_GROUP ) && ( egrep -i "^${NAGIOS_CMDGROUP}" /etc/group || groupadd $NAGIOS_CMDGROUP ) +RUN ( id -u $NAGIOS_USER || useradd --system $NAGIOS_USER -g $NAGIOS_GROUP -d $NAGIOS_HOME ) && ( id -u $NAGIOS_CMDUSER || useradd --system -d $NAGIOS_HOME -g $NAGIOS_CMDGROUP $NAGIOS_CMDUSER ) + +ADD http://downloads.sourceforge.net/project/nagios/nagios-3.x/nagios-3.5.1/nagios-3.5.1.tar.gz?r=http%3A%2F%2Fwww.nagios.org%2Fdownload%2Fcore%2Fthanks%2F%3Ft%3D1398863696&ts=1398863718&use_mirror=superb-dca3 /tmp/nagios.tar.gz +RUN cd /tmp && tar -zxvf nagios.tar.gz && cd nagios && ./configure --prefix=${NAGIOS_HOME} --exec-prefix=${NAGIOS_HOME} --enable-event-broker --with-nagios-command-user=${NAGIOS_CMDUSER} --with-command-group=${NAGIOS_CMDGROUP} --with-nagios-user=${NAGIOS_USER} --with-nagios-group=${NAGIOS_GROUP} && make all && make install && make install-config && make install-commandmode && cp sample-config/httpd.conf /etc/apache2/conf.d/nagios.conf +ADD http://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz /tmp/ +RUN cd /tmp && tar -zxvf nagios-plugins-1.5.tar.gz && cd nagios-plugins-1.5 && ./configure --prefix=${NAGIOS_HOME} && make && make install + +RUN sed -i.bak 's/.*\=www\-data//g' /etc/apache2/envvars +RUN export DOC_ROOT="DocumentRoot $(echo $NAGIOS_HOME/share)"; sed -i "s,DocumentRoot.*,$DOC_ROOT," /etc/apache2/sites-enabled/000-default + +RUN ln -s ${NAGIOS_HOME}/bin/nagios /usr/local/bin/nagios && mkdir -p /usr/share/snmp/mibs && chmod 0755 /usr/share/snmp/mibs && touch /usr/share/snmp/mibs/.foo + +RUN echo "use_timezone=$NAGIOS_TIMEZONE" >> ${NAGIOS_HOME}/etc/nagios.cfg && echo "SetEnv TZ \"${NAGIOS_TIMEZONE}\"" >> /etc/apache2/conf.d/nagios.conf + +RUN mkdir -p ${NAGIOS_HOME}/etc/conf.d && mkdir -p ${NAGIOS_HOME}/etc/monitor && ln -s /usr/share/snmp/mibs ${NAGIOS_HOME}/libexec/mibs +RUN echo "cfg_dir=${NAGIOS_HOME}/etc/conf.d" >> ${NAGIOS_HOME}/etc/nagios.cfg +RUN echo "cfg_dir=${NAGIOS_HOME}/etc/monitor" >> ${NAGIOS_HOME}/etc/nagios.cfg +RUN download-mibs && echo "mibs +ALL" > /etc/snmp/snmp.conf + +RUN sed -i 's,/bin/mail,/usr/bin/mail,' /opt/nagios/etc/objects/commands.cfg && \ + sed -i 's,/usr/usr,/usr,' /opt/nagios/etc/objects/commands.cfg +RUN cp /etc/services /var/spool/postfix/etc/ + +RUN mkdir -p /etc/sv/nagios && mkdir -p /etc/sv/apache && rm -rf /etc/sv/getty-5 && mkdir -p /etc/sv/postfix +ADD nagios.init /etc/sv/nagios/run +ADD apache.init /etc/sv/apache/run +ADD postfix.init /etc/sv/postfix/run +ADD postfix.stop /etc/sv/postfix/finish + +ADD start.sh /usr/local/bin/start_nagios + +ENV APACHE_LOCK_DIR /var/run +ENV APACHE_LOG_DIR /var/log/apache2 + +EXPOSE 80 + +VOLUME ["/opt/nagios/var", "/opt/nagios/etc", "/opt/nagios/libexec", "/var/log/apache2", "/usr/share/snmp/mibs"] + +CMD ["/usr/local/bin/start_nagios"] diff --git a/components/engine/builder/parser/testfiles/cpuguy83-nagios/result b/components/engine/builder/parser/testfiles/cpuguy83-nagios/result new file mode 100644 index 0000000000..b95e96b153 --- /dev/null +++ b/components/engine/builder/parser/testfiles/cpuguy83-nagios/result @@ -0,0 +1,40 @@ +(from "cpuguy83/ubuntu") +(env "NAGIOS_HOME" "/opt/nagios") +(env "NAGIOS_USER" "nagios") +(env "NAGIOS_GROUP" "nagios") +(env "NAGIOS_CMDUSER" "nagios") +(env "NAGIOS_CMDGROUP" "nagios") +(env "NAGIOSADMIN_USER" "nagiosadmin") +(env "NAGIOSADMIN_PASS" "nagios") +(env "APACHE_RUN_USER" "nagios") +(env "APACHE_RUN_GROUP" "nagios") +(env "NAGIOS_TIMEZONE" "UTC") +(run "sed -i 's/universe/universe multiverse/' /etc/apt/sources.list") +(run "apt-get update && apt-get install -y iputils-ping netcat build-essential snmp snmpd snmp-mibs-downloader php5-cli apache2 libapache2-mod-php5 runit bc postfix bsd-mailx") +(run "( egrep -i \"^${NAGIOS_GROUP}\" /etc/group || groupadd $NAGIOS_GROUP ) && ( egrep -i \"^${NAGIOS_CMDGROUP}\" /etc/group || groupadd $NAGIOS_CMDGROUP )") +(run "( id -u $NAGIOS_USER || useradd --system $NAGIOS_USER -g $NAGIOS_GROUP -d $NAGIOS_HOME ) && ( id -u $NAGIOS_CMDUSER || useradd --system -d $NAGIOS_HOME -g $NAGIOS_CMDGROUP $NAGIOS_CMDUSER )") +(add "http://downloads.sourceforge.net/project/nagios/nagios-3.x/nagios-3.5.1/nagios-3.5.1.tar.gz?r=http%3A%2F%2Fwww.nagios.org%2Fdownload%2Fcore%2Fthanks%2F%3Ft%3D1398863696&ts=1398863718&use_mirror=superb-dca3" "/tmp/nagios.tar.gz") +(run "cd /tmp && tar -zxvf nagios.tar.gz && cd nagios && ./configure --prefix=${NAGIOS_HOME} --exec-prefix=${NAGIOS_HOME} --enable-event-broker --with-nagios-command-user=${NAGIOS_CMDUSER} --with-command-group=${NAGIOS_CMDGROUP} --with-nagios-user=${NAGIOS_USER} --with-nagios-group=${NAGIOS_GROUP} && make all && make install && make install-config && make install-commandmode && cp sample-config/httpd.conf /etc/apache2/conf.d/nagios.conf") +(add "http://www.nagios-plugins.org/download/nagios-plugins-1.5.tar.gz" "/tmp/") +(run "cd /tmp && tar -zxvf nagios-plugins-1.5.tar.gz && cd nagios-plugins-1.5 && ./configure --prefix=${NAGIOS_HOME} && make && make install") +(run "sed -i.bak 's/.*\\=www\\-data//g' /etc/apache2/envvars") +(run "export DOC_ROOT=\"DocumentRoot $(echo $NAGIOS_HOME/share)\"; sed -i \"s,DocumentRoot.*,$DOC_ROOT,\" /etc/apache2/sites-enabled/000-default") +(run "ln -s ${NAGIOS_HOME}/bin/nagios /usr/local/bin/nagios && mkdir -p /usr/share/snmp/mibs && chmod 0755 /usr/share/snmp/mibs && touch /usr/share/snmp/mibs/.foo") +(run "echo \"use_timezone=$NAGIOS_TIMEZONE\" >> ${NAGIOS_HOME}/etc/nagios.cfg && echo \"SetEnv TZ \\\"${NAGIOS_TIMEZONE}\\\"\" >> /etc/apache2/conf.d/nagios.conf") +(run "mkdir -p ${NAGIOS_HOME}/etc/conf.d && mkdir -p ${NAGIOS_HOME}/etc/monitor && ln -s /usr/share/snmp/mibs ${NAGIOS_HOME}/libexec/mibs") +(run "echo \"cfg_dir=${NAGIOS_HOME}/etc/conf.d\" >> ${NAGIOS_HOME}/etc/nagios.cfg") +(run "echo \"cfg_dir=${NAGIOS_HOME}/etc/monitor\" >> ${NAGIOS_HOME}/etc/nagios.cfg") +(run "download-mibs && echo \"mibs +ALL\" > /etc/snmp/snmp.conf") +(run "sed -i 's,/bin/mail,/usr/bin/mail,' /opt/nagios/etc/objects/commands.cfg && sed -i 's,/usr/usr,/usr,' /opt/nagios/etc/objects/commands.cfg") +(run "cp /etc/services /var/spool/postfix/etc/") +(run "mkdir -p /etc/sv/nagios && mkdir -p /etc/sv/apache && rm -rf /etc/sv/getty-5 && mkdir -p /etc/sv/postfix") +(add "nagios.init" "/etc/sv/nagios/run") +(add "apache.init" "/etc/sv/apache/run") +(add "postfix.init" "/etc/sv/postfix/run") +(add "postfix.stop" "/etc/sv/postfix/finish") +(add "start.sh" "/usr/local/bin/start_nagios") +(env "APACHE_LOCK_DIR" "/var/run") +(env "APACHE_LOG_DIR" "/var/log/apache2") +(expose "80") +(volume "/opt/nagios/var" "/opt/nagios/etc" "/opt/nagios/libexec" "/var/log/apache2" "/usr/share/snmp/mibs") +(cmd "/usr/local/bin/start_nagios") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/docker/Dockerfile b/components/engine/builder/parser/testfiles/docker/Dockerfile new file mode 100644 index 0000000000..68f8f0b78b --- /dev/null +++ b/components/engine/builder/parser/testfiles/docker/Dockerfile @@ -0,0 +1,105 @@ +# This file describes the standard way to build Docker, using docker +# +# Usage: +# +# # Assemble the full dev environment. This is slow the first time. +# docker build -t docker . +# +# # Mount your source in an interactive container for quick testing: +# docker run -v `pwd`:/go/src/github.com/docker/docker --privileged -i -t docker bash +# +# # Run the test suite: +# docker run --privileged docker hack/make.sh test +# +# # Publish a release: +# docker run --privileged \ +# -e AWS_S3_BUCKET=baz \ +# -e AWS_ACCESS_KEY=foo \ +# -e AWS_SECRET_KEY=bar \ +# -e GPG_PASSPHRASE=gloubiboulga \ +# docker hack/release.sh +# +# Note: Apparmor used to mess with privileged mode, but this is no longer +# the case. Therefore, you don't have to disable it anymore. +# + +docker-version 0.6.1 +FROM ubuntu:14.04 +MAINTAINER Tianon Gravi (@tianon) + +# Packaged dependencies +RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -yq \ + apt-utils \ + aufs-tools \ + automake \ + btrfs-tools \ + build-essential \ + curl \ + dpkg-sig \ + git \ + iptables \ + libapparmor-dev \ + libcap-dev \ + libsqlite3-dev \ + lxc=1.0* \ + mercurial \ + pandoc \ + parallel \ + reprepro \ + ruby1.9.1 \ + ruby1.9.1-dev \ + s3cmd=1.1.0* \ + --no-install-recommends + +# Get lvm2 source for compiling statically +RUN git clone --no-checkout https://git.fedorahosted.org/git/lvm2.git /usr/local/lvm2 && cd /usr/local/lvm2 && git checkout -q v2_02_103 +# see https://git.fedorahosted.org/cgit/lvm2.git/refs/tags for release tags +# note: we don't use "git clone -b" above because it then spews big nasty warnings about 'detached HEAD' state that we can't silence as easily as we can silence them using "git checkout" directly + +# Compile and install lvm2 +RUN cd /usr/local/lvm2 && ./configure --enable-static_link && make device-mapper && make install_device-mapper +# see https://git.fedorahosted.org/cgit/lvm2.git/tree/INSTALL + +# Install Go +RUN curl -sSL https://golang.org/dl/go1.3.src.tar.gz | tar -v -C /usr/local -xz +ENV PATH /usr/local/go/bin:$PATH +ENV GOPATH /go:/go/src/github.com/docker/docker/vendor +RUN cd /usr/local/go/src && ./make.bash --no-clean 2>&1 + +# Compile Go for cross compilation +ENV DOCKER_CROSSPLATFORMS \ + linux/386 linux/arm \ + darwin/amd64 darwin/386 \ + freebsd/amd64 freebsd/386 freebsd/arm +# (set an explicit GOARM of 5 for maximum compatibility) +ENV GOARM 5 +RUN cd /usr/local/go/src && bash -xc 'for platform in $DOCKER_CROSSPLATFORMS; do GOOS=${platform%/*} GOARCH=${platform##*/} ./make.bash --no-clean 2>&1; done' + +# Grab Go's cover tool for dead-simple code coverage testing +RUN go get code.google.com/p/go.tools/cmd/cover + +# TODO replace FPM with some very minimal debhelper stuff +RUN gem install --no-rdoc --no-ri fpm --version 1.0.2 + +# Get the "busybox" image source so we can build locally instead of pulling +RUN git clone -b buildroot-2014.02 https://github.com/jpetazzo/docker-busybox.git /docker-busybox + +# Setup s3cmd config +RUN /bin/echo -e '[default]\naccess_key=$AWS_ACCESS_KEY\nsecret_key=$AWS_SECRET_KEY' > /.s3cfg + +# Set user.email so crosbymichael's in-container merge commits go smoothly +RUN git config --global user.email 'docker-dummy@example.com' + +# Add an unprivileged user to be used for tests which need it +RUN groupadd -r docker +RUN useradd --create-home --gid docker unprivilegeduser + +VOLUME /var/lib/docker +WORKDIR /go/src/github.com/docker/docker +ENV DOCKER_BUILDTAGS apparmor selinux + +# Wrap all commands in the "docker-in-docker" script to allow nested containers +ENTRYPOINT ["hack/dind"] + +# Upload docker source +COPY . /go/src/github.com/docker/docker diff --git a/components/engine/builder/parser/testfiles/docker/result b/components/engine/builder/parser/testfiles/docker/result new file mode 100644 index 0000000000..a7960244b3 --- /dev/null +++ b/components/engine/builder/parser/testfiles/docker/result @@ -0,0 +1,25 @@ +(docker-version "0.6.1") +(from "ubuntu:14.04") +(maintainer "Tianon Gravi (@tianon)") +(run "apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -yq apt-utils aufs-tools automake btrfs-tools build-essential curl dpkg-sig git iptables libapparmor-dev libcap-dev libsqlite3-dev lxc=1.0* mercurial pandoc parallel reprepro ruby1.9.1 ruby1.9.1-dev s3cmd=1.1.0* --no-install-recommends") +(run "git clone --no-checkout https://git.fedorahosted.org/git/lvm2.git /usr/local/lvm2 && cd /usr/local/lvm2 && git checkout -q v2_02_103") +(run "cd /usr/local/lvm2 && ./configure --enable-static_link && make device-mapper && make install_device-mapper") +(run "curl -sSL https://golang.org/dl/go1.3.src.tar.gz | tar -v -C /usr/local -xz") +(env "PATH" "/usr/local/go/bin:$PATH") +(env "GOPATH" "/go:/go/src/github.com/docker/docker/vendor") +(run "cd /usr/local/go/src && ./make.bash --no-clean 2>&1") +(env "DOCKER_CROSSPLATFORMS" "linux/386 linux/arm darwin/amd64 darwin/386 freebsd/amd64 freebsd/386 freebsd/arm") +(env "GOARM" "5") +(run "cd /usr/local/go/src && bash -xc 'for platform in $DOCKER_CROSSPLATFORMS; do GOOS=${platform%/*} GOARCH=${platform##*/} ./make.bash --no-clean 2>&1; done'") +(run "go get code.google.com/p/go.tools/cmd/cover") +(run "gem install --no-rdoc --no-ri fpm --version 1.0.2") +(run "git clone -b buildroot-2014.02 https://github.com/jpetazzo/docker-busybox.git /docker-busybox") +(run "/bin/echo -e '[default]\\naccess_key=$AWS_ACCESS_KEY\\nsecret_key=$AWS_SECRET_KEY' > /.s3cfg") +(run "git config --global user.email 'docker-dummy@example.com'") +(run "groupadd -r docker") +(run "useradd --create-home --gid docker unprivilegeduser") +(volume "/var/lib/docker") +(workdir "/go/src/github.com/docker/docker") +(env "DOCKER_BUILDTAGS" "apparmor selinux") +(entrypoint "hack/dind") +(copy "." "/go/src/github.com/docker/docker") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/escapes/Dockerfile b/components/engine/builder/parser/testfiles/escapes/Dockerfile new file mode 100644 index 0000000000..87a8e028a2 --- /dev/null +++ b/components/engine/builder/parser/testfiles/escapes/Dockerfile @@ -0,0 +1,8 @@ +FROM ubuntu:14.04 +MAINTAINER Erik \\Hollensbe \" + +RUN apt-get \update && \ + apt-get \"install znc -y +ADD \conf\\" /.znc + +CMD [ "\/usr\\\"/bin/znc", "-f", "-r" ] diff --git a/components/engine/builder/parser/testfiles/escapes/result b/components/engine/builder/parser/testfiles/escapes/result new file mode 100644 index 0000000000..724c399c21 --- /dev/null +++ b/components/engine/builder/parser/testfiles/escapes/result @@ -0,0 +1,5 @@ +(from "ubuntu:14.04") +(maintainer "Erik \\\\Hollensbe \\\"") +(run "apt-get \\update && apt-get \\\"install znc -y") +(add "\\conf\\\\\"" "/.znc") +(cmd "/usr\\\"/bin/znc" "-f" "-r") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/influxdb/Dockerfile b/components/engine/builder/parser/testfiles/influxdb/Dockerfile new file mode 100644 index 0000000000..587fb9b54b --- /dev/null +++ b/components/engine/builder/parser/testfiles/influxdb/Dockerfile @@ -0,0 +1,15 @@ +FROM ubuntu:14.04 + +RUN apt-get update && apt-get install wget -y +RUN wget http://s3.amazonaws.com/influxdb/influxdb_latest_amd64.deb +RUN dpkg -i influxdb_latest_amd64.deb +RUN rm -r /opt/influxdb/shared + +VOLUME /opt/influxdb/shared + +CMD /usr/bin/influxdb --pidfile /var/run/influxdb.pid -config /opt/influxdb/shared/config.toml + +EXPOSE 8083 +EXPOSE 8086 +EXPOSE 8090 +EXPOSE 8099 diff --git a/components/engine/builder/parser/testfiles/influxdb/result b/components/engine/builder/parser/testfiles/influxdb/result new file mode 100644 index 0000000000..f0d45a4e27 --- /dev/null +++ b/components/engine/builder/parser/testfiles/influxdb/result @@ -0,0 +1,11 @@ +(from "ubuntu:14.04") +(run "apt-get update && apt-get install wget -y") +(run "wget http://s3.amazonaws.com/influxdb/influxdb_latest_amd64.deb") +(run "dpkg -i influxdb_latest_amd64.deb") +(run "rm -r /opt/influxdb/shared") +(volume "/opt/influxdb/shared") +(cmd "/usr/bin/influxdb --pidfile /var/run/influxdb.pid -config /opt/influxdb/shared/config.toml") +(expose "8083") +(expose "8086") +(expose "8090") +(expose "8099") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/kartar-entrypoint-oddities/Dockerfile b/components/engine/builder/parser/testfiles/kartar-entrypoint-oddities/Dockerfile new file mode 100644 index 0000000000..35f9c24aa6 --- /dev/null +++ b/components/engine/builder/parser/testfiles/kartar-entrypoint-oddities/Dockerfile @@ -0,0 +1,7 @@ +FROM ubuntu:14.04 +MAINTAINER James Turnbull "james@example.com" +ENV REFRESHED_AT 2014-06-01 +RUN apt-get update +RUN apt-get -y install redis-server redis-tools +EXPOSE 6379 +ENTRYPOINT [ "/usr/bin/redis-server" ] diff --git a/components/engine/builder/parser/testfiles/kartar-entrypoint-oddities/result b/components/engine/builder/parser/testfiles/kartar-entrypoint-oddities/result new file mode 100644 index 0000000000..375257a49e --- /dev/null +++ b/components/engine/builder/parser/testfiles/kartar-entrypoint-oddities/result @@ -0,0 +1,7 @@ +(from "ubuntu:14.04") +(maintainer "James Turnbull \"james@example.com\"") +(env "REFRESHED_AT" "2014-06-01") +(run "apt-get update") +(run "apt-get -y install redis-server redis-tools") +(expose "6379") +(entrypoint "/usr/bin/redis-server") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/lk4d4-the-edge-case-generator/Dockerfile b/components/engine/builder/parser/testfiles/lk4d4-the-edge-case-generator/Dockerfile new file mode 100644 index 0000000000..188395fe83 --- /dev/null +++ b/components/engine/builder/parser/testfiles/lk4d4-the-edge-case-generator/Dockerfile @@ -0,0 +1,48 @@ +FROM busybox:buildroot-2014.02 + +MAINTAINER docker + +ONBUILD RUN ["echo", "test"] +ONBUILD RUN echo test +ONBUILD COPY . / + + +# RUN Commands \ +# linebreak in comment \ +RUN ["ls", "-la"] +RUN ["echo", "'1234'"] +RUN echo "1234" +RUN echo 1234 +RUN echo '1234' && \ + echo "456" && \ + echo 789 +RUN sh -c 'echo root:testpass \ + > /tmp/passwd' +RUN mkdir -p /test /test2 /test3/test + +# ENV \ +ENV SCUBA 1 DUBA 3 +ENV SCUBA "1 DUBA 3" + +# CMD \ +CMD ["echo", "test"] +CMD echo test +CMD echo "test" +CMD echo 'test' +CMD echo 'test' | wc - + +#EXPOSE\ +EXPOSE 3000 +EXPOSE 9000 5000 6000 + +USER docker +USER docker:root + +VOLUME ["/test"] +VOLUME ["/test", "/test2"] +VOLUME /test3 + +WORKDIR /test + +ADD . / +COPY . copy diff --git a/components/engine/builder/parser/testfiles/lk4d4-the-edge-case-generator/result b/components/engine/builder/parser/testfiles/lk4d4-the-edge-case-generator/result new file mode 100644 index 0000000000..920ed544b5 --- /dev/null +++ b/components/engine/builder/parser/testfiles/lk4d4-the-edge-case-generator/result @@ -0,0 +1,29 @@ +(from "busybox:buildroot-2014.02") +(maintainer "docker ") +(onbuild (run "echo" "test")) +(onbuild (run "echo test")) +(onbuild (copy "." "/")) +(run "ls" "-la") +(run "echo" "'1234'") +(run "echo \"1234\"") +(run "echo 1234") +(run "echo '1234' && echo \"456\" && echo 789") +(run "sh -c 'echo root:testpass > /tmp/passwd'") +(run "mkdir -p /test /test2 /test3/test") +(env "SCUBA" "1 DUBA 3") +(env "SCUBA" "\"1 DUBA 3\"") +(cmd "echo" "test") +(cmd "echo test") +(cmd "echo \"test\"") +(cmd "echo 'test'") +(cmd "echo 'test' | wc -") +(expose "3000") +(expose "9000" "5000" "6000") +(user "docker") +(user "docker:root") +(volume "/test") +(volume "/test" "/test2") +(volume "/test3") +(workdir "/test") +(add "." "/") +(copy "." "copy") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/mail/Dockerfile b/components/engine/builder/parser/testfiles/mail/Dockerfile new file mode 100644 index 0000000000..f64c1168c1 --- /dev/null +++ b/components/engine/builder/parser/testfiles/mail/Dockerfile @@ -0,0 +1,16 @@ +FROM ubuntu:14.04 + +RUN apt-get update -qy && apt-get install mutt offlineimap vim-nox abook elinks curl tmux cron zsh -y +ADD .muttrc / +ADD .offlineimaprc / +ADD .tmux.conf / +ADD mutt /.mutt +ADD vim /.vim +ADD vimrc /.vimrc +ADD crontab /etc/crontab +RUN chmod 644 /etc/crontab +RUN mkdir /Mail +RUN mkdir /.offlineimap +RUN echo "export TERM=screen-256color" >/.zshenv + +CMD setsid cron; tmux -2 diff --git a/components/engine/builder/parser/testfiles/mail/result b/components/engine/builder/parser/testfiles/mail/result new file mode 100644 index 0000000000..2d9c30db9c --- /dev/null +++ b/components/engine/builder/parser/testfiles/mail/result @@ -0,0 +1,14 @@ +(from "ubuntu:14.04") +(run "apt-get update -qy && apt-get install mutt offlineimap vim-nox abook elinks curl tmux cron zsh -y") +(add ".muttrc" "/") +(add ".offlineimaprc" "/") +(add ".tmux.conf" "/") +(add "mutt" "/.mutt") +(add "vim" "/.vim") +(add "vimrc" "/.vimrc") +(add "crontab" "/etc/crontab") +(run "chmod 644 /etc/crontab") +(run "mkdir /Mail") +(run "mkdir /.offlineimap") +(run "echo \"export TERM=screen-256color\" >/.zshenv") +(cmd "setsid cron; tmux -2") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/mumble/Dockerfile b/components/engine/builder/parser/testfiles/mumble/Dockerfile new file mode 100644 index 0000000000..5b9ec06a6c --- /dev/null +++ b/components/engine/builder/parser/testfiles/mumble/Dockerfile @@ -0,0 +1,7 @@ +FROM ubuntu:14.04 + +RUN apt-get update && apt-get install libcap2-bin mumble-server -y + +ADD ./mumble-server.ini /etc/mumble-server.ini + +CMD /usr/sbin/murmurd diff --git a/components/engine/builder/parser/testfiles/mumble/result b/components/engine/builder/parser/testfiles/mumble/result new file mode 100644 index 0000000000..123e893dc5 --- /dev/null +++ b/components/engine/builder/parser/testfiles/mumble/result @@ -0,0 +1,4 @@ +(from "ubuntu:14.04") +(run "apt-get update && apt-get install libcap2-bin mumble-server -y") +(add "./mumble-server.ini" "/etc/mumble-server.ini") +(cmd "/usr/sbin/murmurd") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/nginx/Dockerfile b/components/engine/builder/parser/testfiles/nginx/Dockerfile new file mode 100644 index 0000000000..bf8368e1ca --- /dev/null +++ b/components/engine/builder/parser/testfiles/nginx/Dockerfile @@ -0,0 +1,14 @@ +FROM ubuntu:14.04 +MAINTAINER Erik Hollensbe + +RUN apt-get update && apt-get install nginx-full -y +RUN rm -rf /etc/nginx +ADD etc /etc/nginx +RUN chown -R root:root /etc/nginx +RUN /usr/sbin/nginx -qt +RUN mkdir /www + +CMD ["/usr/sbin/nginx"] + +VOLUME /www +EXPOSE 80 diff --git a/components/engine/builder/parser/testfiles/nginx/result b/components/engine/builder/parser/testfiles/nginx/result new file mode 100644 index 0000000000..5ac8c77c2f --- /dev/null +++ b/components/engine/builder/parser/testfiles/nginx/result @@ -0,0 +1,11 @@ +(from "ubuntu:14.04") +(maintainer "Erik Hollensbe ") +(run "apt-get update && apt-get install nginx-full -y") +(run "rm -rf /etc/nginx") +(add "etc" "/etc/nginx") +(run "chown -R root:root /etc/nginx") +(run "/usr/sbin/nginx -qt") +(run "mkdir /www") +(cmd "/usr/sbin/nginx") +(volume "/www") +(expose "80") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/tf2/Dockerfile b/components/engine/builder/parser/testfiles/tf2/Dockerfile new file mode 100644 index 0000000000..72b79bdd7d --- /dev/null +++ b/components/engine/builder/parser/testfiles/tf2/Dockerfile @@ -0,0 +1,23 @@ +FROM ubuntu:12.04 + +EXPOSE 27015 +EXPOSE 27005 +EXPOSE 26901 +EXPOSE 27020 + +RUN apt-get update && apt-get install libc6-dev-i386 curl unzip -y +RUN mkdir -p /steam +RUN curl http://media.steampowered.com/client/steamcmd_linux.tar.gz | tar vxz -C /steam +ADD ./script /steam/script +RUN /steam/steamcmd.sh +runscript /steam/script +RUN curl http://mirror.pointysoftware.net/alliedmodders/mmsource-1.10.0-linux.tar.gz | tar vxz -C /steam/tf2/tf +RUN curl http://mirror.pointysoftware.net/alliedmodders/sourcemod-1.5.3-linux.tar.gz | tar vxz -C /steam/tf2/tf +ADD ./server.cfg /steam/tf2/tf/cfg/server.cfg +ADD ./ctf_2fort.cfg /steam/tf2/tf/cfg/ctf_2fort.cfg +ADD ./sourcemod.cfg /steam/tf2/tf/cfg/sourcemod/sourcemod.cfg +RUN rm -r /steam/tf2/tf/addons/sourcemod/configs +ADD ./configs /steam/tf2/tf/addons/sourcemod/configs +RUN mkdir -p /steam/tf2/tf/addons/sourcemod/translations/en +RUN cp /steam/tf2/tf/addons/sourcemod/translations/*.txt /steam/tf2/tf/addons/sourcemod/translations/en + +CMD cd /steam/tf2 && ./srcds_run -port 27015 +ip 0.0.0.0 +map ctf_2fort -autoupdate -steam_dir /steam -steamcmd_script /steam/script +tf_bot_quota 12 +tf_bot_quota_mode fill diff --git a/components/engine/builder/parser/testfiles/tf2/result b/components/engine/builder/parser/testfiles/tf2/result new file mode 100644 index 0000000000..5ec173f67f --- /dev/null +++ b/components/engine/builder/parser/testfiles/tf2/result @@ -0,0 +1,20 @@ +(from "ubuntu:12.04") +(expose "27015") +(expose "27005") +(expose "26901") +(expose "27020") +(run "apt-get update && apt-get install libc6-dev-i386 curl unzip -y") +(run "mkdir -p /steam") +(run "curl http://media.steampowered.com/client/steamcmd_linux.tar.gz | tar vxz -C /steam") +(add "./script" "/steam/script") +(run "/steam/steamcmd.sh +runscript /steam/script") +(run "curl http://mirror.pointysoftware.net/alliedmodders/mmsource-1.10.0-linux.tar.gz | tar vxz -C /steam/tf2/tf") +(run "curl http://mirror.pointysoftware.net/alliedmodders/sourcemod-1.5.3-linux.tar.gz | tar vxz -C /steam/tf2/tf") +(add "./server.cfg" "/steam/tf2/tf/cfg/server.cfg") +(add "./ctf_2fort.cfg" "/steam/tf2/tf/cfg/ctf_2fort.cfg") +(add "./sourcemod.cfg" "/steam/tf2/tf/cfg/sourcemod/sourcemod.cfg") +(run "rm -r /steam/tf2/tf/addons/sourcemod/configs") +(add "./configs" "/steam/tf2/tf/addons/sourcemod/configs") +(run "mkdir -p /steam/tf2/tf/addons/sourcemod/translations/en") +(run "cp /steam/tf2/tf/addons/sourcemod/translations/*.txt /steam/tf2/tf/addons/sourcemod/translations/en") +(cmd "cd /steam/tf2 && ./srcds_run -port 27015 +ip 0.0.0.0 +map ctf_2fort -autoupdate -steam_dir /steam -steamcmd_script /steam/script +tf_bot_quota 12 +tf_bot_quota_mode fill") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/weechat/Dockerfile b/components/engine/builder/parser/testfiles/weechat/Dockerfile new file mode 100644 index 0000000000..4842088166 --- /dev/null +++ b/components/engine/builder/parser/testfiles/weechat/Dockerfile @@ -0,0 +1,9 @@ +FROM ubuntu:14.04 + +RUN apt-get update -qy && apt-get install tmux zsh weechat-curses -y + +ADD .weechat /.weechat +ADD .tmux.conf / +RUN echo "export TERM=screen-256color" >/.zshenv + +CMD zsh -c weechat diff --git a/components/engine/builder/parser/testfiles/weechat/result b/components/engine/builder/parser/testfiles/weechat/result new file mode 100644 index 0000000000..b358645cde --- /dev/null +++ b/components/engine/builder/parser/testfiles/weechat/result @@ -0,0 +1,6 @@ +(from "ubuntu:14.04") +(run "apt-get update -qy && apt-get install tmux zsh weechat-curses -y") +(add ".weechat" "/.weechat") +(add ".tmux.conf" "/") +(run "echo \"export TERM=screen-256color\" >/.zshenv") +(cmd "zsh -c weechat") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/znc/Dockerfile b/components/engine/builder/parser/testfiles/znc/Dockerfile new file mode 100644 index 0000000000..3a4da6e916 --- /dev/null +++ b/components/engine/builder/parser/testfiles/znc/Dockerfile @@ -0,0 +1,7 @@ +FROM ubuntu:14.04 +MAINTAINER Erik Hollensbe + +RUN apt-get update && apt-get install znc -y +ADD conf /.znc + +CMD [ "/usr/bin/znc", "-f", "-r" ] diff --git a/components/engine/builder/parser/testfiles/znc/result b/components/engine/builder/parser/testfiles/znc/result new file mode 100644 index 0000000000..b4ddf3e653 --- /dev/null +++ b/components/engine/builder/parser/testfiles/znc/result @@ -0,0 +1,5 @@ +(from "ubuntu:14.04") +(maintainer "Erik Hollensbe ") +(run "apt-get update && apt-get install znc -y") +(add "conf" "/.znc") +(cmd "/usr/bin/znc" "-f" "-r") \ No newline at end of file diff --git a/components/engine/builder/parser/utils.go b/components/engine/builder/parser/utils.go new file mode 100644 index 0000000000..08357b42db --- /dev/null +++ b/components/engine/builder/parser/utils.go @@ -0,0 +1,86 @@ +package parser + +import ( + "fmt" + "strings" +) + +// QuoteString walks characters (after trimming), escapes any quotes and +// escapes, then wraps the whole thing in quotes. Very useful for generating +// argument output in nodes. +func QuoteString(str string) string { + result := "" + chars := strings.Split(strings.TrimSpace(str), "") + + for _, char := range chars { + switch char { + case `"`: + result += `\"` + case `\`: + result += `\\` + default: + result += char + } + } + + return `"` + result + `"` +} + +// dumps the AST defined by `node` as a list of sexps. Returns a string +// suitable for printing. +func (node *Node) Dump() string { + str := "" + str += node.Value + + for _, n := range node.Children { + str += "(" + n.Dump() + ")\n" + } + + if node.Next != nil { + for n := node.Next; n != nil; n = n.Next { + if len(n.Children) > 0 { + str += " " + n.Dump() + } else { + str += " " + n.Value + } + } + } + + return strings.TrimSpace(str) +} + +// performs the dispatch based on the two primal strings, cmd and args. Please +// look at the dispatch table in parser.go to see how these dispatchers work. +func fullDispatch(cmd, args string) (*Node, error) { + if _, ok := dispatch[cmd]; !ok { + return nil, fmt.Errorf("'%s' is not a valid dockerfile command", cmd) + } + + sexp, err := dispatch[cmd](args) + if err != nil { + return nil, err + } + + return sexp, nil +} + +// splitCommand takes a single line of text and parses out the cmd and args, +// which are used for dispatching to more exact parsing functions. +func splitCommand(line string) (string, string) { + cmdline := TOKEN_WHITESPACE.Split(line, 2) + cmd := strings.ToLower(cmdline[0]) + // the cmd should never have whitespace, but it's possible for the args to + // have trailing whitespace. + return cmd, strings.TrimSpace(cmdline[1]) +} + +// covers comments and empty lines. Lines should be trimmed before passing to +// this function. +func stripComments(line string) string { + // string is already trimmed at this point + if TOKEN_COMMENT.MatchString(line) { + return TOKEN_COMMENT.ReplaceAllString(line, "") + } + + return line +} From e1413bfc9f426cb2a10d67b3088b6305bdab73f4 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Tue, 5 Aug 2014 14:03:49 -0700 Subject: [PATCH 058/540] builder: rewrote NewBuildFile according to tibor's comments Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: bb36902db60d5d4e3b18bc018212e40df2d412e8 Component: engine --- components/engine/builder/evaluator/evaluator.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/components/engine/builder/evaluator/evaluator.go b/components/engine/builder/evaluator/evaluator.go index 9b35bc2e15..4669386b26 100644 --- a/components/engine/builder/evaluator/evaluator.go +++ b/components/engine/builder/evaluator/evaluator.go @@ -57,7 +57,8 @@ type BuildOpts struct { AuthConfigFile *registry.ConfigFile } -func (opts *BuildOpts) NewBuildFile(file io.ReadWriteCloser) (*buildFile, error) { +func NewBuildFile(file io.ReadWriteCloser, opts *BuildOpts) (*buildFile, error) { + defer file.Close() ast, err := parser.Parse(file) if err != nil { return nil, err From 8d44d5632099264ad7f89cc0234c58639628dfb1 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Tue, 5 Aug 2014 15:41:09 -0700 Subject: [PATCH 059/540] builder: add command handling to evaluator. Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: d6c0bbc3cbf9204c506fedf4d0c5a477c7559a1d Component: engine --- .../builder/evaluator/builder/.gitignore | 2 - .../engine/builder/evaluator/builder/main.go | 31 -- .../engine/builder/evaluator/dispatchers.go | 211 ++++++++++- .../engine/builder/evaluator/evaluator.go | 159 +++++--- .../engine/builder/evaluator/internals.go | 354 ++++++++++++++++-- .../engine/builder/evaluator/support.go | 8 - .../engine/builder/parser/dumper/main.go | 2 +- .../engine/builder/parser/line_parsers.go | 25 +- components/engine/builder/parser/parser.go | 3 +- .../testfiles/brimstone-docker-consul/result | 2 +- components/engine/builder/parser/utils.go | 2 +- 11 files changed, 670 insertions(+), 129 deletions(-) delete mode 100644 components/engine/builder/evaluator/builder/.gitignore delete mode 100644 components/engine/builder/evaluator/builder/main.go diff --git a/components/engine/builder/evaluator/builder/.gitignore b/components/engine/builder/evaluator/builder/.gitignore deleted file mode 100644 index 85354a2b0e..0000000000 --- a/components/engine/builder/evaluator/builder/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -builder -Dockerfile diff --git a/components/engine/builder/evaluator/builder/main.go b/components/engine/builder/evaluator/builder/main.go deleted file mode 100644 index 8c0b6d1f0e..0000000000 --- a/components/engine/builder/evaluator/builder/main.go +++ /dev/null @@ -1,31 +0,0 @@ -package main - -import ( - "os" - - "github.com/erikh/buildfile/evaluator" -) - -func main() { - if len(os.Args) < 2 { - os.Stderr.WriteString("Please supply filename(s) to evaluate") - os.Exit(1) - } - - for _, fn := range os.Args[1:] { - f, err := os.Open(fn) - if err != nil { - panic(err) - } - - opts := &evaluator.BuildOpts{} - - bf, err := opts.NewBuildFile(f) - if err != nil { - panic(err) - } - if err := bf.Run(); err != nil { - panic(err) - } - } -} diff --git a/components/engine/builder/evaluator/dispatchers.go b/components/engine/builder/evaluator/dispatchers.go index f6c99a4db1..eefcb629be 100644 --- a/components/engine/builder/evaluator/dispatchers.go +++ b/components/engine/builder/evaluator/dispatchers.go @@ -2,10 +2,20 @@ package evaluator import ( "fmt" + "path/filepath" "strings" + + "github.com/docker/docker/nat" + "github.com/docker/docker/runconfig" + "github.com/docker/docker/utils" ) -func env(b *buildFile, args ...string) error { +// dispatch with no layer / parsing. +func nullDispatch(b *buildFile, args []string) error { + return nil +} + +func env(b *buildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("ENV accepts two arguments") } @@ -14,12 +24,12 @@ func env(b *buildFile, args ...string) error { // handling. This routine gets much shorter with the denormalization here. key := args[0] b.env[key] = args[1] - b.config.Env = append(b.config.Env, strings.Join("=", key, b.env[key])) + b.config.Env = append(b.config.Env, strings.Join([]string{key, b.env[key]}, "=")) - return b.commit("", b.config.Cmd, fmt.Sprintf("ENV %s", value)) + return b.commit("", b.config.Cmd, fmt.Sprintf("ENV %s=%s", key, b.env[key])) } -func maintainer(b *buildFile, args ...string) error { +func maintainer(b *buildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("MAINTAINER requires only one argument") } @@ -28,7 +38,7 @@ func maintainer(b *buildFile, args ...string) error { return b.commit("", b.config.Cmd, fmt.Sprintf("MAINTAINER %s", b.maintainer)) } -func add(b *buildFile, args ...string) error { +func add(b *buildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("ADD requires two arguments") } @@ -36,10 +46,199 @@ func add(b *buildFile, args ...string) error { return b.runContextCommand(args, true, true, "ADD") } -func dispatchCopy(b *buildFile, args ...string) error { +func dispatchCopy(b *buildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("COPY requires two arguments") } return b.runContextCommand(args, false, false, "COPY") } + +func from(b *buildFile, args []string) error { + if len(args) != 1 { + return fmt.Errorf("FROM requires one argument") + } + + name := args[0] + + image, err := b.options.Daemon.Repositories().LookupImage(name) + if err != nil { + if b.options.Daemon.Graph().IsNotExist(err) { + image, err = b.pullImage(name) + } + + // note that the top level err will still be !nil here if IsNotExist is + // not the error. This approach just simplifies hte logic a bit. + if err != nil { + return err + } + } + + return b.processImageFrom(image) +} + +func onbuild(b *buildFile, args []string) error { + triggerInstruction := strings.ToUpper(strings.TrimSpace(args[0])) + switch triggerInstruction { + case "ONBUILD": + return fmt.Errorf("Chaining ONBUILD via `ONBUILD ONBUILD` isn't allowed") + case "MAINTAINER", "FROM": + return fmt.Errorf("%s isn't allowed as an ONBUILD trigger", triggerInstruction) + } + + trigger := strings.Join(args, " ") + + b.config.OnBuild = append(b.config.OnBuild, trigger) + return b.commit("", b.config.Cmd, fmt.Sprintf("ONBUILD %s", trigger)) +} + +func workdir(b *buildFile, args []string) error { + if len(args) != 1 { + return fmt.Errorf("WORKDIR requires exactly one argument") + } + + workdir := args[0] + + if workdir[0] == '/' { + b.config.WorkingDir = workdir + } else { + if b.config.WorkingDir == "" { + b.config.WorkingDir = "/" + } + b.config.WorkingDir = filepath.Join(b.config.WorkingDir, workdir) + } + + return b.commit("", b.config.Cmd, fmt.Sprintf("WORKDIR %v", workdir)) +} + +func run(b *buildFile, args []string) error { + if len(args) == 1 { // literal string command, not an exec array + args = append([]string{"/bin/sh", "-c"}, args[0]) + } + + if b.image == "" { + return fmt.Errorf("Please provide a source image with `from` prior to run") + } + + config, _, _, err := runconfig.Parse(append([]string{b.image}, args...), nil) + if err != nil { + return err + } + + cmd := b.config.Cmd + // set Cmd manually, this is special case only for Dockerfiles + b.config.Cmd = config.Cmd + runconfig.Merge(b.config, config) + + defer func(cmd []string) { b.config.Cmd = cmd }(cmd) + + utils.Debugf("Command to be executed: %v", b.config.Cmd) + + hit, err := b.probeCache() + if err != nil { + return err + } + if hit { + return nil + } + + c, err := b.create() + if err != nil { + return err + } + // Ensure that we keep the container mounted until the commit + // to avoid unmounting and then mounting directly again + c.Mount() + defer c.Unmount() + + err = b.run(c) + if err != nil { + return err + } + if err := b.commit(c.ID, cmd, "run"); err != nil { + return err + } + + return nil +} + +func cmd(b *buildFile, args []string) error { + if len(args) < 2 { + args = append([]string{"/bin/sh", "-c"}, args...) + } + + b.config.Cmd = args + if err := b.commit("", b.config.Cmd, fmt.Sprintf("CMD %v", cmd)); err != nil { + return err + } + + b.cmdSet = true + return nil +} + +func entrypoint(b *buildFile, args []string) error { + b.config.Entrypoint = args + + // if there is no cmd in current Dockerfile - cleanup cmd + if !b.cmdSet { + b.config.Cmd = nil + } + if err := b.commit("", b.config.Cmd, fmt.Sprintf("ENTRYPOINT %v", entrypoint)); err != nil { + return err + } + return nil +} + +func expose(b *buildFile, args []string) error { + portsTab := args + + if b.config.ExposedPorts == nil { + b.config.ExposedPorts = make(nat.PortSet) + } + + ports, _, err := nat.ParsePortSpecs(append(portsTab, b.config.PortSpecs...)) + if err != nil { + return err + } + + for port := range ports { + if _, exists := b.config.ExposedPorts[port]; !exists { + b.config.ExposedPorts[port] = struct{}{} + } + } + b.config.PortSpecs = nil + + return b.commit("", b.config.Cmd, fmt.Sprintf("EXPOSE %v", ports)) +} + +func user(b *buildFile, args []string) error { + if len(args) != 1 { + return fmt.Errorf("USER requires exactly one argument") + } + + b.config.User = args[0] + return b.commit("", b.config.Cmd, fmt.Sprintf("USER %v", args)) +} + +func volume(b *buildFile, args []string) error { + if len(args) != 1 { + return fmt.Errorf("Volume cannot be empty") + } + + volume := args + + if b.config.Volumes == nil { + b.config.Volumes = map[string]struct{}{} + } + for _, v := range volume { + b.config.Volumes[v] = struct{}{} + } + if err := b.commit("", b.config.Cmd, fmt.Sprintf("VOLUME %s", args)); err != nil { + return err + } + return nil +} + +func insert(b *buildFile, args []string) error { + return fmt.Errorf("INSERT has been deprecated. Please use ADD instead") +} diff --git a/components/engine/builder/evaluator/evaluator.go b/components/engine/builder/evaluator/evaluator.go index 4669386b26..7b74db1d86 100644 --- a/components/engine/builder/evaluator/evaluator.go +++ b/components/engine/builder/evaluator/evaluator.go @@ -1,38 +1,54 @@ package evaluator import ( + "bytes" + "errors" "fmt" "io" - "regexp" + "io/ioutil" + "os" + "path" "strings" - "github.com/erikh/buildfile/parser" - + "github.com/docker/docker/builder/parser" "github.com/docker/docker/daemon" "github.com/docker/docker/engine" "github.com/docker/docker/nat" + "github.com/docker/docker/pkg/tarsum" "github.com/docker/docker/registry" "github.com/docker/docker/runconfig" "github.com/docker/docker/utils" ) var ( - evaluateTable = map[string]func(*buildFile, ...string) error{ - "env": env, - "maintainer": maintainer, - "add": add, - "copy": dispatchCopy, // copy() is a go builtin - //"onbuild": parseMaybeJSON, - //"workdir": parseString, - //"docker-version": parseString, - //"run": parseMaybeJSON, - //"cmd": parseMaybeJSON, - //"entrypoint": parseMaybeJSON, - //"expose": parseMaybeJSON, - //"volume": parseMaybeJSON, - } + ErrDockerfileEmpty = errors.New("Dockerfile cannot be empty") ) +var evaluateTable map[string]func(*buildFile, []string) error + +func init() { + evaluateTable = map[string]func(*buildFile, []string) error{ + "env": env, + "maintainer": maintainer, + "add": add, + "copy": dispatchCopy, // copy() is a go builtin + "from": from, + "onbuild": onbuild, + "workdir": workdir, + "docker-version": nullDispatch, // we don't care about docker-version + "run": run, + "cmd": cmd, + "entrypoint": entrypoint, + "expose": expose, + "volume": volume, + "user": user, + "insert": insert, + } +} + +type envMap map[string]string +type uniqueMap map[string]struct{} + type buildFile struct { dockerfile *parser.Node env envMap @@ -40,48 +56,86 @@ type buildFile struct { config *runconfig.Config options *BuildOpts maintainer string + + // cmdSet indicates is CMD was set in current Dockerfile + cmdSet bool + + context *tarsum.TarSum + contextPath string + tmpContainers uniqueMap + tmpImages uniqueMap } type BuildOpts struct { - Daemon *daemon.Daemon - Engine *engine.Engine - OutStream io.Writer - ErrStream io.Writer - Verbose bool - UtilizeCache bool - Remove bool - ForceRm bool + Daemon *daemon.Daemon + Engine *engine.Engine + OutStream io.Writer + ErrStream io.Writer + Verbose bool + UtilizeCache bool + Remove bool + ForceRemove bool + AuthConfig *registry.AuthConfig + AuthConfigFile *registry.ConfigFile + + // Deprecated, original writer used for ImagePull. To be removed. OutOld io.Writer StreamFormatter *utils.StreamFormatter - Auth *registry.AuthConfig - AuthConfigFile *registry.ConfigFile } -func NewBuildFile(file io.ReadWriteCloser, opts *BuildOpts) (*buildFile, error) { - defer file.Close() - ast, err := parser.Parse(file) - if err != nil { - return nil, err - } - +func NewBuilder(opts *BuildOpts) (*buildFile, error) { return &buildFile{ - dockerfile: ast, - env: envMap{}, - config: initRunConfig(), - options: opts, + dockerfile: nil, + env: envMap{}, + config: initRunConfig(), + options: opts, + tmpContainers: make(uniqueMap), + tmpImages: make(uniqueMap), }, nil } -func (b *buildFile) Run() error { - node := b.dockerfile +func (b *buildFile) Run(context io.Reader) (string, error) { + err := b.readContext(context) - for i, n := range node.Children { + if err != nil { + return "", err + } + + filename := path.Join(b.contextPath, "Dockerfile") + if _, err := os.Stat(filename); os.IsNotExist(err) { + return "", fmt.Errorf("Cannot build a directory without a Dockerfile") + } + fileBytes, err := ioutil.ReadFile(filename) + if err != nil { + return "", err + } + if len(fileBytes) == 0 { + return "", ErrDockerfileEmpty + } + ast, err := parser.Parse(bytes.NewReader(fileBytes)) + if err != nil { + return "", err + } + + b.dockerfile = ast + + for i, n := range b.dockerfile.Children { if err := b.dispatch(i, n); err != nil { - return err + if b.options.ForceRemove { + b.clearTmp(b.tmpContainers) + } + return "", err + } else if b.options.Remove { + b.clearTmp(b.tmpContainers) } } - return nil + if b.image == "" { + return "", fmt.Errorf("No image was generated. This may be because the Dockerfile does not, like, do anything.\n") + } + + fmt.Fprintf(b.options.OutStream, "Successfully built %s\n", utils.TruncateID(b.image)) + return b.image, nil } func initRunConfig() *runconfig.Config { @@ -94,7 +148,7 @@ func initRunConfig() *runconfig.Config { // FIXME(erikh) this should also be a type in runconfig Volumes: map[string]struct{}{}, - Entrypoint: []string{}, + Entrypoint: []string{"/bin/sh", "-c"}, OnBuild: []string{}, } } @@ -102,17 +156,24 @@ func initRunConfig() *runconfig.Config { func (b *buildFile) dispatch(stepN int, ast *parser.Node) error { cmd := ast.Value strs := []string{} - for ast.Next != nil { - ast = ast.Next - strs = append(strs, replaceEnv(b, stripQuotes(ast.Value))) + + if cmd == "onbuild" { + fmt.Fprintf(b.options.OutStream, "%#v\n", ast.Next.Children[0].Value) + ast = ast.Next.Children[0] + strs = append(strs, ast.Value) } - fmt.Fprintf(b.outStream, "Step %d : %s\n", i, cmd, expression) + for ast.Next != nil { + ast = ast.Next + strs = append(strs, replaceEnv(b, ast.Value)) + } + + fmt.Fprintf(b.options.OutStream, "Step %d : %s %s\n", stepN, strings.ToUpper(cmd), strings.Join(strs, " ")) // XXX yes, we skip any cmds that are not valid; the parser should have // picked these out already. if f, ok := evaluateTable[cmd]; ok { - return f(b, strs...) + return f(b, strs) } return nil diff --git a/components/engine/builder/evaluator/internals.go b/components/engine/builder/evaluator/internals.go index 8f81624381..719a6d3639 100644 --- a/components/engine/builder/evaluator/internals.go +++ b/components/engine/builder/evaluator/internals.go @@ -1,6 +1,33 @@ package evaluator -func (b *buildFile) addContext(context io.Reader) (string, error) { +import ( + "crypto/sha256" + "encoding/hex" + "fmt" + "io" + "io/ioutil" + "net/url" + "os" + "path" + "path/filepath" + "sort" + "strings" + "syscall" + "time" + + "github.com/docker/docker/archive" + "github.com/docker/docker/daemon" + imagepkg "github.com/docker/docker/image" + "github.com/docker/docker/pkg/parsers" + "github.com/docker/docker/pkg/symlink" + "github.com/docker/docker/pkg/system" + "github.com/docker/docker/pkg/tarsum" + "github.com/docker/docker/registry" + "github.com/docker/docker/runconfig" + "github.com/docker/docker/utils" +) + +func (b *buildFile) readContext(context io.Reader) error { tmpdirPath, err := ioutil.TempDir("", "docker-build") if err != nil { return err @@ -17,7 +44,7 @@ func (b *buildFile) addContext(context io.Reader) (string, error) { } b.contextPath = tmpdirPath - return tmpdirPath + return nil } func (b *buildFile) commit(id string, autoCmd []string, comment string) error { @@ -38,15 +65,15 @@ func (b *buildFile) commit(id string, autoCmd []string, comment string) error { return nil } - container, warnings, err := b.daemon.Create(b.config, "") + container, warnings, err := b.options.Daemon.Create(b.config, "") if err != nil { return err } for _, warning := range warnings { - fmt.Fprintf(b.outStream, " ---> [Warning] %s\n", warning) + fmt.Fprintf(b.options.OutStream, " ---> [Warning] %s\n", warning) } b.tmpContainers[container.ID] = struct{}{} - fmt.Fprintf(b.outStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) + fmt.Fprintf(b.options.OutStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) id = container.ID if err := container.Mount(); err != nil { @@ -54,7 +81,7 @@ func (b *buildFile) commit(id string, autoCmd []string, comment string) error { } defer container.Unmount() } - container := b.daemon.Get(id) + container := b.options.Daemon.Get(id) if container == nil { return fmt.Errorf("An error occured while creating the container") } @@ -63,7 +90,7 @@ func (b *buildFile) commit(id string, autoCmd []string, comment string) error { autoConfig := *b.config autoConfig.Cmd = autoCmd // Commit the container - image, err := b.daemon.Commit(container, "", "", "", b.maintainer, true, &autoConfig) + image, err := b.options.Daemon.Commit(container, "", "", "", b.maintainer, true, &autoConfig) if err != nil { return err } @@ -72,24 +99,17 @@ func (b *buildFile) commit(id string, autoCmd []string, comment string) error { return nil } -func (b *buildFile) runContextCommand(args string, allowRemote bool, allowDecompression bool, cmdName string) error { +func (b *buildFile) runContextCommand(args []string, allowRemote bool, allowDecompression bool, cmdName string) error { if b.context == nil { return fmt.Errorf("No context given. Impossible to use %s", cmdName) } - tmp := strings.SplitN(args, " ", 2) - if len(tmp) != 2 { + + if len(args) != 2 { return fmt.Errorf("Invalid %s format", cmdName) } - orig, err := b.ReplaceEnvMatches(strings.Trim(tmp[0], " \t")) - if err != nil { - return err - } - - dest, err := b.ReplaceEnvMatches(strings.Trim(tmp[1], " \t")) - if err != nil { - return err - } + orig := args[0] + dest := args[1] cmd := b.config.Cmd b.config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, orig, dest)} @@ -178,7 +198,7 @@ func (b *buildFile) runContextCommand(args string, allowRemote bool, allowDecomp } // Hash path and check the cache - if b.utilizeCache { + if b.options.UtilizeCache { var ( hash string sums = b.context.GetSums() @@ -222,7 +242,7 @@ func (b *buildFile) runContextCommand(args string, allowRemote bool, allowDecomp } // Create the container - container, _, err := b.daemon.Create(b.config, "") + container, _, err := b.options.Daemon.Create(b.config, "") if err != nil { return err } @@ -245,3 +265,295 @@ func (b *buildFile) runContextCommand(args string, allowRemote bool, allowDecomp } return nil } + +func (b *buildFile) pullImage(name string) (*imagepkg.Image, error) { + remote, tag := parsers.ParseRepositoryTag(name) + pullRegistryAuth := b.options.AuthConfig + if len(b.options.AuthConfigFile.Configs) > 0 { + // The request came with a full auth config file, we prefer to use that + endpoint, _, err := registry.ResolveRepositoryName(remote) + if err != nil { + return nil, err + } + resolvedAuth := b.options.AuthConfigFile.ResolveAuthConfig(endpoint) + pullRegistryAuth = &resolvedAuth + } + job := b.options.Engine.Job("pull", remote, tag) + job.SetenvBool("json", b.options.StreamFormatter.Json()) + job.SetenvBool("parallel", true) + job.SetenvJson("authConfig", pullRegistryAuth) + job.Stdout.Add(b.options.OutOld) + if err := job.Run(); err != nil { + return nil, err + } + image, err := b.options.Daemon.Repositories().LookupImage(name) + if err != nil { + return nil, err + } + + return image, nil +} + +func (b *buildFile) processImageFrom(img *imagepkg.Image) error { + b.image = img.ID + b.config = &runconfig.Config{} + if img.Config != nil { + b.config = img.Config + } + if b.config.Env == nil || len(b.config.Env) == 0 { + b.config.Env = append(b.config.Env, "PATH="+daemon.DefaultPathEnv) + } + // Process ONBUILD triggers if they exist + if nTriggers := len(b.config.OnBuild); nTriggers != 0 { + fmt.Fprintf(b.options.ErrStream, "# Executing %d build triggers\n", nTriggers) + } + + // Copy the ONBUILD triggers, and remove them from the config, since the config will be commited. + onBuildTriggers := b.config.OnBuild + b.config.OnBuild = []string{} + + // FIXME rewrite this so that builder/parser is used; right now steps in + // onbuild are muted because we have no good way to represent the step + // number + for _, step := range onBuildTriggers { + splitStep := strings.Split(step, " ") + stepInstruction := strings.ToUpper(strings.Trim(splitStep[0], " ")) + switch stepInstruction { + case "ONBUILD": + return fmt.Errorf("Source image contains forbidden chained `ONBUILD ONBUILD` trigger: %s", step) + case "MAINTAINER", "FROM": + return fmt.Errorf("Source image contains forbidden %s trigger: %s", stepInstruction, step) + } + + // FIXME we have to run the evaluator manually here. This does not belong + // in this function. + + if f, ok := evaluateTable[strings.ToLower(stepInstruction)]; ok { + if err := f(b, splitStep[1:]); err != nil { + return err + } + } else { + return fmt.Errorf("%s doesn't appear to be a valid Dockerfile instruction", splitStep[0]) + } + } + + return nil +} + +// probeCache checks to see if image-caching is enabled (`b.options.UtilizeCache`) +// and if so attempts to look up the current `b.image` and `b.config` pair +// in the current server `b.options.Daemon`. If an image is found, probeCache returns +// `(true, nil)`. If no image is found, it returns `(false, nil)`. If there +// is any error, it returns `(false, err)`. +func (b *buildFile) probeCache() (bool, error) { + if b.options.UtilizeCache { + if cache, err := b.options.Daemon.ImageGetCached(b.image, b.config); err != nil { + return false, err + } else if cache != nil { + fmt.Fprintf(b.options.OutStream, " ---> Using cache\n") + utils.Debugf("[BUILDER] Use cached version") + b.image = cache.ID + return true, nil + } else { + utils.Debugf("[BUILDER] Cache miss") + } + } + return false, nil +} + +func (b *buildFile) create() (*daemon.Container, error) { + if b.image == "" { + return nil, fmt.Errorf("Please provide a source image with `from` prior to run") + } + b.config.Image = b.image + + // Create the container + c, _, err := b.options.Daemon.Create(b.config, "") + if err != nil { + return nil, err + } + b.tmpContainers[c.ID] = struct{}{} + fmt.Fprintf(b.options.OutStream, " ---> Running in %s\n", utils.TruncateID(c.ID)) + + // override the entry point that may have been picked up from the base image + c.Path = b.config.Cmd[0] + c.Args = b.config.Cmd[1:] + + return c, nil +} + +func (b *buildFile) run(c *daemon.Container) error { + var errCh chan error + if b.options.Verbose { + errCh = utils.Go(func() error { + // FIXME: call the 'attach' job so that daemon.Attach can be made private + // + // FIXME (LK4D4): Also, maybe makes sense to call "logs" job, it is like attach + // but without hijacking for stdin. Also, with attach there can be race + // condition because of some output already was printed before it. + return <-b.options.Daemon.Attach(c, nil, nil, b.options.OutStream, b.options.ErrStream) + }) + } + + //start the container + if err := c.Start(); err != nil { + return err + } + + if errCh != nil { + if err := <-errCh; err != nil { + return err + } + } + + // Wait for it to finish + if ret, _ := c.State.WaitStop(-1 * time.Second); ret != 0 { + err := &utils.JSONError{ + Message: fmt.Sprintf("The command %v returned a non-zero code: %d", b.config.Cmd, ret), + Code: ret, + } + return err + } + + return nil +} + +func (b *buildFile) checkPathForAddition(orig string) error { + origPath := path.Join(b.contextPath, orig) + if p, err := filepath.EvalSymlinks(origPath); err != nil { + if os.IsNotExist(err) { + return fmt.Errorf("%s: no such file or directory", orig) + } + return err + } else { + origPath = p + } + if !strings.HasPrefix(origPath, b.contextPath) { + return fmt.Errorf("Forbidden path outside the build context: %s (%s)", orig, origPath) + } + _, err := os.Stat(origPath) + if err != nil { + if os.IsNotExist(err) { + return fmt.Errorf("%s: no such file or directory", orig) + } + return err + } + return nil +} + +func (b *buildFile) addContext(container *daemon.Container, orig, dest string, decompress bool) error { + var ( + err error + destExists = true + origPath = path.Join(b.contextPath, orig) + destPath = path.Join(container.RootfsPath(), dest) + ) + + if destPath != container.RootfsPath() { + destPath, err = symlink.FollowSymlinkInScope(destPath, container.RootfsPath()) + if err != nil { + return err + } + } + + // Preserve the trailing '/' + if strings.HasSuffix(dest, "/") || dest == "." { + destPath = destPath + "/" + } + + destStat, err := os.Stat(destPath) + if err != nil { + if !os.IsNotExist(err) { + return err + } + destExists = false + } + + fi, err := os.Stat(origPath) + if err != nil { + if os.IsNotExist(err) { + return fmt.Errorf("%s: no such file or directory", orig) + } + return err + } + + if fi.IsDir() { + return copyAsDirectory(origPath, destPath, destExists) + } + + // If we are adding a remote file (or we've been told not to decompress), do not try to untar it + if decompress { + // First try to unpack the source as an archive + // to support the untar feature we need to clean up the path a little bit + // because tar is very forgiving. First we need to strip off the archive's + // filename from the path but this is only added if it does not end in / . + tarDest := destPath + if strings.HasSuffix(tarDest, "/") { + tarDest = filepath.Dir(destPath) + } + + // try to successfully untar the orig + if err := archive.UntarPath(origPath, tarDest); err == nil { + return nil + } else if err != io.EOF { + utils.Debugf("Couldn't untar %s to %s: %s", origPath, tarDest, err) + } + } + + if err := os.MkdirAll(path.Dir(destPath), 0755); err != nil { + return err + } + if err := archive.CopyWithTar(origPath, destPath); err != nil { + return err + } + + resPath := destPath + if destExists && destStat.IsDir() { + resPath = path.Join(destPath, path.Base(origPath)) + } + + return fixPermissions(resPath, 0, 0) +} + +func copyAsDirectory(source, destination string, destinationExists bool) error { + if err := archive.CopyWithTar(source, destination); err != nil { + return err + } + + if destinationExists { + files, err := ioutil.ReadDir(source) + if err != nil { + return err + } + + for _, file := range files { + if err := fixPermissions(filepath.Join(destination, file.Name()), 0, 0); err != nil { + return err + } + } + return nil + } + + return fixPermissions(destination, 0, 0) +} + +func fixPermissions(destination string, uid, gid int) error { + return filepath.Walk(destination, func(path string, info os.FileInfo, err error) error { + if err := os.Lchown(path, uid, gid); err != nil && !os.IsNotExist(err) { + return err + } + return nil + }) +} + +func (b *buildFile) clearTmp(containers map[string]struct{}) { + for c := range containers { + tmp := b.options.Daemon.Get(c) + if err := b.options.Daemon.Destroy(tmp); err != nil { + fmt.Fprintf(b.options.OutStream, "Error removing intermediate container %s: %s\n", utils.TruncateID(c), err.Error()) + } else { + delete(containers, c) + fmt.Fprintf(b.options.OutStream, "Removing intermediate container %s\n", utils.TruncateID(c)) + } + } +} diff --git a/components/engine/builder/evaluator/support.go b/components/engine/builder/evaluator/support.go index 41f9c6a5ba..da9f64695e 100644 --- a/components/engine/builder/evaluator/support.go +++ b/components/engine/builder/evaluator/support.go @@ -6,17 +6,9 @@ import ( ) var ( - TOKEN_ESCAPED_QUOTE = regexp.MustCompile(`\\"`) - TOKEN_ESCAPED_ESCAPE = regexp.MustCompile(`\\\\`) TOKEN_ENV_INTERPOLATION = regexp.MustCompile("(\\\\\\\\+|[^\\\\]|\\b|\\A)\\$({?)([[:alnum:]_]+)(}?)") ) -func stripQuotes(str string) string { - str = str[1 : len(str)-1] - str = TOKEN_ESCAPED_QUOTE.ReplaceAllString(str, `"`) - return TOKEN_ESCAPED_ESCAPE.ReplaceAllString(str, `\`) -} - func replaceEnv(b *buildFile, str string) string { for _, match := range TOKEN_ENV_INTERPOLATION.FindAllString(str, -1) { match = match[strings.Index(match, "$"):] diff --git a/components/engine/builder/parser/dumper/main.go b/components/engine/builder/parser/dumper/main.go index 96c0db2d05..aea7ee74cb 100644 --- a/components/engine/builder/parser/dumper/main.go +++ b/components/engine/builder/parser/dumper/main.go @@ -4,7 +4,7 @@ import ( "fmt" "os" - "github.com/erikh/buildfile/parser" + "github.com/docker/docker/builder/parser" ) func main() { diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go index d9716698ec..9ae2a3191f 100644 --- a/components/engine/builder/parser/line_parsers.go +++ b/components/engine/builder/parser/line_parsers.go @@ -27,13 +27,11 @@ func parseEnv(rest string) (*Node, error) { node := blankNode() rootnode := node strs := TOKEN_WHITESPACE.Split(rest, 2) - node.Value = QuoteString(strs[0]) + node.Value = strs[0] node.Next = blankNode() - node.Next.Value = QuoteString(strs[1]) + node.Next.Value = strs[1] return rootnode, nil - - return node, nil } // parses a whitespace-delimited set of arguments. The result is effectively a @@ -41,18 +39,25 @@ func parseEnv(rest string) (*Node, error) { func parseStringsWhitespaceDelimited(rest string) (*Node, error) { node := blankNode() rootnode := node + prevnode := node for _, str := range TOKEN_WHITESPACE.Split(rest, -1) { // use regexp - node.Value = QuoteString(str) + prevnode = node + node.Value = str node.Next = blankNode() node = node.Next } + // XXX to get around regexp.Split *always* providing an empty string at the + // end due to how our loop is constructed, nil out the last node in the + // chain. + prevnode.Next = nil + return rootnode, nil } // parsestring just wraps the string in quotes and returns a working node. func parseString(rest string) (*Node, error) { - return &Node{QuoteString(rest), nil, nil}, nil + return &Node{rest, nil, nil}, nil } // parseJSON converts JSON arrays to an AST. @@ -61,6 +66,7 @@ func parseJSON(rest string) (*Node, error) { myJson []interface{} next = blankNode() orignext = next + prevnode = next ) if err := json.Unmarshal([]byte(rest), &myJson); err != nil { @@ -72,11 +78,14 @@ func parseJSON(rest string) (*Node, error) { case float64: str = strconv.FormatFloat(str.(float64), 'G', -1, 64) } - next.Value = QuoteString(str.(string)) + next.Value = str.(string) next.Next = blankNode() + prevnode = next next = next.Next } + prevnode.Next = nil + return orignext, nil } @@ -94,6 +103,6 @@ func parseMaybeJSON(rest string) (*Node, error) { } node := blankNode() - node.Value = QuoteString(rest) + node.Value = rest return node, nil } diff --git a/components/engine/builder/parser/parser.go b/components/engine/builder/parser/parser.go index c2715d43c7..08f67dbb2c 100644 --- a/components/engine/builder/parser/parser.go +++ b/components/engine/builder/parser/parser.go @@ -43,7 +43,7 @@ type Node struct { var ( dispatch map[string]func(string) (*Node, error) - TOKEN_WHITESPACE = regexp.MustCompile(`\s+`) + TOKEN_WHITESPACE = regexp.MustCompile(`[\t\v\f\r ]+`) TOKEN_LINE_CONTINUATION = regexp.MustCompile(`\\$`) TOKEN_COMMENT = regexp.MustCompile(`^#.*$`) ) @@ -70,6 +70,7 @@ func init() { "entrypoint": parseMaybeJSON, "expose": parseStringsWhitespaceDelimited, "volume": parseMaybeJSON, + "insert": parseIgnore, } } diff --git a/components/engine/builder/parser/testfiles/brimstone-docker-consul/result b/components/engine/builder/parser/testfiles/brimstone-docker-consul/result index 739dc6423f..e7fee03985 100644 --- a/components/engine/builder/parser/testfiles/brimstone-docker-consul/result +++ b/components/engine/builder/parser/testfiles/brimstone-docker-consul/result @@ -1,5 +1,5 @@ (from "brimstone/ubuntu:14.04") -(cmd) +(cmd "") (entrypoint "/usr/bin/consul" "agent" "-server" "-data-dir=/consul" "-client=0.0.0.0" "-ui-dir=/webui") (expose "8500" "8600" "8400" "8301" "8302") (run "apt-get update && apt-get install -y unzip wget && apt-get clean && rm -rf /var/lib/apt/lists") diff --git a/components/engine/builder/parser/utils.go b/components/engine/builder/parser/utils.go index 08357b42db..08d3e454dd 100644 --- a/components/engine/builder/parser/utils.go +++ b/components/engine/builder/parser/utils.go @@ -41,7 +41,7 @@ func (node *Node) Dump() string { if len(n.Children) > 0 { str += " " + n.Dump() } else { - str += " " + n.Value + str += " " + QuoteString(n.Value) } } } From 1fe3a4f0e387a875d56c9743e6ce26997cf91a83 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Wed, 6 Aug 2014 22:56:44 -0700 Subject: [PATCH 060/540] builder: comments / documentation Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 3f5f6b038f56bc89d39a74fbb9c765daf98ae4d8 Component: engine --- .../engine/builder/evaluator/dispatchers.go | 81 +++++++++++++- .../engine/builder/evaluator/evaluator.go | 102 +++++++++++++----- .../engine/builder/evaluator/internals.go | 3 + .../engine/builder/evaluator/support.go | 1 + .../engine/builder/parser/line_parsers.go | 11 ++ components/engine/builder/parser/parser.go | 32 ++---- 6 files changed, 181 insertions(+), 49 deletions(-) diff --git a/components/engine/builder/evaluator/dispatchers.go b/components/engine/builder/evaluator/dispatchers.go index eefcb629be..e7db2f008b 100644 --- a/components/engine/builder/evaluator/dispatchers.go +++ b/components/engine/builder/evaluator/dispatchers.go @@ -1,5 +1,12 @@ package evaluator +// This file contains the dispatchers for each command. Note that +// `nullDispatch` is not actually a command, but support for commands we parse +// but do nothing with. +// +// See evaluator.go for a higher level discussion of the whole evaluator +// package. + import ( "fmt" "path/filepath" @@ -10,11 +17,16 @@ import ( "github.com/docker/docker/utils" ) -// dispatch with no layer / parsing. +// dispatch with no layer / parsing. This is effectively not a command. func nullDispatch(b *buildFile, args []string) error { return nil } +// ENV foo bar +// +// Sets the environment variable foo to bar, also makes interpolation +// in the dockerfile available from the next statement on via ${foo}. +// func env(b *buildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("ENV accepts two arguments") @@ -29,6 +41,9 @@ func env(b *buildFile, args []string) error { return b.commit("", b.config.Cmd, fmt.Sprintf("ENV %s=%s", key, b.env[key])) } +// MAINTAINER some text +// +// Sets the maintainer metadata. func maintainer(b *buildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("MAINTAINER requires only one argument") @@ -38,6 +53,11 @@ func maintainer(b *buildFile, args []string) error { return b.commit("", b.config.Cmd, fmt.Sprintf("MAINTAINER %s", b.maintainer)) } +// ADD foo /path +// +// Add the file 'foo' to '/path'. Tarball and Remote URL (git, http) handling +// exist here. If you do not wish to have this automatic handling, use COPY. +// func add(b *buildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("ADD requires two arguments") @@ -46,6 +66,10 @@ func add(b *buildFile, args []string) error { return b.runContextCommand(args, true, true, "ADD") } +// COPY foo /path +// +// Same as 'ADD' but without the tar and remote url handling. +// func dispatchCopy(b *buildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("COPY requires two arguments") @@ -54,6 +78,10 @@ func dispatchCopy(b *buildFile, args []string) error { return b.runContextCommand(args, false, false, "COPY") } +// FROM imagename +// +// This sets the image the dockerfile will build on top of. +// func from(b *buildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("FROM requires one argument") @@ -77,6 +105,15 @@ func from(b *buildFile, args []string) error { return b.processImageFrom(image) } +// ONBUILD RUN echo yo +// +// ONBUILD triggers run when the image is used in a FROM statement. +// +// ONBUILD handling has a lot of special-case functionality, the heading in +// evaluator.go and comments around dispatch() in the same file explain the +// special cases. search for 'OnBuild' in internals.go for additional special +// cases. +// func onbuild(b *buildFile, args []string) error { triggerInstruction := strings.ToUpper(strings.TrimSpace(args[0])) switch triggerInstruction { @@ -92,6 +129,10 @@ func onbuild(b *buildFile, args []string) error { return b.commit("", b.config.Cmd, fmt.Sprintf("ONBUILD %s", trigger)) } +// WORKDIR /tmp +// +// Set the working directory for future RUN/CMD/etc statements. +// func workdir(b *buildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("WORKDIR requires exactly one argument") @@ -111,6 +152,15 @@ func workdir(b *buildFile, args []string) error { return b.commit("", b.config.Cmd, fmt.Sprintf("WORKDIR %v", workdir)) } +// RUN some command yo +// +// run a command and commit the image. Args are automatically prepended with +// 'sh -c' in the event there is only one argument. The difference in +// processing: +// +// RUN echo hi # sh -c echo hi +// RUN [ "echo", "hi" ] # echo hi +// func run(b *buildFile, args []string) error { if len(args) == 1 { // literal string command, not an exec array args = append([]string{"/bin/sh", "-c"}, args[0]) @@ -162,6 +212,11 @@ func run(b *buildFile, args []string) error { return nil } +// CMD foo +// +// Set the default command to run in the container (which may be empty). +// Argument handling is the same as RUN. +// func cmd(b *buildFile, args []string) error { if len(args) < 2 { args = append([]string{"/bin/sh", "-c"}, args...) @@ -176,6 +231,14 @@ func cmd(b *buildFile, args []string) error { return nil } +// ENTRYPOINT /usr/sbin/nginx +// +// Set the entrypoint (which defaults to sh -c) to /usr/sbin/nginx. Will +// accept the CMD as the arguments to /usr/sbin/nginx. +// +// Handles command processing similar to CMD and RUN, only b.config.Entrypoint +// is initialized at NewBuilder time instead of through argument parsing. +// func entrypoint(b *buildFile, args []string) error { b.config.Entrypoint = args @@ -189,6 +252,11 @@ func entrypoint(b *buildFile, args []string) error { return nil } +// EXPOSE 6667/tcp 7000/tcp +// +// Expose ports for links and port mappings. This all ends up in +// b.config.ExposedPorts for runconfig. +// func expose(b *buildFile, args []string) error { portsTab := args @@ -211,6 +279,11 @@ func expose(b *buildFile, args []string) error { return b.commit("", b.config.Cmd, fmt.Sprintf("EXPOSE %v", ports)) } +// USER foo +// +// Set the user to 'foo' for future commands and when running the +// ENTRYPOINT/CMD at container run time. +// func user(b *buildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("USER requires exactly one argument") @@ -220,6 +293,11 @@ func user(b *buildFile, args []string) error { return b.commit("", b.config.Cmd, fmt.Sprintf("USER %v", args)) } +// VOLUME /foo +// +// Expose the volume /foo for use. Will also accept the JSON form, but either +// way requires exactly one argument. +// func volume(b *buildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("Volume cannot be empty") @@ -239,6 +317,7 @@ func volume(b *buildFile, args []string) error { return nil } +// INSERT is no longer accepted, but we still parse it. func insert(b *buildFile, args []string) error { return fmt.Errorf("INSERT has been deprecated. Please use ADD instead") } diff --git a/components/engine/builder/evaluator/evaluator.go b/components/engine/builder/evaluator/evaluator.go index 7b74db1d86..2b22d47317 100644 --- a/components/engine/builder/evaluator/evaluator.go +++ b/components/engine/builder/evaluator/evaluator.go @@ -1,3 +1,22 @@ +// evaluator is the evaluation step in the Dockerfile parse/evaluate pipeline. +// +// It incorporates a dispatch table based on the parser.Node values (see the +// parser package for more information) that are yielded from the parser itself. +// Calling NewBuilder with the BuildOpts struct can be used to customize the +// experience for execution purposes only. Parsing is controlled in the parser +// package, and this division of resposibility should be respected. +// +// Please see the jump table targets for the actual invocations, most of which +// will call out to the functions in internals.go to deal with their tasks. +// +// ONBUILD is a special case, which is covered in the onbuild() func in +// dispatchers.go. +// +// The evaluator uses the concept of "steps", which are usually each processable +// line in the Dockerfile. Each step is numbered and certain actions are taken +// before and after each step, such as creating an image ID and removing temporary +// containers and images. Note that ONBUILD creates a kinda-sorta "sub run" which +// includes its own set of steps (usually only one of them). package evaluator import ( @@ -49,32 +68,40 @@ func init() { type envMap map[string]string type uniqueMap map[string]struct{} +// internal struct, used to maintain configuration of the Dockerfile's +// processing as it evaluates the parsing result. type buildFile struct { - dockerfile *parser.Node - env envMap - image string - config *runconfig.Config - options *BuildOpts - maintainer string + dockerfile *parser.Node // the syntax tree of the dockerfile + env envMap // map of environment variables + image string // image name for commit processing + config *runconfig.Config // runconfig for cmd, run, entrypoint etc. + options *BuildOpts // see below + maintainer string // maintainer name. could probably be removed. + cmdSet bool // indicates is CMD was set in current Dockerfile + context *tarsum.TarSum // the context is a tarball that is uploaded by the client + contextPath string // the path of the temporary directory the local context is unpacked to (server side) - // cmdSet indicates is CMD was set in current Dockerfile - cmdSet bool - - context *tarsum.TarSum - contextPath string - tmpContainers uniqueMap - tmpImages uniqueMap + // both of these are controlled by the Remove and ForceRemove options in BuildOpts + tmpContainers uniqueMap // a map of containers used for removes + tmpImages uniqueMap // a map of images used for removes } type BuildOpts struct { - Daemon *daemon.Daemon - Engine *engine.Engine - OutStream io.Writer - ErrStream io.Writer - Verbose bool - UtilizeCache bool - Remove bool - ForceRemove bool + Daemon *daemon.Daemon + Engine *engine.Engine + + // effectively stdio for the run. Because it is not stdio, I said + // "Effectively". Do not use stdio anywhere in this package for any reason. + OutStream io.Writer + ErrStream io.Writer + + Verbose bool + UtilizeCache bool + + // controls how images and containers are handled between steps. + Remove bool + ForceRemove bool + AuthConfig *registry.AuthConfig AuthConfigFile *registry.ConfigFile @@ -83,6 +110,7 @@ type BuildOpts struct { StreamFormatter *utils.StreamFormatter } +// Create a new builder. func NewBuilder(opts *BuildOpts) (*buildFile, error) { return &buildFile{ dockerfile: nil, @@ -94,10 +122,20 @@ func NewBuilder(opts *BuildOpts) (*buildFile, error) { }, nil } +// Run the builder with the context. This is the lynchpin of this package. This +// will (barring errors): +// +// * call readContext() which will set up the temporary directory and unpack +// the context into it. +// * read the dockerfile +// * parse the dockerfile +// * walk the parse tree and execute it by dispatching to handlers. If Remove +// or ForceRemove is set, additional cleanup around containers happens after +// processing. +// * Print a happy message and return the image ID. +// func (b *buildFile) Run(context io.Reader) (string, error) { - err := b.readContext(context) - - if err != nil { + if err := b.readContext(context); err != nil { return "", err } @@ -131,7 +169,7 @@ func (b *buildFile) Run(context io.Reader) (string, error) { } if b.image == "" { - return "", fmt.Errorf("No image was generated. This may be because the Dockerfile does not, like, do anything.\n") + return "", fmt.Errorf("No image was generated. Is your Dockerfile empty?\n") } fmt.Fprintf(b.options.OutStream, "Successfully built %s\n", utils.TruncateID(b.image)) @@ -153,6 +191,20 @@ func initRunConfig() *runconfig.Config { } } +// This method is the entrypoint to all statement handling routines. +// +// Almost all nodes will have this structure: +// Child[Node, Node, Node] where Child is from parser.Node.Children and each +// node comes from parser.Node.Next. This forms a "line" with a statement and +// arguments and we process them in this normalized form by hitting +// evaluateTable with the leaf nodes of the command and the buildFile object. +// +// ONBUILD is a special case; in this case the parser will emit: +// Child[Node, Child[Node, Node...]] where the first node is the literal +// "onbuild" and the child entrypoint is the command of the ONBUILD statmeent, +// such as `RUN` in ONBUILD RUN foo. There is special case logic in here to +// deal with that, at least until it becomes more of a general concern with new +// features. func (b *buildFile) dispatch(stepN int, ast *parser.Node) error { cmd := ast.Value strs := []string{} diff --git a/components/engine/builder/evaluator/internals.go b/components/engine/builder/evaluator/internals.go index 719a6d3639..b55b0b967c 100644 --- a/components/engine/builder/evaluator/internals.go +++ b/components/engine/builder/evaluator/internals.go @@ -1,5 +1,8 @@ package evaluator +// internals for handling commands. Covers many areas and a lot of +// non-contiguous functionality. Please read the comments. + import ( "crypto/sha256" "encoding/hex" diff --git a/components/engine/builder/evaluator/support.go b/components/engine/builder/evaluator/support.go index da9f64695e..21dd7ccd3c 100644 --- a/components/engine/builder/evaluator/support.go +++ b/components/engine/builder/evaluator/support.go @@ -9,6 +9,7 @@ var ( TOKEN_ENV_INTERPOLATION = regexp.MustCompile("(\\\\\\\\+|[^\\\\]|\\b|\\A)\\$({?)([[:alnum:]_]+)(}?)") ) +// handle environment replacement. Used in dispatcher. func replaceEnv(b *buildFile, str string) string { for _, match := range TOKEN_ENV_INTERPOLATION.FindAllString(str, -1) { match = match[strings.Index(match, "$"):] diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go index 9ae2a3191f..71e704791f 100644 --- a/components/engine/builder/parser/line_parsers.go +++ b/components/engine/builder/parser/line_parsers.go @@ -1,5 +1,11 @@ package parser +// line parsers are dispatch calls that parse a single unit of text into a +// Node object which contains the whole statement. Dockerfiles have varied +// (but not usually unique, see ONBUILD for a unique example) parsing rules +// per-command, and these unify the processing in a way that makes it +// manageable. + import ( "encoding/json" "strconv" @@ -12,6 +18,11 @@ func parseIgnore(rest string) (*Node, error) { return blankNode(), nil } +// used for onbuild. Could potentially be used for anything that represents a +// statement with sub-statements. +// +// ONBUILD RUN foo bar -> (onbuild (run foo bar)) +// func parseSubCommand(rest string) (*Node, error) { _, child, err := parseLine(rest) if err != nil { diff --git a/components/engine/builder/parser/parser.go b/components/engine/builder/parser/parser.go index 08f67dbb2c..03196c7da9 100644 --- a/components/engine/builder/parser/parser.go +++ b/components/engine/builder/parser/parser.go @@ -8,32 +8,17 @@ import ( "strings" ) -// Node is the building block of the AST this package will create. +// Node is a structure used to represent a parse tree. // -// Nodes are structured to have a value, next, and child, the latter two of -// which are Nodes themselves. +// In the node there are three fields, Value, Next, and Children. Value is the +// current token's string value. Next is always the next non-child token, and +// children contains all the children. Here's an example: // -// This terminology is unfortunately rather confusing, so here's a diagram. -// Anything after the ; is a comment. +// (value next (child child-next child-next-next) next-next) // -// ( -// (run "foo") ; value run, and next is a value foo. -// (run "1" "2" "3") ; -// (something (really cool)) -// ) -// -// Will give you something like this: -// -// &Node{ -// Value:"", -// Child: &Node{Value: "run", Next: &Node{Value: "foo"}, Child: nil}, -// Next: &Node{Value:"", Child: &Node{Value:"run", Next: &Node{Value:`"1"`.... -// -// ... and so on. -// -// The short and fast rule is that anything that starts with ( is a child of -// something. Anything which follows a previous statement is a next of -// something. +// This data structure is frankly pretty lousy for handling complex languages, +// but lucky for us the Dockerfile isn't very complicated. This structure +// works a little more effectively than a "proper" parse tree for our needs. // type Node struct { Value string // actual content @@ -79,6 +64,7 @@ func blankNode() *Node { return &Node{"", nil, []*Node{}} } +// parse a line and return the remainder. func parseLine(line string) (string, *Node, error) { if line = stripComments(line); line == "" { return "", nil, nil From b8ca57b41d9cf00c34d60848cfae95153e0ce2b3 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Thu, 7 Aug 2014 00:42:10 -0700 Subject: [PATCH 061/540] builder: negative test support, fix for shykes's broken dockerfile Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 4122a981ae12851f71bbf6ec46e03bba288e4143 Component: engine --- .../engine/builder/parser/line_parsers.go | 9 ++++++ .../engine/builder/parser/parser_test.go | 29 +++++++++++++++++-- .../shykes-nested-json/Dockerfile | 1 + 3 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 components/engine/builder/parser/testfiles-negative/shykes-nested-json/Dockerfile diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go index 71e704791f..ec748106fc 100644 --- a/components/engine/builder/parser/line_parsers.go +++ b/components/engine/builder/parser/line_parsers.go @@ -8,10 +8,15 @@ package parser import ( "encoding/json" + "errors" "strconv" "strings" ) +var ( + dockerFileErrJSONNesting = errors.New("You may not nest arrays in Dockerfile statements.") +) + // ignore the current argument. This will still leave a command parsed, but // will not incorporate the arguments into the ast. func parseIgnore(rest string) (*Node, error) { @@ -86,6 +91,8 @@ func parseJSON(rest string) (*Node, error) { for _, str := range myJson { switch str.