From c075793ae5ee52e28cf8420c33cf3b73022161e1 Mon Sep 17 00:00:00 2001
From: James Strong <strong.james.e@gmail.com>
Date: Tue, 21 Mar 2023 16:34:12 -0400
Subject: [PATCH 01/30] drop k8s 1.23 support (#9772)

Signed-off-by: James Strong <strong.james.e@gmail.com>
---
 .github/workflows/ci.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 3ce77b419..c2c108638 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -204,7 +204,7 @@ jobs:
 
     strategy:
       matrix:
-        k8s: [v1.23.13, v1.24.7, v1.25.3, v1.26.0]
+        k8s: [v1.24.7, v1.25.3, v1.26.0]
 
     steps:
       - name: Checkout
@@ -284,7 +284,7 @@ jobs:
 
     strategy:
       matrix:
-        k8s: [v1.23.13, v1.24.7, v1.25.3, v1.26.0]
+        k8s: [v1.24.7, v1.25.3, v1.26.0]
 
     steps:
       - name: Checkout
@@ -337,7 +337,7 @@ jobs:
 
     strategy:
       matrix:
-        k8s: [v1.23.13, v1.24.7, v1.25.3, v1.26.0]
+        k8s: [v1.24.7, v1.25.3, v1.26.0]
 
     steps:
 
@@ -460,7 +460,7 @@ jobs:
 
     strategy:
       matrix:
-        k8s: [v1.23.13, v1.24.7, v1.25.3, v1.26.0]
+        k8s: [v1.24.7, v1.25.3, v1.26.0]
 
     steps:
       - name: Checkout

From c8cb9167d3bfe6a2ed50796e179b3aec648a7e16 Mon Sep 17 00:00:00 2001
From: Ehsan Saei <71217171+esigo@users.noreply.github.com>
Date: Wed, 22 Mar 2023 19:58:22 +0100
Subject: [PATCH 02/30] feat: OpenTelemetry module integration (#9062)

* OpenTelemetry module integration

* e2e test

* e2e test fix

* default OpentelemetryConfig

* e2e values

* mount otel module for otel test only

* propagate IS_CHROOT

* propagate IS_CHROOT e2e test

* code doc

* comments

* golint

* opentelemetry doc

* zipkin

* zipkin

* typo

* update e2e test OpenTelemetry value

* use opentelemetry value

* revert merge conflict

* fix

* format

* review comments

* clean
---
 docs/images/otel-grafana-demo.png             | Bin 0 -> 123976 bytes
 docs/images/otel-jaeger-demo.png              | Bin 0 -> 120283 bytes
 docs/images/otel-zipkin-demo.png              | Bin 0 -> 133964 bytes
 docs/kubectl-plugin.md                        |   1 +
 .../nginx-configuration/annotations.md        |  20 ++
 .../nginx-configuration/configmap.md          |  53 ++++
 .../third-party-addons/opentelemetry.md       | 260 ++++++++++++++++++
 internal/ingress/annotations/annotations.go   |   3 +
 .../ingress/annotations/opentelemetry/main.go | 101 +++++++
 .../annotations/opentelemetry/main_test.go    | 170 ++++++++++++
 internal/ingress/controller/config/config.go  |  55 ++++
 internal/ingress/controller/controller.go     |   1 +
 internal/ingress/controller/nginx.go          |  43 +++
 .../ingress/controller/template/template.go   |  96 +++++++
 .../controller/template/template_test.go      | 153 +++++++++++
 mkdocs.yml                                    |   1 +
 pkg/apis/ingress/types.go                     |   4 +
 pkg/apis/ingress/types_equals.go              |   4 +
 rootfs/etc/nginx/template/nginx.tmpl          |  26 ++
 test/e2e/framework/exec.go                    |   7 +-
 test/e2e/run-e2e-suite.sh                     |   1 +
 test/e2e/settings/opentelemetry.go            | 119 ++++++++
 test/e2e/wait-for-nginx.sh                    |  15 +-
 23 files changed, 1131 insertions(+), 2 deletions(-)
 create mode 100644 docs/images/otel-grafana-demo.png
 create mode 100644 docs/images/otel-jaeger-demo.png
 create mode 100644 docs/images/otel-zipkin-demo.png
 mode change 100755 => 100644 docs/user-guide/nginx-configuration/configmap.md
 create mode 100644 docs/user-guide/third-party-addons/opentelemetry.md
 create mode 100644 internal/ingress/annotations/opentelemetry/main.go
 create mode 100644 internal/ingress/annotations/opentelemetry/main_test.go
 mode change 100755 => 100644 rootfs/etc/nginx/template/nginx.tmpl
 create mode 100644 test/e2e/settings/opentelemetry.go

