From 185f6d5ffe5a6bd95baa53d44e101b4d6d9a7b03 Mon Sep 17 00:00:00 2001 From: lpusok <7979773+lpusok@users.noreply.github.com> Date: Thu, 4 Feb 2021 17:26:07 +0100 Subject: [PATCH] Step 390 apple auth update (#69) Added support for API key (App Store Connect API), from Bitrise Developer Connection and Step inputs. For Apple ID, now also passing the username/password/app-specific password in addition to the session (FASTLANE_SESSION) as they seem to be required by Fastlane. Any authentication-related environment that is already set will be overridden, to prevent this set *Bitrise Apple Developer Connection* (`connection`) input to `off` and leave authentication-related inputs empty. This includes DELIVER_USERNAME, DELIVER_PASSWORD, FASTLANE_SESSION, FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD, DELIVER_API_KEY_PATH and PRECHECK_INCLUDE_IN_APP_PURCHASES. --- .gitignore | 2 + bitrise.yml | 162 +++++++++++----- credentials.go | 68 +++++++ go.mod | 4 +- go.sum | 12 +- main.go | 159 +++++++++++----- step.yml | 57 ++++++ steps-fastlane | Bin 0 -> 10095652 bytes .../go-steputils/stepconf/stepconf.go | 24 ++- .../go-utils/errorutil/errorutil.go | 32 ++++ .../appleauth/auth_source.go | 176 ++++++++++++++++++ .../appleauth/fetch.go | 60 ++++++ .../appleauth/inputs.go | 57 ++++++ .../appleauth/key_helper.go | 71 +++++++ .../devportalservice/devportalservice.go | 145 +++++++++++---- .../devportalservice_testdata.go | 157 +++++++++++++--- .../devportalservice/errors.go | 3 +- vendor/modules.txt | 6 +- 18 files changed, 1032 insertions(+), 163 deletions(-) create mode 100644 credentials.go create mode 100755 steps-fastlane create mode 100644 vendor/github.com/bitrise-io/go-utils/errorutil/errorutil.go create mode 100644 vendor/github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver/appleauth/auth_source.go create mode 100644 vendor/github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver/appleauth/fetch.go create mode 100644 vendor/github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver/appleauth/inputs.go create mode 100644 vendor/github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver/appleauth/key_helper.go diff --git a/.gitignore b/.gitignore index 69e6304..197284d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ .bitrise* _tmp .idea +steps-fastlane +.DS_Store diff --git a/bitrise.yml b/bitrise.yml index 178a58f..a60445c 100644 --- a/bitrise.yml +++ b/bitrise.yml @@ -1,47 +1,67 @@ -format_version: 7 +format_version: "11" default_step_lib_source: https://github.com/bitrise-io/bitrise-steplib.git workflows: - # ---------------------------------------------------------------- - # --- workflow to test this step ci: + before_run: + - audit-this-step + - go-tests + after_run: + - test + + go-tests: + steps: + - go-list: {} + - golint: {} + - errcheck: {} + - go-test: {} + + test: + before_run: + - auth-all + - cache + + auth-all: + before_run: + - auth-test-api-key-connection + - auth-test-apple-id-connection + - auth-test-apple-id-connection-globally-set-app-specific-password + - auth-test-api-key-input + + cache: envs: - SAMPLE_APP_URL: "https://github.com/bitrise-io/sample-apps-flutter-veggieseasons.git" - BRANCH: master - before-run: - - audit-this-step steps: - - go-list: - - golint: - - errcheck: - - go-test: - script: inputs: - content: rm -rf ./_tmp - change-workdir: title: Switch working dir to test/_tmp dir - run_if: true + run_if: "true" inputs: - path: ./_tmp - is_create_path: true - - script: + - git::https://github.com/bitrise-steplib/bitrise-step-simple-git-clone: inputs: - - content: |- - set -ex - git clone $SAMPLE_APP_URL -b $BRANCH . + - repository_url: $SAMPLE_APP_URL + - branch: $BRANCH + - clone_into_dir: "." - path::./: - title: Test if Fastlane receives session-based Apple Developer connection + title: Smoke test to check if Fastlane receives session-based Apple Developer connection inputs: - lane: test_fastlane_session - work_dir: ./ - verbose_log: "yes" - - certificate-and-profile-installer: + - connection: apple_id + - certificate-and-profile-installer: {} - path::./: title: Test building a Flutter project inputs: - lane: build - work_dir: ./ - verbose_log: "yes" + - connection: "off" - script: inputs: - content: |- @@ -56,51 +76,103 @@ workflows: exit 1 fi - fastlane-session-test: + auth-test-apple-id-connection: + before_run: + - _auth_prepare + steps: + - path::./: + inputs: + - lane: release + - work_dir: ./ + - verbose_log: "yes" + - connection: apple_id + - app_password: $FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD + + auth-test-apple-id-connection-globally-set-app-specific-password: + before_run: + - _auth_prepare + steps: + - path::./: + inputs: + - lane: release + - work_dir: ./ + - verbose_log: "yes" + - connection: apple_id + - app_password: "" + + auth-test-api-key-connection: + before_run: + - _auth_prepare + steps: + - path::./: + inputs: + - lane: release + - work_dir: ./ + - verbose_log: "yes" + - connection: api_key + + auth-test-api-key-input: + before_run: + - _auth_prepare + steps: + - path::./: + inputs: + - lane: release + - work_dir: ./ + - verbose_log: "yes" + - connection: "off" + - api_issuer: $AUTH_API_ISSUER + - api_key_path: $BITRISEIO_AUTH_API_KEY_PATH_URL + + _auth_prepare: envs: - SAMPLE_APP_URL: "https://github.com/bitrise-samples/sample-apps-fastlane-test.git" - - BITRISE_PROJECT_PATH: ./sample-apps-fastlane-test.xcodeproj - - BITRISE_SCHEME: sample-apps-fastlane-test + - BRANCH: master + - INFO_PLIST_PATH: ./sample-apps-fastlane-test/Info.plist steps: + - script: + title: Clean saved Fastlane session cookie + inputs: + - content: rm -rf ~/.fastlane - script: inputs: - content: rm -rf ./_tmp - change-workdir: title: Switch working dir to test/_tmp dir - run_if: true + run_if: "true" inputs: - path: ./_tmp - is_create_path: true - - script: - inputs: - - content: git clone $SAMPLE_APP_URL . - - ios-auto-provision@1.3.1: + - git::https://github.com/bitrise-steplib/bitrise-step-simple-git-clone: inputs: - - generate_profiles: 'yes' - - distribution_type: app-store - - path::./: - inputs: - - lane: release - - work_dir: ./ - - verbose_log: "yes" - - # ---------------------------------------------------------------- - # --- Utility workflows - vendor-update: - title: Vendor update - description: | - Used for updating the vendored dependencies - steps: + - repository_url: $SAMPLE_APP_URL + - branch: $BRANCH + - clone_into_dir: "." + - certificate-and-profile-installer: {} - script: - title: Vendor update inputs: - content: |- - #!/bin/bash - set -ex - go mod vendor + #!/usr/bin/env bash + CURRENT_BUILD_NUMBER=${BITRISE_BUILD_NUMBER} + BITRISE_BUILD_NUMBER=$((($(gdate +%Y%m%d%H%M%S)-20000000000000)*10000)) + if [[ -z "${BITRISE_BUILD_NUMBER}" ]]; then + echo "error: failed to calculated build number" + exit 1 + fi + if [[ -n "${CURRENT_BUILD_NUMBER}" ]]; then + BITRISE_BUILD_NUMBER=$((${BITRISE_BUILD_NUMBER}+${CURRENT_BUILD_NUMBER})) + fi + + envman add --key BITRISE_BUILD_NUMBER --value "${BITRISE_BUILD_NUMBER}" + - set-xcode-build-number: + title: Set Build Number + run_if: "true" + inputs: + - build_version: $BITRISE_BUILD_NUMBER + - plist_path: $INFO_PLIST_PATH + - build_version_offset: $BITRISE_BUILD_VERSION_OFFSET + - # ---------------------------------------------------------------- - # --- workflows to Share this step into a Step Library audit-this-step: title: Audit the step steps: diff --git a/credentials.go b/credentials.go new file mode 100644 index 0000000..6b0157e --- /dev/null +++ b/credentials.go @@ -0,0 +1,68 @@ +package main + +import ( + "encoding/json" + "fmt" + "io/ioutil" + "os" + "path/filepath" + + "github.com/bitrise-io/go-utils/pathutil" + "github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver/appleauth" +) + +// fastlaneAPIKey is used to serialize App Store Connect API Key into JSON for fastlane +// see: https://docs.fastlane.tools/app-store-connect-api/#using-fastlane-api-key-json-file +type fastlaneAPIKey struct { + KeyID string `json:"key_id"` + IssuerID string `json:"issuer_id"` + PrivateKey string `json:"key"` +} + +// FastlaneAuthParams converts Apple credentials to Fastlane env vars and arguments +func FastlaneAuthParams(authConfig appleauth.Credentials) (map[string]string, error) { + envs := make(map[string]string) + if authConfig.AppleID != nil { + // Set as environment variables + if authConfig.AppleID.Username != "" { + envs["FASTLANE_USER"] = authConfig.AppleID.Username + envs["DELIVER_USERNAME"] = authConfig.AppleID.Username + } + if authConfig.AppleID.Password != "" { + envs["FASTLANE_PASSWORD"] = authConfig.AppleID.Password + envs["DELIVER_PASSWORD"] = authConfig.AppleID.Password + } + if authConfig.AppleID.Session != "" { + envs["FASTLANE_SESSION"] = authConfig.AppleID.Session + } + if authConfig.AppleID.AppSpecificPassword != "" { + envs["FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD"] = authConfig.AppleID.AppSpecificPassword + } + } + + if authConfig.APIKey != nil { + fastlaneAPIKeyParams, err := json.Marshal(fastlaneAPIKey{ + IssuerID: authConfig.APIKey.IssuerID, + KeyID: authConfig.APIKey.KeyID, + PrivateKey: authConfig.APIKey.PrivateKey, + }) + if err != nil { + return envs, fmt.Errorf("failed to marshal Fastane API Key configuration: %v", err) + } + + tmpDir, err := pathutil.NormalizedOSTempDirPath("apiKey") + if err != nil { + return envs, err + } + fastlaneAuthFile := filepath.Join(tmpDir, "api_key.json") + if err := ioutil.WriteFile(fastlaneAuthFile, fastlaneAPIKeyParams, os.ModePerm); err != nil { + return envs, err + } + + envs["DELIVER_API_KEY_PATH"] = fastlaneAuthFile + // deliver: "Precheck cannot check In-app purchases with the App Store Connect API Key (yet). Exclude In-app purchases from precheck" + envs["PRECHECK_INCLUDE_IN_APP_PURCHASES"] = "false" + } + + return envs, nil +} diff --git a/go.mod b/go.mod index 6bd6556..387b9b0 100644 --- a/go.mod +++ b/go.mod @@ -7,11 +7,11 @@ require ( github.com/bitrise-io/bitrise v0.0.0-20190829132137-518e23eca82d // indirect github.com/bitrise-io/bitrise-init v0.0.0-20190813135927-7ff42ba329cb github.com/bitrise-io/envman v0.0.0-20190813133714-27a300a1ed43 // indirect - github.com/bitrise-io/go-steputils v0.0.0-20190806143347-f540824d77df + github.com/bitrise-io/go-steputils v0.0.0-20201016102104-03ae3a6ded35 github.com/bitrise-io/go-utils v0.0.0-20201211082830-859032e9adf0 github.com/bitrise-io/stepman v0.0.0-20190813144014-10564a4888a6 // indirect github.com/bitrise-steplib/bitrise-step-android-unit-test v0.0.0-20190902203028-ff8e682d8645 - github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210111151319-1426de4b985f + github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210202154324-7c20293c7cf0 github.com/google/go-cmp v0.5.4 // indirect github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 github.com/kr/pretty v0.1.0 // indirect diff --git a/go.sum b/go.sum index 9061b8e..af3ee1b 100644 --- a/go.sum +++ b/go.sum @@ -6,16 +6,16 @@ github.com/bitrise-io/bitrise-init v0.0.0-20190813135927-7ff42ba329cb h1:e1cLjVT github.com/bitrise-io/bitrise-init v0.0.0-20190813135927-7ff42ba329cb/go.mod h1:6tVeJwc47w4nYwexFkYLRwQ2gUnfL568ySfMTLBsONo= github.com/bitrise-io/envman v0.0.0-20190813133714-27a300a1ed43 h1:BRhP0pS7NPK4iFKlQszhbHoAwD6m88GFys2w+bgwiN8= github.com/bitrise-io/envman v0.0.0-20190813133714-27a300a1ed43/go.mod h1:m8pTp1o3Sw9uzDxb1WRm5IBRnMau2iOvPMSnRCAhQNI= -github.com/bitrise-io/go-steputils v0.0.0-20190806143347-f540824d77df h1:UaDw6nAsI2jlGjNqhdMUbk0xhJJ+iQZ1buEXHRKrtU8= -github.com/bitrise-io/go-steputils v0.0.0-20190806143347-f540824d77df/go.mod h1:GXgBV3Frd3qcnsg+NryQTyx1CHjZHr/2w7Bx4WAcB4o= +github.com/bitrise-io/go-steputils v0.0.0-20201016102104-03ae3a6ded35 h1:iKtx/RxSrA9xcjZ17W3yu3jMzwowNB6nxLF/1BwVYQ8= +github.com/bitrise-io/go-steputils v0.0.0-20201016102104-03ae3a6ded35/go.mod h1:GXgBV3Frd3qcnsg+NryQTyx1CHjZHr/2w7Bx4WAcB4o= github.com/bitrise-io/go-utils v0.0.0-20201211082830-859032e9adf0 h1:HR5o2gHKo0rAMfKogclAg4KOnEX8XniC7A3JFuEAXjY= github.com/bitrise-io/go-utils v0.0.0-20201211082830-859032e9adf0/go.mod h1:tTEsKvbz1LbzuN/KpVFHXnLtcAPdEgIdM41s0lL407s= github.com/bitrise-io/stepman v0.0.0-20190813144014-10564a4888a6 h1:/GnB2kEaO/6KSMfGpmntvohfacADpWFcf8iCPLsZqh4= github.com/bitrise-io/stepman v0.0.0-20190813144014-10564a4888a6/go.mod h1:hGCjd8leP411yt5QkQi+VBNWGxIZ4H02LNIVeKBeMUk= github.com/bitrise-steplib/bitrise-step-android-unit-test v0.0.0-20190902203028-ff8e682d8645 h1:9molXzIAxnKStwV78lt7MSgUQwxIWl4+r9/oYTQA7no= github.com/bitrise-steplib/bitrise-step-android-unit-test v0.0.0-20190902203028-ff8e682d8645/go.mod h1:0yqqJw+MqwsfHKq4pL90IoSYskLF91oDCyyZYnIehWA= -github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210111151319-1426de4b985f h1:50OrOc2xqKRXBsC3lfryzm75/QHhltDR2HAIWtHjvJk= -github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210111151319-1426de4b985f/go.mod h1:mm5WIhfyTnf89pNO+4ylSsUAbEh8JGSpV3F7V0XWB4U= +github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210202154324-7c20293c7cf0 h1:DKE9KQEbdO4iGpDQF1uiaYtgFOyu/lH1srg3ufAMURI= +github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver v0.0.0-20210202154324-7c20293c7cf0/go.mod h1:mG5kKjSyK3sZNp7e5QpFBAtxJRWeA+4PSMh3ZfwggNs= github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -37,6 +37,8 @@ github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIH github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -62,3 +64,5 @@ gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/main.go b/main.go index 7f60cf7..bf1566f 100644 --- a/main.go +++ b/main.go @@ -16,22 +16,59 @@ import ( "github.com/bitrise-io/go-utils/command" "github.com/bitrise-io/go-utils/command/gems" "github.com/bitrise-io/go-utils/command/rubycommand" + "github.com/bitrise-io/go-utils/errorutil" "github.com/bitrise-io/go-utils/fileutil" "github.com/bitrise-io/go-utils/log" "github.com/bitrise-io/go-utils/pathutil" + "github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver/appleauth" "github.com/bitrise-steplib/steps-deploy-to-itunesconnect-deliver/devportalservice" "github.com/kballard/go-shellquote" ) // Config contains inputs parsed from environment variables type Config struct { - WorkDir string `env:"work_dir,dir"` - Lane string `env:"lane,required"` - UpdateFastlane bool `env:"update_fastlane,opt[true,false]"` - VerboseLog bool `env:"verbose_log,opt[yes,no]"` - EnableCache bool `env:"enable_cache,opt[yes,no]"` + WorkDir string `env:"work_dir,dir"` + Lane string `env:"lane,required"` + + BitriseConnection string `env:"connection,opt[automatic,api_key,apple_id,off]"` + AppleID string `env:"apple_id"` + Password stepconf.Secret `env:"password"` + AppSpecificPassword stepconf.Secret `env:"app_password"` + APIKeyPath stepconf.Secret `env:"api_key_path"` + APIIssuer string `env:"api_issuer"` + + UpdateFastlane bool `env:"update_fastlane,opt[true,false]"` + VerboseLog bool `env:"verbose_log,opt[yes,no]"` + EnableCache bool `env:"enable_cache,opt[yes,no]"` GemHome string `env:"GEM_HOME"` + + // Used to get Bitrise Apple Developer Portal Connection + BuildURL string `env:"BITRISE_BUILD_URL"` + BuildAPIToken stepconf.Secret `env:"BITRISE_BUILD_API_TOKEN"` +} + +func parseAuthSources(bitriseConnection string) ([]appleauth.Source, error) { + switch bitriseConnection { + case "automatic": + return []appleauth.Source{ + &appleauth.ConnectionAPIKeySource{}, + &appleauth.ConnectionAppleIDFastlaneSource{}, + &appleauth.InputAPIKeySource{}, + &appleauth.InputAppleIDFastlaneSource{}, + }, nil + case "api_key": + return []appleauth.Source{&appleauth.ConnectionAPIKeySource{}}, nil + case "apple_id": + return []appleauth.Source{&appleauth.ConnectionAppleIDFastlaneSource{}}, nil + case "off": + return []appleauth.Source{ + &appleauth.InputAPIKeySource{}, + &appleauth.InputAppleIDFastlaneSource{}, + }, nil + default: + return nil, fmt.Errorf("invalid connection input: %s", bitriseConnection) + } } func failf(format string, v ...interface{}) { @@ -57,31 +94,38 @@ func fastlaneDebugInfo(workDir string, useBundler bool, bundlerVersion gems.Vers log.Debugf("$ %s", cmd.PrintableCommandArgs()) if err := cmd.Run(); err != nil { - return "", fmt.Errorf("Fastlane command: (%s) failed", cmd.PrintableCommandArgs()) + if errorutil.IsExitStatusError(err) { + return "", fmt.Errorf("Fastlane command (%s) failed, output: %s", cmd.PrintableCommandArgs(), outBuffer.String()) + } + return "", fmt.Errorf("Fastlane command (%s) failed: %v", cmd.PrintableCommandArgs(), err) } return outBuffer.String(), nil } +func functionName(i interface{}) string { + return runtime.FuncForPC(reflect.ValueOf(i).Pointer()).Name() +} + +const notConnected = `Connected Apple Developer Portal Account not found. +Most likely because there is no Apple Developer Portal Account connected to the build. +Read more: https://devcenter.bitrise.io/getting-started/configuring-bitrise-steps-that-require-apple-developer-account-data/` + func handleSessionDataError(err error) { if err == nil { return } - if networkErr, ok := err.(devportalservice.NetworkError); ok && networkErr.Status == http.StatusNotFound { - log.Debugf("") - log.Debugf("Connected Apple Developer Portal Account not found") - log.Debugf("Most likely because there is no Apple Developer Portal Account connected to the build, or the build is running locally.") - log.Debugf("Read more: https://devcenter.bitrise.io/getting-started/configuring-bitrise-steps-that-require-apple-developer-account-data/") - } else { + if networkErr, ok := err.