(type) { + case []interface{}: + return nil, dockerFileErrJSONNesting case float64: str = strconv.FormatFloat(str.(float64), 'G', -1, 64) } @@ -110,6 +117,8 @@ func parseMaybeJSON(rest string) (*Node, error) { node, err := parseJSON(rest) if err == nil { return node, nil + } else if err == dockerFileErrJSONNesting { + return nil, err } } diff --git a/components/engine/builder/parser/parser_test.go b/components/engine/builder/parser/parser_test.go index 1482a011fe..3969b01fca 100644 --- a/components/engine/builder/parser/parser_test.go +++ b/components/engine/builder/parser/parser_test.go @@ -8,9 +8,10 @@ import ( ) const testDir = "testfiles" +const negativeTestDir = "testfiles-negative" -func TestTestData(t *testing.T) { - f, err := os.Open(testDir) +func getDirs(t *testing.T, dir string) []os.FileInfo { + f, err := os.Open(dir) if err != nil { t.Fatal(err) } @@ -22,7 +23,29 @@ func TestTestData(t *testing.T) { t.Fatal(err) } - for _, dir := range dirs { + return dirs +} + +func TestTestNegative(t *testing.T) { + for _, dir := range getDirs(t, negativeTestDir) { + dockerfile := filepath.Join(negativeTestDir, dir.Name(), "Dockerfile") + + df, err := os.Open(dockerfile) + if err != nil { + t.Fatalf("Dockerfile missing for %s: %s", dir.Name(), err.Error()) + } + + _, err = Parse(df) + if err == nil { + t.Fatalf("No error parsing broken dockerfile for %s: %s", dir.Name(), err.Error()) + } + + df.Close() + } +} + +func TestTestData(t *testing.T) { + for _, dir := range getDirs(t, testDir) { dockerfile := filepath.Join(testDir, dir.Name(), "Dockerfile") resultfile := filepath.Join(testDir, dir.Name(), "result") diff --git a/components/engine/builder/parser/testfiles-negative/shykes-nested-json/Dockerfile b/components/engine/builder/parser/testfiles-negative/shykes-nested-json/Dockerfile new file mode 100644 index 0000000000..d1be4596c7 --- /dev/null +++ b/components/engine/builder/parser/testfiles-negative/shykes-nested-json/Dockerfile @@ -0,0 +1 @@ +CMD [ "echo", [ "nested json" ] ] From 27916f0d04b71835598c3b8783ca3c8359eb106c Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Fri, 8 Aug 2014 13:44:57 -0700 Subject: [PATCH 062/540] builder: handle certain classes of JSON errors gracefully Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 21b15ac920d5e51f636d7febf07a4a52f5e61bff Component: engine --- components/engine/builder/parser/line_parsers.go | 6 ++++-- components/engine/builder/parser/parser_test.go | 2 +- .../Dockerfile | 1 + .../jeztah-invalid-json-json-inside-string-double/result | 1 + .../jeztah-invalid-json-json-inside-string/Dockerfile | 1 + .../testfiles/jeztah-invalid-json-json-inside-string/result | 1 + .../testfiles/jeztah-invalid-json-single-quotes/Dockerfile | 1 + .../testfiles/jeztah-invalid-json-single-quotes/result | 1 + .../jeztah-invalid-json-unterminated-bracket/Dockerfile | 1 + .../jeztah-invalid-json-unterminated-bracket/result | 1 + .../jeztah-invalid-json-unterminated-string/Dockerfile | 1 + .../jeztah-invalid-json-unterminated-string/result | 1 + 12 files changed, 15 insertions(+), 3 deletions(-) create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string-double/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string-double/result create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string/result create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-single-quotes/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-single-quotes/result create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-bracket/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-bracket/result create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-string/Dockerfile create mode 100644 components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-string/result diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go index ec748106fc..1e460697ca 100644 --- a/components/engine/builder/parser/line_parsers.go +++ b/components/engine/builder/parser/line_parsers.go @@ -91,10 +91,11 @@ func parseJSON(rest string) (*Node, error) { for _, str := range myJson { switch str.(type) { - case []interface{}: - return nil, dockerFileErrJSONNesting + case string: case float64: str = strconv.FormatFloat(str.(float64), 'G', -1, 64) + default: + return nil, dockerFileErrJSONNesting } next.Value = str.(string) next.Next = blankNode() @@ -115,6 +116,7 @@ func parseMaybeJSON(rest string) (*Node, error) { if strings.HasPrefix(rest, "[") { node, err := parseJSON(rest) + if err == nil { return node, nil } else if err == dockerFileErrJSONNesting { diff --git a/components/engine/builder/parser/parser_test.go b/components/engine/builder/parser/parser_test.go index 3969b01fca..871da477c1 100644 --- a/components/engine/builder/parser/parser_test.go +++ b/components/engine/builder/parser/parser_test.go @@ -37,7 +37,7 @@ func TestTestNegative(t *testing.T) { _, err = Parse(df) if err == nil { - t.Fatalf("No error parsing broken dockerfile for %s: %s", dir.Name(), err.Error()) + t.Fatalf("No error parsing broken dockerfile for %s", dir.Name()) } df.Close() diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string-double/Dockerfile b/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string-double/Dockerfile new file mode 100644 index 0000000000..39fe27d99c --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string-double/Dockerfile @@ -0,0 +1 @@ +CMD "[\"echo\", \"Phew, I just managed to escaped those double quotes\"]" diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string-double/result b/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string-double/result new file mode 100644 index 0000000000..bfd84ae489 --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string-double/result @@ -0,0 +1 @@ +(cmd "\"[\\\"echo\\\", \\\"Phew, I just managed to escaped those double quotes\\\"]\"") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string/Dockerfile b/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string/Dockerfile new file mode 100644 index 0000000000..eaae081a06 --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string/Dockerfile @@ -0,0 +1 @@ +CMD '["echo", "Well, JSON in a string is JSON too?"]' diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string/result b/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string/result new file mode 100644 index 0000000000..f8f7b5017b --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-json-inside-string/result @@ -0,0 +1 @@ +(cmd "'[\"echo\", \"Well, JSON in a string is JSON too?\"]'") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-single-quotes/Dockerfile b/components/engine/builder/parser/testfiles/jeztah-invalid-json-single-quotes/Dockerfile new file mode 100644 index 0000000000..c3ac63c07a --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-single-quotes/Dockerfile @@ -0,0 +1 @@ +CMD ['echo','single quotes are invalid JSON'] diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-single-quotes/result b/components/engine/builder/parser/testfiles/jeztah-invalid-json-single-quotes/result new file mode 100644 index 0000000000..0623f8bf45 --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-single-quotes/result @@ -0,0 +1 @@ +(cmd "['echo','single quotes are invalid JSON']") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-bracket/Dockerfile b/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-bracket/Dockerfile new file mode 100644 index 0000000000..5fd4afa522 --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-bracket/Dockerfile @@ -0,0 +1 @@ +CMD ["echo", "Please, close the brackets when you're done" diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-bracket/result b/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-bracket/result new file mode 100644 index 0000000000..d621ddcff3 --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-bracket/result @@ -0,0 +1 @@ +(cmd "[\"echo\", \"Please, close the brackets when you're done\"") \ No newline at end of file diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-string/Dockerfile b/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-string/Dockerfile new file mode 100644 index 0000000000..30cc4bb48f --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-string/Dockerfile @@ -0,0 +1 @@ +CMD ["echo", "look ma, no quote!] diff --git a/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-string/result b/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-string/result new file mode 100644 index 0000000000..acedd80c45 --- /dev/null +++ b/components/engine/builder/parser/testfiles/jeztah-invalid-json-unterminated-string/result @@ -0,0 +1 @@ +(cmd "[\"echo\", \"look ma, no quote!]") \ No newline at end of file From 79129740f8a5aefa4598dd5bc96f0ba4eb1fafd6 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Sun, 10 Aug 2014 04:01:10 -0700 Subject: [PATCH 063/540] builder: Remove blankNode(), use &Node{} instead. Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 135f54ccbfb6f638b4ab0be67a215adbad246ecb Component: engine --- components/engine/builder/parser/line_parsers.go | 16 ++++++++-------- components/engine/builder/parser/parser.go | 9 ++------- 2 files changed, 10 insertions(+), 15 deletions(-) diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go index 1e460697ca..ff1f3483e9 100644 --- a/components/engine/builder/parser/line_parsers.go +++ b/components/engine/builder/parser/line_parsers.go @@ -20,7 +20,7 @@ var ( // ignore the current argument. This will still leave a command parsed, but // will not incorporate the arguments into the ast. func parseIgnore(rest string) (*Node, error) { - return blankNode(), nil + return &Node{}, nil } // used for onbuild. Could potentially be used for anything that represents a @@ -40,11 +40,11 @@ func parseSubCommand(rest string) (*Node, error) { // parse environment like statements. Note that this does *not* handle // variable interpolation, which will be handled in the evaluator. func parseEnv(rest string) (*Node, error) { - node := blankNode() + node := &Node{} rootnode := node strs := TOKEN_WHITESPACE.Split(rest, 2) node.Value = strs[0] - node.Next = blankNode() + node.Next = &Node{} node.Next.Value = strs[1] return rootnode, nil @@ -53,13 +53,13 @@ func parseEnv(rest string) (*Node, error) { // parses a whitespace-delimited set of arguments. The result is effectively a // linked list of string arguments. func parseStringsWhitespaceDelimited(rest string) (*Node, error) { - node := blankNode() + node := &Node{} rootnode := node prevnode := node for _, str := range TOKEN_WHITESPACE.Split(rest, -1) { // use regexp prevnode = node node.Value = str - node.Next = blankNode() + node.Next = &Node{} node = node.Next } @@ -80,7 +80,7 @@ func parseString(rest string) (*Node, error) { func parseJSON(rest string) (*Node, error) { var ( myJson []interface{} - next = blankNode() + next = &Node{} orignext = next prevnode = next ) @@ -98,7 +98,7 @@ func parseJSON(rest string) (*Node, error) { return nil, dockerFileErrJSONNesting } next.Value = str.(string) - next.Next = blankNode() + next.Next = &Node{} prevnode = next next = next.Next } @@ -124,7 +124,7 @@ func parseMaybeJSON(rest string) (*Node, error) { } } - node := blankNode() + node := &Node{} node.Value = rest return node, nil } diff --git a/components/engine/builder/parser/parser.go b/components/engine/builder/parser/parser.go index 03196c7da9..17e0f72aae 100644 --- a/components/engine/builder/parser/parser.go +++ b/components/engine/builder/parser/parser.go @@ -59,11 +59,6 @@ func init() { } } -// empty node. Useful for managing structure. -func blankNode() *Node { - return &Node{"", nil, []*Node{}} -} - // parse a line and return the remainder. func parseLine(line string) (string, *Node, error) { if line = stripComments(line); line == "" { @@ -77,7 +72,7 @@ func parseLine(line string) (string, *Node, error) { cmd, args := splitCommand(line) - node := blankNode() + node := &Node{} node.Value = cmd sexp, err := fullDispatch(cmd, args) @@ -96,7 +91,7 @@ func Parse(rwc io.Reader) (*Node, error) { var child *Node var line string var err error - root := blankNode() + root := &Node{} scanner := bufio.NewScanner(rwc) for scanner.Scan() { From 6e79082f26bb7095032dd86632c9266bf1d7c37e Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Sun, 10 Aug 2014 04:05:34 -0700 Subject: [PATCH 064/540] builder/parser: Rewrite Parse() to use := instead of var Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 248f4c4f751b76f330278b04d2297bfcf97eec48 Component: engine --- components/engine/builder/parser/parser.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/components/engine/builder/parser/parser.go b/components/engine/builder/parser/parser.go index 17e0f72aae..cb9d28206d 100644 --- a/components/engine/builder/parser/parser.go +++ b/components/engine/builder/parser/parser.go @@ -88,14 +88,11 @@ func parseLine(line string) (string, *Node, error) { // The main parse routine. Handles an io.ReadWriteCloser and returns the root // of the AST. func Parse(rwc io.Reader) (*Node, error) { - var child *Node - var line string - var err error root := &Node{} scanner := bufio.NewScanner(rwc) for scanner.Scan() { - line, child, err = parseLine(strings.TrimSpace(scanner.Text())) + line, child, err := parseLine(strings.TrimSpace(scanner.Text())) if err != nil { return nil, err } From 5864fecb92dc201c54da91a0e2592f2bc996147d Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Sun, 10 Aug 2014 04:07:28 -0700 Subject: [PATCH 065/540] builder: Remove spurious .gitignores Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 3dfe5ddfb98a36ddcf2480720255a3a00f5fbc1d Component: engine --- components/engine/builder/.gitignore | 2 -- components/engine/builder/parser/dumper/.gitignore | 2 -- 2 files changed, 4 deletions(-) delete mode 100644 components/engine/builder/.gitignore delete mode 100644 components/engine/builder/parser/dumper/.gitignore diff --git a/components/engine/builder/.gitignore b/components/engine/builder/.gitignore deleted file mode 100644 index 34b1c07205..0000000000 --- a/components/engine/builder/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -main -gopath diff --git a/components/engine/builder/parser/dumper/.gitignore b/components/engine/builder/parser/dumper/.gitignore deleted file mode 100644 index d80aecaec6..0000000000 --- a/components/engine/builder/parser/dumper/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -dumper -Dockerfile From b36a54587e24479186c61e0e8193e2150818ee42 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Mon, 11 Aug 2014 08:44:31 -0700 Subject: [PATCH 066/540] builder: fix references to jobs in daemon, make builder a first class package referring to evaluator Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 1ae4c00a19edb7d3b41c050489e56339833d8e01 Component: engine --- components/engine/builder/builder.go | 34 + .../engine/builder/evaluator/dispatchers.go | 106 +- .../engine/builder/evaluator/evaluator.go | 88 +- .../engine/builder/evaluator/internals.go | 130 +-- .../engine/builder/evaluator/support.go | 4 +- components/engine/builder/job.go | 119 ++ components/engine/daemon/build.go | 1006 ----------------- components/engine/daemon/daemon.go | 1 - components/engine/docker/daemon.go | 5 + 9 files changed, 309 insertions(+), 1184 deletions(-) create mode 100644 components/engine/builder/builder.go create mode 100644 components/engine/builder/job.go delete mode 100644 components/engine/daemon/build.go diff --git a/components/engine/builder/builder.go b/components/engine/builder/builder.go new file mode 100644 index 0000000000..1720b7b99f --- /dev/null +++ b/components/engine/builder/builder.go @@ -0,0 +1,34 @@ +package builder + +import ( + "github.com/docker/docker/builder/evaluator" + "github.com/docker/docker/nat" + "github.com/docker/docker/runconfig" +) + +// Create a new builder. +func NewBuilder(opts *evaluator.BuildOpts) *evaluator.BuildFile { + return &evaluator.BuildFile{ + Dockerfile: nil, + Env: evaluator.EnvMap{}, + Config: initRunConfig(), + Options: opts, + TmpContainers: evaluator.UniqueMap{}, + TmpImages: evaluator.UniqueMap{}, + } +} + +func initRunConfig() *runconfig.Config { + return &runconfig.Config{ + PortSpecs: []string{}, + // FIXME(erikh) this should be a type that lives in runconfig + ExposedPorts: map[nat.Port]struct{}{}, + Env: []string{}, + Cmd: []string{}, + + // FIXME(erikh) this should also be a type in runconfig + Volumes: map[string]struct{}{}, + Entrypoint: []string{"/bin/sh", "-c"}, + OnBuild: []string{}, + } +} diff --git a/components/engine/builder/evaluator/dispatchers.go b/components/engine/builder/evaluator/dispatchers.go index e7db2f008b..d05777981e 100644 --- a/components/engine/builder/evaluator/dispatchers.go +++ b/components/engine/builder/evaluator/dispatchers.go @@ -18,7 +18,7 @@ import ( ) // dispatch with no layer / parsing. This is effectively not a command. -func nullDispatch(b *buildFile, args []string) error { +func nullDispatch(b *BuildFile, args []string) error { return nil } @@ -27,7 +27,7 @@ func nullDispatch(b *buildFile, args []string) error { // Sets the environment variable foo to bar, also makes interpolation // in the dockerfile available from the next statement on via ${foo}. // -func env(b *buildFile, args []string) error { +func env(b *BuildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("ENV accepts two arguments") } @@ -35,22 +35,22 @@ func env(b *buildFile, args []string) error { // the duplication here is intended to ease the replaceEnv() call's env // handling. This routine gets much shorter with the denormalization here. key := args[0] - b.env[key] = args[1] - b.config.Env = append(b.config.Env, strings.Join([]string{key, b.env[key]}, "=")) + b.Env[key] = args[1] + b.Config.Env = append(b.Config.Env, strings.Join([]string{key, b.Env[key]}, "=")) - return b.commit("", b.config.Cmd, fmt.Sprintf("ENV %s=%s", key, b.env[key])) + return b.commit("", b.Config.Cmd, fmt.Sprintf("ENV %s=%s", key, b.Env[key])) } // MAINTAINER some text // // Sets the maintainer metadata. -func maintainer(b *buildFile, args []string) error { +func maintainer(b *BuildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("MAINTAINER requires only one argument") } b.maintainer = args[0] - return b.commit("", b.config.Cmd, fmt.Sprintf("MAINTAINER %s", b.maintainer)) + return b.commit("", b.Config.Cmd, fmt.Sprintf("MAINTAINER %s", b.maintainer)) } // ADD foo /path @@ -58,7 +58,7 @@ func maintainer(b *buildFile, args []string) error { // Add the file 'foo' to '/path'. Tarball and Remote URL (git, http) handling // exist here. If you do not wish to have this automatic handling, use COPY. // -func add(b *buildFile, args []string) error { +func add(b *BuildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("ADD requires two arguments") } @@ -70,7 +70,7 @@ func add(b *buildFile, args []string) error { // // Same as 'ADD' but without the tar and remote url handling. // -func dispatchCopy(b *buildFile, args []string) error { +func dispatchCopy(b *BuildFile, args []string) error { if len(args) != 2 { return fmt.Errorf("COPY requires two arguments") } @@ -82,16 +82,16 @@ func dispatchCopy(b *buildFile, args []string) error { // // This sets the image the dockerfile will build on top of. // -func from(b *buildFile, args []string) error { +func from(b *BuildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("FROM requires one argument") } name := args[0] - image, err := b.options.Daemon.Repositories().LookupImage(name) + image, err := b.Options.Daemon.Repositories().LookupImage(name) if err != nil { - if b.options.Daemon.Graph().IsNotExist(err) { + if b.Options.Daemon.Graph().IsNotExist(err) { image, err = b.pullImage(name) } @@ -114,7 +114,7 @@ func from(b *buildFile, args []string) error { // special cases. search for 'OnBuild' in internals.go for additional special // cases. // -func onbuild(b *buildFile, args []string) error { +func onbuild(b *BuildFile, args []string) error { triggerInstruction := strings.ToUpper(strings.TrimSpace(args[0])) switch triggerInstruction { case "ONBUILD": @@ -125,15 +125,15 @@ func onbuild(b *buildFile, args []string) error { trigger := strings.Join(args, " ") - b.config.OnBuild = append(b.config.OnBuild, trigger) - return b.commit("", b.config.Cmd, fmt.Sprintf("ONBUILD %s", trigger)) + b.Config.OnBuild = append(b.Config.OnBuild, trigger) + return b.commit("", b.Config.Cmd, fmt.Sprintf("ONBUILD %s", trigger)) } // WORKDIR /tmp // // Set the working directory for future RUN/CMD/etc statements. // -func workdir(b *buildFile, args []string) error { +func workdir(b *BuildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("WORKDIR requires exactly one argument") } @@ -141,15 +141,15 @@ func workdir(b *buildFile, args []string) error { workdir := args[0] if workdir[0] == '/' { - b.config.WorkingDir = workdir + b.Config.WorkingDir = workdir } else { - if b.config.WorkingDir == "" { - b.config.WorkingDir = "/" + if b.Config.WorkingDir == "" { + b.Config.WorkingDir = "/" } - b.config.WorkingDir = filepath.Join(b.config.WorkingDir, workdir) + b.Config.WorkingDir = filepath.Join(b.Config.WorkingDir, workdir) } - return b.commit("", b.config.Cmd, fmt.Sprintf("WORKDIR %v", workdir)) + return b.commit("", b.Config.Cmd, fmt.Sprintf("WORKDIR %v", workdir)) } // RUN some command yo @@ -161,7 +161,7 @@ func workdir(b *buildFile, args []string) error { // RUN echo hi # sh -c echo hi // RUN [ "echo", "hi" ] # echo hi // -func run(b *buildFile, args []string) error { +func run(b *BuildFile, args []string) error { if len(args) == 1 { // literal string command, not an exec array args = append([]string{"/bin/sh", "-c"}, args[0]) } @@ -175,14 +175,14 @@ func run(b *buildFile, args []string) error { return err } - cmd := b.config.Cmd + cmd := b.Config.Cmd // set Cmd manually, this is special case only for Dockerfiles - b.config.Cmd = config.Cmd - runconfig.Merge(b.config, config) + b.Config.Cmd = config.Cmd + runconfig.Merge(b.Config, config) - defer func(cmd []string) { b.config.Cmd = cmd }(cmd) + defer func(cmd []string) { b.Config.Cmd = cmd }(cmd) - utils.Debugf("Command to be executed: %v", b.config.Cmd) + utils.Debugf("Command to be executed: %v", b.Config.Cmd) hit, err := b.probeCache() if err != nil { @@ -217,13 +217,13 @@ func run(b *buildFile, args []string) error { // Set the default command to run in the container (which may be empty). // Argument handling is the same as RUN. // -func cmd(b *buildFile, args []string) error { +func cmd(b *BuildFile, args []string) error { if len(args) < 2 { args = append([]string{"/bin/sh", "-c"}, args...) } - b.config.Cmd = args - if err := b.commit("", b.config.Cmd, fmt.Sprintf("CMD %v", cmd)); err != nil { + b.Config.Cmd = args + if err := b.commit("", b.Config.Cmd, fmt.Sprintf("CMD %v", cmd)); err != nil { return err } @@ -236,17 +236,17 @@ func cmd(b *buildFile, args []string) error { // Set the entrypoint (which defaults to sh -c) to /usr/sbin/nginx. Will // accept the CMD as the arguments to /usr/sbin/nginx. // -// Handles command processing similar to CMD and RUN, only b.config.Entrypoint +// Handles command processing similar to CMD and RUN, only b.Config.Entrypoint // is initialized at NewBuilder time instead of through argument parsing. // -func entrypoint(b *buildFile, args []string) error { - b.config.Entrypoint = args +func entrypoint(b *BuildFile, args []string) error { + b.Config.Entrypoint = args // if there is no cmd in current Dockerfile - cleanup cmd if !b.cmdSet { - b.config.Cmd = nil + b.Config.Cmd = nil } - if err := b.commit("", b.config.Cmd, fmt.Sprintf("ENTRYPOINT %v", entrypoint)); err != nil { + if err := b.commit("", b.Config.Cmd, fmt.Sprintf("ENTRYPOINT %v", entrypoint)); err != nil { return err } return nil @@ -255,28 +255,28 @@ func entrypoint(b *buildFile, args []string) error { // EXPOSE 6667/tcp 7000/tcp // // Expose ports for links and port mappings. This all ends up in -// b.config.ExposedPorts for runconfig. +// b.Config.ExposedPorts for runconfig. // -func expose(b *buildFile, args []string) error { +func expose(b *BuildFile, args []string) error { portsTab := args - if b.config.ExposedPorts == nil { - b.config.ExposedPorts = make(nat.PortSet) + if b.Config.ExposedPorts == nil { + b.Config.ExposedPorts = make(nat.PortSet) } - ports, _, err := nat.ParsePortSpecs(append(portsTab, b.config.PortSpecs...)) + ports, _, err := nat.ParsePortSpecs(append(portsTab, b.Config.PortSpecs...)) if err != nil { return err } for port := range ports { - if _, exists := b.config.ExposedPorts[port]; !exists { - b.config.ExposedPorts[port] = struct{}{} + if _, exists := b.Config.ExposedPorts[port]; !exists { + b.Config.ExposedPorts[port] = struct{}{} } } - b.config.PortSpecs = nil + b.Config.PortSpecs = nil - return b.commit("", b.config.Cmd, fmt.Sprintf("EXPOSE %v", ports)) + return b.commit("", b.Config.Cmd, fmt.Sprintf("EXPOSE %v", ports)) } // USER foo @@ -284,13 +284,13 @@ func expose(b *buildFile, args []string) error { // Set the user to 'foo' for future commands and when running the // ENTRYPOINT/CMD at container run time. // -func user(b *buildFile, args []string) error { +func user(b *BuildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("USER requires exactly one argument") } - b.config.User = args[0] - return b.commit("", b.config.Cmd, fmt.Sprintf("USER %v", args)) + b.Config.User = args[0] + return b.commit("", b.Config.Cmd, fmt.Sprintf("USER %v", args)) } // VOLUME /foo @@ -298,26 +298,26 @@ func user(b *buildFile, args []string) error { // Expose the volume /foo for use. Will also accept the JSON form, but either // way requires exactly one argument. // -func volume(b *buildFile, args []string) error { +func volume(b *BuildFile, args []string) error { if len(args) != 1 { return fmt.Errorf("Volume cannot be empty") } volume := args - if b.config.Volumes == nil { - b.config.Volumes = map[string]struct{}{} + if b.Config.Volumes == nil { + b.Config.Volumes = map[string]struct{}{} } for _, v := range volume { - b.config.Volumes[v] = struct{}{} + b.Config.Volumes[v] = struct{}{} } - if err := b.commit("", b.config.Cmd, fmt.Sprintf("VOLUME %s", args)); err != nil { + if err := b.commit("", b.Config.Cmd, fmt.Sprintf("VOLUME %s", args)); err != nil { return err } return nil } // INSERT is no longer accepted, but we still parse it. -func insert(b *buildFile, args []string) error { +func insert(b *BuildFile, args []string) error { return fmt.Errorf("INSERT has been deprecated. Please use ADD instead") } diff --git a/components/engine/builder/evaluator/evaluator.go b/components/engine/builder/evaluator/evaluator.go index 2b22d47317..2eb2ba8b36 100644 --- a/components/engine/builder/evaluator/evaluator.go +++ b/components/engine/builder/evaluator/evaluator.go @@ -32,21 +32,23 @@ import ( "github.com/docker/docker/builder/parser" "github.com/docker/docker/daemon" "github.com/docker/docker/engine" - "github.com/docker/docker/nat" "github.com/docker/docker/pkg/tarsum" "github.com/docker/docker/registry" "github.com/docker/docker/runconfig" "github.com/docker/docker/utils" ) +type EnvMap map[string]string +type UniqueMap map[string]struct{} + var ( ErrDockerfileEmpty = errors.New("Dockerfile cannot be empty") ) -var evaluateTable map[string]func(*buildFile, []string) error +var evaluateTable map[string]func(*BuildFile, []string) error func init() { - evaluateTable = map[string]func(*buildFile, []string) error{ + evaluateTable = map[string]func(*BuildFile, []string) error{ "env": env, "maintainer": maintainer, "add": add, @@ -65,25 +67,24 @@ func init() { } } -type envMap map[string]string -type uniqueMap map[string]struct{} - // internal struct, used to maintain configuration of the Dockerfile's // processing as it evaluates the parsing result. -type buildFile struct { - dockerfile *parser.Node // the syntax tree of the dockerfile - env envMap // map of environment variables - image string // image name for commit processing - config *runconfig.Config // runconfig for cmd, run, entrypoint etc. - options *BuildOpts // see below - maintainer string // maintainer name. could probably be removed. - cmdSet bool // indicates is CMD was set in current Dockerfile - context *tarsum.TarSum // the context is a tarball that is uploaded by the client - contextPath string // the path of the temporary directory the local context is unpacked to (server side) +type BuildFile struct { + Dockerfile *parser.Node // the syntax tree of the dockerfile + Env EnvMap // map of environment variables + Config *runconfig.Config // runconfig for cmd, run, entrypoint etc. + Options *BuildOpts // see below // both of these are controlled by the Remove and ForceRemove options in BuildOpts - tmpContainers uniqueMap // a map of containers used for removes - tmpImages uniqueMap // a map of images used for removes + TmpContainers UniqueMap // a map of containers used for removes + TmpImages UniqueMap // a map of images used for removes + + image string // image name for commit processing + maintainer string // maintainer name. could probably be removed. + cmdSet bool // indicates is CMD was set in current Dockerfile + context *tarsum.TarSum // the context is a tarball that is uploaded by the client + contextPath string // the path of the temporary directory the local context is unpacked to (server side) + } type BuildOpts struct { @@ -110,18 +111,6 @@ type BuildOpts struct { StreamFormatter *utils.StreamFormatter } -// Create a new builder. -func NewBuilder(opts *BuildOpts) (*buildFile, error) { - return &buildFile{ - dockerfile: nil, - env: envMap{}, - config: initRunConfig(), - options: opts, - tmpContainers: make(uniqueMap), - tmpImages: make(uniqueMap), - }, nil -} - // Run the builder with the context. This is the lynchpin of this package. This // will (barring errors): // @@ -134,7 +123,7 @@ func NewBuilder(opts *BuildOpts) (*buildFile, error) { // processing. // * Print a happy message and return the image ID. // -func (b *buildFile) Run(context io.Reader) (string, error) { +func (b *BuildFile) Run(context io.Reader) (string, error) { if err := b.readContext(context); err != nil { return "", err } @@ -155,16 +144,16 @@ func (b *buildFile) Run(context io.Reader) (string, error) { return "", err } - b.dockerfile = ast + b.Dockerfile = ast - for i, n := range b.dockerfile.Children { + for i, n := range b.Dockerfile.Children { if err := b.dispatch(i, n); err != nil { - if b.options.ForceRemove { - b.clearTmp(b.tmpContainers) + if b.Options.ForceRemove { + b.clearTmp(b.TmpContainers) } return "", err - } else if b.options.Remove { - b.clearTmp(b.tmpContainers) + } else if b.Options.Remove { + b.clearTmp(b.TmpContainers) } } @@ -172,32 +161,17 @@ func (b *buildFile) Run(context io.Reader) (string, error) { return "", fmt.Errorf("No image was generated. Is your Dockerfile empty?\n") } - fmt.Fprintf(b.options.OutStream, "Successfully built %s\n", utils.TruncateID(b.image)) + fmt.Fprintf(b.Options.OutStream, "Successfully built %s\n", utils.TruncateID(b.image)) return b.image, nil } -func initRunConfig() *runconfig.Config { - return &runconfig.Config{ - PortSpecs: []string{}, - // FIXME(erikh) this should be a type that lives in runconfig - ExposedPorts: map[nat.Port]struct{}{}, - Env: []string{}, - Cmd: []string{}, - - // FIXME(erikh) this should also be a type in runconfig - Volumes: map[string]struct{}{}, - Entrypoint: []string{"/bin/sh", "-c"}, - OnBuild: []string{}, - } -} - // This method is the entrypoint to all statement handling routines. // // Almost all nodes will have this structure: // Child[Node, Node, Node] where Child is from parser.Node.Children and each // node comes from parser.Node.Next. This forms a "line" with a statement and // arguments and we process them in this normalized form by hitting -// evaluateTable with the leaf nodes of the command and the buildFile object. +// evaluateTable with the leaf nodes of the command and the BuildFile object. // // ONBUILD is a special case; in this case the parser will emit: // Child[Node, Child[Node, Node...]] where the first node is the literal @@ -205,12 +179,12 @@ func initRunConfig() *runconfig.Config { // such as `RUN` in ONBUILD RUN foo. There is special case logic in here to // deal with that, at least until it becomes more of a general concern with new // features. -func (b *buildFile) dispatch(stepN int, ast *parser.Node) error { +func (b *BuildFile) dispatch(stepN int, ast *parser.Node) error { cmd := ast.Value strs := []string{} if cmd == "onbuild" { - fmt.Fprintf(b.options.OutStream, "%#v\n", ast.Next.Children[0].Value) + fmt.Fprintf(b.Options.OutStream, "%#v\n", ast.Next.Children[0].Value) ast = ast.Next.Children[0] strs = append(strs, ast.Value) } @@ -220,7 +194,7 @@ func (b *buildFile) dispatch(stepN int, ast *parser.Node) error { strs = append(strs, replaceEnv(b, ast.Value)) } - fmt.Fprintf(b.options.OutStream, "Step %d : %s %s\n", stepN, strings.ToUpper(cmd), strings.Join(strs, " ")) + fmt.Fprintf(b.Options.OutStream, "Step %d : %s %s\n", stepN, strings.ToUpper(cmd), strings.Join(strs, " ")) // XXX yes, we skip any cmds that are not valid; the parser should have // picked these out already. diff --git a/components/engine/builder/evaluator/internals.go b/components/engine/builder/evaluator/internals.go index b55b0b967c..5ceb2f88a2 100644 --- a/components/engine/builder/evaluator/internals.go +++ b/components/engine/builder/evaluator/internals.go @@ -30,7 +30,7 @@ import ( "github.com/docker/docker/utils" ) -func (b *buildFile) readContext(context io.Reader) error { +func (b *BuildFile) readContext(context io.Reader) error { tmpdirPath, err := ioutil.TempDir("", "docker-build") if err != nil { return err @@ -50,15 +50,15 @@ func (b *buildFile) readContext(context io.Reader) error { return nil } -func (b *buildFile) commit(id string, autoCmd []string, comment string) error { +func (b *BuildFile) commit(id string, autoCmd []string, comment string) error { if b.image == "" { return fmt.Errorf("Please provide a source image with `from` prior to commit") } - b.config.Image = b.image + b.Config.Image = b.image if id == "" { - cmd := b.config.Cmd - b.config.Cmd = []string{"/bin/sh", "-c", "#(nop) " + comment} - defer func(cmd []string) { b.config.Cmd = cmd }(cmd) + cmd := b.Config.Cmd + b.Config.Cmd = []string{"/bin/sh", "-c", "#(nop) " + comment} + defer func(cmd []string) { b.Config.Cmd = cmd }(cmd) hit, err := b.probeCache() if err != nil { @@ -68,15 +68,15 @@ func (b *buildFile) commit(id string, autoCmd []string, comment string) error { return nil } - container, warnings, err := b.options.Daemon.Create(b.config, "") + container, warnings, err := b.Options.Daemon.Create(b.Config, "") if err != nil { return err } for _, warning := range warnings { - fmt.Fprintf(b.options.OutStream, " ---> [Warning] %s\n", warning) + fmt.Fprintf(b.Options.OutStream, " ---> [Warning] %s\n", warning) } - b.tmpContainers[container.ID] = struct{}{} - fmt.Fprintf(b.options.OutStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) + b.TmpContainers[container.ID] = struct{}{} + fmt.Fprintf(b.Options.OutStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) id = container.ID if err := container.Mount(); err != nil { @@ -84,25 +84,25 @@ func (b *buildFile) commit(id string, autoCmd []string, comment string) error { } defer container.Unmount() } - container := b.options.Daemon.Get(id) + container := b.Options.Daemon.Get(id) if container == nil { return fmt.Errorf("An error occured while creating the container") } // Note: Actually copy the struct - autoConfig := *b.config + autoConfig := *b.Config autoConfig.Cmd = autoCmd // Commit the container - image, err := b.options.Daemon.Commit(container, "", "", "", b.maintainer, true, &autoConfig) + image, err := b.Options.Daemon.Commit(container, "", "", "", b.maintainer, true, &autoConfig) if err != nil { return err } - b.tmpImages[image.ID] = struct{}{} + b.TmpImages[image.ID] = struct{}{} b.image = image.ID return nil } -func (b *buildFile) runContextCommand(args []string, allowRemote bool, allowDecompression bool, cmdName string) error { +func (b *BuildFile) runContextCommand(args []string, allowRemote bool, allowDecompression bool, cmdName string) error { if b.context == nil { return fmt.Errorf("No context given. Impossible to use %s", cmdName) } @@ -114,10 +114,10 @@ func (b *buildFile) runContextCommand(args []string, allowRemote bool, allowDeco orig := args[0] dest := args[1] - cmd := b.config.Cmd - b.config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, orig, dest)} - defer func(cmd []string) { b.config.Cmd = cmd }(cmd) - b.config.Image = b.image + cmd := b.Config.Cmd + b.Config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, orig, dest)} + defer func(cmd []string) { b.Config.Cmd = cmd }(cmd) + b.Config.Image = b.image var ( origPath = orig @@ -201,7 +201,7 @@ func (b *buildFile) runContextCommand(args []string, allowRemote bool, allowDeco } // Hash path and check the cache - if b.options.UtilizeCache { + if b.Options.UtilizeCache { var ( hash string sums = b.context.GetSums() @@ -233,7 +233,7 @@ func (b *buildFile) runContextCommand(args []string, allowRemote bool, allowDeco hash = "file:" + h } } - b.config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, hash, dest)} + b.Config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, hash, dest)} hit, err := b.probeCache() if err != nil { return err @@ -245,11 +245,11 @@ func (b *buildFile) runContextCommand(args []string, allowRemote bool, allowDeco } // Create the container - container, _, err := b.options.Daemon.Create(b.config, "") + container, _, err := b.Options.Daemon.Create(b.Config, "") if err != nil { return err } - b.tmpContainers[container.ID] = struct{}{} + b.TmpContainers[container.ID] = struct{}{} if err := container.Mount(); err != nil { return err @@ -269,27 +269,27 @@ func (b *buildFile) runContextCommand(args []string, allowRemote bool, allowDeco return nil } -func (b *buildFile) pullImage(name string) (*imagepkg.Image, error) { +func (b *BuildFile) pullImage(name string) (*imagepkg.Image, error) { remote, tag := parsers.ParseRepositoryTag(name) - pullRegistryAuth := b.options.AuthConfig - if len(b.options.AuthConfigFile.Configs) > 0 { + pullRegistryAuth := b.Options.AuthConfig + if len(b.Options.AuthConfigFile.Configs) > 0 { // The request came with a full auth config file, we prefer to use that endpoint, _, err := registry.ResolveRepositoryName(remote) if err != nil { return nil, err } - resolvedAuth := b.options.AuthConfigFile.ResolveAuthConfig(endpoint) + resolvedAuth := b.Options.AuthConfigFile.ResolveAuthConfig(endpoint) pullRegistryAuth = &resolvedAuth } - job := b.options.Engine.Job("pull", remote, tag) - job.SetenvBool("json", b.options.StreamFormatter.Json()) + job := b.Options.Engine.Job("pull", remote, tag) + job.SetenvBool("json", b.Options.StreamFormatter.Json()) job.SetenvBool("parallel", true) job.SetenvJson("authConfig", pullRegistryAuth) - job.Stdout.Add(b.options.OutOld) + job.Stdout.Add(b.Options.OutOld) if err := job.Run(); err != nil { return nil, err } - image, err := b.options.Daemon.Repositories().LookupImage(name) + image, err := b.Options.Daemon.Repositories().LookupImage(name) if err != nil { return nil, err } @@ -297,23 +297,23 @@ func (b *buildFile) pullImage(name string) (*imagepkg.Image, error) { return image, nil } -func (b *buildFile) processImageFrom(img *imagepkg.Image) error { +func (b *BuildFile) processImageFrom(img *imagepkg.Image) error { b.image = img.ID - b.config = &runconfig.Config{} + b.Config = &runconfig.Config{} if img.Config != nil { - b.config = img.Config + b.Config = img.Config } - if b.config.Env == nil || len(b.config.Env) == 0 { - b.config.Env = append(b.config.Env, "PATH="+daemon.DefaultPathEnv) + if b.Config.Env == nil || len(b.Config.Env) == 0 { + b.Config.Env = append(b.Config.Env, "PATH="+daemon.DefaultPathEnv) } // Process ONBUILD triggers if they exist - if nTriggers := len(b.config.OnBuild); nTriggers != 0 { - fmt.Fprintf(b.options.ErrStream, "# Executing %d build triggers\n", nTriggers) + if nTriggers := len(b.Config.OnBuild); nTriggers != 0 { + fmt.Fprintf(b.Options.ErrStream, "# Executing %d build triggers\n", nTriggers) } // Copy the ONBUILD triggers, and remove them from the config, since the config will be commited. - onBuildTriggers := b.config.OnBuild - b.config.OnBuild = []string{} + onBuildTriggers := b.Config.OnBuild + b.Config.OnBuild = []string{} // FIXME rewrite this so that builder/parser is used; right now steps in // onbuild are muted because we have no good way to represent the step @@ -343,17 +343,17 @@ func (b *buildFile) processImageFrom(img *imagepkg.Image) error { return nil } -// probeCache checks to see if image-caching is enabled (`b.options.UtilizeCache`) -// and if so attempts to look up the current `b.image` and `b.config` pair -// in the current server `b.options.Daemon`. If an image is found, probeCache returns +// probeCache checks to see if image-caching is enabled (`b.Options.UtilizeCache`) +// and if so attempts to look up the current `b.image` and `b.Config` pair +// in the current server `b.Options.Daemon`. If an image is found, probeCache returns // `(true, nil)`. If no image is found, it returns `(false, nil)`. If there // is any error, it returns `(false, err)`. -func (b *buildFile) probeCache() (bool, error) { - if b.options.UtilizeCache { - if cache, err := b.options.Daemon.ImageGetCached(b.image, b.config); err != nil { +func (b *BuildFile) probeCache() (bool, error) { + if b.Options.UtilizeCache { + if cache, err := b.Options.Daemon.ImageGetCached(b.image, b.Config); err != nil { return false, err } else if cache != nil { - fmt.Fprintf(b.options.OutStream, " ---> Using cache\n") + fmt.Fprintf(b.Options.OutStream, " ---> Using cache\n") utils.Debugf("[BUILDER] Use cached version") b.image = cache.ID return true, nil @@ -364,37 +364,37 @@ func (b *buildFile) probeCache() (bool, error) { return false, nil } -func (b *buildFile) create() (*daemon.Container, error) { +func (b *BuildFile) create() (*daemon.Container, error) { if b.image == "" { return nil, fmt.Errorf("Please provide a source image with `from` prior to run") } - b.config.Image = b.image + b.Config.Image = b.image // Create the container - c, _, err := b.options.Daemon.Create(b.config, "") + c, _, err := b.Options.Daemon.Create(b.Config, "") if err != nil { return nil, err } - b.tmpContainers[c.ID] = struct{}{} - fmt.Fprintf(b.options.OutStream, " ---> Running in %s\n", utils.TruncateID(c.ID)) + b.TmpContainers[c.ID] = struct{}{} + fmt.Fprintf(b.Options.OutStream, " ---> Running in %s\n", utils.TruncateID(c.ID)) // override the entry point that may have been picked up from the base image - c.Path = b.config.Cmd[0] - c.Args = b.config.Cmd[1:] + c.Path = b.Config.Cmd[0] + c.Args = b.Config.Cmd[1:] return c, nil } -func (b *buildFile) run(c *daemon.Container) error { +func (b *BuildFile) run(c *daemon.Container) error { var errCh chan error - if b.options.Verbose { + if b.Options.Verbose { errCh = utils.Go(func() error { // FIXME: call the 'attach' job so that daemon.Attach can be made private // // FIXME (LK4D4): Also, maybe makes sense to call "logs" job, it is like attach // but without hijacking for stdin. Also, with attach there can be race // condition because of some output already was printed before it. - return <-b.options.Daemon.Attach(c, nil, nil, b.options.OutStream, b.options.ErrStream) + return <-b.Options.Daemon.Attach(c, nil, nil, b.Options.OutStream, b.Options.ErrStream) }) } @@ -412,7 +412,7 @@ func (b *buildFile) run(c *daemon.Container) error { // Wait for it to finish if ret, _ := c.State.WaitStop(-1 * time.Second); ret != 0 { err := &utils.JSONError{ - Message: fmt.Sprintf("The command %v returned a non-zero code: %d", b.config.Cmd, ret), + Message: fmt.Sprintf("The command %v returned a non-zero code: %d", b.Config.Cmd, ret), Code: ret, } return err @@ -421,7 +421,7 @@ func (b *buildFile) run(c *daemon.Container) error { return nil } -func (b *buildFile) checkPathForAddition(orig string) error { +func (b *BuildFile) checkPathForAddition(orig string) error { origPath := path.Join(b.contextPath, orig) if p, err := filepath.EvalSymlinks(origPath); err != nil { if os.IsNotExist(err) { @@ -444,7 +444,7 @@ func (b *buildFile) checkPathForAddition(orig string) error { return nil } -func (b *buildFile) addContext(container *daemon.Container, orig, dest string, decompress bool) error { +func (b *BuildFile) addContext(container *daemon.Container, orig, dest string, decompress bool) error { var ( err error destExists = true @@ -549,14 +549,14 @@ func fixPermissions(destination string, uid, gid int) error { }) } -func (b *buildFile) clearTmp(containers map[string]struct{}) { +func (b *BuildFile) clearTmp(containers map[string]struct{}) { for c := range containers { - tmp := b.options.Daemon.Get(c) - if err := b.options.Daemon.Destroy(tmp); err != nil { - fmt.Fprintf(b.options.OutStream, "Error removing intermediate container %s: %s\n", utils.TruncateID(c), err.Error()) + tmp := b.Options.Daemon.Get(c) + if err := b.Options.Daemon.Destroy(tmp); err != nil { + fmt.Fprintf(b.Options.OutStream, "Error removing intermediate container %s: %s\n", utils.TruncateID(c), err.Error()) } else { delete(containers, c) - fmt.Fprintf(b.options.OutStream, "Removing intermediate container %s\n", utils.TruncateID(c)) + fmt.Fprintf(b.Options.OutStream, "Removing intermediate container %s\n", utils.TruncateID(c)) } } } diff --git a/components/engine/builder/evaluator/support.go b/components/engine/builder/evaluator/support.go index 21dd7ccd3c..766fd0208a 100644 --- a/components/engine/builder/evaluator/support.go +++ b/components/engine/builder/evaluator/support.go @@ -10,12 +10,12 @@ var ( ) // handle environment replacement. Used in dispatcher. -func replaceEnv(b *buildFile, str string) string { +func replaceEnv(b *BuildFile, str string) string { for _, match := range TOKEN_ENV_INTERPOLATION.FindAllString(str, -1) { match = match[strings.Index(match, "$"):] matchKey := strings.Trim(match, "${}") - for envKey, envValue := range b.env { + for envKey, envValue := range b.Env { if matchKey == envKey { str = strings.Replace(str, match, envValue, -1) } diff --git a/components/engine/builder/job.go b/components/engine/builder/job.go new file mode 100644 index 0000000000..98a24df898 --- /dev/null +++ b/components/engine/builder/job.go @@ -0,0 +1,119 @@ +package builder + +import ( + "io" + "io/ioutil" + "os" + "os/exec" + "strings" + + "github.com/docker/docker/archive" + "github.com/docker/docker/builder/evaluator" + "github.com/docker/docker/daemon" + "github.com/docker/docker/engine" + "github.com/docker/docker/pkg/parsers" + "github.com/docker/docker/registry" + "github.com/docker/docker/utils" +) + +type BuilderJob struct { + Engine *engine.Engine + Daemon *daemon.Daemon +} + +func (b *BuilderJob) Install() { + b.Engine.Register("build", b.CmdBuild) +} + +func (b *BuilderJob) CmdBuild(job *engine.Job) engine.Status { + if len(job.Args) != 0 { + return job.Errorf("Usage: %s\n", job.Name) + } + var ( + remoteURL = job.Getenv("remote") + repoName = job.Getenv("t") + suppressOutput = job.GetenvBool("q") + noCache = job.GetenvBool("nocache") + rm = job.GetenvBool("rm") + forceRm = job.GetenvBool("forcerm") + authConfig = ®istry.AuthConfig{} + configFile = ®istry.ConfigFile{} + tag string + context io.ReadCloser + ) + job.GetenvJson("authConfig", authConfig) + job.GetenvJson("configFile", configFile) + repoName, tag = parsers.ParseRepositoryTag(repoName) + + if remoteURL == "" { + context = ioutil.NopCloser(job.Stdin) + } else if utils.IsGIT(remoteURL) { + if !strings.HasPrefix(remoteURL, "git://") { + remoteURL = "https://" + remoteURL + } + root, err := ioutil.TempDir("", "docker-build-git") + if err != nil { + return job.Error(err) + } + defer os.RemoveAll(root) + + if output, err := exec.Command("git", "clone", "--recursive", remoteURL, root).CombinedOutput(); err != nil { + return job.Errorf("Error trying to use git: %s (%s)", err, output) + } + + c, err := archive.Tar(root, archive.Uncompressed) + if err != nil { + return job.Error(err) + } + context = c + } else if utils.IsURL(remoteURL) { + f, err := utils.Download(remoteURL) + if err != nil { + return job.Error(err) + } + defer f.Body.Close() + dockerFile, err := ioutil.ReadAll(f.Body) + if err != nil { + return job.Error(err) + } + c, err := archive.Generate("Dockerfile", string(dockerFile)) + if err != nil { + return job.Error(err) + } + context = c + } + defer context.Close() + + sf := utils.NewStreamFormatter(job.GetenvBool("json")) + + opts := &evaluator.BuildOpts{ + Daemon: b.Daemon, + Engine: b.Engine, + OutStream: &utils.StdoutFormater{ + Writer: job.Stdout, + StreamFormatter: sf, + }, + ErrStream: &utils.StderrFormater{ + Writer: job.Stdout, + StreamFormatter: sf, + }, + Verbose: !suppressOutput, + UtilizeCache: !noCache, + Remove: rm, + ForceRemove: forceRm, + OutOld: job.Stdout, + StreamFormatter: sf, + AuthConfig: authConfig, + AuthConfigFile: configFile, + } + + id, err := NewBuilder(opts).Run(context) + if err != nil { + return job.Error(err) + } + + if repoName != "" { + b.Daemon.Repositories().Set(repoName, tag, id, false) + } + return engine.StatusOK +} diff --git a/components/engine/daemon/build.go b/components/engine/daemon/build.go deleted file mode 100644 index 6812139663..0000000000 --- a/components/engine/daemon/build.go +++ /dev/null @@ -1,1006 +0,0 @@ -package daemon - -import ( - "crypto/sha256" - "encoding/hex" - "encoding/json" - "errors" - "fmt" - "io" - "io/ioutil" - "net/url" - "os" - "os/exec" - "path" - "path/filepath" - "reflect" - "regexp" - "sort" - "strings" - "syscall" - "time" - - "github.com/docker/docker/archive" - "github.com/docker/docker/engine" - "github.com/docker/docker/nat" - "github.com/docker/docker/pkg/log" - "github.com/docker/docker/pkg/parsers" - "github.com/docker/docker/pkg/symlink" - "github.com/docker/docker/pkg/system" - "github.com/docker/docker/pkg/tarsum" - "github.com/docker/docker/registry" - "github.com/docker/docker/runconfig" - "github.com/docker/docker/utils" -) - -func (daemon *Daemon) CmdBuild(job *engine.Job) engine.Status { - if len(job.Args) != 0 { - return job.Errorf("Usage: %s\n", job.Name) - } - var ( - remoteURL = job.Getenv("remote") - repoName = job.Getenv("t") - suppressOutput = job.GetenvBool("q") - noCache = job.GetenvBool("nocache") - rm = job.GetenvBool("rm") - forceRm = job.GetenvBool("forcerm") - authConfig = ®istry.AuthConfig{} - configFile = ®istry.ConfigFile{} - tag string - context io.ReadCloser - ) - job.GetenvJson("authConfig", authConfig) - job.GetenvJson("configFile", configFile) - repoName, tag = parsers.ParseRepositoryTag(repoName) - - if remoteURL == "" { - context = ioutil.NopCloser(job.Stdin) - } else if utils.IsGIT(remoteURL) { - if !strings.HasPrefix(remoteURL, "git://") { - remoteURL = "https://" + remoteURL - } - root, err := ioutil.TempDir("", "docker-build-git") - if err != nil { - return job.Error(err) - } - defer os.RemoveAll(root) - - if output, err := exec.Command("git", "clone", "--recursive", remoteURL, root).CombinedOutput(); err != nil { - return job.Errorf("Error trying to use git: %s (%s)", err, output) - } - - c, err := archive.Tar(root, archive.Uncompressed) - if err != nil { - return job.Error(err) - } - context = c - } else if utils.IsURL(remoteURL) { - f, err := utils.Download(remoteURL) - if err != nil { - return job.Error(err) - } - defer f.Body.Close() - dockerFile, err := ioutil.ReadAll(f.Body) - if err != nil { - return job.Error(err) - } - c, err := archive.Generate("Dockerfile", string(dockerFile)) - if err != nil { - return job.Error(err) - } - context = c - } - defer context.Close() - - sf := utils.NewStreamFormatter(job.GetenvBool("json")) - b := NewBuildFile(daemon, daemon.eng, - &utils.StdoutFormater{ - Writer: job.Stdout, - StreamFormatter: sf, - }, - &utils.StderrFormater{ - Writer: job.Stdout, - StreamFormatter: sf, - }, - !suppressOutput, !noCache, rm, forceRm, job.Stdout, sf, authConfig, configFile) - id, err := b.Build(context) - if err != nil { - return job.Error(err) - } - if repoName != "" { - daemon.Repositories().Set(repoName, tag, id, false) - } - return engine.StatusOK -} - -var ( - ErrDockerfileEmpty = errors.New("Dockerfile cannot be empty") -) - -type BuildFile interface { - Build(io.Reader) (string, error) - CmdFrom(string) error - CmdRun(string) error -} - -type buildFile struct { - daemon *Daemon - eng *engine.Engine - - image string - maintainer string - config *runconfig.Config - - contextPath string - context *tarsum.TarSum - - verbose bool - utilizeCache bool - rm bool - forceRm bool - - authConfig *registry.AuthConfig - configFile *registry.ConfigFile - - tmpContainers map[string]struct{} - tmpImages map[string]struct{} - - outStream io.Writer - errStream io.Writer - - // Deprecated, original writer used for ImagePull. To be removed. - outOld io.Writer - sf *utils.StreamFormatter - - // cmdSet indicates is CMD was set in current Dockerfile - cmdSet bool -} - -func (b *buildFile) clearTmp(containers map[string]struct{}) { - for c := range containers { - tmp := b.daemon.Get(c) - if err := b.daemon.Destroy(tmp); err != nil { - fmt.Fprintf(b.outStream, "Error removing intermediate container %s: %s\n", utils.TruncateID(c), err.Error()) - } else { - delete(containers, c) - fmt.Fprintf(b.outStream, "Removing intermediate container %s\n", utils.TruncateID(c)) - } - } -} - -func (b *buildFile) CmdFrom(name string) error { - image, err := b.daemon.Repositories().LookupImage(name) - if err != nil { - if b.daemon.Graph().IsNotExist(err) { - remote, tag := parsers.ParseRepositoryTag(name) - pullRegistryAuth := b.authConfig - if len(b.configFile.Configs) > 0 { - // The request came with a full auth config file, we prefer to use that - endpoint, _, err := registry.ResolveRepositoryName(remote) - if err != nil { - return err - } - resolvedAuth := b.configFile.ResolveAuthConfig(endpoint) - pullRegistryAuth = &resolvedAuth - } - job := b.eng.Job("pull", remote, tag) - job.SetenvBool("json", b.sf.Json()) - job.SetenvBool("parallel", true) - job.SetenvJson("authConfig", pullRegistryAuth) - job.Stdout.Add(b.outOld) - if err := job.Run(); err != nil { - return err - } - image, err = b.daemon.Repositories().LookupImage(name) - if err != nil { - return err - } - } else { - return err - } - } - b.image = image.ID - b.config = &runconfig.Config{} - if image.Config != nil { - b.config = image.Config - } - if b.config.Env == nil || len(b.config.Env) == 0 { - b.config.Env = append(b.config.Env, "PATH="+DefaultPathEnv) - } - // Process ONBUILD triggers if they exist - if nTriggers := len(b.config.OnBuild); nTriggers != 0 { - fmt.Fprintf(b.errStream, "# Executing %d build triggers\n", nTriggers) - } - - // Copy the ONBUILD triggers, and remove them from the config, since the config will be commited. - onBuildTriggers := b.config.OnBuild - b.config.OnBuild = []string{} - - for n, step := range onBuildTriggers { - splitStep := strings.Split(step, " ") - stepInstruction := strings.ToUpper(strings.Trim(splitStep[0], " ")) - switch stepInstruction { - case "ONBUILD": - return fmt.Errorf("Source image contains forbidden chained `ONBUILD ONBUILD` trigger: %s", step) - case "MAINTAINER", "FROM": - return fmt.Errorf("Source image contains forbidden %s trigger: %s", stepInstruction, step) - } - if err := b.BuildStep(fmt.Sprintf("onbuild-%d", n), step); err != nil { - return err - } - } - return nil -} - -// The ONBUILD command declares a build instruction to be executed in any future build -// using the current image as a base. -func (b *buildFile) CmdOnbuild(trigger string) error { - splitTrigger := strings.Split(trigger, " ") - triggerInstruction := strings.ToUpper(strings.Trim(splitTrigger[0], " ")) - switch triggerInstruction { - case "ONBUILD": - return fmt.Errorf("Chaining ONBUILD via `ONBUILD ONBUILD` isn't allowed") - case "MAINTAINER", "FROM": - return fmt.Errorf("%s isn't allowed as an ONBUILD trigger", triggerInstruction) - } - b.config.OnBuild = append(b.config.OnBuild, trigger) - return b.commit("", b.config.Cmd, fmt.Sprintf("ONBUILD %s", trigger)) -} - -func (b *buildFile) CmdMaintainer(name string) error { - b.maintainer = name - return b.commit("", b.config.Cmd, fmt.Sprintf("MAINTAINER %s", name)) -} - -// probeCache checks to see if image-caching is enabled (`b.utilizeCache`) -// and if so attempts to look up the current `b.image` and `b.config` pair -// in the current server `b.daemon`. If an image is found, probeCache returns -// `(true, nil)`. If no image is found, it returns `(false, nil)`. If there -// is any error, it returns `(false, err)`. -func (b *buildFile) probeCache() (bool, error) { - if b.utilizeCache { - if cache, err := b.daemon.ImageGetCached(b.image, b.config); err != nil { - return false, err - } else if cache != nil { - fmt.Fprintf(b.outStream, " ---> Using cache\n") - log.Debugf("[BUILDER] Use cached version") - b.image = cache.ID - return true, nil - } else { - log.Debugf("[BUILDER] Cache miss") - } - } - return false, nil -} - -func (b *buildFile) CmdRun(args string) error { - if b.image == "" { - return fmt.Errorf("Please provide a source image with `from` prior to run") - } - config, _, _, err := runconfig.Parse(append([]string{b.image}, b.buildCmdFromJson(args)...), nil) - if err != nil { - return err - } - - cmd := b.config.Cmd - // set Cmd manually, this is special case only for Dockerfiles - b.config.Cmd = config.Cmd - runconfig.Merge(b.config, config) - - defer func(cmd []string) { b.config.Cmd = cmd }(cmd) - - log.Debugf("Command to be executed: %v", b.config.Cmd) - - hit, err := b.probeCache() - if err != nil { - return err - } - if hit { - return nil - } - - c, err := b.create() - if err != nil { - return err - } - // Ensure that we keep the container mounted until the commit - // to avoid unmounting and then mounting directly again - c.Mount() - defer c.Unmount() - - err = b.run(c) - if err != nil { - return err - } - if err := b.commit(c.ID, cmd, "run"); err != nil { - return err - } - - return nil -} - -func (b *buildFile) FindEnvKey(key string) int { - for k, envVar := range b.config.Env { - envParts := strings.SplitN(envVar, "=", 2) - if key == envParts[0] { - return k - } - } - return -1 -} - -func (b *buildFile) ReplaceEnvMatches(value string) (string, error) { - exp, err := regexp.Compile("(\\\\\\\\+|[^\\\\]|\\b|\\A)\\$({?)([[:alnum:]_]+)(}?)") - if err != nil { - return value, err - } - matches := exp.FindAllString(value, -1) - for _, match := range matches { - match = match[strings.Index(match, "$"):] - matchKey := strings.Trim(match, "${}") - - for _, envVar := range b.config.Env { - envParts := strings.SplitN(envVar, "=", 2) - envKey := envParts[0] - envValue := envParts[1] - - if envKey == matchKey { - value = strings.Replace(value, match, envValue, -1) - break - } - } - } - return value, nil -} - -func (b *buildFile) CmdEnv(args string) error { - tmp := strings.SplitN(args, " ", 2) - if len(tmp) != 2 { - return fmt.Errorf("Invalid ENV format") - } - key := strings.Trim(tmp[0], " \t") - value := strings.Trim(tmp[1], " \t") - - envKey := b.FindEnvKey(key) - replacedValue, err := b.ReplaceEnvMatches(value) - if err != nil { - return err - } - replacedVar := fmt.Sprintf("%s=%s", key, replacedValue) - - if envKey >= 0 { - b.config.Env[envKey] = replacedVar - } else { - b.config.Env = append(b.config.Env, replacedVar) - } - return b.commit("", b.config.Cmd, fmt.Sprintf("ENV %s", replacedVar)) -} - -func (b *buildFile) buildCmdFromJson(args string) []string { - var cmd []string - if err := json.Unmarshal([]byte(args), &cmd); err != nil { - log.Debugf("Error unmarshalling: %s, setting to /bin/sh -c", err) - cmd = []string{"/bin/sh", "-c", args} - } - return cmd -} - -func (b *buildFile) CmdCmd(args string) error { - cmd := b.buildCmdFromJson(args) - b.config.Cmd = cmd - if err := b.commit("", b.config.Cmd, fmt.Sprintf("CMD %v", cmd)); err != nil { - return err - } - b.cmdSet = true - return nil -} - -func (b *buildFile) CmdEntrypoint(args string) error { - entrypoint := b.buildCmdFromJson(args) - b.config.Entrypoint = entrypoint - // if there is no cmd in current Dockerfile - cleanup cmd - if !b.cmdSet { - b.config.Cmd = nil - } - if err := b.commit("", b.config.Cmd, fmt.Sprintf("ENTRYPOINT %v", entrypoint)); err != nil { - return err - } - return nil -} - -func (b *buildFile) CmdExpose(args string) error { - portsTab := strings.Split(args, " ") - - if b.config.ExposedPorts == nil { - b.config.ExposedPorts = make(nat.PortSet) - } - ports, _, err := nat.ParsePortSpecs(append(portsTab, b.config.PortSpecs...)) - if err != nil { - return err - } - for port := range ports { - if _, exists := b.config.ExposedPorts[port]; !exists { - b.config.ExposedPorts[port] = struct{}{} - } - } - b.config.PortSpecs = nil - - return b.commit("", b.config.Cmd, fmt.Sprintf("EXPOSE %v", ports)) -} - -func (b *buildFile) CmdUser(args string) error { - b.config.User = args - return b.commit("", b.config.Cmd, fmt.Sprintf("USER %v", args)) -} - -func (b *buildFile) CmdInsert(args string) error { - return fmt.Errorf("INSERT has been deprecated. Please use ADD instead") -} - -func (b *buildFile) CmdCopy(args string) error { - return b.runContextCommand(args, false, false, "COPY") -} - -func (b *buildFile) CmdWorkdir(workdir string) error { - if workdir[0] == '/' { - b.config.WorkingDir = workdir - } else { - if b.config.WorkingDir == "" { - b.config.WorkingDir = "/" - } - b.config.WorkingDir = filepath.Join(b.config.WorkingDir, workdir) - } - return b.commit("", b.config.Cmd, fmt.Sprintf("WORKDIR %v", workdir)) -} - -func (b *buildFile) CmdVolume(args string) error { - if args == "" { - return fmt.Errorf("Volume cannot be empty") - } - - var volume []string - if err := json.Unmarshal([]byte(args), &volume); err != nil { - volume = []string{args} - } - if b.config.Volumes == nil { - b.config.Volumes = map[string]struct{}{} - } - for _, v := range volume { - b.config.Volumes[v] = struct{}{} - } - if err := b.commit("", b.config.Cmd, fmt.Sprintf("VOLUME %s", args)); err != nil { - return err - } - return nil -} - -func (b *buildFile) checkPathForAddition(orig string) error { - origPath := path.Join(b.contextPath, orig) - origPath, err := filepath.EvalSymlinks(origPath) - if err != nil { - if os.IsNotExist(err) { - return fmt.Errorf("%s: no such file or directory", orig) - } - return err - } - if !strings.HasPrefix(origPath, b.contextPath) { - return fmt.Errorf("Forbidden path outside the build context: %s (%s)", orig, origPath) - } - if _, err := os.Stat(origPath); err != nil { - if os.IsNotExist(err) { - return fmt.Errorf("%s: no such file or directory", orig) - } - return err - } - return nil -} - -func (b *buildFile) addContext(container *Container, orig, dest string, decompress bool) error { - var ( - err error - destExists = true - origPath = path.Join(b.contextPath, orig) - destPath = path.Join(container.RootfsPath(), dest) - ) - - if destPath != container.RootfsPath() { - destPath, err = symlink.FollowSymlinkInScope(destPath, container.RootfsPath()) - if err != nil { - return err - } - } - - // Preserve the trailing '/' - if strings.HasSuffix(dest, "/") || dest == "." { - destPath = destPath + "/" - } - - destStat, err := os.Stat(destPath) - if err != nil { - if !os.IsNotExist(err) { - return err - } - destExists = false - } - - fi, err := os.Stat(origPath) - if err != nil { - if os.IsNotExist(err) { - return fmt.Errorf("%s: no such file or directory", orig) - } - return err - } - - if fi.IsDir() { - return copyAsDirectory(origPath, destPath, destExists) - } - - // If we are adding a remote file (or we've been told not to decompress), do not try to untar it - if decompress { - // First try to unpack the source as an archive - // to support the untar feature we need to clean up the path a little bit - // because tar is very forgiving. First we need to strip off the archive's - // filename from the path but this is only added if it does not end in / . - tarDest := destPath - if strings.HasSuffix(tarDest, "/") { - tarDest = filepath.Dir(destPath) - } - - // try to successfully untar the orig - if err := archive.UntarPath(origPath, tarDest); err == nil { - return nil - } else if err != io.EOF { - log.Debugf("Couldn't untar %s to %s: %s", origPath, tarDest, err) - } - } - - if err := os.MkdirAll(path.Dir(destPath), 0755); err != nil { - return err - } - if err := archive.CopyWithTar(origPath, destPath); err != nil { - return err - } - - resPath := destPath - if destExists && destStat.IsDir() { - resPath = path.Join(destPath, path.Base(origPath)) - } - - return fixPermissions(resPath, 0, 0) -} - -func (b *buildFile) runContextCommand(args string, allowRemote bool, allowDecompression bool, cmdName string) error { - if b.context == nil { - return fmt.Errorf("No context given. Impossible to use %s", cmdName) - } - tmp := strings.SplitN(args, " ", 2) - if len(tmp) != 2 { - return fmt.Errorf("Invalid %s format", cmdName) - } - - orig, err := b.ReplaceEnvMatches(strings.Trim(tmp[0], " \t")) - if err != nil { - return err - } - - dest, err := b.ReplaceEnvMatches(strings.Trim(tmp[1], " \t")) - if err != nil { - return err - } - - cmd := b.config.Cmd - b.config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, orig, dest)} - defer func(cmd []string) { b.config.Cmd = cmd }(cmd) - b.config.Image = b.image - - var ( - origPath = orig - destPath = dest - remoteHash string - isRemote bool - decompress = true - ) - - isRemote = utils.IsURL(orig) - if isRemote && !allowRemote { - return fmt.Errorf("Source can't be an URL for %s", cmdName) - } else if utils.IsURL(orig) { - // Initiate the download - resp, err := utils.Download(orig) - if err != nil { - return err - } - - // Create a tmp dir - tmpDirName, err := ioutil.TempDir(b.contextPath, "docker-remote") - if err != nil { - return err - } - - // Create a tmp file within our tmp dir - tmpFileName := path.Join(tmpDirName, "tmp") - tmpFile, err := os.OpenFile(tmpFileName, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0600) - if err != nil { - return err - } - defer os.RemoveAll(tmpDirName) - - // Download and dump result to tmp file - if _, err := io.Copy(tmpFile, resp.Body); err != nil { - tmpFile.Close() - return err - } - tmpFile.Close() - - // Remove the mtime of the newly created tmp file - if err := system.UtimesNano(tmpFileName, make([]syscall.Timespec, 2)); err != nil { - return err - } - - origPath = path.Join(filepath.Base(tmpDirName), filepath.Base(tmpFileName)) - - // Process the checksum - r, err := archive.Tar(tmpFileName, archive.Uncompressed) - if err != nil { - return err - } - tarSum := &tarsum.TarSum{Reader: r, DisableCompression: true} - if _, err := io.Copy(ioutil.Discard, tarSum); err != nil { - return err - } - remoteHash = tarSum.Sum(nil) - r.Close() - - // If the destination is a directory, figure out the filename. - if strings.HasSuffix(dest, "/") { - u, err := url.Parse(orig) - if err != nil { - return err - } - path := u.Path - if strings.HasSuffix(path, "/") { - path = path[:len(path)-1] - } - parts := strings.Split(path, "/") - filename := parts[len(parts)-1] - if filename == "" { - return fmt.Errorf("cannot determine filename from url: %s", u) - } - destPath = dest + filename - } - } - - if err := b.checkPathForAddition(origPath); err != nil { - return err - } - - // Hash path and check the cache - if b.utilizeCache { - var ( - hash string - sums = b.context.GetSums() - ) - - if remoteHash != "" { - hash = remoteHash - } else if fi, err := os.Stat(path.Join(b.contextPath, origPath)); err != nil { - return err - } else if fi.IsDir() { - var subfiles []string - for file, sum := range sums { - absFile := path.Join(b.contextPath, file) - absOrigPath := path.Join(b.contextPath, origPath) - if strings.HasPrefix(absFile, absOrigPath) { - subfiles = append(subfiles, sum) - } - } - sort.Strings(subfiles) - hasher := sha256.New() - hasher.Write([]byte(strings.Join(subfiles, ","))) - hash = "dir:" + hex.EncodeToString(hasher.Sum(nil)) - } else { - if origPath[0] == '/' && len(origPath) > 1 { - origPath = origPath[1:] - } - origPath = strings.TrimPrefix(origPath, "./") - if h, ok := sums[origPath]; ok { - hash = "file:" + h - } - } - b.config.Cmd = []string{"/bin/sh", "-c", fmt.Sprintf("#(nop) %s %s in %s", cmdName, hash, dest)} - hit, err := b.probeCache() - if err != nil { - return err - } - // If we do not have a hash, never use the cache - if hit && hash != "" { - return nil - } - } - - // Create the container - container, _, err := b.daemon.Create(b.config, "") - if err != nil { - return err - } - b.tmpContainers[container.ID] = struct{}{} - - if err := container.Mount(); err != nil { - return err - } - defer container.Unmount() - - if !allowDecompression || isRemote { - decompress = false - } - if err := b.addContext(container, origPath, destPath, decompress); err != nil { - return err - } - - if err := b.commit(container.ID, cmd, fmt.Sprintf("%s %s in %s", cmdName, orig, dest)); err != nil { - return err - } - return nil -} - -func (b *buildFile) CmdAdd(args string) error { - return b.runContextCommand(args, true, true, "ADD") -} - -func (b *buildFile) create() (*Container, error) { - if b.image == "" { - return nil, fmt.Errorf("Please provide a source image with `from` prior to run") - } - b.config.Image = b.image - - // Create the container - c, _, err := b.daemon.Create(b.config, "") - if err != nil { - return nil, err - } - b.tmpContainers[c.ID] = struct{}{} - fmt.Fprintf(b.outStream, " ---> Running in %s\n", utils.TruncateID(c.ID)) - - // override the entry point that may have been picked up from the base image - c.Path = b.config.Cmd[0] - c.Args = b.config.Cmd[1:] - - return c, nil -} - -func (b *buildFile) run(c *Container) error { - var errCh chan error - if b.verbose { - errCh = utils.Go(func() error { - // FIXME: call the 'attach' job so that daemon.Attach can be made private - // - // FIXME (LK4D4): Also, maybe makes sense to call "logs" job, it is like attach - // but without hijacking for stdin. Also, with attach there can be race - // condition because of some output already was printed before it. - return <-b.daemon.Attach(c, nil, nil, b.outStream, b.errStream) - }) - } - - //start the container - if err := c.Start(); err != nil { - return err - } - - if errCh != nil { - if err := <-errCh; err != nil { - return err - } - } - - // Wait for it to finish - if ret, _ := c.State.WaitStop(-1 * time.Second); ret != 0 { - err := &utils.JSONError{ - Message: fmt.Sprintf("The command %v returned a non-zero code: %d", b.config.Cmd, ret), - Code: ret, - } - return err - } - - return nil -} - -// Commit the container with the autorun command -func (b *buildFile) commit(id string, autoCmd []string, comment string) error { - if b.image == "" { - return fmt.Errorf("Please provide a source image with `from` prior to commit") - } - b.config.Image = b.image - if id == "" { - cmd := b.config.Cmd - b.config.Cmd = []string{"/bin/sh", "-c", "#(nop) " + comment} - defer func(cmd []string) { b.config.Cmd = cmd }(cmd) - - hit, err := b.probeCache() - if err != nil { - return err - } - if hit { - return nil - } - - container, warnings, err := b.daemon.Create(b.config, "") - if err != nil { - return err - } - for _, warning := range warnings { - fmt.Fprintf(b.outStream, " ---> [Warning] %s\n", warning) - } - b.tmpContainers[container.ID] = struct{}{} - fmt.Fprintf(b.outStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) - id = container.ID - - if err := container.Mount(); err != nil { - return err - } - defer container.Unmount() - } - container := b.daemon.Get(id) - if container == nil { - return fmt.Errorf("An error occured while creating the container") - } - - // Note: Actually copy the struct - autoConfig := *b.config - autoConfig.Cmd = autoCmd - // Commit the container - image, err := b.daemon.Commit(container, "", "", "", b.maintainer, true, &autoConfig) - if err != nil { - return err - } - b.tmpImages[image.ID] = struct{}{} - b.image = image.ID - return nil -} - -// Long lines can be split with a backslash -var lineContinuation = regexp.MustCompile(`\\\s*\n`) - -func (b *buildFile) Build(context io.Reader) (string, error) { - tmpdirPath, err := ioutil.TempDir("", "docker-build") - if err != nil { - return "", err - } - - decompressedStream, err := archive.DecompressStream(context) - if err != nil { - return "", err - } - - b.context = &tarsum.TarSum{Reader: decompressedStream, DisableCompression: true} - if err := archive.Untar(b.context, tmpdirPath, nil); err != nil { - return "", err - } - defer os.RemoveAll(tmpdirPath) - - b.contextPath = tmpdirPath - filename := path.Join(tmpdirPath, "Dockerfile") - if _, err := os.Stat(filename); os.IsNotExist(err) { - return "", fmt.Errorf("Can't build a directory with no Dockerfile") - } - fileBytes, err := ioutil.ReadFile(filename) - if err != nil { - return "", err - } - if len(fileBytes) == 0 { - return "", ErrDockerfileEmpty - } - var ( - dockerfile = lineContinuation.ReplaceAllString(stripComments(fileBytes), "") - stepN = 0 - ) - for _, line := range strings.Split(dockerfile, "\n") { - line = strings.Trim(strings.Replace(line, "\t", " ", -1), " \t\r\n") - if len(line) == 0 { - continue - } - if err := b.BuildStep(fmt.Sprintf("%d", stepN), line); err != nil { - if b.forceRm { - b.clearTmp(b.tmpContainers) - } - return "", err - } else if b.rm { - b.clearTmp(b.tmpContainers) - } - stepN++ - } - if b.image != "" { - fmt.Fprintf(b.outStream, "Successfully built %s\n", utils.TruncateID(b.image)) - return b.image, nil - } - return "", fmt.Errorf("No image was generated. This may be because the Dockerfile does not, like, do anything.\n") -} - -// BuildStep parses a single build step from `instruction` and executes it in the current context. -func (b *buildFile) BuildStep(name, expression string) error { - fmt.Fprintf(b.outStream, "Step %s : %s\n", name, expression) - tmp := strings.SplitN(expression, " ", 2) - if len(tmp) != 2 { - return fmt.Errorf("Invalid Dockerfile format") - } - instruction := strings.ToLower(strings.Trim(tmp[0], " ")) - arguments := strings.Trim(tmp[1], " ") - - method, exists := reflect.TypeOf(b).MethodByName("Cmd" + strings.ToUpper(instruction[:1]) + strings.ToLower(instruction[1:])) - if !exists { - fmt.Fprintf(b.errStream, "# Skipping unknown instruction %s\n", strings.ToUpper(instruction)) - return nil - } - - ret := method.Func.Call([]reflect.Value{reflect.ValueOf(b), reflect.ValueOf(arguments)})[0].Interface() - if ret != nil { - return ret.(error) - } - - fmt.Fprintf(b.outStream, " ---> %s\n", utils.TruncateID(b.image)) - return nil -} - -func stripComments(raw []byte) string { - var ( - out []string - lines = strings.Split(string(raw), "\n") - ) - for _, l := range lines { - if len(l) == 0 || l[0] == '#' { - continue - } - out = append(out, l) - } - return strings.Join(out, "\n") -} - -func copyAsDirectory(source, destination string, destinationExists bool) error { - if err := archive.CopyWithTar(source, destination); err != nil { - return err - } - - if destinationExists { - files, err := ioutil.ReadDir(source) - if err != nil { - return err - } - - for _, file := range files { - if err := fixPermissions(filepath.Join(destination, file.Name()), 0, 0); err != nil { - return err - } - } - return nil - } - - return fixPermissions(destination, 0, 0) -} - -func fixPermissions(destination string, uid, gid int) error { - return filepath.Walk(destination, func(path string, info os.FileInfo, err error) error { - if err := os.Lchown(path, uid, gid); err != nil && !os.IsNotExist(err) { - return err - } - return nil - }) -} - -func NewBuildFile(d *Daemon, eng *engine.Engine, outStream, errStream io.Writer, verbose, utilizeCache, rm bool, forceRm bool, outOld io.Writer, sf *utils.StreamFormatter, auth *registry.AuthConfig, authConfigFile *registry.ConfigFile) BuildFile { - return &buildFile{ - daemon: d, - eng: eng, - config: &runconfig.Config{}, - outStream: outStream, - errStream: errStream, - tmpContainers: make(map[string]struct{}), - tmpImages: make(map[string]struct{}), - verbose: verbose, - utilizeCache: utilizeCache, - rm: rm, - forceRm: forceRm, - sf: sf, - authConfig: auth, - configFile: authConfigFile, - outOld: outOld, - } -} diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go index 8ff79801c8..0a4d6e0bc5 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go @@ -101,7 +101,6 @@ func (daemon *Daemon) Install(eng *engine.Engine) error { // FIXME: remove ImageDelete's dependency on Daemon, then move to graph/ for name, method := range map[string]engine.Handler{ "attach": daemon.ContainerAttach, - "build": daemon.CmdBuild, "commit": daemon.ContainerCommit, "container_changes": daemon.ContainerChanges, "container_copy": daemon.ContainerCopy, diff --git a/components/engine/docker/daemon.go b/components/engine/docker/daemon.go index dc9d56d1d9..eef17efdc4 100644 --- a/components/engine/docker/daemon.go +++ b/components/engine/docker/daemon.go @@ -5,6 +5,7 @@ package main import ( "log" + "github.com/docker/docker/builder" "github.com/docker/docker/builtins" "github.com/docker/docker/daemon" _ "github.com/docker/docker/daemon/execdriver/lxc" @@ -48,6 +49,10 @@ func mainDaemon() { if err := d.Install(eng); err != nil { log.Fatal(err) } + + b := &builder.BuilderJob{eng, d} + b.Install() + // after the daemon is done setting up we can tell the api to start // accepting connections if err := eng.Job("acceptconnections").Run(); err != nil { From e5b50b40c8e482f6e2555e6d14236f9a7ca8c84a Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Wed, 13 Aug 2014 03:07:41 -0700 Subject: [PATCH 067/540] builder: Fix handling of ENV references that reference themselves, plus tests. Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: cb51681a6db4b7c62d91998ba3b1d3b98c09c61c Component: engine --- components/engine/builder/builder.go | 19 +----- .../engine/builder/evaluator/dispatchers.go | 65 ++++++++++--------- .../engine/builder/evaluator/evaluator.go | 22 ++++--- .../engine/builder/evaluator/internals.go | 22 +++---- .../engine/builder/evaluator/support.go | 28 ++++++-- .../engine/builder/parser/line_parsers.go | 47 +++++++------- components/engine/builder/parser/parser.go | 14 ++-- components/engine/builder/parser/utils.go | 10 +-- .../integration-cli/docker_cli_build_test.go | 9 ++- 9 files changed, 127 insertions(+), 109 deletions(-) diff --git a/components/engine/builder/builder.go b/components/engine/builder/builder.go index 1720b7b99f..d99d1ad9b6 100644 --- a/components/engine/builder/builder.go +++ b/components/engine/builder/builder.go @@ -2,7 +2,6 @@ package builder import ( "github.com/docker/docker/builder/evaluator" - "github.com/docker/docker/nat" "github.com/docker/docker/runconfig" ) @@ -10,25 +9,9 @@ import ( func NewBuilder(opts *evaluator.BuildOpts) *evaluator.BuildFile { return &evaluator.BuildFile{ Dockerfile: nil, - Env: evaluator.EnvMap{}, - Config: initRunConfig(), + Config: &runconfig.Config{}, Options: opts, TmpContainers: evaluator.UniqueMap{}, TmpImages: evaluator.UniqueMap{}, } } - -func initRunConfig() *runconfig.Config { - return &runconfig.Config{ - PortSpecs: []string{}, - // FIXME(erikh) this should be a type that lives in runconfig - ExposedPorts: map[nat.Port]struct{}{}, - Env: []string{}, - Cmd: []string{}, - - // FIXME(erikh) this should also be a type in runconfig - Volumes: map[string]struct{}{}, - Entrypoint: []string{"/bin/sh", "-c"}, - OnBuild: []string{}, - } -} diff --git a/components/engine/builder/evaluator/dispatchers.go b/components/engine/builder/evaluator/dispatchers.go index d05777981e..23e16b000e 100644 --- a/components/engine/builder/evaluator/dispatchers.go +++ b/components/engine/builder/evaluator/dispatchers.go @@ -13,12 +13,12 @@ import ( "strings" "github.com/docker/docker/nat" + "github.com/docker/docker/pkg/log" "github.com/docker/docker/runconfig" - "github.com/docker/docker/utils" ) // dispatch with no layer / parsing. This is effectively not a command. -func nullDispatch(b *BuildFile, args []string) error { +func nullDispatch(b *BuildFile, args []string, attributes map[string]bool) error { return nil } @@ -27,24 +27,28 @@ func nullDispatch(b *BuildFile, args []string) error { // Sets the environment variable foo to bar, also makes interpolation // in the dockerfile available from the next statement on via ${foo}. // -func env(b *BuildFile, args []string) error { +func env(b *BuildFile, args []string, attributes map[string]bool) error { if len(args) != 2 { return fmt.Errorf("ENV accepts two arguments") } - // the duplication here is intended to ease the replaceEnv() call's env - // handling. This routine gets much shorter with the denormalization here. - key := args[0] - b.Env[key] = args[1] - b.Config.Env = append(b.Config.Env, strings.Join([]string{key, b.Env[key]}, "=")) + fullEnv := fmt.Sprintf("%s=%s", args[0], args[1]) - return b.commit("", b.Config.Cmd, fmt.Sprintf("ENV %s=%s", key, b.Env[key])) + for i, envVar := range b.Config.Env { + envParts := strings.SplitN(envVar, "=", 2) + if args[0] == envParts[0] { + b.Config.Env[i] = fullEnv + return b.commit("", b.Config.Cmd, fmt.Sprintf("ENV %s", fullEnv)) + } + } + b.Config.Env = append(b.Config.Env, fullEnv) + return b.commit("", b.Config.Cmd, fmt.Sprintf("ENV %s", fullEnv)) } // MAINTAINER some text // // Sets the maintainer metadata. -func maintainer(b *BuildFile, args []string) error { +func maintainer(b *BuildFile, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("MAINTAINER requires only one argument") } @@ -58,7 +62,7 @@ func maintainer(b *BuildFile, args []string) error { // Add the file 'foo' to '/path'. Tarball and Remote URL (git, http) handling // exist here. If you do not wish to have this automatic handling, use COPY. // -func add(b *BuildFile, args []string) error { +func add(b *BuildFile, args []string, attributes map[string]bool) error { if len(args) != 2 { return fmt.Errorf("ADD requires two arguments") } @@ -70,7 +74,7 @@ func add(b *BuildFile, args []string) error { // // Same as 'ADD' but without the tar and remote url handling. // -func dispatchCopy(b *BuildFile, args []string) error { +func dispatchCopy(b *BuildFile, args []string, attributes map[string]bool) error { if len(args) != 2 { return fmt.Errorf("COPY requires two arguments") } @@ -82,7 +86,7 @@ func dispatchCopy(b *BuildFile, args []string) error { // // This sets the image the dockerfile will build on top of. // -func from(b *BuildFile, args []string) error { +func from(b *BuildFile, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("FROM requires one argument") } @@ -114,7 +118,7 @@ func from(b *BuildFile, args []string) error { // special cases. search for 'OnBuild' in internals.go for additional special // cases. // -func onbuild(b *BuildFile, args []string) error { +func onbuild(b *BuildFile, args []string, attributes map[string]bool) error { triggerInstruction := strings.ToUpper(strings.TrimSpace(args[0])) switch triggerInstruction { case "ONBUILD": @@ -133,7 +137,7 @@ func onbuild(b *BuildFile, args []string) error { // // Set the working directory for future RUN/CMD/etc statements. // -func workdir(b *BuildFile, args []string) error { +func workdir(b *BuildFile, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("WORKDIR requires exactly one argument") } @@ -161,10 +165,8 @@ func workdir(b *BuildFile, args []string) error { // RUN echo hi # sh -c echo hi // RUN [ "echo", "hi" ] # echo hi // -func run(b *BuildFile, args []string) error { - if len(args) == 1 { // literal string command, not an exec array - args = append([]string{"/bin/sh", "-c"}, args[0]) - } +func run(b *BuildFile, args []string, attributes map[string]bool) error { + args = handleJsonArgs(args, attributes) if b.image == "" { return fmt.Errorf("Please provide a source image with `from` prior to run") @@ -182,7 +184,7 @@ func run(b *BuildFile, args []string) error { defer func(cmd []string) { b.Config.Cmd = cmd }(cmd) - utils.Debugf("Command to be executed: %v", b.Config.Cmd) + log.Debugf("Command to be executed: %v", b.Config.Cmd) hit, err := b.probeCache() if err != nil { @@ -196,6 +198,7 @@ func run(b *BuildFile, args []string) error { if err != nil { return err } + // Ensure that we keep the container mounted until the commit // to avoid unmounting and then mounting directly again c.Mount() @@ -217,12 +220,9 @@ func run(b *BuildFile, args []string) error { // Set the default command to run in the container (which may be empty). // Argument handling is the same as RUN. // -func cmd(b *BuildFile, args []string) error { - if len(args) < 2 { - args = append([]string{"/bin/sh", "-c"}, args...) - } +func cmd(b *BuildFile, args []string, attributes map[string]bool) error { + b.Config.Cmd = handleJsonArgs(args, attributes) - b.Config.Cmd = args if err := b.commit("", b.Config.Cmd, fmt.Sprintf("CMD %v", cmd)); err != nil { return err } @@ -239,14 +239,15 @@ func cmd(b *BuildFile, args []string) error { // Handles command processing similar to CMD and RUN, only b.Config.Entrypoint // is initialized at NewBuilder time instead of through argument parsing. // -func entrypoint(b *BuildFile, args []string) error { - b.Config.Entrypoint = args +func entrypoint(b *BuildFile, args []string, attributes map[string]bool) error { + b.Config.Entrypoint = handleJsonArgs(args, attributes) // if there is no cmd in current Dockerfile - cleanup cmd if !b.cmdSet { b.Config.Cmd = nil } - if err := b.commit("", b.Config.Cmd, fmt.Sprintf("ENTRYPOINT %v", entrypoint)); err != nil { + + if err := b.commit("", b.Config.Cmd, fmt.Sprintf("ENTRYPOINT %v", b.Config.Entrypoint)); err != nil { return err } return nil @@ -257,7 +258,7 @@ func entrypoint(b *BuildFile, args []string) error { // Expose ports for links and port mappings. This all ends up in // b.Config.ExposedPorts for runconfig. // -func expose(b *BuildFile, args []string) error { +func expose(b *BuildFile, args []string, attributes map[string]bool) error { portsTab := args if b.Config.ExposedPorts == nil { @@ -284,7 +285,7 @@ func expose(b *BuildFile, args []string) error { // Set the user to 'foo' for future commands and when running the // ENTRYPOINT/CMD at container run time. // -func user(b *BuildFile, args []string) error { +func user(b *BuildFile, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("USER requires exactly one argument") } @@ -298,7 +299,7 @@ func user(b *BuildFile, args []string) error { // Expose the volume /foo for use. Will also accept the JSON form, but either // way requires exactly one argument. // -func volume(b *BuildFile, args []string) error { +func volume(b *BuildFile, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("Volume cannot be empty") } @@ -318,6 +319,6 @@ func volume(b *BuildFile, args []string) error { } // INSERT is no longer accepted, but we still parse it. -func insert(b *BuildFile, args []string) error { +func insert(b *BuildFile, args []string, attributes map[string]bool) error { return fmt.Errorf("INSERT has been deprecated. Please use ADD instead") } diff --git a/components/engine/builder/evaluator/evaluator.go b/components/engine/builder/evaluator/evaluator.go index 2eb2ba8b36..dbf4e30839 100644 --- a/components/engine/builder/evaluator/evaluator.go +++ b/components/engine/builder/evaluator/evaluator.go @@ -38,17 +38,16 @@ import ( "github.com/docker/docker/utils" ) -type EnvMap map[string]string type UniqueMap map[string]struct{} var ( ErrDockerfileEmpty = errors.New("Dockerfile cannot be empty") ) -var evaluateTable map[string]func(*BuildFile, []string) error +var evaluateTable map[string]func(*BuildFile, []string, map[string]bool) error func init() { - evaluateTable = map[string]func(*BuildFile, []string) error{ + evaluateTable = map[string]func(*BuildFile, []string, map[string]bool) error{ "env": env, "maintainer": maintainer, "add": add, @@ -71,7 +70,6 @@ func init() { // processing as it evaluates the parsing result. type BuildFile struct { Dockerfile *parser.Node // the syntax tree of the dockerfile - Env EnvMap // map of environment variables Config *runconfig.Config // runconfig for cmd, run, entrypoint etc. Options *BuildOpts // see below @@ -152,7 +150,9 @@ func (b *BuildFile) Run(context io.Reader) (string, error) { b.clearTmp(b.TmpContainers) } return "", err - } else if b.Options.Remove { + } + fmt.Fprintf(b.Options.OutStream, " ---> %s\n", utils.TruncateID(b.image)) + if b.Options.Remove { b.clearTmp(b.TmpContainers) } } @@ -181,25 +181,29 @@ func (b *BuildFile) Run(context io.Reader) (string, error) { // features. func (b *BuildFile) dispatch(stepN int, ast *parser.Node) error { cmd := ast.Value + attrs := ast.Attributes strs := []string{} + msg := fmt.Sprintf("Step %d : %s", stepN, strings.ToUpper(cmd)) if cmd == "onbuild" { fmt.Fprintf(b.Options.OutStream, "%#v\n", ast.Next.Children[0].Value) ast = ast.Next.Children[0] - strs = append(strs, ast.Value) + strs = append(strs, b.replaceEnv(ast.Value)) + msg += " " + ast.Value } for ast.Next != nil { ast = ast.Next - strs = append(strs, replaceEnv(b, ast.Value)) + strs = append(strs, b.replaceEnv(ast.Value)) + msg += " " + ast.Value } - fmt.Fprintf(b.Options.OutStream, "Step %d : %s %s\n", stepN, strings.ToUpper(cmd), strings.Join(strs, " ")) + fmt.Fprintf(b.Options.OutStream, "%s\n", msg) // XXX yes, we skip any cmds that are not valid; the parser should have // picked these out already. if f, ok := evaluateTable[cmd]; ok { - return f(b, strs) + return f(b, strs, attrs) } return nil diff --git a/components/engine/builder/evaluator/internals.go b/components/engine/builder/evaluator/internals.go index 5ceb2f88a2..9519c683b3 100644 --- a/components/engine/builder/evaluator/internals.go +++ b/components/engine/builder/evaluator/internals.go @@ -21,12 +21,12 @@ import ( "github.com/docker/docker/archive" "github.com/docker/docker/daemon" imagepkg "github.com/docker/docker/image" + "github.com/docker/docker/pkg/log" "github.com/docker/docker/pkg/parsers" "github.com/docker/docker/pkg/symlink" "github.com/docker/docker/pkg/system" "github.com/docker/docker/pkg/tarsum" "github.com/docker/docker/registry" - "github.com/docker/docker/runconfig" "github.com/docker/docker/utils" ) @@ -299,13 +299,15 @@ func (b *BuildFile) pullImage(name string) (*imagepkg.Image, error) { func (b *BuildFile) processImageFrom(img *imagepkg.Image) error { b.image = img.ID - b.Config = &runconfig.Config{} + if img.Config != nil { b.Config = img.Config } + if b.Config.Env == nil || len(b.Config.Env) == 0 { b.Config.Env = append(b.Config.Env, "PATH="+daemon.DefaultPathEnv) } + // Process ONBUILD triggers if they exist if nTriggers := len(b.Config.OnBuild); nTriggers != 0 { fmt.Fprintf(b.Options.ErrStream, "# Executing %d build triggers\n", nTriggers) @@ -332,7 +334,7 @@ func (b *BuildFile) processImageFrom(img *imagepkg.Image) error { // in this function. if f, ok := evaluateTable[strings.ToLower(stepInstruction)]; ok { - if err := f(b, splitStep[1:]); err != nil { + if err := f(b, splitStep[1:], nil); err != nil { return err } } else { @@ -354,11 +356,11 @@ func (b *BuildFile) probeCache() (bool, error) { return false, err } else if cache != nil { fmt.Fprintf(b.Options.OutStream, " ---> Using cache\n") - utils.Debugf("[BUILDER] Use cached version") + log.Debugf("[BUILDER] Use cached version") b.image = cache.ID return true, nil } else { - utils.Debugf("[BUILDER] Cache miss") + log.Debugf("[BUILDER] Cache miss") } } return false, nil @@ -423,19 +425,17 @@ func (b *BuildFile) run(c *daemon.Container) error { func (b *BuildFile) checkPathForAddition(orig string) error { origPath := path.Join(b.contextPath, orig) - if p, err := filepath.EvalSymlinks(origPath); err != nil { + origPath, err := filepath.EvalSymlinks(origPath) + if err != nil { if os.IsNotExist(err) { return fmt.Errorf("%s: no such file or directory", orig) } return err - } else { - origPath = p } if !strings.HasPrefix(origPath, b.contextPath) { return fmt.Errorf("Forbidden path outside the build context: %s (%s)", orig, origPath) } - _, err := os.Stat(origPath) - if err != nil { + if _, err := os.Stat(origPath); err != nil { if os.IsNotExist(err) { return fmt.Errorf("%s: no such file or directory", orig) } @@ -499,7 +499,7 @@ func (b *BuildFile) addContext(container *daemon.Container, orig, dest string, d if err := archive.UntarPath(origPath, tarDest); err == nil { return nil } else if err != io.EOF { - utils.Debugf("Couldn't untar %s to %s: %s", origPath, tarDest, err) + log.Debugf("Couldn't untar %s to %s: %s", origPath, tarDest, err) } } diff --git a/components/engine/builder/evaluator/support.go b/components/engine/builder/evaluator/support.go index 766fd0208a..b543676ecf 100644 --- a/components/engine/builder/evaluator/support.go +++ b/components/engine/builder/evaluator/support.go @@ -10,17 +10,37 @@ var ( ) // handle environment replacement. Used in dispatcher. -func replaceEnv(b *BuildFile, str string) string { +func (b *BuildFile) replaceEnv(str string) string { for _, match := range TOKEN_ENV_INTERPOLATION.FindAllString(str, -1) { match = match[strings.Index(match, "$"):] matchKey := strings.Trim(match, "${}") - for envKey, envValue := range b.Env { - if matchKey == envKey { - str = strings.Replace(str, match, envValue, -1) + for _, keyval := range b.Config.Env { + tmp := strings.SplitN(keyval, "=", 2) + if tmp[0] == matchKey { + str = strings.Replace(str, match, tmp[1], -1) } } } return str } + +func (b *BuildFile) FindEnvKey(key string) int { + for k, envVar := range b.Config.Env { + envParts := strings.SplitN(envVar, "=", 2) + if key == envParts[0] { + return k + } + } + return -1 +} + +func handleJsonArgs(args []string, attributes map[string]bool) []string { + if attributes != nil && attributes["json"] { + return args + } + + // literal string command, not an exec array + return append([]string{"/bin/sh", "-c", strings.Join(args, " ")}) +} diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go index ff1f3483e9..999d97603d 100644 --- a/components/engine/builder/parser/line_parsers.go +++ b/components/engine/builder/parser/line_parsers.go @@ -14,13 +14,13 @@ import ( ) var ( - dockerFileErrJSONNesting = errors.New("You may not nest arrays in Dockerfile statements.") + errDockerfileJSONNesting = errors.New("You may not nest arrays in Dockerfile statements.") ) // ignore the current argument. This will still leave a command parsed, but // will not incorporate the arguments into the ast. -func parseIgnore(rest string) (*Node, error) { - return &Node{}, nil +func parseIgnore(rest string) (*Node, map[string]bool, error) { + return &Node{}, nil, nil } // used for onbuild. Could potentially be used for anything that represents a @@ -28,18 +28,18 @@ func parseIgnore(rest string) (*Node, error) { // // ONBUILD RUN foo bar -> (onbuild (run foo bar)) // -func parseSubCommand(rest string) (*Node, error) { +func parseSubCommand(rest string) (*Node, map[string]bool, error) { _, child, err := parseLine(rest) if err != nil { - return nil, err + return nil, nil, err } - return &Node{Children: []*Node{child}}, nil + return &Node{Children: []*Node{child}}, nil, nil } // parse environment like statements. Note that this does *not* handle // variable interpolation, which will be handled in the evaluator. -func parseEnv(rest string) (*Node, error) { +func parseEnv(rest string) (*Node, map[string]bool, error) { node := &Node{} rootnode := node strs := TOKEN_WHITESPACE.Split(rest, 2) @@ -47,12 +47,12 @@ func parseEnv(rest string) (*Node, error) { node.Next = &Node{} node.Next.Value = strs[1] - return rootnode, nil + return rootnode, nil, nil } // parses a whitespace-delimited set of arguments. The result is effectively a // linked list of string arguments. -func parseStringsWhitespaceDelimited(rest string) (*Node, error) { +func parseStringsWhitespaceDelimited(rest string) (*Node, map[string]bool, error) { node := &Node{} rootnode := node prevnode := node @@ -68,16 +68,18 @@ func parseStringsWhitespaceDelimited(rest string) (*Node, error) { // chain. prevnode.Next = nil - return rootnode, nil + return rootnode, nil, nil } // parsestring just wraps the string in quotes and returns a working node. -func parseString(rest string) (*Node, error) { - return &Node{rest, nil, nil}, nil +func parseString(rest string) (*Node, map[string]bool, error) { + n := &Node{} + n.Value = rest + return n, nil, nil } // parseJSON converts JSON arrays to an AST. -func parseJSON(rest string) (*Node, error) { +func parseJSON(rest string) (*Node, map[string]bool, error) { var ( myJson []interface{} next = &Node{} @@ -86,7 +88,7 @@ func parseJSON(rest string) (*Node, error) { ) if err := json.Unmarshal([]byte(rest), &myJson); err != nil { - return nil, err + return nil, nil, err } for _, str := range myJson { @@ -95,7 +97,7 @@ func parseJSON(rest string) (*Node, error) { case float64: str = strconv.FormatFloat(str.(float64), 'G', -1, 64) default: - return nil, dockerFileErrJSONNesting + return nil, nil, errDockerfileJSONNesting } next.Value = str.(string) next.Next = &Node{} @@ -105,26 +107,27 @@ func parseJSON(rest string) (*Node, error) { prevnode.Next = nil - return orignext, nil + return orignext, map[string]bool{"json": true}, nil } // parseMaybeJSON determines if the argument appears to be a JSON array. If // so, passes to parseJSON; if not, quotes the result and returns a single // node. -func parseMaybeJSON(rest string) (*Node, error) { +func parseMaybeJSON(rest string) (*Node, map[string]bool, error) { rest = strings.TrimSpace(rest) if strings.HasPrefix(rest, "[") { - node, err := parseJSON(rest) + node, attrs, err := parseJSON(rest) if err == nil { - return node, nil - } else if err == dockerFileErrJSONNesting { - return nil, err + return node, attrs, nil + } + if err == errDockerfileJSONNesting { + return nil, nil, err } } node := &Node{} node.Value = rest - return node, nil + return node, nil, nil } diff --git a/components/engine/builder/parser/parser.go b/components/engine/builder/parser/parser.go index cb9d28206d..47ffc9a678 100644 --- a/components/engine/builder/parser/parser.go +++ b/components/engine/builder/parser/parser.go @@ -21,13 +21,14 @@ import ( // works a little more effectively than a "proper" parse tree for our needs. // type Node struct { - Value string // actual content - Next *Node // the next item in the current sexp - Children []*Node // the children of this sexp + Value string // actual content + Next *Node // the next item in the current sexp + Children []*Node // the children of this sexp + Attributes map[string]bool // special attributes for this node } var ( - dispatch map[string]func(string) (*Node, error) + dispatch map[string]func(string) (*Node, map[string]bool, error) TOKEN_WHITESPACE = regexp.MustCompile(`[\t\v\f\r ]+`) TOKEN_LINE_CONTINUATION = regexp.MustCompile(`\\$`) TOKEN_COMMENT = regexp.MustCompile(`^#.*$`) @@ -40,7 +41,7 @@ func init() { // reformulating the arguments according to the rules in the parser // functions. Errors are propogated up by Parse() and the resulting AST can // be incorporated directly into the existing AST as a next. - dispatch = map[string]func(string) (*Node, error){ + dispatch = map[string]func(string) (*Node, map[string]bool, error){ "user": parseString, "onbuild": parseSubCommand, "workdir": parseString, @@ -75,12 +76,13 @@ func parseLine(line string) (string, *Node, error) { node := &Node{} node.Value = cmd - sexp, err := fullDispatch(cmd, args) + sexp, attrs, err := fullDispatch(cmd, args) if err != nil { return "", nil, err } node.Next = sexp + node.Attributes = attrs return "", node, nil } diff --git a/components/engine/builder/parser/utils.go b/components/engine/builder/parser/utils.go index 08d3e454dd..53cda5808b 100644 --- a/components/engine/builder/parser/utils.go +++ b/components/engine/builder/parser/utils.go @@ -51,17 +51,17 @@ func (node *Node) Dump() string { // performs the dispatch based on the two primal strings, cmd and args. Please // look at the dispatch table in parser.go to see how these dispatchers work. -func fullDispatch(cmd, args string) (*Node, error) { +func fullDispatch(cmd, args string) (*Node, map[string]bool, error) { if _, ok := dispatch[cmd]; !ok { - return nil, fmt.Errorf("'%s' is not a valid dockerfile command", cmd) + return nil, nil, fmt.Errorf("'%s' is not a valid dockerfile command", cmd) } - sexp, err := dispatch[cmd](args) + sexp, attrs, err := dispatch[cmd](args) if err != nil { - return nil, err + return nil, nil, err } - return sexp, nil + return sexp, attrs, nil } // splitCommand takes a single line of text and parses out the cmd and args, diff --git a/components/engine/integration-cli/docker_cli_build_test.go b/components/engine/integration-cli/docker_cli_build_test.go index bcff199c85..e6572a1bf4 100644 --- a/components/engine/integration-cli/docker_cli_build_test.go +++ b/components/engine/integration-cli/docker_cli_build_test.go @@ -685,10 +685,11 @@ func TestBuildRelativeWorkdir(t *testing.T) { func TestBuildEnv(t *testing.T) { name := "testbuildenv" - expected := "[PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PORT=2375]" + expected := "[PATH=/test:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PORT=2375]" defer deleteImages(name) _, err := buildImage(name, `FROM busybox + ENV PATH /test:$PATH ENV PORT 2375 RUN [ $(env | grep PORT) = 'PORT=2375' ]`, true) @@ -1708,6 +1709,9 @@ func TestBuildEnvUsage(t *testing.T) { name := "testbuildenvusage" defer deleteImages(name) dockerfile := `FROM busybox +ENV PATH $HOME/bin:$PATH +ENV PATH /tmp:$PATH +RUN [ "$PATH" = "/tmp:$HOME/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ] ENV FOO /foo/baz ENV BAR /bar ENV BAZ $BAR @@ -1717,7 +1721,8 @@ RUN [ "$FOOPATH" = "$PATH:/foo/baz" ] ENV FROM hello/docker/world ENV TO /docker/world/hello ADD $FROM $TO -RUN [ "$(cat $TO)" = "hello" ]` +RUN [ "$(cat $TO)" = "hello" ] +` ctx, err := fakeContext(dockerfile, map[string]string{ "hello/docker/world": "hello", }) From 8812387cabdd1a67c4ee1fc0eaf3496cd2d74aaa Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Fri, 15 Aug 2014 09:29:35 -0700 Subject: [PATCH 068/540] builder: move the evaluator package code directly into builder Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: a1522ec01c21807e657e840760a8186f482f2271 Component: engine --- components/engine/builder/builder.go | 11 +++++------ .../engine/builder/{evaluator => }/dispatchers.go | 2 +- .../engine/builder/{evaluator => }/evaluator.go | 4 ++-- .../engine/builder/{evaluator => }/internals.go | 2 +- components/engine/builder/job.go | 3 +-- components/engine/builder/{evaluator => }/support.go | 2 +- 6 files changed, 11 insertions(+), 13 deletions(-) rename components/engine/builder/{evaluator => }/dispatchers.go (99%) rename components/engine/builder/{evaluator => }/evaluator.go (98%) rename components/engine/builder/{evaluator => }/internals.go (99%) rename components/engine/builder/{evaluator => }/support.go (98%) diff --git a/components/engine/builder/builder.go b/components/engine/builder/builder.go index d99d1ad9b6..e655f9da60 100644 --- a/components/engine/builder/builder.go +++ b/components/engine/builder/builder.go @@ -1,17 +1,16 @@ package builder import ( - "github.com/docker/docker/builder/evaluator" "github.com/docker/docker/runconfig" ) -// Create a new builder. -func NewBuilder(opts *evaluator.BuildOpts) *evaluator.BuildFile { - return &evaluator.BuildFile{ +// Create a new builder. See +func NewBuilder(opts *BuildOpts) *BuildFile { + return &BuildFile{ Dockerfile: nil, Config: &runconfig.Config{}, Options: opts, - TmpContainers: evaluator.UniqueMap{}, - TmpImages: evaluator.UniqueMap{}, + TmpContainers: UniqueMap{}, + TmpImages: UniqueMap{}, } } diff --git a/components/engine/builder/evaluator/dispatchers.go b/components/engine/builder/dispatchers.go similarity index 99% rename from components/engine/builder/evaluator/dispatchers.go rename to components/engine/builder/dispatchers.go index 23e16b000e..fe0b5be579 100644 --- a/components/engine/builder/evaluator/dispatchers.go +++ b/components/engine/builder/dispatchers.go @@ -1,4 +1,4 @@ -package evaluator +package builder // This file contains the dispatchers for each command. Note that // `nullDispatch` is not actually a command, but support for commands we parse diff --git a/components/engine/builder/evaluator/evaluator.go b/components/engine/builder/evaluator.go similarity index 98% rename from components/engine/builder/evaluator/evaluator.go rename to components/engine/builder/evaluator.go index dbf4e30839..01805f892d 100644 --- a/components/engine/builder/evaluator/evaluator.go +++ b/components/engine/builder/evaluator.go @@ -1,4 +1,4 @@ -// evaluator is the evaluation step in the Dockerfile parse/evaluate pipeline. +// builder is the evaluation step in the Dockerfile parse/evaluate pipeline. // // It incorporates a dispatch table based on the parser.Node values (see the // parser package for more information) that are yielded from the parser itself. @@ -17,7 +17,7 @@ // before and after each step, such as creating an image ID and removing temporary // containers and images. Note that ONBUILD creates a kinda-sorta "sub run" which // includes its own set of steps (usually only one of them). -package evaluator +package builder import ( "bytes" diff --git a/components/engine/builder/evaluator/internals.go b/components/engine/builder/internals.go similarity index 99% rename from components/engine/builder/evaluator/internals.go rename to components/engine/builder/internals.go index 9519c683b3..b1d5b21f03 100644 --- a/components/engine/builder/evaluator/internals.go +++ b/components/engine/builder/internals.go @@ -1,4 +1,4 @@ -package evaluator +package builder // internals for handling commands. Covers many areas and a lot of // non-contiguous functionality. Please read the comments. diff --git a/components/engine/builder/job.go b/components/engine/builder/job.go index 98a24df898..e1233e0a08 100644 --- a/components/engine/builder/job.go +++ b/components/engine/builder/job.go @@ -8,7 +8,6 @@ import ( "strings" "github.com/docker/docker/archive" - "github.com/docker/docker/builder/evaluator" "github.com/docker/docker/daemon" "github.com/docker/docker/engine" "github.com/docker/docker/pkg/parsers" @@ -86,7 +85,7 @@ func (b *BuilderJob) CmdBuild(job *engine.Job) engine.Status { sf := utils.NewStreamFormatter(job.GetenvBool("json")) - opts := &evaluator.BuildOpts{ + opts := &BuildOpts{ Daemon: b.Daemon, Engine: b.Engine, OutStream: &utils.StdoutFormater{ diff --git a/components/engine/builder/evaluator/support.go b/components/engine/builder/support.go similarity index 98% rename from components/engine/builder/evaluator/support.go rename to components/engine/builder/support.go index b543676ecf..08cfa8defa 100644 --- a/components/engine/builder/evaluator/support.go +++ b/components/engine/builder/support.go @@ -1,4 +1,4 @@ -package evaluator +package builder import ( "regexp" From 4308bf42dd53ff085795fc60a8db0c09d923cbd1 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Tue, 19 Aug 2014 11:14:21 +0000 Subject: [PATCH 069/540] builder: several fixups from comments Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 305f73508022d0a3af65faa327aa798610969875 Component: engine --- components/engine/builder/builder.go | 3 +-- components/engine/builder/evaluator.go | 11 +++++------ components/engine/builder/internals.go | 9 ++++----- components/engine/builder/parser/line_parsers.go | 16 +++++++--------- components/engine/builder/parser/parser.go | 3 +-- components/engine/builder/support.go | 11 +---------- 6 files changed, 19 insertions(+), 34 deletions(-) diff --git a/components/engine/builder/builder.go b/components/engine/builder/builder.go index e655f9da60..685f27b061 100644 --- a/components/engine/builder/builder.go +++ b/components/engine/builder/builder.go @@ -10,7 +10,6 @@ func NewBuilder(opts *BuildOpts) *BuildFile { Dockerfile: nil, Config: &runconfig.Config{}, Options: opts, - TmpContainers: UniqueMap{}, - TmpImages: UniqueMap{}, + TmpContainers: map[string]struct{}{}, } } diff --git a/components/engine/builder/evaluator.go b/components/engine/builder/evaluator.go index 01805f892d..ec8edc98c8 100644 --- a/components/engine/builder/evaluator.go +++ b/components/engine/builder/evaluator.go @@ -38,8 +38,6 @@ import ( "github.com/docker/docker/utils" ) -type UniqueMap map[string]struct{} - var ( ErrDockerfileEmpty = errors.New("Dockerfile cannot be empty") ) @@ -74,8 +72,7 @@ type BuildFile struct { Options *BuildOpts // see below // both of these are controlled by the Remove and ForceRemove options in BuildOpts - TmpContainers UniqueMap // a map of containers used for removes - TmpImages UniqueMap // a map of images used for removes + TmpContainers map[string]struct{} // a map of containers used for removes image string // image name for commit processing maintainer string // maintainer name. could probably be removed. @@ -147,13 +144,13 @@ func (b *BuildFile) Run(context io.Reader) (string, error) { for i, n := range b.Dockerfile.Children { if err := b.dispatch(i, n); err != nil { if b.Options.ForceRemove { - b.clearTmp(b.TmpContainers) + b.clearTmp() } return "", err } fmt.Fprintf(b.Options.OutStream, " ---> %s\n", utils.TruncateID(b.image)) if b.Options.Remove { - b.clearTmp(b.TmpContainers) + b.clearTmp() } } @@ -206,5 +203,7 @@ func (b *BuildFile) dispatch(stepN int, ast *parser.Node) error { return f(b, strs, attrs) } + fmt.Fprintf(b.Options.ErrStream, "# Skipping unknown instruction %s\n", strings.ToUpper(cmd)) + return nil } diff --git a/components/engine/builder/internals.go b/components/engine/builder/internals.go index b1d5b21f03..51b2b63ab9 100644 --- a/components/engine/builder/internals.go +++ b/components/engine/builder/internals.go @@ -97,7 +97,6 @@ func (b *BuildFile) commit(id string, autoCmd []string, comment string) error { if err != nil { return err } - b.TmpImages[image.ID] = struct{}{} b.image = image.ID return nil } @@ -304,7 +303,7 @@ func (b *BuildFile) processImageFrom(img *imagepkg.Image) error { b.Config = img.Config } - if b.Config.Env == nil || len(b.Config.Env) == 0 { + if len(b.Config.Env) == 0 { b.Config.Env = append(b.Config.Env, "PATH="+daemon.DefaultPathEnv) } @@ -549,13 +548,13 @@ func fixPermissions(destination string, uid, gid int) error { }) } -func (b *BuildFile) clearTmp(containers map[string]struct{}) { - for c := range containers { +func (b *BuildFile) clearTmp() { + for c := range b.TmpContainers { tmp := b.Options.Daemon.Get(c) if err := b.Options.Daemon.Destroy(tmp); err != nil { fmt.Fprintf(b.Options.OutStream, "Error removing intermediate container %s: %s\n", utils.TruncateID(c), err.Error()) } else { - delete(containers, c) + delete(b.TmpContainers, c) fmt.Fprintf(b.Options.OutStream, "Removing intermediate container %s\n", utils.TruncateID(c)) } } diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go index 999d97603d..93fa23ee85 100644 --- a/components/engine/builder/parser/line_parsers.go +++ b/components/engine/builder/parser/line_parsers.go @@ -116,18 +116,16 @@ func parseJSON(rest string) (*Node, map[string]bool, error) { func parseMaybeJSON(rest string) (*Node, map[string]bool, error) { rest = strings.TrimSpace(rest) - if strings.HasPrefix(rest, "[") { - node, attrs, err := parseJSON(rest) + node, attrs, err := parseJSON(rest) - if err == nil { - return node, attrs, nil - } - if err == errDockerfileJSONNesting { - return nil, nil, err - } + if err == nil { + return node, attrs, nil + } + if err == errDockerfileJSONNesting { + return nil, nil, err } - node := &Node{} + node = &Node{} node.Value = rest return node, nil, nil } diff --git a/components/engine/builder/parser/parser.go b/components/engine/builder/parser/parser.go index 47ffc9a678..8315412bd7 100644 --- a/components/engine/builder/parser/parser.go +++ b/components/engine/builder/parser/parser.go @@ -100,8 +100,7 @@ func Parse(rwc io.Reader) (*Node, error) { } if line != "" && child == nil { - for { - scanner.Scan() + for scanner.Scan() { newline := strings.TrimSpace(scanner.Text()) if newline == "" { diff --git a/components/engine/builder/support.go b/components/engine/builder/support.go index 08cfa8defa..bae97e370f 100644 --- a/components/engine/builder/support.go +++ b/components/engine/builder/support.go @@ -19,6 +19,7 @@ func (b *BuildFile) replaceEnv(str string) string { tmp := strings.SplitN(keyval, "=", 2) if tmp[0] == matchKey { str = strings.Replace(str, match, tmp[1], -1) + break } } } @@ -26,16 +27,6 @@ func (b *BuildFile) replaceEnv(str string) string { return str } -func (b *BuildFile) FindEnvKey(key string) int { - for k, envVar := range b.Config.Env { - envParts := strings.SplitN(envVar, "=", 2) - if key == envParts[0] { - return k - } - } - return -1 -} - func handleJsonArgs(args []string, attributes map[string]bool) []string { if attributes != nil && attributes["json"] { return args From 5c6641e945e7bada93487636a6643c5cd65588a8 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Tue, 26 Aug 2014 12:25:44 -0700 Subject: [PATCH 070/540] builder: Refactors according to @tiborvass's comments Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 2ef1dec7e8d405f237b68ca104d457d78b8caed1 Component: engine --- components/engine/builder/builder.go | 15 ----- components/engine/builder/dispatchers.go | 34 +++++----- components/engine/builder/evaluator.go | 84 +++++++++++++----------- components/engine/builder/internals.go | 82 ++++++++++++----------- components/engine/builder/job.go | 4 +- components/engine/builder/support.go | 2 +- 6 files changed, 106 insertions(+), 115 deletions(-) delete mode 100644 components/engine/builder/builder.go diff --git a/components/engine/builder/builder.go b/components/engine/builder/builder.go deleted file mode 100644 index 685f27b061..0000000000 --- a/components/engine/builder/builder.go +++ /dev/null @@ -1,15 +0,0 @@ -package builder - -import ( - "github.com/docker/docker/runconfig" -) - -// Create a new builder. See -func NewBuilder(opts *BuildOpts) *BuildFile { - return &BuildFile{ - Dockerfile: nil, - Config: &runconfig.Config{}, - Options: opts, - TmpContainers: map[string]struct{}{}, - } -} diff --git a/components/engine/builder/dispatchers.go b/components/engine/builder/dispatchers.go index fe0b5be579..8abdb51d8a 100644 --- a/components/engine/builder/dispatchers.go +++ b/components/engine/builder/dispatchers.go @@ -18,7 +18,7 @@ import ( ) // dispatch with no layer / parsing. This is effectively not a command. -func nullDispatch(b *BuildFile, args []string, attributes map[string]bool) error { +func nullDispatch(b *Builder, args []string, attributes map[string]bool) error { return nil } @@ -27,7 +27,7 @@ func nullDispatch(b *BuildFile, args []string, attributes map[string]bool) error // Sets the environment variable foo to bar, also makes interpolation // in the dockerfile available from the next statement on via ${foo}. // -func env(b *BuildFile, args []string, attributes map[string]bool) error { +func env(b *Builder, args []string, attributes map[string]bool) error { if len(args) != 2 { return fmt.Errorf("ENV accepts two arguments") } @@ -48,7 +48,7 @@ func env(b *BuildFile, args []string, attributes map[string]bool) error { // MAINTAINER some text // // Sets the maintainer metadata. -func maintainer(b *BuildFile, args []string, attributes map[string]bool) error { +func maintainer(b *Builder, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("MAINTAINER requires only one argument") } @@ -62,7 +62,7 @@ func maintainer(b *BuildFile, args []string, attributes map[string]bool) error { // Add the file 'foo' to '/path'. Tarball and Remote URL (git, http) handling // exist here. If you do not wish to have this automatic handling, use COPY. // -func add(b *BuildFile, args []string, attributes map[string]bool) error { +func add(b *Builder, args []string, attributes map[string]bool) error { if len(args) != 2 { return fmt.Errorf("ADD requires two arguments") } @@ -74,7 +74,7 @@ func add(b *BuildFile, args []string, attributes map[string]bool) error { // // Same as 'ADD' but without the tar and remote url handling. // -func dispatchCopy(b *BuildFile, args []string, attributes map[string]bool) error { +func dispatchCopy(b *Builder, args []string, attributes map[string]bool) error { if len(args) != 2 { return fmt.Errorf("COPY requires two arguments") } @@ -86,16 +86,16 @@ func dispatchCopy(b *BuildFile, args []string, attributes map[string]bool) error // // This sets the image the dockerfile will build on top of. // -func from(b *BuildFile, args []string, attributes map[string]bool) error { +func from(b *Builder, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("FROM requires one argument") } name := args[0] - image, err := b.Options.Daemon.Repositories().LookupImage(name) + image, err := b.Daemon.Repositories().LookupImage(name) if err != nil { - if b.Options.Daemon.Graph().IsNotExist(err) { + if b.Daemon.Graph().IsNotExist(err) { image, err = b.pullImage(name) } @@ -118,7 +118,7 @@ func from(b *BuildFile, args []string, attributes map[string]bool) error { // special cases. search for 'OnBuild' in internals.go for additional special // cases. // -func onbuild(b *BuildFile, args []string, attributes map[string]bool) error { +func onbuild(b *Builder, args []string, attributes map[string]bool) error { triggerInstruction := strings.ToUpper(strings.TrimSpace(args[0])) switch triggerInstruction { case "ONBUILD": @@ -137,7 +137,7 @@ func onbuild(b *BuildFile, args []string, attributes map[string]bool) error { // // Set the working directory for future RUN/CMD/etc statements. // -func workdir(b *BuildFile, args []string, attributes map[string]bool) error { +func workdir(b *Builder, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("WORKDIR requires exactly one argument") } @@ -165,7 +165,7 @@ func workdir(b *BuildFile, args []string, attributes map[string]bool) error { // RUN echo hi # sh -c echo hi // RUN [ "echo", "hi" ] # echo hi // -func run(b *BuildFile, args []string, attributes map[string]bool) error { +func run(b *Builder, args []string, attributes map[string]bool) error { args = handleJsonArgs(args, attributes) if b.image == "" { @@ -220,7 +220,7 @@ func run(b *BuildFile, args []string, attributes map[string]bool) error { // Set the default command to run in the container (which may be empty). // Argument handling is the same as RUN. // -func cmd(b *BuildFile, args []string, attributes map[string]bool) error { +func cmd(b *Builder, args []string, attributes map[string]bool) error { b.Config.Cmd = handleJsonArgs(args, attributes) if err := b.commit("", b.Config.Cmd, fmt.Sprintf("CMD %v", cmd)); err != nil { @@ -239,7 +239,7 @@ func cmd(b *BuildFile, args []string, attributes map[string]bool) error { // Handles command processing similar to CMD and RUN, only b.Config.Entrypoint // is initialized at NewBuilder time instead of through argument parsing. // -func entrypoint(b *BuildFile, args []string, attributes map[string]bool) error { +func entrypoint(b *Builder, args []string, attributes map[string]bool) error { b.Config.Entrypoint = handleJsonArgs(args, attributes) // if there is no cmd in current Dockerfile - cleanup cmd @@ -258,7 +258,7 @@ func entrypoint(b *BuildFile, args []string, attributes map[string]bool) error { // Expose ports for links and port mappings. This all ends up in // b.Config.ExposedPorts for runconfig. // -func expose(b *BuildFile, args []string, attributes map[string]bool) error { +func expose(b *Builder, args []string, attributes map[string]bool) error { portsTab := args if b.Config.ExposedPorts == nil { @@ -285,7 +285,7 @@ func expose(b *BuildFile, args []string, attributes map[string]bool) error { // Set the user to 'foo' for future commands and when running the // ENTRYPOINT/CMD at container run time. // -func user(b *BuildFile, args []string, attributes map[string]bool) error { +func user(b *Builder, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("USER requires exactly one argument") } @@ -299,7 +299,7 @@ func user(b *BuildFile, args []string, attributes map[string]bool) error { // Expose the volume /foo for use. Will also accept the JSON form, but either // way requires exactly one argument. // -func volume(b *BuildFile, args []string, attributes map[string]bool) error { +func volume(b *Builder, args []string, attributes map[string]bool) error { if len(args) != 1 { return fmt.Errorf("Volume cannot be empty") } @@ -319,6 +319,6 @@ func volume(b *BuildFile, args []string, attributes map[string]bool) error { } // INSERT is no longer accepted, but we still parse it. -func insert(b *BuildFile, args []string, attributes map[string]bool) error { +func insert(b *Builder, args []string, attributes map[string]bool) error { return fmt.Errorf("INSERT has been deprecated. Please use ADD instead") } diff --git a/components/engine/builder/evaluator.go b/components/engine/builder/evaluator.go index ec8edc98c8..33d8f080e0 100644 --- a/components/engine/builder/evaluator.go +++ b/components/engine/builder/evaluator.go @@ -20,11 +20,9 @@ package builder import ( - "bytes" "errors" "fmt" "io" - "io/ioutil" "os" "path" "strings" @@ -42,10 +40,10 @@ var ( ErrDockerfileEmpty = errors.New("Dockerfile cannot be empty") ) -var evaluateTable map[string]func(*BuildFile, []string, map[string]bool) error +var evaluateTable map[string]func(*Builder, []string, map[string]bool) error func init() { - evaluateTable = map[string]func(*BuildFile, []string, map[string]bool) error{ + evaluateTable = map[string]func(*Builder, []string, map[string]bool) error{ "env": env, "maintainer": maintainer, "add": add, @@ -66,23 +64,7 @@ func init() { // internal struct, used to maintain configuration of the Dockerfile's // processing as it evaluates the parsing result. -type BuildFile struct { - Dockerfile *parser.Node // the syntax tree of the dockerfile - Config *runconfig.Config // runconfig for cmd, run, entrypoint etc. - Options *BuildOpts // see below - - // both of these are controlled by the Remove and ForceRemove options in BuildOpts - TmpContainers map[string]struct{} // a map of containers used for removes - - image string // image name for commit processing - maintainer string // maintainer name. could probably be removed. - cmdSet bool // indicates is CMD was set in current Dockerfile - context *tarsum.TarSum // the context is a tarball that is uploaded by the client - contextPath string // the path of the temporary directory the local context is unpacked to (server side) - -} - -type BuildOpts struct { +type Builder struct { Daemon *daemon.Daemon Engine *engine.Engine @@ -104,6 +86,19 @@ type BuildOpts struct { // Deprecated, original writer used for ImagePull. To be removed. OutOld io.Writer StreamFormatter *utils.StreamFormatter + + Config *runconfig.Config // runconfig for cmd, run, entrypoint etc. + + // both of these are controlled by the Remove and ForceRemove options in BuildOpts + TmpContainers map[string]struct{} // a map of containers used for removes + + dockerfile *parser.Node // the syntax tree of the dockerfile + image string // image name for commit processing + maintainer string // maintainer name. could probably be removed. + cmdSet bool // indicates is CMD was set in current Dockerfile + context *tarsum.TarSum // the context is a tarball that is uploaded by the client + contextPath string // the path of the temporary directory the local context is unpacked to (server side) + } // Run the builder with the context. This is the lynchpin of this package. This @@ -118,38 +113,48 @@ type BuildOpts struct { // processing. // * Print a happy message and return the image ID. // -func (b *BuildFile) Run(context io.Reader) (string, error) { +func (b *Builder) Run(context io.Reader) (string, error) { if err := b.readContext(context); err != nil { return "", err } filename := path.Join(b.contextPath, "Dockerfile") - if _, err := os.Stat(filename); os.IsNotExist(err) { + + fi, err := os.Stat(filename) + if os.IsNotExist(err) { return "", fmt.Errorf("Cannot build a directory without a Dockerfile") } - fileBytes, err := ioutil.ReadFile(filename) - if err != nil { - return "", err - } - if len(fileBytes) == 0 { + if fi.Size() == 0 { return "", ErrDockerfileEmpty } - ast, err := parser.Parse(bytes.NewReader(fileBytes)) + + f, err := os.Open(filename) if err != nil { return "", err } - b.Dockerfile = ast + defer f.Close() - for i, n := range b.Dockerfile.Children { + ast, err := parser.Parse(f) + if err != nil { + return "", err + } + + b.dockerfile = ast + + // some initializations that would not have been supplied by the caller. + b.Config = &runconfig.Config{} + b.TmpContainers = map[string]struct{}{} + + for i, n := range b.dockerfile.Children { if err := b.dispatch(i, n); err != nil { - if b.Options.ForceRemove { + if b.ForceRemove { b.clearTmp() } return "", err } - fmt.Fprintf(b.Options.OutStream, " ---> %s\n", utils.TruncateID(b.image)) - if b.Options.Remove { + fmt.Fprintf(b.OutStream, " ---> %s\n", utils.TruncateID(b.image)) + if b.Remove { b.clearTmp() } } @@ -158,7 +163,7 @@ func (b *BuildFile) Run(context io.Reader) (string, error) { return "", fmt.Errorf("No image was generated. Is your Dockerfile empty?\n") } - fmt.Fprintf(b.Options.OutStream, "Successfully built %s\n", utils.TruncateID(b.image)) + fmt.Fprintf(b.OutStream, "Successfully built %s\n", utils.TruncateID(b.image)) return b.image, nil } @@ -168,7 +173,7 @@ func (b *BuildFile) Run(context io.Reader) (string, error) { // Child[Node, Node, Node] where Child is from parser.Node.Children and each // node comes from parser.Node.Next. This forms a "line" with a statement and // arguments and we process them in this normalized form by hitting -// evaluateTable with the leaf nodes of the command and the BuildFile object. +// evaluateTable with the leaf nodes of the command and the Builder object. // // ONBUILD is a special case; in this case the parser will emit: // Child[Node, Child[Node, Node...]] where the first node is the literal @@ -176,14 +181,13 @@ func (b *BuildFile) Run(context io.Reader) (string, error) { // such as `RUN` in ONBUILD RUN foo. There is special case logic in here to // deal with that, at least until it becomes more of a general concern with new // features. -func (b *BuildFile) dispatch(stepN int, ast *parser.Node) error { +func (b *Builder) dispatch(stepN int, ast *parser.Node) error { cmd := ast.Value attrs := ast.Attributes strs := []string{} msg := fmt.Sprintf("Step %d : %s", stepN, strings.ToUpper(cmd)) if cmd == "onbuild" { - fmt.Fprintf(b.Options.OutStream, "%#v\n", ast.Next.Children[0].Value) ast = ast.Next.Children[0] strs = append(strs, b.replaceEnv(ast.Value)) msg += " " + ast.Value @@ -195,7 +199,7 @@ func (b *BuildFile) dispatch(stepN int, ast *parser.Node) error { msg += " " + ast.Value } - fmt.Fprintf(b.Options.OutStream, "%s\n", msg) + fmt.Fprintln(b.OutStream, msg) // XXX yes, we skip any cmds that are not valid; the parser should have // picked these out already. @@ -203,7 +207,7 @@ func (b *BuildFile) dispatch(stepN int, ast *parser.Node) error { return f(b, strs, attrs) } - fmt.Fprintf(b.Options.ErrStream, "# Skipping unknown instruction %s\n", strings.ToUpper(cmd)) + fmt.Fprintf(b.ErrStream, "# Skipping unknown instruction %s\n", strings.ToUpper(cmd)) return nil } diff --git a/components/engine/builder/internals.go b/components/engine/builder/internals.go index 51b2b63ab9..1767d7d9dd 100644 --- a/components/engine/builder/internals.go +++ b/components/engine/builder/internals.go @@ -30,7 +30,7 @@ import ( "github.com/docker/docker/utils" ) -func (b *BuildFile) readContext(context io.Reader) error { +func (b *Builder) readContext(context io.Reader) error { tmpdirPath, err := ioutil.TempDir("", "docker-build") if err != nil { return err @@ -50,7 +50,7 @@ func (b *BuildFile) readContext(context io.Reader) error { return nil } -func (b *BuildFile) commit(id string, autoCmd []string, comment string) error { +func (b *Builder) commit(id string, autoCmd []string, comment string) error { if b.image == "" { return fmt.Errorf("Please provide a source image with `from` prior to commit") } @@ -68,15 +68,15 @@ func (b *BuildFile) commit(id string, autoCmd []string, comment string) error { return nil } - container, warnings, err := b.Options.Daemon.Create(b.Config, "") + container, warnings, err := b.Daemon.Create(b.Config, "") if err != nil { return err } for _, warning := range warnings { - fmt.Fprintf(b.Options.OutStream, " ---> [Warning] %s\n", warning) + fmt.Fprintf(b.OutStream, " ---> [Warning] %s\n", warning) } b.TmpContainers[container.ID] = struct{}{} - fmt.Fprintf(b.Options.OutStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) + fmt.Fprintf(b.OutStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) id = container.ID if err := container.Mount(); err != nil { @@ -84,7 +84,7 @@ func (b *BuildFile) commit(id string, autoCmd []string, comment string) error { } defer container.Unmount() } - container := b.Options.Daemon.Get(id) + container := b.Daemon.Get(id) if container == nil { return fmt.Errorf("An error occured while creating the container") } @@ -93,7 +93,7 @@ func (b *BuildFile) commit(id string, autoCmd []string, comment string) error { autoConfig := *b.Config autoConfig.Cmd = autoCmd // Commit the container - image, err := b.Options.Daemon.Commit(container, "", "", "", b.maintainer, true, &autoConfig) + image, err := b.Daemon.Commit(container, "", "", "", b.maintainer, true, &autoConfig) if err != nil { return err } @@ -101,7 +101,7 @@ func (b *BuildFile) commit(id string, autoCmd []string, comment string) error { return nil } -func (b *BuildFile) runContextCommand(args []string, allowRemote bool, allowDecompression bool, cmdName string) error { +func (b *Builder) runContextCommand(args []string, allowRemote bool, allowDecompression bool, cmdName string) error { if b.context == nil { return fmt.Errorf("No context given. Impossible to use %s", cmdName) } @@ -200,7 +200,7 @@ func (b *BuildFile) runContextCommand(args []string, allowRemote bool, allowDeco } // Hash path and check the cache - if b.Options.UtilizeCache { + if b.UtilizeCache { var ( hash string sums = b.context.GetSums() @@ -244,7 +244,7 @@ func (b *BuildFile) runContextCommand(args []string, allowRemote bool, allowDeco } // Create the container - container, _, err := b.Options.Daemon.Create(b.Config, "") + container, _, err := b.Daemon.Create(b.Config, "") if err != nil { return err } @@ -268,27 +268,27 @@ func (b *BuildFile) runContextCommand(args []string, allowRemote bool, allowDeco return nil } -func (b *BuildFile) pullImage(name string) (*imagepkg.Image, error) { +func (b *Builder) pullImage(name string) (*imagepkg.Image, error) { remote, tag := parsers.ParseRepositoryTag(name) - pullRegistryAuth := b.Options.AuthConfig - if len(b.Options.AuthConfigFile.Configs) > 0 { + pullRegistryAuth := b.AuthConfig + if len(b.AuthConfigFile.Configs) > 0 { // The request came with a full auth config file, we prefer to use that endpoint, _, err := registry.ResolveRepositoryName(remote) if err != nil { return nil, err } - resolvedAuth := b.Options.AuthConfigFile.ResolveAuthConfig(endpoint) + resolvedAuth := b.AuthConfigFile.ResolveAuthConfig(endpoint) pullRegistryAuth = &resolvedAuth } - job := b.Options.Engine.Job("pull", remote, tag) - job.SetenvBool("json", b.Options.StreamFormatter.Json()) + job := b.Engine.Job("pull", remote, tag) + job.SetenvBool("json", b.StreamFormatter.Json()) job.SetenvBool("parallel", true) job.SetenvJson("authConfig", pullRegistryAuth) - job.Stdout.Add(b.Options.OutOld) + job.Stdout.Add(b.OutOld) if err := job.Run(); err != nil { return nil, err } - image, err := b.Options.Daemon.Repositories().LookupImage(name) + image, err := b.Daemon.Repositories().LookupImage(name) if err != nil { return nil, err } @@ -296,7 +296,7 @@ func (b *BuildFile) pullImage(name string) (*imagepkg.Image, error) { return image, nil } -func (b *BuildFile) processImageFrom(img *imagepkg.Image) error { +func (b *Builder) processImageFrom(img *imagepkg.Image) error { b.image = img.ID if img.Config != nil { @@ -309,7 +309,7 @@ func (b *BuildFile) processImageFrom(img *imagepkg.Image) error { // Process ONBUILD triggers if they exist if nTriggers := len(b.Config.OnBuild); nTriggers != 0 { - fmt.Fprintf(b.Options.ErrStream, "# Executing %d build triggers\n", nTriggers) + fmt.Fprintf(b.ErrStream, "# Executing %d build triggers\n", nTriggers) } // Copy the ONBUILD triggers, and remove them from the config, since the config will be commited. @@ -330,7 +330,8 @@ func (b *BuildFile) processImageFrom(img *imagepkg.Image) error { } // FIXME we have to run the evaluator manually here. This does not belong - // in this function. + // in this function. Once removed, the init() in evaluator.go should no + // longer be necessary. if f, ok := evaluateTable[strings.ToLower(stepInstruction)]; ok { if err := f(b, splitStep[1:], nil); err != nil { @@ -344,17 +345,17 @@ func (b *BuildFile) processImageFrom(img *imagepkg.Image) error { return nil } -// probeCache checks to see if image-caching is enabled (`b.Options.UtilizeCache`) +// probeCache checks to see if image-caching is enabled (`b.UtilizeCache`) // and if so attempts to look up the current `b.image` and `b.Config` pair -// in the current server `b.Options.Daemon`. If an image is found, probeCache returns +// in the current server `b.Daemon`. If an image is found, probeCache returns // `(true, nil)`. If no image is found, it returns `(false, nil)`. If there // is any error, it returns `(false, err)`. -func (b *BuildFile) probeCache() (bool, error) { - if b.Options.UtilizeCache { - if cache, err := b.Options.Daemon.ImageGetCached(b.image, b.Config); err != nil { +func (b *Builder) probeCache() (bool, error) { + if b.UtilizeCache { + if cache, err := b.Daemon.ImageGetCached(b.image, b.Config); err != nil { return false, err } else if cache != nil { - fmt.Fprintf(b.Options.OutStream, " ---> Using cache\n") + fmt.Fprintf(b.OutStream, " ---> Using cache\n") log.Debugf("[BUILDER] Use cached version") b.image = cache.ID return true, nil @@ -365,19 +366,20 @@ func (b *BuildFile) probeCache() (bool, error) { return false, nil } -func (b *BuildFile) create() (*daemon.Container, error) { +func (b *Builder) create() (*daemon.Container, error) { if b.image == "" { return nil, fmt.Errorf("Please provide a source image with `from` prior to run") } b.Config.Image = b.image // Create the container - c, _, err := b.Options.Daemon.Create(b.Config, "") + c, _, err := b.Daemon.Create(b.Config, "") if err != nil { return nil, err } + b.TmpContainers[c.ID] = struct{}{} - fmt.Fprintf(b.Options.OutStream, " ---> Running in %s\n", utils.TruncateID(c.ID)) + fmt.Fprintf(b.OutStream, " ---> Running in %s\n", utils.TruncateID(c.ID)) // override the entry point that may have been picked up from the base image c.Path = b.Config.Cmd[0] @@ -386,16 +388,16 @@ func (b *BuildFile) create() (*daemon.Container, error) { return c, nil } -func (b *BuildFile) run(c *daemon.Container) error { +func (b *Builder) run(c *daemon.Container) error { var errCh chan error - if b.Options.Verbose { + if b.Verbose { errCh = utils.Go(func() error { // FIXME: call the 'attach' job so that daemon.Attach can be made private // // FIXME (LK4D4): Also, maybe makes sense to call "logs" job, it is like attach // but without hijacking for stdin. Also, with attach there can be race // condition because of some output already was printed before it. - return <-b.Options.Daemon.Attach(c, nil, nil, b.Options.OutStream, b.Options.ErrStream) + return <-b.Daemon.Attach(c, nil, nil, b.OutStream, b.ErrStream) }) } @@ -422,7 +424,7 @@ func (b *BuildFile) run(c *daemon.Container) error { return nil } -func (b *BuildFile) checkPathForAddition(orig string) error { +func (b *Builder) checkPathForAddition(orig string) error { origPath := path.Join(b.contextPath, orig) origPath, err := filepath.EvalSymlinks(origPath) if err != nil { @@ -443,7 +445,7 @@ func (b *BuildFile) checkPathForAddition(orig string) error { return nil } -func (b *BuildFile) addContext(container *daemon.Container, orig, dest string, decompress bool) error { +func (b *Builder) addContext(container *daemon.Container, orig, dest string, decompress bool) error { var ( err error destExists = true @@ -548,14 +550,14 @@ func fixPermissions(destination string, uid, gid int) error { }) } -func (b *BuildFile) clearTmp() { +func (b *Builder) clearTmp() { for c := range b.TmpContainers { - tmp := b.Options.Daemon.Get(c) - if err := b.Options.Daemon.Destroy(tmp); err != nil { - fmt.Fprintf(b.Options.OutStream, "Error removing intermediate container %s: %s\n", utils.TruncateID(c), err.Error()) + tmp := b.Daemon.Get(c) + if err := b.Daemon.Destroy(tmp); err != nil { + fmt.Fprintf(b.OutStream, "Error removing intermediate container %s: %s\n", utils.TruncateID(c), err.Error()) } else { delete(b.TmpContainers, c) - fmt.Fprintf(b.Options.OutStream, "Removing intermediate container %s\n", utils.TruncateID(c)) + fmt.Fprintf(b.OutStream, "Removing intermediate container %s\n", utils.TruncateID(c)) } } } diff --git a/components/engine/builder/job.go b/components/engine/builder/job.go index e1233e0a08..1aa2c3b6b9 100644 --- a/components/engine/builder/job.go +++ b/components/engine/builder/job.go @@ -85,7 +85,7 @@ func (b *BuilderJob) CmdBuild(job *engine.Job) engine.Status { sf := utils.NewStreamFormatter(job.GetenvBool("json")) - opts := &BuildOpts{ + builder := &Builder{ Daemon: b.Daemon, Engine: b.Engine, OutStream: &utils.StdoutFormater{ @@ -106,7 +106,7 @@ func (b *BuilderJob) CmdBuild(job *engine.Job) engine.Status { AuthConfigFile: configFile, } - id, err := NewBuilder(opts).Run(context) + id, err := builder.Run(context) if err != nil { return job.Error(err) } diff --git a/components/engine/builder/support.go b/components/engine/builder/support.go index bae97e370f..de5d57b501 100644 --- a/components/engine/builder/support.go +++ b/components/engine/builder/support.go @@ -10,7 +10,7 @@ var ( ) // handle environment replacement. Used in dispatcher. -func (b *BuildFile) replaceEnv(str string) string { +func (b *Builder) replaceEnv(str string) string { for _, match := range TOKEN_ENV_INTERPOLATION.FindAllString(str, -1) { match = match[strings.Index(match, "$"):] matchKey := strings.Trim(match, "${}") From def10d2ed486bf5d359280b77f824be885ed0c10 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Thu, 28 Aug 2014 09:25:57 +0400 Subject: [PATCH 071/540] Add logDone logs where it's missing Signed-off-by: Alexandr Morozov Upstream-commit: 3c984a6d1578947c5adfe13993cb28d88a674bbf Component: engine --- components/engine/integration-cli/docker_cli_commit_test.go | 2 ++ components/engine/integration-cli/docker_cli_diff_test.go | 2 ++ components/engine/integration-cli/docker_cli_history_test.go | 2 ++ components/engine/integration-cli/docker_cli_links_test.go | 4 ++++ components/engine/integration-cli/docker_cli_run_test.go | 2 ++ 5 files changed, 12 insertions(+) diff --git a/components/engine/integration-cli/docker_cli_commit_test.go b/components/engine/integration-cli/docker_cli_commit_test.go index 7caf3588ce..4bc16afcf2 100644 --- a/components/engine/integration-cli/docker_cli_commit_test.go +++ b/components/engine/integration-cli/docker_cli_commit_test.go @@ -109,6 +109,8 @@ func TestCommitTTY(t *testing.T) { if _, err := runCommand(cmd); err != nil { t.Fatal(err) } + + logDone("commit - commit tty") } func TestCommitWithHostBindMount(t *testing.T) { diff --git a/components/engine/integration-cli/docker_cli_diff_test.go b/components/engine/integration-cli/docker_cli_diff_test.go index 416f9421b7..726f23491c 100644 --- a/components/engine/integration-cli/docker_cli_diff_test.go +++ b/components/engine/integration-cli/docker_cli_diff_test.go @@ -88,4 +88,6 @@ func TestDiffEnsureOnlyKmsgAndPtmx(t *testing.T) { t.Errorf("'%s' is shown in the diff but shouldn't", line) } } + + logDone("diff - ensure that only kmsg and ptmx in diff") } diff --git a/components/engine/integration-cli/docker_cli_history_test.go b/components/engine/integration-cli/docker_cli_history_test.go index 59ad117128..c76c3a2fbf 100644 --- a/components/engine/integration-cli/docker_cli_history_test.go +++ b/components/engine/integration-cli/docker_cli_history_test.go @@ -40,6 +40,8 @@ func TestBuildHistory(t *testing.T) { } deleteImages("testbuildhistory") + + logDone("history - build history") } func TestHistoryExistentImage(t *testing.T) { diff --git a/components/engine/integration-cli/docker_cli_links_test.go b/components/engine/integration-cli/docker_cli_links_test.go index 9cd1a3fbc5..6f74751dca 100644 --- a/components/engine/integration-cli/docker_cli_links_test.go +++ b/components/engine/integration-cli/docker_cli_links_test.go @@ -53,6 +53,8 @@ func TestPingUnlinkedContainers(t *testing.T) { } else if exitCode != 1 { errorOut(err, t, fmt.Sprintf("run ping failed with errors: %v", err)) } + + logDone("links - ping unlinked container") } func TestPingLinkedContainers(t *testing.T) { @@ -65,6 +67,8 @@ func TestPingLinkedContainers(t *testing.T) { cmd(t, "kill", idA) cmd(t, "kill", idB) deleteAllContainers() + + logDone("links - ping linked container") } func TestIpTablesRulesWhenLinkAndUnlink(t *testing.T) { diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index 031d699a6c..b50d580163 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -1722,6 +1722,8 @@ func TestBindMounts(t *testing.T) { if content != expected { t.Fatalf("Output should be %q, actual out: %q", expected, content) } + + logDone("run - bind mounts") } func TestHostsLinkedContainerUpdate(t *testing.T) { From 245b05f4a2eb676e3b5232daf59667cc86aaec67 Mon Sep 17 00:00:00 2001 From: "Daehyeok.Mun" Date: Thu, 28 Aug 2014 19:57:54 +0900 Subject: [PATCH 072/540] graph: change argument order of Register function This commit is patch for following comment FIXME: pass img as first argument Signed-off-by: Daehyeok.Mun Upstream-commit: 35df24c8e6195ebac6ea28ed4dda5b53b1021f38 Component: engine --- components/engine/graph/graph.go | 5 ++--- components/engine/graph/load.go | 2 +- components/engine/graph/pull.go | 5 ++--- components/engine/graph/service.go | 2 +- components/engine/graph/tags_unit_test.go | 2 +- components/engine/integration/graph_test.go | 14 +++++++------- 6 files changed, 14 insertions(+), 16 deletions(-) diff --git a/components/engine/graph/graph.go b/components/engine/graph/graph.go index 8f01739a75..b6bd524637 100644 --- a/components/engine/graph/graph.go +++ b/components/engine/graph/graph.go @@ -151,15 +151,14 @@ func (graph *Graph) Create(layerData archive.ArchiveReader, containerID, contain img.ContainerConfig = *containerConfig } - if err := graph.Register(nil, layerData, img); err != nil { + if err := graph.Register(img, nil, layerData); err != nil { return nil, err } return img, nil } // Register imports a pre-existing image into the graph. -// FIXME: pass img as first argument -func (graph *Graph) Register(jsonData []byte, layerData archive.ArchiveReader, img *image.Image) (err error) { +func (graph *Graph) Register(img *image.Image, jsonData []byte, layerData archive.ArchiveReader) (err error) { defer func() { // If any error occurs, remove the new dir from the driver. // Don't check for errors since the dir might not have been created. diff --git a/components/engine/graph/load.go b/components/engine/graph/load.go index ec87ef59e8..b7fb62ba98 100644 --- a/components/engine/graph/load.go +++ b/components/engine/graph/load.go @@ -118,7 +118,7 @@ func (s *TagStore) recursiveLoad(eng *engine.Engine, address, tmpImageDir string } } } - if err := s.graph.Register(imageJson, layer, img); err != nil { + if err := s.graph.Register(img, imageJson, layer); err != nil { return err } } diff --git a/components/engine/graph/pull.go b/components/engine/graph/pull.go index 180612fb75..97d693c590 100644 --- a/components/engine/graph/pull.go +++ b/components/engine/graph/pull.go @@ -280,9 +280,8 @@ func (s *TagStore) pullImage(r *registry.Session, out io.Writer, imgID, endpoint } defer layer.Close() - err = s.graph.Register(imgJSON, - utils.ProgressReader(layer, imgSize, out, sf, false, utils.TruncateID(id), "Downloading"), - img) + err = s.graph.Register(img, imgJSON, + utils.ProgressReader(layer, imgSize, out, sf, false, utils.TruncateID(id), "Downloading")) if terr, ok := err.(net.Error); ok && terr.Timeout() && j < retries { time.Sleep(time.Duration(j) * 500 * time.Millisecond) continue diff --git a/components/engine/graph/service.go b/components/engine/graph/service.go index b7db35dcdd..0003a5014a 100644 --- a/components/engine/graph/service.go +++ b/components/engine/graph/service.go @@ -74,7 +74,7 @@ func (s *TagStore) CmdSet(job *engine.Job) engine.Status { if err != nil { return job.Error(err) } - if err := s.graph.Register(imgJSON, layer, img); err != nil { + if err := s.graph.Register(img, imgJSON, layer); err != nil { return job.Error(err) } return engine.StatusOK diff --git a/components/engine/graph/tags_unit_test.go b/components/engine/graph/tags_unit_test.go index c6edc2d0d4..36cda68a2b 100644 --- a/components/engine/graph/tags_unit_test.go +++ b/components/engine/graph/tags_unit_test.go @@ -61,7 +61,7 @@ func mkTestTagStore(root string, t *testing.T) *TagStore { t.Fatal(err) } img := &image.Image{ID: testImageID} - if err := graph.Register(nil, archive, img); err != nil { + if err := graph.Register(img, nil, archive); err != nil { t.Fatal(err) } if err := store.Set(testImageName, "", testImageID, false); err != nil { diff --git a/components/engine/integration/graph_test.go b/components/engine/integration/graph_test.go index c6a0740ca5..4b59a5dbf9 100644 --- a/components/engine/integration/graph_test.go +++ b/components/engine/integration/graph_test.go @@ -74,7 +74,7 @@ func TestInterruptedRegister(t *testing.T) { Created: time.Now(), } w.CloseWithError(errors.New("But I'm not a tarball!")) // (Nobody's perfect, darling) - graph.Register(nil, badArchive, image) + graph.Register(image, nil, badArchive) if _, err := graph.Get(image.ID); err == nil { t.Fatal("Image should not exist after Register is interrupted") } @@ -83,7 +83,7 @@ func TestInterruptedRegister(t *testing.T) { if err != nil { t.Fatal(err) } - if err := graph.Register(nil, goodArchive, image); err != nil { + if err := graph.Register(image, nil, goodArchive); err != nil { t.Fatal(err) } } @@ -133,7 +133,7 @@ func TestRegister(t *testing.T) { Comment: "testing", Created: time.Now(), } - err = graph.Register(nil, archive, image) + err = graph.Register(image, nil, archive) if err != nil { t.Fatal(err) } @@ -228,7 +228,7 @@ func TestDelete(t *testing.T) { t.Fatal(err) } // Test delete twice (pull -> rm -> pull -> rm) - if err := graph.Register(nil, archive, img1); err != nil { + if err := graph.Register(img1, nil, archive); err != nil { t.Fatal(err) } if err := graph.Delete(img1.ID); err != nil { @@ -262,9 +262,9 @@ func TestByParent(t *testing.T) { Created: time.Now(), Parent: parentImage.ID, } - _ = graph.Register(nil, archive1, parentImage) - _ = graph.Register(nil, archive2, childImage1) - _ = graph.Register(nil, archive3, childImage2) + _ = graph.Register(parentImage, nil, archive1) + _ = graph.Register(childImage1, nil, archive2) + _ = graph.Register(childImage2, nil, archive3) byParent, err := graph.ByParent() if err != nil { From 4a859299e0e620d76a08242d40fa3efd8cb75b3f Mon Sep 17 00:00:00 2001 From: unclejack Date: Wed, 30 Jul 2014 17:51:28 +0300 Subject: [PATCH 073/540] deny net host + dns and links with container net Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 3256050ed44b13694d81e78d24e2c7f6006c4bbd Component: engine --- components/engine/runconfig/parse.go | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/components/engine/runconfig/parse.go b/components/engine/runconfig/parse.go index 2b23b355f4..7431b7611d 100644 --- a/components/engine/runconfig/parse.go +++ b/components/engine/runconfig/parse.go @@ -19,8 +19,11 @@ import ( var ( ErrInvalidWorkingDirectory = fmt.Errorf("The working directory is invalid. It needs to be an absolute path.") ErrConflictAttachDetach = fmt.Errorf("Conflicting options: -a and -d") + ErrConflictContainerNetworkAndLinks = fmt.Errorf("Conflicting options: --net=container can't be used with links. This would result in undefined behavior.") + ErrConflictContainerNetworkAndDns = fmt.Errorf("Conflicting options: --net=container can't be used with --dns. This configuration is invalid.") ErrConflictDetachAutoRemove = fmt.Errorf("Conflicting options: --rm and -d") ErrConflictNetworkHostname = fmt.Errorf("Conflicting options: -h and the network mode (--net)") + ErrConflictHostNetworkAndDns = fmt.Errorf("Conflicting options: --net=host can't be used with --dns. This configuration is invalid.") ErrConflictHostNetworkAndLinks = fmt.Errorf("Conflicting options: --net=host can't be used with links. This would result in undefined behavior.") ErrConflictRestartPolicyAndAutoRemove = fmt.Errorf("Conflicting options: --restart and --rm") ) @@ -124,6 +127,18 @@ func parseRun(cmd *flag.FlagSet, args []string, sysInfo *sysinfo.SysInfo) (*Conf return nil, nil, cmd, ErrConflictHostNetworkAndLinks } + if *flNetMode == "container" && flLinks.Len() > 0 { + return nil, nil, cmd, ErrConflictContainerNetworkAndLinks + } + + if *flNetMode == "host" && flDns.Len() > 0 { + return nil, nil, cmd, ErrConflictHostNetworkAndDns + } + + if *flNetMode == "container" && flDns.Len() > 0 { + return nil, nil, cmd, ErrConflictContainerNetworkAndDns + } + // If neither -d or -a are set, attach to everything by default if flAttach.Len() == 0 && !*flDetach { if !*flDetach { From 58c4d9bd7ff9f4825de87e2fee7aa79a5a74fc4d Mon Sep 17 00:00:00 2001 From: "Daehyeok.Mun" Date: Fri, 29 Aug 2014 00:22:26 +0900 Subject: [PATCH 074/540] graph: remove obsolete comments Graph.Get function already returns nil when the image doesn't exist so following comment is obsolete. FIXME: return nil when the image doesn't exist, instead of an error Signed-off-by: Daehyeok.Mun Upstream-commit: 59d58352dfb66a12000d4b65f6c337c7936326e3 Component: engine --- components/engine/graph/graph.go | 1 - 1 file changed, 1 deletion(-) diff --git a/components/engine/graph/graph.go b/components/engine/graph/graph.go index b6bd524637..e6c9cb43d2 100644 --- a/components/engine/graph/graph.go +++ b/components/engine/graph/graph.go @@ -90,7 +90,6 @@ func (graph *Graph) Get(name string) (*image.Image, error) { if err != nil { return nil, err } - // FIXME: return nil when the image doesn't exist, instead of an error img, err := image.LoadImage(graph.ImageRoot(id)) if err != nil { return nil, err From 44d46dd074768ac91adc75cbdde2cb60dc1fbc95 Mon Sep 17 00:00:00 2001 From: Hollie Teal Date: Thu, 28 Aug 2014 11:04:53 -0700 Subject: [PATCH 075/540] Added changes brought up in PR discussion. Signed-off-by: Hollie Teal Upstream-commit: ce73a3bcf77e1333a000a55de8df033dce6e54ae Component: engine --- .../sources/articles/b2d_volume_resize.md | 66 ++++++++++--------- 1 file changed, 36 insertions(+), 30 deletions(-) diff --git a/components/engine/docs/sources/articles/b2d_volume_resize.md b/components/engine/docs/sources/articles/b2d_volume_resize.md index 81d66a6408..1322606589 100644 --- a/components/engine/docs/sources/articles/b2d_volume_resize.md +++ b/components/engine/docs/sources/articles/b2d_volume_resize.md @@ -2,15 +2,17 @@ page_title: Resizing a Boot2Docker Volume page_description: Resizing a Boot2Docker Volume in VirtualBox with GParted page_keywords: boot2docker, volume, virtualbox -# Getting “no space left on device” Errors with Boot2Docker? +# Getting “no space left on device” errors with Boot2Docker? -If you're using Boot2Docker with a large number of images, or the images you're working -with are very large, your pulls might start failing with "no space left on device" errors when -the Boot2Docker VM's volume fills up. The solution is to increase the volume size by -first cloning it, then resizing it using a disk partitioning tool. +If you're using Boot2Docker with a large number of images, or the images you're +working with are very large, your pulls might start failing with "no space left +on device" errors when the Boot2Docker volume fills up. The solution is to +increase the volume size by first cloning it, then resizing it using a disk +partitioning tool. -We recommend [GParted](http://gparted.sourceforge.net/download.php/index.php)-- the ISO -is a free download and works well with VirtualBox. +We recommend [GParted](http://gparted.sourceforge.net/download.php/index.php). +The tool comes as a bootable ISO, is a free download, and works well with +VirtualBox. ## 1. Stop Boot2Docker @@ -20,8 +22,9 @@ Issue the command to stop the Boot2Docker VM on the command line: ## 2. Clone the VMDK image to a VDI image -Boot2Docker ships with a VMDK image, which can’t be resized by VirtualBox’s native tools. We will -instead create a VDI volume and clone the VMDK volume to it. +Boot2Docker ships with a VMDK image, which can’t be resized by VirtualBox’s +native tools. We will instead create a VDI volume and clone the VMDK volume to +it. Using the command line VirtualBox tools, clone the VMDK image to a VDI image: @@ -29,8 +32,9 @@ Using the command line VirtualBox tools, clone the VMDK image to a VDI image: ## 3. Resize the VDI volume -Choose a size that will be appropriate for your needs. If you’re spinning up a lot of containers, -or your containers are particularly large, larger will be better: +Choose a size that will be appropriate for your needs. If you’re spinning up a +lot of containers, or your containers are particularly large, larger will be +better: `$ vboxmanage modifyhd /full/path/to/.vdi —-resize ` @@ -38,9 +42,11 @@ or your containers are particularly large, larger will be better: To resize the volume, we'll use [GParted](http://gparted.sourceforge.net/download.php/). Once you've downloaded the tool, add the ISO to the Boot2Docker VM’s IDE bus. -You might need to create the bus before you can add the ISO. **Note:** It's -important that you choose a partitioning tool that is available as an ISO so that -the Boot2Docker VM can be booted with it. +You might need to create the bus before you can add the ISO. + +**Note:** +It's important that you choose a partitioning tool that is available as an ISO so +that the Boot2Docker VM can be booted with it. @@ -53,41 +59,41 @@ the Boot2Docker VM can be booted with it. ## 5. Add the new VDI image -In the settings for the Boot2Docker image in VirtualBox, remove the VMDK image from -the SATA contoller and add the VDI image. +In the settings for the Boot2Docker image in VirtualBox, remove the VMDK image +from the SATA contoller and add the VDI image. ## 6. Verify the boot order -In the **System** settings for the Boot2Docker VM, make sure that **CD/DVD** is at -the top of the **Boot Order** list. +In the **System** settings for the Boot2Docker VM, make sure that **CD/DVD** is +at the top of the **Boot Order** list. ## 7. Boot to the disk partitioning ISO -Manually start the Boot2Docker VM in VirtualBox, and the disk partitioning ISO should start up. -Using GParted, choose the **GParted Live (default settings)** option. Choose the -default keyboard, language, and XWindows settings, and the GParted tool will start -up and display the VDI volume you created. Right click on the VDI and choose -**Resize/Move**. +Manually start the Boot2Docker VM in VirtualBox, and the disk partitioning ISO +should start up. Using GParted, choose the **GParted Live (default settings)** +option. Choose the default keyboard, language, and XWindows settings, and the +GParted tool will start up and display the VDI volume you created. Right click +on the VDI and choose **Resize/Move**. -Drag the slider representing the volume to the maximum available size, click **Resize/Move**, -and then **Apply**. +Drag the slider representing the volume to the maximum available size, click +**Resize/Move**, and then **Apply**. -Quit GParted and shut down the VM. Remove the GParted ISO from the IDE controller for -the Boot2Docker VM in VirtualBox. +Quit GParted and shut down the VM. Remove the GParted ISO from the IDE controller +for the Boot2Docker VM in VirtualBox. ## 8. Start the Boot2Docker VM -Fire up the Boot2Docker VM manually in VirtualBox. The VM should log in automatically, but -if is doesn't, the credentials are `docker/tcuser`. Using the `df -h` command, verify -that your changes took effect. +Fire up the Boot2Docker VM manually in VirtualBox. The VM should log in +automatically, but if it doesn't, the credentials are `docker/tcuser`. Using +the `df -h` command, verify that your changes took effect. From 431506329f3e9cac1edaed0452e2ac7daba4fd7b Mon Sep 17 00:00:00 2001 From: Peter Salvatore Date: Thu, 28 Aug 2014 16:41:17 -0400 Subject: [PATCH 076/540] Be more explicit about volume removal Signed-off-by: Peter Salvatore Upstream-commit: bfa3d5fa726dc27e44208b51557edca9b64cf4e9 Component: engine --- components/engine/docs/sources/userguide/dockervolumes.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/components/engine/docs/sources/userguide/dockervolumes.md b/components/engine/docs/sources/userguide/dockervolumes.md index 97593a1e04..02dd344ffc 100644 --- a/components/engine/docs/sources/userguide/dockervolumes.md +++ b/components/engine/docs/sources/userguide/dockervolumes.md @@ -119,7 +119,8 @@ You can also extend the chain by mounting the volume that came from the If you remove containers that mount volumes, including the initial `dbdata` container, or the subsequent containers `db1` and `db2`, the volumes will not -be deleted until there are no containers still referencing those volumes. This +be deleted. To delete the volume from disk, you must explicitly call +`docker rm -v` against the last container with a reference to the volume. This allows you to upgrade, or effectively migrate data volumes between containers. ## Backup, restore, or migrate data volumes From 3de067038bde7a068cd9a16e7fbb4a9cd06495d3 Mon Sep 17 00:00:00 2001 From: Hollie Teal Date: Thu, 28 Aug 2014 13:51:38 -0700 Subject: [PATCH 077/540] Final tweaks. Signed-off-by: Hollie Teal Upstream-commit: 0f8d461ed7c8b338d671bea0240b288fa91155b6 Component: engine --- .../docs/sources/articles/b2d_volume_resize.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/components/engine/docs/sources/articles/b2d_volume_resize.md b/components/engine/docs/sources/articles/b2d_volume_resize.md index 1322606589..7d6790965e 100644 --- a/components/engine/docs/sources/articles/b2d_volume_resize.md +++ b/components/engine/docs/sources/articles/b2d_volume_resize.md @@ -18,7 +18,7 @@ VirtualBox. Issue the command to stop the Boot2Docker VM on the command line: - `$ boot2docker stop` + $ boot2docker stop ## 2. Clone the VMDK image to a VDI image @@ -28,7 +28,7 @@ it. Using the command line VirtualBox tools, clone the VMDK image to a VDI image: - `$ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi -—format VDI -—variant Standard` + $ vboxmanage clonehd /full/path/to/boot2docker-hd.vmdk /full/path/to/.vdi -—format VDI -—variant Standard ## 3. Resize the VDI volume @@ -36,17 +36,17 @@ Choose a size that will be appropriate for your needs. If you’re spinning up a lot of containers, or your containers are particularly large, larger will be better: - `$ vboxmanage modifyhd /full/path/to/.vdi —-resize ` + $ vboxmanage modifyhd /full/path/to/.vdi —-resize ## 4. Download a disk partitioning tool ISO To resize the volume, we'll use [GParted](http://gparted.sourceforge.net/download.php/). -Once you've downloaded the tool, add the ISO to the Boot2Docker VM’s IDE bus. +Once you've downloaded the tool, add the ISO to the Boot2Docker VM IDE bus. You might need to create the bus before you can add the ISO. -**Note:** -It's important that you choose a partitioning tool that is available as an ISO so -that the Boot2Docker VM can be booted with it. +> **Note:** +> It's important that you choose a partitioning tool that is available as an ISO so +> that the Boot2Docker VM can be booted with it.
