From 90fc8bfb449e00181bc1c2a9c0115ecbf34a5122 Mon Sep 17 00:00:00 2001 From: Mathias Moser <71728767+matbmoser@users.noreply.github.com> Date: Fri, 19 Jul 2024 20:27:01 +0200 Subject: [PATCH 01/38] chore: fixed dev chart configs policies --- charts/digital-product-pass/values.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/charts/digital-product-pass/values.yaml b/charts/digital-product-pass/values.yaml index 9bd9eb6e1..802d48f0d 100644 --- a/charts/digital-product-pass/values.yaml +++ b/charts/digital-product-pass/values.yaml @@ -206,15 +206,12 @@ backend: # -- list of allowed policies that can be selected from the edc catalog in negotiations policies: - permission: - - action: "USE" + - action: "odrl:use" logicalConstraint: "odrl:and" constraints: - leftOperand: "cx-policy:Membership" operator: "odrl:eq" rightOperand: "active" - - leftOperand: "cx-policy:FrameworkAgreement" - operator: "odrl:eq" - rightOperand: "CircularEconomy:1.0" - leftOperand: "cx-policy:UsagePurpose" operator: "odrl:eq" rightOperand: "cx.circular.dpp:1" @@ -246,7 +243,7 @@ backend: # -- list of allowed policies that can be selected from the edc catalog in negotiations policies: - permission: - - action: "USE" + - action: "odrl:use" logicalConstraint: "odrl:and" constraints: - leftOperand: "cx-policy:Membership" From b6da909f53b3d33a48f00ff72462e835d1758e9d Mon Sep 17 00:00:00 2001 From: Mathias Moser <71728767+matbmoser@users.noreply.github.com> Date: Fri, 19 Jul 2024 20:29:08 +0200 Subject: [PATCH 02/38] chore: fixed typo with certification registry --- dpp-verification/README.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/dpp-verification/README.md b/dpp-verification/README.md index d29bf50e2..82100d40b 100644 --- a/dpp-verification/README.md +++ b/dpp-verification/README.md @@ -184,9 +184,9 @@ This concept has been proved to be of high interest from the Certification and V - [CDC ID Short](#cdc-id-short) - [CDC Submodel Example](#cdc-submodel-example) - [Attribute Certification Record Submodel](#attribute-certification-record-submodel) - - [AMR Semantic ID Keys](#amr-semantic-id-keys) - - [AMR ID Short](#amr-id-short) - - [AMR Submodel Example](#amr-submodel-example) + - [ACR Semantic ID Keys](#amr-semantic-id-keys) + - [ACR ID Short](#amr-id-short) + - [ACR Submodel Example](#amr-submodel-example) - [Verification Implementation in the Digital Product Pass](#verification-implementation-in-the-digital-product-pass) - [Challenges](#challenges) - [Sequence Diagram](#sequence-diagram) @@ -528,7 +528,7 @@ Once that is done the data will be linked in a `digital twin`, so in this way by Once the EDC Push Notification is received by the `data auditor` the Digital Twin and the Digital Product Pass (JSON aspect model payload to be audited) will be retrieved using the `EDC Connector` and through the `EDC Data Plane proxy`. When the passport aspect is available the data auditor can certify the `specific attributes requested` from the product against the different Catena-X standards and regulations. The `data auditor` will create a new document (a certified snapshot credential) which contains the proof of compliance of the specific attributes audited in the passport using selective disclosure, there the data is not copied it is hashed, so it can be signed and stored in the wallet from the `data auditor` for tracking reasons. -The `CSC Document` (the certificate) will then be sent to the `data provider` using the EDC Push Notification functionality. When the data arrives in the data provider it will be then added to the `Attribute Certification Record (ACR)` or an `Attribute Certification Registry (AMReg) Application` both which contains all the attribute certifications for a specific aspect model payload submodel. It contains a list of credentials provided by one or more auditors for this aspect. It will be linked in the digital twin where the aspect is and if additional certification is required it will be triggered and the process repeats. +The `CSC Document` (the certificate) will then be sent to the `data provider` using the EDC Push Notification functionality. When the data arrives in the data provider it will be then added to the `Attribute Certification Record (ACR)` or an `Attribute Certification Registry (ACReg) Application` both which contains all the attribute certifications for a specific aspect model payload submodel. It contains a list of credentials provided by one or more auditors for this aspect. It will be linked in the digital twin where the aspect is and if additional certification is required it will be triggered and the process repeats. ![csc workflow](./resources/processes/csc-workflow.svg) @@ -586,7 +586,7 @@ In this Diagram we can see the complete attribute certification process and how Once the `CSC` is issued it will be transferred to the Data Provider Premises using the EDC Push Notification. This credential will be placed in a "Verifiable Presentation" aspect called `Attribute Verification Record` that contains the list of verifiable credentials, and it is issued by the Data Provider. -The **Data Consumer** once both aspects are retrieved will be able to verify the specific attributes by hashing the original "Digital Product Pass" and comparing the certified attribute hashes. Additionally, the `CSC` signature will be verified against the wallet from the Data Auditor and the overall signature in the `AMR` will be verified against the wallet of the data provider. +The **Data Consumer** once both aspects are retrieved will be able to verify the specific attributes by hashing the original "Digital Product Pass" and comparing the certified attribute hashes. Additionally, the `CSC` signature will be verified against the wallet from the Data Auditor and the overall signature in the `ACR` will be verified against the wallet of the data provider. If all signature are verified then the data consumer will know that the data certification is still valid and the attributes certified can be trusted! @@ -1582,14 +1582,14 @@ Here is an example of how the Certified Snapshot Credential looks like for a Dig ## Attribute Certification Record Schema -![AMR Schema](./resources/implementation/amr-document-credential.svg) +![ACR Schema](./resources/implementation/amr-document-credential.svg) -The attribute certification record (AMR) is a Verifiable Presentation (VP) file that contains all the certificates (Verifiable Credentials) in the format of Certified Snapshot Credentials. These credentials can be issued from different auditors for different attributes in an Aspect Model Payload. +The attribute certification record (ACR) is a Verifiable Presentation (VP) file that contains all the certificates (Verifiable Credentials) in the format of Certified Snapshot Credentials. These credentials can be issued from different auditors for different attributes in an Aspect Model Payload. -The only requirement is that this attributes belong to a specific submodel referenced in the digital twin. It **MUST** be referenced in the AMR file in the field `origin`, from which file and submodel are the Certified Snapshot Credentials from. +The only requirement is that this attributes belong to a specific submodel referenced in the digital twin. It **MUST** be referenced in the ACR file in the field `origin`, from which file and submodel are the Certified Snapshot Credentials from. > [!NOTE] -> The Attribute Certification Record (AMR) makes reference to a specific file that contains all the certificates. For enableling the storage, access and management of these credentials, and `Attribute Certification Record` can be generated dynamically using an `Attribute Certification Registry (AMReg) Application` which will then generate the Verifiable Presentation Records dynamically. +> The Attribute Certification Record (ACR) makes reference to a specific file that contains all the certificates. For enableling the storage, access and management of these credentials, and `Attribute Certification Record` can be generated dynamically using an `Attribute Certification Registry (ACReg) Application` which will then generate the Verifiable Presentation Records dynamically. ### ACR Credential Fields Definition @@ -1654,7 +1654,7 @@ The Certified Snapshot Credentials listed **MUST** be belonging and linked to th ### ACR Example
-🚀 Expand to see Attribute Certification Record (AMR) Example +🚀 Expand to see Attribute Certification Record (ACR) Example ```json { @@ -1931,9 +1931,9 @@ Therefore, every aspect model used **MUST** follow the idShort defined in the co The Attribute Certification Record submodel contains the reference to the verifiable presentation with the different attribute verification Certified Snapshot Credentials(CSC). -For the AMR submodel the following structure **MUST** be followed. +For the ACR submodel the following structure **MUST** be followed. -### AMR Semantic ID Keys +### ACR Semantic ID Keys | Type | Value | Description | | --- | -- | -- | @@ -1942,7 +1942,7 @@ For the AMR submodel the following structure **MUST** be followed. | `Submodel` | `urn:samm:io.catenax.generic.digital_product_passport:5.0.0#DigitalProductPassport` | The semanticId from the semantic model attributes certified in the CSC contained in the `verifiableCredential` field in the Verifiable Presentation. | | `Operation` | `https://w3c.github.io/vc-jws-2020/contexts/v1/` | The version and context of the signature type used in the credential | -### AMR ID Short +### ACR ID Short For easing the identification of the Attribute Verification the following structure of ID short was chosen to link the submodels inside a digital twin. @@ -1960,7 +1960,7 @@ Since every aspect model has a standardized idShort the following structure was By concatenating the "Verification" sufix the consumer applications are able to identify to each idShort in the digital twin submodel list. For every standardized aspect model, an idShort **MUST** be provided. This same idShort shall then be provided as a prefix. -### AMR Submodel Example +### ACR Submodel Example ```json { @@ -2352,8 +2352,8 @@ explanation of this Certification and Verification Concept. | TTL | Terse RDF Triple Language | | VC | Verifiable Credential | | VP | Verifiable Presentation | -| AMReg | Attribute Certification Registry | -| AMR | Attribute Certification Record | +| ACReg | Attribute Certification Registry | +| ACR | Attribute Certification Record | | W3C | World Wide Web Consortium | ## NOTICE From dfba27a73f4bd3746e186cc09adac53eb66ff2ea Mon Sep 17 00:00:00 2001 From: Mathias Moser <71728767+matbmoser@users.noreply.github.com> Date: Fri, 19 Jul 2024 20:42:11 +0200 Subject: [PATCH 03/38] chore: updated edc api version --- charts/digital-product-pass/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/digital-product-pass/values.yaml b/charts/digital-product-pass/values.yaml index 802d48f0d..43d92c438 100644 --- a/charts/digital-product-pass/values.yaml +++ b/charts/digital-product-pass/values.yaml @@ -142,7 +142,7 @@ backend: hostname: "" apis: readiness: "/api/check/readiness" - management: "/management/v2" + management: "/management/v3" catalog: "/catalog/request" negotiation: "/contractnegotiations" transfer: "/transferprocesses" From 567df75033a1e7a26ef5c63806ddb0aff6f45e11 Mon Sep 17 00:00:00 2001 From: Mathias Moser <71728767+matbmoser@users.noreply.github.com> Date: Mon, 22 Jul 2024 09:53:25 +0200 Subject: [PATCH 04/38] chore: extention of challanges --- dpp-verification/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dpp-verification/README.md b/dpp-verification/README.md index 82100d40b..45b66a48f 100644 --- a/dpp-verification/README.md +++ b/dpp-verification/README.md @@ -2038,7 +2038,7 @@ When implementing the Digital Product Pass Verification PoC the following challa | Challenge | Description | Solution | | --- | --- | --- | -| **First Implementation and Data Verification Concept in Catena-X** | +| **First Implementation and Data Verification Concept in Catena-X** | Since this was the first implementation of a verification concept in Catena-X there were many unclear points to be clarified with the community. Open points like, if there was already a solution available in Catena-X, what was the opinion of the core architecture team and if it would work using Catena-X Architecture | Broadcasted the message that this concept was being built for the Digital Product Pass and could be used for other products/data models. Conducted several meetings with different products and iniciatives that were interested in the concept. In [Previous Investigation](#previous-investigation] all the resumed findings are documented. The concept was also anounced in the Second Tractus-X Community Days, giving more audience to the topic. As author of this concept and implementation we could only visualize positive feedbacks from the Catena-X Community. | | **The Managed Identity Wallet Component is not Ready** | The MIW Wallet is not ready for signing Aspect Model Verifiable Credentials. And it is currently not decentraly available for each party to host. It is currently just hosted by the data space operator. It is designed to host the "member" credentials and enable the EDC communication with SSI. | Design and Implement a MVP Wallet. There was developed a [simple-wallet](./simple-wallet/) component for issuing and verifying the credentials, imitating the MIW functionality and methods. | | **There are no JSON-LD contexts for the standardized SAMM Models** | Currently there is no open-source component that transforms JSON Schemas into JSON-LD Contexts. This blocks the credentials to be included in the JSON-LD documents, because the attributes are not in context. | As a solution to this problem an **'adapter'** was developed in the wallet an [add-on that convert SAMM Models JSON Schemas into valid JSON-LD contexts](./simple-wallet/passport/sammSchemaParser.py). In this way any Aspect Model Payload can be referenced in a Verifiable Credential. By calling the `/context` API any JSON Schema can be converted. | From 6d0ff1a119b6fd38e4b1c8a1b6c7f7fd9d3a8eb5 Mon Sep 17 00:00:00 2001 From: Mathias Moser <71728767+matbmoser@users.noreply.github.com> Date: Mon, 22 Jul 2024 09:54:03 +0200 Subject: [PATCH 05/38] chore: fixed link typo --- dpp-verification/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dpp-verification/README.md b/dpp-verification/README.md index 45b66a48f..25e278514 100644 --- a/dpp-verification/README.md +++ b/dpp-verification/README.md @@ -2038,7 +2038,7 @@ When implementing the Digital Product Pass Verification PoC the following challa | Challenge | Description | Solution | | --- | --- | --- | -| **First Implementation and Data Verification Concept in Catena-X** | Since this was the first implementation of a verification concept in Catena-X there were many unclear points to be clarified with the community. Open points like, if there was already a solution available in Catena-X, what was the opinion of the core architecture team and if it would work using Catena-X Architecture | Broadcasted the message that this concept was being built for the Digital Product Pass and could be used for other products/data models. Conducted several meetings with different products and iniciatives that were interested in the concept. In [Previous Investigation](#previous-investigation] all the resumed findings are documented. The concept was also anounced in the Second Tractus-X Community Days, giving more audience to the topic. As author of this concept and implementation we could only visualize positive feedbacks from the Catena-X Community. | +| **First Implementation and Data Verification Concept in Catena-X** | Since this was the first implementation of a verification concept in Catena-X there were many unclear points to be clarified with the community. Open points like, if there was already a solution available in Catena-X, what was the opinion of the core architecture team and if it would work using Catena-X Architecture | Broadcasted the message that this concept was being built for the Digital Product Pass and could be used for other products/data models. Conducted several meetings with different products and iniciatives that were interested in the concept. In [Previous Investigation](#previous-investigation) all the resumed findings are documented. The concept was also anounced in the Second Tractus-X Community Days, giving more audience to the topic. As author of this concept and implementation we could only visualize positive feedbacks from the Catena-X Community. | | **The Managed Identity Wallet Component is not Ready** | The MIW Wallet is not ready for signing Aspect Model Verifiable Credentials. And it is currently not decentraly available for each party to host. It is currently just hosted by the data space operator. It is designed to host the "member" credentials and enable the EDC communication with SSI. | Design and Implement a MVP Wallet. There was developed a [simple-wallet](./simple-wallet/) component for issuing and verifying the credentials, imitating the MIW functionality and methods. | | **There are no JSON-LD contexts for the standardized SAMM Models** | Currently there is no open-source component that transforms JSON Schemas into JSON-LD Contexts. This blocks the credentials to be included in the JSON-LD documents, because the attributes are not in context. | As a solution to this problem an **'adapter'** was developed in the wallet an [add-on that convert SAMM Models JSON Schemas into valid JSON-LD contexts](./simple-wallet/passport/sammSchemaParser.py). In this way any Aspect Model Payload can be referenced in a Verifiable Credential. By calling the `/context` API any JSON Schema can be converted. | From 032c2e981c95079dac48992c81ba03d70e7303ff Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 10:18:50 +0200 Subject: [PATCH 06/38] fix: fixed issue with verification charts configuration --- .../templates/configmap-backend.yaml | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/charts/digital-product-pass/templates/configmap-backend.yaml b/charts/digital-product-pass/templates/configmap-backend.yaml index a12e5d848..1612cd5fe 100644 --- a/charts/digital-product-pass/templates/configmap-backend.yaml +++ b/charts/digital-product-pass/templates/configmap-backend.yaml @@ -157,23 +157,23 @@ data: strictMode: {{ .Values.backend.passport.policyCheck.strictMode }} policies: {{- toYaml .Values.backend.passport.policyCheck.policies | nindent 10 }} # -- digital product pass verification add-on configuration - verification: - enabled: {{ .Values.backend.verification.enabled }} - autoVerify: {{ .Values.backend.verification.autoVerify }} - wallet: - url: {{ .Values.backend.verification.wallet.url }} - endpoints: - health: {{ .Values.backend.verification.wallet.endpoints.health }} - verify: {{ .Values.backend.verification.wallet.endpoints.verify }} - certifiedDataCredential: - ## -- These keys are used in order to find if a subModel contains a verifiable credential, defined in the verification documentation - semanticIdKeys: - - key: "Entity" - value: "https://www.w3.org/ns/credentials/v2" - - key: "DataElement" - value: "urn:samm:io.catenax.dpp_verification.cdc:1.0.0#CertifiedDataCredential" - - key: "Operation" - value: "https://w3c.github.io/vc-jws-2020/contexts/v1/" + verification: + enabled: {{ .Values.backend.verification.enabled }} + autoVerify: {{ .Values.backend.verification.autoVerify }} + wallet: + url: {{ .Values.backend.verification.wallet.url }} + endpoints: + health: {{ .Values.backend.verification.wallet.endpoints.health }} + verify: {{ .Values.backend.verification.wallet.endpoints.verify }} + certifiedDataCredential: + ## -- These keys are used in order to find if a subModel contains a verifiable credential, defined in the verification documentation + semanticIdKeys: + - key: "Entity" + value: "https://www.w3.org/ns/credentials/v2" + - key: "DataElement" + value: "urn:samm:io.catenax.dpp_verification.cdc:1.0.0#CertifiedDataCredential" + - key: "Operation" + value: "https://w3c.github.io/vc-jws-2020/contexts/v1/" # -- configuration of the spring boot server server: # -- configuration of backend errors From 97f39a4409d97ec8f8d39e5395ed8621906be091 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 10:50:52 +0200 Subject: [PATCH 07/38] fix: removed assetid from transfer, so no error is raising --- .../negotiation/request/TransferRequest.java | 26 +++++-------------- .../java/managers/ProcessManagerTest.java | 1 - .../services/DataTransferServiceTest.java | 1 - 3 files changed, 6 insertions(+), 22 deletions(-) diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/models/negotiation/request/TransferRequest.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/models/negotiation/request/TransferRequest.java index c851d52a5..b334f2582 100644 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/models/negotiation/request/TransferRequest.java +++ b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/models/negotiation/request/TransferRequest.java @@ -44,8 +44,6 @@ public class TransferRequest extends DidDocument { /** ATTRIBUTES **/ - @JsonProperty("assetId") - String assetId; @JsonProperty("counterPartyAddress") String counterPartyAddress; @JsonProperty("contractId") @@ -66,9 +64,8 @@ public class TransferRequest extends DidDocument { public TransferRequest() { } - public TransferRequest(String id, String type, String assetId, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { + public TransferRequest(String id, String type, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { super(id, type); - this.assetId = assetId; this.counterPartyAddress = counterPartyAddress; this.contractId = contractId; this.dataDestination = dataDestination; @@ -78,8 +75,7 @@ public TransferRequest(String id, String type, String assetId, String counterPar this.callbackAddresses = callbackAddresses; } - public TransferRequest(String assetId, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { - this.assetId = assetId; + public TransferRequest(String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { this.counterPartyAddress = counterPartyAddress; this.contractId = contractId; this.dataDestination = dataDestination; @@ -89,9 +85,8 @@ public TransferRequest(String assetId, String counterPartyAddress, String contra this.callbackAddresses = callbackAddresses; } - public TransferRequest(String id, String type, JsonNode context, String assetId, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { + public TransferRequest(String id, String type, JsonNode context, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { super(id, type, context); - this.assetId = assetId; this.counterPartyAddress = counterPartyAddress; this.contractId = contractId; this.dataDestination = dataDestination; @@ -101,9 +96,8 @@ public TransferRequest(String id, String type, JsonNode context, String assetId, this.callbackAddresses = callbackAddresses; } - public TransferRequest(String type, String assetId, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { + public TransferRequest(String type, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { super(type); - this.assetId = assetId; this.counterPartyAddress = counterPartyAddress; this.contractId = contractId; this.dataDestination = dataDestination; @@ -113,9 +107,8 @@ public TransferRequest(String type, String assetId, String counterPartyAddress, this.callbackAddresses = callbackAddresses; } - public TransferRequest(JsonNode context, String assetId, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { + public TransferRequest(JsonNode context, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { super(context); - this.assetId = assetId; this.counterPartyAddress = counterPartyAddress; this.contractId = contractId; this.dataDestination = dataDestination; @@ -125,9 +118,8 @@ public TransferRequest(JsonNode context, String assetId, String counterPartyAddr this.callbackAddresses = callbackAddresses; } - public TransferRequest(JsonNode context, String type, String assetId, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { + public TransferRequest(JsonNode context, String type, String counterPartyAddress, String contractId, DataDestination dataDestination, Boolean managedResources, String protocol, String transferType, List callbackAddresses) { super(context, type); - this.assetId = assetId; this.counterPartyAddress = counterPartyAddress; this.contractId = contractId; this.dataDestination = dataDestination; @@ -139,12 +131,6 @@ public TransferRequest(JsonNode context, String type, String assetId, String cou /** GETTERS AND SETTERS **/ - public String getAssetId() { - return assetId; - } - public void setAssetId(String assetId) { - this.assetId = assetId; - } public String getCounterPartyAddress() { return counterPartyAddress; } diff --git a/dpp-backend/digitalproductpass/src/test/java/managers/ProcessManagerTest.java b/dpp-backend/digitalproductpass/src/test/java/managers/ProcessManagerTest.java index d8daadb9e..269b0fb78 100644 --- a/dpp-backend/digitalproductpass/src/test/java/managers/ProcessManagerTest.java +++ b/dpp-backend/digitalproductpass/src/test/java/managers/ProcessManagerTest.java @@ -571,7 +571,6 @@ void saveTransferRequestAndTransfer() { String connectorId = UUID.randomUUID().toString(); transferRequest.setProtocol("HTTP"); transferRequest.setContractId(contractId); - transferRequest.setAssetId(assetId); transferRequest.setCounterPartyAddress("connectorAddress"); String transferId = UUID.randomUUID().toString(); diff --git a/dpp-backend/digitalproductpass/src/test/java/services/DataTransferServiceTest.java b/dpp-backend/digitalproductpass/src/test/java/services/DataTransferServiceTest.java index b30d1261c..bb7ab2b77 100644 --- a/dpp-backend/digitalproductpass/src/test/java/services/DataTransferServiceTest.java +++ b/dpp-backend/digitalproductpass/src/test/java/services/DataTransferServiceTest.java @@ -325,7 +325,6 @@ void initiateTransferAndSeeTransfer() { List callbackAddresses = List.of(CallbackAddress.builder().transactional(false).uri("http://test.endpoint/4546").events(List.of("transfer.process")).build()); TransferRequest transferRequest = new TransferRequest( jsonUtil.toJsonNode(Map.of("odrl", "http://www.w3.org/ns/odrl/2/")), - dataSet.getAssetId(), status.getEndpoint(), negotiation.getContractAgreementId(), null, From 172cda6758fde0d90e5a1e14827605544abf3085 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:11:29 +0200 Subject: [PATCH 08/38] feat: updated edc provider url path --- .../edc-provider/values-int.yaml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 452600869..3094214c0 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -55,13 +55,13 @@ tractusx-connector: # -- port for incoming api calls port: 8080 # -- path for incoming api calls - path: /BPNL000000000000/api + path: /provider/api # -- data management api, used by internal users, can be added to an ingress and must not be internet facing management: # -- port for incoming api calls port: 8081 # -- path for incoming api calls - path: /BPNL000000000000/management + path: /provider/management # -- authentication key, must be attached to each 'X-Api-Key' request header authKey: # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not @@ -69,19 +69,19 @@ tractusx-connector: # -- port for incoming api calls port: 8083 # -- path for incoming api calls - path: /BPNL000000000000/control + path: /provider/control # -- ids api, used for inter connector communication and must be internet facing protocol: # -- port for incoming api calls port: 8084 # -- path for incoming api calls - path: /BPNL000000000000/api/v1/dsp + path: /provider/api/v1/dsp # -- metrics api, used for application metrics, must not be internet facing metrics: # -- port for incoming api calls port: 9090 # -- path for incoming api calls - path: /BPNL000000000000/metrics + path: /provider/metrics ## Ingress declaration to expose the network service. ingresses: @@ -111,20 +111,20 @@ tractusx-connector: endpoints: default: port: 8080 - path: /BPNL000000000000/api + path: /provider/api public: port: 8081 - path: /BPNL000000000000/api/public + path: /provider/api/public control: port: 8084 - path: /BPNL000000000000/api/dataplane/control + path: /provider/api/dataplane/control proxy: port: 8186 - path: /BPNL000000000000/proxy + path: /provider/proxy authKey: metrics: port: 9090 - path: /BPNL000000000000/metrics + path: /provider/metrics token: refresh: From 5c45c9a383fe62b0d949db7aa52e4e1ef546c010 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:16:12 +0200 Subject: [PATCH 09/38] feat: updated versions of paths --- .../edc-consumer/values-int.yaml | 50 +++++++++---------- .../edc-provider/values-int.yaml | 6 +-- 2 files changed, 28 insertions(+), 28 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 96782dfd6..a92e2e66f 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -36,7 +36,7 @@ tractusx-connector: enabled: true participant: - id: "" + id: "" iatp: # Decentralized IDentifier @@ -49,8 +49,8 @@ tractusx-connector: oauth: token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: - id: "" - secret_alias: "" + id: "" + secret_alias: "" controlplane: enabled: true @@ -68,7 +68,7 @@ tractusx-connector: # -- path for incoming api calls path: /consumer/management # -- authentication key, must be attached to each 'X-Api-Key' request header - authKey: + authKey: # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not control: # -- port for incoming api calls @@ -171,29 +171,29 @@ tractusx-connector: clusterIssuer: "" postgresql: - username: - password: + username: + password: vault: hashicorp: - url: - token: + url: + token: paths: - secret: + secret: health: /v1/sys/health postgresql: auth: - username: - password: + username: + password: item-relationship-service: enabled: false - bpn: + bpn: irsUrl: "https://dpp-irs.int.catena-x.net" - apiKeyAdmin: - apiKeyRegular: + apiKeyAdmin: + apiKeyRegular: ingress: enabled: true @@ -230,22 +230,22 @@ item-relationship-service: {{- tpl (.Values.bpdm.url | default "") . }}/api/catena/legal-entities/{partnerId}?idType={idType} {{- end }} - minioUser: - minioPassword: + minioUser: + minioPassword: minioUrl: "http://{{ .Release.Name }}-minio:9000" oauth2: clientTokenUri: https://centralidp.int.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token jwkSetUri: https://centralidp.int.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs discovery: - clientId: - clientSecret: + clientId: + clientSecret: semantics: - clientId: - clientSecret: + clientId: + clientSecret: bpdm: - clientId: - clientSecret: + clientId: + clientSecret: edc: catalog: @@ -267,10 +267,10 @@ item-relationship-service: data: https://dpp.int.catena-x.net/consumer/management apikey: header: "X-Api-Key" - secret: + secret: minio: serviceAccount: create: false - rootUser: - rootPassword: + rootUser: + rootPassword: diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 3094214c0..793a2866b 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -173,10 +173,10 @@ tractusx-connector: vault: fullnameOverride: "vault" hashicorp: - url: - token: + url: + token: paths: - secret: + secret: health: /v1/sys/health postgresql: From ce3563de8d02778e12fee1e78e6337e537b95064 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:26:59 +0200 Subject: [PATCH 10/38] fix: secret path --- .../edc-consumer/values-int.yaml | 52 +++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index a92e2e66f..952f4b401 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -36,7 +36,7 @@ tractusx-connector: enabled: true participant: - id: "" + id: "" iatp: # Decentralized IDentifier @@ -49,8 +49,8 @@ tractusx-connector: oauth: token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: - id: "" - secret_alias: "" + id: "" + secret_alias: "" controlplane: enabled: true @@ -68,7 +68,7 @@ tractusx-connector: # -- path for incoming api calls path: /consumer/management # -- authentication key, must be attached to each 'X-Api-Key' request header - authKey: + authKey: # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not control: # -- port for incoming api calls @@ -171,29 +171,29 @@ tractusx-connector: clusterIssuer: "" postgresql: - username: - password: + username: + password: vault: hashicorp: - url: - token: + url: + token: paths: - secret: + secret: health: /v1/sys/health postgresql: auth: - username: - password: + username: + password: item-relationship-service: enabled: false - bpn: + bpn: irsUrl: "https://dpp-irs.int.catena-x.net" - apiKeyAdmin: - apiKeyRegular: + apiKeyAdmin: + apiKeyRegular: ingress: enabled: true @@ -220,7 +220,7 @@ item-relationship-service: oAuthClientId: discovery # ID of the OAuth2 client registration to use, see config spring.security.oauth2.client discoveryFinderUrl: https://semantics.int.catena-x.net/discoveryfinder/api/v1.0/administration/connectors/discovery/search semanticshub: - url: https://semantics.int.catena-x.net/hub/api/v1/models + url: https://semantics.int.catena-x.net/hub/apimodels oAuthClientId: semantics bpdm: url: https://partners-pool.int.catena-x.net @@ -230,22 +230,22 @@ item-relationship-service: {{- tpl (.Values.bpdm.url | default "") . }}/api/catena/legal-entities/{partnerId}?idType={idType} {{- end }} - minioUser: - minioPassword: + minioUser: + minioPassword: minioUrl: "http://{{ .Release.Name }}-minio:9000" oauth2: clientTokenUri: https://centralidp.int.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token jwkSetUri: https://centralidp.int.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/certs discovery: - clientId: - clientSecret: + clientId: + clientSecret: semantics: - clientId: - clientSecret: + clientId: + clientSecret: bpdm: - clientId: - clientSecret: + clientId: + clientSecret: edc: catalog: @@ -267,10 +267,10 @@ item-relationship-service: data: https://dpp.int.catena-x.net/consumer/management apikey: header: "X-Api-Key" - secret: + secret: minio: serviceAccount: create: false - rootUser: - rootPassword: + rootUser: + rootPassword: From dd9842498f7dae2d4d5d3b63aa9cbb1be8862d93 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:43:12 +0200 Subject: [PATCH 11/38] feat: added auth to the path from the edc --- .../data-consumer/edc-consumer/values-int.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 952f4b401..bbd668715 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -171,8 +171,9 @@ tractusx-connector: clusterIssuer: "" postgresql: - username: - password: + auth: + username: + password: vault: hashicorp: From 3e53fce4662901f53528b1ce352741f9f9ed2a79 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 11:49:13 +0200 Subject: [PATCH 12/38] feat: updated provider url --- .../edc-provider/values-int.yaml | 5 +++-- .../data-provider/edc-provider/values.yaml | 20 +++++++++---------- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 793a2866b..2dc08e60a 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -167,8 +167,9 @@ tractusx-connector: clusterIssuer: "" postgresql: - username: - password: + auth: + username: + password: vault: fullnameOverride: "vault" diff --git a/deployment/infrastructure/data-provider/edc-provider/values.yaml b/deployment/infrastructure/data-provider/edc-provider/values.yaml index ab7630836..43b5fc97a 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values.yaml @@ -106,13 +106,13 @@ tractusx-connector: # -- port for incoming api calls port: 8080 # -- path for incoming api calls - path: /BPNL000000000000/api + path: /provider/api # -- data management api, used by internal users, can be added to an ingress and must not be internet facing management: # -- port for incoming api calls port: 8081 # -- path for incoming api calls - path: /BPNL000000000000/management + path: /provider/management # -- authentication key, must be attached to each 'X-Api-Key' request header authKey: "" # -- control api, used for internal control calls. can be added to the internal ingress, but should probably not @@ -120,19 +120,19 @@ tractusx-connector: # -- port for incoming api calls port: 8083 # -- path for incoming api calls - path: /BPNL000000000000/control + path: /provider/control # -- ids api, used for inter connector communication and must be internet facing protocol: # -- port for incoming api calls port: 8084 # -- path for incoming api calls - path: /BPNL000000000000/api/v1/dsp + path: /provider/api/v1/dsp # -- metrics api, used for application metrics, must not be internet facing metrics: # -- port for incoming api calls port: 9090 # -- path for incoming api calls - path: /BPNL000000000000/metrics + path: /provider/metrics bdrs: # time that a cached BPN/DID resolution map is valid in seconds, default is 10 min @@ -349,20 +349,20 @@ tractusx-connector: endpoints: default: port: 8080 - path: /BPNL000000000000/api + path: /provider/api public: port: 8081 - path: /BPNL000000000000/api/public + path: /provider/api/public control: port: 8084 - path: /BPNL000000000000/api/dataplane/control + path: /provider/api/dataplane/control proxy: port: 8186 - path: /BPNL000000000000/proxy + path: /provider/proxy authKey: "" metrics: port: 9090 - path: /BPNL000000000000/metrics + path: /provider/metrics token: refresh: From a5c4a930dce64eeadac44de2eae223587e5c1398 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 14:53:08 +0200 Subject: [PATCH 13/38] fix: fixed chart configurations for edc --- .../infrastructure/data-consumer/edc-consumer/values-int.yaml | 2 +- .../infrastructure/data-provider/edc-provider/values-int.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index bbd668715..084d4c041 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -50,7 +50,7 @@ tractusx-connector: token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" - secret_alias: "" + secret_alias: int-client-secret controlplane: enabled: true diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 2dc08e60a..6d719f800 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -45,7 +45,7 @@ tractusx-connector: token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" - secret_alias: "" + secret_alias: int-client-secret controlplane: enabled: true From c9d8b5ea6562a39ee9bf63040b7f7faf0a6445b3 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 15:08:12 +0200 Subject: [PATCH 14/38] fix: fixed chart configurations for edc --- .../infrastructure/data-consumer/edc-consumer/values-int.yaml | 4 ++-- .../infrastructure/data-provider/edc-provider/values-int.yaml | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index 084d4c041..ec8506d81 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -42,12 +42,12 @@ tractusx-connector: # Decentralized IDentifier id: "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL000000000FV1" trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) - - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" + - "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL00000003CRHK" sts: dim: url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" oauth: - token_url: "https://bpnl000000000FV1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" + token_url: "https://bpnl000000000fv1-dpp.authentication.eu10.hana.ondemand.com/oauth/token" client: id: "" secret_alias: int-client-secret diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 6d719f800..922862217 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -38,6 +38,7 @@ tractusx-connector: id: "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL000000000FV1" trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" + - sts: dim: url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" From 2b37eba5107ec3037cef518d77e3dcf381422c9e Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Mon, 22 Jul 2024 15:09:17 +0200 Subject: [PATCH 15/38] fix: fixed chart configurations for edc --- .../infrastructure/data-provider/edc-provider/values-int.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml index 922862217..b3ac19176 100644 --- a/deployment/infrastructure/data-provider/edc-provider/values-int.yaml +++ b/deployment/infrastructure/data-provider/edc-provider/values-int.yaml @@ -37,8 +37,7 @@ tractusx-connector: # Decentralized IDentifier id: "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL000000000FV1" trustedIssuers: # array [] that needs to be expand but likely like (sorry unconfirmed on how this is done, as I also would need to check) - - "did:web:dim-static-prod.dis-cloud-prod.cfapps.eu10-004.hana.ondemand.com:dim-hosted:2f45795c-d6cc-4038-96c9-63cedc0cd266:holder-iatp" - - + - "did:web:portal-backend.int.catena-x.net:api:administration:staticdata:did:BPNL00000003CRHK" sts: dim: url: "https://dis-integration-service-prod.eu10.dim.cloud.sap/api/v2.0.0/iatp/catena-x-portal" From 43be37e016883e63509b9dab172353b0b403ed61 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Tue, 23 Jul 2024 13:42:11 +0200 Subject: [PATCH 16/38] fix: solved problem related to edc 0.7.3 --- dpp-backend/digitalproductpass/pom.xml | 2 +- .../core/http/controllers/AppController.java | 2 +- .../src/main/java/utils/CatenaXUtil.java | 31 +++++- .../src/main/java/utils/HttpUtil.java | 16 +++ .../src/test/java/utils/CatenaXUtilTest.java | 98 +++++++++++++++++++ 5 files changed, 146 insertions(+), 3 deletions(-) create mode 100644 dpp-backend/digitalproductpass/src/test/java/utils/CatenaXUtilTest.java diff --git a/dpp-backend/digitalproductpass/pom.xml b/dpp-backend/digitalproductpass/pom.xml index 15c94c9cd..73ed44973 100644 --- a/dpp-backend/digitalproductpass/pom.xml +++ b/dpp-backend/digitalproductpass/pom.xml @@ -36,7 +36,7 @@ org.eclipse.tractusx digitalproductpass - 4.0.0 + 4.0.1 jar Catena-X Digital Product Passport Core + Verification Add-on diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/http/controllers/AppController.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/http/controllers/AppController.java index 6405d4e32..3780520b3 100644 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/http/controllers/AppController.java +++ b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/http/controllers/AppController.java @@ -229,7 +229,7 @@ public Response getDigitalTwin(@RequestBody Object body, @PathVariable String pr } try { - connectorAddress = CatenaXUtil.buildEndpoint(connectorAddress); + connectorAddress = CatenaXUtil.buildDspEndpoint(connectorAddress); } catch (Exception e) { return null; } diff --git a/dpp-backend/digitalproductpass/src/main/java/utils/CatenaXUtil.java b/dpp-backend/digitalproductpass/src/main/java/utils/CatenaXUtil.java index b6a9ddd18..bff2cda75 100644 --- a/dpp-backend/digitalproductpass/src/main/java/utils/CatenaXUtil.java +++ b/dpp-backend/digitalproductpass/src/main/java/utils/CatenaXUtil.java @@ -196,18 +196,47 @@ public static String buildManagementEndpoint(Environment env, String path) { throw new UtilException(CatenaXUtil.class, e, "[ERROR] Invalid edc endpoint or management endpoint"); } } + /** + * Builds a dsp endpoint, adding the /api/v1/dsp endpoint. + *

+ * @param endpoint + * the {@code String} partial endpoint. + * + * @return the built {@code String} endpoint by cleaning the given endpoint and adding the EDC data endpoint and BPN number (if applied). + * + * @throws UtilException + * if the given endpoint is an invalid one. + */ + public static String buildDspEndpoint(String endpoint) { + try { + if (CatenaXUtil.containsEdcEndpoint(endpoint)) { + return endpoint; + } + String cleanUrl = HttpUtil.cleanUrlWithPath(endpoint); + // Remove the trailing slash + if (endpoint.endsWith("/")) { + cleanUrl = endpoint.substring(0, endpoint.length() - 1); + } + //Contact the dsp endpoint + return cleanUrl + edcDataEndpoint; + } catch (Exception e) { + throw new UtilException(CatenaXUtil.class, e, "[ERROR] Invalid url [" + endpoint + "] given!"); + } + + } /** + * @deprecated Use {@code CatenaXUtil.buildEndpointSafe()} instead. This method provided the old logic of parsing dsp endpoints with BPNs * Builds the full Endpoint for a given partial endpoint. *

* @param endpoint * the {@code String} partial endpoint. * * @return the built {@code String} endpoint by cleaning the given endpoint and adding the EDC data endpoint and BPN number (if applied). - * * @throws UtilException * if the given endpoint is an invalid one. */ + @Deprecated public static String buildEndpoint(String endpoint) { try { if (CatenaXUtil.containsEdcEndpoint(endpoint)) { diff --git a/dpp-backend/digitalproductpass/src/main/java/utils/HttpUtil.java b/dpp-backend/digitalproductpass/src/main/java/utils/HttpUtil.java index b25c20f74..083f3aef5 100644 --- a/dpp-backend/digitalproductpass/src/main/java/utils/HttpUtil.java +++ b/dpp-backend/digitalproductpass/src/main/java/utils/HttpUtil.java @@ -456,6 +456,22 @@ public static String cleanUrl(String strUrl) throws MalformedURLException{ String authority = url.getAuthority(); return String.format("%s://%s", protocol, authority); } + /** + * Parses the given {@code String} URL into a String format with protocol and authority information with path + *

+ * @param strUrl + * the {@code String} URL. + * + * @return a {@code String} object with format result. + * + */ + public static String cleanUrlWithPath(String strUrl) throws MalformedURLException{ + URL url = new URL(strUrl); + String protocol = url.getProtocol(); + String authority = url.getAuthority(); + String path = url.getPath(); + return String.format("%s://%s%s", protocol, authority, path); + } /************************************************** diff --git a/dpp-backend/digitalproductpass/src/test/java/utils/CatenaXUtilTest.java b/dpp-backend/digitalproductpass/src/test/java/utils/CatenaXUtilTest.java new file mode 100644 index 000000000..28e5c4ca0 --- /dev/null +++ b/dpp-backend/digitalproductpass/src/test/java/utils/CatenaXUtilTest.java @@ -0,0 +1,98 @@ +/********************************************************************************* + * + * Tractus-X - Digital Product Pass Application + * + * Copyright (c) 2022, 2024 BMW AG + * Copyright (c) 2022, 2024 Henkel AG & Co. KGaA + * Copyright (c) 2023, 2024 CGI Deutschland B.V. & Co. KG + * Copyright (c) 2023, 2024 Contributors to the Eclipse Foundation + * + * + * See the NOTICE file(s) distributed with this work for additional + * information regarding copyright ownership. + * + * This program and the accompanying materials are made available under the + * terms of the Apache License, Version 2.0 which is available at + * https://www.apache.org/licenses/LICENSE-2.0. + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the + * License for the specific language govern in permissions and limitations + * under the License. + * + * SPDX-License-Identifier: Apache-2.0 + ********************************************************************************/ + +package utils; + +import org.junit.jupiter.api.Test; + +import static org.junit.jupiter.api.Assertions.*; + +class CatenaXUtilTest { + String edcUrlWithoutDsp = "https://edc-url.com/"; + String edcUrlWithoutDspBar = "https://edc-url.com"; + String edcUrlWithPathWithoutDsp = "https://edc-url.com/provider/"; + String edcUrlWithPathWithoutDspBar = "https://edc-url.com/provider"; + String edcUrlWithDsp = "https://edc-url.com"+CatenaXUtil.edcDataEndpoint; + String edcUrlWithPathDsp = "https://edc-url.com/provider"+CatenaXUtil.edcDataEndpoint; + String edcUrlWithBpnDsp = "https://edc-url.com/BPNL000000000000"+CatenaXUtil.edcDataEndpoint; + String edcUrlWithBpnWithoutDsp = "https://edc-url.com/BPNL000000000000"; + String edcUrlWithPort = "https://edc-url.com:8888/BPNL000000000000"; + String edcUrlWithBpnWithoutDspMorePath = "https://edc-url.com/BPNL000000000000/this/is/more/path"; + @Test + void buildEdcUrlWithoutDsp() { + String output = CatenaXUtil.buildDspEndpoint(edcUrlWithoutDsp); + LogUtil.printTest("[CatenaXUtil.buildEdcUrlWithoutDsp] Input: ["+edcUrlWithoutDsp+"] Output: ["+output+"]"); + assertEquals(edcUrlWithDsp, output); + } + @Test + void buildEdcUrlWithoutDspBar() { + String output = CatenaXUtil.buildDspEndpoint(edcUrlWithoutDspBar); + LogUtil.printTest("[CatenaXUtil.buildEdcUrlWithoutDspBar] Input: ["+edcUrlWithoutDspBar+"] Output: ["+output+"]"); + assertEquals(edcUrlWithDsp, output); + } + @Test + void buildEdcUrlWithPathWithoutDsp() { + String output = CatenaXUtil.buildDspEndpoint(edcUrlWithPathWithoutDsp); + LogUtil.printTest("[CatenaXUtil.buildEdcUrlWithPathWithoutDsp] Input: ["+edcUrlWithPathWithoutDsp+"] Output: ["+output+"]"); + assertEquals(edcUrlWithPathDsp, output); + } + + @Test + void buildEdcUrlWithPathWithoutDspBar() { + String output = CatenaXUtil.buildDspEndpoint(edcUrlWithPathWithoutDspBar); + LogUtil.printTest("[CatenaXUtil.buildEdcUrlWithPathWithoutDspBar] Input: ["+edcUrlWithPathWithoutDspBar+"] Output: ["+output+"]"); + assertEquals(edcUrlWithPathDsp, output); + } + @Test + void buildEdcUrlWithBpnDsp() { + String output = CatenaXUtil.buildDspEndpoint(edcUrlWithBpnDsp); + LogUtil.printTest("[CatenaXUtil.buildEdcUrlWithBpnDsp] Input: ["+edcUrlWithBpnDsp+"] Output: ["+output+"]"); + assertEquals(edcUrlWithBpnDsp, output); + } + + @Test + void buildEdcUrlWithBpnWithoutDsp() { + String output = CatenaXUtil.buildDspEndpoint(edcUrlWithBpnWithoutDsp); + LogUtil.printTest("[CatenaXUtil.buildEdcUrlWithBpnWithoutDsp] Input: ["+edcUrlWithBpnWithoutDsp+"] Output: ["+output+"]"); + assertEquals(edcUrlWithBpnDsp, output); + } + + @Test + void buildEdcUrlWithBpnWithoutDspMorePath() { + String output = CatenaXUtil.buildDspEndpoint(edcUrlWithBpnWithoutDspMorePath); + LogUtil.printTest("[CatenaXUtil.edcUrlWithBpnWithoutDspMorePath] Input: ["+edcUrlWithBpnWithoutDspMorePath+"] Output: ["+output+"]"); + assertEquals(edcUrlWithBpnWithoutDspMorePath+CatenaXUtil.edcDataEndpoint,output); + } + @Test + void buildEdcWithPort() { + String output = CatenaXUtil.buildDspEndpoint(edcUrlWithPort); + LogUtil.printTest("[CatenaXUtil.buildEdcWithPort] Input: ["+edcUrlWithPort+"] Output: ["+output+"]"); + assertEquals(edcUrlWithPort+CatenaXUtil.edcDataEndpoint, output); + } + + +} \ No newline at end of file From f318a68589d29e7a9e29a73e3b303f4d1b0da7df Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Tue, 23 Jul 2024 13:45:09 +0200 Subject: [PATCH 17/38] feat: fixed chart frontend ingress --- .../digital-product-pass/templates/ingress-frontend.yaml | 8 ++++---- charts/digital-product-pass/values.yaml | 3 ++- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/charts/digital-product-pass/templates/ingress-frontend.yaml b/charts/digital-product-pass/templates/ingress-frontend.yaml index ff09c9b6c..0a48d193a 100644 --- a/charts/digital-product-pass/templates/ingress-frontend.yaml +++ b/charts/digital-product-pass/templates/ingress-frontend.yaml @@ -50,10 +50,10 @@ metadata: namespace: {{ .Values.namespace }} labels: {{- include "chart.labels" . | nindent 4 }} - {{- with .Values.frontend.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} + {{- with .Values.frontend.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: {{- if and .Values.frontend.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} ingressClassName: {{ .Values.frontend.ingress.className }} diff --git a/charts/digital-product-pass/values.yaml b/charts/digital-product-pass/values.yaml index 43d92c438..4ffca6ce6 100644 --- a/charts/digital-product-pass/values.yaml +++ b/charts/digital-product-pass/values.yaml @@ -292,8 +292,9 @@ frontend: ingressClassName: nginx # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/ssl-passthrough: "false" + nginx.ingress.kubernetes.io/rewrite-target: /$2 nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/service-upstream: "true" hosts: [] # -- The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment From 08ab1954c59e09e1a41e260cbd044fe36c32b073 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Tue, 23 Jul 2024 14:00:44 +0200 Subject: [PATCH 18/38] chore(irs): updated irs dependency version to v7.4.0 in helm chart --- .../data-consumer/edc-consumer/Chart.yaml | 2 +- .../edc-consumer/values-int.yaml | 58 ++++++++++++++----- .../data-consumer/edc-consumer/values.yaml | 50 +++++++++++++--- 3 files changed, 88 insertions(+), 22 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml index 000ec88d7..8317cd12c 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/Chart.yaml @@ -47,5 +47,5 @@ dependencies: condition: postgresql.enabled - name: item-relationship-service repository: https://eclipse-tractusx.github.io/item-relationship-service - version: 7.1.3 + version: 7.4.0 condition: item-relationship-service.enabled diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index ec8506d81..f8824bcaf 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -189,7 +189,7 @@ postgresql: password: item-relationship-service: - enabled: false + enabled: true bpn: irsUrl: "https://dpp-irs.int.catena-x.net" @@ -250,19 +250,49 @@ item-relationship-service: edc: catalog: - acceptedPolicies: - - leftOperand: "cx-policy:FrameworkAgreement" - operator: "eq" - rightOperand: "CircularEconomy:1.0" - - leftOperand: "cx-policy:Membership" - operator: "eq" - rightOperand: "active" - - leftOperand: "cx-policy:UsagePurpose" - operator: "eq" - rightOperand: "cx.circular.dpp:1" - - leftOperand: "cx-policy:UsagePurpose" - operator: "eq" - rightOperand: "cx.core.digitalTwinRegistry:1" + acceptedPolicies: > + [{ + "policyId": "default-policy", + "createdOn": "2024-07-17T16:15:14.12345678Z", + "validUntil": "9999-01-01T00:00:00.00000000Z", + "permissions": [ + { + "action": "use", + "constraint": { + "and": [ + { + "leftOperand": "https://w3id.org/catenax/policy/FrameworkAgreement", + "operator": { + "@id": "eq" + }, + "rightOperand": "CircularEconomy:1.0" + }, + { + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "operator": { + "@id": "eq" + }, + "rightOperand": "cx.core.digitalTwinRegistry:1" + }, + { + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "operator": { + "@id": "eq" + }, + "rightOperand": "cx.circular.dpp:1" + }, + { + "leftOperand": "cx-policy:Membership", + "operator": { + "@id": "eq" + }, + "rightOperand": "active" + } + ] + } + } + ] + }] controlplane: endpoint: data: https://dpp.int.catena-x.net/consumer/management diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml index f801104e1..36aa65775 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values.yaml @@ -659,13 +659,49 @@ item-relationship-service: clientSecret: "" edc: catalog: - acceptedPolicies: - - leftOperand: "cx-policy:FrameworkAgreement" - operator: "eq" - rightOperand: "CircularEconomy:1.0" - - leftOperand: "cx-policy:Membership" - operator: "eq" - rightOperand: "active" + acceptedPolicies: > + [{ + "policyId": "default-policy", + "createdOn": "2024-07-17T16:15:14.12345678Z", + "validUntil": "9999-01-01T00:00:00.00000000Z", + "permissions": [ + { + "action": "use", + "constraint": { + "and": [ + { + "leftOperand": "https://w3id.org/catenax/policy/FrameworkAgreement", + "operator": { + "@id": "eq" + }, + "rightOperand": "CircularEconomy:1.0" + }, + { + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "operator": { + "@id": "eq" + }, + "rightOperand": "cx.core.digitalTwinRegistry:1" + }, + { + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "operator": { + "@id": "eq" + }, + "rightOperand": "cx.circular.dpp:1" + }, + { + "leftOperand": "cx-policy:Membership", + "operator": { + "@id": "eq" + }, + "rightOperand": "active" + } + ] + } + } + ] + }] controlplane: endpoint: data: "" From 53411b94e50a28adc88f24de4b4245ee319ed2d2 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Tue, 23 Jul 2024 15:45:41 +0200 Subject: [PATCH 19/38] chore: updated annotations from frontend! --- .../templates/ingress-frontend.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/charts/digital-product-pass/templates/ingress-frontend.yaml b/charts/digital-product-pass/templates/ingress-frontend.yaml index 0a48d193a..7af65b90d 100644 --- a/charts/digital-product-pass/templates/ingress-frontend.yaml +++ b/charts/digital-product-pass/templates/ingress-frontend.yaml @@ -35,15 +35,14 @@ {{- end }} {{- end }} -#{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -#apiVersion: networking.k8s.io/v1 -#{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -#apiVersion: networking.k8s.io/v1beta1 -#{{- else -}} -#apiVersion: extensions/v1beta1 -#{{- end }} - +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} + kind: Ingress metadata: name: {{ $fullName }} From 754fcec4747eba0a0c85bfa44eac5d704819f4cb Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Tue, 23 Jul 2024 15:47:30 +0200 Subject: [PATCH 20/38] chore: updated annotations from frontend! --- .../digital-product-pass/templates/ingress-frontend.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/digital-product-pass/templates/ingress-frontend.yaml b/charts/digital-product-pass/templates/ingress-frontend.yaml index 7af65b90d..2d816c79b 100644 --- a/charts/digital-product-pass/templates/ingress-frontend.yaml +++ b/charts/digital-product-pass/templates/ingress-frontend.yaml @@ -49,10 +49,10 @@ metadata: namespace: {{ .Values.namespace }} labels: {{- include "chart.labels" . | nindent 4 }} - {{- with .Values.frontend.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} + {{- with .Values.frontend.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: {{- if and .Values.frontend.