diff --git a/docs/images/otel-grafana-demo.png b/docs/images/otel-grafana-demo.png
new file mode 100644
index 0000000000000000000000000000000000000000..61b50c8612dc1aaa80de0bc416dc683f39bd201a
GIT binary patch
literal 123976
zcmd43cQo7o`#-FUQlqWX(xQ{1cI??IYLD1z)r?pzp>~JSR?*sf6GX&{5qqmWB4*5@
zgxE8}Fa3PJpYNxApL3u4KKCE@xvz5^uROh8*Xud1`M9q5tfiquL&Z!*Mn*=X{NlL|
z85vbN8QJ;F%jBeyGSP@o(yw!FI!e#Tiu&%XkUm_rd#e7FjI1Q$%8BJA(q~H77e;Pm
zWGo@Sf6hfLZrPBLo#iM$f2#Y|Yz=$GLU-i-*%n)*+``4c^ov(6wvnCBxuvjK@>n?f
zOXerxfe-1=3>LW16l3S%ij@`&H$sm^QCIY}xLUs$IzIWJV5Ix)x*^pk#cyP)AFf}$
z4vf5eMi3KnvlH}EyM8rt16tQp?TPQ1I*@+t@1_xjq5Rx&ku;}22|WN>y7uP)={oP)
z`MiG&eWE(2`;VdLL1bM27|MJ`#_*3J?R)QjZ{8pDF7K+`@16OB<a95mpa0`C>GCeu
zMXhsx4_#&We>ANeWn5sZRW9`(55IF&PpqQ5|BA#=!@r}@IMhU}9&+<<ZvMiTlUSFZ
zP>_+y!Q&m&o_9QmR=Iid2NN>&M6nDS$+xR?X%k0ZUtAy~Yy9z8r>>3F@l+z5UI)&V
z&wR=Fua$*Gu}BD80%ZeUWO=M|^pM`Jg`6-jY%YUpbmt)p$*%o<x2oZ0xnjbVWnus4
zJinQD!r@}VG0eKIwU+3Ki`tZbZqd8;7J3=Dl+~O^hs*r!?+S0fkdY)(?3z^dVEQL|
zV&OytQ2X;slPwDEESik#f4}D=Wtx5>Y%>sep(l^Nvp6V7@<UcDAL)&se`20-q2+o4
z<x<!S@j7~)XxdCg`e$%$GGYAg@JQj&0lFNdc6a5^19g3KC0IS_?FBka>$l=SVswJ*
z?&O=8xEP~|8ROx4IOvpguCv)cb>Al@=jK9Fa^uGgaRTiL&IYf;W8+|jyXIU+xvdGd
zI|d03Iur$h?<UGYz_v;$c>w`D#h)UP%<RA@Lu0EMvC{cHAiuVDiivap_Mg_I?01%C
z%2YhMH=LzAi_UJa$z*3KMNE{T#R83O$o9TsDEmTKq>YP)hIIT0>)JRPn3vKYhx#rm
zF~x5)M29GTS@Q)+cGKUNfn}h=P6f6eusnehE^hA8jE@vk96Z958L76c+{HCm&lac+
z7w1tsWyW=xKjj!&QM|b#P@{HugNzKo>k;<L{zyCK1lH>P1nB7ab$))H#N~ZeUge`B
z{upwtBysgZm7E-#z6XEIrZJ!AiLXQ4kJR&I@7lZaDTH6Y$@G{lA3vCy%1e`me>Sx%
zco=95B13|PZ!HhvJ=p$ub{5Te&v#X7g0wAiRzER8_0s$BowpMp0f+1N99ILi9^?Vu
zF|ReGePR6LA+eb8@sJmDK$Es_q@~C$%wj%<vk))^Ov2hx>>k8UF0W^KdXP4A&|i8z
zi}viH)IIE$V5HUryv`*6e=B`h7`-G!#e*B#vF05K6fQlbypo}~`X%izBVj*qUYk-<
zckb)h4=N7ZIVsW!12meBzhO=4vF8iULL@b20cwYUzce%bJr$UUrk8=Rkre1^9$Sz>
z)O|?X#?!y11Tb`VoR8lNh|0a}MKW>k8vL#8)UYDjSZ|$deXY6--M?9$+ph3;5K!O{
znsaY+3DLrWelH+4N&<pYIBm=yW@u<g{YjZTQTxy5p1xVQ?vdWCoFWmSF==+X39=_0
z6<PY0z{o?wp#Nq4Z&OMxvjC}RmA@w^HO;%PE--MMFZ3!7d!Mw?SvJj3(z+Y+IfF)G
z&I9HDwum$ucLP@W0xSI;LX&eyGqaaE4`BxvcWL<j;Hnbl*s(TD`7y)A^_N8+XgplF
z-l1mEd}cpp!y!5s%t3mPnGYsoeKuomw=K8_{e;~#Ni5fRLG2R+>osyp>B!8K|A+K7
zg+Dt4=Hj!4!{dZjgMlf<fkMua43Mkz^suUpBlHsyjCT#HfsJhTr$-MeBRV!F|EGBy
z7ayMx5Z7KGknAx5>XR-ID0XR@@h8B`cyJdc5wvRu#UfKHuVw6ZXWw7QEwXN?)D!IY
zk?ktNk1dq{<r|n|<<1C-FAfN)BDKx7Fd9i;Z^cl3hv`D5IUt$+!!=x;AGQ*4w(pl-
zv~~cV_|zOF;$xZuDGKr7m_&s4m|Q#$#hhKR0lo?Hi`^Ul2k#pJ*3CSIXJhYm34^k|
zmJG=Ws~8W1(6^$##yZ<!v}`hYrKN9nsL9eZzJ!Hohcd!%-1J0+N5`(Z4nEycTL(Bz
z0Hh{H?Z+w?N#+Ih0NJ_^o7|78hfF`_<(<yI%_8x(vAod1WyDIq`g5Y;-eV|@*D!TK
ziVv~_bnZ`|2)OHflW=e9B#?VEJ0&@f-wwUzeBczQc`kjc7;&%<nOSO}Ln~l66rn}O
zhMpDXEaH0^t23Owv^DBp|Bzt`#@J|ArQ`ruzacul0cX+-B^#(ZL=g6dE=jlw+Q0H|
zrMD-d^X9K|{JqWPa?bPdI{`Pn?vX?!PLGcY{r&5=g2)|fSK48E*}tW#m<4t<pFdGo
zkcA}XC7Yumg%mC+Kg<hOMJ508&vGrxf!rt8sA}#|8<MyJoO20&0Y8}X>x-WMtqRvW
zI#Wn0qsyh^1C23A{mbva3&t4+-VI90+N2}#2s298uqFaCoNsV`WBvyh+V|87BbFpT
z^sc=F9l>?9uJQ06)47)4HvH*w2I*B*&u|Jcqmj?j?!EhxxU)C9Nw9NhM^iEn^{SC<
z<$q{4TH!M3oB$q31f4J_<=d?i2wKDr31JQWLMt9IlkmD9yt4Ph_M!LWjM_+`xNUX`
zlN9jEFz}~PR@-e`aI3s(kD*N@;NFe`jl|?vF7xj8h@rLGw=@A#s#YjrH;xVSoUbKJ
z#>?R(BlaJ1eNzm)suA9NBbh=Ia9`@tV7Bu;v=IH2Z(FLg7fChKx9n$Ret4Y}xTftG
znh2;TCF(5b`tRm(j?hjboF_Fqrn<CWPOV@X)OYtrDUu7&0(L0i8`~0?T1Rs16832Q
zwXvL2XQ=^a<ybUNJugwXHJUrd{UeH^85)ZPmyhK?@YL4frk6n?#ZBte{}BZOcsT;d
zkmb5IkG_-d)S9<?sX(&PQZtWv1|^e1)yC&>nKBpDs;{#kl(m(B6;9@|1~th#;nT*|
z3T+yODBVjN4H*V0za!#5D7{4dsAd+?^KQlXt&8k%o$q%{FLS}yn7+%k$F}yT=u-zL
z#n4fW(N7@m9>c1KIkJSzV0Zp38<X;1v0I7DAca3PiR8H(Dh&ggyf&XdXa-()Z=xg1
zdxV-ru(>yxi@G;OEZ8|!RNzHzLN`uy^(HPCY%uR_hG_EGOuFsbku>Emx~uj8bWT{0
zX$P98sp?s1G47OD?ODi9y^aWn7g8#@A%C??0{Z<X29LkE69swn>iRXb919Z+^|L>u
zh#ya~**OfdYmV;EO=LT~Ja#qp@Q=K1BH{*R;nCYNs5Y*%E?TOM$?9@Tp=5ULejZlE
z)n+WR0p2NpZIpYuX{?6`D?A_~>?au3dkiyV;$w4Hz`c1PE>k<kZ~aP{xJNLTJ_>^}
zn2^-*sOR*A_L>KhrGTHQYL$1|N5OgRVRwqUYs#bg8`f2*kl;x!o@8kgZt3@ikJQo0
zPzvrrrjpq8*Wht|$p?zH?b68SEq%!DBjcli$GuatQkD-v&z3@&-76&ZAy*Lp-II6Z
z{WFGf4YN{jGq25YQvMEW(bsv>F?7aq@Y}|6(oOUIX$72>@tgU*5~nBP%K0I|(#bhT
z2he=YNDg0z&@h8nZvw)OOk-^$aF*=B+ce3U;{BR~#q~d$HuK>ip`+_Q_5<re!UtO=
ztIq5p_CmT$Ze@V2c7M{Jd%c`Wd2dSt`DDMd9wGI{;$yPT11l~RVJUWnY!GjWg>kaJ
z4xHnKbW(G}iJuKNCeuc{8<NtWN=uRAn3o?U%=mTb&$v~A<cU{dJbX$u=b4r-rg*;h
z(Wc$R7EWs%qA?m+J~|&WjK9?I4ZVUXb&~P@@5)J6V$;kvWFv9Wg_zts&W%4qgz+CP
z3fYRsL)WXTG2fu`a#~dh66Ugc^n^t12Im!TfVAG{)LEPH4Bz#x?t@y)@riR5z~)T>
z(~jy$GzUkX=4~Md%G!z^wc=KGD5wkFl)E^}++~s-;h9vL19?;6o%BZT#Q>0Nx<VyX
zy*gK7dOJ|CNS!v=D<XEa5&v>s!q9=;Fp>RN=`IJLD2Zv5%4v$pS0)1(02B<~)l~wP
zKiaRlXZ`Ym57&>g_cqlNhq;`87&g*^-Yw*6lWVbryg|NcQd9S{&&-vPF<=v;S6Z0}
z{V+E?ub#l{*X@+(dd7lrO;S`d%QSt@Z!c+jV&(D)VAj$>qqi(~OHi{r^~G@UV3zyx
zp*FLCcP69L6_3f8<ILND_Ne>oZfAz3OD^B_f{f!<yw=r0T`$e;Q_IXIJ*yN$L@yfW
zNYx>K45I^HX%Y|514Vr0>z?-CU-U0;jRtp$s?Zl*3D)fPcru6{{3v`}B<a4)^HF$S
zRJ9!2u>LAa*#4)M(0!iiXjmiA?f^{&tf0XyQkG9h?4s}Xd*H_4K>n{aK4sH_3V)oU
z>;1g}no8MpAAb<dgSwfM3uNzt3tp3J(G?A@?MedNEGtBuI|tiGz~v*U(^=JDJSX5O
z6Y}A)bqP5a`mTI+Dns@SN9Ju5^5$A^VG9FrjB6qdvl~JH0@1==w@p0pVDq}uULd~@
zjerf!NO9;yLa8urLe0k7#|-w2$M4X_>4`{|%23;=LX6x<(Gj>D8=X?L1_Y{&Ga}N=
zW+}Z{Ckj1F)vJRg!ddh1sj)BOWW*=SYCYmTD{P<81zY%GkHPVr;1%0-K?USmHXFG<
zkGfyv$4PWd_RfV#b!N196_!ed0Fz>){O_V0IiY7S=;sSpW+{C{HU!ivu}<o$4SK|W
z5qgq<hes(g$?=@J2gNF=a5*QysG&%pPkf#@xOX@4@(P!Xxru>`fK9~wqPN|T>pXtl
ztfhNRcDBchoGMg+1taS^k04GTp22;;Tzh4)nl#Q4t*vh3N}jP1zgKbS+3n+Cn8C8e
zz)oZCBV$mPuy9@|$JH81C4@Kg%e~3HAJZ0c0K6k)w;}rw(S-$fIY581CCtCO@u;J^
z?E@05I~$$Id6cQGq0C$u?xa3A;anr4bg1>;rI9gzcI#6eVp4}c+o_O%5}5GMe~WeY
zmPeC0gLx!5R?xJ}+%U5Z0UsE8)MPnUZJX-4)hlJ%c5|hX97z2gYO`a<y>rRauy$Ha
zL&gNIKIj})-d~rI#<WsqwJ;g4qt39>fBS<e7PoeTW`{y9B>S;=@n+Bj>P;BusBXZc
zRM3|Sx8ZXB=54;ZO7r3xU$8X2L{cWwbeiyFCORkFbSSw)#;+#+=*r%aq|wAGyB0%|
zHBXIc)m;S^6N#wo$o_JH3G|ac7Q_K3PShUi5vx&_Z5_7$E1_7QU4#q#*|`7u={(qz
zlqAI1Gt+08)$zKL*L?lenu5RLC|fgi>zW+R0#5j8*>Y_jrRY9zx%F)uIWVWApHjjz
z^rmn2l-zk_3d($eT`R===Zb&BT_qQV;cZw}LgL8Qi;2UCl=m2It4R-SmmGV!Hy<SD
z2JDV4oWk{&7*PwaF*_b~=j$Xn2U9XjYwz%g*!(eF4L_wlM6J|%f%D_b9_M@>E(_bp
z5UWy;1Kf5G)@^^!R*d)?A{akNZsN^aT5AMV7GW<;_VbFiU*$T7zM7x7+o%N*!Pdhb
zn%_20%g?6^8%=ot6t=c6VBFyEXAupW_~kxm-n;1>o*>JN`1Miq19sDM4f0XKA)0sJ
zy}`VA%f<<?IKkCz!r+zA5=>VcgN;dwS*Gh?_s~gm&R=yN%4wS%?R1`U$4>OCy%09T
z@@bCnYgV4sRPYEq`eP-e%W%4Y!*bBDMR$}(wLq{IWx97*)zdnnDT>>?o0T~ypU(!o
z5X>{daMGk@t&r1%UuSSRm^XKmJfJW>D>sLoScnp1Xk8R1)$74qtG!MAs{_D~ie~dG
z{<4~EXOH@$vq}_?DAWh9-!{pvywBs-$#2m8Ovd4}%(&ARm7$}`eE>Wumg|6x{Uz#6
zPzCFo(0YxJBT%@kSQ28&^NSkOe<%Bnlt7z6`uW(3gUwficX|O?XD@tE!e7g4?(F4H
z>Sei4t{)^F!RPSis}<#J+||{R0oF^9l_lZ*O*T)^u5es|RSe<+S-Rz?8!~&~ulGn<
zFl)Wg{72KlxV4cYr`(tHs-oaH&I#<~L48pOr%w)O0>)kL{#ml8zD>;x4<Z74(F-%}
z#(EW<DD&?H_}rJ=<FM%4FVfk;16MT<2sLiI`cB(Wt|5}JC6z9&`7>ijqg#%S!Hti$
zY+GS3x@C46l!PD~me*_l<(EvN_3g19^Z<1=ZI^&E!lk4=GkEOnKi9id{+9U5ZiRUY
zR@e6l?7(iEC^E`4qdE9ZKs4Vjn;*2pwz^uf1esp8@^cu@Y4DfGMHt5`lj8R0b92Ly
zkrri9r*EvTkPxrE$1==osb;TD-N#>$+}P6#?G1VNmJ<hE+xTz+6_?D@4zrXKuU;=#
z8~7Fy46AJL30MSm&!}r7e!-J1uB4V=hX92484gbErkG`@EaEEx`gmch1adipmlXeg
zOk3Q!R5LSE?_b36{B}y15v*MLYNq;t&4CnLpzhhn+<LRDXaVpSb`4)MdJ28&47_oj
z(WTrqg9_pU9zmPQp#a|{5D24J%b|2z{g3k|)6Gz)+tY9?2w-p=A_Vy91(-R~aAO=0
zvMR3LcBXH=ZVSzizVvfBEa`KZBiHW^-M8N%xKtsCI29*eu~&6P@QI6pq&Ob%gtQyP
zAajRNe2T`nZQMGjqW#9RNAFhmG{QNaGa>K~QZe&Kh+oxqW#xy+C+c_NZ#eRxJ-k17
zCuL$kEN6<Ven3R152gQ5EkDe;DNI-~C?D|lI}V~;QeJ6P;^Q73c3AF$3L<$2!u*6D
znaMoeG4IEm*rkm+5_ZfhWddAFhXo4|CW-hv*uE4bqrNfDt1<dQSA{(m2Km)4!w2lQ
zStf7EsApw9l>`&l*AH4l6NO|=t^|nc`&~~mn#@fh|C*fF-BWn(HpV_~<<*SKsK_v}
zekMu0i$*y;mTM!*5%?Q`{|}8E*%Btbw?-V{XHPV1whQOdxRIM-$m8uif^SlGJr(<%
zCn<=*OY3Ujd~=tf$T;&sN%1rkg6IgJ_S&N}jxW<(#NQ!%7o}FV)C*CBedG2C8$*<s
zPmU>2rTLdExIx!!G{KI))yHh^o{Fktx5w((y{9D_+vU0x`##SSdFavOH&`YGg~i>1
zsH9x3PI4)yL{0oyRxV;4`<A~FQN(Yh__{(c*Un+VU&t9ep$3<H2rDBVz1QCeE#E_O
zCQ8i=FZz{ZY{9Stw<o_-lx2(1Mr0|ZkC<5U1Tnv_s-g3$+d>s)a|sqL&MD6pzm?7~
zQ8heF1%HDqdG>gp!LJr8shKKc<nZM`dqVmRxa9;H<YOC<)}ziU;xALovaZoTTMU4-
zekET!(>hyr5rZXY+9hPdP5K|E;G@GIyZBXj=)El|KOpW+n7&dZBjbp1HuZUYR9m#_
z-sfejvezemAhj&)@u{?=tWq8_2W;59>agu)n*2syflRmuBkpOxMsH*sXOJhj)6Ggs
ze_l5+^7y@qRy^yaFaAo(7(c3yKQ@ywUBJg@dcoZETs!Hb%cmC_@po|2LxAIqCr-jq
z@{Zj@=n_!k(J`|V-(xEO`kcaSts0RhgKIU4prMmHBRt$FMHi=iazoV^LPRyhSJULX
z%-ekt>`BtNam77NidqI$yW2~vA1?s``}@>9G*=prd8U6-l5G&xy6-<ho7^r)BZ2(?
zOV1grbA}#pondas14a+}`QbA$48KCpAfXI{r<`QTYkiJx`eD!VJPym%Kb%1?tM@!8
zxRQ44C7(y*NB9jCyzPmWFBgZwcMNrJU^pcHm+x-`zf0q(m=PV&l~ro+(`NMZDAXnS
zJ~h`J2A}<(;t`OMfS(sooj*?2Mwi+)e$m@GSf6qA4987}D<G=$4zkC(-JYADtkZe7
z?94Y3VjT_kuOL84lH$*QdU^i}o(%bwECxH=WA7zcRZyj@%t`I|RqJc=7_MlLzaua7
zBRpK*f;Ic~Svj=<Xxt<GUIu#JI~zIWL+*t3k7U}YLe_^`682Z@OxzC#GQMrD3}!7(
z?62s@_`3O;Tz(?E3d%2G3_sWhV`{7C=Y5ZlEq<}^5AE+rWa)i~YLGJa_YKI_9$kl8
zIWIou?Q`C!{ak-~{0<l+v83jy()Yw8W@SvkbILYi_&nF2JEFXtcN!B1HPxfOH#bb5
zQJx*S$w@YAZA<ZD{cb+XW27GD`l{zO8EJ-SR&kwszQ*+X;Be2w-5SNeKqRseNgn-N
zA%C()PIjHkNO^+BZzD&UcHj6f5Qt3cbN}9+Xztr%CKV9{vc`N4sX*`J6`AG1B|dr?
z1;Ag}6IuForD(#)sIx#(9f~->qkqGS^&A;T+2+-Pn{&YDp?|^HWL!wxu=JY;dA%|2
za~6=V19WHO7kKqU#Dvb1iRCL$ktzcUPJd&%a*GuWSxECcue<GbhX#_ARysIMM+7*P
zS!#AiA_DeR!+v3NheWiJ4sPX6c98Ox_A?#P>_Di&B<!poKPuheE9W_LVwGZ*dz|9e
z21iYL<5SOWLD?X`V|&OFT}Esy>ud66=pbP!$wgO3XN{T^+T8yO_j|{6XK<;q40+V3
zZTEz|zRuh1^+$h+HM`>#;R|S?lIq=FnRUL`sYSENJCW|F6fJRhb>9kRH09QSg7Rne
z6dkpsqT{EAoq%e26VWl|Nk!8>j`vh#dp~HCohPCfr~@^#Jj-ienp8NxA^%sLdg+gY
zmm3N9E%02j;qn<~^>bpDheR`g&+K5k%U%IPcopUV!u*bu-ws^waR1Y`hvRDwa^KwA
z^P*$Mr+XTH6<AL4pZIAGjv?Saa=Ri#nw0X?1J#W=9<mB8UUlkoz)3MOu)HCi)_+OE
z+k-0eGxUG(i_h$RJxCAR4@rozGLC*yeE`6^KFJ{-Va|YeV+C{P=1*RCx6<=R6Yo89
zDj}{`5Z!y=ciP%goQadq%>(=z^Ho^fawQ+xG1hdsuf<C`m;D3N{r%qm@9UiZKP|uh
zznPYnYDYMW8>^L-RkG6WDpUiWuyH}o>Tl3DJyxZ=E4hP_$C#5n_$n6}fZXE{U5}qU
zIe3q<@41Hg4VTY&LVs6(KXnf*6;||FX%F68{u9=m&9;NyO?*q$_mPA7T56>Ie9ud;
zfIx{vmI61<X?0(Q>>V%yd%Q9lLRU~*>wHg_z&f;B-aa1tbI_#$?#5l}*no19#nB{(
zR8<Yb1CoB>5OiXCoCkg>kwT%SBjO%CES2N`C~9b_di?67Wn<ywf%}kMBy&~y7s}rt
z(+m|M5R>m_Fu72#LEv$l*+J_E*o;em7TE_}$2c$7yypF1jI;bD3GrqYqJNe1*L}am
z?~do+rjIoAe_t*ic)=nRLAo<cZyhK9*Yk2MgW0+FsQ!hM77ci7FCw!C?EbQs@7nKu
zOStPxn$XoQbi{q#sKodV*MIO}$XC#nRG9l+rDQIXOX)m@KEvj%vaSDZ8N;6MHj&u8
z3+Aq6y^(LGo3VXE?k{r>@a<UJ43yQijN_&Ql6V1l)uoURVL!j>nj8FW;+V_XV=g^T
z)*|^Fxd%%KIwQJiiKvDf`Rcl|f7ec)Ub)DTY!Nh<W~f&{DiNgL+d+qX7z7%;VEExB
zD5gXYeE65?WKL(d{6Xp2dQ{oG`|UU45+-NJ@+*ENct$zS8=BN{`R}bEZw=(AU86iz
ztU0e~9K^nF(baKY^Y_FZHR?LhAJ>kxia+S)Z;FQ-@v;B?o*NuW*B&26LH#jR^cAkB
z-?0;MLShAU=A?&{C)E5nv?xl+Ys{=ik`fKiV1~E1`!{6X{@q1Dqk8wfL%duNeW`0#
zaDa%9|FSS<*5%q0{@*ORr1lc!x}mnk2^7$xpFInlNs-+>zwGJ^ez%5L0!{xfj46$?
z#r^H9IW@sy=_q-{^L)tD*T$F2SW_qnY)Q9mA!c(ub~jI+k-|l?)z19aRcdt)wCJ`*
zC6gsWf&7c#5~zg`y_~3>wj<xZUro)=c3K5+0Zk&>DQg9mqVW#@2odZpPDmAEmN`Gb
zT4@SwQ=?LzS>x_Vi>&!wSBI@Y&5wMQRHwYe3%{$}e%ojvwYrx45U~+jU<f6mY%FUj
zpUfqt<BWX&jA(;sbZlDbQ@Z_+LLjRo&D_O@CzpnU<Aj)B0OL#dYK49rccdUQzpb2p
z*g0o;zwQ=EBI<SZ&iMQFOwvlI`U)|hC<{{kQT?0&e(3{=4#u)bZVilEN3sQs5UhcN
z;-CNB_d)Yb*4ja+?aLgnW;XkAk9&<HO`p3bVAI}=G2WKy^arnyt?VMHpho8K;8n_f
zL&D|Qo~To=HI5UTjV$_yNb;KLh1xOR$>EQSjXvHp55$Bo{#}&2TTR*`HOuQaFj-hC
zhag^1N-3eXr3W7jSW`M^N?3B8Zj0`b?X$?8*zqBSy6+}F=|YQfw{!894y;RqUynGB
zml0YUB~+&%5g(M-bjppl8AqeCS$n>-!g#meg_Qpi^JB^Dme(0h-+>OZdWB3{z1EZn
z%F9i%S(XvrUcYPKd7gS0=|YYaRA}X$l|k=`)DHi0qhXDMqrzwOEKg3lR^BvxmPQbx
z3A39X4I5wSNtJ~E63wsx$HO^W?i0={8&((RG<`1I7O7ba7~(xXTK0UKM!GSNFO^EE
z)%%5EN}G8^$vE9UaC+1$+28xha(;6&5z}4B1i$7ohF-d;^)c%oGv|`@UDZ?;<D@z$
zDcB7X8n10n7!e|gk)?X*;TxY<t-lN8t4|+6XzU^rSo08u$yW<FCpDkH&F}VamU3yB
zmNhp#1l;+1=hH7`(ra*AXf!c@aLOV-w4)9b?g?ykwA?Ycdid~Ph$QMbI3IDbfCqEp
zF@BbnSR7ZgcMoQU&i<TSbkIvp5*Ev5=sz^p(2zUt)EUGxO?!MH14sY`R5VXI#ETZr
zsqM(lF@TtVi+Vve?R?5w{_({RP>u1kUm9*;WqgkYyt9ZyT+`?*(6f$Br1$S28Q|&>
z*~}Kd8Mm%fW8HO%(Z>FGUm5_=qSClrx*T>$YLaN&vKWy}K30mCgS7I9olTq_F7L&q
zu>HK)0`(XtHib)n)cb<o^EW(1|AX`SYr{92O0kQDvX*n8BeYjg<zn$w%*Ewus^3=b
zj$I5|{v-?I_P#Sux)*Jid>js>g<Ua<=mTE+koz6AQ29G;GJNf<np8F+5uu<ELUQ{5
zrFXzISx3vVE)TL6CgCkg@YK4kh!}poLbfr%x`BU9e7TNvZ+H~d$aNswXI+Xdv{kZ*
z#`>#tGb`zvw_Gw04;lM*g3SF^q`+>t=lim!qk;eO5$_avP0Ql4^UHv|LntHpn35r;
zqwpLqtJ52Mpp|e2L`u=MVg0HH?eFqc0VOWAl5gz8Y{OGCqh1aEPh2^hy-d#Y@^tL^
zSQTaN1n?tv*f=>eK~#sIRFj;2UWVgwzGs+Iawv)MJl!JKWXV{NF~71r$R<Yvpx#L1
zIe$Kn;{&2$i0u}vTT*oRJ(3T+Jv`1OqIs@EKBeXHLh9%cE~@vF=qGyS!2Ft*JgnX!
zyJ#vJ$x*d}vVmEx&WgOgL7f<en+~HK;PSQJYGYJ>r<At&{K)IsUgo$7&E=Fy4fsN0
z!U`jyjBXj+jcRb%`tSrk>5^-3uK*Hy_o_A3_zdJG=Us@-YHTiN<xKjtU91Cc#`dvQ
z6XVXsfy)34>c?z?aeV6iG`%O2`(K>>EsBg>&gbpf<>m6kr%(4OPG>4qejTj^&dtuJ
z{?Bm%bUF&pL@90gPwsu~${m-YyO%)<VBT#Q-gR`?x!Eia-M4=<>{}n(7fm$xGs@b`
zUkB`bTF5(CUtxapG}5@z5!!cQSlFi6>wM#n9FS1k#4>0mL*)#6oyYgp2i~#^fW5|1
zaG`B&`SboTO<)=;X0P$K401dT%cWcg2S0D0a_mh=%*8Kp-eGHTVS#l=PX4fSI*@t5
z&MEyv>Kx#F7}8mAZ9A1z^P^30KB|%R{o)Pr3)tg7=$r5D)(qRs5Aq?Iu-`ObC@gS}
zIv^UYVSEu<O-~$NqY%O-%y<b#v*_4Z{F}tI<!@E`zap9E`JPv2R{bt<z3xK22|p8-
z`kbXDF5#FwgSoEBNuTqb*&*+pA8B@a$tZRyrXa71R72OJR_ZNOZ1t*@S6}+PDjlk8
z-2i%YzoDJlGHpSXwSe=?1w}q05IEtz>27oC9F3|Jq(ABUkj7GwaGj6~J_hDqs%EA#
ziesi$I1@}WVLm#Vo$X_sHNwA;pY_vx!;=_fmP9X+c%O8RU8v74g}jn8g$EhE-W-!W
znKEtQo`yZ$LXzNP8u(tTK+og<r)VT+wM5Q8by@N4)e+vB;gow<_w%ej@qd2*Z<?#3
zxyE5EpWZj0-$C-MUOr!>dwHsd@34EVN-gy1@}OpAuc30l`|_aGwWzNBq5-!9%~8R`
zspi-2C!{+3w3v(M@gADN)!tyoxsvGCV+hHdWOTlHw9*n%;Q5OGlTK_>4&{NJLmX2?
z*E{OohRO!xByGu7lVZ!yjHjdB#uby3Z2=!7=uk!nUs((Ka$z<mTgM5^1lONMC7Onn
z-4}Afb9F>D*!!V<QJ`=}uH@{)rQ7itJ!i%H>Oiohi<bgZ)UpH2i`IUV*%I4ohn-|h
z^qG7=0t6gy32Tfi+&tN9wsY#ZWGjjPpWY0q*V_yK5$(I3&mXT11pj!YtK0INgf%vL
zW=5)fjS}4(wc_fdXPX&H$l2`n!v`{_UqaJcn&h&7RU7%1k<T2fad<<_ivcvct)^Z_
z^yitr=GZ1A;#E8Z9+8H~s^3|mNn>;{U3whm^H_+~>&K1Ww<#08=a(7lEi>t9iDIYW
ze~@R;)-41$Ry>%H`jCE&IZ4q#RC(yv6{2im=kTgQ-5d}d7oJ5(xQZwTuTKHleI5Ro
zG_BPk$$DRWAa=OG{NC%<|Byyk6TB{P)Mg6$VJFbd3^<&tNka;VwVD`vz21DTpg?U$
z7({drt5q-gK5)S-eztAZDPFs0V|_ERMCHcvW1+P&A9Ep*f#b(y>5RwWBa19*UY_C8
zT|zeKEE41|`XhR$d<)@d{clwwqj@izK1b`U+d@D83Gh6=wejDiwISd7xv2?W8Hlkd
zfb@8q(%A0&HqGCE))j`;sE=QtEP?V0EhduI+U@fg^L4ywsIA{w;K4{|H@dX9iBZQ&
z68g)Sg!?{6^uJ5Z6<*bGGL<GZod~Y#%`~k}xAVk0ndBV({7*3-U^w?Qy!c-8L-K!9
zus7R%ja}M7w-)GNT?Hvid@i|d{PcfaP)8KD3aW2ER_*LXNXk#-SK5Z$DjYnMc^T)a
zs)G|d5dXWGW7Q{Fec+u5yF;rU=jvENLIQgXOP2wDLc!Y$f8FT`YYr14OwW@8q@N8b
z3+A%Q5lRA+`Z>Jo8YV~oW!wwft}yePUfEb*u5f+(Z&wq8S>9(7cxt5s@0S)bD^X7o
z*VEU@J5lE@=NAHUAJhz=_XQ>Ho3E^{yKrsIa`o0eYVk&NqGtBK*it*#wW}a;Z~|oc
ziZFF26GNp>t+#nn(cI`RFrtk9d^f!GK7%i*z2K&`!%FUEQ3r8I*he{W1vTQ>p`Ndj
zCZ;dDI;0`vLty1WcX12>+>k<1A<J&`@cupMX)-Yd3Wv=MB#)LNxtnPZOl5&?9XS_`
z<E1tS-NXFdgP5+2%F_#`VbaTb?Tu1nHR{wiXi6&<<<2Uepecrj0Df?$u!o=zsXpF$
z5{ZKsU{L$r1!vF3`u9v-ClREUAE%o6sV6p5X-p8&;tRRFgRS*j_!qPBU!HXe+@6as
z`fw1RH)5xBwN&PNUj`T2#sm$LJT6@DdVlto7TX~#_!hM^6Zwi|yuugmzb(>BEt$Jo
zn+ERk2`fEBl<eIbLe}gttQ;>6oUTs)NInq3y_6~TEYs&pF6uduhIbz80Ib&@n@&RQ
zehE+1>pPp|1eMtt)ao-2k}~~7U!oxmK{*@z6{2Z$T)Naytw_=HQwvgE;Z>pJ12*fg
zD_nD}uP7wIAf~-TC>2b}c^{uJjbUV5Zk}nVZ7R4N$r>~Q4|z01EKo0K&!HQ&S?1s@
z$+2U*(=*)eX^vqtGuB=qcpW_5npj~La8g(#1Zalq+xDXGY@8xsDzT=IFw)?DTfc89
z`37;zBk4sJpLfmP6L*6d#rH0GzNz|V^;#)5cxtEAdj_DrGP-w#b#&5f@Kc2MFB=?c
z);ZRf=eDd$8I1bq5hro{rf_TdiIHtxM=xCuWE6@*Dc`Em*ef$}&Z|mOue07#<pYo7
zyYL%kF=+aeNnd5@4XX|<brb$3I9rU<U~N)6_&Xs`DR9T#rdERX4s6$w$jyrjUtI;5
zL5!AlZF<r&Wq7axXI}FR>vid72u@acR<q3AD{G67|EGmXQo6GyjM(u~+R1A9q{iri
zx1RPg+g3Sa1VEPhb8$++Wcc?Y1BYSFmX5Fy&BA^f*$wWR(-EaQA-5!^|3dcfyl=2=
z_>0$_b(7F-bwDShmPw_$-o~IN7+*#&{PTSO&B2P?-k+*#8BZ(wb(elNz2^&fKni+5
zzdMW+HOX2(IgM*zDKrMk#S!-NjUo<sx*ur0ZV?GYua>&k9D~i*HALTMQX>+N2=7xC
zLM~{&tRMVRRA>+(raBzwsGYuy*C&$NR9I~vs#Q`ZZaxUG7&?`aG%3rXPSYPKZ(x^7
z$pKZ;>2J`cUVYCaV)j{@oSW!r<c%*n)pPM|2z2lD_x}>SyBYYcka&}=0`6C*XhZ-h
zZ@Sg>OA;iF{G5~XmJ9uaZCpQi-OoGhr6zir<TI6pr>V9(JUgrqM$O15%Wj8|tqtHy
znKUk2;39=nG3e`PKRH=oc;SLD=ljikmixztdI9_bW?3PqIbaf>SDthIG|$3~sKmAL
z4uxZ1zZ;}hsr?&ar{fkhZoyyXhJ!mt9g5qfP|tTZNO6{Rzn4o{-y()Z2k`UM0I=+T
zFtJ|KDub}&^0W9wchRvAx&0v{@zC5TQE=em7l$9eW3--ro%X7(A_0uF&6Im@nk2A=
ztJ)(lZw}c@tE>K2Lb6J_8E;bpk3{=epaf6BpKZU=1}AV06Wdo3ty~aIcxj$pX4BBU
z;_~{}xl3oGH)wE4cbI3($GS(C+c~vs%|DPD%=C^<HCLgQ2PXZp$+>vjH|uSZdx1eQ
zPip21ee_HBycW#S-I|(c8$IW#x27JWp~h08%|4g*qZ;b9qO3|1$kqL{hZPU#q>GY-
zfm=9O`J=0^oS@UAM>Ud&=R-6Y0dN;d+q%!<H$l4B0YBdx?3U_5zx+!#n#+W%8YK6)
z`iT=h)W?<8$cURV5*4ibB^`Ujk(MWhTT6@ANO@gr6(n)Foi41l&?9AO?k23E-q!$k
zM_Jk&_$+5-$l2E9h6~1rp&2@NJzDIpf)#5(PType&#Z*5SIXI94=1yGFfx28AGQ6+
zT^rZLl(=)^9#$>2?d4*Awj}f2%(4NaR9ANIi)y{`N`wD%&A!Bp@qK<sJSuVdT~t?N
z4c2P+`}aY%ECDCT%BPyWfsNkRGB|B4c1CLSSI(-LU6NFufN)_*D%E}S$w=X)Yn~_5
z?`?mhHvb|GOPbP4=+citI<UaTxE`BFORCehmhW%JI1q52_RXr-66tnm^xMyp@?_vW
zRoC7kZsF?AvuPES8lJ^XKpfAFcoW}$+;Uhyds)NqXy<#$Ys+&9pLmkn!G{Y*%)`As
zCboXlewgK;!dHh<NEda^Y-D#9W_G4tkEgN@J5y^;zZ6JeR>xyygy7q8TzFT!KH2Nt
z3&06aA0;y)w)M0a5#iIZR4fV;DA!VUp34Nsna90vf6RP=Bb7a@LCw+$8K%3z{ZW<A
zf$jYw@Thi^$yds*CTsr=?d%lggL-RxKI3b_6-R}|%Y}>BcyV1I$zjnbOfnl^Du3rd
zIeGIEH(+mnWx`$&wopS<;Hky1(U$d<e8-40`fbBhAk+QAkPpUkG;`I#&ru#Oe%vO#
z6f`uc1U*x?`(_m23gX%~T+io^BZEFHB{F$c#gX8zL?a-)pQ@TvZJ%IVVYNmq%=xZM
zpw&Lx1qF2!9`L*ks9=}+&LUtjhLwOqO_tp|Gg*6vix7oj`*jx~yA@LQl2wXjXI5Wg
zgBpy+O0G7eWF=(ZZBDZhxx5;_`OVga7;-gus#0M3bdSqBamMu5Dnqc5%c=K;!IMSL
zI)~~x)JpJ_3?^COp3Rx`$HAvnP2&~c_lF0c`SDAt54X^ke_OX;F>jIx3K<r3$c4rz
zcTYQF6J*MU@INJU8}gRPlW<zE!v&Qz&^n%l$EeR)A;CnvWf+d3!e7r3rgEU3O+aEL
zj;DQND%7Z)zK`m}g0UeRbTxFNDz)u~kkmPi6lej#=$DuGY<eLo-l)>}rTLw`(!M?P
zc?XhKG#@F-z~hvv;Gv4fiUvd%tC_}?t~)cD@ZPGH9kXeiQi8AmMxyf0wF)3)QegM!
z8H;_w)src%qJV2AVsN**or@(cZ)91Do^q~_<a&LTT<^4Ga5P8cxYWbLju!FdS6{D6
zyv-isRo8!YWhZg_&H7B4S+|*KA>D(zT$4oqxM_nWegiM%&&V)Q&Yc6JV|40OOYttc
zjbSJoFGh8|x^(GOqwUeIP8v+d9n_C^NRU)&@Om^V1q_O3Tz%aJK^3@^N>qX}Zh?^=
zwZh6}u}RBy^O3^VyZoj@)o^2xN{(n)t!spgzuosznF+hFk&oRQ15u)ny4OlR(ZYSE
zjVhlW^bCB{uziK}a9FA9w@+Y-;vL2c1?PkH*xbdG`lYHGu?HLvB;R?%k>@ha`WR6T
zCpWMI;&08O4R3~<iYKA*rO}OB<}7Fao1vgl1CXrhNZUGn@<OLR_Q*2izDspJ0+kA4
z@!1zHMY*AM_z)$!^^P87dk!hE7UQ_1PfIKz#eUdu>~U?y;;%?0yjB{cUh+Xq{s`nh
zZ7J^(vo7gAzyxa2ImW}jmgMJNdJ3+3otN9!zvUh@u9m{rU{u#@s8t&*3%K`F^>}{j
zQKH}Iz^o58x?oV#8U({CfU?tHz!Nq>%Biu^eo2Z`_A>p<!CzB~Y-)%zc_zkt!^j6}
z;^{9!S^bSnh`s6U?BGsp*0bhk^*EtjV8Eg7-dJKJF-OO!9>Wu#IXJz@>Xl^6*MFs=
z$HC<Q2i2dLi0bxzA5i|H2E#j;+`-|nD!<Qf<R;^>?Am+-SlbkS-^mY4T)S2|lS}ED
zLvpowcwY&Vn)5TxZ7{;8{KT=*ug44xnO_Sna3v+nv?GDn*sW(jjTZlCxp0q6vYb$9
zS9|Z>{W=t8_}DQimHEaglfMiue&-_I!^yjaUaWX}dF0WAe=#Y^-$ykR#*w0c%+!Zr
zdTjmvT$2YzVJ*;#(Eja<6<uF+4JWf-T3MOPFKJR&@6*%>s0+0e-NPbSR#OSzi((#d
zI83u^dSWmT*T((==NPg3IA)<04b4MzgQIAWnbk8qH^z>p#`6^e4-;l~BA1m}wAY7@
zORs5l9OYJy^sh8blk|^PJn2DENJ|;qzJRqB1<o_jM_+q`6+G4$e6BfGT4)g?xK2nQ
znjOr{6?Ob7cCy8q2Zt5qLeyIV0`APunC}w>tjC{V2w_Rd`jF5s8vGeACd=$r`@T>6
zcqR%m8cvSU<}t%bh(y=kH4Kv7*GkyKb!^{tl?sH~Ih_RbP4w*(JwVRIlN)1h!+?8r
z^ZUPK@RZmU$}~oo?l(A=Y2t1mgl?OyR-N8`ypwa)O7Vdp<Vz{hq@2{5?B;9OBII0?
zqB^sE$Hfk6Z<tfVY4)*?PR6KKT=JF-JOjVrpD&QQnO}#nQykNuMk%-Y(fc=4^ySc*
z75ACoPMAbbX|Z0R$h4O5rm>%!1XmuT(QQ>CB$X&`%q-x`T$FJ8>sLc){#(E5Cp>Lm
z-}=VkUOpw6A+8sslv90lp9|gY$%WIH?si<r!ki$d+q0s-<7v_oaUpePOLfVF4xC9c
zPU)_%F`L>UdgbZeljCLSWga*m>S>F*czWMnAN_1kx4UQiL*hxKhDPTPT8)@!k^%6#
z^2nn>XMx?ge~()88oT|#;SZG0z>%{Y?vt0g+Sdv9RalymZy5Sa=_cwN{G)iHkWC~$
zX*(T%B~Y_}G(JCdv3O?ZlW?_y$=)sZ5W#k6L74OmrEQ1?f*BH$dy3bV-k%gusi}>V
zC@-jT{@&`&oJqmzrL{7elLyYcEd!}QAk9eMcPj8<L&<+c)yx5X>bJLVwLNqn%6Y&J
zTJ7&c2m*|)UY7{_r$xG~5siCi&EuNS2c53*X_V}hHbT?)FO1Akrp1Dl_NlR=pi+Nf
zo6^)DpNolH)EKXywaV4oJN2$A74fN{L<s@)IFHg6C`M|(b|jh2iF_Ik^2{j+@mn+6
zFo<#k9FMl<b%aGVo6(~jhw<WD%g*Z&*nMWft)?!7Q$u2=z@XWrLze#N|F)inH;^;Q
zAsY;5PBG7OWOu({ye{x_4YiN5I~;HO3OOsUWvaH&3;1!YqU7X&8nEX~2mP2*Y!m;N
z^+rNMBEUZv!vdgR?QRn8s_mw63bw}VBL>zemK?0^s*S5DFVl(GL~QaQYiQ_#pRUR2
z85f(3c&~WN-X-;c*2|Of+PBZ@V_%8h6<O?ksrjxjg_lhn9nGyB3(KJk8%i0rCAELv
zahkHAGb!(OjFwpu^=ZBlWPGsuSlyd*tqks04?a@E9%;o^P{`D#kWUFV4NIe7Z|AIu
zoCA*>gdl8*8J4#4N8}oV{oY3(&wZD#X;Xa@ef#k1#l6$l1)L$<H0vuzYcJtRY!lfA
zTS{fZO|-cuj(JGD5rpn``5N@Is=hr4AfK*RtJoEnxl14qanES5fy8o-KKo%ga^iUo
zd1J)i-)y0$TZ0!PY`yx}rZ$!yGjEomZ#?=<wveWdeDZyA4xK`kKI5|epbP6zX`SuV
z5X$Y0YS|Y;YD{PK4*OAF<iZf!TZhQ*-%^vUX>bmA1<~d$O)TAh4Gm7lHBeOZC`S1B
zD$jZ~T)>$RqQCik^T9H|YCj2nIjQ+M*U=@(>%i6?G)8<fB!YX}wCPZ3w3VxtqlA*x
zHxvQad7EYx2*EKGzAGZ?ojtTB2H;7)@`|mq9kZE*5dw!*)-*Ky9;eEF2&&KuztK=u
zq4dJE=@r&RXd~?oN}9J;e3yc|UOVHdeofJ)oULJ9OA&Vux>c>elw*JN(|5g)W7@(r
zc!^a9c&XWuWL@NoD1X9xJpxYV^D=Lreq)nF18)2h))j>Y!_$xm1CmWC+d$2f!MX5B
zR0m+(%fwUtpF18~wEcdE9P}_+97e7KtaHA*lmxq}7_&z-%4j~ofYuh1^Xa4}?`<WY
zGBl6OEJ}pHHoz*EltuGADS*>;Dm$ZzZy?FwIj2PC*SAB=BJMjc)Hq)z2c+yJ-q|`X
z+0NOr9E~`hONL_h3l0z7L;CnSDKTDFQRoNHZgxZ9o~-6PfS(x4RR_NQCiUZCtEiOO
zXqMO-m#!UePt9ujyoTLi+|QZ4iumqfcZgjLC$?px$~72Ifb1c@M?&xi*hVy-?xxpi
zUrAfu8K3j({+tJrNVFL(K{`NMnXUn)>><nYIt8JB49S24*aGrZ&em^X2RMvA*WZd^
zo67o7ypu1eVc~ibvpVaT`?8ME1w0<9bLQu9i;>jS^2x!zM)o01r1!|j*wrzGo(E#@
zTSbV9tFc#btYWytU(PL&>Q?|w#;GqpHjMP@@r@CX1(w13ev3T?SlkT8x$@U)?5|*2
zRS~1T@11EvbJotpa$Z!W=O}TLo#>PRU7VO|OJsa4=^d<Kf(5H=>BEf|18jU~YBCTL
zfS9g>TBu#JTW{jQXq2#1#@WfOyfkyXxQqntFm}|VwC~Bvz_Hiy$aB$)J~P>NAC`ah
zD-}c>d@E=Jzv3+q?>==(nO(sjq>3U0x?}5xjSk{948T)Jo~fJ3cahQ_CT2;wPuJHO
zqzWN!Z0NvEa1x|<&C2QH0Go&b#0eHQVH)?Jo+Ghq%+_Qhw0bfJ&)&XxY>zAG<>I%I
zd_0DK1q65>Y|MkyIW+@(1a&HFe)oYcA@X<2G7YjJJ5U4amO}<Rkd;|+j(|C?)2}ng
zKc59LEt`^ePX7nx^NYs^-J>(O65*WrJwEV$Zn0KW2S$9j9B{R?IJQppj7y%TCRP(@
zo3kOR+rsN$*M+fjG0tY{=00<D>PCNc)Fi8r4+tw7cm^`WmDJzBiZ#)a!vB;OX;Y02
z(`(}8CQ=4$zVk*6JHQktRxUHyx<>k6;}wbs%uExh^FC$Dyk*GFp)WZhwKzQG`wx9~
zo<UYmo22Q1HLmj_+y>qz#T6RWy)L@fI>$5HlB8rs>_>RJv<zf%%yS^=(nPS@R#MsC
zfn4)_Gv%ARqKjV&>MI_Bb{S4%FY;jama4_|PF^(DQ`G&cra1Cm?J9P)dRAtu;km!>
zYO%w`Q?#2%zb?`}Jj2#oAcbbAcf_Ff>T|zbbeN`655NwuTE@>W0s$SjpW(k{f??F<
z`uC@Y9lU;+t$#s7P*$N!g$GjOf=%u$_*F6QbSR|xB@aBaNUPQtHNADQH<B-Jp5j)U
zxbfj;Bv<nr@GfR))?a0fLHzL=!AQl`>%aw5nizbZW~TG~>b0sZqrITzg1jq6lMegW
zHS1vVnlyrKR0lX@LRa4I%hHOY^O{=4>Njbs8l%B&KCH{21#@ofxTOkGx~5>qJxt$!
zNn9W9_Nbie$h63<>bM~{5Vuoi(I{K4cTg~v(Iu-}5?1-EuKyWADPvMh;X<TzMhkX4
zQM=81d^F++$4w|S7AsfWvD5cYWo*C`wRLK*-`5|-8E#0WPLRGVyuSV{Lnc|0uN=G*
z`LeFWwJup!uTO3NBHYS-q|Nyz{?TnlaCjy7EkQWo<@zZRV#{Z$r_6WRX2x5lgV8PL
z*xhYf`}R#6hXgzEeMAD(Xagm?p}Z#g@L2?72e7*9%K@l+wXMt7wG{7j$m!?!46JvB
zhPu!Dr&nExvt}#r5DT_QcSC5sS*DJ#c3$%x{H5gS_E$#7QjXUA1HB92DL)?@<HVxc
z?(jPvthnrj5&RagR(a!;XN~A9fZxljouYgpqHn3>E&K|7wvET6#!_LP(Cl|!6_eTj
zg*`JX(3I{_YErtg8|>!WnulvMkXX)v;~46ut~%C3PI_l<NbPrdu7*JwL0NuV2S&@k
zG(R*A{4%#Py;3+j)@_nXxG8-UTnY07kH^|Lye_J_Bylp^CBas+$2DJaJ4+QMe)Bnt
zai!c&^18#=XvLYxsK|`?s_8J;#0kBM`p<t6Y5Y8R_d;IIQ4)++&-wB0#aD@(B0o(c
z9-59ny2U&YE=&bZFU|Bml)3lVyrzIk$9Uh5g<5>oXDg<h?B;%s2kexYC>M;cy<g>g
zsXJGXY5$9HwO#f7uHj@l>3do;;}Q)+-xR)6$>hIkF`t>C|H?UpSu{%ZV;(OO??yh_
z^wa*(hhxi-94*FJnV1Xe16kwK&%Ix|u!D5O^r%E2+F+s-aalH+G<o0TSPINiKEl5(
zIveV)zZs<nI4o?Jx8M-wA1S{sarT)y>~?bIbHZ(40}-}6^)W%18jV&&*(w>v4p@E`
z<jPIp{#3=seY*#&!JhLdCWMX!wj<vxbID6pjkDDBZ2P6^g0Z2U-;Ky)T&-L~I;I*`
zfdZ?go_hNDTM*hS*Iwm@z?LRr0WWX*B=St0zShf-wX(_8r!b}}yycuMI_^&6M3V&_
zSr#e7AW>Jwx}NymIcW=-fD}o^!?JQl%;*g2k?lJdB0VHFbbw#m<3c`m1iaKF{@S;I
z&CY!>uTqx}&PBEKvpbX|I8$`hVkhIA%(Dz&h1@q*`m3AxP1nXT#HMKOu{aYagQMGJ
zZ$3=kdnJ0Zb!>#NP{mwIibK~fYFcSU%tkya7gY*{!T79Qw9RIj=@FQ?q?HTDoZ`jr
z!2{QE6T-(*-&7o+*`aDBBFD7)o^GshP9}POe!S_rL1_lkI~0V1Dl@-0+#S5wOW?D;
zvc5}hIgckZ>A<z$RrNMOBN<&`6w;$vW45VmAx4opBhp%;Wf(AV%3)(TXV1udCJkz%
zXI8wexAx=lQN4k(aeeq+UtU}JNX~;P=LNg|#5rosQ~y#t%b>yM)4)WY=^5mX%zAja
zr6)t;rbV(bc`Oovl9<c8?uP<J2|a2x5I;s!f-1B+iafM<jI3Bo;^t`g1gep42uK`g
zzpw`Tf7pA|Xg1sa@AtYoPpYk=rMP;jDvGM2=C)dDrlty!wrY%_hERz}OI1rzZBg@7
zV}u%Fmb6vWJSHJA6eWm=DG7-rJN@7Hb?@i@>{t6)&tB_!vCkL0aju*>m*Y5o)A#c|
z!4@PrdAumR;2=(Ln0U^vA%J6mYgy8icfuD9UyB|an#96wEz==c9QHvqIs=KrISp*S
z@*<dOOsF|p_Fvf?2)D(u>DL8}k0ZXqpbHwRA9jcbiGd9Z2kp&x=bJ{4A4{Q)l6bAQ
z+GSy0rr;<oMA3pju330b#XO*%B^0V(YniYXm2@4_>itIY>8EtK?}gf6LIC19soRUn
z4@~HyTF=`#8TOvQZLN#7!I7^+m<wwD^P|Mn)K5z;G)#H$^!A;4Ze2Q!m-{gUPTz!;
z6MC;zrmf#?clG%>xf(=BzW|LpJ?WdW6k6atNV(nlut|O#u(;venj_J|3|<`XIwytS
zI-*;Bzq3=lKG_-VtIV`q6<Hqosylw9u7&(kxV1Z|)*C6_v@*DJi(C~_scA&*^?gXF
z6a0I(_+22XI;C$0yp%mRlL^L6LKm6t&HYf@MBFB~qNLiDc@C{YD0xNh{0b-1f=T{B
z!K@ok1S)*bm%B;nC~Y<ElA7t8rYj<kb-f`#^*toj?Xx(b;6KsBE5p6iNPV%s(b>y3
z!NJy%vabVkzX)B@IlFTzI9tyC1b+jWo##YNUZM5jdp)G#>mc|UznRe=z#hVn;epd{
zeqOj#_0IlQ*+_HGc(%xj-bhDsk#pf?U*@%<<ZVtw(P{Zw`dCQQ%EqNz&Ew-lu|rAU
zk?h28x5TBD4u^1@Q;><Gqpo1*WX)Pb#Fd#EF~M;NXQT1Y>wsUu1RY4Yq1yTP?{C|(
z!&(;7Qu9uwhHSi0-mK-A+mwGhX!+)d-&|Kv-{__2a6e4obZM8`-<G^)h3g=nN1{OY
z?&;QZ9Gc`nHG0{$-hNsAm#4!|F_PI~i3zDwd^!7tS&sa5oyvgz%oL59TCKNJK1Kb6
z{?Tu#E~B+<BQLAOPbO_8c?Xa+vMSaML1Ab}^sFWG0NHE2Xag2%{!4MV^SMZ<bZ{F@
zykc{2UR${AXR)l)Sp@a5Bf;xR;O30L`33KLKgCo{R2`aav>7X>CyHdW(P(1I{Tg)7
z`zOXe4s5N?w_qDH&nnwS-bdKC<sg0l@9?ChQZ8y_lq9t=$xT|2sEj`+`HGhL09U<x
zB$;Pyj;AyWO_x<m$&6M_osIvvN#E>xzqM&<R=;lXw$xdrPbhd*hMx*+n(OX*75h3C
znXYL9+%AT-Z)tZ5#3ze-#vpb8GK<H^^cXavSyiT2lBz+VU6+-x%b(04FON*<YCVp0
zk=f5^(C%wAW4Fa7qf;C)Htehwr=w`?&a_AT6ncQ4w<|i7fg{mYMiUT4|EXKACv6~1
ze;WQT*-Ik7g5&iA-c*=ae0Bl)^?~v?Tvfc&o?;G6syQ-`AJg0eo*&L8Uw>Zx4uL6l
z6W$Xgj8@IFg6&9G@apym9Wt|ud5bMQb<K14@gy9m4Dqz?!-Uil&i3EwVP$$p9JNKM
zR^o+2?hg~EdD|I>&q9Memo9FYc<<h1H0hL-O0$+HzF=w@@o1SzxT>)$^kw-Q86v%M
zo||Zl{{b5=?<uD{H>zRb=Q_VPc8=|pj>=ibNirLhu9R+Vv=OQ2$c@A*!h74qONQ`>
zmAV^%jRC>ai}2~;iey;$hj6bf0}DB`n|YWjsX0J8#Ume(o-v{!^H6a_EC)~-kco2v
zX5I32*^Hig%8=95+m!25g*<=4o%?e9Z-*9Ve*9q01Q5zByhlcfqDGkl$Oh=d^hrDD
z%7S<3^X3`tkmg>%yDJjfa#fAM>z^W(S31R<NjgMlJ>yV8Ezs-fnuVGalF0i(<J5!(
zhq=~Hpl?M_ovIClCe1)k6SMJwtop=Vf&qWH^51Qh8;U1ypmO6lK#woa;Yr+0ZmIN^
zsV^4lXD%n!4zoM6osCLMcbG(i3jv6M&2Q3ogfTx#d&wZ^o+B8sI!TIymnQ)no#J;S
zB5#>83^FhqSKs}cFTKoZsk~G4Mo4yWkLQaSJ|)0+`tz+g^5ez+Ap;1x)?va=h9X}P
zO-z4ur%>zEL&xqiww_q0!(9z(j2%J8Fg{G5&?F*E_^k3Zc_%x#74lHPfBQ!zJ=)78
zhgF*mlXHp#2?}}v+URPYuN6$3up7>ybF&6cDsPDH!qEP%Z5r<4iCRO|oTu%Zu78>$
zFVHcM$}j4$@<lM&sAy%K$~Rlr=qg{EVu>Zu#qA~EZz|hQq|CInW-Fm7mn}E>VacTv
zQvz6jPm{II<IM!mfOseFmZ?>X2PgJ;guBU*c4aa-LLxOkAgRuL?8=I>DkAF>zk#+;
z6Q@CGjrLo=y}gRpjGPNMKN}Ke8RRU=mu`XrOk}@@`Rb5u@{Y(K*31%HzDFxB6=_=T
zcM2|rcU|tsi6@%l;TCVZpy58Hdgw~zVK}6x#HD{CIo8yQhU{2$XzO>#>_*S|JAVDk
zHve#3+3jiDQxy}y#RFr2Y`6M-jYc%gR!er6`WWOXR|_^FDbhUoCiR13&ZF0_UzcU9
zrZ^N)L^<Wjy499a{ctNLhgeSe5XM?lph(PVEiGs0+^n{D@ZR-o28TCOHu!nzr!M?1
zo^nx_FTy{9a(gw>xOZd}YjGa6$xqv<8kdHOb51V~TQe6!akZ=4@n~+sLVz_2LCBdz
zozFrs%N~J>fwU00)mWQMq1^XGx`40Dde^l1J=V|1HU3Bfn~3SB=RY2SLAAdHJb`95
z{+)%>sJ%0CS1|?vaMA7nrb^@2H_8zpVxnqoa4|f%)+$FlrfXy{Xo~_Oar|*KClUYQ
zoRxvkDHJ^l1e=Dn-yZ`0h`JZt^YJwE4C(WjZUuo_(^($xs+by-sb8r{vp=@<(o@aK
zfnKc<3%QIHCRTsO;)vDKNl|&-ipTbSAZh+Ne=7O9B815Py6*<kE`#uaV)a#$I#pxD
zmgee?xNu-i^!mvh6l7ri1b%&L_N}^7=8Vq>h(jb|1eFG3EDntlr}d>u^|Ik7IqQ;+
zcAcwbgsG9$0({}69W9Rcs2jgZ0i`sJa=a&DF_4w}t}%E;{3DN0e!+ZUsM_vL2$tCr
zp*EzqdJ+8XL-AIJIy+iLi%AS<I)C{x=%yXP4Ga@#<abBFivBy<%&j*;5?lT`_2{;9
zNH2X<1pD8M`VT8Uicr8MNkp;duooTa(*sf~9>#xQ$SZ5`1zTt8Rx3<TBR_MSL-pTQ
z3Yw|N<7y?@{TKbgfI?zZ%YjKe0PjfBKJkhU87ho2cl27$`sHt3ao5S-BkiiiM{mGk
z2{=I_eQhwfFDxjT{|}xHICPly{bC7Frj_=xPHge)RYK+jN?GHgTj6;iFXu`OgA!!(
z#^kB#^E!0{H5pZ>O(_$?Ta4~#m7Qw4y4rw*$N5PX!7)3Q=N2n@FvLIMDfY;5Z39Hf
z=RPeyXv)i-AtL-D$J0EcEA?Z!Uerjk3W4aJXffzUPd%qLiz8A6>+!K5pwO}MXh<7^
zy8o+`_6l*!PynEe0<2^6Ek5Hj+&!MAr^iS7{}NuFaSsZ9V33m1)NXUjm(U2HhnZLH
zbSzhInzy<m5=1<j?~LA(Sk6)#UiYTcd}Qm6gC}>%biarz8+O^e?5m*Z3)-uvnNdBX
z(^)G?WiZb9uS@UMR-0T*M)gom*G(;z_51Y)##%ZB2HRzj%;=dV{hqX}(f&;G&DIZ$
zIg4tis@*M=BWvWM<(`Vi@446fTQ{>+CRxkN_N%|93~V43lUE<Cg0{wPg*r8u)UM;g
zSYs}I3tdfHvT6c9?+i}`&q*M&+b%AV;Y4KNWRt6LBl;5;FClfz%PWW}3Y&2AA^;uk
z9Lj6oG7FCMKMw$+#98A~wk3i&iJvQZDU^L&qVvaPucVguj&;{%LTa3hkNHu~fc`1o
z+wYb?LEVGk1Xm>Pl?c#&-998@Le8A`YikJUvWP2sZn;r^P7JR_ZR|76Op(@58W<LD
z%!WH+EPJZ)O`S&HG?!f&ZoYUdo{bGJPSMk~lsceS;2eYZkPAYKUyG+qIiwn1_bC{n
z6EPMIbvmKwl!$o?WUKCT5eFfd^Vx@pj*`yt83#78rN~>t@7&zW8A0-5eEr|i9zEze
zs>d~Q0sOgZ$wWHSlGjQ^_3SiJPVru%aO;vcA)TuZ{*<obX?$^v>xVIqkCGq#KtfVD
znqPf_1nBh<yqgzZA;&fxC~yv-VVQ_c64zNZ`L7h-Ct}~YeXEUhv;i0j)H4c@3F$#*
zY%#t)_zQ2JjlJavo(v;pzCUI6<F_c{_w|e~B@%CmNWZRAi$jk|wyAkNa5GO-8tP@!
z24Bd(e3P0_?Is|z!i6!HDhft~yeA5SRB5Tt+M|;Xs_=VVua35oO46DHv+{4M9X{{-
zbbLfDu;rby%H$eoTKU9F>va#-+g!soMwg4Fr^-zUWwkq*&_@}#DqKGx7FjkwVTCFB
zx;m^-J4RFl*5qX6_VhD?OI_X;qrf%jEtCxYZJ}nO<>+Wk`NJ^IK>--dDXP5YG+J-+
zw5~eln#}K@)-3VFjmx9mz3XBcSM3UDIi+De1W&LFCe|S0!b2)s(m-t<n~neYb~V1$
z1oD^iy+wXm)ML`1uRX5T3-+0`x=Pp<Dk%sK@Ze$kaZNjr>0%7cE<HEVA|T?0uQmNM
z*xz?gudx_BOi<{X;wU~DoH-mi`vMgtFiKEsU%cLgZOZtx`P{M^-LIH^25r2P+57uA
ze4ZkjId`BFL;Msfy?Y214o|>4c1{(8PM5WO^B_*DWqe&aLK<#CL0!TMq4>}&y@{{P
zt*Vi3w@j#@B_TKDYizjl2Cj*jjl`YT`AI;f_M-`TyGMPu7!IrT3P#$Qy-xZ4OJ4dH
zk<2hg><2LWrQqM^0I;n@s^8rTV5c|W70M(q@-VIaQpa&S?!4T{@WNyM_~>-H$D4jm
z*Ij{)7&!tWx3Ax*9%mOCZ%g~aNU)xjk)|VugbiF(;O{2!H?XYR$iH`4x#7u>_^P8A
z#<JKCG<AggEihS1aVWtpXe-0`{k0hv@W+i0)#{BDNy3hIJYPNj>}*k+C2QFkhFIwu
za!TIa$a{c=ym3SVs^QUBr7~9{`dbB;*9q#4lRr8kfdHSaN<s(0+%&I8y7qJv`Rx)^
z&qC2$wQr~rA;CZx=V4wAc2l@3bmBwNN96<Cd8(x$kCaAokFNN-<o6+^6`i*5DDL-3
zcWT9GYXQvBssEK1($r`Y339$4AVpYEOMbnid2fl6wN;8&bpB*H+4az*7LnTAXAn-W
zgXn%fs<J%RJ}HXUo>C~|j-mB7V_HXt%Ds0^veP|dI(_l$g!7I-B)GKp6#HnTBJtn{
zvM0_yRQ&ew82naKi?O3c4|22i@;4||?{QsCWg!W!|F32B#~<k1f1o1=Y!{bO2n6}|
z4;JR|)tuZvg<0nD4mnQCG*fEHHt~|)pr}vjBrF0I9x=H2t)aX5rGRi{zXudEp{!K)
z$*v(HeLHS6mNs6U(_wzjIZEln<`%x_!Ou<t3j5MA(LibWlxI@K(;$W%PE6eUA>Dm`
zKOoJk=vSN}|9Crmr|`(H6AEAs?dkT$leHk%xn!$0%GUf8zPS7-_%nLoseqJ*ZOFi<
zglcC+PM=kL14rFFUEL;4xwr16nW9TpLA-eRj5s2<ihH30R?#eT2Xf4%?kH7^3rczv
zFr@u919ivJa_G}~!L`{U+xUp<Ha&s5%(Eatfo4_RPZ_YvUEb@{P?Yz_d`<D*I56t&
zCO1j^x{DU0=_?R(GId|mv@+>;0lZ9Z{+4hUpexoN*Zv{jfrTP}lqZ&Jo~$<#ZY!5r
zXt%!G#7D+(RA?@RJ7DvjeLEKT#;f!Q^L5i<bnEWdUplA=`o5U(&{bybDHo<lG}ejV
z%dxM_S}JpDk2$>^Z+i%FSI$(*zQH{_*Q~h59sIfZTf}8k%8_niLPcfAq$rUd#?dZ!
zQ&tXbe(g79Y!E>&$<E}yl4NrVpeq%&S>i$WV{{1eMxFaK%7x#TUqc*ye!fj&dG5uJ
zN2e)1A_z*3$}-gE(~ifYA9H`~j?3L@1ub(9V*dwlD8mN2032y5?epu~OuOS37o(CD
z9DqRNDmxq%S!kHir}z&Cj6_lNA-7{snU>Q-7mhAxdiGDMDv#_viFad^BOw*42IU;t
z4^_sS+!12Ekkn}Tie>PRoZ!pj1$IFmX-~>WXCj{`(`X-if(>Fh<1)mCUFwmZ`T78E
zL6iUR1<vwPJ$nAh&!}1$T}PLTx6l|Q=-tsjeE4WbDdndM^k;qIVpm!cUgi>uu7CXZ
zLC4T;#9T*jIhz#VW>^Y1+~GSBx#e1fvu}LkY9C~YYx#uDoY7Tp(@HIOUGADDp*HGp
z8V9BK>4P`Z53Q_ubttb~acc}|p}$%1Wzcx(@&r-5Zl8#Ux(_vhc}4Ad2<ey^VH-(Q
zSp6Z%uVP0v(FjH2Y-82T)r~n~;Uby886~dW2$u*4JXmfx*_LPRk~;TJ?N<tH>n%j!
z@VFi!<f`gFOUz1RpOwP>f^bXIi?1aNoCI|Xx3coJE7uS}>oVYY<;RMN%k=HS5Zjl*
z>*3Gul|&vwUBP{?0K%f4$EE;Bi!0?Eyh{4DNv9R}^F%c-pFBlW>=_v*1nxP1a5{R)
zu2xdK7R(j%)o^R4+vZSWmWP$N1Yz$vZ3VNl0uCv96C%exw}&(v3d#H4JSm$c7zzdK
zn%*N*%&U%IObz8YjKix>;QFd+CgK~qIV20R0E!EBtv|wQV|?A|KB6~ru*e6*j6^-;
zi-Rak1=UX(<T*v3@#CwbhBg(+NAHcQ3?8#BJrZg}`a3jI%ZWBbItwjvmC^XRmr`?$
z&9zQ%oeDahlaYV3$cG@jvFCM*yNQW~+Psj@OrY=jbgtH?MdAgo?K|96rfG8X!z9^H
zqVeb8809nhTaeniW;ut7n3ofe5_qIe@3&nSBR=cuKgC+CeA1K6ogE^3aQ5~zgGa=Z
zcgKEh?<nCL@A220%5Ocw^SAy9Q)Rr4_ee&-B2)%w`<||)$sZi9(c=0IPz=JjfWDsa
z0fFl5wEP_BMKiq!3?R=@P`}d6iCOx|Irep&jq}J=VIN?ghos9V%dBIhht$d^`Kic>
z>01xnq9lCiPn^{FbBh;sr~q+T?L)`4MS)8LLmkvrcD<LBk5^6j<{md4cbr_PNZGFE
zn`SP42s>AB*&G&*KHMWLufOYGRuIDEp2UCEKBu;6zr=6dVQ~UI+2j0Lg_kgT*BAux
z^%Fj#vE+|FW-1B505Y-!O{`)bd%Q!p4G;zp>{qLjqoxx5uW*E&MvK(l)dvzn?sZ4J
ztGKf6Jc6w<Wun?3X`U6_w_&okbx480Pej4QZ)l>mXO5LhY)yh3ywyfZDKpPYD&124
z@>;D0AcOEiQ`K(HJgzkc-+CHv9<E!`w(i2IBAIF&Tl{ne2I8-jsUP%n2j|&aehWI9
zI}`SDVjJ&S&3MCtGD@J?z%|{ioKVlf{Z!mStpQQuI-)%9=WWT6f3JaOFW>y(z5fnt
zEiT-qE|X+gfTV=gNjf!^=s!fsQGt2mX+di6u9O>>@-djvipHn$hxfT&Zims0eVu~B
zg5vA;VU&%nXq1sMfsv4Np?7lauCwEa1N@*{Df&f7VI+3IYGIc@7oDO1%BBtP8VABR
zeF3MJcB-`{uORxkeSnZiC)c)6*Ci*g4ypq^lDKN-5UTp}z4Mej95ekPOT;H8J#hYj
zK%=8Ug~akP{UxU!rJhX@uQ?Z+y5<L%`~#i6&#nQ_HH?w+3@j<HMT76%`q|`AHp@e5
zg^LYSL*R?rwynB-ta*Qsn+bZv!z#8o`AayQn<s}KdosDXW@aArvRKW{){gn*Z$+4Y
zjqI1S-0wZ+)|!BN)doel?m_Ta=&7sD`GWeJ%0};?AXWR;_q}?TdvKjcy`|J$>SV^6
z%KBHAUN|8?1joOeT$JP)RG9M_N7X5QjD0uWL&j0MW;;)pif@uLM25QS7Tb1Ywa$8J
z&QP4AS(u_T@B>@6;9}b{6q201_O>z>1+Fc2#P^FPpwur+t~@TUBsjFzh;i-rQu@9+
z&ujaiEe@fY|1A6Y_VC`i!L!N1kje93vzUXa7Wzarhj++A<=(-{U0|Cf)M~`#sZ-9y
zU_xWRlZbcd(?2%XiXI$&o_s9reEp|3;@YEMJA2xW3g?fhc}RTrGgH3lyF1f;CC1Ew
zIHTxGoT=8=rI)N`c;b14L~r~zw0y&r@iHLbxX9vB4~xXf9_dPh2Osmw59uO|Y@H<=
zq;BiQL*=M^PH-x?GsfRxxZBVCoPApJ;gtgl60Jt@qlF9^&Vz)7-H>X@?4^({+Hndh
z{f11w3vaH4S1>x<l*p(XfKjfy)OBO6ZwaR_AT0fd@L}bDjcegEZ#})y=)7NwpRph;
zLK0=c4K)3np&UJ8v0m0>94~KoEvQz#Ql;Mv*UIk=HTI#x@B<^Y4tiBnsB9eTY30|d
zjBrdpq~hy-)>hkH(`+Opr;#vrJS#EuZ|sqziXJ>`l0Ov1FEUOtu+<e3i3j_o!1wD1
zdjC-|+?YIZBmRLaUTi>g$(Ypzw+nZqiI=|_k_9Q0<^gGB@ccv?(K|U-w104Tg2lN<
z8c4nBJXhv9Go<k(wt^~hOhXt^S9W}I(8Ft;^`J)%<I;vaJ`!R|`1Cb<4g6gxtnF6w
zeub@x8mIDGNg}#6w@IAo7JLbPY_KB9b-+*bBlf}ODU_<)wI^T?@WZ=DW4+Qhnrp?P
zt(rr93ZMyl{+0*VZcBZ=A4QAINVaZQ>j({d`EqN6R`s{9W0qU@5WjKBjM6_nI9}Qm
z<Saa+#+D4uAWPb|IMTulVseD##uE4%5k~oJYdPgt0oPpte8F*Vkv&9lB`=u5U3@v}
z6Gq%7$bWlAF0yZo$N5Hf(AB=)azX)syU4)34|PiCqU~bV!>9dcGzE{^eI}k(RG41h
z*9(^uQ$;mB013v!9=%@B*Xb5W9(`Yk5PbPq+eO7z*UYbU<vkPqLlJMX{*D=iLfSis
z-iz#*pf(~_>-wd57`X^Xp3tEY<JVD=6;OSr@V%<n5MSfcpG12g2%|r*(L;nZ<VpOB
zKd$2NSd-=u#kmlQDZ2jBdu%`Vt^Z_XKRVTQ5~M5o?0A$~X)K)&wXGNuwQm))XknFy
z+AB^^TeeoZ$pA|_OU>Dg<v|PzKs?;Woy%0JlVamOn>e*>DQG{MVn4{kgj72Qc%Qv5
zSIO{p1$<W0{ADaixEX`co)#FRb_w87N6k;v-GR|P=gmqD^OicW(OMz82`JGNQE%*~
zCcZAA0bUNAoQMxi;q~~8$n)E0`}yVk!FS4fhii4tjuCuG$V8_ydmae|_odQc2kol4
zn2%qkt&(O#RXEBvmh3+ir^-T89ZrTYq#WjKvQn-nc<0?me8XvS-{a=aF^lThZFh+G
zqxw#9SW+<@sS#spX1)AS9zbnt+=bw>Skw?&xno+0id~QjCa5jEdGUj!s&ccKlqeHZ
zjxK-xv1gR6Lw+@!VCntQqGDAop!M2<5}&hP&GGF^$9C<*fu#+}7n;~5-+ji2=V&f!
zS|J(G1g^=un)&JUTQ<BuokMl|)tTe727ZH0>V)|lPeT%?cs9T~-G4$XJLzX)##7FU
zo59vTF&$U4Kjz+)xP@)-gWqX#*U`0xdvDDz96pUtAAX*=;O+jGPg=32@?)@rE`PS>
zL`L~TL8Bv<-;qpn)#M$i>>CD-6)AnCWBK;i@VeR#ls%l27fS{ZEhS#kEe~ZKC<+%n
ze@k4?-OX75&zsgL)Z&H3h>D{Jj}{%o_V)LT2K8+0`7=QbElHt@Y5oNguPIx-N<6--
zr=icUp#$^DtChv@DB9hml)m24rYLv*zU0tUGyn%I?S23E3h61N<$}3T_Wk^`8ew}z
z+;)iQ$qxbFd^mGG*>De_>u`=khq>HCb{_^~PFR7lVSr4R!qgh`Mv+)ionq|#P8+yy
zbcZFoHL?9wxG9cF7b|?@D5S&8<!d9~ofKP9b}0ZpPjROHHBpeBl`RI%^5LtiI`k`}
z6QPyw)kd0Vx7`en*wz{2UKHmHo<M*zQ)bc13N_tdN*WU!#yS{~@ceAp(-N%%DV29A
z)$%T#NRP?Ayj6iY0emn;Pw&e<k*M;ZfS<SfTB>5mF-J4dy{9EYzJ&W;8Gc9*F4EV%
zV*s^l(Wu2d`B3CY=6wG36peXMUSw{{to;QrQb_eIKuED?`!?`0`+QG(EX@mNOWpg}
zWEJh}Mx|`Yx{R)U5j2afUH6|7QHiVNOC1k>3wGBZXpmXCUc2*--=K<vhJ_>0bv;b|
zO1Zs#L2B1_jdc6g`6F6b?Cb}N7NO>TTqyw@>-+r%{Ys_cR7;D+O>)zi8n2Rgro>~M
z;s%=jMo_r9*Ds7%8f8Dmn683WhT6{zzEu9@e6e2##F17LCI!4&&3>9F`SH3leC3&4
z6}>COfkxFT1%JW@0b~yD31MS5WUKMZBf1RN%qEw&_o@neRc%J;X3bV5RPnMya(FAV
zfg}^`cWy?(ZSiS(ur)@HFIv6hjnpG#Nj0|jtCElgxk*Fk;OXQFgV}aMsnK`Q3nd1f
zgZ9P+sRa<y%C^IsCNAm3$kjq4vsh?oh`uy}aFJXk?|Y!giFq3Kkh#=WAGs-2jh`MT
z1WZD3xj&vWK88?}7aa#AK*`sEWjXA&9_a&TVN8=cM%g@4_vE*?)MWL)#>e~F8mK|T
z&_|C+N9pl!XUJ-y!ru}OqFeVI$Wceoq{nAnGnx{UzB`Xi`TmKQX3;C#xQSq7P^PPv
zZN^v8rkk`tFpN{FDkrbPiCKIE8|n$7&rHkfJB0X8ElDz|<q*{8b1F@>FqjAS1Fg%B
zo|SOHb8wPSisVG@qM-$btsiVR(?4#iEj(B0*DVYulc2jx!mF54`%EGv_A{-&1t6+T
zs0^gCdUY4TK`jSyYh#?2FPB4|AgiKF@kB~~zuy)0Wqg*RZ-2s*tm=w`sUbnrLHw*~
zHKL*qqIn`a{(>R=oxGQ>=s$7krIR<}OYX)=2?)gRyo>SvR>KEe+G(Hh6ySq{ciAJO
zt>5ZnrqQ4AA7X>HSS!Nr-^bLQg7mg(R~&MH>-@6m>&uF8-`5K|oECTe3^!k-OuD+(
z9n@aXUn$-&hSW9L<rK=d(;ncCx$I{~Bm3x*n!taNF;N2%EMdiP+?1sOPV<D}XFYbG
zSN4sHlOjaLsoJ}U`(B1`P|A<JA-P|R(rbV3B;#v!M?|e-SI=daB`9XdsVliiRGvYC
z4m5>#$aQI1sIF$9Ald%TuB5HOx9iH@d64o06>|8`!Cj|xH8g=y?{vv?e38%FFa(`!
z+7rPlB)58B)6v4WoH;qpUKKQre9jpQSyqJ>iC`8QJFXMzBTTjsSf_W$_L>QiVz7VQ
zRn-<|uDivV;p0Wh;WKyoB4+RO)ib8QO~>2ie1Gs|^NUeUa@Ca<nQv;WwrQQ`rW7JB
zZ0&R(sQTNvgM5PQYH+;x$IChJc)jKR`RWP-JC`|Ui`>BH^a$m~9`#N@e_;@cQXm^%
z76raWF8vI%zQBM?OmzrX%tg)jMVz~zQF`_vVKH6a<+|fQSX6;=lv+SVt8VqygwR)Z
ziqPQEaDV@-7~wsYcL3_t^S?FrOIOw9?3S=Klq1>9>Qr7{)pL7Is?>wa5lX6KQ12|%
zkW)sR)_EnanH2u~K59Lr|5_jE#Dska@W;6QCMW<;YfPPh>wXXF(^|7GD#D%(Ip^0i
z`m0w>>wzJaGr=*WT(4!+@IKZhX0&gDMqfNPem+Qhjt-*7%)5W$%OD^D9zhe-fuULG
z*a37%KEBa#c{BY~rHbed;xFrxcz+zV^ETvOX5mthE@`Y0(?}6+7--Ede67J)8@*|H
zs<Uv)F&gL(#)W9V{gBItp$!#MBLj;0gDz@*J|Ni>j@4f1se0K8-i?f`2`3mZIlE|T
zY6a+A?YG^Y?Du8$=S38NW`_PinM@4II<RLBDqzD(_KnJuXRFn_ta9P+u*N<4Jo=3r
zW^oqF`m>Ve>^reSDVN7tbuIw^Z}tg-TOBd05afJx{US!(?CJ1HS98-5TWudUsafsE
z?$_F76x#1g`JLE^fPoW2k-_cvM<TcsW9UyzS5xSN$!`F0)IdOpSF-|yw&?P8KGq9)
zGgL4X(Hrn-dGMk0EoFg5cy*BrscRgwpQbn{4r(0GWbEFd`PI}Lz0o>`ahg+FUpYt-
z(st&{892+5=2_lU2UQ4@oiQ=*jVSC$T)Uh~@BVJuaf!MIX3`i^?&y*ixAF0)&HS}j
z&e_ON-pYly3iV`N-(Wun;Y0=U^>fP+Av^tOR>r11=+g8=q?WUag~R>?((mb`%%X%X
zC8Tv6y^_vN^r}1`8a5!y-WDruM!8Pg^G6MAjcGe}cL(40m|Y5-94-T4`-s{77=NTf
z#LQ$iBSO3s3?mAe)b6yQlhr1?UfX22I4E%H-(UOmo?dFiT$<c(iaZ>P|Ebom0yq6D
zoHeGZCXhpvU)6@`ziHewVT#>ru|w{P7m2V*l^vaaJ1_t_+%OY*tcGiGbj3doot>H>
zQEZyEf`nLxV_zzELTwu?+8sM_S#7<E&5T8<)h?@MO5k5QB$v|A`=kNvB7WClQjb4n
z5jM>y`ux}Rj41sKkaj3f#mOgA;#lp=8)KJ13ey0gMJ}URgqZ%06o{KWbhLi;btCJq
z6SqrpDz@VY%0u0)7heg9SAPHW7_$17zcLc;Q32|}_vA6)8$58mXgqy)ZQ=pNpRcUu
zM=|tqW9qNXh~h_7q~KK}uUpXr$B$A|e1~$R`eHv@5<C|o?Y`z32mlg+Ec*o6Gv}%N
zZlNMzrA^MCcgpQePDvPeQ}^bLxPNV0Cn}yY#rj~2>gFIx$v<Ly*)D1lR`K*2we=Z?
zTD8I2bQye5{JQfrA2D)o0T}ApudbS>wBoveSptZ7q6Z&IC}X}~fLK`E1Jf|tfKRAO
zb6Zxy_(|HGke^rQ(2By@L5Y8=J|g85Xez^K9@J44+-d1<Ty->_oj&O8qYyfN%IT$q
z1A}dmlkb)!(hoMO6Y*8)gt`#|dY%iUrRynfG~wS!oNF~mLmCWpjy3Fqm?b=!mhT#=
zHbQM)dGr$!w=fZeU3ig2I!_bE#24d7RAwL6ms165Mg03K#=PB7zr5BBPS)9(QpP^x
zD_xP7658f%%E>97%}nQwb0drZA)lrG3Wdj)bh|kd0l^4}27C33?D$vw1+28}qbzVa
zrb5ox6;g^tlQ<dZ%ex14Wk0sY%Z}Xy`9GZkRDOZ?`%G82@^@W$-)dp!^g1%se)aPd
zd{suXvDdzJYZIhfCQGfzEOtu7n%MYjU$9?$?vkGB8tL5#_`J4P_*~MXQ*7^vt+QWu
zil_6C#Ll}$d@*8;<9WqLDV5m;`^8u6_2x$DFO8ua%$dsZ0yo@C(%+3{OL(%rW*Z>E
zXw{x5L(Te(=L$GNccTU6Ur<7@+?HxHaDhZci$P-F(@|;@i<!6_TELdC3Tr%qS0prZ
zkCH3ep$l~9V%YLWhQqR-M_OOC{?&V_7d!5gWQ`C`jRRTOIt-w!w?0HGXJq4>3e=~l
z)fw;6d*!AcSRa+4U;JqCO4!FDB1J#wr6ikrMqoMn0m|`p2$uau5+<#4-J!yc$9ZQj
zJmx=qtJP?m8P&>>9NJ45zgd3@&Z;PG@B9+j_}qrZNY~0w72le~IB&`aTTk6`0L{O=
z0T$ttE5w7Q@W;V>8#<Fcv@_<cWVGpw9tE?wx_LlKt38{#NlGmjFP{skL;KWt=;k+9
zYJ+^acC$XFF#UswD>nT7h04`;F5xInY<ktv&sqX{7|la+-maj~;|q(04rTsbb&*G3
zF5Z*PSUoIh@10n^fErx=66T#kYMxfVeEg_qbJNtdE=PTslioFTJKa;|bCr)1r{K_(
zsghrbI8T=mdQotYnG+FM%9adZ-uynp=$Y8ra~zDw8xLh@K0+n7O0lk=x1^lg8QEhA
zE<}$_CwL|RnW~vm0oQ1s&NJvEytCMxPdUu$3<-YYtiGILF^X7BU9@_b2Fpr!qv?a$
z7FeUGO#Is(6f?89@Hx-jCXN!gbEK7?lrfuNDw$u(P#YC<ciNnO05md*om9Q6qH@wn
zpO4D<uPe9cP_BJDw>rWn-5rB5Y(5Ufe6If>(M`b5*Qh}zF7+K-iu-J}Bb70Gc%fNG
z`jc8=HD5Uj%$t|T3bWe6EeA{Vnr4-!%hQ&;(pk6a)K`^k(=?7*@f~**$GdmU(^tbo
z>{?$c#A>wWm*OM3Kf3A>GTvzd%4Q>-Q80MXYApk|werB!ui`0?al_LylnrwCw01k%
z5LmPT+j9(8C)pfQv(d}cVx$^U790p~+!918ejMJ{6pQk$dy01IkgK?E6ju~K{JF~J
znnzedi16v?Z0WjF?5BMr9Za$}18AT&TOkLiU3z@D_nJ$4#)9|oqDh5{TcOrxZ6nhh
zjJZa!ho{$8X?iymls7(y0xyj4!PptfywLB*DMb5_K`r|f5Ba(281Lb5O4GyavXZ;v
z<V3>QbT7VIAWZ87Lyw`h@ta`{UAe6op*tY-*oWUidzl{ixcz7c_&e5;FpF-KzkWI-
zr#8iZk}@*ML|Ol=zPou*5Vt7X%X$gy5&VT3n&rb>Sb61IbyvU&qr;s>OAF2JhRz`{
z>;alYy%)pCE-S{Vc1){Y0j^AGsY^_9Q#KoYCFUP@Y5w<YrTfwm^m>+9t-6z|oxeh}
zUM-wHA$Bf?KQ%PuV_vf2T%G8}ZpFKMEsT9dmnd9VBDxqCWftQqD^%ub_;n!p60S|H
zkWZx8VE)ALHB&U5UtsOGzCdgy#p)A<Bto8O)`U0dtsi)Ee1XzjS|LS-df0XA59LT^
z<>|v~ZP<w)6gpPBHI)qK+u5~l<D2O$b~|x)+;Bca6ijRzaAL;mp5LV0%?t6r&#&A^
z81}R%`fGKgR|}2kz15bsPsX4%3#;Hq-92ao8NgX8^{B12$9}J#mbFk(nU`0t(&y>+
z!8UH{?!NPCtd6{e>JGm>B2s}%xJ6M@QR%15l@p}ow{Q1kqqAWgA+T2zqq4g0tE(gH
ziAP>{56X?<pVO99Z|O?~ao=3c2IeX5k3kL8r}osqB{M3*GNi-r+SG9I3MS?AJHeCp
z-1N3zN%DI7-$D+3W<c;Xslz0}Rm$W*Rko8bOCzb-*%aOH!n^1WQ>(87&RC$>J)7OH
zM&ZzUO0Y4EpG*qS@K=0xa7X%B17v!K7W?{^j|ZiJ_z*=<<(&<2_U#$2O>@VN(cQry
zz`^H7>HwWTYr}{?Uu@2f=Ec?gRY5FA_%aYP#GlpeW1YoneU5eYYG7g{;GDAJHP0KN
zvZo!ho9+D%M#k8U(d)9q<$W46oGLYXvew_}+e&t1W@z1elqF;jCoA(?><4p(#kG<5
z7d>6(ydYW~K0K3{5vm$rKO4gZC!;L_`mzL&rzjIZmhFq6Pa<sXWmf|0P1uOLXFqJ!
zW1Aqi@R4&?6FN6;qy`S#MtGFG4um)Ta8^aJZ@g)RQ%mt-%o(Jre2WKvxH3m6^JIev
zG1KOUGgFn@&?NxtL_3J``u;O10`MHxI=}u=F2*w`g#>Z7PO2Zjc>CI{m!jl&Td+|&
zvfY3-c&>P2Egt3_{W6P^@-Kfe`dO&g9|s0TzipkC9doLq3Qz8SnV1t-`t#YG*Oy?$
zminBXs#}w^(0}oWE}EgGO$}DNf_rY%{$o^@8mc^$71~$Sz78c=+ALTQ+(JOq?vdg3
zdbygWX<X**m-^W#6)xVXaq8b&BLCNo{p;&~SVuOtJdF0N_8DM*PNlozF@dF|$9zk+
zC>SNrP5s)jb+OHY?29FQYbt@bLpgi?cyjL8c0ep2e79Qf<S-x;4%In!rtG(o71z2?
z-i}nlK77(2M=-B4!B>Y~nX&149@$s)PcX>;%#x#fN|M(F@Slo7LvNCFdtaCYXXJum
z2cpW_LBAIF+89a`LL)1->TB(O4}uRS^AYx)ZQWi5zr9)1?$b3^>pMHU<-}%u=4=JD
zjRC<-zL{5VZ?RfYMw->@RX#~j@_DXz(uR8Z)&Hn=`Ck;sFK}P7v&qgb(es_f!M~3H
zw!iNaxT2`Hza2UE<u!D5CU1GspIdv`p=aT;inM1-Z&d)O>{Q=}y<iaj@89kYHzWjp
zSS=v7Y$z$Z*LH_w_ysI)z*qX3jMw0{s2Yd(z<<A+c6D-^?|%>`{4Wc+^@m!%8lYYi
z<mTR+s$(let{9wksNpA$17JptBVd=vPmm)%Yjvch*_Khq5rdiU^R@4ViyqKfi-o*-
z3|^-^?Ci)>OXsbK@mcPFJkw%7jaQGbTTaR7KyLn&OXoG&3Bs1{^wlj>23j8{ld&a-
z_eRawB>(bW3Q8lo8U8cU|NBu4_>aQx|I8kD>jf1=o>J{PC7zm_(ABj(!S{}M?q99w
zwgX@ebJDMP#HBqmlvAJ5GEA4ND?MAEJny|UH-cVyyjaXPYt7BO)Q|6l6?;w*e<pT}
zj+VusP40OhF;i7`o>}GP58@Yef@2nZRE7AT`OgJ0`~!XO4sn}!I$k`KPfNI;7vFr;
zPGmcT6v%h<JIJ@5+wn1Pb^CDDMK+u`mdr)obu;R_>zH(;?($Ht_NvuF(ch}S!P)ep
zf1QGTp?#w*%%ECIuAM%U(C#DiU&maJ%g2%o|D62x|ItA$*X4h5MF{@EC$9gu>qgse
zfL_=HZ(fgFb<y*``D6b6!~dV9{;$_{`+tR{&cF5lYlrRsLm%tk#^2}i|Ko1UH^1m?
zPe1jqxA~u+%TCtDX>vG=@NiRd056rD*_odE{{X7ro^PmsMlARGUjI+e?%(&{(7mKf
z{Qki^M&y6?Cx0^W-@(588~(Q%oBtpB+W%iY)(zAJ`T1oe1g*BEKj2Z6cYZC4Fg;%B
z0Lpqq{lAZo+rytAw`Nsrjt~6@<6l*mt`@(|z=1RJk;>&%g3kW#Fzrs3XzcpZ%4R>I
z(WBmem-%So`+EKK^4+fU!rbZO@TP(rGSgZ?x7L>-eOXOjPxP~<m2Os<_x-BACoz#x
zz~t!|Ae`+yFWTpum-)5AYb&;IYNKPp3l`e^Jc1KO-0Ba4G6po|Ly8T5vA<ePvPK>@
zm4M&Tp{her`1nk?FF+GC(Cd^J<sNvupPV=-Gx=_`u5c&Zly3#;%X^w9vK#PP-46W+
z`dw}iLg!Wizlk5Ms6SF(^&Z`=V<QKOJut0hVW4br9M~Tf#`;yTlTN>-MsZY--3hES
zwqHi`aW9L-+XF>jD+LO@LdgM%gd_sffvmp%d=58Gkm?<B?Q|6n;S{>_$X1Y7YIC5+
zOC9WNRcT@LGNO1DQ-N)Qc+2MS)cSYcA`_?5D;>DiMHW40LZ_0O0<839LOqcpeSP0I
z0wt7saV+6+05?%rUgf>?YrgI;3ZY}w+HYxlYx7L#>`-9xIbwmOJ+?rDM;4M$3Y8@|
zI>QQ`HE(btK9(~)YOOL`Tf+Rovn%tfo5@e`>%<;N#G^>I7%8cZSPw(mD@6don@Gnm
z4Ud6gZ4ZD`1+AxMBPmax@<fTODGC(cr-viRAJ_?Y;c=Jm86O~%q>XHYpH^<@k@6-%
zQYtp$4I<>FcX0zYJq5htcqFehk~O_JomNJ3I!f=<_W*}VtZHj;xW4f#Vl7<zin|ov
zlhz1k_SyJLE)w_rt%z7hGTea&Z@O3s{$inRjtK!mB8qEp#HP0$A9IS}uuu167`&X2
zU#nJMHHrauR19D1H#oPF+Ls3zg7hH<v~oN1(Wy~H?}f=Hj+T(MQBm7_pWvYKVGt;z
zKqIKEbQ*8s+9W#mr>#cr{oQeS6l-^%RFDOn?k<4&LF`27&~fi>3GW6)r}So23d3T1
zM_E>M45~l0I^MhMcrGK<zP64BpSh-{uWC%rAy^+)4Bv3jz$&5>cn0z1O2PS=Yn%TB
z7SG<BE)88QvejN+SIp|<fPOoeME>EuSA=l>PU_ZO+s!g!Bd6|um^j|M2XhD%zSD2R
z;{tz$&)0E%=SO!Nw3JRMHvr_Q<+s*70O;jS`KU~5z9}+rq)1+^bonixl%jf#Teb2k
zhf2{fPMp%Xex^Sz_p*kmpx#<$UD|r?Q(z!jwTanjTsAw8A8$1onA&`6fBXJ3KMkEc
zP`rt?0^;*u@AxwGoi!?JuGqchcsTW-f^Y93V8FwBYpQ~%p>ikW;gAqMd<=`RX$9~F
zoMrb1JhLWxykhbUDR{~~$isV)Y3>rUQkEl&@_S2kuWc}~1ashA-_w2c1_7XP6MbDY
z7+y_2S9<Lk(SV@8^~#Sb;aq(8H-Y%5pc%6L>ctY;Vz5Bv0>^Yie^9})wZc;V1?SPI
z*N>;1M>k+Qn}H`KxVJ0y+0(3_3aTy&0VWuhNIc8B8t@_~!|s69q+81f!0^4@tK8e#
zH6BY#!bwpED#iq_T?vP>R{aLCn_UU@YLxN$vgt+Zz9_lr2u?H}#k(C{9LUH&!0dkT
z><()Kk-8+sBb<oXv2J7I^Aw@JtVw`X54#^_i9u2ZRHW_7wC*mmzxFjT`!gUj<1@@1
z!*e&{DY+j^BXYmXSDeH<md&=DLvenYN@%(rCp|c0B?DTFV(M8>a?>@V$02FP_Q0a}
zvxz0PY<td4=0L177S;MPNV$aT|CXloY<ZWX@|DFdC_B<O^tUgJLrC8(R&>7w%)0!i
z?Lgo!@*-7$&LbeQ_LQigg1PN*NdH;8P_3X}NXxB6I%x5P{t;9SZ6W-h6Z7Y<4d6bj
zjE?qpkB@<`M&PR&CWVC%_QlU$zS=v=J0{H=A<J>fm_y>R!U#Vn*~L6KZ*-dAmvF@r
zb6kpJkA8zuKcwPo6MTnuTdgLsRQh0YDjQ2|S+beeB6(C|bcS!EP65isz50SX#wBpG
zR@obIZ5X<DO0Go~@kfI9X<8pTJ5(0oFiVo5_-Ok(*q5}l?3E9aB}7R!(W|_~Cc1=7
zG`;JgO$H#icxB4;(V`9vVdhccH3X<fJ;Jx>4CWeVAt?vh!|ZKn_j?`ae={k)qtl5r
zo`t`bSIo++aWb{1J&`>#=?62kIglfMYPQO0yqAQqUB@*13=4+J7VfSE!?*gI-d>4T
zrdyk{nR?#yn$vr75KZ(QuH7qht9rdGI>OXme!wg?R@t~zV**8zH5<kjbM8(ObMk0m
z1MAYTts!xRvZpl3CQ4FFaF?U|D4*^-sf``2S1f04D0|3I99{VvKQV7C58GfQw3?oq
zp+qaK892mAsa@gOd#&?cNJ`&aH_6&PILT^L?QNL%Okz;`9RhmKZtMuU!p4<!fEnC6
z3wGb9rnN%zk?#s5xeEqiPvS%XG^y2ZFkbFqxUTqsAAJj{OANZQ_0*4;Uvn?wiS2j~
zPor$Jkt4ud7KQ8bJuB`E@aIwpgn93?q8=KH<X7>u5~+*AUi11PT`)*o<4Op}drk9*
zdquZh#DmH@1YNm3LU~LpIX$OzmD~y5<oVzps>*2{Zdzd+yvCYcliG7X$06{x5r$ZX
zt(<l%ijFlti(*$;9#<-G?5vD+MX`g*N$F@vyC-gb51KWr>wA2<OGQo$J^(RcoCD0q
zFuiD)N9_P6^FB}AJFEOCz?T5apr}R?%?@X2mBzy_M{Gvpxt0lf^oauIs(!v}fa2)i
zN`}So%4DJwnT*|FE)SLx<vj&flijA(3FB0u(em0GjX6|1>%E?T;!+u(BJ{5{&ceZ<
z*Xdz2?Y@C~iBchh9;Oanm1(v?rD7YK3c+=}+n40*9CxhY;sM(LZ9P_vUhET-oqNU0
zuh|i0zf^BkJiza9qB#I|C}OoAZx`-5`D=u;s3#>Rl94<P`68SZwx;77Xc!3q2!C|<
z2nR{PW0E~2CW;O9%ACys5g=+fpG!tihu85y?oiheOQr=It;E2)b(gcgW$Q>>UqDT(
zCs&TNFYi#r0ab;gW=KH+vWpdG`mc2@?HwNq2qr?&dYa4Snv}kyx$ADQXO>q4k}_D!
z*hjO!z<!J>I&&&bS9z3K??h<g1<B&f(=h$hg*pS=EkTgFS1|*%qHXXRbDyo>y;D1@
z6L!#K<+$eZbMhGlKGr&5+ZFA2OBNESmwSJw(H=<3a&8?7*P^}afw-8m6W9IiGINlq
z3~ni^QG3Gotv_e}1Ob4uNVM)<@+fm9xe}W@wd%w+5noD>w3Yv1TM68{Ke?x*FTIgh
z)%q(V9l<<x>a}KRxKo9+QNryr-I1UOgp<fj80?b%9n4?)E`U;s;HgRbO_QS^YL=ya
zck-=b_K?VLk6^cp?OQVn_K;!j&B$SX1hOG1(3z}E)xWlVjvaT0@HJE4(}#!?)8>Yl
zpMjwb^;1xj&uK{+OB39=;JmY&lq<^sdY~#P<rWGtb1}XF^6BD)>b-)IReT0$A9m0m
z=U>a!?Rqm7u0g>gb<bx<fww@sh-AYzt#-`B`f2ic)R<5>+$XTi(8b5_948nC&<9tF
zyES%4tg(KQ6C0cmyT!83__CaeoiJfV4|}(5|6sy^4G!h22tv@W0|V>ikha=fDAq8s
z$yi9T!Oqplxza=bxRQs@#sdx;=Y9de-x-P~^^K+3Oe@kC6`|-jS+CLdZ2UcaxTD}C
zv~`%)Xtz{QNiaZ6o!So6VPxhtq3hVhp46g)6*OyzLQDjv%B1<b-^E_LI$5WhVbtcO
z$#Vk_$p$_Ia4^hY^`4MQ>Qa+wBn8Ap(BxF-2+-|y$L{dJrU(vY397C9(dG4$)(rw;
z`ptDBr9(>Qpp&p}gK?ZY*AScS-pUnBq|B6J@d#d<kcMteWkqxEhk_3};VphE%f`<n
z`*9ok76gA;E&$7=`qN1~?iZbt710N{B@Uk<_$W<iSNU9dCjtrLaeb-BcGW*cvyL|s
zSsJ!+Qi5yF?~f~x6Y&(u2<Mt|$gc00y7v%M3kb9`#X<tgXW^_t2asn^I+il2R)nr}
z_gFf}FC`M*(r$tfMRq+?coJe@XzD;xG^M!tKv>0Lyh_s-3~h|5NX7_3vusIR6I0ds
zl1xR=&)b)(S5Xe&?<L(YlhTEkKA1GwBu-?P)jf|^#9<Q2%j@d|O2<jNmWt<K96I$>
zR+(kv5%uz6BPWd2%*^2CRt|E?&H@8N{ibG+bCyn9{%KSj%9*A!NIkX7BT?>vxjFWZ
zCvY~z^PwDWRd^&*%Z#P#$6<7UJiKCxBS?z$)MdAhWeH~F-0U}Pf2;a0Xp~ik%VE63
zh(CJSWuU@(?U-k=X#})Jj*vAO9losxd3luwnwc)UJiLjwn))N+g>}|~1hg!!G*g1*
zgSPkGc7|b<4*NvCt7I;}had=L1HG1GfM9DrNcY!;d^#}uKSn>-Lc-e#C(zeTJ<@dC
z*845(tj1Hr=l2u0yHfoc9S=gZ+#>hW!E1N2*T`Hu=z@OgQ%q)c-AwvfD1#HO>h3jS
zEE>J<pv{MnhgYltjDhHMI={I5RgpDkGfwpFSgGh8u%y4(Q`vYsOBa*^-<o*r26Ixq
z>{95F<C6EFt>f_WAZe2|wHMbXbY+au0cTYrMA8CCBCR`Pw|wPQ3cQPscX7-ckH>DJ
zecOYez6H#hvXGHy*?yFE^=3Am*S}tS!S<7IVn3ni%ZsNF3uCo;t?ON>HBYBSP*3^3
z(Pa;X%2J(is%O-dx~%bte)?t8B=yz}u-kqHLKV{Nld1JlMZZ~L`Cw6NuB;^D7H_Ju
z>6v%SJ(@W6u&VuBaq5fk9d=@vYOVYyhy^=*O>%%*J~w`vGy4ugUkoms-Z?73tPA#T
zUin+*;BY}SAcrnGe;~ovDKBNfNg@zaYpH&R6qbsFfo<#?1068==!*~L<q5I~=tvOe
z`=zQVrhs?JTs*$|pljYdKaFCwr9s&_(MKF7?qYbZz%z&XQWoF4O>Gi3aDkk41mok$
z9%ge1=&nA8N}rpenvX+c6vqMEmNfA(l4oHgZO{d%bR;ZFD1Y~hETB2>3vpItI&3-X
z_S)=+fN?b~{lUWji>Pn$XZnx7@9vY5PoYAnltQSG>s%6wm@wBy$Yth|%iJ%Oq~wxv
zzuzyLO)fLHk;)~^-R3^IGn<%gnAvaN-|zALeIDDN@P55s=XuU~o`ZoAgIBI$FZvRz
ztG*U6a(?xr8#n7rYQNKN*f$qZBsA@mSY0MLq(%v3BweCJbDxu5Yeo%y_;X>z+BMU!
zH7G`7#uB3Y>?C`-QZ7f`I!@L9l`6VR^14h1-vwfuUSwE+?qilko<^CqG=Mf$Z^6Rz
z18-1HqQ~ryhn^rkcFsElC9)@M?a{`Y0$*vJngGpx$dqnc`u&8eck;N_y?U*@&A*fs
zla4&LnSFYwGotuhdz<FJH~arT8PjTb%lpzn3U`2yRk&s7M}x+uHrdC<7N2w)Cj&P;
zXd8YXWp}kLVQU*BguF|u!t!NB!G^F^I(wp-Z&#`(l)YeI6Z7@motHOnyt(o3PobBD
z53y(J1X?USk)C6dHdvM|y1pLI`Pog`R1xU)HnwE<OK6KNDgKik<`y?A?|nXU?ew)X
zod2~me>CM?jeWmlzw>)IuIX(TV|`!Vwg1ilwXe@R_m;kygtK&LSn2(^z0T4bQV*tq
zF(lHM?`SSctX=$zV#GSXQO0MaPljO6Wi^YUh3f*t)>TcN=Xgd7bBTY0;&bkHSYb~0
z2(4r)Jv{V`@h=aa3ub<}f;@8}=M6B1zBzdK{%}PDuk!q3z)1VgOgduc#phwa6{tmh
z^*MTwnN{IE50AvNPE%r2_HYdu!~JNfh>aUY8LHNNHQ7_L;+}Q$g*v0p?8_t)$)`iA
zBj<hVt_H%<>WDQ%Gm|(|B<!AsL;OsamR6-ifAgb}&iJwJeuET3=*YoR7??59+my-h
zoZTvnpxIUXeK+#_<sa_oQiBB?j9Jkwu^58T-Gdmf-5)0!9VZPeBhA>D3DH+7b@onj
zjTTPipt^7L5bS~Ro3Xs+U1P99&+IUd?apMCMLBSRgcetT{m})J*6iDwn?KSM!;S4P
zZ-&g(1BD|F3Lnr9*T^M3EsGM)lgN55v_+7IDyw0*4C+D(VJ%g}&=yt>D+PqP`BfMa
zI3FbYwb9hdI$vJn!{68X3-;e?lJ*#(z($?(DoPOd?AnjNuC}>g*~{+4tUsDR3Gz<E
zy6)`1Dy)r<o9laNv!m~GhMIOKDK4d4?r+(#z}bo|)IXzGHlBBO11mOFC+^XN>V4w>
zAWiIiKE16CWrQa_RoRc!+)b4=_+(-3UwGfIX7umC(t7CV)H0xW(=JOA>NmOqadL)V
z024PWPDix;tE*sH-ryFqWsP94tMa{Tr(#N1Yk;skd75tI;5J2IbXrb5KM{DjVs$l1
zNYSD40AB^FM&P^q1NIa_PzGhD)Ag&yxYYzE_&{7TGXSJ#nNKO0=|#_?RT2eH2ixZK
zRPJdGm&S+s=L6%D9WsM{@1R&i7M%X+M#A;5=SMR`sVfRN5YpeNHJ80fFkki@n^v)O
z^C1|c1~Z9BkfpB^RPA3xMOyL18}4@ZiV*#*=J^k$Yq8L-K-OWbV%x~%>=|X#lJVbZ
zQaEGFC|kr%zXV3Bm~S3`!>bJ^pay#&X70LiIbPx1w-;S^L7RZ93{(As(UUzn?!~l^
zU3G1FOUlE3ijfxeNw?l1sx7GvU}{#dF0Aart-jHX3cgD9Nry!>5QUGKoTw7kE8V<Z
z6R~abDevJzr~B|?MP_zRNgvAhmru{J1plS}yb=#W4XZHafuz0)wujGMBY$5!oR?z|
z|Jbxs2<Z`$Hx&UbZA+1^T$IvZIZ8(NQ^Ue{DXL_Zmu#eAp{(6#4oYOEt%>N5w5MuR
z4B+aivvh;--R&&j<!rmmt<S9yWGmNwXZ(@9Wz5c;=JZ<(mw#Gr&{A0w)eN(0mbYJg
zUz!b<kz}m?@zyL>^V<8O;rI34;eOW6M?;D3Hjf-`I4(ccZE1F^p*5UgNsAtcY)>CZ
zUv2`f*JLY;Otu)8uypgf`UpsdMrGA34K%ZDO=WI4541hv<7ABWE(3%nWBtSxL&CoN
zz@=UiqC@p{bvOkA{Z2x;FY^X|W~%4Kg!c?MrKDblCPxa74vxZ$L@!26`_(EwyJY86
zU3&Rv(E$RD!Bc4;?1!V9_6sFD0~1WO#_UACIewb%2Qqvey+!+jt9n@x?Xi~??NrQ4
zZ>vq+#xyPSkj-^;qHMU*m6TPD_-+A*ZxCodd@yM`5I@<GjgM<WBE$K^>p$(lm(p>Q
zO2UMr77;C5BG~HM&1&M^HTQ5h;;eO<2%zW8E%(*!w_c*dPvmnF{#x4pyrvl1FuSUX
zzn%$tK1Ok9>yVtcsy+9hZfBa_`aG%uoM&V7SB(3WsI5w8^-_ef|0o<kqWC8t<xu?j
zn*&_Nhq8baYvl}se2yKs*6QYiDT@jkD>X7kFYqgk43{R$wUJ8NpnoI!%P3()jn=0Q
zANyI3lq#oXMbAw+id>?|u1)wWqrX`Y!%WA%gQ~G^X~vbyS9!csB9p`8PQuFj$!e#<
zH|P&e5Y|#;3Jh9aH2H><Q9JK}ojjT&1c^DyUa=Cw5WB=p(Yb69^TuDVB>sa}+2<76
zBQNOQSaG9wm?f)U|GrnmItV$~HCfn9!(|~pN+$W9fU!H|x(m9C@8GhPfP7%IF715&
z_(!V$MD|C6kG{9RD>iS5w2M2YJP6K3rGK6E{`w_hG^6R@%N1vdN4Ljm0{E7#p6my}
zG$1DwSd$v!zxu+GN5A^?lNlqU(BT%t;NDb7#@6qtCDxk-*{f29epTsZ*?mE}Cz_FN
zTHmhgl|p)Mra@iSztbA8c(a3Us#^bER(a7UoRK}}%yVDYhKh&U?3c2vu`{AXL;oPl
z*U$27#+N1hPY!3GTSYcRR-HN1G14|(`ur0x3FFE_%n;f5&`F2HP03EApkqY{k-K@|
z+ZvLxM-0;u3z?43;I2I`Wkdr_ZD@$G793{S<0CfDHVp6P_CD%pzCM4J3qjpz&3!-#
zw5=DnSs>fxW&a`VZ4Xce6Av5ALqkT-t~W17sgYal9$2pD&p^lSst!=lk9z+E-0ALC
z-q*BrS!>PmC2Ms`c(PU&ycGB7;_REOWejj4FRgA!l-%!Q^u9@otT<3+$H&9#14KVm
z3~QKyO7&ufrB`kdkrxNNj;a(*r`nf=i%nol_a7qHGb2;DL(REdg@fPd!9aGC1#m3u
z{R-WwRH7_^{XU$OR{rX>D;4W}!=Er$tmnic&x)@1g2n{;F2YwYV?0wuy*HfG^u~hY
zq&>~|-cZ~c2G8F+z9MkT2w~8>k=dZLAV35|HU{qxPiL!86>h2&N+$*kIK96vrgkmj
zTuEQcb84xxRK%li8SxVfGd;)T%@U>*(8Le^xEv)jYtbG)>sncm@pDe#T2}HM(k-q>
z?*4Dn+N%944u@g6npFb1g-V@9U#lBEJ*DIVdNC~m=SOoG^$PGF3JqWUNxu15^;iqo
zFp^}p>(1+QhFxe+#8@pX{NP^=V`y#jesLPT6TbY1NP4q(21b;R911^EBj8#YnD+f{
z2l$&618|tW96H{Tu$Q>H=PEi}C@2~0-@Afz?s9gUMDwl@I*9<BS`d%wYHaVv1k2&q
zw<2o;mL?!BvnY*r%cGp=d%L{t+Pq^|k_<AG3Acq^C4KXk7=c~^8<vgW6j=GQRI+Mv
z$X~Othn2OM5(9zoS-s0zL9s4&lZ@<5S%!V7q-g)8Pl9(iXg^bJXx#N&^R)Z7WupwY
z>?pq!fhEZ7kq%(%(==S4X(5yLW2-(*T)Rj=olkhh*SBWFKJ2-$ePB*e=L!u*w+eKy
zQIKe-D4B1L#RP0ttmxVe+N(lJM^0z-+#6my^K}MTX!qlSf-_#7mnrjb%UT{b(ZMI6
zHrF^;a&;jzj-*E#Uk^9FOn6s20?6)*YI-j@7JI3Qv1P9=@oOS8dm}biabXwJ>sLYF
z*~)&O&g_6`@c8pkZi+|tX8P%B23JyTX0p`rp)z_xP)@7ve9DWqBjb5+Ba|<sbtQ~)
zB4Os5B=MbuP1g=TaIK}9yd0uhYV=1h<JT@l(#eq-!8o$Ak>7K3rF-vx>D%uUJ>)0f
z8)Xz^?ar^8Q{R{hcurN~q6KDfR}-_#KS^}j@~W!xrbw|_81!`5KXnJ5$o>4sFqi3k
z`|>Yk#-=SXF=`1r8DL(Z4KF{0720{wn+DnI8Jm1Q>k)>y$NcaVmvM!7>-(*%vig3q
zAL=_XqPKk_7~4xB%p6Ma@p%dNWo68Vh6RWW!OoI7(&^oslZ$d|K2@{e$E$FAom-)N
zay8^`YMH1H{F-E@hPcuB<)l%Yk{^nQN@8o@0nes4J^~RtaYWbtt`Q56b)VK832%<V
zZG*MVak^mb+TI6^fKr6CWg`e|S|-$kMHX~s#ef|4<3i<G%zBb%GvUJJQ5NRt6_2%Z
zTA-J2ODC{P(z%=ahs2g|qfW2$79<!h`-Y%h)C_d{`W#RmHCBxJ&?1rIso^JvNfGmb
zUR1fRS45uWbUl8{P1yaI8^v#sbxQfra<v51;a>0l)!mFXsZ=*AL?qNPDbG;h({-C+
z&oskXC$cINeh+R4i;nQ+;nr+6mvQXTTCDro2nLx3ug#lM65?Vu3-li@aK~G8PG`~3
zq+7pf%FRAhQ<<%R!`H7mjGpH=Z{`w2zT0e}?4ElvLZxq+6*XO8hEMKq2H~35yuz77
zd26nkei0D|-N*Om3!iLXCN6S&37ZtDPQSGgcO2Q!h-y=k{8IhS0(0_FXRqh!GV_&!
zQ)-&$K<@-z!Y-T*Jf#48fG@9e%X;7~X&#LT!D=r#X)LE4=Qi1{d+w~C#TAvro9aDc
zgSg@l#twy|kv|$?#|mp<L!-YmmOgl$D*^VKKhn=Jc!0vIZMHatSwK7;Qf$Z)qYHA~
zt9;#-X3r=Gp{`Lqrz%0Sh6()fZQG)Nt(oYVm7&&>eU@QBo1EVJz?G^_xKYH8-2MpB
zay`W|JFl(nZ%xD@ZNU9Y*SovAX)pb`2#T9wz$G!}d(lvrCxnBlmb#|{>;b1HMS{%g
zRMFj=iH6_sB{SW<$i&e2u*0EDR*LuKwG#QiqYDa2wf<Ca?Z#2t9`Js<NMo#j4ppCI
zemJDM<ayhqk!dLHLxpt(YLc8yGL>vV6mB~8)7Y=+3<E}M{<w@fSe~3#teVw}#wiER
za#o2Eb*<(7!Ox@1AoS72!^Ekh{W$oxuWRi_L3J!`XCWR2yu7yIDJw^9t>1YawA9ya
zQP<e4ngwd@P`017n*~#p+K6&iAI;*)!)pHy4=4|~fXiP}JO1&T^@O5(vKgL?VDaP!
zPO)D?S*vrSYdueDh!-or4N#o{1Afp@Bjb(WH~8ljH9Ghw9{gLq&YO*V7c!C%B(X3H
zC7}OFCq)QJ7zjZC{8i6pUrKLp_RC&->55pVFG6VsD;l9)kIQ<qkkS$z#@Q8>hi_SN
zPBK34eBw>qy+Y-~!}Jk&kJ=SQc5daFnM9C1N_$$_R6gbMcp?0{lL*p(R|Gk01wX}v
zULU@7yM(d!pd6b1<}w6-@(isc@6d|MM}DSnNTX9D>$&>>6|eCh@@MMyTDZ<~I50h-
z?fOQXK~q(G8F<vG?ZIXbsR#P$xiF$8G?Erpao<YvQoluJ@KeDqV^BeGziL@6YHVhE
z9OCp|HU&9lI}1}U!}W~)DjsYn25r&CVS<IEo!v8~R$V(0@>punQ&-7qMjBHWI)Aq4
zsbfT-Eu&R&qz4sFQgsb2snxNQRk8h#I_P(dia6(sU-K{-%3SJU=4&<gFrbl7Qds$u
zz~2!1@vPJfNPEkCc;`9kzh*fi?ke95Ntkio@5kp;M%DDL-O&9yob%_3NXlO4c3=hN
z+r75x*ZuXU$i&n##;0r||L4yoXBk{~I=3Yzv@809&*Tt2`=*E1vjf9FvR0)y5pGdA
z5ioalY8V+KHpi9NH`>>W8g{NNy$z5wEwGbY*}Xn8EC3PJ%~708O{@B%BZK!=Vw2pa
zt8k<<Wb%f|u$E%_PIF|~phM+PwdLa-OEy^7+oBdKD$AP1(F@Pf8E8mX=zvJu#qNSd
zt8yl)pThkELforAoHw(5GqFF6t8Ie5LD-cMQYTo-Bz}v=v6jsHhM0s}=1g3hjQ;O{
zw!J|`sWA$gygMVZKh2XyY9d`+?Z1^4a?bxUgJ&iQ%H@r|1YN5-RBw3wVJeq=j=qnp
z4Vf#oj;-ZgUQRr$6a#FV<}C&Ax0JK@@dO&JDiWM{5P&{a*%fd&1J=&bWd6axR$wZz
zwa3+j&e#vh9VTx+ZDYz)TmT!H>@Hr?8{4YSi0kF4J!AXifi#{2mgu|0*iG)&Aj5Yq
z8n4Pwjd#&qpN<?&P<96UeiGeXj_(orp|Dpuik}=C-Tpgw)V)egn@2a;=I}5^Y8-@O
z3EYI&Kwn>}3G?`T@TJtPP~;K8WT$nzJ_Ru=rGJ?i*<iP1YauxxtH0Y}G?ZL?G}g-#
z)D!8A<wgjPPP%&#@E6C@7NJ<_%eNGsJ;A=MRYhRdM5M1eqYX}F!TLj=M*8NgMDAln
zo1xXuebmWJ%hfbu2t02R%k@C5A32z!Y)F-R{Q0L$tLj|^o8NwI`TDtg_Ti;K8@FOb
z$|j{a%s4U3rvMZMxx~JzE3~#+$UH2(<<(oSPyhLps}1uwuPOKq)sOVkrkY6ZxL~#k
zp@bRO&Tz{o30k^+nejF_3_^AKJ5xGB_WDV*u^7?OuZb+paGD{3l(sjc&E`P<As(He
zU6_T3MXU6%ys}LOC(8$v){jr#d88WxBDd<SnUUuTJFjEehYwPOSBzsohn~-7P_!QD
zZ#p;iOBr|A^kHISMUxcB=5&ze%53+I4qL=zeogqSSj&+0SAOr4d6~`w>Yj+Z{g<E}
zWZ$-=bLQ4>ywCUaZ3v!SzbtQ*vFz=Gv$d<b=r?<g&@yH2R4NuxZGfrb&3>4Y?IHF#
zh8vA<sQ=dQw~$9tXMdaSN6wq(pdA7r79XGKJvhERJ7KZVq9^#ymOZ7RA3s3V41biD
z@#icYKO{j8TC)w=ePn-M<=OGYlMy~&6(rl698Je07WUm@d~ybtr(KbHs#r3M=4*F9
zS_-H99w64<*&<9FTR-MEm9^%CusN3^OhpaXAE)2wQnA1~iU=c;+j_0^rA53zI<Pku
z-gQ;CScL+@Q&66mMIp{Q12vSOVON-^xz8ih_idy()nExgW$$D~NcC$1t|u#U%++@H
zsVH^VS?AX0BNGl@wH#q-046KMgt=R2Dqa)o`f$$xlLarA>^6(|$hqxekWiWo6y#Q>
zl5oQtnn!!+RG=|FF~`|JzG9H84zvU(A<lG_NvgIqUo_i1OBolLB<+AEJxT+;x^^aw
zK=gYe&^{uG6QzTEN!o7w`Iy+mK<?$Cy)BztrydKNh0eYZ{NnrDI#A<(A>pe4DtV&I
zy3%>Tg}hz{>5saZg%19-HBqNe%gtREEl)y}Y<&Bh%j<fj$TWvHz`X2-CtWAqE|alg
znu4A-(d`P*G~p3d>_k07Yj;HFt{{m{m0u?o*4q2ERN-~ODSP?d)}P>wh^V3qDJsGB
z%iwA)OI#LmWAPtXYQU|0=g0!TDbG9R(Pd(<iuFMBC~^G;+d+M~<K(;%_iSsmiAq#V
z61l`h#;a`mXn4IB>klAvIb?p4Qi<$fy81X|vgdf~?sf=hO%=z>0hSt5&9epYsJ=AB
zTc_G!)*dn3!ag(4QKTs0nM=G&<Pa~)2T@HJU*Td*V(ohIX@`ET;82IG9^$?jYql(Z
zWdTaet12<HyJF5k0IG1z`pgn3{G2FxxWRI-ca~PM7M8aA3iCZ<@RhD@l*qbr1CR+9
z9{Xb_?Kt{$W<R<y9Ew!UOK(3Lu=&I<DD45m?B<%ul2a64<>C-Z;+J6^G7si4%PGP{
zeR0&kCF~b$0ZOlu;%zHvY#K&=l(8yc;ll1K@I%QY_9*wJJW}+EHm5BCKU=yV-XT@x
zwQk*9E^bSRBp0AEJ96}-`pD+~zs8Tsl8xZ9G9WA#kn>hyIdgNhRgj*~wd5Uc)Hbo4
z%2rxgOY5yi%!n$C^oUf^GfU};*p>+ptnivF=+Y#%^j?xzmzg25=Xtb|;a7`0*6{d_
zj!CERI8B%FNTCZN@W~njM168E=wq(^<KheQWp4BqMBQ9$aAr<U<%h$Bv?QmEs|)8+
zHpj=%X9Go+LKovI&VuI4Biy&e=B5>*N~N;Tmx~_%>A2vS4TzDdV}Gb+G#t#QWG+7S
zvF+tnPXol?-|5HFRpaBnvSi-7#aD|X)TCnfGceCXH{RV)xL3hk5~F_U1uau<;SiEj
z6)XW}JP;Y)n#=78pQXd?Y)xPA=IODPPwJ_vbb9H|n^bed0XKYeXp?4+;Cq5A)?YTj
z(}qYX_5LaNw&zUyE0!q2Zk>@?imE4tY`<*v80z9&9oFnXY~#EF*JZ|o`?@GR0m`iu
z+Sgo3ns})88K7V-N$(ZXfFR8aGP=C?OrirqhRqP}aBxQ0JD(*5|I9#6OdKr$*Ijxf
z#<A-qWLej86^=j+PFJkOicxSKyK@OMU&C`|gY$h~J5AD>Cvj%YRpLxg-PF@fI-<0F
zq$lTw>-v9Vnl<IbPu>Ah3r{i83|y<4Sj2|rBJ`iQyu!kbu0Qc;IC*p8iEDg-mx5TB
zCmuCP5%`!;Ep|cCq5|H=wSwe<W7rqZFFRr7a$L-UId5M8$40Y}`PL(%;D3f{%QWyk
zOY0~|z!*NHdp3aU`5RQ!2>Vba{>m9zj`z%9Q9w;eo6vI^uc(EyqTpman7N+otVye=
zPu;?>FqHHmFybleeHrcLCYKjQkwDv1N7#~o8#mWF1Az5Bz_k({FNc(bvoZ%gn@CS;
znSH~UTfng|nvqqgS0`n%(3cMBCytrXH_=gLaRaSQsQl{hzpjAUxU@uj(%jaS@v?bv
zM?X*(Z28JnYx)M5Iu-+C9L$bcFow-h7YGN=V_>wSq&mpYn^oT$?u0+h6%$}yIV?|P
zrMA*mzlLm=C9c{M*-_hMWkIv=4WH0=e~W(q?NiBq>QcU4t$q3fs1hu1YuKS>^g*e-
zZ|qTE@;zWAmvh_FzqPp?U&~v~)t;{eLrOBi?FHurd$0?Uv;(C}=inBNyzKqD!y3n&
zfDOcGu0Z1YnLL|(x#{qj){vF!;p=!Ny6zY9)NsS|nO7rP1v;?F{U5CT>9UJ!{h{7t
zm%QwXV~BSG&RjJb+<<CA8H}-rQJrrFI$25b&2<%xg_{btBqp!#gw@)`Y@vIG7(htc
zvTH+$bygleQM5saVVlQAW8&z$*G3?UC-WF|-zCpGreoKdPaZMTD!*<f;ZAY3giv-@
zHRSH76gp-@ik@{MeaF5N^s(#YI$7mAeN^49BP*p9sLE-<<kiQfiQM}Kjso6eA0T0$
zd=5jvZ+R1I?61f#9G$r^&$-(@VW+%2rAHhHdlyBEE;qN8HnHFTC6RblLmyt@CaGFx
zjlCMw&|Z*O{ZZH5D)&Z23Kp@FdVOp+<jH(A97|Vm59=X;^}RmNmxfvJszZ~D)JMxB
z^!|Rbh|4j4U=E@+SJ}o#;r1~9MDJzJU8#5$KX#?jr!wKgs!}&mm}NJTz4IwYHAUE2
za79BlMY`1V&_PIkQxrhY(pQMQdwT211(o}FS$j}LVGY}J#M;{7sROskMz{6}F0qQh
z<t+h4ca3PD1X(1kx$ZD$DZ~}`AVstedR1}n<n8O%%v92zm-Lq2>_x<u0R-p90c(V{
z<02zGT+PRvMsB%EYqT(UJwQ0)6;=|igq0R?YI8$X?0;WN<tZNevo00Mphq<|r2}Km
zY2cERXD&8``|^7ON6gBbq?m4ALizQDl&b_d>Z)bT`)1LQcdqUnGT4vZXJPZfuV(JE
zw#GTKo5dI^3~AT+yq9Q)q(zs&H61nYZhtbF?0dfS3kJ9*#^3g5%OFqPwlU4F01;9d
ziMl_~$>CnEg#WG#t|O_q<~-0~DzXlf6~``>KC#~rQQuE)WvFc)KPrAnz0|vD?A?Uj
z_LqolD@`17;m$Be5f2Bp5lz-EDlc_<7zBdfOhtH^`mygl2v^ZSRE15$rbi*<Pl<U}
zgR~lb@|@&?AA@EwINqxUK5FfPjN)B2l%&tS@QBbIP-n$asYG^(H(<vM+uEBV6e9)u
zBV%*dq~&3U6suj4ZKgRE*hT}h9KyktSL}ECvS3vH&=+@YxM@8D_LkM5r#Ru;atH0$
z0K78zF8R^a0pQa~t~`@(112gmd+A$KF;iHcm{Z0%S-g$M6y9gm=2%Z3zq!eZ(+K=Y
z+s8Fg6r_Cd;E)$@0CQ3M^CcmBX}s(0&6-8b$i^Sm;w^@Ltr1jCUTTr_wX?(HXD&{%
z!a-HLxuS>q5s7s^B=5FTLO?*w=ToH|&)iI;lmeTwX+yFgK^9Lctx9t&H2;rHn2)68
zsCf<6QP!1!xyD7=Hdw<w=q!GF$s0=Jik1S5yK~*ylXUERx@24r&994A**NyizEF0<
zr?nvxHT=jjKDwY?FIN2@7jmh^{siLV>S~b60uXB6IuPS#R5V9X56>J^7?dOk)L9Tj
z>Mjc5X~GxEg7>lg10X)KO?+q$LNVGFO|%(1(&2)`J6nQFq<vkbUBfaR^-tvOe5xq{
zPOOw~?X6$Bxavn_)&?}xYrDO_I1`@uh1@<;*w%8D!^<O+&o3+oPcP$LjWYr47w#cm
z7E#h4dAK)xD)Ru_G^SV+eGAz{^-Ck28Cb5EOwsFHT*p_*)pHrQp-7X<rxeffi%dWc
zW;Bes!eu<R&w#@A`EmW&r<TvhsN=r@YnKo??f`StTNok^y0v73cBze(;%I?NQ4138
zv)TSCr&9j8!X5|6EM<w`oNTFW&q#b%c6;S|tqZwVAuyzV_-oOU^4hJ53D|#7v|jwk
z*y1JlA|!3CMujis!TpEr?Gfu9P!Q=np$n;3Ui;itKWg28yN*7?In|sY`n#OgmRXr}
z$2otR(d+A717iYdi?`(^O%pyJ*@HEBH{*{=>#N9T;AS;Tqrr-acnC?XtxPQEN9lfF
zrePbknld-E?+Ik`tFNcC(+`;m*1jDx=uKPrtu|)eiq=C$CTTy6K8Ze;bF@E|rhb#V
zZn1h`^-Q29rBY;Y^3+~WC=J3|?bi)?g%ON(hE|zn5YWrfkRc`S(IDn`Xn&+}+w-Lj
zvHQ5a{a#*s*cl<iq3FE6YG#a<KH7riQW4wi-Y8T8NlU0<VuuQma);W&WbTc=tN1f6
zI5d;1phy>%>pm?tRqlv!YZ^S?TDhPiQLeVS`U=Xf^37IXanuNC8iT9>bBANV?I{jD
zO?B)^T`uHaaCk$P%xeV+B=Jbo^3PnmIk#bZZUb_Jj$7P3aLrI&dS@hblVBgxW-=#M
z-2H4KvwluCd_}2ur!Pv$t%X(g6;-Rl!)0LpjUplw>54Ttr^0*q`rQ>HAmGhhl{VBw
zw?rQN%KN>h>a})3HxT$wBV<iJX(D?U9$44<t>>IO&Fr<f>6TNC|DWt$|1p8a%yj;c
z9@+j(44_I3Ydsjg5uaHiY`hr#i4QhOed`Bg)x^*$ZIOEk8`3cBOr*x?4?V-v(#w*!
z<ew!aybvd^ZX|VKa(fhh-8QMaGFb)A>a#GgfY_o%w8U~NR3^GA&_vfVOxQ?ED0()+
z+mCUE=O{<4%qZ;pD4!DA0c!FHX)?~gb}`TAzfW!Z-`DOR`dc6KE%cR%iNK|8ssdBx
zMz&KnS91cvdC2v)0^Bu|j4J2eR1tP9#7$?zhQygmtxBnaLB(I@!y}LJXRCs1yB=9_
znHqMuEMYw>SEeXaUf3onadqjJ&>`Ls#ZdM>W9Kj8_^A5i>~f<-k6q!z=7+~h_6<Ba
zIY`2hWIg~?Rwm+!=H9HK9pT|xI*kXgd@&3@sSaQwyU_J*t7D=@2lPXAcnSSwnSt*I
zTfQD1v{Y^AKqgH+I+HPhK5jEL7XjGoN~^23uu-UB?hd`d+CUkigq9fppT8)?rS84=
zV|8q4uRL7{UCaogG`^6wsz%-LnRSbJ*36h<y>Iw65kUNR&8o@~v!tKc^Nrbp2HF}3
zks~Cp%38O|{@INMt>EX~g5qq)vk`mSN28^`BkASuGcPm`yc*5o|84c~+tjgj#A5wB
zGbv@&P88@H2p3<bF-)EA?ds<z?KnUfpM>A|WC+d6&zQoxk%AHWb)Dl_yD3`|-B-VE
zzHACxX5iOq7qKC~Kbl4vlw&tNwEbiVA}$1-F`bTU-igYag{?!&JdkF8-s9jkQMK3k
z=9zetiRZ=YKxh1HUJKZ+?a_#>PH>~2oqmfWGOgsgfYNYA#F)87&ik}qnV{sAKT7ny
zMTq65*vtgH=}VY&j&-Xq8t*M_S}~zszbAg||IXEEK(h7J#_!RV;%@TE+!HtRI**up
zZ@-1d=hpiXfe~oH@w$6$<;>|bPY1{Og36XF`M(sd$q(~8xNOHTpj2ir+GEcbqkbrY
zB+8GEuAP9@mxnEc2u#?Eeg6D%@uAMj)7wOUp{ePR0*AdR8}zb{0HvbF)^W@1Z}(G<
z%xk$;_U-&@>fwKe*c;c5jLF$mJn8Rhk+~`6#zLv0Ls&POb-@BVyVLJp#Ry_n`9<-d
zqLGh&w*dq%3ppiLLoc}!k%TC0(_*+uR4FHCJI1Jpj+Zhp8=GFGJC*#Ud%TBQ7-N6H
zzI+t0t(2Ka*kG;qpgi4V#oa4yUpS`m$0u-P5l`>(zn4Ea;Ggf~23E=u%fnyNcCcLg
z6^)}`eFE3G>}|^zQE)TDS{lcZAW*i}=nkARU$R(mdj2D<xvC8E(JRp|i)386$Iw=>
z#n*~S20~_cDNe{RDiP$x5VL$_5{RpaQdpxVu6@kYARUA;WQ}UN7^B5>ZN0PcO*<E7
zf(beO11rnF{jddk5B>WnWX~Sh43!82Ym!{=ID96#O3f0$&0ik=6mVtGlM7b=X(kM=
zUevOAzV;w8sBT#OCNAlB?56ublP(PH^>Gs=g;{3(6aY+)9Q%=?Uem0-k*b64Pdjhi
z_~NF-gyd`z3$DJn0e~6%Y2YW}KRF2kyWdsno!*gNt9bMWgvbPyGu7E^I_p(`nDu-U
zsb-Ynz?R*Fo!c07!sAbjaV&PkSO2A^qD)z5LrRJiNMjVO5sIj{lC}#m=hb|LXnjRp
z+W*0uXECdRnFP!G##9Cv=!bY&QhV3Bq;Cg|mUp5>W-<f4HopaWxxM>gOdosX*Vt28
zckSVm(|VB5M{h6Sv_|`dK<3PJE8&xYD{Fj}gOnSCYB}Tp)isk}|ME|(O$nJ>wi=!k
zYjA()FAKPO%~0^xmCq?fwrwQU$lS5OxSA4u+${DHY@6rvCI7lW<ighQ?{;~5h4e>H
zKk|zFjN=R;MNb34yf|JI%IN}$vu2hq1wlU8KO*em6%%<m#E$?(miSn%9ywddDx23$
zYq+8o56-_b5Ur(zgCnaWEwx@S&b+iEZH@zeqDIuz;%Z#t4FVP!9v?f#+cGjf>bx>r
z=ZO3Nf#~zEg*cdJ5K+)CW7?i$ADLBQ#>G3C6#lF_maG&ZZ)%;UD)tc9>km-&1Yr@e
z()u-eyw*4|oVzb*`jSvZ`9eqXDK2Qk45|4Wit8<oi<iz+@A6Kc@zXmqa=^?T6OnI<
z0`?L^%!z7te=C;aMbRn}iETqN=^d%tVnTUt4B;Ne4zg<G9{U>Lk7w;(ZXENiD3ih?
zG$Ig|S;Z-{YL~yUJDObfW1I3qsB7F%0Y}-ax4OhR9&bEkiL2p%7e8}8?vdmA39bH{
z^Ax9itkx!W4&Sn~m3$G37|V`i=eaW$DjJ7H+rUc!+iQ>eM$_ZYuDH&hFxuvqp1+$g
z64XpIv2Vsv)LI7{6r77)l{NWfP2gn;vM)-99XT(x6HcRf;I5-N<6zCY=|vr&HO38m
zw@2oghE<7UGeO!mc9a%>6w>snHReRbj)HT8aexjOZObaMH5dg4XH~b>G7r1|st9_$
zL5@vgI1Ijr`IC|v=w(GO7vkj3bvaYLw=>@5vZU(QW)fE=Z3V@%Sv)sGN7XJ-&iS4p
zX;!T(CDJ<~{at-?8cd#3`rB@e9XA*k3WlBp)J+%IjAc`f#5RmlsOsYSUtPu*Lc8&c
zFEMk2$5UnrogN=8d<lVz?sT-M9p&!G1<dUo`s4*noifmt5kUAZq_m{BG|8Izv6HdE
z-%K1dL4X4`f4eSD$lVzsA_p!2wx5L7AvM@H0ei?2ueMuHlf0Hb@C{9`PRgFs6~*LV
zhQHu_lgW|i-;gd<Ex!92t}+B?F>^qA`Zpw`hIXyw!a-@!wyKqf3)*A0TdqfAMb=XP
zVa%t66^Ll17Cj;iAgac+)dFNRCc0i%BuzAJ4EM$jc$5V9T*77k`-$EY?ELR~=qnE~
zhgjhS)yVq_l4@n%6Qgqt4}KzDW>i6Y$rC&|N2zb|`zV_?T*kM6S|5BwTwU)YV}v%Y
zF3E$x*a|^57CzQ)Yysl)(%0)ZN#@u|3IMmxJE}~bUMRj6ar%kxML{)lzx+HX?Wq4r
z8O$i@MO((fzhw?M9<ZE{-Xlg{f5VBG-C6D@X%UGtBi5~_K|TKRSa}V;8SX`|zEmsv
zm2X^Eev&5>fxjlg|ARF3Y7@Y?fiN%h`mbNXAzBym$2WZFQB|#(3^H2mWtSARa79A?
z_?OPx6YlrxbU`UIL$*AjjB)CFDNo;~E250|dDri|Lg~AY6MN~!@RsR_eAmj6#h20a
z=CtGdc`BU||BMtw#hm(JzO%d3Sznvyq7vu1vNn_<4ts0LCH7~1;#+~HM;DP!Y!X*0
zK;Sd>VZgQaGO9Y>bkefIZfaU&@scvd2Jp(W9`LdUk7UShM0_XO<@4HaoQthaS4^9|
zXYYd&P`0bx!>U|dS0nCMb~fjhqxqq~6E_K8a_D~r9e=NrXQmWfQYpIzs3{$-+EbGQ
zjVJGLVEvTz#-SO>!+OALC^G=3wDU_YZ}5kL<qMB2`W<G99sSi=6^RHA72%HmcjsNJ
zLa$6YlsdAX^nXt(T9IB?nyDUo5Vg;8St&<nF#^1szkA3W{s91@Ohi<g4zu!xi&3|5
zFsbJmu8gUN@^y25E<7dnqw(^g5A<wWihi9Nym#WI+fbxkfih!9@~W}CX0wU4S1;Qw
z-u6*^=&SPT8JAh#+Nq}Whbh&o7r~<f*%JlxxXme+>`?>k4{JWsCGYeJOylT22JKZw
zde(N2yktMBDCs3FsQN^SIRC(2zgpw@(nTQ?HmcryoYi?CNcA4;OQPpP76qDU^OW-D
z1hClpjA+uy_>jO*M%CHJZKfFdc*0QAJT)zVAUefl0+Z%ArpN9S@A~BO{5tP$pk;ox
zeVt=bHWqN=7j$}+@3igZ`LMpJxF$nHPw&Q8DFq`wW<|nqlEyO#eV}r}He^4lXm*Bj
z@v<OtA`nm-eUF}h)27irSS!u{<kNbH{$bumMA}{4;XI#(k#k}=>r_0ZD`4WFKEPks
zkqa_hsPE5u#JD=@A+w&8s!;KY#u5BShLs2~E<gRgVNcCh?A*IX`}2{|tp-Zk>2(Yi
zZdWn%B)Mw6^Xkd>nR$1em*@u4JPEyKqv7M2jC)2p3*YS;XKO!*DCzz_p8fEs&w@gy
zT~$I9SMxBVzXveW+nrgs8<D`8E0*lZd0=8as>aFD$<h8OeqZ6*Z*?;@bGzA@pcaBE
zq7L&Tc$ll~WvJKw#6ZE$J-VVctOUN1ZwA{Sh=$sA7!4+iW+Z0KJu+&%UA7Y72?6Op
z{`OYqdWvdO-s`%#Ih1cXNt&z5^+>>6gD@>hj(+wby64y@-zMnu${7>}sB;&;MSXjU
zELnY=m+SE@WG4SgpM^!6_Sijx?S_G4$>})`T=n&C?AD`iuK<52cF$o89%2~K>njmD
zMC-xYM;9`fJmE`UC>W#3Kon@ed|N@)1n%3cMer7KT--9N+3>3_d0v8gtqa^geVrVV
z)N#JbiWJh4_LtvCxxn`w7j9`1+O--ZwDy$UReVhyyoOSWJ%^_UpYMX)?V>=Mj4^fP
z=$}tF<AA2IUjT<;3*M-d`xjdHfYko&|8|XQr@xi21|{+cbp2Azd#9k7Gd@DO%08Ub
z7Of0gy3_4*>Yc?hbfWZ)s74@g>UnZm3t04eHGgHYb(-W<#1EqBvvOo89npvb7TkLx
z^feb1gy|kk1qa)JM*UP0b{czd{u=ubfJrg#WGE=IL5KT;iAPAPMEu8kQFy>*5))P3
zO0T{8iP@ssVn6j@)7;tV(><ftZ$<72$!pj`#BpWvGE(5QvSXHGhR3(f`~y%frQ^IK
zHY8A!YgrFNDexrnM9eLzrMEr?0j&DtQ#*97fH}CKR*h_nV_{`iMEp&gyf%HDe*9Wu
zCT~imBtKw_8&{Vn1shFqV<uqXYQqp2O%=a5Q@sWN1wLEpEIb3}rn$5IKlL>|tsTkM
z=2D!(Lv4)^2k%8dz2`%nk2xydV?4ac6$p3eVscdZxuwP%k%!g*A5T5T@!eEavXA$}
zsjr=3tiu=}qPhS3UdY^DjKY*mX+E~qe2GUp*6``)BIqBNSEQo-AHeBj7dfz#FL5US
z9(X`w%G};`GExSRYU3H+F0kVo#_*2Y3^;QLnYFB3N8JVt^jOXo+)A4`e(Nfu{brN*
zdlCN8Z^ppc{kbDY)g_x~WdrWd^a8&pT7PocJA4q$+0-tcq7v!zY5wfvKn~0*bft&%
z69OaHpGzm6Xj9+o(;B-HE{$d)m=SC0%Y8>mXV(b;RC8p_sLsEz1WM@g>7^#o0Hqa@
zQeLxtIBAi#foI!Qa7Iq8--b;TC~)eytZ4nrvxRh&LIOlrTIHI}n?rh#4zquS7VXVy
z><a0}E_5|{Ws@K@4J@nZ7P^v@5z??6zH|*N-${l9=*NJf+;XZ9>XgN?F!o5l<xY;P
zCFAkbeXlU9z<&Qvs;ZL(os&`^^eHI~S>rzx;2Liw{;Ot0hm70U-KC4HzkXkv+@bJ@
z%_l7XCyA1AC!o2M!%js5n5~7r6M9|shk(d=_-mBsU;)-J5^i6)nz9_%{EU})Z)6w!
zz)6GzHyFL}Z`E%4E6koS`fx&j$1(2(_3X@Uj+)|#jM4vSfH#f8Bb^rZU3a=a=~$C<
zbk-UhYorb|JQhVraV<ahIL0YV!Us#!Cfmb7iy}{`#s>GJHI8|tR_=GegS;t=vO*bK
zke6bf@Ev`}Scy2pfY9I~gT3DEcy@CKkb|@3@%fF9gM*vZvw3f2CJMH6OCy(q%B&l6
zVz;+P<(to#%-8iQ-t0fPmg6o<gyYl@ql0+Kw)}rO60-`Q{64oLtiyGNv$AY=w47s!
zUv{y1;|vl`lWc3=pY}Tbbm5ZHGis@Xux*`o^k$XC$FlfEZHkgTKD>7Nty&zlrLo?0
zOn-kl6mC}_HnUg$U@|K8BybfN=+E^FRMli3sFC8$`#*-0Qv0xyW|voHmb0ooyXP2n
zzaA&Hx)$qWp*)PbTpAk2eO75X(6BfDky%^I6c+zV+&iM9JBwTZsIo^fBVBnL`Z(r^
zCf8J!aAw_Bh3@{dO^E~VP>ZVPUmbWk5C9gq%AkK<c+VcADmgQ5M<%E7L-eDcJ^0->
zI?gYStz$3x2<IMYOPc7(Nu57?mh1rv-xDR@k?(EmZ<FpW_%(W3XhoIYw~Vk9TB)#g
z6nb%mkS5fHhS4vtxc;txC_qpwFB$<Jy>{N<vf7gg`T^|ZrW@AwMS;?a3oybUHzGx%
z>Ft(U5A9EnCw$B5PJm&QI#~Mhnp^)(y}gmX(*JRFdDe0xa!4XVxy3$a94LCWXZ?R{
zMPrjo?$+NIHL8*#2;>R)4}c<lPYC{@!QZH-exyWoAq>2!YJWVA7*?^Bg+n^$uAH1~
zYBuG;(;j~NQP_1G>X=!GTdGfivYMyN3ACvz23dYdHF~=h=mQ<(q{RaG8>bOCY#Qkj
z_BA*z!+APM(jdWKPOT2oWnV>zlB0!aufIF%VE5wG$$@*R&aSaC0#kL34Fr1D3lB}d
zXEG%=S(Y!_7FPl)Gvb`EUfyr8198?d`cjIavG<Ws8K=aM1`Bx+hR`nrH1lYw;G$yO
zGN5o}^EWv|?}0fS-ejchb2|3ZD`HnlPw0kxh;I}i=nH3kBOYq&R~Fi{86uce5?ni+
zy=H<)>hhj}V`2TIxxrO)qs-*B>9WrBZQfaYy~fdUueG;6t*IV;1ks|nxv~Is-6Yrd
z?vG85A-;jCpa!#0sO>1E)TgKm^3=EZE%H&nc?qtUiYAgzkPZRiy_b*s7P~E1daS5;
z=2BCd&0ETTNZDH*=m>a*MOwJmu~;%v*0l!FF_mpL#yjJHJ&xY<lrI<6=yzYhVRPyW
z8M_@5Cz<I+*sx;{so6AR)FLl?G%h|>|8HOwnM}yF;&XFw=$|W@6auz$<?hA2e;-by
zY&taj+*8IPk^1RT0|(8bt7lX0-gLPk#1_t!0&Q3nx!KQ*)Du$RJNXEdS)e|wobo~M
zMu+vAvv2;0D@r-Xb;dn0^9_sp@%DWMI;8E~sTf<{ugBHaK`m`7KPTu>OxW!k&z_ur
z!+lw_=vjqRN^VlYPIXbrWdV0UkT<|2AC@IGIw>tm$Y#7|KfbAZ5^D9LVV+atSvjV#
zV-^48iTUE+Bi1<Ih~3tDf(Uv=HP^|#LedPTpUm0y68QIW;dya=$j)VIpo(VES3Rj8
zyPgt$GkA|Xq*||a57Vx{<~O5-+pa1P?}C?Gs@KOYr3j@S6$mpekDBXIH`@ju-@HuP
zv^o6n`3Ou@%91wpkCU1ZA1@Sth=qX_`$I61O(KvjrFvl8+nBxI=anY+bL&3q%yfP4
z-pYJ1`F!&3$(VXb<eD~SbDfx+82;o^yl?1Lfy?mn)zvqe2@;+mu;?ZdV5W$nDTK<n
zWMq=e$|q{Rd{?OVPO=-IRl0kVwaS!(<3;PAvWhhVeQKHr-|ep@iMG~u-7>{xvEdAQ
z=7`)N3?oQ{;z<1be;~QJdHu1PZhI1;@A*DwhJIacsJAC+Aj#F>5Vc|>1T;l;^ZLzZ
z_vzEzW{-CMiEiL}Ji5G=!6im;@easO>))VVK^UU2k3Q1<=IF8NEGjWH`#7s-R6xnD
zbn!0cc%OgW6Sc#=xg(0Z#)ATcz{s@sBBKduMDsU*Aa%2<R^0_KFo1MshY=b6g0~@k
z%BxDxxb3l%{y1sb^~%WdJ;C#n;y}0AJy*asQnTDrIj_^cE*~LjC%>A%9i<*VDsW`9
z6uYO(Evjh^5#Px9<9domS6X%YvG+_Wv4$!D*xFd<q~v%pEylWlgYQnL?f0cij-M}B
zJ%8?`THc7QD%_H^cgt=lcQ#35L2jt4`N7*Ha|=&AoQys8IB{dFbN&VRu8NT!{>9dr
zfbR1`tMv&Y@I%HX?Nf<!c+^LC43spqm6<EJc2=u4(&?S}xaZ+TGI&2Zg7K!zEl1T;
zZgq6`j6DC^{^4M2Teb7ReE^Ng8+VhZ<f?92sZ^)>%(3{EpE8@(+xSPWhcE8iPmb@l
z2Y^JXPche(i=$%A+~a({@5e|<{Lbi#6O^|p($l-WYK0KWOpqGie};qKL2XpG{k(8L
zdA0AQ`6Mv+mE&G|`==Jugh$TGmXBa1UJEig?r^xd?da`}_xr+Yfp3%S%cOta(ZAd#
zf9-mA_gLRt(lIPsyTT@9WlVd>z$m_Y`|~oZW83PE(2LB5K8V2sjzj;Xbe$*Lhw7L%
z%)nIKgw~e^<mh)csi`l9j!EzIu@c>3n;rdFyS(1@b7wuPY><T6%?v5brgg!?Ho?rV
z0*I^3hRq(^nSK~mEtiFlghs`HIM3g;b50SAx|T*QIW~c1V+!H5by-~p!d8$pHNav9
z#B#N10(CHTJFwDksn^RFHB{Ew9O0T1aKM5!UL3Leo7+<)H{7>#Ua#N#Zjadc&T8cV
zj~cy%yTgW1si?*X&0v$>P<~P4zUrTfQV5EP`N8ApQ>Sjfe1|xIMw;qDio-WD+I3En
zG)=6lsCBiCrp&~5(mpTKj~#m`kfA(j6<B*V3sqh5+v3~6UGW?Qb2S_(N6zR8^7Eqm
zKQ$66*a=#pJ<-=Ks0Y!~d>c!&b5R1S@pbcBS%rL#0z&^5f7qqajD<zYUQx&ImP*bv
z7^{Jw#mO$Wr0DbKUM~A~L>!!8;IC#Mza!KCI4v$7&j=%%`@vGCf<?;~QKXaN*e7wx
z_a@UTwRK4v=F!ZhG;!Upo$+-EwXgq)RNOIG*@vwj$J$>k%edqcu%v^(=aPI>{Nc2*
zsZ%c{XiYfe?<Ur+SlK}*{n8aEp`FFW|L@o0?#~XLw9FW?tL*x#MvdoKFeU9NxGS@I
zOeiyML17j>(6`{9?AQmD`AR$1ZYM(ddM(t4XMRi(cVy)3wvb*Z5#&I6X_S{<{;#Ew
z;KrRQ)weTz^BilRUrg=+M*7FW;^|mp#chxO_r^g0`Qb4Slhgk#&{`N*pav0OuWU@?
z{PJuF?ZJ})-+w0D8;L#_W6Jk)$#u~oDM0XAeNka3Qxs(e{{Hx8Rz}OSgb#5*j^p`k
zCS>}<zbCIiO@cu&*DIgS+T&6}K`ZqcO_4z2{m$2uyb$}2Ytnyx-X%GljPCGHk*iEh
z(vx^3NLX{Z4lPv@L*ezYb_#$YC&r?E8Sh=ADQ$A#6efI|OS(Yu+?&`i<V<k6zDm%y
zr7!YZ|0xar${~G%yvkPE+WoH!Q-9iN3UZ`};h}t1D5FB<uIZlwZSHMM?um*86Lf$;
zSh-P$BKHT8A}jfTYYjTEW<=;olK=WEnqA7+m88gYorJlod)A*;&7nHzSd8aj>bxpC
zxbkehnZA2(U0LC?oc43k(I=$8&${FwajNFkX2Mhqybr#GyVNym(+0d5%0O(neSWAD
zM-=!s-+_J)KQRgK-1imm>?foGVD5|tuP*-vm$u9(CxJ^BU*e`F@Wt!f;i`+1$vOJ|
zFYGhcCu5}5!y4Wq%iKCwQ$te7<K+iG?u(oQj@+)@|Ei^_n3h5^A?P^BF%k`#+T<#=
z(!WX1eA9_eUc@LS$kcCqkAW}Z7ECGrr_FdQEvy(on*~&^pHE+v0UnJ*i@EK!)vvle
zY?{}92h&`=4~<s)rY~$CZcg0WBZa>uhn)Hr)C(9aas3>JQ9m_u_O17uocDA`EPI~>
zznoMtB<>V)LOWe?N}z?=7V?)lKoXbBQw$;X*$uRx$Zx`p443Y&i%41Rg#zf~ytDyc
zX|8{sj~BtqKPlW2x6zL9gxj%hv3xzN1K*r`zrd9*G--%-m_SIm#f^6FUe;BcJ_ek^
zO`2d<b2I_vT@h3-BDLMby-&$=_%=eXvhznth!4nmKmkMj9DwQ_DTQn4{?fZGF)H)7
z4y_9tiw<FL4y*>U*Q+eB7s*qOcuu}(`ReUx!9B30iHm-W5bp+lIg+J4aOjDZ0^Gzh
zh4>$A9g9DAM&Tl;GVrkec{BNCH+ZEW$0iH&g!bpRK^%`+xwMZG)I)|?iD7TYaU$nx
zx^w~qWkT`N-iFxg^G*VPS`(1*@Y!Z-Z*_LuVI%Cd`rp4^NKC7yUA6f2IECMb5w)F`
zRHfEETL5(cIm=}hgp*k<=N0z`_*(Jk<?aoo@}iN&#xh;Om_pWzjOyRV7eCysclewq
ze-%|UX4NSwu;^|2C+V^CuPl|{bH_}8cf{m_lPu3&e(kP|N9iyP;)oL!gMS=^L|?8D
z0#qCmpI!V-v?euP@p*f+Tqft5K|-R*_n{E7?6kOCt+7sgKxN1?HvBSbs9H}*ka96-
zy@!#ij?$0Vw;Wh|=@av1xzEJC;hvdabt-%R|FHKKU~w($q9E}d2qA*&POxAhxCKZ;
zkl^l;1aI7fHX$K|U?Es=w{E;?92$bVHBJM;t#P`6rr|BJ_c{06eeQYl?wvdH&6}C}
zK3LtgdR5h``lagExXHx_jb-jri6<*v&VejBY%_Rf0-RVy{b6|nc9r3}T!_&IRer&N
zS=f^<siK390;<BJ+5R;ONiTH{udAsE%6<e85tZW`#h^8eSJ-D|^@GnTh~oM;sgYw(
zp|T9P>X~hrAM2K`K|LmBYxGPinUL_Nn(Av+9V+D0c6}NWNZmWwUL{)FNHXpUU7H{$
zTk+`Kb4QVyt^vTEGn&sP)CKVIcBfyZSzPcYfRr}K$UJ$-^*sDdAv@|U^7esuuyYcD
zrpD9*G+)<QSTZ0<s!qn*$xL|9%1-V8jGO;3N|a`dI40X1V!x|X6)AY5dMLZ^_JU90
z+PROLSpSDGG~IfQami4t%*ZC&KoAX)77FJ<b(~|eX%%*hrwg+rrlsmTF6UM^+~5F@
zr8Xb_bl0ivco@n#te%U%)_s^Oi^!ZUpkJTU7#>)@rmb(((C#AYdGwXt-5%M7HV3W3
zleT_u_`t3Ue{PO`&{j%437-`ORAENtdNiS)i8zCx1)~q|+?4nl`9IWs;u#@-JZ7U!
z9iR1xk<Oi@oNu^lh{OcR&ETthKJ5nzK>H9r6L6(38a0lv{_Odf{#^7(*ChtSa9hn*
z@#B8$)rF_F5Vny9siK-^VK(S1=Iqdoft`|_t%aOS>BA+l&?N^QJ)4h1-ySaJK06kO
z%b(_oVsIsZtgXHoiQZDvQwsSMNWJ3oEba2<tYtPu5RE1b%V;;Pn}+Z81uxuWsAa{A
z`p#L`U<zN5@;)u!!1bPHUznNNPv&uDi+@m2`oJBR<hgR?Zz{Ch=C$9Ri4!Hx{fdI|
z`ZcQeJ8t}=sAGcDCJ?LmSMhHWrc>IfT^IRV#owN-dqKedx6glGeg4Z;yqxT!XWvn?
zQi`@oBX%HANzDhc#cikEzjQ!(*-kcS!uP{{a`HEBHa3vLBB8v03id1UfPm~T&;9RI
zMMX|V2kzP0e!wEww=O6kpo?nya*G6x`^zgmL9WvnY&JCABnm01feVaikI^9g3IFn=
z)T9IIe+nwQoN-<AFTYE2y_)uy^=)MR@2qOh$XJM&z>BxEwCSO8a;`(YCy&IU1<gOP
zWJ_~!Hd0DV7JW*1=v&gDswJBgbul{p&9H9d0h^wDC}A{$$LBz<UcSOk^K8otF2=e>
zeh*rZ^a`*C%75lEAI>PMs|}oC<y}j#E%e>_%w6Y>Q1*o6DB3uc?j0T7b*A3<?~usb
zfIl^03Q$`CxU7ts{00Oyetz>eoxQ4?3ExEw&9@86W$du?71l2?F(*eYj^25aVUuN>
zg<DI+(jpguuq{8&U=Nb8tXK;Bp~+-7-))uKEst1PB2u%0*Gj+qMjQ>E(8s$e1>)Ns
zm2@4mS!BmQ;H@7G&~y{JB`{vR(Dg+IL46UvG6BK12Vj_2Z@2~BBesErUUQJ>dXmNK
zD{*1e74_Ldgw*JC`*bzygeL+TooYV`iC5kFx1Qc5U!J!5W0fu65kQ=t7@E`Gid0vy
z3&g~Z$ltW?3MGmIdk5~#7($&><(Gi&gj27EClt0)FthDgWwK+U^Vj97WGq8RJMQHB
zZiDbHM%gt*YL}y;aitUTw<RE-y6V~UpJsd>G>suQRh-t((Q>d=l@1awOjT2^{~;wJ
z(DW$ReblCVFQy$qx$8uAcOq_M;eJ?f1Tw$QEEPlwJ?ObAeWY-svLV}?;jmr~fTqTq
zJNr7iNGo%tzR~gVI~(RKIwg6XiHZGZcW+YDQCX23lIOK-=F1at4MN5QAsNGz0;Efd
zz|fN(oW}4kfO=`}XJm4@O(MqXaw#$gtzY%wqRed$Cld&_15_Ey%ICUlrKtjkG7AqO
z5L-<HyU0<}v8nq<91kD78hnm<?eP3&!V|ml7ubT)ZW?xUB+#%W{rSiIlkrwlGWVWi
zpUOHm)mND^9D{X|IwomCGmkYtcrw^M8|<oHRyRK$flfaXs;1wq;g7Q$i6z7)a9@de
zx*@-mLmgP&mkELt4!v(Co~*5YCe9*8a*KsvM3SF>6Xy;lX{Ngkof;hlxvAVZN3PX8
zWmHrWn;rQkAPp%f)L5E9O-}H?h?i-4>OSs=&Z54+#CN2HY;k~BG&p;dTQB?6_l9d)
z&WqZRuBEu7qL1%_^xb3f`WogbMMQK&b}vE3cRtNb8m1>qUSXfr$QpXnNgYQCEr}JM
zv{TtkwTRXj7LV4T33Faw)oneYQ+?k0#%A*Ds65o4zc)ol=4Y?8*GBIldqKhQdk8NX
znGhShY4p782{gwMk#~oPfZ+9S%)LXbD`6UnazX3v4udJ-FIz<>HMQ!dPF%t$DwQJO
zg865vA66pN`g%IU)eHt@e0A6A+C~1hat~S8ht_rpArlaxnaRAj8!5)s?i5;VPXv^9
z8D;Y_ZLz!EG0P$QI!ljc5PG#UV1sVSM?*8dWbDN*U}ZnWLM8gHB#fo*9+MK~L{SED
zqB(^)5U95AS!9B!L&CSq8`0;*F(;1Om*@%#wXI)8LN04WOMs$(P<w#3A4DA5)dZ_A
zBh92YXS0Mxw^Xb3+?{cn0+?H`!a5o>bwY_WybrbO4~s`8>uRUJ7s=GKh;d)NcFh14
z+dL!bDUo?a^*+qv5m%X7AWa4K(K`=%kk)vWCbO`<mcAzAhRTDR2|hosQPX%;>AaZ|
z&f>Lr#L5Twl!=ps4pea(MT^P8a+HvZHz^*8aT%u<3P6Nk!XXz>CyD!!0m_}3)hI6N
z{%UFmx+y<eC7kK=ZjLc#k}OCjB0dXwH|E3&WlZPlZBuk8_f?(mE!l_~)NZLSxH+mU
z^f<yAo5KaMEtSy|C2?c7cu|&dny97k)2OG64pQm<O<~}rDV?Z71!%z!8%%?wa(l0y
zc{(!g1`}0}hp|}uxaNYOiC%Ss6baFVR1?;O;)V~f4`CCbt)ZS28yVJ7{GJ(VkNe~_
z4@#vbO{Ovy8lC~v(XohdRa2qUy*||>ZT^ebH5TfnqPq>((lGrdog#eERK}Sk`(HF2
zC~ADz8D-4Y7DBiO4@#uicU8vfLM*Md`>rZ=b*Vb*hOl$cAjxT=H(gxZCPLZzoQ?IP
zHBIspn#C17r&+HN5KwyEHO;kpYgp1HRA2lStG^imUv+f+($@MZzaD}+GXrO^^o^8%
ze8X;njUA1yoG|sh^EHbK*3O;*f@yEruGXj|JY5m>^|8+g*P>VNL5kG4YKP}2I&<^g
z*3booKSsFbSSYS(^|?kI?|3}2^D26roSaE(>St5aVG1dRXcWI?1xQuni*Nka>H(i<
z%(LnqR<6{3YCbDXh`v{3dT7oL5mAnRWE)+^XPOOpOI9;$w$Jps++rn%qpno7TYGCD
z{ZbdVl(yd<k=p4sKDV`L>jZmck0#-;U=l3@rR;T;eRLIYE<2e(@u^m2g!-Ba+PLMZ
zz|_M;ttwdVkUy}@F8-7z7p6>CSU&y}^VvRJ*VJeIk#x0y$ZNs&lU)T^3@I`XA7~I`
zqMQEVY_KcI7fx<?$6f`PJAar?u4oU@$C97U4f-QoJ$K)pf?q1xKmVRQ+WNAJwmu}P
zIfw(fT3+s|GVR%8TP4||8}3r2kk@={6cj;QDX5+r`=%gK#4Qj1O;^bD><MhDfYFHT
z4Y5vu-eY>Q{F$)&>oVcIU9Fihb7wSw`}I-)m3)Mi&dAo~C5Nd($fzT;O1)-?CG)sa
zFF@~;f^KVD>Da--Q$mB5(@h1OT+=48TiU@>G*TbfEyGg^Z7f<K=x2fQ812<(-f0<a
zJp%#N!~EOphDww(d1Yn1F`9zZ-LD1~J=>~^5+T2!Ls)MTN(i?=gY1gRWDf@S&$28_
zyA*}w1A3V!wMDC}J`R-X$=|jeE1Kuspf^>COz@e=?xOb7#dV>1Gn@4+lK5;=)cO<$
z)O18(z5RN9{B3S1z5}AMkH<PTecv774C94diG-S(E-&w9vaWSS^s1`+ivyWp{Ds0d
zM-8|eG7t?qL%GxQ42!p1Y;E>46c<-4#aZpJZzl)JU74vuijJ&;D3oxC$|a{}LRj!|
z%hhXwTKSH{+GJajOy}QA6JR@g^jLHsxuqk)`m^wk<5S6(=@y&*{j}6V4?4$_1@sXI
zMoV^V>OW)QUN&pjV`$oqG_`Z)(QE+KbF6?MF#%p|oC+?vZR|+)5gdmrlHce%$j}){
z3Mm;)7*O9;dw<(ql>ZHesa1?M7Hsv+LRmrMwPkX}b{?!PKH&?I)(kuIN{^P;N8jo@
zck&DL^uDOqx}!I})sTrQ-By#?cIGnA-H@8SG&GOFFw*Un;yfolex9zXcauh0Mjvc1
zKU@p2l|H6Z8}xRt9+5FkB()uaEOEf=o2pJ<^$v|ckEsL(`sC};O^f(q<EaX*Nz<h3
zT76IT(*+bl%cg6H^<nmfGbf0VNpn)VD^Wv$3&)4EYFjwZ%u%A+3~nW;4SOuj?qXXm
z&WC*kw4@vxJINaptqn=X`idc}vU3xjXSdCwwp6@G?`DoaGu6Y{kVT8@j2U_)+t&;p
z8G68rl9JK}7R1rmkdZ8+huI$jCnsU66WQrIT=g|??R4UI50wtJ<9WD7Os3)x`IR%3
z-SG~K`6Ux|mcrWBMU6urIh6#-XVsH(g=VI*&|*Y~?@L3?uZ5}aSSiUZEI$M`QqTR)
z2>H5b_e0AfsM2c8u}-sdkv|yCMt<@+2at0bZ*oc+A#}$Kzhxg8w?=)}-IvhIW~ctf
zzu#r!nkj+~3vt88z+$MZXHz$pK6a_RSsM*mgUsX!g_<vJbE===w%5ZB$v{G}PEA$1
z-alaNder{w_ws(P)K{vvJhk1A^QeH1;KS{_<FygTImSjcS~oV;0InkJEkL@sRv58P
z#`9Qb%x}oE)DbOhy*G<^UR*p`NKgEjpA^&zc|mupAGtIp%>B~7&Z1)I3VXT5S}nVC
zYE}IUPX`Cp<I=0WhObS^4Lz!z-zLEE$>#dA{k_xlKKe4XU1NpF1Yg-0e!M*DUH$$;
z>n5a?fbT((F)pnwrO(4}l<aw}{&eD3v@H@tCR6>c6E`XTS-Tz>+7tgqe)H^W@?_HD
z-QRPXqWL%!wC0WDr7W}A3)aG|bl$|P4Q-4X8?eGk^9PD5PpVabbBiM=UclHWi&M5%
zevim?fPSiYM-D1IFi;9}JH8evs;-sut==3WOq&s@=W@8Kx7_^_Po&tZ=~be3Fg>wh
zY!xRH6D>H2SLTW#(~eh*ksei8Hxk{@G_B9vR{abO%zo3C7K&lq%2v+*ndx!3{!Qr6
zKA7SXu)YK-p$X_ZA&YC_791yYEcLr>ELxsw3i%r|Ixh|DF4I6l_cXF^Q@6&He6%(4
zJG5o?AWQop@b=?`(!jwnU-YsGlsB_Lt8DwLs0@?!3EBQrq?}j4600Pvi%H7HpdaVH
zM01d!=I3SV;*l+9Nwnd#f1EogtlQJEz_euSo$U-8CS{<q8ewuPA1N?`<EsR;0X&%N
zp`c96UR!v$1kO@k0-SjKrtG!&X|=58nR;obpdy2fR!T_;`FU?H#FdeIl8;o?%rnD3
zF<Gw%0^%@ZXN=1u-*qPDAX+V{C40N$*HA+2NWQslR@vjEw5<1ACpAY^p(V&y2?>-L
znZz;dlNEy?>chsnFmfc30CQ6!_kk_K>F$WVp`lX4o@tG<e$KbIw1oUcUf~r}OY>2K
zi<|(@^yFL**p=Vg$i0b7e`M)yJ+^B=wIIO;+{q`6OomPmz6Y`UnAouUJhG1GX6JGm
z$$>wI#v%$&so5M40=r(7<gPKQ--m@sR>bC&*xt#m!Bi~7U4zPN4uMXKg5x$OyK~q%
z*!17@C5Fi8?R}oSF#!S&V*cyypx#O1(S6k3BqO2XcL>zkTO5X#Rp<=TKW@5Sc#0T1
zI1#f@%7(%>1u{9cY)6MuvL-Z6MtQwT=D6xtL9bTv9)~9gg#zkVtR}+R=@|a@C8gv1
zH>vXLVOy&cHBL>oN|ZFvyw{nhNKZ|)%yE7;ezTUwBlbpG1=Q}V0Iz^gxq5L!t=3Xd
z5QpbHzmeaFK+UdXPtaB-nR~3mh3J9ua%f0U2p`#qVV=-g|3uR2W0>c$xdXdHDq=pj
zS4%lmyzn&UDgL3kG+jla^f=@Ps&6^t?AR~xawt)PXOvNIwESH?7Xg=OMAulunyo&l
z5@!8TCypZTfo;KZ?<<;;<x5d2-Jd&#>Zo23j&Iw(IQ$TB&vH2L92;A~|A}LNo=Tp<
z?AH1qp=rE>y{cL=X$;S+{biHFjdRmd2?<sWMnD;PAu3P_<y~)al|?9}-If*^*7<|u
z3jAp68PU4WIAUC(-Cc2{4bzeubdRY;7$PSMek7C0sHDxyV!Q@tmL=I0v<LSyFBgLd
zX`;jB3y%?CYo*->Y+eP<j~g_{PTSvde1FIhn-~Is^VM=>epY#pS3_duyi$E>q49es
z4FRD{9h#FASAGb{BOc<V*)~&jB{7sYM(r^nEtTmA?`+|VDMGJNkXLz`978-jzO9YT
zPi{L>0EC-z04?PZ3XrG_Ev^A6N5>yY8oA`><WdG!!Upubh<IN1B{=t1?iAkrFr;pj
zRcBtjR($@>sJM7M?FY5BS=%imzW$(&i{vm#@$(u5%lB_@p`f4Wg><L18elKEoFDmy
zZlEjPg;Cil8k*#wwt62@PGZr>BJ%y~P6<3QY=)T{Kg<Q~YM|vhG3vz9>=414o7VC)
zJCp5|<}aBdDjo-5&}$PPArqQ@Z`88YASwgnn%s{oPMpf~6&dRGbBukC0oVDbD#zX=
z-8^33icZJNA2eLZUxX2X;k{*Dc`1p{=)O2F&pD=&0&}-WNGo7KWWhvvttm{uq9|iU
zyrBtHP?_LGOoS!%r_SivWV%Le-u(l`T1|DD*~>n0RAh{A=kVHv$LLq*zw8ZXS~9G7
z#)m6R24J&Mh*->{+Xv6W{-9~%BmT9kAf%{sRpupz@Y!LOTF~uyl%vRxg1b_=`=251
zMI$uDluNnbGX;l2uA%pDer-OB4p<s7w_L7ED%&HQK3I5s%)o8#I!a4ZCj(*~Rn&)6
ziXdINtZy1J9Be~=8|zlJ383!i^BDtuhnbErrQz{(2}fY&9rbAsk%~Z?c3PU%S?K0!
zsoqC-IssYgVa)eQ$_WpB(<Ff*mFJg6KfgaNzt!LSlL0P!lBi@*y}zH4x6M%WF4HiH
z+!CQ=DTr1z$^1d=U~Rs8mu>tJg-aAAaEP@!VzwIkD3@O?XMn+QU2~`U;+#`i^^466
zU1L!k4iI^@C#IXW1XVyTD%fSgM?_z{KFnamUDy98c7>Jt_F+L`_qVTw!D{NmeV1dB
z$}M*AWRXwwt=USA1XdXA3Ux;M!n_v5_XDBNvU8nXfW&4;zdux9K<tVdN!B~uKb{F0
z={c`b7BY&-Zm5LQet9A*C~UIGvv8k;_K68Gb-FGed1;Vi808yx8sIG8KR*{J!%Vf5
zdsW&E6>c;7eyC8t+BFjr`ZLmW_-O$)9vxcLpO-NmYT#}){V|JPN#R;f7Dp@PpxJ4C
z|5;dwmU@H<Sw@M3H?uxPPfEHcjE`*4R3Cgz-vpUo5v6?x5bidzy%{5T!fR@q$~)T;
zI;h=LpHbE((pBY{$HyA3q+?MWmwFoJl)u~(6Qi9zThsAm)}4qp+sPswX(X4Rem~6K
zC5*kNa>elU3fVZLYGb9ju*1U}?99Hd{VY287ttxPW(WLG5E$l?q@Ww{%}Yy%Y<cyt
zZF=xdwz063%j1Nsa%1RSvui6}x4nRK%QMN#q0T0$9R#_J$WnQsF2frkU(D(~X4`-7
zif0YQWdZQPs`WB<*(52a<kMv?1GRBzcFs&FudZY9kHtt{bP<2eE4_p}YZ#&ZhSxQ~
zpS1Kg0rFXPgaY4Lv5uNrz4(@yFk}D-<I3k<;oJi{LmlHf>*yx8d_n-S*C?iR2(cED
z=gS<%J*~Y(lgI))7<NpnXz!jnYkDuk)@2md)g2c2GKZb7jozGymQUN-PlhVHriNp=
z1f&w2&=bqY8mgT)h3DC)+ST2!c50PCdxTR{^DKn!4IB2-%|gj>{?D$(8%2<@Bu|`5
zNi{b(V6ji8e->QJFDx8cPazKra<$d0`8FRV!16%xteIB6FQtG=&xz0;I#46fiV8fK
zi=>Xb3w?bq7xv|8&g3VSYtk$m0oHs1Y@?hr75R{Nm7t!~VJFoa;mn}vRkJV}nqtR=
zN4Gvx7qanLSQ%!ePGXmBdS_VZVC1(hPKoLp&jDhoq5mR4YdM7XvBarN=ulSvaCFpD
zLkRbPcOnQ0B0HJX^bpoGjarC_mXHZndq7An_#%^4d9)|^l`}1LEOsPO%bX&NhFUcG
zDT~@J8<l+6O|7rs&+~0&Hp@MVVFwO6$DiPngH{xp_;1nPD4*WGF97oJj!b3x>VHyu
zyd@_;oL6NQ#z2=n@H;rLEysGVoG6COG#W^#!d_gZ)|cNLBl<w^E}`06pAx6!(Y)}V
zJk(-N;TEAc;WN){9^vG&M}60tA@;QCJ>^W<;R@P{X^2lE^98&I$gJ0<G-yDQdc&2v
z7?4~L^ikf;<W^n(ZADxr$}M#;Sx>52fP#Zn;2G`<WCWHzET>d$^-bnB$KZ*8IcRgG
zEmOt(<rse8ld~PiHkIpKLy`C>4EyvCZs-}h_cH)mMmD0C`y+szn2095<8Hm=C6GAs
z;eK-JqR4rAARml$xLm`Vq+0%UvZ$_;oSNxyOk{jcOP*XSYnb{;3oQxunqB05*WGAJ
z;whNgHkEnx**hZ(*J1CJ<pdT}lzL2(MXbq(MX+tvJS=BD<5e)Bgmy7{qY}#{1ZZjw