    From 4d890308d7542a9a23d2fdda31590cc9ed7f5e95 Mon Sep 17 00:00:00 2001 From: Vincent Batts Date: Thu, 1 May 2014 00:26:24 -0400 Subject: [PATCH 078/540] docker save: ability to save multiple images Now from a single invocation of `docker save`, you can specify multiple images to include in the output tar, or even just multiple tags of a particular image/repo. ``` > docker save -o bundle.tar busybox ubuntu:lucid ubuntu:saucy fedora:latest > tar tf ./bundle.tar | wc -l 42 > tar xOf ./bundle.tar repositories {"busybox":{"latest":"2d8e5b282c81244037eb15b2068e1c46319c1a42b80493acb128da24b2090739"},"fedora":{"latest":"58394af373423902a1b97f209a31e3777932d9321ef10e64feaaa7b4df609cf9"},"ubuntu":{"lucid":"9cc9ea5ea540116b89e41898dd30858107c1175260fb7ff50322b34704092232","saucy":"9f676bd305a43a931a8d98b13e5840ffbebcd908370765373315926024c7c35e"}} ``` Further, this fixes the bug where the `repositories` file is not created when saving a specific tag of an image (e.g. ubuntu:latest) document multi-image save and updated API docs Docker-DCO-1.1-Signed-off-by: Vincent Batts (github: vbatts) Upstream-commit: e64131d1bf7c79358d5ee7a1a98626730db3593b Component: engine --- components/engine/api/client/commands.go | 20 +++- components/engine/api/server/server.go | 11 ++- .../reference/api/docker_remote_api_v1.15.md | 39 +++++++- .../docs/sources/reference/commandline/cli.md | 17 ++-- components/engine/graph/export.go | 93 ++++++++++++------- components/engine/graph/tags.go | 18 ++++ 6 files changed, 147 insertions(+), 51 deletions(-) diff --git a/components/engine/api/client/commands.go b/components/engine/api/client/commands.go index cd954b92e2..e5495dbf84 100644 --- a/components/engine/api/client/commands.go +++ b/components/engine/api/client/commands.go @@ -2257,14 +2257,14 @@ func (cli *DockerCli) CmdCp(args ...string) error { } func (cli *DockerCli) CmdSave(args ...string) error { - cmd := cli.Subcmd("save", "IMAGE", "Save an image to a tar archive (streamed to STDOUT by default)") + cmd := cli.Subcmd("save", "IMAGE [IMAGE...]", "Save an image(s) to a tar archive (streamed to STDOUT by default)") outfile := cmd.String([]string{"o", "-output"}, "", "Write to an file, instead of STDOUT") if err := cmd.Parse(args); err != nil { return err } - if cmd.NArg() != 1 { + if cmd.NArg() < 1 { cmd.Usage() return nil } @@ -2279,9 +2279,19 @@ func (cli *DockerCli) CmdSave(args ...string) error { return err } } - image := cmd.Arg(0) - if err := cli.stream("GET", "/images/"+image+"/get", nil, output, nil); err != nil { - return err + if len(cmd.Args()) == 1 { + image := cmd.Arg(0) + if err := cli.stream("GET", "/images/"+image+"/get", nil, output, nil); err != nil { + return err + } + } else { + v := url.Values{} + for _, arg := range cmd.Args() { + v.Add("names", arg) + } + if err := cli.stream("GET", "/images/get?"+v.Encode(), nil, output, nil); err != nil { + return err + } } return nil } diff --git a/components/engine/api/server/server.go b/components/engine/api/server/server.go index 906e3d8e38..fd13489a83 100644 --- a/components/engine/api/server/server.go +++ b/components/engine/api/server/server.go @@ -611,10 +611,18 @@ func getImagesGet(eng *engine.Engine, version version.Version, w http.ResponseWr if vars == nil { return fmt.Errorf("Missing parameter") } + if err := parseForm(r); err != nil { + return err + } if version.GreaterThan("1.0") { w.Header().Set("Content-Type", "application/x-tar") } - job := eng.Job("image_export", vars["name"]) + var job *engine.Job + if name, ok := vars["name"]; ok { + job = eng.Job("image_export", name) + } else { + job = eng.Job("image_export", r.Form["names"]...) + } job.Stdout.Add(w) return job.Run() } @@ -1105,6 +1113,7 @@ func createRouter(eng *engine.Engine, logging, enableCors bool, dockerVersion st "/images/json": getImagesJSON, "/images/viz": getImagesViz, "/images/search": getImagesSearch, + "/images/get": getImagesGet, "/images/{name:.*}/get": getImagesGet, "/images/{name:.*}/history": getImagesHistory, "/images/{name:.*}/json": getImagesByName, diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md index e2f96980c0..03446c2870 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md @@ -1333,12 +1333,17 @@ via polling (using since) - **200** – no error - **500** – server error -### Get a tarball containing all images and tags in a repository +### Get a tarball containing all images in a repository `GET /images/(name)/get` -Get a tarball containing all images and metadata for the repository -specified by `name`. +Get a tarball containing all images and metadata for the repository specified +by `name`. + +If `name` is a specific name and tag (e.g. ubuntu:latest), then only that image +(and its parents) are returned. If `name` is an image ID, similarly only that +image (and its parents) are returned, but with the exclusion of the +'repositories' file in the tarball, as there were no image names referenced. **Example request** @@ -1356,6 +1361,34 @@ specified by `name`. - **200** – no error - **500** – server error +### Get a tarball containing of images. + +`GET /images/get` + +Get a tarball containing all images and metadata for one or more repositories. + +For each value of the `names` parameter: if it is a specific name and tag (e.g. +ubuntu:latest), then only that image (and its parents) are returned; if it is +an image ID, similarly only that image (and its parents) are returned and there +would be no names referenced in the 'repositories' file for this image ID. + + + **Example request** + + GET /images/get?names=myname%2Fmyapp%3Alatest&names=busybox + + **Example response**: + + HTTP/1.1 200 OK + Content-Type: application/x-tar + + Binary data stream + + Status Codes: + + - **200** – no error + - **500** – server error + ### Load a tarball with a set of images and tags into docker `POST /images/load` diff --git a/components/engine/docs/sources/reference/commandline/cli.md b/components/engine/docs/sources/reference/commandline/cli.md index f67527b380..ef30113882 100644 --- a/components/engine/docs/sources/reference/commandline/cli.md +++ b/components/engine/docs/sources/reference/commandline/cli.md @@ -1249,17 +1249,17 @@ Providing a maximum restart limit is only valid for the ** on-failure ** policy. ## save - Usage: docker save [OPTIONS] IMAGE + Usage: docker save [OPTIONS] IMAGE [IMAGE...] - Save an image to a tar archive (streamed to STDOUT by default) + Save an image(s) to a tar archive (streamed to STDOUT by default) -o, --output="" Write to an file, instead of STDOUT -Produces a tarred repository to the standard output stream. Contains all -parent layers, and all tags + versions, or specified repo:tag. +Produces a tarred repository to the standard output stream. +Contains all parent layers, and all tags + versions, or specified repo:tag, for +each argument provided. -It is used to create a backup that can then be used with -`docker load` +It is used to create a backup that can then be used with ``docker load`` $ sudo docker save busybox > busybox.tar $ ls -sh busybox.tar @@ -1270,6 +1270,11 @@ It is used to create a backup that can then be used with $ sudo docker save -o fedora-all.tar fedora $ sudo docker save -o fedora-latest.tar fedora:latest +It is even useful to cherry-pick particular tags of an image repository + + $ sudo docker save -o ubuntu.tar ubuntu:lucid ubuntu:saucy + + ## search Search [Docker Hub](https://hub.docker.com) for images diff --git a/components/engine/graph/export.go b/components/engine/graph/export.go index d24d97146b..3f095e796c 100644 --- a/components/engine/graph/export.go +++ b/components/engine/graph/export.go @@ -19,10 +19,9 @@ import ( // name is the set of tags to export. // out is the writer where the images are written to. func (s *TagStore) CmdImageExport(job *engine.Job) engine.Status { - if len(job.Args) != 1 { - return job.Errorf("Usage: %s IMAGE\n", job.Name) + if len(job.Args) < 1 { + return job.Errorf("Usage: %s IMAGE [IMAGE...]\n", job.Name) } - name := job.Args[0] // get image json tempdir, err := ioutil.TempDir("", "docker-export-") if err != nil { @@ -30,49 +29,71 @@ func (s *TagStore) CmdImageExport(job *engine.Job) engine.Status { } defer os.RemoveAll(tempdir) - log.Debugf("Serializing %s", name) - rootRepoMap := map[string]Repository{} - rootRepo, err := s.Get(name) - if err != nil { - return job.Error(err) - } - if rootRepo != nil { - // this is a base repo name, like 'busybox' + for _, name := range job.Args { + log.Debugf("Serializing %s", name) + rootRepo := s.Repositories[name] + if rootRepo != nil { + // this is a base repo name, like 'busybox' + for _, id := range rootRepo { + if _, ok := rootRepoMap[name]; !ok { + rootRepoMap[name] = rootRepo + } else { + log.Debugf("Duplicate key [%s]", name) + if rootRepoMap[name].Contains(rootRepo) { + log.Debugf("skipping, because it is present [%s:%q]", name, rootRepo) + continue + } + log.Debugf("updating [%s]: [%q] with [%q]", name, rootRepoMap[name], rootRepo) + rootRepoMap[name].Update(rootRepo) + } - for _, id := range rootRepo { - if err := s.exportImage(job.Eng, id, tempdir); err != nil { - return job.Error(err) - } - } - rootRepoMap[name] = rootRepo - } else { - img, err := s.LookupImage(name) - if err != nil { - return job.Error(err) - } - if img != nil { - // This is a named image like 'busybox:latest' - repoName, repoTag := parsers.ParseRepositoryTag(name) - if err := s.exportImage(job.Eng, img.ID, tempdir); err != nil { - return job.Error(err) - } - // check this length, because a lookup of a truncated has will not have a tag - // and will not need to be added to this map - if len(repoTag) > 0 { - rootRepoMap[repoName] = Repository{repoTag: img.ID} + if err := s.exportImage(job.Eng, id, tempdir); err != nil { + return job.Error(err) + } } } else { - // this must be an ID that didn't get looked up just right? - if err := s.exportImage(job.Eng, name, tempdir); err != nil { + img, err := s.LookupImage(name) + if err != nil { return job.Error(err) } + + if img != nil { + // This is a named image like 'busybox:latest' + repoName, repoTag := parsers.ParseRepositoryTag(name) + + // check this length, because a lookup of a truncated has will not have a tag + // and will not need to be added to this map + if len(repoTag) > 0 { + if _, ok := rootRepoMap[repoName]; !ok { + rootRepoMap[repoName] = Repository{repoTag: img.ID} + } else { + log.Debugf("Duplicate key [%s]", repoName) + newRepo := Repository{repoTag: img.ID} + if rootRepoMap[repoName].Contains(newRepo) { + log.Debugf("skipping, because it is present [%s:%q]", repoName, newRepo) + continue + } + log.Debugf("updating [%s]: [%q] with [%q]", repoName, rootRepoMap[repoName], newRepo) + rootRepoMap[repoName].Update(newRepo) + } + } + if err := s.exportImage(job.Eng, img.ID, tempdir); err != nil { + return job.Error(err) + } + + } else { + // this must be an ID that didn't get looked up just right? + if err := s.exportImage(job.Eng, name, tempdir); err != nil { + return job.Error(err) + } + } } + log.Debugf("End Serializing %s", name) } // write repositories, if there is something to write if len(rootRepoMap) > 0 { rootRepoJson, _ := json.Marshal(rootRepoMap) - if err := ioutil.WriteFile(path.Join(tempdir, "repositories"), rootRepoJson, os.FileMode(0644)); err != nil { return job.Error(err) } @@ -89,7 +110,7 @@ func (s *TagStore) CmdImageExport(job *engine.Job) engine.Status { if _, err := io.Copy(job.Stdout, fs); err != nil { return job.Error(err) } - log.Debugf("End Serializing %s", name) + log.Debugf("End export job: %s", job.Name) return engine.StatusOK } diff --git a/components/engine/graph/tags.go b/components/engine/graph/tags.go index 30176ae071..9fc3abd21b 100644 --- a/components/engine/graph/tags.go +++ b/components/engine/graph/tags.go @@ -30,6 +30,24 @@ type TagStore struct { type Repository map[string]string +// update Repository mapping with content of u +func (r Repository) Update(u Repository) { + for k, v := range u { + r[k] = v + } +} + +// return true if the contents of u Repository, are wholly contained in r Repository +func (r Repository) Contains(u Repository) bool { + for k, v := range u { + // if u's key is not present in r OR u's key is present, but not the same value + if rv, ok := r[k]; !ok || (ok && rv != v) { + return false + } + } + return true +} + func NewTagStore(path string, graph *Graph) (*TagStore, error) { abspath, err := filepath.Abs(path) if err != nil { From b17a5fe632b33148d83f94b0d3d3fe6b7c27f750 Mon Sep 17 00:00:00 2001 From: Fred Lifton Date: Thu, 28 Aug 2014 17:29:09 -0700 Subject: [PATCH 079/540] Fixed typos based on feedback. Docker-DCO-1.1-Signed-off-by: Fred Lifton (github: fredlf) Upstream-commit: 810c231b912c0a12acb8eb82a3756276e47fa632 Component: engine --- components/engine/docs/sources/index.md | 27 +++++++++++++------------ 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/components/engine/docs/sources/index.md b/components/engine/docs/sources/index.md index 401381a270..1eddeec564 100644 --- a/components/engine/docs/sources/index.md +++ b/components/engine/docs/sources/index.md @@ -98,10 +98,10 @@ improvements. These include: We added a `--restart flag` to `docker run` to specify a restart policy for your container. Currently, there are three policies available: -`no` – Do not restart the container if it dies. (default) -`on-failure` – Restart the container if it exits with a non-zero exit code. +* `no` – Do not restart the container if it dies. (default) +* `on-failure` – Restart the container if it exits with a non-zero exit code. This can also accept an optional maximum restart count (e.g. `on-failure:5`). -`always` – Always restart the container no matter what exit code is returned. +* `always` – Always restart the container no matter what exit code is returned. This deprecates the `--restart` flag on the Docker daemon. *New flags for `docker run`: `--cap-add` and `–-cap-drop`* @@ -112,26 +112,25 @@ Further, using `--privileged` would grant all capabilities inside a container, r applying a whitelist. This was not recommended for production use because it’s really unsafe; it’s as if you were directly in the host. -This release introduces two new flags for `docker run` --cap-add and --cap-drop that give -you fine grain control over the specific capabilities you want grant to a particular +This release introduces two new flags for `docker run`, `--cap-add` and `--cap-drop`, that +give you fine-grain control over the specific capabilities you want grant to a particular container. *New `-–device` flag for `docker run`* -Previously, you could only use devices inside your containers by bind mounting them ( with +Previously, you could only use devices inside your containers by bind mounting them (with `-v`) in a `--privileged` container. With this release, we introduce the `--device flag` to `docker run` which lets you use a device without requiring a privileged container. - *Writable `/etc/hosts`, `/etc/hostname` and `/etc/resolv.conf`* You can now edit `/etc/hosts`, `/etc/hostname` and `/etc/resolve.conf` in a running -container. This is useful if you need to install bind or other services that might +container. This is useful if you need to install BIND or other services that might override one of those files. -Note, however, that changes to these files are not saved during a docker build and so will -not be preserved in the resulting image. The changes will only “stick” in a running -container. +Note, however, that changes to these files are not saved when running `docker build` and +so will not be preserved in the resulting image. The changes will only “stick” in a +running container. *Docker proxy in a separate process* @@ -139,9 +138,11 @@ The Docker userland proxy that routes outbound traffic to your containers now ha separate process (one process per connection). This greatly reduces the load on the daemon, which increases stability and efficiency. -*Other Improvements & Changes* +*Other improvements & changes* -* When using `docker rm -f`, Docker now kills the container (instead of stopping it) before removing it . If you intend to stop the container cleanly, you can use `docker stop`. +* When using `docker rm -f`, Docker now kills the container (instead of stopping it) +before removing it . If you intend to stop the container cleanly, you can use `docker +stop`. * Added support for IPv6 addresses in `--dns` From dc54819eb571d628790d09dbf189dd1482e1bc29 Mon Sep 17 00:00:00 2001 From: SvenDowideit Date: Fri, 29 Aug 2014 11:08:38 +1000 Subject: [PATCH 080/540] Give the tag some CSS (the .content-body resets it) Docker-DCO-1.1-Signed-off-by: SvenDowideit (github: SvenDowideit) Upstream-commit: 7de977368cf5d8290c76b7127246996e90932e13 Component: engine --- components/engine/docs/theme/mkdocs/css/docs.css | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/components/engine/docs/theme/mkdocs/css/docs.css b/components/engine/docs/theme/mkdocs/css/docs.css index bd9711cb43..0e64f0a387 100644 --- a/components/engine/docs/theme/mkdocs/css/docs.css +++ b/components/engine/docs/theme/mkdocs/css/docs.css @@ -305,6 +305,10 @@ ol li { white-space: pre; } +.content-body strong { + font-weight: bold; +} + #leftnav .nav.nav-tabs li a { line-height: 20px !important; padding-top: 15px !important; From 5583bba50bf293dadf265a33a121260e47cc5fdc Mon Sep 17 00:00:00 2001 From: Vincent Batts Date: Thu, 28 Aug 2014 21:33:13 -0400 Subject: [PATCH 081/540] save many: adding an integration-cli test Signed-off-by: Vincent Batts Upstream-commit: 79501dcd4f7a207067c234766ae4788007a1d91b Component: engine --- .../docker_cli_save_load_test.go | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/components/engine/integration-cli/docker_cli_save_load_test.go b/components/engine/integration-cli/docker_cli_save_load_test.go index c70769e034..6f04ec40f2 100644 --- a/components/engine/integration-cli/docker_cli_save_load_test.go +++ b/components/engine/integration-cli/docker_cli_save_load_test.go @@ -167,3 +167,27 @@ func TestSaveAndLoadRepoFlags(t *testing.T) { logDone("save - save a repo using -o") logDone("load - load a repo using -i") } + +func TestSaveMultipleNames(t *testing.T) { + repoName := "foobar-save-multi-name-test" + + // Make one image + tagCmdFinal := fmt.Sprintf("%v tag scratch:latest %v-one:latest", dockerBinary, repoName) + tagCmd := exec.Command("bash", "-c", tagCmdFinal) + out, _, err := runCommandWithOutput(tagCmd) + errorOut(err, t, fmt.Sprintf("failed to tag repo: %v %v", out, err)) + // Make two images + tagCmdFinal = fmt.Sprintf("%v tag scratch:latest %v-two:latest", dockerBinary, repoName) + tagCmd = exec.Command("bash", "-c", tagCmdFinal) + out, _, err = runCommandWithOutput(tagCmd) + errorOut(err, t, fmt.Sprintf("failed to tag repo: %v %v", out, err)) + + saveCmdFinal := fmt.Sprintf("%v save %v-one %v-two:latest | tar xO repositories | grep -q -E '(-one|-two)'", dockerBinary, repoName, repoName) + saveCmd := exec.Command("bash", "-c", saveCmdFinal) + out, _, err = runCommandWithOutput(saveCmd) + errorOut(err, t, fmt.Sprintf("failed to save multiple repos: %v %v", out, err)) + + deleteImages(repoName) + + logDone("save - save by multiple names") +} From 5867aa701fd61085e6c317145b0bc449500904cd Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Fri, 29 Aug 2014 14:55:49 +1000 Subject: [PATCH 082/540] fs.Visit() returns nil flag Signed-off-by: Sven Dowideit Upstream-commit: f1934e59790c9af6466075d3d050386627ad1a9a Component: engine --- components/engine/pkg/mflag/flag.go | 11 ++++-- components/engine/pkg/mflag/flag_test.go | 49 +++++++++++++++++++++++- 2 files changed, 56 insertions(+), 4 deletions(-) diff --git a/components/engine/pkg/mflag/flag.go b/components/engine/pkg/mflag/flag.go index 0eebfc18f1..b40f911769 100644 --- a/components/engine/pkg/mflag/flag.go +++ b/components/engine/pkg/mflag/flag.go @@ -317,8 +317,13 @@ func (p flagSlice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } // sortFlags returns the flags as a slice in lexicographical sorted order. func sortFlags(flags map[string]*Flag) []*Flag { var list flagSlice - for _, f := range flags { + + // The sorted list is based on the first name, when flag map might use the other names. + nameMap := make(map[string]string) + + for n, f := range flags { fName := strings.TrimPrefix(f.Names[0], "#") + nameMap[fName] = n if len(f.Names) == 1 { list = append(list, fName) continue @@ -338,7 +343,7 @@ func sortFlags(flags map[string]*Flag) []*Flag { sort.Sort(list) result := make([]*Flag, len(list)) for i, name := range list { - result[i] = flags[name] + result[i] = flags[nameMap[name]] } return result } @@ -473,7 +478,7 @@ var Usage = func() { } // FlagCount returns the number of flags that have been defined. -func (f *FlagSet) FlagCount() int { return len(f.formal) } +func (f *FlagSet) FlagCount() int { return len(sortFlags(f.formal)) } // FlagCountUndeprecated returns the number of undeprecated flags that have been defined. func (f *FlagSet) FlagCountUndeprecated() int { diff --git a/components/engine/pkg/mflag/flag_test.go b/components/engine/pkg/mflag/flag_test.go index 9321926c56..340a1cb175 100644 --- a/components/engine/pkg/mflag/flag_test.go +++ b/components/engine/pkg/mflag/flag_test.go @@ -440,7 +440,7 @@ func TestFlagCounts(t *testing.T) { fs.BoolVar(&flag, []string{"flag3"}, false, "regular flag") fs.BoolVar(&flag, []string{"g", "#flag4", "-flag4"}, false, "regular flag") - if fs.FlagCount() != 10 { + if fs.FlagCount() != 6 { t.Fatal("FlagCount wrong. ", fs.FlagCount()) } if fs.FlagCountUndeprecated() != 4 { @@ -457,3 +457,50 @@ func TestFlagCounts(t *testing.T) { t.Fatal("NFlag wrong. ", fs.NFlag()) } } + +// Show up bug in sortFlags +func TestSortFlags(t *testing.T) { + fs := NewFlagSet("help TestSortFlags", ContinueOnError) + + var err error + + var b bool + fs.BoolVar(&b, []string{"b", "-banana"}, false, "usage") + + err = fs.Parse([]string{"--banana=true"}) + if err != nil { + t.Fatal("expected no error; got ", err) + } + + count := 0 + + fs.VisitAll(func(flag *Flag) { + count++ + if flag == nil { + t.Fatal("VisitAll should not return a nil flag") + } + }) + flagcount := fs.FlagCount() + if flagcount != count { + t.Fatalf("FlagCount (%d) != number (%d) of elements visited", flagcount, count) + } + // Make sure its idempotent + if flagcount != fs.FlagCount() { + t.Fatalf("FlagCount (%d) != fs.FlagCount() (%d) of elements visited", flagcount, fs.FlagCount()) + } + + count = 0 + fs.Visit(func(flag *Flag) { + count++ + if flag == nil { + t.Fatal("Visit should not return a nil flag") + } + }) + nflag := fs.NFlag() + if nflag != count { + t.Fatalf("NFlag (%d) != number (%d) of elements visited", nflag, count) + } + if nflag != fs.NFlag() { + t.Fatalf("NFlag (%d) != fs.NFlag() (%d) of elements visited", nflag, fs.NFlag()) + } +} From 6c5eee34ef6360c6af68b8e4e7abf0e8bc0b11e8 Mon Sep 17 00:00:00 2001 From: SvenDowideit Date: Tue, 24 Jun 2014 12:03:08 +1000 Subject: [PATCH 083/540] List all ports when calling `docker port container` Docker-DCO-1.1-Signed-off-by: SvenDowideit (github: SvenDowideit) Upstream-commit: 4e340cedeccabcae8875dd35f8c984246d6c3bc1 Component: engine --- components/engine/api/client/commands.go | 45 ++++--- components/engine/docs/man/docker-port.1.md | 26 +++- .../docs/sources/reference/commandline/cli.md | 20 ++- .../integration-cli/docker_cli_port_test.go | 125 ++++++++++++++++++ 4 files changed, 191 insertions(+), 25 deletions(-) create mode 100644 components/engine/integration-cli/docker_cli_port_test.go diff --git a/components/engine/api/client/commands.go b/components/engine/api/client/commands.go index e5495dbf84..4a5f2faea8 100644 --- a/components/engine/api/client/commands.go +++ b/components/engine/api/client/commands.go @@ -861,26 +861,15 @@ func (cli *DockerCli) CmdTop(args ...string) error { } func (cli *DockerCli) CmdPort(args ...string) error { - cmd := cli.Subcmd("port", "CONTAINER PRIVATE_PORT", "Lookup the public-facing port that is NAT-ed to PRIVATE_PORT") + cmd := cli.Subcmd("port", "CONTAINER [PRIVATE_PORT[/PROTO]]", "List port mappings for the CONTAINER, or lookup the public-facing port that is NAT-ed to the PRIVATE_PORT") if err := cmd.Parse(args); err != nil { return nil } - if cmd.NArg() != 2 { + if cmd.NArg() < 1 { cmd.Usage() return nil } - var ( - port = cmd.Arg(1) - proto = "tcp" - parts = strings.SplitN(port, "/", 2) - ) - - if len(parts) == 2 && len(parts[1]) != 0 { - port = parts[0] - proto = parts[1] - } - steam, _, err := cli.call("GET", "/containers/"+cmd.Arg(0)+"/json", nil, false) if err != nil { return err @@ -895,14 +884,34 @@ func (cli *DockerCli) CmdPort(args ...string) error { return err } - if frontends, exists := ports[nat.Port(port+"/"+proto)]; exists && frontends != nil { - for _, frontend := range frontends { - fmt.Fprintf(cli.out, "%s:%s\n", frontend.HostIp, frontend.HostPort) + if cmd.NArg() == 2 { + var ( + port = cmd.Arg(1) + proto = "tcp" + parts = strings.SplitN(port, "/", 2) + ) + + if len(parts) == 2 && len(parts[1]) != 0 { + port = parts[0] + proto = parts[1] } - return nil + natPort := port + "/" + proto + if frontends, exists := ports[nat.Port(port+"/"+proto)]; exists && frontends != nil { + for _, frontend := range frontends { + fmt.Fprintf(cli.out, "%s:%s\n", frontend.HostIp, frontend.HostPort) + } + return nil + } + return fmt.Errorf("Error: No public port '%s' published for %s", natPort, cmd.Arg(0)) } - return fmt.Errorf("Error: No public port '%s' published for %s", cmd.Arg(1), cmd.Arg(0)) + for from, frontends := range ports { + for _, frontend := range frontends { + fmt.Fprintf(cli.out, "%s -> %s:%s\n", from, frontend.HostIp, frontend.HostPort) + } + } + + return nil } // 'docker rmi IMAGE' removes all images with the name IMAGE diff --git a/components/engine/docs/man/docker-port.1.md b/components/engine/docs/man/docker-port.1.md index 07b84b12d9..97cc61b7e5 100644 --- a/components/engine/docs/man/docker-port.1.md +++ b/components/engine/docs/man/docker-port.1.md @@ -2,14 +2,30 @@ % Docker Community % JUNE 2014 # NAME -docker-port - Lookup the public-facing port that is NAT-ed to PRIVATE_PORT +docker-port - List port mappings for the CONTAINER, or lookup the public-facing port that is NAT-ed to the PRIVATE_PORT # SYNOPSIS -**docker port** -CONTAINER PRIVATE_PORT +**docker port** CONTAINER [PRIVATE_PORT[/PROTO]] -# OPTIONS -There are no available options. +# DESCRIPTION +List port mappings for the CONTAINER, or lookup the public-facing port that is NAT-ed to the PRIVATE_PORT + +# EXAMPLES +You can find out all the ports mapped by not specifying a `PRIVATE_PORT`, or +ask for just a specific mapping: + + $ docker ps test + CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES + b650456536c7 busybox:latest top 54 minutes ago Up 54 minutes 0.0.0.0:1234->9876/tcp, 0.0.0.0:4321->7890/tcp test + $ docker port test + 7890/tcp -> 0.0.0.0:4321 + 9876/tcp -> 0.0.0.0:1234 + $ docker port test 7890/tcp + 0.0.0.0:4321 + $ docker port test 7890/udp + 2014/06/24 11:53:36 Error: No public port '7890/udp' published for test + $ docker port test 7890 + 0.0.0.0:4321 # HISTORY April 2014, Originally compiled by William Henry (whenry at redhat dot com) diff --git a/components/engine/docs/sources/reference/commandline/cli.md b/components/engine/docs/sources/reference/commandline/cli.md index ef30113882..9c313b0c78 100644 --- a/components/engine/docs/sources/reference/commandline/cli.md +++ b/components/engine/docs/sources/reference/commandline/cli.md @@ -764,9 +764,25 @@ log entry. ## port - Usage: docker port CONTAINER PRIVATE_PORT + Usage: docker port CONTAINER [PRIVATE_PORT[/PROTO]] - Lookup the public-facing port that is NAT-ed to PRIVATE_PORT + List port mappings for the CONTAINER, or lookup the public-facing port that is NAT-ed to the PRIVATE_PORT + +You can find out all the ports mapped by not specifying a `PRIVATE_PORT`, or +just a specific mapping: + + $ docker ps test + CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES + b650456536c7 busybox:latest top 54 minutes ago Up 54 minutes 0.0.0.0:1234->9876/tcp, 0.0.0.0:4321->7890/tcp test + $ docker port test + 7890/tcp -> 0.0.0.0:4321 + 9876/tcp -> 0.0.0.0:1234 + $ docker port test 7890/tcp + 0.0.0.0:4321 + $ docker port test 7890/udp + 2014/06/24 11:53:36 Error: No public port '7890/udp' published for test + $ docker port test 7890 + 0.0.0.0:4321 ## pause diff --git a/components/engine/integration-cli/docker_cli_port_test.go b/components/engine/integration-cli/docker_cli_port_test.go new file mode 100644 index 0000000000..667889227f --- /dev/null +++ b/components/engine/integration-cli/docker_cli_port_test.go @@ -0,0 +1,125 @@ +package main + +import ( + "os/exec" + "sort" + "strings" + "testing" +) + +func TestListPorts(t *testing.T) { + // one port + runCmd := exec.Command(dockerBinary, "run", "-d", "-p", "9876:80", "busybox", "top") + out, _, err := runCommandWithOutput(runCmd) + errorOut(err, t, out) + firstID := stripTrailingCharacters(out) + + runCmd = exec.Command(dockerBinary, "port", firstID, "80") + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + if !assertPortList(t, out, []string{"0.0.0.0:9876"}) { + t.Error("Port list is not correct") + } + + runCmd = exec.Command(dockerBinary, "port", firstID) + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + if !assertPortList(t, out, []string{"80/tcp -> 0.0.0.0:9876"}) { + t.Error("Port list is not correct") + } + runCmd = exec.Command(dockerBinary, "rm", "-f", firstID) + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + // three port + runCmd = exec.Command(dockerBinary, "run", "-d", + "-p", "9876:80", + "-p", "9877:81", + "-p", "9878:82", + "busybox", "top") + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + ID := stripTrailingCharacters(out) + + runCmd = exec.Command(dockerBinary, "port", ID, "80") + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + if !assertPortList(t, out, []string{"0.0.0.0:9876"}) { + t.Error("Port list is not correct") + } + + runCmd = exec.Command(dockerBinary, "port", ID) + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + if !assertPortList(t, out, []string{ + "80/tcp -> 0.0.0.0:9876", + "81/tcp -> 0.0.0.0:9877", + "82/tcp -> 0.0.0.0:9878"}) { + t.Error("Port list is not correct") + } + runCmd = exec.Command(dockerBinary, "rm", "-f", ID) + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + // more and one port mapped to the same container port + runCmd = exec.Command(dockerBinary, "run", "-d", + "-p", "9876:80", + "-p", "9999:80", + "-p", "9877:81", + "-p", "9878:82", + "busybox", "top") + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + ID = stripTrailingCharacters(out) + + runCmd = exec.Command(dockerBinary, "port", ID, "80") + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + if !assertPortList(t, out, []string{"0.0.0.0:9876", "0.0.0.0:9999"}) { + t.Error("Port list is not correct") + } + + runCmd = exec.Command(dockerBinary, "port", ID) + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + if !assertPortList(t, out, []string{ + "80/tcp -> 0.0.0.0:9876", + "80/tcp -> 0.0.0.0:9999", + "81/tcp -> 0.0.0.0:9877", + "82/tcp -> 0.0.0.0:9878"}) { + t.Error("Port list is not correct\n", out) + } + runCmd = exec.Command(dockerBinary, "rm", "-f", ID) + out, _, err = runCommandWithOutput(runCmd) + errorOut(err, t, out) + + deleteAllContainers() + + logDone("port - test port list") +} + +func assertPortList(t *testing.T, out string, expected []string) bool { + //lines := strings.Split(out, "\n") + lines := strings.Split(strings.Trim(out, "\n "), "\n") + if len(lines) != len(expected) { + t.Errorf("different size lists %s, %d, %d", out, len(lines), len(expected)) + return false + } + sort.Strings(lines) + sort.Strings(expected) + + for i := 0; i < len(expected); i++ { + if lines[i] != expected[i] { + t.Error("|" + lines[i] + "!=" + expected[i] + "|") + return false + } + } + + return true +} From 76ca127323b96d9410d6a6644648a5b8e870e209 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Thu, 28 Aug 2014 15:39:27 +0400 Subject: [PATCH 084/540] Merge Container and State mutexes Resolved all deadlocks and fixed race between kill and monitor.resetContainer Fixes #7600 Signed-off-by: Alexandr Morozov Upstream-commit: 517ba44e3742c39c4c3fc249b8c40e9b7ddd845f Component: engine --- components/engine/daemon/container.go | 12 +++--- components/engine/daemon/list.go | 4 +- components/engine/daemon/monitor.go | 19 +++++--- components/engine/daemon/state.go | 62 ++++++++++++--------------- 4 files changed, 47 insertions(+), 50 deletions(-) diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index 7917c89070..72e4dfd63e 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -10,7 +10,6 @@ import ( "path" "path/filepath" "strings" - "sync" "syscall" "time" @@ -43,7 +42,7 @@ var ( ) type Container struct { - sync.Mutex + *State root string // Path to the "home" of the container, including metadata. basefs string // Path to the graphdriver mountpoint @@ -55,7 +54,6 @@ type Container struct { Args []string Config *runconfig.Config - State *State Image string NetworkSettings *NetworkSettings @@ -276,7 +274,7 @@ func (container *Container) Start() (err error) { container.Lock() defer container.Unlock() - if container.State.IsRunning() { + if container.State.Running { return nil } @@ -526,11 +524,11 @@ func (container *Container) KillSig(sig int) error { defer container.Unlock() // We could unpause the container for them rather than returning this error - if container.State.IsPaused() { + if container.State.Paused { return fmt.Errorf("Container %s is paused. Unpause the container before stopping", container.ID) } - if !container.State.IsRunning() { + if !container.State.Running { return nil } @@ -541,7 +539,7 @@ func (container *Container) KillSig(sig int) error { // if the container is currently restarting we do not need to send the signal // to the process. Telling the monitor that it should exit on it's next event // loop is enough - if container.State.IsRestarting() { + if container.State.Restarting { return nil } diff --git a/components/engine/daemon/list.go b/components/engine/daemon/list.go index 2da5254866..f24b8be2bd 100644 --- a/components/engine/daemon/list.go +++ b/components/engine/daemon/list.go @@ -70,7 +70,7 @@ func (daemon *Daemon) Containers(job *engine.Job) engine.Status { writeCont := func(container *Container) error { container.Lock() defer container.Unlock() - if !container.State.IsRunning() && !all && n <= 0 && since == "" && before == "" { + if !container.State.Running && !all && n <= 0 && since == "" && before == "" { return nil } if before != "" && !foundBefore { @@ -87,7 +87,7 @@ func (daemon *Daemon) Containers(job *engine.Job) engine.Status { return errLast } } - if len(filt_exited) > 0 && !container.State.IsRunning() { + if len(filt_exited) > 0 && !container.State.Running { should_skip := true for _, code := range filt_exited { if code == container.State.GetExitCode() { diff --git a/components/engine/daemon/monitor.go b/components/engine/daemon/monitor.go index 7ce6a6e7af..3d5a3de771 100644 --- a/components/engine/daemon/monitor.go +++ b/components/engine/daemon/monitor.go @@ -110,7 +110,7 @@ func (m *containerMonitor) Start() error { defer func() { if afterRun { m.container.Lock() - m.container.State.SetStopped(exitStatus) + m.container.State.setStopped(exitStatus) defer m.container.Unlock() } m.Close() @@ -123,7 +123,7 @@ func (m *containerMonitor) Start() error { m.container.RestartCount++ if err := m.container.startLoggingToDisk(); err != nil { - m.resetContainer() + m.resetContainer(false) return err } @@ -138,7 +138,7 @@ func (m *containerMonitor) Start() error { // if we receive an internal error from the initial start of a container then lets // return it instead of entering the restart loop if m.container.RestartCount == 0 { - m.resetContainer() + m.resetContainer(false) return err } @@ -154,7 +154,7 @@ func (m *containerMonitor) Start() error { if m.shouldRestart(exitStatus) { m.container.State.SetRestarting(exitStatus) m.container.LogEvent("die") - m.resetContainer() + m.resetContainer(true) // sleep with a small time increment between each restart to help avoid issues cased by quickly // restarting the container because of some types of errors ( networking cut out, etc... ) @@ -168,7 +168,7 @@ func (m *containerMonitor) Start() error { continue } m.container.LogEvent("die") - m.resetContainer() + m.resetContainer(true) return err } } @@ -243,7 +243,7 @@ func (m *containerMonitor) callback(command *execdriver.Command) { } } - m.container.State.SetRunning(command.Pid()) + m.container.State.setRunning(command.Pid()) // signal that the process has started // close channel only if not closed @@ -260,8 +260,13 @@ func (m *containerMonitor) callback(command *execdriver.Command) { // resetContainer resets the container's IO and ensures that the command is able to be executed again // by copying the data into a new struct -func (m *containerMonitor) resetContainer() { +// if lock is true, then container locked during reset +func (m *containerMonitor) resetContainer(lock bool) { container := m.container + if lock { + container.Lock() + defer container.Unlock() + } if container.Config.OpenStdin { if err := container.stdin.Close(); err != nil { diff --git a/components/engine/daemon/state.go b/components/engine/daemon/state.go index 44742b78c9..a5557cff29 100644 --- a/components/engine/daemon/state.go +++ b/components/engine/daemon/state.go @@ -1,7 +1,6 @@ package daemon import ( - "encoding/json" "fmt" "sync" "time" @@ -10,7 +9,7 @@ import ( ) type State struct { - sync.RWMutex + sync.Mutex Running bool Paused bool Restarting bool @@ -29,9 +28,6 @@ func NewState() *State { // String returns a human-readable description of the state func (s *State) String() string { - s.RLock() - defer s.RUnlock() - if s.Running { if s.Paused { return fmt.Sprintf("Up %s (Paused)", units.HumanDuration(time.Now().UTC().Sub(s.StartedAt))) @@ -50,16 +46,6 @@ func (s *State) String() string { return fmt.Sprintf("Exited (%d) %s ago", s.ExitCode, units.HumanDuration(time.Now().UTC().Sub(s.FinishedAt))) } -type jState State - -// MarshalJSON for state is needed to avoid race conditions on inspect -func (s *State) MarshalJSON() ([]byte, error) { - s.RLock() - b, err := json.Marshal(jState(*s)) - s.RUnlock() - return b, err -} - func wait(waitChan <-chan struct{}, timeout time.Duration) error { if timeout < 0 { <-waitChan @@ -77,14 +63,14 @@ func wait(waitChan <-chan struct{}, timeout time.Duration) error { // immediatly. If you want wait forever you must supply negative timeout. // Returns pid, that was passed to SetRunning func (s *State) WaitRunning(timeout time.Duration) (int, error) { - s.RLock() - if s.IsRunning() { + s.Lock() + if s.Running { pid := s.Pid - s.RUnlock() + s.Unlock() return pid, nil } waitChan := s.waitChan - s.RUnlock() + s.Unlock() if err := wait(waitChan, timeout); err != nil { return -1, err } @@ -95,14 +81,14 @@ func (s *State) WaitRunning(timeout time.Duration) (int, error) { // immediatly. If you want wait forever you must supply negative timeout. // Returns exit code, that was passed to SetStopped func (s *State) WaitStop(timeout time.Duration) (int, error) { - s.RLock() + s.Lock() if !s.Running { exitCode := s.ExitCode - s.RUnlock() + s.Unlock() return exitCode, nil } waitChan := s.waitChan - s.RUnlock() + s.Unlock() if err := wait(waitChan, timeout); err != nil { return -1, err } @@ -110,28 +96,33 @@ func (s *State) WaitStop(timeout time.Duration) (int, error) { } func (s *State) IsRunning() bool { - s.RLock() + s.Lock() res := s.Running - s.RUnlock() + s.Unlock() return res } func (s *State) GetPid() int { - s.RLock() + s.Lock() res := s.Pid - s.RUnlock() + s.Unlock() return res } func (s *State) GetExitCode() int { - s.RLock() + s.Lock() res := s.ExitCode - s.RUnlock() + s.Unlock() return res } func (s *State) SetRunning(pid int) { s.Lock() + s.setRunning(pid) + s.Unlock() +} + +func (s *State) setRunning(pid int) { s.Running = true s.Paused = false s.Restarting = false @@ -140,11 +131,15 @@ func (s *State) SetRunning(pid int) { s.StartedAt = time.Now().UTC() close(s.waitChan) // fire waiters for start s.waitChan = make(chan struct{}) - s.Unlock() } func (s *State) SetStopped(exitCode int) { s.Lock() + s.setStopped(exitCode) + s.Unlock() +} + +func (s *State) setStopped(exitCode int) { s.Running = false s.Restarting = false s.Pid = 0 @@ -152,7 +147,6 @@ func (s *State) SetStopped(exitCode int) { s.ExitCode = exitCode close(s.waitChan) // fire waiters for stop s.waitChan = make(chan struct{}) - s.Unlock() } // SetRestarting is when docker hanldes the auto restart of containers when they are @@ -172,9 +166,9 @@ func (s *State) SetRestarting(exitCode int) { } func (s *State) IsRestarting() bool { - s.RLock() + s.Lock() res := s.Restarting - s.RUnlock() + s.Unlock() return res } @@ -191,8 +185,8 @@ func (s *State) SetUnpaused() { } func (s *State) IsPaused() bool { - s.RLock() + s.Lock() res := s.Paused - s.RUnlock() + s.Unlock() return res } From cc2787ae0d1857f3978a00715791c380ef86935f Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Fri, 29 Aug 2014 15:21:28 +0400 Subject: [PATCH 085/540] Some more style fixes Signed-off-by: Alexandr Morozov Upstream-commit: 114838cbda38f4808d3a7a0d40b33d2ee445d158 Component: engine --- components/engine/engine/table.go | 2 +- components/engine/graph/pull.go | 5 ++--- components/engine/graph/push.go | 4 ++-- components/engine/graph/service.go | 7 +++---- components/engine/graph/tags.go | 28 ++++++++++++++-------------- components/engine/utils/utils.go | 3 +-- 6 files changed, 23 insertions(+), 26 deletions(-) diff --git a/components/engine/engine/table.go b/components/engine/engine/table.go index c7fe3ab444..4498bdf1ec 100644 --- a/components/engine/engine/table.go +++ b/components/engine/engine/table.go @@ -78,7 +78,7 @@ func (t *Table) WriteListTo(dst io.Writer) (n int64, err error) { if _, err := dst.Write([]byte{','}); err != nil { return -1, err } - n += 1 + n++ } } if _, err := dst.Write([]byte{']'}); err != nil { diff --git a/components/engine/graph/pull.go b/components/engine/graph/pull.go index 97d693c590..1a4e516207 100644 --- a/components/engine/graph/pull.go +++ b/components/engine/graph/pull.go @@ -80,10 +80,9 @@ func (s *TagStore) pullRepository(r *registry.Session, out io.Writer, localName, if err != nil { if strings.Contains(err.Error(), "HTTP code: 404") { return fmt.Errorf("Error: image %s not found", remoteName) - } else { - // Unexpected HTTP error - return err } + // Unexpected HTTP error + return err } log.Debugf("Retrieving the tag list") diff --git a/components/engine/graph/push.go b/components/engine/graph/push.go index db5b73abc2..47cd4342c5 100644 --- a/components/engine/graph/push.go +++ b/components/engine/graph/push.go @@ -18,8 +18,8 @@ import ( func (s *TagStore) getImageList(localRepo map[string]string, requestedTag string) ([]string, map[string][]string, error) { var ( imageList []string - imagesSeen map[string]bool = make(map[string]bool) - tagsByImage map[string][]string = make(map[string][]string) + imagesSeen = make(map[string]bool) + tagsByImage = make(map[string][]string) ) for tag, id := range localRepo { diff --git a/components/engine/graph/service.go b/components/engine/graph/service.go index 0003a5014a..4fb0433c0c 100644 --- a/components/engine/graph/service.go +++ b/components/engine/graph/service.go @@ -170,12 +170,11 @@ func (s *TagStore) CmdTarLayer(job *engine.Job) engine.Status { } defer fs.Close() - if written, err := io.Copy(job.Stdout, fs); err != nil { + written, err := io.Copy(job.Stdout, fs) + if err != nil { return job.Error(err) - } else { - log.Debugf("rendered layer for %s of [%d] size", image.ID, written) } - + log.Debugf("rendered layer for %s of [%d] size", image.ID, written) return engine.StatusOK } return job.Errorf("No such image: %s", name) diff --git a/components/engine/graph/tags.go b/components/engine/graph/tags.go index 9fc3abd21b..eee3be9f2f 100644 --- a/components/engine/graph/tags.go +++ b/components/engine/graph/tags.go @@ -288,42 +288,42 @@ func validateTagName(name string) error { return nil } -func (s *TagStore) poolAdd(kind, key string) (chan struct{}, error) { - s.Lock() - defer s.Unlock() +func (store *TagStore) poolAdd(kind, key string) (chan struct{}, error) { + store.Lock() + defer store.Unlock() - if c, exists := s.pullingPool[key]; exists { + if c, exists := store.pullingPool[key]; exists { return c, fmt.Errorf("pull %s is already in progress", key) } - if c, exists := s.pushingPool[key]; exists { + if c, exists := store.pushingPool[key]; exists { return c, fmt.Errorf("push %s is already in progress", key) } c := make(chan struct{}) switch kind { case "pull": - s.pullingPool[key] = c + store.pullingPool[key] = c case "push": - s.pushingPool[key] = c + store.pushingPool[key] = c default: return nil, fmt.Errorf("Unknown pool type") } return c, nil } -func (s *TagStore) poolRemove(kind, key string) error { - s.Lock() - defer s.Unlock() +func (store *TagStore) poolRemove(kind, key string) error { + store.Lock() + defer store.Unlock() switch kind { case "pull": - if c, exists := s.pullingPool[key]; exists { + if c, exists := store.pullingPool[key]; exists { close(c) - delete(s.pullingPool, key) + delete(store.pullingPool, key) } case "push": - if c, exists := s.pushingPool[key]; exists { + if c, exists := store.pushingPool[key]; exists { close(c) - delete(s.pushingPool, key) + delete(store.pushingPool, key) } default: return fmt.Errorf("Unknown pool type") diff --git a/components/engine/utils/utils.go b/components/engine/utils/utils.go index 8fe913206b..b6ae91afec 100644 --- a/components/engine/utils/utils.go +++ b/components/engine/utils/utils.go @@ -653,9 +653,8 @@ func ValidateContextDirectory(srcPath string, excludes []string) error { if err != nil && os.IsPermission(err) { finalError = fmt.Errorf("no permission to read from '%s'", filePath) return err - } else { - currentFile.Close() } + currentFile.Close() } return nil }) From b6b24f8f8a456a81da26a7001e51e66991914564 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Wed, 28 May 2014 22:10:09 +0400 Subject: [PATCH 086/540] More ipallocator refactoring Now x1.5 faster Signed-off-by: Alexandr Morozov Upstream-commit: 42dd48315fcf6a3a536e0e698396e404246b9f3f Component: engine --- .../daemon/networkdriver/bridge/driver.go | 8 +- .../networkdriver/ipallocator/allocator.go | 81 ++++++++----------- .../ipallocator/allocator_test.go | 40 ++++----- 3 files changed, 58 insertions(+), 71 deletions(-) diff --git a/components/engine/daemon/networkdriver/bridge/driver.go b/components/engine/daemon/networkdriver/bridge/driver.go index 06cf37e79f..c4b10fe07f 100644 --- a/components/engine/daemon/networkdriver/bridge/driver.go +++ b/components/engine/daemon/networkdriver/bridge/driver.go @@ -317,14 +317,14 @@ func createBridgeIface(name string) error { // Allocate a network interface func Allocate(job *engine.Job) engine.Status { var ( - ip *net.IP + ip net.IP err error id = job.Args[0] requestedIP = net.ParseIP(job.Getenv("RequestedIP")) ) if requestedIP != nil { - ip, err = ipallocator.RequestIP(bridgeNetwork, &requestedIP) + ip, err = ipallocator.RequestIP(bridgeNetwork, requestedIP) } else { ip, err = ipallocator.RequestIP(bridgeNetwork, nil) } @@ -342,7 +342,7 @@ func Allocate(job *engine.Job) engine.Status { out.SetInt("IPPrefixLen", size) currentInterfaces.Set(id, &networkInterface{ - IP: *ip, + IP: ip, }) out.WriteTo(job.Stdout) @@ -367,7 +367,7 @@ func Release(job *engine.Job) engine.Status { } } - if err := ipallocator.ReleaseIP(bridgeNetwork, &containerInterface.IP); err != nil { + if err := ipallocator.ReleaseIP(bridgeNetwork, containerInterface.IP); err != nil { log.Infof("Unable to release ip %s", err) } return engine.StatusOK diff --git a/components/engine/daemon/networkdriver/ipallocator/allocator.go b/components/engine/daemon/networkdriver/ipallocator/allocator.go index 1bf8e1da9b..7abb3ffdf4 100644 --- a/components/engine/daemon/networkdriver/ipallocator/allocator.go +++ b/components/engine/daemon/networkdriver/ipallocator/allocator.go @@ -3,19 +3,30 @@ package ipallocator import ( "encoding/binary" "errors" - "github.com/docker/docker/daemon/networkdriver" "net" "sync" + + "github.com/dotcloud/docker/daemon/networkdriver" ) // allocatedMap is thread-unsafe set of allocated IP type allocatedMap struct { - p map[int32]struct{} - last int32 + p map[uint32]struct{} + last uint32 + begin uint32 + end uint32 } -func newAllocatedMap() *allocatedMap { - return &allocatedMap{p: make(map[int32]struct{})} +func newAllocatedMap(network *net.IPNet) *allocatedMap { + firstIP, lastIP := networkdriver.NetworkRange(network) + begin := ipToInt(firstIP) + 2 + end := ipToInt(lastIP) - 1 + return &allocatedMap{ + p: make(map[uint32]struct{}), + begin: begin, // - network + end: end, // - broadcast + last: begin - 1, // so first allocated will be begin + } } type networkSet map[string]*allocatedMap @@ -34,43 +45,36 @@ var ( // will return the next available ip if the ip provided is nil. If the // ip provided is not nil it will validate that the provided ip is available // for use or return an error -func RequestIP(network *net.IPNet, ip *net.IP) (*net.IP, error) { +func RequestIP(network *net.IPNet, ip net.IP) (net.IP, error) { lock.Lock() defer lock.Unlock() key := network.String() allocated, ok := allocatedIPs[key] if !ok { - allocated = newAllocatedMap() + allocated = newAllocatedMap(network) allocatedIPs[key] = allocated } if ip == nil { - return allocated.getNextIP(network) + return allocated.getNextIP() } - return allocated.checkIP(network, ip) + return allocated.checkIP(ip) } // ReleaseIP adds the provided ip back into the pool of // available ips to be returned for use. -func ReleaseIP(network *net.IPNet, ip *net.IP) error { +func ReleaseIP(network *net.IPNet, ip net.IP) error { lock.Lock() defer lock.Unlock() if allocated, exists := allocatedIPs[network.String()]; exists { - pos := getPosition(network, ip) + pos := ipToInt(ip) delete(allocated.p, pos) } return nil } -// convert the ip into the position in the subnet. Only -// position are saved in the set -func getPosition(network *net.IPNet, ip *net.IP) int32 { - first, _ := networkdriver.NetworkRange(network) - return ipToInt(ip) - ipToInt(&first) -} - -func (allocated *allocatedMap) checkIP(network *net.IPNet, ip *net.IP) (*net.IP, error) { - pos := getPosition(network, ip) +func (allocated *allocatedMap) checkIP(ip net.IP) (net.IP, error) { + pos := ipToInt(ip) if _, ok := allocated.p[pos]; ok { return nil, ErrIPAlreadyAllocated } @@ -81,47 +85,30 @@ func (allocated *allocatedMap) checkIP(network *net.IPNet, ip *net.IP) (*net.IP, // return an available ip if one is currently available. If not, // return the next available ip for the nextwork -func (allocated *allocatedMap) getNextIP(network *net.IPNet) (*net.IP, error) { - var ( - ownIP = ipToInt(&network.IP) - first, _ = networkdriver.NetworkRange(network) - base = ipToInt(&first) - size = int(networkdriver.NetworkSize(network.Mask)) - max = int32(size - 2) // size -1 for the broadcast network, -1 for the gateway network - pos = allocated.last - ) - - var ( - firstNetIP = network.IP.To4().Mask(network.Mask) - firstAsInt = ipToInt(&firstNetIP) + 1 - ) - - for i := int32(0); i < max; i++ { - pos = pos%max + 1 - next := int32(base + pos) - - if next == ownIP || next == firstAsInt { - continue +func (allocated *allocatedMap) getNextIP() (net.IP, error) { + for pos := allocated.last + 1; pos != allocated.last; pos++ { + if pos > allocated.end { + pos = allocated.begin } if _, ok := allocated.p[pos]; ok { continue } allocated.p[pos] = struct{}{} allocated.last = pos - return intToIP(next), nil + return intToIP(pos), nil } return nil, ErrNoAvailableIPs } // Converts a 4 bytes IP into a 32 bit integer -func ipToInt(ip *net.IP) int32 { - return int32(binary.BigEndian.Uint32(ip.To4())) +func ipToInt(ip net.IP) uint32 { + return binary.BigEndian.Uint32(ip.To4()) } // Converts 32 bit integer into a 4 bytes IP address -func intToIP(n int32) *net.IP { +func intToIP(n uint32) net.IP { b := make([]byte, 4) - binary.BigEndian.PutUint32(b, uint32(n)) + binary.BigEndian.PutUint32(b, n) ip := net.IP(b) - return &ip + return ip } diff --git a/components/engine/daemon/networkdriver/ipallocator/allocator_test.go b/components/engine/daemon/networkdriver/ipallocator/allocator_test.go index 6897a0a44b..57575bc7bd 100644 --- a/components/engine/daemon/networkdriver/ipallocator/allocator_test.go +++ b/components/engine/daemon/networkdriver/ipallocator/allocator_test.go @@ -17,7 +17,7 @@ func TestRequestNewIps(t *testing.T) { Mask: []byte{255, 255, 255, 0}, } - var ip *net.IP + var ip net.IP var err error for i := 2; i < 10; i++ { ip, err = RequestIP(network, nil) @@ -106,19 +106,19 @@ func TestRequesetSpecificIp(t *testing.T) { ip := net.ParseIP("192.168.1.5") - if _, err := RequestIP(network, &ip); err != nil { + if _, err := RequestIP(network, ip); err != nil { t.Fatal(err) } } func TestConversion(t *testing.T) { ip := net.ParseIP("127.0.0.1") - i := ipToInt(&ip) + i := ipToInt(ip) if i == 0 { t.Fatal("converted to zero") } conv := intToIP(i) - if !ip.Equal(*conv) { + if !ip.Equal(conv) { t.Error(conv.String()) } } @@ -146,7 +146,7 @@ func TestIPAllocator(t *testing.T) { t.Fatal(err) } - assertIPEquals(t, &expectedIPs[i], ip) + assertIPEquals(t, expectedIPs[i], ip) } // Before loop begin // 2(f) - 3(f) - 4(f) - 5(f) - 6(f) @@ -179,19 +179,19 @@ func TestIPAllocator(t *testing.T) { } // Release some IPs in non-sequential order - if err := ReleaseIP(network, &expectedIPs[3]); err != nil { + if err := ReleaseIP(network, expectedIPs[3]); err != nil { t.Fatal(err) } // 2(u) - 3(u) - 4(u) - 5(f) - 6(u) // ↑ - if err := ReleaseIP(network, &expectedIPs[2]); err != nil { + if err := ReleaseIP(network, expectedIPs[2]); err != nil { t.Fatal(err) } // 2(u) - 3(u) - 4(f) - 5(f) - 6(u) // ↑ - if err := ReleaseIP(network, &expectedIPs[4]); err != nil { + if err := ReleaseIP(network, expectedIPs[4]); err != nil { t.Fatal(err) } // 2(u) - 3(u) - 4(f) - 5(f) - 6(f) @@ -199,7 +199,7 @@ func TestIPAllocator(t *testing.T) { // Make sure that IPs are reused in sequential order, starting // with the first released IP - newIPs := make([]*net.IP, 3) + newIPs := make([]net.IP, 3) for i := 0; i < 3; i++ { ip, err := RequestIP(network, nil) if err != nil { @@ -208,9 +208,9 @@ func TestIPAllocator(t *testing.T) { newIPs[i] = ip } - assertIPEquals(t, &expectedIPs[2], newIPs[0]) - assertIPEquals(t, &expectedIPs[3], newIPs[1]) - assertIPEquals(t, &expectedIPs[4], newIPs[2]) + assertIPEquals(t, expectedIPs[2], newIPs[0]) + assertIPEquals(t, expectedIPs[3], newIPs[1]) + assertIPEquals(t, expectedIPs[4], newIPs[2]) _, err = RequestIP(network, nil) if err == nil { @@ -226,7 +226,7 @@ func TestAllocateFirstIP(t *testing.T) { } firstIP := network.IP.To4().Mask(network.Mask) - first := ipToInt(&firstIP) + 1 + first := ipToInt(firstIP) + 1 ip, err := RequestIP(network, nil) if err != nil { @@ -247,7 +247,7 @@ func TestAllocateAllIps(t *testing.T) { } var ( - current, first *net.IP + current, first net.IP err error isFirst = true ) @@ -313,14 +313,14 @@ func TestAllocateDifferentSubnets(t *testing.T) { if err != nil { t.Fatal(err) } - assertIPEquals(t, &expectedIPs[0], ip11) - assertIPEquals(t, &expectedIPs[1], ip12) - assertIPEquals(t, &expectedIPs[2], ip21) - assertIPEquals(t, &expectedIPs[3], ip22) + assertIPEquals(t, expectedIPs[0], ip11) + assertIPEquals(t, expectedIPs[1], ip12) + assertIPEquals(t, expectedIPs[2], ip21) + assertIPEquals(t, expectedIPs[3], ip22) } -func assertIPEquals(t *testing.T, ip1, ip2 *net.IP) { - if !ip1.Equal(*ip2) { +func assertIPEquals(t *testing.T, ip1, ip2 net.IP) { + if !ip1.Equal(ip2) { t.Fatalf("Expected IP %s, got %s", ip1, ip2) } } From b1d4f5b84e475dc3491700c83916358c6f82bca6 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Thu, 29 May 2014 00:06:23 +0400 Subject: [PATCH 087/540] Implement allocating IPs from CIDR within bridge network Fixes #4986 Signed-off-by: Alexandr Morozov Upstream-commit: b101022dbe6daa36ebf11df53ad01a399a655963 Component: engine --- components/engine/daemon/config.go | 2 + components/engine/daemon/daemon.go | 1 + .../daemon/networkdriver/bridge/driver.go | 11 +++ .../networkdriver/ipallocator/allocator.go | 35 ++++++-- .../ipallocator/allocator_test.go | 80 +++++++++++++++++++ .../docs/sources/reference/commandline/cli.md | 1 + 6 files changed, 125 insertions(+), 5 deletions(-) diff --git a/components/engine/daemon/config.go b/components/engine/daemon/config.go index 1ca8086933..20d839efa4 100644 --- a/components/engine/daemon/config.go +++ b/components/engine/daemon/config.go @@ -28,6 +28,7 @@ type Config struct { DefaultIp net.IP BridgeIface string BridgeIP string + FixedCIDR string InterContainerCommunication bool GraphDriver string GraphOptions []string @@ -50,6 +51,7 @@ func (config *Config) InstallFlags() { flag.BoolVar(&config.EnableIpForward, []string{"#ip-forward", "-ip-forward"}, true, "Enable net.ipv4.ip_forward") flag.StringVar(&config.BridgeIP, []string{"#bip", "-bip"}, "", "Use this CIDR notation address for the network bridge's IP, not compatible with -b") flag.StringVar(&config.BridgeIface, []string{"b", "-bridge"}, "", "Attach containers to a pre-existing network bridge\nuse 'none' to disable container networking") + flag.StringVar(&config.FixedCIDR, []string{"-fixed-cidr"}, "", "IPv4 subnet for fixed IPs (ex: 10.20.0.0/16)\nthis subnet must be nested in bridge subnet (which is defined by -b or --bip)") flag.BoolVar(&config.InterContainerCommunication, []string{"#icc", "-icc"}, true, "Enable inter-container communication") flag.StringVar(&config.GraphDriver, []string{"s", "-storage-driver"}, "", "Force the Docker runtime to use a specific storage driver") flag.StringVar(&config.ExecDriver, []string{"e", "-exec-driver"}, "native", "Force the Docker runtime to use a specific exec driver") diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go index 0a4d6e0bc5..8bf92be15b 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go @@ -803,6 +803,7 @@ func NewDaemonFromDirectory(config *Config, eng *engine.Engine) (*Daemon, error) job.SetenvBool("EnableIpForward", config.EnableIpForward) job.Setenv("BridgeIface", config.BridgeIface) job.Setenv("BridgeIP", config.BridgeIP) + job.Setenv("FixedCIDR", config.FixedCIDR) job.Setenv("DefaultBindingIP", config.DefaultIp.String()) if err := job.Run(); err != nil { diff --git a/components/engine/daemon/networkdriver/bridge/driver.go b/components/engine/daemon/networkdriver/bridge/driver.go index c4b10fe07f..0ffad75fc1 100644 --- a/components/engine/daemon/networkdriver/bridge/driver.go +++ b/components/engine/daemon/networkdriver/bridge/driver.go @@ -83,6 +83,7 @@ func InitDriver(job *engine.Job) engine.Status { icc = job.GetenvBool("InterContainerCommunication") ipForward = job.GetenvBool("EnableIpForward") bridgeIP = job.Getenv("BridgeIP") + fixedCIDR = job.Getenv("FixedCIDR") ) if defaultIP := job.Getenv("DefaultBindingIP"); defaultIP != "" { @@ -157,6 +158,16 @@ func InitDriver(job *engine.Job) engine.Status { } bridgeNetwork = network + if fixedCIDR != "" { + _, subnet, err := net.ParseCIDR(fixedCIDR) + if err != nil { + return job.Error(err) + } + log.Debugf("Subnet: %v", subnet) + if err := ipallocator.RegisterSubnet(bridgeNetwork, subnet); err != nil { + return job.Error(err) + } + } // https://github.com/docker/docker/issues/2768 job.Eng.Hack_SetGlobalVar("httpapi.bridgeIP", bridgeNetwork.IP) diff --git a/components/engine/daemon/networkdriver/ipallocator/allocator.go b/components/engine/daemon/networkdriver/ipallocator/allocator.go index 7abb3ffdf4..ad7547a4a0 100644 --- a/components/engine/daemon/networkdriver/ipallocator/allocator.go +++ b/components/engine/daemon/networkdriver/ipallocator/allocator.go @@ -6,7 +6,7 @@ import ( "net" "sync" - "github.com/dotcloud/docker/daemon/networkdriver" + "github.com/docker/docker/daemon/networkdriver" ) // allocatedMap is thread-unsafe set of allocated IP @@ -23,8 +23,8 @@ func newAllocatedMap(network *net.IPNet) *allocatedMap { end := ipToInt(lastIP) - 1 return &allocatedMap{ p: make(map[uint32]struct{}), - begin: begin, // - network - end: end, // - broadcast + begin: begin, + end: end, last: begin - 1, // so first allocated will be begin } } @@ -32,8 +32,10 @@ func newAllocatedMap(network *net.IPNet) *allocatedMap { type networkSet map[string]*allocatedMap var ( - ErrNoAvailableIPs = errors.New("no available ip addresses on network") - ErrIPAlreadyAllocated = errors.New("ip already allocated") + ErrNoAvailableIPs = errors.New("no available ip addresses on network") + ErrIPAlreadyAllocated = errors.New("ip already allocated") + ErrNetworkAlreadyRegistered = errors.New("network already registered") + ErrBadSubnet = errors.New("network not contains specified subnet") ) var ( @@ -41,6 +43,29 @@ var ( allocatedIPs = networkSet{} ) +// RegisterSubnet registers network in global allocator with bounds +// defined by subnet. If you want to use network range you must call +// this method before first RequestIP, otherwise full network range will be used +func RegisterSubnet(network *net.IPNet, subnet *net.IPNet) error { + lock.Lock() + defer lock.Unlock() + key := network.String() + if _, ok := allocatedIPs[key]; ok { + return ErrNetworkAlreadyRegistered + } + n := newAllocatedMap(network) + beginIP, endIP := networkdriver.NetworkRange(subnet) + begin, end := ipToInt(beginIP)+1, ipToInt(endIP)-1 + if !(begin >= n.begin && end <= n.end && begin < end) { + return ErrBadSubnet + } + n.begin = begin + n.end = end + n.last = begin - 1 + allocatedIPs[key] = n + return nil +} + // RequestIP requests an available ip from the given network. It // will return the next available ip if the ip provided is nil. If the // ip provided is not nil it will validate that the provided ip is available diff --git a/components/engine/daemon/networkdriver/ipallocator/allocator_test.go b/components/engine/daemon/networkdriver/ipallocator/allocator_test.go index 57575bc7bd..0b5d97e605 100644 --- a/components/engine/daemon/networkdriver/ipallocator/allocator_test.go +++ b/components/engine/daemon/networkdriver/ipallocator/allocator_test.go @@ -318,6 +318,86 @@ func TestAllocateDifferentSubnets(t *testing.T) { assertIPEquals(t, expectedIPs[2], ip21) assertIPEquals(t, expectedIPs[3], ip22) } +func TestRegisterBadTwice(t *testing.T) { + defer reset() + network := &net.IPNet{ + IP: []byte{192, 168, 1, 1}, + Mask: []byte{255, 255, 255, 0}, + } + subnet := &net.IPNet{ + IP: []byte{192, 168, 1, 8}, + Mask: []byte{255, 255, 255, 248}, + } + + if err := RegisterSubnet(network, subnet); err != nil { + t.Fatal(err) + } + subnet = &net.IPNet{ + IP: []byte{192, 168, 1, 16}, + Mask: []byte{255, 255, 255, 248}, + } + if err := RegisterSubnet(network, subnet); err != ErrNetworkAlreadyRegistered { + t.Fatalf("Expecteded ErrNetworkAlreadyRegistered error, got %v", err) + } +} + +func TestRegisterBadRange(t *testing.T) { + defer reset() + network := &net.IPNet{ + IP: []byte{192, 168, 1, 1}, + Mask: []byte{255, 255, 255, 0}, + } + subnet := &net.IPNet{ + IP: []byte{192, 168, 1, 1}, + Mask: []byte{255, 255, 0, 0}, + } + if err := RegisterSubnet(network, subnet); err != ErrBadSubnet { + t.Fatalf("Expected ErrBadSubnet error, got %v", err) + } +} + +func TestAllocateFromRange(t *testing.T) { + defer reset() + network := &net.IPNet{ + IP: []byte{192, 168, 0, 1}, + Mask: []byte{255, 255, 255, 0}, + } + // 192.168.1.9 - 192.168.1.14 + subnet := &net.IPNet{ + IP: []byte{192, 168, 0, 8}, + Mask: []byte{255, 255, 255, 248}, + } + if err := RegisterSubnet(network, subnet); err != nil { + t.Fatal(err) + } + expectedIPs := []net.IP{ + 0: net.IPv4(192, 168, 0, 9), + 1: net.IPv4(192, 168, 0, 10), + 2: net.IPv4(192, 168, 0, 11), + 3: net.IPv4(192, 168, 0, 12), + 4: net.IPv4(192, 168, 0, 13), + 5: net.IPv4(192, 168, 0, 14), + } + for _, ip := range expectedIPs { + rip, err := RequestIP(network, nil) + if err != nil { + t.Fatal(err) + } + assertIPEquals(t, ip, rip) + } + + if _, err := RequestIP(network, nil); err != ErrNoAvailableIPs { + t.Fatalf("Expected ErrNoAvailableIPs error, got %v", err) + } + for _, ip := range expectedIPs { + ReleaseIP(network, ip) + rip, err := RequestIP(network, nil) + if err != nil { + t.Fatal(err) + } + assertIPEquals(t, ip, rip) + } +} func assertIPEquals(t *testing.T, ip1, ip2 net.IP) { if !ip1.Equal(ip2) { diff --git a/components/engine/docs/sources/reference/commandline/cli.md b/components/engine/docs/sources/reference/commandline/cli.md index ef30113882..3d117fe3c9 100644 --- a/components/engine/docs/sources/reference/commandline/cli.md +++ b/components/engine/docs/sources/reference/commandline/cli.md @@ -54,6 +54,7 @@ expect an integer, and they can only be specified once. -b, --bridge="" Attach containers to a pre-existing network bridge use 'none' to disable container networking --bip="" Use this CIDR notation address for the network bridge's IP, not compatible with -b + --fixed-cidr="" IPv4 subnet for fixed IPs (ex: 10.20.0.0/16) -D, --debug=false Enable debug mode -d, --daemon=false Enable daemon mode --dns=[] Force Docker to use specific DNS servers From 9fba71437de4ca3ff68b5ac6e99f2f6e38c04a5d Mon Sep 17 00:00:00 2001 From: nzwsch Date: Sat, 30 Aug 2014 16:02:47 +0900 Subject: [PATCH 088/540] Update nodejs_web_app.md Upstream-commit: 2d1ec162be15d6d1107d4775d75744c9d23f8478 Component: engine --- components/engine/docs/sources/examples/nodejs_web_app.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/components/engine/docs/sources/examples/nodejs_web_app.md b/components/engine/docs/sources/examples/nodejs_web_app.md index 5d69fd713b..d634251fb8 100644 --- a/components/engine/docs/sources/examples/nodejs_web_app.md +++ b/components/engine/docs/sources/examples/nodejs_web_app.md @@ -188,5 +188,4 @@ Now you can call your app using `curl` (install if needed via: We hope this tutorial helped you get up and running with Node.js and CentOS on Docker. You can get the full source code at -[https://github.com/gasi/docker-node-hello](https://github.com/gasi/docker-node-hello). - +[https://github.com/enokd/docker-node-hello/](https://github.com/enokd/docker-node-hello/). From fe6985381c37725e3471927c247f623ea2c200fd Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Sat, 30 Aug 2014 21:43:48 +0400 Subject: [PATCH 089/540] Use increment operator Signed-off-by: Alexandr Morozov Upstream-commit: 16e850fe3ea42f5103c9a11f3db17d11dc4f6ada Component: engine --- components/engine/api/server/server.go | 4 ++-- components/engine/daemon/graphdriver/devmapper/deviceset.go | 4 ++-- components/engine/pkg/httputils/resumablerequestreader.go | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/components/engine/api/server/server.go b/components/engine/api/server/server.go index fd13489a83..ece602160a 100644 --- a/components/engine/api/server/server.go +++ b/components/engine/api/server/server.go @@ -1218,7 +1218,7 @@ func ServeFd(addr string, handle http.Handler) error { }() } - for i := 0; i < len(ls); i += 1 { + for i := 0; i < len(ls); i++ { err := <-chErrors if err != nil { return err @@ -1366,7 +1366,7 @@ func ServeApi(job *engine.Job) engine.Status { }() } - for i := 0; i < len(protoAddrs); i += 1 { + for i := 0; i < len(protoAddrs); i++ { err := <-chErrors if err != nil { return job.Error(err) diff --git a/components/engine/daemon/graphdriver/devmapper/deviceset.go b/components/engine/daemon/graphdriver/devmapper/deviceset.go index 42315c6e82..bb7b07a96d 100644 --- a/components/engine/daemon/graphdriver/devmapper/deviceset.go +++ b/components/engine/daemon/graphdriver/devmapper/deviceset.go @@ -832,7 +832,7 @@ func (devices *DeviceSet) waitRemove(devname string) error { log.Debugf("[deviceset %s] waitRemove(%s)", devices.devicePrefix, devname) defer log.Debugf("[deviceset %s] waitRemove(%s) END", devices.devicePrefix, devname) i := 0 - for ; i < 1000; i += 1 { + for ; i < 1000; i++ { devinfo, err := getInfo(devname) if err != nil { // If there is an error we assume the device doesn't exist. @@ -861,7 +861,7 @@ func (devices *DeviceSet) waitRemove(devname string) error { // or b) the 10 second timeout expires. func (devices *DeviceSet) waitClose(info *DevInfo) error { i := 0 - for ; i < 1000; i += 1 { + for ; i < 1000; i++ { devinfo, err := getInfo(info.Name()) if err != nil { return err diff --git a/components/engine/pkg/httputils/resumablerequestreader.go b/components/engine/pkg/httputils/resumablerequestreader.go index 71533d37c9..3cd1f49179 100644 --- a/components/engine/pkg/httputils/resumablerequestreader.go +++ b/components/engine/pkg/httputils/resumablerequestreader.go @@ -46,7 +46,7 @@ func (r *resumableRequestReader) Read(p []byte) (n int, err error) { } if err != nil && r.failures+1 != r.maxFailures { r.cleanUpResponse() - r.failures += 1 + r.failures++ time.Sleep(5 * time.Duration(r.failures) * time.Second) return 0, nil } else if err != nil { From c382a20d9bcac0fc5d6248be3148f2cb4a1270a8 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Sun, 31 Aug 2014 01:18:15 -0700 Subject: [PATCH 090/540] docker top: fix command when multiple arguments are supplied Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 394a6d3154fe810565ddc5619447c8a82e7ce38c Component: engine --- components/engine/daemon/top.