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} ingressClassName: {{ .Values.frontend.ingress.className }} From 6a9917f5526c7a44cb368d1e9059ecada1f842f0 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 08:58:00 +0200 Subject: [PATCH 21/38] chore: updated secret paths for association int env vault --- charts/digital-product-pass/values-int.yaml | 34 ++++++++++----------- charts/digital-product-pass/values.yaml | 2 +- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/charts/digital-product-pass/values-int.yaml b/charts/digital-product-pass/values-int.yaml index a92573cf7..dfce506b0 100644 --- a/charts/digital-product-pass/values-int.yaml +++ b/charts/digital-product-pass/values-int.yaml @@ -36,7 +36,7 @@ backend: nginx.ingress.kubernetes.io/ssl-passthrough: "false" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" hosts: - - host: &hostname "dpp.int.demo.catena-x.net" + - host: &hostname "dpp.int.catena-x.net" paths: - path: / pathType: Prefix @@ -45,9 +45,9 @@ backend: hosts: - *hostname edc: - xApiKey: - participantId: &bpn - hostname: "materialpass.int.demo.catena-x.net/consumer" + xApiKey: + participantId: &bpn + hostname: "dpp.int.catena-x.net/consumer" hostname: *hostname @@ -57,14 +57,14 @@ backend: irs: enabled: true - hostname: "materialpass-irs.int.demo.catena-x.net" - apiKey: "" + hostname: "dpp-irs.int.catena-x.net" + apiKey: "" process: - encryptionKey: "" + encryptionKey: "" discovery: - hostname: "semantics.int.demo.catena-x.net/discoveryfinder" + hostname: "semantics.int.catena-x.net/discoveryfinder" singleApi: maxRetries: 30 @@ -72,7 +72,7 @@ backend: verification: wallet: - url: "https://dpp-consumer-wallet.int.demo.catena-x.net" + url: "https://dpp-consumer-wallet.int.catena-x.net" frontend: enabled: true @@ -86,7 +86,7 @@ frontend: # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/ssl-passthrough: "false" - nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.ingress.kubernetes.io/rewrite-target: "/$2" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" nginx.ingress.kubernetes.io/service-upstream: "true" hosts: @@ -106,16 +106,16 @@ frontend: adminEmail: "admin@example.com" portal: - hostname: "portal.int.demo.catena-x.net" + hostname: "portal.int.catena-x.net" oauth: - hostname: "centralidp.int.demo.catena-x.net" + hostname: "centralidp.int.catena-x.net" techUser: - clientId: - clientSecret: - realm: - appId: + clientId: + clientSecret: + realm: + appId: bpnCheck: enabled: true bpn: *bpn @@ -123,5 +123,5 @@ oauth: enabled: false apiKey: header: "X-Api-Key" - secret: + secret: diff --git a/charts/digital-product-pass/values.yaml b/charts/digital-product-pass/values.yaml index 4ffca6ce6..2305f612f 100644 --- a/charts/digital-product-pass/values.yaml +++ b/charts/digital-product-pass/values.yaml @@ -292,7 +292,7 @@ frontend: ingressClassName: nginx # kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.ingress.kubernetes.io/rewrite-target: "/$2" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" nginx.ingress.kubernetes.io/service-upstream: "true" hosts: [] From 3047749fd9f4adacf63101db4e1d0903ee77dd69 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Wed, 24 Jul 2024 09:08:24 +0200 Subject: [PATCH 22/38] chore(fix): fixed irs policies --- .../edc-consumer/values-int.yaml | 32 +++++++++++++------ 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index f8824bcaf..cc62d0f1e 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -252,7 +252,7 @@ item-relationship-service: catalog: acceptedPolicies: > [{ - "policyId": "default-policy", + "policyId": "dpp-policy-id", "createdOn": "2024-07-17T16:15:14.12345678Z", "validUntil": "9999-01-01T00:00:00.00000000Z", "permissions": [ @@ -261,32 +261,46 @@ item-relationship-service: "constraint": { "and": [ { - "leftOperand": "https://w3id.org/catenax/policy/FrameworkAgreement", + "leftOperand": "https://w3id.org/catenax/policy/Membership", "operator": { "@id": "eq" }, - "rightOperand": "CircularEconomy:1.0" + "rightOperand": "active" }, { "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", "operator": { "@id": "eq" }, - "rightOperand": "cx.core.digitalTwinRegistry:1" - }, + "rightOperand": "cx.circular.dpp:1" + } + ] + } + } + ] + }, + { + "policyId": "default-policy", + "createdOn": "2024-07-17T16:15:14.12345678Z", + "validUntil": "9999-01-01T00:00:00.00000000Z", + "permissions": [ + { + "action": "use", + "constraint": { + "and": [ { - "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", + "leftOperand": "https://w3id.org/catenax/policy/Membership", "operator": { "@id": "eq" }, - "rightOperand": "cx.circular.dpp:1" + "rightOperand": "active" }, { - "leftOperand": "cx-policy:Membership", + "leftOperand": "https://w3id.org/catenax/policy/UsagePurpose", "operator": { "@id": "eq" }, - "rightOperand": "active" + "rightOperand": "cx.core.digitalTwinRegistry:1" } ] } From 8ed815897cc9a20f24ec6518d81dabd93b810a90 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 13:33:28 +0200 Subject: [PATCH 23/38] chore: added compatibility matrix and fixed typos --- COMPATIBILITY_MATRIX.md | 69 +++++++++++++++++++ dpp-verification/README.md | 16 ++--- .../charts/simple-wallet/values.yaml | 2 +- .../1.0.0/attributeCertificationRecord.jsonld | 10 +-- .../1.0.0/AttributeCertificationRecord.ttl | 2 +- ...ertificationRecord-Example-Expanded.jsonld | 0 ...ttributeCertificationRecord-Example.jsonld | 0 .../AttributeCertificationRecord-sample.json | 0 .../AttributeCertificationRecord-schema.json | 0 9 files changed, 84 insertions(+), 15 deletions(-) create mode 100644 COMPATIBILITY_MATRIX.md rename dpp-verification/schemas/{amr => acr}/1.0.0/attributeCertificationRecord.jsonld (85%) rename dpp-verification/semantics/{io.catenax.dpp_verification.amr => io.catenax.dpp_verification.acr}/1.0.0/AttributeCertificationRecord.ttl (98%) rename dpp-verification/semantics/{io.catenax.dpp_verification.amr => io.catenax.dpp_verification.acr}/1.0.0/gen/AttributeCertificationRecord-Example-Expanded.jsonld (100%) rename dpp-verification/semantics/{io.catenax.dpp_verification.amr => io.catenax.dpp_verification.acr}/1.0.0/gen/AttributeCertificationRecord-Example.jsonld (100%) rename dpp-verification/semantics/{io.catenax.dpp_verification.amr => io.catenax.dpp_verification.acr}/1.0.0/gen/AttributeCertificationRecord-sample.json (100%) rename dpp-verification/semantics/{io.catenax.dpp_verification.amr => io.catenax.dpp_verification.acr}/1.0.0/gen/AttributeCertificationRecord-schema.json (100%) diff --git a/COMPATIBILITY_MATRIX.md b/COMPATIBILITY_MATRIX.md new file mode 100644 index 000000000..46763de4d --- /dev/null +++ b/COMPATIBILITY_MATRIX.md @@ -0,0 +1,69 @@ + + +# Digital Product Pass Compatibility Matrix + +# v4.0.0 - R24.08 + +## dpp-backend-v4.0.1 + +| Dependency | Version | Helm | Comments | +|------------------------------------------------------------------------------------------------------------------------------------------|------------------------------|-------|-----------------| +| [EDC](https://github.com/eclipse-tractusx/tractusx-edc) | 0.7.3 | [0.7.3](https://github.com/eclipse-tractusx/tractusx-edc/releases/tag/0.7.3) | Management API V3 | +| [Digital Twin Registry](https://github.com/eclipse-tractusx/sldt-digital-twin-registry) | 0.5.0 | [0.5.2](https://github.com/eclipse-tractusx/sldt-digital-twin-registry/releases/tag/digital-twin-registry-0.5.2) | | +| [Data Service](https://github.com/eclipse-tractusx/tractus-x-umbrella/tree/main/simple-data-backend) | 0.0.1 | [0.1.0](https://github.com/eclipse-tractusx/tractus-x-umbrella/blob/main/charts/simple-data-backend/Chart.yaml) | Available at TX Umbrella | +| [Item Relationship Service](https://github.com/eclipse-tractusx/item-relationship-service) | 5.4.0 | [7.4.0](https://github.com/eclipse-tractusx/item-relationship-service/releases/tag/item-relationship-service-7.4.0) | Component/Part Drill Down Add-on | +| [Simple Wallet](https://github.com/eclipse-tractusx/digital-product-pass/tree/main/dpp-verification/simple-wallet) | 1.0.0 | [1.0.0](https://github.com/eclipse-tractusx/digital-product-pass/blob/main/dpp-verification/charts/simple-wallet/Chart.yaml) | DPP Verification Add-on | +| [Certified Data Credential](https://github.com/eclipse-tractusx/digital-product-pass/tree/main/dpp-verification/semantics/io.catenax.dpp_verification.cdc/) | 1.0.0 | - | DPP Verification Add-on | + +Can retrieve any model version thought the EDC proxy. Semantic Ids **MUST** be specified in priority order at the chart values.yaml. + +## dpp-frontend-v4.0.1 + +The frontend can visualize the following models only: + +| Model | Version | SemanticId | Comments | +| -- | -- | -- | -- | +| [Digital Product Passport](https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.generic.digital_product_passport) | 5.0.0 | `urn:samm:io.catenax.generic.digital_product_passport:5.0.0#DigitalProductPassport` | | +| [Battery Pass](https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.battery.battery_pass) | 6.0.0 | `urn:samm:io.catenax.battery.battery_pass:6.0.0#BatteryPass` | | +| [Transmission Pass](https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.transmission.transmission_pass) | 3.0.0 | `urn:samm:io.catenax.transmission.transmission_pass:3.0.0#TransmissionPass` | | +| [Certified Data Credential](https://github.com/eclipse-tractusx/digital-product-pass/tree/main/dpp-verification/semantics/io.catenax.dpp_verification.cdc/) | 1.0.0 | `urn:samm:io.catenax.dpp_verification.cdc:1.0.0#CertifiedDataCredential`| DPP Verification Add-on | + +## dpp-verification/simple-wallet-v1.0.0 + +| Model | Version | SemanticId | Comments | +| -- | -- | -- | -- | +| [Verifiable Credentials](https://www.w3.org/TR/vc-data-model-2.0/) | 2.0.0 | https://www.w3.org/ns/credentials/v2 | W3C Data Model | +| [Certified Data Credential](https://github.com/eclipse-tractusx/digital-product-pass/tree/main/dpp-verification/semantics/io.catenax.dpp_verification.cdc/) | 1.0.0 | `urn:samm:io.catenax.dpp_verification.cdc:1.0.0#CertifiedDataCredential`| DPP Verification Add-on with Catena-X semantic Models | +| [JsonWebSignature2020 & JsonWebKey2020 Proofs](https://www.w3.org/TR/vc-jws-2020/) | 1.0.0 | https://w3c.github.io/vc-jws-2020/contexts/v1/ | DPP Verification Signature & Keys types, used by Gaia-X | + +## NOTICE + +This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). + +- SPDX-License-Identifier: CC-BY-4.0 +- SPDX-FileCopyrightText: 2022, 2024 BMW AG +- SPDX-FileCopyrightText: 2022, 2024 Henkel AG & Co. KGaA +- SPDX-FileCopyrightText: 2023, 2024 CGI Deutschland B.V. & Co. KG +- SPDX-FileCopyrightText: 2023, 2024 Contributors to the Eclipse Foundation +- Source URL: https://github.com/eclipse-tractusx/digital-product-pass diff --git a/dpp-verification/README.md b/dpp-verification/README.md index 25e278514..721436b8d 100644 --- a/dpp-verification/README.md +++ b/dpp-verification/README.md @@ -184,9 +184,9 @@ This concept has been proved to be of high interest from the Certification and V - [CDC ID Short](#cdc-id-short) - [CDC Submodel Example](#cdc-submodel-example) - [Attribute Certification Record Submodel](#attribute-certification-record-submodel) - - [ACR Semantic ID Keys](#amr-semantic-id-keys) - - [ACR ID Short](#amr-id-short) - - [ACR Submodel Example](#amr-submodel-example) + - [ACR Semantic ID Keys](#acr-semantic-id-keys) + - [ACR ID Short](#acr-id-short) + - [ACR Submodel Example](#acr-submodel-example) - [Verification Implementation in the Digital Product Pass](#verification-implementation-in-the-digital-product-pass) - [Challenges](#challenges) - [Sequence Diagram](#sequence-diagram) @@ -652,7 +652,7 @@ Additionally, if more specific contexts want to be defined, the following contex - W3C Data Integrity Context: https://w3id.org/security/data-integrity/v2 -For every credential [`Certified Data Credential`](#cdc-json-ld-context-schema), [`Certified Snapshot Credential`](#csc-json-ld-context-schema), [`Attribute Certification Record`](#amr-json-ld-context-schema) the individual JSON-LD context schema specification **MUST** be also added to the `@context` list. +For every credential [`Certified Data Credential`](#cdc-json-ld-context-schema), [`Certified Snapshot Credential`](#csc-json-ld-context-schema), [`Attribute Certification Record`](#acr-json-ld-context-schema) the individual JSON-LD context schema specification **MUST** be also added to the `@context` list. ### Cryptography Signatures & Keys in Self-Descriptions @@ -1582,7 +1582,7 @@ Here is an example of how the Certified Snapshot Credential looks like for a Dig ## Attribute Certification Record Schema -![ACR Schema](./resources/implementation/amr-document-credential.svg) +![ACR Schema](./resources/implementation/acr-document-credential.svg) The attribute certification record (ACR) is a Verifiable Presentation (VP) file that contains all the certificates (Verifiable Credentials) in the format of Certified Snapshot Credentials. These credentials can be issued from different auditors for different attributes in an Aspect Model Payload. @@ -1662,7 +1662,7 @@ The Certified Snapshot Credentials listed **MUST** be belonging and linked to th "https://www.w3.org/ns/credentials/v2", "https://w3c.github.io/vc-jws-2020/contexts/v1/", "https://w3id.org/security/data-integrity/v2", - "https://raw.githubusercontent.com/eclipse-tractusx/digital-product-pass/main/dpp-verification/schemas/amr/1.0.0/attributeCertificationRecord.jsonld" + "https://raw.githubusercontent.com/eclipse-tractusx/digital-product-pass/main/dpp-verification/schemas/acr/1.0.0/attributeCertificationRecord.jsonld" ], "type": [ "VerifiablePresentation", @@ -1938,7 +1938,7 @@ For the ACR submodel the following structure **MUST** be followed. | Type | Value | Description | | --- | -- | -- | | `Entity` | `https://www.w3.org/ns/credentials/v2` | Verifiable Credential Version | -| `DataElement` | `urn:samm:io.catenax.dpp_verification.amr:1.0.0#AttributeCertificationRecord` | Attribute Certification Record Version | +| `DataElement` | `urn:samm:io.catenax.dpp_verification.acr:1.0.0#AttributeCertificationRecord` | Attribute Certification Record Version | | `Submodel` | `urn:samm:io.catenax.generic.digital_product_passport:5.0.0#DigitalProductPassport` | The semanticId from the semantic model attributes certified in the CSC contained in the `verifiableCredential` field in the Verifiable Presentation. | | `Operation` | `https://w3c.github.io/vc-jws-2020/contexts/v1/` | The version and context of the signature type used in the credential | @@ -1997,7 +1997,7 @@ By concatenating the "Verification" sufix the consumer applications are able to }, { "type": "DataElement", - "value": "urn:samm:io.catenax.dpp_verification.amr:1.0.0#AttributeCertificationRecord" + "value": "urn:samm:io.catenax.dpp_verification.acr:1.0.0#AttributeCertificationRecord" }, { "type": "Submodel", diff --git a/dpp-verification/charts/simple-wallet/values.yaml b/dpp-verification/charts/simple-wallet/values.yaml index 6297beeea..579b0dcde 100644 --- a/dpp-verification/charts/simple-wallet/values.yaml +++ b/dpp-verification/charts/simple-wallet/values.yaml @@ -83,7 +83,7 @@ ingress: nginx.ingress.kubernetes.io/ssl-passthrough: "false" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" hosts: - - host: &hostname "dpp-wallet.int.demo.catena-x.net" + - host: &hostname "dpp-wallet.int.catena-x.net" paths: - path: / pathType: Prefix diff --git a/dpp-verification/schemas/amr/1.0.0/attributeCertificationRecord.jsonld b/dpp-verification/schemas/acr/1.0.0/attributeCertificationRecord.jsonld similarity index 85% rename from dpp-verification/schemas/amr/1.0.0/attributeCertificationRecord.jsonld rename to dpp-verification/schemas/acr/1.0.0/attributeCertificationRecord.jsonld index ab9608dfc..641d48da7 100644 --- a/dpp-verification/schemas/amr/1.0.0/attributeCertificationRecord.jsonld +++ b/dpp-verification/schemas/acr/1.0.0/attributeCertificationRecord.jsonld @@ -14,25 +14,25 @@ "@context": { "@definition": "The DID Reference, link to the verifiable credential, or link to specific submodel in the dataModel" }, - "@id": "amr:id", + "@id": "acr:id", "@type": "schema:string" }, "semanticId": { "@context": { "@definition": "The property which contains the semantic id string of the credential subject. It contains the complete identification of which aspect model version its contained. The key can be used to find the model information in the expanded JSON-LD." }, - "@id": "amr:semanticId", + "@id": "acr:semanticId", "@type": "schema:string" }, "type": "@type" }, - "@id": "amr:submodel" + "@id": "acr:submodel" }, "type": "@type" }, - "@id": "amr:AttributeCertificationRecord" + "@id": "acr:AttributeCertificationRecord" }, - "amr": "urn:samm:io.catenax.dpp_verification.amr:1.0.0#", + "acr": "urn:samm:io.catenax.dpp_verification.acr:1.0.0#", "schema": "https://schema.org/" } } \ No newline at end of file diff --git a/dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/AttributeCertificationRecord.ttl b/dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/AttributeCertificationRecord.ttl similarity index 98% rename from dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/AttributeCertificationRecord.ttl rename to dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/AttributeCertificationRecord.ttl index 479f13628..1387b446b 100644 --- a/dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/AttributeCertificationRecord.ttl +++ b/dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/AttributeCertificationRecord.ttl @@ -23,7 +23,7 @@ @prefix rdf: . @prefix rdfs: . @prefix xsd: . -@prefix : . +@prefix : . :AttributeCertificationRecord a samm:Aspect ; samm:preferredName "AttributeCertificationRecord"@en ; diff --git a/dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/gen/AttributeCertificationRecord-Example-Expanded.jsonld b/dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/gen/AttributeCertificationRecord-Example-Expanded.jsonld similarity index 100% rename from dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/gen/AttributeCertificationRecord-Example-Expanded.jsonld rename to dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/gen/AttributeCertificationRecord-Example-Expanded.jsonld diff --git a/dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/gen/AttributeCertificationRecord-Example.jsonld b/dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/gen/AttributeCertificationRecord-Example.jsonld similarity index 100% rename from dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/gen/AttributeCertificationRecord-Example.jsonld rename to dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/gen/AttributeCertificationRecord-Example.jsonld diff --git a/dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/gen/AttributeCertificationRecord-sample.json b/dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/gen/AttributeCertificationRecord-sample.json similarity index 100% rename from dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/gen/AttributeCertificationRecord-sample.json rename to dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/gen/AttributeCertificationRecord-sample.json diff --git a/dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/gen/AttributeCertificationRecord-schema.json b/dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/gen/AttributeCertificationRecord-schema.json similarity index 100% rename from dpp-verification/semantics/io.catenax.dpp_verification.amr/1.0.0/gen/AttributeCertificationRecord-schema.json rename to dpp-verification/semantics/io.catenax.dpp_verification.acr/1.0.0/gen/AttributeCertificationRecord-schema.json From 14fe1854403c186f9fec74a405dc1e395b96fa48 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 13:40:48 +0200 Subject: [PATCH 24/38] chore: added compatibility matrix and fixed typos --- COMPATIBILITY_MATRIX.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/COMPATIBILITY_MATRIX.md b/COMPATIBILITY_MATRIX.md index 46763de4d..f304ab1d5 100644 --- a/COMPATIBILITY_MATRIX.md +++ b/COMPATIBILITY_MATRIX.md @@ -36,7 +36,9 @@ SPDX-License-Identifier: CC-BY-4.0 | [Simple Wallet](https://github.com/eclipse-tractusx/digital-product-pass/tree/main/dpp-verification/simple-wallet) | 1.0.0 | [1.0.0](https://github.com/eclipse-tractusx/digital-product-pass/blob/main/dpp-verification/charts/simple-wallet/Chart.yaml) | DPP Verification Add-on | | [Certified Data Credential](https://github.com/eclipse-tractusx/digital-product-pass/tree/main/dpp-verification/semantics/io.catenax.dpp_verification.cdc/) | 1.0.0 | - | DPP Verification Add-on | -Can retrieve any model version thought the EDC proxy. Semantic Ids **MUST** be specified in priority order at the chart values.yaml. +The `dpp-backend` component can retrieve any model version thought the EDC proxy, however semantic Ids **MUST** be specified in priority order at the chart values.yaml. + +The models can be embedded in a `CertifiedDataCredential` as described in the [`dpp-verification` add-on](./dpp-verification/), but the search process is still performed by the "aspect model" payload semanticId. ## dpp-frontend-v4.0.1 From e1c2170cd16762832a9a4e86a81707a5184ab309 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 14:21:24 +0200 Subject: [PATCH 25/38] chore: added compatibility matrix and fixed typos --- COMPATIBILITY_MATRIX.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/COMPATIBILITY_MATRIX.md b/COMPATIBILITY_MATRIX.md index f304ab1d5..7ef83a91a 100644 --- a/COMPATIBILITY_MATRIX.md +++ b/COMPATIBILITY_MATRIX.md @@ -23,7 +23,7 @@ SPDX-License-Identifier: CC-BY-4.0 # Digital Product Pass Compatibility Matrix -# v4.0.0 - R24.08 +# v4.0.1 - R24.08 ## dpp-backend-v4.0.1 From 60bbaa69e258590ddc43cc5e0f774da8ec0d1b34 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 14:41:19 +0200 Subject: [PATCH 26/38] chore: prepared release v4.0.1 --- CHANGELOG.md | 29 +++++++++++++++++++++++++- README.md | 8 +++---- charts/digital-product-pass/Chart.yaml | 4 ++-- dpp-frontend/package-lock.json | 4 ++-- dpp-frontend/package.json | 2 +- dpp-verification/README.md | 4 ++-- 6 files changed, 39 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e4c2e952e..0a0d49ada 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -25,9 +25,36 @@ SPDX-License-Identifier: CC-BY-4.0 The changelog format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - ## [Unreleased] +## [released] +## [v4.0.1] - 24-07-2024 + +### Added + +- Added unit tests for the dsp endpoint parsing functionality +- Added digital product pass compatibility matrix file to the repo root path + +### Updated + +- Updated typos and missing explanations in the dpp-verification documentation. +- Fixed typo in `AttributeCertificationRecord` which short name was `amr`, it was a typo and was corrected to `acr`. +- Aligned charts for dpp-verification add-on configuration in the configmap -> [#390](https://github.com/eclipse-tractusx/digital-product-pass/issues/390) +- @Deprecated old function to parse dsp endpoint with bpns. +- Updated default INT urls to the Association INT environement url path. + +### Deleted + +- AssetId field removed from `transfer-request` model. Deprecated by the EDC v0.7.3 V3 Management Api -> [#390](https://github.com/eclipse-tractusx/digital-product-pass/issues/390) + +### Issues Fixed + +- Fixed issue with dsp endpoint parsing/building from Digital Twin submodelBody field. -> [#390](https://github.com/eclipse-tractusx/digital-product-pass/issues/390) +- Fixed policy chart misconfiguration for the passport and digital twin registry -> [#390](https://github.com/eclipse-tractusx/digital-product-pass/issues/390) + + + + ## [released] ## [v4.0.0] - 19-07-2024 diff --git a/README.md b/README.md index 0c75f7fa5..94de2fffa 100644 --- a/README.md +++ b/README.md @@ -35,15 +35,15 @@ SPDX-License-Identifier: CC-BY-4.0 ## Description -The digital product passport application provides a consumer user interface to request a battery passport from a battery manufacturer using the standardized components and technologies in a Catena-X network. The passport will be displayed in a human-readable from any browser. The data exchange standards given by Catena-X are used to provide the battery passport to different personas (roles) in the network. +The digital product passport application provides a consumer user interface to request a battery passport from a battery manufacturer using the standardized components and technologies in a Catena-X network. The passport will be displayed in a human-readable from any browser. The data exchange standards given by Catena-X are used to provide the battery passport to different personas (roles) in the network. -In particular, the application is used to access the battery passport data provided by battery manufacturer. By scanning QR-code or knowing the manufacturer and battery-ID, a user can request the passport through **Eclipse Dataspace Connectors (EDCs)** over the Catena-X network. The passport provider will provide data attributes that is only visible to a permitted signed-in user. +In particular, the application is used to access the battery passport data provided by battery manufacturer. By scanning QR-code or knowing the manufacturer and battery-ID, a user can request the passport through **Eclipse Dataspace Connectors (EDCs)** over the Catena-X network. The passport provider will provide data attributes that is only visible to a permitted signed-in user. ### Software Version #### Helm Chart Version -

4.0.0
+
4.0.1
#### Application Version -
v4.0.0
+
v4.0.1
## Application Preview diff --git a/charts/digital-product-pass/Chart.yaml b/charts/digital-product-pass/Chart.yaml index 488f0af3d..681a1fca2 100644 --- a/charts/digital-product-pass/Chart.yaml +++ b/charts/digital-product-pass/Chart.yaml @@ -43,10 +43,10 @@ type: application # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 4.0.0 +version: 4.0.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "4.0.0" +appVersion: "4.0.1" diff --git a/dpp-frontend/package-lock.json b/dpp-frontend/package-lock.json index 465026d37..7e8e05f06 100644 --- a/dpp-frontend/package-lock.json +++ b/dpp-frontend/package-lock.json @@ -1,12 +1,12 @@ { "name": "digital-product-pass-frontend", - "version": "4.0.0", + "version": "4.0.1", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "digital-product-pass-frontend", - "version": "4.0.0", + "version": "4.0.1", "dependencies": { "@mdi/font": "5.9.55", "@popperjs/core": "^2.11.2", diff --git a/dpp-frontend/package.json b/dpp-frontend/package.json index 21c624e02..cf5be42db 100644 --- a/dpp-frontend/package.json +++ b/dpp-frontend/package.json @@ -1,6 +1,6 @@ { "name": "digital-product-pass-frontend", - "version": "4.0.0", + "version": "4.0.1", "private": true, "scripts": { "serve": "vite --host localhost", diff --git a/dpp-verification/README.md b/dpp-verification/README.md index 721436b8d..0edf68635 100644 --- a/dpp-verification/README.md +++ b/dpp-verification/README.md @@ -24,7 +24,7 @@ SPDX-License-Identifier: CC-BY-4.0
DPP Verificaion Logo

- Version: v2.0 + Version: v2.1 STATUS: RELEASED

A Catena-X Data Certification/Verification Framework

Digital Product Pass Verification Add-on

@@ -36,7 +36,7 @@ SPDX-License-Identifier: CC-BY-4.0 | | Date | Authors & Reviewers | | -------------------- | ----------------- | ----------------------------------------------------- | | **Created** | December 29, 2023 | [Mathias Brunkow Moser](https://github.com/matbmoser) | -| **Lastest Revision** | July 19, 2024 | [Mathias Brunkow Moser](https://github.com/matbmoser) | +| **Lastest Revision** | July 24, 2024 | [Mathias Brunkow Moser](https://github.com/matbmoser) | ## Authors From 2ac60a1e5924cfb57477aa070b9443ccdfbc9aa9 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 16:02:42 +0200 Subject: [PATCH 27/38] chore: updated values-int --- charts/digital-product-pass/values-int.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/digital-product-pass/values-int.yaml b/charts/digital-product-pass/values-int.yaml index dfce506b0..5801bfcd5 100644 --- a/charts/digital-product-pass/values-int.yaml +++ b/charts/digital-product-pass/values-int.yaml @@ -73,6 +73,7 @@ backend: verification: wallet: url: "https://dpp-consumer-wallet.int.catena-x.net" + apiKey: "" frontend: enabled: true From da7c19b836eb0644c580fa303946bce071e96a84 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 16:27:04 +0200 Subject: [PATCH 28/38] chore: updated values-int --- charts/digital-product-pass/values-int.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/digital-product-pass/values-int.yaml b/charts/digital-product-pass/values-int.yaml index 5801bfcd5..dd6944d74 100644 --- a/charts/digital-product-pass/values-int.yaml +++ b/charts/digital-product-pass/values-int.yaml @@ -41,7 +41,7 @@ backend: - path: / pathType: Prefix tls: - - secretName: tls-secret + - secretName: tls-secret-digital-product-pass-backend hosts: - *hostname edc: @@ -96,7 +96,7 @@ frontend: - path: /passport(/|$)(.*) pathType: Prefix tls: - - secretName: tls-secret + - secretName: tls-secret-digital-product-pass-frontend hosts: - dpp.int.demo.catena-x.net From b13c627831634042be873c235b18fcbd41dff0a4 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 16:28:23 +0200 Subject: [PATCH 29/38] chore: updated values-int --- charts/digital-product-pass/values-int.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/digital-product-pass/values-int.yaml b/charts/digital-product-pass/values-int.yaml index dd6944d74..fb1d27de0 100644 --- a/charts/digital-product-pass/values-int.yaml +++ b/charts/digital-product-pass/values-int.yaml @@ -91,14 +91,14 @@ frontend: nginx.ingress.kubernetes.io/backend-protocol: "HTTP" nginx.ingress.kubernetes.io/service-upstream: "true" hosts: - - host: dpp.int.demo.catena-x.net + - host: dpp.int.catena-x.net paths: - path: /passport(/|$)(.*) pathType: Prefix tls: - secretName: tls-secret-digital-product-pass-frontend hosts: - - dpp.int.demo.catena-x.net + - dpp.int.catena-x.net backend: hostname: *hostname From fdb99fd9914df10a6d2fe1bd057e800ab81c6a9c Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 16:39:16 +0200 Subject: [PATCH 30/38] chore: updated interoperability guide --- .../interoperability/InteroperabilityGuide.md | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/docs/interoperability/InteroperabilityGuide.md b/docs/interoperability/InteroperabilityGuide.md index f8a7df4a3..f4b98fa23 100644 --- a/docs/interoperability/InteroperabilityGuide.md +++ b/docs/interoperability/InteroperabilityGuide.md @@ -65,7 +65,7 @@ BMW, CGI and Henkel have jointly decided to initiate and drive the topic of data ![Architecture Functional Cut](./media/graphArchitectureFunctionalCut.svg) -## Business Semantic Alignment +## Business Semantic Alignment The business semantic alignment is limited to the business domain sustainability/circular economy. The main goal of this app is to visualize the digital product pass and in the first step the battery pass and transmission pass. The data models for the battery pass, digital product pass and transmission pass were made by the digital product pass team and are standardized in Catena-X. @@ -75,22 +75,31 @@ Which standardization candidates are you intending to use in your scenario, whic The Digital Product Passport App is using the following standardization candidates: -* Battery Passport (For Release 24.05 version 5.0.0 of the Battery Pass is used) → https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.battery.battery_pass/5.0.0 -* Digital Product Passport (For Release 24.05 version 4.0.0 of the DPP is used) → https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.generic.digital_product_passport/4.0.0 -* Gearbox/Transmission Passport (For Release 24.05 version 1.0.0 of the Transmission Pass is used) ->https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.transmission.transmission_pass/1.0.0 +* Battery Passport (For Release 24.08 version 6.0.0 of the Battery Pass is used) → https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.battery.battery_pass/6.0.0 +* Digital Product Passport (For Release 24.08 version 5.0.0 of the DPP is used) → https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.generic.digital_product_passport/5.0.0 +* Gearbox/Transmission Passport (For Release 24.08 version 3.0.0 of the Transmission Pass is used) ->https://github.com/eclipse-tractusx/sldt-semantic-models/tree/main/io.catenax.transmission.transmission_pass/3.0.0 The following candidates are not yet implemented: * Sealant Passport, Tire Passport * E-Drive -The digital product pass is using the [EDC v0.7.0](https://github.com/eclipse-tractusx/tractusx-edc/releases/tag/0.7.0) and enables the [data sovereignty policy configurations](https://github.com/eclipse-tractusx/digital-product-pass/blob/main/docs/data-sovereignty/PolicyConfigGuide.md) +The digital product pass is using the [EDC v0.7.0](https://github.com/eclipse-tractusx/tractusx-edc/releases/tag/0.7.0) and enables the [data sovereignty policy configurations](https://github.com/eclipse-tractusx/digital-product-pass/blob/main/docs/data-sovereignty/PolicyConfigGuide.md) +## Data Verification Add-on + +The Digital Product Pass App as a consumer shall be able to verify the data received from the EDC. +For that the [`dpp-verification` add-on](../../dpp-verification/) was defined. + +The implementation technical integration design from the add-on in R24.08 is documented in [this chapter](../../dpp-verification/README.md#verification-implementation-in-the-digital-product-pass) from the dpp-verification add-on. ## Technical Integration Design The technical integration design can be found in the [arc42 documentation](../architecture/Arc42.md) +## Compatibility Matrix + +More compatibility requirements can be found in the [compatibility-matrix](../../COMPATIBILITY_MATRIX.md). ## NOTICE From c365923b4e0bd308113d653eb3497975a661e2e0 Mon Sep 17 00:00:00 2001 From: Muhammad Saud Khan Date: Wed, 24 Jul 2024 16:51:59 +0200 Subject: [PATCH 31/38] chore(irs): added certificate to the ingress annotation --- .../infrastructure/data-consumer/edc-consumer/values-int.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml index cc62d0f1e..12422f4cf 100644 --- a/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml +++ b/deployment/infrastructure/data-consumer/edc-consumer/values-int.yaml @@ -200,6 +200,7 @@ item-relationship-service: enabled: true annotations: ingressClassName: nginx + cert-manager.io/cluster-issuer: letsencrypt-prod nginx.ingress.kubernetes.io/backend-protocol: HTTP nginx.ingress.kubernetes.io/force-ssl-redirect: 'true' nginx.ingress.kubernetes.io/ssl-passthrough: 'false' From 7012a6ea6ce05283c7c44e22d6365ede761f2477 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 18:16:32 +0200 Subject: [PATCH 32/38] feat: updated dash license to latest version --- CHANGELOG.md | 3 +-- dpp-backend/digitalproductpass/pom.xml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0a0d49ada..337293616 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -42,6 +42,7 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/e - Aligned charts for dpp-verification add-on configuration in the configmap -> [#390](https://github.com/eclipse-tractusx/digital-product-pass/issues/390) - @Deprecated old function to parse dsp endpoint with bpns. - Updated default INT urls to the Association INT environement url path. +- Managed integration of latest IRS version chart: 7.4.0 and tested compatibility ### Deleted @@ -53,8 +54,6 @@ The changelog format is based on [Keep a Changelog](https://keepachangelog.com/e - Fixed policy chart misconfiguration for the passport and digital twin registry -> [#390](https://github.com/eclipse-tractusx/digital-product-pass/issues/390) - - ## [released] ## [v4.0.0] - 19-07-2024 diff --git a/dpp-backend/digitalproductpass/pom.xml b/dpp-backend/digitalproductpass/pom.xml index 73ed44973..4fedb7055 100644 --- a/dpp-backend/digitalproductpass/pom.xml +++ b/dpp-backend/digitalproductpass/pom.xml @@ -244,7 +244,7 @@ org.eclipse.dash license-tool-plugin - 0.0.1-SNAPSHOT + 1.1.1-SNAPSHOT license-check From 0853e76b96548374410389f554ad2443c7c8cd68 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 18:24:12 +0200 Subject: [PATCH 33/38] fix: fixed typos in yaml files --- charts/digital-product-pass/templates/deployment-frontend.yaml | 2 +- charts/digital-product-pass/templates/service-frontend.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/digital-product-pass/templates/deployment-frontend.yaml b/charts/digital-product-pass/templates/deployment-frontend.yaml index 2d4c2543a..a7b84d473 100644 --- a/charts/digital-product-pass/templates/deployment-frontend.yaml +++ b/charts/digital-product-pass/templates/deployment-frontend.yaml @@ -25,7 +25,7 @@ --- -{{- if .Values.frontend.enabled -}} +{{- if .Values.frontend.enabled }} apiVersion: apps/v1 kind: Deployment diff --git a/charts/digital-product-pass/templates/service-frontend.yaml b/charts/digital-product-pass/templates/service-frontend.yaml index 962fce03c..c6fefc19a 100644 --- a/charts/digital-product-pass/templates/service-frontend.yaml +++ b/charts/digital-product-pass/templates/service-frontend.yaml @@ -25,7 +25,7 @@ --- -{{- if .Values.frontend.enabled -}} +{{- if .Values.frontend.enabled }} apiVersion: v1 kind: Service From 9a6637ac562ef15f81059736eb5c6223a5dddda0 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 18:27:37 +0200 Subject: [PATCH 34/38] feat: updated helm docs --- charts/digital-product-pass/README.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/digital-product-pass/README.md b/charts/digital-product-pass/README.md index ce13a50d0..37ad98918 100644 --- a/charts/digital-product-pass/README.md +++ b/charts/digital-product-pass/README.md @@ -1,6 +1,6 @@ # digital-product-pass -![Version: 4.0.0](https://img.shields.io/badge/Version-4.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.0.0](https://img.shields.io/badge/AppVersion-4.0.0-informational?style=flat-square) +![Version: 4.0.1](https://img.shields.io/badge/Version-4.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.0.1](https://img.shields.io/badge/AppVersion-4.0.1-informational?style=flat-square) A Helm chart for Tractus-X Digital Product Pass Kubernetes @@ -23,17 +23,17 @@ helm install digital-product-pass tractusx/digital-product-pass ## Source Code -* ## Values | Key | Type | Default | Description | |-----|------|---------|-------------| | affinity | object | `{}` | | -| backend | object | `{"digitalTwinRegistry":{"endpoints":{"digitalTwin":"/shell-descriptors","search":"/lookup/shells","subModel":"/submodel-descriptors"},"policyCheck":{"enabled":true,"policies":[{"obligation":[],"permission":[{"action":"USE","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.core.digitalTwinRegistry:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}],"strictMode":false},"temporaryStorage":{"enabled":true,"lifetime":12},"timeouts":{"digitalTwin":40,"negotiation":60,"search":50,"transfer":20}},"discovery":{"bpnDiscovery":{"key":"manufacturerPartId","path":"/api/v1.0/administration/connectors/bpnDiscovery/search"},"edcDiscovery":{"key":"bpn"},"hostname":""},"edc":{"apis":{"catalog":"/catalog/request","management":"/management/v2","negotiation":"/contractnegotiations","readiness":"/api/check/readiness","transfer":"/transferprocesses"},"authorizationKey":"X-Api-Key","delay":100,"hostname":"","participantId":"","xApiKey":""},"hostname":"","image":{"pullPolicy":"IfNotPresent","repository":"docker.io/tractusx/digital-product-pass-backend"},"imagePullSecrets":[],"ingress":{"annotations":{"ingressClassName":"nginx","nginx.ingress.kubernetes.io/backend-protocol":"HTTP","nginx.ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/ssl-passthrough":"false"},"enabled":false,"hosts":[{"host":"","paths":[{"path":"/","pathType":"Prefix"}]}]},"irs":{"apiKey":"","enabled":false,"hostname":""},"logging":{"level":{"root":"INFO","utils":"INFO"}},"maxRetries":5,"name":"dpp-backend","passport":{"aspects":["urn:samm:io.catenax.battery.battery_pass:6.0.0#BatteryPass","urn:samm:io.catenax.transmission.transmission_pass:3.0.0#TransmissionPass","urn:samm:io.catenax.generic.digital_product_passport:5.0.0#DigitalProductPassport"],"policyCheck":{"enabled":true,"policies":[{"obligation":[],"permission":[{"action":"USE","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:FrameworkAgreement","operator":"odrl:eq","rightOperand":"CircularEconomy:1.0"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.circular.dpp:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}],"strictMode":false}},"podSecurityContext":{"fsGroup":10001,"runAsGroup":10001,"runAsUser":10000,"seccompProfile":{"type":"RuntimeDefault"}},"process":{"encryptionKey":""},"securityCheck":{"bpn":false,"edc":false},"securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"add":[],"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10000},"serverPort":8888,"service":{"port":8888,"type":"ClusterIP"},"singleApi":{"delay":1000,"maxRetries":30},"verification":{"autoVerify":true,"enabled":true,"wallet":{"apiKey":"","endpoints":{"health":"/health","verify":"/verify"},"url":"https://"}},"volumeMounts":[{"mountPath":"/app/config","name":"backend-config"},{"mountPath":"/app/data/process","name":"pvc-backend","subPath":"data/process"},{"mountPath":"/app/log","name":"tmpfs","subPath":"log"},{"mountPath":"/tmp","name":"tmpfs"},{"mountPath":"/app/data/VaultConfig","name":"tmpfs","subPath":"VaultConfig/vault.token.yml"},{"mountPath":"/app/tmp","name":"tmpfs"}],"volumes":[{"configMap":{"name":"{{ .Release.Name }}-backend-config"},"name":"backend-config"},{"name":"pvc-backend","persistentVolumeClaim":{"claimName":"{{ .Release.Name }}-pvc-data"}},{"emptyDir":{},"name":"tmpfs"}]}` | Backend configuration | -| backend.digitalTwinRegistry.policyCheck | object | `{"enabled":true,"policies":[{"obligation":[],"permission":[{"action":"USE","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.core.digitalTwinRegistry:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}],"strictMode":false}` | policy configuration for the digital twin assets in the edc catalog | +| backend | object | `{"digitalTwinRegistry":{"endpoints":{"digitalTwin":"/shell-descriptors","search":"/lookup/shells","subModel":"/submodel-descriptors"},"policyCheck":{"enabled":true,"policies":[{"obligation":[],"permission":[{"action":"odrl:use","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.core.digitalTwinRegistry:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}],"strictMode":false},"temporaryStorage":{"enabled":true,"lifetime":12},"timeouts":{"digitalTwin":40,"negotiation":60,"search":50,"transfer":20}},"discovery":{"bpnDiscovery":{"key":"manufacturerPartId","path":"/api/v1.0/administration/connectors/bpnDiscovery/search"},"edcDiscovery":{"key":"bpn"},"hostname":""},"edc":{"apis":{"catalog":"/catalog/request","management":"/management/v3","negotiation":"/contractnegotiations","readiness":"/api/check/readiness","transfer":"/transferprocesses"},"authorizationKey":"X-Api-Key","delay":100,"hostname":"","participantId":"","xApiKey":""},"hostname":"","image":{"pullPolicy":"IfNotPresent","repository":"docker.io/tractusx/digital-product-pass-backend"},"imagePullSecrets":[],"ingress":{"annotations":{"ingressClassName":"nginx","nginx.ingress.kubernetes.io/backend-protocol":"HTTP","nginx.ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/ssl-passthrough":"false"},"enabled":false,"hosts":[{"host":"","paths":[{"path":"/","pathType":"Prefix"}]}]},"irs":{"apiKey":"","enabled":false,"hostname":""},"logging":{"level":{"root":"INFO","utils":"INFO"}},"maxRetries":5,"name":"dpp-backend","passport":{"aspects":["urn:samm:io.catenax.battery.battery_pass:6.0.0#BatteryPass","urn:samm:io.catenax.transmission.transmission_pass:3.0.0#TransmissionPass","urn:samm:io.catenax.generic.digital_product_passport:5.0.0#DigitalProductPassport"],"policyCheck":{"enabled":true,"policies":[{"obligation":[],"permission":[{"action":"odrl:use","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.circular.dpp:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}],"strictMode":false}},"podSecurityContext":{"fsGroup":10001,"runAsGroup":10001,"runAsUser":10000,"seccompProfile":{"type":"RuntimeDefault"}},"process":{"encryptionKey":""},"securityCheck":{"bpn":false,"edc":false},"securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"add":[],"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":10001,"runAsNonRoot":true,"runAsUser":10000},"serverPort":8888,"service":{"port":8888,"type":"ClusterIP"},"singleApi":{"delay":1000,"maxRetries":30},"verification":{"autoVerify":true,"enabled":true,"wallet":{"apiKey":"","endpoints":{"health":"/health","verify":"/verify"},"url":"https://"}},"volumeMounts":[{"mountPath":"/app/config","name":"backend-config"},{"mountPath":"/app/data/process","name":"pvc-backend","subPath":"data/process"},{"mountPath":"/app/log","name":"tmpfs","subPath":"log"},{"mountPath":"/tmp","name":"tmpfs"},{"mountPath":"/app/data/VaultConfig","name":"tmpfs","subPath":"VaultConfig/vault.token.yml"},{"mountPath":"/app/tmp","name":"tmpfs"}],"volumes":[{"configMap":{"name":"{{ .Release.Name }}-backend-config"},"name":"backend-config"},{"name":"pvc-backend","persistentVolumeClaim":{"claimName":"{{ .Release.Name }}-pvc-data"}},{"emptyDir":{},"name":"tmpfs"}]}` | Backend configuration | +| backend.digitalTwinRegistry.policyCheck | object | `{"enabled":true,"policies":[{"obligation":[],"permission":[{"action":"odrl:use","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.core.digitalTwinRegistry:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}],"strictMode":false}` | policy configuration for the digital twin assets in the edc catalog | | backend.digitalTwinRegistry.policyCheck.enabled | bool | `true` | condition to enable and disable the policy check | -| backend.digitalTwinRegistry.policyCheck.policies | list | `[{"obligation":[],"permission":[{"action":"USE","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.core.digitalTwinRegistry:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}]` | list of allowed policies that can be selected from the edc catalog in negotiations | +| backend.digitalTwinRegistry.policyCheck.policies | list | `[{"obligation":[],"permission":[{"action":"odrl:use","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.core.digitalTwinRegistry:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}]` | list of allowed policies that can be selected from the edc catalog in negotiations | | backend.digitalTwinRegistry.policyCheck.strictMode | bool | `false` | the strict mode is quicker (uses hashes) and requires less computation complexity, the default mode is comparing against every single object value | | backend.digitalTwinRegistry.temporaryStorage | object | `{"enabled":true,"lifetime":12}` | temporary storage of dDTRs for optimization | | backend.digitalTwinRegistry.temporaryStorage.lifetime | int | `12` | lifetime of the temporaryStorage in hours | @@ -42,7 +42,7 @@ helm install digital-product-pass tractusx/digital-product-pass | backend.discovery.bpnDiscovery | object | `{"key":"manufacturerPartId","path":"/api/v1.0/administration/connectors/bpnDiscovery/search"}` | bpn discovery configuration | | backend.discovery.edcDiscovery | object | `{"key":"bpn"}` | edc discovery configuration | | backend.discovery.hostname | string | `""` | discovery finder configuration | -| backend.edc | object | `{"apis":{"catalog":"/catalog/request","management":"/management/v2","negotiation":"/contractnegotiations","readiness":"/api/check/readiness","transfer":"/transferprocesses"},"authorizationKey":"X-Api-Key","delay":100,"hostname":"","participantId":"","xApiKey":""}` | in this section we configure the values that are inserted as secrets in the backend | +| backend.edc | object | `{"apis":{"catalog":"/catalog/request","management":"/management/v3","negotiation":"/contractnegotiations","readiness":"/api/check/readiness","transfer":"/transferprocesses"},"authorizationKey":"X-Api-Key","delay":100,"hostname":"","participantId":"","xApiKey":""}` | in this section we configure the values that are inserted as secrets in the backend | | backend.edc.delay | int | `100` | Negotiation status Delay in milliseconds in between async requests [<= 500] | | backend.edc.hostname | string | `""` | edc consumer connection configuration | | backend.edc.participantId | string | `""` | BPN Number | @@ -55,9 +55,9 @@ helm install digital-product-pass tractusx/digital-product-pass | backend.logging.level.root | string | `"INFO"` | general logging level | | backend.logging.level.utils | string | `"INFO"` | logging for the util components | | backend.maxRetries | int | `5` | max retries for the backend services | -| backend.passport.policyCheck | object | `{"enabled":true,"policies":[{"obligation":[],"permission":[{"action":"USE","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:FrameworkAgreement","operator":"odrl:eq","rightOperand":"CircularEconomy:1.0"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.circular.dpp:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}],"strictMode":false}` | configuration for policies to filter in the digital product pass asset negotiation | +| backend.passport.policyCheck | object | `{"enabled":true,"policies":[{"obligation":[],"permission":[{"action":"odrl:use","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.circular.dpp:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}],"strictMode":false}` | configuration for policies to filter in the digital product pass asset negotiation | | backend.passport.policyCheck.enabled | bool | `true` | condition to enable and disable the policy check | -| backend.passport.policyCheck.policies | list | `[{"obligation":[],"permission":[{"action":"USE","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:FrameworkAgreement","operator":"odrl:eq","rightOperand":"CircularEconomy:1.0"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.circular.dpp:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}]` | list of allowed policies that can be selected from the edc catalog in negotiations | +| backend.passport.policyCheck.policies | list | `[{"obligation":[],"permission":[{"action":"odrl:use","constraints":[{"leftOperand":"cx-policy:Membership","operator":"odrl:eq","rightOperand":"active"},{"leftOperand":"cx-policy:UsagePurpose","operator":"odrl:eq","rightOperand":"cx.circular.dpp:1"}],"logicalConstraint":"odrl:and"}],"prohibition":[]}]` | list of allowed policies that can be selected from the edc catalog in negotiations | | backend.passport.policyCheck.strictMode | bool | `false` | the strict mode is quicker (uses hashes) and requires less computation complexity, the default mode is comparing against every single object value | | backend.podSecurityContext | object | `{"fsGroup":10001,"runAsGroup":10001,"runAsUser":10000,"seccompProfile":{"type":"RuntimeDefault"}}` | The [pod security context](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) defines privilege and access control settings for a Pod within the deployment | | backend.podSecurityContext.fsGroup | int | `10001` | The owner for volumes and any files created within volumes will belong to this guid | @@ -97,7 +97,7 @@ helm install digital-product-pass tractusx/digital-product-pass | frontend.image.pullPolicy | string | `"IfNotPresent"` | | | frontend.image.repository | string | `"docker.io/tractusx/digital-product-pass-frontend"` | | | frontend.imagePullSecrets | list | `[]` | Existing image pull secret to use to [obtain the container image from private registries](https://kubernetes.io/docs/concepts/containers/images/#using-a-private-registry) | -| frontend.ingress | object | `{"annotations":{"ingressClassName":"nginx","nginx.ingress.kubernetes.io/backend-protocol":"HTTP","nginx.ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/ssl-passthrough":"false"},"enabled":false,"hosts":[]}` | ingress declaration to expose the dpp-frontend service | +| frontend.ingress | object | `{"annotations":{"ingressClassName":"nginx","nginx.ingress.kubernetes.io/backend-protocol":"HTTP","nginx.ingress.kubernetes.io/force-ssl-redirect":"true","nginx.ingress.kubernetes.io/rewrite-target":"/$2","nginx.ingress.kubernetes.io/service-upstream":"true"},"enabled":false,"hosts":[]}` | ingress declaration to expose the dpp-frontend service | | frontend.ingress.annotations.ingressClassName | string | `"nginx"` | ingress class name | | frontend.irs | object | `{"maxWaitingTime":30,"requestDelay":30000}` | irs api timeouts | | frontend.irs.maxWaitingTime | int | `30` | maximum waiting time to get the irs job status | From 485db41d55212ac188c013ff5fd278591753af37 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 18:46:44 +0200 Subject: [PATCH 35/38] chore(dpp-verification): updated image paths and removed typos --- README.md | 6 ++++-- dpp-verification/README.md | 3 --- .../implementation/amr-document-credential.svg | 4 ---- .../amr-document-credential.svg.license | 13 ------------- .../resources/processes/amr-credential-resume.svg | 4 ---- .../processes/amr-credential-resume.svg.license | 13 ------------- .../processes/amr-document-credential-resume.svg | 4 ---- .../amr-document-credential-resume.svg.license | 13 ------------- 8 files changed, 4 insertions(+), 56 deletions(-) delete mode 100644 dpp-verification/resources/implementation/amr-document-credential.svg delete mode 100644 dpp-verification/resources/implementation/amr-document-credential.svg.license delete mode 100644 dpp-verification/resources/processes/amr-credential-resume.svg delete mode 100644 dpp-verification/resources/processes/amr-credential-resume.svg.license delete mode 100644 dpp-verification/resources/processes/amr-document-credential-resume.svg delete mode 100644 dpp-verification/resources/processes/amr-document-credential-resume.svg.license diff --git a/README.md b/README.md index 94de2fffa..de9a2cce1 100644 --- a/README.md +++ b/README.md @@ -48,9 +48,9 @@ In particular, the application is used to access the battery passport data provi ## Application Preview -Here is a preview from the DPP App UI, where we visualize a test battery passport in this case. +Here is a preview from the DPP App UI, where we visualize a test Digital Product Pass in this case. -![General Info View](./docs/architecture/media/GraphicBatteryPassportViewGeneralInfo.png) +![General Info View](./docs/media/passport-view.png) > **Note**: For more information check the [documentation section](./docs/README.md) @@ -90,6 +90,8 @@ It provides a generic concept for **Attribute Verification/Certification** by ex Furthermore, it gives guidance and ready to use components for verifying the data received from their Data Providers. The Digital Product Pass Add-on offers the consumers components like the [simple-wallet](./simple-wallet/), an **MVP decentral wallet** able to issue and verify aspect model Verifiable Credential Documents. It also provides a proof of concept (PoC) in the `dpp-backend` and `dpp-frontend` components for complete data payloads to be verified. +![Verification Add-on](./docs/media/verification-addon.png) + | Name | Description | | ------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | | [DPP Verification Docs](./dpp-verification/README.md) | The main documentation of the Digital Product Pass Verification Add-on contains the complete architecture blueprint and details about implementation in the application. | diff --git a/dpp-verification/README.md b/dpp-verification/README.md index 0edf68635..af9756034 100644 --- a/dpp-verification/README.md +++ b/dpp-verification/README.md @@ -2311,8 +2311,6 @@ No content with copyright was copied. All the information used as reference in t | IDTA AAS 3.0 Standard | IDTA | April 2023 | https://industrialdigitaltwin.org/wp-content/uploads/2023/04/IDTA-01002-3-0_SpecificationAssetAdministrationShell_Part2_API.pdf | | SHA-3 Standard | U.S. Federal Infromation Technology Laboratory | August 2015 | https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf | - - # Special Thanks We would like to thank [Matthias Binzer](https://github.com/matgnt) for contributing in the refactoring of the initial concept by giving some insights on how he has done the Supply Chain data integrity concept using Verifiable Credentials (TRS) Data Integrity Demonstrator. He supported us on finding a way and giving the hints for maintaining selective disclosure when it comes to verify specific attributes from an aspect. @@ -2320,7 +2318,6 @@ We also thank for all the Platform Capability Architects for their disposition f Furthermore, we thank the managed identify wallets product owner for the support and availability for answering questions which were relevant to the adaptation of the concept to the architecture. Last but not least a special thanks for all the Tractus-X and Catena-X Stakeholders that participated in the elaboration and review of this concept. - # Glossary Here are the abbreviations and complete terms used during the diff --git a/dpp-verification/resources/implementation/amr-document-credential.svg b/dpp-verification/resources/implementation/amr-document-credential.svg deleted file mode 100644 index b28409157..000000000 --- a/dpp-verification/resources/implementation/amr-document-credential.svg +++ /dev/null @@ -1,4 +0,0 @@ - - - -
Proof and Verification Methods
Metadata
Attribute Certification Record
Verifiable Presentation Document
Certified Snapshot Credential for Attr1 Audited by Company A
Certified Snapshot Credential for Attr2 Audited by Company B
....
submodel: <<Submodel Metadata>>
@id: <<Submodel Id>>
semanticId: <<Semantic Id from Submodel>>
verifiableCredential: <<List of Verifiable Credentials>>
 \ No newline at end of file diff --git a/dpp-verification/resources/implementation/amr-document-credential.svg.license b/dpp-verification/resources/implementation/amr-document-credential.svg.license deleted file mode 100644 index 6ae72333e..000000000 --- a/dpp-verification/resources/implementation/amr-document-credential.svg.license +++ /dev/null @@ -1,13 +0,0 @@ -## NOTICE - -This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). - -- SPDX-License-Identifier: CC-BY-4.0 -- SPDX-FileCopyrightText: 2023, 2024 BMW AG -- SPDX-FileCopyrightText: 2023, 2024 CGI Deutschland B.V. & Co. KG -- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation -- Source URL: https://github.com/eclipse-tractusx/digital-product-pass - -## AUTHORS - -- [Mathias Brunkow Moser](https://github.com/matbmoser) diff --git a/dpp-verification/resources/processes/amr-credential-resume.svg b/dpp-verification/resources/processes/amr-credential-resume.svg deleted file mode 100644 index f2bc27055..000000000 --- a/dpp-verification/resources/processes/amr-credential-resume.svg +++ /dev/null @@ -1,4 +0,0 @@ - - - -
List of Certified Snapshot Credentials for different attributes with Proofs
List of Certified Snapshot Credentials for dif...
Proof and Verification Methods
Proof and Verification Methods
Metadata
Metadata
Verifiable Presentation Document
Verifiable Presentation DocumentText is not SVG - cannot display \ No newline at end of file diff --git a/dpp-verification/resources/processes/amr-credential-resume.svg.license b/dpp-verification/resources/processes/amr-credential-resume.svg.license deleted file mode 100644 index 6ae72333e..000000000 --- a/dpp-verification/resources/processes/amr-credential-resume.svg.license +++ /dev/null @@ -1,13 +0,0 @@ -## NOTICE - -This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). - -- SPDX-License-Identifier: CC-BY-4.0 -- SPDX-FileCopyrightText: 2023, 2024 BMW AG -- SPDX-FileCopyrightText: 2023, 2024 CGI Deutschland B.V. & Co. KG -- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation -- Source URL: https://github.com/eclipse-tractusx/digital-product-pass - -## AUTHORS - -- [Mathias Brunkow Moser](https://github.com/matbmoser) diff --git a/dpp-verification/resources/processes/amr-document-credential-resume.svg b/dpp-verification/resources/processes/amr-document-credential-resume.svg deleted file mode 100644 index 22048985a..000000000 --- a/dpp-verification/resources/processes/amr-document-credential-resume.svg +++ /dev/null @@ -1,4 +0,0 @@ - - - -
Proof and Verification Methods
Proof and Verification Methods
Metadata
Metadata
Attribute Certification Record
Verifiable Presentation Document
Attribute Certification Record...
Submodel Metadata
Submodel Metadata
Certified Snapshot Credential for Attr1 Audited by Company A
Certified Snapshot Credential for Attr1 Aud...
Certified Snapshot Credential for Attr2 Audited by Company B
Certified Snapshot Credential for Attr2 Aud...
....