zR&+J`E#m<F`EPXj2d_jD;_tE{avs)KRwxFcGt@8S)e#CTY$ITVySCeGm`!=tBU6D<
zeD!uTk=x)A<uP2_>JTT5;tAp!fjo`PD+qNpXOU%l$nrdMxXn5t$g)LB&2K%gc%(GT
zH9J(W%R~EV7UHdp3bJ5g?aP6U&a1N<lf$#U%^JTydNjUXLA#}OJV?;DNuUYOw@}GX
z2*@Bye7!ln_%6)#YF@TQ&<xli3R5`|6>lh3R;>oO&~<h7Xv%;xGA6OBAAFxvlNHj7
zA>cWh%u3I{1cz&#u9{^twOAdMUe~fUfRY)23SL}zqV!p`BXvt_p*<90?1Sw4BB#K<
zU>4ZhrD^usdssvWZ0V?3M+IbL#N0{DQ)BBZv(%7&KU#-P$5h3Y8f<9Rt@w+6l4X~W
zQ0wdr{t|IZ%iAbe!tk)60$CHo5)}C8vA7nGEQyuJpkMX;HJ=Oclu#|x5wN>0-QI4k
zIrJ#(OUTepxEHz$tg>wjb>TovUdluFf_5Tw+Ny4aF^K60r^8Ru($q5Nn^Bilv-{ed
z(fMntx|#*|WWv<D@^k}nm3c*GA=(8qC<jL%Rb}IG8{VQczyE_P;<vCqIn~vlgk<QV
zjoo`HbKk9Nn79;`q-hS{nD-AL>3!H3Z%Y$E-v2=aJ3DUm$`K271*cQT^UG&OiTeg<
z!s@3X?>YGGL)%`u=Xq^EM!O)`#wPNH>TkGm@-{t!hH1JYe<K!JF6pvKgqjOdPjRWP
z@vT@X>cYMV+KxVx?oa<M&9N{Mb_zO8A<aCcrcaBlsh_L@g?;%{j`0IHv&8D|CNGa#
zrfe%aZ;8^4Udy;`3O6l`DK7^@m*Ooog;skq21g<$*BCWg9{E?aOFmmP>$y@m!h>xs
z1I-B-f%z;0k(!Tl#y!)AWK`r?qx$=PhW&dzU!zmQ;rTf&R3udQfpA#SX3R1{5LmkU
z)abIc#>iSdjnH=j<QuiYU3vz#_CM4_5@FM+@jcYn$;~)2Yzxn7a^&AXcuy!iSrqFI
zIlSO%$4sxPh5EFerQXlzYUeG_-MQBJh@w*c@!xWW1EBPd{NHqiJ><gu&t*sa7JqBX
z1#Ss%)7c4hwO$1>;{LsS8W*Ads~XKeDv;o>8nYuaT}{_ho?1lE_i<t96cYK`4LG*_
zV{zR2pR4BX{Iwf`)TC0So!Qg14fF*L{6q0~nI!^yPi%?7tpfgTP5S43Ruq-q70}jn
zyt|3YzC(Tg)`fESgko|gZJ^>h{Hk;w^T2T|ko1*cE^Kw#8EUX1S5X6e^RKMpz6o4S
z3Xkwnz@whfu_@o&+XBDTfGlGi+Vm#yKc~e%${+U)_^ELJuOa)p^p_YL0pBl*@WiiX
z{P%BN%KM|{@Beph{;Cqj4ge;Hzly&`*uQUxM9JvSNfRFVZ*HgOm!HYDN$cMgj_gZ)
z$=2AzXu*Bw+KW6TtFw6>Kjo?KLcU0GP3nNh=>hEr0qtxkk`h|`#-VTo*ryQGwfepS
zE=LeEygcBQTsN|TZqQ)m<ovNdI;v@4<dCFwDNjs+WAkFY(!kX&7Hi+CVTUv8@Gb*b
z-=7UiVP{R<7<}j1pcfsy3;8t#J0n%mOtr<VfGx>0@TI)&ST5Lwg4h3y%eYQAgq&;W
z8?(Z}q)qXJDKJ6)3*KARD+OEV%31qgQ0Cxda*=|xLBHhnd(_zQ#6ACYOOL;RA3^bd
z0AT;B%HO50)U@5p_0Klu%oZA$fDZbE{*?}RE{V@}yoCOrz<~IVHDCGXHJ|<0ec%3P
zF!;Z#9e<bG0>r?ZUX;JX;2)j;QTfOJzrpgqd@rD#fBh1w!+*B*cLezFos9oWU!wOH
zA{GBLB9+@t@B)a`=Wyx$*_YsmSVo^J@#_S0Ti>epLwT2;E)^PQV?!?xZLTn=;Y=Jb
z2<`X#gGl}YUu8qtb~U<!BAtbF7VldGNmJyUx~~EBtn{i!d8~g7l-5N}CV-$D#Ftes
z&2f?n{zw<m=|g_sWy4Ss_}8kb<;x37EZx9@Qg<(awobrilUdsXwS_Hse9<M>mcr%6
zV6o}x4B~BDWO#2Y@RV@nU4O587hrfLgjVFmn9mkS>AT<ii$V7d^1Nsc>;LI51rof#
zW&g^z5yB>zf}3pce<PNxeFet{CSa3v5^cM(c7n!gv@OZALs+dPsmnrkmh0HM<@J<%
zJ{NM8e<*!q^`?xyRh`3keMEIF&3>88I6gGgI`uAC{~IY+z6^{O7_^VnuiJeh&0c?F
zCjTp#D5atEXNSrHe`$!{?ShH{Wlr<|7^DAl?Oa%Nh&T9?-KVj1OH80H*vfa`&n?!m
zw$2|x0FVI?J4ZsAp94u8mY|*^QecG}jhr<hGE}L)H?WZDql-b!BnV*cL2K=?-r5wv
z*Bx>!^QE~KI(z%UPacAx_T{%1aKUf^7j7Er>IXk&jVn%6;3Xx$K@AKv?A+>~1Jjih
zc=<A(>^=jR?2+TIPPV2!Yg&%#D!pR%{u9v0@Y^%Gx4($p>k@Kq;{xdra_i1-%wA~t
z*k&m(w#Hp??6iwE7Bl5g`EL+G;NK)_a77irc>#0(Smww8s0FrCeIo8XdYy=0l>g#B
zD-H09Kz+l%G*Mbfdei*raP?2t+t}ImivcA${Pyh6mHb;b{wlw!8bwydOHIWu#&l5}
z%l=>uD>Q!&AU&Alk2?gp)c>yU6<QD=Dfv|#A^+~7KWl$o=I;M$=l`!F_&+%ljUui6
z+|TZY>xPBW`nLI8z7l|j|J@7^m|kI_TOnV<B`vVnJO3J^2ppe2c>bn~Qd}zX=Pu^^
zu!GI6JRJz)etRxjx7;f70&vHSy_FPVIZN9wAgCRH*?v9Llmh~_e(`-~{uf)nZqpQS
zO<RbWS(^J4Z4N!xB>KaKY^GgE^$I&MmfY_GY2m+x40m)y^DRpe|KrYX&hQT+^^Xwo
zUpM>vFWU?LCms~eb#-@NRn>ssM#iP^q+-Igz0v<T`aa@+Hco?}fL*wjzCP%X+n}Q7
zV(w@oQce7SyvQUarF<J9g75Ly4Nz4nydV?1^Q{+TqTH<Wo;RQtA#n8R7sn=z)Z;Nz
zg@5NofK0OFe?rJErg$#t?Wq6cfMMp9LvzcXpgE0y7^Gv-za$v{@GFA<oy;8nKl(!d
zY~87WURE)2!2Y@Q{@ZdU;f#-_y4`2<$^Py5`X89OikRB`l`%AS%Kkfyy=YMwF!TM7
z`N!Y-ySV<zQvSEC`Xnvg&H%%Ce+~|V)hH<uYkQQG@wSiq{^JV)pD96s(%%0|ma|fq
z0b^s}iN*nH5$CKCamP9Ti({cB#hx>8I3iwL12jnZj{Zvo!Z<o>EG6N(0O+sN-1tiN
z-<wHiXv71D=|#?0FP~q?6#k!0JOACx{l9Oh|B==CJ>i}$8tO<9q17B4a?sHCtF3`I
zCQONw?LZEBnm^mJz3>j))~3ngXGs(}6P1z$D*c_Bs&*-7yB}D~GbYZ4MS6HZ=@Py;
z;sn0O(vc4^atoAJ5~>C8;&WxNVM4J+Db<NMeMEVFgL`eoGS@JJv2nVWH@`BEY>_?U
zT(Fnwe%1#X;{hxfeh^JdLEx`px!4h@jct5?<zkPVWYp0OK%3Cl+$#i*7)Hq(1aq4n
zSt!#-d1F6*JS?!cQ-Y5iwoTmkrxrKy@Wt8psu00sZ)GWsFq|r@;E$NmCGANt7Rfvl
zUx$VyZw1iI9uaEq!`NoJ%kYuPx#4Vsgu!j^@u=lw?o~tszBa1zJZxbX<1kYgxMoZn
zA<GWm%|0Ij*K5CyXw2tbgMvq!<Cw;!lqOFSZ4NsSo6iXvMc&iA1;&Z`55_5aS+zf$
z<*40PFXH^Psi7$sZ3mKk3kHH%#Qxr@bY9kQj>IR3t47aPH{LZnowUCl#4)}_>(<$P
zB2zp!jA@gP*@kX7-4bp?6*%~qHi+}LY%UB!=QK3r0&;w}EKf%2iEi9V2=s79972r!
zj_p=fEKMrfy_SD-mlXR!y8H$C4^lw@u#>*RekX8iXgF&mrd|M9pbAi~-3neODK>6+
zC5B<8RJf#&aXPoeiI`o1Ei5<cvMd);oCM`#e*<6W`Dz;ta>g*^YtA5y9Wkj<KU{|c
z^uCk_A&v9lh-x(<6h;r_9WhwHD<d9fVtKCiCCLqD&tOM#i>$rZ>)<YSVbCzlhs$$W
z*?0GZ!?hk?y_6z*&>qtY+9LcytUlf9v4N|!m}(X#8*Qj~;k_w{o#N23n&9a3BT&9A
z``x~7cfaOf2)fC$a(&+e<+Win+P*1CZ;}g$ME_nI^#-mY7KSCq9E$t3(*%$?d)X#q
z_5H-iXwPzTiGxu4{@{urYj@oAuDSTx9x=5k$w;xMoQcodWbs8_1rsnvt+&D*oalav
zHuYLH-yo6tT{`u=lTSZ-3!*hFOh4<VNFpA^D%Mt7>{Pin7-T<sRP<<7zVHZRd3d1g
zeMf@N=2^XE4c+hBd*6!APl}WA1U{I9VeUtQf-~#jm1OW*9KvUMU2@8IKT&cZl**;>
z?AtdZucM#1k!f2*!C(lL<4Fgj$|Ei=6ty1~wRAFjj?W*7fL&3#e2Ku(osk;={pn{Z
zw+R|2B2H-m9oOudRls>D$us<^%FO6POU2K~DrFTE=Ih>Olb?wFKr`Z`3`m~>MvH-S
z6B~RVkKOW0`MzJ`=M640x&n$4JUi9Lk9m(iBS}4vck0O!!C_Bl$xhm~lku#Z-((Mi
ziu=|fYL#anSY7)g;xG(8>%3d`_<qKan9a}(!SHs9gI0(0t)u-W#>=Yj(|O+fAm!K@
zLRH`Uc(T{+Fy*U^zm|@<E#byvQzoGizcFp{1by7KLGw18maA?_(1?#w%IPPjn+YH?
z5~`3whjV=u#5a{0;LL12H{4w4x4-|k&=>D<vM{u;xRUFAw(z;`sQaW}rEe@tZII9v
zuICCE2~BCQGW4J6d!oV`-jR!&q#_n9jCgsZBa31ULJy&{amCoP-H&HS+Y4L(r*EQh
zZInOY<T^R%)qlca(7SyL<LB4k#ZfnM+GJX@)XuS)ZqJ&;3Q(EYJ!VM{#X3C?U;A{H
zY^IJkk~b=go?{)xg1XO~e~fh)h1#H0{QTZKvns3ly!;v?<Q;lx^^kMcK#E$0fM5k~
zwdA+<+}C;ZDzj`2J0@y!LqV%*>zepsA{nHz{n$PoATu}tu4#H&f1x$6#a5w>*zPc!
z1|S^7EuJyBu0jz)1MGTsT;Op*J$6`*T*xR)u?ZlB2nHVz$nVv$_jJO%N{?Xd$Ngp>
zW)C_(I}mkQ9IR*g+@*%7p!ZmRkBB=!MM(^tF6lSmE6eU^SR^4nNl)NEY=*=1Lh|#=
zf|4HBZi0N5IA%+N`iw2Oa<+O1H24OP^`7{%02S|k@0=%NSipoEezp^&gF7Wx@!R=u
zUUAu}J|0u|Wb3;4DRQ9(zqh&d`filTS6U~k1blq^A@saPX#qV5Z0c{BEw89x;!-Vb
z&d}|h{VLegD}=+FVyR=p*qJozOw?r~#Rr2xV2}@6$4jYh{Y&_`4O-aN*!k({bFPFf
zavu=yD7Q1PP&L^83j*is2WayfJMYE2eAqe}Og#*;q#s%7Jw4<%Q}31alKqzQE(L&^
zYHr2-Fd%`4AHYzQJ%}U(;>Xf5oeOLha~nLGZ_c<xjQ+r#7a$~XY4$b3?SvNVkwPTF
zf^fB!8w5$h`!j1W?)4OC@*2Fhv4d2p=HxjZGZ7>J9vJgw`?B}&=%6ZtVq@bRm*eNX
zZP%4-J0pv(E~2dCtGkY*MeRe|V>S%Q@;3!g&a>QggeQr1q+VO`TcA$}T?Gl87Jh_&
zokKB-+)r<e>w9*=ORSK7qGml1V!6SuPXFQbY!TdMd0Nn<5{wo!nrC-)8)e(>q&Y+;
z*rE;*l4GY=ZQjBiaB%yRGljnQXNLHyvmIug9n<8|vm+V&<`tX9f&E@%hlka4ndIwH
zsRjiT3mRTe`K=|@b0Kyd2Pdh<17Cb+;>rsu-xqg|yu(%|P6A<&#9JJM)-1$N#-{jZ
z&TgwH?L;6BseI4xQ<bq;_l>z!`ba4hB9ihJz*v8o*}`*A=Taa(_If2E?c65^N$>15
z8|Us?uT|S+>3Udh?C=}EHVFGE?x0e#E~l`;)(|QfP2;tN>l1_vX+j(qY`m6)yIqQn
zMvvX!H8>*<d{O+BwU{^{zi$TjSwxVk(+0Y{H9@kqFo$yZ?t*T9=a_f#x&FDX-uh47
zT@2cd1U^sQ-rU``JGZz*LzGex*(56IUNqb_2F_(ZZue|O;fZUD5)v~7&?mKS!%H%s
z#CQuhlAV%0>O{a6Pp%xQYqW#5XHXxC%!lBiS8hPGjEt-!#QEZz;w;kUcYca1cv*TY
z<t<C>kQ%N-ZUW)OXZu^IWgGyOGum#R=7y$|^I<tJN_RXJD$@u(-JoJT=N&!})N=4t
zI)CSsKN|b0(}jF}c#LZ_OW4xO1dq`PJFRY92RKviCl5IEpe}BxZbJaS8<>6KsFOIq
z!Z}LeU|hh1A?{cQOJ<#)rp}CQ02J=Mh{SG{pBvP7c112*umNPqP~54bB^SOtyJK!7
zDc<Cnnpyu0jGxyzjF_S56W71Y+a<<OmnPYekXtzNJi+zY?&K5>BelGiU18lmYmb!T
zPEA~TLD0Ciq?NKIH+Z_yP++s%t6m1nhtVrb6PtCKcp0C&xP2Mafn;NSpZCXzv?nSH
zs{o>5&J`uUnSD>6Qti5f0PW=!s3BVd|B6MW&A|QYm6XE%^F>SjXnRR0+E)Fr&rN@K
zix*uGo6xlnU%8qBeSA6tt?_mKUV0`)bwLfG$0sKa3`pAz>V7|R+&ZCeRkpHPlqDN>
zG7;`rwyzKI9aA`I69U^UQb{D7ruiM#AM-W?q1V7w{UVc531NtVZ$93Qs4DJ_-EAO>
zS5X``kps>M&etyDRE1M(Rb(Gs1zCy1lESG~@&9Iba!bbA#s&^}RL+4PUdoI4lDccH
z6uj?oJNz@U166Eg6zJmk`;v{xpro;9(;4T8ptlc$1u4c<ayX2_oL%Cfrnt7y?{eXQ
zok^<i2MGxv7;)irmOf5JTxm>8NLe*{WHtvcCTle)geaieeM4BLW7HfD!F)ilIXHx|
z%NjwhQ85+_p4~kY-Rm-#d_(M6v9nxkrCn!K1@Y05#G$F(g09tqD>V`O5neV?;sZg)
zu>%eVC~l+d%`7XC03(i-MTR?&&sjGUN_Rwi!yaqR+{gx1o-ao->UiJ}s8HUAfF`*X
zuN{Rzym)v|z<pBdq=h+C6R|!!$v5|-u2goH!Z>%6a)lz0iD`YcEc>KGzv$RvkMCqO
zfT!<AQ7Hq4^E}@Vp5I0-`X=?LuEF(9M$+tbR=`-Q>I}V2qZl!o8oZ_@4>zp~5M4ir
zATvn5Vl<64Pj=s?D>m>uO0D7NQ@i`19;4;>T_!v}TY<tD^4*u?ps8Vt8Z7Q&pW42C
z{BqV;vd84?0VAmc*ET!zDEF9XCG|&?QuX>iwZkl>ZSf=37PusmYxuqw=eE@$b^VD0
zHq6uqi<TVA#6BJ^M~+LhCr8Qwu{fMkdUXp_dV)t9z{P5w5vJKIJTsCD(*~9)ra%<O
zbyn8}VV&Q-lHKc$z>~Hlhh&A*=cn0zds-w@9j}uacH<MAgZaeA;r3AwoLG*=%7&x`
zbGN9?hX_gvowJ&~;PW9RSQ~rST_ocL#efwjLBHCyop>snITC(<9ugsW7AmnDtg;S)
zN~9|#3g$JOrQvn9t1dH~FG$)CWw(hSybfzET?bN+aeMnhtMeh;I<M1``zhN(J5_CM
z>jZ6e?IJ{K%PT9_@Yq=`<-S|eGBra4diZ5wzGwTkgc1Tu-=DOeR8{$f9E<hNZuCuq
z`7DjiNQj@Jt6v}O{M5$o{A|{)j8LE-7%NhS4=paAo)6Ybo+P@{3Y*!6NI_8ebnSYB
z+|cf2_Q9%g#}?MS-H}So%_P8VIO%eGZ?}?;WLoVCv*`Z59by#hx8gCWrj^U6?bl%J
zP;ZnO$`N|{biAYg{(ZLt28F{&7v<bx@pFImgX7}qd|SYiEnC}X8|KAZtO*aZ6Ll`p
zWWeLd?1&JWac1FP5#WM()5`TQxVVX{Lc`%k&C=x+-<<Wz?P2g)zkE#MQgW<l3`GHw
zW=h6ti&^i>4tA`gO4s+G4Y7nTlmZl33tB0D`zi-V8J%Ao!E==`WybkXpFT?3qvJN!
z@7ZEob;_OT7Aa>!c(YgUr})0!?~eiwf>U&ok|qV`9<wi)6DT^uHVzJS8geKq#rC@~
zZ3)I>X>9_|w&fT^g?c^ITr|ZRE0NEw>}I@D0pun)$G3@lO;*L?tvs?JP<E}^w|Hwu
z+RC+xsa%_^QooUH@tj-<%8YlH34~QdBz#l1lE`h0hV`&4sk%Ah%k>)YyatGFq7Iji
zH-?p;`LW#DAdfR?Lx!6;4M@CUm&h%X?89&t9r!%K?`+*`X~p|&bLU;WpaS-E$6l$l
zELJe4_%y!(GjQL_1+8sr)LYkTIO`%Sn~UO;d;YvhyK<=n>tJ--lX*$Xt}_8`FYu7%
z5q4(9ZLAg5#KhVXYVWt$ov_$Yg<;W(BZJn>JYuRw-;o{dJvmcpnAZAWejdQTHY{Wn
z%11bqxo5si^Q_|Q&938*sO`bGy^7oRec3+y3JtOW24(P7T>mOY1Vd9J2*b4Q8D&ER
z2?J39(LSxsUh4)|_<NUi^Bg1(OO_)972+!T1V^^{DvaDTBJ3!>KQZwTKQ3`b|7@}u
zG65qpa1UO+t|$`1%)WzuS)@2T<WR5iGr-rFtl|(1HPk)dqVA(A46-9BCxDb;V=3!f
zcC=Q4SR1T&Y<eJ;TeECK#<14uDLs!QrbI#R%knIa&(|+Wd{gcFGI-;deySa5YyuHC
zj{&)xSbTO0M_DU+2a7-TPh+c`fOitNoNWbCIajIEEC^c{2{w4g1(}*3yg-?5X?Tx!
zj?c7}FCUCPZL6Nht}e4VO);7ZLrg6AS`@AD)vW9pPjxID|5PMtz#n}u)+R|wQ}FWw
zPM`1%J%K)bT$#=tUAa%>;!j9dZeH)cB_A5%qHT>dAx^l$lk1k+ZurSNEXI<ZZ)eYY
z7ME}v%l<S8-MgFkKFi`+{xNPk9=Bo(>^}jg3J!X3h-XiHdx9A3x`9KkIKyIJ^6NND
zb~pwIp)y*Is?$`#Pu&)AQyl2I)NKyzoL#@WKF>%_6|!#cihH`eQtVK%&3Qe?%BR?7
z5<tsFXMxd?J(X7}XH~;n9<YUKvPnDH_7>)TS4>qrkVY;+t5qMzN`igie)ht%h(c*W
zJ!WC^3c=jL6PqU-h7d^!ugoIE63h!Yo*dR_cnt|l_`)8Sr`#B^-Z($(8&-LG!TXc2
z!67l`k_?5$SewFCm-n_$ik|CimAGJcG?i%4n}?ID+#5N17&rSRb^KUmD&>$iQ!c7{
zU}D|c`~BWiBdIF{K4q`Vj5sPHi;8x1H{7CP>sG$t6;${5q3uGZrZrpr^at5x&kXho
zE3GSh>vih)9*7@6$yOBYaxK5`Nf2nAd%Zj#pC`Zb_S$rPp5)WxJPEMp7hiwk0IFxl
z{sw7Q-r1uP*lQ@~VfaZuZVOp&a{ArA22FFaQL#0o`1<56$_>AJStx+i>M;!VYKfsP
zM^a*!SbXmaKmhT(QY)nFxa3i^D@y&Q`se}8rXR`U`212M$ueD<^Z5<jbL9mGJj6a>
zoX*-tkOGUO(^<{wpULw^9G_3rlI%R{I^13ms%QHB>Tg^JGf@6ZWM5}AUtX2IOV$!V
z|1)n6IwzugwyM^0`C-~;f70x{OV>E_G;bQo{~k^7z*WxblFy2tyE|-Rlcn}S^vCTW
zo8tJMtsdo6)RGW(KkwH1n3~tq-5gFQXqH~uPXel;iK#v9xCX}5$de)#=XtZKx}STx
z{o#A#uWeAo>yJqeHrY&LYqV5}tsjs)9UBKSAlrg<+CH)>3&~F4%#gYLa#3&lem6^c
z85j}Wlv#gOvFKU#W&4ev2WqdHj}_mdJ}5m8%*sM-M7g=Lv=l|Jok&ez0S*;u5|bUx
zA7*2ianpX^y4BQbBya(;R(xtPvNMtG)HQZEG;EO=g^3Vnmr4bz(pTghkK=v@Ystbs
z$we7+D}YvfEa5Fjz8uV_`;izw3C)=!-qQT0G<pXn@b-JUrJv77y%AR199N>YJVd(O
zzZ#=AC2!f7z>T5BW9><DmFALlJpw+fA<gDp*S+8QKOIwhvB?`RJf2X=)ZXqG-_V5i
zxihIxPczdV;i6hXI$*jqZLGIf>K0xae!sm!(XZ##`?jHmAXJ3SV|I4y-sWd7^7<T8
zS8RkFFh(v|8E06aD$4xhPQE;w>IRoCb%zaK<?DPyr18vsF{U4ddg30tHrR2Ys>SFG
zGVzC0^^#xLG{7bF8s?4~-rrfrZ2Z2e)uZ2}ywF!T*J16n)S&3zoWPhalkCO&<tP;=
zLJ0^uvIrO5{rrL>S7$ekNoZ7#&YpVIx2x!tES7^4zewI&Td2Ghkti#Eb*UVDe{hz=
z=allEcNe-gH;AQQ2`<^~^E=6S^Hb)AwlT|$*ZFS!HoPYb)x5qI^DD_~QMp}t&rw<0
z3E;*n1ZM2}vtNN2UvbZi>p1oqhj?Di$E}ZIx7WkZDNzVTivpf2D8ruu)k}|#e>9wh
z`L)zYjBPSX%_PPj)ErGPQ8`DTS`e)pHV2c(?`)j#*bt%9HUfewW5N|!$Z^Z71M=DG
zz=fh0Peqs?9TJ+nLT*n?_Bql<k)<LyXomMC@gKIL9>eLzx{eTW9j^V>lDvHl6@4*p
zxTFdB!7?(QKK=Ol1(Gbp)Zyrq&C}vzV<+(&Utc8!JCUY^OqT1_O}DQ&4sPkc2!U7N
zPAQ_fc<z&LFPwY(+Hlq<Ogxw{?OudMFkbG8I`nOqkX4~)<|;Q|YM1;P!FoRDzLmnk
zaE_(2{weC_?H!gfYZB#clXGx>K!wAO&`A1&&`<YG7+72?Sn&@e^E6G@M6JI0q|@x7
z)rJr*L^p|En~#C(A`JZZz854vQJuLto9N0K67f}pQKsV*70mDzQtta;<aG+uOZlS>
zk}emAu$bd+Mze+MzP6E8V=aZ|lXv1NGYZD#Y9{e1_n_{2QK$y><*c<U+Cpn?xxP>I
z?z#7W6EdbvJXKCNRalH_k}?a1(w4$qW=FX7M#j?UuVjCK?k!ylKC%CP>)bh8R`m2c
zC+<k^*j8yi@uT1tBS}{CrBb_jv3pySEcWw-hY}~xsYIRhYCfrGHBI*|Db<n%p|s!K
z-e|4>uy<xqz_qGp_vpc6KX8@L-szo6{E&J<psdv}Ia2ndVt*Xd+}5ohVF#YadYB(w
zt+b<@e6fX&846a>o09O!yXECqrFd!|U!N-5QGxF>g_j?I-khi9_RxVkXQwtjnptXn
zJ%5XZC~5p=o-4$?Vbzird2dVq_7u;?kvCrLxWz8DPwiNOYTmBiTeMW2MZzYm7P&yX
zVCX&;5i7!6Ab+ElVJzX3H28Q)7RP-9{35U6g|8@A;mdfn>Cgwr(0dYYgiIf)tzHZ4
zgE*y=Q?be|9fY+)@x<+hD=TTgTVCTa=u7(6d_wz`(WB&Q^<xmdVR2`EedkrUmy!ex
zw#+rpNS{y`ng}fr$@cfl@wJE4NtOgM2nhgcX_qg~fnrij$adlfZ;HOIUaOv~p&9+@
z6_HwIde0KfdW&6ma4<^o^MZw?Tjy4d$X&~GiLb?9qg@V|qlUJrPej^}_1ebTlUv5#
z;S@EEP8!5Dj5km(x&rl!U2t$7*@n03*&}>=livr21X@Q82nd7%O}$ZPsf*M$V=4*X
zi%*@(c5^$8^%H9MY|1oLmq->D?vCPO%8a-Dj5t;G6AtLPGE?n1wY-ksg&B)Y)pKqi
zS*3^10yZjRBc~qUC}#H_=2kQp+<VIeszz<cc@1R*B+u=7HFw0^+(0$m-f8LhLbc!X
z#N@@4N{mX%28-6yhL!7q+Hto>58X8*?pOo%LiKG<y$sBZ^!fHAufA-E`1dfKUa7U3
z&f6^;q>oi}ueAwAAzHTfP4Evf@CRJiuGmz5+rz95LRq`@WgVzV0kN-2OcNTSU?ovG
zs}H-bU^QaTd-Q>1apvo7-f@6*oX)(Ur`&=DZiJrWAXA*P9Tgo1Z%Dd2tT~uR_qWth
zU&*Kyf@F=Ou&h(TKfUr%cZZZ}kP5dbT8gQ-9XJokBqkneSX5oxf5HALWYQf$GN>^7
zH8@fIHmt>9*i~?3zLx52bSOi99{hT9axObwNb>3-2+bZ?%#h=UbFH(5oy*&Y_>?tr
zp^eHum6v(befvas-@QMIM<TH%B8u6x+1%jmkTxhss^W2;(~bOX$h&n?R+?Pm$Y2f)
z<85oL-^a0Fq#>PC8747$Yqbp1&9l$cb(pH(q~72pR4b{byFD7tay9yTX8X|$W>;Z0
zn%O?avwKWgqMiv8)crk}4Mn9Y698it6k;Ib>Bjm|NGd!`>b<1zO!_#P^T-Fzq$itC
z&oC;1AAP6iJ$a_lTvmxySZYSVxpM2-ex@`Tu-Z%rp_L3VX#v@22}2SFza#LaKvfOG
z)b(=Sgy<J}_!Hu?^R9PwfjoTrM@Y8p*K3G#@u9Qs_jf?QKU}KvwO7IJJE}5JVcrq3
zrKQ%~e`~f-2VnW!7LdW)aw*F5?me5LB>)S1iOx_+K&z|t$g9_)R^Rh8612n>I;ejl
znz$lXFQx5ux-xo5FKPZWc=o1(Q0$qp-^*LxS#V8(^9Sa>m1knpw_GaCqV`!<hSU*=
zxbtatfoJ-fPNzkYC1NjP6B-UQ&a2-H!2?WBcEte3U3+DzlwRC?wRXY0QyI7K{@!Z{
zn{Qb(;Q?rtzY)gXu&)g9r49LdZPpVfzS>pXshl1IRTx;4)0+p0*k&o}CFp7ilrKG^
z8fo_GT@nt~7d4(KHK0&9O>V4l72IT15p+GM-Jt=twq9c7YuQJ!x%NYKWeevF_c9)u
zrLXO4sJgJN*gibo_PmGO3d|ajwmkb<a5?{+TA|p04sp(EYw}RTCw5Jv>7Mq)NeaXL
z2m9?JMZ=6HV4Y=$&!q_PN;JE;Wmi;h$g6Oda2w}68$V^XG5gnhmyHbjFHO5b6lTNS
zwN^iJm0@W3p8TGEjP4noNK)Ttj#wWY7U%fNLgs42>}06_)@<s>>$N8xnWEP03$=?J
zTv`P;TkXFyr;gA5lnGB{rZGitM^;0-uPhjUB~KSA9Il-@Y{m->(UN61Gj{UH#Q(&O
z+`9Kn3!oy2KY3T1Quf+bewJ~Kc9UE!YS~ddo=20qhcop~GDL-iXuQ%X)?=<Ud=Gnj
zFZS(Cq;N25S%vS|q_fMeZy-Lx;>e)l8~gF**+)4&vF53Whxs-}0;M&XescO>=Y!a~
zA8uU9q@z|8rr^AWf_h(d`wA(lSm5p`5-{<s))-eh<(yc8<bixuA(ZdfmR>fgLo3|?
z2hrz0rnj&17Oc?k#*p@>P0Oo#!yW1h9Et3%lR+QDH~oTMTWc}%yo|a72e_l|7g6Qq
zZC5+aPPMw4@)BHqu%s25)g9r{ZPqg!+}lf%{C&?Ua-8%7^P?8ak=O$*{Tieb5jEO4
zwkwX<-1mXrT186NNE8Nmg6AHZZ*J>r7F)~oC<S#b#aIyH0kVf&!flW21sb_Vf0J0L
z&XY0I>C^w9?Y*O#YP<G9?1BQ10xDfZKtMpcfCLbg4odHc^xkVIDgpvhL+?oMy#|7c
z^rnF%^xgvm2mwL}nd9@#`~IHy`^}p5&8(UGA6SrN<(zxpdtZBB`&?U4hIB@Q?fbl_
z#bx##&LFy#8V&^xRW!q_H7O}gC-LLRs3vMqns1wtnZK{e?~>I@3UYmd=ytm^IO;Lp
z9f*xSX@U8Wx$$4Uhd{FmwL{MU6I3)Z*MGEcBjr>Pk`Obxcx4M0Z_e6zA2%#YO06Is
zsG+Az!qL(}kxP~%>qnGD63Qy!i^~N7^oz0f2~k!-_xARejKs`)9da&=f;7%&C4-Kh
zLJLzfZzC5e>50DAxNU-H>S1P0b!*3+#}erR<BVD|%sB%-c-h7{UC|v3d2e!m>fQN2
zkfd@{y!W9!{xN=~`<hh@)*6)%y*j7uyanWOWws|D8>+TXMxV{oxm2B{Z@c>!1{@s9
z;(sFCCxp^S`?7u(ZcCVfHIJ^AYgQY*^_HQtZK>z#PY!u)euw{6>R;R|aQFug_K|JL
z_~e*aiKvV5XJ$SZWEWtdg?#jO8JWWLJwg+l61Kh?c(n1vT{UDADbZuKdkf?3?MIqv
z<y3zP#9ICwleZdp*X!lK9OjyKa4MU&`}l?R#e#St67Jft=p<THM!~BzI5r;@3IwN&
zS2dqRciFo@0SayDx=jL#<6qr`q;qeC$j8-_5B&0nx8*6|HkiDxz+;OB7Ic;B83%Nv
zaqjA+I3RAHS3WC)wDsgX)DTk#1%177n;G=tY6r+P88~fX{44_O;cbm4jwXz%<%7E@
zYAoaC6Fr9&2_EreFmp%K&_2QbDn+iOf!RPOSTBrvi(fjs2KH@K{{iDMmjK^AZMnhe
z7|6LO1jA&G7<?FXPoi0&so1bh+W2eiR7di!cY3$Ks)_{Ttx?w)U558ios9_&AetsV
zh=h0W+byNmUq3H#f&8;rNxz>MgiYstzs3^qx~D~Nx2688(bL`37o>PYUoQ0~R^<S-
z*XCwwsDi2ic1&LlxQxpgI%Z@!((9}v>!F=kMPlKol$Nn;V&X7+3PD2@3h$L2b|W%p
zDXsI2-fC0aNh!cjQ)!Oy@p=bf60~I$dofQ_Pts}AcL$#tD(bUAQMVcCcTp+18+_o~
zW-0lpiP+zlEz*ta_xLmu46lpUhiS|bv7<8HW<B}SFE7=fy3W61=sDYkN~|r?gLY={
zrda>`vl1B$b+E*rVCV<?;Q&0}1I@4AuarGi?Q?+Sr^Ud|ftKBJfT2<(LF+l=5roYG
z7^{xYp~P_Ea6Ykvy_U-<>;Vm~9zaIaeY7vMMD)8|C@ynNCz0w>Z@<kcW6xd4O20SV
zFy=lv;fK|b1I%!H;(?YaSnJ2|?A~|Hs@WStr&>g2%c^#nl8nSL^2}*ol{wa>UbU1D
z18EZt@6H4Tuy?t}f=#SJ=odRP?7cgAWMsxt-{FlO(h6}R=24F`lApUCMppMz?N28U
z+!l}#aUp<yRFyeTcD(5E#n1djGATfdUZDVMi>-@aCHqFnUxIi<KR&b1I=-I)OAzc#
zGbJSntPEVFy-ryRa{z1KFr($(Pr(@|guZr>W5)o|Va=Pjx|Y}K`vc)8FMp$Z{fRMB
z!NXKgin7KpXd6Fbc83#@O6moVW=*Ps<Ojg+RVy2BW;m|bA2#>r5t;ambE4uK&8Xt@
zKt>blO6Z5J*+4dJ)&HzRtetl(r7F?ZMy{W!yP&(PT1hW<NWb;RQR4%L&l`m=6B=~)
ztB4t8913=J(tE2bX~HQTb>3f7@EY(Xk4(o*%no7cPQ=9WkeDGh{-H&pM3C9=`wQCQ
zy%kySjxvPYT{SlM_wtd~V))#DbVQub0CDKGfRx^aX6gs6XeG1y<>IpqLu62(zhT4c
zCJE|Kmcx7E$+|k*v`vk|P9~tiU25&mmse}SeEVG96M=TxPtD$m>Tm<IRIxDF3~LDE
zDdGF5II%`@90t|r*rrbL$qqtFrhQ4eMWfpW`Ud3f2NQi4G`r8ot`FNVS2g8>FIBu)
ziYt(`VGwmI+S2)m`vBkVxV;}9(*{~lj>(KzG-iMCaaNO*=fvqZ3sPbk6+23O<^Q{k
zH_&pg9HPqYpeIc39D6vSaq;eB2^t^Uh}h#||Jv1NAoS20j$L<$POxDWxj&_+brr*Y
zG|mT;qJQ?Z>Djfo;n3oJxV@&wyN9hlbMykS&khP4G8wZxWX7FVod=UC>-@0(KrUle
zjfgCfA#L{xJZ^E%plaLIt(qrX+MF(H=xr2xUi5|Gk-S+03+qsQ_yw}}mLJ_)i7boV
zp*IrZ_);*K1{C;AdqvT0NfLh}fjxy7F5YU~8Q`1ZD#yQ~xGHK_r}>p?sxvKd>wbPV
zRAUQDJTrgnKelhM-n}Sf6(W6;?7c&wwv3(CT^@<rHQqGH05w)GKux_L_7p|B@sm}_
zF+rwOQDXNjm|ah{yT=81J)^<u1)-(=o|p`fdPO34zKzKwDcr&9w_Y1p<sFcD?oEdE
zp{x3+E@$GIgF&5%jNLo;+Pjw1E*62>^2cM`XhP#GBja*@;q0nl)%({mjx6)tt=X4a
z=vQwh|FXwzQ%rs^d|+Wp&#ko<s&bMtI?y#rouUC7caU!x!uz&7LtzZkTnxkOE(1ZF
zh?Y3*__bBgMQCl-y~R&s7VsKWYt)$#5M8L^(yW_EOibmDinnDIH>-HMeKU7WH9>3O
zac8ylHdz_;qyw-}o7LJ2@>Zvu&5<R@5ro%U3qtH+yl|(HK|gQZi#u&=h<y6<smg+O
zkMPKOwsJT(`|aS7(f6~61o5BwX}-aU$)>a0)a6@;%6P{KXx)$VpA4OzEnm+0;dDQT
z-W-AGPc^Tht~DB(vqgMI+^~bHJlgs+?Q2(YlVOYHeWVNzVP}qa>F9zu@rufK&quRN
z+VweK(kpcIPJt|@Q0;HS6Hk090qfnRR8%MDcRYSDwomsQcT>drXs?uiex;vvI(T-%
za}LvzUr9{CSZPWQ31|A{>&fB7MwKrWx^xoDh$-^Q)d*|6TXcn=UQu;}42G_R-{hKF
zf`Ik;{hVmLY#8Mhd*#j=_yU<M#Yf4$h2QxrAHupTFvs3Fh#pH)IBSr0Sf`X}@`lM)
zYm^dkF5hbC*U$M&##P5Br6q9mC3>u}ICqN1LpHJJYq5+#G0&Dgw&STbDD5s=?Rtel
zjnV05M#Cme_yF>F_t-R<imqamj$E+LZ4N4Q(4Aehnj61t-QSaX;{l#0os&XAX6cR6
zPGon#r&HC$%wO4BKhmk=%yamY|J1Aq)v(8bQcz;{C9-c`zrJcXNTt^4C65~0od&cn
zIUFGV%RF@e^E^cm3Np`&+pj8+Tv|}}3+H2Nn;p$dw>l5ifaD;uCA&cdr{Zh33D%?R
z^}(GC9}vDYtX_drqCCjbrf&P?n=x+w?(%;cEH&$|db{qbihfs+&`^DDZqCxN00eIa
z<E2^mE6**flpjuT^0s~4;LeK?=X&TEk2f`{|NJLmG+7SU!Q9!yK=n91&S2?&7faOl
zZwcA_1dN0)#4y(oZ1?V%i-y%A1ppoK*@Yvh^R`Ky4q=7XSMcw<)rhjNPgBJGV1Yze
zC`tLsD%G>n9jzaN5l3}FngQEB(@)NMymCYy*&U<9hhHMYm1C(Zra`O^awKRrlP^-{
z#NS$z(NR{xMn-&CTn49127ZW$0j28OX-6vQ^FmQBg@u;p&CraP9-u;U9ND7hqxSoX
zMD6I{k>bAFYGFo*VF#y$=?=Tj!Q`dKTt^B6J@e~IzAYfmK`w6y`IxxzIyC{Ae$$=B
zvy^;blR^~T7A^Je_<`2Jo#$RY!k;vR;RkkOr{#JiJJRZc(_}!Xu+|h3Wn}+B)5N=2
z)-<EFRfkgPH=^X~nq{CJ{j3%XI5^wUL#!AgT1@-Mz+|g=i%TOWjo0i8J;(7BLLU&l
zaL2J?*!ddL!05KNqvdPN2#uy)(Mo+sBajNn4XV;1yL>^YrEt@$b#A%%QAzCKj_&MP
zNm`9d_LqAi+C`6J;vPA;b9uk&OArVj$VJ&GC7wUZ<0C#3{I+~;{B7%TJfR>m?VBli
z@Qxfk-m1lM#!hV^6-NZ``_khN|AJD;0(sl6!KTr`m(-x9*pxhf`ICbV_a7pmj}q9;
z1j);14ckCM%AgDhtyeO0>Gyfa7N%}&aqXa=!d(6&iNZ%|rkJXe^Z>rUlg+EN<8om{
z0*Jeq&x7-4Umf{eNdAY``}@}dh%&D-hvqjOYXx3Jiq(Jv?Itt~lfBMZWgUNRdk&fu
zFazc(PQLC^Tz!~$YZ0urrhJ0}g!h$PLuM}7^z*M5vOW3<?!(R4MI3o~d?K7&iBt-N
z9;f$T?yR2sbz!`!%VyxPROTrQD{NcpMf#93J}`VaJUCz0&8?GObTPqbxbI|Gs5`Ng
za^Y{297>5EX=)GQQOft8($X;0@ebpR?eFOZDK`^VQ-9_(g8AgG@Jt5UdG_xzAg?L9
zpt%Zr|E>s4yR1H+fv*bIIeciQ&OlykY<~4HSqDkd-hB2v47bZgX^bDcH+f{k!22zz
zS>3z!b_q}@F@3M&rQ!wQaSrvc$cL}zJN@GO9wFDKosN?^3{TmKUs_gH5f@MH^>2u~
zI8r|pktFm6bBFcW>sK%tT~77!UcI`X&O&U+otk#<7^TeCDA`pJ^q4?&l#(1&@3`Y6
z-&;V4&x}p`N3l3(mJOw0n}=CX;*T_O`$ClLrNU1dmvjs%ro>f#vUW-$mNd>lx&V52
z=85mX;vX9{nOFauy1SbTq(vWYK`ixogI-@GyWe^TURFd5m9$P%HP~7f|4^&)aNzKo
zN~Nwd-;nX~zLuNDjna3p3A4CLl^*}rOY?Ps?L%f5-+3l0BgK@57vLaxLEW+p{B~35
z;EQTffAh<tp;*^5>$v={BAcF~K`YU55*QFqEN+{BwBw*k)vQgkNy6p%2*ZQbsgB1v
z?T{u4pf#vKCn?-;8Z~KgfD$(=oVmG2X9lTe4zeI4n|Y!d#Wt!K2>C3*>A-a}QP8wg
zoX{^F6*s%<e+!d+toWwJbH{k})`Zf;gF(&$V@jgol0Vggb)D0@7RSbV33IxvLi#bS
z%x%y+v)}`|+j`ORtKLp-XOUZKnGYZKcbQzHKLe`dlJCntG%&S#NV0@Ra?Q$V*6ycb
zsKt1{zPnv+5SAS8k81L+y5?{#()B9y$HIVR=Le0`Ds(m+Jr)^On+#AHwFeIe_$Ket
z>Y`$y?&T`s;o0%$MBHx;Ln!HUT~O>(Y+XWrgEo0VnL=A1w}kxmoMl7BfxZFyF*h%p
zCMo+)1o<A3*GfJ8QWDluOMA)x@oQ+fC*|AD()s$(Y5#fN;J_TvV)7B)jAmsowKAM!
zW61HlDmrOQGNQSOP#r&2dHdJ`eWN$ht&3xZ?{1KVK6h;u@nwN+DB+B!(4^cu?I()k
zr{cIflr=5g=6cfJX0*zsWQK-Ay63~67l+idcK5;AnD%<+MXi)1_ddUD0d2zoQ*sBc
zx$WD*p7panNla0Rbo0?Eg4HrSAuPN6?8Pr95POxQe6yz};ah;>+ssCp${Rvd;MsS+
z+dCU-{Gi$cznHhjtW-dJ<#u=j$9I5UeGP5`cj(_)ZoeX<Pmx>?))|CX-SMQ_QCYM`
z%^$S|jkYdjK(uJNej9aJjr4W_b-Qf%a)h{5e^4)m`)_h=t;d0ktSZzQUS1lQ^@r3c
zI3PU+a2|~1BpPT6HqrUR57rt1Gg=utnb=&6l}@x@vNTj%{V8o74@2Z80~9_dJVIy~
zPA0urCYe4M(`sj2m0a|vx-VbO6&M~1`R!s9YXhC^YM0<7AIUWpgQANKsiWOhgHOmx
zt*Eg@mU2=U*VB@1pF{fT*a^A90IPz!(TwXM918ETUO3C4c|Dg6vaLu;@NJADf`T&k
z#4L|Z=?P}WPEYvw)roa8=}AoyAx;btM0_Fe#dTQYb?BPAOa0HaV~ggYlt%AhL%vCd
zw0kXly7E(n-g?fZRPaJ0@y%aytd$V$*d)sGhf|0|ry6a$RkOF4$QR5WP+^G|Kb%z-
z)pJf<{gz4F)~*RpIeFK<;E1d*OCuqhozCi+vAO>47!T$%qoaXK049nc;S*~D4F=SR
zC%h#&;{qusi;^JgC<U*{>jqHqefgl*jYk(kt*iA{mz;H;$0|AU$n34Q^K)T4>fS=I
z*W}S6TCI(TYIR-UF`y=;^sMvYi<f=R0mI6<DinT`{w>QV4Hrl5(AUE9Ple<BV18Z2
zJnFhTwWC-(k5WfijH!lsH1A|iM+NnvQNZlO1g($8;<_j0p*PQeRjrYF$OLj2mn@gX
z*{xc!9&+dJ+&f4Z3IMEYyc?vG3*{}^lWtGFZ08Zo(?7cfqzs8Kvs{B--H89nEz+b}
z{vIn#09cLljPPj}&MQ%kHH3Co=pv`mpsdnmmG4vD)t&yqZ<|d;bi#b0O8AM}c*|^)
zKty_wtJ@d=#dPi-DPAkJ=MMr<eqDd*`TVy(PDt`^C!|=Wg1W_CP;NJM{_#bi`14mI
z(@VZv%8$*s2-^a!d7>EXn^ivjwzj(ag13nov*?#mz&J26n=chaHfEz%HQ}mtGNFvO
z<a~N>26SpzMA1dRJOe+kxQbzz-WL8|ma}3St42LfCk#QoAnq@>=T0n?3>y@OSnfa!
zvjSEw0o3Bbh>FU#se$#eDNWkS-~Ngx%6ibSnIdL&Dmo4*;{OF|xYEeL!MwfJtNmln
zOK5&qe5o^mZki_8k=jZ40peg)uF@1T3QGklLdTtvq4P&-$&JvR^IT;(!cVUXCuh5y
zc^xXVvvl_{q;iB59S4V7yDD?|$*+9iGJ;;LF%<QbOQ>17ZO{S|thxIK;rl*JB6Ilz
zQlruirlfJ2C$Z_Y+eSRoGe;pjPNvC7ZZ%tio=~9G(ldtITXl~@sdIu1M0At4RcBm2
zZb`GVpBC4tvdvmfbYdXxRo({{mfhkInve?66_v^=Zl~h6c0^-wsM38pE~qXi=~uhs
z{=m=3MmgNdhxpPYiz@!W`E1^tjwuEELOY9A3Gb=XwnfXpr@PyPdt(+yAN)&Mr~54j
z)0zSY)DBZrEREhhH!=jp5BLY$y&rGRutVZtIKAK|E+HC9tX~*|aM@k60BNl-jjVt_
zgm|Ls+VOnwvSAFOoTTcO9enN=?>M>i2wypyAs(<*vwzH71r2rZI&xoDeSK|ndI;9f
z9TfiJ<g7hT>qi;5)1x|w%`AtSedR;~njXA*2juKt!geJKkcNJ~qz1HleY?Z|W~BP0
zkYNy_))DMeAygBBmU8zj0CW5TN~Hr|o1X@gQ36w0PdS>FmiRY7t;N|yqc>+PliPC?
zy)dsT#?TOZ@3?F2L66CktBysyXI<-ELaK9KS7LUfJ7&+AADiO?wNq;6&OX|8l%$Ry
zxIx@s+k()L#2tTet1DzJN+QXo!#t6#BCJN-9@fR@(7yj=>5mRcDhi78>8Dq;yNcy4
zH`X`*0*S8mf4ojm@vTK3q^2-Ee_ftZ*qC)iX~NlLT`lLX9I+sfx!339(~inYJ+Hl&
zScfY>ZBIUi43GTqWdlmErgNmx24xbJCIaRs6F0A}bC{E{GovMF2cIWkVs%b^>Rn`M
zBW7VDo0OlOC%b-4=iuCT8><{fp9W8N+@F2`6Oyk^Q#~MTMKjALB^^v|Cq*DsJQ9<U
z@-_p#)l_jvj*hbhmz^P#YtfL{YhvC6H`z<U*-{FbfW&{cQPR*~r82GwU;InF4p`|v
zRva^lD1jKqpHtY9JeDmLc?qqa7Q>_Id`IEoZ^_+v)%t(r*wM<USf6F;UlIM&Ix;am
zs(52`8C1}C7z|FBK~rFQ`g?K`=IPtLf9N?6&#Wi9XU)eS=b+a(YHTZk$&;(~q&cqD
zkIxHqF~5bD*lb$F{<?KAskweyOKbaB114^`TbXk9lTN!n;~D-)n;to{9QfR5a3STa
zLVs(_H0>a-aeg96W2nyO9v^Gxar(@3iznPJTssjN8+<<}aPP~w&yM!#g)>U}<@Io*
zS#|a~FdN<*zExhWp1?JGF@qf1WwrExK<(quV@S|_2R)9lgFR;6F1k8HSAtS7B^+Mb
zG-T7K7~kcpj%JFx_d-1?DgO4(lr6wxj6S7byY-xkXHxDICW(-Q&BRV7W<6a$vM?|0
zL8dTbNci>UlYSwq{key|;Z?_$>-S7B0@0A(1nv4P4veo6M)vCK{8!A}ngu05!fs8G
zBUwoMeE89#Rw1?|$p?IB%MRr7_GQ?!t#Xo3HDY&|2_%YCO`hLoRQza96&G7MDqC5;
z<t6oEKy-(_>y;78p3w7gVim$sSp7_{u@cqn(fK4?F$&-e7K-|1AW!vk_Jdr5lKD6*
zD;?$>s13~C9x_-2R#m_cL1>S`LHJJ=Y45S;28$cOGn@QwLRRNOC|pB-J;ZW+nYlps
zO2>Oc6m}{Glf*vtwCnz@I?r_QODtL%<~51RNVnlno)lgmcruzH9L$Jmn-o=81qr<h
zwy-rc`B5P-D#uZ-0vQqL+lal^66B$D?q?ODYG6-VgXFi(5au4z!}CLX*P}}#=Cdr4
z`@hh_dcztSIEk~JHq-N=(6-r)te-As{Ry+XIgO@qRcgHHn3F3!;}9fubn@@nGO3HQ
z<VJu$oVr9NJEiSsnW>uNWTI89o^TE_lz1bT1y<xEK)nyQ`p+AMe7aF9<<Wm=a`7;p
z*!Ja95}by&ci=NwS8=JyC{6wK7^WY+0=Rfi9Tk;Stkl}_2uV-9bx-RL;5PrtSepCS
zpK5`|$ro3t;1sR0!_<fQ*Jf=-rsZxwHrFxg>kv>&y2Y$46~y|iR`ZVUnRi+D$FKl<
zle-lTU3a@WE<X|fk`$W3M4Hb!J64F@>{aOd5s@9rGFule!K18)o{<_l3o@KKcS7-9
zqlK!j4Yl-;nzNOFQmf{Zf(;q(;M<{*6JEEL)YF^|S4ZNzcU7P~v#$n!fp7)yZH$i&
zt|+-WUWzLEuw$B%h-vv<7G?1)#04p`9Q#vo+YXKY^-l9iUwYLvAzL3?bu)-}X8F<p
z8ND<C1U>W1tRUt>+i$rx4ugd3{blqTZ_;&ayzz7XSZ)0_Yi8c4V%5olubQZEyRb53
zgL%_v8f5E8UTm@Qy25LZwhq)lr+At}&ZTQOC^_X};ADsZ{Iiutlyj_>;O)S}k1I7r
zdLqGauap{a@|Sx;Af-|Z(q@)6WJRfYFUO5v{T+3$KK9<@yq7cSP>(i8X=7}hy3gCq
zx=wpOa2;{ju*U;Ql{ReXe2jai;ugrD)LbZaytC43%E6|&)+zS7$g!EEUetCNxXuhE
z|MY@<Jq9R-_daCv`TU8FLdpN^B-MJ}=Z?{s+hK3DpB77yL&P#Q>z2$q$Ib0$&eA9d
zp-Hks6SOIA+^*iS=x{Kp!k56*Y~5kB{(hsIh0uw+V(q;idBlno!qp`ApYxXfwfQ6<
z^YHk(XmQJ2EFVN8o0VIo9T>ZpzY=A`IDNM#aSoN&t>R(jDo>C(sjy<T;3Ek2ntjv3
z^>dlEJ}*fV4A@fV?TBH*SC!+5UuZ!u2Pp3HJGLprFbSGeA4Uy=1zLg{_Bn$HdIvo<
z{rxh<4_lKbD$p^@;KV?u8h%G|iHaaVfXt?rrvp?2>(kaa5A9d`p^o-|N7)fGFO$jk
ztfCrcmPT>fBQKRtjN~o95<?20Xo;W%On_8p0*ipU_o0+Qj?UHCpjU>UPOtk-saMeR
z%Fm_SkQ9=noH(p9pIHZzjt)Fte6`@UT2krac(xDHVedbiWSXz<*0y>>j$F@TLasAc
zcY^W4q?FkHNVnJlDHZ$~C0SY$peSuQ6QqJ8k{GFWJ2i6jLB=d#pTgzXhsr7>K}dnT
zQn|Q!)R5n{LE5g%(u#6bzw_WCp&9#=bZL*6judh{7>voV@)=EFk?)bZI{kODB3c+E
zeM}@x!Z?VXnw?eaNre8A#lV8d(HnDulP6Zn!{<H_6wJ5BZMm=3>Y#^)od{*?-XUEI
z2;$#I*Q*Sm0{(zX#!7YR)8EM3TO10jw_O5d7_9<jutQ?4>kj-11DV;EtlIp3sJ)in
zByBy~e9ab$v0pzLNT?kh;NtBdou_WK9>4gcito%5nzvCO@HyhzKSt0V$W=KEAxMEZ
z<BzCECG#Icuo=6*yQ;*RwN_b*+svIZ#I>(>f(($m$NCWl9+Cr)jBx3pP0xZ)oupi^
z@5jtyU(6(DrrrasBhF<*HAVEahK2(=kNEQN+pj;k$$h;Wdw3h9Ch&)guM(-`&_wzd
z!K(XA(?|dv+VYIEHlc(AXeGL>oA(aBx4HUs@+i7-M2kYjnN>jEj8VYBVrI>tS>b|-
zPt0a(I8NR1UhtJgEjlihxjL$XJ;exA?pLi{0BGyH8Av*~nPVC^Aqugw?6lzs$njvo
z@t2w-<y=T<x^3H|Fz!Vu2<y1D+2PrIwud0HN!2Ql(<00DM~Y&Fi4!7Fii2Eki~Nwt
z#{EeHaVJgar~fcRtW))OEr;|~W&ckau?AcS+Dnz^MuhYF{v!#L8@eg`_EG4dRMdl=
z&d2xx#Z^u3POfHUZ*|kr3l}6f7xS+Uq!vaby-upev2@~i={I=;C@k+AzQF<%qoCZ-
z5EDp;K?JcnUbKyqJ2~W}aWS#UX62ztagLuDb4LBuvHwU+Q&%6gDL40{SV=#J@7;Do
z7#3UX<)rx8fRjdnFMc`3rhQ6m*??Z;UB%<c8a?$Eo>HSBf=fIHP`0)>ivvzk<Pgqt
z4|?0Vs#vL$hBI@5moX(KDgM$`f6CZ0w8Z(8&Mo)n!GkSKT#R~P@^t+iot~Tiujf*0
zRlmMle)yf}6Z;8hrDz2_)Vvl8mH`AbW2_Lbt@gixSapxwi_kdoW7kBEfPqrz1HTgy
zZgj`?{2Xw;m^<k<eHO&69o0`~=dz?p7HgHNVkCd8!(qCCko8-QAH`(vd7IoJCOCre
z7cVv39Z+Kf(|tbC0Q)~=4ymhn3m_=<SUUyD$b=+;qcY7kxF-kj9qzH{EYsNLu)&|V
zVvGI)(UF4-LS|{PS0<YdO-MhAQGZ7^wKKT5)vx-lO02gfoD|jA5+udE!Vyq*erh5%
z)oIY<VzAbsZxrxJHK4ZmOJ?#JH2qF;lp)Aq&iCj|&Z5@p(_{5yIzkKwV{pdE{KCrO
zm;)ybPzq<`$!#0sgkl0qLdL801^q&YJ>1*_NY;3V$$&I$meClolp_8#i=dPOWl%x<
ziu?IC)9ZuA=Vq~$CMzM**nZv6dhFq@&uKy9#j?U#Tl|un0?jJ<bZ0_u7+#A4v}y9H
zbe64x30;#RQo3|~QgTy{u7lgSNaI`?S#-jBd-o$pg%0cHwE7?o7v+a^ii~N!fv+w-
zDlM_3Z%UB39(bc3wVh7qD|n!+OdNAWya`h1ajGD%8~wBL#%z6V8dBC&aNCJO#u*0D
z8X~f%pJGV9^J3e2vc<7<h@3jbwliquppKQOqapch#%Ri5aEs+O(y7q__c(38``P5Z
zZ`8K1rVd?qDYtP+?>p)c?!{Z6W2h`|t|Xl;NcO5%?NK}&30m?F$a>mhkUYxBE1bNW
zbW&8^ZzJ$fS4^$-qN~^D>5soQr)nB#UDZb=&&7krOkTC6WE?>++CRwY4eyW<FnMCI
zrch9aeGSa_t4b5m)89{7pS8{4QLcQVkU_i~vm57>Ev^V~iSLbZ4icKHe&Oet35ddg
zJma<2mW}HX%Hi|C6L)E>C{Ms_K!CF(vkXAxU$hUqk$W*sPx4CI1+tb1V=NgD%9@M}
zPDg6>BH|G*XvxS*7t*PKfYXZuo+|$m%XtFyy2O<ZXG>2%3sBne`}gzpKu4v;{r@iE
z`TqT1|6Kq?R`&Yenwl`C8TL0)?3KON5g>DFK>Dfgh5GiqWANN0d-#s|zdrUP<Zrc*
zg~6}lRvS^5DuE{Ny6-H2a6w#z<C%L4(QjRiycu9n|7$H!U;L*w)1N<HzkWe`AxzLT
z?8uf~dMF>-zMmoeFP*RddeeKxn-~5lkNk68{`8+BCBXkKKL6jQC|+Rue{jA3`1t$x
zFaP%;gn#|@fBDV-@uok&{tv%a|NjD$pVFO;XSm1I%4a0%{uX|bJ>@ZOso7+aaQ_LY
zTgvwQXau%(=!1hK85un*0DZ}XU>@YA`ME(is774c6sUXCt7J<4f4xk_<d1AGNwoyX
zBkhOdp38q@U!6+rk-vpo|8WCk{ioa52X<9578cHmz=y6Co2MZZ|J!!==~TbpQfY;A
zsEXTTE{y#V`MF4^+x~g;73(ucKo#!3#iAi#&THR9ng5tGT7rx$_adP2^&hKB^8dr#
z_@5a`9qmo-)7aUZ7kLlziWu+u40w(i{rf69eyidG>u1+Z=GR33)>btZFz=2^bw2#w
zRdfT`vO86)z;UKB9=kx+chUk7sqg=9?-6h${^N50$A<MkyOis>b3b1ZZ3-MG@3A@P
zp0g2IHXW${Y{Wm7BK?K&4E>HauZQ5H?F5<NAiLL{+0uZw`RBTCb@{c+yIW}FV0YBr
z)$vlT1Ju-Y@S}ge1fUTI{@>m@c<pgMyg&!cty5cPIhfsb6JTEcweAbIdJ4)Ny>w2Y
zQ@J}pJ;pgHUv2E_8Z;*D{}ky-l)Iu$_Kl9)xFl}8)I{rG^+r=T8C9$MYJ#C?xr)A0
zuNoJ<+D^KtWgm7_asC=>+)S&-w0t#{8ODomosInlx8ZYBl4H>!!{NuoO2d#nfHC;j
zx<3Xd(V$3-C=xr0#7oWhW*}&7D*s{`wYF^caG7eFCcHz1tJRfFt|(aANImnJoeU)N
zYW~z5LV0O<w8eCKIonyYN!5-(cRtx+Q~lWVAnKWGFf}>FfCDi3I#z}+i86z!*FhOW
z9F-yUm1-5QVk)OC5$T;n2UmDp=AOX|ephO?y1yhJ$k3~^?0=BLZ<5fZ5Yw05`M{D8
zljV*-up%HLcH8qqfqp*J`C#*>PnXl63*gCm8?$uO^0v#`WUvWitNU6a0RvTdE+5r5
zV)Eu-rya9xLl!@6G{e~}Rw3ZFzrV)hcCdoLtH!e&p1?YLr4z=cifx9{E!GfzF;UV1
zFRVw-bw{$KY&s>0c>ih#LF&0=Y4+a~B^n)~rpme{@2LOf@`3xduvQC3Tl?W^vyaT|
z6t0Zl{Az^azg=rx=tu(R2Y~E8((>x6&fz=7t#Fa^R@2Fp)+b?~5kek4dhnLtl}Gw>
zh)OLZ&Mzc=WR<CT5280cDY!57cusJXSo5|jZLZGjj>;Hk^iD0)VF#{tm=QU!V3S=J
zF1ax;X`I7~%ZWFgS0KnRAIED~=znJ!luNPM%}ld44xA;B7@cGw<1Mkh>FYSJ`JwDv
zulIgQVA_m_T^u;OOi!E7+77w!;4w+zfWe;Y22WgKW>Cv4;4dpPs9_T)!wf5f;}i?%
zMoYHm`8n?Ft-<NobK$_iEZBU`U{E}%0~>73?6);lSU*{HI)wv->F2KzCPp8^_dU}`
zHakuSo(Rvherb!DJHeo>Q^kdg0_{wTv4`-^@Co_qoO+wl{xo45$g`0g8JCN>r@w+m
z*S(m~1`=TYP1iu<7T52p$MDs`{_L^vFfr-Pr`gqGZ#VdwS5i2mU4ZV9ZKpEtt6%Mt
z0PZb5ydbDU@-`E#<(ytIuR)z+?bnxuTH)UAKFuRVOZfr}y0}b%(cZ$Slp%+)HkRtf
z8%Y1B{%0))oeHrm_2Cz(YHP!XgMv>zGaE-GV^$e;(liST-hRL6{)DsV6T*d)K5){=
zbLZvBKYWAh7~H;u87yN@@^X4}0TEtqa6#u%3A<@v_hklD<^26C6f+O31`}&@)Oa{K
zUzz%O6`VC~`+ya{vK-Ix2|OcZ((=&0qgLAb_929m_Rbw$O)6%|hom68md9qb@F3(Z
zS4U(+1UWoV(){ZedO|$$3;X-ipUXrJAbmd=tnO5*OcxD=jUt_<SIy+l`QqcHcGzP4
z#-3Q7pW#<m`XNFGGWjb|OxKRhOMe;H&i1|P^@nDzHJOrL%E06|AIqammmM3e^-Q12
z%gsLXpi=GHucfaxl~Q)5{jjS^B=H|C35u6W7_z0^S4tXldX*;YBBo_i3N2E0kIdeE
z{8oM5X|7rO{7N+@UnJmo7mVRDqN0qQo9!sK986XdbDDchEqzu}dT;A+ccZyLtCuQ4
z)InD(%VQ5K(6>7awp^fz?biyqnl8H>)2FyOS+0?=uU#&Md2+#gR;-OlfD+t|hTZ<m
zTlsz~+9Q3yU~$ZBWGnAno8+NON#uQ(b#^u=1TG12Zq`KB{;HKXqPZ{a`AF9~P<XW3
z{-c$0N<vkZl;QM);_c>`@@|!&<Syi?Zrf}F9=|r6p1$7fJk2&AE+EAAhHG8O*e(>#
zYY<BoFou;+QQs*HXsxSTAcPjBSGUpg<enNHeOVb6fc;0%X(=sKpws5bwU%vkKqLwk
zstm$5Y}59D2iA@T%7ucz`*1dtHlzcS6<D4ScN^^2az9)$&U;NMqn;zE6$X1cq^eM?
z*X}Dw1M1M^GZIOOi~CsTMDWJXgDqAX<4N%xD#6LX(MVtC)hl~MjoWlO%@X;9N4pGe
zmqD8QLONJob)F)su4;=0lqKy4o!KeLE^7I-daO6ibtYs!b^B2vZW27QiXzLsY76z=
zeRzol;}RR6$#0Y<RH&w}6OzMF5<S&19i*$O=yg()V$7yTc}3$qAkqNU2J-CK0B<(k
zJE&eS^eCn}N~MB;NYA}rN?erIDbtR($x*KmE3Zc2%Gq8~E(J;8c!jC$y9actA``l!
z=u*6$Fhay#dqf2r9=k3~gjV{&;Cpt~MbowznC+Nlr!)G&O9~YUne-Oaf@{7JW2$SZ
zu199`0$A@vdlSS`>l|`+zV5D7*l0W{r1|xQ8^M5#Ud|kS#;jXcz$D>6ZY<->nPxs2
zmBjrY!i=sSJV5N6^>MNqgm69evr|-=%e_C=;kwwqS=9Wo`RQ{HF7=|haR*oc-gwyc
z8c*f&9MKlexhWkewP^traMdZ-j+b(F;g;}NdlF1)4G1lb#1B>vS`N+|solq(wPM}T
zm6WRQHCY`{Rgj5^pO*WOOF2)}wjAzjmV4P>fzz9fCOAzuWo!=P*NjSa%8L>yZU|RL
z#KxxN+!09H*dQL!zG(A7^AswFrjgB>Ij~!<mLZOWAE+^iCtRi6%Gk>SRWFVxurl6v
zI5*_Y5OYe#1Yb}2c!ff7I9>E16qoL3P(Sb`t$w?fS;TX)-A|bNZAaDH?;owx4g;?m
zV5`iPvyMhgpew`83WI=N{7&uJa;8t=g<rvxes79Yv#gOh>j&slUe`fBz^*ZBd%sFG
zFs8R}-+qUT)%_gkcS3^1ll;0a`vqS&v+Yz~>CTg1X|h%uLW^WdZlry;4%}!%;_`?i
z#{(JSv9#RA`akaSxp$=S8yz`L4j+x%7oDD+QZhd5@gFr8=(PP<*%lLQ*#2UU6`Mz|
zu!)Ukoab2`OcEY+Jy_wUIrAzee9#?LYw>;a<1W9@U{GPh0~Z8O(ki@gu+9#9N5W_B
zSR&WfwnV$+^~hrf<!Uc=EvH#n*W;*8)!cet!3Y_TS7I)cJa;RtaE1PjWosP`^qaHL
z<0*Lvd~-ttYqTCV=H>=6Ti0&ae`7aZ1DibWJUfE^{K-_8qqOxi0#fvGfe&A~nJvjj
zn28Zx7qShV;0t!C55KyrjLe5G=gxOg4^$#+JA5#pQnSt~&)r|@&Mtl#ULd=NNxTv~
z7acq{Pp7DMFbPyUQ;HrAB$t_zJcGNn;nZ9XTV}kY-j4IS?yDn7j)C?qZO&PS@P2<7
zf|+l%sVKS-h)<d=u54OrVr*<~VEf#5pK8KN71C#5(qp~AepMM>sCCWG%}C23TRnp!
zPMv|tWxgr8!O5ezp=Lzbze2lGQ)whqg10vYER(Y#p~uVRv-L~Y*~QH$68p8`U`0OA
zKTXzcC{G_7G=lq`8zjwbIUM3_LkWkDMK(+C?ph-ieuQ4ul5SQ*OAYz@W8YJujy<Xq
z(6IsdkE{F+e$(@aSB8dz71I^gIQs`kOR8>`BS~p#uGzV-t&M@Z3CT#I;)d+Z!SX!t
ztRB>7=b@9~EL##!qBtR=N_>`up=ln*4rk$gbIBoiD=?TEovHg>Qa~Zy0uh)#V!o?v
zh;EXHLMwJA1{!lV-3r##W~n=V2Ws(tY=V|IT1*oJ)$O-X<qk1poez+Mu)v7kDlAj+
zdbG(KXk}naXd|mW8XjaO&3Tx)fStMft-Y-?h0r>Ja^;%s@gLd%Z-^b)bh@rPOwJw$
zSI$*n7BO{Fv7+nv?$()bYSyG9q+r2%R7;DmaPa2hTyJ*mpQ#T2S}hV*!|6MbLeV@n
zBgRGGBh~iJ)8(-0_x_`^vnweaQL1qwuQ^nbpDb^QIBOd^IgV$za5)$Tjx^5?d=C*U
zk|FWo)#{hj4doilyG}VLyw1=3Xx@((oy~3@!ZIcK7Ty+%Gm1NjscnGa_8Gl9WRS4$
z3}TLN0iS+P%4^G0iyIKe$dd9&oK6=_ayEgc$`(?QPSKM}>ATd4S6S~0m~MID8<k7z
zKbGv?;4^A?Ld<TESdM^nJ{c|p!)sE-Ix!WmCCz{Qw8WNUMAt&7tw`sW)-Yu{<*Dy0
zpxj!W2|2-d#N`hnLs;2rf|`yl<#|a5;i#W$nJYEOC-|&&rh<!723e{#sPj@6QMOr<
zU9O(}l)GHFQjn;ab`_3m+1InRy+y->+zD7%kOSMgx3Lc6y|V+v>>?{nQapp(f7?E-
z0Ha3WC&;S_d|)xu=`Ytq=~-wxS;kd4(I-Xb%~+)5*f-zMgVhxnxJ?C6xgJ7m<u7~g
zjDNqZA^NNwZ5k3Q;l3tfz6k2@S6+M`x~<1m_@NPK9!?vmZzI_ZC-}CO=@!<}>#Zxy
z%NLhoOUK|vKSdMEx@I>$sAVRmAJ=Ecio7WAO?EcQx=Z=RK5mq;GPxYHZp_-oBxxpE
zrUxN_XLdZ=BUcAi06~WMcQ55vKQ_jQmXuXHz2nOmDPDh8^l(TrTzVXuVsNyL6dSXG
zz0D#y*H%$8_#$xIPHA2+QL>74<564zo3TlAw#bXX=EmTS^S9Z}EK`WR27dYdcipP@
zkbomcaqnz-4d+-ddBOY*(bb-%PlQdfWOnTJjl$8`>_cgmEsxI9_R2GQF3~objV6Sh
z1n+Aw#Xtti(P38ary<8~?+erjbNlWkJquIm&4yFZ$@??`>8e9%Pty3nMCGod9rLKk
z5NJ0_W{^d*CKr%dH1Q@9cAZUzYKw@HGHvsAZ*ed%G-H|kU-k|Bw4@RbAj1JUmg<Ss
z)?LU&io7ic85XIYFAha+A#JYbA5mmQVY3Z9Meqe3-R8IPSGnb*Xa$Lem3y%=fd0j}
zE229pf=*^^YbZ_FI_TNv8PQ@iKP<-Ga@6^B)^5)oADP7IYXG1@KYU>x=ljxNv}@qG
z{qOhNN6b>H!E^0?CQ0nlc7+<1rklf+&0->phJ^@=y8)z-&EtX#6F5e(^z&za2fl&T
zqn#)4PuikGQ$@He&QE2FtTe`%*h&;};aKL}Q)gzJ$G38~rR%VqQ;i`_`IB-AWbK#;
z5w;njy=0J`X|7TU@|}}3)%w~Sp&N6^72qRncTdovsp0@v;bOV1uxz#6n=_Cy21{;f
zc}i0;K9I|xoFy4p<fm>X>~Yj=jTiAP`K}UdyQ*0^Q(`{qvc~^p?9}(nMrg5qbhvim
zriTBGcUx`^=F6OEhuzx3F}e%d4A+rwv%+jib8RLd2J!FDNO__=tar{I-sOL&ILv@h
zv(n<qg27^8IlAslGUf^N>-laut;t5k=$oIw@Vz`;1aW07A_iyPnX*eQnay7;&Tw(2
zebohxTOI~S<6Se)oU^J04A#{sF?dGVaXjjEO&H#LH&VH7NQMtT`H5jLMId9PJ%9a9
zC9({=(3+jOJYHsC5_wm^IyPQ0mb#Manag)->r9FHAz?zu9Ie~dxE;+W6gFOp@*cYF
zmsee&!j?E)BDcwaq08`)s6UW_uXJf_<Llc_o2guo1+}!?nfG2JE#8y|ST`S;jk@Vp
z8#q+S8_w!Ad)#lJaQG~`vq2=RehwV_$Yo+(8COn-lCZAmZN|cc2g^SUP^?14E(ABO
zAxvCdYf4!df$S`X>;JUnWl?_6+^4q~+sT>s9P#tV&|P`|j$@xmG@{h$;@D|B3)hIn
zT7AD(#pq*&p?zRl*T0ugI3S;JdaUbL<04b4TUj>GrX3g!)9wB3=EaZ}5k@8YqF6oq
z88_f_g^1#10!6B#Y|4~xbgH!bFF(P#Fz?#!32XGPQ94)=<{2T<$;3MSbTK=}PPh!=
zXh+ywk8*~NpUD>?S~;|Slh?Wak}GU`u47u;5|OJ>s#&<57a>w`x?`*mr*izp=C9*w
zpdxYhDdMO+0Uqhe@OBJkH__KI;E1zFsP?JO3qJsKTSbVr3tP1cgn_vAoPGSSqC#N?
z%2#wvF>I9D-AspbnJ{r6F-e$D`t>BW8CMefU4uGN$SMINt``zU9ei$;W(S(%7CWl3
z`)Fj>_yZ7+)S_aJ6b&x#AbjN*sERA0lh(@r-o}%}n-+LHO2=!m%tP73hhG(^NkG}r
zQF>k8nzhR%6mxW@@{Ej>#gv(58FFU&|B?(pYp^UO&*TZr;X}3tb(bO5Fp`Z9=@zem
zc}#<!RB`u^tME;UO?Q`xmdQgjY?1FK`0OXS!O8M%l<&x~p#!telv$H1eYM<=OV_9d
z5(+!p*4`YqCY2-mVwk0d{k|F^1~?Tn(iax)d(5GB>YRx^4+kr-EKb*^<>hHc-2kU7
z`r(&+ZEZgi5|cmNk8Z8hjb1T-Hw(hv{WKWUmt~zM8c?}xrxz007Q>^f$RPRnO?%5q
z?TA9J22)B`xR$f7Ns38xY*-eK>9{wC*F@adR*!`AD*j;PG%{cM28hID9Ukla21kU0
zhs%%6T9w~b9wTZB*4qnTtiMDh!Pj=YBme;7^_}_#go&n&s*$HooqasNY#ouRr=i26
zC-QwB!lltq9Tg-rJ**V#G<)os1LVl<C=2Agl{lfxXR$xoM1C@Ruxe40@;Q3%Iy$|$
zH^QS$GUrB+K49kmHdlZokeJ!Kpj~(Yo)Xrvq<0-59Z<Gx*|b;6Lwozd<c@v5q0|1W
z;w1HTzLSy597$L4)}#2Io1Ie)&nvFF!g(B!j+~15ni(;=x}IU}0cnT$yPOSc1#&YQ
zGFTRn*C{bpMs-z*G8Iv}V;lBo#!Jjv9A9q?GeoC+tP>wdNolvCe90EZGDYk0DlgBe
z^64bZiIGMT6matSg~9Z;A$*~@8MhH&+~(UKw2CNXYw=iz=-GL(2pG1$M#UCm?=q?3
z)`uYq?vrf3W(|06%D;NLyEDqNvKzK)#5SwG>$-ezW)F|$WUN|js!8A&-iyv?@|B)@
z;Io?`j10;UcsfDXHnz+a@cW&?9`QNNQ(OVI#FO=RU>8IecIbWPAPbC9^gCD)8%_i(
z*Yx~$+Erf<L^thN`<@5jE0-nuf_eaS*%rLvXU1E+)%s1T7yz7p2P0q$wG#bJiNQ&x
z^C}Z4q>_u-=GeIxR{cF-osv@h)YR|-BBL+sjkSsGs_L<FGLV7@VjIDuFzwNhHqyp<
z9$^t#8RNC6PC_npI1hTPGZ8Ywc7PFI_C3GJs@Gw8m{!tz_M2tHaDqzLMw<q+RM3wv
zm_a)S*56yzyPhmD%refWSxE^9M7o|2!$qWPl{&jSil1ipuz*e5gg+~%rY7O&*Nbz0
zXfshRWwXR<=gsb*X^SEoO)8S-*L25BLmnZ91)#$Iz3zMT{dGYbH{6U(`1Cq3P1354
z7qF9so?NxdQu101UwJk-DhgrLW{(6q&LVFHy6M;T2G9E%i8*?Tcm%T##Ir*!YmFql
zsXzO{%Y4-tetC%HV+Oyn1}B6F#<<3XeQux+a^h)MyrqCpq&zl>eo`G414{=DifnG9
z_tDkj*7YRH3f!`R`Qc>oRmBWlpH#1)!wo?^f52}#@uYd6pxZyEz&bSp6=%4PZDPR*
zn#1oFC9L8+@i~M2Kio|Xr2La<kK78`<SF~Jq=M%h7F2oD&(F|8V?$6~VVuH<v4k2z
zow7DdGV7UZ@yO4d_>&f2>>R@<kK$?5@*}E%r8j<yt;HtOyp>4-8d)*I)Y8Rv3kWlY
zL&V#{Y~cn9>kmfG@mx6@IhL&O@Le<I<1tD`@wB%^VI?^XCoMBzAH7nO`Y;1djkcJ~
z??`JkMy`x1Q08C-n!6C2#6`(t|Mt!L^khJ1_E_XyUh5w%(DqN!(sq4%^3`q6Y(_YA
z^Szqwu=7Gb=f`#4S@}FJ&L&0ee#7nFTN5K_p-s2yOr3IK9-F#JxZ!WC^5`{nJqOd-
zP08^A*w)4^jM_T-AQQB6eR%EIeR%|-e`Iv9DvmAE(ZWsqdxL>r(u~5$b9s*c+A?xE
zL$Rc9?1(EUHJ0fJ1)g}4K3uA@|7tk7{R-8pb!`*gnolmtz2j{=ufA(PHg&ecFXUeQ
z_~iUrns~5WUHDbO#su^G&*kOS?r~P~o55BnRwT+tPBrUZkfXqMt5PnezULAStX|su
zI?XfgQO_m_7qk%LcTLtr9gyjE_K+pq79t7o_ZbUuS7ExwA<A|1(P50DvOx3J`}MCm
z$$fXViU;?XKZsu1soYwhtY1%1ov%+=9<F%3m>7bv%ga-sbSipLeqet^d(|}U4e!UJ
z;1xESsiAa^^6g3JsP@EoICyLc)g^=M1m3$_e)@|zsFX36BSA2tK@K}thPYb|rv6oW
zRgZOhRx6T@&%RTLyB_qc2z~x*VNnJ&qBpmJ7Og2+-=|m|OgDd7iLJ=)qGFZc32)a<
z#d)fHI7<+=nHm}N2O+W9%~o!p8I+N-C(D4*VD7Txbki(LdJx>h6xdx+jop<+3yl$;
z&E4LQZBv6m_&QcO?|*Db+@e(pSsDE8<^;7&GI)14`5}Nh$DmLj(NU|Tfnvaq`h@B>
z_!o)w2Ia$FCtQ6jYFj$|rrH3Tvbhy-j5&6V{62X2y3Ue(4DoF@p1nVVRwG)By6VCM
zog!7cF<hbJWF6=Gvb_92!qKEWjopH7NHfC>oFa4TW^<ViH2E3fP^)PEu8E7An_JP>
zY+V^d(Mh9Oas9hh9)gbRREu8}iYH&#dPGpInLu$JoUis9Ek;Q}mC(*YKp!tgC8(P5
zX8!oDr_;lmr<Plc3}_BJz)q=kNo62WHAh*^%};d18^5l#kV91KafaqvtY~pZp=zjU
z1O9NdSXHG?U{n5Bz{fD~uzXW^HH5mizoFVj<!2iur)<gM7-4sZAE>0(nWZU~(}LAe
z#JoIR%F?S3?2lQ{?Y?r#v;xjZr*4YXVL!EUK?2PWkl&Ja+3+FZE5c<xn0437Ad`9&
zx295B^W+ah^#U_5pitpq=dUvAhbu@56>Z2&f6f+jzXhxB+GaSoTk$nhwA_S>=^uMz
zX;07pzN{zcFd{(82gdtp>t@c@lR*A@qgMMQCdn1sI>Qi!o#{ENQ|Z-yh(eu>1{gPb
z_+%lXw@|k-y(oCP$?2dvPav%dzIb|ufHx>vl)i>#ZpwJ9ec|1s|BNU{rGBf1$LXY~
zGpltLN7C^sMl&E(NdSig=|~}8I`aE=*+n#$4(1vkAh{?k;dfB5(wA)_>Fp>0)NGs0
zvNCl;qno;-S1YaH;Zrb+@Cu{O?}y7<zqV2tPLLEOtAi4NO0Sn;sP?f}<@iRWy<PHS
z1J##iPC=$2dFL%a(nbEsL3HU1e=sc%8Gvv#OUxa1Wa&7I+NKDYf$Et>8|W3uBsfk@
zzst#S+WJb4kk)z{8LX-RKbop5-&pz^mycFLrBsQVH2saha)Og0ax?^!0=@i!qV$t$
z)VB`Z3%VT2wBoae1$o;Ry|EdQ4GjK#rWGaRKX&IjdV^jLWMYf+5bdBcU;8-ylu19x
zM-L`SeE1#icVQ;vCb54on%p_Fly~|sOMfMdAMVxs@{C09@GV#wB{aM?mPO@en(45W
zPuNdfOJ9z_1dBh;q%9SgY5$KsOzXy-c4BYR%jyWgp3Trb_X^YSni!VNury<=9r+aJ
zzB<5R0`*L8^Rk~Fm9({8&$|XzQB;%z_ca!OP@WZI`0?8nxh*lTtg8BDb8B9*Jwp`3
zK&!@^^$LxwR3#hF;wRC>9*e8(l?VR*eK1{TRV4El!>)0weIt3r>S&G`OLNiY&i}#O
zc>p!Jwr^gKilQP%5s`?13W!wc9TXI$_ZFH+2LUMo352L9D2ntJnh1oJfYJ#iDo5!Z
zLJgpl2mwM%D531b+5h>z^Zm>2&hG5aX2y|mB1zu7@AE$Qb^osGu4iE4;Lg>OD`fU0
z;&f&^Q@w!p;xhX2HlhzND4>b%*n~FFmB&zd6CLGJIsKF$4YPr^<-G+AL`mZuW~QH5
z>q~YjZ;I{~9dYBeV)7u4yw6~ixC#r8;t<RF18i^yKmE{ce1m`!uOqmEZ$+@eIPwaB
zQ2E{XQNM>lJ(QK@!FtYZZ>CdZIlk|nP!%nL5J46#!=7#mW>hWU>-wUfRAO30leTRj
zssl5MKI{2Pk}(X9N+g4c5}(|N*_yaK-ITRJHvzLk?p?YP&&Edes8Ff`mIuyH_>=}$
z(uaEt)eaiGta&utYnb!cu8*Qino6`>P4#>)X~oW3F`9-XTMTj%!93xp;b#;5F0vN3
zC5M|e38jIZp?k#2j`Y=`Y(%czF5D^ElRnh=Zgv+o>ONzlhbvy&Vh66b$qPnTEY(_r
z>WncB=jN13#(znVpPf4ql_+XScoC<Ra8mHbm1C!xK?A}{=4O6T%>tYwO&Kw=@FqdA
zI6*VCHxNTMgTEOrYx_G(F*#c<D!%;l?c9|{2K@wy7jTJ}dg+p%^MA19K5N!fh6rA>
zr6YT>?ree71Uqr$5{E0HTm$v>?%drY2@p*G)3>JQ(xrFZC9G;esVZuU$yZ!4M@lGS
z3yq6;rc}1{!y1<BEcWhkhTKQ%r2mA5IByPQzE6^2;nR&>RJf{xFWH#y|5VRt<a)QS
zpbvdLP?TxNt=qH_3OR~W*;ja7UPVkY%1hA<lh0(jL`ZVZfcKu>nC+SooCYE?%~o}d
zKKN=W4{1)`Tc49<S;cKE74w<rj*e<HI>6ip>)Zy;NL=+W4H>0fcAD_)sViV?lyl{#
z0JRr&C?o88g=--4E@r}|@N{^B&=ssDQAEyHzEF`&H!d+XK}q5UcCa1uO~WP{6#`Q)
zUmRU)=t!0Fj?6|@d5uEdMh4y>dOnX|Ml<gJ5zz~^wwTbG2x#g|ciLah`9c6HqW_}c
z_Q*Dje4jdRqO%;lmWbC$mXJDbf5w6o|3reTikK+7ujwVuZ;30P3t;dZn8jD2Jl-ep
zEBIFnwsf3;oLT74N?!*zboZKIGaFrv=}zm}U^J_#ly<G4TNUHoZMCQyMCFmU$d@N)
za=o*|ieWj{yFlLZ-y6lE)@{#{b(U?8R9qgd(mA)#f77EYsJ6|1cU!X_r{UGStX{<K
zo*WQf!2#jc^_r6_X?Qfs=~~PPH89(--`MD$(urawN-JCq;2oAJo-HM>rwz7kQ|D3k
zh8sb-ZNyJRYqRrpRL90lFrwsd%gk7ssgSkHhP5R-@Qg}6ftS71OJKODa*>`@z+YJI
zx^Wy%jqmZo+o9m1tQVXFVqCdb;oaQ13<6S5J|s-0f$*h+53t4r>5n@cl_&h7ko7i9
zu2C~FzKJWSUugeh(jFMoZYtJCIMiJicq+CY$?azy1)mZg2G_yBFC3L-137^RTCYWy
z7AX9ABHhJUdi_?Y3$>%xa(&hDZH1hytqrPj7<iOk4xL{j)-K}j?2Y3RW;aUCV$aL^
zc2+rEa(_~2ne<M4Gv&Ht_tPc}0`XLFe}S7NzyFYVdzM-$oC*zU&yhTjp2}Iz2Wsf<
z{9CVKt~N(fC;tH^0jE`4X0Wfnu=svBN<{$lou$dtrf*uiXG98zh8j!PNfX*LT_aNN
z%|=JKWcq?fQ2tG{fRx9xpnvS>@drHUbQ5i~Zp(`$xc~PpiBN`SUmC6NX<C><LWyRc
zJQDh{f6E5PL9F!`AK-w6m=;6r@!|z-geOe%gK>G8+G$M+6c@X3wIiuOcKKwRB2J|2
znK$&NQO1(C3Z6x2;2RL_Tec)ML3;()O}`#JEp2XnwdiemMEyIN=6O@BVN0D8aXXTB
z@tGWap_-#~99)-1))}`BHj^VNd;OAyjK^vTF#`j57;%?I&vdFulf>+|dEryna+g$a
zTyle<VR99Pq-UXGe4A<Ki1!LjutLsV8F3z-hX>c=ZPrldn9RdPw>5rZb_aJ4wA3k`
z#wPlQjZ`Xz-hjK%*6>xH69{YKP2rqz@+#ZiGX(dnrKUNL;T`r;BuSbs`nQwK6BKox
ziCk!%(tTW|I1pByDxb7;tuFYAHkaUq<3O8%<z`P4pjvo>e_Um!eji1v5-ZTGDwLYq
zT1I2H$K<@s#N_21g+EWZk+hxqjq!AhYY_6+Y9~tSUPH3@z)@)WZE2?JN23kaHv5!I
zv);Mo?0XsY+sPX}4`L*4Wm5vCn+-rE@Jw;NIUC(uSeus#?>+iR>V2Wzq(vEtr|1v)
zy*@@Kn}o2~^1?z<sF=ZoWmQqo&}p;Gu#5O)dE$$0$#sn6W0b_bGc0}tr)^RvFgA1~
zd;DfM?viVK`Fd`+X={hj`eyPzqWYlKZuC;pxiig)y(?2eRM2dn*H$;xj^O^jTwvBr
z!U+|f+7Pa5B&am+e^BCY+5ONf_I(x?W=EA{@)aOnfL0ijghBn!;?j{SQ*xf){IeoO
zH#ISHZ84bTV!wWR#^^c~t{9?3x6Cx*sVF5^`LZ=@xDWfzbn@0<W(Eh{Zt0P}`EnY4
zup1D~L!>*TP{#^>=vgO8VAkG~f`2J*Z6(>ZB!Wc@A*q+4NVrxdhqP+hHj`(D$Pf4~
z@9iFsHFl;Yh1oho$$EoDYeU_|BH1EERZl%*sSnamrIT-Oh%)hYp(F-Lw8y=vCr+{n
zI22MiKW&5;T~V5qlEN*a%}Kn(?~H6B$zXwM9}Kd3<2Z<z3V*4BLTFD|lI}(6VW;UG
zb;o9(;2>zcOmFaefQJ6{m~{HEZ?^ZNNOTBk9b|Db>^v;~+p2#4{rtJ_-_pg2>!!ti
zjD3+KL7)A+B#lD!<o@Wc3S_FKd>@$aRB-4=s-xzg1ksifnvS221&z+3E~iJCdZ-7e
zp}~2dOx<LD`|lwRDseR($+TQog830!i1K)~YuxVXr|ake^-%z1J!Iw*yRCsdvJ0Il
ze+Eli8ZR?*LP~UTMqGL}e!4r?D5$_Zt4?U!wSe*LgplV8$H7CMB^evZzb`})6dw)6
zD?jV``17u|%=V<++z{QswYRW7zR=vF)UiwPS;$|X5&WGdVyzvGh#A!>qt97vNy^IN
z=Qx!(+;Mx{Pv_Ot0gOk$6u8Qdm`N-g$$X-n0g>!BCil6e)Whk;n3SHew}<;h(&by-
zOU@+iY^}A$=Bl*C=_$FZ9GP?jIPX#2qM<|)Rwo+Lxo=<Bu{Az+$y&Z;rY*_Z<YixI
z&;b(bplAhVur+g3qmLYlUI972hYq<izVAJXWH71H_1Nla9&~6AqG+ZP0!Ba`=1a52
z`HBDNd+~<NvBMTQ+{JzEB!JT@odF{-4VoOQbS~sb7l4VUTnOc##)#Oma*w{&U<U7#
zj5qiL${&fy`AkPAt9|m}Pvk23+fiu#b>h8~eif0R4V*SSfENVjbv&<q(~cf|EU3zl
zJaX42#5+HDYm4WAw+ZxcnAS~EB3brDz0C&79iT3bw;|OV+)(5AddE|JFIEWvi(9JO
zq8-GRdGG9QNXsGQbpc=@63U>=7s{Z>r)NP7LD28Ve0>R+AEVVZ(YEQ{TrDtG`=1Z)
z?5j^vw-M_rvMExeOMN`$rcI9qX(EAB_>#6?RTI%6QR@k+FIBbsstgQjXNddtqO}2(
zPfd5!4eHFrYHBUnYVah4VXluOi*n@a*D+B|2!WLq=LIw1?VpkbyVYPZ7z$%v1MM^)
zEL05i(OMd-nQ0#`E0um&A1q~$4*YA7`@uVE-uz$3Bpb*@-r1HjUzC}Xi>13Vge|3O
zo~(TM<2z>}ugbm<i*o8C)i)^}q&U9&WoR9qD_3qSr{6UA{&u%Hgm2Ad=;O0G>UU(0
zv3YXA`6}3`G=OWkx_7`7anG+2Y+}S;p^{|gL$}ob`1j!P?;L3peo>t7q^yy@-=bd0
z{*#gRblTx&0GRUkfB)?0#6to)%K#hy`{REftme`B68&L+XjkLBz&SUZw|AblOnri&
z^;f@a8s|-G@EY9u|6dcg2h)uI_Bc2YM~uPxw)VGwJovHN;_QC~<p1rN|NF=Be~p{}
zPXKkV8O@}d#Qgf>+A`VIJ*1#jQOXcvoLX!DiU<~z=#`hOq7QLB$C*>X2;pY)>O`>C
z$UW9Meu#T&3V!C$p?|YweL|C&1^%=b{6G9OSDr>((j6{!bO79EDQpeC74oIZ5G;Lk
z_Q~xBnSXDf9eSE`;{DGsqdb3)8%F524jm{H&6h7V>fx|O=cnXQ#JRt{YY>Ke75w5(
zK=?Rx0TvLDx5I3gh0mTPFZ^fEZT*kT|NroievT|UV7<!Jr7YI_3~L_$c&>Eb>_ZQh
ziHG0IW@~Xn1%N?XwC=Z}m?vlZB9)&E`5kt!xeO;>iCn@6<_erodNf=%to9d$`&325
zx{inL&lzu`QWCe!jvrDx%x&<my!5TGSV1$90+TY_iv+*1-=i&9t7k3*uD;$A-<*49
zh}OOl^lQMN)`^LIbw{Fi<I8cLfTb~-z8Iy5QnHq{=8JXNEcb1q8J4@`GiqN&OoPVA
z`~X&XakMh=(eMe+!_Bg)TIXX2zpGqVI_{rXYV!3&=3f^@G{ZI>x7S&WuOd^Hw&@Co
ztO_0lt{#p0NRMm2blw5SCXxoE8q?*(V06&WY1h6Ee$Vx-rM>%>wOzG=nfopqhi`rF
zud`rr9sVhO!?N=2!mF_xq%PZZaz7P)Tc2sfP5&{OcG(92%?0<1Bf`QoL3zfr*Umm%
z=U8M__oU~vD5&HMpt+@1I6n&jXkH~1f5C|WY0htP%m!%4JQMA^x(9s?m20uQS{Dke
z3O@LK%D}I^OLVez8QU~<=M?-C)~%D)$7Q$=<ckDU)EF(f3|m1Zz4*MnSA6&hK_(r5
zW$XnFCRg`*8{5%xjcWxK^{8f*hu^nITqVb5OMp&8=Pkc)S9V5}ho|}3k>iWb;*~pF
z9GMn+-_pgb52bWP2QVaa{qff+cx#(qUlwm%XrUXj>-kdY=%G74v+a&J=dM3ei&b2n
ztK5?DW!WL({A13RG+e!XJ8<TpMBf#&pDDO~B=`32wo@`gD4?dU6%Fq2av>CT3D}7T
zVay@3u5&}5>d&8K6g$ktBz<>rT-diEMKF#JX{V=T05I#B{c#8{7$csb7JjA$ZwnD=
zGsBc;>P)BkkJgUd2RKYihElDo;pXNF%fVKmd4HTsP)tmWR>X2ZYabxk+H~rE!;KAU
z^*so2M1OU*LvXaxD@la7RAD>!o+5FeQu;QXF~pen@K6rq-jvlD<1)+**APpIx&2?)
z3~T*`8PA*)Cu<I>JzB8aTFLt+?z9kojw@49c5N$%u@~dYB2gmBj5L8(x`-@}j5{U{
z)`$cwjW~8Rnu)v9WN79Za!E3vX`r~hd24IXx9k3!*$$m2nk2QxAfy+Oj|<!=p<c)l
z``pN-YY47+;RFFwKNADRfTgsBH}7aQ^~3`neOsy5%+sA<ygJk7Jge6<f%B;C+PbvU
zZnXMuB(l@xJ4<6X5L^rPl?k4C-kBkM$Ioy?n}yX2efe^`^qROKoHjoNLj=tA8`uQF
zs;7Y__u+$o+tb^6ZGZya8NdF9RnUpxwKnP*_x#wY>PiE*(cv4yZAgg&;HTVcP#tVv
zW8@|}Wyt&zy%E{WV-t<IYEpE~sfHw_Alh(Ojtcha2(8%EDZMjo7wewxcC7zkYxwdM
zqxdd)*yrc8hQy9rk3G6ciI{We_0Q7BJr8|7eR@gdK6wlesYBgPTcS2~4(V}a7G(ZB
z#$a{KD7VT!PH1x3`Ss6lm??ZHZ0uMn9u{nUTno9Uvsd{}MGrFhD8S6UB|$LH3KwkA
znW^BlbfMj`BRpcPM(aW_emU&X>>iNcw7P;Qm7P5`4xMAiQm($xWZ9_>Db?!1EzT^_
zsJT8rf`1CN2Cn#F9@*|;gU@o_aK0S+TWsFLpup;T*Q#7?;>*IXI&N)Dw2nnKwY$f*
za0=*97H@cv6Jk`~QC|3njiaKZPB{|BB7OSB_|<xyHh}H+uZt#n&*>fg-R$P!>YQB0
z5P|m$znqGnLMt>`Yo=(4e5Z3wRu719;{wCsqe#iqIg&@sK_|ZkYa#JkDcF3RgUSUW
z_H<cr?I@|Dz({|ow{Z7H2ELr?uh*K*1cbB?`cWfUp}fk<HX+bD;}6*zK)RLm^eYOM
zr6F8lq|3la)4<b5;C3A-G|5q;SNg0Ed9w(>2J-?$89$BhkJYR>an2L4_Oq7hvLULV
z3E8+VNTQcl%-&N|$e<Y2`0%=OF2#fHd+R|_M^fB%o-Pufw(ZiW@p06VZK)~tgFwVF
zMtPNz;LIebW8&-yJ2>(<wkTeJ)k(Fa!fimZt!S#cE8O%{|ARt?%EZ029kpk^fmFl+
z4IPPbJOEkUmHkE_ghze2is3}Sx=A-4q0S37PN(E$l+R|rNI}QZ$TY(5&gml+?TUOn
zJVRZ4z1_c%`x2^d1dJWZd?R2FCF#in1S6RrlIg`F_JC^Zz|{nAmEHjpg@9!3gzVmG
zw$t&VWFSfrO=p5mzJ?Q#nJJ0eQ(dg9)b?TYL?)utJ*jhbyw*!g%{{Xh(TKPtSLN$Y
zHXo|-O<I`9RQ#Mln8CAOmV+CcVyuJ@7{bF7?ek8Ur-c-g5}V5`5mvOORi4|u0F=`R
z-G=F0q}?N5+)>`SXHoBj#q0^H0uq(?8+PhWQ4ptc@E>E`lO?5&npzvh>FwS{Q^MP>
zpI(SUg^En~9cfZ}@V$lZB@q@=VvS%c&Z#|~wTO@$DChk%Ctk!vGvd6617YAxXp7hL
z>hX2-5n^7e<zNoCdrC#ba-=y{>UUrZqQ+PkZa@U~=Z$qDj*?<A`&RK~gcaC|&zY74
znfnpOF8l$6Q;7({%GMukH2x6&{#jS{p1h3nuvDi+Obw4&!&k#%8>0gF4OP>H)mIfx
zB?5?W72!pJ3(<9idmrDBx>~oiEO^W^f(>&XU3Sd~+p3OP4@B42oVxVaX`h3C9~@Zl
z{N!g|VOD*{_YAKN6<&J^1;{PSgC4g$BXkJwn<ODAJN(aY5h*wG7^q-jyQ7)NZ>O5D
zHY<A5M7{!=$Dl5CBL52xbSF^}@u2LknBb*;%rsr&00tXS0`aZ|tnclL`_4W}S)mFI
z<2+JdfM$uR5oEi_28+T>e7ybe%w_Qslg?Y{u-cR7`5!ztrPJ<Omb{i)TT$CoU6bF~
z=(+jc)M(&jY9AUY3{dabXw@rDa+2l7C7#yqI~RumL;IGzzT?}~dZZqXx|L<x&@Ygj
zskdc#L1bHlX1RvF&3oBa5OtwC_o>kK%Jm@a;~R(EvQ%FJS(=5gZGP1@SkA;Bz^qd<
zRf$GbcL8(RA-(DD@j|IG)HiT#y2YNLq1}FEYl+U)PLqYN=g0Hgj2$iXt99EXPlE3^
z@tPDQqyJ<HPFHGdeN7bK`iDm5K{1{hcv8@!cYzHjB+rcBt8C}&yFJ*0$G~zE?!kh7
zi3bCZ%FZg;%SomCahfT)$h0ED_2H<}0-5s`%=GI3wcMGaEa$WN3bRKRwW#$^uedCz
z6*)hk{c5c_Cc9<!wvx&wyE`Py$x<g>y2At^R)H`)^10-6P>=Dg0q&$Q%RKEAfr<8X
zugWrpDZd&RvcRh5gT?;Rl`%n!5C<C>%R?qzx3QEu>(yh&TUJ?%X7nHZBue5$$}NKH
zQ|uyP!8?wZ`*h*$iz<&lAJw2<>@CcOKI`Y&&R86&jCoF|c(9RCFAk^@zRxH_Zh)fz
z1wX!w)Y%fCA|y^al?R+>_wRpsPS_TDSbWKHPZu)@zt*#sZ0bGmaZj1d0o(TbzAZHS
z`j9|z_yUzH9tjf?l$-u=XJ7udI^w3**Q6bxH*EVt?s^vza8hqHGbRlU<#;p`w+o^3
zSArtPSA9wfW1CR3S*%7gDij@wKC5!S`ZRtUOE=bzYsUnWk{$_~HTzfnoPcq{P34n1
zuK0xDg)Z;Edz-QqC&i^Topj__jz2Xvc0bY3P^9a^7M1cg5Tmj_Ml8M*^w*VfYrEBq
z`~Iw+#iRXWlTP;zQ6VQB8l)bhb&lrUg*Jgcp)nJ?ZraYvy3O9leLFj7ozxjR*VmcM
zwj@BU<M<xsXK8s92M-CBw6YnYTPr<Abt?L{PBln8tG{|TBKhWf24iCC1wG+~jrI4}
zXK0DS?Z`V`qYY{q>^pUg>vQX7Set7To$1bnFX#QrRnr;rB%4XoHfQ^L%6I?t9;l(a
zlIKol7P5t(5xW9Kq)R_jJ}@4PQxSxn3c|X=#JwYFcTch<F5i6<d-PN|e#fit5gqht
zXOI*G_x?ubzV;LSysS2kAbx@|!@y&cXjr?ezBobHZ|3xS0qpd4$raJo_=3K6$vvwE
z)!E=RtUIS)x_cb)RKvb<i=u3j*%1>#)8g2}p&8y-QEO4iAN^n~ZUju(uU2?->3Gni
zeZ`Fh3B!h9ISt@jXh2CfLi0*cf&JmdMof4&su5H8d;_+vIN>)FeSMoi$4xCKc1c<E
z8g1IB3x&|+ng~`fYmL7FHdrQ-eKowukQ93+Umxc8ZbK#;jrX=yJb$Z%elad`C=4d-
z^@D9)*;{!o(DD~=OfSb_OvMH~3T{tVjdLzSqY4(|MDddS0P4V5b0Qu+b^S0=lb&S3
zOp<T-HlhyS`K6pw?6*}C&w1@&Yd&%S^h<j=Ek;G=93cJsuQ(!<7NlO~HQ6jerE+|m
zKs?pE#NKvD9xy66?Mdcio6_Qz;&wSh^gZ22hK!T?=MEeO5UEEGp8u$-s_u|P*yQWK
z8k{UMty=(uKTxoq!%p8pJ;;$}+t<&u;p182m@RgA{S&R~I4X_JsezrA@$Bz54(j*q
znCtUCKqR;N`F>ScP%jYR%g!9O>uFg(8bs1Z+tLZ!D*>E}HOKX<C_^`9+7c6r(-lzM
z=;F1)1VN3o3YB@udPawoUdXM1shNWw+J=j(hZd5?Wh?oa_!$@S$G2}5O&zN|Br&E8
zLWx-uwCZXRVJAW8ZP8jD2zJaxewUxvzO>U%h7w1lI=pvxzjE!4NZavhCGW1hkYWZ<
zgl6SF>&YAZ0Cx~SY*Mc-m-++LJr{bXmORl=_pisWgfWAW@`lC*F3|6g7`V^Oq3Dv{
zv=;-1xogQ(d0^=~Dul;gWaEu0$Uu=M>CB?`Q?n>3?1dtePZj63hRZx}NTp_kuA_3v
zS}N`f<LOUW?yKK9#5&mML4<3hf3=u-IIS4C+eVGuEZ8mm<6cP;RgT<xdFDBf*%vFH
zCoOOd8~T`$^4#WQ(SnSLZSgAausY=d4^+|=ul!ZRlag*%b62Mmw3-r|1qSUb_2egP
zZ6ju?`A123VIu->XUn%C;ZoiqR8;Bh*o{O?>Dr($d+Ck6S}u=&+NgkByuXj+wYYjH
zMGN{{etc|==2A^<>Q1Rc4CCmrLWh=fPFCsPBQ;Zh-}n3KOtXDmKKIahK%Qx4=l6#D
zA(ph-tx=7lZ?3*;kPH3X?@b@9nGKhY)FF*nn&km+5v=5!ct?GyJQLPEhg|Eh>WT1#
zXZ25J%aA(LC9aGBgI;AgPoZUArE7?7lL~A;UOV|_51IaUYf{b3cYb66&!C>}XCt*-
zFktK4nQ;xjo8hOFe{5o(8@M)g@TT?yzXNjm4`|(!0!BKnFEDv$>pZZF8CYm-q$dhP
zlSA}C^CH2kA>H}6=SzMyeoFJ(#-QAZhf2AlLXfP&5H}oKr|r!wBRw3m%Y#0P8y_G4
z_=+xqt8{A#nC3s&-dG}D=Zd2Duh-Jo%QVnmvji+FF%@q+bnw@iQXAxd!UpNpmfLNj
z#ohT~&!ryE7Xtxf=AZ+=>(ha%u*v%o*{QV%t<XN9T@~ud+~p0syuYkg&4_UQY?e9|
zpxHG8j2?5G^F*yelY&Q=-@vug6HXBt(B#{VKGq7bn_xI6Xcbkt!onG4=e={H>H=5q
zPg!2N-^Ce_s{i4-QsPKujZvX#fde}0w(2KN$oc-K8K!!Kn-~S_Jm`R7E&W4w2R%nU
z^rJj8pdfy$$7zoYyiY$fNK%>$QtT&%us}@q-cG#{No6=*>*wYrFm6*$$kWxETVI+R
zH)*vXh28pv>*N05$zomANqzsU?TiOyRla`RiqF;$dO$oBniUBE|Aya!3h0ms3?6tC
zgx%T7@bsd$6&--^a8-?iynqF?%4h1);fcX}AUs)?#yQm+T__K4$7_Zb2G@u??W!-1
zPsvB2)sNKS(jW|j9+SEoCZsL>lFQ?sJOvNZNw7;U-)7fHovDi-+OT%y&dZ~<&xts!
zlp=g96WRVLYt&Zl=aL_i++7@5?lr2es(KQ&(YF}gfvcRSug}3UhuP}DEu%zk!gbTS
zvGdSx1_lwtSZ+4a*9)VxJf6rb1rB0^t+uhUUWf)9y`1%V(J(KE_DAcg*VQ_0U%d8y
zmwq5^D`}>Y=kAyq558t0Bf;oXOOrf&IoTe%rJ9q^{<E7_)3f>|D0^m0njmEQNK|hh
zFViuxy*Yu*jBC(Q<*jYF8N}{N|3g18sC=r1SsgFZ$kkvSfw~^oYJ-VUTpnv%RUx^<
zpe4)+&xr1U2&KPn-v<#9hvrQlqLw;i@1jG*ZoL1!uz@!9$-ce1a~AJ)2LfHW0GQIC
zsDcG_XC{8qmmL7`uBtMv?1YtjScp{4<Fogk7^KF6Qndj%E<pJIMFYVk`Ou(@@`o8^
zC-d?wy*ymLDr%~|ft;tRAISm>qU0`g*Ff-?{2cBgXkd!3f3rguA#Ir;OZ|Kk3DP8r
zGV@+9^_P|2u~QeK1xy4|LXfTxv;l@?S$^_Eo|OAutpDZO`}JXwI%fO+g<x;YsN!m(
z;sGBYh4&sJHPrW@Rb*wGQ7V+S{3}q~F9w&FPAj{AHawEI<ThC7`dbea(Sz7CGy)<B
zOSMsqLIB?>D}}j+{H9R<C=R)Y%sLY@%r6)Q%b~epW1wpr8}(f$I;siD#}%?uuv0$m
z>>HdYYAZdw*Z;E;jW$GcDj1<VKYpjTE0*uSfLXcocECLkTV6+~Aa*_l=V~XfzdSHA
zF`na8ym&27H(fg60n7?eaeXh=F}|-&59vgjra$twl<?i_7f9g>c_<op(1(6f#uu4;
z|A#8=;=5hzq5!9^m}|qbMS~crXJ0KZ^~=!Tsz?saVR+<$vqYQ#&6HQN#^W-iT%K5#
zeMiTZ<NfOAlq;u6wvO%LQ|;TFDt4u=0ycT1{L_W6ZNk@W_`J#?A5BvRy7R)8uLsj=
z0-3FCtUa;qg<tM5b>g~GMYkc?p@N5Jcuk-A_fDA>Wz07QE<Vm{GyL$x+jpwbhHkDA
z$r%9Q9++DM1C$lKysqe}Y*n8Q++z<6SvKk=J<C9&it|DV759p$^U{wdDl6ho3cAkP
zHdaE;VfC}><f4EJeT4Jc4W?qxy`ZAt_1E?j-5xl9BHZ^(_sI(Aa6pIc+0`%irY_Up
zQE@t{`_dGHT%TN?QJuk0VQ)pv2Z=Rn_<%((oYEQdro>L8wNca);)G<r`)`d~&pVFX
z;=bxg7%geVhn-H?2(Gx#5^ueu(q}mz4?B7%>P{<)#pzWht=XXOrke5%6XC#qDGcT^
zj}mYfI^8!6bXOM6&Ttb>z#52VD7mXv42NoJHqtYbo(a2YO#IN(BDrP7PW4*I72W+<
zMvD0WQ)qjmH!iYd7PBA)Z+pc?i9<W8@&qNmL2vI5ud(q4HRu<F1lb0z)X;wB&oTew
zqT`mh@)Vu`nr{E8)8u}k_ON)YptEjYNk;(v<R#Csa*b^&QWfWqH_L#}$_3@`m%~4l
z`D99GrGdt6K<dd{$Qc2X!gwXg0^ss%UN5k1E}Utbrs$9zfDy%-ndy>s0iZ-vmSd$G
zDK^&qwm43EW;xXy`N&va&E&nV>pJ(vOO}`sovuAmDm4O~{!9G^iTis+b^G`ppMVX3
zA0?l2rmADlKpe4Jw&kvFxmOIZLMa!3^65BhlxI-oc{wQmKF~I?9;8=yT_(+oa<_|s
zl3CW--+*Wc^}_FLr>-vyG%dvKQz`}*vj+XQh_2BljRBA$%c_uU#*a6MQPPjbgnH=A
z$&2g|RJDrhW1}MLd3UzG@;hg0kGWRZ9tn_dVECz6^xp01@`j43d5MLi>I+DB|750r
z_69}fN?QbL>u8C8_bs~&&?DS@J>@fWMvnfW$u@mNN{8D>tq!;md+YLgi}w(dpKnXp
zjs)Y3vcsr4FhG<Cw3JRHU1xXRYBk}r!v4_f3S7Ipaf}Hy4`%%eE(usW3z}iYMlA%J
z<{NEsy8GpXRL|?A9oNski#VoPxpd@)X7*gY_PB9@RnO5EFw4D<zphKD=;Fq-68GF_
zSWVV8Ein~O@$RibgyF{Psiq^EHYp%i&fa=fDQF|*((gMlqwp@pnziJW(Q+Kon0o**
zZt<z|$)^v!YYjo#zMD&a>7td1UVx-&@v^R>RN1V3_0?;W2+fGzCIrsJSLn`m?%#gL
zK^^a|SPI95q&1~^CM5_CR(rncCL#BIUkbVumGmvwnKpE!D<oM^bfMqOyBLq#KXfoN
z{<)=A70&67V_H2%imMBZ%?zj3m9Uz^GCML=7VR7kjXNY=&?$Odb8aarp4G{`Re&wP
zYE+a{iKk~+Eq88Lug%>HB&$yZ8tp0Ml#~lhVc)vs1n-Y>8qJjdTGZ3pA8oxKg0P?k
z8`g)yJl#I@)$<$RMK5?|8b&03QVw6(H&N!GmF~C?6|I&eska##38~Z?H{_K_w%a2_
zw(p1I1w<RxOW$sL;{!_;W-e(I{kAQipf?hb@BCXq9zi#TExb-h6x!E2h?l+b)%bab
z&8q+0_;c}pMkd{IQaeNy=sh&2)o8N<C|^$H0q+x;@FZb(Q<e+3ky57tzOR=l*@rXY
zU4~lNc~*0Nw24vbuX(+LTSFxCy->r0@6#DxOYUSx^`j|K*Y3TuS@BCd+*F>dY>y7!
zT#@a2QBf?zB<;V@Z8IL?8;^nR)wa|9D-}m5cJu*_nerpwpplP%o$3l=s-2%|;M_<C
z9<J8RTU9bYPO+stelK8M7+-XQ4q*8dkL=qwu`Xo6p@m3#L+ph?A8>`37%+{@t(O;g
zGL6f*e)govtWBqHd~fZ-^Hi=`V$8*iW@tm+OfUFAigo!pG{cDG{a@@K`)?9s?8lD;
z#wcXB?-dR3g|6~3%%pW>Q^w1>NMf_`GJ2dh468p5hgnv62E5!zTc>nb?p2PvC&6}H
z8D*N}MWN;S?9NT^(w%CEb3scgkGmh)dU%2!glVyK0)NGCW!J4IfN@xy^i+}aFfslY
z&fApTKVW|S##&k!zm#@C@ptjS-mSskOa8lQMHSdu`|X?blD8O7NqA`HHM27eZ0S}f
zuU67>Oq>Nx3Lg}{bDJdij?zC|v0}2FS4Ov$KA96OcKZZ{8F#V5J6wa^LmhM$NvF<8
zC+NYff6?bEmAquCxXzz<pgG!-ULJK%4eXps0Tui7jV5@%$KqC<rwn$);~kP*pYC^=
zEG=SH9bIr?K?JbnfyjmHt1WpfI<SX&ILfaM7Tjt0&Y}A%FGo(t1O9Mm6@#(G4fUKy
zx|PbwgFN8)ynCk;j-%pZR0*5TT{iJ=hD){fVk>g!z9p@F!m$%CeEe2q1L@=wa(>F0
z{c|hjJ7%e$xpoUrKeAL`O^ZyBl2C68!lT3sTCCs3drj=?Rw|Tk5GFo}2fQqU(C-fK
z?S_lX^ip#;PTKO;w%_agow3M{0UDwCs^wE=;-b3@)HnUt!gp8kfNZJh;OFNBEP6Ok
z{_`GE#trTvh_%H!o-4+-Xx)?rFg8`TS=MK|S)?;9Cg_zO6LO2!HOTA|3#9k)>`;_)
zOk%(|Zv~m?hRPmn8gN6YD81cZmtf!id9wtp{lw|6yk?@(Qj#~}v4@+DTBYU@8vrJP
zi>!fL!Z|oWgw?j>4;%~-n3}1dik;1FV}VRw@Hv0Lzzk#M80P4YLx45h;khSdGRSRm
z%7;R<&h_trv=k=E1J~n2RTz|g75IOW(XB+TD5a6X7sXWB=Cik0)*!F?xzibbdo!AK
zAM0cRzz`!bzog3$-PcRbkXb3a&%R4NNq0ux)`Y25)cEECdq~~<4zSLM46pvmzFm)-
zt>`?Nt+X_kxFDsc+@qo~X_}X3B0;AvUh7g(Xr{`OwrfzmrP|MWVb}!Ofu3tk+JkXR
zws6H8*mEd|$5mxeZ^cGGHqcF9JsZ2KI=FVZsw(;o;mMm2=zQ6HzKlhwlNia9soo7{
zvvINvvbp2hB8rB%1J|i5WI`h<3djlfW3Ik*Y(#gg_Q>9IfgPBEJFC_@wsIZYM%%q-
zM7!R96ov0N0;_rYaE*HsM?_@8<a_SG<!2dxW($D~2c7DnHTbl~kupfI$xDp=CD57d
zfB1B#)`-1tVYfi4Z~9He9+CU}g`cu!vn4(E1)QT2q->-7jW0_jXf(C;BH(qiF|8Zx
zNlTpHmde;_b(TEMv?4}8QmCeFDqd#wg=VC}h?bG<vDJ-xt>Rr4Z{?iAoi^HN4tn2P
zZ}`qPi^y4Vu`SGQ@n-ff_L@NlPI?<7E3hf+g^KRNZO!as5B?b&<{*7kzvS>gTt@ec
z?zr8GT6Ucmv2Iuh&?jkHH3YX%l_8uuucggOo(avI7A*k$y%wNov|(~gC+as>AG6bc
zG@WCy2e)OjtgNi!!23n9yq7zcYAqWc=C-HeKa<rm*K*ou_>J%Pt7?OiqZjS<6kSoI
z!H5r#v|i2ZMq7AK2+R;v-7(C-R3^MIzm*IG^B~M;EVTZBi>HDHhBauyqd}_0H^n?w
z#R^R~?y-#oL2qp0L^{LLLGad@?;NoUa-~`|rH(m^)>!TLt6#>Ia?N`_&;;XrOoO%O
zyyre3P52YSSSz+3E13$!2OQmvfYQsuq?ozn+%Bu!kinOD-iV%faj{ReDwDywUO0R$
zE5SO!KTauN3A1CrYXs3<AQpv}H>~;h8E<E)eL~L{Dwjh`!&pjQ-b%co-|3cH;B872
zGVdNxFVlmbHLb#TZm1;fDrEQ}J;pHwbNjnpGw7er&|mP!rt1EAtR_+%*a%i8DeK%p
zcc#qwz}+O<B;JC~qP68bm}h^`xp^o_!PahR{lln1)Q<#^w%(RS#(`K6g7TA0MX6;m
z(EK$jvpH;aiU2Eb^IfF`380o|3L?v<>q{z8v-7)Ihl9i4lp?+ai96nX^t0Oen&Z+w
zx)~DJ#hf6IB?@S<Ra<8S7MB@|Mq7)Z(CgvgPsJ7;S+Ar;;K1<*MhwIq&zKh;s1MFj
zg2^g*z8DdG6A~qvpjXC*<t1_<EXG4fI$IR2BRO8-a6=I;9m+q!rWDr0{qA={b0Nxg
zq$N)c)qIF@eQl808pn^m{>9<?rh)cPVN<~-Ed4(~FPitDArBIDT$!m8<A@%<x?G@t
zdf*!3g@Iv!T}rmXYeG3F|DBn-=cl5p>US3tClYr(w@VnDpBSeaDf{pQ_Wc6(mfU9o
zxqU;($)|I8LtJ~;>Aj>KdahmZ?3OzLBXW79s?7EZ-}}6BXlAjmmz`Nx(|4WJc3Ia?
z>m*yu;*S%lu6=6&89T^U;!~`XewfbAd4lQQyu8st3Qw`jNHBt=d%0bC7}$b>epT3p
z=s`Zx-L|#2CL6uQ7s<otKo}8Y#oP*PqMn$mJ!eQ0WN}@ahpzMt+JDUv<pCp0=+O)t
zpxEZ-jbM|>ss}sU)X6l4BTA{)HfE<^8)-a$`m9_3*AAtzUgXW%3ZnX2GRC@#q?{?<
zF>o63W)y{j1#B*#O}V*ps!X>6oOc&Qx4sEYRs7y8er!IiBGc`cwA4#g4il-VpFeeE
zc%88b-KsLv+tlm#F+ci%_K`Zd4pRH=zV<)s)hvQ+_O4Z#PEcoejy1tP*Fzt<l4S>d
zhrfh|*Dd*iE>@f`sZ$G(jX96ARB7Es_egfb6eP++-t(&i01I+wFAhX})`3XHixA*f
zU!1h^xYE1+BWpFdD3&i6?$>diUCK3K(>88+Tk-LTatWAvVY>4}xDs;1-CtJV4x50@
zfS-wZt&^dyo<ZKVX^9Q=x-gr)X-j;7Q!8AFi7o$n`e?3Aj67C%SKdZFxcp8fhdlX2
zr&F8A)*I9KFpr?NwG#XdFXkG(c`Kqe0QCOt@s#}Z(7aSmM+x$8=C3maqt$_B9C8aM
z%r6L<8iQ0Nw{0aU&;I-Bb=whdL+DI_KWsx6v-T|O;gK8){$uOzzZYxey+cpLNnf|k
zR+s8S(iSX0->!BJtZR3*lQms`Z@zR{#aV>XwWZbg7LsEOz1xT2+!-jazh_pV<>3P#
zt-Oq$;L=l}<~)M#Cmm$@X>SF807V?gb^@H2dFF7L0!lMrWM|{TL3hB1)G1sw48GzX
zx7<0qMI3Ba>C}0C?tpRcT9C=sB(y<6?zrN=A};~ot`xfsh|F*u{!lZw(GLPI#OGD6
zbtrHBVZRHiFXycU&m$hvHmPibH`BxR&v3}{YlZBY@P#OUJ9^*Og6;$~`~|Udp)abY
zySz|=dU}u{MW@AUkfZ(GMbc{}w}*%!rWO6aFTXs+rrj-45;dQOdk0HN{{kb)LT;TF
zHvHps?YSBZtT4fHU^_CEM?{%A=?K@NIIgNss2xdcHS1dh_MZ`YbC3Oa>RdqHl~%1J
zk<`V!0ezznB!YiHh4}4(SFfmql{#e|lUJf?_y?*JKwev`Q6aU?oyd^)y071PlQe@o
zCumdKcd}Ssg<$81+QLKEs|TjcHe5+^CPkH=L**6?8PrI|i|)VI7#GA6LQ;ZlyLY8Z
zU`s~#qH-D{4{b)*7mjW8>Ic3r&S37+G~RS!rw*taF-iU|_RfEidgiy<E&4PVNxY{`
z{rPTfx!|(9<D06n`EMsI@NHs?4|Cm8mIi#JeX`yLkxjM+y9a0LOB&)F$+R{D`g%&9
z!?n46<DeGGrUdshW0QZ}KcD>wcyh=r0-Sv4j*kjz`JKxJXF`#ZZ)r`LZ93+<jXE0}
zbzLuHiLTWcUvO&Oc!+hYacncCv+rXq@wb6B!sB~arV3th?+LPmBH=Q52*hg`T=5|j
zJj4UWgZoMVFj1?j1^ImugeJ}f^v>1qjqJx6+BFn8$-5?FU}RGp(ho-W@p8tH3Q>7z
zh-GE_dQfj6&=6qWFDYq$C}!YH1nhKof92xnkwOrn`x#?Uk5cR|$~*X;hC!T@4qmz{
zWV?Kd>bCMT*N1;Ldd>^vnx01d2<)S1gzKe?Ybev#S&VenH8Ic%b&&SsS_mOv42Y*k
z%K}OY-a+`Wt2nzU^|GattS4gt9;{RO4i++6<?jBx7%~pTfco8bszr!Njp4Dm3Cfik
zd=s(wcT`;1;fg@-8JjI{kU!*<*)Ws1V_2c-802DjU|_s>k)KJ&E%yO&@F3vhd4715
z3qSS6ZbW>#To9qoMzF=SG*PE9aA}=V>9G{w#JMQQgr#DBcBRGqX-F$FEBaYc<HvMK
zeuLQW@M(NB=M17-pb;`(kLnFdsq0yz97INBirQ9U7;nP`SWOL8F}@!;DR2?($g;vh
zPdvvkf}#R7SkLfG$Jz@u8<Tfo!(6T>GX<>8dgvRe8yM?aw4nKXPMb;T9dC)<BggGQ
z(#NxrhlIdEUyfYX0?;}aX2aMM13l{?KG3F!;#0&tviTb21|J{6cub1i-zHW-2T=_c
z9WdQ4twX)sdct!Gb@+0Al=XBlMksR~UAK{K*|&9Awqif}S~*JePV2VIrv@Jbg@(Wz
z!W8aUqP&+C3!9!+Kg!mTz(#3nPO?cfP+1DV#Kp4az7D+ofVQXz5Wv3{$Mx@&<wM2i
z5BHNlv#at3qon(sf<3<K6>83CitoiS>#*v2jO@gObH%zE<=xMFx2W^WiPC@&xBJPn
zHgaq3$!NeGR0xUga-w^bo~9URh}KON0Z?~4*<|zU-O@%*+ti=P#epBIU+9$9&(}F6
zh$U$4#4x5y)z5uKT4EaS{rvpXof9SH@eu7TFQN+qE2LW#tNR9jxjSpqd)q^G)do{_
zjq<RP)zTi@gXjrc$mgAdoC<y&HH;c&i$0;Se_d&*ezdNsP4rAc)x=K8d0}Y((HhBo
zGUs~#M@p41Ddj<S*k!5Da?S+5vf$2{G-c{339BP%34$h)QG!`(b%^ln)*??8?73=B
z>xcZ3`nXOIpE(U}!da)Sm5?`!M6b7D36-XoWISWL_;jRq=ix$l`HQ~IBW6EyZ#}b|
zt{g@2Fh+*GI3Hh{tChN!toDw(u-E&8KShd+vFQ75SPwNB+$(CFClok_Ln$keU~L`X
zgX8;X4sr<(;J<~45f7Rm@>fGeNFyIhbrH}^B|*2dJr1Z>*v1OOl?hLi=lc=nUIYYy
z^K<R#l^U~_p_NLMMUf~fS&%wUs0`mm_w~REA=3HI=z=sd8Zk<6swu8KXslFvM8&gQ
z*G0X@izLy50CNf}8to`udNr2dz_ogpWG1-a_TDIOE;1}t0p>zJkqK?;5XJ8<fgHsm
zg@8xMq<G<}p*-S&#gO(IgmO&N602%x>`I(VZiw&{Hl~>QhPj-!;<X}r0bN!zss8R7
z+G(f(LGO^qK|5`$x#={8ul1nSDMeY#q1e{LO;}zGxK)hLs%5sNUN2!p(v5O2JPltk
z$)(`wnrcdp>BMUj_4^sx6Bk{GMlvAau(sw!e2k^SlLC?S`V2|zPZw1c_#m{;#F8fe
zZeqs-qM_!MbkV&|e&#aiS2q1}rdFTzw_3-|OJ1!2yyO;+?P$C!S1xE;hm@yw6=n_&
z|HJFYUB9BB_*5`KSTAGpEErT182Vg$<Lk>moSgfNzF2bXKZF0A9w<8FFO@SGENWBQ
zuh?t3ac^V<G2TJnx%bbkN7v_aBZ|9bea;}NcHn?ZV`LO#9SGT?$_&ruYHadFUeX9<
zpy~|WFY@n9ulgLKenipE$1IhA-cAdv0o0qM#xW%X#k%%Gjwu#0i;x@}1{uD+v|>W<
zhb<32zuc^9Vi2tvd9R-LEaw+h<g8v`5EoW|Zc7=Y&Bpam8j>8?)5@>fH!?73-!w{9
zAh>1gq)LlfGqJcmHc7%qOCc%_vTHv1B+QwCbw9x{_pA0T!_@18+zG`pU4h*<`(-9N
z<Cs-Aoug8k5rGvcf!LwKwfBA9RCGrHSyJ+|ymv2&?=*Y9N>WL*+dv^IZ~$E;XjaSv
ztfsEx*)~LZCri|FK}E4`pvMb~swGpbjr~_QDfj-5-@6=9VuLfjB6$q;lKQaa2XA+r
z`!4}s34YifT_>8GqdnK_H14OEp4nonEoP!$ui=r|zw!>+mv3E!9wr=IeH5!Ew<&ao
z_`-fYU%29Lfo7#UuDMwXOdnl+H^63D;#tc!VcW&e9Z@p?&4k*?9%LKEs$9A9sTXDX
zRtPwGEA&|7H3=b@FEUvEksNO|u(vg`YVfI8n4nZ^X>No=rHWFibujuF_e>D!^D+CR
z6NqK$<@;9gVXjmqG4)pAb!!z?fp`g4AsMe>w|C6BeT19VH6Z(RNS~w=WszP5@UCWF
zG7JKJ8=?7#un!!(Wg>n`zr4*SAWb!#fY<$Od}|yz`F^M7p<^s{^34(#t6;p0od#3-
zyrd+i$RwJ2vEN>&%5l1r-&Z@2rvjGu!w!3=NN3P%r0yF=B_YvqwL%wBA71QCjA}~|
zbVqFmG=vwsE1g*nuIiFk4}q?hS$HCU`49TO%IHe_fec8OuZ+8?;9${>5+zbRJzN$`
zY&hZRy&HpDzX-Y6@fDRwJ92gZa=!0yJOd53=Z6G58!p684h0?69!zIIvF%mMYP>QX
zEO}?7-gF~F_8q;ni9?=8MQBH?rIf6k-!#HVuEWnzJU}E3<QIX8xXGvPPtk>o_$-~m
zSt(%2y;sOX#_+fEE9N<muM`;67gp$=i@IlxZX*P4Fq3!cg7j8>Q#r2#sVQ;lx^C+T
z>{2Wy=`9~pxyhMe<ZX7&`^axbH6-pi8?mJ3Eu~drEmv#Qr=&&aUI9}Y!$5*UD;OD7
z6J~hDuJ+Me`Nez=RNe<aB<+eTl)nh}bA;dbdU4_r+Gx6bvQD8iR_NH;`2>iRPfJ5&
z?ey}ornuoXlZ0Zu4ez%B%7zX5)6T>0QD#{hmIYRyA;FWP7Py{kFKnt4%iYYad|EVy
z8(b1(J?TCtW8?#*<IfR3WDc#wVY-9&K5-asb;1p=>b(McO&#fysCc7JBTbsV>u6qT
zzrcfz#u#DofML^>U5(GR%{sNYo_+I%?;k@U%m3IJf+VmD!kP6mO7tU>v+)vn*}2nY
z&K$>vc4EvcPc`2v58MGBO%R=eZUtbw^%r(*V!nwYe#Z^9j+hoRnp@S(Syu+>%?W{P
zY|Uy>if#f?@NCNd7(Oi7Eg$q9#jj{1TypWYNK3vb=8HV!K?Ri8Ai7DadM;8~#ht(*
z!G#O%ER2>{8FAPn?;{!&4L@`g?o)Qf{!AR+EbKFe(0T>ZLNkMI^93hXx_yHDgg=}#
zTAh#?j}->o+Br!7dsLVd(0TdmxfTRt{HahqdzBq?hBNSy7te_#y(ELAz}W>kA0#E*
zVI?-RV_7hlyubY88X5@*2(!A9U+~4P&uRy|*fOtbuWQzOV)iPr;dCnAF45Lwto&|6
z8m)q{d~U~$Rf`Gdy6HPJk9P>G=t`H1D@Ud7DY<uAS!|bel5X^!t}ffo)xDRO*QawT
z{Wun0*jC)Jo0kipmM1?!fsB|w2ONV8Y`i?Rw~p6>nXnDU{9=O(+6vmpHJri2wW81l
zlvrDZu9P{ZX&f-Zt>x@xIztwudupL(MsSfhQQW&c?R3vX;V<%?R3%^-NSWOjvd1bg
z1-reM0>+Xcm#fxZnrd~B$-#{^YIBNUULaOFv}E*7XwP-sv}H&bY{EJIT?tuxkO=Ip
zn*B?Ed@hZX-dC9-56{YxK22HCfMDT@4#*`BaxFDwH&k_ocD^YVw9ZH=YY<zTk7RI>
zI*lDjtv^<OIEOpPeXf7V+Xyu+a4kJNDv^17jrs%{JH|<vb)_^4-(%B`pSwimt5P(q
z0g?~xm&}X@R%rYCAy*UeT3D7MUt6ADoYYd_3Jbn<NYt#wfNXz{7F*T!d5}siQTQHI
zkNo+>RyW>pX)3oUQd}^&=$D0PPzqs{BBOr2v+-9}Z_QgNW|F<*@Yu0)ix;mv$b7rg
zyK~|n_SD|+y`^G2{>bNq1LscuAkF<0E29*#y84!T|7M=m+&T26ijAjpPUmH|gZ1`i
zE(0q{NWke&^ysq(iT19&)@nw;gzBRD_Sv@G7b_!g6SWW5Z1zhSJAV5dsa_OBtIn%E
zF9;C;I;}uz)sBZs=sNn!00`r>FO)}0cs*kbc6RvhhPK=H9L*;SYdxOsl-#?!LimaB
z37W1Yshl^vbQE%H(fIrP%EhHv>j>!@%ca`v#CTCu(+VeBS8LYgqUqYLQ;vwY8|PhV
z4=Zwf2Wh<@gY%~Y#^U+ex-t{9YfW1)qHL}HQQE<yBy}xkcWGTLyJ$)9i~$U%>9s}q
z43C{4E1JePlrTq!ZDA;C6U+%47e+&c0|mxKHejB7QV}oja|Ut#feKesp1mS0zm8Lb
z5G~9!P54EIOBFn||I#ZC?bZ0L#4d~mc1zZBDNnJ12@yOe&-j;XK3RX<OGr0TJtTGO
zsJ^!_aK1g3C;)^ka5sE6X4-RF`pt~jE~f;LV;Z%!(3F$KYxq-L%jA@U*)Qyu27SO}
zjpN002ZM5~y1=XyKxavQ0bOd(6JQhHI$lrb5yIpc7aR9*My%%y=v|V|clUf`Ub8K#
z+VGFJ28@Fp2lH;8UV0vO1-ZM(EEhEUc5M7Z%6Spv<`9OtD_V&{f6iRs=ec8wfnEb1
zj`GaEYK?>6a)RSvSjXeW1Hb2iS9rQP#z@}ZMexg)FEoj2LqG@WfSoe$XeA}O;w*VF
z>u;}o$W`sYpF5@x_SP|!5OaR8(#4))>l{_{&h1Q75<E+mZvM)Z)V=;s=?54DA09ZR
zcbk^<KIq5j_eH)@aKz1F|LgM+yq<W&Uq0o7aVzYn{=<R$S0C8l-{Jqs<PnD(7Y*0B
zYE@pV-c{9+5m|}{nd3gWTFIXM<44e`1`hpO;9_fj`){Vxa2+=AMGE}~tMZpGTRI!R
zewg=BkF)+?9m?}BG4=<?;J=uSG|tnSAY#Y)uSe-X75Vo=YJU5FK9J}?nbZRpG{e1^
zQ(shifMY+lhJdZRN%bzRd4BI5JeX7S^v?g^rrEh1;Qba4=+qv@1=a`SCoKyA3Auav
zF~VUTu^N8N_aLa0_hE<T9HHXPzYeGQ9QpK+K(y|Bf3Ywy#m8VQ$}~aTR)JYb@xg!p
zsP~uk@XxQY8VZ(xIfvaarc&oF&I79oFnT4vdIh6Ne5QU;{(D~Vp-H#@i8=N`L&-ZE
ztolJ=WxkCf9-nl|(pfgcnBNBTUz%TmnK8gp@iFtTrzdn^v(iat8kqV^-Ke&-?o==`
z>?-;aV)^6TZ-=5Un6!=YIY#uyTduMuU@S_9)%s>vRg$Ks=hR9`%Y4H)5_1rL@PC+<
zbmCv9Lfztv0a8C$Q%jBcZFRxGn1{^uVq<~#PW@@(1kr`GXu-JgKCRac;SEU*c?!0T
zC49u<0~>#pbpG|bYH#jWVuIt39GcWTN@9%hXF7hLc+w;H!QMGDF#b=TDLwH(%b@&Y
zJ&b0Lfr1q^u6x<FiRN)IWyDYblcRJ#MT00`k@Jo^#9Cn)V!jy%>|w(pd~!@h2NCCt
zEy`PWkT*aGKTSeoraeXNz%{9N=9j3b;zoJkZl9jA=b~1C2FOZYFw5;^Z>ExBdUwE*
zD@-(<Qf9eO5A_?_{^#YGa#m;g_^Yi3`C_O4nf=l4e`tR+IR^Z1{06lFZE0S!tvM~W
zL;tO|w~T5lTDwNuLa`PvrFenT0x4RcxVyKwTPg1Dl;Z9bcMDc5IBB7{y96n&!95VZ
z%{k+Y_nh;+_s1RM-t{MJlI&z>uV<}i&1bGTRg@-yn#eV@K~iQcPhw*<SM204C3xV3
z2n07H<SAafsN^Cb)fNZ(5c7jA&svXCFMw%N-+TF$|M~N0wn}l`I$F2*?#6F95#hN&
z8)a)l?{T`BWCLrEOR>G2uW}x}Bsu!CHr`}{&Y)gy9)J0;%$2`(1ZzzvazKHKrr#NU
zsa{JmD*Dq@m%=@2V0n0ZHDOHh;X-VJzquITLB)PmNdMsh7#Ea{*GM>709ppMt-~%&
zPBY9_l<o0awb1Gw+5V<hz!7C*tOvaxn&l-4{MgLY)K7=J%_k=QpLRbc0`^GhMgSu@
z!RH>@#`i4(ynuLw)W8&divL1cL>PZT+1|j>z;UEm%hD9#2$E~Lo_B=}wO(wtZP++5
zxH-uT$PW1|H`sS!tE!@^zNCvf6M)`l{5E=J7~GY9c;|x{G{Z6bI_xp*l=b2Hb^5*2
zu4?-hOx<}+@?@J<tiUFHdUa!?5Z<|mOBp`U;KPFBqnPD+;?M+#!0K?L$psk2D7}S8
zh=wPK4HOb5ij@Y)s@fQdK<cr;{*+!H6e|1KWgoB0_=Y8Kz1Ft2jjLmKkDIwIV4L3W
z9X66zuS)K`q+pQGO*KlxJdFGNIz$^+nMQn1fr5r$Y;#;(Q>9Ggx5mzpC<l&&iPLnj
z#<N7Po6Dr-$o5p|U-Y)6`}fLpbr$k<f8J%pdMx|cRWdclFX@Zml|RQWW#Ds#C##js
zq*|RC7-%0+^8T9Lnks`1WL!Uc!&LEi#M~uvuh?zm;0779XFlC<x^AqUc3l$G(2#O=
zI3smirXII9Q$+@AXPl|jo46F!9Y{@0mAps3W+*M)1f7KZb&?)3Jbl;G-;_j%>*mH|
z)%tEIwLv(hu#uY%4<Db1sAy3tX*}KNa?C*1o!8f32RV+hL%9F8$B&eHEjhgm-uM&}
z`xvD~`t-E{n=dw54IOAF)cVHa+xtj?su2f8ViLj1kib+SqW5ADzvD`IfiFmmtd;St
z+?GN$Ccop0U*Xn$g4y)2<e|7I%$W^b6KuZ}LVWzi`KwDFeEhMB80bh?XlMz&%2CSc
zS@{*DDMRiWi|7owI|cGI7-!Tt8An7|ka+r)8Meqtb^cV`j5qO$sp3k}4H?z$!GYIz
zzzPRaOpkI9bnNUMS95xuoc?%*=F*{n<cQ=j-MfM9Plqxy%$Xd{TGJUzuP!m#IqjxZ
zzw@NS1H1uf{XrvbO|+c;As9^uH2O<b!Z!0?KG@0}XCqa3-F8cIsbDs=(%KES1!wzX
zdY?xOMwLq|(9v*T7?|8c?_4Edcod78Fl=HL-9(bwuY2s8mlKQTN`<mZ9v6i8pL)#2
z-pR<xCETIo?3!FGd2J~GBJV~7FJFR<sI3f)$S_E_Y!{^G>nxb~+~CQll3q6F(6Ve)
zbaabt21al$C5yfZESk~RmsGw&zb&m?H|g?LJBAnmpDAvrV~xg4x+;hNg5Xc@&lg5y
z4OHkf?09OlU3XitpEW^A;U$%@x(@c?kD?h-WD*u+e)j@)%2>H$m&;x{fQQ0sN=iz_
zhAOpzm*aI7gxH^rTe!RX0la1T^=<vY_Ds|1=AOGSpX~>T8_h}q8Z#Wb)z9Dd*#n7j
zc{sIrU^uc5&`#-Xyr-ZYiew9_Hu8!t-)f3*U?LarlqVoOMVpQAydC}-{mp6yIck+J
zhHwRfWS{oe^71Pw8<%Aa_4|f_-oeBQm>cQL1||06`_#aoU~}P@k9+UXttT)fRK{T-
z={rxCuAbuf3?47_)itFb4-rCYZ{xB%s`v!u)^q?uq5Zi2b>o2-*&)>x`;)&u08D>J
zst5_%xwRrWJjF=!<+J;SX3;=mvaP&egoy=aPV({Q_z|6ruguiDLMvqoi_W}Way?ke
zPx1hHcnw@ov_xL!$6tSrY)IMoVCDH0DdIsxLnD<oy+fBpnG8*mOAkpeCKqVyye+*7
zI3Rf&BdO(!uFu~p&qX!SrMp1-Jh{POn`T8YtJ`ebx^K9dW~SdgG{lVvGs1#Nf$>d$
z5eh@RpMZ-_eSu4ieW^84^(O~Uqh~&O9r7@QQSZwY2&GV~9!pXvbS(OPljD$iNJ<Rq
zM{AIRrEc<f#IP*;KSO8yKSHN>QLju|dU`|7^YA&Evfdxpl<0IKVSpK;gyL7?%Ik9T
zTnpfx1mA(5qFMeR{FVu^(Ut+W4|1x8fx}D2!z?o~B55!}M|CvKOVkVGxgBWjRW)aE
zlgOpoE~CXIC&#jt=-&2c@SJ|RXmHy2n=7_zP!C2+#k(mpsLI;EKG&$gGc(0rqrTl;
zTgxY61T>^f`L{A4Yg=7%XC4rQh#}^b>L(+o&2l@_!=<*>y{)pIZ$FLXo$HQoY6;w~
zLffY;uYMAL8U2Oem<$1XlmuK4O<L4^*<qLAnAiKjt!WTr=`EP#{bh$`U{FJQ7ESr?
z_I7=>D?-w*JeFai=)tq++-0fTVO4jsQcZ5;cXVdUpoWfS%*@1u3SxbK?hR0+&p!7q
zC@PW#bmci>!%ww8vWo)Kdcqbr*7u_~jIDV}pA?*?b~)KCPCnKEVgfcQ%2A}e%=Yii
zJJaf$K;(Hb`s_DYNm34i_RkFze!Kx_>QfH>_UrHlFX^`CI7ehhkgkyd>=C%0fcb`D
z<&TVvjAEP(pKI@MW=quRD{7z=Fo9<#D{Gm>_3MZ@gcNo(<HYH+DPQsYSx}S=s{gXP
zO@X?w#83IMFvU#fWu{w^5vTfJj|6NZQ$j=S;eIeYTZianl4&;o_TN7m+TIcp5IA<@
z595nYNsyp8pR)RE^JDBaSWJo5)c7WF?s08<sr!~2O~u9<@|d+|ySq19nVKRVF)ksr
z8!RgiYs+SAN3r_VXK|NQlqHA`g&HCIon@6BY#bk#F4@`HqfBN?rqt!0+=sjZW(T#2
z-lgtCg@KfG+4K-Ek2zv!_id>=-g}?x18w7L1L5nZ%K7VK#9q>&Ez+*5q}ThMBc_|<
zYBkPto;>ggVbZ4_VQ$hTiOW#^3qH={A%{8ZTY*MyC@k9QbAxH4s_Q`Vnov}V-Nl#G
zs?#K-7**0+=}P?tx`d@W%_35`X1jONzWlS;?cm3sf4@@&>n|~;<Ctmdi;9bjH@rdm
zD2j_a@2wp=0WoU)==?1(L-Y(`<<R{6u(QX&ev&lfa&z70b=jvR#FD%>Qz?`1!yLPY
z+Bs~e-@t24A(h<)FgSTpJf-NTd6tiM0S4R<jK~95tczc=yx+gPt@WG2iY{3Sm30&|
zAg}x;Xzd3GtJfH=Txv7DfE}NJ>HTgU6ux__Lx@C}RABddOCE<PshnPlidQcrqusT{
z>f9-dg#BE%Bj#QA%>duUX6r@VCx8yNYFw9G$|ly!cI58;b{$+xOY7vgQE8ou%BOrq
z#2Tf?n|UWg9ZkZ$G~ihOTh4lu(??kr9h4G(*-Dl+exTNvT?(6Rw5T1tw-r$&8{HC2
zV(iPy_U)fS+dHOt71p1uB*e#23>{^`FsAtxrpz|~?G&=zlRc!tXEysx3=sEay%ylp
z`8t?kbGDN{FS#&UjA5F4!|)^)!+3R;MZZqoAPO8{*NP0ML<!I{hZz8PXwM7VWhPB}
zYHH3x#Z3D}97g2O$7!uOG-Z6(E^hDj<9D38VOT}g-CVy0UMbmVH;kKz^L-sjE!(S5
z)_bWY@4$>Nj<g?~&G3D1E#H3Ak5QqE#my2Ua9pQ2W+yPR7nxok10vbNn8EGFdvOWm
zRTL=x)whGSBYUo6f(QrINj7D?jC8<yPC8p(picG+Y?>+RGOT-^Dy(?q)m?^-;3=B!
za#SAatEwho#<s5d_Itbg(>yxH_qAq-XgWGB`Rm1I=lJqv--Kp-mjXajV7$`Cs;{?q
zR2lAbxm2MRdYtvm7orAx)q*R;Eo~ghMIqp-3(BIgzv>nHUMS;i0?3tVX8p>kvNPRT
zs;^y|UmlaxhFIISN=?TNq||b}*~jQsM_+5J(ulF`_A=Bd)?W*?F?^xYbGbJm*X+7O
z@Am3YV=RiS51!SqwUZw(Yl|y#OS#x0JHpqpdy&Q!hA*_HsYJTA*uMPeFs9^YuF8&O
zjnuNLieY=<C8vKlQnIBPaEyXy>>u9#ZNr$j%kSTAze69akEZ6BFLHSX->QJQZdd0S
zz)?yXqfPS2WVG^yF8&-0eJH%Q={_9tbfI<DrQ-3F2kpNkx*?zW<nO1pNDR^Vd?oY;
z$h=DOEM2%#WT^rwyRKWfLUi;zj#BjrT)lz|%-mmPe~W^iQan{oKa2e~^kf~fPs{E%
z`F<|xv@OP3X5LMiKOZKeDWO!Vd(l|Fu-C788yz^1gO5T7&Z|BbTOKIkarg)ZOD-|t
zx|YACbkyhaxoCQ?#5qGY(&%g%Q!r!xE(&F#t7i@Teksunf)2!Sv&+##Jm=|9`DFuX
z;-^nfN<J1(qK{>x7UA7nc8H%AlO;3jFw1=PCrBdq({ELsuGFa#(#a(tFG`ov#1j#g
zPdO+bRhB<o)<&@bw4jsiwg!^`T6<cIwjpBKr$PC<83y9D^*V;=SBx=cgX(@=ClpcL
zAHGyoN=iy8n1pY67Dk|gB-tM_d5gHD3@5Q{B>oa6z1<p2XR(^uIzZPvn;3CC(5+$4
zXQva*h<=R$KmoGYh<Q=6cH~!ZL6J5xw^lN0cf4JXPY)83Gwt@Qea0}2iJbTb{|?io
zqmvG7B&O%8F6<9oGH7#D6Dz)8MZ=pF_sW$`V)VrQj*gvpG+*y>4d~>a%n=*x)KpZx
zRZRXfk?f0ujXm|KmKGzu{raMX2T@(`c)pu4N-z2wBV*ojtTj~?yk4>9h`7kaX;{IS
zAE#%O6*J<-<)*r*lAyZ3JvGM8qFD&rxvG#oxq9~f^;t&KDOT&(M@j1Vk<6GFAxmB(
zdZgp!n$-dNZszDWk8?ZG(U#t+-QEtG>HNJpm}w~nbdElWO}S&+ZU_hznw}PszLoef
z5tq!ACR1C))_t*fo{`9;qQ1I{v$y91LcBuMpgP!0m0OguM_P@MMlxe`MBqLr&sh=w
z__3APbO%8Zoo{zYIi9Phv)I7IA8aBK`qIe3Okd>(V7=8VaEI7YJ<*7&4)UkJdFnG+
zCglc~(#Wwx!?}tGem};gIwdZY=g9h`^a3X4HFnT)xSL-!#I;mxuiMbnvgKtPk*EJ9
z(Ds>#(SVoVLAx0J)SO9I3Z<we+MY{Rtg?Nf8tO2ctr7et%CXcRH>kuh+_FG>ho|?X
z@Uf0Lh_c1FRqEwCZ!GRZpj+Je;{nSQe4?Oq4l;JlwCm6UyHp0NXZ=w(o)Nw$gZ;4u
z{LAUQEHb6ZNlU)T(6De?<G+R$Hgz)0UHyY$WL>UqS%S7FUh0r9?<f*o-VG&jjaU5`
zxp>d=IGHY@_xB01vHGO1ajUSUi818~rQ0)W>hHmAj8rjQYss*l!{}JE8z~w8^y@c3
zX#A@&;y=$B_ah2)BY%3fx<<HuS(Xfr!<g4BW^G7GPEJ-)7$MbnmQ?+Y_PG#D*BV;7
zPV9UCof#IP#GPv-uIg2XcDbJ$uIFo1yE&9@(Ip^kjxX{_3J+uP)T$il)wD%F8$=Bv
zZww<NUtOmyt!<6_+rKOFMwj2RgQ1z_QdQikHr2$4OHPlOnq|sC0?h>k>}L9-FCccy
z)NU8MAhsdxT>)PR7|0HTUwi^|8AkYa-=V%$%Hl2@z+jWybc)0n+axCM^0Yc45m7-^
zwBZc5ETR50I5?;a2g&D4ep-dwlty~5Z;$bRvjRm*=;Agi$;hzHB<~*+Z_d~6k;Xfr
znk<lxo?l!f&(~Y+I682a7-$4os?PXka-Hg2UlJ3ZbGh7DS2Tt>eZxwCtjMV{SLpG{
zS1Iw2AUPi+kpw1$tMx&9M>Df+>>mBj*ZTuuj;sei3$mcVl6i~sEIby%bSCiR`zvB}
zT#D&aWjtLfH`l#9k!}?9wMbWm(Ywg|eUMhObs-upKD$Kd1QtTrpK$FDl5;@4eEhPb
zB>22gyI%N|XjtSmF_D<iy=DBx2(;UedO)Lc`WJ6UT8a2B7AiA~ZsTi0Xcl8OsZFQN
z)UL}($k;~=8?>hz2Q7dijn$N9APZEdQ93(jEsgb<jK^oQJPW4Il-@#KUcYf@pav?-
zJAwEt-?e^8)#dbE&Y>8l1TiM%g|l|lmu{UZrR5BjOh%kW-Mv&deF1~jxU^jOsN^%1
zTtz6qZ~x;j{4t>Ul@`o(fAEsjSv^t<^VO6mTP3gz?{%@Yp-TDvDXW_*$?D6(KJDhb
zcLqO;Hf*6RcoKRnz^j6dS@BiIxG0NZbJ<Jnrq@6Ds)a^p_2oz++|_8NoJnOPb4EWY
zMNs#3GW5Ciwd~#Nf#o+)y6ogPdW@6}Xx}&BaVP~Yp;e7ZebX#)rh0uZKeG6hE*phL
zl241B_`-uj|EGnAKUU34fBl9-oPS}_<=Xo5=XRsc*)}f#m&%U!y}PFw!KV0H>7qaM
z_ceCe<Dz|LX>ae=;AlKeEF2uJnN3#>Xgj;r&5OBai%jy_7M)d`Kbs33olH|K5o-XO
zlr%#uNC38*H!LcYC07$DT@CmbFp1Oxuww6&I*g36R{Lh4CL_Go$MZ5?VQ;2aNQe^T
zc6nI*tt!Cq#!lE}bWPG=bL%YigJ(=^Nj6VrYZ=65IT!wiD=*&;by^wzVU~N#AMY)=
zkoVbyVgAV9^}g2o7uNNjL)uMte^Gef-Xo`5Hs@C<0E>?vEsPIOE<V*`to7pS$~AHU
zULDCQaN>BC&wyXIUUTFwbb7DCl1Qi`E6i{u-V}7^p{}`9=aC+L9?H9dQ<g)6*KXZq
z$>WC%P!APn#e1wI-w-{cRc5YzeSK~D8h_?jskq#uhSw!%yBlg_=5pY2&3Z`~<}6o{
zsZ=P@od#6Dpb|aM9=|}`W!n^_zUetsRgGAmJ$4sBmY|(Gx7CgYQ~BwGdoVG^4z69Q
zAdh`0N$@LwE12mu+JAaU0;^S|in)OE*(-w(#*rFa!wEz;?OF-uB6ZF~&Dh<uZTOA7
zt<EwtD{>gz_tD^C-T_hwzY`aO(sJ(n$z}!YY^ytp)Y2cqT2c}rC}Pe9U8cg*Z%I~6
zjS-ytX%TTy#fnkNtlz9#`N{<6+r$bBKZvF6D&y>6POs<Bd_CEhOUeP_m*H4zM295X
zur>rP_Y^ZQQr4&xMm&d;G270Covam5(V4wP+>&e4SP{meou>?sV8^*q>j(6frfcZ!
zd^oePh>GFWAo#M_-ytNoIifJXxIF#2>1-b@wf;A=Pa4a|V;l=wF-e?+;Vb5esfijJ
zJsDN$%XmrwlRq#`*<~Iz$@W`tq&HlF<T~6z$Rh>KanaH_775oxOZuPgTvEX5FY8R0
z2+~piu2xuKJ?F@S5RvE%$e9OozA(jI8SsljNK3|eYNT=5<caVFF0)c_cPKRyL43>#
z3JP9&@lE@id>Tv>km~lk2tu10wZo7(-<=cdj-;g1`B;&1NIaO(L+LZ??P^={2D5~K
zXVtEgBACH}%>Gc|h99-5we|g!k8Ztt-{%Ta49@T0or-Gg7U*S1qUe4R>lm^QWx+KW
z!qYu&gG9^;!%4rmq7unbb2kR7mMe>-RN!?Z%omE;U2fjDy?xEfstnr6g4&D3C)fol
zRS*y=S-ImS8REaKONr0eWleNj{UhT;(GlzW)x`v3>}OL;u-(MO2OwQtnU~<y5LVN+
zO0W27pxPvXhyPn*4?$G4-*Z=Oa_q4LI!e28A5cBocG`2dM`J|tT6X?!<i_sG_ai_5
z<U2k-QUAGu$(joBSQVwdgX5@VJ1x~iMloZM5B>epv!87+yG!~Lj$5Msl#e$p!IUcd
zOLsWSW@9rcwKadrj3qFg^U}DoLaesk*6s+B^eC#cJ(t^+PQD+1`^7XL#buSmx)!_v
zvvo??okG#$g+}M3G0umu80KJc1M`1VzecmrtXc<u&BoPu>51G@Ogc_Ria~cwf);E<
z2BMVs{MAK~ce%=#5Hlb?AUi#$$G(?;Tyv6leU^vOuEQHbJD5u6mCTDD9#lCp@NP|V
z0MU7n{PkN_H~QiCn)xf;w!V|N_8(9F5bvn;#WrSEOP1O8hG#N7Gl}BV@Fj+lu54=m
zYyJlw8JW?P!;o^+nqP*f@}87b%ozAc0Caxvw|A&Df_Il&<LxRREnZCM7U%a=)D>;A
zU>f*xev*vz9$LYUnY+13FLk_ZyBr|y_6$5K|IHmpf}chT^cQxsi%5dfD{XQ>!g%Z_
za}jzBTUpKnJ_%CJ<K5k4(s5a=_?2{enoU5~VgRzF3A|b-jOp#f#fj&t&^8ZJllr~L
zsOIhB1ArF~Zd4l^D`HNIS?<=MXe|yEi<_b@O7d#aSOpk2!GV*LE*L1mK|z*BS4T#2
zL6ZT7?{!cDG4y!>(Ln~St4^gF-?gvU+{U_Utlt}eCFP(Kf1}Icv=&u^;@ncHNelmo
z$MLmUq$^+LPiq#qadR+dwSW@3nz5WH9g7_tH&8j-cXf;(?t`pS3iq30Og{a>Uq!zl
zuuy+*-&SO%39gxMiF^%pV74#Epd;>HbCoO93$*;?GE3Q=1yVWGS#c@x43{kjAoP>-
zNs^O8mbbg`0ZfB|oe8ry?0L~=t+i#4ditX*H5PVJgvnN=fc6}K)r9J<&0IR{5U#$R
z!yGW(JvrT+?`V_}hP99L%^QHS`>B$5wkwwJPoI~AG7qh(B@q4CjWR913h%3w7U-Sa
z_WA(}P%l}C?@E_-sFL0e_Z9w*dW(5Br(>rxqVY0*yIrinDY0tS7rY>Nt>Cee^l>9|
z4t<Cd07L%ORCS-{5G<l%I1{}j0AbEl-o@2Y1xh^&*x9Xk3__hN&m;Q?+$$Z6S&ZKe
zaaHZi+0pm%!)X&4DR2Dz?rB0=%PoH-QP|kbw@S3%8^v`3vtWn`!hHd{UfFUu6$>X+
zx>GCOl9Kp@TBmGrcCI0rHZqL;?Wa;C(&0r>9drokT6xVlW3vd+Ly6n2`tid&%yL$F
zS5mu3PRd0=RmLR<7-ORI$f0Fh#jI0hY7<_nBl6X$H|^Yb-RW#z(TXWqcU}<nVR5|E
zl@PQ(psL5nHWuY<JuB9TqcTA3jG%>GKcXDQF9K*?;o$|1%sz}Ba;Dj`yp(w4OoMQY
zgk%;w<T|hX(7`r$`Nu#=6&bw6v+MX&muD&c>0w{=yroyCJ0n)04*n5K=!Hdc;oB6O
zpy}J$U{wme28mQpDrKz(+b@A=ekoPD2`UP&*je=A4S=Lh7W~Sqk?84su;6b_mlM^M
zwTDrCUmPcPCG#!{7f<TT?<=BVH4;vDH+M<Niz?8P?VO|KPzuk)7?fjGjpQ88EYrNo
z@OUWFMo4*vK-ncp2i>A*N~xC4cEB-nX^Et`oeaccq<#C4Idu;v!DZ&U(ba{*cKD=u
ziILSMcwsfpclZ_FyD#zR?x?)fy1hBHm;5#?NX9=%cC>~&7yRq)1COeYfPuj_An*zm
zn_R?D*k4`L8FlY)e@WqBcSZx?oY+;mP<EJ4@48Q0hFxO<OG;MS0NHmoMR_=wm~pb3
zXEQx9Jp=PDdoE2Jnw|L)*f@DmyyvLaw8v)_dd$q^r=!FM@%J7Z^%*<YWL)Je0$vLi
zf?{tNb~2XoKhxYSeEKnteA(hw)m}vZu$3bNcYx!z-YQ52ap4vUz$e&m4;D7QG*Oeu
zY{ff0aRo$9Jr6O8k`E_Zilh6cE40(B?2yOAe@Op|1$C_xVC6g!4HaV1db=icFZ<R<
zKw%ot7u||i;TW82GV!V)w>Vrc6@N(Iub1A+XVDZB=#do{6A*GfkJ>G3@2*~*mz0?N
zGhwzK&oksL;`?DZ=EKOqNE+uJ1!crJm)X)2A3w39F=TZf`QecNp65y8j>o)}7oR=-
zus6hNeBwi-)j;`n5^e_c<SRWl6kG=>ANfuE3}F6wHnzy^B@dmm={_6bPi?8$^Y^;h
z^AcEM`4mRHr(E&!$&=fziBs3U-oa79>JVW@@R2c01g8TT#9*+b0tkZTK+P@=_;N%v
zfPvicn~oj{`_CYElW+u2!WX^YRBYChu}g3<4$ZW7r*QAqQG))u-sFOz52l0U124{(
zhCHQXXi$aP4kP1P-+$>Dpxh!$mb;j%U_Z~7i1$APHEE={W?E@d(g&Y$8uY{N^{EjF
zHIcNOiB5!v{`MBrK0lxPxz$B_c=&TLXBs2^t?S$;y%MHt#x%Z!CnSE6V`XM#6~0-X
zQc8i>TaSq@`JQ5v@NJ@8!{k`ftTG#HU>6x!t|h!P4Q?y|&atyj#!*r{@FVy*M`5&o
z846AWnR!_KRD{{!R`qa9bbSN5S)xB<8pOt4{ZPM+WAs_ct=smfk)CV!>Bybh#lal4
z1G=&4?#G0|`X(lw_Kw-gLZQV4TX_>41kQfSa&0ZA^fW}l%BjMnL|vNzsMu5>&W?}c
z6e;*Zi;IgXF9C(^Av5m783Pkedi0fgD>;O#+jdP`C7@<oa=A3dc0EZLlWt{qaGb)V
zBiY)@m?pFl%tra*%XP@^*_kuX?)v1~Q<0LF6Txf2KdCyLh?(^hZD4K>)W|60Qo%?>
z31QX*vz74A_y)IXa1?KVY;o~O##qklXrd%~e29SeddYQU0JXXI)bn3k9~b$$AwUJN
zdyR<G-UgAjJH<rwRgSD9fwCKc1@8T-*Nz`YFH^!B4)-G4!fqJ%m;H%hN?W%B->|71
z!rmhIrd;=Q#@?v%_UpCr<KcvS@E8UOOvAo@Y4l~J(ZZ2$jEgz#1J*KfS#K2$Dq7`K
zHyv7jR*CTpd+IdYB$ChjkFK1!_}P{N{AQ?ZQoq1w%9aM76z4p#8#gLhsXJ=OWsfj#
zB>v~pX0wsrdr(0o>dmU4*s3dK9V#3A%VA^^_gyd1>s)N-q-P5SY7_%zN98CwrkTt{
zpDrYM;=X8=uiH^7vzbz80eYFCmQ{!SjU+<-&5L32me<^LS)AIvYa{1)J=x>`llq4C
zs{LbLIzGm%0SutA$#QoW?=G=N@c^@+xSO+sLL&;*`UU8H&UNUi>*2K;#Cox)>JnJs
zzsvSsSn<vB*|aDnAukuA;&+#R`2c2g0(Dv*HC22(_)J3#vyPG1Vf(ooCQd)pvWO_)
zGvH3)IvZRZ2{FR*{Z%(;HN%56lT#ht^V2Z!iDI%o{f&+mmXeYZT!7Qn)ud`P!R0@f
z<10YIaU`e*35qS}Gz_)q{=oizBxGYiLv~zi0Gh~ULqJQ5<kC%n8{M6iCYY{jWLt5L
zt<E;Pv=r#c6XN3HTFmCOSITiah?eCyW2x!;MMX`upPrs3Nl}r+7sre(QM$R#<ba-p
zwOsDAQ8hL7#M~|WEw>RYHpVq|KY_K}BOmilulTbiN3aJ$1u{-WE|)<u0=GGVL7PY^
z`?Hxjr!9_0;r5nIHOZEVVPVDR%_8PRDrtP5fjy88ZX;xr&fRgeJ<iLYu*sx}goLmQ
zvw)pp-gSoV%hl@C6>6YKBQk)+0iI%OaoH(B{I*ie_^B$1gI!TNr2(gI3|;GL1F;U<
z>%ls>@U|t)PXUU-lB`&~!-2BG%ik8NoUW6ub=WhSpK|BlgQtyQ=X(;HrJ7h*0m2?8
zx@KR#_G{Iq*^3<UM>fHfAJ<zS#MqVyMljYzgBw>bI+Y^M>oKy1e{gEd<Z3e&m=^5S
z>-E9pMhXSWPfyRM*y7^j8$>NdSci@C@;OF*uD010g#cnewt{wWs&^}9cwLoH&Dpaz
z*NZh3snej%W}3Tpmk)v_KOz*ZsPWT;hLRIPTzArL>%3O=NKRKYNlrB*o4T{Aole(=
zHsqoO?OtW8kP}H_pE2=^r)5(2G*rbksUR5+TTj4|H*{kJ-4*!E6=#_LHW2<ZiF)(F
z%r9M~niWX*0LKycijJ_-Au5k6>Qo*d@Y%tXSSRm0#jHfkgtvQ6dO<T<pdqcx?|3=+
zcLjxoeP^k)9I>VkYb_q@c1o3F==tW}NuSWYMwZ7eW?MGfxs}CqxrL(rGq(n!BbMar
z`do!Q^=53;vdtlb*fMO$5jnrx#h}GJnl;K@u#GXyo|#AM>+p?wN@mcbO<<_wFb~1o
z8<0c@BDbj=4-F2ceOh@P10zZ9+EGza&9AUT^k6yfI@+JT^sUMj3!K9Hn<3<uOqqSo
zZKjZ&w}+o2-iXt%DxAKCqXTYTy`@%#cwI&*mz0f~0i{bGpU6{V8=)Kb?z*bNCWlID
zF4rpgjN5wV&LKf$ZzzVq7S)|eT^4QRJJ^NM%~8{7`^3hoDCa~$ffFgYHLR%c>PDT5
zsyc9YS3=UVk#r*2V7Mj{_Q5P+-Tf9*fCb3q69G#yOX!nniI36oJybr@2hhtb{uMd1
z3~mouv0|iJnYlk9(I-93GdRpo7^q0n{aQ8vQkN7$Q3<lK=^x!u&iqDc&SgFTr9u!t
z13p!&Q|bGQ=Wy{<(F54D7YXO7%u1&U)bcvt&YHm8&i=72Njm+f-u17cZmGglw4kto
zp%B1_kQsP6<b3bnUPAPeF^2!lpa1sn>yTU>Gx$7V88x1~&T^qs2>;z8Si<SfW2DL}
z>NvS{;3)v<`50GZXnzLk$DlrjQcpoI=e@kGd91BsofJjVUP(<VXiB-gO`YwO==|c?
z+vT6O(nD#a$&%SU2a9HvbTl+KPBPN2$Y<7FY6U(NTCel<y;J~9RL8OZq;73s$i+a*
zOp=?v*!c+#i^V9rWbtal*7O@$nzOZ851tLn+>>5q%*m*?GP=~u_wxyf)LGp<Pe(kv
z&CsQ=OUK1__bw-qv9-t1q^lsKG5yUG>?koNgRg^hx3(U4-^WglLzMVtH6U*&_})d|
z@BSO4oR`PAwWD=x<HVD4@)cucSIsG_hCsb3euD~+xoEM3-W~Ms<eL`#l`*jGmjY)%
z69`54N0x7Q`P?RLlK`uG&ehG0C1>N5)pS2Kx=Kfb<(%jPn6W~p3fH~5qdCPN3(o=6
z4aOMCS@fFU3?x@gTIQ+GUIHb2I!5rf1N4<)pq?OiX{%STNMXadA87yCTQs0mXjg2`
zl=!`Kk<VXqp%P^aC>82OH}bGix5qFkBc5g`jcdxVD5RxDoy=yjIcbSjKJ+hRG*!~^
zqlqlLr5d%A+<U#dH{9IPC^lOxx}z2+V|Eud!tTc{PnQR-M%q~oJifz^jc>lHT1$}q
z#6BY{;_czWGtA_;Cc_qMe%Ook8Bp7>0Ws1@iciKdXY%a`8t0MiHBBCsj?LJ$o<lAw
zDk@+QtFG=~Y@h^rIciT8J>r@1qnUh#E3kEm?EG7~cH6YK>2H(L*BCCjHtrPjr{{^K
z+E1tAI=bKJr&wC&e^M0_nBiubzR*Fu!lU$pAKF>aPpJR1<{uj$&uBLCR;J$ao2S4U
zxskk1&!dh3mEw_Dz^d#=)qBbeC)NJv&oIY!e`3UNh1tFtiaHG%)id;mvbk3EhbLK`
z@z#h=4gC7`D1RuaFxsJl!-jxqDAE;TIVbNYX}YSQ1CcRaCGiow!I^Tyr{}lStp$>E
zmp0l)96Uh@Die=3HdlO{`mHq;8PHGUaS!KQiyc&P2&d$41SEI{CxNuv!(y7Fo4cr6
z5|$<>uy$?QpBxA0bM4DAFgd^W-y`&iv6y5NfcgmK2oSRr^?^C}oDo4HoO8R~JmNnH
zOe!R5izM&G<;YBQN+6Nd0lu0ow)t7#J7#U|?!Sp`&XeJtiTmYzw)Vb_vRbcWqpYU1
z!6+pu-@;tO^ueFXX;0*=WI`3g?b7O4id}}B=)|z4rp7S<rD}=`H$d_J+{bh=SV55j
z)U9Z<wqP`9a$8VPlos=X8Orup(`{2eKKhyJvZR6Lh=W{yMSC}I<aeMrztxN+o2&w5
z^43lGGlAJ*F?y|ltm^EryN@aM&>=`v!cN28OG~h}$c+6nKt-sOk>O+Dyrt=yptbu|
z{YFn(h)D<MJ*yuhPrZ)I48sizrT*LWm{gEja0Vk81AOl$R7zOD;%_Q_wbbYJeop?)
zw@c@qeWU2wq1oxu7rAsNJK%&oT%NuP3*sG(o+};dwUXN!8g;CjFOFU28gQKRKO>78
zG-U3*$9fL&U{h%c{!XvnQ8Qi{7q_*L$ToJX{sS@?n1C)bU5(Its;fn^(VcvW8GT|@
z_9N!@Q33xHoA7&sW0{1;LLCX{t_PAUZ2JZ6lt7e^L~??USG06<6N|%X$^q^I-6uiQ
zC_<>g%St|a4<Utza;(FDRA=K_S_(1L{z*Mj2Nn-utO7`YOBu@m_+JB12}cfQNk<rC
z)&!u4PaVUbo5UQEpL6$G`Qi>YVm()ia-u&!+VH+p-&3nBx2U+-N*L>-YOrptYbO8o
zS#6D3jOmT5YJj-?1U|o@+kv+YdNeKqy$)Sv6N*5hdx9{)NT1sgzdqau-^ssaoaI5v
zFTnQg-1~OyM#f{{E}AzNlOIO<5LDjuh)b$oqP!N*b8s*xG=o(JO^91O`p1+N+=mzW
z!DDl7i}QswOpu&5+GDu&+VTEx$d~JIwdVH5(fhtW?P2NFwY3NV_0g(JY|npWpV8Pb
zr@*!Qnd1B85GtQrA<tXxhk+n^F!Nro(%}mQ$^%~nPA`KYpp?#|1F?ot0|+EXPGorO
z>_^e~4}jL?+A-#4Et7Jb^TBOUjU&+wjow0(Rj2j_VO1(n!U|h#G4Nv!r<IDaf)-^7
zRpshybiK=9ofpu61*{3f@B$>xr+J*93FkN+u_diHLv<uI_rFBocBrGDf(U1@ZqR%J
z+Z~@?#4xO}owufsNnwEU4!P_WnSp&o@lL*S&mi}w@utmHiIb`fW@q0ng2r$HRZjPw
zX;5&#C|>*14y{(&C$q7?&^-1{v|lX<cE-14k})5dB&jt8fUc(Qo5OBFhv&eK`7)E9
zX~5jPj*+n&^~tY`fB>)+_bU;2TOqk1FwrqqVk0&!h3o1JVY59$$?coZQX8KdBs(VL
z;KU3dsG^hEs0?{;$4-zc6mKx@@3(K&Q@I`TO|@^x0UjJs6b*AATbj}}Eml`^IzgPu
ztX^5gan*e6C!T=Ff{&|vDkRZ8kl(9Msv#!jksg&1fh)`PH3VPg_UW#zL9nZ;U}s9M
zdGAGYk2b$Xcm3a<UVtRovB+=!$F|gZ>we`3QMJix+5)A}^kb<%JX#I*aX-3DfCAXR
zTFH-o)eCI<A3u-EEK`Tyf2eh~6b+mzue|J0N?Z~;OGJaTI6vRNjc!_>-A}Shm2(DN
zeLX?V9H&Skg{HB}h(%W3c#MfwG=|4+!w%c4a<ypk?$t}^Z&Q#yoQXnS2i_q>_V+qZ
z)ylw^#l!0c5<dVU2CIwMysY$8@aH~|aDOs`StV1N)y#ctUF4fg*L%YbG$)(BJwfa8
zGfXz*@V!M~q>gRnV3)#^JTE}gEKORRh{a)|vp;!1@|2*#;+wpdw|Hk-6Se=mSVv^x
zEd=JVt+`_$_Xgxz6q(UFpsT~$@QZ$DqAG-=Y=dPfnMH{V&i&4TFQvB#ZpN9Dw&&)t
zZs>8J`sz3t_4+s){f)7-M%YnT>&;wzlCyBKZvuUkR9<HHS|^}EkgUNla)iU4qeNzb
zw_P@IUj`zHceXAY%!G)qo=|cC=y}qk|KMtYHOD>&(s1%zzVCZ#^k_=L+HJ@1(fK_w
z09}R3s;9D>7PyV@(XrF$s#oc;@VOpvQBfmt*&awC>7C0PkjJVm{tUob?|6>?n<|nK
zkPY0yZKZ>o^Sv6=J=Z4Z>l%(Q+xJO~sVd6^z<d6^-Gu-J86fX>ekQFbGlpj=Q58O3
zD#pj4QRzN`0t|Nl(TLDdN*>k-4WWx(#-=e2WkA|U0b8av9XQD+|BqJ!U(AfPUijg}
z5x-P#%VsK505af?^DV&7{y;_jZz%r5pUq7V9j(!pd23Z;%HZ(Bhl%s{f}nr)w2Wzl
z&Qq8kFPf`wkFKNjMSsH}5Lh&MWC38cDTIny{CO5|wYE&RdH@mb>>kCh82HwUH&=)Z
z;NOhuXVZwubtixo3JlHv^{M|jO!?>KKU~#+G-jhm|5mp8S405lcE=;e|GLtD95xlm
zn=bqBZ8|dhs@<Ine)ynwD5tGCwCm}2`^TaUs`hj7;q-o#B2(bqyV4JRo=U)B!%HOd
zJ0Kmt{|21^;?CCR_JPeOP6YDY^RYbPX>&sZ<^1;zd-$|CIRK^l|MhADAFKXv=Xb>X
zX9sw=mVa;S@$5-HD3$30O;>8?Gl;=K=QbAbG*j9S0E79zo9Z~1&7uV}kwRDal4o|B
zx8h;uZ>)cGtp9%Pdi>|Ae{|3PenQ+&zx;oHqA>dZ<yR+oh`9f|_0j=o&Hr+z|G)d~
bU!VA4>c61zB9HsWzC{@cMe#~e!+`$-e1N6H