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/daemon/top.go b/components/engine/daemon/top.go index ceaeea157e..f7b981d10a 100644 --- a/components/engine/daemon/top.go +++ b/components/engine/daemon/top.go @@ -29,7 +29,7 @@ func (daemon *Daemon) ContainerTop(job *engine.Job) engine.Status { if err != nil { return job.Error(err) } - output, err := exec.Command("ps", psArgs).Output() + output, err := exec.Command("ps", strings.Split(psArgs, " ")...).Output() if err != nil { return job.Errorf("Error running ps: %s", err) } From 3c324ec48a9d48da874084ed58b5d4cf45735304 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Sun, 31 Aug 2014 05:39:36 -0700 Subject: [PATCH 091/540] Fix panic when `ENV ARG=ARG` is used. Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: a0255ba502d7a60a297aa67604eae75a9e1fbed3 Component: engine --- components/engine/builder/parser/line_parsers.go | 6 ++++++ .../parser/testfiles-negative/env_equals_env/Dockerfile | 3 +++ 2 files changed, 9 insertions(+) create mode 100644 components/engine/builder/parser/testfiles-negative/env_equals_env/Dockerfile diff --git a/components/engine/builder/parser/line_parsers.go b/components/engine/builder/parser/line_parsers.go index 93fa23ee85..de3bdb5f18 100644 --- a/components/engine/builder/parser/line_parsers.go +++ b/components/engine/builder/parser/line_parsers.go @@ -9,6 +9,7 @@ package parser import ( "encoding/json" "errors" + "fmt" "strconv" "strings" ) @@ -43,6 +44,11 @@ func parseEnv(rest string) (*Node, map[string]bool, error) { node := &Node{} rootnode := node strs := TOKEN_WHITESPACE.Split(rest, 2) + + if len(strs) < 2 { + return nil, nil, fmt.Errorf("ENV must have two arguments") + } + node.Value = strs[0] node.Next = &Node{} node.Next.Value = strs[1] diff --git a/components/engine/builder/parser/testfiles-negative/env_equals_env/Dockerfile b/components/engine/builder/parser/testfiles-negative/env_equals_env/Dockerfile new file mode 100644 index 0000000000..08675148ae --- /dev/null +++ b/components/engine/builder/parser/testfiles-negative/env_equals_env/Dockerfile @@ -0,0 +1,3 @@ +FROM busybox + +ENV PATH=PATH From e16ec47eebce16066ed75022658c4cf2de7badb9 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Sun, 31 Aug 2014 05:53:05 -0700 Subject: [PATCH 092/540] Add a test for the multiple arguments passed to `docker top` Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: d7dd35bbd6250fcf42f8fe6521a55813e670f805 Component: engine --- .../integration-cli/docker_cli_top_test.go | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/components/engine/integration-cli/docker_cli_top_test.go b/components/engine/integration-cli/docker_cli_top_test.go index 6535473430..fde90bf7e7 100644 --- a/components/engine/integration-cli/docker_cli_top_test.go +++ b/components/engine/integration-cli/docker_cli_top_test.go @@ -7,6 +7,25 @@ import ( "testing" ) +func TestTopMultipleArgs(t *testing.T) { + runCmd := exec.Command(dockerBinary, "run", "-i", "-d", "busybox", "sleep", "20") + out, _, err := runCommandWithOutput(runCmd) + errorOut(err, t, fmt.Sprintf("failed to start the container: %v", err)) + + cleanedContainerID := stripTrailingCharacters(out) + defer deleteContainer(cleanedContainerID) + + topCmd := exec.Command(dockerBinary, "top", cleanedContainerID, "-o", "pid") + out, _, err = runCommandWithOutput(topCmd) + errorOut(err, t, fmt.Sprintf("failed to run top: %v %v", out, err)) + + if !strings.Contains(out, "PID") { + errorOut(nil, t, fmt.Sprintf("did not see PID after top -o pid")) + } + + logDone("top - multiple arguments") +} + func TestTopNonPrivileged(t *testing.T) { runCmd := exec.Command(dockerBinary, "run", "-i", "-d", "busybox", "sleep", "20") out, _, err := runCommandWithOutput(runCmd) From 3a37023687f7536f40d11a8bdf6bcd536223d2c1 Mon Sep 17 00:00:00 2001 From: Frank Rosquin Date: Sun, 31 Aug 2014 15:40:23 +0200 Subject: [PATCH 093/540] fixed error check using the wrong error value errorOut was using the err from the previous test. Signed-off-by: Frank Rosquin Upstream-commit: 82c536aacd30baf110c074de1f83ae3ab2f9588c Component: engine --- components/engine/integration-cli/docker_cli_top_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/integration-cli/docker_cli_top_test.go b/components/engine/integration-cli/docker_cli_top_test.go index 6535473430..01a7cdfcc8 100644 --- a/components/engine/integration-cli/docker_cli_top_test.go +++ b/components/engine/integration-cli/docker_cli_top_test.go @@ -20,7 +20,7 @@ func TestTopNonPrivileged(t *testing.T) { topCmd = exec.Command(dockerBinary, "top", cleanedContainerID) out2, _, err2 := runCommandWithOutput(topCmd) - errorOut(err, t, fmt.Sprintf("failed to run top: %v %v", out2, err2)) + errorOut(err2, t, fmt.Sprintf("failed to run top: %v %v", out2, err2)) killCmd := exec.Command(dockerBinary, "kill", cleanedContainerID) _, err = runCommand(killCmd) From f0aedfc82080bf9c3c2578e927c4f8a218f7b022 Mon Sep 17 00:00:00 2001 From: Frank Rosquin Date: Sun, 31 Aug 2014 16:35:38 +0200 Subject: [PATCH 094/540] Fixed error check using the wrong error value errorOut was using the err from the previous test. same as #7816 but on TestTopPrivileged, which I missed last time Signed-off-by: Frank Rosquin Upstream-commit: d93c95a332b65948cf37a87a84900323657571f0 Component: engine --- components/engine/integration-cli/docker_cli_top_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/integration-cli/docker_cli_top_test.go b/components/engine/integration-cli/docker_cli_top_test.go index 6535473430..395871794e 100644 --- a/components/engine/integration-cli/docker_cli_top_test.go +++ b/components/engine/integration-cli/docker_cli_top_test.go @@ -52,7 +52,7 @@ func TestTopPrivileged(t *testing.T) { topCmd = exec.Command(dockerBinary, "top", cleanedContainerID) out2, _, err2 := runCommandWithOutput(topCmd) - errorOut(err, t, fmt.Sprintf("failed to run top: %v %v", out2, err2)) + errorOut(err2, t, fmt.Sprintf("failed to run top: %v %v", out2, err2)) killCmd := exec.Command(dockerBinary, "kill", cleanedContainerID) _, err = runCommand(killCmd) From 533c5e1fedc6be4f5fd844c1079169f61d85409b Mon Sep 17 00:00:00 2001 From: Vishal Doshi Date: Sun, 24 Aug 2014 15:48:56 +0530 Subject: [PATCH 095/540] Update debian.md Add some instructions for Debian 7 (aka Wheezy/Stable) Signed-off-by: Vishal Doshi Upstream-commit: d27f1bb00006fc936c0cb393c93131427e68fef6 Component: engine --- .../docs/sources/installation/debian.md | 28 +++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/components/engine/docs/sources/installation/debian.md b/components/engine/docs/sources/installation/debian.md index 0da2f2f5d0..cf9da69b42 100644 --- a/components/engine/docs/sources/installation/debian.md +++ b/components/engine/docs/sources/installation/debian.md @@ -7,6 +7,7 @@ page_keywords: Docker, Docker documentation, installation, debian Docker is supported on the following versions of Debian: - [*Debian 8.0 Jessie (64-bit)*](#debian-jessie-8-64-bit) + - [*Debian 7.5 Wheezy (64-bit)*](#debian-wheezy-7-64-bit) ## Debian Jessie 8.0 (64-bit) @@ -34,7 +35,30 @@ Which should download the `ubuntu` image, and then start `bash` in a container. > If you want to enable memory and swap accounting see > [this](/installation/ubuntulinux/#memory-and-swap-accounting). -### Giving non-root access +## Debian Wheezy/Stable 7.x (64-bit) + +Docker requires Kernel 3.8+, while Wheezy ships with Kernel 3.2 (for more details on why 3.8 is required, see discussion on [bug #407](https://github.com/docker/docker/issues/407%20kernel%20versions)). + +Fortunately, wheezy-backports currently has [Kernel 3.14](https://packages.debian.org/search?suite=wheezy-backports§ion=all&arch=any&searchon=names&keywords=linux-image-amd64), which is officially supported by Docker. + +### Installation + + 1. Install Kernel 3.14 from wheezy-backports + + Add the following line to your `/etc/apt/sources.list` + + `deb http://http.debian.net/debian wheezy-backports main` + + then install the `linux-image-amd64` package (note the use of `-t wheezy-backports`) + + $ sudo apt-get update + $ sudo apt-get install -t wheezy-backports linux-image-amd64 + + 2. Install Docker using the get.docker.io script: + + `curl -sSL https://get.docker.io/ | sh` + +## Giving non-root access The `docker` daemon always runs as the `root` user and the `docker` daemon binds to a Unix socket instead of a TCP port. By default that @@ -68,7 +92,7 @@ use the `-G` flag to specify an alternative group. # Restart the Docker daemon. $ sudo service docker restart + ## What next? Continue with the [User Guide](/userguide/). - From 8c659df87897c057c0900a533b4e214422ea00ec Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Mon, 1 Sep 2014 09:55:53 +1000 Subject: [PATCH 096/540] Try to go for 80-char lines and a little md wrangling. Docker-DCO-1.1-Signed-off-by: Sven Dowideit (github: SvenDowideit) Upstream-commit: 2852037018e435dc61a27725a307595a6f57da40 Component: engine --- .../docs/sources/installation/debian.md | 25 +++++++++++-------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/components/engine/docs/sources/installation/debian.md b/components/engine/docs/sources/installation/debian.md index cf9da69b42..e1416685b6 100644 --- a/components/engine/docs/sources/installation/debian.md +++ b/components/engine/docs/sources/installation/debian.md @@ -37,26 +37,31 @@ Which should download the `ubuntu` image, and then start `bash` in a container. ## Debian Wheezy/Stable 7.x (64-bit) -Docker requires Kernel 3.8+, while Wheezy ships with Kernel 3.2 (for more details on why 3.8 is required, see discussion on [bug #407](https://github.com/docker/docker/issues/407%20kernel%20versions)). +Docker requires Kernel 3.8+, while Wheezy ships with Kernel 3.2 (for more details +on why 3.8 is required, see discussion on +[bug #407](https://github.com/docker/docker/issues/407%20kernel%20versions)). -Fortunately, wheezy-backports currently has [Kernel 3.14](https://packages.debian.org/search?suite=wheezy-backports§ion=all&arch=any&searchon=names&keywords=linux-image-amd64), which is officially supported by Docker. +Fortunately, wheezy-backports currently has [Kernel 3.14 +](https://packages.debian.org/search?suite=wheezy-backports§ion=all&arch=any&searchon=names&keywords=linux-image-amd64), +which is officially supported by Docker. ### Installation - 1. Install Kernel 3.14 from wheezy-backports +1. Install Kernel 3.14 from wheezy-backports - Add the following line to your `/etc/apt/sources.list` + Add the following line to your `/etc/apt/sources.list` - `deb http://http.debian.net/debian wheezy-backports main` + `deb http://http.debian.net/debian wheezy-backports main` - then install the `linux-image-amd64` package (note the use of `-t wheezy-backports`) + then install the `linux-image-amd64` package (note the use of + `-t wheezy-backports`) - $ sudo apt-get update - $ sudo apt-get install -t wheezy-backports linux-image-amd64 + $ sudo apt-get update + $ sudo apt-get install -t wheezy-backports linux-image-amd64 - 2. Install Docker using the get.docker.io script: +2. Install Docker using the get.docker.io script: - `curl -sSL https://get.docker.io/ | sh` + `curl -sSL https://get.docker.io/ | sh` ## Giving non-root access From 987f07dd0b5f2b216dfff69c6c9730718828eef2 Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Wed, 27 Aug 2014 15:19:00 +1000 Subject: [PATCH 097/540] document the cherry-pick process I'm using to make docs updates Docker-DCO-1.1-Signed-off-by: Sven Dowideit (github: SvenDowideit) Upstream-commit: ead942156cadb0ef329379a52f1c42d7693a2dea Component: engine --- components/engine/docs/README.md | 43 ++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/components/engine/docs/README.md b/components/engine/docs/README.md index ba1feb50d4..fd8fdfa6d2 100755 --- a/components/engine/docs/README.md +++ b/components/engine/docs/README.md @@ -97,3 +97,46 @@ to - which you call from the `docker` directory: make AWS_S3_BUCKET=dowideit-docs docs-release +This will publish _only_ to the `http://bucket-url/v1.2/` version of the +documentation. + +If you're publishing the current release's documentation, you need to +also update the root docs pages by running + + make AWS_S3_BUCKET=dowideit-docs BUILD_ROOT=yes docs-release + +## Cherry picking documentation changes to update an existing release. + +Whenever the core team makes a release, they publish the documentation based +on the `release` branch (which is copied into the `docs` branch). The +documentation team can make updates in the meantime, by cherry-picking changes +from `master` into any of the docs branches. + +For example, to update the current release's docs: + + git fetch upstream + git checkout -b post-1.2.0-docs-update-1 upstream/docs + # Then go through the Merge commit linked to PR's (making sure they apply + to that release) + # see https://github.com/docker/docker/commits/master + git cherry-pick -x fe845c4 + # Repeat until you have cherry picked everything you will propose to be merged + git push upstream post-1.2.0-docs-update-1 + +Then make a pull request to merge into the `docs` branch __NOT__ master. + +Once the PR has the needed `LGTM`'s, merge it, then publish to our beta server +to test: + + git fetch upstream + git checkout post-1.2.0-docs-update-1 + git reset --hard upstream/post-1.2.0-docs-update-1 + make AWS_S3_BUCKET=beta-docs.docker.io BUILD_ROOT=yes docs-release + +Then go to http://beta-docs.docker.io.s3-website-us-west-2.amazonaws.com/ +and make sure that what you have published is good. + +When you're happy with it, publish the docs to our live site: + + make AWS_S3_BUCKET=docs.docker.com BUILD_ROOT=yes docs-release + From c3ac4898d53a2d2eccc0d184c74f65ff47920255 Mon Sep 17 00:00:00 2001 From: Eike Herzbach Date: Thu, 28 Aug 2014 19:02:32 +0200 Subject: [PATCH 098/540] alternative to `exit` command: `CTRL-D` Docker-DCO-1.1-Signed-off-by: Eike Herzbach (github: eik3) Upstream-commit: c0c525b3d1a527738c1d942efd70e810908c0eac Component: engine --- components/engine/docs/sources/userguide/dockerizing.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/docs/sources/userguide/dockerizing.md b/components/engine/docs/sources/userguide/dockerizing.md index 02ac90306b..9da4890bfa 100644 --- a/components/engine/docs/sources/userguide/dockerizing.md +++ b/components/engine/docs/sources/userguide/dockerizing.md @@ -81,7 +81,7 @@ of the root directory which shows us what looks like a typical Linux file system. You can play around inside this container and when you're done you can -use the `exit` command to finish. +use the `exit` command or enter Ctrl-D to finish. root@af8bae53bdd3:/# exit From 797834a228322c09c81e2da28c4875a746189056 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Mon, 1 Sep 2014 19:55:39 +0400 Subject: [PATCH 099/540] Move TestRunCidFileCleanupIfEmpty to integration-cli Signed-off-by: Alexandr Morozov Upstream-commit: 8892320835ad2b21b0efd4848d2af0d8a791a8e9 Component: engine --- .../integration-cli/docker_cli_run_test.go | 23 +++++++++++++++ .../engine/integration/commands_test.go | 29 ------------------- 2 files changed, 23 insertions(+), 29 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index b50d580163..189ac917ba 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -1772,3 +1772,26 @@ func TestHostsLinkedContainerUpdate(t *testing.T) { logDone("run - /etc/hosts updated in parent when restart") } + +// Ensure that CIDFile gets deleted if it's empty +// Perform this test by making `docker run` fail +func TestRunCidFileCleanupIfEmpty(t *testing.T) { + tmpDir, err := ioutil.TempDir("", "TestRunCidFile") + if err != nil { + t.Fatal(err) + } + defer os.RemoveAll(tmpDir) + tmpCidFile := path.Join(tmpDir, "cid") + cmd := exec.Command(dockerBinary, "run", "--cidfile", tmpCidFile, "scratch") + out, _, err := runCommandWithOutput(cmd) + t.Log(out) + if err == nil { + t.Fatal("Run without command must fail") + } + + if _, err := os.Stat(tmpCidFile); err == nil { + t.Fatalf("empty CIDFile '%s' should've been deleted", tmpCidFile) + } + deleteAllContainers() + logDone("run - cleanup empty cidfile on fail") +} diff --git a/components/engine/integration/commands_test.go b/components/engine/integration/commands_test.go index 10735750dc..60deac5b62 100644 --- a/components/engine/integration/commands_test.go +++ b/components/engine/integration/commands_test.go @@ -583,32 +583,3 @@ func TestRunCidFileCheckIDLength(t *testing.T) { }) } - -// Ensure that CIDFile gets deleted if it's empty -// Perform this test by making `docker run` fail -func TestRunCidFileCleanupIfEmpty(t *testing.T) { - tmpDir, err := ioutil.TempDir("", "TestRunCidFile") - if err != nil { - t.Fatal(err) - } - tmpCidFile := path.Join(tmpDir, "cid") - - cli := client.NewDockerCli(nil, ioutil.Discard, ioutil.Discard, testDaemonProto, testDaemonAddr, nil) - defer cleanup(globalEngine, t) - - c := make(chan struct{}) - go func() { - defer close(c) - if err := cli.CmdRun("--cidfile", tmpCidFile, unitTestImageID); err == nil { - t.Fatal("running without a command should haveve failed") - } - if _, err := os.Stat(tmpCidFile); err == nil { - t.Fatalf("empty CIDFile '%s' should've been deleted", tmpCidFile) - } - }() - defer os.RemoveAll(tmpDir) - - setTimeout(t, "CmdRun timed out", 5*time.Second, func() { - <-c - }) -} From 4f814a840596a94f0a421269491ba339a2251dc2 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Mon, 1 Sep 2014 20:15:20 +0400 Subject: [PATCH 100/540] Move TestRunCidFileCheckIDLength to integration-cli Signed-off-by: Alexandr Morozov Upstream-commit: 195cee99839a77afec7aaf7fe43cb5a9ceae4f57 Component: engine --- .../integration-cli/docker_cli_run_test.go | 31 +++++++++++ .../engine/integration/commands_test.go | 54 ------------------- 2 files changed, 31 insertions(+), 54 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index 189ac917ba..81198ce213 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -1795,3 +1795,34 @@ func TestRunCidFileCleanupIfEmpty(t *testing.T) { deleteAllContainers() logDone("run - cleanup empty cidfile on fail") } + +// #2098 - Docker cidFiles only contain short version of the containerId +//sudo docker run --cidfile /tmp/docker_test.cid ubuntu echo "test" +// TestRunCidFile tests that run --cidfile returns the longid +func TestRunCidFileCheckIDLength(t *testing.T) { + tmpDir, err := ioutil.TempDir("", "TestRunCidFile") + if err != nil { + t.Fatal(err) + } + tmpCidFile := path.Join(tmpDir, "cid") + defer os.RemoveAll(tmpDir) + cmd := exec.Command(dockerBinary, "run", "-d", "--cidfile", tmpCidFile, "busybox", "true") + out, _, err := runCommandWithOutput(cmd) + if err != nil { + t.Fatal(err) + } + id := strings.TrimSpace(out) + buffer, err := ioutil.ReadFile(tmpCidFile) + if err != nil { + t.Fatal(err) + } + cid := string(buffer) + if len(cid) != 64 { + t.Fatalf("--cidfile should be a long id, not '%s'", id) + } + if cid != id { + t.Fatalf("cid must be equal to %s, got %s", id, cid) + } + deleteAllContainers() + logDone("run - cidfile contains long id") +} diff --git a/components/engine/integration/commands_test.go b/components/engine/integration/commands_test.go index 60deac5b62..a4422a4c46 100644 --- a/components/engine/integration/commands_test.go +++ b/components/engine/integration/commands_test.go @@ -5,8 +5,6 @@ import ( "fmt" "io" "io/ioutil" - "os" - "path" "strings" "testing" "time" @@ -531,55 +529,3 @@ func TestRunErrorBindNonExistingSource(t *testing.T) { <-c }) } - -// #2098 - Docker cidFiles only contain short version of the containerId -//sudo docker run --cidfile /tmp/docker_test.cid ubuntu echo "test" -// TestRunCidFile tests that run --cidfile returns the longid -func TestRunCidFileCheckIDLength(t *testing.T) { - stdout, stdoutPipe := io.Pipe() - - tmpDir, err := ioutil.TempDir("", "TestRunCidFile") - if err != nil { - t.Fatal(err) - } - tmpCidFile := path.Join(tmpDir, "cid") - - cli := client.NewDockerCli(nil, stdoutPipe, ioutil.Discard, testDaemonProto, testDaemonAddr, nil) - defer cleanup(globalEngine, t) - - c := make(chan struct{}) - go func() { - defer close(c) - if err := cli.CmdRun("--cidfile", tmpCidFile, unitTestImageID, "ls"); err != nil { - t.Fatal(err) - } - }() - - defer os.RemoveAll(tmpDir) - setTimeout(t, "Reading command output time out", 2*time.Second, func() { - cmdOutput, err := bufio.NewReader(stdout).ReadString('\n') - if err != nil { - t.Fatal(err) - } - if len(cmdOutput) < 1 { - t.Fatalf("'ls' should return something , not '%s'", cmdOutput) - } - //read the tmpCidFile - buffer, err := ioutil.ReadFile(tmpCidFile) - if err != nil { - t.Fatal(err) - } - id := string(buffer) - - if len(id) != len("2bf44ea18873287bd9ace8a4cb536a7cbe134bed67e805fdf2f58a57f69b320c") { - t.Fatalf("--cidfile should be a long id, not '%s'", id) - } - //test that its a valid cid? (though the container is gone..) - //remove the file and dir. - }) - - setTimeout(t, "CmdRun timed out", 5*time.Second, func() { - <-c - }) - -} From 3d35a8c72636cdcaac028f675315f51d23cbf9aa Mon Sep 17 00:00:00 2001 From: Anand Patil Date: Fri, 25 Jul 2014 09:42:25 -0700 Subject: [PATCH 101/540] v1.13 and 1.14 api docs now match runconfig/config.go Upstream-commit: eac6a5d78906a70ddc3264f8d0a87369aefaedf0 Component: engine --- .../docs/sources/reference/api/docker_remote_api_v1.13.md | 5 ++++- .../docs/sources/reference/api/docker_remote_api_v1.14.md | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md index 69bb59d76e..b5922854e2 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md @@ -110,9 +110,12 @@ Create a container { "Hostname":"", + "Domainname": "", "User":"", "Memory":0, "MemorySwap":0, + "CpuShares": 512, + "Cpuset": "0,1", "AttachStdin":false, "AttachStdout":true, "AttachStderr":true, @@ -129,7 +132,7 @@ Create a container "/tmp": {} }, "WorkingDir":"", - "DisableNetwork": false, + "NetworkDisabled": false, "ExposedPorts":{ "22/tcp": {} } diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md index 3058a6770f..b23414d803 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md @@ -110,9 +110,12 @@ Create a container { "Hostname":"", + "Domainname": "", "User":"", "Memory":0, "MemorySwap":0, + "CpuShares": 512, + "Cpuset": "0,1", "AttachStdin":false, "AttachStdout":true, "AttachStderr":true, @@ -129,7 +132,7 @@ Create a container "/tmp": {} }, "WorkingDir":"", - "DisableNetwork": false, + "NetworkDisabled": false, "ExposedPorts":{ "22/tcp": {} } From e5f24c4f6ab7905f21970997cf77e019cc982250 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Mon, 1 Sep 2014 18:41:42 +0000 Subject: [PATCH 102/540] more updates Signed-off-by: Victor Vieux Upstream-commit: 2d8695761d0241d2c9b8bfe4274674c702c6a14d Component: engine --- .../sources/reference/api/docker_remote_api_v1.12.md | 10 ++++++++-- .../sources/reference/api/docker_remote_api_v1.13.md | 5 ++++- .../sources/reference/api/docker_remote_api_v1.14.md | 5 ++++- .../sources/reference/api/docker_remote_api_v1.15.md | 10 ++++++++-- 4 files changed, 24 insertions(+), 6 deletions(-) diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.12.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.12.md index d0fa77b0ae..4ca1d6044d 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.12.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.12.md @@ -112,9 +112,12 @@ Create a container { "Hostname":"", + "Domainname": "", "User":"", "Memory":0, "MemorySwap":0, + "CpuShares": 512, + "Cpuset": "0,1", "AttachStdin":false, "AttachStdout":true, "AttachStderr":true, @@ -131,7 +134,7 @@ Create a container "/tmp": {} }, "WorkingDir":"", - "DisableNetwork": false, + "NetworkDisabled": false, "ExposedPorts":{ "22/tcp": {} } @@ -1244,9 +1247,12 @@ Create a new image from a container's changes { "Hostname":"", + "Domainname": "", "User":"", "Memory":0, "MemorySwap":0, + "CpuShares": 512, + "Cpuset": "0,1", "AttachStdin":false, "AttachStdout":true, "AttachStderr":true, @@ -1262,7 +1268,7 @@ Create a new image from a container's changes "/tmp": {} }, "WorkingDir":"", - "DisableNetwork": false, + "NetworkDisabled": false, "ExposedPorts":{ "22/tcp": {} } diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md index b5922854e2..37358b8b0d 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.13.md @@ -1245,9 +1245,12 @@ Create a new image from a container's changes { "Hostname":"", + "Domainname": "", "User":"", "Memory":0, "MemorySwap":0, + "CpuShares": 512, + "Cpuset": "0,1", "AttachStdin":false, "AttachStdout":true, "AttachStderr":true, @@ -1263,7 +1266,7 @@ Create a new image from a container's changes "/tmp": {} }, "WorkingDir":"", - "DisableNetwork": false, + "NetworkDisabled": false, "ExposedPorts":{ "22/tcp": {} } diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md index b23414d803..ec38b8fc1a 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.14.md @@ -1249,9 +1249,12 @@ Create a new image from a container's changes { "Hostname":"", + "Domainname": "", "User":"", "Memory":0, "MemorySwap":0, + "CpuShares": 512, + "Cpuset": "0,1", "AttachStdin":false, "AttachStdout":true, "AttachStderr":true, @@ -1267,7 +1270,7 @@ Create a new image from a container's changes "/tmp": {} }, "WorkingDir":"", - "DisableNetwork": false, + "NetworkDisabled": false, "ExposedPorts":{ "22/tcp": {} } diff --git a/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md b/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md index 03446c2870..fca8669dce 100644 --- a/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md +++ b/components/engine/docs/sources/reference/api/docker_remote_api_v1.15.md @@ -110,9 +110,12 @@ Create a container { "Hostname":"", + "Domainname": "", "User":"", "Memory":0, "MemorySwap":0, + "CpuShares": 512, + "Cpuset": "0,1", "AttachStdin":false, "AttachStdout":true, "AttachStderr":true, @@ -129,7 +132,7 @@ Create a container "/tmp": {} }, "WorkingDir":"", - "DisableNetwork": false, + "NetworkDisabled": false, "ExposedPorts":{ "22/tcp": {} } @@ -1246,9 +1249,12 @@ Create a new image from a container's changes { "Hostname":"", + "Domainname": "", "User":"", "Memory":0, "MemorySwap":0, + "CpuShares": 512, + "Cpuset": "0,1", "AttachStdin":false, "AttachStdout":true, "AttachStderr":true, @@ -1264,7 +1270,7 @@ Create a new image from a container's changes "/tmp": {} }, "WorkingDir":"", - "DisableNetwork": false, + "NetworkDisabled": false, "ExposedPorts":{ "22/tcp": {} } From a7e2cb41240a067e297c249d3624ae255296dfe4 Mon Sep 17 00:00:00 2001 From: Vishnu Kannan Date: Tue, 26 Aug 2014 22:05:37 +0000 Subject: [PATCH 103/540] Refactoring execdriver.Command and Container structs to support 'docker exec' and other similar features in the future. Docker-DCO-1.1-Signed-off-by: Vishnu Kannan (github: vishh) Upstream-commit: 4aa5da278f49c889d43191f82ff42d3a95266d62 Component: engine --- components/engine/daemon/attach.go | 11 ++-- components/engine/daemon/container.go | 59 +++++++++++-------- components/engine/daemon/daemon.go | 10 ++-- components/engine/daemon/execdriver/driver.go | 31 ++++++---- .../engine/daemon/execdriver/lxc/driver.go | 48 +++++++-------- .../daemon/execdriver/lxc/lxc_template.go | 6 +- .../execdriver/lxc/lxc_template_unit_test.go | 7 ++- .../engine/daemon/execdriver/native/create.go | 10 ++-- .../engine/daemon/execdriver/native/driver.go | 46 +++++++-------- .../engine/daemon/execdriver/termconsole.go | 4 +- components/engine/daemon/monitor.go | 26 ++++---- .../engine/integration/commands_test.go | 2 +- .../engine/integration/container_test.go | 16 ++--- components/engine/integration/runtime_test.go | 2 +- components/engine/integration/utils_test.go | 6 +- 15 files changed, 150 insertions(+), 134 deletions(-) diff --git a/components/engine/daemon/attach.go b/components/engine/daemon/attach.go index 13824ea842..b6d6ac9174 100644 --- a/components/engine/daemon/attach.go +++ b/components/engine/daemon/attach.go @@ -103,7 +103,6 @@ func (daemon *Daemon) ContainerAttach(job *engine.Job) engine.Status { } <-daemon.Attach(container, cStdin, cStdinCloser, cStdout, cStderr) - // If we are in stdinonce mode, wait for the process to end // otherwise, simply return if container.Config.StdinOnce && !container.Config.Tty { @@ -128,7 +127,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo if stdin != nil && container.Config.OpenStdin { nJobs++ - if cStdin, err := container.StdinPipe(); err != nil { + if cStdin, err := container.StdConfig.StdinPipe(); err != nil { errors <- err } else { go func() { @@ -164,7 +163,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo } if stdout != nil { nJobs++ - if p, err := container.StdoutPipe(); err != nil { + if p, err := container.StdConfig.StdoutPipe(); err != nil { errors <- err } else { cStdout = p @@ -193,7 +192,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo if stdinCloser != nil { defer stdinCloser.Close() } - if cStdout, err := container.StdoutPipe(); err != nil { + if cStdout, err := container.StdConfig.StdoutPipe(); err != nil { log.Errorf("attach: stdout pipe: %s", err) } else { io.Copy(&utils.NopWriter{}, cStdout) @@ -202,7 +201,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo } if stderr != nil { nJobs++ - if p, err := container.StderrPipe(); err != nil { + if p, err := container.StdConfig.StderrPipe(); err != nil { errors <- err } else { cStderr = p @@ -232,7 +231,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo defer stdinCloser.Close() } - if cStderr, err := container.StderrPipe(); err != nil { + if cStderr, err := container.StdConfig.StderrPipe(); err != nil { log.Errorf("attach: stdout pipe: %s", err) } else { io.Copy(&utils.NopWriter{}, cStderr) diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index 72e4dfd63e..657651fe1a 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -41,6 +41,13 @@ var ( ErrContainerStartTimeout = errors.New("The container failed to start due to timed out.") ) +type StdConfig struct { + stdout *broadcastwriter.BroadcastWriter + stderr *broadcastwriter.BroadcastWriter + stdin io.ReadCloser + stdinPipe io.WriteCloser +} + type Container struct { *State root string // Path to the "home" of the container, including metadata. @@ -66,10 +73,7 @@ type Container struct { ExecDriver string command *execdriver.Command - stdout *broadcastwriter.BroadcastWriter - stderr *broadcastwriter.BroadcastWriter - stdin io.ReadCloser - stdinPipe io.WriteCloser + StdConfig StdConfig daemon *Daemon MountLabel, ProcessLabel string @@ -247,26 +251,31 @@ func populateCommand(c *Container, env []string) error { CpuShares: c.Config.CpuShares, Cpuset: c.Config.Cpuset, } + + processConfig := execdriver.ProcessConfig{ + Privileged: c.hostConfig.Privileged, + Entrypoint: c.Path, + Arguments: c.Args, + Tty: c.Config.Tty, + User: c.Config.User, + } + processConfig.SysProcAttr = &syscall.SysProcAttr{Setsid: true} + processConfig.Env = env c.command = &execdriver.Command{ ID: c.ID, - Privileged: c.hostConfig.Privileged, Rootfs: c.RootfsPath(), InitPath: "/.dockerinit", - Entrypoint: c.Path, - Arguments: c.Args, WorkingDir: c.Config.WorkingDir, Network: en, - Tty: c.Config.Tty, - User: c.Config.User, Config: context, Resources: resources, AllowedDevices: allowedDevices, AutoCreatedDevices: autoCreatedDevices, CapAdd: c.hostConfig.CapAdd, CapDrop: c.hostConfig.CapDrop, + ProcessConfig: processConfig, } - c.command.SysProcAttr = &syscall.SysProcAttr{Setsid: true} - c.command.Env = env + return nil } @@ -329,7 +338,7 @@ func (container *Container) Run() error { } func (container *Container) Output() (output []byte, err error) { - pipe, err := container.StdoutPipe() + pipe, err := container.StdConfig.StdoutPipe() if err != nil { return nil, err } @@ -342,7 +351,7 @@ func (container *Container) Output() (output []byte, err error) { return output, err } -// Container.StdinPipe returns a WriteCloser which can be used to feed data +// StdConfig.StdinPipe returns a WriteCloser which can be used to feed data // to the standard input of the container's active process. // Container.StdoutPipe and Container.StderrPipe each return a ReadCloser // which can be used to retrieve the standard output (and error) generated @@ -350,31 +359,31 @@ func (container *Container) Output() (output []byte, err error) { // copied and delivered to all StdoutPipe and StderrPipe consumers, using // a kind of "broadcaster". -func (container *Container) StdinPipe() (io.WriteCloser, error) { - return container.stdinPipe, nil +func (stdConfig *StdConfig) StdinPipe() (io.WriteCloser, error) { + return stdConfig.stdinPipe, nil } -func (container *Container) StdoutPipe() (io.ReadCloser, error) { +func (stdConfig *StdConfig) StdoutPipe() (io.ReadCloser, error) { reader, writer := io.Pipe() - container.stdout.AddWriter(writer, "") + stdConfig.stdout.AddWriter(writer, "") return utils.NewBufReader(reader), nil } -func (container *Container) StderrPipe() (io.ReadCloser, error) { +func (stdConfig *StdConfig) StderrPipe() (io.ReadCloser, error) { reader, writer := io.Pipe() - container.stderr.AddWriter(writer, "") + stdConfig.stderr.AddWriter(writer, "") return utils.NewBufReader(reader), nil } func (container *Container) StdoutLogPipe() io.ReadCloser { reader, writer := io.Pipe() - container.stdout.AddWriter(writer, "stdout") + container.StdConfig.stdout.AddWriter(writer, "stdout") return utils.NewBufReader(reader) } func (container *Container) StderrLogPipe() io.ReadCloser { reader, writer := io.Pipe() - container.stderr.AddWriter(writer, "stderr") + container.StdConfig.stderr.AddWriter(writer, "stderr") return utils.NewBufReader(reader) } @@ -631,7 +640,7 @@ func (container *Container) Restart(seconds int) error { } func (container *Container) Resize(h, w int) error { - return container.command.Terminal.Resize(h, w) + return container.command.ProcessConfig.Terminal.Resize(h, w) } func (container *Container) ExportRw() (archive.Archive, error) { @@ -815,7 +824,7 @@ func (container *Container) Exposes(p nat.Port) bool { } func (container *Container) GetPtyMaster() (*os.File, error) { - ttyConsole, ok := container.command.Terminal.(execdriver.TtyTerminal) + ttyConsole, ok := container.command.ProcessConfig.Terminal.(execdriver.TtyTerminal) if !ok { return nil, ErrNoTTY } @@ -1083,11 +1092,11 @@ func (container *Container) startLoggingToDisk() error { return err } - if err := container.daemon.LogToDisk(container.stdout, pth, "stdout"); err != nil { + if err := container.daemon.LogToDisk(container.StdConfig.stdout, pth, "stdout"); err != nil { return err } - if err := container.daemon.LogToDisk(container.stderr, pth, "stderr"); err != nil { + if err := container.daemon.LogToDisk(container.StdConfig.stderr, pth, "stderr"); err != nil { return err } diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go index 0a4d6e0bc5..14fa1a6c0f 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go @@ -195,13 +195,13 @@ func (daemon *Daemon) register(container *Container, updateSuffixarray bool) err container.daemon = daemon // Attach to stdout and stderr - container.stderr = broadcastwriter.New() - container.stdout = broadcastwriter.New() + container.StdConfig.stderr = broadcastwriter.New() + container.StdConfig.stdout = broadcastwriter.New() // Attach to stdin if container.Config.OpenStdin { - container.stdin, container.stdinPipe = io.Pipe() + container.StdConfig.stdin, container.StdConfig.stdinPipe = io.Pipe() } else { - container.stdinPipe = utils.NopWriteCloser(ioutil.Discard) // Silently drop stdin + container.StdConfig.stdinPipe = utils.NopWriteCloser(ioutil.Discard) // Silently drop stdin } // done daemon.containers.Add(container.ID, container) @@ -229,7 +229,7 @@ func (daemon *Daemon) register(container *Container, updateSuffixarray bool) err ID: container.ID, } var err error - cmd.Process, err = os.FindProcess(existingPid) + cmd.ProcessConfig.Process, err = os.FindProcess(existingPid) if err != nil { log.Debugf("cannot find existing process for %d", existingPid) } diff --git a/components/engine/daemon/execdriver/driver.go b/components/engine/daemon/execdriver/driver.go index 121c6a5a03..98bad90dea 100644 --- a/components/engine/daemon/execdriver/driver.go +++ b/components/engine/daemon/execdriver/driver.go @@ -20,7 +20,7 @@ var ( ErrDriverNotFound = errors.New("The requested docker init has not been found") ) -type StartCallback func(*Command) +type StartCallback func(*ProcessConfig) // Driver specific information based on // processes registered with the driver @@ -80,20 +80,27 @@ type Mount struct { Private bool `json:"private"` } -// Process wrapps an os/exec.Cmd to add more metadata -type Command struct { +// Describes a process that will be run inside a container. +type ProcessConfig struct { exec.Cmd `json:"-"` + Privileged bool `json:"privileged"` + User string `json:"user"` + Tty bool `json:"tty"` + Entrypoint string `json:"entrypoint"` + Arguments []string `json:"arguments"` + Terminal Terminal `json:"-"` // standard or tty terminal + ContainerPid int `json:"container_pid"` // the pid for the process inside a container + Console string `json:"-"` // dev/console path +} + +// Process wrapps an os/exec.Cmd to add more metadata +type Command struct { ID string `json:"id"` - Privileged bool `json:"privileged"` - User string `json:"user"` Rootfs string `json:"rootfs"` // root fs of the container InitPath string `json:"initpath"` // dockerinit - Entrypoint string `json:"entrypoint"` - Arguments []string `json:"arguments"` WorkingDir string `json:"working_dir"` ConfigPath string `json:"config_path"` // this should be able to be removed when the lxc template is moved into the driver - Tty bool `json:"tty"` Network *Network `json:"network"` Config map[string][]string `json:"config"` // generic values that specific drivers can consume Resources *Resources `json:"resources"` @@ -103,13 +110,11 @@ type Command struct { CapAdd []string `json:"cap_add"` CapDrop []string `json:"cap_drop"` - Terminal Terminal `json:"-"` // standard or tty terminal - Console string `json:"-"` // dev/console path - ContainerPid int `json:"container_pid"` // the pid for the process inside a container + ProcessConfig ProcessConfig `json:"process_config"` // Describes the init process of the container. } // Return the pid of the process // If the process is nil -1 will be returned -func (c *Command) Pid() int { - return c.ContainerPid +func (processConfig *ProcessConfig) Pid() int { + return processConfig.ContainerPid } diff --git a/components/engine/daemon/execdriver/lxc/driver.go b/components/engine/daemon/execdriver/lxc/driver.go index 3b870172bf..127dc63141 100644 --- a/components/engine/daemon/execdriver/lxc/driver.go +++ b/components/engine/daemon/execdriver/lxc/driver.go @@ -59,12 +59,12 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba err error ) - if c.Tty { - term, err = NewTtyConsole(c, pipes) + if c.ProcessConfig.Tty { + term, err = NewTtyConsole(&c.ProcessConfig, pipes) } else { - term, err = execdriver.NewStdConsole(c, pipes) + term, err = execdriver.NewStdConsole(&c.ProcessConfig, pipes) } - c.Terminal = term + c.ProcessConfig.Terminal = term c.Mounts = append(c.Mounts, execdriver.Mount{ Source: d.initPath, @@ -98,11 +98,11 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba "-mtu", strconv.Itoa(c.Network.Mtu), ) - if c.User != "" { - params = append(params, "-u", c.User) + if c.ProcessConfig.User != "" { + params = append(params, "-u", c.ProcessConfig.User) } - if c.Privileged { + if c.ProcessConfig.Privileged { if d.apparmor { params[0] = path.Join(d.root, "lxc-start-unconfined") @@ -122,8 +122,8 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba params = append(params, fmt.Sprintf("-cap-drop=%s", strings.Join(c.CapDrop, ":"))) } - params = append(params, "--", c.Entrypoint) - params = append(params, c.Arguments...) + params = append(params, "--", c.ProcessConfig.Entrypoint) + params = append(params, c.ProcessConfig.Arguments...) if d.sharedRoot { // lxc-start really needs / to be non-shared, or all kinds of stuff break @@ -149,14 +149,14 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba if err != nil { aname = name } - c.Path = aname - c.Args = append([]string{name}, arg...) + c.ProcessConfig.Path = aname + c.ProcessConfig.Args = append([]string{name}, arg...) if err := nodes.CreateDeviceNodes(c.Rootfs, c.AutoCreatedDevices); err != nil { return -1, err } - if err := c.Start(); err != nil { + if err := c.ProcessConfig.Start(); err != nil { return -1, err } @@ -166,7 +166,7 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba ) go func() { - if err := c.Wait(); err != nil { + if err := c.ProcessConfig.Wait(); err != nil { if _, ok := err.(*exec.ExitError); !ok { // Do not propagate the error if it's simply a status code != 0 waitErr = err } @@ -177,17 +177,17 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba // Poll lxc for RUNNING status pid, err := d.waitForStart(c, waitLock) if err != nil { - if c.Process != nil { - c.Process.Kill() - c.Wait() + if c.ProcessConfig.Process != nil { + c.ProcessConfig.Process.Kill() + c.ProcessConfig.Wait() } return -1, err } - c.ContainerPid = pid + c.ProcessConfig.ContainerPid = pid if startCallback != nil { - startCallback(c) + startCallback(&c.ProcessConfig) } <-waitLock @@ -198,10 +198,10 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba /// Return the exit code of the process // if the process has not exited -1 will be returned func getExitCode(c *execdriver.Command) int { - if c.ProcessState == nil { + if c.ProcessConfig.ProcessState == nil { return -1 } - return c.ProcessState.Sys().(syscall.WaitStatus).ExitStatus() + return c.ProcessConfig.ProcessState.Sys().(syscall.WaitStatus).ExitStatus() } func (d *driver) Kill(c *execdriver.Command, sig int) error { @@ -442,7 +442,7 @@ func (d *driver) generateLXCConfig(c *execdriver.Command) (string, error) { } func (d *driver) generateEnvConfig(c *execdriver.Command) error { - data, err := json.Marshal(c.Env) + data, err := json.Marshal(c.ProcessConfig.Env) if err != nil { return err } @@ -462,7 +462,7 @@ type TtyConsole struct { SlavePty *os.File } -func NewTtyConsole(command *execdriver.Command, pipes *execdriver.Pipes) (*TtyConsole, error) { +func NewTtyConsole(processConfig *execdriver.ProcessConfig, pipes *execdriver.Pipes) (*TtyConsole, error) { // lxc is special in that we cannot create the master outside of the container without // opening the slave because we have nothing to provide to the cmd. We have to open both then do // the crazy setup on command right now instead of passing the console path to lxc and telling it @@ -478,12 +478,12 @@ func NewTtyConsole(command *execdriver.Command, pipes *execdriver.Pipes) (*TtyCo SlavePty: ptySlave, } - if err := tty.AttachPipes(&command.Cmd, pipes); err != nil { + if err := tty.AttachPipes(&processConfig.Cmd, pipes); err != nil { tty.Close() return nil, err } - command.Console = tty.SlavePty.Name() + processConfig.Console = tty.SlavePty.Name() return tty, nil } diff --git a/components/engine/daemon/execdriver/lxc/lxc_template.go b/components/engine/daemon/execdriver/lxc/lxc_template.go index 229b0a5144..709c11b9ea 100644 --- a/components/engine/daemon/execdriver/lxc/lxc_template.go +++ b/components/engine/daemon/execdriver/lxc/lxc_template.go @@ -42,7 +42,7 @@ lxc.se_context = {{ .ProcessLabel}} # no controlling tty at all lxc.tty = 1 -{{if .Privileged}} +{{if .ProcessConfig.Privileged}} lxc.cgroup.devices.allow = a {{else}} # no implicit access to devices @@ -66,7 +66,7 @@ lxc.pivotdir = lxc_putold lxc.mount.entry = proc {{escapeFstabSpaces $ROOTFS}}/proc proc nosuid,nodev,noexec 0 0 lxc.mount.entry = sysfs {{escapeFstabSpaces $ROOTFS}}/sys sysfs nosuid,nodev,noexec 0 0 -{{if .Tty}} +{{if .ProcessConfig.Tty}} lxc.mount.entry = {{.Console}} {{escapeFstabSpaces $ROOTFS}}/dev/console none bind,rw 0 0 {{end}} @@ -81,7 +81,7 @@ lxc.mount.entry = {{$value.Source}} {{escapeFstabSpaces $ROOTFS}}/{{escapeFstabS {{end}} {{end}} -{{if .Privileged}} +{{if .ProcessConfig.Privileged}} {{if .AppArmor}} lxc.aa_profile = unconfined {{else}} diff --git a/components/engine/daemon/execdriver/lxc/lxc_template_unit_test.go b/components/engine/daemon/execdriver/lxc/lxc_template_unit_test.go index 8acda804ee..da3553499f 100644 --- a/components/engine/daemon/execdriver/lxc/lxc_template_unit_test.go +++ b/components/engine/daemon/execdriver/lxc/lxc_template_unit_test.go @@ -77,9 +77,11 @@ func TestCustomLxcConfig(t *testing.T) { if err != nil { t.Fatal(err) } - command := &execdriver.Command{ - ID: "1", + processConfig := execdriver.ProcessConfig{ Privileged: false, + } + command := &execdriver.Command{ + ID: "1", Config: map[string][]string{ "lxc": { "lxc.utsname = docker", @@ -90,6 +92,7 @@ func TestCustomLxcConfig(t *testing.T) { Mtu: 1500, Interface: nil, }, + ProcessConfig: processConfig, } p, err := driver.generateLXCConfig(command) diff --git a/components/engine/daemon/execdriver/native/create.go b/components/engine/daemon/execdriver/native/create.go index e475a1f2ad..8a13f23862 100644 --- a/components/engine/daemon/execdriver/native/create.go +++ b/components/engine/daemon/execdriver/native/create.go @@ -23,11 +23,11 @@ import ( func (d *driver) createContainer(c *execdriver.Command) (*libcontainer.Config, error) { container := template.New() - container.Hostname = getEnv("HOSTNAME", c.Env) - container.Tty = c.Tty - container.User = c.User + container.Hostname = getEnv("HOSTNAME", c.ProcessConfig.Env) + container.Tty = c.ProcessConfig.Tty + container.User = c.ProcessConfig.User container.WorkingDir = c.WorkingDir - container.Env = c.Env + container.Env = c.ProcessConfig.Env container.Cgroups.Name = c.ID container.Cgroups.AllowedDevices = c.AllowedDevices container.MountConfig.DeviceNodes = c.AutoCreatedDevices @@ -40,7 +40,7 @@ func (d *driver) createContainer(c *execdriver.Command) (*libcontainer.Config, e return nil, err } - if c.Privileged { + if c.ProcessConfig.Privileged { if err := d.setPrivileged(container); err != nil { return nil, err } diff --git a/components/engine/daemon/execdriver/native/driver.go b/components/engine/daemon/execdriver/native/driver.go index c45188b6bc..f75a0ec00c 100644 --- a/components/engine/daemon/execdriver/native/driver.go +++ b/components/engine/daemon/execdriver/native/driver.go @@ -68,26 +68,26 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba var term execdriver.Terminal - if c.Tty { - term, err = NewTtyConsole(c, pipes) + if c.ProcessConfig.Tty { + term, err = NewTtyConsole(&c.ProcessConfig, pipes) } else { - term, err = execdriver.NewStdConsole(c, pipes) + term, err = execdriver.NewStdConsole(&c.ProcessConfig, pipes) } if err != nil { return -1, err } - c.Terminal = term + c.ProcessConfig.Terminal = term d.Lock() d.activeContainers[c.ID] = &activeContainer{ container: container, - cmd: &c.Cmd, + cmd: &c.ProcessConfig.Cmd, } d.Unlock() var ( dataPath = filepath.Join(d.root, c.ID) - args = append([]string{c.Entrypoint}, c.Arguments...) + args = append([]string{c.ProcessConfig.Entrypoint}, c.ProcessConfig.Arguments...) ) if err := d.createContainerRoot(c.ID); err != nil { @@ -99,9 +99,9 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba return -1, err } - return namespaces.Exec(container, c.Stdin, c.Stdout, c.Stderr, c.Console, c.Rootfs, dataPath, args, func(container *libcontainer.Config, console, rootfs, dataPath, init string, child *os.File, args []string) *exec.Cmd { - c.Path = d.initPath - c.Args = append([]string{ + return namespaces.Exec(container, c.ProcessConfig.Stdin, c.ProcessConfig.Stdout, c.ProcessConfig.Stderr, c.ProcessConfig.Console, c.Rootfs, dataPath, args, func(container *libcontainer.Config, console, rootfs, dataPath, init string, child *os.File, args []string) *exec.Cmd { + c.ProcessConfig.Path = d.initPath + c.ProcessConfig.Args = append([]string{ DriverName, "-console", console, "-pipe", "3", @@ -110,25 +110,25 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba }, args...) // set this to nil so that when we set the clone flags anything else is reset - c.SysProcAttr = &syscall.SysProcAttr{ + c.ProcessConfig.SysProcAttr = &syscall.SysProcAttr{ Cloneflags: uintptr(namespaces.GetNamespaceFlags(container.Namespaces)), } - c.ExtraFiles = []*os.File{child} + c.ProcessConfig.ExtraFiles = []*os.File{child} - c.Env = container.Env - c.Dir = c.Rootfs + c.ProcessConfig.Env = container.Env + c.ProcessConfig.Dir = c.Rootfs - return &c.Cmd + return &c.ProcessConfig.Cmd }, func() { if startCallback != nil { - c.ContainerPid = c.Process.Pid - startCallback(c) + c.ProcessConfig.ContainerPid = c.ProcessConfig.Process.Pid + startCallback(&c.ProcessConfig) } }) } func (d *driver) Kill(p *execdriver.Command, sig int) error { - return syscall.Kill(p.Process.Pid, syscall.Signal(sig)) + return syscall.Kill(p.ProcessConfig.Process.Pid, syscall.Signal(sig)) } func (d *driver) Pause(c *execdriver.Command) error { @@ -176,14 +176,14 @@ func (d *driver) Terminate(p *execdriver.Command) error { state = &libcontainer.State{InitStartTime: string(data)} } - currentStartTime, err := system.GetProcessStartTime(p.Process.Pid) + currentStartTime, err := system.GetProcessStartTime(p.ProcessConfig.Process.Pid) if err != nil { return err } if state.InitStartTime == currentStartTime { - err = syscall.Kill(p.Process.Pid, 9) - syscall.Wait4(p.Process.Pid, nil, 0, nil) + err = syscall.Kill(p.ProcessConfig.Process.Pid, 9) + syscall.Wait4(p.ProcessConfig.Process.Pid, nil, 0, nil) } d.removeContainerRoot(p.ID) @@ -252,7 +252,7 @@ type TtyConsole struct { MasterPty *os.File } -func NewTtyConsole(command *execdriver.Command, pipes *execdriver.Pipes) (*TtyConsole, error) { +func NewTtyConsole(processConfig *execdriver.ProcessConfig, pipes *execdriver.Pipes) (*TtyConsole, error) { ptyMaster, console, err := consolepkg.CreateMasterAndConsole() if err != nil { return nil, err @@ -262,12 +262,12 @@ func NewTtyConsole(command *execdriver.Command, pipes *execdriver.Pipes) (*TtyCo MasterPty: ptyMaster, } - if err := tty.AttachPipes(&command.Cmd, pipes); err != nil { + if err := tty.AttachPipes(&processConfig.Cmd, pipes); err != nil { tty.Close() return nil, err } - command.Console = console + processConfig.Console = console return tty, nil } diff --git a/components/engine/daemon/execdriver/termconsole.go b/components/engine/daemon/execdriver/termconsole.go index dc0e54ccdb..4dc18e5703 100644 --- a/components/engine/daemon/execdriver/termconsole.go +++ b/components/engine/daemon/execdriver/termconsole.go @@ -8,10 +8,10 @@ import ( type StdConsole struct { } -func NewStdConsole(command *Command, pipes *Pipes) (*StdConsole, error) { +func NewStdConsole(processConfig *ProcessConfig, pipes *Pipes) (*StdConsole, error) { std := &StdConsole{} - if err := std.AttachPipes(&command.Cmd, pipes); err != nil { + if err := std.AttachPipes(&processConfig.Cmd, pipes); err != nil { return nil, err } return std, nil diff --git a/components/engine/daemon/monitor.go b/components/engine/daemon/monitor.go index 3d5a3de771..a51f42243a 100644 --- a/components/engine/daemon/monitor.go +++ b/components/engine/daemon/monitor.go @@ -128,7 +128,7 @@ func (m *containerMonitor) Start() error { return err } - pipes := execdriver.NewPipes(m.container.stdin, m.container.stdout, m.container.stderr, m.container.Config.OpenStdin) + pipes := execdriver.NewPipes(m.container.StdConfig.stdin, m.container.StdConfig.stdout, m.container.StdConfig.stderr, m.container.Config.OpenStdin) m.container.LogEvent("start") @@ -233,17 +233,17 @@ func (m *containerMonitor) shouldRestart(exitStatus int) bool { // callback ensures that the container's state is properly updated after we // received ack from the execution drivers -func (m *containerMonitor) callback(command *execdriver.Command) { - if command.Tty { +func (m *containerMonitor) callback(processConfig *execdriver.ProcessConfig) { + if processConfig.Tty { // The callback is called after the process Start() // so we are in the parent process. In TTY mode, stdin/out/err is the PtySlace // which we close here. - if c, ok := command.Stdout.(io.Closer); ok { + if c, ok := processConfig.Stdout.(io.Closer); ok { c.Close() } } - m.container.State.setRunning(command.Pid()) + m.container.State.setRunning(processConfig.Pid()) // signal that the process has started // close channel only if not closed @@ -269,33 +269,33 @@ func (m *containerMonitor) resetContainer(lock bool) { } if container.Config.OpenStdin { - if err := container.stdin.Close(); err != nil { + if err := container.StdConfig.stdin.Close(); err != nil { log.Errorf("%s: Error close stdin: %s", container.ID, err) } } - if err := container.stdout.Clean(); err != nil { + if err := container.StdConfig.stdout.Clean(); err != nil { log.Errorf("%s: Error close stdout: %s", container.ID, err) } - if err := container.stderr.Clean(); err != nil { + if err := container.StdConfig.stderr.Clean(); err != nil { log.Errorf("%s: Error close stderr: %s", container.ID, err) } - if container.command != nil && container.command.Terminal != nil { - if err := container.command.Terminal.Close(); err != nil { + if container.command != nil && container.command.ProcessConfig.Terminal != nil { + if err := container.command.ProcessConfig.Terminal.Close(); err != nil { log.Errorf("%s: Error closing terminal: %s", container.ID, err) } } // Re-create a brand new stdin pipe once the container exited if container.Config.OpenStdin { - container.stdin, container.stdinPipe = io.Pipe() + container.StdConfig.stdin, container.StdConfig.stdinPipe = io.Pipe() } - c := container.command.Cmd + c := container.command.ProcessConfig.Cmd - container.command.Cmd = exec.Cmd{ + container.command.ProcessConfig.Cmd = exec.Cmd{ Stdin: c.Stdin, Stdout: c.Stdout, Stderr: c.Stderr, diff --git a/components/engine/integration/commands_test.go b/components/engine/integration/commands_test.go index a4422a4c46..cc9c2d36f2 100644 --- a/components/engine/integration/commands_test.go +++ b/components/engine/integration/commands_test.go @@ -467,7 +467,7 @@ func TestAttachDisconnect(t *testing.T) { } // Try to avoid the timeout in destroy. Best effort, don't check error - cStdin, _ := container.StdinPipe() + cStdin, _ := container.StdConfig.StdinPipe() cStdin.Close() container.State.WaitStop(-1 * time.Second) } diff --git a/components/engine/integration/container_test.go b/components/engine/integration/container_test.go index 60f3e55bc5..8d4e5dfa11 100644 --- a/components/engine/integration/container_test.go +++ b/components/engine/integration/container_test.go @@ -25,11 +25,11 @@ func TestRestartStdin(t *testing.T) { } defer daemon.Destroy(container) - stdin, err := container.StdinPipe() + stdin, err := container.StdConfig.StdinPipe() if err != nil { t.Fatal(err) } - stdout, err := container.StdoutPipe() + stdout, err := container.StdConfig.StdoutPipe() if err != nil { t.Fatal(err) } @@ -55,11 +55,11 @@ func TestRestartStdin(t *testing.T) { } // Restart and try again - stdin, err = container.StdinPipe() + stdin, err = container.StdConfig.StdinPipe() if err != nil { t.Fatal(err) } - stdout, err = container.StdoutPipe() + stdout, err = container.StdConfig.StdoutPipe() if err != nil { t.Fatal(err) } @@ -101,11 +101,11 @@ func TestStdin(t *testing.T) { } defer daemon.Destroy(container) - stdin, err := container.StdinPipe() + stdin, err := container.StdConfig.StdinPipe() if err != nil { t.Fatal(err) } - stdout, err := container.StdoutPipe() + stdout, err := container.StdConfig.StdoutPipe() if err != nil { t.Fatal(err) } @@ -146,11 +146,11 @@ func TestTty(t *testing.T) { } defer daemon.Destroy(container) - stdin, err := container.StdinPipe() + stdin, err := container.StdConfig.StdinPipe() if err != nil { t.Fatal(err) } - stdout, err := container.StdoutPipe() + stdout, err := container.StdConfig.StdoutPipe() if err != nil { t.Fatal(err) } diff --git a/components/engine/integration/runtime_test.go b/components/engine/integration/runtime_test.go index d81a13d8a9..20b1776c09 100644 --- a/components/engine/integration/runtime_test.go +++ b/components/engine/integration/runtime_test.go @@ -611,7 +611,7 @@ func TestRestore(t *testing.T) { } // Simulate a crash/manual quit of dockerd: process dies, states stays 'Running' - cStdin, _ := container2.StdinPipe() + cStdin, _ := container2.StdConfig.StdinPipe() cStdin.Close() if _, err := container2.State.WaitStop(2 * time.Second); err != nil { t.Fatal(err) diff --git a/components/engine/integration/utils_test.go b/components/engine/integration/utils_test.go index 7962886d2e..a752bf2ded 100644 --- a/components/engine/integration/utils_test.go +++ b/components/engine/integration/utils_test.go @@ -84,11 +84,11 @@ func containerFileExists(eng *engine.Engine, id, dir string, t log.Fataler) bool func containerAttach(eng *engine.Engine, id string, t log.Fataler) (io.WriteCloser, io.ReadCloser) { c := getContainer(eng, id, t) - i, err := c.StdinPipe() + i, err := c.StdConfig.StdinPipe() if err != nil { t.Fatal(err) } - o, err := c.StdoutPipe() + o, err := c.StdConfig.StdoutPipe() if err != nil { t.Fatal(err) } @@ -289,7 +289,7 @@ func runContainer(eng *engine.Engine, r *daemon.Daemon, args []string, t *testin return "", err } defer r.Destroy(container) - stdout, err := container.StdoutPipe() + stdout, err := container.StdConfig.StdoutPipe() if err != nil { return "", err } From 559392405c7f7294c1969508d8c799f9500e30f3 Mon Sep 17 00:00:00 2001 From: Vishnu Kannan Date: Tue, 26 Aug 2014 22:44:00 +0000 Subject: [PATCH 104/540] Rename 'StdConfig' to 'StreamConfig'. Docker-DCO-1.1-Signed-off-by: Vishnu Kannan (github: vishh) Upstream-commit: 3a7e07355a1ad67f71ee4255e06526186fd48f7a Component: engine --- components/engine/daemon/attach.go | 10 +++--- components/engine/daemon/container.go | 34 +++++++++---------- components/engine/daemon/daemon.go | 8 ++--- components/engine/daemon/execdriver/driver.go | 27 ++++++--------- .../engine/daemon/execdriver/lxc/driver.go | 4 +-- .../execdriver/lxc/lxc_template_unit_test.go | 1 + .../engine/daemon/execdriver/native/driver.go | 4 +-- components/engine/daemon/monitor.go | 14 ++++---- .../engine/integration/commands_test.go | 2 +- .../engine/integration/container_test.go | 16 ++++----- components/engine/integration/runtime_test.go | 2 +- components/engine/integration/utils_test.go | 6 ++-- 12 files changed, 61 insertions(+), 67 deletions(-) diff --git a/components/engine/daemon/attach.go b/components/engine/daemon/attach.go index b6d6ac9174..36dd13fb5e 100644 --- a/components/engine/daemon/attach.go +++ b/components/engine/daemon/attach.go @@ -127,7 +127,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo if stdin != nil && container.Config.OpenStdin { nJobs++ - if cStdin, err := container.StdConfig.StdinPipe(); err != nil { + if cStdin, err := container.StdinPipe(); err != nil { errors <- err } else { go func() { @@ -163,7 +163,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo } if stdout != nil { nJobs++ - if p, err := container.StdConfig.StdoutPipe(); err != nil { + if p, err := container.StdoutPipe(); err != nil { errors <- err } else { cStdout = p @@ -192,7 +192,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo if stdinCloser != nil { defer stdinCloser.Close() } - if cStdout, err := container.StdConfig.StdoutPipe(); err != nil { + if cStdout, err := container.StdoutPipe(); err != nil { log.Errorf("attach: stdout pipe: %s", err) } else { io.Copy(&utils.NopWriter{}, cStdout) @@ -201,7 +201,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo } if stderr != nil { nJobs++ - if p, err := container.StdConfig.StderrPipe(); err != nil { + if p, err := container.StderrPipe(); err != nil { errors <- err } else { cStderr = p @@ -231,7 +231,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo defer stdinCloser.Close() } - if cStderr, err := container.StdConfig.StderrPipe(); err != nil { + if cStderr, err := container.StderrPipe(); err != nil { log.Errorf("attach: stdout pipe: %s", err) } else { io.Copy(&utils.NopWriter{}, cStderr) diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index 657651fe1a..4469510b21 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -41,7 +41,7 @@ var ( ErrContainerStartTimeout = errors.New("The container failed to start due to timed out.") ) -type StdConfig struct { +type StreamConfig struct { stdout *broadcastwriter.BroadcastWriter stderr *broadcastwriter.BroadcastWriter stdin io.ReadCloser @@ -72,8 +72,8 @@ type Container struct { Driver string ExecDriver string - command *execdriver.Command - StdConfig StdConfig + command *execdriver.Command + StreamConfig daemon *Daemon MountLabel, ProcessLabel string @@ -338,7 +338,7 @@ func (container *Container) Run() error { } func (container *Container) Output() (output []byte, err error) { - pipe, err := container.StdConfig.StdoutPipe() + pipe, err := container.StdoutPipe() if err != nil { return nil, err } @@ -351,7 +351,7 @@ func (container *Container) Output() (output []byte, err error) { return output, err } -// StdConfig.StdinPipe returns a WriteCloser which can be used to feed data +// StreamConfig.StdinPipe returns a WriteCloser which can be used to feed data // to the standard input of the container's active process. // Container.StdoutPipe and Container.StderrPipe each return a ReadCloser // which can be used to retrieve the standard output (and error) generated @@ -359,31 +359,31 @@ func (container *Container) Output() (output []byte, err error) { // copied and delivered to all StdoutPipe and StderrPipe consumers, using // a kind of "broadcaster". -func (stdConfig *StdConfig) StdinPipe() (io.WriteCloser, error) { - return stdConfig.stdinPipe, nil +func (streamConfig *StreamConfig) StdinPipe() (io.WriteCloser, error) { + return streamConfig.stdinPipe, nil } -func (stdConfig *StdConfig) StdoutPipe() (io.ReadCloser, error) { +func (streamConfig *StreamConfig) StdoutPipe() (io.ReadCloser, error) { reader, writer := io.Pipe() - stdConfig.stdout.AddWriter(writer, "") + streamConfig.stdout.AddWriter(writer, "") return utils.NewBufReader(reader), nil } -func (stdConfig *StdConfig) StderrPipe() (io.ReadCloser, error) { +func (streamConfig *StreamConfig) StderrPipe() (io.ReadCloser, error) { reader, writer := io.Pipe() - stdConfig.stderr.AddWriter(writer, "") + streamConfig.stderr.AddWriter(writer, "") return utils.NewBufReader(reader), nil } -func (container *Container) StdoutLogPipe() io.ReadCloser { +func (streamConfig *StreamConfig) StdoutLogPipe() io.ReadCloser { reader, writer := io.Pipe() - container.StdConfig.stdout.AddWriter(writer, "stdout") + streamConfig.stdout.AddWriter(writer, "stdout") return utils.NewBufReader(reader) } -func (container *Container) StderrLogPipe() io.ReadCloser { +func (streamConfig *StreamConfig) StderrLogPipe() io.ReadCloser { reader, writer := io.Pipe() - container.StdConfig.stderr.AddWriter(writer, "stderr") + streamConfig.stderr.AddWriter(writer, "stderr") return utils.NewBufReader(reader) } @@ -1092,11 +1092,11 @@ func (container *Container) startLoggingToDisk() error { return err } - if err := container.daemon.LogToDisk(container.StdConfig.stdout, pth, "stdout"); err != nil { + if err := container.daemon.LogToDisk(container.stdout, pth, "stdout"); err != nil { return err } - if err := container.daemon.LogToDisk(container.StdConfig.stderr, pth, "stderr"); err != nil { + if err := container.daemon.LogToDisk(container.stderr, pth, "stderr"); err != nil { return err } diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go index 14fa1a6c0f..8e948c3f57 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go @@ -195,13 +195,13 @@ func (daemon *Daemon) register(container *Container, updateSuffixarray bool) err container.daemon = daemon // Attach to stdout and stderr - container.StdConfig.stderr = broadcastwriter.New() - container.StdConfig.stdout = broadcastwriter.New() + container.stderr = broadcastwriter.New() + container.stdout = broadcastwriter.New() // Attach to stdin if container.Config.OpenStdin { - container.StdConfig.stdin, container.StdConfig.stdinPipe = io.Pipe() + container.stdin, container.stdinPipe = io.Pipe() } else { - container.StdConfig.stdinPipe = utils.NopWriteCloser(ioutil.Discard) // Silently drop stdin + container.stdinPipe = utils.NopWriteCloser(ioutil.Discard) // Silently drop stdin } // done daemon.containers.Add(container.ID, container) diff --git a/components/engine/daemon/execdriver/driver.go b/components/engine/daemon/execdriver/driver.go index 98bad90dea..94cb1632ab 100644 --- a/components/engine/daemon/execdriver/driver.go +++ b/components/engine/daemon/execdriver/driver.go @@ -20,7 +20,7 @@ var ( ErrDriverNotFound = errors.New("The requested docker init has not been found") ) -type StartCallback func(*ProcessConfig) +type StartCallback func(*ProcessConfig, int) // Driver specific information based on // processes registered with the driver @@ -84,14 +84,13 @@ type Mount struct { type ProcessConfig struct { exec.Cmd `json:"-"` - Privileged bool `json:"privileged"` - User string `json:"user"` - Tty bool `json:"tty"` - Entrypoint string `json:"entrypoint"` - Arguments []string `json:"arguments"` - Terminal Terminal `json:"-"` // standard or tty terminal - ContainerPid int `json:"container_pid"` // the pid for the process inside a container - Console string `json:"-"` // dev/console path + Privileged bool `json:"privileged"` + User string `json:"user"` + Tty bool `json:"tty"` + Entrypoint string `json:"entrypoint"` + Arguments []string `json:"arguments"` + Terminal Terminal `json:"-"` // standard or tty terminal + Console string `json:"-"` // dev/console path } // Process wrapps an os/exec.Cmd to add more metadata @@ -109,12 +108,6 @@ type Command struct { AutoCreatedDevices []*devices.Device `json:"autocreated_devices"` CapAdd []string `json:"cap_add"` CapDrop []string `json:"cap_drop"` - - ProcessConfig ProcessConfig `json:"process_config"` // Describes the init process of the container. -} - -// Return the pid of the process -// If the process is nil -1 will be returned -func (processConfig *ProcessConfig) Pid() int { - return processConfig.ContainerPid + ContainerPid int `json:"container_pid"` // the pid for the process inside a container + ProcessConfig ProcessConfig `json:"process_config"` // Describes the init process of the container. } diff --git a/components/engine/daemon/execdriver/lxc/driver.go b/components/engine/daemon/execdriver/lxc/driver.go index 127dc63141..023f4b4d7d 100644 --- a/components/engine/daemon/execdriver/lxc/driver.go +++ b/components/engine/daemon/execdriver/lxc/driver.go @@ -184,10 +184,10 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba return -1, err } - c.ProcessConfig.ContainerPid = pid + c.ContainerPid = pid if startCallback != nil { - startCallback(&c.ProcessConfig) + startCallback(&c.ProcessConfig, pid) } <-waitLock diff --git a/components/engine/daemon/execdriver/lxc/lxc_template_unit_test.go b/components/engine/daemon/execdriver/lxc/lxc_template_unit_test.go index da3553499f..2aa4bf6f9e 100644 --- a/components/engine/daemon/execdriver/lxc/lxc_template_unit_test.go +++ b/components/engine/daemon/execdriver/lxc/lxc_template_unit_test.go @@ -52,6 +52,7 @@ func TestLXCConfig(t *testing.T) { Interface: nil, }, AllowedDevices: make([]*devices.Device, 0), + ProcessConfig: execdriver.ProcessConfig{}, } p, err := driver.generateLXCConfig(command) if err != nil { diff --git a/components/engine/daemon/execdriver/native/driver.go b/components/engine/daemon/execdriver/native/driver.go index f75a0ec00c..1d20de73ea 100644 --- a/components/engine/daemon/execdriver/native/driver.go +++ b/components/engine/daemon/execdriver/native/driver.go @@ -121,8 +121,8 @@ func (d *driver) Run(c *execdriver.Command, pipes *execdriver.Pipes, startCallba return &c.ProcessConfig.Cmd }, func() { if startCallback != nil { - c.ProcessConfig.ContainerPid = c.ProcessConfig.Process.Pid - startCallback(&c.ProcessConfig) + c.ContainerPid = c.ProcessConfig.Process.Pid + startCallback(&c.ProcessConfig, c.ContainerPid) } }) } diff --git a/components/engine/daemon/monitor.go b/components/engine/daemon/monitor.go index a51f42243a..e47245a86f 100644 --- a/components/engine/daemon/monitor.go +++ b/components/engine/daemon/monitor.go @@ -128,7 +128,7 @@ func (m *containerMonitor) Start() error { return err } - pipes := execdriver.NewPipes(m.container.StdConfig.stdin, m.container.StdConfig.stdout, m.container.StdConfig.stderr, m.container.Config.OpenStdin) + pipes := execdriver.NewPipes(m.container.stdin, m.container.stdout, m.container.stderr, m.container.Config.OpenStdin) m.container.LogEvent("start") @@ -233,7 +233,7 @@ func (m *containerMonitor) shouldRestart(exitStatus int) bool { // callback ensures that the container's state is properly updated after we // received ack from the execution drivers -func (m *containerMonitor) callback(processConfig *execdriver.ProcessConfig) { +func (m *containerMonitor) callback(processConfig *execdriver.ProcessConfig, pid int) { if processConfig.Tty { // The callback is called after the process Start() // so we are in the parent process. In TTY mode, stdin/out/err is the PtySlace @@ -243,7 +243,7 @@ func (m *containerMonitor) callback(processConfig *execdriver.ProcessConfig) { } } - m.container.State.setRunning(processConfig.Pid()) + m.container.State.setRunning(pid) // signal that the process has started // close channel only if not closed @@ -269,16 +269,16 @@ func (m *containerMonitor) resetContainer(lock bool) { } if container.Config.OpenStdin { - if err := container.StdConfig.stdin.Close(); err != nil { + if err := container.stdin.Close(); err != nil { log.Errorf("%s: Error close stdin: %s", container.ID, err) } } - if err := container.StdConfig.stdout.Clean(); err != nil { + if err := container.stdout.Clean(); err != nil { log.Errorf("%s: Error close stdout: %s", container.ID, err) } - if err := container.StdConfig.stderr.Clean(); err != nil { + if err := container.stderr.Clean(); err != nil { log.Errorf("%s: Error close stderr: %s", container.ID, err) } @@ -290,7 +290,7 @@ func (m *containerMonitor) resetContainer(lock bool) { // Re-create a brand new stdin pipe once the container exited if container.Config.OpenStdin { - container.StdConfig.stdin, container.StdConfig.stdinPipe = io.Pipe() + container.stdin, container.stdinPipe = io.Pipe() } c := container.command.ProcessConfig.Cmd diff --git a/components/engine/integration/commands_test.go b/components/engine/integration/commands_test.go index cc9c2d36f2..a4422a4c46 100644 --- a/components/engine/integration/commands_test.go +++ b/components/engine/integration/commands_test.go @@ -467,7 +467,7 @@ func TestAttachDisconnect(t *testing.T) { } // Try to avoid the timeout in destroy. Best effort, don't check error - cStdin, _ := container.StdConfig.StdinPipe() + cStdin, _ := container.StdinPipe() cStdin.Close() container.State.WaitStop(-1 * time.Second) } diff --git a/components/engine/integration/container_test.go b/components/engine/integration/container_test.go index 8d4e5dfa11..60f3e55bc5 100644 --- a/components/engine/integration/container_test.go +++ b/components/engine/integration/container_test.go @@ -25,11 +25,11 @@ func TestRestartStdin(t *testing.T) { } defer daemon.Destroy(container) - stdin, err := container.StdConfig.StdinPipe() + stdin, err := container.StdinPipe() if err != nil { t.Fatal(err) } - stdout, err := container.StdConfig.StdoutPipe() + stdout, err := container.StdoutPipe() if err != nil { t.Fatal(err) } @@ -55,11 +55,11 @@ func TestRestartStdin(t *testing.T) { } // Restart and try again - stdin, err = container.StdConfig.StdinPipe() + stdin, err = container.StdinPipe() if err != nil { t.Fatal(err) } - stdout, err = container.StdConfig.StdoutPipe() + stdout, err = container.StdoutPipe() if err != nil { t.Fatal(err) } @@ -101,11 +101,11 @@ func TestStdin(t *testing.T) { } defer daemon.Destroy(container) - stdin, err := container.StdConfig.StdinPipe() + stdin, err := container.StdinPipe() if err != nil { t.Fatal(err) } - stdout, err := container.StdConfig.StdoutPipe() + stdout, err := container.StdoutPipe() if err != nil { t.Fatal(err) } @@ -146,11 +146,11 @@ func TestTty(t *testing.T) { } defer daemon.Destroy(container) - stdin, err := container.StdConfig.StdinPipe() + stdin, err := container.StdinPipe() if err != nil { t.Fatal(err) } - stdout, err := container.StdConfig.StdoutPipe() + stdout, err := container.StdoutPipe() if err != nil { t.Fatal(err) } diff --git a/components/engine/integration/runtime_test.go b/components/engine/integration/runtime_test.go index 20b1776c09..d81a13d8a9 100644 --- a/components/engine/integration/runtime_test.go +++ b/components/engine/integration/runtime_test.go @@ -611,7 +611,7 @@ func TestRestore(t *testing.T) { } // Simulate a crash/manual quit of dockerd: process dies, states stays 'Running' - cStdin, _ := container2.StdConfig.StdinPipe() + cStdin, _ := container2.StdinPipe() cStdin.Close() if _, err := container2.State.WaitStop(2 * time.Second); err != nil { t.Fatal(err) diff --git a/components/engine/integration/utils_test.go b/components/engine/integration/utils_test.go index a752bf2ded..7962886d2e 100644 --- a/components/engine/integration/utils_test.go +++ b/components/engine/integration/utils_test.go @@ -84,11 +84,11 @@ func containerFileExists(eng *engine.Engine, id, dir string, t log.Fataler) bool func containerAttach(eng *engine.Engine, id string, t log.Fataler) (io.WriteCloser, io.ReadCloser) { c := getContainer(eng, id, t) - i, err := c.StdConfig.StdinPipe() + i, err := c.StdinPipe() if err != nil { t.Fatal(err) } - o, err := c.StdConfig.StdoutPipe() + o, err := c.StdoutPipe() if err != nil { t.Fatal(err) } @@ -289,7 +289,7 @@ func runContainer(eng *engine.Engine, r *daemon.Daemon, args []string, t *testin return "", err } defer r.Destroy(container) - stdout, err := container.StdConfig.StdoutPipe() + stdout, err := container.StdoutPipe() if err != nil { return "", err } From 3d48a2763091d451aaf8d6306d2a4afcaaf6f8a1 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Mon, 1 Sep 2014 15:17:33 -0700 Subject: [PATCH 105/540] Update libcontainer to 55430d0db7c6bb1198c0bb573a9 Signed-off-by: Michael Crosby Upstream-commit: cf31787cd0559012c1ee581eaf27143af1cc6ce3 Component: engine --- components/engine/hack/vendor.sh | 2 +- .../github.com/docker/libcontainer/Makefile | 4 +- .../docker/libcontainer/cgroups/fs/blkio.go | 25 +++++ .../libcontainer/cgroups/fs/blkio_test.go | 78 ++++++++++++- .../libcontainer/cgroups/fs/cpu_test.go | 3 + .../libcontainer/cgroups/fs/memory_test.go | 7 ++ .../docker/libcontainer/container.go | 4 +- .../github.com/docker/libcontainer/factory.go | 6 +- .../docker/libcontainer/label/label.go | 4 + .../libcontainer/label/label_selinux.go | 8 ++ .../docker/libcontainer/mount/init.go | 68 +++--------- .../docker/libcontainer/mount/mount.go | 104 ++++++++++++++++++ .../mount/{types.go => mount_config.go} | 27 +---- .../libcontainer/sample_configs/minimal.json | 6 + 14 files changed, 260 insertions(+), 86 deletions(-) create mode 100644 components/engine/vendor/src/github.com/docker/libcontainer/mount/mount.go rename components/engine/vendor/src/github.com/docker/libcontainer/mount/{types.go => mount_config.go} (59%) diff --git a/components/engine/hack/vendor.sh b/components/engine/hack/vendor.sh index b175918a3b..490184a80c 100755 --- a/components/engine/hack/vendor.sh +++ b/components/engine/hack/vendor.sh @@ -62,7 +62,7 @@ if [ "$1" = '--go' ]; then mv tmp-tar src/code.google.com/p/go/src/pkg/archive/tar fi -clone git github.com/docker/libcontainer db65c35051d05f3fb218a0e84a11267e0894fe0a +clone git github.com/docker/libcontainer 55430d0db7c6bb1198c0bb573a9700a859d5ec26 # see src/github.com/docker/libcontainer/update-vendor.sh which is the "source of truth" for libcontainer deps (just like this file) rm -rf src/github.com/docker/libcontainer/vendor eval "$(grep '^clone ' src/github.com/docker/libcontainer/update-vendor.sh | grep -v 'github.com/codegangsta/cli')" diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/Makefile b/components/engine/vendor/src/github.com/docker/libcontainer/Makefile index d6852b24ab..4744c5efcc 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/Makefile +++ b/components/engine/vendor/src/github.com/docker/libcontainer/Makefile @@ -4,10 +4,10 @@ all: test: # we need NET_ADMIN for the netlink tests and SYS_ADMIN for mounting - docker run --rm -it --cap-add NET_ADMIN --cap-add SYS_ADMIN docker/libcontainer + docker run --rm -it --privileged docker/libcontainer sh: - docker run --rm -it --cap-add NET_ADMIN --cap-add SYS_ADMIN -w /busybox docker/libcontainer nsinit exec sh + docker run --rm -it --privileged -w /busybox docker/libcontainer nsinit exec sh GO_PACKAGES = $(shell find . -not \( -wholename ./vendor -prune \) -name '*.go' -print0 | xargs -0n1 dirname | sort -u) diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/blkio.go b/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/blkio.go index f784d01151..261a97ff23 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/blkio.