....Text is not SVG - cannot display \ No newline at end of file diff --git a/dpp-verification/resources/processes/amr-document-credential-resume.svg.license b/dpp-verification/resources/processes/amr-document-credential-resume.svg.license deleted file mode 100644 index 6ae72333e..000000000 --- a/dpp-verification/resources/processes/amr-document-credential-resume.svg.license +++ /dev/null @@ -1,13 +0,0 @@ -## NOTICE - -This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). - -- SPDX-License-Identifier: CC-BY-4.0 -- SPDX-FileCopyrightText: 2023, 2024 BMW AG -- SPDX-FileCopyrightText: 2023, 2024 CGI Deutschland B.V. & Co. KG -- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation -- Source URL: https://github.com/eclipse-tractusx/digital-product-pass - -## AUTHORS - -- [Mathias Brunkow Moser](https://github.com/matbmoser) From 407f07ddaf7154ec0c486a322da8ce271dce3281 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 18:48:56 +0200 Subject: [PATCH 36/38] feat(dpp-verification): updated verification images --- docs/media/dpp-tx-logo.png.license | 13 +++++++++++++ docs/media/passport-view.png | Bin 0 -> 137932 bytes docs/media/verification-addon.png | Bin 0 -> 65236 bytes .../implementation/acr-document-credential.svg | 4 ++++ .../acr-document-credential.svg.license | 13 +++++++++++++ .../processes/acr-credential-resume.svg | 4 ++++ .../acr-credential-resume.svg.license | 13 +++++++++++++ .../acr-document-credential-resume.svg | 4 ++++ ...document-credential-resume.svg copy.license | 13 +++++++++++++ 9 files changed, 64 insertions(+) create mode 100644 docs/media/dpp-tx-logo.png.license create mode 100644 docs/media/passport-view.png create mode 100644 docs/media/verification-addon.png create mode 100644 dpp-verification/resources/implementation/acr-document-credential.svg create mode 100644 dpp-verification/resources/implementation/acr-document-credential.svg.license create mode 100644 dpp-verification/resources/processes/acr-credential-resume.svg create mode 100644 dpp-verification/resources/processes/acr-credential-resume.svg.license create mode 100644 dpp-verification/resources/processes/acr-document-credential-resume.svg create mode 100644 dpp-verification/resources/processes/acr-document-credential-resume.svg copy.license diff --git a/docs/media/dpp-tx-logo.png.license b/docs/media/dpp-tx-logo.png.license new file mode 100644 index 000000000..6ae72333e --- /dev/null +++ b/docs/media/dpp-tx-logo.png.license @@ -0,0 +1,13 @@ +## NOTICE + +This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). + +- SPDX-License-Identifier: CC-BY-4.0 +- SPDX-FileCopyrightText: 2023, 2024 BMW AG +- SPDX-FileCopyrightText: 2023, 2024 CGI Deutschland B.V. & Co. KG +- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation +- Source URL: https://github.com/eclipse-tractusx/digital-product-pass + +## AUTHORS + +- [Mathias Brunkow Moser](https://github.com/matbmoser) diff --git a/docs/media/passport-view.png b/docs/media/passport-view.png new file mode 100644 index 0000000000000000000000000000000000000000..2f18ba789415f6ffcd971b06e36fa22bacb20419 GIT binary patch literal 137932 zcmd43XH=8h_BX2Aw$+VnQDlP(TcrpHh!7AEVn?J&ml_ml2}Qtwln^_j0!pNX5&`KY zv=9l9D5yvYEhM2P6d^!>&_W;~$qna!w&%R>825g7$GGF(HAX(Hhv!*q&bj8AYnI<4 z_LhaQ*glzk+qP{JGr4iqdfT==@NL_6s{OuO^u#IQxu~;kdx*91xky0+gM(5o`O`^a|e zMdeF9J0I`-BKkSL`1Z$d(gU=}g<%uL=6eb!hFDC7epq__f$*te?@m2v{BdBYi-?+k zw?{WI^hUb0YC0*y;h$&Qwp|2VUzYk$7rZTz@SonT9d9?c`1zmqNaoQ`jek1Zw)Jh3 zhj0JY{jmG*js3rR+sL0cH&!w$M{fvz`}OdmB*S#`NYXaN|9;W#wtEw{V&~ab(69Hl z73SZU4(q+y55|#4i4yF?)aCF|44( z&u;9mTS5OlV8O-XOhTKzWc+r?g3ii`mK&@czo?!3+E*@SR)w5#U$F$xHFr|BmG5iW z?MsLxXxZzKl{O;Xt7l7(l~1Teno0p@J9hs1u(-AuX)9*7&0$Y#dUWq{2cN6RdwVW) z5**pt#cd7gaHE|6shvrx!Ry!fd@vo%$j&-wes~C9*;tAzJl;w-M;CWWH8)PEjX&6& z?P{3#HSR@8J6CY8JzIV;e?+zsAB?4043x-4Zw{n6pJQY>f^=Il@`mbBWozCs=R-=$ zWl)=CD>HVzx6dax~obI-*;=W2jgd33)vn6R#iAmN1Y%P&;63 zZVN>a_UIU#`t{{S@`Pz3<=Mx;4{iF`6V+PnnA*TQ9Y!5^FtT`v!Fo(A)*>`&jTIb* z3B2Y77kSZKr^w-w4830I6J=!F#zjD2aGlJH3}(lFc0pUdq9Q!b#+6Bx_mC>*^`z+o z${W|sh|;oSW_EbQ{0g>B5zdT?uv-*Fo4(x~sfH)vd1IbD%<0T7c!vDhU$nKA<|{_S zEbM;k*KUqd0dMZs$}vvOiUW3~6}yPURu(}tV%=P(tcxYDt33v!%k{L0oqBD)DdXj; zb!>HWwBtW}Z=Y0uSD-lq9xs{nyT#_+usnrmvFgB(KLD4KZVD)ldc)2W*q4In1nk`W z8_9c#jfyi6WQ4ld3VzNoFVfQ2)6>)U+biJ!`WI=1c<_}b>{-d6h59wQ9u&jdz$U5X z*i*ga*>bQv++2uPoZ<0HI^SH@)(7F%t-Mdtzsq^O|5O`zmd;e31+WlqJs$&`VKDe@m2dKjwlfJ%IwU}})JTgz1fA89|x`G=E7gLyg%k5!jlgthB? z>co#j^Hmb`c88oHyH0X8AQFW9G{$%;KDxeZP4Ut3{5mg^Ux*_DFEFDMMl>=e&647Z z1`If5y6oZVF8z>wQnIq;>4A0ECgj$iY87m*Q_tz}W_l)4)*kwMNX!c`WvIxpT_eHm zWu1MoW;s+LEseRhR?pJ6`6Y%8u(R0cE1%_XQb2+_EI3ok4iIIybQc3O_?o8AE{359 z`9+NJV=Nu#7PO%B;yAUhj~_J;_@)?rlmc`REw>BRbuBJ)SPaOE@HV;RWuQdjpiMp@ z?|D>wMVoxyea^(By1dBOiI(V4S^<$tze95l$*jY44YBYJql1=}?AuhYNYs~S)Ns0D;=6(QlFR+`?r}t2(ju9FVJds9-?Y5`GGf& zFrI|4dXqANZKmtU!A8Y{eiBVzGR(y8B7E51i81;4GquMJFu`PpaI{wz5TSh_N~0~N zZclzFCc$J8x%2*6UHZePT2qn_Q6j-SQt|Z9c`;&CI=a}Rl=SKEYw8Kr@d*Ydd%ZRw zzMXFpgOn8dhs<4=9cR}(PwVN;e}x@ZHIKb^{7S`&W^<|u(zCND$5|MxFk=FNTSm_Y zd%e$1bg6DL65gD62l1~;)Eep37EN=@u}L&}kvl~sDI(m%}!^HKcuVNa(O zh6S=)xOqqyL@q?}iBDL8?$Xf7&a^S}&g7a}bkXF{(r`~_#uF!$ z;SXum>FzGik_`x$#igDGnD0-&8t8tgSy6h%d8*_c*sY%Z64PQOFsmNq02d!=DKxSv z=}M~;kbFK1Rma7I8kWDDN+@}~+^~D=To4Be=FF0^ zOg53vSb^$5XJ<~toG)S%KvHTxhR~~>Enensx^ixhwSo}q06veaiGi6~Yf<}_0hq}B zXECqM5j_^wJ^8KE?tmC`^RXt0@6R;>Vf^#}bzfkm;(!l#k9u(zh^{|WRkf0cP;?yD zZ!quXq=H(5kB1 zL7v9kL;fz=E50;miN|~)S7Pxor>jG&{a?DI21T9>h_I01)ShF-1$jBSnB4pXd6r-B zeL7p5PWf?z<(Dv|X4!b_xz4IZ$`7lA;XN1j`5rEQi=#P~?+Pp7!Fu0Ik^qHCVQ#G- zeVlmdY?sj`?%`0Q$5fs=Ul6hSJBc70*)6SLSAUNS7EX<~SbLv&_&6x!OeegPQx+#LPC4M$biOM$&Al*p1&)5TA{pErw@l z(yB<4b4QZJH$mlaq8-! zKSUC+b-oiMv+{XlpUo>TzLFy?qBg)YFHhM&@=HE+Bu&}rLSV8NzgcEV%^vBy)SsFC z4NbIr& zO?xf;^aqpRnac}=gb`b4)w#7v(1fEf72?Wxf;ur|g*}&;v7*b&=zdm>86LF1Sqr66 zFgG<@3^lF|bzsbHz8m>-Jv7Afsf)8nI3M!c`^)fwbG?T^ljpUfhMnAra_?<>1Aoxi zC`ac;y@wal59^-mYuyl>(}e~83=Qw~`4xVa4VuL-Yw z;ly(GdlitSt%lTe4OE)1QpA%I^+{^C(gK6WM0t5+NAlXYsbthJKXg-WX_D)2#xO3@6@HU)(e-B58N%3u2BKc-AzwMl9qn;KHvX z5p&pume;x^JpSwVlD(J57|%|72n=V99wsJ+_N(>}eX2{Zvp4|`ir)YHUMde>t*D?U z?arV9IbW~HaF(f|mqV$@8JQqYP@MCqgHBBs(CLbIzLUdHm97bbyGpK*R_?6)i`GRa zqC0wPhW5-(@f2r@KKl7PCl$_AOR0{OCSIW9bx4edti7Ujc{F&!!=YTHFYQ_l=3181 zVHR$Pt|@ZgZ$^$vk$y= zWz1=>%+C{mmI;lD82&XJc_=|RfMd6!MM-U_vNcD*wbJ#*+f_$TW+c)ZUy;`F&|UHlf{-rK*`1=Njn zj<(%uOZ3I@zFdV|dUJg(e!1MkxfH9F1AsvD&*^&3X8AzuBXVSssipl=5}6Z!p$n!O z%9O1_pqx`7ll(PS?`G?SHgGPWk&l`|`W$Ee*h|8!Paed5c5{;nP%zZBAVCTF1cPrh z%DU1acIf3A>!}XA;Kq~Xj(1)e!V}I_g&fu#_a~zCd+?O0^#b#k)@@pHr@y((&3!`x z6t0BOXpY{cgo@GWilwsj?ODkfBMODqZT$l1BjZwxpi5?LdK={};URh)ugMD`*!&2GHjYzbu(4VN%VDbT z(rg6t0W;#l$8=)VQMoF#`FP)#S$Fi7iT=A#E(|=77zkj4j@G#6vQp}m+D7o^?be|x zj77IHN8A@Tc6VjQWf6U-q(5ysh;=p14uXo1iIrzFkn1EJrS z)7UT*2t87a&f_2YEMPdBz3x8h|0#VR55Z5gP`!11#i*0sIb_HvH4Pm_FH z!x>=EbWqIczQe#O*SsOxn}e?wB<7Ff*d$_@VL?aXL1fi*QiI@iBiDEQ)0f%NloGRz z2g%mjH=gpiDeX;?Va;ciXT;QW?95!1xl!462c-3HYYO;sF*THZjWBNecST(SC6)LmyuKN+>z%_r0;W;vV% zU0nuy!ytS~JQPGwJP}o8vDU9*L%u0U?%u_qLGO--kxE2?FJHN6-uW-#&)L?qLrV&m z`H%wc1Li^In_ZTL$?u@(3jV$eG0j*BgEXx(|Yfyb_IYtv(Ib}>wsWu{zqbWwpP zTqq%I2FPZxWv;sLtIn3m80mj5tT_98SIND>V$}8c*FCD@38Yd5<(sCKR=o`-5wqXU zis5(>8&tHKCdpy(wfM}G>Z!g);n}!jE2(bE-SNSDmDsGru+wfL4XvK)@78wV~s zXKB;?ne6oO!#!oF7bDOF*+??$ZVa2m*D@~ra+w*u`pW(zrt@Wtx9`$*kcy5O|9fN3 zL9rtPLoe}#_1rk*J=l>~tU%q5?}}^!T)j!g!PyM@Wwj0#j&8tF1qf0L$eTGGt!V zNR+WRk>%;|n8vpJmty7;S z;)e7+db96x|5PtpTwKY}L?ir@`&;Bs9m;}zUl6CR3Yn1r{>pCC-6_d%dcEQXc+IYV zlx`am-q#@ZeXb=eUU0?zvd-c#k!MCCe|h2F!Q0PF`P5LZwzYIKy*4#{5qn=JD1Y2L z^5?hVh=hdzhIJbp=&-ze*z?%S9zIH==RKtTmR1OAhJitO&Bu{#dEPs(H-$)5)fmpD z#U%om<mI3lvRw>ciygdhLEk;l0%@7B=l3 zdQQnzWSOd(vClK$qbfuYq1{pWmTPAC3oURQwsHCosL@(A#V^RqZhPF7w&eU(Hj6hA zk}^Ovv=l|2k%JA$FCAJ}x(?(8OekAACX}fZ>KF%rd2Rz6xlb^#FomSjTC}glAX;P0 zzn&P_Xqg2UbIol?%vB7RPW`AIYl8TrapU{ZCu^C`_V{N$cb>v?K3xFQL`eXLYB~5+ zYKMFIl{+voUi{E8P{oPV&mSw`D+4ba18TRjsey7UTQDc1HmY4fp!D_`61>)!;g)R6Z!@p?Vu&y~;Vbn2%b z&f9h2#|=}>qD9f60?w_CvxYMjCWqcUF|n{Le*)N7E4=t+cV8)a8TzJ&c*i=}>2vM- zy!Q&NZTiz@$x04YMyV6lgzQuM`gV5)@#Gqv)l;BXp;r#eN*7!TGwXXVH0v3;X*It5 z2TR7lWlb}tCe}J*=Fs}aH{`iNoH|;uwf_2j8f3t7jB#7zd8QEmKtUrpN8k88DCf9{ z%fgw?->pcB*&EFR1todaKj_KkKwl!(s~??^^798NJ9{^_hg=Oc=-q?Qq0XueLa+O$q*#vWDr$z{;|3 zi&CRe-HP6q2Sv%b14pb^u;GaIjLIs_)*ghvQNR4(eC!==$B4+YvM=YVph1I(kr)#v zp4Q&E!~>J9^1eH|$QcDJ7ouRF>CfckB86k0G^)jgMzO?YcjD!(1I>=Irmdi)q^jqO zmrzQuAsFd0>-z4CWpQ0D%GE_*_R#k6$v9$(cMQS{JT>BPUFDsROT7S+{-&r_jZs%K z4Zu2Qy#Og4eq2iCylSpte*^AWH zGuMRwRs6||Qrdl+&2vq4(aIwA$*1s*NcY&o1Yp5$^XD<(+|$e&`vyY?lYxLbS81mU zp3h{Fj5E5I?*i7lp2|aKcIah*XLxZ{$AN^1 z_nw&(9`G(;1U0ch`~K$K~} ztMIVc%fK5p$aY*O{=mzv9O2=^!AN~)jmBunB2B{Hzark3sv?I=UDUc~aNV1!)vuoK&8C^=Tv0$iL#K*zm2w39msLJQ;k^t}s^^Z&j0N#oH>o*kz$N#&wl^r{8AF=tpI^IZj&5y;P3iy_PqG`hSs&;;ww` zBG)9ni||YX(W^jbC_@^5yywYHJP@Y)b|RJb)kl1keHFq?vI=^&(Cbj$oA)-Wd9`hE z|N9F@7VqXy9S$0?Y5R2di6U*Zp-8?hS8wWtCeE8OBr}s%ektX;N)GHJ4*2P+zicMj z;kvON=EIf4Jb0i_+v4ts$cJH&%-^AMh7RTvEC*m@o#mSshHz}eJxl6Kx1LwBn;BI& zONz~v%y03Fj}h$e`+M4=`t>-kch462Kh+kZPOWe)4ulddZuPE+$C4}3PCfXt9Q3OG z#~^(df3@$sD&UL!o#S_4N;7dl$C%ln6DMVx~!GtaBE1G*Ksf-Z~}Kw+A)%V9b9cWa#ljzK7DWmU(V?X0$nR|V^bW<8bei~EJlz*sBU^3)x7Tn{|OqG`n#7`zSu+8aM zBgHY9Gd+;CNk~(F%1*X7xQ?5csTeDB#+OMzjmKlpD(KmV#OM2ZpIW?4i~>~+9rJM4 z>UdFSpDzTVK7S1e`i&kK|3$u=e+ch&oRm?kF>};!%kX~iy6-DUU62VI8)|F7x&tdI zx*kNi;{{3vUDURoyh6;(L{R(uUMnA8{n@h93VO*B$I-_5rbCGth?c%tF=bcaH&5^Q z_T0DK-J|A_26G-&l+&y0^N;B}?({M2Q(e#tZ9RjKTTMEX{;6l0@% z-bTTLyP>9LbEv=XH}$yZ6wE7sdViWeW=(2(uwb>=jY!YD1YSiB;zeZ!3Hj)Ru=M$| zd1lJ`$a?c1_1^>U#Da3oSD2ZVy;=ZU{-NiJOJIq30p_6?!bLmQS?K9St1b1596mqb z)c81RFY%&a?--UIQPMq?MC6&DtIOG-{WtG zkcA`Zw%9!wr&c5s6+W#(U)qbc>9|?2wkaC#QJY-=0G@jiGgjCBo2b(ENw#8&p%5LX zDM;DuP>1plocZbu6e^-l5B| z`T>lIyc*!UhqULuZ>mRe>DR#U!UiNkHO7=qm^G8UC-Dg^%`hKL&aVwDFrIS|WfoVE z#DsoK^y}brm}r<;Q#WC)5QuO&b7n6ju`!=gngB0zT`@wGt|~l(nV1L_-w^d51K@nf z?xRzDuSUw4|GvIOHaZ-Vio}jYd>v#eqHo_(%7dAVxnrJM)=mYwi+KrUx!jvi_u3}*^ySabitkXwl3yNh!D_ca;na6v5s^iBDLaQx> zPOS>&0xpaCdoAnYm-6)R1Xk)6h5u?%#o%S#FrE&qj`IK-2hQHTMdv|L-M8Klx7rHr zv?VW!5}{QUF?hS_i&tg!FHMX9^{T_+tw^@vru~ z?ZMXWY>BTj&A};CymrVspX~Y0jBNz3dsLkk;GKg(}((sr8`ArT%f?9%Tg|ptd4tD?Y~& z)olK!-Lh6ZI9tMYwu1TK8$4Q8~ND0W6E;F)3riRB32caet{+)EeES4 z<|a+rW~Q6q?7ddHyy$i(mYii(2vcaF&HjfZCe7(H9{E{OZ}?ML-$J|u`(T5&P^E16 zY;Rhdaon#0;Wpc6NGBf0R;f0oqqDCG3e>kL_>Pf673npf$|!1c;HSgXz5ffkabIPf z^Vpdr@frUWE!4}}S8#5-3t40`*nw*shxJNY^Ez*T`_a~B&9qmWr#3Z+s$!k}txNtb z4M#8p_XPsWNZ|tSjUoQ-H{tU49Z8-;f&l!|b?>bc_FwIT*Rtg+qM7LilGZE+n2B&G+Yvy0zm1c=*vIg1UR0q&V>7IwG=3#04oGacnpRy3Juob@Sq<;ekBLLllzAQ1m7Xf(1T zSZje`Nyq&|$u>X|ysAcD=}}2r_=ThJtgU5wo@GT%vx)A|A=VO&z&TFuHUUJ#bT5?Z zE0fUL1A)2D0d-^xBzMZw(;w49yik4S!sZ3`^pdH;CGb?*&v_T6Y<*T)-I~5?*~V6# zxzP|53>Y%WM?#4_*wE5^vtNrJDdq1q1>cE4=?p9kUTGNNvz0P?PZgEMKYXDGh&-`s z_)2v1vGjrba6ql6=MXdPXO*xvim_mNlb5^|P5i6%-FuAjFdwhcS9tvNc%Y}Qhhgc^ zfD>SBJh*I^U#(}YZ>_5hdHN^XWZi9GCU>6*C!qL+yXG7?(AxPKiT)ywzMUN;e!*So zzIhdOQNav`Hd5>XCyI=c-`c@9CcD$WmTElqTbHQ$l8E+#*_aME)c1!q;AI*Fn+e{- zJ0|8isUIs$^wS*z&*@(XJnA*LsDS^cY`+a$;%-7N{#YyrdacNwlfi*38*X!4$u~uy z61t;x@RZ?Hqt{U{XRmaCW1OiV%Zh-J`JejuaQV{E*`F@nCf_t;DM=;xszb&2e3bd+ zK6wvwqN~koN=x4dK&uPsW7UilRo+&Nu8*hcSoD(RW6gsHM4}yPaj2)t2NUr)_DiB^ zA982uKzxzrvDBAq{`68v?L2UyB+f6D&jWLj{ztt)Q^O5==__+=V$jCgJUr|1Uax-}aTVB<_+y915`~Mw(|A(No|8G_idO@};$h+aY{_2XRTKlF6D8T4L z&3sHvIP1>*ApG{83oW)2mIC>{$`{v96ck-Uke~v`0@c|Jtv>eV^;yZD+unVQuwQ2F z19#~d+lQD19jpj@iVq8Di!%Hk#=Y-|5SvWny505gLj z?AP{UbH4x3^{A}|3Qu-(Mir9l36%xT0KYsVhO58QAL+X1+p}V3JuDa84BiQsD3+Ls z(F2igDb*T1$ECzb;pR>AGss6j(WjQ$8zV+X{OS{pN>>Vgxp z`1fL5fX6ZEPovkq>&Q@&fWI8t56e**>>@We15yC3&X=Dr6LqP9i=Ahlxdz4hv`Y~A z0a?M(ot5cN1+W6E*+bEo>Y9jC8<355<01CAb&8?U&*kdXehlOE>Kojewn`SS+sY7k zzkaH85MoImGB6Vdg~S^k_=nH?Dve9?gjHI;_}micIVf)ku4xu$5$I!?J9Ym4`Uf|m zjuq-2%*&GAEr<}~e+!&jnk}U$!Ic^a=G6`hl`SX%6awbipS0P(eu)|VS92Nf>;O*g zpV7A!v~@tyK0OqLwe`ZngMDjdyUf%^(|pnW6Z|e_iIr4BMN3JE$l0gB*2iL$^d`vh zMN7P8Vd&5VnjVc0h!5~e$PK=V^)0kuWMy;k8&*XFG4CVSQzJm#Umdpq$^UA%f<##Z zab1m?79|(%9(DlixnVrAtU2ugw9gDto-6H>hoMCCFcUW+;JXzD+1$@>DKpu(jj44#|M zPM=)^{Sh*ioSPAMb6~wO`of%9ZkyH?PiIm4S2ha$i(Qw)xaR_a1o6${q|04}kc3?D zIZn&4Qgayn7hi4dd+2ZZd*E&kP?G(E#gwEc+erCECr;c=<`*H!$g-@W7;Q5 zAE~rQ9q3?uS%evZ5#Xdv*9KY{26)W6ev0k8P=`FrX&u%Gp?C0q*}~J}C84k~RtVmq zF(}AF#f~=guheo9=PGgR-!vXR1jbC=VCsN14f$6DwN+ zMaGTqBrqG-y+TL}yO>Mw&&Jq}Xh`9Co(rhDgkKXXHHY-&CK=!>TF~dQ1$-y_`rbpU zpQpqzW4C?v*9=Q{)XB|m1WMHSV72z!y<&yjF;bdZv3BlTdU&BFb4i7$Eq!4QBLdl# zznc;oHKjRcMa6;=>;e0F>OJ%ey{ng5HV-G7w9VJ2zM9f%$RGY*y=Q~ZUYsZ8jRq+jLNUEmPZNf*D!11sQf@7$f&Z+~oZ*9MWsbMy&XJ4S zI*Gvi-{$}qZtOKB(AXV2$I4pfcehv|+jH3e@Y zr@J!C`ZOF=pw)*3?X+3wJ18*Ynqb)3hW*WG#22xYV$#~O`5uNljz@UKeCCg0;m2lnl0|=uc{EDswcgnb8?QsiL z)!I2%jzc=F{0AQ1K$R{{1C2j|*!m7aTx}ox#LY3|Mnr{OF8M0+JJ!InmELL^I$hTl zIzyw~iC9Pe4gazw5wMz_hU>$U{M#NdlykWhdOv~*`w2{3q4{*bun&bBsa9iU1GnADh7cz0&v3uUdXo=*;!tH7+T`N29 zRLTfalvYQRypBGmo~mEuNOKyC#KMf7Ps!%tHzP-QF2Rp?hOEcI$?f7Ts!bLa^{Y#A zk>HL!YdPB{R;OOn->bF#{KeK#nC=YlXiPhO@3`sg>V7D5f9EsQBCQz^+H_mYhxJi+ zN4e{E2Ag~e4!6IeUPV#si3or_1X;#`?h%h}ASs*K^&kl{F5a+=IVF>mRw8SKzHD^v zi_xh&BP}!Eq$%N33acYd8yq2N2Wb=SpL&-Cx6%+A4F;kV9J|WqJXf?Q1FP9%VH79+ zp_WVSg@K`HmI#My4Cxii$Z3b#8IasPnWb{u$UNG>| z@I^p*$xz(cIrVS4{`oqLYem;~KrS6*=_z-HlDXFm!%a54%LI)}YQ*-34!Si2w=3|a zquv4J(5hBCm^2qMxOQa?lJXnynud6R`Vtepa?QW5+7tpgZ+T@ms1PogITKgA@Lj1r z6cR308op2;i0Az-VyjPfDdH!Fx;oggGma^zP7RZrouRvwEWO?&r9bc2w-o5nQiBW{ul1;EhNwlYOU+%kopZLDV=MKG#E&k@!RehV5Ox zDDNz1fuoviCUJELTnZ9X;l`a#{(D9N1}b* zx~p`{L=;rif(*3FUQ+Jvw?dbE50yq=>fy{Lc%!0nmOEC;t>3VbjY?$ng{dDVJ#cXo z|IP&`d@N{U4llaFQtQSFzAM4`e9&eBn;C&&7Ny2pj8jjK8``C@R>pV@eY?qu8};F6 zY$kinn~DXs8&AqdKh@8z)YsKL)$;yO|KY(gIZSAHzE=moQ+6t<&RFj`G?PhK;L#!E z_(O6QJ28PN$!JckK!B@kzHumBstJnkK@REsCQdWpf$97yz9zcj17Aa zJ|f5dF(2xDWi%`-!M-!n&6McFs*L!_86hib+uo7-25GvY=;-4=QB4k=?|2J}ry#Hc zGay4l&v+xVC?^|=X^*&J&X`o1*u(HS{--iE-roHylzta(wmnw@%X9!gW(&?j9Pc2n zKClW4aU0?J{Pz^=j@Jra68K=eG7|O=g z*-MZ}*kFvZ_8IFXOIR_WT?#y>0fX99C;5Y0-TGXYwhtXMD&_6PSXMKP%9m7ezQcwV zPspg2NWa5e^>_W%B08N zY5=seS;|OnrA8a}m==xO(ku+DiNGAN^I^Kl7`3^XhPb7AyTWqsF`r*g=uVd_>uoA{ z;<9xgWc2VrxK9B;!XnqEZ?F)t-k9@zbpop~8(9Bz?V62#cF(NmY$ty+&AK+ydt);d z_hN2!ZDrn*G^k_Y3du&UkhO?!4Ers8odz|t!0eGxC z5JmqGWD?ofzTbnU3ysOTiRgs5Wwo-S@Vu$|El2O-{NbEwqaBTaAlKJPI9i0`>LYc+ zX0WT^zWZHGn-V&^Gj{Hv<7f))4z;mR?5K`UGo5?BweuDm$1)MqJY*_IUH7)mQx~6o zXTYD`T-dxNp2~L-D8c4HQ;phgOO3=ERa0k{^0$$M*o!k1s{;g*JpZP?^W?k4jfH!akc_R3aCFECRWGZp=Z1FL;seg4c%*Kz)v)wnl5 z2o^*q)h3g|f`F=Iv?cj&BnJO#_AQ~Tn{trWm4k^wY?!^j-}pB9T_~`_a|SOX66R?Q zU_|g7)$0Utj=CIzo2Bmkac!4;bW7keU?ZwZrpUP@i^9}_tv)ruaW@OmF20l$mSEQH zZ!GL0GZ9{Jklv6NIKSL=5LQ2bDQIP)F_UKQ;+C*7|Cso3Hlf{pSZV98* ze{75d^-ZHeR1PgqvWc^?2y+8J1tT^MN0;&iM|Dr5uXK{Xo5x_jr44%e!^161UNl7) z-_j4EsioTD=Qj9lap2-GV~kq2IICPP+WyAXLuyfHt;NOg7jt8-&7!E3>M0hrWf#(B z2yIClEK%0KBFy-+sHGGthvS`8YrtjMtA+X2Z8#k6$d=RgoOM$Jvd-|CwG^<^CDiY9 z*vg2pNQxgQ`X$d1Kg_9JitP^A3ORSD{f*&<80DPZ0a;#++Jof>=Ol$g4+EPz88v_I zqTB3Y<7qtns;ebVI|R8LBel%5$guXI?$sDB=~32f6j=;65pVFI*)Eg35?_Gn;6#1FIEUs9DkM0! zw=kEyvnV9W;yNE&%m{R|E@q82;XNZFIu6g^rTAbmsl(RTom8^KV28uakk;ef2x3D) z19h}>3_Gh&YN-Nf%yAFSG94xcPe(M~g4PeF`-C;t_YSRA+wh!DMXKVu) z-U0Ve3~KM0)?x;`CxC-((qbI>vV;0SmVd}cN^`WBm zF6ZKevOLt7@Qd?n&hza`+Kw*z>Sb<7&{HT4C`>~A4rt<@{xav?{90zz^ppPJ z>R6`45LA4q)Gs?5t(o zq+^ISaC@oT8go#Z4q+-6r|SRw{+hjTWutjHmI(Oy(l}T6F3)mb-vwZft8yB0aaG3k z!kxJC$c0FLXwcisg7Q<`1a@yx(#C$P-++;;Z5<;K-!{Sg&nFtI^DBzKOp5Y9|Mtns zE*!OPfYlVE2M-Sb?2ck8dB~*XdsCc_pOf~pN^+3NhyrlMH;hk}Ebnt(1v3V6LkjYJ zRyl%e2RhXB&4*$hWKrF$<(7Jf547F^clh9pZcR{&_9s!`B4?>q0&7 zEyqq4WwGu><1dlznhEWMbPj?5d*96^&Qa zZhC+2%`Tc+S0~xY&vm~)vdpTn!Q24EtKbxyYH7D2qus3p7*&fYZW8TX#c9le8yN|a z?O|f2cQ!67438Keyd*LDt(*}iPP?sXX)2}Q%zNz+RxpU>l}Lw*l;G@yDq^3w&C!A? zj$nr%Y;Z^o2N^j5G0NS`r}venzU9>^;97>fO9IBy}HWwiA_4KRt2 zG%vGskAxQ^q16#-SI6;Yf&QJ)@<&(wQ*mtQxyTTyX%B)+UgV^oVRYADBbuH?SjP$& zB^0&ZtrE&1KjX>vJ%u0h*WJkAHj%gtFx`Hntp*a8-)?u`IC;}6#{Y5bKro_AA%rpD z@vd>-nn&r%Npd@lA)$aK0xxnBEXEBwW_Z-hqHu&PwZUAV^scOfOslM@sFn=A4q*$P zLXU60=%Mlw2O0rikqaaGSF`+!Xb?itVtmvHok&{srR^@tHD0qGVE!)Eg4+XYgzXmv z8wgn;3aYLf+67tGL!-RCA1>+Jkn7@bF1}&?r9Un0BY^u~%+yn5V;%fbZWTeL*r8mg zTh%#X%+485IJGyf@?1&M!>!vxANHNs`kF31!q9a5j<^S=zu+!Q#bE9*nrS;L0Co>- zx(Z61Z>JzEDk*_OL<^%Kb0BMt@;1)5N9|$Aj}xb~C!9!cLPl?yRd-4j$+y^I$8CDP z{MRwSKuz+EvA)JI=hKTQ+3Ht=Q zB35}oNN|p}e!R-6Y;?jzrPuCWHOn}$j&Q58&C+a~rM%FPh%sTUA{ zAdSIZpN2r^k88b`)w#Gg;d@COyWCU5tnXM#A5TLZd=XMI44V-J?7i}PYygu*@Cebp z#yYdEADPaQ_*d%J5W4Ks-_}@eXEmMOYRmg#LK&Yam7)7e9gh{AKzvtrQYS_) za=13*G2HtU)B_ejztcB$_XX|G7C!a%X4Dm7RxZ#rBy$1gRqNFi;ReS|*z;Tcs5r$# zyKh6DUssL(d0&ik^u_90rq!F>PNXH*%SnPSWg-^+YrY{Px8t+`jVS_?FdC=EOE?m7oLw_=Z}k!5 zdP#!o(fYXE0#u#IH4~@%g0PG-D%}tf0IGhb37hM>YeEgth@>qL*2T3lyuQPzs+v9t zTPe1S&wavQU>&pO_tc8wnF2h{czD*~K(NGTq4{ZC0-cLh5i|wg@Z~0U#Yp*Zk=F)A za5(*w6~M0jeXXSv10T!zNZ}^EiEjMUsu1h5v64AyYbPp!uV<;I&m2AQXZ5V0DVG!jf8JlbdSB8#X>9 zGmgEB4}Xt%R}?d~$K+8=P4Cq)5nIhvi`3o;F;bfZK}3w;m)`etkMDDS=RD^;=l49HKONqm>$+U)^L~wY z3E>%m;xfFgP-S7hyEgXVv(ifAfOj18UVG-Ti|k0lA%h4c5A`$mB)E|~vukyG{@Y4W1(uv@-z)>j6ksx8v9WOWh zWe5Fw<4qCn;L=*#Vms+_e@M&PXx=tDi!-zEPTz%(J`GwYdzg3ZuN*%tDTrCmXCxJ@ z(Vuso>XnLnl}1U_zTHJ^+5PlkCqBM62&|_hu1W%FUNdDd{YlWnVsf9Nfm^ImkMYU$ zEbj$JCY6Y;{09kJ>{4!7Z2dRNe={e0*Ui|Z!xlgI8B9G~PW<_y*q<_Ih>ZXGbQZCr)BPD`s#MyAMQBL8WMfRV z$mLv2alsS*NPY>hsg#VBQj?QQ(18fC`3Ofy^T0)mo7@e~V8kuwNfy%h2$6F0CfGT$ zI|J0My0IRTyN`@|wFG*91`KqnJ{~)`rSn;?C&?6!?zhS*F-oOV;^e@X41^Di9${)h z^vLeY298HS*{#>d-tBVJ)vC-o8(vSO`sH%3{gQ=P#`?EnPPtJfw3ro-%zM(>eNpid z6859}_!n+C!hdD1t5d@29A4lX%`e1GuD(2S`rRNvj32o0KcJ5q=D(D@*ih7ZJbS1> z?)%Re*S`69i>yn+0w;l^+>}#Mk6n9!{PDgDrBP3vqp$ZFeuF?_eg3hxGnHb=wY(u@ zDYbOp=;LA7H*v~+&gncgEh46OYOe8)g4OjpxUQb{w*&{7K#dUz@2z?83%A3tPZR7G zPb22eOlV1X9}y0Swm31#;ZWOoazP>=uv_rD`SR9kOLEb*WKUll)l#1eVnbgB145q= z+u5Ek}z>k*5uxrvTC-TZ7w zxZXnvlI8l}!3Ga7QNFd$j=2u@6Z=D6r1iGJNrPukx`ihG~DbZlDhMvP@XDOk6{ zc^}+#1)ocQ{c=F2R4W~fkVWq;p+wO)$t60WG>@l$KKkbZBZDMfY;nrEA5o%8918>A zc@+=(2c)nGhv}xt*+O@!BJL*mes1PYlEjarGp#ULqY0#jiG$2Vu7h-cGI;= zV%KyD4kiiqEj?M%ZKX3~>Kl*bN(9S2u*F5`>=Gg_bC}I? z8&(>Jk_b;a)R_A>#VA!M<~L!cI7Q(YcRPL(u{gJb#^VSM3X_clI-sMD&X~b z%lSp!gvJ7m-AR00N*0jbg6t_?U-CAzVnQxvfgR?~qa>N|pq9d?7Ued5hs}s^WCW@~_pYc&!0Yn^hga@q`Z{b6%xt(~7eOm`YiQa}5 z#w81gRl&NE2B(!n1tmg;;4_-b(O=}(VS@v9^e?NZ*V}e976+y#&F|J!mYPMpw0Doe zQ+li5u7?rpGTKLz_4-G}Lw^J`{{aa93|1`GvOzB9VQbr<{)mT%{WJg~;Nr zsoUNemvONFK&+yedXDGFej2CX$}L6bs2sn4V!*)}QP^B8Psm?5vm8HeR-O@w9}1mJ zYbXrsJresTQv0v}HK2Qh#=J155g-iu2V{bdCZ9NoxQdfx9%fu1H9VvR%BKa2c!o(Y zkwp_yO`tBv4PlQc9eb15T$o*T11Ml`NN7ct3 z?H|(U89QqcZfjc?aJYQ6Rd?tulXnfbms)T9-;nZt2va%EpWPv9KpU!7;s$o-%Vk2) z-~h_fL634W^xu@<0`=u;xvq6jLGA}efB6X`2RdW3y%(MMT?J_5UK}#XHHxByK)^Wy zKPp&TamskL(|pQY)2Ki=Ib45{OEF)x{?_ON+y;hG=Hpn76?bT=wVNQ&RBl6618959 z7_?DswOdoPrS)Gcz%`-n)6i_rNAh|rgQjPmtH*}5S~_ddfv=uFT3N^Q&!$StH$@B5 zqnX+Qod_I0eGjNhTWF~Hty}(`CAICM6#N_iY6o53Qco*|%@WXo8)a!GwD4hm9kDuN z?JJ=mr`TR6MG@|T|0~`7$77ryRjoMI198HCC)4Q2@_TOs$R3jz^Dun>=x*BKwEQA9 zHAfa5k{^Xj9v<~}cmL}E0OZ|={O{;H7#*wrQ5l_mHI2ZDbZ;|a>9N6Qn~fm~6kfM% zHC9>4YXvQb4;8;r_z%N5scvIn7(!sK4WdZx`p`H8qsz@Dz8wt;W6h^nCuo}i4J4s$ z2ZZ^u3|CYe=WerzlTEgq2zx#$`TgVw@KhJ>j<%iG!J`E9@vGlS+`b-|-|kl$wNgH~ zhWNp1UA-FFrKEKV#>B`b*LrDQXJn%dvGwr~vlPFR(y@sPwR4AOz%C4mY5fYS{*+7A z%xnJ|7l28`vm5ZuqmQ(&U8qy!Ule(FFw5nAzl%>~a;U_}O)~pRjjWF#c!EZz%2(C! zsvW4-n`C@hfA~uGzX?wj%=)-_dVVPG59z>HL8`*$-{=GBj^Vj_0v*pO20PV?FR#||4++0+C-;M=Elu}- z#>DRbC%#~2Bx+t}}}fqUC~MO0Oc_d!df8>ey}P#|3!SX(16>? zz2gq(G@zKn7(62GNDJZD<&($#|vJYwX`9AGFhOn`T;E<~Gu%2%8H7U^L zbfV4s;{1736k%m3$8UDOAOk);pmb6?I5_Ba!t}WGEWp^bT@wJfq>*|Skm+0?00Py3 z&>rwWo$Rd*x5ViX5Bn_S)LmL9T<`r?C$_)D6?Av; zhUj@)mq?6^e%kN2X(LawI*9lT;cZQlcAB#?zxMZ4tpD|@z>aQwF8Hr#kvYHUT5AA+ z7LpmKohrUnUiv8x@H+X6867}*_EQW^3Rxy^=iqC&7=z@cw?V>T2Q)g}s55VWQh;f^ zO~&8IwWt0Q8Qay~jnAh^V0D~&X`|?uPwRPucC)xAqULX0?A!l}TUuGwShU?`Gjd)E zDSHMmdY*SC>ANYIHkQh6DzstEeAWI800;x2&CI8b_ZNuK+#1I9G=cmjTKjt1<(Mg& z;k0Ol!nD8umPlz@gNM4=1xr!{GN?dpjb2(aeI76q|MA+_|Ml9s_9oZp|1z5dutdmqUW4OPv_RmHPY~X|rWAFt$-(>_F)stA+K&fV#tm zSEqpxjavO0{IbbXrhg^LsVGjIeRQM6OD@M&cv9M))&#FZ!?k{~FWHM!aQ&`Ib!3>vIg%TavOhGtM!;ZTqZ$spSVT`K$Q zvjYHh_mg5Q%7s@CTql@XPL^KwB`TVTFT-*Xt^Ne(YLKg{dUgAEW7<$dFs;oCL~~m; z^x>FaLiLi1t!%-H$tghL#FeJnMFLL{WY@R_d7P<0_;Wx3`tDkQx5;b`jFZ*>cn#m5 z6_xs_N%300K2vbxi#Ke&DLF~ijsZJWY9QPFiARmrAkKWk5T%8k+*&iovQv})1vN*Elh9eH5vdbwI_K{gOz1I zs;(_=o6R?z@=z>$lPp;|bM<@ggyS9P2`ZJcu*HQq9mxvN*F@DhFKR#*ym(<(Hm2?+ zSlJe3{ltcvpNRIVG_?AgpVUiSHkyn-1wqSbB-lXBhhXOu^c@}ZfByQFR`iWO!7Q*h z=ggsZ-uY8o{c{r;IaBuJ(LxvQeT|3EW0yCceeEJqc%Vz}Rb)ouMCFc;hrBpZ&Jg(r zz7}|QW>Kx<1$RKNkMy!ig+a(HDd|8V~Y9(H1>&NtXv;?W8ruhDDNdJR+_0!uGQ0Q8UY>=Z7 zeZHNzMK^tKc7G=EWfbwzCU0B7GoA;O?n+}|C6VrrrZ0HthRwj&?cHSAv%fZKEN+dO zOj`f)fz&VU&H+6X%A)GfMo*twL9ys^MCX++J0g=a22xZU1AgV~WLidZt|?__@Lj#n zZe#%$-`-5V7`vZ_C?}nz-#EA4Q>YbbGG(kG+CRQV?Y0ig2y&$c9cTZs7-GF?ogE6&VW6(>+VTJpugH8jm4d|Ul@Z`U?^13YAws6MAX>t=$3_u zNVb85pm|~jWU{iZajDH>Y$7R5N-4M6{RjyeMJKI?Tgkya-*sB!hLY-yZXATV5v^dcgYET>=VH`0_znkb>2|uWS$FF7OIcJ1S0*XgTgo!4O@b*Z>30) zeZ0J<15Ixyi7Qr-?OP7weam2|!0$z}xK}CVt6wP{G_hjZuM4&F;S>pvp8YUnRudSw zb2w?ibO>_oPt{htd^3AP<@D^(I}wMISNd7AZeyjXT!x@sRkwj+sU51*B+KwBD56DD z>9i{@AxM0vU7J8`GI5v3M<@Fu&Hb&14&IyD%^6IyRW=5iiPqMkg&*xUl&&8idb@QA z_DC8o`2Lc3=oQXJg?)b1*T^f$*%K1dj_3sUtQ!!wc*jP7^JUWMl+A#gnUpGh2KO5! zkbX+%hA_ErH?4z>D0w;|>BwT)cfXANCI*|_Ka_BCT%dTOa!F=7xh7K8Np88eC%C>s zk;8u~PjSir9Lg(pdq#=8m7g;+zhi@uE&tX|o9tTx;<`bSA*Jp0WmUSLjL==-<`I`- zQ-Y~IR-vs@YlM3}-Yq{%4d=3pf=DT6Tsfscs!fX_vlaGQ>hGl@r5$F16lhjdtgXuS zb5oaqlnwz6+eyJ2h!(NRRnhXHhk`3$C$m2??iD2RwgqwOUUzZ*&R}{7vcQegW9$Zw z!VpECS?w9!`5*?O?)IO4Er4n<(3-KxjyOzPWh#ao9U+`fZsn(wDPsp`2nDvI2q3k4 z`>@i}?dkCn>yc|++5xpJs#Z8SvongLr1C_{dfwyH;6^T`=4DiMn5Xq^NRs)+<<{Y< z*@?nXVqVD~jefnD{>HwO7XLj3X^M?xzq~XqH%e(@MW`k?CEKTjZ?bAgvTXkmDv6H9 z9!S5P3T|S}bvG;VdPW7wlFFVBu)`Y0)n((0&rG}P`?ZzQJ+9-| zYaZt~Ze0rR3hmG?x!U}^jh*u|SMip885tFc8T@U@Ghmh3TVdTeGNGG6D)lARt;6*7 z?{#!|g`jr%_R|K+JZ`I)VF)e$M!DtOq)1YEIzx?P8&lqhw!mwn)lEe=b8^yBUs?_Y zy%w{Zhi{SbaGfczap`F_q)IfI*W7DT6Oes+XR6XJ(yQe?Ebj$j;{Bw0gn^=a`DTA_FwN*&k&CYrk ztj|Gc*bem7)UJRNQl%~$*^3Q9#A8Vv8eqqtudqz8)||5QSd=5f{DvVed>|fYzC1xf z){{NsYd2u?X}%u?@cLCV)_?q2!^5&@ZmI53AR*6gS>4_nAzG%j?v~$dLRhzE?0UR8 z;;O7cFWqz92(1RgD1nR`k&}`ycG2~nJ540iF!7{okr@W=A zOy1@8vI25ud-c(}G*Q4xZSK0VN$q?{GD*FQ3F)gt2up)Po(DIVuZ}%imXN;}g`!sQ zZU)*F-pkh25i|lmTYq|dT%qoA$j)DEksHk5HcA-Ol45KyPmuIu*ytxBMP=CC~kpVkOO4cfHUQ`zGEX%Wrqt^eOH51Zg0%BN`}9S7f=NExH&cS3J9-djnJ2lJX3W6U zL+?BWa$|%SQ55OEN$Sy5`RR3GU59xME#Z0@wIT0I?_#lffSgwiOn%7qY7EsgJ`EWTMZdT^8(WHy|$Otev{7Rx^ zM0k~qnu`p`d^fBgj&c*Kv&QUv^UWeB4+}3LK92z(|YdMsP^-=c?w~^lW2kSG)K!aPdEqbc?g_S;A8(%&L zFs5&SQhr~b#;0AkkGpv$MM1VA9s+(}KKX zau^nL#UE@HT1O~<^GhA#LlyPyKQ3v`VLz z#V-dv(7|1lk;xx8OZ4F~rCkh`-G~)GiPy*DgKSNmpZlC~+YeURyfE?c5xIfb5{_n} znk3??q->rUZ|ez<<)nSw#Hm-fgyNwSwO*^2&HAB58Y6`v^FFLCG zI8M8kp^Zp_=LPa-*!uK4Hzn?rPa`A4O_$_}I?GygG zHKn__(2T24CHK7b1gN2ierJoZUmn%3pu{GvJA(1lbytX6L2Ux`RUXUM7@*kNLY}3y z>?jBy&6MRV5vi5$u$8WF6uUP?1PvoCE}Wr1LLW|dn4pU0c1tGq4M#Np$?R;mq_MlCGP# zjCj~5+KyIS-q7d=L2%zBy5Pm>lF4Y4<^*{7hs`b}-(x&C|N4`nz>*tklDM1*LRe4* zRyq1ix#8qHe(nh|lWRgTxdYHFA-Y}fTFvC&lD zTb_zfCR@$3c`|}?Lk8f_KKD@BV`Xz_KG{*5SIYW*91li~2sYE1<^Av0GEy4?@##h0 zFd~D8J1lN<-U9toK!WI=S+2TaTsjibd&w`k0Pd^EDf z^~Fvx7IVCpIjsA@c1kIBR~WK3lYeIYf@|-O$QiH(s2Sz#-P#41Y^H&Qa9 zgQMay&}jX-Fb|A+F>(h9^s8%nGZqcCTNZ)t0v75_6_-O z_Kj`*3e3@s>zpd}12;O;aHl=(NHpC@o-@F6r z&)_qJQboA%(^JZERh~s4HgxW>OCL+%`Z_y&+QHRZ+Jra&x6&Hk?K1jCJYe7+YY_+X zc4zzD53!ImHCi9kUB>jdL8nSnJQ^Qgdy|pW>Bj2q^2Oizc4=UFeB*Y$8F1#HQnCNy z%F710x77;N!(@YQO-CX$5!C4!WTOCX#*F@ex*uJb+NAPq(kRB-Is&S01gdsmnODtS-qaNt+AQD8Hr7Ki^3u_KYXXaQaR?o$= z(v*x9_ez2O(+Ox3hUct?9vd@e7K(>vNrAPm@kQz6_4(hGcEdFf+846z9eXOo^N!?d z%YLZb8my~bJw?(r9;mqwn%ZJv@1bYT{>@QtqCpDZ77a#nU6k+7$4}u7biGuaObC`2 zU$bW>C7{<23x&t;x{ZWY-aP2Y*BA+L2lh*S2JE_T0#3baLE=6 zXQW8)=<)DQUekxP?$S$;If}@lK`wthP%CXI_wxD#ck)C{;p*>A(j^=W#4U5iNvFG0 z+q!d3IhbcCa2Um|;)?w|b;W^k1efqtIozmoBVVV$G~1~3)I>e-$=P78;GS}^GV7O` zLkZ{XAPPX&5rdZVGeu(a^Q?hbwlXtTGeU7*vPD6SJ+y5vY5uq?va;-wW!N7v7J$Ca zdkNF_JeUuGhSIh#=azqUd64sDvHbCj#f^dF2y8yh1(^`hM=zQDc{y7Z|ufU_^lK{Ll}9 z3s*R^ORyjDe>$Ti4$DsX%_jwJlp8D>c_aPzVmmUgeZuY;G>Y=2mA?5ZKgmhL3W1cAKe3zkuk2 z2@bN(*THdW*rd0LT`ng?IDSM^#|{W2ExBTx{SZO*QMP1OiIG8sb%jPOG$r3 z-D*$hYImjm(Y1BUt@IhoMl}sxsgcldX+&*}eU4#pS=eGO-_ge)*9qRu%J0{%_Jn(Z zHKsQS{jzok$(ySzIgxiKW2^3u6w&!Tu~6JMwAi~xpII#PT`i+!zjgSX#LV+c>!fd0 z?^rf;=KLdPY?klC_2^9sY@&8|qm*7`%9@b61uW2RUkiQ#_dS2Jm#^yUO|~AXbGeP6 zL=_NHMx>La+v6e18ahf_4@fm>M4N9{ z;J7%aH>!X8)zV;%?WD_d@UX#GX!LWL=cNILnTxNDUg74+OoGGvM}Z zsf@xNC}g@rJAnA$pvIZh?HZ=uO;A2NO`FwnT0nVUP|`6S4Z=(fYY6*`3~CJ|1|(%l zp+i@?Ey@ih?ONC0TLwjx%lp?W!nDNx_SKpc{j9L=WZzMU1R_L5}O>5!qXo-dBCC65f)0PM~H}sV1?$G z@K&>3H{TFgYEfAX&H^e)n4(0^UHTl>_=7sm*AZ!?_Q>HkhkfjI7tKZmWI)=cUp~7f zll;cSY5PNqwsf{L%E0>RJZ3K>@0Q#GChVni1ktQGP^&(+G-+A>uIpisjUj<@|E~&H zg?+nNwyLU%<=VAb?YMXLT%6Lkvej!B_7wnkK7EOju#c{n`36!@=U2?%%>3Hm{6Vq% zA*9ZL*c4Kx%Sz4T78f^~ot^DB?uvz$%A06wD;k?du%Dx5;$IvED_<-97qK zq2i>F9Vnw_!_*y|3ebPE)=p${kOjhNJH_*0|5~p(Tw4tVxJ+7W&OcTa_sR=l_;W6q(%)1FOI&FsxQegHZ5<}n?ZGXlYGUR-?udNdBQIOq zC&R9+QR=f~t)V3cb%=30*?&Vu1@Rh1#NN@9I*Xiw+F?=R7t1aD+h8 zRkfYlc@SCY7}od6G~K_k6V&gw3C$u;YyM%HY6mMo+1K}F23jOgtJ_nb&Nxhs5I}aEYfgTrNPSONM#BH6IEqtJeheYZf%N}ct1*A8bVT>RCJt*U? zwy2KJDS$2=G9XdZc&L85+(y!$H@wcl|FjM({3!{~+xf-|PpL5>TBxTD|7+k%*2Za2*ke}Ef-0WV zYu#HtMMAK3UyBC##4HWreIms-F49GTmi3+fLA!ZvxW(t|mLDl=6k0S{6CrB_3s=X9 z>8EL8w^=kpH700qS_e7DC1uzPEFQ{AUYtwRI)r<54qP@G@_kQ(uiV)M4n9o!_T_P| z!`I}jgCg8--bliUD*gku%BvJLS)EMVa^xI49Ddr=yvljccVg^}Z_nlsyTTd<4>L%_ z%a&wQ{{n!c_a?m7{nS%ZO?)2vW31PG)m49;E>=GU&}U9%EB-Xz${sMSOpb`q=gU+5 z8(jIO141_eakm3x&@#rqEATgZxgjMSD^PluA7}JtPJwpXy5y9o%fgti9Oi|s>13OD zFh~*1f2}L5`2UM?^w!%2m!)3i-Bh4a=)HWE_|o_i4K@4s)6J)yR^FoaOCt)sUcU>{ zsEUdU>-npo`RDWJ{+NmL$cKJu0s8-m>`$B~;@PK$W z4#%Mhpr$k}-+ekiPQmXC!1V(s z35cbv0blVgCAoBEd~U1>2!=*j-FRtLZ+I-GvSk`XnSk!)Xi^0-FUP0ly4W8Ur@$;* zSWi&q=jQhe1k+okL9q4Z-_xW1qcNJ@e(~q{61Gb`s~pA++ilYo&M2=NXnjM1_G;$9 z$Oj3|Wc(QTsO_Z!P}b5$N&X4r`J*a*nJN(P$`GO|m7j*TWaV&q*oyn+v+-OP^2--K zQT8*KHj37Zt&XKSX5Zr#8p$8f5a>>_0GHQL$P07YCF3Ds6PSSmUC(y8RT;a86T1pt zowV{*x)`5B9`oc0WK^ffo&Gb*wTsV2YNEHmERyOZw8wBhkG!+=_RDOT&8>W~6KjM{ilj?h%j`k$<|`cw!r4{MaNutK1+o=||6or}FcM*txiuTU zCY|mzSo&vp?&BQU8N{e#{vtl4@H3~81hw^v!#KyLsp6vPd~Q!g-lt#k(DSdcIex&y zsluYis;cXE<#)Lv8piVWGxEo46Q`28G$(CgH(xpN^T=?E{%I69icL)|UGTwtM*i^1 zo9HooG~Mm%m?X+kUfb2ZDd^KAB|Eu0kzl+23+w2WY`L4jN`x9#m2yvPOy{2*E_(9! z$?)Q~a?dT4TCF-l(O+H5mJd(ASbq>$CgWaTWq4-S2|-NR-Rh&HGXpZ~RVaoq5?Sw@|Cd?$x-k#T%*XgRuUmtgvGmN*<7XDuTU^2{wcV?Wx%kR(t zZ0t*RLW%SkIB}@Vf3xYu&RIDUp}*WA3v!3!Yq0$eebM?y+Ej75O$*1mIRBTe_IkSf zHwNhU%k>Kz8AeBgi5Cf(<9jFxp1bO#jKsWLJKRM;VVI>>zQEl>u80$)bZDrVIR1mc zlK(ugGMZI$z_p_T z50u@~ei?I3FUMMda3JBJ!#}jnz_>ut6|ap&v6ot|*7yDFuB9D>LidRc5a*HeXrFh~ z)enw=6?=aoJXA71v(a#6SCpL&j8}^y|4`ktO#5ryPotfu5hvbfXd*q?N*7XrD||E{ z0twX2@-4f0H!G}#BBrx*-x>cn<|=~`QYobHT*%GRLPy62lPkw#afbLydBlenug158 zp6=IH>@8np^LQ6;t7BO|SBf&_+6_T-2q_+-Y;jOhB#)Z;ZWfDY8jbK`D7-pAGiD@w2p!-W!SjIQIbH-6sGn@sj^UD^b7WtwP7Nt8X z{D)}>M2?^o3M}2t8yHlv@0(P6#Ng6h z(fagBpr84gJJ{Z>f)=@wI7hf;N?w=s#)P z^tfzF4Tm$H(5N@c%na;4Q4;fKcx2A03=|Il%P7K)JXkrm0CfNGAmO%26>HBz*I+LJ z%HLKb{Bq8P%56_xVZP1h?f*eBAiMqpa_K0o#(XLKqdFG4#a=ZCUh1l{$B95@$~{J6 z>)OIxK(nx)2zAJYq+H`FNy%?