literal 0
HcmV?d00001

diff --git a/docs/images/otel-jaeger-demo.png b/docs/images/otel-jaeger-demo.png
new file mode 100644
index 0000000000000000000000000000000000000000..006b23c34de68375ed40377e14707493112ef2f4
GIT binary patch
literal 120283
zcmeFY_dDBd{|Bs7b!n*;>*_#JtM<%QilX-3RkcFw*rbDM)u@@;MeRKjJ83COY+^;E
z_KcVbVm#^n{a)Yue(pcu`RVx_ha>r%M<O}TyyxrndVkc@QNM8&aFvFJ=7z?zrv@}M
z*A!@I&ih@tOkMfwjUyBF;hc|wx-v~gKgTNd=AzRR?I$!e)p6I3?JiO8={%pA`_RyE
zM*jIb7q__WKtpquukrMWQGm?`?wXYm<n(OY|MttYD7v&+p31uubNLS>6D>ZO><*`$
z8u*N0+$}7d5EbUdmP;0=@W(>vu&J~$P=({_`_$Qi;VNwh;|C(ee<i<-_`>pl0PXKR
z=lGuO%bRnwA&SAzcNN>MP|Llt`1!zrWh-ye#-we;>y)f4_h$E*mPP`A`t|<vYA~|`
zSzq|i73%Z9zu(=u{$Fc<y|^9lXaE0s-Kx5x@ZayfVs<g>+<(4^`uyUf^8^32M01|`
zjnjXxo%{4%{J+*-zgGRt_Frp%f4}$tf4%<?PES}in6y!8!hTLbQ4!~dYYFthO6nQa
zEIp+kdhV*ZmSetdYmj|;>;Vn1XSk%=3y}CiJB`b_?1a9<j4>b9xa5U9_$lYwv#{B`
zaTF?|dsqp*YcrB2afiUdE%{M@Sq)>{tRWBCoY3Kv_cJhhcWXV4MQ@Xiprt)LR*r>(
zN8IzBHpiD*&BwTJ*a?j`LcRcOvDyS|y=i2u7>EsY(r2n};yPMBzt}KwWF1fZ5n=6K
z!i?CZv8uLtSi2C|<hAAIFva_RHM4wvbW%#;q1+gI^Q%HNSZI;|IVK!$@X>SCPV4QF
z{l#9JtM$AW`ViyuzGOGoV~Jy-{OC`{G|@Xfbok(ZjL*|6uZ?P*MN`8G@Ib=^hMDxj
zZe4}4nR-8?X%+E05Rq>ECX*l^By&kY@~Ic6oM712e440zP6~iHz`x<vGvyJC*J9}%
z3<uuO4;e>vQnE@^Eo+ioany*Bq@%gRXEHJAsauv?>aK~ns)ZTPz7w1M-Y>eO&F<fR
za_f%^vSjYXT$3!Y^@ur82X#b5)+R_mH#kA~Gp|0Y_(zmO_K-y6wzW1FSK(&6)5E*%
zO}A-i4pyrC+@Hgzh6mH9iV+w!o&<!}$4j+dpXVwn9pL}xuX;@Xa&ng9M?5;vXHaXO
zi8Nv0YPJprhf{a9P!_9X8dJ_}{>f}(5n&E}DBy!ujsYkr`ygz-2w-Svj6g0LniH?!
z7!}UkD?KJ^tG1ORj-}-Xeo>B6=l?lIBNtePVlc_HG=?TQ%f0g4<p0~OdK8?2t|wY+
zBj3|5{#G})kd)G~XDHJc$@>I9%VBlR-FrN)P{E#U=A@n4b80<93bMp0V$(!BbjM-h
z!Ti%{kLXXs`W}<fjaG{pJ)^Ti>w9a_Y?{w%-9-kqM@~=DE=yJOo(P!op9NS!GmzC=
zb%&P#{F_-63D3W!A?{<(;JD0pxBy~mBx0o&Dl|TQX?@x#B6etk=d5%{j3?v!$uCe$
z6QqTM1zWA<2Z*cXJ^wwz%tVm>f6eY%VYMoZUo)f@1;7?wSM3UVgXr7KT;G{H6lY@d
zzqCP`2vmY(9aqn=4gONnci3*F{pVa*qy-c%7%NAs5vPhzF0tGUI{){ZueUH2m}mMZ
z&Vokn&@%H-D?vVw(cXG#fv&Wj!ad1>20Ho3;$7~7^>z`ZF-u)~gOG2LRkhs##M!=P
zm){Mrq=QA;G|8WmsYzw2BP;?u<7rQsI{dg^3yxjO_g8L43SZw-gM9M4BA+)bQ*CK^
zO?fpws=1;hGE+N*_>WC|?}+&mlp6vrN*ZJr+K!pQrahN}(a8Zn)3#uBi)qI{L9i;H
z==aE-*cmpwmVVBd_Dl&zIW+6ow)LzCovxczepbI$B}x5%QOW7KeMEC`#A@u9XQeSc
z5B${=n5nn8g4kZQf6n2xK-|ARuVM7V(BSQp@{b|wb&`wW7*gb;@*tN4hI0O9(fvTL
zCf+l|Bc>}Vqo+BmswGBz$R_3V;+^X>e|H<yuU{zT#}(ha=pdM%bQbmse!UgT-vjzT
z3;eqFuk;}-2bbR;)GN*O7?Q?Yl-HnfI~7?XGJQ?fqbefnM8y-YrhT<FAG|2MzQC<!
ziGSObfttjU9`GC{w$+MEGnTI0Dvi;6U~CIbaDeCMaOVAVyZFy0ijJ-*%->5YlN|zM
z?wvjMgUp`uFeHWXRD8*yBgg55kdG-H{9y-Iw7*naeZ;3!pLaGXVTe*V<7}dwYNR1v
z=8+sM$+i5mt<0W{wtMpyke^41pL!+Z<fkjkmmXL`tGbOHcR+nmk{3??AhwNi;{IWi
zQ{H%Y{DENYPX+4~2Hu~tt?wtH_6%3)pTQo4PPVIZqn4`nO@SI&%X@&lF&QL^Q4`-_
zHIfC$X@;5xWH<cCH@{p{2XdSBsr!&s2p+RdO8%xgpk!6WF+JfCuBO<mSDH{8EvtXt
zUKZEln8O<f35yeIB4b*YYU%>u2!{ZcuwI;`u0Kl)aQ$&WmO)FOPL}3y-CKvot!=Ch
z8x*ZQ{2YdoCBy4=9?tSFFQ+0tdh+#rH33Ih_MHc2^B*=ZCo^hVNe%>ta!NgeaslR1
zqB^gjI4BH*=*8FIKsgdoc%>A(=FjQ*;IX5rz~-|CUJ*asX7JpJ-%MhLM`9hQdi|jN
zlub=h-cn0?)3jf9y}x5?LU*~QE^yl@X2mJyTrVNM-kvru&OixHCbk~N)mxW^rGbg_
zkD)+aPDE?}F<W9Zc=1*TQ%mg0OHxOxZr@<8q=rpDi=h}c(9opDMCeP2emiBY^O$ll
zEFCN0wlU|VhVro7t%y8yMWX!Spilm2TQBdp26lUFmnrFR%^nK#yADHG-M`9ZZ=>ey
zlD02n%W7ZbqBG!Azf@=et>s@2`oT&rtQZ-d?A%%13;l&BiY<MTwl~o2&m2SwxswE~
zkmF25YWRM%@#`QKY=i{`_nF}rD{DDW9+%KRQrdf}H!UnqZL<Uu;BKkw7G02RFR!Vk
zq{Wj$g2BrlZW}o__2FfR`y|RWqW^6o`JaOAwLrvoalPN+2%!KgFKY_ur{OiYuVDg-
ziK7%fj1<zaXnK*LwzpZv9yy?={C=O$BXg?Kctm}rbJO3|D1I4O22M|LJvF2kM6PoJ
z;D0st(sqX?QwSh!cCJcx+PLvL@|cTHP5Yb9x>sPG0Mn5y)?9XZR-%U&NQ@}*d^--9
zuVgp&O*_Rz5vcodCOmRD#dT*PW-Qz~AiHqyn{7#M&|Uk?A^KJ(^5BC$+xTzbo9B}E
zUM)Mkz|`jhHM37Ajc~Zoa9&h>^$Xcw)9K&B$&Svwzh$&3z3u1x#9xR{n#D#h?#=Ky
zI_tmP4K^AJ153g3m%G+CvGRcI_JHi*Pe3zn2F2&lV1>@Kng;`8;%B~^n1IiveLh{T
z$Pq6BYfPrhbAl^t-)A%2<6kazdTmV)=xMh;c`cmn{kU2Rz8b9O#c7?FSMlS)?i_={
zg{WQY6zEv1iz|H8D^T+3jrGa~J=Zo7Q1Pw@ZSkVeJBitj@x9rpO8D8f*}BJ8VTLsk
zG)k0%HCTTL1~rmWfqR~xPgk$wf`c<Q5o6>1*b|7wUQ1{*(5~ZjIP$92=i2cJB+xf<
zip-TGHqaak+{nH=+Zvd*rDqFA?b>Nm>h3(ri;hWCkkBD3omDW9Ep*-8<951kin#fn
z;pD1q=_=XnD{p$Oo$v*px%Wd`VlcXuSV}`M&_1}f!{yz4<}rBrhW~_()70C=PQ+vL
z)v@f|)X?g{4rT4Im*HZz(F5Y4a8j}y(NCHGQ_R3v=!eeU08=_k5{o;9gVM=inhcpX
zePYj&oobI~qZjO7Avb4#S+hG$BYKo{UYAZmS*klvrJW$j5n|BgxK<VY`lkPNlQcZO
zQ|8<C*)@hPPf8vWzAvoVI>ChJ@U*q(Bq(pm5}fY-?hdyL9R2W5$+7AbO`!lQsM|po
zj*#y{QC(j|I+w*z{-68~cT{C^LS3UF`0`99;B;SD1e!dBuu2g%*)P4{tvO9CPPDzi
znO(&lXt<K)tQ>lqVp7F%U3#n$6+GP)R%^7ivtirWa^{;=-M8Uvi|B=v&o>SHuIp=T
zt?W$NIdR&YF6uL}#5EO%UMM9nktmbI|I6UXOmCdN`wAHEa<7&*JCzACgn4ycr;Gkm
zASJY3kNNWCYka8W68FqSMS4NI&RaMoJNU5R%5ON^H0v-Hdn<nXGz(=Jnk7(B3D_G<
z)FpXWWTov_oXP=<!~Y()6ABIcll;=F?9%pq<8qVD&?=pv7`EdE(~}q1qV`Vnc%e(d
zuNMP$6k-AwtOuS<SJ5)z^PQ7xGPG+U9%r}HT6!tpJ&)AH2Oob87q$M7d%9KE+4L%_
zUK`r@Gb+5XGZ;|&y%9CXt2^!->GQ5Wj=kVvDL8TKqZGv~RbqEtH|Ygjd-k2XiBrGj
z4X7*bm&khB-Z#nqb+Hc6ipNQkfsY;~<)dZ*Bv*~JQBZURd28{mqFut#^^B5mhOvl(
zJ*GroVr?e^E0tUd_J|#P4HOz(Vvy$VL=cN_1F9#|xl<43!U>Ag?(f5;gBr^<u|<c_
zCKZ2F(n2VWAfLHUR)E>33;}hyt0OB1I;sLiOJU7cjF(B6qRE+<*5|2?0l^2jCVvE(
zSov4RT03GySS$TZ%x3!n-yxTuIOTLda+DJ2p_DGU8T=~8!0P<2P4U<2PXjuv=m=So
zb=A=Nq3g9ErJ-@w3oIwwulZK9r<RFz7d?Q9llc3-^Ml2jdx6Lx`S+hjIWHVpN>6}o
z(icL36B&a`x-1sp=7s|^NyJpX-)5DGA|#UOG0Ab-<7`HoYr@h#C2+evnvoP*a=_PO
zPM(}>A8(bM<1Xd_qPQ0}rVV5YHilI))6ED8tf8=jWA4^7H<$J3F!9dcHX`XvC<O|p
z_@ooz_ImD20$U0$&`vqb`*3?r(HkKZY;BD9RkoBaubnbj#vg6rUZAp1!u}~i^op(j
z)%=%Boi_?<I@vPVUFrjmKNQ@Rs8W#_NgMXy9-T--OZp_YKSA+|MG?L8<Rl)e6q-++
zLD~0HwIBlNzts0n6KFBWhKxym@h!U+oA|%<?!)7V1;XR1MF^dhtyq!dFTbt8qAj{2
z5Honw*4L0@-%#0+#n-tpXeR^uK8v%2qlRK%hpZ`5C*M{2TlArO`h*Nc?A?aj1u2<L
zf}2Z@i1BXO7VC7Wa-WKOZXcmy`aZ!yB~gCL9|uTdAIKc^1!|zZ+ztTtM`&dJvHgc2
zUH^@uIifA^lFKaZ0D?DqU}w)4ZY5>o!?EKyTi&!9i|;HMVsZpN;J353<3TBl0h$+}
zl5(9R!4jo6(+f#(-k5<qOsOSz)*)AI+s!T`Z3^Rn*vc(0;(GgR|Lm_l$$81&bpC}>
zepa#3ht1GD25C9dx3$*{m%D7oEXiHJ>^%yEM{y@kGLZq%4#GobOVjVK)JTK8@saRf
z+wkcbpz$sRU+!`<l$|`?6|^qwQR>e*HXOM*82<MBi}<vv<ItE#3EU8ZYvML1&LKp-
zod3*oS1wL?>@?DfVLt!&(a9rfyIc;gtjFLYJ_U)b-#*(WyQZk4R{p2)F#L?%U5MN7
ze_dme>{A=!o0|JmngUZSGGTUCB2Mtg$3S3`w`qib)~ppR5b~;#t)-Eh&UWr(g}57Y
zw#R0S64<~@aJ1m%Q<4<C$f+)lbFeF0*uU1AP~dVFrhNhTp4fu#$1Va+4%PF3xNo0Z
zIp*u2$Du+<V9hV7c6fH~z56lXH27P3*PI3}#nH)t&9?-{37OD_>BC5o#!jh#57jq>
z0f7Cm>%#{Xu)38-u8y!u1!U|HZ6@|<@jEy{qU%wlzuWjyB@PU{(INb)0)I#=={gk_
zllr@%-`m_z$-FRMhslG`MtMG7<HCh#EV#<voP@C}PxGwol!-0Zc0~ERRmxZbS;P7V
z$NJcle;0`4a#@s-xrH2iUv9}rc?WXF+2>W+q`_Y`9X&N0QBAVD4r|q6Y*MPoCp7~U
zVyqQp?4qmPB|6Q<zEOxRmFt)2cROy)2$<AQkM<#BcVukaMxB-@X-q`B4Wd_e*Rf5#
z;qpy_8`{BZx3yI)%fc<Xu*bE#j+pH$Mbh0c)Sr(z+^6*y&tE~bgg%c(@W_WXB#;+3
zq7Q4vzKC$a#G7|)v#en(1M{!%%~vEKy115G>(MDW8qmH>pz1cyUSiA$Ij@13f_8F5
zoy|=XX<xrwSXvU`<LmMR+w^B%`!d2y_3H2RYZ&pfC+GkEdhP1fVF#FX!5XF%TY(-)
z6?gJIKJdy^3bk+=$b!4K${3fLXv1v78rMdP?bj(gPf-_=4OJ`nLR5b@GW@l*;h{=T
zVs;)@VJuL{&&h0y;&L9CDoWK=D3=w+e7=mVF&_!DtOHd3X(Oh~^>u!{6@{F(Go~q&
zz$}`SHhzYcr%_t6$VRtIIBte8*Ptr-xHs~P^wtZ`^VNBDT#pF>HSRt+{*`-|mv8fY
zwOHI*`z3mT9{4+4I2bLt_nQIW{Zfebe$3+c?nXvUb4isvE6Uw6*phH&ML_*IM(J7g
zbkU9&sCDh>EtiP$N0XG8W%r!Uo4bGck1O0@TLDafzP-`a8J`G#d57y2&gi>B@_~YO
z)~3aqitw*dIV(S$bmP2yUNnFCs@enGl*$^v8;=1;G1!tH)1*<$@UUgQbG`H4%N3P$
z3XB1MBB34aQNcai5>s}7<_AOc=YGHHlNjsrDdRV6s16BPja<xoenkOR)IhMGo*&sK
z1AhukJG@J(^>5^j$#}5b7xJa8wq^snUF8m-%+&%2O^RaUBj~J=*2K(qu)cfP*2`sT
zcaoGUYSY@)ba6R~ZGNGke56-npwTEKdMJGH)2HxX3j2l!Li2m5k!VQm{6y!3`zGZH
zh;7z$J{|%P-||{k5<hC#Rnc{ss^S7|I6iYQnaGfEQHw9h$x@z_YE;X<A$8PiH<Abh
z_7a*Y)g5&C&?Y^`Q>g(5in-O-{t>^Kg}`1|@T<I~WB5u#&BTC_ojt6kds4=@9=KQ0
zzQd9?REa7Z!cCK#DaePLv@}Z_5JpE4cMcDdN}FKN5*=)<H>)#W%7Lw2mey4}s~xVo
z7$Rj%;0_#5dpy0LfKVK7Kim(o5Lpmd>;smNwfZ%Bw{+U~77l1Jd^Ia9B7BF|C;OGc
zOq=bOSIg;n1uA|a-!_XvyeP~|A-coIPF=1`PW^HGE@c+HjT&iVcHv7{-YD!Q3%S+(
z+kuy%M8`C5L+p>f(8kFD=iZmFFyxsKI6z^nJ*Y4@WjUAf{gh6j8H<;MmD5T(^oVvy
zd(|39mo@@{#m+qIFY(ZvX>IX45R~yb#a>ow*)1_9a+G@Q&Nym=Y+6oDms`KPxS>WV
z)p#nh_PT@$K<gcbhlj633HJ7|o%%2Qx^20_teR@qdHF`q?Cbb9VYDUhcdT@iF27mU
zeEq!^6)3aCwp%olP5wF+Ecf2U+Z0~><-+%+9}}Bo5nq`PYz0b*_+dP4-NU69HWehH
z;DTpYdJ3j*h5(4JQ}St;!h@ayRl&Gqj$0BJ*z19FtU>WpaZp>L{ADF?LrJFtT>r`1
z;yI$h?j1l>pdPU|)F=~oQG937Ewd1K6LOO$;O657`sV?Ljf29*yR_8Aqr<k~o+e7<
ziHUwRJG8`~oc*V2;#%h~N*KVcGlf1M61Ao~$230ZP4|RXz2b+_fN=nBA9CqZ7Fv7q
zUF*dxoF_}q6>%iRHHH{wJ}%2vD!Jyj{K9M7cw6Agn`MT;X(gny8+UNfjM7qwoCe{n
zZaU3d?<Ks?3Y@O^)E~9^`PV+{!<{gBkIP4nGfK)nR?6!6fcXYG^Cm*!FWUXnTy+fc
zy(A&NS>Ur6;AqWP8<`)zwpJKT7_sFVmMHZ6M$tnQuY_!eHRpNYF&}0OGj-rZETU_n
z;|p=xt~{tm@_|J!rL3x2%lyubBW7-fI#x8kH%BF-#5nl+mF8=;!L`xs-YDw|)J^}>
zc;yT+5B!eZ47G4W;~rb$A_oLH1e5QuKJrwi(}j!`F^zru5z2j3W%KayP4Oj^x&CpZ
z4ajOC(&uJ0c<RfK`OG6Uj$S;ff~5spFA7{=f^iMEddQUpv{6B2Xq@3P!#H35i;zfn
z38V@s@MTNC$vkAb|Cuh{)uSY@nGVXr(o<fwI0*^d*8M$6K+b#~mssz1=Q*wt`#%8k
z;N+<^qLs@jnx%|h@el62TgN4MlnS08q8dn)bKhg4qpxQw1P+hgym7-g1|aE1i+T6%
z9k`wfr+xLt);h%zn#^k*5w0|E2*-!JJ!o`oW?+}^YCf#Q9oK|Fpky{_Z2}jQON>iX
z%Dq>4U{)`i2`_ioD^XJdLfJB2ZKQWE4Exd~nQqVa@gKCPQ!|CBYB`_gy1_c2;a7)q
zn>Y`*kx2~e4bCBaTGfLPL2154NsckvGf#yT{s{bTS;3v)!I3+;DHl!)%-aQpIh=xR
zc`h@2>r{+v4v(s-TmMYa&8{Q~L5J}~uhU1^0#sT4CCps!JKTUA_g>wSdI$I3Mvl1%
zGdJsF%;t-%3S^|D1MF}Kz~gAi$g@_E6WUt(BDr~yvCn@kT{I?RNp)iK&X9KEnUbm(
z6+9Sg4uT}x=e8MtQ&SS}m;G#~uvEF57%l4{Tca}oB!;}0L0o4tjj7Zqn`<@)r^jd>
zG#xl}ZB|KDdX=?dwL@Pj3YFTeiTf0ih~6y$S75*A983u8iwu5Jb=+Q-lkNQlW$ijS
zFAaTvUb-nCEb8NF3I9MEaEKiVD!JOY&achSyWv(6YN#7iHx<z);k#ql5uT}i7X-y-
z_Rn^WUguP_gKP0G?@IRDIbjif&0_t(w&Ubb*-YsD>U2YFb5t`~Sfs80eI49l;f|kF
zd!P;V?UGbqxHcj=yt<xLc8HduV!Z-?s(jhV!MskzCF_aF(PJ_|b{b?Ub>`U%3glbM
zfoWZ7VtWfH9vBgEts9vD<uQj^O#4k4tHxNjB<EP`95!*SO(VWV47?DA=4EtE@U#2N
znzF(dLQX|sJ-F5u%g!5j`zY(gk@vC@R~T)rbNVj5%SZ?SzQ6Wy_1l|RwCkGs)Iwib
zpN>JU%EaXLB~oMeCwkN9Bwak@s(d=oAb_yS(AHn@!6wMNW!F2gW{VMas)?cXkc||;
z0zr??Y&I;P!AB3bSJRec)Osz74l9zOC;!4xx7QV`qex!O+(2*;ot;zSb}Mp#XCe!3
zxyojO?TE0>La$XRofi6h$0&T#>b7$-{L{7?#D~s+J%mK;T9ZmDf&A04*9okP7;^P3
z%E<=#Lc>HVt#j|Ya>s_lwbDwHlcRkwru~ZiAJpr6gx%!~PC@zfb1T`<)5$RsZEc(9
zY1oUA0&ON{X2;;xPqMzQVScsry+~2Y&kgq4xL)KA%MoYMw7^S6eP$}JX?Xl%UkLfx
z=*?7lSYE#g)*UsB3(X!$sOu3cEOrM3+e*U>^@AC5`|oED|Ls~565-;^?SVHHSCxkb
z@PwEe&=jT2oo)d1sO45=c`fIiejHqHpdrHsd!4ZX2o5=n0+99SX6uw=<|AFpMuM#>
z=%pGTJXBnzc8IN4tuqIgE=KmeE@;jgUJ+K}xa~e{3*}m#PQ}hl{SG;DHH~kVaIG<v
zGf%x{Gjwe27<5mIPDF9pNTZ)Q?a)U9t#=<c+$AfT_~rA0)USmHkW6N9%~XN=42e_k
zA^B+viH99MTuU!lL1|ZQZ|r=mu<d?U=IgDSB32$n!%#3Z<HoIG@lb9Cw0w>I8?rti
z-sF>WPOQm@u%T>WnPc%QelNJzAbDsuitLSLW*E^@u@1|q3G~;%BFsAc_jo5B=09k9
zFWj{{;4T;+q<7yWFWc+pR|jOh)kpVEyM1|`(eTL2{79{`Dd~@xLHyAUC%r!U;W9Yo
zCWqe)7fUIMi*0SO_z;{UH~zN^9oB`GNy=|KP0YkIsE1K*-r=Ce?-gH%^hbRs`wWS_
z9Iv#&+Wa*$sGzSIw}_8T=R8;7=(>_<gm0s|edc+@Zc<e@8d5)QFQf9T%$;o^DPWA&
zQd37^Iiyuzs~o|9eCocYS0MVLM#*yJxM}<T<v{ZNODYE*v@Uh?UB4_U$|+@tAEbGO
z!ta}+Cx`Sl!e>%3qvSYxxkx{}dEuQ>0x%NpV?WCtL!9VDpKxnUyaND;i$?-At?t!n
ze(On_q*A{(u;rS^U8_2j=J>R&04OyM98PcSI<}VPca+11{rIb2NRjj+A96#le-8sv
zPH2Qdj_|6oM-)F^1%;Mroy30;^jn#1A^mt=aWX#aaFNBb`B8s{Y~FlV9Cm6c&ZcjR
zD<d`ZB`KzRL$G$BCyH9Tr0kgKCjG&w1{-~%v4$f}n6L4<<&Iv%iDS;S7{o`EVf_Ka
z=ygJYk}&2Hx+`<-_x_X4TaqAvD?F6?o7r2J#5q(1>FffvhmVVe3r&gQ){HGBSC&0+
zA=gwQey%XX@)qfAiGGF-!!h`}J>e^#sg%#n!f@%Bja9;vHDxN7wGdLJw9Xi6tvpk(
z{rY1+hD0T&YJtN`k|Ll4!zo!c`|QB)rGw7{VDg#tOCA!)`#eTBwI_Gt4SzfQevJ*i
zqW^WxqEM{9sZwHNlL2C%F-Hrm=q7@F8EeR4Y$P=u1b2x6mwCCqyHcbyOu*9R@NI)O
z=Tt!L1sknd(spRh3?ZX5ILM$BL7u1g$e1WE*Wu~BkCE=L|82L7_cKK6R7atfpJ)eo
zHyt4aR)+|qJ*C?*J`;nZhgn=R`-$&znc(9tu2HTHl_|MFH-~?z^MN+gJyuVksKro-
z6YvTORXC?v)Uffe#S(f0J|$)2R!9)=+?az0fsQRpT@t^gRtk+PdAvQo-6}!Gf7<U)
z7jfCiYnRxm_>ya%MFlB+uQHSL@adtP(rM_%-2lI#asCLWnuoFV_A*)&nPp8BKX-_^
z^5^k=^=o#3iTq4@yq&Z`{i=Q8u`_g^FlQA3H@iz1ZS=nnCo+`2Y437r^U+;RscM_i
zoNSt2?V_QAc!o~g^~H{o8%Pr@FC@<|NZ)#fZ>h#`>wc422Yf$={&}nX;Vp$YJuMh_
z+d@_?AXa#9$4YHgUP?}6!1^-(Or&u_OnT_d+?ZCXyfpKsz5i+f=|&j>HbJaU<0<L+
zW37&|vLvDB&dv}2hrYh@_aP=r`}E4_Vx)Uz%Z{dUeTOKebK|~YSa$NIlbc40r#Am<
zm^l&jv{T9@!M9};b54piOtAfh?@Fcaf&#5YO08qVuxc?OtoBBg=1qp6NZ-KGMc-EQ
zw6nt7{e^Wm*7NzeS0Q%i%aKMKwNK#$cle`qg9YtTF=PbH0ZRgp)0&L9f0nZ~jXGzS
z=-eU8Ijw^k^Y~Pp;W+Z_LUu;3jBAhM`~w{2C#X<Qi=uv(8_$z9g=GL;UMWLpQ}Jk~
zar@$_y*KuArKmZ%6!$|x|3AQuwLCh6iaW!iav$2-RRfw=AR;=t#MaN~6M$_;#3+w}
zP>aQ4cu^C&dZ*|J(!;FxsJ!k@sGB6AsWdNcwzl(vjbYo{dI|EXx}^6rkq$|b9LBkH
zcFXG`ukt~)_8noW0-H?+7c-S}M<-n@?+G0(S(Y-f9{KHveYGe}m6M4GH-xY2X<%Jc
zF2!26j6WlIc*$!0EYXM}o>lRRn3eb8vmP4W68ArImvuO5pDN0ad!ueR&rB#waoBYy
z)Tec92VIAW?5Hh+YKpmC4880~_ce|twlBQDF)WnXgOKW0sKd%89bt8%cJ6-msF;_F
zqnHs<hbaXy;_p@z?_mBqQ{)_*smz37`ujqtKj^dYT<f<x{FD>Rd>KB6;Mp3+No{cG
z@#fF^*oPxQp?G>#)CfyZpm6%5d^gApK4y*CI_jk1ma0F;E4UCbKOo?YuWo%EV$$qe
z*%gMukd%{gL|RXMal!CZ(CF5P$p5H|!dN&s+?q-15z8Zmy4VU=%+<l@Cp6u}ykjN7
zYt)pTcHEftQ1JY~>$Zh6ZYGB>=Ei(VoL2B~Y0xIVCvJ1}x;~`T9H~4Sn6%FC&KXfW
zkf?j$d({cGQ~feq`>BsClLvaLJakjXXCv3E$p1ofMxJ?p;Xqup-ibjB9WEn5MyMUc
zl&1mJ&f4Ix@MhR8I+dD+_2f{?oci`M1a1kg;V!UgVSq|9oT0{zwGG3+X}7+`&%M_*
zZBzGf@ufZ6bjBcuyQ1P*1}Atn-;whhqhqVH>I907TSu{7opvmavZC)|bg(gaDQQH-
z;>MaNv0vdc#Eeo_U>yv9gpop}SUhbq%AEF@IP`&y6+a?q*%aoB^RCWLM&!uh_w;-X
zZD~_tMkn$|_e(BNV~`*<1byn<ZjXv34@-fDqPLss{hd@H#M0pGw4D5GURPU$$M$j_
zTXT5|&xU1a%Zr>PN{~6hz)4n8tE)9Ya3*&4s;a;#SJ$GXF}E8jBcT8Ih_R5yZM15$
zQ##-6Cbt<F{-`{9u@97D?*5)6fAaYUE6V-wS7<g%uzAja74u=J`ROs_fDU|eY+VZ8
zu*Z$fEU)b}^_~Sk|6g+;R;Q)J#%R^wH*Hq^wma!uXSupLrp1R4tp2?rZP#?abKHA)
zgItTJ|NRoi9Z=A8=MUC>QMk6Jc6D0Tzp!t&Z?e`2JdP<buC;EjJyz-=*4BK*zbWa?
zUjJA_<@}2>0Tjg>Nu?aHM=H-gW42Vy?nA2577JVg4!N!RoU-Qp#@@MKxIEilxK7-j
z>HYAk@1uJuvy%0aY^Kt9=0U-JSqi;!yVd#oe7>EZJf9HKW;o5d6$uP@f&CT%i_lTa
z7~1Efk6?!0Sjb2nihXyu%l_$I&Sq-O;5JjImadplqu{WsuERv9eu_x+&yoACI{(EC
zvN>#fze{^)nupsNI~KP;)?fo##h2AuKYJDr$!IQ#ExOopW9RZ`@d}_{<p<9ZCQK`3
zR?EG@C)qrrScf0=F27vP#iyS&FH@#0Nl0Vrc-6blR#b&?lRM{Nvom1!y-Wvvm=z=Q
zqj4#EY(WBC&*d@HZr@6In##FXGk6C^TT>M^n~ogD#}1<a7$ie>CU{XFLXs#$PgV8_
zGK1Q(-#<jUs^caqtB!m$YGP$g4UE@7eW_w9BO$FV^+Q2#Ln4z?!IGb539SA4^AlM*
zPQA|#SF~V6Wn}x2TeAJ2l0m3E1+e0Kf1n8wZc4WQ&L>~`i+-E|?=ynuu~~9SMk7a-
z?7PZRxEBhXYgP38oSpE{d`8Y$GH2&CqykL4!rOYu{2)2sN;=qBV=|zFQ^VpFyl-vU
zIwUKGisDrKL2*#W?-ma+ZGS9+h9y!<xbY|GN8--PeQGGMIKL{d{hRF}y}DH?D@kv@
zv}{RL_*?s5IQ&SOr>A;ZTp^TPKWqdR^!8NJNCler{k;s4?ENGC$OE}(Gp%^n${hp<
zc&2~$TML2BpWA#Or0HwADr%lB<lCUQ@uUON@>T1~c}*(cK|~H$HEYc!)bI7D8%o#(
zKs&nX^awjvN%t&@@-V&i#1C<AmM^zTjQ1@+^fm|L8Vv-G(b&H{Xu6O3^98(A-=_<I
z3vZWmlf?DRRQ~KRlmu;Yg0|CRLC|^5HN}wd&6AM_+UeDLTGBi&+4wM+UXyJp3!N7f
zmd{bTs!tPVt^AT}R342V4nIf`%yiroDm$H?^QU*6ihAXc((0-5+j-bJl+$#K8s`(6
zb95~d7&v@Nsrek)8@T)^pSvn8<>un8=^FvX*!?${q)j7Q;KDEctTFx*+S1j(7E#>h
zLMlW*r0J?K{RTPsP8BuH|L^tH;QrS2ugZ(=7DdbBW{fwP6(udxb<G(cLTyZi70dD~
z`}|}-drU|ekEAfMi|qdOG?U1>bVu*m;dkx)_5~66ue%}4N-K_#rC%}v?=1T6U^+mS
z1_&Z~hxRg!X1>;!X*HPv2bbNqT}<QfN;L&4xt-8D?M@XDTJbT&J1{es#)|_@dX75M
z_MM?{@=~OM3%lf5@!d7WVOExu;E1UxhJps06KY{k4PC-%0Xk<vnGDps3a2tHN%tfZ
zs`xGfI~)9xsqf3<?;Qdy6_`h#|J7Q`vQCLb4Z6LyM{)nN)g;>U1AhlP5B|!(S3wal
zX2~?vNRze8q5QTTQ;tbZH=0|;Ug-JA0UI#*C=e8A-Y5||X{7C`sD<G1+A$Im>f=AV
z?_p%y#bF+=8QC~>JlRa8ii+dCkl8^T4WfWzur%!Jt2SnE`Qsmo7i+45s!h<|4|nIT
zV8=@;?!jYq^FgQf{_8Vrovgi0-I-e^)oUEUXL*0($0efRHkv9fpq7;6b3CTJq{7}u
zFj2pCwMD~B%K2z(Wx&s(0Tsi&Q<T4e1A!8>-r)rRa2vXPk@i6=;N(GB2ATj?rKX9{
zOCi}JBE`BF)@9L82(dVcK~TB@v-_Y_DcIjEeO%^dLlZwT518`9;wowiWPxxzD9>nQ
zM`pgsnLw+Y0w|ng{V@?2`lwQsmg6D(B|VLl<sDNkjJ3bfuwU`kH&MmWyFK{=rx9&o
zs9<C8zYq4}b?U)3UeW)cRs3UmI3rDdy$WH`*CS$@z8pIq(iN?msHS5F>%BBDNvLHU
zOX3p)5J=y{ykNALnV>qp{HxG~g_R;q-8EAJz+{A8S=j%hT(Vq)pK_Nq7c19->a;Al
zkyqF6IzGJEi?Qoca31e5#BOM<mnX`IW%*~VPk#F}VXCFgF6`+{vGAR#r#uXpRUOz!
znaKF?fTrPX&MoczG~shqiH&mhk|GVCZ^4MFDY3A+Zt~Y>G7|yrPK{HfF~iO;Z4TI(
zZ|U!2(<|yzLcWUhy{HvaJMdn#402j}8pAnbyPbIt(_mum`aY~QFQ3(5fy=+*fZaH6
zfvnGE58KKTX^hU%MD`L^5lDpP-P`d|>$1-iorF#1pr|nzH!|OR{xW|>a{BVKta8<C
zd65Tqp9qsnALX15y03{(gVJkeFa@tl!J1mbCE6xfUsEV<R$Fz0A)@Gr$z&uUurp3f
z#a>~x<(s={5I-~88}h*X<E2pc(gwtgNabSru<(FXXNx~uw$rIuPx6s&sxa`mSeE=R
zki}zv_fe{nQy4d@^x`~jgUqs6`EREAbuLu}zIgAsP_vmfdh7%liSv$iG|qiD(}BiG
zSlTnoaP3Ert`rlU$5dj~dur>PcLX(CXp;5Bp}&k`F(i}C9Gqs=lvMof5@Od&dpNtA
zOk}%(KkV_-gdFSjvV#0tL(j>~c8jCq2Ze^Ef~RysX=mYc<r?V=Y(Y!h{da{to_5?Y
zaH8(|a0UJLx3BvSvk>GUBa^r~%aCy4ywxlE8w5wV&_`m~pp*_i#+y0J_*$vM;hv>E
zdM)oh72oz(@g<(bx$bO4q@nIjE)()BZwrkMfu=%pt@CBIUT=RK_LukYZ%c1BQqiG2
zt3+;wWOw>&o6f0My6kM(M169}*?LTyt~hBM1>UzKoK#}!eBC(g;0o7%R)5lcs~jE3
zQmWL>w^p9~@n~m17pQ01B;4)th-2nwe$-*Xi5k)P^4&Gh-FG+9#bQf1t1kgM8X@(f
zy)LW)T4nf>Tanhdc91!VOBk`%XxY8%Ymd6!8Dy7GAY@jgn$3wYb-LmDEk#GA=Mh29
zsN@Hzv0G!(rlD8e&(IQevHK)%M|hy%3f#>}Qiz*~uChROON?ph0KZ;$t?1N2W9SG+
zO`cA?C6>O`Oml+Fl#`0{q5t+sBlnA0Z@h086y5Bnt&-*|JYv=C##B_|;Zw<0BsFax
z*?jP*imt0~q$r$wJ6uhUYp_4a6q?yO1e_JHEyGq=D>1id9TL?|(89+E(&>#QDcAeU
z^UI}hh%SH0PCjASv2a7<TW&ftcYw}eSAe$XqfNK0+~a}PQJGvA?{hyLZ};@mGAa`r
z=+0286swzf6fb2y5MKjnY_A!ng10ALn*Lw!Ne*+KiT{#)ohqkmcoy$Q|KZ$Xz6Sd~
z6=z}JgU78ePoFd=e@-duOCNI?S{Ii9_bGAKpPKN()A)N_@>25q`13!I7B|Poj7_lK
z>RQX5o<YNaW$ume8zXgmG2ky+9fNZmGsGROyOsH%U3YFE%<z(hAwA^7&b<hZ*Y+@~
z@Gz<BWsai~rD2nE#`JzlAf9Cw$A!UX`_a9w@V@!_y)=0KIILD_JCIF!F+{Fg_Iq>Z
zxK|TV`K6r8*Y+*JU7QHKZ%h+YK+ggE`B#Vkj_uV}uTN6_*gV~OS5#bt@d(*Xe`)4{
zeQTA~u2b*eLgnte^4n2<-G+Q_Q#Mh^=a}PD|CLROy7Opltt9k^H&|&dPN-n_Gzs6e
z=3tZxbF$B`V2<y{kM{~ShtQ9(?>ggSF(%mI`#r20vcI&4mdIs@>g-VU=YM4$MVy53
zCENXn34s2X!0<tnJJkeCAB}e*jUFq&tv_;G5Htzl3{Jpu)z~-KD!U->r_m>OCL~`<
z2G#h8ite@+O4jD;dZojy(i20km@M$F*7|2EC0+L0+WkTP{1Afd0$DDhQ2kwNwvAJW
z&PLGJHh06Wxf#%!vZ6R{TVdT`dckYWez6-sAMl*<<p#L<l{N*dyxil)1NvrpB*Xj4
zAi1GET7t(l(H`Zup3{HM=p+4>3Bhu6BvEH^FdtmYJz_habniD^fZ!v8%*?RFgc5ow
zN<tPIGbYsk#_Y^^*zFqvmm#f`j<+laD>(whfuW|m<%mpI85z?^dLDDIR-BpYc-54R
z24-C6qYM54?}NiTM_Ty3cpuE7J8l&D1|zIP6Km~lh{qHaIy(0Uuh#{l!+6|vNG{XE
zHQIcoi%%9}*4Fn@3?<L<9@tk<=Bkuz5Ys&0*Rd-lM#?WCU80fF+1&2h*!-tmm8+ii
z8}q1^+M!}X#@n&sX3dE?v<#(63c7Zj378V=QHnJcf~*YV#{_<_E5+R%Ke*Yet4Nh#
zCM0dmC}^i|SNNSQL<(#)V&Ri^&=R7@adQjI+`%U6hAPQly0z38S(f-*o$3MSOTizh
zpk#4dV;~7eUxx54JZ?oBn{1GmOCS7KJ(mRg#RXWqBS!_RwOSQlXO<>)R5~N)f3#@|
zEZ3UujgvFlB~|!<Mg2E_<W1Ep6!C{<^e9@tHk@{J>DM9#aZYI;E(@m3A5`CqT#eN^
zRZ<KSg2ehOoHX8@RqewssC@peP=4mNTxCgZAyswQY#$o$o=LTr$T)vwD+JPemen#B
z=P+_Z!eajw=#k0at`WTpFI#{|9L4V>H)(Ur@2!77S5G_0UwY0~!XO){3mYlvGaD!i
zdijmFY=UV2r8|a^0td~a>M&^+Hvnwd8_NR6{Ngs_CC4wzc*Nd0dB}mMN9z;M5*+ls
z-raG6gAJV4F~&;ASAH8MEb00ew}gymM)_Q&%{Jb2DNQ9BRp{ay_Z&oA(>&58oY<Y#
zg*+};O|tJ(18SksmK~NQfSSP(xY0=v_Cd(EfsiYw4vrfLixj-nW3|}Wdzk#nk;;ms
z#_z1+lv_2u&%czX>R7u+YtK)~UV4PqGFq1Bd>c>V4o+q2z6SlmTrebEU)%OGjA2+O
zljyzKk?+F-!t%T3UTo|xh5sr>9hLe}+MfCmVmp=MMn>2v3YFy~rM+y|XhmB{#g)=8
zr%}6IC47+P6y`^}??w;hpm7*<iMPmrD%syKCh#nt9(eEzv!p5_clNv840+_|Wn+`s
zf9g#gK)K*9RfG2^QTWFkUT0^Z$0}}o+VAwybsqiw1E3I)lohafqkOu~baJ_jav%^~
zi8R}OUl7afppd<tk(V_%8YsBmp>%rt2F;Ff>i6AEoG@+In`;&EN2hjQd@ki(n%_4S
zd8@dZ-8U#MB5OKPo<x;UEiL$Gp1(dDN+mZet<Yl;{HO7J3r5#53LOMr+fp`IJlj+#
zfAP<ewF0OV{Mn_2gWIv^n9t}|ebd$C7XPY|fVMsC+vdFzU#*{bCfB`KciOu5Om~1T
zAqlEb>Y~Ffq-M`|Q($LOIXBW}PNjdK7JO8jHji%HSFvaEhhe06+{S4w5%L%7j|407
zfLa{qnI7fB3R(`nqUo>SbX_$JWdi!;FpOyG4+#gO7-GO0$C-cBoEl8cu}|{{8<s_5
z{Cc9wN51eaC3Cnd_?wm5c++Kd(EArFS*U5dj}HcCymR}Qs18zo%aXHfSe$kS+ZN6d
zwP%+sO4q8YOj)yCJO)_o$4dpX9qHJLYpC$a(|!hr#rK=_C8VCKSgzZ{G9W%KIR*9P
z0~{Cf00D{gSmfXA%@QAtxnaNY;i#bM<5V3U*CEUPH>7^t%cyWv-jTurLzVVeFHq6Y
z8=C&uWc_g2v^m^0(&a_{Re(o>(H^eFD<TE#SCqve^{oEjgx2@&+A&4lI?PQ}mmavT
z`ta~+&5~|5;Z8|h&>lJJ8l3le4o<=|T+7)X6A-igvQa{?&E0aV%u!A#%?=QBmPu`w
zlU1qB)XgW8>6p7Tk;%zHfl?%Y;sN(^RO^&;nM$_Bvg(TL_yjS)idq-)g<^q9zXA^p
zN|2}Dwv<#nO1_HL>rN0Weg84Nzu6W!ElSPj)m+wEFq+T1KP$#&lt(8$6$*tUsKo@U
ze8ewKy6@{`-Q?{Zw$I~r>92W8(5ye-Kgl))w<}&!5Z8=rZ84#31)5!=F*ZrQqJY}&
zWDhz$T!wq)rF)+DJQv~1X7cUrPzfD*ZDx|n%Lp&0r04f}D3zUyYgxClt2glW*TmWc
z?Zk8S({}8t?hS``_Z#zzn<^GAGiK1gh1FA~ta{ni*Wi;lbk?pYv`Kp?JWF_10Oe(<
zEi0%YPD{oVUDD|BrJ%nvYM%KbHaU;0m>VxXJBo%HZD;8uW;azmV=Xz!gAP5bcNkS3
z4g1LmSOpAzY0~4jamsS#uUHl>1qYdqa0vR(jHqO0o~P##L)zM7OH}LT9c-8mgmWI3
z;#T$hf*^YFC2Om6;u3TInN-ERk<gI@W`Z~1bZ#MwiVNw&T&EaAA@<`)fS5g;#AL26
zX>i=o0a(kBZSQ#az~sKQ4qN5IWK-~hQMo3ByJkSKMqgZgrc|tygQbjBJK!sf0`@Cr
zTR)-A@-7YuGt=q<*ypWwdJ|@)X;Qn1Amy`WNrL$DCH#m~iRyDGj0}E{j2S?U@5WvC
zM&gPN?TLERjA$I~zLKJwn?uNFxCP_;xZyfU3hup<52<2oA-*D;|M~qhh3ACO-sa0=
z6Zy_t16HS8T#D`UJ5Dv^u3LRxWo6X4koz7!3hm)Mb?Iur)f%_76C5Qjt>xb2{Dd<;
zjjeOSxg~?yM_dAkT%m97(fu|@gs>9B<aB*F!W{ID&1HJNYCul{Lx%KrUaK#;?A|70
zvol5)(?mT#_^?iX;e#Ui3Z7kBD>@6bu(w74m%Ia;w~x7?)ArF$%W<4vo1Nt26x%5Z
zIk#1n6Y{;xsLY43-Zm%p;tRboy<(V?KT~jwSbtQP<co&wOmba+pXOL@;ZX^BFGkpo
zpf2h4?Az{6^1sIJsw3r|UU~t-eGh{!V*e44YYGyv$wBUI%At^_SK~NyKZ>Brd9+d{
zggsCS`YJEm^Y4EQns1cei-4i_2B!Dk+XPSq9ZHhtHq(n>XXB?KTFkBGuxvmsJAjp}
zVNt~5ScZABE=J>7U9$JaNqi%N+t<(S!kfF#x977V#Z$@oeU-q926o~g&b|<|^p@KD
zyg=|$KepkfR}(qE?E-4nZt?chV%Ai;fyRtslc=-ZyfsEU?S`R%?@zUT<VdOc#sjFL
zi}qj5HlvaKz`tBC-zE~c3J+!zCHkbG%%C)}57CsE-Q#My^?Y+(GI?ioH=mK=<f~)r
z3P4W2ES!z1s`lW3-QNw3rOre3M^Q#v?)@kv#Uaa3WM4*($BPA^e!Qa$w`W|49^;vw
z#HhhnwX#kfK>&!_^%dJ>wM`zlaW*#^-4l}7sn0ww{^k5Z(Y6rdK1z#E0QnK}?%iGt
z5ww%NDTScp#N3-YP{IS1$xF7E@pjiX)!DG0W}s=`4qZvj<zXx{E?*qWtqL03?L&_G
zdpS0aF1)F+RV%++#&89Mf2>ofxR#*wJj~So$bT&6M9sPFIz`I<bfXyH@W@HOUa3sh
zG9y8AZFkN$X3q(-9C9OQg;?2e{JD#R{lvay&ck<x)E`0})H-QKP$yE2gtTinL3C8!
zw3f>o6?1jf7uG4~RJ@Um%B~LO*w{KOClnk42*JQImz&82>|JEfiVvl=W03BvogR)~
zcRwOQXU%s3`x_f?mAHpQbO@9f|3m$RP<chfCwiA<8qVf$-#|U6fAK<Qql4X#9n(RU
z&W?;Oaub1mSKWf#XcQ!LhwH397v0c%Yw`0v`@GZvB{z2V4&W@{D!t)!qOR+!X!_7i
z+8FsJVavmNn0lYUkkyUc(-$F5R&R?_v-`$c>-{8<EYx<{Eg0IDE!M51d!*}qIMd<0
zAvixhkofsojMNyLu&zgN*lw4i&U)r0afu((NC@}rUS{n_wr?ol3>t`Dihsr9UNaSC
zY-LG*p`S*N+NA74=Ch^7tc5-Bq)h5K#wJ2msEK}Pfk}9G#!4jBsiVkF+w$Kq#LNi2
zw1^Ce!g*;g4ER6LoE|SN+;7%^AZby4`T0<ER}jCP!o(?`if2GwkfM}|;pMu78q{FM
zrH}4$L^;`nqDz%wId1Ub?<mE5+POR?8{CnlUR7IOkW23<KVV`wpeHH9q6zua>EdgF
zas%2d+@%bE;tUwB2e5UYd<hpATOBFf$7jly7Yp##rSpmeYFzkq5qHzovaLBy-2Qz*
z-<LvFx^5k&OIZ3q?aGtJOiANz4s+AJy&gxNA4*(ph)V#M-}CcUC2W;r-(Uj2@6>Z<
z54wtTwgb(l>Kz)FuuB8i`)p?wpl&azvPqtiPl{jGMPh<=#%oL?i+$qlXJgUvhf0al
zreUEwp+clv*Aodz!>YP`N;?Decj!19yjeg~q~Y2$6dL`@=b1bNiS9dhN}UNAug<-|
z{`X-qr{XgopysIje9#@ng~!N&^n^OuvjnT-;=y+L{qa}!e23^u^P`2vFH97EMlj@(
z=uaw@IPm4qARWD})Y-7_$i6S6qh`&AH5pX$Y@uG^?C(zcKk)P1;%3;z-z|j9-5EKs
z51m{(v2vH&W~9cYBjR4n_Ro>cP8)-un)c;-M0$Uv9p14b?eMdl3^<D<sMrold9mUn
z;_Aj1Nn6MxNS$rE6q?mA4pHGOXxQ!m7b;$vsMZqdI5`y3_R&TGdKW9dibQ{sjgw|s
zrMEv-G#!4t63FJy$=(;}k(XW_Ke=4#THz`=88!H=`KZ$ptRC-QqII~Kc_U`jX-YoG
z^@D5G*s)F7NbWe{L=ybNTYC3_S{^>cI`7l95w*SHGM>st#gW$|K~9~@LXi4UaabP<
zpFqFvo3V@}g22NpPAaX5E2BTJ&SR5B6>TlrpHk8|Z1?0Xcci*F2CnZ`*~sNs+p=Vx
z@RV5ALEE+#sl9dc-}wIt_g^`vL(nFTjg4~9(-z3J*8;A1zw#L;t4PwwcX`WV(Y1|-
zX62hLrWeuyeFRtd;^z|+-J4->6Ku@7>*eWE8zCGp4^(GR8GO`TrcrZpBI5SOm8QYW
zc<Os?bCplMJ8tj$1$r~XEsXepQfcs+j57LkUt~Qc%I<w;q~g}s_t($z{0hFA)tiXj
zR+Ip*(x&Z4nn}}ETc_TQqpv&Yb_e;ULJX0gdv4M68MJ8)Fv+&=gm<-;Jz$l61`VE;
z<=59QYyjT@s+KAk*+IshZO_jP!#+`^z2~Va763J75+6ae7=sX7FJ)_7Ie<DI<tJY!
zXr69XL<BAIz(zh&g@bCr#tt<pb6f#E`MI_=jyl#wcPbwb++7Pnf4!H@7c$tlX2r(r
z|DEND-I~HN4^P<ko0%Z*&vTkgNYJ;2VBWQIdg*oaB}0i(F(Wz|I{i_qjZGy}Wpn7o
zpEg3rDt&;#+-Vh`yPc%43Rx+@Oy4?9`r&DT(1{)~nmi}AG_j8BNc+wEdO2(RghN!H
z=youH=qoF~qDrnheO0T&%@-`oTnv7HHZx=;(iwUfdOF6f$zpV!YJf4!02zWx=)o%y
z_@134rXjuc<w;$0i}_{Flx_DJ+CB8tvIEP%=mx)>hT!0bJ^v4T-x=1_wzcctZoxv?
z7DPb6vPFu3fb?bqwkSm)p@xV^3tb>cR}oMYu+UrRB_RX|2{lAz15!f^p(7v!5<&~1
zg>o03ea`ot^WEn@&;5Px`XPBHm}Jd0=a^%>;~npSC5hS#t^RmC!t0=K>$uQS{zF~p
ztg9QpY^cR)fXc|9qP@7{(2&$pk%EFiiLSVqfKY4p@wt%-WJx<VUpFtZ%ckHJe^h{W
z!?CyIZ`5&$m3@G(`jU@n<(4MOJ=k;cwFCwF+a@P_H{tQ$$W0h~z7XLHke6p>W-O}?
z6(QyO;1VNlqrJ90A{DJlU(jd9zPO$5&#asZokbMCBXGvhjs2om&Sc?F#KJta!=J3n
zIN1E=biaN4#{F<kUKy4{zQ6<G+!OlSq_K@C|D*)`_1$s4fwgwWnHBxV6Z&+8j$VFk
ztEv=@u~>by2}kBJb@qf$7^1XkY1fpvw~Z3hP$>R-o3v#|-FF*9nid+)k8AHeES^{>
z-?M7!hh=L`PxMBz-YU{t0ZPl2=E<9n0QL%y7)1mbyn%);sQ&1=F-p&(M|@0K&Jj};
zWtp*8jM!dQJHP92Z@tx3ADak`9s${c!PnmINR})SRSfS;3(r2ZIN=v7ns-dL!68l0
zC#pqK<J-2ij(qqpvZ0Tz=`Fb~`tS-a$$=Tdca9i5c3bjU^O2ozWI?68XRkNuobmar
zp$uXcb`2=G_KLZ^-`jImCga8K_h&^l?+r=tiCqCIMo)a40nMrw)U~gk1adeYZHIpa
z={TQg;!Y{5+9Q}sxOOhBs>C!DMyaX0^FOeI4M~7AmIMoq0p$zU?LfjRO#5fmzKxHh
zTBAD7n$`R2$eZEyN!Qf%?h8$I*PLSPA1iuo-tDydSj5c-ksduS6r<3r1r5&fw@okl
z;4jb~Bo!5(SHn<j(Q97akCpzRZFo30<XKp@oS-VxJ`SN-pRmhT92&%54gOH%FUI>+
z<r84auG@}0{EFn(krE3!)&J*8bG0Xf7()>mpP2U<Vh2ah%4`@#tbZ1+>z8l#?Mo;N
z#hyC*fbs+@YD4jvt!_$fS;8nbOJmsMqIicLKl|NkrLcDld8G<zJ<S`wHj__%vr$u&
z#V7TmD0hm%iZFq<CNV+aV+MN(!<sqe+Ti<iM=qm=AvZp8$J9-`RIcTt4(YlH*GOE@
zyRC+S<Ry$zx#vWB=ER=xbz)GTZ2%PNAsy$S0J7GuOpR<H7XNn3^1g#j<_WS%d*<}o
zfF94p)}{7DT&Lyo3p^SyI*amQkEU+X;31C`^VP}O6&<?kY=W=d2K%R=!EzKdbgL=R
z|2oFNar{fk8dnyrO{<|D9&+by>;6lA5$|xuHmYRmQtnXOPFuZ4z85ywr~Ec(;%v@%
z{=#Xz(4p@+zO4YuAPm63zc!tN8yZ#VNu?@#dep5~rC>S+(gT<!5_LfO`R@MGQeXc@
zmpa;dhje~n-|ojQz6_h&t>(8z(%Cm|KPz2gEn_?1t}E{G^rNB!*K3h5D0Cbez%$5M
z`6B=(_YALS_Zm?u>$HA+^Kd)J6gj&=wC*!Ow|?{9_S!1bH-5u===n9YpirUQv4K3h
zg^wA65E0^t-NLVjK&OE4*;sCUp`3rnd8`)4P<x+#Zv?p?oR$kkDw}o00I5X3polG(
zDy1u;J(eKT@MIa7>7*y%Mtu%jZ3zMB;8;i!r^1i)PoJjcM%^5xORJ}jlZ#FDl5DM9
zjB0Ijm{gMaJjtA#()7E*>?#dap)nvdyU}ijvDF;$b4h3keKfmW9O$+uGhZrUC7+ex
zhYE6xn0kl_y~2HcF(|2!y-05R@~P5H*?A3R-_O#gJ65g3ioGWiq6ZFRfm7s#9~QBR
zBJQv>0<=Z?Ger%pOk)jQD4f{Jr%^rie#v5R@38G}-OWAGN8<x8@`)J@O)Nfa7I5wD
zc>}T9TGdbauv@KdXhuOXl+{mwuti55O3szsYk$`|*pte(FrOaK|6KB8r^6(7auu@b
ztFC{=crOHP5~EeLun>0Qth6M+|4um^?|nM6pHnpC$=DQh_Iuc0jk(bPJA0@l&b2$F
z(RaD~B0ce~`2cSOr>24MrC<pRhuNuOC@p-a44ci=<O5O@2X1Ng@*q&oh5YdzFD52g
z{#QGAIx`~n$;>zK>E#Z&-Q`b=gUYVoE+~8t0*tkTqvKiY)}aoobQSO00s;bR0lg3l
z%&NlS;wWBGnWF_cPg~pD`!*)RFrr~QJ$M`T*LvcX3Ug(aY2)@a?e0h;0^#0QdVFs)
zKw>1`S?P8z-z2rn=fd%ZRY4s+ow}Mz6QC&Fkd<1qRk!<eB_hM%%W?O`2JIYc9dY6a
z4LUu$gnzrMg<iDExpM#AeTQS}{DltMY$waxgEf-HH(oe>?b>tV`8pA>q3Mbg_sNon
z??7>n$&&Q5``4lVKZ<&W(|-gTlX~K`ck{@iVQvN>lUC*#<!7%Bq$w2m>ro(U?2nOS
zZYC_8d*w&j2R#O=%Wsfk=4sltMQ2>wH1dNGgVE~w>Id@{FL(d}X*>T8woXckp|O1V
z$O*s({<Zgj;qwb=C(Fm!_&s{tEmt?DKkweBm+c^PNPa3%N4RLufrt}UFF=GMt%xv%
zJEJXeqE)y~dYcGM%YQN5eQ!H_OM|%cn5}AmQ$fmylaq5~HlrpuP$*Do$!UBdIDKpL
zZN*pr_EN#YuIet^;(SpCD8eC=v_Ph9fF(zq@pW~mXpA)XA<)Q`W)4bd>5D_~@~Diy
zzCL$KXPR;qgl*~wPTX^v6ZI9B?ySuh_jxaGKg^^BQ8Nal^OK-MHPvNUm(A|%KpJKm
zU0g9z?wYjCy(0>c#TO=UeK5<|l7S-Y7Su8qwQ;R$z?*jdu|eVm|2{51Vpz63+Qlf&
z^W@k7Ec=hsndb^WG)4|x{YX%k*4VXH(`n$%e1hqFRT|f>@#0k{MAl`*N7HO1wZlJ~
zdMC~GGL9`2CEx!%97aZNF+^`0mka9MFbQn7b3HC@*~73-1joemC4c<|(JV7m+#@&e
zD*whv`6UeBXM6sJ`$fl*=9p3ir_l^5cR~}H8`JAQvH!>*fp?wVj@a@vQYhRXOa1lG
zesQv?M=D<?@3#_f^SXd^wHxIVg3F=9XoFTgUog4<Lc!bN-)n(Fs|1U^YRu2Nm9Xn~
zG94YLJ21Q-eE@{EYD(f!yn}JPGPl!`JUO>>!PmiYR<oj_!tLT@a1sQb^7ZRix0ZIv
zv>jMep%G#r!Q9reAmB;l^G>S#enwCF#0wD)rKE=n^=_eXrcYYCpZC&`+=5%EE|%C4
z02Nu4ib~tHI6H$EeddfVFoYIChD@F<{H}R@6Rs1*X&rVgp5T(GOW01h@hCcRbVeel
z-du{)sMlmHs|QnCd^1SKC}pCAtnMi@V6K<f?UAcEGg+z=%e@s2!0|g9L@cYRJ@-b-
zy9~aOs>l#2#m$s_lLhC_kP@6c_!{}EQG>BAyxPi-sN>I~=fk;IsgTTy4fh`Y{VJUi
z;t&cl?^r+Dot5BGUHVCFY!n2sK5M$PIVvGMx}9=L*}Vs!N5F?Mx!upB;mXbPiPp8q
zgqEmGlV)?o{OP0?T<to?ST9{{dUuB6Ad@Rf>@Lxp{bq4VaoO{JKPG?I(SN=4rxlDu
zPn<_;sI#2RLFyF{1lk7u*AIv;B6X=QLv3vM{%+u1sT<#dpKlEf!2G`Q4`+U~>rl;|
zuved7pP0xmjd{CeGgKE}J$oYLL;YAPZ}W8NTX2wlW>XWsB6CD%FUV(CCZLv(rOg3r
z`xpxIle`1HQZg_si>7eJ82dgj9~)=F$BajV6w~$h^${VfHTZ>1{h*koVn#VdmmaxD
z@HMSle%Uq*y4AG9wrc%#kE&z_mw`?;e`X@y?qwGkXzbHbs$K%hllMZFd-Q-!<&*uj
zi~m8mZZur7qtf{8sd}!LPf7-$S5-vTZp@N*$NImthZo$Od5>~mk{0JumwJ%P_LVvX
z2bSTX=g<H88$JMK3at8a$s_?~I4QTfIk*J}k>680^hpWXtDfGghbtThw^rL_t3X&K
zOy@|aJ}LI%T-#T!&D2}&SV4a{9DeJFCp0BaLDW;r=+8g@%r6RdlgV}bHpC^HWHw)O
zsj(~JcHamqX{FKk&S41!m+}HFID&&$#OBB26Y6P+22a`k>?SVtw1(bvz0sYJxsbpG
z)u2ID4S4dNe0}iOE)cZf6f`ZbxV@tc8xpt_ncIf4i^w3I@23gGx%4aeR6ZLskFay<
z`#{)+jXmxRn7wDP`}q!Nse@sq;*gh_j<aw@cUMTLha{a!>g>sT*c?3W-BwHf0vwmy
zqbiz{v))j&brFB_yS@{yJYbtE-l9*$2-(N%ZM&zq*UPZLf2<p5&;%JZtVGC@9B8P3
z)9*-lvp0Z8(>k}2M^04;eR<ZyzfZLJYUki`q==9r$TK*8?z-r^7RI0bz2;Y4`r{*p
z7dPW*p<b)qFv9i4W1UvB%c=i>=^bN43suuJ2;U_bR!X4hW>ST;^1(X?yY*U02T#hy
zq?KE7wwt(8->nR7IBZvQ{gCiMlxu({1+{-6BwSgrkqbVixgW%^qMw~eRzJiK8XOWc
zfpF*mvJ9_|T~>tM`Y5j%`^hJv#vxlb<~#;uIbcu#l!wcUgU@f=bx26d$nQ8EaU#?M
zjszQs=0`bQwXQn%I1)%%UYj{MiX=|}b$ACairP99f>SRVnP#Z@je-v;E!lI}LK<@%
z=g3@|(5J0e@Gc71tt?Y+*<xv>Tb7;Ay_}tk`f!$42DvoTHc)N{PSi-S;^C3lNw{aq
z28s7&8fnJhf|hY|wu3^wjm=z288+yPfhQ$dz(;ZB!;9#*(c&e~>7I`HgNuh1w>^DW
ztM*m&RN4Sz*`U`%dhA^3h-kn=X418uk2*}&)Y=P}6T3FEcm0a2^U8o*E^)-=yQwUl
zq0=1Vwh?6QQy4SAz{9=`4YNr8YnHV`a4*NCvqpipTsH(59LmnG8>c5i{c<?q*OOui
zR;uoq4PG6cnQ|UM-bir4IShTZ`pQ1LLX4;3)?~A*M;P@8VN%X3=tVHr0&8m+U(4GU
zZ$5$FhBXv$c{s6s)|*uW{n}8exQqRBOse8OV`p#kEyz;M)OCL=g=csXBJR^Cl&U7%
zv*}ut6BIkZWR_5ESMjq#%xv@co+S1FEn-LtNAa{9#|7GNKX&J>gYcf4z*f0qoa!k_
zF&nUkOrTbid_=#4SAqXq-#A~NqF<AY^$bmj!>GS~-!-hHX0(2%|M!u&OBGcz11C;2
zh#$qWCDj9p#WWRK3mrZ$=rQH)e_|e<1{r-mh*r(7dEOz##RPq&c4JjP2YvsbCsP5e
z`@4*#fCqOnkeb5aukTLQmN)(_&;^jAM`W;y0SiZ){FjP;DkP=)`KO)Z4p}_bBqVh^
ztK#_9I%Mpbz1~Q1a_4<BO5H)KkVlAhJtp|c`<xPqgY|SY7${decwwB70aRkb-6Inr
z;U$jWR5djr+B?hPvFBBD8l!ln6cqX-uEQcTT`73P!~oY3^8rbcqxQ}YlXU#}@e0t9
zE{qMJM$$LSn4Ms<QSz+_Jx8w*F5k3-R0108K2ADt60yTLfoKwMwfWhm2;g>;E{L0<
zYuEY?8xe|Xz<>6x$ZvcQTG$Y}p8sv)xUA`oZg`>4jct%}7=oQ6rZs2;u}-wk+s-*T
z?4K3s`^K2t=TcGRCBdjRyqJ20jw>bQOSdsA@Y%a<od_wFZ#&@^#VxW8>R^L&oKNCb
z7yU~2+*GPP%E2Qd<Dgu``CMC`INk<%t6dTHTaMw|4N#YrZOD;?K;F_Yz5AW-E7Mwv
z1FLhE&gT}2%){!X6ujzgLyz>*$QDZuRY5n6G@sR3L0mwsO52s>3|&!WoKY(1ji;!x
zZDXxX?#}JuFXs5Z&)Qs-`!~OL!-ajhP9g?N$xFd@!B)lO=W^Ta1c;x3H2p<$I?}Eq
z>f&_sAp7ZriL?b(FiA#w8e5bkrltD8yLqGJJ6~hWM&SNU*9K2YX}HYf<Q-R5R|P@$
zvKd4)K;M4x9r)QE@2Ph)Vt_6}vxce_B!<_O<Fk42Olgi^>uq~Zn6I)x`)8C@4d#dF
zj~@){Vsq&3ZJLtRVSChK;Pff`Mj<cl@~8Z8kKxMVMZ$)yYa223hD#1m;)|+${)FeF
z!B2NGsj#Eu+AgVEd(Jqu?}PHy*+;Ay0a==V)r7~`lx67P*1nc<!-J-xKs)N~nh6;S
zG|K2{>F5u1nMF+I`p0H?u?F$ik{chX#ZBLb23}nZt!+pjdfOKkpVS{g8w-mxDY<9P
z5QUU9@irNEavd^med0nMREfD)CdO@_w9r3y&h;zeTpb_?dw?wcI+3Xv<VHbTSK%Q^
zad(DOpWRf|MZuXWe#<u2e_0NLuY|g4AgvBJ`MTuR4s`Y!4HG0R^}15Sq8}zH`T5e=
z1bt24yQ)qlzZ)3)kxM7cKA;7Wku9rAR6j}P^L0^`9E2f)9Kd|teI*GwJmbfAQUF~*
zZRjcZaaj!ogZ<v8<9>Vs*e^HpKWQ(z4wR%YYD+pwA}w))z|r|-JlOFwnM<wi^r=&i
zQ48rLu9#FiXH!BTYZUy3=ZWJW3#jw2#C3i~)opl!!<52_j)RoGkY6(d9+BGGDk73Q
z4^>(cYE@>R+C{!#hJUxSv%?2KEmQ1*eY6m&KFvz|9a`6^^oXPCX&6^|qO8M1IrfW8
z2hY@eAg*=b)tDdy2P)YXeO}|<efJksIa*-8AM?m}%%0?aC~1ISHm>(PcGj^x#C5RB
zBphK0b6rne#z)#Di8@L9!q_IA+Z(nHqA@`HyWP5r74D}UGlH#LlvoSPq>MIDEUJW<
zp7C<~75T0l+8F9m2XV}DHj;mBv@ifU@rNPry9MNOJ#dx}nxSuqP!_)=v62=uW7qk#
z_POIa$jLGeN6Yp$BOEp5^_ou=zX-E_46=fIE=7Myt?Y3AD|TSCrK20yl&uZyB50#p
zwWBn%(zP`tb^AjPmvE7U&)8aF)P~)9k3ADF6h|+7Bg<>%+hgfqx=eT)viEXh_8^F^
zYh+i?+S-q^e3h5v6I2*-gz`qe1|b9!5$8hVoaG9>DZ78AYkFmvAf+o1;xbCY$%fd0
z4~LCg@Kn^o*5Z3;wD~4^AU|`@XH6%$N7+a)#FU3`Qg$s+5&9YQ49*W%5?1s56F?57
zliqHPmN5%@0YeS^t6=9;_kMO)k)F$YgU(y7^_$7p{tBuJ0lOp36PN=l5-M#5_kq|K
zF)nBSQHhpt1_&*muln1zz{85ACxSgss6$hstoc!anc)4HJ?!rLQA8)}o%}~-m-bR$
zVReUy3|WF%(q5pglaX-W3p5l~rFs9rZ1X!F>gU3x+MJk6xn*wD@x8>dQx#!(OGW#r
zYvett(@bpgEk~?q$DxwK3s`}p#Hna0w+)3QPp#4lIqC<2r%HE59P?ocbJpoQNXqPP
zXA5W+aC&gPOd!BFa&R)cs63a78olc5S}9cY=Cl}1Cl088F1n4WsHz~Tn+<6K?ARg4
z%VrrlqkvxL<k)^r(!SEe)1775fJT2#+}L`x>zNP(@BN(M7^|@-o*@Z=#`&m|HX=EG
z2CwSAR(wIiYsmFVqfuc}+WGHxM;M)SYg7uL9x73(6Escc9<r`%G4dwOHJ=2xgUVi_
z<K}NnBxHxL3lzBy+nO#=>kAyrgD$&ZcoN|pV9)%}xLB}xNVY209EPdOekBl{so7Gk
zXC4z;33#tB{>b{3<k&p~85H1aPwHmYvJjS4Dwh`)a=<580{e*#J5z@V%&EIE^-|yr
zdqK;v$`hUrqj1V~gU}V}D*$u}px?#VJ{Rv7`X#sCaqui*y3niqG+mhIwWYqZe*k)R
zbpc#=4vx~B`9Q7gp{(;6q&?lb*mQG70j0RT)4R6DI(^Ec)>fJ}e20_j!{bb?a&l+f
zcKkCCwZ8WxQ)$<P?A)zSnRueHIGg6@Gula8O)EfJGfHC5Uq>C3j(>h=WtG~%UQ~BQ
z7JdAckomIH@p*snB2Z{+UG<xc0@IG8uG8(?OcK=N#EqcGk)d=zc&82#5T>x^#?dS#
zq|ogi8vF6($SlM0`_PkdqCB_~-omArHp$rW!qRUT7tic_4GIMm`qIn_cnaJo{KxL&
zyqe9Vm8A6R)IOjgcwMOowsGx7zua_<J38D-!>){jcip!fc_qy-ohvJ3L-4qaSo}g=
zZrh-%B88Ck!Gry^_FX_DjTznyZyONDrY5mB?F=2H`i@(R22<~CEcMlnD!b!$W4G^J
zZC_0*TrL%S=4l?WXpOWy(eP2zBSY2{dM!CWpKayxeUMYb{CVl^UnQ4E(bmc%NBA?V
zvZ)W_v~B-bdoWmYE*ns0rd}|3wkS=&{;+3E;IQ9UXY{A>)MgiFk_GNsqvg@>`N^Ca
z+hN*;uVkHK&M13Ck6WfVv$k3SCoIM};Zt*3hqB~Pm?BbmrjJd_t2J+bBFe#kdEWK{
zpqM|uNFBL*MXZ+SHq59I%(_bav6my23dQhr(u%G29%i(c8c!!XD;7B-cD5{PnO{f%
z<8R~jZX%33$1f!9DCFUL(`qwvsarv^5Ju`5pyGb${nCL>Mr&&ifFuEUgQE4EqIl6}
zW!9EIGZff`H_Ns*ca9Gw+zZ9Q6nO198aj90UT(Qi9iYwJ14V45bZjMxf|W6yE=+h9
zOg+DY@y1HS6PbBV(IR{asN=XS+V_b>$Wryh^bey2WPa(ZPz`F{2;(mrUX7;~!aDh;
zI_^PUtDYO5`6Wi6TYpH1-+86r0ewJ2c;`E)b0`@NKD-FRB!(K~aF#qju8}74?E5dk
zbQc(;(ORz}t{s>@apa9`C!f@^e<`Jhnh;)CDSP{C_14zX^rgzv{lT$U$M&|O>?`<q
zkMo$LlvtypT(y;%rGR*7>cK8)5Hm=f1Jn`l1<}Wk9V@p2K5|h5u5kD-F@^K4T2+>O
zD(`mz_Yx25cYIv~=!hI&uZS-^n1R{p4(d0|OPiErGSZb&>VCo_?S&_{*C+HlrCzBJ
z2#jF^v%xo(pnS>gMO#CL8EOt}H*UcjWsn2+bgTWkG3yEKEv0$BoPWHV#$6Y0cV9_}
z-9yolTI{+Q_^9IyL1oDyCKfj~r2TR=EMOF5KP%Jo@rtdD2px&EzSB6^Y#}NG9Etw>
zTVpocxJvDUuMjJPBR<RJH69bzJ?-cG2)%*E#Ya$NNSw2;^88zKD7h^pplzhe>cn1+
zdG?qt{X?Bqie|vWqt&0Wt&q8`?(93m)!w<ol`hj8_W^m867v^QKqSDcwOw>-0F8}6
z9Q&yp0ZiH<889xbMM9=)H~)TG?Es<P91Ty_$hcYW!7cT`XT9?2f^=hmaC<pIidCUz
z*OVzd+iR7?f4&H?9yhbwW$H>Ubig9Dgi{jUY05QrI~w0W2%PD}oN|kFKAa)os};Ia
z&A_H1uz6lpQa|UpC5>dS1$D6RV()xk2e=0Ah{lelWXf#imcPP+jR~3F_SHtW6G@(}
zmrsH)v1!bne>?%==|EkOuU8B~tyJJ?Y@KJc?H*JieY>LIL2?l%$A-x$H~P#&dR|3X
z*~G*>ud>o|#dS$+^{MVCFuhgo(+$7j$L`9D{DLBOGeHWzYt?A)4<|r>`K^Q3%iUBx
zy$>5ZS6?czyBWC>Dg~~t<q^$&A-w^c@9-8>_9<S+pD&VYtg|(9;^6uAbAE@oelqR`
z&PYZpXFK&3wH%ky47xq|FF}7%n<;vB`m|btt0&~FN#8gy&Cf}zZ>cHdXyL|8$8$FT
zse?cLpbF<<<BQ+Q+sZMMlhKZ$x(cJa2MRX75)@q%J+8T|kMNn>*ae9&w<PV22jr^V
zIYO}jV%Yvd)qUN-;V34k5r6=}V#;^A9J5B^MR$}uudXdL*SIl;%Pc%KHeTs+i<Eqk
zNjmW3h!Yj}boRi{Qu6Zg>LK~6an)PwqN_Lj#`QzWF*$b<_}_*P<Ge8h0d1ScX={nm
zvDO5`Cz8|e$?*P4oZ8S!Oml_T^*;C~^%PG3`R^YH!wI&gik)m_kNi?R@q9nOI?u2b
zf0Z%B$GwtJ<M9@LWT*9)OZ_ylAo_P*`|;s4zQRB$R*-LHIhTXrz8`r`k6jF?-{6m*
z82pTV)9v$pS!vDY{MW97^>}cZrMDx!BLQ#ZdGCS34`Y~XQH>+Xz_Gf<d%79co%I5c
zh$}>48ivop8`gTio{JUW>1-`WL^aljg}%RGoU%lKGlpwd+oarI%=EVL9!cY82ApT-
z$;%y{n02~N4f817<&SVU_L5VOQifHXfFwQi8LrRh#$xO5xGK7iiW_89S-p`EkgQU9
z3Xg=lTOd_Q?|SWJG2~n9H^JZa0=D=P!^6>$C=CW=;{%{x>V)nuEhIEEOE;2eC;U^W
z3PG%)mJ#<(*Fe02h}}^SG(3cH<t49-W%gYoOPA^L`&YRJ>`4#ECtOP&!TI<^#y|`=
z^j-Akv!oVDQi_n%P}tGy?%567J+<XukD&bOLf0k7qRzTDaTqCdTfh@Fi@!MfEeW7-
z8|i*n?N|Qf!=?q!ZSkD_tjCfJw_}?Rk7QFnKTPZfe8_*yCxG@e=Yz|?V6TQ%C~LH;
z%T66M0a;7|1v4Ab2bqK;T9A~4=bh|o4xLWpxeu51-0UnrSxQvNU)PS)zTGxE-RV^(
zuvXg9(H#`JIa1%n`^6kS{wjlcG7#?VjJ8c~Fop_$_-Y^JJk{>$+WPT|j*O3J&6m*q
zUra~$#zIqaUf|V#V$ECZoGR9;>79STh1s?i%MluslaWi8`jK^-&r0GFVJijUY6(t=
z{u&L3uqp@&DpGi_T_Y+6GcR|S&{6np@3xPltl3n9+l;o3?W_zs*e?;BO3uC$<nkwP
zkjgMuhwg^3JD`ByEA*-0YyhJp<c-zl&L1Q83L9i&ijdpGc_ivqdSqOsUM6p8GV+)#
zW}viVhevLE^=>3SZ26@aVLgEnb?B-!98@QT*0w$L<)OdJTE@Bq6&3L51}j6>cllK#
zyK@xvR~4c!kB>9|auDb;{*%=a%doXi-<QEKzD0>5C=L{jcz809=Y0M#&C@>t*@MTB
zmD5k=Q(TA&>zaKs?_}Lh=;%PKy(I&9?ahad#;SwJoq&bG@=FPsV_Sg7<z`2%*9h8d
zEjh%Hco6;B5sU(qvT&eP0H>XA>jI?dwE)_Ie8MIvVmLt>CwN^)L4=+^x5{;%<A~Hj
z<o+Nn=Y@3sLX1!4Bh3#^`^Ug*=te%uXSXHtusNdt8=J#*`O&oenpTY9#>=x;XC$^u
ziF301_7Mqvv1;aPr6TByrh7RfF<ZGIuB>K-Twlc2v+1W3_NF*rl=l*cx1grO>m1aG
z=;P_l>IH}uV|6%AlNmX%sIYf-*zit)=F^8}E8IlCcbUYh4D{2dj=hf!LKd`w!jeO_
zzMl@9M2xtHOi1p@3MynJ$Zg2{VLv3Gp%eB-Ieczt80Q$98QeX&tEF_$^N-|PTgJG$
zjR4JF#-(eGHnEbO0hf<za`HfLlU`-~gfD@aEwbQlqz&>O%23VGbP?$a3JxUlJUQhL
z%&d5<W$_@_HO?bL_Z3oakpR&#>$yI~<&?BE*AqHn8)N=Q?3}Qdyh0P4%?xMdAAuWW
zT*>sCb{wll2rY)+pen+CZYa2ZOM^cn1nN8wpH{0xaEx2Nc+pNn_tP^&@fYUSH;C`4
zfsM<So7{nqXm14-HsNF471!eh$5%PVw4PNKbY!6393GaaP0)Oe%7YBkx9gIY;etvo
zr3D)D#@-K4uCr5=(@5SE(6!Zm&QZ=p_qa3+wS}vPQI7txOoRDB(gQVB9{ND{-UccX
zERdTV^wdn<FoN1c-cf<Vx#lfRm*5#eJ$j_bog0qB!3H&$j5|=spOY~Ei8GxDCEYuL
zqgi15_j<^)cIT$Ct><D5+ZB7g%+wR-yGjEOI-!*8?g%8j67W(A?~3iXP$}@b6xsW)
ztRH9ezhD}xRKK?h|1#0fPq>pZHSzQTv^AjB*>cg{KqKpXF6baR_AKb*UzKS6oq=a&
zIF9J~UfqbRYWw%<l&{dgSu%~}XuZvi65UKu%rNXM<(2`XN-(rnIqefGq;#m^0WJ;y
zaHN1`)|uF|siPfMWiG*vo9l2O`?@SzPAC4vN+M)^bffUQdYrNQIW%)fq2UKs$#FHR
z-!-7)!;Y7364|AIKBAmJ_%oq!1Xv)FhW|>*$v1YUq@>`DvC19#pB+`=%M^b7An;B3
z&QAU@@3e^sA8Hq$nbt;C`gx!IW?KQmwKjY0>pr_?no40wzLYc40*}CO*0rF%YcYW=
zDVOKo6LlJ6{unS%W?p{ntz4*ZZmGGIavje6ehj<RtWqRdu?MNYpuI=KL=WwAcwPLh
zZKJMtcjvV}=|yg}{(oD&)y6d1Fuc=j1YE-4pE*CAZLptI^jFM&;a`7|SO`r$Us?r6
zv<HN;`ywa(&h}n4;qgey<tP>b?XYbd6*nlQyZ>}2NVvl3Bv+;fAlh9d*zw3YoP+y}
zh=>Pjo&H9^R|%!2clYk^aNW=Hjcxg83wN#3dLVk0VQ<Qeu((h1=QOw#(E#d*zr+ac
z>-9r6cO@a;hwjd)dR3p$gx1?pH5^3s2dJW9MPa+HDT&fp87VNV^J-dru=q%I)KXW*
zmaV#SSdOC9K4>$&eJ?*OBsq)QdVQ`a&M4L2H}2yArl*aMXK7_O%w?v{C_deNOk$!&
zVS6v_5BFuJ(?8o+#ADmjkc}~Nu%0YDlG8FOyeor}e+y`(Gl`>}8PR2F2wy>tnQ_wx
zjocxGTbC6paSyo3MK1_&rh}g#(#74n@B2LbK<aYlAfI&vA*2X<azZ-|^whxd+ZGa4
zYBJp%0|E$yCQ<i(`K`2Dtp`uX$jiG^np!(H+W?-7MG<3|U>q^=$aV=-;A&g=+D&*2
zW~(PvnaJQcR4x9u=rlavo+G_83wv4Ns5?gv>f_p)?}*<|1?m^#3R3s?71nrbaX}kz
z6&7}wzqoG`_r<646dCte+pv)tF<i0J#Jt3~sxW&g(0!-imGR0IGI?2fj9laAp0HMO
z)s#a2B;2B*0oB9_d!dFcOalb=d$ut=;)Qv4u||kv2Zso7NuDk22YTyNtNe&#1JnS=
zy3(V1vF9Ipc$7;22C<oOIyBx2_(C!TwuC@Dy;m}6_cM^PrKRMz@i2a3T$P2lDFH#a
z)s%Zyfpdb~DeLutiZ~Dd>F;_*wAL$}ex1)HQlFYj1q8Rn=Las-Bs9D7_Q%)k_P5oJ
zL3hZ|g|NdQ^Q>T^6w9b>6cp&uC#GHcCi)3D&~}BiA=6vN^g!?DIS;Cet5|&ba;xj&
z4+TA(&#vH=5dW^)FQ0t2L)!(>{@m(NM=htamonuA2E@#sjaGW)Mck`OR!zvZQFI|d
zH3>AB;pI149LXZ5jRJlKbYkU>CBmie%g5dWXZoL)nXscGPy^s5qQ`06gmWvjm5!k=
zBv@_t*z#_rX)t!@grzl~+!z@vH9Qb7q>Osi4GT~>lL)zFw#FZUhKvL9L)*1q#}*e$
zLwVH?-*h;&w$^84gda{YX^9n1NJz-9th`b6%N+8;KIQ)GP1W}xqIeiO8SRb;Eq<pk
zkoVH8&P9DJ_`WhOF4pYH6CvCiw`?g{)q*7jBYHhUi#WHr(Q>ADTM#lod6kpe+t9xa
z(YD-Be${W9mNw<r&gyCQ(M1}Vx$2l{=a+O$x8cU-%`>!8OZ)67G@6uKoH*?>kNfUo
zp0`n5R`&oc*j0IKa8XT1XbGp&hccs9T$ukB7XLmz8#}Q3;ENsFZ`xoihOIjUCB}H~
z2lkd<wp4R(_t?)lJrPofHLo&hY<K7V`^<d)+-qS_Zp6=0>J>0@p=>6OEh%q(^30h$
zAf|heWHV)f<GSgR!q;b@2<tC{B!RaUI3tmMOe_7}z&evEG1}WkGC5C2fsAp%2qq`h
z+!rMw3d{!zg!~!E9(xYSiUNjFCd50&N_poNKrAoCXpiLEoA;Z4(q(~|^3$Hw)%cX{
z^6_UYd?Amu9Qv<odQEt~^PddcqsgulUm&H78zv6=DJg01TNE?K33Y8?e?uc>yjA3E
zXWB^VNtLd=Qc9|DOFR@)1E)V@y)I_hkcU3{FZ-bPXzZ8JXJog~v_QD8GFR(B*g$a3
z;jJT|P|7_9n)c-Gu}{Ou`%C@h(31IXC0dBJHK<A~<J^*8%8D%mhGJ!`L`$49)XL33
z1Q(6XlD=Ler;X=jW(d~qK2X~reB9fu={2<O^Rq%x8FG>?^#|$pgNrZ1lm^%`oAdu<
znjJ0*UVVEzQPJ2ull>wfYJf&gI!i-c9^ft&{A>Qj)kvvDn5PtxI{)Y^DwVZv-d5@1
z%_pM%z+R*tLaFBdEg^%r{dU(gi*`JIsVZu_BEbm6t$z7^Mvt-!kP#=l6<F{BxaqPY
z1!XDh`qgW7?w65yvFJfWNhQG4T5)6Lmimjrl^{L3kl}u*;Le2`jGa~(zmx@e6!f@j
z9DSoj8B~b#U;(^<BZ_8jl*EW%sMDPB!Go}$sk?vN)1gD4KfU@!6djvw3<92HP32rF
ziEhu1ejVNSS+Br(@f~L{kTrPeXRvdQpy3~_%lq2Y*B<rkvGc2(I^O;{VkfyhE&&Qe
z#gd;SPe0?39G&-EYxG9B7Y&s;94m||DviwM$&G_{(Mrg^m9mW&?+QOnu);5&Q^psI
z44Ihoz58Sc<W}_1_@%BqVa3dg(6URH2t@-nRWX;2zZ?xvOHFkAuNGgxH-0WD_TSQf
z_Y<94Kh^}U6m#}t?n_0S6=kkmt4ydJXFV4)M7SOlboxO1|Kem9yS7jD{dvesuI9(W
z5SD1={#((1S@q>YpElKc>$(l6xw*KjezQqCMc(gUA}MABj?Vsq5LdGQMkA_kLMnhQ
zBCMI2d%7_1wNQ}MI*jfqlILz!ocB(HeU~Lh8&?Oj7^aC!32T#7eRX@p@z~dj9Cr*B
zPB#s1gzfj@FAoF}bMigdkf5MVH9tZkL&dSK#$q6-Cy^I7`JOd}EKL5Tsx9r(nx3$z
ze}IA?kr|jonz^=Acq2bAH1{1K+$4{=FpkdpPD5H&HKgL^vj#lW3FiWa^zYy6Q5MjP
z+4@lEv*n6!e+k-Mtwm0h#HiU=L$$P|{_&ij>&O1j#ryQ>Q#T5WMg};OXW1_rR?NeC
zmTr>y#3wu@HKucb_I4ibo6AuB!Fp>KJs%);FYr<G7t_<@z2e%)DN18%sz!j4n2>Q}
zxr{nGUOkY$L6lWpDDiPoO9wI!28ynzZ_5j74;`q~7;eQomrKAaUty|dv3pxr6Y$N<
zR-32|bAsbBK9r_P#^tz^bf1>WpvEYx8ku`RJWlGs8&Frf#Hr4yAC*h`qlDmeiw}nW
z)b!YVx9%v>;G8^7fi|uA-{DHT9}5+(#!51XLY1qH+{28qPyh5c{=V}=x4sMT=le`t
zap~O7P^0}WqjUsvw&eTwM@LjMZKo&-+gbq`N_m-;9^w%`s>6gy?Y3{Y0=|;hiD=M|
zYiG4HdMr^c<At+);~CUTYfqy-V+|#*YOe%aDvnUgAu?DG>~Av@9=5lULmnuBDVzOj
z-=0U)tT+n;J#EqMf-nrF>r#fu6M{CC6gWF)h~D226W$!E{eu3aR^}2ju%w1mFvQWq
zOGr*O)>VV)s>lpF#kuc`e8<m3%|ACOkZI3;nHjo0-+Iu~aNn03pq$|#x$g{@9!^DS
zs(Fv6Dw$y>bd|>gv1$<h{BPg>#JQX<Zcaj&InH{|3@>h=3`I3_psDzN(7Ib0f7g7+
zn`<FSwFb~X+|8Rw5pPCm26c0ZMZ-E_-tWux_B8{CQ;P~}rAtA%QYEcZ>FP*NUSWzX
z{!P1CT`{X#Ds50Jj`6hhWd0cqe@&f@{fyd~eYDOU@(qtp^;+n}o--(5Z^j(t=@D#8
z<*F2-#;<qs@M+*yw*3SJFwpkY%GLqAkv1jUbRh3ywc+U|-#VQ!wMrZ@O3D4*hIhU<
zCAUq@W&e-unO6<$$&yP}it+Y&>d<w(-}a92mlHxpR@Mf?V<pxeFbp0~8qjsWWIfk*
zzrybZJ&&wSocqgvVt#>)?q7a7!u|IIBFpSs7N~hrbcqkZS@`=PV8NeAJ#Ujzrr6#q
z(~S`Xyr{?8-O9kx1gLJ+{yM`ph;Xv;mB$y(B_|XrO8r848*5HlbSIb9+Dm`GK=u$p
ziIf|he~DLBE4$nX<M-UycCf-PK)08tx%G#c1Vbx<#}E?;E7uc5GUR>>_Ls@2g+*B!
zAkuqUr@?)C+2$0V?RppW)%!a9)6@)oEQWNgnLeVheWVMZl(ElCDw=!t>JU8QK<%|%
zF0?EfHyIyf)TBp|T0kH+=25~jplpLee;O);Cm~hVGe?Fn#W!-v%#b8#2I0=FLs8w`
zL71#I);$KBWH_Di9~<JP9<U*jeAtys?47mpGiI2W+PmcSb6PyL+ks7Y&onzR8<a&n
zahmGLPdo|lGG3XPdyNZZXgC?vsrcZR2`SmGvL-!?s%Dt=d*QC+?rSVJRUh$t_XJ{>
zTAOOlGsY{RGFy)PdI`bTM_@uQCDW?Gqg3OHPZ!9sv>YYYaqVFEwxOy<cxR6==XnoQ
zu_MHO<~l0+DAK-zuEcYT_K$Py-_9t2?FRHx<xdJ1Py_$2#4`Yr9#Jv70l)gEfgsu3
z%lQ3E6b0-|ps9s@-TtKK<U3GuA;hxmWq7!QMrC)3o5R9T-YZ^;>&8k>F*RMm2|W;T
z3c2ns-1yBY9`AxXg<mkmn=WppckPs!3Jv_>TsV}SbR?k5QB*Z6mnT2|j!>1NZT=r*
zazXJOm8~BSg}wAOg!=T(BP!nv2YQ2ZXdevBl5@3+b7OD0{k_~kChu8sl>q@wXMR$t
z51FYRRFaTiUY+UDTT?g2{nqQB`dL9nQZKCIp<PEc{%fj5=hTh)oKWIEVVf08aUZiM
z*CzVa>2dqr!TciVWv<PlQ;dlFyN6ix9$N#NO1x;7dO-$V*_q_xI&88OJvB|?yI6Fu
z<gv9Hn9ya~mF>R$WJZ41wMidsQ)9BfO(CvLHjjbd*VLx|h4<!>Q!laXI^PPmyHQi{
zRWN8v0K=oWn6Z=>y8Q)~Y8Zxbi>mkOEYrR68-=N8G6x7Sd94;Mq0jzpP?3^<{P7n&
z0{~d+e!51#WiqLZLIu)(56sdG1@450tS>~!Xq?+zWs4I@Z7%`wUa_#!t8KJX)1Awo
zq7NngS4-dgDk|1NzpFwFsr+zbyd3FikVw>U_#>pmz$N0|*!R~Kti|5E>o)1Nw(aoq
zSTR~L<GD4tIaPAt!yh4=VJ=6$Oa;mv_H}i2y@W6#g&3*^DY-U=5h*EC1HXU4kryJZ
z{dN;1^f#U3p1LW6%|E3DN#S3(-`1-NF5-?luI*#&RhC4oRKe8Oe|;9nDi|ZzeNwEl
z(ZZlp*RO!<exru9_SNi=%qH9aey-1>6H`)(5uw}nva_?1P(&Cv&^NIN33Mv9uk$!y
zbqL;^dA#>0xjtFjiZFFN3I@;j0@(4w+Mzb)wgLG71GvO`(hv+z4Bc7LJ19%w7PPQK
znB@FZ=`rUkuqck)qMW#7ak9J|Hf0>GvJ`b#?Gf&+T5<YiaNkuj2pdbjh65~6$fv*!
zMrm>Z3se_qY$wkCc;N`8q)?0~w>PeCOVRu7zN*uY&5@D|QOn-z_o7TXB7Fh^@TPi+
z!4h2R{N6ixcgW6-vWp^1dr$3>{tg%p@u2}s9Zz3aaQm4<Q#!co3tq|O3?``!prZ_t
zVm%^PA2{BO!|pzFT#p&jEBIToG;oLTQ?m4C1QO#aM6Mi;^ifrtJqIhbHZ^R-Kb9vN
zhCbyw#95rW%N66mZv#cE`<VwXP0%+Eb2vW_s9|r=C`@pZ?T9g%Y1(awfto4`N9V=g
z|2!Ca_VnLVFaE(&_!_Yy-jb2h{WE{~8xK$!PDD5^5+U#*2Rz&|IeUKR(YXIah~DM^
zH`b`5K`td^CN4`Akm!}3DbEx~-S5iOyie%+Kdryz)8`6GDHXykC2wf3r#_xdv*v-?
zRn~|d*TM>PYaoTY8~tJ6u3SYGy5}m}aQNy=8ftf`4wWB*eBVbOFdg}&3K^pa0=uMv
zB_%GCw7h>ha@#LMHEU<?xT`#A%8t<@w$3pl*Nc1AKj!i7%XS{O6bcz6&o!dl|9Pk1
z!MeJUhMAT7>M($Y3F|MiQ%@E-kc>Sz%o0X^5}AG$x*R_022c|;O#MT}*L&~Fg2rn7
z+}*>xM|takv<T2hNBU<o9h)gH+UnbH7~&oh>qMgc_2%>uK5Kx2RQ&q&QR@-toPX9T
zvWRup<>a%{-;Qdq<4iZftTPJV!8m+DaKdh<Scu>EWW&r>)67y6H=+#e@h;k;=}0Dv
z@KI~W#^uP?_q2X>{Eug4rtj+vU0Ds9%{3;K#iPHH^kO#Zv%hO{Dmr5(CTz}C!H?Uc
z@KzH7nB;bJYj4|lfg)nT^b6K@#CnBTvrN43_Zs|tu;Z|zrRCOsGLXJ_jw}KY4)BSa
z4t9IzSkY3YWd%F*ZyzqJ0VzktBYKWa103APZ{H8qAsz<Z2`Ig)KYh^qLA)PhZhZ@E
z-S!Yj8(agYDgg!ZVQ8CTUhTcR_ky0fRe?#G*$bzg;*<Oh+tiVbQGjrvI75#;%|I3h
zx}#kBj9IiZ4UGyd^2d>yL5T&|qE>FPx+8TOyT;qb(A>>bo0?Uq72YjhDWFd~YGa<g
z!&TE$$0~*I;oO`F#(V>Mtvx*<NBm{RCk?D>7NGc0D6^Ggmzo8-HGIa(D4R#e{Auh0
z7O9!^$DK5=0P|_YiU1`zhZ`#Tz7hNPQC&3E(Pm<hri24=D@bW@9^u;yx^}P;vZj*R
z_P|5u>Ps*m9D2gR0(f_igM_hd%S~Mihq1C9S`wt+F9R#ymJgRH&Mm27{;S!u^<1Ai
z+#Xat0ZLUV3Jqd0#(OXR#)uTCA4|78Vjs?Ta>NMIVbZ0&tLHi(EM6qPK=#?Kw?>qV
z6)*S<tno?vjVujI^`}-25pV4e2b!(dC1WTf&ooJ-KruhUz=De77_lIgHCId@%b09L
z9Vd116@&}<JtTHDCFE)s|G>FcUe)#zK9wyKQu}S|q~o_|pX3*uF37cmQ9(-<<SMZ-
z_1rPQ>7|zM#7b`0$SYy`3mUh)9Vq%ki>ez5D<z$trleRy0`K3J;O`&5a`9z)dmn?L
z6Hi9uzaR<kVwCb`^%BQafCwH>jmqG@$RhUx>^d4AbULb}#GI5c_d6W?o>sL7NTLt*
z=Kv9={tc?cG@W~R7ppi=qmB(%)?Ekm+r?mXnS}*hB<u`$P&**XUvj9=RS2`ao5%v9
z@;eOI$2LGDbW}&N)CI@w)Ei$}d|iC8tF_-?7y?8ifk<2IC4|(aisIu4*1O(@;k?5l
z6R0mZ%u8Ca<(dCV*8SrqeieS<Wb@=@e_lvD4dQ4(OOIu2-UYf+O4MB-yQvi_XfO0f
zDk7v9m42UA1_M6`pZ}FWCa)`ZzT2lV*K7jXwBk!xC}Bi<#|XZMB|QrAD8<loY5d^m
zy_sZqDf@1#cDe)?T@Zbs^tRk;D9moEZGCpNGqi7DayQ=aFFyd0hTT^kHvNH%G1q1i
z;Gyf;TG~$%UIL(kNjcH`sFM28U4tOSn$gtj>8+b_r?kfNG-XJrdN;<%$E@F?Bs=i5
zF2=~2T^ql!+;szC56z71{os#T1{1*;g)SrH!ft7ZgN7@X2R6N&`R`Bf=A+vGO)M^6
z=QFXZcg!)tE-7DouHq3S@Qv?YaAuckgkwI<z|#b9rcZ=_OZ>!En)~FgcLH_O`sK?Q
zs(dMF|FK3Ao&E|B-mtbeBSFT8noBb4n^le7jvqH!&QGch2)l*!htzw-_=>9F??EsQ
z>amumS^e<OXqdf0jhf3SMb+1>%+{KiX+AD1li?Ep)FRPy9L+8I7I*5c=@dqP`6Xco
zP0TxLr%!<G5g`N}|5%H1kFmFKn$aP-ny0%DrIqi8HxASA*25}hum1@d{e9CfqK}iR
z#g9Nj2veSKAKpo-_(BbBHMPxjO;)kUri{~+fL<&^6?K7rE(OD12DlS_nwf){?GkQ6
zCBp^`3`2Fn?YK#!p?}eR=5X`n^XEKEzOn1_Y6Y9uj5nsfc4;96h9G0P^qLTNN|_I9
z+ue`8qz}M0rOvt5K>{17>EVY1%-YC|a95ONl5JB|HOSQ6V;)qA@a^*1S6<2iTDSbu
z1Ng`HExJ*(Y;(+bvPNS@f^8gavi@Xlj^uRyYyGX`NLy2u;0@EXbu?(=N-li>K>0(V
z73=3!koJXLXCgn!9y9TZu|kG{6cpdW3L?pG4b=F(7oSA}CHvyj-;QNmJ9;E(YIh5G
z@0;Tf8AEt$&e-#PtqRoRl3JWcC}wDmleJ3n`UbQ>=2X{esJ^K_O&L$}ZQguv<RSH6
z&<5_Yl~TMBBq0fXBNx%os)9W2bpH0F<9<}X86+2DwO<fH+Wik}A#?3lQo^AZ|4Nqs
z{a|cLWN@Ybe)E9K^ZjSD`hQ!nzn1|@q5n1lu;49#zAFDQ_8agy|1osv*R%iQa}WIj
zwCnnhzxx^E{KweM&p#V}|J&$=M?X8=|J&IA|9bz=&0f;N1aaRS6?4cO>u7)ivPJ)P
z*_<z0{@G^bzl~ma1X-Pq(>9s>7m4ZbU*5b41RnqG4-a1cKR2KMH+$K5CPOo50RD?{
z%?d;}%P!^B<wPJY`}dW#^S?76GFvMEiyt>Uu3C1heb1*qbs5qL*6hbZAg;8j#Et1+
z7^4JeltLW+!FT{2Jm34ChBU=|u&Q)HIhu1=SJnE<+ovfN+9G3#F+CCUWahTZl9;=e
zV0I=X&9W*1oEaNd2fCM51=F)iH6eCZc<`FOEfRyBBHt2L+tK|nnPgp+gq<$lb|Y`V
z<krqAmV2xg?uw3Kh+&Tmio$gpmdhTa`pqvJ6)zce@84JPKrFD$2?0(gf<`|1v?OfL
zSlJ5<W(!XQ%Q8RMb*j(R4qEr4g7Rp;4K0Bsn|+q{)$ZN1j+vp;cPpeJeu9z}48Lf`
zv$txt`~{DbuGt4{?wp=pQTG>DY+Uc^&&gdGv<{q4bfph2nZBEz5R6kyWS}LiaTECC
z=-fz(Z6RIFzgt?k)YQUTHdO7tIzF@j&9j@cE#3cR$Iv$x<i`96ozSjW+mbrHw$8&g
zi()&?O&T^4)?FMJn<lQrKPBgwY9~L`E^ep!npRoh#0#rJ)B@gQhO!ibv<0>eo|zI-
ztxuPBWq^mnD0Hk*%*Nc3gA6pY+{V)eP5KCTM!6Fl5gX-10;CG>X|eOvNhPDffUXVk
zycSfvJsup64-iFJFV^dPa9C_)ss$}PH`&<DD*06CH$Hp@5*Q#1)ak@ux(qwZY%gLq
zD~W?9&bOJY&tug*g$!(98u&#1IK`dS-1Wi*GH;6^ZB3OP5soZ&bbeJzD2*ts?+E=w
z{9$fg0!F7YYTZJ6@rv}yr98#?*8DHWOD(NqE?EhUtmz`@RFc_>h9{GEXF`6L`nsoR
z$V4*`PrPaWu~({U$rAk0Htjmp8hwwnJ&*BR|2TrqbJxT@L|o<bAkyyI6!IufED~8}
zSEeSGD#D>a8YZL;$Np}&3*;Fdg;*?WHWb7RSGpCYCM*Umlr_M-2ppp}11o`7jGGyy
zn4P)@BHfV=`w!m)jU*jGZS&bRKOM3{TlbrH9@-PYw(OE$hM5-?ClVRO>*m9r>vhrR
z=&H*jt6tgrV>3yJN?8|dXmxF&$0`*z-QsS=oYzW0<!w`VjW>EVHnuc`)hkWwHiW_8
zE&;wB)3*F1NtL|VuYx$^v^htl`Hpt}=ZxdFVgG_PH={o@BfR#K;i344bzvP?kL7Ed
zZA!FW0-9EL%siOrkPmpZ8ZAdo@MrXA8d1c72EmrihnnWY5iXNy_bbV7b)-tB55?4P
zz;V@IYrjmyE>Wn*q;RXB%!FlSo}1}{G?&vi7_eQUixh4mRYq<(9e3ycc(4v4#1*I&
z3w^uiyZ;En?`Xiz$)hUuzY%z(vCn{=dOY_1f>gkpS>m?kq?32g)PT0jk1YC+J+y;M
zOC6Kd7HAZw)L&zGSR}}zN?9h*OiMNdZ5tGj0{>CyKPJA%+P&)99=yBTnfLO7clitI
z=nb^ucCckdp|VIp+TuQTk^Y0~pOJ=iIK7V;P^&L#`OG90TWxIzqxYH{gG$0a>BiI;
zG1`~UGDA0Q?mH6EB+Zf$n#~BHj|nTWAHC-9_(+2lUX!~2p+@Fu%UomBJFNwaVdZC5
z^VXl%I^&2y`(X%t1{clf9yF-Vz80sb6rM66?&4Hyn2Gi9;xjXi8EK{sd+lGTmihDh
zP*1)h`N#HRw7XSbZFYr3Xc{!&FllB-bEL{-!wBkbaHgg4S*}J^OoCa!Z<(aLD=xd{
zE^3yW>^mEhGaH*z$2F4N>#WuI|5#oS&nq1seTEty;H~fXDQBbj0AS*Ic_vEo<TI@r
zJ-U|RfKjtrd4Kj3qc*{3d;g26_l#;X(V~X0<ESHwItrrHQ3M18q<2seP>QsK5}MLO
z2t7o)WdP|Sz4w+vXi4Z%5s+R&5=ekZFCic;bojXITkrec{7im5S?la)pS{mH+ozly
z+Gede4<hE-aHE>g%}Zp)iXTW;%J$Qa$p1m)cbE^Ii2|DA?!h8T&+l1`nzbXjZ#M!|
zk3S}4U&?#7g6xN(Nn`z?+zKd+O1iyM=~7P4@cVei4*ik%Y6uucLenk#LGpFG7JHnC
zfNo5WdZ-TJNGw+~w^S=Ce3*o;61&OWOC@O0Gj-XJwv`KL$>-SIWIg?3bKC@r(?Yxn
zynL;~CG;3~q5;9Og75OG?u5o@oNg8%@XH0a!=xZ@ZC+l<AO0{{=cF0QU73AQZyv}S
zehMCpIymBiJYy$K<9J3Z5Ge*ddLtjK^y}L<p7_rht`MnaMrB}TuarAX`n}V!zwygU
zA4b<Y$!$Of+4I%m!7uYqUK<8~4t}8BttoFD#fk^CH=PMOXuH5+OAYi(c$muPl8@<F
zGY_PSZy3ZSl_44gp4=tZUux7%tyR}&SMfI%?BW_cvhmCFS=Lqbz=VVA9pX<UFj&TN
zC~}7?p5L>PEVuf$+4EC{r=fDs$fDPYro{N#JsSr<J+Sp@aq-_ZE8f`V#fR+01dFx`
zcz`n8(h0BOZtJv@Qd)8vYJU2t%Fn25S==!*cFhTOUe9b;7EaIzaZb>XaA7U->yxg*
zdvotWwnEeo2l>cNKlzHUpZXa;g*wI$E;4d7A!-51tfM(m9}oD+w)FAaszUDOl%J{_
z{kMe#YAyw-Necwe8B}C7na^wHS3&JVkvTJV2Nbn=r{jv=ssv*`O`w@NeBk86)2AnU
zX*t8!gVD_VE@>lM+py)*rU&aK0~w9pv$A}HN);$>%2Jk|)k@<Y^sGrvxuPa4n!9<N
zcX#l#-}S)X`ZDc5Jc_gN`8e=Ny~R$T4^7IC_I6tj77aCZ;xh&A?>2kv`DByBd<y<q
z4XLcjCpLhu$a~#<b0|q^J-T^(&?}m&0lC_TUf(dXs5ed?+N91LWVat6uFmf06~@sf
zM>f}GGSOP1^zrWn2;y@lO%6VeyTj!dzEP{c-P=v<kqvJOS&OS3A^Nir=I(c1i_;x;
zE$Xg|cAV(ij<={y1z(8UnfNaN-#Y_f*DViyO>RL*<pOEAv!Nrb&i>AN==yt8jor-i
z)ZfeDut(v4fm*9p6g|tx6ggbzLN$mK=i^fKD(gJPevn~6zE_&t3_^1Q(oDK9_`fIT
z|DQtpPupheSU)E_sTQb@Pe0ht#P+(2fA6RF>nDp#ZEnSsL5XC+g=uwBrAIpO36izC
zXPX^#>+oT1tAp2C;Z$fd(lE^axJ8%7q6(OiGJx+E2`7!r?NtrsHmzQ}Fzc5Znm6W|
zdkLur;o<q1l9}2n$yZ*72E8#?R2L5eO3l5trlZ-x(Y-l{<J*gS3(jZN)3r_oLl6C}
zYThh{99p2r<a|_g$a3eR-fvb%a=nKmg87S(yFo?L$=4u=2Zx%L=n@0Scg!osq0|(a
zUZx6QNPgRp=-p<Sdui<Y2(>nwS9Z)9ha{!fnr^kOuD5t;P--#g=$VY(iEur9QTM^1
zJNgw~IL5@kQFg9$WozF0?8j9~PvVylyQn<P7PG@zeKBWu_~v2jK&tRyImD|I3@Li+
z8a{?OFS)h*LlJyX(@^c#=GO)D&bNA{^fi!otDdxD+l<s*KUwjyRUgMM1*$Z`T3hve
zIf<(a=eQq#Z2*+544i?jET85||5mdfNR|AE<!SBi0gpv#{VKghZFJ68KLavDc?Q+`
zI2?|2pkYP#B=M~$!jlKhCoAKXNeCJ%XLI{FJUJBkHTY~M?=X+NTNh&imm~%#-T-3O
zs||e`G7e*H&kW7xAcUVRlDfB_Ox+F77mo)%eSh|LPZd9zEd5lEwuX)3;w~Ylyw--^
zO{tF_AK)(JHySou!U+AAiEyv8?b<HQMtC;sck4rwRO|oy4u2;WTNi9zU96k<lV2KH
zUXcw#rj;vuTZLj<mGyQ|1Oe6G@vS2kz%O`v2;GO>glsYg-Cf2I?S>~5>7&^T^E-`M
z8>{(pUw8aBU7pCjiE4?RENsa=c@sr$(|9^-XN3kx$+iV_?a)gG(YVS4hbRrSg`MK!
zsrUhH$Z|IAnKfZ-T5HLJ5D@ak1#6fvcwDy7_FH7f-SfD6p}~9|)^KWcN=mo4gqr1A
zPVV-Jv*tHb3CnE*uhtFn*S*7B50fc9%Oq8LdAX}q@6N>C1GB-~Wc$?w%((sAa0=yY
zUGRVy_hG$5d~l-NvMZf(jj8m@tSkK=qb|a+O|Od@+V%FqX7RtXdXp=6e*3L$S>)ZV
zwB|iL+5?5Atw!yhz35X<o5^osUUT5^p2cgsuq7JBewZlPJCWcu(i&o?Yo&Kgy;rr?
zu*#9S+qJVFw&?2~NH1IQi{gR~Zy9AtQ`%eTNeKV^sb5xnKlg^Ix2+^G7>H^|rEa1%
z%#VhIHO}IeR}&Au6@FjcuNT-Zp8fdIz4GN@HVl%;AHx`Wj^&NLoTphOFv2VT^t3`N
za{$70-@yPqY_9J#VC#xjRP#@cJr>@i8t1g$YyiLnPc?&g&!+=JPft%pKYaL<{#Q{!
z(I+;s4DQayeGlu(dY2r@X*BozaaU4WzES=G?#N?jvRvbkOa&2)Ld`?dXujF<ez%>Q
zWKNw-U6M|pT;Mc$Zv5xp=gvJn%Js8d{J{8dWiCG`Gcj1PX#mzT06Vc+Y#C(aY^h-U
zK6+-}n0X5kE_I%7oS1m0KmXm+wd`gp2Pn6U#t*MQ$A9X=Basw4YY%Skk`%1(Xu_H$
z(*O24{@6VRcV4J{1=F!jiV^3{4Qs!ZGSqqN(jQSGqCO2f>+(@4*1wki#V=9Ac5CNu
zRTN&XlT+^jNyYCdLoBwM*Q)?rg5>rNAZq5O_<#5wzalz(;GN{(`?mvp@YZz#h&Ufi
z2yiuR8s{7f`#<FMU9b6I{>gSZp}MIVHJK=@S!0N#8&O!3LMyUi)nYOlWRYyb$bfBg
zYG}a=&en@yH*d2MGcD(&T6kC`Mh53j8?dFe2IG&Vg6VJg&?vJ4Xu%(oekBv5xnme;
zerTZ-4r*2=eeJM1u=6eVf!Nz81wlL28e<0S-Ny$jM3?q?e)7gjUTs8HA_A{5cCO<P
z-F0yAuiNv9$M`E~iS4Vy<Fn1Mda7<%Td2IZ|G#~`LC!P_#<3xdkM4+2Ej-V1_I=^{
zJzM=+Lz|v<FnpyqPO2WJTNYroRihf5e~k->sKOYYw|>+j1GPSG8^N!ezs%p@wn-{X
z)Z7QyGv%UG3yNawRQz6}6++&q^V0ypr9HbtFO?!&5+4#?HF||%Lws7Cx|tktFdSdQ
zJ=A3suk5FxK2L{#F1l3)ad^@euqx&mvK_+wc7G>V&UQHO_T0GdybFrhgP$VTYDx~*
zrix?FzF-ch7ZqI$XJ@~jO3-((TRYrcE+^O(qdh6>wW*#01AF4UCCit!NNSv&2HS?=
zyU^BSmdr7D+4s;@ab2ZohRD7m>s@hni&xbQ2QMA*Ln*RR=CaG&Dq`xH?RczH_j>)D
zm-tRMIaCaBb*SLYG@Co}g#|2HMzM66NoXykp9WeH<wp0#Lw^5rH<tL(2Hmt?et?w^
z*S%;&Ntp_+KT5<b8DUxr=kuMGe)(udB*v#OLyWXEs`ajGV4pX~zOq(-klkNK1*MNv
z)pTdcb~4`_Un3oEcMIT`3U<sl=wzd{xb*(E(0x(2Jxg}Ajq9PyC?(j0y);ooyk#e+
zM7Wbx=ev_o<}?WjugIUeO>1DXuHGpb`}>4i;{!MQ^0C+7eEs-&_)(Eh565Y4zMEYR
zws!x5sPFcZ)X+U=$1lDwU&oahvEj){H<@-=JymX`qzEG_vCqWAo&hxqXO~GspR$bV
z4^v1+HF|lnI%l^^Hx(coi-!2~&!;wS9lNa*bTYpW-ma`U-@BbCm5nR>jdXSI`OJEh
zu_b;wvm3Nc&@}c06TQZc6nE6x1bg=A{>-{5aLz_>7;Qf|i>MCR=uZnYAy`hzz4;70
zM*&nxU^GfjkL)2d>%iw9%kI*2k*cXG^Hm3}X-+|}fYG@Mx{edvrFv(p^WqOHo`!XH
znxvma1e9Eb#nHQraMKF8cFQu?KUR(OEzsI(2I#wE81%C2Nl0fih7Ow-LoXG#ozppV
zHh?b~o}#>rs>ys?c!8yIK?aW7x<w1x2f$B@>&MOsIGJg!Yiz2@T5a(g3>!nvWfEG^
zR5wkQ$`sG73ZzRtHYBUEA2`tFn?CpRiMCyGK~iYHKxI@Ai?2chctHgOd)3yaK0iyd
ze*bNnt!`~dROxf^i2K&vgKJOQ35Cc=mQ1AFZTlym?uQty7=y7n`4x;|Ye7L&Am%5f
z?Z^xPZ;`Fb<x5P$CpM*jxX5m7IQ%zINpr|pgnrU4U){Pzj`R%v(PA5)uvW)<zZe_%
zsI9P21^$+xH}GN+;Z6!RNO{IBQVJ$CH`gb2Uf*ruf~}px1yqXvqWCO8M>nzdDhIl|
zBh!WgjM+FQD>RHXeN+BVb`wi`h*PJGgnEOSwX94%>~NrS&jlWUyT+?rNYr@B&B6Qn
zR6Tc7!>S6qIKHT=;kXUafX1KkM!c=P$9NGYXXBIfK<Fhl;FP=C0)Jv$HL&s@NS%hP
zLnkyd;q6e|g+!jiruXL$vD|~$g%6&t0opx#p=Q=!GQJ?Xp$|rz#P;1Ar^d$pk!O(>
ziA#Bqi%P6>I;!%o0TtZlE(jT6J*`U-VgW;Uv=gOgxDU(KSLsnXX2UpkP@_Y1TE^j9
zS$?rcvfSlKF{@tv^?xfmhacglENh>~_P=%M^-Kj`!ts5~*y!RyZhwnOm8?k<4D0UG
zsOX8*VB=H!iin#~Z-QA%4pQ=3Zn0R8y?<NAbC1%737qdw%3)vkLRvAHqf2o^pKjPQ
z>}}*S7?nOpze{~qYui;krDxX8>-NM$rN^`;pi1-_llGU+p*dC1PB@?ECl5yzMm@Zp
z2FiaExAj|DJAut?omDT@x$*2<RT?p*p#-E3{m8LOr+zaPSs+zC1zu=gWqwQ7QJquM
z=vJVTzK^IBTd@NP37$i?6YBxmyKDAwp-XGey5g%s1woSn4Q#x;1!ji{OMs6xcj7{K
zzh?a9I5=hMngHdY1^7+gCHD?r3}=<%oUPikyGGSNaQ;2hMt7rZtaNMXs5)r|7Mv5*
zg%~r#LTi@IpgvW%SjVOjJ}-FR@EXCqLzfaPG09Ev(BG)ZMcb>uj^KJ`-C*i;?V#5&
ze2~~V57{XtNoFC~_}bsPYp%SS122*>DK)U{0MMcHVvx^_|Md%jAPgeWJ-==;{xOTW
zXx|~xLB$hmpnG?iUK5XvME;YteN_YbMO_!@d^8pI{=B?Ok?7N=ItI)yH!GZy(Z9zG
z;-NX~QVt_~{$L(#UV-lSj2T%HSKWfojv1*wFFfY;32e6g&iX&&7XK+IZjwGOkR4e0
zSuWtFZ<pzga!_ZNpLbsx_m9T;Q$Ve|iT=*>sfZ#nn!l8LMGTOYUK%eDGSo9W4M`yc
zmX462W>e8@q{gdL#<pcgees~<H<2;!sJwW0K+48@^N_hW4OBMH_1+=sE=3G^E3xGI
zl^V%<d0t{t$nO4z)97|!mLj~$l#p5AjkIsh{V7xChaHjK0)R})FH(l(M=NKZ=hZ4y
zkuRz0qw^$kB@E8uUN!*>HahI`VwyBFX!*x_-7Q4h7v=(>zZqf0>8cnO)3WSY+H_kU
z(1vqr7B*BJ<(n$7$O{1swxyMAPc|A}#^|J5F(LhoLB_DQlzac1#nOpa6%wWgjM)0$
z(Of&7UDm0gC8FcCb6?G&dxs9{hfDWcYc&YAzzQP)n_{l~x295r>?#|E^76cHZR*Kd
zZ_sA+B6j87A{aeI&>PgOc_G!-_|*D(LtmvbyH{I<c4sxXnI?UKlnFXn?FH2p|4jM>
zvMVugB>m2LG^tScWkYbc#BzOL*0RlpajxrCT<Rg{M!_5DWV9#oHYcvFN5S#TrLKwL
zb3J0O5e=BDPP=?A6zVx!w=dWKdqdFEtgPEH3!NVtB}#^kC~!5QAf0e_{eU=CVH=#!
zF!zE%fTvTkMBj?scprA6a7q&(YN1-DPTezDtxl78@~%HL=t$DWE~3a)y(q$OQrt8c
zU_SCzdP4H+pit7d%p;Iz_D0vfufzwc39M7$cjuwG>T7+I9&Ew@`7Y!8c4iiQT`*{F
zxO_WX)nT%{W)t8jgX>n18$AN6bV}JI$0;z^4&!|u1?eQ(P&_6pCE?Z<!cmQ<%@V@e
zvg?m=#ZdyoW`xXgOZ;UNS(Nfe0`5fwPSxs%cgskt;R;XD-=Qc^eYXi%md`AE)5!q?
zb_{zN6YDL!lWVM<${2WH{H=ZB7BwXD&t?%&u7>kfXHnI81yB0P8{f%4Oa6%%w;`;@
zA-KK%YM8hnD%^ums4(TkPQYLv&8R!mK};ocQp2EE#pASwx_g*z$^r=t%CE847J*F6
z@c6yUO4g?4zxiRCzi>CnSP>y=+IdO5o_xov2BPNRKdL-iL&{EFH;CIRA?L72)ErwB
zTl!^1$8R&M{W@xR!_ulP;x#URRarhM-@up%!|8iW=t~69Ux~J&aQ863rk{F4TYLvg
zU#irNSLn<*32x)01*rl<pFmC)FRSlw`a-?eX8YeRA>~1vy(0B{SBmAux<`2i)e(#F
zmiLKw2RRl&(mx%bKG5n%u&Dlqj!&9)_QXeI-yc%r_RyhCN*<|ruvD~p<lvH*?CXLL
z=mm7q(r2*&{5AHB66?jgHT%rUEDfrbyVJfMRL)_&e_UG(8L%%SxK^c{>6O@Q;W^;t
zc<4Sq_VBTe7FwWT=96@8!a&-}Cg8Pv!&9wDnpcXN6yxnTqMQXU4HK6*MLgiW?zp<$
zLVmbT+^rAV;ty7x3kn%AwkWRsu1-Bl+^v_!d_)^_?KY>&=fBXtUdR1-c5m)QtmCMs
z5>6d%s!Fzmde7SGcm8(aX`3ALLiMhA^GwX4Ud`X3zcH|HW2n5LOU*;FYpw;n4Q;qn
zlZS^?3{Ay@L9NogZ8p}&ld-B>?aF6DqFZ?3uwCN?j)a|}pGPO8<(1z?6vSg?crkm2
zZpwNsf6$z)9<iSl<cV+*s`nKxB{E>UeP_L>#U;vNR*Qe@?z9V2x{J|tbrtHB#PYC1
z?`kZ+=7kI4|F7EftJV)Jrlx4VQ)%w3{qaapc=_Ni(SK)8ntMX?xmM(b?z}ZXwG{-%
zNkg9QvEM2Eu}l#Ko3@-uu^4H=OX3B!FLe9G%@zkL>L+vsb*}kebrl`hi_++a+pPHT
zXt@0A;i~Vy`aGU{AP4ZRdx~4x;a$$MO(~7y=2#^t+YW80apV{$*p+q}RV*09>#^yL
zy8igo`8=AnM8Z7nVhNb-G+xXVqhi`Q7dhM*n1U(hAmHj9HEP?{gA`D&s&|S@$&}k8
z&GeN4_6yV&m+Tnk6)DT&n-~f#I+^3_DBEn;b4Yb~L`;l0F#MH@S%9fVyRQ4|+3yg9
zjg_rQW#l_=L%l{TVpRe$!#n%g{Ydbb+iY;B?o!`9<jicrpZ(b|^e`rrlxq!m4=h>e
z%STEtwvJ5bo<A1fxt@+_o<DJ%5SL2#7|zeLFN)g|Dxutl?6Qb4S=^YXoh{84HmrXf
ze9h)DR2%dGlL*4qRTkB_mIG6EqFD!V7BhE{GQ}OCA=*7hzW5khw)@SM5+(sbNf!-s
ziwY&9qhXgUmLpt8>M_`9gU;$h4LUN<Cz|`#s=@^-UdDDH1yPi%n!-3x$9b2AEqWUA
z4kf_qJo3%UvgsU%ZhGMJ(-Wf&wkls%UA^ga<AHJHhz;_gJv@8nQgi8p3M1y<=%act
zbXk^+G9ORi_IUqME^G#1Xee`1m0wxep6v|F(hFdG>~wEe=-)F(IB4|;R+*o0fvF>a
zAP~_@mduHN$tb2iqp%f(a?mWJ8xk+ZXD{8^9p&gZh><&xb47hbW{auOJaf>aHHEC5
zA5uzs8<!KnMr}R`o!33~RRIDMtESV+cCshnru*ut+l+syf_FiVX{z`R_l4^M!-=N%
z<5PdExNcZZkK;`*SwKDYHm@WAeN9t>M@So!AnZWtCXVJSOImpm3BkgUe>9cn#?(ku
zg`90XR!eDR-wdyQ(#;N;z|E&|=FyBZG1~;G;hy#ZXmD*CeBA)g9H{ci#n+pEoA}sN
zYk)qB!tU`lALLiC-tEh+IL91M&ygqh_IrW5dqRp~J{fAK{QbNOZzerEG953$s#}&X
zvYqjA4j%=38r;QwaLR^H$@|HrD+!e?IQ)kX*%p%$!_yO{jsh;NJC{dZJBF{5{dbj+
z$rp5i%MZQX4E&6C?kfLi^Quq^GS+=1@9etGf1~uL@vgPok$9pQW;JeSV60<z4Kw`)
zt;4|#s1#Sr4m!y32Smv?4enhBc>L@45w_o^AQnXCoh(1U5S5ikv=XYT(o1zc;!smD
zQ7m}?c3Az3{m$c`mYtz-0j1BZ7>X<J?oRFPi60>tDPK|wkTdbefd=*WKkxto`aXGa
z$K5EJX>gB&!Yi=T7q4rcY7j_wstW-$GH6!*Pi^6c`%MpoY&czi2qx*MnIjxsii{>j
z`IIfo3fw5=Y;qFmh%bUFK-WI&QKw>cg8Ai6|HOEHRG!EcfQRsOzH(tv*83Q+O_}Ww
zJ1w(vZRoZH7&WSCw^7`i(&iC;av;)W#=+vuGan3FFf+_rAMC+;O{%1e{Aoarqv;}!
zlIIVQ);rFc7uYwqA4D%4?n+?~Es^IU6Xy7b+tiUMK3`WzIW^Y@)Okw5RjGRn-<@yz
z1d0fm9R!u3_D*8^BiBEyO{N`I!b#`&RKOmoIxY2@gy*gyA31nOb=&w_CF+HZcqrU8
z`0<eaKe=gR^_|c@8;fJ{*!bBr6;i%Rks$1&d{A}of&Y|a@j32MZ-a4NWIU|ZJS?f0
zV_|x&z3EuBzW*q$h7#ZA((-+^CX|P%-*1PuPcFT+a38AB@Ay3!c~mi+Mp3LduuM8M
zb832wfgNfLAB4Jm{N;x1%XSyeWDf1s#PE-riNwYLVYsJ2UHy4QD)wgBA`DERT}yBJ
zUME_8kP*O@sYOESp0z~dj#g1syfg(I6DR_3Kbop)R}F)7ZM@ZjMYHw9??{fgBs$Vy
zEmX_tMmu16-0?e~zPsrus7kXqN3svOetcJdvRR{EmCSgsel{&u++rvI&OUZ}x6vFC
zPZ|Yx>&b<~9rL~Nt~`{i0!&)X!ZmX+L9@Hu9;aVk$3G6kZ%n)T|3rM}O?zxqS0#VY
zh>GQGCUY}V9QQMsB-ldO_yi`Kw(<GIT`AB&q>ty`fceVX{{M8SoM$sD7gyUgB^)?X
zgZtcOx#KeKtyhZ;Ug&YTVtVOS=@=}aHDG1rNR@I}C*of});MKf4vxOX=}H%dz)-(S
z26DElrzlL4h`_o<=?2M@R=bhi*!i3t7$L@Vu0KCn{mo|Se|rN-p9t5F;VCyUeDe*}
zE3@UF3#ZMUf2uGiEnX9DxP-a5_dH;S1?J(-dUGAy;8^Y}f8;+*vmVgaPQ!sXeU2^)
zEv50;M((nY4n@n#sdq}3Mb4=A_+In4y6apOxYOJ2-MM{%J-6hp>@5x#7DAj%M)N%y
zUeeSt>z~u~>&{LkZq}uoJk3hOSQe%VKmj@~dBxPsSz@kvdb7oagoyHrlDk=QaxcOL
z>}iAc_llEYy?-J{oU}4ytPL%tBMHJ*#RsYvSv-#c(-Mf$fM;7`)iD;^kC9tyf84*%
z34zf<fiqu}tg0l!?NJi(Ld_mAgyX-D7v?G3R0w8yo-1!i{iS4O;5<(Xt8!K`?j&tL
zlkWD7#KNZm)IG1dUOS{7N1L14=WbFYEVA?+K1;aZ_(Kk~yB6(&tq6hsdBV*p68)jO
zoD%eD5M?ykg?KO_sMp#fAMcG!3(u%5^XjHVDiX79>O*U?T7TbdJwiC{apkw@cE=Mx
zBkP@c;_eMN&Ur{2#mf^2fqHeiSVj46qYXuRaaZ_O9Dl>TTHEOGSFY~14CLLqzvte#
zr6YPLk)X_c6c{8a=<4np=V#;UPem6L8iuO%TXIziTCBgIWVMrdv>`6f>Q?-qJ(RNR
zS%?x^mC-QiJX&$G&{aTas>XOw?fBDz;mQ+EDS~lCVqKGAvjup6#Y1@u!sw~Rx?6!9
z@7qyEMRz|c*7txSaV7g%@SVW*EH~{c^GSIATJRoNVt>@#Bn~RJQ@$%!(;SnL3LO^j
zRN@a=)kgQ!kPoY!B;Gy-4l^HS=O4C7hwe&^5;5i0&^*H$yk=E!vWmj{R9BQhdu0el
zVO<i?s2?#9DGL<qrdRf7!x2N7*PSddbycbl>3015+4LYcle6dg!*_+$?0jq@kgqS0
zW%Ky><LKZDN|pIZzR7k;$uM6D@P5HTZYKBly?Y4(rAoSiWOuHc@Z>MLQ9tRKs2K+4
zwQO4^xAUYLpnSxEve}tyQM0Je#4nETKlGS+H2LLD>5XuPBI`<Rmm~g;s==WgnG@WV
zVE)HV$JQ&E-mxwZ?zCI8mnMdP>U@=tcql%NUwCW6NcEysHsfT?0;3srl(DE&pT-ft
zth}Pn$Kb5nnp+ilp|V7w1nE>{2%ZGCDB3PHx|0vF3k|Hv3vJ3Z^0|{)bioMZ(-WI0
z4l5zi0eNT-!LrM(EPnNk51d+R?)Ca)&Fmh{0rI`{vSLrVd8zyw;lBKqh~Y-m{_dvi
z75TIFZ-X*O{19QZw4pkq%E4n}@Fp2U0kXbM83R$rcNy5t+<8zE>pj_PyiEN<DFRIP
z2r{jPM$PJI<v)qn%bdr>XEIhQAg;@i!wI+R-0A5(?oemw{Mb*gAI1@5in(m_i$PQk
zMvAKe(st>ERg^Nchn}@uVYl)otKX?<F8dazr@b7IN^r!?HuMdp21-1vE%SL-jCNOP
z*-8puvNSx69KLq<@SG-rJJ)^pmO5y-<9N+ksKI`=KVP0i<`XVkQ^WDyD9^S@=;kBr
zcnDqdX~Bq36q2)kZ^@7km+QXB2UNrQ+zn~l$nU%++FF${&6`R$nqzM;0%JcwsXl!*
z9T#;BDLKnNY+h<yGfG^K#hp_G&D|<Srl7&3lbEj^J<6}4qvxwe40VD@4fcxo*%K}K
z<<7EDKig#!n9=h$C}C-{R9@$f1gwsAMrPIZku=D@syLRFeARiLv$D^MpU|q(Vh1N4
zWhaj}OkGkT`yB@57x3^566LJduf(8Yi1)bRxxF|K@A&ADpu@_t3H92gYVpeBv*oG(
z|C7$Sn3}2IDWz6BKD(N$=a1+y3Trd{RqYlLm}9ERe%Vi0AGn+X<Ld;ZWqS#={s|s^
z;QB{m^RJp>4hK8qbqNwcS#pDOaZZ`vm3gbk=Ve}$tdxP_o#}>8bmNrrmTPuqTZu1*
zB=8Tws|8Qw7hvN8wjfl?>ebTldQ)+8)R6nu-<2$14?YW1JLkUijrsRloa#SU#^dat
zTRM_Rh#2!)$)G6lk*({a{aKRa+;mKSlwM=nY^L66&x*pBr(MA%myRBn&{li;3n6+I
zqFYczd_Lg<Xm3t7Xgl&nmnP1_IZdI3xcxb(u4nlC^-}jQ#gEdy8R0TAgMLk4$nw~c
zPEJ>7X|C-5clI`sn-@90D=}n1Ia*DW#nLk={{NUkY`#<_FKSkd?iue}U2Ztn{sp#s
z-HfCJzjSsY6T1?hmg3cK9^$&GtvfLKUG)p+<hTt{zv$JzKx>(hfGSUdTj^BlNPUZB
zbyGWJn`*D1bd!E{7~gNEr<#1y&ywEiSFE4d52oIfUtd@=6t1%kO}u@FewR8e#SUDR
z-!R8l+GMV)VRQvrjCRMRvNSREe3J24T?L^jdWzC66>|OIu+|Q~=@_})c}O;Qmi(xk
z9CuH(^585dbNa?va5S6|Sz&(r>(6mXqU%v;ue^LUXX;wwM+L9#7sv01`LW{NWuWqG
z3EXeS;_@1!sQIXwLdgRk3un96-3)t`p8Vp?#&S?;>(=GyPn!+8Xffo-_*9tA#NTBV
z!~DfOq8`=H&?OxR#M&OIxBm3=j`~ySEDxb43X1~rz*!WtV8Od;Qyu-eO-o+5ljt8M
zI+Bzmx+R%fB?N>m2AG$BnPE**lbTPo)em=9JDo<-aPGYe=G6X84|LEp!PYZx<ALc`
zTQL4+l$GD#H_$&A+4nhAX&#fZnpR0<L+Cl_Xg#097tuYoz7LHons6?m9Nbin@QkBp
z@hs+WdA;|Efl#L|!s;G;edbn)G;z_b^T&(E+ceJ#q%rs;%o%EjNp*QP*@M*^d}ItX
zOF9sS1!M6;8&?jl8x571vz<g4+=1{B>(lBz9yOB_;*UDr01dNW3lYCx_rhAmbT6UG
zv;V!iGjXi}{5auF3@=Z%(c7FwFe`R6qp<Utw1XF+$$ea)Y{+&C1mSHCq>|fj`ZFdP
z^>StPFMmXb<&sK|*XFy3{AGs;(2sJgteS*BtrRt4a%2YdIx!|DVT&?(A9YkHT=1~=
zs5?oe?Ul7v*x!5!JCcrpmry)i@u990PU7H}#&gLjk0(HauXu+}SZgfgE5u69u<#vw
zZUx`CMOcqp$Hgd+Bf4s(Q)$G0`ZC^)3~&rxX2@9V$cw3_m8;)f1~vOeoY5Tg&fP;`
z(3F{It|g|~=fv7}y`RShwPrS-7g?3G_*lZ=GJb$Kp<J1jdc$*vQ6i4|9~ilQJ>5dG
z>enxFEx0}PHyThnrD0Sjj62C8K1u(AWRH&!Wcas?B67wQZQ8AGfA;^)Q_Qo<HR=Vd
zZT-_IHO9yi8~@?E6X(vxL!}9X&X{pgac-porxL)2(mygmGlTWk{}~_8X6F5_ckqoy
z)9&*;99rLu+S!_Lg~WFw&l@Ri?<em?F6r#*$KSX!mhzSOOEkFsHDg_Q`MZAVqH8lS
z!H}10QfAumbuGW;_Pez<Ws{BeXPn+saW~+k#^6zag+*3~e$1knZeen&ZygD$l2duq
z*+s;ss10ku=u<UWA*~R$#f$USr8QfA_$HhBeAL+A5>n*D_&A{13b+xsfJ^nwt*A-j
zv$>OwKJ&rCOr+XU!4hX3?YeD2rl8co5rxmPl<PFOQ3fqAl;$MN6>MptE;fv#<Wpi9
zxi5EzvqI0dcMt|#S&wP0K}!+F*+}_b3oFIH?-1y@mA2Lwf&Iy^W9p|9johb`_3KMx
zFN|=L@;n2GT4f_)I~BK&T~d7qtqZVv<;+YM!x#-al!$;`iIBZN<xkwq_TNm^iEp_#
zB>xV-aD98?%b%SFiZdSo{kf{PCTN}T_nYvwL6q(${N<!is@1gRuV44#6|Jyy<<bMq
z$Q6A+(8%y|nf)hFW4L};TPrW0&Oc+=%C!L|%0>t(e6Lyj)Voo^|JT-<FE(USAzkE&
zoMK~#ncTBW^3AQTpcaQo^IYQyoX@QU3AvH^i^(3X8?lG=OPNBTwy;>4>**B-EiYZB
zI(5Gl-;!@P;Aq~tDAbW?I`^OS^5P8l9zaT~6_S4Z<ZeX2dm+C#Ftast+hpmN!hP5L
zLbmnwC6t(k1IkAN8|Lvq`&zs=Zwrv~A>PUk-0}VoUDMok<M<d)-RC|N%Kak+_t5k;
zP8VLYKG_5dQ&+qB7hf4OEs+<kC7zPP(Dqn!Yndy6phEKuNhX|dt!d*d-O+L7Av-pV
zk#(zspTfZHi^|ofewmvLEFS9kwA1p;hZrX3RDGYOG<!?Iw<5LLx^RTGfVh+}>@S%2
zB3IRjSd0qe|MQ|{SDEdUBA!F(!7Cy`*<#Do%f$D)r8Ya8XOMeDWuabaAnh!9UJlv^
z7MyI7Wx(+L;XI7ie0w7M)v87CGcA-QLhtbG76(<rO6*~!$z;S|M9kj*Yn9$26(qxL
zAMj;;xJUv3D_7m}SgtM)LnkkRYDmP?Mm-=2l>7de`l1?KWxzQgZZ#iVA9SXudokCO
z)sQ#sKMwfMbGPn~jeIkS(a)&5OV2_E`kBEXdS5zqF81y_jW*5jfztCR@4Nbf$i`-+
zh-B>^T6$@m5ry#)F5^GN$WoUKk=KhNA|UI&D2%KI)9U5$ZDcP8^0)a-LetD%652dn
z)O2_nO-k7@ds_kt{NcgL=LHoO5udQ?tjrvGyxUWw?YvML<ajrw+3v#xq9ajRY^mu~
z9SJ0h80>e<LmxbkK+>Iog^hKH)Z>AzAXcu2`0_nK_pU}!a1}f3L6FUBQZsS;NEY0K
zlaYLeY1K{aGctDz*0HlL+1AuRrrYwjs~=8>1KkaJop$vR_{@J>jYZKy>WKzmbLINt
zm6XF_-%@398+&!5N{YYqtm@m^wa{@B^#1(fZFig>HI|6o8=vn9STk#K*y|742X-mh
zg>3Q*fzHhDS6O+X60KI8*o9~E`%~$Bq!Rm+_}c@%xGO?>;Y=$D`Xts#nto!E^>&gy
zOM3RAt)h_58&5?axuqY&T4;;+I)`^vo7P?(_)xxu2H3_U5PHCBuS6VlyaFpufrNL-
zl0dG10td!~hR6r~kbrN;s1hVMUL-(nbF29;s6X7(RmaBh$Gw`_qW;l0hHZ|8c?a=3
zlP;=TegEzEVCC5uc~zS{{^6WqPsz8N+FidfZ7A2<18LU&zn2%O<Dd;9vR~BA+Qa+O
z`FBatS?O~c2Ho%d(Sd$7b|LObw>8{^o`h#re(8NA-P3iZE<1{dZgg6&UWWR4<rdCG
z7iS@&6#x&twt}E_2+?drPcK@b_UVOebzVielTvV$pORpnx+AO!%ouy<n{j{jWoW<n
zviZ``-@2yxg9Z1X!b%D%w$6OLe~MKfU(&bDqZDkI$@L%}cnT*ix_Xfhc8T>N+F2Tw
z>4m5dBWwCojFGTi88bM!{a`e{3kT&lJM5-gE#MHcsjT42#g4zeOX;8%IpZ9|Aa;Ko
zTHS3%FAJ1}nY#kDxy0NQN5=<=DYsWCc}(m2jp9^LJ}vj0w)oKp4t~z^e;F=IWZELw
zZUx<R4~)8hXf0kMZQG$r0Xy1>pN$SdTGvL8;0~?VV~8A!L>X>(KpH_eTM-4Is*0zu
zz6CjFD1P>5elF-v9sQpXBfY4Rc&UiU<UlHG8H5h$YPr+=OxyxPrW)R*rsb9w-Qsk)
zH|Gf`mql}^w7G>G%?YRge4=Ij8Bik6tv^;0oJEnX!1SDz-W0sLErf3WhVZ%7Vcs2m
z^3e7!ZTBIj8o-(EYj;S^5~4eapH`3p`R4;OJ%Ks>i-@3C#AQKEik{JAN!2&`TfKMi
zvfyGqJuz#2k|#kW7&ie<g)fLXc7O-F<%J#Z*~Qs>TnO3;INj+HS98*lKa26S4*vf8
zR!|r=72py}X~|cwJS(={$Lp=5T}-yOjjw|BsP1r<LvD<Q6-va;QmAVT8bjE+tRCo9
z`<=E`aoXciddzw$G46p57c|@cHJkVlmXj`|sv6PBSnCQa)@@5J+Pg>g;=PTYqn*iT
zrwV4n>b$MIN2AE|!NpDIA@xVLt`5JPBpL)aTDn6PNkmKywb|ag#gw3GbS9JaQrrx6
z6m7`6S3c*bCUQT1WVN*@qB@l!LrlpdvVztqO7A<H{0=9xD3+mE8wlAG44-+Q?^Rb~
zNq^iS{9JtWL~ySn9hxC*!#TYD=YPy#sk|M3gp!Cmc!cI`;TK1S>cYaTh8eAP#ZGH?
zZLGC7+RXR%4c0otK)UG@Hv*88Teu@o0`6cFtkSctBq1q~E!HFEpp>~)f2l2ti*Xxy
z=3xi8Ox;M`{C#FoPIv9}K?axJXU}qaLa4;Oh)#D_>(=}TTSZI3kEXx7jKca6;)5;F
zyfd<ET{>(R(OJH-rfP%S^aQ@-@+BSY;U})(BmmJ{0>kQ*2>i{DR+on`gbHmVHB9|v
zx|i|`fz#I!iDzkk!YYv3IyTQ#*7_Jk=o2?|{DLTEx!d^6@bYAT*yGjYQ#13KZMDBL
z@&0{l40(dDNe!cMFUx=Hkx)mZ=nyR2;YSds$Y#Ck)*0`wGiAue(#Epu&HihfB{wCP
zb5pv${<Fv~JPG#*ZVNRxE=c_s{NsXMGvKW5;El`AE-(>iGMnY@`;or44%%7AYW)ZO
zv=r>1TlOom|5jjDz~+|4&mkqDDSza`D*<P$G)!!uXY*|_+=9%|mp{FC%N0x>tua)b
z&WKAQ0aL^VTi!o_Hkx}rUce)1C!GIVTd@ph7mQgl-ef&ArSLey8R27By|IyO|D^i+
zeO*z><%^RlHSxNlaLd86=T)DcpGD(fY{Q}IJ)?#vw@X`Hg#|GFNH&TX{js4QKLp5!
zFsZ5GrJ~OSWx72wF7(We#8u(;_kLpVgb$ar-2owAJR4wNn*5ewpX?j%V{lE(O{|N4
zfU4x@^oLu16t-T|xr*QBU-<L^c3@b5AYrO1`T-x0t{Yv$JpB^WAO{wryX7?D`51xy
zv2jKGpP!*9?Rg2Jh<*Z>mF=~p!rY9JGs7updB5}DH`aX~>YK3<S;|G&f2aSm<HKW^
z6h&`(F65bboB*ikx?cwCu{|!zJMF!#E0f(Svqc2GH7f}=1w-_3;BMJLNGfo648?Xl
zN}!`(+74{Cehs2>1h-Fu_G0Nuh%YCbK9gJMmu%M`S`1r|T@7&F5&pkK`sukYLh;!+
z_l^6zJqv?vkmF<_=3NHe4x4tmVSwKEZcJ<W-I5pXl9YG)L+gWnUABx2GnGWcPz|<&
zciCGV5@xv)gHTs_Ui<NVtTE`xReXMjIT3YM#W2S)t~^o^mm1Kdu6u#{&Na<C`pY60
z$58J|?VZC&m(Y^1a}tN+7ZB+*!FC96vgN*mRs_Ok9ks+cG=}^043fxA)HK>*G;z)T
z&JCrnD@{j0j&!-T#e)lYQ!;^_o!z$L`lK-eDo{o4>{ClMAC(uL+1qBB4ZZW$?l`kR
z(w4bNJw%dJ<Q41Vrp7DHxmbOA82X2l0z0oe45TLXfc8OZ<5dB?;R|6mC2Z@vS<qZt
zpk5;t<-&X#h%;~forbf0mw|$arC=rdlTbJx0to|sKTMPl`~<5uHZA!>H$8+WvEmPT
zm$Jp#h}+?H!pmx~L3Os+t8jo8M%4I3I#?=oeu2l&@wY(Lk_+P%oRJo|b9r=VZ#hdI
zo@eUy()^i6%J+lA>}J8JNbXb@uhA@939lHiA%)ePPAD>6^l>Pt39nIUKBJ^%BZ18c
zuAD&fNejF{`hwlB`#*y0ujIyw>)|ovm3XTjRg+;r(j>(w?CCwWL~i82V7yz9|8CXg
zed{<DwdL~3F;onDfb9_R_)->Mb1efB1N+gwpFU7UNq0E0y>KnMj{dK#)Xr@okvQOJ
zL0S37Om{t&+w8%kuCPMBs_p+rJ8kT2BxB!Z#ykpb!Hy-}89h6%Sgy=3uI}ZDFeS)q
z5pRirSBGxos?SzB*kH<f+JNQMh9R?3lzcDtzJwvzdNY3a8=LP!F?T!Gpnc_j{>5Ch
zJmwQ=DPw1Bd5ewB!~R)GHk)(kmqG`>>HR&?M+#Q>lB{0OD$~UY#9fMzyXmTNL=Jkm
z6p42w{`;KL6luC26^nK9vrfe#QV-iUG7T7L+mf4(**8CHwckQZnziY@@;~LhcGWNR
zQ%IX{ET~z@uDmFOGPi0Oaoq#`Va9x(7G9m!GpVPn+jH9~O!u9KXJURn>cXHhzcOus
zejFVi9c3r@;8_&`#A2<wymTe0<jgkl-r^h{R(l#;yCtsI>vLpYNRb?xy<RTHQX@4^
zQp!D`lQfTGlp4x|@=`zM_vh957Xe}OxgNSjHkP%w{Yzx(GFOkj_v+!(h3Z6EtS*{8
z=fO?U@uV_EJNe|l@+rxQ8ff__bhx)ljyS%5k7t+-uOgM;>wFR#KLU3ZKYS7$1sm8S
z#l+ftL8uPk%U<--=>_NorGykn@7hG?bBppXMdU8yw%|r`i2GH@Rg2nSWNo7L=`Vmq
zNfB#)5z8?#7)tOh({t`mPBQ}HP1(cV9W+kj-&_qIJ5FZT?U~rk4?Vc6Wp!|&NywCv
z|H#wa2lK3B-gA6pf!Ik9j!E@9o31+i_hHMem(k^7)`1U#RXIGyOODOIgN>a&oIz%l
zdJS|f2QcaDSbKA(n1kP6M}BhuMYv!jID|VSkfsPF@kz-R2__Q`Y)kk^5fcMF@JD$3
zdzRD6;TrJ^lz%2^wx615H-K(0`}}4N7~~fV>eQWgmN>M%8QRVn+;1=$O0eobaBkh}
zy9IhnR}<=LIQhJM&_lfxe0}!ul1Hwf74wJBylOIeK(NB7_Za@Uf7}?z@IUnPR~31r
zW5VKXQ{m)QupW}(d*ol=bTXa9BxDX_(qaEtmLhOvjj!v>QI>`EyJWH6z01wPcE=yS
zb8_YvEW2ov&x8rB??atEgPi-9sJYb?(wTsa_QbHbti-FsGa}{I{Qq0A17qf>fi#4F
z&;I<$$yCzskiQ+&*EuVmFq8^cQfBvg(JEmhZcll$#6IRn4GVivU5|e~P11WIjkA@t
zni>l;^J;wBec305o3}(3I~mNoM)Wp^Eg1eLbpb{PBJWkK2PWWE>g?=`_IH0uy_h!f
z(QELG^pyAdr&0Q;R&E!5eqUv1U~-Lf@_%S)0!3KOVxFtwd)Oq|DCshhQ&H(f7=IaV
zR7>7+>puPSW5ySNb7c&uIR*%S-oa_AWt$tcqab_fL)J~x-YY2-cCL-d=T}YsP5oq>
z)C>${c3byoQs4TJHGip%XTAbP0bbiqZ1QAPEN@KLF8)-o01acW&}}(xq@w_MU0gb(
zSAc7IoTB(}%dK%G=R)}axpMC7ZFJC%sQRI2-4&?CAfTuhK6c;n%qPoM@R(YDAp<ij
zVaKQ;Ez+un)A~YE0r;>?V)DD6ZicufLu<{k0vn^t4no%0X)Pp;Bfnzoy*d68L}Q#<
z+vEhT!g(qrZ{#{~Dvu3w^5?F8X=wqDUy`yt2udG|6b;BBL3<3$s3Q9a-02BP?7*oq
zEzJFtE9z{Jn_(<t6ODTW)eFE0Nel_@3X9eA8F_oQX*jnfmu<I`eXAr*53Kc5*WS8v
z3CN<fp9OYv>1Tb(g+_yZ|5n%Aw)}&5Ue@GL-nF)lBb0U?q$J*SOYy0VP1ueQ^>=FK
z^9*#+W(a!!q3ynTk@L>9M9?gzcfQHIJdWS9ew%Cf>x+(NoO-5y{a&s?s<q*J<@jE@
z-8?zqN5JFrL@6<IQFDBEn3nErkZt*94lt<wPC2rS?RQ~JoS$Jp-{_YPaL=PU;c6Ls
z>yx}PVAU<90rE-q-4FLUR&h6h52YN-uchZFHPX<UFiR^d-FP%6+Q{D8ab)v#cCeUP
z$262`?am(TfN7fu|31a!7^S<{8=SvbL4ZUo$#(Qi1zK{t{GqRv$_Do|D`b2M-mzGs
zlzjCwd}TfxMwfDk>-2wHDn;ymW${yDXu6nuAp6fNiinQr4=hK4S;xy%_|D%;RYw=a
z#z3}+1b(ofPtB{q2=i8*{IC@|eK_!q?HIF9;cFSuW#)6H0kp-){vgYIK1Hrm0VXsK
z!uH+CpGD^~G#<z(n0T7)4%{qtR*8bw-vbLYVoPFL8sG`_-;K@{>hSy*9+FqW9IYK~
z7UlntSDQebSlJh#a+#HPL4|_4=%sP&jO+6Z-dzXzipTUFc;k%^av`4_n;2|cz>t}O
znAK#Cl8TILYRy6pXHvII!Cb>3TBIr_F|DGo@F@%y#wMprOAVAy+rlN9Q<3#mgBv%(
z5BEeLh`n^o-SCCRQ)#O(C?Pmdd@8Bf6w<{bC(|jk+{%*(HR5hR3!qp<Il7y@9{XIz
zoH1?st0r$(24}JuR=@3*t?0)gAX$6U+E)A{9{tO^P~M<=rpgEas31fo>v5`BO?7@!
zeY5oWFNhi^l^`+L^b!Hxk5|01uS&%%sMOfmBlZ<(6Caom>_~{iSW_!mu3?MkMrnzq
z>lJSud8XR9-~W!2ZO-1Kb*ReaK%1V7)?t7AxJ65uN4by;y!}gfDfN2T;JU>t4yBog
z=-BqBF>wJl(^q17-GPEA;{oz9!hK!^xJ)L2)=&Wp(;F51`_IJ`dYS;{7N|JvGBvz*
z=gJ%Q4l7VI_G^;T0#8{*60<J>p-D^eAXC4~3P1_H2W$ErQXpAEwiqR-yKKUUJ``)D
zhPbp&Fxs7TJ(@f%xUF7i3AUHlzod|?yY6OQ^Y(SimoxrtXfHvTfy)AC3|>@8m@G7V
zxsk{=(BrW^JXb!s$ll9azs)}#vXH~G0<g7WHdNnHvl6Yd=?r?CY8NPKNJ~(u+wP0~
z0NL)j5=#OcQOYu9Z>npqOfDlkKt~H{oj;6a$HhXI#X<9?e2Sa6?iif;c|t~a*0S$C
z&CumuJ({_bZH8RN*1?$|wHZETOf9FSKn(056hA4nafjV4FIaXDc3#Q|Qh2;;Um<c@
z+aYoH&8FfE%`TxoC1f-5wwLEY<Ys>?lcd08q?HpaY&#Vnn@4*l<FxhjKudcQ-$k%L
z=7amiXwkD-hT|Llts7aryLa2A>_$C8Ji{?=`i_5(syJgpw8589_{a%(KItQWRNcuG
zyzyRvN30!~Ntb+V-AD2@^b@DIJU7x@%}9tak|1A94;-lmI5x@~O)HS!TiBLOLK|NU
z(>IM<C+62TXsGKTQ!cAhvgNdzX|k99@tb((<^yf@gV*9jw<BElMt>OXJkq9Ya1YWJ
za^69H9GmNHjS(0vCcHE&W2`tnis~-TrtbZW7WK`3<`^QS!76aHxvq)sU`%!??t^xj
zGe4?~>d&qnb`qqngHB&_m6&|Yat;M>i7)mV)lcoMcG=G@ErBVm9}^Fv*lU_f?ULS*
zPe{JFXZtkN8~g(DyL{zvS6TI&D*4<?kl+8I#JS2YD(hNnD3tjfyD%jKFt;bgo!kzQ
zsX^$Asm@-bm#hZ<ow^a9J=)UZS8a85yfAgHB&#J?WpueYg?p64d`IqNt3)S|#^M<^
zg0qn;rpZ*(q+;|y%%}d*xzMsnvgDN1eUJ&4s0wo>AnmXXdrUi>poy}}I$XdX>z+yP
zbrsUMK=0u#J=*lhUt^{zzNx)<{2dKzq@DjYdM$g6tpLV^Ys)i(>dVPDR`%a<wk^Wr
zg^oB)n-6g+vXT2gcGCXIzOU6PmHGIgg3cTBWB}GHnd~X$CeKpz>iJ1Os$nVJ`gQ;8
zUlk$zSB!3p6twDj=sB<N&VtOU_F|86<<LiuFhrlX#;Y%MM|_|)EGJH7&(~ME#TFOH
zk{Tv4Y;X?`Sd>hCKXD^Yx;6NkYC=)S_xQnVf%Tr21J=lR7I$zed1M0B`M?&=iBN&U
zSeF6Ku}5$pLa>z#x%)%h_4?sJ#rW_P;Y67I<tFABSt+1zd|Fg`Y7Fi%#oUt!%}S`0
zYW4hd=1iFgMyYrT%Xuw~fmR#Q$~A^}qfoG}+m$BFmT!G6=e~a{Cz-L!2U=qZ!ROg#
zMdC>>7AsR6?;b1>kHsK6!sv^fu2m$mU;=pOu2a2zp2F@c6eZo`Bz|KDfiaKY|51JG
z&|3Wx&}3OnWE%68wHAQ+@jopIu0>&5+08ox=7W0`XkP{ie`z=yah7mrI`51EQX|Py
zRI!Jzl8aGZ)%G`N#YK9Ib{HpXMJd~tFIw@$B$;!uMS(Z1;5noras~=Iep=^a!2upD
z7spQV;tHR-LItUzK0_R8_e>mfW)YGjXPEES(SxOCB$XZ?vS_EZG9%a%0iDzM;JJr#
zOXbzk(Grp)`^x%ulswZ)$h9O1n>Pto#*>8-dUOi}_hQG_ChpV)XE){{gXjNa?>obq
z+O|bewy;H!t%!6`kuD;=7ezsk-a7(PL+?ExB1ly!N^e5wkzPYUno<&42t^3JcL;$1
z$y@Am&%I~gbAH@^=e_T~`DcBZnQN`N#+;*%IR>jU#viu0(r;4wP|uyS<S9Nbqx=ev
z)0Zm@g}4LtC$1N3SE#-BeW+=*fNk=yffMuYoOimrpSET{9FEyBLHTSssWdvLy`*`b
z{+-Q?|Hx)Nj+2QNe}`ZNi{3mxyDhbGsUW@vUMW<{0y}$~{5uHF)nIC3R*{*O?61>P
z>#jApT*Q#t9O7<mRg~(ql%ffGskM$BdX((OmOP*K*o8v@cJ|fVa`;$i#oN0s+Q(_I
z1Z^=^t#MXA#&kHGv;xwePO&RhEOb2jdSu=xqHF6o5V(yhlH|~R?`h1j6nHE6)Je^!
zZ?8yynE|(+$?V}5J}m16s|uoDV}vYDnSv7QIE;%inG;_+!2%KH=_USKMl1cIOMo7}
z=|+ejQvc<ZpgmdJ6kvFRG%-2AE^tiRnj-Oz{fr3n_@nDEMK#Tu^5A=+34AKnkxfB$
zzBP(U4IBdX73f*}=SB&7z7#R^+$JC~!Nzrmk*N61SNzF%9Z9P#_%xxa-k}e&Q5(=j
zQ9kfcKU3zz<D->Ch+}MRf{%#wcP$~5s`_M;WjaM#*F#o1spKYgC1*v`S<@s=AJD?l
zWj!De;KGmEq_kFQz_VazavFu$0xD>#4{@E6@-XPO1lP)re}W7%P#xH|;;xP8@qKFN
z&$-r=Nq?H)TI))*bhT?0GTC#X+W%c|f4X8%mC@;any=^C^D=_#%!h-Tte|BZzLUph
z6G~;r9V!omi7ZZcI>tXO^ER3}Z$DqAE$DndH>UG?UANA)S|48hl(lRs&w1j})IKK&
z2(Up-YQJJ9KVmNEyjmeeCKspNq;l_Qr&xQY5V!erq+%*nhCq0gZar1JQ;=J!l_~cJ
zNL8{zdrzR}iTvO<E?m0S<UJ3M7V9*|k{ZmHp4b-c(sD;lwVxpc(Aq*Y=d-=U%u{Sd
zKj_PRx1qBcD#Us6LvD+0kKd`BH%Ia*my?$&dC3)kifqI=Mw@J#^uznF7np1;+S*On
z0wF$4qE9Rb3`$(2>&kyl6(whHyE=6+^28+7?uB;;E4?~QDztWdS=v)d+a8gCZ5ba_
zZgTu!eFZ8QQjZh0E&kE?F>PwK)vMem>!koX^Q}1UD8Jsq`czkMJ?k+ui>-6Va@<lj
z-JZ%qw`&a}=K$8BR^Qg}6zf7$ri`J>zYF^ANKx;w)y!M7pC8xz!^?%$sP~%{G;YEs
zuCi+ploxyFdv!cu6LBHL4M;pHtlaXhn{Zk2kHugYVDX~ucABwPlhdIglv5gi52e|y
zMIAuo&e!<MwjW9P+t*VJTuX(K*)Oi{j#2Xi=c+7buAV;6X^Yxpm|L5-nkB(Xrb50)
zlNGmWD^YEuvZkABr;ht(K!<Wh`R`bsL^nA`Ay{OJg}Uoc-Zg*?UUj-%$?Qdc)B)%q
zmp*|Yb2R5`w`0(LwI{+H9;KY-KJXa3K1bKRD4DUI78eL^jow1eh`nQetUm(jDar2p
zwt~t}AWMkV-Pym-T>B_KvlOa@`gx04CSa6c;8CTGvO`P|2U<wzC6>s{r1F;76i6N8
zd8W#EerXoupE8XYjQO_QKP7jRhYBt+m+LAhz<3gt9bD@cFu*kQ%;%I*8Od+*I2?XV
z<V*T@e^G;9VvzgQxa%0ZBb7tFyoil+Tf><07jK5%$Q1rOqRd>Cu<&6$GJfn8)lbv%
zHEIDZw7JX+yBLpTll6yPznTV1SJuK<G3A}#^aYpk*Y(ccUgE*jDx5f*8&c`*!>Bf<
zblyytm`%nyU|>UrDPyOKwL@u=occ#hB$!JKiI26ObTua%Ek0COQ7+;DuiQLeTuz}i
z>N~2?4T#5bxKxA)=O<M8vV81e|0AU=kcCiJc-<{~C9B=~wp5EYIb3|)BfxCJO60UX
zQrNBrv}~DrRIX}JhgH9sC?eEubftnZX=|kSu-o;sRicQUDlh$Q8D|C|hggOi+heU`
zV__e;0ZYWMLPoO5+@RAb{JCAcFxCfD#}shHnqR6U!sUu=EmWBsc!v3=d5z!@8<;0Q
zp$|KswB=Q9g?$$}Ddc8w6wYc)Hy`TFIB=zMG5zd5aMLEJrq<!inUCmG0@QI9F-c$M
zI$KXo6YLye7||hpr}UHf<HnZkSg$nQ#_M&s%-4ybfhx-_NACyLacPRE8q>)R=PAKX
z_4IrJzBGaKJnHV!l`vJC`pIqa$*3K6N=Kuc^)eg2&?nK^(l2aMO-x*4GNzWlr1Z7l
z39juvUFH^Q?(}Sa_4`E(U=U81(t|&(Y<(e8S9e0!aRS`-g3?`f<`+VveeOw#lzy3x
z_ZXp@6ch3>E#t9DaQfEDWwLia;Z@IiN;8b^@SWU<8WN!<t5<!zSIZqF4^xTm^X?W2
z@76=gQ^us{t=`yrHRW?uX6=9Igsr^EJXe)1ZBlRxMBF+u2zt6igK{)&kyY#$^nO>U
z7~o<P`0nsCa;Sr+!bMX7dzD5w!6+bt*V2iV<_;sT&Vl&G;=L`O-(E31_Ne)8;>0UM
zV^xZtQz(%1tau{ANl}Age<c3FqD;lw{OtR@Fhbv|Q)2lUPV247L-f%_F#TXu;P*&M
zO>eDMnHg~%^P(2m!14f-+0J7#?{hC+iOJ&Ny%z&R!IH0tnmPBo6Es0uF`Q--h+k7_
zDO*X639`U(gBipx+!um>bmY-QtX(&r7kuhMQ!m;gBYT`x*wpoGYaA{H>X5EoDMwmp
zL@4%v<oyeMm|S?tJieKUXk6P-bE!O&EDfx;$ycU`AB`f|dHou<9XK{zL9D5IH>%%m
zcIwj;DXFis5h7&!bm%dR2OYNFi)IK?e}09%8&~rSvAI`2v3zn2S``rzw)xg~*#TMk
zF+FSD0Nn4+^lJa=(0H)`#a_dU$?<qoNMnT}=e2_*SWm{X%w*th5zhd}jD54BTC<kB
z=;xz`YX|F$3>C6t0_F->Wg1bbZYf7*yDQJlN*DJ;z3pq)=0obMn|w2cC(+Xp@g>u>
zOME!KWs9H6dQD}CM@I+m(r=@C14fdqr@HH4zEMvvm*{B))KpSptgo9`O$Rg4r4}*X
z`fhS&Ud{?-Ao|S&e=c_LKct{99txKUDWWlp#Yz@8PjP7=z%yM2?H%uaKo38})5EnC
z^xp5|?8Kb&m3W!=-qWW)C|Gs0D-Pte{tVu4yC>mu63MjjG6Z&CiArDIO%6r7SUfro
zk(#I32psTP2yK+5kBh5R@9sL%`MIYu!4~cI8B^b}l^GM-&LHx&zBhKOE!L#}s0qMX
z&X*ZeO7GR1y3NBrs<g}*i^wGpCu5uJ3|8R08?d3HcjSgE{s_rQr}_hFMQ~vAAGZrY
zP-cD;C5FM5|K+<P@k+vRNT<`T-S6SbGl=UgEzvarilZSv1qCgleM8^%nC2J%G;nxU
z<hsz+u+H*?L9D;_VI0({!%EmHC&95#qj+8w*5`YD^v6}@G+E22fchU0kLzL_E%gGX
z$t8|R@lWomvLXBRl*6maXm0;`%_}|}w53X}lu=COl^x_oD-#STdJMR*Jxxw$LE5~$
zScj9>F?2;GO-A7z=#@fcd}fhL%WQCk>sLjpb!UwkI_e=45zc7{ricFp>AQp>5go`z
z$xYJ5z+n~h60DYH|6>Uc`pNWNr?ZgoNS>ngqG%q3;fMvq{NC8}%^SNLV!8{ELVNtz
zISQOuO0#PwP;t6^F<<j}LJX>Nty%;pg<GFO_wbB*wi@PVb$fjAJNJsC+Oh6e&s1mS
zPh?|<tTnfuBXL|dUYdO|Q+4)c&K$1{l1f{C2xK_FC@WNDhOQ1Nr1K==CvGP{RuD6z
zF8F31QX=DP%x*JgsHm<#9~bZ5&jdQ~yEM)Bk?X$J!7^e<&45bBB2#Z`?S3--)TiJU
zF-$pmtC&t@dlr8hj-Cm+$jISnsHu@DV^TVTShBrl;B@#*Ei1F+%7KoEMBek>THFKR
za8Cq}sKC%(x*mPsOd8c`Rm+mg`RkDA`_s4P5D;~8G5)b-(+%f9f5RIgq}C!L?k!~W
zag%Gk9?81n5Y-_A&h_*IaNdp?Yw>dZgV81Dv3aDFq=(&8qxU{g;{xWM@|mqAk*i2D
zi}XBbY9V(=K<ReU0j`Ey+P0;zKLf%VET>0Z-s{O{7W>vN977V9>ZqPyX_d*XGa=9;
zX@}W%d4Zb7)eb9unQRWh(L1`vbiZZT`c%oZZ#ETW!qk_$RJXPWxs(raOoN#fX&D(+
z@@!GtJ54E0CE};AG;!L*zL9<)lp!}aF_@q5G?G$>m?a`<7HsU@9p5<<i`&(L%C<Ay
zmU)uctyq-MbDoh6<Uc^=wA$(EXqBhotK%(~*s?=IC|G5T40_(Cod~jEcd3R3bI+Gd
z0w?KwGb^d8eY9l)x!vTy&O=lmPu3tdUzzx}-^!YrU08w4oRc{`+eG2Jb=hp!(E7{D
zp=9yG3t2qL$p&<NqsDpNA%U}BN=0NO)Gd?sKdDAiXHnXI8gxrX&<p6<c*n(l>upC{
zw1+EkZ8LJKL<4g-=9MU~P=~Q8ard)B3d(~+(gku{KipT0(|eXJsi&`7)a0)!_DC5G
zwl4c_tcr`!@Z0Y7@o9Z)ml#YGaE^X=g<<2BT0u0!RH&g^E5gw(&tztFd2}R7`4&V?
zPnSrB%JjM6T34VWj2-h2ctyA#=b$Bc{*+UiF%~22kw-&%<w#2dlT`wWt!3J>AAS2X
zEf`JOWH;tVx%y%l<!>7G`Y9&I%^Jp>-yVkT-g(^_hs8SDUndM~4O*NJY%Qj3Bniu!
zh7FXiN?v*Euvm1nn_suMq+}#+s`4kK{${vRyut9{gE)s)dC89?<0DbmG`6Jjbe8Lw
z1QnHs?v+1q%CeKH(x@I9%P!ZA7|P0aN7PS<UXRn8AAJx<aWu%{>tnvv<5wBiV+V;_
z5JE4M<;>1?3$$aKIGVzLBGk<$cYF|6Ui!I&Yq-i`Ybgy5JAYHl_Gq=vN3dQTWg;ke
zZSi3SbMVwW5;jbMlhl*Jv6hkCgvs0N@uKm(TM7-J4Zqr#@3Xg1$v~ol7PgB`RsU2`
z*clYJ^7OjwrFI5s$4?b6v&wF=R9nTJuMOVSW8u?oJW$-kn^Vx!a;Kk@xmZuhp`E7c
zp;X}__qQ2UP87?&;~AZiGu9=tc1&no{3zFfn3y;F+{B`s{Kxzr$7e4zQ0OuG1-X2D
zHG*bx7F5G_9tl!?Q|X$0yMVy*X6R8l+ANd!r~<d_pEW*5x}+1R0#Ro?nDNW&VJ}P*
zRH;J<dw$OOuQ=D$A{I{d47Wzf-$;&)CBCWPWD+^1j~dKR^=nYn4f`1qp527WQUj2~
zILRY&r@mcLixqFdoy4VHaa*t7;)i365+(f<ekQ*c?LDnD|Ie(}rme=M8e}BL3_mdS
zC_)+?izE22S%qgk6o53rK|ooF)flnEZp=a4_RnZm2hYR5W;>r1{BsyH^UT*SsIz8;
zlS+$g)-8X1p$fO<{3ZVuX}1$=lXvx&nQwW={wr(l?Du;>UgFmHcU?RZvRVfr_?kPW
z)Q;HyJR<O?elxrOw;4R=v6;I(z(n&3_FoUU7%;m(x&RcoSSfS)yE^pu>n@M3-(RN*
zjIMq0zpO9d_U+pl)lL6BX?a_z=0D|x4n?nP>F6j#*!>-Xf4`c)r}(D~=Ph@x{(JiL
z6VlSsJoSAe^;pKg`VuRjOk6>gh|QdmDLMA`yMhp%uX-+aNGPu&thcUw3?qxzKC!X&
za_Z~}X1gsFoZ^zsP~Mv5B2w0mD#Yo7I<lVXO_8pXL{O#{CHYqi3v{CQ=*2SWl!UrA
z%m=T5V#<A;qq3oP+ws*ibVm<I^5k6WXZ!}w4ldpiv%d8byJ6FncC<sqYm<XI2#R+d
zyaqSRKTv|YrxE*u7Km!=FY7_reG&Y=Tk1MvEDP+E$Ex2uO~fuO?^IIu0uxQ8#~P<8
zr}X@O^+H#v3!{#22cMcy(`>GJxiO~oG{<2?dX67`KIk-ZeK<U<x}nDS-B!9R()D`v
z46vv<ywY8cLszT4rUnFDDko2t>?e@sXrF_#LM1+AOxh$PuX%g`;cP{Y7=fC;hiXn)
zKS9gsSr*)uw0)yUwOycd<wWuWw)p7qOHSv<urW^Hk)hCLM;q84FRbaF#u7I8wuDbc
z-uKw!W5X~Ck2;=(S2^A0GO8{&_lGEfn4zV~fU>6)F+*>MI$ndsOU~F%Cb1_znJigF
zUoKTBF=o<5lH0{^564@3uP<Tx7AzE|=|wUUFXw#{kr}h4WT)9NEJq$V#)jv%u8;I|
ze4E>AdL%lE7Y4vG`#mby;(Ww5IrEyXm-eT;$-wo7<szRg$-JiJO2~nRo!4^NUZd=g
zN)`*7-JxSvGXYh~m}FoMmHoIN?DG0cfF6_HlaTnj5O2+}1r87$1PXkc+fYNsl*|G&
zce!yoR}@9NQo1|%C>U>3Os4T(=Swzr@4%jZhfFNkz(+&v%dLVomUv{!lFJZ5g{rdV
z913A@+^|_jUe9vN=b+kJqWc|~X6EwRudh4B9g^RCK{19~E%7d>btF|ux0rlz_?b+n
zXUFYqCN^~GA@h40ex=OPUDM25G!Ycxal6<kK{m$$@dlARReKm=(<{kbn95u{dV#2>
z2nvIZ#?PX~Wf~dFa*`JAm-LDFr{(@j?9N<CR@*_wICYPdwIcM9oLsI=;MXX6s*QV}
zd+C#>KCjpJRp~NIt5L~_zPzbVj8Dj4=nv1fAfg1e$yqWBesl+I1lY6?-s&&@#=B&}
zI?~^+?|K1i=@P2)vH7laU3;*+vRIZ_1!8y@^H6VW4M--tD=@%di#5pAm&1J$O}@gl
z-Aq(E=n*4B@R*)Pn*$-j2<x5U5lnUwLJ0vpOa2t)8fd1`lFat}>uN5!EzfuQC{bO<
zQ%p#yO)84wOO?C^L8k^w<t*O%g#R22iY*d*$}JZnFO+F9rddV_4}1cObrX}s+8KZF
zBlM)*h6XD0mx*XRM4}RL96#tK0F=o|bgZs9G<cb;$6S~c$>JD|+7xR$H+~t{z<=Bn
zc{nb{SWPmiOH970M37Nx7n3dPv8`EfV49}m4JcKoDSAY3O7vj(`i*f}lwB$vuRdyq
zi58HIu659<$Y%w<U{}PTPRzij8{{^uruO~^2j=(b$EetZf{fsbJ@*O^kAAec+Dmu2
z$7@pVX}9`^y==PeRG80InOT*{^<2?Yyj8IZd<(N1rxiaDg->Z%Ma+ZVfy94az{WlS
zFX&7>y@m%vU9>F~EU;VF*quA5$<}#io6MB&E-h&Gi3!cLd{ZH}8z=8v994ZpPk5}1
zKW%=jz8ULz!~i^kRtZ+O^H_t7oXfKCWmWZ02$TbnX_KH;T3uJqt2i)W-;LH@++=Nd
zFi02lJxOrnV@=TN>=Wy<6?d<=l(e6SOYTh@k3L;g|7d#do*Nx_<%bx717|o8RX4x<
z>+6gBQl}oDC8>ZcgSjELBfwlS`Ek=}wa#!T277jb1QV{6HfQqGdJd5Ha_^M>tPj%3
zPtWpjUJ=SMzrwmRG*luVr_ACkqxj8`G33+&e;$~+?yuLUbmtB<@Cgw+8Q8li@I;x-
zj8G|PkWOgT1)F^=1P3*!Z;UyQ+DUopZc9D;sPJYK!Px|SDG6<o#TtwAxLFAc;O+~~
z*dVq3Izle$Fw#naWlsLO(JdanGSW*FR5+<^We8Erdv|IAQ=<gRQg`?O1)1#U``^cL
zwn@px#}^qOq+)89-C%DL;m{oomm}un=Gr4Rwi^j8iq+Kb*3PIzH(#H*a&)!enr2K1
zSu>}zY-|JzNSw)0QBei_UEJ?_Z8m52%oj{WZ48q&oIX`LIw)pbO<3Yg^K%Rrj3K4T
z92Jz^EW*pUg7zjaqsTQza4Q-~10w31MkO+=J6gq0X{4Mpo|+NMc?{Bram9HUdv=km
zW&q2c^REufx2N6ID@1|M@(E{%Q@nlo%@`Lx&4gTm==B}Qx<dNl*f6^>0YQ$p?@)A>
z`K1u9^xQ%IVD^jWBmgBhot(0`2_A77ZS;)5lkoKHg+rNKvkgH#Q#pBSJ5|l8;)jis
z$2fl7@joE0!E%7<8_w&MQHcDK%Lo*b(K)FwWF#CG`slw9D8_B1yg+j$AJYLSHsUm-
zqLNj?I4|?eyR`sN<32}&PPvy`+_Q_do6%4mb^oswCu6rMrFNd<)jOkm#8xASc$n;t
zz!RM_-}M1G;?J9yQ~?w9RHytN2e(k&x^o#AVFkXvg_9d@ipzFDUQO?gr7t6?&#5-I
znVLawxIP*Q+)2e)c808()IfI2@KkZy_F~hPXh8T-N&=4uG3Q3zJ7U=mAm{y&(XcO=
zY43Kpe*56#TmFY*>-|;^ZW$cvX+`e^x{;<S&;eKYR|~ir<qZHpe&iVCk)*+%-!0+B
zg=qLgeVELR3WFsA3O^!85mzLoE%qQC2a<fg-n7w=i!eT4LG|+0Z|9cr>33Uv=FT^!
z_+k}g=c?qY)6+9_DH6Rp?Y#VAK^XKdaz{MF72YSDgLE$kW3R|yJMZ%uzdk#kmjJ3!
znb}OcUn@GH%QVOusp3149O9q6NlZx4)ilek8f&ds34u?De+5Wcn@zsKmw8+MLF662
zLE(Bw4ztk@P!Znx(#f)D!9d$;&P2KZPW#Cu5;ix)U=`f9s9|iVxm6m?63F<m`aZN7
zVXoFSaKVWUpr8>gx#t!lTJAs+>DGrzpb)rWDVh%jwJ<B+#J}iLi`IGlK{usZF~-6t
z$bt>wa6w2TUJRU}v)9%v5a?$b6ZE#`5ho0@U;<BH!3j^9sCi`EXq5Wv0C7E_iUmR3
zlQN^&$e><Of8H8E1s6TI-RFh(EFE!%h?$k3GU;jAOOmZeG_c)6>UhAJ5cm`c!)Mif
z7Hxiki7?zd+_u4^c4l;Zy5zeU1Wfwn*^+pF3|0}1N+?UshdujRN8g83DoWGlf6GGg
zoH?du1zI<o6s*pBLsuK?MR|$3AMyqokg?RKqeYKB<IITzypyIb!QWyewdPKWe98uN
zE58fxacHD2V<nGJE4?y&l&Py_V_F5_=>s8Iyneb%!4*g<U2eD6+SU>EXChDs?``_7
zUwfW>8A3+x3k$c!1hhsH@ujmP!6jw;BOgH4!fgZxVE4@4S{IOCsGx_mePYIMCTi4J
z!i<Wo!bP3?46q*_1QV4os7}I|9UttS+7L=Xop<LzqjoQm^2o7!LzZ9~sB%W*yOB`y
zYS|69eg}{$Pjz`0GU4{1;@c+!r@~StOXay;QgT&28(8)$JVgRl_=X{dJHsz)Ipf#H
zbItIFecF^+w;<oTuWtLDS-`y;@3?a7x$Tn%%m<Dz?-Ac}Hyt$zNLD*H#~X+h?Hs>n
z7*q4Th_;*kPQm#3>(!5>qkSb0v@;qjOn|y@uE9!RfpGL(wHKyrjwM@G@YSXW0~(?$
zB|BZDAuGDD>^=FRRqq6KQw6_Gim#ZWR*Oz{&>xjD%f;{cu0iBl&Cs1)4&ReDgf|!M
zCd~~C&q!&aVFwUAdK45Z?)|1vHBLuic}3DNz?71$5R~ElDeX@Rwfe;oV0zlYAuZ;Y
z5^dLxDp%g$zE;29;T%ztpgLGq88S&YvO1sREA^<lxpOCjxlD^K&B`r-VIMm*OqFCo
zo%43*S1C82qH+*W-e$0Ty;QGZ!TEfrDzjvD$Uxb1M?Wa=a?V03ezn?E50zY!Q=}56
z<<7uNUt%u8F6kp|(JV{UE(nKkA^bnK3RTXph2w)fD|&f&ZU=NI1RS1<+2`G?R#R<K
zgn5cOSU6OA9FQjM4_f1&^gd(DN-z4_smXk5^*K6*=k_6G>AsiqJ0L9mS~8i&2x&|!
zbWQQhK7kqvdt&Wa?|8b$BQicO;%<-TKk_|mm1BERi?O5={KjlkE48EBXawhze-fNN
z@LK-Ob}-)Ie6vy_x-Q^C;QOp!>mh4eh-!|d8>@%jkCVrgsWbhW5)a`XFM~sSHH{7+
z*-X=AG_J1tmN0=Ivvh&pF?4KgIK6@@LgiD&8>#gcP3xWFllgApV=Ht}#f;z%F}x&R
zL`UD<_)@EOXB-uP;?iY-J1sALgK?K+jux%cq{gDqy!D_p51f>^)OzPn!BbFZ`NUAB
z##dXJBf$N8X3l=a<otrcMDUEh^FEr@yUMM+&je%m=!sA=K1z7VR&}I@nX_eY6n{>}
zc*!|9R}>C2rjH-2PJOJ_?2w0V$`DAP2W5uUvD;5R_*{ANmRqzt$fBH~^i9qCzwL{t
zdGDB7CxhBiPIcnpfX}n&S`o$H9E&D%3y{(f8!2^%Hm(in%HE`EpURMvW=bBH1!?#5
zc<kis?hXYVuLCY6Ib>AAg(SnXQvTfduu~^st$d3I^t=8r6}Uvgx%<^4b=_4j)`R=O
z(JXi*1iK6KU8|5<*$C^&8ngE8<jTp_p28RwZXu3Kc`NfYGPGTyG)Fw~cpi?i-W&0$
zg^Z@zv$TIe=uQ_79Ca5|9mMr4W843r`+8|W@DrPzTp=X;ICWcXGb`qtS;MdOh2pdH
zT<2Or!r4pM{ur6fCcmz?uQU%M0K!$<E>`}r4U=d+R~Dx;O!ivXP7~*E2HVEDpNCCZ
zkOt}bHc%MkS1(D|G*(FF9ExKg=k#5hVU;T;Hh|OaGf>p7;h@bjV+9=x_K*yu;3he1
zyUwTEBfUdURM(M*izCR@T>1)f39{^0?EUFWbS_BSV23RD_SbJ(Lq|%YcPjA7=6=Do
zqFX-=Qu}_o12dABNN4`p+kRCg+WpXR?wE{^a9~R#_Ka&OmspxTEr&UODsPjbe}<%3
zsuQndEes<qM=alGvyqG3`Hq1npipoBTtR#2Jo3&4sy5=2##`GNF$?zrk2h0ZcV8Nv
zr)P797z(k)f_Y8z(Q?AA=zJAtLVrt`W_0Q#p7QOD&K_VAW;)QOyGnD_4Rh`LSniQ!
zG(m^|oDK8wOOUL9=V3Kx)|e30KoY36lKXhQS-4MHZt_F^fQ1OaP*M#A9z3-yU!-_T
z8RLb#`FQ3;47@qhX8$~W?p3?v`FcGR<Q)*d-}gv$7QOd&<wID!QgjlFK_#pwVo1!r
zb=hLtpp`PY7gMLmOW6IC6)=BQ1}kM97GzY^i_nDvoROr-tU@%{iskk*`!QTPv(uNW
z?Y;w*z?y+;i}$vBd!b{XQwQ!g@jp`KhR$m|+IEf7(wUsVHM51t401+56=<d-mp5u2
z=qUc3T}>pxP4eDdeSwbt_#kHS*E=H;9V@GZ^tf>L>;Re-r{Q%uc-~4#<qHjITy#o#
z-|!Vl7J!Dg**xI%{CsXD-#NMw`}<h+FST^t@mE31>2ibpwg#8qKnWGgu_BV{cJ?Fj
zwwIRMq8`Z&efV=(#Nm!h&;USf>es8)c&i<97OG8VLL7C;LQqF?FP&Czx_eB-Z}s{f
zdK<K=O<jvchyKQHw#33)FaIZnecl><TA05(adyf&GLnGMQw3%jvfnf_gF?k%E=4mh
zG+f~$&OSK>B?5w9IJu7ikar;C)Rt#BND{lp<ZO&>GWXxU%7^drJYvLDsWk6cfqSU4
z;v$wX%hM4wl9n0_R61@^FeOevmyFL|Bg&q9SVq36V%af+u3xqeYdIhGXYIO3mTr1G
zxr;}%`jOKRgNx^($B2}=dwv}H9UD*0Hl4K3VZ*tIVDACx>HYcnO_WG)JPpImZ@JV9
z_Mb_O1hc;s&0S4fTnjWC&93lKeR(aI21t#wnfGmjb#O#Owve3QkmmilRA8nm$l0P<
z7b#P%YqVT*!8s|CLDOZl#cyrJC`F5PD`niaOIPQzWEV;s_Tq;Jl_*R~1JE=XBY<U5
zo{^z9X%CHAPxfNFvqfDlK_xRf&jAySxSn+WWcHpw^q!Y2`pzboxq*414j{Sm_}cu8
zeM36WQHQUAZ$JMN)?DIGe7}C-?m_iVq7a;7X#INp+t}7RTiUf|I$ocN+1oO^iz5M>
z?Tu-ovfAyixR6>K0H`U1Wuil|j6m*&<jw9I+HYktPopRjCIcHhIjrffJ<jW@M;C9G
z0SO>YGf_jIT;<=+yJT2{TW}-rAY&@9Z(9DD_Z&mHi+RMwPM2?9T6sOiyBHA{?{dBu
zK{-|HHFRHQ@32b0MCtRIU-8MLK|9~AY$+CEsqeS@kbaL}OOBmHIiVX-9BE?OS%~5F
z1pa5*K<!?VN7o`flbp$*q}DXkj=Ss3;t-&Iap)a}=-RntjAK`Y3ipF2IN2t7W#;lt
zCh0aU{~fOgo=q9aJoAY_=GwD7Yam%ogXW(koe9sdmthvni0<Q?A~wB<3E4|ZslCOY
z%q(XKc2*7A)-D@Y3ksr<e)y!i^)!^_v`Z)ezeg_Y`ziIES$UZr<E9wKTaWWr)+tXw
zO`|=)LNMmN6KdzJOo2Z)LO%|%^qPJy-hFYvnqz))#YVqgr*-TM$B!MQhVpiZ6n{6o
zYq?<Op#DjQ*35>JN$x`LcKdnAJYUpgnpN;n<7R+D#f=Fh8<o}<n!8l2+kP#oh>C{^
zdWpPLOTDo*r#G%A!djI$yWK-<dSza*##nXN2z)?t#WA_~EOLSBBa6M&b>z$PBE<tl
z99+*V%46XKZTMN2r*ZK3y3I;yYxkugGoks-o!;IkBEa4%bZr{-W0@A#TB>y{DCuo&
z6%2U#tY;rCElYfoes^88wAhRDZ{j?SZPme!`C!_cfRh`U#gPQ(3aiPW5+B}x9-eM#
z1Cz{hvq&b`uiMKTQ74j*zbo`-l>Q1{2E|$_P6V31x**B3y*ft|R_FU`oQJ>Uq_fi>
z_SY+cD0bz*kHsBdn@C(q?wz!OzkrTw#Us7>^f%Mip(*R1;lj&-$qT<q6QO+CSAF}F
z&K<!<sZDJA8>8VW-*2_%zOerB9ek$DXj&?5;DWBgdB(;+R!d(#sc6fH+t6Fxzoxrm
zT!>n}>vCTt=!cOWdc}UEXUw`KGd4VIOKRY^_ax76>})@$0v5qb_iIHnLOP0Tq>u*m
z%gRjT!mgCUoj)064pG&4b25G>eCI*_RN1S_6&b#%?GS3q;5ml#pVB1z??)+rj<qXa
ztclX1Uo`Ib=QS^MeNYBEx0n;o5&q!RUmW$Vnjk{UWC*8ir}v1oELmmn9^Cz|XkIoC
zs4uC~y_sj4#oDlZ%P3w6|16%)^1@Tnmb?<h=7);9hoGCN{;|loxl++LY+xT}GV7Gp
zYF=VvK_BLs{hM0)XqZxD{k4@EU@>Qn_V5LYPL5vB`bQP0zH;S_<l0-PrOFOP@$lCA
zPf#p<(U5l+M4~Fj9|*0-rV`>(lppq7)3eX=rF^gXx*2)T_sX6C2}#5LZwXN!Flzy)
zjmq^c#tPV6l<`NGPI=jz<;!DD>w(^%7Vv>F8E*n;D$W!2Y3VX=jtCF9b7KZ03@c+U
zD?Tr=C=kF{IC~&DAM5V?Vn0O@=Gaio2B(34w-tvFI)qzxo@|XLLNoZqcn)^mm+YK}
zn|Fc=-w1VkWbE-b@je>Fe=AlY7Xw%P8d0<xcoMwlP)HGdPzxGq4zSY+3pl!}8Egi-
zti-|X@YT9uu;>rwQ$Zd7)7HVl*kB$W=^UA6!NVa823?`k{WKc>5~og;n0-D1EOT4I
z2*@ylj24{R|0@`8HDWiJ2-YRXrB!Z7;lHa^J=S;)23K7UG$cKw%W)Twsa@$~T4HcN
z>@HVq30w>nj63%0N`vvp(dIOq$c>d*stvhB_E`Q1u>NT7XPqe+sA?Zu&B%-?@J{#C
zqY*S0g2w4rgS{81S@PRCTLtF{m$xQco}W_0c)fz$Btnm01ojP#2eq;^iS)9I?)aTy
zK=w%iw&02k(&n0<_#i|D^JL9FbFk02^p7vaU;>1${sbVaZA<y$BT+9eOhZXuxv1Lh
z_L^u9EdVLcyDMCTt@VT(XSId@5z8Mg64G58EgB<U-wpmUPsTbzE9FtU6QhQI$Z4TO
zwajI`B?zltDq0V|FMJRdC?fF#-?BHI3Yd48=*qu-<-#=_`xTCDJxn1}vlmd)^UvNm
zAl0Ktf2=@V2A<Cl1%PQ>G+nXuvQ=|UBLB2sz{YvvtJ+!?LETZ)Blan?LM;R9>GfEB
z-7Q(0&4HmKwMUH%k5(LsOUw88tP$baYcfK0%&A3F9M|gt0-pZKu^gV{i!}AH1ZSBP
z{o-S+wE=&OzOh-EogQ?$5MJ{5fMh#J(=#v7i1bTUjn~k%fRU*70P`h}?NQ%vR%D;o
zOUo|Pymqc@<<&{ouNYJcjBSGgHg4kU_&n1$#W#AQAyn(0LUuWE#|Ug%t4@q3jL<=2
zgTT$0ZsA86c4o{bEtkoIjB|vRB_;xwc?!!9nzlxZDUgNVI<Meyr?%XWzH4xL)PYVb
zf>7i4lfBT^0jr9*RM%UDNjozIZ^LMMr|Zm&B0<7;Ln^l6D248T(7kZ!7WwLVwnd9X
z=);ABsrsdoyljDZaKH=V%C@-oGB-Z}M0uRh4b^P|m5h(wr~Bb?B$(KQ`lZ#k7H|JF
z-GpT1eOvyB1DJKqk7!>Fsrl(LHan45exJ4j4&{WwK?nBrfLM|+6S5_q>%`)BJ}R)C
z!?3hdHBY?DCJH|gI9DpI^e3MOvo2IqNf$QXVxt*5c<Zsb2Tq|tzT<Z3h6R*W9{^6R
zQ0PaJlUg>$`>)P|&U^BGxgCy4*6ibN8n_s!r^4^g+c~u7MJ5gFhbS4isbA<F1I$0P
z;t$^Y)FziablrkJ^&ab)yp!`|f@;lfz*FRmEom_8OEvm=?2Gq+8r4R_wW-Lf&$tdv
z>oAJ<Ok@wC@Lay6>I5EhZ98s0907|VJ;{tP$pvR=cb{|26!hE~FffgIRT5KaMf-O8
zIFv2>ZYKj&00W%pBJ2ry@8nPWs@Ey0sm1y8&t1_6Ec?MvK=F|d%W%1}q_98T4kQ)|
zokU=oe{VUbnrwi?@Rt^fzW*;AmH(>m!g=Y5SpV-XUlQokf8o)Ld29EV*8o4v|5aZp
z@Bsr7rOjq34~?w6FLd>PZ1PjvjVmmrrJny>dAAMZUG)6`*NT%V?VE-Vuz>!&*&u~2
zczzSApl&x|0X!^}m!=XR<|MQ7PJn46ly{m~@0fsE+U5tJ#Gp{_|F`?E14c(j0pBum
zBM@_%1x))Vm{5qi2p}*uI?_F?g~wBt)W9zUc>^9Rz+_0$7B&u;mPrhnAcSKo04x@S
zecIB}g(mj7lUiD^&3`~hBwcV5Dg<F4|CbO7z6N&mZfst>igblxQ~u*^Df|{L;7l>s
ztaBRR`3>4P87~Ce8=c)3zlNv%S1xj=Ry>eCHG~2^e`&Mc|Bpum7#=xAk&vL^%FmwY
z{>PX7?~8KypRVD5-?8QOGgW}EiMFrNbH%HuNpZ;=tIrC^AK!cj$dAwhLavqnw0|G*
z%LKj{3JbnHSPemulML$l&iF(A3uhllleXFPs`{CGG-w*pB>(xe4-J8kbML-}t49XF
z3eBoKzrc19@jn<z+m;G6G+58=j~`QB-L1z1W`}5iFv+tC&7H`3dSHzvluM~dX0;oj
zcaa4A<RI56FL0w<!F|ySD#sKRcWHM2*5Z^7oPjo9D=fH7mL#;I>5r>O*)dS_7q&D3
z>vveh$5qv;|6b{vMCahlN(k4$3wS7Ru>Vt)`?juU|5O~D1p55n)Q8G1EL_e&O+R{>
z@^EOf7PK{ef%yQYyX|F4`KrIXLCaH`H@r?t(s28h?@kTeg<h<kaG{Qx76SkRuH*pm
zX=piITgzvqWG%dRi2y8$yl>+HLTU>tWZOR|gZpK@v;FW^)}>iN8xCpKk_s(<GZ?V8
zZrqz@2Vv*l{rx7J7lflNIr>im=5|+<EVS<>l11C=73-D5O$Y2H5-(cdeqaoLWzdPo
z=|+qH!9U#s{L9oNG&j)`@Yf(KpdWe><n-U#zYXC3u7&<z`CfUU6~tIcZe9N|FSZHp
zN$K7FTUK@9?SI@0$9T325hy3s(>qzx#9z}+V+-3Pmsws{c<UdBH3)v#y>O89H@*{+
z^et3fan$ge&SqF2;Pz7G`p1E8SML4~MXG-#X8l|Ha#C4jVWas5-vSO<X1&4tdm@lQ
zf!u%mxHg*53(+prHsBbmhiqjVt;WznPj!$aAf5~K{Cf-KCH*sgZQyWq!bBDp9tZye
zdb%;UV5fSQ=1)BS`#`s)|7U^q_fPoq`ahSW|E&xBZ<zCc=nXEP*<Yp@n*C)0z>mSY
z!0pDK^>rqme`1rn#>^EL828skd+o0q=;B{LzP~Yte;oP$`vAC<v(VGi|I65285I?k
zze#n*mYsb^=)pnF3*krJmu&`sA}zxnAOSTDMu`DjIbzuwcA;hbV+%!J#1{Xx{eKhy
z=;Hrao&LXx46JKuYkMHpw?7GWrB3edk=cB;<FW2jr!hWPP~_lp42spRP}b_j?oq7S
zoOhsKtflpcY`mvD+D?KPY)quyJKBcEM0aGbb%<d`A}yQ-5gm#NAGp|6VMe~cf+MvR
z$s}aG?qzc8A?&i(I}WLmt9do($$^l*fi*fB=$FOctfy79g2vHqOHG43H`Y7kUfXxV
zr*r8_KaZe;VPv5(g{}Ivc7Y|nt`?<AD?r@8N(gMJj}Jtfe3O65LP0@c>q2;(j`IVQ
zQd9d*z%VoW^l!V^7(HU6ZtJ)P{#D^n|7b7~$&U(r1jyvWr1ZUpjk@p<t1w%&X0rq$
zyAI75ynQNjs681zireusgqvFev5P7Pv6w?W8A4|B;cmJ_H{{WW>Vn?mzJ;dX$%ny2
z2z+!nxw~l*h$2iKsa%rb3nnP@HF&4F5EBY|-A?Rkx{jUEEk&#t@6TC5)$`xa-;ub5
zp;*tKf={Q3>zUB_;<5D=GnHEG0C5aV#1S302o-98Mcwv%3r;kF2M0pbjnA75l8*=r
zU~Dtod2q&~)Zp6I$zMp~AgoD$uF*a`<YaIm0Gawbh&HdN6v*LEBOtBwWhjXYboFFe
z$M`HJoyHOd{}pV;JE!l2uLTTeJ5?)xL_V-bz<gJiS7&&p_p;2-F_ijNfl<rwFNG2B
zr%lZoSB1{;?<27|)eYFa`yuh#g+06>rf>V3hV4|S99NDsuyfH!(@&dh!YeEMtHfWD
zPe%h?UKSFP8swpq%{%CMJ~_=6So2kYV4L13@qy=KU~uG&a}4~s?=SK8zAO%{0$8cJ
z!DIyww_8~&cG^S)VSBCvlu{e(g||XwmeH{qC|Gq5*B~C^q62=BPVh|?Wn9pF_4Si2
zrow?OK#DL>JQpPjtE$;T22px9+<$U%$yr$g4WUo%m9?^c7s-R4{Ha3dR%;S16uQvt
zj+-{@TeO0uUuHumzVaVA>9|x*^hAkO#G^&fh*7cmr?+1bb$Jmf8*K*JJi#M(Y?g2T
zjMaBiu%gL!EB};8EwUdpr{Y~)B?=uX<QJ^n3Kf}V<K!l!Ii#iDhI|lJ+I})|2ev;V
zXP=I(GpiuvhMea=YgBh!E5tYsSyYw#mZ#Uuq620btONmF2U1EyTk6|d%t^EhSM>3*
zNUJv{?yII@3o~5;P2t%x!vP~-UsnDBkl|O7K_Lsfq6Ogn#yZjM5od}7`r>irOzECM
zRqV}$Q#qfL5R(S0g<IZR-e?|y5*umHS19=Egm1anR#MX{E{(<pc8SE4-Z+EJmnl)b
zbvb}tgJS1Qz`?AJKv=*y#$oHciv!MZ)ua3N6T0Pj&TIJNnDX8;9)smk@6|J+P0qEe
z$O8PXobB3A@3E<4sl#gUsonG~+F`+=nkG$pFjxzI#%lMeOn44MC_}eWTf@R}KZk~Q
zf-U&BMI;qm#&p1bDq@jRgf1`Jo>Jpoez2gd%@@27?BILG_RClNcuft$u5z%w9_U76
zKq~<|#Jalt(KfA`+)gFAaufY%!ywAV{IDt{OJ&$|1Cb5L1fL^~nN`3_JKz+4A##Jc
z#AHdkcinzEAAFXhMEOlh)SfH)9t#73n92&0RpB1YvTo7aP5jS0_y=!Pw0c3tDvsr)
zw%EUtiU=;<n3lBpV5*Zgb&v{8kI%>{?K3I=Y_6{3!%OomAAYi9>=*cu7GQ~?=|??`
z-aPnCHP~T5)A_Rk&brd&wcIOW+`~Gd`l;nL#Pe|dm71dlpfJSQ>#$a#_5(Gfw~`zx
zoml;B?I`903lO>FI(OdW@Fg3S&kWe)8jX!!67~39YG&%f0Fk;ax#T4PW|PB6J7Nx>
z;_pLi!4CBgq<sbM0KAu0_jDmn+veQ4(%du~1jFSBt<W*(@t#f_97gI*95KR7s(>7W
z<cEV|O1;=AW#9}>MuLC*84}4~$;ujN6_Z-PO5oC~3@&G3c0Xo2N00O+yTY8!c&{Q?
zq=>FDdh6j-^rz*BO%s^X3UwCl5ef&#<+06)5JLDu*2tsfG?o>+44~^hRL06xY58_?
zXQ|rwDNNfGQ;3FK>%!;W$IWn@lrvuWY4xJz=eMgaYF|WJeZ%%(`Zg<9eOq&gL9ZQ~
zKNa)VwUmG@jybn#;ORN1#9gWLyYWeONI(qP#d>(`7{jvbQ0@ycV)`sTrGsaD1KBd_
zTi3$W9dRWE0hqEsoHr>U!MG`v=x;3f?zy8ZBebQ2iUi!0&JP&_gbUKHRdF)-4Pt5D
zVzm~xN@zrLRYBdqX&O|Jrq7_};S!I!yTCj2GQx43oWOE&Y{iMKA3@d(kmYsRyRofv
zk$6NshtzyrHL91$qvrZ(=I()Zt~36rjEG#tgqnWA<UTy+FcKQ8ZqlMn`>Q-%G2#al
zvIn!7z^}&1aXCl&-xoGM$T}`|VX$Q_Qr@~$AcHH@PuK8ZOwD6OXrLA?FCASAM@80i
zIj^zS%!TfCr{qNtaZ=HsovUVS`n__RUq{BK#*%DXirE<lno07Ln^rODnMng^B@N=|
z6vmM|;3?AXpxTg6RT_ph_rv*jr~$*8mm-8Z>t+2alK(7s?;S*)Q`+E;k;Zq&m#`aU
z!9!8Xz-;qEj*qF5S3M{SKz|aG!AV-zQEnnD90i71V?exwBi8k8Mk^XCc$ooYy~D%|
zAy5-bj)1C@>!0fb*<wS$MW5g>`Fb@*?sR{iwkV~#@<1Keaq3)Wm9rrvwxiU{1tObP
zuCQ{=z>#V-pQxOeI&Ae4pUXmglGiX#N@5Vz`w(`L&F>gq34KhRzSHPiH~+MsSv9lw
zU>Lj2I^)G8m5>3+mJ3O|zeQS`ee${he4b6&{TZ^FbtQ3f96l~AU1-GaU`?#SN7yCX
zZp(Fi!e+A06fSb5FPxnZIpf{d7~`MWTVwET;4{s{H(Ls3DM4lE8@&AkHMc$&BuTAg
zh)qn~_QD38&+2c)&FI)7=t~*RAx%$d^daimTIHyT2QQw`zUtyv4XhQIkXTIDsFeb4
zNb-Xd4%X7k<ANdP=O}HPs_08Zxj@`yTD?^Gr8DIx0)k#zTDtOD_xSzPZmT_^{zIp-
z=JB=K(Z>ct^~QBTg17-WvoZFm?=Bk!swyu>pS9m^`M8khp+!n_B{p4>H}MviBN1mx
zM)rmNU3#7jMwXi24$&{MB4Z~G6+)g+YQ;sX_gIe{v2m5{VERGE88416$=Uua0J|28
z!dMgss|mXwv^%>bj`z}$-}c}UiU^DP_hzoriw7i5&#RA*amTU(wCLo(ejZ5{=(|kk
zy*9Q4;gE5o;o(aPteN4QEg6egRKZr;iUlz=@ty0gp&)WcoqibSqFb@JDMk%WlX!a4
zre@_Fxo!Ps4<eyL^Sy?@Zf=!k>Ct_l^{u(R{(NiqBM%eu>V6rWtFY@8NbX4GYJ%*(
zpF%w+!)d{*s@!S@Aonf8?P;6mz2Dt*z9VjJ)NTK6`0bC8#ZP~vj(@|^sVoNatZG{&
ze-k2`pJ*JJD}I;BUfvX7g=eL0S2FjL&Z8PL4bRJ<<CSP^?3n(wMP<zNu>;|=n;`@V
zxI&S6M`FK8qJ7#rXKzK*^|}=G&6`H*z7HAtI(WY$upSni`75>^=^Jrgoi8oz)-FR<
z!b{(#uS?tkrk__h*DLVghoxPyyeik7cyweY`&e(_b^b?T&>(H}tA!b_ByL~hWz)-|
zz?e0ew{rLVVi|l=qV|5Y{k*nUmVLH3*vX{beWyg9IW9qq$EBjJ*iT|Jc023~@j(aT
z*)uq&#QPzSaeALtzoUdO$8jSo%4QeY-$N`5wcQR?nc`oMu5Yq8e+Yc$aD6rMi6T+~
zZ<742`a`vA_${B5M|T1Q=wyMLhD#RYe<SQo?0at15y$4wPdSPZVRp_TEt8j-wv0>5
z(`w#Ly<*)Pxyh2H5DHrQXq;b>sqsAp43D_tS=cr*qSLCDT2115&UwdSWuTy{CMsAj
z6?1?x+?x`4&0h9>c<s`DP3T&$C(~4I-kCosA-~XRpfTlb@}>0ySy+YiZh71_K5*8c
zc)29%OW%)E_iOrR)|Zym^|E_BDVAIDkH)$Ro&+jn4rJtA?*#8XdYVo3G_*<8A@C_?
zBC6Br;M|D!k;@-}FZQ;`It_xYS50rti#P`6T{9iEg+&pj_m%VTF|<#!u+`$5Wh<+U
zZ~oxNeoo}AWUqA0evur9YDMpO4nZo3{-svgzx`&}E~o#h&vNZYrKZf$%dS1@=<$O*
z#;S!%$6~znepA`g&7bSYTp4<3i|qB3wKe+CoE3$=ZCVa<wiWA}JV*$1`=QZ$34Bi<
zls00ir&heGnmXBA%ffnCEu@?fc<mN4bt;7Ibisq=7QFb^XPxCJXFSJEe@ee7>W}94
zLZZ+4)eFu;<D@ilwzZZ@#j80fFszbqf~P`mAp<syCIZ{Q%c_3357u4c)Nr!WddSnM
zXOBW0MgpZTEAiOXwVV%)hkOrmwLqTU#JEba*E1`TSq1HwoYd0s%}ERXE_9ikdu9HN
zEsEg5c7uja@kiVMbwsd{8i#EN$V}p$!c=l+{myu<B4)OVRq{rwM?vTLc(x<qm&&te
z&vY~I0OysjUuRl%@oE`b4-4B(GLaC^v^a4To{n(Bf=tQV^CK$<q10q?ZU$+A9(TK9
zC>{8j^ccd)+o#9B?|62!S*i$e3R#%xlXCSv>0bdQ^(yDv&Hv0*yz{6|%|E@D*-WaJ
z5<r>~Dl<u+kTV{0^PAyb?%J+mRu9NZd_~e;DpmUEWk|ns3l3`f2puoS7)Ajtjm)h3
z=H_RURywi%ae6cRwHw*Wy@9uzI)zX(`H#!5uPM9li^;y~Ozg%ego^wkSEf~-$Q^;5
z{D5}#hyW$E_WaAFjoWMJFRjkJZFNeCiei|eXPPShEn=GUq-}a!A_pc#hD~9RWD>VN
znRuD|JS1g*$IutD9%ftJJM8{IzwwLxVxk5E(e^iY7v@E0@^SC)u!xhTlQt=>Oj2Y#
zBE<393l+pSak_PJStf=7j-aM_g@=MCdNZFt9`0TKP2DuKzIFV~SK*Uu>o)!l%H#Wc
z+Wo0?QM70~UEO=4Z2a4-egq`%%|OKoy-A^A&j)i)<@o#c4W2X$C^u5{#e$TmD^;ea
z6j%<z(uZq))Nb<mfz~^|R2}n`O{KjZ-6wHp(e`!jjD`<9X`^<vd|6kV)$*>a+|@GL
z;_*`=?B-r1QvWxduA@%y=_B)?Gt2&SJL&z0SJly9BgliYMqDlL&jeW03?CK*KZ01I
z7+v2N-=caeEqXacab`eZ(;^nz6IEi7>3CD=ST*ZwT^OJHds~YfbbR^uH=N;>hYNf(
zr_TcKD4U??%2!DLI3AXKt;^@2t4zA{`ONUlI)qEVy9CJw?NfQ6*YaCv-h;B+8+UfS
ziuUo34GaB95G?UM-C%<jMFx=-UkOr1i_ABXtY9r8TC51iM~hO6mIzviY}l2XDbB>&
z#Eso~YMtGAIbNKNdD?g(xHXDf<6&Egwc3Nm7hY($Hd5~*X;ZzS_u@`+CHnX8AXjo!
zTd`?gOP0J|M*+Vj9BN&jkP9Zt+(<2n&zB0@N<Vt9^=5TQc3!|dvn$^f)|*_7ybB~l
z+I%shFR7Ro<h^C`by2kmPnLPyqgG3`c$hJ}o?A04=)n^iis*hd)8apW=js5vx3P%b
zA8be=s*jPe%%e7gHcV~ZB7J-KzTTjNWmt4Q+nANLm84fKJSyp8FPEfqC~l4MJ){#$
zJMpcpz2cfb1C+^~p##;}zkLEiWMLg`C|LV5oX$$uYEOo*e|IzR5)`>DR9q;KGT$%i
z9fYmye(@!J;qm?ZP3cjd3w?c+bGy%TI^<PPN16>qJs)JC0vVOA#&-o31bOP?9KI0T
zC@s!RA}c=-Oe->WUgpTuQG<vllIAJMDgFg46`IW)A7BCd6vQ-Lcc%~IXCzS%KN7tU
zN8QCN+9@(o{Q+>or;w4K$=q9HKF<S%i0|qhi(5(Wsw3}!eT-7xTYI=ONd0zQ2uPGr
z_J7EGtEjlTZd)_~0!eUp3U_xWxI-Yg6_ViYPH+ew+}+*XEy3Mgg1bXiaVp<`b~}6T
z`=8V9!+E-QzEsUswN`6uu0F@;qmMD?(tWc5-qY{6DlXfkH5y7Z2@6-<z>H;{ATXnx
z?7M<TpVn6Z+1PR!lCHJ81+>SP#!IvLs`ppyZ!#N})*<rJEE3gn+<=A>GcgWmpKfu#
z=lUpi4{!SPwLk8y^VIAe(QkgvnWQhd@JZI=4atN*NK4*)d~@O!aiidIUk&#pZGtr6
zu%mZ-C1viY7|JL=Fm$Ge8{Q0@&F&uXxXO;x0=QxEHG*7E|5SHe%cZPTC3;n|><;j}
zkbaYBltv}32BRSzEu%1<5alk6id$>38f?VU5z_=vcxM>|#m15<q_Td5eVrl_IWWyD
zDS$gbu@!T?F}egCzPTghRj2y3)`)UtCV7*rMzoX!UkOH2@bpE;5fXaa-_|%V-{tFW
zdW*K^<$~Engd<PShd8{=!CDh|jWn;{KYfUc9#7xc$?A2**&_R`EBNOapoUpk-qwwf
z0~WP?gQ5AZ3fzFg!t9B9^={<iejR*y7|{CuLt4Ox{O7F=V7<LqS-^`t{QcQP;4B{C
zwj_bHE2QC-@zZ7Zec4+(FQgAxF{mGg=45vV?i+^YL72P`h@ag-2%y*lIKTzT9TFK&
zXrPy7f_0Qiz{Ekkea_Se5+=W%bi~a891o|n?S}_Hqu(_lrMw>G=g8lH@5KXfjLN*$
zn{o;}v41QK?F8M9YENs5QcN|1%6{C)K&%me7MP}&|9aW6I-UK&gfIBPDH~PvlGE?$
zu_YtbU+}2r*R<iR5kurPAj~xpl|9$!uN!v4FAdM@Zk)LRp-141_XHUUO<h~sJqmHa
zM9*By&(s_bqIoA(+{QO-h)zxn=^bgMktQ8&pfG*BiS>|e1A0cC4syj<T%M{zh#L=|
zb8tzrrVun%G3M#_<1eqJBUnxP;1uv?5R}d?5`oHG#EaK$9jt^5C}n=7g^NqK%PB(5
z&sJO)DWzxCbs`#m!Em)AM4d&(_Z_XqehPgh{x%M~)&zADB6*akvIxxilW?`lHU$Xi
zD&jR37e6K*zEUt9urnWI^xjPbPE|(j(>Rx6T)7dV?)v4O@m@P9;LqirYpQX*XJ~LZ
zjxabIBxMi+Bv<cI2!WxM#)lscxSJ`st$)Fv>GS7nyQbka=u2rBakL0dVLuRNnN;oX
z3}18&8kLF*2n7w(Ad7`s9^~j2FL$CGPB$Y|G#1C*b&t{t`d}?noo(+Kqo#XBj(>@i
z*QS$sE#zwB6WH2VZ8=BYUj+Ik`fYgGB|7E$gBr${y!4P>y<()c#FbdN%<6%@LlYFn
zpC6rYk+POBZRU??`GYH8W+n5X?%oScKN2FahoNM%j_Oe*+T~tTzy14jM7~v$(ek1Q
z`OTW79-VT=>koNc$JkU5g)0ef3`!tEZp6_zDU>0v4*a|d;Y{kd?k1MuN5JBA@?VT)
zo*yFmM&oL9*Q=lxj7gHVg{XPg$q+t1PF`>-^ft5Q0fG?HuMcYPWM|7-x}{Prh`5$|
zF;0^Xy{_(vU%~?RMHdj&+V>2~M{1TagDm-7D{)NF*-#uj&0)OT2^l-8n2CB;P<O~G
zXL^cp4aIm&?BEl&#vm-Yzi~#1xjzO%0p&5vqxJe*$Gg*o!B-H%F#)uCHyllDUp>u}
zIv!O^ugBkr{Zh!IN`%m>dFwN%M-+;VKAqWHcNMaSQCC+nEpo^=hD`9T*>y&HvhL=a
zeq!cQ<UTMvc9_+lOxZ|A*Tjx?-j1<AB-xFC6;Gp`9IcD(1K$dRvB7V3J-V^JS^(;H
zN53Ib-S3_iw~awJX-E63I!{MjliYx@d>LNHck3bd;-NSrU*8SGLb(}+{1Bn*dWcC&
zGO9PA!k3xH8RE`(pEVVZ(9*x!OvC7zOm;!r6~Fm%+4q<OIsAMQk*7!}{=BfS<)@di
z*ABnaS{%}|WFNeXOrF=C;-c$(<BrxZ{hU)AUh;MM$lbdWoWP5^Y!u{2x>g>FtjNI|
z`V?6!Inh=5XbMi&x|^4>UQZAD@<e5By7*RqMdS6s-FC!HPQz%)9S*q!)YT<<tNm_R
z6wiCoR-&U`6tvpDqvv#Y?eUfP1w9n9_%={Thio^(zT;&bJ<utG7kA%m=P-*>@90mk
zZ=zDqH{N=%Pshs@3ej)o9;(vlJcSJ0#&^H?<AOSCX{I`=X*>yhSaRC<5wZqp;nsDC
zhKgS0fI7f{F>rbfw<oUBp246H_d~wTDmS&T1S^XP7=!Uy^@DcarnUFupx1kn{Se#e
zXnW^V_~u;U6n+c5ifF*6pG$GUp{QGRFO-q?+!dI%Xzt8(qT!u@4G>6ZjATJkP+If$
zP~;;-oM``ZaUfHTUAz<$vYdU>EbADac^>tCWByVLuT&|_8FnO9OnV{%&p3iO2ijfo
zXKPj1K7$C6A!(yo))7S=+*(EE&cU}3+7K?0NTyIpVA5Ce#tKyGsKbw79Q}=EqDe5Y
zLrYxLdK9?m9Yhs_BoR}knk}=+0RxFq{672S6DHz;Pqj06GwYMjS_%|+x^gi+3-bq8
z+PlkR>~%6`xs67D<$I6h#S+xPvS1=1l&r#x`dg(u$CUyUkZdTU-yP8K&B=VWYp6@_
zC>isR+p|hEcAeDFiyJf5SXVIX1u46e8(UnjJqZB7q>k$AG<y(>r!eKs4pL}81}}ep
zDcpHPAGQp~B7a4?7{5-4d8(=+!P^&+_#l9Yufnohy~*Gbb9W*n=Eo>Idb;}|yEJ~_
zDxrc%d53TI{O(gM#NE=DW##wH#;2k#z*eAHl2Xqni#BKkoFY=iLU9G0+^&T4I584|
zRBLs5f1vhI_o!6D3nQdslM${a5)o-ctL}VzhQ$22q)kMSRlpc~BmIU|a1Xp4W^0?}
zu5~=z0YLN9VXWSRV{TXY-mMEJ2TOb{!9Tw^4r-D-;`PYI^U#(wKlu}KpX6<uE8uUl
z3Hn|?gWYc%WBAOgS#PJbCdYlhKE2w>^<y$iYWo|pudpxD6H~_a%2SuFF4NPqx*j&z
z<XhoTPx@v|6|>D%_icR3V>eMo>l#j{XQL)8rX+8z39K(Kg-ZzqiRT<@=NZz@?qb!>
zvyg^)5qy*#e)-GPlRxC}T35Jk;^?v)<XrITjfqk<VV)1TP)|L$ewyV?)%=zvpf+wd
zl}Pq_=n10rk&m23W1HYa>QOWO@-w0mK`C5=p(Tp*J@+EVWrZS$Xj^yCW3>tZ^ZH1R
z125v=^Ba@RAy0&aWQs&{=1c5Nw;qwuD}uX68p>Cwk}-W|r2XbML1vq4&r?DEFCi~1
z?Lp$Ly`4AhI6J^)o{=1(TI}qK4ga<B?<adtDZ&Mnz1`jK1ZbQslKjE=+Pp5OL}>yK
z-{n`mruC3`MyvL=ww_UIsAVfcGikCi_feDS%Z=Ad5&88L`lhq%?Qc)9ozY_4YU-1c
zRf>c{Dzhv4P%O6BVcA~8$;@>xMBP3_OG+DCHQi>+vL1wQPz$e(NzdSV#W9=CW<H{~
za}LKQ`hAd#`O(#>_PxS{;PjadksB2$pj^Mu0R0%({SR+sSlBsM5<=E$-+Vow&81~=
zOMGSsN$|k%;h@}p?<a3&bXK^TlneXSwl#Q2?AgiVcPi(p$UG56Adb;C$WQ?h>%b;k
zxaRk24CX;K`GX9OQbv@x93nuFVdBgw%M;6gr$e}m&|b>vWAcys*v&Q(Dg1&`J`$)W
zQ`HjQDCwPdJ_T8adaE?9r@Vm^HcVk-RdnNjONe^#0|B|G<$G35JU#8OUrZFRYVZKw
zpDq1ff9eRL<L&NZ%Om_ciOxn|7pQ#6fwylCswJ{RLk9~d>i-^AR&~AK)sOw@S``l*
z7~4*QrU^$Tjdt*V-k%OnBLyNFR~hsUIvw%0`Ozq0x%I>P2;hM-7q`c<qGX=6Gsxki
z#6KwuB<zt$_ANwdy$l{`bvrQJlkf!x7!x`lu6(GB%Iv$<4hBw=p7qdi0@#QnAiRLy
z7zAVEp8msGdfXS~jN$q0!R|r75iz|oWbZ$WJrR?_!P0|#6MhBWF#V<S-Q*0_T+cDC
zOnxlgj3x{lkjWThCVd7W(;bN`UY4tt>{$o7^q5=DoZ^`FxPXTF`TRE~h%MuK(UVyK
zRh1nbFP!krs-BsH>`&jDX#|TWBo76k0*z>Cl5T#UyLDu&JT0QI`^^Ozo-rf(W*fki
z#S8h%{yVGMt9T~MLY>{UqRH<-n!DsOPh@`}OJV7HN&#G2REsMo`pI0=<RiMh+A3FT
zQTX7;JJ~aU7qXpF^?Nx@bAR8-jvz^J!e+y!t*G&n=9-z|C=KDDhTIzK%d0^@<$+wX
z16`Ux-$mo)^?^*(QrIJTp*{=ov(cqtV<pd3_2cu2pONcp2vUY+TyhTgVAq9d-Aoge
zPTn10uE@UW^O2Cr>2P;APu7v9Pj-WAf8^rra0*mG--%N@A_Njzbl;}=<9AU<S6Ru1
z0jo)l?(47CzDO<TE)al8d@$nYHZN^LK*J59nQH-wn`Ph?EA9=*4P^_SZYsAp+Vum^
zcJak<j0Ra3XsK%AEQW>bt9xPI)5lUkb_SWJPMkZh_?Z{EC9lntmmVp}&xzzgk?j{I
z5%R?`9{te*xdGj-VdWWYttQkh^oxxh?KB()FVx4$j1LziO*_rT8R5Xd`BmjSGNrhr
z>78HC4_A;El}EP8EyU(iPZQAIb}Vx}y)Z<mOL=V2<qBw<XAVdfz(N(gejnmiArmf>
z*w7v64jAp0?+iY%E1}AehBuPhBK06r%ebNFf=o&g@!LI08Yhi8@jPR<MOfC$dtr(a
zsXI~Z27AtKJEyU4IcMKe!mOPd=|fQ8S~VQ=!^~!*d}^OKx9@g%i#z9siw-qi#J@H$
zC%c;9W<y;22G_H90rEJsz*la+w~#t=_#>v5UbhKCEzaEbxSUw7Hf60Ko<EOyz)?<#
z*BcfsR^Zcf%R709KNrHtl*J(@BXqlXOyGef>g3j9&DSy-ev93!r%hlF%v1Tn!0u}u
z3>*H!;lTsrhCA7tb>tI_x%pOb*an3kD!>~?s&5Z>6*wZ@#F;)YLEKd@cI5}~4p0_G
zZ${l5CX9fYRwl?fnyE1w)G;TxMSd6E4-NH?%lFJ-xHIB(sxFDY{V6}7x+6fOE2y5n
zc(~0*6D;x?)I{1`B;JK7F5Qh%_-g4>a~Lzbz1*1iEVxi}LKtQdpXlb}sFcC+7#Xnp
z7D}T-)I&H#tfewQc0O#vcssV&9R}mbcm3leJKo;5G{RcX{Ny}C6ik{vyPuL{Zegdx
zyiMqYAIYQ{e`8Sbws{5Ok-cB{Ve9KZHJ2Rv8;xIx%N~2)f$tV;$t}AdPtM`8&Bk8S
z=df)2rEK1w!7KOY@oWx<&Umfu+;6`I8~?%6eCiroXSiH$;z*n@TAZ5&x_MdcfiB-B
zb)knNd(FgFi-7lwOkV%UbadUqo(h`%Ii;BZw)t{g6{iXxZfL9r{HYu`vSTlDQTH7e
zbV3*Q(+fHh&zzFW9Bi`z!U?07>`_h>Zm+%bs5@Od!gIjE1W}um^_oyF-0wK_`X4U#
zVxMO=PU$>u_y~17ba6e8gV2E0sM2A;<{w-28?9;se(fLaz<hXLI)vE1P3USpn2<1+
zyJ;2*VMQ=muAarzD~2Xe*>tc%>4%?SD@yoqLJ^w*$#Y5pn=Kwj&PMh6cgp-pCwy72
zTZaSLOG3-rF8~T8z(EMUzX3H&83xazAUj+%IK=Rmgml9K>ZfQb<8|3aAqQ^LTOQn>
z4*dniw`_|{VM1y#(APihkqH~Wg`r{YDeFJx?5xy9&({C)u_}vE<|N%T#uYw0K)*eg
zy9__T%=9G{rJ9h$WJO&@(6VMcsu3vV8P=+Z#*&d_u=9wwh8+Dx+AyqDvdJMRf?&@M
z2|v_il!ZOz_7v%sgQw_XFBJdTS3=O${Cdt+U7U4(b<ApBvO{Cu^a*H5ZmGq@Z}M0m
zJ@v)%;6nU%0@F005lUA$2wtuWn<z-q*hxCaiv;cRlTh&Z>CjM1ar+Nv@~+}bMI@0Y
z;2*%EA9W9mHjB<;yFBD4%SP=51y%VF_s?R6?g1E={l4D@iT-NOc7cyA=WtDSD>PY>
zHBDuATP<XbM|Z463htkt3LlX$AYSnMoBVloUr8*9x*^JDx5)ff&7T;(d_E*Gq6B$~
z!^J}9${{zMI3$&WH#4!iLso14$$Kw*R5Y%%4_5O!E-NmOC?A*N<kHF(Wda+|$5eYc
zn1k1eyB-uZGr~+RazW$>F_WDSOrr%*|B)H5;_^;;9Id83I*V3vt$Oe6OIGCR658q8
zVY2=)^BLaI=&=4WL41<Hdd)#W(5rv<FP|u3cC2}Q0n0fBu}GBxa?&&=Yh%X{gvBGh
zCl+fN*5->cn`xdmiXp~5T|RDw4q|4`Pya|`^U1u67rGI@#vMEGs$!IfTL^{`up4lr
z>7#BwXtf)|&gh^FG>Cu!!jWpQCZoXqdPhTr&;~o<9vyjhu7i7%)whLwGm~TQmJ{te
zL?v#$E>Eh}F}e7{UR{Nnh(~yyn^!n9-I?85-0TqAw<mX$C!@qSqn{Ct2R7Yb&hgM2
z;Bw>Vr*8fr%ka|hyklyxZ2Hpf#U%Vljl2+8Z1nrprv&TW)1G+8YqQxlMWz8G?Z+Js
z&(C*Ato*rFc8wMXu*xPEi_Nv6j_~rK=Rej;PV-Q@OUC6^VtSy9fVDHavj)SWj~fW)
zprq4$eI22GGg54<3vhWSZD%}fB7Dipe)vm%H2^!Jcq{xsle|<X;Fw?{D^hcnD>wmr
z-ScQSMu#$!J5ldil*g&pqSt0mjZ3C<Fhtyv&s02l)_zO3QD}P9ecmGfI#$J?aS4%x
z3+^*9tjIvor0_s!HB&(Hil0Yu{7Ci6HNJHPzw@_B{g=d0v0ddX>`om7V=qmnjKHb8
z<GS`|!)fX4?eVMUem-ml;1h!Je(Wl7MKbO)U%3tDnqbEqP7MXPV#TrpyfZug6{Hhs
z9cp-Qwe$E$`!PLBMP4d>4&}^}?Xo&k@GI5H?u0PjOnXr!F8J_BlVnc`L^nDhi3*+?
zU*m5!*ESKsRDrEILC%&Y`L2iB+Hq~~B00Rvph@mp@$jI|ll9a3bQLek=k<%P3lS$a
zYRZ$-YK`^u=+}Mg|InbzlwY0q-hY%FZHh_xGq1f?&aNt}>p5`d09~3&{OGu<JW_4!
z0}6Git`k;2I6}EVD4!5V9!1G)qqD2sw~iPP5svVurU398^eRh8I49Hfr`n8Od4A=L
z&aw;j|B|ex#vTnqdwobwy*%<ox2VnDy?a>P)tcvFY9#Q6NbxRQ$m70#ei*Fx<0wI^
z1tBx0&7l68H|!UAHEI}9Szg9t1QLWF_T%n<#Kg8s(NIfiNx`8>s)afEGTvcg8ICAj
z1AH~wp@7b@!_z>jh~%v(x7Wz;w$#kX4G$7M6eH3<+Js(WJ!NgV-~7u7<}>cT-`PX8
z$Yiw{`*bs(c_M%_b8;4>G=%eYJrBg--`?EZa2Xf$FAt{@k^#^#e!?Z-J3Qg{{eUB6
zt=-X*=9Ky?h$hR&L3jvXO}wdV@<W!We9eGz7d=55@=L5OcbrDZZ2|9Hz^TP0iMels
zYV==`WAojMe|?#z(Ly1`dHrIocYEO`C26hrro|2js}1R5;+_+OH%Tl1r5|&PqL~9d
znch!bm5R@d{Vf;knJthcS*pA$D+RKH@pv2&aH_~tYkO|b?h7N1NZ7dCzcKKPzxdms
zV1^gO2YKrC8~}{_Hx;-#T$T|~Ug}jzTD2hE_eW~>T^&gw--ByDSWy(bX~1p6w=TWE
zq-RXIVa8wx&SDYM%@PEV`zngf7~M3_t^HW~Iy31(Emja+Q%#q%=JFmir&sQ3f>9=w
z#X<w<k!ln&S$jV!p1dNMG2flb-jseM*Jo;u7(a(I)kZmKE~3_!$@$(lq6xA(&*aJk
zTW*jMm>8Of?UwPV=?#|THAOl{=oaaYLi3r>AdD#V(+x)QDbB|2RtA1=hIFFnVko@R
zu}d6nv98%>Qc#b$cNXVqv`{U!JqCQN{cUzLB0d3iO+;tMBuAaDPwdx9)MUOVavd)-
zFda|^nBQv=2c0Z#fhGuz7SV^p*J1aQxKRMWJ<~KE@LE}-ak1#Z9gaYQL|EmCzVO6D
zWaq`Ec+a&_Za{HtK0tiwF}wQ8Bsu}7DRB7F4E@&LZEc3jb{Zcw+Dir>L9IMv9lrC<
z-(0ph6pgp4x%U}+_v@F^0-yT#G=5=y2diK9dD5&iLw3W>sQdaiNKb8@vr6$+az7yK
zTwo~WXG`RG|1Lmz3eCHE5&;g6A|7ndU&>U(%#wEIupQ%JKv`y`nyV{K*G~qb<zA<W
zY}U=i&b*%vPF729g#Je?A@n8z99LRjN`Ka(q(x<mQy|Z@As9md#RT5p%5MFEG`Gav
zXt_>;gZ1+2(F=rXVQ3>0h6l;h*Ne@^3<_!;M)V}W(mo05o$j!HHWPIs#sbB~l8ebF
z!`Sv<0QEx7mj_=<`)Atglhk4E0S7#EbQS$XvYV9W`6hj#Z4Ghs<maehq=vdOTF$9Y
zynmz6vTBS1JDq4h?|AAM<h`03tOo+-5ccZLgir1SieI(+ebjP(0;dMImgqQg%j*<~
zR+(cowm8?u`;I4Ih6$k+1*l9>YDQT(8BFXvHbc3Hj`iCO&XV2Ja$l02as`LAase;^
zHuMzRBNRaCVR+7}FH)+MvR|d)d=E{H1}x3i^0wTsePbQL1!)MZpNG*~178!q1z)c>
z(v$eFe_)&lxG(i2BNn3V37OyJyatz~0BVlTmT6xXLYxS%Vyb^4iH(GijZjv2y1c~^
z1ooeuF&%@%vKAzMHF4=Iq~tjdgk4!ysJFkBh0?Pf_Mi794rVXQmjqf7GJm41T*_<o
zlx}64R<N2nYzk1zHVpKsJe3Ql3HWNpM<4HnD%3DH?{_z$?n5yk!WV0~3}E^SR(w2q
zFj|r8c=(pq5tXb=Np`P*(d1nVV@KQ`w&Euq(y3-Gok)K+;n@-yAyTfGn;tlw%w})L
z1lzQD>s5bsFK?wgx^TGighaK(*s1hK!N0hehQ#yHNWsJNt=MbrN5Y59%Db-WcmpQJ
zlm3OuX(gMqHOSj&>>IRc8;!#2%ZIC(W@<WTni`*3VVPtHwQ`BI0$TMD&1%IS{8n~H
zH+O`|06&qJ)w(VX;?Q06FNyWK&O?{7%3IshsJr2^{nN`^s8-YA>r2a6^cM2!b=}&b
zhZH041fv6C*mkc%x2zwP;;C-d8c(MTUhn8dfS-j+I3y!cv3H18VkxeY*3mDo+qE$E
z0)63eDf9)Mu&xM2hOY}*!u&YBqaUriwk4sCq?kXMpi%?tdaxyzdgBDm1O^~dXdGZ0
z1Ap}FAI?oIJy+dGcythWPQB4m`%mG(5-p~~@LnNZ-52yq4dAWMl0tC!bXRP0RYWLt
z|7ppuNFpLxnPgqpU4*{M+@bh~bzs-V(`)%j8-DLUAYV`Tx@BH5bIRlTIqGemXH+l&
z;XgvRiyIdJL4#@V`fMav@%)R}36X1)oycdK<=)2n@T-6V9~zltYk9{8scu7{#`Ubq
z!0$@m%Og97wN{6}9LgD?M#_!l%1y_%nC#A4{58J;`+Qz=QlL!T>BD^ufRSh5XcAk0
zwcLi{R3I@MoKvayP=mhQ?{uH;ZsJQSD4?nKFbfT0{7wlZAmDF|?q{&pSgR(bQpkdu
z3k1;{WRI-I=z?=}D_mDHZJmYRN0(9W`YBrr2SYmHMNji6DQ(r$?qiVrr7JP&+|oEH
zedEfSI?=8xfOlncnV`!R0kZuU*1KJiUBD_Pdb>72xOw<=o5ZDL?j+0>_7+x&iM<Yq
zo_uj(pYf~t9CuOQxVFs(vRoY+VeK1#%)ms$n<`4mLiKZoVPD~t=V8ed6%tY!@-oE!
zk^bUKa1tO+HzNYj>>ZQ62RaLMFHoi0p&n36+>UPSCMqUVFVDzib}1N{zz-Be=v~h7
ztk;u$dC4XncM)K)Agunmj%b4<6$cI2o9pY;HxKDs4bV+_#2!Ri^_r(XxFYLUwzm?m
z4J!=y`N;rNZwPS4Q&Be2tM+lRjvTqPUKc)|a#k$JKvNZN?}?eQN)%Bw>-}>ylx#l>
zZ_JXu`Z>ZrN=D>6nvkw#jQM;$gwwoJ1n4XIJ_YMxo1}Evb7}fq3DdNcW;0oSJa(tM
z4|bCIGR%-=TeXkPKGvoa@KeVd+2G~n7D&4Ki5G<eY6TnX>W{*bb<gqUW)(<fp^Sa1
zvghgz)O?;<#2A6Q4TjSIg>IxPMtd2b8SyteClWJtmkvebPf%W7=89BYYcw~zWnKr>
z@G6m(ixZ|ldZGrjr@mQc>W7BLDzj$xD&y0LjUF)_NK{l*wC%YNo%jvc9cyZfx4K}y
z>h?~(pvi)lvw1(3VsXtFJM)T8jYCe>H<MiuW??-Dyx75{M9-n`VZo$)hO)TcSKftU
z9oK24Ok>&=ABGykX_&Fh<M64oMx>(q>*2XtOF|3Y^4AUtx%6ZNPP46k9|CjE#ula<
zhUytr8k>+FtGt;x-|QeYt}AaoK6JT+MUq)5<Wlk2W?`NFE<p!DIKOrCukGU-rsbMQ
zT8G{w?6=kR2I307K3Wl7^;biici>7%>!k>H9u<hBpe?*N{9<MD+OsnKX6V(+%&}hX
z<4QPX30JFsEs4EVWz$KyqLs_*<_=hu8MW3<B&P5rey+<QXm|i$>$Vswip2=`FS3ak
z0`uV0g%O8Gm0$YDPv3O;XEfCOXuT(&C{v7dsURt!$t#kr5(K>`iItLgdZ{_@cUhvz
zZYI8(N(kLr!(xH4oKX)cSDV;qY|nFaRaeaW*+ivYm##r|wptpW-#)_|7lUY8$GzfB
zWf`=csSv3zZ@;c)tWzxhG}Q{faIbVIFo*EP41zyO4%J_7VCVd_)Jy+`zU*fMXN_wA
z40n5><Z6NRkA+?JsB7)>SZ)j3hh-iq&6n>wF0aULE~qSS=BJu5Pjv|WHhz{<BN$I*
zYNm5-{S60yu^&v7C0e!JbLje)Eu{6ld;C`+#HaG!gKY*hKdFYZXQLJ1Ylz{O%^kyB
zjm(T3ZyhJBr{ukm5B%oyF;?(RJdI;cyiT7j`0mbhx&>7!w%h~54j1V8aH96n{}zXw
zI8=n_RSC-<%+2)itk#=cUU$56-wwvD;p^8kLS<q;d>v?R4pd#p$L8lN)eg?bmQ;vj
zr;RlBOD`kT*<Advju8E6D>B%9cOCWW99Y!<1x5G-&5w5-^jv;?I|*4}`cA2cp*ktb
zNDJG@Fk_7>osaFNo3D@C7>=}uT{f;;#1#^mRmRz<8|$iSsV6n#+vw;}jemJu&dIdU
zi*9R)`P-wVgj<on`5j`>#9)AAuDe?@mV>4L!u_+EjF?82<n)Yg-}D1l2RNf^qCQKg
zXd+#$cD!-UxCYhqR@HC05nW)<=d-TI5_+SO4Q#x3rvj=V$Mqg*s`iuF{72aDx|&`N
z2{N{mzO5NGALX0N0qb{&y=EfTeZ|#GeUZc9Ev^=T-l=ZBq|?4_Dd5_*bR3?>pnt>i
zi)W?I&kp`<Do;6e5+a&BfdGBG$7f{rmXBjN|7eo}+?~89nJV9wavWW+l;!qM%ZlTy
z6m$LsFLNlo23LNoKRvse$NCP<iHJGIminejiSW?e{TMBqiL;|;1CL7X`kU$V8!s>p
zL(9r~{1J~i#m5U7sC~97eG{XU9uOI;{r=iH#X#Z}Hx+5r($tZ~*7VOwUPaI8NjA5M
zgwf;_!)xuePrrl<8&2CASOC>ajcyvN!?6}sa#QnASZG<KL3*Y#Ffs%ReRp_U1lktd
zxATZIJP%m}1p=H+OvtqHXJ%1o$E&iaS+12u{CWp?Wkdf`6Y;-EX!Lm%6!sWefXNCn
zJFr$;WwQ3O$&UMXsETn9WrGJ(GX4JN!YP0@v|WNcPnDOd!(vGK>nEMIBPUzYCePYN
zOwWYm<cb|V>V)kd#PF>Pf;tvze-jbwu9c_OS0~}ldnY?_z6)bOZ3hT%5%)UrezjV4
zs)^g-37i!>yW%TycWkuy@#+DES9_8lML?&#$lc~VLaZe<Yi4$S26(Cwfxl5bEvk$W
zkmeGnMFOGc&SGscfNGk5U;#cTwKea%%M_iCvEEv4FQCTHaW~nDdRKO#kinL|%u_$-
z>OT3}ASWYq%(-Ih#9LJn`S5Ks!6^W9;DRtMv%0A(g?w1WZ7piIKNEaT2pXuohHH63
zfttd_ceXL5iZ+5jE#F^S`pHSmw5m~B>`2luOt08>(!;b1pcF6YDL(A+!;R)1y>mZF
zM;a}=IBvAmM@JD(4MM7aX?*uAbc2D@TGBn@&1(F~XN0c3_tgT>nE3<yq5@M|{%mis
za$w}za+WM*@0+O)#sD`?sSPH(>YcJFYPK)7bPv-yOWml9KtaewFus#nPIhZmQkhHn
zc*w!~<hRdVXu~d2<H>?wDF>4^wXZ#UB$1;rr!(`uq1wSkt6A0yL?aD6ZZsdMvc#X)
z(D$p;n@L{?`u~_!L03AB?CMNxU@HCT(})(Dmu?A#@Sd<65&=^uU6HuLn(rRrQyKnQ
zugwx^OtqA8LFmz&&ud*2Qe~J)WZ=&kSE#q=@2ZI9r9Ev4b}%PX9uZ=p8jt#i%$0S!
zWzBwQdQc^PX1!n2WA<8)$d!a$W%ThF{}g1<>FhPY>VCM{V143mM3L|ZvgDr8TGmiL
zL-Ip(>_h2395Ckmnp3;E>oQS<bxd>(l>jp_VbuOlsLgTkE(Kdfb2uu}c-!}kuZ8=2
zE2V<=Hqo8!#m|a5MZ;p>%-oD`T&dK!rtC_NJ|`ZgQ%G@Foeq!<;Cp39{w-|FYn!%+
z%g@q9aA`b+-TF%nG5?{4jRk}L)pIrVf76Zv#IPrh;|(fGc$^v@$)B2iI9v&k3oLS%
zN%G;c+S9veb=-ud!3w5m8T=zrtD%1tfz|4ALc#gwvE3$0yw^2I2=DNq_2=^wf-q4b
zCXki&*^jQ>M7MsI)u?W1rtI#n7^$>5tVyA|YEj<&6Vk_D#UjMU+-IB+NVi5{%0*&N
z{fRx#>_r?8<q1v;q&r_m#A#XrUQ87xv+IZb;yn&FY=!Q4KR3k|&liy$nE_q93W>b%
z2ORo#Xk}JMDE9N##Q<5NSb8+9cTS8TjZ~F*UMuTyBa$`95wXGSXKaD2<jKO>oWOBz
zFmx`Q%?uTj(=mOJ8<<1(&1#GhkS9C$6~CLlM5>68XUB9N?|<viLr-lKw!+5rjND7v
zSl(zQJOp2#Yr(YBtrLpG$C()vQE90y+w3BOlv>g>=&Rqly!LD$KJ=WZm0Sp+Uk&pE
zaWwrY`)#`P!rYf`G7p^5*cxQL@|J=TAJSW>7&!5ZPzMs(rhsRly7TH=-OG7bj@m7d
zR)uc$2C%U2;V=5FTC6WU&5caX@dr*$U!wLCO9=y44ZE)q-!yr5p;(wkh~wYpy9d7@
zeHM$CaHgphGpjDH*$bv}A1QajL`28k9?R7Fwp7J46zTJ+Dns8J<mH{65^=KA-4~eW
zqo-uEnIyN8r1rb3N^vln%PQ8sjZSl>i&!VO`c-ZJL}O;b<Y@%20I0g@NI$zhcHa1S
z;FmDU^a8EGgT07PA0mbjWlLJbI!S`TawwdH!aWDIax%pPR&IivvL3K3X1bIbwjv=Q
z25dXG#G`@T{DpF(6MsCO$0X2AFjS!?(9yIL<kNn3R3+xj24luKgdBj_6EbEEce^Rj
znf$OTpbFJjLyuqtiwgG3IJ3mskyLXDh!+J)#(bW_Yu2bb)66dU)#N1Sb<2v&b^K-3
zt$#LVNA|~rZUXg(-Gj%2VF8DVoB|MR6T3?XMl0VJkSW3>-~6zES<`rbhsO*P2Ei8~
zL-{N@kodaAwdS(@Y!!8Ik8UKnNzNn}l^ZWIe?%_UNhWd}!a{JJhU|wEgUW@QFZ^Rt
zL?3mW?=C8uaAuchCs5tNv0JVGp9l;aTDF>fF?eS3P0vV8#n(f9(A9>iBcRK`Bv)$S
zA0}OSh~g8-<*0*r$TNiLiaQ&ZWpthdt3Oz(&MLA|^WcfWfgtyKKPho54KUozB}yoX
zVQF`Uzp{daPx>Wnf<J9xZcxJl+isreQ_k#P&zK+oA=j8&a2GTQ55F8tVTB)A;g56z
z{o-+mB%LLA7k+Jir=4I^juL;M_b`J_F5Uk17ukKV*OAb%pQN!_NYxJ5&4%At7^#}q
zPu<JbEAoBXho{@(u2+`M;Yz_Sq_+Aitrr$B4+EU>ig@#}pixY&iBDo5wIlq_n~8*n
zRIPdprkQ5Hkm@}aGiR}!<aEi`=<b7^!HDkCvlTu-OkuqkdO0fps$1aZt)#o@4q8h?
zDZx-j$msIls_k~IT6sX|T_2DKf*4Ql<L-!zZ-qnpNU`7Eb%roGls+oPT43q?B1N)8
zVIY0TbL<un<AcdI3ZgH=6pvWagspK-o<r$1OIx-q#6=|14gPMX`NIq^fGkTjMMvQV
z#K2vd0{4YY(MFFJ22wO2?*kzTwBP)}6&E<+6i_QhQnTED!2;NB{FF@Zzc?!MGKn$v
zq_s@ad?4I!HhIgCE!}QKm*uODeC?VU1YK|RO`%NV{ED4@fn_iPJ$%HwbHLS)xoK68
zc_GY71X{eU&5(Qk)}0B0yOD9O(MoQo0&gthhbn&u1_lrBzV;FNU9&F(xki)++WoxH
z3Fk$tz+3q4+l9-QC$@Ram&i;%yF792zyb!yx(p}aCasI(^z0DzET<Y(uwn&MQ5P8A
z;J&J^DS6PF<;T<Qi_J2wyHmxsuT2Zs*c}w)UDazHXxNw=$@O-pF}GvuZx(&B4^;MW
zh3vrSQ;+4hz@q#o^fHBK`-{ch4cf~A9kkrD(JW$7My7Ew>}mIz9b?l2hQ+rWnBBdT
zFQOPAKd-Nr5R}Nm)I;wA^c3vI0ZeeNvB1CNubi}$t&GV_bmIoU>IZUN1v~1Nv4ei4
z2++BE5x0h`Xf*@*y_R?U$!w>nh~p-|MN^oO9%_V+R%i91Uf2zwmolmU_O&*KrnNXH
z&5TKWsBBDb)`ADzwIRz@`s27uiJ4Ko2mncn^#K~ss@-J6X{?81SeL67k5^nK0;R*n
zO#%x#Rmx&^f#x`SyDmT)W={{_g|Tm8O*D@5A_y}M;Wk->z~~_Q`|=I?(u-?1hcuL0
zs%r~xOzmjRnQ7IwKWpXch5DyJ)`%XRD-DG5PS=zw^lIN)P!G|oYAyS$DU4+-EFN~Z
zHkO`TEqCwkU)DIBv9i*_ISuiums3)9rV@5(TOtqC+f9ZR*ZzoDW^;e4G(Q~hgoE7a
z!||5STB!xxj>kQE>$d$iRB!K{MQ0yHP?`^^o<S(wj+HhBzx47`RX*Q`JIwvs=z#!c
z{d*^O)(->|c`UyDt0Xd)`@&95)1j*Zk`<Ku<Ebp0gW(XxFFIKyN#uJ!$Sqr4IH6Hy
zeOPSY1U>#l{f7G(MRI3<vH)=f7X4ZF4Sg4C;9v2dTy}gnis%&dA~I)KRan*)W7zAy
zTc$N(1~3%=QR?<VZ~JDLFU9tHmDh#0?f9Dngf^}JV0V2PHY(bpZ0B!ub*|}1P7qga
ztnlaU7?`Q*Na(sQ09Nbuf@`T-<Fr~zu=!$^gKd7`seI_+wf)6#dhO^?_ilS%``zrt
z`l5Sudx7X)wn(Tq{L3iK`@<py9IIfCRgq77)X<;hvl${Y8qsDu`L&_h{c)hjej;n5
zzChDD>rSs%T&*T->!GYHIy>s1@osYY<#Lg}%)$VLsTY!QldnJOre1Um&w!ZIeciPd
z-Ph+0;8moNhncohgOgK#XR253Z#q#~Uv}fJ$lh>y9((0_D_Z{S;0Aq_$4fx9$$X3)
zbT2Yr_nXSrM0!bifaBM5ozTa6Rj>Ed<HYX~JlfvzuOXhU!$onUdbEyERxiu5j*m+$
zY0&-#y*=4UR2^O)8tdt=+Tj~%3>*$r;%(+2Nu@IGytk7$4JThScSWtj#wI_}5?p{d
z(QT}kCCQ!R1~db&0`q$}+MC-6+rZbD#xW5#5GvRgZtLDEC!L0tVm{`GyD{Dl^zy#G
ztBw13<54P-_Z~D@zL{yG-Sbj6_dZjVk_0Fq9%Vtz4->>|K{oBmq{`)z3(DbP;2oik
zy9N3InG^C_KtSxnBDwcYr_4qgoQ37~l@=)W<U4xc`cx4!e#wG9oAKPIwMW^&J?|r4
z8F5gv6?#5j%uOLxi;7NAA4qW8Eqv+ztl0hHwXfDz87Cos6g}SH<xRE7Lcav|{{JjP
zFX|LJm9MjZ46R0YYJz*<PJaGEWFjCuXk`aM6e(#RaM(G~;x2E#Wg<)DobzQ9^bJwS
zits1iGvzuP_(-%;5ckru=Pc;U>q(MqxACURJT5ugzo3$^_WJCzH=dgk<0LEz_@fH#
z>s#l(lAO?Kae4~NEzoph7+BVlisA$pp~1=nKe#Q)d=X-BC0B9OVjEr+C}`-Sbz7(<
z_4~+Ysf7vupn9z*%8OZ?p>oo#{L=IBV~H|ZXx^r;E!-&s_#68YU?=7{vR0_<&MEj`
zc8vQWfmA>})OI(!uV7o>;X>$`*e%GkrMnz+1*dR#FW6XbY&3cDTayn-?_6zFGsG@q
zUQv%uFdXy}vNe6QJ6&8E*U~sIMB5n~y`}-nx?TI>(tNSu*oP+x=m%DZcwBUHT_pao
z@iJ~P19-@2J4%K|Bo|&pSRgE-Q?MOfp(y~C2Omj053!oglgr*Y4-X7Z8i_5Iw>WQO
zOvuMvZ2gEsMc6LQ**5p^riuOon+gB4(>uXEV)E@FZ}xjF-h4BxwI74%@_a-K<-6Hn
z*L8$Gr&BD!yW9NBQ|sR%=zpsLH0r%O99a0FZ(<8Ya27rBvfZ+j_4k};7N==O*yeJe
z7t10-eP|lm#I&?M_^6z%a=5%r!pZW4&3}gdYtxoyh!8eZFp{p9<LdBof_gabf&aE&
zCL3}%)5d3;U?AE{^{w-azkOG<`a=r;1zqF?7~#n$xQsb-<p=m0_mfLsjst35MD64T
zb7r5Ehr%2o1qmBljLL%ffiMv&G6onX(6{yk?t#o8g>=YB`KfgmRVuVP+1~QRw{_&}
zLpaM$>y^I!UGhzf8tq*aXY`Ha)a)!<$2S6361v!`hM<dB<`TSc2O=q`R2s6<(XFCC
z_*D1og%Lvkr`&g<!v4-I%F$pj(A`}}8Lu5>q@^t;cx0HIda?YEO-EXKK~=MWloF?&
zT{Hr8q$s(fd6=OY&ei<biK3+PXW@W%yT}XzEhs+k4c1q7{@k6kJfBGFwU%}Hv6-@G
zW!%6?@ud@D>Pt?L?cd-b`QpubYIEys|6@MQ);EazJD>9-#-VU|!N%Qx_*Li^e?Jts
zOET=#8_)KO_0b}y=;2rT=0Ol7Upm+9W#nR$5CUC5J%9To@B8{n#^P+{gt<6Ul_%lb
zaec8LS}YiDRvaDhB@vWUAy{ts-1$N<=}_1z^DN3Y+%Ce2E;OoaI6mEUU@yp7LAbKf
z5^}OAKZhi_KZ!kbU&ry>8o=gKeOaNI5aKer+1IvIUs6JAr4u#pNkyd{27c7<=obEc
z>LfRLcfE<zTO7}yt0zP+h=>n_qj=oBo~FVpm(Wjrl56>4wOs4|dLchrjzehjIz<jT
zxx;78s_cqvVA<%KxuzeYcE0N!^?PL~5;iRIvvNk(*4-S8cwI7f)mDFbtuv((+tdoC
zv?#ty|KSG)e{)w~<!N-l$Jf;~lHB9p=d;@4<%WyMN`ISesh)(aUWEZ#epIV)x5(F-
zZlm`?^7x||B*IhR7<?jk+zn)`ykz{ndWVD4VY%$<AdfPbz`E~Y=9ecb<JYQvo@V+E
z2Dh^OnxNdhQ_E2=pAwevmE?!pC_^(L#k0fn=;MhPfLG&Xbl~HpghWeH1fbg>)MqB0
zI+LU?k|rd-zV!?Ky5n8>_pfA#RcVyaK)QXA3EwXELy|@XwAWVe08NlcNJK?JqhWG#
zOY6UbYqt9aHM=y0+XHJ&Z#5^X5&OLJfc~19j?1R7#-zE|hxK@SIR$(Typ*d!U0YfB
ze81R+?1_~AT^8aq)%Z<50pyDBaWH>8r7y(#^|n6+3`%$B+cU!4-tts)$60B7#(v?p
zNFY5Nc<1h8%#)&Pa+7F}J-&L|6ZSzAZ&A5Ic9|;y^fQ#aG~%?~=vO~x!kLFF9FZb(
z2^G<^NMw$5Xm6<v;+E70<^x>1#K6LXOHaHn+1de%z*K)S;$u~f<<CwH4uruu7Wq^8
zicV{+dP#?V*$&EEsmTVzK+~6;P|?@sQ+7Daq1#Wg=bb56i=QLQG@;9(G0xTm*~ny$
zo2$%itllw{TVW3eG^~^4Z*h2W8~8rCFs5+Atq(k>X|~GQ|KjL%-<kF|*VPGN(5(CX
z7~#HhF3x%$x2$!$V3i`!R=(`BiS{x$^KtU$!up^u`pL=ESlP^pn9hNbNzus5zDq5z
zEgU@a+}wA)`?v;xH(m*hPOJ(t-x$P<57~&w>$qtt0h%@7oaCqlHtn^9xCq>m5C)NM
z3fs4MATL(^a8U)mM1#Gz9v(TguA93J@0Uo-*A=q#-Z2PbqUSz=507WwRi2*&AxI-h
zYMN-yP1~q<f0V(g+bWZVKIS&B^`BSpsfHGVa!^1B5dO^oOUy0tZv0)DGo<kfg_0YV
z#s_L>Z^bCs>>prMe0LV8?c+d))+YbWsr@I&NLf`u6XxjX>!o#db$jV_T<g#(l>gck
z5n-X|{5NgxE8C^Qzc~(7QgQz0Db2dgZ@jO6)9i2qvTWup{{Gn+(OLStAj%8eP3TJL
zEY#%vM=L2c+DiS8&VTt#V}#EN|1U@WXQ$-1@m8v@*|SlT6l|2U?jHm%7y7?<^WPhn
zA`*0H|4mbgAMAk+%fD${+W&t#WnEoQPw)T!<NxpA_<w<z|K};|@d*jH=_^n`|C?s1
zs<r*U0ZoOMoV@)0$H`))%%3#3r^{a;vj1HClZHkTXm)&D@t^+O6gxZnUiM$T99_la
zuj7PDL;o?U{<qiuKLYaKAvNs(jN$)lr~Gr%e(?nV>!z302BpWo=ng$GLL_Yd0s1`f
z|H~r)eKhH1YqW67OFdF+eW?G%#Qd*e_BF$E|F?+Bqdv)+fxdvZV5sy<@!kg^uloc)
zZuKklo4F(h;Rq2GT{qs+zWNhJi3roB4b>nNb?U!{Wx6skF_G%k85#j<D<WOba<w>a
zo2_*?=w~VYcR(ZOYdbNlEp{RDw|eEJn|<d`^#5z5$;s;rdYrVcs6aoPh`X_9xBqqU
zKSAD7@4?Nv_xo=|d%JWL^CBf^&K%k>Ctlq!|L!aDUt4o*!o17|D0j^?*ep*#iEM{l
zb31GTCD3#t)Q-lb4!u-mJM1^iDg5LR$N}Y(FA@17k-t*sCdS0BINKj@N)6(w`Fu1q
zeqxe5^_KdOVV&ikg$?Y$;pl+m_)Pv<9J!m=wu?6?*<-;?Em(_o^zoHC%lS@r%8|am
zV57N5IK{cDG^wyx^Dn+cEF<@wK6RmWZXVvQQl8Zxf#<`W-DbLz^kL8lD2Y=Q#qXQm
zS4`RuB~X3Ya%EUx`zF-aYz7-L%F10SEQe}jGhnMn%m#1*l=W|x@PCF(%z=2aY%>!w
zRUS95){pJ}>up2b3qz}iNbko<seLK3UqkTR+@fJ4*xf*upg$+}L66Aa>jl^GVL@VO
zkVg36#l+B*0!69YI<!YrSDYBk7#ET^uO8cB!UmM*j1qH5M^Dyhw=TKt-3CwmOQfJ!
zenky1TX1L|n(!n5HY4$9A`pyT$M`XgUYYLqvu9EpGB+MriCu2~C{b^k)H{JaX1v7S
zysBiD>07}ohOka#Pnl0F`JKN*+PCBDWQ&340*d4LPv2hVhR=Uh)cv^@{?W68pTEt_
zqPzASnRF1v|FwW3i2p&-0;X@StI30__i^{OVfuYs@^)m6km*4OSH(bELz!p2>P5nN
zmG7(1!cg&Q!)L(USlP2r<+-@i-MORGLB0R{xGEMd$?!(ChS7Y?&_klbVqB*gHn~QH
z<k+?XR?-_+V*TwE@in3|BlRN5`)#}m{j0a!nY0=Jlc4asGVk)GtUnI~t-#ITp)C0^
z;B>!)TfH@r2oq$2udPop(~*Z(QC6DdbZc#QAt<xdqV1=b*uTuoe{!nRl}XuErCz}Y
zd3odw7PC^|O4s9?C0*5R?T@Ez6Jne&wfy^%Uzt3KjJzTd*odV<x6|#!w>`4?dp}KA
zvBC*qM#JT!y7X4KSZ#sV&BvZ`-s{CjmCztr_9RuqqBS*R<%%c%mfKp^_EBIr7&C|*
zPNohkmEv`$uoiD{uQ2jhWt0%2NP0@VeXkru942{a*#9CQcUeXVN=|Rvgu!{phV20A
z2bL6Wlz4K=_#aH${TM1QujN0PJbpfYGTFZ}A9GaqWl+=(*H&hhaxS`VXJd|$Bt70m
zLn>*=KHk9nJsN7XRQ@{;JK!+j{bM?BM*RYOpU(zLZE5aO96J1kj%%UAUCE`j8vR1(
zFezbU1$9|<o{spt-D|lK>hekhY1h+YEkCuf*)enzoOk&%WL9EX?i<jh^W62J!v(|J
zC$^eYTHeILBEG?QUe}*j#!$qwvtrobS2b=twX4XoBMzerHJqF7v?C3bugJUP=><pq
zq!EQ!!NG5!g5co;jnSYt$n_@Vneab7lz+ai%Z;b$&R6!`-~zqhy1BXWwdm<CFE3x4
z6dssA*P-!gemrRs+nSkQiu)NA5CBtPm4^mNi4c_D&SLGj49D`WB&ULjrztTqL+}f#
zS`Ku+S_(M*diwa4t%JC(#&c-*@y7StecP|+OFq8Swc}dWifBctrdtp`0(v7O+Vu)H
zHL3NsoSK0EE*u!_1NZw#4Y|)C@>8AY_I934ZVDZOw|~!TMXAqHD~8YO+l@&HQl0Z|
zYs%rOft~4@k67eJsUp<XtTTR|qozg+nt89uk`#RHZ<gr<YE*B5InYI^&&!ivkOc(X
zO%|?ciN?^tIp@V;W*z&awhPS>Y)`czClPPs#kZK6HOM_<N*6_OFuK;sn&CUpmOdFB
zw8vp*fMK?b7}9udVzZ1zsZK$>)=AJ!rtog(^x)JG1>`HXSOxK7P#Z8O%lmWnL&r3C
zsq;LiGbch&?(H4A(;-XWNI8^2Tn?_^mY&?AjsCky&s#nC6LsQJewp#}Ckzk>Y-wpB
z<>p@4u^d<Zv@$t~s;#XZ77-!-3IWf1F}hhX2+9khH+gZ0b(Yzh;AkkjO3PH3^9OAk
zy3)eay1fs1cxQCCG5@|SEny_OuR^6Bt#HrcL~UDpr_~viyZczXQp|C|4`v(Efz{;l
zY02L@2t}jlB=P)X@M_TeR`!Mi0fbt!I4!S07e{wTu6q!T40KBwjY5dirzz=Lt*1x<
zdg(2sas~urmm+rsvwad-k6<&Sp1MHZmV!Jt2Cb<{u?5X~*5_1O4_&Z`thBTJer1_1
z5RXxS_v5>4IE_^VRXnd0Guoenap+ZiVS|k#Yl<za^nwhGx|)Mm7aRQx@ry>QcKkR>
zC1fF5p6^dYW^x)v4IhQh-$}bT#+P1JX!HgzowwSiE}^A|S)aK)F*A5+Mt;Z$5j}f*
zHeI<?CjuKhxYK2-QF9>-A5V=OAdcvvk?JdyF&t{_S-5+~{}I(rdQ9}{arD?}b*cX;
zS2l%xDVLnlpo@8SE24ABvjMGe$3Rz_MG%sZTo>blztrx-5)G=5EWK4T*0)}5H<IXa
zM{+D75lHU)ga2Y&!^4NWg7Iy+2#`+_p(+yH8C|&v=(*}Mej;J;GD9LJ{;tw_y0>|k
zU=zaY8o2H0h`0kuN6u`(W6<TjCGdaqI^y&7!}{;euw^H>)?_&ca8XK5)y0;B$=1B2
z+#f;=pY$fecGMz`Qyvo^hFQDp>W=E}<<t+E?!M4ve@ISa1CR#e_~CBb&Ehb@oZu+l
zKe+P49jV8^7ZGC&y~f^t)uYu|*c^esXU;DpW?|Ro#&|d#+Kvy7MPc&LB^KHen8vkD
zY;S`v<Za-FX^%jLkl<D9$_p<tRK_P(!mddv^$qynU*|KR4=XhN5AxnJD9&!%;|%T^
z+$99J0F8&>1cJLejWzBBNN^{(1$U=$cMI<B?(RDMzUQ2|=bn4#%hXg&P0jw&{Zw^z
zKmF{z*WT;De`_r>Ru|f${$_)jMJ%$dkKOfyuN9yGV2;<6DW*gOx#@S$Y9mancw_{>
zxwy;vK|-hs*vy^skzko2(F-p7pz9_lqEPntlAX1OhE#O@Gg*TbXJ3^KaNpA1+6H}m
z;!O!s%{CltcPUS|YBvQaU-QvX`@Rdk=zk8u^Avi+3Bk{8uitF554?+}=ZX;ePe-uO
zeg?83!%<0q9#T5jL}t@gI?yC{Ngz|6tGohXJyVGk2c*%koO@F#Sm5Dhc2uG$WrLNF
zyO68Z#0bzfx_A+>7|n{>r)QX2?saY|t9wkXG2?0(#f0<XmFL6Jy16SDD2+xK4K>oD
z0}9n=-qm#*m1-*XS30VC+ftNj&1-J@X12FM`81M76zXa^l<?X5e*@sT;GsV9o~PAE
z+*Pk%ZZEk#vFEjJb?-B%rXMZhvmkz#Sn;vSsiao7Ad+6i&0`v3h5hL|u;DG)kQ_Qa
zrDQOUZsTW($S-3ZX!IBpkOabXu?a0tU-0#jJP~&(68!Di&^3YHP(C8I+;kJXgcl-j
z9JMv*mA0|ijpZ^@F6zmLUeX56wRC1z%6W}Y<&P2_L|@`>>YC|=Vy>`=Zgh;-Fe^^V
zsoLDq25%JNG4qGI^DlN4djWYnw7&DfN0Zx%7$xA%Y4e9V+Xpy4CD5@5L^i0t^*zQh
zjC}}T5sK)^C$G)|<y$9OVE}n*u*YZw%|;65(<(--_7Ck#_3?wY@Oxy&#RVjs`kX-k
z?DqFBm>C75CQ{e^>9z9|3Cc_ri5$meVTx`d*NWTlxoRt4I6{?Yjb~g#2HK`cZsjH)
zL%k-{G}l`7y+dUW4#TUANTMQpib0Y+&zr$<k7~!{OGo)nYHF4E`aNcw9-cr`{TiDf
zO26eEEVO;Of&qMem3+~`uVwcZVR|pa<X4lAZ=Uh{{1(7^)yJ+Z(;|nK?=@`>`r9YH
z#i~c(J2A>oZN7mg$<+)Y^3MDyYAj%BiEN`gb~4=N&hEC_%Vv=8%KaS?ST50eJgZqF
z(2uzsAAi&BxZvI?qed6LhrRkPOjV;@lB9x$IsS$9M$w)uGWdnOu^Parnygk`*J7(B
z?ZtYsG`l(fN1C&-HK3rX*XrAKPAXs4GVTYTTIAHo^dMD!)ApeXnF}4_&ny0@^xr@f
ztgp&qgZ=RyzonL(zP7aWTCM*`GUG)_TpGq|i$$RCR~g)uuBh(1x81JfSVZsI2LGMs
z@V~9_6KPp;KY<}Q8n4$=^32GB#DQsf{mblzz)sKkcR4?ezLxA-!obmeLX0*g6)Ft0
z#HSt@o6h+O@D?_T^dR6zg$c*$k0Xr3Wo~d#1rb*L+>5!x`luec`t#T8spX8hygvxh
z@6Jo9`4t-CLG$sP97bgRk#>|6sfzxUVM0J=r<$s&a_xxe+ft$~R<{1`jaD?yY!Lke
zkYNPb`6vuP{gNe?9syU!HGk1o<?<Tk&i&2p*~aCH=hIGQ7A~I)S3PThFSJgah!-<o
z*TSUbwCj&a8LgUQAyQW6-w_AO1(a^DI&NPp&L*u%zQPEke@8+A%J<h4btVa|;g2fi
zt!60ONzn=|=T5$Phb5INWtJi2GrJ)<LW1eE#;uujFy8@*?R{o#jz5=;mNw~mkdAKc
z8n<!UR^A`%F_{TOCY>o~HCw;{+aKHx8V$fKQ*2(hB22#zp_<L|1|naOJ<%>p7QL1r
zNebKo8et8xnsle~<@%2USSj5y)8^0ka>@Rv?E!veL>#M4KC<*2Q<#$Kc{u#i2y`2L
zvni=T6=$!iF7KKEmN)55vAb@3zi$dgWBSu`nnrl|o$F6uy1#WCz_Ewmr7F*hUH!T>
zD(BhtW=|P+Of{tnZfUBQ+=rO`?Km;+HRg6K#sJll@dkw2R!p=XAD585(_vuhBmG2W
zPG`-BCP8lDbMz@%i3_$|MmP{hq1IWPoYpi(F)!#GR9f@ua-P(L$vUF?Xmr~ZfcWcC
zghZy<_2BIt9+izF6>@Ku;he43!)x^2o*QsJ*voM{^{`VnR?dv-E+6-|ZUk&q-ib5*
zkj5wc&PUT=V`)BFi&(DgIYyk*#qgf*FBiq9Fn(LAuJ@@7S&k?>XMNnBm)mWGDz94D
zPq(}mDVR^Q_qT_?qN()^PITARPKrsHFIo6H)CJlmy%Vwf@(3@j>U6wG09HNr6wFWb
z&fXTOc=GsHN0}uXTsoS}2}k>3e-4k16^8XLq=c`#UEgp~aE?AX#juhb2_QpM^8enN
zY7cRp-5(DMAOTyl7dJP|82mC(jj=UgP+lFAdJ=9K=cB7wswE{o41mRsyrk|(M8N%I
zZnVQIUE{fe&8@gyT42qcJWDj9qQ)#4&D#3giZ7;W*&rAO{+bP6&smt;>-NPBFC5n+
zzH1;q?v7)5q9`!jIyI7XrZ@+Qjx9#06r?|J{DO5IdRfZfCilZ|yU}UPMQjl1R5OVy
z3%ohXN22*Y^4xB!o<KREIyL-=?v)o;TWBpb+-g&uAH%JY@h-_pxI|?HWNLM3<gfK7
zlzq`Pu>OYruqC1>nL{F6StJwLv!PLnUZT^Ut&fLLr`KSKxcnry&pGauL7rVWNVG^P
zW*OeA558kYEt#SErXy}6@(W5PMYFWU5?(n0=eV8O#kV(EF*ACDolo$}xtMuSOJq=p
z`?S05MZM8}kN3rRgbTfumS#b#If4og3q2p5Rc`eTOpPt%wcWxiTH4g)+IEI`yn6<A
zuyk9_8wxscDU=#G$7Rr+64C{HRl<Cm`SzuIFiK_%9}CuIIS8^?nftmz9+ld)NciHI
zZ-2}uU_}|5dzu!1D=z1skvZ->{HYfp_=sAfrK$eyh=w*j+P(Dh_CSeayRx`7h<13!
zb@qiD&fSO~v@EWF!**;xk>Q{pY`iZ5*lzWr!YWdl3)`YF@U_Z&F<$cF>$}0eN-+E4
z*sx2q8FTz?0)K?ByEc)pQvroL+#`4J6Fj<a3C<!bo>%#|7}oDn-(uB^7he-+9h)jr
z-Mr$csQ<(a?#7#%M}DDw?6X<VIp_M$jC7kG)m;*1F17Te?+3(d2kK%**((*>s+-OM
z!?8JM-#@kbV3>+bJcN2Bd2Rc*L`*t-M|1T=0p80g6|>C+<_*R3M5dMwds1R8aVF2V
z?)+NDxa}tIPio%x#rp5V7b5>Z%{13#81B2DE;k-dL#jj$3tL(qk`lU<*OQSNewLp`
z2B5{vm+}*Hli$bTFS~r<4hq!C+ORt)1X#r=AsagvGJg^#Hv{D4glQ08S+3y&2mmg1
zRmZxFSh{4P%)OoSc6mlOEnnP-P1uN2;&A}BrjKSbamB7gXn5^G7!atzo_@q)>s`g4
zHm<WFBAnB3&MJ}vybvDaqDM0|iKo$XmyB9ITVqQQ2EzNNq4HSA`2BVbR(d9_9P4fA
z_@AlH5_e>SIHCZhVAnrJ!=&0Y->raA#jGnCDDjMNe9i6zt*D)i?WrW@%rCskMITT+
z-QZaJWGaS(YzvO)W)FTPdc#WI_84?8%4312q)dUWvo-{ftpDIEnDWai=ZA$E=!#LV
zKs9|<VvGhEVuxx>p*_0TVMn#%K>eYPS&YxUfoUNF_l+9pT<XdxAx!R~X%nuM(PZE=
zsJ+=upgrJIo|i$PI6n`;*TzK*yI9f5rYU-O+_PG#uZdfuc1KpPQD0rko1%0g;(F@|
zL)X>yx;BCRUlx}Zfbo@epb97n(P^(H=LDZ!Q+37=TQNXn29{^f1a50MX?LB=z6QvH
zm`g?PBkm8iZ4+wkrt{98*Pv#O?b^ZjUJUY;ad?dZm$O~9QQ&qq0KuZ<K|qTm?wC$W
zLZrY20g!vkCw`GvE#q`N>(E^^Y&atit;VmK#JnO~S-(NL|0}abolZPXTSlpW@zt$$
zN0v<X1`oXa=jmYD{~>i|ON>+4OVJNJFIrV>gt4|2;&>!<jp}<p<b7W|V>xEx)iubr
z1nVJ5hfVK-6p=?R@iFztrkTa2hZV$<|4`1#;UTjWkEDdxQq))v)<OH(Wg<0dj?ei4
z%5A(1IruPH2PqFs#7?9W3bN>+CWi6?VMNHUY?2syBo;ciLV7ixeGgJAz~k#DMw}Yf
zC<uw42{>(tc7=q9bBgg=x%x)skm~fBZE6Nfz?cmS>-Dh}6KxzVvd3kkOG%5fTU-Xx
z-cZ{@>}4ku`2KZqpi~A`p!4{ksT;`9){^Ee^K*U;j`}uIjFHKyP8i0jI|jL!gb~Pz
zWYhbbxY<wi5pAL{*^<S&SkcCrni>(A1E9U4xT-;N(GB*KK6+rH2(3^irhW8o*SX7i
zO0gOq%LLWcxt{goB}@zL?Auf=yVNkd#$g^+-eiL+R-{)w6fr=pmGn!wj;dBr7Xw_4
ztQu`Sap<d3o}unXrE6M@6MGXW-rZZ9eOo||RxmXEFhgDEDaIviwNqle`dCB;27#ul
z{Zo-t5x|?Wez(2ifp7pXZDW4QjeyMMWSgSizLzd$P8*Z|t6s^`0*`@pTHDZ<=o%qg
zJ+bnKSSwuotXNky{u&NvEII9)v%!kq9UpZ$vry8xL0qqJNb<zejGxdqwNvn<5qeNN
z!7iYgd~qh-awtiC*lT=*+V28<2GiSFm%T{;DW!_J#=s*9$mA+qDa#A0l6lMqrR7;n
zdbQJ{v;35%ra^(*g&xV%lv>NHv-O+QHFW!)j5F!{Wt>(Kk(fa?qOVlEB$|e+<otUr
zPF`NVjUu8FvM-U8M5nlMv`Q<}?-_(}UH(}<0-e<{BVM56Og@r0KJv60g-$puwbc?n
zE_{b)-@C^6XJ=oH_ux{&2@QH#yQHX#oDqLMAKP&FFnlAIaj|=Jmw+^J+%UKT7HOL8
z7#$NvI1nS)$J`~}^jnZ5Gh?BWpoXTfJ|;i)qp~&6@1V_uTRTz#WT+^J?hO})^*AV_
z!87=+r8$|TwhWH_P0+Hs&03HRl%>&L0L@ldPkp@e<HXtgN(p>dA|-ZO8l%@%F1mW~
z&4j2CcaU;vvGQk7D$dO;B)S)yW0q{_7o!>fEom|AAhE^)+}2Tgat?>y!Xo0zfi<`f
zA_&=Lw!13LFVFLR9g1f7!u`?ynL#@mivG-c=h(6ax^Bm2y@`agEy8A(l3LP-4UcL^
zVFr>!<v*I@)SSUj;2&Uym)bvjq@A0^D^NJ3qr3+_;-JI!;3ug@MV)Qqvbn#&drI|F
zC$~$l7E+Sn-Zx~w0w;ZIM6<S7>lzOmP}!RE`1O^^M+(d8$=_Tq8f7qJxGy9T`!Bne
zzwnIu)g53pt&iV1m89sE0QFImFrj^lqOk+~<ETiMYqgSJecLZdrYlo!d`om*)x)+V
zElUNTo_5FO+;w$lJ132f`W8C%<d*P6t%`?GST=no<r!;{9S<nYC-c-JVI)S9!z{L1
z)+bh=T*{acd-Xmk*6OO4s;C0gem=G=mWl;YJwO4J4DC9h+O9;gh_r41<ZbcAXIh<g
zVF=%8;fznQ?cX*HV6R<&`BgUM2(ACB(F85gsXAz5h}hNcm3&WSQU6&VKC%vFhX*uU
zIl!4f*d!1t!tHONUVfUJwnaCmwar22bC*miSi>0g?wf0T2CS(IRP*Ky@G#C!j1t=1
z$eJ9L)bl?O=_g)l&%CI{x>Uxx&Wh_y>pv-pTWpB$oP9@m*oUk76zzq!zdR!Q&^k&o
zJtv2S9Ilo(+AZ!Ca3m2^Z^aQAY^uS_*9{JELba73;rJg1=}tiw;~mvv<Q}iBfoY~M
zFj$)foa$}3P>_6;W8y?&Em{87wyjKJFDGzfe~{KFTHfxy@Q#~txUsKl7K=G?$>@La
z|9x1J(X~@SO*J8fpo4#OK6^AzSxbsXZEg+P8ub+xl5D>OikUK=6j!x9a=bp5P2N5$
z&tN*hTnAWDn8C?Jn23S2L;U4)Z{LAsrAbmDIT!*XNk1UyIZL)1+l~D;8{M~N^<EwB
zO`aOem98?vycqQio=?&;=2~MxpL`G1NLVDn`flKrUOC-nXPofzcVcLqU6n4dVbE}D
zFcO$TKU6*>5g2{AvH<i+n44-#P1Oph7qQv3uQko&gwdS5s<8_!3H$V?l!HC^`<tMD
zg`kQ%F^FV?eHEiMPkMtpOz{Jp3h4KQA|E0vaH}TTxvbiZ?0nyl=8@t(J#8f8%lbZg
zRLbS3Z*@y`UfV#Nk6J=R(p~q(>J#xV582@*@euaCbgoI;TKlUHpHReHc^YRh!|Q&u
zd3Xu~BDu{~O+1}keiaAeQ(rZJt8M6&<mr8+j!Byagiz#7!-^v9%4}CPuR|SaEf)Ap
zWHxS!YYL*hG(p^fEj-qri(^Hva>!C6`z3fnz4E)G%j^f5SK<rK*zP#3%Ip5?wDBMB
z_SLLrmy0)G#<1!4pPSM6hjiGEM(k)bJn2w#Bw;C^t<b7MLlsow;6~;)5Q*4{41>0l
zZ5vA~y3hA2w*6Us6WSv>MhBhfr4AeSN&V5{7m55^aiB(UA0j<4$2iQAG~_sAs`E}*
z#U9gV5YyO*st4yb#NE~khIRRsgd{t(r5A7|3}@+l{J-bw%VAYPbg)ZzpK$Mw(ntvy
zXx&d&3_-t$^H~==JiC}6cGrx6DmPFc5!y;|Cf>3rmh~e>owBc|zJyWthDgrOm7`vF
zo~jFel8K`C-mb^&^P&tvx}jUmo7<taJ2sYJ?$5Y++!b3GqpcL;pGLr*<0$2T$y(%Q
z@K<C7BD&9{en~Y(_G;j63VANd;))+kaIPi(lg^TJ#(Q5Kv8<RQt%YFAgek5(<bGF$
z<Bgtwuk@hbI4ZcK+N~i0t4Z}sIAxO@)*S7@g*lY4jPARMma4BB9*-7PdAs-jqK8w~
zcJi;*(Vd5)hX3kSBEH$j;Ke9)MEoGf)0J4!pQQz__0-TD`jREuSB`UW{KK(5YX*9?
zZyw_SL(*Q2RW?dgC;n#cbRl9I8?1Lbx<4cG4by9r(q;T6mLJ?U_!{@b!T`N-))ItK
zM~os*%#$3loT_H$Ql`b%j-KM)Q4*z5WJNgtFoLyT4C|1$^^r<|<jjk}k7%}-h<i*J
zl1>mPga1|Kgm{Eo>RFT1T4#fXTs!;BQ7ogz^=B##sXh$1JjMew+Q|k;swMMV?8>m{
za-WzxIXCjbLp{TbxzKm$z|ivAo8Rv$Za3RxBrDzVEAWcYj-K)&|8XY#Up_<j(ni~@
zE)nhdH<7pA`4(msBtf7Awe_xfgX?i{B<TvfhZ#XOhalGFiKYJ_$C^lT3D^x%+0^B)
zHRDAiKIQkFyU~TG;f~=6eu5Q)I$v2{hk7^GCr*@!3V6e$)S8!3f^~e~V8KbE27_5z
zu!g2Hsb!82Vs^b4#kgt>%KJ)>5N}@6jZ;GZ-nXy6>SuPqh$P`iz3;luwP0?=iQ6gs
zi39}B|6CXy6|(b2rbab-msk3sC-bXsw7RZ#7g%u{bW7NWX$4?Vt#*5omx?c26g3r*
z>PX7>A@UY#iOZ2ttwt4I)ZO^=y^;3KUa`YA1jD>dVwFbSzbnbk{j3!>u#-WhNb(F|
zfpR+*Mo~%wcwwFgBOIs1Q}F|^&%9dHPLFO%K6fAx|1I?NPed7qw?%;j*cyVaTa@Tt
z1jPoQ%mmfEFe3-%t><rDlo^HbRVtj;L<CrDxj*ZYh14E?T75bUcKb-&5SeCDvj~<A
zE0J2En>C&BaDJk~N~F;P--@!kmj?J4r`-HJ(*S~TNR`?><h@wHt5&_Y-bGAn?xnWw
zZd#|>7Q{PkWjwF5-VBj~7G8Oo2OSdx461?U5v#2mi_ml|3DB!H=lcb66(J`I0=u-c
z`p8VgrEiN-y-hE4C)PmNZ;IVhBVteBtjf8wF$^`s)|#?OE6Fui<}`MXxa<Czn&V+>
z9ot#L^44jjn{9ztc2ryh2@AE~^FfbWs(dy*>>naiC(Vq=!%5JttW3oU*xkO@<Xp6c
zjJ+STLWq)t9+x~MDf)B|*D?A>7M)=(^%Xk8%6-0B`c3Os<U}n`b~RRiIcF@c^=bT`
z4V!y2U@KT9qNNp|%uA~1m01^-oxz}x=yi1%`JvWMe{a<?>_5$;O|9H%I;sG7KESxU
zlGYPLjWrGK?6c+iXea6G6;-9^w<rQ5KPJ;d=9uu{1<H9!E>hp~*EJYJCU|oWC&+rp
z(EmNU<=EcehB0Qzc@sd2#eNX12S7=;6dB2i;x=Q}Wq$lf%ILSkT&!amDf@;gmS<u-
zmclknbfk&J>2f2s-eOm}ni_HKOi7?n6zT+X7cj!+Ha0EP%>*lGZP*cW*z3K{Ijk>0
zJ|*GV0WQOJf=eC{V7Ac=Xh3G1=lAGfWFrXE$G$>!RbfC^cfR72mXWq<(WO`3Yu}ph
zqTY{65-i6c(b5$+OqiB*r>m<9I@&iFM!RHNWtEt}MeKOq%kLQKB~weh+HM<dv%{@J
z_gd$FibA}d4q~7I>|gC$e<NgiY+Z2PzwB`s+uj`Xg0P%_9+LPiF!}1Ss}GQW>E1~D
zs<pD4=CkUYghm4!!jpY^YF_*1W({kqn9QqpPNul3gRai$lirRA8V|vF)=%>N$C9n<
z*0z2n__=%7N4g5(2`9ZCLR|P$jLiDiCn~kJy(VQf5k{{qGMi-Jwo8{sDb-A?Av8ZS
zg#_c7R_@1XhnF{=C48?Q<bye(vnn^{Yl49F#;Kj+(H)Y0gK}>lJ!Y}GzsDg7@u(jR
zo9AoI;FY>^a5xG0imxeKT{Plj3a`;{^%c8m1LQ>Dy59<bToDSgBlLgA(f>vESkN!x
zE+Py+Ux1q&N^p8_1am6S&T}mAiJwJ3lU?yS4ZFYPQi~_*=yvjG*Zw*|51|1AMD#(o
zY%r|btjNKYgC7-*AWugpbIt<w;~hRqY}cCh);7bw3P*E#_jtCf<PG<K*~)*sYf?Qu
z+xN9ehiWLOsk!F1==uu-;`g{crhl_8-lX0wV&3|W=aXG``mRwC(IG9sd;)bvH<XRl
z^pbSUpc#73g!(XKP4Zs7dYCY0jR`j4_{+qnGY^Eu5N{tP@Mi(|1s6Xy&$fz*FwA0x
zWx^2EAZI%=^3cDi7%|t-)XgLxd6FyUf1cdO79IQ<92EIKp`hi(p_%`jHQp7ul~@0S
zf=bVq=^S#{tSW_`flLrifo~*ua_Zn-(Z;<y0Pg3Rbsp0Et9_O^55=@C!C%PGhggw^
zjWcnB7oV^hdJhN|a`mpt78)>Gj>^9VRSH__vf3rKyYdzx`^If$lea4RpAI6L_@If@
z0xEqDr72f#Wwk$UI<cq)w8+vuwFoBy6MwLu3_RTwn(hRJfB|P0dWg%L9mzCPV07c@
zxAt!2F-?8A&KE*(uj^9Vho(FTYIiE~(2VuaOSx|Yt#%t}XR{>zjY(Khj;v-*th$!?
z<7kTS=eo<~X|b=k=`=PrHka~{9?K3)h>oUw+x`c)hw|TH*goX3h)y$td?r<@ia!-{
zfp3f@V2Ix;E-t>A5U@SMh;=!?B|T4wj;P5O2DQL18x60hfA*y-oitbr57vkNc-RX<
z45~U4`89IDunj=wW|M$P`Y2Alz<$a?x4YdtvoX{8{{bHseuQ*`M)?Qh9Y<k}=Q1U%
zaUT3(t!fy?3_C@ic9~}u1_3Kf8xA7FLtE@1T6N<wAKxB58puCsM*55Yg+PeLaDU0x
zme&7d61V=zBr*zcCp^JZnCO10GFCUTujCfcojI`k@wETNpGiAHaN)pJA3_;)L$Sy=
zg}tFblAYCBBcOYARsL^$tD>m!-)Jxu6~{jqM<QZI3W%qvX#B5V`{$GVf0=;%pE%?H
zFBnem_tSv?@caL9sTk`ZZ(&hH;`Z73Fis!~IF^1n#y^tQ_WIY<oaQt&HT@&Bvb?;V
z@z*sPGc~p7>mNw|8!Rj?yhv_{=_myMGi0DF`7!oCP08Qag@69<QP}_Mm;FBty*}VM
z%1Lp0{^u_DZ_AyH{QpT{d*<uLoNy%=j8$)EK5ZdZpJJBmgc`aOPKQ(c?{NIT9`F8X
z*Z(E3eixUJ@cNNUE{%^yet)65;Q30<v7ofwQ6ziu6U)+)42TP)6ad^yp2)@x6wJ#y
zSNZsUMM){(Z`{qeB)XLa5q;1EVu;}X#j?iwU}MenNdg@)b?wN6bm=7)Mp6$|{;^K}
z<C(8<ADNAucX-ty9?wIKxjHHpU}GisbzCvK)WiOb?0d69INNLp09Ffor4&hhlQ?vU
z^KV~3^{H>`b@o2jhrD5VNjgnLOhuRDhW4LBp9>Qr)&J{{LtdGvz4EEN>O{m$&>02R
zj7lNF2d)9nJYwa%&}lO7MEnG%LtKNp(xNq-H4yeLvXWNy)8;#ra=Nf$X-1LYAwX#a
zr1F@WTYmEdnl4LZ9+~K9ufBqZZkoBN-_w#aq}G|&M5k7o8JPHfXISw=-d<+mec-(;
zBs|jkZJbc>5kr{uY4=h`H9k!Uek6K|$ER_4vws=sGheD7x4c<#`@c`vXqtpuhu*7|
z-_vWs!3@R$d(DbAIKI}_2FCCG3w17@ZbUwOuOSf5S?=YuXyTU`Ly^3`pfdFi;gerC
z0Gg8RL7gY={-IL^7M7kLQQS0kWhoY@Di;b*J9O_Xc6g~^;;}|aG<9YVks@=ujVk5(
zkQSFmalqdPP<+=;NU|(M)C8Ac@%;^{?j_E7_8FCik6_=;=HmPXuY&0iUms8E_IZ)9
zxI~k=_m4zO2h-y<p6B2342@-#pY5999CTBwnkN(uY2{z*O<b7!j}fD}I+JdDKhi-3
z^fkB7UN7-BMK$R-lZwureo-4Cr4jnvQum^>^%~yknSOZHnxbI3rj`{U5&WzJKwQuP
z_gs4a#-h0mwHHt3uY8=r^z$lRbD3!WcpIgcR+kFt+QN|L=tTedv=AQ6O#if0ZSC&G
zrp9}2VR~=+dnC`csNM+yUT^Cx;sGHXzxi%pR(#j!Nb1no+;crK-Rv%fsVgd{M0y2}
z7kAz11JZ-i`~%qm`>Z)jx{Uj<+A*(g>8Sf&2n$cef0JYel%B%_f`=bg;M2oG56RR^
z$Bb<o8HxPm36S4t7_lI3iyWefa5Vr`*pHU_S%E%N_RBm0&^?{Be`em?kPkc8{qc$Z
zYFe6paxSoA#hufv)v`ecye&GR@nDGwe|^V&)sn~a1WEg8CQ*2#9DFTUVy}QQPsj0Y
zfgkg5j{G!M6cY@9I(V!psaaiv0F8f6_s{S{Nf!>Ui$lfQ?;AVar<we{u_It#Tx1vo
zC3!g2rw=4_eRoNHP;a!u<Ci99#>=YO4CPTp-;fNYFpofTv-Ok&03Jj`D=wq4!l_(u
ztxb%*PD%|Bm6J`fl6gV|%bJ|5do-^pDfKQ~SE~;NmC`q+E$L5cqjrhp<YrYFR*MqK
zPu1M{Ea&QGnk=_JlM_`pFcdYI>qRhmnj)5qHL<W)uO;6;|3uVmTQnd)s@J`?h4@j#
z{1QYa&1Vj2-`RyYuggnLAwfY-bIs8(vXh!PZ}6P9Qz$tw1sf9`Utr-she~<{WjZpl
zkKO3oJ=$S2dGQzVcwu-CC-lY6?o+%%Dq-bBF^u8!5VbB!siw$8$L9WYVm51xF_!u^
zHK>{f;=}m4hI7FF)6FTA{E=U3CvV8^Gc!_wRcy13h<B62USRFNn+zL#?>-T+-Deh<
zG5zlsaLX$zM>sm8qoWDrjDnI=i2(zRQPkG*jIb<WU7g|3I5@dm>nRFu{8D#Tn00Kh
z)#(?KZgt#vK2<P(7L3yW0$V@8re8V+yRU{aU~Fn-pD$tFk7$<(^l@Qs=#z_i{H!__
zG+KC_tU`H@31Ehuh*!e!*hu2yKrSOgk#v%-Yx>LxcJmE$sCPlYi$WIbA)^mC^zFzi
z0gI-{Gg0%KBB-&V;VAb~-HK7L8L+#kpyZiRT6UUGupVxSuN^Crv)+yE&LDbz(^P}-
zx6f;?`SqWVy7$iSCt(e)nZ&H+B<h;b8S&jkSBC{R&NHxonwZ`my0rKvbBO7Ocq409
zOCA)2`vq&|Tf=-(r|#jN9sp?Mn`_gN`6w4toxFQfXL$U2Fx5L~uh0OKbw!m~l;AGc
zH`xEt_@aLDR{a#{PMSCtLtbH>(`e9e@N)18fcW!LfDx;;fBJ|WWvM+hK^wgSwreT7
z#gRT{EgALA6v+W`#jr*tUUNZc@-nBlX{f(`e=W11J6gwLiP*CFubxWDEUl(%VDJW<
zy^CUhnGhbtD@j>$_DghSU1ohzN{O1{z1$|+rrOEH)@fS<kx1M%kt_9Rnyo;+^t)yH
zac*c~jS_z-l#$<ISW7ZoLc?%(?tXbh;A$stmAICqwP-ERkd%9X^K?z9O68ux`*$0y
z8JYpcjOP7cR!!y98~Lwae^ykmLZYHDiHXAiAf^%mM!4LU=jUJX@c|7DJlAJy`mOyA
zqevl^kQBSNthK5bfBS=QG*pKnm91bzQY}4V&4gM2=IND7VLP0WbD&#z^<xRc%X=SG
zjW`M|NLYei#20#!5{73!#8Hks8h=B1i$bDEJn8qCySq_#^rn0&%lOo%&GL;UIxaY7
z5h($5>`~p5f&<>FUe{T6^Wn(Ki!a^w3e^NKacih?RE9;w&uh_m6m_6GGk*`&H6QVi
zjU<7Os1DP2@uUN8Q_U@WP6z314G#f1nCOUF)d(dS3Vze^I8>H_9A;jODN$t-w@nnh
z9i?my@^)?xG)C&fzMk<X!;c<#5@X>pF!evJs<3XvdO6G!77VUa4_QS;!N$r2EhjT;
zs(IN$&tg7OOKe}Rm3{XM20g(a#pl6=)X+j$BYQcDHOuXbTQcu^9s2!;ejfKOg<^iL
zGm0#I3pU<%KOkUVfjIP&S80Cp)dL1mnl(aUn1U75zO$ibb~wnNk;H2AOv(d&GB7^`
z3u4xBYm*EeI%Tzxmz+{xBz?Icus9)2*NG5(LsEj?hDUvxvwNHNY$pD3x~<o9%<H=>
zlh?o!v6Z6PS=UMoA4LpP!BRK)4Za*d-^jHEzKB=L)SHobzB#-r_p9IfxJa@jD;EO^
zyXNS**DP8x@z$@R_wTjmySt~blAk6Otho`Z_nwGI&KOqoz7r)Qf*3Kr`B1(aeXtMK
zafIbd{9&n@UV%^6d7A_?(4e5R_4p+*qDQdV{@#Q#v?6RR59ECP<4jDyVS&DSI?#I|
zdC};B@sUOiaJw&HhXYOK;FkuM_y7SadWyUGc%poejLU5$zZt<JLrB!S?qJD}Mhc$J
zW}>z8c&0+Zj$QW(-_+%4`ts?^bIvO@qWp{mSr~~`mq1k6kI{YJ*xcOQ5400$$IsCk
zAI#o-KQ*@{0d}FBi?goAtylbhD|NK3afaKg)27D62Aj*W43_eDbBv?N9d4)m7OKJZ
z%q<?j?VHUZpton|q3@%wTj{4TsQjcbE7aHL&I!F78tp^}*C=l4Fi)gbw?A%$*z)M~
zqt@+tp_}OWL!ZPY??d`-<%=KVqtG;Y8XEL!3~^I6kH<ajHV*Dqpq6Y?<H*bY`ZPov
z<X49UTNN2ww=Dkqt}uI%?)*woTTCqeg~eD&NkJ2tNv0D>-(meV59l?o>G4gsd$hjS
z_=>$*8Uo;cqQYFYTrxZen}O7kzJq$?-Hd*%UMv-!C^x4$4u?W~>yUzcip0N{)ve2`
zhPy9O?~|6`;#1=n>J5#*=mdv(O=PHczuvyCLJ{JMUN>OTC2GK#m}>DaCe=ePgHrD0
zptj&%iSAKs1gE1MK$x^*HlXCHpV+62%q5{g04tFDInL!;eMwg3kIR?+HPI3Xa10Q|
z--=L=o42^^U$U>%g4<2e5m!Wu&jPhTV{uNCu4W5`vfvde)BFj3)j;aO(70{87_SgJ
z9;%#+-x9kTGyjmJAsPGh9<=_}W0cpZc1%l++a6nA=8w}X`G&t?i|GQ8^a!uItv-Kk
zo`Kw0Y8Is%`#fB_G0X&*hkUS@``Bep+<wrb^pOQ?Au*+U^$%{jpw7m;+Ba5#$bV6_
z#hdR_F&jU^OIG!a);X%|+Io>LPT6bROnBrHz2rxU9P8o-4IiP~oo=8a96gQOoMY0&
zl?;hVw|z>a)U|}q?fz4zPEPRPs3@oP=2H>ceIWu~ubX@f-m}%T{O)ymYcx}QGw+#=
z*~^^wPmcKY0TJLu64D^x{23*l^{Gp><~Z{@tt7|IUU!P>sb4l*KdR(u;Zp$8TVHWn
ze^%{5rnO|r(WQ5=_6_~5niq)cye_V}s5gr>{)Udp1_=S*q8So0q`QzmAiwpiKa4me
zxDbyI^-^>_&f;U&Xw2m0dIilWzNO+vZ@`-<LKx&hJv~9vRCrHpTF>mP3`j;lGZT#%
zF7*w3c}Rp*H<b~Qi`J;Bg_JGM+CJ*#@iD@1AsgwHZ#Is0k_a=>=w6gwepo`ov681^
z2Oz<V=i5`uQwxo0g4k`Aty$8gliwr`SO<iXgUMaUm5UYriVOU&HUYY8E<>S*OAvaw
zRt^&x3xpI8XLtQJuX#?!U+R&k77`)rPNPfCt(>LbDne&EWtk9NrDSo9;ai_<LsV&k
z5o7FXu#@^K(OuZREL%Di;-`?X{^N^~BW@IEotIJyZK1rcb2~ICXXrg6*mw#3!&#Y<
z{k=36G6$#Bd<#+5m4tDA8}wB<bfa{&VicTVOUYt+AKa=uEW^k=><3~`?4Sn%p~Y#n
z`Hm%@x=ALT0KfkD{2h|@&l)RTQR$-VS6IP|v5_LY0@>W}!tOo}y?`g#p3~^_^XO!4
z?Y~P^Kq=P)(t_wY@IpV2D5R(+FK76UAo}<ZB3N){yQoG4&{7+wsrW4Fm^T%R<XXk`
z8|Y<Dur+3*K?{BDPX{RmyP5rPVB$J=nbQN@elW?YNv7^&(g<D<o?-(Xa>9;zA)$DY
zKrycGDZ`^M%JwFZ64JF<z({5^{>9~*zV7LXoEz}l`v8oxZwG~U2Bj4j9WZ_Ihx@LJ
zrr13<oKS1+JJwf~fCs<aOAkAXW7~_#Dg&&@Iqdf)MehM>T0Z=4-*kf$ccqW01>Zy<
zhe%|2N7bH*ubu}eSoOSE0h@UibGAfyEOE1@MEPTS!2w%ohK|ZX)N9rvfq90jsr^{>
zGMcxU1$tf226<=saADq>>nMA8Mi&Jb)U|jady_E<`^u*L-_v^J8j8dRv#gz2zQWjs
z{p=E4Gq@Yu3|T_&y6$~6rXsjX9PUkG$(Cm&?c~-bI(`Qc0=punfQl3}Nxd3HevKu+
zRm9cfVoPL?T)r&0lPuwf?VkY*y5a4gPWgL|zY5#rT@+-yk0Gp2OLGoh+B?-J6=>+u
z4YH&KngJO`W!_%Rcl;5;!)s+&Efg1vIRft?`*9eUi~XFR1e=9%HY}ghf{nGToXC!Y
zBnx1v>;`iXuMbPZZ=}8Z4oKVqSvW$ZW6`XERrZ%6>niLSZY-wWwC=CO;<V8YO?U^k
z|8Bw|0w!ns5o?#v|H9hFE5YtIx^fXga_5Nro(XdBbP}Vj)x-y=S>}XxIX+(2b#F{6
zf>I_Y;2v$)N1F<jwQ;2#xq`LY2!y?1)~$_UQe8+lmVG#%GZ2M)v?4-6hvRv#UAf8V
z)ElqIC7q_CO*Ot~+Lks?bhz>YUFo6^L~wBSMIVU#Wsa;40o2mNWdv+zUjBbnqfw&I
zGZcnn>T1)_ej^|lU8I&^r74-WY=R6ElvFi?-AbwXTsR$5Ny<l)!zW8DtC5wTl+Csx
zI`HGX7cW2}JKjPyFmEw11Fwigpt=H76Urm)+66Gky>g8Tt!1UQz)y~W)@FuCRllh&
zy%W*Pf*nuJNx9&iRs{UQoLEj6KG|LA?_(E|JD!%@ulP!t^cc4)m1jpt{S3f&Pi;28
zsK*MF2csyHS>Ooqd*q*9&pDNw6z|q>8W$@gnpvSe3RQ_s>&_9cv4`FxbOl%s^hU~m
zpi=eFT=akduO&%2zM!`Qf;pLC?G&gH!yHL-XWFrK;K4(hM8}+BT0U@z@YcZxFK0hS
zpqEOmRl?9H{)B*YKy@%JM+11yotIUgrvr~2B`t3qBpe$z?$T&>OTedksC+SfKtxh}
zq6{%`gpND3$6xtb^^eR~7SJ%JpXHI3?`0n>yiS;m+SmLtki9!cJWCBhD>}>WFui;7
zRQ5oo$X!(=bnY`)`SuA2C0|RzBo`i%AUZiAL?S-ALtJ?<j&IzDA&lUBJ7_%t^2cvl
z_?nkSGrK=q9foa*XWc9WTXA}q^SnCRIwAflk?;w};>P$;Ux6t@2sEB$1-wATE#>#j
z_5rf@788cD63+VnclI%RX~&h+ErB2~eQz|aM6QetI7*V6pT8OniT6w8=bMe2a@kiQ
zb1N@JOmThQ*ySUt*3%6!FFFK!L=7p}!j7W!4pv|o-7p@CaRl;f6CDAtLQf|CSQ{)V
zbjI`LTAp2r?I)OsF{Al5clshnoplVFQX*bDNe}~l{7Yraubo$LJ1-aM8x-nUU&z?h
z%KAu&17N+N4C1IZo}^6IV8=ut0Thd9duq0>&ZECD{^AH8I}7F^B0ixI{#KI%5I1jN
zSk01~|Bg_L?7YYzicC)Fx{hEWS=CBFJ4@G-zZTTdCbYa5meKSrcbhTx!{Rn-qjZf|
z#b*bK#kgY~Q{FV)h-0SIEJW`e8YXWS)La3F+XZX)W@}G0Ol@7=44br_4EKc{1b_F_
z_h7pV8AP;8OkHJEUBiz`7_?M2Ly#@SISNUU_lRhO^%7BIao4CC5~n^RbGt@nXTA8D
z2n%xV7f&noYp&Y@iEE2B7A0!=V`Fz@$kD=zE^mZjbCfV++O!sL=hRe@0GsuqJI-5i
zO{jz1R^slhn}JiNk|yuDqQD_PY+By?J%~iW_to#Wbn@P(?fm@p8nvS1@ZAwZ5GZ2z
zj;=jHk0-*IP-{z{)7TiJpw3de!p|cTFNf-hMU~av3MMr{`bZ+#$sxYx3(5h*M|+7e
zS=pXH%SK=c+}|zG?6TI99ey{B;s2q66AhkyK4*&d9j<7-C2G6h43o|R(jPzXB<c^|
zu^%r_=jLQ8A!$)Nj8SQVh#;;TY)<0G0b#Ag{;o<s0O10hI2|*y_~R<%1PLopGZrCJ
z`v%s6OEUnzNTIrAVnRcyW?d;S6U@tU5)P}vJkdw`v!YzW!3=AXYeJ)y3HE0W8iO+a
zM}wOd!=z_92lpRS<!NmxRorT1tnp8MG1@);S~JS!<3gB}4$(KTrOTzKwUd5Q8ac<?
zn(tez)QcJ;Z5~|IjS(t}pzPu&`DnCE$X3H-^}T=GK^WMK@(4&&kD;Y{P`1%Q0d8od
zZAW0lj4i^p(xB03mrkDIC|;ce1}#78&9BV?J`=L3_Kq4JZ>327ZqSd$2FENX9u$|#
zCqIEsrWMm2^X7{ysGOs=jRLC1m@1sd__+^|!2Ry-lC^B5JWpKwNQ3VFGfII?7_suj
zA4zGR_S<5B8dGLNV-3;;5zwoFnP*s-7%RPHD|5o+A;sBd-O2W^2KHN*LGt1l#z%El
z$apz{<c%}fgAh4-O>O0>K-7y{v4WJTQ4tjSg3>DSsGz<~+n`XbKO-kiokInz$9eAM
zc<aXtq4$>$Z>L{2ld0lf%={n``hN*ZRBUXRQF3TK`>VH=uVpxUQD>d$P7l@^$tN!#
z8HDB}hy~Uch0Bk>Z#l3iVH;z%UhrG5fDux*c*hfnBDDT<BiGeYEse}2bTh5Ill7N7
zlJapyGQsW(H+QXj(>t@Aju1mTvSSR0C^xSdw%LHLd&8CLBc?Wk3RJ~M`IQG)X+GR)
z{iD$iNz?sU))VQRg&5P-4l2%14YMoy0!oQyg3Ft!W7jOWiMDdx`nfj@ef4wi*on@H
z{~hVl!Q90AED4eNoqA{Cz7h%Tg^s*-A>RZs3Tb3_eR`3{)p$h0;^i{UCL*N6!TFk_
zLKPhe=$I+uVh_leBX~2(T$X;-Vp4u)TEva8qbEJ2xQ*5aLHDBDC6@xM5aWPexUhGM
zn>@e4L`tAN?e-Okc@KlduEfgoqIal=Cy1W(g`QV@HSR_8PpTiNT#M;<9p<v0c;6=%
zL@Xmm!1`MnOpTF7ZVqSir)B#)*7iqJ?xc}E8Jm-G-0jBcu~n^3GD`xpt7?%JTkoAz
zNj|aa2Bqa7wDidepFclnG<?8eW%ed%WxkhweYC6u6~P?g;pt>S@)eng*{e|*ZOLa#
zG1yuk!LkamIze=i3NzgJSi?C&43)AbCW{%Aw9`Z)?(?CyY1_00dm^E<Sc!>|iTp7F
zH|O@X%#<1~zF>>3<y?f7AGapRmPEI6@v;>YNo<c$PL`lDrZ<R^-1?o2mzHzB^@d;U
z?3+lr;lh6eY&U@j+yLhbz>N5y^czE<1(D_`$S!zNDnvvibdvMq!#X++nf#ZoUckOa
zDwEZjp+bT}@IE=GSyx})xOJEkqX0tJil$9)kSV2RyIwlR7yYsN6vjVN^QCnon)NUU
z6@@33Rlm+_iOSJ$``C<^AYwF9vSo9M(uZS>JkBSC&gS;X8Vy6}uDyqDpE!OISHc5&
z`gej(cwMihryMwixPEZ;Q0MB(Q;hA{Ptq1d@wEU2w2B}K2JJKr1au4p2zc@<DvgRH
zT({_32K{5Xnx-6nLzIHi(7o7oMM_CgIpQCri2=S3k)ltL`*gBRXiK2qxYo^X9j;1j
zyDUiJ`+ozsKc><C25wvUPsSx)S6#GGk@2qlQySsir8u<u%;?~GLjGQRU>1!De_f4Y
zxD5<(k3dOdIgmQN#nL93&S|*=fI`$qR&J?hC9wBT^4#9-O`rvYs4t$%rQT;2N#rCy
z6#Z7#&4CC@d@3&GWm>jjdB?qvGD57nVlzq2**F1OJGCHZlsbs%J_T_9^5Mh-zm14r
z*#2;CZacra659)f9>D|GDw0#kN%Zw2k4#7iswXrT_Od!a?ac0Pe#|&22A?coImkU)
zVvTZdI-AduJ{slvP>^{!QT3soM3Lz(cBs8t!e^H5Ghx4vOm6Lnh6t7a)@;z=(@VyK
z(jh@Nsel|9u!h_<&6fU|B;}BX=G5^FqK|3_mFMWW8sni>VFWj{z9N<1AKNzHV6m-(
zpzI#RmdpGq)FAij^)*eKP<=jC|KCv=%oXo+|J*Q%F{gweI$Ef=b|JR3i5S;}+RdsP
zx(TXT@)}&ce`QNQTKze<_Gwjq643G*S%v*N1~*%t@c|uV5F7KuUsN;rUcTl6Bu@Vc
zom^#!1y{8YBqsFsN7=&X3HbcLxD_Sgg46YyA2?SQXqfa_Ll6H}>BgccI=rx=8@%<t
zNbnu&=UrXV@wz6c_af`8^=e!C<iu-2;+~LF_mDfF=&?<z^0Dc6A?ADUH*mN1{>Zt|
zp|Y<J5)%G0-dt<G#w0O8<4*OP|0~j#kx9m<<iqm!7#Q3d!a>8v{r1nfZl`9Ec4z8W
zdUmI!Bwren`;?v+g58Bk&RW}{ispJ+bmQjiPZzc>#~vqj)jWnf7gS$0LjW)fe6=fx
zL>}6MwP)dxO1~Z)K1LEUChMn!IyGXq3X(JpC_{RNNhMH67WFpc6^?tH<j(c33pNA6
z&PP1iG|ag{{)H%DQ{PU{Le(Bd{Lr1~j!wvO58fsiESh6w1LL`;N5J!)1Ug>;xqTHB
zS3D-ZXRnr?<x-k@k+JyKDf+)!ZSR;y@Bqnc0GkLhAIGtd<efY9b{a)vsKo{(?SY2~
zqMD7Igqk8&DDqTvB>?9&M}%Tdkc=qMHN6NFJ_o<b`aK+zcdAf$KFJVK3opPwTm&b?
z6vylXg{3BDU<A_pJ7jcWw>O9`u=RSb1~YZ<g7*v*qu`^F@h)xg)(@gCZ09%gGX1)!
zdGU6#g61~8llJz6@uAZ`=Lhki*q4uZoIee)vt)m{e8sE(&;^d9!gj)dzl-UstDBe_
z8gVEWt^R#9mMj$1o&WfjSU6WJ;S#R^8`Naf0Z1KZrcq(fGWq(8iI4%qZ}(RrZ)Cvw
zgP`m{_lFOZoeFCet!8_pg6%<1Z9eVmxewd?Ggcg2^;7o4>~WuCbB6l|OOZQIgM9J}
zPEQ4yEGv|=q)QHQIs35+qkW7EcnOYFuI(yn3!i@F@5p<e<g?EWTW^sxr&$>aq*x9`
z*n8ZJ^U;29o8<u(80HJs>4_hhF&0+!$HYy$mxZ$@XwQ9;H=R{7Ei{+4Im4}f>dkBH
zBN!=Bt_EwUdF^$o)B$9NW`s(?enYo67e%E{k7iG$$m^#;Z_UVf`c0zcuPyvv&*|D;
ze4P$;Re$d%_zF2|L}U<*8E@`1E}S}yrRIF?Yu_B1X&+BNU3#O>6dZfn)@~Qp_9kap
zS&{!*Z?#BJRNE#}YnI?)nKJnl%@_3~QOuRD@RClpWl>%{o&`yKY)`gg6X<r9R1l}J
zb(CXkHRQQ6Ie@S2Tv<9#^yFxJqXpd>W*5H`>x?jCTDQyBQa4ttBxoJz#*+BKay8AY
zaD}Ij^^R_w_t+V%i4g9d_NhcmKBK^?qzUlu-OEJz6ar-I`xA;pD(YOW?c45t18Dhe
zHG!&L^!S~$`sFlCQ=1>JE9EqNN=<(s?S`l&F5AmBG>Ow5Qnkxlc)o>y1`sP6bFD6b
zq|&_Pn_u{Awr&_mkJyjtBGTAg#;uG}>_xW+XWsp*?US|}LyhA@j}bT^4N2EL1qd+0
z5|uKjc2+e?heoNl(8}_bgsNJ=i%(tcyd{d5E*qSDVzcLESlv+<&L@lj#rS~I9h3w^
zxkop?jwr5bHK&02tG~Rq=3NGs@M{luTn{nSK$rEcE}_JyMw^^iMVw7gJrKX&)>Y5r
zz!krhD4w{8m8))kLf(1umPp)6G9G{^Qpo(YrEIgCniaU45ls4RH@r%!;LGZ%ZT9|X
z9`(kOZbv$mhob=LBguJA?0S3VL3Q8)l+zW-9q(M1+XquO{=Vc3uXa7}k7ZUgJH($<
z?mZfj%bZW^)cOcoH>?gul{QlORe6BF{EmC#4`!6pphtOy2*gaS!ej_bTwR7+Ej*(y
zsmjibGF(0{F;_m*3^#Z0n=rR5L1<ysAib5$J-x+jPz7kJZX~s4Lmz{vmBsy3uTTu=
z*qd+l^_J7>$*=F0Sa12*`YjuPV>=<tq2n}VZ8}Q0o+@li!qHB~Tw7ZtJ0bn;tG!+W
zs+B<B{m3udf(u)3Z$G`~G_W~K6y8dP%^EN#;x@*qHv*l$aw%!ek<}uM_qHnWdbv+_
zaSA7<{EE)e+dp&!%gwC7{P%@^4GQh;e&acK*qLLFa$C{J*L_xvOOi#<-4rtN(i%C)
zCw=Mr=Eq2<6E^p*m6Gk3=KxkyefX*uKkb)Om7LB5|J<fPzZ)m-yt|g`K;@UDKaD&y
z?;HlZ&}?-!c?V+CrcSJ1@jaYYT#ttQ>U!9?o!wegcb`UQiE36YBF&Iu)8()Mza8D!
ziw4|s)e(3GrK!toeOBev@T9+;RWUv?WV6q<Az3NEMFBb&9#(3xpmh-3_wy;aPQLa;
z5ZlCD)tkX=MvzCwL1w`}T1N)AcRzF{D{MMDs*bdlV)o;gc<H%qdPYGKT4zRj4ta4_
zb$SKGQj(}CL4tIW2bZ~GZy@+G(S)A<H=PSDy_NV+X_wg&mwMJq-pwkNni9R&h=)s;
za9L@oI|d)!qGIS922VcGEnq(Vnn!QNpsQA?8pgy|tv365cJz$PuKub%h1|(jsG0U(
z1-YL^S1y{4B)w-|>%`!~Vt*Sr`F={+E}2gejjq}(9Tg_3DCOEIE@O$cjaS$Fvk~wq
zF!?vl8AHZk@mQgyvD`L8@2=K~je<cvdmFCi;QoMB%G{(zMTGavTtdnIsSIvR#kZ6y
zG9=00S8??`n}v^ml0DP(dv$kLExhXS>6j;P8V|49J^-8>)jqSyr}HF!eq+n*Gmfwn
zn94tDODKKtd1^=~a6x13&u5vzAlEH4sh{vUjca`=GTVZykKsr>3Tf9iP}L<X>{;M2
zO|uy09QkeGd=tj|N?u;m|DNovNIn~v+pA4Ypl!L>f7x&nTJW{?iHns|ZXyE#m#u#l
zXL@hK{&H9|H(s9Uq{&O)1`ugl+FirLQFuaflw&U2HYG6Xu;O^6uaycXgs3qlYD2d-
zxv<ZZ_jZC&d&&RDq2IgQAl81_xM13h?5_Ojre`aR6U5dJ_wKuR?UB@qJ^z4JP3l{v
z%u*fb=tfb|7PQZk9UA<in38g#-sJT?&S}G#w8C4IU+-?nR!x5ODpJnd%o_XuXzshC
zn%cI0@hEmhMWhKFjsgM#B8FZpM|y`O^oR%nLXqCV1{{&1(j*Xi4UmZR7EmNejSwI}
zs6q%35=sb2&5QTk<9E+}-}lCQW4!UcH~-n$bFaPD%3O1<HRoKvu@`5NCEb*|bt(Sk
zlufoJXHT}TwipLSiWx6}RS&0*%n*pjsPDacURZWD`7BI%j*7zk*Ly)+<jwgj!Ne8=
zl~}s<>|}*?bUHC^YsUeg1}MN6wQo#qc_NTW6$;9bLw_mbw0F-``8(EB`D8NoWaM4Q
zySS~Xh^eJIY7McB4C}4F8E!;UFXFQN6_$zr^o7fO^ok(KT>-AA%M~a>I3ckGVJN5G
zB*4pm14f=qwrBjp_T)`*N#~voo49O69#;KvoN^&jU}e#*?g-uS^F)RDska$2Wvz63
z0Dn1Z-=6GOL)${0$uQAN_j$Hp(Qc55vJ99+y>$9ecg!Ix>bdfG;J{eN7|cBB;labE
z!mDBT0>YbNjK#`hlg7!G2xX6y6zO*}8&Q!R<blEMEr~oL|Hc(AqVEV#Q+HxX2wnzw
zR54<+_^hCMA->#QIpX7DtiQ|h3u`~}xMg!}V+8!51y_ZvF^pC}_`LX2CbzFTjci8_
zJ`&k$XBcv@ZTvpHEpcUakNl)nj*Sf>awPMR&C4ty4Pj<lrSiH<dLN`|VdIy-1R7f1
z9xGVRtMIvtU*k<zAKOl3D;=mgy^TBc6w1bi(LJtunC;2T@Yk;o)ac=d+1O5VPkOSk
zIN04YY-~5iHC1qb)%4f(#<z2UNB_F{=aqHb<A2UO+EYFbzI!q<wnMTW3qG7$F*d4U
zUVOTU<KHS!`!C-Aw_^WgJO7*IFkQb`(sx4ttu$NRiyxx=8$CJy>c5Ex8{|G(#1j7B
z=}K3z@wG?nnNtzWu+rHYqDN&W8W1bQD%6%!Qqmc0sIOm@$x@jpt9$pJGkX3pdNzSA
zKREm=3T$kxkNK&rq5eCy{&8=b_wOvW)<5q5zu_IGe;mgA_yhk+t>=DQJ^il?*6#<O
z|ND5c==|wnn|d4R*%`BH{4pE%Axclk*FaU%!fbp%`2vs1)V;s;_KCgb|3Z4xlG)7#
zh7mi{24M#fCKAW5z|q^Lm=dH<ANg5J>to^7SoGDc4>u$43eTGSu$8*8o1pZq?6p7<
zu*aX46E((7)~LAK$qk<x;?7dw7vM&Kqn>zOr@x!8==FI={%QVfQG7q_oJCJG9LUc@
zsM+)zaya|UQ$O3|ab-;)Y&`PORqf<NPrM*IB2$KNE}pz0=zcQ+=>KJr=V-O{93?zn
zJB;<t0x(2x0(e3tnw34qDOHX6&Vf~`+==qQK^5Ec85$uLOcNU6tb>XV(H%|wii&X+
zaQ6tP`Po=&bxf<AW@e&emtXyyHwn3%zs88nmWZ&+9^cl{%o@$g?*XcBQ>>P$27U6A
zN`fK$MsV*QcfPxQM{U__=aoCwOU4!{!WQKp;t)8B>A;>1m)k}u24A9bdDTzZNt<DP
z3b7WLl!B0%N;lB-gi5)N*&;sym2~MN9ktkfZI-8^z>Bss)c$zbQR2V^<^73HBgj6J
z2>CoIA5ba~bQ+Xg{6Gh;IxL&9Mk_PvW~Yz@kpv~O6%=i!hk#&!X}aFn2jzI2Bv)+H
z-r-A`P^S+*cF@?!^zI?w?Z^+CTW5R`G9hXKF888*nud}mQ0@x7;Uw!0Z}A9nft-KY
z>=no6C?jjWZeW9Q3m$M5H(@blhcX(;o>$YhU3qHga5*>RhqPL!t0Kncs!*9Z>d@{G
zpmHc`<*T=KSmb1}axOkA1H4;&t^M=oYr0fdn0n4wjDopeS?}nDpK>Pr#tJk>)yq>n
zy&AkTrQa}bf9EbVKu+4^k1K6;2K;&z07g1L?HDU;>U$Y?lmc||NQAq4%Ka)l<k<&)
zD`pl{s**)eq#tV01(7AB07VJ2QNE!t%m*PUe=MhY7_ekhK~Fm5u(&bm)3Uk9L@N4Q
zZ!(gj$hOzZQ^w?Dn2v6*w0ThL;tHzWB6a!qpm}o1Dtn7W8(rQ{DavRlOL_l1!i=$V
zxd6&tJl7j6<_k-xbsn`Tkd`(jIi7q9aK{nGmFgwNY}{>li*PnYMLu(BiRb~lyX1XN
zQ$|Bid=N-Md7_W!6*wq4X$k1%E<^rar74nd)pD1c(a@Kg?%+xADHPnh6W`paIm@^4
z=GU_aNc{qkBxJH@4MbVDGOw4{D(SQ%d0wab#<lq<3@ZR22ijX-UiUP%#4;AWIDGkL
zxuy;i8ZJu7TsNQLJVo*kW(oI6>EbI5gpU;%XPjBNZ(belQ~!P)8eP4@(R=esKdN)e
zcypiQ3x%=tbhk2jDPA@hM_Cq{?3X>M_H*X7sXVUga0E6`*db(UGQ?O%N#YNp<dl61
z?RFv3<|)aS%Rv2!+g%~owJ^6+PTE}q8?=sy8t1KZuP56Jw2jQSB>Nrl+PzYz1{p2Y
zrG^y-k%$ct26Wj6%uDW*#R-&|_YZ___nsV7`<}GroQ8sYOKg#!jxAz&)11qx>D|B^
zQ>EV|<Ram}uE0%`(}}#~<AW)szHx*FfT0QS`bzFE$y>(@<V%*1rC}Qscllvvq-D=?
zT%ReIR0WQ!Ok#jpowqfru#a0=%mE~uI%UQL3}2g$&6(4(1S!f{kj(n_+mRItD<yj@
zaQ7b-AgnT1vyCI#tSvmbypo)aH6_VhkG&Cn;1X16%ux;~)ox6t_Z0YjAXK$tIG&Lt
zY=C7;f@x!X$=B<R*onQ{0k%+BEI++$pQ^OUb$Vq#SacjAiLN$yxd&_($xPoEE)6dw
zg=0(0!bymGNXv*U?_pq9Qx{FYQlc^}tcSiES7E(XTY;%(mKp(U=he;WG#Q7mjF9Zv
z5Xa*y|M0QE3$I=o&PwnheQL6XRgM|)Xb7ieU7g*ye=eArzb`IdQM-hmpFmcafNC!S
zK(!H)K!x-)GAq8yolS85>7_j`=jA#XiMheQ(!#_Hc@f=fEpY@sY(#SC`yrQ&hg~;|
zyx0v>!~?7{m;Z2%irJ)r?1KqYZu0J%5-z}cdNR1+3|3u`tf#eqN=bLuq@ceGXqjzp
zCwG~0+@m*{Y(hVMA9<2XdB*u(vFZJnO6zIjc;DG-TP#drM8@xUlDKDhW>>8HI1G8w
zg1Q{mDn{7*tr4+=KUn&uU=-qa!IT95om8e^^q{BwVbMu4L%+3VnZAf&zyBc@gG(y4
zcL!<tEf@peT&N5?*;PKCT58_VbHX&>{NFt6S~I^<Lp1L=N2>EyWsvTYJg%@js4KLp
z=j3=W<ZQ9qXu%b8w2!z?IsJZcP8USR6qG@)zVfI{tENJ5{_;SqAM)04Ny3zo*4Ny1
zq4w_GXZ?E^h!nq1@UqYtG$Y_C?&KrxrqSP~CQ@shcc8O^+nAt)4NM;b?TFpkNA8#u
zNe-haqrWkcfg}%kxMY{_JUco#qoBfEsdF273w67H@`;y>%6?S5-*R|dY*-UkeSTqr
zBNe%n<wIS4EQTP|(i!#Ng0{>EA-}F~>86G}m<Xpv1W%I}&0x<rG1cH>8qT1FXA@ju
zdDbs0E32nbIx*Fa$~MOZP1{?*l&>$HY;VxH`=#4OdI$k6D%LdFO?mt1uF$cex&BWr
zdgimRkiijG-}skiy4b6LgLw{Deg$jED?oRTiBfI_su`UjZgntwe|_O~&3AwCb1u8I
zSs{V)5gl=>z?Hiq@s$dTk1K#rmzt4*MRz{RhkWQ)Ff{E7py59e8$HKU^=2*CrjIo5
zdbR*<zoJsO1;{4B^S|}3tgIQX^cSXbAOZGo!q*Ah8^fq6<V>49%stN`j<QN!S(;R7
z+;4lp_r=Dw_RALN_RT(%cj*HmS)^yrRxky&yK%GO-!2oliaG=O2)Qk~gNg^APl2;b
zIuB-ZK7an5!prsq)=7?==eQ1@^237^%RjmjUWR!V@5}|&U$_a_Pm~bwNcl#yK(g!f
ziN^nkg@C_4YEsnG<L-GJ+%{(32u+RWTUm5y!Q6f|uef6Jd??rf&083cFDp1T7>35!
zd3vg$wkFkbIi=iP1CW|p^;p+$gO<8!fNj(1U^YHJzB1^aLCL2-gOY!`wQEALZhDzt
zyFBcnW}j-Cy1d6|03*h6mGrj*pRD&9moy&3Q~TFpEdu@^cqr~Z>w#*$#CNZ#w>K+&
zjTUS^FZEka(KU~E@L5TaYCrWk9S>|i`CFvPnOQQI^FH71@sA8gTjVS}IT$*QD9GO^
zGCwD~?B-1wepEDiVE}4aS#)`SmN_Z6?51l0%8%%&As&FImI`!htRtCF`-JzEoym6D
z5uw=lfMHc;%H~#aYp7CIDd{HgsV%*!%fQGqr9x0j2;miM09e=XJoXJgyno$$f$+$t
zJ2z`=ONYUn1v|<(EHi>#o4ixFMtXa(elf;tjq|-1(kem<)C)2U?a7#TyCZoxJnmp6
z(;k{AsRl7B*EYsZ*tORpQq(qb5CP1MgXRH};P=tw%%b#~dt>VZlrh3!S+Qb5p+Q!m
zOJXd4g;a3^vNyQjlX*j6cryzP!*@6OejTx!6}2Q9HLN{@Cs6zKG^TRzo!1anDQ-qD
zo3Jt+s(3Z;j`8dhJ{bGxH`e^Xkg-W*<?y{TH$90X#6+%{tO7klYJVY_x(2E1Q^m*%
z&epjLT^^+1JO?t(`uq!D6;*9P>;_Vh%Iq4AhO{FNs1qKx1b^LQ0d50@wJM(DMp*#o
zM%mg1jyyo8Vr_>&>8ajBRN~rOyB);7r+Eva<SR39RB>1-RWy7;DJ4k2zonQv0#8j3
zRGfd<Fj97yxudZ$K*V|xGiD95@<&efp4{uJ+mxa8m&oM27iKNxN72n|8XJ9`bnNaH
zv3fe46EXSa8&)}j_T8&8Uggl-S!&VH!>|tqNe?@;zR&nQ88ZUH2$=!CP4xy;?!1ef
zoO$mSu2n~?4=?8JZj{Ef`B%IA^uA7uv%IhV5422T<uha_X{k7Wm+-PVGQ91XlYMcx
zOR-c1e@T6pZgu*bd^Otw_ykG9GM!U4R#~AWRd$~oJ_>!@ojw6>cSyZ?iL5M4G^L{J
zlP(%qfO6Lrx`CCo*6lM!))(E1K_u3yjOrT9n^|gXQFj2k#5?PtXle6RA=<{nH_;R0
zwk2@wV_q6LAvZ(PBlRqmB&klTB2;u``aT&na2Xn<!OU!$k^xx)o1YEKAlnAa-`8TT
z65jUBtZ3$;hdrElx3u*1^w0@wiR3Z<qj3N#{0;Rhg>kD6lbm;#BFZRTCQLZY0Fa^W
zWf~J;=Z41YrBZ5GRTsakz6Za|$|(lxGy3}N2?e8D1Lts!kexj{FBgw_@5Z14@}j7*
zrEujFVtz}wsS(NsRlp%VG{BWW5!0~9*2&8&&=3T6EZ&XY=w3fsZR^WR<R^xDMpo~~
ztnB|TIUg%$$KebfwUaC!2Wsa~oM7!7AlL2Z-PP-zB;9~|0JJd3#A+z8Zdc)cscV9j
z7t}zHCP{P4@Z7yq9o0e4585-Ftsg-?_gs;ScRF<tT(pUh7Y#9sNjaF-DenQy!y8SF
z4j#Nw#YTFDZE*)TPmb2L91IrLP@u4&kDONa86n$UVvNLSC~SP;^|O}kg3V2v*vZJd
z4bm<pnV~yt@eXQf)HhySgEnUFJ)3Xs(_RT%FirtO9|#gM5`D&xffr6V=$|U&Ii?<9
z-141tZt@9Bb$INu1Wkr=DqR!!(5z%zNNBKLfJtrd*Fj1gb{ijz&IO4P`>glLH~}*T
zG1_-{Z|Vpt3(4Djut$Ul3zW!}s`G15^$}t#&wqHJT_G)Ns-CRV@GL{RO@;(1Wajao
zp30N(E32{R-9yW^`MWV96BlGJs2#r}z!B|T)Io7#Z7oU5Epp#kO_;elWvlx~0KEC7
zk@0u4;B@tqT0$}>5M`iI>@OszqRv_GPJpmo=Ab_5dN+7&e#uVaW&p|1Am;M5fUEi(
zTE3K_!TKlOBNIC34^IiG>U_9@zk^WXM0o+FvXmw#1rw6|j#S}6`}+4mz`1M*X1#IH
zyp34hT-q$~<Cy6-?75-itj9A0f1u;NwYP!o9b0R4II^2%-dD0=W%?wls6AO^C4uTE
zF=aREH^Gra$tq*>j`x<^wJ9-#4^~aMV5bJpFR!FZBDOkjk~AAcXF3{Op>2k5Ie(}j
z@7C)uj=_Z<t@G&N?5gmGf|6DWlOs|)=h9JJxV_)mjV4Q1kBI=lV98anJXyy~!L9}P
zuUQ+2=v%nuo%f(2v1Lr(Hz!AD(^{q}wpTZaD@Ywg^g>%%!G>0I)-I<aV@v$OzcY?8
zvYhTOrsJ#gI|46>i^yA{QW7`c$qc(p3H7WnEeggfweiYE3i9{6xkdR(&zZKV9Q!Ro
zW<$b|E@*QN$3xb;w=o!L<s0qw>{TyPWrUKYvvEt*gw9NLvAuh(BA{>h7JbCMT;L;h
zCSC9OW;0YUAj2u5mXdKx*>I7guM%ZnjIlZvMZ0u_6;Qr+!M{1IH5e+a>m^5a(ablp
zTasRKa(o1J#lGN?eB9)j3Ss4h6Pe(Z#m{0?Z-a~i_N~x+VT6~ogoGid<|1F0Z&Ha|
z4vf)<qR?x8ANo1ftlY_c%FRD#Jsyc8nNMZzzx^hYiua!yKOaa#-XEg)Bq>U<!b!b3
zg;GHk^woT5XCu;B#CofAgSV)XBOqvppF$Hkt-3$2ei)BHY*(e;@`8ALF`kiunb(Md
zbr6OZ%Ot^_4WT5bz+01vd3(J8TlJgYP2Yz;=nGY>;}A4#B$i;C8}*apK&is{T@l1b
zkaVt~bvrMSitffSdW{WDaN**mgp1=s*AqHaDeQnf>k7M2_k_)%EYoz}b2Q<6>=Rqm
zNMeQu_!I3nLwpgulPJ&5*O&^3AAW(3^BF^YE|6G*VSQkEu0}-L!g=`7QeEG1YA5K|
z28E9rnX;PFap`cL98-kWtIWNZC&Qb}#ho5+{oZ<3ed=9tmA3HG)dbOWT+uH}b&Q=^
z&4fZNo_zAK_^=2}O<*BnLD4_sTS!wnkIe20urHlG+r15t%3-t=>o@KK=UU9V1#WOM
zkmWCmg}E_Uf_`uWrm`WVJU)&puH)^}UfPaV`ao9>Dh74Hsa<_BF{b+ZvALR~kSKN4
z!nQNL`}?a!>aqPi6llh4FHD$n@P}SSx`-J$sCpwDeJPBtd+>tq=kUE@WpyzZ8OlEO
zzaYgDO0h2fm&W1f9zZhawY<H~8{GiHwa10`bBwhaA>F`Dw>RrFJ$$)ZB0}vJyGj9I
zH>u#e_K7|@a>J3h-M2S{?>?^5z>0M?HkbqAq>$*%QeRt4QyN0T?3g65!4*ZbhTzYC
zy{sT?W1yrb;wKDq-=SZ#Q_T+UO3e>W&T^NR0Di#NyXNd8Lq{=Rf?ib~1(gK7M(s2i
z_;oablxThWo5}+oR8Q4|b?gM=^(BLZWa+5E(B<sS9R*5#oVt6USEc{HboTJ8z9?7V
zD@y~*e%BIWp*xxpy0@8Bon!S}jH(%JA=l0SQL&&%|7NE3P@tmfuG5e}^|wA<eF|%}
z82`}gzZ$X!*=$A>R1aa$GDkLu#~r3>^6p4E-Prl2rR)-}LhyKlBU84osXP)Sy-gSW
zl5vM)HdZMe=Ps2hAqVNJI}vuIi8$!p=W^Cpdf&0E$nRxHdZMsL#y-b4Xx63*mX+mw
zB6Dw50C+3Zttl+4IH`yC{K4%TA1Yg92pFbo|F(<`Tvg1PLv{5@lO0+x@M~#Lnpe#B
zZ~2veKqRtuQpxV=8eG;r7dTqKpO}c8sMR|l_%Fn*O8^N7W1oetEB~?o{6}o7+}Drg
z)|`m>3b`dY&swy0rjk;ZrA_|&p^F`UQx{O9dny1w9LRsGpBJFin{WN;PCuXf=t6D!
zsE9;FfpNXl_khqXU!PZf2rqb8vF!5!LzTCM4l`f;Oy^pCX45c-aZiIs^9;=PUaa!S
znezzy5?KjL1@HE0=hO?PK1sX26<s~Aw~C~YQ`WhAzPqF)KmpSC=q&u4C)fs5;JSp)
z4)$shS;&lT29-LMda;&h5+QuM=Xx2jPIL6|iHnWNkF)Si`q@p3LpCD43bZyYUB_X6
z%(oz;KA>ej>_T{1-(&gZe35+C*Y&On&kBB6d1`l;{`^vD(y^>TqfDEe`#x_0;(gL0
zVL97LXMyhhh1^>U=2{D*zIV!nZXwq!UT8g@&N)U9(1AbN<E~;@lnZ?KK$$&H3&>1D
zZrpL&-QBSCnX3>wRSbCONIAc(m!a45E__eqILm}Em#Ia-{oPqCu2>eXN+!YuNgEKu
zU0H$cyzNByB&?Xs*CuoVz{*}0?z|Bu=2h130jBp`+0wMuy1gbcOWM=qeCctrn?V?7
z@Iqpx@><pqGSDG<&$A^j5z(#wGkf$vn`NcSIvI(c3a;JemN11YC8H431KR=#4L<bu
zr;jY5eaT@_*?TQW+7-9Uri^q)!$>IlttzN(q+ACu<K@_6T$ky|ku_ZGU4*A~OOnQz
zC3sqnPO>%PF(c-BZ`>^$WEVKPP!)2#<inmwV;a1)%)D{b^P}!Ih;$7a{`O>qfPFy^
zn{RMt%)w;6lk%+jI^b%dc!!QbYLlytWFxN$-U-cVhXY%-E?z#eH8m%JbF<hoe6_hE
zU9l?!81}f$+kHeNtUF$c!tM~(d(QoLDP+k;>EaVFA#A(k<nqpi`LOzs2TXMBNblg~
z0)xu*d*aIeZ%r{iXprgwCzrZeHrFe&IeEhF_?`VFTRMifXbogpXVGhCQvB(Yx?sKd
zeAND|E_lp*w!Ye=x~O2j?aYVuJ~>n0`fjxu(MChtZYGh^-u!4>aW~M6TT{@dWA=p9
zEe(K*U(gFetkzb2b@;{Y184WjQjvu8bK4vosL!{_0}!v-<*o>_`dhQI#`M?EdN*5y
z`<>W-c>J;YLWr-H6tp;w@`!QPomf-eJ^P-%S-;I;2x&jxIGg7b=EeoWn3!F-LU<A1
zEM@03XPH&IuzYUMz^&)A<&J+mm_zk3`ci(8>rT>IOf~bU8QD4>1|iL;hff~+Yj$pZ
z@MGM0vlf9*lh;f8HTKK&4Y<o_s9y@!%WLw!@FqM`;_};d2~BCjjmUn2SL2EUA#+nz
zHOrF2axkh-9hf8z{V;S3Q@3sUrJfe3#l9ddeXC?yD*;)Du7X*-x6lZyQGUoZQwV;w
zfuC^dE`R2z6q7-bCKxfT=lpJxSMiL^U%fG8ff41j@mbaeygBKqC>OI*W8H?!w5@R$
z;s2@N<R@td1XH1iZ*8-MFxA2r<jLM;z7e4~!&s<?^Pf%O(9Ez58*>{hb}Ka^$-JZ9
zQmej7`EY22HgJh7+2NYJ#5#N_G|UPaLn6A>jCbKOVUR2thsm(<!v@xL#)2kU@cYMK
zX;19{t^|7f*!%Fxv%ZGsS^K900<V(P+RiFfRafybr$lhQPMsuq_Q@5k)<8B>(+gbX
zAb=psY{F!ABu`9yF}@o@)v48&-AuGHx-~NMP5Q3#`_ZB^?J~$u`YVQr-)grZOLB*X
z{7NjsBCU*&vUlw%*t|n&sW)jU_S!`p1RIRJ<(kv$?L<w1cyqXhuQmhJzN=VYWTD0y
zD~MDc<^^*RdV_o!py}}N;YED+71yLn+l>OuQy4fT!HDaG_{GI&)NoCAbV{C041FA>
zva%C@X@dFW12n$2RJ}H1$P4z<+SyKX{ers<Rd^&G5rzVe-umvEd6S!5`Un~ax3U_%
zPzEN=-zD|nQh{5F&Ds<pe&-kXf-)fubf~1BMR_i}PjVwlKl#j^Y98`&d2^(jEoxr+
z+D$t^oe!h3W#zKGAuxsW-SDO=N!9dvgnME&8h|NRCl!i{uM8dJBi#RIJlgxe@Mxc1
z{y)Q`?KDkbV?)Ld4@p?h0_XEK)gDb8=CB=I@&_1XqHVuMzAD<FwGa<YoYkC~Vctw^
z>W^t@Kd|%q2Tm=53NMYwQ4?zrsbpUKnn?~@FQ3YmYDsv_M$;Rh!sRtx%hAT=X$6_^
z!i|G`VxkkQFs)NP>~>2i?zAIh0K`l|8tHK7io(XO<~jJr%!}~zGfVDxGQVY8HL^!q
zPZ4t;W*PAxkfj+`&MLXtXPf#Nf$kmtE=FP6e6uE4h2GcS&+*sP{{XGc2U`2BriNTx
zxcs1=mBc_(@#3>Ks6~2``e{6COOIz!Gp@eV#a8XPGWoMgGL_Lq>~_FH#?sq+AMYHv
zHcZUK<1JJi%Q*esOyO&rBQ%B5<BBWzH2Rm8@(qOcE1*@|k1DIRz|bkY2lFg7uvxdG
z3^{<f&w?OS@adoC|7*5kOVyg@T@bameCglv8X9@~Ij}&&LLRKMwidIMFAfD(Nc0|o
z24nV^rp2-RWwu8}rM21{_awgDYI|p}j_x%xL~5;Jl~hZVx~ySfIe+M-FD<p^laKwN
zuXx{uTSkJihekp|a=hi<mW7qCsaai(aCp{4LHZWvewow;D2ETY_y<68LZ@&G-j{t&
zZ{t8#cZObYVXagt)pwiTkh*KtwU82^aDTY!yy6A2M1Wu5*+_|qW@DGbQeMlC`3bq9
zeklUC6>wfzK2ot-rct#H8N5?l6cTix0c461z88s3E&Xam_JBFY_VZ&>XxF(g^=6Si
zN0q)9+N9a34T(>yen(=Z9m^(1Ww#2c_q$$IVP1ueZM)UBt`B8y)iUqkn5wlzwbvz0
z4AOA5Y)4%LVS451<W;ClQiq}wjC#pEkS5|D<epyBTw|Fo?=k!l<iO5($<_XCrI%Yn
z$|EB=P&M!vWFq^FjE8&;pk`|CANaM8K3I8$UeJ8T7omuW(*92PHp983+`v5s^iVg3
z{>d?R)4BicD4&9Iek;vjY_&-(Q%Xjyh`e{km0!)UGWEJ?-D(XvQ$#l*@vcEg?6z7_
zYFAIaN53A<{cGXGp-9cfxo!W#qvnZ0<BGNcpHwGB-Opz2R^P*(tiMI2tw=cjfd-Gf
z?`faz3)N;NC!VvC6V@?p9e|Z+7JBW@mpY7i!&c@TimAy`lhFIWPuxg~2p!P?Z)M;C
zvzK-elO1Qc#t0+1^kHxz-PL8hDCVe2)8!Btvck_usv|saZ2s}HdRrl(@_`kNI^U$T
zoMKDZeyVHBV^B2mY-s^qlq$r+C+RdwY@AV8bSmZisf_m`S)S{2JsnA1bD?6>MYyVC
zL3D%(1@vR@$qr?jook^qbL-oKK<_!CZRrl8y$kZTApddh2qM3Xi(O*W5<ND7`9l7q
z+q54Qysa?bO_Y@v7oI5H^D97}94uX4JRO&nRv1d*YLS?Fxv||8wQyBxs*cDLZ4@-)
zVCitpbaC>@66A}SX;uy`aDs8A#Wlh@_gTA+;SJ?Gyn5?Ex859WOD_=l*EsMn+<OR=
z+F9FGS~j<Om$yy7?`=S`k>e25yjoVwJNcncxxd1-_e7qlnCp(d`PX`3E@cGGmL*s>
z(08lgWG7hEz%t>*mA;@Z>rj!Fxqx{)GT1A%KEP^<%C7s$Hw?AZ)IsU%&;`OmjphQz
z4`YKaL7Za260GzAcoH3S!pl2M(0tk=k1qjXN@RG5Kv7?3>&2HYL*fl=kwWSX#+@E{
zTjSym)(*R7z1UOpo864hQ&R7dw>iweEvIb;VfFDnX&^9D->O&)15JRGZwCG%6pk7Z
z7jFn4aauWp0?zWQ>6|*CotTJ7)nXk8B02J?50E`g?vK%XSAIX?z*x`h7|$?f(K`4c
z>8=4kq0nr`r!lem@r@3?KW5&&a`DX=U~WcRZ6hAlJFpas7QLVtL~DQ;sbaM8QC?Q8
z5x-(N`2A5_11%=}2LCy_&Abx2@SljYu`XeR>i3#G75^_QTd<C^EtBfb(XSmudrapM
zZ^Dnp+&n<v*OK&ij;=^xG6cqKLqO!b-UHg-foQ#x9c4RB4z*{~a~2mW;F<7&#YFf|
zMZ0lPGxBbZOb>Q<rNz^4+@I(^Os|ewgNO*Z`SCTs`_SX^VD2Px`Fz594S%ml!O5n#
zlo#f^=wO6i8mt%e26;EK>wWMcw(s=8!AHYGsTVjo%URG16abRJ{GA28V6>Ba4RNbC
z+WKT^+k9L;d3ZVBcyl+ry~B5}fa^ogR*UL=z3ia;XO|w&>Qq-%cOwa^61uVxvUX-~
zF*zzN>NT(@N*3h`o0-PiUhwK^Cq%h=ZY4I{iA{MP8`#@K5e<7!eh=>@q)LB19U{}c
zU8&`_x+;tCaK~?-GK5y?If#uTRmgn<zssFhyM5-&nPIs<fk89-EI1dBN7EEb5^Zs<
z^y7D?dBGe%U?WGLu`p26xceb`h%pWK0qzK8u`sXx#pb(tny|rl=@<R(eFCDFL+>je
z%WPzax14630Lwy<Df|sVc69B~!Ji_o8-Dk6PS)%ar2)+>N2S+1bQZ)`^f=g=+5d@9
z`BBQo=LaC|@5EE_f53w%d5|y{Os_pswd(|6`08SZ`VMmLIx7AEudu3@8|Q5ZSTvQg
zZMZF$A^o$RSeqXpn7>o3#s7Vt><zON#{S>iVIj26{S%|}FAuI<`fuV57t5SB{0~>)
xpIy>SGVyHLm;X=tG~i7BcL*7qCeI@C*!^qri00y`{2w*w+&BCkb@#!u{{i&8_@)2=