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/blkio.go @@ -115,6 +115,14 @@ func getBlkioStat(path string) ([]cgroups.BlkioStatEntry, error) { } func (s *BlkioGroup) GetStats(path string, stats *cgroups.Stats) error { + // Try to read CFQ stats available on all CFQ enabled kernels first + if blkioStats, err := getBlkioStat(filepath.Join(path, "blkio.io_serviced_recursive")); err == nil && blkioStats != nil { + return getCFQStats(path, stats) + } + return getStats(path, stats) // Use generic stats as fallback +} + +func getCFQStats(path string, stats *cgroups.Stats) error { var blkioStats []cgroups.BlkioStatEntry var err error @@ -140,3 +148,20 @@ func (s *BlkioGroup) GetStats(path string, stats *cgroups.Stats) error { return nil } + +func getStats(path string, stats *cgroups.Stats) error { + var blkioStats []cgroups.BlkioStatEntry + var err error + + if blkioStats, err = getBlkioStat(filepath.Join(path, "blkio.throttle.io_service_bytes")); err != nil { + return err + } + stats.BlkioStats.IoServiceBytesRecursive = blkioStats + + if blkioStats, err = getBlkioStat(filepath.Join(path, "blkio.throttle.io_serviced")); err != nil { + return err + } + stats.BlkioStats.IoServicedRecursive = blkioStats + + return nil +} diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/blkio_test.go b/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/blkio_test.go index db6f8d5214..2a79d260f6 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/blkio_test.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/blkio_test.go @@ -26,10 +26,30 @@ Total 50` 8:0 Async 3 8:0 Total 5 Total 5` + throttleServiceBytes = `8:0 Read 11030528 +8:0 Write 23 +8:0 Sync 42 +8:0 Async 11030528 +8:0 Total 11030528 +252:0 Read 11030528 +252:0 Write 23 +252:0 Sync 42 +252:0 Async 11030528 +252:0 Total 11030528 +Total 22061056` + throttleServiced = `8:0 Read 164 +8:0 Write 23 +8:0 Sync 42 +8:0 Async 164 +8:0 Total 164 +252:0 Read 164 +252:0 Write 23 +252:0 Sync 42 +252:0 Async 164 +252:0 Total 164 +Total 328` ) -var actualStats = *cgroups.NewStats() - func appendBlkioStatEntry(blkioStatEntries *[]cgroups.BlkioStatEntry, major, minor, value uint64, op string) { *blkioStatEntries = append(*blkioStatEntries, cgroups.BlkioStatEntry{Major: major, Minor: minor, Value: value, Op: op}) } @@ -45,6 +65,7 @@ func TestBlkioStats(t *testing.T) { }) blkio := &BlkioGroup{} + actualStats := *cgroups.NewStats() err := blkio.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatal(err) @@ -85,6 +106,7 @@ func TestBlkioStatsNoSectorsFile(t *testing.T) { }) blkio := &BlkioGroup{} + actualStats := *cgroups.NewStats() err := blkio.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatalf("Failed unexpectedly: %s", err) @@ -101,6 +123,7 @@ func TestBlkioStatsNoServiceBytesFile(t *testing.T) { }) blkio := &BlkioGroup{} + actualStats := *cgroups.NewStats() err := blkio.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatalf("Failed unexpectedly: %s", err) @@ -117,6 +140,7 @@ func TestBlkioStatsNoServicedFile(t *testing.T) { }) blkio := &BlkioGroup{} + actualStats := *cgroups.NewStats() err := blkio.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatalf("Failed unexpectedly: %s", err) @@ -133,6 +157,7 @@ func TestBlkioStatsNoQueuedFile(t *testing.T) { }) blkio := &BlkioGroup{} + actualStats := *cgroups.NewStats() err := blkio.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatalf("Failed unexpectedly: %s", err) @@ -150,6 +175,7 @@ func TestBlkioStatsUnexpectedNumberOfFields(t *testing.T) { }) blkio := &BlkioGroup{} + actualStats := *cgroups.NewStats() err := blkio.GetStats(helper.CgroupPath, &actualStats) if err == nil { t.Fatal("Expected to fail, but did not") @@ -167,8 +193,56 @@ func TestBlkioStatsUnexpectedFieldType(t *testing.T) { }) blkio := &BlkioGroup{} + actualStats := *cgroups.NewStats() err := blkio.GetStats(helper.CgroupPath, &actualStats) if err == nil { t.Fatal("Expected to fail, but did not") } } + +func TestNonCFQBlkioStats(t *testing.T) { + helper := NewCgroupTestUtil("blkio", t) + defer helper.cleanup() + helper.writeFileContents(map[string]string{ + "blkio.io_service_bytes_recursive": "", + "blkio.io_serviced_recursive": "", + "blkio.io_queued_recursive": "", + "blkio.sectors_recursive": "", + "blkio.throttle.io_service_bytes": throttleServiceBytes, + "blkio.throttle.io_serviced": throttleServiced, + }) + + blkio := &BlkioGroup{} + actualStats := *cgroups.NewStats() + err := blkio.GetStats(helper.CgroupPath, &actualStats) + if err != nil { + t.Fatal(err) + } + + // Verify expected stats. + expectedStats := cgroups.BlkioStats{} + + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 8, 0, 11030528, "Read") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 8, 0, 23, "Write") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 8, 0, 42, "Sync") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 8, 0, 11030528, "Async") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 8, 0, 11030528, "Total") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 252, 0, 11030528, "Read") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 252, 0, 23, "Write") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 252, 0, 42, "Sync") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 252, 0, 11030528, "Async") + appendBlkioStatEntry(&expectedStats.IoServiceBytesRecursive, 252, 0, 11030528, "Total") + + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 8, 0, 164, "Read") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 8, 0, 23, "Write") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 8, 0, 42, "Sync") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 8, 0, 164, "Async") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 8, 0, 164, "Total") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 252, 0, 164, "Read") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 252, 0, 23, "Write") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 252, 0, 42, "Sync") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 252, 0, 164, "Async") + appendBlkioStatEntry(&expectedStats.IoServicedRecursive, 252, 0, 164, "Total") + + expectBlkioStatsEquals(t, expectedStats, actualStats.BlkioStats) +} diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/cpu_test.go b/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/cpu_test.go index 017a1f4b8e..2470e68956 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/cpu_test.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/cpu_test.go @@ -24,6 +24,7 @@ func TestCpuStats(t *testing.T) { }) cpu := &CpuGroup{} + actualStats := *cgroups.NewStats() err := cpu.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatal(err) @@ -42,6 +43,7 @@ func TestNoCpuStatFile(t *testing.T) { defer helper.cleanup() cpu := &CpuGroup{} + actualStats := *cgroups.NewStats() err := cpu.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatal("Expected not to fail, but did") @@ -59,6 +61,7 @@ func TestInvalidCpuStat(t *testing.T) { }) cpu := &CpuGroup{} + actualStats := *cgroups.NewStats() err := cpu.GetStats(helper.CgroupPath, &actualStats) if err == nil { t.Fatal("Expected failed stat parsing.") diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/memory_test.go b/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/memory_test.go index e92f1dafe6..a21cec75c0 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/memory_test.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/cgroups/fs/memory_test.go @@ -25,6 +25,7 @@ func TestMemoryStats(t *testing.T) { }) memory := &MemoryGroup{} + actualStats := *cgroups.NewStats() err := memory.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatal(err) @@ -42,6 +43,7 @@ func TestMemoryStatsNoStatFile(t *testing.T) { }) memory := &MemoryGroup{} + actualStats := *cgroups.NewStats() err := memory.GetStats(helper.CgroupPath, &actualStats) if err != nil { t.Fatal(err) @@ -57,6 +59,7 @@ func TestMemoryStatsNoUsageFile(t *testing.T) { }) memory := &MemoryGroup{} + actualStats := *cgroups.NewStats() err := memory.GetStats(helper.CgroupPath, &actualStats) if err == nil { t.Fatal("Expected failure") @@ -72,6 +75,7 @@ func TestMemoryStatsNoMaxUsageFile(t *testing.T) { }) memory := &MemoryGroup{} + actualStats := *cgroups.NewStats() err := memory.GetStats(helper.CgroupPath, &actualStats) if err == nil { t.Fatal("Expected failure") @@ -88,6 +92,7 @@ func TestMemoryStatsBadStatFile(t *testing.T) { }) memory := &MemoryGroup{} + actualStats := *cgroups.NewStats() err := memory.GetStats(helper.CgroupPath, &actualStats) if err == nil { t.Fatal("Expected failure") @@ -104,6 +109,7 @@ func TestMemoryStatsBadUsageFile(t *testing.T) { }) memory := &MemoryGroup{} + actualStats := *cgroups.NewStats() err := memory.GetStats(helper.CgroupPath, &actualStats) if err == nil { t.Fatal("Expected failure") @@ -120,6 +126,7 @@ func TestMemoryStatsBadMaxUsageFile(t *testing.T) { }) memory := &MemoryGroup{} + actualStats := *cgroups.NewStats() err := memory.GetStats(helper.CgroupPath, &actualStats) if err == nil { t.Fatal("Expected failure") diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/container.go b/components/engine/vendor/src/github.com/docker/libcontainer/container.go index c4d372ce35..ace997b77c 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/container.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/container.go @@ -9,8 +9,8 @@ package libcontainer // be destroyed by a separate process, any function may return that the container // was not found. type Container interface { - // Returns the path to the container which contains the state - Path() string + // Returns the ID of the container + ID() string // Returns the current run state of the container. // diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/factory.go b/components/engine/vendor/src/github.com/docker/libcontainer/factory.go index 9161ff05f3..b744933597 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/factory.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/factory.go @@ -12,14 +12,14 @@ type Factory interface { // System error // // On error, any partially created container parts are cleaned up (the operation is atomic). - Create(path string, config *Config) (Container, error) + Create(id string, config *Config) (Container, error) - // Load takes the path for an existing container and reconstructs the container + // Load takes an ID for an existing container and reconstructs the container // from the state. // // Errors: // Path does not exist // Container is stopped // System error - Load(path string) (Container, error) + Load(id string) (Container, error) } diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/label/label.go b/components/engine/vendor/src/github.com/docker/libcontainer/label/label.go index 73869b36cf..ce60296ea1 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/label/label.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/label/label.go @@ -39,3 +39,7 @@ func Init() { func ReserveLabel(label string) error { return nil } + +func UnreserveLabel(label string) error { + return nil +} diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/label/label_selinux.go b/components/engine/vendor/src/github.com/docker/libcontainer/label/label_selinux.go index 5b1380a2be..0a9a82052c 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/label/label_selinux.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/label/label_selinux.go @@ -128,3 +128,11 @@ func ReserveLabel(label string) error { selinux.ReserveLabel(label) return nil } + +// UnreserveLabel will remove the reservation of the MCS label. +// This will allow InitLabels to use the MCS label in a newly created +// containers +func UnreserveLabel(label string) error { + selinux.FreeLxcContexts(label) + return nil +} diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/mount/init.go b/components/engine/vendor/src/github.com/docker/libcontainer/mount/init.go index 05ab334c36..ea2b732737 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/mount/init.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/mount/init.go @@ -8,7 +8,6 @@ import ( "path/filepath" "syscall" - "github.com/docker/docker/pkg/symlink" "github.com/docker/libcontainer/label" "github.com/docker/libcontainer/mount/nodes" ) @@ -31,24 +30,34 @@ func InitializeMountNamespace(rootfs, console string, sysReadonly bool, mountCon err error flag = syscall.MS_PRIVATE ) + if mountConfig.NoPivotRoot { flag = syscall.MS_SLAVE } + if err := syscall.Mount("", "/", "", uintptr(flag|syscall.MS_REC), ""); err != nil { return fmt.Errorf("mounting / with flags %X %s", (flag | syscall.MS_REC), err) } + if err := syscall.Mount(rootfs, rootfs, "bind", syscall.MS_BIND|syscall.MS_REC, ""); err != nil { return fmt.Errorf("mouting %s as bind %s", rootfs, err) } + if err := mountSystem(rootfs, sysReadonly, mountConfig); err != nil { return fmt.Errorf("mount system %s", err) } - if err := setupBindmounts(rootfs, mountConfig); err != nil { - return fmt.Errorf("bind mounts %s", err) + + // apply any user specified mounts within the new mount namespace + for _, m := range mountConfig.Mounts { + if err := m.Mount(rootfs, mountConfig.MountLabel); err != nil { + return err + } } + if err := nodes.CreateDeviceNodes(rootfs, mountConfig.DeviceNodes); err != nil { return fmt.Errorf("create device nodes %s", err) } + if err := SetupPtmx(rootfs, console, mountConfig.MountLabel); err != nil { return err } @@ -72,6 +81,7 @@ func InitializeMountNamespace(rootfs, console string, sysReadonly bool, mountCon } else { err = PivotRoot(rootfs) } + if err != nil { return err } @@ -90,7 +100,7 @@ func InitializeMountNamespace(rootfs, console string, sysReadonly bool, mountCon // mountSystem sets up linux specific system mounts like sys, proc, shm, and devpts // inside the mount namespace func mountSystem(rootfs string, sysReadonly bool, mountConfig *MountConfig) error { - for _, m := range newSystemMounts(rootfs, mountConfig.MountLabel, sysReadonly, mountConfig.Mounts) { + for _, m := range newSystemMounts(rootfs, mountConfig.MountLabel, sysReadonly) { if err := os.MkdirAll(m.path, 0755); err != nil && !os.IsExist(err) { return fmt.Errorf("mkdirall %s %s", m.path, err) } @@ -151,56 +161,9 @@ func setupDevSymlinks(rootfs string) error { return nil } -func setupBindmounts(rootfs string, mountConfig *MountConfig) error { - bindMounts := mountConfig.Mounts - for _, m := range bindMounts.OfType("bind") { - var ( - flags = syscall.MS_BIND | syscall.MS_REC - dest = filepath.Join(rootfs, m.Destination) - ) - if !m.Writable { - flags = flags | syscall.MS_RDONLY - } - - stat, err := os.Stat(m.Source) - if err != nil { - return err - } - - dest, err = symlink.FollowSymlinkInScope(dest, rootfs) - if err != nil { - return err - } - - if err := createIfNotExists(dest, stat.IsDir()); err != nil { - return fmt.Errorf("Creating new bind-mount target, %s", err) - } - - if err := syscall.Mount(m.Source, dest, "bind", uintptr(flags), ""); err != nil { - return fmt.Errorf("mounting %s into %s %s", m.Source, dest, err) - } - if !m.Writable { - if err := syscall.Mount(m.Source, dest, "bind", uintptr(flags|syscall.MS_REMOUNT), ""); err != nil { - return fmt.Errorf("remounting %s into %s %s", m.Source, dest, err) - } - } - if m.Relabel != "" { - if err := label.Relabel(m.Source, mountConfig.MountLabel, m.Relabel); err != nil { - return fmt.Errorf("relabeling %s to %s %s", m.Source, mountConfig.MountLabel, err) - } - } - if m.Private { - if err := syscall.Mount("", dest, "none", uintptr(syscall.MS_PRIVATE), ""); err != nil { - return fmt.Errorf("mounting %s private %s", dest, err) - } - } - } - return nil -} - // TODO: this is crappy right now and should be cleaned up with a better way of handling system and // standard bind mounts allowing them to be more dynamic -func newSystemMounts(rootfs, mountLabel string, sysReadonly bool, mounts Mounts) []mount { +func newSystemMounts(rootfs, mountLabel string, sysReadonly bool) []mount { systemMounts := []mount{ {source: "proc", path: filepath.Join(rootfs, "proc"), device: "proc", flags: defaultMountFlags}, {source: "tmpfs", path: filepath.Join(rootfs, "dev"), device: "tmpfs", flags: syscall.MS_NOSUID | syscall.MS_STRICTATIME, data: label.FormatMountLabel("mode=755", mountLabel)}, @@ -212,6 +175,7 @@ func newSystemMounts(rootfs, mountLabel string, sysReadonly bool, mounts Mounts) if sysReadonly { sysMountFlags |= syscall.MS_RDONLY } + systemMounts = append(systemMounts, mount{source: "sysfs", path: filepath.Join(rootfs, "sys"), device: "sysfs", flags: sysMountFlags}) return systemMounts diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/mount/mount.go b/components/engine/vendor/src/github.com/docker/libcontainer/mount/mount.go new file mode 100644 index 0000000000..c7865b3c8e --- /dev/null +++ b/components/engine/vendor/src/github.com/docker/libcontainer/mount/mount.go @@ -0,0 +1,104 @@ +package mount + +import ( + "fmt" + "os" + "path/filepath" + "syscall" + + "github.com/docker/docker/pkg/symlink" + "github.com/docker/libcontainer/label" +) + +type Mount struct { + Type string `json:"type,omitempty"` + Source string `json:"source,omitempty"` // Source path, in the host namespace + Destination string `json:"destination,omitempty"` // Destination path, in the container + Writable bool `json:"writable,omitempty"` + Relabel string `json:"relabel,omitempty"` // Relabel source if set, "z" indicates shared, "Z" indicates unshared + Private bool `json:"private,omitempty"` +} + +func (m *Mount) Mount(rootfs, mountLabel string) error { + switch m.Type { + case "bind": + return m.bindMount(rootfs, mountLabel) + case "tmpfs": + return m.tmpfsMount(rootfs, mountLabel) + default: + return fmt.Errorf("unsupported mount type %s for %s", m.Type, m.Destination) + } +} + +func (m *Mount) bindMount(rootfs, mountLabel string) error { + var ( + flags = syscall.MS_BIND | syscall.MS_REC + dest = filepath.Join(rootfs, m.Destination) + ) + + if !m.Writable { + flags = flags | syscall.MS_RDONLY + } + + stat, err := os.Stat(m.Source) + if err != nil { + return err + } + + // FIXME: (crosbymichael) This does not belong here and should be done a layer above + dest, err = symlink.FollowSymlinkInScope(dest, rootfs) + if err != nil { + return err + } + + if err := createIfNotExists(dest, stat.IsDir()); err != nil { + return fmt.Errorf("creating new bind mount target %s", err) + } + + if err := syscall.Mount(m.Source, dest, "bind", uintptr(flags), ""); err != nil { + return fmt.Errorf("mounting %s into %s %s", m.Source, dest, err) + } + + if !m.Writable { + if err := syscall.Mount(m.Source, dest, "bind", uintptr(flags|syscall.MS_REMOUNT), ""); err != nil { + return fmt.Errorf("remounting %s into %s %s", m.Source, dest, err) + } + } + + if m.Relabel != "" { + if err := label.Relabel(m.Source, mountLabel, m.Relabel); err != nil { + return fmt.Errorf("relabeling %s to %s %s", m.Source, mountLabel, err) + } + } + + if m.Private { + if err := syscall.Mount("", dest, "none", uintptr(syscall.MS_PRIVATE), ""); err != nil { + return fmt.Errorf("mounting %s private %s", dest, err) + } + } + + return nil +} + +func (m *Mount) tmpfsMount(rootfs, mountLabel string) error { + var ( + err error + l = label.FormatMountLabel("", mountLabel) + dest = filepath.Join(rootfs, m.Destination) + ) + + // FIXME: (crosbymichael) This does not belong here and should be done a layer above + if dest, err = symlink.FollowSymlinkInScope(dest, rootfs); err != nil { + return err + } + + if err := createIfNotExists(dest, true); err != nil { + return fmt.Errorf("creating new tmpfs mount target %s", err) + } + + if err := syscall.Mount("tmpfs", dest, "tmpfs", uintptr(defaultMountFlags), l); err != nil { + return fmt.Errorf("%s mounting %s in tmpfs", err, dest) + } + + return nil +} diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/mount/types.go b/components/engine/vendor/src/github.com/docker/libcontainer/mount/mount_config.go similarity index 59% rename from components/engine/vendor/src/github.com/docker/libcontainer/mount/types.go rename to components/engine/vendor/src/github.com/docker/libcontainer/mount/mount_config.go index 063bbac1c5..eef9b8ce4d 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/mount/types.go +++ b/components/engine/vendor/src/github.com/docker/libcontainer/mount/mount_config.go @@ -6,6 +6,8 @@ import ( "github.com/docker/libcontainer/devices" ) +var ErrUnsupported = errors.New("Unsupported method") + type MountConfig struct { // NoPivotRoot will use MS_MOVE and a chroot to jail the process into the container's rootfs // This is a common option when the container is running in ramdisk @@ -17,33 +19,10 @@ type MountConfig struct { // Mounts specify additional source and destination paths that will be mounted inside the container's // rootfs and mount namespace if specified - Mounts Mounts `json:"mounts,omitempty"` + Mounts []*Mount `json:"mounts,omitempty"` // The device nodes that should be automatically created within the container upon container start. Note, make sure that the node is marked as allowed in the cgroup as well! DeviceNodes []*devices.Device `json:"device_nodes,omitempty"` MountLabel string `json:"mount_label,omitempty"` } - -type Mount struct { - Type string `json:"type,omitempty"` - Source string `json:"source,omitempty"` // Source path, in the host namespace - Destination string `json:"destination,omitempty"` // Destination path, in the container - Writable bool `json:"writable,omitempty"` - Relabel string `json:"relabel,omitempty"` // Relabel source if set, "z" indicates shared, "Z" indicates unshared - Private bool `json:"private,omitempty"` -} - -type Mounts []Mount - -var ErrUnsupported = errors.New("Unsupported method") - -func (s Mounts) OfType(t string) Mounts { - out := Mounts{} - for _, m := range s { - if m.Type == t { - out = append(out, m) - } - } - return out -} diff --git a/components/engine/vendor/src/github.com/docker/libcontainer/sample_configs/minimal.json b/components/engine/vendor/src/github.com/docker/libcontainer/sample_configs/minimal.json index c08c996797..8d85ddf7da 100644 --- a/components/engine/vendor/src/github.com/docker/libcontainer/sample_configs/minimal.json +++ b/components/engine/vendor/src/github.com/docker/libcontainer/sample_configs/minimal.json @@ -166,6 +166,12 @@ "path": "/dev/random", "type": 99 } + ], + "mounts": [ + { + "type": "tmpfs", + "destination": "/tmp" + } ] }, "environment": [ From 0886b9cbe53af5169216f0c0dc584e7abe67cf92 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Mon, 1 Sep 2014 15:18:30 -0700 Subject: [PATCH 106/540] Update mount struct with reference Signed-off-by: Michael Crosby Upstream-commit: 688741df31396ece5f72cbc5ecc0250b3d06a8bc Component: engine --- components/engine/daemon/execdriver/native/create.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/daemon/execdriver/native/create.go b/components/engine/daemon/execdriver/native/create.go index 8a13f23862..8f40407c06 100644 --- a/components/engine/daemon/execdriver/native/create.go +++ b/components/engine/daemon/execdriver/native/create.go @@ -161,7 +161,7 @@ func (d *driver) setupCgroups(container *libcontainer.Config, c *execdriver.Comm func (d *driver) setupMounts(container *libcontainer.Config, c *execdriver.Command) error { for _, m := range c.Mounts { - container.MountConfig.Mounts = append(container.MountConfig.Mounts, mount.Mount{ + container.MountConfig.Mounts = append(container.MountConfig.Mounts, &mount.Mount{ Type: "bind", Source: m.Source, Destination: m.Destination, From 5f3cf0d988b940b6dff897b63aa59f59a2c54b15 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Mon, 1 Sep 2014 16:28:02 -0700 Subject: [PATCH 107/540] Make nat test less racy and accurate Signed-off-by: Michael Crosby Upstream-commit: 72652c597385980c1bf6adebe4cded760dbf2663 Component: engine --- .../integration-cli/docker_cli_nat_test.go | 30 ++++--------------- 1 file changed, 6 insertions(+), 24 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_nat_test.go b/components/engine/integration-cli/docker_cli_nat_test.go index caa41aa0ab..ae57fa5ff2 100644 --- a/components/engine/integration-cli/docker_cli_nat_test.go +++ b/components/engine/integration-cli/docker_cli_nat_test.go @@ -1,13 +1,11 @@ package main import ( - "encoding/json" "fmt" "net" "os/exec" + "strings" "testing" - - "github.com/docker/docker/daemon" ) func TestNetworkNat(t *testing.T) { @@ -26,39 +24,23 @@ func TestNetworkNat(t *testing.T) { t.Fatalf("Error retrieving the up for eth0: %s", err) } - runCmd := exec.Command(dockerBinary, "run", "-d", "-p", "8080", "busybox", "nc", "-lp", "8080") + runCmd := exec.Command(dockerBinary, "run", "-dt", "-p", "8080:8080", "busybox", "nc", "-lp", "8080") out, _, err := runCommandWithOutput(runCmd) errorOut(err, t, fmt.Sprintf("run1 failed with errors: %v (%s)", err, out)) cleanedContainerID := stripTrailingCharacters(out) - inspectCmd := exec.Command(dockerBinary, "inspect", cleanedContainerID) - inspectOut, _, err := runCommandWithOutput(inspectCmd) - errorOut(err, t, fmt.Sprintf("out should've been a container id: %v %v", inspectOut, err)) - - containers := []*daemon.Container{} - if err := json.Unmarshal([]byte(inspectOut), &containers); err != nil { - t.Fatalf("Error inspecting the container: %s", err) - } - if len(containers) != 1 { - t.Fatalf("Unepexted container count. Expected 0, recieved: %d", len(containers)) - } - - port8080, exists := containers[0].NetworkSettings.Ports["8080/tcp"] - if !exists || len(port8080) == 0 { - t.Fatal("Port 8080/tcp not found in NetworkSettings") - } - - runCmd = exec.Command(dockerBinary, "run", "-p", "8080", "busybox", "sh", "-c", fmt.Sprintf("echo hello world | nc -w 30 %s %s", ifaceIp, port8080[0].HostPort)) + runCmd = exec.Command(dockerBinary, "run", "busybox", "sh", "-c", fmt.Sprintf("echo hello world | nc -w 30 %s 8080", ifaceIp)) out, _, err = runCommandWithOutput(runCmd) errorOut(err, t, fmt.Sprintf("run2 failed with errors: %v (%s)", err, out)) runCmd = exec.Command(dockerBinary, "logs", cleanedContainerID) out, _, err = runCommandWithOutput(runCmd) errorOut(err, t, fmt.Sprintf("failed to retrieve logs for container: %v %v", cleanedContainerID, err)) + out = strings.Trim(out, "\r\n") - if expected := "hello world\n"; out != expected { - t.Fatalf("Unexpected output. Expected: %s, recieved: -->%s<--", expected, out) + if expected := "hello world"; out != expected { + t.Fatalf("Unexpected output. Expected: %q, received: %q for iface %s", expected, out, ifaceIp) } killCmd := exec.Command(dockerBinary, "kill", cleanedContainerID) From ef9df7ad175fa73f19520f9e14db6d9c616e0871 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Mon, 1 Sep 2014 17:09:52 -0700 Subject: [PATCH 108/540] Add more error info to TestDockerRunEchoStdoutWithMemoryLimit This test fails on my CI server often so we need more info when it does happen with this test. Signed-off-by: Michael Crosby Upstream-commit: c0a5ec75c5a8f2d3ccb2f0c1a90f30bb20cdd60b Component: engine --- components/engine/integration-cli/docker_cli_run_test.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index 81198ce213..00bbb2b2ca 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -41,8 +41,10 @@ func TestDockerRunEchoStdoutWithMemoryLimit(t *testing.T) { out, _, _, err := runCommandWithStdoutStderr(runCmd) errorOut(err, t, out) - if out != "test\n" { - t.Errorf("container should've printed 'test'") + out = strings.Trim(out, "\r\n") + + if expected := "test"; out != expected { + t.Errorf("container should've printed %q but printed %q", expected, out) } From 9046d6de2cb254400727423a8181e35535404d4b Mon Sep 17 00:00:00 2001 From: unclejack Date: Tue, 2 Sep 2014 17:35:25 +0300 Subject: [PATCH 109/540] clean up context on build completion & add test Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 18587469789594f7ca26fc942c6d23b971a14dd3 Component: engine --- components/engine/builder/evaluator.go | 5 ++++ .../integration-cli/docker_cli_build_test.go | 25 +++++++++++++++++++ components/engine/integration-cli/utils.go | 18 +++++++++++++ 3 files changed, 48 insertions(+) diff --git a/components/engine/builder/evaluator.go b/components/engine/builder/evaluator.go index 33d8f080e0..19d4cbcbb6 100644 --- a/components/engine/builder/evaluator.go +++ b/components/engine/builder/evaluator.go @@ -30,6 +30,7 @@ import ( "github.com/docker/docker/builder/parser" "github.com/docker/docker/daemon" "github.com/docker/docker/engine" + "github.com/docker/docker/pkg/log" "github.com/docker/docker/pkg/tarsum" "github.com/docker/docker/registry" "github.com/docker/docker/runconfig" @@ -163,6 +164,10 @@ func (b *Builder) Run(context io.Reader) (string, error) { return "", fmt.Errorf("No image was generated. Is your Dockerfile empty?\n") } + if err := os.RemoveAll(b.contextPath); err != nil { + log.Debugf("[BUILDER] failed to remove temporary context: %s", err) + } + fmt.Fprintf(b.OutStream, "Successfully built %s\n", utils.TruncateID(b.image)) return b.image, nil } diff --git a/components/engine/integration-cli/docker_cli_build_test.go b/components/engine/integration-cli/docker_cli_build_test.go index e6572a1bf4..7e1d7291ac 100644 --- a/components/engine/integration-cli/docker_cli_build_test.go +++ b/components/engine/integration-cli/docker_cli_build_test.go @@ -706,6 +706,31 @@ func TestBuildEnv(t *testing.T) { logDone("build - env") } +func TestBuildContextCleanup(t *testing.T) { + name := "testbuildcontextcleanup" + defer deleteImages(name) + entries, err := ioutil.ReadDir("/var/lib/docker/tmp") + if err != nil { + t.Fatalf("failed to list contents of tmp dir: %s", err) + } + _, err = buildImage(name, + `FROM scratch + ENTRYPOINT ["/bin/echo"]`, + true) + if err != nil { + t.Fatal(err) + } + entriesFinal, err := ioutil.ReadDir("/var/lib/docker/tmp") + if err != nil { + t.Fatalf("failed to list contents of tmp dir: %s", err) + } + if err = compareDirectoryEntries(entries, entriesFinal); err != nil { + t.Fatalf("context should have been deleted, but wasn't") + } + + logDone("build - verify context cleanup works properly") +} + func TestBuildCmd(t *testing.T) { name := "testbuildcmd" expected := "[/bin/echo Hello World]" diff --git a/components/engine/integration-cli/utils.go b/components/engine/integration-cli/utils.go index b01fdd85fa..e4a1e95fbe 100644 --- a/components/engine/integration-cli/utils.go +++ b/components/engine/integration-cli/utils.go @@ -5,6 +5,7 @@ import ( "encoding/json" "fmt" "io" + "os" "os/exec" "reflect" "strings" @@ -175,3 +176,20 @@ func waitRun(contId string) error { return nil } + +func compareDirectoryEntries(e1 []os.FileInfo, e2 []os.FileInfo) error { + var ( + e1Entries = make(map[string]struct{}) + e2Entries = make(map[string]struct{}) + ) + for _, e := range e1 { + e1Entries[e.Name()] = struct{}{} + } + for _, e := range e2 { + e2Entries[e.Name()] = struct{}{} + } + if !reflect.DeepEqual(e1Entries, e2Entries) { + return fmt.Errorf("entries differ") + } + return nil +} From c02ebae1f7625948821f759c93e962feaa44eae6 Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Wed, 23 Jul 2014 14:12:42 -0400 Subject: [PATCH 110/540] Add Daemon test utils Docker-DCO-1.1-Signed-off-by: Tibor Vass (github: tiborvass) Upstream-commit: 054b921a2c140f9b8250f6c7e12dec9fba23ce0f Component: engine --- components/engine/hack/make.sh | 1 + .../engine/hack/make/test-integration-cli | 8 +- .../engine/integration-cli/docker_utils.go | 209 ++++++++++++++++++ 3 files changed, 215 insertions(+), 3 deletions(-) diff --git a/components/engine/hack/make.sh b/components/engine/hack/make.sh index 05e3310889..13307c4f4d 100755 --- a/components/engine/hack/make.sh +++ b/components/engine/hack/make.sh @@ -156,6 +156,7 @@ go_test_dir() { testcover=( -cover -coverprofile "$coverprofile" $coverpkg ) fi ( + export DEST echo '+ go test' $TESTFLAGS "${DOCKER_PKG}${dir#.}" cd "$dir" go test ${testcover[@]} -ldflags "$LDFLAGS" "${BUILDFLAGS[@]}" $TESTFLAGS diff --git a/components/engine/hack/make/test-integration-cli b/components/engine/hack/make/test-integration-cli index 837bd8737a..e371fac071 100644 --- a/components/engine/hack/make/test-integration-cli +++ b/components/engine/hack/make/test-integration-cli @@ -38,7 +38,9 @@ exec > >(tee -a $DEST/test.log) 2>&1 bundle_test_integration_cli - DOCKERD_PID=$(set -x; cat $DEST/docker.pid) - ( set -x; kill $DOCKERD_PID ) - wait $DOCKERD_PID || true + for pid in $(find "$DEST" -name docker.pid); do + DOCKER_PID=$(set -x; cat "$pid") + ( set -x; kill $DOCKER_PID ) + wait $DOCKERD_PID || true + done ) diff --git a/components/engine/integration-cli/docker_utils.go b/components/engine/integration-cli/docker_utils.go index cf1dd203f8..6133f3727b 100644 --- a/components/engine/integration-cli/docker_utils.go +++ b/components/engine/integration-cli/docker_utils.go @@ -1,11 +1,14 @@ package main import ( + "errors" "fmt" "io" "io/ioutil" + "net" "net/http" "net/http/httptest" + "net/http/httputil" "os" "os/exec" "path" @@ -13,8 +16,214 @@ import ( "strconv" "strings" "testing" + "time" ) +// Daemon represents a Docker daemon for the testing framework. +type Daemon struct { + t *testing.T + logFile *os.File + folder string + stdin io.WriteCloser + stdout, stderr io.ReadCloser + cmd *exec.Cmd + storageDriver string + execDriver string + wait chan error +} + +// NewDaemon returns a Daemon instance to be used for testing. +// This will create a directory such as daemon123456789 in the folder specified by $DEST. +// The daemon will not automatically start. +func NewDaemon(t *testing.T) *Daemon { + dest := os.Getenv("DEST") + if dest == "" { + t.Fatal("Please set the DEST environment variable") + } + + dir := filepath.Join(dest, fmt.Sprintf("daemon%d", time.Now().Unix())) + daemonFolder, err := filepath.Abs(dir) + if err != nil { + t.Fatal("Could not make '%s' an absolute path: %v", dir, err) + } + + if err := os.MkdirAll(filepath.Join(daemonFolder, "graph"), 0600); err != nil { + t.Fatal("Could not create %s/graph directory", daemonFolder) + } + + return &Daemon{ + t: t, + folder: daemonFolder, + storageDriver: os.Getenv("DOCKER_GRAPHDRIVER"), + execDriver: os.Getenv("DOCKER_EXECDRIVER"), + } +} + +// Start will start the daemon and return once it is ready to receive requests. +// You can specify additional daemon flags (e.g. "--restart=false"). +func (d *Daemon) Start(arg ...string) error { + dockerBinary, err := exec.LookPath(dockerBinary) + if err != nil { + d.t.Fatalf("could not find docker binary in $PATH: %v", err) + } + + args := []string{ + "--host", d.sock(), + "--daemon", "--debug", + "--graph", fmt.Sprintf("%s/graph", d.folder), + "--storage-driver", d.storageDriver, + "--exec-driver", d.execDriver, + "--pidfile", fmt.Sprintf("%s/docker.pid", d.folder), + } + args = append(args, arg...) + d.cmd = exec.Command(dockerBinary, args...) + + d.logFile, err = os.OpenFile(filepath.Join(d.folder, "docker.log"), os.O_WRONLY|os.O_CREATE|os.O_APPEND, 0600) + if err != nil { + d.t.Fatalf("Could not create %s/docker.log: %v", d.folder, err) + } + + d.cmd.Stdout = d.logFile + d.cmd.Stderr = d.logFile + + if err := d.cmd.Start(); err != nil { + return fmt.Errorf("Could not start daemon container: %v", err) + } + + d.wait = make(chan error) + + go func() { + d.wait <- d.cmd.Wait() + d.t.Log("exiting daemon") + close(d.wait) + }() + + tick := time.Tick(500 * time.Millisecond) + // make sure daemon is ready to receive requests + for { + d.t.Log("waiting for daemon to start") + select { + case <-time.After(2 * time.Second): + return errors.New("timeout: daemon does not respond") + case <-tick: + c, err := net.Dial("unix", filepath.Join(d.folder, "docker.sock")) + if err != nil { + continue + } + + client := httputil.NewClientConn(c, nil) + defer client.Close() + + req, err := http.NewRequest("GET", "/_ping", nil) + if err != nil { + d.t.Fatalf("could not create new request: %v", err) + } + + resp, err := client.Do(req) + if err != nil { + continue + } + if resp.StatusCode != http.StatusOK { + d.t.Logf("received status != 200 OK: %s", resp.Status) + } + + d.t.Log("daemon started") + return nil + } + } +} + +// StartWithBusybox will first start the daemon with Daemon.Start() +// then save the busybox image from the main daemon and load it into this Daemon instance. +func (d *Daemon) StartWithBusybox(arg ...string) error { + if err := d.Start(arg...); err != nil { + return err + } + bb := filepath.Join(d.folder, "busybox.tar") + if _, err := os.Stat(bb); err != nil { + if !os.IsNotExist(err) { + return fmt.Errorf("unexpected error on busybox.tar stat: %v", err) + } + // saving busybox image from main daemon + if err := exec.Command(dockerBinary, "save", "--output", bb, "busybox:latest").Run(); err != nil { + return fmt.Errorf("could not save busybox image: %v", err) + } + } + // loading busybox image to this daemon + if _, err := d.Cmd("load", "--input", bb); err != nil { + return fmt.Errorf("could not load busybox image: %v", err) + } + if err := os.Remove(bb); err != nil { + d.t.Logf("Could not remove %s: %v", bb, err) + } + return nil +} + +// Stop will send a SIGINT every second and wait for the daemon to stop. +// If it timeouts, a SIGKILL is sent. +// Stop will not delete the daemon directory. If a purged daemon is needed, +// instantiate a new one with NewDaemon. +func (d *Daemon) Stop() error { + if d.cmd == nil || d.wait == nil { + return errors.New("Daemon not started") + } + + defer func() { + d.logFile.Close() + d.cmd = nil + }() + + i := 1 + tick := time.Tick(time.Second) + + if err := d.cmd.Process.Signal(os.Interrupt); err != nil { + return fmt.Errorf("Could not send signal: %v", err) + } +out: + for { + select { + case err := <-d.wait: + return err + case <-time.After(20 * time.Second): + d.t.Log("timeout") + break out + case <-tick: + d.t.Logf("Attempt #%d: daemon is still running with pid %d", i+1, d.cmd.Process.Pid) + if err := d.cmd.Process.Signal(os.Interrupt); err != nil { + return fmt.Errorf("Could not send signal: %v", err) + } + i++ + } + } + + if err := d.cmd.Process.Kill(); err != nil { + d.t.Logf("Could not kill daemon: %v", err) + return err + } + + return nil +} + +// Restart will restart the daemon by first stopping it and then starting it. +func (d *Daemon) Restart(arg ...string) error { + d.Stop() + return d.Start(arg...) +} + +func (d *Daemon) sock() string { + return fmt.Sprintf("unix://%s/docker.sock", d.folder) +} + +// Cmd will execute a docker CLI command against this Daemon. +// Example: d.Cmd("version") will run docker -H unix://path/to/unix.sock version +func (d *Daemon) Cmd(name string, arg ...string) (string, error) { + args := []string{"--host", d.sock(), name} + args = append(args, arg...) + c := exec.Command(dockerBinary, args...) + b, err := c.CombinedOutput() + return string(b), err +} + func deleteContainer(container string) error { container = strings.Replace(container, "\n", " ", -1) container = strings.Trim(container, " ") From 4444b40c84468ebbe039247c1523d92e3d04f974 Mon Sep 17 00:00:00 2001 From: Erik Hollensbe Date: Wed, 27 Aug 2014 12:21:56 -0700 Subject: [PATCH 111/540] hack/make: fix test-unit target to propogate TESTFLAGS properly Docker-DCO-1.1-Signed-off-by: Erik Hollensbe (github: erikh) Upstream-commit: 9a2d4e92730a576a05e40f7575a6c90512896e87 Component: engine --- components/engine/hack/make/test-unit | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/hack/make/test-unit b/components/engine/hack/make/test-unit index 03172f9eab..3bac5920d1 100644 --- a/components/engine/hack/make/test-unit +++ b/components/engine/hack/make/test-unit @@ -56,7 +56,7 @@ go_run_test_dir() { echo echo '+ go test' $TESTFLAGS "${DOCKER_PKG}${dir#.}" precompiled="$DEST/precompiled/$dir.test" - if ! ( cd "$dir" && "$precompiled" ); then + if ! ( cd "$dir" && "$precompiled" $TESTFLAGS ); then TESTS_FAILED+=("$dir") echo echo "${RED}Tests failed: $dir${TEXTRESET}" From e9f9032556e923563496ddf21390ce0ecb5f0229 Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Wed, 23 Jul 2014 14:39:14 -0400 Subject: [PATCH 112/540] Add TestDaemonRestartWithRunningContainersPorts Docker-DCO-1.1-Signed-off-by: Tibor Vass (github: tiborvass) Upstream-commit: a9971a89ccb0bd8688e7a8ab8058dcbb66d61687 Component: engine --- .../integration-cli/docker_cli_daemon_test.go | 50 +++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 components/engine/integration-cli/docker_cli_daemon_test.go diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go new file mode 100644 index 0000000000..da9724c492 --- /dev/null +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -0,0 +1,50 @@ +package main + +import ( + "strings" + "testing" +) + +func TestDaemonRestartWithRunningContainersPorts(t *testing.T) { + d := NewDaemon(t) + if err := d.StartWithBusybox(); err != nil { + t.Fatalf("Could not start daemon with busybox: %v", err) + } + defer d.Stop() + + if out, err := d.Cmd("run", "-d", "--name", "top1", "-p", "1234:80", "--restart", "always", "busybox:latest", "top"); err != nil { + t.Fatalf("Could not run top1: err=%v\n%s", err, out) + } + // --restart=no by default + if out, err := d.Cmd("run", "-d", "--name", "top2", "-p", "80", "busybox:latest", "top"); err != nil { + t.Fatalf("Could not run top2: err=%v\n%s", err, out) + } + + testRun := func(m map[string]bool, prefix string) { + var format string + for c, shouldRun := range m { + out, err := d.Cmd("ps") + if err != nil { + t.Fatalf("Could not run ps: err=%v\n%q", err, out) + } + if shouldRun { + format = "%scontainer %q is not running" + } else { + format = "%scontainer %q is running" + } + if shouldRun != strings.Contains(out, c) { + t.Fatalf(format, prefix, c) + } + } + } + + testRun(map[string]bool{"top1": true, "top2": true}, "") + + if err := d.Restart(); err != nil { + t.Fatalf("Could not restart daemon: %v", err) + } + + testRun(map[string]bool{"top1": true, "top2": false}, "After daemon restart: ") + + logDone("daemon - running containers on daemon restart") +} From 13e3017817633614176f4167c1e3f564681ea057 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Sun, 31 Aug 2014 19:20:35 +0400 Subject: [PATCH 113/540] Use State as embedded to Container Signed-off-by: Alexandr Morozov Upstream-commit: e0339d4b88989a31b72be02582eee72433d2f0ec Component: engine --- components/engine/builder/internals.go | 2 +- components/engine/daemon/attach.go | 2 +- components/engine/daemon/container.go | 38 +++++++++---------- components/engine/daemon/daemon.go | 18 ++++----- components/engine/daemon/delete.go | 2 +- components/engine/daemon/image_delete.go | 2 +- components/engine/daemon/list.go | 6 +-- components/engine/daemon/logs.go | 2 +- components/engine/daemon/monitor.go | 6 +-- components/engine/daemon/start.go | 2 +- components/engine/daemon/stop.go | 2 +- components/engine/daemon/top.go | 2 +- components/engine/daemon/wait.go | 2 +- .../engine/integration/commands_test.go | 24 ++++++------ .../engine/integration/container_test.go | 10 ++--- components/engine/integration/runtime_test.go | 16 ++++---- components/engine/integration/utils_test.go | 8 ++-- 17 files changed, 72 insertions(+), 72 deletions(-) diff --git a/components/engine/builder/internals.go b/components/engine/builder/internals.go index 1767d7d9dd..f9e9825518 100644 --- a/components/engine/builder/internals.go +++ b/components/engine/builder/internals.go @@ -413,7 +413,7 @@ func (b *Builder) run(c *daemon.Container) error { } // Wait for it to finish - if ret, _ := c.State.WaitStop(-1 * time.Second); ret != 0 { + if ret, _ := c.WaitStop(-1 * time.Second); ret != 0 { err := &utils.JSONError{ Message: fmt.Sprintf("The command %v returned a non-zero code: %d", b.Config.Cmd, ret), Code: ret, diff --git a/components/engine/daemon/attach.go b/components/engine/daemon/attach.go index 36dd13fb5e..7a4eb0bc99 100644 --- a/components/engine/daemon/attach.go +++ b/components/engine/daemon/attach.go @@ -106,7 +106,7 @@ func (daemon *Daemon) ContainerAttach(job *engine.Job) engine.Status { // If we are in stdinonce mode, wait for the process to end // otherwise, simply return if container.Config.StdinOnce && !container.Config.Tty { - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) } } return engine.StatusOK diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index 4469510b21..fa97553d8c 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -283,7 +283,7 @@ func (container *Container) Start() (err error) { container.Lock() defer container.Unlock() - if container.State.Running { + if container.Running { return nil } @@ -333,7 +333,7 @@ func (container *Container) Run() error { if err := container.Start(); err != nil { return err } - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) return nil } @@ -347,7 +347,7 @@ func (container *Container) Output() (output []byte, err error) { return nil, err } output, err = ioutil.ReadAll(pipe) - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) return output, err } @@ -533,11 +533,11 @@ func (container *Container) KillSig(sig int) error { defer container.Unlock() // We could unpause the container for them rather than returning this error - if container.State.Paused { + if container.Paused { return fmt.Errorf("Container %s is paused. Unpause the container before stopping", container.ID) } - if !container.State.Running { + if !container.Running { return nil } @@ -548,7 +548,7 @@ func (container *Container) KillSig(sig int) error { // if the container is currently restarting we do not need to send the signal // to the process. Telling the monitor that it should exit on it's next event // loop is enough - if container.State.Restarting { + if container.Restarting { return nil } @@ -556,27 +556,27 @@ func (container *Container) KillSig(sig int) error { } func (container *Container) Pause() error { - if container.State.IsPaused() { + if container.IsPaused() { return fmt.Errorf("Container %s is already paused", container.ID) } - if !container.State.IsRunning() { + if !container.IsRunning() { return fmt.Errorf("Container %s is not running", container.ID) } return container.daemon.Pause(container) } func (container *Container) Unpause() error { - if !container.State.IsPaused() { + if !container.IsPaused() { return fmt.Errorf("Container %s is not paused", container.ID) } - if !container.State.IsRunning() { + if !container.IsRunning() { return fmt.Errorf("Container %s is not running", container.ID) } return container.daemon.Unpause(container) } func (container *Container) Kill() error { - if !container.State.IsRunning() { + if !container.IsRunning() { return nil } @@ -586,9 +586,9 @@ func (container *Container) Kill() error { } // 2. Wait for the process to die, in last resort, try to kill the process directly - if _, err := container.State.WaitStop(10 * time.Second); err != nil { + if _, err := container.WaitStop(10 * time.Second); err != nil { // Ensure that we don't kill ourselves - if pid := container.State.GetPid(); pid != 0 { + if pid := container.GetPid(); pid != 0 { log.Infof("Container %s failed to exit within 10 seconds of kill - trying direct SIGKILL", utils.TruncateID(container.ID)) if err := syscall.Kill(pid, 9); err != nil { return err @@ -596,12 +596,12 @@ func (container *Container) Kill() error { } } - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) return nil } func (container *Container) Stop(seconds int) error { - if !container.State.IsRunning() { + if !container.IsRunning() { return nil } @@ -614,11 +614,11 @@ func (container *Container) Stop(seconds int) error { } // 2. Wait for the process to exit on its own - if _, err := container.State.WaitStop(time.Duration(seconds) * time.Second); err != nil { + if _, err := container.WaitStop(time.Duration(seconds) * time.Second); err != nil { log.Infof("Container %v failed to exit within %d seconds of SIGTERM - using the force", container.ID, seconds) // 3. If it doesn't, then send SIGKILL if err := container.Kill(); err != nil { - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) return err } } @@ -1006,7 +1006,7 @@ func (container *Container) setupLinkedContainers() ([]string, error) { } for linkAlias, child := range children { - if !child.State.IsRunning() { + if !child.IsRunning() { return nil, fmt.Errorf("Cannot link to a non running container: %s AS %s", child.Name, linkAlias) } @@ -1173,7 +1173,7 @@ func (container *Container) getNetworkedContainer() (*Container, error) { if nc == nil { return nil, fmt.Errorf("no such container to join network: %s", parts[1]) } - if !nc.State.IsRunning() { + if !nc.IsRunning() { return nil, fmt.Errorf("cannot join network of a non running container: %s", parts[1]) } return nc, nil diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go index 8e948c3f57..196d561acc 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go @@ -213,11 +213,11 @@ func (daemon *Daemon) register(container *Container, updateSuffixarray bool) err // FIXME: if the container is supposed to be running but is not, auto restart it? // if so, then we need to restart monitor and init a new lock // If the container is supposed to be running, make sure of it - if container.State.IsRunning() { + if container.IsRunning() { log.Debugf("killing old running container %s", container.ID) - existingPid := container.State.Pid - container.State.SetStopped(0) + existingPid := container.Pid + container.SetStopped(0) // We only have to handle this for lxc because the other drivers will ensure that // no processes are left when docker dies @@ -249,7 +249,7 @@ func (daemon *Daemon) register(container *Container, updateSuffixarray bool) err log.Debugf("Marking as stopped") - container.State.SetStopped(-127) + container.SetStopped(-127) if err := container.ToDisk(); err != nil { return err } @@ -363,7 +363,7 @@ func (daemon *Daemon) restore() error { for _, container := range registeredContainers { if container.hostConfig.RestartPolicy.Name == "always" || - (container.hostConfig.RestartPolicy.Name == "on-failure" && container.State.ExitCode != 0) { + (container.hostConfig.RestartPolicy.Name == "on-failure" && container.ExitCode != 0) { log.Debugf("Starting container %s", container.ID) if err := container.Start(); err != nil { @@ -891,7 +891,7 @@ func (daemon *Daemon) shutdown() error { log.Debugf("starting clean shutdown of all containers...") for _, container := range daemon.List() { c := container - if c.State.IsRunning() { + if c.IsRunning() { log.Debugf("stopping %s", c.ID) group.Add(1) @@ -900,7 +900,7 @@ func (daemon *Daemon) shutdown() error { if err := c.KillSig(15); err != nil { log.Debugf("kill 15 error for %s - %s", c.ID, err) } - c.State.WaitStop(-1 * time.Second) + c.WaitStop(-1 * time.Second) log.Debugf("container stopped %s", c.ID) }() } @@ -980,7 +980,7 @@ func (daemon *Daemon) Pause(c *Container) error { if err := daemon.execDriver.Pause(c.command); err != nil { return err } - c.State.SetPaused() + c.SetPaused() return nil } @@ -988,7 +988,7 @@ func (daemon *Daemon) Unpause(c *Container) error { if err := daemon.execDriver.Unpause(c.command); err != nil { return err } - c.State.SetUnpaused() + c.SetUnpaused() return nil } diff --git a/components/engine/daemon/delete.go b/components/engine/daemon/delete.go index 8a8331300a..de242090bc 100644 --- a/components/engine/daemon/delete.go +++ b/components/engine/daemon/delete.go @@ -50,7 +50,7 @@ func (daemon *Daemon) ContainerRm(job *engine.Job) engine.Status { } if container != nil { - if container.State.IsRunning() { + if container.IsRunning() { if forceRemove { if err := container.Kill(); err != nil { return job.Errorf("Could not kill running container, cannot remove - %v", err) diff --git a/components/engine/daemon/image_delete.go b/components/engine/daemon/image_delete.go index 77e8f85907..00e98edfbb 100644 --- a/components/engine/daemon/image_delete.go +++ b/components/engine/daemon/image_delete.go @@ -138,7 +138,7 @@ func (daemon *Daemon) canDeleteImage(imgID string, force, untagged bool) error { if err := parent.WalkHistory(func(p *image.Image) error { if imgID == p.ID { - if container.State.IsRunning() { + if container.IsRunning() { if force { return fmt.Errorf("Conflict, cannot force delete %s because the running container %s is using it%s, stop it and retry", utils.TruncateID(imgID), utils.TruncateID(container.ID), message) } diff --git a/components/engine/daemon/list.go b/components/engine/daemon/list.go index f24b8be2bd..6501626b97 100644 --- a/components/engine/daemon/list.go +++ b/components/engine/daemon/list.go @@ -70,7 +70,7 @@ func (daemon *Daemon) Containers(job *engine.Job) engine.Status { writeCont := func(container *Container) error { container.Lock() defer container.Unlock() - if !container.State.Running && !all && n <= 0 && since == "" && before == "" { + if !container.Running && !all && n <= 0 && since == "" && before == "" { return nil } if before != "" && !foundBefore { @@ -87,10 +87,10 @@ func (daemon *Daemon) Containers(job *engine.Job) engine.Status { return errLast } } - if len(filt_exited) > 0 && !container.State.Running { + if len(filt_exited) > 0 && !container.Running { should_skip := true for _, code := range filt_exited { - if code == container.State.GetExitCode() { + if code == container.GetExitCode() { should_skip = false break } diff --git a/components/engine/daemon/logs.go b/components/engine/daemon/logs.go index c9c2ab89ba..b65fb33227 100644 --- a/components/engine/daemon/logs.go +++ b/components/engine/daemon/logs.go @@ -111,7 +111,7 @@ func (daemon *Daemon) ContainerLogs(job *engine.Job) engine.Status { } } } - if follow && container.State.IsRunning() { + if follow && container.IsRunning() { errors := make(chan error, 2) if stdout { stdoutPipe := container.StdoutLogPipe() diff --git a/components/engine/daemon/monitor.go b/components/engine/daemon/monitor.go index e47245a86f..67ec67e137 100644 --- a/components/engine/daemon/monitor.go +++ b/components/engine/daemon/monitor.go @@ -110,7 +110,7 @@ func (m *containerMonitor) Start() error { defer func() { if afterRun { m.container.Lock() - m.container.State.setStopped(exitStatus) + m.container.setStopped(exitStatus) defer m.container.Unlock() } m.Close() @@ -152,7 +152,7 @@ func (m *containerMonitor) Start() error { m.resetMonitor(err == nil && exitStatus == 0) if m.shouldRestart(exitStatus) { - m.container.State.SetRestarting(exitStatus) + m.container.SetRestarting(exitStatus) m.container.LogEvent("die") m.resetContainer(true) @@ -243,7 +243,7 @@ func (m *containerMonitor) callback(processConfig *execdriver.ProcessConfig, pid } } - m.container.State.setRunning(pid) + m.container.setRunning(pid) // signal that the process has started // close channel only if not closed diff --git a/components/engine/daemon/start.go b/components/engine/daemon/start.go index 30e015496f..0540bda03f 100644 --- a/components/engine/daemon/start.go +++ b/components/engine/daemon/start.go @@ -22,7 +22,7 @@ func (daemon *Daemon) ContainerStart(job *engine.Job) engine.Status { return job.Errorf("No such container: %s", name) } - if container.State.IsRunning() { + if container.IsRunning() { return job.Errorf("Container already started") } diff --git a/components/engine/daemon/stop.go b/components/engine/daemon/stop.go index f1851291fb..1a098a1ad3 100644 --- a/components/engine/daemon/stop.go +++ b/components/engine/daemon/stop.go @@ -16,7 +16,7 @@ func (daemon *Daemon) ContainerStop(job *engine.Job) engine.Status { t = job.GetenvInt("t") } if container := daemon.Get(name); container != nil { - if !container.State.IsRunning() { + if !container.IsRunning() { return job.Errorf("Container already stopped") } if err := container.Stop(int(t)); err != nil { diff --git a/components/engine/daemon/top.go b/components/engine/daemon/top.go index f7b981d10a..4d916ee5dc 100644 --- a/components/engine/daemon/top.go +++ b/components/engine/daemon/top.go @@ -22,7 +22,7 @@ func (daemon *Daemon) ContainerTop(job *engine.Job) engine.Status { } if container := daemon.Get(name); container != nil { - if !container.State.IsRunning() { + if !container.IsRunning() { return job.Errorf("Container %s is not running", name) } pids, err := daemon.ExecutionDriver().GetPidsForContainer(container.ID) diff --git a/components/engine/daemon/wait.go b/components/engine/daemon/wait.go index 7224b6231f..b7f5a139f8 100644 --- a/components/engine/daemon/wait.go +++ b/components/engine/daemon/wait.go @@ -12,7 +12,7 @@ func (daemon *Daemon) ContainerWait(job *engine.Job) engine.Status { } name := job.Args[0] if container := daemon.Get(name); container != nil { - status, _ := container.State.WaitStop(-1 * time.Second) + status, _ := container.WaitStop(-1 * time.Second) job.Printf("%d\n", status) return engine.StatusOK } diff --git a/components/engine/integration/commands_test.go b/components/engine/integration/commands_test.go index a4422a4c46..e388e560a6 100644 --- a/components/engine/integration/commands_test.go +++ b/components/engine/integration/commands_test.go @@ -57,7 +57,7 @@ func waitContainerStart(t *testing.T, timeout time.Duration) *daemon.Container { setTimeout(t, "Waiting for the container to be started timed out", timeout, func() { for { l := globalDaemon.List() - if len(l) == 1 && l[0].State.IsRunning() { + if len(l) == 1 && l[0].IsRunning() { container = l[0] break } @@ -150,8 +150,8 @@ func TestRunDisconnect(t *testing.T) { // cause /bin/cat to exit. setTimeout(t, "Waiting for /bin/cat to exit timed out", 2*time.Second, func() { container := globalDaemon.List()[0] - container.State.WaitStop(-1 * time.Second) - if container.State.IsRunning() { + container.WaitStop(-1 * time.Second) + if container.IsRunning() { t.Fatalf("/bin/cat is still running after closing stdin") } }) @@ -202,8 +202,8 @@ func TestRunDisconnectTty(t *testing.T) { // In tty mode, we expect the process to stay alive even after client's stdin closes. // Give some time to monitor to do his thing - container.State.WaitStop(500 * time.Millisecond) - if !container.State.IsRunning() { + container.WaitStop(500 * time.Millisecond) + if !container.IsRunning() { t.Fatalf("/bin/cat should still be running after closing stdin (tty mode)") } } @@ -247,7 +247,7 @@ func TestRunDetach(t *testing.T) { closeWrap(stdin, stdinPipe, stdout, stdoutPipe) time.Sleep(500 * time.Millisecond) - if !container.State.IsRunning() { + if !container.IsRunning() { t.Fatal("The detached container should be still running") } @@ -328,7 +328,7 @@ func TestAttachDetach(t *testing.T) { closeWrap(stdin, stdinPipe, stdout, stdoutPipe) time.Sleep(500 * time.Millisecond) - if !container.State.IsRunning() { + if !container.IsRunning() { t.Fatal("The detached container should be still running") } @@ -393,7 +393,7 @@ func TestAttachDetachTruncatedID(t *testing.T) { closeWrap(stdin, stdinPipe, stdout, stdoutPipe) time.Sleep(500 * time.Millisecond) - if !container.State.IsRunning() { + if !container.IsRunning() { t.Fatal("The detached container should be still running") } @@ -426,7 +426,7 @@ func TestAttachDisconnect(t *testing.T) { setTimeout(t, "Waiting for the container to be started timed out", 10*time.Second, func() { for { l := globalDaemon.List() - if len(l) == 1 && l[0].State.IsRunning() { + if len(l) == 1 && l[0].IsRunning() { break } time.Sleep(10 * time.Millisecond) @@ -461,15 +461,15 @@ func TestAttachDisconnect(t *testing.T) { // We closed stdin, expect /bin/cat to still be running // Wait a little bit to make sure container.monitor() did his thing - _, err := container.State.WaitStop(500 * time.Millisecond) - if err == nil || !container.State.IsRunning() { + _, err := container.WaitStop(500 * time.Millisecond) + if err == nil || !container.IsRunning() { t.Fatalf("/bin/cat is not running after closing stdin") } // Try to avoid the timeout in destroy. Best effort, don't check error cStdin, _ := container.StdinPipe() cStdin.Close() - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) } // Expected behaviour: container gets deleted automatically after exit diff --git a/components/engine/integration/container_test.go b/components/engine/integration/container_test.go index 60f3e55bc5..6486c5ad4b 100644 --- a/components/engine/integration/container_test.go +++ b/components/engine/integration/container_test.go @@ -42,7 +42,7 @@ func TestRestartStdin(t *testing.T) { if err := stdin.Close(); err != nil { t.Fatal(err) } - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) output, err := ioutil.ReadAll(stdout) if err != nil { t.Fatal(err) @@ -72,7 +72,7 @@ func TestRestartStdin(t *testing.T) { if err := stdin.Close(); err != nil { t.Fatal(err) } - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) output, err = ioutil.ReadAll(stdout) if err != nil { t.Fatal(err) @@ -120,7 +120,7 @@ func TestStdin(t *testing.T) { if err := stdin.Close(); err != nil { t.Fatal(err) } - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) output, err := ioutil.ReadAll(stdout) if err != nil { t.Fatal(err) @@ -165,7 +165,7 @@ func TestTty(t *testing.T) { if err := stdin.Close(); err != nil { t.Fatal(err) } - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) output, err := ioutil.ReadAll(stdout) if err != nil { t.Fatal(err) @@ -227,7 +227,7 @@ func BenchmarkRunParallel(b *testing.B) { complete <- err return } - if _, err := container.State.WaitStop(15 * time.Second); err != nil { + if _, err := container.WaitStop(15 * time.Second); err != nil { complete <- err return } diff --git a/components/engine/integration/runtime_test.go b/components/engine/integration/runtime_test.go index d81a13d8a9..d6427adf5d 100644 --- a/components/engine/integration/runtime_test.go +++ b/components/engine/integration/runtime_test.go @@ -492,13 +492,13 @@ func startEchoServerContainer(t *testing.T, proto string) (*daemon.Daemon, *daem } setTimeout(t, "Waiting for the container to be started timed out", 2*time.Second, func() { - for !container.State.IsRunning() { + for !container.IsRunning() { time.Sleep(10 * time.Millisecond) } }) // Even if the state is running, lets give some time to lxc to spawn the process - container.State.WaitStop(500 * time.Millisecond) + container.WaitStop(500 * time.Millisecond) strPort = container.NetworkSettings.Ports[p][0].HostPort return daemon, container, strPort @@ -606,17 +606,17 @@ func TestRestore(t *testing.T) { t.Fatal(err) } - if !container2.State.IsRunning() { + if !container2.IsRunning() { t.Fatalf("Container %v should appear as running but isn't", container2.ID) } // Simulate a crash/manual quit of dockerd: process dies, states stays 'Running' cStdin, _ := container2.StdinPipe() cStdin.Close() - if _, err := container2.State.WaitStop(2 * time.Second); err != nil { + if _, err := container2.WaitStop(2 * time.Second); err != nil { t.Fatal(err) } - container2.State.SetRunning(42) + container2.SetRunning(42) container2.ToDisk() if len(daemon1.List()) != 2 { @@ -626,7 +626,7 @@ func TestRestore(t *testing.T) { t.Fatal(err) } - if !container2.State.IsRunning() { + if !container2.IsRunning() { t.Fatalf("Container %v should appear as running but isn't", container2.ID) } @@ -639,7 +639,7 @@ func TestRestore(t *testing.T) { } runningCount := 0 for _, c := range daemon2.List() { - if c.State.IsRunning() { + if c.IsRunning() { t.Errorf("Running container found: %v (%v)", c.ID, c.Path) runningCount++ } @@ -654,7 +654,7 @@ func TestRestore(t *testing.T) { if err := container3.Run(); err != nil { t.Fatal(err) } - container2.State.SetStopped(0) + container2.SetStopped(0) } func TestDefaultContainerName(t *testing.T) { diff --git a/components/engine/integration/utils_test.go b/components/engine/integration/utils_test.go index 7962886d2e..bab7b09dcf 100644 --- a/components/engine/integration/utils_test.go +++ b/components/engine/integration/utils_test.go @@ -96,12 +96,12 @@ func containerAttach(eng *engine.Engine, id string, t log.Fataler) (io.WriteClos } func containerWait(eng *engine.Engine, id string, t log.Fataler) int { - ex, _ := getContainer(eng, id, t).State.WaitStop(-1 * time.Second) + ex, _ := getContainer(eng, id, t).WaitStop(-1 * time.Second) return ex } func containerWaitTimeout(eng *engine.Engine, id string, t log.Fataler) error { - _, err := getContainer(eng, id, t).State.WaitStop(500 * time.Millisecond) + _, err := getContainer(eng, id, t).WaitStop(500 * time.Millisecond) return err } @@ -112,7 +112,7 @@ func containerKill(eng *engine.Engine, id string, t log.Fataler) { } func containerRunning(eng *engine.Engine, id string, t log.Fataler) bool { - return getContainer(eng, id, t).State.IsRunning() + return getContainer(eng, id, t).IsRunning() } func containerAssertExists(eng *engine.Engine, id string, t log.Fataler) { @@ -303,7 +303,7 @@ func runContainer(eng *engine.Engine, r *daemon.Daemon, args []string, t *testin return "", err } - container.State.WaitStop(-1 * time.Second) + container.WaitStop(-1 * time.Second) data, err := ioutil.ReadAll(stdout) if err != nil { return "", err From ba6779868a13cfdc90494fffde797aac5b91d164 Mon Sep 17 00:00:00 2001 From: Victor Vieux Date: Wed, 3 Sep 2014 00:17:08 +0000 Subject: [PATCH 114/540] Add a progress bar for ADD Signed-off-by: Victor Vieux Upstream-commit: 4e40d09a2b13c1f7886783fa66b9fdfeb5369375 Component: engine --- components/engine/builder/internals.