$Gq9C!Ey8?$23R=|)}(j21~R(zQg@_r?N(8`g*jv- zwgCeki_8iqg%q`LKciF47npztxX1Sm_d0zbw1tF}FL;#M_tfn|kKTc6Cb0-#_s`t( zKw;p?)FrqnU)p95!a&J1d-ze>O`7>hy8w5daD0$;>6IC$?nu6f;3I|z3D2q;F;pxj zJ*lWDO&gDiOuw#E3y1%NIh}8lJtTY8ZWEv=bY-MQ?^>1 z%)6}@r6YD7__?<#V1r+{K@OyNZDe(9QgVJpPY%n5)xt_9F$4ctvxHSC1y6;nKP`WEeIhYrA%D+=Y^EWmj4=1r8|3~HtZ zi)RFF?tO(@Mb(ExH}|rIoFb6*ax)w0jFBE>T`r|`Nz&fy@&PWJXo9wd*35xh(>$X{ ze`P0zGb7LnGaqu~G4pf2X$j}sJdHz2+M|@d7ff#z@z3nHt~MKaZA@k$q2}Jz zlT=`a)fJ)pSAqiVbt{(3ReIdxQ%#JbaHAW%g1Y-18}jGu&7zl07sMTx$B&RU*_bSyDLkwL=_PwR`>aJx>$42vu$yGs?)wJOGXsCnK*vu`VvuH3-AQ zS~fCvE72i}=0{j*`Uv{Tg`xc%B;5#$e|>GUlAs&L=**SqV#M=`5n52(qdX8ngE z&Iu>2gOQc^=gCa`Z_blbqXBobWHjOH&vb48!OUFgMfaUrP0xfT=4)@C)rC6bKG1YQ z2-NfsS3#@huljSgCPBOt4Y)ShSAggCMW0rNbnI z!)maT(tkOxFM8NUXE4T3sOG~-urN=uCyH6Kte1mXRuGzKe?z^`}{<-s=bS0;|~l6Mz@-McEV*J zyQMusC=QN(WKMnbhXAge&igXm+OmJ!Blh5^?EwA?1|_$4g&mQ;#rpm*Us!&BgL7Er zx@CGkLY#yE+b)6u%6%r^_VkrK9r^)TeZBF>n3BOeocR^$hIKs%-^(c)T+9QHFLgRm zw$CykADEl=rszRiTGjpvH9v1zroC714_A04*j!9Gns9KD2z-wxg*JOe$>pzB_dR*!M&A6!62 z43Yb@hc6ag=bffiuzK)i^fxZaHrp|zvg_dOd?}6j3Cs?%Mil1mCj-}EdF>Q^ZRH=m z$x@bQmVkqQlm-UByzdI4f=0f8_P6gpC>&6|iQhczN>=c#;>D%io_@@(W}<&@Ox8f~ z)|F$@3!NJKEFd+ou65ies(b$O^r~Qu*)JB>SsKsNnENjN>X;rl-BxNOaUiEAkd9Uz zDSJFh;U?x)fSA2W&Cu3RrzJ6oWP3=fLaTe zc~zI5)VrJ_ASE8bUmF5f59=MKj zHYV~xY;%L!h0%vSunu_r@Nh8fILM(P6~R<4QAQ%4aIohHe$3r#8Q9r>Xi3*Y(&{~& zmgzU6bJHHOOnBxDMSck|j3GBDfMg9?H29Yy7;DBc6DLDLeIcIZk4i}a;t1>=x zlI1D&ar9FpD-K~!!jZcp51*b#Pfjl%Nw<>nGNbN){V7FDnR31mzjcTc{(V# z+5%NEx42DRVH-ON>S%6w+I1oA<^&07`-QbS_1QX5fq%c}ThC{Y@*3Yu0bG9`XnG=} zh6qHF{*XJ*-JsYMwWE7Y0bKQ3F7)Z6(~KeIDxzPEExXch(^3eD6(t%j!6|1I_U)>s zbY;5YBut_dWAgHs_m00ONGzSb##UmJvOV{+rdfLFSioT9nJAu5_G1|N4WE&1GS5&fo{ehoIqYE`Q|h(vkf~QV zOGU4qRZFvp9!P}g^8GsK*jY1%)ky0q&}s<9#~)0H12Vz)_AL?}J=v8Anq@a8EVk+y zO{ftAU8E2riATdimoa}(PK6ykTX?w_g&(5QioRUMi4Oi`k#ny2Mr1DxfJ}^29{YHD zI7O39xHqyU8ol-}9>P>T*t3f?)Lo4AJZ77IIZ&R45KDH~p%63}3fhuo7@prE0UMFE zEt498Z4T==b7O&MZs20qRi0h{eoEuV8j(jJ&OMWxfYHaZVJ(vVVGI~SbR_inCySI% z^R8Z%eK<5_| z&o=aLg}eLpe#@V};nAT;klwJ!O7z5(ysPCC+SVj%v6qKq>oMY4wt{>rHIC9x z^amJwAs1c` z>_%a<37_6Axv0wW?NWV%R%9RS?q+0`YH09_ys~1>Il0%@*otVe#zo(z`OIvE3EG-! z0A8~fC+_KQCOMmTr``=~@UL5Hhn3MK1lju>wjp}Fmv1S+%9u;BSJ0%}mWa}>GtE7d z{zIR5gm?DjqGV9f+50(6G}9eZ`$K<&1d-NR72z3Mk2bxwZOA_k{G~e%W|JbqLEWha?iI;?W2h#Wq; zHg}U(M&3OT9~y5H!+D`>9VnE~Phb+j2cH743jQPGo~Lycq+7c48}{%?7DHMWQ}tX9 zDlCfUvUo>FE)%Ns9aoVpzg-F|Y8vese@q1cSj#lqHJKkont9$cbLMyJrRx+BZDeH+ zK4kr2U%dGtzEs|PcwDQ22_T?hB5D*buNYg~YyK8y{5)0I6~`k>8Fg_DiIEuaQCg_% z9stcYoW8;gaILMPX()uHq$+;B9?n|wpkrZ;rMGfCfCvawau`O^>Z+vD$_-T7Jf`vL zvvnt!a(HN!BmUXGVa50LbJDcp=gL{yseD2;sV`~OPP)Sjs?697f3_nG{@IqR+FkRi z6Fo0FHgZnSzce@$@qKxpmK^2d{!a?exNZen(=~eF%S+RA(EsP>G^YERum2@Gc+LKr zCOi1|GYa^xLJ5HXuYAP+rI>kUZf+j->C>xx-JhKe>__dv>;Am3M#+`5B ztdk1525xVul_K|N*sii?t@MbRM5TL%MO3_Vd40K$Q~Viey8nf9>c+|B(+&xr{4?Jb zVTSY8S`=NDPe!N2dWVUO9?oVDoU-}K?<>f_<5SB7wj=qI1AOUnaM&jdFvm*qXym{* zOPuo1uL4Ljg&x)QOmB3hE1Z5R;Zv5;jv4No#!e091HMQvjZVuJ)84}K>~?RE)@>o1 zQWl(lVZ{~v&|wfmt6Rl+wF?tYKggh!J34=BJf(J>z7*W4xtCV@v-LuJ$LEY5J74yq z)sRm{GQmu**|Q$m=P8-uE&GBUT8DL-WsAJN(W*o;0SSu@w7bb-FTJTY^?3w4O=BvX z-itgAo00@%3KR=?4!38P<~Aft%5@!15%C{)IypmOl)AMZ{bA~p7NF9z@FRP4t!JYm zJhwcGUX(EtUd z7jNR*xX<$?i3fKrt~eMx)GGtV0ohs-atC6>OATWUu-+0Gaf}j>nG2fW#O!9lvC5C- zUpR7)>&d2;lXJvYCyg*Rq#JB`e_$D0IRw4m5wE88quMXNQ!(a6+=Cq70j+sfjhh zUVlZ3wGZ}FWOdd(G+*&jpXiRhWz-N@F^v-Trcs*dG`)C9sPrtq>X54eG^BO>DuQt zjnfGkHA1=pQvo`<-!&?aLnD69x!wI~r-9!pcu;J^;q*aRZ3K(z2@y1)^p7-qie1{B z%sh>!IrB(e8oL&i& zop)rPd0to7JO7qvOs&uE^SGUn_-#9Ahn^>|&;x7cdPB#lvY~;}SC^=5p*Dw!`6q6P z*;M-8Q<$dTi8g-@;y2~YLt%_U;mk@29mSqF(Kj(h6O6U%xx{L^9mZt=uSpswxMVv9Ig?9_iBc%)I9AHNC8d|L!EkIW3hByW z_czTpVG^=5TT=*vfuD+BY*^{%jbnKeE(fU9| zFihZ9?Ro(!UjbnYKfHo}(OtmG2kD9lTA4NP$e71vpeuCSkZu8wmIY^{k!)0J-_r!S zo=p^aRP~63OCov=gk7WA$38I}av0j{3UU~J?#s9Eaj`8hmZ~kvkYwxDP)LM^%3t6^ z(>ctxC2x^mkmY8*)AJhYDd_i${kaa~y<K#U^zDQkg`ID1&4>OwAn}0U1?sxTT@V36Vmj0V(0LDP`XLRht zC(n3p`#8qF5e$r1$4P)lq?Fee1=c%;g0_upO#a~cA>ON8T#2XMKUUMTEodScxYeE^ z&fbSdS*W2d$}^gUxc*4JW|p8(oaO3Z z9q$Z|I69oOyYyUyM>qIMxW9CaiFwXLGKoh4dIhv+J~Q#Zn0xPVw%`A4I321r>eDJ} zRa>P+W7MwIR#olV#4NS<3}UoewW$#!_9l_oJEW>8idr!vY7+z@Hg`VX-|_q1_w)Sy z9LN1!|K-SWyx;F@zpnFjUg!BYRjxRa@i#*j4g1zm?ptE>n+f`O0(s&iMIk;SI(u<& zKj4qfHVscOXjl2M(o};{q}HJvD)L^1KO)s}mf*HZFZvWz%%gRD2A6UOwS_{SVV>f9 zG|3Rlqr0a+hEGGd+rMIVqMdX3-7EYtfr)Jr@rf7mpd0=QFK+10$5t0{jZ|I)i#n1%$Vasi)S)# z7FJN$VQ^-30#kHqkgW0NU0P+BFe3RzPj8AmVlJo#t5qyrpIL*QDnyphE2u{Q81SO0bOn9<=$TnlhhS$r4j9Jp8=TQE-}|G zT&rzQZ7M|zV(J5P(=WDZ13eb@C$>vZF(!GOVuu%90+@#pYBjbY@2c+_B}`uf=wiB{CI=7E~# z8xxy%PBPlTNcykot}(XqwwqpM*pLRjngtmtHO=acWeIVmERTh++H8Tw?TIRHe_F;K zw^~H{ser~JJE(DA+ZYs96R`mHpE4k~NDT@OgE=O1D{SO66!e|+ux z>5)fa9qzJt>7`NLIB-!w}29zQ=qp$^3fywxXeuXV6I$`RgmL>9G0G0A;)f9y1*km-Stl3v%+72}^x7aLZ1 z=gAkmZ+dsI-E1H&b){5P=SAtOEYP1f(esF<6rEf69-1eE#7}Vrf<;f$ijL~Uc3a^ioTNo_`ACh=#k->hWBJeHXSA94i(dY9w>ewwUs>>@Bg9Gd*Vntqp%xJWKkBy)3h<89!Hf1QBfkB~(o`GK`Cs~I~qeVbgcrZTjm=^wCNp;`YU zwY#}(z{|twu8Y|MTI7n&^Ux5M|N`O@@mc0tR3hAYbq z?m+~Ce<#5(3E^8WG~THtVN%yqOlZ#?ow4&DFw|ch3;?~5#gg`Mvf*C~Ls^4u(>$iW ztoP9}7YqlNQkhSdg$BP(Z*Dr}6U``KsN>oD+4&um$?(2&@s*Rm>t0Ll8i(DcNZ~#p zDpsJ@FOF%EdT;2@<3yTkegrk;H?w4xKA-Oe$*hXvmcJ;}2QfuKL(K;a4r+50^uBw~ zpy2_dSl?)7RfewzAGd$iZ7z1yY|vNc)sc3n3ule=&6UQWYMrcwj8vP}Y2f%PVl5aV zZ>-uQ!$5eR^_q*4#Hse=bJ(FCXuMSn5frGG@_0Bd$W;E5E&p0rGPvW%DFM?gb|H@t z)=}qbUjm-=rNi8VEMl{*I;&!fa~-U3raUuah87) zI{c;&9v>Bovpalz+l+NUzWjY&WcFjv3e!S#zQy8xR4kpYGv@sO9k+(40x;jw;#FQh z4f6<#!j2(Nar0>##t5I*1|t||NN9GT1UpuW-zo(@7RZ&wP=l(I_EzUyqZ;H>Be4f8 zc)4eImt{>>#Gz}e_;H$znLHa5YVG5$*8Lh@9pRRJibTO_lY;!_v_SiNB@Mk|o^ z)AZ2rY`^YK(<$v$YF)8|*i%1F$y$pYmF9;ZfSI{@1-AZudF%t&xfbdp&d(-2x?kag zP(?9c&wOy!V$6jd(QU5a3GwXW0y+HEiXHBwjo~SJHOgIOU={XNNcqR0YN_%oq)7M3 zKhDvK_}0-2iZ!3$@+nXWm;Y5Ci~huj+U>QGPaT0;*oAU_)A+Q zsK)FXF~P|!HfnjPY?sHg@_Uu*sPDmO);1k@0ctu^QrPDR64@Xvv!HcrM%EnjbRvgx@JODE&*&ogZGR=&z zrCev@h=;lM>8h+4#gA0i&F8&Ao|zTE%Uz$B+sqn3Ewo4V-{yR?kMEQO%D!BYLU_fr zy=FYToopXJp30FTp{4_G4O}iS{DyiB0EBl62-Znuc~0qiS;wlTekjXr6AhITBNg)l zBRNv*6~fg|8!@uZ8(`^yv7aLwN7u{x;I;f4ns{3#+@Bi5n2sJZ3vN5rDuXdBqOD&2 z$N_h$cYgw?$d18&I7Jv@eL9y$F9r+(?7=#`+!=Qwg3A7eU61=9!wX7cQs7QkKj&(x zSrXm69QMpccLfeVI zMRddBD|E=(8^Ml;!=L2qWCNquH@12c1|if7S|*cl4KR0odZcg{^2#Kl z*s(qJ1i`!Ss5N0$({8jn?QoDkG5H+pxZhm;64+w>t8YIQT=OU`2+il5Y%GraH5}t* zYri#r8>*m#vS~7g(=AG?XCEI2Ae;HonPSZ6E>KW&VS6DU=Ee9V;s@vokn|GD{hnnl|-$U(}3jX=scd6W`aO zh19;&Ot1f*P3wq5BMGuzZYFr~oLxM4?IdrBJ44cOdYXLd3jXB|q7@UZi?4?H@btDc zz1+;Q+0DXLP&ew${uA(7?4$M2Dkn)&M1zE?Te;HQ65}pshSSg8FtQii5=n7TUeTXM z+~YBGWZ}qo0Xlh?ywz|VfZG!1Z666L(RtG(o^4h~RYfLWYFFRFuz04aOf?+_j|l~h`No#~DbGL2 zxN?bm$r19j&7{L*=IOD=%H5zQRgnwNDhe4;?0Mk-C+8{Z~!YKol zg1Ti1ttvN4PihvGigY;QzuCjG$*G{^;NYN|H38wZCsK^$IEoY#%AjrR=F*zPd-2lW z7jZw-?&On*rP}R20Br^F z&5A4A4Ehv9Os1!HROEUZ*fQG$;Nssd$(HO=wYM2HoIvE>}VP+ z9MOdoX8=FG=RGD{q%>QVoG>l-#(aV6)t2mK00#lBCAntk<8;m4g<-QA4>Of}_D>nr zmBtZ&tKv3`;h?0XP9LpE$5&sOr80SWABWqKyNVoUe|&3oa2Shg|Jf7-gd0zC;y9^j zuch4L1Pm_YVa~Zg+|M;sO1%Nw6PZP$fHBLq)CXKWk!v821Ddd#CDXbYj=O@|=1{^D zLt#4I=iBdA|8VpNoc_Hg4Gw5A*~m^V{=u~*5Hzff+PEfMZG=48oJ`v!Ak`q#e@!I; z0Oj6nUSMCpt{sC+$|%CAZudCYRsQCLz@Qh|nZckU^p+fd`surn)+g6~CWF;2FXS8-{9u(};xz;C^DsM*A|vwLtER&Q@+qU_JT0gI#BZE$q~DFAD$h zr(S4t?2bPWCW3%%|%> zKTzLZy8EieAzIF9@)m5I%Ka%@CuJa@&7_pW@``=|31g>yv5u>BG`cJTa@ACQ|NK_t znlO7cWU(@)Y50~pm30NaqG6=+T(oeSniwaiP5jgIE3Kd~&o_MoSFo7}jLuNixAY+# zzSTI;YcQ{v)S{^KY+jEaybidVzh|XyEcbdscQZ&J8Sk@@pbXsS>23P`;g?47eczir z7MT^*7H--L8dsv@ngY$kD%A-=M3Fx-Id`51O`Oowhp%b*k`APURx zyhxDv_#@`i_OB*Xi{(QfgX*qu-^YPnO)xtJyB!0U(Rb_@0TRhi2#JYvv5ra4^aAnx zP&21zC34MRGJGlf>C(Poqh}hu+Vkz&G8pSF+qiXKvR4mXme(>}f4_0@a5ro*pyfg< zT?|=svh{~gF^+MQ1rQ+=840r-?Aq9fd@uQG-(6~)9`OB^WgYf+Oa5E>Pa1N2ZnMX-_f0Q(W+6c zUV$$<5MH`ZwCRIQtcS^`S7%H5pim3G@k@|)0Gb$Vs)QAWn4MUYFDMpM*3x3Y))Vr~ z@|Xs$17}1QTidaiA}!a21;yQB7kfYdhh3E?o5RGh^TYsr!|S`A)1U9N{@Ik-;M)Xh ziPM66ayja`nD+um)ACKAP<>2q`UoV$c%{t(tZ-d(wW3x0qcyG+bz0XfmzmCF zuwF9EBu>Uj@y6H{?{B=?DRnS}*gv$q&$4Q(HEzf1dmhme;@dLn>_adzn35awjnm+$ zJ!mbM?xF_#Q{X_MjRr(imh2rhfy}F3#;PekgUm8RXIgmI``=t*wVB%fK^ySED!_l7 z*`?In^%j_Bhjn=<-;t@~UB42Pn=Wj~2yW8AqpRdZzt?0DAkpw(O5EVuTO_j`%^ zEm@B1s1qn5u6$cC%#L{iECPlP9ru5ZACXUL8fZodrd4HuO1toeW$wYn)v3@jj|IWj zQ;J{Zu5FiIqvr%=*a#a>Dnv=#2{UvVxHeY)LP=KW5O%h( z#d<=|0+M`P@P%D1B#jw*^z&boJ$&Oq%C-Fcgx<<1i|CfrQ+*vQjlRt!bih_dn#D*G zE;#x_z}9J3DU0dX&3<&5s@gSS^80wfv>cLsg`AA#0{9H$=1fMw4C@?uL=`IeVezPZtqB(W1eK~ z9-@?+=7h(Ngqz;}@>V8fD=Z5-&ZpXcUHTK6uw;sZi<1@mVFeB)lO(_!M8`|weBKzA|q8}(ynplbQSSmVCQGMspY@=VGR(^78~hTH0-eNZkbu1(Y-UP z@%m;K7NFkMh-w+$Bao8W5^Pn{(%>5=A?5Rx@_8nUt~CvQuRg$RLMm`cM+y^egT}m1 zM6i3>see_ddDZ(3H$_cG{Vb}gA>I${cHsNjm!b0g8t#DSJbcpm;$399q0424v*VkS zfbijgt%|wb|LXYe8sGF~A(}Gbj1&aiqQYRO+^CO{QJjYd?dWkqJ@kwv()0C~Hq>8} zhd&d+B-t}RFzw$mS}~&9ttPyOifTUy#f85kZ>ia5;oFtQrKbNE*QdC<4CJqHh^&r# zWHZxhQ0Jcot;fc~k&d|K8+$L3gIv-bCFLoh;FUFYJc9lb`X46Sy*?7bIbY87& zWVuqG-jqGVg(#n~!}}g4J1)65$8{^v2zIPsCL0geN)lq7ZRsg-!*;UJRnQz&=hT}l z$5Vg%I-+mo>vz+(<<7wKF!v9RN)EvXP4h_YBO%2Aa*Ptb+sS4sz5@$^=hGn{@vMXTy7(lQzg$ zDaJtrc(iS{s^$3w2_Z%@wt&7W<>)}gR(}`+zDLYYBenz6G2`mHf4>PM-wC+N9gkrk zt$E51bbGYB4A--i2mTZ{@e-aBf4oN=LrIbkSbJ5|NQNAq^L z43g*S*gi76NKC|74!(I7nd#LrY^K=+o~n6&>M7l_WhX(*xZnM53rLAmEkhN{NVNLQ ztFK&B&1b7$?jJA-6d?MXD%P>mEzcGJ-<}JcE+;K3D6!H8<*2de)UE*IlvLTjSH2GS z!T|tu3YeKX|K8@jJVd$Z{yM*lqfuT=+O82UaX^g$k!iLNgJq2G=?=CWoZ^j%Hc+{1 zGTVQG{rF5-_4xGNZb%t_AljhQ_y|;84w0KZ_8fDGJ}kr@_IM2#n!98?+nUWywU{n4 z;~lip$Ovu)+4NOI<@vs<>svZc{YidF5iO4-#1HlNZ^^hS642)@<$Hon=LS*f2cclL{lcjc|RvJgwEh> zeM-9BHHEq(p{zOwUo?YAu~&IZ>ov~F0di^SZgXhE)ZfuOKgy?gwIL_bN(s{z; zR@D2$E&1Lz@=F7qmh&m*gj+622%g0!zhPx%c}Mv34SNHeEkxe(la6)k+6Gi^NPrP6 zRafj}8XQieMkw&+b1pts<_676tTtq{jIa7gl=+7%%jfizN*b*0_>dXvw?Y%H@_gB7 zp}>bv94>P^%krr;>mGmC)$eX?%{tGf&_E4+guFi#@#l|J-K7`d^!xSr zU`l5R=$80+aYohsk$_8ZUP{R0!q`AJjr2<#88_>uMJ2rGBaEyBLH+zNS>q&`lKJH= z0=d>X=t2iFJA8QMY_8|q%)o;R&^=V8N!C@H8JG(SRNv9$3IKe430bU^(hl$0>G9W! zTgKmd<~`Hd33?`}4axTDU5k06?at+XOKtl$373c^U`vJlDF#e z{5LGd6{_&h^QTG5^a`u@6ejhpcXi{jrOOFyV@Q{^=fzucZFgN)HT8}|fH&178w~~Z zRjf@W`fbk}vf${v7f>_*5pO0taC{O+8-7_PpwP64{b3xmLW3TBdjDzve4}p_vp4R8 z6NhjG-+<1nH7@Jv&# z<@4&Q+FQ}|!#)|I3-hr%8Gxx_-ipD;gZ0m$femPxge3Fw)4dLZeWyoHHZg4#zfm{` z9c|PkSCYFsaVKqVsvO4Sr7@2*MiqPFnx>>9qNXFT1GAn$Gaa_Kxudefk0fnM0q%ZC z^Wv~*W?wCA+6$HsWqWJeY)zvVnhG>jT`Ik8LHb}0w%p#0Z$CcSk6cM8*u82TMpeW< z70PObF&u#F=zqBb_+TpiSe6^haIh?n6PflrqEg+GG-MTtTWFT4^Y-@_7L>>0;G_HA zZ z%kv7aOdG5?oYRXtR&_x^dho9<1~yGX!v6K*rM5ocgAaTw8j-L_YWIz86mT_;WfDr( zG4V>U1y=yMb`8@-~vwt-$+p64Bt=zvMIoeBcSDg16Uf86D zq^dWYE*Vg$r$nmO+xzfqKnpmUs79S#aH==&2N{q8Dn_S%U9<=Nw%cIyv_!&Xc2HMfn z(xP5^v--Z4oOq_*o5)%@pl)9W_OA}k2e$?di>?+sIc)+l2V@pAA=YK`{9ojNwt8-a z#10u?o}Ok#W^OSwP2LX$liW6YmjnBo+_#(hZ!EOnGlYRA(Te-#I7RA$+12^cD2koJ)im`x-x`KW-O34AkZ&PCgQ z*0f*hBCx+LzmOm(s3D*ilT*%K%0M<@l<@5-+Qkt!GbQH|jgIZkqv+~@ z(!t5q%)B?5@N6(+S#^|oUiH(8o```lX**5qqL=NHmF%tGRvTfUrw#Tf*+zdgT`esH+j?Y8@?#1o;sIt4@*-DOp zGe_AY8^hOk?$KfY8UEB`m{Rt;O=OTzK2$AG-n&b>GO{6%Qs!zhSM~yA-}$O~4)D@HC=E-YsNF3w_{yH1k=Jb^J^Hxlh?K%TSkHec_XRPe{G4 z5YnG>rC4}77rP?>+|#U!IMb49&t}avSIBuE z+tPRp-UlTl&DMPXKAVG=yT_UqE02kHjby2KXYEo|T@r@E5624?6nFAW@;k30=3 zmihYaCP!-d#%@XN-#jauuR)LNRn~feYw6513PJ^$+<-U5pMLhdyEV?Boa}Lxv3MCl zE~AHo*ltAY^nt;U5- zs&0CGF6mLW0UB<0mFQ)p4llG``uw|viXUGc*9Z1%Dyq+N@ zD9ZyC)m&-H=5Pk^YlwZ~CkgR0zcSY{&mIqtDtK^%ib=MkUQkfbxSkKV?b$1Gm5q;= zpW2E!&l72cdPYD$CSBIbZWbsYeY_){xNJhO*PEC+R>% z`m-CPJjF@q*@NcsQ_mNnw-w`wwLc?d6+T+`djw-J9obw7viIVP)zhsMUOmDL+JPOc z1ph>egcWvt7s{!q`3y~{Q~w1KbLLD!?3C;g~@cdL&HpJi=`*D@Mdt1AP4 zBuv#?3_t{RG@(9TM0Kc(DGoBIGMEZxa1iln!k!B%1lU;Tyy^?1zF_Ux{dj}7-}6z8 z-pSPBDZ&TMp<2auk1F+YgyQE&s4@rwX_1qZ@;(WSsk!W6Wyy9UEZX3~%G)W*Rgtfg zH*i(1wXd7EYTr2LNbd!G)?lIQejZoq(LHf~`L0JZ3KE{@N&e4bWZiB_l2Bw$(UQ`c zCifip+BLjGPBk_mTXe)jSN0_!nyNh;MNkLK|9q74b2T5G>fzzx->*A`K3a1@|3|ao zCw=%Z3o|%YZYFTr)J)7RkA{NF^mB{1JJ>|hpwf_&lG6(_=4ewJT57|6TEJc7RWjvj z>#Z+>%>ckE`@cFUv$r1K>LTcj2(gcDpTs%_)z$F0KM7A1$}XA73jD7$LtXlRlGLSM{QJuPE@v+z9fB%ZO@_*r#-A8BVHzC2Vcl~5x&upU3?A>PrNg9xw6bOn?lXF&1896fG zEj=Bb#4~%#e~kgG|Kq}2-x2Zz7;Ht?B0yqL47yj>LV&my%cxuAW= z#pzwvh?7E8Ws8!y6RxA4G7rA&NFeNY|HYH-tqR3~x()@pvx;QWnKVU^SZJJ^suyN$ zbWqXdQ*S)sgO|6~`$=pv5>FAZfA4CS!bj_e7C$|!n;xxibjs(0Ds z$kx$4HArFqrj!E1Ug_Gvi9g0ildSrmRkR!Rq?=x7xJ@%qI=k~p*{OKs4aPxHRms&b z7V|%}PLBHvp^sczfyxarxtDbZbNcjm1MRI!Gse$Mpb|tnfx~M6%L$I%4Er_xu6gQx z%g)coJJr%`c+*1GNvJ1hrNu~i$L*3+L8K7Gg4U7Z2Z&=;tz|JerA8iZ>YJSfgeeUK zX(B5aJsGDV(bpvNP~%`%%#qSL|z@8(Tr{q}=KSzE1H8kFe9 znJwP50_|jLPKzD{rPlp+sGsf!g&XJW-zpy`iikcqVd)}5Wh#RVCwu{byE3zJNxGtx z^eB|(Y>7W8zdsoJ^KOzq!%roFuakK|P$tb?d-RRi=&ZlPPrc-Ea86raqCkSkpoCMg zZGCyFSHs!Fw(OaJi@Mgh`iaM5;!USB+bLVCKs%@9@8?w3!FFgcIOXjZS(ZiJjMfnB zii^KsrQMXn?8yG)Wrv74-yidBHXp0-An+>W4Dvg8GN+Z$gsN2yO&rkFR?Xd&d~`O{ z1WfY1v4m%w(OmH$Z@MN3EKXbkSdB8RyqZ`3*u)F&%KGNyVKILAv2EVgE~aX?=*lMa z3g9C*zjoP0_5-&X1R|A=7|mXXUmVoIx*qi7hEE3k(@dcUUz z_^{%RwlBMhxsa;-h6|zYfxmWi-C2ZeY2BH8pNZmp$b^@+eBa?Zjp_D zIyN(3jKV5WSPQ+)<))|ujq9`8CA+-?f;mB+@|gw8sjhs!5bBV9|NkaYx@`q-2A~fWx)Tzn&($@?nerUboHj z5D!J+Y@!$ZpGDC7*13Gt)__&ynE@S9UDRks%a+g1%v~s;SU=PuZjSJoq~<25 z)6*fi>EEC~hHqBq`NY6@x`px|{()3+}H z05QUGq-Fc%IOe7+lIh2b!Pp{yym`KV-1EA&yD?5%E(Gxha!M*eOJnA41_N?q@J4B^ zrGEChj>TJ$Bj(b?%!;V~2O`He7{TBv2IruZ1{hKTFKf|oI@>FKGFJaw z%b20@^2yk=-3_fP6CUS5slAwcFfh5a?C>_wrCNUB9uiaVs*n<2T$w*Ok$JN_ip63@ zyiH{I2c!zDDSTwkF$P1h-o;@`TxQG~r(Gd_xN6oKGk-4neBg=c$j+PX_sZcd%?s6Q z2fnrS)A9YHm}4v}XM-3~k~A#?zpxJI&I(x%sJ3<+@!_0BcF=)uMXmLP0Ftw!l_j%*{NS)TyLsHr$!)U{d~Cxxwl&uwnSE%`-H?5KD`>9f z^wDCSS&mIecb5rw{a^TM+Bwp~C&U%-UE8L!)qbb4!okRD$;9b7O0=q4CYZ{nOIg6P z7IW~XdzK-z?}~>=!^!?%569e{Vms5?`AJquq@W8ZSu42YP}OzDuB@% zKf%5$9h_jz6+dAWQrn%?T}NtJmH(ROKnI!Cq%~^Bx3m^m9XGs^w^LRo;IbUp08(TQ zq!DW)dAjO-2nqPfZ_KAt-u@!UEvOr4mlkMyP=qEl%~tFLb@tDB;g6NxUKJk<>%0#D zyyB>nwfP9WsIms#C;HgsQu32$BQnL*R@u<_4Z*<;@e13{=T7pE7)C@DM!Qc=dI`qy z53M|nSkcvUgp4GKc9 zZ^h67KK}DyVVU<)oc?sPC-f=byP;hj@m4E^p$@=;Msj1C*wW>)Dr8HiivmYYTk!_x z7>Kynx9?rYf&cwZ)t*l5_U(hdBcrkupx~eCY516x5K&BGe*bggx6 %s^kPc%`f zW!{@k6o+@#6W{{}XzA^)Dbc({=($D?Tkuf1M8%kmQC4uBpsv?I!K4s?&S1XWnF(`r zr9Vx?(7$1i;`M;MlWe3HZSJ&vT?tf2pc z)sEk%+h8+r+MHOs*hcyY0K67~^M@!vGvT$hwcnGU^JouQ`K2=ct_i>MEXD1cb&RoV zHZ5AR@I~N@E*{6weM#)W{zD#aLq2`>rNB00`jw~e0^F#2K5eE4)ypR-_O{ij_f_;8 zwu$3F2w)2hl+Et}0FXE1Dd#e;v3`e9Ue?hlFg@7kReg$~o`e3{W^db{U}J_WF_NvF zx}@3fyPu@^G)SIkxTy(T9HA>l{1M??g)iGxODWqd=ix`7bS80XwcmpsrTp1Q-o^_? zq;!OyzIpLBC?oF*; zD#e$sr|hd{Wj`dOj8N!K{9xs1Q1%3Txlb2r)#_gAU-$PnfzshrRIcLEW{&>D$c>oq z_sB>DdhAr8>nfo_$Z+zROq@lFX`P90nLB6>8ng-=2roYZK_O6`CFnwYLmxoQ!I}2gq zrCNyfKfgFIog2e7TMYshV!1UeYUbyQ2bOpRK~z^SvhF>lyZh~Rks0Vow-7;3@<02RyFeGugQ@1{%=hX}%RxZ5<3)cQka8ymiJwbe`FJJX97CTXbOUJsWsv)7WaZBYZ60R?+By%~^Wa!G*k+6FTMV zT(?4raQ$!V*g1Y$*E{!onJc<3 z#O71*_7;Unwk#l{1auQm2qaq-q09?xWiCn;?}^L($*m7|o24nf#CAS048683b#dQt zU_99tn-LgX-$Ov9)`$}8M}Rt)03Sb5l8lm%ix7>raUhbNfYZ<`o1nADyCHT(yH{|D zkN8f={2G2zYF=K<{1v4jmm66w=^Uzkzf(xfN4?JmndH)Qz3is7__WvXh_TH6@vE~9 z+ff|)9H!-+HKAkmJr?}QTRDiHBs;`%(f548xH7Ngp~Mm|UM*}j<+lH)*F`pqy@X$5 z=wEGb(FA=*GUWY$sSQrST))ANy7{_Fk4ag}?RD>-%%?!p59EuKP1STLM<4^hawSx|R(_a#-3o|jb-_4fZw|y&{u7T+Z50-~$ zf9h@J)tuJaU#k@h0``@KR%DzF@(sg0R`_wj{NL9#3ZfO)XruRo(^Z6wst%T!c{0cS z-L0a}_}2Qw&xg>K$Mff$s?EaO+szN8=TdnE-<{|C!yM>CcBqmb9_lvP3awS}umN%< zwR%NI2q;s846V52MT07TKi$me=(u>>L1TJu?GJun zK-pU_q*0S!dM4MOBW}upPwnl{Zw?X|%b`J7clnj)P-6?jG{O9{vr^fd&5@?>TCUA`peq$IiVk#M$x7S;)xwpDd zbMsIXCiX?z_J#=2+50@@c2Ew;CQ}t;p}E9dhD(@ zx_%fyt-*GG%7g(N%nEpu-u|y5Cy)7>pU&B3!KrI5fi7t)iLjGFf4pVyJj6raC8U3-4SNcL)-9Oqr3t*{@=mTT1_sxoRy=ClW^J-WD;n(c)V zBziD<2e_RC{}LLskaQYpR#+E;oDD~|a$?Tum(unz6%X+E9B|*k;OFOmMH$7;t;r)n z&${tz!vc^~wjA&3qh;#u1Gp~Au;1fi#g8Y*w$ka6FlckSL5pG%+rUNt+r7JYi?C<0 zN5&L>2}Tv1%elJDjyiYu@4)7ys>ah8g(Lh}ND{|$l2xQmg)?mo9W$aoA+ex z2k8g?-&p~+P(|~m>~gHuR+%=!u(#1I8on&E@%Zzp47*+;MxDN8lPZhX22pMsR$cPt z&e4`v*>Zgmzu8I^i?>>{ci26&j3M8`2Gy0hX;YLNi{Ujg(j>8(7_28yod^LslidWz zq@x`-lw0`>7ErH>rs98WIOq&9DLGcxx72F4pomBC)$Y!`^zn+}&uSyd_Cjmp@8XRW zPSzo9ZyILw;LE>=gB;y4iPUxL>&fyon`fSK-wMj1f}%Nj`bhm=S>U0%vnf0?p=kH} zL0ZLeYN|l&u?0Y6;y?L}#0}*uqRv&jFEZGI{bEzZ-^h~~T|j|N zKEsJX!`P9H%_2l?(ZdmE>1)aX5P&cZ$Cxa|nz;Mpf2~5TxNP>!p`p#12ID^4fp^$` zr#)C}X*eeZZu$8kjiC_H==-@Iy&Y=q_daReO*PdT{5d74;FTuk43zZ1t?l2OG)Hf1 zi*`mmaTsORvbT$^1Nr#CWeKXu2Mf$3_@!sl115T9*vKZ(ehW(|!4YY=)4A!`D6QO3 z9{p6}W&-*J<=)CrN#e$LH61q%Vo~K(LGiPeXLXV%AiZPylg3fEp*~x@FO|GqB8cl3 zg@JBj7G9*KC}(@NL1?puGN-_g7ES+UYnli5gD(04{(=$7GW`Y1O#b{q%?EWSITi0z za_7PJrvtG8XeTbG+F;VhLCRhK-WhmL7Q!ZWQx#KYz+P|Uu}$Ry7cyw>V2n^^!hQO) zUAELMO(qcPmTbImL7P;_Rv|-`0oA2N!(L9-`&Mz_&l7LB{^gwc=jy8%Rt!%e+oh^H zj{~X8r9z@%_<9TbMy_-uX(er9$Mobr4fM?OVmF*09;CsCt(rOZoU7TIx~FdV%OS3V zUVJ%X+8jQ#L5Zg-ei!+wR$j7PjN%)#r+X;Gq*hLIxBe8ylhR1gC-sYpEkxOXMr?(m zCjXsploE5>pbwuQTUS@-LpOPjJ3<*k>l0rs~^pcJcK~98%}H~Mn|*Q zxOH~HwZ<(Lw+Y(jO}924Kh86igSv*+x&y)tIb4VqeQu)l1tmcCV>yvH-af8)-e!X& zD8MzY(vBY;72|P^sKu9Vr#pt6?9=3oiR!L6dL~XeZY>Kk7)@5Ky>1z&==#&cFUY#P zLZS^@g*l6j6A#0B*?H?VZcrj|xqnd+lWdQF{LAiIkLA`6g-^_HoyQ?HoSxT%j${m# z=9)xl#=XC+RG;`3Hc$f!I<@*{>HBAcV+EFB=MDX3z=v=T|gLz_Qzf{(Wx%MhBgzLe5&jl&8&987 z*pzlK4A9Z@D|l!O@$z2HrAuIDpk4H*wcwFNyvx@_*Uq!(0Fn0_dwS-gIkYu zpLsGx{G&1Of~D({NO#Li=K_X%c1e*&%Rv@eqPL!!&TmllN`|yjj_B2rIo=-i!zGXS z-~YLCgO~rPyzTiEN5xOZ%}Gj%UQ^4!>W2~J5@nB}%n%BlL$AEb(U0U*)rEUqG%%>= zm~+(9#<8~fzqotPsHVQQZxAasL`5uA8=xQ}(g{sbkuJR_NQY3A7HT4*prGJidX4lF zNTdX$Mx;c#(n1eCga82ofe?~Ryzl3JpJKg?P)Yu1`MU&-N|v(G-)zV>zf%HQ_k zk7a3PaaeSlq(#+^!V?0t8Qy$_J9x;}{2ut|^pMTvGj3%Ts0Oq0k)E=PBAm%@b$++? z+gJhJdv&F^y#juetN?lpiY`k)%oDRl2lH)C@yjkYCw0Z&ea*d7stYc|xZn#P-@#L`mW zfv)T%kD7$iZE)F*jN^t|$#PXskrqdE&+@=0(IVpbyGp)Wawx6E zLmV@s7e)H7_yIl6Rd`rZz^zvyoO927xc|nEr`+N&x|7-2-4Ynm~Adn1IEdNOpVuji5*W*15chj_4GXi&C;+JrT%NBMNR=z zWT!nbVmySyi+#W~y!vl9fCfsw_}V$jC6D!w6gk!`%-ujcFMI#bZy#lLIpOFZ%Et;q zfkV7mYdVO3p)n)E3(p=%$Z^c0XrbZ}`0TSt>PWdTk&*K+>1{ z8v=w<2!cQ`)S$&GSGxa?lKLdc2%TTYRIM4~l6D{|)8Y6Bt0Oi|lr?_)q{XE^Zw*ct zd+gns@HLl_DJyT*!*B0fDU*DRS$D|Z=IQF&$f35aB=Lhs)dNvinx=B`@;Z0YuG>}X z_dZ7kK%m_rN)XP=hki)6*P8<^?xh%;9sKq!fICUy34$~FlI2^?mosCPrnwyWn`B;j zRH;sI_ctGUG7&+c??CMf?Vu8t>GLy_)j&xAAd;73#&X0aTbkNvy87?Q!Uy4;`OjoI zFAmGwLae1c=@R$;G7vLtX)y}!evWPLM(=M9TianC+5kfzf^`S0F(sx}v?Sk&#rozf z1Es8-1REe-3ETE@Mi17vzUooslO14=0Nr6^T%Ah#T*K!3sarqznv9Ga%=1^c)LWn( zc-j#@{!^_e4Y(CJ+#bmHOFA|H)S#3IMOf9MnL9SsV3KuG?>MTk^6sKp-C8)&)2LCW zTT1v@>>N`)#g*bST;|kEfAl3x4X*mhV&L6~^v4&rP8?UR|IIM{pZt?9YtoKETFh2| z=65#8xKcn`a(j^IAM*0vzY{YdA3+_ynWg?L#f^zi`!Qs@=Fj{ewc`~$29YV~f|}=X z$$Y%w^Oxi>UYO$?FVCz1`mcln#i^EZWi<4|wkf9I-{=!pb7=7&b_jZ*wdlhQtplG< zteSM1laewC4?|^9UW*>10*yB(s&byOC6KS1plt(Nb5EXa*m{MM z8XdUv6G+bfflrHzxcIbT_@L?%MZu18?_=4}cIo2fq!Bk$am<{6ezr;-xXaod9U_Du|in6u#?K=01EXpj;VzC zr}*}kk+P4oO`6I4h2iH_S0DJ&}!ESLXw6^3Oaswx4WK9p^8Xi|cpA ze!8W!I`Xpu+b~-DC$ur^TC{5O`t)wDw_PZxmf4p$zwqPDA)-XH7P~_oQqcu<%0<*_ z^OD}5;dtrEr;#na)Hrm_Vffn;&LO^m0T`G#!Xe;QLHIk)vl@#&SJ?eX+--8)B@sJ2 zM8}q=2zF>?=*!o~0GZ}pjg66-#5a=TXt2evYMrZrV}Xylj&;?z$a}7N?2Pv!vhE@5 z6`v3ZPt2F73lOBm&RH2hB2E^2PjPwaccN|zm{yr>@`7+Bj#$^?Y_gV>;Zy_uWQEQ% zTfaSZsdmj$crPO>-60;In)_2S2R^8`c!XG~wDot0=@0H1@f?;3U99SeO;0VHd%ttM z$hLqJn3CIbn6xRNeOocfC-HWsQ5-`d=lL7dmn+2B03n~(!5yg-xXdJe3az*{)@Ki%$GrrqaKyj zM^==#^8F=m-$zl*S2hD?NfdR~_flM1+P1B;Wm-u0p?KSzDd&LAZgk0m`^hFxpISrO zo!&3RQj%a^{q9ElZ8N6}B~RRI_)bYEx;>v^9^e+c0-ZmFpUxIFL&@6sUG!*Kb<4Z1 z^?oz8y&lz^;*pqQlDlNzT5+H0W#CoqBETjoxG#~lOS* zIXC`HX5fB##SPD~y3DPut=keyj)Ax@d6bRmotEObnL(!MEZQ0&abIGG_Xc@a8W)}> zd^z9vqHxib%hyU_#DBAx_{WzgUO>E2#i{YYaz5)kdu#n!F*M>-d9Q`4(0K{HgM%jl zUkTA}nxbdAuE(ca+%*MywFOZQ3Gq!@xMP)n@*1-v)?a5)A?jhpNKtzVgltz z5FPii`WH|4UhB*k6|Q_#fcj9^Ts=a(KB~#Ae+I&)!}`ccrNOY$7}ELxPAskhG!^|q z*`;ZXG`$8M+P2T~fbR1%cHoZNe_D=&kjn*qM^Z?D+94vZQeyCK*8WIZcsWB-6#|OP z92srG*%nr*yGyMn*yxMw5)I?p>uFJ@4ewrkKPeXf$1k2?gtTDBGs8FirJZg!P3d7hJkSa+;&Xh#cPCHy(TE3ab|J29OQx`FmEL0vHD1vze;%3=RlF`rsHJ(SQZq&oCn3vWXyY{q#yEDri00_b@E z4N$cIIB|ZvQ##TI(0q7R82TeP{iQzFZ$!33B_xf6zWw7a}7-Bi!bx_%e~371lL~d zVrl#es%&~WS#54}YL#Bb9W+!~Z_JBv`z%o%Th881FqSUxg0lD~1iPB$Q4Gs(MK}M*nvELxc7UG(gEe2 z@*g0x<|iqT%>>?&YEcN zVi?1~kP=_tCHrFQCs_yNbuJjB;mo3NG(yw3)Kn&T+2& zzv|nuzh8Vvnh=+x#rV=6O0A||4M9_s!Ty9854k1}&J%w6{j7Cg$uzhCBVFxx(B&IT zUfV5f$4K$6F0(-gty5Z+4^UP)WKe>r)-$`eh#H%>W)m7J9xcj&hX(5K zm%yQ?W6=xgAJ@Gf(Uqww7Vh1zqn>lT&Rd0(mp=@%5CEWB{%zHB(P^Q5K@7LqG-Wyu z_01K*a?3Fb&*h<;@CWZ3hcq0`Qf9kQW5+K+nmnu@Xg)FT7gSX=ZFGq}g|Sy(#r}pQ@eaH8{6%w|9P&g#?Ujb%TS(|c zYspFB!5s^zfv&M(WlEdN{fez;U>~1a!g2P_oGIi2g-eaLkEA{p=}>w4@)jmc4RgUj z&-CYS@Av9=55whJ!uqbuKjfQsymTk%jO5K7#lsptabq9%55dDYc@h<8IHdnmJSA;$ z57zJVjQW6=PIz&1#8uY@5(_!;COe!i%)R*}`eFk57UQD6GA)4*%xeuBLNdr}xa8zo zvrPi`PLGz$*oTuIdsNe2RaI)+eg&U|W1lY94RbCFsHDB({JO^9z3PwiL(DA@dif8` zEt2;LHuI|u#y1A3NB<}q-gWOHed9Hi%*c>G*tDD4Oquy)T9mz|ty-~-_XmDd&^2P0 z-xa9`no{zOg%Yf=+b<)B@=rPjkYJgGb)EBaOdjFW%?og~HSbU@!viR0eU#r;cDK8T zw7J^v;khyU+K2`?{CSUEM-p`!VmEaYYk`AvTa1voo9^|Usp_8rR<5wp_)}B6_yL{( zANN-o!L6zBCEmokbYaJ1_t~i8mv`M^?$HlmAsYSZv^r4wS5D+XrUAOUA}?f@Yl{90 zIJJrNUn%M+@g6hPkIy-rs(6w^vF1RtUyWM2#B5(UAFuwf7AU8!04+h~oKPDA^kWK1 zu;6PiO@^O55Hcs-Ft;09R7#w1rP^(RX+y;N ztqE86*30_l+cVMin}mkyiAG^|i(|WA!JjM@$;&2p(Hr@i{}{HT78Co49nNrz9oGWL zwE9;Yeic6J&A*6eiw07_)Rp2rMrvtnKdERAwkgU$d1)XetdN3RC@- zAO9Pze9eWgo4{^`Lf3a3Pe8`=p*DWwWcf>$QavBzl+W}@G3 zE%HZrP(KBBZ)x+y&WC>Dex13@Z2a~Q_;mh`6vwso>IP;Zr`mlP?fHQ46|u${no^=&Z_BR$N%ZiHp<{N>eS=R07*jmfDPa^nHFwd^5| zxt{Ay%icJEi+3lBQP#nE`RTKPPof4)hM0-m6!1b{+bApJTq?pZ^a$+ye_oP&=z%qu znVGI)knl$L_^fHT^w@srGt_DhK$k-!Y>ZJjtQqCMxUgAKyT6urA1I>+WFt$Kce#r$U@GtRd6Mp0sU5r{j2jyPC1@?Gm3aSe@z&=OOblt3Gvq2V^xPi6lH3TcjZqfaKf#_N0tf@u z;q@s8a`O*-%b4rms~pu|L7QDyX{ldn zOZ@;Z&Zzsy0l>a)2K&@3RcT8NwoP|q>h{=MjqBSy4OE2c_uGMN4|s=9(LrHvM2&K} zINnQ$rCGW&7|(42xs;7d!*PdHUof-x$12h<+8&MkH&kE4Q}iQlGNBibfqg|waoUhO zRu{udnGLkiEk%9!IoqRby&*+XLKj*G2%1I}l?5rBptBl5yi4Q~LYOhZDCYFv%Pco0 zRz&a@h%@mSk^eS4O;~Mi;n0eY@c`lASpg+NF=0;AENL^4s#U_Tq{AF@!(wVh{3yQ5x4%Ih7^E&H zjXwnI(KC?(!T)Y@Mu98jM#vxL{mEwVykYj^cz@DoG_EspJ1;`Fb1tP|ibLVBerTbB z@Jbc|a=RgnT_YXqB7*#vJBAF$`*V24JpbO-kC{wpVQH-4$Q)0B>jV|t5rbLY@4)SJ zHL#wCx?21eMuS-mWH-%uP-5MjzNEK|VP@*rs5!rYMPjwnVUD)i3Q%fkVLN99ebyZw;uwiVW}pp@`{ zcc_ui5?i5E-8!hSPsr(o{NJThFNDlxHnci?#7CDr8k?&Otl!e*@%Nz;WTEGJ1K+a+ zEFA~0uR)q}`QeIR#SW;sz|8awX*<{=q59U&tx#>x<2(}a)l}-Qh$IKi|Haw)A-zT> zFQ>V(3em_wRm!?nNV^9kw9)_1os;R=TX*beWcctHoN2j%j(p4}_XsqcEn$>5g{;sp z?yWU2Vj2c^vC-Y5XS05JJ01+}3Ucmasw>OA*idym$L6nKtJ$f#!34{rwQzT*jbC^r zjr&ckSeBc^BB6trD+PC$TfD;ucnkehav*r9tPQ)+nGi7f3OmNO>3we~C@9FTz~H_< zSou3ZZW{l^En?G*^g-Sumk|&(&6D4Q%`>a!vUqnLp0Mxw<8k%_aD-@O zviT1_njey|>E}T-u(qDw5S~e`{h`5ji)!PSXtsLQ7Xyj>dqSIx1H0+kbdznD{JVDc zeG>MIW9}BN^j+=#43xfBtNogTV=jglSGMQUUY9c&@RxPfChXtHd zGah!dBlTN7-_>xfbSC~+7l`y4 zGV&At^5;p@{r_ePUXevK|0#u3uLuK3H|GDm_ojuizkZQhw?^4f<3ES}%d!wH1XCI) z0hPR2&;E9Ti`Z+=e~#BVl`Db(8)gUMybTTffpCQTKY!tv`4zLfk3B#2KgozuJb&>_ z|LeHP_x~Gi;{O}7?*9%0^OGwR=EkCP9#`OQ>yd)@yD~ZByt0#ZczZK)Iupde9gR24 zYJyf>U+1;@Aj?N~h6(ehV$XNsgX7Xa3|_oxHlwn5^vRjC{-BA2=v8Nqm!o6O5)mYW zGKxmyR*9EpmIq(fmM`+ikJkbOHcMocc0MmJPm^6P8j3i=x$shPwICXf<+(d!sH1c0 zKy{?4>P1E$5dM`*J*`w*y3eo{cWAqtWZIi0QtIuIpz!UQHc^RYeUN2aAXo>Nx_?&% z9Ge&rY2pe@D&Ovp$1!m>LmS<=#6VD$gBq|F|e^E};j=)QJ|)tGfA9PzR0#E<39hSriA1~szf3cRekq)q>dk3xyP z%RhaLoqN35Lh}c*p@JH=f3<3|eM`#{GqtVL%!&2G>HzfWUMxlL`?S|F)uce*O2 z17qR}FPV~1D{=LK5P=Lhl4irI?uWLYYpm8}S3M~%z9n;uw`-l(!u9JS2yk4J)L8e~ zhTZMQX=5&9;1DeEO$)^bVLI|rASux7z*@zlM9QeoIkv*qUUUOe*zo2tlbFp5t75#Jn!b? z+#=eRR>xtFw49lCn+q*@8l2K&*0Q3i!*oenfz@hDu@O);D#OL4KBD0MmBYPFZMKe} zN@Pf@r)gIFm1@nU+Qu8YGQK)PU%qMJQC>q)l2WM@|AdhdDCqPBYtt_>npP6&i&y&q z6#e>EWhsf;vG}}~s`gp6NfA2Dt#hw+<#bP(5?7fF8brQCR%$QfjwMMoY*V4DM*5t0 zd0njm6AVVrLL?IRw;v3v3PR6>_v1>OK726bmPL4_0v>HCgRAelB3+ImOJrmr(zv1X z-30UAIbGS^dMui-8fG?(8W!b&fkrDIe&Sw~p!H(S?vpPp4%Z){#m!#m!B`To59G9T zDH&kU#(~n8V1WV8iVZ+_z?idASLfBA{$tMK!p2dph(eL2P|JafUlh1cWjjVo%Rg-+ zY*-3(*S$Rikko{vkxW+nPNTmWi?3&5@(QrK>KC&+8h=0lj@K|gh=K9O5uMXJq9cBe zw->KhkOP1h}}#_>yy1U2lF- zlyvV>DB3DX!PPx*ra_K~&U7w)b(Vl~PyH;cxO$+58qd@(wE}*X3ymt8gWOu+j9cB2 z4P*++?N4)Yd3?XF`vgpkc=i1`4Q$DaxtF3V%-X{Sv>dy?vpugcqssK#J?ZBhRVBI4(}*QHfw$5rvf6iu zY2sz0`Iq@(lD;D~tP~W|AOa0#F_Uj3^g=qIci|Qja6ckCJPUKGcE$U)aW7MESdH?A z<|TU8=3osrape+fD8W3)cPy$ z?Z!Z^?*n_` z+Y|B2HtZa+Qzw^kcnc+G2!{0;FZN3Op7#-zU|lCQFq$jH){FxBoVx&B3P|>Rw=MJ4 zh@UhlO6LcgRt?mTU9+UY`e^2huzz&mY8H1))>61zUUYMB-{xGOc-EL5rIVVD(t_EQ znNkqmxrc-HET`1st4o@in%EnFJuU2XQz+nU?NkEp zA~Bn6yd-yEp-(jJpp#*?CntFGc_^03iF$wG$S%Y)Jhy({0=e-K%dbxjU^}g!{9*TM zss0g9G=}$8b7O7ue6q|v(q2n>MO*I8tSG*B?lmV`$lnNPHVc&m7?DM@!JZLKKf)UL zh2=LNIGxG{wKytPH%?BoL5fSEw{0Dle(u!3T19WD@nE8U^-XYYWg9j3zm8~hDV`h_ zOv&1ejQiw+4xDta@guz25_>gAIC=G{QL`(sck;%|GsRJEB(sjW-lWB5NIwI8se z>t+pWPnt%-arAEjSSs6*wMeToGNZa>gkBy_GsmKUwU-5t*&0TVv5}crABH*h$%s!A z+bm>!PP|!`YyLS->@W1 z)8+seH2Y4=KWsK{Uf&GAZtP;ej{wT*zL`>k^QL;s^>f1c3%%i9AU$2vb*(jPy5}#u zvUPT~PTid1nrSb!yv^NI`J$l`b9wb_NQdAAdR7vVX7{aOsSZ{F^waPwU(Xe;TIU!; zx$=WnLKsCp(=Jqo9qGwK;kCgk%t5Tnq+7Pk;9N)eegnhw2VS)lYHza81yYka2Xc!&4A{HFYsVF4XY`ne%;`LCVxhz5|X!PwuYV35FUmV&J(YCUzEn~c8`=O4&EU{jImfhYimDwO}IZtngJ9|o4OclP^YZqFh zY?}EAik|{blu^EhW<7;ZtTvCJS3Q4M-k$ijmrYg^b_G?G(GS)e*VT#1l!$Bs%m?S& zf1I?wG4uO~%u+x$J}<%sEaW-xmMwL!F4-9T0iso+19^)N$hP|6uJ{Sq^0dR9- z#z)f0H_qYS;OW_sRFkaz_YHOgyl$5JaX%>UaHrs2`LTxn9&7jB6p8LITm;y{EhQ>~ zc9&9C@j&7`(rpuWxsrQCzDMmS6x{?o!uie1=4->;Z~uo@CXmZPj7)sqhnwN=O4qyZ z`?Z&r_L=GYB9at+;s%@tLdH%9e9}Im_`NuuEjN|`K_IuO7TUX(F{@&T?HFW zsory*+-JPMvW&}4Hujq2VP4Bmr=D<82`O~7lEfJ zM1jXRM0!DG?Ium7p-7qdNxFP4L2_Tpk5BLsc1Qm&M)lsVEU^!ezVQ73tOMu;%0FxF zC7BWR|IC4JY|ZFAU-{YIWgeTJIfaMw-pn$uv&HQoo+5v5T_-`#>yDkIMcnM5_-orQ z|NOH5yYetwiK)-*MdzvV?;~xCx+V?DuKhZK$OFQDPikq zfdZT#WkV;`yg0;~gFC~>h6dOdhe`^&v+(KzG7-eD(@=a7WB+XjY=tK}2SGR|1~a!v zC)w^$fK{rx4cWoe*9MFM?fPY&h+{RH<4rG$9^hEI1j)U|Kq)r=DJ<7+jJvt;vN|7% zhJzOzuM%=E<10Hw@|5^V-%f$3Bl%NOu}eGLnIX@34MVmcf6Z9Z45`?J$?lG6*1J(l z_PZ-@+0mrn>s)I;X}w3r88nlj=f26nx^czgT->}}e~e4NfX3VVLMOMvUVRV>UpeMQvr8+i10Oz__xp@7g#r7$=bTXu zw#XSvHv|OUa+{v|BPlr4=_)(v$(k2>`1mq2D6o@t8<(RJJMxMSLCGJ zG)v5WrRG%bh-$hl35vdzpGwZlB^Xy9;9ThHy%uu`!PeIN*0+EqSV+%cB%3bn0bK~_ zEKet$GEMl57?&KOr`+!Jxxh_WB)!{l{u^@(_9|=zk5IQv^|E!ztl{-zLXiQc{aDq~X4j?;5WSeMmzGk8dHO^l zRj+#ION6&cJYwmxW0DQdt&iyLtL}gtq$=?(>i`<8*DTbEC6|<&=eoVbX~~`6-#QK0 z?OOcWVJi@YmFkR%rBhfg3EB_3^MKuuq2&qO@a^lhBV|6Z9;Xu)Sl7O#@71=J$N^l$ z6{=jHD(>vtjR%Cgy40DxF_!U@^TYBfX^P84#gd7}i<94;b|HtOBoXLa!FfWkAJ7N( z*IwalxrGDo>`^5Bu%#h-*= z3~w_i7&#VwYY{d6RkGjo4*sC$Fy=K76>(&==DbR+#Dcb@d3iv26F6eq$teEbMhF1& zA|tWf3%7#y+GrVB@0c|NDHOvtH{GKQAW*T z+Edsl+;VCklgM+oL{rI6N`XHX_^DW-5uZnt!lJV+}bDB2J zyTlAS$G4b9Di2WG%f5#@;Poz;_V^@&(RKz&la)>p8F?)P53|TEw41ln_(V=mjGMbJ zg}+H0hQ_Uzhyq_)KgbmEsZ@<~aHA+~EV1&BB|F^5w*w*fNch*5Tom z@<`;FM%S5;*rtweW$MhmaJFu{Kqi&h%NO^orP1Tr<=?Gcx-Z1FAWd{qon(&p^$V|Xo;s<=lSAu-aApiA{=5;+@h+BpOoTOT4icgJLY^P z@;2bQ`b#HEtUGZ|nJ1jBhwtc~G~!)