literal 0
HcmV?d00001

diff --git a/docs/images/otel-zipkin-demo.png b/docs/images/otel-zipkin-demo.png
new file mode 100644
index 0000000000000000000000000000000000000000..a3af04e466c8717c01ea4286ba360acedd76fe76
GIT binary patch
literal 133964
zcmdSA_dnbH`#!8il@`6|w5rug?bdAUE~SLltgV+lLNA2cExOf;9g+^j3K}CdQyoT(
zsM(0omPEw}iP0c(zjA%<&-;D<aQ^|{ZypaGd6MxO=kqv^^E{8^`EARa!a@>4JUl$Y
zW~SGzd3c06czAe&4jush!t*q%0r<Ty%=+e4p6UUq1z^GFdj)cZhv$9Tq1}7@z*_LW
zsbd%qkMvXS&%QLunl}#*r^M{~725}HOH+cAQm}hQdm#^v_n(p4mm+)fLz-;v!Nj)*
z?&#mHeDKiz&f+)g_YJo&DldLL|IK;oFlt|HTjEqNQ+6ToMWQSr?%G`E{bVI$*?kP6
zue!K)?@AbmSZ6g&9}h$p<@-iP0FPAqmc~r}#lW$u8{Fghe;?7^iW_qOyWrtjKYZry
ze^=3|N0k4&GPrs0_<vRpk#c;8{<AVB{+0OO4}Cp<uw(y!{x=ww?6L1ZtKZ<Owf|Z0
ztV{jh|8??x1zLf3rbPeutio%l1%WxRaaUYb!<duz#;AjuxV%LfhnL5b{PxC6LL&bm
zLXxQA-IcbjX~y6+(NWGq+<&jh;L}$+(;uqvd)pgFc-9+R=<O|&5oGAb?GW+*T;YeR
zjo<%%sqRh4s^C<&tSD|xMY>1*`T4ZceuL-riQ)~08C*UaHs**9s_i&1`awYE!RyKU
zpM~ub)SOG=`TqAfor?Lt^Ld0FS|HW==7PhhSuE!Kp^y6qZLl+hJ*A!ZOGK=D@1Dv|
zlN;#2cN#k864sC1+g@~F>&(Q49h2Gr&@GqkxEYwicG-+<v-od>OjNb3G>^`@MoyjQ
zIrQ;ECfjK<<l7QGI{UvNRqq&xX{hMhS!t<>=6kqSOu}pJw78xB|9qRhd)x+X?dQ|e
z)iV1$^!+zO`uD0G1pgCU#t1=idE2y?$5kr+fB(<J^M6e6&5lqJA#R52Z$#}}xA*aM
zivK6@AO2G&_|b5yiHOm?a+k-W^?$Y~j8hgfvor1Bw)^YE__f|H;5ynFZj@VPA5v?r
zm9Zh*dn#=&0-j69P6SkrdLr+4@Sn)q!gJUggTHluJme+(byMmN_g+Q!i3hi?buz|q
z?F}*#r$B}GuXZKPJe7$qi``?Q)X=E-XoCYeX%KBv@lqYpkU}EHM>zTx!3ZPeHkDm5
z^fnxA1qi|bgWX}&p6$wq+0<=2p3gc!>@n8SMr}b&l$?#c_NnMa3<cY(suVdL<!j*c
zNBg@+685u*-r*0jG-ASDSkqjlIe}MH|90B{Ac4IPgeT&qN@H1<@;{%2b+Xdp*WcL<
zJZ$eT1lL7d7#!hAxjB2!9ew_;M;|F}YpS=)aPxiWkQpdDvTf0Iv@>EDqJ!CA`+lW)
z(H<1gvV=81hBRW$!Fw-tN!5kFJABc_IizjlA#ZKQ;NE~9-9_|ON(Y~Z9J6KEQg8Iy
zzZ>8qp~{&@Tix<yEzidXXZQ}KoDwXOj+)D$XrNdYQDb#TyEN&%`jaucYhAgKt+UeJ
zzrH-*xcl(Usas|7v#)fjcT75O3n3dxK8WUjcmBy2pGA#YV^_jZmCftC>u=ll*9!l8
zJC7vtcP0a;UK_hvhf-0C{`Qh~=^C?nysbKR?WKE_llT8@$df6U#)*n%aaZoU3m)-#
zNG5WROcpq@W}UVL2!%~gNXS?BzGdL^VCe0V8K}rMV)CD^=))ghy#Hn*Dcr*Q?`fTU
z0h}oJt;RI~UYOWb7soRZGr$F?Qj7h0$a3uAG1_C`S#9&eFnZkPUywGrD)Gb5DMH#5
zH|7*LTBB^2fSwOuG^uzm`tZ%kTRe?t4j$rJ#|qZ@^gG#ZZM7!s%_pd;J?J<@P^=6e
z*fiYxGfT<E?|QR<aBxjqP!W*2Zw&tROpZ_xSnZe=^$CEpyVKiaxUp-4l0JQTci1v$
z2*N%s3Twn+5h+9FYAWMyG0;&UzF~IeHRPZ=$mnt_bHKY-1y_Y)d+AJt+km%!zpI=%
z_|dp+?NvzCj(wH6YEv=o?=t3Ue@J}Y%D-nWX33tMH*^qHai_=8V|u@yaCZ^iS9STb
z;K#=1pHCzSH;uOMz$#UI1_~Vw+#*QcqjEecIzWu+1YfNUi6N5-9RjCaxNsBQhdr+1
zWUJb``ib#VG~t8(`rx&V@6%`bdLM+%W!%g;(f0es#vr^XetUt!L~&wKc+##6qotev
z4uRtA&Qrd7reU6%%=j8I^RWQ3jbBR&8+VP&wu+<KjBYAVZ?$h_pTPh5YRBO};c|PL
zv$y5Ie&=1)Pc-&Mit7G;&1j>?)fE2Id1~XXz0cKJc1))R@=oJS{7!UPNSZ#ww29un
zQ*lVL8b}Zf;HySC_o4#X$N__`N!s6;YeC*Stw0<YbCNwCtpyizWAMB8tH&OLPb7oy
zBAJErwlizM#_s*{T)c9vr$gE0L+vE6$L*y1fIV+F+O_KCe|J%<CJNH9YaO!j?lim1
zCH&isjf9)im2Mjq*e;nETXw?sFp9v1nu-KvXD(7a5|FuzahI4nRlwew!RrG^rcznm
z9MHts+v(-((K+_`e*2yXXv3)e#_h;{ddzfd)Mx|?hi5~Zm;-u?oKM{nqG!GjKuS0B
z_;TI$7`c(cA5He3a0igj;Q^2KzP54v-UemSofFMkuu5=xTsc%?G%KRFRGa!{Y%RD;
zI#T)cpN|3r-~*RKC;ZVWbuO0rYhM_tk*)7^(>-@@9jve63Hk&VjM>~m^mCZ4?Voa@
zP;Z`Co|-{!)}!q(e{p7w_B=`9!;qH7b0UX{5`k5Bv?u)DVYjAZavj<k+1_>i+Lb{5
z<~|OOnhJQx4HGmqpe8fDZkt#}WWrXY-D~y8yU_i$m+pN^Rs;=?bQG_Z<+je9-$=Ok
z1G^^`|K}$KIP_=~Ny)yDx>Yn27tf(bkGJf$zY#T<5epJ&O$Af)us!mK5l^IY`JbBj
zjY^8I(T<~mkE7sQnb7Vt-oVwX?9zYZZ2n}*$vbZS+s)n{5Xyxgyfqm{WZ)8ZaCU=o
zlIY;f5l#(fyQZ2selozkmKaObs8q6Qd3;NQ2*jKk0r*T(bf4J2S%8<EEHbR?>$DIw
zj(Obc1NND&vv6BYJh9#~8@t*e&?_3hniODoG68_zv}|94MaPXn>@*_>mxTy!E|-z`
zushZcY{!vnz1sjZx$iB{>|taiTrqgKOLio{NF3O_8S|X^ggxJ;ZCYjJJ(Ug-VsOi{
zJwHPSNDhWLXjSZ!38BE@7mN4T|2D4$kI^E$*PH?|cBK~iSc^A(vuQ?ddw;r&assQH
zN@YGX-k!g!@^9jon}2Gwd(Up{m}mLu_!ySe;fEOys?R~pb7t5pk(E#4wueWQMCz*y
zh;d()-0qC#o@>pH{yc&%9j)U(bUaIM<-@xQ-)?n!r52%dpk&zhRM{9McY9(sRj-;x
zpDR&|^B?_l>uO^8RuF1FYygbjo#C+E$8#o}azl2eINR#qDZPX<i(h~+aQ6Qz;`z5A
zX|>2}mM^K0Ylh|jL&Ku;gJRSTRS>0@GUef!^In{Af&$w1v+|qs-`g7o=u4zJO867M
zT9pp@6WKFiAUMdXI#p|8@h-dFQKp_xkHGNc?BF>&*tJf{aUdQ*Qbv1gX*<GssrB`i
zJKWnl`pDOP-*?l?8&mZ7$YZ;b{!tum^t<xbl8lj2)O;(UkE){ixqPR?#K7rFH^mB~
zrWV~C_7+fk<uaciWWe44sZYS>n&3whxAA2U<u~i49s$Zd`>f*M@h*!g0&$#?m?vdg
zBDwg;=I*I;A9W|IPyCzVfsF|3S^*ic%vb}F?KbfMgKz-FWL(WZy15BEEO0I3J}mLa
z0w0&|Kg`Jb;b}v>zq5=>%ja2QWF1ImG!6e4Fg0VZ2pIk8U}V?CmI!rFRiT)l7=541
zvrG;*L)jgA_D%)noS!@C7>q88sGwca>kp%8<98`)4w080Qxq2G7>7STIezb^0}U7X
z{od0G%kz)MlQV2i0GBACRp_%XA{<EB4zD`T$IfWBX3hKRjbaRCPU=zn@@?2TdN2UO
zg8t1Xx?{=Sa(H_3vEgTDYpakV9rBl(7pq$$g!AQp<gb1;uC|mi8%A5HB`|doY{uMT
zmZL2=p?|MWjJG$oE<-~qyAHdHiy<$0ngDwge4B7Ai}XM>gq5nU=C9jE-WoNttVRKN
zdw79n*I7MpK#zjWV8!fvvM+wl7>^Wc^KvEFh4Q4N*2kvj%+s6ZkpY(-ROAmX<|uMO
zW<4?aili?pE@Db&)8(J9$Ly5e@Giu&dfjsZYuXy)y?vYbLueOm=$Bmthe{}8j&(kE
zltll&3z*e7fKw>fB(N7N4;T&UI$bUHKQi~eOQ!NuX~Kp>g54eq#c4tkUW|`4$*1H*
z4~$$v-+Rd2Hlv{yap4jMX1$5;x#S*ojV<3h95c;CQY0Qi=L{HbRS(EeoNK<Ozx608
zr&K(=4R~4Q&j^42^)4VfhgvqhCCT+Pf%V3^0o}>~Rs$;zovMZTfrfeh5HyfXgxuA<
z(p)^LXZBG81W`KsgQN&D1QO3yx>I4_qi%CIMkZs)*QiBCBOH8cXZ5L(%VTrh$Ch=m
zp@FZ`V&~*Wp&B_jP0EymN0XYMIPSRe;12fM%3MWdb%l`r6S*2<xNgs}5FXx3kt>tU
zA?t^|WdNvYYz_$`s6<;|xtOrG8}OiQW6U|a<zKRPH^Vv?NK<ja{^JhUBv|f?9Q;-r
zeKgL~%1NkCWm912e7bJBF`Y{txg0y%&#yq%|Eg=bn#D8C$n-wxGvZ5x8|xV?A_KBm
z<Ny1D3aZ5LvWi5iec3t?*51eDdt=d)n*d=Bj~Yfy+m3$q0hb=@ob2aP6Zd1&5QD01
zNDl58=}+2|Cnh&luRaU15sQa5!lwYju4Rt9lA)V-?60f?Ir!c71c1KT!Y~=LDfP#N
z_3wSEa;(c)+85J(ML^oNp?<<)P}6}-`Jw>2#Rf0cey$M5)gL9Ps+2@De|=DpV+ioD
z?KaxlbPOHiWT3ZPKU`7k@0R;I(COv!@q^NY7-|^x#V3>MC$Sxe+y=GI>8DfRrR#cA
z6S63|{>6DhX9U=B<@o)ebH#rE%ze{r5GoUPDBI;qLDGCMGX|hFcAyNwm7yJOzNO_{
zTn;S>5z>94<iLlPEtvw(7uuxi(#oR!*6a5yo7vL>iu{U@H&#3KVu_rO0*1G_MM4Sr
znZC|rt^Vc5p<-DVof-w3VC$@Tlsmq;PRf+B)y&=`=k~xs4zrAHbG5em=(xs^DXMQR
z7SkKE43sOQD#KwVo{fn7`JkHsalqS>-<)RuzL_M#+`<V1udH8@W8{anJi_lS;;X3&
zOy);kQCr;1Ky(~HFGp<dVyl1*o@@7WvD^loW9Q)7Ac0aEXBJE<E&>>J1&`|^MEv=e
z4q;pXep<QUb;?TuoY8OR&W;OVwX$4;fC9ig*OMxT(r|c!3?DLMBQMtkSzk=2Xn(iA
zm9Rse5&8YyQ+6mi+Ua=rXe{sh`#(Q1>QL;e$poNO%cCrwB0ex_P<iGOn?BQFyxcJE
z=8b?hmTxni_eN{t?HZ7SW|qIO%E;{zv})Tg@M1{n`=MK3fdrC!{C7PWD7q?N!esz9
zK>KoWF*Y79IIT^tEmZcAQ3VPv^^ob-02g<4QH9lkkh**mszD9Jd~Si^8a`xb)b!OX
z=bF$S6C5Tr65H6ThHssWW%j!oIlpr>L<C`bhBmawPh&wOlO+H>%<<?jq5;k`a3N#)
zYK}P);jc}u3YrzKZePOoHmjmqL*ms~Q*%we$S5Cf?O5U2BE{5ZX8V_f%AKgt0xe8=
z#dE1vwshp=`-0%G!s(ga`s&=?MW!}Zv?oM!XJm|-*<ryYSSMY}tzv#2a=*KQmik#l
zkM$j$sn$A&h{h+&c4dw=CuaR66FK>h9p`ram`d@I0YzP5#_W&AFl5RN1Zn#l7yTux
z4jp6w6IVzZP+!)@*mG7zIk&SL(E1>X0gyO3P8{For32@^gF&d+P&<30yKEKwh)T&n
zrCC#PoShjpcNW2c#?f~qFaWaMU16c*eT_52+2YuFKYBGr(aYN=?&Z*5q^s9Dw9)MB
ziay<LW%Y+t?;lXWd;P)c?;JvlXtqwcyV~t>+&LTW8-oP2{~aywb|q`4A5(tsUR6XV
zj_~gR_*TUkc9oEi0U+INRHwK~ms~%R5S|&jTi@5V+(@>^1na=k{YSSq$ssk3-xP>+
zD;n5ZZDIsbKlZ#-^#{P_F8~CbuGjcC;`m3@&g8s(jai%(?Qd=c;-C`X+kzsdvze!S
z3-3TRBqf7C+=Jcx*&4anI?pP9+RZPstWty??Hg$-oz_NOg7sy*RK^z8)daG4%UftQ
z4eRY*G5NX$rg1^-pMl~VSD_R@Ybn^e)%(l8r_GKg<F?g2Znpzh?$rl%$xam`FYHX{
z8^IQOE))UP|3*TK`IFZ*2LjdUq^%oumOkxP1{)(ZSb0|uwm1HAmk_Jkd9j)aoK2o_
z1kJNx8##jUHnhPbSwWoLA}<4TgWJ?I8)(OyjCM$y(<Uw-7mRH$zVm6si1OfE4Kdbh
zrl9pY<6JpHGIb253u|nG|5G|u0n7JoBO1oP4*doZ4<?5E0@xEimj(TJ`_))`@HvdG
zXJ^X0#XV%Y_|w9NKA)!`mWA!>C2GQca;LyYx{sw4?azaBSGa1Ml5TGuv*>xE4EmdN
z2JJ`-x-5Rw+*n?(G5E^&LgP7&`qO;t8_4|lutB(esQC58qqJ8*r9OMC=E03)9|Cec
zZbn>PmZX_pxpGx;$_t(Q+Ee=%_|G$aAKxNjm`IAQ3OrVa^d~a#Cww}y(i6ekVh{G0
zc`hA3_Gb5huG#PV^$h?{LOl;C?)x?->$q6YkO4n4HwBTO@x_T4tPfUrl#mR)9K8{l
zyk841%<(jkdn^*a(jRo`Rq&2dUt^=<M2<4IT{4Pzmrf4&_6mOdcJs8W0rea@3g7KX
zH6o*r29@+)fe!C-jMs6(#7$k0m|$7Mid?AVR_uT>naZ5!0fS^5aoD&%hUG_X@~^Ku
z-)UYoFiz%P6^AtK?UesC`0*hyPdq(l#<@t}tGPeCU<-0YXVDnvKgW0RaTxfGdBS37
zUp*Gzvke!YJgN&j^b(U2YK`1bTr}P^DrzpwqHYZ;f+pk|q%_!j)He<0_pZBxBIHyS
z-5Ws}(8#L^yxHP}WNe)bb*s=bbMuGa*yz!NI^;)VvjwfH_~$_}3}=EmZJoqy)(6pZ
z=QTkj44!SF)0GX@?%j$9s*Z7vqdgVPYSRRbzuHy9FDk=>+_9M7w&`R;BZa#?n#_r@
z86QJuLkFr7h*OkU8x_C5jg;!u40&Vi<&2E#*}M$m^#2o9I=aC0jwy(<p&BrUf&$N?
zG=_m%${@72B;pim+$SbCk=@FP-&uBO3t5cS8YYC<$bM6iEnu0IY5)AOTdLb{g`-!(
z+FaaFI*dJqXE6jDq;=f1eZQvl{XG9U++hIeQXmQrdaECKE15fmM0CmyL8+#S)AFU#
zolUEFgzV<nbZL)Wjm5zD6;Kw>Jj<LGk6RC*R;_888in?PHWAYcXID$z-rE@b?Y2`L
z*;c9OU>;>BfjDWJr)0g7E9;&Ur@9?1x~>URRR}XLVH@vvUfy<&XYDa%^0)Y6tY^p&
znt_c-e(1X_ckgJ-qU|CBih23l%Dp%8hH2a<Zk<>WtGW2u*y%`c_Q$CG_XIDpx5x3-
ziB^ZLXpb4rv@!2C3BSNETsm!MMfTTS*gn*g8cB+{fn)rloQLs{bhKbc6qqYDXR>1H
zg8QkFIWzt^#zGKUtk$B)j3$K$Wwbijh$5OPBmQ1wMDt)ol<R(+0x?A5i=Rq}RYIpX
zi&9tI+G@ZH_Xwb#A@)ZY!ru1#TIMn~TO(By{itW?xh5!U;)o$VDt^<>|KnRW+uApS
z<wuKPP6nkh9TCkbV?@+^X+jy9+;@$pd={L)6llE#-+~&tFUC;bYl*_?y1gJ+D=P&E
zg7T^20sRd{NZS`Hpudqi<J>ax)jK~D?)k{aDCdcrbqIXH2TawVYFwvYn#G<D!kV(G
zL(iDgY{-j!2qJ20Wu4_r+2{eEQ_ES6F!Xdgo$q5)lhcf7johrksJoNWd=THg&KHc&
zUt09vBn$4NCKT-_^Nu!K&YzTTY8a7h3~;5gW;`T#`=TdD-k0`ny_0#7anWg~Ib;3H
z@lpY=ciFZv+Kef$u0P8m2{FbFBC1y9--)BQixNu(Kgjb<K(A%Np9QTyISaZ69`vh8
z37Ko-b~WD30Hs&D_~#|R1R&LndFEvE{#M3W78DuHUK6p<^;f$qQ4u`sFItJQz)tnq
z5x_@o-PHsM3I0YuRKxdocesmO4Xd3|eKe2@;N@u8S@OiubLZy@cyUMV=LndiZigKj
z6X@|<EtRYGBD!Js^QdeMd=x%;KXWgGGw-ptQIim-rGFdz$I|>Ucwf-fyR5_DQ++Xo
zz-(f46YDB6SEpQe*ydt3B@do+G+Ikwxao$CjbFhJr%#Wf+)5GSb8R*!Pk?2Kq09CC
zM0KkNS|G7+Qs;biNnKjKvcrBV$xyG@YHea<Cf$IUNz97!YsblJ<|Qp1HEy&@Ixi44
z)m*sVD6kazD@%MmV`QOC57u@L|Hg;i+Y?{i49%X2s7~!S3mKc~##&x+jt_C%>|d<2
zGF#k=lLmQ7u!>54$l>vP5yPR-Mo^RD<<P1O_<UhrMCR4iT_mHmyHW1(R6gn`kJfOH
zS#0%ckdU^ne-Y~F(YcDDKC9AkiNpQzO5_ig>P8B?AwoU{te$Y|BRLB`+k&%O=X+K7
z$NMAGDFqY+F`F_~H5-L;Ig(B<Q8@Yg9B8KLfh;kk2p!v5T6=yc)1@4-Y}?`!U*P$8
zi~?u*3;kgjc)4vm4HTt(neR9AXvh1wn(n(%r#kl@jO^bkT)r}J4*-~l?-lO7skb1R
z%E<`c))b@ld@w<hRciC*OIu49I+L=L(EN3!``}r*#o0|Ags(pYbFULdoSjXUtrE|K
zJoqeGv1;yQEG^tGjj+ziSMRl?IAQ+nASl*Z{I2sis2Pu2e|Oq-n{4{*!iFgC=)|wk
z(hUE7Z1ZRBO}}L+Y=5>6ED@4){aSW&`mQ`ew|gYRM=y67I=p(jF-iesC4Hk250U<-
za^xTR2l-G>B#N<<d=jzX6*DvPoVro&X=YrD;0w0VN!J~0H3a%?!xDiupsd^85>{px
zE<4Q|Z1gn!k!8e3xfuq6SP8T^n^e?RAXRTTAScSu;nSxk$(j4-Zx?REN22B~pWXNi
z!$f!&d6V265X5O0&2(K_X-TK0SV~a)%Mo#{-YO$UVgYg5v?#Q*r1$H^WouDnbVaKJ
zZITfs*4Y<{q^k~{4Pd%bq8tbMV@hDZMxfdoCahgnP!aY3YqGy6*v1|1?=9WGGZ&{(
zROQQZkC*JxtFNhXtS%q#+0kSU#m<+@1++iy3zUfJiPpA1?>iQYW3?lm+<W+yoaq)I
zsJ*W!=ueAXtMBI=cxi{`F=@Feu^{aN|6e=KGu!qC)E?|`x8((u>kSD=pUeGEakNE)
zx(s6L=IE{9Y33pKKUa@+N<7O57S!&j;p`GQOVKdvJ=Az)0Y@3W<U+1lDc13x3J|ey
zrVu79RT_ouEnn+BW`)YaWjFl-*+t>x&ch?d&WTWw2g5W5ezzBI`-WM6i#>aq^Fb&?
z8>i5{?_T^n48CDk4P*yi=++E1-g|Bp`*x!9{Ox?Q-`rL{?=aO%;mI~hY|rA1b^I17
zIF12FDZB4Xj90Lr(`xs&gT!sh^5!W_N?QRubI+@pbX@**_9vY3J1OPTi}Yf+WksSz
ze`5vgbjB8;QITIWDmbw|st*G`3$ktsP#^9!RAA;iYf+-|w~~W7bk1IlZf$T*RCD2x
zIoXzP&3&__h+xIjoIhQ?IzU%4Kv$4&{<R^<m*nFk0sh#(quKi-gtHk^DeFenoB4;T
zfr0zV6j1WE`r0pmL|H2~2lI(TP`!S*H>vUIVP;Wy04coHANo%i(4(W`vTFUqMtv=B
zJL5ROjg5(Nv(y*2AU5aEQ?@e2*9!mmx@R7VY}`lMo5N);+sbjw-<XxcXUq~SSVePR
zE;9=gp9Br77af(QM1eQ`Rpy>0%OE^!OB<d_EmAh}QL&p#o{Z_J;IK8zu_P*=;lw-$
z1tL=l*L~wde-*I&<A*c0`m`GrF1&ELn9b^;YtM=Y5HH=Qf`)sT8dhKuv0h?X<(<z2
zI6tIOE6TM|EuS7+-RGVYMpc@LM52h<oQ6gKvXX+}%s498Q3TU_ftls6&CHtjY8R7%
zw(%(Tp68b$$=}$^rNE=QHPwwUy&yW`Vqoc%GHPriG%9X-iOw*X52IEr#tyW~6MH>N
zzx8<<+LXe#{9JXot-kki-WUaQD-vX2!Dgi(bYvYJt4kToFgZUY6r|&SUSr=kKEB}+
z7tb3FCtF&b5+UqaU|>Y4&_92rEGw*d@|?G{f>Ow+gL#RgjNo4-$`>hm{)2wST<UV#
z$ql#zVIX}tqb4iFn^ml@?(M#e>EA%ZSkwjupzpJ-F`?4o!zO;Euw1Xxelf_uYi@iW
z;|VH`KZk#pQ6^d(!ir~*C7+E*mIlEGOe$fmL6Ty-y?f;ffdks-URijxWN(igMo+(O
zE9nVVZ%cL<{&0s-Rj0z?HaJI%imT5E8_Y!(K?7`%Gb4ZD8dLKN%~x#4M{K;@3p&4x
z1qYSFvCNURVpa7G`2}koax*&ss-=OtL|Niim|CLw_A+(s=Y27W*^s#K_B3v?w2KRx
z)?lVbSr}N*?l9uZuXTr8JHWSFl<VYW^I4X&PVSuT@k-q?3pwFXFLGg202Tb%|FCy$
zsD4JAPqCpK8NWLg`p<RoAALLXxB~A&@ATzZLx-Ge#e2H@CYChR)$&a?-z{UMhHnKL
zIwRrH4L%a=9zz3^!HkUt-f=6Fzx&S!OQ#^mgX!wcD*0KeuZ9A#7qG3?Mw!rrIwVEU
zA}%2(q%?ot*F9&;?AqCKG$3b)N%Cb4AYAM=AC)KEDvBC=@1sl7@t&?LWFlFRxv(3w
z$JXea1z!VG_5%scpmyfr`Ic@hF?K$R)lUf%U5^|Mh{Ew9V0w%8?Tf89H_>vV-=&mr
z-zLUi6(juxwcnJL9{X&G{n=**xr%(JB8d$O+JOt-84kGH667J?EKw#Edv0|k`M?C_
zoSq(P&+>W>n(vmF$!~L9k!gfqzuB?28t0dI$iC0_VTgg-B9^&0z8&$83pKs_*0_^$
ze1M<W;H`UhA~Mbt;}-DUfe;nY5lrY~d+`f|j!;XF(AqIYa?VjF%IoOMq1Ks+^?f%*
zESV&|hNYq-fqUaF+1b3DV9fc{VyTnp)k-!~hY_cZIYcdfPyTwuk*Z+&l4{&+SA8U;
zO>qyH7R*#8(e3k}7V=TOE`@ra;Qgl0v_WS`zCK|2-KmBB85Xl)K+Qh1`gi+Is}652
zy{YY?Iw%1AytJjTSQ|eR0WS5gZtvelK#kE4p<!>yNBbx`!@I${J@sPoR(V*v_;K(;
zFaR<41AB`|G9?e+C>%ArXLdDp`BCR#bb6aYtJ%F<?kW$d4=&Nk@ydA%UWmyQVo#9J
zxHAP;u$BQ|4LS{=45$sfMx0-fA2$1=!(iFSW>Y3qIlb6{dTc*o3r-n=d@3Pz!V1uQ
z*>W`@(=8c4kAA;ln4rirq4Yw%KX$rwRi6J^zhQ-u+(r~)e`D;^<!pnDsJ<p+)eGHW
z)<?27B)ILImQbZtlTUF?vkuLrl-{g3oFUp3Ij)b(7~3}a{1O=PdDBj8(|}niaioUk
zOn7UvnH`#zRa5Lemenh2OH&iKcwQ=1om*T;YnfpO+sU9p-|{`Sjx37Ku(1S}IHd|2
zi*BYGD~#&`$^_kbo#iRN8R!K{9JkS$TP|?xBev%FJw1L8jaQ}de7~Iuxpi!a=V6RD
zi6l}oExS=sF50*G`}66&`=ezpG#Fw##nL)AU-?#Xp#iye?6|RH)5&wNljYZXHe0mx
zB_N+qW?(t`czD)l9hg4E_&uW4L0z+m3L1KFOM|YEV3lOFjKdHE#d)B#yVe3^%z!Ep
za)|CYfU#D~j!yk;n|tXfYY(et)&{8@iQ@baFuLnBpRxUP#7xr~ogIx{N<gr!&~%+H
zS;*84w_$|~dPAA4-(x)PRCKupvC+seag!nikcRXy%~yGvVqYu|$ikjLrpzT+0lCUI
zG>S&Lyx1wqm2=hVsx?+q4`>VI`ST~(Uao#)ZB=N;na;N(<}jxm<FsUt;kTadxIbx2
zlkLDz&`@DgOTyZ5#>H+hcj<CVLu0PAZJ76h@wweBX*Uq~Zuh8KQN#fy>j){fnd!r|
z8gg@O>$O@XrWq_zUr-oEHlfbR3B-Ske}6^fu=xHLM?+yPVhg~y{abB~zU3bUa#ixI
z*b8Ehoes;QU%%!;eogXBb5EmQ?`4p>qkSAdXJ=xX^5wOl3q`Tf^2!g>4u|#@soy>c
zLxmP|dV!Yv!`{Lxby|A%Dw^)U6O6fZxu_lGlJR}{)6tw{z7}?TSR(mo;v8SI4Nqgn
z@(uBdzHKt!1-%}-z^T&gg}J#8`DhC?OStq1TH#0c^JtsZZ)R>NR?qrb{@YW<x68<1
zjT8#~g#~q(Vk8rt6G~osnQ_jzWwZTQ1>*(z#{&5g0HgG$w!m#IH6M-e#kSamYR;J9
z=sKvDZ|(S=V^8|m;;C)q8ycie>N%q{5><PrY%gVG9%|^kpWgpia+x9RgU_@7kg!qd
zu8__p<(E{w`7vk4OSQ&3xiyvH;z`|x#ytD&&X-vo#f9&hKI)%%H6QH5JDTN+cELBq
zmgN?ge3^W&vacXE)s$sVNEK7uLEu@43at(fFw9X%;A|xrsrEi)N}lvPV$XBj#DtI&
zmfI8LZhaFG%Cv;-S8%qPx}utVd3W`5uT0F+9geSK{}intl+jK*Vhx(uowkXDLlfjE
zvrUkM#;4_hK_L%|?Qq+P5eiItr6tfGl80$cB_bi$B=YfDqmdOvKicEw?5TOCChQ>O
zL-=KEA(^-K)ozW!?+HazL%9aQ5WNxOH+S`Ua!TD{hwD7rSR?von{U3i+fYe+Nlg?j
zkln32rOc6fSv=i}sCvpWWERcqWb%ZE%0Y^vI?;RWh*s^Ux>!0(#u}}8+}luK8<CjZ
zpC{Tu9UE#YsP$j2fG-^#QvYe3h*r9)-OlU(k2-Oo(Wc*Q*mTK4POrr^f>c73?PTO6
zq1r`aCE}#LF2#qp+=x$%NoorH0B>z~Rw67rB);MY-|4xsY~1|w=wXU1o@^JEA!{Ed
zi%Oa|`D6h3qa;us_ZWYc2`)^ku5aDS!L^n&3wHq`gl+HrI9702OJd=NIAH!+BSUt+
z=`tO9e{y^)o$T5M%r%t(!JP+eBcf8d7tr~AXcl8~>1|_g(cy@Ev{oWl7cknc{y05D
zJaMd&heNB`tBC!<d;0eTC4foYIWZ~K%9pMuoivxT5S}ymH|`}ORDA*<-uX>V8u*vN
zuKVjCkF0=F-0Uhm4vGpb9FofQjv4N|CKORHV>1on7c8Q_TVU)!sc4w)a_ALP9IGe9
zh>YmQ1{la&bXaQ?vX%o8S*+g?LD{ST#nX&d<rYg6dLeW%$D}$B>PA*&PS@X_GBb3r
zF&m7Jor%_h#T@Eg9y%MMC?lr19LO0v*+V2p|1=ds3{{vbHWWB7198pMrhs|I{&fOh
z_7s_Z{4)dJUjKwG;lCuW!oc_m`j^W1$hx`<->EnE<cWgNB&~h2TV7Ba_mW1lieQ<?
z?a0o?(B+{Y#C-x%w~b=HnoD;AaKFOn)M<a;j0p=aDcsJcYLw_}crPiyiBsk~ElelE
zx1s32ceaMg1Dyn=puB>ggg$=iHU~c#W`xts>f8w-im$-+!47rOw;W?63Ib;iP_&mJ
zO|fq9bPt+p3k;)jue7jrqdG{C8o%Uux{_v4hYHGG_1H}CKck0dk1;mey*NXd_%p*n
zZLi<r$*_4<#A#Od&5G@b`i~Q;!@mPt3Zne$b$(wuTF(5PBm9Ezh7De<+?fzLYFdV4
zwF2dyJF*<@M~kd8tSW;-aR)eOcb2STe~D9mze|fBn!2S?6SLCf+mPA@OotV?U8hB0
z?tnzV)Ud&G1GuST{vTXb+-P*vuje594d13DFPpC1=%RX|$#x_z!oRA7Wzdiy>Uksn
zP`~=V9Ieu8wSuQw*~=kxjdb{{2f;d1nC#YX>92efYk9vxy9(f4?TJ!J*~Yda;U3D}
zDw4WASH5sXf}+9@x0wZxbNGh$Cleuln&hUvW;~mW$0QmmIf<+k9N!H6G39<iL7)Ya
z7y3agna$OC6%A4%_7o-w&quhrAR3QW2d=OiW6ImseP*Yo>Ls|07>j;L>vi7?-7t{v
zMkEafUn%cUWm-Cg2%-|ljtXs#QWQ6Q;>D_gq4HEk{DBp&8fa=OIhLs5(^vM?FMEH|
z*o<-DKFH#ll~6$F*-3|7_)aO$*^WP!Z-#?%w}pI6giaSI`P)1jv;g6sQ+4u}Evu0$
znx`ST4`ad@`K*O-=YpTzp@BKBRGh-mg;Me*e`;k@y6kXoM8ojB|8fCczSpx@bu3_1
z8F$oB>&%Y~^-PowzbQr~&Nr^-eHSoht+?7Y*>U#7oO0T~5<O)j!2_@gchk%7YC5CE
z*8SNDpA=ucNxuG6>BLe3%?2fLJNIRZfE<ousT5Ft2tw)!bYm7&ShN^Hnw$xaPS<SP
z6i*<1No~N`rsk>!Ai(s4bq&2#ZT9o;R@fl>OKS@o!r=4BXj-{69<f>76!`7#paU1t
zbMQe)Vt;mky>Q2n)njG<=KIVpRmbi&*8k%f%5n@aG*sXBIoTAU`!WkYU;U(9e5o=p
z5gir3gQ3Zho3oyS`W}qjxtZ;m3ik2mHS|}O-_VB?nIvE#7D@6&UhRm5;sG?dXtVQe
zUkFZbMhp8YMB+$~FBF<5H{@qs3U6K;xu!GYS==zZ^pZIRQl5gIN-cgg(sE-ge@Pr`
zxl6{gosU_wpC<fyT5+em%3ZK%^Vsh`PJzDhqM`3=#$JCkTo<t`Gcmq4#?@-M=o%HZ
zKYjmt1D8(MpW(0lk|*5ZBUj{nWBr&+&*%xk$FDY_dofom6~o>Zz0yu;lzNB)L^y!-
zsK9vo_8crK4rH|ZQ#7}!L9_R!$PWbX`Wr%o;^P~fKWUu1$h8z-Tb1EPneKTH)t_Zj
zA4Rv?4k*#5W^Rat#4S2kDz&<=y>PGvs5q*@?acSWJmF$kP;@UP*WGPP1#DtwTCEV|
z;mCsMJo=J+`Dy4c-IFYt?H$zvj6%1ptMA6rFMZBkejs#m*!mW_HdyF}*b~c_rxkYT
zm6_ar{z=KuJ)~Y76p$Hg<bk|g_Qsc`jOID7>d)<PC4DkZLsyp`C`y{L9;}#-WrfV|
z-_XIc`t1_j#l8m+rndujFHlsLRbH32ER-T>z9|q^tpBk!6wq-a>;R&{l2_Pst7Ob{
z#W?H`7wKN)LT_&xb)8O#9rZIGeqcho7r_<7Bt&&@F1ymB9ga0Z@-7LR)Q>-xpCmcF
ze1pNF{8Z1~C3$fs9NHoq-}P^5!{#AMZRH_=;<CTuwO`H@Fno4?<^I=pWeg!Y<G@=a
zcd95X;2jqve0_d{HTk(oa)nT))rXw<Zk*s=tA4T$xPlkYKc2y4<Cl2CBuBWala0J-
zO)&^s)Yj?1h=j7|4R?nV^V%ZdyOJsTMm3A)?)B84>}TZKiwQ()xr3}?CWb32@u639
zmJ=E`1jnd3R|VBi$1J_4Ktp1jqe#7O_IrR1Dkk6gP6|IMl0w)j-N5&`S2q)vQ?U5$
z@dWmG1<wVCCpBePTa;S>?P0=4K<2d79QyO|iLn}=iv^S%^5nd>CTlv(Tiz<i{%k>x
zJyUNXqQNgXkO3%1!#++~#WUb%LQY_pX(2n=<R6jIGr_J-SefqZ+FqOLyUX+k8YiB6
zNs<>d!WW~Peng)$4B51DG_onr7D}yO%}gxVyo$1=>C>Z#lDA)80D|D-@83rs78%4u
zjA}LW-_t0}@sMnyFi5_rHj9h38=ToID+Bo+0fe7J2d#o}Q|>QuO`n~@F0I+1wnr*d
zU&BYFVFCOwP04Iir5ZpZC0ao&w71*|`+Cg5R)t#Xa&be-8QNgSMy;W3jx?U(IrN#y
zy$GYy>cdzXcW@LP#IZISUBY99Z(VMH^T~(ZxkghJnBY#fYusHcbiXdmh{e9*3mHCQ
zudXjR#}zD4uASb#J!%cT+Ptm;J4iyC&`u9E5T?9sZXPS&BK`eRrDD$|CG&Praq8QK
z4&=A27Df4UMN7u#s`B-=eD<spwt;y>ODvE<mAKtEhwoFdb@35SH7zjz25ptrG%avy
zz*x4_OIBQmc&FDv?JNC&6#D*xC=MQUFf4H4{RO?U$^9_d0%_|OsdJOSL~Ud6qqlF~
zM+iDcC@dZB9GudLad_<-oIC7rL>tF#OHU83HI88z9DOw+UH-A~VTedUfzk@LDlFUH
z-6_QE;!(BuwU?D+HgW>cfAxUkEtA$4aE$Kf&R0u3?+7g;ff2cyt8X2OU^nA`N*h!L
z&NBi;l$D%~^A0R6khUWdP<_>G3%rAIz7@LE{#~5CSbrp6HfSzSmj5strbOPV2XuLA
z!ameuT!U8snDZx1%vTYIRD~UceSAniU57awv}1jj>=K9IY{6oi&w9BPybdw62{b1a
z&4s}-iQ~#!u_xFN-y437alEYd1A$TT(^Yc0Zqfe#%3Gzw3L_@`N81%2>t+l_+Q@Qk
zH7P1n`)dX1C5vhY$rD0B1aI+&ud=*#fYj?S8aI1WBF=PBfdW?8F`YdUH!580{YkzR
zZW1F_xO_}u)~v~ckkvRD+PlwnsZiG1rv36XOo$61tKK^kK`{rM9lmeJ1kwIJt74)}
zE=@U2!%PnoU=sC#w9{P8-13PbF({4muMFvgQA)9<@wbsP#aH0LV8r_iOaz&+b-wF3
zgl*IQt`zy+jwYQcN7&Qe2x7^EzPXXuO>#JYLC=2EpeZTDh6pESHp7W=D`9qVQL2h&
zCnIE;1;o)<Iz-MkDPt>`7JzNv%!U2t?>VRWYP;AHcB66ckmpq1p$_@td}HUG>@18J
zVLJ^#`b(0@1WO<G#(2%sW-=i3YPSFA3o^{g=@V-v924}<2MPoi@rzI1%XW;mTRudP
z3G<DAno916wLJMBp`m^aLTZT(=*=pho~)W2XcM%her&-j<uExv`My{```&6O5cF^B
zde4&K=6R-mv|GE4w298{u(2{|X#Uj#mntlMT?6MUFF4{M(z$cUk}`G+s9$fb%cbdK
zC2}i&AqL%?&P;~j*%k3X_6{o$A9e}P+`m%4M|R(O;n4cFS-P7bi-(ss&<j8K=nWTs
zGzt8zNt7->uDPRh?$*64br7>Fx5K1zSpLD%S+$`F{KtBo8`YZPZhOUR%uE%_7Lyz0
zQRRY<OJ$)K9_?i07>B>ZvwE_t%UyaNiz!$v5KZHzZE15tTdi9FkwMxv!C_$X58EZL
znCU!isMC}HH>Qro@q5_pWmel9iO6-0D1Um(u5sLNf9*Gk#Qwm}tE67j9TZSumZ;R1
zo^KAO+|KBX8G2|;n6ws1ZzhZgZY7SX?_>pXwaGvZvrZdL?k&K!u2pFrRN^@#Cx@}u
z{@FH?y#y#5?KsBu+Ns~NUfx_mP8^;GPdQOmtP+zUNDz60Ni@Q9g-4_JTSo2`yTpAM
zI^rU}(jR|LxNrUZMi`fH6S!nlxZ?a2rKG00(6p?9HO&C)P5G;D3_zs4HZO4<0~^w%
z$g?wni)#eGTT>C@)&shQ?BCfAZjQo{L*rQB7-Dk9PL-yrc1cdnUCkcJM)OnVOsykP
z<2tZd!Ec+<N#}{tV|5j<^98zN*_5}EC!bw9mIzr)2musal^-p2z<0W#{b7}_-YYt2
z_T^oACqq*OwN6#rcdMvlJ0w!1>NS7<sJ}kCu-QV|Hvm{z0x(BRoJB5+O{|y;Jq=yt
zih1#BTs?a)SCV4@s9l{8p>=yYEZvwLqVe~Q@#e@Su3aMfeiI-=j(|dRXLod0rJjvd
z{)ONjvc%%Md)yLms_q%;bjV3XfucC+`=zjl?LvHEXRe70^=Zf8rXni00Ue+`hiG=k
zQd>Or<z!BaLYBElO@nMBoLgMjy;(|2*qx;*>OWE2*VchFg*GpgvXOjS%`O+R#OvjQ
z3I;u6I!rsYx-Np>^qa-Hhni>qtGoY^B&rIKOb3I_9!62Pl3!1VA3)kM@t^z6Jmr{~
z@VV|-U%l@#u|PEmx$=Mt>T>?vbn!L3Z^j)E<W(3kGuR$D=slrR&Co#gqA_pO!aD3P
zCn4L=eYZZL1fimHi8URB`G7_?*m7l2aozUv+)npDk#%XbULb~#{-z{E(Nh*HSF2%0
zrAN4SmCl^K{k5+)WrGqGAm6oWpmA)#QPI{MVs@ccD@FbI{>yU9pAM;2Nu2Rd#6a@h
zb()qVR>bl`3r6^To2V=I<9e849=E`M{LFq|@LtKMyST6k4(-^AceIGLJ)mA;&~^sG
zY=U8cooa-0YNkN8ibpvmCHcUx$IaqkZ&cjosoSoRG~I&ja?RG9!)9`n5sWb0E872C
z17ZX}*SIQpthCx-LocKG`B-#jJ1u<p*;mtKk9V+X<|#Pu?{hF{x%oi5LT|PIx|e22
zb*ZzoeS6)AiWbb4>vLhFyeXgH^%cnZVmBoezG>Ji2SQu#N*vQ={;m`O^%mFYGBx*q
z2kL!1*U4nZF4EjEBymcom21pj)<N!Ho~>)&g0*I@hBK5L=hH6#dUgr+m(3V_UVk1u
zI{(aTpM8$!;ge;T#1s1uD1i>gEq|yB+y0goZ~HjB6T4&qC>+P5%UWC%CNK<xed!&V
zf1&0<C%-2ral2P41{p!Q(m%OM-ROfR4kE4G<O&$mtel{|9k&whDI%30--X=208-$(
zX^`O!_Zodq8BN0T>UGIMxX{<pgI5IX*cgTzcRcA*)T)UUJr(@mqQLBD!Ai;(IfuHN
zmSsa%Jz~z>eZrxJ?3F5>3yiDTOxl^0FK$XS#0XILXYkRTyqz4W{ZL8lY17`Mj89!s
z>pqUuFv^SV1Xgas!et|WGwq$KJ}Z%eoo2DLM~jPz$aYN!`YRnr(K;k3eaeNMe>LN%
z4DLkg+yk}8#r=)4i}Cw6F`&MTpFzXJ-fYPDIRAA)^V0M(w)T#~g>JKmI^mv>a+q#@
z+OBE=d_5?}dUe>)D1)v>E-Q5L)k}Bg5kB`Ce7D@#Ke5TNnk28|a8M^SC7(zh?}=3{
z3@C-q&(Af*v95P6176S3ug>{yLLvpP*`@?6QT=5Qih%^0$Mc6EXWSZFimIQjcme!!
zx~2){-adQu2h6E6-()yCdhCr4LWGOg?OBHopW`8Se~<@Az^6b7J-@jGNR!FCjV1-O
z;~nexjYp!f9v@u^`A=zFxhvs(t_!waxkgRF0lfL$vy!o>Z{%I(U%ss5&bkE#Oih)?
z$!BN7{$X&PN}-<wLAECf&`Y|MCtP7+uKzzcJHnz^>caXd=ayFAn5dY9AsTdLe-6vC
z$&O0rHse`aK<`oUB%o-B50hL?_OW)zocAHkMJc_^TIBX(Os9eZrEfVI#?4C3+#M~7
zX!dj^l%uv<=k0{UHH9rE0coLCfXm9;m#R(^N6Z?1Nx52)p3v-nnv(7z;n4d|642ll
z<o)2`)oV0)UH(HFg}QID8gSZkmkOKb>Mu<2CBdV5TG5a4?fZAMg`MZ><PU-;tWoKD
zk&SALeF=s)nMEb4XJ_u{_?s%cI_r(fJrZOXGM16i{xSlsTl**g`p@N=INBfGQ3TiD
zX!k^}xAa?bv?NQ~i-RzZtV0<AE=n55@C<Cq-&T>H%MSTem!DRJX6+&Dvu$dSo~f4j
zHx@c4ro1E^Yv9g)Mvaof82qwNJJ8L1P|>h<!egxwuv$B^QQ1{If|_kV_|@)~9{Xrd
zDq{mW<tnF2N&lzP5qC%bc0jM%T)j?D;Os2E0eSJ}!Sj~Z^?Fk0|MffVZQ<S19PKTQ
z(*S=^$<Gpd(go1c4vU!3E>m~iot|Ihw4?HKSkcpRPFLD=T_+(!ymu_!Q4Um|j~li!
zYLj6m7yf`XpNH<3<xV5PYhT0{FBP3n8C|X*@~x!;R+#8#Yx0W|fKae){W$4!2G0Xr
zWn$QC2G>im2&FkBj{)6oXrFPzp3ek2o44&~>$&fv<8*B&TvAaZ2>j;OgF3;L`G=Pt
zM}r^qMJQiEZNd?6VjGY8aGP3=(GL+<G0BKfo?PAmJ`^K9pD0!3Gn1Y)xM%3D<8QVh
zj{0+5t3N2FE?yIt`3ErD-R1we?W~RAI*#l>Vc>(r_0Z6K@lS;w=lcpMS@67Fquz_4
zR}1v|D(ls}BoZ~CI<`})78ILJ8J@HRroo}Qlq{Qy<!Cv4xyzXu7yf)!&+~hqVu4-8
zA$Ej*`W2=21O(cRb2T7Cgl-IPB>L*lo-%h%7|<PcF(aui-c5CNN~;TXSp_T&?*kwC
z#nS~ZG)}(&(KD8>q~2plcGDX-ye@<GxDL1qSX0J}lwEme%9o4eEIw6@5Ee!g^qu93
z<cgb~Lo0Vp#A2b)WnIu}lY|bwvel3|!51q>PU9O!h%fpTq548{uILC3fou`p*&eaO
z+ktYNUiE-aHT}C@;PWRD9A9vwE>M@C>ifuOIIBNGzE`%3(nQc24lK=H{+#cNY_d40
zO)i&01G>!}Gkz=TJ9vFJBC)PYGzw)=X_xBEBq3&}V%?*r0a>nNzo$@g!Kcb4UhHA#
zn&4npwcPP}D5|SUhm_zYBlj2_g`ygWJ%m)QL++giz~*A~0m+BZ?D5jT{eLN33nuhw
zRJU0uocP|@PJ9Y@n5*{<{G?UJV~mz5(-_zxcJ}j|NL2K+{Es2`s5pYHdjH5F+*4Ow
zvs1U*-(@At=a841M<Efz{(DZj?zrvlEV<GvXzJNN?Ztfx-q}q|CmWv;Ki75z9YE%8
zXqVl;g)YY}hp^P!{}oq{HHGtLFFSsMNA(-i_r_c0t#iP)qae+Ezq;y5r@^p6C2N}7
zaC0~f;S{Dx>MXW=O$sTw^JFQ^Y4IKw(;e}4SUSfBiQ@S?5X=Gu=yzb{qGsSI+FuB$
ztIf)cF6LivfU27x?W7GT9lP1*(70TFsC(0pV?}yERbi8mzA<B_2i0K*qH0<>Yh9<^
zIq160s1U-u4G2L=*G(SV>W{~f+)4*DBNNQ0ZoB1LSmHh|c+6MA>lF){OO#Q{v&u<*
zHdGxlhfl(0e01b}q|?AMV{(Lq7I~ZD&*s8tt>kQX{6!3#s^M#B1ImRdpBWkPzDZjX
z?;e;po3g_#-@x+w7neJR)EWA)yQ4Gd3QW{SF$>8+Mg^n2i)LR={)P3=*6P)miOlh&
z4XPV06l`eChOOPI<MgYWuWD`l0yMzbf!*TZy14kaaS}=2npcWNE~)(VJ=I9~=k{>=
ztrhh_jHOCfetA+58|q7%|L~J*-K1T*sBRMIu9Mk$-Mm(C`&`p>^K5W#5}Iq(+8F$v
zEBq}GD3k&OCRO#O3ePpH<T;gO8f0&N-T)Fr^~9-$Cs%-}QK5@=_SVG->-5YcL5tbn
zlCqPiN2TU|R3fCL&d=#&-Jc*RtK3IFEEn8I@wnu0YyP@i+Nptk4uOHsuVvU*G2H}V
zCW&_b6Gj3rNmj)VK>|_WBl-))@SMiI+<D5md$nTL=B8TY9;p#(vNApUzRgZ{67Sk+
z&f00a+gj>vg|hOiIh3rcAE>k{DveGJlOG&yHyB_HeB}kNzS_k%HLDEwai!K~J3UtM
z)&_XHcpE{A4~G=n-dY+LuWra8>X+PDD@^|A0c`a%gO;vB;!airSj&0bw8Kjt67rn!
zghX&(%o1Q)wyQ)7f_*+@%xkHbhQogZT58)|%uGzR0P$-=cpCF-HVH4f!)^SEwz^wy
zSiWFxTY#9O5)b>IhdGt_AzSq446rGoZ)N&-&+!#3J6KlN#rYY%56)dEPJc@p<MuvF
z;mg-k9T160`k*sE$BciQ_ST2}bQZ4|*vf_`P(hCyAw1f>+GHG+z<ea}oQU`dv`&2&
zutdY!{I2kY5TPH|9`MB1M}Gl3oadby<q+2ah=kw1Uc6TWJfq1JymlIHXtyd}D_FbW
z?IW0~O_^ewoeC$s4HKy6)<Sk9w;brF>Q`BTC55V#>w;zNi>`Fq$%n2P)>LGtawuYs
zFDta`&6ql>FM)76>{|p9-cl!gUY{4^wmp<<Plk8+sUK7@lI~vq#w^s=5p$AE>2s!L
zP~^y;_<mc@3})TDNvN&+f7pA^u%@%G?>AOt6mVn|6@_tB5NQqwNOxqcG!^M3AO@sH
zN`TOU4aS0u3Pieyf|QU@LL?AEQPG5=l!O2Q5knxMR|zC}b{s|Lf1l?*=YFnp-W^_e
z4MXxPyRN;~cYT%=rAE=2vy>YCsKayLrj*z3h&Pp_e=;AG5-&QDi`Hw4%*r=`OZ+mV
zt2F4JMf1wbs3<qukBHCTc!p_yO~4TDPn6BqF?T*;g-TzvNa3A@^;!A%yBK9HG%vBE
zG>sWXo)HGy)V9A7?3u&m2c2U6!P%!lHa9JP@25-f;Y6kK@*?{g#u7RZ*%XU1C(W!%
zY4@R^1EJmgSL)H{nmw)H=<x9(ndXJWx&7zk9z>p+smU+%*%{^y6hTM5Ig1*kNOJyl
zOA?aCD5|oD&X9{9<^i|9#!|mZ*)I6LF1iX~D9V8iV)_$@<3U2B?~J4W#B_ug#=ZIX
z3(-}paqk$9E{liYY=<RmBkn{{bM|+g2)R^A{3J?A!k@F4JZx+DRI9=F&mLG#D#X`e
z!iP?e@QCXeIn(4@o>nN{!#bLSrP<@xQZK*NOH|I;qQaT2@}=+k{3(?7X3TSo$Ed=p
z<nj$YPWbZQ=0N6c{92cGJ+C2SG3Vyfe>&V~erqAwmO8SDT?UIl_lQ4(eb{wFd*Wds
zam$~k5bgd5BcUkYn{Q00{VekNhySz&?dR=+R_@vI8?`*}amG;}T7F&mTG`5-W9IO1
zD@4Rx`L?cI!EF6gmv#2^M@nJ(EiHVfqrG$=J0~Nfr7Gi1EG`DsoytWYt1HCT5WQDb
zkn7369Q|aovob2o2yW!gHDG=E?GJ|&7C(u{ZmF2)Om<y*AWcbk9nwjY?z^$MOdxT=
z!XW6kv};w%CuA3ymmDhNPydA0e=Cmgp%yB=p_XgZh?9Ye?^oDQy!BfyG{Fz3{_eSy
zxag(!krJ{u>vzoQJY06Wr*Br)K>6C9H|#e_NL>$~WXprQN}XGXi8khG3!@zx-g|or
zc4g%r%E8yFOk^GPPCoZjq29WPlck_{Dy%Ah(gton)11XVE4%k2h7NQpYYr)^luj|w
zUKieM;9+>i6r74L;kf!>=HZr~70tfco3QHwq{8{wy^NjpBdy9VQ@8h!<Z*#J%?gX+
zs}(~3xSQy#u#dL08=f?Fj?$bK*dgH9R_&npguk`Byjz{sl^@X*nhJ5Hu+n(9Zm6W`
z-FA9(=-r+5=krqZ^Y(9g6noNv`qoO2sh6?VPLpY&VVO@ob^V0-4kV=^ZR3tD!)B(1
zDbek#eK_jp^CJ6@Z0q(nM9su)w$l5UAn~-oE3Yp%-`ITjG0w>c@4euE<{*qT5|j(}
zcXen!%~Ygn#v470R_cdpl6B?YE-P3b-fZ6|N?I@MN4R7W*$QurobnS|G90b?+dGg?
zqnE)h;m~RPF4=W2;(&c@zPcX`8#$CKxu0qzvBW}7M6&e@c|~SAgIk`A?UVThCYRQK
z^iq`h{NA~nDS43~7TRa%COll6#KU`#yoQwKyzO<CQcs{9=owc*m!VY>mOUQae-olN
zLmO*JKjbu+z29z6*Q;dD4I#Kd$o-xz!Nhv^1ADqoz2L&sBkZ>-Tt=^n$+@Rj5FVw!
z#}0UEdIK*e*PfTWl%}Ttd0tH{470`e^c^fRT1PxT?^%<e`1$JXMM-<s_H0})ttaxw
zy0Y#=d{*x@5r3LH{sjNWb-^{o=5^%(AXiS3doQe(0u$Zrtg#!e?$l+j$iZ%S_{cFF
z?qhkZtK*siNW<@P^9WNl3AaD@-!e{AUK99)kAX+|yj+8<JoCisc8#;cAjLZG&^DIN
z{ld(^56QTY)m+_Ml%%8LPI)N{<pPFWOniA?a<WUBqcq~dvAmoFBO>vPC<q0C*y%nU
zcYCf{n!BHIg45rY>I-%D8P>wouTp`Fm(_q|wehYG)>Q_It-HM;+w4k0K-V8+|7~+D
zsL>LVy!o25WZP3j>MqMW`D>EcqC}rU7oE01$G*cmGHG@_&yW*NW2rrX4Pg%*ckSDd
z)^k4e;n1A%^!<cHkf@23`v;NmjsXP8^+fEZ=hk!@`>A!8h&5sYp|+;=&E|4iuwUej
z`tL)4(il9)y4N+kL%Oo{lHWK#79~P|iQWiT9o-P3D}ozPMHbgM*jvNRJOStDAn<fK
zE`k%3lZD>M)9}$ZOMt7;jo0e(YR^qVlSW~4oA0WNUsc>7N-m~><axJA6G`2ta{u6{
z!b;a#wrQ>3a*YJYF%*zS$<02`tl#c>TomY_s8x-&l~9E-B|d=npd2S39rlG|Vk{Um
zwn>Qv8KO3rS{Fp8HGk+n#75y5j{065WK~R$hmxzn0Pa^30g>!qTyf)PotFb7nF6nA
zIDoHoVwfmEe(4n28;L+XfkP>tA-)pYwzou?l`L?Si#A;U8Z9E4{8VrB`NQ?O?O*ya
zrVjc3j?0CGq`;|HG9o-vhe?!=1a%xFy&~jmyB_*E2Cl<A@UhF32w#=K1ndeCAwt;_
zNwK1=m-Rhs<BaGm$R=^IWWi~&RZJ4|21pWDEm+!dV~ymI$HeZ7&06%LMuR;B7a_2@
zpN#};ch6jG@=O*DrJ|D8J3$EZ)5|fDY0TLZGk^pK9v8&*q<7JJCr&u9x<KO=3Y>mk
z5}lJcB4=_;_UGY~#ts18aDEO2Mvby4dA+kgt6Bl;_et`;*Pd;U)jiV#PA~}<_d!JQ
zOajNUuoHkYP_}auWTBvQP((+vI5KdffNVV@obm>tht5G5+S$gi{`PFH4k^E2;tV9D
z?%F!*C_32jZA52w-VOjF0yF6t&Sc-(jU**oJJhGW@=Aq8(|?+Di83LnQmD@j;Tv2(
z2S!d7*pdnWv_gLQgBS~JV9x=DP4wJJowp_HhWJKPw=6I4v0<;23k?1&m4YLwjuaCq
z!wVJ6ke+FvHlOGeIs)v}QMjzs5>fHID@6IK2o13-sOfhWaNOn-6QV}lSL15`GIcv!
zp|eJ!d<c0RY4qh5wWlb~TGEkGqTX}?dU%_`z>V|33t|Y~E<{O00VxQ8K-}Y#UE@xf
zenX?xPEUgL^x~hg?!jcBkpW0i#+_8WrNgy#uGQ^ZR+wyi53Xtl*`3*PJ0mpUDJLN@
z?{oKe?P**2K<(#e`|TjF_5T59e0dy5?Eyd}`sY8vzyCd|P1>V575{u()WctXwx#I?
zdCY||U})<E$f3TwaZwq`|1Y!M{6z2_LyJd;vi~<oux%=KXALb<59j}H{w@dLC7gf^
z1TFvn5(#!R4GdmFc(3bq3CgFp4-2Cq+ois6&Qkf#*exq96QeC<ID57d0DKAs<~qy^
zo43UT>{%)srT?~62_R-E-yvqfSAaV_NyJzys^M{9g_w$iq5xvOi3s|ZwF=@6op)rQ
zV8+QJN*aR<Gp2L@lNeXd2pf#2^0-*2)T*O!(~Y>nJrLO+kZ=iFbf+>AP7Q{^(+V8k
zweM7ckS@M|avTOG1Pg$RQ~;?4jvUU8;|OPsR={GQ%feg!f4bk7k!$EFA}4I?<kz10
zcvrLK`4Z%Hu83Cj4?GHdB&MbOJ9iH9-}4L=(t%3n4k!A{mB0LBw@1P3(b)yn`vV@m
z2Mbla*kGHm#Sk}PE4sZ!<S^4JaS?y#M-Zajp6&*0JZ(yxq@CSG+w4p1w1tww(<g!7
z&*3{o4-&)jf4r*e1TPKZ8?ia09{34?i~ReIPnbs>(Z-NZyjEOJ9mqZ2bxT@N%}ad#
z+D5e>XSwTzVDH`9ZuFtwg_iX4^=X@ZwFH2?wRL5<1C!<^_m>zy2b3SLeYNjQ*NuyX
z$*$PSp`Ab8%;tsQ81DUAXpVTj&7l8_f%X6Xqs5-C%e(t;T%37S?7dE#Pv{N2^L?6t
z1LqU1$?gLDx-JleO{KXiHl=9(3n+Q6edi6ov58-9G`n{;XXxAh*a+u3cSgt426DG{
zDL@==x=mC~{A-xMzM%jvE&ft_Pgg<2hpS>gw)1vP2NP`kyg(dG=)eEtd3w8x`6%np
zcsZSc`zPgoL|D2ujr{Vr^UiC|IM=KH{*u)@ym4Vs>6sMVm4RbFHo)t|`75IjW96e}
z&;9#<3mpE+m;|h@@7zM*VDmuy^wJ^>plWXZxPU4Zb|if7+;^Hkj>+0bI)E-kgp2>{
z>gn_Ee5%CnY%5#>nK)m69xHz5Zz?A~Uw!BoK7Rd%TFUq4w)20vC5CnS&^A|=!pg9}
z`=aLKh9^JOo}Jwqwl#L0o$mJs-kWQ+$?fqVggEj`;O^lgkk{%f58?V}`N_==aZ5b;
zqp0o%45lH9FBLOozS4W!ll@oGX;Vzzs`UkqllT!CaOK7C&u2ojeTUyM&eetRcbxi+
zC$k}kjK1I3g!WQW&oG1wFP~o%+^*D-+UU>EkXyAq>xS#eF44N|Pv*~0gAiphkU~|<
zeFKuZw;n7kIuCGmnCZkkgJ&X2$6VJ{AE}B8qlyrEKhjcH*cwC`)t^uel79r1!)A#c
z+Fl4IaISfZQ$_a`W+^+loqAV-?g-#F#NqiPb~8iG%78m@Qbb>)h(LeAvVe9pccty=
zX&BgQlw|$N&)I`0DOU(-*t1su*idU06qu8x-t2FCCrQCAJw?+q8Nf{F?mXH~ol_{y
z-q}3U!E?f;xI#)Lss_W8uRYZrL5-*SWL8FP9k#5+jXc2{J1mJ^oF8StKwKHvw$;Fv
zMvF*+a;sy{YzVoLjuI?dL$npwIr^3yPXV!g{PnM!drZl}J)M<7>|_!C!7F1SGh*Cc
zNPwI7KAtNX(O?D(r_%0FJA=lH1yVQzU!5ra^gMg~JS&)Z)6G#{?Bg_5U0t-Rbdmv;
zEKx$c>#?_1#G&?>5Qg#4_(u>bw5<d@ox%WsO!8*{i>x5p^)l#`T2ZF}CMl6~$u+@n
zeslEKr+J*W568<h=I8%Z?++Am{}9#M?R`3a<zt+sW6U?=*v>*U&mNo-Tr@L@<;S}~
zh}Y)|;@3U2+;v^O7103aqimIHmM>hhmksQ<1Gdm8got^H->|V^A4YezXdrNYSFQc2
z_8(Ip^3LZxJwtEeGN)GTi4{aU0d#u;L<LuWDdORn1vlh5UiP`uhQA@c8){1pU`&eM
zHhXsI_$rgVCAzEI%n)X2+L-XKsMHu2aER4Gd@#9>W4I?6+O!B~9&FxGd;7tdMTPNo
zaZ*JU2-+7k0)*zDkYpAJBhc`dX@;(opgE2f|0<4Id7{Epy@_1O>NEvcn%rS3H`RYW
z1DsJ-+1&LFbs(5vh<=1_W@vv@=b*@fH>{tg75Ow1#WrPjD14pRhxUml;zPY|O=ZT(
z<!7zJUA$D)4i3P55*=VnIvEz@X%3xxRp8A;T2Vyphwsy<p>1t*8}B19?j7Xh{~X@r
zy6;kzl^<#wJZ`;gwBKQD$|1L7a~r6RWyKP(sCD2N_{~6!eI}lcAWG=g-fr`~p6a&+
zGMKfp8Xo%9{CSa<6HTvp1aiV;DdagKqQh$!gk<@B>OYu2WFLzM2+L%!a@!okLI%?|
zkDl45KbKVb&ruQL`l+1OkV~G^{shU%?x}baBJR4p<=XDN(i#5=n~-GjZ%Z2FuKY3F
zpc!<ag*M5ibRpX4!j(V8l$dS^Ngw`Y$oDl~fQ{;<v>|w-7`^y!x0vi8t<HHhFXqbH
zyH;OvcI&V&4?zvVP;;%94y|0|khXZ;JZ^ror)Dok1pU;%2i-xu8aaRB$Ir}fsGEQ8
zpWU2m?CdjHMnb_jMAhry7jCH!SfEy}<$h<gZ-S51m5NY|+gYZxa~>?I*gkpX&$V6J
zZuejI<1zrLt#c5VB?XNvjA0Rj*VSz(Sn{DffoD1^q$8~DgZUZH40v{P)k!q(!entx
zZIwIoJvC-wgEg=uPd`Usa^TElm~vki{?}Ck4!Nq+(ilX0VFUFyzZi!AovW60g#VF)
zgebR(Np(Fl1D5j_LlsyhFkqxOr;2+Khm+UoE{&EIHi~dB;WxI{g^M)+x1(Hp`q{&&
z1GI;C%7b}b1N{f?WD2Lw*9f?!!`-?7zZ$mV0`)iQrK!@l8s6}&+Nq8IYAoIj*N6)~
zhswmS*bLAc<&+cTgPpd{K9#?NK9_8bZ*r)|#nZl<P_Di|UmM#qmffUKo}#v=rC@1E
z+H{cxo6{Voe}pB$XewkHth*rUpTn`JDYrWx!x=u;dY)1&4mT1t+YRYxE8{y?DH_yL
zALnGu?v?gF1iJ0s8gcKTWWk*pWQbvG9i_A|Is2XR$|q*m?&*?ye?zm!B(>RZx!wE-
zw;){QdJ>FIRB=Q&&aZr~b{IV5AL8y6p<b_o>*IsCo`>x0L(ENaWB<O}JPt_Kl1+gr
z@cz79RFOdHdIdN%?eMVwiTrhS0#eZ~#kD;R4koxU!ldV9D(k??J`7HSS(|;OF0W3(
z)HTrp%o``m)v4g^!Q}e(b0{1%?%9aVnhg%ucGrBJTq}PR4dq9)vmVmXW54uWnk1@P
zQon<{U(2m*-QWxVh43AceuXL+DBHARO*{_$zFGet@|1CH_CE2qU=8^`$*S5;geJRQ
zbExMTd(Y<6fR1g0$$C#F5uzOy+uYRcbC=@QEEEVg9wGwxTD6gW%#>^WlUJPR*x@G4
z)*?C2=2UCLd*wsQ6nCEmU{WRB+$fVQqB;U^&5NRia#TTP<2&Fq@}xdJeaG^$4U}Y-
zex#&`$SHu;-w>w;zc={W{&#iwohYet0Z%#)>SPF4VIXEkVC`O3R2x~0ZAFR^My`iJ
zk}`CPj(R1*s+VOaRt*_mNQf$3lU0Mzy}aNDV)eVCKU#8)T#xfUtg70iyc96c@U%?;
z2S)f@7qt)Y5tF|};5nl)Ya|Z<ZLTeM&k1Un!-VVM%i`a9V>=;}H0Hs|lIkW@^B1dZ
zvpa#fsboC$Aw@Z>Bx><ZVU}$lua`-&u<XGJT1&SX&D$}>4pnS=`pgznw|Wp*rqs?G
zs@f`rBzK|4)bRB}HU5ro1_!nMUYf7nO{f&eJ7xHG>&<o5^|-&bqV|(qTMurk>a?O2
zHmXexyC=}2AnsIf7J@DybpB>T?gD>`itR(J@R&Wn5Uwt59C@V^@K(PLE>|RQjK<01
z*tmM^*p}F+i91==l1xu_xS3LdK>^@3kBXdj+!}$zP$k6uK6t=pZ+JvBbKw#&3%_0?
zmgCpjgV|NSR5ADNO;2c#dEvreaWX~@hO6)HzwR|)?Sm7+i(!>1xRG+=#9JOu{_7Vv
z9k0)?f=_h-k&@$h4S9L?i4Ro?^`dlnVM0v_sy}1N5@v+BXpML4f|-dxFT9BWTcC2c
zDxvp0(1=ZRnq-IwRS4jJj2Iuu%W@$p*4llijn7tt#wYY?VwXSH`%o04Kle<(mFE{P
ze*$;G7Qd)Tk6@~@KBoC&>#;k~hepYf?7P!sw(~i;u&_V)97SrxGi$q;t@|+*a^b_-
zUvSL~0D=F4u7<5H02)O9IUzi9P<HN-fK>^wn9#ZI6S*l~Y(vptv1#wPsB*~W`<87u
zR+|TBdP3$CfMvJ~)m_Odzk@BT$MGvsg1s!dZQoe|IV;1l1-jhrzrKy5QhVyOD_)$W
zkQgqK@~ooWxF7<UaZ0qB^v<Sua1U!Vn^lR|3<<A`(^eOqT5&EMZS4+tC_(+B3hpRn
z$hhU{e4(b~Ma1O&n{$t@rUmt{>EsHRLeU-WkP|1Ne{`&cTI#YA!!HkO#QX2*287mV
zFNln*N(%0B2{CJr-b|BbVWS8}nXnhLczYUbXaBhsaSg|^3fS>mr4x)^m@QA%fxM1w
z(Vr4aCx-_nB2Ts%5+W=9bAwU^eiXahJ3~MJGYDL(N3ep3$8+?5b~WXCWBGFUm+=kg
zv`d&Q^vP{THc}Fn4pC7(Ga-d>ypYegj4?~Gp29U!2e7F|C32j`!36ZpjdE&)-T=qN
zW_hd<JG3%r5omPnij9P`(~DH}-HG;^r6hGf&1am9pfOA8@1C|KQ+x}1S=Tn%GBYG9
z#Zh7|JIhP*Rr!b}<!Y6`gGVvhBc;0gAnaoM;a>Ly^y18fGOA{=VtR1KUqy$WQ?-*)
zJyve3>)+}HoBr6Ra(zM7Wj*zB%Fu^kUZzLlUP)%QFCpBpD~mS+HC%c<&EE)j1Y%N;
z*6FuVIx1F$S5Hz{o>}K=BK@@9VWZ~z$<=P{S_Oie3%yPPejGZvurT}mOx>E09X9iW
zqh;tw#+P;INOCoZ&mI(c9yr<Wr|M;DaFHx!Xnx#wC3ht0y31qW9Q^0!v7%u_Pcw17
ztMO8Me}WxETkXYwI*UuL!O88sZe#z<EWO+#rG!Ca;cQ23`*2={(d*I-qPWwsDLyn4
z<u@J8GN_?7l#^1u*`u0KXHtmaAXI4M{LCz~)P>;{mq8H|@Q|#(40Y7nIVj98oK`Yd
zttvUkr6h=vFXvo2zdTLtNws-EKcGKWx>PEh@MvdJuOc872J=UCh0E`yYVUb^WgyA{
z&mB2TJFilE`TJ2lysf4OVG%B9olplYKA0JP`NNh1KG;f>8ijLLS!M7rx5Zg5^sJE}
z)t<E%8||XY!OknIhx2S$Jbf`^=76csV`GfNqp_|iVfD1UOs`WhYI177B@}T6q-_{d
zjZ9;0aJOJpc@s|a(6;j7X~KvkD@vV_KU(R+yf}VMjM7PWvJwoIL+Mm@D2vK=wrwHv
zvtOA8lvvYMddA9qko_Ay?>cOr7wE&4*{yP6p-5<9@3l(S5{7%saUr{1?SOI3P-Y-1
zLoDk>UoI<tNqwnGcTk3&R4898mTRVtjcAFTJE|j_+%TW+qE2q4rZdoJIMYS~moCb?
zC|rv52THQ%#DSf+kgK+z{$Xk}qVD8{_^z9e1qWR+iI*FG`3lWG=rlFC5JNnZayS65
z0c+#Hn0SRG37Sip8Q7DN-8?JN!M89|Gq=~6;1vA!8S90RRPAI$meWBxFg(#j)N#is
z2jrBI@^6>)a(0zW+|_VD&y!bQ=npqv>>#ur%ra&Z1K+2|6?m$+9AQl>W0e#Iqjc7z
zvSM{Q-K{lW7H%u>?-$f(QX5ScTrOBFj~%U|Qg<|Lc+`@inU@~YGC?J$N3cKcFL~K9
zVyP@f<C{7`YY>dywj#auimvQxx54no*T?1=*`p3|=`wvmK8xeJLFi35r}RLI66>~d
z@$<O#o><cSK@rQ5B8me56wUHePFq&MV*lAoE*h2)_nRxHn0G-QzAyZlgd$~sQrWoU
z4yIF05Oobgco4?3(#9^?Cf<Za@7BopI@r~A*jdaoP}EZAtud-FL3$xIAP-6i6A#u|
zXthlqY^kYi%6B;KTpd}#(I3?<c8Wk&j@A%S9}`Rc9IrnPQm-ms_O<A=@$Y;vnc3Qv
z9rPEHBgw*6q@FJb36+m{3{LaUSR9VLiaMb$+=r=i<O{7>RM<ciQ3ItMGytI?C>D_K
z4?h?OVUs{`Pyv8>G~Hw8(TVT%LBd<^#_PqoszdWlaL<}Z3-_O?h9_Iw1gm_yAINCi
zc3d%eEVCwvLH7SW_@y~Bdz3KsAUT2xhNNenGjx52+(<Jzc|uSr`4d*-*=Qw|X3A?M
z#Zl515pT3I%e@UQv>X9lJa=usi8LMM5Vv_ImGzkI>!R(f#ZN%%mZ_`v?>wQ5-_#_+
z2LoPs^)tDhk8U_hf#4R{xD7mUe{|WBd7YgG@wqo_fm80?!8hRmtWR?n8yD3$nCmt(
z*}N?roHMU$3@C9EZ=IAkcwB6p;nJQ@jreN49WC4;TWq^vH~>aAhM2@CN6-&E<O*(X
zl+RzXNxuoI<P;lWs>8B&WH|n^yLc?O)2-?JIGH~b`1(QLs!HCdE{hkwO|h8lrhEDH
z#1Vo=iczIE8Bx+m%|YBDQC|po(-`FmCDU!qF98)TgDS8_`Q>F$gLIs>XgP$nVpvt|
zO$S1nHXPwR&nduhx_z*q@PR)Vay!og3ITgai~lylQ|=4Y!u>?6e*a=ipeTilp9e<h
z<7+ta+Ao1so@Tt+#$mr>xJ_LJ>V0^#%$ZJ&sRl8r7u?+Tpeh8iwOZ%v>U`M3h+R6}
zey7+ucWGL^6)V&~OmC`OI^Dj@7rnSs%gQrR$JgkYT-ejz$o9*J+wBPl9O6_IE&GWk
zcb+tazB|#(cCr%$F1Z@BwOFk)oW5IDl)Jk*f&kxc@N)j<vX^Ei)Mc8BmwK8=lOF?V
z%mnovj}Bw1U4`c8S+qH|zd5~PpDVv>4QqKuUDeih(Ei*O8$;2kl+>Rk)k{`%b`4Kx
z0cz~&xxVY-bTv!yb%gcT#DF&!aQsC~Fp~L(<W-LRnYhj<<-W@`-(JhTb)vX3Uu0jQ
zN8}=(vO*?Iu8gHuTBZ)URyEOYYy0tLr+b;9>L*FQaivU->FZ|Dh0_^6=vnL)uXD4d
zm9S{7LnXchsv7HYerN3l`!X}foLkif=Z7Tsgc>XicsQrn(U5^T_0-N;KbP}0!Cke)
zLCN%UWbXqsl^(wmr0!)}Gz%JnT~h>es}!VCsk+uEMX96-A@6nIjJs)UuD?bOSZ>aT
zgtyqh^1N4n8{P4dS}>5xI;vB?DB4rUWnTzf9@3yQeeTDH_GkCjt^Ef%QZic^ll}8G
zSgnGuA!*!k>ckA`>#52$*c@yP4BdSx<2hpEE-p*6Bd~Dk7!vpObbOYx)rlF8xvy)*
z?!y@`To^*#o@6i6*b}u@l#bJgiOu|>x|5umR|*{oq|0+&EbHC0Tl<+al%HFH9`pqx
zQA1ZeyHO@N4O{(uSLlF=sY_2Y-!@s8#y^^0L$c0IGz{%2+*SVS0WI?D@|jcV5g-C0
zM_JOK$|X@FTznLXeR+qODE;`g&dPZ)#${pBgf*nAgPzEm=T6sHsRJ2l&dF92*4?0D
zWn1IwOP4>!IwliFEB2kLEUgl@^iUSdzydyyyu`JYU@nV|tJ^|@V2jIA7V24g6D{Gs
z{l!M?=|F*Df-PTKC*4Nd84=LxE|oabN-lSDj)#@^qEHKni}g3M6^U^(-S0L2{*sS@
z63v+>J>y`qSHF*hf1M@Uoi|cD*~0Q&(HBh@_%oCRPvf&g>Ti{DOS%GuP=6KArjfj)
z)~zD~E|s8`<~U@#rZ91b{`h&xR0oMo?PDx~o|FECR%f4hBE01I+~7~s??^I9(kOl0
zc-0*=G;3RvYCqgreOsu!-WUZuGD5lf4#q}KiS85>RT+L32`qF+nI@&6w7Eh9m!YPb
z>PT)y_}}N+ZNp|nd(zT+ES7FG=4Dy9^g6TV8g4ZX7q}UWjcw5%dJz4$by6oJ{&|nu
zuF|D#ma6JZM4B6-$4tJjc`?t-fq%NaDH3yNp;gs$dA?}+?MBYuBLzOm86lu2e=nP$
z*~mNZ^xpNttFZi~>G~bpGa?wzSe`+gqeCy}D1uf-#U}XMMibch-exiT9J4h01<CsI
z)6(3Uo2;7okjmICxBdM7oSE9A^6BTpp)GT)m-3m;HBj}1TUOdCVkB2=snB)J8y)C{
z;!N8Gb(bNOQC`+jHLCNqf(-wKehw&Sa-6Aig-=qL&`pmSo2IFXa=?_u_Smf-eJ>RF
zr5KOFDfJ2I8Xt<&ELz8CEW??;uYI-|9?|E|+F#|bS>)d{!lhfurjjG-GA&a*hJ22v
zMKF*oS-R0#&I@;jKS8w0IY<Q0rip=7ULhGl!$d5Va2-^yzF*?>t%`V_9?*hdafmG1
zEm?p2zEa2jKbTiPPwkfKh?1sSWpy`-jbH95g*{Ai{Cu=hKp~O?`u8HZ_-93B^LL3@
zd2Z1;1v+WLFwC8)le$fPp<V4DyVq7M5YXzy#>hboueX~G4`jChQ9wD!rBt1J)FOhO
z6X73t5$1iG6B)?uKn~_6yBc?>M!Zhrz@2fI$PbaTN^3a0_7SZNVzuJeH@>^ovVT?y
zHX}jHj{{YkBv4=w7g1Yls?$-HyF;8rR%feoRorf|-IGpbzQiHvJza}qm|V%1d^)-n
z>Oin_v{BLw>3z2AaPLdXVi2`CL3Jd9_`aR;$8JYm=d$W~mRRzjOG$+8Wvb#eLeH2!
zsp+|KTYc4pim^-E(v38EC8<sls5r6XEET_mC7oa{gr)RXhjlRRYY=@Hm<1_ap}5Qo
z$qdqV(l}~)+O%jyWN3t&g@Oa@_~ZHlQR$GmRKX`w+TxctUgzqz{N3`{euL?0fFF0H
zu?W5P3z*A6R6+~tw^6%X|6aq<u=X{qVm)<zWcRGv!24}!{?H2FOif{3;G!Qw=;|Ep
zvdHi=?JiW6rYkSOwR>r<SQSsE4Z*uAEWDNJ`TAi)0odtO>EKx50uR@{LgrIWW)YAn
z6(cPyyrYHvw6IbBpp0_}^MSwy%#)yGg`0UvwsZ7%qaA)!|8~xWu|cWCG!ONW-O~P5
z<&mKw?dPv3wR?<Skd*apsJvSsI?ldR#VI`3`<o7q>HP=fm%17`*;n5NYg)Qn`-s*;
z8_5;x8nR|K5doG`;tf}9h9+TLb{)alp$63;ZT`1K&&9au*m&+$n*}JexRPK|r*M~d
zjS1`rJB`o#WPP3Qb%pZUu8i<Qo0Zrde3O9J>R(pRr>KuF2Tt0w=nkd^B6r&Wn=@{@
zW(`4&`bl2~MH5zisL=5IW4(=iwOPnP`6xjyj90KDy1FSP3aL9aG)t(ebPBfJjZ+28
zi-jl~q_wGODfJOCK-X8OnswQJzORyXS0KxE$_7g=CGec4Wuc0|plZUYqEKwdk~ZVg
zLn8djmK(qvGogxnBMHc3uUV+ZT|s7s9#>-ZES1kl-`E;+GwJ$@<$S1kdGTHZ#XOX0
z>tE&RQaLCPqcWvh)Mw;ez`7e&Zoun$02zjkM?DVTRpi+e=4}sraN)z^D59W3W8rG<
z;=A_&i*R*y87+CAP9<2Y=jgiu8v)pUp<RJ@mh;=GKF~nd#ZOSf!ewSqh-%z3{SWr6
z=hvkUK*Jdou&UFhnYMD7j?u^yjW36Pb%Gk9MtU^@O-F{NS(?R4wsh%qy{Mk)t0oJ|
zCr8T=3`F>`LaC%e^`)7Qtr7e-_TkehqSJFtM94yNL@S5~ny#sWwS~ik{7l<>`kxuB
zzu2ABVPr&-)N-eQB_svXOWAsJe~OHBVWYAs>fEpv9h3L_JO70NZDzQq?$olbDck2`
zcv>R4JLrY#ROyplK!{=@nE|FvB}+uIXMkmcN(J=>3QSR;X-!H%eY6WRhiUtl5B{@S
zeqAA4ofv^RbCeM@zcO+;j;t!bD1cKyl(2C6s&Em8>?fek_09C>B{f(sdsTjjC3m#S
zz2JwYo^vVXY6E|YAdLSZPiJ~uMHt{>+7-ZWraFdjH-}U&woQZ6u!@eY>Ql7}%0U=M
zkDHWH(fwjH#sA?PWmXB%o_j~N8fCFKZrQ5r+0oDtxQJwV60~&K@~c9fZH<IwcPKju
zbX7vJ(KBDdSOsfL%m^Dff<vo}XF3b~u{&T@Z%qZx$=cVdkh&iwme5j7-4&zl`TKj9
zu<BVtmKJMTj3c9>jihvxGPliXbYFB}1ZQYb+SdEA`>k3&&)Ksa37rj5kBDxD@mE9A
zu#V)w?fx~7BR#!L>k1Ri2~4o&;pHwhEj580i3JJfR$HfYhz0~;n{)yX<`3g?ym|~-
zm6TVk4-OtRQ3PgrwRh`oPBx4gMvr1W01mvk6O3k=#CCswe-`;nN=ZWtOepEr2tu&c
zk(?f~azAOhC6K>nBek9g>v|^VXg5yw^w(u4u#?<tP=72oZ|M6dybE<&_*1!X?|`6(
zvVaOXvG~r*79ckb&W=MT!|Xr*8G@MdL{>MUK4b<iCfO#p3SFl>Gx<kTvV@jSIle^T
zNx?_>lRhEG#)-v|i-~2FTQdDN#Wn2v8p6{+w;ilb{M0s`Ke1dBiFzTyQu9O$!$T^o
zy?ze;7!I6=O~dcbA98;W%6d3U9{CUhDr{8qI<dt=>;BJuaaY(wtup_(;;cB?B?Fm`
zMve;RsTV{g(KG@+zAWVwfDn|lf=c`GnGOGp)I)u<wnD>qJg#MWbiiCSYrkrwWJer%
zfg4D#&Ry4(Epk8DWOw`51oIYIw;ikc9kPDE%z4dv?CEPikL2uRsmo-XGeRK^Gc)H`
zd{?c-ascDr&k0Zgl?5FsBF4HDCJdCl2?6Yz=<}j75}oe<#ee16%M&@v=X;`OfRjVJ
z-!&t!E4pfaM+|>z9eqRX{F5cPva!)jC<|J%A7TnW^?4Rl<gqj?FDl=XX5$d2+};K5
z0EP%@4g=pBv+ni26`S`l+xbcZlvAS^!R*sdYLMzGtG>d<P^{<~=M%>KMZOc;u}TwU
zzv+Tfgnwm#C`&ps&pFW9a4jy9#8QRlJ6wtv6<7S}l_)Wc1t=ZfKxb)WRRc&(Xp!)h
zCv@HSITf7Xzwknv=NBl4YVClY@#|_ZTix#*WtH_u*KQpKuKHra7==s<Bo{=?1cfMx
z8AWkRxkK&LaYqCEuJWD=7Ce&>vG{?S<$N!?Gl(kCZ$3~MTnP*RL;^v(jodvkEI6kl
zpQR`&-~`g1&qsp-B{qAyXf%5e>Yv~M=Wx+bCGZmC<IQHC=iECe(jI<E9u=}lt6u-M
z$1XYTIDu)kU}z8hS`G~oQ<wUpyTJMY9{a2BUQC@)P@y?R<W24qEHkM+nFL4OD`*VW
z-_cAxt;iT}=7i|vrDTZLuFl!Ns#B(B^5)!GPcH`Iv1k|*v1Ndl7MAi@wbpL$T590T
zFdYcBGK;Xnug9iZSB#68t+a(9yF0B=z#3?jaoP*nc-PCpZ=Fbwt71DtSd1(E@Ru|d
zSexe&BdtfiHsbcvK4y_m=4kMYD6hqjBW$!XoKz;K8L87u!bW;c9k#6cL<E%-yUIZz
zpBBaM0TMy3QB2=H@DTW6qAu&bdb-Uvxu`Qg2152>O1ixf{aeIq6*i<D9mNL?0S|`y
z0R3TWWl<!r(G#tF;?RYSxav*i`?~;Ir)qr7Fo;-weW0VQK7QgAox1csCqcg#JIOLD
zJVbY9noF%-Oz04fjPvv-@-vs_pimINL4`J(&!HgU4I((&0wQm#ovXp4|DnhI_rnXl
z(+mx-wx^|_7#kX>#J*I!F?)2#Ek!N$<UdapGnGr`O<bixQ6FdT6tY#-g;zd+dNd>L
zob3Hu>`0=m#w5xy0=NuGN)M?#A9FRX>iG1I@oHegHCBts7#m$M-Z-o!Z{Uh{gBiCN
zEsb&l`lA*wauH0R>vmi~D6G}jzDt;sv^l(|>*rtB>Km;@7L}`9K<Fd*x3#9~rG0gi
zMdyuI;-o-}_g#<he<xU7X<+b1|D)Q%`WB!qvd7(@tC)Q4A_!!7_kVji-vlob48==R
z+lJwAcNKUr@apZC$G(N%0I6Vo{#&^YrNoqg1b9WX;Y(K-1L0V_a`oD-y=!~cr2gvR
z^J|%vaBl?M-cTc~xs(gvLAdu_N^l|pM1oC!Ez?S0oGc8*@^%1P9}UKs{r(B}hd^v#
zY8RAbZIe%I%=|saV3O$BA#{6O+Eh9U!pe|uE6LZevbV!Qzlkj$swW=VCdSR%2l}9R
zXi<Ru22>yM?}yu)ddMT<K$$pvDBz2lQ5R}h-W0`Z0Wo<6>H%tjy+4LpYE6KBi|c_L
zb-6uV0guH4a?_3kT<m1dWup^K6O5ntF4toy*DW*7gO)06(Rfq(M&qqWGmvb{)mSM<
z40&DiMaH({iDs)oS$MjZkImeR>hfso5zB?oAYubtp+yFu5GV^M^^`VlQ+X~Y4-70(
zk)uE%e*q1EYR^UGEW`UKJTOP-3j3->Wtc^EokX+mODX1fE!qK)V-!C30u;@)ZuN1v
z>F39{{wBJv4WmQ(p;qkP4tpJEPL7p&h8|ZGR*w8K8&(ya5)Ew86gnu@cK9~!ld(h4
zuS|_!MN0R%7eE(glYslpZo)N8q=LHrQ{9OfgcgweY5&nRbmNJ5y}~jN)SeR6ShgM9
zlIVxxhtb0)AH?`b1}a!)I*EkyH{F27lUrxG8aI+k#~XbMRC^x79aWdU_Dsh9>$QQ*
zDn~cv6k7UrusCt(>2HcMBU@t4(E^1-RT|#cFuJv;C$*e;?X227uT>Sm7JNVU;p?Du
zH2`rFk#?E%1_(TW7-qE%Kr*Fbi;%w8Fql8Oa(!YQ*Wi#$$~2xJS9|!6E``a|MvwxG
zYo2*RUh_2y8#8rc!?t1AG2HBL+})cJHji$wdk=)4H5Ef8S{r)Sx&U!$=EH$`dXb8Q
zl<Sr&&F<3I{H~R({<iXgw}F3qo8*0hVf$u_O08bTT7xo^RzG1`5Z&-SEaeiTyaJL2
zqszs76C#1>qy{t^ojW_sQ0@2%-_*Z7i@m*8myB4V1xfin{9X)oAN9Gt3x<k&-~GdY
zR0SfDBCE@q&eEg4#9Vy4!g8fX$l_>o;AN;0GkNdIfIk!>4m2WTSDO`HrW6}a<~z3G
z)pBgc8dg3~+qG}4zD4lH;EIrp*BBM&yw<*g_HX;kdP}DAAqQU+#K!20O3AHd2&L>p
zKfSU`g3E}WKcGNsS!uZP2JHLlHW&vKQBSQl1j9IA@3mbQGlv^PlzCsix)sA1FNY^Q
z!IRaSXTAvIzlg%tIG?<#`2Elw`_$^P;vg-fIvf}sB1xEE+TpVg70e61%n;7c$pjB)
zpRa<nTA)t0znfqz2%GzA#X(59`7{2UT79qjOPK6Z3w~O0naA7)+>^sS8G;H+%wRVL
zl=S;j$lLk{O`53Rzf|uA5<{DWuaExD=ZnHE^3axpJ`#_bBMS~m;V#0e+KIcpd1CH4
z@!AD)pe{3QT2zINkE_14n@ZgFMd1dn7AC5ZW7r4klskNrFg|8KE!Ic$z3;dxWwYAT
z>$o<votAOl!~ZZ|AXPh^G-h6*->iN4z^X1gAibo{j<gpF!1Q+5oXk?-+R#eg=%Eo(
z+joM!1_#PCTgyH{&I~0P^G7UMKwI)l?AM{?+GNTM;k*C_o!&%8RGwty<5b$Vo~j$~
zTyV`+lw2#t&epYdMx_~V=X1r$A)NK@B89(5^(ayweyKC;{OjMfA3<ezj%V$=OS>t=
zM8rYS?TdWu*)iE^xX+ESjfShgDMC3<zYVEy^VK*_&lVL?`On5+`kxZhkJQ|{gGEal
z@uVE`=}!xy(!(q?z0akXG;yD^2-)kEhM+xPjRO@?Jw%ll?cL+GD4as93j%|w2MbNz
z+KZm8na(0?msH&wkVgQ#QIW@Rdq+jZ5eWUDbOEUAieLYAL#Ta}9MdH#xS9z>vYQIl
zb@}h<62+UmHfV!&E4ON1Jv5m+j(pn7AHFd?`NaD6V<05Hg|kQn2OJdsIE*_-JJ4f*
zXgCN-Q>&vZtgQkk1WEn1vR<1e09oRIs3`r`QJJ!fM@j|zi%2bc+{Ae8?&rkMYqx*b
zZo8g!$XP#PNx$JL(n>ws(`AtRbN<@5BA3&_%~haS9tZjHr&`y2M;~3`z63Rk-*H7{
z$v3-QTQ>i!l>mC8yKS?t4@7&tEXa%*{XQkuV{XYFPQYO56oykb`%2$1|2!uWjn1%J
zv9I?Z=n;g+SfqaNmXp3>-i4U{^cGYzSF+w-Azqtndb9$+wQC50Nr2o{U)la^ALCz3
zwDkvr<y^HMEQ&{ci8tKZpOM9zR&Tl>?Q8x{tBxKFmLiBR5YH3A8dwY}ivLT;-1etr
zYNJ9|HwcOlJzi)*(&)ETAyHluWuV)BSY?qJ5S7}`-!&<l?4|WD%Q;@hnSa2G*A40J
z@JC4;g*r48iN6>s0Z&tBx5_Ri>EU;u%q2|8b=nmlBGAL%a5LGkZF|xDX5YgDbPp#v
z$1FN9Ph6M3$IfG)8HT^xq*F)Vq~m;eaMk)8d=j1Z&WHQi1}xV<Dm{Pe-n*gsid+?6
z%Jo;hbxvsk^;n4V4-)W~!MFEp3f^^8C*vAs&2F(D-{1#P`IW8F{}Po`<Ly@C48+N+
zi+WcC`!QS3Tv)aJr>nM*?(bR{k?hPSUw%cB26^ncVmX4@^e$-S>)^Lx-IZ<wzx|Jl
z!0(pQf1m&H@7qa(Oo-Uy2;*<_8r*d4j|o@rf)rF7ioPdNL1Hq$3opQz{)+_fn>q|6
zrDX11IS7KP-mTxe?*B7G`2T4e{P<2Wzr*{?Ws)}vgS{$eQ>m2rAoN{FR2ha!(+pA7
zT<ELxHTIi+aNoTxo^^LG`9idd%LPf}5Me3OFr?@aiYiZOMImh}XK(9Ms$Vs5C&I2E
zxo-N2j%1{n?&5<K*59ZoD~4aj{??4p_orEp;7}XNMk)2i8drv;27KP0B{dVOywvJc
zB}zZtYx&KbgUrUR3r#eRT(Dw2QqOd<;Pa(db-h^1<x=FMgU;v<v^OSU`JC4pWVzN~
zoA@TWi!*tNLB%g}5=R`-7y^S>L>}nS=-SS$HnmV|jGXHT<mQOBOgoE}oQ$JVVdYK>
z4=t0id=D3;v@t8m=*4IlJD#ro(6&&hFB}i#vOJTl$PpHm0aKGrbkyT&uZ21E^24i@
zBX<Ko$)H>)ntd0Hrn^&~k>`V}@N0YSW+8{qvCONyfkH5bb#moZ?ncdEmC^eljvmP-
zeUp^wrsm8IwXeM&($&+92a{NsxG^idQ#iv?t*9QisgCEfAPWqqn3AJET!4^nZ8W!N
zMP;&%vnJga)Gf>PyT@No&w&0A9E!@CP9=~_eT7eBPqESZYWjKUi20i=3L`WT2^%YY
zZ=;{coM&Q3HG^^#ZyLjwS@&6{<O8hZDB-PAezVZg!f2*G@Fe58uW^uYy1H3i6}p&3
zrF6HVPA;Nl;LZ*jm8MKy+8}kxxDxLx?3PL-80}SU@3U*MGe8+nOzRG{k_w!{X!4Ys
zbSE4C^s2Cz<;~P4KhUk!u34psyc5>!{&Q;jOGSY#`)!lCLru!Cv3LrtM>Sdyy_A^J
zF18)!=MWS1eXJl^^>8^Wi<+l9T&DXK32S>IE42MoU%jqouoE?-QEru-2eLA#yk|vZ
zMpG%@e<_ilg-6&|VRW&I4$1tZNCt<UD8Kx<D6q5lM&^Qwdia!JF3?NplICSpHcD8U
zhehSPKw<(;|Iong+6Q}V4Rw+oC!U8ByQ-@}-B;?liLuQw&R2YNxi1GP0gC+UWw-fd
z4P+sh89hZ%xeR{X^vuI;3C2@Jf!u4nN<V)?Hi{~4TwR<Pzm4ocI!VRA0+F1MDzvAX
zpugI<MNP+m_z6iR;+twFX|EDAss4BR^Nd5GfoF6D?TX-u1*NaD0%u;$RLp%O>m*a7
zh1aL??ll)$UU)Hdkf1g*MZ9shtp)FuJOv>IfZ18ds__J4b;YRh7lHL~xaw}tLgv9a
zADu#WK=*@%meLf1=NIa{VSz3>QE#t7Bf@h_UikQx5_+ABc>`$5?@<09y6gwCrVQV=
zK{i$F(!drevdz84X(@{JLWiZ_%%nBAwz}ZnxSh|GPlW@fH>&ZaMrC+m74@dDJrbLc
zJXeT>=OT|ScF-+>W~SgY$ct(z3ZK2WvY6gAm!_*eRCKa!$ug{RLX5m(72kYF{iFoq
z;BS2rtra?2N7|PII}>Uy)C3Jwm(Guiq4)M7F6+8Z7*gaS49X0a7*&Z9+xi>?!F9j~
z+2{c(kT|2f?wnuXFV4Q2u&3-s+2ak^853%7J=clSM$Ihe%qr%3*vFkd=*EdfMCIq$
zDhknY!m+}ItonO+&vBMm9uyRX9ITyAHPk*RU3h;XiEC+0Zc=kZd&=Qp_Jo}TyVV%z
zl68uew)zrz?yqSAHgf(WvM0x2h9Q<{n9H<Qs~If_e3kU9sVkIwp45EZHc38eQJ+<h
z^g%OSNS_zu<j&5!EH5|pl!f*^R(UaJ$*P~h9@t3eBKYcKvi5O1fL^xSowt`YYpf!`
zwIbaYYklUS2L3$&MTxAxronztMu8FF7ee~r=;@BrorRQZx-#f8HBwF@CevQBOC#$N
zC~q|tT#*s!t`*&bmUrpnwM9|n(#)Nwuf6i;kBPIC$!4Ds!fD!GK}Gen?xN)Ufh7aa
z2@Us;yIHBm&UP(TJ{hHr{%I<HNd#n8l~5zkmj@<wLz!=8i6wGeQ(N6i2DOmT;!-_o
zK`JOJS=z%QO(2^;PBkB1I3U{_6;L@^;6qJU(oZH4!Y+a|>Fx6C5zXJWy}S21DMRW<
zo>tH4I->Dx<~g<HS8rK9jk~RkK3{dG1V9a+rH6ynsi0?EEy2jen8fsBqqBt3E=sZ!
z(7xFM&*XRqc!Du9r?kfuYU5HKpfnR5WK-$tZ&=gWzM#D1+d2KDpdu=e5l!H4Gj35v
zy%>sB#1q2@x002-#O71<{qcw2F&H^4;zmnV9kuZuL1$c|3|`BvN-&O9LCxKrqYkyh
z)kFL7mwGWW%hl;+p9g)XujwSwNAd49+OrIz2-Br#@^jzPu$mU$*gDpD`112Kl(nv~
zaWPSo3To@UFIAl@E)8Mu7O_g|5xkFr!f2P4EM~Su4<33Uvnoti#adBrsI@9;N>LRy
z<EI1Nvf00=G@3CMBa?*5^K((?M>KZX11R9#?JIuj@RvN;()GS`0v1$CJ+3-9OQVbk
z6pew6qsED4(P4qQ1H!0+$jL#da^CV3O#}6IV={4RsIcHDM<Jp~B@J71saM0Mr`nfn
zdOpQAi9t{}Us;6LVLVrnHFv&<-_e8S%Lv{3u*C;;R37$JmpGx{`Pmy}VFnoY{8h_P
z4;xcpgfYisnWpAyn(eDOJ^dFlbqyOr(T>;xBXfq|&=3rN*SoCSqX(VR*_h(&A2Hpy
zV{1ZRptG)`VQaVtBbwxWAq`KZS@!!)4OUObf#9%4L8rE*ef4?+hIgU5*T7t9P>aJd
zvEtX+a?j+@<(UE2ZfqZB&}S87*iU+!s?EX|m)JY^q2@GOPz>l^AaFe<iTpPQrf-&v
zfNWRQ_FQviS$K7T;rhpLX+;YaaD27t^uyJy7n%QasMopKat}uVR{+s}$Uu(_7OQyH
zYai@E8No<fU}yUNTdnv|<EOg>JcZAnFISE$%7gNDU`)3Y)GS95J>roBG<TXOBj<82
zs&1(Bxhx8KX|YZHOv*nydPw-dM=#;%LzWLY)pkB&Ns&UWu-|ezDtNw?sz?q$k+RSm
znrK-a%uRmG`L~sHo<xn3Nq%S)9avd}aDvK_iqm;@*rYN_H!KH}c|JG9OTZE6(v$SJ
zq0(je{1TY3nR7qttA$b1#D-pUshmt}Onj)GVlTN!*GXd1@*7=(&+88LpbbYBn?KLP
zLKcuv<t$zw;+Yv30VKi8aNo3(<7#wfaHx_cc;&g*%z_UAgav!fdq=80)Hpj`uj=$t
zF;pAHn}@MeG^z7FzUQ<Z3a!k-Tt#kQq7)?76XaXK{v$ooUu<8k>(}gu$0wUJ!IB>M
zcE2dI5hhq(1c%jF5E!_Q2gklZK<`L)gp=@2kyEcg9LPUks5yU^_xoFK;CPmWLqj6Q
zm8p*X5f^kh8K(Ya#uL}9sP?vp$Lc`%dECBD2M(klM4zf)L`=vP8)e6d>E6<}A8X2r
zE3;L+HqE~eY|ug-m;o&)93u>Oo#)~Vj$mu>D2KYSNnMWGs;-htebwCL*(OrS;IfVL
zYTR{vw*rhz5SkzxmFJauEG-`oj|UF!XD3>b`S`%zlSXz%i28h1DQ`(E=KTZrr@NF{
zkCYlMbYoY?ezQjnhe1Xq_S)|yAf57p>dR-(UX&kPeb>-jIdE^=$33|7VL$>&0pSk-
zofnD<*$>jd>z9Ifgbm;Q)op!+$||SNq=(ej)~c#e<jZp~VP0oWm0kD8;kINGHo8zS
z(ZIUVk1p+zO*j~55cNS7JJ-L(x7VSChiXJy!F#aPgVO5Cj%Y5W)p!vfc)}sXuz&=k
z{|rD=0&A9-yis<#RfsZNkMp-i(9@j{99vZD`glDei>(G<#Q(UEn3I{+HCa2`vjq$d
z`RbhBaJ~eqO}RxK&7XR`|LOpKL4D#g8Z1vI4eoD(ta<pz<=zBftQ2#O<=KH`QL2Uh
z*oC<@COQ8o&ST^rCLi0P{Z@501h6DZUu|=|KsdE6W?jq_@Ms87^W*D`3V1C-q3j<Y
zwGL`sIH<JkH_VNS&4ow)+PC}*KuY3=(B1Lbemh4!uA6o(cd9s)m870v{_@#N+wpW+
z(qW9p-sGc7tDIN=w%1y$VC^q^&s;yYd*c?k#O-Bv#E_YWxaM0kwL@#Lc?pA&?51?!
zgh>xNqC1n>s&k?tR-%3QeGURVmi>a1oWb^UTip^SbWazx7&hG4Vf=1hr#k!oc)DCr
zEOT1ditREi;jB&WxpOARkZ9+wM)0oVbm|zldq(uV%QBk0o590puED%!u)QC3hB=B!
z+Q+-w)%Bf}vu0|yPG^lEYph+X?NRYhe#&d8`QR)oU(GLOKiqZ1q(!dy+#t3?Vh8e|
zN{ux=6){(***$Y_0f0g*)&||X)RNSs`%pJjgMD_$>Go~h(f*YPNz8$1z=N=34($-7
z9AVTgL895)W|>$mkV2dzWxV{(JL^=VF#XbBYKz@?4Xxw-eJ{?T!WT3rhGQh3BbP!7
zwFJlD<sC1=n*L0A#1U(;?TGBsFV?ggo0U|)%v(Y?BwTheXvxMR{dLB}t(&U^pHg~W
zrG|O^)oBsuRJ1nE%a=~GU2`+oa3Vk7UQ953D^^NpV&r0c%4L$QU-UEkRrJ_=wTP4X
z6tuvl=lWWo1cK(t{ljP4!;pm`g65r_uRObFX1DN1WfBTF48!>snURleZH)>}qRth^
zUp-dr8GWuny}Snk`Ex_i_@$QYO+gm077S!oa%CU<>o?$vFGlzfWfef=qc*=`t=q}F
z+uiWyGDOAhTSpXkXbk<t{5!aKw$7%L--x=*h_#&?7mJ>1Z8ds-mF(LI>K9)iM=*kf
z)O=z{<Vo9QUfZ9}KIY_e<fSo9@A=l$NWrangC%1JR?2v7-2kt9J9*^T+|9M|I!bo*
zgM7j9)+R%&&g%l&&fA)E_|rOe*6z@#=}_;mPSk+W`<_-opJq$@^6Lxc<!t2C4Ii!d
z)fp1x_R_g#-iM%xFzU&O@~M35?&39iR|e>ZhYTW?11d;9oy;<_LL&hanosQKyErbO
zKJJDunu%3l+Y0b-?sb0FK{vBgTET`bos&PCbX21fY*ZH_i{%+Pep%IXihkNX4S)bY
zB~v{Jf&8_0Xcr~jbVp5)GGst@c|tBk_N(J!^FUuXS2YTxvDs+7$To@Vc3<@;F*$h~
zcOG!DOA#9(q=4DsbIK6?ut`@5d81yrh>Piuf*xpUT^xn!Vdt#J!q_o=QBj53@W>Nf
z8fHea^{{t)Rs}bn9Q`Dy(X3OoKP&&eXU{{2i-#je_v`s3c=DX}XWL%0=h#fF*Afj~
zE=Ztuex^j|MfzVmkD4@e-a$WS$$2-92p^E}`b>W~*L>&VXvx*|{H{Ni%BP+g@;>2a
z@o<#wTc}=pbW{HxQswwMQubPB-Kg>wLL;a5+?mfG_l$)h<3fCy&)HC<71j@Ry49HE
zB++9)ooBtJ)Oe+;%{Ncq9UzV>=XtfZ?C$QIeW2~XSk~8zcUC98a4F34?g&|MYYjiu
znSNIpG2j}Jnz<|7iYxepEORgJn0-HHIuu~H1nql1hT2_>wdCiXNOwzM3O)TISxom#
z`Jm5+h7&2R159i<eM(G*lLpm=<{<@l_-C%2*wveDJkk4XtmOo0wmYqR%5%m@coG#>
z^QtT)c7);>{T!|sTvX+X9Sq9#L>-Cfmn3!nFRHFPp6Y-9Ye=*cm091usR+rIRYG>+
z*jtXAV{`07$tXg@Ja+b(*0GLJX7)VCI1WkXu@4T8@%wbY_uj|-^^bgfj)Twp{eG?I
zSlYFaMnf~_w789+yL-GD{;>nULuwxzj2ZJWF@3WA@$u#!pdNy}r5;;;^pjQD@4rnl
z<tzTQZfOiz%)a$iU)EzIZsp%VV<}7NkJCiJT)Hp%V;BxH^4_ztN8?l`CYrtARfqI6
zY-*u^y4J7f{qv)x&gS@(=1%L(o|1S2j@vQV;MVaOUY1N;zlJenJju>`vx#258pFA)
z<gQ$BPOC4hU3#7&9b#_XQ0x_n%#O6lOZH-+_C+XBUEn(Rq_s&cj-wa6FaLd#>M?t@
zZDAwVFa2ou&e+km2!82NR&OuuzWIjIT`1{Fi|@VXfn)wTu-(d5r>9-|aBufa#8Ig=
z%lV9aTAOxXyy@gH9eWfof6OE&^GUJXYNw_Q^~7?>s!knk`xx&v2~A^*;F4PY_7tuR
zzXU879IMFKWUs5F>eMaoo;{x~sX2W|dr)bAo`Kky>EXB1yJ?cniP~}d+i7V{TylOj
zbK$ikVBai%QM@r@P6r|Xndv^$jg7Pw*-WtzQ3Q>!v*Q<d|F!#BIY_X`f95Ig*m@P{
zX@Kq_(b&9_>FWuG$m_$)_uANFp}<BvcuNz^a+5m>`#0M6zfHq;$N#sh_^-<sVgG%A
z|GDkP;(t&2|6EcY0(#B=`Q)FEuM2_B@BhEVq#ya;Ch>p1^0g-`=YO|9fK-#EZUgg#
z3fE&#S+*^i4sO4Qz4NJ<2avr_85<izPXUZp{0hIU=hGnO*l8zVC2`676-S)C{uTIw
zrI?r)$p+BVxyW{Cb#gC4^FI?m;O$-)+C0HxFqpAQx6FxPh6|vE9=Hdnc5Kocjwo#3
zFTZYC2Up0JEvLBjIY)z2CCK@sYTXr(3RB><XL<g&pZoe9_(=rId7i$Bx<J_4&&Rxq
zK_kH@-)V!nCCSK9aCZf?!WMYZrqcg^5p2HiCaN^QsFd~Tt+Hi=%ZPI)aM!%`|NEO?
zYBL;=u<QV44~*?=H)>K`Mx6%@AD#m4Q~Lk+%>Y6Qf8Brg<+JFxO9c><nKpU<8-IY$
zl$&3<xDWvhiR0u6U0pD@G+7R~x)<@k58%dM$<Kd&f6KBQ2!v;6>PcImx&8m|_!%Zn
zX<~ofQq<~91CxOXuJY=|P~K-QuGL0H$X8bRU~Mi;e@^#D^rmdJU_iN*NaaCo@SM?s
z{3JD8>F>$-qAq_`!9cWCkMs`FblyUcZXQ=H#Ike(_<jEUPggMV0)ItKB#W*pm@Lis
zbG1?Zw2yLmk-x+HhXuMX_VzD>a6ZUtg$tv94d<T%CCv)K2mW@LFviWsEl2+Kw9}{{
z4TS<(rQy03*yH7KW;!ozS;7LL7)=ObDeymU0|em(Ks+{;a{RAJAgl}lD@k#aWgGZ~
zUrzv<imPM4kw1)P_cdh$@1I;uEEBXAFYTC#D!zekNF=HvwsL-0wH8kMAU&;01t^Av
z9VcA2pZ)h+{~WSE9&Y&k>EBQ&)Idus`fz_v2?~g{Kp>ET?PW5VMZ8BIoME3q<_7aW
zVEmc7Hj2*|MpD$2+;Kg_=V*(>j1b-gWVk9b0`3s{tLNdZv7x;P1AKIpVQEcEK-48)
z`*5R#Ji(s&NoiMNZ))y7aocjH2tu~FJxZ?`oOLzw^7=xO*DqRZjhzwS^S!R8CXx`R
zYn%cXg|%~ny4cDqYJwEcECO8T=ZgQ<2v81Ksh&fVfl1|94f93b5#M8*NzY_6Hitcf
zfY=)VFoTx^m0yaH=YRqr50C>H=3_@pHAPZCYl-xKys5GzmQC3C6&)yP`9M9Eryn3Q
z8w+JI0QlCzw>Kw9JITq{T3T8b09E}`D{(0)5?9DWu{XbUQl%CE?sNZ0i9LXDgKNEI
zxlq9$qdQBJXzLob4xx;RbV~&Q?+yjrO=^}(JIi5IqvbKYmNg*TE8);_h3d8KzdMtJ
zDc)wjYLNwiDo*Wpb?^TvROSI`#=&CSrlk_5Q(PgU$KfisM-GQ(hf3`ln3kI5iT82O
zb)!U?pv`xEw4*%vOi?w=yx-O72J}}cURi>n8Mf)QVGo;QG(O*w)M^27m*)xM4BSZv
zL$}OIn(F^m(*N_Y;X~Gz?I#YFfvxwsbB65^6ExYWs~pTXwb%=93{x`3Sz#PA{9D=7
z_Kp`vu)bTN5R66ZcfJ~-O>CKq6%UhFY;UC$c~pAM>AH**f8TS~VIn;skM?D&FnHGB
z0DuJVF|8&f<J<_GT2IeBDLyE~dxUq8*^A!`Rt0A8TpjU^yOfhlj>5aA!Hr!La6W>c
z51XU4?)82Be1(zGpPScPwIub=Px{&*CC~w@7RN`4&bCO$J*+^k7kpW20~al|^hGh3
zqq~Oxh9WcsM~D0o&y$3A^R;IV%eC<_!Z)o_UB1w6PL{?R`B=_Pl-Eo*Xjkin%TNF>
zN~ey>vFZJ=O~pIi&u7yB3meJ8qJuq{(wG5iX?s}E;0K;>dst{VL&Vp?jk9aB%b{VV
z$)a)vMUv*i@GW_YJB~0CcIDw@-5j%k^%+$vU%?{(^26T#cFhaWz$M1qcuD4OWN?E*
zY46^gNgw6n_WHsz6oMNH@>I_sD1dc24s>ZdOz8hg(JM0x{81WK<J@-MGLBl;&wwok
zRJnDEJs_Wc;_$=>faJV^i<<HD)dXVu0oA%3LdMGJE5Cl*JwfN&<%_-?;Rc(D$GNMN
zgEQyjn0}?Y)jNgX)+z3Ppjx7h?*m|IW=(+U3=F;=ZC%bM?z1}KqHqK}qwQ-?xyoFU
zJDMYk4k3zdfCds3s4c0RrrRXo48_<;FfsK<Ty$=5N`M+*DBH=O^UB}zI?SBVG91AB
z44RO0`;Kyz6o26|bM6yds;pndR{hJ;5qMq~yX_J-+&DVQ*iK0l$>W~JuwYn1$p)ye
zyAxK`pE(T+Z8Y_U?M^^P7Y$W(s@clENGg<BU^CdP@pAb5ueYj)cc`a&FGu3Cvz~6X
zQ3(#dWofApkiR+>tfOhPVy|;x_91&A1tK}-Qr(IFD)w1ZAxk}w+wj-u;T`Q>qp2n$
z#9hjF(`UGT`K6HmlbR?aDWTjCw8u$;bN;ik!Unr}ma|2iRKk_jZ5fReIuRwyb*5))
zuq5lz6i?=ukD(B~h86M2vamz0z#?#oMSh%+=1Bqt%!;e9V>>}xLYHdd_#$CZKZa5T
zQ@$ySlO4Rg%HX)wuG&TliBaR03@O#o(OI^f(My%madL7($orSJ#__wIV;Ar{Tuv5K
zk)H6&5vl%t8CnBGY&~+N+i*c<FoY840|fh;?J;OVLPDNKhF4s@k)}ew_Ldd9p=40z
zwCYvM+)KCAUX2vnk{IHvgSFPQ`fdgb(@#U?)4;K#agW$YE{&JFt-%`mw1qrPkZi7(
zln)_C?%mp*7V!CSxnRV_{tJ24j^m#V#Uv9?e-;CQJmGzjV52v>g8sXkVfyB?HrW#M
zXcc-on0LcIspAOW$6c#^kNB1R`N}?uvXX@P^_?d#CZ;T7!6)$^y?|1SRY!TnAa!mj
zXqkdbdA0BYzXu8qx#F$OCgYe{LK}LcSgs0+inr8TQNBj}GVKT+A?gi(P5o`*Y6p4W
z(V>lR9a1cbc*3Ut)dgBTP%w)u?Wetu(bVsGD``e>C;&0{aQV0nM%>X#n0~-b&?3?t
z@0LZn6fDP>&Gc#;w?oP}nuTEB?T9Yp`RVok_4NkkBx0ciIa{W8Viw&o`~m%!q?+mX
zl0#X}&B1jix4M;m{ZCxzpU||+;F&@{jfBY{PC-Yb(78)-3g-k7>6i`U05ejs3^uap
zC>HllD$M4RllH5jFm*<%=tnMO{R%f=Kjsr?G7x47go&cZZ%>)h33793Ufuu|^{(PX
zVCzm&!@epY>OP5<`fC^fXhJK2Klja%V0P3FR6M>c%Y>tIv0O^JpKmf<3cs64h>c#D
zwR72YBCl@vz$ETiw)@Z}C$O=epv_lx7L29_zp07-tg(S74ioXty}i=C+8l`_q-`Xj
zExIzDKw~X|@-$$pyDk<|OESD`SN;ZQ&+1&!1LQffi}53juqPI6*k7yNojg=>-^f^v
z7G+pHP&At%`10Rt;6TJENkI0udzjqce)%#+UClfklddf`Gr@~|l!k}T<4Zv?O1+?z
zYQ?Kb`7Lzt=JO9(3<oV8>%x|h!ogqM%UPoaaj#m=qpmAQljNtC&vku@&rXp>B%06Y
zNp53H7Z-yP<cZcE{XbX5B^A_}l~4l_!k~`Sd3Xg>AG=~fp?k8p^hlaPFrty*;1I;z
z5nl`ua=PaHC9&-xL3;i}>Ym>?{tVtzHGwn#QT)X@y0EG?`qv%sE8A{4;_m>uPT6w2
z3!5j$M3~r7$@4AnAR;+0Du&z8!yNHht<@)pE+(VqVb9Z1MF5KDc){+a0CQA=f>M}f
z*QK0>SmpzdAPA`GsFRNM>J=;Trl?^oOP`yTz1W}qk`t~)f>5HuHA}!VFGjy|D1;Fi
zb5(pb!HV^NL6Vh!0=dI-VE@bH{7D8n1HNra386d)<k98KN9`)x5^t(Rm?TIA+WkqA
z5>gzswC3l6!IP)&NKjXQe7a?H+vJvrh)AyMMz75DSt`M?sTNywI{F9at4Ak*?W}rw
z`>EXg5a1hBp>E-6ml<-8ylOW2d{BVkqWzwBXjb(Iql3&yLU#%j1QO)Nes2(x?P}y8
z&tXpW19$Ycd|+2PI6l<H2)3u?YDoV^uJxPAR_-0Wv6)>kT+RvasI&c?-*ew^8T)0S
z^jRu`uM@Np_R^t8RDTOnfH=VFnOk1RV2#@MwY#h2O-C<Ccfgy2FaEP$-f@X(c3I{Q
zTp9F11qZ)hBp60IoBGGCpi2g<Is~hYoo>}lGhVva4jlStNPjC5!1yUXo53mQVv0L@
z1t4S6mlNXC=IV^h=wYNCn8HMvVcuwVMMS9m<n-(JTKbP+F`nq8ZS>?3Isv7p%1Qn`
z_IxGfi~8)#+p%7+Dz-)?ofi1h6gY*xy&w8IW=BA5RLO(xx9i(gvbLJYZg2{^r8yBm
z)rE4((p#>Q_iGvyK2-Z@l)MNWQL=9X&%Ze;6;gH+Ht5Igp`NTWQ7i2qpAL{y#7i#Z
z$+-cCzw&ka&?K|>2Q|CdZ}4B#tV|C4um(@B3}U1&YII5M0@}!9bh+eWTRXe2_1k!y
z)6UuyAjFc=*5%dZb%OZ{eVKff<TJ_7c*oite7HNeUAK}B$Osy}8?L>;9ws?>%03Y=
z6$UI-VAM^($3vG$B$}1jg<JVeF;`Puc@+YNf@e!6f@nI_U6c`~w6W$-J=Pk-joD51
zuLV+5BMve^7VHU_0IEWap5ktEhTH>ou8CsXw_8D8)H5TgGeLj|HhSH>!kKk1qidrc
zD7Z+_Bf$TsIKwTmO`8EI;YMznCd0rJ<h?B_$lM&-ZNIxQGgj+gwl(TosYtNT2S(qs
zmEdl!Ks37Ix?@C=b?_+H+>u4uQnsrKI6%BRUx#<<;^aO&)8IzrdEUkHo~~k_Wi!-<
zhcEHNfznml7`PfBwt%QKI>wj%8Qt13{{R35notMP#^M-%?C7b$00p3P3cy?64~(J5
z7%PUbz+^F1=IgQVP$$Wy0V$P?>*l}Wn^%N{mN3RsOQwRQHFAsZDa8J`fceEA;=TK+
zrJ#jPtze&~I+Rhkcp0dE>*Y>UwGK8?ToP6FUG&*_I;W&a2kD&erlT?BpGEs^{W9)D
z;MG8s3i9zTeaOdRZcM+3nMTF*IShod3D;J*!B`$$|5DiQQ&!}JlO7pWHBiB)<%_vi
z@J#0>=eBngCzk0G&rNx!JhJlQ94D^xX~j+BYs+{LzHSkfbvfEltNA9$p|>$+>xGpm
zVz)I)GJ1PF>ZEPvuqN4R0hlNYb1DeTd|n}w;^LLyomff1lzon0Z!)|s^DzEPV%7*Y
zwI`M%;P<`Nj4uI|j*RnSS+0W0q82}wO>s{8E{4w12fp`D>-)A9yj|IzR^Mly8^!$m
z1$e3EA;|Ab<h*Zq)~m>_P_JCNHRNtoiAY=kq_g`a>FB{@y_6H!88dG^?8B}qC|C%3
zc*3k=T^K$O_pxEAfKqV$&sVy^2&hD0&$8KOt`<wIA78+p2z1<1FSVNSC)=#;Jtq~M
zGU}}qq{Xd3OILENkX%8edcllGJ*)Tclmr#dbuP_yi6jXrlUCPIoq%yAy|zHL7sha{
znJ?9jtbqEDE_Wc7d6U-le2ap%e5iGNC|Wr~Dv{~~<@F~)ZL6i~U6i`Fr&75A{cFo*
z>N;Z76mdjzFdO#n;@-aBMl*XU+O))$6pLXAG9d(if%ZCn%20aQx;%&^*A0%>2V`!c
zUr$)&k-NQz{YVbU;SoCDL_Us;n4|+8SEENaZ{D=INctcicYU@Rj8Hxv?)-LPS@9vz
zYE6eF()s<^A4neST6t2W2u^9BrLW$Vlmr2~NX4^*2`Rl93W4ap>CD5;JIj*|4Rv-H
zR!zi>99BKWqkY;QWAex~W;K>I1JReCQjijt5-GYrkFtR#PRipRf#uliCDlG$%LeLl
zv*qW>uQ8?*2|~t@xt?^AoOstpvP+{pI5e?-m&J}xe3cybjJ`r4AC9Kj%mQ;%TV{Wq
zJ~}Y6DsELL=qVi-iX>@mZEdBKQr3YSo*2;Oe2d_-yy!s|zv&`=fjvtqGsmrtfpaUH
z(5@N@v+v&9WVY(|>Xw=}=Vb3X?_kctlooXQJD;%&1SXAIFL~mio0<KD5&E&n>|;f)
z$@QEi!lkcUEuO+AudG?ia_<Te1H}Zh4$gHn+_T0nH*~~&xkWIPq*lC|qZ06emDhbB
z<W{)^@T1y>Uy?P;i-n+=hVl>v*JjyxnoYWtGuf$E^oP8Tui^#zP<rn=hcv3uYC_m7
zs7_(P<oO)kN-*B%lfuM^KIXG(zKS4jhk6y+QKneAys0oL?mYPw4?2^uSb0#DS!0dw
z`BD8JoO+n^O9b1BF3pMxy+0I+6j%T<(-1Q|7zO+O3@FHaU|slb-|P^=+W)P|`$^c3
z8cnY0zAk?9RGl?O-y~^ze{%Xy9s=9PzHH6!GK!^OgT6B|0&-?j?)+Y^mDdvIo%pD}
zkDvS^ZD)?Ulkq+mRkk)aR^D~~g-?)A_B%aX-x%VB@c!edUxcOCSjWUMqHWn`-S1eT
zErn?P0eo2<Bi@m)dyxNg>hrt4$+pn?npYo0Dg`$+snW71PVGEe=Lr<_StUi>ff_!z
z{iLJx>6l!Lhr<)YgSiuRo2k2d{rjqB^}&SNOYJ8DI`NuXs~rQ&9N5>7N1AjxC63gq
zYv{(Pa>{uapC8R%*m@~txItu4YwEYoLHRPJkj1mqJIS#gE4}PKLMG$a>Cy5yUxE<~
z=@}G@?bwxu4{w%-{PajT@(G-KJ`b3~?)=IdTX8ziX!~o%5+3Utl#F)R)4*~b9QxNe
zhz``}#{}%pRg(Z-o=$c*9Ll+nxe{Q}Yfk-9W~Fnn5-z3~Pc^0`$j*r*90l7m0*2mH
z{x+*Kq#q8(NgNqll8*e1omO}!6SfjV%&~1&D``dw<C|5S2Ll0ZHM=YFmJT!f>hl{;
z#wigQA$zwO;)<ktCAU6W2HCb!MnZ9uC-=4qUW<JV>grmt%F7+Lb>SP=Z1rKba>(~q
zmVqSrZ=iSbBG8?lmt^&MaG^Xj7k=(E;x)3U+3CqUpm^F_G;Tm1(LxU6z+K7N8eatP
zxT|I71K1i7HaV={5ad735eP+ijbvPZj=DL>sk>IB>gRE4wZQxcr8L#OgtaUKkg`ix
zOwCB15%2uT2<oN^+`etvX*ZE%%4t9xHq4jg(9@Y2#A?se039nlklqEh-%h$KD?4g-
z2hh&NtHo{}%KZql*Lfz@Ctu?==2Y+pBjIA*rkL;2nqoUtSRby_wFy?7+-a3w662*c
zY;*|0fUrGgU-#XBT~3l{eC`P512~2*03(MQ{Bp{TV$;f5e+t|ue_%xjS8L}|W>BDu
zClQJYdHDI=m`ij(lNj?#Guu~_d+84yqVUeM)%hExqnz+g2a>q1ut07wAgQw1X*0`w
zL+(<j0-t=yw<JH^Shcu%ZFYg~=RO{ov1mlBCb4l0W+sm!?*W3lsdLTs4(e}_SHX}!
z2#T+z!VBBSyUz!#3?W-L0{0t{_spv7(jhB7AMLf%?8ZX==FA!Sr17s58?x*g`@zPN
zciC---G~lW`?}GADu1A$v0id`)lqKN)EFGx<Q!eT5)|;=LdN;%EY=!5DgQa=O7Gs%
z=5}wC!4u6`!Ncc{zUmHDp!%_eUBiDO`0IIgC90Le$AxnP)hj{<Qw>Rl&ZxOqVs}6+
zZ!%Rqn0RISvfAFk$ONhzZ;B@Yoiztb^7`U?gQc|$f`t%Q6M^fh5=z;ZG7ry-2)#_?
z$E`x_)gZO24;M+ZR-Bh#ee%LrzJ6k{qK%)sE9(Brtfq2whZ@0TIXm49)u)}=mZT4L
zO6FU$3DP|>rg;!ftKR2AAW`$wu@fHm=k+Vw3ZCXo*csbk+d+G^o<uhnee=}-bH$sw
zKjc)KAH2y6E(`v&axi1g#rSd?X~{ryJPX`T;Ru*dTqiY=fqeqPnRlO$%rM?<%rkNz
zT^igdf4M8ZJP7(dnRRXW1;xCgKiJbRk>Z<VlzwDMG1yX9u%BJHerN(K$Tu(Qo!k26
zCe6pr)=gl5g|5_4hi3xzLDqLSiz}4$v3axn#OCUnqeu-l@!`=PvwS`5!1!&UC5Het
zp~NmCDC4TaPk)@R{{*zyZx%TzI-KO{|D#N4Y*1k(rH3sa5rwIQ9^x!BoYdzd_M>#E
zljycf8R`}d88~uC8OorFo`#|sZpM)wkxGw(EC@jt5Phpn6Md^Y{FAt9WAEDOOU7M&
zhJ${#=~jy`-jkr2RsmyC-xl-lP2o^0H3rf*JCz@gC?6YHLDoeKIs{s8f3j_gFg*rh
z=aQg_5yf@#1_8J1qkgYm1xMimR(phCTJ|1!@(>(;se4}=4>AxVo%|c<NZO$wRG<rs
zxtQBDRcuw6*WwlX(?8wj*fVi{@#L&RR%<KoepQmZcGiHlTWEYeq*&n9-g?_H6vWh4
zi~XZS7Y!ILS)h2M0JE7vGu@`E5|Y`PW%p;{IvMh#Y;O^OnNl4c-I0H2xfufRQ%G`R
znJCsJ1l<kE0eIC|S0uKCy)t<50$rT%uLS1HH^Uyu2RwY$cY{ikpwYrZ&kagVciA*H
zz-{xTY3n$frPPMeRv@-}2co6RA*8pqBqAW&PaaMg718FH0^DUL%rYbV8z{@{0`Htj
zNv3WBAD|=#z|6Pp?tSomy>fDUWo@?XK`#Sf8`}w|0*SSi_WTIix=bOZcX0gIknQmi
z@I2}eap5)l+lx!<KYibPMaAD6jPLWvc&OYF?;7qN$R|Qe`}p_dN7UE0M@M!t3oIbB
z_|$8)HI1=m3HV6RbUdikMAmxsP}6v+a-;l*XgOCgDhDnMDNda|{^R$1%F#pF!#&xK
z_gWwAqg1X}_82*vOITm?fUZJ$GoNU7JcV&5NKy1Dzn<?ujpP}2yw^+ny%wzU?<vWq
z+S`pgEcFxDUfq?pCGoWg&P;L&wP^-QA}f0K4aY5fYo&j?l2nEThTRg!KswX$V%fKv
ze-e?c1s!$6S_a^bDeJp7X)0yQ{Q1L*B?9xXpWl8ZRQwdlGhOX3JHJ|V&TDTXYWPQq
zkJlH%T*s$3$xqmfPLay$^LLDAViImic9O?S454=?uf37a+!Y|m`n;qMr>V>uMZ0B8
z2Z;AhMKv_KZp$UZ<<AZQJwXNDO!>gg?r4x#YGpxfBGCcJjZBjOA5QUyXFwY!bzHvX
zg_28_9yemCZ_?huqMlvWJ$?Vmv|He_3zW~fm+C{qRU#LVnd3#wBr$MO8qNpHTSL8|
zg&)sVETH7vrca=AWgb0TNO9fQ@r7vgdke*n2{qNDBKb_R7Lqas`I_bD2DlA(+$Ogs
zOb;~G=Le-WqpE%GdJ_^wtX53z+*F4)tW7<hcLSQYF{^i5N6uvU$B*M=HJX+jxRACQ
zUYmU(zy0|>otKc$$6LN_R7{$6`VO1|4^V5L9BZPN{cG!tw3eeVgVBleJ*lm}W=Drq
z4~A$G#HHZp;`7@F#m}TuSyB@r{i_(?@q3%8^t$!!(y?DWn)rZmZ>Mx2W#N%Z>w%i9
z@|8)!*2b{kiz=5jVLiaEc0XRMm|dILp9F6{d8aLg+c8|`;BAb+14sb3WP+^@eO*s}
zJ&cQ+8}s0mFUY*RG<iXLWbmYbXv6-->+f0y)n35V#OStOlVPl6g4J8GsWzJg^X}T9
z$Ik{OgNp@g@{gn3>QXP}r-)pcty>zM7VdOzjL+x76y06yMXR%SZNhs5K2Z5z{_!6N
zHVJDxz`M1un9D?61M`6o^PeDXN%k@vZ*IM3JwWshJ(y#fRoG>D3Gb1a{;+LRR@4X0
zUvLeSqH)QU4^B+<XuCbZ2*d|Yg<l=Be<V)+$lAJhoG=we@bH|6zD{7efAIiFvM;P8
z>T-Y%BuQ5U1NTnep43Opep9lLE78syLkJ^<G#9oTL4!0QxnQD_EA}Dw+%jMX7kHoX
zxlkP=MW{K0k%G`jeAuC8nR53|Gva-ezLRb2LxBj!7upZvNEN;<T7F%6*o1P8DE|T-
zYEC%n`geGI=aZ;H)0D&VEt=EfIex*~`pS!7I4wNgLCE(LoZ0u6MYp&2?#;tPwS)Q|
zvUZ(^SrXLsz2-r7C0h>H@Q=|V==8-8+6Lb#PDXw@G2wy%`!X%H5hIm#Llax@aULCN
zX}w)Rmtn?M#5j_2C5tYaX2PJGC2ZY?kDnj&pB=r#vKS*1vyY^V_j6X0yOjCP#9sQf
z-hNrAEtCs`yk}$-<yJHf@gX5gWvoY~|Asa?<Rqk7=5|B~;J4joi``<Wa;kqXLMxZj
zZ!bJDW(3bntzM472hx22HHV1^2SP?jqj~$<tZ6%!Enbe>gVMcMU-{8?2P`0TPuaFL
z+rBkWC}olNU^$s5H{@=)g%;F!q2wXquSJ(L5_iPhmG2uixu&2}PjpWYaBsqeOlq_M
z4YA>NF)SZW8A|`ATcAw=vCGx%)+j^!(QUGOZ#bR?ACCN7Owm9<jlWS2*Ip>pZ-@z(
zsx<gBdmRr8?$sYKbo)56HFQeo?vmTEm!9clXIy&96?cDz%J2=eUg5D3_e~i8I<w55
zqO#m~c~bKC0xHd^W<ff8B>j=^DfCyT<E8nR(Y7_1RqRHgza@>Q>7*gyOb}xCB%A(T
za$gQ>1s8+9swD8tiS&szAK@T%Z0L_U?Dj1MsEZ5!IJy<+B0hrcuJ&GSmF%<=EZsYv
zm>In1#MqoYIK}pDPyARntygK%%&4rZ|3^?pJ_2KVybDMo9n)b(f!{{8+0mbIrUgLT
zIu^ca0uFrG1x@Yq$a;YB?*Zt5n8oJ&DCc5jVO`g{bETJGGwYrYvx$rRbR9{q7~E5h
zll)JiMvo>X);s}_VupjP4K?hz+<VtM?wO$xFmkyUJlvCql8H{i#v-^5<SJ^U+R3Uq
zckSBdH)8FIk-^oS{AcYiA3Q155$ye8IAtFL@yTRM(w&wNXm``W_89MtKST-TtcBqJ
z4d^&~C31tWNMA?imCEAn?UxF>BYBHQ=!#Xp+MRcNrq^Acl@lNlNluMJ-W*1wb#^Uz
zPV1l3?6EEt&U<wfb5O*gZAZzl<}@z(o|`rbXyybDYp7iLCnZdGn{NDzs20$N>Mq)9
zSPve}+?l>|+f-OdOaqa&0#{mz;%M7G3}=VBYp?N5_F)c{I5!V=ev9^e%KL>pH&zFK
zYh)yBw2ry%`C-|lC$SZh@VjRqjLHULsOechJlp3{7yU-D{+FS+Rg#6Xv`UFvrd64z
z|KQe^*!RX4_L7GX!u9;39CdH34VNH0+rcQ0(6`<FrVFo9in;=b={0w9RzLN`uiL-9
zKPX!x(azmX!NcQ@w{R51Zk*yG1UUApx!rp9j6}U0qxVqExE&9TQ!F>*)n*=NguJS=
zPf)7rVym!%wJFrdK4aQV6Z#A*bE>V^#p)(NecSP^2s7zZXP;))XeYcdc)tmNREz=w
zY6b=d(5^E&$|R*LP-JsG(0c@Wgfuabt<LNIt2+|f<dd>*&&}=v-AL?~1-sO_R&U!$
zUIYE1t0Iz*H4Qk1GOOLJdLP)Dve%v^GFBVhD2Oe4<OiQSii%c~huf8yjv9d<kmTWQ
zP_@Ex`5^kE`|#FJrQ|up@I!6M(R#x@1%2&{#0QztqgKc3^p3u_oy>j<;*z2*ij+g1
zl-Bn;0x&o;f)56PK%o6!taDg~bHBRHbS6#y&k20B`JN(awRFJLL-Sd?ehWVdIaFWe
zRF!^P5PAKb(l44J-X*nySKPUO?2eFOP+4Uv500}svKg`;Zz$W^9N{B|cEKUwmb}+5
z6tGm;usc69s;9F>4s!?AUG)yK<L#&dG9RQCzGW04w(u|}BN02EX@smV(GdP*qFTxS
zx0O=w%K7fj1MO;JLVsB2686I)*YALw1PI$dN43lwJDAgFmGkPaRG!c$Mag5o_Z&WT
zXkR6JWGo0EJOD5R|GST`YF|8z29-fd2GquK#w3fThK(AIUd(FC9v5a5rtDb()yXDG
z(lY{HB4XuqW~CH&LJC=2<@1_w;A&v5egSI>b+O3yr2ggl6|Bd4r9Jx7^dqn3Vk=CB
zUxaSgElrEGF>%#4PJb#djrSd8iMMjQ9xUCa3VBBN<2iGDVP)q^v+25~wuXU`Z4rdz
zyv_+OGDU})vQDgqZVw^X_*V@Ntf-@p&o+D1q1f@dmo$Qi2Yc$t>TxF+zhm62zS>R%
zft6KymmQKl-B;tlDh=x=W+=b3lH!I#L+WqZ<e5nd4+2AMcE251AZ69ZT1Lq)ujQKc
z>N<af!6(M+?a?_019cy3IIS_dHIO?}vCr16v-f$-QJZ}CI>*Po*5fnXY!)EWL+@Ii
z%H#_!Nu;`;#%H!+NhH(ksh5^~x;Nys^Gow^(4Y`-8g9`cWMLBC+!-dRvqdbiZ-W3z
zJw|s)VUGZ<TwDc<1bu1LKK$%~3L>97h~Ge%bn+5`Tie0ZT6ri;^)0hvAR7h&vpHUy
zuZd#)?t>8w1Q1U`&Q6I3(boHRCe$uNPf2Z)N@)1_^W=+#qE{d_4C_i)%WtqLZW7LV
z(n^(x?p5aSy_K?i7Jl<3`zx4S`mxD^qcs4uZr&@sUwJbG%>97q^Y(pA3~^_DnyhrI
z?7XE&(&1X9(){~78PDzQbAX9JxBc+}8CW=%^Pg32ar%44GsoL^ryZjcrmuQ>A9&t4
ze5ceTCnn?b&Y-c`&>;aZeRp{i#B6QOC6u6~V4#|9l_o#G(hyyW2{E3VJZiox=KD!-
z;Dp5!^7IQ8o%b7Mj`#fcU+ExHFkjWFGh-o_Et#wDf-dYEw>b`eU+I{SwaC-U%<5FT
zBXkgZnJ6Wt4h$0iS<T9#<>*?2>I;EqPURwQ42x=#QO7tBq5jttATZ<ZVqIvZ^I*@g
zbm5|-=`rkg|0Q=w%Xxz37YysMka?xY)jqxxo=H$u`!!AD$1(p(KPFzA*=I-b@&EWa
zPk^k~6%6?`9B0jbl|V}|BT#Zbb05cC=yg|lKc|mtwU#cgyu|wJ$|^P8Wq9JSx`JQ)
z1*^f*w)sj=xX6=VqXO2&sqE}~*9v)WobbFqKfQj>F#kdHEggR?lG!A)se}6XR?U%b
z54*X|v>&harT&^T3h4vqtIKV-%(v5*1Ds=ol-<2wr}^6jN3CT;-x}=(&u?zn?=_vF
z)J<n=B0RsKuPqIVpghqf)Nq&)Bf|9F8<i%7d2C=vCid9K>?|0%#wvN5y90W?&7NN@
z+hnl&D8bmO2ryK|8-w8h9Eq%gKG9wqtfyV^-T0i(WIcTOjhO-S(EWn-JW+T%@><lq
zeZ`xM#?B-Q&-WZg5_2r|#TB-p&BDUMM)NgTtnME;Bq;pa{Jo!=Oq?>i7ef{Ldpz$#
z-!#=vPhk@}S6QHKT0re)xMjWFav@ra=ykPlzhye;@su(u7T)5Qr&#rZ8_6lyjiY8@
z#|c~@O9XDSJ?Wk-;psWbVU%n@vv!w3H&QNP0x{6t(!g20C<sbc0PGigpC8)m93$QO
zX9-+n-X@`z>H~zHUG<%|6Rs7r;!4Q=b=&8eH#8-R4;FrHViAk5{e1bC-6O$F-W;7C
zrTga|eKTb=BdnOuOgnPSixB3DTf<N2uakV-BQ1P-tpLPO#8sK`GBv%O<4)OQ{}gHf
zV_}w!5bD;X6>ux<Ogn=L@-x6jaT1XpaYte6nwucz;KkdLkqnPjrvdOI+0+1sua3AF
zi4(B<^PTJM?x^*8ZGaGy+aGPQUA2<38X9$`E;E792s?gav5meH^<#$rrQAwHOrIfY
zJ+bCW;?nOmmNrH-`NCGvOfP=COuGr2fkZ`Uumqc<H|CBTKG#mm0TgPa*49)A8_3KG
zSGI+6B_FU1M|GrAm}MPodZNLf`*CgAu(_}Ct@<qc#eTj3D=mHt?1_wBOUY%y-lGfi
z>x_=A{hN$+<;%DMx{ecVc(~mG*#P;I>;@T4f;?ZWMO7*+V4;UVcjOOVjjNHhaeL^X
zp<!a>7Os8|2}&3;?2t%!p#tkyy}AHcK_iG#gLS~r&xnA!XOMqaNJ!|nEkG55vuz@<
z8|oj{)KYZ-Genu;FkXu5szw-VyU%dmp)zAuy5ag-9Sb+MZhOoMlo@m7s)hR-aBl|h
zS{*ZY{YC<A#DE^_-~C4d<cNNBXx*JG)`UC{Jw9*<0EsZ&snYCW;kQltfEvi%^RJWK
z$9^@)jk;cU?PZ;LUwz|MV`6kikkT<}3&GC$BCRz0Jdshmbc;=hNrJua7a|D#%fPeT
zubXpuy!Hjhh1q*lGXgb(Nn4UUp1RRwwf&AGDfdI8po<?omFS`m<XD;;FxG(tg6URE
zS^R-}q4j@sjxK%0Xw1-PAh+8#gWjvlPRloSjy@Jb^*{0Xd%VU4|A7@X9=<pr3A&6{
z=#WFtn;XJVaC~Wr*}3|~2;29@W6N~GZiG$_TQrpTkf}})FHZ}r#am3ruVcO$+rM=R
z$R8_vsTLJw%xrccxCv=T2*CY;IBet`oc`=bbY{o};Yl(oM=#B!4y^Fz+=d74DOLdm
zUaxL>bT|`!sO2SM@a&kIPG3;<X1b{K?2zQkOUNTu@9{Y1?2VvPF1oV5{)x*eeJ3zY
z>L1F@?>ukD8t}LQpr9Ix+%dHeea4utpQxK1+~1M0D+AkeOS2vuQ(jtIw8_+yOWxh7
zAq|IHnL38_*NIA1<&5XAPG?N=-S1;$TlxB{AT=gyhmgfwNYR)Lwf9@&+uKp-whgrU
zqZ6qTo?&urR}P*u6wx+usz*rwLHV2u_lJ9hGU@VMT_(3JrAb}{EvnU8?FN;M|K2s7
z_;Ty!i9qeFo;Jg4=dQfoV!aY}&L}}54U$(!QIF+QKprsYQ~)mtaXGhoe+jS_DmS0l
z-AVJ(ZHtn$oZ@#AFmV=~N4R4b&QCsA?JWmRu<`AW&N4xuS2~3i7~%Z}VeNOslj1Q=
zkr&Jpob<o~KbFXfT~ap4;*8S*Jcli!!TJEhuspPCVPU~YW*boN58bLN;;i*uZNGfw
zu{G>m?VoDJD$M3qAHg=`-FCqa_f<#<{N^a?@h&ZJ-f9VLvU`;1f+I|ah1_Vih%X%4
zJkB9%i4w-G4kf~1NWTZ_*Vzd}_uYqujxxshf;skUmiQx8BfpmzRjQhX=ON7-%pX;{
z^mQOx%#u^ShKUTHvW)iJI?eHKSolTBvEKpZ&m7Ek9_jnfT)4aS7xh?b$g^^d8UNc5
z`Bw@LZkVM*4PEe;C8dQ`JxWT99{ja-u^_&@+NZc!L+hxo)3sGplW3{x(?V{2!f`OC
zMVb$$l^75&_}ilqGRES(Q-+z4&tBEMWm-oW;J7p8eESg|Wm|RLtAii_QgPPM!91*&
zHriD;K}N&<iY&6PbnK1fjamDaEr00jtJPjrU5sF?T&Px7C6hE0?r*pnzd!RZ{#W;>
zr}6Bb_fKn}Kj**nOMR3GS?G8U$*t(va(-JWdt2mH_NO<T)zm9(<oB3R87pIWZ`j?u
zHe=U5MHF!~viIO|LmBb|-<@R+{k)<hdE-I#XSZI=E%cz|Zv~tU-*z5mkAqsimJX<L
zst&FkE5{CO=B|Z?HHmon<!|^M_y+7RC`0wf=$q5q0rEbF%h}dC#9Ds6;dkF}NgUkq
zHKWO|F*2b}S!`7mCGFB?O5aAd%C%4x*g=tVgXfGttX?iX7q{?2=_32z2lF{`XrEyw
zbX>?qlDxFZPB}ra#B$4rU+lZKHODA0*-=-I4Lj^a0<G5}R}H{9JA$&vv$GHMlSvEy
zZEr*Rh-fH#qlB$`6WW00SEXG@dSKi0mW6QC)EJZj9mWy?%jzRYFW>5WjOm^F=Y^(s
z?)=3QRJ%)}0V<ONd}@5pX3IuP>?83LmCmD=ANWBP-vV<cDiVc-SS!-})0eVehV@(x
z`jf_u1D<zD3Ngr_@~7cm+QZ`Qf|Vje5&6qGJxXMPck}z2C7Wg;m+zL_;V)ActkB4N
zJF4L$GA(gsWIi3NG#c9x8~t4@iu+6M&}O(G-1DuEThWV&rwp+ik1`)`!UGqI&q2Sd
zb@Wo_lS{V+q^#cGbL!YNO(40B=HqW~GkZpx<H>Tt9{(m+Jbg%Cd;}DP3+d%qCbW8v
zpIS%JFSe9TW9eMU1T)_WV<lxv`^s0{>=OY+0uScb2#42)stg_cwK6*_OTG>tqf}8>
z2kLyXLtE7zd5`dq#|WmT;xwrNPHCQ;FGsUW`^sg9Ulm!t5t}wsKW#~B6P#(4X9PIp
zAh~rd+Nkq_x=xiz0YY0Vca2x{pu}-Ym)Kjv$Rj6g2c}m^-~Wj76?r{q!r$i^<w{|)
zb#4S-XfXz7C`ixjc)7gAe#UTrI`=`%Pem);@sb-?O72}3EKY34?CqX0EHAB2MRsB!
z$c|wJ*hFB_k*`@`-tx3i>F~W+96NVtLTj)iwjLVgiES{Zh16S+DL$$rP5hAI!D#Qm
zZ0U~yK>z|LvW`O^ModQ}EuM*v?K@XF>r`9d@FcszWHR!$T(K^lQ*@wac-dy*Q`6X-
zSw4YNgy_>tSywuI1GZR#-+g(tw{JYtM5_SSLW2#vS&q@)({J)BW-aR}X6?36(OZ69
z`xNf2Gmka{iM%v)A8zIsw**~kRX#~+=ZwqQZOhe`BxsFBXZ_(LVa(`l%RTt*J6o7X
zL1j9p*oqK8Ee#C5Si!f5uaBAV(~|vT{av$)Ggv($$|!VT*%QI=H&%n(Q~(e>T7-l?
z5Ez+9WjP7DAoy?XqyYelsAyWoD89VhBmqpI0nFH<`g$v1Z<J5?O`i*NUQH3q1*e=f
zI7V9bF$ZQ8DA7&s^X!XtYmH|x+hn%}ipx7<P({cA)fzLmEBIs2O?1}7T1M(xS*?&U
zww%-sFa>fR<~kuUdyRcy^4?n0&&M$K`oqD@!(64q^*FPJ;JS&BBRJzzUkdDCy^Y_T
zN<km3SoJ#J0zc5^aG0DsdF`aln=kz82Zx?UsTD~^NS`kY0j)Ha{WIBCeb6tR)s3#)
zrkXtV(t7cqoCK@LO4|3T`2=6U`b5B&<CB-@OT>oZz2IF?NGbv#ca)YtPe~Dvx46_O
z7o*i*%PhOin`6~&DN^1NBM~C8%bKkj(g{snCV7-k7A>lG8cK*7EDUZC`|L|)j98_w
z7TQF?hnpzgJSW=!UCOKC7hy>Tx{mWIgNGtY)syBpMl`i<xK#Vv3hAe9Rq{P%WK}o!
zcQ2&`+~<N*H%<|99us{IC1xUvZbqn1OVR>;Kx)Lr_l^Ms3lB{foF6yRCi8L5B0tKo
zeg8T_;-2}8?kce{mzhH_`Lb@|S5OaeW}^3wh+dgNK<qazvDg#@lw}+dj92?EhlRNK
zFq>@KN6y-OuY~Iy%bbMCfC-NhVmh9$58OwEW-yALbSI}{KFjsW`7kg!aTJIv+HeKd
z-VxFfwCAB&O^|R`rc~VpMQ2)|Kj>#{lOQv?Iz}r^Tb|1<%XdpXa&=au(~xzd27``C
zh5cPVc8SQu-}e^ouNs6d(&l&;OFBfK1w4skzWGk$MNco=@8a02BA~$SE!M#Skck;)
zPmOUPK|%%Se=04|=|eNPFb6U#tu1CUD8gH9C7$88*ZW{&U-OwdeY)179zB~%vU0vP
z&(3bfEm!WA-J&SFDmatS1sZtJdlS6%*Gw?o%+jk{vSxP7joQ}Ixuv_vLkS8$7(eD?
zb8t%#TKp@kM*Qd$44D+L&~0WD`D9o)_;0_v<tzpvGRA{+;o-W`$?f{ycxZxHNKpp8
zcIh2;byz`ZNr!`&%@x?GVz$xr_qjnu7j!c2!}Sb*bE-#$=T+Rs2j2YL50N!pN3W$0
zOSP%!%AkTnn9&?tiM=@I-Cmv>=g|hEqS9uMN9|+!W(LuS61kuLjU&|0zcI^XX`qPH
z_@<o4ibt$D=yiD=XSV5<pPp7Z+I=%B9l*XM(N%8E7#l|aM4EDXE&V~{5tl=52;6`Q
zrYHi&e?}vHJAX!fI;-}L;b2NKG8LR5lGMp|`;=W{hQM$CKTU~m^VIx$oVE?|q^%B-
z^oM;?BRL&3HSV55r_YFnj6zb^a78j)g^ie9?QZIIfX%qH8IYqE1Gx}h4}cIJpJ)SH
z?(g=7RD@=M50YnMH$Q^2K4Oc?Ar&W@YA=-WCihkevA>q2cAd=9X)$5HrU-P8m(*1p
zNuNyTz}63_ePLbXvDgFS@!AYlM@DExeeX#o_r+_!cUh|DGWTzs6h?OI8rd=~&<yZ?
zUf~0BuwjmGv6^|4&wm}{m3^|xcDaxru_m;)QUy|S`@Dg175Z?TxZG1F0uINvh{wHb
z@b}A&hp2$mzFD8Dl<ky|9IQXRXe*L6l#sWzFZAnej3C0lAdQtZikk=5oa$xh4iAOD
zA?WlBbjI%%!qmCu{Q30)Ce$wsgUM0}^QE#0+X|7I!^3`}HM_Mhuo`8ZV@Z-ZcBz^M
z1oLSfWUXzY=Khm!%z7&;79ONuFLvj>6GrJTlAQHbzePW@RLo?Cjls=d>pALS9u{zP
zI8B~YR0_#hc8_&@H2!k34zKp;4DY2Ks{cPH#b)BJ=U5e>5R4(Sx70l}{xS=YD|35>
zYY>M1gZC3m>Y#a$^;WjLm~y_;D*&{qYybq-`H~xsT8y7I)+x3heNwASRvpYKlRypa
z-&Io0qoU-jt(SCD4IB)_L9QZ-vF3#dD9^DIR=k~8#<tApi$RnJz2{E_o~#kLe&~1+
z_kkrO@0a(a<j6%{=jT&1)erI9)1J`s_3b{KY{ig+(C+!waGLJ09er5H*E85e!5wDB
zl8$SO_^TX>K5^&8wq*zqZ>c>Y_g<*zg$w`U>8P$WJY%48dbL~%b$A4LzX&=qwz*Bx
zct(ATcB}{DFK%9jPb$r=(Z9sPy=~%{>mDgG4{WQ|b*xldC;0R!$dvW0f)*O`1Sibz
zV!o^mgCd{Pac@itu#xIQ@K5kNSB6DNiRyAu-!~n&W%d7>@f+apw5>s}6mf63{%IZ_
zl@ARjqoN$=OgIb(V~12|JVQutx{V`XJMvhD$G5zhqk~*hU9moSGBE-^Bbe89_-1xu
z^S1123MLSkA4eO_A5yhPO`yjyXP~wGbUDfvB@nM~0PEdgNK%~Nt;Ezw&xr_Klsl}j
zF8b@1ay)HKM3|Ap4=r+}Ur!8ZIAp98u|1$O)!a82FwdaxJyO80``5v2l0~ZJRHecD
z%9D~BKkdWTg7<@V_SA%NG<4gXWrlyCnuWZT0q&U*Wb7Owz-exc{AP>3s7_C2E16C(
z24$y;;`!ISc8CrLrD4M&-uwmnVdY8+=g+MRE<-1z$MZlL3L8CbN%IlzLZheF`_=hP
z-?SWVcDn_a85EY^5on&XelKYuaLVp@iY4KrG{{beX|VD>m|wzH&5P;<C@(kx+97RW
z?%nb_31p0U9px9IO-H%^<YS#5{b4tCl84UDN_J1@M+dMMZaF4G2L)EIjsY4DXJwlq
zR!1{Q))lAt%g`Dc8jnxp2|RGJqW%x@4OM4WXp3z4gN!tKJ@DWSV3-0vNVUmhWllv_
zfEB^%Dbwk=zc6usz!CLZOXhcGcfmDq#<nTQ4nEZl@RJ0^#Pr{uI#;?9*%V|1C80~k
z-jLEwX91yfeE{rOiae&5@-WXp)wXP<tHNbs5>Ts*8*S|>MQGw9{P|f~Ga9(%2UF)#
z7m;ei0K9n)kea}3*-d<r%|8N;J|`T)xuOzqh^GRiy0R5+1-QszR{(q=F9}V5`N!#<
zv?sYr30e{0fhM+ebv}qoSzZY{{Be9f{MmlsrFQ~`q07?ih?ErKAxqg%7K0xNqLnBG
zEEHE-?J8}Y`G$zbD=k5pDjJ%7y(51Qnp`VKKKXD<g*jMHisKrm{L<oKQZc`D(MIee
z(6X#PRH`A3GL%bGYi3x=$LPN(#S!ku@j3|lmq+^ZIrT@i!H=25c?`ynY#r|?eA-=}
zs<xa%^khCrGn)x2EHq%Mm}EvhebkXX8cZ#ps%L;E4e0tkW+2A#V!rF_?10eAzmA+6
zq4@SK_fNd9V+_VVhbyqy!~lq6+A6aTQ+wX$%tT+W7*TB(UCeF*MF_M<mk=L%op@=w
zuiSh|2mw@oI>iG8H{THsMJR#xuim^~X^w&Y@PH?BiWK!nxNsYCxiXRdU?<T`=moZr
z72ifiKYTwv<T;Xph1<o165X2LUt(<C2g%pzKv9|rNhyMDPa8f$Ekf&-hnzZF5q-yt
z)to~IR<Ql8-7qtY<h-GK8obQnUGfDl@6LS}#K4`RAuB5)Oo5@QKY)Z@%zmJ}7@Sif
zUv1J-3H~wlY>iPbsLL8_=)fUjM464rfbq#N1zJ4qmup#P*S-57t6BCB=TbrCClgxi
zFml$T_u^e9=vl1+-!m)5Ez=Wo7?bUfoZ}K!bIFMB>a}{+FRMbB2E!iK^)B<AJtsAx
zH||Yw6UOnr#<%Ja6@+RBna_UXQfY(qgp77x^<<J_qSh(qLa19tg*D!fKQf^&H8R${
zdh!e;=Oz<JXxnGwjOPzSQ{z~_aW&;rayUo<r+HpWMg+UW3Zm!GfBvuNObndeMlRIU
zW&)(jQ4yUTTtl*dH~~WkB$8~OvTLVFxtJAbqVthOtn7#zsO#E!y4Fmj+Sy!<FK8et
z3zma31Ztg*#|T_=YJ4wnqsF%B6vmQ3Vv|HLz_tGS9YQ!~9M>3s7d6$U;HcCR(E5QR
z3j<oOJDR-Fn4EJF{Dru<@P~!aaKvZ`05}QgZ~3gzh&kA~Z(ITrscC8Be0L>p+OUJg
zsm*BaviffMF3&&M$dzpYra<}RtVPwU{vp}+6Y9Wp0;IarbU~@S^*T6Rmgl@sEhM?G
zswfoNSO%_3*_s13M;3B4fB!`B)I(}_*pKdQ=VS;@;0M&I7j4hJxea7NfHveWw&TT2
z?rdK#J2!ZuvVWeMF{2zGRm+3e>c0V7r)0?xgfgW70-#<(QDOP_)zHl9Z{`IpWlw6~
z4Pg!oPg047fDJqy*6huZlpn<roxnAp)Gja-Xi&d+FcF+~OP%@1IuRTjZH$IHlw<I!
zI^2u+&8rUS!IpeUrg<<Wt%b|SSIlgUqZ)#<IS;*%Joa+4MRDfDjWI6Jk$TFcXu1M*
z^ApG{2tItK#l=%m0+hnRduGwRXLRzN@rUZ2K@t)?#|9FCKgE;wf63o@<yyV0v1i0u
z0Whc1vzE9Rfc8u~>MoI|&7Jzo<HOwV5qgC-h+O0)_$XM|E!ZW5A@A__oqIR22c{5M
z<qsk(6=9N<(9mu0b=B$Lg~q+-yeHr3E)kgav~qd$_Mo!bcSTL4mrt}A${ySiK5`G^
zQ3`tIRe$NmgRN~rN-*t2z(fNCI>d@YK+8wB$o$kc4uW^nLC8?LLDMRv?vB8?qhRKq
zU{FM77+w37#JDnQ!E?gUd0AB8vfZ}00ddIivgBhuYtRe!af!#O>;jU<46O0J8Oe~W
z{Jnet1@Dj8P5FsRNh-R*1z=FaZ=YCjxotANHr3=Qmu{5T4{#Js+A;yT`N7~#lWZd%
zN$L-8vfGo|*=m7n&Wa6xNY{U)Pb7DY4bT1lqkTXsF_jV*Ejvi|Pu461QxI%<b7_N>
z%idW+-?{R?;`}pAFU%@j8@BXK$JZaEz`)321Pm<r13`D*skq1fS}J==nfhp`w<Yt)
z@#T{WaH>>Sy`AD6S^(Hm9rEoOV2$*LKYhBQA!RY2RtDP8R{vJ&_^0O4<QP2w;meMm
z6hojdc9nWc2^_R2Ldg?U#|s55IJyEe)A4`oy=7QjN!u<8AxLmSfCP^qK@;2?5+p%`
zH0}g#B)B#ZNPq~C;O^ScxCDm~Ab79_8h590m$S&syfc}Zy{~=Fb@q>M@2`H)eX*)*
z)vBuX)KgXWbKe))T>B$)iWK(zQLshxJF-RoUlXt63<uo10?esJ^l#%i`WSU{>)#1w
z>z^N5*;p&HyQ`VIur1HP>4ZEyW3ZZmMSAO1#>(D~l{J{BkR+7SeNTSj`qo_Rf#Gk&
zyNY~XkFQBGUGYLJyu@pY^G&@GLSt8tmU*)w&lA@>WxlVOXYgfF2sNT!L&I{km)tVa
zyg1-|?&i6YZCF}q!Sr)-KT$97(+fVerKHo>lgOhl9amc!f!%#!m$7*n=qJ8i2bNdM
z1PVgZ+dL94Nd54mZ)6;p389Ja&7!1I>^ux8XkRBr<|JgUscFPe3V4l1=HAk&Q3Rip
z`)-&&PCDGRbC)ecQEp~$_TBGwtC3u0F*8oGQXjII*-uq33)ZkQN<>6r0tWB?KpB7^
z!c}>aV6N-OMXQ?!Gep;H=I+JzuF=$LyRKCe<j8C{DjOMa=KX{;Sv|$iw{RjO3VN}|
zC;hx~$YR4kX`ghKXnIx^SFIfO9v}tzBi&27ae5U@bx=2Fz8;Ln!*3Zg2#~~@^&-k2
z4ll<+M4on(cN{U<p}Bn9ceQFKO6NuMyh(Wyf-v>cnYwTZa8N)~Z{C{_t_NLJ$T~Tz
z=CqTuVH~&IMFUVwy`nMz&|V6khSu?}Uv<mZrvP8WH<lFyu8o@|97fxvir5cPL~lKM
zN0@2GF*qAXfUKy0A~+>f@y+YOyJLh1*%aa-R^IB{(C^2^&`Q<;)64rwhZP0VAMi?n
zfZSZw+q|~<Peb;o$vATdq7s4dL`ax<@c#6*z#UkZNS>O94$<!T7xm1Q8=^hjX7X|G
zlgG0Nz?mJ-U70N-&V9{$o~v@H8FuGMW2$0J?+UU$cfYJtC&S~Kzda^6fm|1RS?OgQ
z@kt+6PF0y>`@Fb3KQa4pXFM!_Ocq?;Q=2T3`Q~=apOpWKWxGAXN>2l6mvUBO=XjSW
zF5&OfM4+xnw{q7#(e;}QdOoF_UODREOBa8R8<PV<AvK&9-*`|=yz8t3z!_#brp6)M
z^Y}$9$AUuRe*Dx~7NE6||Lxm1MgKeIwA{TbxnpOBU1Ej@SGRm){zI9l<_}typjS?x
zv40!vS0pIsb<_Y?24PL7`}9jL<8MK8bXeGElGp!9bVAzk=8~g!>&YqYE33z2V(5Ut
z_7%&;UkF+RW&nyjYrR)Zm<OWMgN7CEr5gavL5k}yTrc;YSX;A6XeMxVRoGTsEzb66
ze`OeXlqx<TD)NepdraWxJ?j5T6pa?doaK3R6@k6{BlY0+^t@q(WvNZP4K+{@ROYYL
zFvRv=Mom`$ELsdn{!(_*%`3JOgJ0QBuAI?<77BxW0NOkZ<fHf>6R6k#6hxGK)-lpR
z#4#Sn7hl=9Ah-WHGfU1RAjGMqwN+cMBfcY!Lf<VFY`XiAyQk<$z?GYwe1n?KES`HT
zX%wrw!lL4NsZE^Cpmm;EJkVo}jdz>|n{EH#h`2X?1-+iQ+G9kp`z|-u<E1o6c5J_y
zqXei^E~jg8m#J8q{?uLg`NIDHOQ-WE3E9uWfj^SJD9HT$Z;;S`T9^JkJ|)lhYEh59
z9DrR5O_9dN#s;wgi0|1>Bt1(A2eR)aqI5f4Z87P+{_>*)`_?;%4H-J<%ZY1fzN&$!
zsmsz{v9W5=&jL(<Nmv%1s)|63<BA{sXGDqL5=7PR=8pj}{Jqsc%VmcgPWen#2fra^
zTY3Q82D&61y_2YejzjmKK^AlmINGYTodU>upa70s9UuuyI3uJMNV!@JZQya%{`k-R
zs2mARdouB-s>pn|{zFji%j^KKoUC5akRY#wkyA;52SjH?tMNRv%@eg6WKMMK5mY~w
zoJ{}@MpF*Es=@^Wxw-@+1uL)p5cUu87_s@;T0qxDSO8=$sGG;LA2=&mzQz`O#wMVA
z8H_=!^;f#06eghU0CAYmd><5)%#ag^l?kTe@3E4>?Ey%I(VmzXdn}%90<=SrLNrex
z<dyaD<31~lzX<#gXI^b31MzcH_1N@bb%5Ogm{00oPGR_N#o`uSF>0Zt$bXjg)tsd<
z<PLXhJ$6dvUt0L|ip~g#yj=z8Dt-ptfyvN`-SyoU$e=TL2J|?1^e?YYNx{lP_*vDf
zf=dY|pqsJ3by!kvgb(2J{$x@Cd=qD&;gF$d%K!_>?``nMN03nV=v9#ZUz7MC{a>xi
z)usPc`ltW5<Mof*{%_}{`aiH@SnLM%XE_spk}v(%m{{W}68`Jz=Jnf)2W10_r2zn)
z$=cq4Qe^<Z;{&-Z<dlPTz8&iGryShxec&5p^rXn_HrLB%p2Udj2Hl3OvGnUHm*-QL
ze`-hkkrkaH|5`o>SeLyq=!OHaWlg~6bRMqo^6^qK(?7-zDGVZxcw<OF>bnp2-+ybU
z;Q6D%X6!!${f{v~Z+rx6I$`;G@}y`Haoq?`ybi!FWdAy~{LIOe;KQp4+`3@{a2UrV
z?COsh|6^kQC@SI6#f*lJS*_jHTSMrEgy-SrzdZxnI%N>&)~ciY?E^p_@Siz=DcNuT
zt?^hO1~%b8Inusuzcs`NFe0K6lKe*<N!s7&pO<5sfR3gy{_)BQ7@e`!xwL_Zg#qIt
zcJCj}6?BvN_8Q3c2XL(V<ew$?g07D#lm4BGE$9*BkyXHeqA<M9h5)czYJPvZJU<&n
zTrKtHpDyKZ?UeQ}FGVE4>hT|o`$uz%zvMC+7WdyD0hTYJ+U$S)`}a?J*%yGez_01w
zsNw$QZvWG{?2i)vYuN^TA+Mt?<(gphS9{EP6n{L!&re0?EB`|W?F28<5Zm`g{mI{6
z-S3g;=YTdFXa?=q&cnfU=T7mtD)^D7GUxsx+Bb>6IDbIVirzm9PF?HfY0UjdY|XiU
z%Zy?Dchv3gRak~)r?5(B(mTB|^h~Ysh1k*k;pP06Awjnquk7I9F&Yg{Q@~x#Al~t9
zu{XxQEz^E4VtT%BjHPfU1bbQvhfgvUOAkY|5cIX+y4kO}j@Clyty0{bXk>`Vf$4vQ
z_{~l0jg|VoF?xty_OCbH)3fu>sk_k-z(s%tNaKj&Fm$c@fHcQ&cnS-ixC3nDe@WBd
za2aBddX2nSmr>$#zN$2LM{KX-W?<n}1&kd~Sd086Ga5jth>4ejg;xz+y1_#z5J}><
zAwB%cDn%S3Fn88QrHA^pCTSYOpI}ues-;WKFLPeilh}&RZw&pHIf_;x*fr;8yS;Fo
z^fePPJyc*C|G+OdLi5PxPaQC90$*-tC%ORm|NUa|-hI2PJ7jY`DMG)F8}C9;>Qc9l
zY0!Nx-n(5+a9N?0az*j?XY&0{&K!Z{{kB?z@>zofk_PQx)tL;ab6SnBRf^7K6MqkN
zL;xWT3^3+8zt((u&}IHR2}Ho_s0i%T2by069kpUs?^9S%zk&f=cyBqoR_Ew!H$2ur
zM=VWA?u)U2==7g=2EO@<%M%}jD~S~&vzF6tl${Vs7wIGy9KKflTp7akm7E#P6QN~J
z;`{5Ebn2Y%lAr8)bj*DzLh1X1#BYCKA8oc~Y9HbHV;gjI<xmQp?+w7)ei<8R%OUOY
zvE#9v{)@?S-15Rd;7Y@%jk!U@)-hh#lyr_$5$PfC-W9j~Qa`jG+~LC9$J_>6LywMm
zE>F???q8>p9Nw#~+Mx8_C&=RA{Wbdx*HxwBLVe8OYwTCUs^SG9VZHzROY}DUEVh4U
zE-i@VF;IsyrHWt+#FF?CyuL(lxkTVE`f>y72*}j}=PzmI(Q#=(({O<xFWPG$Z_3*1
zZ_7wNe@^E=1>&x9i`yNSSkzm`DWz0g3QViX;2`b~`un*j-8mxyXqA3#6KEfA_#!0m
z-ry2C(|zD2*aF2k*~I%3{B2efH#jP>XezO)=kx6WUeS~_^lz8Ge<$VqL2=<;20YKT
zBJo#O<JV*Q(P2%1J_gOJzdQr*6-Q>6Eza_k3v%)MP_MyRpr65O#uEDeYer&11M==@
zxwRWryp11-t%JO<@6Z{X0s%OPzfA*mGo7i<-8sio*ss{06iwi`5N`+1q5V2kmx(48
z`nv>ntQw1fCuqME|N8pZQT0PZuhe3`-}eWxA3^wKQvk*vYv<o8l>$0i>i?dFo_hB>
zRX_nYIUzvO_Lt;)AudL6WpVU(Xbc5@{N)Pp^~6tv@`o^B{NDNhz0l8c7{I0npCq;J
zuRm!ct>R7b1b)&e@dwoMw+yfDeKx_k28_aMg!I4s#FzB-86`3G-+J!1MO&SC2|%g)
zm-LAEdp3INFN^G}tN-n4|Jg?W+ZWS`62Kmem{p~cmQ1Ki{xyTK@wgda@4~KuxB2sZ
znLU8!K&u&8W3lv}3|vK6Tl$8_>+J6`KJ+PvR_fTxzIwpCvR2Bwd&(Wj#e$%vd#xQ0
zzPz*|3om_<OEEh4mj}5H#O;(~nVjscAg-*#IzWW^G>~uzSeX}G(PcFQ#I4Q%VS-jO
z;JhR4x($zP2`>3wu>ek+FZ#54=|C=01}{?7rkaaY*Q%869divVQV<%jlc#;p@%Z=K
zNM`$YTjjGV&m=f8gwn$M5RZT$U2Xt@lGn<wy}{%%7o^i8;|Q)As`v3L+k|PfLkS$l
z4xi5G$3hyGCJ7c6MNx$s1(#5?Iz+`(=84RQh<L%L;mE`Cmzllo;J$PK4zr|llm6t3
z+GITln=Z_*Lv2%u6^yc0#xbYsORaItfG-?)_JYs7JprRBumZS|#Pw?wkj~8sB#re*
zl>$`~8yF$E`?8nrF3|#PJ{IS!bTwUFu(`_N4|it5N_D`bO19oBpahkpw!s*!y)Gj}
zMie6^(Y^~Cy0u<n2}zeNh|lQi4<J3kxLAynS4fU6l)dI49$}?C2aSyr64X1+ydpq6
z#YF1NBL`Df`@J%il3-n@l!Ff6ym1<zr<>-f67Vu~^vWalx^D8Wm(vBQlQ@I`FZew?
z;JrQPWK`cK<yO<x%FGww{t91><MpQS{M}$r&kvOBD4J66yA{3#H2*db#_R<!Wrg57
zENa>@>1D+TDb@0Pj{bbQ$h?Oy{O0D=%h!v?m|m=*n`@F8LX8V!%o~;pp1$458d0jQ
z5@?*8yt{w%R1obX1)y-EV6N$y43)`bUaL?6A03p#T3G7Y<sPPY`P&NSIYfHPxPg<=
zC4&qvv*OOjQRB@U0E9{57#6xnZ~Z3WK02E3cVMy5*jPm`Rcg0=p`6*;jckepc1V6E
zraXTFmSh7v%<r?dY(vO>NcopXa+VJX1*y%Rfm`8t<!;?V@LFLhMC1V6ltssVCz2?r
zin-6bS1<5^9wh{1DOt265b^5u()NdbHKRkZDD!<GEP6I!7`W`aDQ`Fcr?7!WzNdJ}
zJXBejneh-JQ4C9(OnFcDK&#gg<Qy6$m<z{|O#H3xVuzYKVT+=N0M6LQ`xD(v0zTv7
zXkD~A^TxgZjGIR(vz*)d0*@O6Z1E7mJtUR7tes#1fFCej22y4o!^5pw1%j*3B^jQ-
zKEC04a=zce+gp>{McbEh);_u7pb<9s`@BM2Uy&891}UdzIf}+-NHCqaL9hO9w1wr_
z_9W!Y**~sU0d1L|owKkqlwB~%B&^wS{)X|ZS`|FJh$V%#T(5G~yI$NF^ssL%Gm9-S
z)?y{Gil~*(<z7sHZ>>lROyu}EQI)j~Tu}k6e2r3575r9Uw}}Uty_~AR*sY9zM0CiJ
zO=<N$0(fyt^5XpTU#+a|{oW-%=(LGW3KUz{YEvw^lidW(GPNt8HxuUWo1iq?GaYs@
zF4~W+irOM3=FibDmjj{0+UL~P>Lz;6v#+72%P94K?7E_Cg)w}8t32F1xuh+Hejo%E
z^9f*#wam`U+nSNK(Mf`cCe?pWGIXv#-0rJ_P1%J~S=1Y2C8c`hiS{5YkB4AUt+Hfh
zNK{kpWt9}n<>alWcKp!Rt5hy?#gZ&;6nABrez&NefY@x*K>pN$d#L)3LTr+=8Yji*
zT}gq;u@#$-cM3*s+i~aI4$PWZuL_p?l)kT5w?+eT%=1o~5;H&e(DpuJV=NiqT3Mu7
zuo@W}ARJ;mM0kKNcq&Z{c>G7{e6({<;1Vvd0~3j=C7hK$XCK0qebK^=d~iEWY~15^
z?+JiUHrXU3QnBix_XkzUvu;dnfu1qjqvZXKsXPzo^)>WfLF>)PNyj&RyR}28F=wR4
z*r1wueKzmmhEH^*%cx9f8LX<W#vn_lcb72hhq95SjqekgyGi$L*ejQYx&`GRA1FoJ
zipO7FKvB^qB!F-f^Hskl)a`3mf4`8s3oQw&)<4=8@m>Ov!(2kMMOmJ<DB1q#83saY
zH@qw}$<2jtEgkRXZr5vd6j<z>RSinnWgj}H@4tL4dJp`8-!nTe#`Jvf&hOp+^(OzK
z1A{hvA9<E-c;h|cHov;X;U)o0N1a~g2ducMTtqcvuhX3QG^9fj^O}56=BQR)hj2-x
zNX-iZ&yBv<wcxz7crI{7$tcy!(K!_xxp-rxO4?wr<no-E5G~mr4rTa&H__rbNEM#e
zMHSJ|U#fn<m-FfXe}MxQ=@@-p<u+;FoPHelxaL_fc3pb)4w>P1p0!HoWYT{9P%cvH
zST;GLAkAE;EztK_*dvb4F*lRo1mW85%?Iow@ChB@y!Uy)&2{@W3ul;D4?zc8fqJ@~
zj{`rTl#?|cJDK(XeK!NZdpK;WDO5i+VBjU7IZZP<Xp6hqTl}4S3YRnyufSO*vn1Pf
zH2GYA3b_<&6hg|)^RV<qq_ZM#WrNcP-T1CzF4gd?#k~3&6NXp)&(v1g3GEyQJZxw_
zZCrdxAd8K24qPc780Wv_@I2VK-N5<&kPpUe;%D~K^H45&UxZV2Ip?77iK$Y2=GUR~
zOO*9m7MH1_l6u9G0D^dZ>M&r_pwhMN9v}<%3D|*JcC~>gfy{tl!Fbclo17frO!r*9
zYNRE2juWL(cU)tr3!L>uut1D!jj=rGf~)A2EnPKojU~dIr}kgOsvn)B4<4@kK0Bn)
z1<Qe>hB}LMhN@ONc!$0n1nB5LdhWi6eHKsAIrxqjH)-#}*XPh?5|S826RG{E5($%x
z+VgMGKJHgUIf^v*0QeF|&-eMsr>NW^(FQAgq^f#z8rM*0SN|;USnWVVnL6Z>S1R2+
z)_2o(h`lJ;?cCU=c+nuW?8CY}Nh3HeZ(QhMdXA!w3vvyhb!0CC1p+|u2r-aGd9w)0
zeu!_QY_eI=CbwfZ-!fEmh~<>dE^s^Xh|Dm^asEhQ&A_)QbF~Ujt)6$h_qKqTF%5U5
z2@Q@e%dv76E*(T|x2fKykO0)J5vwX&RVPhVak@bYdgK}LP&N!MtWlXQZv(eFbFYw1
z+Wr^{&{-<TNQ6%mdLFcaKSc8OiS)8BJ!ODRm@3?A<eE56zsc(nqLry+yE4MWul}&t
zXfkJX=|k;X)w8leGWQTt_O|+pCCwrma4wg$d(wP?#)W9P9?bX}Q})sIsbfk1iUwZd
z%K$KJJ(YY-ptuD&)#Y9P?2ZejcJA{?;FQ}2R;#pkc{s|w4jd)&V#*eW=&{4t3)D<b
zpUVd=J)5u?(=J#ST;OV%ouhV#X)Yb2PFpG2YsDsa*?JpLNxNUpOhQb>>V(OGY4x=f
z4!QUdvZfwaM3>Jf%<N@!PE*2os4RHfhx0&Ra;vgIS!vMi((U^fn*wU|8f<_R4UXAS
zdhx?j&Dnpd<$Jy2A1lLi7X3S>ye?>IQUqCXBZHmu8?=>@L#$LoWtHV)EP<((;k!g~
zb$Z)bfG?vQcaw8@c})a}UI-b-W$!8H_}Fo-86F2$r?>Aoy(DL`$%nq)_q)!ZJE+<K
zpzk+aSTpDOS<WTGX1zW@CBhs;Q0+RA!wkcdY+x`stBr1ct<pPXUD?;<99sp+Sqchz
zes<oNw;9QEjC0M;%aq2-(fs91L2z=7B$CfP4ms16^`Ej;uOhwetCnJT*!8MF?5Z~Y
za^0I-q0b(I@|3{^Pq$q#A&_Kd*bAww(d=;;r#@r$rS)NcAJ^Jxg1|xq*e&EU4W<Im
zNGT{pPIa48*3@)Z^mK4>*blRJJn7OwO;s=d<2!qr)A{eW$Rciy4DeeyhF|X4+Spi^
zX@_98BpQry2aed^Vc}?3J<|-NPA<1VwH-Var%3kNc{d?+L)XdDGpKA~8qIkEb?jO(
z;+POrdca?r%v44pXXRMXrvhv@ua{>wYykt|KH$_bCR7Xbo|@2BE=`T_=gXW(gu_s*
zyGbBD11s>X63rYi2%ZHx&>jbqPb~{au}5-GKThTUX()bN844f!8?rU!njg9grw|&<
z5Z%*cjtyj7rDxtZkBhFjvu@uT>V-e2K^s0BX!^PFOM`4cVBsqHdb_@UirJ~2o5d{m
zu>LEW`r(&ImbhfNmMYV7Nnd-%g=HqC%O0Owe_E924F~y;8mqwrFRh|zSf$@R=iWG2
zbHMI4>O#zCm=sP)hq84S!z!E~Gb+27_r9+&tx(}8LLI$p_*Ot!+5SfB><IH<=c0j{
zVN{}_$2eloXUXlUq;M3h4|f;sGn1KofUHJ7xW$i$!Od|h$!0t=AkKkoF$>cA!0rVI
zur594cdr|_v8zd#`9a$Z5>y=5x1wv*<Mn8Et)Qh+HmcOJw|Ql_v#$$Iev}=2StFYP
zLDfu3qrC&gvdg4E9U_{!?d%4sn6~!dr{m~8Z;0oZe+2OI!nD+h-6jPVM7O_@o?M}^
z?Ibk08<0rt)5#l;zSYx+hujIFUt&rsjS=mZjS0&*TDz1Os3un~X?dVua8P=?w|<PX
zf)6<}Cdq!bgx^w$J$v55x?$keRw4^`<J+pzHVBbILo+l4w&;oL4+;v;0upu9RAW}p
z{ac~WHhTjgv;0Ed=LqncgaNg4t@ObUsQNg=0g8l58_6ks;Oy~RFQMHg_Me+S0z6kl
ze1W|N%<6fuLq81-I!}2{ah7Bizx<0GnsO_`njJ#`+>xu?9Zse8I1ifD7DU50Zd;za
z0gwr>0HsSiV!6nswO)sPCMHeaT{r7zXfhUfUCzhfuEXz;#i6urwxG+SJdmIAK?hQy
zf=5om#wU?m$&Ns>3zysIC9?d4TRf*h=XEVzrDIoHoX_phomX?+KKp_aSZC=(FAHoK
zw;CT+_7URC6zA=<DszD*`MGL}={9q2SBxiP63q#<V&P6xnlIy@YW{FP5ePmGaD5j~
z+cT7Zya03M>r`mbc=P?bx`D?E!_|@G`OP=`-6-HFUZhxJ1U)K(_-tzOO+2ee+Z!Pp
zw+G!i8@!)JG<%hsSeFImW3=_h*3Xj!Y_r1Fe?Y~POh!Q?2JFL|IJ$D6v!AY$1>idE
zg~kX7+QNU>Ma6(L#~sucSk6OEymM<kr0IM<j|~53w&XXKW@Ir{k0KY-OfT1Qfh<Lp
z!?aXV%8DmPWaRWxxqOhIVdXJxodxe^2J@$I7CF4gi$c?b`xCdVXDOB04nBGtTttbg
z%e2!DbtFB~PM5)^3Il&>Kkdp2#i^#Jyb^~9QyBmPq@E@6txx9KP-(!@>Kw{-dIGs4
z&x=?MTh#7bW^hK4f4?Ktt60Wcx3bA6zb0syTMoeFdZdRy>RD-3vDH51=bHRI!op{R
z-m~m2EHM_^w!DRGs@{wE3X~x2cK!v}a-WCb)a{hbX?vC1+-4sqRFeIR>e2Fhf#5eF
zo(6GnxOv#?{Ytu#C2!(r#8Lhgf9Hbri;Z*!mfB&(GFddV%f0845^9#Op9p-o@nLLZ
zkFOwzNIMh3s(-%?+0B38;a{q^x2OrMPqE0a)~77q2n?9!^f`OsX|5Oh@}lwcoQsRt
ziRH|{Of+{HIV3`~+_h`X5?7Ih>63-p=9~p-)p{_WvS(HN3_7V@os9B7GFDbPy4cm)
z)5{$;ijxD2%Ak^9jRY3sTf$t*xmgbT15{;4(sq7B<;x^+9EY=Kw@GSG%5tkI%{3f{
znh+dQ1m&>IVs!@BmsYJAeU#AA>k2WS^0i_|J2*Ks_PM*!{mss2^B*h>*(xh|jtu9S
zLi}NJyODwuj_V1rg{vAk&9j<QCy2_3&!3H^)}X`{5VQk;8e;gc{!sLEa(f8T&n8TW
zY!(ys4f(R5t(BYRz9P#9V!MM9WR#Cf-RsgNivoh8AU<azIYi7w*U^587NsP&Ft4aj
z6<T$-gxwR}nJuPxWx~02-fCNOuvr<8UT%qk5KNj`d3jdeh9>^89d{C3qs-t~J5x|X
zv0*>)9^7x!qHW>awx)jkVFr_PtRjjPs#3ipmp5dHEj8OJH2+0R&RyyQxZKL$1#wGr
zjwC7O?g4oI%Qg6TolecuJGOX}?ZU5~)T+R{1Q~Us@=of2uzUOv4dldO2h~1g@FW^T
zMkW5xnF8$Gc^)-EeP>Cq<G3uR-mp5X6c4Pmq*luN!Hq$|o_P-OmIa<OfQ;s|*xpBk
zW4BHV2+EJRp4)DWe^CL;y^jn}8q_D~uglYyDlG+9HPfOW0YS-nRSucZLi5kJe0k$s
zkM0%aRy$=(;6F|NKm=V^ac{j^odRU%(Up|-$De;h0D+7>!Q>k7!GH~3p;Yt7w=}Pz
z{oHl?acO)r5<pGw=pO+1zy{F0;Wk8~%i|k!qCVPp2#{w>w%&SUi~Wn)wcTIr?~idl
z+xw3tUFLtRGRA24C9jXnD#iIrz$uI|V9qdI_99n4Yv4jaCW!@MGte_pQ*NpdY(@J}
zy@{wlf{R1nhOS`^D)yDjE24SqRRb&k+q)!itjb*H@Eg&*7LKYxR6CgVqTYf1Cw)^J
z>hvhs0<Rsby<5H@n|2(GocZ!$xL2@-v@*cM%RjSywV+Dx|4MC|!T4~-PrYsp?+0N~
z%;$Hqv5}c?i9Dhf_HDFvKAZa_FZA~lsQF17>iHL4X}efKARC@dQrc+hKM~?}iP`c4
z-#*lKzxr~BYzg$p{HX{qs;<P{lUn<}99c2oC_hr7&fCeNR!a|TsJwfBncwXwxnf|S
zG+bKyW0qhNYbedE)T=e-^UsEr1?H$n^v3l`>2E6;JW%V*8to<ui8b|A%u-XGdl#cG
zPPbG9G4%Z{!`J$_B6S*Y75m2_=iUlaf11sPZ;X}>KS^*hQ^EQo%l(T(lUesU_JXAH
zAayV}B#E%QrcylDMChy8h4$p5$69Y#IqXZ!0Ubnb(xb23#K*0IJYz5(_8~ECsC;Ue
zugjORR@+vCAIfb*$&PStH#cjga6X+#wK*QgwDa>%ae!C_-3RX%`LlEn9$v7aCKL%b
z!MoyWM$W=uZ<#DEbF(~`P|=>LX-$TVo<8atT==P;>k_I24K#ygbe{ult#4;g<<xUP
zz|^#7U22=Y@&IXcsBh_P2@Nhsb2yVL##JG`MYa6E%&v6bB>Cdj<xu;ic%Eml?gWk9
zfk3%gcx7yyxH|(HS{f!`{V*O#KL=^$P@f{<YpM6Zt|$KY)E|PX<SZArX%;#X^m10=
z>{i0F(6SA~@Ksc&`sO`UvcPjZa+c0|!?~g16;Wg3`8xbkjlzcZ7Wv=j{W`L|2o!}|
zA%FE+B&gxpeob}N;s`RMLwNHuzYyRfX1<{<v49A_tjvhH>yn-a><g^s?FDRobg*!F
zUwNk%%|FnbW+@~o<4$ZWi}nV=9@^*o%B4QD8%jz#oe{zfx;>i!GX(+5iRHWe^wuxe
zx@+&fVChaTmLH10)*`8+c6r$`Xc0%c#A2Gp+uy(FIT1s@%Y&)lT{<X6dr+#mf}%=r
z*tAmHchLCcyH>LSwjiCGyLOR-_LE@69eqTdcbIH7>McT_CG!^Z60*SPP#_qH3Z>GW
zoRgri(SekAU7#x!mX+t8vzfgrs_S+XIUefwEu3N^Rpl8L;^WPo2SJ96eX_@6r;6D)
z<fh_po`gmKNVs>vx~H*Gurt-Kgt{gkCtCKRc^CWbP(`r(07e5lxRqJSQwjdwRu*9z
z9fJ5NZ@N$#VXzP}#$7&FK?$CSa$0{ISg#0TRDOu~%9|_V=*K&efy;sa`-u>a!B4r3
z%`JVR32pdUENO(7YN{-4o<{n>!)$X4T`hP?vKg!USGGtIlQ1KDS)Gy>mU=b!#aPvw
zHx>{0g@*NbB4z9DC}ekRvPL`F$>iq&@b-f0n}AYC;feQm)7AtV4M(pvXWnEk=j-y(
z8<~^N*1%Q=II}bz&EK3Muc}ygG|73KzA}!8!Ls7;2{*CwtQotSR5iaL$~#LwHk{G2