(devportalservice.NetworkError); ok && networkErr.Status == http.StatusUnauthorized { fmt.Println() - log.Errorf("Failed to activate Bitrise Apple Developer Portal connection: %s", err) - log.Warnf("Read more: https://devcenter.bitrise.io/getting-started/configuring-bitrise-steps-that-require-apple-developer-account-data/") + log.Warnf("%s", "Unauthorized to query Connected Apple Developer Portal Account. This happens by design, with a public app's PR build, to protect secrets.") + + return } -} -func functionName(i interface{}) string { - return runtime.FuncForPC(reflect.ValueOf(i).Pointer()).Name() + fmt.Println() + log.Errorf("Failed to activate Bitrise Apple Developer Portal connection: %s", err) + log.Warnf("Read more: https://devcenter.bitrise.io/getting-started/configuring-bitrise-steps-that-require-apple-developer-account-data/") } func main() { @@ -94,6 +138,22 @@ func main() { log.SetEnableDebugLog(config.VerboseLog) fmt.Println() + // Validate inputs + authInputs := appleauth.Inputs{ + Username: config.AppleID, + Password: string(config.Password), + AppSpecificPassword: string(config.AppSpecificPassword), + APIIssuer: config.APIIssuer, + APIKeyPath: string(config.APIKeyPath), + } + if err := authInputs.Validate(); err != nil { + failf("Issue with authentication related inputs: %v", err) + } + authSources, err := parseAuthSources(config.BitriseConnection) + if err != nil { + failf("Invalid Input: %v", err) + } + if strings.TrimSpace(config.GemHome) != "" { log.Warnf("Custom value (%s) is set for GEM_HOME environment variable. This can lead to errors as gem lookup path may not contain GEM_HOME.") } @@ -127,33 +187,33 @@ func main() { } } - // - // Fastlane session - fastlaneSession := "" - buildURL, buildAPIToken := os.Getenv("BITRISE_BUILD_URL"), os.Getenv("BITRISE_BUILD_API_TOKEN") - if buildURL != "" && buildAPIToken != "" { - var provider devportalservice.AppleDeveloperConnectionProvider - provider = devportalservice.NewBitriseClient(http.DefaultClient) - - conn, err := provider.GetAppleDeveloperConnection(buildURL, buildAPIToken) + // Select and fetch Apple authenication source + var devportalConnectionProvider *devportalservice.BitriseClient + if config.BuildURL != "" && config.BuildAPIToken != "" { + devportalConnectionProvider = devportalservice.NewBitriseClient(http.DefaultClient, config.BuildURL, string(config.BuildAPIToken)) + } else { + fmt.Println() + log.Warnf("Connected Apple Developer Portal Account not found. Step is not running on bitrise.io: BITRISE_BUILD_URL and BITRISE_BUILD_API_TOKEN envs are not set") + } + var conn *devportalservice.AppleDeveloperConnection + if config.BitriseConnection != "off" && devportalConnectionProvider != nil { + var err error + conn, err = devportalConnectionProvider.GetAppleDeveloperConnection() if err != nil { handleSessionDataError(err) } - if conn != nil && conn.AppleID != "" { + if conn != nil && (conn.APIKeyConnection == nil && conn.AppleIDConnection == nil) { fmt.Println() - log.Infof("Connected session-based Apple Developer Portal Account found") - - if expiry := conn.Expiry(); expiry != nil && conn.Expired() { - log.Warnf("Connection expired on %s", expiry.String()) - } else if session, err := conn.FastlaneLoginSession(); err != nil { - handleSessionDataError(err) - } else { - fastlaneSession = session - } + log.Warnf("%s", notConnected) + } + } + + authConfig, err := appleauth.Select(conn, authSources, authInputs) + if err != nil { + if _, ok := err.(*appleauth.MissingAuthConfigError); !ok { + failf("Could not configure Apple Service authentication: %v", err) } - } else { - log.Warnf("Step is not running on bitrise.io: BITRISE_BUILD_URL and BITRISE_BUILD_API_TOKEN envs are not set") } // Split lane option @@ -262,6 +322,24 @@ func main() { fmt.Println() log.Infof("Run Fastlane") + var envs []string + authEnvs, err := FastlaneAuthParams(authConfig) + if err != nil { + failf("Failed to set up Fastlane authentication paramteres: %v", err) + } + var globallySetAuthEnvs []string + for envKey, envValue := range authEnvs { + if _, set := os.LookupEnv(envKey); set { + globallySetAuthEnvs = append(globallySetAuthEnvs, envKey) + } + + envs = append(envs, fmt.Sprintf("%s=%s", envKey, envValue)) + } + if len(globallySetAuthEnvs) != 0 { + log.Warnf("Fastlane authentication-related environment varibale(s) (%s) are set, overriding.", globallySetAuthEnvs) + log.Infof("To stop overriding authentication-related environment variables, please set Bitrise Apple Developer Connection input to 'off' and leave authentication-related inputs empty.") + } + fastlaneCmd := []string{"fastlane"} fastlaneCmd = append(fastlaneCmd, laneOptions...) if useBundler { @@ -275,11 +353,6 @@ func main() { failf("Failed to create command model, error: %s", err) } - envs := []string{} - if fastlaneSession != "" { - envs = append(envs, "FASTLANE_SESSION="+fastlaneSession) - } - cmd.SetStdout(os.Stdout).SetStderr(os.Stderr) cmd.SetDir(workDir) diff --git a/step.yml b/step.yml index 2d87567..7e97420 100644 --- a/step.yml +++ b/step.yml @@ -58,6 +58,63 @@ inputs: * If the Fastfile path is `./here/is/my/fastlane/Fastfile` * Then the Fastfile's directory is `./here/is/my/fastlane` * So the Working Directory should be `./here/is/my` + - connection: "automatic" + opts: + title: Bitrise Apple Developer Connection + summary: The Apple Service authentication method the Step uses. By default, any enabled Bitrise Apple Developer connection is used and other authentication-related Step inputs are ignored. + description: |- + The input determines the method used for Apple Service authentication. By default, any enabled Bitrise Apple Developer connection is used and other authentication-related Step inputs are ignored. + + There are two types of Apple Developer connection you can enable on Bitrise: one is based on an API key of the App Store Connect API, the other is the session-based authentication with an Apple ID. You can choose which type of Bitrise Apple Developer connection to use or you can tell the Step to only use the Step inputs for authentication: + - `automatic`: Use any enabled Apple Developer connection, either based on Apple ID authentication or API key authentication. Step inputs are only used as a fallback. API key authentication has priority over Apple ID authentication in both cases. + - `api_key`: Use the Apple Developer connection based on API key authentication. Authentication-related Step inputs are ignored. + - `apple_id`: Use the Apple Developer connection based on Apple ID authentication and **Application-specific password** Step input. Other authentication-related Step inputs are ignored. + - `off`: Do not use any already configured Apple Developer Connection. Only authentication-related Step inputs are considered. + is_required: true + value_options: + - "automatic" + - "api_key" + - "apple_id" + - "off" + - api_key_path: "" + opts: + title: "API Key: URL" + summary: Path to local or remote file + description: |- + Specify the path in an URL format where your API key is stored. + For example: `https://URL/TO/AuthKey_something.p8` or `file:///PATH/TO/AuthKey_something.p8`. + + + You can upload your key on the **Generic File Storage** tab in the Workflow Editor and set the Environment Variable for the file here. + + + For example: `$BITRISEIO_MYKEY_URL` + - api_issuer: "" + opts: + title: "API Key: Issuer ID" + description: |- + Issuer ID. Required if **API Key: URL** (`api_key_path`) is specified. + - apple_id: "" + opts: + title: "Apple ID: Email" + summary: Email for Apple ID login. + description: Email for Apple ID login. + is_sensitive: true + - password: "" + opts: + title: "Apple ID: Password" + description: Password for the specified Apple ID. + is_sensitive: true + - app_password: "" + opts: + title: "Apple ID: Application-specific password" + summary: Required if using Apple ID + description: |- + An application-specific password for the Apple ID. + **NOTE:** Application-specific passwords can be created on the + [AppleID Website](https://appleid.apple.com). It can be used to + bypass two-factor authentication. + is_sensitive: true - update_fastlane: "true" opts: title: "Should update fastlane gem before run?" diff --git a/steps-fastlane b/steps-fastlane new file mode 100755 index 0000000000000000000000000000000000000000..fa9d6e91aae31cc7f59a5acbb4f86d4610a04e4f GIT binary patch literal 10095652 zcmeFadwf*Y)jvEFG9e1#3{I%Sb3fCt9q?S;Kj50NfkT`K34tC-;*ZI zS#am%Su-Zh2?Qq>bTi&v-3q`vpBEa!}CaMd;p$;WM!m(Pnt9nJfc{oCQ#c2p2x&5 zo6L_tJd1p)CxzD|)&sr)Zx-MrS-CTQ-u`O5dsnF0#Pc!fHfd54l=RXWp65?9g?{d* z6cTv;7I>5A%t^yHoqpb`SpskWuoSnMLzh-knATp#n*`b!Kkt3D(qxsX2H5mi@W>~* z=o)aYExBrJs;3qOCz(-$$;aQde;Sg^V&XXSY0{*-Zk;+gc-y2~CQq)NI`^pX23P|! z;n{#u4JZGS@F22Nk=q%+0Xr0a@r$#i&4Aeoza#*q){~D(c-6JH+zEi4;r&WmD45;! zkwWlSPt8lVH51+AR}-8(6A(MYa~`}~05zEN;QZNw?+lNcuQR*{@)rrbB`pff11;YM zPff>dw@#ikXG-n#&hQ2}?-6)j6RQD_-u2z^Q)-|K{jN3P&93Y%aIXEX@Mg@K!Umo3 z+j8A~g5T9^l%CqszT~^%S9{CM+osOx0&kG}L4kMCY&DI8R{!vr@F*9`{`-BGk1s3r zS+?7hi@bLf-#PLh5IEK|u}w*`!|?+==i*;F*N%5&;h%q$$+h^Wt~?w6|EK?|Uds{` zzYPykkK^IEYtD5zzU;N!kq>J@vsuA>{JnOL`X?Q>BmJo49_6Fwaz}ADJ@-L%5B|wb zBZ6~kN6eT$dBm*?X55Nr{xQE0|AGrM%)ew^)Ss|mPGIVt!^aFqyXliv1-7fgf0uTu z@(BO*$+frCE*LSEYGU53+B@cqm@supuy%T2!EjL>%o}md)Y>`IXU&{5q9j?Wzzbf} z{xkTO&Z?a{c2;mE3=d#--%ENOv##<92N)(}78|)Bx*8*aN9z9}w^Q$a0+8i6D$L3_~u?cQHHa^!MyVPU2QN1MEY`lXS z{$cw|qj&chs)sibe95GnHdbqc>xG!<@cyXa>D>T)rAYydbq}z6csCy%-a-@JsQ(0B z9|f-)^nPH1+xPf?GTxU^8}u{BYkbkjIcPS1tAO}HG`Edt+F)-d`ro74$3_`1nN4S; znr7RYrY5vg%A$YC)g==r=;3|2zG#PW7J%r{vMuGY5hbz9vZG~hl*i_|%VW3Y`lgJ| z)0;lZF!Io!9^L4Vei{qDp+`6Pqwg7B7Az+ZMpjsa$(!c~pUHluvGGG=m!1>N%rl-tEi&To@Ld}77~|2}WXSx|=w5W|X1BtXUHJPn z)zz`!Uu(ku;?Wdb8{zHv1NXn67I8n-j=NoWj2shQ`%4Pn6)CtL;A_J*#IX~;$Y(3+ zcftQ=)gAa_1B%I7eg%%KW#^Bh$m40MeJ6P|rUMvh+OaY@X3n1_+}7OjTgHD4Ijcf+ zkZa+Q+Z}q0>}BZjn^ut-&H*?*9$d-vnM_A_gDqC-E(d~(zGxQn`!PS}DmGh>Dl>w| zq00(USH@Q_mOC(nQbmsv>L>I#4cvk@$0d8*+g$cY2ma96BmQ{s{+GFO@JBy4HlV#f zzG$T%%>N6dQK5n9hnS9)HR!QkdbA{4kN5YZg&toN@NQhoK8Z7$62Kymm#;zC29aHt_z%%j%vxCMv zK(U}vMwuKRbZ^WxMWE*zIfCx_UvBqgUb-JP&Zb!W+saF1J$ z7ytd{I~>M#Gzt}Om|N>`1oQmy^N*W!2UuXx29#BUOAhMMzZ-v&I=?_2XKa^2g%*JMx5pG^Xuo>`0rli86kWq{?lVU_1L^@J=**{U5%R( zKS7Z;I7C_yU(sJnrMg{pNLt22ei8leDUZIcM|b(62Yu16EEd(HS8wr0F~QAcyFCC& zcJ0{VkA5UF`gTdjo1l~@sW{WSAbjyOC|`%sL>dEmaAaU?bT~A<;MV~63jA{j zCe@c8>F6*tG)a*@Ie(DOR}PRmP#DE4cKaQ-fB)v&o!1+`2XJFLK5QsVfZc^`UQ=>y z$6Ff77P z{B*2MvoA`Y)a`qS1czb!