`+d93AptW2`QW^Lf6+o3Jyf@NVJzFA41gQUp zk9I|HUck5R0OJNG>Vj`QKco`&)OpcIODkGcAssEzuwW)R=46I#E7}dfMawsaz3IqKEjHx5P=h56!gYrB48wYQ#N0OnT*3RUy^f?EKWv(FboE4OlN@Pc zV^vF8Zt)_+4f;hi%eQn1I?q}jF|_F)GwvG^9Px7rFUk(6xddyuJ3-G0wCNB3>DiCW z6arruo;R$%AS?!E4x7k92DJHDB_^^EW|1uZE~DG#ABbWHAX>EWsK*>VX_KZVe&KB1 z6NO6>jyhky5L_felTW4~vs&KvU-m_-NXXrXrZ{@kT#}US9tqalYP9KsNu8}D;ctCM z_FL><)Uveg!cHBa>GEns*`>8S^a5B}sVY==2p6aFZYGEbIWd&#_I zePpANjh%;QeqB@-H)ms+sh3%h7+dbzx3}tj(F-0Dk;C!QCzlv$)-Qkvo(nzuYi*k! z=8vTP5YkQ*1e!N{A;;&ZL~+hlpCot!nE=4jv1Q8>wr0?Bp` z2CHM)=wj#}`wLK_PMVVx;7y}sJR;1dKE_AVv}5R&Qei$~V|^lN&CA$M_m>p_U=d3Y zm2lUIszk}A6$m;eS*0R|KA4lU}Le+=9XZM)z2l>_Z#;>LpTbcgs zQOYi9w`w$~Rrzh3Sn&{t8gnPO!9t=clpC2NFM>*U@X+&}Nz%-1R} zr&afEDShcaVS6|>(JT3AX!b^_b3mP~RV|5%FkbkEoM$yXuA5e7jEsdJH{3&si0f62 z_)vp$lnMbg9z|v+F0NS%-MHS8lSq?b6F-6H2#qKo1}kK;wmCW)7?a5S}ivfq%BqCMwHb8TQ}0UN?Ns(UbIT<%L=|)1|Ca<#7>6(;b}?NFzk~{qu3t&Xos2<` zn>N@Ejtg0|H0mZ=fG@zIc=vbU0JncLs312a$ksYrZj(C?lK#GUxN(A#kLH+b^ zp6_A?6B3u78Byh8lPb%tCCw!&&z%%YCj~@k>uR~+<`N0RJE9zL#0S+Q-x{Tq7NHG< z+J81^e)`$=O_SF#=p5aFMt1EA>L32nvsbWJbi^6l_wFC1$mT6EBc!g_nbijF{v%Hw z5Gu7#7p8;VXBek1r#bg-HS&hZ*Z;|?eU`=wcODm32_W7m;9M%lo9CQ5GRVC%Gmk(Y z%)L-kt~zDLd&T5iXlea)sUC4D)u#Bs-!J?=LCbjmhGhNF<0K2}Q3p`bv_mwGW-}Zd z=`KSO&`VD)Uo;<=6m7yz&sxF45Iq18L5kaa^}CQ9MWR4t$=2FSzjoaHBU7k8Tj$KsD8AIP&I5?azB zN(%8Yzowh++vino?S7w+8ziXhDistKu7FtkDcPaxO2Mt`b05T7%qw}Tuo<+$>bCW{ z;N2J#|2(U$)ec-zaKp*Rc9d59n%|ExxG`1ita~{aH61)sRG(ltbl`Wx*f(@yCnY}r zGCW*jw4hQ>bvs^TcZi)RvEktKWpJ7{K0rEc%B?`T3`eXTS37D{ayQz#G*G_|cFWEcdtWPxcYvQTO(0f2r!5?nC&|Ds@k4ZT$_t(Nj`#FHXmw zTH0e4TWT9#a;I8U9-eY>4tK7J$<{O8jQ5R}n#B>Fw66KBZc?F*yX%4JEU6PHw-154 z?q51@k5@Sw9wgFOCVUe#Gk}2dVD_545syKQE6)X|CnvH}e+LK|rjCYdmADoKxPl^2 z-CI`i>9+tjSzQcF@%k0a-%WPlz+nHh3K)_k1P28x>Q~vCfkihK4CvmDK+Zbeb|t00GWlTIYW{H+7w)7wa3x=SA{Otm^B#{q)=P`H;qFED-G_4=WVm z?2EqUCs=iQ=xZ^2>vWQjHvGy2_(g4%+UhiwSe`!H{RwD3tJ`c|4%6X>CYB}x%8-O!_vPT; z%$R>v#~;@S@x9*wyP*h^69Dv7CVjnhi6- z^Us$X+rqNg9|zP>;8fUOCCL~FDd4SpP~)_bk9Z3d-`Zw8}j!fst{IiWwQ}*4(}X$Svr7<6djI zEfgB<%GkVqU)JcWv)i|JH^TGB5y`Ln&D=_8OdZ&us(RRzS_T+juTv$|0Cpgyzj_$a zd0wa2(EE(3&XZ3sPCDwBVoX@X>eRHbCGb*f0n>)9d*}C)IASLu6s)clSU8q)cWfG>Fc+cjy`xAo2Zk zE=2TocTGrq14 zutj%UWjt&>)Q3-l%L==FR~8HI316# zq|UyNHZQvrbU8&|=oBX7ya&3=(Gf_a)6m~aP*c2swrjdq!}d7q@z`L3apcrtZ#%@? z#Uh<8L}WSF)9VQEKOK@g;@x^Dooo|ix=b+zM(@r$+MJEmcJISzfj1(G=gRNDH=pC*Ea$n9XJ@3426 zm5qnYVragGh~e1BEOz!}ddWGM^Gq2Mw+qed75jE9xZ>FB9=2dB3ccR{Txj!0p zbN#H@ke{M`G497noor{OC;0S%kn%B@`qk?SE!S=9d|jMM+@2IzubQiwEL|!sgU0fm zJ{~B8pAiucrdssY@_3#UR`sf}2n8t+kan*#?|1Cuy%`Q9Dbxr_2{L{$3v8Yef*3A$ z+Vi&h z(}^iZW}*I6Rw~PRRXwH3Vn~k>Xpn0xChrH?l;*5dO6fO!MT;zDFhtAihoIgZ7YwUz zEC;TgbeF#LQMGmcC5knA$y0D*Y!ne&EBRZn+Vy+X^)bTGe#o70ce9|=TLq$3zXxs= zeUOSfX|6oUJMAF<(r$GKrYz~wv>>zF>|C>=Xu-qz+vbTLuJX{9tT|%Rqdfbno?S=% zr&JVivyU&%Q9o@!-+DwEp$E2bjyCf=j(w)86&%mz$GuwlOlkSRmQN$Onb8>fFWfyS zy}!`))?7Nc%%R_^Ck#`L^{FEsK_;(t8T{fFINx&psN_}a08qt17?*h0S@)9y9XXQ) zbvmk^*OgV&?a?!6`5h+b)SUzBd;Zg$wr5q^_Jr1#lW;r5dxF%My+6*T7EJ3o%;E2@ zY}XaqSE8R9s!%xfbOytcuLuy;G(q^P&B`vGgh7kNrs=7bMbVSl)9pERC0Np!E8dJP z(-QIK6Lojmq;(vE#;?qdUE$v&;i{yX@?3!-x^z7E2#2U8qh*g;;_djX8$U0$oO_X& zg$WA4M%7l+duzAb40n&Oo1fVtWnpY!@u#bw?bDGsGr>QLX$Ie*Hw5=%>4HtmTg6_i zoF73y`25~-w?l4;}_hJ?LfX zMCkBmEcz=CSJpfgah{#GdhGguKLRSG|56T5V`gzhJW6WbqXxer$@x6nAe(hd331n* zmU%*CWr_O?Kj2jzxVtNa8n^Zs8VVLlyXK8HonH4ypa<7Bx)y-{$flGEmnBI2h9N+q zcHp7=Gc7+SOKry3a-D`u9)a|8>7T23&V)|hL$AH;6b!!K{2AFk$QGLf=JO$9EfXGk z2It>-iG@*ay1=M=3xMlJJo}CFu*8@7cS4D$%+eC_JgsU5qS7;#&Awck{QigtO!!vk zl#`rB&TG%?@8jYUmpm2Mvh<9e-ub?|_#jS4j(ndmXHc}Vz8Aq4Rc96s5-0(g73LWX zbE7P5W=yA0HTuKWmbSbM&eG&5Ek5k|fqmt8SWr^yMZSVbAe)wO_R#adl#v5=E9bR~kHS!~cZOCocmCr9Ap!k6 zKl7`kp6h&cOlVL*{S&%!EPVj1&>5NZwVGvFmKdP#;d|FSB=N zw#uT@`txhwh<&E1>Dx|v&KY7PBkM&9`i$z8=GPmG4EnONHCFGyf@Vr^%*Qq`V!Xn5 zf80H`@oNp?$UWQKB+)2IRy||%S93s6eK=LMR{Htu|H0m02G!Mc3!`WV7J@rL69~cG zJwb!JTkzl(2u^?m*Whl!-JOL5cXzk2a9PO0&Rlt(cklgu=lgZ)RNZ^4?)(EaXRp!S zqq~Ro5H1!Ds!~Mv-graRKppk#+S_&ztLhJo3hCU$l7U|nLINpj?M@MGNJGyiErrAl zTKr`JXD^N+^~KM#`;h*&*|`z}A>hXEXLar2m&-E-|ARnQt4y0*asX7FXo#_!N=u$%Ebfh-jqveC@v zUEHO#Z!)eF^RzU3V7zoiZZoULH^clh+YKb=+L^)_5fKCIWpDLy_>b)ptN2ffIchg# z`>ea|1^EF(p8n;ya2x+4ZYQ&J#Kmq}DRn0QFI`{ogglEcp4a`pSo3~%dh?%&YZq6m zKTOdkE)zUI)x1X?J&YexQ*^5|Pvlaw4qBkuw<66>omwN_C*JyM&|*8M2z7IDP!}oI< zEcT@;kBJzvG#XC7DwK|(^!SFKpZ^&_92^*!V2WotS9Cz|H&|1N(@v@Q@-<|4EUDt> z$N&_qex=&x@QYS$&E{Am|C#diWt|Kgi;_yUE{ z>8h-EFRxxI**tLIX5^-R zHe9#7*XfS=qf|3NqA7w-)(DeLuu5Tc&V6RN`T`?}*eJN`K1uiZUGcRL|Kp&FmLGoErU%enOSGF_UX`Q(&5(3YRM zO%`&UH>j$bwXm1!%-f(=W)h2}S2eMvlfi4S8dNcXR#X1!hc%~9@<5zv#80^aY0H$v zEv4>m7bo31%dS)jFs$}Bw>v+PtPvNPwLR|SdU=*-XY*FxKk);@_q z-7B9I**wkdLer)9!e0;$NFQCw2)t+W2H(&54%I#iG32g3aaDqBX$)FLK_!NzD87v7 zde(c)hPhR9(+6KgVEFsgY}N4My%7-?>iSj=Qw z^)f&aQaQq_s_+9a~?#xqr_p4KT^|7VuqBlf` zT?gm8>QwEg6y2F9j7sC0;lQT z+xHqCyOBKaL}|c`gYyYlf!fd};w2%vJL=lOlBcD->7<=vV8bXs{qx&ix!cU)sY6*O zwXK%-sK%DBOzQ@%waPiaN~{NVPReh^d$zgc4zh++Ki=b5539xA5=Dp+&g=8Hv|sug zXwj=D-M-fxtAGD>{9x$$+_yjh0t~T+G4isfJQu2b=@tpsxvx4Y?N+1l9V5jkmO94g z!M9tfYG1Sy%H2&XcD*dBL{EbDdD3Uaw(EurNV^6t>|Xpj2;=qrz z-2YMAWrPx6e;!>Kk|%B&BkcQaHGe+sQPNW#9;-~vj$wE%H3zCl7F#$UdC`2&QX z@H?!3BaPf>NxJUaLV4F6`*U+^+ry%pJH72OI^P%S7V)qr<MabFKbCl?Fq4U z!L@Q&Qpjy)88m^|Z12}n+9kMk_XX;MnTwwF-S#-Wh(Mimd!t-%OK*(8mD?P_=U((p z9v8-isb4t^p|yLHI%SN~nC61H=Y?iHDm!JVg}{AZ-msB988TX&B2$BYPAmErmvfF` z*%GNvRl9PN#eyQdWMy9GmP~7%hPu1=7dW4evJ{eYHRviO*KD$vVt=6+QJepMvU5;0 zp(`x8K>b>Sg!)C4-mCeloHC#6-Bs7n;`&l>ffKF5y!$lSlsUcSp+VcOjjHPrs!rN; z&N)81lc&y(jCLLq{uQfUc131FMSS--l#o}&i;24V?O54ipS8Lm!>{JaQD@E{Dw&bYME2Z#A$usJP)QUvo$vQ&~ zO9{fEnfotEu7H%;q_0%{ zWz7P_)79NnnGNy^vB&zZx+SD@j|G!b+7aeiBzx!7elq#*3C95gHnzS{5OKL(rXLj@ zTbou%Y1J{|PLWqldPOCJPkIfI;@EU~zqcTR-wGeZdv(h_4JcUhGGjBLP^QH%Joq50 z50m%RR61t@#N+2Ykr10(5(!@2Qu!iS6Eoyfdm6taLF_$ZwQ z>7tsSc#F4J(|ffY@$C_sl9XBN?H6ayy(mD9FuOhJ+=v$n5+||q*vx<#5x6@ z+RU|ktK*vw7N*<1k|@K2OVeS(k-uZSM2H}7nt}a&mj*>Vex!F zmT(Eh7MZg#n@DwuCEs326nb1f|%NJ<0|#RpPU^nIpFikdvLRqD8YR?nn!m?p=dHe_sFif?=5`{ z$*p9YoBgfqjyKfVLq`5LDfhSy<`T6Az#V|Mj86A?$k4u=oFWYw!Jkdwkn}N3VY4bx2z~ z0erQk!XqOw$OPS#kTFQ3yEiHm$;psK*zb(5`tB!!1(blbVdEc_>q~v=CH26>Y_ z+fvTR_}QvS!S0AJK=y}V&0l#yFGzbIf8}C{@7Uu#ighAz7mxv8EHrfbWG=KUGdD!} zfl_zj1pl^l_>~JIDlcY3T%+;0fr1kfrL|)YZ|kL{fEo}J!L)D zd_}#Z2tb}B2Llslk^mE|qi4|xK#(X=X=i>e7Fj%~K7cGu4VXuOG;T~J@Zkj|6Yv98 z-d`bsV?dH|-``{-7#D~X{}a&$$QVAHjV+81!bcwNsRlk(@~ghdeH58lbbIN!7h}@1 z1vvgJKu5e9q!#&(CdMry4&(c@w~$BX27~!3F@d$K)IJoaG(Ppcw8WeNnwV&y+rA8{ zlm!0ui6NHu(!>VO?HcmTxL?ls82~&Pl`a%NO<;(m97wT|#EcblCI2Pl@LCU1$^KJT zRPAw5m=)zH>1OfrF36|!u7qb_-cz~pt#{rZPpHDNp1eXWES8rPULl+vQvr}8lWrrXO2P5`wdHm#k(;`Bg_M#Lyd5wD2jHa< zEA#kuW$`?Se+6U}u&Va6-9V%4#4yIDpa#H(WP5jVg2&U-gSZ5bP$82+komnu_9KHu zy}6fb>%*bX(L%K}sIX+(KFuKg=aub>%i7ncr^6L=JvEnhkyFe8etn&JGZRe=B$mb!PY!q2IlU=e5(SfC1YMWnl zw-eTz(LEnnmUlhS&Y$kmosp18KfPD_KDIR1?+%16b$H!)?|sGa7lJH^15X=i7>Jm_ zw#qPSCMlZQqQb9;K5%Z{dkLYNi!&#v2=QCTEbO2=MPQc{9fJm_WVcC63l ze{r!Q%1aD}$zm;-OTi-+IB9Mq)6|EV5gOmk_OVUNXG#D=nhvYFDQQ~XJc;KE^X^5l z(WgZPRVTF+nQb&EfAH2Pi<9)$bD((Sojvlvzc!*EU|Iei3;hE0lk@mzd-jLb#&vt* zS0nwBt_n&gwKjF2L~qa=pCjg9f(WfozeR1#qW?BMTz*sPqetKablodb&v;KyDK)@N z=Z(ku$zhtJ%4bg$A)&0(KTfQ0ZVw9^8(Vp;Z_}P;de6QO%>Mem=ttt!=7SBcBql}R z@YtmzN#-5fQ_jogs!r!D$6DA?`y?TOK0w%$#LMn9eM{T zl_*ldmO#-;#0Pod#rw_WJIDQWRv$lym|Sl8n;*h6O|I zy~qf^zgdh+5cKt1SI%X-`I*JE5}CdAJMp2<;b*!pfR)0vqV9o7%$~UxwrQj2^Nvq3 zx&Fuv;NBb(oG%SGPhxSJtRG=8MZQ#{-4eX^nvN!D7^!4i{vzNnwSvJS)$r_!)PMc# z{ZWuvE7_~REjxkUOI@(|NH%;hJRW2+?fZsbO+`bRgjYkOGCwZfAh}#!SN}x;A>MR4 zuHn1o-K@EaFVD3prAE9iz5~s!ZC?-?GS2P_{GAVkBs7P>4*qe*F;&gBlYTg@>ZL^W z1{jB@Tj0G{k<#HYiX80Rc)tn*t>k56Q1?hFtz|{w0%M7Z#hVTzRaY5%Ck@+S3N;y$ z(r1>_T;MI(52h=sZVpP}kkIf9t*k&3y#fO&x=fEe9jxz3X#Oq`+By4oL+@Mz>Aa~? z?*QU6v)9ge091%n`M1Oy$E=kZQUiTHQQgk%9|FKAp{J_r4**f1W0&2B+P7 zlr{yvz+y*wq_lwz2f`wG^JLDcbY_uuFOxZqGLsp)XT&Lq_#X`GVo~-amV(m$+~=jn zOzRqDpuo;fu|8e2FQ;G0I?}h7IW&{5>8PLWE2rs+p?B*}WclnBq+L<3= zC>&dcKFfbv4UVm-5H)u{IIqAK6OWW3oou$K@IPlNiB>ieUk*pUdBYDwXaU-bj7F^N z8!VP5%Qb4vUmQ2#5}TV;{p^J*vE)-2vHmg}(CaD&h8+4lJ>cvMNPv~sbvvQ0amEvuY1ck{`VbVl=4Jg1VaASfO!xWGWgPpq*P~X=z?;sMp#t)g3HSKq+ zO~j3z*LL66u6VZFVnU8ifLd%6PYiYsbD7;+$k69MA)JG2x?yI%Zb&EIj#S15OMduU zzQtp2VJKQbGMH-`Kd_1H0^Kuo`5Z*mxRX>0agg*qUQ0F3ToX19bgLV_|E#9;V2Qyk z$b~tuVAyf7QP;2Mj_KB52ta7oxKvAE$MD87K{M-Ls>M&eO5Jchs93+g$n5w;m>1{l z+Y{4}U~-&>MoPv@e8JIRyjyWZ@Rx=3@TcZB%eV?ZbYl8^J1B1{*Cg;YLtYr_%mDEh zc$WSFgO-CJV{PAtsR(Sl%09ekzx7BH@kYq6sFgOzwJ@IGxWIBJ@w^8}?L=K}pU30k z^aH+og-BRp1L=n{{ta`4z?*fbeTlM)t4{j!tg z`%7foBSjD?Iwcnff^3=rcZn1AJSk&2S% zIo3-N!SJqgndy?LWj41zS_n}fl5DZ?bux9}2Y+;?wt5WHovsif#0oU)=bJIk8WewzAeEe@-v}R==MAM) zkJ0`v&NMd|^-DY*ey&gK%UIz>2Cbn=M~$~#zpI3kEhcDyrNnkgKi?rQ4JBKM%gd)Z z@oQ4Z4B=05wfj&tbtFAQ`*G+;(;aawY?6hEMrU) zzdqCF2E*uCoviY=^|z)2r14L}>;}mw*KLl$GJ{fW?H?04=_zv|ALdT8{rCqrPZE)f zX4`qYRYT$+-&Vi5o%=es%;X)g_*S;-@7?zK1|Jew@9iX6Rz8$4cV4?YBVHc!$g2< z=z-(5RyP(g7{2=%o84(=@OL@W-?yDv<^fJ=)z7&y2d;gE4qnKg++FcW?dImvh(8uf z%&@U3j&QrWOKDoy4^fLwHAjX)IK=)^P7lUMS9KHW;z5bsD@b4>X~kl|%^r`*NRC$N zz{9g0!!Sz=r?c(v5^hf?l&lOiRkl`dXGt5l!0J>MKC~Ij3?fDDFA*73&LX*`@<6{7%F=Pvf^NBqu79&4mNSh^Hv%6oK%iJjrk5Of+|TY*KYs!iFR&$#GBa|n>`Hs)$M z=?Z7G9>9O6z`3&)$UDbGs!Fq5`N(KJ|84nu7Qqyptq9}5=BcqEV~HK6?3f)R?@5-3T7MW%r~GPp`*Fma zI4$oaay&wYQH|9`KEx+cbHt>T?WGqlK)t+M*9{gj)FUFk zGW%Cwz23D%U8;j=57;iC(cQxGYAr?wXXk*D5(Ygzz00DuzT1mENOrl=*qXxW1B5o5 zRG65myI^x)9{Ef<+u+7_GpG}|(4-xMmm`U-qG!V2KR;7wN^;P7*xo4`bN1U1yX>-O zuweMa58n!Uhi!ei*M6&v9#^55YhZXn2C}hB;#|i0-l21(Cia<;{kqC@)ZOz>WfmXr`3Uk5^{rXNiJxk5ZK68JQ(JF>pw3)A65lou229 zDRfMtQxq%4OnY$%K5MV%W$$?L#0Gb2HK;V>_SAFhRZ- zm$c=YA;#=WkZ6nh5FFQqcROOqPl#ZnD~qtit76*^XaO6Z)<7`4n>)M@s}e=+-s=YU z+b~Cyz3XIv<#`Zx+u~NeJt*u~LauUIcp$pzbo$La=^O_im`S7rF?g9U8Y#fBG?h*|HI#Sj|r?*cY++5g`Kbt+oig7x#<+M&Pu1M%T+G%vp?8!8>?$3(d zQ$($YO=DY6l&~|I4DAzloA;kYxrMQPX8(FB?`F~Vj13Fx^J5gzn=*!!eCxGOhb*(5j;?WA+~Aq&)%8L&kSVT zjJ{dWyvHo>_`;6uvJb*nsU~^wp)jD>DW4eMeM?Qne4a~4Wio;mldDkcc)MeDm_i)M zqfcYp6DaqqtraIW=%A*#uI^qJE3Q9{=$?~c1`gkRY z^1dGglyy~_=d5@~gMB8zuz}Bwf*X0%BS3S>7vVw+v^Ku2t+~~zX+nS?QF#SP7%fh5 zux<|7zdlK~7?t~=5CM1G5bP2rLb)ri;?PU!i8}N^+t+d%zX<(Zop*bCnl5Aj;{0oQ zA*7w5y?ISR#EB*r{!M$EkowRr{8Y`NOHHYe`CSw869KO9QdpF&kVdK5$IO)Q&3uIt z)zjZ6@atSQ%mk76?lif-=%})*HHM5Rag#-Ac3!3G+*ce0cFf}7?U0LpfdM|%z)%zZpTBj>sc<2<7M=Ft@O~liycu?!Gi}f@YrGyxIXi}P^3q#Z zxJmMZMx!{`z<=cI1iv_yiuPK*eX&{?@qTfa@08*hf^aL&)@skR@ zMmeqCkg}z%c(~`JFBo@b;_nfv*deRKsaSR=Rh0b02cDyfQQ}3YXk|xS1>^V-y+Zya zLd!Ahkra-d#MMAf7i;RNik2bhASC&yqpxIwCi*7{Gv<_}>R!}+|1*^+MezIm9Eab* zY0=SJe%U4vGjyL9XEk;D1A6Cgi*X1)k#Zowh;qg5|4}{>zqJj>wcd7#l|+Pu!X4W| z8-?;PLQABU5~B$&4mRMvN}>BWwV@lgVeHbmxOAXn%razNFs&bNtV?TDu>^8o<>fvA z%6X3P)?cGTWs6gsNMu82U<_ou!OMH*9Uur6e zp1%IZ=4OuKkgpb*CpHJ_mHlHv@`kH{naGsqD)%Y^h5jnKz$X09(*x7p|NF^l z|MtJX5&nPc&8H3yz~&<5-Kcr{cz1HP@^x(^ki>4h;Ij0j9aM-3L40WyNzqNHPO#ql z*Uqv{09JBoB=r^2NA7-2wY+#s^!_MB)GInQ0CeAgDrk4^w+H&eq2uV<1TALA^E%}g zzHcQU7iq#bI4*~#X@KdC_}!j)irk<*-DK0)HBG>mM_x@W><}}tQY=P2G*R=;{DI5- zAmW!Dv2}cG;#!D&)wke$aA`drSW+)C+CFRBNYH*w3KkPVo$Io8n2Ag-Bz)zT9wxk< zcI6z`PyH@NRv|?1Ts214<00x>LT)iLv19DYSjoA|tHH+>Yy+N;VUiyEO0)j0Tk=a2ju}_L-7md7Mz@% zf5h~+a%g2LN<0i&-IRq`-OnQ=bA{_H{!01NgmFgl?-}buvMrZJw0PxG7k}C&v%bYQ zeGPr*T`goy?aCC@Qw;9{MHqnJ(lFbKNA|vS?1bTs)W$aHT3*F9f zWe@ryi1)>{^qLP4b7j zIV8lX5zsl%Rw3y~5 z&d7j3J|vplZL?X*kH`43C)OQm$QWh58Ee+LX&=9Pf7O+ZCfCR=?+h%Mc>1WazFC#l z`tB~0rskZ1_PvnrW2^8q*W70if>kD_i+n@Tuftxqt46!7)4s$s{Zw7?{Gxf^ZMHqw$s98yoe7oS zCn?Pb3oy-yFXs9v4Ii+1N(h4?J!uA`I{ueU)u$%!`>SoXef7SVni;XC4fRc~RRlFD z8lm{{w1=O6r z6_Q2wiw^GDbJ}%M!s2IHO^sviPVQG&FGIapt-E$O%MGjrS+|9m6a!ZWqe=h?1R@_# ztBDGN)4C~tWoEUZS=^g!0)967_3|qNKzy(v{EUzM-8$$~8#r+(#YWaqafv+)_)~Hg zwRH7o^b0kIHm{tx_qrG@(o56|5`DChIcKxMxnv*LT9NY%c^Yi!_rOXlM9xT94_`;+;i4&Jcd#?#0|2A}wR^a&?yQi)+&&Cb!YjD>jD~t>cMj zZtlbzPyNq_e+oSotDKp)`;fQXB`u8~-EAE<9sRamA6H)nl1y0#mH#+t>$6W>_#z{Dzsfr)j`vT4#(fSC<6?;~{1KJ0YcUGH2LlUS)S zmTtR8%HARHes^G^amyT&&F<@H&&Br6JKgq3TL%YbfQuByrm&A-;Azh2pJyzZr^aQa z6}@*HCHNI4Sj$i$XU~H(t*0DG>^*&M=+Qe~kg39LiCdDV6IT68d9xhH4jTGyF56(9DQq`rI| zYS}hlLBuG(>OX8dgpJEha`L%Gt?q<6*cT_oB)h1@pxngbCOaC(lLznkEM*?aj z{Q{Ayn_)FWAMW3%WIb+RAw4anct$netzg*mIqdQ(6r(5N(+Xuh{J=Rscr%hH0U-^4 zQ>_(Xm839;yL0H|a&uX!@$JJY7U$9CGYYg>fs?~0J%OkdpJ5D_r$=6IyL2CP(iRV3 zi&(D&TCaPKRS93#IH0#8X`Up7Kx1{{@_Q&L*%h{bLA2^FwBCTGd+8`8JP?xF{&(;D3l2+HtC1&6)CezFLP#ONQ| zW(oa$d7G+qv_Cbm3+%4`H>g)EFA0;)`DPEjQ1>|`khJu3#-`?1Yjhi=XSRQDm7fy5 zEnN-R?DA@DrzK#+W}APv6gsUJWzNoVG#=vGn2$D=_<170eO2O-uLu=_4L!8rxvmj+24+BEksT=GON0*Q47W7)*3m> z`Tl9=8WaRpgYoWKZY@L&yT%qhEB(=X+`5K}qmF6BSl>`;wr^EVkEM1teK!ugT6Gb^ zQ;GAuiSnlCPk;28^tWug*yL3a^Mx5#7QZEuUU(JUE|IAKYLo&U2Berj ze6k8G<4*XjVnc+ji6Q{&nc(^XT=sBp?kBRbuoF@BB6Kdb%TL(jN%l)tz)7O1c;@ei zD}RhdPsRs^A)Pt9!ni}rKHx|9f+F{1`n5>gv+OeuRxxX(6;|xg)ps`@EkkeW`q~jubj%_!5xQ22AfRZZRQM~fweTN$Y*qwp3^Osp> zzH#+x_w`z;=Z%a!qLH>~d>XK#8v^f$R-HVLk3Eo3yS+{7kn~x`xK*@O%P%`HeRJer zCSxJ7G-XgM&E}px9_21lpRFxML`mQk(J#Ws&R_p=aHrcVZ=&KY44A9JIe9lCc`mj2 za9H2MR%@+p4xBBV;l8V4ign^M2O_VTaN}<$EXYHCvb8p`=ii@4mB+GZVtZgNZsnV2x(Y19oPn-3%xkglj#4xeLAo;2t$KJy5-@Ym6{$>bNvtfrH?TItwDFv%U2(H?{s(!AN4#- zyOrJdApkwDXg5t?@mXR`sf)9|%bze-%1E0^P~et%01P zyEqJ3Xk*P5e4*CVSI@u>_7TU}raZ|Nz28fCNksm@BzgJSlu2A667l$)o;M$_b)r+~ z7KZ}i$Em4I_pN+^xs9O6R(@;vE%0kOxT2){3z1xnB9`qM8}WztTZ z@ZkE5e`?CA8G`%zT|wFNalK6>SFH`Xz@Z$W$10{D88c#n#2t`!W@Kpx3|63GC)(40 z#U2+Z*NZOEyN7!H)&1fln6U4p5izzvgK$;W6g<@P@_3gX_9r$@f2054$d( zbJ3?>$1+`?`HfQ~bZZwL6S6n`?ZY*-k+mO+nJ-`H@)0T)rAnmxQBXA5*Z2xZ3G*M# zT_w-o_3hiv>TjHM2*0NfsAGK5bv@*Sm;7!GLPgDx?datYPJ$>^@~=Wkzfg$CEg5{j zPuy|EKU7?TyHFSKfiZ~G4XH&YhGMH7p&KsSU24w+z1GIJ6p#RdPY1^{S~nl@B=1#x zF6*4j4Fdmilyc*51ltwquQTVn^0P&lT#Kq)yn2J78Pq{?}`1-?ku{d zky`W>e;ZrM&})pm?3;u)&Nx9U4WA~^}(2hM|&XE4FeObg`-GiDVkBX&R) zQ!$QPjehASCGtZX>^~5knjU@`C;q!PFGtdb+H}WQZu}(g@X#rc&AH0B6t434{pPfI zskE%5ms*a_+jH+jGr1c5-YS4QRRMGi;7%9+r8JPWAhiQZ!`FYf6FoTxwxys?`NMsj zoirem6wTYu5_6?GjUB7K4clJ|O(7A^+k9v$7V3 zAh3gch^JTSGT(MoU=`(i!F*OjR}@hfvIPyj`@=+wLewJEPn@^$)=74_2zZ>aoCAzwSZHIEgA&QbK9V)jav4f13r{>fG>+i0lR4B$_}1`bf#dU(^dWOWM%Q9`!kc=h8eT{KtFdnNo1-6| zLeH$;cJrvV}xQME6!17ix+y|h7b3!k1Ddh?0MJ>m2`A;(0v?~ z5vzUhjz<5Glo%iJD+I35!3~+)e7B1+U)~@&VrIevzH*1)`7rM*DIVrusoGS`uu$dl&L&E~ymeKb;`7+IXUiO70`-onxwTt~i_ITA z4)o@YTOa0>XE=`oka24b`g$1VLe@ZwYQW-yzb{$5W}&KosJBuZl01m{LI+ijs)$yX+Atk| z`mTvK)Jd7*n2XtB*<)g3Pw?|ku55LxBIjF z_+^KW-XdycVJD7%x*PtO?4fg_FzZpbVqJjZD4LzGt+p zu>cz!@-YGYdrgR`KW&Qkk)Y}>iynBXY(KL=I-^byhG=JJ=iuVqJbV*?HJ}8iYu(RO-Ym%z z)xz3ywt+fTK139eTC|e|e-H~;AIV^}Ev}#!8+j(;_7tv30r)UAt7!c-UxER5TQ0z7 z0T;;@1__;n5eA_-Qacp*Q)msq)w4Uh9!!JXEd7rMtjzcbGok+X1Azlvj64hr?0{B4 z$vcMRU_Ka#kKK%ay=b|H#aDuQ3|Cz4%VA)^D({RVVgF3B%EDl{pmQi+15@5xM793| zyK4QC=R%FkCI$Oune^AgusJZf@UHTv#JO$shyEapha1Lfe>Be-{RfcoKbR;k-=%d5 z?=b{2?L@#jewg1eeX~mo>+9X4s!tQ3twiXDQrYJkKzB$ zotZ~!B2Vkywug0{KM;l;u%_u%%&R|6e}|>)`}^OSt;FXRQfDY5Z}X&V@UPnc0A>y4 zPIfWf-5-q}A^kfD#D6Wrm*SB*=7J@*(fY$HdUYK_@4X1wzrb$M3}16Z40E$@^_NcJ zCe9fB9Y}lVzXK^3kEDzU%b_I%oanYTd%`|{{`_sm>c_4N`t4P4Uyhf#d;E_8fv zEORcX`Tu5&hCUmOfIu3;6}H+^SnXEiBC0@UT@<#jOlC1I6F+sJ=i zdUN-Gv$ee;54~CJkA~eAdVe40WMAqJr>cn@7F>z=yUC#R|N4_P;qZlW0tT=wPAj<7 zHCLedbmBlM6-U&t@XC*Wnxg*ObU%btVgy)S37=dpRwLLNh)~uje*JFy&t{4GceCWT zIN{a(-mD;7=t+B%3R_yLWIyITCxKzuyrwhR{@K1GJG->acwrz{=F`+LSgWd`0nvY& zto_>ry+-NU_)L>VM7_hF3AUTYObNh)G)&34K>Of-yDKi?3neu<)0}gNSyKZ#5Z50N z{|iQ(_&+Xl@4&*$p*fe$HSWr-9q8!jl{#gt#1YWx3^UuCcI(V)HLwHN^p%1SR8xyN z_{>k_#~PU!>z96(b-Qr_m>kut(HI<*YP}~+F~38KhzKcA$ZE}b9&drqX7}x^{ux@+ zmMhwo=|5h6WB4N~vs1jc`_gIm_nhGE#=Q|D999G|Uv~~P_-Sg`z{_9h5Bv|ytY%|l zKhrhyzZ(xY@C}rozsjr_#x(fg8+dMESzSsqt%RQ<%Ch<{x}jZ-)4)!+K0wG#$B(~6 zijpbpdT>2^~WXRWx_>>fN$im zJLv@l89EDrA3ziS5KqErD&wO8Vq4oyN!nsW{F!X@L;Nf&pYNa>0`fhc&J!MDLa3sH zLmzQ#{S&9d!P~bM_tQ@^(O+?>4;uIFSmq56Onu?WT zmgy6BYXbC*l>>*dffxJ``Qwj_8WUUe+g@4V>Zg0wY@i26D?SW4^-aA zBFg$sFSM5?W4wPqub7CU+EGNsJ}er8dBK5q{-xY$7>hG^r_mCCuB`Gq|95bLrcn@bUl4@(; z-L33dQ zmKua3v+baaz>snb0P;DqL*QF6tbNF#@aaHQ`zF3;S)K_M6!8*#0M6nBZ~5Py_Ep)< zl{8}BRl04wOPel$iE$7qng(VyRM2%>E9!v`z7Kv(F1QRDyv>JpX8rZe&YSfI8Uka6 zfWLm^7JC>*kge)dplhDTDzgnuY(ANK>HXYqZ~?iG!4LsL%1Rq_f?uSfZNfn?1Ve=h zdrxJ!Nv5ct_z44F7VByFA%XhYS(t_K=aR7T znO%{HiSEqa&Kf8}`rT==)@9JM>0>uU&)W|$f9@QgfF8pFZKXzg9;`})8Wzh+JUg-| z`K9_d_Zr^Ikz-;P(L~QoPXxZ}coV~xz*pt&OrT%#8P48nl4q;-~EESHV~ z!q+BO#@N5E+5@^Y&{JUR`_S!(XIuV^{1M(94Ron8b__}ml3&{8Yiy{16Z5@B{+;z) z7gfi*ALig23}qznO;^|SJAc?bXnc(}kzc!gi;56M9MPGGV7u>%Mn=3O2aY4!gAW7^Q{ShN0yXB)YJwT-rc z5gYkS*n(hJH@;@X$~`QEC?LZdbx7@A|6v2|zz3cu4F1h#B35mQL6oisYRJ z8%x@+EQ9UBpB~)Of1PntAe=Ixin-;=6tIYf9G?h4#Xx8Mly#$`dKbaHDxI)sbq0b9 zgj?kOyFkX#iEr+~BoG<;bk}2&>0lQ4zl6C^#0jzWH{sCJmmLBkm%>DOZOH|C7*7{} zfC~eSvSV}>Vy$myzwBqX+e_2P42otuB{YKZi9%ntt|y*czfh5_ZB6Jeg~CTQLCjn> z`fvYYc*!4&uHE!uM|_WEr8KRBM&S2ckUy(dswfP$HxLJ<(DI5Z_xO2e!<##;y_|X{ z8=mS=zwtt4+vUB#h_b(U1$idwh@gE!dZL$`2jQ*$N(y)E@r=rTrT~}`HiRb7=tZgt z!s>irK>A^fQkyRcyOFrpJnKLA)?gX{g9w=@HCPs>PJJWaA&>;g@Nb3*n0Vo;8#79 zFacTFcjN!)kT7)j&sAzW)L&%tabd~tU-G%!Ja2unjNN)gfg0n85WI2Rz z*MO(d_4vYXbeA?w;Cp-wN6e3jU|&A6ixV3bl9}vn#f!=t7wlj8HeKx&C;lye$x9*6 zK@p>i)4^Lg9c`qOAWb9v$+u{B`iFJ7|KT9&SU77-5&L5Qp}-c-YMR=N1dUBioij7| z%*@Qt>D8_K+Y6}D|Ha!|M@8ATZQn{NAf3`6-69<$jevA_qojbq(9#Ve-3rp((p^&0 z-6hR{Ff`vea9z(G-~B${`>ypq-|+{oHOM(L=XvD5@4s!ELIZCmS=<8f2IG?Volx`D zfx!HSj%Sy#>8A_Op^4UK%`Vi}H7%5f5pvevxwuQW=LYt>Ew?0OpkD-^i*l827qywM zIyk|HVZ>M`v*<;HcPgH=uv>JdtOe9w+}zUo zmaOCwPBhDRN5QddCErzg=oT&=qf}xOu;OaC0mj5gb!Kiwto?64LKAwi#hl{lswK2q z9dE>zj5`FR2KwyOE2hZCY7)mS)8*f-BZ(Pxc%0rgwU1!$%{B>JRx3`nF}#l8bzK&m znkvqj1bX$+&#ou<7EB~G?ly#ryblmf$;#j1*gg|I8k}0Y-lk^v%zk_PTnHyDJt?Sn zZh9>N7#Jm_LX#&`IR~Y^?l)SEjT=uaC!X?9vv(p-dFw=csTkYAC6uDJ-9{M*xkP+G zB)GD3D^>UDQjV^V)p*}od0%e4JHNp#^RP$A{bSB}_*C}u^?)403C>4g zXV+%HCTd$!HqLi8CP?vo#RxZEBU3+ZGqO#rhYEbX@PyPD;V=(2*rt-n*lu@XE9n&f zK#=MAR0CDCKl@&>h&(~PU}X%XJ${1HNM;5P_`3%?sm(qB<=6c${{*gtBOGsTpS0Aaah-7ST&Xr`H`+k=62O{js z25Nz$9W<*-KFR8OGRd2yrQ%Jqt@&TOReco-JAEyFPPnRVjZ37Aduzds5plGXVAEdA zq)gU}ovmyf@2VZm;#2sic65PBa-`Y> zpf6nATJ=27Dcv@4zwYqL&n`~d5N&;!p{aWkD#2`-fCJR;;Jpu+mwg$)!q$8GJ6hB{ zRoRi{2oyKVZz`|E85%EZDS@Pv`^I=-)@$1A3-|E=4PQPn@Uv$u7P0V~N3KHUSZaUg zb&jZ;z}zl-%KKp!VfDw?1~kHWTT13Sxs^IPTQF#aHEczyh9ny#hz1Bpf=lB`@jq6Z zM?W6=30>M0H0(!xYs2-$GxGiJO#@HWN!3I;jg#@6spdNcVFZCzF#KJ+-@i{! zrwlnt>!VlW%uP(d5BU*6H}OeZCq4B12WcLbNi|*6^7_&vyNy?oWDQk@9y<%X%sO>w zvIg{>`7L)u+x9Ec(r?;E@!XHLr)JMb;oZQtMcua&PzuPtOu0F#j7A`}xl>a8+c!YJ zPR!f-po%bedF%w{C>GD4R^1o5E)wFULE3HR_dPD{;+HsQg+UB2N#_QqBI%Gum}EQ4 z8S`d2n%)b9z85m4W0opM8s7id0rVcL)p zn7-pD(IXD(q+2al-K*W#eL-Gz*Wm-3N*N-Y=!b@pJ)}&2zcs#=V@*#jdvbUO7>LJA zb8}%^MOwXiWU{&t~gLLjQckgaxw0>0rqrbcJ{PM zu-9ebrFl6-L_|I0=^Ih047vQN`NH<YY~Da~?&JL$ETIQ#3y;f>8XG6}$^=pGr$)?2KzpTrI+y z4WF41aKoxEI7--;fc%Ng5cwHjciWYV-Mg*#r9y?3S5vl&_i&)ef95Cq677g*8*&_p zCJ{O_EzPh-Gual%yObj?i9MD#XnPpTt(0FBBqWx9&?Mqstb6iv)-RDDkChRw42<>* z>22Xn`N%MYf1`0*hW2MXVy#dlb1V(gx7!C6gU1S`aYHT}q3}Q#$z)SxpuP!?xWmLq z%N|!&)a*RSEh;wnXWfqDgnQ3hM4%cfa9+Y`(FfAI#IDrvC+f!I#7+F|4HA>EeEX9+ z#u?5W;HbF#2+XCa=r{zw$n$poLw-7D{&U~vXzWaC z(Cn`BCwBD6xJm5XlOR5M(`F7QQtQ$i>&cNH$qNpWTw7g|<;}|p%Q0yIeek5I8n7K_ zj!tE4vQ~VSCV3p1W93l@%b{l1)zSCuyyS9hAA!Y=h|(}9RKy`L9YiHgmYBEUbJ>XC zZ$nLACRHb0H@hzgsQ)@y-pvlD><9y!Af-|Oh5b)aSN(=lDUI?iJ0AAy&QAqU z<+6|JB-r@b6uB}PJ`{3b%O{JGr&5}xaO(Ta;uE!(%oc>E-uME=Jx;m8!-#E>AU&dndntI#G(ca-8%*Q#spp72TybuZQ7Iick(<^;O`CCa zV=c{rW2I^~Yl7+gv43OBQ{pI%tXpfEGdp)wr>J0S>Wo>LWxqG)6GNH^3q&DwF)m*< z&(3V749^!W6F86vmz6YpZTg-j3JW}ziiQJf zdwarWCL;sZp%lw6)RsXss-@{4ck{UnCVB-ESI`ODt?fLaLY1p2uZNKegqWMGC#Jc$ zNbKt6J42r(NxQq!&|*wkJYB@d`Bt_^U!k9ja927>>72U%<=28V(q=d6WiaW*4*C!M zYdY>}uOO0K!rLx*%oO{oD=q;OtkcQY;-Hj}@IMop9B&WP*22%uGJv`Al8{_3@wrd( zTleIb(QVJbzw2HxztQ~UdK{e^pzx>gORLF~gR5fXp;&LYv3zZ`GIWnb<*gpI!zCs^6R^z);DYthK?THK49QyDOs&K*^$Th=geGR9Rk?2TJ=Mc~e1CWIE2F6r-SGlwAzt&MAD3O9duIr**`lA? zp(mWI6PH|1p_Q$R zvf|~I2Vtg^K%=jWY}41Y+=a8Ep#y`fhwVivjE)UW2%w^GZMooZ$FPj}s|=qCOMn4M zf$RqvwRbV7Z8-?D#o>kIyAxxobaAy+xbU&cgXLwS*V^ATr=+c4y&tRZ^hO^|Z~FA- zDdmoHd+tF;@7p(ox!k&!hQ~~RQjIo;5G~RexkA7UyQ*ih*uJL}Skh2p6HJntZ$oE3 zDywKdED;=pwPrpfauepDjb@zD+jH8nU%L_%ZU6exZ#8wHjx2%1^6$q&NjSpksaPgN zz-2ssSN;rav}`UO&^Le^a)h`+$UmvDzo2us5QTZ%3wO=x@k$b??R=dv26ngn;YZel zbRG%mus{{962vC*r7>XZZhXQ5c74`FOnpldr9{;sl(h9j^!fRbOt?Fn{-9iWB>>Fy zG$Z%L4RIocgN>PT;^-)-l=p_m5pZ?(Ssxc~Rb)Y^t8XHHVAvTpdNJ%re*D1vWv_e; z-?eDiAc}`BTy@wT*kT??`^t@+`t_dXQl z02j3iq^AEc6l+Sba#p4F^E=eJes4IDliF1=jY=o3_i9X7lQ9GOVy0D}TE8-jCO}={ zB0}-=YXcOEe%UgN5H)>I%N=z3Xm(e>k_Zg=ysiI^bO>vyPk%ZKOuyn&>5C(V`S~nb zQ5Gt~ovq)D2=|_jduj#GQihek5GK^u_%{6p_;2IUiw{Y^dVC;{26XI{2d4h}_S^fz zXQtJ&zX^u_lDvUk{vT~T>)`^x&HbzG!2i#^f&>UhaC(mixyK#0+>tGLLP>3ZtRQ*H z3|}5xga^sVS89rzW zc{|Tl6wAs9WPx_r+*)sfkb3yk6^B&67O|5b;(Gg_5x;8xcs}y>$e~QmQ;kUG&g0RQ9M=bXd#gGF{x0PZ94XY#89I@i5zju{d|PX=i7o9q z3$5O-c4}7Lza2EX5?cPP8{7lvXe>=P>RSNID-b_hWX_J+XUv%Pvcvc^rx1be7aec@6fdbJXszQ_>DjuME`{`*)dI#SEwQ4Tgb_2slB!9hdu{7 z*iITuXXB@3^(r#x{BcRc0YAiL>tE1|P@JbHKkLDeOgF>hb>av~Ps`!UniY4?-tyT@ z+!uo7h~|aDA{#-!xrjf1ER7OA0Q33XkyuYRKk~7?L=d@fK#rGJkZj}g^j#y%bXs5;>XPr6m(Z|fId-6SZSL3Jupn}L( zDHg4Z8~EK9O?>IQg6%#S#W%;+2hem7e)D9M4&{FhPiXxUJi*YB{7KVV47q2zKS}+{ zz&(wP%IN*%t2QMdh6OSiQFWiD>VDMi~__#^L|G zR|LcWy7rv#jClV_ezo7!?kr_}U&nfS^8%hI%x|Sc!Tvg(YLV$4 zrAe7)M&AC5=9WO1@2LCB%`A;;7#wN4=?!YbNw>>AsEG)$!X{N+B74SD|+TgMW7-K!8d}FW*Z|TRrPj zi$<2Jm(7pHU%N%K)a04qU%K-a26ck&PY@-96S=;DxCq@0dp#Z5tqw^17iZy{O!@8Q zdsv2m(rUC9LilJdRxF`otC(CMg6d0;jSr#fMW<=LRq(X2p5~%w1@z#4-OF|K@!o*v zOl9_NjoRm@5%TSm@DjaVt|%T|MFpt{-?yxM7W18+R(lJfS7Lwq9rqF$fct&WA=e<-PPnd`$2u#7cVN*EUXK zl#gz;Y&cFfXS7!|Km-}r5?4Bzx36CsYY=b~;HO@ubOe7Z9`2fFApGW)+<|eDS#{`_ zyb$)sL{4;)(*CwTblf+fzC=TIFBC|V-bmf}m<7iL7}Qb>$PA0!`Y;a=GcBeRn@Qhc zK&~_lN@y*JuuWGqZklYM!sWL7>D722h*|P3uV1j9D~OLCP(cK)=pDv3uD)rqa+2AR zOyS2I3S_^ptcK!V2-GdpAG^?nKye}Z<)+-+v)r@s>DHVM6~zNp+$3W$r|tJS4G^Gz z!)fbI$n+)0@VMZawA+g(i#!)bqN~Po>K2=s*QGm;1yle<9XcXDyQjRW)BcvI-)0h>t=N5g9uH>*C6ususHOYAHVbt+Gtd@?q~4VVzbN# zYOFGFqVP4G@+JS~UUKxaUk_$LfgUUFf4+g*3>3zC5{#RS zMD=?$%5Y2bYif9^Q94%()4CEF&GCIs;2)Ut`7`KlSV5YQXkgt!=DKZKcWpFRH`&|I zQn*#JAd~!f@o^T1!}+^;`^q4~T7j)q*Plrh>ZK;cB&n!!Z19M0$# zGo;3@R~uPoU=_Qs+~kYjiUsy+pVW0dLSt{`vHX(kYQ$fR7lMqi{B7$C`$hDGv~0R> zt4{b)1TNnh79Y;^UESFVeC{L-7?c=z9aR~P%i>suJa6|DR>tl6bIEE#(i&={!p>&o zv#_RwRuF?Y&CcxgGPBMi&XlDy`JAQIgcGw^!E!}c7!a?9a=&M1b(?If)nDK%a;FcnfT$2M^}3sBWQ&EM zWS(qVJLop!T08J={%cwc7AKj?a6sGOfn7-2TuNx?(9PhApFPV^z9Nbvkh){ciOE;$7rY z9ba}Pdya8~G>gc!@7JF5nt`1AwfOVow$fs8i&6^JK;UpS2n0f zW^V*D?RY|$X2_1n+(Dx2g5|pVJZ=JGGoE11N^LX*L!(vP^QHC2rE^_ZvvMrQ^sWwc+9(G6-=p+)_sr;}o!gwj5A{hQy5<&QjKaF!jwURtZThERnp@&(k zIHC;3ySLhuEo7Mn@=`|t_p@^i!+yFO_&wY-@5H^2Fso~QWDt(p+EzjJtOW zZgr7+)F`C=3gpx}S|n@LGJ+%5-;6^m7O?Vl_B?!E&^C zfo;9}22hT&B9)1$I{70R5|3);vwst}nwp&!d%EB}a|Vc^_m|D`d86Cq&{9wd)=cdF z{?w?uo+&Mt(eiX6UD!FL;ZG`mKc)wWOu4ei*Vkkg8eVIVc!}4bQufi2b--Zi8>0n| zbI6-!#~!PQHQ%W+2F)+H*#?VRii{srqpB#qw1-@r^}dLZeOB`d{`!0~6}Rz+iu`Fu zQN9riD&V;SX-ZRm5tim?pW#_*aC-dn>9ms$w!W*epjVzkO|FL*38DkVIqUq&x3B7p zIM5G71%K?G5xXq054hP!E^I`z(6fyX#jJ3*Z1(41um?|xDS;j->8SbIur+XKB zQ6GcIgchodi?v9;Ce?a#gWGMzAy9e~9Yij=S<+o(G>nk+jKa}(-wdqS@BO*|4X9}Vv*L;Y*b1=NLLbP)etimd<#_$pv>|n#| zPPKKf?$Jd?l2SaE)Na#7y!DS)RBnDmI^<*V&!ass&G5`m^>ckf%-2iD!|d&ocK%F4 zEs2wV;LS8t+8;G-P3SWLbklnw?0%4Vy_Sffat%L-spW}|ffq^(>Lh3&SN%Y{fUglF zXR=9&jp2#L+5&-!QO$F9*A69;fg!P#gIxX}EjDw_=iap@P9eM{F4bg$|8Lys{Hh9F zOnHMQqSUny#M&x5WKCZ`bN{{#J`|wH*!%i>MI))Z_p~e44q=#>QFp z__nKZ!k2Ttz0BCMKZ8{B%xF7}dIH0=h)*$ym^!0pk*ns)@+#yI%a!4sefpR&mM|O9 zcHh(Br(t6#2%-~20O&EhL{fd2P1PiGO$fOBN>BJag5zz)mzb=Kwo^Z(N8K3 zrci3Cm0rft>a{Ku>3fW96CPQoUyAYZwSm08vqBTX*V{5Z`7-LEJq3-a{XZN)>QSi$ z>m{q^t|x>uV>A7EF(FbFmLd|`II{NTO4OeXMNlaO zfGgtDB^|xv8FkEf3H3hZNU9i;MBgKh8k?(XS3yz;DIhf>?&LBRW_x_x=0-VM8Q~S_ zmBlWKuYwF-4g!tP2FN|}OVAyTve_L0-<>J#A2-}-|_vJ!HyUyWS; zimu-y)0py#xQ{$!9z3@|I9u@3qmQpiH`I3)_0GSIlQ3p2v(u`mg_WFUZRJfqdo^qL zPqMxf>T36Xbl_m5H5jpwrkCJyWW0Y{9p%3wSqm%@&m;Xwkh_MUQ||*d-O0NU8bp6I z4j+zcFm*xK;Qa5x_9S#MbY|6y@W-dBe=bgvQ!jg*)`F`sh zO=~a$N6BC}1>0705bH&X7(++OcE!6DKP?Qz+H0MiIqh+-&ji`M z!Md?w$!Dw_@<2x#$ETro-f=q>-W_4vqTCm;01;-Lp4n{rMTg7^P18l4`mUV2$z@CrZzi+htXMc`KU1{3SwX0|FXk>kpCdY@$xkFp2{%SCoDKAwzI1O|ku~$T zE8|wRs>b*}k@qE|h5*3IK)1I3!-h5_lbhY7u5W5o3@pVK#gIGtw>Q?kipN+V=YgvF zpYk_=_N}ZIh7O2>Yl$+PJ=$&{{&cuf`MlFWbP^T6>&^<}aHQq*(VJ4!P z;oE(3`G~ztg4&X8gUILIX>(0o?^Pb=U0pU@ppLIEZpAO4U2_A~}WyWh~o zF<#!>G$Wyq;XllUdIee{+l3sOaV|pUW~Rn{s}s}OhV68&Z!8r)bTyLM5zN}Olpt)Y zbRCmFzO^Un9ZdCW&3SH4H$?*u82WW!loIRHm_QfGfD)QuBU$b_=VF4ms1%mgy8b&J zddWp#EfRNbDHAfnD&}S3p)x!>8fQG4r`kLG{D=Ft&?NFgR9{rEqf3}n|J6nOF7zaB zTz@KB8eE8d0HvjLhn}#Y4828rocMLo+l51aIz9W8s&v+uz%kh!0IBuDH7dd&Zvuz{ zT;FSA3uzCZKR!B%UJ_5cOUb%jHowu2h+0XVUr*PxhR&jvzqGnzV1pKVx=0IK14w|lh6?aR<@s7|VLTKLH zv|%A&|J&lF-~N5!_z)l~{DuoTp4ztCEzz46#Fr5f@U0l6x9u0*GT|1P=qRgbcBOh5 zg1vvMOZ6@Y$%;i5pyoz|S8f+Glq`3J?x8vO5Dc>CSzN2U4XGL*11B9NynFj!IGcOV zu7MYZ4q;tK$$~!OOpQ|@g5Zx&jph+Xwa_Rs+0KppGs2GsU$h&UuEG{&u~7!BK&oNy ze@?k6;58A1%u?5!(qt5(M32=|?440Jf$3^23Z0yO*tG@}PMVB-!dlU`WdgH4CLVqT zt+Dn*ua6?nv0)Rv?RRKEIm_MuG~;|7Ih0>%YB#B&@|iklArsTHb|8C#ojiVtlZ<`Z z37u#DC9cnokcE$%#9canOw{@`ul1{|*JtrRwTqzfwyW3mmY^?C1Xi&ooYF$&3aL~V zKHPw1^#uR3=LM(rmR{mqdZP30d$=6JayG5p*K_Q}J^M*w=c?*qYA8FmIW5jL`tp+~ z*5P5|$B!kNWR%ju&pc9qq)1_5YstFl-kmnNUD&x+5npuJD$XD%=I01#O^*+g7t5tU z!hh&?P$}YOuKEh>9z{M|u?1dulQ^M&x@s|S@T%@^ZvQ-v-!z)EG9>ttGTLA_6eTPD2?7fF2n>kvG-kA4}c8Ada22Uemy_doE&K*6r+ha zW&#@3M9*(|wV@Ll2efdnb;2KCc3?BR2fUOrNyE8*yu0MoV$#XIgcHIDh)%iMj{6Ld&TN zv|T9dEvY8I(@+aDD%ns#V0_*f=<(s6gN?ndH&7d(j%G~9(j(xY3f>~JX?(rdUHEKh zUuS9(h9%rY^$b@B){n9)VTa#un*WYmR`bsKPaejxM6+MYCN zps%l<19<>%Mt{5&zY5&BmcQq2g)?p1)_t9?Zf4t(ksX#HR4o-2fdIriCz zTE4Wmg8KqV`WO%m=0I9$`(|mUuB994<@LBbUuzQCB|L748c&l`2))pGGxJZDkhHfk z*60S*j~P3N$fw@p1?cl960TnwR2E9$FhTOF`XZcN#?ILdoicAHW-8h~66Q!YKCkxX6hrVr8_z^(Kz#(&U zr0uzq0Xrv6b_P;8D}{nFq`L}Sp%h9trg4vBdUg`lco5d0!@W>a#D?_XE@g;tnWZ{! zJQ?PRhlQb;?iJ!BEVNWpT(ncn%LNiFBuk-Kyjuq!Kjyv{rw5z>N^xQ@?W&McA_;+@ zDHHJ<9QY3_N9fiA0|8ocDUC0Q3$ylFd*G>Q8=WzUp0*Lb8|tcY5>PAvQ@)_YAySxL z5}O8&%gf`p<88|Nk558m#&=bA3fIqh&Mg{*h*D>2OG@s+m-Im5gFzvZOT)=Qs; z$B8#JOm2CsX4gf{Xw2<=b8ah`Hyj6T@jL7QyV-u?UHvCsRFk-GFuoi4XU_vKxH8-=s`v>ON8Zn74=DNC z^v9b_q`yQ%3vd5Y#LP@WTT5TzqEfnCbJ1-^?E>ry=f8jbm^Le8G5VLr`RiM0@lcz^CYuLP)9!XW`Q8s0S9BC<0n z{vn=8mwU%#*Ar_`wGi1qrYX^mHfBzDDkYmi1&){gj&VCbx^63`VQEFr*#E$_<>|f5 z$$hB%ehcJay_tNggY-J2iDMm6(9#!bQ^nGzGfI9Gc>?fprv3(!1~T3c=a24@JD(p? zF$i*Vw%zTmXO58$CFn;-KdRon&l>->X!)tZGd_AIU%su?IX!ng3AbLqJ29L-*RAOK9o*;U<_u%(sMtsb&_zN{YgNUyp&GOyh$hb3`^GNBgt;^~Va zT?WqpjTL_p*yxlVyCP=B8&CXczd7ea`0CY@MU9G{4X&K#0yHl8>*bqDbhkU$>8sWV z0xQD4Cp-U%7_~0De^36uA+!G@UG~CV&oo$QEx4qy#FXlupQHLalgy6eM2_$6GzDq6 z2TEoCGZva=#n$+Z6Sjqqn~am|yoV;g8$A%6&&@LrfI#}tDL;WT1FT@i>#aFuQV4(8 zJCuj9?;Ct_*t@Gdm*EuywhzUr9k#%`3CVyY&+W}w>LVA%8r{U!d+w*~5 zaQ@oxX#es626F!O-RtH_Bod4vwRjz$b_r`>5krIM87cFx{ap_%C)Qs%@{byknekvr z($7op0(ZeJc(8osoatnAQm%j)_XFTa@E71XhQk+{3@NG+aprJwoPdKqg6Q@Bx`!Ek z{)QRl6?D~u9zMvwz>EOurwe4jBf<#SGQWL$tX_yGnWdBgiPl+)9u(d7F6NMCG~fRPeImiE19qrQbE0P? z%}MUDTHA-~Xy}DJT<0Snu>E`ee*8HT(Gu)=vBhXfnUf`X)}#LQ7=)s;ft~VN|JP?_T^<9#nvum6;m>0++Id!w`n z1RDPSY|y&!l?6sLd@TNeg~0=J{V40_LqXY5NPF!nfyg+_XgvRD&E_$oL(e|pULOUF zVwy@XF@?=0RP`1A1mF@RExRS0Yz^;<=>a3}0LI=^(oFys6}uWM)ja6mBs0cG2cH;} zA)Mq!