zb^KoB5U*z2eQusXFzn?8zCv7Fo>kr{>H*mqo6K{G@Dy8cPrF)Q2V*%hFsb6413YE_
zVJDdjo2GZq)qE85*~jY)nPaDI>832(@rp9YdGB=P$Xzq$2@Z>XlreRO=Cr6WpJ+nf
z_<Lzyx;<gD>UcE+-He-gL2|G~{i))4@kg)yisJc3GoOmepMJqMJmf7$4JQT!XoERe
zR1V5+#MuX)i`wYMkx#{w6yaLWg54)~V`vyySPC=-Bp_w`b_N3-H%%{9W3|8L==*&9
zVjpLH`QzJ)R>2O(WqpM;9Q+)JLlU`>7Vns`$-uI<d97Eu!^AnYe<>n&CKz$>%4<wN
zd&zBHILf`Jce6*i19K8Mm;I^oXeizyADfNMwE+sC1Xw`TmO#?RtuJ%-R@h-WDk=Cf
zeuqS?p<jv#O~<uiaotql(ncfie5x18S)ukh)9ttmx?_(MYupP@W{{75dkKA26+ebK
z<f)ZDkRd$vOTXc$M!v)<%&i)mbl21Sa|eWSgZTYZK{9})nN=L00g&_A`1GuqrX4|a
zBtsGNJ+m!mG|oKG25vYu*jXDIKZ`~h25gvTCYYP%lx3++28GD6pXN)C+~knk))(eA
z`f+2CmofK@Y%Mi>EC(N)uf5EkR+KHl5KDu3TiSq6g1e-1&_e9vJ1y8r;WY-#)kzwG
znc2vbY1tvNETj>CWn6Nu`Y}xvV*5LOm1{(fgJ~($`Z;*}J<Ec^dKUR=w|i2X9xMqY
zN6JweDjYrlR$CH;#hM`drS!5wKhK>WdVGj=3z51Q2(I7bQiw}}hYk5e&sDI1Cv34_
z7_3d9ENAUFDw-Q@dBq~&ccM>exS6_DE=)Keqq|X}uhxlf`qEcp8G(-HNo$6xpyMo!
zV)}#i2CkG2Kv%pfr#y5^CSUrl+8x&-OSMur1^#FfLVNU@j5Kns*sHsGe9}Pl@}N7;
zAb0W2HL%E|Hji4@S>Dr%Ybf`y8f8<x3n(v$7Uq<c`VkwV7Pp!Bbzgl66;&fDvntW`
zO$5x|S*ky^!KSgfccZ$?RU{^EMUXaj_<g1R<!kXJa{zT=e0A!RCXgvwqEqAQ86eY-
ze3~x$0o>7B;g-FNPsWdR<ZtvUA<S$cx6BM)G15C$(z@HGU=%=2;p|x4lFc~~DnIl!
zlV)IpLylms?)RNF--g=^UD`Qu!Ha>XEdVh5`(p&^y@{?Lz^!XJ6DDLcs+s;ax9J-B
zc86xIO3TV~7q@N`)zZmwN=9p)bTDrw;*8X*lz&&TSJ`q1%SOilh9CI!x%#tja9+;6
z0_^<TGOt%z93uKJXvaP3GC^~epIOaxLtrAwCf)vmiMWr-d;-W=%i$H84<-C0#a{-2
z`{88Bt$uB=XiRqgnrIs)>nAI!$d`2d2&=IHvW^pvqOb=QBm-(M)<!wI4ml6(n^<H^
zQl795yM<T|V+mvh%Y#?mm&2I5R93%*w9PSPvE;ofUafFjtfZF;x#6<xy>C|KHN<rK
z_6COCk0>UJyhg{aJ)g@-(=86qrU=?e;U7}N^wt_}>}X?fz){>LCxmI1OX*nQ&M#L~
zTPCQy7g=KFZAqGYi=uu2#ERjQspSt<$B8f`ng_4*l1jq0!0G)u!XfwThrhcQ$x>C=
zyvP;wsqT+=a_0Xsc+8dsoa807C_a4AT}=RE!F7_~p(fJjDolQ5O_UDwa2mmH2q$QV
zkVlyb*%5LPfuHPi;eHCg6GAPR)+=_}MJaZ^r|OPKZVjP<DEtKiz(iEJx}>0TVWs3K
zk?1nD2)}uwaSd2|s@d4Up}nkJKq!>2MHyt6gMdaz?F!lo=ztm%0K$R@%j`rm0s!P>
z)xhgNQ^R{U)|mU|uWF!ZXhy5rBvDsU6OG%yz|qlCD7+*zfs)bCn6Q31nD^D^`u7W0
zHtAns*8YTaVqSx`$t5AQ8=9E)6;-^=OUXWy-jDzQ&ASXBrb`2^L@Sc^vjMU_?Z3f<
zhzs;;Tr2_f{1q;S_vLqD$ZbIB6c91zf!yY?cmXsY{uF#>3QLjUpWwa!?|Q8NcYyBx
ziO&4*7W-{x1^)h*#83V&SQles<NV*F1pjze91R_v_$!#)m3Z*e0Q};g;OCzxXaLt*
zJ{8xrH9>h{Gp+W70f?gcB}vk-G<ocm-(3HR^Z4Zw8qP5A?&e&_+q)L|H|*AbvBv%H
z_vE*Z4arNF3FVU91|-h?{wkpiY}TVc4ceJ+Hpit``CDWCKvm<(oCGr6NwdSrsA)qp
zO!<2TyK8UnLg&ut)`UXt3I&KKCpL)B{Uh5Y$kP>r0vx*xaEzwCe0!0ea`Q9a4>`Yy
z6m_Z!G|rX1S&03puAer!&5c8=4-m;a(QIj93Y9@rCDs!8HEfw_vFY|wEYC}u;tlg9
z#)2#)W^l<;M=p9D^#hDz_$P1e9Bw$ycG)j>3HG|j?(PWpK9%HQrpCNi?(G69=y4d;
zF7Z~7<hga*kKx|mQW|<Op@dc8hBN4F%fEYOJ-}zFqhvs{f$<)tHARAu^J?u>rzXm+
zydiDC1vy)|+>;>aUr@kNB@8{`$=GR*c&IwxOHA^&lxSydYImL8Cw(8XzCW<#+Js4w
z1Fbl1F)&Bn9RsG*kAQx>;ofrJD?s$PMmb%2<|`g&gs`$V(g4n;RWI3J-AkOmL8rd0
z;e_9G^KWI7jGD(*7GFRL4NOLrnv>x_GLIm@>5M^1@LkQc3nLtL<F!EW85zyfBFVp}
z3N166{7Y?@#Kgqq<>g09wifdPesLykA#ZDHY6KH<o&D+>2C0A_o;#+VL<jvneK*yf
z2B+6m;5WRNUAh2>V`c&B@S}@U)E(b*5|U08Hq~P57A^z})u52XX<qSFi@*4n`YShR
zVNsQ%Wguot$h|Y^_}TGUqpD1As{@ZC$rJN$T_jda$ZM4<)Ax=zV_7jt<Q<@glZ#5B
z6E4ng;Tn!=SP(L5Kj9_m6MuAF?(dH*d2W2i=~g1S_xk#Jgs@P9MdyTrUeS6`5Z2Xm
z{yp(9Oa4&ic{kP9mr9tr8?1R?Ok=nl8PtOnVEFD|TH{Nf(0mTBKPSM=%HhnMX!ot8
zQkQ~lRL3<a=;Xs)&A*Mbd-ql;NX*JMCD~IDGcrOxL8gU6*C7)mBm{i_QoMzD*{5_I
z@e*>)ek*^|qsX8D%73Zw`5wkoZ>~;aHppuR8&N}?sGtBOX0~FY5bBUCN?03iFoq5h
zHnC}AgRPP)u>@`ItqgqXAX3ee{|tKi>%;S?4Ds;gK_v$@qQ8U&v}wBLQen9A^E)qx
zhMQJMpXM!Cm5C^rn==6#gPzAzD`$YX3Psbz1Px$P0^-XQblqm&I$VwO@0Ygc(Y`>;
zn+c%hu*gL^k)xdM5s`Q>tbSa~w&K+i_s^EZnjY&JIGRnK`aV&am_3-fgw2kh*Y~8@
z$(wY|7w+sIWKs0^pFPWigA`UwJ)W;zUSCxSJo};*Kv}+(2j9A%=(7$d(&hgj{OXw`
zyvSzC8CD4Nrv>xBl^axld=Y_^0h;IOyMK0KnuHT<?IY6F+c^C2o3n3F5Ba}z9#-E9
zHz)@R6u}emF9RAF7-=MdK-rYV+7%CGkdVU2nglCn`oF*FBqWIx90Ja(gAIchy9huE
zPVc&Q!x3vWo%d1GnTC^jPlAMoM)Y{17?e`w*r+4o;f{IG^7_rYBX>IS9eg^dlJ5#i
zZZc2`G36;A?O_c*t2@c;y=xW5^`#I=#ZtVTLpOW>Z1AqAvzK!44w1}#W7|g}gGNiF
z<_nGmF_T*F5@=L<_dgV^)_>Y{82vGd2w5H0Flla6L9M?OaUI)2GU_^HQ0EzN8IJ39
z7O{Ob|8bCh&Zy8UYw6)@$mYRDdv`9f$-FdwjOdo}elp~ds2E0HlgUu(65*kZq~tu8
z>J4M_tTb7u<!~aT_%PFbOT~Z?&miLNLu<ir%8f;}-aphsOF$8gqK^qq@&=7~{L0c!
zI0Z+xTAUt$G6JV=I~QRnpcV}$$iqLheWS5}=SeSISPeq0!|DmPzOWDv*d~M&tu$@9
ztb9@to=glm+OxQBkVaUMdn1w)-i)~K@c=}D86EO*Y^}I(2aWLToOIBqkAq<A&D8#D
zoT`V^cV8#n9#5YXQ=B5&cm%B_qT7VGG7)sEJb$LjZz<$wSC3ATioSK*&+3Ubk+pbF
za$etN$77e88$+I;Z-I0=5fchcM=QZ3F`FP9nI#NrpEe5KqarK1gQ3AxEw3{N&~>F7
zO?z9!*Y(AYmbjr~d>Ny{D#1`Xub|b2Vb+1AnP6WZye1{Pq>xX~IU)=|2)%`b0=>9a
z>`Y51)xev5MZ<`o_rb?U5G_pnq2PWrgEy0R-i<A_-j$~Fwcm+<raCZ^f6zDTdR;il
z{U!qe-nPYs-j+rn()r}U>cO3&%2j%?0^yKw<Csd&H70{lo%^;;A0gco;-^c2;T9v8
zw3B&fjUpG@Vz0kkWa-$;9pN7dQ=PjS%os+Zqc-zi7pF?m&M(ltpI)haQWzh=$`OUV
z->z|rn2W8g6L23eetGGEg(VPZE>%=mi9DP$PK5Ufea`JG;hFNetV@8W?ncMQQ*l%;
z-}`un8w;=@t$>*TBDpE{malJcq66?`zUXLXP~SU;8i0FnK`|ooR|C=$M>uHH{&iKO
zB5kou=)0^Vm=<y7jlrUXbZ-ug+ugaF_Bpd%&ELh1{)kCz_0z5%cHG6?dyP$7hoXn*
zfMHInx5z7WruEIN7uJ0<qE%X4n?jPfN>8b!O?10x2<J^Vq3c7mG3N~G_==c8jh?c!
ztd}$;xO_&Tl)hxhhMeZ4O59?zZme~P%S?cS45|F=>%z73nWaZ)W0(WN@kRSVC;hn`
zJSa{n#HvWd=45sN&Rg}B(*r|Q335c_U`)2>^oam8Tb|jVfn3ms&oCJ%Ry%b4sp)fC
z^#*J4^UBr6CWkai9Vs+*=t__##SUW8u$eHgWX#}QzlQq#r45f2{Ip9fz6-)Z6!CBl
zZgIIRK_jj~{0r6c8<@QX5|bPQzFEE6QxycJCy4qo^ni0KG<6F*>2q%kzS;-fQ;R~_
zYx<YNdZAQlkIchv1n_qn31t#KNHc<$re5zfm!iL${tPHE_>nE^6SIEnuJ_&2LpPis
z^$9vt66m~F?oX+Ansu5Z%$HMWiUVyl)&M6*7PjIOr&Psa+?c)A0zrj?P0#}c8orB*
z=OW>i#cfAQd_yx6-D}(O9o)<ppi>hN^h~t&Kn*w(8!;tp#APRtUPl%Y=H?-cWK8Jn
zu%P7>4ENCT>L0Am#LpcW>JTQK+uSs^ts|@K(8CY&K4o*Lfcnl&<)BJ)vEHtl(|Wc=
za>uBzdp$W1(P-iIVN!g)<bpcG<P<5!x8E(dj1T={8ane9gpv$SFBCDA3=y*7tVLNc
z);D2~BEKZo9SXRJW!0iI7y^fkBqi@(xduGO?%mxj0OL2KYd&U_bO47_f|J+m;I>Vj
z9KWo0LP9hVN$>->1q>2)5zuJo$2DI&JoLunGi@9-PQ&LHQs^WkpWjM{E3dqhm$0>e
z{C>lkXjL;@-N0)s0JeGB#M7UU|Jq277m2Ztle~I%H#?-aQ+X>6y`bexa@r9C_fT%B
zofbVv_L-C!!qE+gWBycpk5)O2y!XH=qP~P?U(wG^PiC!H=7j3eXs-l3gXYl&i}(zo
z#?zpFlFQc(Gm&A?{?85A*K7eSs*~wSQm5|Q`Qw3^hm)lZ#8fW4&mFm6KojfL)f%*L
zo<0?Rb?hX`*(;tEQ?bNVY_)PtzCqXH1J1h(u>7T=<rCB5{++j~Ot5W!OTC<E#@^j5
z3pTmlb+Aj8p8H5qWwI)N%C>9jbC$JQ*9eGO5<k26j>+m$DOb@wF<f-ojT|3gY)n)P
zmeJ^e^Vp}Tf^ECiJ$L%85Qb+^SvDQhi>PrD=E9|{L%gCHJ$psuSR+D@?#)W`jD0?J
zJPWq@#XAd}#2oQOP8DTF8awxuFy$A=?>r1vNY|nFF&=x1%Yg}vNq3d=yx%O39}yCa
zA!Zi3IT#I<Zf~z5Z&Kf~d~q48nQ(zUzqoYYz)4U`)BcdBDqt{R$62!>6CGOUI?uWe
zg%V7{!s`vsc-VA5za1AbJ*(<1Z2amI-4>$9S<ptvu49{9imo%<@ZMD_^Q-#6Vc=d%
z%tP20QFmenV_Iq~Qg)iAko~pPq}ZGLug=b?***j}p^}dAD!euQ=T={l9ONIrV!hbu
zLJ^bJ;IDz4+}~0?$lf{@?k_uE@_Jx8Ki#b-?PV)=-L7S+Rkk+v^g-BSZ(9iktNq!>
z6Q!tD`KDmJh)Mo6F%1uELFe0aHY%qKcHUl^CoaPEk5jW$_T28>3t~4Q?F+?tS~SQB
zhzQ9%fBx>|eNfPHTQ7=lKL95lFT1oA<L+VZ+5|CQFX&}`LECGk%!X>TqoTLZw1z>e
z^aZTP*H6Clg99-($AW^s^Rf$Q=Y6~8XZ!Arezt#)K7Tjf=8kaS=e)(c(L{ayDQi#8
zJ*ku@Hecriy<lo{rE!3VuSs^N7l<97l#?ttOb=kp95Ra2E#KhZx4O_o87}+WA*!?B
zsIR+e2OcFnd04%5Y;??g>vg?LR!RDuQ&~hiuYa|W`;od(1sS?w?y#MU$W1fsW}Q4!
zL^p;v=tFCm=e33CtjfF>{GTW_P9H<{2<VLSlxu~F``-1%h#9d(4BX^*lgE9!7bb;6
zg5Btxc?9fw<n*dtm(hb~s%yK7jj+IlRqRsK6dw=FIKK1f&xoAhjF{W4=D(oeg>uxO
zhZtxd;sYn^YD9V>fV5weT`d42ZTl*$8T#gQpV&M%i$<q-DP~9Md?3^YgHf#^Q!*H8
z`$6Wc3(d`{{E^%)#UpO?8;+5V76Va4%I0-$*hUl1@zjhq;o<|nOUXe2+8a|P$`5D-
zc4WUH_a6o&<j~|+H?uw<)G9Q)t5Tb<AG!g~k52CSj0%~n1HoIl?GRPE%`2blbc!_q
zelP3%BO5leBmIwk9iZoVhh#Xlj(2E-lNlSVN7(8#-YB2Wmew(ka(Xb%6c~Ws)LbiU
zwAj~l+B1FqWsSd+_`YAhg?Rg>|B>QFv@O$RuW#l2T-pmZ{c*<=j)TP4nk&29QXvQP
z9M<^`3uvo6A=Zv{QMy762{6`g;kiDqi^;y6EY@sq4OB5B&-f<2byoQ(?jEkZ>^gbp
z#4%_kIb-J&_!U_SPP}|LSX+&6e`mF<TlXW=MfP>O=!OrjQ)GIAlN{|Wqz$-jLl$p~
z=O3S)RK8t?dN@2h%X-67SDvhM-3#ue?N2j{>gJy_+jjLNSVwGI34O$^GUxMS>J$Ym
zGA%H&&9%{@Bz`WcO0w&U3HSS_rjw6+2`*XV<cIn%MTys!((&o<-J^U=sa&eOGN5qd
zg-1}2YuiC%Q4LKD@oPh$Qzht?s|zp8Z=!@F+T)*0cc>4lslFBJ<JJl-YUgVOwGtV9
z9$1*n>YyAPgNKydaFFVuZQ|3mSQg)X4gaoFij`><TsrVnZ>&`ZH0m#UPfEaukbHbG
z8%y4E2OnRe=twx13~s>Me3I2LF#NhYv?H?7T2kPN6uc0@fhXbi#X+~;ZmJ1=7;DV=
zB|qQ0>E#EadmvS8<gN`3;kwGr<e5q&;S0}6;t(8n_l@Ryr4s>Xz;lG0qnl1NJFz9u
zSnqoE*r;6JBT4IhGjXXAdNCM)oU*}S(&@|SqV>bDDfARm^?`*zh~o0C#%L3qhe-#r
zK5Qt(UDi4GQ_4s-hm(-`sL{^%i&A4xv^dx)c?*que^|DZXh*ka_^@n!LfCc~Y1j<|
zyX`|)upwUbwnGnzj0Ie-W4p36^)(&?$6dloclA>TOe)4*iIb`AdG+%Ijw7EF%ufcb
zF~!f7lQZ7kGhZ!Jr(PlJI9-)1uSdk&N=}o>+7U%#%}OWsduGgh8Q4Ot^tz-Rbz?R9
z+$ERJ#d!C!t#~eUZ2@sxWM9c}VwY%cbIVY7&ix@ro!Y8Mp~S1BI=5M+OMe-&_lLuV
z=Xt{G*w3;1wp~lMM(A21^nwLf7?|C;XiNPHS~HOty0`u13JF{Dv6EWY3PFBa4vMa#
zw4DX(&fX5rDTEGCI34A7ZsLG{b9v1|Z+G=B?Kra^9A2Y*pM|A(=E$7x;Z$mJ0HkXG
z*gz@)R)<hy8ZT4g1FwF+lFZ>*BqVcFYX4g%oHn4=>A?hPDt?0tmRVcYz0xvV_6pc)
zWol+Mz96d!iKr^gVVA`NI13j)riGU>jkk?r;UYV**vq|iVRw+s%D}$wFz6$PObf}+
z#AVRR4XT3%oK)dRaw^Ewr_$PV2z#7-^<CgDLnVJ$KR-ymW;;G2%FeCQVVJi-v}7Go
z%+oEE7v>S6wBA7-0oKv0+er1CjNC43iiw7WJk^pG)UmSZDb=Js?mu*n{_N&+vwye4
zu<SH4F{e9NeTvgrj;8C<Rr+PG@|3GhS=qQ`Y(-O%3RRTv&Fqb&@>Ju<lZ!i}%iFJ9
zoI`|Y`}XzCvGioPttKBzO`<eR7CIs|t2_vHWIL31rBHHHS*{sA233?)V(QrI-<8Em
zOLT2l;pgJ1XF@XGl1e+<Sou+xb;Lu+(aUzLTiS$>!nUMfOwCele4Teg4ZTlSgn2D!
z->{-K2t12c_NiaCPgUO3;*3nI&C;sRDO6bNa9!uj58<?WQB_PV*vpa}-MP50Frqqa
zwcF}jx?|t|*<pdZkhR?1$xAP=BTVGO&cnv6!?nH({~Z^5)%>a~>deA?<xU|y!9qK!
z^56v~=7AAWZ=GsIgvpc+`Pv&1MbF&{U|}0+A4T_B%+s2VkL+c8VWcJR{>jIfY*Ce}
zgWH!LmZQ{<w7Q~cK+kq{Dv5M5xgK*;9M@#*FT$ZYr^o}Z_)f4Mx$$UJv}OU-TlEEG
zc-8p)z7+dzbi^@Fbf`s=1F;izsWvLZ*{Ykhe{Z8eBD^%t(c1!GIfs+4`N!}BlFrR9
zU3U^Vn*%1+A}qCZZpb)u&#Xb2KQ*}0uymJycM6@FIWQBQTCLAH2?}?JJh)qj(9jrW
z$`<;uM`Ul$bbG*iHpRP7Y+VMv?+oI;jSN+jTWe_H8_Y&o`{hb&GtwI25c9fN<{#*F
z)K36NtZs>!R?!}aREcsF=3;N`3yuJ-i>#dW&9SZq!By`soSmz04zw(Fj^q@2x2+Uo
z4K>HkCtM1~NJ#o#8NoDq3m0cveW=zw^jq4^4v&kxynV7TTl?idtP%7d*En%l3s~DT
zLY(VG<_<J77DuaSx25ic4LVA#tzjdbu{V$sa$u7FXzBY;pg!M3`vtcl2L+BJ0-=>n
zUguAQ4EU0@Ap=fI6+(@^3q~DZx`rRKJvUWhh<t9fZrw$k99|vdnc?o;*LPf<w(&_q
zY?$9b=TY(+)eFxjP*tDA9GSN<1xK4)YxQDkuchNDblFC}Y<@mTL*JiuTwGY3KC6e5
zkQHX$&!t=7dZd?g*)XwVuQJWvRCF2??j*loIb|oF>C`hfLl+{|p!b^LL|ixHq7<rN
zk)z&2PhEcR5u(k2a5WW5CvWiG-$U5U&+9e}?-OLRY|wk!PIGrjb|t0{1HF>t>w7Y}
z6e1@v=T9M%t9g+z8O_IZbbd!mNl#b%8E`5^uw0ZIvJ0CZBu+i7GXiZF-*LF*bv8IH
zt%nh!MOPLV8kpJBbQ~iuRKf0}%CmsNKCi{OZc+Xo*>`tC^{^e<U)3a8ql(>-D{G*4
zUaa3XxCr4^Vd{}#C$K*2cRzj1d!3vT2UN2=8^8*kFDKeKRX9@FTr(5vEwU%Pw{}?3
zry5=7IE*JVc4v4RUSon`Cm!KcJ*HodjeSbC!<crLiAL#TJUo!&0h*CS{i-;`#zK`-
z){UrU5r4UDbG}}qn8glzRWU?nI=@A;&I6NNzBCe1;jr_de*eas2L5TEa`>BEt33+~
z&_ebpv~E};I5u4`Mt#LoDX&g6m^^$bt_RB+3cXJ`9r_lO9NZ{3G;@$J@*$d(^mEKn
z)ZU%;cC1>B6RxD^q|F%|8+U3eT7u@thlZ2#$KK9fx?_cQB+E6ycnghW64Na<Emycv
zsq;#ZA{HqcyV-QN#lynX`E#L!GSLB^TlJ4;28bdiJ;{5%4$0ctr5Cg&e0j<6?4(K2
zYkn)Bn_l1;{bFZU@woc1n{{~R^Vqs#to6q!>WqSr=<LFwPr<{Jm(s`B-SdW$-<bl0
zw-3{Ih*{h0k1&)`5auV@;~%GAZ7(+Gz)HyuZCbJ~vlC1MFHT=F!Q+TYf~oPF!aCP6
z_3yk91p%z_^ezbN2c~3AFW^$NIxh^serJ)zG4?tv_<Tf-YUY$i--B8|dPd!^DZ`cC
z&@O4md1^0YY%WRfEO#F(dpj1@_l2E|g!>yo@l7=v#HJt5*Dr9K*yp8>S^2P~*D8bx
z`sa%G+_%CE2JbD!o=u`i<QbkRJ!U@Fw|6_(b}w=j%;cQsN+SKRXZ$pDCzqugkaahs
z7fS#7w#bI+BPS!hP@W`BV9Cdlsd8-rn{sAt%DbGQ@++s+ozH5geADt5f}*0H_d_ba
zmTuz6eiwg_$e6Fl{>;u^GbyCJANXLNT1Ee@SkmixVtcS9wbO}!DLqS3RY$vSV$RnC
z<4pc#jmoF4Asq7Mm+3b#A&8V$ZDNBysgo?fZAswzG+<E?;@c!-&(SS>*NG2Q06SYC
z>MuTctdA)N@j`H4xaWhMU*W)W9$szv@EP^CF&@v$(|Ww5!+#4YS{#y%p=PWTdeLy7
z2;yxJ1PAjzvgAjX9QCS|A;fua&qH7@cOOm{Z9GwmIa1v)ndY@xWbR0dh*C@6$Nql+
z>Od90F`w(OrqF<W4bAG!o>rJXuEd7lufwKZZRI)Bg{F54@XXVBDBW$bPRQd_=ld`F
z&}?VEI~vOI%Gy#nNGFJCHFddJ)V89Qt29rWq;l;s{!gW4^XD9_et8pW?A^dVQHM=0
zr(;b)DJrEhF)tU1yx#0CMZvS{Q2Mc>^|nhXS83TA_FJwSHFCL%@2_)o1KqOBkC;EL
zl+P=xk+ZqZJkGxBf@zmjK5MPkJ88)_H%Qa>Rw349<e>bB?d_tgc^^ujUyZzyN{jVD
z%$wMzHXvtp4mKTfJazV#q5tF%<)+%PYBV@#BC+)!HA+o86GGtMt9B-PT2Z$-2kF-H
zt?r99yd;(D+x0fWnO$;olUb{6tgja9lf&idOjnci`yu_E90)(rtd$M@-;bVy{md!R
z{HnBXd})KU{#$HA*5B!9*YR}|>clz_>Sy;xYwMv+()uR$?H2R(wFxy<n~*21hj!QD
zBhqhzjk2s$KPT4T{{AWm9mo2(tS$?|oO{(9;>L~G`mwf-X}VCqvk>K?JUl|M=&lf6
zXd@yT=Gy9OA%5C1H5lW*tLPP46c4jjn4F~@U3AijocKA2UYT!ky+JyEm(GQgZcmUO
zrnGgw+;Uhv_!^5j@kP=Zd_QzGqC#A!h)qY)Hlz7`yRlk2C(ek)j2Ii&4bGCzh7zRS
zHUqIznUqx3n}f8C)zUn_AkNpLkzQ{5JlvQYi&=A$<a2%VwFUFJeiG*1s6C+Cca7!g
zh`w<)62x@9*Ij1a*M|}iG2j06A?;d?^>vSu7m_f0Rs!<>&(Te1X}x?e8?mz@kdRRX
zgS~PwIJw5qU*?)N0}(8m)wF9gF1|sJMN3y<)q`^oa+Qm1By_Z+RXu<3zv@b*$Ck@H
z)nm(cG<{`#%%x~;tdk$e3$fK2!G#wiWcDH?uUdsAb3@?mY7-6}%{V64DCC2H2}5`!
z*Wc+o(X2ekg#b*r(!qx=^HxH{sK%H5KL6=Hw)MMX0U{>Z3!Qdrm5%XclP5TwCr@u>
z>R|k`Pv^@68-Eu%w1-Hq@PLCy8sXuou2bzzXm-50+R)E!Lm2OkYt-}Ry2B=$=Q^#2
ztL56jL=f0Vxwxws%yri-0D(GDLUpLB8R`@T5%tTsP{ggyMe!RukgT){-%IEI?bs~e
zv+zRXb*|NhPBdsPyaY4mFUF(U*;w)O8MxYoOsQ=AG{pRN1s=`J$3jQVn16E;U#Y#L
z`<MzDe{}$q=RgkP<4<iRI=@2QKJ`(x$Vt6|hgbXDs`MB?LW4FDmOAV3QKiy5$^UBD
zxr8h^jk+x_<E<moaq-=;n0>9Q$yvpBpS^`OPd<ZJw;R#WtPX5$z`L7Y#;SF1p`r6M
z8n&&$lWU5xYkz}!PH_^)>)u7lnkTWw`e`HCS1|tR38buf6+7Oq!*TO*PzxFky^9@x
zT7#6-_1J4`zG+BxI;*5>axiX|{#+d-Z65zr1`U<t@4taJ#X+`bJQnF42Vga0u3v=v
z?-YHlcym*QRc*D`U`n{s_d%TqyIN_fLDh%S-^n^mkq*<R1S$1E8$Yb+eJ*k8a~zbT
z4O5^CbZy#*h(-d2V96!Ug02k0o@f4Eh(~^%jj9$e1k6oDR&Fthiwm$eH4c$ll@g{B
zBt21LC#2Z|!^&tRy{4WVdFc?7x)ue+(s**Ska(wvkT#-ZSu~cvuDoR++A6Z~@KP}?
zzKD!X!`cEdy}8I*G7kajMbMV2Y$W}ms#oaN>&_?fY^?gG>TG1bR%`X1TIByW6%}%S
zC{q3>4Uw10F9yb3#(-~R95S>rez<#@jjtsjdQ}A+-e!FL5hT4}l!`b;8Aridq{T)e
zWnm=7sc#Xrv*!GAF4DKDOUo}3aoX}w->-yvMR0j85?(a+4kx<@A$fJ0R02W^%AU%G
z!Kwz5w(?9Y&r?nxy%w&;3klL0hHBg`w<B4dud3G#4sTet?b`)qZxe+1w{(x=Y}@nJ
zR@7Y<hUlfK$jo{U&pr1XG9O(6{Zw)ByB*bk-h_STAf8mLw~6<x!lLWd0kf0k&ph{B
zlw1>w#|`oF>tyAe1dvX2R>}V!kC0wx|25e3X9MaH2>pZF_h%ww`67ggs}k*X*!su6
zp{CC_Ai7|BX9EgF6NB)?^!dqHm8s5K`Z6r~nIGB@ZAIZm<u*cZ;`0T_d#7G10Z#<q
zwFIe8DW88XD-)>?&Oz|y(&S0wD0s7Ht$)tSr%(PNP2=nPfSVQ|`LRs(`!kSymr}z^
zyKw_Hye#I^17W{dh74^UA4@=#d{w6vd$xb*xYkZ9t$PcxZcCjs-%9N?%hJ2QciAt(
z<auZ}mSRJN?VB@|ZyV4$RgWdBv}uvb`zGxMrDeHF<G(E)E6n5XE>|4cgTj|K*jVmO
zsFd~}d&ISxNnu#DJOi2Hv!ct)kUp<RpnO-W75g?<!hZg@92=x^ZM7VS{Qc_ZrSC5&
zE=QBSq@B8M`TfkIe4a|hk~;$Bn`)-_3$S5Vlg;vRrmLYGg>Q@U@$0cn<+6NKTCV=`
zH^A^(dG97dPgLV?uawH$t6ckxMfu3<{jCAg^qH{d)eUw7h=Sc^I3XBH3sz02{?y)D
z)m;;f&yD_e1Cl*;q5iEL6ud8PZdz?`nX9_Xbypt#X6$*1qxHbw@QT*lq~-dm?nlB!
zd8y0O)XyMk*FWkYu3<W=wW_cCQAPjvGyT_!>Nj6enqO7-jooD}w()QTNRuqSbKM{9
zZv&!9QBj|g-I}PxzU$RJ@_Ll8BEw>tL}R+#e5-?X_%-P_p<S%QQHa+*Yu-N9^;dm+
z-|fNQ{-`ahRo&Z%dE2tRtUN>KU{R?0@0-g}XHgq-*QeXDK{OpKt%D)+=OAP-j-7~z
zXh=04-mdf<%0%qUgkGUV@i1$`%vne%us&z*yTV73kX;{u<lG%N@abpx?6c4C$*x?)
z$u$-lk-aJwvC{c+{q-p*uKYy)_s>2(fGwHIL#!=T=_oSvJ&<e6N<zYGjfnhR0d{<(
zeD7zUNaKAjMmZ<0&PGyB@9PHrcGW!Oitl(MMIE5W+C9qm=FU}5kcFdVc;pwUa;qs`
zx<stqdH|n@&q>`UA8o<f1f4YBMiec6xL269v+5-zJzpiArH3MJ-4-19M4d13*~$VW
z>%{j+W%}!vdbYCSibMH$cyW<jLu=^$Yq8}cby<jUAJ~oJ-$g196`M-%#2<TKyAVNU
z<ysBk8=ZmDJ?iI0nXijOXiEh$lhUC+a@>pfd_sJVeBH!LmyFz<7Ufb|j5PV$l2k59
z(OAAsi^mS04(WJTu4!{}Fam5fwXYc;jObrPA!L#`F6x8t+MwN|AM5TYROtavHOE-<
zm93*+>0IMu`6$$8ji4UaM`O`#A@J+t<cSBo4$3{=@D!ibTGklkRzLbXeO=$Ssps?;
zVYH*-8}A7%V%*f)ziI7|&I9CQ+eve<V5a?AXS;QwqfI?G96K70VjLd-&pdT#b@>|4
zz{hVcv(D2F&(Yiesja0Z^tt%@yKTsP5O%j-zSh$8P9X|+)uUBAckSvx)BaNAy&=xA
zrSlExd@ay2UpvU_u8*HmD?n3aof^C*qLHHWL_I2AOGRu<j(k5N^x<4AJy$hu(0Ob8
zP4{E*+!^q<p8y?@uZ-{FUAb=>uA9`yFY%p;*!lia&k?-!KQH60y04(sCVTpuBY5vm
z*?3j_sE(h3#kWs`b$<8a(7Ui$C%)5&_3MkVxA8l3jj*S`I*5%guE!2>{NcY4u@0IH
z`0oEouztJrM*kSZ-Z{zPu}yFPi&t|t;`r5f;i1)kKz@F{)a4@U*E5xXZ^K3u|9%Z#
ze)Bjc-Ms=?IpW`?ZtW9zK%VxKsN1j$Mym=rzk0tIFTXFHV~n4Mg)6d<o2PzG8uuU4
zAHc2N(wk21#rop+%pqhNLYMksvPiZ{ww7(h=T^(Br(i68_g$3y&pO;Yq_>!l<D++!
z>S;X}>JU0c?sdVXxcRnwmEI4kP}Ad7_EJpwcO?aT`0y9K?tOf7xJJGw;~5?-*CspW
zx*Kt~_=jCJIBZ=ero-~NJUk;1>?lZ2L^Q%M1WQiY3b<Z$(M57+i9y)&$hI<+Arfhu
zcVfr7G{oq2(CH#EZ%GCUHkWqS2wG7DgIepSrMB{y@We(n45>>&>CR#~kQ%9z#-oox
z+Dp5!J2wuYXhF*$+^4A8SO#NA9C9mnqhNI+=0%F>)yu)#9dE3~JoVmEOWt-=^}0_s
z4v~+pMWXs1<MZh#GS5>dYID<(sWzn;`fwT&<(f?gfhgk^FU-r_fgJ@Ih||jWH_|k3
zFGjLj#x2E<;HCE*+^LcZuq84B#f4eQI3njEakaS7rA=oWDxOI~wl)v<=VJFe1<25r
zhx-2AmAQyhzti|a5;Dte+)$jFh!-*=mHw78JdtB@lj{ouo=7W_mZ-#Q9v*wxs<vGB
zP=rORg?wl;s%)$`iWXFCQTH>EanP&HwwZ+_n{T>(_F1wT${ive;aIX{0j5v#gq!+n
z>ULQGq883kYZ0kKL({-+_Ba-Z1rLe<lJ@;>7&{>Z3+|6cn7D}FUX6`=>K)#!=;hcR
zY~3L)*^8S5OA!4tKX|A&KHM(xLCE|Ekv!W$B-QHk@eu*=)K2U!bc3gVIO3NqLWned
zB8d9GHGQpZ)kW>?Xb+6Wl9({~jaO&j!m;p+&|{8TQ;6wEE5aT~z=9imFjkw#@qy6K
z(@Rq?IaY_JUg0}CzOBLk$~RX4zuECfm>UA0OS-?;=Y|D{zb`}{Z__*FFxnii^xbo#
z<RG2kHr@x`T02GNa+OZcW0J9CcChqs+W32xtGwLb>$%*!8fvgxepopW(Tf%!WWw0)
zn{sYrrO!tp{ufcoe7EmGlcW8vwB9HD%3>Vy_eV*?<|tw1BL)~8)Pn30k${Bx7UeU>
z69F@&VRtF(mFaDRo$_(4=^y2gw>GhiEtaX^c9~SR(Ru`4?uUS@TG85L@;Xpgu@%+g
z!;|!g|K*$><s+~6a}y9RulFVx-jvEm`6nCfEkkJ@uU7)tc5jM(U5^8DO*DbfO?52-
zE7ps*v=E{7_U7gxm8-Na-l3Fh&08OK2PeO+L**8w+52AWtGXYV^UHYX#Z^FQd2Xt*
zKgW(VnZyr^2ZC+YHl^v$e)JsdXF3j5VyjV1hYzA2Tqf@uyUSW^<8zR3zj6as-UdFh
zwGFhx^r;9R1jEnAP7O!uzAO2GC<L0TYZA+3Iu=B0+o*Ljx7O>h9>LmYwe54Mx_{_5
zX}X{-E06B&L)*6GSGIohJQ1Rowkh%5(!S+y73#i8S_ilOrBYr8J#_zx1=kN~;)sao
ztY|?)t#**;1zkcGO11FmXP@A}&H|)FiSs$>eC??OJYutD5Z8(80EyYsIQ0P-H%b}i
z?x#n}Z(@`ehm0^zOhdu?WauWU=eDE9A?V)6@R(d<3Q$tr_b_gY^u>{xr6@>>M1b~y
zhPyQ0=nP~fDd(##rAGOoma|7XXMg2sl!@XGNkQ)VG|Zbi4%!*L`(;6x_jmzv9~Ni7
zA|Twe7TntXIm&tXk`$!P4Z=8!OBU`EBaxDsf=Itm=>Dw{jgDIL>7^4@Z>?8unnh;e
zh4gs{x~zNT?&Ex+OUlJst=wL#wJNt-6g`zKe_lK!`}%Wn2)#=EyeRXz87O`u#lbm!
z_vdk^v_2N5K<{r+E)#V~eCc(pU8t;=Wf|*HHK?`tcE~L#$o#If`_R{beA}*;Sui{u
z<`qUu$9-zAEhkN=6XzP&`@!B}Xutd*juHiLcyx)DN7R-z2EEmf{^|Hu`$iup<tL7~
z?NFP;mme^@O*yyf<wP|$y|G6s3vs?3?&1TD9cb5ToxRFaInK97I;OWrdze~u$^*Tc
zfsWq;m-(o3Vl+882kyd`P1=?%tqoR9EGrK?i_X@=-2>+~Njlg0?IMH+jz-<vdB}QP
z1X!gmEgkDh_TltZ(z)$}%dzMNt1Wbp*Il<Oe3bLo_8OQRwEjXw!$(_ry4;$<b)q)=
zj1uX1A_#HWJ5cbOQ1h__(T~Dcd$Dn|^61C-$p1j72xj)lX!y@vhSf`EW19OxY+RFy
zq$NtT|4GZA#H;V0!qwAbu;Pium~n;rkshwVj9)&1711+r^;f&FKI6ZTBz;!?eCj&9
zRW}CHZeNVm%kF}|y^T+rhvLFrIEiU^;8(NNnrZvur1alxEdI?xgqo|_9gQn)T8KG6
zQ(hfuXuuUeUxsCO2I2~BIxd}rTkeig&qv-x{SnKWa8IJ)pi-`Z^J8&W;1w3N?2g98
zzPI2P@pr+?ClG;WTJY7NJw-|OU5(ifES8VSS`E)4?v5DzF8eRoY5W|m-wbiHl=hrD
z4wI;rRdS=B%T52u##}Q6O4PLyhd=K*{hrt9l=aeZ5Iz6t6b^s<rrb9>NJL;Imrg<O
zOwscuKKi8Rc#eN|5OQ6zw=02JBBCD)N0-Qm>;_<e{p(-L9fPpvugHfpkT}g;muR<f
zp@?}vufC|oM-A3#szz)tR>P3c<FV{ygxVO5uRfzYP&r^;NPIXA`ibgGOB3fI{ysH)
zi6YcCsJ)gh)*&S)8Oj4;Mr5v0YAWfh&PV$5@+}u2Bn=sZe32yRH@SHB-hkfYyiA&&
z-)BK7ofhO5Y?i0Tp2UP01gJL-dpT5s>|%8p$v3X_@U`{ciF#yMd}q-MB|UDeX?*X^
zz*_aDV|PHe5oOOmq1?2SmPK6VlbF|QS-3-Y*J8DdYq9w~J9WXDc45;tr8n|UUC$ux
zS>_WNf&g1j?v3}uG_@9%>gJ)l&Es>I9$~gFT6hE_{0_Co)BO$jybmeZrcbMtfZpUN
zL|NY?kh#H67lG;OtDd@0|9`uc&j;$ExA}R=Wg!TYn~DSW9S}9A4vnyzr`fm>c_k)j
zPc(XjA!MqJJAmUol^`4H(QZ*|p(E{|8kHJ=q>_oy`PsaI<}vlBn0~o80w%lR`*s@(
z#X;>srbBAEPMCwJo9vgXUR&<F5A>*UvGuDjaphz`cwQfZ>+F1o+XQL7Rr{O&X@99q
zUl`T11{KYOFz9D0%eC&~dOJ6Xrek4bAZ&fy=Vy9E$seyn%|8aP-JEFe4&Ph4d^!>y
zNyd`Ji!j}CyZQPc_Ed@a^+41e5%9CMO^fyZr(w!Xtz)}UXRGxi!ND^0yl%R(-L&sP
zy^YT|9ja1pa0fc6MaqI$FXWq%6Cx09XM6Rz{-<jAw_W5bWv!p=!5(>*qo9wpy}n|M
zAEw`;?8y38n@tl;HPV-OOoyZEJAL1eo{RlVJL-($rncm!D1`glP7b(Dis;@3s%m=Q
zDDIHT<YVb?U?BV)+yJ({?~=yv=MUvsly)>*R<ZPL18U@TSo-X3cGh93Ji^0W3|HG>
zcUfH?V181({%adspV&9eRUQIp-~ASLA8AF+mcJ?M;Dji|-(`EBKtx2tO*2lm>7bk9
zCD)Ku@OTVDweYEQE;r6U63OdJy90+$<)fnC&5BE=F2?*@dY@g73k-!$?bkmrUp;@c
z<b{d<ruH6fv3*?VP#ogr+C#0mBUCqE>23K`jQZ>`ZAYPe&hCZe6^RJ7**vN=eg7E`
z`AW>8^{7xEa_vEyXsy1+9{gfZu&Wfsg=-NbDtU5QBN|Ns(1rLyzi_6Vb8~kDh2F0A
zf7<gQXX*HNvpk(TEPcr8Az77sNE{YNt1qloS75#T`5>e{6l423hBVfB|COR#$7spN
z=6CzPM%dSiCbfZ-U~fCeq{Bo<lSyt8J}}VFaTv0X+FP|F-a2d*EsvZCK)7YA9M-LV
zykomnl##6!)duB(wBUOesI52rIQaO7D1qK~19r<TV%YGt5tX|v&P~p`4m3A3;8>IG
z>1+SC2~9`8M7vcuchJ|}%RJTav-Evmoy+ndB3GSkvpy=SMNw8dUfNPWcs2eLoonCJ
zVdMJs*ehyU9X}HfEa+WRt4qE)j=H)dIAZf;;v~M4jx~=Qw_jcT=`S15@cC!3{gxJd
zAwGY?-qUJdVejS=c^*Q46^mQ?9O6|>y8UJZ_By@17?b>!`zg}c@gFzYh}T|rg?g_@
znv!p9PvdtdPMT}CwKO_#A)d)tffc`9XydzSD2xe;$MZRhakG4Sb{rpU%E6P%;xPY?
zDBOB)5*|}Sv94xfD>LTf)?06N(#^+{yVMU@JNY%V=cBIa>p7#>)zB_&96M=Mg{#jL
z+$fLEh{HW@+#E)Y+<?#BxbZseLcS-0f2u^echt&}SJgK#)rdM{rFUOH1vYPs5fP10
z48f9Jjsma~CQOh!24T-vdMvobe*DnunqX+LQgnT<_NYu%*j%CXdOf@t^R80*ZSlP`
z9&u{_z{KEo8#mB2zW&;6G~oL)YL6B7o0cNuH|j06id1A4mmy!Pbwo5-xGvGg4Y+~O
zWAP#fp<2J&@pJ8FP{l4(_ox-l(mdSwZ}#WC_JhslFl%DMe8-_uzxi0aMD4d*TdObT
zrLI+OzKMWt)=Mb+OE#WXYyK6%-n1wisb^uT4)fKTU2Ds#Y=&$bKim#w^@+jHqa04{
zkn_JvYckH7lUi5?g$IKD?FX7Xe-exU(bHasV>T~N*wTuo!^({SpFls@y`FH1KZ3hA
z84F+H*x!|l{XUcJH-9c@O~v736PkvkGS~o2xYAav$_=Bn&EY4WgH&6OsQE;_`xzPt
zKdtswYi<G1Ke7T#7RMv}8XK`gyR`?k;>&+1<?0da=de~8PyY}lsEK_&YIF6T5ifmj
zGE&vrXl)uh*8Fc;lSaLTAkfcVT+I#F1gOik?iiYFEmw!-a}E5}YM$yEo6*<R!uu*U
zn*H$x<P~hfo|-1Kb~wMq+VSNvD0TQwgWm-EHSCB`W}qDOYe$W#SG-Z-s0Ju$y9vBW
z^t5A7t#u8}O=$Q?8RzurwgZs8S*#cT?r(p+Fo%Dm)#m0q(A=oZF~s`hV3s|61J(UV
zKWel2x=E}C(lYmlt<_!A_x<QO*w1u*i6#+Vl>|@ma}d~cL%?<FdU)(}G+PCKx{lUk
zkMuVnD8RvV+uL_Z+(w(f+j1N2lD<m`;fG1vr~ShAnXKN#?k7jfYP33G?PqLnbDlTo
zF(*{)VVYogEe9LrT6O)PzdOoK@SKQ<hMyqB6&9m-`(BjVefU#47kp@`5>jm`!e8GT
zKvMLUAmup3n)^l2&L)E=ny)$x9_f4i?VPT<U!pz5(uqzx*A0e3TYas14tzUq46=W2
zkE=p3^A^$5g6-AaXVU>w)Y@~mEysNc=_oSPqOol-;vE5qc}ZF)-q?-Yx%QXEI8W`&
zvS+z9e!NRL=bt)L95UK54m!Q<t3r)`-y_Yb#Orp1TDK5m$xnv`>T}v9hX%0@-}Vz|
zRt`(yBe$nMTy>%8AM#Nsf~9ldp<#mQh;(dse?rezIn-7^lJ8N%1*RSLT16STT8&$=
zK{~ee2wfx{?+#V@o+A^&a94z~Zr7CLpkP-Wn!i<#_kZX@YeP8-UM@wQhll;^3`43F
z)qh!ooXz`CFRkA_Ladn?Sdk!FtY}8{TX|SpScxW^VTZw5cRk^Gz0x<755p7D;PKTz
zi%-<n<UXk^Mb`bH(jin8@|Vp<Y;NCM6CfIPzB-8F7uVn|QR&b48F*kt45nSG{8OKN
zwHNEtpFweD9S}Ghi_`yrT)D~reB`cOjb(RF1Df`tWX+RUxARD^FzD&e-olzyFJt5W
z7I@thgB4l1@@M7GXFZAsqWsZvaEJ6A>rniEU#Xw!_El90)>oaxc->;e=xkOs>ykj9
ztJS`qMqi}Gg8guX))I(I#^dU1l+f&vEidEAytlBo?l?|z=W)(mdVM^ee{(bb`1HfL
zduA}qOTMWFm1-#Vj;I(s_U9T{MN3DJYY;3yYkC+5O%}(VpVnZvcqz^I6pQWs>Oh@b
z(`##GjZ*Wg>=+Kq8Q5?HU)!IZ0};{i#Skpn<SYQIVG#Cw6^x0tYE{*E`I?)oGgwuT
z(o(wzRcinI5GS$GaX|=MsP+%Uos%7gJH4*fs)hvWkK4OZ=Z??^GmxTYY7DEEBU`R@
z#0&G*rP-+2bb$1CAjCmHSlkSns?%!RHQ-ab%@$6Em)-kOEjU`M-5hfqmQ}bT;QD!L
ze=TZ0w^LRV=OJy~JS7NyC<n{a%9NW^At}gs&{1u<LD1i)rYmiRY#UKkrY5LkZ-=f=
zC#8dLth<9`*O2pr!~1MwE>>?sG@<pMuBN}*(JnW~4qWD8=gzNeEXLaU?v8e}szJG?
zE$fsf=<IZ9>y;-AMbn-gE<SbHHy2^_SzA07%?w^KfSW&dkI1^0i{BMaZmM182`#4f
zrGwgBWv4o%Mb->cLk;%r-ip$fHb{FCXT0IzU<TdHL0VI<0HDla`M6>1#p=JBn$g$W
zMq`8j1B>L4opdr^w+EXF*C8uC4Xb~jhtjw9q2^e-&6-<Uzt$d=-GhR3+v}^+Wua7E
z4o#hQ!nF>Ms>i}VI85&ARYUW!22{)2&U6I+#D2uGCyVvsGDq91wN^B1vs_hxber?4
zcF&fo&964$w4GVDr}ZB-@@K<-;$yp}Syi9+qvv8j^R4uqYOm9P!+38sh+YHB%34ME
z;PZNM(BOkWUq{<<-}hbJ&AfVuEW3S|cwitun*;mJ^F+uU3lSoUuU%Sqr9XamEI`Dh
zv$mrqBBHa!KNK_7K%$}EQF|p$T;lHFym1JPyGZ&q9$p$vYU?v7Lc$H#%1!s$?jn%-
zp7PGxZ@cflj?*WrHS|j3swhHw(p*H`a2;mc9*fkh5*QA(3~JD$v#kv+4MtQMN|2wG
zis;{FtN+qdON)AC=o)YP4`52VL$p1aKmSu-#}D&L|2k1?+p*!Oa&2NTocc~arV+<r
z!}{ua*XNKH2QVQJK0{bbsmDyc-D5k?8^g`5ejKRp>zUp#cB~Q`{!$~&d<f>~LtK2A
zaU^j=z#Yk0B)3M>j=HxCuqGo-Ip0c6L)I$>G<oZhym*dUL)zKh7TOOe0c3G~tXGKD
zZ7jS4qmZz4k$eu)erPK;?X~?d>tL<B=JUArjy^xsOGM|u#pBG!n(h-r5tCkwQndmU
z<MY|r-1jDth=z^R$KS*HXVzhtIRN_rZn=82@{fIT5_?P4nq>VK;-TNfV21C-qUr+K
z=u5B0v^$sK(Iqo5UV87rzZPSc<tgCl2JCo!Bjm}@Ek??(XCv^6?&%nPg+Fdtv;vRL
z7f-}BU{|352Q5>HjXSXZkJ5pxG!HTJXQ2NPSn2fgqW;XkW0PjaVxjyn-$@+bw-M{t
ztU^k1A|8F_W%=RJy5sh0x1}LB$`ez<@5aMV=Axvc9GhRy#nX?*<L;kbqaL##M`dmj
zVxQV6_1PD`vIuX#{kD^?2#<uTA2@5qV9ND(%YBufeh%%{$ML!<IpiAp)8L-xCVo?t
z%*LnEziWrYO^5N3IJ})a4Su#W;zUFv7DKSqi>m=x4TG@M7tLRYQy#_mOPt--@`Bej
zYVUAxaVQcWPca941+Rrq;<35*Zn+qdWAo;eMfak1L(9sPiB4|h0KUH6b>r9#@9KTK
zYvt|bdvu!5!yJWWyIBT?8@{k##i;Mx6g;NhXj6nD<-hGU-Pp}nH(zP05VcreZdEpi
z3@DOs>UkmgPMx_1p!3s}@O03ewn!>!w+h=%xtLx%*$O-LTe{{{M?abyrNL%5QuaeT
zOb05l>Gd3BiJMlBrz3s!8sxlEh|;$zvG0frHzR{R9fVjV9-ivWFWaHXU?%~>ahIu$
z3mrRc4y>Bq=^1S7*_B%~)9;CpdskpZydEJ}b$?I$7xmb;yA*|MS0nA&0&K16IiFpf
z16u3*WbBk+<px^&J~WuR3#jSSYGvEg1;gK7O}T@n3#a>9t81T0>sp<tZ8jKwKCXs(
zT{PVHGj`9cnqb=BE^Q-Hne;xC9+1|r)S9S=yYUkc_!G5X+LL%*Hr8Q4nuv%-DsOme
z=kS9WI6RMaerv0Zl)muAyzHIWk(+{fQ@YR5TMk#DBrg?7b7tVWnF+`=^fR>FVnkV9
zI+E^*kgsuEcf$>sF)JFeNvX)pD}m8wh@=Ha|E~6)4MTCz@ol^Mz?hQ<R0l#jzcN2y
zWxs`4$!Y0)PwDd*Wi_+MOxPzMhB|Ilq(3}7yT=&dbEW-acDoYZ>TzKGSFJW5P8<pz
z|4(~Fw8=^NiL)fdXjku)bTy&;&8^b;s0Tvk&rw_5=nLt1Si5NRMXMU9w&Mr$)VV%=
zgEjsOrSt5VRIGY%0m81A)^&NH2fY2KLmw}le?J%nKl7#CA>0;vX+{0V>Uq#j5eT#Q
zaNT7g2oG1*Q&UBq`I^_@ue%=b(2_adcAT|!oQMXKJ3{Y{Q}0VuVAsbyilve1yF(kX
zX4R`oaMk-(EPixxKLfCmuj=s8ex>(T{Y?1Vxt)8(bUpNPrKk-s96TZqlYRa%Hp(w2
zK|kAGh;=mlXX<gQ=smd$AJnM_ZKsdmt=CJWF^<QKMKPE$kOb^darehvk7Q%TqM4Xx
z@!XzxAaGaddTBZQ7gEyKW7p>l!=6*4#=z4r7~yv=#=}`f*!*@0o`3LW`M9>#@Fae}
z%|Q%y>^NL{>7`D(ad01{zTetd5A%Be^*{Sq?`&%;K397ujPG4j>!sIBR<a5o9#-Gi
zikc6_J#|mqc&$~cb<7mpxIpw6VLYtdAN%I>Pvw?wJ;Q_LT4ITaeoPpGr5^ekfYmSv
zORgID4V-h!{hA;IS!O#g9-<m*T)9az%7r>=q=Rq!?`lD#^Qs^1vaDUEH(&S%^^Ebl
zk8+`;{AOaool0-Z>$^~8@fEf2ZC08~^oqw!-H?>}2=b-ln>g+5&?3s7m$(>08}B)=
zn_?G^Ha`U%a^EVY2|A};JVG3Wd8yBA-fTH#Lix+9k@M%R*z>VTsnycM8v&Dp5q8@G
zEJ|30)Tfp}t6SQx8Yef;+FR97Y5+WJggI+^R*l(9+X?j!`Q-lAs5=(k!BJTB+f~R+
zUxDQKXhi7(;jNAA>pD~x=3vvI?s{3=Mydbkp~o_t>!^+HHZ`o<S8mt9|0eN$?I^GN
zTwPWs)K!XGaUO`eKEOd!`-4ULanWY^j%Bvz&qf!ewC?1ZjwYBsmi|r-gx_Fq-@|=B
zqlOQ9Ic7qQSp7o>KYZYMg%XVz?&PLo#d;xYN42y+s<u^QG!YREUuQbe*4E~Ft)UaW
z&hrNsd-}egsVH|h^#X)f3bv@t_B!o;WBKT=Fb)BtM%e9p@ySO!P@0>C<k(0AXxBDO
z706GDMtXVQ9yjW&&O!8yXe`evf}vUo(RxkML3d{ylGE3sVC!ytQk)_W@5u`j|4r>Z
z8%Am(?V_>fZK%UuYZS6}w5oYP>sBI~Of~X3T!`ObAB9TXMw^dqJ;ymZgR=-^o@hUN
zwPcPNt4`ndj$5`k*@`dKUhn_sXg(|)tAjxfbx6mxudlZ8z~)Ni?2z9He7pgx)nSDP
zy3dK-#;T>)ak^L2!Is+pX`VWVEwfk~%<+5phhf2e$w-yYuU28jgVMQnu(y2v+Vxcv
zl-1A4!`g$Ydz}vsnBed{+Q%<Y>1l65vvwVAxUaiJbZ+<s;6}CA@c95*G$1-BPUFbV
zby)TLx0IS!0~g}a$L}9lc(m;+IV2}4xCxx(sCJu4@c(zE@8pr=(0*=Dp3uUD)8Ox@
z#-B?kAy7Si*?aserKj;AHp=xWoy6Y%NkL*_Vz2I*&GI{e{p*pU4tsf@qnl<!;KK0;
zjEcpw%zWf#J%MFQVln$?{^p8_PB!gD@l)%tgS(XB<I<~f^L<a_=?9eP=Lhe6<ghl_
z0lCx<lYgr8R(z^OT3vIh;UIR(ec_mL%^10_2cId>i8`x3JqVMSfo~3@W|#Pf*$D2g
z%Sv@Aru@57UG2^~QFH7m9RB!C`St7|Mqr8P$A=+UGV5;uR>L4Hxx#z{XGCg&;i*SZ
zWbq(yOYtLkV%xcSGPv{Gfu7KL!PjZ(%|87^`^&QPU=GrsvaHF~h|E<vsC9bB)C-Yw
zW0c;O66`T*AE-rDnG&E5`c-6)+IY`TPHy6~x2hpnAB?-il|;4R0T1=$$aKQd%}>#c
zzS?Wa<1%yDu=(WqR41$(#%h7juasuKZR<eY#?@H!N*?mw?@R5Y7R%);C$+VH{iV5P
z)GN(5@1*a2t5CT?=MjLY_!Y>=d=Ag8T7e~t<FR0N7(xPl;CZIY!L(~S9IkgAZQA^M
zW1Ow)Vx8SJy!O_C_J68VaK$+DO)S6LEW?b}U6fk$Y;SItc*8GvI`j(@uwqpvRxMqi
zG{r7W;hv8h%=0?#a<xWn(M0=@-_deIz`sW*H`{jC;d4<KN9wUhOpM2L`1`rKtqN`!
ztsa^=-d>wfxi$+q>+`Vnkocl;xKdr8M0pRzEO#B1=1KY+aD70}W_Jd|x!BKK;$fbT
zCMQAe?i;|tJ!(N}ZB%L<3ZHU~OV7CU#n?-<scROiv3=jR<D6wqPgG;8Xew3`xKP^f
z$oHXZu;Hz0C6rG@M8jUow&l2X@^!f3h9oD=!#3j6ZAxE|cXu<hB$eUO{yl-}?Wa?E
zTAI-^2!}uJmjxhHAA^+D1=z9o6YPB>1M}ol`xX>!t8%^e-V+tb{B^c`W86!ZjNF|E
z@X2SNVej^06u*>#l>6r)a;h&nzq8$fjF*=>UmrG_AK<j5t=0MG9p6)KM18f|>p#(a
zLwdl>wX~Yx<Pfp{#(HCddhC9z)xp9)p|$Gb0iP=@4nn0Pt)@EpC=`J|8SJA_iT4D^
zEx<~?Y;|;0*ADYyyvj-IB7@01ef4N=b#NkkqFFtL55bjvuF<vsuDnVuy-%CrX!2T{
z)wE~mm3=zD8tU<DnoQ~jrt>qmNHnZmXk*<U^mVr#?P_KRm$1bPqT!~kA{(*sv6ww0
z9TiTFrM_4H203lPkZ3qLjfO32@Z?_)$^lgWsE6?AZ|{P?lU5lA)qv6_qkj}>mC;vB
z!nEl#5%bGO@l4(yu=*is8OZ-)RYNWffmVF*;xZ)Ndn=Z0aV63^22-wA?=pYbim#Qv
zA#gQryzOSWuXSS;jHl#Y7kmR_rTRqO%{m0zJc*rx;BayDUWvm;r4fI25OS<_!Ht+=
zBQxuHoz9}>*w1nJL-FEn+<2XhHxm(!a16ncU403_YU~AJMU!Ymg82rHq}kC$d|3-x
z`u1?tkZRoWG@jU~+!6{}l7hskqOS#I8BfFTg*@0wD3YyfWU=mg)zG5)T$*>a*PiB<
z?pr;<4g#t6T?BXYiSVarap7)P%kfXuKEU1GP93w~8Ik|r%FQr9kCcbiq-}LJ(hF*x
z)*LiWcRS+bz7~|cXH?!_U4iw7M2`+}`XJGBo~uXAKkQ$qZ#`D8+yv`W)7zf7@+ZnA
z{r37M`@y8HCe&A{{XJX>KXr9(`l!L&%-oOPSor)zt%=e2Ili=ab4e;UQ%yUX8|rb<
zC4H$A%VN3Im>iaC>pyDLCOL!Qt=+uqFrltWxhorR+XCoCZ7sI$$ed_42Wai9?$L~Y
zPhDs-9aMU+_k+z=@Qn>h@Y5E#e3ahcpZN5xM%1omRBtRq-b-27`l+oiaD&IBFobD8
zKVP+(!=D~L{!n7Ddr;GG7V34G;Exb_o2*3LKe}K#yhje?`h*7~pig(oeBc-C!uI;L
zw7ni{h3V5TG4@jNeh*Cei5mQ^szJlIO7Gz5!sl|zzz2c8{kete%sJT4xLpaK>y_S`
z!zKs8VQt<e9zO6i-#~9geXZCs!w@iW@Nb8@dHbjVjB0%Th5ftRS`hc_YsJ2e8<b$d
zq&d**f)RH693{a1@dj+#>*%I45fKd+UO{2fnV3+8?H}5Y9ClXig7OG-5a!>^^R{mN
zZ~ni#?2E9ys*fqy&U%!sN<!>C5y*Vc)|t3Fyh7p-f1mpD^Ja6+P0q9#cc~8u>#+36
z6zKhJhn^c7EFX^T=KF79N+7jm4{Gh6h;*X%!y>i6r|!>hhf%&(V24RsXWvtL^#P8m
zpz0$xt%ZViblE=y8z4{kOi}8q6vvbHj+#1}8kA!#kLmEcN*<*6x*j#+5{@naK0}ep
zbMrxfdX80d!2a~%l-g2+By7T2j7dt<cg;;oZ*{%a5=U=MraGl3&>s`*ryP5l6lLQf
z&7NKIZ1ug@FTyHySo{s$U*I<38cdh_9Gz!NWv8y+fdLcx6d)ex_`5ze$miHASC`wr
zR?t;%zTPl>vR~iM;|IhOp4vHD{V|6RcQ#AghfJKKX*Jaj`nr1>r`1q{$N%#<i{(H>
zt{CS%9&PVcp}wUEdp>q>XX20%6>6_;ihAvgXxLK%u+MCk>wm?xpFe?Ri$Zb5V5C1T
zyF#su#)!Hjj+*p8jw9-A!|^^>NK>KqU*V_rA4G$rr`9@;pnkv78+xT$b?voxAwNIg
zVfW~K<*m4BF|yTR4^2Ny)zY7=!&`q^gEi^v@Sd$__Aa~_SBL%w{zE+$J$dq^!<zYN
zprm8N%RWa<leD&O+>OKPP)EN0LVedyJ#o3xHzcn9**&;h+$L!)#QHziz?B^AsoFR3
z+9q*?>WRA-MB-{?a4*+Pj+Flz|M58v*L@)OhyVK&Tq^fjG1nY>9Ic<4a8PWsGlMb3
z=9`I#MmC0E$?T?^ZbD3qQUhau0<aqEAgmat7&npNbxkm|TVdM|DRC{kI_vS#Mz#N3
zJ6eY9r^=LIs#hY?{wo<Nsfp@Mmohx@e3_HlNBU^vN2qt07Hz|!Dy=4&I0R``81#u3
zCI)FsqYNMY-B~=f4YgHeYJU)dudx-p?S%1<naEaiK#`egNd8S4vXo<S7@to^ezlYD
z8K=YTNy@lea(6*g25Wq;P$~P!`J!?OlGMGu2lckjm`+r~@V0Uj$1gI_ZcUlC_)U#a
z-v6lqh6A>419ZVuVL+w&swX#G6Bwo3G&!~v<@@d3Mv%s_V;xpLn}fVpD`B$NeE10B
zF*#Jdxl{>5g~{g4wbqaKpj^H;G##On`*Q2bV!1dfSBvHDp_`6C?RrmFSN9DeTQ#7_
zT2WoO+l7E!JIZ$(ZQda2I<gyvU1A135EdF}`{rDGIVwN0zh24Z;}M4GeJmfix#9GQ
z8q^<YMdjXuc5YyGhzgPwJ{C2&TpoZM)YcLAy;F&Ldw0*I@-1Ac)a1MAW924a|M(zS
zr(8&{{>N_hhM^BaCToo`x=ySY@~0eauOC%GUMnU<AaIgA5S{@yK$+!zD1X1+?hV6M
zV<A?qUW2^#n^5C&#p6vd?U&}MPXYYCI2ZdF4+MsWDc`wYT8Hg~rMtHQt9|cD6Y9i5
zuon&=sPTcAu2a_NO2clL?ENn6aB|EwL|XT5LaDqG`eDx9;mSHYAq)%dP)exojZN4$
zbdTE;5z%1r(_y}PPFL}235>Sxfr^JA*W@VYZFerleEFf#^MQ0;t(}h>j8NJy>8Z22
z1cho1xqW6)_9ZW_hus|P(J~}mI|H+0W09`4R^#rD@0$#$s%}L7UkrAxS+v3YeC<?U
zmuqtD?Cd^3bhme!Ax+czKiVo0Nk}9XhlrjkWdFhT^_0%)d}QaTFRYnAUyIC_OVD^m
z9%`i#Wq-(40xe!~`1viiu3_|($7S$Qk9Qr{BsnlXlS7o_$~pt~)Y&)=J!L}WJNx8b
z>j&%F8|&nAfj&QE=(4d0xL!Rrm!{9|IZ0)?+){)%*9-JJoAJQ0@DEmw<J)&tVxO&m
zf^?i*{+4nkJbn5!48>!7c3t8xog2ziC!J^SL$i%@mR4gqwjL9G(=q+JK2F^L$M5Ft
zjf<pnY_#veL7NYoTAs&8N$1sPbJ<GgXg4TVVX%KU_8hSj@)gVX9pya8C*1P-*kG@_
z?a(UJ4Y<574?PpnSus^QmXePdfczJVY#yuOOe0EO&Q$(wY6@=uDQkkIk>T{Ajd)oO
zzykjBAHqYkCSlMjfW2%QZvL6l`>tUZ8tmNG`)c1-Y?U9XnFRd}7B?!dod&&pJ^Ba?
zJN81WG`*+OXxOn8ax3n*6*o^kOCi>Qk_!1$jdZNtbP)er)nF&!dJ-qq<IhP~j8`9^
zqoFco#v-Mnh);9y!Yd!3)#mx3>iABq&sQGSy!o~p?S@PT#rT_X|MFS#c}C42A4Arb
z&m9I~PnotND{Z~}kfW!5DenE5{gmpZQ-TpL{XKm61AI^;LcO8T**#~_YL2bI!T&uh
z-{TGaY4F)S{~;neOBjNs9<(5Ae*>@@EeOj1EcG%~k2v)PPRr|?QQ@F%-o|Z($XEN%
ztwxl+@HEPl1S}G>Q=pSha@=oOif3chu;#|6k-cRwW3c%s+~#0>hf1)%RPB$QiO_yt
zV-31_zB!bfU$EJ6kk_;wg~e+B)cMfaxTz^_Qf0oN*7OpYg^YVeO)I{LS&?RbYBc+)
zeA_oo&D;@sON<gQ#%34~)xu~{ZsNuK{B~(<Bbi0h`CojARvR}V+}zbL+*i%`(q1}E
zXs<+G-X>HZ>wt2(zYFb0_MkLx1FFSMh)H_PnbF5!-GngAnJsP$w4?gZ8?b4=3GLdw
zgm0Tsv!eioJM7mN>gFGXMG^9C1k{w|Aa6@Gn!fG68PRpZgngS|LC!l(z}F^RbbT=V
zdK`&3FP~xQl3@JDJxZ+5w4)G(yXw%a)v(#sfu;kSut94I{GR_nur`mbGA|dkTzAw+
z<5$b|hc2`>RH9H@?j9kS6B!8e?HP{=@K-~g^*c79yrC6cTDeNo)_P<gw!V^s4Mrur
z=Tu!Oa$YS*{R!>+JJ4KXK*4JUxpo+j&^ZX7YX9a?-5WV5*j0~K?M%PNdgXzTx#0-x
zYxzj0>Y=xWD>tw{-hd68_rau1pQNj!74^F|V59s*xexR=26UH?^x5h2qm@wTv2x`7
zp%9f;Wz<|(j)Ip&O_uFw?(joMpt6qlmli^8e@DGxI3Wc7{W;{4){DF3?ajvadP>Z*
zv@VKmO)8o2yTX+4p>X+hEKt|irg!qN?)A#<<tgcsmPy^N0_2Eww!Il0ej(kVYG;m_
zP$T9k)UW&d2HC*(GkrI9YB=VEitlVf`77&C`o5`q9hSH8t>$gOdf(g8B$bKuH(;`#
zvW^bAu?UQugAg(DBL)=yxg2%P+K-3T@50%3tP&gEP{R3scPv1dc|CW7&#ep83*mJr
z-B9U52%m_E&MjZee>g=sr#qB`q{W#iJEWyCJJEKi4C!&v%EORe^RPB`o_aoaeh9ib
zS()EMnMltlL#=k5qq7aQTQZUG>ufZ7IVcf#clEsdC_ep%b;?ybpH9z$d>KV5``GzO
z$ggTdr*>0M`i}aF93<Sc90s(Y{$wcTM{3_CEw=>q;oWV^@o+{7j7PigUU#-NqAGVe
zo{+CC1R>>a9bCP%AZn;pF6~rF=lD6OvKp_kG!wDXG%43nYzac#<H|bKvQeG3FVu0I
zk><&eEti|^dSr#}&tqFEqT{n+XlOIHJkxo!3i(U#!*aPbA1};%JQ0zD+SL7(m>_D>
zk<=WQ&L5QC!Dn%fURh9pO$VCLp`NRBG}plJr$UsA5Ti#p?$TKvflJ4z|B#PD5$HQK
zN1=jzY(7)mIu++6c_`dH*ynl!(|sIYhfS{(Naw@ty{@0gXX=5`_>W*4=dmZn!;mYn
zQgrXwzZTLz7RT{*oA64Zbe?@uU6Z=nVS2w5c}}h)v>zx`rcLU~d$qDV!10fthA{Pf
zv+^&}dS-E+-1Th}s<&v%)(`soqinWpVtPj{yOo8gcKN|d*NhGR4=j?GtqF$L3b0i=
zA2zRh*4Ig-bF>9LwvRzxcfbBptt~eI{yt)wh-i4RIA*Apj>{HX9=Axxu?+@f$44Vo
zeqbpSDXS9^$_y-x1g9IYqjU%4pV+Hs;?~Kh(NI^1I!E1cs~dAC_TuHlL?nuCi&}fS
z*~JK*yBIUXb>W7Mc=^Q=y!Y8xIIUeb@B9jN+h0a@-d=ec{O8AFW{;b9lQ8qXg%GjW
zlU3`H{XaW!Q2Kr?Fnao%BiQ@bb!v!rJZ3Dp3!x*WR?5+VxOM(Cx%bGHm+|tpgE;<8
zcNF&YNon3T6r)5wJ`08ZCbf178ak8jM)I$e_R?xz{~hMX{thp^Q3>Ox$MMZK-^ktZ
zPd~uUSD!@Oub;$D@eEYZVl2LGNF%T^&zY%s`oU0mq7^%zi^F|S6k=zsG+o-UCr;s;
z<2BN>J%;=4dsdz{&(OtqI%SsQfUZ|CbU&5;e)tC75J~dMI;aha*fb?bG*!`x5B7?)
zY){;H?a<FV5z)DD!KqWH{-ySxxBm67?jq3o#b43=@WT)0zoI*H<_x;Jy5#Qk>C=$P
z4^yU0kv~K9<JN+*r8BTxz8H{#($A8W3kSA*QHG>2aRWy3aA~h5|J%ybF>7&=Ttkdk
zR2mAh6A@%}r=@Lw4iaK4Z+P_n&Xz4nn6XT$4K?MB&ycJ>(W@{b=h|pwi{3leV(&{1
zZo*aP;M#lScS65zFLLMhd}rgvBt)br-{TcqfSs!&yKfAgs6hJd32HNddaSL?#k`5~
zzx0D;84ICEDJekmO;&|-)PVG5Nhp$QTMb3p)>0()2&DF5-qD7NRkM&#tlXIjy+0Q(
zJg$fDDEVc#9^dJOc`t3n+B>br`kfKkG1178pZe@QU9|<#nERBnM1y`)iqeNeZ8n#v
zs73yqxyY2p6?CT_<F*-4g*X%($UtO21HXep+yHr6xk;j5`W&Kcp1ZcA`t{Y=Aeu~@
zos8#h>#l1;Xx(3ctP&*@qzFO$szp#+Hb+;30nfZrE{#Rw0sViiLX=pqEWUsG%qV=h
z%XYJL9{%C@&zLy~?AJ}cR@9W_q0mkZi=H>>5%RqO<zgai%%Avt-R2D_c;C?tA`b-4
zO+fsuKCr$|;;eieI#Q06FNtk67>gc@M~IE!p128<vqS0;O%mQ0(mRyqU>Q69Y!{l|
zEkwbVI*Vmz$pZm*#3OE|WfOsp*Oi_+P`{%H8{Vn6Gk(eC(-Hm41(@#LvsAmJauET&
zdb=O=#B^!fo%C5AO7}}sDox8O%V{x}YXHJ$dZ2n&wasbpynX@VV#44vMjfCsm)qoU
zM0r%B+-Bg`6T$Q2@Qa`IUMF1B1=Fqq6u#}CeB}8|z=E5+dwoaOu}T#FaVzTVe;Ak)
zhJ@G!R@+rymZ7E<`wFtu+A)E^m{cU(Wbc_<XXAIay-D-@izSG@!Fv48)>nn!&l0d`
zexNiK*R<}<L)IJh2zwv{3+#oV2Vp-tp#6;9{e+Y6Jk^YSn+l|D#P+^X@DMjr@6#i|
ze1o(L^>3viZ?_NTEMJCjdtql6_FdxUZu!a_`PeG>7pr<Sr7Aew&OHL4*LlORL)2r`
z`#bFJ+Xl3(no#-DI&2jednf6!?AKAfn&IvG+<=^y%jE#9-`r(LmX;L}5e;u`?`0z?
zB?ndZf{lK9WaO+x+|<4%2b2+-&xdVXN03=uYv_FqKw*6GT13Af^;n+^JNT^K&sZ{F
zH;~Tz_ekgcmd(yf(_fL1goM{@M>f55Dac(6L?=j}xAh&JRmcvHMUF+edi`z-_9khM
ztV(Y=l#ireW}?Dg*$W}kIrBQ{oVmv}iB1@E6Oi<Lm0HTS_#)=HKO!SKz`;4XH5bO~
z7lW+KP#9xVQ6kN8${TxoEwjdLskm=xiR}k+rO&6#JBjQU<)voxI+W9OvS0J&nvO%8
zkp8N4d^KSXmMvFnymysL$5|T3=jh@=$mj?Ev*&qWS3S0-<)N}a(<Tw&%GH0Crw+-_
zMOoCKX^XRCbNlE2{ne-GJ0%@Q|EUm$20LdylcKQXmzKxy7A%&N>*sq4r`H}-&d%5U
zW-dX(9hMJrcIz$&`|Hs_#*b6dG5wzlu=S9=vqnGZ+;8liRa9I}+V6qj76=yHB}hon
z;K40ukfw2W2=49<2~Kc#ZCrx{CqUCUB*ER?&d$s^^UXW+-kkfdE_y9kt9S2R^;GSu
zNB+MA=R@<m=t&)9><OoebJN97{64?Q#wIUnd$in88rZ4w>IZh-2BlyR&9}(3Z0M|b
zztpoLu~pAkH18eqVW*{6`l`*^mw)3nB&uq?`k?>zaZj=kTRmmW5C6uAZGb_nrc1ke
zDGc(+JF_!D?(SiWhP~jEV=9PXF658mD~zRCBF^eVudwB5$zMs^xZIA@%7hkGNcqqS
zO<t&>#|2y>o_65qef^2}qHmG??Q9=LzU$612eI+7Zy~oQU1LfF73Rv<o&0bfvA;nd
z5HVfbxFY|W6Z5=Jx62b1qnP>P4Ee5g;c#H^Kcz;A!K*)yNhf}uK$6~7Vb^Z$rafOP
zO>#4qtN!VNg>J9#&9jtU(1$atb8J2{0g#Y163)WU_+9OIa`;RRXEu2)iEnWD5hME2
zo?S)|m*h(zH0+xL<if|36uV29vddGFIJfxxA%omo1k7@>e*eAZqpt%yEJ=QAR^#e4
z^m9f=#!}>Y>RaPCp63?PB;4pkI-f-26n{K^F4?%MX=#_ZiBL>j3?b5Ea?7h|=xQ8}
zGnL(9fdO*I=F80`h3<~Ijw8i|f_P5m{WRRwm;~zTB^-%VPV+XSpP$v}eNxjJ)^cdT
zOatUSxw5bJ?b#4&zL_R~(yNxcISf3K56tdwrGw?nsWtdTS<2&wi-!F_SI|iWyM?K^
zloE%NDsz5W!@03|tqLVo8JI0NSxxqLw)Id;r1nz}?01XI*{_$W#qN$IHK;BCawK+y
z;><xvP60V{m}ghe&eYhHOSf74X>A<mvqVx~h$Eav`eMOiu9GX4+)`@$B^WZIqPP-9
zJdr_YIDZfL@N~%iJ-sa*;CsgO<JPY~A?g(_(^yJ7Ss!8CrXa~4X+sd5?9lz2?lqpf
z-zkL&`x0xg9s*IMV~J0r90d%l@8>Rjt*#YFuh3be(y;Brq@QP@e$9@K-Z)9k$7oDd
z+R<k~GVqk(N*26ida=JG@kv9tH>G6$4Ll2lY&XKl&E>IFw}K}txRp%a6Vc$#iWR|(
zeMbmjbUsu)?<KQrF~5J^stKp@36J+8nO)Sm&lxdwmc=wJ^gA6DH!Z>BlqdeDN>u?1
zub3gl%4nh<MjKp>dsp0VV|$^e4;U0WAp}<!*xi?JU?_%HRo#*L!L;t5Jx_iDLce>2
zGJAdKeOCf-EX_l_M-8VtSxT0Q)l;xGf+_DyK>gGX?_0w0HZyAk+IMHaqeId}qZ`YO
zyLcD4#xB9Pwyg`!v<SHOc;-Z^WGanK>heUQ_A5j(P)7xKle8GPikyn-IAOC6J*EwU
zij1J^4Pu!?aX5|r@(<aOMGU<-*Iyp1cdCfze2er4+>JdySRK^?=ZjAg@{8U1&%vvL
z_JOkZI2TQgtHR2SXC|!awzYzg1Nnu={32)ewcOc|BHfHcI96{QZpOSnz0<~kj$!xF
z4mYC_IIv9ScH+oMNIc^{OvcAQS_)W#zS|aWu<~uk$%zvE?bJWlCe%a;KS%kDU7{$(
z$R1Gi_BCfp{H!uePw$4}O2|kHRk<F~4NK&8On6C<qo)lA-i^CNO=(q9kPzL_!xu>j
zf2n(Q_mco_InzOAWI6B|Jq#YyL!K+!Ki5(YM_lW<UF4iS;-xT2Z6-??dA0vuBU?Og
z*u9C+ocb*|49>Q}$TJTwLA{0)#nn`Hx=g%8$J7R+(QmE|-e^^zzD6>$QJGtxNof`c
zo7HOFdi!&XQkZ5g#RNK!xTuoYhf_F|w#=PQ9{P@ESPwkXDf6Euk(G;2&z|N`8|{(l
zk~PV%`e_PkRDhs&g2$<7fO8rsOE;&EpFR89=WSyr%&7IY`TK?s_rP<Ns1({8qFahB
z&#W(fH^(n3JO>rwE?H|m$k>xgvpr)IY}j*l^WbCrqMv`Gj358CRym@`zm?vBI#mAo
z0NG#y-Q$*`zYHZG*UlrBVN*#c&duA$<_%1DXK9P_x1qSD7X}~cA}Q`giuY)Z4~8RU
zY(Uj_hYIJ>cs>7Rfhc1CLfnn(1Yu-@JIjV68`hEGfk^%Ffyw|)w=ji{hr+e{mx76%
zBrN-g1|ckuLWFTuJ_yexCnQSzu384&v)?ay-aP}I+<$Q|iG!c}^$R`t@s!x4m~G%&
zHj)^>8pqk`^ZwE8uw#h<bSJpv@lg4<8(GCFbr94E5t6tz^H7?(-#<ss7;{ne;{jPn
zb56Oe1_FO_ux1#e@p48+LPi#=(jxa}?{+!v{WM?m)nxI>_pyxHL*6PRgAnUS1?XW}
zD*1ZBl<>q5DgpO*!2J3W>tFiQ)9`12@G2y{#3X;*LW<Quc&rI#$5w$!nU)gs`B#P>
zr5%G7Ouu2pzXoC^UAvsNtpjZ(WW^9wStPnrxP$}}a838bWH2yaImOfQ)}u(69ZL0d
z2rWE(N-!m6G(NcH!GHa_4sYFAEkjn{Do{N$UbvnEZGHng3!K>bG5Z!FOZUY>c|_m%
z6$dUwcJ)#LhHP&#?~6%YbA_hypu8I?NT`0b1pbj+(D({pPAOt7=SN_>!{nz888|np
zWzDQArd7$diXvuShCCuIeTk&!9RG#&oL@kvtZ+(L)4H2FkJ@A<wzrnfDRyjA?hkz+
zl=RFcTf45N?Tr-H%jZP8C4P6r>jzd_EpI1p<jP%$1Hygj;HTLre$dg7>;Szn`O`?D
zrULGl_dvSAT`YIci;L&hf%JJmNS%FCsEO2T6%>U(0v5j)%Z(d*f3l)#A|d;1qNMkt
zb3Ev4P(|ZULvA<>cQ)@A^0vqZNbK8`zL=gD>XHk+gPPV72VGHb-ZDQc^omNrCAEA_
zStykVnK~A&8e6YZrmJ3MVUOdAA_4Wa4=ITkGq0vu)51joLEsN6&uUO5hyA|KV|Jq-
zPQOUFB)!nrKCQh^LvMIh?Rf?`e07YYO?HhW_%XVt{J9UnL0>OI=G08Z!uTsvs@Ny#
z(mRsfy)a#D;{XA9WiKo_AepuOb7hH>@-wYH2gqbC+S;4sKl<J@{Il4b2A4v$GGKMY
z{N*Tw%#vz#3h&Ttw<89{2|ixL53}M8#VY#h#>L!NG`DZ}N(B7ncB-WTu})&Zvi{Nd
zi~qyCCR<EY@-1!Pu`6Qt$-D1WcEoMlwn7fm-Cfe!RF<k2T>MNzn;GW*x$CnSV8cXH
zVtbzxv-t)b6Eb)kl?r5`E5%72^V#skkG}w3@m$f|xsC_?HbTgVtU3Yo{G{CIUpab?
z9kGWCudbIMm?JcEGK>HdAk)~EK&FctUQ*Rwr-yMcyx}DL2=H%*uvB99uT#8F_I;;^
zyDRpfJwav9i_>|nGMYA891}iHSvjW}A2P)cLy(scQLI2qw)j-b0D>WU2^%Za_<RRI
z47Xu`RZMD`NsNzL^bLHcfi&omn|-IIZ7lC-rFx?DfJ?4$(MZXasfyrzapr>AorPum
zfPl-uh=29d-tRTwkBj;;^|A8J!D=v;BOKvzn|RoJWB~6l{+9B3wM1=Iuj|Bq&N&B-
zd{ftrh(CQ#`Eg5(4-O*^M`F1fjum(?tY>RtZ#gwAPm8t_=+@P^^FCUmZGT`SDVLA$
z{D9U?Lx<#$(0dUXPl{ld7G%(nf2vChp2?LsUz@$yp?JAlz*#r10*G_}lgwf9@(=!E
zoP*u{hD7B;k3cTV56x5>U^XvA4{9YvfNzk*<F_(7W9II^+j!h~v1vu$$aRK=F3<<0
zI(1RNQ@p>Ues-EA+dG`Zl5}{&x}LZnfJTAZ%ncu9cI)r5goB&uCEWB{>|P;DH5<+A
zu^oHIa@W_(lw@iazxz`Od9&b44Bv}vR0`h%R6IZ@(ZiCAhH^|YavZ~=^u4PMVpWDW
zTUCd~E`xqpxR<Jm8kYOc3zeGJ#G*XRk>orBVFu$JJ?}H&lfw9+0l*W&(AV0MEV6Mz
zkbe2L3rqcz)xm}Nhj3z^#%{JE@Z8adlFbxEK@m_;L6fMimRlyb%RH={2qCLCm!xe2
zKf;OmrF_F#kJBS%){~KT)e}A~>_Tgjq;ko4NfD7K$&a~prz^r^2OKC&B$;1qhEdP0
zE-pEDd{>7@g^h{cpAvvLcyVa#B!N_r0LDOL)mp0^nr(Y@|Lhh*8l`K6tk~mJdQj4f
zxEi!}?myU--ogG{nb#{3%YZ0B+s81tLL*Q&3tX$fT6}UFk^sgu4xb9SaI{D0cu$_P
z!9=Xko7yC$Jj#yCXWA;@EtH34m1EL;Y`T9=y*#JgKmhXcAb%iY4^*2jOXgfeb>-dt
z3ZoqLlXTl0C3bdk8Cu?%E~ZYR1hAzvexczyGZ72GZao+C8OaQF<BeGMBL{4S(m5-b
zN?W<n89906*93l|Z*sJ<$MsFm^>0YHuc#08*|&C=LXbcT1P&Oof3-|3?wBzvN?a^x
z2$7C|DITQw(O0LUo*T@_!3|E{ygTYjspocnbaZm+l_b&){=Y1rm)utPuj3mrMu5%z
zi%-|bhE5(4r+Ar6O&IL$%7+qKmVUNLlp~+VHG!EJJ`V4OxSSoe>?L0d$TfND`m1tQ
zj1uKG^--O)AnadT@H$Rpz_H#aMu?Yy*Q)JhFsCA$IN<(Dx1pWtKg^#I26~J{t^!RX
zPbinh;$h(<^PlVgrH!Nfnf%8(e2*{OW7;HqF8+yQ09K%65T4B{uqXiBAcg;?;RLNu
zMGY7%ff_x4J)Seq-_UiqP$l4CUQ6_!C=ZITsR67)ZXeE{iT#(RBBJZwgXDO9F?^Ep
zbN9*Z)oWME%EytLsIfY{S$G<L?f+lI$zL80_``SfUxQOrU;pv2_-qzH^Zq(Kj0J{f
z@F8C+=5tVOa%OjpO%uSS$ru?K8&f!xXwm(HtYI9MyR$C82PHdq0&mNIPP4y$a{d0B
z2bb_M)5R!+p@Cy+ogXKYJ1+RCL6>;ASbql!D$%zIA*l?CbM~!mx^Gd$nN<F>Q2l4q
z$wMM$dlu7p>v#PN<pxL+ZZJKvA+IHql7Q;}4Mb_uKm0vyZ%je04pFl(a7m-Txg_$3
zU~=~MV=<@MnVG^zj7;`EjwT%xVCR&VJMiDbgnJRCF<tD!h!CHr<qeb`QW|MRnO249
z+qy_d1OaTRf6mN*`*chrG;09BOuwX0+@K{Yj<b`K0YE~&h7ZaED8iIA8Pd4KHj5;G
z2_vV;d;Ht`3n2`|Uj~M1qpH3hFD53&!qT$mYSl09Plfqzn`Oa^5oK2S+7JD81S25r
zmE=7*+)3rOpU~2eTMyNd8_&yO?2nO(YLk@@1j}ih=Ido`l5V%>mNFY*uRazHW&`&4
z*Tzo?+Olo%j!CY>&6P<g$MutB%RK<3LaeQO-Bx`V&F%W`Sig(XhL!ZIWAN#FpY*@v
zwIdT06#O(qp8}*YksA+0Cp@*bv<w|hTZKR>9+J3wE?t3%-m)*z5?NQzDl(Gp!Zz~R
zRIU%FV)Ry8>#qFaowXnFe>2BaL7O&+BfyQ6PX^Y|+~59jYb$I<8Pa$eKX{O=um+{j
z<h(-20Ki=Rg(-T>VTKU63c~dU%uiO?_4o2ZfGjms1hYqu)lY`aPe=0me~+b#JuHp1
z67PnD&6u{1o5q-yA2*aBb9=V#9oMNv?gv~Levjs4gf9TpDkfY3=vZ?mplLpUV{{8-
zZbn=@ue<zv@R(T|1h>JU+!RM+uVEI9E&YRopX**LlpSJFL<oh7Wh_`vS{~uqgz%Iy
z{=bWDJTKjNUccS<yz1|-=~6$shzjmjU$<!(jUfz#jIN<B=#vn$_NIWTK4SD(87csW
z7T~V_NjAGNwz_%7!hayGc_(W2-xgn@tzX9*$n)XH<J6!5aVJ!)3eyrB`(L*b2i!`<
zc7<Q~-wes_5QiVFMK$DSd2)X(g(B@2RAcl%cVGa<ZtC+dassB{#dGnR7bBF0mHKy+
zrvLrpgWSn{WIg;*#sG^f1`}o|@0I%@py$Kv|BRM$rJwuX{Ip}HDWUY*?i-Rvn-Df#
za;eLId_(SG`mgKIpTB~-ISPs=0j=hYi#M*c`Sp-})_D>s2`;t2flTFzZZTn&K9II0
z%+LScUIoq%=zjwc<1%6G{emg?`0i8Mi^)$t|7}XRnd*&ViThHD(h^)cf433>w?&Kn
zH&+J!|MyGh|9%1Jfq!fN+e`n}8UJfb|K1t@Ya0LF8?@tp(1y1u3w|rNvt6xG@AruO
zB(Hj(i=;k99*(AQZtw1XZksMv5@#0qkj5eTI2sNByjb)(O4yNq-b#X8^ic(&DeI{_
znMs55x#xQ+!eJ${a(=vc!<w7jN%U(D>Tp%(m!bLwRAN;a!B_OVBA7%oe9f0xHZ7X}
z2(o$(J@7zYs$8bLxQFDStN)>{u_JDa<z_rM^^HYIbej$@l3A6CO;Vx*f-=vd8BF8t
zW$0dL5>eTeoq}Niu8mxBuCo@Qt!#IaCiF&j^<p~h`X=w?D2BtEOv1Co(*biC>;x~A
z%@3rztIM&UZ8Hq-YveLrT^?x<yYEBJaCQwoBY)f?QlGouHM6Oj3n}Z(GwE|4?E@+i
zaGcDU+NE9{?QKK>jsZ3|%Z`JMU#i}h8Oj%u`Y#ilY`NA89k#&xK9*Tr5Lb)6S#6;$
z7RO)StXbtjDQ%}b#fs4UymrLJk?0c73Dnx6Z!GV@ZqBKt*>N|nBZEfZyW#nEt(~Rp
znC(<DDF4IPey$5IV$f%pu{iE22CtjFW}XdU5j8LOi?#JDOy10r;a2Qgk6n55+h*2r
zzS`==)VQu>^=_&o&3<8(IGG28zWZVd(W-q-+uh)k5DSSe(4P0|VIo%*kumN=pvtb2
z=#Kf&CsPF*0h9Mbp$c<$E30=j=i@S?af*HSGOImWtGB15u0=>vmXw|IHRJ?~P@kak
zE|z3uYrzh#JR3{IWP7K_#hE&KG|uFRjur~*t97Fl_2FaqovY4|9Qa*r|87>m$@N!n
z*juyFm(dhLBzAUoj=WY-rhfq~0pkKrbm++s5?gq{k?EZF$D^dsuE<Kz>1TwBp+T`<
zc6j_yKT=tek!f5ZT9OfcCcw)jhOt|Y$uum}y-%8-VD}?*5eU+ZZ1vG}Gy_2ZE{(fy
zZh5z2Q;i}hf25&nI4J4C%1UpDRn*gCHm*kB_f642eT%UvjWV%JW#U@k>+w_*^vjS8
zkX#<?ljVW%bHS|DWa;C`k8KGbOJ=h$AT*=|#&%Rz!<kkI+&7*4BP%}~TNWf8%>(UB
z4o0<os7tT@BR7vr5w(A{0R43-vr#VzR<i$ESs?%pm$xXDo@t~p88%G}&J!1JD<Ipk
zVd|kB;ww?t&laK?WU?)nofm3iDYaQ>?+CR7SZ`8m)Q~IbqRIHu{XLGzQFu^pEqGt^
z^P8&y)PiK#m2nr1Ery>5qAWZ1I2fjt8TWw?Zm*0-tpn$eoOb-YvEM3cegk<CqlAHm
z4R-W6&yFZvV;gkQjLK7sA+q6TnZZfhi%gYCp{3X!5+!@pG@+*&GJl~vse#Tfe?2!z
zQNR#c_>QatA6l`KxW{&*R=}i<MoO7elqDHKZ~)^fMgIPHI^+J0hL3FQMJ2=B``~2)
zxJAj;(9PcO$2UYkHHapPte_YX_00;7KsMiqPKji7r674dAyH{ApZ<0Vov~;z`+!Sh
z&SOwhLbkc`GfutKrYd~vt=r-13S#}Q0oz20weFJiH1wVf-rwOf_2D0#T&7a#!%lI9
z81cYM!&l=HbQ9_;v#<t?498PL<!9=87_)g?URkGn@<Cd(nW%>=^<<`2MnB|<f>J{`
zaW`ohN^reg?WKnF%SHpf{aCdXbx_68scdLqCuw4pKCk20Xlr*4znPhExZ`4PZkjQ^
z(?3&D%N<B=|E*jj^eh3!Ez?L`Xvr;SU5LTIS1XUGx<Qny%10=_F_+!qsDW2uiuEOs
z2w`(v`gf*Lnp@t+PuKg4xG85Q&Vx@6yDGv{UM^Py2EG!ht%v(PRWbBTDpGU_o0j!l
zO4F=crMLuBtvc16jupg|4+>x+Qi-m$ojT~H9?xf0N9aw$*Rga1FDN2eWGd9%^dSKj
zJ|5*9j!9hfcCHb<U^U*Krc`sEm+%RyO>7re%w<2B+xre$zTMI(ch@@ju21$ZIftcy
z-Uw2Sk(BIH+pw>@h#(2ajW(jczrv1H!Z3FfJs2Ay70VaCU%>z>w_Q+*>sv=keRaSo
z(8VElrXJ40woUOll+B)wM#f`C<n?{1i`<dywM(Oih>;)VT5|;ous(Qe#(jQzBv6%a
z%da=DXP65(5}*&dY5R+Bg$whaP7zcM$CWUH%uf`sg2!!bRE@axt-PO%SBujDo6k1p
z8VX-rSiOYVyK+#pk3F{=9&!4v<-gs=Y%(4#**Vzd4kTD)XG=zRsbBYVFj=wtM-V2m
zW#+;h89R!lJSX~3ML-t+FCam*X_{hmAXaXWi;7VhDY+{}ACLFN3r@?kym>Jv#9_ez
z<nipYoMaaf4JCW`LU4}WFa8#@3H^dH(RmpY0R0!eMv!;Z`NrVpo^C@xtl(6eF)3T}
zpoPYr!OAyU;bY(jJ^4tLw6Z<(mrds33fUc`EwGUu(^&Bu8Z|;THkQK9VP!fZLaGhI
z@)ver22SKH$!30sWS$BczTb_JWx{>XOOP4SkLt7RNLGvE5HlfkCF(oJR%z?z;37QF
zP)!uxr`vZe!VNW7J&_P~d!ypYBVI$e7-DyUjsG2a@S%4l*LyVc%d2WyhrQ=iw8Ne)
zvG0WthNe1S*T0-tA^qV*{u!25moy1_eYDpe4+2FrXn(btl*StLUPoKccor4;7-k@#
zl0*<YCpZGs9rU<TjEe5x+uVpESC?>E>L-QgP~3T{tXU!$IVC;Fn{3+QFD<S<MD@+v
zgUs0+ecx&>`vudyzCtqDuIxOLAgIGLPN3~#M77jzqH-v^XI}<h8yXAPgufD=<aklC
zxXsxR1weP>qIb)Gp@oxV0jI3pY>b&M;9wIIa)tFr+H!>~nfqWacv-p?s@bc#)_5TY
zr;+D(U%LViGW;!AaQ|9$$Ntr~*XFi5t1l3r^x#3VBh>o|K%w?F<4Hl~&y9Zg@SAG<
zlGV`9<Qlo(dQ28#yN2OGLz!{Ev`B$a=duX0k}z?8XW4t#G>!6|pQUVGvRLz;)F;2V
z%Hb-0#`=3@_tn?R!Bx=P3-M@&l<Ca8vSLwxR+HDb+~A91kZCF2kIV+gV)fA{*9}hN
zB~j$Mi*;^_zRZTUD$*Wu3+c#HS#UGm?e}a5?(Y|g9G)CtAFYHK4!#PQbkU0fYY0PV
z0o9r)3jEwS;Y)c=TvEaSx;?mkKKylFwGroIh__yT6)is^(mg6d&F6)>3m^>v`Z9eH
zc*jMb_P5Wp$Rvv=vJJA&*)&BwjI&2Gc`y@le*5ByWPp-aDToK;|JdLJehua$nBvhb
zKs1mv5ZZ9qgR6Lh-MVT@rGO=?5l&JZRul3tz&3C7NqvFWWD&IrJ!PlHS+b5qs=EL7
zbmi{2ha|43G8f@Sp7vAk{R;eC{Z7T9z+YkA+wHwLtdnukiv>)qt-K(g8N^-zsfM!Z
z&|*S0O^Z_KyL-WJz6ybzkGy3*@6X&6Uns1-{w8T<|6F=crReh8?1-<^rZ4;(zr_L1
zww{^*tJ39Xwug8}Gvz%DivyD5(s>K3r&swwWUdu|YE+-~LHkqfn|KBt!gU%zw%~Sz
zjPhF*4o2qqw9nNax@H9hZ`wQ_%3jUT+e+<EiVaM8vt{l5%wX8X?ULBB9a@epqu|>k
zBrD@!f7LhP+FSroui6Wgof@j;%Ls3}6x3&<lnd_NXvA!hTGa>IiT@BV>}bgK`00o?
zX|#Mis-nC4WMlGrWsHLwHBkeP;L^P*g;^WT`wUKeu*IN6VKke<nN#{Ih`rQ>O^mds
zy?F^%xOJCP^!e9?@KvVLBgYcp1VKd~S7bu{d`#Ct$BfuVKD#DuT2~yS<dWyu4eJK8
zVd6=Fwu!^wW!?`8y{aeyzHZAO`sCZNS8>P@6dTh<RNsQuRD4uIrOoK6oV2fm7kK$G
zkjj%vp5~o+t}_3!_mXfH23&*4s{k9UN+%*oRnt9({M}6SZWDTq8RTVh$k$n3!-?X9
zZFLb#FFdPDd&!+!GLzD5B3+m~keb_!;xb0QOPaYOc9&q4n6gg2rDZEPe5FD0Ciem5
z!WR1v6ikQ|BjM_9hHzRXT%oPp@Uxj^^I5wvrV7PwR4WP8ukup64y4GUNtkzAz~3%1
z-q77lk5XD&|8{M`+Tj4g`9^?;fG^bZU1_!YsnCFKc6h3`Givjh)U`lKaBXFa!04K=
z+ySlx-q7yV>(wIc#YUY>!b$qveGHf8lxpx|@%rMp9>fQHtM?G4-A)$zk-*lXf=TT5
zca~|q7C3|uMSp5(3L%s0DA#xD{*E6FtF_IzePIv82re6muje3~<b-g9zdxUHUblan
zw-J5IBVPpGSM9aeyH)01w+i#afew<D2@9GC_?v1nmg#vQO74b9jCFYuiG?lPk7nhL
zPDC#n{{w$DuJOjQ6Nv1EJ96mfF?^%4Jz)AK9X6w<Ro_tIJXMDta>NFox^1JP`+MPY
zUEvA){GgikdrZ%FSP|1YSYPD!T&>_;k65K58^#wf1KLW))B^I<(S$|>$`RG|=fG(|
zltoQ<0$Ma2vhM{o%=4PmuuYoc`KTUxuPzJF?WC@}%txhc+8ds5_R7jz`WvOx+LL4H
z&V*%l&7^28)rE)4GAnaq-jyMVT=XcWRLUcB2@!&=44K9xth~8s8ct+%`-Ezznj@7b
z4a}ce@I{iG35FQ%np$;{cRmpoUC#W@?-D?3yxU38s38@I`k2$^NoB1?JFMppuJUPR
zhlslQwo5PY6WnTxABYT65fi<%TG6x>2323qzlmRc^O1n3tN48Pa9UvgdoYd1k@?(%
z)Z0kPxc!?p4$xX{k9<ma1@EQNmD5{P5*f+wU_OBTR~5B;6q!qC+vuxlBHnVezk2lg
zFL4jthi1TECcYO2V0LfNdG@Qs>&Yl=Lw44Lu8%>aOY6L-<QAS?I9lbixitkZ?u5B7
zN?IB&WQ45BcybLC_#Js>`Ko5lC9oPhPcb#R{y>~B-T?Kb!&i0>PS_e<?PxBH&>mR9
zPUZa9pmTGKn$j}l3w>usJ?%KC!Gtzxd_6x#$Pw=a_6atl9Xu*D?PHCF1xf3=ow+!g
zs(nVlw&^@mX_@A;1h$fDW>MFFP@V%O4ZC4P3G!3%>Y!+HcD@qaa{=1O(+1=u<4<AZ
z9;`D(5g&1jcoJe_{6c<}EZ7%1$mh1)Z02YOlFh1l0vmuNC)|Yi*t}D~y1P`lD6{<U
z#T)VXM6ZbQLFrdhy8Yp`+WEP=QTZh*UXoO>qI_hNfl%WCp^*e#Fj9UC+P>7wCIV_F
zEiSXZg8Xk*odTqLDutI}dTVsio5Hv~V2y@q$T|hHSmV-p3mpfBrBf#B_oH2vI*xCG
zA{V>Te}rPzL+D1c2%^4Pp}gg`6jv8P@bN#3&zzO0Bs9%=Y`&DGMs=8SWPZ)sfB5ZX
zG52gE88>@rR)DR!q8il`5(FkuEm80=EQ*yyawXGONMvvouso>y0&O)Qc!@4%QT45x
z8NyT)i)XT%9<x#Jw*+P7y*Gk~FFb@YL&E1a23dJ>c55WHnq>BVdrduxSCnHnk}Kp>
zlTY$W07z|AWWd~wIKC-=jrg}yUK8w<ttN8e?4GCJwQFOJ93rSP&{vWmX8c*gXLzN!
z3M@!9J+;w*4qfG_^pMv8#iEw6OA=R=Gu>z_{3J0!M^g_cA^cM*US?HwbL-tNxS-4h
z-euagc$Gg{Pa8CEr)CYWp#(9cg>`dGJ}JQK=dxxGBFalSW7Uil$jCqMcMX*8AJ~@K
zZtD>eBHxn2H1x|41v+pD*LQW!c|dDBo3STOA8RgSI_9*$hNi~*KAKr|a?>#S#;PjL
zERYmGR?&_1WAXTE;)^#Nk#+z5Bp5!|pyqkG2<YKaM7>BhkoD&JW{)cBUK4j4`<m;3
zxx00YTdw)y6gZs`#$2NmUdicxV<(h3x(X%S;_A@%ugr7R(pFS6?v)QIu~B|pUSr<z
zGWxx7!WyCPU-Mqc<6Z2&sHg+qhvLMPWuSucbI`Y|8E8&wavLGFXjZbjgmiGXb`}n9
zqHdVx%3Ca;2=yx1(uz`fdH)Unk{|HO8wBXmd4y>Ix@HPSkkj1!vSor^><Fbn&6IX0
zL2Lu-;m16TX;v`BS(B@7W8rPb8+%=j^JH#Pz5JA}`sQ~;Lro>UcCu1cf*+jab2+<2
z;NHd+Gxd}tbFjwAi}|Y4@<YJ;onJbSAZklZ6(7)Mf`MI?@OPKf1J6xEx+EUCFGb=X
zcEOeppF25upE)F0Efp6cq&XQS*w?2y%yM@&p;>7>Z_QRb(7nrU5KLaB-IR`a=An=l
z*0<%D#8LA#YnO(ObtGVtCV190Pe5vm3xsU%p7yMb`(4>g-JTl8u-<sEDx(FCsxRlN
zEL9n<X}M7X^RUKol*HE-?>{J@^POa%;_()@xh|C4)>7kczaG<oSony5%~^%k)s~C>
zRWMQuiSS<V$%Rc6*pW!wt#;~2X8SXO$&$$Nad`y|-g9=ggw1Y@R<G%r#`iWNEra1n
z1MFS7NCZk_k~X4lI4WF*RbI;NO1m26V-xa58s)tbZsz{{YNsJRMnV^2-AfWCC3jdS
zx>{Wk;suSq5w_;0!qKjEHZj`CwEU$qy2akO#N`V0b<fjzC12eQ*zTl~&N^lC-sRyg
zECu^^5TpI##9=|G&=Bo94@L!W^$mFEA2El|W%fjE?GQH2UKZFVhhIGMYHdDf^|WHr
zjbpvBe;Sy55#J)IYiVO?=R~n0v|_Q+^z%r1=6!CVG94k)U3?E{%z#<cGxA!>(l6`r
z<)(rfa$BC{!X|;|wO-}r!UmH50k5HUzG_x7@-N<s$$}Y2GIV{HTqf>Uj4rc%Y*xH_
zY0rA8@8peY28>;kD72>RH`)V2^-ZN!nt?<zql}B`3_neDSYhg{<&E1$mb2QN*We(1
z)sesi>^~<FmLF!%RJ@fvkn}2nki1M365kDnh^X}at3IpP;KnX#C(pOz#&qGd0_oFU
zG|(F_{=kPnbLc0Q;nba`LBF`CMOsOE+@38Ic`=|hva&?utk#z^#h~Aw$Z%Yt=hPh`
zu(yWFkodECxiOzncTpKbq5jPIAu?YL%k={*MQPWUB6=FcfYSy<<6GUR8l!%6i7@5_
zo#|MGIUkej0fX;)Ws+g^`VD!S&hFl*zq7rtCx!rZq}wG=FCh6uCB2SNG=K1WlYx8y
zs=1_C@w6yqX6TZetMP#tdqcxJREzn^I(k{`2OT%@V4btCq7@8z#D||VK?1YP{2p5V
z_nG{<Obpg&l@4EUnV;k7;<U4tO*=oAl{y)R$lybU(j{UNahvVxNI1}wJK4pt;2A3V
zV@2p`p|UuWAlqP|yryxVRSNdmBOHIVlnBCb*d06SVFelsALTY`f1tBM_0g-O#`nC}
z!MIJ;di|V=tMsKnQ?(?xLGRTw56{M&b3=$;->ywT*9y6b&HWNtfK!0L61$4mT~2)&
zj*|UHeF=6+o$xh&#l_*XlZKL4sx&D_n+PVUBfQ9#><0sfHl^N$7bAxxJa6I7peqZl
z`HH>%G1=Cl4Uc%!nU!p10)DY+o82{dMPu$eNG@rAw$$d3b!;R{T^>(K8rw5Pd~*gP
zy@EO4^Kflle{zBPH%ggwYaiz~f98NF+lwNuWS60b7gKI!{2!bj7eePF%JLXT?_xam
z<Z6v|Nq$2gLa(b*!#I_54h2lY>T36LrWSj1y#;Ns%fC}MIr5@wSWj2%2f^%C=R2?>
zT^{2G^dNJtv)yPf(N9(2Ei<+9LKG#Lc#*;V(`@QDGR@|E!!}5UD3+dmp79UutrVdJ
zIp=Ja9e(eSJt3^LTah`N*!!$1z4tGA8_TlplFRRLD-=1)GG}2n#E%r7kijS0GPUt3
zlA2>#LDyoQ+$xKn$*%H_*Da_-^9l#p<MyDfrUhRvIJ}MpgVC6N))od+aW{pfJlC};
z8@jQykhx+T=n@NY#R+B%c*m^@Dfb^Zla|fZq`{V<Q-0mA1yvDjlJ0a}Wmo(Md7b+L
z6T|;Gn_^Ib*@T1P|G4=+T3uhux>CfSzh&Z?ikn2Yee``^O6_bg)d%as_5rD!v$?Q0
zYNg`U`oWTJh;!HDwa0C?@S7i$^|;kxJzsy_HX^HQLp1{?L0lp)vl<&?YgbZzuV{it
zZl)MsGC#k}O8)h&7jGG>?K%9kD?VX)PmTa(Z#|l5hcznMMwCanQ-Ywn&oT;+c-ks=
zPEi^9MOB0BVes8M_G>-TU^uTEmM-Ps2WRGX-O|e+EZ7smDd9PKM=sLc9TP?eFD~Sn
zBMr7SE1hGQymoP&uyS+b*!$bd6MgH&=?8h(;~?(8+<=@yo>=j1dye>`*KrFX8YSEs
zV8=pNK&AB;ShAPx4gOY%;S3-Xp5vyPZ$jHhL{xe-yH-2XI81b`d(G<Tx0X|+S6zx4
zrFJJjo8PB$lU>riIXlC#UkwnVXcRIIl?#LlLTbP61lLx`U?Zcy?TSc{+tE1|)7b>m
zDemdc9X`Hw=MhlJ%tps2ZWV{V-s3XTtO5@tyaMV98m#*|jaA$#>n^@mrpS|GR$D>P
zr2#lC@sGs{1!tW&+nURei#MPdoh998#S)0?O-J1eYHZHTVl7%sE0AYeV5X)*Or<UZ
z<&;`8oZ@1u`c?{eY7fc0Wt_+6j7@62>drS@U<D;OvHY1GA-c+|jab)o$lSe^zS!|I
zYO59n>7tSu?R{R#*|uh%xfjt9ushMP^hq-<%%D?JSYYzRjGiTVi6<ZY<b-B!{|K{8
zhe_70_H<xbAmUPriXp)uC18WO@mwYa@?FpKp|fUdId{t#gQ{2cY%No_i`feXcdbWc
zr>nYuO+q1g1yq>lZv1*qSqYofYyB~~5#c`sf7~gE8SrSg`$=0$Ku24fbT4OSk3`s*
zL~!PD#rvmUK4tsEGaNEOKxPEdI;@o9E>SOdd4K!t^IP~-9`S>xX6&M0>4D_GE87H0
zkmy$Ss0N)Kn2acXsD@YV2H*8zLWoZgDik!+3ke}VlRDyq=g&SGe)>Vz!uf|}nS~p5
z{u>?I6mGWqB_WBWb0lxb@eBO?|7FWEzRJ(h@25KDxR7K&{4u6oflOju>+7Z;6cocG
zA2HwvsNsZIpNNSaxtpwgZyQx;joL6|1T&!p9v&(qhNokj|8cWAR#93_?#My>!g!23
zG%##T$j-+DCySVEU>Y^_CqEXk+FEGO58ut{_j)^c*?evFB}r&uUcPKS(-o3q4IFrI
z1fnNEvd-x{3ASQ(s>vC+>j?Bj3rM#oy|Hh>TKI8%TI<WVDwkc056L$m8{E7@C(On|
ztW3Av9E_6?-(Me4_DW5ll2&n8fXn5T`knEbLtF2HYoYBi51X=e_Y(;lks~928-tiz
zltrK~g`<;dPCbN8pUnSd)EkqLfs~qg4iInn^fYXTMIjCw-uEQ6)JaXdPEEK2A%bK_
z;1FB^!(R-{YuFeRv9Okgg_dp2DDP_h00JM*Ey>#KbY{hTbN1LFW(_{YmvYE^ycJ$g
zn!)=-1s?ST1&X>+<cm=WWO?oNClKj)TY?W1fL$e}(#HngO!;1JE%56GHkIEt(;j^9
zbh7Ys`>Siqg3b^%ITWTONDjT+Mh3ji#zVj9K_@c!o~EISE;$|Z!L84{Y9IwTp>Z?6
zI-GNEKphK|f!0-y_(e$Gb_xTLC@ECFhVKy8Npz`weB-8`**E*l2H%EyhUp3*K(92{
zMjoN=t~}n0vAG!yJX}yKtni86n5WHVEw9y5L!XM7DRNPaHK<u1?b{>YN!ANJd<%uw
z8FKOG5+WJz2o;jqU#nW#oTrCXWF|3<e-Mq<^VU3K7||}P!|hl)agz+?PZM~e+J>$q
zFCasT1c<^7icH}&QUaG|&TJ4-?ivLHU&z&pBl>DGre}B@bx}17Jo2a2dUx=>AwD}>
zBoCvcPga0Vv<bfl(~=!yh@}Q~L;n;_sh0QGx1!4a!j%Cf#nnYJtEsE!u(A`>a+=es
zGjII}`-oHAUa!PYD(4y8?A$fdUw>)E2g%*&P+(HI3-WalATy&3Q&lVZV#^ID+EmiP
z#%)nk)(<TOxFYRp(Z6|JY2B(WhG!!h8>OHc#LA~)04sw{Eo||Jauf}Ox4T2@HX4+S
z-D;NF)KiB%QaMkaEAObH1BzVsn&n5;mVb>cc^?FxDF@b~0LdCVoMOi9M^;PE$Xa8~
zIuawuu`Vf?B)ViyHFz{hb`Tc0(fA=oeBh|TY?mdT&yUcIeMBNcG!0qYlHs%2ivOGr
zZ98ERl~x8M_cRmtM#*&KPOqBYI>B*dUT>)5?YK_)q4GoMPOWQZCe?*0f5E-5Jl1|w
zPKkS4&}vc-$%Mfq?Wl(O65#++=z>-;`QA~d)1dEv8d={TBTH^#gnlhG);+K&n@8y#
z5L@r4LoU~>>Kpz(UF)fUjsDn<mUO33v-;bUh`&?a3n*qt>HMK803H(s)UuM-Wv72O
zvv^BmEF&mX_BJrjRZVX$IQ-%P9}u%<T5vMjF!qjU#ZOI>@@OL;MXBh8H&{3l6U;O1
zIUR%~D<q>(^KEJMT`!`Gyi!Qc$e2&*Wa;{*XY1wp!Ij79aP4Ph2v-w#D<Q~=lg8Yk
zf@~DOJ#R|6MtELvdfP{b0-N}UyUu~jkVI{o08A@Hx4Imcj>wwt;J!-h;LGN=l{x1+
z){!+-FQYwY0-!TLfD3AH3HsAOSvXO1bBKUirKoxo`}vNxvbQ~)V%d?S`r;!Q-960=
z+3!g2_V?H}Z4@WgeN{1Fr}KpH={CY9QuJFm^Ix29(Pyxt>gqi?C0i_YCNDO;(v#Zo
zEDs<J{E~m^lQ`n$00Z?!KaCn$Bc--AA2|OK{sO6V$`OBLO0<dVJ6YMlYTTs&&X&u=
z2dA2<#zrqeaSowOwi50{DlhfV=V|k)4wY(BJ-h}36&7@?^3uMglS7?-<f1@v)Tw&`
z*)~zY&@J1IjDl(rwWX;rCIkES3v}gl@`$KJ@->{D;FBb0lPI4{sLA?cO4aklFd^=D
z3&l8%yaQ=&LO~a#47Se+Mb)bd+_%XeD6W@dv!%-)2)sTGw*LfzXyWuQ@iHIAbvJE&
z1qWwrE1vGgsc-)pEuqQ7ji3gRfL~V_R&r}6T#Z^)u&_#csAKJtrW+EoTztj%-@)|^
zR?t9+mtW8x!v(qPc%)eyuID<YrA()b=&nVjVL*1#wQD+B;}po;V83ZAhfcMB<2ZfE
zFNv8N?R?>GEjoz;`BXULxA--L%j*UATH$z{RO3QHgZ();@llB;&<5E6CG3dXrxdvk
zFLU!}i@?$W&rsDi*P&=cdiZIp{U#37ksn)c96@EO6)#OMvctYYQmz3T9=tuqj(<Cc
ziGMU7uyhynbLG`o#;ww=_18*BW(m7O|5B<AQ`9ig+dVmzc&ZrbM>nFhvKn3Ml!tMo
z)Sa4F4^9({9)<!iji|gr+-5@!)@1Yb{Pm8f)s@U{X_eI{N<UIGX?z5RUxb10{XbFS
z=H(zVQ=z&mTlrG4L4Q9#(ah0kaEIm>;_oS)GoH?ZEpQ_x)!s{V8$ta8#Nb-6sD5?6
zcq<x<6aB>3*)~tt)*{nAxOe0J;VNT3b3W~8)Z6W#^X9{6o_)@Vd7AWBjZZ%5T&?Z$
zUy{X=%35Z|oR0MMH?di>D-4^QXS(0US>7&f$jL2aGOD@zd<S8XKhzwascm4DM1tee
zOXFUc?WP&}%nUi%&HD(h8;*fa6E=k>r}>@goyX6R*+|lV*vt=sF9HYdvxW5Brg|rY
z@To@i$#AXazHvoud>!|Ad<cYmETr&6@C}_&j#((O+=14Gm(9TTNE^?C2Z^k&M5kHn
zFLb21tw7n%{pwQ2=DBj0Ef{eBY9-C6J-_StAs$&p6OSL-GNINkGqIhr9bvIQwowLl
zYR$7I*I#|Sm=n+EHtCMB(izh#_zF?EU;D`IVs%oCOa9uroy#AC-<7F}!*G#bGHI99
zJS}awa?itohNST=o8{upi_jm6S%a0xv$b0O%3tCJ#+<)c?*2qWDnrt4SmV#KN|!{e
z<<RW-sWy;t6pTQNe<$K}@dy=d?F`S^=`T}ZY2tMyKZ#kqanfOI&+X4EXR^~4Sw+02
z;mY$0AZ<?x_+Uy18IqFtE=nTcQl(MxAgAwRs(^;UwbpWnuRSZotW~PLQ986x@dLdf
zP0rIHF;wB}QPxM?S`vXfAB9%~w(VyEwS1ykm^Q1OwU@6>gIw=}86C`RE$OFOt14{M
zg&hH5IH(RFxo)|=ZO&!8sl#?{QORSwkXsF_`mv;$HTmG<RDJR7+{d!gi#1B1gQG;}
z?%Jqnt8eOrgkuv64?9}9e&tGQYaeqg^R82Pxj|OI)u&KtHLd(r9G3c4UKF!{71v?u
zT~<ae656KFfp8YThEM(&`sD!+L0#p6JqXs}BsQ|@*&7W{dj3tQ(m6<Xrm-8UzLvtz
zUe}&Oy>esRFjxHBI@qPMg=hPH!fXfkW;MrH>YhB#)M#=1M9tE{tE~6br*+^7)3rru
zb@YcsmipTIPyJ6zNdGbeI5nGK1BV-(xylJ5TP}5d((<FAt{HnjhvHjT%X~8h((P8O
z8MV?>bBh|@a2K6o?~y@5c^6&HSuPjV;&y`9EHxOV3u_&aix?}7O*Es`;f(%fdWe$C
z7{Vpn>=7kNk>S-+SpcUzX#N5v_hnP?#4z;aplG>6tD6cIa78)YjXUkcvZjz(o`z>s
zx$+upw`q~0h|h_$TRwa-*52fyw4f<r!nc>x==nL%jevk*r3h<8h?EPIDcDr}I?$fU
zZLcTKb^B}Gc<QF)LZd^1C6;Q&djhR4ft-Fk6sx%>`j(!~0dek)Y|e{MS4Ipk&IX~4
zPwxDj8V(1;oLO288>N!VT!Qjx--Tu^E7Co_kN@U7e#AIrJ7L3hQ<yG((#v@jw_GeL
zWIR)984Tnv>8XwJV)`BT^-Jwn`V5b%nK_K-;-Rz~s;owqnl=h)$)-Py8sWV>C<xo~
zD<JUmk$V1or+jV>*4il*L&L(J5=!2u=m^HOny#qm4L2=!6<0!n;w`AFp~D!LNGDrM
zmFAlFg?k;FzPF|;Wph?`$5Ni#s8rB+Kl;dNRTg{W=f^2h%-T&yTM*`?e@ctVG`;%E
zq`n3w^(kMg($fi|hW$agHZ2C4mEOA|@eGAF|J|~goB&IEwcSaKBJ%FXr1aCS>b;Au
z*FVhfCiv^CFs=|&u`SJ2;JeX(?yXNWOiefGg3ETei*(J(O0=veDu+{8JhXptt8zB^
z99C9oy$?^U<&u>peQvSHxai0NLH_h}WI{on1lka6$hN8tu3pNap>4Wz9l5iESRq!>
zUEQQe+FV>>ol3B1H(gR<^B+IDV-cG(ua$n$CbpMRY3jQSSMG(iGz};|)`g?DkQVR3
ze0#ZU`iwn|^Z8t3v{}Xx)s*N69LT&c8F?5M{N{$%ep1kT1<Lf=sqPsiua!?##I&2w
z`85*gg<P$>`cNDr3gjw1{tT_KfB9=?6|U}c;+yZmyPhir7F_~nVa=fy_XzbxvBun2
z%dbcl8d3!`y6xyExW~5NL9p@LJJetYuYZ#)6=5BvnK_dtRak7J*(#kv+hb;WyI!|{
zt386~z3<rT*!te6#N*!UM&I~=h1H&$#P7VFgRR8QelJ*WBM&x1D4X(`9Q!b$s<HT`
zPV`L3{>`o7@@irHCj*$B?S+OSo5i9?#hEXN(xt<&?lU_13v8xeLQe3KnCit$O<Jx1
z0w$m(U7)GNGIYR|H_D<U>tx(drWP`4BcJ5TyCXcU*Y4r=)6c+g2<u8NXz`Y;n&Tex
zY&oldKvq&m1h%!rKLKx7x#uIcZVJgdt<}+XBYJH4y*T@jckjcKaxkYwnBDe2Yk@x{
zidapvx1&i}H#jf|qoe$CHbZ3Ayy!qFsEB+cqQ|$<RsPTuqd8}JQFwM%+Rgf^N?etm
z*Im0qR@=j<rtRsW#g!0@b(z@MdGWQV-3Y~UYez(+W^_N~fra}hGjp?gpf%r%G|7b=
zq%G0*?t<%pck49^U5(TGkw@;;hKKO&0=)+XubGVWuFm+Ju{64ln><D{PPL}*$!}n)
zg%CRuvxUW{GRbmuj0+RX-ZpzraUt<GH*`<}x8=CEEh<Rz)SvL_015A_b!E@8WBG%J
ziS5@aw6zZx-@~)g8%*pXSk@qiJagc-y_lwCuOLq((^osI^)6KOva;okT0Xx$vSE?r
zCNSk~he0Ug(KyfEQE5+Y2ueb|YLjQLacyM=VR>0)zMXWxhhj}jJ;Wy4^3K8FrVIZX
zGfFw;$FkxexIFn)Y0X9Zm8JqOIq$jo!@XKFWIW<2Bj@C(g*|dxNcO1f=2MoxUc`-B
znc5ZXG-gMaP*Nwzm9oR&w&Y^DcEzcxxvssuDz_{|olB@*^lZz$N?2rfVAu7i`6O~h
zN6S6@1bD&hlJH9ON?}f4BMIZq6jjblb4IgXYvyjHVZVmyKbhs7;Tq3OT#>MqAG8=q
zhr}?eqhs|@g7~%VQyWDf)#bSb1<SBo!dHg6KaJB($<K&B@U&d8-@R&V@Hq4@W6HCw
zFfxux=Pzw(lCRdZKDviR9xoS>WI9jdO#AvYCR1`9AT(M|t_uBHsf~;pYBM&yB;ITj
z%EtG7FtOFC;8oC<j*j?P{Ql16?cOWK%PqNX;kv5X`DzcT+q;U+agnK%hdGbhzgph&
zKb9v}eTJ+AxpcA>v|RAe`7x_aWVNELJ+|5?e#_s>CA90NcBDA7e7Q;QDR2_ML{jaM
zxeQSq!TTW5xXiW-TD4_vsI)sUHfksqo?Ud(u*&Wt09gwqUN^2Rev;EaTCH5x<W;Yy
z92RnQs<2&bkl=i()yX2$Tw6SXDrEVvTF0R5<)SfwPKS)skM9}zPcrY!t3J>RiHOE|
zM2g%J<aS=I*q1ffPM_DtS=Dwaf86Bhcx%_b@&>I|QE92TlOFpARC(fBc6Yr&X*(v2
za^@cY$q@4FNT}@XlR1JtIVH?T2qVJYF1rd%i5&(na(9I2_W?2xZus1~q_lC@<rGih
z@rdXHPTd!ZM?X$yKj&936eeLO%_9Xj$&V^=<LCN9+)gtro`#`2eUDvJ2H6LeLfe`}
z>83er@rBFwLWR;>=~UAe);BcFDTj(fSRAg*leVzx*`H4ybHS`4lg3>hqS>iqmq{(V
zND8TH+h|3K9ex|S6Bz7w0*bKt<A@1Qe#I#t9}J44(WEcjo0521fb9~qFIU5;53>uC
zTD&rNEtZ=kdyO<6*_2?le(P7h)jgvZFptL?V4Isw(OF*5Q-{iJ^Go*Y>)HJ)9*}t=
zB_l6r_V%U1l^RYXtI`-{SN%YYzUO!xo~P62i`$FG>Wxu0`|U|{!o9vuEIF{cByaz<
zL`->K+3K^y@Sj=c(~zE3D@BGKB<p*v{jWi|B<FXyH{bG18-#=jOfO(IPsX`3)+otO
z!dIYo=qpvid3Tv4yA2h!hyA?whni-?fJ){usU7HtaFGbx&f5;MeTSv#*%5BvuU*Dw
zewX)pUwB*nF225LFlcTX74EevIbs*gW;vYOxpLb0Y4or{@_k7uN%3~Zf6jZ>3wQy4
z1!c3ujm;?^J8iT*1K*n*UM%cH<PJYMXi*q%N%|Zj{Lf<Qt5(JD_jrF*<kNrqc(?TW
zxZyzBYj|krM0jBusEaGcAbS1oqpNFU#p6dcwX{`%YZTMfE=H?c^rq#j+|u3UL0go>
zT9x{zcS?#jkO`2&gKSRXlGcIu5qo-?iCF1O#?C+$IkaxarK}8t-^IDfwQ9K}M*3i@
z`eS|3OoP`1b@{T?NnD)rcV+WZ9Y$WO6_&Gx$@<nJ-ra$5wwVSE^}WhY*!Wns<yz62
zUDDhxIl+^1JO6Dc)5OvA@NBX5jqjP;#lr5~4k5&L$KGpy>!BhaG4fE;+KU0axYnS(
zTLeE=p?6HXXI*$GP|(|Uxns>a0=wQ+iKJYbdg9<&UBfR?igGjyDq7{0U{B3ak$_TR
zbw0WFbC=|filf~g$4G*|e&%hNyDEgFzkTC}q}e97^akrB*u=TxHkP7Xz`jEdmhSv>
z`uW9xR}^Hig86rqCHVLol}Hl5lEsO*?((txlO>QsPlZ=CW_=Z?Lc()`$9rwskvHGn
z)7s_twW^xhx=mzuOa6e_i@}))w><1=^+U`-D!W;OL#ti$7E<{nIFp}ZHZ%sdKyo$n
zV0`3!DZ*l#0hFC;jwx}FE}s~(xjR+xZ(uyyc=_ZYE50>c+y)LCB{7lzhrIU;Xlh&f
zhfzdD4`M@)AaK-!D2S*u0Rcq?rMFN*Q;?QW1wscKqDWEcy%R{GhYq0#h(IDG2_zH|
zB$AL&6CfeUKlgdwd+z<epWg59{<N~Pv-ZlY*=uHgGixT~&uqJ>2_--2^A3ph?a)`@
z%yLoO_qLxwDJZRPcM9K>`FW1AA#RV@gZHwT7-bRA@Ae657kfeFi)9*q`}X7zTF24v
z8e?lHD!XOn9OK&79@b(k)mog{Izxwh6^vY2i;f)%aeAOUUf4z_(DG^PGt#2y0WHgd
zJ7GC`S!=$t`~@gbjOq12?`?mOG>BM8dYSG0$_cqD4)0co59?M&%~m(@1lC?Qy<NsX
z_T?9h*{k02KMS=xhyZUMq!Jr)VjYfFO%odFlaB|~d}~+}<Vlab?~P)-G3PmhTTwHQ
zMbS!4KUAJ>I-RX^+Dv1JL$kna3GwFx&-@r9DtnHfXLGjHeIDP6aAobn+<<qsPeFe^
zd*F?zGBtSatoih1CrjGY7I%r){An8qNur_Ww$$}6D*rAM%2vHGSNpXtiB@5rz0zVG
zg;mm7FqH+{F9Asw{;NYS5gU1M{EpJrY<E1>-On)Hq%^WBnH<)Sql!s@Z6Z(uqEr@Z
zy0vp-=1dG}_=5P(AuPicNzKr)L^qy*xok6_AC%Fz2O4f@50H41PA9b&nh@(7^5FKM
zC3Z@T_tzOUu|N4K(>Nh?wW6uWZ!1dIc$4RfCL?0X3K+HUNh0~Xu5rwa<zrkpeOpOo
zo6Hp);OkCzP1<$z90ywFuI)LMXg_x*4YG1cPogk(tDvZ=J<4n}$j7lBBCU|ieVd*W
z6SlysZ~0>YbBpy~rdD)?g@uJx%X2p&QpiM=)nHatCkrGbB&0qLuyOnq)gYTg9$g|G
ztor-S6NNWVj@m?Dur=iVsML9?2KtIUR6!#QG1%xB-;oMmpMex^)54;OLKd%4o8<Zm
z#+{@}gh71~j)TK%0o-P8y?^-`#CBo|%Y0HJzVg|H$&(dM_G+`*x`M3})+$Ov)pduv
zi7Q8tqRC^6X<@H*ognYF-bWKP=-Zgi1IG;9K&0VyamFFj+qi<meMzkP@;jdt_m%<e
z#}Sf+#Eu`^tY2StU;6Qj4c)P_oDJ2xpL6C6lM45e)+$}F+`oPA!HTVMMBf~;K+Q9p
zaAB4-lwtJZ<7Bs~^6scU<E`w0MboEjH^xX~OakFGHuRNswC#{-M4-XV{m9OuMz%`G
zK&izvsH0-DM?+RB%z@LGNLW3pNr#|%=0pfPLNAj;AFOb~nb?#G!d$f7KpQ-`-7vUf
z@8E4m3GV7ak+4zUK9E6=gNQ<Lo$q?u^#i2sGO_UAUlzMKK8{#d=ggwGHnKe9x4G3}
z{AaaAa&oW{kBrS`QV%PLd-nwH+b+r^)Ty}qk;hWgQYy{j!LmFcVD312!ZkKmnhr4@
zPY|v>QnQ_YYcfBw+X%e^-a$R4g!~W+-ofSI6Ar`C1lIDZkx%ALJ=gs0H;x?7X&Y?&
zp2rM9b<IgAXiB%HQINGLn!G%k^>SO`BJ=4;=2IlJ#!<c=djtF--4yR?+ELWiyUL)j
z*)}RPGV&;L7HCafhX!4+rG`f0fgk!4$8z>zhNy8yqjULEF!x<SsGB+@eUN<pAL+B!
z`|$9YD|vry9(IsQlYno(HU+K3FmQ<@5@c%y5ir8t(RcKtdGd0We%$Z=R-6^`o+~OK
z|4tdUiG~+~=9wbXTNhr=QEJWa2N`C#!yIRZoAA@kGsdk8=zhweK7t{1q}sX)DG>);
z-6ffeKc^;w@L!=xu#lW+xW^Iu0T~-dRF0};&g884EtlN<y%|51(h31@JJ=|2o5#2m
zrLlQ#hJa2{%N0K%1}{2Q?$!OdMO?x%H^@f>C8c6n5Y>5ie8t`-WH_<KX>Jrq_<c2-
zz3Y)JaYMlVBw)h(>*=WMc3matY;{rX$n)Od6C<ZdJZ&wdz*tpIgu#nKPi;bT)Ed{2
zuULh&RolpVXcbUOTK2uVtuG1!SAM=1%dZ!ZvP2wkji*bWguBm51~z$&86ItD{LX<D
z<8=y(#0s#u)KPrEyA8x&x+5-el&AHP>vFA9gqOkPm1cmeUcjOG{Ik+B!xKuqELe){
z-ymt|1yL|j(@;6Y$a@qQSl#LLx;z?&S~VK)?d1H_nq>wYIsO8bd%GDGbfHQ&@B4eJ
z@djo+sFDRm#I|xezS5!7)Lm9mRPfxY2W32Y>EN-hGvf?FXjrnx?B-B-@&MwdD-Af3
z_ucY@O_MdWb7{BiXxbB)@lx6<ke=T*f>ED~s-W{ry2^jn!KL2aXKVjRNd$#SHkST1
zcRgY*s=q*2u%?mEvmZ^wHDi!xCKukXZX{~jk@q;+E_v{rlL+u_*jtr7h_y3$@KiQu
z^=~(IA7_;bui@!egyg9++u`}<tpY1<Asyk`Pidsj=dx2{=GqBCC-_gwih66eIvw(P
zDSE5Yoy*l`Fm@f*tH3m9wt2!25MOOFvMW%)wlDiynqnFAl5qsecxCkdn)HoxnhIr{
z|Jou2_I{fQ<8@_h|6$~RHM)NBdkTXp4*VB<`LF&LN8*lO`&Z+?F1ho%HUIVTU(E{t
z!`=U-m;I}&u;;@6KL%@|?CoyO<uJvl?A5@wuJJ}`+ErQE0k)^<T-0{nb%*93MpIK$
zbu3eJb92lso0D_eg8u7OtrWR&IcJA9f$Kv3$^utf3{@ciCg2O{^3>GRfGP*O?(S}w
zRpn<T$0!Ew$dMz@FSDBtU`xm$LUVIxcaZyR<aBG!%n8IoeRPPYE=)Rfa-I$G)Lx7Y
z@?=U8=v05&{^ry_#{~)(zeTJZ_}7~J>(YsQ^W^2&g#+Mq5z|m2vqbB}E0JlP&JCVO
zq5m#AG<6{3RF$JZ#t~O>fz;`;KQ;IL@6QD8_TA%ecapj_>355cM6{0Guj%B>hi$2e
z-W~kK({<5d<=BXGt1M$S1qu;666n1Vd6Aff40M=)+31dhEN4XU{~1R>C;FcW81Eds
zy0UC=tb1woD7L|GP8;crc8XxGm;-^?<B9?X7_Q4nDXFS*;~bb_#&ytibM5wrc#pcY
zEklDs@HV{HzQKJUj<s>OE-5DPYb!rfn$sZxw+mN(gK$+-cNMBu5xz)Yf(V0@PR(SF
z%%e2gqpCW!*D6h7>TTx84*vYR#RdWQ(t?afF1ONI_5hvmOb~t*c-d9<-;=Ef<ui8K
z{loa5!Zwq4d`!E38i?>`dnlrAn==zKhs#z0=aL0dk-jsn%k;KYNM~1QXUz_K%p&tH
zf!>~6K=8;p%g2Yh%KQ!6G{xqqpPru^hak>F1#@^ycMb{YTqZQJ%YcmN<>G#me?Qag
z=80EA2C`r8?04D~l+9mTo#Qgq_Sf81ud7yMYt&b(nF`EphhK|d1=9utX`OXzPxsdd
zTvv~nt{o_-lNwiT4>`NfRzL^H+;LA1ER+0a1qEKni(IhX`L$b%%U_XprX8tqj@~T`
zJ99UzwpxiDzA2(LX&JD4-L<;6N}x?4ZB66FP_I<XN<amoU%73+H;|&gWGAo_P&c3+
z(JoJ$6#n;o1son9?!G8GCv8J(bbNV5MJ4S>O_$6wXFq1JhjYws_2At-$F_)LKIQwb
zy%@qs#jULWb{S|$iNl-iJJTiBE48{3Q2qCRNG{;dkJ$ULe?{6_E5$MDin{vL9l;+K
zwbgB(t$7<!$c`0a-q5g;fPdK3!f0QTmp)`~{Enc2&B2Ii`Q`tfl-J?z9!1k1i#@SN
zSrmBnu!BHGeALVop+I)W%%PLu`>k8V{knjI6EifZ)|EK;x*)4Xz~8NApkpi{@1MWc
zmG<WNwe}5O4T$H%`<<Pi@4F<>Y_&qgbaM9`Gj@eqA*RpHs|E`E*r*#Q`5-xtc~+XO
z{=dWgO#1I(;*VcDQWIl^l5P9>oo||w@9b}Gh^*GZs@SEzBG5yY&IvTP|1V)y1FvU#
z2>kf=BsoIn|GjvNpLlTq_8}XA41F%Oy5@%<;ra_{jsMv|KL1~{es}!ZUR{g>!${zI
z@|Z(hncYEw>#<`ArvGa23s4^V_ggLSqUXe`hx_)rj_j?SCbupUh0M%vl<&Jcc=P(d
zw<7@oAwEC;Ly`Y!+>O0|_{{&^B_MX}!v8H(1O%*Zzj^Y{lm7R1v-#uyUk7tI#|3|O
z3SX81XBXFMjofii?^#fW)CKQ3M;crrW`@Nc8P7Y#`<bhh!W|mkxI{0yiU)IDIxZ83
z@4aWl*egjp`WXv{|J^?<_-*Pdn-+-4?#G%rD^<HxR(GxoW3-Jr7TlGp{k7<J^mcCA
z&b)h)^i8F$ct$pX9%DfpzLsh>e1s8k&0Y|BwF;eeD7A@epBw1=!&UaQ{U>chMFztH
z{K{p(ZdENHLqkPr^N1xF=DUmRh_auU9o~R??Fmy=popmEnc@GC!2c?rlxvsHmN!SR
z<tXA;1KCGLW<l;}FS5{5X4?n5m#Vu?&H_tbPj$miDV1i<0|lBx=N$_sy7X{m<8TJ|
zGtS-j$-JY-Z;z3lVdq%e?c9^e1vdVZPec^mo6iWyy?vxYQ+qs*D@9aa2KV|ZX%>=j
z(O>_JwZ0W|#synv_pR9sKxhnW3FVLc&*jGF%@@*5`P(qRKtARNQ&~mcR1y@nB+sWP
z!@!bak}pxE3KNG&W5`bvKwq==;$d%rD>}U@b>IZuAg74Vo%)j_(|5&Zl<z0cxu835
zAEP?Iho`!udh8PkUmt~B7qAMwSq%?c$R68OA)=qBXPvu?3=L-eic~oQ2f3e~UwlBD
z&I3hBCs@61CW!gE|05{`nw9y!mTzm=L2)(TTotYI<$}zx=KT-A6G(HIJ8G;cx=?iG
znayAGdBNo7b@3CH!vcufD7<)?yIrD2p2|*@ixu#JlVJ?ZJcjOK91tFz$6v*IJHJVC
zu8Ofl$uD=Ohoio0W~jPDs1#}H%$Hue5gJ%QaQwgsP5v`BeUUUvf6rR^5k{48ITidt
z!ZZ_Jif4@0UF{B^%RZT&9d<X&o`_c`&la34`dizO)9mQj`bB+i6|)j;plR9~$Ps>@
z52N>b!0$b{DOl6L9;*~QCaxiNruz5n-qHWOT|X=?9yt0#Uw)-(UwkJ9w0M4kS$35^
zyuW8+x2iUrQhOr4t>~?itmY=7F3&muVK$a;M7?P%qA6mo7IIl2wF9^i98%9R3FO&S
zgW|^JD$L0`zmpfppirwQwTT!FM~_^Oc#pxQ;BPfjufcOw^FA|tnQR`r6>S}?i`2th
zmNYf;_gJ!#cN$%9JFVvV3gqaDy$wawlXIc*WK&|yS_Q)vP&BFt|D<{9AD-!w@yG3M
zlF@23dHnVq8S?U9I*6r-Nz(RcekYr*>DcVwomE#~@5U%7E{;C0c5i#egD*2zNq%VD
z;$X^%{B>PyZT9mF$4{G?_=FsUSl;Ty$Ih9FJH^?rj8AK_w{FsaO%6wA4Xs->;eWLO
z$y!l3WSAsiGnINLr}DMEjpuCc14ic7=T=;;I}KPd;IzK`iH*LzTvmlYr2$Xfj)Zsj
zd#$8uiUEu@8X>uttJmteEA<+U;KX!vz1d)x+<QInmlV;8ddtg-_5+`t2#ZY{hZK5G
zZ-2kkI^HRXmWi4HheI$BsN=QS=)k53bIjqs?Ii2oY&t771z9f(@fz6>0%op22^(8%
zUAN>9Hcel}eG5pO#$7=z9#(}8_DKxC5^W}m@(ap?0d7h@LF+HwEJJW?Kcp||sD^E?
zu4GuF(ZCxH$F=sZY8_v&evC>U*~Hf_-=Qmt`@iN$Wf8epSq2eEUVa5k_--i*X`CIT
zppC~FD~P*K@q5LH1tq+?_LOr};aq1!&oFj?q@TVLREFT*^~+l+*B`z^Zr_1&o?U1s
zWg;ia(6|q7R>0?DrH@;gM6lTT^N7O2zdTwgFnI2u4PTiGiIINd6mat`_0#$S4i+Eu
z%<!yM=hF&3rc@Osm?~fTnH|4UAAxeE&MA`@+%P^9G=bTQDmD153T`G)f!vNMjX{KD
zXcr~ZBHvYW{lM;|%hn62kjV3e;@&ge;<LTs*n=Xcfn{}?SSRwJVrqLpw!2KsGG=oP
zp#;w3GLms12v!lNj%eLXtw%~gK|mL}M6A9}MM2*m*6_6(tJ=%2P}~FoDz>B(7|bc7
zd(Jo}f_Ja^4Pp#zh_wJ<)|x{%Cn>AQCVZ-?B4nHGtnOQ&0;Bsv+hVAxJG%vpYFacb
z%4uao=J>2<Go60ZiWZsF(!pIpDARbL&RIt-ea-#WIC!;hhZL?Wopze8E`1F$cYdnr
z(U5i+0K9iibA!vEJaydiV49APJEO+mRCQQkJO3Jqj%wGZ1T2iyDH)%0)`ANADLzk^
zzoJ*7k2PxoT5oQFM#9~4Pa?}bI2iSxP2z|s2kD6!$r)`0Iz*Fl4ChG|9~^h?(=Iqd
z0R3>$I_c=Ffwo)iylr4Oyw{#TAuTP52!|+<Q<GLQiwNlr-v!<CXP}}ZIj%bP@1~=N
zw0B@qnVRFn=-V-@zC&kK$~hj^_c!A|jB{<KK+hz3D^aIV-c#nNgq+f^5<t1hz;=uz
zpr1a-avA(X_788Hx84z(k75ZhFQ0mqOXS=-QyDKFv;-9u0jqy!!xw;5nsx3TB=7~O
zCRiUvQ$U+{us*>oa8@}Dgs@wW^;L}~&JN~Ghe>goJfF0s;~_GhY#nVY<b@O~MMU|g
z6=o{WfV2iiGDMg-$r5IOD9owjk&q43j^{;1<?w7sr^sR_<CCmH36DXuOORMREQchU
zeje_OInOqWIHf1A!pkfdj+fK{%;QPwoNRx78XaQ`8WFEC%vkWI;s=R!V_0?sn<i0)
zO!&^sodV5`5Z_Yh(XE`6LJmB}u?A~+rF8uOYGu6;L_o0yG|TfWP11v>x7%TPaAzyv
zg*4s!npkU+#EefM=8z#~*Dq-4Ys5ZQzs1DO>HK0j$wMuGoaB-3-|W!GLKCt@b;{C3
zkV%-S(g}3G=Z6ktJ|l;_X(NJPjdtGAv-7e>b3KY72Prn1=fg>Vs|?3<o}os{>2^}x
zdTS#GI&PC}N^b{;KZzB$U9iJ+L$|tfb+UHDR1$THe)lhBKKt9VIylM$<?OLUo8Vsc
zVZ?5FU%2Q2-|kq)du*!b86m0w@R7X_K?`4B_lf_b+28HU`24w;pZ--7eU$I>{2$np
zatD24k%#QsRuhcY=}P;y7j)D?14j>gkeu+&GAM6a0HLsxtr1UG*G;~2ntVX&sOPEb
z#}E|8v)}~`2^3LDI9I%my;Df7Qr$EtAs*M-u-BoAR+Vdv28gfc)W#15I{&6+`y7G<
zu0U!iLFbBh&R|YCJ>}?oz7T%rE^S{TBqQ9lbZX4~bN}49x|#s^=n-p_#%R36Q^vB^
zsC&6i+Qee5IVIq=a2F8~ZHd3W8FyOC^HqM%jV~es5&LUY*;*h~D|RQoHtY76H_=*S
zX>0iBWx2sT7{0i=pBY4Q^3n5pC)`B|icd$U{W#!d6Ip9Rcfqeyk2gnyCX7EVMLx2j
zko!csfUW(NEy7o%iRb<j08j2)Ni7u$=Qd$M;ZHBD-0j@E+m<wy_~c=u^iSR%=Vrx5
zDfhN_ak%o9@V4D6xQcmOCRDkIHv%H?e6+YJ(P6J%AAuo0zKa&u_O6O{k2_)bS3A`(
zJYX_~5_~^}Pt*}758H(By=Up=$E3u6q|@eGe|4_U@`*jEy^3BheNBNAe)O>xy38pK
zYJM*OY0n9~pQidk6~7_%Z<BN3`r*f{;qM}c>|ep(R63P(<D=2YPb0%dI#pijBo8MH
zcLvcZNTw_oOnbYtLTZQ3UT&xUp~bCVr=+iDlK2Z`?QCqHOt`c?V&)t(fWn(4N_N~W
zarL#<n%nGl**4}MUlr$Uwun1Dn){vI9o`D%lYfN+lgoRwW5zaVtJkG&S%@~-nJqq1
zQ6i-Wtnke;du40@4O(8buaVuE#mXw6`4R%lo!b3ey15%#1@v=LKOz;rJz@B)Sic<6
z?v%SLfWKW(#ks1)U`YgoM-E2P)apO@<;`j}6TE~7tH^noc3=6Vq<Bef`;n5!{WXoS
zU@_v7TVKDanI}Pv5<PGLcWg-Hj$8%o)%}Hut)vIRULH$gmX8R16s5gj*&wROY2r%o
z+rG+CpZAm~@}IGpQ(-vEk`tC4^N;P#RN#4^BwipTGb*$%Ia!zV<F&*1ycEH~X;#dR
z)CUiJ&B(j^<X#h;_BA*@QKE9~T{|CJ`-oE{s7h5f_BK^SJtg?0k;K%d!;@QE_+Oc!
z(qWPdoiRR2*n%JK_7j}Oo$0?yN0tjnxS;PEGtWshclW{A$$?D|OI%@*>G277q)r8}
z6okrxO`edSP`=B1Agc4EBc>e`%gPl^FZ`xrJa^uVP!&6KM5pWK9Z2$+N#?l|wfko0
zn3}jspCs!0ziC(hMo{5QA8T|Udur7{1yDwJ1o<+++s&^y;$s1w;k@UK*(^=xC=9eG
z$s<5WZ7py*s<C=vpkwAhtR^SS<Xi;j&=bkI0!v8vD`w2;5>fZ9tB#WzjH_kp&KKb@
z>xrR#Rj&VNasqB6WU~Dai;5Cvld=_R#i;DE!o(K2-)p*=%piVNO!cMfI3srj5`R-0
zJNO0|6Wv;wlrl1G&0>mWZ@==GdM2qUFGNVNwp#xDFiC?JUhx#=?G}yFJL(*U2X5ci
z;t@o*9%fI~fQyx%*h)9iYJ(fkAT*a|HFTPjG(`EwMg`9K()6*9psi_j$yayt!sMb3
zG-ivdR`Wehh$JNYZuJzKI~_E_zV<K+lVgvayH)%|04Hx0OtCYRevIE=ztV%XzOpW<
zMn8v-K<I5HS&2kE_&PYz{r9HSLOyP*>15gligXAkzGb$@S^s9qzO8W2FDlh#KN5Eu
z$KLl#4_Kl?$!C_EV&vTVf@DHr%h8_^9a+Bhdc92Tp&bgMS;8n;ic}_QV0O3GKJG2-
zsaoB!t7SFc5Cukrl$6Vw?6B{{axFnJ(l<w^4w_Q}Pmt$D?K&#DVK&R{W1ZQRcD&!k
z<}p&GWF2SdAF_v?>=;0u>RO+iE4RVb_(%;CQ{Ghgh)(|aK%A-i5ZvNuFnjPxljHf3
za*zu)M+|fbvJ#(8a>6NN+0k`I`gJR30oI{IH^rxLB8QgD%idD}n$-!Mz%3S)-gwQ9
zU7qe2P~c18$#4*5EslG!y~Oq<buB+M9owr+8=q#x&8`(*=6W}C^rf`uVFn$bw(fBy
z+4SX^khgY2*}r&N&YC89A^DbNmno3V&?d*b!789<jI2oJD&uB$nm2<gv>C~_Fh2cB
z?u&L<*@!(?cE~qAK>id<$`YJ?8>>-uXhhvvK`&%m`d4FzFaB#pKRi%DtvMGO!@X&;
z>PvzvF~cm&V#67t$BR*K-l&*=jSZsNZojz<9MbLxDo?M@DS4nUz7bX4LsL<}sdp)`
z?NNRn`=QIkCM`3RturHdI|>_-42JY;M74V-Y|dg@+I40mSK%njIj5M9e%#Sxe<ah1
z7@8tAlK5#wy#TQpoE5D7Y?AysSX(9HyKq8=Ey)SAGF{AWXRazDZczin_xd`+Ssl7C
z+?o4CW`~KJhY-pPZmUBeB;WO42#vLm$_@@nZ^VMDwxI{8^=0*o=jF(|9=HzuT-f4y
z0C2-ori1Sbbf%Wju2w#O+fmpGBeWd2*W|t_CK1vGyX{I;V?n5vKz0Z?&oW#7>eKwr
zV0ya~;DSN{AR^}8H<&`O4=V5*al2S`lC-fsN<=YZP#*Q{2FbOR2~-a3cEK<GwAw)r
z&XD^Rh29QSgn!;mivKoMsAn?qZF|*M4PSwq>@Rm{4#yX^2HBP_4a`g6UCSl>S{e}c
zbi2}*l>DPLpcPLXm=4a|RvRL%&MnUho3s^XAMu$UV~L(F;MTJCJ}e$^Q+Lf~M3SfC
z6>ynM&EVE4jeH0%msEMb;MkZ4hARaA)jnzv?Ca)Nc?Oy;7)@^MxQJ7ZZp>CiQ1{$y
zju<=Q_2p^5MwofEP1P2TIQn|@kB|Nr2K*zwi3d6bn<207d)1)DlAqX%_?W<X3GZVa
zS^iX!iIE)ka0Jm?yd`bsqLE^obsD?AA@u|tYTMDbPzSpUa+E!qKUQ>V?zUoJlE>bg
z562>{h3k{rHnmT65P-7_zCNbH_sNZV3YxI^ncL{cUa?m0Gn;q@kZHr#+61^<|6~Ps
zHVSPt$<03Whthw*g)4?kY*&{|dX*xVTj~@kfA6YE&r)GyjIt#*I+gPF!)b(uF@G2;
z#76O<`h0=6q&>KUi4tw-zv|<msA-?Vt24V=F88DF(VViSX{WNOaND#$p&Kc$yxAgV
z5ZvR>6y=N@wK_k|#l{+FyEnGq3rYO#7pK}AM6S5~Py^lSLH$7?C|7TVbg3d3h{%U2
zWW;w!#N4<=!&2UIcB6mW^ffP)hm1czsTES><pI*BS;z<V-aVSu(i)~g;~(?sNM2e>
z)uQ_N)}H;67Q)rd=20GZ*a*44;@W``|FPm)wUy@QwR_$2SfgG8D<KFz24Mr*iOyu@
zw3gta@|d5Ej^Ku9w3-l{={Vyq<=9qHl=2Lf)R!S|U{-{xCq|sPljh5;k1Sg;RlD~?
z1N3LjHMhQu#?2GPk!*mBhFwuF@zZU+)$;61t~Q4{*2>a(3()YW5l|Crar9yK=F(h4
zufzSKr)uyt(ly;Ek=4<mHw`9U10KCwJD;<ND`9ge)8Ff{AA-Id(6UFxeCLImMk5Gh
z<G|h*_{Mhj;CWgNnIK->W<ND=Zisj9&<y!l9@YAF8qYKIadJiSq{kb2bMY5G-B(dH
zt?)|qtzCus4%N)ME}a6_kpe&256PP1Hmf^}wDNB_BF}s)pkafZ*aU6}otx(X{SuQr
zDy`#0n~tBELMO#sDV@6x*%fecvBC=5=MnOs6}W;Pll&wJEvC(!@NVKDNX^#9v1-jp
z6lR|(+(j=aheol<zd;Ii8<tv}DGjwQfPx<9h_F7t-c=D<$7$)nt!=+B01rsD-k7O%
ztCtvS=qI`R9C@2cvuAC?JbH4h3$D#AsUF2K%^4M|z9A6SMPpu!t1|gRFr7U~-e~W{
z@A~S_pu)X=82gS_jcH6%6lD)Uo>recD>AmpW9FLTcUiH)+IwjI)J*!pr&LsQ%@-V?
z?IFslV%%W-J<_BkvdkAR95{oAD^2+99sYHmn_|t0YGAGez6PJm(Fb$Rm>#Zzy^@o}
zt&0)lmrLyE3LB=EJ+W;~gDLxLkV*UG9+J;iHfqst-Rt&CWqKu?Oy7Gvkatr7;04yd
z@^t=M6nKBkyktJZ`R2}I1o4Jn@iBE*;x(F4=%~Y?OE{+9cH_pk$G9RHt*xnB1q?qH
z>a+VFIBt;IJMq&es?)V1U#FujOZ0rZEcsG<&*u$<#@y=VV^NLi1=@D9BbjHc>R)HK
z8l#^lbyobnsxi#w1r{getb)2fiNY+qUR9D)YnhGH{EaJ;rytb-`W5%w^f5d}W8`|+
z!(W-V9jOkp<e*zENY%fiJo_JkbBSt(_Dc!=Y{n~`J`Px!&rXHU41p*ufN0h=WX`C*
zy{b&JYvxpETK<AfWtlkR%HQWDfB#wKL=kxsr)RR!7CCfTa+(*aiPqD%)~Jtvl6O|J
zwPna*vXXN&hnzoz4?s0V^g)H`+pC3-aMUGXo}OH*e)}o+>!F=M=vTUq9r;m0<EqlV
z$$qps$>M<3=0<xmPI?I#m=sYwrHup7KEJ_8uH$#yFx2q~LvyjV#j&In6%sgcDlhlo
zKf2nB=X!_FWXu+gWG^dr)!%s-XY`{SnE2MWchs0Bk#%=Ljf7e&h^AB$agS0Aod?E0
z1)Ak}?80%ax>xn53+jW7D<YeQQI4BuWQRuH9hBclk5KtBduXEL<*A3GQ;yP}OA&p^
zeg}g*6Wy<0Z%$r@J6Zm;acB2j!XaZx!;0)j@hI8oEq(&S@(87ns_!e$Vn`s`f@Y5K
zVH|NlHK0YzPjcBH6x^cr?mV7u(zh)Q*Cb_%L1n<R&PVmkQ*=mfc)R<?E<bbA75!9f
zsFN$4hQFi!EW5FZ_b`>Zaxav55wS;n^9jkR-o9kqy%brw_)uu5LPkpK*?#G<tX^q~
zvq^J5;e1&XI2!;zt9ZkjngRONg5FpcRRJR_S<CVabs0&m)i*cl<>Pimo|Q@3FTQo!
z6i)82OU(68Ziu0t0=m4?3d_wcArt&m+1Ab@8mt2<_N12&s8NBXm)Ow3(=Njv<&d`B
zzbXxyQEvs36er{hP8$tEea=JE4jEsBS!@0pgzvUa{`z2LS5(B6%cu&JU+MHukqTW9
zmdR;>>}=896{c^@?v4Oeu^L>=Ui%ncTNdkoidg9U;^P|MssHn>)6qv!d_<vb<fDe#
zS%*%Bze=EGiGk)%-kq=2emRiKp4nBBc;>EV)exb|Iy-o}9_w+n)Lk)T$@n$y+isjV
zKBCMBhnVrztj1+C`p)`#R-MKH>|?Xd)u<ntV$J>EUSospJ7S0PxnIu%h;N}stj6!u
zgZ=33TcW74uJ<2derT1mA-}SH(*}ztvP;)A%A>sVJ8h|CYieal@Y-*6**961EmeEJ
zO0nm2er<<a7`2140&mC%*QxGwq_N{zKTEcUI{^TsJ9<#$bYm^t4Y&%<BhArst^|7h
z+LVo=sc*yZ<EV1GyO_%~XXR0e8w?Hg`(U+95H!BwZP}{=_A#(DLH0DFKg@mMFPfGo
zY!n|4D6vTP0sv$t=8%k2(-cHZWtAvbLsx&;!9EadKeLbvyCj{+oYQI32lFljI-Rx<
zQvPwXffa&=iu>3i3VuOhkQtbXJbA~0_8j<dO-qr<tL|J=Q$?~<l1KwMjn&S2`3lnJ
z#R5Qw#!|;IZuRHAylQLb6+34B^wS;<XZu4iy1mi9st-zFwr4WAnb6{>U>G#LaN32b
zqZ#P>65Qcn%YMQQ)VpxP)#yJ#5_iM+zDmREoHyvgN?HP@ZSY;Yhx-Rl-1-}3(deSP
zhER09;UTS|jDEG{eT1mXq^l!mCh=jw=J`yCboiMv?b_gJfyw353Ni9UM!J~;OvS^^
z`C@H%E_}Ix3;0lT=3`h-jMhZO<)^-4wt2Ww#iNy3tY3!=7^SLJ@D#G@k7Jte+HdtC
z--=u5&#<y7byEWkOC3{OHa=Vjs{vO@u%5kb)HDsM(ua7x<b8P;)8s&Y>!Fb4ESqT^
zrV0DQQl$Yn^2&T!I@U67FHQ^V7Iwep+_^v_>P3{-Pvl0(;@1g*mlwPSr*o!{FUh+$
zd>I}JHjqtXiJHxx#CJ6?LC$prFOUOdX>b!X-UpdE{p~gBGU(?AJX?G2VX~q~`<@!v
z2=`t0bZZPdB>a9e!_Qw_h;KCPqs>y^X!*<|oyX+2vEP5&$HDTh!p=^P!2EikEcg0?
zg`WYoV3W*F`19956eK6?ndF#n%#{4VQw7Z@J!k+C{-H?@4%cs}%+1~`Q>{L7ymaJ}
z-iR)|ZKU4WYx7K#-CfG5Y){GULrw|xNt^);!j~c5?AobfAkBq++y*v1)Hk}`@(c%v
zlbcSty~nIc&v6gaj3nlwaXq+6A5L?wDc~(SCN+hXC=3EhKb@mr$@$@sV?Eoo+@!yM
zu0NWPOYuFt$z$yZt4Eh8>F>pq$Ew{(Lm~;eM9m?u-85FJN%$*7kwPFm&sP$b#shb(
zPCSvhCK5V&m6|I%<@|0dk$Cb-MTbVWJx%%VVdvwhcigF_L5bpy#u|$T?#gVX(o)yk
z20KJF8dzk~lw?l3IM5L4Xfq`8hO%``^60b{G0-16)p-|iS5W#siJK>3{GzU`Ct{If
zefqh5u5RAyfPPxzt|_Lycu`%Ec|b$)c`tg1t4b8%sg7tln@V0?>@dNMUrm7=JC>Y6
zPC+T(VxE0IoxGxqJSnw}`84}6+`9imIbfE5?rU)6pv~%U)qjMLK&m|d9KquCXJwhz
zH*xSK&IRtu@-*<ZklXJB=$3`ovjTu{)3sz8&!O;{X`gKzs#9z{&Fu4<`(2N;`D%-@
zfhO{=_sjUh+Z|WKs*b92FExl%t#A33cXGcda|{SCQ}R<iD)!v;#%xRo8;T>~^HUm)
z(Jz;T+Ji&lwI_XHBx`W-vCgvd9b%yRG*+Lkhjp!^y<PcNX#3;x=N^*#un_?GCo+Cb
zNBpdb7(ClOtHNpKK#0lI?$+2*|GoS0=B9QV>+EA^fq+d{w@?f93r}OE3Ba3_>DB`J
z&Y-liYIGHM=gF&R{MR>ff^sfA#Jv$E*c&{>1K7z|5_NNPVIfUnzEtnk=!DkboQicF
z=W0T~B0+kASJ*~kUDcXteJ>2M1Bnub^$CY^rM#9a-vaHrXFsR*WiVHRiL2)qzJVs5
zr7B@nZ1bp@-zvSFJ?)AHCQD*<jWEU@$L#excf<*66aB|5+cfu9;hKpSmVuOIN-;*n
zc^(#t@^Y%XIU*j_u?o0f#MS*K=E#qa-F2kH2+Gc_=+TyqKgVG$O_V0V&mKocBB64Z
z#t+yXg)f2NV$g7(pSZooDauK-Nr0>AmDXBv)czrD%SqY36Z}9WFDKHNsb}3gu6m$#
zejgkkuZDEd*ag$3DZ-To-A@BR$JuqQ+>7>t{nBO*d)_E-LiZgiyad+F13qe9f&_>2
z9p!??Y9X840UYk7!GW_75x;!sAC>@}(%G-mF`-3|RD3)eX<K@d>(0^bFYb^ZK6NhI
z^fHs*ws-PODBx_F$Xj7IlclPv<gmwq&*!d?EKTMLhErz2Do@a?Qx?YgMVn)ZdF0Yn
z<9g7{ha(67%aW7Qt=XA}OM~RnxZlfue|W8p{^8+4p$hDq+<C0HT$ZulIK}D)K0pt;
z|KMYVf?u=oI?eIWgOp#jyF-G$Dz*bcZn;<P&{DX|PL|zjwjw}gz|s_}!SAQkHsU_f
zdaN!^1)e3~c4B`1R$4{1R?{)jszv035ApOG)8jYLEDGKgCdFGl(82r~K5|~`zU%7F
zYdU?}G*1F$)<NkLR?oM1J7-Up7>w&^IxSk2D-rh%5dVvfrpe}JX>w}O>|3OzG98>W
zufvFKnl+ZF=bv^12c9qu*(!i%q4VMMquNbO(Ms<swBgfiyfmaqp&1e~Gv9E{C!(^p
zMTp6bdMW=aJ?*&PH(2|dsTs=cKu9&I`GB_eujQ7p*i`e;2e5m|yA<uEHwTS|@m+_k
zD~2TNadm<16cu_Q7=Bjr1<I`;9NVy$Riu<3WBWr*c{j1{h~)TlKNacI-mkK6%1>bZ
z?vCfN`pC28yq&Q|AY=57Tkfqgjl@D&aInupsLCqZL~sCUN%EYFpc5u=87t__B`>VD
zC8*IFAs(h$g7>qM@9}Y$%z|=!>!+<mu1DqK@LU^ia;&D0dBkSx*x_SW@9nf8ddM;s
z6Y9tQ*=q_BCtmf5&dvW(VD?MYHs^%+*p#Kn_md9#Gj#DH&rNclusK7ud^s6Q<6(2P
zp8+%Oh33*b6u!weI2fBZ&A@NROlc)I2oZlxM-V7=2a&(}pRg-}1y8xopdZWUp7B?o
zu&J3d{l=n5=-8C_QOe4TaDmQ&^X+w5Dg39`@U-S7b%iNEUs-9h;8;~9;}{J>h~KiG
zdSL%FODFk*W2YxOrQrK`^=zp*?@wq*iVi-hBrdq$GMs3Qj18aRwntkJ?a@w&Yo}-c
zO1S)JI?LRA#fEUVCx%RVko*B_-%6%dt{sI`p4T=<Rs%;pHfT*x4=LD|8(rn@X3d6T
zt_kiPe*p8^(+F<ey^cGAto&;=6Jnz7VacF%i=uSA8Xz<!z_X(#95~m<H#`z_@4TcS
z{Ms*Y9Qdg5_nQjaOy-n_T9)<Tv%izSdyK=W9JJ^dW^p?eq70Y{>u)#~zrt%Q)^g3R
zK2^WPP32eJ6gC{WC6n5y{@C~JEen*!7j@*v$=jAsH342!vijz?@sNCjau&aK!R{P-
z|9FEo(KTJpbjssf4DUZNE>_pxJX!AzSwsj6K2iZ?ze#Z}I&yVT!D7g&L2nvo_Y@<R
zRz)Kjw^XiS#Ba4f`2#Y$7$B~8{kyWAP|R#~>9<(G{L!Q92TifjDK5aiz~2o`A;FHO
z<6H6u#y!Jrxg%!X`{7UH+nTD2b2FY%e=uMB-arCVS+f!zS`w2ziWV~jYp+5)MC=<E
ziR)5N&my*6@Agd{zG>>;nynkS`r958{#yeZRaUPUD!*BriV2fTwze7RG0ArdRN4H5
zWf0%=iO)?9%fC&yR?n52hpj69UJQm_G<s;B_c(*>J2u~uPnbzGDkF?L%dL+GgcFac
z{*MI^_ED-p)1+S8vGfP*A>cK#_*-n+`=iJU*s_?VRCKE6)pTc;C9lXxNlWTVb8rwU
zeJ`RopEvNA)|T#BEk5$8TA<9at&AlG2j_I+Jnrj8%6&=Cz@GJr3uLc-1D)P2WZZV3
zQJOjVQITosw~;>|4T<#Fk!FUJk5ZuPqDaDU9CDLRK9#4=Hi_uLsGKGem4_yrqFlc@
zzqJDYRK5Pv38%$-#pi7;X|XGL*GzwnX2XD!nfQpjgC=*%_MxZBs$|ZMW5RnXgT+p|
zW=Ho`S{qxAGNw<29m$N_indpf$k~Oe@two3x3VO?_Y8xh)+_>LhR>BMYUh;|!XDbZ
z?$BtixrciHN^1^>DPvWRIpD76pR*kS&KitQL5H_r2S+tri}`EZ1E{+Ca65Qcl4I7U
zEe<P1s}btZ|H4&c#@17oZUZQV8u>SkC4w=V)wR0UyJ<Abg0Xd1U!~I7KV#)BMkE@7
zJaUc3qAjm9-p05^U^J=iR~92dHx^&0ui`6_j1Y=izF(M%m_z&iuCT~;8{R-q9+7f%
zv(@3@`EBw1g=mZh-J~RREV+43@k1;9TdL`Ic3U9+%zw!fzkhM?_AjThoV9zXcT4fl
zbA%Xv#TpsQ2}x4w5AuwyuLM$$bTElWeAKRft;xI~4zLv?xCmRnUh++}ieV|kT!8~Y
zH%65|Ty^tnRlC90H`SoOG8hiMR3ptzu#c*7at-&Aa$$?a=Mn7&110C2N<iH7?|Y~v
zLFM9@3(K#6k%GPohqkb%pkab)D<8wms03o-$>(!;^UAR@11+m>lIEr!;k}=)lqG7q
z9XTL>r{|a|D@4EJvNhVq+W*%zw@5elGrb<m`SF9s6U~7a?v3QMR(v9>Zb2d8g7zH}
zO*dZV2FWN&l-q%=*)3X(C%DZ6o`NuhUZP$W<Q|5r&IHZrjSnxlWQZaNl77@Q;R5i|
zo2*vS@Fpr|2%g=zesopG;&A2C`^4+@M?>3sT$S6ue+;m*EnRe_>)bhfY_+(J?{jpO
zeU?!rnd70c`N1O#QkoM4Kph1Aickx3{xk!a)2>RBlV|Te^}r9rZD&7~HA*Zwq=~Ex
z)@~wtm&wT?njv=Ikgswp6MV|wk4@FwRPzV2?fCIcVIArCOlzDt9<%Hq+~3e}KR>Xh
z9Hw?|xnVE<e5ILb*zfVm*#Ol#^Fx~_AXfU?38QBpOY^x=!-CKMlO@OR%?E&di9*xo
z;gqFz7IPBrdnp-q#Ai=){QB2r=>Zcr?;9g7@$If3Se&KQgWSvJ`KX<5lY6On-$xtK
zv4@YXTQ%errR4jss7T^!@<`WoDv5#Lty)BA6<^&`g7S9dQr2;n(XV=6N)nrTBb?qi
ztXiijTrmmmp|p}6F^@xx=306+8{<^Nr`X9?znKCYN&c_A{)M&ScbC7`Cb6xX?5=5x
zMZcC45}z0X0+!{*?*v+9taJbPM=ExSE!=u|@a5-6W*br|S30f(?{nc#+yHFVJ=Zq<
zY%`(^-aYkg(2eCc!!*{9YA~W-yrc0}-y6f;32wgmMm<jEWaND{^iv`qEyYm}hG6SO
zeF*WNOD}mB{0**No)uSMdp_`pDH`?cn;XYi1&-jmCFP%iW?Fj=c|I^5=S>|#ftGZs
zyFm&LsR&mS)<xS-TKb-MyB6_BWU^e(J5+yYow&K)Q;l$4Z7}#<f8RjuW$nl8U-{Mn
zvCfKqMbpEteFe)xHvEVI(>@0Yyh^EMifjdOMYOf7^KpfgGj!Xub>!zGLm-lK`TTgr
zh;&dKI=&mlk4(BwYkx|Zu_xbFuzx4}qZo1Lf`l`TC29k|c)teERcW_$<xF!m`3`Xg
z_&42|xsKbny~=0d#jgOsX^Saf=X1^AHh##bTD5<HLH)UN(m8mIsK~D(adH*0tqgu4
zXu9+6G-9-bkYmspsIqY}zW;I+yGP_Lz_%Dfvu`B@g+o6#O(y=d?+mUN=HhJH3hq?C
zD$$Q(B=VD$nMGmVe*qBv;(xx?<64xIa8?tdjGV$IkQdoMP2+M}`ffV2wQ!>Md#qmV
zFFIS)DQ=^dmVhnyDj?~4<>exjEoYP}xPSIR7^l91RqYcgInOf(PBy^*CakoEX)Iek
zNQXTzv4DEUyhM|5+{U(Hl?an_&c@7xl7WI)^8O?*6q~0v-}mRZRZEWeOjz4)uRc;Z
zo;EhZNlreR6Lf7b=J9yp+meYsZ04D<;Mi={Ahs-dGERmnJ=Am$Am*KcX>6?SmW*!1
zp8RR)#dPS8D3_s4*AFg!r@|mB-YRPn^kl2?om1jFwv7k(mR_`;0e))o_t0jU`4-V0
z#rF3N4oZ=|#|9ZPR|LVE>WaGA9SCMLn-K!@Vaih1?$Bx_Dj{oxEE(K;8z>(zRMDa4
z(zI^c3&unk2<mlKeb`kK?I!3{m_#?N2CLlQ;pNG{<A|1@7xLR5dkk-P|DfcX1**ew
z<`<T3VYD54Vxs;NKv`&YxVu=_c5`;XARzjSsC8b|CFSJ|!HJQ_fY__BkanqaA<*LZ
zQ^QvRXSTYq#2o+Mc4df2W5@yg`e2X(Z!EQ@qpIU)4B$~3&PCXg?R*DXyB%bin%8wC
z*<!jQ*>g|Q{CQo*)Ie(c#Ib_(32}v;F9#s6dnUqmLbaazNk5EWsX^ZLbE8vRvz~yM
zwa=o~@>kp5EMv?A;)CQA-KmqThrr*$Kcm%6kK&~R;U59-t)?q9jh)3B+{f>!-<$*m
zTMekEFB@>~^!cXtK+1A7@7o*&pKK2Iw`;v=q>}p<cc}8c$<eb5HA{a-d&|uNY~b|z
ztx)tl=-1!gzzWAEe!OSMmSywiRfz52drLzrNmE(q@{DBpbC)zoYs92WB0AWAmcff`
z2WCCl%;NZgl1vMqj|iXIXz2aS@$d{~|9L8*A)U5Y*q>zZeW%g5{VA*mXG88DVth3n
zW)tGg=b{4{I|?^_ZD~DD$j7<XU%8Ge8(f+#$|%C9MyVZzlMd0UkV-UauBVSs7%At%
z+oO(duOfmCHl96E(46Jfe>Ofh`0=eMWu1p1=+ER&EQo4X`!bma0oKe>QAQ`!(C`w&
zhX#3NjsqwTi}<>q-!+rzJlV8o_daeW@7OU3{##j2p*PaC->Qit=GW_kLN0}HrsB@-
z=AKew5LqMi-P2aiGY5xJ7_2$SqX);V3z=gy=F`2B9-C!DyoW^qX9t$5jSm653f(hG
z3+MCVZxq0%WShQ{*NUwyP%`UUr!<h2Yf|qivwp97@@_(3pF$+GU2?jB$xMe`dXHuv
zwEEzY-nb{*o%{L|$X~zMcX?YA2f=hdiVX?1t94z1n`a7tD#wmv(pp}AyDxi(_6T>b
zM%PF4OI8g6<&#$c$Z*a#BR~{BaHNl2P$0ui_l7_dliGI3?NwH*?>TM2JSH>TWX?Cn
zfF$_#+$F#&Mlim^r<A0F`Z>`srxA=+!AM#vu1s`)c`vgfeN`bKUpO5|BJ@*M+X_@j
z9+eSo7yayu=rrTWO@~*<kU=>~xNR@&Q%jLX>vj!J<Ohwu+3QUeRWoRQ0b|Rcg=|c2
z;kYod4dazQW~l+0jzWLDQJ*M#vZ3rvw==nYvY}sO%^Fmx7vgQ6VXxmx@?n54MHED2
zMr)z<*gDy6P1l5pHMh1Sk#2d_9UTMXE)1K^==YRBsJe%I-Z+6I3;&Ws9@6$33E1{_
zwggA`t!vQ>bO1dI+#*b7%-!P-O3X2<QQz?|RYKre%;tTi-2a>=c(K7hS1EQM_^O;2
zm{=(XG!7;*%=dc#Wyj}_P2QWCsCk<jwU{YU-2SGO1A0+Bvsi+OZgCjb2_Q)cZ)V8%
zEj|G^oGU!k+DaSyYGh~w@fUeGbF#YD6v*Z-+RmIKnW?P6Z)-Y|bRvy64W56nm0p&I
zf|=i}+=y4-7m9=a1pC0DF{`wq3aXKSD($F3cvOC)W=u;DUA&AgGQ6q(8TA9%-i=Fb
zIs>YIJSU{~yUIL7=v{Y}@%PzkV^VrLOvO1H@}7@F^e%Z<oP&%4LO+xQzNSup)Wh7A
z+(}kC%1<5kz?kz4b!!FoCaq_pffK6bVsk7isH%UCXv$dm5p2>5`CGeqxh+q|;MwL_
z0E>X>_4PzpM9F5_J>jG$yygdcw5x~dmTFp$5RO?oDmI5FgfnuADj~6^5mN;T7UXx7
zvDjV%lPPNFqxmDEW@0xMN>L(sE{ftk8?*HX2N88NmPlwsC5^!Qy{s>=`GI7If;Iph
z%v}w)+sl;{*jW{WOABZ1*`6H(Sm&`d%*`XnXIgHnWGL3Fg>#GVc;Hrh5hK4HFu1?T
z7)8FuHMH87F^AW8g;-6C_^a#h{NkB4kiQj`XrFH*LgpeLNK1!UT3$HO5v0#+!DyQ%
z##nTS$Ep*;nD5=PQH!`cq}=q|2IDE{AVJ_g>ljqD*+Pu(YIWO+q`9%t6?MlP9X3Bx
zL62*l>$a0$8u6V(uHG(aMt8pa`^KkBM`sRR$Iy!m40g=yFqzgiC=DaPir|#^&ZI_g
zhl&${IM|X~f^XTfL@M^FM7aA%``EVW*<n1w9AhD&){Zext79@;*oo$$6~bNlk*1_G
z3F%iGX^#vWFdj<fLV#q;XJ|1BCv&Qi6b%hOp@Ixl1L#{oS`{rEV-LWB!ZiRM*R23)
z{jL+*(HU%Rz$G!t8yI$Zm=0}#EXQFCIfEKmu=DVk9!)fzi4~MTJyZ0W9})tDCCMI}
zI9nz@o<H^$C+y3sD6dLn<xOc*wW4cneKZFu<CV(o*t^S~O&4J{FbGBpHsQMDJZa@q
zd9dj^Ucp3qiUVeS{TxWS?^B?2(Uh0oU)7OMsc#I_$htM!V7O%DB8oJeU5v)tksKA7
z!69wPXrI*?a-K%RiZ*S_xR#Y)4TBwDT@PZz-Qs-dbu7JegO^ep8s7jwn>F}aKj?OI
zM5AJ>v0;-zZIqF9`ckv(@2~GmeCxwc;UM<EVE6JKZR^woLgY$P=Z5}c{ih~uN=TYr
z@Xmt{Dk^@@b{q)8@5;=jMX6dIA}D-sxEe77D$g*$*0%Dun|(ROzcx=zH&!<s=wN)R
ztb>WiOWm;!Flk%F(8H|9XCLEh$HO2_1C6qv*&!?il_pcYj|yi0Jj+=8AjGy&pVD9l
z!#<xiB^2c6R6dxSu=x<G<sW$e6xWEbB(rH%1EE4jq806yO+H_;74eI{yIvmp%;_o+
zr4}N6%$L`NZH-r)vb0mJNXp&{aZf9`f~xkz#9oR>^AGUS-g#uNX>w}G1n`sFp|KG0
zfqoR48nET6u=}JmpV!{twcN`J9sNs-%QcdbHdburo`N&h$DZQZrsM8PB<kXMEuC#)
z1s<sSR-KX8J$p=8o;u1#vojM0b^fz-SpuzmZ;%3$R-g3x6|(f>FV6bhP|zX*8;;o4
z*}z4PWNSVe$DeV!$Z*L}G$ImjX0Mem^ES1qP0u{aBIaCKdOE958KVt0`XK8KkfeIB
z!BmUabub$d{cRGVQjjn@USED@WzJ%<7L>+}m|a+Omr2)1MgareMaHQGF$m6Xqb3^>
z;my0fDU4jV-0<H-$1N|1jW;a)m~SVi$TXo@>GVu*wi(;#QLWSKLo<5nAROYoed0}i
zq7Ren9Q8Nt7=&c0SYR}g!-mLdVly`r>ykR5j)vh^y#7yl=N`^v-v{uCQucIGNYXmI
zDI+}@$zcvfJtXFkLz(Fj!$OfcH6$KIDCaN~62s)ovc(m>4s)JkY&q@0Mv*y;?Y()P
z()(P`AMbm;f4=uW+qGT$UEkmD{$Ahv+I@dNpWlKEtYj?e<k$A_{(zozPosWG%)L`D
zqD5_`^14@<vyBq*O6U;I{W3FareVEVO3lYyph5gA2FFR9xK6p5S)t~%AafjVA;1(Z
z?Hu@U@g&(Kin;QpH<tIpG?CNZwDpYmbt;Uj?OCwmltzY6mq=Ui?{jHC;m+n%_1Nn6
zb?y@J=Q7{6t(;b6M)}e0*DeLletA*e5^iEzr-5(z+^>={nKRm$S?02m5i?Y*^^^vy
zslA1#XW0|3lJ-Xd?UHTceErK&hfm)b#*y3;%3GWXI|sotCH~|n3m4veU5qDBYI+`>
zR^C?9vu46Tc;0oGbt8CTwB&t0;@RMPhT&Kz<|T*z$c%*Q!Y~-&P<^g#h^#=svE19O
zo3|K1de#3qHk>%-I6dC#oz89?rmSyMAA8dH9C7JIL~m9i(2GekperHUTC0<`kMGu9
zhiWY2SR`QxkiN0}$yVN*@Pl9C8nC-!J$6CAM7LpT^+NSCl|~xhOdV2i$SG`hN3FhV
zIU{`f(qyjipqyd90dnO=O;W`_9CNQGE9v*z`WFO0d?>bm|CpgA(kmXeEOL*{o0%1C
zk^B5`AM7IWtA~4J;07$xjYr;=AZb9eECeN{pZ&hl2|NU!8#z^jnMkZT5V<xhId#Y-
zGF=!&6ZAwUFH10uDNBr(4W;}R7bn{XkhDK~{IPHPzgqk8iJ3$F^<pI#*8E5nHGHgR
zk?4UggyTr}<O4AmMDvQD?~?I~9mmWuK=n~7ad>gq0e3FFtMUERb+5g(4k(o<4XgY&
z-(e;5`?9jKc{WwW^CazTgZR`*fCg=ym(t<UMeYZ}7>j~7xvzyHL^8q}G#6udieBMq
zD-IA?TQtwh3-6q^HgS1RP|b*Lu7B*sc^w`I1pZlHSI7M4ocNkRuHH5~SJ{;#s<f&#
z_dA(RJ9l_96T;l!DgW%BBUWI1CAZoM9HB@P5}c!vPb)ms%eeYDZ%1DzbsK7`Vo_L`
zuWP@Mod9F*m-bdR=9a|F&OCq8K#vD7#wC>oHU4=$NeDFi2|)LLKf-|q5HanSyYMl=
z1amX12u^jEd(zqK$JH(;56(flhjr01(5FSi6|znGXVKH`oZ{SpWb(bL@<3PR;Db;<
zyHfR%mIagBT?c#Y%T0SvcVagXvRLBO8gZ98^%Av#fbW9(dzVH$!vo#iZw>ha>{h{`
z@F~NQThh%%2X&;)xjlnJ&mCsGUAl`37krFPRv2~P1qS(c1YHT*BM%LEj}*p-r{#4b
zhWP0G-`-!UidQM%M}|vhm_$e3ar1XqCt+}s=6mb2+tKf>A`fa_$UK~!b$RBIDR6}z
zaKs@TY33D}i5yuqOj+Ia1zM2D>upl-;*?_qt4Ls%dOPQ8fJJL+oY0#uJKpRP0_^#4
zcpR~_yx)ANv#2<(#1bQl5`*M`pyb_U0l46Ky690AL(^tpkQ>}qlRSr=c!TsD{Nvmi
z!*5}OK#4*}t<1Mi&QiODQI2YCMlt{=%v!-0I<NRmX6GnzhBaMKZI6woSUg>7fO4(#
zXxN$a`Hu%a+_T_Lc$rfrBNfYV^|!Onw<SC?9`2k&qO+mTrm&VOu#zVsyAgDYo2Ew9
zF%oTZgY0b}%7l|eryAbGLD`l6+ApcfA(K24#a7_b!CCC2SJq>dpjE4UsRAUI{0!=C
zmN|T!+M;MWZLK%7#~BAPq`e5~SRLKG<T6B$1L=DVxr3;g%cNUp#@VCe*>R!D`C6?3
z_`I?Du7y=FxKbLoHD=lMRk7zsEN9Z*AizJ__Qo_1iOu(97K|IHo~AvT$zBq7#7aIQ
zRfHWQ+?wvI-kMxPYY__aNGRv1)=>Cy_o&pVUaf|f(}HJ>^DNhznv76cs#h#ho`XKy
zKh1+T%g9lA-X<!mm)OUtEXDRx`T<(rec(^cTG=_)IoM{vHj0*btw5fC7x`BlALk~q
zp&=L_8}os%CrPv9u28T<s;s*D4GX?36xw9{>gD`j;6ad$L9EQx&az%x0)t`q-S1;a
z-hw1ixLnY@2&i(E_cda-f{P)yE&sO(G0>gy%DZE=zeav%vNJ}m=<Az|H^t-WTcOwT
zfbxdId8N^}&+#o7+!O%{gkhlf7fHtd3N&vf+s3<fI@%;F<A~8dhN)b{v;yEQ=-Lw0
zOptHLBm_gBi-T+=4=jHFP0-6{Zn^^NHQ2eTuCC4y{4P6&U)>ytT#4l??|rdw6%0}!
zu8x{GH<UhY{{<LG?jr9l@%)cmeKug^ps*lTaG>!n@=qRq**2_xoYb<@Yj7QZ2blV2
zvrFbS<YsfCf9!Mc239{Wy@`v1_UmpJ_Z{QkrIAngM~I(pL4g#+xYZ>@EmUYI1mOG&
zq_8T10`JBhqAyFRzq&>Vc)AP*75>Djw2axT$e>Emb?Th6o4~onXZS79Eai?JyCAKO
zRchOE%AK>|i1OwvpiyCInBr5*#Gz{ClsrttAhiStuy6D!{4kQ0WKrdKgXVVjqXrnH
z<;L+r{|zkfGtM`m@kplG26@-Z@&+p0iBfKrwHksMZ~J<m<7)bQ@wl~RlES<kYoO-M
zm!WW%cEB_MN=$(B`bH7fk<RhQ0}I->!KpCN=h0iyo*bWlpMvS$;7}AW1#JCM?&V$}
zg?=Bv5WVuu%3TM0-fq#hF8R~eu(3ME<HV6UZ}xDvQ<9oW4fX97kiyPy!iMf8ePr)f
zTOetd?%r)s!K9Lseq5>;o3*i6V@=nA&!gN~%A%&<tJKs(vtI%Ggsi-Li!U`=j|Z`0
zLy+*bJpk2N?KQ2Y)if~QidSdic4;^E^(Mdrl$<+tJ32aA%f$BXeE}#drjjv*Uxs--
zDoY3}(90rB#elb0cah_jYn1Y8kGO&orm-h`%PBJ*9pJo_K6p7*|Jr^{0MP4x@Q~_K
z^hlPgw0KfjRsLJ>JtK+M^kQ=U`1v*gZ9R``h!de9=Q@-Z+{_RUJE{?*CnbKcnuN>2
z;X})=?-myY+T4YBGT&5O8?_+ZSZ8@#t%fVNBaM|oV0P^DtGV+j80LURH&1El>FKF9
zuUh$VhG6~N)cE*pvmB$zX(9!?&4%PEY{zD@0=|5(71w5*k>p5-aU&vdguy8qLH$AB
zbRlqyV=$h=VrrmlG|X;RVg+nOo;ZUL9*HiSN)$0m1A}m=Wg%<7Z0W2x+L+_Mm3-3*
z5Ur>P(&@XFr2iDH+zH8H@3856Akvlz?>`zLcT{NF7dQ?6DC2ZZwvdq`42CZs62_)4
z&B^aRLR>|iW1WF=BqT^pmXQaQQ;QxBl~dZ60v>!>tgnZxD^^6;6)QHr(La<VfCP^N
zGzt;!zto`^b@NWfmKV17Bv2r%#$j*&VnUIx3<<&t5I}fvB=&K^5y<goSU<{^)i@to
zPftv!TQ|Pg{9$~t|6zLjjsj|*?X}l61i&|VMWNEKKWhxcN>^8k0-mf@+^6R(&Ch@u
z4RnIJY&x<-b!@kKUo6w>#HT75cyA7R1W-bxX^e^k!R}8--<O}>%uRERO_PhyK-$ms
z@rQ!TmN{X}4!Q>DL?R#jc<pz0TjwQ`5ukqwDjsoPol_wytwy4F6F|C*x~Bs6m~ZuM
zb!lCC61FG5UPbAXR8~=r99#$k?*6aEG{=Nenk&+8FY~t{)RrkBaSMr}f4kO<u;@MV
z2sOY1NB*?Kcrc*!<b@*MGDk8f!aJAzXni5~Z!F}J)~jzJRu+E`QTvngU^E9Ph2Os0
xctxbG%VPH3I=p$Q+xR?4<l+CVMCrgJU+_%S$BdH;DiiCAp|5A8TX?}P_+LVH+k5~3