@?p9Rkt%3cf9yPeY$0g%^GZD3cd2_>+4lOzKrNW+kN+lF zMuA^$EiQKy?1ZkG0JthEj4WXgQ(d*r!t z$9gLJ^2hIVWD zaP2B!?6@>G`Zv@hkE1R;s8(tC2p-U%m;FT=@A-3C0kEFBwry>u?ap=tF~WDJW|K}d`ewgA_^TORpm;7Loa3R*#i z)c{;@K#yPDXbe$s8-ZOPzz!T&-x~NqVl_mXPcGwcYoy=RFHy*)#iz)LG-^ND2y`0j zTeV17Ro3e7Lc(~74I+*H_>=Pmr4`65fN?(m=c6%?2xVp)PqRw2tUv*;8{KPBF8~uylC`hHIVday7#s@iajgL6TiB} z_{X#CGH?|j!#F)l9x_^y2N$}{tMF<78C#6!rJ`2$kJvy4G#v6g)JcPKn|8u*OJsG{t`=AS4Ow6y#sAW^@_Lga9sz!obvAO-4xx@&DB5kEA(S z$ERSCwp!#*FngS>vig6j>G~ZqY)HJseLAJYxBBB{EyhSdfC`Azv7V)r0(dYU!-%1- zm}xwsMi2c52iC|!o5aFz*dU@bbooje-&lldTaT4Lgr|a5Beb0BN3l72EKXw+z0sMg z*KMLv>SirzGrP&;R6W*PoNay7E$+F6TmkFR8F_I2@Bx3&XvI#89xKiB=vYlMF;tJ1 z=4BhFqYpjCn(%oy8gITNyxL>_gO9yh;Z z^?ADm^8I;x@!imN94Mkkx9HIwdSt6s{{ng6|5HP zf7z9@90gn3dX+2-WS^|Z$2+SVfd8U9;F+9*B0YBgAbu6Ssx6sB(;R(OZ+g$QxwKEN zlTxe`v_De2I&ms%$Ikxpg$<2z}Mj`W&exXwebDI6x)fc zKj!ZRNg3G7SM*tMy&kVV{jPfo4r(7y(lTKZZJ+&{hW52 z4Koj$WSC7lBlhtfg4o$z5Zi$Q!`}t5fmG4q_8wZ~CXiaOxJBLS2I2Nzcjkap^?OBI^o-`PkZ^gEkq z{+a;O=ob_PPGv!fza3R6%;0}W^F%&ThIiS-7tBX%qq&`0-}*c{#+n-{6KRoex0#3MWm0D5}99v9UC~HABi6qGgWfk zCTi-90R9-h9RWCNs(U?JpBF+7#kqms=u|g8o+NYe!g;p2I0dD~j_IVS*(9oriLNGN z4U6I~$62;ExoCs=TY)0uq^jg}a9mL66$$!_$HYYG?;8|4u5)aldFa3xb98jhQs_K0 z$kql5!(sFxGEqWQypcp^Bea;&@<5iucoiRFui91r>*X0N&~B`@lAjsBwrcG$9+u<| z7v<11REMnuK+%ydMA zV4I;>O56bYIG>{>g#WNgRv_7+k~K&!kz}1PR@}8fJ*@_PP&Pw7kuUKyNj>dXPZQLW z8>SIuW7Si>db&tGRj8-o>ZwLO4N*@G>Zz}KTCJX(>ZyfK&91L}uy5?F+0||)!^ICy z;fN!%StXkDSLEx>nR%$?FxG+sn5OLTA*Z%@EGj?&d02|1!+2Pgx|(MDi|`JPye@D%l&!$trmwk~gblKO`rrb%VAz4kQY;qPv0GgN;MBEOYfj0nqgb|Ar6soO3+=Ja|x>3O6qE=M5(2Jbt72 zyA^{#?cM;;16{P-CaAm61>BFk!9%t!>%U&*Wuy4dD#S|o!I|*| zZ)23oHd%2OYYtUeCOEjY8c_86wc4L#BiN%a&O&Dny|Y~=Q~>lQ+TW1j2moN4Q(lm1x(XwW}U5;GtoP%0iOxO_dP!>OAHH!gOH z9)k%UmmP2yG{SH6k_$ZG&7oL^j)eDqBefG==g^ZX^Xtyl-J9v=uCu)~Mcr+|I zQV^s`-(l#_Uv2(zbuna{?rdQ}laZl6f1df*sU%Z(Zqe6i=AS;KiI%M?kQ1IS zOojK}%MrL!6V8EQ>X0XN*sp7U>ZL7*b}_3YT91agqIBX0%u8pY+nxnJ!AG0+YfU|z zTS(qi_pc?(m-evbrU2OR>$XM`^=w3ITiZ_36SJwV*Cq>`Xp4y@R4zlOa%0Ab39MYcJifWO@dq1EphNR>vbpAhqZ<9|2Kd!@7 zQtkmpFuNl)g5%W)KEsN6(SI<4WDjZluPqruV;|n9Q+~aaU&v>2?c%2sj>S4r5$DuR z{|>y4D!Gu7fh?%uj8t$bR$0(d2FV@Z$4anldW%W(fuk;qXP)SfZr6+6TGR{v_rcn~ zCw>7!W8(7w-BVhGFlJ9`J$NcrSW>t3@JHX)i$2%lt(cCo>5V3&ekYbWTYS--{$bl# z8om^5v^D)s#LSfpYw^Xe;`)=&WcjQr`igdHi#1d%$1cpUo!Gh4haKjE-9O}g-T8KT z(Y8Qt!Or@ff&2Z@U*(0+A4Sy*{iJU!1%^ZYnEpb4^j7G!Xg|?I(?sU|UbXVeJh>_l`oNFX8-B!2K5X7pTO$5%- zqtrGsC!!hH?Q_|dsvMH)IBhD}@i~d#)3lnMU}(0n=~3)b?l6A1Gz;Dj)XHbZ#wASd z(4&WqLdiYE+$WLSVElF}RMrOAp)USsPPhD1rAMi={du4j_{U&K5(tUQM4p+JBGb3? z%<*KIcN1WObe2KD5(vLVZrLf^@(xCr;+EdvmMsj>V7|#Md~L_hEmt~)Rep&^s+QXS z@L{#MI71j_n{U{T^60C+gL`~U?U(q5?C?4FH28{+1O}89Y%Qzb8d$;w8~ERvIg?>% z_E3=TkKzCch7D?9=Ez8tpCgDQK^4I$qsZhLu2Pdy#QC3QG7dns{REtx$Q5?Ms<;!c z6untno5m)pGxqN`8qk#rnxwIbjrxjB)(D#bcsD$<)wn%k@rd|OE9y-?`P^ucr0_`u z$p$H3I0d}&rtnHiYo}5q2owqozQ|2MYr%oG6SOs>bN%tLPH*8`KCN`WEQnscJHddP zWp^wHq2hrz!Eq1thBH57Vy)v6;Ea`$s|xACNVk1%)$IOTFZxES|2|o#2-~tPe$Btp z7e17&Eq;NF5I%It+!I2@>u$vEwO0QmswMbh2J+o=Z~j7?m4$z;S_^Ec*4}E;&+q8K z7W>(Hcr${k&2C@VaKmp2Z-(pLoZof=Qg8v9J#9F+qH5^c3%m7##`}7oc2V!a+RqyG zcxD+V)E9LM7IU$8o2ADz96JhX<6@;*hsMSHJrChAuu#{w=-O7jph?$W+^X*~V7sxw zo@zfX-uo4qzk_=MmwQ9s9GVA@<$|{Caj`(wA$`}s^j#l%LmiTP33KlT++CmQyFSvj z*L7{XUT`ol0HC+CYWPEfrjH`10cC{vKrro>joR`iJziQO`P~yli}Xi3l#O-c;|g~= zxwOcq;5L?eSnBCq+H98QvoybR=`YEt;my#`&0dfj|A)NVlADm5n1xPX`DWHh_#ce_ zY7ahUd0zP-u;G=j-)h8Eb#w$zf90=%FY&lpJr3*)s`iAo7hX9uFEJ4S`F)Z3{Z)#c zY3RVekY&m#^gY7B{x|}biN~Z;dbup}JuDxZSS;n$x;C@1TB|buYZ_sGkGSui>1*C3 zvxnmu;UgYxsS2`}p0>Yj04QPc+>S4_wL5)IFj=!(FKV9qPeiM=z`1&JlN+t|VS9Yd z8_1NtU59tMepA8PkaO}@<-pb*TJ-4%vjSldDMtYp6Ar60jCcVRXNslJrFAXMZ{~G?UA-7NRyz+J6J#hTTul%)@Y>smzN>r@&9UXy9pb9|<9gk$sJynnO(PINp z6I!Yn|Ik)NI|BcZZesq^4uQi5LjmP@~kRmOWW!0*rx?y>0^Fg_~p`j<_~Ktj+I zN@mzW=otcd4gS4Q9E&Ar;($g;%7sD!-5&$pu~_mPYxUW=Jy5?MhgL9mi7Bf2F&D3x zNQwXQT_!=vprbl=VRg~JwEA^Y)QtU~w`$uG7psar=3QJJ zyUA%){zg>}^a1Up;-`uJs8}7F=d3RJyH+2x!FVHa7$Sy6W#&AO+1J;x3)#~ZwpyPg z-cYrA&MPK5PQ_ z*FU7l8r3vaQJZ(E)fXnjg*itnX^`sg)5IuNMu*@A^!Tt1(5}Q_1;{85=Oo%a(@C^5USkSb?4 zI{6~m$u|O44RT!~tUB?`8wMd!xV?vzrFOm`YLJZEtU3Hg+m#kJs8;IQE6uuTfkTq2 zkAJk$8fvY%C91H{eO+=Km4^4h9G#kas=fl9m=Rsj^~4ORpi*b{eG zAKbiO)9R~HAY{+%lf&3jmn-_xNx zxBG{^<%^E$r2DAHXtiL!;2x@&1l%!fV;+V=h6#HYe!5-Rb(2nS5Bmm*HQNtO{PNq| zAI1Jn)Gfou@FpZ0hOa+{pEP{h3p;~nfSfdYwIAa601A`FjfL5;PC{R58z)9zC{`|! zv~nk-MbfIFMd0*9v70rXU}>oM_gBeORRjD{tQSn#fY#ud zz>k*eZo_7@R8cQs0EHkJWEY?do`=x`ic%Am@*iN4;5lG=5?jC-)>NdGn-*)8tvqdg zKljq~_!egi>sTwE#$}1b(jb!#V{$DVdsN8fa>c8-BaASe@w;nrRN%KJ0{<=eP)>-S z9u2-qu`&o=BW6O>yAD#$cHyum(`o>L^A{en&5ba7w0P$Pz!cLrp4%{ zx}ohC)=YK(okl-x$=BreuJO|^G`B;$cB?kLDVU|j5#BME@~`hD`*8{%KMu zjXrZL!8;zt?%+f51AIBO9#Ih$eSxSm`VysyVF?20nX>ej3Q~5bS?1=n6jJDO5&QCN zG@h9Np?R99M>!pJ=Ld z?#2^)Xmf-mjk2AY(rPH@Uzq@z|4){xp<&}Kr)j~(Xo8p(2Vng8v>u53J$WT~Z&^}0 zyTtz{9Gm_WOhxn0jJzovWVJ)=jL%K;fZ zW}>OiKyIvVVE>T}7X}ob?{x(6qNX}RqerRJ>IE0YptUL0rB2m!26ptO&&kpsqOIdZ z3=isbZW?OO)#|GtsiF3hwa6Th3p<)#NO&RD$`8+{41*lgxW|Ok=CKzPjRx@?T8%H< z2&vnQ*t9>|h@-VUmItYuMzm{4p(^fr>i!rG<>_vJtOBv&(!BY8&?E$0{5agWj5rm2 zp)DOo8Hg(Iq%d$mRT9IvYL$!8-E2pohM6eAX&!63xUQ~Z92Lv$X z(8W0FQt2mw3Vv%5NT^mwAgf5&ct58eU0~|-Nu39upx=3Cl-l` zGEY!pS60Ye)D-+fiVEI-tFi+tI188x&NSdvaSC*TK*vBSaX#RvABl^4AXPXwr))i=kLh9`}RKK59nHZPL)>|b*UibF;(2P zl<^CqZdTB{)-cOOq!GzHK8VWj%ZkQiYs-25BzGgWs1K%($^OLl*<5}JASAM}#=xeB zwxV%J(=vbhVC)Uew6y2)MA{>PAjN+IAlW~<)-x?65IuHRW@^JXSeR(TU)7dxAW|EK z?69Mi>>pk83=XJ;6#pxUNfH3k-9kwD7ks~fZzT`y_G}Nv$9+y5?>WlZ9_TYzIfw~0 zcGkx*K0K$>(Ds&b-DOx>{Hz<=G3&eZk6~d-RsRV879HQ+*&@@AB@%99GZbR7|2<>> zfA9ZHF_zZ&zjOcE61CCLb$x?3wJP;k1zw!k8Ms+n;~lWd6Too{`dkpaO6(X?@~Z5s z6IoEu%E((3T%*J?I$B5-H{`-r6(U|GCzi~0O%!VAj0cXQhJG@@u7(CuhK){X z@}n(zQqjkgiV=j0cNcR59oyXRNaDCq@f%D8{W$4ZT*Onp7(9;HWqa5d2{#kQ;zS0_ zY0fFAfunIp`A!B98aBI58p)b*SK=ZY%#a0>31c{6CfmsRXVj$_(FO44x>pcTNMNoR zBnUn*+RS7)Opk?H0JI(um+3hEO%36Z1Bd~hV#a&#C+pGKV0%>>Zi3}i$)aTys2`AX zv)IbtlneJ4{vkZcY~%Z{XE@qEOd^xsf2er;g(Teo&e2eco=0CQvSWflHfT>~l9SX7 z$6SQ5wQWxV?375Gzqtt6*oO;Z-rbvAWKPhjq~W#!WQ5EyP-+`sAH)0dNgtf1#Yd=k z_KUYe_0|6oHHjnEFO6C~7X6NN(m`fDdPgW9da@%_DDLAjFTa}cflglOtNa|#=1?wj zFhm9tqx6aB^mCzL)Loawlf`bpf+_+jHrKJPqa#Xy#s+{u@jw*ooO6tAQ~pK_DfU=t zYDjXd^B_DC6fA486`Tl2^j})(rF0^i?GfXz;`l2${>s!K(JNG=p05|xH4;+fAU;#X zj`{K%I_hR%U1!U?GQWXqx9ELUz#lKzgRrsPXht}iyKX;fYki^YkmlWnObUf9E7Tr<3f1Cb>R5br0Q zVE8{MsBihS`>yk;Qp4?fG~a^1cLjx73wS`Eh4w{~qK$u^B2^I>={BmMg+ zk(QNm?E3uB`k`babv{e0KbO#AWAZnLBpZAZsvRo~B>H1TG0|Nv@6EtEYW1JVNatjHiq|pqq?-B4W)l}IokGw_kNwi z#^hNefd+IV#)~Ds%+y1Rq-9=`g|<$S6PtqlVFK5;r_ai>P}B5Eeu%J?H{& z^8L82L9wHj^C&xxoHnR8>X-G<@G5MDFc4f(GY*-GUtm-Gzc4tN=46oal;HSv=pMq$ zNKNdjY;8^D06hxMqUkxX(L;CFz09B27km_-OT9+U0oQwmp_%cDK(vMGq07-22mmq2 zNj2RZCyh=;*TxdQg7#EHVqmm40;9mBGBF!O4z&*m79_E&Oxz@Sr)c%>f%%g8dV)v& zsDw?*#9g1QwAnXaz$)u=P5j@BFoP8~zs_R7PV;wSPnkbhml@O={4is4h@WO-(wr`m z@_tde)Q_?)vQOf_6$8TW4-OsfuPuQWX30nB@BnSehah$6FhZbwt0#0AA<*73_sb== zTo0xCOQC0l7sdxJ#m;-q;5>K>S{wL2B*LGu8t9_=aDwj1b_7q51D$W*`vFH^0~VbR z{|ZW+7Q=h3u6S`rotWfQJQXM^yjli~Ms#vb&RQ-9>mJh4Y`d-gE`5ah#;p7Ybwc75gqGbGzUn zf$DyF#&H%zw%6+aj6xga`Vw;>AvU6i6<$EbtHYyum%plQDh(hcPGlD~pbA88EvW;4 zs-eSBrO$8*^D$7jd$N0Py9%lCK)ctdZEK7 zXiI6cLWlcmk$pDC=J@a`KoD>BRuey{2HEnc0LEMnfN4zbT&}otBDwPs6L%hD!~41` zNd_KVHm;N~b$wolIVSEyQ@B?U_o52#yyc01vL;y-@ApM^h<^j0?tj3nZ;FFrjXiYu zM0LXm_#<=}`ztG@3nzG0>FShBR+5d33(w$Ek9!MRWG4v384!M!EzT6r8vg=kDrJ6y zoh7QJjj7xTF$sXW_CS*oJkYYQfVS8k^s`G`UkoC#HEks9#FRF?1uZ;p+-~6@{HsN- zlg_QNW5c0scS>3sIQ#W0Q6;h19GL1|;kc4hMI4Pc;9gO+V4az>>PGv*`!1(A&m&iK zQrQ{e|0W6n0>6CifldQ*n6V<8m%1}@aF#g z1K7`&^jELNgm$u@L#VvM`(TP@V1WSpS;a}O5h*D6UP=lc6d87Xb7UrONz&@?mS^Z` z6^N|Ct7ciSa(>)>f>*gO(PJaw-MmDZ!Ak~u(N9B2&Fc;M!)a1&>3Jf5FA3)r{gezn z5A6=mc@gg~4qzGH*y9`aQ1jt-Y1Hp+F$fd+fGy1?!=<0m z(Scz&TNqJk`d1IUEYL%*!>My*%8DsgGL3F~ArQ>;#m8m)5Q|*W2LP0P3Abl!_5TI} zcnK!k7u^>9tYlZB1TRu&D)|k+j55AmFd!cx+`u(%*8^G<>g*`;JF=Kt`Vjj$X;vGOAVVFc^=C^S}& zA{#$Fb{)%|?(&_cALdqLxG??$7LKwoxx*?j<0FxuqZp&e zG~=T1nTnjs%$pInqLPZh{_wi}sOJbyOO5H#6_zoV1)QpFjt@}QW(xKmbc$EZr9F@_8;fgQ$}kO)L}7(sZ)AzGV~46$*OY}I@WV9AJsbQGoYYF| z_au%2iNU`CX)))E(N-3qR}`$b3WC!RegKlO{W;p0NG1;a(h1AcA3B0&(n=H8S;$1|g1bKIuQ7YcJ*a zVV}*sjE1L4!uhnD!@l6jmz6}Q=v`gA?1;AJ`T++vdhwQl7`Q>(zohiHYV}+3>_@yK zc0;xw&OUV_wqap08_S~!y=b=<=SD?&tY2e!?BS3kA7j7e(Z7@zy*kfTUi8|$i6~;j z^4Mck3FSq5YF{oddT-A2{^;)VVXyjP_pQP#j*s{Ie$rdVae1ip0yWz(PNd&@L5*Vz z?+d|Tn{6NZ*0x4nT1(u)wf{jF)E?#0Ee*csfsxqM@$t;#VJ1(}ivZ3I+CH)%Q41S|6dYdhCjNo0bnxhU?d%D>T6|Md> zAPZN+2XpMJ+e_2ybK*V!k7118hcRwa##l`a-c^Mi4mV}{ zW!f6Izv%UOS+KJ^YbV1$2_Nn;C$nQi+h1U|13i5(v^(3Hc$^08mklAdCbgyc;X>fTPCaVwt@}FdoC11JmHX z1N;CKwiXr81LW*zfB{B9_nOfaHLtJ%JMoe(%<7jkt59AQoFG%1RZ7emn(XplxE$mT zr~!x#k*ea_4elT=fTJcu0c7^Fv$7l%A`^Bi;f|E$@gjaoi7EfHXq$#N9MNhRbfw8vMXy48?P0L7;Xo7A*CQyG7$*V*jI?r& zL-;N@!23ZuHtWNVh^JqJmrs>;pARcLU|s=YUKsEta9!y3Yh&=$uH#jlVJ&{=RSz^j5Vw}Im}_JRgVUJXw{UMb?Ljr*FpvQ*R#K4Ew>1D%f2cvU+lBg0gcu_~q3Hgrw+Cjd>cuI=K-KFBLIk8U5 zPMIHL;bA&t&-RAL+W-+yw~n38r)WzKkj9-v(odYZRpX=)aAGaB2DL&9`e#Evw51I) zEm%b82jAC15-NFqB?iU!<9I$6_tUA+JF8#=>;6mG08=+q)@NMM?E^1Lm@Rl0rVtc2 z^$4=Lx8rsi&o1KJLqFHUVbiO^#gFGAs2}v|az(hP>b}*{irjGVeNr$G1t6*LA4CWA ztRw*~(VUO{mlC+Bf5Vmw&R=?wT*pfA(pQLgZf@j7l z7HZ+*KGHYb7l{tynz87X#LY6l%)oU}M*I?VWpGQYierWz&rS`p1*`DnAm_Wo#V-xu zAaMife0Sm`!olv&cp#fNjt_BH$9S%eK&-fHJXdfN}5e z{6YuLiXpIh!e$j-lm2SZAL8)g;<^(-G;QfGP`6;G(mrt=Mg=Cjfx=}(Zy|=NS9YL9 z8L{|3>1p$yIV@0;gHrPzHNj5lj_LXCS0O+8|2g*wvT|0^5kqhi_|03dAEEXyBCXKtqpXxX)EmDl>2p8Yq zPv|Abgqo#g)?yP=y35E7UKS^(=m4O zwPa#HIirU)v9e${xehA5vS6$66t-6p1OcK$>9l~GM8ahVKfX`JF7n$RmpBWqyyNes z7z^2EDYGi@^Ch^i(~&60)cfOApxD>An%WnA-H%^7nSc_gkZfZdHbec#t-%fzHS+9bgWK#Ct@h|$2kFC;XO`Y^e@2FCD88CalQ*Xa|HK=d?(PM z+!)}GS0I`Nw*V&pH8glbdV3E55(l9p_=;?_nf}pwX@}nsc@?