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/components/engine/builder/internals.go b/components/engine/builder/internals.go index f9e9825518..62fff0701b 100644 --- a/components/engine/builder/internals.go +++ b/components/engine/builder/internals.go @@ -151,10 +151,11 @@ func (b *Builder) runContextCommand(args []string, allowRemote bool, allowDecomp defer os.RemoveAll(tmpDirName) // Download and dump result to tmp file - if _, err := io.Copy(tmpFile, resp.Body); err != nil { + if _, err := io.Copy(tmpFile, utils.ProgressReader(resp.Body, int(resp.ContentLength), b.OutOld, b.StreamFormatter, true, "", "Downloading")); err != nil { tmpFile.Close() return err } + fmt.Fprintf(b.OutStream, "\n") tmpFile.Close() // Remove the mtime of the newly created tmp file From 475881edb253e7da9ca11e03d9771c5b57bbbc7b Mon Sep 17 00:00:00 2001 From: Byung Kang Date: Fri, 29 Aug 2014 10:48:43 -0500 Subject: [PATCH 115/540] Cleanup: Typo in job.go Signed-off-by: Byung Kang Upstream-commit: cc84ec3f6182a7af9ef881939305cf1ac13a383a Component: engine --- components/engine/engine/job.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/components/engine/engine/job.go b/components/engine/engine/job.go index 1c2521206c..5b0080167d 100644 --- a/components/engine/engine/job.go +++ b/components/engine/engine/job.go @@ -17,8 +17,7 @@ import ( // environment variables, standard streams for input, output and error, and // an exit status which can indicate success (0) or error (anything else). // -// One slight variation is that jobs report their status as a string. The -// string "0" indicates success, and any other strings indicates an error. +// For status, 0 indicates success, and any other integers indicates an error. // This allows for richer error reporting. // type Job struct { From cda308f68da4a13ebd62cad14941d3ca49dbb794 Mon Sep 17 00:00:00 2001 From: Fred Lifton Date: Tue, 2 Sep 2014 17:44:36 -0700 Subject: [PATCH 116/540] Adding Docs Deploy process to Docs ReadMe Additions and revisions to Sven's cherry-pick process doc. Docker-DCO-1.1-Signed-off-by: Fred Lifton (github: fredlf) Upstream-commit: 23cf3f74072290f2de0e57d87af3236d44e0b039 Component: engine --- components/engine/docs/README.md | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/components/engine/docs/README.md b/components/engine/docs/README.md index fd8fdfa6d2..c12869603e 100755 --- a/components/engine/docs/README.md +++ b/components/engine/docs/README.md @@ -85,9 +85,9 @@ work!](../CONTRIBUTING.md#sign-your-work) ## Publishing Documentation -To publish a copy of the documentation you need a `docs/awsconfig` -file containing AWS settings to deploy to. The release script will -create an s3 if needed, and will then push the files to it. +To publish a copy of the documentation you need to have Docker up and running on your +machine. You'll also need a `docs/awsconfig` file containing AWS settings to deploy to. +The release script will create an s3 if needed, and will then push the files to it. [profile dowideit-docs] aws_access_key_id = IHOIUAHSIDH234rwf.... aws_secret_access_key = OIUYSADJHLKUHQWIUHE...... region = ap-southeast-2 @@ -105,7 +105,13 @@ also update the root docs pages by running make AWS_S3_BUCKET=dowideit-docs BUILD_ROOT=yes docs-release -## Cherry picking documentation changes to update an existing release. +> **Note:** if you are using Boot2Docker on OSX and the above command returns an error, +> `Post http:///var/run/docker.sock/build?rm=1&t=docker-docs%3Apost-1.2.0-docs_update-2: +> dial unix /var/run/docker.sock: no such file or directory', you need to set the Docker +> host. Run `$(boot2docker shellinit)` to see the correct variable to set. The command +> will return the full `export` command, so you can just cut and paste. + +## Cherry-picking documentation changes to update an existing release. Whenever the core team makes a release, they publish the documentation based on the `release` branch (which is copied into the `docs` branch). The @@ -123,9 +129,9 @@ For example, to update the current release's docs: # Repeat until you have cherry picked everything you will propose to be merged git push upstream post-1.2.0-docs-update-1 -Then make a pull request to merge into the `docs` branch __NOT__ master. +Then make a pull request to merge into the `docs` branch, __NOT__ into master. -Once the PR has the needed `LGTM`'s, merge it, then publish to our beta server +Once the PR has the needed `LGTM`s, merge it, then publish to our beta server to test: git fetch upstream @@ -134,7 +140,7 @@ to test: make AWS_S3_BUCKET=beta-docs.docker.io BUILD_ROOT=yes docs-release Then go to http://beta-docs.docker.io.s3-website-us-west-2.amazonaws.com/ -and make sure that what you have published is good. +to view your results and make sure what you published is what you wanted. When you're happy with it, publish the docs to our live site: From e9ab736d16fbdb5f119437b6d290a121340d03b3 Mon Sep 17 00:00:00 2001 From: unclejack Date: Tue, 12 Aug 2014 19:10:43 +0300 Subject: [PATCH 117/540] move some io related utils to pkg/ioutils Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 76212635b594d4472dd8d5b2e071fac416addbe7 Component: engine --- components/engine/archive/archive.go | 3 +- components/engine/daemon/attach.go | 5 +- components/engine/daemon/container.go | 15 +-- components/engine/daemon/daemon.go | 5 +- components/engine/engine/engine.go | 3 +- components/engine/image/image.go | 5 +- components/engine/integration/runtime_test.go | 3 +- components/engine/pkg/ioutils/readers.go | 82 ++++++++++++++++ components/engine/pkg/ioutils/readers_test.go | 34 +++++++ components/engine/pkg/ioutils/writers.go | 23 +++++ components/engine/utils/utils.go | 98 +------------------ components/engine/utils/utils_test.go | 29 ------ 12 files changed, 164 insertions(+), 141 deletions(-) create mode 100644 components/engine/pkg/ioutils/readers.go create mode 100644 components/engine/pkg/ioutils/readers_test.go create mode 100644 components/engine/pkg/ioutils/writers.go diff --git a/components/engine/archive/archive.go b/components/engine/archive/archive.go index 7d9f7fb974..e73b1b8e39 100644 --- a/components/engine/archive/archive.go +++ b/components/engine/archive/archive.go @@ -18,6 +18,7 @@ import ( "github.com/docker/docker/vendor/src/code.google.com/p/go/src/pkg/archive/tar" + "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/log" "github.com/docker/docker/pkg/system" "github.com/docker/docker/utils" @@ -107,7 +108,7 @@ func CompressStream(dest io.WriteCloser, compression Compression) (io.WriteClose switch compression { case Uncompressed: - return utils.NopWriteCloser(dest), nil + return ioutils.NopWriteCloser(dest), nil case Gzip: return gzip.NewWriter(dest), nil case Bzip2, Xz: diff --git a/components/engine/daemon/attach.go b/components/engine/daemon/attach.go index 7a4eb0bc99..c015ee7258 100644 --- a/components/engine/daemon/attach.go +++ b/components/engine/daemon/attach.go @@ -8,6 +8,7 @@ import ( "time" "github.com/docker/docker/engine" + "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/jsonlog" "github.com/docker/docker/pkg/log" "github.com/docker/docker/utils" @@ -195,7 +196,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo if cStdout, err := container.StdoutPipe(); err != nil { log.Errorf("attach: stdout pipe: %s", err) } else { - io.Copy(&utils.NopWriter{}, cStdout) + io.Copy(&ioutils.NopWriter{}, cStdout) } }() } @@ -234,7 +235,7 @@ func (daemon *Daemon) Attach(container *Container, stdin io.ReadCloser, stdinClo if cStderr, err := container.StderrPipe(); err != nil { log.Errorf("attach: stdout pipe: %s", err) } else { - io.Copy(&utils.NopWriter{}, cStderr) + io.Copy(&ioutils.NopWriter{}, cStderr) } }() } diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index fa97553d8c..2ac6cb26b6 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -24,6 +24,7 @@ import ( "github.com/docker/docker/links" "github.com/docker/docker/nat" "github.com/docker/docker/pkg/broadcastwriter" + "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/log" "github.com/docker/docker/pkg/networkfs/etchosts" "github.com/docker/docker/pkg/networkfs/resolvconf" @@ -366,25 +367,25 @@ func (streamConfig *StreamConfig) StdinPipe() (io.WriteCloser, error) { func (streamConfig *StreamConfig) StdoutPipe() (io.ReadCloser, error) { reader, writer := io.Pipe() streamConfig.stdout.AddWriter(writer, "") - return utils.NewBufReader(reader), nil + return ioutils.NewBufReader(reader), nil } func (streamConfig *StreamConfig) StderrPipe() (io.ReadCloser, error) { reader, writer := io.Pipe() streamConfig.stderr.AddWriter(writer, "") - return utils.NewBufReader(reader), nil + return ioutils.NewBufReader(reader), nil } func (streamConfig *StreamConfig) StdoutLogPipe() io.ReadCloser { reader, writer := io.Pipe() streamConfig.stdout.AddWriter(writer, "stdout") - return utils.NewBufReader(reader) + return ioutils.NewBufReader(reader) } func (streamConfig *StreamConfig) StderrLogPipe() io.ReadCloser { reader, writer := io.Pipe() streamConfig.stderr.AddWriter(writer, "stderr") - return utils.NewBufReader(reader) + return ioutils.NewBufReader(reader) } func (container *Container) buildHostnameFile() error { @@ -655,7 +656,7 @@ func (container *Container) ExportRw() (archive.Archive, error) { container.Unmount() return nil, err } - return utils.NewReadCloserWrapper(archive, func() error { + return ioutils.NewReadCloserWrapper(archive, func() error { err := archive.Close() container.Unmount() return err @@ -673,7 +674,7 @@ func (container *Container) Export() (archive.Archive, error) { container.Unmount() return nil, err } - return utils.NewReadCloserWrapper(archive, func() error { + return ioutils.NewReadCloserWrapper(archive, func() error { err := archive.Close() container.Unmount() return err @@ -809,7 +810,7 @@ func (container *Container) Copy(resource string) (io.ReadCloser, error) { container.Unmount() return nil, err } - return utils.NewReadCloserWrapper(archive, func() error { + return ioutils.NewReadCloserWrapper(archive, func() error { err := archive.Close() container.Unmount() return err diff --git a/components/engine/daemon/daemon.go b/components/engine/daemon/daemon.go index 196d561acc..fab28110c6 100644 --- a/components/engine/daemon/daemon.go +++ b/components/engine/daemon/daemon.go @@ -28,6 +28,7 @@ import ( "github.com/docker/docker/image" "github.com/docker/docker/pkg/broadcastwriter" "github.com/docker/docker/pkg/graphdb" + "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/log" "github.com/docker/docker/pkg/namesgenerator" "github.com/docker/docker/pkg/networkfs/resolvconf" @@ -201,7 +202,7 @@ func (daemon *Daemon) register(container *Container, updateSuffixarray bool) err if container.Config.OpenStdin { container.stdin, container.stdinPipe = io.Pipe() } else { - container.stdinPipe = utils.NopWriteCloser(ioutil.Discard) // Silently drop stdin + container.stdinPipe = ioutils.NopWriteCloser(ioutil.Discard) // Silently drop stdin } // done daemon.containers.Add(container.ID, container) @@ -965,7 +966,7 @@ func (daemon *Daemon) Diff(container *Container) (archive.Archive, error) { if err != nil { return nil, err } - return utils.NewReadCloserWrapper(archive, func() error { + return ioutils.NewReadCloserWrapper(archive, func() error { err := archive.Close() daemon.driver.Put(container.ID) return err diff --git a/components/engine/engine/engine.go b/components/engine/engine/engine.go index 4550df9d1d..e35acbbaf3 100644 --- a/components/engine/engine/engine.go +++ b/components/engine/engine/engine.go @@ -10,6 +10,7 @@ import ( "sync" "time" + "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/utils" ) @@ -123,7 +124,7 @@ func (eng *Engine) Job(name string, args ...string) *Job { env: &Env{}, } if eng.Logging { - job.Stderr.Add(utils.NopWriteCloser(eng.Stderr)) + job.Stderr.Add(ioutils.NopWriteCloser(eng.Stderr)) } // Catchall is shadowed by specific Register. diff --git a/components/engine/image/image.go b/components/engine/image/image.go index 702782c892..468d01293d 100644 --- a/components/engine/image/image.go +++ b/components/engine/image/image.go @@ -11,6 +11,7 @@ import ( "github.com/docker/docker/archive" "github.com/docker/docker/daemon/graphdriver" + "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/log" "github.com/docker/docker/runconfig" "github.com/docker/docker/utils" @@ -198,7 +199,7 @@ func (img *Image) TarLayer() (arch archive.Archive, err error) { if err != nil { return nil, err } - return utils.NewReadCloserWrapper(archive, func() error { + return ioutils.NewReadCloserWrapper(archive, func() error { err := archive.Close() driver.Put(img.ID) return err @@ -218,7 +219,7 @@ func (img *Image) TarLayer() (arch archive.Archive, err error) { if err != nil { return nil, err } - return utils.NewReadCloserWrapper(archive, func() error { + return ioutils.NewReadCloserWrapper(archive, func() error { err := archive.Close() driver.Put(img.ID) return err diff --git a/components/engine/integration/runtime_test.go b/components/engine/integration/runtime_test.go index d6427adf5d..12ff409f19 100644 --- a/components/engine/integration/runtime_test.go +++ b/components/engine/integration/runtime_test.go @@ -20,6 +20,7 @@ import ( "github.com/docker/docker/engine" "github.com/docker/docker/image" "github.com/docker/docker/nat" + "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/log" "github.com/docker/docker/reexec" "github.com/docker/docker/runconfig" @@ -141,7 +142,7 @@ func setupBaseImage() { if err := job.Run(); err != nil || img.Get("Id") != unitTestImageID { // Retrieve the Image job = eng.Job("pull", unitTestImageName) - job.Stdout.Add(utils.NopWriteCloser(os.Stdout)) + job.Stdout.Add(ioutils.NopWriteCloser(os.Stdout)) if err := job.Run(); err != nil { log.Fatalf("Unable to pull the test image: %s", err) } diff --git a/components/engine/pkg/ioutils/readers.go b/components/engine/pkg/ioutils/readers.go new file mode 100644 index 0000000000..8488034bd8 --- /dev/null +++ b/components/engine/pkg/ioutils/readers.go @@ -0,0 +1,82 @@ +package ioutils + +import ( + "bytes" + "io" + "sync" +) + +type readCloserWrapper struct { + io.Reader + closer func() error +} + +func (r *readCloserWrapper) Close() error { + return r.closer() +} + +func NewReadCloserWrapper(r io.Reader, closer func() error) io.ReadCloser { + return &readCloserWrapper{ + Reader: r, + closer: closer, + } +} + +type bufReader struct { + sync.Mutex + buf *bytes.Buffer + reader io.Reader + err error + wait sync.Cond +} + +func NewBufReader(r io.Reader) *bufReader { + reader := &bufReader{ + buf: &bytes.Buffer{}, + reader: r, + } + reader.wait.L = &reader.Mutex + go reader.drain() + return reader +} + +func (r *bufReader) drain() { + buf := make([]byte, 1024) + for { + n, err := r.reader.Read(buf) + r.Lock() + if err != nil { + r.err = err + } else { + r.buf.Write(buf[0:n]) + } + r.wait.Signal() + r.Unlock() + if err != nil { + break + } + } +} + +func (r *bufReader) Read(p []byte) (n int, err error) { + r.Lock() + defer r.Unlock() + for { + n, err = r.buf.Read(p) + if n > 0 { + return n, err + } + if r.err != nil { + return 0, r.err + } + r.wait.Wait() + } +} + +func (r *bufReader) Close() error { + closer, ok := r.reader.(io.ReadCloser) + if !ok { + return nil + } + return closer.Close() +} diff --git a/components/engine/pkg/ioutils/readers_test.go b/components/engine/pkg/ioutils/readers_test.go new file mode 100644 index 0000000000..a7a2dad176 --- /dev/null +++ b/components/engine/pkg/ioutils/readers_test.go @@ -0,0 +1,34 @@ +package ioutils + +import ( + "bytes" + "io" + "io/ioutil" + "testing" +) + +func TestBufReader(t *testing.T) { + reader, writer := io.Pipe() + bufreader := NewBufReader(reader) + + // Write everything down to a Pipe + // Usually, a pipe should block but because of the buffered reader, + // the writes will go through + done := make(chan bool) + go func() { + writer.Write([]byte("hello world")) + writer.Close() + done <- true + }() + + // Drain the reader *after* everything has been written, just to verify + // it is indeed buffering + <-done + output, err := ioutil.ReadAll(bufreader) + if err != nil { + t.Fatal(err) + } + if !bytes.Equal(output, []byte("hello world")) { + t.Error(string(output)) + } +} diff --git a/components/engine/pkg/ioutils/writers.go b/components/engine/pkg/ioutils/writers.go new file mode 100644 index 0000000000..de7bd0259e --- /dev/null +++ b/components/engine/pkg/ioutils/writers.go @@ -0,0 +1,23 @@ +package ioutils + +import "io" + +type NopWriter struct{} + +func (*NopWriter) Write(buf []byte) (int, error) { + return len(buf), nil +} + +type nopWriteCloser struct { + io.Writer +} + +func (w *nopWriteCloser) Close() error { return nil } + +func NopWriteCloser(w io.Writer) io.WriteCloser { + return &nopWriteCloser{w} +} + +type NopFlusher struct{} + +func (f *NopFlusher) Flush() {} diff --git a/components/engine/utils/utils.go b/components/engine/utils/utils.go index b6ae91afec..f9b41c0bbd 100644 --- a/components/engine/utils/utils.go +++ b/components/engine/utils/utils.go @@ -20,6 +20,7 @@ import ( "syscall" "github.com/docker/docker/dockerversion" + "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/log" ) @@ -157,81 +158,6 @@ func DockerInitPath(localCopy string) string { return "" } -type NopWriter struct{} - -func (*NopWriter) Write(buf []byte) (int, error) { - return len(buf), nil -} - -type nopWriteCloser struct { - io.Writer -} - -func (w *nopWriteCloser) Close() error { return nil } - -func NopWriteCloser(w io.Writer) io.WriteCloser { - return &nopWriteCloser{w} -} - -type bufReader struct { - sync.Mutex - buf *bytes.Buffer - reader io.Reader - err error - wait sync.Cond -} - -func NewBufReader(r io.Reader) *bufReader { - reader := &bufReader{ - buf: &bytes.Buffer{}, - reader: r, - } - reader.wait.L = &reader.Mutex - go reader.drain() - return reader -} - -func (r *bufReader) drain() { - buf := make([]byte, 1024) - for { - n, err := r.reader.Read(buf) - r.Lock() - if err != nil { - r.err = err - } else { - r.buf.Write(buf[0:n]) - } - r.wait.Signal() - r.Unlock() - if err != nil { - break - } - } -} - -func (r *bufReader) Read(p []byte) (n int, err error) { - r.Lock() - defer r.Unlock() - for { - n, err = r.buf.Read(p) - if n > 0 { - return n, err - } - if r.err != nil { - return 0, r.err - } - r.wait.Wait() - } -} - -func (r *bufReader) Close() error { - closer, ok := r.reader.(io.ReadCloser) - if !ok { - return nil - } - return closer.Close() -} - func GetTotalUsedFds() int { if fds, err := ioutil.ReadDir(fmt.Sprintf("/proc/%d/fd", os.Getpid())); err != nil { log.Errorf("Error opening /proc/%d/fd: %s", os.Getpid(), err) @@ -340,10 +266,6 @@ func CopyDirectory(source, dest string) error { return nil } -type NopFlusher struct{} - -func (f *NopFlusher) Flush() {} - type WriteFlusher struct { sync.Mutex w io.Writer @@ -370,7 +292,7 @@ func NewWriteFlusher(w io.Writer) *WriteFlusher { if f, ok := w.(http.Flusher); ok { flusher = f } else { - flusher = &NopFlusher{} + flusher = &ioutils.NopFlusher{} } return &WriteFlusher{w: w, flusher: flusher} } @@ -527,22 +449,6 @@ func CopyFile(src, dst string) (int64, error) { return io.Copy(df, sf) } -type readCloserWrapper struct { - io.Reader - closer func() error -} - -func (r *readCloserWrapper) Close() error { - return r.closer() -} - -func NewReadCloserWrapper(r io.Reader, closer func() error) io.ReadCloser { - return &readCloserWrapper{ - Reader: r, - closer: closer, - } -} - // ReplaceOrAppendValues returns the defaults with the overrides either // replaced by env key or appended to the list func ReplaceOrAppendEnvValues(defaults, overrides []string) []string { diff --git a/components/engine/utils/utils_test.go b/components/engine/utils/utils_test.go index cf11182f43..7990faa8b1 100644 --- a/components/engine/utils/utils_test.go +++ b/components/engine/utils/utils_test.go @@ -1,39 +1,10 @@ package utils import ( - "bytes" - "io" - "io/ioutil" "os" "testing" ) -func TestBufReader(t *testing.T) { - reader, writer := io.Pipe() - bufreader := NewBufReader(reader) - - // Write everything down to a Pipe - // Usually, a pipe should block but because of the buffered reader, - // the writes will go through - done := make(chan bool) - go func() { - writer.Write([]byte("hello world")) - writer.Close() - done <- true - }() - - // Drain the reader *after* everything has been written, just to verify - // it is indeed buffering - <-done - output, err := ioutil.ReadAll(bufreader) - if err != nil { - t.Fatal(err) - } - if !bytes.Equal(output, []byte("hello world")) { - t.Error(string(output)) - } -} - func TestCheckLocalDns(t *testing.T) { for resolv, result := range map[string]bool{`# Dynamic nameserver 10.0.2.3 From 0e15abc25d53a1ea32cf7fd8055311c98e18f3ea Mon Sep 17 00:00:00 2001 From: unclejack Date: Tue, 12 Aug 2014 19:20:59 +0300 Subject: [PATCH 118/540] pkg/ioutils: add WriteCloserWrapper Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 7b6f34057cee94bf22e4e58cd164731e6b0e8851 Component: engine --- components/engine/pkg/ioutils/writers.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/components/engine/pkg/ioutils/writers.go b/components/engine/pkg/ioutils/writers.go index de7bd0259e..c0b3608fe6 100644 --- a/components/engine/pkg/ioutils/writers.go +++ b/components/engine/pkg/ioutils/writers.go @@ -21,3 +21,19 @@ func NopWriteCloser(w io.Writer) io.WriteCloser { type NopFlusher struct{} func (f *NopFlusher) Flush() {} + +type writeCloserWrapper struct { + io.Writer + closer func() error +} + +func (r *writeCloserWrapper) Close() error { + return r.closer() +} + +func NewWriteCloserWrapper(r io.Writer, closer func() error) io.WriteCloser { + return &writeCloserWrapper{ + Writer: r, + closer: closer, + } +} From dca3941db1613bc725692a7e3e27365c12104dad Mon Sep 17 00:00:00 2001 From: unclejack Date: Tue, 19 Aug 2014 19:58:07 +0300 Subject: [PATCH 119/540] pkg/ioutils: add NewBufReaderWithDrainbufAndBuffer Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: c93b9e81c03168ca69def94ba231d2ecc6672ce9 Component: engine --- components/engine/pkg/ioutils/readers.go | 30 +++++++++++++++++------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/components/engine/pkg/ioutils/readers.go b/components/engine/pkg/ioutils/readers.go index 8488034bd8..f059bb1666 100644 --- a/components/engine/pkg/ioutils/readers.go +++ b/components/engine/pkg/ioutils/readers.go @@ -24,16 +24,29 @@ func NewReadCloserWrapper(r io.Reader, closer func() error) io.ReadCloser { type bufReader struct { sync.Mutex - buf *bytes.Buffer - reader io.Reader - err error - wait sync.Cond + buf *bytes.Buffer + reader io.Reader + err error + wait sync.Cond + drainBuf []byte } func NewBufReader(r io.Reader) *bufReader { reader := &bufReader{ - buf: &bytes.Buffer{}, - reader: r, + buf: &bytes.Buffer{}, + drainBuf: make([]byte, 1024), + reader: r, + } + reader.wait.L = &reader.Mutex + go reader.drain() + return reader +} + +func NewBufReaderWithDrainbufAndBuffer(r io.Reader, drainBuffer []byte, buffer *bytes.Buffer) *bufReader { + reader := &bufReader{ + buf: buffer, + drainBuf: drainBuffer, + reader: r, } reader.wait.L = &reader.Mutex go reader.drain() @@ -41,14 +54,13 @@ func NewBufReader(r io.Reader) *bufReader { } func (r *bufReader) drain() { - buf := make([]byte, 1024) for { - n, err := r.reader.Read(buf) + n, err := r.reader.Read(r.drainBuf) r.Lock() if err != nil { r.err = err } else { - r.buf.Write(buf[0:n]) + r.buf.Write(r.drainBuf[0:n]) } r.wait.Signal() r.Unlock() From dd97f278a0d4f561467577263055d0f84a1219a5 Mon Sep 17 00:00:00 2001 From: unclejack Date: Wed, 20 Aug 2014 23:50:42 +0300 Subject: [PATCH 120/540] pkg/ioutils: add ReaderErrWrapper to readers Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: bd130e72a06dc3e8de521ce365bf4933f36b2417 Component: engine --- components/engine/pkg/ioutils/readers.go | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/components/engine/pkg/ioutils/readers.go b/components/engine/pkg/ioutils/readers.go index f059bb1666..22f46fbd92 100644 --- a/components/engine/pkg/ioutils/readers.go +++ b/components/engine/pkg/ioutils/readers.go @@ -22,6 +22,26 @@ func NewReadCloserWrapper(r io.Reader, closer func() error) io.ReadCloser { } } +type readerErrWrapper struct { + reader io.Reader + closer func() +} + +func (r *readerErrWrapper) Read(p []byte) (int, error) { + n, err := r.reader.Read(p) + if err != nil { + r.closer() + } + return n, err +} + +func NewReaderErrWrapper(r io.Reader, closer func()) io.Reader { + return &readerErrWrapper{ + reader: r, + closer: closer, + } +} + type bufReader struct { sync.Mutex buf *bytes.Buffer From fca073bcf7897fb1bd9ee9f8e61ae49b237e778b Mon Sep 17 00:00:00 2001 From: unclejack Date: Tue, 12 Aug 2014 19:27:19 +0300 Subject: [PATCH 121/540] pkg/pool: add pools for bufio readers & writers Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 2d2016b81b1f313cda2c8f145844b162352ba234 Component: engine --- components/engine/pkg/pools/pools.go | 111 ++++++++++++++++++++ components/engine/pkg/pools/pools_nopool.go | 73 +++++++++++++ 2 files changed, 184 insertions(+) create mode 100644 components/engine/pkg/pools/pools.go create mode 100644 components/engine/pkg/pools/pools_nopool.go diff --git a/components/engine/pkg/pools/pools.go b/components/engine/pkg/pools/pools.go new file mode 100644 index 0000000000..5338a0cfb2 --- /dev/null +++ b/components/engine/pkg/pools/pools.go @@ -0,0 +1,111 @@ +// +build go1.3 + +// Package pools provides a collection of pools which provide various +// data types with buffers. These can be used to lower the number of +// memory allocations and reuse buffers. +// +// New pools should be added to this package to allow them to be +// shared across packages. +// +// Utility functions which operate on pools should be added to this +// package to allow them to be reused. +package pools + +import ( + "bufio" + "io" + "sync" + + "github.com/docker/docker/pkg/ioutils" +) + +var ( + // Pool which returns bufio.Reader with a 32K buffer + BufioReader32KPool *BufioReaderPool + // Pool which returns bufio.Writer with a 32K buffer + BufioWriter32KPool *BufioWriterPool +) + +const buffer32K = 32 * 1024 + +type BufioReaderPool struct { + pool sync.Pool +} + +func init() { + BufioReader32KPool = newBufioReaderPoolWithSize(buffer32K) + BufioWriter32KPool = newBufioWriterPoolWithSize(buffer32K) +} + +// newBufioReaderPoolWithSize is unexported because new pools should be +// added here to be shared where required. +func newBufioReaderPoolWithSize(size int) *BufioReaderPool { + pool := sync.Pool{ + New: func() interface{} { return bufio.NewReaderSize(nil, size) }, + } + return &BufioReaderPool{pool: pool} +} + +// Get returns a bufio.Reader which reads from r. The buffer size is that of the pool. +func (bufPool *BufioReaderPool) Get(r io.Reader) *bufio.Reader { + buf := bufPool.pool.Get().(*bufio.Reader) + buf.Reset(r) + return buf +} + +// Put puts the bufio.Reader back into the pool. +func (bufPool *BufioReaderPool) Put(b *bufio.Reader) { + b.Reset(nil) + bufPool.pool.Put(b) +} + +// NewReadCloserWrapper returns a wrapper which puts the bufio.Reader back +// into the pool and closes the reader if it's an io.ReadCloser. +func (bufPool *BufioReaderPool) NewReadCloserWrapper(buf *bufio.Reader, r io.Reader) io.ReadCloser { + return ioutils.NewReadCloserWrapper(r, func() error { + if readCloser, ok := r.(io.ReadCloser); ok { + readCloser.Close() + } + bufPool.Put(buf) + return nil + }) +} + +type BufioWriterPool struct { + pool sync.Pool +} + +// newBufioWriterPoolWithSize is unexported because new pools should be +// added here to be shared where required. +func newBufioWriterPoolWithSize(size int) *BufioWriterPool { + pool := sync.Pool{ + New: func() interface{} { return bufio.NewWriterSize(nil, size) }, + } + return &BufioWriterPool{pool: pool} +} + +// Get returns a bufio.Writer which writes to w. The buffer size is that of the pool. +func (bufPool *BufioWriterPool) Get(w io.Writer) *bufio.Writer { + buf := bufPool.pool.Get().(*bufio.Writer) + buf.Reset(w) + return buf +} + +// Put puts the bufio.Writer back into the pool. +func (bufPool *BufioWriterPool) Put(b *bufio.Writer) { + b.Reset(nil) + bufPool.pool.Put(b) +} + +// NewWriteCloserWrapper returns a wrapper which puts the bufio.Writer back +// into the pool and closes the writer if it's an io.Writecloser. +func (bufPool *BufioWriterPool) NewWriteCloserWrapper(buf *bufio.Writer, w io.Writer) io.WriteCloser { + return ioutils.NewWriteCloserWrapper(w, func() error { + buf.Flush() + if writeCloser, ok := w.(io.WriteCloser); ok { + writeCloser.Close() + } + bufPool.Put(buf) + return nil + }) +} diff --git a/components/engine/pkg/pools/pools_nopool.go b/components/engine/pkg/pools/pools_nopool.go new file mode 100644 index 0000000000..48903c2396 --- /dev/null +++ b/components/engine/pkg/pools/pools_nopool.go @@ -0,0 +1,73 @@ +// +build !go1.3 + +package pools + +import ( + "bufio" + "io" + + "github.com/docker/docker/pkg/ioutils" +) + +var ( + BufioReader32KPool *BufioReaderPool + BufioWriter32KPool *BufioWriterPool +) + +const buffer32K = 32 * 1024 + +type BufioReaderPool struct { + size int +} + +func init() { + BufioReader32KPool = newBufioReaderPoolWithSize(buffer32K) + BufioWriter32KPool = newBufioWriterPoolWithSize(buffer32K) +} + +func newBufioReaderPoolWithSize(size int) *BufioReaderPool { + return &BufioReaderPool{size: size} +} + +func (bufPool *BufioReaderPool) Get(r io.Reader) *bufio.Reader { + return bufio.NewReaderSize(r, bufPool.size) +} + +func (bufPool *BufioReaderPool) Put(b *bufio.Reader) { + b.Reset(nil) +} + +func (bufPool *BufioReaderPool) NewReadCloserWrapper(buf *bufio.Reader, r io.Reader) io.ReadCloser { + return ioutils.NewReadCloserWrapper(r, func() error { + if readCloser, ok := r.(io.ReadCloser); ok { + return readCloser.Close() + } + return nil + }) +} + +type BufioWriterPool struct { + size int +} + +func newBufioWriterPoolWithSize(size int) *BufioWriterPool { + return &BufioWriterPool{size: size} +} + +func (bufPool *BufioWriterPool) Get(w io.Writer) *bufio.Writer { + return bufio.NewWriterSize(w, bufPool.size) +} + +func (bufPool *BufioWriterPool) Put(b *bufio.Writer) { + b.Reset(nil) +} + +func (bufPool *BufioWriterPool) NewWriteCloserWrapper(buf *bufio.Writer, w io.Writer) io.WriteCloser { + return ioutils.NewWriteCloserWrapper(w, func() error { + buf.Flush() + if writeCloser, ok := w.(io.WriteCloser); ok { + return writeCloser.Close() + } + return nil + }) +} From fa012b5f229e3c1064c583f0b4e674046b73fba5 Mon Sep 17 00:00:00 2001 From: unclejack Date: Tue, 12 Aug 2014 19:29:46 +0300 Subject: [PATCH 122/540] archive: use pooled bufio readers and writers Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 84d76e556bb96fbddcac20fb5dbce82223987bf8 Component: engine --- components/engine/archive/archive.go | 43 ++++++++++++++++++++-------- components/engine/archive/changes.go | 5 ++-- components/engine/archive/common.go | 4 --- components/engine/archive/diff.go | 6 ++-- 4 files changed, 38 insertions(+), 20 deletions(-) delete mode 100644 components/engine/archive/common.go diff --git a/components/engine/archive/archive.go b/components/engine/archive/archive.go index e73b1b8e39..59163f84af 100644 --- a/components/engine/archive/archive.go +++ b/components/engine/archive/archive.go @@ -18,8 +18,8 @@ import ( "github.com/docker/docker/vendor/src/code.google.com/p/go/src/pkg/archive/tar" - "github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/log" + "github.com/docker/docker/pkg/pools" "github.com/docker/docker/pkg/system" "github.com/docker/docker/utils" ) @@ -81,7 +81,8 @@ func xzDecompress(archive io.Reader) (io.ReadCloser, error) { } func DecompressStream(archive io.Reader) (io.ReadCloser, error) { - buf := bufio.NewReader(archive) + p := pools.BufioReader32KPool + buf := p.Get(archive) bs, err := buf.Peek(10) if err != nil { return nil, err @@ -89,28 +90,44 @@ func DecompressStream(archive io.Reader) (io.ReadCloser, error) { log.Debugf("[tar autodetect] n: %v", bs) compression := DetectCompression(bs) - switch compression { case Uncompressed: - return ioutil.NopCloser(buf), nil + readBufWrapper := p.NewReadCloserWrapper(buf, buf) + return readBufWrapper, nil case Gzip: - return gzip.NewReader(buf) + gzReader, err := gzip.NewReader(buf) + if err != nil { + return nil, err + } + readBufWrapper := p.NewReadCloserWrapper(buf, gzReader) + return readBufWrapper, nil case Bzip2: - return ioutil.NopCloser(bzip2.NewReader(buf)), nil + bz2Reader := bzip2.NewReader(buf) + readBufWrapper := p.NewReadCloserWrapper(buf, bz2Reader) + return readBufWrapper, nil case Xz: - return xzDecompress(buf) + xzReader, err := xzDecompress(buf) + if err != nil { + return nil, err + } + readBufWrapper := p.NewReadCloserWrapper(buf, xzReader) + return readBufWrapper, nil default: return nil, fmt.Errorf("Unsupported compression format %s", (&compression).Extension()) } } func CompressStream(dest io.WriteCloser, compression Compression) (io.WriteCloser, error) { - + p := pools.BufioWriter32KPool + buf := p.Get(dest) switch compression { case Uncompressed: - return ioutils.NopWriteCloser(dest), nil + writeBufWrapper := p.NewWriteCloserWrapper(buf, buf) + return writeBufWrapper, nil case Gzip: - return gzip.NewWriter(dest), nil + gzWriter := gzip.NewWriter(dest) + writeBufWrapper := p.NewWriteCloserWrapper(buf, gzWriter) + return writeBufWrapper, nil case Bzip2, Xz: // archive/bzip2 does not support writing, and there is no xz support at all // However, this is not a problem as docker only currently generates gzipped tars @@ -338,7 +355,8 @@ func TarWithOptions(srcPath string, options *TarOptions) (io.ReadCloser, error) options.Includes = []string{"."} } - twBuf := bufio.NewWriterSize(nil, twBufSize) + twBuf := pools.BufioWriter32KPool.Get(nil) + defer pools.BufioWriter32KPool.Put(twBuf) for _, include := range options.Includes { filepath.Walk(filepath.Join(srcPath, include), func(filePath string, f os.FileInfo, err error) error { @@ -412,7 +430,8 @@ func Untar(archive io.Reader, dest string, options *TarOptions) error { defer decompressedArchive.Close() tr := tar.NewReader(decompressedArchive) - trBuf := bufio.NewReaderSize(nil, trBufSize) + trBuf := pools.BufioReader32KPool.Get(nil) + defer pools.BufioReader32KPool.Put(trBuf) var dirs []*tar.Header diff --git a/components/engine/archive/changes.go b/components/engine/archive/changes.go index a591e8ae11..eefc4b67e4 100644 --- a/components/engine/archive/changes.go +++ b/components/engine/archive/changes.go @@ -1,7 +1,6 @@ package archive import ( - "bufio" "bytes" "fmt" "io" @@ -14,6 +13,7 @@ import ( "github.com/docker/docker/vendor/src/code.google.com/p/go/src/pkg/archive/tar" "github.com/docker/docker/pkg/log" + "github.com/docker/docker/pkg/pools" "github.com/docker/docker/pkg/system" ) @@ -345,7 +345,8 @@ func ExportChanges(dir string, changes []Change) (Archive, error) { tw := tar.NewWriter(writer) go func() { - twBuf := bufio.NewWriterSize(nil, twBufSize) + twBuf := pools.BufioWriter32KPool.Get(nil) + defer pools.BufioWriter32KPool.Put(twBuf) // In general we log errors here but ignore them because // during e.g. a diff operation the container can continue // mutating the filesystem and we can see transient errors diff --git a/components/engine/archive/common.go b/components/engine/archive/common.go deleted file mode 100644 index 2aac34e840..0000000000 --- a/components/engine/archive/common.go +++ /dev/null @@ -1,4 +0,0 @@ -package archive - -const twBufSize = 32 * 1024 -const trBufSize = 32 * 1024 diff --git a/components/engine/archive/diff.go b/components/engine/archive/diff.go index a805f2c0a1..215f62ec0a 100644 --- a/components/engine/archive/diff.go +++ b/components/engine/archive/diff.go @@ -1,7 +1,6 @@ package archive import ( - "bufio" "fmt" "io" "io/ioutil" @@ -11,6 +10,8 @@ import ( "syscall" "github.com/docker/docker/vendor/src/code.google.com/p/go/src/pkg/archive/tar" + + "github.com/docker/docker/pkg/pools" ) // Linux device nodes are a bit weird due to backwards compat with 16 bit device nodes. @@ -33,7 +34,8 @@ func ApplyLayer(dest string, layer ArchiveReader) error { } tr := tar.NewReader(layer) - trBuf := bufio.NewReaderSize(nil, trBufSize) + trBuf := pools.BufioReader32KPool.Get(tr) + defer pools.BufioReader32KPool.Put(trBuf) var dirs []*tar.Header From 2a4b59eccb10aaaf23e2d7885dec68710e1af183 Mon Sep 17 00:00:00 2001 From: Oh Jinkyun Date: Tue, 2 Sep 2014 21:53:50 +0900 Subject: [PATCH 123/540] Dockerfile documentation typo and content fix Signed-off-by: Oh Jinkyun Upstream-commit: 476f1df36f6e8aa16a1e302efe8addec1fe191c9 Component: engine --- components/engine/docs/man/Dockerfile.5.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/engine/docs/man/Dockerfile.5.md b/components/engine/docs/man/Dockerfile.5.md index 9772d4e114..c6a4e32fcf 100644 --- a/components/engine/docs/man/Dockerfile.5.md +++ b/components/engine/docs/man/Dockerfile.5.md @@ -97,7 +97,7 @@ or **FROM ubuntu** **CMD echo "This is a test." | wc -** If you run without a shell, then you must express the command as a - JSON arry and give the full path to the executable. This array form is the + JSON array and give the full path to the executable. This array form is the preferred form of CMD. All additional parameters must be individually expressed as strings in the array: **FROM ubuntu** @@ -177,7 +177,7 @@ or -- **WORKDIR /path/to/workdir** The WORKDIR instruction sets the working directory for the **RUN**, **CMD**, and **ENTRYPOINT** Dockerfile commands that follow it. It can be used multiple times in a single Dockerfile. Relative paths are defined relative to the path of the previous **WORKDIR** instruction. For example: - **WORKDIR /a WORKDIR /b WORKDIR c RUN pwd** + **WORKDIR /a WORKDIR b WORKDIR c RUN pwd** In the above example, the output of the **pwd** command is **a/b/c**. **ONBUILD** From 6cc4adf9ba20e60562b01b8d596cf86e97687b30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20L=C3=89VEIL?= Date: Sun, 31 Aug 2014 22:08:28 +0200 Subject: [PATCH 124/540] Add --force-rm to docker build command completion Signed-off-by: Thomas LEVEIL Upstream-commit: 40f0bf75640f686b2160092db6fc874e672cfd16 Component: engine --- components/engine/contrib/completion/bash/docker | 2 +- components/engine/contrib/completion/fish/docker.fish | 1 + components/engine/contrib/completion/zsh/_docker | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/components/engine/contrib/completion/bash/docker b/components/engine/contrib/completion/bash/docker index d6d622ff33..13fd57ba12 100755 --- a/components/engine/contrib/completion/bash/docker +++ b/components/engine/contrib/completion/bash/docker @@ -151,7 +151,7 @@ _docker_build() case "$cur" in -*) - COMPREPLY=( $( compgen -W "-t --tag -q --quiet --no-cache --rm" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "-t --tag -q --quiet --no-cache --rm --force-rm" -- "$cur" ) ) ;; *) local counter="$(__docker_pos_first_nonflag '-t|--tag')" diff --git a/components/engine/contrib/completion/fish/docker.fish b/components/engine/contrib/completion/fish/docker.fish index ba83526c75..2b106ad62e 100644 --- a/components/engine/contrib/completion/fish/docker.fish +++ b/components/engine/contrib/completion/fish/docker.fish @@ -72,6 +72,7 @@ complete -c docker -A -f -n '__fish_seen_subcommand_from attach' -a '(__fish_pri # build complete -c docker -f -n '__fish_docker_no_subcommand' -a build -d 'Build an image from a Dockerfile' +complete -c docker -A -f -n '__fish_seen_subcommand_from build' -l force-rm -d 'Always remove intermediate containers, even after unsuccessful builds' complete -c docker -A -f -n '__fish_seen_subcommand_from build' -l no-cache -d 'Do not use cache when building the image' complete -c docker -A -f -n '__fish_seen_subcommand_from build' -s q -l quiet -d 'Suppress the verbose output generated by the containers' complete -c docker -A -f -n '__fish_seen_subcommand_from build' -l rm -d 'Remove intermediate containers after a successful build' diff --git a/components/engine/contrib/completion/zsh/_docker b/components/engine/contrib/completion/zsh/_docker index faf17b2bea..824266d400 100644 --- a/components/engine/contrib/completion/zsh/_docker +++ b/components/engine/contrib/completion/zsh/_docker @@ -176,6 +176,7 @@ __docker_subcommand () { ;; (build) _arguments \ + '--force-rm[Always remove intermediate containers, even after unsuccessful builds]' \ '--no-cache[Do not use cache when building the image]' \ '-q[Suppress verbose build output]' \ '--rm[Remove intermediate containers after a successful build]' \ From e62472c6f3474191b9d014ee3a287413ca83e5f3 Mon Sep 17 00:00:00 2001 From: unclejack Date: Wed, 3 Sep 2014 17:26:56 +0300 Subject: [PATCH 125/540] registry/session: fix panic in GetRemoteImageLayer Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 9c413e3e6f1c6bd6abada707c442862049d29743 Component: engine --- components/engine/registry/session.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/components/engine/registry/session.go b/components/engine/registry/session.go index 82b931f269..a8ade7053a 100644 --- a/components/engine/registry/session.go +++ b/components/engine/registry/session.go @@ -167,7 +167,9 @@ func (r *Session) GetRemoteImageLayer(imgID, registry string, token []string, im for i := 1; i <= retries; i++ { res, client, err = r.doRequest(req) if err != nil { - res.Body.Close() + if res.Body != nil { + res.Body.Close() + } if i == retries { return nil, fmt.Errorf("Server error: Status %d while fetching image layer (%s)", res.StatusCode, imgID) From 18d6c431236cc17f9230586e77829b6ef4cd6f39 Mon Sep 17 00:00:00 2001 From: unclejack Date: Wed, 27 Aug 2014 15:38:12 +0300 Subject: [PATCH 126/540] add --all-tags to pull & pull latest by default Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 9c08364a412a51c80e8d17ae14f92549dc543e68 Component: engine --- components/engine/api/client/commands.go | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/components/engine/api/client/commands.go b/components/engine/api/client/commands.go index 4a5f2faea8..9a653426ff 100644 --- a/components/engine/api/client/commands.go +++ b/components/engine/api/client/commands.go @@ -1192,7 +1192,7 @@ func (cli *DockerCli) CmdPush(args ...string) error { func (cli *DockerCli) CmdPull(args ...string) error { cmd := cli.Subcmd("pull", "NAME[:TAG]", "Pull an image or a repository from the registry") - tag := cmd.String([]string{"#t", "#-tag"}, "", "Download tagged image in a repository") + allTags := cmd.Bool([]string{"a", "-all-tags"}, false, "Download all tagged images in the repository") if err := cmd.Parse(args); err != nil { return nil } @@ -1202,19 +1202,22 @@ func (cli *DockerCli) CmdPull(args ...string) error { return nil } var ( - v = url.Values{} - remote = cmd.Arg(0) + v = url.Values{} + remote = cmd.Arg(0) + newRemote = remote ) - - v.Set("fromImage", remote) - - if *tag == "" { - v.Set("tag", *tag) + taglessRemote, tag := parsers.ParseRepositoryTag(remote) + if tag == "" && !*allTags { + newRemote = taglessRemote + ":latest" + } + if tag != "" && *allTags { + return fmt.Errorf("tag can't be used with --all-tags/-a") } - remote, _ = parsers.ParseRepositoryTag(remote) + v.Set("fromImage", newRemote) + // Resolve the Repository name from fqn to hostname + name - hostname, _, err := registry.ResolveRepositoryName(remote) + hostname, _, err := registry.ResolveRepositoryName(taglessRemote) if err != nil { return err } From 6a9927c181b6c3c21742e653ae4f5960a25813e7 Mon Sep 17 00:00:00 2001 From: SvenDowideit Date: Fri, 29 Aug 2014 10:16:40 +1000 Subject: [PATCH 127/540] add a little documentation for docker pull Docker-DCO-1.1-Signed-off-by: SvenDowideit (github: SvenDowideit) Upstream-commit: 82b0c3e59ca12dd87bf2a9d88a63ff66e7d29fb4 Component: engine --- components/engine/docs/man/docker-pull.1.md | 5 ++++- .../engine/docs/sources/reference/commandline/cli.md | 8 ++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/components/engine/docs/man/docker-pull.1.md b/components/engine/docs/man/docker-pull.1.md index 465c97aadd..2adda7821e 100644 --- a/components/engine/docs/man/docker-pull.1.md +++ b/components/engine/docs/man/docker-pull.1.md @@ -6,6 +6,7 @@ docker-pull - Pull an image or a repository from the registry # SYNOPSIS **docker pull** +[**-a**|**--all-tags**[=*false*]] NAME[:TAG] # DESCRIPTION @@ -16,7 +17,8 @@ images for that repository name are pulled down including any tags. It is also possible to specify a non-default registry to pull from. # OPTIONS -There are no available options. +**-a**, **--all-tags**=*true*|*false* + Download all tagged images in the repository. The default is *false*. # EXAMPLES @@ -53,3 +55,4 @@ There are no available options. April 2014, Originally compiled by William Henry (whenry at redhat dot com) based on docker.com source material and internal work. June 2014, updated by Sven Dowideit +August 2014, updated by Sven Dowideit diff --git a/components/engine/docs/sources/reference/commandline/cli.md b/components/engine/docs/sources/reference/commandline/cli.md index 9c313b0c78..c8edc11d0a 100644 --- a/components/engine/docs/sources/reference/commandline/cli.md +++ b/components/engine/docs/sources/reference/commandline/cli.md @@ -852,6 +852,8 @@ This shows all the containers that have exited with status of '0' Pull an image or a repository from the registry + -a, --all-tags=false Download all tagged images in the repository + Most of your images will be created on top of a base image from the [Docker Hub](https://hub.docker.com) registry. @@ -867,11 +869,13 @@ To download a particular image, or set of images (i.e., a repository), use `docker pull`: $ docker pull debian - # will pull all the images in the debian repository + # will pull only the debian:latest image and its intermediate layers $ docker pull debian:testing # will pull only the image named debian:testing and any intermediate layers - # it is based on. (Typically the empty `scratch` image, a MAINTAINERs layer, + # it is based on. (Typically the empty `scratch` image, a MAINTAINER layer, # and the un-tarred base). + $ docker pull --all-tags centos + # will pull all the images from the centos repository $ docker pull registry.hub.docker.com/debian # manually specifies the path to the default Docker registry. This could # be replaced with the path to a local registry to pull from another source. From e8833366488124adabb1b066d8994fe245c39e60 Mon Sep 17 00:00:00 2001 From: unclejack Date: Wed, 3 Sep 2014 18:27:25 +0300 Subject: [PATCH 128/540] docker build: pull just latest if tag uspecified Docker-DCO-1.1-Signed-off-by: Cristian Staretu (github: unclejack) Upstream-commit: 6ba5d67a51d96e6c2923227c99ee049bbf8e5f50 Component: engine --- components/engine/builder/internals.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/components/engine/builder/internals.go b/components/engine/builder/internals.go index 62fff0701b..c61e5114a6 100644 --- a/components/engine/builder/internals.go +++ b/components/engine/builder/internals.go @@ -271,6 +271,9 @@ func (b *Builder) runContextCommand(args []string, allowRemote bool, allowDecomp func (b *Builder) pullImage(name string) (*imagepkg.Image, error) { remote, tag := parsers.ParseRepositoryTag(name) + if tag == "" { + tag = "latest" + } pullRegistryAuth := b.AuthConfig if len(b.AuthConfigFile.Configs) > 0 { // The request came with a full auth config file, we prefer to use that From ee05b11eb066866d445d450d02460e89076e4e39 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Wed, 3 Sep 2014 19:06:25 +0200 Subject: [PATCH 129/540] The correct option for go test is -test.run not -run Upstream-commit: 2a7770a712758e9d5071cedd8e44352953bdef72 Component: engine --- components/engine/docs/sources/contributing/devenvironment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/engine/docs/sources/contributing/devenvironment.md b/components/engine/docs/sources/contributing/devenvironment.md index 25a80af4af..41570e537d 100644 --- a/components/engine/docs/sources/contributing/devenvironment.md +++ b/components/engine/docs/sources/contributing/devenvironment.md @@ -115,7 +115,7 @@ something like this If $TESTFLAGS is set in the environment, it is passed as extra arguments to `go test`. You can use this to select certain tests to run, e.g., - $ TESTFLAGS=`-run \^TestBuild\$` make test + $ TESTFLAGS=`-test.run \^TestBuild\$` make test If the output indicates "FAIL" and you see errors like this: From 05579b59005ea763404b7a7ad9aac3cc05805510 Mon Sep 17 00:00:00 2001 From: Ward Vandewege Date: Wed, 3 Sep 2014 13:12:10 -0400 Subject: [PATCH 130/540] fix typos in error messages Signed-off-by: Ward Vandewege (github: cure) Upstream-commit: a447894946ca2ac47bf1c46f78c4839c75fd740d Component: engine --- .../engine/daemon/graphdriver/devmapper/attach_loopback.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/engine/daemon/graphdriver/devmapper/attach_loopback.go b/components/engine/daemon/graphdriver/devmapper/attach_loopback.go index 86714d1959..9cfa18a4d3 100644 --- a/components/engine/daemon/graphdriver/devmapper/attach_loopback.go +++ b/components/engine/daemon/graphdriver/devmapper/attach_loopback.go @@ -52,7 +52,7 @@ func openNextAvailableLoopback(index int, sparseFile *os.File) (loopFile *os.Fil // OpenFile adds O_CLOEXEC loopFile, err = os.OpenFile(target, os.O_RDWR, 0644) if err != nil { - log.Errorf("Error openning loopback device: %s", err) + log.Errorf("Error opening loopback device: %s", err) return nil, ErrAttachLoopbackDevice } @@ -97,7 +97,7 @@ func attachLoopDevice(sparseName string) (loop *os.File, err error) { // OpenFile adds O_CLOEXEC sparseFile, err := os.OpenFile(sparseName, os.O_RDWR, 0644) if err != nil { - log.Errorf("Error openning sparse file %s: %s", sparseName, err) + log.Errorf("Error opening sparse file %s: %s", sparseName, err) return nil, ErrAttachLoopbackDevice } defer sparseFile.Close() From 834b945b718c9924d26a5b892047c98b73b90ce2 Mon Sep 17 00:00:00 2001 From: Vincent Bernat Date: Wed, 3 Sep 2014 22:30:11 +0200 Subject: [PATCH 131/540] zsh: update zsh completion for docker command zsh completion is updated with the content of felixr/docker-zsh-completion. The major change since the last merge is the removal of use of sed/awk. This should help a lot OSX users who previously had to install gawk and gsed. Docker-DCO-1.1-Signed-off-by: Vincent Bernat (github: vincentbernat) Upstream-commit: dc2eab2cf48be2dc763f132fea1e1a72b0c8e03c Component: engine --- .../engine/contrib/completion/zsh/_docker | 155 ++++++++++-------- 1 file changed, 91 insertions(+), 64 deletions(-) diff --git a/components/engine/contrib/completion/zsh/_docker b/components/engine/contrib/completion/zsh/_docker index faf17b2bea..e9b8e89ca0 100644 --- a/components/engine/contrib/completion/zsh/_docker +++ b/components/engine/contrib/completion/zsh/_docker @@ -5,7 +5,7 @@ # version: 0.3.0 # github: https://github.com/felixr/docker-zsh-completion # -# contributers: +# contributors: # - Felix Riedel # - Vincent Bernat # @@ -37,65 +37,86 @@ # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # -__parse_docker_list() { - awk ' -NR == 1 { - idx=1;i=0;f[i]=0 - header=$0 - while ( match(header, / ([A-Z]+|[A-Z]+ [A-Z]+)/) ) { - idx += RSTART+1 - f[++i]=idx - header = substr($0,idx) - } - f[++i]=999 -} +__docker_get_containers() { + local kind expl + declare -a running stopped lines args -NR > 1 '"$1"' { - for(j=0;j 1 && $1 != ""){printf("%s", $1);if ($2 != "") printf("\\:%s", $2); printf("\n")}')"}) - images=($images ${(f)"$(_call_program commands docker images | awk '(NR > 1){printf("%s:%-15s in %s\n", $3,$2,$1)}')"}) - _describe -t docker-images "Images" images + images=(${${${${(f)"$(_call_program commands docker images)"}[2,-1]}/ ##/\\:}%% *}) + images=(${${images%\\:}#} ${${${(f)"$(_call_program commands docker images)"}[2,-1]}/(#b)([^ ]##) ##([^ ]##) ##([^ ]##)*/${match[3]}:${(r:15:: :::)match[2]} in ${match[1]}}) + _describe -t docker-images "images" images } __docker_tags() { local expl declare -a tags - tags=(${(f)"$(_call_program commands docker images | awk '(NR>1){print $2}'| sort | uniq)"}) + tags=(${${${${${(f)"$(_call_program commands docker images)"}#* }## #}%% *}[2,-1]}) _describe -t docker-tags "tags" tags } @@ -124,16 +145,15 @@ __docker_search() { if ( [[ ${(P)+cachename} -eq 0 ]] || _cache_invalid ${cachename#_} ) \ && ! _retrieve_cache ${cachename#_}; then _message "Searching for ${searchterm}..." - result=(${(f)"$(_call_program commands docker search ${searchterm} | awk '(NR>2){print $1}')"}) + result=(${${${(f)"$(_call_program commands docker search ${searchterm})"}%% *}[2,-1]}) _store_cache ${cachename#_} result fi - _wanted dockersearch expl 'Available images' compadd -a result + _wanted dockersearch expl 'available images' compadd -a result } __docker_caching_policy() { - # oldp=( "$1"(Nmh+24) ) # 24 hour - oldp=( "$1"(Nmh+1) ) # 24 hour + oldp=( "$1"(Nmh+1) ) # 1 hour (( $#oldp )) } @@ -141,8 +161,8 @@ __docker_caching_policy() __docker_repositories () { local expl declare -a repos - repos=(${(f)"$(_call_program commands docker images | sed -e '1d' -e 's/[ ].*//' | sort | uniq)"}) - _describe -t docker-repos "Repositories" repos "$@" + repos=(${${${(f)"$(_call_program commands docker images)"}%% *}[2,-1]}) + _describe -t docker-repos "repositories" repos "$@" } __docker_commands () { @@ -157,8 +177,7 @@ __docker_commands () { if ( [[ ${+_docker_subcommands} -eq 0 ]] || _cache_invalid docker_subcommands) \ && ! _retrieve_cache docker_subcommands; then - _docker_subcommands=(${${(f)"$(_call_program commands - docker 2>&1 | sed -e '1,6d' -e '/^[ ]*$/d' -e 's/[ ]*\([^ ]\+\)\s*\([^ ].*\)/\1:\2/' )"}}) + _docker_subcommands=(${${${${(f)"$(_call_program commands docker 2>&1)"}[5,-1]}## #}/ ##/:}) _docker_subcommands=($_docker_subcommands 'help:Show help for a command') _store_cache docker_subcommands _docker_subcommands fi @@ -179,13 +198,13 @@ __docker_subcommand () { '--no-cache[Do not use cache when building the image]' \ '-q[Suppress verbose build output]' \ '--rm[Remove intermediate containers after a successful build]' \ - '-t=-:repository:__docker_repositories_with_tags' \ + '-t:repository:__docker_repositories_with_tags' \ ':path or URL:_directories' ;; (commit) _arguments \ '--author=-[Author]:author: ' \ - '-m=-[Commit message]:message: ' \ + '-m[Commit message]:message: ' \ '--run=-[Configuration automatically applied when the image is run]:configuration: ' \ ':container:__docker_containers' \ ':repository:__docker_repositories_with_tags' @@ -251,9 +270,9 @@ __docker_subcommand () { ;; (login) _arguments \ - '-e=-[Email]:email: ' \ - '-p=-[Password]:password: ' \ - '-u=-[Username]:username: ' \ + '-e[Email]:email: ' \ + '-p[Password]:password: ' \ + '-u[Username]:username: ' \ ':server: ' ;; (logs) @@ -283,7 +302,7 @@ __docker_subcommand () { '*:images:__docker_images' ;; (restart|stop) - _arguments '-t=-[Number of seconds to try to stop for before killing the container]:seconds to before killing:(1 5 10 30 60)' \ + _arguments '-t[Number of seconds to try to stop for before killing the container]:seconds to before killing:(1 5 10 30 60)' \ '*:containers:__docker_runningcontainers' ;; (top) @@ -302,7 +321,7 @@ __docker_subcommand () { '-a[Show all containers]' \ '--before=-[Show only container created before...]:containers:__docker_containers' \ '-l[Show only the latest created container]' \ - '-n=-[Show n last created containers, include non-running one]:n:(1 5 10 25 50)' \ + '-n[Show n last created containers, include non-running one]:n:(1 5 10 25 50)' \ '--no-trunc[Do not truncate output]' \ '-q[Only show numeric IDs]' \ '-s[Display sizes]' \ @@ -318,28 +337,28 @@ __docker_subcommand () { _arguments \ '-P[Publish all exposed ports to the host]' \ '-a[Attach to stdin, stdout or stderr]' \ - '-c=-[CPU shares (relative weight)]:CPU shares:(0 10 100 200 500 800 1000)' \ + '-c[CPU shares (relative weight)]:CPU shares:(0 10 100 200 500 800 1000)' \ '--cidfile=-[Write the container ID to the file]:CID file:_files' \ '-d[Detached mode: leave the container running in the background]' \ '*--dns=-[Set custom dns servers]:dns server: ' \ - '*-e=-[Set environment variables]:environment variable: ' \ + '*-e[Set environment variables]:environment variable: ' \ '--entrypoint=-[Overwrite the default entrypoint of the image]:entry point: ' \ '*--expose=-[Expose a port from the container without publishing it]: ' \ - '-h=-[Container host name]:hostname:_hosts' \ + '-h[Container host name]:hostname:_hosts' \ '-i[Keep stdin open even if not attached]' \ '--link=-[Add link to another container]:link:->link' \ '--lxc-conf=-[Add custom lxc options]:lxc options: ' \ - '-m=-[Memory limit (in bytes)]:limit: ' \ + '-m[Memory limit (in bytes)]:limit: ' \ '--name=-[Container name]:name: ' \ - '*-p=-[Expose a container'"'"'s port to the host]:port:_ports' \ + '*-p[Expose a container'"'"'s port to the host]:port:_ports' \ '--privileged[Give extended privileges to this container]' \ '--rm[Remove intermediate containers when it exits]' \ '--sig-proxy[Proxify all received signal]' \ '-t[Allocate a pseudo-tty]' \ - '-u=-[Username or UID]:user:_users' \ - '*-v=-[Bind mount a volume (e.g. from the host: -v /host:/container, from docker: -v /container)]:volume: '\ + '-u[Username or UID]:user:_users' \ + '*-v[Bind mount a volume (e.g. from the host: -v /host:/container, from docker: -v /container)]:volume: '\ '--volumes-from=-[Mount volumes from the specified container]:volume: ' \ - '-w=-[Working directory inside the container]:directory:_directories' \ + '-w[Working directory inside the container]:directory:_directories' \ '(-):images:__docker_images' \ '(-):command: _command_names -e' \ '*::arguments: _normal' @@ -359,7 +378,7 @@ __docker_subcommand () { _arguments ':name:__docker_search' ;; (push) - _arguments ':repository:__docker_repositories_with_tags' + _arguments ':images:__docker_images' ;; (save) _arguments \ @@ -389,7 +408,7 @@ _docker () { typeset -A opt_args _arguments -C \ - '-H=-[tcp://host:port to bind/connect to]:socket: ' \ + '-H[tcp://host:port to bind/connect to]:socket: ' \ '(-): :->command' \ '(-)*:: :->option-or-argument' @@ -408,3 +427,11 @@ _docker () { } _docker "$@" + +# Local Variables: +# mode: Shell-Script +# sh-indentation: 4 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: +# vim: ft=zsh sw=4 ts=4 et From 7dcf943afcdd7a6b85e2fe22c1fe088554b1642b Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Wed, 3 Sep 2014 15:56:58 -0700 Subject: [PATCH 132/540] fix race in daemon test framework Signed-off-by: Tibor Vass Upstream-commit: defe01daf87237e42a9275a0b286b0f71c60de25 Component: engine --- components/engine/integration-cli/docker_utils.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/components/engine/integration-cli/docker_utils.go b/components/engine/integration-cli/docker_utils.go index 6133f3727b..a123ca2dc4 100644 --- a/components/engine/integration-cli/docker_utils.go +++ b/components/engine/integration-cli/docker_utils.go @@ -90,14 +90,16 @@ func (d *Daemon) Start(arg ...string) error { return fmt.Errorf("Could not start daemon container: %v", err) } - d.wait = make(chan error) + wait := make(chan error) go func() { - d.wait <- d.cmd.Wait() + wait <- d.cmd.Wait() d.t.Log("exiting daemon") - close(d.wait) + close(wait) }() + d.wait = wait + tick := time.Tick(500 * time.Millisecond) // make sure daemon is ready to receive requests for { From 7f4f710d0d49af5ef43372566bc34f2593b959c6 Mon Sep 17 00:00:00 2001 From: Tibor Vass Date: Wed, 3 Sep 2014 17:12:36 -0700 Subject: [PATCH 133/540] handle empty envvars for DOCKER_GRAPHDRIVER and DOCKER_EXECDRIVER in daemon test framework Signed-off-by: Tibor Vass Upstream-commit: 39310448da1ed05d39f4400a56dd43e71591ae5b Component: engine --- components/engine/integration-cli/docker_utils.go | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/components/engine/integration-cli/docker_utils.go b/components/engine/integration-cli/docker_utils.go index a123ca2dc4..7e710b3bc3 100644 --- a/components/engine/integration-cli/docker_utils.go +++ b/components/engine/integration-cli/docker_utils.go @@ -60,7 +60,7 @@ func NewDaemon(t *testing.T) *Daemon { } // Start will start the daemon and return once it is ready to receive requests. -// You can specify additional daemon flags (e.g. "--restart=false"). +// You can specify additional daemon flags. func (d *Daemon) Start(arg ...string) error { dockerBinary, err := exec.LookPath(dockerBinary) if err != nil { @@ -71,10 +71,15 @@ func (d *Daemon) Start(arg ...string) error { "--host", d.sock(), "--daemon", "--debug", "--graph", fmt.Sprintf("%s/graph", d.folder), - "--storage-driver", d.storageDriver, - "--exec-driver", d.execDriver, "--pidfile", fmt.Sprintf("%s/docker.pid", d.folder), } + if d.storageDriver != "" { + args = append(args, "--storage-driver", d.storageDriver) + } + if d.execDriver != "" { + args = append(args, "--exec-driver", d.execDriver) + } + args = append(args, arg...) d.cmd = exec.Command(dockerBinary, args...) From 534f9322ba7deb142fae3a49eec0ce98ddb3934a Mon Sep 17 00:00:00 2001 From: Nathan Hsieh Date: Wed, 3 Sep 2014 17:53:45 -0700 Subject: [PATCH 134/540] small typo. fixed broken code snippet Docker-DCO-1.1-Signed-off-by: Nathan Hsieh (github: nhsiehgit) Upstream-commit: adc9a14db49f7e8ffd7cecb788bb9b560a7a3aae Component: engine --- components/engine/docs/sources/userguide/usingdocker.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/engine/docs/sources/userguide/usingdocker.md b/components/engine/docs/sources/userguide/usingdocker.md index ea13122fd6..40229d4ab6 100644 --- a/components/engine/docs/sources/userguide/usingdocker.md +++ b/components/engine/docs/sources/userguide/usingdocker.md @@ -114,8 +114,8 @@ We've specified an image: `training/webapp`. This image is a pre-built image we've created that contains a simple Python Flask web application. -Lastly, we've specified a command for our container to run: `python -app.py`. This launches our web application. +Lastly, we've specified a command for our container to run: `python app.py`. +This launches our web application. > **Note:** > You can see more detail on the `docker run` command in the [command From dc74831ee4b50f1fb184c70c1a25e61e0533de43 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Thu, 4 Sep 2014 09:50:58 +0400 Subject: [PATCH 135/540] Don't initialize network for 'none' mode Fixes #7837 Signed-off-by: Alexandr Morozov Upstream-commit: ba24820284a7a87642f2b668987c1627d6977ea2 Component: engine --- components/engine/daemon/container.go | 2 +- .../integration-cli/docker_cli_run_test.go | 18 ++++++++++++++++++ components/engine/runconfig/hostconfig.go | 4 ++++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/components/engine/daemon/container.go b/components/engine/daemon/container.go index 2ac6cb26b6..f63bbe6370 100644 --- a/components/engine/daemon/container.go +++ b/components/engine/daemon/container.go @@ -434,7 +434,7 @@ func (container *Container) buildHostnameAndHostsFiles(IP string) error { func (container *Container) allocateNetwork() error { mode := container.hostConfig.NetworkMode - if container.Config.NetworkDisabled || mode.IsContainer() || mode.IsHost() { + if container.Config.NetworkDisabled || mode.IsContainer() || mode.IsHost() || mode.IsNone() { return nil } diff --git a/components/engine/integration-cli/docker_cli_run_test.go b/components/engine/integration-cli/docker_cli_run_test.go index 00bbb2b2ca..bfba42ee06 100644 --- a/components/engine/integration-cli/docker_cli_run_test.go +++ b/components/engine/integration-cli/docker_cli_run_test.go @@ -1828,3 +1828,21 @@ func TestRunCidFileCheckIDLength(t *testing.T) { deleteAllContainers() logDone("run - cidfile contains long id") } + +func TestRunNetworkNotInitializedNoneMode(t *testing.T) { + cmd := exec.Command(dockerBinary, "run", "-d", "--net=none", "busybox", "top") + out, _, err := runCommandWithOutput(cmd) + if err != nil { + t.Fatal(err) + } + id := strings.TrimSpace(out) + res, err := inspectField(id, "NetworkSettings.IPAddress") + if err != nil { + t.Fatal(err) + } + if res != "" { + t.Fatal("For 'none' mode network must not be initialized, but container got IP: %s", res) + } + deleteAllContainers() + logDone("run - network must not be initialized in 'none' mode") +} diff --git a/components/engine/runconfig/hostconfig.go b/components/engine/runconfig/hostconfig.go index 4dd4766e5e..cd72a1517e 100644 --- a/components/engine/runconfig/hostconfig.go +++ b/components/engine/runconfig/hostconfig.go @@ -19,6 +19,10 @@ func (n NetworkMode) IsContainer() bool { return len(parts) > 1 && parts[0] == "container" } +func (n NetworkMode) IsNone() bool { + return n == "none" +} + type DeviceMapping struct { PathOnHost string PathInContainer string From 78de9287f3399ee7fbf439f7db99063127719326 Mon Sep 17 00:00:00 2001 From: Alexandr Morozov Date: Thu, 4 Sep 2014 19:43:28 +0400 Subject: [PATCH 136/540] Fix race between dispatchers.run and toDisk Signed-off-by: Alexandr Morozov Upstream-commit: f17410da5e4b5fa0e0dd2614f9b6e00dbcf66da6 Component: engine --- components/engine/builder/internals.go | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/components/engine/builder/internals.go b/components/engine/builder/internals.go index 62fff0701b..b7c2f97e10 100644 --- a/components/engine/builder/internals.go +++ b/components/engine/builder/internals.go @@ -68,15 +68,10 @@ func (b *Builder) commit(id string, autoCmd []string, comment string) error { return nil } - container, warnings, err := b.Daemon.Create(b.Config, "") + container, err := b.create() if err != nil { return err } - for _, warning := range warnings { - fmt.Fprintf(b.OutStream, " ---> [Warning] %s\n", warning) - } - b.TmpContainers[container.ID] = struct{}{} - fmt.Fprintf(b.OutStream, " ---> Running in %s\n", utils.TruncateID(container.ID)) id = container.ID if err := container.Mount(); err != nil { @@ -373,18 +368,23 @@ func (b *Builder) create() (*daemon.Container, error) { } b.Config.Image = b.image + config := *b.Config + // Create the container - c, _, err := b.Daemon.Create(b.Config, "") + c, warnings, err := b.Daemon.Create(b.Config, "") if err != nil { return nil, err } + for _, warning := range warnings { + fmt.Fprintf(b.OutStream, " ---> [Warning] %s\n", warning) + } b.TmpContainers[c.ID] = struct{}{} fmt.Fprintf(b.OutStream, " ---> Running in %s\n", utils.TruncateID(c.ID)) // override the entry point that may have been picked up from the base image - c.Path = b.Config.Cmd[0] - c.Args = b.Config.Cmd[1:] + c.Path = config.Cmd[0] + c.Args = config.Cmd[1:] return c, nil } From 4d1ff5fd83220e8f4cf37fb177eafb5596e3e92c Mon Sep 17 00:00:00 2001 From: Jan Keromnes Date: Wed, 3 Sep 2014 23:44:57 +0200 Subject: [PATCH 137/540] Update SSH demo to ubuntu 14.04 Signed-off-by: Jan Keromnes Upstream-commit: 98f57d1c392eab7df30fa3179c8e0f99a418e772 Component: engine --- .../docs/sources/examples/running_ssh_service.