literal 0
HcmV?d00001

diff --git a/docs/kubectl-plugin.md b/docs/kubectl-plugin.md
index 01be19f59..2b6381f6f 100644
--- a/docs/kubectl-plugin.md
+++ b/docs/kubectl-plugin.md
@@ -208,6 +208,7 @@ modsecurity
 modules
 nginx.conf
 opentracing.json
+opentelemetry.toml
 owasp-modsecurity-crs
 template
 ```
diff --git a/docs/user-guide/nginx-configuration/annotations.md b/docs/user-guide/nginx-configuration/annotations.md
index 9c79d9d9c..dac39f752 100755
--- a/docs/user-guide/nginx-configuration/annotations.md
+++ b/docs/user-guide/nginx-configuration/annotations.md
@@ -121,6 +121,8 @@ You can add these Kubernetes annotations to specific Ingress objects to customiz
 |[nginx.ingress.kubernetes.io/enable-access-log](#enable-access-log)|"true" or "false"|
 |[nginx.ingress.kubernetes.io/enable-opentracing](#enable-opentracing)|"true" or "false"|
 |[nginx.ingress.kubernetes.io/opentracing-trust-incoming-span](#opentracing-trust-incoming-span)|"true" or "false"|
+|[nginx.ingress.kubernetes.io/enable-opentelemetry](#enable-opentelemetry)|"true" or "false"|
+|[nginx.ingress.kubernetes.io/opentelemetry-trust-incoming-span](#opentelemetry-trust-incoming-spans)|"true" or "false"|
 |[nginx.ingress.kubernetes.io/enable-influxdb](#influxdb)|"true" or "false"|
 |[nginx.ingress.kubernetes.io/influxdb-measurement](#influxdb)|string|
 |[nginx.ingress.kubernetes.io/influxdb-port](#influxdb)|string|
@@ -821,6 +823,24 @@ sometimes need to be overridden to enable it or disable it for a specific ingres
 nginx.ingress.kubernetes.io/opentracing-trust-incoming-span: "true"
 ```
 
+### Enable Opentelemetry
+
+Opentelemetry can be enabled or disabled globally through the ConfigMap but this will sometimes need to be overridden
+to enable it or disable it for a specific ingress (e.g. to turn off telemetry of external health check endpoints)
+
+```yaml
+nginx.ingress.kubernetes.io/enable-opentelemetry: "true"
+```
+
+### Opentelemetry Trust Incoming Span
+
+The option to trust incoming trace spans can be enabled or disabled globally through the ConfigMap but this will
+sometimes need to be overridden to enable it or disable it for a specific ingress (e.g. only enable on a private endpoint)
+
+```yaml
+nginx.ingress.kubernetes.io/opentelemetry-trust-incoming-spans: "true"
+```
+
 ### X-Forwarded-Prefix Header
 To add the non-standard `X-Forwarded-Prefix` header to the upstream request with a string value, the following annotation can be used:
 
diff --git a/docs/user-guide/nginx-configuration/configmap.md b/docs/user-guide/nginx-configuration/configmap.md
old mode 100755
new mode 100644
index fc5bd07c2..ccb115a0f
--- a/docs/user-guide/nginx-configuration/configmap.md
+++ b/docs/user-guide/nginx-configuration/configmap.md
@@ -157,6 +157,19 @@ The following table shows a configuration option's name, type, and the default v
 |[datadog-operation-name-override](#datadog-operation-name-override)|string|"nginx.handle"|
 |[datadog-priority-sampling](#datadog-priority-sampling)|bool|"true"|
 |[datadog-sample-rate](#datadog-sample-rate)|float|1.0|
+|[enable-opentelemetry](#enable-opentelemetry)|bool|"false"|
+|[opentelemetry-trust-incoming-span](#opentelemetry-trust-incoming-span)|bool|"true"|
+|[opentelemetry-operation-name](#opentelemetry-operation-name)|string|""|
+|[opentelemetry-config](#/etc/nginx/opentelemetry.toml)|string|"/etc/nginx/opentelemetry.toml"|
+|[otlp-collector-host](#otlp-collector-host)|string|""|
+|[otlp-collector-port](#otlp-collector-port)|int|4317|
+|[otel-max-queuesize](#otel-max-queuesize)|int||
+|[otel-schedule-delay-millis](#otel-schedule-delay-millis)|int||
+|[otel-max-export-batch-size](#otel-max-export-batch-size)|int||
+|[otel-service-name](#otel-service-name)|string|"nginx"|
+|[otel-sampler](#otel-sampler)|string|"AlwaysOff"|
+|[otel-sampler-parent-based](#otel-sampler-parent-based)|bool|"false"|
+|[otel-sampler-ratio](#otel-sampler-ratio)|float|0.01|
 |[main-snippet](#main-snippet)|string|""|
 |[http-snippet](#http-snippet)|string|""|
 |[server-snippet](#server-snippet)|string|""|
@@ -1009,6 +1022,46 @@ If true disables client-side sampling (thus ignoring `sample_rate`) and enables
 Specifies sample rate for any traces created.
 This is effective only when `datadog-priority-sampling` is `false` _**default:**_ 1.0
 
+## enable-opentelemetry
+
+Enables the nginx OpenTelemetry extension. _**default:**_ is disabled
+
+_References:_
+[https://github.com/open-telemetry/opentelemetry-cpp-contrib](https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx)
+
+## opentelemetry-operation-name
+
+Specifies a custom name for the server span. _**default:**_ is empty
+
+For example, set to "HTTP $request_method $uri".
+
+## otlp-collector-host
+
+Specifies the host to use when uploading traces. It must be a valid URL.
+
+## otlp-collector-port
+
+Specifies the port to use when uploading traces. _**default:**_ 4317
+
+## otel-service-name
+
+Specifies the service name to use for any traces created. _**default:**_ nginx
+
+##  opentelemetry-trust-incoming-span: "true"
+Enables or disables using spans from incoming requests as parent for created ones. _**default:**_ true
+
+##  otel-sampler-parent-based
+
+Uses sampler implementation which by default will take a sample if parent Activity is sampled. _**default:**_ false
+
+## otel-sampler-ratio
+
+Specifies sample rate for any traces created. _**default:**_ 0.01
+
+## otel-sampler
+
+Specifies the sampler to be used when sampling traces. The available samplers are: AlwaysOff, AlwaysOn, TraceIdRatioBased, remote. _**default:**_ AlwaysOff
+
 ## main-snippet
 
 Adds custom configuration to the main section of the nginx configuration.
diff --git a/docs/user-guide/third-party-addons/opentelemetry.md b/docs/user-guide/third-party-addons/opentelemetry.md
new file mode 100644
index 000000000..d966dff1f
--- /dev/null
+++ b/docs/user-guide/third-party-addons/opentelemetry.md
@@ -0,0 +1,260 @@
+# OpenTelemetry
+
+Enables requests served by NGINX for distributed telemetry via The OpenTelemetry Project.
+
+Using the third party module [opentelemetry-cpp-contrib/nginx](https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/nginx) the NGINX ingress controller can configure NGINX to enable [OpenTelemetry](http://opentelemetry.io) instrumentation.
+By default this feature is disabled.
+
+## Usage
+
+To enable the instrumentation we must enable OpenTelemetry in the configuration ConfigMap:
+```yaml
+data:
+  enable-opentelemetry: "true"
+```
+
+To enable or disable instrumentation for a single Ingress, use
+the `enable-opentelemetry` annotation:
+```yaml
+kind: Ingress
+metadata:
+  annotations:
+    nginx.ingress.kubernetes.io/enable-opentelemetry: "true"
+```
+
+We must also set the host to use when uploading traces:
+
+```yaml
+otlp-collector-host: "otel-coll-collector.otel.svc"
+```
+NOTE: While the option is called `otlp-collector-host`, you will need to point this to any backend that recieves otlp-grpc.
+
+Next you will need to deploy a distributed telemetry system which uses OpenTelemetry.
+[opentelemetry-collector](https://github.com/open-telemetry/opentelemetry-collector), [Jaeger](https://www.jaegertracing.io/)
+[Tempo](https://github.com/grafana/tempo), and [zipkin](https://zipkin.io/)
+have been tested.
+
+Other optional configuration options:
+```yaml
+# specifies the name to use for the server span
+opentelemetry-operation-name
+
+# sets whether or not to trust incoming telemetry spans
+opentelemetry-trust-incoming-span
+
+# specifies the port to use when uploading traces, Default: 4317
+otlp-collector-port
+
+# specifies the service name to use for any traces created, Default: nginx
+otel-service-name
+
+# The maximum queue size. After the size is reached data are dropped.
+otel-max-queuesize
+
+# The delay interval in milliseconds between two consecutive exports.
+otel-schedule-delay-millis
+        
+# How long the export can run before it is cancelled.
+otel-schedule-delay-millis
+
+# The maximum batch size of every export. It must be smaller or equal to maxQueueSize.
+otel-max-export-batch-size
+
+# specifies sample rate for any traces created, Default: 0.01
+otel-sampler-ratio
+
+# specifies the sampler to be used when sampling traces.
+# The available samplers are: AlwaysOn,  AlwaysOff, TraceIdRatioBased, Default: AlwaysOff
+otel-sampler
+
+# Uses sampler implementation which by default will take a sample if parent Activity is sampled, Default: false
+otel-sampler-parent-based
+```
+
+Note that you can also set whether to trust incoming spans (global default is true) per-location using annotations like the following:
+```yaml
+kind: Ingress
+metadata:
+  annotations:
+    nginx.ingress.kubernetes.io/opentelemetry-trust-incoming-span: "true"
+```
+
+## Examples
+
+The following examples show how to deploy and test different distributed telemetry systems. These example can be performed using Docker Desktop.
+
+In the [esigo/nginx-example](https://github.com/esigo/nginx-example)
+GitHub repository is an example of a simple hello service:
+
+```mermaid
+graph TB
+    subgraph Browser
+    start["http://esigo.dev/hello/nginx"]
+    end
+
+    subgraph app
+        sa[service-a]
+        sb[service-b]
+        sa --> |name: nginx| sb
+        sb --> |hello nginx!| sa
+    end
+
+    subgraph otel
+        otc["Otel Collector"] 
+    end
+
+    subgraph observability
+        tempo["Tempo"]
+        grafana["Grafana"]
+        backend["Jaeger"]
+        zipkin["Zipkin"]
+    end
+
+    subgraph ingress-nginx
+        ngx[nginx]
+    end
+
+    subgraph ngx[nginx]
+        ng[nginx]
+        om[OpenTelemetry module]
+    end
+
+    subgraph Node
+        app
+        otel
+        observability
+        ingress-nginx
+        om --> |otlp-gRPC| otc --> |jaeger| backend
+        otc --> |zipkin| zipkin
+        otc --> |otlp-gRPC| tempo --> grafana
+        sa --> |otlp-gRPC| otc
+        sb --> |otlp-gRPC| otc
+        start --> ng --> sa
+    end
+```
+
+To install the example and collectors run:
+
+1. Enable Ingress addon with:
+
+    ```yaml
+      opentelemetry:
+        enabled: true
+        image: registry.k8s.io/ingress-nginx/opentelemetry:v20230107-helm-chart-4.4.2-2-g96b3d2165@sha256:331b9bebd6acfcd2d3048abbdd86555f5be76b7e3d0b5af4300b04235c6056c9
+        containerSecurityContext:
+        allowPrivilegeEscalation: false
+    ```
+
+2. Enable OpenTelemetry and set the otlp-collector-host:
+
+    ```yaml
+    $ echo '
+      apiVersion: v1
+      kind: ConfigMap
+      data:
+        enable-opentelemetry: "true"
+        opentelemetry-config: "/etc/nginx/opentelemetry.toml"
+        opentelemetry-operation-name: "HTTP $request_method $service_name $uri"
+        opentelemetry-trust-incoming-span: "true"
+        otlp-collector-host: "otel-coll-collector.otel.svc"
+        otlp-collector-port: "4317"
+        otel-max-queuesize: "2048"
+        otel-schedule-delay-millis: "5000"
+        otel-max-export-batch-size: "512"
+        otel-service-name: "nginx-proxy" # Opentelemetry resource name
+        otel-sampler: "AlwaysOn" # Also: AlwaysOff, TraceIdRatioBased
+        otel-sampler-ratio: "1.0"
+        otel-sampler-parent-based: "false"
+      metadata:
+        name: ingress-nginx-controller
+        namespace: ingress-nginx
+      ' | kubectl replace -f -
+    ```
+
+4. Deploy otel-collector, grafana and Jaeger backend:
+
+    ```bash
+    # add helm charts needed for grafana and OpenTelemetry collector
+    helm repo add open-telemetry https://open-telemetry.github.io/opentelemetry-helm-charts
+    helm repo add grafana https://grafana.github.io/helm-charts
+    helm repo update
+    # deply cert-manager needed for OpenTelemetry collector operator
+    kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.9.1/cert-manager.yaml
+    # create observability namespace
+    kubectl apply -f https://raw.githubusercontent.com/esigo/nginx-example/main/observability/namespace.yaml
+    # install OpenTelemetry collector operator
+    helm upgrade --install otel-collector-operator -n otel --create-namespace open-telemetry/opentelemetry-operator
+    # deploy OpenTelemetry collector
+    kubectl apply -f https://raw.githubusercontent.com/esigo/nginx-example/main/observability/collector.yaml
+    # deploy Jaeger all-in-one
+    kubectl apply -f https://github.com/jaegertracing/jaeger-operator/releases/download/v1.37.0/jaeger-operator.yaml -n observability
+    kubectl apply -f https://raw.githubusercontent.com/esigo/nginx-example/main/observability/jaeger.yaml -n observability
+    # deploy zipkin
+    kubectl apply -f https://raw.githubusercontent.com/esigo/nginx-example/main/observability/zipkin.yaml -n observability
+    # deploy tempo and grafana
+	helm upgrade --install tempo grafana/tempo --create-namespace -n observability
+	helm upgrade -f https://raw.githubusercontent.com/esigo/nginx-example/main/observability/grafana/grafana-values.yaml --install grafana grafana/grafana --create-namespace -n observability
+    ```
+
+3. Build and deploy demo app:
+
+    ```bash
+    # build images
+    make images
+
+    # deploy demo app:
+    make deploy-app
+    ```
+
+5. Make a few requests to the Service:
+
+    ```bash
+    kubectl port-forward --namespace=ingress-nginx service/ingress-nginx-controller 8090:80
+    curl http://esigo.dev:8090/hello/nginx
+
+
+    StatusCode        : 200
+    StatusDescription : OK
+    Content           : {"v":"hello nginx!"}
+
+    RawContent        : HTTP/1.1 200 OK
+                        Connection: keep-alive
+                        Content-Length: 21
+                        Content-Type: text/plain; charset=utf-8
+                        Date: Mon, 10 Oct 2022 17:43:33 GMT
+
+                        {"v":"hello nginx!"}
+
+    Forms             : {}
+    Headers           : {[Connection, keep-alive], [Content-Length, 21], [Content-Type, text/plain; charset=utf-8], [Date,
+                        Mon, 10 Oct 2022 17:43:33 GMT]}
+    Images            : {}
+    InputFields       : {}
+    Links             : {}
+    ParsedHtml        : System.__ComObject
+    RawContentLength  : 21
+    ```
+
+6. View the Grafana UI:
+
+    ```bash
+    kubectl port-forward --namespace=observability service/grafana 3000:80
+    ```
+    In the Grafana interface we can see the details:
+    ![grafana screenshot](../../images/otel-grafana-demo.png "grafana screenshot")
+
+7. View the Jaeger UI:
+
+    ```bash
+    kubectl port-forward --namespace=observability service/jaeger-all-in-one-query 16686:16686
+    ```
+    In the Jaeger interface we can see the details:
+    ![Jaeger screenshot](../../images/otel-jaeger-demo.png "Jaeger screenshot")
+
+8. View the Zipkin UI:
+
+    ```bash
+    kubectl port-forward --namespace=observability service/zipkin 9411:9411
+    ```
+    In the Zipkin interface we can see the details:
+    ![zipkin screenshot](../../images/otel-zipkin-demo.png "zipkin screenshot")
diff --git a/internal/ingress/annotations/annotations.go b/internal/ingress/annotations/annotations.go
index 14415a4f7..6a9e7367c 100644
--- a/internal/ingress/annotations/annotations.go
+++ b/internal/ingress/annotations/annotations.go
@@ -20,6 +20,7 @@ import (
 	"github.com/imdario/mergo"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/canary"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/modsecurity"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/opentelemetry"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/proxyssl"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/sslcipher"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/streamsnippet"
@@ -94,6 +95,7 @@ type Ingress struct {
 	EnableGlobalAuth   bool
 	HTTP2PushPreload   bool
 	Opentracing        opentracing.Config
+	Opentelemetry      opentelemetry.Config
 	Proxy              proxy.Config
 	ProxySSL           proxyssl.Config
 	RateLimit          ratelimit.Config
@@ -145,6 +147,7 @@ func NewAnnotationExtractor(cfg resolver.Resolver) Extractor {
 			"EnableGlobalAuth":     authreqglobal.NewParser(cfg),
 			"HTTP2PushPreload":     http2pushpreload.NewParser(cfg),
 			"Opentracing":          opentracing.NewParser(cfg),
+			"Opentelemetry":        opentelemetry.NewParser(cfg),
 			"Proxy":                proxy.NewParser(cfg),
 			"ProxySSL":             proxyssl.NewParser(cfg),
 			"RateLimit":            ratelimit.NewParser(cfg),
diff --git a/internal/ingress/annotations/opentelemetry/main.go b/internal/ingress/annotations/opentelemetry/main.go
new file mode 100644
index 000000000..7dd292322
--- /dev/null
+++ b/internal/ingress/annotations/opentelemetry/main.go
@@ -0,0 +1,101 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package opentelemetry
+
+import (
+	networking "k8s.io/api/networking/v1"
+
+	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
+	"k8s.io/ingress-nginx/internal/ingress/resolver"
+)
+
+type opentelemetry struct {
+	r resolver.Resolver
+}
+
+// Config contains the configuration to be used in the Ingress
+type Config struct {
+	Enabled       bool   `json:"enabled"`
+	Set           bool   `json:"set"`
+	TrustEnabled  bool   `json:"trust-enabled"`
+	TrustSet      bool   `json:"trust-set"`
+	OperationName string `json:"operation-name"`
+}
+
+// Equal tests for equality between two Config types
+func (bd1 *Config) Equal(bd2 *Config) bool {
+
+	if bd1.Set != bd2.Set {
+		return false
+	}
+
+	if bd1.Enabled != bd2.Enabled {
+		return false
+	}
+
+	if bd1.TrustSet != bd2.TrustSet {
+		return false
+	}
+
+	if bd1.TrustEnabled != bd2.TrustEnabled {
+		return false
+	}
+
+	if bd1.OperationName != bd2.OperationName {
+		return false
+	}
+
+	return true
+}
+
+// NewParser creates a new serviceUpstream annotation parser
+func NewParser(r resolver.Resolver) parser.IngressAnnotation {
+	return opentelemetry{r}
+}
+
+// Parse parses the annotations to look for opentelemetry configurations
+func (c opentelemetry) Parse(ing *networking.Ingress) (interface{}, error) {
+	cfg := Config{}
+	enabled, err := parser.GetBoolAnnotation("enable-opentelemetry", ing)
+	if err != nil {
+		return &cfg, nil
+	}
+	cfg.Set = true
+	cfg.Enabled = enabled
+	if !enabled {
+		return &cfg, nil
+	}
+
+	trustEnabled, err := parser.GetBoolAnnotation("opentelemetry-trust-incoming-span", ing)
+	if err != nil {
+		operationName, err := parser.GetStringAnnotation("opentelemetry-operation-name", ing)
+		if err != nil {
+			return &cfg, nil
+		}
+		cfg.OperationName = operationName
+		return &cfg, nil
+	}
+
+	cfg.TrustSet = true
+	cfg.TrustEnabled = trustEnabled
+	operationName, err := parser.GetStringAnnotation("opentelemetry-operation-name", ing)
+	if err != nil {
+		return &cfg, nil
+	}
+	cfg.OperationName = operationName
+	return &cfg, nil
+}
diff --git a/internal/ingress/annotations/opentelemetry/main_test.go b/internal/ingress/annotations/opentelemetry/main_test.go
new file mode 100644
index 000000000..619108fa6
--- /dev/null
+++ b/internal/ingress/annotations/opentelemetry/main_test.go
@@ -0,0 +1,170 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package opentelemetry
+
+import (
+	"testing"
+
+	api "k8s.io/api/core/v1"
+	networking "k8s.io/api/networking/v1"
+	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
+	"k8s.io/ingress-nginx/internal/ingress/resolver"
+)
+
+func buildIngress() *networking.Ingress {
+	defaultBackend := networking.IngressBackend{
+		Service: &networking.IngressServiceBackend{
+			Name: "default-backend",
+			Port: networking.ServiceBackendPort{
+				Number: 80,
+			},
+		},
+	}
+
+	return &networking.Ingress{
+		ObjectMeta: meta_v1.ObjectMeta{
+			Name:      "foo",
+			Namespace: api.NamespaceDefault,
+		},
+		Spec: networking.IngressSpec{
+			DefaultBackend: &networking.IngressBackend{
+				Service: &networking.IngressServiceBackend{
+					Name: "default-backend",
+					Port: networking.ServiceBackendPort{
+						Number: 80,
+					},
+				},
+			},
+			Rules: []networking.IngressRule{
+				{
+					Host: "foo.bar.com",
+					IngressRuleValue: networking.IngressRuleValue{
+						HTTP: &networking.HTTPIngressRuleValue{
+							Paths: []networking.HTTPIngressPath{
+								{
+									Path:    "/foo",
+									Backend: defaultBackend,
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func TestIngressAnnotationOpentelemetrySetTrue(t *testing.T) {
+	ing := buildIngress()
+
+	data := map[string]string{}
+	data[parser.GetAnnotationWithPrefix("enable-opentelemetry")] = "true"
+	ing.SetAnnotations(data)
+
+	val, _ := NewParser(&resolver.Mock{}).Parse(ing)
+	openTelemetry, ok := val.(*Config)
+	if !ok {
+		t.Errorf("expected a Config type")
+	}
+
+	if !openTelemetry.Enabled {
+		t.Errorf("expected annotation value to be true, got false")
+	}
+
+	if !openTelemetry.Set {
+		t.Errorf("expected annotation value to be true, got false")
+	}
+
+	if openTelemetry.TrustSet {
+		t.Errorf("expected annotation value to be false, got true")
+	}
+}
+
+func TestIngressAnnotationOpentelemetrySetFalse(t *testing.T) {
+	ing := buildIngress()
+
+	// Test with explicitly set to false
+	data := map[string]string{}
+	data[parser.GetAnnotationWithPrefix("enable-opentelemetry")] = "false"
+	ing.SetAnnotations(data)
+
+	val, _ := NewParser(&resolver.Mock{}).Parse(ing)
+	openTelemetry, ok := val.(*Config)
+	if !ok {
+		t.Errorf("expected a Config type")
+	}
+
+	if openTelemetry.Enabled {
+		t.Errorf("expected annotation value to be false, got true")
+	}
+
+	if !openTelemetry.Set {
+		t.Errorf("expected annotation value to be true, got false")
+	}
+}
+
+func TestIngressAnnotationOpentelemetryTrustSetTrue(t *testing.T) {
+	ing := buildIngress()
+
+	data := map[string]string{}
+	opName := "foo-op"
+	data[parser.GetAnnotationWithPrefix("enable-opentelemetry")] = "true"
+	data[parser.GetAnnotationWithPrefix("opentelemetry-trust-incoming-span")] = "true"
+	data[parser.GetAnnotationWithPrefix("opentelemetry-operation-name")] = opName
+	ing.SetAnnotations(data)
+
+	val, _ := NewParser(&resolver.Mock{}).Parse(ing)
+	openTelemetry, ok := val.(*Config)
+	if !ok {
+		t.Errorf("expected a Config type")
+	}
+
+	if !openTelemetry.Enabled {
+		t.Errorf("expected annotation value to be true, got false")
+	}
+
+	if !openTelemetry.Set {
+		t.Errorf("expected annotation value to be true, got false")
+	}
+
+	if !openTelemetry.TrustEnabled {
+		t.Errorf("expected annotation value to be true, got false")
+	}
+
+	if !openTelemetry.TrustSet {
+		t.Errorf("expected annotation value to be true, got false")
+	}
+
+	if openTelemetry.OperationName != opName {
+		t.Errorf("expected annotation value to be %v, got %v", opName, openTelemetry.OperationName)
+	}
+}
+
+func TestIngressAnnotationOpentelemetryUnset(t *testing.T) {
+	ing := buildIngress()
+
+	// Test with no annotation specified
+	data := map[string]string{}
+	ing.SetAnnotations(data)
+
+	val, _ := NewParser(&resolver.Mock{}).Parse(ing)
+	_, ok := val.(*Config)
+	if !ok {
+		t.Errorf("expected a Config type")
+	}
+}
diff --git a/internal/ingress/controller/config/config.go b/internal/ingress/controller/config/config.go
index 5786b6776..da37ea3c9 100644
--- a/internal/ingress/controller/config/config.go
+++ b/internal/ingress/controller/config/config.go
@@ -568,6 +568,54 @@ type Configuration struct {
 	// Default: true
 	OpentracingTrustIncomingSpan bool `json:"opentracing-trust-incoming-span"`
 
+	// EnableOpentelemetry enables the nginx Opentelemetry extension
+	// By default this is disabled
+	EnableOpentelemetry bool `json:"enable-opentelemetry"`
+
+	// OpentelemetryConfig sets the opentelemetry config file
+	// Default: /etc/nginx/opentelemetry.toml
+	OpentelemetryConfig string `json:"opentelemetry-config"`
+
+	// OpentelemetryOperationName specifies a custom name for the server span
+	OpentelemetryOperationName string `json:"opentelemetry-operation-name"`
+
+	// OpentelemetryTrustIncomingSpan sets whether or not to trust incoming trace spans
+	// If false, incoming span headers will be rejected
+	// Default: true
+	OpentelemetryTrustIncomingSpan bool `json:"opentelemetry-trust-incoming-span"`
+
+	// OtlpCollectorHost specifies the host to use when uploading traces
+	OtlpCollectorHost string `json:"otlp-collector-host"`
+
+	// OtlpCollectorPort specifies the port to use when uploading traces
+	// Default: 4317
+	OtlpCollectorPort string `json:"otlp-collector-port"`
+
+	// OtelServiceName specifies the service name to use for any traces created
+	// Default: nginx
+	OtelServiceName string `json:"otel-service-name"`
+
+	// OtelSampler specifies the sampler to use for any traces created
+	// Default: AlwaysOff
+	OtelSampler string `json:"otel-sampler"`
+
+	// OtelSamplerRatio specifies the sampler ratio to use for any traces created
+	// Default: 0.01
+	OtelSamplerRatio float32 `json:"otel-sampler-ratio"`
+
+	//OtelSamplerParentBased specifies the parent based sampler to be use for any traces created
+	// Default: false
+	OtelSamplerParentBased bool `json:"otel-sampler-parent-based"`
+
+	// MaxQueueSize specifies the max queue size for uploading traces
+	OtelMaxQueueSize int32 `json:"otel-max-queuesize"`
+
+	// ScheduleDelayMillis specifies the max delay between uploading traces
+	OtelScheduleDelayMillis int32 `json:"otel-schedule-delay-millis"`
+
+	// MaxExportBatchSize specifies the max export batch size to used when uploading traces
+	OtelMaxExportBatchSize int32 `json:"otel-max-export-batch-size"`
+
 	// ZipkinCollectorHost specifies the host to use when uploading traces
 	ZipkinCollectorHost string `json:"zipkin-collector-host"`
 
@@ -917,6 +965,13 @@ func NewDefault() Configuration {
 		BindAddressIpv4:                        defBindAddress,
 		BindAddressIpv6:                        defBindAddress,
 		OpentracingTrustIncomingSpan:           true,
+		OpentelemetryTrustIncomingSpan:         true,
+		OpentelemetryConfig:                    "/etc/nginx/opentelemetry.toml",
+		OtlpCollectorPort:                      "4317",
+		OtelServiceName:                        "nginx",
+		OtelSampler:                            "AlwaysOff",
+		OtelSamplerRatio:                       0.01,
+		OtelSamplerParentBased:                 false,
 		ZipkinCollectorPort:                    9411,
 		ZipkinServiceName:                      "nginx",
 		ZipkinSampleRate:                       1.0,
diff --git a/internal/ingress/controller/controller.go b/internal/ingress/controller/controller.go
index 20f8c8687..5d94605b5 100644
--- a/internal/ingress/controller/controller.go
+++ b/internal/ingress/controller/controller.go
@@ -1444,6 +1444,7 @@ func locationApplyAnnotations(loc *ingress.Location, anns *annotations.Ingress)
 	loc.EnableGlobalAuth = anns.EnableGlobalAuth
 	loc.HTTP2PushPreload = anns.HTTP2PushPreload
 	loc.Opentracing = anns.Opentracing
+	loc.Opentelemetry = anns.Opentelemetry
 	loc.Proxy = anns.Proxy
 	loc.ProxySSL = anns.ProxySSL
 	loc.RateLimit = anns.RateLimit
diff --git a/internal/ingress/controller/nginx.go b/internal/ingress/controller/nginx.go
index 5575009ea..80693db5c 100644
--- a/internal/ingress/controller/nginx.go
+++ b/internal/ingress/controller/nginx.go
@@ -673,6 +673,11 @@ func (n *NGINXController) OnUpdate(ingressCfg ingress.Configuration) error {
 		return err
 	}
 
+	err = createOpentelemetryCfg(cfg)
+	if err != nil {
+		return err
+	}
+
 	err = n.testTemplate(content)
 	if err != nil {
 		return err
@@ -1056,6 +1061,29 @@ const datadogTmpl = `{
   "dd.priority.sampling": {{ .DatadogPrioritySampling }}
 }`
 
+const otelTmpl = `
+exporter = "otlp"
+processor = "batch"
+
+[exporters.otlp]
+# Alternatively the OTEL_EXPORTER_OTLP_ENDPOINT environment variable can also be used.
+host = "{{ .OtlpCollectorHost }}"
+port = {{ .OtlpCollectorPort }}
+
+[processors.batch]
+max_queue_size = {{ .OtelMaxQueueSize }}
+schedule_delay_millis = {{ .OtelScheduleDelayMillis }}
+max_export_batch_size = {{ .OtelMaxExportBatchSize }}
+
+[service]
+name = "{{ .OtelServiceName }}" # Opentelemetry resource name
+
+[sampler]
+name = "{{ .OtelSampler }}" # Also: AlwaysOff, TraceIdRatioBased
+ratio = {{ .OtelSamplerRatio }}
+parent_based = {{ .OtelSamplerParentBased }}
+`
+
 func createOpentracingCfg(cfg ngx_config.Configuration) error {
 	var tmpl *template.Template
 	var err error
@@ -1091,6 +1119,21 @@ func createOpentracingCfg(cfg ngx_config.Configuration) error {
 	return os.WriteFile("/etc/nginx/opentracing.json", []byte(expanded), file.ReadWriteByUser)
 }
 
+func createOpentelemetryCfg(cfg ngx_config.Configuration) error {
+
+	tmpl, err := template.New("otel").Parse(otelTmpl)
+	if err != nil {
+		return err
+	}
+	tmplBuf := bytes.NewBuffer(make([]byte, 0))
+	err = tmpl.Execute(tmplBuf, cfg)
+	if err != nil {
+		return err
+	}
+
+	return os.WriteFile(cfg.OpentelemetryConfig, tmplBuf.Bytes(), file.ReadWriteByUser)
+}
+
 func cleanTempNginxCfg() error {
 	var files []string
 
diff --git a/internal/ingress/controller/template/template.go b/internal/ingress/controller/template/template.go
index f3283a782..9dc9fb3b8 100644
--- a/internal/ingress/controller/template/template.go
+++ b/internal/ingress/controller/template/template.go
@@ -265,6 +265,7 @@ var (
 		"buildAuthSignURL":                   buildAuthSignURL,
 		"buildAuthSignURLLocation":           buildAuthSignURLLocation,
 		"buildOpentracing":                   buildOpentracing,
+		"buildOpentelemetry":                 buildOpentelemetry,
 		"proxySetHeader":                     proxySetHeader,
 		"buildInfluxDB":                      buildInfluxDB,
 		"enforceRegexModifier":               enforceRegexModifier,
@@ -274,7 +275,9 @@ var (
 		"buildHTTPListener":                  buildHTTPListener,
 		"buildHTTPSListener":                 buildHTTPSListener,
 		"buildOpentracingForLocation":        buildOpentracingForLocation,
+		"buildOpentelemetryForLocation":      buildOpentelemetryForLocation,
 		"shouldLoadOpentracingModule":        shouldLoadOpentracingModule,
+		"shouldLoadOpentelemetryModule":      shouldLoadOpentelemetryModule,
 		"buildModSecurityForLocation":        buildModSecurityForLocation,
 		"buildMirrorLocations":               buildMirrorLocations,
 		"shouldLoadAuthDigestModule":         shouldLoadAuthDigestModule,
@@ -1239,6 +1242,33 @@ func buildOpentracing(c interface{}, s interface{}) string {
 	return buf.String()
 }
 
+func buildOpentelemetry(c interface{}, s interface{}) string {
+	cfg, ok := c.(config.Configuration)
+	if !ok {
+		klog.Errorf("expected a 'config.Configuration' type but %T was returned", c)
+		return ""
+	}
+
+	servers, ok := s.([]*ingress.Server)
+	if !ok {
+		klog.Errorf("expected an '[]*ingress.Server' type but %T was returned", s)
+		return ""
+	}
+
+	if !shouldLoadOpentelemetryModule(cfg, servers) {
+		return ""
+	}
+
+	buf := bytes.NewBufferString("")
+
+	buf.WriteString("\r\n")
+
+	if cfg.OpentelemetryOperationName != "" {
+		buf.WriteString(fmt.Sprintf("opentelemetry_operation_name \"%s\";\n", cfg.OpentelemetryOperationName))
+	}
+	return buf.String()
+}
+
 // buildInfluxDB produces the single line configuration
 // needed by the InfluxDB module to send request's metrics
 // for the current resource
@@ -1360,6 +1390,13 @@ func opentracingPropagateContext(location *ingress.Location) string {
 	return "opentracing_propagate_context;"
 }
 
+func opentelemetryPropagateContext(location *ingress.Location) string {
+	if location == nil {
+		return ""
+	}
+	return "opentelemetry_propagate;"
+}
+
 // shouldLoadModSecurityModule determines whether or not the ModSecurity module needs to be loaded.
 // First, it checks if `enable-modsecurity` is set in the ConfigMap. If it is not, it iterates over all locations to
 // check if ModSecurity is enabled by the annotation `nginx.ingress.kubernetes.io/enable-modsecurity`.
@@ -1575,6 +1612,36 @@ func buildOpentracingForLocation(isOTEnabled bool, isOTTrustSet bool, location *
 	return opc
 }
 
+func buildOpentelemetryForLocation(isOTEnabled bool, isOTTrustSet bool, location *ingress.Location) string {
+	isOTEnabledInLoc := location.Opentelemetry.Enabled
+	isOTSetInLoc := location.Opentelemetry.Set
+
+	if isOTEnabled {
+		if isOTSetInLoc && !isOTEnabledInLoc {
+			return "opentelemetry off;"
+		}
+	} else if !isOTSetInLoc || !isOTEnabledInLoc {
+		return ""
+	}
+
+	opc := opentelemetryPropagateContext(location)
+	if opc != "" {
+		opc = fmt.Sprintf("opentelemetry on;\n%v", opc)
+	}
+
+	if location.Opentelemetry.OperationName != "" {
+		opc = opc + "\nopentelemetry_operation_name " + location.Opentelemetry.OperationName + ";"
+	}
+
+	if (!isOTTrustSet && !location.Opentelemetry.TrustSet) ||
+		(location.Opentelemetry.TrustSet && !location.Opentelemetry.TrustEnabled) {
+		opc = opc + "\nopentelemetry_trust_incoming_spans off;"
+	} else {
+		opc = opc + "\nopentelemetry_trust_incoming_spans on;"
+	}
+	return opc
+}
+
 // shouldLoadOpentracingModule determines whether or not the Opentracing module needs to be loaded.
 // First, it checks if `enable-opentracing` is set in the ConfigMap. If it is not, it iterates over all locations to
 // check if Opentracing is enabled by the annotation `nginx.ingress.kubernetes.io/enable-opentracing`.
@@ -1606,6 +1673,35 @@ func shouldLoadOpentracingModule(c interface{}, s interface{}) bool {
 	return false
 }
 
+// shouldLoadOpentelemetryModule determines whether or not the Opentelemetry module needs to be loaded.
+// It checks if `enable-opentelemetry` is set in the ConfigMap.
+func shouldLoadOpentelemetryModule(c interface{}, s interface{}) bool {
+	cfg, ok := c.(config.Configuration)
+	if !ok {
+		klog.Errorf("expected a 'config.Configuration' type but %T was returned", c)
+		return false
+	}
+
+	servers, ok := s.([]*ingress.Server)
+	if !ok {
+		klog.Errorf("expected an '[]*ingress.Server' type but %T was returned", s)
+		return false
+	}
+
+	if cfg.EnableOpentelemetry {
+		return true
+	}
+
+	for _, server := range servers {
+		for _, location := range server.Locations {
+			if location.Opentelemetry.Enabled {
+				return true
+			}
+		}
+	}
+	return false
+}
+
 func buildModSecurityForLocation(cfg config.Configuration, location *ingress.Location) string {
 	isMSEnabledInLoc := location.ModSecurity.Enable
 	isMSEnableSetInLoc := location.ModSecurity.EnableSet
diff --git a/internal/ingress/controller/template/template_test.go b/internal/ingress/controller/template/template_test.go
index cb1ebd1b7..343da506b 100644
--- a/internal/ingress/controller/template/template_test.go
+++ b/internal/ingress/controller/template/template_test.go
@@ -37,6 +37,7 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/authreq"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/influxdb"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/modsecurity"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/opentelemetry"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/opentracing"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ratelimit"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/rewrite"
@@ -1150,6 +1151,26 @@ func TestOpentracingPropagateContext(t *testing.T) {
 	}
 }
 
+func TestOpentelemetryPropagateContext(t *testing.T) {
+	tests := map[*ingress.Location]string{
+		{BackendProtocol: "HTTP"}:      "opentelemetry_propagate;",
+		{BackendProtocol: "HTTPS"}:     "opentelemetry_propagate;",
+		{BackendProtocol: "AUTO_HTTP"}: "opentelemetry_propagate;",
+		{BackendProtocol: "GRPC"}:      "opentelemetry_propagate;",
+		{BackendProtocol: "GRPCS"}:     "opentelemetry_propagate;",
+		{BackendProtocol: "AJP"}:       "opentelemetry_propagate;",
+		{BackendProtocol: "FCGI"}:      "opentelemetry_propagate;",
+		nil:                            "",
+	}
+
+	for loc, expectedDirective := range tests {
+		actualDirective := opentelemetryPropagateContext(loc)
+		if actualDirective != expectedDirective {
+			t.Errorf("Expected %v but returned %v", expectedDirective, actualDirective)
+		}
+	}
+}
+
 func TestGetIngressInformation(t *testing.T) {
 
 	testcases := map[string]struct {
@@ -1723,6 +1744,37 @@ func TestBuildOpenTracing(t *testing.T) {
 
 }
 
+func TestBuildOpenTelemetry(t *testing.T) {
+	invalidType := &ingress.Ingress{}
+	expected := ""
+	actual := buildOpentelemetry(invalidType, []*ingress.Server{})
+
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+
+	cfgNoHost := config.Configuration{
+		EnableOpentelemetry: true,
+	}
+	expected = "\r\n"
+	actual = buildOpentelemetry(cfgNoHost, []*ingress.Server{})
+
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+
+	cfgOpenTelemetry := config.Configuration{
+		EnableOpentelemetry:        true,
+		OpentelemetryOperationName: "my-operation-name",
+	}
+	expected = "\r\n"
+	expected += "opentelemetry_operation_name \"my-operation-name\";\n"
+	actual = buildOpentelemetry(cfgOpenTelemetry, []*ingress.Server{})
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+}
+
 func TestEnforceRegexModifier(t *testing.T) {
 	invalidType := &ingress.Ingress{}
 	expected := false
@@ -1903,6 +1955,107 @@ func TestShouldLoadOpentracingModule(t *testing.T) {
 	}
 }
 
+func TestOpentelemetryForLocation(t *testing.T) {
+	trueVal := true
+	falseVal := false
+
+	loadOT := `opentelemetry on;
+opentelemetry_propagate;
+opentelemetry_trust_incoming_spans on;`
+	loadOTUntrustedSpan := `opentelemetry on;
+opentelemetry_propagate;
+opentelemetry_trust_incoming_spans off;`
+	testCases := []struct {
+		description     string
+		globalOT        bool
+		isSetInLoc      bool
+		isOTInLoc       *bool
+		globalTrust     bool
+		isTrustSetInLoc bool
+		isTrustInLoc    *bool
+		expected        string
+	}{
+		{"globally enabled, without annotation", true, false, nil, true, false, nil, loadOT},
+		{"globally enabled and enabled in location", true, true, &trueVal, true, false, nil, loadOT},
+		{"globally disabled and not enabled in location", false, false, nil, true, false, nil, ""},
+		{"globally disabled but enabled in location", false, true, &trueVal, true, false, nil, loadOT},
+		{"globally trusted, not trusted in location", true, false, nil, true, true, &falseVal, loadOTUntrustedSpan},
+		{"not globally trusted, trust set in location", true, false, nil, false, true, &trueVal, loadOT},
+		{"not globally trusted, trust not set in location", true, false, nil, false, false, nil, loadOTUntrustedSpan},
+	}
+
+	for _, testCase := range testCases {
+		il := &ingress.Location{
+			Opentelemetry: opentelemetry.Config{Set: testCase.isSetInLoc, TrustSet: testCase.isTrustSetInLoc},
+		}
+		if il.Opentelemetry.Set {
+			il.Opentelemetry.Enabled = *testCase.isOTInLoc
+		}
+		if il.Opentelemetry.TrustSet {
+			il.Opentelemetry.TrustEnabled = *testCase.isTrustInLoc
+		}
+
+		actual := buildOpentelemetryForLocation(testCase.globalOT, testCase.globalTrust, il)
+
+		if testCase.expected != actual {
+			t.Errorf("%v: expected '%v' but returned '%v'", testCase.description, testCase.expected, actual)
+		}
+	}
+}
+
+func TestShouldLoadOpentelemetryModule(t *testing.T) {
+	// ### Invalid argument type tests ###
+	// The first tests should return false.
+	expected := false
+
+	invalidType := &ingress.Ingress{}
+	actual := shouldLoadOpentelemetryModule(config.Configuration{}, invalidType)
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+
+	actual = shouldLoadOpentelemetryModule(invalidType, []*ingress.Server{})
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+
+	// ### Functional tests ###
+	actual = shouldLoadOpentelemetryModule(config.Configuration{}, []*ingress.Server{})
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+
+	// All further tests should return true.
+	expected = true
+
+	configuration := config.Configuration{EnableOpentelemetry: true}
+	actual = shouldLoadOpentelemetryModule(configuration, []*ingress.Server{})
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+
+	servers := []*ingress.Server{
+		{
+			Locations: []*ingress.Location{
+				{
+					Opentelemetry: opentelemetry.Config{
+						Enabled: true,
+					},
+				},
+			},
+		},
+	}
+	actual = shouldLoadOpentelemetryModule(config.Configuration{}, servers)
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+
+	actual = shouldLoadOpentelemetryModule(configuration, servers)
+	if expected != actual {
+		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
+	}
+}
+
 func TestModSecurityForLocation(t *testing.T) {
 	loadModule := `modsecurity on;
 `
diff --git a/mkdocs.yml b/mkdocs.yml
index c76a640f6..62c0ccf48 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -101,6 +101,7 @@ nav:
       - Third party addons:
           - ModSecurity Web Application Firewall: "user-guide/third-party-addons/modsecurity.md"
           - OpenTracing: "user-guide/third-party-addons/opentracing.md"
+          - OpenTelemetry: "user-guide/third-party-addons/opentelemetry.md"
   - Examples:
       - Introduction: "examples/index.md"
       - Prerequisites: "examples/PREREQUISITES.md"
diff --git a/pkg/apis/ingress/types.go b/pkg/apis/ingress/types.go
index 9395683ec..08a2f7575 100644
--- a/pkg/apis/ingress/types.go
+++ b/pkg/apis/ingress/types.go
@@ -35,6 +35,7 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/log"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/mirror"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/modsecurity"
+	"k8s.io/ingress-nginx/internal/ingress/annotations/opentelemetry"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/opentracing"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/proxy"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/proxyssl"
@@ -360,6 +361,9 @@ type Location struct {
 	// Opentracing allows the global opentracing setting to be overridden for a location
 	// +optional
 	Opentracing opentracing.Config `json:"opentracing"`
+	// Opentelemetry allows the global opentelemetry setting to be overridden for a location
+	// +optional
+	Opentelemetry opentelemetry.Config `json:"opentelemetry"`
 }
 
 // SSLPassthroughBackend describes a SSL upstream server configured
diff --git a/pkg/apis/ingress/types_equals.go b/pkg/apis/ingress/types_equals.go
index 2485f8a7b..8a54f3758 100644
--- a/pkg/apis/ingress/types_equals.go
+++ b/pkg/apis/ingress/types_equals.go
@@ -464,6 +464,10 @@ func (l1 *Location) Equal(l2 *Location) bool {
 		return false
 	}
 
+	if !l1.Opentelemetry.Equal(&l2.Opentelemetry) {
+		return false
+	}
+
 	if !l1.Mirror.Equal(&l2.Mirror) {
 		return false
 	}
diff --git a/rootfs/etc/nginx/template/nginx.tmpl b/rootfs/etc/nginx/template/nginx.tmpl
old mode 100755
new mode 100644
index 958397dd5..014c8cc2a
--- a/rootfs/etc/nginx/template/nginx.tmpl
+++ b/rootfs/etc/nginx/template/nginx.tmpl
@@ -37,6 +37,10 @@ load_module /etc/nginx/modules/ngx_http_modsecurity_module.so;
 load_module /etc/nginx/modules/ngx_http_opentracing_module.so;
 {{ end }}
 
+{{ if (shouldLoadOpentelemetryModule $cfg $servers) }}
+load_module /modules_mount/etc/nginx/modules/otel/otel_ngx_module.so;
+{{ end }}
+
 daemon off;
 
 worker_processes {{ $cfg.WorkerProcesses }};
@@ -64,6 +68,10 @@ events {
 }
 
 http {
+    {{ if (shouldLoadOpentelemetryModule $cfg $servers) }}
+    opentelemetry_config {{ $cfg.OpentelemetryConfig }};
+    {{ end }}
+
     lua_package_path "/etc/nginx/lua/?.lua;;";
 
     {{ buildLuaSharedDictionaries $cfg $servers }}
@@ -322,6 +330,7 @@ http {
     limit_conn_status               {{ $cfg.LimitConnStatusCode }};
 
     {{ buildOpentracing $cfg $servers }}
+    {{ buildOpentelemetry $cfg $servers }}
 
     include /etc/nginx/mime.types;
     default_type {{ $cfg.DefaultType }};
@@ -695,6 +704,9 @@ http {
         opentracing off;
         {{ end }}
 
+        {{ if $cfg.EnableOpentelemetry }}
+        opentelemetry off;
+        {{ end }}
         location {{ $healthzURI }} {
             return 200;
         }
@@ -1063,6 +1075,11 @@ stream {
             opentracing_propagate_context;
             {{ end }}
 
+            {{ if (or $all.Cfg.EnableOpentelemetry $location.Opentelemetry.Enabled) }}
+            opentelemetry on;
+            opentelemetry_propagate;
+            {{ end }}
+
             access_log off;
 
             # Ensure that modsecurity will not run on an internal location as this is not accessible from outside
@@ -1204,6 +1221,7 @@ stream {
             set $global_rate_limit_exceeding n;
 
             {{ buildOpentracingForLocation $all.Cfg.EnableOpentracing $all.Cfg.OpentracingTrustIncomingSpan $location }}
+            {{ buildOpentelemetryForLocation $all.Cfg.EnableOpentelemetry $all.Cfg.OpentelemetryTrustIncomingSpan $location }}
 
             {{ if $location.Mirror.Source }}
             mirror {{ $location.Mirror.Source }};
@@ -1520,6 +1538,10 @@ stream {
             opentracing off;
             {{ end }}
 
+            {{ if $all.Cfg.EnableOpentelemetry }}
+            opentelemetry off;
+            {{ end }}
+
             access_log off;
             return 200;
         }
@@ -1531,6 +1553,10 @@ stream {
             opentracing off;
             {{ end }}
 
+            {{ if $all.Cfg.EnableOpentelemetry }}
+            opentelemetry off;
+            {{ end }}
+
             {{ range $v := $all.NginxStatusIpv4Whitelist }}
             allow {{ $v }};
             {{ end }}
diff --git a/test/e2e/framework/exec.go b/test/e2e/framework/exec.go
index 0284e768c..d91d36551 100644
--- a/test/e2e/framework/exec.go
+++ b/test/e2e/framework/exec.go
@@ -21,6 +21,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"os"
 	"os/exec"
 	"regexp"
 	"strconv"
@@ -111,7 +112,11 @@ func (f *Framework) NamespaceContent() (string, error) {
 // newIngressController deploys a new NGINX Ingress controller in a namespace
 func (f *Framework) newIngressController(namespace string, namespaceOverlay string) error {
 	// Creates an nginx deployment
-	cmd := exec.Command("./wait-for-nginx.sh", namespace, namespaceOverlay)
+	isChroot, ok := os.LookupEnv("IS_CHROOT")
+	if !ok {
+		isChroot = "false"
+	}
+	cmd := exec.Command("./wait-for-nginx.sh", namespace, namespaceOverlay, isChroot)
 	out, err := cmd.CombinedOutput()
 	if err != nil {
 		return fmt.Errorf("unexpected error waiting for ingress controller deployment: %v.\nLogs:\n%v", err, string(out))
diff --git a/test/e2e/run-e2e-suite.sh b/test/e2e/run-e2e-suite.sh
index b1de8bf9a..a3bf589cd 100755
--- a/test/e2e/run-e2e-suite.sh
+++ b/test/e2e/run-e2e-suite.sh
@@ -76,6 +76,7 @@ kubectl run --rm \
   --restart=Never \
   --env="E2E_NODES=${E2E_NODES}" \
   --env="FOCUS=${FOCUS}" \
+  --env="IS_CHROOT=${IS_CHROOT:-false}"\
   --env="E2E_CHECK_LEAKS=${E2E_CHECK_LEAKS}" \
   --env="NGINX_BASE_IMAGE=${NGINX_BASE_IMAGE}" \
   --overrides='{ "apiVersion": "v1", "spec":{"serviceAccountName": "ingress-nginx-e2e"}}' \
diff --git a/test/e2e/settings/opentelemetry.go b/test/e2e/settings/opentelemetry.go
new file mode 100644
index 000000000..92d202cb3
--- /dev/null
+++ b/test/e2e/settings/opentelemetry.go
@@ -0,0 +1,119 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package settings
+
+import (
+	"strings"
+
+	"github.com/onsi/ginkgo/v2"
+
+	"k8s.io/ingress-nginx/test/e2e/framework"
+)
+
+const (
+	enableOpentelemetry            = "enable-opentelemetry"
+	opentelemetryTrustIncomingSpan = "opentelemetry-trust-incoming-span"
+
+	opentelemetryOperationName         = "opentelemetry-operation-name"
+	opentelemetryLocationOperationName = "opentelemetry-location-operation-name"
+	opentelemetryConfig                = "opentelemetry-config"
+	opentelemetryConfigPath            = "/etc/nginx/opentelemetry.toml"
+)
+
+var _ = framework.IngressNginxDescribe("Configure Opentelemetry", func() {
+	f := framework.NewDefaultFramework("enable-opentelemetry")
+
+	ginkgo.BeforeEach(func() {
+		f.NewEchoDeployment()
+	})
+
+	ginkgo.AfterEach(func() {
+	})
+
+	ginkgo.It("should not exists opentelemetry directive", func() {
+		config := map[string]string{}
+		config[enableOpentelemetry] = "false"
+		f.SetNginxConfigMapData(config)
+
+		f.EnsureIngress(framework.NewSingleIngress(enableOpentelemetry, "/", enableOpentelemetry, f.Namespace, "http-svc", 80, nil))
+
+		f.WaitForNginxConfiguration(
+			func(cfg string) bool {
+				return !strings.Contains(cfg, "opentelemetry on")
+			})
+	})
+
+	ginkgo.It("should exists opentelemetry directive when is enabled", func() {
+		config := map[string]string{}
+		config[enableOpentelemetry] = "true"
+		config[opentelemetryConfig] = opentelemetryConfigPath
+		f.SetNginxConfigMapData(config)
+
+		f.EnsureIngress(framework.NewSingleIngress(enableOpentelemetry, "/", enableOpentelemetry, f.Namespace, "http-svc", 80, nil))
+
+		f.WaitForNginxConfiguration(
+			func(cfg string) bool {
+				return strings.Contains(cfg, "opentelemetry on")
+			})
+	})
+
+	ginkgo.It("should include opentelemetry_trust_incoming_spans on directive when enabled", func() {
+		config := map[string]string{}
+		config[enableOpentelemetry] = "true"
+		config[opentelemetryConfig] = opentelemetryConfigPath
+		config[opentelemetryTrustIncomingSpan] = "true"
+		f.SetNginxConfigMapData(config)
+
+		f.EnsureIngress(framework.NewSingleIngress(enableOpentelemetry, "/", enableOpentelemetry, f.Namespace, "http-svc", 80, nil))
+
+		f.WaitForNginxConfiguration(
+			func(cfg string) bool {
+				return strings.Contains(cfg, "opentelemetry_trust_incoming_spans on")
+			})
+	})
+
+	ginkgo.It("should not exists opentelemetry_operation_name directive when is empty", func() {
+		config := map[string]string{}
+		config[enableOpentelemetry] = "true"
+		config[opentelemetryConfig] = opentelemetryConfigPath
+		config[opentelemetryOperationName] = ""
+		f.SetNginxConfigMapData(config)
+
+		f.EnsureIngress(framework.NewSingleIngress(enableOpentelemetry, "/", enableOpentelemetry, f.Namespace, "http-svc", 80, nil))
+
+		f.WaitForNginxConfiguration(
+			func(cfg string) bool {
+				return !strings.Contains(cfg, "opentelemetry_operation_name")
+			})
+	})
+
+	ginkgo.It("should exists opentelemetry_operation_name directive when is configured", func() {
+		config := map[string]string{}
+		config[enableOpentelemetry] = "true"
+		config[opentelemetryConfig] = opentelemetryConfigPath
+		config[opentelemetryOperationName] = "HTTP $request_method $uri"
+		f.SetNginxConfigMapData(config)
+
+		f.EnsureIngress(framework.NewSingleIngress(enableOpentelemetry, "/", enableOpentelemetry, f.Namespace, "http-svc", 80, nil))
+
+		f.WaitForNginxConfiguration(
+			func(cfg string) bool {
+				return strings.Contains(cfg, `opentelemetry_operation_name "HTTP $request_method $uri"`)
+			})
+	})
+
+})
diff --git a/test/e2e/wait-for-nginx.sh b/test/e2e/wait-for-nginx.sh
index 190f71e6d..153d348c2 100755
--- a/test/e2e/wait-for-nginx.sh
+++ b/test/e2e/wait-for-nginx.sh
@@ -23,6 +23,7 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 
 export NAMESPACE=$1
 export NAMESPACE_OVERLAY=$2
+export IS_CHROOT=$3
 
 echo "deploying NGINX Ingress controller in namespace $NAMESPACE"
 
@@ -46,6 +47,16 @@ metadata:
 
 EOF
 
+OTEL_MODULE=$(cat <<EOF
+  opentelemetry:
+    enabled: true
+EOF
+)
+
+if [[ "$NAMESPACE_OVERLAY" != "enable-opentelemetry" ]]; then
+  OTEL_MODULE=""
+fi
+
 # Use the namespace overlay if it was requested
 if [[ ! -z "$NAMESPACE_OVERLAY" && -d "$DIR/namespace-overlays/$NAMESPACE_OVERLAY" ]]; then
     echo "Namespace overlay $NAMESPACE_OVERLAY is being used for namespace $NAMESPACE"
@@ -59,7 +70,7 @@ fullnameOverride: nginx-ingress
 controller:
   image:
     repository: ingress-controller/controller
-    chroot: true
+    chroot: ${IS_CHROOT}
     tag: 1.0.0-dev
     digest:
     digestChroot:
@@ -100,6 +111,8 @@ controller:
       hostPath:
         path: /tmp/coredump
 
+${OTEL_MODULE}
+
 rbac:
   create: true
   scope: true

From 5d678e054278d3822b8d1c9c4dfd6e4da8a11458 Mon Sep 17 00:00:00 2001
From: ouyang <oulinbao@163.com>
Date: Wed, 22 Mar 2023 18:50:22 -0700
Subject: [PATCH 03/30] Update exposing-tcp-udp-services.md (#9777)

---
 docs/user-guide/exposing-tcp-udp-services.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/user-guide/exposing-tcp-udp-services.md b/docs/user-guide/exposing-tcp-udp-services.md
index 6b595ffae..63293f0e5 100644
--- a/docs/user-guide/exposing-tcp-udp-services.md
+++ b/docs/user-guide/exposing-tcp-udp-services.md
@@ -63,3 +63,9 @@ spec:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
 ```
+Then, the configmap should be added into ingress controller's deployment args.
+```
+ args:
+    - /nginx-ingress-controller
+    - --tcp-services-configmap=ingress-nginx/tcp-services
+```

From 72ff21ed9e26cb969052c753633049ba8a87ecf9 Mon Sep 17 00:00:00 2001
From: James Strong <strong.james.e@gmail.com>
Date: Wed, 22 Mar 2023 23:26:22 -0400
Subject: [PATCH 04/30] kick off 1.7.0 build (#9775)

Signed-off-by: James Strong <strong.james.e@gmail.com>
---
 TAG | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/TAG b/TAG
index 9dc820555..b13f0e3bc 100644
--- a/TAG
+++ b/TAG
@@ -1,2 +1,2 @@
-v1.6.4
+v1.7.0
 

From 7865825cf018624bef7a76fb8481e39dcd2032bc Mon Sep 17 00:00:00 2001
From: James Strong <strong.james.e@gmail.com>
Date: Fri, 24 Mar 2023 09:45:31 -0400
Subject: [PATCH 05/30] release notes v1.7.0

Signed-off-by: James Strong <strong.james.e@gmail.com>
---
 README.md                                     |    1 +
 TAG                                           |    2 +-
 changelog/Changelog-1.7.0.md                  |   78 +
 charts/ingress-nginx/Chart.yaml               |   22 +-
 charts/ingress-nginx/README.md                |    8 +-
 .../changelog/Changelog-4.6.0.md              |   24 +
 charts/ingress-nginx/values.yaml              | 1652 ++++++++---------
 deploy/static/provider/aws/deploy.yaml        |   44 +-
 .../aws/nlb-with-tls-termination/deploy.yaml  |   44 +-
 deploy/static/provider/baremetal/deploy.yaml  |   44 +-
 deploy/static/provider/cloud/deploy.yaml      |   44 +-
 deploy/static/provider/do/deploy.yaml         |   44 +-
 deploy/static/provider/exoscale/deploy.yaml   |   44 +-
 deploy/static/provider/kind/deploy.yaml       |   44 +-
 deploy/static/provider/scw/deploy.yaml        |   44 +-
 docs/e2e-tests.md                             |  277 +--
 docs/user-guide/exposing-tcp-udp-services.md  |    6 +
 magefiles/release.go                          |    2 +-
 18 files changed, 1283 insertions(+), 1141 deletions(-)
 create mode 100644 changelog/Changelog-1.7.0.md
 create mode 100644 charts/ingress-nginx/changelog/Changelog-4.6.0.md

diff --git a/README.md b/README.md
index 855c47418..f3f68366e 100644
--- a/README.md
+++ b/README.md
@@ -38,6 +38,7 @@ the versions listed. Ingress-Nginx versions may work on older versions but the p
 
 | Ingress-NGINX version | k8s supported version        | Alpine Version | Nginx Version |
 |-----------------------|------------------------------|----------------|---------------|
+| v1.7.0                | 1.26, 1.25, 1.24             | 3.17.2         | 1.21.6        |
 | v1.6.4                | 1.26, 1.25, 1.24, 1.23       | 3.17.0         | 1.21.6        |
 | v1.5.1                | 1.25, 1.24, 1.23             | 3.16.2         | 1.21.6        |
 | v1.4.0                | 1.25, 1.24, 1.23, 1.22       | 3.16.2         | 1.19.10†      |
diff --git a/TAG b/TAG
index 9dc820555..b13f0e3bc 100644
--- a/TAG
+++ b/TAG
@@ -1,2 +1,2 @@
-v1.6.4
+v1.7.0
 
diff --git a/changelog/Changelog-1.7.0.md b/changelog/Changelog-1.7.0.md
new file mode 100644
index 000000000..6a938c5f5
--- /dev/null
+++ b/changelog/Changelog-1.7.0.md
@@ -0,0 +1,78 @@
+# Changelog
+
+### 1.7.0
+Images:
+
+ * registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
+ * registry.k8s.io/ingress-nginx/controller-chroot:v1.7.0@sha256:e84ef3b44c8efeefd8b0aa08770a886bfea1f04c53b61b4ba9a7204e9f1a7edc
+ 
+### All Changes:
+
+* kick off 1.7.0 build (#9775)
+* Update exposing-tcp-udp-services.md (#9777)
+* feat: OpenTelemetry module integration (#9062)
+* drop k8s 1.23 support (#9772)
+* Fix canary-weight-total annotation ignored in rule backends (#9729)
+* fix: controller psp's volume config (#9740)
+* Fix several Helm YAML issues with extraModules and extraInitContainers (#9709)
+* docs(helm): fix value key in readme for enabling certManager (#9640)
+* updated digest and sha for e2e-test-echo (#9760)
+* updated digest and sha for e2e-test-fastcgi-helloserver (#9759)
+* updated digest and sha for opentelemetry (#9758)
+* updated digest and sha for e2e-test-cfssl (#9757)
+* updated kube-webhook-certgen digest and tags (#9756)
+* updated nginx-error digest and tags (#9755)
+* added upgrade ginkgo documentation for contributors (#9753)
+* changes Makefile of echo folder to trigger code-build (#9754)
+* Chart: Drop `controller.headers`, rework DH param secret. (#9659)
+* updated NGINX_BASE image with latest tag (#9747)
+* Deployment/DaemonSet: Label pods using `ingress-nginx.labels`. (#9732)
+* bumped ginkgo to v2.9.0 (#9722)
+* HPA: autoscaling/v2beta1 deprecated, bump apiVersion to v2 for defaultBackend (#9731)
+* update to golang 1.20 (#9690)
+* Indent values.yaml using 2 instead of 4 spaces (#9656)
+* fix some comments (#9688)
+* migrate mitchellh/hashstructure to v2 (#9651)
+* changed v1.6.3 to v1.6.4 on deploy docs (#9647)
+* controller: Don't panic when ready condition in a endpointslice is missing (#9550)
+* Rework Ginkgo usage (#9522)
+* code clean for fsnotify (#9571)
+* Optimize the document for readability (#9551)
+* sets.String is deprecated: use generic Set instead. new ways: s1 := Set[string]{} s2 := New[string]() (#9589)
+* Adjust the import package order and use http library variables (#9587)
+* Optimize the judgment mode to remove redundant transformations (#9588)
+* Fix rewrite example (#9633)
+* remove tests and regex path checks (#9626)
+* Fix incorrect annotation name in upstream hashing configuration (#9617)
+* Release docs for Controller v1.6.3 and Helm v4.5.0 (#9614)
+
+### Dependencies updates: 
+* Bump aquasecurity/trivy-action from 0.8.0 to 0.9.2 (#9767)
+* Bump k8s.io/component-base from 0.26.2 to 0.26.3 (#9764)
+* Bump actions/dependency-review-action from 3.0.3 to 3.0.4 (#9766)
+* Bump actions/add-to-project from 0.4.0 to 0.4.1 (#9765)
+* Bump actions/dependency-review-action from 3.0.2 to 3.0.3 (#9727)
+* Bump github.com/prometheus/common from 0.41.0 to 0.42.0 (#9724)
+* Bump golang.org/x/crypto from 0.6.0 to 0.7.0 (#9723)
+* Bump actions/download-artifact from 3.0.1 to 3.0.2 (#9721)
+* Bump goreleaser/goreleaser-action from 4.1.0 to 4.2.0 (#9718)
+* Bump actions/upload-artifact from 3.1.1 to 3.1.2 (#9717)
+* Bump docker/setup-buildx-action from 2.2.1 to 2.5.0 (#9719)
+* Bump helm/chart-releaser-action from 1.4.1 to 1.5.0 (#9720)
+* Bump github.com/onsi/ginkgo/v2 from 2.6.1 to 2.9.0 (#9695)
+* Bump k8s.io/klog/v2 from 2.90.0 to 2.90.1 (#9694)
+* Bump golang.org/x/crypto in /magefiles (#9691)
+* Bump k8s.io/component-base from 0.26.1 to 0.26.2 (#9696)
+* Bump github.com/prometheus/common from 0.40.0 to 0.41.0 (#9698)
+* Bump sigs.k8s.io/controller-runtime from 0.14.2 to 0.14.5 (#9697)
+* Bump golang.org/x/net in /magefiles (#9692)
+* Bump golang.org/x/sys in /images/custom-error-pages/rootfs (#9671)
+* Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#9675)
+* Bump github.com/prometheus/common from 0.39.0 to 0.40.0 (#9653)
+* Bump golang.org/x/net from 0.6.0 to 0.7.0 (#9646)
+* Bump golang.org/x/net in /images/kube-webhook-certgen/rootfs (#9645)
+* Bump google.golang.org/grpc from 1.52.3 to 1.53.0 (#9610)
+* Bump github.com/prometheus/client_golang (#9630)
+* Bump golang.org/x/crypto from 0.5.0 to 0.6.0 (#9609)
+ 
+**Full Changelog**: https://github.com/kubernetes/ingress-nginx/compare/controller-controller-v1.6.3...controller-controller-v1.7.0
diff --git a/charts/ingress-nginx/Chart.yaml b/charts/ingress-nginx/Chart.yaml
index 21779e195..130fe06fd 100644
--- a/charts/ingress-nginx/Chart.yaml
+++ b/charts/ingress-nginx/Chart.yaml
@@ -1,13 +1,21 @@
 annotations:
   artifacthub.io/changes: |
-     - "add lint on chart before release (#9570)"
-     - "ci: remove setup-helm step (#9404)"
-     - "feat(helm): Optionally use cert-manager instead admission patch (#9279)"
-     - "run helm release on main only and when the chart/value changes only (#9290)"
-     - "Update Ingress-Nginx version controller-v1.6.4"
+    - "Upgrade alpine 3.17.2"
+    - "Upgrade golang 1.20"
+    - "Drop testing/support for Kubernetes 1.23"
+    - "docs(helm): fix value key in readme for enabling certManager (#9640)"
+    - "Update Ingress-Nginx version controller-v1.7.0"
+    - "feat: OpenTelemetry module integration (#9062)"
+    - "canary-weight-total annotation ignored in rule backends (#9729)"
+    - "fix controller psp's volume config (#9740)"
+    - "Fix several Helm YAML issues with extraModules and extraInitContainers (#9709)"
+    - "Chart: Drop `controller.headers`, rework DH param secret. (#9659)"
+    - "Deployment/DaemonSet: Label pods using `ingress-nginx.labels`. (#9732)"
+    - "HPA: autoscaling/v2beta1 deprecated, bump apiVersion to v2 for defaultBackend (#9731)"
+    - "Fix incorrect annotation name in upstream hashing configuration (#9617)"
   artifacthub.io/prerelease: "false"
 apiVersion: v2
-appVersion: 1.6.4
+appVersion: 4.6.0
 description: Ingress controller for Kubernetes using NGINX as a reverse proxy and
   load balancer
 engine: gotpl
@@ -24,4 +32,4 @@ maintainers:
 name: ingress-nginx
 sources:
 - https://github.com/kubernetes/ingress-nginx
-version: 4.5.2
+version: 4.5.4
diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md
index 9659df139..dcd5af57e 100644
--- a/charts/ingress-nginx/README.md
+++ b/charts/ingress-nginx/README.md
@@ -2,7 +2,7 @@
 
 [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer
 
-![Version: 4.5.2](https://img.shields.io/badge/Version-4.5.2-informational?style=flat-square) ![AppVersion: 1.6.4](https://img.shields.io/badge/AppVersion-1.6.4-informational?style=flat-square)
+![Version: 4.5.4](https://img.shields.io/badge/Version-4.5.4-informational?style=flat-square) ![AppVersion: 4.6.0](https://img.shields.io/badge/AppVersion-4.6.0-informational?style=flat-square)
 
 To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources.
 
@@ -333,13 +333,13 @@ Kubernetes: `>=1.20.0-0`
 | controller.hostname | object | `{}` | Optionally customize the pod hostname. |
 | controller.image.allowPrivilegeEscalation | bool | `true` |  |
 | controller.image.chroot | bool | `false` |  |
-| controller.image.digest | string | `"sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f"` |  |
-| controller.image.digestChroot | string | `"sha256:0de01e2c316c3ca7847ca13b32d077af7910d07f21a4a82f81061839764f8f81"` |  |
+| controller.image.digest | string | `"sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7"` |  |
+| controller.image.digestChroot | string | `"sha256:e84ef3b44c8efeefd8b0aa08770a886bfea1f04c53b61b4ba9a7204e9f1a7edc"` |  |
 | controller.image.image | string | `"ingress-nginx/controller"` |  |
 | controller.image.pullPolicy | string | `"IfNotPresent"` |  |
 | controller.image.registry | string | `"registry.k8s.io"` |  |
 | controller.image.runAsUser | int | `101` |  |
-| controller.image.tag | string | `"v1.6.4"` |  |
+| controller.image.tag | string | `"v1.7.0"` |  |
 | controller.ingressClass | string | `"nginx"` | For backwards compatibility with ingress.class annotation, use ingressClass. Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation |
 | controller.ingressClassByName | bool | `false` | Process IngressClass per name (additionally as per spec.controller). |
 | controller.ingressClassResource.controllerValue | string | `"k8s.io/ingress-nginx"` | Controller-value of the controller that is processing this ingressClass |
diff --git a/charts/ingress-nginx/changelog/Changelog-4.6.0.md b/charts/ingress-nginx/changelog/Changelog-4.6.0.md
new file mode 100644
index 000000000..469aaba8c
--- /dev/null
+++ b/charts/ingress-nginx/changelog/Changelog-4.6.0.md
@@ -0,0 +1,24 @@
+# Changelog
+
+This file documents all notable changes to [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Helm Chart. The release numbering uses [semantic versioning](http://semver.org).
+
+### 4.5.3
+
+* docs(helm): fix value key in readme for enabling certManager (#9640)
+* Upgrade alpine 3.17.2
+* Upgrade golang 1.20
+* Drop testing/support for Kubernetes 1.23
+* docs(helm): fix value key in readme for enabling certManager (#9640)
+* Update Ingress-Nginx version controller-v1.7.0
+* feat: OpenTelemetry module integration (#9062)
+* canary-weight-total annotation ignored in rule backends (#9729)
+* fix controller psp's volume config (#9740)
+* Fix several Helm YAML issues with extraModules and extraInitContainers (#9709)
+* Chart: Drop `controller.headers`, rework DH param secret. (#9659)
+* Deployment/DaemonSet: Label pods using `ingress-nginx.labels`. (#9732)
+* HPA: autoscaling/v2beta1 deprecated, bump apiVersion to v2 for defaultBackend (#9731)
+* Fix incorrect annotation name in upstream hashing configuration (#9617)
+
+* Update Ingress-Nginx version controller-v1.7.0
+
+**Full Changelog**: https://github.com/kubernetes/ingress-nginx/compare/helm-chart-4.5.2...helm-chart-4.6.0
diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml
index 1a538f810..6627bf220 100644
--- a/charts/ingress-nginx/values.yaml
+++ b/charts/ingress-nginx/values.yaml
@@ -14,148 +14,541 @@ commonLabels: {}
 # myLabel: aakkmd
 
 controller:
-    name: controller
-    image:
-        ## Keep false as default for now!
-        chroot: false
-        registry: registry.k8s.io
-        image: ingress-nginx/controller
-        ## for backwards compatibility consider setting the full image url via the repository value below
-        ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
-        ## repository:
-        tag: "v1.6.4"
-        digest: sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
-        digestChroot: sha256:0de01e2c316c3ca7847ca13b32d077af7910d07f21a4a82f81061839764f8f81
-        pullPolicy: IfNotPresent
-        # www-data -> uid 101
-        runAsUser: 101
-        allowPrivilegeEscalation: true
-    # -- Use an existing PSP instead of creating one
-    existingPsp: ""
-    # -- Configures the controller container name
-    containerName: controller
-    # -- Configures the ports that the nginx-controller listens on
-    containerPort:
-        http: 80
-        https: 443
-    # -- Will add custom configuration options to Nginx https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/
-    config: {}
-    # -- Annotations to be added to the controller config configuration configmap.
-    configAnnotations: {}
-    # -- Will add custom headers before sending traffic to backends according to https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/custom-headers
-    proxySetHeaders: {}
-    # -- Will add custom headers before sending response traffic to the client according to: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#add-headers
-    addHeaders: {}
-    # -- Optionally customize the pod dnsConfig.
-    dnsConfig: {}
-    # -- Optionally customize the pod hostname.
-    hostname: {}
-    # -- Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'.
-    # By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller
-    # to keep resolving names inside the k8s network, use ClusterFirstWithHostNet.
-    dnsPolicy: ClusterFirst
-    # -- Bare-metal considerations via the host network https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network
-    # Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply
-    reportNodeInternalIp: false
-    # -- Process Ingress objects without ingressClass annotation/ingressClassName field
-    # Overrides value for --watch-ingress-without-class flag of the controller binary
-    # Defaults to false
-    watchIngressWithoutClass: false
-    # -- Process IngressClass per name (additionally as per spec.controller).
-    ingressClassByName: false
-    # -- This configuration enables Topology Aware Routing feature, used together with service annotation service.kubernetes.io/topology-aware-hints="auto"
-    # Defaults to false
-    enableTopologyAwareRouting: false
-    # -- This configuration defines if Ingress Controller should allow users to set
-    # their own *-snippet annotations, otherwise this is forbidden / dropped
-    # when users add those annotations.
-    # Global snippets in ConfigMap are still respected
-    allowSnippetAnnotations: true
-    # -- Required for use with CNI based kubernetes installations (such as ones set up by kubeadm),
-    # since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920
-    # is merged
-    hostNetwork: false
-    ## Use host ports 80 and 443
-    ## Disabled by default
-    hostPort:
-        # -- Enable 'hostPort' or not
-        enabled: false
-        ports:
-            # -- 'hostPort' http port
-            http: 80
-            # -- 'hostPort' https port
-            https: 443
-    # -- Election ID to use for status update, by default it uses the controller name combined with a suffix of 'leader'
-    electionID: ""
-    ## This section refers to the creation of the IngressClass resource
-    ## IngressClass resources are supported since k8s >= 1.18 and required since k8s >= 1.19
-    ingressClassResource:
-        # -- Name of the ingressClass
-        name: nginx
-        # -- Is this ingressClass enabled or not
-        enabled: true
-        # -- Is this the default ingressClass for the cluster
-        default: false
-        # -- Controller-value of the controller that is processing this ingressClass
-        controllerValue: "k8s.io/ingress-nginx"
-        # -- Parameters is a link to a custom resource containing additional
-        # configuration for the controller. This is optional if the controller
-        # does not require extra parameters.
-        parameters: {}
-    # -- For backwards compatibility with ingress.class annotation, use ingressClass.
-    # Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation
-    ingressClass: nginx
-    # -- Labels to add to the pod container metadata
-    podLabels: {}
-    #  key: value
+  name: controller
+  image:
+    ## Keep false as default for now!
+    chroot: false
+    registry: registry.k8s.io
+    image: ingress-nginx/controller
+    ## for backwards compatibility consider setting the full image url via the repository value below
+    ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
+    ## repository:
+    tag: "v1.7.0"
+    digest: sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
+    digestChroot: sha256:e84ef3b44c8efeefd8b0aa08770a886bfea1f04c53b61b4ba9a7204e9f1a7edc
+    pullPolicy: IfNotPresent
+    # www-data -> uid 101
+    runAsUser: 101
+    allowPrivilegeEscalation: true
+  # -- Use an existing PSP instead of creating one
+  existingPsp: ""
+  # -- Configures the controller container name
+  containerName: controller
+  # -- Configures the ports that the nginx-controller listens on
+  containerPort:
+    http: 80
+    https: 443
+  # -- Will add custom configuration options to Nginx https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/
+  config: {}
+  # -- Annotations to be added to the controller config configuration configmap.
+  configAnnotations: {}
+  # -- Will add custom headers before sending traffic to backends according to https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/custom-headers
+  proxySetHeaders: {}
+  # -- Will add custom headers before sending response traffic to the client according to: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#add-headers
+  addHeaders: {}
+  # -- Optionally customize the pod dnsConfig.
+  dnsConfig: {}
+  # -- Optionally customize the pod hostname.
+  hostname: {}
+  # -- Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'.
+  # By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller
+  # to keep resolving names inside the k8s network, use ClusterFirstWithHostNet.
+  dnsPolicy: ClusterFirst
+  # -- Bare-metal considerations via the host network https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network
+  # Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply
+  reportNodeInternalIp: false
+  # -- Process Ingress objects without ingressClass annotation/ingressClassName field
+  # Overrides value for --watch-ingress-without-class flag of the controller binary
+  # Defaults to false
+  watchIngressWithoutClass: false
+  # -- Process IngressClass per name (additionally as per spec.controller).
+  ingressClassByName: false
+  # -- This configuration enables Topology Aware Routing feature, used together with service annotation service.kubernetes.io/topology-aware-hints="auto"
+  # Defaults to false
+  enableTopologyAwareRouting: false
+  # -- This configuration defines if Ingress Controller should allow users to set
+  # their own *-snippet annotations, otherwise this is forbidden / dropped
+  # when users add those annotations.
+  # Global snippets in ConfigMap are still respected
+  allowSnippetAnnotations: true
+  # -- Required for use with CNI based kubernetes installations (such as ones set up by kubeadm),
+  # since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920
+  # is merged
+  hostNetwork: false
+  ## Use host ports 80 and 443
+  ## Disabled by default
+  hostPort:
+    # -- Enable 'hostPort' or not
+    enabled: false
+    ports:
+      # -- 'hostPort' http port
+      http: 80
+      # -- 'hostPort' https port
+      https: 443
+  # -- Election ID to use for status update, by default it uses the controller name combined with a suffix of 'leader'
+  electionID: ""
+  ## This section refers to the creation of the IngressClass resource
+  ## IngressClass resources are supported since k8s >= 1.18 and required since k8s >= 1.19
+  ingressClassResource:
+    # -- Name of the ingressClass
+    name: nginx
+    # -- Is this ingressClass enabled or not
+    enabled: true
+    # -- Is this the default ingressClass for the cluster
+    default: false
+    # -- Controller-value of the controller that is processing this ingressClass
+    controllerValue: "k8s.io/ingress-nginx"
+    # -- Parameters is a link to a custom resource containing additional
+    # configuration for the controller. This is optional if the controller
+    # does not require extra parameters.
+    parameters: {}
+  # -- For backwards compatibility with ingress.class annotation, use ingressClass.
+  # Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation
+  ingressClass: nginx
+  # -- Labels to add to the pod container metadata
+  podLabels: {}
+  #  key: value
 
-    # -- Security Context policies for controller pods
-    podSecurityContext: {}
-    # -- See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for notes on enabling and using sysctls
-    sysctls: {}
-    # sysctls:
-    #   "net.core.somaxconn": "8192"
+  # -- Security Context policies for controller pods
+  podSecurityContext: {}
+  # -- See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for notes on enabling and using sysctls
+  sysctls: {}
+  # sysctls:
+  #   "net.core.somaxconn": "8192"
 
-    # -- Allows customization of the source of the IP address or FQDN to report
-    # in the ingress status field. By default, it reads the information provided
-    # by the service. If disable, the status field reports the IP address of the
-    # node or nodes where an ingress controller pod is running.
-    publishService:
-        # -- Enable 'publishService' or not
-        enabled: true
-        # -- Allows overriding of the publish service to bind to
-        # Must be <namespace>/<service_name>
-        pathOverride: ""
-    # Limit the scope of the controller to a specific namespace
-    scope:
-        # -- Enable 'scope' or not
-        enabled: false
-        # -- Namespace to limit the controller to; defaults to $(POD_NAMESPACE)
-        namespace: ""
-        # -- When scope.enabled == false, instead of watching all namespaces, we watching namespaces whose labels
-        # only match with namespaceSelector. Format like foo=bar. Defaults to empty, means watching all namespaces.
-        namespaceSelector: ""
-    # -- Allows customization of the configmap / nginx-configmap namespace; defaults to $(POD_NAMESPACE)
+  # -- Allows customization of the source of the IP address or FQDN to report
+  # in the ingress status field. By default, it reads the information provided
+  # by the service. If disable, the status field reports the IP address of the
+  # node or nodes where an ingress controller pod is running.
+  publishService:
+    # -- Enable 'publishService' or not
+    enabled: true
+    # -- Allows overriding of the publish service to bind to
+    # Must be <namespace>/<service_name>
+    pathOverride: ""
+  # Limit the scope of the controller to a specific namespace
+  scope:
+    # -- Enable 'scope' or not
+    enabled: false
+    # -- Namespace to limit the controller to; defaults to $(POD_NAMESPACE)
+    namespace: ""
+    # -- When scope.enabled == false, instead of watching all namespaces, we watching namespaces whose labels
+    # only match with namespaceSelector. Format like foo=bar. Defaults to empty, means watching all namespaces.
+    namespaceSelector: ""
+  # -- Allows customization of the configmap / nginx-configmap namespace; defaults to $(POD_NAMESPACE)
+  configMapNamespace: ""
+  tcp:
+    # -- Allows customization of the tcp-services-configmap; defaults to $(POD_NAMESPACE)
     configMapNamespace: ""
-    tcp:
-        # -- Allows customization of the tcp-services-configmap; defaults to $(POD_NAMESPACE)
-        configMapNamespace: ""
-        # -- Annotations to be added to the tcp config configmap
-        annotations: {}
-    udp:
-        # -- Allows customization of the udp-services-configmap; defaults to $(POD_NAMESPACE)
-        configMapNamespace: ""
-        # -- Annotations to be added to the udp config configmap
-        annotations: {}
-    # -- Maxmind license key to download GeoLite2 Databases.
-    ## https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases
-    maxmindLicenseKey: ""
-    # -- Additional command line arguments to pass to nginx-ingress-controller
-    # E.g. to specify the default SSL certificate you can use
-    extraArgs: {}
-    ## extraArgs:
-    ##   default-ssl-certificate: "<namespace>/<secret_name>"
+    # -- Annotations to be added to the tcp config configmap
+    annotations: {}
+  udp:
+    # -- Allows customization of the udp-services-configmap; defaults to $(POD_NAMESPACE)
+    configMapNamespace: ""
+    # -- Annotations to be added to the udp config configmap
+    annotations: {}
+  # -- Maxmind license key to download GeoLite2 Databases.
+  ## https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases
+  maxmindLicenseKey: ""
+  # -- Additional command line arguments to pass to nginx-ingress-controller
+  # E.g. to specify the default SSL certificate you can use
+  extraArgs: {}
+  ## extraArgs:
+  ##   default-ssl-certificate: "<namespace>/<secret_name>"
 
+  # -- Additional environment variables to set
+  extraEnvs: []
+  # extraEnvs:
+  #   - name: FOO
+  #     valueFrom:
+  #       secretKeyRef:
+  #         key: FOO
+  #         name: secret-resource
+
+  # -- Use a `DaemonSet` or `Deployment`
+  kind: Deployment
+  # -- Annotations to be added to the controller Deployment or DaemonSet
+  ##
+  annotations: {}
+  #  keel.sh/pollSchedule: "@every 60m"
+
+  # -- Labels to be added to the controller Deployment or DaemonSet and other resources that do not have option to specify labels
+  ##
+  labels: {}
+  #  keel.sh/policy: patch
+  #  keel.sh/trigger: poll
+
+  # -- The update strategy to apply to the Deployment or DaemonSet
+  ##
+  updateStrategy: {}
+  #  rollingUpdate:
+  #    maxUnavailable: 1
+  #  type: RollingUpdate
+
+  # -- `minReadySeconds` to avoid killing pods before we are ready
+  ##
+  minReadySeconds: 0
+  # -- Node tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  tolerations: []
+  #  - key: "key"
+  #    operator: "Equal|Exists"
+  #    value: "value"
+  #    effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
+
+  # -- Affinity and anti-affinity rules for server scheduling to nodes
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+  ##
+  affinity: {}
+  # # An example of preferred pod anti-affinity, weight is in the range 1-100
+  # podAntiAffinity:
+  #   preferredDuringSchedulingIgnoredDuringExecution:
+  #   - weight: 100
+  #     podAffinityTerm:
+  #       labelSelector:
+  #         matchExpressions:
+  #         - key: app.kubernetes.io/name
+  #           operator: In
+  #           values:
+  #           - ingress-nginx
+  #         - key: app.kubernetes.io/instance
+  #           operator: In
+  #           values:
+  #           - ingress-nginx
+  #         - key: app.kubernetes.io/component
+  #           operator: In
+  #           values:
+  #           - controller
+  #       topologyKey: kubernetes.io/hostname
+
+  # # An example of required pod anti-affinity
+  # podAntiAffinity:
+  #   requiredDuringSchedulingIgnoredDuringExecution:
+  #   - labelSelector:
+  #       matchExpressions:
+  #       - key: app.kubernetes.io/name
+  #         operator: In
+  #         values:
+  #         - ingress-nginx
+  #       - key: app.kubernetes.io/instance
+  #         operator: In
+  #         values:
+  #         - ingress-nginx
+  #       - key: app.kubernetes.io/component
+  #         operator: In
+  #         values:
+  #         - controller
+  #     topologyKey: "kubernetes.io/hostname"
+
+  # -- Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in.
+  ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+  ##
+  topologySpreadConstraints: []
+  # - maxSkew: 1
+  #   topologyKey: topology.kubernetes.io/zone
+  #   whenUnsatisfiable: DoNotSchedule
+  #   labelSelector:
+  #     matchLabels:
+  #       app.kubernetes.io/instance: ingress-nginx-internal
+
+  # -- `terminationGracePeriodSeconds` to avoid killing pods before we are ready
+  ## wait up to five minutes for the drain of connections
+  ##
+  terminationGracePeriodSeconds: 300
+  # -- Node labels for controller pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector:
+    kubernetes.io/os: linux
+  ## Liveness and readiness probe values
+  ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
+  ##
+  ## startupProbe:
+  ##   httpGet:
+  ##     # should match container.healthCheckPath
+  ##     path: "/healthz"
+  ##     port: 10254
+  ##     scheme: HTTP
+  ##   initialDelaySeconds: 5
+  ##   periodSeconds: 5
+  ##   timeoutSeconds: 2
+  ##   successThreshold: 1
+  ##   failureThreshold: 5
+  livenessProbe:
+    httpGet:
+      # should match container.healthCheckPath
+      path: "/healthz"
+      port: 10254
+      scheme: HTTP
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    timeoutSeconds: 1
+    successThreshold: 1
+    failureThreshold: 5
+  readinessProbe:
+    httpGet:
+      # should match container.healthCheckPath
+      path: "/healthz"
+      port: 10254
+      scheme: HTTP
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    timeoutSeconds: 1
+    successThreshold: 1
+    failureThreshold: 3
+  # -- Path of the health check endpoint. All requests received on the port defined by
+  # the healthz-port parameter are forwarded internally to this path.
+  healthCheckPath: "/healthz"
+  # -- Address to bind the health check endpoint.
+  # It is better to set this option to the internal node address
+  # if the ingress nginx controller is running in the `hostNetwork: true` mode.
+  healthCheckHost: ""
+  # -- Annotations to be added to controller pods
+  ##
+  podAnnotations: {}
+  replicaCount: 1
+  # -- Define either 'minAvailable' or 'maxUnavailable', never both.
+  minAvailable: 1
+  # -- Define either 'minAvailable' or 'maxUnavailable', never both.
+  # maxUnavailable: 1
+
+  ## Define requests resources to avoid probe issues due to CPU utilization in busy nodes
+  ## ref: https://github.com/kubernetes/ingress-nginx/issues/4735#issuecomment-551204903
+  ## Ideally, there should be no limits.
+  ## https://engineering.indeedblog.com/blog/2019/12/cpu-throttling-regression-fix/
+  resources:
+    ##  limits:
+    ##    cpu: 100m
+    ##    memory: 90Mi
+    requests:
+      cpu: 100m
+      memory: 90Mi
+  # Mutually exclusive with keda autoscaling
+  autoscaling:
+    apiVersion: autoscaling/v2
+    enabled: false
+    annotations: {}
+    minReplicas: 1
+    maxReplicas: 11
+    targetCPUUtilizationPercentage: 50
+    targetMemoryUtilizationPercentage: 50
+    behavior: {}
+    # scaleDown:
+    #   stabilizationWindowSeconds: 300
+    #   policies:
+    #   - type: Pods
+    #     value: 1
+    #     periodSeconds: 180
+    # scaleUp:
+    #   stabilizationWindowSeconds: 300
+    #   policies:
+    #   - type: Pods
+    #     value: 2
+    #     periodSeconds: 60
+  autoscalingTemplate: []
+  # Custom or additional autoscaling metrics
+  # ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-custom-metrics
+  # - type: Pods
+  #   pods:
+  #     metric:
+  #       name: nginx_ingress_controller_nginx_process_requests_total
+  #     target:
+  #       type: AverageValue
+  #       averageValue: 10000m
+
+  # Mutually exclusive with hpa autoscaling
+  keda:
+    apiVersion: "keda.sh/v1alpha1"
+    ## apiVersion changes with keda 1.x vs 2.x
+    ## 2.x = keda.sh/v1alpha1
+    ## 1.x = keda.k8s.io/v1alpha1
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 11
+    pollingInterval: 30
+    cooldownPeriod: 300
+    restoreToOriginalReplicaCount: false
+    scaledObject:
+      annotations: {}
+      # Custom annotations for ScaledObject resource
+      #  annotations:
+      # key: value
+    triggers: []
+    #     - type: prometheus
+    #       metadata:
+    #         serverAddress: http://<prometheus-host>:9090
+    #         metricName: http_requests_total
+    #         threshold: '100'
+    #         query: sum(rate(http_requests_total{deployment="my-deployment"}[2m]))
+
+    behavior: {}
+  #     scaleDown:
+  #       stabilizationWindowSeconds: 300
+  #       policies:
+  #       - type: Pods
+  #         value: 1
+  #         periodSeconds: 180
+  #     scaleUp:
+  #       stabilizationWindowSeconds: 300
+  #       policies:
+  #       - type: Pods
+  #         value: 2
+  #         periodSeconds: 60
+
+  # -- Enable mimalloc as a drop-in replacement for malloc.
+  ## ref: https://github.com/microsoft/mimalloc
+  ##
+  enableMimalloc: true
+  ## Override NGINX template
+  customTemplate:
+    configMapName: ""
+    configMapKey: ""
+  service:
+    enabled: true
+    # -- If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were
+    # using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
+    # It allows choosing the protocol for each backend specified in the Kubernetes service.
+    # See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244
+    # Will be ignored for Kubernetes versions older than 1.20
+    ##
+    appProtocol: true
+    annotations: {}
+    labels: {}
+    # clusterIP: ""
+
+    # -- List of IP addresses at which the controller services are available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+    externalIPs: []
+    # -- Used by cloud providers to connect the resulting `LoadBalancer` to a pre-existing static IP according to https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
+    loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+    enableHttp: true
+    enableHttps: true
+    ## Set external traffic policy to: "Local" to preserve source IP on providers supporting it.
+    ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer
+    # externalTrafficPolicy: ""
+
+    ## Must be either "None" or "ClientIP" if set. Kubernetes will default to "None".
+    ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
+    # sessionAffinity: ""
+
+    ## Specifies the health check node port (numeric port number) for the service. If healthCheckNodePort isn’t specified,
+    ## the service controller allocates a port from your cluster’s NodePort range.
+    ## Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
+    # healthCheckNodePort: 0
+
+    # -- Represents the dual-stack-ness requested or required by this Service. Possible values are
+    # SingleStack, PreferDualStack or RequireDualStack.
+    # The ipFamilies and clusterIPs fields depend on the value of this field.
+    ## Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/
+    ipFamilyPolicy: "SingleStack"
+    # -- List of IP families (e.g. IPv4, IPv6) assigned to the service. This field is usually assigned automatically
+    # based on cluster configuration and the ipFamilyPolicy field.
+    ## Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/
+    ipFamilies:
+      - IPv4
+    ports:
+      http: 80
+      https: 443
+    targetPorts:
+      http: http
+      https: https
+    type: LoadBalancer
+    ## type: NodePort
+    ## nodePorts:
+    ##   http: 32080
+    ##   https: 32443
+    ##   tcp:
+    ##     8080: 32808
+    nodePorts:
+      http: ""
+      https: ""
+      tcp: {}
+      udp: {}
+    external:
+      enabled: true
+    internal:
+      # -- Enables an additional internal load balancer (besides the external one).
+      enabled: false
+      # -- Annotations are mandatory for the load balancer to come up. Varies with the cloud service.
+      annotations: {}
+      # loadBalancerIP: ""
+
+      # -- Restrict access For LoadBalancer service. Defaults to 0.0.0.0/0.
+      loadBalancerSourceRanges: []
+      ## Set external traffic policy to: "Local" to preserve source IP on
+      ## providers supporting it
+      ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer
+      # externalTrafficPolicy: ""
+  # shareProcessNamespace enables process namespace sharing within the pod.
+  # This can be used for example to signal log rotation using `kill -USR1` from a sidecar.
+  shareProcessNamespace: false
+  # -- Additional containers to be added to the controller pod.
+  # See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example.
+  extraContainers: []
+  #  - name: my-sidecar
+  #    image: nginx:latest
+  #  - name: lemonldap-ng-controller
+  #    image: lemonldapng/lemonldap-ng-controller:0.2.0
+  #    args:
+  #      - /lemonldap-ng-controller
+  #      - --alsologtostderr
+  #      - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration
+  #    env:
+  #      - name: POD_NAME
+  #        valueFrom:
+  #          fieldRef:
+  #            fieldPath: metadata.name
+  #      - name: POD_NAMESPACE
+  #        valueFrom:
+  #          fieldRef:
+  #            fieldPath: metadata.namespace
+  #    volumeMounts:
+  #    - name: copy-portal-skins
+  #      mountPath: /srv/var/lib/lemonldap-ng/portal/skins
+
+  # -- Additional volumeMounts to the controller main container.
+  extraVolumeMounts: []
+  #  - name: copy-portal-skins
+  #   mountPath: /var/lib/lemonldap-ng/portal/skins
+
+  # -- Additional volumes to the controller pod.
+  extraVolumes: []
+  #  - name: copy-portal-skins
+  #    emptyDir: {}
+
+  # -- Containers, which are run before the app containers are started.
+  extraInitContainers: []
+  # - name: init-myservice
+  #   image: busybox
+  #   command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;']
+
+  # -- Modules, which are mounted into the core nginx image. See values.yaml for a sample to add opentelemetry module
+  extraModules: []
+  # - name: mytestmodule
+  #   image: registry.k8s.io/ingress-nginx/mytestmodule
+  #   containerSecurityContext:
+  #     allowPrivilegeEscalation: false
+  #
+  # The image must contain a `/usr/local/bin/init_module.sh` executable, which
+  # will be executed as initContainers, to move its config files within the
+  # mounted volume.
+
+  opentelemetry:
+    enabled: false
+    image: registry.k8s.io/ingress-nginx/opentelemetry:v20230312-helm-chart-4.5.2-28-g66a760794@sha256:40f766ac4a9832f36f217bb0e98d44c8d38faeccbfe861fbc1a76af7e9ab257f
+    containerSecurityContext:
+      allowPrivilegeEscalation: false
+  admissionWebhooks:
+    annotations: {}
+    # ignore-check.kube-linter.io/no-read-only-rootfs: "This deployment needs write access to root filesystem".
+
+    ## Additional annotations to the admission webhooks.
+    ## These annotations will be added to the ValidatingWebhookConfiguration and
+    ## the Jobs Spec of the admission webhooks.
+    enabled: true
     # -- Additional environment variables to set
     extraEnvs: []
     # extraEnvs:
@@ -164,707 +557,314 @@ controller:
     #       secretKeyRef:
     #         key: FOO
     #         name: secret-resource
-
-    # -- Use a `DaemonSet` or `Deployment`
-    kind: Deployment
-    # -- Annotations to be added to the controller Deployment or DaemonSet
-    ##
-    annotations: {}
-    #  keel.sh/pollSchedule: "@every 60m"
-
-    # -- Labels to be added to the controller Deployment or DaemonSet and other resources that do not have option to specify labels
-    ##
+    # -- Admission Webhook failure policy to use
+    failurePolicy: Fail
+    # timeoutSeconds: 10
+    port: 8443
+    certificate: "/usr/local/certificates/cert"
+    key: "/usr/local/certificates/key"
+    namespaceSelector: {}
+    objectSelector: {}
+    # -- Labels to be added to admission webhooks
     labels: {}
-    #  keel.sh/policy: patch
-    #  keel.sh/trigger: poll
-
-    # -- The update strategy to apply to the Deployment or DaemonSet
-    ##
-    updateStrategy: {}
-    #  rollingUpdate:
-    #    maxUnavailable: 1
-    #  type: RollingUpdate
-
-    # -- `minReadySeconds` to avoid killing pods before we are ready
-    ##
-    minReadySeconds: 0
-    # -- Node tolerations for server scheduling to nodes with taints
-    ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-    ##
-    tolerations: []
-    #  - key: "key"
-    #    operator: "Equal|Exists"
-    #    value: "value"
-    #    effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
-
-    # -- Affinity and anti-affinity rules for server scheduling to nodes
-    ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
-    ##
-    affinity: {}
-    # # An example of preferred pod anti-affinity, weight is in the range 1-100
-    # podAntiAffinity:
-    #   preferredDuringSchedulingIgnoredDuringExecution:
-    #   - weight: 100
-    #     podAffinityTerm:
-    #       labelSelector:
-    #         matchExpressions:
-    #         - key: app.kubernetes.io/name
-    #           operator: In
-    #           values:
-    #           - ingress-nginx
-    #         - key: app.kubernetes.io/instance
-    #           operator: In
-    #           values:
-    #           - ingress-nginx
-    #         - key: app.kubernetes.io/component
-    #           operator: In
-    #           values:
-    #           - controller
-    #       topologyKey: kubernetes.io/hostname
-
-    # # An example of required pod anti-affinity
-    # podAntiAffinity:
-    #   requiredDuringSchedulingIgnoredDuringExecution:
-    #   - labelSelector:
-    #       matchExpressions:
-    #       - key: app.kubernetes.io/name
-    #         operator: In
-    #         values:
-    #         - ingress-nginx
-    #       - key: app.kubernetes.io/instance
-    #         operator: In
-    #         values:
-    #         - ingress-nginx
-    #       - key: app.kubernetes.io/component
-    #         operator: In
-    #         values:
-    #         - controller
-    #     topologyKey: "kubernetes.io/hostname"
-
-    # -- Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in.
-    ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
-    ##
-    topologySpreadConstraints: []
-    # - maxSkew: 1
-    #   topologyKey: topology.kubernetes.io/zone
-    #   whenUnsatisfiable: DoNotSchedule
-    #   labelSelector:
-    #     matchLabels:
-    #       app.kubernetes.io/instance: ingress-nginx-internal
-
-    # -- `terminationGracePeriodSeconds` to avoid killing pods before we are ready
-    ## wait up to five minutes for the drain of connections
-    ##
-    terminationGracePeriodSeconds: 300
-    # -- Node labels for controller pod assignment
-    ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
-    ##
-    nodeSelector:
-        kubernetes.io/os: linux
-    ## Liveness and readiness probe values
-    ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
-    ##
-    ## startupProbe:
-    ##   httpGet:
-    ##     # should match container.healthCheckPath
-    ##     path: "/healthz"
-    ##     port: 10254
-    ##     scheme: HTTP
-    ##   initialDelaySeconds: 5
-    ##   periodSeconds: 5
-    ##   timeoutSeconds: 2
-    ##   successThreshold: 1
-    ##   failureThreshold: 5
-    livenessProbe:
-        httpGet:
-            # should match container.healthCheckPath
-            path: "/healthz"
-            port: 10254
-            scheme: HTTP
-        initialDelaySeconds: 10
-        periodSeconds: 10
-        timeoutSeconds: 1
-        successThreshold: 1
-        failureThreshold: 5
-    readinessProbe:
-        httpGet:
-            # should match container.healthCheckPath
-            path: "/healthz"
-            port: 10254
-            scheme: HTTP
-        initialDelaySeconds: 10
-        periodSeconds: 10
-        timeoutSeconds: 1
-        successThreshold: 1
-        failureThreshold: 3
-    # -- Path of the health check endpoint. All requests received on the port defined by
-    # the healthz-port parameter are forwarded internally to this path.
-    healthCheckPath: "/healthz"
-    # -- Address to bind the health check endpoint.
-    # It is better to set this option to the internal node address
-    # if the ingress nginx controller is running in the `hostNetwork: true` mode.
-    healthCheckHost: ""
-    # -- Annotations to be added to controller pods
-    ##
-    podAnnotations: {}
-    replicaCount: 1
-    # -- Define either 'minAvailable' or 'maxUnavailable', never both.
-    minAvailable: 1
-    # -- Define either 'minAvailable' or 'maxUnavailable', never both.
-    # maxUnavailable: 1
-
-    ## Define requests resources to avoid probe issues due to CPU utilization in busy nodes
-    ## ref: https://github.com/kubernetes/ingress-nginx/issues/4735#issuecomment-551204903
-    ## Ideally, there should be no limits.
-    ## https://engineering.indeedblog.com/blog/2019/12/cpu-throttling-regression-fix/
-    resources:
-        ##  limits:
-        ##    cpu: 100m
-        ##    memory: 90Mi
-        requests:
-            cpu: 100m
-            memory: 90Mi
-    # Mutually exclusive with keda autoscaling
-    autoscaling:
-        apiVersion: autoscaling/v2
-        enabled: false
-        annotations: {}
-        minReplicas: 1
-        maxReplicas: 11
-        targetCPUUtilizationPercentage: 50
-        targetMemoryUtilizationPercentage: 50
-        behavior: {}
-        # scaleDown:
-        #   stabilizationWindowSeconds: 300
-        #   policies:
-        #   - type: Pods
-        #     value: 1
-        #     periodSeconds: 180
-        # scaleUp:
-        #   stabilizationWindowSeconds: 300
-        #   policies:
-        #   - type: Pods
-        #     value: 2
-        #     periodSeconds: 60
-    autoscalingTemplate: []
-    # Custom or additional autoscaling metrics
-    # ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-custom-metrics
-    # - type: Pods
-    #   pods:
-    #     metric:
-    #       name: nginx_ingress_controller_nginx_process_requests_total
-    #     target:
-    #       type: AverageValue
-    #       averageValue: 10000m
-
-    # Mutually exclusive with hpa autoscaling
-    keda:
-        apiVersion: "keda.sh/v1alpha1"
-        ## apiVersion changes with keda 1.x vs 2.x
-        ## 2.x = keda.sh/v1alpha1
-        ## 1.x = keda.k8s.io/v1alpha1
-        enabled: false
-        minReplicas: 1
-        maxReplicas: 11
-        pollingInterval: 30
-        cooldownPeriod: 300
-        restoreToOriginalReplicaCount: false
-        scaledObject:
-            annotations: {}
-            # Custom annotations for ScaledObject resource
-            #  annotations:
-            # key: value
-        triggers: []
-        #     - type: prometheus
-        #       metadata:
-        #         serverAddress: http://<prometheus-host>:9090
-        #         metricName: http_requests_total
-        #         threshold: '100'
-        #         query: sum(rate(http_requests_total{deployment="my-deployment"}[2m]))
-
-        behavior: {}
-    #     scaleDown:
-    #       stabilizationWindowSeconds: 300
-    #       policies:
-    #       - type: Pods
-    #         value: 1
-    #         periodSeconds: 180
-    #     scaleUp:
-    #       stabilizationWindowSeconds: 300
-    #       policies:
-    #       - type: Pods
-    #         value: 2
-    #         periodSeconds: 60
-
-    # -- Enable mimalloc as a drop-in replacement for malloc.
-    ## ref: https://github.com/microsoft/mimalloc
-    ##
-    enableMimalloc: true
-    ## Override NGINX template
-    customTemplate:
-        configMapName: ""
-        configMapKey: ""
+    # -- Use an existing PSP instead of creating one
+    existingPsp: ""
+    networkPolicyEnabled: false
     service:
-        enabled: true
-        # -- If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were
-        # using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
-        # It allows choosing the protocol for each backend specified in the Kubernetes service.
-        # See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244
-        # Will be ignored for Kubernetes versions older than 1.20
-        ##
-        appProtocol: true
-        annotations: {}
-        labels: {}
-        # clusterIP: ""
+      annotations: {}
+      # clusterIP: ""
+      externalIPs: []
+      # loadBalancerIP: ""
+      loadBalancerSourceRanges: []
+      servicePort: 443
+      type: ClusterIP
+    createSecretJob:
+      securityContext:
+        allowPrivilegeEscalation: false
+      resources: {}
+      # limits:
+      #   cpu: 10m
+      #   memory: 20Mi
+      # requests:
+      #   cpu: 10m
+      #   memory: 20Mi
+    patchWebhookJob:
+      securityContext:
+        allowPrivilegeEscalation: false
+      resources: {}
+    patch:
+      enabled: true
+      image:
+        registry: registry.k8s.io
+        image: ingress-nginx/kube-webhook-certgen
+        ## for backwards compatibility consider setting the full image url via the repository value below
+        ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
+        ## repository:
+        tag: v20230312-helm-chart-4.5.2-28-g66a760794
+        digest: sha256:01d181618f270f2a96c04006f33b2699ad3ccb02da48d0f89b22abce084b292f
+        pullPolicy: IfNotPresent
+      # -- Provide a priority class name to the webhook patching job
+      ##
+      priorityClassName: ""
+      podAnnotations: {}
+      nodeSelector:
+        kubernetes.io/os: linux
+      tolerations: []
+      # -- Labels to be added to patch job resources
+      labels: {}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 2000
+        fsGroup: 2000
+    # Use certmanager to generate webhook certs
+    certManager:
+      enabled: false
+      # self-signed root certificate
+      rootCert:
+        # default to be 5y
+        duration: ""
+      admissionCert:
+        # default to be 1y
+        duration: ""
+        # issuerRef:
+        #   name: "issuer"
+        #   kind: "ClusterIssuer"
+  metrics:
+    port: 10254
+    portName: metrics
+    # if this port is changed, change healthz-port: in extraArgs: accordingly
+    enabled: false
+    service:
+      annotations: {}
+      # prometheus.io/scrape: "true"
+      # prometheus.io/port: "10254"
+      # -- Labels to be added to the metrics service resource
+      labels: {}
+      # clusterIP: ""
 
-        # -- List of IP addresses at which the controller services are available
-        ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
-        ##
-        externalIPs: []
-        # -- Used by cloud providers to connect the resulting `LoadBalancer` to a pre-existing static IP according to https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
-        loadBalancerIP: ""
-        loadBalancerSourceRanges: []
-        enableHttp: true
-        enableHttps: true
-        ## Set external traffic policy to: "Local" to preserve source IP on providers supporting it.
-        ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer
-        # externalTrafficPolicy: ""
-
-        ## Must be either "None" or "ClientIP" if set. Kubernetes will default to "None".
-        ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
-        # sessionAffinity: ""
-
-        ## Specifies the health check node port (numeric port number) for the service. If healthCheckNodePort isn’t specified,
-        ## the service controller allocates a port from your cluster’s NodePort range.
-        ## Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
-        # healthCheckNodePort: 0
-
-        # -- Represents the dual-stack-ness requested or required by this Service. Possible values are
-        # SingleStack, PreferDualStack or RequireDualStack.
-        # The ipFamilies and clusterIPs fields depend on the value of this field.
-        ## Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/
-        ipFamilyPolicy: "SingleStack"
-        # -- List of IP families (e.g. IPv4, IPv6) assigned to the service. This field is usually assigned automatically
-        # based on cluster configuration and the ipFamilyPolicy field.
-        ## Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/
-        ipFamilies:
-            - IPv4
-        ports:
-            http: 80
-            https: 443
-        targetPorts:
-            http: http
-            https: https
-        type: LoadBalancer
-        ## type: NodePort
-        ## nodePorts:
-        ##   http: 32080
-        ##   https: 32443
-        ##   tcp:
-        ##     8080: 32808
-        nodePorts:
-            http: ""
-            https: ""
-            tcp: {}
-            udp: {}
-        external:
-            enabled: true
-        internal:
-            # -- Enables an additional internal load balancer (besides the external one).
-            enabled: false
-            # -- Annotations are mandatory for the load balancer to come up. Varies with the cloud service.
-            annotations: {}
-            # loadBalancerIP: ""
-
-            # -- Restrict access For LoadBalancer service. Defaults to 0.0.0.0/0.
-            loadBalancerSourceRanges: []
-            ## Set external traffic policy to: "Local" to preserve source IP on
-            ## providers supporting it
-            ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer
-            # externalTrafficPolicy: ""
-    # shareProcessNamespace enables process namespace sharing within the pod.
-    # This can be used for example to signal log rotation using `kill -USR1` from a sidecar.
-    shareProcessNamespace: false
-    # -- Additional containers to be added to the controller pod.
-    # See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example.
-    extraContainers: []
-    #  - name: my-sidecar
-    #    image: nginx:latest
-    #  - name: lemonldap-ng-controller
-    #    image: lemonldapng/lemonldap-ng-controller:0.2.0
-    #    args:
-    #      - /lemonldap-ng-controller
-    #      - --alsologtostderr
-    #      - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration
-    #    env:
-    #      - name: POD_NAME
-    #        valueFrom:
-    #          fieldRef:
-    #            fieldPath: metadata.name
-    #      - name: POD_NAMESPACE
-    #        valueFrom:
-    #          fieldRef:
-    #            fieldPath: metadata.namespace
-    #    volumeMounts:
-    #    - name: copy-portal-skins
-    #      mountPath: /srv/var/lib/lemonldap-ng/portal/skins
-
-    # -- Additional volumeMounts to the controller main container.
-    extraVolumeMounts: []
-    #  - name: copy-portal-skins
-    #   mountPath: /var/lib/lemonldap-ng/portal/skins
-
-    # -- Additional volumes to the controller pod.
-    extraVolumes: []
-    #  - name: copy-portal-skins
-    #    emptyDir: {}
-
-    # -- Containers, which are run before the app containers are started.
-    extraInitContainers: []
-    # - name: init-myservice
-    #   image: busybox
-    #   command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;']
-
-    # -- Modules, which are mounted into the core nginx image. See values.yaml for a sample to add opentelemetry module
-    extraModules: []
-    # - name: mytestmodule
-    #   image: registry.k8s.io/ingress-nginx/mytestmodule
-    #   containerSecurityContext:
-    #     allowPrivilegeEscalation: false
-    #
-    # The image must contain a `/usr/local/bin/init_module.sh` executable, which
-    # will be executed as initContainers, to move its config files within the
-    # mounted volume.
-
-    opentelemetry:
-        enabled: false
-        image: registry.k8s.io/ingress-nginx/opentelemetry:v20230312-helm-chart-4.5.2-28-g66a760794@sha256:40f766ac4a9832f36f217bb0e98d44c8d38faeccbfe861fbc1a76af7e9ab257f
-        containerSecurityContext:
-            allowPrivilegeEscalation: false
-    admissionWebhooks:
-        annotations: {}
-        # ignore-check.kube-linter.io/no-read-only-rootfs: "This deployment needs write access to root filesystem".
-
-        ## Additional annotations to the admission webhooks.
-        ## These annotations will be added to the ValidatingWebhookConfiguration and
-        ## the Jobs Spec of the admission webhooks.
-        enabled: true
-        # -- Additional environment variables to set
-        extraEnvs: []
-        # extraEnvs:
-        #   - name: FOO
-        #     valueFrom:
-        #       secretKeyRef:
-        #         key: FOO
-        #         name: secret-resource
-        # -- Admission Webhook failure policy to use
-        failurePolicy: Fail
-        # timeoutSeconds: 10
-        port: 8443
-        certificate: "/usr/local/certificates/cert"
-        key: "/usr/local/certificates/key"
-        namespaceSelector: {}
-        objectSelector: {}
-        # -- Labels to be added to admission webhooks
-        labels: {}
-        # -- Use an existing PSP instead of creating one
-        existingPsp: ""
-        networkPolicyEnabled: false
-        service:
-            annotations: {}
-            # clusterIP: ""
-            externalIPs: []
-            # loadBalancerIP: ""
-            loadBalancerSourceRanges: []
-            servicePort: 443
-            type: ClusterIP
-        createSecretJob:
-            securityContext:
-                allowPrivilegeEscalation: false
-            resources: {}
-            # limits:
-            #   cpu: 10m
-            #   memory: 20Mi
-            # requests:
-            #   cpu: 10m
-            #   memory: 20Mi
-        patchWebhookJob:
-            securityContext:
-                allowPrivilegeEscalation: false
-            resources: {}
-        patch:
-            enabled: true
-            image:
-                registry: registry.k8s.io
-                image: ingress-nginx/kube-webhook-certgen
-                ## for backwards compatibility consider setting the full image url via the repository value below
-                ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
-                ## repository:
-                tag: v20230312-helm-chart-4.5.2-28-g66a760794
-                digest: sha256:01d181618f270f2a96c04006f33b2699ad3ccb02da48d0f89b22abce084b292f
-                pullPolicy: IfNotPresent
-            # -- Provide a priority class name to the webhook patching job
-            ##
-            priorityClassName: ""
-            podAnnotations: {}
-            nodeSelector:
-                kubernetes.io/os: linux
-            tolerations: []
-            # -- Labels to be added to patch job resources
-            labels: {}
-            securityContext:
-                runAsNonRoot: true
-                runAsUser: 2000
-                fsGroup: 2000
-        # Use certmanager to generate webhook certs
-        certManager:
-            enabled: false
-            # self-signed root certificate
-            rootCert:
-                # default to be 5y
-                duration: ""
-            admissionCert:
-                # default to be 1y
-                duration: ""
-                # issuerRef:
-                #   name: "issuer"
-                #   kind: "ClusterIssuer"
-    metrics:
-        port: 10254
-        portName: metrics
-        # if this port is changed, change healthz-port: in extraArgs: accordingly
-        enabled: false
-        service:
-            annotations: {}
-            # prometheus.io/scrape: "true"
-            # prometheus.io/port: "10254"
-            # -- Labels to be added to the metrics service resource
-            labels: {}
-            # clusterIP: ""
-
-            # -- List of IP addresses at which the stats-exporter service is available
-            ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
-            ##
-            externalIPs: []
-            # loadBalancerIP: ""
-            loadBalancerSourceRanges: []
-            servicePort: 10254
-            type: ClusterIP
-            # externalTrafficPolicy: ""
-            # nodePort: ""
-        serviceMonitor:
-            enabled: false
-            additionalLabels: {}
-            ## The label to use to retrieve the job name from.
-            ## jobLabel: "app.kubernetes.io/name"
-            namespace: ""
-            namespaceSelector: {}
-            ## Default: scrape .Release.Namespace only
-            ## To scrape all, use the following:
-            ## namespaceSelector:
-            ##   any: true
-            scrapeInterval: 30s
-            # honorLabels: true
-            targetLabels: []
-            relabelings: []
-            metricRelabelings: []
-        prometheusRule:
-            enabled: false
-            additionalLabels: {}
-            # namespace: ""
-            rules: []
-            # # These are just examples rules, please adapt them to your needs
-            # - alert: NGINXConfigFailed
-            #   expr: count(nginx_ingress_controller_config_last_reload_successful == 0) > 0
-            #   for: 1s
-            #   labels:
-            #     severity: critical
-            #   annotations:
-            #     description: bad ingress config - nginx config test failed
-            #     summary: uninstall the latest ingress changes to allow config reloads to resume
-            # - alert: NGINXCertificateExpiry
-            #   expr: (avg(nginx_ingress_controller_ssl_expire_time_seconds) by (host) - time()) < 604800
-            #   for: 1s
-            #   labels:
-            #     severity: critical
-            #   annotations:
-            #     description: ssl certificate(s) will expire in less then a week
-            #     summary: renew expiring certificates to avoid downtime
-            # - alert: NGINXTooMany500s
-            #   expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"5.+"} ) / sum(nginx_ingress_controller_requests) ) > 5
-            #   for: 1m
-            #   labels:
-            #     severity: warning
-            #   annotations:
-            #     description: Too many 5XXs
-            #     summary: More than 5% of all requests returned 5XX, this requires your attention
-            # - alert: NGINXTooMany400s
-            #   expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"4.+"} ) / sum(nginx_ingress_controller_requests) ) > 5
-            #   for: 1m
-            #   labels:
-            #     severity: warning
-            #   annotations:
-            #     description: Too many 4XXs
-            #     summary: More than 5% of all requests returned 4XX, this requires your attention
-    # -- Improve connection draining when ingress controller pod is deleted using a lifecycle hook:
-    # With this new hook, we increased the default terminationGracePeriodSeconds from 30 seconds
-    # to 300, allowing the draining of connections up to five minutes.
-    # If the active connections end before that, the pod will terminate gracefully at that time.
-    # To effectively take advantage of this feature, the Configmap feature
-    # worker-shutdown-timeout new value is 240s instead of 10s.
-    ##
-    lifecycle:
-        preStop:
-            exec:
-                command:
-                    - /wait-shutdown
-    priorityClassName: ""
+      # -- List of IP addresses at which the stats-exporter service is available
+      ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+      ##
+      externalIPs: []
+      # loadBalancerIP: ""
+      loadBalancerSourceRanges: []
+      servicePort: 10254
+      type: ClusterIP
+      # externalTrafficPolicy: ""
+      # nodePort: ""
+    serviceMonitor:
+      enabled: false
+      additionalLabels: {}
+      ## The label to use to retrieve the job name from.
+      ## jobLabel: "app.kubernetes.io/name"
+      namespace: ""
+      namespaceSelector: {}
+      ## Default: scrape .Release.Namespace only
+      ## To scrape all, use the following:
+      ## namespaceSelector:
+      ##   any: true
+      scrapeInterval: 30s
+      # honorLabels: true
+      targetLabels: []
+      relabelings: []
+      metricRelabelings: []
+    prometheusRule:
+      enabled: false
+      additionalLabels: {}
+      # namespace: ""
+      rules: []
+      # # These are just examples rules, please adapt them to your needs
+      # - alert: NGINXConfigFailed
+      #   expr: count(nginx_ingress_controller_config_last_reload_successful == 0) > 0
+      #   for: 1s
+      #   labels:
+      #     severity: critical
+      #   annotations:
+      #     description: bad ingress config - nginx config test failed
+      #     summary: uninstall the latest ingress changes to allow config reloads to resume
+      # - alert: NGINXCertificateExpiry
+      #   expr: (avg(nginx_ingress_controller_ssl_expire_time_seconds) by (host) - time()) < 604800
+      #   for: 1s
+      #   labels:
+      #     severity: critical
+      #   annotations:
+      #     description: ssl certificate(s) will expire in less then a week
+      #     summary: renew expiring certificates to avoid downtime
+      # - alert: NGINXTooMany500s
+      #   expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"5.+"} ) / sum(nginx_ingress_controller_requests) ) > 5
+      #   for: 1m
+      #   labels:
+      #     severity: warning
+      #   annotations:
+      #     description: Too many 5XXs
+      #     summary: More than 5% of all requests returned 5XX, this requires your attention
+      # - alert: NGINXTooMany400s
+      #   expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"4.+"} ) / sum(nginx_ingress_controller_requests) ) > 5
+      #   for: 1m
+      #   labels:
+      #     severity: warning
+      #   annotations:
+      #     description: Too many 4XXs
+      #     summary: More than 5% of all requests returned 4XX, this requires your attention
+  # -- Improve connection draining when ingress controller pod is deleted using a lifecycle hook:
+  # With this new hook, we increased the default terminationGracePeriodSeconds from 30 seconds
+  # to 300, allowing the draining of connections up to five minutes.
+  # If the active connections end before that, the pod will terminate gracefully at that time.
+  # To effectively take advantage of this feature, the Configmap feature
+  # worker-shutdown-timeout new value is 240s instead of 10s.
+  ##
+  lifecycle:
+    preStop:
+      exec:
+        command:
+          - /wait-shutdown
+  priorityClassName: ""
 # -- Rollback limit
 ##
 revisionHistoryLimit: 10
 ## Default 404 backend
 ##
 defaultBackend:
-    ##
-    enabled: false
-    name: defaultbackend
-    image:
-        registry: registry.k8s.io
-        image: defaultbackend-amd64
-        ## for backwards compatibility consider setting the full image url via the repository value below
-        ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
-        ## repository:
-        tag: "1.5"
-        pullPolicy: IfNotPresent
-        # nobody user -> uid 65534
-        runAsUser: 65534
-        runAsNonRoot: true
-        readOnlyRootFilesystem: true
-        allowPrivilegeEscalation: false
-    # -- Use an existing PSP instead of creating one
-    existingPsp: ""
-    extraArgs: {}
-    serviceAccount:
-        create: true
-        name: ""
-        automountServiceAccountToken: true
-    # -- Additional environment variables to set for defaultBackend pods
-    extraEnvs: []
-    port: 8080
-    ## Readiness and liveness probes for default backend
-    ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
-    ##
-    livenessProbe:
-        failureThreshold: 3
-        initialDelaySeconds: 30
-        periodSeconds: 10
-        successThreshold: 1
-        timeoutSeconds: 5
-    readinessProbe:
-        failureThreshold: 6
-        initialDelaySeconds: 0
-        periodSeconds: 5
-        successThreshold: 1
-        timeoutSeconds: 5
-    # -- The update strategy to apply to the Deployment or DaemonSet
-    ##
-    updateStrategy: {}
-    #  rollingUpdate:
-    #    maxUnavailable: 1
-    #  type: RollingUpdate
-
-    # -- `minReadySeconds` to avoid killing pods before we are ready
-    ##
-    minReadySeconds: 0
-    # -- Node tolerations for server scheduling to nodes with taints
-    ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-    ##
-    tolerations: []
-    #  - key: "key"
-    #    operator: "Equal|Exists"
-    #    value: "value"
-    #    effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
-
-    affinity: {}
-    # -- Security Context policies for controller pods
-    # See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for
-    # notes on enabling and using sysctls
-    ##
-    podSecurityContext: {}
-    # -- Security Context policies for controller main container.
-    # See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for
-    # notes on enabling and using sysctls
-    ##
-    containerSecurityContext: {}
-    # -- Labels to add to the pod container metadata
-    podLabels: {}
-    #  key: value
-
-    # -- Node labels for default backend pod assignment
-    ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
-    ##
-    nodeSelector:
-        kubernetes.io/os: linux
-    # -- Annotations to be added to default backend pods
-    ##
-    podAnnotations: {}
-    replicaCount: 1
-    minAvailable: 1
-    resources: {}
-    # limits:
-    #   cpu: 10m
-    #   memory: 20Mi
-    # requests:
-    #   cpu: 10m
-    #   memory: 20Mi
-
-    extraVolumeMounts: []
-    ## Additional volumeMounts to the default backend container.
-    #  - name: copy-portal-skins
-    #   mountPath: /var/lib/lemonldap-ng/portal/skins
-
-    extraVolumes: []
-    ## Additional volumes to the default backend pod.
-    #  - name: copy-portal-skins
-    #    emptyDir: {}
-
-    autoscaling:
-        apiVersion: autoscaling/v2
-        annotations: {}
-        enabled: false
-        minReplicas: 1
-        maxReplicas: 2
-        targetCPUUtilizationPercentage: 50
-        targetMemoryUtilizationPercentage: 50
-    service:
-        annotations: {}
-        # clusterIP: ""
-
-        # -- List of IP addresses at which the default backend service is available
-        ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
-        ##
-        externalIPs: []
-        # loadBalancerIP: ""
-        loadBalancerSourceRanges: []
-        servicePort: 80
-        type: ClusterIP
-    priorityClassName: ""
-    # -- Labels to be added to the default backend resources
-    labels: {}
-## Enable RBAC as per https://github.com/kubernetes/ingress-nginx/blob/main/docs/deploy/rbac.md and https://github.com/kubernetes/ingress-nginx/issues/266
-rbac:
-    create: true
-    scope: false
-## If true, create & use Pod Security Policy resources
-## https://kubernetes.io/docs/concepts/policy/pod-security-policy/
-podSecurityPolicy:
-    enabled: false
-serviceAccount:
+  ##
+  enabled: false
+  name: defaultbackend
+  image:
+    registry: registry.k8s.io
+    image: defaultbackend-amd64
+    ## for backwards compatibility consider setting the full image url via the repository value below
+    ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
+    ## repository:
+    tag: "1.5"
+    pullPolicy: IfNotPresent
+    # nobody user -> uid 65534
+    runAsUser: 65534
+    runAsNonRoot: true
+    readOnlyRootFilesystem: true
+    allowPrivilegeEscalation: false
+  # -- Use an existing PSP instead of creating one
+  existingPsp: ""
+  extraArgs: {}
+  serviceAccount:
     create: true
     name: ""
     automountServiceAccountToken: true
-    # -- Annotations for the controller service account
+  # -- Additional environment variables to set for defaultBackend pods
+  extraEnvs: []
+  port: 8080
+  ## Readiness and liveness probes for default backend
+  ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
+  ##
+  livenessProbe:
+    failureThreshold: 3
+    initialDelaySeconds: 30
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 5
+  readinessProbe:
+    failureThreshold: 6
+    initialDelaySeconds: 0
+    periodSeconds: 5
+    successThreshold: 1
+    timeoutSeconds: 5
+  # -- The update strategy to apply to the Deployment or DaemonSet
+  ##
+  updateStrategy: {}
+  #  rollingUpdate:
+  #    maxUnavailable: 1
+  #  type: RollingUpdate
+
+  # -- `minReadySeconds` to avoid killing pods before we are ready
+  ##
+  minReadySeconds: 0
+  # -- Node tolerations for server scheduling to nodes with taints
+  ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  ##
+  tolerations: []
+  #  - key: "key"
+  #    operator: "Equal|Exists"
+  #    value: "value"
+  #    effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
+
+  affinity: {}
+  # -- Security Context policies for controller pods
+  # See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for
+  # notes on enabling and using sysctls
+  ##
+  podSecurityContext: {}
+  # -- Security Context policies for controller main container.
+  # See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for
+  # notes on enabling and using sysctls
+  ##
+  containerSecurityContext: {}
+  # -- Labels to add to the pod container metadata
+  podLabels: {}
+  #  key: value
+
+  # -- Node labels for default backend pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector:
+    kubernetes.io/os: linux
+  # -- Annotations to be added to default backend pods
+  ##
+  podAnnotations: {}
+  replicaCount: 1
+  minAvailable: 1
+  resources: {}
+  # limits:
+  #   cpu: 10m
+  #   memory: 20Mi
+  # requests:
+  #   cpu: 10m
+  #   memory: 20Mi
+
+  extraVolumeMounts: []
+  ## Additional volumeMounts to the default backend container.
+  #  - name: copy-portal-skins
+  #   mountPath: /var/lib/lemonldap-ng/portal/skins
+
+  extraVolumes: []
+  ## Additional volumes to the default backend pod.
+  #  - name: copy-portal-skins
+  #    emptyDir: {}
+
+  autoscaling:
+    apiVersion: autoscaling/v2
     annotations: {}
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 2
+    targetCPUUtilizationPercentage: 50
+    targetMemoryUtilizationPercentage: 50
+  service:
+    annotations: {}
+    # clusterIP: ""
+
+    # -- List of IP addresses at which the default backend service is available
+    ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
+    ##
+    externalIPs: []
+    # loadBalancerIP: ""
+    loadBalancerSourceRanges: []
+    servicePort: 80
+    type: ClusterIP
+  priorityClassName: ""
+  # -- Labels to be added to the default backend resources
+  labels: {}
+## Enable RBAC as per https://github.com/kubernetes/ingress-nginx/blob/main/docs/deploy/rbac.md and https://github.com/kubernetes/ingress-nginx/issues/266
+rbac:
+  create: true
+  scope: false
+## If true, create & use Pod Security Policy resources
+## https://kubernetes.io/docs/concepts/policy/pod-security-policy/
+podSecurityPolicy:
+  enabled: false
+serviceAccount:
+  create: true
+  name: ""
+  automountServiceAccountToken: true
+  # -- Annotations for the controller service account
+  annotations: {}
 # -- Optional array of imagePullSecrets containing private registry credentials
 ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
 imagePullSecrets: []
diff --git a/deploy/static/provider/aws/deploy.yaml b/deploy/static/provider/aws/deploy.yaml
index bf4ffce19..c1d595c3a 100644
--- a/deploy/static/provider/aws/deploy.yaml
+++ b/deploy/static/provider/aws/deploy.yaml
@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 ---
@@ -27,7 +27,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 ---
@@ -39,7 +39,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 rules:
@@ -129,7 +129,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 rules:
@@ -148,7 +148,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 rules:
 - apiGroups:
@@ -230,7 +230,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 rules:
 - apiGroups:
@@ -249,7 +249,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 roleRef:
@@ -269,7 +269,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 roleRef:
@@ -288,7 +288,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -307,7 +307,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -328,7 +328,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 ---
@@ -344,7 +344,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -377,7 +377,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller-admission
   namespace: ingress-nginx
 spec:
@@ -400,7 +400,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -417,6 +417,8 @@ spec:
         app.kubernetes.io/component: controller
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
+        app.kubernetes.io/part-of: ingress-nginx
+        app.kubernetes.io/version: 1.7.0
     spec:
       containers:
       - args:
@@ -440,7 +442,7 @@ spec:
               fieldPath: metadata.namespace
         - name: LD_PRELOAD
           value: /usr/local/lib/libmimalloc.so
-        image: registry.k8s.io/ingress-nginx/controller:v1.6.4@sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
+        image: registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
@@ -512,7 +514,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-create
   namespace: ingress-nginx
 spec:
@@ -523,7 +525,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-create
     spec:
       containers:
@@ -559,7 +561,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-patch
   namespace: ingress-nginx
 spec:
@@ -570,7 +572,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-patch
     spec:
       containers:
@@ -608,7 +610,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: nginx
 spec:
   controller: k8s.io/ingress-nginx
@@ -621,7 +623,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 webhooks:
 - admissionReviewVersions:
diff --git a/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml b/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml
index 0b58831a3..ed6275a0b 100644
--- a/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml
+++ b/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml
@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 ---
@@ -27,7 +27,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 ---
@@ -39,7 +39,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 rules:
@@ -129,7 +129,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 rules:
@@ -148,7 +148,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 rules:
 - apiGroups:
@@ -230,7 +230,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 rules:
 - apiGroups:
@@ -249,7 +249,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 roleRef:
@@ -269,7 +269,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 roleRef:
@@ -288,7 +288,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -307,7 +307,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -335,7 +335,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 ---
@@ -353,7 +353,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -386,7 +386,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller-admission
   namespace: ingress-nginx
 spec:
@@ -409,7 +409,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -426,6 +426,8 @@ spec:
         app.kubernetes.io/component: controller
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
+        app.kubernetes.io/part-of: ingress-nginx
+        app.kubernetes.io/version: 1.7.0
     spec:
       containers:
       - args:
@@ -449,7 +451,7 @@ spec:
               fieldPath: metadata.namespace
         - name: LD_PRELOAD
           value: /usr/local/lib/libmimalloc.so
-        image: registry.k8s.io/ingress-nginx/controller:v1.6.4@sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
+        image: registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
@@ -524,7 +526,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-create
   namespace: ingress-nginx
 spec:
@@ -535,7 +537,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-create
     spec:
       containers:
@@ -571,7 +573,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-patch
   namespace: ingress-nginx
 spec:
@@ -582,7 +584,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-patch
     spec:
       containers:
@@ -620,7 +622,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: nginx
 spec:
   controller: k8s.io/ingress-nginx
@@ -633,7 +635,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 webhooks:
 - admissionReviewVersions:
diff --git a/deploy/static/provider/baremetal/deploy.yaml b/deploy/static/provider/baremetal/deploy.yaml
index d141e8ca6..595088a0c 100644
--- a/deploy/static/provider/baremetal/deploy.yaml
+++ b/deploy/static/provider/baremetal/deploy.yaml
@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 ---
@@ -27,7 +27,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 ---
@@ -39,7 +39,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 rules:
@@ -129,7 +129,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 rules:
@@ -148,7 +148,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 rules:
 - apiGroups:
@@ -230,7 +230,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 rules:
 - apiGroups:
@@ -249,7 +249,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 roleRef:
@@ -269,7 +269,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 roleRef:
@@ -288,7 +288,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -307,7 +307,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -328,7 +328,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 ---
@@ -340,7 +340,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -372,7 +372,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller-admission
   namespace: ingress-nginx
 spec:
@@ -395,7 +395,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -412,6 +412,8 @@ spec:
         app.kubernetes.io/component: controller
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
+        app.kubernetes.io/part-of: ingress-nginx
+        app.kubernetes.io/version: 1.7.0
     spec:
       containers:
       - args:
@@ -434,7 +436,7 @@ spec:
               fieldPath: metadata.namespace
         - name: LD_PRELOAD
           value: /usr/local/lib/libmimalloc.so
-        image: registry.k8s.io/ingress-nginx/controller:v1.6.4@sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
+        image: registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
@@ -506,7 +508,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-create
   namespace: ingress-nginx
 spec:
@@ -517,7 +519,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-create
     spec:
       containers:
@@ -553,7 +555,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-patch
   namespace: ingress-nginx
 spec:
@@ -564,7 +566,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-patch
     spec:
       containers:
@@ -602,7 +604,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: nginx
 spec:
   controller: k8s.io/ingress-nginx
@@ -615,7 +617,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 webhooks:
 - admissionReviewVersions:
diff --git a/deploy/static/provider/cloud/deploy.yaml b/deploy/static/provider/cloud/deploy.yaml
index 97c22739b..0540ff1cb 100644
--- a/deploy/static/provider/cloud/deploy.yaml
+++ b/deploy/static/provider/cloud/deploy.yaml
@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 ---
@@ -27,7 +27,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 ---
@@ -39,7 +39,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 rules:
@@ -129,7 +129,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 rules:
@@ -148,7 +148,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 rules:
 - apiGroups:
@@ -230,7 +230,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 rules:
 - apiGroups:
@@ -249,7 +249,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 roleRef:
@@ -269,7 +269,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 roleRef:
@@ -288,7 +288,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -307,7 +307,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -328,7 +328,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 ---
@@ -340,7 +340,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -373,7 +373,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller-admission
   namespace: ingress-nginx
 spec:
@@ -396,7 +396,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -413,6 +413,8 @@ spec:
         app.kubernetes.io/component: controller
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
+        app.kubernetes.io/part-of: ingress-nginx
+        app.kubernetes.io/version: 1.7.0
     spec:
       containers:
       - args:
@@ -436,7 +438,7 @@ spec:
               fieldPath: metadata.namespace
         - name: LD_PRELOAD
           value: /usr/local/lib/libmimalloc.so
-        image: registry.k8s.io/ingress-nginx/controller:v1.6.4@sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
+        image: registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
@@ -508,7 +510,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-create
   namespace: ingress-nginx
 spec:
@@ -519,7 +521,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-create
     spec:
       containers:
@@ -555,7 +557,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-patch
   namespace: ingress-nginx
 spec:
@@ -566,7 +568,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-patch
     spec:
       containers:
@@ -604,7 +606,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: nginx
 spec:
   controller: k8s.io/ingress-nginx
@@ -617,7 +619,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 webhooks:
 - admissionReviewVersions:
diff --git a/deploy/static/provider/do/deploy.yaml b/deploy/static/provider/do/deploy.yaml
index 5b7c86670..ae6ae1f8f 100644
--- a/deploy/static/provider/do/deploy.yaml
+++ b/deploy/static/provider/do/deploy.yaml
@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 ---
@@ -27,7 +27,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 ---
@@ -39,7 +39,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 rules:
@@ -129,7 +129,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 rules:
@@ -148,7 +148,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 rules:
 - apiGroups:
@@ -230,7 +230,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 rules:
 - apiGroups:
@@ -249,7 +249,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 roleRef:
@@ -269,7 +269,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 roleRef:
@@ -288,7 +288,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -307,7 +307,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -329,7 +329,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 ---
@@ -343,7 +343,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -376,7 +376,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller-admission
   namespace: ingress-nginx
 spec:
@@ -399,7 +399,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -416,6 +416,8 @@ spec:
         app.kubernetes.io/component: controller
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
+        app.kubernetes.io/part-of: ingress-nginx
+        app.kubernetes.io/version: 1.7.0
     spec:
       containers:
       - args:
@@ -439,7 +441,7 @@ spec:
               fieldPath: metadata.namespace
         - name: LD_PRELOAD
           value: /usr/local/lib/libmimalloc.so
-        image: registry.k8s.io/ingress-nginx/controller:v1.6.4@sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
+        image: registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
@@ -511,7 +513,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-create
   namespace: ingress-nginx
 spec:
@@ -522,7 +524,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-create
     spec:
       containers:
@@ -558,7 +560,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-patch
   namespace: ingress-nginx
 spec:
@@ -569,7 +571,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-patch
     spec:
       containers:
@@ -607,7 +609,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: nginx
 spec:
   controller: k8s.io/ingress-nginx
@@ -620,7 +622,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 webhooks:
 - admissionReviewVersions:
diff --git a/deploy/static/provider/exoscale/deploy.yaml b/deploy/static/provider/exoscale/deploy.yaml
index c8236ef20..a387fa928 100644
--- a/deploy/static/provider/exoscale/deploy.yaml
+++ b/deploy/static/provider/exoscale/deploy.yaml
@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 ---
@@ -27,7 +27,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 ---
@@ -39,7 +39,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 rules:
@@ -129,7 +129,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 rules:
@@ -148,7 +148,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 rules:
 - apiGroups:
@@ -230,7 +230,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 rules:
 - apiGroups:
@@ -249,7 +249,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 roleRef:
@@ -269,7 +269,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 roleRef:
@@ -288,7 +288,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -307,7 +307,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -328,7 +328,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 ---
@@ -349,7 +349,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -382,7 +382,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller-admission
   namespace: ingress-nginx
 spec:
@@ -405,7 +405,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -422,6 +422,8 @@ spec:
         app.kubernetes.io/component: controller
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
+        app.kubernetes.io/part-of: ingress-nginx
+        app.kubernetes.io/version: 1.7.0
     spec:
       containers:
       - args:
@@ -445,7 +447,7 @@ spec:
               fieldPath: metadata.namespace
         - name: LD_PRELOAD
           value: /usr/local/lib/libmimalloc.so
-        image: registry.k8s.io/ingress-nginx/controller:v1.6.4@sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
+        image: registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
@@ -517,7 +519,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-create
   namespace: ingress-nginx
 spec:
@@ -528,7 +530,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-create
     spec:
       containers:
@@ -564,7 +566,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-patch
   namespace: ingress-nginx
 spec:
@@ -575,7 +577,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-patch
     spec:
       containers:
@@ -613,7 +615,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: nginx
 spec:
   controller: k8s.io/ingress-nginx
@@ -626,7 +628,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 webhooks:
 - admissionReviewVersions:
diff --git a/deploy/static/provider/kind/deploy.yaml b/deploy/static/provider/kind/deploy.yaml
index a8fd055c9..a77a08ae9 100644
--- a/deploy/static/provider/kind/deploy.yaml
+++ b/deploy/static/provider/kind/deploy.yaml
@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 ---
@@ -27,7 +27,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 ---
@@ -39,7 +39,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 rules:
@@ -129,7 +129,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 rules:
@@ -148,7 +148,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 rules:
 - apiGroups:
@@ -230,7 +230,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 rules:
 - apiGroups:
@@ -249,7 +249,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 roleRef:
@@ -269,7 +269,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 roleRef:
@@ -288,7 +288,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -307,7 +307,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -328,7 +328,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 ---
@@ -340,7 +340,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -372,7 +372,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller-admission
   namespace: ingress-nginx
 spec:
@@ -395,7 +395,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -416,6 +416,8 @@ spec:
         app.kubernetes.io/component: controller
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
+        app.kubernetes.io/part-of: ingress-nginx
+        app.kubernetes.io/version: 1.7.0
     spec:
       containers:
       - args:
@@ -440,7 +442,7 @@ spec:
               fieldPath: metadata.namespace
         - name: LD_PRELOAD
           value: /usr/local/lib/libmimalloc.so
-        image: registry.k8s.io/ingress-nginx/controller:v1.6.4@sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
+        image: registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
@@ -522,7 +524,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-create
   namespace: ingress-nginx
 spec:
@@ -533,7 +535,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-create
     spec:
       containers:
@@ -569,7 +571,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-patch
   namespace: ingress-nginx
 spec:
@@ -580,7 +582,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-patch
     spec:
       containers:
@@ -618,7 +620,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: nginx
 spec:
   controller: k8s.io/ingress-nginx
@@ -631,7 +633,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 webhooks:
 - admissionReviewVersions:
diff --git a/deploy/static/provider/scw/deploy.yaml b/deploy/static/provider/scw/deploy.yaml
index 1f04b9b9e..ab9142ce2 100644
--- a/deploy/static/provider/scw/deploy.yaml
+++ b/deploy/static/provider/scw/deploy.yaml
@@ -15,7 +15,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 ---
@@ -27,7 +27,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 ---
@@ -39,7 +39,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 rules:
@@ -129,7 +129,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 rules:
@@ -148,7 +148,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 rules:
 - apiGroups:
@@ -230,7 +230,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 rules:
 - apiGroups:
@@ -249,7 +249,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
   namespace: ingress-nginx
 roleRef:
@@ -269,7 +269,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
   namespace: ingress-nginx
 roleRef:
@@ -288,7 +288,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -307,7 +307,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -329,7 +329,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 ---
@@ -343,7 +343,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -376,7 +376,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller-admission
   namespace: ingress-nginx
 spec:
@@ -399,7 +399,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-controller
   namespace: ingress-nginx
 spec:
@@ -416,6 +416,8 @@ spec:
         app.kubernetes.io/component: controller
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
+        app.kubernetes.io/part-of: ingress-nginx
+        app.kubernetes.io/version: 1.7.0
     spec:
       containers:
       - args:
@@ -439,7 +441,7 @@ spec:
               fieldPath: metadata.namespace
         - name: LD_PRELOAD
           value: /usr/local/lib/libmimalloc.so
-        image: registry.k8s.io/ingress-nginx/controller:v1.6.4@sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f
+        image: registry.k8s.io/ingress-nginx/controller:v1.7.0@sha256:7612338342a1e7b8090bef78f2a04fffcadd548ccaabe8a47bf7758ff549a5f7
         imagePullPolicy: IfNotPresent
         lifecycle:
           preStop:
@@ -511,7 +513,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-create
   namespace: ingress-nginx
 spec:
@@ -522,7 +524,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-create
     spec:
       containers:
@@ -558,7 +560,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission-patch
   namespace: ingress-nginx
 spec:
@@ -569,7 +571,7 @@ spec:
         app.kubernetes.io/instance: ingress-nginx
         app.kubernetes.io/name: ingress-nginx
         app.kubernetes.io/part-of: ingress-nginx
-        app.kubernetes.io/version: 1.6.4
+        app.kubernetes.io/version: 1.7.0
       name: ingress-nginx-admission-patch
     spec:
       containers:
@@ -607,7 +609,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: nginx
 spec:
   controller: k8s.io/ingress-nginx
@@ -620,7 +622,7 @@ metadata:
     app.kubernetes.io/instance: ingress-nginx
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
-    app.kubernetes.io/version: 1.6.4
+    app.kubernetes.io/version: 1.7.0
   name: ingress-nginx-admission
 webhooks:
 - admissionReviewVersions:
diff --git a/docs/e2e-tests.md b/docs/e2e-tests.md
index 9f66e3991..22a76dc7a 100644
--- a/docs/e2e-tests.md
+++ b/docs/e2e-tests.md
@@ -7,34 +7,19 @@ Do not try to edit it manually.
 
 
 
-### [[Serial] admission controller](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L35)
+### [[Admission] admission controller](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L35)
 
-- [reject ingress with global-rate-limit annotations when memcached is not configured](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L48)
-- [should not allow overlaps of host and paths without canary annotations](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L75)
-- [should allow overlaps of host and paths with canary annotation](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L92)
-- [should block ingress with invalid path](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L113)
-- [should return an error if there is an error validating the ingress definition](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L130)
-- [should return an error if there is an invalid value in some annotation](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L141)
-- [should return an error if there is a forbidden value in some annotation](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L155)
-- [should not return an error if the Ingress V1 definition is valid with Ingress Class](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L169)
-- [should not return an error if the Ingress V1 definition is valid with IngressClass annotation](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L185)
-- [should return an error if the Ingress V1 definition contains invalid annotations](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L201)
-- [should not return an error for an invalid Ingress when it has unknown class](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L212)
-
-### [modsecurity owasp](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L28)
-
-- [should enable modsecurity](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L35)
-- [should enable modsecurity with transaction ID and OWASP rules](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L53)
-- [should disable modsecurity](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L74)
-- [should enable modsecurity with snippet](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L91)
-- [should enable modsecurity without using 'modsecurity on;'](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L110)
-- [should disable modsecurity using 'modsecurity off;'](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L132)
-- [should enable modsecurity with snippet and block requests](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L153)
-- [should enable modsecurity globally and with modsecurity-snippet block requests](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L189)
-- [should enable modsecurity when enable-owasp-modsecurity-crs is set to true](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L225)
-- [should enable modsecurity through the config map](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L264)
-- [should enable modsecurity through the config map but ignore snippet as disabled by admin](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L305)
-- [should disable default modsecurity conf setting when modsecurity-snippet is specified](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L347)
+- [reject ingress with global-rate-limit annotations when memcached is not configured](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L43)
+- [should not allow overlaps of host and paths without canary annotations](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L70)
+- [should allow overlaps of host and paths with canary annotation](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L87)
+- [should block ingress with invalid path](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L108)
+- [should return an error if there is an error validating the ingress definition](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L125)
+- [should return an error if there is an invalid value in some annotation](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L136)
+- [should return an error if there is a forbidden value in some annotation](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L150)
+- [should not return an error if the Ingress V1 definition is valid with Ingress Class](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L164)
+- [should not return an error if the Ingress V1 definition is valid with IngressClass annotation](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L180)
+- [should return an error if the Ingress V1 definition contains invalid annotations](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L196)
+- [should not return an error for an invalid Ingress when it has unknown class](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/admission/admission.go#L207)
 
 ### [affinitymode](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/affinitymode.go#L31)
 
@@ -71,33 +56,6 @@ Do not try to edit it manually.
 - [should set backend protocol to '' and use fastcgi_pass](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/backendprotocol.go#L94)
 - [should set backend protocol to '' and use ajp_pass](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/backendprotocol.go#L109)
 
-### [canary-*](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L36)
-
-- [should response with a 200 status from the mainline upstream when requests are made to the mainline ingress](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L48)
-- [should return 404 status for requests to the canary if no matching ingress is found](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L80)
-- [should return the correct status codes when endpoints are unavailable](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L107)
-- [should route requests to the correct upstream if mainline ingress is created before the canary ingress](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L161)
-- [should route requests to the correct upstream if mainline ingress is created after the canary ingress](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L206)
-- [should route requests to the correct upstream if the mainline ingress is modified](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L250)
-- [should route requests to the correct upstream if the canary ingress is modified](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L307)
-- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L372)
-- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L426)
-- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L490)
-- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L532)
-- [should routes to mainline upstream when the given Regex causes error](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L566)
-- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L604)
-- [respects always and never values](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L643)
-- [should route requests only to mainline if canary weight is 0](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L705)
-- [should route requests only to canary if canary weight is 100](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L743)
-- [should route requests only to canary if canary weight is equal to canary weight total](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L775)
-- [should route requests split between mainline and canary if canary weight is 50](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L808)
-- [should not use canary as a catch-all server](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L836)
-- [should not use canary with domain as a server](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L864)
-- [does not crash when canary ingress has multiple paths to the same non-matching backend](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L888)
-- [always routes traffic to canary if first request was affinitized to canary (default behavior)](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L916)
-- [always routes traffic to canary if first request was affinitized to canary (explicit sticky behavior)](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L973)
-- [routes traffic to either mainline or canary backend (legacy behavior)](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L1031)
-
 ### [client-body-buffer-size](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/clientbodybuffersize.go#L28)
 
 - [should set client_body_buffer_size to 1000](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/clientbodybuffersize.go#L35)
@@ -151,13 +109,6 @@ Do not try to edit it manually.
 - [disable-http-access-log set access_log off](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/disableaccesslog.go#L53)
 - [disable-stream-access-log set access_log off](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/disableaccesslog.go#L71)
 
-### [backend-protocol - FastCGI](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L31)
-
-- [should use fastcgi_pass in the configuration file](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L38)
-- [should add fastcgi_index in the configuration file](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L55)
-- [should add fastcgi_param in the configuration file](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L72)
-- [should return OK for service with backend protocol FastCGI](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L105)
-
 ### [force-ssl-redirect](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/forcesslredirect.go#L27)
 
 - [should redirect to https](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/forcesslredirect.go#L34)
@@ -209,6 +160,21 @@ Do not try to edit it manually.
 - [should set mirror-target to https://test.env.com/$request_uri](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/mirror.go#L51)
 - [should disable mirror-request-body](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/mirror.go#L67)
 
+### [modsecurity owasp](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L28)
+
+- [should enable modsecurity](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L35)
+- [should enable modsecurity with transaction ID and OWASP rules](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L53)
+- [should disable modsecurity](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L74)
+- [should enable modsecurity with snippet](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L91)
+- [should enable modsecurity without using 'modsecurity on;'](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L110)
+- [should disable modsecurity using 'modsecurity off;'](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L132)
+- [should enable modsecurity with snippet and block requests](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L153)
+- [should enable modsecurity globally and with modsecurity-snippet block requests](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L189)
+- [should enable modsecurity when enable-owasp-modsecurity-crs is set to true](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L225)
+- [should enable modsecurity through the config map](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L264)
+- [should enable modsecurity through the config map but ignore snippet as disabled by admin](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L305)
+- [should disable default modsecurity conf setting when modsecurity-snippet is specified](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/modsecurity/modsecurity.go#L347)
+
 ### [preserve-trailing-slash](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/preservetrailingslash.go#L27)
 
 - [should allow preservation of trailing slashes](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/preservetrailingslash.go#L34)
@@ -285,6 +251,11 @@ Do not try to edit it manually.
 - [should set the X-Forwarded-Prefix to the annotation value](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/xforwardedprefix.go#L35)
 - [should not add X-Forwarded-Prefix if the annotation value is empty](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/xforwardedprefix.go#L57)
 
+### [denylist-source-range](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/ipdenylist.go#L28)
+
+- [only deny explicitly denied IPs, allow all others](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/ipdenylist.go#L35)
+- [only allow explicitly allowed IPs, deny all others](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/ipdenylist.go#L86)
+
 ### [affinity session-cookie-name](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/affinity.go#L35)
 
 - [should set sticky cookie SERVERID](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/affinity.go#L42)
@@ -311,6 +282,13 @@ Do not try to edit it manually.
 - [should fail to use longest match for documented warning](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/rewrite.go#L158)
 - [should allow for custom rewrite parameters](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/rewrite.go#L190)
 
+### [backend-protocol - FastCGI](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L30)
+
+- [should use fastcgi_pass in the configuration file](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L37)
+- [should add fastcgi_index in the configuration file](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L54)
+- [should add fastcgi_param in the configuration file](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L71)
+- [should return OK for service with backend protocol FastCGI](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/fastcgi.go#L102)
+
 ### [auth-*](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/auth.go#L39)
 
 - [should return status code 200 when no authentication is configured](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/auth.go#L46)
@@ -347,10 +325,33 @@ Do not try to edit it manually.
 - [should return 503 (location was denied)](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/auth.go#L879)
 - [should add error to the config](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/auth.go#L887)
 
-### [denylist-source-range](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/ipdenylist.go#L28)
+### [canary-*](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L36)
 
-- [only deny explicitly denied IPs, allow all others](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/ipdenylist.go#L35)
-- [only allow explicitly allowed IPs, deny all others](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/ipdenylist.go#L86)
+- [should response with a 200 status from the mainline upstream when requests are made to the mainline ingress](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L48)
+- [should return 404 status for requests to the canary if no matching ingress is found](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L80)
+- [should return the correct status codes when endpoints are unavailable](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L107)
+- [should route requests to the correct upstream if mainline ingress is created before the canary ingress](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L161)
+- [should route requests to the correct upstream if mainline ingress is created after the canary ingress](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L206)
+- [should route requests to the correct upstream if the mainline ingress is modified](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L250)
+- [should route requests to the correct upstream if the canary ingress is modified](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L307)
+- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L372)
+- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L426)
+- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L490)
+- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L532)
+- [should routes to mainline upstream when the given Regex causes error](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L566)
+- [should route requests to the correct upstream](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L604)
+- [respects always and never values](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L643)
+- [should route requests only to mainline if canary weight is 0](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L705)
+- [should route requests only to canary if canary weight is 100](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L743)
+- [should route requests only to canary if canary weight is equal to canary weight total](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L775)
+- [should route requests split between mainline and canary if canary weight is 50](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L808)
+- [should route requests split between mainline and canary if canary weight is 100 and weight total is 200](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L834)
+- [should not use canary as a catch-all server](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L863)
+- [should not use canary with domain as a server](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L891)
+- [does not crash when canary ingress has multiple paths to the same non-matching backend](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L915)
+- [always routes traffic to canary if first request was affinitized to canary (default behavior)](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L943)
+- [always routes traffic to canary if first request was affinitized to canary (explicit sticky behavior)](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L1000)
+- [routes traffic to either mainline or canary backend (legacy behavior)](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/canary.go#L1058)
 
 ### [Debug CLI](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/dbg/main.go#L29)
 
@@ -376,30 +377,21 @@ Do not try to edit it manually.
 
 - [should apply the annotation to the default backend](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/defaultbackend/with_hosts.go#L38)
 
+### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/e2e.go#L)
+
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/e2e.go#L)
+
 ### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/e2e_test.go#L)
 
 - [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/e2e_test.go#L)
 
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/exec.go#L)
+### [[Endpointslices] long service name](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/endpointslices/longname.go#L29)
 
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/exec.go#L)
+- [should return 200 when service name has max allowed number of characters 63](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/endpointslices/longname.go#L38)
 
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/healthz.go#L)
+### [[TopologyHints] topology aware routing](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/endpointslices/topology.go#L35)
 
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/healthz.go#L)
-
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/metrics.go#L)
-
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/metrics.go#L)
-
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/fastcgi_helloserver.go#L)
-
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/fastcgi_helloserver.go#L)
-
-### [[Setting] ](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/framework.go#L190)
-
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/framework.go#L206)
-- [ [MemoryLeak]](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/framework.go#L207)
+- [should return 200 when service has topology hints](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/endpointslices/topology.go#L43)
 
 ### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/grpc_fortune_teller.go#L)
 
@@ -445,14 +437,6 @@ Do not try to edit it manually.
 
 - [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/httpexpect/request.go#L)
 
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/influxdb.go#L)
-
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/influxdb.go#L)
-
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/k8s.go#L)
-
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/k8s.go#L)
-
 ### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/logs.go#L)
 
 - [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/logs.go#L)
@@ -465,13 +449,41 @@ Do not try to edit it manually.
 
 - [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/test_context.go#L)
 
+### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/util.go#L)
+
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/util.go#L)
+
+### [[Setting] ](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/framework.go#L194)
+
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/framework.go#L)
+
+### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/healthz.go#L)
+
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/healthz.go#L)
+
+### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/influxdb.go#L)
+
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/influxdb.go#L)
+
+### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/k8s.go#L)
+
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/k8s.go#L)
+
+### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/metrics.go#L)
+
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/metrics.go#L)
+
 ### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/deployment.go#L)
 
 - [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/deployment.go#L)
 
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/util.go#L)
+### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/exec.go#L)
 
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/util.go#L)
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/exec.go#L)
+
+### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/fastcgi_helloserver.go#L)
+
+- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/fastcgi_helloserver.go#L)
 
 ### [[Shutdown] Grace period shutdown](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/gracefulshutdown/grace_period.go#L32)
 
@@ -546,6 +558,12 @@ Do not try to edit it manually.
 - [handles endpoints only changes consistently (down scaling of replicas vs. empty service)](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/lua/dynamic_configuration.go#L125)
 - [handles an annotation change](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/lua/dynamic_configuration.go#L171)
 
+### [nginx-configuration](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/nginx/nginx.go#L99)
+
+- [start nginx with default configuration](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/nginx/nginx.go#L102)
+- [fails when using alias directive](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/nginx/nginx.go#L115)
+- [fails when using root directive](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/nginx/nginx.go#L124)
+
 ### [[Security] request smuggling](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/security/request_smuggling.go#L32)
 
 - [should not return body content from error_page](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/security/request_smuggling.go#L39)
@@ -570,14 +588,6 @@ Do not try to edit it manually.
 
 - [should return 404 when backend service is nil](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/servicebackend/service_nil_backend.go#L38)
 
-### [[Security] modsecurity-snippet](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/modsecurity/modsecurity_snippet.go#L27)
-
-- [should add value of modsecurity-snippet setting to nginx config](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/modsecurity/modsecurity_snippet.go#L30)
-
-### [OCSP](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/ocsp/ocsp.go#L42)
-
-- [should enable OCSP and contain stapling information in the connection](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/ocsp/ocsp.go#L49)
-
 ### [access-log](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/access_log.go#L27)
 
 - [use the default configuration](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/access_log.go#L32)
@@ -597,10 +607,6 @@ Do not try to edit it manually.
 
 - [ condition](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/brotli.go#L39)
 
-### [Configmap change](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/configmap_change.go#L29)
-
-- [should reload after an update in the configuration](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/configmap_change.go#L36)
-
 ### [add-headers](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/custom_header.go#L30)
 
 - [Add a custom header](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/custom_header.go#L40)
@@ -730,26 +736,24 @@ Do not try to edit it manually.
 
 - [should add value of main-snippet setting to nginx config](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/main_snippet.go#L31)
 
+### [[Security] modsecurity-snippet](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/modsecurity/modsecurity_snippet.go#L27)
+
+- [should add value of modsecurity-snippet setting to nginx config](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/modsecurity/modsecurity_snippet.go#L30)
+
 ### [enable-multi-accept](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/multi_accept.go#L27)
 
 - [should be enabled by default](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/multi_accept.go#L31)
 - [should be enabled when set to true](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/multi_accept.go#L39)
 - [should be disabled when set to false](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/multi_accept.go#L49)
 
-### [[Flag] watch namespace selector](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/namespace_selector.go#L30)
-
-- [should ingore Ingress of namespace without label foo=bar and accept those of namespace with label foo=bar](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/namespace_selector.go#L70)
-
-### [[Security] no-auth-locations](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_auth_locations.go#L33)
-
-- [should return status code 401 when accessing '/' unauthentication](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_auth_locations.go#L54)
-- [should return status code 200 when accessing '/' authentication](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_auth_locations.go#L68)
-- [should return status code 200 when accessing '/noauth' unauthenticated](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_auth_locations.go#L82)
-
 ### [Add no tls redirect locations](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_tls_redirect_locations.go#L28)
 
 - [Check no tls redirect locations config](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_tls_redirect_locations.go#L31)
 
+### [OCSP](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/ocsp/ocsp.go#L42)
+
+- [should enable OCSP and contain stapling information in the connection](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/ocsp/ocsp.go#L49)
+
 ### [Configure OpenTracing](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/opentracing.go#L48)
 
 - [should not exists opentracing directive](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/opentracing.go#L58)
@@ -858,11 +862,33 @@ Do not try to edit it manually.
 - [should set gzip_min_length to 100](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/gzip.go#L78)
 - [should set gzip_types to application/javascript](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/gzip.go#L89)
 
+### [Configmap change](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/configmap_change.go#L29)
+
+- [should reload after an update in the configuration](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/configmap_change.go#L36)
+
+### [[Flag] watch namespace selector](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/namespace_selector.go#L30)
+
+- [should ingore Ingress of namespace without label foo=bar and accept those of namespace with label foo=bar](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/namespace_selector.go#L63)
+
 ### [With enable-ssl-passthrough enabled](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/ssl_passthrough.go#L36)
 
 - [should enable ssl-passthrough-proxy-port on a different port](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/ssl_passthrough.go#L56)
 - [should pass unknown traffic to default backend and handle known traffic](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/ssl_passthrough.go#L79)
 
+### [[Security] no-auth-locations](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_auth_locations.go#L33)
+
+- [should return status code 401 when accessing '/' unauthentication](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_auth_locations.go#L54)
+- [should return status code 200 when accessing '/' authentication](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_auth_locations.go#L68)
+- [should return status code 200 when accessing '/noauth' unauthenticated](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/no_auth_locations.go#L82)
+
+### [Configure Opentelemetry](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/opentelemetry.go#L37)
+
+- [should not exists opentelemetry directive](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/opentelemetry.go#L47)
+- [should exists opentelemetry directive when is enabled](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/opentelemetry.go#L60)
+- [should include opentelemetry_trust_incoming_spans on directive when enabled](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/opentelemetry.go#L74)
+- [should not exists opentelemetry_operation_name directive when is empty](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/opentelemetry.go#L89)
+- [should exists opentelemetry_operation_name directive when is configured](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/settings/opentelemetry.go#L104)
+
 ### [[SSL] redirect to HTTPS](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/ssl/http_redirect.go#L29)
 
 - [should redirect from HTTP to HTTPS when secret is missing](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/ssl/http_redirect.go#L36)
@@ -876,25 +902,8 @@ Do not try to edit it manually.
 
 - [should update status field after client-go reconnection](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/status/update.go#L43)
 
-### [[TCP] tcp-services](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/tcpudp/tcp.go#L37)
+### [[TCP] tcp-services](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/tcpudp/tcp.go#L38)
 
-- [should expose a TCP service](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/tcpudp/tcp.go#L40)
-- [should expose an ExternalName TCP service](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/tcpudp/tcp.go#L98)
-
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/e2e.go#L)
-
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/e2e.go#L)
-
-### [[Endpointslices] long service name](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/endpointslices/longname.go#L29)
-
-- [should return 200 when service name has max allowed number of characters 63](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/endpointslices/longname.go#L38)
-
-### [[TopologyHints] topology aware routing](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/endpointslices/topology.go#L36)
-
-- [should return 200 when service has topology hints](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/endpointslices/topology.go#L50)
-
-### [nginx-configuration](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/nginx/nginx.go#L99)
-
-- [start nginx with default configuration](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/nginx/nginx.go#L102)
-- [fails when using alias directive](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/nginx/nginx.go#L115)
-- [fails when using root directive](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/nginx/nginx.go#L124)
\ No newline at end of file
+- [should expose a TCP service](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/tcpudp/tcp.go#L46)
+- [should expose an ExternalName TCP service](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/tcpudp/tcp.go#L80)
+- [should reload after an update in the configuration](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/tcpudp/tcp.go#L169)
\ No newline at end of file
diff --git a/docs/user-guide/exposing-tcp-udp-services.md b/docs/user-guide/exposing-tcp-udp-services.md
index 6b595ffae..63293f0e5 100644
--- a/docs/user-guide/exposing-tcp-udp-services.md
+++ b/docs/user-guide/exposing-tcp-udp-services.md
@@ -63,3 +63,9 @@ spec:
     app.kubernetes.io/name: ingress-nginx
     app.kubernetes.io/part-of: ingress-nginx
 ```
+Then, the configmap should be added into ingress controller's deployment args.
+```
+ args:
+    - /nginx-ingress-controller
+    - --tcp-services-configmap=ingress-nginx/tcp-services
+```
diff --git a/magefiles/release.go b/magefiles/release.go
index 3c715bc07..aeaafc3d2 100644
--- a/magefiles/release.go
+++ b/magefiles/release.go
@@ -50,7 +50,7 @@ var INGRESS_REGISTRY = "registry.k8s.io"                                    //Co
 var KUSTOMIZE_INSTALL_VERSION = "sigs.k8s.io/kustomize/kustomize/v4@v4.5.4" //static deploys needs kustomize to generate the template
 
 // ingress-nginx releases start with a TAG then a cloudbuild, then a promotion through a PR, this the location of that PR
-var IMAGES_YAML = "https://raw.githubusercontent.com/kubernetes/k8s.io/main/k8s.gcr.io/images/k8s-staging-ingress-nginx/images.yaml"
+var IMAGES_YAML = "https://raw.githubusercontent.com/kubernetes/k8s.io/main/registry.k8s.io/images/k8s-staging-ingress-nginx/images.yaml"
 var ctx = context.Background() // Context used for GitHub Client
 
 const INDEX_DOCS = "docs/deploy/index.md" //index.md has a version of the controller and needs to updated

From 81cf94ea482c364e306ca27e4219ac61c0eca56b Mon Sep 17 00:00:00 2001
From: James Strong <strong.james.e@gmail.com>
Date: Fri, 24 Mar 2023 13:27:00 -0400
Subject: [PATCH 06/30] release 1.7.0 chart 4.6.0

Signed-off-by: James Strong <strong.james.e@gmail.com>
---
 charts/ingress-nginx/Chart.yaml | 4 ++--
 charts/ingress-nginx/README.md  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/charts/ingress-nginx/Chart.yaml b/charts/ingress-nginx/Chart.yaml
index 130fe06fd..bad5e2a8c 100644
--- a/charts/ingress-nginx/Chart.yaml
+++ b/charts/ingress-nginx/Chart.yaml
@@ -15,7 +15,7 @@ annotations:
     - "Fix incorrect annotation name in upstream hashing configuration (#9617)"
   artifacthub.io/prerelease: "false"
 apiVersion: v2
-appVersion: 4.6.0
+appVersion: 1.7.0
 description: Ingress controller for Kubernetes using NGINX as a reverse proxy and
   load balancer
 engine: gotpl
@@ -32,4 +32,4 @@ maintainers:
 name: ingress-nginx
 sources:
 - https://github.com/kubernetes/ingress-nginx
-version: 4.5.4
+version: 4.6.0
diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md
index dcd5af57e..cb3848634 100644
--- a/charts/ingress-nginx/README.md
+++ b/charts/ingress-nginx/README.md
@@ -2,7 +2,7 @@
 
 [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer
 
-![Version: 4.5.4](https://img.shields.io/badge/Version-4.5.4-informational?style=flat-square) ![AppVersion: 4.6.0](https://img.shields.io/badge/AppVersion-4.6.0-informational?style=flat-square)
+![Version: 4.6.0](https://img.shields.io/badge/Version-4.6.0-informational?style=flat-square) ![AppVersion: 1.7.0](https://img.shields.io/badge/AppVersion-1.7.0-informational?style=flat-square)
 
 To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources.
 