^cZ4z!g#9@uH`^^ZcS%?sc-1H4r3699a>z^Yz50M_jXZcnZ(eeIl}M2{ro*U zI`eP`Gyv6K4G}xGTgF^x6SHe z#}LP!XviPIM)gPY&>hxBT&KzhM-&&6hiTSjcel$RXGEUQrx+E09Pu4_s+q638S_dD z{YLYmP!BrDd+PN{SB3XFRs&K#DBo){jgzO%*DJDIFG7!5i>%bn)x;wUYImr=Y_WHi zE(F8|eS&6a1{b5M)|Kl@aov%5vO&n`{C{QLC)yjp#(~uGK&0p*{x1Q<0cyrd?3( zoc7(n0qn;*A%LV+e*LgyOJVrb++fs@VV<8XrN&0=y!i45X-3c{CC8)QMVBYlf7$JP zKU;J89P#MIP!oB=;?p&PCj@+!WBvxe*PJ~LdiJ`gr1w3M11wJ8|KklX0iLd)@b!fk z#7P%3@STeG@in5aR7AI-f@fpE9LLAh^NKq{`HGW!K?MOPUaiY-=WaZK{AkK#gv<`A zM}`eLmeWN4V%-Frg8(lLKzP7HYu6CVp#6sA&t;tOQe+Zm4&|<+XCoeY3uN`qPSL`f zO#m1LnO-6y3w#i>b{m*`6WwPThw%X(h2Lw%;HAJ1kS=4jDtp*qxo-}^T}ua}ia}pi zsq^f9-Fs>DzCqcMh-A#Su!pU&_wBa>kkk5ajh2ugOBzdg8p_*Mj!R!9J&1bm=ZX8< zGR_L4D@lBnC|mo)@IIT(5AhWXV^Eqb+l}9I)2GD$jj7T6HJLwCj$|6yhM|I_yQc1xXzlN9n%t3aktCp0F~{RpWEmN`2da#4EM)LQp~gdI)0cQC#SsLmrvvj-p4db4tHi+ zY*HR`<9h)s-tXBF6CrP#o!ijHsf@0Eoyf21X&*S@#5_LS)K1Vd2o%fv*uPqhFKJE9 zGbp>4FrLEwivnG^bQ?ARHfU+KRjLet1;CR4axzIHSDKxP_XmW6ADMl7mLh&pN)nFW z57ep1|2!(#0tCrw~6@h0>&%+Q)?o7_|-pN@_h7v z?-h9lu}iz_=%W$|@~=qjtLJpYSuKl#g}_|m-u0(m6mb1{f^uYc`b50`jlox* z%5^GA3bHGA9kh=!q;dkaU(bt#-Rj02N3QE9nu(*nF8Nb9D~F#YW`yenmGlfl5J zAGZL8{fjQf+bezIW?HSE(Uk{6se-xp&TM)Np>POvl)GzL^ww^;Mw2buC+?hnJfd5R z5h6&Q*U8Eus}l^oZj$6px)EDl-YBt>HmZZ&laR!Oay%lUQll z$KVf~F*+W3rvFNPqkT%ER$!!F88IMy`Ra`vPe`K*({b2--R7i_Zpv}89_ttDx}tJ) zwVvt=2cbbedGZ7_$!p7VOz;eW_x|Kum9CX@(ywtU=Fn~0^3qlIl(Q?jLb<6)#|e|k znoF5R;QW2jCfp~>ne*KXLlN_5~pbWZrv_hK@N|(zYn(t4EC4r%6fAD zJ%aQAaT;eIV;PBoah7w@n&LF3p4~B%@?9&w9^ac2vGStV+}ezJLupadvDn4miY+l# zfn59iZ*wnHK)?o}lB z6t=AD-YyLBlT4s~E1n|0dyOJ@jKXpDys+GRL`d4BL75~7F`KDl->qYE<@YS_iy`^W zIXr^S%c$ipWKlqEbjkjv4(7VEf#*@qQFBqZ)BJt)G_G8F{_L?#OCC<$#|M6G9+Zu? zjS=2i&|&=kpZGPZyCkbBrz#iu4Odq$&PnFbuH<M6onKQyGW*_|FTjShps>87c{EjlYO$z>bhH8V)A_7_umXu0|*vHX5la_$-?hz-l?Onrxw#C|jN(x@z}y|nT<+ixHQ z{m?#g0dX5Vzsw_xW9@GAM_er@EL~4x+h?InXn1t<#iv-!WNQ3F<2FAQ6SpbV{zhD)pl-%S z@WZUXBNFHhdB?d#xQ@KoJQldGx1<#9+90UI9(D&_g5`km?OjHRMeha>T;-)TfCDSjyueb zL@3LCt&{_?e}6v>c)(aEr!_UnH}yF@PxUO zc7J)f)KkoJ&S5kN(~CC^D2Tp=1kp#N`hSkx3B5O^SzGYXSyWa`&cIljS=(n-m`4PX zHVL~od9F=4RhmVNmaZGIt-*Ci3pYNzNS?mQ{h64glZ|WDPBlr!OSh>QVt?M9hjEnnmB{j}Dxf4}Cex2*wurX++~9PxYt$@tEK+k<(Ge`P zx~9T$RGz@`mJID-QU#_}dtez%e%x$weKg~X*(nz)@?W+o;h*g3MdPZ2BQeLi8vk-w zDUODmK@zvh(Z@C#e=6=MbgcnO|otsTns7o3ErttyW#Xn7k=?Nzg)0?L3)&NAg|B z{qZ(Vl?h5lJq9%ojZtc@umL{|9EwN#3mjrr&Y{S-x;_Ovwo7wab&C)5Slr=HdT8z8 zhZFKRqVE{QZoMtq4e`(gdE^Nz9C!5cQrw8xHy`R^#3YWMI_`YBOz6ayODNs46UC~% zM7T~cr#=ax*w_5)_!s;;)KLj{BU5d0qBB+y^a2hm?-fc~+8((`6)JTK*Et_utEbMwdgm$egUpHE zPbGAECn`F=UWI-0jL46a#C%0IkUJ+mW zuIsH+Xs;T6@JZ!I)}M?!(e-fU^p)+ss^y_;&-9ys3wf%HKB@Sc5SP?}IG=6R&*u z4-XBdv36?H0sV_Sid!2q!M|Q!3N-%xi{jjE=VWg}tzA{scU7fz+1`k7>ku%M^h|F8 zHUR-aikGfJUc7>6D{WpMT2k+8Q&VyJ(~1ImJ{$J*0JH7YWSrAI`D^cYugs+uH?AS!$adWf0krO3LWt9{;vFs~sxpu&b(7Z_Ie36Z=7Nn4g56>aJ&S7`u6g;5B z_!2o>jD3|Gqrr(^bJAxPCxD)jFY@k`B;s?!TrW!misirt@7QvL0Gve0DBT=jhR~*} zj~-*(*=vB&MT%aLV4UxNaq`mR@&Xb3j2!Nc(q>&Ir4mrxS7SqJTn0(5v)EXsY{@-8 zFBQY$&D&UHuwXoTuf;b&;K5GCOL*&i631!meLFXj{5^iIx_ImN5;B!y>Qw9N9wNmH zZDwdvO_M-i=nVv~^bL+Z+1ph?ufiz)Wtz$?ow=U8_fGP_vn;9j|LTuGHBI>4uH^Wv$uM$ zTHYHOYVis-AU_2>EHzVRzF4s1o0}TW?pJ7P1#&$upQa5&Gtr>t5kk@55p9RyBD`II z6O0e2==_SmYt0j+$y9FT%B)VBH%2E-Mp(;8Tq>An(bUbaig(bO4D71Ti{Si)qX1jP zl-m6dq{ieyEUlB_d`Ag0h2_r?hlhGbh43(~%BXANQUeHRFZGn=0;>_M$bvg+I2}wM z3|9EX*t3mQ_b%0UNBxVKMYXHav%8$3Y@uzV_*b+;-n!36u{)M&hP>xWV@&5t;8e7k z%}cGS?}|CUPU}Zb>pK)Wu6WsDzs$&hGvEq>nL^_BN$fBqqb0_fwKrx|pLkN%4Yp0T z1X~wI0r3hwn+FllQ(Mob^Zr*mXeVx+!|{l!AaOb~%32BxHo+Y_b5$w}BSsW!8}0uH z&Kysy=Kj3*RC#ClpFCB{WBRMR@^2W#+*Fy>x4X1*`Ks;oba`O&-`jgRm%QXRHMDR2 z*>Dq~FDQgs%zPA|*Ye^3`&#N7S2<$yM?-OjZ*@^*bkz9bqT*L(QY}4;3UOm|2GzrA z0?UobQ6s6mU9d&xcNEJ2jw87`+tLvSi<3=_=~`cuxq(Vjr>Bfhx}Qn(;0)22)Of!~ zCHh=FpeE6{t#6o#s4aozsAX!l(AP+`SD`0&i~P7A#Vi|KRU0Q8CdY)uRr^<+HkAd$O~5vZCIHUSN|hKM-5ApX<pwe`B!7oYbI<8S_}RK|0>)rX1`oR{?CDEh9o zO3}ulEg^396X~G=vPmZ)girtrHA4r@n{T9^Ke*lM`ohiQ7OvLi;d50xGcuPBQB8Z21-PI|b5r%GHioUu1nb zScXQpC1|f?1YBI^TOOTYYYWq!?|KFgZ>$YEIn+HV0(+suZ8!sT$OGQdZfan|ad@P@ z8{C2#c!%#U^bSe=T3!JCWQFwqVeh@;nq0blan!ABY^VrWC>s?J5KyVoRS@aYLI(xu zy?0O%k*@UKYYGSi0tARklNwq=4^jh!fDn=hq5K})d!O^3bKc*%_kKS2pL_4S{vgcr zOkHc9HEU*lXU2F|{AeGF5;XMHu@>#bksyX)d*T)Cqb(i8(f3#5%X_X)t$8f>69Ya@ z(rqa0dxJQ`v`yfQhaYMd#F^gInh%`X+#iC+_?@lGTMl+s!?_FG6aJadGIS)$BiaYt zDg9TTD}KMJVrYq6$j!@=d=n3V0Dgi~5fFuyV=%_Y-zp>Q&gm!MpP$vn8?<`q;MOY6 z=W+-oF}?cEH845RCLVNG^6B-d!v?22o<{;i%5(f+XQFeB@1NrC`?viQ=tj3=wZCo& zs^#6%c2n2fZiW6Xs{nskejorI;ktQNa5ZSlyk^UhDY@3!iTVtMO^#l;7d+{E8O0+YJ>I14#_5kY+7Fu1qANyU_|%UQ;DpS)5#8NGwD&=qB~=+=fF#h z4E(vA%CFgeZ#m=ZciS@4`nIg;DWnqHeN=<#{wIrXO`R9YTyc}a>et7z-xOzhzBp(+ zum2$PlbZTgwzRpxQ1n^55%m1k=;*X0T3EV&&|0sUe9#-c_LAUQ80H zran;_ZuRPDu+g%mltKtTyH@~ll^tHW{I07muq%%ICSROY&5G&M%olp>Dun;J92aMD znJ=)#)(Y~Gyrt;JIKVn^j!pEU7KGY+5{wm84tU+9;7LWcV0gZt zyIi4Gmr{!G`9DNNy1U_lgzm+t)Z&8AEfvoD7r$P*|H1pa-SGZ<0%PeP_jFO5?o203 zhy)Do8%~7R@@=q<-sKVVpS)*tzNE3ShJVi7PX7~`K5=lyoYCgF>+abYl5gi>2>gU= zD&5UXZS~^U!v?ev>TrABiyzMG zdlPa--%Kw@zD4jK*)r9>^6?CaWzyQ!<98p*vPN%yrQEsGWTp-|LPfWU3+Co2P+VZs zuX$T*bB3w}YB^dypTG5fvyGY&*dGv^{-(=nA8zXKbYVOr`t?!iKG&=orQ+@-J1eSuw12Lnm{0r|1GCc)Ef zo}X@f*vZR=^YroMBS5qe-nL)Rz6C!8;GsDj z-z(UC!nV%F4e%LTVFE*+loRg<;#HqPS*(M93|xVI>>FQfDiF!IuH1f8(0DzQL>uPl zB>05P94Rp=J*pOxG0{8x*Qp!!VZfn&*8(JXASXMI@VJwSQb{b#;Kw+|h!tuz@m1~d z>+?501}SJ)UPz>FC8?dkdNYqDXT|JW5a#3RcewO6xSRvkIUuZV7vC~i%4~yR+eS3) z(>bPQ?~Rc(b^!}eo*w(wyV3Y#t*CRu0aG~--fGom@}4<@DYH75m{k=og(2Wgl6Erd zpOEy`dl&L|KFP>)+&w!|^7Ng_yBp8sspP1T0{|?R^-XCra>)SnVAr-ufc`k|oaSTz zF_0v;d4Fl#MQAE2__ZHS;7rE)!=ppyf05unyK|u5r>0(JMm(sJ(F}a>-9xc=X4s~% zXf3_kE$zy)?hhPH(XslkXlZ;usgtYEnxt86Ajh}_NFP|79pN?451ZWX>_2_|MgDYR zXTawsPkL2!m)e*$m%t!45xC#+2x_TkISN(!wo~eq2hj_huBV;)JSj+rvY^Ry)cWsc z{|&jUD7kJbP2KrS@kn}Ud~~6D`>UokQrNK{3hbKf-;^FEgM!YgOTCB1zc=+bTA>y+ z5SExqs$}E;b(lcwUnd5Dflb;~x(EfBYm|%*&(`~Wsam!hwiBYZ2@}5a7i)_yM1A99 z;tBt<-@^{vjIowmIo9D)b#Ak1H$LGas*dfaGIy`7(tR(|8`Or@YXTqF@7&kAD30qlxkw7X>6JP_Cm#+1;8`bJ2)JjFrdy- zNQ@g7BG~))(!cYx_6xL)%s{S@EMxr+TIY76Z10wE;}~j)D@@(=R<_exK zMYQ;axKFd6;ND#!q2pogEeUv=Er-UZ~99 z`yVHXStG_m^YDww7HzQ!J3csB@ssCyt4LFPH0psItJ=> zrq!|ZQ7_iXW{5;KDLem@+fE>$pUFv$4n+Uz9|A^>wVQ_@Z{DE7^?%mRUr&X(@GkJ2 zES6qu7<;qNQw944GX3%bC_@7I8!$;_D+5N_e!rEsrBiNjXxblXl6EnLAr#%Hp|3};;YozsRk`b3Vu-RPu)n%u}~R01(; zQXYIzjy`fn-Y7Vn!A*Z&(Ze5dhDP5bj$KXSlTMm)wsAPeC2{XYT@rl7rpjpgJ@jYk z(_$w+6_?Ok5*Kxzc<8$5G}xbeF%_$A17FusuS@^h+laOPb{JSeI6E5SXj9RU@7|Qd zk@^5{if`GEUsU~~T}03~pi%R-eF{2A>)oWf zFzU*WM=&iqI@RBe502B(B{^xj?x<~zF4e25(b2tn)VPp{qNAfzQrKdpqsx0aUxx-l zf6=Q;@e9I#2k7V|>AEcbJ>*80aFp;b`c8K%)R}w3y&nj(n!m8TF?SpIPk8PI@OKaU z^k72hrWDY?+j{DXY$xgHzAKsj29!Q?t;@nBT}KfQ#0rm$d|wFsHocDq{{Aqzx#K9{ zX~gH!cY=;i$R2d(WxL`@rK7aZej1(zV%*le6&jqxtpMbj`l+DpQJXf9t&XzHQN9VU z7AhGDtG)NzR)B|>UbZVJ*_S^$N-Sip6k80Wel_=KOCsX?P^z{&1Mrj&v}OfF`jx+s zQaiKSF(6L+>u)2B0?!#+Vr)l&ux*VcyTB4(f4AyU+uX_}Ijb%Mv7YHEmNtBH!7%A` znD`q_D3bJ^18nB~WO+@XuF8^40Q-Ow!FwwXc&6#iWyuGm$h)oDFugwP;~VL|yKSE> zsx~`2OL+#o{EKckjg07pzkOS#o_?QSAG~1J>$~^U9SL!>+d1=h96Gx5zohne znC;d7ytIm^T&VU)WSeC0E?hH5hA*|J_{R^oz-8C@g-RRq-n}$=es=+Y&3Ug>(?_kB zQ1^>f%VRL^92b=VPLwu$_|^3O_C6Pfd-2S)%dG#2 z(YHc9KOLtej)0ESy;6G*L{Ki~b_Zlof0^0f4j^2*%k&8-xh8aRO&|~u;sTx3OPXZ4 z1XTHznvu5EFW%RG*dx2Y`2#4&^lQ|mGe_-trN+K_0Z5>FJOL$6SXF=I1&Eig#xnma z+>q-?aJPg0%$+v@RhL-G&=0WSG!xS=R`^|H1w!8upl+g1YJJ%@oFPf;AK1CGD7E7_ zYYeR)u9bN3uxrv+fc$nvI561(8>`p+&G_^=%2EDqRky9pxvWq71V7K8zuk~r6%8r&I&BMw_WO&k;A9 zSk|Z@bqaCIRxGYj6-VK7Dduq=h#D^xa~WsUsihZv+1;~h7={%9xHIQwo`|ZLHom*y zelEwgT_qGWQ`!jDn7@A6B|>!_&K_kUt~TEhk{{Oignhc=8Eb(c_}`@Y7MwhcbS{h{GSIcw_m{BsBS02p&wQxN;Pw3Kh0 z-#28W-P|OIyX(E{S+CM-Qjx{wKxRWf$`Pq>n+t&Oe$md29TU2%Ju{=*(aN2S zq7v*KCcg9Z?M)m!CEd)Kle^blzq4{I^JRcmWZ*~v3Z3S?!4EwpV zl3~Qee%;XMa>XI_&BX18H*G`m&j#N8vkbb!rw6C*=(|VDClurupgsBT#5#mx;YKwh zB^lEjg{u|;kkBOf^G%21@m3&(5VyTWF!W@U&Y`(4VT$*~h|YB;WerDzo^`4=P#-qC z>H_5`zbV~44tatA#)t)}52**H_ar|x!o z2QWT-Pe`m-(6C5DA;38^3jFF~>TH<$cj%j9L5f%uX74b(j{D-@tnugCxqjQAQKv6g zTx=h{TN^}b;Rq~(SfZ+Eo@K@)^wME&(mL&qG|(l~-k7XJ^yT{09>rUG28}G_2y~5@ z&V8Ib;b3)8)HsC;`HK}HANK@>c!!x$KF#+vC-#A-zke{f$`cob{-fb9O?vrc*Nj5) zd5{qa|9nCVcW_))L;CpvBgoC(Ri2LSbMY<7u|32gFFITA^x6+CDZ7It?xU~vh_)2B zB%aNFbQm&KHP5~!5NmQ*-cPP{sZWo0iUZJkZe70{WWUoWE(+!IN6D7aop+MR)zuY? zym9np{YnpvLeEE+mnee8wKeePYF}JbmT_AjEk{)aCnUNSANT^1`a!iS^tA&4?IBJ2 zC!>l?O=_Q00?MuFr%n4fPW_q9XW<0Y$!E1@zTRiFhLUE7;eFPOy*itx$ecf$ZU{{5 z8=0DjdH$SKJs+yhh(LC5{0>wtvK;%6QJ$k>0rAd$sV-|}#!V?h5*+%nKc(5lIa5wu zH{mOW`0>1{A~3)n(L!O;BvH=UH}y)XRxY+Hk$2If;W9_a3zrSwwS`I_1KfR3GZY!v zA}qEa@$PVD*da?~oIv;y5K9Zya_kN$CoQ1G%DmI|fhsF>=~t+KsbD-S8aFhHxfU>L z6{W9BzH;wjuxpoqxT?Y4AsPD_q5cQPI)eo@q?1npL{7(T^zfGk|Bsqak1x=!%l*%x z@%@uCx8dZTfY7NEr_B%RIFJy?linHdi3cXfkRbzgJFPMsT1KG_QgNATb4SLGrP{d+ zTAkE8=x9=e>!?*_Xpu9$2mH9)BKEa2r+wQ@AI%kJ@FUoj5Paz`OGiP$ZpZOVeS4Ik z)u^RL0NK0GG-B!Wv|hhw{;yxnzh2F!|JB+f zssAsUfPX1DAmQg@Pmj#azv$J84}0enI-*$hQL`7EJtj|7uVqxkor}noZuC4~?t?53!wite{1|5=4pjs(=P-_dvMMf}68?RbUMRNHLmsWG=(g}!K zSk<4a3`&_?|5%CFzef*dXBRbCbP$|&B~%>clNu2aSE|}o+9kNXS(7+X@((IsVBSvK zmo`6Q4gczSZhPGVf3(QYS3bt`8KauHpj$668LLYUFMM*{yMsa^e4E;WS11b6)IeY3 zSlRO%+6A_a4RA?76hC3ff)G{a*2@mf70ysxaO1cA#T(Aur!9tvejQPRSRWVu8EVS}{6btXY z8)#bjTtCVQOc0>m3av?L-(6P^Op9-_e1fXVUYUWrM-26%f=znev}9I9%+N9&d?68D z+cam}xxQEPs%U(3PqGb;dPn|G*$Alu1Ii`n6IkO@&jW7?3tD<^yK3ElBn65$iJX@P zccwY#U1i!0v+m#2CToUlI8@@gx&5!3brk1cRjI`Z0 zXB-+hnY=z{1;9a7JRLCi1-DFBKbD7pHQ5X+W2G4LTMYCXb~dhfs9wib>#+i3O0`Am5@7QfqRWyJKaz)O%||rNLAv zJi;Q)1j8=91DQ@fe{vky8qszj=b$Y~tDj z{WF1egZ(bo$w4(ZZ5fYDJB(Z=Wo0;Q(rRYbxz{vh7$7_OcDCV@riXJ%&4d{}~poaS=k#cuY zlHE*&z2%jGNHJ`(>L^YaHDDmEwVd+ejOZ!{Q)j)d_Yb!;@EFXN8a$xQ9valuCOR}? za_ZYYZ%|n28G#f zah4_ddT0pd2BG**UJzNjHpyO{&>c7;+ZBW*Rcv^{{Khjn`-f=KJII%%P2eOyq42eS*!z5#_S^>I!x9# zaD=!(S$K9)W+a?z%F}Z&qwhDKHRoItvjb;dpQ_Ll z?jK2b8;fhJ9LFv=HZGAVLCywm&S&{Adz{m+d}0dB;*a`r)ys8BhE&wL zyYJS|6*l&H_Sm)>N1w|X`X+G-?3-KK>zMaMaM~X6^~cSkmH^?WBk#CHFqKOFu;B7= zjvUX=A;S^+JHFkG_7>-z#E!CUC@8rm=C~F-t*4tDv=u{-_X5!vyH{}rHV)lyKknKZ zAloan7jrhF)W*ujBsiaC?=xW<$QL%OB#+0I-a#2ln5GCJE;WMKtiM9m5H6H=X6;;( zZF_k90~E)}*sIZrwXdixCE8)I730cLQ7h6o=KF`y8<1-PzK<=HeyqY37&#XgY1yop0hsbq+G z>E(J@x}8UOHKgv8#tN0_Ecl;MK~>Ps?4r%Dc-H@4ayu}{hs2Jh$UI0{5& zTF4|*KAKmxpqqSW(w;ZVfupI~*LYk4Lnd--mu53%hY4dL^#_x#)s42(gYA_WjSZQi zvpG`W(4Je|6OYl%&?oygWrR98hrrZy%Hv=-fJ!~He7qxO{Ozbgw2eiX)?*PyE#bj* zq!{f7T&h2o*`URz0q1Bd>^s@AyW4RkchUl|@c{bF@K4u{SWA)#Rf(txGo^V=t<>&t zKFJUGwua&4{JY_&o~DXzn=Sy3_jAu|az4&R|Kvw)2tDgH?Da591*~Sn%c3cOGX5N%oRIgF7dmbcuhXd1s3Dq#_%-w?kv zsLm9&iESDq4Zwp^Phf;JbW+_+&*P4k-(ay8ux4=aq~!!yQ?W%C;MQ&N#qP^%yPsdp zl|?_D==USilupB@4ZZi?74Yz=i{6{9s*Wl%u+V?B_C;=rk743qngNMU-BCY5x+>k& zGsaw*U5;B{<1g2&$v9n0lhG`8u$^*n-sO3Wa=lO}9@|Gd)|P^oOs)vFIY2m1f_ovE zV3+*>|IW;u&BSD%sos5W@@1m!6rA1Nm)+#!HAM zI?P^HvKW!cj+vl(l-3ZX5@C;z1cOb`ceKcNY3ynTlj6^@4WA|Kr9N6^=DLqH}P%D?;k7EhFb#*k4?z(-Fv_$pH%z<}8oW-=EghVv|NK-NK zE^S_W_##L7liFZJay(sknRL4o^|uWl*O9Tc$%Ah55Ry~3;ap0XjahDwZ{zFr!|~rf zo#ohxHF!0z=)Qr->O5}C{NHrL%*2)(f9yE+)C>(teTmD24OVK7OgwfeZ+A47+X>OH zo}utM_qmZ*B+R7ED0DaL`7!M1+6&H_fWkNskvTe8f0p@E& zRAaKi*3Bl%;li@63qRi5+&ZTRpT^_FOoU}*6d~s)PuyXiTqVbMK+N7wbG}dF4p@49 zFplEQ^&@?6;&70c>>m#9mvSc#PO(Zmj@hnI=+x4T8BOxEsd}}vSP~n4H@dkvqtSQ! z<++yDoOoS&xSN9Vxi0Zaon`hgF;cA%cs+8EG*fr1s)QUbp0m-_(ii)fAwzmmqgjmi z;nfle)Jl=yT7F$v?{28*(N{nD*x6sB^zQjS-CV4&18h1o(U#`>d;j6oH;V^nB6UXZ zC6c|OKchFMHe0=CZVr17tZpLq>STJ#jFfwNeL}e=eI%?aC;ehKI15#cA_ozc^r$ZX2HD9wX?%dW)_y)p`^W5J!0e{Vgnu`Oum!y+^{POF zb*R=?O=m-P2yPJP=egbJX=O&m&aPVVX7n#&OEzU?8H&Dx!kCc`g(;z;hJBBRYFBr1 zG8%_D`i{P~$g04xDr$3>RqacRPP2=pt9?9+oGb{kRynidqUAa_D#92!@oD^ep>2@3 zVzzR}j>a-`oJpirFIN2g*(yl2m^L>AkljRHoKF1 zy`k^EoJ(p=h)rNnt+pDEm$tV-f?Q6MDQ#_V%eudOms-b!^8Z#D!_zW7ocQyc3pvT= zXG*gYQ|&4ZI(R$_uj``qpnM3dM)7`W?)zjHu6o|>5S>81pOuXFJI2Wy6^dGvVL8&N zsw_v7YUdF(k(7$TH(z3jT>ffV`(UcWj^+un7X*A7W~aG#IH(5e`-3_(yE}k?yBnj+ zu>0fOM&w=?`kWrgvGsC*b4<>jvWZ9=%=)Hn&rIi0w&IBMF0rE}-V9P{$pTVMo!gl& zBI#u!lSKBBL%;?1msmANtFxEb2`mt!c_W0?w3Jp&2U>h%XNq?`yCSA_$r|w!?lSHa zJlXC;^*ahwIAs7sWd zW}Ete76I?z?U2CtfH~tibzE@#u96v%3;$_d3f^ym9nDyjLBRbNWwT`rXHXcECs6MO zpNQJf@r`iIXxM}9Ig3g)s#ES#*eS4g`yM*>KBx&&4yxOZ%MaLhuaV_{S00u8Qhltv zo{B7M^o2KNPZTzwo60m|IkiWdG{0;K6h@>Hnj^73u8`0c%G&~BHFfWeB6koogr1nr z;FU8>3G8_`jjXA>Nx-c4#<4F0_c^#;tzHl@|J)flhjV=pe>CvFx)ibCO84gGsz75v z{iCoG_WK`;G;;kRb{U6!TWf+9{Mctjc#sKwQrcSSmYqQp$e&-(O0SeMzVa5^^ks7O zrZpsCU+-vvI>||8_eZ|V>R@nzxDEG9YM;oy&DiAiCY5*4gR4wpv#-Si{07{DGqQx( zae3v~AEP+T+hc+w2l=dG0dp6c2dZMTwGa`qfz4MjEb&h9lKvdxL@{9ibeqquN$=eluH= zqFVbf|N3H-Tp!C)c-MYd_RAXcoVKd{luE}p$xA8}VEnJW`_SIjc%|5pCWS1vnEzH2 zSu>=s-`a9wz1p>jfv+J!w05%3;qdc?zR2j|()qwLD?(hxCyXZNyHU8SGh5}oun5Q5 zMp;$q%ax3!ooZb78f)w+CW}IB1InI`jM%b}Q0xZrOUwN_=TEMTQ--6om)l^yN<7i9 z5rgcHX2UnulCt|9#!Cv{^+gR&a9d&U6)dYVa$hp92(ni!Yle}V&_su6X)HlN%OD0E zX!+xA_#`PUVYTMs*RRA|$Z>I+EW2&cRB3}$v$%aFIddUfHjtFvkaVCOOL;-aMe4sMjrx=>k!nJ=!L<98LEX8yIMF|f^r^D z(>Jl+@S_;HCLEX^TRS{J+YfsoL&anj4(T)V#3e&P=!^gs*;T+dyN)vkSOb64#o%~@@whZuKZA&5F3NT?b0iWa)e72Urw`$C#qMMt&-n{6zvb!ov;!}!vdX-S(_>_tq zsq>cTn=sHd>x|Wt&c%NSaQVnKV;H9Ftxbm77A$=~$ep>WyR2`dvLHL*$Q>MY4ZogN zabR_6p~b3*<<9+{+ULa`zGp`JBTtArM##oh0)|q4Jk{q5CXhUoowEoo$1=A23H8cI zw$w~)a}+Q<-Yv6Im*}g-iBpPSq7-WS1ackPkJmJ(#%{yU<0LlCv>trJ@YPgsB8(v| zCHdKFpHZ)-2s{CN2J-+HbZIxyf&b5f`!b(vV^OHuhFD0Cvb{; zQ+Vmsa4t%StowVse*B%;Z zJRVv1;Tm{7)ANjL3gnh+z> zC5#ZzzZ&8an4Q^kBFcg&DM6sj7zq=^zdxA+N9HW(WJCHKA`!UB5>cbY*;jJ?jlX|h z0&MMIDZkw5YtzCYkwfjn-fTbqX%Qt7uS@~f`w@9Y*p|@hSFX)D?26*l?!v!0F;6uZ z+XoKbZVJa#nRbEda2r9!FnxNvuW~iS!%f@p;!Lv7cCWGS(#2uU&kmCf)-ASX5{<$g znp-C!yPUy2L3zXOgy#ilnF)j$W5tvq<9W7nUP6h(@X&b1UFVO8R1ceK!)A!DsLLv3FG!65(EnovNA)q-~v&<)yS|$n>1`EccU926uSI-Cw4Q@!w z7NbDEnboP_UMB4IcharffvL5htw;3D?**6Krqsk5Zyo671mCfmb|dGe7w#=QK;!27 zw#viEdvA-QXcKEB1|0rLrj`RS4~kc#uREk~JlkF;9}vg%nr|Q^Q@Gy>=sR@ZAKlzB zS^KI#9U`Qk(L)70(9&I=5GFz@1}aT;V`bRwyZ3TSTLrA+gH0;xqPESY&H-uEtzn`M zyXGnI^P--h58oQR>aTgP7A#?!8QQ+Tzaop1?HGm?oycMF<9MO%FuHOe(zQNty|FBi zSF7}Vi0`wjJasaO8$Q_@yIH{%WqQTt=g_d|W>SN4uIBZMK`ZDea-!%qrXfG-D|DfU zT7yC1y|~3WzIK z*;VXIC{&r=AnIF`{q*>yOe3_Cewzl^MU3aHXn$YhzAu)*L<^k43C~b>kQ9$|qk);$ zDFUh&xop+cpX?dRPWivz>A&rr-SkL=qq1^U?upd6Q4&?W)|JLq zoS}c>PH+fbL`7hx_JGH3`ve8{Ef7tKahbLWG*ljz$2E%i%dJ_T6Uv@!`b{d^%Q;n<}4T>Q3npw>8{?1hnU^Fdz3 z%0^*$#Bt%m{N%MF@3!fHPr5Oyrq@gOC1mqUX-fX5IHyt;8b18-$)5rq>AhB3f^a%% zpik=L(Dp=21Do?XwUiZTp?N(Q#{R4RQCh-2B&0th%+;bjYlHNsgOG^Du6}MCLo8{+ zr!6p7!df%L#1L^$CK;S9XD};J5ILb}vcbDD>`jS8REgkddwkRGkZabiF+dk|bMJ;9 zvYen&u_7`W>eh%$vYnM6cnX5aHm8!H_35h&I%XP@8}E1O%F^{3XtAxt)JTI{y1zHhNWEM(-VV$eC`72vy${`>v5^{dt< zwo4c;h*-eUgml_cy4D^m3iljELTzK!Q!*509Hy~d6Xw-D~y z=at5sGys+^tI5FEp5x)Hh>+MvfZvUudYv-({krQ`-I}Hmj0ie~X@zZb66eE9#hmg; zcZ!1_n4)81Nd7#CtIh@q;{J``vIKAGpLEnig;cJA&EwLVSK6CrJUD*AG`KbS5R<_Z z>%cMbxpJ^XUajs$4?Y>0L)C;iw5$RX3%sx@RCoRn{+v^xqKC1hoU;h|m6dzt9Z50&&&G zKl_5e3!R(f(m$MZ3}`Wbx6~wS3V|xBM~}jTw)Vkr@A_4F(S0WrHB4@E=w`+X-iRR< z%CpIb?n8xDIYlOO-=qS5nvvd>%Bwm?C_>O|eDxUJYyP3!&RG<&jdSfKHj3|BCamB0 z+@L0AB=J{P#m{O_} z+E!-MLXlFx-hcSA-3v=hMwac=eo@uR0_;ZUTU`xO`bi#}v!DrH*^z@C$p+$>aASc9 zJt_-kEe-PXt z^d$%(<3DGOm)DE0p2>N(Jqz7|yV8Peb3D@C!={Bfd?b)i%?R5by%ca;>_9zfxE9fb(Pb zPp=Og91gJ2(#yzY1`NYCOP$f;1TT)d#yCxHH>)jhk=TrJwmKvVIy=k<{TFPkxth$Z9jJ|PnRhcx?Pb+->06+2Q^@lon$SM;jY1{0*9|bx;{{A%J};0UeA>pydQ4=6Zj3IZ8DcgMzip$ z`h%XpLwSSso)2a&^Cx|>K3%4U^!VR#tN0tar=zROeCblbee3Qry>cDOK*Ic=IL!;O zr#@$gC`kL>@)wY}Qz7blD2&5>&q`+fLdHn@ygoIE9v$6i80_0 zT=C3pxXiYnWFzFKLB+Z|4ri%kSZk*BJn4_XJ>h>S;`q_L#s{bH%}&O=Y&Y zLlx@5{6`U$_f8&xJjG~OaLsSF=cI;TFn~zwH)RoJ-k}db`xeuAU|ISJ#LHTJlopyC zb>C`zaOz?3_N*}D@}}~Be_#6322Dg)z(L$yQugDK2Jh?5)f+t11pnTM{X0Eu?%5J0 z*UKwlk7`|4yfm^UyAll-qfv#w6MU+sHYz!Wf;ii z>D!o>_D7~d{S7Y!YTg(6>8iUOFml7&aq>}iL`V7~H`J46-B)d{=WTQIGb%=$mt?+b z?it^w812iilwmTq-zkfRxS51E&WWzQW@&W%#(_biY3k`tO0ujwvJkPxXy3yz>O)}3 zRZ;=su%}^0B!^OJT%0W=W+t!dScrKzNSGb*I5x(PRwy2`kJ`#m!xJ&fE?BqNq-+rd4MCtcPvw9OlbLt zv(|dha;zN9GLIITb6i#pEpGn2lR*tw(^r~69T}cnVpa4U9-;(|a4~Zl$G!w?-|drB|1Om=*H~@Z0VcWFrV0vuIsE-+=$Q zqC44)c>l)r))gH(YnbG3I_AP@bcn#uw6rb0XuOsDnP;B~&Gl3hz(!{L4`_NH+%K0D zYdR@m4_J4qSNw4Fb9=m=D00-MKPj*6=6~aV`Y+&ZldixlAob^PgS52wM|kPa(e(gu zj}8TRN9%gt|3V=%|3?(^ldVxu$>l-7(WmfFAo$&;pePd(z(KVP<}*h3v>*OLFkhBC za_7-SF?CsRS~CnBqx;MayOcC>*=vD;rVfIpfTf6!_FxGsG918 zqqdpy_bdMivSuE%7lN9Q-zIH>%u~b%Wth`|$PCc5jwom7mCh*d{!Su8WFgQBU92&DS~*EQi#mRO^|D9k{J-e5u$Y)W7Z(@5Zb^)4GQU47iCsQq zYMr0$A03NFAhrKlZ{dHD*54%ocI$uH81buL|BCQmQE~r=6sQoXagf5V-%X;9T7;7S zflaTzc6UqLEOKR+DI)f2L3@LR%0$4!{x{ub6WCZ@06-?dTS0*NLqkJet0R1YN4rD* zqRTPBY2;gRpo5PoDAX~>;#46s<5Y`~hPnB9ax0_!@FraeHMrhvs5yW3&2WwsivOTN!e&W2=QC=a7$j_@DGD3;J6n z`Sj`2L&*l_<=4a<$}HQXat?ZgkkB@sSMi+kF22l~Kx2)oFMS3*IcSSy%3)Oj;Fy2Y z>rV+y);%fYCa8&AD$ua@!7d9mkiZPo0Q)!k8i@K$1C%hjOQ7+0vE}a7epvf=DL=c+ zExYO1aO*#~u)UNt4$N&1|2-C+Y1@B>PyWNp|JINF|60%dA8bnczu?>ZR}26C`2Gp1 z_+OvJU(ESm+5Ppu2Ql+6P4jR4@_!cy>0d1U7fXL};9s^VutVo>`hQNfDg3$C+43{1 zJE_O}(P{qD4?Uh|kyB^SR7dP2`m0yWFBNhvUe=r7@R4Ja8151c4aN^L95+KNx#!nu zr$DW{bsC|Mwv6i4NAFqlA8v-I<@n23Q-7X*z7ui=wcm0__%g8GI|*8D+3H6K*RW_pI!rA%t2OSx8;Y*eb7En7{7C)D=h zNxom^TmxBIOI@!264mh}{X?IJ=-3mooYWYDw^BLK#$AO~C89t7NAEI<$4e879cU|5 zsxi8}ztC{?zGr!5cdh2uapVv0q4KEf`&lKt)?n;RhvPHI7Ujp9=}iByNn$GB16kdN z`4=7BEG)=Q94}Cr*@W)_f&rl=px{xxeI6g(B3U*i&%JtYI{v01;pXk39v^Bu{zqy+ z%^@M+Fm#k4?AI+(|6uiIDjz~bsx zpnG@nx-;jzH>5`k$u*U{BrA(`^&xT=wu`eWQqyu%br zvB27k@M=;p+0Q?yh0t*O`1F(ZX7ya-$({f~lOnB__oK6rYvmztQH8ExQ2ZL?#U}Ge zlhV2DcuPGmicH5u&jQWZM}5?{jCUhP_tHy#e~NCvI&sJ5Ac5J&nL0D>%8rAs2&0M+ zEJ9oTv?0r}+-enI(-Ye94Z3RKkvlP?G+#J=V67NOtoCaM?HePj#yfi^tS+ms)B0Ss z%}D~G*5vS7oEg4?dYrwG7%cIi7w?xurn%W<*o2x>8Yn0CRR(MM%bvTNmDHg_KsQm1 zrm@$}OJ7;ulSgS8_0u-cu8YU_g#5;aA5c02na$d!#qb*uRtUi72hh%reKYRbR&~i3 z*)>|;0&>CtSCm=#ARhm-P66H7JP*?!6U4`*+Ok(UqCgsfkF8jFRyzx6@Y%%jfJ4Yx zGg7Ji$|`iXQzXuw+F7~UaF5fEKu%33SM4X=xSp}m2YIyOS739FBVX)`h8L+8FOis9 zXH$PF#!ss!e&iV>Aeq_AA$3XS5ZV#UUXo_wkZWQQ5L8nlCu^uHX9gBTIYK8L!Y5o8 zU}LM(ClYE7U}>xOYgU)B#f04@^5ymMceuvyXcDZIUordnYtx@nD{%cnF&lkwh}g8j zUU}@{;tUhypfz>1bY`ZAp3|XJey`pfa!4+wgwKFWMqgT-LCOa_64o%Q3_VOJw+Myh zo2cpmCr|hQ8)<<3`t?MT|HtwL#t6HurJG>NsD!BXR^YWsWV&f4?<(dba?SnpY-*V5 z0iS-Sj0Wc!{BnGkDy=J!3{o*T=%9^MqJzPiT0z=VJ$kTtNXA{8f+uG~)HUAdT$WgI zZZDp6wb6a(EiG3V!d|#|xSN*nhpFJfj3RnV-LI+K_9=Etagy2as=;Kb&tGs_BHk*t}mXpa?@! zF~nFCuUHvRg zpLntA$+GZg*L#m`MKw~F8?&)8 zL524X4wX3>10N$H2+&gM{Pv*l|JU4?#wEF}Z|{AYcDBvqQER8EduKU@rG}RcU0-SVU&o!PWt2`*UiQo?Jfu5SstxXE#Ys+SrngR)(J(~m03r7XKx+blJ7qVO2@jb<+V8@D(qDt~L$ARJWoM1+~pMors z(wVr7srvyCiD;Xu_zFpwmY^dx>urDLi~%@P>?GL@f7U1oufQ3#_AKT6fxAz0XgOnI znKP0@EdS`l_&5m7W5x7Umny00Iv2M7XDfbuRTREMIKvxjFX!Gn4RYC@Vjm{C5 zLme2d0)x#UyrEeYReiVAOSyP>AJQJ9sf>fkmPp}tHJB|e z@3i;NX{rS)fW)8S@-RTOZudWV{*aAZa-)vF)nIv#v6Bu8>on6)R0zxm8>MZnG>*1Y z8%JF~0$v)f(?%kvK$S}^_ME~CooAtb(0PiPw~?EpV3>Xe&Ero7N>1@bOI6-FN1 zCym#f7f#~h;_%t4H{7s%FP+&%)xPjF=14vC?n)KDVfmKz*v(bNCrfo{AL_z$WEd@E zzoDuMoYrz7nGz_N*L5@O7)D#2V+YBtah$|E=7C$Got!}Y<|T{nhuldi{gI2r@c91k ztUTdV^S##5Mw0Os=T3rE5~M4q8!jZu&NeLB zTGvFf>n_(mS~UcSt>yu;DyX{PkH9R@Hcm-Ca5pJOhfv1*2pg?FoEO~BGb+Fe>iM#C z>?+04BEj@VXu?}R@OWItsYexkA2BhA?ev!RCk@)^F%z&Vp^k1;>G&Q`qHeY=cH~M< z0_VKTk=>CS(j-r6hj|GMEGhjobv<}Ch>u+2Dy>s@M)}DGay-TlHyPM15-A4p_4tr# z7b$jj|8iP_tFlf%=$>tZli4+#Vc#=Q=Oj1gEjux#0mtvGb-Q}k6O@i4^k(VIvwc$g z34F75`+c9!4Wf5*uw}e6n!37OZe$e77fH-VGqV!Li(FYgG{Ee^+3L-%*k;I?ZfAna*!z_P;r$}&@XyeUcgfuAg_7;J> zJvoY!0uboxxyTa%l@LO~(6?&~#Ti0=9z;_9mz)Q6Rc2jKoVSn?zq_emz=l6-H`?Qp zD!#S3dc{406=s;hA~4NccL%cM@g@G|9@l8lmUhbzD>N~WuzL4PgZ1|JMOMovZP5ZA zh!~Ks7=J)i-2D)jqhk~CxzB~;n8?(+pci|T#>NH!(9x7lJjP^4tnL%Sj6RUVK+Clc z7-2EEp&AlwEAI4#9TOjy?L+Z_%*2%Jj!)0BJF?I52GqtRD=6vQWkxx5sUh`xd&#HT zY{d)E*9U=ijGD>0#%ii*n0v6r@{j~KM!a%v6O=kM`_qNn7_EsXk*BSBkeo-}5bMdH z&B6P?rur9o-l{7U=`Ma*!y?--W|L+#Ol-G1a_u<_S4_K$>F#SQhlyG8);u1VfY04W zk1f`oNs5h(Hq+_(oe2|1BPnG?k6v3azZEJ(3g3t24RpNd%~Q>gF)GiS*-VhkY2@R0 z@X+cx)r<@AKdPie5r>#Z1aXPnosHENQPMY|M7NJ|Zw{O_ABdw*$mF*DD8)6(-O>v+p*5MJ6uo4TZqy@K6NxHrww zy^dUC*MwwNZ%A~jMpU+16?0W9KOKpx-d6t9VXu{cESR-~$=et|?*M@x+z)hjC+&59 z3C8uW-Ai1a!zAOrMO_#ZA002Gy)cQ`h^qaGI@)fTica(B@`8T-#_VmY%kfn;uuZ>~ zw`{!Zb|yb8t+u$lq+V|0=^ zSDt1EKLl+aB@Rs6;1!0#8Y-WoK+%3k=N^k6-f}r`PP%gjLV0)qwhXCzwXzFWD^`8B z2D^{PB#~%OH(b&+iU?xghz(?SrqVw#$SMkRdbmc1rH`FIEsL z1X!haEcM1~SX8W)obOWU+F?0hq~mLSfk{$;G146Z{dMppSZO1n3G0~}M8$i0g`k9I z9Cl4C(<$Z-YAwDMK!3k=?;gy~cO|dC{H@H4KmWSwD{1g^@uZ zy0sXqpB*VAb!@Fj%tgM*o(Xcv2u-#lz5T~)FEDND>3I|;8eL@O7z%is29$;U<~e?{ zY*uUKK||4lz|w0wfZm8cuT27K#Es?f-gru`FgeAgD_OhpUZXpZpSz-!pN{Q$;bP5o ziqD~~hTRem#!->1?<}t%t?zDT{60w|H6Eh+BEOvct#`rPAg)s&oR>M2(ZFkkDAbS6 zeISM5KA$x%$(>UV?uB$QYa5KScLwaw@q$7!yc=IxH19+enXzU^(~oNR(pRq!HvXru zJ6_db#iQc3t2Yl7H_)=AkRgm6}6t zGGs3uIYLZRnO8@6Men#g0X8?x2_zmGr$pvfYFwQklx18HOJcClp;LsK0Uxnf01cAT zD7k5^91B5y)Y^^<8%KT=MQdo|W|6jOew7XLvBOx@o~J;3LyNC!c{2PINfgVAdW$ug z4_=5P?B1WPOTB_);u7za;<0U*B3{e5Hf{ax5qMAe+Qy}7I2oGqg}4F?D}3Ec8dQ@p z%!~pIJ^g-trkBvpE5`SQN7ew8&2j4~%EM)alDRtV_(G4*cF24~P(~6!;ZzRmUO%q; z?OyIT{T3n%XA=vY&sd8*tD0FLXuMOx)11VIuIe%B2ys!wILI{^#}4`K;>3 z#enHXVgU2-_U!SRh1lkHNV(n=8w<^;LJE;{0U`kid;9sEZfXyejd6u-HZAirPjau3 znLyr5u-M!-pKn%HEPphKz^!JHNbVwSr&Uid$c>~!#kxj9NP4Rk8mnt3cTDqyOlo?x8+)WIvVZDW zWZ@lz5x=+QI6XS=)*IZ@yiqM5ywRJ_Nt(KwsYdK+4F^Umi!Ljhkh1wh!7H2=@%D86b&z(fF>N(WfvTv zW`%nu>v!l`NS)aHg*{4q=wwz|>ywv9;?DqbJVzQz5O5y|bN8mGPo(YUI70&?FoM$0 zeO>@?VQggghPj1ib9Q{rsai5Quv&{>bZfC@?S%-oq(iTUkKDEPF2Xj1g5le6I!1NU zpW7Zq;aK--g>-l4)dxIH%dEenDEG_P;thb?A8aExxPdf1{nlsbCxQ(4X}0=}wJhqc z8~^E}lTImC9w&k;D+g!4x;JC**q@!>4$p|1i~ZHObc5lyei{cGyYq-va6BdO9@x9h z`0f5Gt+1YZ09*4?DfM;ldSs5JrM>ZPFlJoQ(D6vSv`cDh-=>Ak%sC~|S6NhI{CjGc z=%43`<5wR?Z^41V@J1J7Q0wPyZ{4)Gxv}C74$&XzwfO4zoss#Ih6nA zru0(VFotJ*<-hV*Nlb>;-8{kX?+|}U^Fw4V!iaS)a!7T!zSBULKcohUqy`mzN zkyL(T4AEal|5BlH@pR3jNK*$awtL#v0mKc%TAqn;L|5Kq#sw>WQMQ`^o0)byVvz9v2hBEfM1I3f?#<;sYsgz&!`2LB7S83MCo}3xF zXBBD~6k{GZoum4t9&s^9oIfYmSdR?TAqT;Pc}|(!214Gh>z~`)-jMZaUYSB>vu{Q> zoh{s)808aOclz8OD_%Ha6o}4v-OeL?TqQt)TTPMPJ%_`zc{L^8Tgy7TYe#r=cJ8F0 zK@?t(I5P6f*%}N24$C4t$&+=gm9jN-Ix~vT2mX$D4PBOUwPvf+i~{d|SFa!X)k&?1 z9x*D_>U{w8?ovF)=gTkPC#7Uc*MV=(r$YlSA%T}tH(FX>IbBe1|C7@v;Oqu6CMkfBabikPv!6_be zBYuKOvdFkG!k{^TM(Ldv@Nb%mf)U+6$3F0#;mUN3^qaW68(*&{SSbpb{Mp~w4J~#y z_;E%q+Pun>SHyv&I;qS6su9P{PN)&k5@`zQRz`1QoFmcV9%-G9Ryv?AL>36csvi7r zB>IeJ1&m}m*U>6m5)K=q3id#oDGgZIH(p*aNsnJ#m6uFM$(4|{XUxuO5V4|Nr0yw8XvKc`fQ=CpK8rzp ziRJnq3l_5Z3Z69b6DJ_EeQ>+grm&7n-_K&X?>@Jj<0i!K_G`X4p~?^0fEnG@ z%hz91L#4wbAQy=;>Iw!dt=w>Wtl0J7=X zj_cL1MSQh0%RkhUb^iJhL$I^GIQged1&ggGW;`uT6R$r`P}e6Hy}e@QbZ$uB;pS?! zHb7@D0!(f~$iVfnP;ahkhb!KL;6ADwdL?XmPy96E+P@;mrqaxv8H;~$4yCQKqb+hf zt{_1=K|Ut7XM^^9S>2Wo0?%LK466FzynXb{~XRaUX)Pf-N*&hk)+MAS}^$QVy$>{NJzqs#? zwNO2>^TvBrKW#o2xSW_zn$)QGCgHXyd8f~x3Ba7q%3s*jtZ(nI8BXB$s_Eo%T5XCY z1=yD8QKCA?GIG7DCXvh;X8{}%ysD&GA%8e3gGPU7tgo%fNBkL5J%RvQSU$@qiE)Oo z2_>|Anb#|iM>EN;qmwCZdS0^KM(`OUjFh&e4!zH6Z_fqe6!)&Tq?pDO#9Xsmuqc0k zz6^MxC90+6?MPJIR@qQkm#}h4(&m?+Q3J`?k9GY7Z{xdYL2YW?#+2aLof4$iRy|06 zC-pAZ@f9?!5iKapYk)y3i>&sxIOu?J(SG&vgiEB_yR5FEXL%%6jHU!eQ#1gD*=V@0 z;A}b6Wa`Q5hWQokdbUj1G+Bk9^JROnM>K+YbGu^PZ!%V-Sav5<(Q9V0yUP_>e-@}c z-~B=-a}%H0wqzE99dI-|^nB>?LuL8wt-_<(4I?OT!F47O{n}vykp*D86hl%E1>_i> za{|r2h+b^}%#;tmzuVd&TWWX3P%36#{BbNwNRxo@TD6m z#n_%=qS2gyzp+&w=Jm4459dB!dwsNq_H4F5?2c>vxVkocj@gH^pjWiBAu>6ofWuhW z(0Oj$_1!4CQmJt)Er>ttTA@GmsyJF}CRq%vUAx##jIS~&&c*5R)z;^gGS=@^b-)L{ zE^SD#TvIBm9@`UtsFIdRD@vB zSMJT;m?zb-Vq@Xxl)AgX!jjKIj+vGmwAM$RS5 z@YIuF+dk9Sk)&ipdaPGl{AQk3zF9HrY1PW08u_NpfryEager~8DfdSDVn@;izgM>( zj#No@?R_+7-)uBIBt4ePg0SL&nAiW5#O; z=L0Q1##Ksq%-;LpPC0N_a_8p$5}_m_yArhXz0xSd2dqT|bwF zJo5a_Z=Y_`O}}W7#Z{$drthb0F6*Ydf(2>`v03tjyxTtUMh>KQ^xLT1uO# zC0cWCD4oT`!~M+wFOSE82SPGiy@h3Q2^J}#BY%VK&O=Y|$l?!++_yE2=nI1dbf@8+ zG4R65!*dHO+Ch9-GJQU<|4H%Sj+!(x;&Koj5J(Bfu96lf74thh=_=BfKT7N23sX}TCgD4$SfAJAH67!8Xs9Inqq3tI11-)!w_0dK=#Zu$!#sK5 zm)qQzn#e`O8Ke4X-_RL!(GtW0k5$}@iZ@@b!ESA90|otVyP_1;q5vf7(N7MWi?I`$Ol6DBRu6&{4K zK)=YBrOS8^nBYUHk?xhjtiQS9h@eY|qcJ%m3-3xo3}_$J&gW@IIg90w6mVsa{K2rl zq?r>;ZIQk#>vgmUWe7zGyoXoMd0@SOODAYUJm5E!peukDt4HMjONSU}7H9_V+;M&| zZh;d&;{{97P%&sXz=jgb;nkc7g}*i%=4PJ~VZzcE!?LxArQqCm!R_p<6XpLz3lzUx zIHFBP^-Vo+z02vnauh`Y566$jnG5tSc=6`hbxkwTJ5;BV^ec0>EodQ1$1A<(8vh-r z&C(XC?;LcjQ~lx`!;C06S!FzGJR4at`TnNQrCWI|zMqvpbz zF^}e}kQEyrI_qR(J5Kfs6Wl>IjA=@*Wn475J_~hN0XkyR9fmU;mOsLV>^D@zloh4# zuA9g5pJc`Vyp|17w)>f{Bjqmi8s4t$)cj&nC*PR%34EmrQ~a%(+UF4piu^=L?l^q? z?8i?FKfV{x!_Vg0X>8>m!XFmHi*2K2=JC1Te*AnzH%%Kc^iP1tAcAIFX(rpg8!a!<}G76O7oe=HvjciE+5Xx`ilnm4xjvQXK3et{D_?my)y7` lKk5JT{LhJc_Xjg}Et>2vSl0yp{I_nx#@g{}t>vvp{|jB?w0-~p literal 0 HcmV?d00001 diff --git a/docs/media/verification-addon.png b/docs/media/verification-addon.png new file mode 100644 index 0000000000000000000000000000000000000000..7be602ec3d5d9cf241a8b66538030924b8d9d4bb GIT binary patch literal 65236 zcmdSAWmuGL_caa-orBcSB{B%ol0yxRN{EUmJ*0FG-Q6J}Ff@pwh;(;1BHbY%-3|YX z`+lC|{qq0%d*cHKGXpc%T<5vZz1LcM?J#v!MIw9}d^9vPB4s7HmuP4p8Z$FaL-9Y8v;LrLW_kwK8N)3tw!Yi*Sf5+l;Vl!dBdl)TySnJ#t#?`Q zs!I15tXXfIvb?!G!BS*!%iC!gG7%W|^u3thF+|~^TJ_k zs;sc$!|&eCX!`d#ap>u7H9Bn-c^asT+pE2uKAt8g3h)|mr&V85E>E`JhY-_S&DA>Z z(haVCa{A%2^UiYOdxrDY_`vPe!d>uxzV@W|-?5?Bl?!B=88Eh{l+we&3$}@9VpYFKMZ6C%?7kYR=|d^`|5M6KtbV`Ux$?3VZVn zb9ZtC?R~x6C+;&qY|p4loV=oPudtfppDDM{L>hC7ii%bm_dF=vzB{dIB05XT@H(C9 zq9%Q6IbJSHA|W_Sn`Xfj{0+D_ZsTnppNoi_Kf+C=tTC|Bj6R=&%zvX8YTM3py$eKA zE7tN%o9aYhny~FI<)^W4?}cYI#el6cEKGL@2QKenqpL)23Z{JWZnZHJxg6%w%^Xs_ zHv{T?ake`**WY*0#mKn(l!`?jce2F$g!8LR$!S>ChrOH`@p|w0`T4g4$yDuBZb$Q<&B2{W_AYfRK735;F`uoruNJ0s z2s#{Ec5MCruH4*EP4dDxt`(u+j~J4?D!%f2Fs{ohaJW;oF#WA+{%^E=72c5lI?7}4 z!|yL^-$S(Y+&VJ0sw8w2r|HFAoVqTCuELtGcI);dCvz@?2&ksr)-%=z4NvaEDL7km z|2;KUQX5$Z3c>6jtn7fW|3w&;^yGc*^D-3r+C^y>Lm6;cF4!lr;sEpEEI$tk?rmB7jCV*ln9h?``at4F3JHc_8l(%NDqZK@y1soxBMh%v@SgGN0vpid*rhL=Fp+T0dIM*B&eoGRm)BzS z;njW{$($Q%y25g1d#WsB#J}aiP~+9ErCGXt@KrNk7ac;v{n)PTX^+95pov@lTzGyQ z4q>E16irRX3UKA7+3oNunj02J$r#DY&)$x5|K!y?BD!@pc}javk7RVKs%+AMhrL4K zNAgs<>3I$97yg;=$N&$@i=&a$gVAc;z2A;)w4bwMZ<$RTovyA~Hl9NGi z4p#gRg0V~D*{s6+UvwGS5M~L_Biq(KPFye`7yWFcIzi(sW&HIV5n5|McLOUpi)9S| z1d~Mc_B}BAw@kDT^|)A$YS?+Z!UGc#wkyp$`1uwcmoX zOQbaqA^m5AjI>OE^wIl~ld4gHvcv69f2yj6sWp0&TMHN5UIBX|Uctif8_v9sDdxE! zDW!&hW%Fgo&Dnw!%#zbA!#QaVxe_(wIeL-%kj*bU4oXr_srAo7hR%iU2nnjkyAhD{ zirWoIoK?U6TYpFqkem0ETIW5bd|J77q0ITOu_Dck7Qdwy+N_-O3Yy}E#TQyyy3ViT z)a)%eN6`fy&hHz(P`JLi0RQcXvUdoSL>? zH>^tPW`*$%YQH2rk@WOcsMfHNP9%fGG_|l5qkTK+(g>t@jY*II5r{R9nw{0Df{N2i zDZHfPVqotlc%+(ces?kCGwa%ni^vw+66qH11QX0&@ydC;j&$S@XvLZ*Nv~V z#Bl_HWU2~ed^=84tNl-Jyvx6fum)IGR~G*`WxZ_k$qO=K3>yAyGgn*VneKCYVY7pq zNlY(Ry-?r0I5`3y?4T_)9r(1SM>bwzsde_A`o2KD$dsJBX%+1p7hO+BG+nRp=uT3* zt+hqslnMRkj#ctHh8L--HBj2ZONI?{_9!G!DRwSSc7bCw)X+=G%O5Rq`u0o$Kl@p- zzITnpK|2|Dad-t?rsrXpN5f7iDeLw|ZVd6zti6HUtmn}HP#)C#`um-1vvaJz*ZiTW zySu&0Xu;$%HcRt7tSoLL7Vp2A?~W$k`}fva=C)ri`aH1_XQuYX!LWrXDA@n7@vqW2 zcu!v6`ubmJQtA{udXO zuE$qC{SREiUHZQd4*gF7x6|H%fhV|41pls>+`GxIOib6@|3!c@*_!`G&HsxC@_%Z{ z{uh8&tq~T)$H(VlXYaD9KT!Cp-_&?@ygN7ZrugkrG#+!H63^Yup3k@URW@(Fy?grp zr?GPNeQtx&ugwpqJhe=^FL?hTO(Jj4M=w4Z|8sy*FzwF&;O@0p2W#`yKYylIVx)E> zBRuvRCgy$aysm)rx9x|+VAsXyvCVgNz7jKcrkh$}Iq|N}Wheb?*hkD|+nnst^B;SS zSA!X3C%l(xK#jKQj%7|tPF^4MyGIQ49!o(~;SfV4+tgk|f@H&es<06!O_$Xch-hzM z@Z6WF8j`&vpyDn+8WbPOp9An}6@7!P*y#CL)7_3~`F)PC9LWiiI2qGC1)xc=;(+({ zfufmHrS;5sh9iJ$r@y@Z+M3JfqCk_#HUz#iyi2of-29&Fo#T0TbLMiN&oA|wyc=c| zKlM+JH1d63)1YLz$zyS4Zq)x3Q&Ri)@%u_E?d!0 z9UdL+oX*%*ZIv|5H(vhbtg`J(dg3zhbV5Wl9G1WPS$6b!A`gn$n~Tl1`+epkyE|$D z)9S5+4AwwsDzK_d=@-K-q%>DMRhjq1YP{eDZPg2<-#PLT>1b{Mz|Y{_51$PtqAk`e zRCU?C23On)pprXtxV|A3RW`X53nBYqfw|0 zlX9o?gsvHIlj#6L8dQZH$klCqud~{ntpN(idZtgKcnHb*5f|<}Kwe-l)=q&T7{YSA z7_Ul&q}6@3J5E)mvpd%lD5VGh4CawF`||hSlBtTctX%-h-!Nz2MPKQD^1&5GZ^7G4 zNF&%Sd9^K|)s?L4l4@dRR;T@h#Ny?fv9r$_xmKB8r}o&Bg_+)eqxXshvw&hUD01rD z9&#G{@#7lm0N6Ti{^9sr0LWWL(LDWmchz*~*kxX*rSDZ?