$(D7E&WRbsvPlZpe4 z1ISNsnF}V(wH9G&{3}p|TrY0^Z()-6x`U~W$MFF8i6H_9(-N!jXwOyV;x&y|^&a?P zh^V=Rk=!c-GrEl@_EV5dmBQKVz&zlqNY4&(dwHmkro&;E)`un~rPVg6rf*$^DAct- zb^$T$z^9C~d00SHAp0W+@xiUf#b*HLa_&9gN{4YFIMh@J_6}tJS6qle$1oNX>4c9v z1VwHhhoyhe509yB0xiP8R9DqvwHAemtCd}=cH7kd$wZ>|b5Z}VmL+XQ%Sy{;%;mYY zxNGwVwnnF-5!RQZ(9BM(J8s56R5`v9Ht6fHj#eI zDg2=q@f*U$v)mLAKlLos^fH;U@PeTZ{8~^{shOzR}ldJ+gvv&?iQhKege{Wt15 z@*M2BawXn|s5g5D;#0gk(Zp@Ja1Ai~;JKB^M^g@oZ2(R=9na#p1asi$peH%qh)Q5$ z9Y>lUE5$Two%aOYvmeGWDn!atCA}F$Xh!jM2!H7#~5fWi)cXbYMof z_{-kJ_!=l+VfOUlyd{Nc!+9h%oa@nT+x?`O$C!z2Fl$U0ff~~~Q(y{M@z+XMVX!yYwg_X3-l*nwGE#7DYZcOIH$6X7( zNqxF^g{4o={HN&CNvX1Dl4ZxEtii||K=TIuz7Y1Ud(n~HuF5W727qY-=YV0<`siwm zC8e%x@V;Yv_`GmtOY=^~2^Fs$P)dGb*AA)kkJ&t=Q@2l^p9L!-_TFIq9Ma zKjS6=ag|r1q#jX>A$XQs3a7;?2J%efe)#F_V#&;U38Qd(VxNGS;( z*uGUrJMsNHe50<}bKNE)gvr8Mno~@b!1!_-=6@U31=D+i1+}HO0Dh-+fiA*q%mxu@ zM~Od$8Rw_NSZdV2$yG;OSFGLpI93AP&GUC0U!;sR%$Cw-$qRxRj@3Q~XI*=0n|LhN z!Jo*^;GJ}5QX;tKV;cY-tq`vzU;JCsamfcnhu)E`SP;mV{M~wu_ycyDz{luB6VSqo zS6$KLKoACzPvLBlkA)xEyGFf)yjh7w*h+NRfK^z&txID@syn(N-A+N;I;X-o83(#W zXf5vxy0G&)=Z$PmPNbD8)*@5dItRgn`V2iTr%c1ezn1FspR@@4YRL3rt^)L^TdjmD zvC8-}*&$qfmx9bKYQH%}{;0P?Z(huD{$Z(ewW{BkTBd`sDh4&@>G_`b#HmB z!dp(By$hAY#iy#4m*Bx4t$>d`25z$#ihc1qfKDxP?k^n+^r($XmCaR)oIV3mi=2Xf zN)y5SB5q;vSCP5CxmeaWPY4r77@o(ng=6NQwZ4f}fUZ05oukJd;NUpZ`QhUEY!fWC zFLUfmnp2N+dbAEk1-QPI44jZ-G+(^{~M$>aBfLFjRwXa&SjM&SjVXH z_2>s665P+TRzFl`#$znt!e^)PGb9tas9>%+5E;q2bg2vN{0xv-0eL@SrO~8MX&uZl z*Bmvp2DUXv7`$Okt0|~m^nzWme|!}f1_GiKZR2-Qv?gA5SJ&A00o3g#wTRe*h9Eo=%NQiKVSSJS@&cZ?GFl1v^^L)cz7=5H z^?`j=#03uQ!w2bWmL91!i|EG{Zb)U^Rax74-SRy&Y(RSrbN6O9Cv%h$PT5a6pS%>a z($z;tSdxcZBitvV@Wc3R)gn*I6YMcvzNdSLf<#D?8cI1)YNg}hN~a>Z(($l%gtddR z((!h`(y2_YbPjWX$$*{FYZzyaib@tOYNg{zTj_X>&EJR2KWX}1>+m4gRVGa@#2wwz zn*{?SzWN0YzWo3q4tKVbMdTU{=5V~2L$3SrTfDhRyC_>v#-6>TifE9eWlXN;m06_8 z#411W7YH-^gyY=V*clI|z@P#gF*B=VaRa%`L;+xw-a4+=?H-DtB{e zEhfdOyQuIBwk|O(v`3F(6^!*WHqDY}H?pysbZ<1yLeFi#mafv_!_WT?;Z~sr28_;e ze~S4kst2B%ZkxxAi1@cX+G%}waaVT`HcnY30VwXI!^pxb^>hbw)7?R1CV@U-r%@XI z+LE210s6qipJTp1z;zGSoV1vavyc}Y;FH^Z9BuhV{9epzS*_|Z^bp3|0eXC)8^NO=lW(KjjXU@qM<>yD zm4Achwm*jPMj(4r=UbduE=9K&w95KT>f<#!{P^1l)?F+XSunD?Fy`X-vJ!o}Tja)E zlfRnnIAi}M9a^Y(-;vpPi{bR*m01~%;J~%O7Wv*SQz!$dvUEG2y zfxlHZpl%OG;Em$F_|ld)c6pJm6Mb`){-`7m!pFf!TTTOZ6WEoJzdaMj5E!redbauz zI1sL{BHG*G;!@1cT>?NdO($Dj}f%3eapc4UJ+s zKhy9U47EG0k*ktTl(gf_njR+~k~ay)!`4g;l>{Kvuq>ajV9Z3Q>+?daga@zjWNQyK zgyo>Bdh@UXvs{V5{@N-*b*bF35neluPl#VHkkBW9u+|5G`UL&$c`O4_ZJg*+}Z_LF{K-Blpi^62;drHOs(#`p41+Jhq>co3z zC0D12Pt>)`1TJ083h@fudb&+pashejr_5;fc7Sa=6d2c1!VmyvBEYAyrpNy1Z z_3dZ!bmvwV)Ic7*Y4Uj|{rMY!NLL9B80S-;;#?OfY|Jb}@f6pr0}v+Q<%WYC&v`&f zu`^h68A_qJu*hn>w;xlO7g1(O`GnKt=Jn?918R6usX!%lvyVr|#*fZYTst)C%0m}o zpN^P$ok1BH7zX0MTpHO0wo@8|DWrbOr+&-FXfu=NBo+S`)it7PE%H;2JWijkD0@y8 z{iivDfn>{GB1xGAmKB3o3ED=Tv$MpPj3<&i6vgD=o(s7)VJ0}v%an&H*iaG&DM&5D z6Wrfw&47Laso*S;HqsSDxgymK0FFBb7M%v%=@H|v;P`cpUx%aB%YlLLcX+%?2Py}`k$ zV!JTC)H=-Ee|rC?_z`I=Y0}+;snJ9oskI9xNqK!>4dEa+`3AUyc~G?v5qs!7($r+B zK1>M|EMu`-A-8?7rc*%%9LyaiU|a}uYVk0BpXjcQ3_w^sZTtcAlNg&6sx3%cxGsE62~D8J~(9wyx)t@psq;W<@U@GAIpJ@xPg;D1PujRUV=Wcde0uWNBe z1Nn137nXz$6$fs_al0}sSWm_J3FhX=y_-!MO|#8Dem%mJ-!0nGdUnVS zx9HA8qzLq<`I{Xk+u%{?nQwBl9A3idE6@iFE<%d)d`9Wx{H;s6_$+}xMwS3wy>uef zm>8xhl-F)~K5!gJW(>y}5ll?hZ*7|GBp_$>f0IG&E5JbVBP}UbP2B{X%Co0Z^pDre zuYsr#Gn_NJAb5op9PmUQ-xSv4=69?fKk0?%7-F!D32TuMYOh0J7IpeNt|e~VtHsL- z5(SG@Vp;~`{oIfc>Nask;l_%#H64G)Fs@cDc-U%+4`YA5F{b`_WbFMsot zA~aA=uDd@aIVmt8g2w}(V!zifQiK2vU@p}A|1q;uAjKALTR3kdT@V*$ws`cvEuuaCwW>IoV ztY5~KHJrs|u8c*hot?}2O1m*oE#o|dDO`pw(-}-{J>#;-)A4DW-}vJ|%U#V-lv zmoCd3rFU${$yWTJl^*`)_}Vk|wSO@o;bu<#;D+c=!R z+%b1F?u^f0mU*Jm^ut>C=G(#Ddeb5KnQ!NAj@ire!x%PfT0l8xZg>H?4Up9qW8SIY zsOTYM7QQN#tgFc7^`WQm0W{lN=H`CV#G zl(aDq@+k*%2ri6s*T%MX-0ZQ;BJ#K4rwoGC3v>f|vA40OEtvN2l>L(U?g=yoY3CbL z5o)bo&S{(SWcdf!Y>7WBI#OL~pvSL-gQLzt%l_Zn+R_p!e{sGOb=CVWPz=c3Q& zVX!acg$M#K1gdYd(24aqm7R59!?;yUofXTp zCr7sh7>=YXV7Ch}UaWn6P2{u=3(>%f5ORX(YD99;2>mw zhq)xRvyW|k8ZXUTshpqp$wYPg_6nh&P-Y#@&u%=Eo7(Z6j9~CWP%ZpxwrJX$36&OG zNM{wl>KU7eyB^m(Bgz*cEp`7dw?L_>%Oj18pmO^E&0d@1hnzhkP6fGS25Q1K;N20^ zmq~V;OxV1e44ed_cjH@E8=M)Ke&e)(2>@Q0*k z$ZJzL;mDKXaELL+@ay=5bK0**bpw8F{S2+XUMgSb#IM!O%PL#e@3=O+3Ib*-T{aQ- z2%#6SxogK2Y1i$@tio~N57l{$<>%Y4+Y#3mXCg7HWJzeED0T%ADDs91%Y1vXbTQQCe8xO$uH&sJ1{JNAPBUl z4@S(n#_{m?9gX#{2)P*}c*@h-(soFT zbw5vC`~4YbEYOw)FrjtrNA7)WxVDrl@l^RMSsf<^Cm~o+pn<<|QSt?rVB=a??2nvi z%zqDCh*(OUxD3nB7>@TCA0mfNZwQb;nq~M>v0JdfL(HQVll7gk!UbP;m+Cs$if+c` zs&2Mh-QccM$LEY#R2h8$7mr9HgAo?&ud~0o$Zz{$UHhal7gq-_29Q_$qcMb1^aO+> z79`$di=JzY&3o0Re2pFj%4xv{IB1R3M;#qR9ZxjsWG4~5i9x-O)i4W0NGb$$Dfr_kdsB7<7ami0{Tpv`aYabpj zSb}X!;6FZvzZPk-X;XQh9SYvaFvsAPF?>n5vj~@O7AMt{1wV2RLBw-Dx!4@d%&s6S zjHljJWPuU{S(-o=+}}x<`KVpjzU$%*tAi5&<+hWET?i#!7oUK%L!}>Y9|q_YZr1v zZYGF$PL9vS?{XVRgb{xvuT z5J%}I#IK;3JB?W9{;&xYjuANHTuSpQf_xFxWqt%|Hp+uUH#T5!NQ04M|Q9vOFTb<@n2+(U(S=5+Eh(YrSU1wk8!k>f}#^B;(P{S)}XergQa-gT$S)mZ&@Xa|6!+9{ctLKlXJ|`#eh2eE8o%4hpYI)=5x6(WJ)qxwBSQ@*|9iIK zprXS_VBDmFOcWF5`80G(m{W&`0C<90k5X9y)b8L)J5ty1G#_;&ZbO;No) zFr+hjnoIbk^vV)g5eP9Hrxr!ASs^+Xdhb6wpi$ zrkVaHxerkfPiOT0Kt?>1oqh$a-Y~jH5OQVmnW z+E373=3n9R^Ff`ddrcZHy252%mue%3%kKd^5wckfMStDsdz4<=)tsKy8JwbjD@&7P z_=^(zuLgF;@EKGyMzCuax*pxD%lzxc1Apy))C*MqzwHduod2}`%T@n(cdl!UWdBd0 zheV{SW%C;SyYHLxuQ+O07l`k(00Z}``B&DWN0(~rQO&r39rs4ZqwyOo$8r91@Kc_c ze@h6GUTvOn-y7YNp;jTX^3=|xy$%K90q3PW;19^paaW*A<#UM6Z_!0!5iGFPebVX0 z`Q4**|Ak_zAzdK8jRNt93&k}yZdYBmpVAr6KcS*=4!h1k*QS3z8b4hs_Sdb|{{#dX zovTFxIPGa+X1;D#WBFcH#_hYhr_WUi!JYPg#rzhr023vS5EHPB^xKE11~=J9Bn`5O zXc*nVKS*3-LncKgq>^icJv+Ncs0qAiBa9@iHG>P5K=JRX=qK@+{78+mf+a7)KD({jd7G3NAtA3hwdnmf(Wr zgH^ddD4R?Ok*Uq5`aG2{=P!@^FjJ_T&G-deE*L#VWQ>hJRr$Fjw%07QPFkyd8#xR) z)VMCj>1G@nvD*6=ahou%BL|zMI6s8@XO`Y7d6gOXN%^~Tcp(J?n~BdcSva3|2@8w% zXiLvzBDz~2hS=5L^@FW?(-8#VUqv*(M189%(w97@u`mNCh#4{;p_ z%`he$fVvmIL#^%}ZAjb?5^IaMlhC;MZfO$}W})`n$R5>o-wYeBMdaEC>_{=Vp<;zC z=z{Tw)b8gl7vey&`+5HI3JRZjsSY-qR-&2gzL>OQ*(#zh@mxHt=0p5^-vHHaEg#XY z5#K-vupUtxR~R9<}-%@ATHg2C-RN5g|t==!uP*#`7Ts&v|O!jcU+Ok4x zHsw|Q>_Gxv=s|X+<1S}DtJbSMNL2NpD#Ke=98Hhgf;|#+mn~{6J93#Y>Tb@&01*cy z^T9{AICB_oYhXU&vpIu~=i6l_I~v=cge0f-O#By>p%AJWkhN+Y?J(YxlPji!0A;*hj<{RkWYBPY6&I2Ffs&Wqd5q?&?qO?yZNqPi&yHV# z;FpZqhmQi|)n@@Cx&^P)<9uSy-;}bFFr8t0w19`~tf|NU70dRt?4fN8Z6`=VG)rq-;sC z+Kd8%$GY3A#Hr$rI;n`_{j;bMB!hf4Du2oG<*bDQec+N*~*f*9={EqoWJ zvtYkoaLA7n?7ZpfIp78SP@JhPRzHi2n^xuGRpj9+fR|7K_7~0Pp03BvzhMVPNz`J+ zl`47IA9G!eq#wAqJ;V#O<0El3!rc8h0*r6pA^w(5!ESxMHEcA;1+tBU^_Q(-Bd1wE zZ%lTwM4ovknN?LXoSibFpq?>Eeu~z0R@~7d@u#&s~CacCh?~C&%7y655*HxcKkAYyi^M^g_!09YD(Q7aMo-_w8Kkw$FAnkO8xK$vNX*@yx{p zCTQa4x{rybNi|Rt13Ef2(|(lCh5`8>{Y&?9$-3%)gG|oT z=>vxM>C_=!>JTqAa|K?E;yYkoyq+O9QG!bNA&KkzRW}^i=nQ(`_~CU8T(6S>olO%l z4ZM#rv3Yotj9+87!snB z7GxfPc0IHW1cXI1uE=Gtu2rA0FIYH19Sy{{t|U{tjXw}YtJgD0p`ij~f(7L4Q&fea zivMmU{|O*o?bfjsT!CvJn>;cYnot>PJZC~1kzfy7O9%ivyY)T)ANJk`KC0^4`%fT| zL7*pEutA_EHCAYSNi5c+kahy0p23L(v^Gkwrd4UGXd@(uVl_AkavaB|YJF{cZLO`n z)%tb|D%ui2f?yS-zS3I}ES_y*%=U0^NCxvGcNsO znZXZNV`vEeeLN*k(v+s___z0|a2-#iNi=DI7!&!u^#YNgyghmd5jbyK9OIn?^R zcH)uj5N-*d=5-!eI%MmYCVuD(QtUMU^4{ujYd^Tk9S4SwIMKn7phUNJ^tlK+9Il_a|Xc2s_29 zJXVuaqJw-Jws6YcXj>xo#E1z;9R%WaMu%#Ib(vpK{8m^`pYsvBQhZGgrkYS|DNNV& zb|61Q!v5tykN_w=jh8kIAyIhJfGNF`c{C9Dzx|b_zi_?@QVeEUVI=GiP}1o?zmZvf zpdVFEATXmqKn^+SJi6_>=b3n<=nGSs;rAZ1GwdcVXNEWM0zU6Vx~wZ=n%8NX-KyP~ z=N&!F@HOb_lS3=B=d@S8Cu+;qTl?S#);aM2@X0xGkNzftzbMT{*|lePn+;fC519qd zrX5jeaAxpD+4L|OuL^YcO#W(<$e!ej*BnLb8S|a5`soO==}w^YL}DXW&`4K zu9c)Cl%?G5dZR!;-1yK5g4|5xB_$SmSB8yRjGvxgAe=*+!A&M`79$;B23#Tkn@8IE zjV1)wX+Hy*T=A6FrkQ3*e`zGRxJ`}oF64e&b#6iOpe8L%7eo^gZVFPC6!?yL0_S1`>@=C&}lT;b_&XPVC>bCW5Z9=>+TBEvdcD>OC<3|4N`E(k1CSS;KJrGtn z&b~G4zH@t;le@mFJB-E>ANX2qve@)kN%iskg9cp^P zLy>>ioZtwu`66kvs#+wAo73|r39@@k1_ccL;IVpAI}kvTxfe}HbS zk_ISha`T$g>N-7Ci)5Q=z{!BC=#_N)Q5O8bu3g?=W6DkOp8v|bjK|xp9D&dBbD6|} z|0Ef8(CY2OBRq8a4?Tm3tjl$A^vW-@{yeXK`o!o;OS)xwpe3F935~X}`<9Eb&DyBT z`3rc_oGsI=DE`3svOpV&wkL|{A*_PEuE)$28IQi?vAO8ZEWE1CWR{4qAsBNQ_SGx8 zm8rRE#rMoLT$GI_Bh$my{iYi6JB$ks!B$Mx=Vt`sUwJg;$jY zxuwJw{)XGM(xske9Q!@L^q3mxbL81{APeB+^cDr<8dhkAG*stXPRNXDT9?LzF>SPD zGbV;%$HXA*m`>!V)1#(}rQc8`QuovKx|<6Sj}beQ5sU9xj;Sgs-$ZO`(f!TMgBr!&VsSlDhSlfpfSc~LzFSH z*Gj)#unv&+?|C_4_wHU7hwFGHCC03BM65s z>jR(^{_-a439?xj0{oT*gK?Ik9?$YZso(o=tVNV|7((vb|G9npXGrDro|k9(fA9YN z_K)tM{*Ujc{|V{-L1Q_+clqB@@7Dxu)VKef@e8NrB#ll(@ZJ4G5V8>b_Qt*#z`i&# z7{BHbDij27Jhh+kU(t8`c6PZH>@Xz6ob{3r63$46Ueu$eYUo3=JI?o~m|n3l0|Gf2 zmM{OE*n^!K4GNa`cBk$)5B}1>0MEOAJzym-%%DXeozJr?uX0#VnLAst zEi>h21(Er;~2m)jqDV6(CV2ou^j=y>}pem1BR{WY--~aG0hi}wJ!Uyl&JStd0 z6USIIm$yR{%u}rTmB&P>-1bmY#9ai+k^Y@6P|UvT#hfwO>&2=YST96ho1SE-hvm#l zFCpd3kG$RcnV-hY{CqlRejp~D6xi=1<@<-dm7XMoO;>tC^c}-Yf4864{z#4B^!3wtr@7DzN*l?afrz^>loMkhcSR)@v}R zg)m17ccWT~k@>~nu>uMHgI>Z8e&x_dwM@4h8E(uz?$So3_NIqAb-$>*`B?S~xAgQ3 z%5w*E@^3B2%0Fp*uT|?>xr@>)DHX2w1=riY-6f4sIx|jEFj@5|a{`OTqUf~E4;UxS zYllu@$Sel(-oo#B{?{L)z{qM|`-AnAC_E)U%VSrlYUM#Sv~Q}dc*InT7iCqGmSDf9 zHF~Am9k$xvhG$hX+v{5%wVg5_RJ(~M|N9T|&r}QLdE>G^P`(I%I#Cs!e!PqM{zb-< zWG2EUuxcsgEF>WoplQp%PBxE(mytHT(tnxt&iMVLP~>G?L^<;l*cW|hMBX*+7;P?c zhne~4+D#Xm2O9lP=Qqp+U;!Bnz2AOG;h#rrds3n?^SFx6jB7$7PCL)PoTZj zqx;Zp`b7?YOn6Bj`t7a2E%Wi)WdyQ!eBG7&?OExWXLbzXp2}ss%F~=2&YYyrPq1s! z;fg6lp>DjU+)%^n#sOr>`~Cx$S!*M+?+S}UIkYmihBGf z8GuOBf+<~)9B8TQC>9d@&&CRJi;Y*??4nc294fDQp|Jl-ljtFv%LOcuC(r5oK2dn+ zm02{z21=ek>?YCB$-je!K4W;Oclxw{{#ob;ww;ZBh}>) z8tL=B-Sq7%V|y!D33|92+mqiq)wlsGHkp}8i>@u2|DMIhkHD{Zn<1v)M~rE;0r&BFX+QxW`)8Yl+p_NJ&~6+FD*sf=ir#i9&#Yc)Ub@UQ$!A>M z5u4EWZplPpQT8>zW7N$!R2z^ws4fes3O(|Rr1SVwmx0hH(+dd5LR8OY)F7**ceW8` zS~7|)Cd!40Pnuh8oc6bcW5iWhXscuZ-y;^iCJQkoe+&>)!u+!JS?K6RE;d#?2R71Z z`{6ebcsQ=|u2`>DX*wJLQhGVY`lF@{t0A!ERw z*zu5gWo^6i)eF^jotk-yUWPW9lGA(rHY+G zaYe9NYs~bP88afo>9~ttR$pTW63__Q%-lYfT z?N%JROyJ@(ElXD#_A^LIeUK~Ar7$6q&Q0qlHa}qtS3{0?FC`8b z_P+j9t(kicI$(htA4*hi?SPO3!dO8Ljin3f&lw<~)5WZ@ zhUo25;s2CW`<=ko?