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/components/engine/docs/sources/examples/running_ssh_service.md b/components/engine/docs/sources/examples/running_ssh_service.md index 7140678e3b..912418ec42 100644 --- a/components/engine/docs/sources/examples/running_ssh_service.md +++ b/components/engine/docs/sources/examples/running_ssh_service.md @@ -12,15 +12,16 @@ quick access to a test container. # # VERSION 0.0.1 - FROM ubuntu:12.04 + FROM ubuntu:14.04 MAINTAINER Thatcher R. Peskens "thatcher@dotcloud.com" RUN apt-get update && apt-get install -y openssh-server RUN mkdir /var/run/sshd - RUN echo 'root:screencast' |chpasswd + RUN echo 'root:screencast' | chpasswd + RUN sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config EXPOSE 22 - CMD ["/usr/sbin/sshd", "-D"] + CMD ["/usr/sbin/sshd", "-D"] Build the image using: @@ -33,8 +34,9 @@ the container's port 22 is mapped to: $ sudo docker port test_sshd 22 0.0.0.0:49154 -And now you can ssh to port `49154` on the Docker daemon's host IP -address (`ip address` or `ifconfig` can tell you that): +And now you can ssh as `root` on the container's IP address (you can find it +with `docker inspect`) or on port `49154` of the Docker daemon's host IP address +(`ip address` or `ifconfig` can tell you that): $ ssh root@192.168.1.2 -p 49154 # The password is ``screencast``. From d94ba95b52652c62fd3610bdddf27fe88826d864 Mon Sep 17 00:00:00 2001 From: Fred Lifton Date: Thu, 4 Sep 2014 13:32:16 -0700 Subject: [PATCH 138/540] Changes to Sven's cherry pick process Added content and revised after walk-through Docker-DCO-1.1-Signed-off-by: Fred Lifton (github: fredlf) Upstream-commit: b23daef3ec9fdecc6b7bcc1e3a657eccf1f5f399 Component: engine --- components/engine/docs/README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/components/engine/docs/README.md b/components/engine/docs/README.md index fd8fdfa6d2..92f0f6dfdd 100755 --- a/components/engine/docs/README.md +++ b/components/engine/docs/README.md @@ -139,4 +139,8 @@ and make sure that what you have published is good. When you're happy with it, publish the docs to our live site: make AWS_S3_BUCKET=docs.docker.com BUILD_ROOT=yes docs-release + +Note that the new docs will not appear live on the site until the cache (a complex, +distributed CDN system) is flushed. This requires someone with S3 keys. Contact Docker +(Sven Dowideit or John Costa) for assistance. From 341cb3161f4a0eda3361b61c8eedd294b63bd592 Mon Sep 17 00:00:00 2001 From: Tianon Gravi Date: Tue, 7 Jan 2014 22:28:15 -0700 Subject: [PATCH 139/540] Update Travis to also run the test suite Signed-off-by: Andrew Page Upstream-commit: 068b9ac4d2f236905bb9deb024189082876a3c3f Component: engine --- components/engine/.travis.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/components/engine/.travis.yml b/components/engine/.travis.yml index 55fa9044c9..174afae88a 100644 --- a/components/engine/.travis.yml +++ b/components/engine/.travis.yml @@ -17,6 +17,15 @@ sudo: false install: - export DOCKER_BUILDTAGS='exclude_graphdriver_btrfs exclude_graphdriver_devicemapper' # btrfs and devicemapper fail to compile thanks to a couple missing headers (which we can't install thanks to "sudo: false") - export AUTO_GOPATH=1 +# some of Docker's unit tests don't work inside Travis (yet!), so we purge those test files for now + - rm -f daemon/graphdriver/btrfs/*_test.go # fails to compile (missing header) + - rm -f daemon/graphdriver/devmapper/*_test.go # fails to compile (missing header) + - rm -f daemon/execdriver/lxc/*_test.go # fails to run (missing "lxc-start") + - rm -f daemon/graphdriver/aufs/*_test.go # fails to run ("backing file system is unsupported for this graph driver") + - rm -f daemon/graphdriver/vfs/*_test.go # fails to run (not root, which these tests assume "/var/tmp/... no owned by uid 0") + - rm -f daemon/networkdriver/bridge/*_test.go # fails to run ("Failed to initialize network driver") + - rm -f graph/*_test.go # fails to run ("mkdir /tmp/docker-test.../vfs/dir/foo/etc/postgres: permission denied") + - rm -f pkg/mount/*_test.go # fails to run ("permission denied") before_script: - env | sort @@ -24,7 +33,7 @@ before_script: script: - hack/make.sh validate-dco - hack/make.sh validate-gofmt - - ./hack/make.sh dynbinary - DOCKER_CLIENTONLY=1 ./hack/make.sh dynbinary + - ./hack/make.sh dynbinary dyntest-unit # vim:set sw=2 ts=2: From cb4c9836e464860546e1c601b8abdc30b839ad46 Mon Sep 17 00:00:00 2001 From: Fred Lifton Date: Thu, 4 Sep 2014 18:09:00 -0700 Subject: [PATCH 140/540] Adding first draft of Official Repo Guidelines Docker-DCO-1.1-Signed-off-by: Fred Lifton (github: fredlf) Upstream-commit: 58e89878374d12c916fa9e2b5436f5e042bc6978 Component: engine --- components/engine/docs/mkdocs.yml | 1 + .../docs/sources/docker-hub/official_repos.md | 175 ++++++++++++++++++ 2 files changed, 176 insertions(+) create mode 100644 components/engine/docs/sources/docker-hub/official_repos.md diff --git a/components/engine/docs/mkdocs.yml b/components/engine/docs/mkdocs.yml index 491f00c35f..f620030713 100755 --- a/components/engine/docs/mkdocs.yml +++ b/components/engine/docs/mkdocs.yml @@ -65,6 +65,7 @@ pages: - ['docker-hub/accounts.md', 'Docker Hub', 'Accounts'] - ['docker-hub/repos.md', 'Docker Hub', 'Repositories'] - ['docker-hub/builds.md', 'Docker Hub', 'Automated Builds'] +- ['docker-hub/official_repos.md', 'Docker Hub', 'Official Repo Guidelines'] # Examples: - ['examples/index.md', '**HIDDEN**'] diff --git a/components/engine/docs/sources/docker-hub/official_repos.md b/components/engine/docs/sources/docker-hub/official_repos.md new file mode 100644 index 0000000000..07e584cc23 --- /dev/null +++ b/components/engine/docs/sources/docker-hub/official_repos.md @@ -0,0 +1,175 @@ +page_title: Guidelines for Official Repositories on Docker Hub +page_description: Guidelines for Official Repositories on Docker Hub +page_keywords: Docker, docker, registry, accounts, plans, Dockerfile, Docker Hub, docs, official, image, documentation + +## Introduction + +You’ve been given the job of creating an image for an Official Repository hosted on +[Docker Hub Registry](https://registry.hub.docker.com/). These are Docker, Inc.’s +guidelines for getting that task done. Even if you’re not planning to create an Official +Repo, you can think of these guidelines as best practices for image creation generally. + +This document consists of three major sections: +* Expected files, resources and supporting items for your image +* Examples embodying those practices +* Instructions for submitting your work + +## Expected Files & Resources + +### A Git repository + +Your image needs to live in a Git repository, preferably on GitHub. (If you’d like to use +a different provider, please [contact us](TODO: link) directly.) Docker **strongly** +recommends that this repo be publicly accessible. + +If the repo is private or has otherwise limited access, you must provide a means of at +least “read-only” access for both general users and for the docker-library maintainers, +who need access for review and building purposes. + +### A `Dockerfile` + +Complete information on `Dockerfile`s can be found in the [Reference section](https://docs.docker.com/reference/builder/). +We also have a page discussing best practices for writing `Dockerfile`s (TODO: link). +Your `Dockerfile` should adhere to the following: + +* It must be written either by using `FROM scratch` or be based on another, established +Official Image. +* It must follow `Dockerfile` best practices. These are discussed in the [Best Practices +document](TODO: link). In addition, Docker, Inc. engineer Michael Crosby has a good +discussion of Dockerfiles in this [blog post](http://crosbymichael.com/dockerfile-best-practices-take-2.html). + +While [ONBUILD triggers](https://docs.docker.com/reference/builder/#onbuild) are not +required, if you choose to use them you should: +* Build both `ONBUILD` and non-`ONBUILD` images, with the `ONBUILD` image built `FROM` +the non-`ONBUILD` image. +* The `ONBUILD` image should be specifically tagged, for example, `ruby:latest` and +`ruby:onbuild`, or `ruby:2` and `ruby:2-onbuild`. + +### A short description + +Include a brief description of your image (in plaintext). Only one description is +required; you don’t need additional descriptions for each tag. The file should also: + +* Be named `README-short.txt` +* Reside in the repo for the “latest” tag +* Not exceed 200 characters. + +### A logo + +Include a logo of your company or the product (png format preferred). Only one logo is +required; you don’t need additional logo files for each tag. The logo file should have +the following characteristics: + +* Be named `logo.png` +* Should reside in the repo for the “latest” tag +* Should be 200px min. in one dimension, 200px max. in the other. +* Square or wide (landscape) is preferred over tall (portrait), but exceptions can be +made based on the logo needed. + +### A long description + +Include a comprehensive description of your image (in markdown format). Only one +description is required; you don’t need additional descriptions for each tag. The file +should also: + +* Be named `README.md` +* Reside in the repo for the “latest” tag +* Be no longer than absolutely necessary, while still addressing all the content +requirements. + +In terms of content, the long description must include the following sections: + +* Overview & Links +* How-to/Usage +* User Feedback +* License + +#### Overview & links + +A section providing (a) an overview of the software contained in the image, similar to +the introduction in a Wikipedia entry and (b) a selection of links to outside resources +that help to describe the software. + +#### How-to/usage + +A section that describes how to run and use the image, including common use cases and +example `Dockerfile`s (if applicable). Try to provide clear, step-by-step instructions +wherever possible. + +#### User Feedback + +This section should have two parts, one explaining how users can contribute to the repo +and one explaining how to report issues with the repo. + +##### Contributing + +In this part, point users to any resources that can help them contribute to the project. +Include contribution guidelines and any specific instructions related to your development +practices. Include a link to [Docker’s resources for contributors](https://docs.docker.com/contributing/contributing/). +Be sure to include contact info, handles, etc. for official maintainers. + +##### Issues + +Include a brief section letting users know where they can go for help and how they can +file issues with the repo. Point them to any specific IRC channels, issue trackers, +contacts, additional “how-to” information or other resources. + +#### License + +Include a copy of any applicable license. Docker recommends using the license of the +software contained in the image, provided it allows Docker, Inc. to legally build and +distribute the image. Otherwise Docker recommends adopting the [Apache license](https://github.com/docker/docker/blob/master/LICENSE). + +## Example + +Below are sample short and long description files for an imaginary image containing +Ruby on Rails. + +### Short description + +> **README-short.txt** +> +> Ruby on Rails is an open-source application framework written in Ruby. It emphasizes best +>practices such as convention over configuration, active record pattern, and the model- +>view-controller pattern. + +### Long description + +> **README.md** +> # What is Ruby on Rails +> +> Ruby on Rails, often simply referred to as Rails, is an open source web application +> framework which runs via the Ruby programming language. It is a full-stack framework: +> it allows creating pages and applications that gather information from the web server, +> talk to or query the database, and render templates out of the box. As a result, Rails +>features a routing system that is independent of the web server. +> +> [wikipedia.org/wiki/Ruby_on_Rails](https://en.wikipedia.org/wiki/Ruby_on_Rails) +> +#### How to use this image + +> 1. create a `Dockerfile` in your rails app project + + FROM rails:onbuild +> +> Put this file in the root of your app, next to the `Gemfile`. + +> This image includes multiple `ONBUILD` triggers so that should be all that you need for +> most applications. The build will `ADD . /usr/src/app`, `RUN bundle install`, +>`EXPOSE 3000`, and set the default command to `rails server`. +> +> 2. build the rails app image +> +> docker build -t my-rails-app . + +> 3. start the rails app container +> +> docker run --name some-rails-app -d my-rails-app +> +> Then go to `http://container-ip:3000` in a browser. On the other hand, if you need access +> outside the host on port 8080: +> +> docker run --name some-rails-app -p 8080:3000 -d my-rails-app +> +> Then go to `http://localhost:8080` or `http://host-ip:8080` in a browser. + From 1218d181fb73b047feeac5886b6a68e959ef1d31 Mon Sep 17 00:00:00 2001 From: Sven Dowideit Date: Fri, 5 Sep 2014 11:48:34 +1000 Subject: [PATCH 141/540] Use a local copy of jquery so that the docs work in China, and offline too. Docker-DCO-1.1-Signed-off-by: Sven Dowideit (github: SvenDowideit) Upstream-commit: 5fe94f0d914a20846142a365655dad7a99527b44 Component: engine --- components/engine/docs/theme/mkdocs/base.html | 2 +- components/engine/docs/theme/mkdocs/js/jquery-1.10.2.min.js | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 components/engine/docs/theme/mkdocs/js/jquery-1.10.2.min.js diff --git a/components/engine/docs/theme/mkdocs/base.html b/components/engine/docs/theme/mkdocs/base.html index 2f518b5d59..b99cc8acc6 100644 --- a/components/engine/docs/theme/mkdocs/base.html +++ b/components/engine/docs/theme/mkdocs/base.html @@ -110,7 +110,7 @@ {% include "footer.html" %} - + diff --git a/components/engine/docs/theme/mkdocs/js/jquery-1.10.2.min.js b/components/engine/docs/theme/mkdocs/js/jquery-1.10.2.min.js new file mode 100644 index 0000000000..29b3a2c7b4 --- /dev/null +++ b/components/engine/docs/theme/mkdocs/js/jquery-1.10.2.min.js @@ -0,0 +1,6 @@ +/*! jQuery v1.10.2 | (c) 2005, 2013 jQuery Foundation, Inc. | jquery.org/license +//@ sourceMappingURL=jquery.min.map +*/ +(function(e,t){var n,r,i=typeof t,o=e.location,a=e.document,s=a.documentElement,l=e.jQuery,u=e.$,c={},p=[],f="1.10.2",d=p.concat,h=p.push,g=p.slice,m=p.indexOf,y=c.toString,v=c.hasOwnProperty,b=f.trim,x=function(e,t){return new x.fn.init(e,t,r)},w=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,T=/\S+/g,C=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,N=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]*))$/,k=/^<(\w+)\s*\/?>(?:<\/\1>|)$/,E=/^[\],:{}\s]*$/,S=/(?:^|:|,)(?:\s*\[)+/g,A=/\\(?:["\\\/bfnrt]|u[\da-fA-F]{4})/g,j=/"[^"\\\r\n]*"|true|false|null|-?(?:\d+\.|)\d+(?:[eE][+-]?\d+|)/g,D=/^-ms-/,L=/-([\da-z])/gi,H=function(e,t){return t.toUpperCase()},q=function(e){(a.addEventListener||"load"===e.type||"complete"===a.readyState)&&(_(),x.ready())},_=function(){a.addEventListener?(a.removeEventListener("DOMContentLoaded",q,!1),e.removeEventListener("load",q,!1)):(a.detachEvent("onreadystatechange",q),e.detachEvent("onload",q))};x.fn=x.prototype={jquery:f,constructor:x,init:function(e,n,r){var i,o;if(!e)return this;if("string"==typeof e){if(i="<"===e.charAt(0)&&">"===e.charAt(e.length-1)&&e.length>=3?[null,e,null]:N.exec(e),!i||!i[1]&&n)return!n||n.jquery?(n||r).find(e):this.constructor(n).find(e);if(i[1]){if(n=n instanceof x?n[0]:n,x.merge(this,x.parseHTML(i[1],n&&n.nodeType?n.ownerDocument||n:a,!0)),k.test(i[1])&&x.isPlainObject(n))for(i in n)x.isFunction(this[i])?this[i](n[i]):this.attr(i,n[i]);return this}if(o=a.getElementById(i[2]),o&&o.parentNode){if(o.id!==i[2])return r.find(e);this.length=1,this[0]=o}return this.context=a,this.selector=e,this}return e.nodeType?(this.context=this[0]=e,this.length=1,this):x.isFunction(e)?r.ready(e):(e.selector!==t&&(this.selector=e.selector,this.context=e.context),x.makeArray(e,this))},selector:"",length:0,toArray:function(){return g.call(this)},get:function(e){return null==e?this.toArray():0>e?this[this.length+e]:this[e]},pushStack:function(e){var t=x.merge(this.constructor(),e);return t.prevObject=this,t.context=this.context,t},each:function(e,t){return x.each(this,e,t)},ready:function(e){return x.ready.promise().done(e),this},slice:function(){return this.pushStack(g.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(e){var t=this.length,n=+e+(0>e?t:0);return this.pushStack(n>=0&&t>n?[this[n]]:[])},map:function(e){return this.pushStack(x.map(this,function(t,n){return e.call(t,n,t)}))},end:function(){return this.prevObject||this.constructor(null)},push:h,sort:[].sort,splice:[].splice},x.fn.init.prototype=x.fn,x.extend=x.fn.extend=function(){var e,n,r,i,o,a,s=arguments[0]||{},l=1,u=arguments.length,c=!1;for("boolean"==typeof s&&(c=s,s=arguments[1]||{},l=2),"object"==typeof s||x.isFunction(s)||(s={}),u===l&&(s=this,--l);u>l;l++)if(null!=(o=arguments[l]))for(i in o)e=s[i],r=o[i],s!==r&&(c&&r&&(x.isPlainObject(r)||(n=x.isArray(r)))?(n?(n=!1,a=e&&x.isArray(e)?e:[]):a=e&&x.isPlainObject(e)?e:{},s[i]=x.extend(c,a,r)):r!==t&&(s[i]=r));return s},x.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),noConflict:function(t){return e.$===x&&(e.$=u),t&&e.jQuery===x&&(e.jQuery=l),x},isReady:!1,readyWait:1,holdReady:function(e){e?x.readyWait++:x.ready(!0)},ready:function(e){if(e===!0?!--x.readyWait:!x.isReady){if(!a.body)return setTimeout(x.ready);x.isReady=!0,e!==!0&&--x.readyWait>0||(n.resolveWith(a,[x]),x.fn.trigger&&x(a).trigger("ready").off("ready"))}},isFunction:function(e){return"function"===x.type(e)},isArray:Array.isArray||function(e){return"array"===x.type(e)},isWindow:function(e){return null!=e&&e==e.window},isNumeric:function(e){return!isNaN(parseFloat(e))&&isFinite(e)},type:function(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?c[y.call(e)]||"object":typeof e},isPlainObject:function(e){var n;if(!e||"object"!==x.type(e)||e.nodeType||x.isWindow(e))return!1;try{if(e.constructor&&!v.call(e,"constructor")&&!v.call(e.constructor.prototype,"isPrototypeOf"))return!1}catch(r){return!1}if(x.support.ownLast)for(n in e)return v.call(e,n);for(n in e);return n===t||v.call(e,n)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},error:function(e){throw Error(e)},parseHTML:function(e,t,n){if(!e||"string"!=typeof e)return null;"boolean"==typeof t&&(n=t,t=!1),t=t||a;var r=k.exec(e),i=!n&&[];return r?[t.createElement(r[1])]:(r=x.buildFragment([e],t,i),i&&x(i).remove(),x.merge([],r.childNodes))},parseJSON:function(n){return e.JSON&&e.JSON.parse?e.JSON.parse(n):null===n?n:"string"==typeof n&&(n=x.trim(n),n&&E.test(n.replace(A,"@").replace(j,"]").replace(S,"")))?Function("return "+n)():(x.error("Invalid JSON: "+n),t)},parseXML:function(n){var r,i;if(!n||"string"!=typeof n)return null;try{e.DOMParser?(i=new DOMParser,r=i.parseFromString(n,"text/xml")):(r=new ActiveXObject("Microsoft.XMLDOM"),r.async="false",r.loadXML(n))}catch(o){r=t}return r&&r.documentElement&&!r.getElementsByTagName("parsererror").length||x.error("Invalid XML: "+n),r},noop:function(){},globalEval:function(t){t&&x.trim(t)&&(e.execScript||function(t){e.eval.call(e,t)})(t)},camelCase:function(e){return e.replace(D,"ms-").replace(L,H)},nodeName:function(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()},each:function(e,t,n){var r,i=0,o=e.length,a=M(e);if(n){if(a){for(;o>i;i++)if(r=t.apply(e[i],n),r===!1)break}else for(i in e)if(r=t.apply(e[i],n),r===!1)break}else if(a){for(;o>i;i++)if(r=t.call(e[i],i,e[i]),r===!1)break}else for(i in e)if(r=t.call(e[i],i,e[i]),r===!1)break;return e},trim:b&&!b.call("\ufeff\u00a0")?function(e){return null==e?"":b.call(e)}:function(e){return null==e?"":(e+"").replace(C,"")},makeArray:function(e,t){var n=t||[];return null!=e&&(M(Object(e))?x.merge(n,"string"==typeof e?[e]:e):h.call(n,e)),n},inArray:function(e,t,n){var r;if(t){if(m)return m.call(t,e,n);for(r=t.length,n=n?0>n?Math.max(0,r+n):n:0;r>n;n++)if(n in t&&t[n]===e)return n}return-1},merge:function(e,n){var r=n.length,i=e.length,o=0;if("number"==typeof r)for(;r>o;o++)e[i++]=n[o];else while(n[o]!==t)e[i++]=n[o++];return e.length=i,e},grep:function(e,t,n){var r,i=[],o=0,a=e.length;for(n=!!n;a>o;o++)r=!!t(e[o],o),n!==r&&i.push(e[o]);return i},map:function(e,t,n){var r,i=0,o=e.length,a=M(e),s=[];if(a)for(;o>i;i++)r=t(e[i],i,n),null!=r&&(s[s.length]=r);else for(i in e)r=t(e[i],i,n),null!=r&&(s[s.length]=r);return d.apply([],s)},guid:1,proxy:function(e,n){var r,i,o;return"string"==typeof n&&(o=e[n],n=e,e=o),x.isFunction(e)?(r=g.call(arguments,2),i=function(){return e.apply(n||this,r.concat(g.call(arguments)))},i.guid=e.guid=e.guid||x.guid++,i):t},access:function(e,n,r,i,o,a,s){var l=0,u=e.length,c=null==r;if("object"===x.type(r)){o=!0;for(l in r)x.access(e,n,l,r[l],!0,a,s)}else if(i!==t&&(o=!0,x.isFunction(i)||(s=!0),c&&(s?(n.call(e,i),n=null):(c=n,n=function(e,t,n){return c.call(x(e),n)})),n))for(;u>l;l++)n(e[l],r,s?i:i.call(e[l],l,n(e[l],r)));return o?e:c?n.call(e):u?n(e[0],r):a},now:function(){return(new Date).getTime()},swap:function(e,t,n,r){var i,o,a={};for(o in t)a[o]=e.style[o],e.style[o]=t[o];i=n.apply(e,r||[]);for(o in t)e.style[o]=a[o];return i}}),x.ready.promise=function(t){if(!n)if(n=x.Deferred(),"complete"===a.readyState)setTimeout(x.ready);else if(a.addEventListener)a.addEventListener("DOMContentLoaded",q,!1),e.addEventListener("load",q,!1);else{a.attachEvent("onreadystatechange",q),e.attachEvent("onload",q);var r=!1;try{r=null==e.frameElement&&a.documentElement}catch(i){}r&&r.doScroll&&function o(){if(!x.isReady){try{r.doScroll("left")}catch(e){return setTimeout(o,50)}_(),x.ready()}}()}return n.promise(t)},x.each("Boolean Number String Function Array Date RegExp Object Error".split(" "),function(e,t){c["[object "+t+"]"]=t.toLowerCase()});function M(e){var t=e.length,n=x.type(e);return x.isWindow(e)?!1:1===e.nodeType&&t?!0:"array"===n||"function"!==n&&(0===t||"number"==typeof t&&t>0&&t-1 in e)}r=x(a),function(e,t){var n,r,i,o,a,s,l,u,c,p,f,d,h,g,m,y,v,b="sizzle"+-new Date,w=e.document,T=0,C=0,N=st(),k=st(),E=st(),S=!1,A=function(e,t){return e===t?(S=!0,0):0},j=typeof t,D=1<<31,L={}.hasOwnProperty,H=[],q=H.pop,_=H.push,M=H.push,O=H.slice,F=H.indexOf||function(e){var t=0,n=this.length;for(;n>t;t++)if(this[t]===e)return t;return-1},B="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",P="[\\x20\\t\\r\\n\\f]",R="(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",W=R.replace("w","w#"),$="\\["+P+"*("+R+")"+P+"*(?:([*^$|!~]?=)"+P+"*(?:(['\"])((?:\\\\.|[^\\\\])*?)\\3|("+W+")|)|)"+P+"*\\]",I=":("+R+")(?:\\(((['\"])((?:\\\\.|[^\\\\])*?)\\3|((?:\\\\.|[^\\\\()[\\]]|"+$.replace(3,8)+")*)|.*)\\)|)",z=RegExp("^"+P+"+|((?:^|[^\\\\])(?:\\\\.)*)"+P+"+$","g"),X=RegExp("^"+P+"*,"+P+"*"),U=RegExp("^"+P+"*([>+~]|"+P+")"+P+"*"),V=RegExp(P+"*[+~]"),Y=RegExp("="+P+"*([^\\]'\"]*)"+P+"*\\]","g"),J=RegExp(I),G=RegExp("^"+W+"$"),Q={ID:RegExp("^#("+R+")"),CLASS:RegExp("^\\.("+R+")"),TAG:RegExp("^("+R.replace("w","w*")+")"),ATTR:RegExp("^"+$),PSEUDO:RegExp("^"+I),CHILD:RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+P+"*(even|odd|(([+-]|)(\\d*)n|)"+P+"*(?:([+-]|)"+P+"*(\\d+)|))"+P+"*\\)|)","i"),bool:RegExp("^(?:"+B+")$","i"),needsContext:RegExp("^"+P+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+P+"*((?:-\\d)?\\d*)"+P+"*\\)|)(?=[^-]|$)","i")},K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,et=/^(?:input|select|textarea|button)$/i,tt=/^h\d$/i,nt=/'|\\/g,rt=RegExp("\\\\([\\da-f]{1,6}"+P+"?|("+P+")|.)","ig"),it=function(e,t,n){var r="0x"+t-65536;return r!==r||n?t:0>r?String.fromCharCode(r+65536):String.fromCharCode(55296|r>>10,56320|1023&r)};try{M.apply(H=O.call(w.childNodes),w.childNodes),H[w.childNodes.length].nodeType}catch(ot){M={apply:H.length?function(e,t){_.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function at(e,t,n,i){var o,a,s,l,u,c,d,m,y,x;if((t?t.ownerDocument||t:w)!==f&&p(t),t=t||f,n=n||[],!e||"string"!=typeof e)return n;if(1!==(l=t.nodeType)&&9!==l)return[];if(h&&!i){if(o=Z.exec(e))if(s=o[1]){if(9===l){if(a=t.getElementById(s),!a||!a.parentNode)return n;if(a.id===s)return n.push(a),n}else if(t.ownerDocument&&(a=t.ownerDocument.getElementById(s))&&v(t,a)&&a.id===s)return n.push(a),n}else{if(o[2])return M.apply(n,t.getElementsByTagName(e)),n;if((s=o[3])&&r.getElementsByClassName&&t.getElementsByClassName)return M.apply(n,t.getElementsByClassName(s)),n}if(r.qsa&&(!g||!g.test(e))){if(m=d=b,y=t,x=9===l&&e,1===l&&"object"!==t.nodeName.toLowerCase()){c=mt(e),(d=t.getAttribute("id"))?m=d.replace(nt,"\\$&"):t.setAttribute("id",m),m="[id='"+m+"'] ",u=c.length;while(u--)c[u]=m+yt(c[u]);y=V.test(e)&&t.parentNode||t,x=c.join(",")}if(x)try{return M.apply(n,y.querySelectorAll(x)),n}catch(T){}finally{d||t.removeAttribute("id")}}}return kt(e.replace(z,"$1"),t,n,i)}function st(){var e=[];function t(n,r){return e.push(n+=" ")>o.cacheLength&&delete t[e.shift()],t[n]=r}return t}function lt(e){return e[b]=!0,e}function ut(e){var t=f.createElement("div");try{return!!e(t)}catch(n){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function ct(e,t){var n=e.split("|"),r=e.length;while(r--)o.attrHandle[n[r]]=t}function pt(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&(~t.sourceIndex||D)-(~e.sourceIndex||D);if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function ft(e){return function(t){var n=t.nodeName.toLowerCase();return"input"===n&&t.type===e}}function dt(e){return function(t){var n=t.nodeName.toLowerCase();return("input"===n||"button"===n)&&t.type===e}}function ht(e){return lt(function(t){return t=+t,lt(function(n,r){var i,o=e([],n.length,t),a=o.length;while(a--)n[i=o[a]]&&(n[i]=!(r[i]=n[i]))})})}s=at.isXML=function(e){var t=e&&(e.ownerDocument||e).documentElement;return t?"HTML"!==t.nodeName:!1},r=at.support={},p=at.setDocument=function(e){var n=e?e.ownerDocument||e:w,i=n.defaultView;return n!==f&&9===n.nodeType&&n.documentElement?(f=n,d=n.documentElement,h=!s(n),i&&i.attachEvent&&i!==i.top&&i.attachEvent("onbeforeunload",function(){p()}),r.attributes=ut(function(e){return e.className="i",!e.getAttribute("className")}),r.getElementsByTagName=ut(function(e){return e.appendChild(n.createComment("")),!e.getElementsByTagName("*").length}),r.getElementsByClassName=ut(function(e){return e.innerHTML="
    ",e.firstChild.className="i",2===e.getElementsByClassName("i").length}),r.getById=ut(function(e){return d.appendChild(e).id=b,!n.getElementsByName||!n.getElementsByName(b).length}),r.getById?(o.find.ID=function(e,t){if(typeof t.getElementById!==j&&h){var n=t.getElementById(e);return n&&n.parentNode?[n]:[]}},o.filter.ID=function(e){var t=e.replace(rt,it);return function(e){return e.getAttribute("id")===t}}):(delete o.find.ID,o.filter.ID=function(e){var t=e.replace(rt,it);return function(e){var n=typeof e.getAttributeNode!==j&&e.getAttributeNode("id");return n&&n.value===t}}),o.find.TAG=r.getElementsByTagName?function(e,n){return typeof n.getElementsByTagName!==j?n.getElementsByTagName(e):t}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},o.find.CLASS=r.getElementsByClassName&&function(e,n){return typeof n.getElementsByClassName!==j&&h?n.getElementsByClassName(e):t},m=[],g=[],(r.qsa=K.test(n.querySelectorAll))&&(ut(function(e){e.innerHTML="",e.querySelectorAll("[selected]").length||g.push("\\["+P+"*(?:value|"+B+")"),e.querySelectorAll(":checked").length||g.push(":checked")}),ut(function(e){var t=n.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("t",""),e.querySelectorAll("[t^='']").length&&g.push("[*^$]="+P+"*(?:''|\"\")"),e.querySelectorAll(":enabled").length||g.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),g.push(",.*:")})),(r.matchesSelector=K.test(y=d.webkitMatchesSelector||d.mozMatchesSelector||d.oMatchesSelector||d.msMatchesSelector))&&ut(function(e){r.disconnectedMatch=y.call(e,"div"),y.call(e,"[s!='']:x"),m.push("!=",I)}),g=g.length&&RegExp(g.join("|")),m=m.length&&RegExp(m.join("|")),v=K.test(d.contains)||d.compareDocumentPosition?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},A=d.compareDocumentPosition?function(e,t){if(e===t)return S=!0,0;var i=t.compareDocumentPosition&&e.compareDocumentPosition&&e.compareDocumentPosition(t);return i?1&i||!r.sortDetached&&t.compareDocumentPosition(e)===i?e===n||v(w,e)?-1:t===n||v(w,t)?1:c?F.call(c,e)-F.call(c,t):0:4&i?-1:1:e.compareDocumentPosition?-1:1}:function(e,t){var r,i=0,o=e.parentNode,a=t.parentNode,s=[e],l=[t];if(e===t)return S=!0,0;if(!o||!a)return e===n?-1:t===n?1:o?-1:a?1:c?F.call(c,e)-F.call(c,t):0;if(o===a)return pt(e,t);r=e;while(r=r.parentNode)s.unshift(r);r=t;while(r=r.parentNode)l.unshift(r);while(s[i]===l[i])i++;return i?pt(s[i],l[i]):s[i]===w?-1:l[i]===w?1:0},n):f},at.matches=function(e,t){return at(e,null,null,t)},at.matchesSelector=function(e,t){if((e.ownerDocument||e)!==f&&p(e),t=t.replace(Y,"='$1']"),!(!r.matchesSelector||!h||m&&m.test(t)||g&&g.test(t)))try{var n=y.call(e,t);if(n||r.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(i){}return at(t,f,null,[e]).length>0},at.contains=function(e,t){return(e.ownerDocument||e)!==f&&p(e),v(e,t)},at.attr=function(e,n){(e.ownerDocument||e)!==f&&p(e);var i=o.attrHandle[n.toLowerCase()],a=i&&L.call(o.attrHandle,n.toLowerCase())?i(e,n,!h):t;return a===t?r.attributes||!h?e.getAttribute(n):(a=e.getAttributeNode(n))&&a.specified?a.value:null:a},at.error=function(e){throw Error("Syntax error, unrecognized expression: "+e)},at.uniqueSort=function(e){var t,n=[],i=0,o=0;if(S=!r.detectDuplicates,c=!r.sortStable&&e.slice(0),e.sort(A),S){while(t=e[o++])t===e[o]&&(i=n.push(o));while(i--)e.splice(n[i],1)}return e},a=at.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=a(e)}else if(3===i||4===i)return e.nodeValue}else for(;t=e[r];r++)n+=a(t);return n},o=at.selectors={cacheLength:50,createPseudo:lt,match:Q,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(rt,it),e[3]=(e[4]||e[5]||"").replace(rt,it),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||at.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&at.error(e[0]),e},PSEUDO:function(e){var n,r=!e[5]&&e[2];return Q.CHILD.test(e[0])?null:(e[3]&&e[4]!==t?e[2]=e[4]:r&&J.test(r)&&(n=mt(r,!0))&&(n=r.indexOf(")",r.length-n)-r.length)&&(e[0]=e[0].slice(0,n),e[2]=r.slice(0,n)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(rt,it).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=N[e+" "];return t||(t=RegExp("(^|"+P+")"+e+"("+P+"|$)"))&&N(e,function(e){return t.test("string"==typeof e.className&&e.className||typeof e.getAttribute!==j&&e.getAttribute("class")||"")})},ATTR:function(e,t,n){return function(r){var i=at.attr(r,e);return null==i?"!="===t:t?(i+="","="===t?i===n:"!="===t?i!==n:"^="===t?n&&0===i.indexOf(n):"*="===t?n&&i.indexOf(n)>-1:"$="===t?n&&i.slice(-n.length)===n:"~="===t?(" "+i+" ").indexOf(n)>-1:"|="===t?i===n||i.slice(0,n.length+1)===n+"-":!1):!0}},CHILD:function(e,t,n,r,i){var o="nth"!==e.slice(0,3),a="last"!==e.slice(-4),s="of-type"===t;return 1===r&&0===i?function(e){return!!e.parentNode}:function(t,n,l){var u,c,p,f,d,h,g=o!==a?"nextSibling":"previousSibling",m=t.parentNode,y=s&&t.nodeName.toLowerCase(),v=!l&&!s;if(m){if(o){while(g){p=t;while(p=p[g])if(s?p.nodeName.toLowerCase()===y:1===p.nodeType)return!1;h=g="only"===e&&!h&&"nextSibling"}return!0}if(h=[a?m.firstChild:m.lastChild],a&&v){c=m[b]||(m[b]={}),u=c[e]||[],d=u[0]===T&&u[1],f=u[0]===T&&u[2],p=d&&m.childNodes[d];while(p=++d&&p&&p[g]||(f=d=0)||h.pop())if(1===p.nodeType&&++f&&p===t){c[e]=[T,d,f];break}}else if(v&&(u=(t[b]||(t[b]={}))[e])&&u[0]===T)f=u[1];else while(p=++d&&p&&p[g]||(f=d=0)||h.pop())if((s?p.nodeName.toLowerCase()===y:1===p.nodeType)&&++f&&(v&&((p[b]||(p[b]={}))[e]=[T,f]),p===t))break;return f-=i,f===r||0===f%r&&f/r>=0}}},PSEUDO:function(e,t){var n,r=o.pseudos[e]||o.setFilters[e.toLowerCase()]||at.error("unsupported pseudo: "+e);return r[b]?r(t):r.length>1?(n=[e,e,"",t],o.setFilters.hasOwnProperty(e.toLowerCase())?lt(function(e,n){var i,o=r(e,t),a=o.length;while(a--)i=F.call(e,o[a]),e[i]=!(n[i]=o[a])}):function(e){return r(e,0,n)}):r}},pseudos:{not:lt(function(e){var t=[],n=[],r=l(e.replace(z,"$1"));return r[b]?lt(function(e,t,n,i){var o,a=r(e,null,i,[]),s=e.length;while(s--)(o=a[s])&&(e[s]=!(t[s]=o))}):function(e,i,o){return t[0]=e,r(t,null,o,n),!n.pop()}}),has:lt(function(e){return function(t){return at(e,t).length>0}}),contains:lt(function(e){return function(t){return(t.textContent||t.innerText||a(t)).indexOf(e)>-1}}),lang:lt(function(e){return G.test(e||"")||at.error("unsupported lang: "+e),e=e.replace(rt,it).toLowerCase(),function(t){var n;do if(n=h?t.lang:t.getAttribute("xml:lang")||t.getAttribute("lang"))return n=n.toLowerCase(),n===e||0===n.indexOf(e+"-");while((t=t.parentNode)&&1===t.nodeType);return!1}}),target:function(t){var n=e.location&&e.location.hash;return n&&n.slice(1)===t.id},root:function(e){return e===d},focus:function(e){return e===f.activeElement&&(!f.hasFocus||f.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:function(e){return e.disabled===!1},disabled:function(e){return e.disabled===!0},checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,e.selected===!0},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeName>"@"||3===e.nodeType||4===e.nodeType)return!1;return!0},parent:function(e){return!o.pseudos.empty(e)},header:function(e){return tt.test(e.nodeName)},input:function(e){return et.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||t.toLowerCase()===e.type)},first:ht(function(){return[0]}),last:ht(function(e,t){return[t-1]}),eq:ht(function(e,t,n){return[0>n?n+t:n]}),even:ht(function(e,t){var n=0;for(;t>n;n+=2)e.push(n);return e}),odd:ht(function(e,t){var n=1;for(;t>n;n+=2)e.push(n);return e}),lt:ht(function(e,t,n){var r=0>n?n+t:n;for(;--r>=0;)e.push(r);return e}),gt:ht(function(e,t,n){var r=0>n?n+t:n;for(;t>++r;)e.push(r);return e})}},o.pseudos.nth=o.pseudos.eq;for(n in{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})o.pseudos[n]=ft(n);for(n in{submit:!0,reset:!0})o.pseudos[n]=dt(n);function gt(){}gt.prototype=o.filters=o.pseudos,o.setFilters=new gt;function mt(e,t){var n,r,i,a,s,l,u,c=k[e+" "];if(c)return t?0:c.slice(0);s=e,l=[],u=o.preFilter;while(s){(!n||(r=X.exec(s)))&&(r&&(s=s.slice(r[0].length)||s),l.push(i=[])),n=!1,(r=U.exec(s))&&(n=r.shift(),i.push({value:n,type:r[0].replace(z," ")}),s=s.slice(n.length));for(a in o.filter)!(r=Q[a].exec(s))||u[a]&&!(r=u[a](r))||(n=r.shift(),i.push({value:n,type:a,matches:r}),s=s.slice(n.length));if(!n)break}return t?s.length:s?at.error(e):k(e,l).slice(0)}function yt(e){var t=0,n=e.length,r="";for(;n>t;t++)r+=e[t].value;return r}function vt(e,t,n){var r=t.dir,o=n&&"parentNode"===r,a=C++;return t.first?function(t,n,i){while(t=t[r])if(1===t.nodeType||o)return e(t,n,i)}:function(t,n,s){var l,u,c,p=T+" "+a;if(s){while(t=t[r])if((1===t.nodeType||o)&&e(t,n,s))return!0}else while(t=t[r])if(1===t.nodeType||o)if(c=t[b]||(t[b]={}),(u=c[r])&&u[0]===p){if((l=u[1])===!0||l===i)return l===!0}else if(u=c[r]=[p],u[1]=e(t,n,s)||i,u[1]===!0)return!0}}function bt(e){return e.length>1?function(t,n,r){var i=e.length;while(i--)if(!e[i](t,n,r))return!1;return!0}:e[0]}function xt(e,t,n,r,i){var o,a=[],s=0,l=e.length,u=null!=t;for(;l>s;s++)(o=e[s])&&(!n||n(o,r,i))&&(a.push(o),u&&t.push(s));return a}function wt(e,t,n,r,i,o){return r&&!r[b]&&(r=wt(r)),i&&!i[b]&&(i=wt(i,o)),lt(function(o,a,s,l){var u,c,p,f=[],d=[],h=a.length,g=o||Nt(t||"*",s.nodeType?[s]:s,[]),m=!e||!o&&t?g:xt(g,f,e,s,l),y=n?i||(o?e:h||r)?[]:a:m;if(n&&n(m,y,s,l),r){u=xt(y,d),r(u,[],s,l),c=u.length;while(c--)(p=u[c])&&(y[d[c]]=!(m[d[c]]=p))}if(o){if(i||e){if(i){u=[],c=y.length;while(c--)(p=y[c])&&u.push(m[c]=p);i(null,y=[],u,l)}c=y.length;while(c--)(p=y[c])&&(u=i?F.call(o,p):f[c])>-1&&(o[u]=!(a[u]=p))}}else y=xt(y===a?y.splice(h,y.length):y),i?i(null,a,y,l):M.apply(a,y)})}function Tt(e){var t,n,r,i=e.length,a=o.relative[e[0].type],s=a||o.relative[" "],l=a?1:0,c=vt(function(e){return e===t},s,!0),p=vt(function(e){return F.call(t,e)>-1},s,!0),f=[function(e,n,r){return!a&&(r||n!==u)||((t=n).nodeType?c(e,n,r):p(e,n,r))}];for(;i>l;l++)if(n=o.relative[e[l].type])f=[vt(bt(f),n)];else{if(n=o.filter[e[l].type].apply(null,e[l].matches),n[b]){for(r=++l;i>r;r++)if(o.relative[e[r].type])break;return wt(l>1&&bt(f),l>1&&yt(e.slice(0,l-1).concat({value:" "===e[l-2].type?"*":""})).replace(z,"$1"),n,r>l&&Tt(e.slice(l,r)),i>r&&Tt(e=e.slice(r)),i>r&&yt(e))}f.push(n)}return bt(f)}function Ct(e,t){var n=0,r=t.length>0,a=e.length>0,s=function(s,l,c,p,d){var h,g,m,y=[],v=0,b="0",x=s&&[],w=null!=d,C=u,N=s||a&&o.find.TAG("*",d&&l.parentNode||l),k=T+=null==C?1:Math.random()||.1;for(w&&(u=l!==f&&l,i=n);null!=(h=N[b]);b++){if(a&&h){g=0;while(m=e[g++])if(m(h,l,c)){p.push(h);break}w&&(T=k,i=++n)}r&&((h=!m&&h)&&v--,s&&x.push(h))}if(v+=b,r&&b!==v){g=0;while(m=t[g++])m(x,y,l,c);if(s){if(v>0)while(b--)x[b]||y[b]||(y[b]=q.call(p));y=xt(y)}M.apply(p,y),w&&!s&&y.length>0&&v+t.length>1&&at.uniqueSort(p)}return w&&(T=k,u=C),x};return r?lt(s):s}l=at.compile=function(e,t){var n,r=[],i=[],o=E[e+" "];if(!o){t||(t=mt(e)),n=t.length;while(n--)o=Tt(t[n]),o[b]?r.push(o):i.push(o);o=E(e,Ct(i,r))}return o};function Nt(e,t,n){var r=0,i=t.length;for(;i>r;r++)at(e,t[r],n);return n}function kt(e,t,n,i){var a,s,u,c,p,f=mt(e);if(!i&&1===f.length){if(s=f[0]=f[0].slice(0),s.length>2&&"ID"===(u=s[0]).type&&r.getById&&9===t.nodeType&&h&&o.relative[s[1].type]){if(t=(o.find.ID(u.matches[0].replace(rt,it),t)||[])[0],!t)return n;e=e.slice(s.shift().value.length)}a=Q.needsContext.test(e)?0:s.length;while(a--){if(u=s[a],o.relative[c=u.type])break;if((p=o.find[c])&&(i=p(u.matches[0].replace(rt,it),V.test(s[0].type)&&t.parentNode||t))){if(s.splice(a,1),e=i.length&&yt(s),!e)return M.apply(n,i),n;break}}}return l(e,f)(i,t,!h,n,V.test(e)),n}r.sortStable=b.split("").sort(A).join("")===b,r.detectDuplicates=S,p(),r.sortDetached=ut(function(e){return 1&e.compareDocumentPosition(f.createElement("div"))}),ut(function(e){return e.innerHTML="","#"===e.firstChild.getAttribute("href")})||ct("type|href|height|width",function(e,n,r){return r?t:e.getAttribute(n,"type"===n.toLowerCase()?1:2)}),r.attributes&&ut(function(e){return e.innerHTML="",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||ct("value",function(e,n,r){return r||"input"!==e.nodeName.toLowerCase()?t:e.defaultValue}),ut(function(e){return null==e.getAttribute("disabled")})||ct(B,function(e,n,r){var i;return r?t:(i=e.getAttributeNode(n))&&i.specified?i.value:e[n]===!0?n.toLowerCase():null}),x.find=at,x.expr=at.selectors,x.expr[":"]=x.expr.pseudos,x.unique=at.uniqueSort,x.text=at.getText,x.isXMLDoc=at.isXML,x.contains=at.contains}(e);var O={};function F(e){var t=O[e]={};return x.each(e.match(T)||[],function(e,n){t[n]=!0}),t}x.Callbacks=function(e){e="string"==typeof e?O[e]||F(e):x.extend({},e);var n,r,i,o,a,s,l=[],u=!e.once&&[],c=function(t){for(r=e.memory&&t,i=!0,a=s||0,s=0,o=l.length,n=!0;l&&o>a;a++)if(l[a].apply(t[0],t[1])===!1&&e.stopOnFalse){r=!1;break}n=!1,l&&(u?u.length&&c(u.shift()):r?l=[]:p.disable())},p={add:function(){if(l){var t=l.length;(function i(t){x.each(t,function(t,n){var r=x.type(n);"function"===r?e.unique&&p.has(n)||l.push(n):n&&n.length&&"string"!==r&&i(n)})})(arguments),n?o=l.length:r&&(s=t,c(r))}return this},remove:function(){return l&&x.each(arguments,function(e,t){var r;while((r=x.inArray(t,l,r))>-1)l.splice(r,1),n&&(o>=r&&o--,a>=r&&a--)}),this},has:function(e){return e?x.inArray(e,l)>-1:!(!l||!l.length)},empty:function(){return l=[],o=0,this},disable:function(){return l=u=r=t,this},disabled:function(){return!l},lock:function(){return u=t,r||p.disable(),this},locked:function(){return!u},fireWith:function(e,t){return!l||i&&!u||(t=t||[],t=[e,t.slice?t.slice():t],n?u.push(t):c(t)),this},fire:function(){return p.fireWith(this,arguments),this},fired:function(){return!!i}};return p},x.extend({Deferred:function(e){var t=[["resolve","done",x.Callbacks("once memory"),"resolved"],["reject","fail",x.Callbacks("once memory"),"rejected"],["notify","progress",x.Callbacks("memory")]],n="pending",r={state:function(){return n},always:function(){return i.done(arguments).fail(arguments),this},then:function(){var e=arguments;return x.Deferred(function(n){x.each(t,function(t,o){var a=o[0],s=x.isFunction(e[t])&&e[t];i[o[1]](function(){var e=s&&s.apply(this,arguments);e&&x.isFunction(e.promise)?e.promise().done(n.resolve).fail(n.reject).progress(n.notify):n[a+"With"](this===r?n.promise():this,s?[e]:arguments)})}),e=null}).promise()},promise:function(e){return null!=e?x.extend(e,r):r}},i={};return r.pipe=r.then,x.each(t,function(e,o){var a=o[2],s=o[3];r[o[1]]=a.add,s&&a.add(function(){n=s},t[1^e][2].disable,t[2][2].lock),i[o[0]]=function(){return i[o[0]+"With"](this===i?r:this,arguments),this},i[o[0]+"With"]=a.fireWith}),r.promise(i),e&&e.call(i,i),i},when:function(e){var t=0,n=g.call(arguments),r=n.length,i=1!==r||e&&x.isFunction(e.promise)?r:0,o=1===i?e:x.Deferred(),a=function(e,t,n){return function(r){t[e]=this,n[e]=arguments.length>1?g.call(arguments):r,n===s?o.notifyWith(t,n):--i||o.resolveWith(t,n)}},s,l,u;if(r>1)for(s=Array(r),l=Array(r),u=Array(r);r>t;t++)n[t]&&x.isFunction(n[t].promise)?n[t].promise().done(a(t,u,n)).fail(o.reject).progress(a(t,l,s)):--i;return i||o.resolveWith(u,n),o.promise()}}),x.support=function(t){var n,r,o,s,l,u,c,p,f,d=a.createElement("div");if(d.setAttribute("className","t"),d.innerHTML="
    a",n=d.getElementsByTagName("*")||[],r=d.getElementsByTagName("a")[0],!r||!r.style||!n.length)return t;s=a.createElement("select"),u=s.appendChild(a.createElement("option")),o=d.getElementsByTagName("input")[0],r.style.cssText="top:1px;float:left;opacity:.5",t.getSetAttribute="t"!==d.className,t.leadingWhitespace=3===d.firstChild.nodeType,t.tbody=!d.getElementsByTagName("tbody").length,t.htmlSerialize=!!d.getElementsByTagName("link").length,t.style=/top/.test(r.getAttribute("style")),t.hrefNormalized="/a"===r.getAttribute("href"),t.opacity=/^0.5/.test(r.style.opacity),t.cssFloat=!!r.style.cssFloat,t.checkOn=!!o.value,t.optSelected=u.selected,t.enctype=!!a.createElement("form").enctype,t.html5Clone="<:nav>"!==a.createElement("nav").cloneNode(!0).outerHTML,t.inlineBlockNeedsLayout=!1,t.shrinkWrapBlocks=!1,t.pixelPosition=!1,t.deleteExpando=!0,t.noCloneEvent=!0,t.reliableMarginRight=!0,t.boxSizingReliable=!0,o.checked=!0,t.noCloneChecked=o.cloneNode(!0).checked,s.disabled=!0,t.optDisabled=!u.disabled;try{delete d.test}catch(h){t.deleteExpando=!1}o=a.createElement("input"),o.setAttribute("value",""),t.input=""===o.getAttribute("value"),o.value="t",o.setAttribute("type","radio"),t.radioValue="t"===o.value,o.setAttribute("checked","t"),o.setAttribute("name","t"),l=a.createDocumentFragment(),l.appendChild(o),t.appendChecked=o.checked,t.checkClone=l.cloneNode(!0).cloneNode(!0).lastChild.checked,d.attachEvent&&(d.attachEvent("onclick",function(){t.noCloneEvent=!1}),d.cloneNode(!0).click());for(f in{submit:!0,change:!0,focusin:!0})d.setAttribute(c="on"+f,"t"),t[f+"Bubbles"]=c in e||d.attributes[c].expando===!1;d.style.backgroundClip="content-box",d.cloneNode(!0).style.backgroundClip="",t.clearCloneStyle="content-box"===d.style.backgroundClip;for(f in x(t))break;return t.ownLast="0"!==f,x(function(){var n,r,o,s="padding:0;margin:0;border:0;display:block;box-sizing:content-box;-moz-box-sizing:content-box;-webkit-box-sizing:content-box;",l=a.getElementsByTagName("body")[0];l&&(n=a.createElement("div"),n.style.cssText="border:0;width:0;height:0;position:absolute;top:0;left:-9999px;margin-top:1px",l.appendChild(n).appendChild(d),d.innerHTML="
    t
    ",o=d.getElementsByTagName("td"),o[0].style.cssText="padding:0;margin:0;border:0;display:none",p=0===o[0].offsetHeight,o[0].style.display="",o[1].style.display="none",t.reliableHiddenOffsets=p&&0===o[0].offsetHeight,d.innerHTML="",d.style.cssText="box-sizing:border-box;-moz-box-sizing:border-box;-webkit-box-sizing:border-box;padding:1px;border:1px;display:block;width:4px;margin-top:1%;position:absolute;top:1%;",x.swap(l,null!=l.style.zoom?{zoom:1}:{},function(){t.boxSizing=4===d.offsetWidth}),e.getComputedStyle&&(t.pixelPosition="1%"!==(e.getComputedStyle(d,null)||{}).top,t.boxSizingReliable="4px"===(e.getComputedStyle(d,null)||{width:"4px"}).width,r=d.appendChild(a.createElement("div")),r.style.cssText=d.style.cssText=s,r.style.marginRight=r.style.width="0",d.style.width="1px",t.reliableMarginRight=!parseFloat((e.getComputedStyle(r,null)||{}).marginRight)),typeof d.style.zoom!==i&&(d.innerHTML="",d.style.cssText=s+"width:1px;padding:1px;display:inline;zoom:1",t.inlineBlockNeedsLayout=3===d.offsetWidth,d.style.display="block",d.innerHTML="

    ",d.firstChild.style.width="5px",t.shrinkWrapBlocks=3!==d.offsetWidth,t.inlineBlockNeedsLayout&&(l.style.zoom=1)),l.removeChild(n),n=d=o=r=null)}),n=s=l=u=r=o=null,t +}({});var B=/(?:\{[\s\S]*\}|\[[\s\S]*\])$/,P=/([A-Z])/g;function R(e,n,r,i){if(x.acceptData(e)){var o,a,s=x.expando,l=e.nodeType,u=l?x.cache:e,c=l?e[s]:e[s]&&s;if(c&&u[c]&&(i||u[c].data)||r!==t||"string"!=typeof n)return c||(c=l?e[s]=p.pop()||x.guid++:s),u[c]||(u[c]=l?{}:{toJSON:x.noop}),("object"==typeof n||"function"==typeof n)&&(i?u[c]=x.extend(u[c],n):u[c].data=x.extend(u[c].data,n)),a=u[c],i||(a.data||(a.data={}),a=a.data),r!==t&&(a[x.camelCase(n)]=r),"string"==typeof n?(o=a[n],null==o&&(o=a[x.camelCase(n)])):o=a,o}}function W(e,t,n){if(x.acceptData(e)){var r,i,o=e.nodeType,a=o?x.cache:e,s=o?e[x.expando]:x.expando;if(a[s]){if(t&&(r=n?a[s]:a[s].data)){x.isArray(t)?t=t.concat(x.map(t,x.camelCase)):t in r?t=[t]:(t=x.camelCase(t),t=t in r?[t]:t.split(" ")),i=t.length;while(i--)delete r[t[i]];if(n?!I(r):!x.isEmptyObject(r))return}(n||(delete a[s].data,I(a[s])))&&(o?x.cleanData([e],!0):x.support.deleteExpando||a!=a.window?delete a[s]:a[s]=null)}}}x.extend({cache:{},noData:{applet:!0,embed:!0,object:"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"},hasData:function(e){return e=e.nodeType?x.cache[e[x.expando]]:e[x.expando],!!e&&!I(e)},data:function(e,t,n){return R(e,t,n)},removeData:function(e,t){return W(e,t)},_data:function(e,t,n){return R(e,t,n,!0)},_removeData:function(e,t){return W(e,t,!0)},acceptData:function(e){if(e.nodeType&&1!==e.nodeType&&9!==e.nodeType)return!1;var t=e.nodeName&&x.noData[e.nodeName.toLowerCase()];return!t||t!==!0&&e.getAttribute("classid")===t}}),x.fn.extend({data:function(e,n){var r,i,o=null,a=0,s=this[0];if(e===t){if(this.length&&(o=x.data(s),1===s.nodeType&&!x._data(s,"parsedAttrs"))){for(r=s.attributes;r.length>a;a++)i=r[a].name,0===i.indexOf("data-")&&(i=x.camelCase(i.slice(5)),$(s,i,o[i]));x._data(s,"parsedAttrs",!0)}return o}return"object"==typeof e?this.each(function(){x.data(this,e)}):arguments.length>1?this.each(function(){x.data(this,e,n)}):s?$(s,e,x.data(s,e)):null},removeData:function(e){return this.each(function(){x.removeData(this,e)})}});function $(e,n,r){if(r===t&&1===e.nodeType){var i="data-"+n.replace(P,"-$1").toLowerCase();if(r=e.getAttribute(i),"string"==typeof r){try{r="true"===r?!0:"false"===r?!1:"null"===r?null:+r+""===r?+r:B.test(r)?x.parseJSON(r):r}catch(o){}x.data(e,n,r)}else r=t}return r}function I(e){var t;for(t in e)if(("data"!==t||!x.isEmptyObject(e[t]))&&"toJSON"!==t)return!1;return!0}x.extend({queue:function(e,n,r){var i;return e?(n=(n||"fx")+"queue",i=x._data(e,n),r&&(!i||x.isArray(r)?i=x._data(e,n,x.makeArray(r)):i.push(r)),i||[]):t},dequeue:function(e,t){t=t||"fx";var n=x.queue(e,t),r=n.length,i=n.shift(),o=x._queueHooks(e,t),a=function(){x.dequeue(e,t)};"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,a,o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return x._data(e,n)||x._data(e,n,{empty:x.Callbacks("once memory").add(function(){x._removeData(e,t+"queue"),x._removeData(e,n)})})}}),x.fn.extend({queue:function(e,n){var r=2;return"string"!=typeof e&&(n=e,e="fx",r--),r>arguments.length?x.queue(this[0],e):n===t?this:this.each(function(){var t=x.queue(this,e,n);x._queueHooks(this,e),"fx"===e&&"inprogress"!==t[0]&&x.dequeue(this,e)})},dequeue:function(e){return this.each(function(){x.dequeue(this,e)})},delay:function(e,t){return e=x.fx?x.fx.speeds[e]||e:e,t=t||"fx",this.queue(t,function(t,n){var r=setTimeout(t,e);n.stop=function(){clearTimeout(r)}})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,n){var r,i=1,o=x.Deferred(),a=this,s=this.length,l=function(){--i||o.resolveWith(a,[a])};"string"!=typeof e&&(n=e,e=t),e=e||"fx";while(s--)r=x._data(a[s],e+"queueHooks"),r&&r.empty&&(i++,r.empty.add(l));return l(),o.promise(n)}});var z,X,U=/[\t\r\n\f]/g,V=/\r/g,Y=/^(?:input|select|textarea|button|object)$/i,J=/^(?:a|area)$/i,G=/^(?:checked|selected)$/i,Q=x.support.getSetAttribute,K=x.support.input;x.fn.extend({attr:function(e,t){return x.access(this,x.attr,e,t,arguments.length>1)},removeAttr:function(e){return this.each(function(){x.removeAttr(this,e)})},prop:function(e,t){return x.access(this,x.prop,e,t,arguments.length>1)},removeProp:function(e){return e=x.propFix[e]||e,this.each(function(){try{this[e]=t,delete this[e]}catch(n){}})},addClass:function(e){var t,n,r,i,o,a=0,s=this.length,l="string"==typeof e&&e;if(x.isFunction(e))return this.each(function(t){x(this).addClass(e.call(this,t,this.className))});if(l)for(t=(e||"").match(T)||[];s>a;a++)if(n=this[a],r=1===n.nodeType&&(n.className?(" "+n.className+" ").replace(U," "):" ")){o=0;while(i=t[o++])0>r.indexOf(" "+i+" ")&&(r+=i+" ");n.className=x.trim(r)}return this},removeClass:function(e){var t,n,r,i,o,a=0,s=this.length,l=0===arguments.length||"string"==typeof e&&e;if(x.isFunction(e))return this.each(function(t){x(this).removeClass(e.call(this,t,this.className))});if(l)for(t=(e||"").match(T)||[];s>a;a++)if(n=this[a],r=1===n.nodeType&&(n.className?(" "+n.className+" ").replace(U," "):"")){o=0;while(i=t[o++])while(r.indexOf(" "+i+" ")>=0)r=r.replace(" "+i+" "," ");n.className=e?x.trim(r):""}return this},toggleClass:function(e,t){var n=typeof e;return"boolean"==typeof t&&"string"===n?t?this.addClass(e):this.removeClass(e):x.isFunction(e)?this.each(function(n){x(this).toggleClass(e.call(this,n,this.className,t),t)}):this.each(function(){if("string"===n){var t,r=0,o=x(this),a=e.match(T)||[];while(t=a[r++])o.hasClass(t)?o.removeClass(t):o.addClass(t)}else(n===i||"boolean"===n)&&(this.className&&x._data(this,"__className__",this.className),this.className=this.className||e===!1?"":x._data(this,"__className__")||"")})},hasClass:function(e){var t=" "+e+" ",n=0,r=this.length;for(;r>n;n++)if(1===this[n].nodeType&&(" "+this[n].className+" ").replace(U," ").indexOf(t)>=0)return!0;return!1},val:function(e){var n,r,i,o=this[0];{if(arguments.length)return i=x.isFunction(e),this.each(function(n){var o;1===this.nodeType&&(o=i?e.call(this,n,x(this).val()):e,null==o?o="":"number"==typeof o?o+="":x.isArray(o)&&(o=x.map(o,function(e){return null==e?"":e+""})),r=x.valHooks[this.type]||x.valHooks[this.nodeName.toLowerCase()],r&&"set"in r&&r.set(this,o,"value")!==t||(this.value=o))});if(o)return r=x.valHooks[o.type]||x.valHooks[o.nodeName.toLowerCase()],r&&"get"in r&&(n=r.get(o,"value"))!==t?n:(n=o.value,"string"==typeof n?n.replace(V,""):null==n?"":n)}}}),x.extend({valHooks:{option:{get:function(e){var t=x.find.attr(e,"value");return null!=t?t:e.text}},select:{get:function(e){var t,n,r=e.options,i=e.selectedIndex,o="select-one"===e.type||0>i,a=o?null:[],s=o?i+1:r.length,l=0>i?s:o?i:0;for(;s>l;l++)if(n=r[l],!(!n.selected&&l!==i||(x.support.optDisabled?n.disabled:null!==n.getAttribute("disabled"))||n.parentNode.disabled&&x.nodeName(n.parentNode,"optgroup"))){if(t=x(n).val(),o)return t;a.push(t)}return a},set:function(e,t){var n,r,i=e.options,o=x.makeArray(t),a=i.length;while(a--)r=i[a],(r.selected=x.inArray(x(r).val(),o)>=0)&&(n=!0);return n||(e.selectedIndex=-1),o}}},attr:function(e,n,r){var o,a,s=e.nodeType;if(e&&3!==s&&8!==s&&2!==s)return typeof e.getAttribute===i?x.prop(e,n,r):(1===s&&x.isXMLDoc(e)||(n=n.toLowerCase(),o=x.attrHooks[n]||(x.expr.match.bool.test(n)?X:z)),r===t?o&&"get"in o&&null!==(a=o.get(e,n))?a:(a=x.find.attr(e,n),null==a?t:a):null!==r?o&&"set"in o&&(a=o.set(e,r,n))!==t?a:(e.setAttribute(n,r+""),r):(x.removeAttr(e,n),t))},removeAttr:function(e,t){var n,r,i=0,o=t&&t.match(T);if(o&&1===e.nodeType)while(n=o[i++])r=x.propFix[n]||n,x.expr.match.bool.test(n)?K&&Q||!G.test(n)?e[r]=!1:e[x.camelCase("default-"+n)]=e[r]=!1:x.attr(e,n,""),e.removeAttribute(Q?n:r)},attrHooks:{type:{set:function(e,t){if(!x.support.radioValue&&"radio"===t&&x.nodeName(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},propFix:{"for":"htmlFor","class":"className"},prop:function(e,n,r){var i,o,a,s=e.nodeType;if(e&&3!==s&&8!==s&&2!==s)return a=1!==s||!x.isXMLDoc(e),a&&(n=x.propFix[n]||n,o=x.propHooks[n]),r!==t?o&&"set"in o&&(i=o.set(e,r,n))!==t?i:e[n]=r:o&&"get"in o&&null!==(i=o.get(e,n))?i:e[n]},propHooks:{tabIndex:{get:function(e){var t=x.find.attr(e,"tabindex");return t?parseInt(t,10):Y.test(e.nodeName)||J.test(e.nodeName)&&e.href?0:-1}}}}),X={set:function(e,t,n){return t===!1?x.removeAttr(e,n):K&&Q||!G.test(n)?e.setAttribute(!Q&&x.propFix[n]||n,n):e[x.camelCase("default-"+n)]=e[n]=!0,n}},x.each(x.expr.match.bool.source.match(/\w+/g),function(e,n){var r=x.expr.attrHandle[n]||x.find.attr;x.expr.attrHandle[n]=K&&Q||!G.test(n)?function(e,n,i){var o=x.expr.attrHandle[n],a=i?t:(x.expr.attrHandle[n]=t)!=r(e,n,i)?n.toLowerCase():null;return x.expr.attrHandle[n]=o,a}:function(e,n,r){return r?t:e[x.camelCase("default-"+n)]?n.toLowerCase():null}}),K&&Q||(x.attrHooks.value={set:function(e,n,r){return x.nodeName(e,"input")?(e.defaultValue=n,t):z&&z.set(e,n,r)}}),Q||(z={set:function(e,n,r){var i=e.getAttributeNode(r);return i||e.setAttributeNode(i=e.ownerDocument.createAttribute(r)),i.value=n+="","value"===r||n===e.getAttribute(r)?n:t}},x.expr.attrHandle.id=x.expr.attrHandle.name=x.expr.attrHandle.coords=function(e,n,r){var i;return r?t:(i=e.getAttributeNode(n))&&""!==i.value?i.value:null},x.valHooks.button={get:function(e,n){var r=e.getAttributeNode(n);return r&&r.specified?r.value:t},set:z.set},x.attrHooks.contenteditable={set:function(e,t,n){z.set(e,""===t?!1:t,n)}},x.each(["width","height"],function(e,n){x.attrHooks[n]={set:function(e,r){return""===r?(e.setAttribute(n,"auto"),r):t}}})),x.support.hrefNormalized||x.each(["href","src"],function(e,t){x.propHooks[t]={get:function(e){return e.getAttribute(t,4)}}}),x.support.style||(x.attrHooks.style={get:function(e){return e.style.cssText||t},set:function(e,t){return e.style.cssText=t+""}}),x.support.optSelected||(x.propHooks.selected={get:function(e){var t=e.parentNode;return t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex),null}}),x.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){x.propFix[this.toLowerCase()]=this}),x.support.enctype||(x.propFix.enctype="encoding"),x.each(["radio","checkbox"],function(){x.valHooks[this]={set:function(e,n){return x.isArray(n)?e.checked=x.inArray(x(e).val(),n)>=0:t}},x.support.checkOn||(x.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})});var Z=/^(?:input|select|textarea)$/i,et=/^key/,tt=/^(?:mouse|contextmenu)|click/,nt=/^(?:focusinfocus|focusoutblur)$/,rt=/^([^.]*)(?:\.(.+)|)$/;function it(){return!0}function ot(){return!1}function at(){try{return a.activeElement}catch(e){}}x.event={global:{},add:function(e,n,r,o,a){var s,l,u,c,p,f,d,h,g,m,y,v=x._data(e);if(v){r.handler&&(c=r,r=c.handler,a=c.selector),r.guid||(r.guid=x.guid++),(l=v.events)||(l=v.events={}),(f=v.handle)||(f=v.handle=function(e){return typeof x===i||e&&x.event.triggered===e.type?t:x.event.dispatch.apply(f.elem,arguments)},f.elem=e),n=(n||"").match(T)||[""],u=n.length;while(u--)s=rt.exec(n[u])||[],g=y=s[1],m=(s[2]||"").split(".").sort(),g&&(p=x.event.special[g]||{},g=(a?p.delegateType:p.bindType)||g,p=x.event.special[g]||{},d=x.extend({type:g,origType:y,data:o,handler:r,guid:r.guid,selector:a,needsContext:a&&x.expr.match.needsContext.test(a),namespace:m.join(".")},c),(h=l[g])||(h=l[g]=[],h.delegateCount=0,p.setup&&p.setup.call(e,o,m,f)!==!1||(e.addEventListener?e.addEventListener(g,f,!1):e.attachEvent&&e.attachEvent("on"+g,f))),p.add&&(p.add.call(e,d),d.handler.guid||(d.handler.guid=r.guid)),a?h.splice(h.delegateCount++,0,d):h.push(d),x.event.global[g]=!0);e=null}},remove:function(e,t,n,r,i){var o,a,s,l,u,c,p,f,d,h,g,m=x.hasData(e)&&x._data(e);if(m&&(c=m.events)){t=(t||"").match(T)||[""],u=t.length;while(u--)if(s=rt.exec(t[u])||[],d=g=s[1],h=(s[2]||"").split(".").sort(),d){p=x.event.special[d]||{},d=(r?p.delegateType:p.bindType)||d,f=c[d]||[],s=s[2]&&RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),l=o=f.length;while(o--)a=f[o],!i&&g!==a.origType||n&&n.guid!==a.guid||s&&!s.test(a.namespace)||r&&r!==a.selector&&("**"!==r||!a.selector)||(f.splice(o,1),a.selector&&f.delegateCount--,p.remove&&p.remove.call(e,a));l&&!f.length&&(p.teardown&&p.teardown.call(e,h,m.handle)!==!1||x.removeEvent(e,d,m.handle),delete c[d])}else for(d in c)x.event.remove(e,d+t[u],n,r,!0);x.isEmptyObject(c)&&(delete m.handle,x._removeData(e,"events"))}},trigger:function(n,r,i,o){var s,l,u,c,p,f,d,h=[i||a],g=v.call(n,"type")?n.type:n,m=v.call(n,"namespace")?n.namespace.split("."):[];if(u=f=i=i||a,3!==i.nodeType&&8!==i.nodeType&&!nt.test(g+x.event.triggered)&&(g.indexOf(".")>=0&&(m=g.split("."),g=m.shift(),m.sort()),l=0>g.indexOf(":")&&"on"+g,n=n[x.expando]?n:new x.Event(g,"object"==typeof n&&n),n.isTrigger=o?2:3,n.namespace=m.join("."),n.namespace_re=n.namespace?RegExp("(^|\\.)"+m.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,n.result=t,n.target||(n.target=i),r=null==r?[n]:x.makeArray(r,[n]),p=x.event.special[g]||{},o||!p.trigger||p.trigger.apply(i,r)!==!1)){if(!o&&!p.noBubble&&!x.isWindow(i)){for(c=p.delegateType||g,nt.test(c+g)||(u=u.parentNode);u;u=u.parentNode)h.push(u),f=u;f===(i.ownerDocument||a)&&h.push(f.defaultView||f.parentWindow||e)}d=0;while((u=h[d++])&&!n.isPropagationStopped())n.type=d>1?c:p.bindType||g,s=(x._data(u,"events")||{})[n.type]&&x._data(u,"handle"),s&&s.apply(u,r),s=l&&u[l],s&&x.acceptData(u)&&s.apply&&s.apply(u,r)===!1&&n.preventDefault();if(n.type=g,!o&&!n.isDefaultPrevented()&&(!p._default||p._default.apply(h.pop(),r)===!1)&&x.acceptData(i)&&l&&i[g]&&!x.isWindow(i)){f=i[l],f&&(i[l]=null),x.event.triggered=g;try{i[g]()}catch(y){}x.event.triggered=t,f&&(i[l]=f)}return n.result}},dispatch:function(e){e=x.event.fix(e);var n,r,i,o,a,s=[],l=g.call(arguments),u=(x._data(this,"events")||{})[e.type]||[],c=x.event.special[e.type]||{};if(l[0]=e,e.delegateTarget=this,!c.preDispatch||c.preDispatch.call(this,e)!==!1){s=x.event.handlers.call(this,e,u),n=0;while((o=s[n++])&&!e.isPropagationStopped()){e.currentTarget=o.elem,a=0;while((i=o.handlers[a++])&&!e.isImmediatePropagationStopped())(!e.namespace_re||e.namespace_re.test(i.namespace))&&(e.handleObj=i,e.data=i.data,r=((x.event.special[i.origType]||{}).handle||i.handler).apply(o.elem,l),r!==t&&(e.result=r)===!1&&(e.preventDefault(),e.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,e),e.result}},handlers:function(e,n){var r,i,o,a,s=[],l=n.delegateCount,u=e.target;if(l&&u.nodeType&&(!e.button||"click"!==e.type))for(;u!=this;u=u.parentNode||this)if(1===u.nodeType&&(u.disabled!==!0||"click"!==e.type)){for(o=[],a=0;l>a;a++)i=n[a],r=i.selector+" ",o[r]===t&&(o[r]=i.needsContext?x(r,this).index(u)>=0:x.find(r,this,null,[u]).length),o[r]&&o.push(i);o.length&&s.push({elem:u,handlers:o})}return n.length>l&&s.push({elem:this,handlers:n.slice(l)}),s},fix:function(e){if(e[x.expando])return e;var t,n,r,i=e.type,o=e,s=this.fixHooks[i];s||(this.fixHooks[i]=s=tt.test(i)?this.mouseHooks:et.test(i)?this.keyHooks:{}),r=s.props?this.props.concat(s.props):this.props,e=new x.Event(o),t=r.length;while(t--)n=r[t],e[n]=o[n];return e.target||(e.target=o.srcElement||a),3===e.target.nodeType&&(e.target=e.target.parentNode),e.metaKey=!!e.metaKey,s.filter?s.filter(e,o):e},props:"altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),fixHooks:{},keyHooks:{props:"char charCode key keyCode".split(" "),filter:function(e,t){return null==e.which&&(e.which=null!=t.charCode?t.charCode:t.keyCode),e}},mouseHooks:{props:"button buttons clientX clientY fromElement offsetX offsetY pageX pageY screenX screenY toElement".split(" "),filter:function(e,n){var r,i,o,s=n.button,l=n.fromElement;return null==e.pageX&&null!=n.clientX&&(i=e.target.ownerDocument||a,o=i.documentElement,r=i.body,e.pageX=n.clientX+(o&&o.scrollLeft||r&&r.scrollLeft||0)-(o&&o.clientLeft||r&&r.clientLeft||0),e.pageY=n.clientY+(o&&o.scrollTop||r&&r.scrollTop||0)-(o&&o.clientTop||r&&r.clientTop||0)),!e.relatedTarget&&l&&(e.relatedTarget=l===e.target?n.toElement:l),e.which||s===t||(e.which=1&s?1:2&s?3:4&s?2:0),e}},special:{load:{noBubble:!0},focus:{trigger:function(){if(this!==at()&&this.focus)try{return this.focus(),!1}catch(e){}},delegateType:"focusin"},blur:{trigger:function(){return this===at()&&this.blur?(this.blur(),!1):t},delegateType:"focusout"},click:{trigger:function(){return x.nodeName(this,"input")&&"checkbox"===this.type&&this.click?(this.click(),!1):t},_default:function(e){return x.nodeName(e.target,"a")}},beforeunload:{postDispatch:function(e){e.result!==t&&(e.originalEvent.returnValue=e.result)}}},simulate:function(e,t,n,r){var i=x.extend(new x.Event,n,{type:e,isSimulated:!0,originalEvent:{}});r?x.event.trigger(i,null,t):x.event.dispatch.call(t,i),i.isDefaultPrevented()&&n.preventDefault()}},x.removeEvent=a.removeEventListener?function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n,!1)}:function(e,t,n){var r="on"+t;e.detachEvent&&(typeof e[r]===i&&(e[r]=null),e.detachEvent(r,n))},x.Event=function(e,n){return this instanceof x.Event?(e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||e.returnValue===!1||e.getPreventDefault&&e.getPreventDefault()?it:ot):this.type=e,n&&x.extend(this,n),this.timeStamp=e&&e.timeStamp||x.now(),this[x.expando]=!0,t):new x.Event(e,n)},x.Event.prototype={isDefaultPrevented:ot,isPropagationStopped:ot,isImmediatePropagationStopped:ot,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=it,e&&(e.preventDefault?e.preventDefault():e.returnValue=!1)},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=it,e&&(e.stopPropagation&&e.stopPropagation(),e.cancelBubble=!0)},stopImmediatePropagation:function(){this.isImmediatePropagationStopped=it,this.stopPropagation()}},x.each({mouseenter:"mouseover",mouseleave:"mouseout"},function(e,t){x.event.special[e]={delegateType:t,bindType:t,handle:function(e){var n,r=this,i=e.relatedTarget,o=e.handleObj;return(!i||i!==r&&!x.contains(r,i))&&(e.type=o.origType,n=o.handler.apply(this,arguments),e.type=t),n}}}),x.support.submitBubbles||(x.event.special.submit={setup:function(){return x.nodeName(this,"form")?!1:(x.event.add(this,"click._submit keypress._submit",function(e){var n=e.target,r=x.nodeName(n,"input")||x.nodeName(n,"button")?n.form:t;r&&!x._data(r,"submitBubbles")&&(x.event.add(r,"submit._submit",function(e){e._submit_bubble=!0}),x._data(r,"submitBubbles",!0))}),t)},postDispatch:function(e){e._submit_bubble&&(delete e._submit_bubble,this.parentNode&&!e.isTrigger&&x.event.simulate("submit",this.parentNode,e,!0))},teardown:function(){return x.nodeName(this,"form")?!1:(x.event.remove(this,"._submit"),t)}}),x.support.changeBubbles||(x.event.special.change={setup:function(){return Z.test(this.nodeName)?(("checkbox"===this.type||"radio"===this.type)&&(x.event.add(this,"propertychange._change",function(e){"checked"===e.originalEvent.propertyName&&(this._just_changed=!0)}),x.event.add(this,"click._change",function(e){this._just_changed&&!e.isTrigger&&(this._just_changed=!1),x.event.simulate("change",this,e,!0)})),!1):(x.event.add(this,"beforeactivate._change",function(e){var t=e.target;Z.test(t.nodeName)&&!x._data(t,"changeBubbles")&&(x.event.add(t,"change._change",function(e){!this.parentNode||e.isSimulated||e.isTrigger||x.event.simulate("change",this.parentNode,e,!0)}),x._data(t,"changeBubbles",!0))}),t)},handle:function(e){var n=e.target;return this!==n||e.isSimulated||e.isTrigger||"radio"!==n.type&&"checkbox"!==n.type?e.handleObj.handler.apply(this,arguments):t},teardown:function(){return x.event.remove(this,"._change"),!Z.test(this.nodeName)}}),x.support.focusinBubbles||x.each({focus:"focusin",blur:"focusout"},function(e,t){var n=0,r=function(e){x.event.simulate(t,e.target,x.event.fix(e),!0)};x.event.special[t]={setup:function(){0===n++&&a.addEventListener(e,r,!0)},teardown:function(){0===--n&&a.removeEventListener(e,r,!0)}}}),x.fn.extend({on:function(e,n,r,i,o){var a,s;if("object"==typeof e){"string"!=typeof n&&(r=r||n,n=t);for(a in e)this.on(a,n,r,e[a],o);return this}if(null==r&&null==i?(i=n,r=n=t):null==i&&("string"==typeof n?(i=r,r=t):(i=r,r=n,n=t)),i===!1)i=ot;else if(!i)return this;return 1===o&&(s=i,i=function(e){return x().off(e),s.apply(this,arguments)},i.guid=s.guid||(s.guid=x.guid++)),this.each(function(){x.event.add(this,e,i,r,n)})},one:function(e,t,n,r){return this.on(e,t,n,r,1)},off:function(e,n,r){var i,o;if(e&&e.preventDefault&&e.handleObj)return i=e.handleObj,x(e.delegateTarget).off(i.namespace?i.origType+"."+i.namespace:i.origType,i.selector,i.handler),this;if("object"==typeof e){for(o in e)this.off(o,n,e[o]);return this}return(n===!1||"function"==typeof n)&&(r=n,n=t),r===!1&&(r=ot),this.each(function(){x.event.remove(this,e,r,n)})},trigger:function(e,t){return this.each(function(){x.event.trigger(e,t,this)})},triggerHandler:function(e,n){var r=this[0];return r?x.event.trigger(e,n,r,!0):t}});var st=/^.[^:#\[\.,]*$/,lt=/^(?:parents|prev(?:Until|All))/,ut=x.expr.match.needsContext,ct={children:!0,contents:!0,next:!0,prev:!0};x.fn.extend({find:function(e){var t,n=[],r=this,i=r.length;if("string"!=typeof e)return this.pushStack(x(e).filter(function(){for(t=0;i>t;t++)if(x.contains(r[t],this))return!0}));for(t=0;i>t;t++)x.find(e,r[t],n);return n=this.pushStack(i>1?x.unique(n):n),n.selector=this.selector?this.selector+" "+e:e,n},has:function(e){var t,n=x(e,this),r=n.length;return this.filter(function(){for(t=0;r>t;t++)if(x.contains(this,n[t]))return!0})},not:function(e){return this.pushStack(ft(this,e||[],!0))},filter:function(e){return this.pushStack(ft(this,e||[],!1))},is:function(e){return!!ft(this,"string"==typeof e&&ut.test(e)?x(e):e||[],!1).length},closest:function(e,t){var n,r=0,i=this.length,o=[],a=ut.test(e)||"string"!=typeof e?x(e,t||this.context):0;for(;i>r;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(11>n.nodeType&&(a?a.index(n)>-1:1===n.nodeType&&x.find.matchesSelector(n,e))){n=o.push(n);break}return this.pushStack(o.length>1?x.unique(o):o)},index:function(e){return e?"string"==typeof e?x.inArray(this[0],x(e)):x.inArray(e.jquery?e[0]:e,this):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){var n="string"==typeof e?x(e,t):x.makeArray(e&&e.nodeType?[e]:e),r=x.merge(this.get(),n);return this.pushStack(x.unique(r))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}});function pt(e,t){do e=e[t];while(e&&1!==e.nodeType);return e}x.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return x.dir(e,"parentNode")},parentsUntil:function(e,t,n){return x.dir(e,"parentNode",n)},next:function(e){return pt(e,"nextSibling")},prev:function(e){return pt(e,"previousSibling")},nextAll:function(e){return x.dir(e,"nextSibling")},prevAll:function(e){return x.dir(e,"previousSibling")},nextUntil:function(e,t,n){return x.dir(e,"nextSibling",n)},prevUntil:function(e,t,n){return x.dir(e,"previousSibling",n)},siblings:function(e){return x.sibling((e.parentNode||{}).firstChild,e)},children:function(e){return x.sibling(e.firstChild)},contents:function(e){return x.nodeName(e,"iframe")?e.contentDocument||e.contentWindow.document:x.merge([],e.childNodes)}},function(e,t){x.fn[e]=function(n,r){var i=x.map(this,t,n);return"Until"!==e.slice(-5)&&(r=n),r&&"string"==typeof r&&(i=x.filter(r,i)),this.length>1&&(ct[e]||(i=x.unique(i)),lt.test(e)&&(i=i.reverse())),this.pushStack(i)}}),x.extend({filter:function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?x.find.matchesSelector(r,e)?[r]:[]:x.find.matches(e,x.grep(t,function(e){return 1===e.nodeType}))},dir:function(e,n,r){var i=[],o=e[n];while(o&&9!==o.nodeType&&(r===t||1!==o.nodeType||!x(o).is(r)))1===o.nodeType&&i.push(o),o=o[n];return i},sibling:function(e,t){var n=[];for(;e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n}});function ft(e,t,n){if(x.isFunction(t))return x.grep(e,function(e,r){return!!t.call(e,r,e)!==n});if(t.nodeType)return x.grep(e,function(e){return e===t!==n});if("string"==typeof t){if(st.test(t))return x.filter(t,e,n);t=x.filter(t,e)}return x.grep(e,function(e){return x.inArray(e,t)>=0!==n})}function dt(e){var t=ht.split("|"),n=e.createDocumentFragment();if(n.createElement)while(t.length)n.createElement(t.pop());return n}var ht="abbr|article|aside|audio|bdi|canvas|data|datalist|details|figcaption|figure|footer|header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",gt=/ jQuery\d+="(?:null|\d+)"/g,mt=RegExp("<(?:"+ht+")[\\s/>]","i"),yt=/^\s+/,vt=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/gi,bt=/<([\w:]+)/,xt=/
    ","
    "],tr:[2,"","
    "],col:[2,"","
    "],td:[3,"","
    "],_default:x.support.htmlSerialize?[0,"",""]:[1,"X