`7DBphj@s5c^#+YV7G41 zrMFOvaHZ|7)cGQ)ZYh{{)_$<=;!j$}FWel53C@LspOc!XRhx4C7zkf$Pl#TF`xJn6 z+XRfZxgDxt-8P+R`aj{6Jl6)*bCS_n^RB_Nf5V6rli;G;{MFS z?RZ8ERTsgtLqDoN_qbF52bZ2)7E|k*sqF^*Ja6d&U`;kev_ei8;{+SVc0PmFv(=@# zZfhTH?2b$pMGw1K=R`fh(Ev$z46v#{qt6bv=VpHLG;;{u@~N!Yr~w)P&s}xg1g)pXh?Ia-;es!MVk1;)L_{v%NUbGm z7AwXu*f1TMR0)jk8yg!}3oUPjssTH-o!oSt|19~?VDVU8t$Zm#O>&B;m@v`j@>izS ze7&1X-;=69GrWVN0C>nt5$|i{#Hq%Zx*T7)h8X&VxIr^op|nH#(f(UjL_=vD{@ROO zg)3(OkI&se6p@4Gmvs@dPk4UTxu5(!1(3H0h$=RN&MfWN&!tBQAuhmBUIuW4nYCok zxYHIK#_jJB59puq)T};87IwlM&ARQLDJn$$g;yzu93+`}0l7d&oC=<&Q1es}4EL@* z{+t`_aF=`iSF6e4&gXKI-R$l4u4_{nB3iUl@?w?D?A5s+37ZYTn+M7K_vLs^O-*YN zC_fNRZP6PTtr^O#K!AVz+xzwCrKf2k_BmumNJohAUfrIgS@-iap@Fqu0sF@RJQ#RN zID3S5KIcm~RV5FR1s^%J#0>useKtmdxWw{b=pC@AW{CZ!xLzEt zsmgRLHn&ARQ1m(Ee@f9?H#_HZcau@fWYtyJB;GT3$WkZzrp$Bz-UgE0E&ruj_DfA_ zZr)>0qAErZGC?ABZ3j?L|C61W39s{L(ojDYZ;Qe(X&AltLL}5?w(sr$Ss=@mu$(n$CmB zxN%jaQ!oUuAPmT|FRzN0$rS<#H-9W-;%v7iIJA>0lH==RHz(`47pd=4;OI%A(DM^o zQY{ZK*+4P_IVdDQXMkz6&Wg zT;h6wr9 ze(=%{`UV>qeMvsXoody5Nw*5fJnn;w9APa1ICVeJU{K^91d10Cz8u8Lh{;~Y`}{>2 zeb5OPl^!zN>u5mOrt;D264a#R@`U*;kQr=(F;cwXQ#oGCe8#2$r@ipL(Q;*GZ{o*V z-?!mUeU8!=Cij=xzR89V4=Q;thq2?!2E{5%uEta-bgM8*e*98Oe1Ej*aiJA~zrZis z*~3?D+*?8s{ifp>5@@;pr@n|NB`iX)WVx~wC&mWJ7-%QNr44?1PF;bL@Thg~GM6)D zP1Yt`o#6<6s(^1>-@eH7?R00Rt}-(2VW3i!gQfX-kby6MCwWDP%s`2d^W?g zP17>cJ{I!1^`wgU1RV>u*ook2oYeC?kf*YJM}y>+s!PBnUx`Oa06|0!m!o0JC<8KL zd&vls&f|C3P|iRs-n!1#H`83$Kf!DCmv}r+q)E-*fMWRcj0y2q!NY2y>+JPmL1ou} zNCjNE@K2YDi`3^=ZN~h3VflLx9MZaDr|4G!q@ffti$y3NNvNMxPSje&;W57c<4ph+ zi5&ABkRT|&(;KG67D6|O@?>Zq(Gldvxu038`s~bssDi?XVs^{l60~VL!HIfEIL@W z9Q?sE1-}J%yGO^v^>A&CG<2Pa@<$nA|kJBdKC@Ip=De|59XYd=^Gj$!jTdFzM+|uJ? zBKkg+YLSPJ5{@K^l!IA7TD||Mh8{-x1aaEp?Y z+DKClZ*Iu*tdfh4M%3XW*IZ)EORloS9`c~tE;Et5Nw@imw^I&pd}*B z?_Fr8SAN3UA0Os=H6UW`xPyrzCfwdr4iUqIf6}%EuY>RFf{-9D9e2~U!@BdvLQ@l& zCsH`H4htK#L5QVNy`aEUN(o}_aFym|&QbwQ9A3&%itsx&i?`uX8^}Dg738q^kUp_y zKlj71O(lI-aq*`}ihNYAVvI}4l*yZrpb(QFex_ZK5r20B-*wao2|Uq{&Q|pnQ!xk++RG$&E*G;()o%Yo7PbD6;F=c?( z#|I9rk!VZo-TapncIhcdxXy|`J7>++QSW`4_d8(3Az~ix*Ri9=M!#tDHPK;j^7UNP znWnRd=P}LcX1|Df@C|f0NJw{_unw?7R0X1YZEvh1z^-F*AB zMR>te(+&U()i*rAE{uACafke+aVhRKhuybKzW9LT^%_h_xO@KTsU&kJ~3~erG2 z5AvuAat|F30gFd`_6)6Tk~ZXo@EZ7T4IKw?mel`bQXj*=;=GF+IA)A?WZ1a|L@C!U zKcN`9eSUP&^)(l_gt}Ojrulye2#^+n;#d_a1#Rc+nb_IcXUi&X&BaH=3U)C9n&)CX zodG@DU~@D-=tAWc&Ve;S_jzS^!w!G&|XP+d_W*zStwg*rFTP6NP zJL&;M*lK6GVrhPP2{ss`cht*SQeAG_aPsB~;EZ$sX#~k_a#RI(0-b|rR|B@*2u9C+ zzZ(GVyZpl~?}K4M>T-ki>Rv8910?bOjI(>bz%L*$*O;NqlAB+=ucW0*akbx&)x5n~ zIIvs8UYQXpJkL90Su%M?|3Yk+;?>9B-z-nJ%a)?&LI=_YE>8r~1UY8od^5E5P1rVG zju%8t&AEn%V*tIW==_M2t%2{2)7u%Yt@QV*%cM1cIy&#^3?b1upli?Gl{8-VO5UC$ z&b)vQkKaowb7%CLnwnjyVC;z<)$3!jp%0ZtK~rZ7A>#5iScuqK{IqR`7mu-jCp|H> zZL&ViybBb6X_~?$ z{;FM#Ps!d56Luk^ZaTQ$511n0Nx4}fDfMvPwW{=VL-P8145lJn{uY&9mz$H$oVxi9 zNeS1jQI_f7g!6T5kH1G;!PeNKmQg2Ni~}}}Q^j5$Wju|cJBaw(PnP}MjUwZFi+wx; zV$S?qGZWi&dq&QR^zo)So)=<^DR|)nI#eb0p0I@YR6vJY_QR(@Dh6 zv}H-f>#uKW5cxq<@wB$}BY!7K_C{If?rzVTb|>T6o?#fywmLXC%!cd*8srl&te?&x zK=>H%6K%b3EXyo@ahcmL5o>T&eCRM0n64mj4b=@7-{nmcpRhW$A~4R?-kUeoEDXkx zr4bAr*tefQ8cN%#E19}jPiwd^MZ&u$OG}S(dR;7*<^g@cWi#KDr@^>#NRkgrIGvni zwPMO7IW@yUg=+{pcKljOFw2~T!Rqv^DJ_Z`;j-6Ys#%ai#K@pIpIx7)FmR-NR(C6O@C*U0H8Re$SfbpOD=c`yELvJ_90Gs3f~KtUF`~Z zTpxUMR-7{uVQ@3%vL%6mx7H;*I(In&Cmo>^5iP0NBG>zEJ3#NX@E^|n$A2#wJDwsJ z1PZ7irxms-zh_3?XLSoTTfF=>HEWa}t8t3k)hp3uQnv>&_ZY6~)PL()8_*fFZuUk0 zN8-xY&xT_q@9s-4JMQV<{MB+<`>0jxdAL-U8Ft~pt8y=e|12xZkV%Zpe}+J@!n6+b zI73OaTP!7wm9{-$M#$(KrtSbM5%icv_U*@ir`)$oQ>X}RlNM~I9JbJ;MfxbT+DFZ@ zTDn_2D1$s4YzJGmCHvIFM*vlo(Qhkfs_RP1-2OqCrG>J`WpY5ywL z79cP#o{AFgj12$C*%rVI=mgp;oux;-&=8_BX@ySmHDu}eep~mfU2fuHT%oP=2Dp#Y z`sQ*AabcK5O34+vR-=~r7Ns#pA~CjoGJ)tisOHguXoeniBETB@I_n>g4r3J_52;Al zOqW-v895mk|DealCTAcCRu*27@z|Pv>cVpC3UthI~iM-AYxrnm7 z_~-;saaE2(PwS3U%bIS!eYPTlZ{H?b$_AWJat(HVKIb1!dV@X6&B@6LDW`c4lzfbq z(`S!`z|@fW%*C5bO%!qy=|ffybA#QT{$uUdQwYEzFAiRnKGIhywW!Y?Z5YiGxYECsLb)E^l+ z|BZtE#pL0;DAdttyilFj__Ps__X8bk$>WPB z21sTSUL#M;ofe$;yxi@FFRt1{4Rg|OZjl|~?=vIB;6gzOo5bG>cZ+5Y;}w*L@aYh5 z+WKgX(W7zGNxWZ>Ta0}sO>@ga6@er@&AM}*#Oj;E9>_Fh4_XYh3~zr2(eacETz)Qj zmd=(Qvjmh=AhiW6C@2KK{`T(o6ErhxY|E$W+m<+^fXMQxrTJWq3f>W-jY%2X#!;BQ zd`i09{v2mZ=*yx%2itp$uxLX#4SS~NPlCQ>hS`Oo&*WVf>zRy%=RBgUL8-BFOj!q% z**_NXx-r@yLMUwC#W0jQR%dF}YrIo8fI5)tkn`0SKHpkllT~gFpd{(? z0@!g$110TS38)NmsGI5nu*ZA@nc62Natoj%eGV%5Lv!<%WZFfR^a8Luu;-dxoYmjx zsMWXyF|cK}h}}m|Ku9Xs6bmV&F9|J!HZw%h!lCM~VnkSGsTD2$rhbP*2pEhLamm53 zth;l?l(%^24y~HXHJ9t~xUQ^&aI*acPCyfyp*jij_c!V+%lpKwLj0@>$YWOTtD=LP zvdDiWeHOmWWy)}VQ|t*9CO53FZolR<#eyekIw;7BA_ zni40NLIHA-w=;sRuJ`PNZ4XL9uK<~HvM7=*mdL~Ww4;Zo7nRD0s`0-07S3T%j3AUe z>VFgPLon9mfloAuP57^Y5@wghOb?XDBJsFb`cC@M@NKMC;)ODM>eCO#NeN_*=S-}) z`jL&YSgFCxDxtJxU{*z&Ejh#boOuiOZt_tRg#<6(Yh&6e-{P*8RtYy3=5~}kz)Xp8 z6(k68Dg6Y#`exfZF^Q(uFhyE;Wog{7#-gA%>FZSfcjQV-fX@OOf3Lzu7pshgWJ!gG ztv?4G+;KA`x=xp@D){7-3g^PmrHxiP%wS(}vspG1e>Q&820P?oWuFk8%iDf|;G97I zpi$qSf&9TQRowOLTdsma!dv`g0$5H2&_-lfbnsVh6MW#D_1UCYwv?N>>edUycGJY|Id6)2(+~ z@%gZtIV-~|grD4u)Vbq1*NzZA!9bDgrMSRAzb80+<4Us3nlK^o1785YA^f@N@-W9U zaiHkb0!0UuQsZj|8VC=X;5xsR&*A_-u3&*&WSSZi7$o^&t^P0{VX0dV=bYv0&TyUI z^!5mt3L13)j6s;aGltv`zbNvKmNCIDMfu|h>JqbHIkAfpDp-Rn*PlnVA3(L`9Qoe% zf1}uqFXG5#hn z(vR9`#X4H-FO~UwpV6>Md<~frizJkimAfl>_wbbDR{qS?iL(#{_8eafU3UJChY2FsbTCa{;HFDDSe>{9uV_ zu`k_$Q`Ig1_WI}n_KMlFm*31#Vd#tq zE1t)TX`PNy7{Zxu%L9mn^G;j$0xm9Xp2u3HaqK{iz7@6iuIO$ zR#v@Q)P|Z(8&EKRbZ#G*wiLnK<~B= znn3s-etEaR4HTZSOpC5#j%o0E0&y86Z;i-!8q+WkGTEqx&wNVQ+mJ1jGNxg84cdC@ z9ks>fJB4|d#1VZJwAgHgqkvIHuUqR>I+!6ogJ>7QOeEhWH(8MWz)$v4ICdD2wJYx1 z9)K9cauz-_-{64*lIMMiX%J}VQ#rNgQ*nLo>R{Gt3nn7KUR3Xk1O-uG1qT(iACiT{ z6h5Vfh6na$2_7iv1U#T-8=*CVBtp4Mm>vkVl#BI3K(UO^Ll;aWu;$t4iG$eVk+!=O zPl?}FHS--tEXx+x3JX^AoUt?J^-bfnN;7!!p4KXmA9TpiTnlTi*^pe zKv8?C!4;bEy~LzfTh#JcY=O1Qs6c7b$8nEgR2Q9Dh6+LM^7budn^dJ9C0tFZ(v#Tx zkLck(%d&hbvN=w<*2F1p&1cf$OBbO6X3WCj;E4pE?`HN-od?olbL@!2$t?NLvyl1I z!tokO{E98cx*@iV^;n@lM4PN&-ajJymM9fvk>SfkC_LRnu$G!B-HOvIK#P}2GxMQ#10ZlnqzZOnV$TV z7zz@s3%Hy3At;A9fEnP=+qZJjdHHXB)=wvc-azQ)mHp9MYmO;KAL@5YA1Zt2%5C}b z3a>sslb_#b=8E<_dc=RIpr6gdUl*jQgj>3{N2pkineqo899sB?AU?!0;*!rCQ?Gd*V`czDQsWHHMa6Xg-{jQ1VhHDqwU+c zsl&n)+0#3_o(aTepPyHIE!Ioji54V2Xl?e_7-S8e^I)!_3P%e7m)5S*vIU|OLYnuT z1ne+CECEcmE7>&Nir39pQ0VirghvF{xe)~DBoYiJa6#N}%|{Bi&vNpdR+grq0X+!_ z6>2@H$dA0?Lw-3Caczq z&tRi7vl3~JXp0W`_4BN(2mGyBY39KgY+X&AiRiqqZ7q~H@$a?PP3t$ zA=I_9oJBPI)kBsMw@bi9BYC+!OCn$b50wB>(@3#$;TlU?sNFuy5$sCvdJwk(^Ew^@ zY_Bf6A&lkZ@NH`7e-+y}7s1^B3c3Hc80P;^DYE~}3tSg_0y1|}LIUCrP*7VX0R7Sh zr?(=z6!33OoaiZ`NbzejziJ?W>A~J zXxqI}AFzW|-;=!4DYHyF+Y5wiVhyQ5zPE+QkrZ$ zownSWM8r7bw*yX!&F{~!Of6F?3>ROVeA@ZPTt5dm9p5y0d!4y0`r(B4(@>C;PqqdT z0DO7SacK759W~&srfean-QZr~ygg}Omw9k6EQbl`BJH|1WvM_)@C9lCC;5I)<92)_-q$-4g7=ZBVFg;ug3vz)q^W}@@e)RK@I(x zkJ$^VfRNJj4n=Z7&r=mA-u=N?h<_RIdT_C*#rd&Cxi((sWbVZ6=%L897{|_lIReHs z36Dy^NIbL)EJ@&*>>I$6RK^h{TvULUxC5NDcSe%gf@@{S10yYxNb3$6y?eoxDz0aP z8dee_xV+aF;-T4ft>%;-!=l(LRhO5209)p? zK7zyvUDr7iS|KYtW=h&!Y0d|!?359>i= z*7}k|JY49;ICmn&vUXV7a~EYAcWbwFJoXvMH>9qYNKS!RAN+02Qt&+0$a<#I+2jD| zG>Bzq;{Npjj9GJPa?hL>wI6s#xDG1oxX~mpAb0P+hCT0PpZ1NX)%y?kP#cEd7+J{1|M02Ii*hTX|@QAeGO zmjy+UuKV{Ly!!zU_6e`dru|j|>jkefq9G+Iz_eF(@2I~|ikD9qFHbi{a_2_~~!pEHp<_ksd ztG-JB4zZxKlQYxp6{#5!Q9%EDy{fb7T5I-J-hFC~kSGxmC;ZaZ4KoTLBBZc)rp3{?ZIIp+jb!QN%85%jw=2Id?2s+KwxS{ZM+7M$kO=2C%R> zgRrj{-8YzBi$z5C?xz(P{;Wic58_P%BSm$75oWWtO*h+sZO0LxEZuordpt`9w7#=~ zg7E}g*E(;_9w57~>fMfJr6XLg6E#)sGbm!PQDA9vO@#*c6NfIK+hld-Gw|uDNpwQ= z*{p{=Yg}Q}ub3^Lk+HMMuwfy`a(W&We2*03R-Hg?gWatZ8=V z@K?H4r9))Czf_~rbs7q`XgkeIP{lv9Vv`(r)faNKu`UJl;Y>_S zf;`9qmRcdw4F*aYRS^H~_03;}RAOl8Q(&nAJKIb8yQxQ!WiRtp0$jiu5#cAFt0;e@QNQI0EnUv0gvbjY}f(w+7s=B}Bx0@5VGsPCeTkJ)CbntN9UG{U#;|t;Mfd zj)~dM%{x#L2>rIQO8+WqR&-nJ^J{+f1pU7#^h6Qcy`@D+=6y5PIyo^oq=j~kW~~Y6 z{x8k9GjUP-f@`6V2vho1i-FMqyml#I7Gu23OpV<*RYEy$-_e%v_p3ho+|U+06Wn|> z@b&#fgXZ;he+OU)dy`WYa@sy7w!{m4tnnaUd11QVt?WoC`?K~d z#~eU7&g&PyOT5=EMS3HE<&jxfq=6wlJ-vGvy{2d>S)7q%M~o%v8tl;dd(k+- z50ZCXc*9DP%Y@ihU{Q<{MIPZ@g$^>XgVdmU8keLui7qke8#7fUQH)aa)O65HJ$sHV z$d6nT{@9ZHfwmJWa;?#rJ@I@$@33MS8-qwgIi|BXSq(k!3llAN7}*W=kb}M6K2!vK zqff*Px8-38LR(S zYnZ`VQVyCY+b+oHXCPF(&x?dhugdzUX`i67x3zo-7U`D!Om*_mo%@g$XT*QLADYGR8UrH|-G8GV$<`7oG$V~cf zAltZD%N}CAlmWDeWRDB87LZam>HNT}J(<+(cI&C19YhKT1omY4JT)P}4`L=iQe%Z?6S$o5$>X*s{ZfY3%b|c-GD>j3Ut?;5pFhg_%K_Tp2Ev{=|)}!zK!dP)i%!d zuq^sm1^X3xRkBrrwYGi={wQs5B$O~jj+ZssW=UfG`mAhWb)w4g_UbyB(v*IK0AiB( z%yUe%T$mXYR%nQ%rBU=r! zCxr1%yuw;@6xia!=k@)ldk0r0x5m{;^z4%}3sZk^Y2{(VQY|>JQ@rx}8_W!`+pGX)lZ(QOAff7xs52B^j^KccLlK z2S0R(0CVoj%zKKwBJaiLk-}!?FA?0y<{EyK@*+1qHMIq=();Fe-+Z&#mwh#2{aFW- zZ+vfveTX(aA?e{;8ZUMVz{P3+EBp(gTuaj(9L_pgNo^q*NaV&y@(Xc(FwYqn5`mP4 z8$%!mp`>Dd>%Tm3RWQ&8$%V7jO#o$2YB=_LFg=u{UE_xeVUp#!Z*Hko0LE~m6(0ER%HK+0r^tLL%~*$c(7*?L@$<$ z2wT1tw13Q-=2z84Aeopf$3TgVIey5i1a|0n<)K{qbp~|Clt;4ixmZuIIi=G;nwqI| zl9SX5!NvAYD*^W}c<8Z;p7!Xm*Au-9L)wnmO24WBvL*%A#uvY^)vIy8wllQ}1Rv(4 zMjgv~jcBQFpkwjf%3~kc5jhhapN;xX(5xkFsdp}~{Y;)Rp$54mJy&RSXL~a3+Kb_4 z;)PY_ohV+G4(-@%<-8r^>lGhNef81WnCV0=EsK%WlFV&fA~IV9GliP<6-VuNUrF8B z3KRe~NSu8U7;Ts}6eNRkttY&zNE!Sxld#BQCsKOX9x4H+u)~k|iL5*5g@pVfA1fXn zv?r5fHz$I2{Om_)E6Q;Q<2U*suturN+g)bQxZ6qqHQEhTS_(pZG>aTHZtpRJ7#@Ad zFo&t|zT{FxmL?1Mdii}KL4ix^Uq$eW1UxKK^(+T@9vr<)EfGu=c!fqE9ZOiR23H6X^38*7Ssyr@*w}bQ-?_ zx;BiEuAbEYutigQHs^6K10wJz#_oUw^y}wXEg$V(6_|KALfJ zCO!!!v}QD{msl*4i#r_Z4e<-(H{Mqw7YYuENp0WAQPuBEL}-t;)AsfgdOj~_;%9&gPms|i$75$kaV)vJtS1|V{Id0m)4%SrAwJaXjx32ih zRk2a_YYewY9R*3&He7io=uej9}tilB@xBt4g2ymY*SKzwlEdNhUm)e^8Dn1X(S-Lf%Oj&1jq^-052m zv9$k*w$9pB#HjDG`nCFicqPDzPqL*@rsm=>50{r!5$Z)K+eZ?9nAl3Qt0{Br+3}5>D$goLCy116#3jJbKOyC~V|R$# z%$zrN7bu)vmxD@Tvm_-%5vq7qhUl-AksvJQ=e0VDFurs2DU#>D@ts#c zHM00(Lo**P^yuY3EBv$bs9q+h1z(MX0aFs0EHa1&zsTNL%8(v8T7USm7YyO@R&3tC zem?LMEmmf*Yj35)h%tgh6wn0%WchJLn^{9Je6x-$Is!0cBA+VY9pv}7pI^IUeH2qD zYTtrqXf`4d^)K~a(&+K6c}nJm9JGY+tK@+VjE7xPOrD+gLl>V*v2)J6l2L9MX4*SY z0fP|Nv^n9R6);w-6elA#*)+%ya$I&USVTK54#Kj`^Q0yViDF4s`4pBF<<1)8kS8_L zwV8Wh8T?sX-|SX4byRC36G}UV?k2lwko`!3$xADC%XSEcqZs zbsM%j!1K7iK&_ zbmP9<9`=1cjus&I-OO-*NE1>u6MH4O3rc&%yAfpZk!%YNA@DY*ekBq^gDd%?oa<`pF=li3=Y zN8)}#rz-`5EObB6w;ib^s}rhA&-Qcm!}<(;+8)KCvk?pJcOnlI1(9f?aM7_r_0ON@ z3V@m4mez-bW*I570GM-b#PH7g|xlkhbUD}$4udQM8x(B(~2nTIM|7Nt82&*LM1 zsfrIYpku}`fLOL3T$gjXhrxA z78?5H9p_b-(mBF%);wXOd70oO-_oVNl%4p$H6j~0c``S@d_L3ezR>S#j({&jkJBLIn8K;CpKC8SoH@lZ7Beyx^IbBh`%B8DF!%cV%zz!hYFrLew0F`o z21zX*hjC4wy@&5qc0)$tgrcgLbPthzaldETKk_k=iobgVy2#B)U^IqeLoQCs)-@o7 z)l$TQt!NkLvC@0SSxt+Rt<}v;dD}gVorJ3XuNH}9q1zCI2+8?w%iCsZMTS`2NRGrO z{LB;~co#=M=|ust3*3=(D90RiYWX*|QbGJ+>s^YUVyD279QEj)CiUKDR?}ynLDT+f z0m8621z37a_TMe^7^$J?w(h2|uyS6{9(Ep04uW!y^u$#VTY7yQ_t~j61tLjkg=pRh zoM~#&$4-G1f=8!fb=gTj(qv3zJqtaRr%NoakaK2tu|CC5OpZr92%Ple_01Jw+6Oyn z>{Wn`Ca^$YMWV%y=XvT8b5xNUtz3MIb{Kffr!bcqYNApPKdOjLqk`33=C}7k_X}KI zqeqedA9ZgT6?OZz`->nTjpUFb3Ih@X(j`)Y(n^;!!qD9zprlAi3@IYgH8e=W&>=BH zhja}vH2%NiegB@d{%bw^#q(nCy|%A$7-p{P`kvQ$9LMKWXPY-n-m(h`BWq;lf7&@r zP*L*AT_8z$BLom3jOd@kul8lgZd0~qz5*1k>=BNC^aDA>X!QR@%Fh3O(O}5<4%X7C z%P>F~*#Uagl~-4OmrD`M?aluL%Xe;o_^gyR;0+bu$PO(w>xx{ONA>f(wJ|mIyE$Kn zEd*T70F7XKJO-yAOi&j#W$YVf{jYESG6a4DG&~VN=jpHR062(SssP|Xu^~MJ;47G} zwoUK{v;%aJ$u%5A`|mH@G=V!7_Fi$k2k3O#VaQI5PCv2GofK*!=Kp?Tk{>1E zBfY)7<(Nh|ov?$wq%XP}6OJ7eT3ug90ic@pk-;hzw8hJ4J3Dn!hh%rehXom?vZN z8dw7MnAU%seLp4w-TvbV7eG+Rz&achUJx8Gy=;Nu%m}_{QJ$UKagd; zJMhYFbF8bRnHFf@6IN}F7sMG{5#Ok2agpo;iL+m&M#xftI6$NN=xyI_bAms>?;hDJ1sl}9btXoE%|kqqhk{AekYu>-Rg1JCjQM>F=_m!Oek%*0#kK(tkwRT&dC*mUJ=R6l6z|l~J5fGQ=SF>3$ zF*goqBP$2*IheT7Ec2zA>y6d6U`dMq)k0i}N{kSCG)t;7M4Vt2a19MR4hGIdu@DfkgB;BPQ>&1LzS|Qzn6cQVLdoprPH@zlYn7&9WRLc;gAI zqok8;nb62LY;|b0z>5SGpj?M&@nRCZ0yh#E{?ATs6i+4aP!gCmPtMA6JY5J3T#|yH z^s#4E1DKDxVa!PYYyzk_8q;TWXuU>1IL~eYGE47(Ki;;E{m|R8jh^jr6NB-Z1ORkX z)XM#pmi>mQ+C|zxMCjt30U&F6b?zJuOVw)cj6{Cse~y;?TlpI#E5b{3lkJQwvVep znd1dv&g)07^hju*{G2Q^*^f=aMSuwItgTBIa?*a{+Fgf$QV=Mom4f+(&r_V@){6&N*o?CDk)vjm8fcO}sb|5=y* zGjpO9>ul_&-@;HwGty#XZI}Rs8s%bbAiez<)paBca^3n8q=j1;KMw(q21idW(CB(3 z`ug=zJHSQrEuOFhEDkGsGSU}oyn&nO`~-~R);E4usm4~;A5!MHfX?OT_W1*NMkbP! zuFebLmlnkawL^f~^0~bM=$h}S;hxY7iq)M0)&ZkA-_#z_W7aG+soq;CYTk%*Im<_z z3McW5UG&=v<-$_l9b3$L3z?#qpdx2o;@T`=OJe9}>{UIqbSph^wMq$W^)l`NQbapn znQCej2u2Es11^ZU8{l*lkub0)_2ST=R(}ebp5ak7WmzO=0K%P>km>Ta8$h?!2Lztk z`)h3*&z=pX3KTfqDg;|TAg-}RVsF022NH{g&^SpBWdSh$V2My$v(zAu1mDFJwROPLcneojIo z3Qxv1_A$>sM!>GS1S;fv+m4fhn+0H21ZLC4s>d;+isbqo8becz`$D;7gB_?msZ`r? zugB2a6NTmgVe(AKlD2D#*j2uYyk$L?C7=OkO;RRaWXg9f+4m)n4bR|%9cGXTJ07lFj^N``VIHUho9 zy?h_iNyz!IyDaKoS&O@T>K*+IUR#%;2Vrsg=oDkU>A@uWTFjEqV;fbV_ z6>1eU+`QIT=H$I#R_5%cJk_mt$=4eB92|cF)Ggv2adw!Pph1(Dv)5Bm-`$#&m-OC5 z60XN$Teim=qdZ0zyTH?11H8iFc`*aj4%?`CK%br>S?T9ieoAaH3lJ9wh@(EEo~N>u zeV-aj22EW71jZTwAlR_$_IxIR*NqSrL?r+1^B)UT1J`|V@M8q?Zg?d-WG_zQnP|_a z93#|DCWfg1RlE6A(`%vjz&ne`;t(V9X1W7h4*)rtA3wS}xNR*$5_BW$AFp^}TV~u` ztdcH-2EObD_1IHD%{&lw(%!S5pFe>4{~14>EVU9Zax=|$awPiCAVt606T59n^)jw9)C7E_uq z_*kP-kS%Kh*k4rJ)&ey4vDfAHWf6es)SW=|7(VN*t8`mo}$ zL?)?>qNpKYQgOI-2NhKN{>qeyrB^YUb}93t*gSBz5hpz$$a$p|o_O~*MHfOgHTPhI zi9C6+Um5{Z{{jedH^WI3a1jX2zBB>zrV9g06L95ebg`a%Z~ZY@ga7K}n3OUg(KK`L z@nT`3wEJ2T7tGs=@(Eh8|Jbwj5-RZGn_AXh;sgfE0^)c^FQf606kNC(1*7ark+hV* zHs#V(J>2c{MV$f2tHyFi?5Xn>S$dgxmNuLE zuXg!rHghc+ZsB5wuFJ73O1tYbOps=J^6Gryh>Wn7T6#}m2uff&X**)yE+8vOmpi`$ zCyC>~{N$Y|Izr8N1@KxHDVs3O8V;;cu?K_87msWeCF8-*!2!p@i3}!tqkam9!{J!% z0^^w&mP~gWKt6Y%7A?`D`9PgZ`w%GxoP z(!f@B?2S_Ly^ZP~cnAqQj&~Hf7X(vE9V;uOumJggywqA~VJf8A|78Uzgh$>y8D!Ce z>YB!1jPm@w3W9kB&@3wnNuZwQT;38RewG$<#{kOoaqLD#E6M1i2s&Ge&QO|0JBCv-y#5w17f*#xm-?( zDJ4+NiO(j8C5AEgj1G{}H&hSI^@feATL-8FEz@=et>{(8`KzHVR~7|c1r-OU*KuDaw&`7(JH0AVX)$7M^jI|u=(6OoVLD-FU zPjTUNRaEoXa{2>5S$b{FtC^ch63H!9Gcnj$48*IE#$EN&H0T6_GUB`!tI1%<3=y6U zl_B5f{i=EM^Sqh@aRH#ZQbzJ#BD|V4=r*F}X*mcdNd1E=WoIm%%z}#d9QAyv-NccwZf@D9I;h zciv}z^3A58`flROtx-}`-+g~Lvn*BITQ}G+g=6AU{x!e~S;W10{UXsMi_QOICB|WJ zlrd)ff+jDuMW&_6g*^Z1^}Vp986pHNDy`{Zx@ES6x`(=zvoYBZ8Sz|RK3|y`O}t)8 zBEk%sW0OSH%#T8C&e=QhJ>ZYDw&1*p$JY&j_hRTLUM3dy2dCD`0cC|8=4>KtNUTfy zhrHs*$Glc9Hh~kQyN5pFWr)<=+QM}-VF(mNpEB6a`p0-N8Xo?PCfQT5LSMM>`N%gDWT|6gZ$n`TTG7Z zt0j|WQu*JyzU7ZS6K*e;$yXI55YzCsxP$EUU>4YVb3l8bov&8Jd$=wl0f+t8$*Wep zJ^7gj!sq*I?)XI&3lH-CvMK9(GPGlUiUM5 z@kGl-6D59^3ne%x_BsL{1WT36+jwy-YpPk#KyCCYjbE?8JvPm6cb4UTUT*de%hG|N zL~;`x$Sd|3u#_7CF9=%@&YdYD;rV{aOFp~_xD6%{W%e>JNZAy;zw2b=Cv{Ke1G)FQ zw6c8em(w$tBA{etFQA}8nhafQQ?*JKnL3NN!U*I^>gDKT3NXt(2o^p?PRd)!o~p4e zTkxTuUAiS!eZE(q%F?gEUIUlUv=`QQ*p#q80hcD*XJ(4X%hKlE zSZ~id|Eu*H*kRU&^U%6j>B9IlaHoDx4qXI1v!0Q+7;#=o$6FJ0r5&x{wSUeI7C1W} z;b;PHhQvN^IjHHafvv#&Ag-&BM4zeY^mZF|q(Qs_)%qe6pDRD);PxUwteL zo~?k)FK*72)id`4h>}HnVpgIeyzyqA@JkhY1@N6E-IXL07GC!+$QqwhPI-zb_;)={ zuO>$jK*C|NEjBOv4o*6LzJiXQ`iXbwW?y+RnK)LnKWBL2<|OfzFf&-42-iKDn1~FK z705)%XthN<0wMyP0ghlE8f_YPvymRKd7^1)&TMl?xMt|`Fc<5Bvsh(VuniFz@?q;y#oC!`CIMRk_4(CYpiZ^8pbJlHOZZI+6X@B+Rkq>R52< z?#Gc7xMez=Uy@J?+^Qt-50@HD)xH+BIzRa;H>ADnR$`tZxWc8}zrYFa_L8oj!(K?) zrYF*@z53t)*mCE9mG+X8cWbn)F(>d~Nn%gta#6}KG?$v&Br`#%!&SiJ)+syVqR6IP z(o@unMyv2RsTFGxEcr|_0mS!+Z7lQf$~D?bg0(nnyhN=b^Yo^%sl59uUn)9Aj@|LP z*20d!%v-Z5pepA_NqP^yU_Hc%v^(ggaG=_yk=hTk|Hd89o(U2io(?bmrsl+a!2|(` zh8>0Lk)hcWrohXzgtIB;qk7pE=h@OLB3+_Ax?RnmVkF9#S(`G}5OM$!F?bB_n?2|x zW&4EweOsr{Wx|>$!P<+)MbTb?SYtN^3rbt{lxjVAiOAMkX*6@8qf0DF4F3_UJc)1Vhjo#fzy6O`2C+1Y)!g9dd) zCREQgxw=5}tGuaVp<;mp^Br>5XtKlOjESOv%_DUxzE&N%WD~ zenzcDqmv`g>)@G-l)KWLz`;FgnM+ePoC2(=JSR(4?T%oIUh`S@W) z55t&bqfxSxUUx!Z!!=&s-U^7vr;0Ln&_{l~4Dis3U^0qC#%v=E>Iw4)YvB!+xS~mw zZKAS>W3>zFZbJ9vB)+XLWYmc)2%LwHdEsF`vU;qq25Y^e1-2ru`16LiK;48WkUEo| z@B2|D@%&hg4SYLP6`8SK3@0qekDU=gzY>R6Ch9Gtz~ZXD*mO7~FpkUD5dY>_79Q2` z{M#*oEIAsvaf@%k0a1A$VSC76c0J=|ByA;Qeu@i6>A-Rhab-)0>x&3IKj7pD_A%4O znUO&-WhMozuidqL$&AYz;l$}Aeev*|SIJnQKMb(x*>y?up=8qD&n-<`;C@6a(Esl6 zTxIo7Yl;u=iBKK2s>`$nM>Q!j@$noM&xSUbreAj@K_ePg^)nu3#8tc}xfNYcTQUIe zs*UghN61}#;Kd^{-&^TuhDT<_*Hz6x_ujw?14Nk7ogiY|3KzxfuMrDl9ROic{Rv>Y z40-mG1}D_94Y1ly#f4AlB24nZh!o*sDo2GO&fW=@q1xka zrDQJ~#YP|B)Hi2~12P8u#Lle@qqS@rTCNRwds0t7bN%yDRQ4l{!Tn-aM;>o)_10n{2R7iZFQbJkm!k61yK1$7YN_$#S;&ya^rDbDL0-jKLxK z79qnh#XOU7t*+rt@hRef$ZPuW`C`t|)MAZFkJ*96BIH2^Zk(;Nb232Yb!26+@u~=P z_<~z7yi|xV-WSQ#yI`#{o?l7+@T|1HoXCnh>d16&^J|rZhvlc!_x)u0^7I`?AMNF( zqJY1V-+jY67B0S~WV|2yB$7m-Vtd6@jXz|=rBbHGL0^#TQr zKf7$W!tF0`izV(THoXs>>6z2)f0Y!i_qr?0BC9&_Be9<`-Rn85NMzeafB9gBIWUi$|U4_I*u5psR+-q$Qu3`vD3U zdUQC>lA3oNV?J6L?dS+(ufi|+ z#Es_$MJLkt1)3hDuV?dW1YG@Of!G1qai#6Ut>+h8+engwMDSgR^W7X9f$ z0WDJm;KkQ0<`4VaUGJy<;tAPV*stY99Y+myV4#iBX@B`ugGj3b;T7rO6qgW)O8;(hm=m+M7=fw3j|yEl%LzO; z8CsvYDy#7QT*HV`xi}UMXihPCA9q7dwmueUJ9XUuIzX@WsaJi7#?LZq;Gejtx?#(e zV6_1%{H;vudhMqt%3ccdGt&0cPXLX3cvi4WX2!hOMGa9*mV31on_Pe1;w3IW+K^O({wDxVTnxr=!i47t7{Umjr*5fya7w4 z-T=qGSR+qiuZL8ULGe(gLJXk2?E=bp`R~E>2t^86pR3++z(ug1I4?^g+Ig+`aTzcB zY)L*kwWze=$H;ek%)`LuT^V}B{8e#2_|laaPP6u2lX}58S3R8e4%mnG z!@PjB^Kxf9?6);IH}h)Y23^b3I^hifjNT%%jX7U`HwDHc?MXxj16oTXnoKR%t)AJN zZJ$B5emymad7)UREHfSSY;^t2bXW6@m_`=rtl@WP&w_7Dp$QQmsxvUU;_T)Y_@WTJ z_;ou*+=@zaLfC)z^GhCQ1qt-b3T^or7k=>+?24Gfgv8*{)+-X3Jqg9T zpB%RcKGC=ANmTo91-TTxF8qv4DQ-GbGswq`Fj_)kua2)LUAz?Xg#kkd#Jt-{{gM*P zylfhqaG?#kj8APwe(uI)dB;RtzUAV7*?+`hC()Owg@1U|_F%s%Fc5ZaR-96WJE zL}UeSv;GKME4?QFx!qe9go-M9FHH8kJ=>T8OmSrfhI5>D2t<*0#tG(T zY;J)25^MT5^(WnDCas zclGaQzYH?30nZ6>T-v2-s&Cj0Koc*=%y;OH2CWd$NnCqHa6Fb6m>^UJMN*wy1BNNF z{EuQlljCWtR2+XQQLOp$YWorfC~e~>GSS4q!g_zf=PJ{PzOEPfqGX|fw}NHkSgm1k+dU`* zBN0&BrT~c8YRS^T->KHcuIodkS6F#LH!oAqDtSwrf_y)#F0}YVu^6F@O7Bx1ONc`# zS();h>-^5`z`*_biL1G_*H zs#%Rs2UR)yxWeg6wubo?l8Bp8$+6yBAi7+9@OPrGM5SPPOqYyF7&w%}iDo;!SJq_f zkIqIoC>`2)X}<fE(^AsDk+5#UW4ePUPbV9S`WSBTWIKd>iAtgLks7Vn zSNZxC2vCRqfC8A_p@gj|ZuM|KMGd*OC2;~iG0lIdq(G72{ zMpohu{f{}vlhJP^tE_zS^mI&8pogqk_<%2_An zSt?lo&U<{#*gklFhtOqV)%P}Nv<)rg(id6>;6ao-b@oXb!4u9=<@@aN=PeEgYMc!d z5ehmX`wgob8}_eSW3B`&ouwf}#2PpfpD{LvBV7JZx#dst<8&x3@#ODW4*FgxhqR^X zdf*P)Y!Jbp5^%GqF;TL$r+*p!IlXvw)-?@|CtAcX^k=UD&%{l;U#_XjmnUr;qF&!M zNYsT6&rmGC>DDqX7wdseW4$`b)xcfj0O|BaS;1SRe9FAW0KG1zT0`@$U|VC1*&@eY z0FVv$@Lrc~>60dqBA}mg=A|66up>~H^3t}F_Y#6f>fJ%-(6WcRG+v?lp}7M){eVky z3*|APp;!+hie}%slb;}A`j8s$t*V5$_o5$aPx1;Fe-U!gZ3^Zwahi4RnE|rs&=8gL z?1P-AX3?LmstrZDi}48VLq4xtS@qM)gSQ4Eouy9YMcH^I>=G?DHUH2i(vlm}l;A~c zSd|^rP%k%_FF6{Qf2wmnrv37M-87n?HE~BYGSnq^ z-;DOjQ&en)A6b&bILr zGAAY{CKi+9qwfN20IADA0w&vd{}p)zuEHxl;Miw@v+_TcBgYRk4LZt^0e2Fiy$}av z%Y)|XF?9G{ZTDlI&jJ&!3Z`?N%UG_Ry^gZ4 zmPRS2eeIGwxRv)MC%URGZRYm#EHAcFmYwh!ayT99hik7Lf16jpH{=p%^#&iZA~Jk? zz%80ld=eB6o+wsnv$101Cht1oh?W}rX5>`1@!;K9*E3c%HDJ0-op3m5Tzg&nhk~10 zJXG7oLlp3BDTmBJi;KCYJg=fnln$c7;}VK~$itBWn{~jLkSK8WIZ1~fEKMYNAgc;N z9lA#X3XPnJ+;920E)>pR;SxM#F=Uc{`DXTL#j>Z@d@{_J4EC$V-?!ksnIA=Rckz8Y zJACZNw%RtH?0Vk24m%vf9Kc+qHI<0T= z)oo+kl=!X8f+KD;{63cedQ)OPg`q zI!zlemk801Ug{tIFfaCI2;gsCL}YPEpZ&@Ew-=y6v=O-xy%D?dY2)*QaH1IebLnm( zB0Zf6bs5th+Mqa0yGG0$ztq*d&gJz&o6)QKO2&Jc!WCfF}NB1{qGyy;prWD(T$4N zF0hKh$%=f1e9|w^B<_qjxBywH?!Z59xynbe4Jy&&-wvSmZ$No~D=7-Z}NGC5Z_&k1;^TnCsx?-$R`!`?ff4XAjuv zR(W9CFC*Gn|E`%vF8-&VHENP9rH@`6fNU6Nq#RA_=HNdXDLh#Df9Oqe2ta-{dP2n~W4^=uz zwf9P+Zq0O|tyN(RN#g0~W;M|f4Z?h`#~^>(xPpqAyQVSL$VNw6O4>@@k8fPTq<&ss zss^FW1+v!@xI`pGwe$PiW*b3~-3mj*u`&B^7v>~?W|H;`uh;*q`z|)Z7FdnwHbUpm zNqK1=DnK#cU?)!yFt(IIzk}|nJ*D5fF3KHNyD+36S61pBt6M@Y_tmZFr^;2$wQ(1Y z?BA6w`nF@C z?)lLpI(%mp5z9{KpMzoq447+|nKiN9oiR2kRxDhwe?{VFlStfnq z+6*}xDYhKs%%ENO-=_fgYwTYVqSm*S? z^7OlP1Wr%n(Abls(ebsCnJ!s-b@k-tg4KG~ilgvp8_#`(N&kbZk|~@>AA8tCv5uhl z(HRAt1qC;Pn3xAuJQWR`pKtR0chFJvRC|y4#Wi$I1dG?o-+FBJf!a=qii{;~7){oD ztk@@UhZla7K;=UFY%B_3@T!mdn%}GaT`m-Of+UsM`XrCk~ znjimWb)*kc(sd=gd#y|TcQ1PAS=b~7E3;==GD5y_o7Bv3S*H%di!66lOBtDnJ=Uhm z9n=PEG}is>)J#$#gt{T05+K4ShVS%h2Wz|qaCK{h8<5zlIfLa3g1ZiL2<@s@p6-!c zS@t^XPir;y%V1P_$mwM3?wQ-x>c!Os7wFn1v^liL|BT~hv9E~lqV7rI8!5-HgSx2b z8Ux{xZ%q_cxIe6GU>QmD_F6aZ4A3sDcAhtfuybgJsrZ!kpuMGgoI=G=ZC9Sp^m0Pa zbo5Vfs^9ezTKCUSU1yHY@4n{`(`zlF-DjtJa8*8nq?6J-YK*0&%oz1OYh}#YkfpxqhHcJi=i0$?Z`VuxF7}>jyX|Scw#wTbYcn%4qB!1k z?pvIV5KaXX|HkFK!^y{IlXmUz8gqHplYin_>G}5{=eR@DbcNe+uj@nH2}_MCmYu~< zI`+`V8QBjWTj*=Qou5M5@$v#Aq>8MQLP}KrkVHo|528JL%p*5!>i{)xK$puqs4a12 zySdY==4XY)W-3Fw_QYK3ol|LRH|CkmcK!Blall@1SM&8rn%QyZlW#)x85J8`B7)(D z1hK&E<-ku6*?l;yFl(|Zz#LaMK{oW7ehPuIEZL17{}S9=UQBJ><=wljTl1q0%KuLH zp8gBUb1R=daNyAC;8vRRql_5^w#{zZTD%-`?p3H+)GuP?J zLqR*;yq_Ns)ttw_#r+U9CGwZrFjEzWo$27y?!OMPcZOC=MhgO1>hq=vrxtVIK zk89NsyMplZela$Q#X|k@A4ky+3Z^*_0_%6Vc5Gs^j5{XvF#By?Rgppc$r3ZFP^6=e zV=1?;;8;V}>yE7nTl3K0cx-J`23d)z-`C=fYse$!?VAzF?Q#Q9``QzOcQo^}bCt?( zmj3x*seunxE?m&&SJzHGpODWDr=8Q=$59ASm|wG~x}v%L`S1QkN6&s^@}s84VZjq~ zyo3txW^R+}F(LUAgJJTLotyfVk}2B=gZV`9-DpCE@VDyfZRp1(_Y7(p1bYo3TI{^l z4JSYJrh@TDaBD|7n`;p7T{$ zLL@0GPCmID-9b9hbM8_Ue)!p2S8=3UbeLk_m|MD#Wvh5c?*`UOq;RK5-6H(&Q`&3_ z=<|aLyB?{TJdAA>t-e$&L)bf6(cnZFAkFhA!*IO$8;g0%}J63J%e*`f=vGu(J%#>qH79h)vXX>25y^V?vr_->e;kxRjG?fg+X z@<1G$mGvFj>mqYT>lS-LudvDAVQ9p_t8FhsQ@@{6FClIVZC1jhRgYuYi3YX0e*7x3 zr1-;Rpq_czT}`?D5)+Zh^<$OID}MdmvA~$=$`R3~`hyNxlk`jI5I*E_^70b-=+v#2 zZ6irj@w){&~E%pKRsz?M*p?!uX%gs;bB<8w~`vj##96v@<|ko<;U_h-Z6_tF+bl57JZ%f@oN&SV;&_!EeQ_AAL{ZX7!_%ofTf+|h z({zjai28(kT2)bVr@Hc`J4qH&}Nv;vt9hH)V>~?Wopd&>b z`QKRxGYYh z^%UNz>D%J2mTu&pee#Z;M(7cID9!|dNbT6kWfLq`Z46HK9ina2RQM~jb@F@!{)foF z^h-HT8-;)BY+ zyL5WcZdPvgS)KVA)Tn0vwb<-Gg}FEmh)$`ms<8Q;E;Q|CyjSd)(KgDpqvL^Tvx>h{ zcC-F9UHX%js5gYC$&T8{M1#_bf`xeohm_!$gc4!M@=aJW^PUS(WI9*}mi56nW|KJ6 zza4Xpy9565sd+6_JLK<&nneSmd*rOFMt?IPkbFHbIQhWyi~D|hbHCS~r-V1mwnZ;$ zJWXGFji?A1IBCLFGa8JN_VKQ>72F9qB-~B@23kUU9GpEgIFLV+H0>7$Cg=_fI2C!p z7Rvwr72t*55%9-I!4iiKg~{wCkjGM2$v`r9MGd{IdhN zz%?UoZDx=prV79fQl4fQ>^ILFjf+j26v&^JoRjuK6TT0a4bMt?{hoH!*sG9;-B^u@ z5$VY5ZN{7Ktht%bm}w0rOHSN2!A5lt3+ezzh zGu2X)T<`4d^~}^7nx0nfg|0i!Wr<5`-mpTPbDR^Ht3xwO{q#?1t&VEnH-=$8Y&aJG zQ%$R?61~tguR2QxTBH_NnObE=G>?buq&Dg4w~jO<_likH;}&<7%r&;W_;gCE1kz!v zYUGEJ^xQYKEn6y+JqO_!qurrl?{5*r7r8|-`jrz3MzB_HTE?%SodtgDFGknj^=fy* zg#0b6FZcGC&~71Z z9a>U>Ko=aI>PN9|A*q;SYK_}kjN9sUCSn*Dluc>praHd8W?tUAp0ay9{edTLdilAp zS<>1yEQ&a*Vxn>wA8vsfdw^@yOyL9I28TX?M7ODDikp}wTP!V%*_EUo*D%{2F%d*h z!boSD$gOqr58N&#I#in>;e+YODNZTTZexR7}=>-%bju;LpB$l>RGJT=)VNSqC zTt`~J&1cXEA`tFT4$rCr8jqOA-+kGfEo9}ey8NhP| zZ|>F(#{PIS{Nqh2WOrzbY@@s)HNK|508iN+IQL=UZ-%xkXfmzQd*Y%)=|=Tdc16cN zuoy3=XaW5_`kAiE+iyI7iLcme&091!%d*;y+kO~?Nf;!hKNR}&#Yel=h04yw!P?F= z*ttq*mU(1(xn;6Qk-dl>Jkeip2U#N4IV8DnW*1MB+31lvsBbx0`Q~xTY3#ZuzXAH& z8jg3_Cyh}wdrl}xMP$z5oAXtk$rAtF_itYhH4e8QW^*`c=((?s%J3zHQq--uzr z9o007blZZJc|{cazpcQrJ64a$Q1*Vm=?(J!KoL3ELm4X+$^(GQi=U=Uw1* za?VVl5w>9_``w~-q}?ghc96%Ejb)+bl2gPBPL_T{UWHvTe1LvbOnl~3CC?_{A(g(4 z9M|EgE=F3_UBzxQ?vZ|1FDQ@{KOt`{H#Y5v-m)*b9E=VlW*mj@Wr@%GKt1Z#RO-iv z>P){4Tj)rh3R6A(n#iZTqb6Aj|xCg2*u? z|BJ|f-g)H@N}t^v%{8&M1w$ay*}TSMVpU|;7-iY=eIAbGvC_D-2mka?-{xbx=*QgF)4d0DISvzjN^*dR@E7 zn%gdQFimuP&3~DYg5W6g!>n-kjF#5DV$j{_B3|r#sUsaw@My)vd>Zo}sqW1S*6pW4 z!#`?wEUtOBEkKUNLcgtN#l8d_6)$sG>(<(dBbEB4Dv5(@UT=Qs_Lv>0KyN*uL0Z;V zvB^zxcT(7F1UvlMt^F9?NSExs^v>57t|_clVT*W}{$-{wwg@DiMxe*tm^L@s!_;eU z&fYZ$rc57h4)wb}EAhWHuY*Rj{s2z=gq?ibfg5{R#tbiV=UdF~X`8^C9|294gFZ9H ztg%~BzhK>A`hOdciKIZsA*sQ7`rrr!*-C5}GzH0Q>lWbfY zQr&Yer`qzUy<~c4VaIH54iSs4=C-y(`qNA;+S`r!HqDg}({8&MLK^MuTZ~Y;GUQ1_)F%Xvvy4<4)e1P z=~^=meN1HHwa@(@`OGqO#(_oVz0{LG1cg^A2 zuyx+Tw}Yk7wCG-R3wtaI+r(Mvm zE515!SA3V^wqWD5f84KHOV3)EnBd>~)xb(KE|A#HMUORoy2fL5P%AS#+L6wDcZ$gA zRO)nzcNe~6X9y~I^(%a`v{0|-NS~hkl{}a&D`~5yCYG6~T*zP9=jb(LTWH4^7;{lU zD7t;^LrgDNuC-%~DY%PJ5V<3|$%X~~D)YHJf3Li2AzeKQ^v)8aLBV^9z1$3eE^sRQP@URVX@^+{kLF2vGt~4lr5- zk7RtPq}*%t*XE%5PTap!f7y*d5myY(+IHBFtZsR%eLeJ$5v=02vjV{8L*;Sf`6*p< zWfGNF@pQgXqbGscA@pP9v-Q$IKK3_}7WwGZV&w#ixl)PK{Sp zYrFQ_{{0UP=p7s_r+kwqz@^-no#e{~^nc@jjUayU`v%0Egd%h~08`j}LN z)P=68d-G98+AM4&v$;;84$9E`17PuQsj4H;CffAzhd78zr?g~Rb0(os{JqbTHa{%4uhEye%Mb zCN$7M$tR>eJ<(=lgb#FjtsRINUnVaE&5FLg;KrTqByERc8T=-#n2ZVKH>BAExBD2V zdu83Fo-ljSeRFVu$jKrV?S zPCE_Eb6go6p!R&o2R@|PE#_-;4LwiN_e3l5Vkt>7wcG)Iegv>WQj&!6sH1w5WCl*#~te&T&E9C4IC+a<*cqlw$q@gjI=9n znFy0MSBLM3Pxh?ksIE+UtV}1hF?~46o4>}xnR@g@-3ZBO7G)&JRh`pT^~%kid3AFP z@Hh?sy&>cqedSGh2K3Ii;6fVG>9)dxN?#{vATKM{na%P#$ohb4zOfR#LkP$qRS&xr zZV-1pd~3K+O$MY=;YWF9C`ie{o;4`VsGU9EpmZY;wY&CtzXRq92_4ifzAhQ zrK;3;rTypTsNdDj_08x8y&h?y>PUuxK3KXBPfaoMH=+rIU5ucg+YNpp(z~3Zqu+Ie zr>kv~=*3ynG^JofLzGNq!jj&D4^e5)u^n8qbPf8K5hWtSXLdWXItr| z$r^p&$1ZjF)&jnTdQhhA(+W6Nja_f6GrM-GqeVD_5hkia{Zs45SRV9+KHa+a_}zTg zT}^UDh!M$=kY3TJqseFb7Vlg#8Vrg~Z=TZ`x%U$~5_13kYJId5H z6fdarmfBd@akpr65M`m+w?CRaqIKRJt-tP6Hr=YBx#-583wp z^Xltc)trflvDYkm(Cq~jqmX!0n|zjKliAh=ohZ->DW-rmaZDpLo<~mv&)Qix7Auo5 zCjmF17Bc^;$`<(V2=-dd@^eOLT-25A{n$8vp17OQsw8&@@3`2Vv@`$et2jG1>u+Zz zg0c6F`J1{!I8&puyR*7YTj|b9s(v^U)3)zW34=?gfWb)+p%n7(R?oBzmk&%``LfBJ zlZ?k0tDDzvo3U!R@kk@D*SHkKsz7lz``f`(-|zfN!A%deG$GDgQkUHs7pk#PE6b)h zB9Ob}#bpXPVOXM`7BI!26A!fP-1a_n3%-alXEUNbvCn4myYQ4}JeQovav+!qdlTZ@ zwmEhWBef2*y0K+=tTL9AhErV2NHAmT0qO)j>}@ ztTKtyan+#q@QdrpnB1JX7rCxToz&sUto!0hebKK-#^?q>OcckNW#O3`tme35c)jL47G>%Y8}LN8wIyT*&j=^3bRD8&=CVs29Yq@YsaA z?1_GK;9wDhc%5a z#k8;Jc6vJ67UI-0s!F_JwS*#HF=BQbe^O%hBR@)ab=l9*>G-P>=#t zQ6IBS0Sj5T(}`3#9{#e^v$^#iC4g?deQC3mQfhnMO`hL^fOLi24#h#myB_(e;+#1F zXM_*Qih4^nS$tV@+IM?u%7X6;Le|!Rihkoj(rFz_;wLAl;*%G>AFA6{meLTc%AF>_g5Uj!%mLpz*0wzN4k2yEN@(k{v0F2NnT2LnQH)CtCVAEKZx*)P|yKw zeG0EC9c*P~iT|**NxmuWDLPF5LdxVTtPG(q^{&zwFVj3B*3&qH+M}?r1Q^Jz9H&h0 ze!4lj?%k_Etf)1;@6f4i#~MlmGo!z}=||Qp2kCxj>=RKBeT#%o$TyLA$B@wG{h7BJ zrZ-aXcJ;D2Y$~?7T#Z~fd}WOTTpr4v9a}%G;eyE zTEkRFewj~uc1$jUo8vgq?RD3gi-PRv-FBFhJj;JcK@jHYMQeod=U+XNRZofcp^(6-JBZ!YujkOoQ<;dJKMwd>cd2G~Z;R$C z>7MF$GOy_}4OVWZMP+enTWsLYpts$UQ0C_pa(9@FHTkN9~UH_VqDqIQiawVbeFm6@;F(Qfg;|7Vx_X=CU}+6 z4!YOBoWCa1MpBz_`2_T-DC?XxgKaY@#By)^$m~N0)8j4bdYdXXWdkw2-^p+O){OER zrFcS2gQff;odl^Yy(~z1RON8@nZ;jA1xk+F$>iVM=8iXi&ry@%Z=DY$#C~jmc{EY5clYZK^&SiLY0E?^V%;7m|{y14WIuTZKW}s5E5$7GTk@JXJ zDzI?~`sB$J`jr&Ew(WPCu5bhIHAl3!oXvT2ic(H!Sx>G-#?=Iys}xoWEBlp^7RhtJ zj~0&bHLpiM|NSe|&80dn$L%=lpHN_8c666KJ}NH%VVJtuL^nVsP(*cwDx!1Of;Uva z4uX|a1;==tt*#z0$w{zDQSXbpMw{J-!e_#i78i9auI824$mM>TQSTq^A^Fxp@2XVj z;7@h1QG|>sV_BvxH<$|^z255@{rZrAxj>>r)+(9!(vJu=bS7R$+#8+rF&Aq2{J5ab z)w-?p;!>gX^o9C0g(tE*oE@_RIY=odPyl2Q`hG@uOdS6BYm(ynQpwH2(J?6RLaMpv z=%CK9jTg2-F3otLZZxRcYr9{yT7$&%dnr7VanR~+}rV^^8W+3FL$ zZ6py9k6VTT0lM_G)XItj(s~>0sA}x28MgD8%YL{)+iXq+g zBpEQM?G)d-n4F_w@`|n+g}ZH zaxUpU#ca|1Y77>1th#ad?Rih)bvN(K4nXt(Tfgwe;BNHGq-cZFBgH5tVXlsXS20i- z)f0@b>N?pRas9kNft2C9yT_^)@n_#>>40PBy9&t=H)q7b$84_uRsfJF>3j4@hm&Y; zg&*E;yQez6^;%r2l1(>?}Hx~IL8n)YVORn(x0y2};A|Fj_6goG!rMjR&>a>q1H zQ!SvxpE+sJ#$*+6Mk*TGSJwllM1F=;gj(5k3O}1%tQK)Zg}V~IK7FyTsbTlus|Q>I zZcY(N4DW|oJh}ygyJJXQb*JS0hJ?+`)dFFjONq*_{}W?ZS!&(eCXH7BCS53iytPfSIkZw>5eZX)1E1hX3 z;63dn;#kVLTs5HBtX6fD)LZBM8LV4BhS0dFsdm})GC{=Ki*HlZ^{(BUH#A&^=LTD7 z$oMNPkQ|qf4iHDoFmq0 z-;%M^tm?zR-s=WZRZmfR-<><;8XWClVA0;_M^7CE5R$!}>xSJ-L0{${_j@bFy-DU883yLoXaX3F23~_w*pt z7N{{a%KmdF6k;oMca&V>5|CC?ek=NZF!e1mRh@U7pnnMfnar5W^~sk7#v0f6mH|mA1W~Zp)Zg%V&4;;J}|{9s|u;=<32~fVYQWNV-tGocT5T#@l;ogSKIre=#Y8Q&$4>h}N?Y$dTOD|&)M>QvuvVtv1IBJttVD;i#W2itFL_J96;J3#8v;m9(3_(Cr- zeeOhLWK&;*}yIBskfuv?c0j+I$>QM3c-*b&pboTPa%0b5sk(G|%_K$6hbj-=?+bLhZk(@*9 z|JHwYu#5%s4^cRX1-t(A0q^^OL%t2^+afEQ)t%~qv3X}*21r%S78I=~6S*c4^;cUf4f*e2kinUO z0_n+lFQeX3A=S&`Hb89!