}B{ZPOAgh1vz(CdY||AeXR*g*BT!qmsoH8++V#C(fB74+F|Tt zL(L+``W+YK6*(PeQ0Bk&-2tdcsnP6nhuy@Of82gS9%0Cn-9+^TFJF@9jek+;2xGe^ zU-4&T%2)2esiqBzd^KCG@LcDb3s}Xo_D`$xP}rTTmrLj->U-Rd^-f1r5Anj?zvT1u zyY)gIO@#C24RN~*U!qL^ak0R9{cIhUI@V@DEPPa-#fLqlKd}$O?#Sh4liA(4#Vuu5 zW5iD>Xx+%*fmjg6a(udz)%Tc+ zQ#WK)WYZwezfTnr{)Q-ysO8Nv3r}fMjK=K9sD*-Te2MHY+vknhkqHK(0YIen!~KcHH=>bHj*e_!L_?-F_S`p3q%^Gf+mwyqLAqB;5bC42!N zNT50$4Fun+9knhspgwh?O+))&m|i;F_=80pWpF?L;O4kGwNLQ}cbg}?9JlEgwwxQk zO&?_Bvu?Fx=bBHn^NvorWG=$E+a0&w?bzu$Q+BhZ^Ch>c+gWrXwJLThgKgEWmQ#cM zQR0J~cKNoWYzcP)TU0~@{Fy;<{&qzU=+a+_IrH%LV_D2A6G79hu#=|r zoeEKp>zFy2@n>^s!i#SH+Q=io*wcgji{=yQ`sU%}lyk102GeN{8r}HKC1!%?kylE{ zxB+?1?H~*HNIW|+PWC_o1;n%tf5p(o4SJDI2bfqi){tGm%b}sAa6BS5q}CFJTiMu^ z$SwANI!4U|^wnNz)`TFH8n&PTA%|EsCQf_!gf+&Fb_yFc2|2{U1 z1aomOeL#Pwsp)tIb^+kVml<$8&SBWAugkf9dtlUy3H&Iji}k0fJL*K)v0i3AsoE=3 z69{ckjYn2VaxjG=_^K4pQsjRZ8cX*>n1uHp`7KUiDkV|VcuvE-fX!yJwD}*f+!&b6 zT-_>MEYoC54CmzyFcQ}cRI{Wx_q)?y5dSUyTBqs()hV^=HH%8j5JjM{QlrvViT8Rb zEBOZ#=JB|V;~)@cImK=~5K;?Q-O1xh_jml8m)Dk;H z6T_DLhs5SyZVpM_f{ctjmL}c0#OT8#Fhj%=-Av;`Ya zgmSPt9KzxoRx(0UU=)NA`bjJHGn9ZVUmC!G5 zy>6(G3(ZP<%$}?Q;{<=djRNl_ zKn~~mQ|#xnXJyqg>eADyMJ}tCvkFWEX)l8)f!3WY5ZXXn3m zt7+;R_vL=EMoJVTZ(9@4_W7`_af3!lE5-_>64yfv{qahn z(1;G-s&no4KUlNx;d%qDYeXJAdSv-Hfyo|Ut_GaH?yJKXqXL?rILlsm%> zPr&P>m1_|0$AbIvl|-^VG7H=vCgv*ky&oFBS~fC^6Nrn;^PB%2p93L3hdE1^8{nZI zf98)&?Q09OYI8keoL0jdGO!K!zvl61VqY%Im9D}Riw?Xu z_*G$vk8)n3;#o_~7$|Rmyom0gs&Q^Y@=0Zq{H%rZju+9hQXrzD!F*(tQ`W}_@#k#- zcg=R}uPF-N=BAil^|mt-`>@D~E#sXVKe;$!r^)G<&kKA{%SoEPd3Pj#g{ob8el&hg z5!Z;fd?T9AJs)2$c6&}PvBMI?of%q+-ze-P=Ja?bD3m>q{&sM%Qy$?nX&asTo1W$P z$yk+OA*!4FoX20Oc|1&Uom2a#NNi8oNjwh`MB|O+(-Oywj>elS>#F|d#AISkOO%bS zOPp7hpFzN^&d9D+U*T(~<9sUARc&+Hzrhd1Hn;PdUZtPzg?P9x?(55)LumQy#aZ7+ zt1OK>vDH+Hpu8&1lDWB4AL}qKij#g9@xL-o)-xx^8AN|Vtu8kcrSVkyosSj5BKO@W zs_b|i42g>yyW6(&ss77CV5dRgSv}sZ`q4iEW7R*o%`{bOnkt-La)E|(;^mRG{VW5cS{0CoP|n@^z>AK+7_zhQ}=y4@jUN*S@@^xUKqU3LI}4 z9IGBC_*<$f*cECWqZXL0{%6u4w4f}rAQt@>eEEl1^{;QBg;uV*9k!aYOK#P$ZvHqo zE>GPD1r-EL=E7tPEt7@Ig+J65DG?c;Lt6NN^CEu)tS9uPzvh%#{0C_q-WK4{=@^1? z(e}uL3>3Mrmo=5U+RS#Mxx6_TjCu*M!SaZwF3?MPDDtBYSunn@FBv&-S-r*(EH%?) zfjCn+OC;jV-yO~;1smT)s|tr-a4}?pu8`fuqpncz)Dq_rXhlWR7}0?8{5{v(X}rhG z4t=Ob)!KQ-afMn)K_cUb>>qkKiV5n5TA4yDwq`q@kP^0ly!Vrr$(GV7Bx-wWQ=8q` zRYi>dcwR%$$uAjGYhoE29HB!0*Cv&S832m9@~W0dOF(EELrt0x%D9^rPvloc29e!D za3vp=jipD!=`vrL?J4;8O z7Ue+9oqX3msIz9nmMPAXm!}MVrN&vZBCSDbxnYL8$7+U=R1K0;TWg*O^AVEjFBu6E ziTxdsH3_()@g_u8%TfH8FXhViUstu)iRm=Uw8ZSA^6C;7eMFO1DP62I!+n^w9u) ztb{%qppOR8$DgAE8=#Mul0C2w^s$>ik;K(kK_<-cAp8r}AAlSuW-fS5jJfX?JHN%r zBdHk#jx{@n1eP;lHKQ3jsA+Z+z05jaX`3Z47u$NZi?1sa*|-VArv_ z;XjPcp?r5&R}XeDa*-9!gmU4t+)M}tU?6Qd-*}nafrWE>zH4ElJ;T)`=dLY_u+LZ| zHgQ?j5Al!tp`GDg4Z-LST3;k7Bb@fL7S@{#PTiFdix!Fx`*I$$kr>lGP=9o9+6`?~ z*pQ69#)Wi4J^sfk9ST6;#gB}#`h5v98!{5lyo-VZDjyq^HUGna z(Z88pK?;7FTcG);i21*b`PUM8!1@aX zl@zHBtfoaK{`LJVV8Xq?><9MQ`>UQPe6Xw9QfQ*^vtv#%U`m^^;Ym#j(F`e zI39Aw7sT%}v)W?>hY*IrnBWHzi5nN#*t_X75I|7vw!t`5Jdaf)sZ~&P=f<`o2 z^~dNrA^(9q5w6;d5fRIN-lwjW^jhBf0CWGRd09k(=brpZ7YXuZw*dLa-=9Yv$*i5m z|D*G@d4rtm%iuwo6N4CW+EAN8Kw=5+;}5CSdq}^%SG%?zQnAO|Rq^Mp)S!wT-rlZv ziz;6A9#fUX@RJmC+cU6d1#8FquJgGSowHo$N<;@N_U7?!Y|9aDVotAtfsM4c6x%@P zAw_;yYP`E}D>1uRGb{7WB9$D)b{R_%^nc>wPSFZNmOGwn385G!wW)y|9t-GZ)@&UdsE?NN#-B{w1aT=j z^dmNhKOm6Va2E8#9U)MKX(O%Y3o6px*qhv#`7=i#6)Zv3%2E|$LOu2RWmp)d5uB{A z04B2H7c^$`r%$+vuc>Z|8Z{WWQTK>k{lh}!PjY5IM4!b3+3*(=ABP$U{PaB=P=FtD zmuVp@&^J1rE-O)fn{Vk!H@$Rha60}|4+}rYE0K~(z)r6Lt&jtDBV&V91HLcLBEKv@ z!HjY(Hs!`sazBLT#%~wHX@7+M%OCTGi!m3jtjAv@^PWj#7c()wf^;}|EeRNif~wMI zT#wiJt1}$H_Y3#xf+=Uw$!gVX$rMP`u2OUZ$PD>s-L38nMzvDHzhlL}u__!X;IG|4 zgDF^e+ai5JI12(!i%w$9HN5GKeAA_?nmc&~Se1ZhJ*PsD2nYjg4K&CGK>nobT@sQh zHa;-qI6_q$zeY>s6w>n5df(SiH$TWfSA%55Iq*AUlR=o>U$x<#fDV0)cyci?Rc&A? z1MVhXyrmFjGb(38Ns?T@B3adnmeMWeC)D}O?h8SeY$ zCMh}=J03}?{~25Gy%)1S(o_AdECb zOrZ$?#9dI;HD`yL=oINGo5dSuwOgrwdqeBZ_u2eMQmD7-2mXT_hIl+s#sLmYd|*BH-*$HFwG(7;6Eg~V`vpo0Um03TtWMzLpbLNi&8k#>O_H2;H{MBm!jo{7XWw25+KD{U- zp^U_f>MMAw$yqvgMg*rsVj?F#uiA~wi+u%F3sK$~tNt#Nif8N{$%k&ai}}bM+nyh* z{+cZ@rw_Voic};AN!az^k4MFGK+#0)up7IKAhM1GZFFjm8hJ66E+(ka_;hIEOFa3e z?Fhtoh_q>42uWDP9CC`(aDU9|IgM`O61J%3KwlHr#j0P3$zk;sktkgbU*{|h&rsvd z6jOzP3)`={vl?^FY7FZ@Si`cRfRlWBCT z7Tt-%(rD>t0l^6x9k3ehQ|TGxfU)ODCz?Kyxr0ppBa|-iko+jx z^CcIT3DI5+Fsl2T%!KGw;ll6JL!JDyiO4(BmBjNg&O za55gAXBsAt()6O_p}|Lfk?IuaDKpzzt8k`?M~w*bk9kAa^#m$LBkS8Ak*)q23BIi0 z*FGfPhrZ|Od@XW93KO)=KZSo9Kgo`IE=C2F3xZV*pQMl%?=(DmtKrdG_1k-)Ys(=O z?|Xl)*x2>vpo&+#9k6G`3*G~UI}5(x)fiK&MC4&rF8`71fbQd*uXPqZEHdt^e;K(M zKPyb^lX$G&-L=(ODCe!V)U{8h-I<9ze=OmGAgS?oS0GacRqU>z-A5I9!;XKo$Hjw#lZ1PS~Wwtr!T=PA>!gF;gfBomLWr}r6O)dfUp+9F)*veM` zPOpz{bv zI*`SK^^<;44~dhFpVX~h2+p0D`XFLv$i)}rP2w)x5F*^pFaA;EQ%MXv{=16i9a`g7 zJ;&q=`8SCB~ZX+%-cBl%w{K|=i za|gzj7vh~eBKa3}!{OQ3hupOH6c5gl(Fa$))beTh2RQPl6ILUxmohC&53yU$s$5CL z1~!bd#KT?>#=b$B?PQ%QB1ncFVtNbH+vfbahsuV^g>FsiEobT3 zGlImQyWRK@W0xK;A_S1J3V$L$ZlQU8Ik`=gvmuqVcX82u+@2Vyrk)CBM$+69hpU6zl{e7Mhj_VEdRTSOldAO zd;bKHvBztPOdz84_JX)3^+tb`rZbQMrJ3y)8N-_cDqE(%>OW0oWGXCtK<++~aV`?} zPimd1Za%zeVJ@wm&k?3h;n%+-2EE;!p|_7%KL=X+LzYX~K)$g^ipEV8s^-?vpRpq( ztFq)7$^y3GzVZwfKA=2v)AB5v-o9Yunc%lF&F!D&kgry(NpZ|2yIt92x2c!xN)Typ zNMUN^oe3FhGC!D5>lyoK!6xyME!`M)CtNV-Bq+aWf{6+@kS6=a4a+k;r@_Q*DKV_0U5DNVB7s|Roe@SlI zFXe<;B>*1ctHKd?+nJjb{xuEnUBWml5yjTJPnW zCm_1K$i}}!HoVQg^hMf%{w*OgZ#s+GH6m{`?4S*@szU@@fQ8I>jaI!rJ)kt~&XP;a z;{RSoDNS731|980q=b)2!_a*zIE1n7xVY*ahM|j4;Z67%E3eBCg zvDcg$V`>e;ct1RcCohu4##C~kcp2bR9 z+FsVC=7Y6-gb}mB%@UA#Gs?z%L*+?z=+Zkf2?a1vHm%v(`jX`76=e-F%2AwS)!&+n zE<3AJW;w4cWyr8~lM@-N|N8Byt#71Tgs^g3JThp}&9qpg7F&-q?FCsTGwljvB+#rU zvf7M4`3xLpr8{^ESX$imjJ1CiJ`0N(53=Z z+Rl>a(WE6kvpLUC+5b~`3w>T#U+2A`fDnE!n9h&Agm=9g@pjcE3Qi!+D{V$kBt9Y% zih6tNy!WHtYlc6P2gBcryCQd|nRa=j_*G9kGwW&Rl}KXz7jUD8YU49cCy2xXqJ*!*=G>xp-RiIM$iSa0W^H3MRXz+u5rhEfHI|VtaTPdT&3cO+hL|Tx+X)aflBLCtb z1QUAdOCf@}GFg)~EaPn3$Nh3&;7W&pf7%SWb&^aAA~OQin_MK?W>7Di3n?=Ni3LUe za5gZBOiC2qn|=S%2*&20Io)`;Z_F()k#pLckw{j5m?bfmWgq=cB}`LeW*KOK@B3K;sMFLd`}@}{Fq5qO zUMpP&@@SOT6nc3^8b+456iv9YfL!mH2_m1EEltRfc^`dS)H|&%UepP5URJu zSu!bf52EYO6vj61S*EGgz6rS^<_B#co_nVcUef)>(qtO?}x}dO2M668%j`SE<_3 zntW8=>6&)=KVsZ^5xWamG5ts9vl_R4j`#o$#YDU{?FSKGtNY(ORld65Al>VZf1+wf zOChcy@~j*5^cZ*8P5!YrL&ql?9c&T` z6cNEKN14nL6A@f;U0ipnFbQrAt|X1Z)zik{>w z^IIM?UO+oWMoZMnf5xjK|8FLoTs7#E8c;4rfm$9MAbQ()<0?#Xt z|4v3uZG4gZ$hF=gJ=J(0biKiT)(1G6r&O$|=}HdLAKt#pj#jt#JL_{E?{MVu2oB&N za|dUZcMqQWN_L#Xz^Ld8hqlO1V=+Cwsm0Jo`Eex*}D!s zim=Yx9)j?Om*L;tW9TOBi^u6(>94tg$$novkhr|ue@sv7%v0fUUkx@=&fg@4G4z_X zk@B1GfXr65Bpgw2x#5q?_|pF(ZKQCG7ye;PmE<>kM-YXH!<~R;41Ma(I)=Ezluw6RU69jhw+l9Vt*ACP5;_k_RnZx4Ac3Q zOTM}B9h3U8e;zMuGdMaKf@}!wT!}+4U)7K|4K61Fq!)tiOHqJM9?K#!?G$3@8Bv5yg$`2OD8)^jw!Bb`$zt~7x=fJWqnQT^+D8;GPn)h z?Jsp+H$nXc3hHOR-iyy=z1WsFx1cUwMm#Ek$41SMdRzGDTxpGerTRP55(Rt`MpHz1 zVD@ml;_q+`bsF(8t_tDMBR|?c80fSg z%hRL$pU3%&jtxSlH`>Z;i9q(B1AlX|q+bcbqV-r27uYqJm7c~4*)~3uRBvJ+8oEfV zGkF{I5vv~mZBZU67;iGw6vp9cS5tfI-lTf{XmYD2jcpkgs}7mEr6M&g)W`QMUp(m) z)hOo`eP(PH2#)=a>!CO{7Ht3iY#!M;U^cjJr5pa4`F+Z7j#WQ2OAvg8-A@z-)2Dz(c3-Xv`M#reRC#M*vo;B`~fsdOkv1?jB6LgrKqO7Tju+@|wtX?2A4U%ePK!Nz8@`6OX zXACsS-epr z-uj4V{o_aLGw(fipvA+lq#m#7S!?pCnSOKHPyK}Zf6f&l+bdMCywluJvD|NtL#nav zkpFFdq+UmypP7By_OlGnzqeNE!nTW%w?CD+!5TQ!ZW){S(g8>s^aEG=L0I}hIGEHT zJj}wN*~Pg20fa@rd#bNEi?kPK*h2CTJskPVj3JuYun4wg^4Bevsh-(Xy=5ynfcQ`v zf`Fw4RO*oT=h)W2hj*^dZy6X{Hvk2DFvvw9)aI{7?HIiHEEcCt-vS#>M-O8YTOlIO zg8#5Xx+j(JE^k)%B%``bMaOxnWs(~oDINMtHVos4FrWU7TCwUIZ9Biq zp3O(E!Hl`|(SLj{vs*vdF211_Yz`)3tm_3!h_@l55+%-HnzdS#a?l5XA^2wswTu|u zUKflR9l96`G*c|b@6e0k$S0TZR%!yKT4qPKR&mYzH$5n_v^eP?O@?s z516?QF4#x}f8#$ghyG;J>Il&q>d2t$RJxJndKh>~MsA$R{aH0TSB9MSi)c}j!|+68 z<5uYOvo*0*d*%Q9`#|UFA7Qo!VW&-sJ)N%;A96bAug;Fb?B~uv$ZW0~_)X4MombXW z2lJsJ%r2WxV;9z=H@s!kjHvhXvNpazZhh1AkG{};FYUu_M;o0Xxf5lEGe~?lS8gWU zRr!Cb%m2GVA)G`vg}fYpkljD8Y1^BB=|Px&1*xa`UFclBgtltq3uIKk!5&BKdOoO& ze-E-nofK$p6l)v@CdN6J*#O6x$WLM6YY2~up4!AY18NtKK8Q|U<$Pmo4+_lJXfx8a zwNUU?o*F-WbaUE2YP`Pf3y>Ll-Bi;)fGe_2jn|HDj>I+(I(hN<0a*tAUm3T`=A){` zsyCl)SpP|0)_EB}K>pl@Q{(NUg(7Oz#fO*0s+Xu{>#=oS(bOJVHi$Vjzh$&gJ9ql2 z`TuFE6PZxst&MmalfQ>MBFf6qjiB~#yGF*?t`r10xpHd!I#XFpEOKOu&O<|LooJ~T zjfH6t)rRFhdITs$@r_yrMN4Ti((=brFJvMx>XW*~F5-P?dfe?FZF+ps=*MPLACJb= zcy#pqtX{DQ41e#L@Zals6=SVk+*0=0sUWr~>dBfmepGY`@z)*3Pm9affIQWs($sE{ z$Y2mMZfL3}xYBI1k^Am;9a7SNGqtzLAbF~N)gixh(fyT1QLDgp2v z<;G8QYvMISqiHvR8y_&MGn4PyvZsiVD-WG^?X#z$vTFH&x$`QX<22gLz(sXxqPdXX zYRitQiEYMd)CbBmU=T#_EE%X2bL8zblbRkyaxgHG$v5=??THJWyVle=H{huT?9|<2 zobqg^6jENqBY~#PdY#NEioI_@pq?E_8usK=iS_`!ct|JkSm(W)yco5|2o3gIJ}ben zI}#sXCU5Ey60MD$fO0M|9v6qGu+2ygj;DQqhk$^En$SH1bivhRRw`UHt)H)}swrt< z?FxioaNAIZ7{s;_YI{_j2Neu!eDUSZa(K~ap-X9Lju%NX) zmz9NN7`6Rn6SScH?R-{=?HpgrH86YE2c!RV@d^45BRZzcP4GWt0bW>$64Tk8t}o$a zQa-{=9A3gPSJ#=eR?A&+Y7n}g>ou34uv73%%V@?oc?SC1>dxrEu-1&cwAwi5j|2j@ zo*1kC^jVTilikccP$o*X<&ao)fhifqH3r6Ugyt2By|!yH(Z6wkimeJsy z;8h~TiqQ@(*25$IAdU7jP|7~%Bia$PjITucU9t2#R0dI}v}BW^%IrTMM=f;;|C^n} z@jT-)L0OWDjEPf}YA_K8T?Nty=bk8ORyDFUg^Q63=JV%mk>&!^N2cQ!=KOB~$H>B{ z1Z>DlK}xUhs@FVntku9rqzg7%Hr z>J#gOUUI;_aeCi3)~D22GJ{RDP|IgCQ5Xe^@)=$kTd}w8!+}cQwkG*Cv8C75nR=g~ z79#Qzg){nr6Ak>ESsGTU2=a4PBFOX34g4Q7k-xb_nf07QpSK@i{vxJK@liT#nmvD0 zdA9S%VQo8qXJ^mfgnwfG*bj7>r(hD%R%(MY3l!Xa4G> zn(cEw)W)|tlxfxs%Oz!qfm-;*hO|NE_5G1KJXNBKu9m(&d-gy?6KEpIpEB!piPOuF zU@zBsYogw!I&Xv3{~~68;9dx%eV`7W52*4 zA|thV{~JR{UuH|kS#l~?VNdAF%W59sD|YNRM>hD=$ghf@tCJLP^BP?