From c84ae78bdfabb1f93bf0e87cdff34c75c744b8df Mon Sep 17 00:00:00 2001
From: Mohammad Yasir <74600745+Yasir761@users.noreply.github.com>
Date: Mon, 27 Mar 2023 19:44:30 +0530
Subject: [PATCH 07/30] The Ingress-Nginx project recently released version
 1.7.0 of the controller, but the deployment documentation still referenced
 version 1.6.4. This commit updates the documentation to reference the latest
 version, ensuring that users have access to the most up-to-date information.
 Fixes#9787 (#9788)

---
 docs/deploy/index.md | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/docs/deploy/index.md b/docs/deploy/index.md
index 49340e2f5..f6ba17a09 100644
--- a/docs/deploy/index.md
+++ b/docs/deploy/index.md
@@ -62,7 +62,7 @@ It will install the controller in the `ingress-nginx` namespace, creating that n
 **If you don't have Helm** or if you prefer to use a YAML manifest, you can run the following command instead:
 
 ```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/cloud/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/cloud/deploy.yaml
 ```
 
 !!! info
@@ -225,7 +225,7 @@ In AWS, we use a Network load balancer (NLB) to expose the NGINX Ingress control
 ##### Network Load Balancer (NLB)
 
 ```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/aws/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/aws/deploy.yaml
 ```
 
 ##### TLS termination in AWS Load Balancer (NLB)
@@ -233,10 +233,10 @@ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/cont
 By default, TLS is terminated in the ingress controller. But it is also possible to terminate TLS in the Load Balancer. 
 This section explains how to do that on AWS using an NLB.
 
-1. Download the [deploy.yaml](https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml) template
+1. Download the [deploy.yaml](https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml) template
 
   ```console
-  wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml
+  wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/aws/nlb-with-tls-termination/deploy.yaml
   ```
 
 2. Edit the file and change the VPC CIDR in use for the Kubernetes cluster:
@@ -282,7 +282,7 @@ Then, the ingress controller can be installed like this:
 
 
 ```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/cloud/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/cloud/deploy.yaml
 ```
 
 !!! warning
@@ -299,7 +299,7 @@ Proxy-protocol is supported in GCE check the [Official Documentations on how to
 #### Azure
 
 ```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/cloud/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/cloud/deploy.yaml
 ```
 
 More information with regard to Azure annotations for ingress controller can be found in the [official AKS documentation](https://docs.microsoft.com/en-us/azure/aks/ingress-internal-ip#create-an-ingress-controller).
@@ -307,7 +307,7 @@ More information with regard to Azure annotations for ingress controller can be
 #### Digital Ocean
 
 ```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/do/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/do/deploy.yaml
 ```
 - By default the service object of the ingress-nginx-controller for Digital-Ocean, only configures one annotation. Its this one `service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true"`. While this makes the service functional, it was reported that the Digital-Ocean LoadBalancer graphs shows `no data`, unless a few other annotations are also configured. Some of these other annotations require values that can not be generic and hence not forced in a out-of-the-box installation. These annotations and a discussion on them is well documented in [this issue](https://github.com/kubernetes/ingress-nginx/issues/8965). Please refer to the issue to add annotations, with values specific to user, to get graphs of the DO-LB populated with data.
 
@@ -315,7 +315,7 @@ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/cont
 #### Scaleway
 
 ```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/scw/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/scw/deploy.yaml
 ```
 
 #### Exoscale
@@ -330,7 +330,7 @@ The full list of annotations supported by Exoscale is available in the Exoscale
 #### Oracle Cloud Infrastructure
 
 ```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/cloud/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/cloud/deploy.yaml
 ```
 
 A 
@@ -357,7 +357,7 @@ For quick testing, you can use a
 This should work on almost every cluster, but it will typically use a port in the range 30000-32767.
 
 ```console
-kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/baremetal/deploy.yaml
+kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.7.0/deploy/static/provider/baremetal/deploy.yaml
 ```
 
 For more information about bare metal deployments (and how to use port 80 instead of a random port in the 30000-32767 range),

From ddde3b0d607744b7b3cee968be539bc901782164 Mon Sep 17 00:00:00 2001
From: sarab <sarab@sarabsingh.com>
Date: Sun, 2 Apr 2023 03:03:12 +0530
Subject: [PATCH 08/30] Switched from N1 to E2 machine

---
 images/ext-auth-example-authsvc/cloudbuild.yaml | 2 +-
 images/go-grpc-greeter-server/cloudbuild.yaml   | 2 +-
 images/httpbin/cloudbuild.yaml                  | 2 +-
 images/nginx/cloudbuild.yaml                    | 2 +-
 images/opentelemetry/cloudbuild.yaml            | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/images/ext-auth-example-authsvc/cloudbuild.yaml b/images/ext-auth-example-authsvc/cloudbuild.yaml
index fbd5d7b63..d77c9fc19 100644
--- a/images/ext-auth-example-authsvc/cloudbuild.yaml
+++ b/images/ext-auth-example-authsvc/cloudbuild.yaml
@@ -2,7 +2,7 @@ timeout: 1200s
 options:
   substitution_option: ALLOW_LOOSE
   # job builds a multi-arch docker image for amd64,arm,arm64 and s390x.
-  machineType: N1_HIGHCPU_8
+  machineType: E2_HIGHCPU_8
 steps:
   - name: gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20211118-2f2d816b90
     entrypoint: bash
diff --git a/images/go-grpc-greeter-server/cloudbuild.yaml b/images/go-grpc-greeter-server/cloudbuild.yaml
index f4d6cc6d4..834c0cb85 100644
--- a/images/go-grpc-greeter-server/cloudbuild.yaml
+++ b/images/go-grpc-greeter-server/cloudbuild.yaml
@@ -2,7 +2,7 @@ timeout: 1200s
 options:
   substitution_option: ALLOW_LOOSE
   # job builds a multi-arch docker image for amd64,arm,arm64 and s390x.
-  machineType: N1_HIGHCPU_8
+  machineType: E2_HIGHCPU_8
 steps:
   - name: gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20211118-2f2d816b90
     entrypoint: bash
diff --git a/images/httpbin/cloudbuild.yaml b/images/httpbin/cloudbuild.yaml
index 03f269b6e..9f2658b7b 100644
--- a/images/httpbin/cloudbuild.yaml
+++ b/images/httpbin/cloudbuild.yaml
@@ -2,7 +2,7 @@ timeout: 1200s
 options:
   substitution_option: ALLOW_LOOSE
   # job builds a multi-arch docker image for amd64,arm,arm64 and s390x.
-  machineType: N1_HIGHCPU_8
+  machineType: E2_HIGHCPU_8
 steps:
   - name: gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20211118-2f2d816b90
     entrypoint: bash
diff --git a/images/nginx/cloudbuild.yaml b/images/nginx/cloudbuild.yaml
index fb9a51225..b3d7b1507 100644
--- a/images/nginx/cloudbuild.yaml
+++ b/images/nginx/cloudbuild.yaml
@@ -2,7 +2,7 @@ timeout: 10800s
 options:
   substitution_option: ALLOW_LOOSE
   # job builds a multi-arch docker image for amd64,arm,arm64 and s390x.
-  machineType: N1_HIGHCPU_32
+  machineType: E2_HIGHCPU_32
 steps:
   - name: 'gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20211118-2f2d816b90'
     entrypoint: bash
diff --git a/images/opentelemetry/cloudbuild.yaml b/images/opentelemetry/cloudbuild.yaml
index e2aa5a2b2..0096c0f44 100644
--- a/images/opentelemetry/cloudbuild.yaml
+++ b/images/opentelemetry/cloudbuild.yaml
@@ -2,7 +2,7 @@ timeout: 10800s
 options:
   substitution_option: ALLOW_LOOSE
   # job builds a multi-arch docker image for amd64,arm,arm64 and s390x.
-  machineType: N1_HIGHCPU_32
+  machineType: E2_HIGHCPU_32
 steps:
   - name: gcr.io/k8s-staging-test-infra/gcb-docker-gcloud:v20211118-2f2d816b90
     entrypoint: bash

From 3b46b85451e2f1c70a873e02639f654dd43bbe7f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 05:41:54 -0700
Subject: [PATCH 09/30] Bump sigs.k8s.io/controller-runtime from 0.14.5 to
 0.14.6 (#9822)

Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.14.5 to 0.14.6.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.14.5...v0.14.6)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index f351bae17..f65660dd0 100644
--- a/go.mod
+++ b/go.mod
@@ -40,7 +40,7 @@ require (
 	k8s.io/component-base v0.26.3
 	k8s.io/klog/v2 v2.90.1
 	pault.ag/go/sniff v0.0.0-20200207005214-cf7e4d167732
-	sigs.k8s.io/controller-runtime v0.14.5
+	sigs.k8s.io/controller-runtime v0.14.6
 	sigs.k8s.io/mdtoc v1.1.0
 )
 
diff --git a/go.sum b/go.sum
index 00918fc47..e7db50a63 100644
--- a/go.sum
+++ b/go.sum
@@ -771,8 +771,8 @@ pault.ag/go/sniff v0.0.0-20200207005214-cf7e4d167732/go.mod h1:lpvCfhqEHNJSSpG5R
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
-sigs.k8s.io/controller-runtime v0.14.5 h1:6xaWFqzT5KuAQ9ufgUaj1G/+C4Y1GRkhrxl+BJ9i+5s=
-sigs.k8s.io/controller-runtime v0.14.5/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0=
+sigs.k8s.io/controller-runtime v0.14.6 h1:oxstGVvXGNnMvY7TAESYk+lzr6S3V5VFxQ6d92KcwQA=
+sigs.k8s.io/controller-runtime v0.14.6/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0=
 sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=
 sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
 sigs.k8s.io/kustomize/api v0.12.1 h1:7YM7gW3kYBwtKvoY216ZzY+8hM+lV53LUayghNRJ0vM=

From ff048d86b09b91ea3c4c85a556a09ac4a4714637 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 05:43:57 -0700
Subject: [PATCH 10/30] Bump google.golang.org/grpc from 1.53.0 to 1.54.0
 (#9794)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.53.0 to 1.54.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.53.0...v1.54.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index f65660dd0..383754428 100644
--- a/go.mod
+++ b/go.mod
@@ -26,7 +26,7 @@ require (
 	github.com/yudai/gojsondiff v1.0.0
 	github.com/zakjan/cert-chain-resolver v0.0.0-20211122211144-c6b0b792af9a
 	golang.org/x/crypto v0.7.0
-	google.golang.org/grpc v1.53.0
+	google.golang.org/grpc v1.54.0
 	google.golang.org/grpc/examples v0.0.0-20221220003428-4f16fbe410f7
 	gopkg.in/go-playground/pool.v3 v3.1.1
 	gopkg.in/mcuadros/go-syslog.v2 v2.3.0
diff --git a/go.sum b/go.sum
index e7db50a63..e78672fa9 100644
--- a/go.sum
+++ b/go.sum
@@ -683,8 +683,8 @@ google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKa
 google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
 google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
 google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
-google.golang.org/grpc v1.53.0 h1:LAv2ds7cmFV/XTS3XG1NneeENYrXGmorPxsBbptIjNc=
-google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw=
+google.golang.org/grpc v1.54.0 h1:EhTqbhiYeixwWQtAEZAxmV9MGqcjEU2mFx52xCzNyag=
+google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g=
 google.golang.org/grpc/examples v0.0.0-20221220003428-4f16fbe410f7 h1:pPsdyuBif+uoyUoL19yuj/TCfUPsmpJHJZhWQ98JGLU=
 google.golang.org/grpc/examples v0.0.0-20221220003428-4f16fbe410f7/go.mod h1:8pQa1yxxkh+EsxUK8/455D5MSbv3vgmEJqKCH3y17mI=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=

From 8249be4e29c2f781654665bb86057616737fa327 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 05:45:53 -0700
Subject: [PATCH 11/30] Bump github.com/imdario/mergo from 0.3.13 to 0.3.15
 (#9795)

Bumps [github.com/imdario/mergo](https://github.com/imdario/mergo) from 0.3.13 to 0.3.15.
- [Release notes](https://github.com/imdario/mergo/releases)
- [Commits](https://github.com/imdario/mergo/compare/v0.3.13...v0.3.15)

---
updated-dependencies:
- dependency-name: github.com/imdario/mergo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/go.mod b/go.mod
index 383754428..5331a7bbe 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/armon/go-proxyproto v0.0.0-20210323213023-7e956b284f0a
 	github.com/eapache/channels v1.1.0
 	github.com/fsnotify/fsnotify v1.6.0
-	github.com/imdario/mergo v0.3.13
+	github.com/imdario/mergo v0.3.15
 	github.com/json-iterator/go v1.1.12
 	github.com/kylelemons/godebug v1.1.0
 	github.com/mitchellh/go-ps v1.0.0
diff --git a/go.sum b/go.sum
index e78672fa9..48d90af46 100644
--- a/go.sum
+++ b/go.sum
@@ -204,8 +204,8 @@ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
-github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
-github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
+github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM=
+github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY=
 github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc=
 github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
@@ -731,7 +731,6 @@ gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=

From 0169ed5c873355c705557e2dc3e4aa664330844b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 05:47:54 -0700
Subject: [PATCH 12/30] Bump actions/setup-go from 3.5.0 to 4.0.0 (#9796)

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 4.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/6edd4406fa81c3da01a34fa6f6343087c207a568...4d34df0c2316fe8122ab82dc22947d607c0c91f9)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/ci.yaml     | 12 ++++++------
 .github/workflows/plugin.yaml |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index c2c108638..83c9fcd18 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -86,7 +86,7 @@ jobs:
       
       - name: Set up Go
         id: go
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
@@ -105,7 +105,7 @@ jobs:
       
       - name: Set up Go
         id: go
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
@@ -124,7 +124,7 @@ jobs:
       
       - name: Set up Go
         id: go
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
@@ -145,7 +145,7 @@ jobs:
 
       - name: Set up Go
         id: go
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
@@ -211,7 +211,7 @@ jobs:
         uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
 
       - name: Setup Go
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
@@ -483,7 +483,7 @@ jobs:
       - name: Set up Go
         id: go
         if: ${{ steps.filter-images.outputs.kube-webhook-certgen == 'true' }}
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: '1.20'
           check-latest: true
diff --git a/.github/workflows/plugin.yaml b/.github/workflows/plugin.yaml
index 87ba6aca9..bc646da87 100644
--- a/.github/workflows/plugin.yaml
+++ b/.github/workflows/plugin.yaml
@@ -22,7 +22,7 @@ jobs:
           fetch-depth: 0
 
       - name: Set up Go
-        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
+        uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
         with:
           go-version: 1.20
           check-latest: true

From 1684070ca915406c79f31a5afba96e66a0fd4eb6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 05:49:53 -0700
Subject: [PATCH 13/30] Bump rajatjindal/krew-release-bot from 0.0.43 to 0.0.46
 (#9797)

Bumps [rajatjindal/krew-release-bot](https://github.com/rajatjindal/krew-release-bot) from 0.0.43 to 0.0.46.
- [Release notes](https://github.com/rajatjindal/krew-release-bot/releases)
- [Changelog](https://github.com/rajatjindal/krew-release-bot/blob/main/.goreleaser.yml)
- [Commits](https://github.com/rajatjindal/krew-release-bot/compare/92da038bbf995803124a8e50ebd438b2f37bbbb0...df3eb197549e3568be8b4767eec31c5e8e8e6ad8)

---
updated-dependencies:
- dependency-name: rajatjindal/krew-release-bot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/plugin.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/plugin.yaml b/.github/workflows/plugin.yaml
index bc646da87..03a7a9bac 100644
--- a/.github/workflows/plugin.yaml
+++ b/.github/workflows/plugin.yaml
@@ -36,6 +36,6 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Update new version in krew-index
-        uses: rajatjindal/krew-release-bot@92da038bbf995803124a8e50ebd438b2f37bbbb0 # v0.0.43
+        uses: rajatjindal/krew-release-bot@df3eb197549e3568be8b4767eec31c5e8e8e6ad8 # v0.0.46
         with:
           krew_template_file: cmd/plugin/krew.yaml

From c40a13714bf6cd265171e8eaf03d66c745063f90 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 05:51:54 -0700
Subject: [PATCH 14/30] Bump actions/stale from 7.0.0 to 8.0.0 (#9799)

Bumps [actions/stale](https://github.com/actions/stale) from 7.0.0 to 8.0.0.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/stale/compare/6f05e4244c9a0b2ed3401882b05d701dd0a7289b...1160a2240286f5da8ec72b1c0816ce2481aabf84)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/stale.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml
index 8a172d370..b038f522b 100644
--- a/.github/workflows/stale.yaml
+++ b/.github/workflows/stale.yaml
@@ -13,7 +13,7 @@ jobs:
       pull-requests: write
 
     steps:
-      - uses: actions/stale@6f05e4244c9a0b2ed3401882b05d701dd0a7289b # v7.0.0
+      - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0
         with:
           stale-issue-message: "This is stale, but we won't close it automatically, just bare in mind the maintainers may be busy with other tasks and will reach your issue ASAP. If you have any question or request to prioritize this, please reach `#ingress-nginx-dev` on Kubernetes Slack."
           stale-pr-message: "This is stale, but we won't close it automatically, just bare in mind the maintainers may be busy with other tasks and will reach your issue ASAP. If you have any question or request to prioritize this, please reach `#ingress-nginx-dev` on Kubernetes Slack."

From 0800f30dcb2dd791e8850948909ff22965915b0f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 05:53:53 -0700
Subject: [PATCH 15/30] Bump github.com/opencontainers/runc from 1.1.4 to 1.1.5
 (#9806)

Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/v1.1.5/CHANGELOG.md)
- [Commits](https://github.com/opencontainers/runc/compare/v1.1.4...v1.1.5)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 5331a7bbe..24c319bc7 100644
--- a/go.mod
+++ b/go.mod
@@ -15,7 +15,7 @@ require (
 	github.com/moul/pb v0.0.0-20220425114252-bca18df4138c
 	github.com/ncabatoff/process-exporter v0.7.10
 	github.com/onsi/ginkgo/v2 v2.9.0
-	github.com/opencontainers/runc v1.1.4
+	github.com/opencontainers/runc v1.1.5
 	github.com/pmezard/go-difflib v1.0.0
 	github.com/prometheus/client_golang v1.14.0
 	github.com/prometheus/client_model v0.3.0
diff --git a/go.sum b/go.sum
index 48d90af46..8ee1dc453 100644
--- a/go.sum
+++ b/go.sum
@@ -294,8 +294,8 @@ github.com/onsi/ginkgo/v2 v2.9.0/go.mod h1:4xkjoL/tZv4SMWeww56BU5kAt19mVB47gTWxm
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
 github.com/onsi/gomega v1.27.1 h1:rfztXRbg6nv/5f+Raen9RcGoSecHIFgBBLQK3Wdj754=
-github.com/opencontainers/runc v1.1.4 h1:nRCz/8sKg6K6jgYAFLDlXzPeITBZJyX28DBVhWD+5dg=
-github.com/opencontainers/runc v1.1.4/go.mod h1:1J5XiS+vdZ3wCyZybsuxXZWGrgSr8fFJHLXuG2PsnNg=
+github.com/opencontainers/runc v1.1.5 h1:L44KXEpKmfWDcS02aeGm8QNTFXTo2D+8MYGDIJ/GDEs=
+github.com/opencontainers/runc v1.1.5/go.mod h1:1J5XiS+vdZ3wCyZybsuxXZWGrgSr8fFJHLXuG2PsnNg=
 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 h1:3snG66yBm59tKhhSPQrQ/0bCrv1LQbKt40LnUPiUxdc=
 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI=

From 5806b5800328c2b8f45808cc4fb32f4f4913c13d Mon Sep 17 00:00:00 2001
From: Marco Ebert <marco@giantswarm.io>
Date: Tue, 4 Apr 2023 14:55:53 +0200
Subject: [PATCH 16/30] Values: Fix indention of commented values. (#9812)

---
 charts/ingress-nginx/values.yaml | 36 ++++++++++++++++----------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml
index 6627bf220..c2e8cdcd7 100644
--- a/charts/ingress-nginx/values.yaml
+++ b/charts/ingress-nginx/values.yaml
@@ -375,26 +375,26 @@ controller:
       #  annotations:
       # key: value
     triggers: []
-    #     - type: prometheus
-    #       metadata:
-    #         serverAddress: http://<prometheus-host>:9090
-    #         metricName: http_requests_total
-    #         threshold: '100'
-    #         query: sum(rate(http_requests_total{deployment="my-deployment"}[2m]))
+    # - type: prometheus
+    #   metadata:
+    #     serverAddress: http://<prometheus-host>:9090
+    #     metricName: http_requests_total
+    #     threshold: '100'
+    #     query: sum(rate(http_requests_total{deployment="my-deployment"}[2m]))
 
     behavior: {}
-  #     scaleDown:
-  #       stabilizationWindowSeconds: 300
-  #       policies:
-  #       - type: Pods
-  #         value: 1
-  #         periodSeconds: 180
-  #     scaleUp:
-  #       stabilizationWindowSeconds: 300
-  #       policies:
-  #       - type: Pods
-  #         value: 2
-  #         periodSeconds: 60
+    # scaleDown:
+    #   stabilizationWindowSeconds: 300
+    #   policies:
+    #   - type: Pods
+    #     value: 1
+    #     periodSeconds: 180
+    # scaleUp:
+    #   stabilizationWindowSeconds: 300
+    #   policies:
+    #   - type: Pods
+    #     value: 2
+    #     periodSeconds: 60
 
   # -- Enable mimalloc as a drop-in replacement for malloc.
   ## ref: https://github.com/microsoft/mimalloc

From 149374d9cd82eafab67019398c082563840f1f49 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 05:57:54 -0700
Subject: [PATCH 17/30] Bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#9823)

Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...80e868c13c90f172d68d1f4501dee99e2479f7af)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/scorecards.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 529cc7c28..608d10bcb 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -32,7 +32,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+        uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
         with:
           results_file: results.sarif
           results_format: sarif

From c76179c04e880b9ec16e6a4a2c47c1fc54e71cc7 Mon Sep 17 00:00:00 2001
From: viq <vicviq@gmail.com>
Date: Tue, 4 Apr 2023 16:45:56 +0200
Subject: [PATCH 18/30] ISO 8601 date format (#9682)

Adjust the tag to be in sortable format, compatible with ISO 8601.
---
 images/cfssl/Makefile                  | 2 +-
 images/custom-error-pages/Makefile     | 2 +-
 images/fastcgi-helloserver/Makefile    | 2 +-
 images/go-grpc-greeter-server/Makefile | 2 +-
 images/httpbin/Makefile                | 2 +-
 images/kube-webhook-certgen/Makefile   | 2 +-
 images/opentelemetry/Makefile          | 2 +-
 images/test-runner/Makefile            | 2 +-
 8 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/images/cfssl/Makefile b/images/cfssl/Makefile
index b1909abe3..1521d2c78 100644
--- a/images/cfssl/Makefile
+++ b/images/cfssl/Makefile
@@ -18,7 +18,7 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-cfssl
diff --git a/images/custom-error-pages/Makefile b/images/custom-error-pages/Makefile
index 7564b813d..b014beabe 100644
--- a/images/custom-error-pages/Makefile
+++ b/images/custom-error-pages/Makefile
@@ -20,7 +20,7 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/nginx-errors
diff --git a/images/fastcgi-helloserver/Makefile b/images/fastcgi-helloserver/Makefile
index c1b54703f..6c5a3647a 100644
--- a/images/fastcgi-helloserver/Makefile
+++ b/images/fastcgi-helloserver/Makefile
@@ -20,7 +20,7 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-fastcgi-helloserver
diff --git a/images/go-grpc-greeter-server/Makefile b/images/go-grpc-greeter-server/Makefile
index 523b83bfb..e6b6efae6 100644
--- a/images/go-grpc-greeter-server/Makefile
+++ b/images/go-grpc-greeter-server/Makefile
@@ -18,7 +18,7 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/go-grpc-greeter-server
diff --git a/images/httpbin/Makefile b/images/httpbin/Makefile
index ac363dfa8..5d92ffcb5 100644
--- a/images/httpbin/Makefile
+++ b/images/httpbin/Makefile
@@ -18,7 +18,7 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-httpbin
diff --git a/images/kube-webhook-certgen/Makefile b/images/kube-webhook-certgen/Makefile
index f1d3edc5b..1716bc07e 100644
--- a/images/kube-webhook-certgen/Makefile
+++ b/images/kube-webhook-certgen/Makefile
@@ -19,7 +19,7 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/kube-webhook-certgen
diff --git a/images/opentelemetry/Makefile b/images/opentelemetry/Makefile
index 20fb7ec63..695dcf632 100644
--- a/images/opentelemetry/Makefile
+++ b/images/opentelemetry/Makefile
@@ -21,7 +21,7 @@ DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
 # 0.0.0 shouldn't clobber any released builds
-TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= gcr.io/k8s-staging-ingress-nginx
 
 IMAGE = $(REGISTRY)/opentelemetry
diff --git a/images/test-runner/Makefile b/images/test-runner/Makefile
index a8c3a4560..729f27415 100644
--- a/images/test-runner/Makefile
+++ b/images/test-runner/Makefile
@@ -18,7 +18,7 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%m%d%Y)-$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-runner

From 5d4827af0cfb6242ca69395f4d033f700510f557 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Apr 2023 08:05:54 -0700
Subject: [PATCH 19/30] Bump actions/checkout from 3.4.0 to 3.5.0 (#9798)

Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/24cb9080177205b6e8c946b17badbe402adc938f...8f4b7f84864484a7bf31766abe9204da3cbe65b3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/ci.yaml                  | 22 +++++++++++-----------
 .github/workflows/depreview.yaml           |  2 +-
 .github/workflows/docs.yaml                |  4 ++--
 .github/workflows/helm.yaml                |  4 ++--
 .github/workflows/perftest.yaml            |  2 +-
 .github/workflows/plugin.yaml              |  2 +-
 .github/workflows/scorecards.yml           |  2 +-
 .github/workflows/vulnerability-scans.yaml |  4 ++--
 8 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 83c9fcd18..b810a3aba 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -39,7 +39,7 @@ jobs:
     steps:
 
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
         id: filter
@@ -65,7 +65,7 @@ jobs:
     steps:
 
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: Run Gosec Security Scanner
         uses: securego/gosec@a459eb0ba387d9bd083d5c2e2354dbeef2465038 # v2.15.0
@@ -82,7 +82,7 @@ jobs:
       (needs.changes.outputs.go == 'true')
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
       
       - name: Set up Go
         id: go
@@ -101,7 +101,7 @@ jobs:
       (needs.changes.outputs.go == 'true')
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
       
       - name: Set up Go
         id: go
@@ -120,7 +120,7 @@ jobs:
       (needs.changes.outputs.go == 'true')
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
       
       - name: Set up Go
         id: go
@@ -141,7 +141,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: Set up Go
         id: go
@@ -208,7 +208,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: Setup Go
         uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0
@@ -288,7 +288,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: cache
         uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
@@ -342,7 +342,7 @@ jobs:
     steps:
 
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: cache
         uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
@@ -391,7 +391,7 @@ jobs:
       PLATFORMS: linux/amd64,linux/arm64
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
         id: filter-images
@@ -464,7 +464,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
         id: filter-images
diff --git a/.github/workflows/depreview.yaml b/.github/workflows/depreview.yaml
index 46a587ded..e18f71a20 100644
--- a/.github/workflows/depreview.yaml
+++ b/.github/workflows/depreview.yaml
@@ -9,6 +9,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@f46c48ed6d4f1227fb2d9ea62bf6bcbed315589e # v3.0.4
diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml
index 3ab49ef10..5a0f6bb7b 100644
--- a/.github/workflows/docs.yaml
+++ b/.github/workflows/docs.yaml
@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
         id: filter
@@ -47,7 +47,7 @@ jobs:
 
     steps:
       - name: Checkout master
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: Deploy
         uses: ./.github/actions/mkdocs
diff --git a/.github/workflows/helm.yaml b/.github/workflows/helm.yaml
index 4e7fde34f..e3fa2d779 100644
--- a/.github/workflows/helm.yaml
+++ b/.github/workflows/helm.yaml
@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: Run Artifact Hub lint
         run: |
@@ -61,7 +61,7 @@ jobs:
 
     steps:
       - name: Checkout master
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           # Fetch entire history. Required for chart-releaser; see https://github.com/helm/chart-releaser-action/issues/13#issuecomment-602063896
           fetch-depth: 0
diff --git a/.github/workflows/perftest.yaml b/.github/workflows/perftest.yaml
index dd31420bf..4b7e000a5 100644
--- a/.github/workflows/perftest.yaml
+++ b/.github/workflows/perftest.yaml
@@ -19,7 +19,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - name: Install K6
         run: |
diff --git a/.github/workflows/plugin.yaml b/.github/workflows/plugin.yaml
index 03a7a9bac..c56535223 100644
--- a/.github/workflows/plugin.yaml
+++ b/.github/workflows/plugin.yaml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           fetch-depth: 0
 
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 608d10bcb..b0ce14f51 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -27,7 +27,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/vulnerability-scans.yaml b/.github/workflows/vulnerability-scans.yaml
index 9649140ec..aae43d03c 100644
--- a/.github/workflows/vulnerability-scans.yaml
+++ b/.github/workflows/vulnerability-scans.yaml
@@ -22,7 +22,7 @@ jobs:
       versions: ${{ steps.version.outputs.TAGS }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           fetch-depth: 0
 
@@ -52,7 +52,7 @@ jobs:
         versions: ${{ fromJSON(needs.version.outputs.versions) }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
 
       - shell: bash
         id: test

From 522683813a200fb06342a035db49963b1e76aa26 Mon Sep 17 00:00:00 2001
From: Saumya <76432998+SaumyaBhushan@users.noreply.github.com>
Date: Wed, 5 Apr 2023 17:35:41 +0530
Subject: [PATCH 20/30] updated NGINX_BASE image in project (#9829)

---
 NGINX_BASE | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/NGINX_BASE b/NGINX_BASE
index bf23fa5a7..5f1751bbf 100644
--- a/NGINX_BASE
+++ b/NGINX_BASE
@@ -1 +1 @@
-registry.k8s.io/ingress-nginx/nginx:66a760794f91809bcd897cbdb45435653d73fd92@sha256:86c1581e69dc92d107f8edd36724890ea682a3afda8c1fb1ba41aabc7bc0128d
\ No newline at end of file
+registry.k8s.io/ingress-nginx/nginx:91057c439cf07ffb62887b8a8bda66ce3cbe39ca@sha256:3b650123c755392f8c0eb9a356b12716327106e624ab5f5b43bc25ab130978fb
\ No newline at end of file

From 26d83d1b2058cc9c23657b4e97b9e5a6d5fe9871 Mon Sep 17 00:00:00 2001
From: James Strong <strong.james.e@gmail.com>
Date: Thu, 6 Apr 2023 13:25:48 -0400
Subject: [PATCH 21/30] update all container tags with date and sha, upgrade
 all containers (#9834)

Signed-off-by: James Strong <strong.james.e@gmail.com>
---
 .github/workflows/ci.yaml                     |  1 +
 hack/verify-chart-lint.sh                     |  2 +-
 images/cfssl/cloudbuild.yaml                  |  1 -
 images/cfssl/rootfs/Dockerfile                |  5 +-
 images/custom-error-pages/cloudbuild.yaml     |  1 -
 images/custom-error-pages/rootfs/Dockerfile   |  4 +-
 images/echo/Makefile                          |  2 +-
 images/echo/cloudbuild.yaml                   |  1 -
 images/echo/rootfs/Dockerfile                 |  2 +-
 .../ext-auth-example-authsvc/cloudbuild.yaml  |  1 -
 images/fastcgi-helloserver/cloudbuild.yaml    |  1 -
 images/go-grpc-greeter-server/cloudbuild.yaml |  1 -
 images/httpbin/cloudbuild.yaml                |  1 -
 images/httpbin/rootfs/Dockerfile              |  2 +-
 images/kube-webhook-certgen/cloudbuild.yaml   |  1 -
 images/nginx/Makefile                         |  2 +-
 images/nginx/cloudbuild.yaml                  |  1 -
 images/nginx/rootfs/Dockerfile                |  2 +-
 images/opentelemetry/cloudbuild.yaml          |  1 -
 images/test-runner/Makefile                   | 45 ++++++++---
 images/test-runner/cloudbuild.yaml            |  2 +-
 images/test-runner/rootfs/Dockerfile          | 74 +++++++++----------
 test/e2e-image/Dockerfile                     |  3 +-
 test/e2e-image/Makefile                       |  2 +-
 24 files changed, 90 insertions(+), 68 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index b810a3aba..6323c65be 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -22,6 +22,7 @@ on:
         required: false
         type: boolean
 
+
 permissions:
   contents: read
 
diff --git a/hack/verify-chart-lint.sh b/hack/verify-chart-lint.sh
index 2d59dadce..9ece681e0 100755
--- a/hack/verify-chart-lint.sh
+++ b/hack/verify-chart-lint.sh
@@ -20,5 +20,5 @@ set -o pipefail
 
 KUBE_ROOT="$( cd "$(dirname "$0")../" >/dev/null 2>&1 ; pwd -P )"
 # TODO: This is a temporary workaround while we don't update Helm Chart test
-curl https://raw.githubusercontent.com/helm/chart-testing/v3.7.0/etc/chart_schema.yaml -o /tmp/chart_schema.yaml
+curl https://raw.githubusercontent.com/helm/chart-testing/v3.8.0/etc/chart_schema.yaml -o /tmp/chart_schema.yaml
 ct lint --charts ${KUBE_ROOT}/charts/ingress-nginx --validate-maintainers=false --chart-yaml-schema=/tmp/chart_schema.yaml
diff --git a/images/cfssl/cloudbuild.yaml b/images/cfssl/cloudbuild.yaml
index 5fb9e0c96..3f0abee99 100644
--- a/images/cfssl/cloudbuild.yaml
+++ b/images/cfssl/cloudbuild.yaml
@@ -6,7 +6,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/cfssl/rootfs/Dockerfile b/images/cfssl/rootfs/Dockerfile
index 7841e189c..a50c715ea 100644
--- a/images/cfssl/rootfs/Dockerfile
+++ b/images/cfssl/rootfs/Dockerfile
@@ -14,8 +14,11 @@
 
 FROM alpine:3.17.2
 
+
 RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories
-RUN apk add --no-cache \
+RUN apk update \
+    && apk upgrade &&  \
+    apk add --no-cache \
     bash \
     cfssl@testing
 
diff --git a/images/custom-error-pages/cloudbuild.yaml b/images/custom-error-pages/cloudbuild.yaml
index 8c96d289c..3490bd73b 100644
--- a/images/custom-error-pages/cloudbuild.yaml
+++ b/images/custom-error-pages/cloudbuild.yaml
@@ -6,7 +6,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/custom-error-pages/rootfs/Dockerfile b/images/custom-error-pages/rootfs/Dockerfile
index 942228eac..b34bb6977 100755
--- a/images/custom-error-pages/rootfs/Dockerfile
+++ b/images/custom-error-pages/rootfs/Dockerfile
@@ -13,7 +13,9 @@
 # limitations under the License.
 
 FROM golang:1.20.1-alpine3.17 as builder
-RUN apk add git
+
+RUN apk update \
+    && apk upgrade && apk add git
 
 WORKDIR /go/src/k8s.io/ingress-nginx/images/custom-error-pages
 
diff --git a/images/echo/Makefile b/images/echo/Makefile
index 0ab1c945f..5dc546a8b 100644
--- a/images/echo/Makefile
+++ b/images/echo/Makefile
@@ -18,7 +18,7 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v1.0.0
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-echo
diff --git a/images/echo/cloudbuild.yaml b/images/echo/cloudbuild.yaml
index 8349b5a7f..8f59b6727 100644
--- a/images/echo/cloudbuild.yaml
+++ b/images/echo/cloudbuild.yaml
@@ -6,7 +6,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/echo/rootfs/Dockerfile b/images/echo/rootfs/Dockerfile
index 4c9b6ab55..c4ab26561 100644
--- a/images/echo/rootfs/Dockerfile
+++ b/images/echo/rootfs/Dockerfile
@@ -2,7 +2,7 @@ ARG BASE_IMAGE
 
 FROM ${BASE_IMAGE}
 
-RUN apk add -U perl curl make unzip
+RUN apk update && apk upgrade && apk add -U --no-cache perl curl make unzip
 
 ARG LUAROCKS_VERSION
 ARG LUAROCKS_SHA
diff --git a/images/ext-auth-example-authsvc/cloudbuild.yaml b/images/ext-auth-example-authsvc/cloudbuild.yaml
index d77c9fc19..8de32fdc9 100644
--- a/images/ext-auth-example-authsvc/cloudbuild.yaml
+++ b/images/ext-auth-example-authsvc/cloudbuild.yaml
@@ -8,7 +8,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/fastcgi-helloserver/cloudbuild.yaml b/images/fastcgi-helloserver/cloudbuild.yaml
index cb4ac2e94..92f4be017 100644
--- a/images/fastcgi-helloserver/cloudbuild.yaml
+++ b/images/fastcgi-helloserver/cloudbuild.yaml
@@ -6,7 +6,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/go-grpc-greeter-server/cloudbuild.yaml b/images/go-grpc-greeter-server/cloudbuild.yaml
index 834c0cb85..d618c5e6f 100644
--- a/images/go-grpc-greeter-server/cloudbuild.yaml
+++ b/images/go-grpc-greeter-server/cloudbuild.yaml
@@ -8,7 +8,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/httpbin/cloudbuild.yaml b/images/httpbin/cloudbuild.yaml
index 9f2658b7b..ffd8c9974 100644
--- a/images/httpbin/cloudbuild.yaml
+++ b/images/httpbin/cloudbuild.yaml
@@ -8,7 +8,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/httpbin/rootfs/Dockerfile b/images/httpbin/rootfs/Dockerfile
index 0e490be74..a05f6872f 100644
--- a/images/httpbin/rootfs/Dockerfile
+++ b/images/httpbin/rootfs/Dockerfile
@@ -17,7 +17,7 @@ FROM alpine:3.17.2
 ENV LC_ALL=C.UTF-8
 ENV LANG=C.UTF-8
 
-RUN apk update \
+RUN apk upgrade && apk update \
   && apk add --no-cache \
     python3 python3-dev \
     musl-dev gcc g++ make \
diff --git a/images/kube-webhook-certgen/cloudbuild.yaml b/images/kube-webhook-certgen/cloudbuild.yaml
index 127dee6eb..ef938ef6a 100644
--- a/images/kube-webhook-certgen/cloudbuild.yaml
+++ b/images/kube-webhook-certgen/cloudbuild.yaml
@@ -21,7 +21,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/nginx/Makefile b/images/nginx/Makefile
index 438d0cfe1..053f1e5e8 100644
--- a/images/nginx/Makefile
+++ b/images/nginx/Makefile
@@ -21,7 +21,7 @@ DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
 # 0.0.0 shouldn't clobber any released builds
-TAG ?= 0.0
+TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
 REGISTRY ?= gcr.io/k8s-staging-ingress-nginx
 
 IMAGE = $(REGISTRY)/nginx
diff --git a/images/nginx/cloudbuild.yaml b/images/nginx/cloudbuild.yaml
index b3d7b1507..003209d77 100644
--- a/images/nginx/cloudbuild.yaml
+++ b/images/nginx/cloudbuild.yaml
@@ -9,7 +9,6 @@ steps:
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
       - BASE_REF=$_PULL_BASE_REF
-      - TAG=$_PULL_BASE_SHA
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       - HOME=/root
     args:
diff --git a/images/nginx/rootfs/Dockerfile b/images/nginx/rootfs/Dockerfile
index 3279af5d5..a968eb1b3 100644
--- a/images/nginx/rootfs/Dockerfile
+++ b/images/nginx/rootfs/Dockerfile
@@ -17,7 +17,7 @@ COPY . /
 
 RUN apk update \
   && apk upgrade \
-  && apk add -U bash \
+  && apk add -U bash --no-cache \
   && /build.sh
 
 # Use a multi-stage build
diff --git a/images/opentelemetry/cloudbuild.yaml b/images/opentelemetry/cloudbuild.yaml
index 0096c0f44..82b75e6e6 100644
--- a/images/opentelemetry/cloudbuild.yaml
+++ b/images/opentelemetry/cloudbuild.yaml
@@ -8,7 +8,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/test-runner/Makefile b/images/test-runner/Makefile
index 729f27415..289270e26 100644
--- a/images/test-runner/Makefile
+++ b/images/test-runner/Makefile
@@ -30,27 +30,52 @@ export DOCKER_CLI_EXPERIMENTAL=enabled
 
 # build with buildx
 PLATFORMS?=linux/amd64,linux/arm64
-OUTPUT=
+OUTPUT?=
 PROGRESS=plain
 
-build: ensure-buildx
-	docker buildx build \
-		--platform=${PLATFORMS} $(OUTPUT) \
-		--progress=$(PROGRESS) \
+image:
+	echo "Building docker image ($(ARCH))..."
+	docker build \
+		${PLATFORM_FLAG} ${PLATFORM} \
+		--no-cache \
 		--pull \
-		--build-arg BASE_IMAGE=$(NGINX_BASE_IMAGE) \
+		--push \
+		--build-arg BASE_IMAGE=${NGINX_BASE_IMAGE} \
 		--build-arg GOLANG_VERSION=1.20.1 \
 		--build-arg ETCD_VERSION=3.4.3-0 \
-		--build-arg K8S_RELEASE=v1.24.2 \
+		--build-arg K8S_RELEASE=v1.26.0 \
 		--build-arg RESTY_CLI_VERSION=0.27 \
 		--build-arg RESTY_CLI_SHA=e5f4f3128af49ba5c4d039d0554e5ae91bbe05866f60eccfa96d3653274bff90 \
 		--build-arg LUAROCKS_VERSION=3.8.0 \
 		--build-arg LUAROCKS_SHA=ab6612ca9ab87c6984871d2712d05525775e8b50172701a0a1cabddf76de2be7 \
-		--build-arg CHART_TESTING_VERSION=3.7.0 \
+		--build-arg CHART_TESTING_VERSION=3.8.0 \
 		--build-arg YAML_LINT_VERSION=1.27.1 \
 		--build-arg YAMALE_VERSION=4.0.4 \
-		--build-arg HELM_VERSION=v3.9.0 \
-		-t $(IMAGE):$(TAG) rootfs
+		--build-arg HELM_VERSION=3.11.2 \
+		--build-arg GINKGO_VERSION=2.9.0 \
+		--build-arg GOLINT_VERSION=latest \
+		-t ${IMAGE}:${TAG} rootfs
+
+build: ensure-buildx
+	docker buildx build \
+		--platform=${PLATFORMS} ${OUTPUT} \
+		--progress=${PROGRESS} \
+		--pull \
+		--build-arg BASE_IMAGE=${NGINX_BASE_IMAGE} \
+		--build-arg GOLANG_VERSION=1.20.1 \
+		--build-arg ETCD_VERSION=3.4.3-0 \
+		--build-arg K8S_RELEASE=v1.26.0 \
+		--build-arg RESTY_CLI_VERSION=0.27 \
+		--build-arg RESTY_CLI_SHA=e5f4f3128af49ba5c4d039d0554e5ae91bbe05866f60eccfa96d3653274bff90 \
+		--build-arg LUAROCKS_VERSION=3.8.0 \
+		--build-arg LUAROCKS_SHA=ab6612ca9ab87c6984871d2712d05525775e8b50172701a0a1cabddf76de2be7 \
+		--build-arg CHART_TESTING_VERSION=3.8.0 \
+		--build-arg YAML_LINT_VERSION=1.27.1 \
+		--build-arg YAMALE_VERSION=4.0.4 \
+		--build-arg HELM_VERSION=3.11.2 \
+		--build-arg GINKGO_VERSION=2.9.0 \
+		--build-arg GOLINT_VERSION=latest \
+		-t ${IMAGE}:${TAG} rootfs
 
 # push the cross built image
 push: OUTPUT=--push
diff --git a/images/test-runner/cloudbuild.yaml b/images/test-runner/cloudbuild.yaml
index b1f32d6a2..ff4667b0c 100644
--- a/images/test-runner/cloudbuild.yaml
+++ b/images/test-runner/cloudbuild.yaml
@@ -6,7 +6,6 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
-      - TAG=$_GIT_TAG
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
@@ -20,3 +19,4 @@ steps:
 substitutions:
   _GIT_TAG: "12345"
   _PULL_BASE_REF: "master"
+  _PULL_BASE_SHA: '12345'
\ No newline at end of file
diff --git a/images/test-runner/rootfs/Dockerfile b/images/test-runner/rootfs/Dockerfile
index 7872b7a2b..0b691a7d2 100644
--- a/images/test-runner/rootfs/Dockerfile
+++ b/images/test-runner/rootfs/Dockerfile
@@ -11,7 +11,6 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 ARG BASE_IMAGE
 ARG GOLANG_VERSION
 ARG ETCD_VERSION
@@ -21,6 +20,20 @@ FROM registry.k8s.io/etcd:${ETCD_VERSION} as etcd
 
 FROM ${BASE_IMAGE}
 
+ARG RESTY_CLI_VERSION
+ARG RESTY_CLI_SHA
+ARG LUAROCKS_VERSION
+ARG LUAROCKS_SHA
+ARG TARGETARCH
+ARG K8S_RELEASE
+ARG CHART_TESTING_VERSION
+ARG HELM_VERSION
+ARG YAMALE_VERSION
+ARG YAML_LINT_VERSION
+ARG GINKGO_VERSION
+ARG GOLINT_VERSION
+
+
 RUN set -eux; \
 	if [ -e /etc/nsswitch.conf ]; then \
 		grep '^hosts: files dns' /etc/nsswitch.conf; \
@@ -28,13 +41,16 @@ RUN set -eux; \
 		echo 'hosts: files dns' > /etc/nsswitch.conf; \
 	fi
 
-
 COPY --from=GO   /usr/local/go /usr/local/go
+ENV GOPATH /go
+ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH
+RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH"
+
 COPY --from=etcd /usr/local/bin/etcd /usr/local/bin/etcd
 
-RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories
+RUN echo "@testing https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories
 
-RUN apk add --no-cache \
+RUN apk update && apk upgrade && apk add --no-cache \
   bash \
   ca-certificates \
   wget \
@@ -48,19 +64,15 @@ RUN apk add --no-cache \
   py-pip \
   unzip \
   openssl \
-  cfssl@testing
+  cfssl@testing \
+  curl \
+  tzdata \
+  libc6-compat
 
-ENV GOPATH /go
-ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH
+RUN go install -v github.com/onsi/ginkgo/v2/ginkgo@v${GINKGO_VERSION} \
+    && go install golang.org/x/lint/golint@${GOLINT_VERSION}
 
-RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH"
-
-RUN go install github.com/onsi/ginkgo/v2/ginkgo@v2.9.0  && go install golang.org/x/lint/golint@latest
-
-ARG RESTY_CLI_VERSION
-ARG RESTY_CLI_SHA
-
-RUN wget -O /tmp/resty_cli.tgz \
+RUN wget -qO /tmp/resty_cli.tgz \
   https://github.com/openresty/resty-cli/archive/v${RESTY_CLI_VERSION}.tar.gz \
   && echo "${RESTY_CLI_SHA} */tmp/resty_cli.tgz" | sha256sum -c - \
   && tar -C /tmp -xzf /tmp/resty_cli.tgz \
@@ -68,10 +80,7 @@ RUN wget -O /tmp/resty_cli.tgz \
   && resty -V \
   && rm -rf /tmp/*
 
-ARG LUAROCKS_VERSION
-ARG LUAROCKS_SHA
-
-RUN wget -O /tmp/luarocks.tgz \
+RUN wget -qO /tmp/luarocks.tgz \
   https://github.com/luarocks/luarocks/archive/v${LUAROCKS_VERSION}.tar.gz \
   && echo "${LUAROCKS_SHA} */tmp/luarocks.tgz" | sha256sum -c - \
   && tar -C /tmp -xzf /tmp/luarocks.tgz \
@@ -82,48 +91,39 @@ RUN wget -O /tmp/luarocks.tgz \
 RUN  luarocks install busted \
   && luarocks install luacheck
 
-ARG TARGETARCH
-
-ARG K8S_RELEASE
-
-RUN wget -O /usr/local/bin/kubectl \
+RUN wget -qO /usr/local/bin/kubectl \
   https://storage.googleapis.com/kubernetes-release/release/${K8S_RELEASE}/bin/linux/${TARGETARCH}/kubectl \
   && chmod +x /usr/local/bin/kubectl
 
-RUN wget -O /usr/local/bin/kube-apiserver \
+RUN wget -qO /usr/local/bin/kube-apiserver \
   https://storage.googleapis.com/kubernetes-release/release/${K8S_RELEASE}/bin/linux/${TARGETARCH}/kube-apiserver \
   && chmod +x /usr/local/bin/kube-apiserver
 
-ARG CHART_TESTING_VERSION
-
-RUN wget -O /tmp/ct-${CHART_TESTING_VERSION}-linux-amd64.tar.gz \
-  https://github.com/helm/chart-testing/releases/download/v${CHART_TESTING_VERSION}/chart-testing_${CHART_TESTING_VERSION}_linux_amd64.tar.gz \
+RUN wget -qO /tmp/ct-${CHART_TESTING_VERSION}-linux-${TARGETARCH}.tar.gz \
+  https://github.com/helm/chart-testing/releases/download/v${CHART_TESTING_VERSION}/chart-testing_${CHART_TESTING_VERSION}_linux_${TARGETARCH}.tar.gz \
   && mkdir -p /tmp/ct-download \
-  && tar xzvf /tmp/ct-${CHART_TESTING_VERSION}-linux-amd64.tar.gz -C /tmp/ct-download \
-  && rm /tmp/ct-${CHART_TESTING_VERSION}-linux-amd64.tar.gz \
+  && tar xzvf /tmp/ct-${CHART_TESTING_VERSION}-linux-${TARGETARCH}.tar.gz -C /tmp/ct-download \
+  && rm /tmp/ct-${CHART_TESTING_VERSION}-linux-${TARGETARCH}.tar.gz \
   && cp /tmp/ct-download/ct /usr/local/bin \
   && mkdir -p /etc/ct \
   && cp -R /tmp/ct-download/etc/* /etc/ct \
   && rm -rf /tmp/*
 
-RUN wget -O /usr/local/bin/lj-releng \
+RUN wget -qO /usr/local/bin/lj-releng \
   https://raw.githubusercontent.com/openresty/openresty-devel-utils/master/lj-releng \
   && chmod +x /usr/local/bin/lj-releng
 
-ARG HELM_VERSION
 
-RUN wget -O /tmp/helm.tgz \
-  https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz \
+RUN wget -qO /tmp/helm.tgz \
+  https://get.helm.sh/helm-v${HELM_VERSION}-linux-${TARGETARCH}.tar.gz \
   && tar -C /tmp -xzf /tmp/helm.tgz \
   && cp /tmp/linux*/helm /usr/local/bin \
   && rm -rf /tmp/*
 
 # Install a YAML Linter
-ARG YAML_LINT_VERSION
 RUN pip install "yamllint==$YAML_LINT_VERSION"
 
 # Install Yamale YAML schema validator
-ARG YAMALE_VERSION
 RUN pip install "yamale==$YAMALE_VERSION"
 
 WORKDIR $GOPATH
diff --git a/test/e2e-image/Dockerfile b/test/e2e-image/Dockerfile
index 09ce36cc5..11abc26b4 100644
--- a/test/e2e-image/Dockerfile
+++ b/test/e2e-image/Dockerfile
@@ -3,7 +3,8 @@ FROM ${E2E_BASE_IMAGE} AS BASE
 
 FROM alpine:3.17.2
 
-RUN apk add -U --no-cache \
+RUN apk update \
+	&& apk upgrade && apk add -U --no-cache \
   ca-certificates \
   bash \
   curl \
diff --git a/test/e2e-image/Makefile b/test/e2e-image/Makefile
index 001146f65..011396531 100644
--- a/test/e2e-image/Makefile
+++ b/test/e2e-image/Makefile
@@ -1,6 +1,6 @@
 
 DIR:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
-E2E_BASE_IMAGE="registry.k8s.io/ingress-nginx/e2e-test-runner:v20230314-helm-chart-4.5.2-32-g520384b11@sha256:754c62f9a5efd1ee515ee908ecc16c0c4d1dda96a8cc8019667182a55f3a9035"
+E2E_BASE_IMAGE ?= "registry.k8s.io/ingress-nginx/e2e-test-runner:v20230314-helm-chart-4.5.2-32-g520384b11@sha256:754c62f9a5efd1ee515ee908ecc16c0c4d1dda96a8cc8019667182a55f3a9035"
 
 image:
 	echo "..entered Makefile in /test/e2e-image"

From 24e0e29386be3ba03249758dcd730360ad6ed97d Mon Sep 17 00:00:00 2001
From: James Strong <strong.james.e@gmail.com>
Date: Fri, 7 Apr 2023 10:42:37 -0400
Subject: [PATCH 22/30] add short sha to gcloud build and makefiles

Signed-off-by: James Strong <strong.james.e@gmail.com>
---
 images/cfssl/Makefile                           | 6 +++++-
 images/cfssl/cloudbuild.yaml                    | 1 +
 images/custom-error-pages/Makefile              | 4 +++-
 images/custom-error-pages/cloudbuild.yaml       | 1 +
 images/echo/Makefile                            | 4 +++-
 images/echo/cloudbuild.yaml                     | 1 +
 images/ext-auth-example-authsvc/cloudbuild.yaml | 1 +
 images/fastcgi-helloserver/Makefile             | 4 +++-
 images/fastcgi-helloserver/cloudbuild.yaml      | 1 +
 images/go-grpc-greeter-server/Makefile          | 4 +++-
 images/go-grpc-greeter-server/cloudbuild.yaml   | 1 +
 images/httpbin/Makefile                         | 4 +++-
 images/httpbin/cloudbuild.yaml                  | 1 +
 images/kube-webhook-certgen/Makefile            | 4 +++-
 images/kube-webhook-certgen/cloudbuild.yaml     | 1 +
 images/nginx/Makefile                           | 4 +++-
 images/nginx/cloudbuild.yaml                    | 1 +
 images/opentelemetry/Makefile                   | 4 +++-
 images/opentelemetry/cloudbuild.yaml            | 1 +
 images/test-runner/Makefile                     | 4 +++-
 images/test-runner/cloudbuild.yaml              | 1 +
 21 files changed, 43 insertions(+), 10 deletions(-)

diff --git a/images/cfssl/Makefile b/images/cfssl/Makefile
index 1521d2c78..8d8e597a4 100644
--- a/images/cfssl/Makefile
+++ b/images/cfssl/Makefile
@@ -18,9 +18,13 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= local
 
+
+
 IMAGE = $(REGISTRY)/e2e-test-cfssl
 
 # required to enable buildx
diff --git a/images/cfssl/cloudbuild.yaml b/images/cfssl/cloudbuild.yaml
index 3f0abee99..4976a3f67 100644
--- a/images/cfssl/cloudbuild.yaml
+++ b/images/cfssl/cloudbuild.yaml
@@ -6,6 +6,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/custom-error-pages/Makefile b/images/custom-error-pages/Makefile
index b014beabe..810736cca 100644
--- a/images/custom-error-pages/Makefile
+++ b/images/custom-error-pages/Makefile
@@ -20,7 +20,9 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/nginx-errors
diff --git a/images/custom-error-pages/cloudbuild.yaml b/images/custom-error-pages/cloudbuild.yaml
index 3490bd73b..e38d4bcdc 100644
--- a/images/custom-error-pages/cloudbuild.yaml
+++ b/images/custom-error-pages/cloudbuild.yaml
@@ -6,6 +6,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/echo/Makefile b/images/echo/Makefile
index 5dc546a8b..a213df5d3 100644
--- a/images/echo/Makefile
+++ b/images/echo/Makefile
@@ -18,7 +18,9 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-echo
diff --git a/images/echo/cloudbuild.yaml b/images/echo/cloudbuild.yaml
index 8f59b6727..f07be825a 100644
--- a/images/echo/cloudbuild.yaml
+++ b/images/echo/cloudbuild.yaml
@@ -6,6 +6,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/ext-auth-example-authsvc/cloudbuild.yaml b/images/ext-auth-example-authsvc/cloudbuild.yaml
index 8de32fdc9..c5bb5db6a 100644
--- a/images/ext-auth-example-authsvc/cloudbuild.yaml
+++ b/images/ext-auth-example-authsvc/cloudbuild.yaml
@@ -8,6 +8,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/fastcgi-helloserver/Makefile b/images/fastcgi-helloserver/Makefile
index 6c5a3647a..4d277a19d 100644
--- a/images/fastcgi-helloserver/Makefile
+++ b/images/fastcgi-helloserver/Makefile
@@ -20,7 +20,9 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-fastcgi-helloserver
diff --git a/images/fastcgi-helloserver/cloudbuild.yaml b/images/fastcgi-helloserver/cloudbuild.yaml
index 92f4be017..a4c9d5eff 100644
--- a/images/fastcgi-helloserver/cloudbuild.yaml
+++ b/images/fastcgi-helloserver/cloudbuild.yaml
@@ -6,6 +6,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/go-grpc-greeter-server/Makefile b/images/go-grpc-greeter-server/Makefile
index e6b6efae6..e221ecfea 100644
--- a/images/go-grpc-greeter-server/Makefile
+++ b/images/go-grpc-greeter-server/Makefile
@@ -18,7 +18,9 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/go-grpc-greeter-server
diff --git a/images/go-grpc-greeter-server/cloudbuild.yaml b/images/go-grpc-greeter-server/cloudbuild.yaml
index d618c5e6f..6f32bcf50 100644
--- a/images/go-grpc-greeter-server/cloudbuild.yaml
+++ b/images/go-grpc-greeter-server/cloudbuild.yaml
@@ -8,6 +8,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/httpbin/Makefile b/images/httpbin/Makefile
index 5d92ffcb5..a2ba07400 100644
--- a/images/httpbin/Makefile
+++ b/images/httpbin/Makefile
@@ -18,7 +18,9 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-httpbin
diff --git a/images/httpbin/cloudbuild.yaml b/images/httpbin/cloudbuild.yaml
index ffd8c9974..e9df202b8 100644
--- a/images/httpbin/cloudbuild.yaml
+++ b/images/httpbin/cloudbuild.yaml
@@ -8,6 +8,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/kube-webhook-certgen/Makefile b/images/kube-webhook-certgen/Makefile
index 1716bc07e..cd014c7c3 100644
--- a/images/kube-webhook-certgen/Makefile
+++ b/images/kube-webhook-certgen/Makefile
@@ -19,7 +19,9 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/kube-webhook-certgen
diff --git a/images/kube-webhook-certgen/cloudbuild.yaml b/images/kube-webhook-certgen/cloudbuild.yaml
index ef938ef6a..bf0bd3ce1 100644
--- a/images/kube-webhook-certgen/cloudbuild.yaml
+++ b/images/kube-webhook-certgen/cloudbuild.yaml
@@ -21,6 +21,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/nginx/Makefile b/images/nginx/Makefile
index 053f1e5e8..b54a7739b 100644
--- a/images/nginx/Makefile
+++ b/images/nginx/Makefile
@@ -21,7 +21,9 @@ DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
 # 0.0.0 shouldn't clobber any released builds
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= gcr.io/k8s-staging-ingress-nginx
 
 IMAGE = $(REGISTRY)/nginx
diff --git a/images/nginx/cloudbuild.yaml b/images/nginx/cloudbuild.yaml
index 003209d77..c581700dd 100644
--- a/images/nginx/cloudbuild.yaml
+++ b/images/nginx/cloudbuild.yaml
@@ -8,6 +8,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       - HOME=/root
diff --git a/images/opentelemetry/Makefile b/images/opentelemetry/Makefile
index 695dcf632..07a66beed 100644
--- a/images/opentelemetry/Makefile
+++ b/images/opentelemetry/Makefile
@@ -21,7 +21,9 @@ DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
 # 0.0.0 shouldn't clobber any released builds
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= gcr.io/k8s-staging-ingress-nginx
 
 IMAGE = $(REGISTRY)/opentelemetry
diff --git a/images/opentelemetry/cloudbuild.yaml b/images/opentelemetry/cloudbuild.yaml
index 82b75e6e6..9556ccba9 100644
--- a/images/opentelemetry/cloudbuild.yaml
+++ b/images/opentelemetry/cloudbuild.yaml
@@ -8,6 +8,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx
diff --git a/images/test-runner/Makefile b/images/test-runner/Makefile
index 289270e26..562625cff 100644
--- a/images/test-runner/Makefile
+++ b/images/test-runner/Makefile
@@ -18,7 +18,9 @@ SHELL=/bin/bash -o pipefail -o errexit
 DIR:=$(strip $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST)))))
 INIT_BUILDX=$(DIR)/../../hack/init-buildx.sh
 
-TAG ?=v$(shell date +%Y%m%d)-$(shell git rev-parse --short HEAD)
+SHORT_SHA ?=$(shell git rev-parse --short HEAD)
+TAG ?=v$(shell date +%Y%m%d)-$(SHORT_SHA)
+
 REGISTRY ?= local
 
 IMAGE = $(REGISTRY)/e2e-test-runner
diff --git a/images/test-runner/cloudbuild.yaml b/images/test-runner/cloudbuild.yaml
index ff4667b0c..761ea7f28 100644
--- a/images/test-runner/cloudbuild.yaml
+++ b/images/test-runner/cloudbuild.yaml
@@ -6,6 +6,7 @@ steps:
     entrypoint: bash
     env:
       - DOCKER_CLI_EXPERIMENTAL=enabled
+      - SHORT_SHA=$SHORT_SHA
       - BASE_REF=$_PULL_BASE_REF
       - REGISTRY=gcr.io/k8s-staging-ingress-nginx
       # default cloudbuild has HOME=/builder/home and docker buildx is in /root/.docker/cli-plugins/docker-buildx

From 7fcafff04617528619950b1cef190a3b424e4f2b Mon Sep 17 00:00:00 2001
From: Marco Ebert <marco@giantswarm.io>
Date: Fri, 7 Apr 2023 17:39:15 +0200
Subject: [PATCH 23/30] Chart: Improve `README.md`. (#9831)

---
 charts/ingress-nginx/README.md        | 28 ++-------------------------
 charts/ingress-nginx/README.md.gotmpl | 27 +-------------------------
 2 files changed, 3 insertions(+), 52 deletions(-)

diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md
index cb3848634..44b553ece 100644
--- a/charts/ingress-nginx/README.md
+++ b/charts/ingress-nginx/README.md
@@ -8,10 +8,9 @@ To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.c
 
 This chart bootstraps an ingress-nginx deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 
-## Prerequisites
+## Requirements
 
-- Chart version 3.x.x: Kubernetes v1.16+
-- Chart version 4.x.x and above: Kubernetes v1.19+
+Kubernetes: `>=1.20.0-0`
 
 ## Get Repo Info
 
@@ -52,10 +51,6 @@ helm upgrade [RELEASE_NAME] [CHART] --install
 
 _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
 
-### Upgrading With Zero Downtime in Production
-
-By default the ingress-nginx controller has service interruptions whenever it's pods are restarted or redeployed. In order to fix that, see the excellent blog post by Lindsay Landry from Codecademy: [Kubernetes: Nginx and Zero Downtime in Production](https://medium.com/codecademy-engineering/kubernetes-nginx-and-zero-downtime-in-production-2c910c6a5ed8).
-
 ### Migrating from stable/nginx-ingress
 
 There are two main ways to migrate a release from `stable/nginx-ingress` to `ingress-nginx/ingress-nginx` chart:
@@ -66,7 +61,6 @@ There are two main ways to migrate a release from `stable/nginx-ingress` to `ing
     1. Redirect your DNS traffic from the old controller to the new controller
     1. Log traffic from both controllers during this changeover
     1. [Uninstall](#uninstall-chart) the old controller once traffic has fully drained from it
-    1. For details on all of these steps see [Upgrading With Zero Downtime in Production](#upgrading-with-zero-downtime-in-production)
 
 Note that there are some different and upgraded configurations between the two charts, described by Rimas Mocevicius from JFrog in the "Upgrading to ingress-nginx Helm chart" section of [Migrating from Helm chart nginx-ingress to ingress-nginx](https://rimusz.net/migrating-to-ingress-nginx). As the `ingress-nginx/ingress-nginx` chart continues to update, you will want to check current differences by running [helm configuration](#configuration) commands on both charts.
 
@@ -126,19 +120,6 @@ controller:
       service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '3600'
 ```
 
-### AWS route53-mapper
-
-To configure the LoadBalancer service with the [route53-mapper addon](https://github.com/kubernetes/kops/blob/be63d4f1a7a46daaf1c4c482527328236850f111/addons/route53-mapper/README.md), add the `domainName` annotation and `dns` label:
-
-```yaml
-controller:
-  service:
-    labels:
-      dns: "route53"
-    annotations:
-      domainName: "kubernetes-example.com"
-```
-
 ### Additional Internal Load Balancer
 
 This setup is useful when you need both external and internal load balancers but don't want to have multiple ingress controllers and multiple ingress objects per application.
@@ -244,10 +225,6 @@ Detail of how and why are in [this issue](https://github.com/helm/charts/pull/13
 
 As of version `1.26.0` of this chart, by simply not providing any clusterIP value, `invalid: spec.clusterIP: Invalid value: "": field is immutable` will no longer occur since `clusterIP: ""` will not be rendered.
 
-## Requirements
-
-Kubernetes: `>=1.20.0-0`
-
 ## Values
 
 | Key | Type | Default | Description |
@@ -522,4 +499,3 @@ Kubernetes: `>=1.20.0-0`
 | serviceAccount.name | string | `""` |  |
 | tcp | object | `{}` | TCP service key-value pairs # Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md # |
 | udp | object | `{}` | UDP service key-value pairs # Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md # |
-
diff --git a/charts/ingress-nginx/README.md.gotmpl b/charts/ingress-nginx/README.md.gotmpl
index 99a2a62cb..238166277 100644
--- a/charts/ingress-nginx/README.md.gotmpl
+++ b/charts/ingress-nginx/README.md.gotmpl
@@ -7,10 +7,7 @@ To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.c
 
 This chart bootstraps an ingress-nginx deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
 
-## Prerequisites
-
-- Chart version 3.x.x: Kubernetes v1.16+
-- Chart version 4.x.x and above: Kubernetes v1.19+
+{{ template "chart.requirementsSection" . }}
 
 ## Get Repo Info
 
@@ -51,10 +48,6 @@ helm upgrade [RELEASE_NAME] [CHART] --install
 
 _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
 
-### Upgrading With Zero Downtime in Production
-
-By default the ingress-nginx controller has service interruptions whenever it's pods are restarted or redeployed. In order to fix that, see the excellent blog post by Lindsay Landry from Codecademy: [Kubernetes: Nginx and Zero Downtime in Production](https://medium.com/codecademy-engineering/kubernetes-nginx-and-zero-downtime-in-production-2c910c6a5ed8).
-
 ### Migrating from stable/nginx-ingress
 
 There are two main ways to migrate a release from `stable/nginx-ingress` to `ingress-nginx/ingress-nginx` chart:
@@ -65,7 +58,6 @@ There are two main ways to migrate a release from `stable/nginx-ingress` to `ing
     1. Redirect your DNS traffic from the old controller to the new controller
     1. Log traffic from both controllers during this changeover
     1. [Uninstall](#uninstall-chart) the old controller once traffic has fully drained from it
-    1. For details on all of these steps see [Upgrading With Zero Downtime in Production](#upgrading-with-zero-downtime-in-production)
 
 Note that there are some different and upgraded configurations between the two charts, described by Rimas Mocevicius from JFrog in the "Upgrading to ingress-nginx Helm chart" section of [Migrating from Helm chart nginx-ingress to ingress-nginx](https://rimusz.net/migrating-to-ingress-nginx). As the `ingress-nginx/ingress-nginx` chart continues to update, you will want to check current differences by running [helm configuration](#configuration) commands on both charts.
 
@@ -125,19 +117,6 @@ controller:
       service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '3600'
 ```
 
-### AWS route53-mapper
-
-To configure the LoadBalancer service with the [route53-mapper addon](https://github.com/kubernetes/kops/blob/be63d4f1a7a46daaf1c4c482527328236850f111/addons/route53-mapper/README.md), add the `domainName` annotation and `dns` label:
-
-```yaml
-controller:
-  service:
-    labels:
-      dns: "route53"
-    annotations:
-      domainName: "kubernetes-example.com"
-```
-
 ### Additional Internal Load Balancer
 
 This setup is useful when you need both external and internal load balancers but don't want to have multiple ingress controllers and multiple ingress objects per application.
@@ -243,8 +222,4 @@ Detail of how and why are in [this issue](https://github.com/helm/charts/pull/13
 
 As of version `1.26.0` of this chart, by simply not providing any clusterIP value, `invalid: spec.clusterIP: Invalid value: "": field is immutable` will no longer occur since `clusterIP: ""` will not be rendered.
 
-{{ template "chart.requirementsSection" . }}
-
 {{ template "chart.valuesSection" . }}
-
-{{ template "helm-docs.versionFooter" . }}

From 4e8d0b5836096426393340273260b9000cd1e151 Mon Sep 17 00:00:00 2001
From: Marco Cadetg <cadetg@gmail.com>
Date: Tue, 11 Apr 2023 10:01:18 +0200
Subject: [PATCH 24/30] Exclude socket metrics (#9770)

* exclude creation and exporting of socket metrics via flag

* make exclude metric naming more consistent

* fix connect time metric update

* add documentation

* e2e test

* improve creation of metric mapping
---
 cmd/dataplane/main.go                         |   2 +-
 cmd/nginx/main.go                             |   2 +-
 docs/user-guide/cli-arguments.md              |   1 +
 internal/ingress/controller/controller.go     |   9 +-
 internal/ingress/metric/collectors/socket.go  | 219 +++++++++++-------
 .../ingress/metric/collectors/socket_test.go  | 116 +++++++++-
 internal/ingress/metric/main.go               |   4 +-
 pkg/flags/flags.go                            |  10 +-
 test/e2e/e2e.go                               |   1 +
 test/e2e/metrics/metrics.go                   |  94 ++++++++
 10 files changed, 362 insertions(+), 96 deletions(-)
 create mode 100644 test/e2e/metrics/metrics.go

diff --git a/cmd/dataplane/main.go b/cmd/dataplane/main.go
index 0ab978429..6fd559e4d 100644
--- a/cmd/dataplane/main.go
+++ b/cmd/dataplane/main.go
@@ -70,7 +70,7 @@ func main() {
 	mc := metric.NewDummyCollector()
 	if conf.EnableMetrics {
 		// TODO: Ingress class is not a part of dataplane anymore
-		mc, err = metric.NewCollector(conf.MetricsPerHost, conf.ReportStatusClasses, reg, conf.IngressClassConfiguration.Controller, *conf.MetricsBuckets)
+		mc, err = metric.NewCollector(conf.MetricsPerHost, conf.ReportStatusClasses, reg, conf.IngressClassConfiguration.Controller, *conf.MetricsBuckets, conf.ExcludeSocketMetrics)
 		if err != nil {
 			klog.Fatalf("Error creating prometheus collector:  %v", err)
 		}
diff --git a/cmd/nginx/main.go b/cmd/nginx/main.go
index 9f0973ec9..48dd933dc 100644
--- a/cmd/nginx/main.go
+++ b/cmd/nginx/main.go
@@ -133,7 +133,7 @@ func main() {
 
 	mc := metric.NewDummyCollector()
 	if conf.EnableMetrics {
-		mc, err = metric.NewCollector(conf.MetricsPerHost, conf.ReportStatusClasses, reg, conf.IngressClassConfiguration.Controller, *conf.MetricsBuckets)
+		mc, err = metric.NewCollector(conf.MetricsPerHost, conf.ReportStatusClasses, reg, conf.IngressClassConfiguration.Controller, *conf.MetricsBuckets, conf.ExcludeSocketMetrics)
 		if err != nil {
 			klog.Fatalf("Error creating prometheus collector:  %v", err)
 		}
diff --git a/docs/user-guide/cli-arguments.md b/docs/user-guide/cli-arguments.md
index febc6f762..59e52957d 100644
--- a/docs/user-guide/cli-arguments.md
+++ b/docs/user-guide/cli-arguments.md
@@ -25,6 +25,7 @@ They are set in the container spec of the `ingress-nginx-controller` Deployment
 | `--enable-ssl-chain-completion`    | Autocomplete SSL certificate chains with missing intermediate CA certificates. Certificates uploaded to Kubernetes must have the "Authority Information Access" X.509 v3 extension for this to succeed. (default false)|
 | `--enable-ssl-passthrough`         | Enable SSL Passthrough. (default false) |
 | `--enable-topology-aware-routing`  | Enable topology aware hints feature, needs service object annotation service.kubernetes.io/topology-aware-hints sets to auto. (default false) |
+| `--exclude-socket-metrics`         | Set of socket request metrics to exclude which won't be exported nor being calculated. The possible socket request metrics to exclude are documented in the monitoring guide e.g. 'nginx_ingress_controller_request_duration_seconds,nginx_ingress_controller_response_size'|
 | `--health-check-path`              | URL path of the health check endpoint. Configured inside the NGINX status server. All requests received on the port defined by the healthz-port parameter are forwarded internally to this path. (default "/healthz") |
 | `--health-check-timeout`           | Time limit, in seconds, for a probe to health-check-path to succeed. (default 10) |
 | `--healthz-port`                   | Port to use for the healthz endpoint. (default 10254) |
diff --git a/internal/ingress/controller/controller.go b/internal/ingress/controller/controller.go
index 5d94605b5..17142a478 100644
--- a/internal/ingress/controller/controller.go
+++ b/internal/ingress/controller/controller.go
@@ -102,10 +102,11 @@ type Configuration struct {
 
 	EnableProfiling bool
 
-	EnableMetrics       bool
-	MetricsPerHost      bool
-	MetricsBuckets      *collectors.HistogramBuckets
-	ReportStatusClasses bool
+	EnableMetrics        bool
+	MetricsPerHost       bool
+	MetricsBuckets       *collectors.HistogramBuckets
+	ReportStatusClasses  bool
+	ExcludeSocketMetrics []string
 
 	FakeCertificate *ingress.SSLCert
 
diff --git a/internal/ingress/metric/collectors/socket.go b/internal/ingress/metric/collectors/socket.go
index 23048d5d6..508cc6bc8 100644
--- a/internal/ingress/metric/collectors/socket.go
+++ b/internal/ingress/metric/collectors/socket.go
@@ -21,6 +21,7 @@ import (
 	"io"
 	"net"
 	"os"
+	"strings"
 	"syscall"
 
 	jsoniter "github.com/json-iterator/go"
@@ -60,6 +61,8 @@ type HistogramBuckets struct {
 	SizeBuckets   []float64
 }
 
+type metricMapping map[string]prometheus.Collector
+
 // SocketCollector stores prometheus metrics and ingress meta-data
 type SocketCollector struct {
 	prometheus.Collector
@@ -78,7 +81,7 @@ type SocketCollector struct {
 
 	listener net.Listener
 
-	metricMapping map[string]interface{}
+	metricMapping metricMapping
 
 	hosts sets.Set[string]
 
@@ -106,7 +109,7 @@ var defObjectives = map[float64]float64{0.5: 0.05, 0.9: 0.01, 0.99: 0.001}
 
 // NewSocketCollector creates a new SocketCollector instance using
 // the ingress watch namespace and class used by the controller
-func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStatusClasses bool, buckets HistogramBuckets) (*SocketCollector, error) {
+func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStatusClasses bool, buckets HistogramBuckets, excludeMetrics []string) (*SocketCollector, error) {
 	socket := "/tmp/nginx/prometheus-nginx.socket"
 	// unix sockets must be unlink()ed before being used
 	_ = syscall.Unlink(socket)
@@ -132,13 +135,23 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 		requestTags = append(requestTags, "host")
 	}
 
+	em := make(map[string]struct{}, len(excludeMetrics))
+	for _, m := range excludeMetrics {
+		// remove potential nginx_ingress_controller prefix from the metric name
+		// TBD: how to handle fully qualified histogram metrics e.g. _buckets and _sum. Should we just remove the suffix and remove the histogram metric or ignore it?
+		em[strings.TrimPrefix(m, "nginx_ingress_controller_")] = struct{}{}
+	}
+
+	// create metric mapping with only the metrics that are not excluded
+	mm := make(metricMapping)
+
 	sc := &SocketCollector{
 		listener: listener,
 
 		metricsPerHost:      metricsPerHost,
 		reportStatusClasses: reportStatusClasses,
 
-		connectTime: prometheus.NewHistogramVec(
+		connectTime: histogramMetric(
 			prometheus.HistogramOpts{
 				Name:        "connect_duration_seconds",
 				Help:        "The time spent on establishing a connection with the upstream server",
@@ -147,8 +160,11 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 				Buckets:     buckets.TimeBuckets,
 			},
 			requestTags,
+			em,
+			mm,
 		),
-		headerTime: prometheus.NewHistogramVec(
+
+		headerTime: histogramMetric(
 			prometheus.HistogramOpts{
 				Name:        "header_duration_seconds",
 				Help:        "The time spent on receiving first header from the upstream server",
@@ -157,8 +173,10 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 				Buckets:     buckets.TimeBuckets,
 			},
 			requestTags,
+			em,
+			mm,
 		),
-		responseTime: prometheus.NewHistogramVec(
+		responseTime: histogramMetric(
 			prometheus.HistogramOpts{
 				Name:        "response_duration_seconds",
 				Help:        "The time spent on receiving the response from the upstream server",
@@ -167,8 +185,11 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 				Buckets:     buckets.TimeBuckets,
 			},
 			requestTags,
+			em,
+			mm,
 		),
-		requestTime: prometheus.NewHistogramVec(
+
+		requestTime: histogramMetric(
 			prometheus.HistogramOpts{
 				Name:        "request_duration_seconds",
 				Help:        "The request processing time in milliseconds",
@@ -177,9 +198,11 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 				Buckets:     buckets.TimeBuckets,
 			},
 			requestTags,
+			em,
+			mm,
 		),
 
-		responseLength: prometheus.NewHistogramVec(
+		responseLength: histogramMetric(
 			prometheus.HistogramOpts{
 				Name:        "response_size",
 				Help:        "The response length (including request line, header, and request body)",
@@ -188,19 +211,24 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 				Buckets:     buckets.LengthBuckets,
 			},
 			requestTags,
+			em,
+			mm,
 		),
-		requestLength: prometheus.NewHistogramVec(
+
+		requestLength: histogramMetric(
 			prometheus.HistogramOpts{
 				Name:        "request_size",
 				Help:        "The request length (including request line, header, and request body)",
 				Namespace:   PrometheusNamespace,
-				Buckets:     buckets.LengthBuckets,
 				ConstLabels: constLabels,
+				Buckets:     buckets.LengthBuckets,
 			},
 			requestTags,
+			em,
+			mm,
 		),
 
-		requests: prometheus.NewCounterVec(
+		requests: counterMetric(
 			prometheus.CounterOpts{
 				Name:        "requests",
 				Help:        "The total number of client requests",
@@ -208,9 +236,11 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 				ConstLabels: constLabels,
 			},
 			requestTags,
+			em,
+			mm,
 		),
 
-		bytesSent: prometheus.NewHistogramVec(
+		bytesSent: histogramMetric(
 			prometheus.HistogramOpts{
 				Name:        "bytes_sent",
 				Help:        "DEPRECATED The number of bytes sent to a client",
@@ -219,9 +249,11 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 				ConstLabels: constLabels,
 			},
 			requestTags,
+			em,
+			mm,
 		),
 
-		upstreamLatency: prometheus.NewSummaryVec(
+		upstreamLatency: summaryMetric(
 			prometheus.SummaryOpts{
 				Name:        "ingress_upstream_latency_seconds",
 				Help:        "DEPRECATED Upstream service latency per Ingress",
@@ -230,28 +262,59 @@ func NewSocketCollector(pod, namespace, class string, metricsPerHost, reportStat
 				Objectives:  defObjectives,
 			},
 			[]string{"ingress", "namespace", "service", "canary"},
+			em,
+			mm,
 		),
 	}
 
-	sc.metricMapping = map[string]interface{}{
-		prometheus.BuildFQName(PrometheusNamespace, "", "requests"): sc.requests,
-
-		prometheus.BuildFQName(PrometheusNamespace, "", "connect_duration_seconds"):  sc.connectTime,
-		prometheus.BuildFQName(PrometheusNamespace, "", "header_duration_seconds"):   sc.headerTime,
-		prometheus.BuildFQName(PrometheusNamespace, "", "response_duration_seconds"): sc.responseTime,
-		prometheus.BuildFQName(PrometheusNamespace, "", "request_duration_seconds"):  sc.requestTime,
-
-		prometheus.BuildFQName(PrometheusNamespace, "", "request_size"):  sc.requestLength,
-		prometheus.BuildFQName(PrometheusNamespace, "", "response_size"): sc.responseLength,
-
-		prometheus.BuildFQName(PrometheusNamespace, "", "bytes_sent"): sc.bytesSent,
-
-		prometheus.BuildFQName(PrometheusNamespace, "", "ingress_upstream_latency_seconds"): sc.upstreamLatency,
-	}
-
+	sc.metricMapping = mm
 	return sc, nil
 }
 
+func containsMetric(excludeMetrics map[string]struct{}, name string) bool {
+	if _, ok := excludeMetrics[name]; ok {
+		klog.V(3).InfoS("Skipping metric", "metric", name)
+		return true
+	}
+	return false
+}
+
+func summaryMetric(opts prometheus.SummaryOpts, requestTags []string, excludeMetrics map[string]struct{}, metricMapping metricMapping) *prometheus.SummaryVec {
+	if containsMetric(excludeMetrics, opts.Name) {
+		return nil
+	}
+	m := prometheus.NewSummaryVec(
+		opts,
+		requestTags,
+	)
+	metricMapping[prometheus.BuildFQName(PrometheusNamespace, "", opts.Name)] = m
+	return m
+}
+
+func counterMetric(opts prometheus.CounterOpts, requestTags []string, excludeMetrics map[string]struct{}, metricMapping metricMapping) *prometheus.CounterVec {
+	if containsMetric(excludeMetrics, opts.Name) {
+		return nil
+	}
+	m := prometheus.NewCounterVec(
+		opts,
+		requestTags,
+	)
+	metricMapping[prometheus.BuildFQName(PrometheusNamespace, "", opts.Name)] = m
+	return m
+}
+
+func histogramMetric(opts prometheus.HistogramOpts, requestTags []string, excludeMetrics map[string]struct{}, metricMapping metricMapping) *prometheus.HistogramVec {
+	if containsMetric(excludeMetrics, opts.Name) {
+		return nil
+	}
+	m := prometheus.NewHistogramVec(
+		opts,
+		requestTags,
+	)
+	metricMapping[prometheus.BuildFQName(PrometheusNamespace, "", opts.Name)] = m
+	return m
+}
+
 func (sc *SocketCollector) handleMessage(msg []byte) {
 	klog.V(5).InfoS("Metric", "message", string(msg))
 
@@ -305,30 +368,36 @@ func (sc *SocketCollector) handleMessage(msg []byte) {
 			"canary":    stats.Canary,
 		}
 
-		requestsMetric, err := sc.requests.GetMetricWith(collectorLabels)
-		if err != nil {
-			klog.ErrorS(err, "Error fetching requests metric")
-		} else {
-			requestsMetric.Inc()
+		if sc.requests != nil {
+			requestsMetric, err := sc.requests.GetMetricWith(collectorLabels)
+			if err != nil {
+				klog.ErrorS(err, "Error fetching requests metric")
+			} else {
+				requestsMetric.Inc()
+			}
 		}
 
 		if stats.Latency != -1 {
-			connectTimeMetric, err := sc.connectTime.GetMetricWith(requestLabels)
-			if err != nil {
-				klog.ErrorS(err, "Error fetching connect time metric")
-			} else {
-				connectTimeMetric.Observe(stats.Latency)
+			if sc.connectTime != nil {
+				connectTimeMetric, err := sc.connectTime.GetMetricWith(requestLabels)
+				if err != nil {
+					klog.ErrorS(err, "Error fetching connect time metric")
+				} else {
+					connectTimeMetric.Observe(stats.Latency)
+				}
 			}
 
-			latencyMetric, err := sc.upstreamLatency.GetMetricWith(latencyLabels)
-			if err != nil {
-				klog.ErrorS(err, "Error fetching latency metric")
-			} else {
-				latencyMetric.Observe(stats.Latency)
+			if sc.upstreamLatency != nil {
+				latencyMetric, err := sc.upstreamLatency.GetMetricWith(latencyLabels)
+				if err != nil {
+					klog.ErrorS(err, "Error fetching latency metric")
+				} else {
+					latencyMetric.Observe(stats.Latency)
+				}
 			}
 		}
 
-		if stats.HeaderTime != -1 {
+		if stats.HeaderTime != -1 && sc.headerTime != nil {
 			headerTimeMetric, err := sc.headerTime.GetMetricWith(requestLabels)
 			if err != nil {
 				klog.ErrorS(err, "Error fetching header time metric")
@@ -337,7 +406,7 @@ func (sc *SocketCollector) handleMessage(msg []byte) {
 			}
 		}
 
-		if stats.RequestTime != -1 {
+		if stats.RequestTime != -1 && sc.requestTime != nil {
 			requestTimeMetric, err := sc.requestTime.GetMetricWith(requestLabels)
 			if err != nil {
 				klog.ErrorS(err, "Error fetching request duration metric")
@@ -346,7 +415,7 @@ func (sc *SocketCollector) handleMessage(msg []byte) {
 			}
 		}
 
-		if stats.RequestLength != -1 {
+		if stats.RequestLength != -1 && sc.requestLength != nil {
 			requestLengthMetric, err := sc.requestLength.GetMetricWith(requestLabels)
 			if err != nil {
 				klog.ErrorS(err, "Error fetching request length metric")
@@ -355,7 +424,7 @@ func (sc *SocketCollector) handleMessage(msg []byte) {
 			}
 		}
 
-		if stats.ResponseTime != -1 {
+		if stats.ResponseTime != -1 && sc.responseTime != nil {
 			responseTimeMetric, err := sc.responseTime.GetMetricWith(requestLabels)
 			if err != nil {
 				klog.ErrorS(err, "Error fetching upstream response time metric")
@@ -365,18 +434,22 @@ func (sc *SocketCollector) handleMessage(msg []byte) {
 		}
 
 		if stats.ResponseLength != -1 {
-			bytesSentMetric, err := sc.bytesSent.GetMetricWith(requestLabels)
-			if err != nil {
-				klog.ErrorS(err, "Error fetching bytes sent metric")
-			} else {
-				bytesSentMetric.Observe(stats.ResponseLength)
+			if sc.bytesSent != nil {
+				bytesSentMetric, err := sc.bytesSent.GetMetricWith(requestLabels)
+				if err != nil {
+					klog.ErrorS(err, "Error fetching bytes sent metric")
+				} else {
+					bytesSentMetric.Observe(stats.ResponseLength)
+				}
 			}
 
-			responseSizeMetric, err := sc.responseLength.GetMetricWith(requestLabels)
-			if err != nil {
-				klog.ErrorS(err, "Error fetching bytes sent metric")
-			} else {
-				responseSizeMetric.Observe(stats.ResponseLength)
+			if sc.responseLength != nil {
+				responseSizeMetric, err := sc.responseLength.GetMetricWith(requestLabels)
+				if err != nil {
+					klog.ErrorS(err, "Error fetching bytes sent metric")
+				} else {
+					responseSizeMetric.Observe(stats.ResponseLength)
+				}
 			}
 		}
 	}
@@ -471,36 +544,16 @@ func (sc *SocketCollector) RemoveMetrics(ingresses []string, registry prometheus
 
 // Describe implements prometheus.Collector
 func (sc SocketCollector) Describe(ch chan<- *prometheus.Desc) {
-	sc.connectTime.Describe(ch)
-	sc.headerTime.Describe(ch)
-	sc.responseTime.Describe(ch)
-	sc.requestTime.Describe(ch)
-
-	sc.requestLength.Describe(ch)
-	sc.responseLength.Describe(ch)
-
-	sc.requests.Describe(ch)
-
-	sc.upstreamLatency.Describe(ch)
-
-	sc.bytesSent.Describe(ch)
+	for _, metric := range sc.metricMapping {
+		metric.Describe(ch)
+	}
 }
 
 // Collect implements the prometheus.Collector interface.
 func (sc SocketCollector) Collect(ch chan<- prometheus.Metric) {
-	sc.connectTime.Collect(ch)
-	sc.headerTime.Collect(ch)
-	sc.responseTime.Collect(ch)
-	sc.requestTime.Collect(ch)
-
-	sc.requestLength.Collect(ch)
-	sc.responseLength.Collect(ch)
-
-	sc.requests.Collect(ch)
-
-	sc.upstreamLatency.Collect(ch)
-
-	sc.bytesSent.Collect(ch)
+	for _, metric := range sc.metricMapping {
+		metric.Collect(ch)
+	}
 }
 
 // SetHosts sets the hostnames that are being served by the ingress controller
diff --git a/internal/ingress/metric/collectors/socket_test.go b/internal/ingress/metric/collectors/socket_test.go
index 4bebc7600..fe442aba0 100644
--- a/internal/ingress/metric/collectors/socket_test.go
+++ b/internal/ingress/metric/collectors/socket_test.go
@@ -84,6 +84,7 @@ func TestCollector(t *testing.T) {
 		data             []string
 		metrics          []string
 		useStatusClasses bool
+		excludeMetrics   []string
 		wantBefore       string
 		removeIngresses  []string
 		wantAfter        string
@@ -470,13 +471,126 @@ func TestCollector(t *testing.T) {
 			wantAfter: `
 			`,
 		},
+		{
+			name: "basic exclude metrics test",
+			data: []string{`[{
+				"host":"testshop.com",
+				"status":"200",
+				"bytesSent":150.0,
+				"method":"GET",
+				"path":"/admin",
+				"requestLength":300.0,
+				"requestTime":60.0,
+				"upstreamLatency":1.0,
+				"upstreamHeaderTime":5.0,
+				"upstreamName":"test-upstream",
+				"upstreamIP":"1.1.1.1:8080",
+				"upstreamResponseTime":200,
+				"upstreamStatus":"220",
+				"namespace":"test-app-production",
+				"ingress":"web-yml",
+				"service":"test-app",
+				"canary":""
+			}]`},
+			excludeMetrics:   []string{"nginx_ingress_controller_connect_duration_seconds"},
+			metrics:          []string{"nginx_ingress_controller_connect_duration_seconds", "nginx_ingress_controller_response_duration_seconds"},
+			useStatusClasses: true,
+			wantBefore: `
+				# HELP nginx_ingress_controller_response_duration_seconds The time spent on receiving the response from the upstream server
+				# TYPE nginx_ingress_controller_response_duration_seconds histogram
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.005"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.01"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.025"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.05"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.1"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.25"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.5"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="1"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="2.5"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="5"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="10"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="+Inf"} 1
+				nginx_ingress_controller_response_duration_seconds_sum{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx"} 200
+				nginx_ingress_controller_response_duration_seconds_count{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx"} 1
+			`,
+		},
+		{
+			name: "remove metrics with the short metric name",
+			data: []string{`[{
+				"host":"testshop.com",
+				"status":"200",
+				"bytesSent":150.0,
+				"method":"GET",
+				"path":"/admin",
+				"requestLength":300.0,
+				"requestTime":60.0,
+				"upstreamLatency":1.0,
+				"upstreamHeaderTime":5.0,
+				"upstreamName":"test-upstream",
+				"upstreamIP":"1.1.1.1:8080",
+				"upstreamResponseTime":200,
+				"upstreamStatus":"220",
+				"namespace":"test-app-production",
+				"ingress":"web-yml",
+				"service":"test-app",
+				"canary":""
+			}]`},
+			excludeMetrics:   []string{"response_duration_seconds"},
+			metrics:          []string{"nginx_ingress_controller_response_duration_seconds"},
+			useStatusClasses: true,
+			wantBefore: `
+			`,
+		},
+		{
+			name: "exclude metrics make sure to only remove exactly matched metrics",
+			data: []string{`[{
+				"host":"testshop.com",
+				"status":"200",
+				"bytesSent":150.0,
+				"method":"GET",
+				"path":"/admin",
+				"requestLength":300.0,
+				"requestTime":60.0,
+				"upstreamLatency":1.0,
+				"upstreamHeaderTime":5.0,
+				"upstreamName":"test-upstream",
+				"upstreamIP":"1.1.1.1:8080",
+				"upstreamResponseTime":200,
+				"upstreamStatus":"220",
+				"namespace":"test-app-production",
+				"ingress":"web-yml",
+				"service":"test-app",
+				"canary":""
+			}]`},
+			excludeMetrics:   []string{"response_duration_seconds2", "test.*", "nginx_ingress_.*", "response_duration_secon"},
+			metrics:          []string{"nginx_ingress_controller_response_duration_seconds"},
+			useStatusClasses: true,
+			wantBefore: `
+				# HELP nginx_ingress_controller_response_duration_seconds The time spent on receiving the response from the upstream server
+				# TYPE nginx_ingress_controller_response_duration_seconds histogram
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.005"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.01"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.025"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.05"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.1"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.25"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="0.5"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="1"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="2.5"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="5"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="10"} 0
+				nginx_ingress_controller_response_duration_seconds_bucket{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx",le="+Inf"} 1
+				nginx_ingress_controller_response_duration_seconds_sum{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx"} 200
+				nginx_ingress_controller_response_duration_seconds_count{canary="",controller_class="ingress",controller_namespace="default",controller_pod="pod",host="testshop.com",ingress="web-yml",method="GET",namespace="test-app-production",path="/admin",service="test-app",status="2xx"} 1
+			`,
+		},
 	}
 
 	for _, c := range cases {
 		t.Run(c.name, func(t *testing.T) {
 			registry := prometheus.NewPedanticRegistry()
 
-			sc, err := NewSocketCollector("pod", "default", "ingress", true, c.useStatusClasses, buckets)
+			sc, err := NewSocketCollector("pod", "default", "ingress", true, c.useStatusClasses, buckets, c.excludeMetrics)
 			if err != nil {
 				t.Errorf("%v: unexpected error creating new SocketCollector: %v", c.name, err)
 			}
diff --git a/internal/ingress/metric/main.go b/internal/ingress/metric/main.go
index cac86e889..b2f721f62 100644
--- a/internal/ingress/metric/main.go
+++ b/internal/ingress/metric/main.go
@@ -71,7 +71,7 @@ type collector struct {
 }
 
 // NewCollector creates a new metric collector the for ingress controller
-func NewCollector(metricsPerHost, reportStatusClasses bool, registry *prometheus.Registry, ingressclass string, buckets collectors.HistogramBuckets) (Collector, error) {
+func NewCollector(metricsPerHost, reportStatusClasses bool, registry *prometheus.Registry, ingressclass string, buckets collectors.HistogramBuckets, excludedSocketMetrics []string) (Collector, error) {
 	podNamespace := os.Getenv("POD_NAMESPACE")
 	if podNamespace == "" {
 		podNamespace = "default"
@@ -89,7 +89,7 @@ func NewCollector(metricsPerHost, reportStatusClasses bool, registry *prometheus
 		return nil, err
 	}
 
-	s, err := collectors.NewSocketCollector(podName, podNamespace, ingressclass, metricsPerHost, reportStatusClasses, buckets)
+	s, err := collectors.NewSocketCollector(podName, podNamespace, ingressclass, metricsPerHost, reportStatusClasses, buckets, excludedSocketMetrics)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/flags/flags.go b/pkg/flags/flags.go
index 911ab775c..370510380 100644
--- a/pkg/flags/flags.go
+++ b/pkg/flags/flags.go
@@ -171,10 +171,11 @@ Requires the update-status parameter.`)
 		reportStatusClasses = flags.Bool("report-status-classes", false,
 			`Use status classes (2xx, 3xx, 4xx and 5xx) instead of status codes in metrics.`)
 
-		timeBuckets         = flags.Float64Slice("time-buckets", prometheus.DefBuckets, "Set of buckets which will be used for prometheus histogram metrics such as RequestTime, ResponseTime.")
-		lengthBuckets       = flags.Float64Slice("length-buckets", prometheus.LinearBuckets(10, 10, 10), "Set of buckets which will be used for prometheus histogram metrics such as RequestLength, ResponseLength.")
-		sizeBuckets         = flags.Float64Slice("size-buckets", prometheus.ExponentialBuckets(10, 10, 7), "Set of buckets which will be used for prometheus histogram metrics such as BytesSent.")
-		monitorMaxBatchSize = flags.Int("monitor-max-batch-size", 10000, "Max batch size of NGINX metrics.")
+		timeBuckets          = flags.Float64Slice("time-buckets", prometheus.DefBuckets, "Set of buckets which will be used for prometheus histogram metrics such as RequestTime, ResponseTime.")
+		lengthBuckets        = flags.Float64Slice("length-buckets", prometheus.LinearBuckets(10, 10, 10), "Set of buckets which will be used for prometheus histogram metrics such as RequestLength, ResponseLength.")
+		sizeBuckets          = flags.Float64Slice("size-buckets", prometheus.ExponentialBuckets(10, 10, 7), "Set of buckets which will be used for prometheus histogram metrics such as BytesSent.")
+		excludeSocketMetrics = flags.StringSlice("exclude-socket-metrics", []string{}, "et of socket request metrics to exclude which won't be exported nor being calculated. E.g. 'nginx_ingress_controller_success,nginx_ingress_controller_header_duration_seconds'.")
+		monitorMaxBatchSize  = flags.Int("monitor-max-batch-size", 10000, "Max batch size of NGINX metrics.")
 
 		httpPort  = flags.Int("http-port", 80, `Port to use for servicing HTTP traffic.`)
 		httpsPort = flags.Int("https-port", 443, `Port to use for servicing HTTPS traffic.`)
@@ -328,6 +329,7 @@ https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-g
 		MetricsPerHost:              *metricsPerHost,
 		MetricsBuckets:              histogramBuckets,
 		ReportStatusClasses:         *reportStatusClasses,
+		ExcludeSocketMetrics:        *excludeSocketMetrics,
 		MonitorMaxBatchSize:         *monitorMaxBatchSize,
 		DisableServiceExternalName:  *disableServiceExternalName,
 		EnableSSLPassthrough:        *enableSSLPassthrough,
diff --git a/test/e2e/e2e.go b/test/e2e/e2e.go
index 57b047230..614dd166a 100644
--- a/test/e2e/e2e.go
+++ b/test/e2e/e2e.go
@@ -40,6 +40,7 @@ import (
 	_ "k8s.io/ingress-nginx/test/e2e/leaks"
 	_ "k8s.io/ingress-nginx/test/e2e/loadbalance"
 	_ "k8s.io/ingress-nginx/test/e2e/lua"
+	_ "k8s.io/ingress-nginx/test/e2e/metrics"
 	_ "k8s.io/ingress-nginx/test/e2e/nginx"
 	_ "k8s.io/ingress-nginx/test/e2e/security"
 	_ "k8s.io/ingress-nginx/test/e2e/servicebackend"
diff --git a/test/e2e/metrics/metrics.go b/test/e2e/metrics/metrics.go
new file mode 100644
index 000000000..907b53732
--- /dev/null
+++ b/test/e2e/metrics/metrics.go
@@ -0,0 +1,94 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package defaultbackend
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/onsi/ginkgo/v2"
+	"github.com/stretchr/testify/assert"
+	appsv1 "k8s.io/api/apps/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+	"k8s.io/ingress-nginx/test/e2e/framework"
+)
+
+const waitForMetrics = 2 * time.Second
+
+var _ = framework.IngressNginxDescribe("[metrics] exported prometheus metrics", func() {
+	f := framework.NewDefaultFramework("metrics")
+	host := "foo.com"
+
+	ginkgo.BeforeEach(func() {
+		f.NewEchoDeployment()
+		f.EnsureIngress(framework.NewSingleIngress(host, "/", host, f.Namespace, framework.EchoService, 80, nil))
+		f.WaitForNginxServer(host,
+			func(server string) bool {
+				return strings.Contains(server, fmt.Sprintf("server_name %s ;", host)) &&
+					strings.Contains(server, "proxy_pass http://upstream_balancer;")
+			})
+	})
+
+	ginkgo.It("exclude socket request metrics are absent", func() {
+		err := f.UpdateIngressControllerDeployment(func(deployment *appsv1.Deployment) error {
+			args := deployment.Spec.Template.Spec.Containers[0].Args
+			args = append(args, "--exclude-socket-metrics=nginx_ingress_controller_request_size,nginx_ingress_controller_header_duration_seconds")
+			deployment.Spec.Template.Spec.Containers[0].Args = args
+			_, err := f.KubeClientSet.AppsV1().Deployments(f.Namespace).Update(context.TODO(), deployment, metav1.UpdateOptions{})
+			return err
+		})
+		assert.Nil(ginkgo.GinkgoT(), err, "updating deployment")
+
+		f.HTTPTestClient().
+			GET("/").
+			WithHeader("Host", host).
+			Expect().
+			Status(http.StatusOK)
+		time.Sleep(waitForMetrics)
+
+		ip := f.GetNginxPodIP()
+		mf, err := f.GetMetric("nginx_ingress_controller_request_size", ip)
+		assert.ErrorContains(ginkgo.GinkgoT(), err, "nginx_ingress_controller_request_size")
+		assert.Nil(ginkgo.GinkgoT(), mf)
+	})
+	ginkgo.It("exclude socket request metrics are present", func() {
+		err := f.UpdateIngressControllerDeployment(func(deployment *appsv1.Deployment) error {
+			args := deployment.Spec.Template.Spec.Containers[0].Args
+			args = append(args, "--exclude-socket-metrics=non_existing_metric_does_not_affect_existing_metrics")
+			deployment.Spec.Template.Spec.Containers[0].Args = args
+			_, err := f.KubeClientSet.AppsV1().Deployments(f.Namespace).Update(context.TODO(), deployment, metav1.UpdateOptions{})
+			return err
+		})
+		assert.Nil(ginkgo.GinkgoT(), err, "updating deployment")
+
+		f.HTTPTestClient().
+			GET("/").
+			WithHeader("Host", host).
+			Expect().
+			Status(http.StatusOK)
+		time.Sleep(waitForMetrics)
+
+		ip := f.GetNginxPodIP()
+		mf, err := f.GetMetric("nginx_ingress_controller_request_size", ip)
+		assert.Nil(ginkgo.GinkgoT(), err)
+		assert.NotNil(ginkgo.GinkgoT(), mf)
+	})
+})

From d3e75b056f77be54e01bdb18675f1bb46caece31 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 16 Apr 2023 14:10:42 -0700
Subject: [PATCH 25/30] Bump actions/add-to-project from 0.4.1 to 0.5.0 (#9840)

Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](https://github.com/actions/add-to-project/compare/4756e6330fe1e0a736690d3cfd9f11c9399c2ed4...31b3f3ccdc584546fc445612dec3f38ff5edb41c)

---
updated-dependencies:
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/project.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/project.yml b/.github/workflows/project.yml
index 35d6d3e5c..95537e16c 100644
--- a/.github/workflows/project.yml
+++ b/.github/workflows/project.yml
@@ -13,7 +13,7 @@ jobs:
       repository-projects: write
       issues: write
     steps:
-      - uses: actions/add-to-project@4756e6330fe1e0a736690d3cfd9f11c9399c2ed4 # v0.4.1
+      - uses: actions/add-to-project@31b3f3ccdc584546fc445612dec3f38ff5edb41c # v0.5.0
         with:
           project-url: https://github.com/orgs/kubernetes/projects/104
           github-token: ${{ secrets.PROJECT_WRITER }}

From 6778c3ec44280fb6c5184aee570a94dac5951fa5 Mon Sep 17 00:00:00 2001
From: Ricardo Katz <rikatz@users.noreply.github.com>
Date: Sun, 16 Apr 2023 21:22:43 -0300
Subject: [PATCH 26/30] Remove deprecated annotation secure-upstream (#9862)

---
 internal/ingress/annotations/annotations.go   |   3 -
 .../annotations/secureupstream/main.go        |  48 ------
 .../annotations/secureupstream/main_test.go   | 162 ------------------
 3 files changed, 213 deletions(-)
 delete mode 100644 internal/ingress/annotations/secureupstream/main.go
 delete mode 100644 internal/ingress/annotations/secureupstream/main_test.go

diff --git a/internal/ingress/annotations/annotations.go b/internal/ingress/annotations/annotations.go
index 6a9e7367c..974b9ce16 100644
--- a/internal/ingress/annotations/annotations.go
+++ b/internal/ingress/annotations/annotations.go
@@ -58,7 +58,6 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/redirect"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/rewrite"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/satisfy"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/secureupstream"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/serversnippet"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/serviceupstream"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/sessionaffinity"
@@ -103,7 +102,6 @@ type Ingress struct {
 	Redirect           redirect.Config
 	Rewrite            rewrite.Config
 	Satisfy            string
-	SecureUpstream     secureupstream.Config
 	ServerSnippet      string
 	ServiceUpstream    bool
 	SessionAffinity    sessionaffinity.Config
@@ -155,7 +153,6 @@ func NewAnnotationExtractor(cfg resolver.Resolver) Extractor {
 			"Redirect":             redirect.NewParser(cfg),
 			"Rewrite":              rewrite.NewParser(cfg),
 			"Satisfy":              satisfy.NewParser(cfg),
-			"SecureUpstream":       secureupstream.NewParser(cfg),
 			"ServerSnippet":        serversnippet.NewParser(cfg),
 			"ServiceUpstream":      serviceupstream.NewParser(cfg),
 			"SessionAffinity":      sessionaffinity.NewParser(cfg),
diff --git a/internal/ingress/annotations/secureupstream/main.go b/internal/ingress/annotations/secureupstream/main.go
deleted file mode 100644
index ebaea2058..000000000
--- a/internal/ingress/annotations/secureupstream/main.go
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package secureupstream
-
-import (
-	networking "k8s.io/api/networking/v1"
-	"k8s.io/klog/v2"
-
-	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
-	"k8s.io/ingress-nginx/internal/ingress/resolver"
-)
-
-// Config describes SSL backend configuration
-type Config struct {
-	CACert resolver.AuthSSLCert `json:"caCert"`
-}
-
-type su struct {
-	r resolver.Resolver
-}
-
-// NewParser creates a new secure upstream annotation parser
-func NewParser(r resolver.Resolver) parser.IngressAnnotation {
-	return su{r}
-}
-
-// Parse parses the annotations contained in the ingress
-// rule used to indicate if the upstream servers should use SSL
-func (a su) Parse(ing *networking.Ingress) (secure interface{}, err error) {
-	if ca, _ := parser.GetStringAnnotation("secure-verify-ca-secret", ing); ca != "" {
-		klog.Warningf("NOTE! secure-verify-ca-secret is not supported anymore. Please use proxy-ssl-secret instead")
-	}
-	return
-}
diff --git a/internal/ingress/annotations/secureupstream/main_test.go b/internal/ingress/annotations/secureupstream/main_test.go
deleted file mode 100644
index 7546cb5cf..000000000
--- a/internal/ingress/annotations/secureupstream/main_test.go
+++ /dev/null
@@ -1,162 +0,0 @@
-/*
-Copyright 2016 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package secureupstream
-
-import (
-	"fmt"
-	"testing"
-
-	api "k8s.io/api/core/v1"
-	networking "k8s.io/api/networking/v1"
-	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
-	"k8s.io/ingress-nginx/internal/ingress/resolver"
-)
-
-func buildIngress() *networking.Ingress {
-	defaultBackend := networking.IngressBackend{
-		Service: &networking.IngressServiceBackend{
-			Name: "default-backend",
-			Port: networking.ServiceBackendPort{
-				Number: 80,
-			},
-		},
-	}
-
-	return &networking.Ingress{
-		ObjectMeta: meta_v1.ObjectMeta{
-			Name:      "foo",
-			Namespace: api.NamespaceDefault,
-		},
-		Spec: networking.IngressSpec{
-			DefaultBackend: &networking.IngressBackend{
-				Service: &networking.IngressServiceBackend{
-					Name: "default-backend",
-					Port: networking.ServiceBackendPort{
-						Number: 80,
-					},
-				},
-			},
-			Rules: []networking.IngressRule{
-				{
-					Host: "foo.bar.com",
-					IngressRuleValue: networking.IngressRuleValue{
-						HTTP: &networking.HTTPIngressRuleValue{
-							Paths: []networking.HTTPIngressPath{
-								{
-									Path:    "/foo",
-									Backend: defaultBackend,
-								},
-							},
-						},
-					},
-				},
-			},
-		},
-	}
-}
-
-type mockCfg struct {
-	resolver.Mock
-	certs map[string]resolver.AuthSSLCert
-}
-
-func (cfg mockCfg) GetAuthCertificate(secret string) (*resolver.AuthSSLCert, error) {
-	if cert, ok := cfg.certs[secret]; ok {
-		return &cert, nil
-	}
-	return nil, fmt.Errorf("secret not found: %v", secret)
-}
-
-func TestNoCA(t *testing.T) {
-	ing := buildIngress()
-	data := map[string]string{}
-	data[parser.GetAnnotationWithPrefix("backend-protocol")] = "HTTPS"
-	ing.SetAnnotations(data)
-
-	_, err := NewParser(mockCfg{
-		certs: map[string]resolver.AuthSSLCert{
-			"default/secure-verify-ca": {},
-		},
-	}).Parse(ing)
-	if err != nil {
-		t.Errorf("Unexpected error on ingress: %v", err)
-	}
-}
-
-func TestAnnotations(t *testing.T) {
-	ing := buildIngress()
-	data := map[string]string{}
-	data[parser.GetAnnotationWithPrefix("backend-protocol")] = "HTTPS"
-	data[parser.GetAnnotationWithPrefix("secure-verify-ca-secret")] = "secure-verify-ca"
-	ing.SetAnnotations(data)
-
-	_, err := NewParser(mockCfg{
-		certs: map[string]resolver.AuthSSLCert{
-			"default/secure-verify-ca": {},
-		},
-	}).Parse(ing)
-	if err != nil {
-		t.Errorf("Unexpected error on ingress: %v", err)
-	}
-}
-
-func TestSecretNotFound(t *testing.T) {
-	ing := buildIngress()
-	data := map[string]string{}
-	data[parser.GetAnnotationWithPrefix("backend-protocol")] = "HTTPS"
-	data[parser.GetAnnotationWithPrefix("secure-verify-ca-secret")] = "secure-verify-ca"
-	ing.SetAnnotations(data)
-	_, err := NewParser(mockCfg{}).Parse(ing)
-	if err != nil {
-		t.Error("Expected secret not found error on ingress")
-	}
-}
-
-func TestSecretOnNonSecure(t *testing.T) {
-	ing := buildIngress()
-	data := map[string]string{}
-	data[parser.GetAnnotationWithPrefix("backend-protocol")] = "HTTP"
-	data[parser.GetAnnotationWithPrefix("secure-verify-ca-secret")] = "secure-verify-ca"
-	ing.SetAnnotations(data)
-	_, err := NewParser(mockCfg{
-		certs: map[string]resolver.AuthSSLCert{
-			"default/secure-verify-ca": {},
-		},
-	}).Parse(ing)
-	if err != nil {
-		t.Error("Expected CA secret on non secure backend error on ingress")
-	}
-}
-
-func TestUnsupportedAnnotation(t *testing.T) {
-	ing := buildIngress()
-	data := map[string]string{}
-	data[parser.GetAnnotationWithPrefix("backend-protocol")] = "HTTPS"
-	data[parser.GetAnnotationWithPrefix("secure-verify-ca-secret")] = "secure-verify-ca"
-	ing.SetAnnotations(data)
-
-	_, err := NewParser(mockCfg{
-		certs: map[string]resolver.AuthSSLCert{
-			"default/secure-verify-ca": {},
-		},
-	}).Parse(ing)
-	if err != nil {
-		t.Errorf("Unexpected error on ingress: %v", err)
-	}
-}

From 297036e1690ae6dee602bae8b49bb015855141eb Mon Sep 17 00:00:00 2001
From: Ricardo Katz <rikatz@users.noreply.github.com>
Date: Sun, 16 Apr 2023 21:26:43 -0300
Subject: [PATCH 27/30] Deprecate and remove influxdb feature (#9861)

---
 docs/e2e-tests.md                             |   8 -
 .../nginx-configuration/annotations.md        |  28 ---
 images/nginx/rootfs/build.sh                  |   6 -
 internal/ingress/annotations/annotations.go   |   3 -
 internal/ingress/annotations/influxdb/main.go | 101 ----------
 .../ingress/annotations/influxdb/main_test.go | 138 -------------
 internal/ingress/controller/controller.go     |   1 -
 .../ingress/controller/template/template.go   |  45 -----
 .../controller/template/template_test.go      |  25 ---
 pkg/apis/ingress/types.go                     |   4 -
 pkg/apis/ingress/types_equals.go              |   4 -
 rootfs/etc/nginx/template/nginx.tmpl          |   6 -
 test/e2e/annotations/influxdb.go              | 186 ------------------
 test/e2e/framework/influxdb.go                | 141 -------------
 14 files changed, 696 deletions(-)
 delete mode 100644 internal/ingress/annotations/influxdb/main.go
 delete mode 100644 internal/ingress/annotations/influxdb/main_test.go
 delete mode 100644 test/e2e/annotations/influxdb.go
 delete mode 100644 test/e2e/framework/influxdb.go

diff --git a/docs/e2e-tests.md b/docs/e2e-tests.md
index 22a76dc7a..ed3e77f67 100644
--- a/docs/e2e-tests.md
+++ b/docs/e2e-tests.md
@@ -133,10 +133,6 @@ Do not try to edit it manually.
 
 - [enable the http2-push-preload directive](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/http2pushpreload.go#L34)
 
-### [influxdb-*](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/influxdb.go#L39)
-
-- [should send the request metric to the influxdb server](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/influxdb.go#L48)
-
 ### [whitelist-source-range](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/ipwhitelist.go#L27)
 
 - [should set valid ip whitelist range](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/annotations/ipwhitelist.go#L34)
@@ -461,10 +457,6 @@ Do not try to edit it manually.
 
 - [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/healthz.go#L)
 
-### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/influxdb.go#L)
-
-- [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/influxdb.go#L)
-
 ### [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/k8s.go#L)
 
 - [](https://github.com/kubernetes/ingress-nginx/tree/main/test/e2e/framework/k8s.go#L)
diff --git a/docs/user-guide/nginx-configuration/annotations.md b/docs/user-guide/nginx-configuration/annotations.md
index dac39f752..3b463eea7 100755
--- a/docs/user-guide/nginx-configuration/annotations.md
+++ b/docs/user-guide/nginx-configuration/annotations.md
@@ -123,11 +123,6 @@ You can add these Kubernetes annotations to specific Ingress objects to customiz
 |[nginx.ingress.kubernetes.io/opentracing-trust-incoming-span](#opentracing-trust-incoming-span)|"true" or "false"|
 |[nginx.ingress.kubernetes.io/enable-opentelemetry](#enable-opentelemetry)|"true" or "false"|
 |[nginx.ingress.kubernetes.io/opentelemetry-trust-incoming-span](#opentelemetry-trust-incoming-spans)|"true" or "false"|
-|[nginx.ingress.kubernetes.io/enable-influxdb](#influxdb)|"true" or "false"|
-|[nginx.ingress.kubernetes.io/influxdb-measurement](#influxdb)|string|
-|[nginx.ingress.kubernetes.io/influxdb-port](#influxdb)|string|
-|[nginx.ingress.kubernetes.io/influxdb-host](#influxdb)|string|
-|[nginx.ingress.kubernetes.io/influxdb-server-name](#influxdb)|string|
 |[nginx.ingress.kubernetes.io/use-regex](#use-regex)|bool|
 |[nginx.ingress.kubernetes.io/enable-modsecurity](#modsecurity)|bool|
 |[nginx.ingress.kubernetes.io/enable-owasp-core-rules](#modsecurity)|bool|
@@ -896,29 +891,6 @@ nginx.ingress.kubernetes.io/modsecurity-snippet: |
 Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf
 ```
 
-### InfluxDB
-
-Using `influxdb-*` annotations we can monitor requests passing through a Location by sending them to an InfluxDB backend exposing the UDP socket
-using the [nginx-influxdb-module](https://github.com/influxdata/nginx-influxdb-module/).
-
-```yaml
-nginx.ingress.kubernetes.io/enable-influxdb: "true"
-nginx.ingress.kubernetes.io/influxdb-measurement: "nginx-reqs"
-nginx.ingress.kubernetes.io/influxdb-port: "8089"
-nginx.ingress.kubernetes.io/influxdb-host: "127.0.0.1"
-nginx.ingress.kubernetes.io/influxdb-server-name: "nginx-ingress"
-```
-
-For the `influxdb-host` parameter you have two options:
-
-- Use an InfluxDB server configured with the  [UDP protocol](https://docs.influxdata.com/influxdb/v1.5/supported_protocols/udp/) enabled.
-- Deploy Telegraf as a sidecar proxy to the Ingress controller configured to listen UDP with the [socket listener input](https://github.com/influxdata/telegraf/tree/release-1.6/plugins/inputs/socket_listener) and to write using
-anyone of the [outputs plugins](https://github.com/influxdata/telegraf/tree/release-1.7/plugins/outputs) like InfluxDB, Apache Kafka,
-Prometheus, etc.. (recommended)
-
-It's important to remember that there's no DNS resolver at this stage so you will have to configure
-an ip address to `nginx.ingress.kubernetes.io/influxdb-host`. If you deploy Influx or Telegraf as sidecar (another container in the same pod) this becomes straightforward since you can directly use `127.0.0.1`.
-
 ### Backend Protocol
 
 Using `backend-protocol` annotations is possible to indicate how NGINX should communicate with the backend service. (Replaces `secure-backends` in older versions)
diff --git a/images/nginx/rootfs/build.sh b/images/nginx/rootfs/build.sh
index 8023575c0..44c7b20f8 100755
--- a/images/nginx/rootfs/build.sh
+++ b/images/nginx/rootfs/build.sh
@@ -77,8 +77,6 @@ export LUA_UPSTREAM_VERSION=8aa93ead98ba2060d4efd594ae33a35d153589bf
 # Check for recent changes: https://github.com/openresty/lua-cjson/compare/2.1.0.10...openresty:master
 export LUA_CJSON_VERSION=2.1.0.10
 
-export NGINX_INFLUXDB_VERSION=5b09391cb7b9a889687c0aa67964c06a2d933e8b
-
 # Check for recent changes: https://github.com/leev/ngx_http_geoip2_module/compare/3.3...master
 export GEOIP2_VERSION=a26c6beed77e81553686852dceb6c7fdacc5970d
 
@@ -270,9 +268,6 @@ fi
 get_src 586f92166018cc27080d34e17c59d68219b85af745edf3cc9fe41403fc9b4ac6 \
         "https://github.com/DataDog/dd-opentracing-cpp/archive/v$DATADOG_CPP_VERSION.tar.gz"
 
-get_src 1af5a5632dc8b00ae103d51b7bf225de3a7f0df82f5c6a401996c080106e600e \
-        "https://github.com/influxdata/nginx-influxdb-module/archive/$NGINX_INFLUXDB_VERSION.tar.gz"
-
 get_src 4c1933434572226942c65b2f2b26c8a536ab76aa771a3c7f6c2629faa764976b \
         "https://github.com/leev/ngx_http_geoip2_module/archive/$GEOIP2_VERSION.tar.gz"
 
@@ -640,7 +635,6 @@ WITH_MODULES=" \
   --add-module=$BUILD_PATH/lua-upstream-nginx-module-$LUA_UPSTREAM_VERSION \
   --add-module=$BUILD_PATH/nginx_ajp_module-${NGINX_AJP_VERSION} \
   --add-dynamic-module=$BUILD_PATH/nginx-http-auth-digest-$NGINX_DIGEST_AUTH \
-  --add-dynamic-module=$BUILD_PATH/nginx-influxdb-module-$NGINX_INFLUXDB_VERSION \
   --add-dynamic-module=$BUILD_PATH/nginx-opentracing-$NGINX_OPENTRACING_VERSION/opentracing \
   --add-dynamic-module=$BUILD_PATH/ModSecurity-nginx-$MODSECURITY_VERSION \
   --add-dynamic-module=$BUILD_PATH/ngx_http_geoip2_module-${GEOIP2_VERSION} \
diff --git a/internal/ingress/annotations/annotations.go b/internal/ingress/annotations/annotations.go
index 974b9ce16..5bb2bf5e6 100644
--- a/internal/ingress/annotations/annotations.go
+++ b/internal/ingress/annotations/annotations.go
@@ -44,7 +44,6 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/fastcgi"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/globalratelimit"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/http2pushpreload"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/influxdb"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ipdenylist"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ipwhitelist"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/loadbalancing"
@@ -115,7 +114,6 @@ type Ingress struct {
 	XForwardedPrefix   string
 	SSLCipher          sslcipher.Config
 	Logs               log.Config
-	InfluxDB           influxdb.Config
 	ModSecurity        modsecurity.Config
 	Mirror             mirror.Config
 	StreamSnippet      string
@@ -166,7 +164,6 @@ func NewAnnotationExtractor(cfg resolver.Resolver) Extractor {
 			"XForwardedPrefix":     xforwardedprefix.NewParser(cfg),
 			"SSLCipher":            sslcipher.NewParser(cfg),
 			"Logs":                 log.NewParser(cfg),
-			"InfluxDB":             influxdb.NewParser(cfg),
 			"BackendProtocol":      backendprotocol.NewParser(cfg),
 			"ModSecurity":          modsecurity.NewParser(cfg),
 			"Mirror":               mirror.NewParser(cfg),
diff --git a/internal/ingress/annotations/influxdb/main.go b/internal/ingress/annotations/influxdb/main.go
deleted file mode 100644
index 1aee91f33..000000000
--- a/internal/ingress/annotations/influxdb/main.go
+++ /dev/null
@@ -1,101 +0,0 @@
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package influxdb
-
-import (
-	networking "k8s.io/api/networking/v1"
-
-	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
-	"k8s.io/ingress-nginx/internal/ingress/resolver"
-)
-
-type influxdb struct {
-	r resolver.Resolver
-}
-
-// Config contains the IfluxDB configuration to be used in the Ingress
-type Config struct {
-	InfluxDBEnabled     bool   `json:"influxDBEnabled"`
-	InfluxDBMeasurement string `json:"influxDBMeasurement"`
-	InfluxDBPort        string `json:"influxDBPort"`
-	InfluxDBHost        string `json:"influxDBHost"`
-	InfluxDBServerName  string `json:"influxDBServerName"`
-}
-
-// NewParser creates a new InfluxDB annotation parser
-func NewParser(r resolver.Resolver) parser.IngressAnnotation {
-	return influxdb{r}
-}
-
-// Parse parses the annotations to look for InfluxDB configurations
-func (c influxdb) Parse(ing *networking.Ingress) (interface{}, error) {
-	var err error
-	config := &Config{}
-
-	config.InfluxDBEnabled, err = parser.GetBoolAnnotation("enable-influxdb", ing)
-	if err != nil {
-		config.InfluxDBEnabled = false
-	}
-
-	config.InfluxDBMeasurement, err = parser.GetStringAnnotation("influxdb-measurement", ing)
-	if err != nil {
-		config.InfluxDBMeasurement = "default"
-	}
-
-	config.InfluxDBPort, err = parser.GetStringAnnotation("influxdb-port", ing)
-	if err != nil {
-		// This is not the default 8086 port but the port usually used to expose
-		// influxdb in UDP, the module uses UDP to talk to influx via the line protocol.
-		config.InfluxDBPort = "8089"
-	}
-
-	config.InfluxDBHost, err = parser.GetStringAnnotation("influxdb-host", ing)
-	if err != nil {
-		config.InfluxDBHost = "127.0.0.1"
-	}
-
-	config.InfluxDBServerName, err = parser.GetStringAnnotation("influxdb-server-name", ing)
-	if err != nil {
-		config.InfluxDBServerName = "nginx-ingress"
-	}
-
-	return config, nil
-}
-
-// Equal tests for equality between two Config types
-func (e1 *Config) Equal(e2 *Config) bool {
-	if e1 == e2 {
-		return true
-	}
-	if e1 == nil || e2 == nil {
-		return false
-	}
-	if e1.InfluxDBEnabled != e2.InfluxDBEnabled {
-		return false
-	}
-	if e1.InfluxDBPort != e2.InfluxDBPort {
-		return false
-	}
-	if e1.InfluxDBHost != e2.InfluxDBHost {
-		return false
-	}
-	if e1.InfluxDBServerName != e2.InfluxDBServerName {
-		return false
-	}
-
-	return true
-}
diff --git a/internal/ingress/annotations/influxdb/main_test.go b/internal/ingress/annotations/influxdb/main_test.go
deleted file mode 100644
index 13d681509..000000000
--- a/internal/ingress/annotations/influxdb/main_test.go
+++ /dev/null
@@ -1,138 +0,0 @@
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package influxdb
-
-import (
-	"testing"
-
-	api "k8s.io/api/core/v1"
-	networking "k8s.io/api/networking/v1"
-	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
-	"k8s.io/ingress-nginx/internal/ingress/resolver"
-)
-
-func buildIngress() *networking.Ingress {
-	defaultBackend := networking.IngressBackend{
-		Service: &networking.IngressServiceBackend{
-			Name: "default-backend",
-			Port: networking.ServiceBackendPort{
-				Number: 80,
-			},
-		},
-	}
-
-	return &networking.Ingress{
-		ObjectMeta: meta_v1.ObjectMeta{
-			Name:      "foo",
-			Namespace: api.NamespaceDefault,
-		},
-		Spec: networking.IngressSpec{
-			DefaultBackend: &networking.IngressBackend{
-				Service: &networking.IngressServiceBackend{
-					Name: "default-backend",
-					Port: networking.ServiceBackendPort{
-						Number: 80,
-					},
-				},
-			},
-			Rules: []networking.IngressRule{
-				{
-					Host: "foo.bar.com",
-					IngressRuleValue: networking.IngressRuleValue{
-						HTTP: &networking.HTTPIngressRuleValue{
-							Paths: []networking.HTTPIngressPath{
-								{
-									Path:    "/foo",
-									Backend: defaultBackend,
-								},
-							},
-						},
-					},
-				},
-			},
-		},
-	}
-}
-
-func TestIngressInvalidInfluxDB(t *testing.T) {
-	ing := buildIngress()
-
-	influx, _ := NewParser(&resolver.Mock{}).Parse(ing)
-	nginxInflux, ok := influx.(*Config)
-	if !ok {
-		t.Errorf("expected a Config type")
-	}
-
-	if nginxInflux.InfluxDBEnabled == true {
-		t.Errorf("expected influxdb enabled but returned %v", nginxInflux.InfluxDBEnabled)
-	}
-
-	if nginxInflux.InfluxDBMeasurement != "default" {
-		t.Errorf("expected measurement name not found. Found %v", nginxInflux.InfluxDBMeasurement)
-	}
-
-	if nginxInflux.InfluxDBPort != "8089" {
-		t.Errorf("expected port not found. Found %v", nginxInflux.InfluxDBPort)
-	}
-
-	if nginxInflux.InfluxDBHost != "127.0.0.1" {
-		t.Errorf("expected host not found. Found %v", nginxInflux.InfluxDBHost)
-	}
-
-	if nginxInflux.InfluxDBServerName != "nginx-ingress" {
-		t.Errorf("expected server name not found. Found %v", nginxInflux.InfluxDBServerName)
-	}
-}
-
-func TestIngressInfluxDB(t *testing.T) {
-	ing := buildIngress()
-
-	data := map[string]string{}
-	data[parser.GetAnnotationWithPrefix("enable-influxdb")] = "true"
-	data[parser.GetAnnotationWithPrefix("influxdb-measurement")] = "nginxmeasures"
-	data[parser.GetAnnotationWithPrefix("influxdb-port")] = "9091"
-	data[parser.GetAnnotationWithPrefix("influxdb-host")] = "10.99.0.13"
-	data[parser.GetAnnotationWithPrefix("influxdb-server-name")] = "nginx-test-1"
-	ing.SetAnnotations(data)
-
-	influx, _ := NewParser(&resolver.Mock{}).Parse(ing)
-	nginxInflux, ok := influx.(*Config)
-	if !ok {
-		t.Errorf("expected a Config type")
-	}
-
-	if !nginxInflux.InfluxDBEnabled {
-		t.Errorf("expected influxdb enabled but returned %v", nginxInflux.InfluxDBEnabled)
-	}
-
-	if nginxInflux.InfluxDBMeasurement != "nginxmeasures" {
-		t.Errorf("expected measurement name not found. Found %v", nginxInflux.InfluxDBMeasurement)
-	}
-
-	if nginxInflux.InfluxDBPort != "9091" {
-		t.Errorf("expected port not found. Found %v", nginxInflux.InfluxDBPort)
-	}
-
-	if nginxInflux.InfluxDBHost != "10.99.0.13" {
-		t.Errorf("expected host not found. Found %v", nginxInflux.InfluxDBHost)
-	}
-
-	if nginxInflux.InfluxDBServerName != "nginx-test-1" {
-		t.Errorf("expected server name not found. Found %v", nginxInflux.InfluxDBServerName)
-	}
-}
diff --git a/internal/ingress/controller/controller.go b/internal/ingress/controller/controller.go
index 17142a478..80b5b587b 100644
--- a/internal/ingress/controller/controller.go
+++ b/internal/ingress/controller/controller.go
@@ -1460,7 +1460,6 @@ func locationApplyAnnotations(loc *ingress.Location, anns *annotations.Ingress)
 	loc.UsePortInRedirects = anns.UsePortInRedirects
 	loc.Connection = anns.Connection
 	loc.Logs = anns.Logs
-	loc.InfluxDB = anns.InfluxDB
 	loc.DefaultBackend = anns.DefaultBackend
 	loc.BackendProtocol = anns.BackendProtocol
 	loc.FastCGI = anns.FastCGI
diff --git a/internal/ingress/controller/template/template.go b/internal/ingress/controller/template/template.go
index 9dc9fb3b8..6aadab48e 100644
--- a/internal/ingress/controller/template/template.go
+++ b/internal/ingress/controller/template/template.go
@@ -40,7 +40,6 @@ import (
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/klog/v2"
 
-	"k8s.io/ingress-nginx/internal/ingress/annotations/influxdb"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ratelimit"
 	"k8s.io/ingress-nginx/internal/ingress/controller/config"
@@ -267,7 +266,6 @@ var (
 		"buildOpentracing":                   buildOpentracing,
 		"buildOpentelemetry":                 buildOpentelemetry,
 		"proxySetHeader":                     proxySetHeader,
-		"buildInfluxDB":                      buildInfluxDB,
 		"enforceRegexModifier":               enforceRegexModifier,
 		"buildCustomErrorDeps":               buildCustomErrorDeps,
 		"buildCustomErrorLocationsPerServer": buildCustomErrorLocationsPerServer,
@@ -281,7 +279,6 @@ var (
 		"buildModSecurityForLocation":        buildModSecurityForLocation,
 		"buildMirrorLocations":               buildMirrorLocations,
 		"shouldLoadAuthDigestModule":         shouldLoadAuthDigestModule,
-		"shouldLoadInfluxDBModule":           shouldLoadInfluxDBModule,
 		"buildServerName":                    buildServerName,
 		"buildCorsOriginRegex":               buildCorsOriginRegex,
 	}
@@ -1269,29 +1266,6 @@ func buildOpentelemetry(c interface{}, s interface{}) string {
 	return buf.String()
 }
 
-// buildInfluxDB produces the single line configuration
-// needed by the InfluxDB module to send request's metrics
-// for the current resource
-func buildInfluxDB(input interface{}) string {
-	cfg, ok := input.(influxdb.Config)
-	if !ok {
-		klog.Errorf("expected an 'influxdb.Config' type but %T was returned", input)
-		return ""
-	}
-
-	if !cfg.InfluxDBEnabled {
-		return ""
-	}
-
-	return fmt.Sprintf(
-		"influxdb server_name=%s host=%s port=%s measurement=%s enabled=true;",
-		cfg.InfluxDBServerName,
-		cfg.InfluxDBHost,
-		cfg.InfluxDBPort,
-		cfg.InfluxDBMeasurement,
-	)
-}
-
 func proxySetHeader(loc interface{}) string {
 	location, ok := loc.(*ingress.Location)
 	if !ok {
@@ -1797,25 +1771,6 @@ func shouldLoadAuthDigestModule(s interface{}) bool {
 	return false
 }
 
-// shouldLoadInfluxDBModule determines whether or not the ngx_http_auth_digest_module module needs to be loaded.
-func shouldLoadInfluxDBModule(s interface{}) bool {
-	servers, ok := s.([]*ingress.Server)
-	if !ok {
-		klog.Errorf("expected an '[]*ingress.Server' type but %T was returned", s)
-		return false
-	}
-
-	for _, server := range servers {
-		for _, location := range server.Locations {
-			if location.InfluxDB.InfluxDBEnabled {
-				return true
-			}
-		}
-	}
-
-	return false
-}
-
 // buildServerName ensures wildcard hostnames are valid
 func buildServerName(hostname string) string {
 	if !strings.HasPrefix(hostname, "*") {
diff --git a/internal/ingress/controller/template/template_test.go b/internal/ingress/controller/template/template_test.go
index 343da506b..1980d7e52 100644
--- a/internal/ingress/controller/template/template_test.go
+++ b/internal/ingress/controller/template/template_test.go
@@ -35,7 +35,6 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	"k8s.io/ingress-nginx/internal/ingress/annotations/authreq"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/influxdb"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/modsecurity"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/opentelemetry"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/opentracing"
@@ -1640,30 +1639,6 @@ func TestProxySetHeader(t *testing.T) {
 	}
 }
 
-func TestBuildInfluxDB(t *testing.T) {
-	invalidType := &ingress.Ingress{}
-	expected := ""
-	actual := buildInfluxDB(invalidType)
-
-	if expected != actual {
-		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
-	}
-
-	cfg := influxdb.Config{
-		InfluxDBEnabled:     true,
-		InfluxDBServerName:  "ok.com",
-		InfluxDBHost:        "host.com",
-		InfluxDBPort:        "5252",
-		InfluxDBMeasurement: "ok",
-	}
-	expected = "influxdb server_name=ok.com host=host.com port=5252 measurement=ok enabled=true;"
-	actual = buildInfluxDB(cfg)
-
-	if expected != actual {
-		t.Errorf("Expected '%v' but returned '%v'", expected, actual)
-	}
-}
-
 func TestBuildOpenTracing(t *testing.T) {
 	invalidType := &ingress.Ingress{}
 	expected := ""
diff --git a/pkg/apis/ingress/types.go b/pkg/apis/ingress/types.go
index 08a2f7575..e50666c18 100644
--- a/pkg/apis/ingress/types.go
+++ b/pkg/apis/ingress/types.go
@@ -29,7 +29,6 @@ import (
 	"k8s.io/ingress-nginx/internal/ingress/annotations/cors"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/fastcgi"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/globalratelimit"
-	"k8s.io/ingress-nginx/internal/ingress/annotations/influxdb"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ipdenylist"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/ipwhitelist"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/log"
@@ -338,9 +337,6 @@ type Location struct {
 	// Logs allows to enable or disable the nginx logs
 	// By default access logs are enabled and rewrite logs are disabled
 	Logs log.Config `json:"logs,omitempty"`
-	// InfluxDB allows to monitor the incoming request by sending them to an influxdb database
-	// +optional
-	InfluxDB influxdb.Config `json:"influxDB,omitempty"`
 	// BackendProtocol indicates which protocol should be used to communicate with the service
 	// By default this is HTTP
 	BackendProtocol string `json:"backend-protocol"`
diff --git a/pkg/apis/ingress/types_equals.go b/pkg/apis/ingress/types_equals.go
index 8a54f3758..84b1a186a 100644
--- a/pkg/apis/ingress/types_equals.go
+++ b/pkg/apis/ingress/types_equals.go
@@ -431,10 +431,6 @@ func (l1 *Location) Equal(l2 *Location) bool {
 		return false
 	}
 
-	if !(&l1.InfluxDB).Equal(&l2.InfluxDB) {
-		return false
-	}
-
 	if l1.BackendProtocol != l2.BackendProtocol {
 		return false
 	}
diff --git a/rootfs/etc/nginx/template/nginx.tmpl b/rootfs/etc/nginx/template/nginx.tmpl
index 014c8cc2a..a49989f30 100644
--- a/rootfs/etc/nginx/template/nginx.tmpl
+++ b/rootfs/etc/nginx/template/nginx.tmpl
@@ -21,10 +21,6 @@ load_module /etc/nginx/modules/ngx_http_brotli_filter_module.so;
 load_module /etc/nginx/modules/ngx_http_brotli_static_module.so;
 {{ end }}
 
-{{ if (shouldLoadInfluxDBModule $servers) }}
-load_module /etc/nginx/modules/ngx_http_influxdb_module.so;
-{{ end }}
-
 {{ if (shouldLoadAuthDigestModule $servers) }}
 load_module /etc/nginx/modules/ngx_http_auth_digest_module.so;
 {{ end }}
@@ -1366,8 +1362,6 @@ stream {
             {{ range $limit := $limits }}
             {{ $limit }}{{ end }}
 
-            {{ buildInfluxDB $location.InfluxDB }}
-
             {{ if isValidByteSize $location.Proxy.BodySize true }}
             client_max_body_size                    {{ $location.Proxy.BodySize }};
             {{ end }}
diff --git a/test/e2e/annotations/influxdb.go b/test/e2e/annotations/influxdb.go
deleted file mode 100644
index 7a52730cf..000000000
--- a/test/e2e/annotations/influxdb.go
+++ /dev/null
@@ -1,186 +0,0 @@
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package annotations
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"net/http"
-	"os/exec"
-	"strings"
-	"time"
-
-	jsoniter "github.com/json-iterator/go"
-	"github.com/onsi/ginkgo/v2"
-	"github.com/stretchr/testify/assert"
-	corev1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/util/intstr"
-	"k8s.io/apimachinery/pkg/util/wait"
-
-	"k8s.io/ingress-nginx/test/e2e/framework"
-)
-
-var _ = framework.DescribeAnnotation("influxdb-*", func() {
-	f := framework.NewDefaultFramework("influxdb")
-
-	ginkgo.BeforeEach(func() {
-		f.NewInfluxDBDeployment()
-		f.NewEchoDeployment()
-	})
-
-	ginkgo.Context("when influxdb is enabled", func() {
-		ginkgo.It("should send the request metric to the influxdb server", func() {
-			ifs := createInfluxDBService(f)
-
-			// Ingress configured with InfluxDB annotations
-			host := "influxdb.e2e.local"
-			createInfluxDBIngress(
-				f,
-				host,
-				framework.EchoService,
-				80,
-				map[string]string{
-					"nginx.ingress.kubernetes.io/enable-influxdb":      "true",
-					"nginx.ingress.kubernetes.io/influxdb-host":        ifs.Spec.ClusterIP,
-					"nginx.ingress.kubernetes.io/influxdb-port":        "8089",
-					"nginx.ingress.kubernetes.io/influxdb-measurement": "requests",
-					"nginx.ingress.kubernetes.io/influxdb-servername":  "e2e-nginx-srv",
-				},
-			)
-
-			// Do a request to the echo server ingress that sends metrics
-			// to the InfluxDB backend.
-			f.HTTPTestClient().
-				GET("/").
-				WithHeader("Host", host).
-				Expect().
-				Status(http.StatusOK)
-
-			framework.Sleep(10 * time.Second)
-
-			var measurements string
-			var err error
-
-			err = wait.Poll(time.Second, time.Minute, func() (bool, error) {
-				measurements, err = extractInfluxDBMeasurements(f)
-				if err != nil {
-					return false, nil
-				}
-				return true, nil
-			})
-			assert.Nil(ginkgo.GinkgoT(), err)
-
-			var results map[string][]map[string]interface{}
-			_ = jsoniter.ConfigCompatibleWithStandardLibrary.Unmarshal([]byte(measurements), &results)
-
-			assert.NotEqual(ginkgo.GinkgoT(), len(measurements), 0)
-			for _, elem := range results["results"] {
-				assert.NotEqual(ginkgo.GinkgoT(), len(elem), 0)
-			}
-		})
-	})
-})
-
-func createInfluxDBService(f *framework.Framework) *corev1.Service {
-	service := &corev1.Service{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "influxdb",
-			Namespace: f.Namespace,
-		},
-		Spec: corev1.ServiceSpec{Ports: []corev1.ServicePort{
-			{
-				Name:       "udp",
-				Port:       8089,
-				TargetPort: intstr.FromInt(8089),
-				Protocol:   "UDP",
-			},
-		},
-			Selector: map[string]string{
-				"app": "influxdb",
-			},
-		},
-	}
-
-	return f.EnsureService(service)
-}
-
-func createInfluxDBIngress(f *framework.Framework, host, service string, port int, annotations map[string]string) {
-	ing := framework.NewSingleIngress(host, "/", host, f.Namespace, service, port, annotations)
-	f.EnsureIngress(ing)
-
-	f.WaitForNginxServer(host,
-		func(server string) bool {
-			return strings.Contains(server, fmt.Sprintf("server_name %v", host))
-		})
-}
-
-func extractInfluxDBMeasurements(f *framework.Framework) (string, error) {
-	l, err := f.KubeClientSet.CoreV1().Pods(f.Namespace).List(context.TODO(), metav1.ListOptions{
-		LabelSelector: "app=influxdb",
-	})
-	if err != nil {
-		return "", err
-	}
-
-	if len(l.Items) == 0 {
-		return "", err
-	}
-
-	cmd := "influx -database 'nginx' -execute 'select * from requests' -format 'json' -pretty"
-
-	var pod *corev1.Pod
-	for _, p := range l.Items {
-		pod = &p
-		break
-	}
-
-	if pod == nil {
-		return "", fmt.Errorf("no influxdb pods found")
-	}
-
-	o, err := execInfluxDBCommand(pod, cmd)
-	if err != nil {
-		return "", err
-	}
-
-	return o, nil
-}
-
-func execInfluxDBCommand(pod *corev1.Pod, command string) (string, error) {
-	var (
-		execOut bytes.Buffer
-		execErr bytes.Buffer
-	)
-
-	cmd := exec.Command("/bin/bash", "-c", fmt.Sprintf("%v exec --namespace %s %s -- %s", framework.KubectlPath, pod.Namespace, pod.Name, command))
-	cmd.Stdout = &execOut
-	cmd.Stderr = &execErr
-
-	err := cmd.Run()
-
-	if execErr.Len() > 0 {
-		return "", fmt.Errorf("stderr: %v", execErr.String())
-	}
-
-	if err != nil {
-		return "", fmt.Errorf("could not execute '%s %s': %v", cmd.Path, cmd.Args, err)
-	}
-
-	return execOut.String(), nil
-}
diff --git a/test/e2e/framework/influxdb.go b/test/e2e/framework/influxdb.go
deleted file mode 100644
index 43a5702e6..000000000
--- a/test/e2e/framework/influxdb.go
+++ /dev/null
@@ -1,141 +0,0 @@
-/*
-Copyright 2018 The Kubernetes Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-package framework
-
-import (
-	"github.com/onsi/ginkgo/v2"
-	"github.com/stretchr/testify/assert"
-	appsv1 "k8s.io/api/apps/v1"
-	corev1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/fields"
-)
-
-const influxConfig = `
-reporting-disabled = true
-bind-address = "0.0.0.0:8088"
-
-[meta]
-  dir = "/var/lib/influxdb/meta"
-  retention-autocreate = true
-  logging-enabled = true
-
-[data]
-  dir = "/var/lib/influxdb/data"
-  index-version = "inmem"
-  wal-dir = "/var/lib/influxdb/wal"
-  wal-fsync-delay = "0s"
-  query-log-enabled = true
-  cache-max-memory-size = 1073741824
-  cache-snapshot-memory-size = 26214400
-  cache-snapshot-write-cold-duration = "10m0s"
-  compact-full-write-cold-duration = "4h0m0s"
-  max-series-per-database = 1000000
-  max-values-per-tag = 100000
-  max-concurrent-compactions = 0
-  trace-logging-enabled = false
-
-[[udp]]
-  enabled = true
-  bind-address = ":8089"
-  database = "nginx"
-`
-
-// NewInfluxDBDeployment creates an InfluxDB server configured to reply
-// on 8086/tcp and 8089/udp
-func (f *Framework) NewInfluxDBDeployment() {
-	configuration := &corev1.ConfigMap{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "influxdb-config",
-			Namespace: f.Namespace,
-		},
-		Data: map[string]string{
-			"influxd.conf": influxConfig,
-		},
-	}
-
-	f.EnsureConfigMap(configuration)
-
-	deployment := &appsv1.Deployment{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "influxdb",
-			Namespace: f.Namespace,
-		},
-		Spec: appsv1.DeploymentSpec{
-			Replicas: NewInt32(1),
-			Selector: &metav1.LabelSelector{
-				MatchLabels: map[string]string{
-					"app": "influxdb",
-				},
-			},
-			Template: corev1.PodTemplateSpec{
-				ObjectMeta: metav1.ObjectMeta{
-					Labels: map[string]string{
-						"app": "influxdb",
-					},
-				},
-				Spec: corev1.PodSpec{
-					TerminationGracePeriodSeconds: NewInt64(0),
-					Volumes: []corev1.Volume{
-						{
-							Name: "influxdb-config",
-							VolumeSource: corev1.VolumeSource{
-								ConfigMap: &corev1.ConfigMapVolumeSource{
-									LocalObjectReference: corev1.LocalObjectReference{
-										Name: "influxdb-config",
-									},
-								},
-							},
-						},
-					},
-					Containers: []corev1.Container{
-						{
-							Name:    "influxdb",
-							Image:   "docker.io/influxdb:1.5",
-							Env:     []corev1.EnvVar{},
-							Command: []string{"influxd", "-config", "/influxdb-config/influxd.conf"},
-							VolumeMounts: []corev1.VolumeMount{
-								{
-									Name:      "influxdb-config",
-									ReadOnly:  true,
-									MountPath: "/influxdb-config",
-								},
-							},
-							Ports: []corev1.ContainerPort{
-								{
-									Name:          "http",
-									ContainerPort: 8086,
-								},
-								{
-									Name:          "udp",
-									ContainerPort: 8089,
-								},
-							},
-						},
-					},
-				},
-			},
-		},
-	}
-
-	d := f.EnsureDeployment(deployment)
-
-	err := waitForPodsReady(f.KubeClientSet, DefaultTimeout, 1, f.Namespace, metav1.ListOptions{
-		LabelSelector: fields.SelectorFromSet(fields.Set(d.Spec.Template.ObjectMeta.Labels)).String(),
-	})
-	assert.Nil(ginkgo.GinkgoT(), err, "waiting for influxdb pod to become ready")
-}

From 11419a68373d3b1edf98e1812ed91e6097b3c6b4 Mon Sep 17 00:00:00 2001
From: Ricardo Katz <rikatz@users.noreply.github.com>
Date: Sun, 16 Apr 2023 21:32:43 -0300
Subject: [PATCH 28/30] Fastcgi configmap should be on the same namespace of
 ingress (#9863)

---
 internal/ingress/annotations/fastcgi/main.go  |  6 ++--
 .../ingress/annotations/fastcgi/main_test.go  | 30 +++++++++++++++----
 2 files changed, 28 insertions(+), 8 deletions(-)

diff --git a/internal/ingress/annotations/fastcgi/main.go b/internal/ingress/annotations/fastcgi/main.go
index b32b85997..84bac4109 100644
--- a/internal/ingress/annotations/fastcgi/main.go
+++ b/internal/ingress/annotations/fastcgi/main.go
@@ -88,11 +88,11 @@ func (a fastcgi) Parse(ing *networking.Ingress) (interface{}, error) {
 		}
 	}
 
-	if cmns == "" {
-		cmns = ing.Namespace
+	if cmns != "" && cmns != ing.Namespace {
+		return fcgiConfig, fmt.Errorf("different namespace is not supported on fast_cgi param configmap")
 	}
 
-	cm = fmt.Sprintf("%v/%v", cmns, cmn)
+	cm = fmt.Sprintf("%v/%v", ing.Namespace, cmn)
 	cmap, err := a.r.GetConfigMap(cm)
 	if err != nil {
 		return fcgiConfig, ing_errors.LocationDenied{
diff --git a/internal/ingress/annotations/fastcgi/main_test.go b/internal/ingress/annotations/fastcgi/main_test.go
index 26d85e7ce..35c5bbc12 100644
--- a/internal/ingress/annotations/fastcgi/main_test.go
+++ b/internal/ingress/annotations/fastcgi/main_test.go
@@ -17,13 +17,14 @@ limitations under the License.
 package fastcgi
 
 import (
+	"fmt"
 	"testing"
 
 	api "k8s.io/api/core/v1"
 	networking "k8s.io/api/networking/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/tools/cache"
 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
-	"k8s.io/ingress-nginx/internal/ingress/errors"
 	"k8s.io/ingress-nginx/internal/ingress/resolver"
 )
 
@@ -51,14 +52,19 @@ type mockConfigMap struct {
 }
 
 func (m mockConfigMap) GetConfigMap(name string) (*api.ConfigMap, error) {
-	if name != "default/demo-configmap" {
-		return nil, errors.Errorf("there is no configmap with name %v", name)
+	if name != "default/demo-configmap" && name != "otherns/demo-configmap" {
+		return nil, fmt.Errorf("there is no configmap with name %v", name)
+	}
+
+	cmns, cmn, err := cache.SplitMetaNamespaceKey(name)
+	if err != nil {
+		return nil, fmt.Errorf("invalid configmap name")
 	}
 
 	return &api.ConfigMap{
 		ObjectMeta: meta_v1.ObjectMeta{
-			Namespace: api.NamespaceDefault,
-			Name:      "demo-secret",
+			Namespace: cmns,
+			Name:      cmn,
 		},
 		Data: map[string]string{"REDIRECT_STATUS": "200", "SERVER_NAME": "$server_name"},
 	}, nil
@@ -210,6 +216,20 @@ func TestParseFastCGIParamsConfigMapAnnotationWithNS(t *testing.T) {
 	}
 }
 
+func TestParseFastCGIParamsConfigMapAnnotationWithDifferentNS(t *testing.T) {
+	ing := buildIngress()
+
+	data := map[string]string{}
+	data[parser.GetAnnotationWithPrefix("fastcgi-params-configmap")] = "otherns/demo-configmap"
+	ing.SetAnnotations(data)
+
+	_, err := NewParser(&mockConfigMap{}).Parse(ing)
+	if err == nil {
+		t.Errorf("Different namespace configmap should return an error")
+	}
+
+}
+
 func TestConfigEquality(t *testing.T) {
 
 	var nilConfig *Config

From 89b8aff3976ba1128c4133b94cb24b3366d4e1b1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 17 Apr 2023 01:48:43 -0700
Subject: [PATCH 29/30] Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 (#9839)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.6.1...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 4 ++--
 go.sum | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/go.mod b/go.mod
index 24c319bc7..210afb10a 100644
--- a/go.mod
+++ b/go.mod
@@ -20,7 +20,7 @@ require (
 	github.com/prometheus/client_golang v1.14.0
 	github.com/prometheus/client_model v0.3.0
 	github.com/prometheus/common v0.42.0
-	github.com/spf13/cobra v1.6.1
+	github.com/spf13/cobra v1.7.0
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.8.2
 	github.com/yudai/gojsondiff v1.0.0
@@ -76,7 +76,7 @@ require (
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
-	github.com/inconshreveable/mousetrap v1.0.1 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
 	github.com/mailru/easyjson v0.7.6 // indirect
diff --git a/go.sum b/go.sum
index 8ee1dc453..36403c1d0 100644
--- a/go.sum
+++ b/go.sum
@@ -206,8 +206,8 @@ github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:
 github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM=
 github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY=
-github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc=
-github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
@@ -349,8 +349,8 @@ github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6Mwd
 github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
 github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
 github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
-github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA=
-github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY=
+github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I=
+github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8=

From e09e40af1ad33cf748ee92502f61ec2b6f741b96 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 17 Apr 2023 01:56:43 -0700
Subject: [PATCH 30/30] Bump golang.org/x/crypto from 0.7.0 to 0.8.0 (#9838)

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/golang/crypto/releases)
- [Commits](https://github.com/golang/crypto/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 10 +++++-----
 go.sum | 20 ++++++++++----------
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/go.mod b/go.mod
index 210afb10a..4779437d7 100644
--- a/go.mod
+++ b/go.mod
@@ -25,7 +25,7 @@ require (
 	github.com/stretchr/testify v1.8.2
 	github.com/yudai/gojsondiff v1.0.0
 	github.com/zakjan/cert-chain-resolver v0.0.0-20211122211144-c6b0b792af9a
-	golang.org/x/crypto v0.7.0
+	golang.org/x/crypto v0.8.0
 	google.golang.org/grpc v1.54.0
 	google.golang.org/grpc/examples v0.0.0-20221220003428-4f16fbe410f7
 	gopkg.in/go-playground/pool.v3 v3.1.1
@@ -101,11 +101,11 @@ require (
 	github.com/yudai/pp v2.0.1+incompatible // indirect
 	go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect
 	golang.org/x/mod v0.8.0 // indirect
-	golang.org/x/net v0.8.0 // indirect
+	golang.org/x/net v0.9.0 // indirect
 	golang.org/x/oauth2 v0.5.0 // indirect
-	golang.org/x/sys v0.6.0 // indirect
-	golang.org/x/term v0.6.0 // indirect
-	golang.org/x/text v0.8.0 // indirect
+	golang.org/x/sys v0.7.0 // indirect
+	golang.org/x/term v0.7.0 // indirect
+	golang.org/x/text v0.9.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.6.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
diff --git a/go.sum b/go.sum
index 36403c1d0..f0aef6bc6 100644
--- a/go.sum
+++ b/go.sum
@@ -407,8 +407,8 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
-golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
+golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ=
+golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -475,8 +475,8 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY
 golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ=
-golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
+golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM=
+golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -546,19 +546,19 @@ golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
-golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU=
+golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
-golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
+golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ=
+golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68=
-golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=