>kJ`N!?~S^YVGeaExp~hd{@$yZ7b`K)P0AJddIYJ;b&ZF z?#Y?YuBtg%<|on!SBfbCZB+E8h1H6rF6f1lTh1-NtOWA%+dubG+VLfrNa)!HtLGR} zl6&H}Zs@;-8J18tMyhmmNeo_M1)M~3zbH=}E8!%NjSr$d1yzErYZBRBG8bu1o-cB+ z-!8UyzHVrO-{CryHN}WpVng*gVA=v&K#(CFMy~*xU%QkM!z0vJ_KrN5^Nb-3k z(wNgx`th%(B%`DUD7tl?Rnrd4?GbVlTVC-(pVY2`VeXAe2${tMjd}|a2mbB4%x@EQ z+Ab=9D>immX(p-Row_lPoTui2WlzQH(zYCgO2|$ z!sEb8WQ~(SU7>>$0Z)cJz?&wLkkMDiZvo0js8gCP$OUq@8XjrjIZQSz?aI-Cd!W?P zwwFEPtd>vf-I}X*Azu+2DIV_v;WNBrEE0b9)LZhP;P(qjJRGeY%PWoR1u(UuOsRuc zRc9}?-%Eg6e?kmb!~q2kWYZNJtDY2o>CjcPJL2$G{=KdcEBfsbA&EcQlt|rm) zGKGJ|wbp-w?siuf5r^^9L}x0BB+#PvlV=ee;U{c8}tN;LUC$w4kynq7Q z*>olJd(zF~0=fx;w_n9&j^kWry3s;3@gm1Y$qpj zC%h=+@SvKy*?Zuh&{|yq>mu399kSd(D|@=FW2Q%1)du?8$g&`Zdk(}e0s>3guK(=) zli96ud$6j9*jldU_QfDrEO)!;et1g!NSX1{9)mlMgN`D`+L|da^rTn3E*>@%S73hk zyzI9{S@z=L5mo}UJH(2aaQ#h>FR-(xiy#%Pkn6AR;3tY0IC@Bg5GIbP67D_J?@l5W#SO(E_b{DwIjMcoj*+r zMC_O-h1COF>! z$Ef{!d;CT{J!VJAv0@ZWQax4p4R5A~!q992!a0#QW}k^Cl?s=LJcJwdb zJjsRshB;K%Cve(T_1$2E&Ccpl(uWaaiq@gtP)C85G-a7D?*un&OUa*o_L`7 zbi@_;d3-^Z$UP${F?~JiUCWQrqD-2m6V9MfsX3FbTIg16Mrwt(KxD>lDI@A8CQ_4J zX+0jq*gTimVZ3H+BL#FRMQaqFVX3im3nCj@PKvqJZRZ}7i89Y$^34=*!y1aZ(H3>C zo9g!vnM@13%?Inw@|u48$=|tqUl5Z}sGSIO7Wp;HeAh3No;+yoo8o(M^rKvO>3o;2n zsCXwLlh?jf!8(Gcz6dZ!uE$^E*C%lGY%-Wz0;9!(V$po3qRkuE$s_7{vw1};{bpq% z;y4*h#W+wl-Tc;Sf$~y^?6h70f4V5%kfKG?mQdnNtr#e@J1E!`u~PWk{>Je9fMV&c z7<{zZ;gO~NXIt6-NtrwSx!4gmq2yU|VW>AbY3s4Dszm9?5Y&xtOrA+zyLZ(}p`ABt zP;GW*%M7TfjrMptGkQAzQ&97KZiO4$^dv_FjPxb*TDRVHI&snk^=tY^ihD0+(Vbx! zds%Ar1Kg+Pem5v;z0qRxYadOuSwa{;{7Ukl$3bU1QTI7f!|*Dpz1zLM6BCZKayRE* zQss~@kR%*VzK4y2;z9K)=a5k(f*MnXWu1ohz30*iVXi`(<0jRVSeZcp2P* zKlcKBv2m~y1wJn(*ua9a-(E7=ny{7_5rwF616l9w^9GD40A1eOdyC_9i&Y@yWDhvq zJ4RI0&CWJ7R`DI#{5%)oM)IU*3O9#;PvplRhf23re%d{2zxhu9O}|rxR5Dy}P-;N{ zO#y-B4J%B$H|>Tj4yJ7vC9M(}P#Sf{vxA|7cAnXBJ^e^RW$cT=TYEicEt!LtgK z?SsK{YOzWl;Nygqp%pab;VE#i)lEVE%Zl2IxJ#GLX86V>fBd)0o7zK`_D+Gm9h!;y z>j7WX1}ZzMTB7;1S(aYVKfk4PXoYCB*I)e?x$uyO_W8IB{`_Ruos}+Z5k$Mg3n)*o zdiW7H!)p#KAKBM%EPJD*1>7t}L|qq!#)hP8fsGvFz=nwXMUTc_x>js1V>_h(c9O`_ zJI8Lk2CO*v1zJ9Or!~I)m)DkCT#*tqqrj|nqz5B9%+w0whP%Pgv}=$%xe@E{Wlxs1 zD@8nFK_PaIL6qrQ2+vvauwZ+8bsi`M34Z<+b&j3q?yuqz&kpXtXWM_fWxI)3H{Yt6 zrHoCDCpwvNDG3kBFati7HZ~xnmV99PdArI z|F?r6m8SgWiEZTVbVvzFw6U0aUfc$^I9do3&j&=++Sxx@1>gl`7VxHwQ6+bM2m;sp zoR4`PTt7OhQ!jEkT``Tyz{s2Oa8ioB4Wv6cK7VP)+wa~dUU~ZAVkCs8Al%vJZqtp! z0*L*UTa|5fr=kq}9o#<@wR~!`Dxj-cN8F(mdj9hSQ?u4lJ#Faq+?yl|XrLy#1pGZc zrCg<}EG@gM;V>~a{;7BB<(0#HafChU%@is9#INFRp^J|Y(6Qh&MN|>)PHnN)XZes< zoV#^c=SIvJn6i#x+#4st^%7@*urrL zy>B6r<)A$N$$|U5z{RuBC--{p2=4k6($@NpVNXZ#lsieNhWR2wMX5gR_lWt+WY(uU zua%NEP3%2o(p=#>&2oaQPjd{75b#AYxPyI;wBYb4h|l`3h%;`ceyaIm0Ph}{HW+jY z>D^#}oaRCKzd&8eQnYStuQu(Se~z`Ydybv_fiJ@nl4xuHp7d<0av+~|H7Rmv64~7% zvrN^>a95_0VK^{iC_wI3W``?h1yL?)#K{PAW-C9Xz5~8^Hxc?BS%S&BaR06UHDF2b z83(iVc#?WmgF(Fv(TAZO0{E6z-Wpviwk?V=4_ZyJdbS=91P`Cv@k;L#&=p46>Zi#u zM$XihpP9j(HVSP?uB>cECM)h2xICX*(o83ljKG(d#p5I_(6&-(+gl^KYvam=qyLeq zNK5BO4Xd~o8oZ2!aW(mMWqBp`oaNc@fR#;mB}0#|8m94$LFDDp(=RGNG_YPAJh2UT_vKLRcx;v8TDHT^PBykMIC@9}#6efRp zccvpuDN}0m&|_ixW+onjwO&`M~C;yLm))8YZ3uHx!GRr^v3I z6uYwSqx#Qn4VzH506snYW9j{y2_xX%X9#(Epnu;)+@0nqJ{9gWF){oHl|D7OW*Qg_ z?cC)X*k%UQ+WVrYkmKZLL#qmY#c{v98%q^^PhvseDHWx)``TuBcSbNX8@&w9Ke#bh z(g6RY{(Q^Enpo_sw{3=Y_59v!$9s1F-*@H^GB~8K+|Q*^Xk$dF}Njs-^6H;jgpZ=xMzO=zM4FQur*mv;4MNw9(WrMrP%v;N4NUsixmmJ?m9Q zEJo!irN)fiqi-uZb2PAH; zEx9OG!&6@37uH;;5 zsm!r6Q>k?MJ{=jH4cJFb#Hn0YQ@(wlj{`Kz+eKKVTq;KtI~HY{_bRnS8t@oNqVVqd zFb^Qb$n>e91%S)4$Rz*wFpiE-2h^qiD9RN4B|giv!SFdN%J`{xo+7t4bpIbLGAyT$ zKJbiK^nw#Y^Zqy^!mCR8l%U$~#m2%ygV**g$xB9=BRvC1)UNC*&pW&C+Tv@L7n!@YU! zQj>?b&cMwsRa{|4@kkcG$vjA0H``dUF|thMU|*6nF7g^S%e%4e#IYO%v~BX@be5cCHK9{ z);@XcRd*`iSLp@F7Fxu!jiK}7*wcW%T&)<^W5~iq2f(lN6z9<~N6hW$a7I|` zByhMle@5Ww;eFk{qr*9s@S}5H^_~CEIj`fgj{^^{`2WA0T5J~99YnVf46=8nR_e*9 z`i?wc&eYG_gciSJy775uh@@X8*`(Am+l3<-KS-pu722dUV)pckjrPoey$lE48(HtX zdDpWhHq#s)&!aEsOiAyfASN@=habRS*#U({S z{Xi`HAP`|`Jh&-8QS?tvi+Ya9XNbKOl4n~?>&VCXbgNIIw+=xEyJ$Y*`*~LYBfnt- zT!az-GXjZLa!fYWy^rt6@cBoAJ4>7J?J-wq1)tIhm={{=B|RAPw5-eulkpN`>-u0$ z*pVBl&|Fxr_MOdJXqjg*VXshqB{GJKGWsRUb)*<;Ii^UccP}@Tx$GU!5i**(KPjj* zGxrYOY&Z>_cbfLZAuJv?eNKSSsej5PNMxV;Wa`dfw_%7|@F;{9_<;~|Tu|DHPgQx>R>2?;`i0?nn##~+Tp)=a zJC^Nr#m&sEe1By|7XLdP*wFi8kD7@P_MEc~3}d9IH{Ix6TaFV+Y@97WuN1hlE~Z;; z$pSueLU-b%?(YaR8yi1T`eiRs=^JZeWUToN=s1~h?;+^ME~0Zjv_(>BxElx{mM!QQ z*wgc(c@Di-l@_bS(9o!WJm^j8grpa{o`3JNG)4E)%?U!XVxP?(N5#oDq?cx0DjqAW z;P^TNXA~Ep-lhWcfFyy>*>JB;%yEj2YFTE8l7uJg7cP2&8a41myo307VFmkiq^u(I zEiw$blhuYET{sOU%%`sjfa0&pPzz3uS^t&_bbnsic*7j+%2J>0*G3g%lw$X+)8@;v zgS}&ZD|A+}-c9&dOxw?L)Y8b-KDlu<0-W0>iz%_^%Tsz1)Yh3ZW$YXv-?$Cn-nta7qFA+7l3nF97-l3ttZ4d$99`0@L z+A^~Qz5Q~sN3{r}Y04#U)h0zUZ;u28QY;PwUUTjzkEV#VQB}D!>?4)ADvL;wmx5QL zZT3eTRsST!d;Wf$fg6(JRN1VQ?-j8Z25Y;XQkWm<466A&B{hu=VC-ZTS+7Xf;YMZ= z{5J=A`ZX|*EYGyNdC{1QODEp4KLa+nJlNZ;c3H-cRu`3Hx420?JxdAv85bunknVYG z=$QTU`&3uRVCJr+sA{<#asIv4UGfWzO&K()9Fg;zAb$TG6?4^K_+RD(qTwLsUhngR6sgFB~UK`MVX9N_&Q!pLINr}uunlu57G7-wCk zQCMk9Jfks1Bf&WT-#rxsMMFo5O~Fn;cO*tghCaKC@?48(UTSEy9Me9TYZK(s=(x3CgxR0|Eqsm8d8$q6p9vn%vAy20 z>P8`VlAx}ueu#M8d(Jk=F2p_?@o(DT(n=AdLgVk<7i4T9h~b^w;EST|Ed{2n4NH+3 z*d}H#XRCo(`A_U=M&bAr+*T7;ZRWzK%IpR+bY#>FQ`V|7tb;Q+k#ch6+*0Ra`k29? zrx(Ev{<{AQFi|XC3)hKE1!Iw<7+hHS9aEjrpIFx9*cakO*?nxJ7!+D~a?+|({Pf_%N2-K3 zjqhj4v-a4(zET|g{a*KTn-DnkzrwC^>;%En6EW& zvw8#2^4%LJT9)0N2O^}zYo{6Lo2gXowk?pTP*8f~)E=`7LBAll5zI%Nd*MA=4r}HM zRflx#RS3eDJiDv!$09~UCcxYF%<&({v(}!X^$G*CjUgfV>=|{fv83<2-v!Uvn%MJ0 z;T3Ug*8Gfmipofme%6Y5d9-t%GuyFao~&mCc-Gh&FUD24#K%_XP6&A0g~;~U2JUL@ z`Hq&8yEm!t5(WpEYCTJx2;Gr+_Za9z&3UEmm6h6WKCnzycD|8P^BBO+E3n8S6|(M% zUK2@hQfCUgF&EAdR|-Tu+kpvhav^!-G<%oIvRYrN0kUmERGBhskZI=iKB`;LTSiUe z#=(`%@psJm3UF7ski*=vfSSrgj|y{qLMQYx|8MmbY$dbl06~TKj{)D+a-?N?cTAmv zXhB>N+NiNd9s_Cisa&|_h+`~5QOOfHBa4^Hvq;aCc-ka$OyitLtA>}+N1BE)cWv6z)#+qX-d0UVl2-D+$BtFJ1g4YR z(O1-^DU>QTc`Mx|!if0IR{U?fFr>!-N~DK0TPjA^}Ks{>;f)mwv9P-(FtmiZdzs-GJxoQ9K+B| zerR}HP>sifVCsci=N)&{4P0kc@9*=fS^M!Q=4-etvsVuYG#-n2_Vx77`M=`|#Kd_; zEJZcms#4`%%?$lEo#aRLQ7yY=_SariO@6pXJ?L=$a!j;-beZT_sJrV*)?^!eeEAeYVpD}U z^?5|vy)vZ2=-_TU&PV71jn}L6_oX^us0)3a56hh2RB@W^N+AQbrSs@m2=s;f#!-BD zuHk=-H~&`yN9wN#9g~dZ1Hh|aTPv?q zQcrQpxLi;?`nO8MUrH4TW*n?r`GcWAcRF^JIsnlRkJ5cCpICNu{)b}x_(!n(>+JK1 z2_N-GfEM@AC52|t+5#u`Q}gTzQ`e2wjw0GpJ;i*F$MN5@g^9K7;m@f6 zFFid!99_z9u38#3K0wrCxsG0ch@tQU1iNa(3>9tfqX4-0i47{py&w4Ne>Xz@-#*pS zHKMf+M$e@jy@OeyG`R;R=ayes2zvbZ@dhvO+^ddaxCN(8@=$wrLPCNAfcEMKAGMXp z8?#pQw=uaHp#u;q(bm`-LF~ZO_nggCQBmc3i_iPq`m)1#czFj(kG`TAuw}!;b+`}q zI766YBLDG403h~n#J8hs%vNk+(OouHTV8_IdhqU+y!;@5L%Mf#t&cet>sX-6Qftd` zE{{GE!eMpMc2&>c&CJb#2MZ0*fb6Ef7HIV~Nsm@A^fBi{KVa21KVDbRbDGnd6oiuk zyV5@S`T15RCMFx_k50%+ege<C8j(Snv*fRneEO9sp z1q7fUdHDEr=S~1^Lqm2mIDodU$)%mgn+et||H*RF-l(Wv7CL&X*_i)tISkPD|NM_@ zlffZyWLgYc8tFe+jSsa72?_CE7KH%jSnv^tH?@x`NRTGFh-^u>0bC108^KA^hvGaW zOW?CzF$M?6v}P3)m$M&d0UrP9hq2|Xf^&ZvT)d(GRzo5;KmYr3{kkDyXC}GRE1qAz zHBOyrwY7cGNUgs$UeudTM*D4@UZ@1TK^uQbTY6M2@km;XXddnuQJs@*$^up<;1rvH z+LsNtDHyrh+S(%^Z7rpwR2x%K(P#T|hDY$W{VN1oD}ohTVHkv@@ul~ut#|pZNRa`* zLa$^ScnYI>&=CGJ?DUwak-GU*P%!X8yb$KRKGR5<>T&?$l9QN}RM+N)thTLN0brW2 z_3)5`9amMrH`m?yP zBr(-TM7}+<*CihSXkcoZzxw-SqY%k=(fxqW@&HeG5R|8?>4XtW4%-9up2kqXGr1o@ zFn{W;)$T1$gdq00?N2vM)JJ?g(*o2VZjuj`G=@rcB! zF5giF-284yNl68*MA?S!!vL)G-V$(8{pi)ed9`zN;*zP`JQP&Euve=P5k*Y09VHZ zP`zV4sw+!uUje9KZSEe>4i?`(132p2^al<+zG)5k+uI}{+pj0rRP!KLy87&C0n8DA~RE|^nyMR@D6U zR_s|0rdPWqbcD_quOW$4USC^V0(hNR;Qk*52;zvXm)l4Fz*`xVfX3|XugEv?cV{mX z%9~&V{h^bk=BOk59vOgGR`qHh*PrC>4|vq%#9SI(W{v}UaDdlNirG6@+{Vm2lyFs>B!AhOLct$R0zP zlA7b_0~iy&)9{!!4qN2Qm2d>m!j_f_3y-Sn9_+9HFnY!u+Y6pbiM8+{VI3(swqwB5 z=^xL|`!TVTc#ZA>Ys5kS_$Xtlu-Ua)Gg0{}ZbJ^Xxh@dmG2sfZ*n zM!nTwM{)%iX`~u|;traBwvl?%e!X&(m6PXq>NXD?w(VLxM|j&WO>au;R4E@nbnimyK^zoN;v=d+A#}{tHyl7!u#Ci5#-8i ziynDmzuxg87J~}P?Z;+Al!de6#_2zBbsOIY;KrgMXlyHh_#XJ)ZTafymUK6&tOng) zh04RzEqQQWC5eU(P5@hAd0+gt#Y3r+0-ZU>a-ry-i~!XEH*J7=JWWHClN5R|u13IFdmxDzHmtTxXo?TD{0yHI2 zps#NKiji45qOj|_VHyvD0$y8B-wrqXT3jQb3NI7vDs3uSoGfoDU$o$1<;e^=ZZ>M{ z$-=5`F$Btnt&6Vo#_OK6AAVyib#d`Y-c||q-Jkei$Zh<$ce^cnpV-uJ*{3L4^vkR~ zc>;pD*?d%tE&8~G|1gh!q|b+MdH1vH65O9X@kx)EMd^K>AV!T1R1bbBIw*tUY$9PISQkp37x;9g`fm1Ae_>H;{ zpIG&?T4g`&eGG!)Skq9r>q($%!{IqwIWOccxFqWUDV_UK2XTEr&>tvluKxE=vrRzE zh_t%IAG3`T_V{R9T!>qJ6q{5d^`nvYbLU9>x3IXci$BWZhEQL~(~7JQuin$Gj6nX? zKK|WXw$IoFjTI@fI1X!GjSr^Z(w5jT7vDpl(}>kJ9(ighE4)Dd>fLx4tk$%ZlefEg zp}^~|ir8n??E`?UTnWt5Lr{61P>?J7O{?j)E4K;dvhZWBfxUfT9Ht@7`w_!eCINbM zP(<(Zp7guYOC_*>9?}0EIkzus0yvslcJ`*c8G)b6d?l$v+K>E8WUrVEI-`hjb)R-l z{@e_Nfd}gLj{oz16QvK}XlX&)(*X~i+!TzQZaXe$z*2$$etd^WR%$9p+J0f(tgnA} zd!s=DR5-7i(`!rP(9YUho9U!&*>#fl53EFhG3yHI1Lng_fJ_XJ5J&mrn@YvvL*mC! zEDuh8Jp`yW#M>9CiQLDI4IyDFZpGP}bLoE1?0iB6WF23t3ZT9{)y{4Oi>u9_Aw^5C z#vn4n9_#84|H`p=5B4Sv!(@#e^5xCn+5If}VHVQ{1d&s-Z6^ICVt7zyv~I@ClYOe< zZE%xzL@19(_$8O>9u?Eibp-L-ZW(6ds2?Vl7o?0<9&6W%Yyo$&PL^0!B^}H_x7cRoUjCu?y!pipnB~Ht000vL8NBH;+H@8J|O*3TK!0 zS^4*oZg#xNqPX&vv6V^Dc(QIpCr{xo;YjiwR-Est=8w^VNb)X&J!9b!6@)(Nfiuwz z;UTg;2uUb?oYgo#!0oAMgJ+e8*q9GBY)v4%jzYOH9wNx%GQDW^g2(35WK^Jnv<_`| zqfVe21D($r7zqt+!Wx!jQ(Vheup*eP@?1Nc+)H)ZTBc2Au5yDANDA9&HZ&W@1qAtD z+zs*1i@429oWVrsAyQdKcQ1{Z{BzIj!?5-6P*5TCGS#5GusUACXC5(%v1^n7gMciI zW?B>x75AeQcTZPoA7E;-Y4V5)jF*O6w7g{%-gDyHP~)lhXbA-H(l&$(Jby3^yQPxj zm+t(%ug8*Em+oed2@gxMIS)%T4h`U0k{E#fwu~&YeNdzxD-~6(A9*sv(QN3@_LJRv z_x&N3HcduZ+;%D0^uyt0n5i*6Dm<(w`?^ZnhtN`M^qc#!Y#`wBkd4i zjnp2?nbhf{7yAs=ZPTxVD2@9JZ?80#5;ybt{_Qu>aZxdGuTi(n1K+6&CY*={!OZ@$ z5)#AnqV17hY){yn5BvcO^tziMmfnStntD3X#+ZLhC&;3$B15=J(#b{jr*I8ZK@DK^=bSf;i zcIkGp;$xeUp{i5B2zC96+p)A)twQ2wR>9|vnrl&jS`@IFmIti9{jXL-{tv9c9etMn zwZ%JpadssDX(8_Bp%|YnjVjGqP#v@Cdo(P0F$;ZbCh8KxX;)AQwrWP-f9}24+k5yT zzC>CIF?o{-`*f%hnr~S|@_0v&NUrFc>l$g)kz7 z1VQ|lvn=aZ^p}*1+Yc_Hs`k$wd!>0lgIyr2Yv=poq{$@D7YU_^9t2%YuThrP`d8tG zN>Na>UJRqCKyx&Jy%GEE<9%iC*|ik-%o|Hk%n~niZxze_c4aj9SE zwNmgPavu8B%<#;NB2O-3n+fV_LA_a)O93|~l+GXy&qvxI;}32f=Q&ofQ{t!PG?%0b zj<-->TCdHb)(@}e`gQZ7ZJr;d?Q2piTjKCWL}acX>Za87Zd;Xu>uJ6Rmmo>QUESbR z!jJ`D8Gf3eInlHH5|8V2ciqEJQj%;Mx_Tz}gSWoKYPGao&Eu-X%!WEsn6>0(QJ=dTsAPty31ZEk1a> zPGP~(fUXFeWa&0NKXwQEVxvEl3lc-FL%v*rBdC#xXKt#vk$?Z|by=Nx{@aSqiq0bd zL3H)vv%Wsf_ig^Ft+VB+5W605s6x=Um5ZLURVi?vq6qY3(haZ7x;qSYUvE9q)nS1N za-Y}E@1&}{$&i3gT6w3f2USzY6h&>OXHOIP=4BD;4aw+RR_>ILVCd-IK$@KdLdsb0 zA@w|zwtv!&e;%YQ;kV~Xpst`o36`u4j?G)b%lEtIFY1EVmu8vsuXSntJ<$^pww9R5 zr8t-J>(Arcm_GD5Qy&!uZg9M=SZ@R}Xd5$eaVmgsaMxpJ@mo&0kVdE=CnDer0^{+b zA4V$28|)FOR98Puzfa|m%+TMqy_?9t^fo*_k5~umYPe37%2Pp~skG4w0q>^?@Bivw zM!ILjy;eil1xON9*qnCwWVD5kNg0A`Oi--FKe0oKPKb6H>LE@DZ(oZw?@nk zt$UA(2*rAF!~I%nLy0sRql3H<`LB#s(Vj{zY(V1$Wt&)*U;SO(BAoWwKXj>qzD|fq zS}~O@&6I!H^gMuA#aPlj{4>WLK+kJD32OWqP?!rn=Y3eRC~r<5=i+8OWg@?jeBm3J zXOO+0>JLADx*UD_*tXM9duSNf$n3Fzf0RdJ=Ql;|2pgaMRXwTA;|vxE@5ri*s5gX- zGLomO<`IG5!lxYsd{Y10-Mkz!3DInr1&PCgdiI_v{Tltmm9?uAupTm0HGyxAt6y%*EdA zWljc#B6jDCX!J~#U9&y-6ro@Di{$IVTd9r#Ta8qn8SdcCSIF(oH)O22(cWS@#&e5I zBtE7n$|T|6v8%S1Fn50TLai_k%svYDsMAH!7>(SZA>qYum3(8AMkExIxm~Ib|Lw$V zUosk3qw(ow<&pQ=u4^VCdF7LOeORVNpiG~YQM*}H`H2_6y|y{RKGASx>R$de%ShCT z3edHrIVl;6_LG&y8&Wq{i|r5SBB3~Tc;nZG9flx5U7H@n6m+G&p1d)VaeC67vJ@Ii z`m@gtA3dF%$bP(XL;Vi6Ed}m0DQKgN^J_~7d(n!dQf9yXsiei>Sot}}r+Z(n3sD<( zm`ZCu5|&K}igtfDpP~}TT1Q=Jd2s7@qw8PFn1Y*=E?j+}a340tIw_1?;a&>NhPazi zw9)Zgce-q4sW43wtG^*rTV%AgG9+_&Tq9$z1pH=Mib&00zmZaR)n;?beA)ZWJR*=R z=xV(e#bBiQHNH4*c$#OUwq-zW*s*km4)d@0N#C&}E`PR3gBt{@()aQ|Py^@;dwk{AZUG|xMTp78AfBPy|5tP09nNOo_Z?N*%jlFUT3W3Rqg-lSrADbz zE_;VqrA36ch*gPFZEdQht=c12VnzrtOO@IqhzMFWBB7L6iT8Bf_w)Ys{_`B~b05cZ z{*~l7&hZ_;@A!N_`JGkH2XhrvtcsAr?*sz-$-ZAN8k-igf4q@kQ3QMEo>jw>6mn#e zMz{?n&8sj!4Gi6@*PIp^K)oP785ChGJT49P*s$jfkKZY>Gbq`?NK4$32wn-cB&IM( z8e4?@Pte{c%$3n#{6dv-b%A@FDnuycEm@-#lXLN=;!PF&UPymUVDQ=y_G~??nM~O! zJh~k;-pA-HjNkFp49Udo)+T1{j;MV>&+a%<_quCfHR)2ZU@PzCfLySE;9HSBY;N{a zZ|?l@6}3t5H_1V8L3O&HP=jcR8^SR-NJbj3{7g4%<; zMPNi+95-E|69-Bk`7SMGi)Sz3jLDWEKU{nX;*Z_xMZbK`Mj`y zIXWR|B2?C|i2Si^J0BvSeXqkpT#ws(QCP*Vf})$A^{HeO7*XK(7bQbuGlTCj?{e;;UMxRnd*7@iey_a#k@(Si`3ww0_zS?<4sc zW=B&y1W-SKQBO8%*m&aCWs;>nw7@S9s#`FUf44nsLCgi5$;x2N6Ydt0qX}z;-FFuW zX3Voi-uvvp;$RuDcJO&{i-`8BT479kgXQ{U*w*i~LBRSkFS(6jX3BE7_k|150hgg% z)jWmwd9TzlY=Rr9q0(dWS&TEtg~6v5eC@DXg?g;tJJ=Ib^Z|-J>6m|&snmVLMPH2^ z+DRn_=?T^@j*#S<_i)S^dQ3{ND_r2Q-wOyOU*NA{$pVusZ_Au=Qxh{MbQ6LwQeT%r zKC{&O=33}gznTkN-yd#x?yHqVi^cy&j+{5pCC2E-i0e)h{e|{^Ix$7x_~;>Ymn}aX zVMf~UB&f#;_6KNEWir*Z!F#hPpYRpSR03w+{dVlAwm@qrd&4nhfA+@d>|7QPL5#JN z#QRFJ18m_xeP>2H)2$3aoO~eSrtlQXSwBh5p9~mBYi3VB9p6p0WxlGfuTm+}F)+XF z`RB-49`G;E`vXdA_2UwR^by?68i`y2ph%p82PK>=3<@I@^dhF{lx)0Ix#hWH6N`$H z8XE_3ML%Y@IOv-i@=j65tXBFjK9GlaM+}o|1 z3RtnGWY3yXpK|e>e|H=kbH$%)NW~pmZS-qFaU?kV5?;e`%eQXcv4PY+pgS^U-4yEf zr~&a(Y9Ym;W?06NV(t08k|lV3tJ*P%pMtZq;W%3x6gh!In7a2%5P z7q}Fnd;X%eVEG_SpZ@v0ksnh+OU8^x^<%isZb3n-O<9@uX_5yt0no@6&KSr;_Aq&5Z=rH`yjcN67Fjc3<%>dr`T z4dac2$Wyns4F%;#FptT*co`Z4Y`|HChZ8U`in%o|-HyKO-CZ!*3xq7TsAQm(KqUvL zkax+ee~d6Q$|%g=Q7wsi6F<4QP-Og_)9;5FG|}&{MKVtycnqiZ@oY&k$?Sp|UKAA@ z!Q%-24K}5EY+NS|j9-sI-<|(RJC)7;$qWs0jBKy!jn2mkst`&^BtkWoIx+ZW$eyF1 zRa-Y_WHu-4a!bn5^Bh(!bD0DZN+THgp2JYL4%aixGjgqJfLq3JBwySdb2gaDJohxA zXQ#;)Tk@KxwTp11NOJ^HJ0BBbkH6`UUTYFl;VDZ#R%j5Xe!OVeHzwao6n-=A`7hF) zl|TPFYahu#KSFuRitfAk8Ep**=QB{k-{`0eo{puD-|_nGr}>Vkbf@w7;Vys9om(um z8A>(6O9UBA-i9vK{G=h{Zk@upZtv09p;2bA;XLZqx*=#u$*1s0t!iX)t61hmo=ZEu zyOcB+d=ufMgTkgbX`&E|INh5*t$s7kIa-%$8EMLO(%*QZsg3O>6QM}yRWu!eE&9AB z^ep-&2cmrAX^2mlT9-(23JA1!5->pjfC_(#MN4sxjc$dd-j;=CvD4^>*xwP>OQ$Nj zbL(q!(^_u!zQ_hFK=lCc6EH2kD!Pq?XBPJ&`Yc}@dlr;M+1^g~c3N@nJO7j0FSDLj zH#Y@K?ETvh!W^13-AQ&-8_(F@6jJ@ZakKPGQ*doo?ylmfCNy?$V_@1kGo@rs)}emP zXpb3%eLQ4~@Z0=|MmEZjeYt$o4K}h9ZNIvCuCT@GGdl8oY*1#o1^1ZMqA83YHA+Cf18Q~ zd#;%?ZV7)=e>$tD%*f6e>hVMkpB3QmvXV-4&<5hrHo@^Zyssu?BJR7lU-xhx?W5rB z#XI7|(b+kUnF$c^@9mN;D}zi8b!~w)|KE-?_O!g@bBFOw9Vdu?&FL`f7NiZAo)$hI zhFIwcK!#Z+nb!NgtXyAMV>&FSn6xxflS;l3@C@;a!fK}=D7Cb%xQbI0hGJzZ?aCjZ zX0hyEZvI8Qp+>-AjX)K%Ou|e9Vityd_kC&K0gghgtT4nJ`QP&IF1T2h<)2vlVQNgc z^jVuKyaZ9-Q~v=TFr5zICVr2m&WP~^K*N6TDH|c%&PSETYISXdVgsD-UDU=125dBS z6Y#Iky=y9FT6#Y&GfFPmuuQ!PW~<9MKC(5Firoo=X|98J9h_OJ7};XU+%u>7FI%-B zwvVLNyWAXoPCn<3KOdMTLd_Ak&&=+{=9Zt7K72ZV1I4JFx9@HXGv%BdzJiWZ<$aI( zd`lEuqU#m%qF(g2Vr8LT=+Xk(ejxalsvuc#y|Mgs!0iF>hp3n0{?7G?eHf+a(T0#G zOX0*68tX0Wn0IO4(qFdtIvyS$+DmLY(iGgEuBNZsr1;tn-HmxYYWe8&&|=Vr+OyU2 zBT|$UHuIkD_y%zx-+Py8jZzzi8lwG14$Qa5mdFV;3Q?YhKJc1Qa;HJEEq+U#<7Q$m z*7H4y$ahTNDTb~wBoLZkI41{CaNqND)Z7ix&B5l>NrGo=hrgKPJh#Vj3f$fA50SwO zfw-^*Ttq|%jPQ>^2bmB`akb<1yK$@_uW{xi`cKnfs)4WaZ2)R&E=c^rdT_2O;aHf4 zL}U}YZ!_SL)Syr|0Qe}qRH5V?kT;yx@BW*~lhu82h5sI=^#A6P zOUOVg9zuT~aBV;@!q5E2Sm^&#&->rwzW;~rdf&jh)K-vq41}unr)?!49=13j#|VS= zez^~TR$rN9y;kNZtP9+ItHIG+a4&{C%&$b4ZwBsk_LGEB03Exk```*W}^8||7zuW&Z#*Dm`zJiL^K>PMPOVC1mVmrUl%SA zPAGw1L}hVYPylnq2F{32-F94tgQAM0|Jovze7stL=g7KpaH6U0`@*Hc`crkkOV`<) zCO7X-q2@jxj=C!=5qKWt8J@+FHQIG3;;O^@)vNn8OcWy+s7M2ZcHi58zj4@58e7+ z10PS>LEpM=>(ELszfl7Xn?$Exmmhi~eYK}Fh~-KfzT8g0>sOV=3J40@FRb2(Xlc#d zBexj*;cz7EE@0o`*J2m)?BBn3NJ-NtKAvG&FF}!iqMNUASTyhzDPy40DeVtU0$$3DHil_L%>^W}p3r^2&-=uc*$<(~trtSYIm666N za!I7jL(d45Rpp$*1+HHGqcF}@Rv<6`vh6+3HzNkdH9JDrQ|Qng;fGgj%MeAQX!D2p z&)bd*R-}RwuZ44md78g|O`LREYt^~$5!GW4aeYuQM-EqHWIJSC!@0o>ymTBYc+Y^8 z)VUJwZJ1&1BccU0#j|rQL#r+k+#u)zkCZo`w8s8fx?!HCz_nu2^@(AoW@aucYzrr` zeX}2;))s``GZ@Lrd{_(x4z!^K<3*$5S9=EET*}VwQ}P%^k@*gI7p`3Knw>|D8mIk1 zg?x87HCqM5pH<9gB@^^8cGjNl?d_Yb0YRIr@Xo(t-Rjym$pD3mA#=?dreF}BO?(ulzNYm z*_4xL#g`RtM!T1GZ;=s9D!7m6z}hC2C%ru<)HK7z1J#%FI-vl%?7~`*0~OwtbKTl& zKFKH4XY3#*kAy-rJ3&iw^vnrkon6ePBmK)nCM)77K<-#Q1(MY62btuL<+RGGD-@mm zg{}QlXodCG$NUWDxKPQO!K6RPKXubw!^?et1X;?m-SwCAa_5N#+_3_1^iyY~mAbGY z=1=Zdu&N82)!B-tq=%u=i5y<))lHsF;DbBi9AW#%7|c@*$3X8c0v>G90Nm@gU$r^9 z+|oLxLPNLrM*efEU+N(xjR_yze)Q%eI%%TGV+3Sk4!G1Gf1D9!|6pZGX?65S`ZXnI zn~yCmn>pX|z!xCs&Tu&M*ha1|$m{P36iy6=8b#6r;-ty*x#1*^Eb&kNJev7?;jOX? z3PoFwF+vjURwgD+0ijmzB|L4n+TJ2t0{b(1md7#-y-Hp#7Wk4EUa<;fI;*a#J9>$+ zYvtE8K_Zc;E5)Dus+#D@-a)(Re}(L{K4aE?bpMe2P@4(!U=e=Wd@r>alDfgv>h_W1#rUrO-Tk)#VjXE~ z=9GI?rV8C;vz&3{!ZWDdLxST8jZ%X*8%v2Eiyn&%ykfYs_EC|487kYU`KXb~CBr9A zlEC0I6PKtz$a^DSH+Q?l?HUSpC;7;vLG)7aGZS61Z`#fu z{t3}^E6ZiI`KUg@aZWMWSoK4iX9vyRl-iX9Gj`@e&^AVhm-#_=v@yaJfOx{7S->}5 zcOMs;eHB|-A=KV(Wn<%%*>|J7;${y{<(s{ImA5&MaD8=O&DAfmHM<&+6X|xiB(#5Z z2E7snR;U~@Uk+E7fj7s;m3mker{TrR#@MQ%?@)#cm&02Z(Z`JO`Xc&QdRs5IL6b%!Y?u)=ER!5X;H(0zNw92odM+_&`3z36wr zyYC_M4jJWs5p=)1%nnAyhpFAbpjP?%x%BOUkWuPY+SJYlVGZ7R7Z zJRFs~+5S*g_OW?r*|fRyUoK9s7IHnmlvKbOYg)S=&d9p^>*1dDH?A@!hW%xdk0b4E zojVin`})e16%K!NMUP?6SLXU&BH()~JI0F`?EAi>M^4=TP3(lMsLoK!P9IiSPbtdT zf99iap;MNsXI=LoSgC>>?>#@25T2TWE+56YsRdlQNfArvIEwogby!W!xK32b`j$)F-S;WuNlxpy2N zDdo_VK^*l)F_{Z$zZPFJSEP6;rfhFJ9m1Eb;F`Y5V2`g@-1l|c5V+=S0F!e?91}xn6O*^#EV-n`1FIDlk41*8k8%2cC?P| za}**lOPZrkG&bg=FWXfxCk$!m2?x7W4P2!I*)hS6%IdND`Od36L$FC+b!Q?{f`j?DFGf-LgFxja6xHhB~;TW63bGXq5{aoKk3ij zdB#vU*K`SN4T}~>Y4JoWH-&3cd@W4+Y(DwqHri7S=Wt)Up-Grszn|%b*-EsWoSomq zkM-X7G-SK*@*EL{+|Tz1CKT@nq*l2Q>I%=Qtz|EcvI26-bl63>6F;U?o)!i~w@^hw9Rg~}Oz4?2~WQi{y zM~rdpB{B4>4<%51AsymIxN!E0{})eFjUKwP#*J?=y>TYBc0VEwe9Y_01*FOfKVRwX z^?#t~XLeZQvNset62Vw z@Q{MSqIlMzWZjO7eoUU};3;~fgZuVuDu1fw5Hly-=HfkSiep2o#z4xOz%q2pcad&U z2d5#JXYySUBu&ZrAYO`JR+w#`2!!)6a6_2T*Q;R_HMQ>g8!Cx0hgL9k}vhUjJ% zxulBz!EmoFR7H5@_|68pE55%(Ddv2CX$o(8QAy2j-d;&={~yrr3dKV{ju;8gk^UMg z*3I=(hY^NWCud@cFIs94OuyfC{K!s&!r48vP7s3mDk{@fdWt3?-%q$w%~Db5c}#vf zIEhnoLt;bVT!-S4iVUoNoFRuem<(eJL1=h=#rAH<^8Z~x;W{r1e&lu1e?UG>Jl$!% zt-N4CdF6MPD9s04p^Fc9^<|W7u-hRTeaa`Xr2qM zE9wO!JSRG4`<1$b`w(%uAaTH_esxr)^I+xd?lx=zy#N>}V}%Wj;|0zwd7GJkCyLvC z=T%UeUghaMd|73p)KS!W27Rd7cb%_(El~+!O0^o$wdk94OJZEFU`;Dt*vY>LU5@ES zluPa4qk1W|o`f4Q4fO2ipZk_b14Q`PSMrqzriUmI?0*n)UM% zx$f6d5>c&>ebX(HKlo`u2*X)bvA9y=vS|8G3yQ0Xa-W|JN8^KFg&KH6xZ`)xRu!6= zC6G*aS{m?;j*J>-F~1PiWfcE%!wkMX;R4JdtBv5o=z5Uq7v9hoEX1JU zOVP-kM?q_;r(en&v#U7dY|eBf&WrZubA)- zVJb5pczj3M(g}P;xLkt6UhoHz+^pGOYitbs8yA$Ku-uH96bil4*NqcwD%#RrIhB7? zrYJFVV-ntN$UKaEAsg!-v^UhQG>5kj5ZHf9IlZDa7m#W8C&mhd(bWO6=darv+b+zY zMW)m+3;w{|L|DzE4)aZ_hJx>{sSrf?(~7!9;Z<-;WE4?!Yr~8GA<4Gl4CY3Slw+nj zwq(@T@y3&jCQWar9+6ieiq(b+VUAR)R8D3c_h@E?wXdMCKyL@TTpY-qMT!P8p&}7Y zjxY^bUg5*XKqH#{phP)qufSxjm(^e65A%Z!aM|j#R3`Elo7oEZ%F*pmHL@rvQ0tXjmVUuDZT3qiPEJV)S_4?;7=^y_t_DJ z2IF&OJ-8xX@fibJ(FHU)H7?@;u&LZnQ8ZRxEeBdS9KH(w7I>P~wbN?Ze&h9vCk1ku zHDB9h`w$xa^QfP~lVxIN&!%&^5cKz-jWDI7r2z$4X_57lSN`#TR1?}CNSJR@ur{aJ zj#oix#Ifg@D#U!`d7JqmS!wC=$w_;=N-vxm+dNO|TQygZ+dQSLs1fSx6}Yd2-O!47 zO3kR8%-DKX!Fz$3S&O4>t`V&NE}0%Ff>QUq>&_D%T&ibdf*fXQJdAyL_da+$yN9<* z`gKXW1`6y!p-^60Dt%DQ4i8%ZO**j1PiTTZ>(}i?OO?d{_y+&sm{*mnri9+ec>nx% zC74dpTuL6~Nfcpf7&~T-V*AX`5zHyxLkexI#7QHdnkN=X!Mj$1uKtZcoP zwH#(tcE6*_wFWPEfr(B5i)l&slg zaPCL6<9jw~{|w;^=h0L`=c2T|nn+p2W}KPKrAuvtgAIvEZ)PDk_Y&^_-Ix#nZx))A z@4hYQEaOatI6G(4)Nu&9upQA8r^fQt?v^sF+Lq$c{zJs_)-!a6(j(jFs@kW*9($C& zhJa}jg5yF^D@epA?v!*W)jv(&*chz?fEs7{j%Dd1@5~6ER>}GB=93H11*UvV@uoZ# zN6&aAB|pS%|7yIuXn}pfcj4JV?;W!Vqf;mPa80nL)M@IWf7OPOv*6S0q;Egox{@4K zWn_8~a0hpO^EGLiTVGjS3Sm9T|H2{;5CX(^`34q+&YWVetnaG>xSYic0A_PWCS|vZ zUk4i3>qRLak{IAii#3muJ3UMlky=n$ke5R>)pH+A@0%#Ypu) zayoNrjvVy$;IgdMn0NsneFMX)*x!ELot@Qcke{~X>drDD+N=JfBAOI5%VM|0eV>x6 zlR^Fm-=XSRh- zxjlJO@$RjF-JLtx;6=RRQ(qbDp$XjP#-Mas2DMcUUFerC1F@{Wk9@?b*$xb6{sCMD z6@8QFQwpTY$|@NtsqRYRbs4obdHF#Z35k(N{wBqnf&I?`5Ze-H;`QE(DO}#-MDDy> zot+hz`rZ0+_o9ZZ`;YngAm>YcKTD-?QLvBXCI4|o5LbJCjTbx$(M zO9#kkic`r;jqC1rTkloujy%SB{Q!D4=Sv#$b3e!NQkC@7)+;GKN$ly$n)2aMfwwjp z0k$R$y<7={3u_$1u>_s#Hm-SBY>B^JOEQyO#;5XShj@UO$+*?{=HgO5>~X90Vxo?HYh&`t?e}FU-d=@b6j%hT)leH6;yZ(Fu3P>#LKNa zxzCh~XZ5D9T`Qk`1H=yIp;rOK=6Y#K$!aa1E}3f;x3)Lnrp^VJ>pj)sd3;ik)LEA0 z?AuyROsP~wb>69N8*8VHfd-QTo!gF|;}OZvmvAV&wpk!9g_z0djH6zYl&%yfEt$GXw0~@HnpH!j zXUrQ;Y2_Hi9c?@ow$&90S|K2J#lNPRC2zES{MaCul=0BRAyIGr#?Xk4q)d+)banM7 zS_jD@9~VM4UjPK<2Lu%^x#s2m)VVE9KyuIO7#A-k{>5=0$$?O$T-2xbuH8)D^Mqp; zp4>QFn|PuQ+k9g2&>YvXbhR$7XuUC$)m1xLKh<$H?@;Ta>GymGu;M`l0*T^3%)`fa zvz@+X*>9uqGS^~=U?%H+_t49q*PXZe;tt2JbctauDm+@r;!k@P^VW+e1S3!^d!X9pm+~0C)K7mpP4RZr$7P_>(JgluPXYn>N zX2G|?E{P2C{Kj>(>4D`1lPz;OixYAH?g{ie!0@8^1X+KE8qc&jbi_pMmzI{C)8TgR ze;z^P4rlYdRJ{dI`LEBsBI<{@!{UJO=#+dv@16M8S%_lT=fiDU;w{e~|7$q1)pp`? znBl8~ZvY{CZ25#qxx^(o(3m}t(SYNHciWKB!3Ry5{}lrvKziW#Pwd`waNYl!^Cf;@ ZX<$%i606VD1s(i;U&rV!R?8{;{{Zi)!~XyP literal 0 HcmV?d00001 diff --git a/dpp-verification/resources/implementation/acr-document-credential.svg b/dpp-verification/resources/implementation/acr-document-credential.svg new file mode 100644 index 000000000..b28409157 --- /dev/null +++ b/dpp-verification/resources/implementation/acr-document-credential.svg @@ -0,0 +1,4 @@ + + + +
Proof and Verification Methods
Metadata
Attribute Certification Record
Verifiable Presentation Document
Certified Snapshot Credential for Attr1 Audited by Company A
Certified Snapshot Credential for Attr2 Audited by Company B
....
submodel: <<Submodel Metadata>>
@id: <<Submodel Id>>
semanticId: <<Semantic Id from Submodel>>
verifiableCredential: <<List of Verifiable Credentials>>
 \ No newline at end of file diff --git a/dpp-verification/resources/implementation/acr-document-credential.svg.license b/dpp-verification/resources/implementation/acr-document-credential.svg.license new file mode 100644 index 000000000..6ae72333e --- /dev/null +++ b/dpp-verification/resources/implementation/acr-document-credential.svg.license @@ -0,0 +1,13 @@ +## NOTICE + +This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). + +- SPDX-License-Identifier: CC-BY-4.0 +- SPDX-FileCopyrightText: 2023, 2024 BMW AG +- SPDX-FileCopyrightText: 2023, 2024 CGI Deutschland B.V. & Co. KG +- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation +- Source URL: https://github.com/eclipse-tractusx/digital-product-pass + +## AUTHORS + +- [Mathias Brunkow Moser](https://github.com/matbmoser) diff --git a/dpp-verification/resources/processes/acr-credential-resume.svg b/dpp-verification/resources/processes/acr-credential-resume.svg new file mode 100644 index 000000000..f2bc27055 --- /dev/null +++ b/dpp-verification/resources/processes/acr-credential-resume.svg @@ -0,0 +1,4 @@ + + + +
List of Certified Snapshot Credentials for different attributes with Proofs
List of Certified Snapshot Credentials for dif...
Proof and Verification Methods
Proof and Verification Methods
Metadata
Metadata
Verifiable Presentation Document
Verifiable Presentation DocumentText is not SVG - cannot display \ No newline at end of file diff --git a/dpp-verification/resources/processes/acr-credential-resume.svg.license b/dpp-verification/resources/processes/acr-credential-resume.svg.license new file mode 100644 index 000000000..6ae72333e --- /dev/null +++ b/dpp-verification/resources/processes/acr-credential-resume.svg.license @@ -0,0 +1,13 @@ +## NOTICE + +This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). + +- SPDX-License-Identifier: CC-BY-4.0 +- SPDX-FileCopyrightText: 2023, 2024 BMW AG +- SPDX-FileCopyrightText: 2023, 2024 CGI Deutschland B.V. & Co. KG +- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation +- Source URL: https://github.com/eclipse-tractusx/digital-product-pass + +## AUTHORS + +- [Mathias Brunkow Moser](https://github.com/matbmoser) diff --git a/dpp-verification/resources/processes/acr-document-credential-resume.svg b/dpp-verification/resources/processes/acr-document-credential-resume.svg new file mode 100644 index 000000000..22048985a --- /dev/null +++ b/dpp-verification/resources/processes/acr-document-credential-resume.svg @@ -0,0 +1,4 @@ + + + +
Proof and Verification Methods
Proof and Verification Methods
Metadata
Metadata
Attribute Certification Record
Verifiable Presentation Document
Attribute Certification Record...
Submodel Metadata
Submodel Metadata
Certified Snapshot Credential for Attr1 Audited by Company A
Certified Snapshot Credential for Attr1 Aud...
Certified Snapshot Credential for Attr2 Audited by Company B
Certified Snapshot Credential for Attr2 Aud...
....
....Text is not SVG - cannot display \ No newline at end of file diff --git a/dpp-verification/resources/processes/acr-document-credential-resume.svg copy.license b/dpp-verification/resources/processes/acr-document-credential-resume.svg copy.license new file mode 100644 index 000000000..6ae72333e --- /dev/null +++ b/dpp-verification/resources/processes/acr-document-credential-resume.svg copy.license @@ -0,0 +1,13 @@ +## NOTICE + +This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). + +- SPDX-License-Identifier: CC-BY-4.0 +- SPDX-FileCopyrightText: 2023, 2024 BMW AG +- SPDX-FileCopyrightText: 2023, 2024 CGI Deutschland B.V. & Co. KG +- SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation +- Source URL: https://github.com/eclipse-tractusx/digital-product-pass + +## AUTHORS + +- [Mathias Brunkow Moser](https://github.com/matbmoser) From 8b5d05ec7a55d2aab5cf6e57587e230bd355f4e2 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 18:56:43 +0200 Subject: [PATCH 37/38] feat: prepared release user changelog --- docs/RELEASE_USER.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/docs/RELEASE_USER.md b/docs/RELEASE_USER.md index 5e731ee64..69651333f 100644 --- a/docs/RELEASE_USER.md +++ b/docs/RELEASE_USER.md @@ -25,6 +25,33 @@ SPDX-License-Identifier: CC-BY-4.0 User friendly relase notes without specific technical details. +**July 25 2024 (Version 4.0.1)** +*25.07.2024* + +### Added + +#### Added Compatibility Matrix + +I have added the compatibility matrix for the Digital Product Pass, in this way the different dependencies can be visualized properly. + +#### Added compatibility to IRS 7.4.0 + +Now the backend is compatible with the latest IRS 7.4.0 helm version. Enabling even faster relationships retrievals. + +### Issues Fixed + +#### Fixed Integration Between EDC 0.7.3 and the backend + +There was a policy definition problem in the backend helm charts that do not allowed the backend to accept the EDC policies. Because of data sovereignty. + +#### Fixed DSP Endpoint Resolution Bug + +There was a bug related to the dsp endpoint resolution, when we received it from the Digital Twin, we were not able to build correctly the dsp endpoint with the provider endpoint. + +#### Fixed Digital Product Pass Verification Typos + +There were some typos in the digital product pass verification add-on. They were fixed in this released. + **July 3 2024 (Version 4.0.0)** *03.07.2024* From a0a8c2084776243034a3cc04e651bb418179b22d Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Wed, 24 Jul 2024 19:04:41 +0200 Subject: [PATCH 38/38] chore: updated verification version to v2.1 --- dpp-verification/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dpp-verification/README.md b/dpp-verification/README.md index af9756034..9cc2dd5c8 100644 --- a/dpp-verification/README.md +++ b/dpp-verification/README.md @@ -24,7 +24,7 @@ SPDX-License-Identifier: CC-BY-4.0
DPP Verificaion Logo

- Version: v2.1 + Version: v2.1 STATUS: RELEASED

A Catena-X Data Certification/Verification Framework

Digital Product Pass Verification Add-on