*aA5d}AP|;e z0kV~%)}0u(y!wpya_`psIc&|Z3_6r_(ryO=6lGv%z+(~M*fn2WG&9x^f30@c(Z%@wcIj)fGwDL zO=jbCJLe6B@Q{Dd=ixRpK7Z8Nu-wgPLs>#I>t_!C{X;yF6Q7=rzq;0xNq)BRD_efv zXE@0aY=#+8;>P#4=G6D{VgIX7>6&2w)SM$RoV)Z)k@ZSlwOlsY(E2*M#Lzta*7@@|c!#%8I2jw|A81V1N@$O)<3v8;vC>&`*>se(-4O5~ zvk2QQv^-M`-Afb2jPZAH-d%G>8<4{4f={x$S1V+F$Zq5^!|hOq7EHU}ctm=?F})=T zrt!a|syT}4EIk7q5v9Z&e%kHE4~Xx(OZB?bTCW=B$S;oe$IHXA1^ zmvqhQf+D2QbFE*9R;{!RmRGjd~I``bqmMfERmhk5P|sS;C58r1Vti{v|A` z)O9H0hv(xvZ|#!a?lJ&-Z9O5Ynem^dIKDlG_6KHmBIUoS5MDrVMq<^g5geG{8~LMr zlWg&#Olfa%kkpqV)R+12<8tUbIl=JXdYi|RIV!R3ctfqA(A*XI^9+6iW~@(cGyKy# zlERZd%;6mW_42Ik!jrBjgfZ6J?ZVILAyHVc&nFM^3HLvq#W=TR_$7xw{@>@{nIL#S zrhg~MA8f)M_Lo1{W-&D(3)tkwKquG>|BlVD5gFJlUEP&mxZe0zR^ZvFmea(0s>Ymi zh-}n$&Zlc)D~*3=5B{CYB{1x<;s*J5`Z{^A1ZK(-c(ra|1I``JaMmTxWr@Jc6N#;a zbII0AcMX9X<;OH;ojIoy)3RNRYMeP2PN#N3UH)5vBZmUuIOZU2Pz5d=ZByaGxl8g& zLZNo?Y>a8^v%%j^C(U%Snh_nr*A>szCdlx%#TPECydw6;7VTriFqf0#sjeP?Gh zads%0m^BvbT}R6>M8dh&d!%Z9V7=d}Q3ly(GlH&T7+*_0Cq+KGu7R zWTU+!u^f_~2Q!FNC%I|A1jxo=`KL5Z&$l#f&3H@JKQhr^$#SGwP0v%wW!kAhNYI&?dB|*5%|A>A2%>&!F>x_M?K*oAE+rq^KeX19b+z;*Y07|3gH6pEHe-+PCpv*%`#Xy{h(O*|#5D7}&QzcqeNyOWU^-jxzRbYi^nU8C$Sm ze#X9C{#@F={VX{`0{eEtG+6Fq+qYjkfPZOpwts1-6g`$OCM#poLKOR&v`l}AA?9AY zHaHXVRntVSe~DD~`}&u3l%tP-NgIBB{7X@1%CoutrD*&h%wYMKB09x=Sw{ViYKO!WGsQ2 zjaxY1v7*<%H2;A7HxUlFDnu>@@k@QI`iM!QFAU}*dYw&uSTXRw8-1l;ZiN4qT>$m{ z-p*Xw@#JrNe7{VYJk#)(98UXV$Owmjk7d~o98TY|49N!rW%C2Qi93_VHxd7Mw=IVs-wp4FALsS)H+_eLPsZPrpUUA! z|2L(E8T~hN3w~$|-f77&q+2jTaw0}ufv;0e$_#p)x^&dZ^3w{n1KUAot z`#}DszQIHImxACS989ZRIb!5s`X;^~MGGB6Yu3SpRhyLWDu@=s!L%wwu#j~y)lq<- zVmuC}OpFi?CdCLV7fvM zCcL@rI>b(V#qfrj_CZnaRn$b45Q4pU{1MUk%<_nJTkGg)TlKatu@Kn(E63bsqv}mH z3KkttxKFo=Tj$kr`FKB0DFSEw)x|&o(`7lOa9|zSDV3g1g)(R+O=w6E#S>N(kDL50 zYgxo&-F!9bz30F7EhVreGe=Ldg(cL$C;)*gc`h#iK<+C!f-~-`V}Bd0b|2xslBYrL zE96GtHcQ{mgwyDwA!S;bH?#kAjah%wp*3XyW8zY>JYA=oh?e!eo~{jPR2ffKZg0}? zO=y!vitQ@7gC*MdjQYf@5G&Zn)in!O*TpWbuFK^!I$)qmUsqRvL>s6w_Rm?auKfq9 zINIOv_ly)NSnTyXlvKQ*XqEHI@OK#=yVu06ST_5)b$H#0mOy}tX+L=s4;io5#pfB> z`O5uS;?{V*MvRo~oHiL*bS>d6y>5~m{etvv@^3XMexp(G8;zoY`RqD4?Rln5{w)On zX8X5#c((qnp+;xdl}$$V4^BSD_LMjYok7McRin6z!Nz;CocLAa|H8HlYF0IbT8?bb z#|w5aC%<%(X=X%Tgy4KCT!4#rRntmU8GkVPD@PRa=W#q2@2wjzPe+4uT}lgg=4mU( zm>gFqwo|*3Z@<2`hvWSOf)3Zf>H`x+j_~hTmMLq-1B%I_D0AojHL4ZHbj5saQ$Xdu zpfILO7}M_+NTVnn60xihsty?mf+_9ENi0~*D$n#^)(>Q52Qy#S}0)6K(7c8jbjrs8Xu5G5%?k68}eg;(n(OZIyHMmer!vc(ncu=keE%yTBD%4vd*AXj>x7K z^_jBr^prImkl@VjXJR-RbY|=(z)x}K9J!)(C~M!)%Qaf0Z=Ap$_htDxgUvim=#BN zgNiJ1^k0T&OPSkuCLd_9A73o_9VAdRqigw99}>?3W?VLD&a?WNkxy@D z$){llkWcURkxyF<<^PY$r-=uUPsRPqCxxH)kx!bue}R13`d?}K``5^)eaWyNImM=9 zubi^_i#eZ^C~T=YFy(E?q+WXbV+gE$fq}RWIdB(=!eNy;yArGq{w6NG;r#QLkYDv5 zEx-22aEZOuDE$d3u79*B8~sU_cS&lQ_`4seA}rsOSsYtXv-EtilN;5d#XCJvF8RB`Za3`=1);C&kBq_!Vp+@(?S%_uf+s$%ojI7_~Y>NgZ! z&67f)1QKfiSP3L3;9^#z6tW&PpqDnT^q>A(A9tzMI+y;^m}k09$Y=tf#jOAG|DFcK z7SG8~+n*)|pGZnP-S|IGgWT&lHUjuWO9r_bLTMpL{NpL1mLb+7p4@Hxl%sT_V1Be} zYwPHWP3@a9rLRy*Mcp=}p0sVxq9jcdrgU9zH0sNF3N7R?slV#wy`1P`+aLWYO->y_;5j*3hS!eQ0r?5kKrfPRIX@!(NI-gyhv0rzmCl19nI8c{<#;f_0d@M zqH(?cl@0~!MY_SeW`1%dtxTRyFcVo=#+SQ^C5FFrio|K(W2&HyjkjI|>977B=J=(_ zLBvU9#T85C=!lX|~VSP?WA(@DzSN9WAcmc48nQ+1<%>WcmC@Ep`oCHJn3uXrK{dp?!b`ysPe*KH4 z%ahujdWN4@t3D%`HOGY0}8}GpOo?m=krg1Bj@e2uafqF z>T*yVZkkjWott**;pe$GN5Odu08KYlXe{zuo=z;yoZ7^jYf3meN z5GI5zt`q=$yvphRt#?`R%Ng%-U)M5@W8;*Cqe6Aw0`!c*SFY@`}k2K6pZiq?r1vxZN8B#`+AB8{(G>ZYRQD1`ww(1G~)SR;44l(0dT!X zF#ostiM5@KI6D_{mUFK0@Jv9Yyu`oJz$%t^ChtJ9;YZ3n(s*3&k;eUdie*3SAz(E1 z(np_a+-TPL1Nn&)AIDFeW+&?^Mt@vloyE!OY(Mc=Pc<_0q1&>=tnm}SZM2x9k45JE z%xEzPLnePVN+QP0SP^AdI=-8xe_c7(em}TstNzbY=-O#F=zwOB{%3{ozi(>&mdouD zW)(2rG5KNtLi}Z0bxdE_Bl%-dpUVkmQ)&X`a%9agec9cDTIr`cDM?C)VmgDFNfcw& z{|Pu9Q%~eHf6x%iKo(X}aAopRL+JW-k@=LS7KbX==9nn&TLK}qIk zYxM_TUqBOF-B$g^5tYfu4pm8>kAs=aLk~Gj6*(a58h(=aU88Oe?TT zdb>;gD))0B37hYLhMAVK05lE8CQ#jC|F8epYxMuI$tjvW=%C5aK?Z~jM*9B9oj*t8 zYWbQVf|@z++VNB?paEi3Qcj@j0MOmiqiCA|W|JwxXf)6y{f11x(q*jv$+KyV`?%F; z>Y+XW^zGkv>t#2@H}osyPEWVwszUmG$RF7UmOiaN{j}<_Hi*6k)-aoS?ymKnWcdgO zbe*H$oWm*yNc5P^(y&}Tw9`Nc@+(fea?Cr|NJ+K$k2i;1=kcAt4~u4;+FhwhqUT}* zWmgh2o6ddhKnfO`!aj2ze=1%5Sy31eDuRzoR=f9-k= zfMsYf&6=EhIl-;kGY^aH)Zot4g>S!(7zlst zVfK}Kt$VJNBu;8M?MlqFvh_7@U>ahhN^?%K{fDBwO`n3x9(HzZQwUnhqGk4YI6Q*6p-Eg zDgK!rfM;)`TSu#@&oh4Z55UZiH)r+8mTI2=GnyhkZ4_T6KMVEwKd?1#{zR4+@6)O| zpPCwXgMsZ}3)>wtvl@if=|8B}XsT@`M3R1=%C5%balV>r{@u2(2QJELJ}RxBEkpmv;rZ;xzRcXI z{wsrvSlR%Gi$c2IUo}g%AA-z{a}yuSn!W zC8Vf)5gHtzOL}8(3^Xo7P8{PNnKwI<;C|w9p!OAR4jqBB=9ommrxRhevc?oJOsijQ zYWZ?7MkaRXN{#W@tQ&pPH~Au+5%Hpgs4!69JDiH=xblXakp=8NfELw)P>)ef`8u;| z+R;Ubk_bk(kNnm~eqZ^mwh%0w{4}ZygBe}M$m`{E;qU4ECBYurf^Kaex1PI~2WYuQ zLF;mzlh>%IQU4VC4+bky3B_Y+?HFMYd5Wq-c{A%zi`K{a>XA>{%i07CvsTH3av|s? zrK~$qILFS6{g0;15|xmD-o=!`f1lWWsxyn7Yo4&bVDX3f z#o{?b?*Sm3lDi4R?FWY;Xd)hXew6n8t5+l^}Z zI>sL1+I!ME^)$KXY`<2Ca{G6jd6e$Dkvd-IMB|6+^UN;3rCP&SZO0@ zqf(7Q49X-8H8dEm)%v;TKl1Zv3%yIi+O`#>o6a<-4)N35R+A@7%tAKvA>=loeJ)kN z*h0~&7w7rf6mY@GC~&fJZWS2`53Wm;oe+)xhsDb%Wge~b{*8=S=d%f6u*G3K5MzEu zt8O=lxwscCKhH+XE&ZV7aO_M`djDt%?vu#DjP@KbL2Jp@Q)BTnQTQ1z{4@za^%?wZ z`jx>CN3??db#QImoPApsipHl=WSUP_(lQ4{DwZ>$>_BZw-fI@MG~&1!^qe;?k^$(n zza(kH%-84`^KvgTgH#HhB*iaW=+(v1%YTX<^Qgy55b>6Fyc-yUzq_80>3`ton zijE_(f>Dzp5C2Hx56J55{cWbRmT&LBqt2|3WQLoL?)iw09urGu$f5U_2F?A6x9YD^ zu-y2Fi#u4+kYB@DYMyKPwB^BJ;z1K-d>senOYr5bOzvP(m4G5InKaXz9*32%Z&Vjb zw;Gpy3T!O!`WL^C@{=vTw7x*_at+(fRKqJ~lC9*r0y54LTfb$nZPlMU1hHl1kJElV zul6fwe%x*ZO=kqa_^%B%PZW%_!i@(oW93_H2CZb|kCF%MBY*l4KHBmUb9KR7&pL~A zx1UxV?QsM`r!FzPqF3ldlsr$_=1zmR_9t}CHoP@RBIjbv;PWD`STM6Whn)-SmWExn28dvu6 z&|l0Vr}@--OAaqhFywIfsad+P$idjxGdZB%mn3rOqq5ik!94eB*=}&DJA)b94v9-X za<{Ea)~+|nM*iBMWz1t9w>E-?MmPU`{bfk#2hvi)%pJKTm^(hIdd69#0FCxdPRBv~ zjV7k%w_Ofotu)kCnR?Nl*KwANY~R>&vT#_enJ!s;dfBJg49#~tdRi}t#ycfNIo}fT z4v%zC3Td+4_^sw8Le%x_&#GIE5FNZ>3%LR>2a)LsaPH2hzVTepf%3X>sZ}4CHIF5! z)zQT8s%X$~9GQJ+#2Y25+HYsAH>Uge_0K<6A0|jC;%)F=NgfnTbvaX7nd?r2f5G}} z@CyHeT&XUSn4Xb3QMgxugStO}4bM;Q>%%v~Q% z3_S^)5ea^qUFQZH6<~s{a+t@zn!pu75q4=oKa46F@-NVPPR3{3=3IM%{Y!!Wv~BLl6SA5sQ|ZRH7?fbS z_FMhKqH#8|Zz@!b^$Tn}SLX7xpZY}qU~Salwf@rWVsAGx?gMg#yWTF@R_jRFB%OGXeDH=P zT+cQp<$|dQp>D zIoCra3a@xNYewbc_rLk3nVIP?XB8Z-0+#~L{}2CPIR8JISwJM!YyMo#AMC04ERFUO zT^P(F0m$b8a-#t`g)oPQoF)0O&D*&UixD#H5I6v-Eg%&$y0}14y}#We7LVrg0yR`Z zBV%bSK(3Zqx2pTn`^DQFV_Q|f5`&5I26YDh&l7r@QnQ5H%ET%8u@6e7jMS#*!8MN+ z(F3PJr zxm9Z}y}lPB|Cmo=M0WRjB6=mS$zPcO4)Es+e_`Q|iN!uO`1`iSUp@VOgCRlHEUOlO zWQod;t#J;BzlVZL0I+8Fhri|w{y;J*u(iLo;7|bmIQ!!U{#z{kka~{)+ojts?gO^| z>=Jwio3#3`2yyKOc{sU%DBcX6bGekWr22sY1S@v*v<%weI*;s3y(Ezbdl}t*e3^gG zFSS=8wI19c`XL2PLXj4MVtwDt_o<)h1JIZDQ2P%a(vSV#i~mGz*#qu`nj&Y>Vr>pB ze9JC^_nN%FZX)=Lh}p~-GZIJ#5uEl;vk5ci{>$W$>eNvJW3l|6nnvlxIdYPe-n6z` zY_^|9uSCD>*yOZ-S)Y5m+^%=9x3^h)`_D?K)%7kn*uR0jz0!J^x+E~R(`H?KdWn(0 z^k0Myj;cfcnE^H4s>l;?eoxO;)X7gpx>ASNRsG3nKZ^?34HY|;ep;qW6e%Vdm=3Yy z5yp@_sQBzS$*sM_uy>uo#$|EO}VIZg)R;^=b9X(FRKM;Z(Oyf+Q6Ir-U zv}xv_iUrO!3s?gmla!2BJ?AWHjyE)QZ2myEqOb@G-WDq2G`>g&!?_(M^1v zH3$FUmIAE2NGaa6m+|@xbgTaCTr-4brYtV*bQ5P3L=w&a4`pWpUuALq{Tq@CL5Vjg z(I`-ZMH_Gn3N5LoCK~J$4J}%iC|0Qp#XUj-xCd?mxn8eEtJbX+wOU)(x*&>e6R?1| zvA9zeaeJ=UzalE2wB-H%&OA4H60q&d=R@xEJTr6V%$YOioH=u5CMUDwlD-J1MR_!9 z2`gFC*NW-k=VObvx-#} z=R%bD64K*K`XF+)5>%Id)kq%fu!Fm>3eepM5V`?1Bhk^3?t^u~ttRpm{yLM@;bcIA zNx%?_+71}xOeqDVbN6%d#T5JF!BOGQ*tu9<;!rHYXNJ$SdI?OC+LuSsjkxOJg?{yq zoC2RB8RmH-I*=McI;69LsY5Xpnw=zJe6#}$p;s-^F3_`?o5wP>-V0DCR@MKx>ee0G;#+g4oeGJd(6kZUv654Zn>c~(I%1jlG2bs7Et~>DH|tsP z80W*X;J3=?#WG|Uz5Hi=k;v7a#WM3}GB*(2i{i~-y!WE9-)3cy(Wbo3KL<5?LrI?^ z(KsvyYC2;ox++-gPPD5{6*9pS``ta3cO=IbKH_B^{sV$$Z4J z>-ZPPUQ{jAc+^W~__)?dIc-deaaFYU;jjf8h~H@7C6I&7X0+BMIN<-|m^bU?^(vP- zBG1M*W@#+0FIBB$+iE&K&GX7%YxtEy$fwmZ$MSSq$8%gCQ`7%h2I}GT>AITu2Z)Fl zRA_wa==|~JD>>i}TGq((pTM@|jQsZT38v+)=JZlrNFcfyVC-}R9!u@GpT<)QVxv7a zA6v*(v(6i~f|`y><(11MnKl%uiPxXioOLz*UummJoj?s80I?mjmW_zUS`>qCDDOpx zA@FMxpChQp_y6=~sR8AxxhC;%jN@9a>TS0ipJ&oFV$OC^CGoPwB*Z&mY@Lbgq+l-h z5%j5vKd(K@`N)CC#`S-5Tq_46bhb-)&M0_V>xJWREBc%>jwWR=ovD-iYKL#FS_l{? zKhq~;i<#KfKI+=U+M2{GqgK^yqOaH0rY3cA!1*iVbDebVBG~bQ2=$~M>7bg#vyvMa zWR9Rn|M7`TdYE!aW2`n+r6}K5IKjLo{*QiAqvKPJoo(o^8kBrZ$49y2M{Gi${ycSD z5#4rdwq#<14$A#M-3}%GL(9CDz7Z%6FrOi=9ZaFB)$dge>!{kaa@?>E0IaU=|9tEBdP9KgKw?xU<w~MaZel`31H&Xq*T)Iw-vGRlunThf*l!dNpiMUT<`- z2hH+2pV#T0k<6|-A}aQDreEtRqswZzm=BwxmaV9>wltAEwE#1%bm|)9D}eyCXlrRK z{%?RNx0gCKr^|i=K1r_{{2^scXo}2kx*Rk1wBN6~wR%VyR)jPX+)*=Yv%wyqGE?75 z|AstkP1Q5H)@ODTSI3_ItY2ko!w^vP1qRUGtgQxy@T6*?2CP@p@>n}i zI&a8Ic&TYQ*!PCIEa3j(w{cBU>>z^v+qd$gt z3zp*DOKJFJaQJ1X@Jmkk<*VTW5J3Al{PGqr{_(h))xJ_c^Mwu7kHe0!eTBlREgGmM z?ee(4i4n<&K6z?rMDL_*_gl7L@fSM!w`%Mj{}q1cg%W-M zFzdfJTo8-_91m)*hv?E6&4=wku4u@v z+UJKw>)&;rWFYQ}W}2;>v%VoqWo)h+_(*(PUoKy%jb@1bC3$`BRK^KiAjuA_EJLaS z|9pJ{Xo+$%^%j)*gLY{8_Rhv#$T>+kVbaQP5w|k+cgD8O_k^B1&FPMemy z<7=<1<=zmS*zfg=&Atc<)NJZtW{nh;JJ9Hdp)`0DQ7#NRjtaq?V`oSDLUk~KS`eVzf&YHSr>2s-6MGV`;JX%jU`=el$$ z(bezQ_J0Sd)tijij6ExXjPKxHfQ&XFb!40vBIC{0eh9{NHZr|bC-qYg7Auvkt?j>r zV`%eo#S@dp~-SQ)#}yFr?5L3Js&shZxFN>UzY)N;Y4PANJ4j{XfDH zOvw-XO??r=Z$0A|KP}D&$6*E>kj|+n>YTC8)lFHvR?F@i1k4Yu>cCGWU#c**N`Z4vsd603N@4I}#lNcKHr! zhHa=xP382x^;F07qjp$(P5;GQ4$lRb*n;%tJ9H@YORq!d)h0g5d|a!9FVa7wNgVtq z4@dco^K>ca5NN_wv?lSjxB8>nVXxKp|ExBZ*Wb|(`czIA2gjPvmc~hR7y=#W8s*wQ=B*vo#<`?NV;4G_SMdlOe50j;5^C{Gmnce8fJawez zPeEtq1)cdpdbC(mT_`44NB@jZO~8!*1ee5`+7YYSlUcK=U7Q|k#(<-BYx{BE_GWL> zn~qaIAm)SXgKLMqPZK=WL>XmlHjRuQv1GhW+rFs5-H|E7h!Br}M~R{Srm^NL!l$bB z;F`{tOiE~y10QgI4P7R#dW&7F z%hNy7JWwAN+jZcykcr7BeZno2?G|f(!L=}#7UEtCw-E07udVEpsSdSL)b52Cv!V?l zfflqIROpVN-L;9=)bc0WXu9Dv#}+)gnxFf>H6Q!(Ta!7~=wHH`T&!aAVL$gVEl>4c zpZXmwMRVgG%8_7i)UL<`a zE!nPpag)QpEaaaTT71nK_{B75?j?B+L0PATs-Z+r#cHCz!#89cx@HK0vvWwTrla>ZC~o-i?j5ye-0}hMvCxQV=q7 zKyv7xPpyv-R#$#fU99C^rFN_Z(V^czog6vv8{A?B`5s6O2i-Ch^|1^qltKJ)X<%ow zlcK$W`#U@;^u{*qoh+zP1s%BwuTC3IVI3J5iR$G%3GcXqP*c&hcZKXPi=sdKCF8<| z$)SV-5cDUwgk|BiUn}t=moV#qkbNt&Uib|r?J4!Sf6VStthl40b^2Zg)pqIIM8=+d zC|)QVwrjt6WW3nlFd;S{5sUAuY^j1P zA2=J<=HjJ}wI&1Wgrv<@z{J(>PvqRPWc2ch^@^n~YpS^9qzg!D`4duorO(BVd>xI= z+@y|1&M7`OH5w~=dYP9PO?>9WnGlBV*7%6EOs1G&M8?qz&ZHLfI$m>DYLBFsI0FRx zoG``>i7gUqV{QM|)iUZ*(>gc3g8{^D)Kdi{l{cUNM8a265v2WcMyQ_Vn<VT8)7Zmyzb1x#QOEIzZ_E+yI~RIqnQOAx3XU=x5=L zG4uO2b^RoA^C5aLsHlcXOY(->mWX`D5jXMJBvQJ9yu}cLdz(=|dhp9W%5|X99$Eby zj>$8~>6Z~V7()b6r1T_8sQ<0wGeb2cqyJ}+K!|_^qH?=@b%N#XN*rDrV^^;Mdg_Qy zP02RX|Hp~`EDupAugNh%QJ_zP_>Y3X}?8yzY1<@u6-P|Bns8<{5@DMA! z)d6G}m`{Lz;5juw>@40;{9)DDM#2hA$3HahY)hmN9K<G*qCJOdInsR7G4IM9t38z*1l9_W_t+vZI)QHc#N%l<6cGc32{nLvp6ulyZR z^>;5ha|&m3yzHeab{Wi2t&MfW%2!)xP&umzpl7ay#7lF%y2Ka4KRv=mO>}laNH-6s zDt|VMpl!sbu7{qQSof6c*|%Quy+Pd2WB;5+6EPLX<|kIK_yh^h@r#o1mCBeZ_}#sd z@B_>jg*{w!{;Rw{nRmEGHtM_R^5bL}W5$Y4TiKb6_#2qxANh$miUDr&*Y?&Co_JQ1 zP2{*qX>!vR%{?_>%Q&a8z+3&fH|+J;lM}Rk=yjYS+LlB-sdmD|9)8Qqt;1rgt7naQ zzdE461476DkvN~Jc$5ZV&W;3RisZL-ym_JISuqw?BDf>#G~+!>_mPTGW=9h zmTDKkUJt$a^Kmu4$NWo3_s0GQ0rr)y%0S5mwAy()w3_~~qZOvJ*81a{2XMS8j9-cT zUEUZ&{kmQBZjOb3JM5Uya4Q2Tf0xCK|5UW&rjX<_J%iDt=~w5mncbJMiT;+EZEtqK@UY|+EX-#pQehV-Unpk zFPH&xW>?XTQ#AgE^zl+-4kDp-$WC6WibbEzm6yW@9o~W$gZ6rx(q0b1;op*V(Dj<| zk62;yH@-PKb$)se(?Uf%S=A@!dx@dB_BeEa)vYf@s-F@5E#ycZ&gx4Ot)h{e&x*xY z^7IrSBI{!vN5P7DsO>}1lUEiatocPyo8Fv=N*~SpbjbRvwKRnD(KO?bXdPRds9wY^ z>4a72sWe`3m~!B}l_q9PEn=jYd%SiL^H!pR^{r${^s6=Xk(@UAz7EX9asE&D7d6#` z@n=hM)38UIk>$7bi<17XUMBc)d)cIyGJiTRnI{Yj|C4;&;M%JB)LCHWZ`lz+!Sp8L zf58*A9C3Gu!%Vl{+%67V^$8sIAlkSGhxHgg)2H_wu0s0me+EcT9ogC0RIv|@i8LJ5 zRPjAMOm1s9Y)N!yJuZn3&=2hJ)MMux*Kqhms^Cm3&NS#3#)pzfFjR?J?*=xEvdaIV zaJy(*?(a4KnqJovzj(z9Z&7FC?wHD{f)1X|$A@`6Fm^)+XI<^kT~AgrrlO<1H_qW_ z_RX4e`$RHt_>ZTV^IzYCH1^ViKCwA_=82`AZPNI|*5Z%0=SZMVQoE1`siKRZgLInB zpZr5mz!2q3eOwwnNi^c0B*wYG&a>@z@rtiBh8vG!bY1%B`Oxz3Zw5T`%n%`qU`!S4 zZgA0)<|!&1q>*YCu)iAtxndM!#Yygbja0=bAhr32L}8tWgq)}Dd<7y2p1+vxRGCR) zRSKfT({Cd}(3$%s-kEz6vBxATVx^K@8;LJ1ETdg(w)Lwiev7W-Kyg2_H_0$ z$0iPnwZyILaT~@~HTU8CcX$e^b%H)73UwDJ2c2zT$Ufu}Mp{B$eog%1O7h(ey_ZDK zdjpEn)(yob>C^|*Y}{B_4I;(*GsJ)4<2*7SMrNZZs!fACb!dkZ7K8Xb7Qs7&--%=6 z6^E)u4pLZJ-Jzi->Df_|eHg2U^!+I9Q5*eT=m#Qt*dF1R+T**UR>{6yn8$FoL)wYN zs8^(cf+h3qq;s=>_sU9MFrkgh#X*hxtHYoj%OywAh85kNsQ%N$MqR-CHQh({A9m6t ze-vws#7*g?-XBi2L>IMX7UAw@rN`fe5BTaW_Lx{3jznbjK=JvMB0YU0&7d=OjkWxf zR;eRFroxZ`+5Ggaq*Km6SMAX>s}?TnQYM&ng*kq#va2nyTTe{!zNg=|If<<$TZrf3 z);;DzEf`Ffcu>dxWN!h9=IY%#Cs9SVf-hgMcj|8g560o|{lL|R3&NnW7OAi$f|XSH z$!G}lV|t|3>DB>OrVn!Sli!DTK`1iCKTZqCsp$PThJ>pkJp4mQVBy+i@rA@S87c=U)LUQ2N=@qi29OS#{8#dOERH4-$*W*1>=b4YUodb`En z+q3B#dO>bM&b=vPTC-6uq-^vcW!4*D=5Ovquzdf-zh~(#AIKk+oXwUhxK;GhDMFX& zd#d1^ymKP#;7KOX8i2*Oz;M09s$f@TRsDWKi9&A`?yzWF9ZPHg@ayTw12Y-#2*`n|HLbC+04 zk@6-Uce{R{yyBql^vRo+Mw((RKc+i4`;>_!XMMCZg9(rZF+M9dF6Ho#QGj0HSw(CG zG5=8V(7p;nY|_W_Z{7Zr*!)umZCp(L!I0MS$DTa(Aa-xEX3U{jN0wFREcSAi#GZV< z3jq_IlK@{kqN64SwDp}eil*q;d|1t}_M>cqRU|qoYqS@WhI?&x=661H7P)$XTIy29>NuA`S0uF?`9tqx! zp1d#6J2D2hPCJqMYd4Dp+wEiX@FxB8ZZP3BafIGi=og>{909@kBWtOySI;jPOEx=j zn5Figq7ByWS=F?8*M`&hi#9k(j2XWY*}f;-Pq07oAd4q~wa9S<0&_{z?+b@wwrGMA zYmTWLVJLu>Vgj zi?!Tu$-N-%6d>l>j>>K8f*iY{J#(LH<#Oat&>=SqN-CPr1}|vkUb77g!fv3QeTR0= zzPRn(ZRwZA6#AsUkwoi7-)wqj=dP#x>O{MLArTg`T>O3Z6VSj|n<@EOC~aA<>_#0Jg^(d17hBvE1#|Al)QZRDEbQ?c|`y`D<2lt%yDWh_<3GKJTu^TwJ<;LrY5 zuHoQ0@lAtGVf)LU$iX%0=jH^sUV=0Ezv6m)SEgRLK5ci1{SUad{_H>C`Whki!l4(g zroTbgXu4|T|A6O%U732}x%2;u=i2e#jVH`?=UGY?rjUGs?cBR1K;CSfNnRJBfAzR9 zXFpBxcOmuSkZN*diKktA0?ix|ONF`yoapLu-CIbqzyE2DP-E4pmECoH&1xzocD_Ua z1G}M$0>}rKGBUhBaI`=zatVyqe?7b+O85Bmol#)G=&+)>@ z7YJ}Yg567sL3<)U)?xCK(h&0dQo!WTU=rK>O@%t%OtDA)B2s^{22$UH?A_k{?NMRT!zHyeI;@JB0pB;o3ZwgvJc{3e z(R-q-J|v?zox~D#OZ#PKAfY#Sv61cMDfq(joZ6x1^Y=fBy7WJ^qvvP;9p5?7fd;L3t`lzF>J#&@6tJ*Z` zzs`?ib8dC*EA93VLC3vz3sDL~CgShI>Eh~wLUlng5h%Hh1(Rouy>N14-=>*;CO1@j z2}TsXmG9qnj$?Wj=Q)gB61;p_V;-m1?<|>prs|_fCFaS1!_bV`H>HCz6=lEpKYNRI z=tPySVbF{JAKV`PZ*2TAITUpLWhghpHipn*Yr=OPEX*XJAfyd*mG-!_TNwny^)(l=?+55rCBYMUN< zw-5B;KTrKr>81EXPYbCDv4N4;z{*1Ym*89*lMDaN>WD-Nu^tPq{IotYtsj$|={zJ0 z)<4JDOea3KAvTi#g+*2Sh-Xh)uIC5sxo)KxYdO+^J@Ko=xGQ6YZ*7R3x{^G5U;G2* zKjjrY58coBcU^1_$2^FW-<(buGY$<#FC#cxn(WJy1v9PQRn!ZdQ>kyD$1SH%yj&lN zT(OIHMnN6vu1@eGjdtumA741+@RY}_0OEjZWhF38_7;?A`zOo^uND0hM~PGrl4@vOM$gDLE#t`CEvB4D z;eir68~$NJ<=AjU?;!Q~n=j`;k3wLR6GYB_&NALw5*js3wj%x`WE46qIrz5fuKvG` z^>W5o>o&P(2f4XO%H{U!UDmvU5MX2H6N9X5U=Om6b6ICrhO(Lt+Aqjz?5X+>dC}^x z9T3VXdE@sXr!}k4HS79i$j%2@X7i^&37fBzy!ZEq8wb1+o4eI4QP*|p;RsOEU$?y` z{wAphTX(%AqbDzg>dAt5$vZcw ztbxkP`^K(yG3zQ|=YlA9HvT?~TbsOiJtce2S{@l1Ndu z9oY0>-zsM3UGT5DQoWNrrZDJ+<=z=Z`~3s_2|frQuKaEj zJBPC2q=@+Yl8tsT?*=d#7d~qlI|ug8*e8I8BqW>G*MYZXn`~>arVO51PsVc{yvMi6 z_^8Y-lYWBt2M6zwZL%e^@Weo59PHqoy-mi`UB>7qCF*6^hyr!$Ym7oVF|dtPSDmB9 zuX}@V_I0*CbrqTKck672_0H^XK&%5jdeEM#kF0KfaH-3`y0AC>7D)}z-V&qVE3Un7 z?-|M_qr<<=fyI;U>fhJFyKh7&BfI${{?u$n&t>f6GJZWgl#zY@5x*vzae~YECJTiA zSFnx$FgwewuL?;CoGKVsGqEU|5K2qDl|FH?IbQ$u-ON|_fnByqv7+Md9TiF6Eq?&Z zYYJ2#d;ewKBd~5&da$J~GC=D9gg7)Q!mz5-IVb70_%*Y|iJlH1gz^v{s~ax0bJeWb zPrUvNaSZIO4vsvu_m6l_?u;cdh!rXB$82}< zf%U^^EJg5zU=4AwxUM!i=3Ht?E-V3LbuvC&KZ&^BsuJIHd_1sf)Hl_-5oB2vTi3>o z>ZnR=?)bd0deqB_h02>cwX-TUS{Gb?N#H?A`GzYevT4mbgA))6`aCF;Y0Q@ooGc zm#4%V{vQc8X!GxUiNEPfvoon}b(g;M>Ysz1eao0pG$r;e7Xp?2UHYqeEA2M<(M%66 zXwup@?c?BN``&u9EJ9)~hI;Xf3sHA62fbwLJbiXw=Gm8mPhLU-qvTq27ErR_*BFfD z1;6BPEPgg$O!qf4SFW+_nyAJv7IWwTAa5y01$1^Q#O;`|UgvV`Pk7<#0VLVVVe_hn zv%RHFtwN4}oM0wAMR2CN=(nd(lr~qixslO-VJ3%F?+?m|mUDNSlGDso5g;BMUhYa~ zr@{W*)kH|GW)M_OaGJTJvCpM5{I=_Jsgi2;jov6zTk8|3lPfsb-i+PrW`az1EOie| z>0T5P;JgWF`HmSxa?DZ_Xcf3GOOFvZP`SLSRM3qWP&2Eylj2rUjY!1IeJnrbw#9Y4 zAok65q#Dg_5z9SYzWoyDpZkvr`AB{UI{ubBHEAF70)zgM?O2(;`0Ez6ApR-zJP(r$ z{^A7jldcolqNgu|FOmb8wl3FZ#+K)-8e}HDKmTn{H)aA0KV!v%CWDYMz7QTPs^R(h9sNFqQdg1@2 zETJCrzhuGg&(ud`w8?0|syOOv+HnS(Ux`~mGj-^U?%W=V9}#r z5iVYlT&Tf%^`H3&P5;I>GiWa1J!@eCq+pCyP>0EeK@Ppn8e+4Ej@X=XfpaE$!HM44 zfPD5q8~=R;Qnw-;t{rT#t5f#Af1hFJ zxxrqh3Sz?^LI__?PFX$ca~BF>O{(3bvEWN>I!G41KvrfUf7K6j15Bv(ot&~$!kj^W zm@_QVrn{CkR~7`|9wlq$;h?dL!^2FK-5@}Tf)@RxqSN&=w=mPh^P{q85fXlS1LK7e zY3mQRpUM9r1KvIb=WY!>Uf9iA?B@6M_2JLkatB6hFu##c$i^3*4kUhuX=GG(PuCFf zl^57pYnNC{Kh85#ob>+o%l0b9XMa75P}o%_9;P!1cuu+cSxFO!>4zA4G*2PaOswJQ z=#H#I29m7cN$pw)Cfv8#vzu_Ah8=AaZvV#lW?l~aS;&|fNMEu4z1^8n&I~>Oua@tX zQK5V`uRSivR%RqT(q${%CzNeR!1?$=XzbwRJ8cjNbhB$WTTLjDM7j>O-4(`+oqQ)jtsrpTDbX{-dXb3dy&?`uX7B zng4ewl3{(YCfqF@w$Y#GYf$vKA0inYfi95B7jIcQel3Q6w_8<6vEP>t8p8iVzm!zI z4WR(>A3)Sg=6jvdyYD?eq9Bk1zj0Dn{)2_j=2?2OpaWT_b>NqPJ?c54XI{z_DR)kg z+i&a2dJ|cleMEtl>nM;cShufzu9a$DYoP1i_MI(Fv+*MdLW= zvu1zj6OznIzfRdxCwC@p(L?;(oW_Ao3;sea1i*VsD+}Mz$r%iGR69F^;uUYr$Kq>z zN_5}=mGVUmf6P1}^@RRRU%pZfx;qjf!t4O$UbD;K81xH(s+8~N&w@?(%F&22pwh+u z>vWt+p6+&KpL(^g!lDX3t(ShCBKZF zx$f7DwGcXKPmQmL*0%<7SQ{y%vuw`q->?WXx#E`wV_>{u+2eu%{bJ3#sC2s)dDoho zLc#9}^S>cl52R%DH8f9Ln{e+Z+1&X~ET#(T4$}rUw`HTdrjgVnJdU!|Abz_Gj{%0q z6Z@dsjQ?USc~)yQ_fDDp1$q1slb_GYV9x$4UwK6d_WuemIju4|U%Q2p6&IE=e6}{M zVf?09SmOQ;gbh_5__bp*e@+L3I=bvJ1V{9%?yZKjY|-#eMSrv@ zsJ}1u^Zv)Lg7=N>dF=n%i@34qL={g(oBt*#u<9B+jwyQks|NK(rKb#Wfb)F{a zsZKoNfBAQ2Q#AbG3b*Ug*i&Y8p(yUZBCZKlgtFd_7(6{I27lfy2GvzW6B11y{rw_G z)LyV>0$b8x3euo{v5+|6OV=^T--Ul8@X@^N0+V^t^*v7y#^x8C!B9&-jd0YdVK;Q7 zZ|9NyI1&HDS#I%UZ2C;IBC3ab#yGUcgYpqF^;hG%Htn$DK~wdqSm}Bw(Sv{Kqq&iE zJLZS&{&7%}(SLmZ0!Rrk0QECKj1u^UFW&{|AOLxt(Ih3)58%dN3@@OJ+g0Mlsyouv zd{ygbc5IhS$8?0r6t8H0L^7hqJRWevOi>xjsNgy|w#y5y=O^}?4(3I28V`+E z9IZl^_hW<2pY=6aaENjU(P-EpcDqW?CLjA7zn0Kx9GoopG1vuR z79*B3JN>;f{gO;3d(yw)$?uy0j?-t0w2{3uee6}L4Hm89@DTxuTXB*n!l%eqei?*t1mm$;msZ|x4-04AH%J^qIwQYy5x3AtEzp{=~N@(PM-Wj>- z`bvMq17@LJ6JBvKv3}V7e2(Fk*@lU7Tl2MLL6-!Y1D6I>7DymbnU%FSvd{MkRGsinY!KV z2NU)^&%aGYKMiDIPmQ&1q3&1890+a)ejdothZZ^^^4Zw!3XyC7)`zLm3lGXfXgN(* zV6+z4<tgOa~ zjt3i*&8hr^gd?JNX_HI~dBo!tPr8A60w0jV|M&01Dbl)`q^646JxxD-%?nlkc6~s{ z$sh%_56o(9!v3R=R_0Mo(iE9}prm)Dp3s9x?=cj>%XVO-;mGab0eJ8@P=)3SkbEhI|nZLpI&r^|vy@#-$V7CmF2@?_89=4IprpC4>ncsUL7ysWsy78y( zwtpSY{oGm-oX2-{=YiWtIuE3~(LfwNhKP3(>`y%T)euzrH@ya-oHa(b^V>asQq9Ac z2^Twp_gV%#A+!Rh5ZXtq>)o$W_OE{yW!o0Ox#EeZ?KK&FlwY&uMpE9eX^md-5EcX0 zUw-$eU-OB9^2qzfd|%)aY4g9lA~(!}7y|f~F^Y&K?ly{b{A4S*G(+!MSqAk|PpS76 z4SFAG@rr(cXE@G58bQE{E#lW%%F@kR3jb4^FgTXX8o^T^Jt`>IAaUlNQsGQb*M~%~ z0eNFd)Zb5sC!rFQzNG09zW23}8iZ!13U)k9Z0-&#^^#iD;$@l2r-F~-_i;~>i~Yc# zRFfI58l!i>I;65UsCCt(Jl+CfVFYIs<@zV@hwvjhH8#E5Mj{lRNN`#ENJS#$2DDyYn zBkV!Z&X-6Q#W3j=1T{qqxFc43IYYmGO3=rAq@T0fBg=0+M8~A13S2#lJPg8Av|e>{ zS=n69w2I~u`i^7i8I?$l`Pw`oLza;6$y@p|^!-)JJP6Awx^=pwzH5j|0F z$)Yp$vv1My`iVWfLY-I%*vm20z1*P}xStvNNsjR>@0fCzcfBGU>OI}WmczxL(d7%s zl!z|YPjcw+yO>U(vCkN~=#PAeJ^Z|vTd*4+;RY>Bwg-+aTOO8U>ky&6G=_G=ku@maoK2Vdl0n7Dasr@!kE)3G!B zfSo>iocX{kK5~D;onpNxE1qC4`9%`%r)1w3@*b}^PWmHu%~4E$K|D@KrlQL~lQ0OZ3ajdn2i<_SN<^TM_-4s@{U@QE z8g>4_Ag2Kr491&aOR44iUplkpx0&9>-Xg)qkZ35+ZM*fu`>vX|KMmzKg#Ju^e{V^?>HFAz2BdBpT>RVocsDzCGG*C6$h;B_;p+;DWaGX3X%8Nn_My1}0!cRi#m z5ecF94K|fvu-P0np!X3!{EzhhfMo{}X#2!kazAaXx=UGP_~Ut@WqPhttlZ_ts!L~L z(7#|!1F1T#NHrgd`66mh@LL2v6`k*gs7Iei{PP6)W2>BeVwk#glw$rbT!~)|JffQc z&`1&g$13rJQX%vt0pVXj=qbEv33aCNlUcql5Bz=*#=LkB-~h|ZFB3hDZL7F{U)z|c9PW%a!T*hIKuz>_tqaHKkn5Z_#giS*b@Mo zE>!Pvom|688O6;xylQ^zN`CrLuaf><6qJ8AjFIS(HY){NLqZ#zoOCF--(IgCKF?4r z`h&d&M{p*G{?1;5Blpi3^Ame@`w9GVhe2~*h%?ZM&VS?&1`QF-s>z0r^}W}cduteJ zlM(-i1!5!?7TMfy++(@V>z&*AM}iVJhfCb+O5E~!h$ynf{Zx>1=J&gI(9#qUuu7d-mP#MC!=DI3M2h?I-_0$)QS|(f2>jYXfU_*0T%1 zrERe(%w6vkuh97Yzu4ND)*`=u1nUMMIJ!@WXzF!;$`^i2(PNB3@iSGEI9)ml`c-@mMnD0i!gwm@u& z2>yz%3GH1Py_^L7lenTvX<@{0appSBR|qB1DQWjSm_7gK5K4v{)a$ud`<}oCW_